GeneralBots
diff --git a/‎Cargo.toml‎
Lines changed: 5 additions & 0 deletions b/‎Cargo.toml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/basic/keywords/mod.rs‎
Lines changed: 29 additions & 0 deletions b/‎src/basic/keywords/mod.rs‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎src/basic/keywords/security_protection.rs‎
Lines changed: 325 additions & 0 deletions b/‎src/basic/keywords/security_protection.rs‎
Lines changed: 325 additions & 0 deletions
@@ -207,6 +207,11 @@ qrcode = { version = "0.14", default-features = false }
 # Excel/Spreadsheet Support
 calamine = "0.26"
 rust_xlsxwriter = "0.79"
+spreadsheet-ods = "1.0"
+
+# Word/PowerPoint Support
+docx-rs = "0.4"
+ppt-rs = { version = "0.2", default-features = false }
 
 # Error handling
 thiserror = "2.0"
 
@@ -55,6 +55,7 @@ pub mod procedures;
 pub mod qrcode;
 pub mod remember;
 pub mod save_from_unstructured;
+pub mod security_protection;
 pub mod send_mail;
 pub mod send_template;
 pub mod set;
@@ -85,6 +86,12 @@ pub mod webhook;
 pub use app_server::configure_app_server_routes;
 pub use db_api::configure_db_routes;
 pub use mcp_client::{McpClient, McpRequest, McpResponse, McpServer, McpTool};
+pub use security_protection::{
+    security_get_report, security_hardening_score, security_install_tool, security_run_scan,
+    security_service_is_running, security_start_service, security_stop_service,
+    security_tool_is_installed, security_tool_status, security_update_definitions,
+    SecurityScanResult, SecurityToolResult,
+};
 pub use mcp_directory::{McpDirectoryScanResult, McpDirectoryScanner, McpServerConfig};
 pub use table_access::{
     check_field_write_access, check_table_access, filter_fields_by_role, load_table_access_info,
@@ -201,6 +208,14 @@ pub fn get_all_keywords() -> Vec<String> {
         "OPTION A OR B".to_string(),
         "DECIDE".to_string(),
         "ESCALATE".to_string(),
+        "SECURITY TOOL STATUS".to_string(),
+        "SECURITY RUN SCAN".to_string(),
+        "SECURITY GET REPORT".to_string(),
+        "SECURITY UPDATE DEFINITIONS".to_string(),
+        "SECURITY START SERVICE".to_string(),
+        "SECURITY STOP SERVICE".to_string(),
+        "SECURITY INSTALL TOOL".to_string(),
+        "SECURITY HARDENING SCORE".to_string(),
     ]
 }
 
@@ -325,5 +340,19 @@ pub fn get_keyword_categories() -> std::collections::HashMap<String, Vec<String>
         ],
     );
 
