@agenttrust/sdk 0.2.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 agenttrust
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,208 @@
+# @agenttrust/sdk
+
+Official JavaScript/TypeScript SDK for [AgentTrust](https://agenttrust.ai) — prompt injection detection, agent identity verification, and audit trails for autonomous AI agents.
+
+## Installation
+
+```bash
+npm install @agenttrust/sdk
+# or
+yarn add @agenttrust/sdk
+# or
+pnpm add @agenttrust/sdk
+```
+
+## Quick Start
+
+```ts
+import { AgentTrust } from '@agenttrust/sdk'
+
+// From environment variable (recommended)
+const at = AgentTrust.fromEnv() // reads AGENTTRUST_API_KEY
+
+// Or explicitly
+const at = new AgentTrust({ apiKey: 'atk_YOUR_API_KEY' })
+```
+
+Get your API key at [agenttrust.ai](https://agenttrust.ai/login). Keys are prefixed with `atk_`.
+
+---
+
+## InjectionGuard
+
+Scan any text for prompt injection, command execution attempts, and social engineering before your agent acts on it.
+
+```ts
+const result = await at.injectionGuard(text, {
+  capabilities: ['send_messages', 'open_links'],
+  channel: 'email',
+  use_llm_review: true,
+})
+
+if (result.blocked) {
+  // Hard block — do not proceed
+  console.log('Triggers:', result.triggers)
+  console.log('Mitigations:', result.mitigations)
+} else if (result.requiresHuman) {
+  // Queue for human review
+} else {
+  // Safe to execute
+}
+```
+
+### Options
+
+| Option | Type | Required | Description |
+|--------|------|----------|-------------|
+| `capabilities` | `string[]` | ✅ | What your agent can do (e.g. `send_messages`, `open_links`, `data_access`) |
+| `channel` | `'email' \| 'chat' \| 'api'` | — | Source channel for better contextual analysis |
+| `use_llm_review` | `boolean` | — | Enable additional LLM-based risk assessment |
+| `exclusions` | `string[]` | — | Terms that suppress trigger detection |
+| `custom_keywords` | `CustomKeyword[]` | — | Your own keyword triggers with severity |
+
+```ts
+// Custom keywords example
+custom_keywords: [
+  { keyword: 'powershell', severity: 'high' },
+  { keyword: 'wget', severity: 'medium' },
+]
+```
+
+> Dashboard-configured keywords and exclusions are automatically merged with request values.
+
+### Response
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `risk_level` | `'low' \| 'medium' \| 'high'` | Overall risk assessment |
+| `suggested_mode` | `'allow_execute' \| 'draft_only' \| 'require_human' \| 'block'` | Recommended handling |
+| `triggers` | `string[]` | Rules that matched |
+| `trigger_excerpts` | `Record<string, string[]>` | Supporting excerpts per trigger |
+| `mitigations` | `string[]` | Suggested mitigation actions |
+| `ruleset_version` | `string` | Detection ruleset version |
+| `llm_review` | `LLMReview \| undefined` | AI review block (when `use_llm_review: true`) |
+| `blocked` | `boolean` | Convenience: `true` when `suggested_mode === 'block'` |
+| `requiresHuman` | `boolean` | Convenience: `true` when `suggested_mode === 'require_human'` |
+
+---
+
+## TrustCode — Identity Verification
+
+### Issue a TrustCode
+
+Prove your agent's identity when reaching out to users or other systems.
+
+```ts
+const trustCode = await at.issue({
+  preset: 'draft_only',
+  ttl_seconds: 3600, // 1 hour (default: 86400)
+  payload: {
+    intent: 'schedule_meeting',
+    message: 'Scheduling a meeting on behalf of Acme Corp.',
+  },
+})
+
+console.log(trustCode.code)        // e.g. "gFs2-jbQE-GddW"
+console.log(trustCode.verify_url)  // shareable verification link
+console.log(trustCode.badge_html)  // embeddable HTML trust badge
+```
+
+### Verify a TrustCode
+
+No API key required — anyone can verify.
