i dZddlZddlZddlmZmZddlmZmZddlm Z ddl m Z m Z ddhZ d d d d d ZddddZeGddZeGddZgdZdZdZdZhdZhdZhdZd6de dede efd Zd7d"e d#edefd$Zd8d&ed'ede eeffd(Zd&edefd)Zd"e defd*Zd+e de efd,Z d-edefd.Z!d#edefd/Z"d0e edefd1Z#d2ed#ed3ed4ed0e edef d5Z$dS)9u Skills Guard — Security scanner for externally-sourced skills. Every skill downloaded from a registry passes through this scanner before installation. It uses regex-based static analysis to detect known-bad patterns (data exfiltration, prompt injection, destructive commands, persistence, etc.) and a trust-aware install policy that determines whether a skill is allowed based on both the scan verdict and the source's trust level. Trust levels: - builtin: Ships with Hermes. Never scanned, always trusted. - trusted: openai/skills and anthropics/skills only. Caution verdicts allowed. - community: Everything else. Any findings = blocked unless --force. Usage: from tools.skills_guard import scan_skill, should_allow_install, format_scan_report result = scan_skill(Path("skills/.hub/quarantine/some-skill"), source="community") allowed, reason = should_allow_install(result) if not allowed: print(format_scan_report(result)) N) dataclassfield)datetimetimezone)Path)ListTuplez openai/skillszanthropics/skills)allowr r )r r block)r r r )r r ask)builtintrusted community agent-created)safecaution dangerouscVeZdZUeed<eed<eed<eed<eed<eed<eed<dS) Finding pattern_idseveritycategoryfilelinematch descriptionN)__name__ __module__ __qualname__str__annotations__int7/home/ubuntu/.hermes/hermes-agent/tools/skills_guard.pyrr<sTOOOMMMMMM III III JJJr&rceZdZUeed<eed<eed<eed<eeZee ed<dZ eed<dZ eed <d S) ScanResult skill_namesource trust_levelverdict)default_factoryfindings scanned_atsummaryN) rr r!r"r#rlistr/rrr1r2r%r&r'r)r)GszOOO KKK LLL#eD999Hd7m999JGSr&r))x)z?curl\s+[^\n]*\$\{?\w*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|API)env_exfil_curlcritical exfiltrationz6curl command interpolating secret environment variable)z?wget\s+[^\n]*\$\{?\w*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL|API)env_exfil_wgetr5r6z6wget command interpolating secret environment variable)z7fetch\s*\([^\n]*\$\{?\w*(KEY|TOKEN|SECRET|PASSWORD|API)env_exfil_fetchr5r6z6fetch() call interpolating secret environment variable)zBhttpx?\.(get|post|put|patch)\s*\([^\n]*(KEY|TOKEN|SECRET|PASSWORD)env_exfil_httpxr5r6z&HTTP library call with secret variable)zDrequests\.(get|post|put|patch)\s*\([^\n]*(KEY|TOKEN|SECRET|PASSWORD)env_exfil_requestsr5r6z*requests library call with secret variable)zbase64[^\n]*env encoded_exfilhighr6z0base64 encoding combined with environment access)z\$HOME/\.ssh|\~/\.sshssh_dir_accessr<r6zreferences user SSH directory)z\$HOME/\.aws|\~/\.awsaws_dir_accessr<r6z)references user AWS credentials directory)z\$HOME/\.gnupg|\~/\.gnupggpg_dir_accessr<r6zreferences user GPG keyring)z\$HOME/\.kube|\~/\.kubekube_dir_accessr<r6z&references Kubernetes config directory)z\$HOME/\.docker|\~/\.dockerdocker_dir_accessr<r6z5references Docker config (may contain registry creds))z'\$HOME/\.hermes/\.env|\~/\.hermes/\.envhermes_env_accessr5r6z'directly references Hermes secrets file)zAcat\s+[^\n]*(\.env|credentials|\.netrc|\.pgpass|\.npmrc|\.pypirc)read_secrets_filer5r6zreads known secrets file)zprintenv|env\s*\| dump_all_envr<r6zdumps all environment variables)z*os\.environ\b(?!