cisco-ai-skill-scanner 1.0.0__py3-none-any.whl → 1.0.2__py3-none-any.whl

{skillanalyzer → skill_scanner}/threats/threats.py

@@ -41,16 +41,6 @@ class ThreatMapping:
             "description": "Explicit attempts to override, replace, or modify the model's system instructions, "
             "operational directives, or behavioral guidelines through direct user input.",
         },
-        "PROMPT_INJECTION": {  # Underscore version
-            "scanner_category": "PROMPT INJECTION",
-            "severity": "HIGH",
-            "aitech": "AITech-1.1",
-            "aitech_name": "Direct Prompt Injection",
-            "aisubtech": "AISubtech-1.1.1",
-            "aisubtech_name": "Instruction Manipulation (Direct Prompt Injection)",
-            "description": "Explicit attempts to override, replace, or modify the model's system instructions, "
-            "operational directives, or behavioral guidelines through direct user input.",
-        },
         "DATA EXFILTRATION": {
             "scanner_category": "SECURITY VIOLATION",
             "severity": "HIGH",
@@ -75,7 +65,7 @@ class ThreatMapping:
             "severity": "HIGH",
             "aitech": "AITech-12.1",
             "aitech_name": "Tool Exploitation",
-            "aisubtech": "AISubtech-12.1.5",
+            "aisubtech": "AISubtech-12.1.4",
             "aisubtech_name": "Tool Shadowing",
             "description": "Disguising, substituting or duplicating legitimate tools within an agent, enabling malicious tools with identical or similar identifiers to intercept or replace trusted tool calls.",
         },
@@ -92,15 +82,6 @@ class ThreatMapping:
 
