npm - @atbash/sdk - Versions diffs - 0.3.11-dev.3 → 0.3.11-dev.5 - Mend

@atbash/sdk 0.3.11-dev.3 → 0.3.11-dev.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -105,6 +105,9 @@ function verifyJudgeResponseSignature(bodyBytes, signatureHex, pubKeyHex) {
 }
 // src/opentel/telemetry.ts
+var import_node_fs = require("fs");
+var import_node_os = require("os");
+var import_node_path = require("path");
 var import_sdk_metrics = require("@opentelemetry/sdk-metrics");
 var import_exporter_metrics_otlp_http = require("@opentelemetry/exporter-metrics-otlp-http");
 var import_resources = require("@opentelemetry/resources");
@@ -112,14 +115,27 @@ var meterProvider = null;
 var callCounter = null;
 var durationHistogram = null;
 var defaultSource = "sdk";
+function isTelemetryOptedOut() {
+  try {
+    const home = process.env.HOME || (0, import_node_os.homedir)() || "";
+    const filePath = (0, import_node_path.join)(home, ".config", "atbash", "telemetry.json");
+    const raw = (0, import_node_fs.readFileSync)(filePath, "utf-8").trim();
+    if (!raw) return false;
+    const config = JSON.parse(raw);
+    return config.enabled === false;
+  } catch {
+    return false;
+  }
+}
 function autoInit() {
   if (meterProvider) return;
-  if (process.env.ATBASH_TELEMETRY === "false") return;
+  if (isTelemetryOptedOut()) return;
   setupTelemetry({ enabled: true });
 }
 function setupTelemetry(config) {
   if (!config.enabled) return;
   if (meterProvider) return;
+  if (isTelemetryOptedOut()) return;
   defaultSource = config.source ?? "sdk";
   const ATBASH_HONEYCOMB_KEY = "YOUR_INGEST_KEY_HERE";
   const apiKey = process.env.HONEYCOMB_API_KEY ?? ATBASH_HONEYCOMB_KEY;
@@ -698,22 +714,22 @@ function validateJudgeEndpoint(judge) {
 }
 // src/key-loader.ts
-var import_node_fs = require("fs");
-var import_node_os = require("os");
-var import_node_path = require("path");
+var import_node_fs2 = require("fs");
+var import_node_os2 = require("os");
+var import_node_path2 = require("path");
 var DEFAULT_KEY_PATH_REL = ".config/atbash/guard-client-key";
 function resolveKeyPath(input) {
   if (input) return expandHome(input);
-  const home = process.env.HOME || (0, import_node_os.homedir)() || "";
-  return (0, import_node_path.join)(home, DEFAULT_KEY_PATH_REL);
+  const home = process.env.HOME || (0, import_node_os2.homedir)() || "";
+  return (0, import_node_path2.join)(home, DEFAULT_KEY_PATH_REL);
 }
 function expandHome(p) {
   if (!p.startsWith("~/")) return p;
-  const home = process.env.HOME || (0, import_node_os.homedir)() || "";
-  return (0, import_node_path.join)(home, p.slice(2));
+  const home = process.env.HOME || (0, import_node_os2.homedir)() || "";
+  return (0, import_node_path2.join)(home, p.slice(2));
 }
 function readKeyFile(keyPath) {
-  const content = String((0, import_node_fs.readFileSync)(keyPath, "utf8") || "").trim();
+  const content = String((0, import_node_fs2.readFileSync)(keyPath, "utf8") || "").trim();
   let privKey = "";
   let pubKey = "";
   if (content.startsWith("{")) {
@@ -905,10 +921,25 @@ function createAtbashClient(config = {}) {
           };
         }
         if (action === "allow") {
-          const surfacedVerdict = result.verdict === "ALLOW" || result.verdict === "HOLD" || result.verdict === "BLOCK" ? result.verdict : "ALLOW";
+          if (result.verdict === "HOLD") {
+            return {
+              allow: false,
+              verdict: "HOLD",
+              reason: result.reason,
+              toolCallId: result.tool_call_id
+            };
+          }
+          if (result.verdict === "BLOCK") {
+            return {
