openhack 0.1.0__py3-none-any.whl

openhack/updates.py

@@ -0,0 +1,170 @@
+"""
+Startup update check + announcements fetcher.
+
+Calls GET /updates on the inference worker. Never blocks the TUI or
+raises to the user on failure — network errors are silently swallowed.
+"""
+
+import json
+import logging
+import os
+import time
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+import httpx
+
+from openhack import __version__
+from openhack.config import CONFIG_DIR
+
+logger = logging.getLogger(__name__)
+
+_DISMISSED_FILE = CONFIG_DIR / "dismissed_announcements.json"
+_LAST_CHECK_FILE = CONFIG_DIR / ".last_update_check"
+_RECHECK_INTERVAL = 3600  # 1 hour
+
+
+@dataclass
+class LatestRelease:
+    version: str
+    published_at: str = ""
+    download_url: str = ""
+    release_notes: str = ""
+
+
+@dataclass
+class Announcement:
+    id: str
+    level: str  # "info" | "warning" | "critical"
+    title: str
+    body: str = ""
+    placement: list[str] = field(default_factory=list)
+    published_at: str = ""
+    expires_at: Optional[str] = None
+
+
+@dataclass
+class UpdateInfo:
+    latest: Optional[LatestRelease] = None
+    announcements: list[Announcement] = field(default_factory=list)
+    has_update: bool = False
+
+
+def _get_updates_url() -> str:
+    if os.environ.get("OPENHACK_DEV", "0") == "1":
+        return "http://localhost:8787/updates"
+    return "https://api.openhack.com/updates"
+
+
+def _semver_gt(a: str, b: str) -> bool:
+    """Return True if version `a` is strictly greater than `b` (semver major.minor.patch)."""
+    def _parse(v: str) -> tuple[int, ...]:
+        v = v.lstrip("v")
+        parts = v.split("-")[0].split("+")[0]  # strip pre-release/build
+        return tuple(int(x) for x in parts.split(".") if x.isdigit())
+    try:
+        return _parse(a) > _parse(b)
+    except (ValueError, TypeError):
+        return False
+
+
+def _is_expired(expires_at: Optional[str]) -> bool:
+    if not expires_at:
+        return False
+    try:
+        exp = datetime.fromisoformat(expires_at.replace("Z", "+00:00"))
+        return datetime.now(timezone.utc) > exp
+    except (ValueError, TypeError):
+        return False
+
+
+def _load_dismissed() -> set[str]:
+    try:
+        data = json.loads(_DISMISSED_FILE.read_text())
+        return set(data) if isinstance(data, list) else set()
+    except Exception:
+        return set()
+
+
+def save_dismissed(ann_id: str) -> None:
+    """Persist an announcement ID as dismissed so it won't re-appear."""
+    dismissed = _load_dismissed()
+    dismissed.add(ann_id)
+    try:
+        CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+        _DISMISSED_FILE.write_text(json.dumps(sorted(dismissed)))
+    except Exception:
+        pass
+
+
+def _should_check() -> bool:
+    """Don't re-check if we already checked within this hour."""
+    try:
+        ts = float(_LAST_CHECK_FILE.read_text().strip())
+        return (time.time() - ts) > _RECHECK_INTERVAL
+    except Exception:
+        return True
+
+
+def _mark_checked() -> None:
+    try:
+        CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+        _LAST_CHECK_FILE.write_text(str(time.time()))
+    except Exception:
+        pass
+
+
+async def fetch_updates(force: bool = False) -> Optional[UpdateInfo]:
+    """Fetch update info from /updates. Returns None on any failure."""
