@agentguard-run/spend 0.1.4 → 0.1.6

package/bin/agentguard.js

@@ -0,0 +1,9 @@
+#!/usr/bin/env node
+// AgentGuard CLI entry point (executable via `agentguard` after npm install).
+require('../dist/cli/main')
+  .main()
+  .then((code) => process.exit(code))
+  .catch((err) => {
+    console.error(err);
+    process.exit(1);
+  });

package/dist/cli/colors.d.ts

@@ -0,0 +1,22 @@
+/**
+ * ANSI color helpers with TTY detection.
+ *
+ * Honors:
+ *   - NO_COLOR=1                (industry standard; https://no-color.org)
+ *   - AGENTGUARD_COLOR=0        (product-specific opt-out)
+ *   - process.stdout.isTTY      (no color when piped to file or non-TTY)
+ */
+export declare const red: (text: string) => string;
+export declare const green: (text: string) => string;
+export declare const yellow: (text: string) => string;
+export declare const cyan: (text: string) => string;
+export declare const brightRed: (text: string) => string;
+export declare const brightGreen: (text: string) => string;
+export declare const brightCyan: (text: string) => string;
+export declare const bold: (text: string) => string;
+export declare const dim: (text: string) => string;
+export declare function cyanBold(text: string): string;
+export declare function redBold(text: string): string;
+export declare function greenBold(text: string): string;
+export declare function banner(version: string): string;
+//# sourceMappingURL=colors.d.ts.map

package/dist/cli/colors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.d.ts","sourceRoot":"","sources":["../../src/cli/colors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAeH,eAAO,MAAM,GAAG,SAJoB,MAAM,KAAK,MAIlB,CAAC;AAC9B,eAAO,MAAM,KAAK,SALkB,MAAM,KAAK,MAKhB,CAAC;AAChC,eAAO,MAAM,MAAM,SANiB,MAAM,KAAK,MAMf,CAAC;AACjC,eAAO,MAAM,IAAI,SAPmB,MAAM,KAAK,MAOjB,CAAC;AAC/B,eAAO,MAAM,SAAS,SARc,MAAM,KAAK,MAQZ,CAAC;AACpC,eAAO,MAAM,WAAW,SATY,MAAM,KAAK,MASV,CAAC;AACtC,eAAO,MAAM,UAAU,SAVa,MAAM,KAAK,MAUX,CAAC;AACrC,eAAO,MAAM,IAAI,SAXmB,MAAM,KAAK,MAWlB,CAAC;AAC9B,eAAO,MAAM,GAAG,SAZoB,MAAM,KAAK,MAYnB,CAAC;AAE7B,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE7C;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5C;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE9C"}

package/dist/cli/colors.js

@@ -0,0 +1,52 @@
+"use strict";
+/**
+ * ANSI color helpers with TTY detection.
+ *
+ * Honors:
+ *   - NO_COLOR=1                (industry standard; https://no-color.org)
+ *   - AGENTGUARD_COLOR=0        (product-specific opt-out)
+ *   - process.stdout.isTTY      (no color when piped to file or non-TTY)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.dim = exports.bold = exports.brightCyan = exports.brightGreen = exports.brightRed = exports.cyan = exports.yellow = exports.green = exports.red = void 0;
+exports.cyanBold = cyanBold;
+exports.redBold = redBold;
+exports.greenBold = greenBold;
+exports.banner = banner;
+function colorEnabled() {
+    if (typeof process === 'undefined')
+        return false;
+    if (process.env.NO_COLOR)
+        return false;
+    const ag = (process.env.AGENTGUARD_COLOR || '').toLowerCase();
+    if (['0', 'false', 'no', 'off'].includes(ag))
+        return false;
+    if (!process.stdout || !process.stdout.isTTY)
+        return false;
+    return true;
+}
+function wrap(code) {
+    return (text) => (colorEnabled() ? `\x1b[${code}m${text}\x1b[0m` : text);
+}
+exports.red = wrap('31');
+exports.green = wrap('32');
+exports.yellow = wrap('33');
+exports.cyan = wrap('36');
+exports.brightRed = wrap('91');
+exports.brightGreen = wrap('92');
+exports.brightCyan = wrap('96');
+exports.bold = wrap('1');
+exports.dim = wrap('2');
+function cyanBold(text) {
+    return colorEnabled() ? `\x1b[1;36m${text}\x1b[0m` : text;
+}
+function redBold(text) {
+    return colorEnabled() ? `\x1b[1;31m${text}\x1b[0m` : text;
+}
+function greenBold(text) {
+    return colorEnabled() ? `\x1b[1;32m${text}\x1b[0m` : text;
+}
+function banner(version) {
+    return cyanBold(`⬡ AGENTGUARD SPEND  ·  v${version}`);
+}
+//# sourceMappingURL=colors.js.map