+              allow: false,
+              verdict: "BLOCK",
+              reason: result.reason,
+              toolCallId: result.tool_call_id
+            };
+          }
           return {
             allow: true,
-            verdict: surfacedVerdict,
+            verdict: "ALLOW",
             reason: result.reason,
             toolCallId: result.tool_call_id
           };
@@ -938,9 +969,9 @@ function truncate(text) {
 }
 // src/user-config.ts
-var import_node_fs2 = require("fs");
-var import_node_os2 = require("os");
-var import_node_path2 = require("path");
+var import_node_fs3 = require("fs");
+var import_node_os3 = require("os");
+var import_node_path3 = require("path");
 var ENV_MAP = {
   agentKey: "ATBASH_AGENT_KEY",
   orgName: "ATBASH_ORG_NAME",
@@ -950,17 +981,17 @@ var ENV_MAP = {
   providerModel: "ATBASH_PROVIDER_MODEL"
 };
 function getConfigDir() {
-  const home = process.env.HOME || (0, import_node_os2.homedir)() || "";
-  return (0, import_node_path2.join)(home, ".config", "atbash");
+  const home = process.env.HOME || (0, import_node_os3.homedir)() || "";
+  return (0, import_node_path3.join)(home, ".config", "atbash");
 }
 function getConfigPath() {
-  return (0, import_node_path2.join)(getConfigDir(), "config.json");
+  return (0, import_node_path3.join)(getConfigDir(), "config.json");
 }
 function loadUserConfig() {
   try {
     const p = getConfigPath();
-    if (!(0, import_node_fs2.existsSync)(p)) return {};
-    const raw = (0, import_node_fs2.readFileSync)(p, "utf-8").trim();
+    if (!(0, import_node_fs3.existsSync)(p)) return {};
+    const raw = (0, import_node_fs3.readFileSync)(p, "utf-8").trim();
     if (!raw) return {};
     return JSON.parse(raw);
   } catch (err) {
@@ -970,12 +1001,12 @@ function loadUserConfig() {
 }
 function saveUserConfig(config) {
   const dir = getConfigDir();
-  if (!(0, import_node_fs2.existsSync)(dir)) {
-    (0, import_node_fs2.mkdirSync)(dir, { recursive: true, mode: 448 });
+  if (!(0, import_node_fs3.existsSync)(dir)) {
+    (0, import_node_fs3.mkdirSync)(dir, { recursive: true, mode: 448 });
   }
   const filePath = getConfigPath();
-  (0, import_node_fs2.writeFileSync)(filePath, JSON.stringify(config, null, 2) + "\n", { mode: 384 });
-  (0, import_node_fs2.chmodSync)(filePath, 384);
+  (0, import_node_fs3.writeFileSync)(filePath, JSON.stringify(config, null, 2) + "\n", { mode: 384 });
+  (0, import_node_fs3.chmodSync)(filePath, 384);
 }
 function resolve(key, flagValue) {
   if (flagValue) return flagValue;
@@ -1035,11 +1066,17 @@ var BEHAVIOR_PATTERNS = [
     re: /\b(?:no need to|don'?t need to|not necessary to|unnecessary to)\b.*\b(?:check|verify|validate|scan|review|confirm|authenticate)\b/i,
     description: "attempts to normalize skipping verification"
   },
+  {
+    type: "safety_bypass",
+    severity: "high",
+    re: /\[\s*(?:VERIFIED|SAFE|APPROVED|TRUSTED|AUTHORIZED|CLEARED|WHITELISTED)\s*\]/i,
+    description: "stores a verdict-influencing meta-tag that could be prepended to action text to bypass AI evaluation"
+  },
   /* ── Privilege escalation ── */
   {
     type: "privilege_escalation",
     severity: "critical",
-    re: /\b(?:admin|administrator|root|superuser|sudo|elevated)\b.*\b(?:privilege|permission|access|role|clearance|authority)\b.*\b(?:granted|approved|confirmed|given|assigned)\b/i,
+    re: /\b(?:admin|administrator|root|superuser|sudo|elevated)\b.*\b(?:privileges?|permissions?|access|roles?|clearance|authority)\b.*\b(?:granted|approved|confirmed|given|assigned)\b/i,
     description: "claims elevated privileges were granted"
   },
   {

