@axonflow/openclaw 0.2.0 → 1.1.0

package/CHANGELOG.md

@@ -1,5 +1,36 @@
 # Changelog
 
+## [1.1.0] - 2026-04-06
+
+### Added
+
+- `requestTimeoutMs` plugin config for tuning AxonFlow HTTP request timeouts on remote or high-latency deployments.
+- Plugin logo for marketplace and directory listings.
+- `SECURITY.md` with plugin-specific vulnerability reporting guidance.
+
+### Changed
+
+- Anonymous telemetry is enabled by default for all endpoints, including localhost/self-hosted evaluation. Opt out with `DO_NOT_TRACK=1` or `AXONFLOW_TELEMETRY=off`.
+
+## [1.0.0] - 2026-04-05
+
+### BREAKING CHANGES
+
+- **`X-Tenant-ID` header removed.** The plugin no longer sends `X-Tenant-ID`. The server derives tenant from OAuth2 Client Credentials (Basic auth). Requires platform v6.0.0+.
+- **`tenantId` config removed.** Both `clientId` and `clientSecret` default to `"community"` when not configured. The `tenantId` field is removed — tenant is derived server-side.
+
+### Added
+
+- `searchAuditEvents()` method on `AxonFlowClient` for individual audit event inspection. Enables debugging why something was blocked, generating compliance reports, and answering "what did the agent do in the last hour?"
+- Hardened E2E test suite: 24 tests covering dangerous command blocking (reverse shell, rm -rf, SSRF, path traversal, credential access), PII detection with redaction assertions, and audit search.
+
+### Security
+
+- Bumped `@anthropic-ai/sdk` transitive dependency from 0.80.0 to 0.82.0 (fixes CVE-2026-34451: memory tool path validation sandbox escape).
+- Replaced polynomial regex in endpoint URL normalization with iterative loop (ReDoS mitigation).
+- Added explicit `permissions: contents: read` to CI workflow (least privilege).
+- Removed hardcoded Base64 auth string from test file (secret scanning false positive).
+
 ## [0.2.0] - 2026-04-01 (initial public release)
 
 ### Added
@@ -14,7 +45,7 @@
 - Fail-open/fail-closed: `onError` config controls behavior when AxonFlow is unreachable.
 - **Startup health check**: Verifies AxonFlow connectivity on plugin initialization. Logs a warning if unreachable, indicating whether the plugin will fail-open or fail-closed.
 - **Governance metrics**: In-process counters for tool calls (evaluated, blocked, approved, allowed), messages (scanned, cancelled, redacted), audit events, and errors. Accessible via `getMetrics()` for debugging and monitoring.
-- **Usage telemetry**: Anonymous checkpoint ping on initialization reporting SDK version, platform info, and hook configuration. Respects `DO_NOT_TRACK=1` and `AXONFLOW_TELEMETRY=off`. Suppressed for localhost endpoints.
+- **Usage telemetry**: Anonymous checkpoint ping on initialization reporting SDK version, platform info, and hook configuration. Respects `DO_NOT_TRACK=1` and `AXONFLOW_TELEMETRY=off`.
 - Starter policy documentation with SQL setup for OpenClaw production baseline.
 
 ### Not Yet Supported

package/README.md

@@ -2,15 +2,18 @@
 
 **Policy enforcement, approval gates, and audit trails for [OpenClaw](https://github.com/openclaw/openclaw).**
 
-OpenClaw handles agent runtime, tool execution, MCP connectivity, and channel delivery. AxonFlow adds a governance layer for production use: inspect tool inputs before execution, scan outbound messages before delivery, and record tool + LLM activity for review, security, and compliance.
+## Why
 
-This plugin is useful when you want to:
-- block dangerous tool calls before they run
-- require approval for selected high-risk tools
-- prevent PII or secrets from being sent to users
-- keep an audit trail of agent activity with policy context
+OpenClaw is widely deployed with [13+ CVEs disclosed in 2026](https://github.com/jgamblin/OpenClawCVEs/) (multiple CVSS 9.8+), [135,000+ publicly exposed instances](https://www.bitsight.com/blog/openclaw-ai-security-risks-exposed-instances), and [1,184 malicious skills](https://cyberpress.org/clawhavoc-poisons-openclaws-clawhub-with-1184-malicious-skills/) poisoned in ClawHub via the ClawHavoc supply chain attack. OpenClaw provides agent runtime and tool execution but no centralized policy enforcement, no PII scanning, and no compliance-grade audit trails.
+
+This plugin adds the governance layer. AxonFlow governs, OpenClaw orchestrates. No LLM provider keys needed — OpenClaw handles all LLM calls, AxonFlow only enforces policies and records audit trails. Your data stays on your infrastructure.
 
