/**
 * Path Security Utilities
 * Provides sanitization functions to prevent path traversal attacks
 */
/**
 * Sanitizes user-controlled input for safe use in filenames
 * Prevents path traversal attacks by:
 * - Extracting only the basename (no directory components)
 * - Removing path separators (/, \)
 * - Removing dangerous characters (., :, etc.)
 * - Replacing invalid characters with underscores
 *
 * @param input - User-controlled string to sanitize
 * @returns Sanitized filename safe for file operations
 *
 * @example
 * ```typescript
 * // Malicious input attempt
 * const malicious = '../../../../etc/passwd';
 * const safe = sanitizeForFilename(malicious);
 * // Returns: 'passwd'
 *
 * // Normal input
 * const normal = 'user-journey-123';
 * const safe2 = sanitizeForFilename(normal);
 * // Returns: 'user-journey-123'
 * ```
 */
export declare function sanitizeForFilename(input: string): string;
/**
 * Safely constructs a file path within a base directory
 * Ensures the resulting path stays within the intended directory
 *
 * @param baseDir - Base directory that should contain the file
 * @param segments - Path segments to join (will be sanitized)
 * @returns Safe absolute path
 *
 * @example
 * ```typescript
 * const safePath = safePathJoin('.fortress/screenshots', 'journey-123', 'step1.png');
 * // Returns: '/full/path/.fortress/screenshots/journey-123/step1.png'
 *
 * // Attempts to escape are prevented
 * const malicious = safePathJoin('.fortress', '../../../etc/passwd');
 * // Returns: '/full/path/.fortress/passwd'
 * ```
 */
export declare function safePathJoin(baseDir: string, ...segments: string[]): string;
/**
 * Validates that a given path is safe and within allowed boundaries
 *
 * @param filepath - Path to validate
 * @param allowedBase - Base directory that should contain the path
 * @returns true if path is safe, false otherwise
 */
export declare function isPathSafe(filepath: string, allowedBase: string): boolean;
/**
 * Sanitizes journey ID for use in file paths and filenames
 * Specifically designed for Layer 6 journey testing
 *
 * @param journeyId - Journey identifier from user-defined journey
 * @returns Sanitized journey ID safe for file operations
 */
export declare function sanitizeJourneyId(journeyId: string): string;
/**
 * Sanitizes agent name for use in file paths
 * Ensures agent names cannot escape the agents directory
 *
 * @param agentName - Agent name from user selection
 * @returns Sanitized agent name
 */
export declare function sanitizeAgentName(agentName: string): string;
/**
 * Sanitizes API endpoint for use in file paths
 * Handles endpoint paths like '/api/users' or 'users'
 *
 * @param endpoint - API endpoint path
 * @returns Sanitized endpoint safe for file operations
 */
export declare function sanitizeEndpoint(endpoint: string): string;
//# sourceMappingURL=path-security.d.ts.map