+
+```ts
+const identity = await at.verify('gFs2-jbQE-GddW')
+
+if (identity.verified) {
+  console.log('Agent:', identity.issuer_agent_id)
+  console.log('Org:', identity.issuer_org_id)
+  console.log('Intent:', identity.payload.intent)
+}
+```
+
+---
+
+## Framework Examples
+
+### Express middleware
+
+```ts
+import express from 'express'
+import { AgentTrust } from '@agenttrust/sdk'
+
+const at = AgentTrust.fromEnv()
+const app = express()
+app.use(express.json())
+
+app.post('/agent/run', async (req, res) => {
+  const check = await at.injectionGuard(req.body.message, {
+    capabilities: ['data_access'],
+    channel: 'api',
+  })
+
+  if (check.blocked) {
+    return res.status(400).json({
+      error: 'Prompt injection detected',
+      triggers: check.triggers,
+    })
+  }
+
+  if (check.requiresHuman) {
+    return res.status(202).json({ status: 'queued_for_review' })
+  }
+
+  // Continue with agent logic...
+})
+```
+
+### LangChain tool wrapper
+
+```ts
+import { AgentTrust } from '@agenttrust/sdk'
+
+const at = AgentTrust.fromEnv()
+
+async function secureToolCall(input: string, capabilities: string[]) {
+  const check = await at.injectionGuard(input, {
+    capabilities,
+    use_llm_review: true,
+  })
+
+  if (check.blocked) {
+    throw new Error(`Blocked by AgentTrust: ${check.triggers.join(', ')}`)
+  }
+
+  // Call your tool...
+}
+```
+
+---
+
+## Configuration
+
+```ts
+const at = new AgentTrust({
+  apiKey: 'atk_YOUR_API_KEY', // required — get from dashboard
+  baseUrl: 'https://agenttrust.ai/api', // optional, override for testing
+})
+```
+
+### Environment variable
+
+Set `AGENTTRUST_API_KEY` and use `AgentTrust.fromEnv()` for cleaner setup.
+
+---
+
+## Requirements
+
+- Node.js 18+ (uses native `fetch`)
+- Works with Bun, Deno, and any modern JS/TS runtime
+
+---
+
+## Links
+
+- [Dashboard](https://agenttrust.ai)
+- [Documentation](https://agenttrust.ai/docs)
+- [npm](https://npmjs.com/package/@agenttrust/sdk)

package/dist/index.d.mts

@@ -0,0 +1,118 @@
+interface AgentTrustConfig {
+    apiKey: string;
+    baseUrl?: string;
+}
+type RiskLevel = 'low' | 'medium' | 'high';
+type SuggestedMode = 'allow_execute' | 'draft_only' | 'require_human' | 'block';
+type Channel = 'email' | 'chat' | 'api';
+type Severity = 'low' | 'medium' | 'high';
+interface CustomKeyword {
+    keyword: string;
+    severity: Severity;
+}
+interface LLMReview {
+    risk_assessment: string;
+    confidence: number;
+    recommendation: string;
+    excerpts: string[];
+}
+interface InjectionGuardOptions {
+    /** Capabilities the downstream agent may execute */
+    capabilities: string[];
+    /** Source channel context */
+    channel?: Channel;
+    /** Enable additional LLM-based risk assessment */
+    use_llm_review?: boolean;
+    /** Terms that suppress matching trigger detection */
+    exclusions?: string[];
+    /** User-defined keyword triggers */
+    custom_keywords?: CustomKeyword[];
+}
+interface InjectionGuardResult {
+    risk_level: RiskLevel;
+    suggested_mode: SuggestedMode;
+    triggers: string[];
+    trigger_excerpts: Record<string, string[]>;
+    mitigations: string[];
+    ruleset_version: string;
+    llm_review?: LLMReview;
+    /** Convenience: true when suggested_mode is 'block' */
+    blocked: boolean;
+    /** Convenience: true when human review is recommended */
+    requiresHuman: boolean;
+}
+interface IssueOptions {
+    preset?: 'standard' | 'draft_only' | 'strict' | 'minimal';
