PyPI - raxe - Versions diffs - 0.4.6__py3-none-any.whl - Mend

raxe 0.4.6__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (668) hide show

raxe/__init__.py +101 -0
raxe/application/__init__.py +48 -0
raxe/application/ab_testing.py +170 -0
raxe/application/analytics/__init__.py +30 -0
raxe/application/analytics/achievement_service.py +444 -0
raxe/application/analytics/repositories.py +172 -0
raxe/application/analytics/retention_service.py +267 -0
raxe/application/analytics/statistics_service.py +419 -0
raxe/application/analytics/streak_service.py +283 -0
raxe/application/apply_policy.py +291 -0
raxe/application/eager_l2.py +503 -0
raxe/application/preloader.py +353 -0
raxe/application/scan_merger.py +321 -0
raxe/application/scan_pipeline.py +1059 -0
raxe/application/scan_pipeline_async.py +403 -0
raxe/application/session_tracker.py +458 -0
raxe/application/telemetry_manager.py +357 -0
raxe/application/telemetry_orchestrator.py +1210 -0
raxe/async_sdk/__init__.py +34 -0
raxe/async_sdk/cache.py +286 -0
raxe/async_sdk/client.py +556 -0
raxe/async_sdk/wrappers/__init__.py +23 -0
raxe/async_sdk/wrappers/openai.py +238 -0
raxe/cli/__init__.py +21 -0
raxe/cli/auth.py +1047 -0
raxe/cli/branding.py +235 -0
raxe/cli/config.py +334 -0
raxe/cli/custom_rules.py +458 -0
raxe/cli/doctor.py +686 -0
raxe/cli/error_handler.py +665 -0
raxe/cli/event.py +648 -0
raxe/cli/exit_codes.py +57 -0
raxe/cli/expiry_warning.py +302 -0
raxe/cli/export.py +183 -0
raxe/cli/history.py +247 -0
raxe/cli/l2_formatter.py +872 -0
raxe/cli/main.py +1137 -0
raxe/cli/models.py +590 -0
raxe/cli/output.py +403 -0
raxe/cli/privacy.py +84 -0
raxe/cli/profiler.py +262 -0
raxe/cli/progress.py +379 -0
raxe/cli/progress_context.py +101 -0
raxe/cli/repl.py +394 -0
raxe/cli/rules.py +542 -0
raxe/cli/setup_wizard.py +721 -0
raxe/cli/stats.py +292 -0
raxe/cli/suppress.py +501 -0
raxe/cli/telemetry.py +1384 -0
raxe/cli/test.py +130 -0
raxe/cli/tune.py +315 -0
raxe/cli/validate.py +218 -0
raxe/domain/__init__.py +30 -0
raxe/domain/analytics/__init__.py +97 -0
raxe/domain/analytics/achievements.py +306 -0
raxe/domain/analytics/models.py +120 -0
raxe/domain/analytics/retention.py +168 -0
raxe/domain/analytics/statistics.py +207 -0
raxe/domain/analytics/streaks.py +173 -0
raxe/domain/engine/__init__.py +15 -0
raxe/domain/engine/executor.py +396 -0
raxe/domain/engine/matcher.py +212 -0
raxe/domain/inline_suppression.py +176 -0
raxe/domain/ml/__init__.py +133 -0
raxe/domain/ml/embedding_cache.py +309 -0
raxe/domain/ml/gemma_detector.py +921 -0
raxe/domain/ml/gemma_models.py +346 -0
raxe/domain/ml/l2_config.py +428 -0
raxe/domain/ml/l2_output_schema.py +443 -0
raxe/domain/ml/manifest_loader.py +309 -0
raxe/domain/ml/manifest_schema.py +345 -0
raxe/domain/ml/model_metadata.py +263 -0
raxe/domain/ml/model_registry.py +786 -0
raxe/domain/ml/protocol.py +282 -0
raxe/domain/ml/scoring_models.py +419 -0
raxe/domain/ml/stub_detector.py +397 -0
raxe/domain/ml/threat_scorer.py +757 -0
raxe/domain/ml/tokenizer_registry.py +372 -0
raxe/domain/ml/voting/__init__.py +89 -0
raxe/domain/ml/voting/config.py +595 -0
raxe/domain/ml/voting/engine.py +465 -0
raxe/domain/ml/voting/head_voters.py +378 -0
raxe/domain/ml/voting/models.py +222 -0
raxe/domain/models.py +82 -0
raxe/domain/packs/__init__.py +17 -0
raxe/domain/packs/models.py +304 -0
raxe/domain/policies/__init__.py +20 -0
raxe/domain/policies/evaluator.py +212 -0
raxe/domain/policies/models.py +223 -0
raxe/domain/rules/__init__.py +32 -0
raxe/domain/rules/custom.py +286 -0
raxe/domain/rules/models.py +273 -0
raxe/domain/rules/schema.py +166 -0
raxe/domain/rules/validator.py +556 -0
raxe/domain/suppression.py +801 -0
raxe/domain/suppression_factory.py +174 -0
raxe/domain/telemetry/__init__.py +116 -0
raxe/domain/telemetry/backpressure.py +424 -0
raxe/domain/telemetry/event_creator.py +362 -0
raxe/domain/telemetry/events.py +1282 -0
raxe/domain/telemetry/priority.py +263 -0
raxe/domain/telemetry/scan_telemetry_builder.py +670 -0
raxe/infrastructure/__init__.py +25 -0
raxe/infrastructure/analytics/__init__.py +18 -0
raxe/infrastructure/analytics/aggregator.py +484 -0
raxe/infrastructure/analytics/aggregator_optimized.py +184 -0
raxe/infrastructure/analytics/engine.py +748 -0
raxe/infrastructure/analytics/repository.py +409 -0
raxe/infrastructure/analytics/streaks.py +467 -0
raxe/infrastructure/analytics/views.py +178 -0
raxe/infrastructure/cloud/__init__.py +9 -0
raxe/infrastructure/config/__init__.py +56 -0
raxe/infrastructure/config/endpoints.py +641 -0
raxe/infrastructure/config/scan_config.py +352 -0
raxe/infrastructure/config/yaml_config.py +459 -0
raxe/infrastructure/database/__init__.py +10 -0
raxe/infrastructure/database/connection.py +200 -0
raxe/infrastructure/database/models.py +325 -0
raxe/infrastructure/database/scan_history.py +764 -0
raxe/infrastructure/ml/__init__.py +0 -0
raxe/infrastructure/ml/download_progress.py +438 -0
raxe/infrastructure/ml/model_downloader.py +457 -0
raxe/infrastructure/models/__init__.py +16 -0
raxe/infrastructure/models/discovery.py +461 -0
raxe/infrastructure/packs/__init__.py +13 -0
raxe/infrastructure/packs/loader.py +407 -0
raxe/infrastructure/packs/registry.py +381 -0
raxe/infrastructure/policies/__init__.py +16 -0
raxe/infrastructure/policies/api_client.py +256 -0
raxe/infrastructure/policies/validator.py +227 -0
raxe/infrastructure/policies/yaml_loader.py +250 -0
raxe/infrastructure/rules/__init__.py +18 -0
raxe/infrastructure/rules/custom_loader.py +224 -0
raxe/infrastructure/rules/versioning.py +222 -0
raxe/infrastructure/rules/yaml_loader.py +286 -0
raxe/infrastructure/security/__init__.py +31 -0
raxe/infrastructure/security/auth.py +145 -0
raxe/infrastructure/security/policy_validator.py +124 -0
raxe/infrastructure/security/signatures.py +171 -0
raxe/infrastructure/suppression/__init__.py +36 -0
raxe/infrastructure/suppression/composite_repository.py +154 -0
raxe/infrastructure/suppression/sqlite_repository.py +231 -0
raxe/infrastructure/suppression/yaml_composite_repository.py +156 -0
raxe/infrastructure/suppression/yaml_repository.py +510 -0
raxe/infrastructure/telemetry/__init__.py +79 -0
raxe/infrastructure/telemetry/acquisition.py +179 -0
raxe/infrastructure/telemetry/config.py +254 -0
raxe/infrastructure/telemetry/credential_store.py +947 -0
raxe/infrastructure/telemetry/dual_queue.py +1123 -0
raxe/infrastructure/telemetry/flush_helper.py +343 -0
raxe/infrastructure/telemetry/flush_scheduler.py +776 -0
raxe/infrastructure/telemetry/health_client.py +394 -0
raxe/infrastructure/telemetry/hook.py +347 -0
raxe/infrastructure/telemetry/queue.py +520 -0
raxe/infrastructure/telemetry/sender.py +476 -0
raxe/infrastructure/tracking/__init__.py +13 -0
raxe/infrastructure/tracking/usage.py +389 -0
raxe/integrations/__init__.py +55 -0
raxe/integrations/availability.py +143 -0
raxe/integrations/registry.py +122 -0
raxe/integrations/utils.py +135 -0
raxe/mcp/__init__.py +62 -0
raxe/mcp/cli.py +97 -0
raxe/mcp/server.py +409 -0
raxe/monitoring/__init__.py +51 -0
raxe/monitoring/metrics.py +372 -0
raxe/monitoring/profiler.py +388 -0
raxe/monitoring/server.py +136 -0
raxe/packs/core/v1.0.0/pack.yaml +1394 -0
raxe/packs/core/v1.0.0/rules/PI/pi-001@1.0.0.yaml +49 -0
raxe/packs/core/v1.0.0/rules/PI/pi-006@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/PI/pi-014@1.0.0.yaml +54 -0
raxe/packs/core/v1.0.0/rules/PI/pi-017@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/PI/pi-022@1.0.0.yaml +67 -0
raxe/packs/core/v1.0.0/rules/PI/pi-023@1.0.0.yaml +91 -0
raxe/packs/core/v1.0.0/rules/PI/pi-024@1.0.0.yaml +80 -0
raxe/packs/core/v1.0.0/rules/PI/pi-025@1.0.0.yaml +81 -0
raxe/packs/core/v1.0.0/rules/PI/pi-026@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-027@1.0.0.yaml +77 -0
raxe/packs/core/v1.0.0/rules/PI/pi-028@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/PI/pi-029@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/PI/pi-030@1.0.0.yaml +55 -0
raxe/packs/core/v1.0.0/rules/PI/pi-033@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-034@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-035@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-046@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-047@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-048@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-049@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-050@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-068@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-078@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-2001@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/PI/pi-2004@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/PI/pi-201@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/PI/pi-202@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/PI/pi-203@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3007@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3016@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3026@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3027@1.0.0.yaml +64 