@airmcp-dev/core 0.1.0

package/dist/middleware/error-handler.js

@@ -0,0 +1,63 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — middleware/error-handler.ts
+// 에러 → MCP 프로토콜 형식 자동 변환
+//
+// MCP 프로토콜 에러 코드:
+// -32700: Parse error
+// -32600: Invalid Request
+// -32601: Method not found
+// -32602: Invalid params
+// -32603: Internal error
+// -32000 ~ -32099: Server error (implementation-defined)
+/** air 전용 에러 클래스 — 에러 코드와 메타데이터를 포함 */
+export class AirError extends Error {
+    code;
+    details;
+    constructor(message, code = -32603, details) {
+        super(message);
+        this.name = 'AirError';
+        this.code = code;
+        this.details = details;
+    }
+}
+/** MCP 표준 에러 팩토리 */
+export const McpErrors = {
+    /** 도구를 찾을 수 없음 */
+    toolNotFound: (name) => new AirError(`Tool "${name}" not found`, -32601, { tool: name }),
+    /** 파라미터 검증 실패 */
+    invalidParams: (message, params) => new AirError(`Invalid params: ${message}`, -32602, params),
+    /** 내부 서버 에러 */
+    internal: (message, cause) => new AirError(`Internal error: ${message}`, -32603, { cause: cause?.message }),
+    /** 접근 거부 */
+    forbidden: (message) => new AirError(message, -32000, { type: 'forbidden' }),
+    /** 레이트 리밋 초과 */
+    rateLimited: (tool, retryAfterMs) => new AirError(`Rate limit exceeded for "${tool}"`, -32001, { tool, retryAfterMs }),
+    /** 위협 감지 */
+    threatDetected: (type, severity) => new AirError(`Threat detected: ${type}`, -32002, { threatType: type, severity }),
+    /** 타임아웃 */
+    timeout: (tool, timeoutMs) => new AirError(`Tool "${tool}" timed out after ${timeoutMs}ms`, -32003, { tool, timeoutMs }),
+};
+/** 에러를 MCP 프로토콜 형식으로 변환 */
+function formatError(error) {
+    const message = error instanceof AirError
+        ? `[${error.code}] ${error.message}`
+        : `Error: ${error.message}`;
+    return {
+        content: [{ type: 'text', text: message }],
+        isError: true,
+    };
+}
+/** 에러 → MCP 응답 변환 미들웨어 */
+export function errorBoundaryMiddleware() {
+    return {
+        name: 'air:error-boundary',
+        onError: async (ctx, error) => {
+            // 에러 로그 (stderr로 출력, stdout은 MCP 프로토콜 전용)
+            const toolName = ctx.tool?.name || 'unknown';
+            const requestId = ctx.requestId || 'no-id';
+            console.error(`[air:error] ${toolName} (${requestId}): ${error.message}`);
+            return formatError(error);
+        },
+    };
+}
+//# sourceMappingURL=error-handler.js.map

package/dist/middleware/error-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-handler.js","sourceRoot":"","sources":["../../src/middleware/error-handler.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,iDAAiD;AACjD,yBAAyB;AACzB,EAAE;AACF,kBAAkB;AAClB,sBAAsB;AACtB,0BAA0B;AAC1B,2BAA2B;AAC3B,yBAAyB;AACzB,yBAAyB;AACzB,yDAAyD;AAIzD,uCAAuC;AACvC,MAAM,OAAO,QAAS,SAAQ,KAAK;IACjC,IAAI,CAAS;IACb,OAAO,CAAuB;IAE9B,YAAY,OAAe,EAAE,OAAe,CAAC,KAAK,EAAE,OAA6B;QAC/E,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAED,oBAAoB;AACpB,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,kBAAkB;IAClB,YAAY,EAAE,CAAC,IAAY,EAAE,EAAE,CAC7B,IAAI,QAAQ,CAAC,SAAS,IAAI,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAElE,iBAAiB;IACjB,aAAa,EAAE,CAAC,OAAe,EAAE,MAA4B,EAAE,EAAE,CAC/D,IAAI,QAAQ,CAAC,mBAAmB,OAAO,EAAE,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;IAE5D,eAAe;IACf,QAAQ,EAAE,CAAC,OAAe,EAAE,KAAa,EAAE,EAAE,CAC3C,IAAI,QAAQ,CAAC,mBAAmB,OAAO,EAAE,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAE/E,YAAY;IACZ,SAAS,EAAE,CAAC,OAAe,EAAE,EAAE,CAC7B,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;IAEtD,gBAAgB;IAChB,WAAW,EAAE,CAAC,IAAY,EAAE,YAAqB,EAAE,EAAE,CACnD,IAAI,QAAQ,CAAC,4BAA4B,IAAI,GAAG,EAAE,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;IAEnF,YAAY;IACZ,cAAc,EAAE,CAAC,IAAY,EAAE,QAAgB,EAAE,EAAE,CACjD,IAAI,QAAQ,CAAC,oBAAoB,IAAI,EAAE,EAAE,CAAC,KAAK,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAElF,WAAW;IACX,OAAO,EAAE,CAAC,IAAY,EAAE,SAAiB,EAAE,EAAE,CAC3C,IAAI,QAAQ,CAAC,SAAS,IAAI,qBAAqB,SAAS,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;CAC7F,CAAC;AAEF,2BAA2B;AAC3B,SAAS,WAAW,CAAC,KAAY;IAI/B,MAAM,OAAO,GAAG,KAAK,YAAY,QAAQ;QACvC,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE;QACpC,CAAC,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC;IAE9B,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC1C,OAAO,EAAE,IAAI;KACd,CAAC;AACJ,CAAC;AAED,0BAA0B;AAC1B,MAAM,UAAU,uBAAuB;IACrC,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,KAAK,EAAE,GAAsB,EAAE,KAAY,EAAE,EAAE;YACtD,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,EAAE,IAAI,IAAI,SAAS,CAAC;YAC7C,MAAM,SAAS,GAAG,GAAG,CAAC,SAAS,IAAI,OAAO,CAAC;YAC3C,OAAO,CAAC,KAAK,CACX,eAAe,QAAQ,KAAK,SAAS,MAAM,KAAK,CAAC,OAAO,EAAE,CAC3D,CAAC;YAEF,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/middleware/index.d.ts

