npm - @agentforge/core - Versions diffs - 0.11.7 → 0.11.8 - Mend

@agentforge/core 0.11.7 → 0.11.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -124,6 +124,7 @@ __export(index_exports, {
   isHumanRequestInterrupt: () => isHumanRequestInterrupt,
   isMemoryCheckpointer: () => isMemoryCheckpointer,
   isTracingEnabled: () => isTracingEnabled,
+  loadPrompt: () => loadPrompt,
   map: () => map,
   merge: () => merge,
   mergeState: () => mergeState,
@@ -132,8 +133,10 @@ __export(index_exports, {
   presets: () => presets,
   production: () => production,
   reduce: () => reduce,
+  renderTemplate: () => renderTemplate,
   retry: () => retry,
   safeValidateSchemaDescriptions: () => safeValidateSchemaDescriptions,
+  sanitizeValue: () => sanitizeValue,
   sendMessage: () => sendMessage,
   sequential: () => sequential,
   sequentialBuilder: () => sequentialBuilder,
@@ -4930,6 +4933,68 @@ var CircuitBreaker = class {
 function createCircuitBreaker(options) {
   return new CircuitBreaker(options);
 }
+// src/prompt-loader/index.ts
+var import_fs = require("fs");
+var import_path = require("path");
+var MAX_VARIABLE_LENGTH = 500;
+function sanitizeValue(value) {
+  if (value === void 0 || value === null) return "";
+  let sanitized = String(value);
+  sanitized = sanitized.replace(/^#+\s*/gm, "");
+  sanitized = sanitized.replace(/[\r\n]+/g, " ");
+  sanitized = sanitized.trim().replace(/\s+/g, " ");
+  if (sanitized.length > MAX_VARIABLE_LENGTH) {
+    sanitized = sanitized.substring(0, MAX_VARIABLE_LENGTH) + "...";
+  }
+  return sanitized;
+}
+function renderTemplate(template, options) {
+  let rawVariables;
+  let sanitizedVariables;
+  if ("trustedVariables" in options || "untrustedVariables" in options) {
+    const opts = options;
+    rawVariables = {
+      ...opts.trustedVariables,
+      ...opts.untrustedVariables
+    };
+    const sanitizedUntrusted = {};
+    if (opts.untrustedVariables) {
+      for (const [key, value] of Object.entries(opts.untrustedVariables)) {
+        sanitizedUntrusted[key] = sanitizeValue(value);
+      }
+    }
+    sanitizedVariables = {
+      ...opts.trustedVariables,
+      ...sanitizedUntrusted
+    };
+  } else {
+    rawVariables = options;
+    sanitizedVariables = options;
+  }
+  let result = template;
+  result = result.replace(/\{\{#if\s+(\w+)\}\}([\s\S]*?)\{\{\/if\}\}/g, (_, varName, content) => {
+    return rawVariables[varName] ? content : "";
+  });
+  result = result.replace(/\{\{(\w+)\}\}/g, (_, varName) => {
+    const value = sanitizedVariables[varName];
+    if (value === void 0 || value === null) return "";
+    return String(value);
+  });
+  return result;
+}
+function loadPrompt(promptName, options = {}, promptsDir) {
+  const baseDir = promptsDir || (0, import_path.join)(process.cwd(), "prompts");
+  const promptPath = (0, import_path.join)(baseDir, `${promptName}.md`);
+  try {
+    const template = (0, import_fs.readFileSync)(promptPath, "utf-8");
+    return renderTemplate(template, options);
+  } catch (error) {
+    throw new Error(
+      `Failed to load prompt "${promptName}" from ${promptPath}: ${error instanceof Error ? error.message : String(error)}`
+    );
+  }
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AgentError,
@@ -5026,6 +5091,7 @@ function createCircuitBreaker(options) {
   isHumanRequestInterrupt,
   isMemoryCheckpointer,
   isTracingEnabled,
+  loadPrompt,
   map,
   merge,
   mergeState,
@@ -5034,8 +5100,10 @@ function createCircuitBreaker(options) {
   presets,
   production,
   reduce,
+  renderTemplate,
   retry,
   safeValidateSchemaDescriptions,
+  sanitizeValue,
   sendMessage,
   sequential,
   sequentialBuilder,

package/dist/index.d.cts CHANGED Viewed

@@ -5157,4 +5157,111 @@ declare class CircuitBreaker {
 }
 declare function createCircuitBreaker(options: CircuitBreakerOptions): CircuitBreaker;
-export { AgentError, type AgentResumedEventData, type AgentWaitingEventData, type AggregateNode, type AnyInterrupt, type ApprovalRequiredInterrupt, type BackoffStrategy, type BatchOptions, BatchProcessor, type BatchProcessorOptions, type BatchStats, type CacheKeyGenerator, type CachingOptions, type CheckInterruptOptions, type CheckpointHistoryOptions, type CheckpointerOptions, type ChunkOptions, CircuitBreaker, type CircuitBreakerOptions, type CircuitBreakerStats, type CircuitState, type ComposeGraphsOptions, type ComposeOptions, type ComposeToolConfig, type ComposedTool, type ConcurrencyOptions, type ConditionalConfig, type ConditionalRouter, type ConditionalRouterConfig, ConnectionPool, type ConnectionPoolOptions, type ConversationConfig, type CustomInterrupt, type