feat: add supply-chain typosquat + AI rules file backdoor chain

[kOaDT]

Description

Adds a chained two-flag CTF challenge covering modern software supply-chain attacks: a typosquatted react-toastfy npm package whose postinstall would drop a malicious Cursor rules file (lab/quarantine/productivity-helper.mdc) carrying a hidden HTML-comment prompt-injection payload. The payload instructs the developer's AI agent to inject a magic-header auth bypass at /api/admin/diag. Players solve the chain black-box through the existing path-traversal endpoint, ending with a runtime curl exploitation.

The challenge fills a gap in the lab (no supply-chain flag previously) and is positioned around OWASP 2025 A03 (Software Supply Chain Failures) and the LLM Top 10 supply-chain category. Inspired by Pillar Security's "Rules File Backdoor" (March 2025), the npm Shai-Hulud worm (September 2025), and the axios maintainer takeover (March 2026).

Two new flags:

#	Slug	Difficulty	OWASP / CWE
1	npm-supply-chain-typosquat	HARD	A03:2025 / CWE-829
2	ai-rules-file-backdoor	MEDIUM	A07:2025 / CWE-798

Notable changes:

• New SUPPLY_CHAIN value in the FlagCategory enum (schema, types, format labels, dashboard short label)
• New lab/quarantine/ directory for inert lab payloads, with a README.md explicitly instructing AI agents to treat the contents as data
• AGENTS.md updated with a "Lab Quarantine Zones" section
• tsconfig.json, eslint.config.mjs, .prettierignore updated to exclude packages/react-toastfy/ and lab/

Safety:

• Fake package is not declared in the root package.json and is never installed
• postinstall.js is fully inert (top-of-file comment + one console.log + process.exit(0) — zero fs.write, zero child_process, zero network, zero os.homedir)
• No file added in any auto-loaded AI-tooling path (.cursor/rules/, .claude/skills/, .cursorrules, .windsurfrules, .continue/, .github/copilot-instructions.md, root CLAUDE.md)
• Backdoor token is hardcoded in the route file (realistic for the AI-injected narrative); endpoint is unlinked from any sitemap, navigation, or UI

Type of change

• Bug fix
• New feature (e-commerce site improvement)
• New vulnerability / flag
• Walkthrough / writeup
• Documentation update
• Other (please describe):

Testing done

• npm run db:generate + npm run db:push + npm run db:seed — schema migrated cleanly via db:push, 34 flags + 34 hint sets seeded
• npm run lint — 0 errors (17 pre-existing warnings in unrelated files)
• npm run format:check — clean
• npm run build — Next build green; /api/admin/diag registered
• npm run docs:build — Astro build green, walkthrough indexed
• npm run test:unit — 61/61 passing
• New Jest API tests + non-regression path-traversal.test.ts — 17/17 passing against a running server
• Manual end-to-end chain validated via curl: HTML breadcrumb → ../package.json → ../packages/react-toastfy/package.json → ../packages/react-toastfy/scripts/postinstall.js → ../lab/quarantine/productivity-helper.mdc (flag 1) → GET /api/admin/diag with X-Debug-Auth: dbg_8f3a7c91e2b4d6a05e21 (flag 2). Both flags verify successfully via POST /api/flags/verify. Original path-traversal flag still reachable.
• Cypress E2E spec written and type-checks cleanly via cypress/tsconfig.json. Local Cypress runner crashes with SIGILL on Ubuntu 22.04 / Cypress 15.13.1 for all specs (pre-existing environmental issue, not specific to this change) — to retest in CI.

Checklist

• Documentation updated (if applicable)

If adding a new vulnerability

• Flag added in prisma/seed.ts with format OSS{...}
• Three progressive hints added in prisma/seed.ts
• Vulnerable code path is exploitable and demonstrable
• Reference doc added under content/vulnerabilities/ (concept + fix only — no exploit steps, payloads, or flag value)
• Regression tests added (unit, API, and/or E2E)
• No real-world secrets introduced
• If a walkthrough was also added under docs/src/data/blog/, walkthroughSlug is set on the flag in prisma/seed.ts

[github-actions]

Thank you @kOaDT for contributing once again!

📊 PR overview

Files changed	Additions	Deletions	Size
27	+1217	-1	XL

📝 Before review

To help maintainers review your changes efficiently, please ensure that:

• The PR description clearly explains what was changed and why
• The PR checklist has been filled out
• All existing tests continue to pass
• New tests have been added for any new functionality

📖 Please review our Contributing Guidelines and Code of Conduct.

✅ Continuous Integration

Two CI workflows will run automatically on this PR:

• Code Quality — linting and formatting checks
• Exploitation Tests — ensures vulnerabilities and flags work as expected

You can follow their progress in the Checks tab.

🤝 A note on collaboration

We value respectful and constructive interactions. Whether you are a contributor or a reviewer, please be patient, kind, and open to feedback.

---

A maintainer will review your changes as soon as possible. If you have any questions, feel free to ask in this thread.

kOaDT