+    if not force and not _should_check():
+        return None
+
+    url = _get_updates_url()
+    try:
+        async with httpx.AsyncClient(timeout=5.0) as client:
+            resp = await client.get(url, params={"current": __version__})
+            if resp.status_code != 200:
+                return None
+            data = resp.json()
+    except Exception:
+        return None
+
+    _mark_checked()
+
+    info = UpdateInfo()
+
+    # Parse latest release
+    latest_raw = data.get("latest")
+    if latest_raw and isinstance(latest_raw, dict):
+        info.latest = LatestRelease(
+            version=latest_raw.get("version", ""),
+            published_at=latest_raw.get("publishedAt", ""),
+            download_url=latest_raw.get("downloadUrl", ""),
+            release_notes=latest_raw.get("releaseNotes", ""),
+        )
+        if info.latest.version and _semver_gt(info.latest.version, __version__):
+            info.has_update = True
+
+    # Parse announcements
+    dismissed = _load_dismissed()
+    for ann_raw in data.get("announcements") or []:
+        if not isinstance(ann_raw, dict):
+            continue
+        ann_id = ann_raw.get("id", "")
+        if ann_id in dismissed:
+            continue
+        if _is_expired(ann_raw.get("expiresAt")):
+            continue
+        info.announcements.append(Announcement(
+            id=ann_id,
+            level=ann_raw.get("level", "info"),
+            title=ann_raw.get("title", ""),
+            body=ann_raw.get("body", ""),
+            placement=ann_raw.get("placement") or [],
+            published_at=ann_raw.get("publishedAt", ""),
+            expires_at=ann_raw.get("expiresAt"),
+        ))
+
+    return info

openhack-0.1.0.dist-info/METADATA

@@ -0,0 +1,189 @@
+Metadata-Version: 2.4
+Name: openhack
+Version: 0.1.0
+Summary: AI-powered security scanner for your codebase. Find SQL injection, XSS, IDOR, auth bypass, and more — straight from your terminal.
+Project-URL: Homepage, https://openhack.com
+Project-URL: Documentation, https://github.com/openhackai/openhack
+Project-URL: Repository, https://github.com/openhackai/openhack
+Project-URL: Issues, https://github.com/openhackai/openhack/issues
+Author: OpenHack
+License-Expression: AGPL-3.0-only
+License-File: LICENSE
+Keywords: ai-security,appsec,code-review,llm,sast,security,static-analysis,vulnerability-scanner
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: Operating System :: MacOS
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Bug Tracking
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.11
+Requires-Dist: aiohttp>=3.9.0
+Requires-Dist: httpx>=0.25.0
+Requires-Dist: openai>=1.0.0
+Requires-Dist: prompt-toolkit>=3.0.0
+Requires-Dist: pydantic-settings>=2.6.0
+Requires-Dist: pydantic>=2.10.0
+Requires-Dist: pygments>=2.19.0
+Requires-Dist: rich>=13.0.0
+Requires-Dist: tree-sitter-javascript>=0.25.0
+Requires-Dist: tree-sitter-python>=0.25.0
+Requires-Dist: tree-sitter-typescript>=0.23.2
+Requires-Dist: tree-sitter>=0.25.2
+Provides-Extra: browser
+Requires-Dist: playwright>=1.40.0; extra == 'browser'
+Description-Content-Type: text/markdown
+
+# ⏚ [OpenHack](https://openhack.com)
+
+**Open Source Agentic Security Scanner for your codebase.**
+
+Like Claude Code Security / Codex Security but open source. OpenHack does recon -> hunting -> validation -> verification all in one pipeline to find high quality verified vulnerabilities. OpenHack exclusively uses open source models and specializes in web app vulnerabilities.
+
+## Install
+
+```bash
+pipx install openhack
+```
+
+Or with pip:
+
+```bash
+pip install openhack
+```
+
+## Quick start
+
+```bash
+openhack
+```
+
+On first run you'll go through a one-time setup:
+
+1. Pick **Login with OpenHack account** (recommended) — opens a browser, you log in, get **$20 in free credits**, and the CLI gets a token automatically.
+2. Type `/scan .` to scan the current directory, or `/scan path/to/repo` for somewhere else.
+3. While scanning, the **Trace tab** shows live agent activity (recon → hunters → validators). When the scan finishes, the **Findings tab** shows everything that was found.
+
+## What it does
+
+OpenHack runs a multi-agent pipeline against your codebase:
+
+- **Recon** — reads the code, builds a project model
+- **Hunters** — multiple specialized agents look for different vulnerability classes (input validation, access control, data handling, …)
+- **Feature hunters** — deeper passes on specific risk categories (XSS rendering, raw SQL, command exec, etc.)