+    /** Time-to-live in seconds (default: 86400 = 24h) */
+    ttl_seconds?: number;
+    payload?: {
+        /** High-level purpose of the outbound interaction */
+        intent?: string;
+        /** Human-readable message for the receiver */
+        message?: string;
+        [key: string]: unknown;
+    };
+}
+interface TrustCode {
+    code: string;
+    expires_at: string;
+    verify_url: string;
+    badge_html: string;
+}
+interface VerifyResult {
+    verified: boolean;
+    issuer_org_id: string;
+    issuer_agent_id: string;
+    preset: string;
+    email_verified: boolean;
+    risk_level: RiskLevel;
+    allowlisted: boolean;
+    payload: Record<string, unknown>;
+}
+declare class AgentTrust {
+    private apiKey;
+    private baseUrl;
+    constructor(config: AgentTrustConfig);
+    /**
+     * Create an AgentTrust client from environment variables.
+     * Reads AGENTTRUST_API_KEY automatically.
+     *
+     * @example
+     * const at = AgentTrust.fromEnv()
+     */
+    static fromEnv(): AgentTrust;
+    /**
+     * Scan text for prompt injection, command execution, and social engineering.
+     *
+     * @example
+     * const result = await at.injectionGuard(userMessage, {
+     *   capabilities: ['send_messages', 'open_links'],
+     *   channel: 'email',
+     *   use_llm_review: true,
+     * })
+     * if (result.blocked) throw new Error('Injection detected')
+     */
+    injectionGuard(text: string, options: InjectionGuardOptions): Promise<InjectionGuardResult>;
+    /**
+     * Issue a one-time TrustCode that proves your agent's identity.
+     *
+     * @example
+     * const code = await at.issue({
+     *   preset: 'draft_only',
+     *   ttl_seconds: 3600,
+     *   payload: { intent: 'schedule_meeting', message: 'Scheduling on behalf of Acme Corp.' }
+     * })
+     */
+    issue(options?: IssueOptions): Promise<TrustCode>;
+    /**
+     * Verify a TrustCode. No API key required — anyone can verify.
+     *
+     * @example
+     * const identity = await at.verify('gFs2-jbQE-GddW')
+     * if (identity.verified) console.log('Agent:', identity.issuer_agent_id)
+     */
+    verify(code: string): Promise<VerifyResult>;
+    private _post;
+}
+
+export { AgentTrust, type AgentTrustConfig, type Channel, type CustomKeyword, type InjectionGuardOptions, type InjectionGuardResult, type IssueOptions, type LLMReview, type RiskLevel, type Severity, type SuggestedMode, type TrustCode, type VerifyResult, AgentTrust as default };

package/dist/index.d.ts

@@ -0,0 +1,118 @@
+interface AgentTrustConfig {
+    apiKey: string;
+    baseUrl?: string;
+}
+type RiskLevel = 'low' | 'medium' | 'high';
+type SuggestedMode = 'allow_execute' | 'draft_only' | 'require_human' | 'block';
+type Channel = 'email' | 'chat' | 'api';
+type Severity = 'low' | 'medium' | 'high';
+interface CustomKeyword {
+    keyword: string;
+    severity: Severity;
+}
+interface LLMReview {
+    risk_assessment: string;
+    confidence: number;
+    recommendation: string;
+    excerpts: string[];
+}
+interface InjectionGuardOptions {
+    /** Capabilities the downstream agent may execute */
+    capabilities: string[];
+    /** Source channel context */
+    channel?: Channel;
+    /** Enable additional LLM-based risk assessment */
+    use_llm_review?: boolean;
+    /** Terms that suppress matching trigger detection */
+    exclusions?: string[];
+    /** User-defined keyword triggers */
+    custom_keywords?: CustomKeyword[];
+}
+interface InjectionGuardResult {
+    risk_level: RiskLevel;
