vskill 0.5.2 → 0.5.4

package/dist/blocklist/blocklist-e2e.test.js

@@ -0,0 +1,346 @@
+// ---------------------------------------------------------------------------
+// E2E integration tests: blocklist blocking with REAL malicious skill data
+//
+// These tests simulate the full chain:
+//   API response (real seed data) -> local cache -> checkBlocklist -> block
+//
+// They use the actual ClawHub malicious skill names, threat types, severities,
+// and reasons from the verified-skill.com seed data to prove that a developer
+// attempting to install a known-malicious skill is:
+//   1. Blocked with the correct threat details
+//   2. Shown the exact reason WHY it's blocked
+//   3. Allowed through with --force but with a prominent warning
+// ---------------------------------------------------------------------------
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+// ---------------------------------------------------------------------------
+// Mocks
+// ---------------------------------------------------------------------------
+const mocks = vi.hoisted(() => ({
+    readFileSync: vi.fn(),
+    writeFileSync: vi.fn(),
+    mkdirSync: vi.fn(),
+    existsSync: vi.fn(),
+}));
+vi.mock("node:fs", () => ({
+    readFileSync: mocks.readFileSync,
+    writeFileSync: mocks.writeFileSync,
+    mkdirSync: mocks.mkdirSync,
+    existsSync: mocks.existsSync,
+}));
+const { checkBlocklist, getCachedBlocklist, syncBlocklist } = await import("./blocklist.js");
+// ---------------------------------------------------------------------------
+// Real seed data — mirrors the actual seed from vskill-platform
+// These are the EXACT entries from blocklist-seed-data.ts
+// ---------------------------------------------------------------------------
+const REAL_SEED_ENTRIES = [
+    // hightower6eu — platform impersonation
+    {
+        skillName: "Clawhub",
+        sourceUrl: "https://github.com/hightower6eu/Clawhub",
+        sourceRegistry: "clawhub",
+        threatType: "platform-impersonation",
+        severity: "critical",
+        reason: "Impersonates the ClawHub/GitHub platform to trick users into running malicious code",
+        evidenceUrls: [
+            "https://snyk.io/blog/toxicskills-mcp-exploit",
+            "https://www.aikido.dev/blog/malicious-mcp-servers",
+        ],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // hightower6eu — credential theft
+    {
+        skillName: "Polymarket Trading Bot",
+        sourceUrl: "https://github.com/hightower6eu/polymarket-trading-bot",
+        sourceRegistry: "clawhub",
+        threatType: "credential-theft",
+        severity: "critical",
+        reason: "Trading bot facade stealing wallet credentials and API keys",
+        evidenceUrls: ["https://snyk.io/blog/toxicskills-mcp-exploit"],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // hightower6eu — auto-updater trojan
+    {
+        skillName: "Skills Auto-Updater",
+        sourceUrl: "https://github.com/hightower6eu/skills-auto-updater",
+        sourceRegistry: "clawhub",
+        threatType: "auto-updater-trojan",
+        severity: "high",
+        reason: "Auto-updater trojan that downloads and executes malicious payloads",
+        evidenceUrls: ["https://snyk.io/blog/toxicskills-mcp-exploit"],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // Aslaep123 — base64 credential exfil
+    {
+        skillName: "polymarket-traiding-bot",
+        sourceUrl: "https://github.com/Aslaep123/polymarket-traiding-bot",
+        sourceRegistry: "clawhub",
+        threatType: "credential-theft",
+        severity: "critical",
+        reason: "Base64-encoded credential exfiltration via hidden HTTP requests",
+        evidenceUrls: [
+            "https://snyk.io/blog/toxicskills-mcp-exploit",
+            "https://www.aikido.dev/blog/malicious-mcp-servers",
+        ],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // aztr0nutzs — prompt injection
+    {
+        skillName: "google-qx4",
+        sourceUrl: "https://github.com/aztr0nutzs/google-qx4",
+        sourceRegistry: "clawhub",
+        threatType: "prompt-injection",
+        severity: "critical",
+        reason: "Prompt injection via fake Google integration skill",
+        evidenceUrls: ["https://www.aikido.dev/blog/malicious-mcp-servers"],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // zaycv — typosquatting
+    {
+        skillName: "clawhud",
+        sourceUrl: "https://github.com/zaycv/clawhud",
+        sourceRegistry: "clawhub",
+        threatType: "typosquatting",
+        severity: "high",
+        reason: "Typosquatting ClawHub (clawhud vs clawhub) to mislead users",
+        evidenceUrls: ["https://www.aikido.dev/blog/malicious-mcp-servers"],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+    // zaycv — typosquatting (homoglyph)
+    {
+        skillName: "cIawhub",
+        sourceUrl: "https://github.com/zaycv/cIawhub",
+        sourceRegistry: "clawhub",
+        threatType: "typosquatting",
