@ai-pip/core 0.2.0 → 0.3.0

package/dist/AAL/process/buildDecisionReason.js

@@ -10,6 +10,25 @@
  * - Include risk score and threshold information
  * - Facilitate auditing and debugging
  */
+const VALID_ACTIONS = new Set(['ALLOW', 'WARN', 'BLOCK']);
+function assertBuildDecisionReasonArgs(action, islSignal, policy) {
+    if (action == null || !VALID_ACTIONS.has(action)) {
+        throw new TypeError('AAL buildDecisionReason: action must be ALLOW, WARN, or BLOCK');
+    }
+    if (islSignal == null || typeof islSignal !== 'object') {
+        throw new TypeError('AAL buildDecisionReason: islSignal must be a non-null object');
+    }
+    if (typeof islSignal.riskScore !== 'number') {
+        throw new TypeError('AAL buildDecisionReason: islSignal.riskScore must be a number');
+    }
+    if (policy == null || typeof policy !== 'object') {
+        throw new TypeError('AAL buildDecisionReason: policy must be a non-null object');
+    }
+    const t = policy.thresholds;
+    if (t == null || typeof t !== 'object' || typeof t.warn !== 'number' || typeof t.block !== 'number') {
+        throw new TypeError('AAL buildDecisionReason: policy.thresholds.warn and block must be numbers');
+    }
+}
 /**
  * Builds the reason for a decision
  *
@@ -19,6 +38,9 @@
  * @returns DecisionReason with complete information
  */
 export function buildDecisionReason(action, islSignal, policy) {
+    assertBuildDecisionReasonArgs(action, islSignal, policy);
+    const detectionCount = islSignal.piDetection?.detections?.length ?? 0;
+    const hasThreats = islSignal.hasThreats === true && detectionCount > 0;
     let threshold;
     let reason;
     if (action === 'BLOCK') {
@@ -33,16 +55,16 @@ export function buildDecisionReason(action, islSignal, policy) {
         threshold = policy.thresholds.warn;
         reason = `Risk score ${islSignal.riskScore.toFixed(3)} is below warn threshold ${threshold.toFixed(3)}`;
     }
-    if (islSignal.hasThreats) {
-        reason += `. ${islSignal.piDetection.detections.length} threat(s) detected.`;
+    if (hasThreats) {
+        reason += `. ${detectionCount} threat(s) detected.`;
     }
     return {
         action,
         riskScore: islSignal.riskScore,
         threshold,
         reason,
-        hasThreats: islSignal.hasThreats,
-        detectionCount: islSignal.piDetection.detections.length
+        hasThreats,
+        detectionCount
     };
 }
 //# sourceMappingURL=buildDecisionReason.js.map

package/dist/AAL/process/buildDecisionReason.js.map

@@ -1 +1 @@
-{"version":3,"file":"buildDecisionReason.js","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAkBH;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,IAAI,SAAiB,CAAA;IACrB,IAAI,MAAc,CAAA;IAElB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAA;QACnC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;SAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC7B,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAA;IACrI,CAAC;SAAM,CAAC;QACN,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;IAED,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,sBAAsB,CAAA;IAC9E,CAAC;IAED,OAAO;QACL,MAAM;QACN,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS;QACT,MAAM;QACN,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,cAAc,EAAE,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM;KACxD,CAAA;AACH,CAAC"}
+{"version":3,"file":"buildDecisionReason.js","sourceRoot":"","sources":["../../../src/AAL/process/buildDecisionReason.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAkBH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;AAExE,SAAS,6BAA6B,CACpC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,IAAI,MAAM,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CAAC,8DAA8D,CAAC,CAAA;IACrF,CAAC;IACD,IAAI,OAAO,SAAS,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,IAAI,SAAS,CAAC,+DAA+D,CAAC,CAAA;IACtF,CAAC;IACD,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAA;IAC3B,IAAI,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QACpG,MAAM,IAAI,SAAS,CAAC,2EAA2E,CAAC,CAAA;IAClG,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAqB,EACrB,SAAoB,EACpB,MAAmB;IAEnB,6BAA6B,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAExD,MAAM,cAAc,GAAG,SAAS,CAAC,WAAW,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC,CAAA;IACrE,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,KAAK,IAAI,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtE,IAAI,SAAiB,CAAA;IACrB,IAAI,MAAc,CAAA;IAElB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAA;QACnC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;SAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC7B,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAA;IACrI,CAAC;SAAM,CAAC;QACN,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAA;QAClC,MAAM,GAAG,cAAc,SAAS,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACzG,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,cAAc,sBAAsB,CAAA;IACrD,CAAC;IAED,OAAO;QACL,MAAM;QACN,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS;QACT,MAAM;QACN,UAAU;QACV,cAAc;KACf,CAAA;AACH,CAAC"}

