@blekline/contracts 0.1.0

package/LICENSE

@@ -0,0 +1,5 @@
+                                 Apache License
+                           Version 2.0, January 2004
+
+This package is licensed under Apache-2.0.
+See https://github.com/Blekline/blekline-oss/blob/main/LICENSE-APACHE

package/README.md

@@ -0,0 +1,21 @@
+# @blekline/contracts
+
+Shared types, Zod schemas, secret patterns, and local MCP tool enforcement for the Blekline ingress platform.
+
+## Exports
+
+- `maskRequestSchema`, `MaskResponse`
+- `eventIngestSchema`, `EventIngest`
+- `enforceToolCallRequestSchema`, `enforceToolCallLocally`
+- `McpToolPolicy`, `resolveMcpToolPolicyDecision`
+- `scanTextForSecrets`, `BLEKLINE_HEADERS`
+
+## OpenAPI
+
+Machine-readable API spec: [`openapi.yaml`](./openapi.yaml)
+
+## Build
+
+```bash
+pnpm --filter @blekline/contracts build
+```

package/dist/auth.d.ts

@@ -0,0 +1,13 @@
+export declare const WORKSPACE_TOOL_SCOPES: readonly ["mask:write", "events:write", "events:read", "integrations:write"];
+export type WorkspaceToolScope = (typeof WORKSPACE_TOOL_SCOPES)[number];
+export declare const BLEKLINE_HEADERS: {
+    readonly workspaceToken: "x-blekline-workspace-token";
+    readonly workspaceId: "x-blekline-workspace-id";
+    readonly requestId: "x-request-id";
+    readonly clientSurface: "x-blekline-client-surface";
+    readonly modelProvider: "x-blekline-model-provider";
+    readonly modelId: "x-blekline-model-id";
+};
+export type ClientSurface = "cursor" | "claude-desktop" | "codex" | "sdk" | "extension" | "unknown";
+export type ModelProvider = "anthropic" | "openai" | "google" | "xai" | "cursor" | "unknown";
+//# sourceMappingURL=auth.d.ts.map

package/dist/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qBAAqB,8EAKxB,CAAC;AAEX,MAAM,MAAM,kBAAkB,GAAG,CAAC,OAAO,qBAAqB,CAAC,CAAC,MAAM,CAAC,CAAC;AAExE,eAAO,MAAM,gBAAgB;;;;;;;CAOnB,CAAC;AAEX,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,WAAW,GAAG,SAAS,CAAC;AAEpG,MAAM,MAAM,aAAa,GAAG,WAAW,GAAG,QAAQ,GAAG,QAAQ,GAAG,KAAK,GAAG,QAAQ,GAAG,SAAS,CAAC"}

package/dist/auth.js

@@ -0,0 +1,14 @@
+export const WORKSPACE_TOOL_SCOPES = [
+    "mask:write",
+    "events:write",
+    "events:read",
+    "integrations:write",
+];
+export const BLEKLINE_HEADERS = {
+    workspaceToken: "x-blekline-workspace-token",
+    workspaceId: "x-blekline-workspace-id",
+    requestId: "x-request-id",
+    clientSurface: "x-blekline-client-surface",
+    modelProvider: "x-blekline-model-provider",
+    modelId: "x-blekline-model-id",
+};

package/dist/enforce-local.d.ts

@@ -0,0 +1,9 @@
+import type { EnforceToolCallResult } from "./enforcement.js";
+import type { McpToolPolicy } from "./mcp-policy.js";
+export declare function enforceToolCallLocally(input: {
+    toolName: string;
+    arguments: Record<string, unknown>;
+    requestId: string;
+    mcpToolPolicy?: McpToolPolicy;
+}): EnforceToolCallResult;
+//# sourceMappingURL=enforce-local.d.ts.map

package/dist/enforce-local.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforce-local.d.ts","sourceRoot":"","sources":["../src/enforce-local.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAsC,MAAM,kBAAkB,CAAC;AAClG,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AA+DrD,wBAAgB,sBAAsB,CAAC,KAAK,EAAE;IAC5C,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B,GAAG,qBAAqB,CAyDxB"}