+- **Validators** — re-read the suspect code to confirm or reject each candidate finding
+- **Sandbox verification** (`/verify sandbox`) *(Beta — requires Docker)* — spins up your app in a Docker container and attempts to exploit each finding with live HTTP requests. Findings that are successfully exploited get a ✓ mark.
+- **Browser verification** (`/verify browser`) *(Beta — requires Docker when combined with sandbox)* — launches a headless browser against the sandboxed app to verify client-side vulnerabilities (XSS, CSRF, DOM-based issues) with real browser execution.
+
+> **Docker prerequisite.** Sandbox verification requires Docker Desktop (or any working Docker daemon) installed and running on the machine where the scan runs. Browser verification inherits this when used with sandbox. If Docker isn't running, `/verify sandbox` will fail with a clear error before the scan starts.
+
+For every confirmed finding you get: severity, CVSS score, file location, full description, the vulnerable code snippet, and a recommended fix — all rendered with syntax highlighting in the TUI.
+
+## Slash commands
+
+
+| Command                    | Description                                                                                        |
+| -------------------------- | -------------------------------------------------------------------------------------------------- |
+| `/scan <path>`             | Full scan on a directory (defaults to current dir)                                                 |
+| `/pause` · `/resume`       | Pause and resume a running scan (Ctrl+C also pauses)                                               |
+| `/cancel`                  | Permanently cancel a running scan                                                                  |
+| `/sessions`                | Browse and re-load past scans (also supports re-running an aborted scan with `r`)                  |
+| `/findings`                | Re-display findings from last scan                                                                 |
+| `/copy`                    | Copy the selected finding (description + vulnerable code + fix) for Codex / Claude Code / OpenCode |
+| `/verify sandbox` *(Beta)* | Spin up a Docker sandbox and exploit-test each finding with live requests                          |
+| `/verify browser` *(Beta)* | Launch a headless browser to verify client-side vulns (XSS, CSRF, etc.)                            |
+| `/login`                   | Re-login to your OpenHack account                                                                  |
+| `/setup`                   | Run the setup wizard again                                                                         |
+| `/config`                  | Show current config; `/config <key> <value>` to set                                                |
+| `/sidebar`                 | Show/hide the Findings list sidebar (`Ctrl+B`)                                                     |
+| `/cost`                    | Cost breakdown for the last scan                                                                   |
+| `/clear`                   | Clear scan state and return to landing                                                             |
+| `/discord`                 | Open the OpenHack Discord                                                                          |
+| `/mouse`                   | Toggle mouse capture (off = native text selection)                                                 |
+| `/help`                    | List commands                                                                                      |
+| `/quit`                    | Exit                                                                                               |
+
+
+## Keyboard shortcuts (Findings tab)
+
+- `↑` / `↓` — switch finding
+- `[` · `]` — alternate prev / next
+- Mouse wheel or `PgUp` / `PgDn` — scroll the details pane
+- `y` — yank (copy) selected finding for an AI agent
+- `<` · `>` — resize the sidebar
+- `Ctrl+B` — toggle sidebar
+
+## Keyboard shortcuts (Trace tab)
+
+- `↑` / `↓` — switch agent in the sidebar tree
+- `[` · `]` — alternate prev / next agent
+- Mouse wheel or `PgUp` / `PgDn` — scroll the trace
+- `Home` — jump to "All" (full trace)
+- `End` — resume auto-follow-to-bottom
+
+## Selecting text
+
+The TUI captures mouse events by default (for scrolling and clicking). To select and copy text natively:
+
+- **macOS**: Hold `Option` (⌥) and drag to select, then `Cmd+C` to copy.
+- **Linux / Windows**: Hold `Shift` and drag to select.
+- **Or**: Run `/mouse` to disable mouse capture entirely — the terminal's native selection works normally until you toggle it back on.
+
+## CLI commands (headless)
+
+For CI, scripts, or one-off scans where you don't want the TUI:
+
+```bash
+openhack scan /path/to/repo
+```
+
+OpenHack runs the same pipeline as the TUI, prints progress to stdout, writes a JSON report to `~/.openhack/scans/<session-id>.json`, and exits.
