@axonflow/openclaw 0.1.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +23 -1
- package/README.md +48 -15
- package/dist/audit.d.ts.map +1 -1
- package/dist/audit.js +2 -0
- package/dist/audit.js.map +1 -1
- package/dist/axonflow-client.d.ts +17 -2
- package/dist/axonflow-client.d.ts.map +1 -1
- package/dist/axonflow-client.js +39 -8
- package/dist/axonflow-client.js.map +1 -1
- package/dist/config.d.ts +2 -2
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +10 -7
- package/dist/config.js.map +1 -1
- package/dist/governance.d.ts.map +1 -1
- package/dist/governance.js +8 -0
- package/dist/governance.js.map +1 -1
- package/dist/index.d.ts +6 -12
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +34 -12
- package/dist/index.js.map +1 -1
- package/dist/llm-audit.d.ts.map +1 -1
- package/dist/llm-audit.js +2 -0
- package/dist/llm-audit.js.map +1 -1
- package/dist/message-guard.d.ts.map +1 -1
- package/dist/message-guard.js +6 -1
- package/dist/message-guard.js.map +1 -1
- package/dist/metrics.d.ts +43 -0
- package/dist/metrics.d.ts.map +1 -0
- package/dist/metrics.js +58 -0
- package/dist/metrics.js.map +1 -0
- package/dist/telemetry.d.ts +34 -0
- package/dist/telemetry.d.ts.map +1 -0
- package/dist/telemetry.js +153 -0
- package/dist/telemetry.js.map +1 -0
- package/package.json +7 -2
- package/policies/README.md +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,25 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
-
## [
|
|
3
|
+
## [1.0.0] - 2026-04-05
|
|
4
|
+
|
|
5
|
+
### BREAKING CHANGES
|
|
6
|
+
|
|
7
|
+
- **`X-Tenant-ID` header removed.** The plugin no longer sends `X-Tenant-ID`. The server derives tenant from OAuth2 Client Credentials (Basic auth). Requires platform v6.0.0+.
|
|
8
|
+
- **`tenantId` config removed.** Both `clientId` and `clientSecret` default to `"community"` when not configured. The `tenantId` field is removed — tenant is derived server-side.
|
|
9
|
+
|
|
10
|
+
### Added
|
|
11
|
+
|
|
12
|
+
- `searchAuditEvents()` method on `AxonFlowClient` for individual audit event inspection. Enables debugging why something was blocked, generating compliance reports, and answering "what did the agent do in the last hour?"
|
|
13
|
+
- Hardened E2E test suite: 24 tests covering dangerous command blocking (reverse shell, rm -rf, SSRF, path traversal, credential access), PII detection with redaction assertions, and audit search.
|
|
14
|
+
|
|
15
|
+
### Security
|
|
16
|
+
|
|
17
|
+
- Bumped `@anthropic-ai/sdk` transitive dependency from 0.80.0 to 0.82.0 (fixes CVE-2026-34451: memory tool path validation sandbox escape).
|
|
18
|
+
- Replaced polynomial regex in endpoint URL normalization with iterative loop (ReDoS mitigation).
|
|
19
|
+
- Added explicit `permissions: contents: read` to CI workflow (least privilege).
|
|
20
|
+
- Removed hardcoded Base64 auth string from test file (secret scanning false positive).
|
|
21
|
+
|
|
22
|
+
## [0.2.0] - 2026-04-01 (initial public release)
|
|
4
23
|
|
|
5
24
|
### Added
|
|
6
25
|
|
|
@@ -12,6 +31,9 @@
|
|
|
12
31
|
- High-risk tool approval: configurable tool list triggers OpenClaw's native approval flow even when AxonFlow allows the call.
|
|
13
32
|
- Configurable governance scope: govern all tools, specific tools only, or exclude specific tools.
|
|
14
33
|
- Fail-open/fail-closed: `onError` config controls behavior when AxonFlow is unreachable.
|
|
34
|
+
- **Startup health check**: Verifies AxonFlow connectivity on plugin initialization. Logs a warning if unreachable, indicating whether the plugin will fail-open or fail-closed.
|
|
35
|
+
- **Governance metrics**: In-process counters for tool calls (evaluated, blocked, approved, allowed), messages (scanned, cancelled, redacted), audit events, and errors. Accessible via `getMetrics()` for debugging and monitoring.
|
|
36
|
+
- **Usage telemetry**: Anonymous checkpoint ping on initialization reporting SDK version, platform info, and hook configuration. Respects `DO_NOT_TRACK=1` and `AXONFLOW_TELEMETRY=off`. Suppressed for localhost endpoints.
|
|
15
37
|
- Starter policy documentation with SQL setup for OpenClaw production baseline.
|
|
16
38
|
|
|
17
39
|
### Not Yet Supported
|
package/README.md
CHANGED
|
@@ -2,17 +2,20 @@
|
|
|
2
2
|
|
|
3
3
|
**Policy enforcement, approval gates, and audit trails for [OpenClaw](https://github.com/openclaw/openclaw).**
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
## Why
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
- prevent PII or secrets from being sent to users
|
|
11
|
-
- keep an audit trail of agent activity with policy context
|
|
7
|
+
OpenClaw is widely deployed with [13+ CVEs disclosed in 2026](https://github.com/jgamblin/OpenClawCVEs/) (multiple CVSS 9.8+), [135,000+ publicly exposed instances](https://www.bitsight.com/blog/openclaw-ai-security-risks-exposed-instances), and [1,184 malicious skills](https://cyberpress.org/clawhavoc-poisons-openclaws-clawhub-with-1184-malicious-skills/) poisoned in ClawHub via the ClawHavoc supply chain attack. OpenClaw provides agent runtime and tool execution but no centralized policy enforcement, no PII scanning, and no compliance-grade audit trails.
|
|
8
|
+
|
|
9
|
+
This plugin adds the governance layer. AxonFlow governs, OpenClaw orchestrates. No LLM provider keys needed — OpenClaw handles all LLM calls, AxonFlow only enforces policies and records audit trails. Your data stays on your infrastructure.
|
|
12
10
|
|
|
13
|
-
|
|
11
|
+
This plugin is useful when you want to:
|
|
12
|
+
- block dangerous tool calls (reverse shells, SSRF, destructive commands) before they run
|
|
13
|
+
- detect and redact PII and secrets in outbound messages before delivery
|
|
14
|
+
- require human approval for high-risk tools (exec, web_fetch, message)
|
|
15
|
+
- keep a compliance-grade audit trail of every tool call and LLM interaction
|
|
16
|
+
- gain visibility into token usage and LLM activity across agents via audit trails
|
|
14
17
|
|
|
15
|
-
## What
|
|
18
|
+
## What It Does
|
|
16
19
|
|
|
17
20
|
| Hook | Purpose |
|
|
18
21
|
|------|---------|
|
|
@@ -22,6 +25,10 @@ Much of the OpenClaw ecosystem today focuses on routing, memory, integrations, a
|
|
|
22
25
|
| `llm_input` | Record prompt, model, and provider for audit |
|
|
23
26
|
| `llm_output` | Record response summary, token usage, and latency for audit |
|
|
24
27
|
|
|
28
|
+
The plugin also:
|
|
29
|
+
- **Verifies AxonFlow connectivity** on startup and logs a warning if unreachable
|
|
30
|
+
- **Tracks governance metrics** in-process (tool calls blocked/allowed, messages redacted, etc.) accessible via `getMetrics()`
|
|
31
|
+
|
|
25
32
|
## Current Limitation
|
|
26
33
|
|
|
27
34
|
Tool results written into the OpenClaw session transcript are not yet scanned by this plugin. OpenClaw's `tool_result_persist` hook is synchronous today, so it cannot call AxonFlow's HTTP policy APIs.
|
|
@@ -36,6 +43,19 @@ What is not protected yet:
|
|
|
36
43
|
|
|
37
44
|
If OpenClaw adds async support for `tool_result_persist`, AxonFlow can add transcript/result scanning immediately. Upstream issue: [openclaw/openclaw#58558](https://github.com/openclaw/openclaw/issues/58558).
|
|
38
45
|
|
|
46
|
+
## Prerequisites
|
|
47
|
+
|
|
48
|
+
This plugin connects to [AxonFlow](https://github.com/getaxonflow/axonflow), a self-hosted governance platform, for policy evaluation and audit logging. AxonFlow must be running before you use the plugin. Your data stays on your infrastructure.
|
|
49
|
+
|
|
50
|
+
```bash
|
|
51
|
+
# Start AxonFlow (Docker — runs entirely on your machine)
|
|
52
|
+
git clone https://github.com/getaxonflow/axonflow.git
|
|
53
|
+
cd axonflow
|
|
54
|
+
docker compose up -d
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
See [Getting Started](https://docs.getaxonflow.com/docs/getting-started/) for full setup options.
