DocsFeature inventory

Feature inventory

Exhaustive inventory of intended vs implemented features across the codebase.

Authoritative Feature Inventory

Generated: 2025-12-18 Purpose: Exhaustive inventory of all intended vs implemented features

Executive Summary

CategoryIntendedImplementedCoverage
Detection Plugins424095%
Novel Detectors88100%
Alert Types (DB)5151100%
CLI Commands53 core60%
Services1212100%
UI Pages77100%
Infrastructure6467%

Part 1: Detection Engine

1.1 Detection Plugins (40 Implemented)

Core Plugins (3)

PluginFileAlert TypeStatus
Install Scriptsinstall-scripts.tsinstallScripts✅ Implemented
Network Accessnetwork-access.tsnetworkAccess✅ Implemented
Typosquattyposquat.tstyposquat✅ Implemented

Novel Detectors (8) - Beyond Socket.dev

PluginFileAlert TypeStatus
Dependency Confusiondependency-confusion.tsdependencyConfusion✅ Implemented
Repojackingrepojacking.tsrepojacking✅ Implemented
Slopsquattingnovel/slopsquatting.ts(via typosquat)✅ Implemented
Remote Dynamic Depsnovel/remote-dynamic-deps.tshttpDependency✅ Implemented
Manifest Confusionnovel/manifest-confusion.tsmanifestConfusion✅ Implemented
IMDS Credential Theftnovel/imds-credential-theft.tsc2Communication✅ Implemented
Dead Man's Switchnovel/dead-mans-switch.tscustomNovel✅ Implemented
Star Jackingnovel/star-jacking.tssuspiciousStarActivity✅ Implemented
Steganographynovel/steganography.tscustomNovel✅ Implemented

Security Pattern Plugins (12)

PluginFileAlert TypeStatus
Obfuscationobfuscation.tsobfuscation✅ Implemented
Crypto Miningcrypto-mining.tscryptoMining✅ Implemented
Shell Executionshell-execution.tsshellExecution✅ Implemented
Eval Usageeval-usage.tsevalUsage✅ Implemented
Env Accessenv-access.tsenvAccess✅ Implemented
Base64 Secretsbase64-secrets.tsbase64Secrets✅ Implemented
Sensitive File Accesssensitive-file-access.tssensitiveFileAccess✅ Implemented
Dangerous APIsdangerous-apis.tsdangerousApi✅ Implemented
C2 Communicationc2-communication.tsc2Communication✅ Implemented
Git/HTTP Dependencygit-http-dependency.tsgitDependency, httpDependency✅ Implemented
URL Stringsurl-strings.tsurlStrings✅ Implemented
Troll/Protestwaretroll.tstroll✅ Implemented

Package Metadata Plugins (6)

PluginFileAlert TypeStatus
Telemetrytelemetry.tstelemetry✅ Implemented
Shrinkwrapshrinkwrap.tsshrinkwrap✅ Implemented
Trivial Packagetrivial-package.tstrivialPackage✅ Implemented
Native Codenative-code.tshasNativeCode✅ Implemented
Debug Accessdebug-access.tsdebugAccess✅ Implemented
Licenselicense.tsnoLicenseFound, copyleftLicense, etc.✅ Implemented

Quality/Maintenance Plugins (7)

PluginFileAlert TypeStatus
Unpopular Packageunpopular-package.tsunpopularPackage✅ Implemented
Deprecateddeprecated.tsdeprecated✅ Implemented
Unmaintainedunmaintained.tsunmaintained✅ Implemented
Floating Dependencyfloating-dependency.tsfloatingDependency✅ Implemented
Bad Semverbad-semver-dependency.tsbadSemverDependency✅ Implemented
Unstable Ownershipunstable-ownership.tsunstableOwnership✅ Implemented
Suspicious Star Activitysuspicious-star-activity.tssuspiciousStarActivity✅ Implemented

Author/Maintainer Plugins (3)