\s*\.get\s*\(\s*["\']PATH)python_os_environr<r6z(accesses os.environ (potential env dump))z@os\.getenv\s*\(\s*[^\)]*(?:KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)python_getenv_secretr5r6zreads secret via os.getenv())zprocess\.env\[node_process_envr<r6z*accesses process.env (Node.js environment))z$ENV\[.*(?:KEY|TOKEN|SECRET|PASSWORD)ruby_env_secretr5r6zreads secret via Ruby ENV[])z \b(dig|nslookup|host)\s+[^\n]*\$ dns_exfilr5r6zBDNS lookup with variable interpolation (possible DNS exfiltration))z,>\s*/tmp/[^\s]*\s*&&\s*(curl|wget|nc|python) tmp_stagingr5r6zwrites to /tmp then exfiltrates)z!\[.*\]\(https?://[^\)]*\$\{?md_image_exfilr<r6zBmarkdown image URL with variable interpolation (image-based exfil))z\[.*\]\(https?://[^\)]*\$\{? md_link_exfilr<r6z)markdown link with variable interpolation)z=ignore\s+(?:\w+\s+)*(previous|all|above|prior)\s+instructionsprompt_injection_ignorer5 injectionz.prompt injection: ignore previous instructions)zyou\s+are\s+(?:\w+\s+)*now\s+ role_hijackr<rNz%attempts to override the agent's role)z2do\s+not\s+(?:\w+\s+)*tell\s+(?:\w+\s+)*the\s+userdeception_hider5rNz-instructs agent to hide information from user)zsystem\s+prompt\s+overridesys_prompt_overrider5rNz&attempts to override the system prompt)z+pretend\s+(?:\w+\s+)*(you\s+are|to\s+be)\s+ role_pretendr<rNz6attempts to make the agent assume a different identity)zRdisregard\s+(?:\w+\s+)*(your|all|any)\s+(?:\w+\s+)*(instructions|rules|guidelines)disregard_rulesr5rNz&instructs agent to disregard its rules)z-output\s+(?:\w+\s+)*(system|initial)\s+promptleak_system_promptr<rNz%attempts to extract the system prompt)z.(when|if)\s+no\s*one\s+is\s+(watching|looking)conditional_deceptionr<rNz=conditional instruction to behave differently when unobserved)zwact\s+as\s+(if|though)\s+(?:\w+\s+)*you\s+(?:\w+\s+)*(have\s+no|don\'t\s+have)\s+(?:\w+\s+)*(restrictions|limits|rules)bypass_restrictionsr5rNz+instructs agent to act without restrictions)z5translate\s+.*\s+into\s+.*\s+and\s+(execute|run|eval)translate_executer5rNz(translate-then-execute evasion technique)z9html_comment_injectionr<rNz$hidden instructions in HTML comments)z5<\s*div\s+style\s*=\s*["\'][\s\S]*?display\s*:\s*none hidden_divr<rNz(hidden HTML div (invisible instructions))z rm\s+-rf\s+/destructive_root_rmr5 destructivezrecursive delete from root)z+rm\s+(-[^\s]*)?r.*\$HOME|\brmdir\s+.*\$HOMEdestructive_home_rmr5r[z)recursive delete targeting home directory)z chmod\s+777insecure_permsmediumr[zsets world-writable permissions)z >\s*/etc/system_overwriter5r[z$overwrites system configuration file)z\bmkfs\bformat_filesystemr5r[zformats a filesystem)z\bdd\s+.*if=.*of=/dev/disk_overwriter5r[zraw disk write operation)zshutil\.rmtree\s*\(\s*[\"\'/] python_rmtreer<r[z/Python rmtree on absolute or root-relative path)ztruncate\s+-s\s*0\s+/truncate_systemr5r[z#truncates system file to zero bytes)z \bcrontab\bpersistence_cronr^ persistencezmodifies cron jobs)zB\.(bashrc|zshrc|profile|bash_profile|bash_login|zprofile|zlogin)\b shell_rc_modr^rezreferences shell startup file)authorized_keys ssh_backdoorr5rezmodifies SSH authorized keys)z ssh-keygen ssh_keygenr^rezgenerates SSH keys)z-systemd.