     # YARA/Static Analyzer Threats
     YARA_THREATS = {
-        "PROMPT_INJECTION": {  # Underscore version
-            "scanner_category": "PROMPT INJECTION",
-            "severity": "HIGH",
-            "aitech": "AITech-1.1",
-            "aitech_name": "Direct Prompt Injection",
-            "aisubtech": "AISubtech-1.1.1",
-            "aisubtech_name": "Instruction Manipulation (Direct Prompt Injection)",
-            "description": "Explicit attempts to override system instructions through direct input.",
-        },
         "COMMAND INJECTION": {
             "scanner_category": "INJECTION ATTACK",
             "severity": "CRITICAL",
@@ -110,15 +91,6 @@ class ThreatMapping:
             "aisubtech_name": "Injection Attacks (SQL, Command Execution, XSS)",
             "description": "Injecting malicious command sequences leading to remote code execution.",
         },
-        "COMMAND_INJECTION": {  # Underscore version
-            "scanner_category": "INJECTION ATTACK",
-            "severity": "CRITICAL",
-            "aitech": "AITech-9.1",
-            "aitech_name": "Model or Agentic System Manipulation",
-            "aisubtech": "AISubtech-9.1.4",
-            "aisubtech_name": "Injection Attacks (SQL, Command Execution, XSS)",
-            "description": "Injecting malicious command sequences leading to remote code execution.",
-        },
         "DATA EXFILTRATION": {
             "scanner_category": "SECURITY VIOLATION",
             "severity": "CRITICAL",
@@ -128,40 +100,31 @@ class ThreatMapping:
             "aisubtech_name": "Data Exfiltration via Agent Tooling",
             "description": "Unauthorized exposure or exfiltration of sensitive information.",
         },
-        "DATA_EXFILTRATION": {  # Underscore version
-            "scanner_category": "SECURITY VIOLATION",
-            "severity": "CRITICAL",
-            "aitech": "AITech-8.2",
-            "aitech_name": "Data Exfiltration / Exposure",
-            "aisubtech": "AISubtech-8.2.3",
-            "aisubtech_name": "Data Exfiltration via Agent Tooling",
-            "description": "Unauthorized exposure or exfiltration of sensitive information.",
-        },
         "SKILL DISCOVERY ABUSE": {
-            "scanner_category": "SOCIAL ENGINEERING",
+            "scanner_category": "PROTOCOL MANIPULATION",
             "severity": "MEDIUM",
-            "aitech": "AITech-2.1",  # Social Engineering (closest match)
-            "aitech_name": "Social Engineering",
-            "aisubtech": None,  # No exact subtech for skill discovery abuse
-            "aisubtech_name": None,
-            "description": "Manipulation of skill discovery to increase unwanted activation (keyword baiting, over-broad descriptions, impersonation).",
+            "aitech": "AITech-4.3",
+            "aitech_name": "Protocol Manipulation",
+            "aisubtech": "AISubtech-4.3.5",
+            "aisubtech_name": "Capability Inflation",
+            "description": "Manipulation of skill discovery mechanisms to inflate perceived capabilities and increase unwanted activation (keyword baiting, over-broad descriptions, brand impersonation).",
         },
         "TRANSITIVE TRUST ABUSE": {
             "scanner_category": "PROMPT INJECTION",
             "severity": "HIGH",
-            "aitech": "AITech-1.2",  # Indirect Prompt Injection (exact match from Framework)
+            "aitech": "AITech-1.2",
             "aitech_name": "Indirect Prompt Injection",
-            "aisubtech": None,
-            "aisubtech_name": None,
-            "description": "Delegating trust to untrusted external content - following webpage/file instructions, executing found code blocks.",
+            "aisubtech": "AISubtech-1.2.1",
+            "aisubtech_name": "Instruction Manipulation (Indirect Prompt Injection)",
+            "description": "Embedding malicious instructions in external data sources (webpages, documents, APIs) that override intended behavior - following external instructions, executing found code blocks.",
         },
         "AUTONOMY ABUSE": {
             "scanner_category": "RESOURCE ABUSE",
             "severity": "HIGH",
-            "aitech": "AITech-9.1",  # Model or Agentic System Manipulation (closest match)
-            "aitech_name": "Model or Agentic System Manipulation",
-            "aisubtech": None,
-            "aisubtech_name": None,
+            "aitech": "AITech-13.1",
+            "aitech_name": "Disruption of Availability",
+            "aisubtech": "AISubtech-13.1.1",
+            "aisubtech_name": "Compute Exhaustion",
             "description": "Excessive autonomy without bounds - keep retrying indefinitely, run without confirmation, ignore errors.",
         },
         "TOOL CHAINING ABUSE": {
@@ -182,15 +145,6 @@ class ThreatMapping:
             "aisubtech_name": "Sensitive Data Exposure",
             "description": "Hardcoded credentials, API keys, or secrets in code.",
         },
-        "HARDCODED_SECRETS": {  # Underscore version
-            "scanner_category": "CREDENTIAL HARVESTING",
-            "severity": "CRITICAL",
-            "aitech": "AITech-8.2",
-            "aitech_name": "Data Exfiltration / Exposure",
-            "aisubtech": "AISubtech-8.2.1",
-            "aisubtech_name": "Sensitive Data Exposure",
-            "description": "Hardcoded credentials, API keys, or secrets in code.",
-        },
         "OBFUSCATION": {
             "scanner_category": "SUSPICIOUS CODE",
             "severity": "HIGH",
@@ -209,29 +163,11 @@ class ThreatMapping:
             "aisubtech_name": "Tool Abuse",
             "description": "Using tools or capabilities beyond declared permissions.",
         },
-        "UNAUTHORIZED_TOOL_USE": {  # Underscore version
-            "scanner_category": "SECURITY VIOLATION",
-            "severity": "MEDIUM",
-            "aitech": "AITech-12.1",
-            "aitech_name": "Tool Exploitation",
-            "aisubtech": "AISubtech-12.1.1",
-            "aisubtech_name": "Tool Abuse",
-            "description": "Using tools or capabilities beyond declared permissions.",
-        },
         "SOCIAL ENGINEERING": {
-            "scanner_category": "DECEPTIVE CONTENT",
-            "severity": "MEDIUM",
-            "aitech": "AITech-15.1",
-            "aitech_name": "Harmful / Misleading / Inaccurate Content",
-            "aisubtech": "AISubtech-15.1.1",
-            "aisubtech_name": "Deceptive or Misleading Content",
-            "description": "Misleading descriptions or deceptive metadata.",
-        },
-        "SOCIAL_ENGINEERING": {  # Underscore version
-            "scanner_category": "DECEPTIVE CONTENT",
+            "scanner_category": "HARMFUL CONTENT",
             "severity": "MEDIUM",
             "aitech": "AITech-15.1",
-            "aitech_name": "Harmful / Misleading / Inaccurate Content",
+            "aitech_name": "Harmful Content",
             "aisubtech": "AISubtech-15.1.1",
             "aisubtech_name": "Deceptive or Misleading Content",
             "description": "Misleading descriptions or deceptive metadata.",
@@ -239,18 +175,9 @@ class ThreatMapping:
         "RESOURCE ABUSE": {
             "scanner_category": "RESOURCE ABUSE",
             "severity": "MEDIUM",
-            "aitech": "AITech-13.3",
-            "aitech_name": "Availability Disruption",
-            "aisubtech": "AISubtech-13.3.2",
-            "aisubtech_name": "Compute Exhaustion",
-            "description": "Excessive resource consumption or denial of service.",
-        },
-        "RESOURCE_ABUSE": {  # Underscore version
-            "scanner_category": "RESOURCE ABUSE",
-            "severity": "MEDIUM",
-            "aitech": "AITech-13.3",
-            "aitech_name": "Availability Disruption",
-            "aisubtech": "AISubtech-13.3.2",
+            "aitech": "AITech-13.1",
+            "aitech_name": "Disruption of Availability",
+            "aisubtech": "AISubtech-13.1.1",
             "aisubtech_name": "Compute Exhaustion",
             "description": "Excessive resource consumption or denial of service.",
         },
@@ -315,9 +242,9 @@ class ThreatMapping:
         "RESOURCE EXHAUSTION": {
             "scanner_category": "RESOURCE ABUSE",
             "severity": "MEDIUM",
-            "aitech": "AITech-13.3",
-            "aitech_name": "Availability Disruption",
-            "aisubtech": "AISubtech-13.3.2",
+            "aitech": "AITech-13.1",
+            "aitech_name": "Disruption of Availability",
+            "aisubtech": "AISubtech-13.1.1",
             "aisubtech_name": "Compute Exhaustion",
             "description": "Overloading the system via repeated invocations or large payloads to cause denial of service.",
         },
@@ -350,7 +277,8 @@ class ThreatMapping:
             raise ValueError(f"Unknown analyzer: {analyzer}")
 