+    suggested_mode: SuggestedMode;
+    triggers: string[];
+    trigger_excerpts: Record<string, string[]>;
+    mitigations: string[];
+    ruleset_version: string;
+    llm_review?: LLMReview;
+    /** Convenience: true when suggested_mode is 'block' */
+    blocked: boolean;
+    /** Convenience: true when human review is recommended */
+    requiresHuman: boolean;
+}
+interface IssueOptions {
+    preset?: 'standard' | 'draft_only' | 'strict' | 'minimal';
+    /** Time-to-live in seconds (default: 86400 = 24h) */
+    ttl_seconds?: number;
+    payload?: {
+        /** High-level purpose of the outbound interaction */
+        intent?: string;
+        /** Human-readable message for the receiver */
+        message?: string;
+        [key: string]: unknown;
+    };
+}
+interface TrustCode {
+    code: string;
+    expires_at: string;
+    verify_url: string;
+    badge_html: string;
+}
+interface VerifyResult {
+    verified: boolean;
+    issuer_org_id: string;
+    issuer_agent_id: string;
+    preset: string;
+    email_verified: boolean;
+    risk_level: RiskLevel;
+    allowlisted: boolean;
+    payload: Record<string, unknown>;
+}
+declare class AgentTrust {
+    private apiKey;
+    private baseUrl;
+    constructor(config: AgentTrustConfig);
+    /**
+     * Create an AgentTrust client from environment variables.
+     * Reads AGENTTRUST_API_KEY automatically.
+     *
+     * @example
+     * const at = AgentTrust.fromEnv()
+     */
+    static fromEnv(): AgentTrust;
+    /**
+     * Scan text for prompt injection, command execution, and social engineering.
+     *
+     * @example
+     * const result = await at.injectionGuard(userMessage, {
+     *   capabilities: ['send_messages', 'open_links'],
+     *   channel: 'email',
+     *   use_llm_review: true,
+     * })
+     * if (result.blocked) throw new Error('Injection detected')
+     */
+    injectionGuard(text: string, options: InjectionGuardOptions): Promise<InjectionGuardResult>;
+    /**
+     * Issue a one-time TrustCode that proves your agent's identity.
+     *
+     * @example
+     * const code = await at.issue({
+     *   preset: 'draft_only',
+     *   ttl_seconds: 3600,
+     *   payload: { intent: 'schedule_meeting', message: 'Scheduling on behalf of Acme Corp.' }
+     * })
+     */
+    issue(options?: IssueOptions): Promise<TrustCode>;
+    /**
+     * Verify a TrustCode. No API key required — anyone can verify.
+     *
+     * @example
+     * const identity = await at.verify('gFs2-jbQE-GddW')
+     * if (identity.verified) console.log('Agent:', identity.issuer_agent_id)
+     */
+    verify(code: string): Promise<VerifyResult>;
+    private _post;
+}
+
+export { AgentTrust, type AgentTrustConfig, type Channel, type CustomKeyword, type InjectionGuardOptions, type InjectionGuardResult, type IssueOptions, type LLMReview, type RiskLevel, type Severity, type SuggestedMode, type TrustCode, type VerifyResult, AgentTrust as default };

package/dist/index.js

@@ -0,0 +1,125 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  AgentTrust: () => AgentTrust,
+  default: () => index_default
+});
+module.exports = __toCommonJS(index_exports);
+var BASE_URL = "https://agenttrust.ai/api";
+var AgentTrust = class _AgentTrust {
+  constructor(config) {
+    if (!config.apiKey) throw new Error("[AgentTrust] apiKey is required");
+    this.apiKey = config.apiKey;
+    this.baseUrl = config.baseUrl ?? BASE_URL;
+  }
+  /**
+   * Create an AgentTrust client from environment variables.