+        severity: "high",
+        reason: "Typosquatting ClawHub using uppercase I for lowercase l (cIawhub)",
+        evidenceUrls: ["https://www.aikido.dev/blog/malicious-mcp-servers"],
+        discoveredAt: "2025-12-01T00:00:00.000Z",
+    },
+];
+function makeFreshCache(entries = REAL_SEED_ENTRIES) {
+    return {
+        entries,
+        count: entries.length,
+        lastUpdated: "2026-02-19T00:00:00Z",
+        fetchedAt: new Date().toISOString(), // fresh (within 1 hour)
+        etag: '"seed-data"',
+    };
+}
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+const originalFetch = globalThis.fetch;
+beforeEach(() => {
+    vi.clearAllMocks();
+});
+afterEach(() => {
+    globalThis.fetch = originalFetch;
+    delete process.env.VSKILL_API_URL;
+});
+// ============================================================================
+// 1. Blocking known malicious skills by exact name
+// ============================================================================
+describe("E2E: blocking known malicious skills from ClawHub seed data", () => {
+    beforeEach(() => {
+        // Simulate fresh local cache with real seed data
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(makeFreshCache()));
+    });
+    it("blocks hightower6eu's Clawhub (platform-impersonation, critical)", async () => {
+        const result = await checkBlocklist("Clawhub");
+        expect(result).not.toBeNull();
+        expect(result.skillName).toBe("Clawhub");
+        expect(result.threatType).toBe("platform-impersonation");
+        expect(result.severity).toBe("critical");
+        expect(result.reason).toContain("Impersonates the ClawHub");
+        expect(result.sourceRegistry).toBe("clawhub");
+    });
+    it("blocks hightower6eu's Polymarket Trading Bot (credential-theft, critical)", async () => {
+        const result = await checkBlocklist("Polymarket Trading Bot");
+        expect(result).not.toBeNull();
+        expect(result.skillName).toBe("Polymarket Trading Bot");
+        expect(result.threatType).toBe("credential-theft");
+        expect(result.severity).toBe("critical");
+        expect(result.reason).toContain("wallet credentials");
+    });
+    it("blocks hightower6eu's Skills Auto-Updater (auto-updater-trojan, high)", async () => {
+        const result = await checkBlocklist("Skills Auto-Updater");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("auto-updater-trojan");
+        expect(result.severity).toBe("high");
+        expect(result.reason).toContain("malicious payloads");
+    });
+    it("blocks Aslaep123's polymarket-traiding-bot (credential-theft, critical)", async () => {
+        const result = await checkBlocklist("polymarket-traiding-bot");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("credential-theft");
+        expect(result.severity).toBe("critical");
+        expect(result.reason).toContain("Base64-encoded credential exfiltration");
+        expect(result.evidenceUrls).toContain("https://snyk.io/blog/toxicskills-mcp-exploit");
+    });
+    it("blocks aztr0nutzs's google-qx4 (prompt-injection, critical)", async () => {
+        const result = await checkBlocklist("google-qx4");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("prompt-injection");
+        expect(result.severity).toBe("critical");
+        expect(result.reason).toContain("Prompt injection");
+    });
+    it("blocks zaycv's clawhud typosquatting (typosquatting, high)", async () => {
+        const result = await checkBlocklist("clawhud");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("typosquatting");
+        expect(result.severity).toBe("high");
+        expect(result.reason).toContain("clawhud vs clawhub");
+    });
+    it("blocks zaycv's cIawhub homoglyph attack (typosquatting, high)", async () => {
+        const result = await checkBlocklist("cIawhub");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("typosquatting");
+        expect(result.reason).toContain("uppercase I for lowercase l");
+    });
+    it("allows legitimate skill that is NOT on the blocklist", async () => {
+        const result = await checkBlocklist("my-safe-coding-assistant");
+        expect(result).toBeNull();
+    });
+});
+// ============================================================================
+// 2. API sync produces correct cache from real data
+// ============================================================================
+describe("E2E: API sync with real seed data", () => {
+    it("syncs 22 entries from API and all are searchable", async () => {
+        // Simulate the API returning the full seed data
+        globalThis.fetch = vi.fn().mockResolvedValue({
+            ok: true,
+            headers: { get: (h) => (h === "etag" ? '"v1"' : null) },
+            json: async () => ({
+                entries: REAL_SEED_ENTRIES,
+                count: REAL_SEED_ENTRIES.length,
+                lastUpdated: "2026-02-19T00:00:00Z",
+            }),
+        });
+        mocks.existsSync.mockReturnValue(true);
