import { Scanner, ScannerOptions, ScanResult, Finding } from '../types'; export interface DxtExtensionConfig { name?: string; version?: string; permissions?: DxtPermissions; sandbox?: boolean | DxtSandboxConfig; signature?: DxtSignature; data_sources?: DxtDataSource[]; executors?: DxtExecutor[]; [key: string]: unknown; } export interface DxtPermissions { file_system?: boolean | string[]; network?: boolean | string[]; code_execution?: boolean; clipboard?: boolean; notifications?: boolean; [key: string]: unknown; } export interface DxtSandboxConfig { enabled?: boolean; level?: string; } export interface DxtSignature { signed?: boolean; verified?: boolean; issuer?: string; } export interface DxtDataSource { type: string; external?: boolean; [key: string]: unknown; } export interface DxtExecutor { type: string; unrestricted?: boolean; [key: string]: unknown; } export declare class DxtSecurityScanner implements Scanner { name: string; description: string; /** * Scan a target directory for DXT extension configs. * Looks for JSON files that contain DXT extension definitions. */ scan(targetDir: string, _options?: ScannerOptions): Promise; /** * Audit a single extension config. Exported for direct testing. */ auditExtension(extName: string, ext: DxtExtensionConfig, filePath?: string): Finding[]; /** Find DXT-related config files in the target directory */ private findDxtConfigs; /** Recursively find JSON files up to maxDepth */ private walkJsonFiles; /** * Extract extension definitions from a parsed config. * Supports both top-level extension objects and nested `extensions` / `dxt_extensions` maps. */ private extractExtensions; } //# sourceMappingURL=dxt-security-scanner.d.ts.map