DatabaseConfig, type DatabaseConnection, DatabasePool, type DatabasePoolOptions, type DevelopmentPresetOptions, type ErrorContext, type ErrorHandlerOptions, type ErrorReporter, type ErrorReporterOptions, type EventHandler, type EvictionStrategy, type ExecutionMetrics, type HealthCheckConfig, type HealthCheckResult, type HttpClient, type HttpConfig, HttpPool, type HttpPoolConfig, type HttpPoolOptions, type HttpResponse, type HumanInLoopEventData, type HumanInLoopEventType, type HumanRequest, type HumanRequestEventData, type HumanRequestInterrupt, type HumanRequestPriority, type HumanRequestStatus, type HumanResponseEventData, type InterruptData, type InterruptEventData, type InterruptType, type LangSmithConfig, type LogEntry, LogLevel, type Logger, type LoggerOptions, type LoggingOptions, ManagedTool, type ManagedToolConfig, type ManagedToolStats, MemoryManager, type MemoryManagerOptions, type MemoryStats, type MetricEntry, MetricType, type Metrics, type MetricsNodeOptions, type Middleware, MiddlewareChain, type MiddlewareContext, type MiddlewareFactory, type MiddlewareMetadata, type MiddlewareWithMetadata, MissingDescriptionError, type MockToolConfig, type MockToolResponse, type NodeFunction, type NodeFunctionWithContext, type ParallelNode, type ParallelWorkflowConfig, type ParallelWorkflowOptions, type PoolConfig, type PoolStats, type Priority$1 as Priority, type ProductionPresetOptions, type Progress, type ProgressTracker, type ProgressTrackerOptions, type PromptOptions, type RateLimitOptions, type RateLimitStrategy, type ReducerFunction, RegistryEvent, type RequestConfig, type ResumeCommand, type ResumeEventData, type ResumeOptions, type RetryOptions, type RetryPolicy, type RouteCondition, type RouteMap, type RouteName, type SSEEvent, type SSEFormatter, type SSEFormatterOptions, type SequentialNode, type SequentialWorkflowOptions, type SimpleMiddleware, type SqliteCheckpointerOptions, type StateChannelConfig, type SubgraphBuilder, type TestingPresetOptions, type ThreadConfig, type ThreadInfo, type ThreadStatus, type ThrottleOptions, TimeoutError, type TimeoutOptions, type Timer, type Tool, type BackoffStrategy$1 as ToolBackoffStrategy, ToolBuilder, ToolCategory, ToolCategorySchema, type ToolExample, ToolExampleSchema, type ToolExecution, type ToolExecutorConfig, type ToolInvocation, type ToolMetadata, ToolMetadataSchema, ToolNameSchema, ToolRegistry, type ToolRelations, ToolRelationsSchema, type ToolSimulatorConfig, type TracingOptions, type ValidationErrorHandler, type ValidationMode, type ValidationOptions, type ValidatorFunction, type WebSocketHandlerOptions, type WebSocketMessage, batch, broadcast, cache, chain, chunk, clearThread, collect, compose, composeGraphs, composeTool, composeWithOptions, conditional, configureLangSmith, createApprovalRequiredInterrupt, createBatchProcessor, createBinaryRouter, createCircuitBreaker, createConditionalRouter, createConnectionPool, createConversationConfig, createCustomInterrupt, createDatabasePool, createErrorReporter, createHeartbeat, createHttpPool, createHumanRequestInterrupt, createLogger, createManagedTool, createMemoryCheckpointer, createMemoryManager, createMessage, createMetrics, createMiddlewareContext, createMockTool, createMultiRouter, createParallelWorkflow, createProgressTracker, createSSEFormatter, createSequentialWorkflow, createSharedCache, createSharedConcurrencyController, createSharedRateLimiter, createSqliteCheckpointer, createStateAnnotation, createSubgraph, createThreadConfig, createTool, createToolExecutor, createToolSimulator, createToolUnsafe, createWebSocketHandler, development, filter, formatAgentResumedEvent, formatAgentWaitingEvent, formatHumanRequestEvent, formatHumanResponseEvent, formatInterruptEvent, formatResumeEvent, generateThreadId, getCheckpointHistory, getLangSmithConfig, getLatestCheckpoint, getMissingDescriptions, getThreadStatus, getToolDescription, getToolJsonSchema, isApprovalRequiredInterrupt, isCustomInterrupt, isHumanRequestInterrupt, isMemoryCheckpointer, isTracingEnabled, map, merge, mergeState, parallel, parseSSEEvent, presets, production, reduce, retry, safeValidateSchemaDescriptions, sendMessage, sequential, sequentialBuilder, take, testing, throttle, timeout, toLangChainTool, toLangChainTools, toolBuilder, validateSchemaDescriptions, validateState, validateTool, validateToolMetadata, validateToolName, withCache, withConcurrency, withErrorHandler, withLogging, withMetrics, withRateLimit, withRetry, withTimeout, withTracing, withValidation };
+/**
+ * Prompt Template Loader
+ *
+ * Utility for loading and rendering prompt templates from .md files.