@@ -0,0 +1,7 @@
+export { MiddlewareChain } from './chain.js';
+export { validationMiddleware } from './before-hook.js';
+export { loggingMiddleware } from './after-hook.js';
+export { errorBoundaryMiddleware, AirError, McpErrors } from './error-handler.js';
+export { createShieldMiddleware, getAuditLog, clearAuditLog } from './shield-middleware.js';
+export { createMeterMiddleware, getMetricsSnapshot, resetMetricsHistory } from './meter-middleware.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAClF,OAAO,EAAE,sBAAsB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC5F,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC"}

package/dist/middleware/index.js

@@ -0,0 +1,9 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — middleware/index.ts (re-export only)
+export { MiddlewareChain } from './chain.js';
+export { validationMiddleware } from './before-hook.js';
+export { loggingMiddleware } from './after-hook.js';
+export { errorBoundaryMiddleware, AirError, McpErrors } from './error-handler.js';
+export { createShieldMiddleware, getAuditLog, clearAuditLog } from './shield-middleware.js';
+export { createMeterMiddleware, getMetricsSnapshot, resetMetricsHistory } from './meter-middleware.js';
+//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,0DAA0D;AAE1D,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAClF,OAAO,EAAE,sBAAsB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC5F,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC"}

package/dist/middleware/meter-middleware.d.ts

@@ -0,0 +1,19 @@
+import type { AirMiddleware } from '../types/middleware.js';
+import type { MeterConfig } from '../types/config.js';
+type Layer = 'L1' | 'L2' | 'L3' | 'L4' | 'L5' | 'L6' | 'L7';
+/**
+ * MeterConfig로부터 측정 미들웨어를 생성한다.
+ */
+export declare function createMeterMiddleware(config: MeterConfig): AirMiddleware;
+/** 메트릭 스냅샷 조회 */
+export declare function getMetricsSnapshot(): {
+    totalCalls: number;
+    successRate: number;
+    avgLatencyMs: number;
+    layerDistribution: Record<Layer, number>;
+    toolCounts: Record<string, number>;
+};
+/** 메트릭 초기화 */
+export declare function resetMetricsHistory(): void;
+export {};
+//# sourceMappingURL=meter-middleware.d.ts.map

package/dist/middleware/meter-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"meter-middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/meter-middleware.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAuC,MAAM,wBAAwB,CAAC;AACjG,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAGtD,KAAK,KAAK,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AA2D5D;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,WAAW,GAAG,aAAa,CAmDxE;AAED,iBAAiB;AACjB,wBAAgB,kBAAkB,IAAI;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACzC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACpC,CAgCA;AAED,cAAc;AACd,wBAAgB,mBAAmB,SAIlC"}