|
|
58
|
+
|
|
39
59
|
## Install
|
|
40
60
|
|
|
41
61
|
```bash
|
|
@@ -50,8 +70,10 @@ In your OpenClaw config:
|
|
|
50
70
|
plugins:
|
|
51
71
|
@axonflow/openclaw:
|
|
52
72
|
endpoint: http://localhost:8080
|
|
53
|
-
clientId
|
|
54
|
-
|
|
73
|
+
# clientId and clientSecret default to community mode.
|
|
74
|
+
# Set these to your evaluation/enterprise credentials when you have a license.
|
|
75
|
+
# clientId: your-tenant-id
|
|
76
|
+
# clientSecret: your-license-key
|
|
55
77
|
highRiskTools:
|
|
56
78
|
- web_fetch
|
|
57
79
|
- message
|
|
@@ -62,8 +84,14 @@ plugins:
|
|
|
62
84
|
| Option | Required | Default | Description |
|
|
63
85
|
|--------|----------|---------|-------------|
|
|
64
86
|
| `endpoint` | Yes | — | AxonFlow agent gateway URL |
|
|
65
|
-
| `clientId` |
|
|
66
|
-
| `clientSecret` |
|
|
87
|
+
| `clientId` | No | `"community"` | Tenant identity for data isolation. Override for evaluation/enterprise. |
|
|
88
|
+
| `clientSecret` | No | `""` | License key for evaluation/enterprise features. Requires `clientId` to be set. |
|
|
89
|
+
|
|
90
|
+
**Valid configurations:**
|
|
91
|
+
- Both omitted → community mode (`clientId` defaults to `"community"`)
|
|
92
|
+
- `clientId` only → community mode with custom tenant identity
|
|
93
|
+
- Both set → licensed mode (evaluation/enterprise)
|
|
94
|
+
- `clientSecret` only → **error** (licensed mode requires explicit tenant identity to prevent data going to the wrong tenant)
|
|
67
95
|
| `highRiskTools` | No | `[]` | Tools that require human approval even when policy allows |
|
|
68
96
|
| `governedTools` | No | `[]` (all) | Tools to govern. Empty = all tools. |
|
|
69
97
|
| `excludedTools` | No | `[]` | Tools to exclude from governance |
|
|
@@ -121,10 +149,15 @@ Tool result persisted to session transcript
|
|
|
121
149
|
Message delivered to user channel
|
|
122
150
|
```
|
|
123
151
|
|
|
124
|
-
##
|
|
152
|
+
## Telemetry
|
|
153
|
+
|
|
154
|
+
This plugin sends an anonymous telemetry ping on initialization to help us understand usage patterns. The ping includes: plugin version, platform info (OS, architecture, Node.js version), AxonFlow platform version, and hook configuration (count, onError mode). No PII, no tool arguments, no policy data.
|
|
155
|
+
|
|
156
|
+
Opt out:
|
|
157
|
+
- `DO_NOT_TRACK=1` (standard)
|
|
158
|
+
- `AXONFLOW_TELEMETRY=off`
|
|
125
159
|
|
|
126
|
-
|
|
127
|
-
- OpenClaw 1.0+
|
|
160
|
+
Telemetry is automatically suppressed for localhost/loopback endpoints.
|
|
128
161
|
|
|
129
162
|
## Starter Policies
|
|
130
163
|
|
package/dist/audit.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAIxD;;;;GAIG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,cAAc,EACtB,MAAM,EAAE,oBAAoB,IAEd,OAAO;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,KAAG,OAAO,CAAC,IAAI,CAAC,CAkBlB"}
|
package/dist/audit.js
CHANGED
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
* Fire-and-forget: audit failures do not block tool execution.
|
|
6
6
|
*/
|
|
7
7
|
import { shouldGovernTool } from "./config.js";
|
|
8
|
+
import { recordAuditEventSent } from "./metrics.js";
|
|
8
9
|
/**
|
|
9
10
|
* Create the after_tool_call hook handler.
|
|
10
11
|
*
|
|
@@ -17,6 +18,7 @@ export function createAfterToolCallHandler(client, config) {
|
|
|
17
18
|
}
|
|
18
19
|
try {
|
|
19
20
|
await client.auditToolCall(event.toolName, event.params, event.result, event.error, event.durationMs);
|
|
21
|
+
recordAuditEventSent();
|
|
20
22
|
}
|
|
21
23
|
catch {
|
|
22
24
|
// Fire-and-forget: audit failures must not interfere with tool pipeline
|
package/dist/audit.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEpD;;;;GAIG;AACH,MAAM,UAAU,0BAA0B,CACxC,MAAsB,EACtB,MAA4B;IAE5B,OAAO,KAAK,EAAE,KAQb,EAAiB,EAAE;QAClB,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,aAAa,CACxB,KAAK,CAAC,QAAQ,EACd,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,KAAK,EACX,KAAK,CAAC,UAAU,CACjB,CAAC;YACF,oBAAoB,EAAE,CAAC;QACzB,CAAC;QAAC,MAAM,CAAC;YACP,wEAAwE;QAC1E,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -19,14 +19,13 @@ export interface MCPCheckOutputResponse {
|
|
|
19
19
|
export declare class AxonFlowClient {
|
|
20
20
|
private readonly endpoint;
|
|
21
21
|
private readonly authHeader;
|
|
22
|
-
private readonly tenantId;
|
|
23
22
|
constructor(config: AxonFlowPluginConfig);
|
|
24
23
|
private baseHeaders;
|
|
25
24
|
mcpCheckInput(connectorType: string, statement: string, operation?: string): Promise<MCPCheckInputResponse>;
|
|
26
25
|
mcpCheckOutput(connectorType: string, message: string): Promise<MCPCheckOutputResponse>;
|
|
27
26
|
/**
|
|
28
27
|
* Log a tool execution to the audit trail.
|
|
29
|
-
* Uses POST /api/v1/audit/tool-call (
|
|
28
|
+
* Uses POST /api/v1/audit/tool-call (tenant derived from Basic auth).
|
|
30
29
|
*/
|
|
31
30
|
auditToolCall(toolName: string, params: Record<string, unknown>, result?: unknown, error?: string, durationMs?: number): Promise<void>;
|
|
32
31
|
/**
|
|
@@ -42,6 +41,22 @@ export declare class AxonFlowClient {
|
|
|
42
41
|
completion_tokens: number;
|
|
43
42
|
total_tokens: number;
|
|
44
43
|
}, latencyMs: number): Promise<void>;
|
|
44
|
+
/**
|
|
45
|
+
* Search individual audit event records.
|
|
46
|
+
*
|
|
47
|
+
* Returns tool call details, policy evaluations, and timestamps
|
|
48
|
+
* for compliance evidence and debugging.
|
|
49
|
+
*/
|
|
50
|
+
searchAuditEvents(options?: {
|
|
51
|
+
startTime?: string;
|
|
52
|
+
endTime?: string;
|
|
53
|
+
requestType?: string;
|
|
54
|
+
limit?: number;
|
|
55
|
+
}): Promise<{
|
|
56
|
+
entries: unknown[];
|
|
57
|
+
total: number;
|
|
58
|
+
error?: string;
|
|
59
|
+
}>;
|
|
45
60
|
healthCheck(): Promise<boolean>;
|
|
46
61
|
}
|
|
47
62
|
//# sourceMappingURL=axonflow-client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"axonflow-client.d.ts","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAyBD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;
|
|
1
|
+
{"version":3,"file":"axonflow-client.d.ts","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAyBD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBACxB,MAAM,EAAE,oBAAoB;IAWxC,OAAO,CAAC,WAAW;IASb,aAAa,CACjB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,EACjB,SAAS,GAAE,MAAkB,GAC5B,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,cAAc,CAClB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,sBAAsB,CAAC;IA2ClC;;;OAGG;IACG,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,MAAM,CAAC,EAAE,OAAO,EAChB,KAAK,CAAC,EAAE,MAAM,EACd,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAqBhB;;;;;;;OAOG;IACG,YAAY,CAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,eAAe,EAAE,MAAM,EACvB,UAAU,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,EACtF,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IAoBhB;;;;;OAKG;IACG,iBAAiB,CAAC,OAAO,CAAC,EAAE;QAChC,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IA2B5D,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC;CAQtC"}
|
package/dist/axonflow-client.js
CHANGED
|
@@ -29,21 +29,21 @@ function extractPoliciesEvaluated(data) {
|
|
|
29
29
|
export class AxonFlowClient {
|
|
30
30
|
endpoint;
|
|
31
31
|
authHeader;
|
|
32
|
-
tenantId;
|
|
33
32
|
constructor(config) {
|
|
34
|
-
|
|
33
|
+
// Strip trailing slashes without regex (avoids ReDoS on polynomial patterns)
|
|
34
|
+
let ep = config.endpoint;
|
|
35
|
+
while (ep.endsWith("/"))
|
|
36
|
+
ep = ep.slice(0, -1);
|
|
37
|
+
this.endpoint = ep;
|
|
35
38
|
const credentials = Buffer.from(`${config.clientId}:${config.clientSecret}`).toString("base64");
|
|
36
39
|
this.authHeader = `Basic ${credentials}`;
|
|
37
|
-
// clientId serves as tenantId for single-tenant setups.
|
|
38
|
-
// The Agent proxy normally injects X-Tenant-ID after auth, but
|
|
39
|
-
// direct Orchestrator calls (audit/tool-call) require it explicitly.
|
|
40
|
-
this.tenantId = config.clientId;
|
|
41
40
|
}
|
|
42
41
|
baseHeaders() {
|
|
42
|
+
// Tenant is derived from Basic auth credentials on the server side (RFC 6749).
|
|
43
|
+
// X-Tenant-ID header is no longer sent — server knows tenant from auth.
|
|
43
44
|
return {
|
|
44
45
|
"Content-Type": "application/json",
|
|
45
46
|
Authorization: this.authHeader,
|
|
46
|
-
"X-Tenant-ID": this.tenantId,
|
|
47
47
|
};
|
|
48
48
|
}
|
|
49
49
|
async mcpCheckInput(connectorType, statement, operation = "execute") {
|
|
@@ -116,7 +116,7 @@ export class AxonFlowClient {
|
|
|
116
116
|
}
|
|
117
117
|
/**
|
|
118
118
|
* Log a tool execution to the audit trail.