-Much of the OpenClaw ecosystem today focuses on routing, memory, integrations, and observability. This plugin focuses on governance: policy enforcement, approval gates, and reviewable audit trails.
+This plugin is useful when you want to:
+- block dangerous tool calls (reverse shells, SSRF, destructive commands) before they run
+- detect and redact PII and secrets in outbound messages before delivery
+- require human approval for high-risk tools (exec, web_fetch, message)
+- keep a compliance-grade audit trail of every tool call and LLM interaction
+- gain visibility into token usage and LLM activity across agents via audit trails
 
 ## What It Does
 
@@ -40,6 +43,19 @@ What is not protected yet:
 
 If OpenClaw adds async support for `tool_result_persist`, AxonFlow can add transcript/result scanning immediately. Upstream issue: [openclaw/openclaw#58558](https://github.com/openclaw/openclaw/issues/58558).
 
+## Prerequisites
+
+This plugin connects to [AxonFlow](https://github.com/getaxonflow/axonflow), a self-hosted governance platform, for policy evaluation and audit logging. AxonFlow must be running before you use the plugin. Your data stays on your infrastructure.
+
+```bash
+# Start AxonFlow (Docker — runs entirely on your machine)
+git clone https://github.com/getaxonflow/axonflow.git
+cd axonflow
+docker compose up -d
+```
+
+See [Getting Started](https://docs.getaxonflow.com/docs/getting-started/) for full setup options.
+
 ## Install
 
 ```bash
@@ -54,8 +70,12 @@ In your OpenClaw config:
 plugins:
   @axonflow/openclaw:
     endpoint: http://localhost:8080
-    clientId: your-client-id
-    clientSecret: your-secret
+    # In community mode, clientId defaults to "community"
+    # and clientSecret can be left unset.
+    # Set both only for evaluation/enterprise credentials.
+    # clientId: your-client-id
+    # clientSecret: your-client-secret
+    # requestTimeoutMs: 8000
     highRiskTools:
       - web_fetch
       - message
@@ -66,13 +86,20 @@ plugins:
 | Option | Required | Default | Description |
 |--------|----------|---------|-------------|
 | `endpoint` | Yes | — | AxonFlow agent gateway URL |
-| `clientId` | Yes | — | AxonFlow client ID |
-| `clientSecret` | Yes | — | AxonFlow client secret |
+| `clientId` | No | `"community"` | Tenant identity for data isolation. Override for evaluation/enterprise. |
+| `clientSecret` | No | `""` | License key for evaluation/enterprise features. Requires `clientId` to be set. |
 | `highRiskTools` | No | `[]` | Tools that require human approval even when policy allows |
 | `governedTools` | No | `[]` (all) | Tools to govern. Empty = all tools. |
 | `excludedTools` | No | `[]` | Tools to exclude from governance |
 | `defaultOperation` | No | `"execute"` | Operation type for mcp_check_input (`"execute"` or `"query"`) |
 | `onError` | No | `"block"` | Behavior when AxonFlow is unreachable: `"block"` (fail-closed) or `"allow"` (fail-open) |
+| `requestTimeoutMs` | No | `8000` | Timeout for policy checks, output scans, audit writes, and health checks. Increase for remote AxonFlow deployments. |
+
+**Valid configurations:**
+- Both omitted → community mode (`clientId` defaults to `"community"`)
+- `clientId` only → community mode with custom tenant identity
+- Both set → licensed mode (evaluation/enterprise)
+- `clientSecret` only → **error** (licensed mode requires explicit tenant identity to prevent data going to the wrong tenant)
 
 ## How It Works
 
@@ -127,18 +154,13 @@ Message delivered to user channel
 
 ## Telemetry
 
-This plugin sends an anonymous telemetry ping on initialization to help us understand usage patterns. The ping includes: plugin version, platform info (OS, architecture, Node.js version), AxonFlow platform version, and hook configuration (count, onError mode). No PII, no tool arguments, no policy data.
+This plugin sends an anonymous telemetry ping on initialization to help us understand usage patterns, including local and self-hosted evaluations. The ping includes: plugin version, platform info (OS, architecture, Node.js version), AxonFlow platform version, and hook configuration (count, onError mode). No PII, no tool arguments, no policy data.
 
 Opt out:
 - `DO_NOT_TRACK=1` (standard)
 - `AXONFLOW_TELEMETRY=off`
 
-Telemetry is automatically suppressed for localhost/loopback endpoints.
-
-## Prerequisites
-
-- [AxonFlow](https://github.com/getaxonflow/axonflow) running (Docker or production)
-- OpenClaw 1.0+
+The startup ping is enabled by default for local, self-hosted, and remote deployments. Opt-out controls always win.
 
 ## Starter Policies
 

package/dist/axonflow-client.d.ts

@@ -19,14 +19,15 @@ export interface MCPCheckOutputResponse {
 export declare class AxonFlowClient {
     private readonly endpoint;
     private readonly authHeader;
-    private readonly tenantId;
+    private readonly requestTimeoutMs;
     constructor(config: AxonFlowPluginConfig);
     private baseHeaders;
+    private fetchWithTimeout;
     mcpCheckInput(connectorType: string, statement: string, operation?: string): Promise<MCPCheckInputResponse>;
     mcpCheckOutput(connectorType: string, message: string): Promise<MCPCheckOutputResponse>;
     /**
      * Log a tool execution to the audit trail.
-     * Uses POST /api/v1/audit/tool-call (requires X-Tenant-ID header).