package/dist/AAL/process/buildRemovalPlan.d.ts

@@ -2,17 +2,14 @@
  * buildRemovalPlan - Builds a plan for instruction removal
  *
  * @remarks
- * This function builds a plan of which instructions should be removed
- * based on ISL detections and agent policy.
- *
- * **Responsibility:**
- * - Identify instructions to remove
- * - Create removal plan based on detections
- * - Does not execute the removal (that is SDK responsibility)
+ * Two entry points:
+ * - buildRemovalPlan(islSignal, policy): from signal only; no segmentId (descriptive).
+ * - buildRemovalPlanFromResult(islResult, policy): from result; includes segmentId for applyRemovalPlan.
  */
 import type { RemovedInstruction } from '../types.js';
-import type { ISLSignal } from '../../isl/signals.js';
 import type { AgentPolicy } from '../types.js';
+import type { ISLSignal } from '../../isl/signals.js';
+import type { ISLResult } from '../../isl/types.js';
 /**
  * Plan for instruction removal
  */
@@ -22,11 +19,21 @@ export interface RemovalPlan {
     readonly removalEnabled: boolean;
 }
 /**
- * Builds a plan for instruction removal
+ * Builds a plan for instruction removal from ISL signal (no segment ids).
+ * Use when you only have the signal; plan is descriptive. For actionable removal use buildRemovalPlanFromResult.
  *
  * @param islSignal - ISL signal with detections
  * @param policy - Agent policy
- * @returns RemovalPlan with instructions to remove
+ * @returns RemovalPlan with instructions to remove (no segmentId)
  */
 export declare function buildRemovalPlan(islSignal: ISLSignal, policy: AgentPolicy): RemovalPlan;
+/**
+ * Builds a plan for instruction removal from ISL result (with segment ids).
+ * Use with applyRemovalPlan to produce content with malicious ranges removed.
+ *
+ * @param islResult - ISL result with segments and per-segment piDetection
+ * @param policy - Agent policy
+ * @returns RemovalPlan with instructions to remove (segmentId set per instruction)
+ */
+export declare function buildRemovalPlanFromResult(islResult: ISLResult, policy: AgentPolicy): RemovalPlan;
 //# sourceMappingURL=buildRemovalPlan.d.ts.map

package/dist/AAL/process/buildRemovalPlan.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"buildRemovalPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,oBAAoB,EAAE,SAAS,kBAAkB,EAAE,CAAA;IAC5D,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAA;CACjC;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAkCb"}
+{"version":3,"file":"buildRemovalPlan.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAGnD;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,oBAAoB,EAAE,SAAS,kBAAkB,EAAE,CAAA;IAC5D,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAA;CACjC;AA0CD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAoBb;AAWD;;;;;;;GAOG;AACH,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,WAAW,CAmBb"}

package/dist/AAL/process/buildRemovalPlan.js

@@ -2,45 +2,99 @@
  * buildRemovalPlan - Builds a plan for instruction removal
  *
  * @remarks
- * This function builds a plan of which instructions should be removed
- * based on ISL detections and agent policy.
- *
- * **Responsibility:**
- * - Identify instructions to remove
- * - Create removal plan based on detections
- * - Does not execute the removal (that is SDK responsibility)
+ * Two entry points:
+ * - buildRemovalPlan(islSignal, policy): from signal only; no segmentId (descriptive).
+ * - buildRemovalPlanFromResult(islResult, policy): from result; includes segmentId for applyRemovalPlan.
  */
+function mapDetectionToRemovedInstruction(detection, segmentId) {
+    return {
+        type: detection.pattern_type,
+        pattern: detection.matched_pattern,
+        position: detection.position,
+        description: `Detected ${detection.pattern_type} pattern with confidence ${detection.confidence.toFixed(3)}`,
+        ...(segmentId != null && { segmentId })
+    };
+}
+const EMPTY_PLAN_DISABLED = Object.freeze({
+    instructionsToRemove: Object.freeze([]),
+    shouldRemove: false,
+    removalEnabled: false
+});
+const EMPTY_PLAN_NO_THREATS = Object.freeze({
+    instructionsToRemove: Object.freeze([]),
+    shouldRemove: false,
+    removalEnabled: true
+});
+function assertPolicyForRemoval(policy) {
+    if (policy == null || typeof policy !== 'object') {
+        throw new TypeError('AAL buildRemovalPlan: policy must be a non-null object');
+    }
+    const r = policy.removal;
+    if (r == null || typeof r !== 'object' || typeof r.enabled !== 'boolean') {
+        throw new TypeError('AAL buildRemovalPlan: policy.removal.enabled must be a boolean');
+    }
+}
+function assertISLSignalForRemoval(signal) {
+    if (signal == null || typeof signal !== 'object') {
+        throw new TypeError('AAL buildRemovalPlan: islSignal must be a non-null object');
+    }
+}
 /**
- * Builds a plan for instruction removal
+ * Builds a plan for instruction removal from ISL signal (no segment ids).
+ * Use when you only have the signal; plan is descriptive. For actionable removal use buildRemovalPlanFromResult.
  *
  * @param islSignal - ISL signal with detections
  * @param policy - Agent policy
- * @returns RemovalPlan with instructions to remove
+ * @returns RemovalPlan with instructions to remove (no segmentId)
  */
 export function buildRemovalPlan(islSignal, policy) {
-    // If removal is not enabled, return empty plan
-    if (!policy.removal.enabled) {
-        return {
-            instructionsToRemove: Object.freeze([]),
-            shouldRemove: false,
-            removalEnabled: false
-        };
+    assertPolicyForRemoval(policy);
+    assertISLSignalForRemoval(islSignal);
+    if (!policy.removal.enabled)
+        return EMPTY_PLAN_DISABLED;
+    if (!islSignal.hasThreats)
+        return EMPTY_PLAN_NO_THREATS;
+    const detections = islSignal.piDetection?.detections;
+    if (!Array.isArray(detections) || detections.length === 0) {
+        return EMPTY_PLAN_NO_THREATS;
+    }
+    const instructionsToRemove = detections.map((d) => mapDetectionToRemovedInstruction(d));
+    return {
+        instructionsToRemove: Object.freeze(instructionsToRemove),
+        shouldRemove: instructionsToRemove.length > 0,
+        removalEnabled: true
+    };
+}
+function assertISLResultForRemoval(islResult) {
+    if (islResult == null || typeof islResult !== 'object') {
+        throw new TypeError('AAL buildRemovalPlanFromResult: islResult must be a non-null object');
     }
-    // If no threats detected, nothing to remove
-    if (!islSignal.hasThreats) {
-        return {
-            instructionsToRemove: Object.freeze([]),
-            shouldRemove: false,
-            removalEnabled: true
-        };
+    if (!Array.isArray(islResult.segments)) {
+        throw new TypeError('AAL buildRemovalPlanFromResult: islResult.segments must be an array');
+    }
+}
+/**
+ * Builds a plan for instruction removal from ISL result (with segment ids).
+ * Use with applyRemovalPlan to produce content with malicious ranges removed.
+ *
+ * @param islResult - ISL result with segments and per-segment piDetection
+ * @param policy - Agent policy
+ * @returns RemovalPlan with instructions to remove (segmentId set per instruction)
+ */
+export function buildRemovalPlanFromResult(islResult, policy) {
+    assertPolicyForRemoval(policy);
+    assertISLResultForRemoval(islResult);
+    if (!policy.removal.enabled)
+        return EMPTY_PLAN_DISABLED;
+    const instructionsToRemove = [];
+    for (const segment of islResult.segments) {
+        const detections = segment.piDetection?.detections;
+        if (!Array.isArray(detections) || detections.length === 0)
+            continue;
+        for (const d of detections) {
+            instructionsToRemove.push(mapDetectionToRemovedInstruction(d, segment.id));
+        }
     }
-    // Build list of instructions to remove from detections
-    const instructionsToRemove = islSignal.piDetection.detections.map((detection) => ({
-        type: detection.pattern_type,
-        pattern: detection.matched_pattern,
-        position: detection.position,
-        description: `Detected ${detection.pattern_type} pattern with confidence ${detection.confidence.toFixed(3)}`
-    }));
     return {
         instructionsToRemove: Object.freeze(instructionsToRemove),
         shouldRemove: instructionsToRemove.length > 0,