package/dist/cli/colors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.js","sourceRoot":"","sources":["../../src/cli/colors.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAyBH,4BAEC;AAED,0BAEC;AAED,8BAEC;AAED,wBAEC;AArCD,SAAS,YAAY;IACnB,IAAI,OAAO,OAAO,KAAK,WAAW;QAAE,OAAO,KAAK,CAAC;IACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC9D,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3D,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IAC3D,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,IAAI,CAAC,IAAY;IACxB,OAAO,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;AACnF,CAAC;AAEY,QAAA,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACjB,QAAA,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACnB,QAAA,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACpB,QAAA,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AAClB,QAAA,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACvB,QAAA,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,QAAA,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,QAAA,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AACjB,QAAA,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;AAE7B,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,YAAY,EAAE,CAAC,CAAC,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5D,CAAC;AAED,SAAgB,OAAO,CAAC,IAAY;IAClC,OAAO,YAAY,EAAE,CAAC,CAAC,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5D,CAAC;AAED,SAAgB,SAAS,CAAC,IAAY;IACpC,OAAO,YAAY,EAAE,CAAC,CAAC,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5D,CAAC;AAED,SAAgB,MAAM,CAAC,OAAe;IACpC,OAAO,QAAQ,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;AACxD,CAAC"}

package/dist/cli/demo.d.ts

@@ -0,0 +1,13 @@
+/**
+ * `agentguard demo` — deterministic simulation with real cryptographic receipt.
+ *
+ * Output matches agentguard.run/the-block/ exactly. Dollar amounts and
+ * agent name are simulated parameters (fixed for reproducibility). The
+ * Ed25519 signature, SHA-256 chain hash, and canonical-JSON
+ * serialization are REAL — the receipt can be verified with
+ * `agentguard verify --trace latest`.
+ *
+ * No network calls. Fully offline. Deterministic across runs.
+ */
+export declare function runDemo(argv: string[]): Promise<number>;
+//# sourceMappingURL=demo.d.ts.map

package/dist/cli/demo.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"demo.d.ts","sourceRoot":"","sources":["../../src/cli/demo.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAuBH,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAmI7D"}