+     * Uses POST /api/v1/audit/tool-call (tenant derived from Basic auth).
      */
     auditToolCall(toolName: string, params: Record<string, unknown>, result?: unknown, error?: string, durationMs?: number): Promise<void>;
     /**
@@ -42,6 +43,22 @@ export declare class AxonFlowClient {
         completion_tokens: number;
         total_tokens: number;
     }, latencyMs: number): Promise<void>;
+    /**
+     * Search individual audit event records.
+     *
+     * Returns tool call details, policy evaluations, and timestamps
+     * for compliance evidence and debugging.
+     */
+    searchAuditEvents(options?: {
+        startTime?: string;
+        endTime?: string;
+        requestType?: string;
+        limit?: number;
+    }): Promise<{
+        entries: unknown[];
+        total: number;
+        error?: string;
+    }>;
     healthCheck(): Promise<boolean>;
 }
 //# sourceMappingURL=axonflow-client.d.ts.map

package/dist/axonflow-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"axonflow-client.d.ts","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAyBD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;gBAEtB,MAAM,EAAE,oBAAoB;IAYxC,OAAO,CAAC,WAAW;IAQb,aAAa,CACjB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,EACjB,SAAS,GAAE,MAAkB,GAC5B,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,cAAc,CAClB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,sBAAsB,CAAC;IA2ClC;;;OAGG;IACG,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,MAAM,CAAC,EAAE,OAAO,EAChB,KAAK,CAAC,EAAE,MAAM,EACd,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAqBhB;;;;;;;OAOG;IACG,YAAY,CAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,eAAe,EAAE,MAAM,EACvB,UAAU,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,EACtF,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IAoBV,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC;CAQtC"}
+{"version":3,"file":"axonflow-client.d.ts","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAyBD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;gBAC9B,MAAM,EAAE,oBAAoB;IAYxC,OAAO,CAAC,WAAW;YASL,gBAAgB;IAiBxB,aAAa,CACjB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,EACjB,SAAS,GAAE,MAAkB,GAC5B,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,cAAc,CAClB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,sBAAsB,CAAC;IA2ClC;;;OAGG;IACG,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,MAAM,CAAC,EAAE,OAAO,EAChB,KAAK,CAAC,EAAE,MAAM,EACd,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAqBhB;;;;;;;OAOG;IACG,YAAY,CAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,eAAe,EAAE,MAAM,EACvB,UAAU,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,EACtF,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IAoBhB;;;;;OAKG;IACG,iBAAiB,CAAC,OAAO,CAAC,EAAE;QAChC,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IA2B5D,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC;CAQtC"}

package/dist/axonflow-client.js

@@ -29,26 +29,41 @@ function extractPoliciesEvaluated(data) {
 export class AxonFlowClient {
     endpoint;
     authHeader;
-    tenantId;
+    requestTimeoutMs;
     constructor(config) {
-        this.endpoint = config.endpoint.replace(/\/+$/, "");
+        // Strip trailing slashes without regex (avoids ReDoS on polynomial patterns)
+        let ep = config.endpoint;
+        while (ep.endsWith("/"))
+            ep = ep.slice(0, -1);
+        this.endpoint = ep;
+        this.requestTimeoutMs = config.requestTimeoutMs ?? 8000;
         const credentials = Buffer.from(`${config.clientId}:${config.clientSecret}`).toString("base64");
         this.authHeader = `Basic ${credentials}`;
-        // clientId serves as tenantId for single-tenant setups.
-        // The Agent proxy normally injects X-Tenant-ID after auth, but
-        // direct Orchestrator calls (audit/tool-call) require it explicitly.
-        this.tenantId = config.clientId;
     }
     baseHeaders() {
+        // Tenant is derived from Basic auth credentials on the server side (RFC 6749).
+        // X-Tenant-ID header is no longer sent — server knows tenant from auth.
         return {
             "Content-Type": "application/json",
             Authorization: this.authHeader,
-            "X-Tenant-ID": this.tenantId,
         };
     }
+    async fetchWithTimeout(url, init) {
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), this.requestTimeoutMs);
+        try {
+            return await fetch(url, {
+                ...init,
+                signal: controller.signal,
+            });
+        }
+        finally {
+            clearTimeout(timeoutId);
+        }
+    }
     async mcpCheckInput(connectorType, statement, operation = "execute") {
         const url = `${this.endpoint}/api/v1/mcp/check-input`;
-        const response = await fetch(url, {
+        const response = await this.fetchWithTimeout(url, {
             method: "POST",
             headers: this.baseHeaders(),
             body: JSON.stringify({
@@ -82,7 +97,7 @@ export class AxonFlowClient {
     }
     async mcpCheckOutput(connectorType, message) {
         const url = `${this.endpoint}/api/v1/mcp/check-output`;
-        const response = await fetch(url, {
+        const response = await this.fetchWithTimeout(url, {
             method: "POST",
             headers: this.baseHeaders(),
             body: JSON.stringify({