+        const cache = await syncBlocklist();
+        expect(cache.entries).toHaveLength(REAL_SEED_ENTRIES.length);
+        expect(cache.count).toBe(REAL_SEED_ENTRIES.length);
+        expect(cache.etag).toBe('"v1"');
+        // Verify writeFileSync was called with the cache
+        expect(mocks.writeFileSync).toHaveBeenCalledTimes(1);
+        const writtenData = JSON.parse(mocks.writeFileSync.mock.calls[0][1]);
+        expect(writtenData.entries).toHaveLength(REAL_SEED_ENTRIES.length);
+        // Every entry should have required fields
+        for (const entry of writtenData.entries) {
+            expect(entry.skillName).toBeTruthy();
+            expect(entry.threatType).toBeTruthy();
+            expect(entry.severity).toBeTruthy();
+            expect(entry.reason).toBeTruthy();
+        }
+    });
+    it("cached data allows blocking every seed entry by name", async () => {
+        // Set up fresh cache with all seed data
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(makeFreshCache()));
+        // Check every single seed entry is findable
+        for (const entry of REAL_SEED_ENTRIES) {
+            const result = await checkBlocklist(entry.skillName);
+            expect(result).not.toBeNull();
+            expect(result.skillName).toBe(entry.skillName);
+            expect(result.threatType).toBe(entry.threatType);
+            expect(result.severity).toBe(entry.severity);
+        }
+    });
+});
+// ============================================================================
+// 3. Stale cache refresh with real data
+// ============================================================================
+describe("E2E: stale cache refresh with real seed data", () => {
+    it("refreshes stale cache from API and blocks newly added skills", async () => {
+        // Start with stale cache that has only 2 entries
+        const twoHoursAgo = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+        const staleCache = makeFreshCache(REAL_SEED_ENTRIES.slice(0, 2));
+        staleCache.fetchedAt = twoHoursAgo;
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(staleCache));
+        // API returns full data
+        globalThis.fetch = vi.fn().mockResolvedValue({
+            ok: true,
+            headers: { get: () => null },
+            json: async () => ({
+                entries: REAL_SEED_ENTRIES,
+                count: REAL_SEED_ENTRIES.length,
+                lastUpdated: "2026-02-19T00:00:00Z",
+            }),
+        });
+        // google-qx4 was not in stale cache (only first 2 entries)
+        // but after refresh it should be findable
+        const result = await checkBlocklist("google-qx4");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("prompt-injection");
+        expect(result.severity).toBe("critical");
+    });
+    it("falls back to stale cache when API is down, still blocks known skills", async () => {
+        const twoHoursAgo = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+        const staleCache = makeFreshCache();
+        staleCache.fetchedAt = twoHoursAgo;
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(staleCache));
+        // API is down
+        globalThis.fetch = vi
+            .fn()
+            .mockRejectedValue(new Error("ECONNREFUSED"));
+        // Should still block from stale cache
+        const result = await checkBlocklist("polymarket-traiding-bot");
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe("credential-theft");
+        expect(result.reason).toContain("Base64-encoded");
+    });
+});
+// ============================================================================
+// 4. All 5 threat types are represented and catchable
+// ============================================================================
+describe("E2E: all threat types from ClawHub research are catchable", () => {
+    beforeEach(() => {
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(makeFreshCache()));
+    });
+    const threatTypeCases = [
+        {
+            name: "platform-impersonation (hightower6eu)",
+            skillName: "Clawhub",
+            expectedType: "platform-impersonation",
+            expectedSeverity: "critical",
+        },
+        {
+            name: "credential-theft (Aslaep123)",
+            skillName: "polymarket-traiding-bot",
+            expectedType: "credential-theft",
+            expectedSeverity: "critical",
+        },
+        {
+            name: "auto-updater-trojan (hightower6eu)",
+            skillName: "Skills Auto-Updater",
+            expectedType: "auto-updater-trojan",
+            expectedSeverity: "high",
+        },
+        {
+            name: "prompt-injection (aztr0nutzs)",
+            skillName: "google-qx4",
+            expectedType: "prompt-injection",
+            expectedSeverity: "critical",
+        },
+        {
+            name: "typosquatting (zaycv)",
+            skillName: "clawhud",
+            expectedType: "typosquatting",
+            expectedSeverity: "high",