package/dist/AAL/process/buildRemovalPlan.js.map

@@ -1 +1 @@
-{"version":3,"file":"buildRemovalPlan.js","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAeH;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAAoB,EACpB,MAAmB;IAEnB,+CAA+C;IAC/C,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO;YACL,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,YAAY,EAAE,KAAK;YACnB,cAAc,EAAE,KAAK;SACtB,CAAA;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAC1B,OAAO;YACL,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,YAAY,EAAE,KAAK;YACnB,cAAc,EAAE,IAAI;SACrB,CAAA;IACH,CAAC;IAED,uDAAuD;IACvD,MAAM,oBAAoB,GAAyB,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CACrF,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACd,IAAI,EAAE,SAAS,CAAC,YAA0C;QAC1D,OAAO,EAAE,SAAS,CAAC,eAAe;QAClC,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,WAAW,EAAE,YAAY,SAAS,CAAC,YAAY,4BAA4B,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;KAC7G,CAAC,CACH,CAAA;IAED,OAAO;QACL,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACzD,YAAY,EAAE,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAC7C,cAAc,EAAE,IAAI;KACrB,CAAA;AACH,CAAC"}
+{"version":3,"file":"buildRemovalPlan.js","sourceRoot":"","sources":["../../../src/AAL/process/buildRemovalPlan.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAiBH,SAAS,gCAAgC,CACvC,SAAsB,EACtB,SAAkB;IAElB,OAAO;QACL,IAAI,EAAE,SAAS,CAAC,YAAY;QAC5B,OAAO,EAAE,SAAS,CAAC,eAAe;QAClC,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,WAAW,EAAE,YAAY,SAAS,CAAC,YAAY,4BAA4B,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;QAC5G,GAAG,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,SAAS,EAAE,CAAC;KACxC,CAAA;AACH,CAAC;AAED,MAAM,mBAAmB,GAAgB,MAAM,CAAC,MAAM,CAAC;IACrD,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;IACvC,YAAY,EAAE,KAAK;IACnB,cAAc,EAAE,KAAK;CACtB,CAAC,CAAA;AACF,MAAM,qBAAqB,GAAgB,MAAM,CAAC,MAAM,CAAC;IACvD,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;IACvC,YAAY,EAAE,KAAK;IACnB,cAAc,EAAE,IAAI;CACrB,CAAC,CAAA;AAEF,SAAS,sBAAsB,CAAC,MAAmB;IACjD,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,wDAAwD,CAAC,CAAA;IAC/E,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAA;IACxB,IAAI,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,MAAM,IAAI,SAAS,CAAC,gEAAgE,CAAC,CAAA;IACvF,CAAC;AACH,CAAC;AAED,SAAS,yBAAyB,CAAC,MAAiB;IAClD,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAAoB,EACpB,MAAmB;IAEnB,sBAAsB,CAAC,MAAM,CAAC,CAAA;IAC9B,yBAAyB,CAAC,SAAS,CAAC,CAAA;IAEpC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO;QAAE,OAAO,mBAAmB,CAAA;IACvD,IAAI,CAAC,SAAS,CAAC,UAAU;QAAE,OAAO,qBAAqB,CAAA;IAEvD,MAAM,UAAU,GAAuC,SAAS,CAAC,WAAW,EAAE,UAAU,CAAA;IACxF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1D,OAAO,qBAAqB,CAAA;IAC9B,CAAC;IAED,MAAM,oBAAoB,GAAyB,UAAU,CAAC,GAAG,CAC/D,CAAC,CAAc,EAAE,EAAE,CAAC,gCAAgC,CAAC,CAAC,CAAC,CACxD,CAAA;IACD,OAAO;QACL,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACzD,YAAY,EAAE,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAC7C,cAAc,EAAE,IAAI;KACrB,CAAA;AACH,CAAC;AAED,SAAS,yBAAyB,CAAC,SAAoB;IACrD,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACvD,MAAM,IAAI,SAAS,CAAC,qEAAqE,CAAC,CAAA;IAC5F,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,qEAAqE,CAAC,CAAA;IAC5F,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,0BAA0B,CACxC,SAAoB,EACpB,MAAmB;IAEnB,sBAAsB,CAAC,MAAM,CAAC,CAAA;IAC9B,yBAAyB,CAAC,SAAS,CAAC,CAAA;IAEpC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO;QAAE,OAAO,mBAAmB,CAAA;IAEvD,MAAM,oBAAoB,GAAyB,EAAE,CAAA;IACrD,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;QACzC,MAAM,UAAU,GAAuC,OAAO,CAAC,WAAW,EAAE,UAAU,CAAA;QACtF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;YAAE,SAAQ;QACnE,KAAK,MAAM,CAAC,IAAI,UAA2B,EAAE,CAAC;YAC5C,oBAAoB,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,CAAA;QAC5E,CAAC;IACH,CAAC;IACD,OAAO;QACL,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACzD,YAAY,EAAE,oBAAoB,CAAC,MAAM,GAAG,CAAC;QAC7C,cAAc,EAAE,IAAI;KACrB,CAAA;AACH,CAAC"}