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3028@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3029@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3030@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3031@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3032@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3033@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/PI/pi-3034@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/PI/pi-79@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-80@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-81@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-82@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-83@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-84@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-85@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-86@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-87@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-88@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-89@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-90@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-91@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-92@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-93@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-94@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-95@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-96@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-97@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/PI/pi-98@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-001@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-007@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-015@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-016@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-017@1.0.0.yaml +57 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-021@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-022@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-023@1.0.0.yaml +78 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-024@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-025@1.0.0.yaml +93 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-026@1.0.0.yaml +81 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-027@1.0.0.yaml +82 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-028@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-033@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-036@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-037@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-052@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-054@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-056@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-065@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-075@1.0.0.yaml +45 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-079@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-1080@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-1090@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-1104@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-1105@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-1112@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-201@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-202@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-203@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-204@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-205@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-206@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-207@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-208@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-209@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-210@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-211@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-212@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-213@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-214@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-215@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-216@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-217@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-218@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-219@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-220@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-221@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-222@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-223@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-224@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-225@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-226@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-227@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-228@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-229@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-230@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-231@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-232@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-233@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-234@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-235@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-236@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-237@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/cmd/cmd-238@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-001@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/enc/enc-013@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/enc/enc-019@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/enc/enc-020@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/enc/enc-024@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/enc/enc-029@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/enc/enc-038@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/enc/enc-044@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/enc/enc-067@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/enc/enc-069@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/enc/enc-100@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-101@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-102@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-103@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-104@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-105@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-106@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-107@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-108@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-109@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-110@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-111@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-112@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-113@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-114@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-115@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-116@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-117@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-118@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-119@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-120@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-201@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/enc/enc-202@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/enc/enc-203@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/enc/enc-3004@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/enc/enc-3006@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/enc/enc-3011@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/enc/enc-5016@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/enc/enc-6001@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/enc/enc-6002@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/enc/enc-70@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-71@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-72@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-73@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-74@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-75@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-76@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-77@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-78@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-79@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-80@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-81@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-82@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-83@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-84@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-85@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-86@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-87@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-88@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-89@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-90@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-91@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-92@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-93@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-94@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-95@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-96@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-97@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-98@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/enc/enc-99@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/hc/hc-001@1.0.0.yaml +73 -0
raxe/packs/core/v1.0.0/rules/hc/hc-002@1.0.0.yaml +71 -0
raxe/packs/core/v1.0.0/rules/hc/hc-003@1.0.0.yaml +65 -0
raxe/packs/core/v1.0.0/rules/hc/hc-004@1.0.0.yaml +73 -0
raxe/packs/core/v1.0.0/rules/hc/hc-101@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-102@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-103@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-104@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-105@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/hc/hc-106@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/hc/hc-107@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-108@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/hc/hc-109@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/hc/hc-110@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/hc/hc-111@1.0.0.yaml +49 -0
raxe/packs/core/v1.0.0/rules/hc/hc-112@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-113@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-114@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-115@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-116@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-117@1.0.0.yaml +54 -0