+        },
+    ];
+    it.each(threatTypeCases)("catches $name: $skillName", async ({ skillName, expectedType, expectedSeverity }) => {
+        const result = await checkBlocklist(skillName);
+        expect(result).not.toBeNull();
+        expect(result.threatType).toBe(expectedType);
+        expect(result.severity).toBe(expectedSeverity);
+        expect(result.reason.length).toBeGreaterThan(10); // has meaningful reason
+        expect(result.evidenceUrls.length).toBeGreaterThan(0); // has evidence
+    });
+});
+//# sourceMappingURL=blocklist-e2e.test.js.map

package/dist/blocklist/blocklist-e2e.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"blocklist-e2e.test.js","sourceRoot":"","sources":["../../src/blocklist/blocklist-e2e.test.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAC9E,2EAA2E;AAC3E,EAAE;AACF,uCAAuC;AACvC,4EAA4E;AAC5E,EAAE;AACF,+EAA+E;AAC/E,8EAA8E;AAC9E,oDAAoD;AACpD,+CAA+C;AAC/C,+CAA+C;AAC/C,iEAAiE;AACjE,8EAA8E;AAE9E,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAGzE,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,KAAK,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;IACrB,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE;IACtB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;IAClB,UAAU,EAAE,EAAE,CAAC,EAAE,EAAE;CACpB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IACxB,YAAY,EAAE,KAAK,CAAC,YAAY;IAChC,aAAa,EAAE,KAAK,CAAC,aAAa;IAClC,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;CAC7B,CAAC,CAAC,CAAC;AAEJ,MAAM,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,GACzD,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;AAEjC,8EAA8E;AAC9E,gEAAgE;AAChE,0DAA0D;AAC1D,8EAA8E;AAE9E,MAAM,iBAAiB,GAAqB;IAC1C,wCAAwC;IACxC;QACE,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,yCAAyC;QACpD,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,wBAAwB;QACpC,QAAQ,EAAE,UAAU;QACpB,MAAM,EACJ,qFAAqF;QACvF,YAAY,EAAE;YACZ,8CAA8C;YAC9C,mDAAmD;SACpD;QACD,YAAY,EAAE,0BAA0B;KACzC;IACD,kCAAkC;IAClC;QACE,SAAS,EAAE,wBAAwB;QACnC,SAAS,EAAE,wDAAwD;QACnE,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,kBAAkB;QAC9B,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,6DAA6D;QACrE,YAAY,EAAE,CAAC,8CAA8C,CAAC;QAC9D,YAAY,EAAE,0BAA0B;KACzC;IACD,qCAAqC;IACrC;QACE,SAAS,EAAE,qBAAqB;QAChC,SAAS,EAAE,qDAAqD;QAChE,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,qBAAqB;QACjC,QAAQ,EAAE,MAAM;QAChB,MAAM,EACJ,oEAAoE;QACtE,YAAY,EAAE,CAAC,8CAA8C,CAAC;QAC9D,YAAY,EAAE,0BAA0B;KACzC;IACD,sCAAsC;IACtC;QACE,SAAS,EAAE,yBAAyB;QACpC,SAAS,EAAE,sDAAsD;QACjE,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,kBAAkB;QAC9B,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,iEAAiE;QACzE,YAAY,EAAE;YACZ,8CAA8C;YAC9C,mDAAmD;SACpD;QACD,YAAY,EAAE,0BAA0B;KACzC;IACD,gCAAgC;IAChC;QACE,SAAS,EAAE,YAAY;QACvB,SAAS,EAAE,0CAA0C;QACrD,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,kBAAkB;QAC9B,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,oDAAoD;QAC5D,YAAY,EAAE,CAAC,mDAAmD,CAAC;QACnE,YAAY,EAAE,0BAA0B;KACzC;IACD,wBAAwB;IACxB;QACE,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,kCAAkC;QAC7C,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,eAAe;QAC3B,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,6DAA6D;QACrE,YAAY,EAAE,CAAC,mDAAmD,CAAC;QACnE,YAAY,EAAE,0BAA0B;KACzC;IACD,oCAAoC;IACpC;QACE,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,kCAAkC;QAC7C,cAAc,EAAE,SAAS;QACzB,UAAU,EAAE,eAAe;QAC3B,QAAQ,EAAE,MAAM;QAChB,MAAM,EACJ,mEAAmE;QACrE,YAAY,EAAE,CAAC,mDAAmD,CAAC;QACnE,YAAY,EAAE,0BAA0B;KACzC;CACF,CAAC;AAEF,SAAS,cAAc,CACrB,UAA4B,iBAAiB;IAE7C,OAAO;QACL,OAAO;QACP,KAAK,EAAE,OAAO,CAAC,MAAM;QACrB,WAAW,EAAE,sBAAsB;QACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,wBAAwB;QAC7D,IAAI,EAAE,aAAa;KACpB,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;AAEvC,UAAU,CAAC,GAAG,EAAE;IACd,EAAE,CAAC,aAAa,EAAE,CAAC;AACrB,CAAC,CAAC,CAAC;AAEH,SAAS,CAAC,GAAG,EAAE;IACb,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;IACjC,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;AACpC,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,mDAAmD;AACnD,+EAA+E;AAE/E,QAAQ,CAAC,6DAA6D,EAAE,GAAG,EAAE;IAC3E,UAAU,CAAC,GAAG,EAAE;QACd,iDAAiD;QACjD,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;QAChF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;QAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC1D,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAO,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,wBAAwB,CAAC,CAAC;QAE9D,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACzD,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,qBAAqB,CAAC,CAAC;QAE3D,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACvD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yEAAyE,EAAE,KAAK,IAAI,EAAE;QACvF,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAE/D,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,wCAAwC,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAO,CAAC,YAAY,CAAC,CAAC,SAAS,CACpC,8CAA8C,CAC/C,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC3E,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAElD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,KAAK,IAAI,EAAE;QAC1E,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;QAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACjD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;QAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACjD,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,0BAA0B,CAAC,CAAC;QAChE,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,oDAAoD;AACpD,+EAA+E;AAE/E,QAAQ,CAAC,mCAAmC,EAAE,GAAG,EAAE;IACjD,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,gDAAgD;QAChD,UAAU,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;YAC3C,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE;YAC/D,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;gBACjB,OAAO,EAAE,iBAAiB;gBAC1B,KAAK,EAAE,iBAAiB,CAAC,MAAM;gBAC/B,WAAW,EAAE,sBAAsB;aACpC,CAAC;SACH,CAA4B,CAAC;QAE9B,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;QAEpC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEhC,iDAAiD;QACjD,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACrD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAC5B,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAW,CAC7B,CAAC;QACpB,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEnE,0CAA0C;QAC1C,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YACxC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,UAAU,EAAE,CAAC;YACrC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,UAAU,EAAE,CAAC;YACtC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,UAAU,EAAE,CAAC;YACpC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,CAAC;QACpC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,wCAAwC;QACxC,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC;QAErE,4CAA4C;QAC5C,KAAK,MAAM,KAAK,IAAI,iBAAiB,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,MAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAChD,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,wCAAwC;AACxC,+EAA+E;AAE/E,QAAQ,CAAC,8CAA8C,EAAE,GAAG,EAAE;IAC5D,EAAE,CAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;QAC5E,iDAAiD;QACjD,MAAM,WAAW,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAChC,CAAC,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACjE,UAAU,CAAC,SAAS,GAAG,WAAW,CAAC;QAEnC,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAE/D,wBAAwB;QACxB,UAAU,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;YAC3C,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;YAC5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;gBACjB,OAAO,EAAE,iBAAiB;gBAC1B,KAAK,EAAE,iBAAiB,CAAC,MAAM;gBAC/B,WAAW,EAAE,sBAAsB;aACpC,CAAC;SACH,CAA4B,CAAC;QAE9B,2DAA2D;QAC3D,0CAA0C;QAC1C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,MAAM,WAAW,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAChC,CAAC,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC;QACpC,UAAU,CAAC,SAAS,GAAG,WAAW,CAAC;QAEnC,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAE/D,cAAc;QACd,UAAU,CAAC,KAAK,GAAG,EAAE;aAClB,EAAE,EAAE;aACJ,iBAAiB,CAAC,IAAI,KAAK,CAAC,cAAc,CAAC,CAA4B,CAAC;QAE3E,sCAAsC;QACtC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,sDAAsD;AACtD,+EAA+E;AAE/E,QAAQ,CAAC,2DAA2D,EAAE,GAAG,EAAE;IACzE,UAAU,CAAC,GAAG,EAAE;QACd,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAKhB;QACH;YACE,IAAI,EAAE,uCAAuC;YAC7C,SAAS,EAAE,SAAS;YACpB,YAAY,EAAE,wBAAwB;YACtC,gBAAgB,EAAE,UAAU;SAC7B;QACD;YACE,IAAI,EAAE,8BAA8B;YACpC,SAAS,EAAE,yBAAyB;YACpC,YAAY,EAAE,kBAAkB;YAChC,gBAAgB,EAAE,UAAU;SAC7B;QACD;YACE,IAAI,EAAE,oCAAoC;YAC1C,SAAS,EAAE,qBAAqB;YAChC,YAAY,EAAE,qBAAqB;YACnC,gBAAgB,EAAE,MAAM;SACzB;QACD;YACE,IAAI,EAAE,+BAA+B;YACrC,SAAS,EAAE,YAAY;YACvB,YAAY,EAAE,kBAAkB;YAChC,gBAAgB,EAAE,UAAU;SAC7B;QACD;YACE,IAAI,EAAE,uBAAuB;YAC7B,SAAS,EAAE,SAAS;YACpB,YAAY,EAAE,eAAe;YAC7B,gBAAgB,EAAE,MAAM;SACzB;KACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CACtB,2BAA2B,EAC3B,KAAK,EAAE,EAAE,SAAS,EAAE,YAAY,EAAE,gBAAgB,EAAE,EAAE,EAAE;QACtD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;QAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,MAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAChD,MAAM,CAAC,MAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,wBAAwB;QAC3E,MAAM,CAAC,MAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;IACzE,CAAC,CACF,CAAC;AACJ,CAAC,CAAC,CAAC"}

package/dist/blocklist/blocklist.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/blocklist/blocklist.test.js

@@ -0,0 +1,259 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+// ---------------------------------------------------------------------------
+// Mocks — vi.hoisted for ESM compatibility
+// ---------------------------------------------------------------------------
+const mocks = vi.hoisted(() => ({
+    readFileSync: vi.fn(),
+    writeFileSync: vi.fn(),
+    mkdirSync: vi.fn(),
+    existsSync: vi.fn(),
+    fetch: vi.fn(),
+}));
+vi.mock("node:fs", () => ({
+    readFileSync: mocks.readFileSync,
+    writeFileSync: mocks.writeFileSync,
+    mkdirSync: mocks.mkdirSync,