+ * Supports variable substitution and conditional blocks.
+ *
+ * SECURITY: This module includes protection against prompt injection attacks
+ * by sanitizing variable values before substitution.
+ */
+/**
+ * Options for rendering templates with security controls
+ */
+interface RenderTemplateOptions {
+    /**
+     * Variables from trusted sources (config files, hardcoded values)
+     * These will NOT be sanitized
+     */
+    trustedVariables?: Record<string, any>;
+    /**
+     * Variables from untrusted sources (user input, API calls, databases)
+     * These WILL be sanitized to prevent prompt injection
+     */
+    untrustedVariables?: Record<string, any>;
+}
+/**
+ * Sanitize a value to prevent prompt injection attacks
+ *
+ * Protections:
+ * - Removes markdown headers (prevents structure hijacking)
+ * - Removes newlines (prevents multi-line injection)
+ * - Limits length (prevents prompt bloat)
+ *
+ * @param value - The value to sanitize
+ * @returns Sanitized string safe for use in prompts
+ */
+declare function sanitizeValue(value: any): string;
+/**
+ * Render a template string with variable substitution
+ *
+ * Supports:
+ * - Simple variables: {{variableName}}
+ * - Conditional blocks: {{#if variableName}}...{{/if}}
+ *
+ * SECURITY: Distinguishes between trusted and untrusted variables.
+ * - Trusted variables (from config) are used as-is
+ * - Untrusted variables (from user input) are sanitized
+ *
+ * @param template - Template string with {{variable}} placeholders
+ * @param options - Variables and security options
+ * @returns Rendered template string
+ *
+ * @example
+ * ```typescript
+ * // Safe: Trusted variables from config
+ * const result = renderTemplate(template, {
+ *   trustedVariables: {
+ *     companyName: 'Acme Corp',  // From config file
+ *     premium: true
+ *   }
+ * });
+ *
+ * // Safe: Untrusted variables are sanitized
+ * const result = renderTemplate(template, {
+ *   untrustedVariables: {
+ *     userName: req.body.name,  // User input - will be sanitized
+ *   }
+ * });
+ *
+ * // Mixed: Some trusted, some untrusted
+ * const result = renderTemplate(template, {
+ *   trustedVariables: {
+ *     companyName: 'Acme Corp',  // From config
+ *   },
+ *   untrustedVariables: {
+ *     userName: req.body.name,  // User input
+ *   }
+ * });
+ * ```
+ */
+declare function renderTemplate(template: string, options: RenderTemplateOptions | Record<string, any>): string;
+/**
+ * Load and render a prompt template from a .md file
+ *
+ * Looks for prompts in a `prompts/` directory relative to the caller's location.
+ *
+ * @param promptName - Name of the prompt file (without .md extension)
+ * @param options - Variables and security options
+ * @param promptsDir - Optional custom prompts directory path
+ * @returns Rendered prompt string
+ *
+ * @example
+ * ```typescript
+ * // Backwards compatible: all variables treated as trusted
+ * loadPrompt('system', { companyName: 'Acme' });
+ *
+ * // Explicit: separate trusted and untrusted
+ * loadPrompt('system', {
+ *   trustedVariables: { companyName: 'Acme' },
+ *   untrustedVariables: { userName: userInput }
+ * });
+ *
+ * // Custom prompts directory
+ * loadPrompt('system', { companyName: 'Acme' }, '/path/to/prompts');
+ * ```
+ */
+declare function loadPrompt(promptName: string, options?: RenderTemplateOptions | Record<string, any>, promptsDir?: string): string;
+export { AgentError, type AgentResumedEventData, type AgentWaitingEventData, type AggregateNode, type AnyInterrupt, type ApprovalRequiredInterrupt, type BackoffStrategy, type BatchOptions, BatchProcessor, type BatchProcessorOptions, type BatchStats, type CacheKeyGenerator, type CachingOptions, type CheckInterruptOptions, type CheckpointHistoryOptions, type CheckpointerOptions, type ChunkOptions, CircuitBreaker, type CircuitBreakerOptions, type CircuitBreakerStats, type CircuitState, type ComposeGraphsOptions, type ComposeOptions, type ComposeToolConfig, type ComposedTool, type ConcurrencyOptions, type ConditionalConfig, type ConditionalRouter, type ConditionalRouterConfig, ConnectionPool, type ConnectionPoolOptions, type ConversationConfig, type CustomInterrupt, type DatabaseConfig, type DatabaseConnection, DatabasePool, type