package/dist/AAL/process/index.d.ts

@@ -4,6 +4,7 @@
 export { resolveAgentAction, resolveAgentActionWithScore } from './resolveAgentAction.js';
 export { buildDecisionReason } from './buildDecisionReason.js';
 export type { DecisionReason } from './buildDecisionReason.js';
-export { buildRemovalPlan } from './buildRemovalPlan.js';
+export { buildRemovalPlan, buildRemovalPlanFromResult } from './buildRemovalPlan.js';
 export type { RemovalPlan } from './buildRemovalPlan.js';
+export { applyRemovalPlan } from './applyRemovalPlan.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/AAL/process/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAA;AACzF,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,YAAY,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,YAAY,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAA;AACzF,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,YAAY,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAA;AACpF,YAAY,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA"}

package/dist/AAL/process/index.js

@@ -3,5 +3,6 @@
  */
 export { resolveAgentAction, resolveAgentActionWithScore } from './resolveAgentAction.js';
 export { buildDecisionReason } from './buildDecisionReason.js';
-export { buildRemovalPlan } from './buildRemovalPlan.js';
+export { buildRemovalPlan, buildRemovalPlanFromResult } from './buildRemovalPlan.js';
+export { applyRemovalPlan } from './applyRemovalPlan.js';
 //# sourceMappingURL=index.js.map

package/dist/AAL/process/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/AAL/process/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAA;AACzF,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAE9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/AAL/process/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAA;AACzF,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAE9D,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAA;AAEpF,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA"}

package/dist/AAL/process/resolveAgentAction.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"resolveAgentAction.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/resolveAgentAction.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAG7D;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,aAAa,CAaf;AAED;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CACzC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,2DAIpB"}
+{"version":3,"file":"resolveAgentAction.d.ts","sourceRoot":"","sources":["../../../src/AAL/process/resolveAgentAction.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAyB7D;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,GAClB,aAAa,CAef;AAED;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CACzC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,WAAW,2DAMpB"}

package/dist/AAL/process/resolveAgentAction.js

@@ -11,6 +11,26 @@
  * - Return decision based on risk score and thresholds
  */
 import { createAnomalyScore } from '../value-objects/AnomalyScore.js';
+function assertAgentPolicy(policy) {
+    if (policy == null || typeof policy !== 'object') {
+        throw new TypeError('AAL resolveAgentAction: policy must be a non-null object');
+    }
+    const t = policy.thresholds;
+    if (t == null || typeof t !== 'object') {
+        throw new TypeError('AAL resolveAgentAction: policy.thresholds must be defined');
+    }
+    if (typeof t.warn !== 'number' || typeof t.block !== 'number') {
+        throw new TypeError('AAL resolveAgentAction: policy.thresholds.warn and block must be numbers');
+    }
+}
+function assertISLSignal(signal) {
+    if (signal == null || typeof signal !== 'object') {
+        throw new TypeError('AAL resolveAgentAction: islSignal must be a non-null object');
+    }
+    if (typeof signal.riskScore !== 'number') {
+        throw new TypeError('AAL resolveAgentAction: islSignal.riskScore must be a number');
+    }
+}
 /**
  * Resolves agent action based on ISL signal and policy
  *
@@ -19,6 +39,8 @@ import { createAnomalyScore } from '../value-objects/AnomalyScore.js';
  * @returns AnomalyAction (ALLOW, WARN, BLOCK)
  */
 export function resolveAgentAction(islSignal, policy) {
+    assertISLSignal(islSignal);
+    assertAgentPolicy(policy);
     const riskScore = islSignal.riskScore;
     // Evaluate policy thresholds
     if (riskScore >= policy.thresholds.block) {
@@ -37,6 +59,8 @@ export function resolveAgentAction(islSignal, policy) {
  * @returns AnomalyScore with score and action
  */
 export function resolveAgentActionWithScore(islSignal, policy) {
+    assertISLSignal(islSignal);
+    assertAgentPolicy(policy);
     const action = resolveAgentAction(islSignal, policy);
     return createAnomalyScore(islSignal.riskScore, action);
 }

