// knowledge-atlas.test.mjs — Tests for MITRE ATLAS IDs in knowledge files + Norwegian context // Verifies: each knowledge file contains AML.T references; norwegian-context.md exists and has content import { describe, it } from 'node:test'; import assert from 'node:assert/strict'; import { readFileSync } from 'node:fs'; import { resolve } from 'node:path'; import { fileURLToPath } from 'node:url'; const __dirname = fileURLToPath(new URL('.', import.meta.url)); const ROOT = resolve(__dirname, '../..'); const KNOWLEDGE = resolve(ROOT, 'knowledge'); function readKnowledge(filename) { try { return readFileSync(resolve(KNOWLEDGE, filename), 'utf-8'); } catch { return null; } } // --------------------------------------------------------------------------- // ATLAS IDs in OWASP and threat pattern files // --------------------------------------------------------------------------- const atlasFiles = [ { file: 'owasp-llm-top10.md', minRefs: 10 }, { file: 'owasp-agentic-top10.md', minRefs: 10 }, { file: 'owasp-skills-top10.md', minRefs: 10 }, { file: 'mcp-threat-patterns.md', minRefs: 5 }, { file: 'deepmind-agent-traps.md', minRefs: 5 }, { file: 'mitigation-matrix.md', minRefs: 5 }, ]; describe('MITRE ATLAS IDs in knowledge files', () => { for (const { file, minRefs } of atlasFiles) { describe(file, () => { const content = readKnowledge(file); it('file exists', () => { assert.ok(content !== null, `${file} should exist`); }); it(`contains at least ${minRefs} AML.T references`, () => { const matches = content.match(/AML\.T\d{4}/g) || []; assert.ok( matches.length >= minRefs, `Expected >= ${minRefs} AML.T refs, found ${matches.length}` ); }); it('contains AML.T0051 (LLM Prompt Injection)', () => { assert.ok(content.includes('AML.T0051'), `${file} should reference AML.T0051`); }); }); } }); // --------------------------------------------------------------------------- // Norwegian regulatory context // --------------------------------------------------------------------------- describe('knowledge/norwegian-context.md', () => { const content = readKnowledge('norwegian-context.md'); it('file exists', () => { assert.ok(content !== null, 'norwegian-context.md should exist'); }); it('references Datatilsynet', () => { assert.ok(content.includes('Datatilsynet'), 'Should reference Datatilsynet'); }); it('references NSM', () => { assert.ok(content.includes('NSM'), 'Should reference NSM'); }); it('references Digdir', () => { assert.ok(content.includes('Digdir'), 'Should reference Digdir'); }); it('contains verification URLs', () => { assert.ok(/https?:\/\//.test(content), 'Should contain verification URLs'); }); });