+
+
+| Command                    | Description                                              |
+| -------------------------- | -------------------------------------------------------- |
+| `openhack`                 | Launch interactive TUI                                   |
+| `openhack scan [path]`     | Full scan, headless (defaults to `.`)                    |
+| `openhack sessions`        | List all saved scans                                     |
+| `openhack resume <id>`     | Resume a scan from its last checkpoint                   |
+| `openhack classify [path]` | Classify frameworks + detect entry points (no LLM calls) |
+| `openhack login`           | Log in to your OpenHack account                          |
+| `openhack setup`           | Run the setup wizard                                     |
+| `openhack --help`          | Show usage                                               |
+
+
+Scans are checkpointed after each pipeline stage. If a scan is interrupted or fails, resume it:
+
+```bash
+openhack resume <session-id>
+```
+
+## Configuration
+
+Configuration is stored in `~/.openhack/config` (mode `0600` since it contains a bearer token) and persists across sessions.
+
+You can override at runtime via environment variables:
+
+
+| Variable           | Effect                                                                                           |
+| ------------------ | ------------------------------------------------------------------------------------------------ |
+| `OPENHACK_API_KEY` | Bearer token for the OpenHack inference API                                                      |
+| `OPENHACK_DEV=1`   | Point the CLI at local dev servers (app on `:9080`, inference on `:8787`) for self-hosted setups |
+
+
+## Privacy
+
+OpenHack reads and processes your source code **locally** — prompts are built on your machine. Only LLM tokens (not raw source files) are forwarded to the OpenHack inference API. No source code is uploaded or retained.
+
+## Contributing
+
+OpenHack is open source. Issues and PRs welcome on [GitHub](https://github.com/openhackai/openhack).
+
+## License
+
+AGPL-3.0 — see [LICENSE](LICENSE). Free for personal, educational, and open-source use. For commercial licensing without AGPL obligations, contact [team@openhack.com](mailto:team@openhack.com).

openhack-0.1.0.dist-info/RECORD

@@ -0,0 +1,113 @@
+openhack/__init__.py,sha256=9XWDrE_f_hDez7_120gBGOmVxjQTnJ8iuhmhpkzYJqY,89
+openhack/__main__.py,sha256=9TnnjjxU3hi3COw4qe37d-VugxNCyJj2IYZgpeexsGo,6758
