/** * Chain Mapper Agent - SLOP Native * * Deep attack path analysis - traces how vulnerabilities connect * across the entire codebase to form exploitable attack chains. * * Tools: * - trace-path: Trace exploitation path from entry to impact * - find-pivots: Find pivot points between vulnerabilities * - simulate-attack: Simulate attack sequence without execution * - generate-report: Generate visual attack graph + narrative * - analyze-blast-radius: Calculate impact radius of a finding */ import { SLOPAgent } from './base.js'; import { SLOPAgentConfig, SLOPToolCall, SLOPToolResult } from './types.js'; export interface AttackNode { id: string; findingId?: string; type: 'entry' | 'pivot' | 'escalation' | 'impact' | 'data'; name: string; description: string; technique?: string; severity: 'critical' | 'high' | 'medium' | 'low'; exploitability: number; metadata?: Record; } export interface AttackEdge { from: string; to: string; action: string; probability: number; requires?: string[]; } export interface AttackPath { id: string; name: string; nodes: AttackNode[]; edges: AttackEdge[]; entryPoint: string; finalImpact: string; totalProbability: number; narrative: string; mitreTechniques: string[]; } export interface BlastRadius { findingId: string; directImpact: string[]; indirectImpact: string[]; affectedSystems: string[]; dataAtRisk: string[]; estimatedDamage: 'catastrophic' | 'severe' | 'moderate' | 'limited'; containmentSteps: string[]; } export interface AttackSimulation { id: string; path: AttackPath; steps: SimulationStep[]; success: boolean; blockedAt?: string; totalTime: string; detectionPoints: string[]; } export interface SimulationStep { order: number; nodeId: string; action: string; result: 'success' | 'partial' | 'blocked'; output: string; detectable: boolean; timeEstimate: string; } export declare class ChainMapperAgent extends SLOPAgent { private pathCache; constructor(config: SLOPAgentConfig); handleToolCall(call: SLOPToolCall): Promise; /** * Trace exploitation path through findings */ private tracePath; /** * Find pivot points between vulnerabilities */ private findPivots; /** * Simulate an attack path */ private simulateAttack; /** * Generate attack report */ private generateReport; /** * Analyze blast radius of a finding */ private analyzeBlastRadius; /** * Map findings to MITRE ATT&CK */ private mapToMitre; private buildPath; private findingToNode; private canConnect; private categorizeType; private getConnectionAction; private calculateProbability; private severityScore; private generateNarrative; private generateStepOutput; private estimateTime; private calculateTotalTime; private generateMermaidGraph; private generateMarkdownReport; } export declare function createChainMapperAgent(port?: number, coordinatorUrl?: string): ChainMapperAgent;