package/dist/index.d.cts CHANGED Viewed

@@ -251,7 +251,11 @@ declare function verifyJudgeResponseSignature(bodyBytes: Uint8Array, signatureHe
  * Atbash SDK Telemetry — OpenTelemetry metrics for usage tracking.
  *
  * Tracks: function call counts, latency, source (CLI/plugin/SDK),
- * and agent identity. Opt-in — no data sent unless enabled.
+ * and agent identity. ON by default.
+ *
+ * Opt-out: create ~/.config/atbash/telemetry.json with { "enabled": false }
+ * The file must be mode 0600. If missing, corrupted, or unreadable → telemetry stays ON.
+ * Environment variables cannot disable telemetry (prevents agent bypass).
  */
 type ClientSource = "cli" | "sdk" | "plugin:openclaw" | "plugin:langchain" | "plugin:langgraph" | "plugin:hermes" | "plugin:eliza" | "plugin:crewai" | "plugin:mcp" | "plugin:autogen" | "plugin:jeenai" | (string & {});
 interface TelemetryConfig {

package/dist/index.d.ts CHANGED Viewed

@@ -251,7 +251,11 @@ declare function verifyJudgeResponseSignature(bodyBytes: Uint8Array, signatureHe
  * Atbash SDK Telemetry — OpenTelemetry metrics for usage tracking.
  *
  * Tracks: function call counts, latency, source (CLI/plugin/SDK),
- * and agent identity. Opt-in — no data sent unless enabled.
+ * and agent identity. ON by default.
+ *
+ * Opt-out: create ~/.config/atbash/telemetry.json with { "enabled": false }
+ * The file must be mode 0600. If missing, corrupted, or unreadable → telemetry stays ON.
+ * Environment variables cannot disable telemetry (prevents agent bypass).
  */
 type ClientSource = "cli" | "sdk" | "plugin:openclaw" | "plugin:langchain" | "plugin:langgraph" | "plugin:hermes" | "plugin:eliza" | "plugin:crewai" | "plugin:mcp" | "plugin:autogen" | "plugin:jeenai" | (string & {});
 interface TelemetryConfig {