package/dist/enforce-local.js

@@ -0,0 +1,108 @@
+import { resolveMcpToolPolicyDecision } from "./mcp-policy.js";
+import { scanTextForSecrets } from "./secret-patterns.js";
+const DESTRUCTIVE_RE = /\brm\s+-rf\b|\bformat\s+c:\b|\bdrop\s+database\b/i;
+function stringifyArgs(args) {
+    try {
+        return JSON.stringify(args);
+    }
+    catch {
+        return String(args);
+    }
+}
+function maskStringValue(input) {
+    const findings = scanTextForSecrets(input);
+    if (findings.length === 0)
+        return { text: input, count: 0 };
+    let out = input;
+    let offset = 0;
+    let count = 0;
+    const sorted = [...findings].sort((a, b) => a.start - b.start);
+    for (const f of sorted) {
+        const start = f.start + offset;
+        const end = f.end + offset;
+        const token = `[${f.label}]`;
+        out = out.slice(0, start) + token + out.slice(end);
+        offset += token.length - (f.end - f.start);
+        count += 1;
+    }
+    return { text: out, count };
+}
+function maskDeep(value, fieldPath, findings) {
+    if (typeof value === "string") {
+        const scan = scanTextForSecrets(value);
+        for (const s of scan) {
+            findings.push({ id: s.id, label: s.label, field: fieldPath });
+        }
+        const masked = maskStringValue(value);
+        return { value: masked.text, count: masked.count };
+    }
+    if (Array.isArray(value)) {
+        let count = 0;
+        const next = value.map((item, i) => {
+            const r = maskDeep(item, `${fieldPath}[${i}]`, findings);
+            count += r.count;
+            return r.value;
+        });
+        return { value: next, count };
+    }
+    if (value && typeof value === "object") {
+        let count = 0;
+        const next = {};
+        for (const [k, v] of Object.entries(value)) {
+            const r = maskDeep(v, fieldPath ? `${fieldPath}.${k}` : k, findings);
+            count += r.count;
+            next[k] = r.value;
+        }
+        return { value: next, count };
+    }
+    return { value, count: 0 };
+}
+export function enforceToolCallLocally(input) {
+    const findings = [];
+    const blob = stringifyArgs(input.arguments);
+    if (DESTRUCTIVE_RE.test(blob)) {
+        findings.push({ id: "destructive_command", label: "DESTRUCTIVE", field: "arguments" });
+        return {
+            action: "block",
+            maskedArguments: input.arguments,
+            findings,
+            entitiesMasked: 0,
+            riskTier: "high",
+            requestId: input.requestId,
+        };
+    }
+    const secretScan = scanTextForSecrets(blob);
+    for (const s of secretScan) {
+        findings.push({ id: s.id, label: s.label });
+    }
+    const masked = maskDeep(input.arguments, "", findings);
+    const entitiesMasked = masked.count;
+    let action = "allow";
+    let riskTier = "low";
+    const hasHighRiskSecret = secretScan.some((s) => ["aws_access_key", "openai_sk", "openai_sk_proj", "stripe_sk", "jwt", "ssn"].includes(s.id));
+    if (hasHighRiskSecret && entitiesMasked > 0) {
+        action = "mask";
+        riskTier = "high";
+    }
+    else if (entitiesMasked > 0) {
+        action = "mask";
+        riskTier = "medium";
+    }
+    if (input.mcpToolPolicy) {
+        action = resolveMcpToolPolicyDecision(input.mcpToolPolicy, input.toolName, action);
+        if (action === "block") {
+            riskTier = "high";
+            if (!findings.some((f) => f.id === "policy_denied")) {
+                findings.push({ id: "policy_denied", label: "POLICY", field: "toolName" });
+            }
+        }
+    }
+    return {
+        action,
+        maskedArguments: masked.value,
+        findings,
+        entitiesMasked,
+        riskTier,
+        requestId: input.requestId,
+    };
+}