+    existsSync: mocks.existsSync,
+}));
+// Mock global fetch
+const originalFetch = globalThis.fetch;
+// ---------------------------------------------------------------------------
+// Import module under test AFTER mocks
+// ---------------------------------------------------------------------------
+const { checkBlocklist, syncBlocklist, getCachedBlocklist, isBlocklistStale, } = await import("./blocklist.js");
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function makeEntry(overrides = {}) {
+    return {
+        skillName: "evil-skill",
+        threatType: "credential-theft",
+        severity: "critical",
+        reason: "Steals AWS credentials",
+        evidenceUrls: ["https://example.com/report"],
+        discoveredAt: "2026-02-01T00:00:00Z",
+        ...overrides,
+    };
+}
+function makeCache(overrides = {}) {
+    return {
+        entries: [makeEntry()],
+        count: 1,
+        lastUpdated: "2026-02-01T00:00:00Z",
+        fetchedAt: new Date().toISOString(),
+        ...overrides,
+    };
+}
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+beforeEach(() => {
+    vi.clearAllMocks();
+    globalThis.fetch = mocks.fetch;
+});
+afterEach(() => {
+    globalThis.fetch = originalFetch;
+    delete process.env.VSKILL_API_URL;
+});
+describe("getCachedBlocklist", () => {
+    it("returns null when cache file does not exist", () => {
+        mocks.existsSync.mockReturnValue(false);
+        expect(getCachedBlocklist()).toBeNull();
+    });
+    it("returns parsed cache when file exists", () => {
+        const cache = makeCache();
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(cache));
+        const result = getCachedBlocklist();
+        expect(result).toEqual(cache);
+    });
+    it("returns null when cache file is corrupted", () => {
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue("not json{{{");
+        expect(getCachedBlocklist()).toBeNull();
+    });
+});
+describe("isBlocklistStale", () => {
+    it("returns true when cache is older than 1 hour", () => {
+        const twoHoursAgo = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+        const cache = makeCache({ fetchedAt: twoHoursAgo });
+        expect(isBlocklistStale(cache)).toBe(true);
+    });
+    it("returns false when cache is less than 1 hour old", () => {
+        const tenMinutesAgo = new Date(Date.now() - 10 * 60 * 1000).toISOString();
+        const cache = makeCache({ fetchedAt: tenMinutesAgo });
+        expect(isBlocklistStale(cache)).toBe(false);
+    });
+    it("returns true when fetchedAt is invalid", () => {
+        const cache = makeCache({ fetchedAt: "invalid-date" });
+        expect(isBlocklistStale(cache)).toBe(true);
+    });
+});
+describe("syncBlocklist", () => {
+    it("fetches from API and writes cache file", async () => {
+        const apiResponse = {
+            entries: [makeEntry()],
+            count: 1,
+            lastUpdated: "2026-02-01T00:00:00Z",
+        };
+        mocks.fetch.mockResolvedValue({
+            ok: true,
+            headers: { get: () => null },
+            json: async () => apiResponse,
+        });
+        mocks.existsSync.mockReturnValue(true);
+        const result = await syncBlocklist();
+        expect(mocks.fetch).toHaveBeenCalledWith("https://verified-skill.com/api/v1/blocklist", expect.any(Object));
+        expect(mocks.writeFileSync).toHaveBeenCalled();
+        expect(result.entries).toEqual(apiResponse.entries);
+        expect(result.count).toBe(1);
+        expect(result.fetchedAt).toBeDefined();
+    });
+    it("uses VSKILL_API_URL environment variable when set", async () => {
+        process.env.VSKILL_API_URL = "https://custom-api.example.com";
+        const apiResponse = {
+            entries: [],
+            count: 0,
+            lastUpdated: "2026-02-01T00:00:00Z",
+        };
+        mocks.fetch.mockResolvedValue({
+            ok: true,
+            headers: { get: () => null },
+            json: async () => apiResponse,
+        });
+        mocks.existsSync.mockReturnValue(true);
+        await syncBlocklist();
+        expect(mocks.fetch).toHaveBeenCalledWith("https://custom-api.example.com/api/v1/blocklist", expect.any(Object));
+    });
+    it("creates ~/.vskill directory if it doesn't exist", async () => {
+        const apiResponse = {
+            entries: [],
+            count: 0,
+            lastUpdated: "2026-02-01T00:00:00Z",
+        };
+        mocks.fetch.mockResolvedValue({
+            ok: true,
+            headers: { get: () => null },
+            json: async () => apiResponse,
+        });
+        mocks.existsSync.mockReturnValue(false);
+        await syncBlocklist();
+        expect(mocks.mkdirSync).toHaveBeenCalledWith(expect.stringContaining(".vskill"), { recursive: true });
+    });
+    it("stores etag from response headers", async () => {
+        const apiResponse = {
+            entries: [],
+            count: 0,
+            lastUpdated: "2026-02-01T00:00:00Z",
+        };