DatabasePoolOptions, type DevelopmentPresetOptions, type ErrorContext, type ErrorHandlerOptions, type ErrorReporter, type ErrorReporterOptions, type EventHandler, type EvictionStrategy, type ExecutionMetrics, type HealthCheckConfig, type HealthCheckResult, type HttpClient, type HttpConfig, HttpPool, type HttpPoolConfig, type HttpPoolOptions, type HttpResponse, type HumanInLoopEventData, type HumanInLoopEventType, type HumanRequest, type HumanRequestEventData, type HumanRequestInterrupt, type HumanRequestPriority, type HumanRequestStatus, type HumanResponseEventData, type InterruptData, type InterruptEventData, type InterruptType, type LangSmithConfig, type LogEntry, LogLevel, type Logger, type LoggerOptions, type LoggingOptions, ManagedTool, type ManagedToolConfig, type ManagedToolStats, MemoryManager, type MemoryManagerOptions, type MemoryStats, type MetricEntry, MetricType, type Metrics, type MetricsNodeOptions, type Middleware, MiddlewareChain, type MiddlewareContext, type MiddlewareFactory, type MiddlewareMetadata, type MiddlewareWithMetadata, MissingDescriptionError, type MockToolConfig, type MockToolResponse, type NodeFunction, type NodeFunctionWithContext, type ParallelNode, type ParallelWorkflowConfig, type ParallelWorkflowOptions, type PoolConfig, type PoolStats, type Priority$1 as Priority, type ProductionPresetOptions, type Progress, type ProgressTracker, type ProgressTrackerOptions, type PromptOptions, type RateLimitOptions, type RateLimitStrategy, type ReducerFunction, RegistryEvent, type RenderTemplateOptions, type RequestConfig, type ResumeCommand, type ResumeEventData, type ResumeOptions, type RetryOptions, type RetryPolicy, type RouteCondition, type RouteMap, type RouteName, type SSEEvent, type SSEFormatter, type SSEFormatterOptions, type SequentialNode, type SequentialWorkflowOptions, type SimpleMiddleware, type SqliteCheckpointerOptions, type StateChannelConfig, type SubgraphBuilder, type TestingPresetOptions, type ThreadConfig, type ThreadInfo, type ThreadStatus, type ThrottleOptions, TimeoutError, type TimeoutOptions, type Timer, type Tool, type BackoffStrategy$1 as ToolBackoffStrategy, ToolBuilder, ToolCategory, ToolCategorySchema, type ToolExample, ToolExampleSchema, type ToolExecution, type ToolExecutorConfig, type ToolInvocation, type ToolMetadata, ToolMetadataSchema, ToolNameSchema, ToolRegistry, type ToolRelations, ToolRelationsSchema, type ToolSimulatorConfig, type TracingOptions, type ValidationErrorHandler, type ValidationMode, type ValidationOptions, type ValidatorFunction, type WebSocketHandlerOptions, type WebSocketMessage, batch, broadcast, cache, chain, chunk, clearThread, collect, compose, composeGraphs, composeTool, composeWithOptions, conditional, configureLangSmith, createApprovalRequiredInterrupt, createBatchProcessor, createBinaryRouter, createCircuitBreaker, createConditionalRouter, createConnectionPool, createConversationConfig, createCustomInterrupt, createDatabasePool, createErrorReporter, createHeartbeat, createHttpPool, createHumanRequestInterrupt, createLogger, createManagedTool, createMemoryCheckpointer, createMemoryManager, createMessage, createMetrics, createMiddlewareContext, createMockTool, createMultiRouter, createParallelWorkflow, createProgressTracker, createSSEFormatter, createSequentialWorkflow, createSharedCache, createSharedConcurrencyController, createSharedRateLimiter, createSqliteCheckpointer, createStateAnnotation, createSubgraph, createThreadConfig, createTool, createToolExecutor, createToolSimulator, createToolUnsafe, createWebSocketHandler, development, filter, formatAgentResumedEvent, formatAgentWaitingEvent, formatHumanRequestEvent, formatHumanResponseEvent, formatInterruptEvent, formatResumeEvent, generateThreadId, getCheckpointHistory, getLangSmithConfig, getLatestCheckpoint, getMissingDescriptions, getThreadStatus, getToolDescription, getToolJsonSchema, isApprovalRequiredInterrupt, isCustomInterrupt, isHumanRequestInterrupt, isMemoryCheckpointer, isTracingEnabled, loadPrompt, map, merge, mergeState, parallel, parseSSEEvent, presets, production, reduce, renderTemplate, retry, safeValidateSchemaDescriptions, sanitizeValue, sendMessage, sequential, sequentialBuilder, take, testing, throttle, timeout, toLangChainTool, toLangChainTools, toolBuilder, validateSchemaDescriptions, validateState, validateTool, validateToolMetadata, validateToolName, withCache, withConcurrency, withErrorHandler, withLogging, withMetrics, withRateLimit, withRetry, withTimeout, withTracing, withValidation };