package/dist/cli/demo.js

@@ -0,0 +1,173 @@
+"use strict";
+/**
+ * `agentguard demo` — deterministic simulation with real cryptographic receipt.
+ *
+ * Output matches agentguard.run/the-block/ exactly. Dollar amounts and
+ * agent name are simulated parameters (fixed for reproducibility). The
+ * Ed25519 signature, SHA-256 chain hash, and canonical-JSON
+ * serialization are REAL — the receipt can be verified with
+ * `agentguard verify --trace latest`.
+ *
+ * No network calls. Fully offline. Deterministic across runs.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runDemo = runDemo;
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const ed = __importStar(require("@noble/ed25519"));
+const decision_log_1 = require("../decision-log");
+const i18n_1 = require("../i18n");
+const index_1 = require("../index");
+const colors_1 = require("./colors");
+const DEMO_HOME = path.join(os.homedir(), '.agentguard', 'demo');
+const DEMO_PRIVATE_KEY = path.join(DEMO_HOME, 'demo-private.key');
+const DEMO_PUBLIC_KEY = path.join(DEMO_HOME, 'demo-public.key');
+const DEMO_RECEIPT = path.join(DEMO_HOME, 'latest-receipt.json');
+async function runDemo(argv) {
+    if (argv.includes('--no-color')) {
+        process.env.NO_COLOR = '1';
+    }
+    if (argv.includes('--help') || argv.includes('-h')) {
+        console.log('agentguard demo');
+        console.log('Run a deterministic simulation with a real cryptographic receipt.');
+        console.log('Options:');
+        console.log('  --no-color    Disable colored output (same as NO_COLOR=1).');
+        return 0;
+    }
+    // Simulated parameters - match the marketing screenshot at agentguard.run/the-block/.
+    const agentId = 'agent-finance-bot-v3';
+    const provider = 'anthropic';
+    const modelRequested = 'claude-opus-4-7';
+    const dailyCapCents = 50000; // $500.00
+    const projectedCents = 112241; // $1,122.41
+    const windowSpendBefore = 0;
+    const timestamp = '2026-05-24T18:00:00.000Z';
+    // Deterministic keypair from a fixed seed.
+    // Public + reproducible by design - NEVER use for production.
+    const privateSeed = new Uint8Array(32);
+    for (let i = 0; i < 32; i++)
+        privateSeed[i] = i;
+    const publicKey = await ed.getPublicKeyAsync(privateSeed);
+    const triggeredCap = {
+        amountCents: dailyCapCents,
+        window: 'per_day',
+        action: 'block',
+        reason: `Hard daily ceiling ($${(dailyCapCents / 100).toFixed(2)}/day)`,
+    };
+    const decision = {
+        decisionId: 'agentguard-demo-decision-v1',
+        timestamp,
+        policyId: 'agentguard-demo-policy-v1',
+        policyVersion: 1,
+        enforcementMode: 'enforce',
+        action: 'block',
+        reasons: [`Cap 'per_day=${dailyCapCents}c' exceeded`],
+        provider,
+        modelRequested,
+        modelResolved: modelRequested,
+        projectedCents,
+        windowSpendBefore,
+        windowSpendAfter: windowSpendBefore,