*\.service|systemctl\s+(enable|start)systemd_servicer^rez%references or enables systemd service)z /etc/init\.d/ init_scriptr^rez references init.d startup script)z+launchctl\s+load|LaunchAgents|LaunchDaemons macos_launchdr^rez%macOS launch agent/daemon persistence)z/etc/sudoers|visudo sudoers_modr5rez'modifies sudoers (privilege escalation))zgit\s+config\s+--global\s+git_config_globalr^rez!modifies global git configuration)z#\bnc\s+-[lp]|ncat\s+-[lp]|\bsocat\b reverse_shellr5networkz potential reverse shell listener)z4\bngrok\b|\blocaltunnel\b|\bserveo\b|\bcloudflared\btunnel_servicer<rpz*uses tunneling service for external access)z*\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d{2,5}hardcoded_ip_portr^rpzhardcoded IP address with port)z0\.0\.0\.0:\d+|INADDR_ANYbind_all_interfacesr<rpzbinds to all network interfaces)z /bin/(ba)?sh\s+-i\s+.*>/dev/tcp/bash_reverse_shellr5rpz+bash interactive reverse shell via /dev/tcp)z'python[23]?\s+-c\s+["\']import\s+socketpython_socket_onelinerr5rpz9Python one-liner socket connection (likely reverse shell))zsocket\.connect\s*\(\s*\(python_socket_connectr<rpz'Python socket connect to arbitrary host)z9webhook\.site|requestbin\.com|pipedream\.net|hookbin\.com exfil_servicer<rpz:references known data exfiltration/webhook testing service)z&pastebin\.com|hastebin\.com|ghostbin\. paste_servicer^rpz0references paste service (possible data staging))zbase64\s+(-d|--decode)\s*\|base64_decode_piper< obfuscationz%base64 decodes and pipes to execution)z7\\x[0-9a-fA-F]{2}.*\\x[0-9a-fA-F]{2}.*\\x[0-9a-fA-F]{2}hex_encoded_stringr^rzz)hex-encoded string (possible obfuscation))z\beval\s*\(\s*["\'] eval_stringr<rzzeval() with string argument)z\bexec\s*\(\s*["\'] exec_stringr<rzzexec() with string argument)z1echo\s+[^\n]*\|\s*(bash|sh|python|perl|ruby|node)echo_pipe_execr5rzz'echo piped to interpreter for execution)z?compile\s*\(\s*[^\)]+,\s*["\'].*["\']\s*,\s*["\']exec["\']\s*\)python_compile_execr<rzzPython compile() with exec mode)zgetattr\s*\(\s*__builtins__python_getattr_builtinsr<rzz5dynamic access to Python builtins (evasion technique))z#__import__\s*\(\s*["\']os["\']\s*\)python_import_osr<rzzdynamic import of os module)zcodecs\.decode\s*\(\s*["\']python_codecs_decoder^rzz6codecs.decode (possible ROT13 or encoding obfuscation))zString\.fromCharCode|charCodeAt js_char_coder^rzz=JavaScript character code construction (possible obfuscation))zatob\s*\(|btoa\s*\( js_base64r^rzzJavaScript base64 encode/decode)z\[::-1\]string_reversallowrzz-string reversal (possible obfuscated payload))z)chr\s*\(\s*\d+\s*\)\s*\+\s*chr\s*\(\s*\d+ chr_buildingr<rzz.building string from chr() calls (obfuscation))z7\\u[0-9a-fA-F]{4}.*\\u[0-9a-fA-F]{4}.*\\u[0-9a-fA-F]{4}unicode_escape_chainr^rzz/chain of unicode escapes (possible obfuscation))z.subprocess\.(run|call|Popen|check_output)\s*\(python_subprocessr^ executionzPython subprocess execution)zos\.system\s*\(python_os_systemr<ru)os.system() — unguarded shell execution)zos\.popen\s*\(python_os_popenr<ru#os.popen() — shell pipe execution)z%child_process\.