PluginFileAlert TypeStatus
Missing Authormissing-author.tsmissingAuthor✅ Implemented
New Authornew-author.tsnewAuthor✅ Implemented
CVEcve.tscve, criticalCve, highCve, mediumCve✅ Implemented

LLM-Based Analysis (1)

PluginFileAlert TypeStatus
LLM Analyzerllm-analyzer.tsllmFlagged✅ Implemented

1.2 Alert Types in Database (51 Total)

installScripts, networkAccess, typosquat, obfuscation, minifiedFile,
shellExecution, envAccess, evalUsage, base64Secrets, cryptoMining,
filesystemAccess, sensitiveFileAccess, dangerousApi, c2Communication,
gitDependency, gitHubDependency, httpDependency, telemetry, shrinkwrap,
trivialPackage, hasNativeCode, urlStrings, manifestConfusion, llmFlagged,
dependencyConfusion, repojacking, customNovel, debugAccess, unpopularPackage,
suspiciousStarActivity, deprecated, unmaintained, floatingDependency,
badSemverDependency, unstableOwnership, missingAuthor, newAuthor, troll,
cve, criticalCve, highCve, mediumCve, noLicenseFound, copyleftLicense,
nonpermissiveLicense, unidentifiedLicense, ambiguousLicense, explicitlyUnlicensed

Part 2: Antifragile Architecture

2.1 Evolution Engine

ComponentFileStatus
Engine Coresrc/lib/detection/evolution/engine.ts✅ Implemented
Gap Analysis Promptssrc/lib/detection/evolution/prompts.ts✅ Implemented
Rule Generation Promptssrc/lib/detection/evolution/prompts.ts✅ Implemented
Rule Storesrc/lib/detection/evolution/rule-store.ts✅ Implemented
Integration Layersrc/lib/detection/evolution/integration.ts✅ Implemented
Typessrc/lib/detection/evolution/types.ts✅ Implemented

2.2 Remediation Engine

ComponentFileStatus
Engine Coresrc/lib/remediation/engine.ts✅ Implemented
Scope Assessment Promptssrc/lib/remediation/prompts.ts✅ Implemented
Patch Generation Promptssrc/lib/remediation/prompts.ts✅ Implemented
Diff Utilitiessrc/lib/remediation/diff-utils.ts✅ Implemented
Patch Validatorsrc/lib/remediation/validator.ts✅ Implemented
Typessrc/lib/remediation/types.ts✅ Implemented

2.3 Sandbox Architecture

ComponentFileStatus
Local Providersrc/lib/sandbox/providers/local.ts✅ Implemented (Dev/Test)
Lambda Providersrc/lib/sandbox/providers/lambda.ts⚠️ Stub only
Firecracker ProviderN/A❌ Not Implemented
Security Hardeningsrc/lib/sandbox/security.ts✅ Implemented
Lambda Handlersrc/lib/sandbox/lambda/handler.ts✅ Implemented
Lambda Executorsrc/lib/sandbox/lambda/executor.ts✅ Implemented

2.4 Antifragile Pipeline

ComponentFileStatus
Pipeline Orchestratorsrc/lib/antifragile/pipeline.ts✅ Implemented
Integration Hooksrc/lib/antifragile/integration.ts✅ Implemented
Review Queuesrc/lib/antifragile/review-queue.ts✅ Implemented
Loggersrc/lib/antifragile/logger.ts✅ Implemented

Part 3: NPM Integration

3.1 Registry Client

ComponentFileStatus
Registry Clientsrc/lib/npm/registry-client.ts✅ Implemented
Package Fetchersrc/lib/npm/package-fetcher.ts✅ Implemented
Changes Feedsrc/lib/npm/changes-feed.ts✅ Implemented
Checkpoint Persistencesrc/lib/npm/checkpoint.ts✅ Implemented