+openhack/auth.py,sha256=BHC-21Fi45NKXtb2wpZEcKbcvR8NKncjYoVWLhVyqDI,5941
+openhack/categories.py,sha256=8j9aXdTY0ekByZZ0_QpR5gbzZOc-6zMqV6w7zRTbp4k,5291
+openhack/config.py,sha256=xLejsgw6B5wM_lZvoMAhkpC4wyWILZbscD2mrpoZriw,6539
+openhack/deterministic_recon.py,sha256=gtZUFnJikpO8T_PpuDe_5ZowttvYZQgJ4X-J3x4rl8A,18867
+openhack/entry_points.py,sha256=j8pyEbRnoYr9uhiq10Tl0Lsipis6lh51FRH_kssJGyw,29625
+openhack/framework_classifier.py,sha256=TB7ogAh3HYf3-YiIAZcTgN0Tke8kgQshi-BYDkWcyQ0,16829
+openhack/framework_detection.py,sha256=_Q_sS-7WYrTSUIzItm61JXbrgBlHR0waRoyVpT9hdKo,9110
+openhack/headless_scan.py,sha256=3HI7agE-E9DzvVZ78HWDGX3EXQdtgqO2w8-_-jyiiWg,5955
+openhack/quality.py,sha256=NF0qSqAb41-Npq9lf0kVYs8GXW8tQDvuuySATMId5y0,7512
+openhack/scan_session.py,sha256=DhST3BBB7ombHqcxguOWq7_5aOoKmuI0frNq_-FrUSw,9759
+openhack/setup.py,sha256=EaKEodlfQViuz6cw5K_JpWKtwTrw269b1ffWLSb6SIM,15844
+openhack/static_validator.py,sha256=ZiICE4CoTj1beRTheMcavF9UAT8fcRC0iYksuEqp8zU,24723
+openhack/tui.py,sha256=kWcXByLdrBkUSwpOhgVzwMPt6iJkGnFd5fa9xmynV2w,144968
+openhack/updates.py,sha256=m6xIyGSeYUtalxr4oVOdjpvTc0szXKsr560Gv-i_Uoo,4918
+openhack/agents/__init__.py,sha256=nxt3eCGM4Pw-DZy7_2dbOh7AUc0xJXh15X-iT98pmGY,742
+openhack/agents/base.py,sha256=uNlJmV8PxPYP0l3xOz2wJID-u_d9XY1hQkyq3YNRsHI,9600
+openhack/agents/browser_verifier.py,sha256=NU9AFFNRLViSAvfpiO_6LR59oLdppQhTQ6w8GUSjE78,27355
+openhack/agents/browser_verifier_swarm.py,sha256=LSzuSaF1WW-s072mFU8otbmBzjEnYwajWR_efdqqlRA,11247
+openhack/agents/checkpoint.py,sha256=tpcfDK2WuD54eAX-yOXLkEG4KkDjlxXeX2_Liv9hwCU,3466
+openhack/agents/context_manager.py,sha256=UsC2dfqj8Urj_o3BThBPRUXdplsoEHYqbUaWpY-whO4,14669
+openhack/agents/coordinator.py,sha256=IZEpmHU0VSWAmLhQ1A3-YBUPBNPqxlV-sFq4ffCUzrc,55761
+openhack/agents/endpoint_analyst.py,sha256=QniEiy92IpRUpwGY7bThOnWcOXa7jlvrAhXnS3siHY0,10745
+openhack/agents/feature_hunter.py,sha256=etp7_LN6Dp8qgX0TRoMY_vIp5w3pe9HxcqsNTjf2XMM,3399
+openhack/agents/hunter.py,sha256=9uOwqhK5UTnEPTW6eDzs9ZebIfqqIKAAPV5JgFpmGFY,21545
+openhack/agents/hunter_swarm.py,sha256=g0hSu5dJouM5iutHbA7JLrvONFlSJ5TnuCCscgxoXGg,17088
+openhack/agents/llm.py,sha256=vyObGgbEwZF6mljV9h4RzyVVjtIm9uBWEagvInv8oBI,12424
+openhack/agents/recon.py,sha256=KvZZhSq3XNmzeM0nwxTDA8HlC7XbuCYnCPZcj8MrTC8,657
+openhack/agents/sandbox_verifier.py,sha256=llPTD8YyJWXszgcd9ucd9-IpRBzmKlyZZxj8D2IDPQ4,15054
+openhack/agents/sandbox_verifier_swarm.py,sha256=2kFlUxPV3wk5DMB8TUYekKQFdh8h11ThY40fJ6HSLg8,10994
+openhack/agents/session.py,sha256=Oawl3ZVm9ZpVZfrGuJmqGef9fNiqjFjzlX8tclxruHM,10552