package/dist/index.d.ts CHANGED Viewed

@@ -5157,4 +5157,111 @@ declare class CircuitBreaker {
 }
 declare function createCircuitBreaker(options: CircuitBreakerOptions): CircuitBreaker;
-export { AgentError, type AgentResumedEventData, type AgentWaitingEventData, type AggregateNode, type AnyInterrupt, type ApprovalRequiredInterrupt, type BackoffStrategy, type BatchOptions, BatchProcessor, type BatchProcessorOptions, type BatchStats, type CacheKeyGenerator, type CachingOptions, type CheckInterruptOptions, type CheckpointHistoryOptions, type CheckpointerOptions, type ChunkOptions, CircuitBreaker, type CircuitBreakerOptions, type CircuitBreakerStats, type CircuitState, type ComposeGraphsOptions, type ComposeOptions, type ComposeToolConfig, type ComposedTool, type ConcurrencyOptions, type ConditionalConfig, type ConditionalRouter, type ConditionalRouterConfig, ConnectionPool, type ConnectionPoolOptions, type ConversationConfig, type CustomInterrupt, type DatabaseConfig, type DatabaseConnection, DatabasePool, type DatabasePoolOptions, type DevelopmentPresetOptions, type ErrorContext, type ErrorHandlerOptions, type ErrorReporter, type ErrorReporterOptions, type EventHandler, type EvictionStrategy, type ExecutionMetrics, type HealthCheckConfig, type HealthCheckResult, type HttpClient, type HttpConfig, HttpPool, type HttpPoolConfig, type HttpPoolOptions, type HttpResponse, type HumanInLoopEventData, type HumanInLoopEventType, type HumanRequest, type HumanRequestEventData, type HumanRequestInterrupt, type HumanRequestPriority, type HumanRequestStatus, type HumanResponseEventData, type InterruptData, type InterruptEventData, type InterruptType, type LangSmithConfig, type LogEntry, LogLevel, type Logger, type LoggerOptions, type LoggingOptions, ManagedTool, type ManagedToolConfig, type ManagedToolStats, MemoryManager, type MemoryManagerOptions, type MemoryStats, type MetricEntry, MetricType, type Metrics, type MetricsNodeOptions, type Middleware, MiddlewareChain, type MiddlewareContext, type MiddlewareFactory, type MiddlewareMetadata, type MiddlewareWithMetadata, MissingDescriptionError, type MockToolConfig, type MockToolResponse, type NodeFunction, type NodeFunctionWithContext, type ParallelNode, type ParallelWorkflowConfig, type ParallelWorkflowOptions, type PoolConfig, type PoolStats, type Priority$1 as Priority, type ProductionPresetOptions, type Progress, type ProgressTracker, type ProgressTrackerOptions, type PromptOptions, type RateLimitOptions, type RateLimitStrategy, type ReducerFunction, RegistryEvent, type RequestConfig, type ResumeCommand, type ResumeEventData, type ResumeOptions, type RetryOptions, type RetryPolicy, type RouteCondition, type RouteMap, type RouteName, type SSEEvent, type SSEFormatter, type SSEFormatterOptions, type SequentialNode, type SequentialWorkflowOptions, type SimpleMiddleware, type SqliteCheckpointerOptions, type StateChannelConfig, type SubgraphBuilder, type TestingPresetOptions, type ThreadConfig, type ThreadInfo, type ThreadStatus, type ThrottleOptions, TimeoutError, type TimeoutOptions, type Timer, type Tool, type BackoffStrategy$1 as ToolBackoffStrategy, ToolBuilder, ToolCategory, ToolCategorySchema, type ToolExample, ToolExampleSchema, type ToolExecution, type ToolExecutorConfig, type ToolInvocation, type ToolMetadata, ToolMetadataSchema, ToolNameSchema, ToolRegistry, type ToolRelations, ToolRelationsSchema, type ToolSimulatorConfig, type TracingOptions, type ValidationErrorHandler, type ValidationMode, type ValidationOptions, type ValidatorFunction, type WebSocketHandlerOptions, type