package/dist/enforcement.d.ts

@@ -0,0 +1,30 @@
+import { z } from "zod";
+export type EnforcementAction = "allow" | "mask" | "block";
+export declare const enforceToolCallRequestSchema: z.ZodObject<{
+    toolName: z.ZodString;
+    arguments: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+    platform: z.ZodOptional<z.ZodString>;
+    clientSurface: z.ZodOptional<z.ZodEnum<{
+        cursor: "cursor";
+        "claude-desktop": "claude-desktop";
+        codex: "codex";
+        sdk: "sdk";
+        extension: "extension";
+        unknown: "unknown";
+    }>>;
+}, z.core.$strip>;
+export type EnforceToolCallRequest = z.infer<typeof enforceToolCallRequestSchema>;
+export type ToolCallFinding = {
+    id: string;
+    label: string;
+    field?: string;
+};
+export type EnforceToolCallResult = {
+    action: EnforcementAction;
+    maskedArguments: Record<string, unknown>;
+    findings: ToolCallFinding[];
+    entitiesMasked: number;
+    riskTier: "low" | "medium" | "high";
+    requestId: string;
+};
+//# sourceMappingURL=enforcement.d.ts.map

package/dist/enforcement.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcement.d.ts","sourceRoot":"","sources":["../src/enforcement.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,MAAM,iBAAiB,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;AAE3D,eAAO,MAAM,4BAA4B;;;;;;;;;;;;iBAKvC,CAAC;AAEH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAElF,MAAM,MAAM,eAAe,GAAG;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,EAAE,iBAAiB,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC"}

package/dist/enforcement.js

@@ -0,0 +1,7 @@
+import { z } from "zod";
+export const enforceToolCallRequestSchema = z.object({
+    toolName: z.string().min(1).max(120),
+    arguments: z.record(z.string(), z.unknown()),
+    platform: z.string().max(40).optional(),
+    clientSurface: z.enum(["cursor", "claude-desktop", "codex", "sdk", "extension", "unknown"]).optional(),
+});

package/dist/events.d.ts

@@ -0,0 +1,39 @@
+import { z } from "zod";
+export declare const eventIngestSchema: z.ZodObject<{
+    platform: z.ZodOptional<z.ZodString>;
+    kind: z.ZodOptional<z.ZodString>;
+    entitiesMasked: z.ZodOptional<z.ZodNumber>;
+    riskTier: z.ZodOptional<z.ZodEnum<{
+        low: "low";
+        medium: "medium";
+        high: "high";
+    }>>;
+    sourceHost: z.ZodOptional<z.ZodString>;
+    action: z.ZodOptional<z.ZodString>;
+    maskProvider: z.ZodOptional<z.ZodEnum<{
+        azure: "azure";
+        fallback_local: "fallback_local";
+    }>>;
+    maskPhase: z.ZodOptional<z.ZodString>;
+    clientSurface: z.ZodOptional<z.ZodEnum<{
+        cursor: "cursor";
+        "claude-desktop": "claude-desktop";
+        codex: "codex";
+        sdk: "sdk";
+        extension: "extension";
+        unknown: "unknown";
+    }>>;
+    modelProvider: z.ZodOptional<z.ZodEnum<{
+        cursor: "cursor";
+        unknown: "unknown";
+        anthropic: "anthropic";
+        openai: "openai";
+        google: "google";
+        xai: "xai";
+    }>>;
+    modelId: z.ZodOptional<z.ZodString>;
+    mcpToolName: z.ZodOptional<z.ZodString>;
+    downstreamServer: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export type EventIngest = z.infer<typeof eventIngestSchema>;
+//# sourceMappingURL=events.d.ts.map

package/dist/events.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAc5B,CAAC;AAEH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC"}

package/dist/events.js

@@ -0,0 +1,16 @@
+import { z } from "zod";
+export const eventIngestSchema = z.object({
+    platform: z.string().max(40).optional(),
+    kind: z.string().max(48).optional(),
+    entitiesMasked: z.number().int().min(0).max(5000).optional(),
+    riskTier: z.enum(["low", "medium", "high"]).optional(),
+    sourceHost: z.string().max(253).optional(),
+    action: z.string().max(48).optional(),
+    maskProvider: z.enum(["azure", "fallback_local"]).optional(),
+    maskPhase: z.string().max(48).optional(),
+    clientSurface: z.enum(["cursor", "claude-desktop", "codex", "sdk", "extension", "unknown"]).optional(),
+    modelProvider: z.enum(["anthropic", "openai", "google", "xai", "cursor", "unknown"]).optional(),
+    modelId: z.string().max(80).optional(),
+    mcpToolName: z.string().max(120).optional(),
+    downstreamServer: z.string().max(80).optional(),
+});