(exec|spawn|fork)\s*\(node_child_processr<rzNode.js child_process execution)zRuntime\.getRuntime\(\)\.exec\(java_runtime_execr<ru'Java Runtime.exec() — shell execution)z`[^`]*\$\([^)]+\)[^`]*`backtick_subshellr^rz)backtick string with command substitution)z\.\./\.\./\.\.path_traversal_deepr< traversalz+deep relative path traversal (3+ levels up))z \.\./\.\.path_traversalr^rz&relative path traversal (2+ levels up))z/etc/passwd|/etc/shadowsystem_passwd_accessr5rz references system password files)z/proc/self|/proc/\d+/ proc_accessr<rz3references /proc filesystem (process introspection))z /dev/shm/dev_shmr^rz.references shared memory (common staging area))z.xmrig|stratum\+tcp|monero|coinhive|cryptonight crypto_miningr5miningzcryptocurrency mining reference)zhashrate|nonce.*difficultymining_indicatorsr^rz)possible cryptocurrency mining indicators)zcurl\s+[^\n]*\|\s*(ba)?shcurl_pipe_shellr5 supply_chainz*curl piped to shell (download-and-execute))z"wget\s+[^\n]*-O\s*-\s*\|\s*(ba)?shwget_pipe_shellr5rz*wget piped to shell (download-and-execute))zcurl\s+[^\n]*\|\s*pythoncurl_pipe_pythonr5rz curl piped to Python interpreter)z#\s*///\s*script.*dependenciespep723_inline_depsr^rzAPEP 723 inline script metadata with dependencies (verify pinning))z pip\s+install\s+(?!-r\s)(?!.*==)unpinned_pip_installr^rz#pip install without version pinning)znpm\s+install\s+(?!.*@\d)unpinned_npm_installr^rz#npm install without version pinning)z uv\s+run\s+uv_runr^rz/uv run (may auto-install unpinned dependencies))zD(curl|wget|httpx?\.get|requests\.get|fetch)\s*[\(]?\s*["\']https?:// remote_fetchr^rz"fetches remote resource at runtime)zgit\s+clone\s+ git_cloner^rz"clones a git repository at runtime)zdocker\s+pull\s+ docker_pullr^rzpulls a Docker image at runtime)z^allowed-tools\s*:allowed_tools_fieldr<privilege_escalationz7skill declares allowed-tools (pre-approves tool access))z\bsudo\b sudo_usager<rz uses sudo (privilege escalation))zsetuid|setgid|cap_setuid setuid_setgidr5rz.setuid/setgid (privilege escalation mechanism))NOPASSWD nopasswd_sudor5rz:NOPASSWD sudoers entry (passwordless privilege escalation))zchmod\s+[u+]?ssuid_bitr5rzsets SUID/SGID bit on a file)z0AGENTS\.md|CLAUDE\.md|\.cursorrules|\.clinerulesagent_config_modr5rezTreferences agent config files (could persist malicious instructions across sessions))z'\.hermes/config\.yaml|\.hermes/SOUL\.mdhermes_config_modr5rez.references Hermes configuration files directly)z \.claude/settings|\.codex/configother_agent_configr<rez*references other agent configuration files)zI(?:api[_-]?key|token|secret|password)\s*[=:]\s*["\'][A-Za-z0-9+/=_-]{20,}hardcoded_secretr5credential_exposurez,possible hardcoded API key, token, or secret)z(-----BEGIN\s+(RSA\s+)?PRIVATE\s+KEY-----embedded_private_keyr5rzembedded private key)z0ghp_[A-Za-z0-9]{36}|github_pat_[A-Za-z0-9_]{80,}github_token_leakedr5rz-GitHub personal access token in skill content)zsk-[A-Za-z0-9]{20,}openai_key_leakedr5rz(possible OpenAI API key in skill content)zsk-ant-[A-Za-z0-9_-]{90,}anthropic_key_leakedr5rz+possible Anthropic API key in skill content)zAKIA[0-9A-Z]{16}aws_access_key_leakedr5rz"AWS access key ID in skill content)z"\bDAN\s+mode\b|Do\s+Anything\s+Now jailbreak_danr5rNz'DAN (Do Anything Now) jailbreak attempt)z"\bdeveloper\s+mode\b.