         threats: dict[str, dict[str, Any]] = analyzer_map[analyzer_lower]
-        threat_upper = threat_name.upper()
+        # Normalize: convert underscores to spaces for consistent lookup
+        threat_upper = threat_name.upper().replace("_", " ")
 
         if threat_upper not in threats:
             # Return generic mapping if not found
@@ -383,11 +311,12 @@ class ThreatMapping:
             "AITech-1.1": "prompt_injection",  # Direct Prompt Injection
             "AITech-1.2": "prompt_injection",  # Indirect Prompt Injection
             "AITech-2.1": "social_engineering",  # Social Engineering
+            "AITech-4.3": "skill_discovery_abuse",  # Protocol Manipulation / Capability Inflation
             "AITech-8.2": "data_exfiltration",  # Data Exfiltration / Exposure
             "AITech-9.1": "command_injection",  # Model or Agentic System Manipulation (injection attacks)
             "AITech-12.1": "unauthorized_tool_use",  # Tool Exploitation
-            "AITech-13.3": "resource_abuse",  # Availability Disruption
-            "AITech-15.1": "social_engineering",  # Harmful / Misleading / Inaccurate Content
+            "AITech-13.1": "resource_abuse",  # Disruption of Availability (AISubtech-13.1.1: Compute Exhaustion)
+            "AITech-15.1": "harmful_content",  # Harmful Content
             "AITech-99.9": "policy_violation",  # Unknown Threat
         }
 

{skillanalyzer → skill_scanner}/utils/__init__.py

@@ -14,7 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""Utility modules for Skill Analyzer."""
+"""Utility modules for Skill Scanner."""
 
 from .file_utils import get_file_type, is_binary_file, read_file_safe
 from .logging_utils import get_logger, setup_logger

{skillanalyzer → skill_scanner}/utils/command_utils.py

@@ -14,7 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""Command execution utilities for Skill Analyzer."""
+"""Command execution utilities for Skill Scanner."""
 
 import os
 import shlex

{skillanalyzer → skill_scanner}/utils/di_container.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Dependency Injection Container for Skill Analyzer.
+Dependency Injection Container for Skill Scanner.
 
 This module provides a simple dependency injection container to improve
 testability and decouple configuration from implementation.

{skillanalyzer → skill_scanner}/utils/logging_config.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Centralized logging configuration for Skill Analyzer.
+Centralized logging configuration for Skill Scanner.
 
 This module provides consistent logging setup across all components.
 """
@@ -41,8 +41,8 @@ def setup_logger(name: str, level: str | None = None, format_string: str | None
     if logger.handlers:
         return logger
 
-    skillanalyzer_root = logging.getLogger("skillanalyzer")
-    if skillanalyzer_root.level == logging.DEBUG and name.startswith("skillanalyzer"):
+    skill_scanner_root = logging.getLogger("skill_scanner")
+    if skill_scanner_root.level == logging.DEBUG and name.startswith("skill_scanner"):
         logger.setLevel(logging.DEBUG)
     elif level:
         logger.setLevel(getattr(logging, level.upper()))
@@ -78,18 +78,18 @@ def get_logger(name: str, level: str | None = None) -> logging.Logger:
 
 def set_verbose_logging(verbose: bool = False) -> None:
     """
-    Enable or disable verbose logging for all skillanalyzer loggers.
+    Enable or disable verbose logging for all skill_scanner loggers.
 
     Args:
-        verbose: If True, set all existing skillanalyzer loggers to DEBUG level
+        verbose: If True, set all existing skill_scanner loggers to DEBUG level
     """
     target_level = logging.DEBUG if verbose else logging.INFO
 
-    root_logger = logging.getLogger("skillanalyzer")
+    root_logger = logging.getLogger("skill_scanner")
     root_logger.setLevel(target_level)
 
     for name in list(logging.Logger.manager.loggerDict.keys()):
-        if name.startswith("skillanalyzer"):
+        if name.startswith("skill_scanner"):
             logger = logging.getLogger(name)
             logger.setLevel(target_level)
             for handler in logger.handlers:

