codecrucible-synth/dist/core/security/advanced-security-validator.d.ts

Production-Ready AI Development Platform with Multi-Voice Synthesis, Smithery MCP Integration, Enterprise Security, and Zero-Timeout Reliability

/**
 * Advanced Security Validator (ENHANCED)
 * Comprehensive security validation system for CodeCrucible Synth
 * Enhanced with 2024 AI security research and multi-agent red teaming
 *
 * Research findings integrated:
 * - 29.5% Python and 24.2% JavaScript code snippets contain vulnerabilities
 * - AI-specific prompt injection patterns and countermeasures
 * - Secret leak detection in AI-generated code
 */
export interface SecurityPolicy {
    allowedCommands: string[];
    blockedPatterns: RegExp[];
    maxInputLength: number;
    allowCodeExecution: boolean;
    allowFileAccess: boolean;
    allowNetworkAccess: boolean;
    requireSandbox: boolean;
}
export interface ValidationResult {
    isValid: boolean;
    riskLevel: 'low' | 'medium' | 'high' | 'critical';
    violations: SecurityViolation[];
    sanitizedInput?: string;
    recommendations: string[];
}
export interface SecurityViolation {
    type: 'command_injection' | 'path_traversal' | 'malicious_pattern' | 'excessive_length' | 'suspicious_content';
    description: string;
    severity: 'low' | 'medium' | 'high' | 'critical';
    location?: string;
    pattern?: string;
}
export declare class AdvancedSecurityValidator {
    private logger;
    private policy;
    private knownMaliciousPatterns;
    private suspiciousKeywords;
    constructor(policy?: Partial<SecurityPolicy>);
    /**
     * Comprehensive input validation
     */
    validateInput(input: string, context?: string): Promise<ValidationResult>;
    /**
     * Detect command injection attempts
     */
    private detectCommandInjection;
    /**
     * Detect path traversal attempts
     */
    private detectPathTraversal;
    /**
     * Detect known malicious patterns
     */
    private detectMaliciousPatterns;
    /**
     * Analyze content for suspicious patterns
     */
    private analyzeSuspiciousContent;
    /**
     * Detect encoded malicious content
     */
    private detectEncodedMaliciousContent;
    /**
     * Check if text contains suspicious patterns
     */
    private containsSuspiciousPatterns;
    /**
     * Sanitize input by removing or escaping dangerous content
     */
    private sanitizeInput;
    /**
     * Generate security recommendations
     */
    private generateRecommendations;
    /**
     * Get highest severity level from violations
     */
    private getHighestSeverity;
    /**
     * Initialize known malicious patterns
     */
    private initializeMaliciousPatterns;
    /**
     * Initialize suspicious keywords
     */
    private initializeSuspiciousKeywords;
    /**
     * Merge with default security policy
     */
    private mergeWithDefaultPolicy;
    /**
     * Update security policy
     */
    updatePolicy(newPolicy: Partial<SecurityPolicy>): void;
    /**
     * Get current security policy
     */
    getPolicy(): SecurityPolicy;
    /**
     * Generate security report
     */
    generateSecurityReport(): any;
}
export default AdvancedSecurityValidator;
//# sourceMappingURL=advanced-security-validator.d.ts.map