+   * Reads AGENTTRUST_API_KEY automatically.
+   *
+   * @example
+   * const at = AgentTrust.fromEnv()
+   */
+  static fromEnv() {
+    const apiKey = process.env.AGENTTRUST_API_KEY;
+    if (!apiKey) throw new Error("[AgentTrust] AGENTTRUST_API_KEY environment variable is not set");
+    return new _AgentTrust({ apiKey });
+  }
+  // ─── InjectionGuard ──────────────────────────────────────────────────────
+  /**
+   * Scan text for prompt injection, command execution, and social engineering.
+   *
+   * @example
+   * const result = await at.injectionGuard(userMessage, {
+   *   capabilities: ['send_messages', 'open_links'],
+   *   channel: 'email',
+   *   use_llm_review: true,
+   * })
+   * if (result.blocked) throw new Error('Injection detected')
+   */
+  async injectionGuard(text, options) {
+    const response = await this._post("/injectionGuard", {
+      text,
+      capabilities: options.capabilities,
+      ...options.channel && { channel: options.channel },
+      ...options.use_llm_review !== void 0 && { use_llm_review: options.use_llm_review },
+      ...options.exclusions && { exclusions: options.exclusions },
+      ...options.custom_keywords && { custom_keywords: options.custom_keywords }
+    });
+    return {
+      ...response,
+      blocked: response.suggested_mode === "block",
+      requiresHuman: response.suggested_mode === "require_human"
+    };
+  }
+  // ─── TrustCode ───────────────────────────────────────────────────────────
+  /**
+   * Issue a one-time TrustCode that proves your agent's identity.
+   *
+   * @example
+   * const code = await at.issue({
+   *   preset: 'draft_only',
+   *   ttl_seconds: 3600,
+   *   payload: { intent: 'schedule_meeting', message: 'Scheduling on behalf of Acme Corp.' }
+   * })
+   */
+  async issue(options = {}) {
+    return this._post("/issue", {
+      preset: options.preset ?? "standard",
+      ...options.ttl_seconds && { ttl_seconds: options.ttl_seconds },
+      ...options.payload && { payload: options.payload }
+    });
+  }
+  /**
+   * Verify a TrustCode. No API key required — anyone can verify.
+   *
+   * @example
+   * const identity = await at.verify('gFs2-jbQE-GddW')
+   * if (identity.verified) console.log('Agent:', identity.issuer_agent_id)
+   */
+  async verify(code) {
+    return this._post("/verify", { code }, { auth: false });
+  }
+  // ─── Internal ────────────────────────────────────────────────────────────
+  async _post(path, body, opts = { auth: true }) {
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    if (opts.auth !== false) {
+      headers["Authorization"] = `Bearer ${this.apiKey}`;
+    }
+    const res = await fetch(`${this.baseUrl}${path}`, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(body)
+    });
+    if (!res.ok) {
+      const error = await res.text();
+      throw new Error(`[AgentTrust] API error ${res.status}: ${error}`);
+    }
+    return res.json();
+  }
+};
+var index_default = AgentTrust;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AgentTrust
+});

package/dist/index.mjs

@@ -0,0 +1,100 @@
+// src/index.ts
+var BASE_URL = "https://agenttrust.ai/api";
+var AgentTrust = class _AgentTrust {
+  constructor(config) {
+    if (!config.apiKey) throw new Error("[AgentTrust] apiKey is required");
+    this.apiKey = config.apiKey;
+    this.baseUrl = config.baseUrl ?? BASE_URL;
+  }
+  /**
+   * Create an AgentTrust client from environment variables.
+   * Reads AGENTTRUST_API_KEY automatically.