cisco_ai_skill_scanner-1.0.0.dist-info/RECORD

@@ -1,100 +0,0 @@
-skillanalyzer/__init__.py,sha256=raAwyMu06X3PXZ3YrxW9sUlZeG_UrDp4HIIUi6hN_zo,1318
-skillanalyzer/_version.py,sha256=vLA4ITz09S-S435nq6yTF6l3qiSz6w4euS1rOxXgd1M,704
-skillanalyzer/api/__init__.py,sha256=z7QSgt7lMZQ7eO9pAO-Iao6jEJQ6UPQissGfb_U4iXc,754
-skillanalyzer/api/api.py,sha256=2R8qpk_DbbhCChnvhzQCMH9FFq0xQDZLX-eMBy0wnbk,1038
-skillanalyzer/api/api_cli.py,sha256=VjxcFg-UFJJIWJMcH713tAKKEtIUB0dV66H2Yzd1mb8,2392
-skillanalyzer/api/api_server.py,sha256=XAU3QH5yz6BS3T4Tcl13yzz4x3VNK-v6KkidprepJy4,21142
-skillanalyzer/api/router.py,sha256=8c1DQI3f3xDvV7SYVSua000oGUu-Oi5YcrzofmRVYnQ,17421
-skillanalyzer/cli/__init__.py,sha256=17rrftCF-A1WQDiZ0kdBAfPHgG0ouED5wkdy-WvIRNA,763
-skillanalyzer/cli/cli.py,sha256=8ZGZXJ2ccc-93jZS3XOpZyLSAHwjkOai5TU5yG_jmfE,35511
-skillanalyzer/config/__init__.py,sha256=KQUqIL0lWI1hy_qu_EDt4EIcuW9a2ok2WVuQNViOf4g,847
-skillanalyzer/config/config.py,sha256=-7ymRfwypmBGyoOUWiSuwwRIr7Ztt8t6GcuGjm-9XKw,4714
-skillanalyzer/config/config_parser.py,sha256=XF8VwQqrBhzPuS4wf_AI-MAhlm9thgJnbIoncxIoIrs,3777
-skillanalyzer/config/constants.py,sha256=4Jck7kUtcHTIa9Hcwnbgk0lUqZvxarcdp6c86Xn4Xwk,2521
-skillanalyzer/core/__init__.py,sha256=issm88bGzNlQuFH5qy1tKzMgQbYL0ODSxsDgYjCMCKw,830
-skillanalyzer/core/exceptions.py,sha256=zWB8XubcfwEL0uZutuagr1l3rEd3w-5mB1ggNLnz6cE,2015
-skillanalyzer/core/loader.py,sha256=8pAr5nN0DLmf7Dc7xIFIT_okQ6w35RKGLyibNUDFbPU,13596
-skillanalyzer/core/models.py,sha256=ZMe9CaufG7yMzLwei1GdVidj72HlA16brVwkPGmervg,10627
-skillanalyzer/core/scanner.py,sha256=VfrG74SmFyslS3a5Z6HqSOou74u02TW1aos5Oj--_l4,14833
-skillanalyzer/core/analyzers/__init__.py,sha256=loTObGAXelxAiodtR0XzR6r1Ebw17BiuZZXN9TA3eJc,2136
-skillanalyzer/core/analyzers/aidefense_analyzer.py,sha256=al_j3HzfZIToI38WNOnqBG_AXfJEBd6QVm8_h_sjvA4,36471
-skillanalyzer/core/analyzers/base.py,sha256=4BN6dHLn2Q9hQMLAJTSJXsl6tZgfCqqBxZO9icuu70Q,1374
-skillanalyzer/core/analyzers/behavioral_analyzer.py,sha256=OcBs0abjmimbtLREkTbgQrarXvGfg18Fp8Z-Uas_gyI,19077
-skillanalyzer/core/analyzers/cross_skill_analyzer.py,sha256=4KysKr_2WR5-JbbFs0tBKf27Oj0l35KK0wREFNRcvno,18939
-skillanalyzer/core/analyzers/llm_analyzer.py,sha256=juvLmKn1n8HHOzkyizG94aPO-tz_ht-vexMmbGLZ3Mo,17836
-skillanalyzer/core/analyzers/llm_prompt_builder.py,sha256=DEz4tP0HY4p2XWbXbxfSIdkwhLCd_dWX7cDe9A3CeOA,10162
-skillanalyzer/core/analyzers/llm_provider_config.py,sha256=pbVx7N9OCohjIWjENMq-kiy6_svTn4IYvQfPxlR0M_Y,8488
-skillanalyzer/core/analyzers/llm_request_handler.py,sha256=nz_gjnDTr0dT2GbfQMqKR6-n63x38AcB5G4UnPHLY9s,11679
-skillanalyzer/core/analyzers/llm_response_parser.py,sha256=wO5ovd4se-KqIPwdZX-r0_tozaJEDUx7Q7yajKntPwk,2682
-skillanalyzer/core/analyzers/meta_analyzer.py,sha256=rFyU-BW7cmHDib93KIgdtsH5J7OIVT8Wc0Pnx87OPIE,33373
-skillanalyzer/core/analyzers/static.py,sha256=BNHmmZouX_8lbeJZlVC0P831-u9IPz9Gmft_05pI2pI,45259
-skillanalyzer/core/analyzers/trigger_analyzer.py,sha256=BJuu0nbI7BKS2aoqZnzYON825ObETsfJcIOiSxkagH4,12263
-skillanalyzer/core/analyzers/virustotal_analyzer.py,sha256=V7nG-fR2GhfdZhh8JVNvM6gOqRyUGsuxHN1yNRvmw6M,15988
-skillanalyzer/core/analyzers/behavioral/__init__.py,sha256=mY0aRrrT5y7E8SOApQ8g-IewW6LR33Y4SlsZKzl90qQ,1070
-skillanalyzer/core/analyzers/behavioral/alignment/__init__.py,sha256=nB2KWYnDu6I4yGiaewEyySzG4w96hElXiQBqJFfGmP4,1832
-skillanalyzer/core/analyzers/behavioral/alignment/alignment_llm_client.py,sha256=vklWQ7rBoyfayzs1n1J8xlCo3_nimEqCgDViCXwyOZM,8646