+    categories.insert(
+        "Security Protection".to_string(),
+        vec![
+            "SECURITY TOOL STATUS".to_string(),
+            "SECURITY RUN SCAN".to_string(),
+            "SECURITY GET REPORT".to_string(),
+            "SECURITY UPDATE DEFINITIONS".to_string(),
+            "SECURITY START SERVICE".to_string(),
+            "SECURITY STOP SERVICE".to_string(),
+            "SECURITY INSTALL TOOL".to_string(),
+            "SECURITY HARDENING SCORE".to_string(),
+        ],
+    );
+
     categories
 }
@@ -0,0 +1,325 @@
+use crate::security::protection::{ProtectionManager, ProtectionTool, ProtectionConfig};
+use crate::shared::state::AppState;
+use serde::{Deserialize, Serialize};
+use std::sync::Arc;
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct SecurityToolResult {
+    pub tool: String,
+    pub success: bool,
+    pub installed: bool,
+    pub version: Option<String>,
+    pub running: Option<bool>,
+    pub message: String,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct SecurityScanResult {
+    pub tool: String,
+    pub success: bool,
+    pub status: String,
+    pub findings_count: usize,
+    pub warnings_count: usize,
+    pub score: Option<i32>,
+    pub report_path: Option<String>,
+}
+
+pub async fn security_tool_status(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityToolResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.check_tool_status(tool).await {
+        Ok(status) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            installed: status.installed,
+            version: status.version,
+            running: status.service_running,
+            message: if status.installed {
+                "Tool is installed".to_string()
+            } else {
+                "Tool is not installed".to_string()
+            },
+        }),
+        Err(e) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            installed: false,
+            version: None,
+            running: None,
+            message: format!("Failed to check status: {e}"),
+        }),
+    }
+}
+
+pub async fn security_run_scan(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityScanResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.run_scan(tool).await {
+        Ok(result) => Ok(SecurityScanResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            status: result.status,
+            findings_count: result.findings.len(),
+            warnings_count: result.warnings,
+            score: result.score,
+            report_path: result.report_path,
+        }),
+        Err(e) => Ok(SecurityScanResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            status: "error".to_string(),
+            findings_count: 0,
+            warnings_count: 0,
+            score: None,
+            report_path: None,
+        }),
+    }
+}
+
+pub async fn security_get_report(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<String, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    manager
+        .get_report(tool)
+        .await
+        .map_err(|e| format!("Failed to get report: {e}"))
+}
+
+pub async fn security_update_definitions(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityToolResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.update_definitions(tool).await {
+        Ok(()) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            installed: true,
+            version: None,
+            running: None,
+            message: "Definitions updated successfully".to_string(),
+        }),
+        Err(e) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            installed: true,
+            version: None,
+            running: None,
+            message: format!("Failed to update definitions: {e}"),
+        }),
+    }
+}
+
+pub async fn security_start_service(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityToolResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.start_service(tool).await {
+        Ok(()) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            installed: true,
+            version: None,
+            running: Some(true),
+            message: "Service started successfully".to_string(),
+        }),
+        Err(e) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            installed: true,
+            version: None,
+            running: Some(false),
+            message: format!("Failed to start service: {e}"),
+        }),
+    }
+}
+
+pub async fn security_stop_service(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityToolResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.stop_service(tool).await {
+        Ok(()) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            installed: true,
+            version: None,
+            running: Some(false),
+            message: "Service stopped successfully".to_string(),
+        }),
+        Err(e) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            installed: true,
+            version: None,
+            running: None,
+            message: format!("Failed to stop service: {e}"),
+        }),
+    }
+}
+
+pub async fn security_install_tool(
+    _state: Arc<AppState>,
+    tool_name: &str,
+) -> Result<SecurityToolResult, String> {
+    let tool = parse_tool_name(tool_name)?;
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.install_tool(tool).await {
+        Ok(()) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: true,
+            installed: true,
+            version: None,
+            running: None,
+            message: "Tool installed successfully".to_string(),
+        }),
+        Err(e) => Ok(SecurityToolResult {
+            tool: tool_name.to_lowercase(),
+            success: false,
+            installed: false,
+            version: None,
+            running: None,
+            message: format!("Failed to install tool: {e}"),
+        }),
+    }
+}
+
+pub async fn security_hardening_score(_state: Arc<AppState>) -> Result<i32, String> {
+    let manager = ProtectionManager::new(ProtectionConfig::default());
+
+    match manager.run_scan(ProtectionTool::Lynis).await {
+        Ok(result) => result.score.ok_or_else(|| "No hardening score available".to_string()),
+        Err(e) => Err(format!("Failed to get hardening score: {e}")),
+    }
+}
+
+pub fn security_tool_is_installed(status: &SecurityToolResult) -> bool {
+    status.installed
+}
+
+pub fn security_service_is_running(status: &SecurityToolResult) -> bool {
+    status.running.unwrap_or(false)
+}
+
+fn parse_tool_name(name: &str) -> Result<ProtectionTool, String> {
+    ProtectionTool::from_str(name)
+        .ok_or_else(|| format!("Unknown security tool: {name}. Valid tools: lynis, rkhunter, chkrootkit, suricata, lmd, clamav"))
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_parse_tool_name_valid() {
+        assert!(parse_tool_name("lynis").is_ok());
+        assert!(parse_tool_name("LYNIS").is_ok());
+        assert!(parse_tool_name("Lynis").is_ok());
+        assert!(parse_tool_name("rkhunter").is_ok());
+        assert!(parse_tool_name("chkrootkit").is_ok());
+        assert!(parse_tool_name("suricata").is_ok());
+        assert!(parse_tool_name("lmd").is_ok());
+        assert!(parse_tool_name("clamav").is_ok());
+    }
+
+    #[test]
+    fn test_parse_tool_name_invalid() {
+        assert!(parse_tool_name("unknown").is_err());
+        assert!(parse_tool_name("").is_err());
+        assert!(parse_tool_name("invalid_tool").is_err());
+    }
+
+    #[test]
+    fn test_security_tool_is_installed() {
+        let installed = SecurityToolResult {
+            tool: "lynis".to_string(),
+            success: true,
+            installed: true,
+            version: Some("3.0.9".to_string()),
+            running: None,
+            message: "Tool is installed".to_string(),
+        };
+        assert!(security_tool_is_installed(&installed));
+
+        let not_installed = SecurityToolResult {
+            tool: "lynis".to_string(),
+            success: true,
+            installed: false,
+            version: None,
+            running: None,
+            message: "Tool is not installed".to_string(),
+        };
+        assert!(!security_tool_is_installed(&not_installed));
+    }
+
+    #[test]
+    fn test_security_service_is_running() {
+        let running = SecurityToolResult {
+            tool: "suricata".to_string(),
+            success: true,
+            installed: true,
+            version: None,
+            running: Some(true),
+            message: "Service running".to_string(),
+        };
+        assert!(security_service_is_running(&running));
+
+        let stopped = SecurityToolResult {
+            tool: "suricata".to_string(),
+            success: true,
+            installed: true,
+            version: None,
+            running: Some(false),
+            message: "Service stopped".to_string(),
+        };
+        assert!(!security_service_is_running(&stopped));
+
+        let unknown = SecurityToolResult {
+            tool: "lynis".to_string(),
+            success: true,
+            installed: true,
+            version: None,
+            running: None,
+            message: "No service".to_string(),
+        };
+        assert!(!security_service_is_running(&unknown));
+    }
+
+    #[test]
+    fn test_security_scan_result_serialization() {
+        let result = SecurityScanResult {
+            tool: "lynis".to_string(),
+            success: true,
+            status: "completed".to_string(),
+            findings_count: 5,
+            warnings_count: 12,
+            score: Some(78),
+            report_path: Some("/var/log/lynis-report.dat".to_string()),
+        };
+
+        let json = serde_json::to_string(&result).expect("Failed to serialize");
+        assert!(json.contains("\"tool\":\"lynis\""));
+        assert!(json.contains("\"score\":78"));
+    }
+}