@@ -116,12 +131,12 @@ export class AxonFlowClient {
     }
     /**
      * Log a tool execution to the audit trail.
-     * Uses POST /api/v1/audit/tool-call (requires X-Tenant-ID header).
+     * Uses POST /api/v1/audit/tool-call (tenant derived from Basic auth).
      */
     async auditToolCall(toolName, params, result, error, durationMs) {
         const url = `${this.endpoint}/api/v1/audit/tool-call`;
         try {
-            await fetch(url, {
+            await this.fetchWithTimeout(url, {
                 method: "POST",
                 headers: this.baseHeaders(),
                 body: JSON.stringify({
@@ -150,7 +165,7 @@ export class AxonFlowClient {
     async auditLLMCall(provider, model, query, responseSummary, tokenUsage, latencyMs) {
         const url = `${this.endpoint}/api/v1/audit/tool-call`;
         try {
-            await fetch(url, {
+            await this.fetchWithTimeout(url, {
                 method: "POST",
                 headers: this.baseHeaders(),
                 body: JSON.stringify({
@@ -167,9 +182,40 @@ export class AxonFlowClient {
             // Audit failures are non-fatal
         }
     }
+    /**
+     * Search individual audit event records.
+     *
+     * Returns tool call details, policy evaluations, and timestamps
+     * for compliance evidence and debugging.
+     */
+    async searchAuditEvents(options) {
+        const url = `${this.endpoint}/api/v1/audit/search`;
+        const now = new Date();
+        const oneHourAgo = new Date(now.getTime() - 60 * 60 * 1000);
+        const body = {
+            start_time: options?.startTime ?? oneHourAgo.toISOString(),
+            end_time: options?.endTime ?? now.toISOString(),
+            limit: Math.min(options?.limit ?? 20, 100),
+            ...(options?.requestType && { request_type: options.requestType }),
+        };
+        try {
+            const response = await this.fetchWithTimeout(url, {
+                method: "POST",
+                headers: this.baseHeaders(),
+                body: JSON.stringify(body),
+            });
+            if (!response.ok) {
+                return { entries: [], total: 0, error: `HTTP ${response.status}` };
+            }
+            return (await response.json());
+        }
+        catch (e) {
+            return { entries: [], total: 0, error: e instanceof Error ? e.message : "Unknown error" };
+        }
+    }
     async healthCheck() {
         try {
-            const response = await fetch(`${this.endpoint}/health`);
+            const response = await this.fetchWithTimeout(`${this.endpoint}/health`);
             return response.ok;
         }
         catch {

package/dist/axonflow-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"axonflow-client.js","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,IAA6B;IAC7D,IAAI,OAAO,IAAI,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IACvC,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QAC1D,MAAM,EAAE,GAAG,UAAqC,CAAC;QACjD,IAAI,OAAO,EAAE,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjD,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QACzC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,OAAO,cAAc;IACR,QAAQ,CAAS;IACjB,UAAU,CAAS;IACnB,QAAQ,CAAS;IAElC,YAAY,MAA4B;QACtC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACpD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAC7B,GAAG,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAC5C,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,SAAS,WAAW,EAAE,CAAC;QACzC,wDAAwD;QACxD,+DAA+D;QAC/D,qEAAqE;QACrE,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAClC,CAAC;IAEO,WAAW;QACjB,OAAO;YACL,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,IAAI,CAAC,UAAU;YAC9B,aAAa,EAAE,IAAI,CAAC,QAAQ;SAC7B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,aAAqB,EACrB,SAAiB,EACjB,YAAoB,SAAS;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,SAAS;gBACT,SAAS;aACV,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,gCAAgC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,aAAqB,EACrB,OAAe;QAEf,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,0BAA0B,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,OAAO;aACR,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,iCAAiC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,SAAS;YACjD,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CACjB,QAAgB,EAChB,MAA+B,EAC/B,MAAgB,EAChB,KAAc,EACd,UAAmB;QAEnB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,GAAG,EAAE;gBACf,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,QAAQ;oBACnB,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,MAAM;oBACb,MAAM,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;oBACrF,OAAO,EAAE,KAAK,IAAI,IAAI;oBACtB,aAAa,EAAE,KAAK;oBACpB,WAAW,EAAE,UAAU;iBACxB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,KAAa,EACb,KAAa,EACb,eAAuB,EACvB,UAAsF,EACtF,SAAiB;QAEjB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,GAAG,EAAE;gBACf,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,GAAG,QAAQ,IAAI,KAAK,EAAE;oBACjC,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;oBACrC,MAAM,EAAE,EAAE,gBAAgB,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE;oBACpF,OAAO,EAAE,IAAI;oBACb,WAAW,EAAE,SAAS;iBACvB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,QAAQ,SAAS,CAAC,CAAC;YACxD,OAAO,QAAQ,CAAC,EAAE,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}