raxe/packs/core/v1.0.0/rules/hc/hc-118@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-119@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-120@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-121@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-122@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-123@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/hc/hc-124@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-125@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-126@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-127@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-128@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-129@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-130@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-131@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-132@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-133@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/hc/hc-134@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-135@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-136@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-137@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-138@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-139@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-140@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/hc/hc-141@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/hc/hc-142@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-143@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-144@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-145@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-146@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-147@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-148@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-149@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-150@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-151@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-152@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-153@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-154@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-155@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-156@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-157@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-158@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-159@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-160@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/hc/hc-161@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/jb/jb-001@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/jb/jb-009@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/jb/jb-020@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/jb/jb-021@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/jb/jb-022@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/jb/jb-028@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/jb/jb-033@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/jb/jb-034@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/jb/jb-036@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/jb/jb-039@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/jb/jb-056@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-066@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/jb/jb-076@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/jb/jb-098@1.0.0.yaml +46 -0
raxe/packs/core/v1.0.0/rules/jb/jb-103@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/jb/jb-104@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/jb/jb-105@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/jb/jb-110@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/jb/jb-111@1.0.0.yaml +57 -0
raxe/packs/core/v1.0.0/rules/jb/jb-112@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-113@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-114@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-115@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-116@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-117@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-118@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-119@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-120@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-121@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-122@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-123@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-124@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-125@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-126@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-127@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-128@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-129@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-130@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-131@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-132@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-133@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-134@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-135@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-136@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-137@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-138@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-139@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-140@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-141@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-142@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-143@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-144@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-145@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-146@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-147@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-148@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-149@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-150@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-151@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-152@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-153@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-154@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-155@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-156@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-157@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-158@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-159@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-160@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-161@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-162@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/jb/jb-201@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/jb/jb-202@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/jb/jb-203@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/jb/jb-204@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/jb/jb-205@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/jb/jb-206@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/jb/jb-207@1.0.0.yaml +49 -0
raxe/packs/core/v1.0.0/rules/pii/pii-001@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/pii/pii-009@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/pii/pii-012@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/pii/pii-017@1.0.0.yaml +48 -0
raxe/packs/core/v1.0.0/rules/pii/pii-022@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-025@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-027@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-028@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-034@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-037@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-040@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-041@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-044@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-050@1.0.0.yaml +57 -0
raxe/packs/core/v1.0.0/rules/pii/pii-051@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/pii/pii-052@1.0.0.yaml +52 -0
raxe/packs/core/v1.0.0/rules/pii/pii-053@1.0.0.yaml +56 -0
raxe/packs/core/v1.0.0/rules/pii/pii-054@1.0.0.yaml +53 -0
raxe/packs/core/v1.0.0/rules/pii/pii-055@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/pii/pii-056@1.0.0.yaml +51 -0
raxe/packs/core/v1.0.0/rules/pii/pii-058@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2015@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2025@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2026@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2035@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2037@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-2042@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3001@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3002@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3003@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3004@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3005@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3006@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3007@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3008@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3009@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3010@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3011@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3012@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3013@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3014@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3015@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3016@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3017@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3018@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3019@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3020@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3021@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3022@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3023@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3024@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3025@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3026@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3027@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3028@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3029@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3030@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3031@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3032@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3033@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3034@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3035@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3036@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3037@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3038@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3039@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3040@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3041@1.0.0.yaml +39 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3042@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3043@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3044@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3045@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3046@1.0.0.yaml +37 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3047@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3048@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3049@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3050@1.0.0.yaml +44 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3051@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3052@1.0.0.yaml +36 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3053@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3054@1.0.0.yaml +35 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3055@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3056@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3057@1.0.0.yaml +40 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3058@1.0.0.yaml +43 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3059@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3060@1.0.0.yaml +42 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3061@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3062@1.0.0.yaml +50 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3063@1.0.0.yaml +54 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3064@1.0.0.yaml +78 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3065@1.0.0.yaml +84 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3066@1.0.0.yaml +84 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3067@1.0.0.yaml +88 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3068@1.0.0.yaml +94 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3069@1.0.0.yaml +90 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3070@1.0.0.yaml +99 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3071@1.0.0.yaml +91 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3072@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3073@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3074@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3075@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3076@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3077@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3078@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3079@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3080@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3081@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3082@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3083@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3084@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/pii/pii-3085@1.0.0.yaml +38 -0
raxe/packs/core/v1.0.0/rules/rag/rag-016@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-028@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-042@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-044@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-045@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-050@1.0.0.yaml +47 -0
raxe/packs/core/v1.0.0/rules/rag/rag-201@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/rag/rag-202@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/rag/rag-3001@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/rag/rag-3006@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/rag/rag-3009@1.0.0.yaml +41 -0
raxe/packs/core/v1.0.0/rules/rag/rag-3012@1.0.0.yaml +41 -0
raxe/plugins/__init__.py +98 -0
raxe/plugins/custom_rules.py +380 -0
raxe/plugins/loader.py +389 -0
raxe/plugins/manager.py +538 -0
raxe/plugins/protocol.py +428 -0
raxe/py.typed +0 -0
raxe/sdk/__init__.py +77 -0
raxe/sdk/agent_scanner.py +1918 -0
raxe/sdk/client.py +1603 -0
raxe/sdk/decorator.py +175 -0
raxe/sdk/exceptions.py +859 -0
raxe/sdk/integrations/__init__.py +277 -0
raxe/sdk/integrations/agent_scanner.py +71 -0
raxe/sdk/integrations/autogen.py +872 -0
raxe/sdk/integrations/crewai.py +1368 -0
raxe/sdk/integrations/dspy.py +845 -0
raxe/sdk/integrations/extractors.py +363 -0
raxe/sdk/integrations/huggingface.py +395 -0
raxe/sdk/integrations/langchain.py +948 -0
raxe/sdk/integrations/litellm.py +484 -0
raxe/sdk/integrations/llamaindex.py +1049 -0
raxe/sdk/integrations/portkey.py +831 -0
raxe/sdk/suppression_context.py +215 -0
raxe/sdk/wrappers/__init__.py +163 -0
raxe/sdk/wrappers/anthropic.py +310 -0
raxe/sdk/wrappers/openai.py +221 -0
raxe/sdk/wrappers/vertexai.py +484 -0
raxe/utils/__init__.py +12 -0
raxe/utils/error_sanitizer.py +135 -0
raxe/utils/logging.py +241 -0
raxe/utils/performance.py +414 -0
raxe/utils/profiler.py +339 -0
raxe/utils/validators.py +170 -0
raxe-0.4.6.dist-info/METADATA +471 -0
raxe-0.4.6.dist-info/RECORD +668 -0
raxe-0.4.6.dist-info/WHEEL +5 -0
raxe-0.4.6.dist-info/entry_points.txt +2 -0
raxe-0.4.6.dist-info/licenses/LICENSE +56 -0
raxe-0.4.6.dist-info/top_level.txt +1 -0

raxe/domain/ml/threat_scorer.py ADDED Viewed

@@ -0,0 +1,757 @@
+"""Hierarchical threat scoring engine.
+Pure domain logic for scoring ML threat detections using multiple confidence signals
+to minimize false positives while maintaining high accuracy.
+This module implements 5 complementary scoring techniques:
+1. Hierarchical confidence score (weighted combination)
+2. Consistency check (variance detection)
+3. Margin analysis (decision boundary strength)
+4. Entropy-based uncertainty (optional, for Phase 2)
+5. Context-aware rules (basic implementation)
+Key Design Principles:
+- Pure functions with no side effects
+- No I/O operations (no numpy, no external dependencies in domain layer)
+- Immutable inputs and outputs
+- Deterministic results (no randomness)
+- Fully testable without mocks
+Performance Requirements:
+- All scoring operations must complete in <1ms
+- No expensive operations (like model inference) in scoring logic
+- Efficient use of native Python (list comprehensions, built-ins)
+"""
+import statistics
+from typing import Any
+from raxe.domain.ml.scoring_models import (
+    ActionType,
+    ScoringMode,
+    ScoringResult,
+    ScoringThresholds,
+    ThreatLevel,
+    ThreatScore,
+)
+# Pattern detection for obvious attack indicators
+# Based on analysis of 1,000 malicious prompts showing only 17.9% have clear patterns
+OBVIOUS_ATTACK_PATTERNS = [
+    # Direct instruction override (PI subfamily)
+    "ignore all previous",
+    "ignore previous",
+    "disregard all",
+    "disregard previous",
+    "forget all",
+    "forget previous",
+    "override previous",
+    "bypass previous",
+    # Memory/context manipulation
+    "delete all previous",
+    "clear all previous",
+    "erase all instructions",
+    "reset all instructions",
+    # Role manipulation with malicious intent
+    "you are now in",
+    "pretend you are",
+    "act as if you",
+    "from now on you",
+    # Direct jailbreak attempts
+    "jailbreak mode",
+    "developer mode",
+    "god mode",
+    "admin mode enabled",
+    # System prompt exposure attempts
+    "show me your system",
+    "reveal your system",
+    "what is your system prompt",
+    "display your instructions",
+    # Encoded/obfuscated attacks (base64, rot13, etc.)
+    "base64 decode",
+    "rot13 decode",
+    "execute the following",
+]
+def has_obvious_attack_pattern(prompt: str | None) -> bool:
+    """Check if prompt contains obvious attack patterns.
+    This is a conservative check that only matches clear, unambiguous attack
+    indicators. It will NOT match context-dependent queries like:
+    - "What is the password?" (could be legitimate admin query)
+    - "List all users" (could be legitimate data export)
+    - "How do hackers...?" (could be educational question)
+    Args:
+        prompt: The prompt text to check (can be None)
+    Returns:
+        True if prompt contains obvious attack pattern, False otherwise
+    Example:
+        >>> has_obvious_attack_pattern("ignore all previous instructions")
+        True
+        >>> has_obvious_attack_pattern("What is the admin password?")
+        False  # Context-dependent, not obvious
+    """
+    if not prompt:
+        return False
+    prompt_lower = prompt.lower()
+    return any(pattern in prompt_lower for pattern in OBVIOUS_ATTACK_PATTERNS)
+class HierarchicalThreatScorer:
+    """Production-ready hierarchical threat scoring engine.
+    This scorer uses multiple confidence signals from ML model predictions to
+    classify threats and minimize false positives. It's designed based on
+    analysis of 67 false positives that revealed patterns in:
+    - Business jargon (exploit, killer, seize)
+    - Latin words (molestias, cum)
+    - Educational questions ("What is a gun?")