package/dist/middleware/meter-middleware.js

@@ -0,0 +1,139 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — middleware/meter-middleware.ts
+//
+// MeterConfig → AirMiddleware 자동 생성.
+// defineServer에서 meter 설정이 있으면 이 미들웨어가 체인에 자동 등록된다.
+//
+// 담당: 7-Layer 분류, 호출 추적, 지연시간 측정
+const CLASSIFY_RULES = [
+    { match: (n) => /^(ping|health|version|echo)$/i.test(n), layer: 'L1' },
+    { match: (n) => /^(get|read|find|lookup|list|show)$/i.test(n), layer: 'L2' },
+    { match: (n) => /^(convert|transform|format|parse|encode|decode)$/i.test(n), layer: 'L3' },
+    { match: (n) => /^(compute|calculate|aggregate|analyze|summarize)$/i.test(n), layer: 'L4' },
+    {
+        match: (n, p) => {
+            if (/^(fetch|request|call_api|webhook|http|post|put|delete)$/i.test(n))
+                return true;
+            if (p)
+                return Object.values(p).some((v) => typeof v === 'string' && /^https?:\/\//.test(v));
+            return false;
+        },
+        layer: 'L5',
+    },
+    { match: (n) => /^(generate|complete|chat|embed|infer|predict)$/i.test(n), layer: 'L6' },
+    { match: (n) => /^(agent|think|plan|execute|reason|chain|orchestrate)$/i.test(n), layer: 'L7' },
+];
+function classify(toolName, params) {
+    for (const rule of CLASSIFY_RULES) {
+        if (rule.match(toolName, params))
+            return rule.layer;
+    }
+    return 'L4'; // 기본값
+}
+const MAX_HISTORY = 10_000;
+const callBuffer = new Array(MAX_HISTORY).fill(null);
+let bufferHead = 0;
+let bufferCount = 0;
+function pushRecord(record) {
+    callBuffer[bufferHead] = record;
+    bufferHead = (bufferHead + 1) % MAX_HISTORY;
+    if (bufferCount < MAX_HISTORY)
+        bufferCount++;
+}
+function getRecords() {
+    const result = [];
+    const start = bufferCount < MAX_HISTORY ? 0 : bufferHead;
+    for (let i = 0; i < bufferCount; i++) {
+        const idx = (start + i) % MAX_HISTORY;
+        if (callBuffer[idx])
+            result.push(callBuffer[idx]);
+    }
+    return result;
+}
+/**
+ * MeterConfig로부터 측정 미들웨어를 생성한다.
+ */
+export function createMeterMiddleware(config) {
+    const classifyEnabled = config.classify !== false;
+    const trackEnabled = config.trackCalls !== false;
+    return {
+        name: 'air:meter',
+        before: async (ctx) => {
+            // 분류 결과를 meta에 저장 (after에서 사용)
+            if (classifyEnabled) {
+                const layer = classify(ctx.tool.name, ctx.params);
+                ctx.meta.meter = { layer, startedAt: Date.now() };
+            }
+            else {
+                ctx.meta.meter = { layer: 'L4', startedAt: Date.now() };
+            }
+        },
+        after: async (ctx) => {
+            if (!trackEnabled)
+                return;
+            const layer = ctx.meta.meter?.layer || 'L4';
+            const record = {
+                tool: ctx.tool.name,
+                layer,
+                latencyMs: ctx.duration,
+                success: true,
+                timestamp: Date.now(),
+            };
+            pushRecord(record);
+        },
+        onError: async (ctx, error) => {
+            if (!trackEnabled)
+                return undefined;
+            const layer = ctx.meta.meter?.layer || 'L4';
+            const latency = Date.now() - (ctx.meta.meter?.startedAt || ctx.startedAt);
+            pushRecord({
+                tool: ctx.tool.name,
+                layer,
+                latencyMs: latency,
+                success: false,
+                timestamp: Date.now(),
+            });
+            // 에러는 처리하지 않고 다음으로 넘김
+            return undefined;
+        },
+    };
+}
+/** 메트릭 스냅샷 조회 */
+export function getMetricsSnapshot() {
+    const records = getRecords();
+    const total = records.length;
+    if (total === 0) {
+        return {
+            totalCalls: 0,
+            successRate: 1,
+            avgLatencyMs: 0,
+            layerDistribution: { L1: 0, L2: 0, L3: 0, L4: 0, L5: 0, L6: 0, L7: 0 },
+            toolCounts: {},
+        };
+    }
+    let successCount = 0;
+    let latencySum = 0;
+    const layers = { L1: 0, L2: 0, L3: 0, L4: 0, L5: 0, L6: 0, L7: 0 };
+    const tools = {};
+    for (const r of records) {
+        if (r.success)
+            successCount++;
+        latencySum += r.latencyMs;
+        layers[r.layer]++;
+        tools[r.tool] = (tools[r.tool] || 0) + 1;
+    }
+    return {
+        totalCalls: total,
+        successRate: successCount / total,
+        avgLatencyMs: latencySum / total,
+        layerDistribution: layers,
+        toolCounts: tools,
+    };
+}
+/** 메트릭 초기화 */
+export function resetMetricsHistory() {
+    callBuffer.fill(null);
+    bufferHead = 0;
+    bufferCount = 0;
+}
+//# sourceMappingURL=meter-middleware.js.map