3.2 NPM Proxy

ComponentFileStatus
Proxy Serversrc/lib/npm-proxy/server.ts✅ Implemented
Cache Layersrc/lib/npm-proxy/cache.ts✅ Implemented
Policy Enginesrc/lib/npm-proxy/policy.ts✅ Implemented
Policy Modes(strict, warn, audit)✅ Implemented

Part 4: Services Layer

4.1 Core Services

ServiceFileStatus
MalwareDetectionServicesrc/services/malware-detection/MalwareDetectionService.ts✅ Implemented
LiveScannersrc/services/npm-monitor/LiveScanner.ts✅ Implemented
TopPackagesSyncServicesrc/services/top-packages-sync/TopPackagesSyncService.ts✅ Implemented

4.2 Admin Services

ServiceFileStatus
AlertServicesrc/services/alerts/AlertService.ts✅ Implemented
RuleLifecycleServicesrc/services/rules/RuleLifecycleService.ts✅ Implemented
FalsePositiveServicesrc/services/rules/FalsePositiveService.ts✅ Implemented
AntiPoisoningServicesrc/services/rules/AntiPoisoningService.ts✅ Implemented
RuleValidationServicesrc/services/rules/RuleValidationService.ts✅ Implemented

4.3 User Services

ServiceFileStatus
UserServicesrc/services/users/UserService.ts✅ Implemented
User Middlewaresrc/services/users/middleware.ts✅ Implemented
CliAuthServicesrc/services/cli-auth/CliAuthService.ts✅ Implemented

4.4 Patch Services

ServiceFileStatus
PatchServicesrc/services/patches/PatchService.ts✅ Implemented

Part 5: Infrastructure

5.1 Queue System

ComponentFileStatus
Scan Queuesrc/lib/queue/scan-queue.ts✅ Implemented
BullMQ Integration(via queue module)✅ Implemented

5.2 Redis Pub/Sub

ComponentFileStatus
Scan Pub/Subsrc/lib/redis/scan-pubsub.ts✅ Implemented

5.3 GraphQL API

ComponentFileStatus
Schema Buildersrc/graphql/builder.ts✅ Implemented
Scan Mutationssrc/graphql/schema/mutations/scan-mutations.ts✅ Implemented
Scan Subscriptionssrc/graphql/schema/subscriptions/scan-subscriptions.ts✅ Implemented
Admin Schemasrc/graphql/schema/admin.ts✅ Implemented
API Routeapp/api/graphql/route.ts✅ Implemented

Part 6: CLI

6.1 Commands

CommandFileStatus
scansrc/cli/commands/scan.ts✅ Implemented
batchsrc/cli/commands/batch.ts✅ Implemented
livesrc/cli/commands/live.ts✅ Implemented
config(planned)❌ Not Implemented
completion(planned)❌ Not Implemented

6.2 CLI Features

FeatureStatus
npm package scanning✅ Implemented
Local directory scanning✅ Implemented
Tarball scanning✅ Implemented
Stdin scanning✅ Implemented
JSON output✅ Implemented
NDJSON output✅ Implemented
Console reporter✅ Implemented

Part 7: Web Dashboard

7.1 Pages

PageFileStatus
Live Feedapp/page.tsx✅ Implemented
Analyticsapp/analytics/page.tsx✅ Implemented
Package Detailsapp/npm/[...pkg]/page.tsx✅ Implemented
Investigationapp/investigation/[id]/page.tsx✅ Implemented
Searchapp/search/page.tsx✅ Implemented
Alert Docsapp/docs/alerts/page.tsx✅ Implemented
CLI Authapp/auth/cli/page.tsx✅ Implemented