WebSocketMessage, batch, broadcast, cache, chain, chunk, clearThread, collect, compose, composeGraphs, composeTool, composeWithOptions, conditional, configureLangSmith, createApprovalRequiredInterrupt, createBatchProcessor, createBinaryRouter, createCircuitBreaker, createConditionalRouter, createConnectionPool, createConversationConfig, createCustomInterrupt, createDatabasePool, createErrorReporter, createHeartbeat, createHttpPool, createHumanRequestInterrupt, createLogger, createManagedTool, createMemoryCheckpointer, createMemoryManager, createMessage, createMetrics, createMiddlewareContext, createMockTool, createMultiRouter, createParallelWorkflow, createProgressTracker, createSSEFormatter, createSequentialWorkflow, createSharedCache, createSharedConcurrencyController, createSharedRateLimiter, createSqliteCheckpointer, createStateAnnotation, createSubgraph, createThreadConfig, createTool, createToolExecutor, createToolSimulator, createToolUnsafe, createWebSocketHandler, development, filter, formatAgentResumedEvent, formatAgentWaitingEvent, formatHumanRequestEvent, formatHumanResponseEvent, formatInterruptEvent, formatResumeEvent, generateThreadId, getCheckpointHistory, getLangSmithConfig, getLatestCheckpoint, getMissingDescriptions, getThreadStatus, getToolDescription, getToolJsonSchema, isApprovalRequiredInterrupt, isCustomInterrupt, isHumanRequestInterrupt, isMemoryCheckpointer, isTracingEnabled, map, merge, mergeState, parallel, parseSSEEvent, presets, production, reduce, retry, safeValidateSchemaDescriptions, sendMessage, sequential, sequentialBuilder, take, testing, throttle, timeout, toLangChainTool, toLangChainTools, toolBuilder, validateSchemaDescriptions, validateState, validateTool, validateToolMetadata, validateToolName, withCache, withConcurrency, withErrorHandler, withLogging, withMetrics, withRateLimit, withRetry, withTimeout, withTracing, withValidation };
+/**
+ * Prompt Template Loader
+ *
+ * Utility for loading and rendering prompt templates from .md files.
+ * Supports variable substitution and conditional blocks.
+ *
+ * SECURITY: This module includes protection against prompt injection attacks
+ * by sanitizing variable values before substitution.
+ */
+/**
+ * Options for rendering templates with security controls
+ */
+interface RenderTemplateOptions {
+    /**
+     * Variables from trusted sources (config files, hardcoded values)
+     * These will NOT be sanitized
+     */
+    trustedVariables?: Record<string, any>;
+    /**
+     * Variables from untrusted sources (user input, API calls, databases)
+     * These WILL be sanitized to prevent prompt injection
+     */
+    untrustedVariables?: Record<string, any>;
+}
+/**
+ * Sanitize a value to prevent prompt injection attacks
+ *
+ * Protections:
+ * - Removes markdown headers (prevents structure hijacking)
+ * - Removes newlines (prevents multi-line injection)
+ * - Limits length (prevents prompt bloat)
+ *
+ * @param value - The value to sanitize
+ * @returns Sanitized string safe for use in prompts
+ */
+declare function sanitizeValue(value: any): string;
+/**
+ * Render a template string with variable substitution
+ *
+ * Supports:
+ * - Simple variables: {{variableName}}
+ * - Conditional blocks: {{#if variableName}}...{{/if}}
+ *
+ * SECURITY: Distinguishes between trusted and untrusted variables.
+ * - Trusted variables (from config) are used as-is
+ * - Untrusted variables (from user input) are sanitized
+ *
+ * @param template - Template string with {{variable}} placeholders
+ * @param options - Variables and security options
+ * @returns Rendered template string
+ *
+ * @example
+ * ```typescript
+ * // Safe: Trusted variables from config
+ * const result = renderTemplate(template, {
+ *   trustedVariables: {
+ *     companyName: 'Acme Corp',  // From config file
+ *     premium: true
+ *   }
+ * });
+ *
+ * // Safe: Untrusted variables are sanitized
+ * const result = renderTemplate(template, {
+ *   untrustedVariables: {
+ *     userName: req.body.name,  // User input - will be sanitized
+ *   }
+ * });
+ *
+ * // Mixed: Some trusted, some untrusted
+ * const result = renderTemplate(template, {
+ *   trustedVariables: {
+ *     companyName: 'Acme Corp',  // From config
+ *   },
+ *   untrustedVariables: {
+ *     userName: req.body.name,  // User input
+ *   }
+ * });
+ * ```
+ */
+declare function renderTemplate(template: string, options: RenderTemplateOptions | Record<string, any>): string;
+/**
+ * Load and render a prompt template from a .md file
+ *
+ * Looks for prompts in a `prompts/` directory relative to the caller's location.