package/dist/middleware/meter-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"meter-middleware.js","sourceRoot":"","sources":["../../src/middleware/meter-middleware.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,oDAAoD;AACpD,EAAE;AACF,qCAAqC;AACrC,oDAAoD;AACpD,EAAE;AACF,iCAAiC;AAQjC,MAAM,cAAc,GAGf;IACH,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,+BAA+B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;IACtE,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,qCAAqC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;IAC5E,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,mDAAmD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;IAC1F,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,oDAAoD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;IAC3F;QACE,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACd,IAAI,0DAA0D,CAAC,IAAI,CAAC,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC;YACpF,IAAI,CAAC;gBAAE,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5F,OAAO,KAAK,CAAC;QACf,CAAC;QACD,KAAK,EAAE,IAAI;KACZ;IACD,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,iDAAiD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;IACxF,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,wDAAwD,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE;CAChG,CAAC;AAEF,SAAS,QAAQ,CAAC,QAAgB,EAAE,MAA4B;IAC9D,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC,KAAK,CAAC;IACtD,CAAC;IACD,OAAO,IAAI,CAAC,CAAC,MAAM;AACrB,CAAC;AAWD,MAAM,WAAW,GAAG,MAAM,CAAC;AAC3B,MAAM,UAAU,GAA0B,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5E,IAAI,UAAU,GAAG,CAAC,CAAC;AACnB,IAAI,WAAW,GAAG,CAAC,CAAC;AAEpB,SAAS,UAAU,CAAC,MAAkB;IACpC,UAAU,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC;IAChC,UAAU,GAAG,CAAC,UAAU,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;IAC5C,IAAI,WAAW,GAAG,WAAW;QAAE,WAAW,EAAE,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU;IACjB,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,MAAM,KAAK,GAAG,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IACzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,WAAW,CAAC;QACtC,IAAI,UAAU,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAE,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAmB;IACvD,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,KAAK,KAAK,CAAC;IAClD,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC;IAEjD,OAAO;QACL,IAAI,EAAE,WAAW;QAEjB,MAAM,EAAE,KAAK,EAAE,GAAsB,EAAoC,EAAE;YACzE,+BAA+B;YAC/B,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;gBAClD,GAAG,CAAC,IAAI,CAAC,KAAK,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,IAAI,CAAC,KAAK,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC1D,CAAC;QACH,CAAC;QAED,KAAK,EAAE,KAAK,EAAE,GAA0D,EAAiB,EAAE;YACzF,IAAI,CAAC,YAAY;gBAAE,OAAO;YAE1B,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI,CAAC;YAE5C,MAAM,MAAM,GAAe;gBACzB,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;gBACnB,KAAK;gBACL,SAAS,EAAE,GAAG,CAAC,QAAQ;gBACvB,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,UAAU,CAAC,MAAM,CAAC,CAAC;QACrB,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,GAAsB,EAAE,KAAY,EAAgB,EAAE;YACpE,IAAI,CAAC,YAAY;gBAAE,OAAO,SAAS,CAAC;YAEpC,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,IAAI,IAAI,CAAC;YAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;YAE1E,UAAU,CAAC;gBACT,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;gBACnB,KAAK;gBACL,SAAS,EAAE,OAAO;gBAClB,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC,CAAC;YAEH,sBAAsB;YACtB,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,iBAAiB;AACjB,MAAM,UAAU,kBAAkB;IAOhC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC;IAC7B,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;QAChB,OAAO;YACL,UAAU,EAAE,CAAC;YACb,WAAW,EAAE,CAAC;YACd,YAAY,EAAE,CAAC;YACf,iBAAiB,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE;YACtE,UAAU,EAAE,EAAE;SACf,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,MAAM,MAAM,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAA2B,CAAC;IAC5F,MAAM,KAAK,GAA2B,EAAE,CAAC;IAEzC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,OAAO;YAAE,YAAY,EAAE,CAAC;QAC9B,UAAU,IAAI,CAAC,CAAC,SAAS,CAAC;QAC1B,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;QAClB,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IAED,OAAO;QACL,UAAU,EAAE,KAAK;QACjB,WAAW,EAAE,YAAY,GAAG,KAAK;QACjC,YAAY,EAAE,UAAU,GAAG,KAAK;QAChC,iBAAiB,EAAE,MAAM;QACzB,UAAU,EAAE,KAAK;KAClB,CAAC;AACJ,CAAC;AAED,cAAc;AACd,MAAM,UAAU,mBAAmB;IACjC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtB,UAAU,GAAG,CAAC,CAAC;IACf,WAAW,GAAG,CAAC,CAAC;AAClB,CAAC"}

package/dist/middleware/shield-middleware.d.ts

@@ -0,0 +1,16 @@
+import type { AirMiddleware } from '../types/middleware.js';
+import type { ShieldConfig } from '../types/config.js';
+/**
+ * ShieldConfig로부터 보안 미들웨어를 생성한다.
+ */
+export declare function createShieldMiddleware(config: ShieldConfig): AirMiddleware;
+/** 감사 로그 조회 (외부에서 접근용) */
+export declare function getAuditLog(): {
+    timestamp: string;
+    tool: string;
+    decision: "allowed" | "denied" | "threat" | "rate-limited";
+    reason?: string;
+}[];
+/** 감사 로그 초기화 */
+export declare function clearAuditLog(): void;
+//# sourceMappingURL=shield-middleware.d.ts.map

package/dist/middleware/shield-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"shield-middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/shield-middleware.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAuC,MAAM,wBAAwB,CAAC;AACjG,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAyCvD;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,YAAY,GAAG,aAAa,CA0H1E;AAED,0BAA0B;AAC1B,wBAAgB,WAAW;eAtId,MAAM;UACX,MAAM;cACF,SAAS,GAAG,QAAQ,GAAG,QAAQ,GAAG,cAAc;aACjD,MAAM;IAqIhB;AAED,gBAAgB;AAChB,wBAAgB,aAAa,SAE5B"}