*\benabled?\bjailbreak_dev_moder5rNz developer mode jailbreak attempt)z3hypothetical\s+scenario.*(?:ignore|bypass|override)hypothetical_bypassr<rNz1hypothetical scenario used to bypass restrictions)z$for\s+educational\s+purposes?\s+onlyeducational_pretextr^rNz9educational pretext often used to justify harmful content)zW(respond|answer|reply)\s+without\s+(?:\w+\s+)*(restrictions|limitations|filters|safety)remove_filtersr5rNz1instructs agent to respond without safety filters)z>you\s+have\s+been\s+(?:\w+\s+)*(updated|upgraded|patched)\s+to fake_updater<rNz3fake update/patch announcement (social engineering))z8new\s+policy|updated\s+guidelines|revised\s+instructions fake_policyr^rNz8claims new policy/guidelines (may be social engineering))zh(include|output|print|send|share)\s+(?:\w+\s+)*(conversation|chat\s+history|previous\s+messages|context) context_exfilr<r6z4instructs agent to output/share conversation history)z6(send|post|upload|transmit)\s+.*\s+(to|at)\s+https?:// send_to_urlr<r6z%instructs agent to send data to a URL2>.r.jl.js.md.ts.cfg.css.ini.php.tex.txt.xml.yml.conf.html.json.toml.yaml.pl.py.rb.sh.bash> .so.app.bin.com.dat.deb.dll.dmg.exe.msi.rpm.dylib>​‌‍‪‫‬‭‮⁠⁢⁣⁤⁦⁧⁨⁩r0 file_pathrel_pathreturnc|s|j}|jtvr |jdkrgS |d}n#t t f$rgcYSwxYwg}|d}t}tD]\}}}} } t|dD]\} } || f|vr tj || tj rt||| f| } t!| dkr | dd d z} |t%||| || | | t|dD]f\} } t&D]Y}|| vrSt)|}|t%d d d|| dt+|dd|dd|d nZg|S)a Scan a single file for threat patterns and invisible unicode characters. Args: file_path: Absolute path to the file rel_path: Relative path for display (defaults to file_path.name) Returns: List of findings (deduplicated per pattern per line) zSKILL.mdzutf-8)encoding r)startxNuz...rrrrrrrinvisible_unicoder<rNU+04X ()zinvisible unicode character z! (possible text hiding/injection))namesuffixlowerSCANNABLE_EXTENSIONS read_textUnicodeDecodeErrorOSErrorsplitsetTHREAT_PATTERNS enumerateresearch IGNORECASEaddstriplenappendrINVISIBLE_CHARS_unicode_char_nameord)rrcontentr/linesseenpatternpidrrrir matched_textchar char_names r' scan_filer"sW ">';;; R\@\@\ %%w%77  ( H MM$  E 55D:I5h+ a000  GAtQx4y$ 66 #q"""#zz|| |$$s**#/#5#=L"%%!& +!!! &U!,,,  4#  Dt||.t44 2#(!1 - -BbzH7W!3WWfnWWWWW   1v~ 1 1FO$$ 1 1 1  5 0f&8 0 0FN 0 06?## 0 0 0   FF& F F&. F F v   F F F r&c  g}|j}|d|jd|jd|jd||jrddddd  t|j fd  }|D]}|j d }|j d }|j d|j  d}|d|d|d|d|j ddd |dt|\}} |durd} n|d} nd} |d| d| d|S)z Format a scan result as a human-readable report string. Returns a compact multi-line report suitable for CLI or chat display. zScan: r/z ) Verdict: rrr)r5r<r^rc:|jdS)N)r:r)r3severity_orders r'z$format_scan_report..s@R@RSTS]_`@a@ar&)key:z  z "N<"r0TALLOWEDzNEEDS CONFIRMATIONBLOCKEDz Decision:  — r)r-upperrr*r+r,r/sortedrljustrrrrr?join) r6rverdict_displaysorted_findingsr3sevcatlocallowedreasonstatusrEs @r'format_scan_reportr^s En**,,O LLp&+ppv}ppv?Qpp_nppqqq  &'aJJ 6a6a6a6abbb  D DA*""$$**1--C*""2&&CV&&af&&,,R00C LLBcBBCBB#BB!'#2#,BBB C C C C R*622OGV$ % LL3f33633444 99U  r&ctj}|rst|dD]O}|r9 ||?#t$rYKwxYwPn;|r'||d| ddS)zPCompute a SHA-256 hash of all files in a skill directory for integrity tracking.r%zsha256:N) hashlibsha256r'rSr*r+update read_bytesr  hexdigest)r#hr3s r' content_hashrgsA* ((--..  