+{"version":3,"file":"axonflow-client.js","sourceRoot":"","sources":["../src/axonflow-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,IAA6B;IAC7D,IAAI,OAAO,IAAI,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IACvC,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QAC1D,MAAM,EAAE,GAAG,UAAqC,CAAC;QACjD,IAAI,OAAO,EAAE,CAAC,oBAAoB,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjD,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QACzC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,OAAO,cAAc;IACR,QAAQ,CAAS;IACjB,UAAU,CAAS;IACnB,gBAAgB,CAAS;IAC1C,YAAY,MAA4B;QACtC,6EAA6E;QAC7E,IAAI,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;QACzB,OAAO,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,IAAI,IAAI,CAAC;QACxD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAC7B,GAAG,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAC5C,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,SAAS,WAAW,EAAE,CAAC;IAC3C,CAAC;IAEO,WAAW;QACjB,+EAA+E;QAC/E,wEAAwE;QACxE,OAAO;YACL,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,IAAI,CAAC,UAAU;SAC/B,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,GAAW,EACX,IAAkB;QAElB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE9E,IAAI,CAAC;YACH,OAAO,MAAM,KAAK,CAAC,GAAG,EAAE;gBACtB,GAAG,IAAI;gBACP,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,SAAS,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,aAAqB,EACrB,SAAiB,EACjB,YAAoB,SAAS;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,SAAS;gBACT,SAAS;aACV,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,gCAAgC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,aAAqB,EACrB,OAAe;QAEf,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,0BAA0B,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;YAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,cAAc,EAAE,aAAa;gBAC7B,OAAO;aACR,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;oBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;oBACtB,CAAC,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ;wBACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACf,CAAC,CAAC,mBAAmB;gBAC3B,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,iCAAiC,QAAQ,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI;YACjC,YAAY,EACV,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ;gBACtC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;gBACtB,CAAC,CAAC,SAAS;YACf,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,SAAS;YACjD,kBAAkB,EAAE,wBAAwB,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CACjB,QAAgB,EAChB,MAA+B,EAC/B,MAAgB,EAChB,KAAc,EACd,UAAmB;QAEnB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE;gBAC/B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,QAAQ;oBACnB,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,MAAM;oBACb,MAAM,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;oBACrF,OAAO,EAAE,KAAK,IAAI,IAAI;oBACtB,aAAa,EAAE,KAAK;oBACpB,WAAW,EAAE,UAAU;iBACxB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,KAAa,EACb,KAAa,EACb,eAAuB,EACvB,UAAsF,EACtF,SAAiB;QAEjB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,yBAAyB,CAAC;QACtD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE;gBAC/B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,SAAS,EAAE,GAAG,QAAQ,IAAI,KAAK,EAAE;oBACjC,SAAS,EAAE,UAAU;oBACrB,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;oBACrC,MAAM,EAAE,EAAE,gBAAgB,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE;oBACpF,OAAO,EAAE,IAAI;oBACb,WAAW,EAAE,SAAS;iBACvB,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAKvB;QACC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,sBAAsB,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG;YACX,UAAU,EAAE,OAAO,EAAE,SAAS,IAAI,UAAU,CAAC,WAAW,EAAE;YAC1D,QAAQ,EAAE,OAAO,EAAE,OAAO,IAAI,GAAG,CAAC,WAAW,EAAE;YAC/C,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE,EAAE,GAAG,CAAC;YAC1C,GAAG,CAAC,OAAO,EAAE,WAAW,IAAI,EAAE,YAAY,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;SACnE,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE;gBAChD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE;gBAC3B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,QAAQ,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YACrE,CAAC;YACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA0C,CAAC;QAC1E,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC;QAC5F,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,QAAQ,SAAS,CAAC,CAAC;YACxE,OAAO,QAAQ,CAAC,EAAE,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}

package/dist/config.d.ts

@@ -7,9 +7,9 @@
 export interface AxonFlowPluginConfig {
     /** AxonFlow agent gateway endpoint (e.g., "http://localhost:8080"). */
     endpoint: string;
-    /** AxonFlow client ID for authentication. */
+    /** Tenant identity for data isolation. Defaults to "community" for community mode. */
     clientId: string;
-    /** AxonFlow client secret for authentication. */
+    /** License key for evaluation/enterprise features. Empty for community mode. */
     clientSecret: string;
     /**
      * Tools that require human approval even when AxonFlow allows them.
@@ -39,6 +39,12 @@ export interface AxonFlowPluginConfig {
      * Fail-closed is safer but can cascade AxonFlow failures to the agent.
      */
     onError?: "block" | "allow";
+    /**
+     * Timeout for AxonFlow HTTP calls in milliseconds.
