ajmallesh
8e4fafba99
- Delete unused src/cli/ui.ts, remove zod dependency, drop 4 dead functions (logError, handleToolError, getRetryDelay, displayTimingSummary) - Remove 8 unused types/interfaces and 3 duplicate formatting utils from audit/utils.ts - Narrow export surface: make 7 message-handler functions private, remove unused audit re-exports, unexport AgentDefinition and path constants - Remove unused runClaudePrompt params (sessionMetadata, attemptNumber) and update caller - Enable tsconfig noUnusedLocals, noUnusedParameters, noImplicitReturns, noImplicitOverride, noFallthroughCasesInSwitch
106 lines
2.8 KiB
TypeScript
106 lines
2.8 KiB
TypeScript
// Copyright (C) 2025 Keygraph, Inc.
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License version 3
|
|
// as published by the Free Software Foundation.
|
|
|
|
import type { AgentName } from './types/index.js';
|
|
|
|
// Agent definition interface
|
|
interface AgentDefinition {
|
|
name: AgentName;
|
|
displayName: string;
|
|
prerequisites: AgentName[];
|
|
}
|
|
|
|
// Agent definitions according to PRD
|
|
export const AGENTS: Readonly<Record<AgentName, AgentDefinition>> = Object.freeze({
|
|
'pre-recon': {
|
|
name: 'pre-recon',
|
|
displayName: 'Pre-recon agent',
|
|
prerequisites: []
|
|
},
|
|
'recon': {
|
|
name: 'recon',
|
|
displayName: 'Recon agent',
|
|
prerequisites: ['pre-recon']
|
|
},
|
|
'injection-vuln': {
|
|
name: 'injection-vuln',
|
|
displayName: 'Injection vuln agent',
|
|
prerequisites: ['recon']
|
|
},
|
|
'xss-vuln': {
|
|
name: 'xss-vuln',
|
|
displayName: 'XSS vuln agent',
|
|
prerequisites: ['recon']
|
|
},
|
|
'auth-vuln': {
|
|
name: 'auth-vuln',
|
|
displayName: 'Auth vuln agent',
|
|
prerequisites: ['recon']
|
|
},
|
|
'ssrf-vuln': {
|
|
name: 'ssrf-vuln',
|
|
displayName: 'SSRF vuln agent',
|
|
prerequisites: ['recon']
|
|
},
|
|
'authz-vuln': {
|
|
name: 'authz-vuln',
|
|
displayName: 'Authz vuln agent',
|
|
prerequisites: ['recon']
|
|
},
|
|
'injection-exploit': {
|
|
name: 'injection-exploit',
|
|
displayName: 'Injection exploit agent',
|
|
prerequisites: ['injection-vuln']
|
|
},
|
|
'xss-exploit': {
|
|
name: 'xss-exploit',
|
|
displayName: 'XSS exploit agent',
|
|
prerequisites: ['xss-vuln']
|
|
},
|
|
'auth-exploit': {
|
|
name: 'auth-exploit',
|
|
displayName: 'Auth exploit agent',
|
|
prerequisites: ['auth-vuln']
|
|
},
|
|
'ssrf-exploit': {
|
|
name: 'ssrf-exploit',
|
|
displayName: 'SSRF exploit agent',
|
|
prerequisites: ['ssrf-vuln']
|
|
},
|
|
'authz-exploit': {
|
|
name: 'authz-exploit',
|
|
displayName: 'Authz exploit agent',
|
|
prerequisites: ['authz-vuln']
|
|
},
|
|
'report': {
|
|
name: 'report',
|
|
displayName: 'Report agent',
|
|
prerequisites: ['injection-exploit', 'xss-exploit', 'auth-exploit', 'ssrf-exploit', 'authz-exploit']
|
|
}
|
|
});
|
|
|
|
// Phase names for metrics aggregation
|
|
export type PhaseName = 'pre-recon' | 'recon' | 'vulnerability-analysis' | 'exploitation' | 'reporting';
|
|
|
|
// Map agents to their corresponding phases (single source of truth)
|
|
export const AGENT_PHASE_MAP: Readonly<Record<AgentName, PhaseName>> = Object.freeze({
|
|
'pre-recon': 'pre-recon',
|
|
'recon': 'recon',
|
|
'injection-vuln': 'vulnerability-analysis',
|
|
'xss-vuln': 'vulnerability-analysis',
|
|
'auth-vuln': 'vulnerability-analysis',
|
|
'authz-vuln': 'vulnerability-analysis',
|
|
'ssrf-vuln': 'vulnerability-analysis',
|
|
'injection-exploit': 'exploitation',
|
|
'xss-exploit': 'exploitation',
|
|
'auth-exploit': 'exploitation',
|
|
'authz-exploit': 'exploitation',
|
|
'ssrf-exploit': 'exploitation',
|
|
'report': 'reporting',
|
|
});
|
|
|
|
|