+    - Professional security context
+    The scorer implements 5 techniques to achieve >95% accuracy with <1% FP rate:
+    1. **Hierarchical Confidence Score**: Weighted combination of binary, family,
+       and subfamily predictions (60%, 25%, 15% weights)
+    2. **Consistency Check**: Detects when confidence levels are inconsistent
+       across the hierarchy (high variance = uncertain model)
+    3. **Margin Analysis**: Checks if the model is truly confident or just
+       slightly favoring one class (small margin = uncertain)
+    4. **Entropy-Based Uncertainty**: Measures information-theoretic uncertainty
+       in probability distributions (high entropy = uncertain)
+    5. **Context-Aware Rules**: Applies domain knowledge (e.g., weak subfamily
+       confidence often indicates FP)
+    Usage:
+        >>> scorer = HierarchicalThreatScorer(mode=ScoringMode.BALANCED)
+        >>> threat_score = ThreatScore(
+        ...     binary_threat_score=0.9835,
+        ...     binary_safe_score=0.0165,
+        ...     family_confidence=0.554,
+        ...     subfamily_confidence=0.439,
+        ...     binary_proba=[0.0165, 0.9835],
+        ...     family_proba=[0.554, 0.25, 0.15, 0.04, 0.01, 0.006],
+        ...     subfamily_proba=[0.439, 0.3, 0.15, 0.08, 0.02, 0.008],
+        ...     family_name="PI",
+        ...     subfamily_name="pi_instruction_override"
+        ... )
+        >>> result = scorer.score(threat_score)
+        >>> print(result.classification)  # HIGH_THREAT
+        >>> print(result.action)  # BLOCK_ALERT
+        >>> print(result.reason)  # "Very high confidence (threat: 0.984, family: 0.554)"
+    Thread Safety:
+        This class is thread-safe. All methods are pure functions with no
+        mutable state except the immutable thresholds configuration.
+    """
+    def __init__(
+        self,
+        mode: ScoringMode = ScoringMode.BALANCED,
+        thresholds: ScoringThresholds | None = None
+    ) -> None:
+        """Initialize the threat scorer.
+        Args:
+            mode: Scoring mode preset (HIGH_SECURITY, BALANCED, or LOW_FP).
+                  Ignored if thresholds is provided.
+            thresholds: Custom threshold configuration. If None, uses mode preset.
+        Example:
+            >>> # Use preset
+            >>> scorer = HierarchicalThreatScorer(mode=ScoringMode.BALANCED)
+            >>>
+            >>> # Use custom thresholds
+            >>> custom = ScoringThresholds(
+            ...     safe=0.5, fp_likely=0.55, review=0.65,
+            ...     threat=0.75, high_threat=0.90,
+            ...     inconsistency_threshold=0.05,
+            ...     weak_family=0.4, weak_subfamily=0.3
+            ... )
+            >>> scorer = HierarchicalThreatScorer(thresholds=custom)
+        """
+        self.mode = mode
+        self.thresholds = thresholds if thresholds is not None else ScoringThresholds.for_mode(mode)
+    def score(self, threat_score: ThreatScore, prompt: str | None = None) -> ScoringResult:
+        """Score a threat detection using hierarchical confidence analysis.
+        This is the main entry point for threat scoring. It applies all 5
+        techniques to produce a final classification with full transparency.
+        Args:
+            threat_score: Raw ML model outputs (binary, family, subfamily predictions)
+            prompt: Optional prompt text for pattern-based detection
+        Returns:
+            ScoringResult with classification, action, and detailed metrics
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> result = scorer.score(threat_score, prompt="ignore all previous instructions")
+            >>> if result.action == ActionType.BLOCK:
+            ...     # Block the request
+            ...     pass
+            >>> elif result.action == ActionType.MANUAL_REVIEW:
+            ...     # Queue for human review
+            ...     pass
+        """
+        # Early exit: SAFE (threat score below threshold)
+        if threat_score.binary_threat_score < self.thresholds.safe:
+            return self._create_safe_result(threat_score)
+        # Calculate all metrics using the 5 techniques
+        hierarchical_score = self.calculate_hierarchical_score(
+            threat_score.binary_threat_score,
+            threat_score.family_confidence,
+            threat_score.subfamily_confidence
+        )
+        is_consistent, variance = self.check_consistency(
+            threat_score.binary_threat_score,
+            threat_score.family_confidence,
+            threat_score.subfamily_confidence
+        )
+        margins = self.calculate_margins(
+            threat_score.binary_proba,
+            threat_score.family_proba,
+            threat_score.subfamily_proba
+        )
+        weak_margins_count = self._count_weak_margins(margins)
+        # Build metadata
+        metadata: dict[str, Any] = {
+            'mode': self.mode.value,
+            'margins': margins,
+            'family_name': threat_score.family_name,
+            'subfamily_name': threat_score.subfamily_name
+        }
+        # Apply decision logic (context-aware rules)
+        return self._classify(
+            threat_score=threat_score,
+            hierarchical_score=hierarchical_score,
+            is_consistent=is_consistent,
+            variance=variance,
+            weak_margins_count=weak_margins_count,
+            metadata=metadata,
+            prompt=prompt
+        )
+    def calculate_hierarchical_score(
+        self,
+        threat_score: float,
+        family_confidence: float,
+        subfamily_confidence: float
+    ) -> float:
+        """Calculate weighted hierarchical confidence score.
+        **Technique 1: Hierarchical Confidence Score**
+        Combines all three classification levels with weights based on empirical
+        analysis of false positives:
+        - Binary (60%): Most reliable signal, primary threat indicator
+        - Family (25%): Important for understanding threat context
+        - Subfamily (15%): Provides specificity, helps identify FPs
+        Low family/subfamily confidence often indicates the model is uncertain,
+        even if the binary score is high. This is a key insight from FP analysis.
+        Args:
+            threat_score: Binary threat probability (0.0-1.0)
+            family_confidence: Confidence in family prediction (0.0-1.0)
+            subfamily_confidence: Confidence in subfamily prediction (0.0-1.0)
+        Returns:
+            Weighted confidence score (0.0-1.0)
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> score = scorer.calculate_hierarchical_score(0.626, 0.502, 0.343)
+            >>> print(f"{score:.3f}")  # 0.552 (below FP_LIKELY threshold)
+        """
+        return (
+            0.60 * threat_score +
+            0.25 * family_confidence +
+            0.15 * subfamily_confidence
+        )
+    def check_consistency(
+        self,
+        threat_score: float,
+        family_confidence: float,
+        subfamily_confidence: float
+    ) -> tuple[bool, float]:
+        """Check if confidence levels are consistent across hierarchy.