+        triggeredCap,
+        triggeredScopeKey: `tenantId=demo|agentId=${agentId}`,
+    };
+    // REAL Ed25519 signature over REAL canonical JSON.
+    const sequence = 0;
+    const previousHash = decision_log_1.GENESIS_PREVIOUS_HASH;
+    const entryHash = (0, decision_log_1.computeEntryHash)({ sequence, decision, previousHash });
+    void entryHash; // computed for the persisted receipt below
+    const signedEntry = await (0, decision_log_1.signDecision)({
+        sequence,
+        decision,
+        previousHash,
+        privateKey: privateSeed,
+        publicKey,
+    });
+    const signerFingerprint = (0, decision_log_1.computeSignerFingerprint)(publicKey);
+    console.log('');
+    console.log('  ' + (0, colors_1.banner)(index_1.AGENTGUARD_SPEND_VERSION));
+    console.log('');
+    console.log('  ' +
+        (0, colors_1.cyanBold)('AgentGuard Demo') +
+        (0, colors_1.dim)('  ·  ') +
+        (0, colors_1.dim)('[simulated transaction · real cryptographic receipt]'));
+    console.log('');
+    console.log((0, i18n_1.formatBlockedTrace)({
+        policyId: decision.policyId,
+        provider: decision.provider,
+        projectedCents: decision.projectedCents,
+        windowSpendBefore: decision.windowSpendBefore,
+        reasons: decision.reasons,
+        triggeredCap: { amountCents: triggeredCap.amountCents, window: triggeredCap.window },
+        agentId,
+    }));
+    console.log('');
+    // Persist the receipt so `agentguard verify --trace latest` works.
+    try {
+        fs.mkdirSync(DEMO_HOME, { recursive: true });
+        fs.writeFileSync(DEMO_PRIVATE_KEY, Buffer.from(privateSeed), { mode: 0o600 });
+        fs.writeFileSync(DEMO_PUBLIC_KEY, Buffer.from(publicKey));
+        fs.writeFileSync(DEMO_RECEIPT, JSON.stringify({
+            sequence,
+            entryHash,
+            previousHash,
+            signature: signedEntry.signature,
+            signerFingerprint,
+            publicKeyHex: Buffer.from(publicKey).toString('hex'),
+            decision,
+        }, null, 2));
+    }
+    catch {
+        // best-effort persist; demo still prints if disk write fails
+    }
+    const receiptId = entryHash.slice(0, 16);
+    console.log((0, colors_1.dim)('  ───────────────────────────────────────────'));
+    console.log(`  ${(0, colors_1.dim)('receipt   ')} ${receiptId}${(0, colors_1.dim)('...')}`);
+    console.log(`  ${(0, colors_1.dim)('signer    ')} ${signerFingerprint.slice(0, 16)}${(0, colors_1.dim)('...')}`);
+    console.log(`  ${(0, colors_1.dim)('sequence  ')} ${sequence}`);
+    console.log((0, colors_1.dim)('  ───────────────────────────────────────────'));
+    console.log('');
+    console.log('  ' +
+        (0, colors_1.green)('→') +
+        ' ' +
+        (0, colors_1.dim)('verify this receipt:') +
+        ' ' +
+        (0, colors_1.greenBold)('agentguard verify --trace latest'));
+    console.log('');
+    return 0;
+}
+//# sourceMappingURL=demo.js.map