+   *
+   * @example
+   * const at = AgentTrust.fromEnv()
+   */
+  static fromEnv() {
+    const apiKey = process.env.AGENTTRUST_API_KEY;
+    if (!apiKey) throw new Error("[AgentTrust] AGENTTRUST_API_KEY environment variable is not set");
+    return new _AgentTrust({ apiKey });
+  }
+  // ─── InjectionGuard ──────────────────────────────────────────────────────
+  /**
+   * Scan text for prompt injection, command execution, and social engineering.
+   *
+   * @example
+   * const result = await at.injectionGuard(userMessage, {
+   *   capabilities: ['send_messages', 'open_links'],
+   *   channel: 'email',
+   *   use_llm_review: true,
+   * })
+   * if (result.blocked) throw new Error('Injection detected')
+   */
+  async injectionGuard(text, options) {
+    const response = await this._post("/injectionGuard", {
+      text,
+      capabilities: options.capabilities,
+      ...options.channel && { channel: options.channel },
+      ...options.use_llm_review !== void 0 && { use_llm_review: options.use_llm_review },
+      ...options.exclusions && { exclusions: options.exclusions },
+      ...options.custom_keywords && { custom_keywords: options.custom_keywords }
+    });
+    return {
+      ...response,
+      blocked: response.suggested_mode === "block",
+      requiresHuman: response.suggested_mode === "require_human"
+    };
+  }
+  // ─── TrustCode ───────────────────────────────────────────────────────────
+  /**
+   * Issue a one-time TrustCode that proves your agent's identity.
+   *
+   * @example
+   * const code = await at.issue({
+   *   preset: 'draft_only',
+   *   ttl_seconds: 3600,
+   *   payload: { intent: 'schedule_meeting', message: 'Scheduling on behalf of Acme Corp.' }
+   * })
+   */
+  async issue(options = {}) {
+    return this._post("/issue", {
+      preset: options.preset ?? "standard",
+      ...options.ttl_seconds && { ttl_seconds: options.ttl_seconds },
+      ...options.payload && { payload: options.payload }
+    });
+  }
+  /**
+   * Verify a TrustCode. No API key required — anyone can verify.
+   *
+   * @example
+   * const identity = await at.verify('gFs2-jbQE-GddW')
+   * if (identity.verified) console.log('Agent:', identity.issuer_agent_id)
+   */
+  async verify(code) {
+    return this._post("/verify", { code }, { auth: false });
+  }
+  // ─── Internal ────────────────────────────────────────────────────────────
+  async _post(path, body, opts = { auth: true }) {
+    const headers = {
+      "Content-Type": "application/json"
+    };
+    if (opts.auth !== false) {
+      headers["Authorization"] = `Bearer ${this.apiKey}`;
+    }
+    const res = await fetch(`${this.baseUrl}${path}`, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(body)
+    });
+    if (!res.ok) {
+      const error = await res.text();
+      throw new Error(`[AgentTrust] API error ${res.status}: ${error}`);
+    }
+    return res.json();
+  }
+};
+var index_default = AgentTrust;
+export {
+  AgentTrust,
+  index_default as default
+};

package/package.json

@@ -0,0 +1,46 @@
+{
+  "name": "@agenttrust/sdk",
+  "version": "0.2.0",
+  "description": "Official SDK for AgentTrust — AI agent security, prompt injection detection, and identity verification",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup src/index.ts --format cjs,esm --dts",
+    "dev": "tsup src/index.ts --format cjs,esm --dts --watch",
+    "test": "node --experimental-vm-modules node_modules/.bin/jest"
+  },
+  "exports": {
+    ".": {
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "keywords": [
+    "agenttrust",
+    "prompt-injection",
+    "ai-security",
+    "agent-security",
+    "injection-guard",
+    "trustcode"
+  ],
+  "author": "AgentTrust",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^25.2.3",
+    "tsup": "^8.0.0",
+    "typescript": "^5.0.0"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/agenttrust/sdk"
+  },
+  "homepage": "https://agenttrust.ai"
+}