agentshield/parser/
mod.rs

1pub mod json_schema;
2pub mod python;
3pub mod shell;
4pub mod typescript;
5
6use std::path::Path;
7
8use crate::error::Result;
9use crate::ir::execution_surface::*;
10use crate::ir::{Language, SourceLocation};
11
12/// Result of parsing a single source file.
13#[derive(Debug, Clone, Default)]
14pub struct ParsedFile {
15    pub commands: Vec<CommandInvocation>,
16    pub file_operations: Vec<FileOperation>,
17    pub network_operations: Vec<NetworkOperation>,
18    pub env_accesses: Vec<EnvAccess>,
19    pub dynamic_exec: Vec<DynamicExec>,
20    /// Names of function parameters (for tool argument tracking).
21    pub function_params: Vec<FunctionParam>,
22}
23
24/// A function parameter discovered in source code.
25#[derive(Debug, Clone)]
26pub struct FunctionParam {
27    pub function_name: String,
28    pub param_name: String,
29    pub location: SourceLocation,
30}
31
32/// Language parser trait. Each parser extracts security-relevant operations
33/// from source files.
34pub trait LanguageParser: Send + Sync {
35    fn language(&self) -> Language;
36    fn parse_file(&self, path: &Path, content: &str) -> Result<ParsedFile>;
37}
38
39/// Get the appropriate parser for a language.
40pub fn parser_for_language(lang: Language) -> Option<Box<dyn LanguageParser>> {
41    match lang {
42        Language::Python => Some(Box::new(python::PythonParser)),
43        Language::TypeScript | Language::JavaScript => Some(Box::new(typescript::TypeScriptParser)),
44        Language::Shell => Some(Box::new(shell::ShellParser)),
45        _ => None,
46    }
47}
agentshield/parser/mod.rs

agentshield/parser/
mod.rs