package/dist/cli/demo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"demo.js","sourceRoot":"","sources":["../../src/cli/demo.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBH,0BAmIC;AAxJD,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAC7B,mDAAqC;AAErC,kDAKyB;AAEzB,kCAA6C;AAC7C,oCAAoD;AACpD,qCAAmE;AAEnE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;AACjE,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;AAClE,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;AAChE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;AAE1D,KAAK,UAAU,OAAO,CAAC,IAAc;IAC1C,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;IAC7B,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;QACjF,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;QAC5E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,sFAAsF;IACtF,MAAM,OAAO,GAAG,sBAAsB,CAAC;IACvC,MAAM,QAAQ,GAAG,WAAW,CAAC;IAC7B,MAAM,cAAc,GAAG,iBAAiB,CAAC;IACzC,MAAM,aAAa,GAAG,KAAK,CAAC,CAAC,UAAU;IACvC,MAAM,cAAc,GAAG,MAAM,CAAC,CAAC,YAAY;IAC3C,MAAM,iBAAiB,GAAG,CAAC,CAAC;IAC5B,MAAM,SAAS,GAAG,0BAA0B,CAAC;IAE7C,2CAA2C;IAC3C,8DAA8D;IAC9D,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAE1D,MAAM,YAAY,GAAa;QAC7B,WAAW,EAAE,aAAa;QAC1B,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,OAAO;QACf,MAAM,EAAE,wBAAwB,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;KACxE,CAAC;IAEF,MAAM,QAAQ,GAAkB;QAC9B,UAAU,EAAE,6BAA6B;QACzC,SAAS;QACT,QAAQ,EAAE,2BAA2B;QACrC,aAAa,EAAE,CAAC;QAChB,eAAe,EAAE,SAAS;QAC1B,MAAM,EAAE,OAAO;QACf,OAAO,EAAE,CAAC,gBAAgB,aAAa,aAAa,CAAC;QACrD,QAAQ;QACR,cAAc;QACd,aAAa,EAAE,cAAc;QAC7B,cAAc;QACd,iBAAiB;QACjB,gBAAgB,EAAE,iBAAiB;QACnC,YAAY;QACZ,iBAAiB,EAAE,yBAAyB,OAAO,EAAE;KACtD,CAAC;IAEF,mDAAmD;IACnD,MAAM,QAAQ,GAAG,CAAC,CAAC;IACnB,MAAM,YAAY,GAAG,oCAAqB,CAAC;IAC3C,MAAM,SAAS,GAAG,IAAA,+BAAgB,EAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;IACzE,KAAK,SAAS,CAAC,CAAC,2CAA2C;IAC3D,MAAM,WAAW,GAAG,MAAM,IAAA,2BAAY,EAAC;QACrC,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,UAAU,EAAE,WAAW;QACvB,SAAS;KACV,CAAC,CAAC;IACH,MAAM,iBAAiB,GAAG,IAAA,uCAAwB,EAAC,SAAS,CAAC,CAAC;IAE9D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,eAAM,EAAC,gCAAwB,CAAC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CACT,IAAI;QACF,IAAA,iBAAQ,EAAC,iBAAiB,CAAC;QAC3B,IAAA,YAAG,EAAC,OAAO,CAAC;QACZ,IAAA,YAAG,EAAC,sDAAsD,CAAC,CAC9D,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CACT,IAAA,yBAAkB,EAAC;QACjB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,cAAc,EAAE,QAAQ,CAAC,cAAc;QACvC,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;QAC7C,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,YAAY,EAAE,EAAE,WAAW,EAAE,YAAY,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE;QACpF,OAAO;KACR,CAAC,CACH,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,mEAAmE;IACnE,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7C,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9E,EAAE,CAAC,aAAa,CAAC,eAAe,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1D,EAAE,CAAC,aAAa,CACd,YAAY,EACZ,IAAI,CAAC,SAAS,CACZ;YACE,QAAQ;YACR,SAAS;YACT,YAAY;YACZ,SAAS,EAAE,WAAW,CAAC,SAAS;YAChC,iBAAiB;YACjB,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACpD,QAAQ;SACT,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,6DAA6D;IAC/D,CAAC;IAED,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,IAAA,YAAG,EAAC,+CAA+C,CAAC,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,KAAK,IAAA,YAAG,EAAC,YAAY,CAAC,IAAI,SAAS,GAAG,IAAA,YAAG,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,KAAK,IAAA,YAAG,EAAC,YAAY,CAAC,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,YAAG,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACrF,OAAO,CAAC,GAAG,CAAC,KAAK,IAAA,YAAG,EAAC,YAAY,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,IAAA,YAAG,EAAC,+CAA+C,CAAC,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CACT,IAAI;QACF,IAAA,cAAK,EAAC,GAAG,CAAC;QACV,GAAG;QACH,IAAA,YAAG,EAAC,sBAAsB,CAAC;QAC3B,GAAG;QACH,IAAA,kBAAS,EAAC,kCAAkC,CAAC,CAChD,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,CAAC;AACX,CAAC"}