+        **Technique 2: Consistency Check**
+        Detects when the model is uncertain by measuring variance in confidence
+        levels. High variance indicates inconsistent predictions:
+        - High threat score but low family/subfamily = suspicious
+        - All high scores = consistent, confident detection
+        - All low scores = consistent, likely FP
+        This catches cases where the binary classifier says "threat" but the
+        family/subfamily classifiers are uncertain about what kind of threat.
+        Args:
+            threat_score: Binary threat probability (0.0-1.0)
+            family_confidence: Confidence in family prediction (0.0-1.0)
+            subfamily_confidence: Confidence in subfamily prediction (0.0-1.0)
+        Returns:
+            Tuple of (is_consistent, variance):
+            - is_consistent: True if variance <= inconsistency_threshold
+            - variance: Variance of the three confidence levels
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> is_consistent, variance = scorer.check_consistency(0.984, 0.554, 0.439)
+            >>> print(is_consistent)  # True (variance = 0.047 < 0.05)
+            >>> print(f"{variance:.3f}")  # 0.047
+        """
+        confidence_levels = [threat_score, family_confidence, subfamily_confidence]
+        # Calculate variance using statistics module (pure Python, no numpy)
+        variance = statistics.variance(confidence_levels)
+        is_consistent = variance <= self.thresholds.inconsistency_threshold
+        return is_consistent, variance
+    def calculate_margins(
+        self,
+        binary_proba: list[float],
+        family_proba: list[float],
+        subfamily_proba: list[float]
+    ) -> dict[str, float]:
+        """Calculate decision margins at each classification level.
+        **Technique 3: Margin Analysis**
+        Measures how strongly the model chose one class over others. Small
+        margins indicate the model barely favored one class (uncertain).
+        Decision margin = top_probability - second_highest_probability
+        Interpretation:
+        - Large margin (>0.5): Model is very confident in its choice
+        - Medium margin (0.2-0.5): Model is reasonably confident
+        - Small margin (<0.2): Model is uncertain between two classes
+        This is especially useful for detecting borderline cases where the
+        threat score is just above 0.5 (e.g., 0.52 vs 0.48 = 0.04 margin).
+        Args:
+            binary_proba: Full binary probability distribution [safe, threat]
+            family_proba: Full family probability distribution (all classes)
+            subfamily_proba: Full subfamily probability distribution (all classes)
+        Returns:
+            Dictionary with margins for each level:
+            - 'binary': Binary decision margin
+            - 'family': Family decision margin
+            - 'subfamily': Subfamily decision margin
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> margins = scorer.calculate_margins(
+            ...     binary_proba=[0.374, 0.626],
+            ...     family_proba=[0.502, 0.25, 0.15, 0.08, 0.01],
+            ...     subfamily_proba=[0.343, 0.2, 0.15, 0.1, 0.05]
+            ... )
+            >>> print(margins['binary'])  # 0.252 (weak margin)
+            >>> print(margins['family'])  # 0.252 (0.502 - 0.25)
+            >>> print(margins['subfamily'])  # 0.143 (0.343 - 0.2)
+        """
+        # Binary margin
+        binary_sorted = sorted(binary_proba, reverse=True)
+        binary_margin = binary_sorted[0] - binary_sorted[1] if len(binary_sorted) > 1 else 1.0
+        # Family margin
+        family_sorted = sorted(family_proba, reverse=True)
+        family_margin = family_sorted[0] - family_sorted[1] if len(family_sorted) > 1 else 1.0
+        # Subfamily margin
+        subfamily_sorted = sorted(subfamily_proba, reverse=True)
+        subfamily_margin = subfamily_sorted[0] - subfamily_sorted[1] if len(subfamily_sorted) > 1 else 1.0
+        return {
+            'binary': binary_margin,
+            'family': family_margin,
+            'subfamily': subfamily_margin
+        }
+    def calculate_entropy(
+        self,
+        proba_dist: list[float],
+        normalized: bool = True
+    ) -> float:
+        """Calculate Shannon entropy of a probability distribution.
+        **Technique 4: Entropy-Based Uncertainty**
+        Uses information theory to measure uncertainty in model predictions.
+        High entropy indicates the model is uncertain (probabilities are spread
+        across multiple classes).
+        Shannon entropy: H(X) = -Σ p(x) * log2(p(x))
+        Interpretation:
+        - Low entropy (near 0): Model is very confident (one probability near 1.0)
+        - High entropy (near 1.0 normalized): Model is very uncertain (uniform distribution)
+        This technique is especially useful for multi-class problems (family,
+        subfamily) where margin analysis alone might miss cases with multiple
+        similar-probability classes.
+        Args:
+            proba_dist: Probability distribution (should sum to ~1.0)
+            normalized: If True, normalize entropy to 0-1 range by dividing
+                       by log2(num_classes). This makes entropy comparable
+                       across different numbers of classes.
+        Returns:
+            Shannon entropy (0.0-1.0 if normalized, 0.0-log2(n) if not)
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> # Confident prediction: [0.9, 0.1]
+            >>> entropy1 = scorer.calculate_entropy([0.9, 0.1])
+            >>> print(f"{entropy1:.3f}")  # ~0.469 (low entropy)
+            >>>
+            >>> # Uncertain prediction: [0.5, 0.5]
+            >>> entropy2 = scorer.calculate_entropy([0.5, 0.5])
+            >>> print(f"{entropy2:.3f}")  # 1.0 (maximum entropy)
+        Note:
+            This technique is marked as optional for Phase 2 because it adds
+            computational complexity and the first 3 techniques already catch
+            most uncertainty cases. Use it for advanced deployments.