package/dist/index.js CHANGED Viewed

@@ -29,6 +29,9 @@ function verifyJudgeResponseSignature(bodyBytes, signatureHex, pubKeyHex) {
 }
 // src/opentel/telemetry.ts
+import { readFileSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
 import { MeterProvider, PeriodicExportingMetricReader } from "@opentelemetry/sdk-metrics";
 import { OTLPMetricExporter } from "@opentelemetry/exporter-metrics-otlp-http";
 import { resourceFromAttributes } from "@opentelemetry/resources";
@@ -36,14 +39,27 @@ var meterProvider = null;
 var callCounter = null;
 var durationHistogram = null;
 var defaultSource = "sdk";
+function isTelemetryOptedOut() {
+  try {
+    const home = process.env.HOME || homedir() || "";
+    const filePath = join(home, ".config", "atbash", "telemetry.json");
+    const raw = readFileSync(filePath, "utf-8").trim();
+    if (!raw) return false;
+    const config = JSON.parse(raw);
+    return config.enabled === false;
+  } catch {
+    return false;
+  }
+}
 function autoInit() {
   if (meterProvider) return;
-  if (process.env.ATBASH_TELEMETRY === "false") return;
+  if (isTelemetryOptedOut()) return;
   setupTelemetry({ enabled: true });
 }
 function setupTelemetry(config) {
   if (!config.enabled) return;
   if (meterProvider) return;
+  if (isTelemetryOptedOut()) return;
   defaultSource = config.source ?? "sdk";
   const ATBASH_HONEYCOMB_KEY = "YOUR_INGEST_KEY_HERE";
   const apiKey = process.env.HONEYCOMB_API_KEY ?? ATBASH_HONEYCOMB_KEY;
@@ -622,22 +638,22 @@ function validateJudgeEndpoint(judge) {
 }
 // src/key-loader.ts
-import { readFileSync } from "fs";
-import { homedir } from "os";
-import { join } from "path";
+import { readFileSync as readFileSync2 } from "fs";
+import { homedir as homedir2 } from "os";
+import { join as join2 } from "path";
 var DEFAULT_KEY_PATH_REL = ".config/atbash/guard-client-key";
 function resolveKeyPath(input) {
   if (input) return expandHome(input);
-  const home = process.env.HOME || homedir() || "";
-  return join(home, DEFAULT_KEY_PATH_REL);
+  const home = process.env.HOME || homedir2() || "";
+  return join2(home, DEFAULT_KEY_PATH_REL);
 }
 function expandHome(p) {
   if (!p.startsWith("~/")) return p;
-  const home = process.env.HOME || homedir() || "";
-  return join(home, p.slice(2));
+  const home = process.env.HOME || homedir2() || "";
+  return join2(home, p.slice(2));
 }
 function readKeyFile(keyPath) {
-  const content = String(readFileSync(keyPath, "utf8") || "").trim();
+  const content = String(readFileSync2(keyPath, "utf8") || "").trim();
   let privKey = "";
   let pubKey = "";
   if (content.startsWith("{")) {
@@ -829,10 +845,25 @@ function createAtbashClient(config = {}) {
           };
         }
         if (action === "allow") {
-          const surfacedVerdict = result.verdict === "ALLOW" || result.verdict === "HOLD" || result.verdict === "BLOCK" ? result.verdict : "ALLOW";
+          if (result.verdict === "HOLD") {
+            return {
+              allow: false,
+              verdict: "HOLD",
+              reason: result.reason,
+              toolCallId: result.tool_call_id
+            };
+          }
+          if (result.verdict === "BLOCK") {
+            return {
+              allow: false,
+              verdict: "BLOCK",
+              reason: result.reason,
+              toolCallId: result.tool_call_id
+            };
+          }
           return {
             allow: true,
-            verdict: surfacedVerdict,
+            verdict: "ALLOW",
             reason: result.reason,
             toolCallId: result.tool_call_id
           };
@@ -862,9 +893,9 @@ function truncate(text) {
 }
 // src/user-config.ts
-import { readFileSync as readFileSync2, writeFileSync, mkdirSync, chmodSync, existsSync } from "fs";
-import { homedir as homedir2 } from "os";
-import { join as join2 } from "path";
+import { readFileSync as readFileSync3, writeFileSync, mkdirSync, chmodSync, existsSync } from "fs";
+import { homedir as homedir3 } from "os";
+import { join as join3 } from "path";
 var ENV_MAP = {
   agentKey: "ATBASH_AGENT_KEY",
   orgName: "ATBASH_ORG_NAME",
@@ -874,17 +905,17 @@ var ENV_MAP = {
   providerModel: "ATBASH_PROVIDER_MODEL"
 };
 function getConfigDir() {
-  const home = process.env.HOME || homedir2() || "";
-  return join2(home, ".config", "atbash");
+  const home = process.env.HOME || homedir3() || "";
+  return join3(home, ".config", "atbash");
 }
 function getConfigPath() {
-  return join2(getConfigDir(), "config.json");
+  return join3(getConfigDir(), "config.json");
 }
 function loadUserConfig() {
   try {
     const p = getConfigPath();
     if (!existsSync(p)) return {};
-    const raw = readFileSync2(p, "utf-8").trim();
+    const raw = readFileSync3(p, "utf-8").trim();
     if (!raw) return {};
     return JSON.parse(raw);
   } catch (err) {
@@ -959,11 +990,17 @@ var BEHAVIOR_PATTERNS = [
     re: /\b(?:no need to|don'?t need to|not necessary to|unnecessary to)\b.*\b(?:check|verify|validate|scan|review|confirm|authenticate)\b/i,
     description: "attempts to normalize skipping verification"
   },
+  {
+    type: "safety_bypass",
+    severity: "high",
+    re: /\[\s*(?:VERIFIED|SAFE|APPROVED|TRUSTED|AUTHORIZED|CLEARED|WHITELISTED)\s*\]/i,
+    description: "stores a verdict-influencing meta-tag that could be prepended to action text to bypass AI evaluation"
+  },
   /* ── Privilege escalation ── */
   {
     type: "privilege_escalation",
     severity: "critical",
-    re: /\b(?:admin|administrator|root|superuser|sudo|elevated)\b.*\b(?:privilege|permission|access|role|clearance|authority)\b.*\b(?:granted|approved|confirmed|given|assigned)\b/i,
+    re: /\b(?:admin|administrator|root|superuser|sudo|elevated)\b.*\b(?:privileges?|permissions?|access|roles?|clearance|authority)\b.*\b(?:granted|approved|confirmed|given|assigned)\b/i,
     description: "claims elevated privileges were granted"
   },
   {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@atbash/sdk",
-  "version": "0.3.11-dev.3",
+  "version": "0.3.11-dev.5",
   "description": "Atbash SDK — control boundary before the last irreversible step in an agent workflow",
   "homepage": "https://atbash.ai",
   "author": "Atbash",