-skillanalyzer/core/analyzers/behavioral/alignment/alignment_orchestrator.py,sha256=zfkjFz-DDwUEOGDBpJ8cAZi5bH-VP_d_1bJTF1z0Si4,9478
-skillanalyzer/core/analyzers/behavioral/alignment/alignment_prompt_builder.py,sha256=mXkBYQDpPaqA298Jly835x_cLOUWHjSc8sBDhgMrWxs,18043
-skillanalyzer/core/analyzers/behavioral/alignment/alignment_response_validator.py,sha256=lu0gPPRbJkZJlkguqwUeSVl43HpMFypICXH_4s8Zjbo,4556
-skillanalyzer/core/analyzers/behavioral/alignment/threat_vulnerability_classifier.py,sha256=DCXnbs9Fa2ajFT0We4sOo6nxIk7O_Pc0z01fGMDHsRg,7227
-skillanalyzer/core/reporters/__init__.py,sha256=XCqeM_kiS1uvcwymDreueQ2KOzMhG5_4vQgxzReJS4w,943
-skillanalyzer/core/reporters/json_reporter.py,sha256=JLlPTbs8ncMJHAXZk7iBWCHdL5Qn2PqHOQldHeH2ZGE,1798
-skillanalyzer/core/reporters/markdown_reporter.py,sha256=1-pIwgXYBcCzqmKlxh2y2KU37TNRojqaTJ_CBSM_bSY,7842
-skillanalyzer/core/reporters/sarif_reporter.py,sha256=n5tGCXKwRJzEovlJt7j0USkmMYDsctLQdF9VIMbN95g,8285
-skillanalyzer/core/reporters/table_reporter.py,sha256=g-1W4XsJUzHW7LdzuW5CJ1krHAE5fvHViBKlw1ShFXI,7046
-skillanalyzer/core/rules/__init__.py,sha256=zGlTBVjihqxgg0BKmhdGkyeCzSvRjVEASjBh-M0sn_8,680
-skillanalyzer/core/rules/patterns.py,sha256=OuJ6mPlQVy9R8g1Pn9ozWIC8iWfDEuQamdDW5Uu8200,5833
-skillanalyzer/core/rules/yara_scanner.py,sha256=YBH9-GEqha0zDglnGx4TV-lgv14cLianuxaqlFtLyx4,5327
-skillanalyzer/core/static_analysis/__init__.py,sha256=meZnZQj7ChgHek6fIrfd-YInolXCqI37HTUTlQWEm7w,930
-skillanalyzer/core/static_analysis/context_extractor.py,sha256=ZaR5bIgfk1WQGU1G2or2vNsPQ3tmW5HU6mtyRemYdK0,29791
-skillanalyzer/core/static_analysis/cfg/__init__.py,sha256=jkvx12ZGddbRVu_0b04Bamr7JX084yD6BLxgOUEHT1w,816
-skillanalyzer/core/static_analysis/cfg/builder.py,sha256=Tm1GZ56rfOoNx-3WLmn2MNov2KzPKN-QZgJbBG-9D2c,14932
-skillanalyzer/core/static_analysis/dataflow/__init__.py,sha256=vjNUG8J5__m8HYd18VNkKxBzeAss1qugVrp0Amndg2w,834
-skillanalyzer/core/static_analysis/dataflow/forward_analysis.py,sha256=haHWJVz-SZxZpZoEwAsNOum-67ldppe_YBRMZOSJqz0,30747
-skillanalyzer/core/static_analysis/interprocedural/__init__.py,sha256=dFIglo65HpWMJ80ejB4tjv54MaNeSymQ5eowD5QGZic,798
-skillanalyzer/core/static_analysis/interprocedural/call_graph_analyzer.py,sha256=NKpixV-wlK_lwnSgLY5Tw01pAoC2kl7R6U4_PWnKicE,14062
-skillanalyzer/core/static_analysis/interprocedural/cross_file_analyzer.py,sha256=neP8pdyGhCUHJQmmTXfm0X_CFHlTHh7e3RU7HVJ0UVY,7472
-skillanalyzer/core/static_analysis/parser/__init__.py,sha256=AXCg1HHVzyjswGJl4TNFhzwMKxgin8JY2EK00RVv9_Y,769
-skillanalyzer/core/static_analysis/parser/python_parser.py,sha256=lkJKSODZkSC-Vg30eSpli_jsFeIouKt-DsSeEgce1u4,13804
-skillanalyzer/core/static_analysis/semantic/__init__.py,sha256=7HS7lJ4APpyfWLTUQ_24aJkrLX2MQTcc4erYFtLKm3o,877
-skillanalyzer/core/static_analysis/semantic/name_resolver.py,sha256=TEJQkEaTvkL7dnAZwNbcLALPVw85Qc3FS5jfr4CYEsQ,6218
-skillanalyzer/core/static_analysis/semantic/type_analyzer.py,sha256=NXEOZO8-vYZ97SQJ5Gu_YLWFDMDhtvtuixVwYGarmDM,5942
-skillanalyzer/core/static_analysis/taint/__init__.py,sha256=71JejlK110K2r3LXNIJOLGCZ7I5Q7cEn8XvfCCoEexA,809
-skillanalyzer/core/static_analysis/taint/tracker.py,sha256=1WExA8NAV62X5Az64grI41LkkyMNQ7kFS8Mzf6Id1NI,7182
-skillanalyzer/core/static_analysis/types/__init__.py,sha256=XluM6BlZ8ECfdAD-231ONJn13UeDdAGmirPAVc0zePk,937
-skillanalyzer/data/__init__.py,sha256=WztWQdxkW4nkIejCTH4VH7l6mGU-p2JuEzEUFsj3z_4,977
-skillanalyzer/data/prompts/boilerplate_protection_rule_prompt.md,sha256=wCaDgae0LU7Flsd2Q4Ob4vEeZnpc29nfX4oJjBrE-WM,1468