|
|
119
|
-
* Uses POST /api/v1/audit/tool-call (
|
|
119
|
+
* Uses POST /api/v1/audit/tool-call (tenant derived from Basic auth).
|
|
120
120
|
*/
|
|
121
121
|
async auditToolCall(toolName, params, result, error, durationMs) {
|
|
122
122
|
const url = `${this.endpoint}/api/v1/audit/tool-call`;
|
|
@@ -167,6 +167,37 @@ export class AxonFlowClient {
|
|
|
167
167
|
// Audit failures are non-fatal
|
|
168
168
|
}
|
|
169
169
|
}
|
|
170
|
+
/**
|
|
171
|
+
* Search individual audit event records.
|
|
172
|
+
*
|
|
173
|
+
* Returns tool call details, policy evaluations, and timestamps
|
|
174
|
+
* for compliance evidence and debugging.
|
|
175
|
+
*/
|
|
176
|
+
async searchAuditEvents(options) {
|
|
177
|
+
const url = `${this.endpoint}/api/v1/audit/search`;
|
|
178
|
+
const now = new Date();
|
|
179
|
+
const oneHourAgo = new Date(now.getTime() - 60 * 60 * 1000);
|
|
180
|
+
const body = {
|
|
181
|
+
start_time: options?.startTime ?? oneHourAgo.toISOString(),
|
|
182
|
+
end_time: options?.endTime ?? now.toISOString(),
|
|
183
|
+
limit: Math.min(options?.limit ?? 20, 100),
|
|
184
|
+
...(options?.requestType && { request_type: options.requestType }),
|
|
185
|
+
};
|
|
186
|
+
try {
|
|
187
|
+
const response = await fetch(url, {
|
|
188
|
+
method: "POST",
|
|
189
|
+
headers: this.baseHeaders(),
|
|
190
|
+
body: JSON.stringify(body),
|
|
191
|
+
});
|
|
192
|
+
if (!response.ok) {
|
|
193
|
+
return { entries: [], total: 0, error: `HTTP ${response.status}` };
|
|
194
|
+
}
|
|
195
|
+
return (await response.json());
|
|
196
|
+
}
|
|
197
|
+
catch (e) {
|
|
198
|
+
return { entries: [], total: 0, error: e instanceof Error ? e.message : "Unknown error" };
|
|
199
|
+
}
|
|
200
|
+
}
|
|
170
201
|
async healthCheck() {
|
|
171
202
|
try {
|
|
172
203
|
const response = await fetch(`${this.endpoint}/health`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"axonflow-client.js","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,IAA6B;IAC7D,IAAI,OAAO,IAAI,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IACvC,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QAC1D,MAAM,EAAE,GAAG,UAAqC,CAAC;QACjD,IAAI,OAAO,EAAE,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjD,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QACzC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,OAAO,cAAc;IACR,QAAQ,CAAS;IACjB,UAAU,CAAS;
|
|
1
|
+
{"version":3,"file":"axonflow-client.js","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,IAA6B;IAC7D,IAAI,OAAO,IAAI,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IACvC,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QAC1D,MAAM,EAAE,GAAG,UAAqC,CAAC;QACjD,IAAI,OAAO,EAAE,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjD,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QACzC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,OAAO,cAAc;IACR,QAAQ,CAAS;IACjB,UAAU,CAAS;IACpC,YAAY,MAA4B;QACtC,6EAA6E;QAC7E,IAAI,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzB,OAAO,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAC7B,GAAG,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAC5C,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,SAAS,WAAW,EAAE,CAAC;IAC3C,CAAC;IAEO,WAAW;QACjB,+EAA+E;QAC/E,wEAAwE;QACxE,OAAO;YACL,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,IAAI,CAAC,UAAU;SAC/B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,aAAqB,EACrB,SAAiB,EACjB,YAAoB,SAAS;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,SAAS;gBACT,SAAS;aACV,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,gCAAgC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,aAAqB,EACrB,OAAe;QAEf,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,0BAA0B,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,OAAO;aACR,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,iCAAiC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,SAAS;YACjD,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CACjB,QAAgB,EAChB,MAA+B,EAC/B,MAAgB,EAChB,KAAc,EACd,UAAmB;QAEnB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,GAAG,EAAE;gBACf,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,QAAQ;oBACnB,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,MAAM;oBACb,MAAM,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;oBACrF,OAAO,EAAE,KAAK,IAAI,IAAI;oBACtB,aAAa,EAAE,KAAK;oBACpB,WAAW,EAAE,UAAU;iBACxB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,KAAa,EACb,KAAa,EACb,eAAuB,EACvB,UAAsF,EACtF,SAAiB;QAEjB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,GAAG,EAAE;gBACf,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,GAAG,QAAQ,IAAI,KAAK,EAAE;oBACjC,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;oBACrC,MAAM,EAAE,EAAE,gBAAgB,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE;oBACpF,OAAO,EAAE,IAAI;oBACb,WAAW,EAAE,SAAS;iBACvB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAKvB;QACC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,sBAAsB,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG;YACX,UAAU,EAAE,OAAO,EAAE,SAAS,IAAI,UAAU,CAAC,WAAW,EAAE;YAC1D,QAAQ,EAAE,OAAO,EAAE,OAAO,IAAI,GAAG,CAAC,WAAW,EAAE;YAC/C,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE,EAAE,GAAG,CAAC;YAC1C,GAAG,CAAC,OAAO,EAAE,WAAW,IAAI,EAAE,YAAY,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;SACnE,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAChC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,QAAQ,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YACrE,CAAC;YACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA0C,CAAC;QAC1E,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC;QAC5F,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,QAAQ,SAAS,CAAC,CAAC;YACxD,OAAO,QAAQ,CAAC,EAAE,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}
|
package/dist/config.d.ts
CHANGED
|
@@ -7,9 +7,9 @@
|
|
|
7
7
|
export interface AxonFlowPluginConfig {
|
|
8
8
|
/** AxonFlow agent gateway endpoint (e.g., "http://localhost:8080"). */
|
|
9
9
|
endpoint: string;
|
|
10
|
-
/**
|
|
10
|
+
/** Tenant identity for data isolation. Defaults to "community" for community mode. */
|
|
11
11
|
clientId: string;
|
|
12
|
-
/**
|
|
12
|
+
/** License key for evaluation/enterprise features. Empty for community mode. */
|
|
13
13
|
clientSecret: string;
|
|
14
14
|
/**
|
|
15
15
|
* Tools that require human approval even when AxonFlow allows them.
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,oBAAoB;IACnC,uEAAuE;IACvE,QAAQ,EAAE,MAAM,CAAC;IAEjB,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,oBAAoB;IACnC,uEAAuE;IACvE,QAAQ,EAAE,MAAM,CAAC;IAEjB,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAC;IAEjB,gFAAgF;IAChF,YAAY,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;CAC7B;AAED,kDAAkD;AAClD,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,GACvC,oBAAoB,CAgDtB;AAED,0DAA0D;AAC1D,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,oBAAoB,GAC3B,OAAO,CAWT"}
|
package/dist/config.js
CHANGED
|
@@ -13,14 +13,17 @@ export function resolveConfig(raw) {
|
|
|
13
13
|
if (typeof endpoint !== "string" || !endpoint) {
|
|
14
14
|
throw new Error("AxonFlow plugin: 'endpoint' is required (e.g., 'http://localhost:8080')");
|
|
15
15
|
}
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
if (
|
|
22
|
-
throw new Error("AxonFlow plugin: 'clientSecret' is
|
|
16
|
+
// Defaults match SDK behavior: community mode works out of the box.
|
|
17
|
+
// Override with your evaluation/enterprise license credentials.
|
|
18
|
+
const rawClientId = typeof raw["clientId"] === "string" ? raw["clientId"] : "";
|
|
19
|
+
const rawClientSecret = typeof raw["clientSecret"] === "string" ? raw["clientSecret"] : "";
|
|
20
|
+
// Reject clientSecret without clientId — licensed mode must specify the tenant
|
|
21
|
+
if (!rawClientId && rawClientSecret) {
|
|
22
|
+
throw new Error("AxonFlow plugin: 'clientId' is required when 'clientSecret' is set. " +
|
|
23
|
+
"Set clientId to your tenant identity (e.g., your deployment's AXONFLOW_CLIENT_ID).");
|
|
23
24
|
}
|
|
25
|
+
const clientId = rawClientId || "community";
|
|
26
|
+
const clientSecret = rawClientSecret;
|
|
24
27
|
return {
|
|
25
28
|
endpoint,
|
|
26
29
|
clientId,
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA8CH,kDAAkD;AAClD,MAAM,UAAU,aAAa,CAC3B,GAAwC;IAExC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,kHAAkH,CACnH,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;IAC7F,CAAC;IAED,MAAM,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA8CH,kDAAkD;AAClD,MAAM,UAAU,aAAa,CAC3B,GAAwC;IAExC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,kHAAkH,CACnH,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;IAC7F,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,MAAM,WAAW,GAAG,OAAO,GAAG,CAAC,UAAU,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC/E,MAAM,eAAe,GAAG,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE3F,+EAA+E;IAC/E,IAAI,CAAC,WAAW,IAAI,eAAe,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,sEAAsE;YACtE,oFAAoF,CACrF,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,IAAI,WAAW,CAAC;IAC5C,MAAM,YAAY,GAAG,eAAe,CAAC;IAErC,OAAO;QACL,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,gBAAgB,EACd,OAAO,GAAG,CAAC,kBAAkB,CAAC,KAAK,QAAQ;YACzC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC;YACzB,CAAC,CAAC,SAAS;QACf,OAAO,EACL,GAAG,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;KACjD,CAAC;AACJ,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,MAA4B;IAE5B,iCAAiC;IACjC,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,yDAAyD;IACzD,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjD,CAAC;IACD,4BAA4B;IAC5B,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/dist/governance.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"governance.d.ts","sourceRoot":"","sources":["../src/governance.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"governance.d.ts","sourceRoot":"","sources":["../src/governance.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAUxD,sEAAsE;AACtE,MAAM,WAAW,oBAAoB;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE;QAChB,KAAK,EAAE,MAAM,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,GAAG,UAAU,CAAC;QAC3C,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,eAAe,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;KACpC,CAAC;CACH;AAED,2EAA2E;AAC3E,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE5D;AAED;;;;;;;;;GASG;AACH,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,cAAc,EACtB,MAAM,EAAE,oBAAoB,IAEd,OAAO;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,KAAG,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAyD9C"}
|
package/dist/governance.js
CHANGED
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
* Can block the call, require human approval, or allow through.