+        """
+        # Clip probabilities to avoid log(0)
+        # Use small epsilon instead of 0
+        epsilon = 1e-10
+        clipped_proba = [max(p, epsilon) for p in proba_dist]
+        # Calculate Shannon entropy: -Σ p(x) * log2(p(x))
+        # Use native Python math.log2 (no numpy dependency)
+        import math
+        entropy = -sum(p * math.log2(p) for p in clipped_proba)
+        if normalized:
+            # Normalize to 0-1 range by dividing by maximum possible entropy
+            # Max entropy = log2(num_classes) when all probabilities are equal
+            num_classes = len(proba_dist)
+            max_entropy = math.log2(num_classes) if num_classes > 1 else 1.0
+            entropy = entropy / max_entropy if max_entropy > 0 else 0.0
+        return entropy
+    def calculate_entropy_metrics(
+        self,
+        binary_proba: list[float],
+        family_proba: list[float],
+        subfamily_proba: list[float]
+    ) -> dict[str, float]:
+        """Calculate entropy metrics for all classification levels.
+        Convenience method that calculates normalized entropy for binary,
+        family, and subfamily predictions.
+        Args:
+            binary_proba: Full binary probability distribution
+            family_proba: Full family probability distribution
+            subfamily_proba: Full subfamily probability distribution
+        Returns:
+            Dictionary with normalized entropy for each level:
+            - 'binary_entropy': Binary entropy (0.0-1.0)
+            - 'family_entropy': Family entropy (0.0-1.0)
+            - 'subfamily_entropy': Subfamily entropy (0.0-1.0)
+        Example:
+            >>> scorer = HierarchicalThreatScorer()
+            >>> metrics = scorer.calculate_entropy_metrics(
+            ...     binary_proba=[0.374, 0.626],
+            ...     family_proba=[0.502, 0.25, 0.15, 0.08, 0.01, 0.008],
+            ...     subfamily_proba=[0.343, 0.2, 0.15, 0.1, 0.05, 0.03]
+            ... )
+            >>> print(f"{metrics['binary_entropy']:.3f}")  # ~0.955 (high uncertainty)
+        """
+        return {
+            'binary_entropy': self.calculate_entropy(binary_proba, normalized=True),
+            'family_entropy': self.calculate_entropy(family_proba, normalized=True),
+            'subfamily_entropy': self.calculate_entropy(subfamily_proba, normalized=True)
+        }
+    def _count_weak_margins(self, margins: dict[str, float]) -> int:
+        """Count how many margins are weak (below thresholds).
+        **Part of Technique 3: Margin Analysis**
+        Weak margins indicate uncertain decisions. This method counts how many
+        of the three classification levels have weak margins.
+        Thresholds for weak margins (empirically determined):
+        - Binary: < 0.4 (barely chose threat over safe)
+        - Family: < 0.2 (barely chose one family over another)
+        - Subfamily: < 0.15 (barely chose one subfamily over another)
+        Args:
+            margins: Dictionary with 'binary', 'family', 'subfamily' margins
+        Returns:
+            Count of weak margins (0-3)
+        """
+        weak_count = 0
+        if margins['binary'] < 0.4:
+            weak_count += 1
+        if margins['family'] < 0.2:
+            weak_count += 1
+        if margins['subfamily'] < 0.15:
+            weak_count += 1
+        return weak_count
+    def _create_safe_result(self, threat_score: ThreatScore) -> ScoringResult:
+        """Create a SAFE classification result.
+        Args:
+            threat_score: Original threat score
+        Returns:
+            ScoringResult with SAFE classification and ALLOW action
+        """
+        return ScoringResult(
+            classification=ThreatLevel.SAFE,
+            action=ActionType.ALLOW,
+            risk_score=threat_score.binary_threat_score * 100,
+            hierarchical_score=0.0,
+            threat_score=threat_score.binary_threat_score,
+            family_confidence=0.0,
+            subfamily_confidence=0.0,
+            is_consistent=True,
+            variance=0.0,
+            weak_margins_count=0,
+            reason=f"Low threat score ({threat_score.binary_threat_score:.3f})",
+            metadata={}
+        )
+    def _classify(
+        self,
+        threat_score: ThreatScore,
+        hierarchical_score: float,
+        is_consistent: bool,
+        variance: float,
+        weak_margins_count: int,
+        metadata: dict[str, Any],
+        prompt: str | None = None
+    ) -> ScoringResult:
+        """Apply classification logic using context-aware rules.
+        **Technique 5: Context-Aware Rules**
+        This method implements the decision logic that combines all previous
+        techniques with domain knowledge to produce a final classification.
+        The rules are applied in priority order:
+        1. FP_LIKELY: All signals weak (catches business jargon, educational questions)
+        2. REVIEW: Inconsistent or individual signals too weak (needs human judgment)
+        3. LIKELY_THREAT: High confidence + obvious attack patterns
+        4. HIGH_THREAT: Very confident across all signals (clear attack)
+        5. THREAT: Confident detection (block but maybe not alert)
+        These rules are data-driven based on analysis of 67 false positives and
+        1,000 malicious prompts.
+        Args:
+            threat_score: Original threat score
+            hierarchical_score: Weighted confidence score
+            is_consistent: True if confidence levels are consistent
+            variance: Variance in confidence levels
+            weak_margins_count: Number of weak decision margins
+            metadata: Additional metadata to include in result
+            prompt: Optional prompt text for pattern-based detection
+        Returns:
+            ScoringResult with final classification
+        """
+        risk_score = hierarchical_score * 100
+        # Rule 1: FP_LIKELY - All signals weak
+        # This catches common FPs like:
+        # - Business emails with "exploit", "killer", "target"
+        # - Educational questions like "What is a gun?"