+     * Applies to policy checks, output scans, audit writes, and health checks.
+     * Defaults to 8000ms.
+     */
+    requestTimeoutMs?: number;
 }
 /** Validate plugin config and return defaults. */
 export declare function resolveConfig(raw: Record<string, unknown> | undefined): AxonFlowPluginConfig;

package/dist/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,oBAAoB;IACnC,uEAAuE;IACvE,QAAQ,EAAE,MAAM,CAAC;IAEjB,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAC;IAEjB,iDAAiD;IACjD,YAAY,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;CAC7B;AAED,kDAAkD;AAClD,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,GACvC,oBAAoB,CA0CtB;AAED,0DAA0D;AAC1D,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,oBAAoB,GAC3B,OAAO,CAWT"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,oBAAoB;IACnC,uEAAuE;IACvE,QAAQ,EAAE,MAAM,CAAC;IAEjB,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAC;IAEjB,gFAAgF;IAChF,YAAY,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAE5B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,kDAAkD;AAClD,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,GACvC,oBAAoB,CAsDtB;AAED,0DAA0D;AAC1D,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,oBAAoB,GAC3B,OAAO,CAWT"}

package/dist/config.js

@@ -13,14 +13,17 @@ export function resolveConfig(raw) {
     if (typeof endpoint !== "string" || !endpoint) {
         throw new Error("AxonFlow plugin: 'endpoint' is required (e.g., 'http://localhost:8080')");
     }
-    const clientId = raw["clientId"];
-    if (typeof clientId !== "string" || !clientId) {
-        throw new Error("AxonFlow plugin: 'clientId' is required");
-    }
-    const clientSecret = raw["clientSecret"];
-    if (typeof clientSecret !== "string" || !clientSecret) {
-        throw new Error("AxonFlow plugin: 'clientSecret' is required");
+    // Defaults match SDK behavior: community mode works out of the box.
+    // Override with your evaluation/enterprise license credentials.
+    const rawClientId = typeof raw["clientId"] === "string" ? raw["clientId"] : "";
+    const rawClientSecret = typeof raw["clientSecret"] === "string" ? raw["clientSecret"] : "";
+    // Reject clientSecret without clientId — licensed mode must specify the tenant
+    if (!rawClientId && rawClientSecret) {
+        throw new Error("AxonFlow plugin: 'clientId' is required when 'clientSecret' is set. " +
+            "Set clientId to your tenant identity (e.g., your deployment's AXONFLOW_CLIENT_ID).");
     }
+    const clientId = rawClientId || "community";
+    const clientSecret = rawClientSecret;
     return {
         endpoint,
         clientId,
@@ -38,6 +41,11 @@ export function resolveConfig(raw) {
             ? raw["defaultOperation"]
             : "execute",
         onError: raw["onError"] === "allow" ? "allow" : "block",
+        requestTimeoutMs: typeof raw["requestTimeoutMs"] === "number" &&
+            Number.isFinite(raw["requestTimeoutMs"]) &&
+            raw["requestTimeoutMs"] > 0
+            ? raw["requestTimeoutMs"]
+            : 8000,
     };
 }
 /** Check if a tool should be governed based on config. */

package/dist/config.js.map

@@ -1 +1 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA8CH,kDAAkD;AAClD,MAAM,UAAU,aAAa,CAC3B,GAAwC;IAExC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,kHAAkH,CACnH,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;IAC7F,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,YAAY,GAAG,GAAG,CAAC,cAAc,CAAC,CAAC;IACzC,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,OAAO;QACL,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,gBAAgB,EACd,OAAO,GAAG,CAAC,kBAAkB,CAAC,KAAK,QAAQ;YACzC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC;YACzB,CAAC,CAAC,SAAS;QACf,OAAO,EACL,GAAG,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;KACjD,CAAC;AACJ,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,MAA4B;IAE5B,iCAAiC;IACjC,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,yDAAyD;IACzD,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjD,CAAC;IACD,4BAA4B;IAC5B,OAAO,IAAI,CAAC;AACd,CAAC"}
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAqDH,kDAAkD;AAClD,MAAM,UAAU,aAAa,CAC3B,GAAwC;IAExC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,kHAAkH,CACnH,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;IAC7F,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,MAAM,WAAW,GAAG,OAAO,GAAG,CAAC,UAAU,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC/E,MAAM,eAAe,GAAG,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE3F,+EAA+E;IAC/E,IAAI,CAAC,WAAW,IAAI,eAAe,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,sEAAsE;YACtE,oFAAoF,CACrF,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,IAAI,WAAW,CAAC;IAC5C,MAAM,YAAY,GAAG,eAAe,CAAC;IAErC,OAAO;QACL,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAChD,CAAC,CAAE,GAAG,CAAC,eAAe,CAAc;YACpC,CAAC,CAAC,EAAE;QACN,gBAAgB,EACd,OAAO,GAAG,CAAC,kBAAkB,CAAC,KAAK,QAAQ;YACzC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC;YACzB,CAAC,CAAC,SAAS;QACf,OAAO,EACL,GAAG,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QAChD,gBAAgB,EACd,OAAO,GAAG,CAAC,kBAAkB,CAAC,KAAK,QAAQ;YAC3C,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACxC,GAAG,CAAC,kBAAkB,CAAC,GAAG,CAAC;YACzB,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC;YACzB,CAAC,CAAC,IAAI;KACX,CAAC;AACJ,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,MAA4B;IAE5B,iCAAiC;IACjC,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,yDAAyD;IACzD,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjD,CAAC;IACD,4BAA4B;IAC5B,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/index.d.ts