|
|
6
6
|
*/
|
|
7
7
|
import { shouldGovernTool } from "./config.js";
|
|
8
|
+
import { recordToolCallEvaluated, recordToolCallBlocked, recordToolCallApprovalRequired, recordToolCallAllowed, recordGovernanceError, } from "./metrics.js";
|
|
8
9
|
/** Derive connector_type from tool name for AxonFlow policy evaluation. */
|
|
9
10
|
export function deriveConnectorType(toolName) {
|
|
10
11
|
return `openclaw.${toolName}`;
|
|
@@ -24,6 +25,7 @@ export function createBeforeToolCallHandler(client, config) {
|
|
|
24
25
|
if (!shouldGovernTool(event.toolName, config)) {
|
|
25
26
|
return undefined;
|
|
26
27
|
}
|
|
28
|
+
recordToolCallEvaluated();
|
|
27
29
|
const connectorType = deriveConnectorType(event.toolName);
|
|
28
30
|
const statement = JSON.stringify(event.params);
|
|
29
31
|
let check;
|
|
@@ -31,15 +33,19 @@ export function createBeforeToolCallHandler(client, config) {
|
|
|
31
33
|
check = await client.mcpCheckInput(connectorType, statement, config.defaultOperation ?? "execute");
|
|
32
34
|
}
|
|
33
35
|
catch (err) {
|
|
36
|
+
recordGovernanceError();
|
|
34
37
|
if (config.onError === "allow") {
|
|
38
|
+
recordToolCallAllowed();
|
|
35
39
|
return undefined; // Fail-open: allow tool execution
|
|
36
40
|
}
|
|
41
|
+
recordToolCallBlocked();
|
|
37
42
|
return {
|
|
38
43
|
block: true,
|
|
39
44
|
blockReason: `AxonFlow unreachable: ${err instanceof Error ? err.message : "unknown error"}`,
|
|
40
45
|
};
|
|
41
46
|
}
|
|
42
47
|
if (!check.allowed) {
|
|
48
|
+
recordToolCallBlocked();
|
|
43
49
|
return {
|
|
44
50
|
block: true,
|
|
45
51
|
blockReason: check.block_reason ?? "Blocked by AxonFlow policy",
|
|
@@ -48,6 +54,7 @@ export function createBeforeToolCallHandler(client, config) {
|
|
|
48
54
|
// High-risk tools get approval even when policy allows
|
|
49
55
|
if (config.highRiskTools &&
|
|
50
56
|
config.highRiskTools.includes(event.toolName)) {
|
|
57
|
+
recordToolCallApprovalRequired();
|
|
51
58
|
return {
|
|
52
59
|
requireApproval: {
|
|
53
60
|
title: `AxonFlow: ${event.toolName} requires approval`,
|
|
@@ -58,6 +65,7 @@ export function createBeforeToolCallHandler(client, config) {
|
|
|
58
65
|
},
|
|
59
66
|
};
|
|
60
67
|
}
|
|
68
|
+
recordToolCallAllowed();
|
|
61
69
|
return undefined;
|
|
62
70
|
};
|
|
63
71
|
}
|
package/dist/governance.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"governance.js","sourceRoot":"","sources":["../src/governance.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"governance.js","sourceRoot":"","sources":["../src/governance.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,8BAA8B,EAC9B,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,cAAc,CAAC;AAgBtB,2EAA2E;AAC3E,MAAM,UAAU,mBAAmB,CAAC,QAAgB;IAClD,OAAO,YAAY,QAAQ,EAAE,CAAC;AAChC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,2BAA2B,CACzC,MAAsB,EACtB,MAA4B;IAE5B,OAAO,KAAK,EAAE,KAKb,EAA6C,EAAE;QAC9C,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;YAC9C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,uBAAuB,EAAE,CAAC;QAC1B,MAAM,aAAa,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,KAAK,CAAC;QACV,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,MAAM,CAAC,aAAa,CAChC,aAAa,EACb,SAAS,EACT,MAAM,CAAC,gBAAgB,IAAI,SAAS,CACrC,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,qBAAqB,EAAE,CAAC;YACxB,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBAC/B,qBAAqB,EAAE,CAAC;gBACxB,OAAO,SAAS,CAAC,CAAC,kCAAkC;YACtD,CAAC;YACD,qBAAqB,EAAE,CAAC;YACxB,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,WAAW,EAAE,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7F,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACnB,qBAAqB,EAAE,CAAC;YACxB,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,WAAW,EAAE,KAAK,CAAC,YAAY,IAAI,4BAA4B;aAChE,CAAC;QACJ,CAAC;QAED,uDAAuD;QACvD,IACE,MAAM,CAAC,aAAa;YACpB,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAC7C,CAAC;YACD,8BAA8B,EAAE,CAAC;YACjC,OAAO;gBACL,eAAe,EAAE;oBACf,KAAK,EAAE,aAAa,KAAK,CAAC,QAAQ,oBAAoB;oBACtD,WAAW,EAAE,mCAAmC,KAAK,CAAC,kBAAkB,sBAAsB;oBAC9F,QAAQ,EAAE,SAAS;oBACnB,SAAS,EAAE,MAAM;oBACjB,eAAe,EAAE,MAAM;iBACxB;aACF,CAAC;QACJ,CAAC;QAED,qBAAqB,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -30,32 +30,26 @@
|
|
|
30
30
|
* Outbound messages ARE scanned via message_sending. See upstream issue
|
|
31
31
|
* for async hook support.
|
|
32
32
|
*/
|
|
33
|
+
/** Plugin version — update before each release. */
|
|
34
|
+
export declare const VERSION = "1.0.0";
|
|
33
35
|
export { AxonFlowClient } from "./axonflow-client.js";
|
|
34
36
|
export type { AxonFlowPluginConfig } from "./config.js";
|
|
35
37
|
export { resolveConfig, shouldGovernTool } from "./config.js";
|
|
36
38
|
export { deriveConnectorType } from "./governance.js";
|
|
39
|
+
export { getMetrics, type GovernanceMetrics } from "./metrics.js";
|
|
37
40
|
/**
|
|
38
41
|
* Plugin registration function.
|
|
39
42
|
*
|
|
40
43
|
* Called by OpenClaw when the plugin is loaded. Reads configuration,
|
|
41
|
-
* creates the AxonFlow client,
|
|
42
|
-
*
|
|
43
|
-
* Compatible with OpenClaw's `definePluginEntry` or direct registration:
|
|
44
|
-
*
|
|
45
|
-
* // With definePluginEntry:
|
|
46
|
-
* export default definePluginEntry({
|
|
47
|
-
* id: "axonflow-governance",
|
|
48
|
-
* register: registerAxonFlowGovernance,
|
|
49
|
-
* });
|
|
50
|
-
*
|
|
51
|
-
* // Or direct:
|
|
52
|
-
* api.registerHook("before_tool_call", handler);
|
|
44
|
+
* creates the AxonFlow client, verifies connectivity, registers five
|
|
45
|
+
* governance/audit hooks, and sends a telemetry ping.