package/dist/AAL/process/resolveAgentAction.js.map

@@ -1 +1 @@
-{"version":3,"file":"resolveAgentAction.js","sourceRoot":"","sources":["../../../src/AAL/process/resolveAgentAction.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AAErE;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,SAAoB,EACpB,MAAmB;IAEnB,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAA;IAErC,6BAA6B;IAC7B,IAAI,SAAS,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACzC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,IAAI,SAAS,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACxC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,2BAA2B,CACzC,SAAoB,EACpB,MAAmB;IAEnB,MAAM,MAAM,GAAG,kBAAkB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACpD,OAAO,kBAAkB,CAAC,SAAS,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;AACxD,CAAC"}
+{"version":3,"file":"resolveAgentAction.js","sourceRoot":"","sources":["../../../src/AAL/process/resolveAgentAction.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AAErE,SAAS,iBAAiB,CAAC,MAAmB;IAC5C,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,0DAA0D,CAAC,CAAA;IACjF,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAA;IAC3B,IAAI,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;IAClF,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9D,MAAM,IAAI,SAAS,CAAC,0EAA0E,CAAC,CAAA;IACjG,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,MAAiB;IACxC,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CAAC,6DAA6D,CAAC,CAAA;IACpF,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QACzC,MAAM,IAAI,SAAS,CAAC,8DAA8D,CAAC,CAAA;IACrF,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,SAAoB,EACpB,MAAmB;IAEnB,eAAe,CAAC,SAAS,CAAC,CAAA;IAC1B,iBAAiB,CAAC,MAAM,CAAC,CAAA;IACzB,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAA;IAErC,6BAA6B;IAC7B,IAAI,SAAS,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACzC,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,IAAI,SAAS,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACxC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,2BAA2B,CACzC,SAAoB,EACpB,MAAmB;IAEnB,eAAe,CAAC,SAAS,CAAC,CAAA;IAC1B,iBAAiB,CAAC,MAAM,CAAC,CAAA;IACzB,MAAM,MAAM,GAAG,kBAAkB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACpD,OAAO,kBAAkB,CAAC,SAAS,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;AACxD,CAAC"}

package/dist/AAL/types.d.ts

@@ -46,29 +46,33 @@ export type ImmutableInstruction = string;
  * and marked for removal by the Agent Action Lock (AAL).
  *
  * @remarks
- * This interface is descriptive only.
- * The actual removal is performed by the SDK.
- *
- * Instances of this type are typically recorded in lineage
- * for auditability and explainability.
+ * When built from ISLResult (buildRemovalPlanFromResult), segmentId is set
+ * so applyRemovalPlan can remove the range from the correct segment.
+ * When built from ISLSignal only, segmentId is absent (plan is descriptive only).
  */
 export interface RemovedInstruction {
     /**
      * The classified threat category that triggered the removal.
+     * Matches ISL pattern_type (e.g. prompt-injection, jailbreak, role_hijacking).
      */
-    readonly type: 'system_command' | 'role_swapping' | 'jailbreak' | 'override' | 'manipulation';
+    readonly type: string;
     /**
      * The detected pattern or signature that matched the threat.
      */
     readonly pattern: string;
     /**
-     * The exact position of the instruction within the original content.
+     * The exact position of the instruction within the segment (start inclusive, end exclusive).
      */
     readonly position: Position;
     /**
      * Human-readable explanation of why the instruction was removed.
      */
     readonly description: string;
+    /**
+     * Segment id (from ISLSegment.id) when plan is built from ISLResult.
+     * Required for applyRemovalPlan to target the correct segment.
+     */
+    readonly segmentId?: string;
 }
 /**
  * AgentPolicy