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+export * from "./mcp-policy.js";
+export * from "./auth.js";
+export * from "./mask.js";
+export * from "./events.js";
+export * from "./policy.js";
+export * from "./enforcement.js";
+export * from "./enforce-local.js";
+export * from "./secret-patterns.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,sBAAsB,CAAC"}

package/dist/index.js

@@ -0,0 +1,8 @@
+export * from "./mcp-policy.js";
+export * from "./auth.js";
+export * from "./mask.js";
+export * from "./events.js";
+export * from "./policy.js";
+export * from "./enforcement.js";
+export * from "./enforce-local.js";
+export * from "./secret-patterns.js";

package/dist/mask.d.ts

@@ -0,0 +1,21 @@
+import { z } from "zod";
+export declare const maskRequestSchema: z.ZodObject<{
+    text: z.ZodString;
+    platform: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export type MaskRequest = z.infer<typeof maskRequestSchema>;
+export type WireRedactionAction = "mask_and_send" | "mask_and_confirm" | "block_and_review";
+export type MaskResponse = {
+    maskedText: string;
+    tokenMap: Record<string, string>;
+    entitiesMasked: number;
+    platform: string;
+    provider: "azure" | "fallback_local";
+    requestId: string;
+    piiLanguage?: string;
+    decision?: WireRedactionAction;
+    blocked?: boolean;
+    blockReason?: string;
+};
+export type MaskErrorCode = "billing_required" | "credits_exhausted" | "prompt_limit_exceeded" | "mask_fallback_blocked" | "high_risk_literal_remaining" | "plan_upgrade_required";
+//# sourceMappingURL=mask.d.ts.map

package/dist/mask.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mask.d.ts","sourceRoot":"","sources":["../src/mask.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,iBAAiB;;;iBAG5B,CAAC;AAEH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAE5D,MAAM,MAAM,mBAAmB,GAAG,eAAe,GAAG,kBAAkB,GAAG,kBAAkB,CAAC;AAE5F,MAAM,MAAM,YAAY,GAAG;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,mBAAmB,CAAC;IAC/B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,aAAa,GACrB,kBAAkB,GAClB,mBAAmB,GACnB,uBAAuB,GACvB,uBAAuB,GACvB,6BAA6B,GAC7B,uBAAuB,CAAC"}

package/dist/mask.js

@@ -0,0 +1,5 @@
+import { z } from "zod";
+export const maskRequestSchema = z.object({
+    text: z.string().min(1),
+    platform: z.string().max(40).optional(),
+});

package/dist/mcp-policy.d.ts

@@ -0,0 +1,11 @@
+export type McpToolPolicyAction = "allow" | "mask" | "block";
+export type McpToolPolicy = {
+    allowedTools: string[];
+    deniedTools: string[];
+    defaultAction: McpToolPolicyAction;
+};
+export declare const DEFAULT_MCP_TOOL_POLICY: McpToolPolicy;
+export declare function normalizeMcpToolPolicy(raw: unknown): McpToolPolicy;
+/** Resolve workspace MCP tool policy before local/cloud enforcement. */
+export declare function resolveMcpToolPolicyDecision(policy: McpToolPolicy, toolName: string, localAction: McpToolPolicyAction): McpToolPolicyAction;
+//# sourceMappingURL=mcp-policy.d.ts.map

package/dist/mcp-policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-policy.d.ts","sourceRoot":"","sources":["../src/mcp-policy.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,mBAAmB,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;AAE7D,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,mBAAmB,CAAC;CACpC,CAAC;AAEF,eAAO,MAAM,uBAAuB,EAAE,aAIrC,CAAC;AAEF,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,OAAO,GAAG,aAAa,CAclE;AAED,wEAAwE;AACxE,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,aAAa,EACrB,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,mBAAmB,GAC/B,mBAAmB,CAWrB"}