+openhack/agents/validator.py,sha256=PwWLGe4dJYtx8dfbPQwL3DDZI4C0a6slRSBjZLqnMB8,8487
+openhack/agents/validator_swarm.py,sha256=3hyFqftXDPRplF0P6aRYpDx8OwR0_M9fKaPe2Mi6sxk,4485
+openhack/browser/__init__.py,sha256=X7B_4QGBCatIykwfRJnoETatfvDNrCZ1vVOYnN7bTQM,391
+openhack/browser/runner.py,sha256=opspL8qBpsl_drNdkVmXVH-YiG9iOa6od-6VEb_ynT4,13820
+openhack/prompts/__init__.py,sha256=5zILgAcRLau2sOdfiQQ6LFkGxNPxUL257B6y-XxidF4,3726
+openhack/prompts/browser_verifier.py,sha256=vv_zxzJJpLJ4vzYeu-IjDYBuqhPUjJYYQNaSfxI0siQ,8366
+openhack/prompts/coordinator.py,sha256=2tXBXoYXi8GoOOScD8LR4H-jyBz2Q7BBKgQgEMnJ9gs,1067
+openhack/prompts/endpoint_analyst.py,sha256=4EKFDckaw3l8RxvLMBo0WFnE0Y2E7JaXFTM8u4Ki3Ig,6141
+openhack/prompts/feature_hunter.py,sha256=WiBOfdKmdBIJd-qqm06dSUIYpVAYx09Bu8bWML9yGzs,7852
+openhack/prompts/hunter.py,sha256=JgzahwK1Yb3D0zfENKAilnOh9RgQH1RS-PF-nWl-1u0,26015
+openhack/prompts/hunter_continuation_loop.py,sha256=f8zXIYd_F0-NYxKDIXwxoVDl8E0N-hSxfm5wMxsCCoc,502
+openhack/prompts/hunter_continuation_no_findings.py,sha256=NE_zYkcEF7z9MKYPP4t5HBgYjvuGCpfzJAk9TDjr8L0,1126
+openhack/prompts/hunter_continuation_no_progress.py,sha256=5OFKMgE_XnnDoxWShZAWJTAL4DpJdW1FplxtBKgIrhk,1325
+openhack/prompts/hunter_tool_instructions.py,sha256=2iRhwLIUymmeZIPNNI-F0EsYBf41y_2rv-ya9i0sO9g,1791
+openhack/prompts/pr_analysis_system.py,sha256=4xEc_okSgK8pw5O_w0rWLGVVcLp17jMUaTB9dy_Lzcc,4851
+openhack/prompts/pr_analysis_user.py,sha256=VbCYO1aLLS9y2FL8N45LFCM432mMV3-kf9VCa0lnyDo,241
+openhack/prompts/project_context.py,sha256=1N_-_0pwnrdvkLAyPOnARsUB10D54nosewM1Gh1IxPc,3203
+openhack/prompts/recon.py,sha256=W4iqgBefhwJuCIfAWY_THWVs0UVbd1MO-pRmiFQbfkE,9605
+openhack/prompts/reporter.py,sha256=3ZgYPq509f4beXBHV-Q_KkgWWZAGWuK_Nm3wK9GkPk4,1527
+openhack/prompts/researchers.py,sha256=vjwX7txBjNu6BlGXKRiGsPauoVpVBKeVLBRwsFXo6fQ,28137
+openhack/prompts/sandbox_verifier.py,sha256=LBQ18zGXSYztCUezbZUmHkskhPhmDwW-zavglCijTkc,5566
+openhack/prompts/validator.py,sha256=zOfGza8uPAztHrRxduwHM_14x7diFmxZiW8aAH2MXKM,20227
+openhack/prompts/validator_continuation_incomplete.py,sha256=HdWEHtZSg25ZLWrTPm_DR1JY3mTNTRl46p4PJkmLvW4,545
+openhack/prompts/validator_tool_instructions.py,sha256=wS2JOf7_3Ii9EWJ-5Qu33ao3H3Se6I9ZRVLaYNHiw2g,1059
+openhack/prompts/django/__init__.py,sha256=raxFuUWLb5i_v0acAkWVWVnOz5wU0cJ_yOcEImctzDU,964
+openhack/prompts/django/auth_bypass.py,sha256=jNk_TCuWNT63f11VF_7OyDQ82BaDJScrmJZrNvQZ42Y,2382
+openhack/prompts/django/csrf.py,sha256=tc2zefCijE-UVAS9UZiGPN4ewcVnesV10Vvg_Qn-HUc,1866
+openhack/prompts/django/data_exposure.py,sha256=wKw2sQDxoqcRuEZD319aw1_VvIvL8ja57hcxSlOhXYU,2101