package/dist/AAL/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/AAL/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAA;AAClE,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAGlD;;;;;;;;;GASG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAA;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAElC;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG,MAAM,CAAA;AAEnC;;;;;GAKG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAElC;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAA;AAEzC;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,QAAQ,CAAC,IAAI,EACT,gBAAgB,GAChB,eAAe,GACf,WAAW,GACX,UAAU,GACV,cAAc,CAAA;IAElB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAA;IAExB;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAA;IAE3B;;OAEG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;CAC7B;AAED;;;;;;;;;;;;GAYG;AAEH,MAAM,WAAW,WAAW;IAE1B;;OAEG;IACH,UAAU,EAAE;QACV,IAAI,EAAE,SAAS,CAAC;QAChB,KAAK,EAAE,SAAS,CAAC;KAClB,CAAC;IAED;;;MAGE;IACH,OAAO,EAAE;QACP,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;IAGF,IAAI,CAAC,EAAE,QAAQ,GAAG,UAAU,GAAG,YAAY,CAAC;IAC5C,OAAO,CAAC,EAAE,OAAO,CAAC;CAGnB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/AAL/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAA;AAClE,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAGlD;;;;;;;;;GASG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAA;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAElC;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG,MAAM,CAAA;AAEnC;;;;;GAKG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAElC;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAA;AAEzC;;;;;;;;;;GAUG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IAErB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAA;IAExB;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAA;IAE3B;;OAEG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAA;IAE5B;;;OAGG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAC5B;AAED;;;;;;;;;;;;GAYG;AAEH,MAAM,WAAW,WAAW;IAE1B;;OAEG;IACH,UAAU,EAAE;QACV,IAAI,EAAE,SAAS,CAAC;QAChB,KAAK,EAAE,SAAS,CAAC;KAClB,CAAC;IAED;;;MAGE;IACH,OAAO,EAAE;QACP,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;IAGF,IAAI,CAAC,EAAE,QAAQ,GAAG,UAAU,GAAG,YAAY,CAAC;IAC5C,OAAO,CAAC,EAAE,OAAO,CAAC;CAGnB"}

package/dist/index.d.ts

@@ -17,13 +17,13 @@
  */
 export { segment, classifySource, classifyOrigin, initLineage, createLineageEntry, generateId, splitByContextRules, OriginType, TrustLevelType, ClassificationError, SegmentationError } from './csl/index.js';
 export type { HashAlgorithm, Source, CSLInput, CSLSegment, CSLResult, TrustLevel, Origin, LineageEntry, ContentHash } from './csl/index.js';
-export { sanitize, emitSignal, createISLSignal, isHighRiskSignal, isMediumRiskSignal, isLowRiskSignal } from './isl/index.js';
-export type { RiskScore, ISLSegment, ISLResult, ISLSignal, PiDetection, PiDetectionResult, Pattern } from './isl/index.js';
+export { sanitize, emitSignal, createISLSignal, isHighRiskSignal, isMediumRiskSignal, isLowRiskSignal, RiskScoreStrategy, getCalculator, maxConfidenceCalculator, severityPlusVolumeCalculator, weightedByTypeCalculator, defaultWeightedByTypeCalculator, DEFAULT_TYPE_WEIGHTS } from './isl/index.js';
+export type { RiskScore, ISLSegment, ISLResult, ISLSignal, ISLSignalMetadata, EmitSignalOptions, RiskScoreCalculator, PiDetection, PiDetectionResult, Pattern, SanitizeOptions } from './isl/index.js';
 export { createPiDetection, getDetectionLength, isHighConfidence, isMediumConfidence, isLowConfidence, createPiDetectionResult, hasDetections, getDetectionCount, getDetectionsByType, getHighestConfidenceDetection, createPattern, matchesPattern, findMatch, MAX_CONTENT_LENGTH, MAX_PATTERN_LENGTH, MAX_MATCHES, createRiskScore, normalizeRiskScore, isHighRiskScore, isMediumRiskScore, isLowRiskScore, MIN_RISK_SCORE, MAX_RISK_SCORE, SanitizationError } from './isl/index.js';
-export { addLineageEntry, addLineageEntries, filterLineageByStep, getLastLineageEntry, formatLineageForAudit, formatCSLForAudit, formatISLForAudit, formatISLSignalForAudit, formatAALForAudit, formatCPEForAudit, formatPipelineAudit } from './shared/index.js';
-export type { LineageEntryLike, CSLResultLike, ISLResultLike, ISLSignalLike, DecisionReasonLike, RemovalPlanLike, CPEResultLike } from './shared/index.js';
+export { addLineageEntry, addLineageEntries, filterLineageByStep, getLastLineageEntry, formatLineageForAudit, formatCSLForAudit, formatISLForAudit, formatISLSignalForAudit, formatAALForAudit, formatCPEForAudit, formatPipelineAudit, formatPipelineAuditFull, formatPipelineAuditAsJson, createAuditRunId, buildAuditLogEntry, buildFullAuditPayload } from './shared/index.js';
+export type { LineageEntryLike, CSLResultLike, ISLResultLike, ISLSignalLike, DecisionReasonLike, RemovalPlanLike, CPEResultLike, AuditRunInfo, AuditLogSummary, FullPipelineAuditOptions, PipelineAuditJsonOptions } from './shared/index.js';
 export { envelope, createNonce, isValidNonce, equalsNonce, createMetadata, isValidMetadata, CURRENT_PROTOCOL_VERSION, createSignature, EnvelopeError } from './cpe/index.js';
 export type { Nonce, SignatureVO, ProtocolVersion, Timestamp, NonceValue, SignatureAlgorithm, Signature, CPEMetadata, CPEEvelope, CPEResult } from './cpe/index.js';
-export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive, resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan, buildAALLineage } from './AAL/index.js';
+export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive, resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan, buildRemovalPlanFromResult, applyRemovalPlan, buildAALLineage, ACTION_DISPLAY_COLORS, getActionDisplayColor } from './AAL/index.js';
 export type { AnomalyAction, AnomalyScore, RemovedInstruction, BlockedIntent, SensitiveScope, ProtectedRole, ImmutableInstruction, AgentPolicy, DecisionReason, RemovalPlan } from './AAL/index.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EACL,OAAO,EACP,cAAc,EACd,cAAc,EACd,WAAW,EACX,kBAAkB,EAClB,UAAU,EACV,mBAAmB,EACnB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AACvB,YAAY,EACV,aAAa,EACb,MAAM,EACN,QAAQ,EACR,UAAU,EACV,SAAS,EACT,UAAU,EACV,MAAM,EACN,YAAY,EACZ,WAAW,EACZ,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAC7H,YAAY,EACV,SAAS,EACT,UAAU,EACV,SAAS,EACT,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,OAAO,EACR,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,6BAA6B,EAC7B,aAAa,EACb,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,iBAAiB,EACjB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,eAAe,EACf,aAAa,EACd,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,eAAe,EAAE,wBAAwB,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAC5K,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,SAAS,EAAE,UAAU,EAAE,kBAAkB,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAInK,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EAClB,MAAM,gBAAgB,CAAA;AAGvB,YAAY,EACR,aAAa,EACb,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,cAAc,EACd,WAAW,EACd,MAAM,gBAAgB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EACL,OAAO,EACP,cAAc,EACd,cAAc,EACd,WAAW,EACX,kBAAkB,EAClB,UAAU,EACV,mBAAmB,EACnB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AACvB,YAAY,EACV,aAAa,EACb,MAAM,EACN,QAAQ,EACR,UAAU,EACV,SAAS,EACT,UAAU,EACV,MAAM,EACN,YAAY,EACZ,WAAW,EACZ,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACL,QAAQ,EACR,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,4BAA4B,EAC5B,wBAAwB,EACxB,+BAA+B,EAC/B,oBAAoB,EACrB,MAAM,gBAAgB,CAAA;AACvB,YAAY,EACV,SAAS,EACT,UAAU,EACV,SAAS,EACT,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,WAAW,EACX,iBAAiB,EACjB,OAAO,EACP,eAAe,EAChB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,6BAA6B,EAC7B,aAAa,EACb,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,iBAAiB,EACjB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACtB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,eAAe,EACf,aAAa,EACb,YAAY,EACZ,eAAe,EACf,wBAAwB,EACxB,wBAAwB,EACzB,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,eAAe,EAAE,wBAAwB,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAC5K,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,SAAS,EAAE,UAAU,EAAE,kBAAkB,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAInK,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EAChB,0BAA0B,EAC1B,gBAAgB,EAChB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,EACxB,MAAM,gBAAgB,CAAA;AAGvB,YAAY,EACR,aAAa,EACb,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,cAAc,EACd,WAAW,EACd,MAAM,gBAAgB,CAAA"}