-skillanalyzer/data/prompts/code_alignment_threat_analysis_prompt.md,sha256=mvSoW2OekXEz9lChZPaP4hUxVQ0-O57X3VI49ZrZqoY,25442
-skillanalyzer/data/prompts/llm_response_schema.json,sha256=nBPlsOtuqv0zwIns4YY7uZsaAM0uPZ7mkcqe8tNDHl8,2971
-skillanalyzer/data/prompts/skill_meta_analysis_prompt.md,sha256=O6vUsmCoqDvsd8j8ZbCCzYDdKYZd_UtXgRUJU4xaT4g,13924
-skillanalyzer/data/prompts/skill_threat_analysis_prompt.md,sha256=SLSlPbQ_7ASyivbQFnu_MKXJkTx1CMpudb4x5_mykY0,11651
-skillanalyzer/data/prompts/unified_response_schema.md,sha256=JzUGSRmF9J0cMcOWy05GGPWyGyYGkto4VPaXL59FWgM,3572
-skillanalyzer/data/rules/signatures.yaml,sha256=EMNH1JU5PRU0o8BZai_WzjNXX3UDlv3Gle2SpNt-hb8,16476
-skillanalyzer/data/yara_rules/autonomy_abuse.yara,sha256=MuS_YbczaPY4e58dvtaa4nQx6pdcklNjOWtkdo5YLew,2582
-skillanalyzer/data/yara_rules/code_execution.yara,sha256=9QP_JR8ZdLCPuDgJMLee6FgsIQPV5UNSBPnOcInHD1M,1898
-skillanalyzer/data/yara_rules/coercive_injection.yara,sha256=3QNzoiHDyhk1zUXHv7_COtCBSsr-bb--H4wKeNRCbBM,5359
-skillanalyzer/data/yara_rules/command_injection.yara,sha256=8I4mztCPgIZhAipr6GeZbEIi4v6kowVYrqw_ay1ny-w,2165
-skillanalyzer/data/yara_rules/credential_harvesting.yara,sha256=7W0pSKpW2KAmek1qP_DpjMHKuswv5L36tWusjuEl6Pc,5643
-skillanalyzer/data/yara_rules/prompt_injection.yara,sha256=q5tT7-L__x9RCjdAbFLcs9mSs8gZOmPPzjbdNKRwIHE,2715
-skillanalyzer/data/yara_rules/script_injection.yara,sha256=pzVPd7b9WNAS5iw8ZMoUgojKSBlEeSTLHLBho8UiMmA,3100
-skillanalyzer/data/yara_rules/skill_discovery_abuse.yara,sha256=gCgFcdFyLFU__7VPZIk8Hgp6ZMw31SPzDUPlpjNa69E,2453
-skillanalyzer/data/yara_rules/sql_injection.yara,sha256=pWq3ccqEvQtWz4fU8dQOkhCgVl6US9SZJDfuBU_YCY4,3691
-skillanalyzer/data/yara_rules/system_manipulation.yara,sha256=XoO17sZrarzdC58yyHaIz8z36x5xyxzmQXBnkYdoYfM,2231
-skillanalyzer/data/yara_rules/tool_chaining_abuse.yara,sha256=T-G3Tib8lU53ZYFdjlI2EEs6qQnZ831oUDNj2vjtONA,2256
-skillanalyzer/data/yara_rules/transitive_trust_abuse.yara,sha256=msYKqzbeFWe4mSLsdX8nJwOwuTV9nLFKDf8dXY2wJ8g,2773
-skillanalyzer/data/yara_rules/unicode_steganography.yara,sha256=5UxTvcy8CeWJLrPeldgJ9rY5gfODlC9bTNOkCauuOJA,2650
-skillanalyzer/hooks/__init__.py,sha256=ufSIo7sdtGxRD4lVDOVqBOqF3dhgEZRSkTu-UT5ZkcA,740
-skillanalyzer/hooks/pre_commit.py,sha256=y-9lz4OD2ILlYpbUa8S1uUjBfNDmU8EC-tWyUGU5NY8,13223
-skillanalyzer/threats/__init__.py,sha256=PiQ3frPbbaiKmdcxsan-NAgYDOYn_jhr-44-jSIysoY,883
-skillanalyzer/threats/threats.py,sha256=egFsT1crNlWQH3szG8yYIURMXXGh7GJnH3wI8w05nfI,21449
-skillanalyzer/utils/__init__.py,sha256=KnfUi433fGDKwck57kob4vuA8upzwSC-Na6OHrZ2uDc,907
-skillanalyzer/utils/command_utils.py,sha256=dTjN3Uzpk3dw5u7jbbOKO0j5FwmjYqcKlpr0vDA_1y4,4292
-skillanalyzer/utils/di_container.py,sha256=0wsQaVFkVLzORVEoMpSoZK_wOJrKTCAkTFkeEuTPzos,4586
-skillanalyzer/utils/file_utils.py,sha256=LT2xwrbqIWaYC-BYAL9zpF6a2xk6QNUVzItvGGJcBn8,2043
-skillanalyzer/utils/logging_config.py,sha256=wJ3HUNmGECgWE9jwz-SSuUMN-xTde6ybF4Yqa8Qrix4,2940
-skillanalyzer/utils/logging_utils.py,sha256=CLdOYmQdJejiLbcECTT2CbDU27PJ327AFMmeuVfCy94,1902
-cisco_ai_skill_scanner-1.0.0.dist-info/METADATA,sha256=oh3eKpG8h_pfWcIDdV4z6aAM38Yz-Pv1ZybReEqhYys,9290
-cisco_ai_skill_scanner-1.0.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-cisco_ai_skill_scanner-1.0.0.dist-info/entry_points.txt,sha256=IQSseT8ZcU7aaqYdl20wC1-TqKlklZR2Nw609NBQARw,175
-cisco_ai_skill_scanner-1.0.0.dist-info/licenses/LICENSE,sha256=b4va5sK_CWxpeDnOO2MF0MKqsiwU-3YblMmWKnmuWZg,653
-cisco_ai_skill_scanner-1.0.0.dist-info/RECORD,,