@@ -31,7 +31,7 @@
  * for async hook support.
  */
 /** Plugin version — update before each release. */
-export declare const VERSION = "0.2.0";
+export declare const VERSION = "1.1.0";
 export { AxonFlowClient } from "./axonflow-client.js";
 export type { AxonFlowPluginConfig } from "./config.js";
 export { resolveConfig, shouldGovernTool } from "./config.js";

package/dist/index.js

@@ -39,7 +39,7 @@ import { createLlmInputHandler, createLlmOutputHandler } from "./llm-audit.js";
 import { sendTelemetryPing } from "./telemetry.js";
 import { resetMetrics } from "./metrics.js";
 /** Plugin version — update before each release. */
-export const VERSION = "0.2.0";
+export const VERSION = "1.1.0";
 // Re-export for external consumers
 export { AxonFlowClient } from "./axonflow-client.js";
 export { resolveConfig, shouldGovernTool } from "./config.js";

package/dist/telemetry.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAkEH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AA2BD;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAkEP"}
+{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA+CH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AA2BD;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CA6DP"}

package/dist/telemetry.js

@@ -37,23 +37,6 @@ function isOptedOut() {
     }
     return false;
 }
-/**
- * Check whether the endpoint is a localhost/loopback address.
- * Suppresses telemetry for local development only.
- */
-function isLocalhostEndpoint(endpoint) {
-    try {
-        const url = new URL(endpoint);
-        const host = url.hostname;
-        return (host === "localhost" ||
-            host === "127.0.0.1" ||
-            host === "[::1]" ||
-            host === "::1");
-    }
-    catch {
-        return false;
-    }
-}
 function resolveCheckpointUrl() {
     if (typeof process !== "undefined" &&
         process.env &&
@@ -96,12 +79,8 @@ export function sendTelemetryPing(options) {
     if (isOptedOut()) {
         return;
     }
-    // Suppress telemetry for localhost endpoints by default
-    if (isLocalhostEndpoint(options.endpoint)) {
-        return;
-    }
     if (typeof console !== "undefined") {
-        console.log("[AxonFlow] Anonymous telemetry enabled. Opt out: AXONFLOW_TELEMETRY=off | https://docs.getaxonflow.com/docs/telemetry");
+        console.log("[AxonFlow] Anonymous telemetry enabled for local and self-hosted use. Opt out: DO_NOT_TRACK=1 or AXONFLOW_TELEMETRY=off | https://docs.getaxonflow.com/docs/telemetry");
     }
     const checkpointUrl = resolveCheckpointUrl();
     const payload = {

package/dist/telemetry.js.map

@@ -1 +1 @@
-{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,cAAc,GAAG,4CAA4C,CAAC;AACpE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,IACE,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,EACvC,CAAC;YACD,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IACD,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;QACnE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC1C,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE,CAAC;QACnE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC1B,OAAO,CACL,IAAI,KAAK,WAAW;YACpB,IAAI,KAAK,WAAW;YACpB,IAAI,KAAK,OAAO;YAChB,IAAI,KAAK,KAAK,CACf,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB;IAC3B,IACE,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,uBAAuB,EACnC,CAAC;QACD,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAC7C,CAAC;IACD,OAAO,cAAc,CAAC;AACxB,CAAC;AAcD;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAgB;IAEhB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,CAAC;IAC7D,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,SAAS,EAAE;YAC7C,MAAM,EAAE,KAAK;YACb,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC5D,OAAO,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,OAAO;YACrD,CAAC,CAAC,IAAI,CAAC,OAAO;YACd,CAAC,CAAC,IAAI,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAMjC;IACC,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,wDAAwD;IACxD,IAAI,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1C,OAAO;IACT,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CACT,uHAAuH,CACxH,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,oBAAoB,EAAE,CAAC;IAE7C,MAAM,OAAO,GAAqB;QAChC,GAAG,EAAE,iBAAiB;QACtB,WAAW,EAAE,OAAO,CAAC,aAAa;QAClC,gBAAgB,EAAE,IAAI;QACtB,EAAE,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACjE,IAAI,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC/D,eAAe,EACb,OAAO,OAAO,KAAK,WAAW;YAC5B,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,CAAC,CAAC,SAAS;QACf,eAAe,EAAE,OAAO,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa;QAC3E,QAAQ,EAAE;YACR,SAAS,OAAO,CAAC,SAAS,EAAE;YAC5B,mBAAmB,OAAO,CAAC,iBAAiB,EAAE;YAC9C,YAAY,OAAO,CAAC,OAAO,EAAE;SAC9B;QACD,WAAW,EAAE,kBAAkB,EAAE;KAClC,CAAC;IAEF,IAAI,CAAC;QACH,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,IAAI,CAAC;gBACH,OAAO,CAAC,gBAAgB,GAAG,MAAM,qBAAqB,CACpD,OAAO,CAAC,QAAQ,CACjB,CAAC;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,yCAAyC;YAC3C,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,oBAAoB,CAAC,CAAC;YAE7E,IAAI,CAAC;gBACH,MAAM,KAAK,CAAC,aAAa,EAAE;oBACzB,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;oBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;oBAAS,CAAC;gBACT,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;YACd,iEAAiE;QACnE,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,iBAAiB;IACnB,CAAC;AACH,CAAC"}