package/dist/middleware/shield-middleware.js

@@ -0,0 +1,163 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — middleware/shield-middleware.ts
+//
+// ShieldConfig → AirMiddleware 자동 생성.
+// defineServer에서 shield 설정이 있으면 이 미들웨어가 체인에 자동 등록된다.
+//
+// 담당: 정책 체크, 위협 탐지, 레이트 리밋, 감사 로그
+// ── 내장 위협 패턴 (경량 버전) ──
+const THREAT_PATTERNS = [
+    { pattern: /ignore\s+(all\s+)?previous\s+instructions/i, type: 'prompt-injection', severity: 'high', description: 'Prompt injection: ignore previous instructions' },
+    { pattern: /you\s+are\s+now\s+(a|an)\s+/i, type: 'prompt-injection', severity: 'high', description: 'Prompt injection: role reassignment' },
+    { pattern: /\bsystem\s*:\s*/i, type: 'prompt-injection', severity: 'medium', description: 'Prompt injection: system prompt attempt' },
+    { pattern: /\.\.\//g, type: 'path-traversal', severity: 'high', description: 'Path traversal: directory escape' },
+    { pattern: /\/etc\/(passwd|shadow|hosts)/i, type: 'path-traversal', severity: 'critical', description: 'Path traversal: sensitive system file' },
+    { pattern: /[;&|`$]\s*(rm|chmod|chown|curl|wget|nc|bash|sh|python|node)\b/i, type: 'command-injection', severity: 'critical', description: 'Command injection: shell command' },
+    { pattern: /\$\(.*\)/, type: 'command-injection', severity: 'high', description: 'Command injection: command substitution' },
+    { pattern: /<tool_description>|<function_call>/i, type: 'tool-poisoning', severity: 'high', description: 'Tool poisoning: embedded tool definition' },
+];
+/** 정책 매칭 */
+function matchesTarget(ruleTarget, toolName) {
+    if (ruleTarget === '*')
+        return true;
+    if (ruleTarget === toolName)
+        return true;
+    if (ruleTarget.endsWith('*') && toolName.startsWith(ruleTarget.slice(0, -1)))
+        return true;
+    return false;
+}
+/** 파라미터 값들을 재귀적으로 문자열 추출 */
+function flattenValues(obj) {
+    if (typeof obj === 'string')
+        return [obj];
+    if (Array.isArray(obj))
+        return obj.flatMap(flattenValues);
+    if (obj && typeof obj === 'object')
+        return Object.values(obj).flatMap(flattenValues);
+    return [];
+}
+/** 레이트 리밋 윈도우 추적 */
+const rateLimitWindows = new Map();
+/** 감사 로그 저장소 */
+const auditLog = [];
+/**
+ * ShieldConfig로부터 보안 미들웨어를 생성한다.
+ */
+export function createShieldMiddleware(config) {
+    // 정책 규칙을 우선순위 내림차순 정렬
+    const policies = (config.policies || [])
+        .sort((a, b) => (b.priority || 0) - (a.priority || 0));
+    const threatEnabled = config.threatDetection !== false;
+    const auditEnabled = config.audit !== false;
+    const defaultRateWindow = config.rateLimit?.windowMs || 60_000;
+    const defaultRateMax = config.rateLimit?.maxCalls || 100;
+    const perToolRate = config.rateLimit?.perTool || {};
+    return {
+        name: 'air:shield',
+        before: async (ctx) => {
+            const toolName = ctx.tool.name;
+            // ── 1. 정책 체크 ──
+            for (const rule of policies) {
+                if (!matchesTarget(rule.target, toolName))
+                    continue;
+                if (rule.action === 'deny') {
+                    if (auditEnabled) {
+                        auditLog.push({
+                            timestamp: new Date().toISOString(),
+                            tool: toolName,
+                            decision: 'denied',
+                            reason: `Policy: ${rule.name}`,
+                        });
+                    }
+                    return {
+                        abort: true,
+                        abortResponse: {
+                            content: [{ type: 'text', text: `[Shield] Access denied: tool "${toolName}" is blocked by policy "${rule.name}". Contact the server administrator if you believe this is an error.` }],
+                            isError: true,
+                        },
+                        meta: { shield: { decision: 'denied', rule: rule.name, code: -32000 } },
+                    };
+                }
+                if (rule.action === 'allow')
+                    break; // 허용이면 이후 규칙 스킵
+            }
+            // ── 2. 위협 탐지 ──
+            if (threatEnabled) {
+                const values = flattenValues(ctx.params);
+                for (const value of values) {
+                    for (const tp of THREAT_PATTERNS) {
+                        if (tp.pattern.test(value)) {
+                            tp.pattern.lastIndex = 0; // global flag reset
+                            if (auditEnabled) {
+                                auditLog.push({
+                                    timestamp: new Date().toISOString(),
+                                    tool: toolName,
+                                    decision: 'threat',
+                                    reason: `${tp.type} (${tp.severity})`,
+                                });
+                            }
+                            return {
+                                abort: true,
+                                abortResponse: {
+                                    content: [{ type: 'text', text: `[Shield] Threat detected in "${toolName}": ${tp.description} (severity: ${tp.severity}). The request has been blocked for security.` }],
+                                    isError: true,
+                                },
+                                meta: { shield: { decision: 'threat', type: tp.type, severity: tp.severity, code: -32002 } },
+                            };
+                        }
+                        tp.pattern.lastIndex = 0;
+                    }
+                }
+            }
+            // ── 3. 레이트 리밋 ──
+            if (config.rateLimit) {
+                const toolConfig = perToolRate[toolName];
+                const windowMs = toolConfig?.windowMs || defaultRateWindow;
+                const maxCalls = toolConfig?.maxCalls || defaultRateMax;
+                const now = Date.now();
+                const key = toolName;
+                const timestamps = rateLimitWindows.get(key) || [];
+                // 윈도우 밖의 오래된 타임스탬프 제거
+                const valid = timestamps.filter((t) => t > now - windowMs);
+                if (valid.length >= maxCalls) {
+                    if (auditEnabled) {
+                        auditLog.push({
+                            timestamp: new Date().toISOString(),
+                            tool: toolName,
+                            decision: 'rate-limited',
+                            reason: `${valid.length}/${maxCalls} in ${windowMs}ms`,
+                        });
+                    }
+                    return {
+                        abort: true,
+                        abortResponse: {
+                            content: [{ type: 'text', text: `[Shield] Rate limit exceeded for "${toolName}": ${maxCalls} calls per ${windowMs / 1000}s. Please wait and try again.` }],
+                            isError: true,
+                        },
+                        meta: { shield: { decision: 'rate-limited', code: -32001 } },
+                    };
+                }
+                valid.push(now);
+                rateLimitWindows.set(key, valid);
+            }
+            // ── 감사 로그: 허용 ──
+            if (auditEnabled) {
+                auditLog.push({
+                    timestamp: new Date().toISOString(),
+                    tool: toolName,
+                    decision: 'allowed',
+                });
+            }
+            ctx.meta.shield = { decision: 'allowed' };
+        },
+    };
+}
+/** 감사 로그 조회 (외부에서 접근용) */
+export function getAuditLog() {
+    return [...auditLog];
+}
+/** 감사 로그 초기화 */
+export function clearAuditLog() {
+    auditLog.length = 0;
+}
+//# sourceMappingURL=shield-middleware.js.map