|
|
53
46
|
*/
|
|
54
47
|
export declare function registerAxonFlowGovernance(api: {
|
|
55
48
|
pluginConfig?: Record<string, unknown>;
|
|
56
49
|
logger: {
|
|
57
50
|
info: (msg: string) => void;
|
|
58
51
|
error: (msg: string) => void;
|
|
52
|
+
warn?: (msg: string) => void;
|
|
59
53
|
};
|
|
60
54
|
on: (hookName: string, handler: (...args: any[]) => any, opts?: {
|
|
61
55
|
priority?: number;
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAWH,mDAAmD;AACnD,eAAO,MAAM,OAAO,UAAU,CAAC;AAG/B,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAElE;;;;;;GAMG;AACH,wBAAgB,0BAA0B,CAAC,GAAG,EAAE;IAC9C,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,MAAM,EAAE;QAAE,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAAC,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE,CAAC;IACpG,EAAE,EAAE,CACF,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG,EAChC,IAAI,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,KACzB,IAAI,CAAC;CACX,GAAG,IAAI,CAwDP;AAED;;;;;;GAMG;;;;;;;AACH,wBAKE"}
|
package/dist/index.js
CHANGED
|
@@ -36,32 +36,46 @@ import { createBeforeToolCallHandler } from "./governance.js";
|
|
|
36
36
|
import { createAfterToolCallHandler } from "./audit.js";
|
|
37
37
|
import { createMessageSendingHandler } from "./message-guard.js";
|
|
38
38
|
import { createLlmInputHandler, createLlmOutputHandler } from "./llm-audit.js";
|
|
39
|
+
import { sendTelemetryPing } from "./telemetry.js";
|
|
40
|
+
import { resetMetrics } from "./metrics.js";
|
|
41
|
+
/** Plugin version — update before each release. */
|
|
42
|
+
export const VERSION = "1.0.0";
|
|
39
43
|
// Re-export for external consumers
|
|
40
44
|
export { AxonFlowClient } from "./axonflow-client.js";
|
|
41
45
|
export { resolveConfig, shouldGovernTool } from "./config.js";
|
|
42
46
|
export { deriveConnectorType } from "./governance.js";
|
|
47
|
+
export { getMetrics } from "./metrics.js";
|
|
43
48
|
/**
|
|
44
49
|
* Plugin registration function.
|
|
45
50
|
*
|
|
46
51
|
* Called by OpenClaw when the plugin is loaded. Reads configuration,
|
|
47
|
-
* creates the AxonFlow client,
|
|
48
|
-
*
|
|
49
|
-
* Compatible with OpenClaw's `definePluginEntry` or direct registration:
|
|
50
|
-
*
|
|
51
|
-
* // With definePluginEntry:
|
|
52
|
-
* export default definePluginEntry({
|
|
53
|
-
* id: "axonflow-governance",
|
|
54
|
-
* register: registerAxonFlowGovernance,
|
|
55
|
-
* });
|
|
56
|
-
*
|
|
57
|
-
* // Or direct:
|
|
58
|
-
* api.registerHook("before_tool_call", handler);
|
|
52
|
+
* creates the AxonFlow client, verifies connectivity, registers five
|
|
53
|
+
* governance/audit hooks, and sends a telemetry ping.
|
|
59
54
|
*/
|
|
60
55
|
export function registerAxonFlowGovernance(api) {
|
|
61
56
|
const config = resolveConfig(api.pluginConfig);
|
|
62
57
|
const client = new AxonFlowClient(config);
|
|
58
|
+
// Reset metrics on each registration (handles hot-reload)
|
|
59
|
+
resetMetrics();
|
|
63
60
|
api.logger.info(`AxonFlow governance active: endpoint=${config.endpoint}, ` +
|
|
64
61
|
`highRiskTools=[${(config.highRiskTools ?? []).join(",")}]`);
|
|
62
|
+
// Startup health check (fire-and-forget, non-blocking)
|
|
63
|
+
void client.healthCheck().then((healthy) => {
|
|
64
|
+
if (healthy) {
|
|
65
|
+
api.logger.info(`AxonFlow connected: ${config.endpoint}`);
|
|
66
|
+
}
|
|
67
|
+
else {
|
|
68
|
+
const msg = `AxonFlow health check failed: ${config.endpoint} is unreachable. Governance hooks will ${config.onError === "allow" ? "fail-open (allow through)" : "fail-closed (block)"}`;
|
|
69
|
+
if (api.logger.warn) {
|
|
70
|
+
api.logger.warn(msg);
|
|
71
|
+
}
|
|
72
|
+
else {
|
|
73
|
+
api.logger.error(msg);
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
}).catch(() => {
|
|
77
|
+
// Silent — health check should never prevent plugin registration
|
|
78
|
+
});
|
|
65
79
|
// Hook 1: Input governance (before tool execution)
|
|
66
80
|
const beforeToolCall = createBeforeToolCallHandler(client, config);
|
|
67
81
|
api.on("before_tool_call", beforeToolCall, { priority: 10 });
|
|
@@ -77,6 +91,14 @@ export function registerAxonFlowGovernance(api) {
|
|
|
77
91
|
api.on("llm_input", llmInput, { priority: 90 });
|
|
78
92
|
const llmOutput = createLlmOutputHandler(client, config, llmCallState);
|
|
79
93
|
api.on("llm_output", llmOutput, { priority: 90 });
|
|
94
|
+
// Telemetry (fire-and-forget, respects DO_NOT_TRACK=1)
|
|
95
|
+
sendTelemetryPing({
|
|
96
|
+
endpoint: config.endpoint,
|
|
97
|
+
pluginVersion: VERSION,
|
|
98
|
+
hookCount: 5,
|
|
99
|
+
highRiskToolCount: (config.highRiskTools ?? []).length,
|
|
100
|
+
onError: config.onError ?? "block",
|
|
101
|
+
});
|
|
80
102
|
}
|
|
81
103
|
/**
|
|
82
104
|
* Default export for OpenClaw plugin loader.
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iBAAiB,CAAC;AAC9D,OAAO,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AACxD,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,2BAA2B,EAAE,MAAM,iBAAiB,CAAC;AAC9D,OAAO,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AACxD,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAE5C,mDAAmD;AACnD,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,mCAAmC;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,UAAU,EAA0B,MAAM,cAAc,CAAC;AAElE;;;;;;GAMG;AACH,MAAM,UAAU,0BAA0B,CAAC,GAQ1C;IACC,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;IAE1C,0DAA0D;IAC1D,YAAY,EAAE,CAAC;IAEf,GAAG,CAAC,MAAM,CAAC,IAAI,CACb,wCAAwC,MAAM,CAAC,QAAQ,IAAI;QACzD,kBAAkB,CAAC,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC9D,CAAC;IAEF,uDAAuD;IACvD,KAAK,MAAM,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QACzC,IAAI,OAAO,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5D,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,iCAAiC,MAAM,CAAC,QAAQ,0CAA0C,MAAM,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC,CAAC,2BAA2B,CAAC,CAAC,CAAC,qBAAqB,EAAE,CAAC;YACzL,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACpB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;QACZ,iEAAiE;IACnE,CAAC,CAAC,CAAC;IAEH,mDAAmD;IACnD,MAAM,cAAc,GAAG,2BAA2B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnE,GAAG,CAAC,EAAE,CAAC,kBAAkB,EAAE,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAE7D,+CAA+C;IAC/C,MAAM,aAAa,GAAG,0BAA0B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjE,GAAG,CAAC,EAAE,CAAC,iBAAiB,EAAE,aAAa,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAE3D,oEAAoE;IACpE,MAAM,cAAc,GAAG,2BAA2B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnE,GAAG,CAAC,EAAE,CAAC,iBAAiB,EAAE,cAAc,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAE5D,+DAA+D;IAC/D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAgF,CAAC;IAC7G,MAAM,QAAQ,GAAG,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;IACrE,GAAG,CAAC,EAAE,CAAC,WAAW,EAAE,QAAQ,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAEhD,MAAM,SAAS,GAAG,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;IACvE,GAAG,CAAC,EAAE,CAAC,YAAY,EAAE,SAAS,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;IAElD,uDAAuD;IACvD,iBAAiB,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,aAAa,EAAE,OAAO;QACtB,SAAS,EAAE,CAAC;QACZ,iBAAiB,EAAE,CAAC,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,MAAM;QACtD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;KACnC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,eAAe;IACb,EAAE,EAAE,qBAAqB;IACzB,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EAAE,sGAAsG;IACnH,QAAQ,EAAE,0BAA0B;CACrC,CAAC"}
|
package/dist/llm-audit.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"llm-audit.d.ts","sourceRoot":"","sources":["../src/llm-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"llm-audit.d.ts","sourceRoot":"","sources":["../src/llm-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAGxD,8DAA8D;AAC9D,UAAU,YAAY;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,cAAc,EACvB,OAAO,EAAE,oBAAoB,EAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,IAE5B,OAAO;IACb,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,OAAO,EAAE,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;CACrB,KAAG,IAAI,CAmBT;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,oBAAoB,EAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,IAEtB,OAAO;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,KAAK,CAAC,EAAE;QACN,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH,KAAG,OAAO,CAAC,IAAI,CAAC,CAyBlB"}
|
package/dist/llm-audit.js
CHANGED
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
* observe-only (cannot block or modify), so they provide audit
|
|
7
7
|
* evidence, not governance.
|
|
8
8
|
*/
|
|
9
|
+
import { recordAuditEventSent } from "./metrics.js";
|
|
9
10
|
/**
|
|
10
11
|
* Create the llm_input hook handler.