+openhack/prompts/django/idor.py,sha256=Sa8aW4asrIPHyEOpJHW_nlkTMbTR1lfm77R-dZ2WqzQ,2393
+openhack/prompts/django/injection.py,sha256=5Pz1_rU0Vz4OtQuS7KMOoxQ3Kw-O5Btn6aOwtxAUCKQ,2007
+openhack/prompts/django/misconfiguration.py,sha256=wpfsD05DlSdwPnbInznFNxgfbvEQw7-XKGe9Khbu5q8,1965
+openhack/prompts/django/ssrf.py,sha256=kQkmQk5jJsH5bKazp5opqG_jZNYHMRrpzxB_IIxIr2g,1914
+openhack/prompts/express/__init__.py,sha256=O5OoyjBo02tmpJtMFTNqfq-RqjVCQW4_liiA7AQ7PSk,893
+openhack/prompts/express/auth_bypass.py,sha256=KEVvvXhUbwjM6BBzV8BBePgYIswitHX9gEOHkRVquzY,2120
+openhack/prompts/express/data_exposure.py,sha256=Yy0hc0LUcQGCl3p-GgUwlTS75hA4tqVdBlMdWdmGpj4,2321
+openhack/prompts/express/idor.py,sha256=fcokHAcVEUhs1eu4X92PfRkMUBG2D_80CgRQax0s7mA,2106
+openhack/prompts/express/injection.py,sha256=FKrWVMQUb-StswRoZoXMnqatIS1izuDSLc-jFcerytg,2299
+openhack/prompts/express/misconfiguration.py,sha256=eYMDaWY5cUDNYbpFk7BTDo7-m3ok_Dr8HVnMbJ9jkeI,2155
+openhack/prompts/express/ssrf.py,sha256=OBlbDGWtRfCvm5hkpMN6PcMir_cGPZUCTHXsY7tNNAc,1992
+openhack/prompts/flask/__init__.py,sha256=h7pWUZ1HUKDpdpAEmfSbgQ1ZJlfWBET8GJG-j6bWAC0,848
+openhack/prompts/flask/auth_bypass.py,sha256=Xgg6db8sN-Z0tUNFyeWKTPHjybmAKngtLrCLMxcnCog,2390
+openhack/prompts/flask/data_exposure.py,sha256=EbVbRO2Ye1w1HNGGoThoEkn71RqvRQtqiFFTX8xaekU,2325
+openhack/prompts/flask/idor.py,sha256=Xgs2FKs3eNxCVHO8xN-dDJDsAnjxjfCpduYcrXmNKMg,2574
+openhack/prompts/flask/injection.py,sha256=c2VsWiiDT963u9s-WvZOpigEPQq5JJGJ5LbGPw8e4XA,2323
+openhack/prompts/flask/misconfiguration.py,sha256=CWMglLuilfg4PErr34WqNOMi9l7cC7XI5b7zSA1ZWyA,2207
+openhack/prompts/flask/ssrf.py,sha256=h8f_nsJN6hDKTXA7TVqPkvOWfBKMEAgmLeCc_2czHKM,1894
+openhack/prompts/nextjs/__init__.py,sha256=8avE5rNmLpnl4kOJ78AVwlezQvFMDBM0bUrWbxXDyGI,1430
+openhack/prompts/nextjs/auth_bypass.py,sha256=xkdoBqgeEjmXWG6kT7srTFxI6jwP12U8o4sFJCQBdig,1997
+openhack/prompts/nextjs/csrf.py,sha256=y-66G7_tk3hdlBi0_jEx8ptkD60mtVR3kkq1Vdh-9Cw,2110
+openhack/prompts/nextjs/data_exposure.py,sha256=Fe6tsDxq_VCYsxxaOg0k7BLkoUdkp73UxciS36lSWIE,2125
+openhack/prompts/nextjs/idor.py,sha256=p724eOB8An8LMqcs-GjAtAYkQkUG_zH2V82PqD7wcEA,1938
+openhack/prompts/nextjs/injection.py,sha256=4tEruIYwewewjOgxMuX0LHhREzV3zldXSvXgZd1FgjM,1888
+openhack/prompts/nextjs/middleware_bypass.py,sha256=eBNpBOucP7BZ1nWyF0zsf1u_ojOhKlxMB4tUzn_tvsQ,1808
+openhack/prompts/nextjs/misconfiguration.py,sha256=pN8HxYzk5Tzs272x_-rS34TIZpy9KBFDzXPhuanu824,2132
+openhack/prompts/nextjs/server_actions.py,sha256=tnXxv6CFdPdpfJXyAlrDFluhE0hFMlYOj3FoTakwezo,2317