package/dist/cli/main.d.ts

@@ -0,0 +1,11 @@
+/**
+ * AgentGuard CLI entry point.
+ *
+ * Usage:
+ *   agentguard demo                       Run a deterministic simulation
+ *   agentguard verify --trace latest      Verify the latest demo receipt
+ *   agentguard --version                  Show installed SDK version
+ *   agentguard --help                     Show this help
+ */
+export declare function main(argv?: string[]): Promise<number>;
+//# sourceMappingURL=main.d.ts.map

package/dist/cli/main.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAuBH,wBAAsB,IAAI,CAAC,IAAI,GAAE,MAAM,EAA0B,GAAG,OAAO,CAAC,MAAM,CAAC,CAyBlF"}

package/dist/cli/main.js

@@ -0,0 +1,95 @@
+"use strict";
+/**
+ * AgentGuard CLI entry point.
+ *
+ * Usage:
+ *   agentguard demo                       Run a deterministic simulation
+ *   agentguard verify --trace latest      Verify the latest demo receipt
+ *   agentguard --version                  Show installed SDK version
+ *   agentguard --help                     Show this help
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.main = main;
+const index_1 = require("../index");
+const HELP = `agentguard — local-runtime spend caps + signed receipts for AI agents
+
+usage:
+  agentguard <command> [options]
+
+commands:
+  demo              Run a deterministic simulation with a real cryptographic receipt.
+  verify            Verify a signed AgentGuard receipt.
+  --version         Show the installed SDK version.
+  --help            Show this help.
+
+examples:
+  agentguard demo
+  agentguard verify --trace latest
+
+docs:    https://agentguard.run
+install: pip install agentguard-spend  /  npm install @agentguard-run/spend
+`;
+async function main(argv = process.argv.slice(2)) {
+    if (argv.length === 0 || ['-h', '--help', 'help'].includes(argv[0])) {
+        process.stdout.write(HELP);
+        return 0;
+    }
+    if (['-v', '--version', 'version'].includes(argv[0])) {
+        console.log(`agentguard ${index_1.AGENTGUARD_SPEND_VERSION}`);
+        return 0;
+    }
+    const command = argv[0];
+    const rest = argv.slice(1);
+    if (command === 'demo') {
+        const { runDemo } = await Promise.resolve().then(() => __importStar(require('./demo')));
+        return runDemo(rest);
+    }
+    if (command === 'verify') {
+        const { runVerify } = await Promise.resolve().then(() => __importStar(require('./verify')));
+        return runVerify(rest);
+    }
+    process.stderr.write(`agentguard: unknown command '${command}'\n\n`);
+    process.stderr.write(HELP);
+    return 2;
+}
+// Allow `node dist/cli/main.js demo` directly
+if (require.main === module) {
+    main().then((code) => process.exit(code), (err) => {
+        console.error(err);
+        process.exit(1);
+    });
+}
+//# sourceMappingURL=main.js.map

package/dist/cli/main.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"main.js","sourceRoot":"","sources":["../../src/cli/main.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBH,oBAyBC;AA9CD,oCAAoD;AAEpD,MAAM,IAAI,GAAG;;;;;;;;;;;;;;;;;CAiBZ,CAAC;AAEK,KAAK,UAAU,IAAI,CAAC,OAAiB,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/D,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,cAAc,gCAAwB,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACxB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,EAAE,OAAO,EAAE,GAAG,wDAAa,QAAQ,GAAC,CAAC;QAC3C,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IACD,IAAI,OAAO,KAAK,QAAQ,EAAE,CAAC;QACzB,MAAM,EAAE,SAAS,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAC/C,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,OAAO,OAAO,CAAC,CAAC;IACrE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,CAAC;AACX,CAAC;AAED,8CAA8C;AAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC5B,IAAI,EAAE,CAAC,IAAI,CACT,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5B,CAAC,GAAG,EAAE,EAAE;QACN,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CACF,CAAC;AACJ,CAAC"}

package/dist/cli/verify.d.ts

@@ -0,0 +1,8 @@
+/**
+ * `agentguard verify` — verify a signed decision log entry.
+ *
+ * Default target: --trace latest reads ~/.agentguard/demo/latest-receipt.json
+ * (produced by `agentguard demo`) and verifies its Ed25519 signature.
+ */
+export declare function runVerify(argv: string[]): Promise<number>;
+//# sourceMappingURL=verify.d.ts.map

package/dist/cli/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/cli/verify.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAaH,wBAAsB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA2E/D"}