|
|
11
12
|
*
|
|
@@ -51,6 +52,7 @@ export function createLlmOutputHandler(client, _config, callState) {
|
|
|
51
52
|
completion_tokens: event.usage?.output ?? 0,
|
|
52
53
|
total_tokens: event.usage?.total ?? 0,
|
|
53
54
|
}, latencyMs);
|
|
55
|
+
recordAuditEventSent();
|
|
54
56
|
}
|
|
55
57
|
catch {
|
|
56
58
|
// Audit failures are non-fatal
|
package/dist/llm-audit.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"llm-audit.js","sourceRoot":"","sources":["../src/llm-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;
|
|
1
|
+
{"version":3,"file":"llm-audit.js","sourceRoot":"","sources":["../src/llm-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAUpD;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAAuB,EACvB,OAA6B,EAC7B,SAAoC;IAEpC,OAAO,CAAC,KASP,EAAQ,EAAE;QACT,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE;YACzB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;YAClC,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE;SACpB,CAAC,CAAC;QAEH,gEAAgE;QAChE,oEAAoE;QACpE,4CAA4C;QAC5C,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,SAAS,EAAE,CAAC;YACnC,IAAI,GAAG,GAAG,GAAG,CAAC,OAAO,GAAG,UAAU,EAAE,CAAC;gBACnC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAsB,EACtB,OAA6B,EAC7B,SAAoC;IAEpC,OAAO,KAAK,EAAE,KAYb,EAAiB,EAAE;QAClB,MAAM,UAAU,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC9C,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAE9B,MAAM,eAAe,GAAG,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,YAAY,CACvB,UAAU,EAAE,QAAQ,IAAI,KAAK,CAAC,QAAQ,EACtC,UAAU,EAAE,KAAK,IAAI,KAAK,CAAC,KAAK,EAChC,UAAU,EAAE,MAAM,IAAI,EAAE,EACxB,eAAe,EACf;gBACE,aAAa,EAAE,KAAK,CAAC,KAAK,EAAE,KAAK,IAAI,CAAC;gBACtC,iBAAiB,EAAE,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC;gBAC3C,YAAY,EAAE,KAAK,CAAC,KAAK,EAAE,KAAK,IAAI,CAAC;aACtC,EACD,SAAS,CACV,CAAC;YACF,oBAAoB,EAAE,CAAC;QACzB,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"message-guard.d.ts","sourceRoot":"","sources":["../src/message-guard.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"message-guard.d.ts","sourceRoot":"","sources":["../src/message-guard.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAQxD;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,cAAc,EACtB,MAAM,EAAE,oBAAoB,IAEd,OAAO;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,KAAG,OAAO,CAAC;IAAE,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,SAAS,CAAC,CAyChE"}
|
package/dist/message-guard.js
CHANGED
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
* Discord, Slack, WhatsApp). Can cancel messages containing PII/secrets
|
|
6
6
|
* or redact sensitive content.
|
|
7
7
|
*/
|
|
8
|
+
import { recordMessageScanned, recordMessageCancelled, recordMessageRedacted, recordGovernanceError, } from "./metrics.js";
|
|
8
9
|
/**
|
|
9
10
|
* Create the message_sending hook handler.
|
|
10
11
|
*
|
|
@@ -17,23 +18,27 @@ export function createMessageSendingHandler(client, config) {
|
|
|
17
18
|
if (!event.content) {
|
|
18
19
|
return undefined;
|
|
19
20
|
}
|
|
21
|
+
recordMessageScanned();
|
|
20
22
|
let check;
|
|
21
23
|
try {
|
|
22
24
|
check = await client.mcpCheckOutput("openclaw.message_sending", event.content);
|
|
23
25
|
}
|
|
24
26
|
catch {
|
|
27
|
+
recordGovernanceError();
|
|
25
28
|
if (config.onError === "allow") {
|
|
26
29
|
return undefined; // Fail-open: allow message through ungoverned
|
|
27
30
|
}
|
|
28
|
-
|
|
31
|
+
recordMessageCancelled();
|
|
29
32
|
return { cancel: true };
|
|
30
33
|
}
|
|
31
34
|
if (!check.allowed) {
|
|
35
|
+
recordMessageCancelled();
|
|
32
36
|
return {
|
|
33
37
|
cancel: true,
|
|
34
38
|
};
|
|
35
39
|
}
|
|
36
40
|
if (check.redacted_data != null) {
|
|
41
|
+
recordMessageRedacted();
|
|
37
42
|
return {
|
|
38
43
|
content: typeof check.redacted_data === "string"
|
|
39
44
|
? check.redacted_data
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"message-guard.js","sourceRoot":"","sources":["../src/message-guard.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"message-guard.js","sourceRoot":"","sources":["../src/message-guard.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,cAAc,CAAC;AAEtB;;;;;;GAMG;AACH,MAAM,UAAU,2BAA2B,CACzC,MAAsB,EACtB,MAA4B;IAE5B,OAAO,KAAK,EAAE,KAIb,EAA+D,EAAE;QAChE,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACnB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,oBAAoB,EAAE,CAAC;QAEvB,IAAI,KAAK,CAAC;QACV,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,MAAM,CAAC,cAAc,CACjC,0BAA0B,EAC1B,KAAK,CAAC,OAAO,CACd,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,qBAAqB,EAAE,CAAC;YACxB,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBAC/B,OAAO,SAAS,CAAC,CAAC,8CAA8C;YAClE,CAAC;YACD,sBAAsB,EAAE,CAAC;YACzB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;QAC1B,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACnB,sBAAsB,EAAE,CAAC;YACzB,OAAO;gBACL,MAAM,EAAE,IAAI;aACb,CAAC;QACJ,CAAC;QAED,IAAI,KAAK,CAAC,aAAa,IAAI,IAAI,EAAE,CAAC;YAChC,qBAAqB,EAAE,CAAC;YACxB,OAAO;gBACL,OAAO,EACL,OAAO,KAAK,CAAC,aAAa,KAAK,QAAQ;oBACrC,CAAC,CAAC,KAAK,CAAC,aAAa;oBACrB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,aAAa,CAAC;aAC1C,CAAC;QACJ,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* In-process governance metrics counter.
|
|
3
|
+
*
|
|
4
|
+
* Tracks tool calls blocked, allowed, approved, messages cancelled/redacted,
|
|
5
|
+
* and audit events since plugin initialization. Not persisted — resets on
|
|
6
|
+
* process restart. Accessible via getMetrics() for debugging and monitoring.
|
|
7
|
+
*/
|
|
8
|
+
export interface GovernanceMetrics {
|
|
9
|
+
/** Total tool calls evaluated by before_tool_call */
|
|
10
|
+
toolCallsEvaluated: number;
|
|
11
|
+
/** Tool calls blocked by policy */
|
|
12
|
+
toolCallsBlocked: number;
|
|
13
|
+
/** Tool calls that required approval (highRiskTools) */
|
|
14
|
+
toolCallsApprovalRequired: number;
|
|
15
|
+
/** Tool calls allowed through */
|
|
16
|
+
toolCallsAllowed: number;
|
|
17
|
+
/** Outbound messages scanned by message_sending */
|
|
18
|
+
messagesScanned: number;
|
|
19
|
+
/** Messages cancelled (blocked or AxonFlow unreachable with onError=block) */
|
|
20
|
+
messagesCancelled: number;
|
|
21
|
+
/** Messages redacted (PII/secrets found) */
|
|
22
|
+
messagesRedacted: number;
|
|
23
|
+
/** Audit events sent (after_tool_call + llm_output) */
|
|
24
|
+
auditEventsSent: number;
|
|
25
|
+
/** Errors during governance checks (AxonFlow unreachable, etc.) */
|
|
26
|
+
governanceErrors: number;
|
|
27
|
+
/** Plugin start timestamp */
|
|
28
|
+
startedAt: string;
|
|
29
|
+
}
|
|
30
|
+
export declare function recordToolCallEvaluated(): void;
|
|
31
|
+
export declare function recordToolCallBlocked(): void;
|
|
32
|
+
export declare function recordToolCallApprovalRequired(): void;
|
|
33
|
+
export declare function recordToolCallAllowed(): void;
|
|
34
|
+
export declare function recordMessageScanned(): void;
|
|
35
|
+
export declare function recordMessageCancelled(): void;
|
|
36
|
+
export declare function recordMessageRedacted(): void;
|
|
37
|
+
export declare function recordAuditEventSent(): void;
|
|
38
|
+
export declare function recordGovernanceError(): void;
|
|
39
|
+
/** Get a snapshot of current governance metrics. */
|
|
40
|
+
export declare function getMetrics(): Readonly<GovernanceMetrics>;
|
|
41
|
+
/** Reset all counters (for testing). */
|
|
42
|
+
export declare function resetMetrics(): void;
|
|
43
|
+
//# sourceMappingURL=metrics.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../src/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,WAAW,iBAAiB;IAChC,qDAAqD;IACrD,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mCAAmC;IACnC,gBAAgB,EAAE,MAAM,CAAC;IACzB,wDAAwD;IACxD,yBAAyB,EAAE,MAAM,CAAC;IAClC,iCAAiC;IACjC,gBAAgB,EAAE,MAAM,CAAC;IACzB,mDAAmD;IACnD,eAAe,EAAE,MAAM,CAAC;IACxB,8EAA8E;IAC9E,iBAAiB,EAAE,MAAM,CAAC;IAC1B,4CAA4C;IAC5C,gBAAgB,EAAE,MAAM,CAAC;IACzB,uDAAuD;IACvD,eAAe,EAAE,MAAM,CAAC;IACxB,mEAAmE;IACnE,gBAAgB,EAAE,MAAM,CAAC;IACzB,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;CACnB;AAmBD,wBAAgB,uBAAuB,IAAI,IAAI,CAE9C;AAED,wBAAgB,qBAAqB,IAAI,IAAI,CAE5C;AAED,wBAAgB,8BAA8B,IAAI,IAAI,CAErD;AAED,wBAAgB,qBAAqB,IAAI,IAAI,CAE5C;AAED,wBAAgB,oBAAoB,IAAI,IAAI,CAE3C;AAED,wBAAgB,sBAAsB,IAAI,IAAI,CAE7C;AAED,wBAAgB,qBAAqB,IAAI,IAAI,CAE5C;AAED,wBAAgB,oBAAoB,IAAI,IAAI,CAE3C;AAED,wBAAgB,qBAAqB,IAAI,IAAI,CAE5C;AAED,oDAAoD;AACpD,wBAAgB,UAAU,IAAI,QAAQ,CAAC,iBAAiB,CAAC,CAExD;AAED,wCAAwC;AACxC,wBAAgB,YAAY,IAAI,IAAI,CAEnC"}
|
package/dist/metrics.js
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* In-process governance metrics counter.