Ayy{{ HHQ\\^^,,,,H       * &&(())) )Q[[]]3B3' ) ))s!'B  BB skill_dircg}d}d}|dD]#}|s|s,t||}|dz }|r |}||s,|tddd|dd|d n9#t$r,|td d d|dd d YnwxYw | j }||z }n#t$rY8wxYw|tdzkr>|tdd d|d|dzdd|dzdtd |j }|tvr0|tddd|dd|d|d |dvrE| jdzr)|tdd d|ddd %|t"kr8|tdd ddd|d d!|d"t"d# |t$dzkr>|td$d%ddd|dzd&d'|dzd(t$d |S))a Check the skill directory for structural anomalies: - Too many files - Suspiciously large total size - Binary/executable files that shouldn't be in a skill - Symlinks pointing outside the skill directory - Individual files that are too large rr%rsymlink_escaper5rz symlink -> z*symlink points outside the skill directoryrbroken_symlinkr^zbroken symlinkzbroken or circular symlinkroversized_file structuralKBzfile is z KB (limit: zKB) binary_filezbinary: zbinary/executable file (z) should not be in a skill)rrrrrIunexpected_executablezexecutable bit setzBfile has executable permission but is not a recognized script typetoo_many_filesz (directory)z filesz skill has z files (limit: roversized_skillr<zKB totalz skill is zKB total (limit: )r*r+ is_symlinkr"r,resolveis_relative_torrr statst_sizeMAX_SINGLE_FILE_KBrrSUSPICIOUS_BINARY_EXTENSIONSst_modeMAX_FILE_COUNTMAX_TOTAL_SIZE_KB) rhr/ file_count total_sizer3r4resolvedsizeexts r'r)r)sHJJ __S ! !KKyy{{ 1<<>>  !-- **++a  <<>>  99;;..y/@/@/B/BCC OOG#3!+!, 6H66$P%%%   /%(* <!!!   6688#D $ JJ    H  $t+ + + OOG+!%)))Wtt|WW@RWWW   hnn . . . OOG(#%&&&VsVVV    ; ; ;@PSX@X ; OOG2!%*`   N""'!'''QZQQQQQ      %,,,(!4'111_J$$6__IZ___       Os%A'C,,3D"!D"(E EEr ciddddddddd d d d d ddddddddddddddddddd d!d"}||d#t|d$S)%z7Get a readable name for an invisible unicode character.rzzero-width spacerzzero-width non-joinerrzzero-width joinerrz word joinerrzinvisible timesrzinvisible separatorrzinvisible plusrzBOM/zero-width no-break spacerz LTR embeddingrz RTL embeddingrzpop directionalrz LTR overriderz RTL overriderz LTR isolaterz RTL isolaterzfirst strong isolaterzpop directional isolaterr)r:r)r namess r'rrWs $ )  %  -   #   '   "  1  /  /  #  .  .  -  -  (! " +# E& 99T/D /// 0 00r&cd}|}|D]0}||r|t|d}n1|dkrdS|ds|dkrdStD] }||s||krdS!dS) z)Map a source identifier to a trust level.)z skills-sh/z skills.sh/z skils-sh/z skils.sh/Nrz official/officialr rr) startswithr TRUSTED_REPOS)r+prefix_aliasesnormalized_sourceprefixrs r'r&r&tsN    ' ' / /  1#f++,, ?  E  O++##K004E4S4Sy   ' ' 0 0 4E4P4P995Q ;r&r/c|sdStd|D}td|D}|rdS|rdSdS)z6Determine the overall verdict from a list of findings.rc3,K|]}|jdkVdS)r5Nr.0r3s r' z%_determine_verdict..s)BBAqzZ/BBBBBBr&c3,K|]}|jdkVdS)r<Nrrs r'rz%_determine_verdict..s)::A1:'::::::r&rr)any)r/ has_criticalhas_highs r'r-r-sf vBBBBBBBL:::::::H{y 9r&rtrustr-c |s|dStd|D}|d|dt|ddt|S)z,Build a one-line summary of the scan result.z!: clean scan, no threats detectedc3$K|] }|jV dS)N)rrs r'rz!_build_summary..s$22AQZ222222r&z: rQz finding(s) in z, )r rrUrS)rr+rr-r/ categoriess r'r.r.st :99992222222J a ag a aCMM a a$))FS]L^L^B_B_ a aar&)r0)r)F)%__doc__rra dataclassesrrrrpathlibrtypingrr rr9r;rr)r r|r}ryrrzrr"r"r5boolr?r^rgr)rr&r-r.r%r&r'rsM. ((((((((''''''''!"56 433 2  qq99     RRRj     2>>>>d7m>>>>B,,4,,z,,,,^"""D"U4QT9EU""""J!z!c!!!!H *T *c * * * *&rrgrrrrj1S1S1111:6 g 3    bbcb#bbtT[}badbbbbbbr&