package/dist/cli/verify.js

@@ -0,0 +1,124 @@
+"use strict";
+/**
+ * `agentguard verify` — verify a signed decision log entry.
+ *
+ * Default target: --trace latest reads ~/.agentguard/demo/latest-receipt.json
+ * (produced by `agentguard demo`) and verifies its Ed25519 signature.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runVerify = runVerify;
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const decision_log_1 = require("../decision-log");
+const index_1 = require("../index");
+const colors_1 = require("./colors");
+const DEMO_RECEIPT = path.join(os.homedir(), '.agentguard', 'demo', 'latest-receipt.json');
+async function runVerify(argv) {
+    let trace = 'latest';
+    let publicKeyHex;
+    for (let i = 0; i < argv.length; i++) {
+        const a = argv[i];
+        if (a === '--trace') {
+            trace = argv[++i] ?? 'latest';
+        }
+        else if (a === '--public-key') {
+            publicKeyHex = argv[++i];
+        }
+        else if (a === '--help' || a === '-h') {
+            console.log('agentguard verify [--trace latest|<path>] [--public-key <hex>]');
+            return 0;
+        }
+    }
+    let source;
+    if (trace === 'latest') {
+        source = DEMO_RECEIPT;
+        if (!fs.existsSync(source)) {
+            console.log((0, colors_1.redBold)('error: ') + 'no demo receipt found.');
+            console.log('');
+            console.log(`  run ${(0, colors_1.greenBold)('agentguard demo')} first to produce a receipt.`);
+            return 2;
+        }
+    }
+    else {
+        source = path.resolve(trace.replace(/^~/, os.homedir()));
+        if (!fs.existsSync(source)) {
+            console.log((0, colors_1.redBold)('error: ') + `receipt file not found: ${source}`);
+            return 2;
+        }
+    }
+    const raw = JSON.parse(fs.readFileSync(source, 'utf-8'));
+    const entry = {
+        sequence: raw.sequence,
+        entryHash: raw.entryHash,
+        previousHash: raw.previousHash,
+        signature: raw.signature,
+        signerFingerprint: raw.signerFingerprint,
+        decision: raw.decision,
+    };
+    const pubHex = publicKeyHex || raw.publicKeyHex;
+    if (!pubHex) {
+        console.log((0, colors_1.redBold)('error: ') + 'no public key available for verification.');
+        return 2;
+    }
+    const publicKey = Uint8Array.from(Buffer.from(pubHex, 'hex'));
+    const ok = await (0, decision_log_1.verifyEntry)(entry, publicKey);
+    console.log('');
+    console.log('  ' + (0, colors_1.banner)(index_1.AGENTGUARD_SPEND_VERSION));
+    console.log('');
+    console.log('  ' + (0, colors_1.cyanBold)(`agentguard verify --trace ${trace}`));
+    console.log('');
+    const label = (s) => (0, colors_1.dim)(`  ${s.padEnd(14)}`);
+    console.log(label('receipt') + entry.entryHash.slice(0, 32) + (0, colors_1.dim)('...'));
+    console.log(label('signer') + entry.signerFingerprint.slice(0, 32) + (0, colors_1.dim)('...'));
+    console.log(label('sequence') + String(entry.sequence));
+    console.log(label('policy') + entry.decision.policyId);
+    console.log(label('action') + entry.decision.action);
+    console.log('');
+    if (ok) {
+        console.log('  ' + (0, colors_1.greenBold)('✓ signature valid'));
+        console.log('  ' + (0, colors_1.green)('✓ entry hash matches canonical JSON'));
+        console.log('  ' + (0, colors_1.green)('✓ chain link to previous entry intact'));
+        console.log('');
+        return 0;
+    }
+    console.log('  ' + (0, colors_1.redBold)('✗ verification FAILED'));
+    console.log('');
+    console.log((0, colors_1.dim)('  one or more of: signature mismatch, entryHash mismatch, chain broken.'));
+    console.log('');
+    return 1;
+}
+//# sourceMappingURL=verify.js.map