|
|
3
|
+
*
|
|
4
|
+
* Tracks tool calls blocked, allowed, approved, messages cancelled/redacted,
|
|
5
|
+
* and audit events since plugin initialization. Not persisted — resets on
|
|
6
|
+
* process restart. Accessible via getMetrics() for debugging and monitoring.
|
|
7
|
+
*/
|
|
8
|
+
let metrics = createFreshMetrics();
|
|
9
|
+
function createFreshMetrics() {
|
|
10
|
+
return {
|
|
11
|
+
toolCallsEvaluated: 0,
|
|
12
|
+
toolCallsBlocked: 0,
|
|
13
|
+
toolCallsApprovalRequired: 0,
|
|
14
|
+
toolCallsAllowed: 0,
|
|
15
|
+
messagesScanned: 0,
|
|
16
|
+
messagesCancelled: 0,
|
|
17
|
+
messagesRedacted: 0,
|
|
18
|
+
auditEventsSent: 0,
|
|
19
|
+
governanceErrors: 0,
|
|
20
|
+
startedAt: new Date().toISOString(),
|
|
21
|
+
};
|
|
22
|
+
}
|
|
23
|
+
export function recordToolCallEvaluated() {
|
|
24
|
+
metrics.toolCallsEvaluated++;
|
|
25
|
+
}
|
|
26
|
+
export function recordToolCallBlocked() {
|
|
27
|
+
metrics.toolCallsBlocked++;
|
|
28
|
+
}
|
|
29
|
+
export function recordToolCallApprovalRequired() {
|
|
30
|
+
metrics.toolCallsApprovalRequired++;
|
|
31
|
+
}
|
|
32
|
+
export function recordToolCallAllowed() {
|
|
33
|
+
metrics.toolCallsAllowed++;
|
|
34
|
+
}
|
|
35
|
+
export function recordMessageScanned() {
|
|
36
|
+
metrics.messagesScanned++;
|
|
37
|
+
}
|
|
38
|
+
export function recordMessageCancelled() {
|
|
39
|
+
metrics.messagesCancelled++;
|
|
40
|
+
}
|
|
41
|
+
export function recordMessageRedacted() {
|
|
42
|
+
metrics.messagesRedacted++;
|
|
43
|
+
}
|
|
44
|
+
export function recordAuditEventSent() {
|
|
45
|
+
metrics.auditEventsSent++;
|
|
46
|
+
}
|
|
47
|
+
export function recordGovernanceError() {
|
|
48
|
+
metrics.governanceErrors++;
|
|
49
|
+
}
|
|
50
|
+
/** Get a snapshot of current governance metrics. */
|
|
51
|
+
export function getMetrics() {
|
|
52
|
+
return { ...metrics };
|
|
53
|
+
}
|
|
54
|
+
/** Reset all counters (for testing). */
|
|
55
|
+
export function resetMetrics() {
|
|
56
|
+
metrics = createFreshMetrics();
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=metrics.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../src/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAyBH,IAAI,OAAO,GAAsB,kBAAkB,EAAE,CAAC;AAEtD,SAAS,kBAAkB;IACzB,OAAO;QACL,kBAAkB,EAAE,CAAC;QACrB,gBAAgB,EAAE,CAAC;QACnB,yBAAyB,EAAE,CAAC;QAC5B,gBAAgB,EAAE,CAAC;QACnB,eAAe,EAAE,CAAC;QAClB,iBAAiB,EAAE,CAAC;QACpB,gBAAgB,EAAE,CAAC;QACnB,eAAe,EAAE,CAAC;QAClB,gBAAgB,EAAE,CAAC;QACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,OAAO,CAAC,kBAAkB,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,gBAAgB,EAAE,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,8BAA8B;IAC5C,OAAO,CAAC,yBAAyB,EAAE,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,gBAAgB,EAAE,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,eAAe,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,sBAAsB;IACpC,OAAO,CAAC,iBAAiB,EAAE,CAAC;AAC9B,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,gBAAgB,EAAE,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,eAAe,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,gBAAgB,EAAE,CAAC;AAC7B,CAAC;AAED,oDAAoD;AACpD,MAAM,UAAU,UAAU;IACxB,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;AACxB,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,YAAY;IAC1B,OAAO,GAAG,kBAAkB,EAAE,CAAC;AACjC,CAAC"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Anonymous usage telemetry for the OpenClaw plugin.
|
|
3
|
+
*
|
|
4
|
+
* Sends a single fire-and-forget ping on plugin initialization to
|
|
5
|
+
* checkpoint.getaxonflow.com. Collects SDK version, platform info,
|
|
6
|
+
* and OpenClaw version. No PII, no tool arguments, no policy data.
|
|
7
|
+
*
|
|
8
|
+
* Opt out: DO_NOT_TRACK=1 or AXONFLOW_TELEMETRY=off
|
|
9
|
+
*/
|
|
10
|
+
export interface TelemetryPayload {
|
|
11
|
+
sdk: string;
|
|
12
|
+
sdk_version: string;
|
|
13
|
+
platform_version: string | null;
|
|
14
|
+
os: string;
|
|
15
|
+
arch: string;
|
|
16
|
+
runtime_version: string;
|
|
17
|
+
deployment_mode: string;
|
|
18
|
+
features: string[];
|
|
19
|
+
instance_id: string;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Send an anonymous telemetry ping on plugin initialization.
|
|
23
|
+
*
|
|
24
|
+
* Fire-and-forget: errors are silently swallowed, 3-second timeout
|
|
25
|
+
* prevents blocking. Never affects plugin behavior.
|
|
26
|
+
*/
|
|
27
|
+
export declare function sendTelemetryPing(options: {
|
|
28
|
+
endpoint: string;
|
|
29
|
+
pluginVersion: string;
|
|
30
|
+
hookCount: number;
|
|
31
|
+
highRiskToolCount: number;
|
|
32
|
+
onError: string;
|
|
33
|
+
}): void;
|
|
34
|
+
//# sourceMappingURL=telemetry.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAkEH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AA2BD;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAkEP"}
|
|
@@ -0,0 +1,153 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Anonymous usage telemetry for the OpenClaw plugin.
|
|
3
|
+
*
|
|
4
|
+
* Sends a single fire-and-forget ping on plugin initialization to
|
|
5
|
+
* checkpoint.getaxonflow.com. Collects SDK version, platform info,
|
|
6
|
+
* and OpenClaw version. No PII, no tool arguments, no policy data.
|
|
7
|
+
*
|
|
8
|
+
* Opt out: DO_NOT_TRACK=1 or AXONFLOW_TELEMETRY=off
|
|
9
|
+
*/
|
|
10
|
+
const CHECKPOINT_URL = "https://checkpoint.getaxonflow.com/v1/ping";
|
|
11
|
+
const TELEMETRY_TIMEOUT_MS = 3000;
|
|
12
|
+
function generateInstanceId() {
|
|
13
|
+
try {
|
|
14
|
+
if (typeof crypto !== "undefined" &&
|
|
15
|
+
typeof crypto.randomUUID === "function") {
|
|
16
|
+
return crypto.randomUUID();
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
catch {
|
|
20
|
+
// Fall through to fallback
|
|
21
|
+
}
|
|
22
|
+
return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
|
|
23
|
+
const r = (Math.random() * 16) | 0;
|
|
24
|
+
const v = c === "x" ? r : (r & 0x3) | 0x8;
|
|
25
|
+
return v.toString(16);
|
|
26
|
+
});
|
|
27
|
+
}
|
|
28
|
+
function isOptedOut() {
|
|
29
|
+
if (typeof process === "undefined" || !process.env) {
|
|
30
|
+
return false;
|
|
31
|
+
}
|
|
32
|
+
if (process.env.DO_NOT_TRACK?.trim() === "1") {
|
|
33
|
+
return true;
|
|
34
|
+
}
|
|
35
|
+
if (process.env.AXONFLOW_TELEMETRY?.trim().toLowerCase() === "off") {
|
|
36
|
+
return true;
|
|
37
|
+
}
|
|
38
|
+
return false;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Check whether the endpoint is a localhost/loopback address.
|
|
42
|
+
* Suppresses telemetry for local development only.
|
|
43
|
+
*/
|
|
44
|
+
function isLocalhostEndpoint(endpoint) {
|
|
45
|
+
try {
|
|
46
|
+
const url = new URL(endpoint);
|
|
47
|
+
const host = url.hostname;
|
|
48
|
+
return (host === "localhost" ||
|
|
49
|
+
host === "127.0.0.1" ||
|
|
50
|
+
host === "[::1]" ||
|
|
51
|
+
host === "::1");
|
|
52
|
+
}
|
|
53
|
+
catch {
|
|
54
|
+
return false;
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
function resolveCheckpointUrl() {
|
|
58
|
+
if (typeof process !== "undefined" &&
|
|
59
|
+
process.env &&
|
|
60
|
+
process.env.AXONFLOW_CHECKPOINT_URL) {
|
|
61
|
+
return process.env.AXONFLOW_CHECKPOINT_URL;
|
|
62
|
+
}
|
|
63
|
+
return CHECKPOINT_URL;
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Detect the AxonFlow platform version via /health endpoint.