cisco_ai_skill_scanner-1.0.0.dist-info/entry_points.txt

@@ -1,4 +0,0 @@
-[console_scripts]
-skill-scanner = skillanalyzer.cli.cli:main
-skill-scanner-api = skillanalyzer.api.api_cli:main
-skill-scanner-pre-commit = skillanalyzer.hooks.pre_commit:main

skillanalyzer/data/yara_rules/autonomy_abuse.yara

@@ -1,66 +0,0 @@
-//////////////////////////////////////////
-// Unbounded Autonomy Detection
-// Target: Instructions that give skills excessive autonomy
-// For Claude Skills with dangerous autonomous behaviors
-//////////////////////////////////////////
-
-rule autonomy_abuse{
-
-    meta:
-        author = "Cisco"
-        description = "Detects unbounded autonomy patterns that could lead to runaway behavior"
-        classification = "harmful"
-        threat_type = "AUTONOMY ABUSE"
-
-    strings:
-
-        // Keep trying without limits
-        $keep_trying = /\b(keep (trying|attempting|retrying)|retry (until|till) (it )?(works?|succeeds?)|don't (give up|stop) until|continue (until|till) (success|it works))\b/i
-
-        // Run without confirmation
-        $no_confirmation = /\b(run without (asking|confirmation|permission|approval)|don't (ask|confirm|wait for) (user|permission|approval)|proceed without (asking|confirmation|permission))\b/i
-
-        // Automatic execution
-        $auto_execute = /\b(automatically (execute|run|perform|do)|auto-?(run|execute|perform)|execute (immediately|automatically|right away))\b/i
-
-        // Unbounded loops (simplified regex for YARA compatibility)
-        $unbounded_loops = /\b(run (continuously|forever|indefinitely)|keep (running|going) (forever|indefinitely)|while True:)\b/i
-
-        // Ignore errors and continue
-        $ignore_errors = /\b(ignore (all |any )?(errors?|exceptions?|failures?)|suppress (all |any )?(errors?|exceptions?)|continue (on|despite|after) (error|exception|failure))\b/i
-
-        // Escalating behavior
-        $escalating = /\b(if (that |this )?fails?,? (try|attempt|use) (more|higher|elevated) (privileges?|permissions?|access)|escalate (to|until))\b/i
-
-        // Self-modification
-        $self_modify = /\b(modify (itself|yourself|own|this skill)|update (itself|yourself|own|this skill)|change (own|this skill's) (code|behavior|instructions?))\b/i
-
-        // Autonomous decision making without bounds
-        $autonomous_decisions = /\b(decide (what|which|how) to (do|run|execute) (next|automatically)|choose (your own|automatically) (next )?actions?)\b/i
-
-    condition:
-
-        // Keep trying patterns
-        $keep_trying or
-
-        // No confirmation
-        $no_confirmation or
-
-        // Auto execution
-        $auto_execute or
-
-        // Unbounded loops
-        $unbounded_loops or
-
-        // Ignore errors
-        $ignore_errors or
-
-        // Escalating behavior
-        $escalating or
-
-        // Self-modification
-        $self_modify or
-
-        // Autonomous decisions
-        $autonomous_decisions
-}