package/dist/cli/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/cli/verify.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAaH,8BA2EC;AAtFD,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAE7B,kDAA8C;AAE9C,oCAAoD;AACpD,qCAA4E;AAE5E,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,qBAAqB,CAAC,CAAC;AAEpF,KAAK,UAAU,SAAS,CAAC,IAAc;IAC5C,IAAI,KAAK,GAAG,QAAQ,CAAC;IACrB,IAAI,YAAgC,CAAC;IAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YACpB,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,QAAQ,CAAC;QAChC,CAAC;aAAM,IAAI,CAAC,KAAK,cAAc,EAAE,CAAC;YAChC,YAAY,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;aAAM,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YACxC,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;YAC9E,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,IAAI,MAAc,CAAC;IACnB,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvB,MAAM,GAAG,YAAY,CAAC;QACtB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,IAAA,gBAAO,EAAC,SAAS,CAAC,GAAG,wBAAwB,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,SAAS,IAAA,kBAAS,EAAC,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;YACjF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,IAAA,gBAAO,EAAC,SAAS,CAAC,GAAG,2BAA2B,MAAM,EAAE,CAAC,CAAC;YACtE,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAA2B;QACpC,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;QACxC,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAC;IACF,MAAM,MAAM,GAAG,YAAY,IAAI,GAAG,CAAC,YAAY,CAAC;IAChD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,IAAA,gBAAO,EAAC,SAAS,CAAC,GAAG,2CAA2C,CAAC,CAAC;QAC9E,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;IAE9D,MAAM,EAAE,GAAG,MAAM,IAAA,0BAAW,EAAC,KAAK,EAAE,SAAS,CAAC,CAAC;IAE/C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,eAAM,EAAC,gCAAwB,CAAC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,iBAAQ,EAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,YAAG,EAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,YAAG,EAAC,KAAK,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAA,YAAG,EAAC,KAAK,CAAC,CAAC,CAAC;IACjF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,EAAE,EAAE,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,kBAAS,EAAC,mBAAmB,CAAC,CAAC,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,cAAK,EAAC,qCAAqC,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,cAAK,EAAC,uCAAuC,CAAC,CAAC,CAAC;QACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,gBAAO,EAAC,uBAAuB,CAAC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,IAAA,YAAG,EAAC,yEAAyE,CAAC,CAAC,CAAC;IAC5F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,CAAC;AACX,CAAC"}

package/dist/index.d.ts

@@ -12,7 +12,7 @@ export { canonicalJson, sha256Hex, computeEntryHash, computeSignerFingerprint, s
 export { InMemorySpendStore } from './store-memory';
 export { SpendGuard, withSpendGuard, AgentGuardBlockedError, type SpendGuardConfig, type OpenAIBindingOptions, } from './spend-guard';
 export { DEFAULT_LOCALE, SUPPORTED_LOCALES, TRANSLATIONS, type SupportedLocale, resolveLocale, t, formatBlockedTrace, type BlockedTraceArgs, } from './i18n';
-export declare const AGENTGUARD_SPEND_VERSION = "0.1.4";
+export declare const AGENTGUARD_SPEND_VERSION = "0.1.6";
 /** Patent marking. 35 U.S.C. § 287 constructive notice. */
 export declare const PATENT_NOTICE: string;
 //# sourceMappingURL=index.d.ts.map

package/dist/index.js

@@ -46,7 +46,7 @@ Object.defineProperty(exports, "TRANSLATIONS", { enumerable: true, get: function
 Object.defineProperty(exports, "resolveLocale", { enumerable: true, get: function () { return i18n_1.resolveLocale; } });
 Object.defineProperty(exports, "t", { enumerable: true, get: function () { return i18n_1.t; } });
 Object.defineProperty(exports, "formatBlockedTrace", { enumerable: true, get: function () { return i18n_1.formatBlockedTrace; } });
-exports.AGENTGUARD_SPEND_VERSION = '0.1.4';
+exports.AGENTGUARD_SPEND_VERSION = '0.1.6';
 /** Patent marking. 35 U.S.C. § 287 constructive notice. */
 exports.PATENT_NOTICE = 'Protected by U.S. patent-pending technology ' +
     '(App. Nos. 63/983,615; 63/983,621; 63/983,843; 63/984,626; ' +

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentguard-run/spend",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "description": "Local-runtime spend caps and capability-gated model routing for AI agents. Prompts, API keys, and signing keys stay inside the customer runtime. Zero data plane involvement.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -21,8 +21,12 @@
       "default": "./dist/decision-log.js"
     }
   },
+  "bin": {
+    "agentguard": "./bin/agentguard.js"
+  },
   "files": [
     "dist",
+    "bin",
     "README.md",
     "LICENSE",
     "PATENTS.md"