package/dist/index.js

@@ -18,12 +18,12 @@
 // Re-export CSL
 export { segment, classifySource, classifyOrigin, initLineage, createLineageEntry, generateId, splitByContextRules, OriginType, TrustLevelType, ClassificationError, SegmentationError } from './csl/index.js';
 // Re-export ISL
-export { sanitize, emitSignal, createISLSignal, isHighRiskSignal, isMediumRiskSignal, isLowRiskSignal } from './isl/index.js';
+export { sanitize, emitSignal, createISLSignal, isHighRiskSignal, isMediumRiskSignal, isLowRiskSignal, RiskScoreStrategy, getCalculator, maxConfidenceCalculator, severityPlusVolumeCalculator, weightedByTypeCalculator, defaultWeightedByTypeCalculator, DEFAULT_TYPE_WEIGHTS } from './isl/index.js';
 export { createPiDetection, getDetectionLength, isHighConfidence, isMediumConfidence, isLowConfidence, createPiDetectionResult, hasDetections, getDetectionCount, getDetectionsByType, getHighestConfidenceDetection, createPattern, matchesPattern, findMatch, MAX_CONTENT_LENGTH, MAX_PATTERN_LENGTH, MAX_MATCHES, createRiskScore, normalizeRiskScore, isHighRiskScore, isMediumRiskScore, isLowRiskScore, MIN_RISK_SCORE, MAX_RISK_SCORE, SanitizationError } from './isl/index.js';
 // Re-export Shared
-export { addLineageEntry, addLineageEntries, filterLineageByStep, getLastLineageEntry, formatLineageForAudit, formatCSLForAudit, formatISLForAudit, formatISLSignalForAudit, formatAALForAudit, formatCPEForAudit, formatPipelineAudit } from './shared/index.js';
+export { addLineageEntry, addLineageEntries, filterLineageByStep, getLastLineageEntry, formatLineageForAudit, formatCSLForAudit, formatISLForAudit, formatISLSignalForAudit, formatAALForAudit, formatCPEForAudit, formatPipelineAudit, formatPipelineAuditFull, formatPipelineAuditAsJson, createAuditRunId, buildAuditLogEntry, buildFullAuditPayload } from './shared/index.js';
 // Re-export CPE
 export { envelope, createNonce, isValidNonce, equalsNonce, createMetadata, isValidMetadata, CURRENT_PROTOCOL_VERSION, createSignature, EnvelopeError } from './cpe/index.js';
 // Re-export AAL
-export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive, resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan, buildAALLineage } from './AAL/index.js';
+export { createAnomalyScore, isHighRisk, isLowRisk, isWarnRisk, isRoleProtected, isContextLeakPreventionEnabled, isInstructionImmutable, isIntentBlocked, isScopeSensitive, resolveAgentAction, resolveAgentActionWithScore, buildDecisionReason, buildRemovalPlan, buildRemovalPlanFromResult, applyRemovalPlan, buildAALLineage, ACTION_DISPLAY_COLORS, getActionDisplayColor } from './AAL/index.js';
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,gBAAgB;AAChB,OAAO,EACL,OAAO,EACP,cAAc,EACd,cAAc,EACd,WAAW,EACX,kBAAkB,EAClB,UAAU,EACV,mBAAmB,EACnB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAavB,gBAAgB;AAChB,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAU7H,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,6BAA6B,EAC7B,aAAa,EACb,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAEvB,mBAAmB;AACnB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,iBAAiB,EACjB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,mBAAmB,CAAA;AAW1B,gBAAgB;AAChB,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,eAAe,EAAE,wBAAwB,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAI5K,gBAAgB;AAChB,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EAClB,MAAM,gBAAgB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,gBAAgB;AAChB,OAAO,EACL,OAAO,EACP,cAAc,EACd,cAAc,EACd,WAAW,EACX,kBAAkB,EAClB,UAAU,EACV,mBAAmB,EACnB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAavB,gBAAgB;AAChB,OAAO,EACL,QAAQ,EACR,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,4BAA4B,EAC5B,wBAAwB,EACxB,+BAA+B,EAC/B,oBAAoB,EACrB,MAAM,gBAAgB,CAAA;AAcvB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EACf,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACnB,6BAA6B,EAC7B,aAAa,EACb,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EAClB,MAAM,gBAAgB,CAAA;AAEvB,mBAAmB;AACnB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,iBAAiB,EACjB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,uBAAuB,EACvB,yBAAyB,EACzB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACtB,MAAM,mBAAmB,CAAA;AAe1B,gBAAgB;AAChB,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,eAAe,EAAE,wBAAwB,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAI5K,gBAAgB;AAChB,OAAO,EACH,kBAAkB,EAClB,UAAU,EACV,SAAS,EACT,UAAU,EACV,eAAe,EACf,8BAA8B,EAC9B,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,2BAA2B,EAC3B,mBAAmB,EACnB,gBAAgB,EAChB,0BAA0B,EAC1B,gBAAgB,EAChB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,EACxB,MAAM,gBAAgB,CAAA"}