package/dist/middleware/shield-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"shield-middleware.js","sourceRoot":"","sources":["../../src/middleware/shield-middleware.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,qDAAqD;AACrD,EAAE;AACF,sCAAsC;AACtC,qDAAqD;AACrD,EAAE;AACF,kCAAkC;AAKlC,yBAAyB;AACzB,MAAM,eAAe,GAAG;IACtB,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gDAAgD,EAAE;IACpK,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAC3I,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;IACrI,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,kCAAkC,EAAE;IACjH,EAAE,OAAO,EAAE,+BAA+B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,uCAAuC,EAAE;IAChJ,EAAE,OAAO,EAAE,gEAAgE,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,kCAAkC,EAAE;IAC/K,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC5H,EAAE,OAAO,EAAE,qCAAqC,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0CAA0C,EAAE;CACtJ,CAAC;AAEF,YAAY;AACZ,SAAS,aAAa,CAAC,UAAkB,EAAE,QAAgB;IACzD,IAAI,UAAU,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACpC,IAAI,UAAU,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACzC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1F,OAAO,KAAK,CAAC;AACf,CAAC;AAED,4BAA4B;AAC5B,SAAS,aAAa,CAAC,GAAQ;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1D,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IACrF,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,oBAAoB;AACpB,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAoB,CAAC;AAErD,gBAAgB;AAChB,MAAM,QAAQ,GAKT,EAAE,CAAC;AAER;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAoB;IACzD,sBAAsB;IACtB,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;SACrC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IAEzD,MAAM,aAAa,GAAG,MAAM,CAAC,eAAe,KAAK,KAAK,CAAC;IACvD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,KAAK,KAAK,CAAC;IAE5C,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,EAAE,QAAQ,IAAI,MAAM,CAAC;IAC/D,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,EAAE,QAAQ,IAAI,GAAG,CAAC;IACzD,MAAM,WAAW,GAAG,MAAM,CAAC,SAAS,EAAE,OAAO,IAAI,EAAE,CAAC;IAEpD,OAAO;QACL,IAAI,EAAE,YAAY;QAElB,MAAM,EAAE,KAAK,EAAE,GAAsB,EAAoC,EAAE;YACzE,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;YAE/B,iBAAiB;YACjB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC;oBAAE,SAAS;gBAEpD,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBAC3B,IAAI,YAAY,EAAE,CAAC;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;4BACnC,IAAI,EAAE,QAAQ;4BACd,QAAQ,EAAE,QAAQ;4BAClB,MAAM,EAAE,WAAW,IAAI,CAAC,IAAI,EAAE;yBAC/B,CAAC,CAAC;oBACL,CAAC;oBACD,OAAO;wBACL,KAAK,EAAE,IAAI;wBACX,aAAa,EAAE;4BACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,iCAAiC,QAAQ,2BAA2B,IAAI,CAAC,IAAI,sEAAsE,EAAE,CAAC;4BACtL,OAAO,EAAE,IAAI;yBACd;wBACD,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE;qBACxE,CAAC;gBACJ,CAAC;gBAED,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO;oBAAE,MAAM,CAAC,gBAAgB;YACtD,CAAC;YAED,iBAAiB;YACjB,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBACzC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;oBAC3B,KAAK,MAAM,EAAE,IAAI,eAAe,EAAE,CAAC;wBACjC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;4BAC3B,EAAE,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,oBAAoB;4BAE9C,IAAI,YAAY,EAAE,CAAC;gCACjB,QAAQ,CAAC,IAAI,CAAC;oCACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oCACnC,IAAI,EAAE,QAAQ;oCACd,QAAQ,EAAE,QAAQ;oCAClB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,QAAQ,GAAG;iCACtC,CAAC,CAAC;4BACL,CAAC;4BACD,OAAO;gCACL,KAAK,EAAE,IAAI;gCACX,aAAa,EAAE;oCACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,gCAAgC,QAAQ,MAAM,EAAE,CAAC,WAAW,eAAe,EAAE,CAAC,QAAQ,+CAA+C,EAAE,CAAC;oCACxK,OAAO,EAAE,IAAI;iCACd;gCACD,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE;6BAC7F,CAAC;wBACJ,CAAC;wBACD,EAAE,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC;YACH,CAAC;YAED,kBAAkB;YAClB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACrB,MAAM,UAAU,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;gBACzC,MAAM,QAAQ,GAAG,UAAU,EAAE,QAAQ,IAAI,iBAAiB,CAAC;gBAC3D,MAAM,QAAQ,GAAG,UAAU,EAAE,QAAQ,IAAI,cAAc,CAAC;gBAExD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACvB,MAAM,GAAG,GAAG,QAAQ,CAAC;gBACrB,MAAM,UAAU,GAAG,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAEnD,sBAAsB;gBACtB,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,QAAQ,CAAC,CAAC;gBAE3D,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ,EAAE,CAAC;oBAC7B,IAAI,YAAY,EAAE,CAAC;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;4BACnC,IAAI,EAAE,QAAQ;4BACd,QAAQ,EAAE,cAAc;4BACxB,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,IAAI,QAAQ,OAAO,QAAQ,IAAI;yBACvD,CAAC,CAAC;oBACL,CAAC;oBACD,OAAO;wBACL,KAAK,EAAE,IAAI;wBACX,aAAa,EAAE;4BACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,qCAAqC,QAAQ,MAAM,QAAQ,cAAc,QAAQ,GAAG,IAAI,+BAA+B,EAAE,CAAC;4BAC1J,OAAO,EAAE,IAAI;yBACd;wBACD,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE;qBAC7D,CAAC;gBACJ,CAAC;gBAED,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAChB,gBAAgB,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnC,CAAC;YAED,kBAAkB;YAClB,IAAI,YAAY,EAAE,CAAC;gBACjB,QAAQ,CAAC,IAAI,CAAC;oBACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,IAAI,EAAE,QAAQ;oBACd,QAAQ,EAAE,SAAS;iBACpB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;QAC5C,CAAC;KACF,CAAC;AACJ,CAAC;AAED,0BAA0B;AAC1B,MAAM,UAAU,WAAW;IACzB,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC;AACvB,CAAC;AAED,gBAAgB;AAChB,MAAM,UAAU,aAAa;IAC3B,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;AACtB,CAAC"}

