@ai-pip/csl 0.1.0 → 0.1.3

package/layers/csl/types/value-objects-types.ts

@@ -1,213 +0,0 @@
-/**
- * Value Objects Types for CSL Layer
- * 
- * @remarks
- * This file contains the types for the value objects used in the CSL Layer
- * 
- * @types
- *  - OriginType
- *  - TrustLevelType
- *  - AnomalyScoreType
- *  - ContentHashType
- */
-
-
-
-
-
-/**
- * OriginType represents the deterministic source of a content segment.
- * 
- * @remarks
- * This enum defines all possible origins for content segments in a deterministic way.
- * The classification is based **solely on the origin type**, not on content analysis.
- * Each origin type maps directly to a TrustLevel through the originMap.
- * 
- * **Classification Rules (Deterministic):**
- * - Classification is 100% reproducible and based only on origin type
- * - No heuristics, no content analysis, no dynamic evaluation
- * - Future content analysis can be added as a separate layer without changing this
- * 
- * **Origin Categories:**
- * - **User Origins**: Direct user input (always untrusted for security)
- * - **DOM Origins**: Content extracted from DOM (visibility determines trust)
- * - **External Origins**: Content from external sources (always untrusted)
- * - **System Origins**: System-generated content (trusted)
- * 
- * @example
- * ```typescript
- * // User input - always untrusted (security by default)
- * const userOrigin = OriginType.USER;
- * 
- * // DOM visible content - semi-trusted (user can see it)
- * const domVisible = OriginType.DOM_VISIBLE;
- * ```
- */
-export enum OriginType {
-    /**
-     * Direct user input from UI controls (input fields, textareas, etc.)
-     * 
-     * @remarks
-     * This represents content typed directly by the user in UI elements.
-     * Always classified as UC (Untrusted Content) for security.
-     * 
-     * **Security Rationale:**
-     * - Primary vector for prompt injection attacks
-     * - User may have malicious intent or be victim of manipulation
-     * - Requires aggressive sanitization in ISL layer
-     */
-    USER = 'USER',
-    
-    /**
-     * Content from visible DOM elements (user can see it)
-     * 
-     * @remarks
-     * Text content that is visible to the user in the DOM.
-     * Classified as STC (Semi-Trusted Content) because user can verify it.
-     */
-    DOM_VISIBLE = 'DOM_VISIBLE',
-    
-    /**
-     * Content from hidden DOM elements (user cannot see it)
-     * 
-     * @remarks
-     * Text content hidden via CSS (display:none, visibility:hidden, etc.)
-     * Classified as UC (Untrusted Content) - potential attack vector.
-     */
-    DOM_HIDDEN = 'DOM_HIDDEN',
-    
-    /**
-     * Content from DOM attributes (data-*, aria-*, etc.)
-     * 
-     * @remarks
-     * Attribute values that are visible in HTML but not in rendered content.
-     * Classified as STC (Semi-Trusted Content) - visible in source.
-     */
-    DOM_ATTRIBUTE = 'DOM_ATTRIBUTE',
-    
-    /**
-     * Content injected by scripts (dynamically generated)
-     * 
-     * @remarks
-     * Content created or modified by JavaScript at runtime.
-     * Classified as UC (Untrusted Content) - can be manipulated.
-     */
-    SCRIPT_INJECTED = 'SCRIPT_INJECTED',
-    
-    /**
-     * Content fetched from network (API calls, external resources)
-     * 
-     * @remarks
-     * Content obtained from external sources via network requests.
-     * Classified as UC (Untrusted Content) - external source, not verified.
-     */
-    NETWORK_FETCHED = 'NETWORK_FETCHED',
-    
-    /**
-     * System-generated content (instructions, system prompts, etc.)
-     * 
-     * @remarks
-     * Content created by the system itself, not from user or external sources.
-     * Classified as TC (Trusted Content) - system controls this content.
-     */
-    SYSTEM_GENERATED = 'SYSTEM_GENERATED',
-    
-    /**
-     * Origin cannot be determined
-     * 
-     * @remarks
-     * Fallback for cases where origin cannot be identified.
-     * Classified as UC (Untrusted Content) - unknown is untrusted by default.
-     */
-    UNKNOWN = 'UNKNOWN',
-}
-
-export enum TrustLevelType {
-    TC = 'TC',
-    STC = 'STC',
-    UC = 'UC',
-}
-
-export enum AnomalyScoreType {
-    GREEN = 'GREEN',
-    YELLOW = 'YELLOW',
-    RED = 'RED',
-}
-
-/**
- * HashAlgorithmType
- * 
- * @props
- *  - sha256
- *  - sha512
- * @example
- * ```typescript
- * const hashAlgorithmType = HashAlgorithmType.SHA-256;
- * ```
- */
-export type CSLHashAlgorithm = 'sha256' | 'sha512';
-
-/**
- * AnomalyActionType is the type of the action to be taken on the content segment
- * @props
- *  - ALLOW: Allow the content segment
- *  - WARN: Warn the content segment
- *  - BLOCK: Block the content segment
- * @example
- * ```typescript
- * const anomalyActionType = AnomalyActionType.ALLOW;
- * ```
- */
-export type AnomalyAction = 'ALLOW' | 'WARN' | 'BLOCK';
-
-/**
- * RiskScore is the score of the risk of the content segment
- * 
- * @props
- *  0 < RiskScore < 1
- * @example
- * ```typescript
- * const riskScore = 0.5;
- * ```
- */
-export type RiskScore = number
-
-/**
- * BlockedIntent represents an intent that is explicitly blocked by policy
- * 
- * @example
- * ```typescript
- * const intent: BlockedIntent = 'delete_user_data';
- * ```
- */
-export type BlockedIntent = string
-
-/**
- * SensitiveScope represents a sensitive topic that requires additional validation
- * 
- * @example
- * ```typescript
- * const scope: SensitiveScope = 'financial_transactions';
- * ```
- */
-export type SensitiveScope = string
-
-/**
- * ProtectedRole represents a role that cannot be overridden
- * 
- * @example
- * ```typescript
- * const role: ProtectedRole = 'system';
- * ```
- */
-export type ProtectedRole = string
-
-/**
- * ImmutableInstruction represents an instruction that cannot be modified
- * 
- * @example
- * ```typescript
- * const instruction: ImmutableInstruction = 'You are a helpful assistant';
- * ```
- */
-export type ImmutableInstruction = string

