@atbash/sdk 0.3.11-dev.4 → 0.3.11-dev.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +25 -4
  2. package/dist/index.d.cts +2 -2
  3. package/dist/index.d.ts +2 -2
  4. package/dist/index.js +25 -4
  5. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -191,13 +191,13 @@ async function shutdownTelemetry() {
191
191
 
192
192
  // src/client.ts
193
193
  var { createClient, encryption: encryption2, newSignatureProvider } = import_postchain_client2.default;
194
- var DEFAULT_ENDPOINT = "https://atbash.ai";
194
+ var DEFAULT_ENDPOINT = "https://chromia-verified-ai-dev-two.vercel.app";
195
195
  var DEFAULT_CHROMIA_NODE_URLS = [
196
196
  "https://node6.testnet.chromia.com:7740",
197
197
  "https://node7.testnet.chromia.com:7740",
198
198
  "https://node8.testnet.chromia.com:7740"
199
199
  ];
200
- var DEFAULT_BLOCKCHAIN_RID = "3CF2566BF0E606C8D6F9360566DB2FE3BC254C39451BAEB6D736E916D677486A";
200
+ var DEFAULT_BLOCKCHAIN_RID = "9cd07a6597b7f3c34023ff29dc3d01409d88d321b53c59b07f41501b6baac1e3";
201
201
  function isValidPrivateKey(hex) {
202
202
  return /^[0-9a-fA-F]{64}$/.test(hex);
203
203
  }
@@ -921,10 +921,25 @@ function createAtbashClient(config = {}) {
921
921
  };
922
922
  }
923
923
  if (action === "allow") {
924
- const surfacedVerdict = result.verdict === "ALLOW" || result.verdict === "HOLD" || result.verdict === "BLOCK" ? result.verdict : "ALLOW";
924
+ if (result.verdict === "HOLD") {
925
+ return {
926
+ allow: false,
927
+ verdict: "HOLD",
928
+ reason: result.reason,
929
+ toolCallId: result.tool_call_id
930
+ };
931
+ }
932
+ if (result.verdict === "BLOCK") {
933
+ return {
934
+ allow: false,
935
+ verdict: "BLOCK",
936
+ reason: result.reason,
937
+ toolCallId: result.tool_call_id
938
+ };
939
+ }
925
940
  return {
926
941
  allow: true,
927
- verdict: surfacedVerdict,
942
+ verdict: "ALLOW",
928
943
  reason: result.reason,
929
944
  toolCallId: result.tool_call_id
930
945
  };
@@ -1051,6 +1066,12 @@ var BEHAVIOR_PATTERNS = [
1051
1066
  re: /\b(?:no need to|don'?t need to|not necessary to|unnecessary to)\b.*\b(?:check|verify|validate|scan|review|confirm|authenticate)\b/i,
1052
1067
  description: "attempts to normalize skipping verification"
1053
1068
  },
1069
+ {
1070
+ type: "safety_bypass",
1071
+ severity: "high",
1072
+ re: /\[\s*(?:VERIFIED|SAFE|APPROVED|TRUSTED|AUTHORIZED|CLEARED|WHITELISTED)\s*\]/i,
1073
+ description: "stores a verdict-influencing meta-tag that could be prepended to action text to bypass AI evaluation"
1074
+ },
1054
1075
  /* ── Privilege escalation ── */
1055
1076
  {
1056
1077
  type: "privilege_escalation",
package/dist/index.d.cts CHANGED
@@ -191,9 +191,9 @@ interface AtbashClientConfig {
191
191
  };
192
192
  }
193
193
 
194
- declare const DEFAULT_ENDPOINT = "https://atbash.ai";
194
+ declare const DEFAULT_ENDPOINT = "https://chromia-verified-ai-dev-two.vercel.app";
195
195
  declare const DEFAULT_CHROMIA_NODE_URLS: string[];
196
- declare const DEFAULT_BLOCKCHAIN_RID = "3CF2566BF0E606C8D6F9360566DB2FE3BC254C39451BAEB6D736E916D677486A";
196
+ declare const DEFAULT_BLOCKCHAIN_RID = "9cd07a6597b7f3c34023ff29dc3d01409d88d321b53c59b07f41501b6baac1e3";
197
197
  declare function isValidPrivateKey(hex: string): boolean;
198
198
  declare function derivePublicKey(privKeyHex: string): string;
199
199
  declare function generateKeyPair(): {
package/dist/index.d.ts CHANGED
@@ -191,9 +191,9 @@ interface AtbashClientConfig {
191
191
  };
192
192
  }
193
193
 