skillanalyzer/data/yara_rules/code_execution.yara

@@ -1,61 +0,0 @@
-//////////////////////////////////////////
-// Code Execution Detection Rule for Claude Skills
-// Target: Python and Bash execution patterns
-// (eval, exec, subprocess, shell injection)
-/////////////////////////////////////////
-
-rule code_execution{
-
-    meta:
-
-        author = "Cisco"
-        description = "Detects dangerous code execution patterns in Claude Skills (Python/Bash)"
-        classification = "harmful"
-        threat_type = "CODE EXECUTION"
-
-    strings:
-
-        // Python dangerous execution (eval, exec with actual content)
-        $python_eval_exec = /\b(eval|exec)\s*\([^)]{5,}\)/i
-
-        // Python system/subprocess execution
-        $python_system_calls = /\b(os\.(system|popen|execv?p?e?|spawnv?p?e?)|subprocess\.(run|call|Popen|check_output))\s*\(/i
-
-        // Python __import__ with user input
-        $python_import_abuse = /\b__import__\s*\([^)]*input/i
-
-        // Bash shell execution with variables
-        $bash_shell_exec = /\b(system|exec|popen|spawn)\s*\([^)]*[\$\{]/i
-
-        // Base64 decode followed by exec/eval (obfuscation)
-        $obfuscated_execution = /\b(base64\.b64decode|decode\(|atob)\s*\([^)]+\)[\s\n]*.*\b(eval|exec|os\.system|subprocess)\s*\(/i
-
-        // Shell command injection patterns
-        $shell_injection = /[\"|\']\s*[;&|]\s*(rm|wget|curl|nc|bash|sh|python)\s+/
-
-        // Pickle deserialization (unsafe)
-        $unsafe_deserialize = /\bpickle\.(loads?|load)\s*\(/i
-
-    condition:
-
-        // Python eval/exec with content
-        $python_eval_exec or
-
-        // Python system calls
-        $python_system_calls or
-
-        // Python import abuse
-        $python_import_abuse or
-
-        // Bash shell execution
-        $bash_shell_exec or
-
-        // Obfuscated execution
-        $obfuscated_execution or
-
-        // Shell injection
-        $shell_injection or
-
-        // Unsafe deserialization
-        $unsafe_deserialize
-}

skillanalyzer/data/yara_rules/command_injection.yara

@@ -1,54 +0,0 @@
-//////////////////////////////////////////
-// Shell/System Command Injection Detection Rule
-// Target: Command injection patterns for Claude Skills (Python/Bash)
-// (Shell operators, dangerous commands, network tools + reverse shells)
-/////////////////////////////////////////
-
-rule command_injection{
-
-    meta:
-        author = "Cisco"
-        description = "Detects command injection patterns in Claude Skills: shell operators, system commands, and network tools"
-        classification = "harmful"
-        threat_type = "INJECTION ATTACK"
-
-    strings:
-
-        // Dangerous system commands
-        $dangerous_system_cmds = /\b(shutdown|reboot|halt|poweroff)\s+(-[fh]|now|0)\b/
-
-        // Network tools with suspicious usage (reverse connections, port scanning)
-        $malicious_network_tools = /\b(nc|netcat)\s+(-[le]|25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/i
-
-        // Reconnaissance tools
-        $reconnaissance_tools = /\b(nmap)\s+(-[sS]|--script|25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/i
-
-        // Data exfiltration with curl/wget to external URLs
-        $data_exfiltration_tools = /\b(wget|curl)\s+(http[s]?:\/\/[^\s]+|ftp:\/\/[^\s]+|-[oO]\s|--output\s)/i
-
-        // Reverse shell patterns (high severity)
-        $reverse_shells = /\b(bash\s+-i|sh\s+-i|nc\s+-e|\/dev\/tcp\/[0-9]+\.|socat.*exec|python.*socket.*connect)\b/i
-
-        // Shell command chaining with suspicious patterns
-        $shell_chaining = /[|&;]\s*(rm\s+-rf|dd\s+if=|chmod\s+777|wget\s+http|curl\s+http)/
-
-    condition:
-
-        // Dangerous system command patterns
-        $dangerous_system_cmds or
-
-        // Network tool abuse patterns
-        $malicious_network_tools or
-
-        // Reconnaissance tools
-        $reconnaissance_tools or
-
-        // Data exfiltration tools
-        $data_exfiltration_tools or
-
-        // Reverse shell patterns
-        $reverse_shells or
-
-        // Shell command chaining
-        $shell_chaining
-}