+ *
+ * @param promptName - Name of the prompt file (without .md extension)
+ * @param options - Variables and security options
+ * @param promptsDir - Optional custom prompts directory path
+ * @returns Rendered prompt string
+ *
+ * @example
+ * ```typescript
+ * // Backwards compatible: all variables treated as trusted
+ * loadPrompt('system', { companyName: 'Acme' });
+ *
+ * // Explicit: separate trusted and untrusted
+ * loadPrompt('system', {
+ *   trustedVariables: { companyName: 'Acme' },
+ *   untrustedVariables: { userName: userInput }
+ * });
+ *
+ * // Custom prompts directory
+ * loadPrompt('system', { companyName: 'Acme' }, '/path/to/prompts');
+ * ```
+ */
+declare function loadPrompt(promptName: string, options?: RenderTemplateOptions | Record<string, any>, promptsDir?: string): string;
+export { AgentError, type AgentResumedEventData, type AgentWaitingEventData, type AggregateNode, type AnyInterrupt, type ApprovalRequiredInterrupt, type BackoffStrategy, type BatchOptions, BatchProcessor, type BatchProcessorOptions, type BatchStats, type CacheKeyGenerator, type CachingOptions, type CheckInterruptOptions, type CheckpointHistoryOptions, type CheckpointerOptions, type ChunkOptions, CircuitBreaker, type CircuitBreakerOptions, type CircuitBreakerStats, type CircuitState, type ComposeGraphsOptions, type ComposeOptions, type ComposeToolConfig, type ComposedTool, type ConcurrencyOptions, type ConditionalConfig, type ConditionalRouter, type ConditionalRouterConfig, ConnectionPool, type ConnectionPoolOptions, type ConversationConfig, type CustomInterrupt, type DatabaseConfig, type DatabaseConnection, DatabasePool, type DatabasePoolOptions, type DevelopmentPresetOptions, type ErrorContext, type ErrorHandlerOptions, type ErrorReporter, type ErrorReporterOptions, type EventHandler, type EvictionStrategy, type ExecutionMetrics, type HealthCheckConfig, type HealthCheckResult, type HttpClient, type HttpConfig, HttpPool, type HttpPoolConfig, type HttpPoolOptions, type HttpResponse, type HumanInLoopEventData, type HumanInLoopEventType, type HumanRequest, type HumanRequestEventData, type HumanRequestInterrupt, type HumanRequestPriority, type HumanRequestStatus, type HumanResponseEventData, type InterruptData, type InterruptEventData, type InterruptType, type LangSmithConfig, type LogEntry, LogLevel, type Logger, type LoggerOptions, type LoggingOptions, ManagedTool, type ManagedToolConfig, type ManagedToolStats, MemoryManager, type MemoryManagerOptions, type MemoryStats, type MetricEntry, MetricType, type Metrics, type MetricsNodeOptions, type Middleware, MiddlewareChain, type MiddlewareContext, type MiddlewareFactory, type MiddlewareMetadata, type MiddlewareWithMetadata, MissingDescriptionError, type MockToolConfig, type MockToolResponse, type NodeFunction, type NodeFunctionWithContext, type ParallelNode, type ParallelWorkflowConfig, type ParallelWorkflowOptions, type PoolConfig, type PoolStats, type Priority$1 as Priority, type ProductionPresetOptions, type Progress, type ProgressTracker, type ProgressTrackerOptions, type PromptOptions, type RateLimitOptions, type RateLimitStrategy, type ReducerFunction, RegistryEvent, type RenderTemplateOptions, type RequestConfig, type ResumeCommand, type ResumeEventData, type ResumeOptions, type RetryOptions, type RetryPolicy, type RouteCondition, type RouteMap, type RouteName, type SSEEvent, type SSEFormatter, type SSEFormatterOptions, type SequentialNode, type SequentialWorkflowOptions, type SimpleMiddleware, type SqliteCheckpointerOptions, type StateChannelConfig, type SubgraphBuilder, type TestingPresetOptions, type ThreadConfig, type ThreadInfo, type ThreadStatus, type ThrottleOptions, TimeoutError, type TimeoutOptions, type Timer, type Tool, type BackoffStrategy$1 as ToolBackoffStrategy, ToolBuilder, ToolCategory, ToolCategorySchema, type ToolExample, ToolExampleSchema, type ToolExecution, type ToolExecutorConfig, type ToolInvocation, type ToolMetadata, ToolMetadataSchema, ToolNameSchema, ToolRegistry, type ToolRelations, ToolRelationsSchema, type ToolSimulatorConfig, type TracingOptions, type ValidationErrorHandler, type ValidationMode, type ValidationOptions, type ValidatorFunction, type WebSocketHandlerOptions, type