194
- declare const DEFAULT_ENDPOINT = "https://atbash.ai";
194
+ declare const DEFAULT_ENDPOINT = "https://chromia-verified-ai-dev-two.vercel.app";
195
195
  declare const DEFAULT_CHROMIA_NODE_URLS: string[];
196
- declare const DEFAULT_BLOCKCHAIN_RID = "3CF2566BF0E606C8D6F9360566DB2FE3BC254C39451BAEB6D736E916D677486A";
196
+ declare const DEFAULT_BLOCKCHAIN_RID = "9cd07a6597b7f3c34023ff29dc3d01409d88d321b53c59b07f41501b6baac1e3";
197
197
  declare function isValidPrivateKey(hex: string): boolean;
198
198
  declare function derivePublicKey(privKeyHex: string): string;
199
199
  declare function generateKeyPair(): {
package/dist/index.js CHANGED
@@ -115,13 +115,13 @@ async function shutdownTelemetry() {
115
115
 
116
116
  // src/client.ts
117
117
  var { createClient, encryption: encryption2, newSignatureProvider } = postchain2;
118
- var DEFAULT_ENDPOINT = "https://atbash.ai";
118
+ var DEFAULT_ENDPOINT = "https://chromia-verified-ai-dev-two.vercel.app";
119
119
  var DEFAULT_CHROMIA_NODE_URLS = [
120
120
  "https://node6.testnet.chromia.com:7740",
121
121
  "https://node7.testnet.chromia.com:7740",
122
122
  "https://node8.testnet.chromia.com:7740"
123
123
  ];
124
- var DEFAULT_BLOCKCHAIN_RID = "3CF2566BF0E606C8D6F9360566DB2FE3BC254C39451BAEB6D736E916D677486A";
124
+ var DEFAULT_BLOCKCHAIN_RID = "9cd07a6597b7f3c34023ff29dc3d01409d88d321b53c59b07f41501b6baac1e3";
125
125
  function isValidPrivateKey(hex) {
126
126
  return /^[0-9a-fA-F]{64}$/.test(hex);
127
127
  }
@@ -845,10 +845,25 @@ function createAtbashClient(config = {}) {
845
845
  };
846
846
  }
847
847
  if (action === "allow") {
848
- const surfacedVerdict = result.verdict === "ALLOW" || result.verdict === "HOLD" || result.verdict === "BLOCK" ? result.verdict : "ALLOW";
848
+ if (result.verdict === "HOLD") {
849
+ return {
850
+ allow: false,
851
+ verdict: "HOLD",
852
+ reason: result.reason,
853
+ toolCallId: result.tool_call_id
854
+ };
855
+ }
856
+ if (result.verdict === "BLOCK") {
857
+ return {
858
+ allow: false,
859
+ verdict: "BLOCK",
860
+ reason: result.reason,
861
+ toolCallId: result.tool_call_id
862
+ };
863
+ }
849
864
  return {
850
865
  allow: true,
851
- verdict: surfacedVerdict,
866
+ verdict: "ALLOW",
852
867
  reason: result.reason,
853
868
  toolCallId: result.tool_call_id
854
869
  };
@@ -975,6 +990,12 @@ var BEHAVIOR_PATTERNS = [
975
990
  re: /\b(?:no need to|don'?t need to|not necessary to|unnecessary to)\b.*\b(?:check|verify|validate|scan|review|confirm|authenticate)\b/i,
976
991
  description: "attempts to normalize skipping verification"
977
992
  },
993
+ {
994
+ type: "safety_bypass",
995
+ severity: "high",
996
+ re: /\[\s*(?:VERIFIED|SAFE|APPROVED|TRUSTED|AUTHORIZED|CLEARED|WHITELISTED)\s*\]/i,
997
+ description: "stores a verdict-influencing meta-tag that could be prepended to action text to bypass AI evaluation"
998
+ },
978
999
  /* ── Privilege escalation ── */
979
1000
  {
980
1001
  type: "privilege_escalation",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atbash/sdk",
3
- "version": "0.3.11-dev.4",
3
+ "version": "0.3.11-dev.6",
4
4
  "description": "Atbash SDK — control boundary before the last irreversible step in an agent workflow",
5
5
  "homepage": "https://atbash.ai",
6
6
  "author": "Atbash",