+        # - Latin words that sound threatening ("molestias")
+        if hierarchical_score < self.thresholds.fp_likely or weak_margins_count >= 2:
+            return ScoringResult(
+                classification=ThreatLevel.FP_LIKELY,
+                action=ActionType.ALLOW_WITH_LOG,
+                risk_score=risk_score,
+                hierarchical_score=hierarchical_score,
+                threat_score=threat_score.binary_threat_score,
+                family_confidence=threat_score.family_confidence,
+                subfamily_confidence=threat_score.subfamily_confidence,
+                is_consistent=is_consistent,
+                variance=variance,
+                weak_margins_count=weak_margins_count,
+                reason=(
+                    f"All confidence signals weak "
+                    f"(hierarchical: {hierarchical_score:.3f}, "
+                    f"weak margins: {weak_margins_count}/3)"
+                ),
+                metadata=metadata
+            )
+        # Rule 2: LIKELY_THREAT - High confidence + obvious attack patterns
+        # Check this BEFORE REVIEW to catch obvious attacks even if confidence is mixed
+        # This rule is ONLY enabled if likely_threat threshold is set (not None)
+        # It catches high-confidence cases with clear attack indicators:
+        # - Hierarchical score >= review threshold (not below)
+        # - Hierarchical score < threat threshold (not high enough for auto-block)
+        # - Prompt contains obvious attack patterns (e.g., "ignore all previous instructions")
+        #
+        # This avoids auto-blocking context-dependent queries like:
+        # - "What is the admin password?" (could be legitimate)
+        # - "List all users" (could be data export)
+        #
+        # Only 17.9% of high-confidence review cases have obvious patterns.
+        if (
+            self.thresholds.likely_threat is not None and
+            hierarchical_score >= self.thresholds.review and  # Changed: use review threshold as lower bound
+            hierarchical_score < self.thresholds.threat and
+            has_obvious_attack_pattern(prompt)
+        ):
+            return ScoringResult(
+                classification=ThreatLevel.LIKELY_THREAT,
+                action=ActionType.BLOCK_WITH_REVIEW,
+                risk_score=risk_score,
+                hierarchical_score=hierarchical_score,
+                threat_score=threat_score.binary_threat_score,
+                family_confidence=threat_score.family_confidence,
+                subfamily_confidence=threat_score.subfamily_confidence,
+                is_consistent=is_consistent,
+                variance=variance,
+                weak_margins_count=weak_margins_count,
+                reason=(
+                    f"High confidence with obvious attack pattern "
+                    f"(hierarchical: {hierarchical_score:.3f}, "
+                    f"pattern detected)"
+                ),
+                metadata={**metadata, 'has_attack_pattern': True}
+            )
+        # Rule 3: REVIEW - Inconsistent or individual signals too weak
+        # This catches cases where:
+        # - High threat score but low family/subfamily confidence
+        # - Mixed signals across hierarchy (high variance)
+        # - Any individual signal below threshold
+        # Note: LIKELY_THREAT is checked FIRST to catch obvious attacks even with mixed signals
+        if (
+            not is_consistent or
+            threat_score.binary_threat_score < self.thresholds.review or
+            threat_score.family_confidence < self.thresholds.weak_family or
+            threat_score.subfamily_confidence < self.thresholds.weak_subfamily
+        ):
+            return ScoringResult(
+                classification=ThreatLevel.REVIEW,
+                action=ActionType.MANUAL_REVIEW,
+                risk_score=risk_score,
+                hierarchical_score=hierarchical_score,
+                threat_score=threat_score.binary_threat_score,
+                family_confidence=threat_score.family_confidence,
+                subfamily_confidence=threat_score.subfamily_confidence,
+                is_consistent=is_consistent,
+                variance=variance,
+                weak_margins_count=weak_margins_count,
+                reason=(
+                    f"Inconsistent or low confidence "
+                    f"(threat: {threat_score.binary_threat_score:.3f}, "
+                    f"family: {threat_score.family_confidence:.3f}, "
+                    f"sub: {threat_score.subfamily_confidence:.3f}, "
+                    f"variance: {variance:.3f})"
+                ),
+                metadata=metadata
+            )
+        # Rule 4: HIGH_THREAT - Very confident across all signals
+        # This requires:
+        # - Very high hierarchical score (>= high_threat threshold)
+        # - High family confidence (> 0.8) to ensure it's not just TOX/XX FP
+        if (
+            hierarchical_score >= self.thresholds.high_threat and
+            threat_score.family_confidence > 0.8
+        ):
+            return ScoringResult(
+                classification=ThreatLevel.HIGH_THREAT,
+                action=ActionType.BLOCK_ALERT,
+                risk_score=risk_score,
+                hierarchical_score=hierarchical_score,
+                threat_score=threat_score.binary_threat_score,
+                family_confidence=threat_score.family_confidence,
+                subfamily_confidence=threat_score.subfamily_confidence,
+                is_consistent=is_consistent,
+                variance=variance,
+                weak_margins_count=weak_margins_count,
+                reason=(
+                    f"Very high confidence "
+                    f"(threat: {threat_score.binary_threat_score:.3f}, "
+                    f"family: {threat_score.family_confidence:.3f})"
+                ),
+                metadata=metadata
+            )
+        # Rule 5: THREAT - Confident detection
+        # This is the default for detections that pass all previous filters
+        # Use hierarchical score (not binary) for final classification
+        if hierarchical_score >= self.thresholds.threat:
+            return ScoringResult(
+                classification=ThreatLevel.THREAT,
+                action=ActionType.BLOCK,
+                risk_score=risk_score,
+                hierarchical_score=hierarchical_score,
+                threat_score=threat_score.binary_threat_score,
+                family_confidence=threat_score.family_confidence,
+                subfamily_confidence=threat_score.subfamily_confidence,
+                is_consistent=is_consistent,
+                variance=variance,
+                weak_margins_count=weak_margins_count,
+                reason=f"Confident threat detection (hierarchical: {hierarchical_score:.3f})",
+                metadata=metadata
+            )
+        # Fallback: REVIEW (edge case - shouldn't normally reach here)
+        # This catches any case that doesn't fit the above rules
+        return ScoringResult(
+            classification=ThreatLevel.REVIEW,
+            action=ActionType.MANUAL_REVIEW,
+            risk_score=risk_score,
+            hierarchical_score=hierarchical_score,
+            threat_score=threat_score.binary_threat_score,
+            family_confidence=threat_score.family_confidence,
+            subfamily_confidence=threat_score.subfamily_confidence,
+            is_consistent=is_consistent,
+            variance=variance,
+            weak_margins_count=weak_margins_count,
+            reason="Mixed signals, manual review recommended",
+            metadata=metadata
+        )