package/layers/csl/utils/colors.ts

@@ -1,25 +0,0 @@
-import chalk, { type ChalkInstance } from 'chalk'
-
-
-
-type LogLevel = "Error" | "Warning" | "Info" | "Neutral" | "Debug";
-
-/**
- * ColorMap 
- * 
- * Mapping colors with chalk
- * 
- *  - Error -> chalk.bold.red
- *  - Warning -> chalk.hex('#FFA500')
- *  - Neutral -> chalk.white,
- *  - Info -> chalk.blue
- */
-
-export const ColorMap: Record<LogLevel, ChalkInstance> = {
-    Error: chalk.bold.red,
-    Warning: chalk.hex("#FFA500"),
-    Info: chalk.blue,
-    Neutral: chalk.white,
-    Debug: chalk.gray
-
-  };

package/layers/csl/utils/pattern-helpers.ts

@@ -1,174 +0,0 @@
-/**
- * Security constants for pattern matching
- * These limits help prevent ReDoS attacks and resource exhaustion
- */
-export const MAX_CONTENT_LENGTH = 10_000_000 // 10MB - Maximum content size to process
-export const MAX_PATTERN_LENGTH = 10_000 // Maximum regex pattern length
-export const MAX_MATCHES = 10_000 // Maximum number of matches to prevent resource exhaustion
-
-/**
- * Helper functions for Pattern validation and security
- * 
- * @remarks
- * These utilities provide validation, security checks, and helper functions
- * for the Pattern value object to reduce complexity and improve maintainability.
- */
-export namespace PatternHelpers {
-  /**
-   * Validates that content is a non-empty string
-   */
-  export function validateContent(content: unknown, methodName: string): asserts content is string {
-    if (!content || typeof content !== 'string') {
-      throw new TypeError(`Pattern.${methodName}: content must be a non-empty string`)
-    }
-  }
-
-  /**
-   * Validates content length to prevent ReDoS attacks
-   */
-  export function validateContentLength(content: string, methodName: string): void {
-    if (content.length > MAX_CONTENT_LENGTH) {
-      throw new Error(
-        `Pattern.${methodName}: Content length (${content.length}) exceeds maximum allowed length (${MAX_CONTENT_LENGTH})`
-      )
-    }
-  }
-
-  /**
-   * Validates pattern_type input
-   */
-  export function validatePatternType(pattern_type: unknown): asserts pattern_type is string {
-    if (!pattern_type || typeof pattern_type !== 'string' || pattern_type.trim().length === 0) {
-      throw new TypeError('Pattern pattern_type must be a non-empty string')
-    }
-  }
-
-  /**
-   * Validates regex input
-   */
-  export function validateRegex(regex: unknown): asserts regex is string | RegExp {
-    if (!regex || (typeof regex !== 'string' && !(regex instanceof RegExp))) {
-      throw new TypeError('Pattern regex must be a string or a RegExp')
-    }
-  }
-
-  /**
-   * Validates base_confidence input
-   */
-  export function validateBaseConfidence(base_confidence: unknown): asserts base_confidence is number {
-    if (typeof base_confidence !== 'number' || !Number.isFinite(base_confidence)) {
-      throw new TypeError('Pattern base_confidence must be a valid number')
-    }
-
-    if (base_confidence < 0 || base_confidence > 1) {
-      throw new Error('Pattern base_confidence must be between 0 and 1')
-    }
-  }
-
-  /**
-   * Validates description input
-   */
-  export function validateDescription(description: unknown): void {
-    if (description !== undefined && (typeof description !== 'string' || description.trim().length === 0)) {
-      throw new TypeError('Pattern description must be a non-empty string if provided')