+        mocks.fetch.mockResolvedValue({
+            ok: true,
+            headers: { get: (h) => (h === "etag" ? '"abc123"' : null) },
+            json: async () => apiResponse,
+        });
+        mocks.existsSync.mockReturnValue(true);
+        const result = await syncBlocklist();
+        expect(result.etag).toBe('"abc123"');
+    });
+    it("throws when API returns non-ok response", async () => {
+        mocks.fetch.mockResolvedValue({
+            ok: false,
+            status: 500,
+            statusText: "Internal Server Error",
+        });
+        await expect(syncBlocklist()).rejects.toThrow("Blocklist API error: 500");
+    });
+});
+describe("checkBlocklist", () => {
+    it("returns matching entry from fresh cache", async () => {
+        const entry = makeEntry({ skillName: "evil-skill" });
+        const cache = makeCache({
+            entries: [entry],
+            fetchedAt: new Date().toISOString(),
+        });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(cache));
+        const result = await checkBlocklist("evil-skill");
+        expect(result).toEqual(entry);
+    });
+    it("returns null when skill is not in blocklist", async () => {
+        const cache = makeCache({
+            entries: [makeEntry({ skillName: "evil-skill" })],
+            fetchedAt: new Date().toISOString(),
+        });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(cache));
+        const result = await checkBlocklist("safe-skill");
+        expect(result).toBeNull();
+    });
+    it("refreshes cache when stale and API is available", async () => {
+        const twoHoursAgo = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+        const staleCache = makeCache({
+            entries: [makeEntry({ skillName: "old-evil" })],
+            fetchedAt: twoHoursAgo,
+        });
+        const freshEntry = makeEntry({ skillName: "new-evil" });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(staleCache));
+        mocks.fetch.mockResolvedValue({
+            ok: true,
+            headers: { get: () => null },
+            json: async () => ({
+                entries: [freshEntry],
+                count: 1,
+                lastUpdated: "2026-02-19T00:00:00Z",
+            }),
+        });
+        const result = await checkBlocklist("new-evil");
+        expect(result).toEqual(freshEntry);
+        expect(mocks.fetch).toHaveBeenCalled();
+    });
+    it("falls back to stale cache when API is unreachable", async () => {
+        const twoHoursAgo = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+        const entry = makeEntry({ skillName: "evil-skill" });
+        const staleCache = makeCache({
+            entries: [entry],
+            fetchedAt: twoHoursAgo,
+        });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(staleCache));
+        mocks.fetch.mockRejectedValue(new Error("Network error"));
+        const result = await checkBlocklist("evil-skill");
+        expect(result).toEqual(entry);
+    });
+    it("returns null when no cache exists and API is unreachable", async () => {
+        mocks.existsSync.mockReturnValue(false);
+        mocks.fetch.mockRejectedValue(new Error("Network error"));
+        const result = await checkBlocklist("evil-skill");
+        expect(result).toBeNull();
+    });
+    it("matches by contentHash when provided", async () => {
+        const entry = makeEntry({
+            skillName: "evil-skill",
+            contentHash: "sha256:abc123",
+        });
+        const cache = makeCache({
+            entries: [entry],
+            fetchedAt: new Date().toISOString(),
+        });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(cache));
+        const result = await checkBlocklist("different-name", "sha256:abc123");
+        expect(result).toEqual(entry);
+    });
+    it("matches by name even when contentHash doesn't match", async () => {
+        const entry = makeEntry({
+            skillName: "evil-skill",
+            contentHash: "sha256:different",
+        });
+        const cache = makeCache({
+            entries: [entry],
+            fetchedAt: new Date().toISOString(),
+        });
+        mocks.existsSync.mockReturnValue(true);
+        mocks.readFileSync.mockReturnValue(JSON.stringify(cache));
+        const result = await checkBlocklist("evil-skill", "sha256:nomatch");
+        expect(result).toEqual(entry);
+    });
+});
+//# sourceMappingURL=blocklist.test.js.map