WebSocketMessage, batch, broadcast, cache, chain, chunk, clearThread, collect, compose, composeGraphs, composeTool, composeWithOptions, conditional, configureLangSmith, createApprovalRequiredInterrupt, createBatchProcessor, createBinaryRouter, createCircuitBreaker, createConditionalRouter, createConnectionPool, createConversationConfig, createCustomInterrupt, createDatabasePool, createErrorReporter, createHeartbeat, createHttpPool, createHumanRequestInterrupt, createLogger, createManagedTool, createMemoryCheckpointer, createMemoryManager, createMessage, createMetrics, createMiddlewareContext, createMockTool, createMultiRouter, createParallelWorkflow, createProgressTracker, createSSEFormatter, createSequentialWorkflow, createSharedCache, createSharedConcurrencyController, createSharedRateLimiter, createSqliteCheckpointer, createStateAnnotation, createSubgraph, createThreadConfig, createTool, createToolExecutor, createToolSimulator, createToolUnsafe, createWebSocketHandler, development, filter, formatAgentResumedEvent, formatAgentWaitingEvent, formatHumanRequestEvent, formatHumanResponseEvent, formatInterruptEvent, formatResumeEvent, generateThreadId, getCheckpointHistory, getLangSmithConfig, getLatestCheckpoint, getMissingDescriptions, getThreadStatus, getToolDescription, getToolJsonSchema, isApprovalRequiredInterrupt, isCustomInterrupt, isHumanRequestInterrupt, isMemoryCheckpointer, isTracingEnabled, loadPrompt, map, merge, mergeState, parallel, parseSSEEvent, presets, production, reduce, renderTemplate, retry, safeValidateSchemaDescriptions, sanitizeValue, sendMessage, sequential, sequentialBuilder, take, testing, throttle, timeout, toLangChainTool, toLangChainTools, toolBuilder, validateSchemaDescriptions, validateState, validateTool, validateToolMetadata, validateToolName, withCache, withConcurrency, withErrorHandler, withLogging, withMetrics, withRateLimit, withRetry, withTimeout, withTracing, withValidation };

package/dist/index.js CHANGED Viewed

@@ -4766,6 +4766,68 @@ var CircuitBreaker = class {
 function createCircuitBreaker(options) {
   return new CircuitBreaker(options);
 }
+// src/prompt-loader/index.ts
+import { readFileSync } from "fs";
+import { join } from "path";
+var MAX_VARIABLE_LENGTH = 500;
+function sanitizeValue(value) {
+  if (value === void 0 || value === null) return "";
+  let sanitized = String(value);
+  sanitized = sanitized.replace(/^#+\s*/gm, "");
+  sanitized = sanitized.replace(/[\r\n]+/g, " ");
+  sanitized = sanitized.trim().replace(/\s+/g, " ");
+  if (sanitized.length > MAX_VARIABLE_LENGTH) {
+    sanitized = sanitized.substring(0, MAX_VARIABLE_LENGTH) + "...";
+  }
+  return sanitized;
+}
+function renderTemplate(template, options) {
+  let rawVariables;
+  let sanitizedVariables;
+  if ("trustedVariables" in options || "untrustedVariables" in options) {
+    const opts = options;
+    rawVariables = {
+      ...opts.trustedVariables,
+      ...opts.untrustedVariables
+    };
+    const sanitizedUntrusted = {};
+    if (opts.untrustedVariables) {
+      for (const [key, value] of Object.entries(opts.untrustedVariables)) {
+        sanitizedUntrusted[key] = sanitizeValue(value);
+      }
+    }
+    sanitizedVariables = {
+      ...opts.trustedVariables,
+      ...sanitizedUntrusted
+    };
+  } else {
+    rawVariables = options;
+    sanitizedVariables = options;
+  }
+  let result = template;
+  result = result.replace(/\{\{#if\s+(\w+)\}\}([\s\S]*?)\{\{\/if\}\}/g, (_, varName, content) => {
+    return rawVariables[varName] ? content : "";
+  });
+  result = result.replace(/\{\{(\w+)\}\}/g, (_, varName) => {
+    const value = sanitizedVariables[varName];
+    if (value === void 0 || value === null) return "";
+    return String(value);
+  });
+  return result;
+}
+function loadPrompt(promptName, options = {}, promptsDir) {
+  const baseDir = promptsDir || join(process.cwd(), "prompts");
+  const promptPath = join(baseDir, `${promptName}.md`);
+  try {
+    const template = readFileSync(promptPath, "utf-8");
+    return renderTemplate(template, options);
+  } catch (error) {
+    throw new Error(
+      `Failed to load prompt "${promptName}" from ${promptPath}: ${error instanceof Error ? error.message : String(error)}`
+    );
+  }
+}
 export {
   AgentError,
   BatchProcessor,
@@ -4861,6 +4923,7 @@ export {
   isHumanRequestInterrupt,
   isMemoryCheckpointer,
   isTracingEnabled,
+  loadPrompt,
   map,
   merge,
   mergeState,
@@ -4869,8 +4932,10 @@ export {
   presets,
   production,
   reduce,
+  renderTemplate,
   retry,
   safeValidateSchemaDescriptions,
+  sanitizeValue,
   sendMessage,
   sequential,
   sequentialBuilder,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@agentforge/core",
-  "version": "0.11.7",
+  "version": "0.11.8",
   "description": "Core abstractions for AgentForge - production-ready deep agents framework",
   "type": "module",
   "main": "./dist/index.cjs",