/**
 * Shared capability extraction from text content.
 *
 * Used by both SkillFingerprintStore (behavioral drift detection)
 * and InvariantChecker (manifest enforcement).
 *
 * Regex-based, no LLM needed. Analyzes first 10KB to prevent ReDoS.
 *
 * @module agent-threat-rules/capability-extractor
 */
export declare const FS_WRITE_PATTERN: RegExp;
export declare const FS_READ_PATTERN: RegExp;
export declare const FS_DELETE_PATTERN: RegExp;
export declare const NETWORK_PATTERN: RegExp;
export declare const ENV_PATTERN: RegExp;
export declare const ENV_INLINE_PATTERN: RegExp;
export declare const EXEC_PATTERN: RegExp;
export declare const EXFIL_PATTERN: RegExp;
export declare const REDIRECT_PATTERN: RegExp;
/** Path extraction: find filesystem paths referenced in text (min 2 segments to reduce noise) */
export declare const PATH_PATTERN: RegExp;
/** Config file modification patterns */
export declare const CONFIG_MOD_PATTERN: RegExp;
export interface ExtractedCapabilities {
    readonly filesystemOps: readonly string[];
    readonly filesystemPaths: readonly string[];
    readonly networkTargets: readonly string[];
    readonly envAccesses: readonly string[];
    readonly processExecs: readonly string[];
    readonly outputPatterns: readonly string[];
    readonly configModifications: boolean;
}
/** Classify text content into behavioral capabilities */
export declare function extractCapabilities(text: string): ExtractedCapabilities;
//# sourceMappingURL=capability-extractor.d.ts.map