package/dist/blocklist/blocklist.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"blocklist.test.js","sourceRoot":"","sources":["../../src/blocklist/blocklist.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAGzE,8EAA8E;AAC9E,2CAA2C;AAC3C,8EAA8E;AAE9E,MAAM,KAAK,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9B,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;IACrB,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE;IACtB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;IAClB,UAAU,EAAE,EAAE,CAAC,EAAE,EAAE;IACnB,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;CACf,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IACxB,YAAY,EAAE,KAAK,CAAC,YAAY;IAChC,aAAa,EAAE,KAAK,CAAC,aAAa;IAClC,SAAS,EAAE,KAAK,CAAC,SAAS;IAC1B,UAAU,EAAE,KAAK,CAAC,UAAU;CAC7B,CAAC,CAAC,CAAC;AAEJ,oBAAoB;AACpB,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;AAEvC,8EAA8E;AAC9E,uCAAuC;AACvC,8EAA8E;AAC9E,MAAM,EACJ,cAAc,EACd,aAAa,EACb,kBAAkB,EAClB,gBAAgB,GACjB,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;AAEnC,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,SAAS,CAAC,YAAqC,EAAE;IACxD,OAAO;QACL,SAAS,EAAE,YAAY;QACvB,UAAU,EAAE,kBAAkB;QAC9B,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,wBAAwB;QAChC,YAAY,EAAE,CAAC,4BAA4B,CAAC;QAC5C,YAAY,EAAE,sBAAsB;QACpC,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,YAAqC,EAAE;IACxD,OAAO;QACL,OAAO,EAAE,CAAC,SAAS,EAAE,CAAC;QACtB,KAAK,EAAE,CAAC;QACR,WAAW,EAAE,sBAAsB;QACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,UAAU,CAAC,GAAG,EAAE;IACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACnB,UAAU,CAAC,KAAK,GAAG,KAAK,CAAC,KAAgC,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEH,SAAS,CAAC,GAAG,EAAE;IACb,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;IACjC,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;AACpC,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACxC,MAAM,CAAC,kBAAkB,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;QAC1B,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,kBAAkB,EAAE,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QAClD,MAAM,CAAC,kBAAkB,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5E,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;QACpD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC,CAAC;QACvD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,CAAC,SAAS,EAAE,CAAC;YACtB,KAAK,EAAE,CAAC;YACR,WAAW,EAAE,sBAAsB;SACpC,CAAC;QAEF,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;YAC5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QAErC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,oBAAoB,CACtC,6CAA6C,EAC7C,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CACnB,CAAC;QACF,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7B,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,gCAAgC,CAAC;QAE9D,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC;YACR,WAAW,EAAE,sBAAsB;SACpC,CAAC;QAEF,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;YAC5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,aAAa,EAAE,CAAC;QAEtB,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,oBAAoB,CACtC,iDAAiD,EACjD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CACnB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC;YACR,WAAW,EAAE,sBAAsB;SACpC,CAAC;QAEF,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;YAC5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAExC,MAAM,aAAa,EAAE,CAAC;QAEtB,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,oBAAoB,CAC1C,MAAM,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAClC,EAAE,SAAS,EAAE,IAAI,EAAE,CACpB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC;YACR,WAAW,EAAE,sBAAsB;SACpC,CAAC;QAEF,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE;YACnE,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAEvC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,GAAG;YACX,UAAU,EAAE,uBAAuB;SACpC,CAAC,CAAC;QAEH,MAAM,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC,CAAC;QACrD,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,OAAO,EAAE,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC,CAAC;YACjD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5E,MAAM,UAAU,GAAG,SAAS,CAAC;YAC3B,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,CAAC;YAC/C,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,CAAC;QAExD,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAE/D,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;YAC5B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;YAC5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;gBACjB,OAAO,EAAE,CAAC,UAAU,CAAC;gBACrB,KAAK,EAAE,CAAC;gBACR,WAAW,EAAE,sBAAsB;aACpC,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,UAAU,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACnC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5E,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC,CAAC;QACrD,MAAM,UAAU,GAAG,SAAS,CAAC;YAC3B,OAAO,EAAE,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAE/D,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACxC,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,SAAS,EAAE,YAAY;YACvB,WAAW,EAAE,eAAe;SAC7B,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,OAAO,EAAE,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;QACvE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,SAAS,EAAE,YAAY;YACvB,WAAW,EAAE,kBAAkB;SAChC,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,SAAS,CAAC;YACtB,OAAO,EAAE,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAC;QACpE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/__tests__/eval-router.test.d.ts

@@ -0,0 +1 @@
+export {};