package/dist/plugin/builtin/auth.d.ts

@@ -0,0 +1,16 @@
+import type { AirPlugin } from '../../types/plugin.js';
+interface AuthOptions {
+    /** 인증 방식 */
+    type: 'api-key' | 'bearer';
+    /** 허용할 키/토큰 목록 */
+    keys?: string[];
+    /** 커스텀 검증 함수 */
+    verify?: (token: string) => Promise<boolean> | boolean;
+    /** 인증 없이 허용할 도구 (기본: []) */
+    publicTools?: string[];
+    /** 인증 헤더/파라미터 이름 (기본: _auth) */
+    paramName?: string;
+}
+export declare function authPlugin(options: AuthOptions): AirPlugin;
+export {};
+//# sourceMappingURL=auth.d.ts.map

package/dist/plugin/builtin/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/plugin/builtin/auth.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGvD,UAAU,WAAW;IACnB,YAAY;IACZ,IAAI,EAAE,SAAS,GAAG,QAAQ,CAAC;IAC3B,kBAAkB;IAClB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,gBAAgB;IAChB,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IACvD,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,gCAAgC;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,WAAW,GAAG,SAAS,CAgD1D"}

package/dist/plugin/builtin/auth.js

@@ -0,0 +1,60 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — plugin/builtin/auth.ts
+//
+// 간단한 인증 플러그인.
+// API 키 또는 Bearer 토큰으로 도구 접근을 제한.
+// 프로덕션에서는 OAuth 2.1을 사용하되, 개발/내부용으로 이 플러그인 사용.
+//
+// @example
+//   defineServer({
+//     use: [authPlugin({
+//       type: 'api-key',
+//       keys: ['sk-abc123', 'sk-def456'],
+//     })],
+//   });
+export function authPlugin(options) {
+    const publicTools = new Set(options.publicTools || []);
+    const validKeys = new Set(options.keys || []);
+    const paramName = options.paramName || '_auth';
+    async function isValid(token) {
+        if (options.verify)
+            return options.verify(token);
+        return validKeys.has(token);
+    }
+    const middleware = {
+        name: 'air:auth',
+        before: async (ctx) => {
+            // 공개 도구는 인증 스킵
+            if (publicTools.has(ctx.tool.name))
+                return;
+            const token = ctx.params[paramName];
+            if (!token) {
+                return {
+                    abort: true,
+                    abortResponse: {
+                        content: [{ type: 'text', text: `[Auth] Authentication required for "${ctx.tool.name}". Pass "${paramName}" parameter.` }],
+                        isError: true,
+                    },
+                };
+            }
+            const valid = await isValid(token);
+            if (!valid) {
+                return {
+                    abort: true,
+                    abortResponse: {
+                        content: [{ type: 'text', text: `[Auth] Invalid credentials for "${ctx.tool.name}".` }],
+                        isError: true,
+                    },
+                };
+            }
+            // 인증 성공 — _auth 파라미터를 제거하여 핸들러에 전달하지 않음
+            const { [paramName]: _, ...cleanParams } = ctx.params;
+            return { params: cleanParams, meta: { authenticated: true } };
+        },
+    };
+    return {
+        meta: { name: 'air:auth', version: '1.0.0' },
+        middleware: [middleware],
+    };
+}
+//# sourceMappingURL=auth.js.map

package/dist/plugin/builtin/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/plugin/builtin/auth.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,4CAA4C;AAC5C,EAAE;AACF,eAAe;AACf,kCAAkC;AAClC,+CAA+C;AAC/C,EAAE;AACF,WAAW;AACX,mBAAmB;AACnB,yBAAyB;AACzB,yBAAyB;AACzB,0CAA0C;AAC1C,WAAW;AACX,QAAQ;AAkBR,MAAM,UAAU,UAAU,CAAC,OAAoB;IAC7C,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC;IAE/C,KAAK,UAAU,OAAO,CAAC,KAAa;QAClC,IAAI,OAAO,CAAC,MAAM;YAAE,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACjD,OAAO,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,UAAU,GAAkB;QAChC,IAAI,EAAE,UAAU;QAChB,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YACpB,eAAe;YACf,IAAI,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,OAAO;YAE3C,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAW,CAAC;YAC9C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,aAAa,EAAE;wBACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,uCAAuC,GAAG,CAAC,IAAI,CAAC,IAAI,YAAY,SAAS,cAAc,EAAE,CAAC;wBAC1H,OAAO,EAAE,IAAI;qBACd;iBACF,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,CAAC;YACnC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,aAAa,EAAE;wBACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,mCAAmC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;wBACvF,OAAO,EAAE,IAAI;qBACd;iBACF,CAAC;YACJ,CAAC;YAED,wCAAwC;YACxC,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,GAAG,WAAW,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;YACtD,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,EAAE,CAAC;QAChE,CAAC;KACF,CAAC;IAEF,OAAO;QACL,IAAI,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE;QAC5C,UAAU,EAAE,CAAC,UAAU,CAAC;KACzB,CAAC;AACJ,CAAC"}