-    }
-  }
-
-  /**
-   * Validates regex source length
-   */
-  export function validateRegexLength(regexSource: string): void {
-    if (regexSource.length > MAX_PATTERN_LENGTH) {
-      throw new Error(`Pattern regex source exceeds maximum length of ${MAX_PATTERN_LENGTH} characters`)
-    }
-  }
-
-  /**
-   * Checks for potentially dangerous ReDoS patterns
-   * 
-   * @remarks
-   * This is a simple heuristic - more sophisticated validation could be added.
-   * Only warns for very obvious cases - doesn't block all nested quantifiers
-   * as some legitimate patterns may use them carefully.
-   */
-  export function checkForReDoSPatterns(regexSource: string, pattern_type: string): void {
-    const dangerousPatterns = [
-      /(\+|\*|\{.*,.*\})\s*\+/,  // Nested quantifiers like (a+)+
-      /(\+|\*|\{.*,.*\})\s*\*/,  // Nested quantifiers like (a+)*
-      /\(.*\)\s*\+.*\+/,          // Nested groups with quantifiers
-      /\(.*\)\s*\*.*\*/          // Nested groups with quantifiers
-    ]
-    
-    const hasDangerousPattern = dangerousPatterns.some(pattern => pattern.test(regexSource))
-    if (hasDangerousPattern && regexSource.length > 500) {
-      // Only flag long patterns with nested quantifiers as potentially dangerous
-      console.warn(`Pattern: Potentially dangerous regex pattern detected with nested quantifiers. Pattern type: ${pattern_type}`)
-    }
-  }
-
-  /**
-   * Compiles a regex string to RegExp
-   */
-  export function compileRegexString(regex: string): RegExp {
-    try {
-      return new RegExp(regex, 'i')
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : String(error)
-      throw new TypeError(`Pattern regex must be a valid regular expression: ${regex}. Original error: ${errorMessage}`)
-    }
-  }
-
-  /**
-   * Clones a RegExp to ensure immutability
-   */
-  export function cloneRegExp(regex: RegExp): RegExp {
-    return new RegExp(regex.source, regex.flags)
-  }
-
-  /**
-   * Creates a match result object from a regex match
-   */
-  export function createMatchResult(match: RegExpExecArray, globalOffset: number = 0): {
-    matched: string
-    position: { start: number; end: number }
-  } {
-    return {
-      matched: match[0],
-      position: {
-        start: match.index + globalOffset,
-        end: match.index + globalOffset + match[0].length
-      }
-    }
-  }
-
-  /**
-   * Handles empty string matches to prevent infinite loops
-   */
-  export function handleEmptyStringMatch(globalRegex: RegExp, match: RegExpExecArray): void {
-    if (match[0].length === 0) {
-      globalRegex.lastIndex++
-      // Additional safety: if lastIndex doesn't advance, force it
-      if (globalRegex.lastIndex === match.index) {
-        globalRegex.lastIndex = match.index + 1
-      }
-    }
-  }
-
-  /**
-   * Checks if match limits have been reached
-   */
-  export function checkMatchLimits(matchesCount: number, iterations: number): boolean {
-    if (matchesCount >= MAX_MATCHES) {
-      console.warn(`Pattern.findAllMatches: Maximum matches limit (${MAX_MATCHES}) reached. Stopping search.`)
-      return true
-    }
-
-    const MAX_ITERATIONS = MAX_MATCHES * 2
-    if (iterations > MAX_ITERATIONS) {
-      console.warn(`Pattern.findAllMatches: Maximum iterations (${MAX_ITERATIONS}) reached. Stopping search to prevent resource exhaustion.`)
-      return true
-    }
-
-    return false
-  }
-}