package/dist/isl/detect/detect.d.ts

@@ -0,0 +1,39 @@
+/**
+ * ISL threat detection - pure, deterministic, single source of truth.
+ *
+ * Runs pattern-based detection on content and returns PiDetection[].
+ * No duplication: reuses Pattern, findAllMatches, createPiDetection.
+ * Same input → same output; bounded by MAX_TOTAL_DETECTIONS and per-pattern cap.
+ */
+import type { Pattern } from '../value-objects/Pattern.js';
+import type { PiDetection } from '../value-objects/PiDetection.js';
+/** Threat pattern type identifiers (deterministic taxonomy) */
+export declare const THREAT_TYPES: {
+    readonly PROMPT_INJECTION: "prompt-injection";
+    readonly JAILBREAK: "jailbreak";
+    readonly ROLE_HIJACKING: "role_hijacking";
+    readonly SCRIPT_LIKE: "script_like";
+    readonly HIDDEN_TEXT: "hidden_text";
+};
+export type ThreatType = (typeof THREAT_TYPES)[keyof typeof THREAT_TYPES];
+/** Returns default threat patterns (cached, frozen). */
+export declare function getDefaultThreatPatterns(): readonly Pattern[];
+export interface DetectThreatsOptions {
+    /** Max total detections to return (default: MAX_TOTAL_DETECTIONS) */
+    maxTotal?: number;
+    /** Max matches per pattern (default: MAX_PER_PATTERN) */
+    maxPerPattern?: number;
+    /** Override patterns (default: getDefaultThreatPatterns()) */
+    patterns?: readonly Pattern[];
+}
+/**
+ * Detects threats in content using the configured patterns.
+ * Pure, deterministic: same content → same PiDetection[] (order preserved by pattern order then by match position).
+ * Bounded by maxTotal and maxPerPattern to avoid runaway.
+ *
+ * @param content - Segment or string to scan
+ * @param options - Optional caps and pattern override
+ * @returns Array of PiDetection (frozen); empty if none
+ */
+export declare function detectThreats(content: string, options?: DetectThreatsOptions): readonly PiDetection[];
+//# sourceMappingURL=detect.d.ts.map

package/dist/isl/detect/detect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../../../src/isl/detect/detect.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAA;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iCAAiC,CAAA;AAQlE,+DAA+D;AAC/D,eAAO,MAAM,YAAY;;;;;;CAMf,CAAA;AAEV,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAA;AA0TzE,wDAAwD;AACxD,wBAAgB,wBAAwB,IAAI,SAAS,OAAO,EAAE,CAG7D;AAED,MAAM,WAAW,oBAAoB;IACnC,qEAAqE;IACrE,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,yDAAyD;IACzD,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,8DAA8D;IAC9D,QAAQ,CAAC,EAAE,SAAS,OAAO,EAAE,CAAA;CAC9B;AAED;;;;;;;;GAQG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,oBAAyB,GACjC,SAAS,WAAW,EAAE,CAsCxB"}