+{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,cAAc,GAAG,4CAA4C,CAAC;AACpE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,IACE,OAAO,MAAM,KAAK,WAAW;YAC7B,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,EACvC,CAAC;YACD,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IACD,OAAO,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;QACnE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;QAC1C,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE,CAAC;QACnE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB;IAC3B,IACE,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,CAAC,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,uBAAuB,EACnC,CAAC;QACD,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAC7C,CAAC;IACD,OAAO,cAAc,CAAC;AACxB,CAAC;AAcD;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAgB;IAEhB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,CAAC;IAC7D,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,SAAS,EAAE;YAC7C,MAAM,EAAE,KAAK;YACb,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC5D,OAAO,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,OAAO;YACrD,CAAC,CAAC,IAAI,CAAC,OAAO;YACd,CAAC,CAAC,IAAI,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAMjC;IACC,IAAI,UAAU,EAAE,EAAE,CAAC;QACjB,OAAO;IACT,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CACT,uKAAuK,CACxK,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,oBAAoB,EAAE,CAAC;IAE7C,MAAM,OAAO,GAAqB;QAChC,GAAG,EAAE,iBAAiB;QACtB,WAAW,EAAE,OAAO,CAAC,aAAa;QAClC,gBAAgB,EAAE,IAAI;QACtB,EAAE,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QACjE,IAAI,EAAE,OAAO,OAAO,KAAK,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC/D,eAAe,EACb,OAAO,OAAO,KAAK,WAAW;YAC5B,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,CAAC,CAAC,SAAS;QACf,eAAe,EAAE,OAAO,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa;QAC3E,QAAQ,EAAE;YACR,SAAS,OAAO,CAAC,SAAS,EAAE;YAC5B,mBAAmB,OAAO,CAAC,iBAAiB,EAAE;YAC9C,YAAY,OAAO,CAAC,OAAO,EAAE;SAC9B;QACD,WAAW,EAAE,kBAAkB,EAAE;KAClC,CAAC;IAEF,IAAI,CAAC;QACH,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,IAAI,CAAC;gBACH,OAAO,CAAC,gBAAgB,GAAG,MAAM,qBAAqB,CACpD,OAAO,CAAC,QAAQ,CACjB,CAAC;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,yCAAyC;YAC3C,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,oBAAoB,CAAC,CAAC;YAE7E,IAAI,CAAC;gBACH,MAAM,KAAK,CAAC,aAAa,EAAE;oBACzB,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;oBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;oBAAS,CAAC;gBACT,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE;YACd,iEAAiE;QACnE,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,iBAAiB;IACnB,CAAC;AACH,CAAC"}

package/openclaw.plugin.json

@@ -39,6 +39,12 @@
       "placeholder": "execute",
       "help": "Operation type for mcp_check_input: 'execute' (default) or 'query' for read-only tools",
       "advanced": true
+    },
+    "requestTimeoutMs": {
+      "label": "Request Timeout (ms)",
+      "placeholder": "8000",
+      "help": "Timeout for AxonFlow policy checks, output scans, audit writes, and health checks. Increase for remote deployments.",
+      "advanced": true
     }
   },
   "configSchema": {
@@ -85,6 +91,10 @@
           "block",
           "allow"
         ]
+      },
+      "requestTimeoutMs": {
+        "type": "number",
+        "minimum": 1
       }
     },
     "required": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@axonflow/openclaw",
-  "version": "0.2.0",
+  "version": "1.1.0",
   "description": "Policy enforcement, approval gates, and audit trails for OpenClaw — govern tool inputs before execution, scan outbound messages for PII/secrets, and record agent activity for review and compliance",
   "type": "module",
   "main": "dist/index.js",
@@ -89,6 +89,10 @@
     "compat": {
       "pluginApi": ">=2026.3.22",
       "minGatewayVersion": "2026.3.22"
+    },
+    "build": {
+      "openclawVersion": "2026.3.22",
+      "pluginSdkVersion": "2026.3.22"
     }
   }
 }

package/policies/README.md

@@ -4,7 +4,7 @@ Default policy configurations for protecting OpenClaw deployments with AxonFlow.
 
 ## Why These Policies Matter
 
-As of March 2026, OpenClaw has 135,000+ instances exposed on the public internet, 4 CVEs disclosed (including CVE-2026-25253 at CVSS 8.8), and the ClawHavoc supply chain attack poisoned 1,184 skills in ClawHub. Microsoft recommends: "It is not appropriate to run on a standard personal or enterprise workstation."
+As of March 2026, OpenClaw has 500K+ deployed instances (135,000+ publicly exposed), 13+ CVEs disclosed (including CVE-2026-32922 and CVE-2026-32973 at CVSS 9.8), and the ClawHavoc supply chain attack poisoned 1,184 skills in ClawHub. Microsoft recommends: "It is not appropriate to run on a standard personal or enterprise workstation."
 
 AxonFlow adds centralized governance at key data boundaries: tool inputs (before execution), outbound messages (before delivery), and LLM calls (audit). Tool result transcript scanning is pending async hook support in OpenClaw.