+openhack/prompts/nextjs/ssrf.py,sha256=k74-EiJCS41cIUpgiLerpFBsmzxKR5us5-qCRon5Vek,1839
+openhack/prompts/nextjs/xss.py,sha256=CpufRzgN2O-06pFndgRY7bDSo4Rtje60_iF9xqZc6ZU,1953
+openhack/prompts/supabase/__init__.py,sha256=zB4GN5VxH93_sd3AT-tgb8LsvShnBLmXSQW42pAbcCI,1404
+openhack/prompts/supabase/auth_tokens.py,sha256=Ki70mhantnTd21ceZ2Xca658GKc6XYRESdeMi-oVt2I,5720
+openhack/prompts/supabase/edge_functions.py,sha256=suLWadQeXRyL-1BBI9cwGL8NUYFU6r_UHzwVPPnPVwg,5526
+openhack/prompts/supabase/graphql.py,sha256=gEKauXouuNo7pz4rlxu5mXWA_1VZE9qgE4pZ_jdcD-g,3473
+openhack/prompts/supabase/postgrest.py,sha256=ngob-RKt_voSiBa3b-BObC9ri-iQgP5cuncmSbfqlIk,4164
+openhack/prompts/supabase/realtime.py,sha256=4raTILryluvvRuLLfVJrkm4rxbbEImLQ5lmGQkyVHoM,3634
+openhack/prompts/supabase/rls.py,sha256=xTYqcjqKTCV4WpOTO8QyGcdv-Jtg258i61XEpsRAdas,4754
+openhack/prompts/supabase/rpc_functions.py,sha256=A9UMBd8fw9tZlo4n6TRrb9cea4Ji3DV0vFqGyyZO9NM,4262
+openhack/prompts/supabase/storage.py,sha256=wwjhTdbgR-KS6wqC3hydzuA91VBS6hdcVTE2rCj4HmU,4586
+openhack/prompts/supabase/tenant_isolation.py,sha256=UAwdw-9jWU48IDQ2pwrniNL6p9Y-8gEChz4VhvUp-0Y,4561
+openhack/sandbox/__init__.py,sha256=9zG2LlE-B16NcSD8aDeOqmwANKfpm8ILqg4ZMDQT7fk,325
+openhack/sandbox/orchestrator.py,sha256=khHYkOfRUo1ZpXeuBCjIsBkY86Ikxnp6Q7VaFg8RKKQ,19297
+openhack/sandbox/runner.py,sha256=-gkBi9qNW8HgU4aNOBBJYFgtMW_6Pf7yPztCikv52OA,5921
+openhack/tools/__init__.py,sha256=jRUmIPA2pVJjI0ZlPFOotF9Jb6qzdbxIfokmHMxoEBM,22
+openhack/tools/ast_tools.py,sha256=zEXZpA0VFJw_5QNTpEMstkjR6s1PHOu6A-vLBJXAcZw,12655
+openhack/tools/coverage.py,sha256=97AC7Oo3GV1YMQ3Cm9-4g0nHuV-mI_fECMp4M648qHs,43419
+openhack/tools/filesystem.py,sha256=Yj8Tc_90yiGm4I217Ck5klv7kAzzhJ-RlhtbXXBkODA,16410
+openhack/tools/nextjs.py,sha256=_bYfLbAatuQe2Ae3K_CJN3Dk-h8WDYWReexBpvPsI4A,10368
+openhack/tools/registry.py,sha256=48lIpGeKf-W1C81UwrcY7Pb9RFJi6HBu7vS0753t51c,1790
+openhack-0.1.0.dist-info/METADATA,sha256=pqK5ASkNCHXl1bTxaaZ2viskf86eBmvC08EmKZHZrYY,10413
+openhack-0.1.0.dist-info/WHEEL,sha256=mffPy8wBnZQn2VnJUU5jE99KsxaSfiyMHV9Yt0aLVxs,87
+openhack-0.1.0.dist-info/entry_points.txt,sha256=89qyBLVygik6q5v0jcYfaUty36c8Ne1Ici9n48yvpcM,52
+openhack-0.1.0.dist-info/licenses/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+openhack-0.1.0.dist-info/RECORD,,

openhack-0.1.0.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.30.1
+Root-Is-Purelib: true
+Tag: py3-none-any

openhack-0.1.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+openhack = openhack.__main__:main