7.2 Components

ComponentFileStatus
AppShellcomponents/layout/AppShell.tsx✅ Implemented
SidebarNavcomponents/layout/SidebarNav.tsx✅ Implemented
TopBarcomponents/layout/TopBar.tsx✅ Implemented
LiveFeedViewcomponents/live-feed/LiveFeedView.tsx✅ Implemented
LiveFeedVirtualListcomponents/live-feed/LiveFeedVirtualList.tsx✅ Implemented
AnalyticsDashboardcomponents/charts/AnalyticsDashboard.tsx✅ Implemented
ThreatTrendAreaChartcomponents/charts/ThreatTrendAreaChart.tsx✅ Implemented
ThreatLevelPieChartcomponents/charts/ThreatLevelPieChart.tsx✅ Implemented
AlertTypeBarChartcomponents/charts/AlertTypeBarChart.tsx✅ Implemented
SearchFormcomponents/search/SearchForm.tsx✅ Implemented

Part 8: Database Models

8.1 Core Models

ModelStatus
Scan✅ Implemented
Alert✅ Implemented
TopPackage✅ Implemented
ChangesFeedCheckpoint✅ Implemented
PrivateRegistryConfig✅ Implemented

8.2 User Management

ModelStatus
User✅ Implemented
LinkedRepo✅ Implemented
CliToken✅ Implemented
CliAuthState✅ Implemented

8.3 Rule Lifecycle

ModelStatus
DetectionRule✅ Implemented
RulePromotionVote✅ Implemented
UserRuleSetting✅ Implemented

8.4 False Positive Management

ModelStatus
FalsePositiveReport✅ Implemented
HistoricalFalsePositive✅ Implemented
RateLimitEntry✅ Implemented

8.5 Admin System

ModelStatus
AdminAlert✅ Implemented
Patch✅ Implemented
HostedPackage✅ Implemented

Part 9: Future/Planned Features

9.1 Not Implemented

FeatureDocumentationPriority
Firecracker Sandboxdocs/FIRECRACKER_SETUP.mdMedium
CLI config commandsrc/cli/README.mdLow
CLI completion commandsrc/cli/README.mdLow
Worker Pool (Piscina)docs/worker-pool-design.mdMedium
Slack Integrationdocs/design/RULE_LIFECYCLE_AND_ADMIN.mdMedium
GitHub PR Patchesdocs/design/RULE_LIFECYCLE_AND_ADMIN.mdLow

9.2 Designed but Not Started

FeatureDocumentation
Immune System Model V2docs/design/ANTIFRAGILE_V2_DESIGN.md
Signal Taxonomy (4 levels)docs/design/ANTIFRAGILE_V2_DESIGN.md
Red Team Self-Testingdocs/design/ANTIFRAGILE_V2_DESIGN.md
Pattern Lifecycle Statesdocs/design/ANTIFRAGILE_V2_DESIGN.md

Part 10: Test Coverage

10.1 Test Statistics

  • Total Tests: 2685
  • All Passing: ✅ Yes
  • Coverage: Unit, Integration, Component, E2E

10.2 Test Types

TypePatternStatus
Unit Tests*.test.ts✅ Comprehensive
Integration Tests*.integration.test.ts✅ Implemented
Component Tests*.test.tsx✅ Implemented
E2E Testssrc/cli/*.e2e.test.ts✅ Implemented

Summary

What's Complete (Production Ready)

  1. 40 Detection Plugins covering all major threat categories
  2. 8 Novel Detectors beyond Socket.dev's capabilities
  3. Evolution Engine for learning from LLM detections
  4. Remediation Engine for generating patches
  5. NPM Registry Integration with changes feed
  6. NPM Proxy with caching and policy modes
  7. GraphQL API with subscriptions
  8. CLI with scan, batch, and live commands
  9. Web Dashboard with live feed, analytics, and search
  10. Rule Lifecycle System with admin management
  11. Anti-Poisoning Protection
  12. Timeout Handling for resilience

What's Partially Complete

  1. Sandbox - Local provider secured, Lambda stub only
  2. CLI - 3 of 5 commands implemented

What's Not Implemented

  1. Firecracker microVM sandbox (documented, not built)
  2. CLI config/completion commands
  3. Slack alerting integration
  4. GitHub PR auto-patching
  5. Immune System V2 architecture