package/dist/plugin/builtin/cache.d.ts

@@ -0,0 +1,12 @@
+import type { AirPlugin } from '../../types/plugin.js';
+interface CacheOptions {
+    /** 캐시 유지 시간 ms (기본: 60000) */
+    ttlMs?: number;
+    /** 캐시 최대 항목 수 (기본: 1000) */
+    maxEntries?: number;
+    /** 캐시 제외 도구 */
+    exclude?: string[];
+}
+export declare function cachePlugin(options?: CacheOptions): AirPlugin;
+export {};
+//# sourceMappingURL=cache.d.ts.map

package/dist/plugin/builtin/cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../../src/plugin/builtin/cache.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGvD,UAAU,YAAY;IACpB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,eAAe;IACf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB;AAOD,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,YAAY,GAAG,SAAS,CA2D7D"}

package/dist/plugin/builtin/cache.js

@@ -0,0 +1,65 @@
+// Copyright 2026 CodePedia Labs. Licensed under Apache-2.0.
+// @airmcp-dev/core — plugin/builtin/cache.ts
+//
+// 도구 결과 캐시 플러그인.
+// 같은 파라미터로 같은 도구를 호출하면 캐시된 결과를 반환.
+//
+// @example
+//   defineServer({
+//     use: [cachePlugin({ ttlMs: 60_000 })],
+//   });
+export function cachePlugin(options) {
+    const ttlMs = options?.ttlMs ?? 60_000;
+    const maxEntries = options?.maxEntries ?? 1000;
+    const exclude = new Set(options?.exclude || []);
+    const cache = new Map();
+    function makeKey(toolName, params) {
+        return `${toolName}:${JSON.stringify(params, Object.keys(params).sort())}`;
+    }
+    function evictExpired() {
+        const now = Date.now();
+        for (const [key, entry] of cache.entries()) {
+            if (now - entry.cachedAt > ttlMs) {
+                cache.delete(key);
+            }
+        }
+    }
+    const middleware = {
+        name: 'air:cache',
+        before: async (ctx) => {
+            if (exclude.has(ctx.tool.name))
+                return;
+            evictExpired();
+            const key = makeKey(ctx.tool.name, ctx.params);
+            const entry = cache.get(key);
+            if (entry && Date.now() - entry.cachedAt <= ttlMs) {
+                ctx.meta._cached = true;
+                return {
+                    abort: true,
+                    abortResponse: entry.result,
+                };
+            }
+            ctx.meta._cacheKey = key;
+        },
+        after: async (ctx) => {
+            if (exclude.has(ctx.tool.name))
+                return;
+            if (ctx.meta._cached)
+                return;
+            const key = ctx.meta._cacheKey;
+            if (!key)
+                return;
+            if (cache.size >= maxEntries) {
+                const firstKey = cache.keys().next().value;
+                if (firstKey)
+                    cache.delete(firstKey);
+            }
+            cache.set(key, { result: ctx.result, cachedAt: Date.now() });
+        },
+    };
+    return {
+        meta: { name: 'air:cache', version: '1.0.0' },
+        middleware: [middleware],
+    };
+}
+//# sourceMappingURL=cache.js.map

package/dist/plugin/builtin/cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../../src/plugin/builtin/cache.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,6CAA6C;AAC7C,EAAE;AACF,iBAAiB;AACjB,mCAAmC;AACnC,EAAE;AACF,WAAW;AACX,mBAAmB;AACnB,6CAA6C;AAC7C,QAAQ;AAmBR,MAAM,UAAU,WAAW,CAAC,OAAsB;IAChD,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,MAAM,CAAC;IACvC,MAAM,UAAU,GAAG,OAAO,EAAE,UAAU,IAAI,IAAI,CAAC;IAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC;IAEhD,MAAM,KAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;IAE5C,SAAS,OAAO,CAAC,QAAgB,EAAE,MAA2B;QAC5D,OAAO,GAAG,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;IAC7E,CAAC;IAED,SAAS,YAAY;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAC3C,IAAI,GAAG,GAAG,KAAK,CAAC,QAAQ,GAAG,KAAK,EAAE,CAAC;gBACjC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACpB,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAkB;QAChC,IAAI,EAAE,WAAW;QACjB,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YACpB,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,OAAO;YAEvC,YAAY,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/C,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAE7B,IAAI,KAAK,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAClD,GAAG,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;gBACxB,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,aAAa,EAAE,KAAK,CAAC,MAAM;iBAC5B,CAAC;YACJ,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;QAC3B,CAAC;QACD,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YACnB,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,OAAO;YACvC,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO;gBAAE,OAAO;YAE7B,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,SAAmB,CAAC;YACzC,IAAI,CAAC,GAAG;gBAAE,OAAO;YAEjB,IAAI,KAAK,CAAC,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;gBAC3C,IAAI,QAAQ;oBAAE,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACvC,CAAC;YAED,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC/D,CAAC;KACF,CAAC;IAEF,OAAO;QACL,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE;QAC7C,UAAU,EAAE,CAAC,UAAU,CAAC;KACzB,CAAC;AACJ,CAAC"}