|
|
67
|
+
*/
|
|
68
|
+
async function detectPlatformVersion(endpoint) {
|
|
69
|
+
const controller = new AbortController();
|
|
70
|
+
const timeoutId = setTimeout(() => controller.abort(), 2000);
|
|
71
|
+
try {
|
|
72
|
+
const resp = await fetch(`${endpoint}/health`, {
|
|
73
|
+
method: "GET",
|
|
74
|
+
signal: controller.signal,
|
|
75
|
+
});
|
|
76
|
+
clearTimeout(timeoutId);
|
|
77
|
+
if (!resp.ok)
|
|
78
|
+
return null;
|
|
79
|
+
const body = (await resp.json());
|
|
80
|
+
return typeof body.version === "string" && body.version
|
|
81
|
+
? body.version
|
|
82
|
+
: null;
|
|
83
|
+
}
|
|
84
|
+
catch {
|
|
85
|
+
clearTimeout(timeoutId);
|
|
86
|
+
return null;
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Send an anonymous telemetry ping on plugin initialization.
|
|
91
|
+
*
|
|
92
|
+
* Fire-and-forget: errors are silently swallowed, 3-second timeout
|
|
93
|
+
* prevents blocking. Never affects plugin behavior.
|
|
94
|
+
*/
|
|
95
|
+
export function sendTelemetryPing(options) {
|
|
96
|
+
if (isOptedOut()) {
|
|
97
|
+
return;
|
|
98
|
+
}
|
|
99
|
+
// Suppress telemetry for localhost endpoints by default
|
|
100
|
+
if (isLocalhostEndpoint(options.endpoint)) {
|
|
101
|
+
return;
|
|
102
|
+
}
|
|
103
|
+
if (typeof console !== "undefined") {
|
|
104
|
+
console.log("[AxonFlow] Anonymous telemetry enabled. Opt out: AXONFLOW_TELEMETRY=off | https://docs.getaxonflow.com/docs/telemetry");
|
|
105
|
+
}
|
|
106
|
+
const checkpointUrl = resolveCheckpointUrl();
|
|
107
|
+
const payload = {
|
|
108
|
+
sdk: "openclaw-plugin",
|
|
109
|
+
sdk_version: options.pluginVersion,
|
|
110
|
+
platform_version: null,
|
|
111
|
+
os: typeof process !== "undefined" ? process.platform : "unknown",
|
|
112
|
+
arch: typeof process !== "undefined" ? process.arch : "unknown",
|
|
113
|
+
runtime_version: typeof process !== "undefined"
|
|
114
|
+
? process.version.replace(/^v/, "")
|
|
115
|
+
: "unknown",
|
|
116
|
+
deployment_mode: options.onError === "block" ? "production" : "development",
|
|
117
|
+
features: [
|
|
118
|
+
`hooks:${options.hookCount}`,
|
|
119
|
+
`high_risk_tools:${options.highRiskToolCount}`,
|
|
120
|
+
`on_error:${options.onError}`,
|
|
121
|
+
],
|
|
122
|
+
instance_id: generateInstanceId(),
|
|
123
|
+
};
|
|
124
|
+
try {
|
|
125
|
+
void (async () => {
|
|
126
|
+
try {
|
|
127
|
+
payload.platform_version = await detectPlatformVersion(options.endpoint);
|
|
128
|
+
}
|
|
129
|
+
catch {
|
|
130
|
+
// Silent — platform version remains null
|
|
131
|
+
}
|
|
132
|
+
const controller = new AbortController();
|
|
133
|
+
const timeoutId = setTimeout(() => controller.abort(), TELEMETRY_TIMEOUT_MS);
|
|
134
|
+
try {
|
|
135
|
+
await fetch(checkpointUrl, {
|
|
136
|
+
method: "POST",
|
|
137
|
+
headers: { "Content-Type": "application/json" },
|
|
138
|
+
body: JSON.stringify(payload),
|
|
139
|
+
signal: controller.signal,
|
|
140
|
+
});
|
|
141
|
+
}
|
|
142
|
+
finally {
|
|
143
|
+
clearTimeout(timeoutId);
|
|
144
|
+
}
|
|
145
|
+
})().catch(() => {
|
|
146
|
+
// Silent failure — telemetry should never affect plugin behavior
|
|
147
|
+
});
|
|
148
|
+
}
|
|
149
|
+
catch {
|
|
150
|
+
// Silent failure
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
//# sourceMappingURL=telemetry.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,cAAc,GAAG,4CAA4C,CAAC;AACpE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,IACE,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,EACvC,CAAC;YACD,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IACD,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;QACnE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC1C,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE,CAAC;QACnE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC1B,OAAO,CACL,IAAI,KAAK,WAAW;YACpB,IAAI,KAAK,WAAW;YACpB,IAAI,KAAK,OAAO;YAChB,IAAI,KAAK,KAAK,CACf,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB;IAC3B,IACE,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,uBAAuB,EACnC,CAAC;QACD,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAC7C,CAAC;IACD,OAAO,cAAc,CAAC;AACxB,CAAC;AAcD;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAgB;IAEhB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,CAAC;IAC7D,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,SAAS,EAAE;YAC7C,MAAM,EAAE,KAAK;YACb,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC5D,OAAO,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,OAAO;YACrD,CAAC,CAAC,IAAI,CAAC,OAAO;YACd,CAAC,CAAC,IAAI,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAMjC;IACC,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,wDAAwD;IACxD,IAAI,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1C,OAAO;IACT,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CACT,uHAAuH,CACxH,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,oBAAoB,EAAE,CAAC;IAE7C,MAAM,OAAO,GAAqB;QAChC,GAAG,EAAE,iBAAiB;QACtB,WAAW,EAAE,OAAO,CAAC,aAAa;QAClC,gBAAgB,EAAE,IAAI;QACtB,EAAE,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACjE,IAAI,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC/D,eAAe,EACb,OAAO,OAAO,KAAK,WAAW;YAC5B,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,CAAC,CAAC,SAAS;QACf,eAAe,EAAE,OAAO,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa;QAC3E,QAAQ,EAAE;YACR,SAAS,OAAO,CAAC,SAAS,EAAE;YAC5B,mBAAmB,OAAO,CAAC,iBAAiB,EAAE;YAC9C,YAAY,OAAO,CAAC,OAAO,EAAE;SAC9B;QACD,WAAW,EAAE,kBAAkB,EAAE;KAClC,CAAC;IAEF,IAAI,CAAC;QACH,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,IAAI,CAAC;gBACH,OAAO,CAAC,gBAAgB,GAAG,MAAM,qBAAqB,CACpD,OAAO,CAAC,QAAQ,CACjB,CAAC;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,yCAAyC;YAC3C,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,oBAAoB,CAAC,CAAC;YAE7E,IAAI,CAAC;gBACH,MAAM,KAAK,CAAC,aAAa,EAAE;oBACzB,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;oBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;oBAAS,CAAC;gBACT,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;YACd,iEAAiE;QACnE,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,iBAAiB;IACnB,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axonflow/openclaw",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "1.0.0",
|
|
4
4
|
"description": "Policy enforcement, approval gates, and audit trails for OpenClaw — govern tool inputs before execution, scan outbound messages for PII/secrets, and record agent activity for review and compliance",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -74,7 +74,8 @@
|
|
|
74
74
|
"typescript-eslint": "^8.58.0"
|
|
75
75
|
},
|
|
76
76
|
"publishConfig": {
|
|
77
|
-
"access": "public"
|
|
77
|
+
"access": "public",
|
|
78
|
+
"provenance": true
|
|
78
79
|
},
|
|
79
80
|
"peerDependenciesMeta": {
|
|
80
81
|
"@axonflow/sdk": {
|
|
@@ -88,6 +89,10 @@
|
|
|
88
89
|
"compat": {
|
|
89
90
|
"pluginApi": ">=2026.3.22",
|
|
90
91
|
"minGatewayVersion": "2026.3.22"
|
|
92
|
+
},
|
|
93
|
+
"build": {
|
|
94
|
+
"openclawVersion": "2026.3.22",
|
|
95
|
+
"pluginSdkVersion": "2026.3.22"
|
|
91
96
|
}
|
|
92
97
|
}
|
|
93
98
|
}
|
package/policies/README.md
CHANGED
|
@@ -4,7 +4,7 @@ Default policy configurations for protecting OpenClaw deployments with AxonFlow.
|
|
|
4
4
|
|
|
5
5
|
## Why These Policies Matter
|
|
6
6
|
|
|
7
|
-
As of March 2026, OpenClaw has 135,000+
|
|
7
|
+
As of March 2026, OpenClaw has 500K+ deployed instances (135,000+ publicly exposed), 13+ CVEs disclosed (including CVE-2026-32922 and CVE-2026-32973 at CVSS 9.8), and the ClawHavoc supply chain attack poisoned 1,184 skills in ClawHub. Microsoft recommends: "It is not appropriate to run on a standard personal or enterprise workstation."
|
|
8
8
|
|
|
9
9
|
AxonFlow adds centralized governance at key data boundaries: tool inputs (before execution), outbound messages (before delivery), and LLM calls (audit). Tool result transcript scanning is pending async hook support in OpenClaw.
|
|
10
10
|
|