package/dist/mcp-policy.js

@@ -0,0 +1,38 @@
+export const DEFAULT_MCP_TOOL_POLICY = {
+    allowedTools: [],
+    deniedTools: [],
+    defaultAction: "mask",
+};
+export function normalizeMcpToolPolicy(raw) {
+    if (!raw || typeof raw !== "object")
+        return { ...DEFAULT_MCP_TOOL_POLICY };
+    const o = raw;
+    const allowedTools = Array.isArray(o.allowedTools)
+        ? o.allowedTools.filter((t) => typeof t === "string").map((t) => t.trim()).filter(Boolean).slice(0, 64)
+        : [];
+    const deniedTools = Array.isArray(o.deniedTools)
+        ? o.deniedTools.filter((t) => typeof t === "string").map((t) => t.trim()).filter(Boolean).slice(0, 64)
+        : [];
+    const defaultAction = o.defaultAction === "allow" || o.defaultAction === "mask" || o.defaultAction === "block"
+        ? o.defaultAction
+        : "mask";
+    return { allowedTools, deniedTools, defaultAction };
+}
+/** Resolve workspace MCP tool policy before local/cloud enforcement. */
+export function resolveMcpToolPolicyDecision(policy, toolName, localAction) {
+    const name = toolName.trim().toLowerCase();
+    if (policy.deniedTools.some((t) => t.toLowerCase() === name))
+        return "block";
+    if (policy.allowedTools.length > 0) {
+        const allowed = policy.allowedTools.some((t) => t.toLowerCase() === name);
+        if (!allowed)
+            return "block";
+    }
+    if (localAction === "block")
+        return "block";
+    if (policy.defaultAction === "block")
+        return "block";
+    if (localAction === "mask")
+        return "mask";
+    return policy.defaultAction;
+}

package/dist/policy.d.ts

@@ -0,0 +1,15 @@
+import type { WireRedactionAction } from "./mask.js";
+export type PromptRiskTier = "low" | "medium" | "high";
+export type PolicySimulation = {
+    platform: string;
+    risk: PromptRiskTier;
+    action: WireRedactionAction;
+    matchedKeywords: string[];
+    shieldEnabled: boolean;
+};
+export type PolicySimulateRequest = {
+    prompt: string;
+    platform?: string;
+    sourceHost?: string;
+};
+//# sourceMappingURL=policy.d.ts.map

package/dist/policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../src/policy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAErD,MAAM,MAAM,cAAc,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;AAEvD,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,cAAc,CAAC;IACrB,MAAM,EAAE,mBAAmB,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,aAAa,EAAE,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC"}

package/dist/policy.js

@@ -0,0 +1 @@
+export {};

package/dist/secret-patterns.d.ts

@@ -0,0 +1,16 @@
+/** Portable secret/PII patterns for local fast scan (aligned with webapp detectors). */
+export type SecretPattern = {
+    id: string;
+    label: string;
+    pattern: RegExp;
+};
+export declare function buildSecretPatterns(): SecretPattern[];
+export type ScanFinding = {
+    id: string;
+    label: string;
+    match: string;
+    start: number;
+    end: number;
+};
+export declare function scanTextForSecrets(text: string): ScanFinding[];
+//# sourceMappingURL=secret-patterns.d.ts.map

package/dist/secret-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-patterns.d.ts","sourceRoot":"","sources":["../src/secret-patterns.ts"],"names":[],"mappings":"AAAA,wFAAwF;AAExF,MAAM,MAAM,aAAa,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAE3E,wBAAgB,mBAAmB,IAAI,aAAa,EAAE,CAgBrD;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEF,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,EAAE,CAY9D"}

package/dist/secret-patterns.js

@@ -0,0 +1,32 @@
+/** Portable secret/PII patterns for local fast scan (aligned with webapp detectors). */
+export function buildSecretPatterns() {
+    return [
+        { id: "aws_access_key", label: "AWS_KEY", pattern: /\b(?:AKIA|ASIA|AIDA|AROA|AGPA|AIPA|ANPA|ANVA|APKA|ASCA|ACCA)[A-Z0-9]{16}\b/g },
+        { id: "github_pat", label: "GITHUB", pattern: /\bgh[oprus]_[A-Za-z0-9_]{36,255}\b/g },
+        { id: "github_pat_fine", label: "GITHUB_FINE", pattern: /\bgithub_pat_[A-Za-z0-9_]{80,500}\b/g },
+        { id: "openai_sk", label: "OPENAI", pattern: /\bsk-[A-Za-z0-9]{20,}\b/g },
+        { id: "openai_sk_proj", label: "OPENAI_PROJ", pattern: /\bsk-proj-[A-Za-z0-9_-]{20,500}\b/g },
+        { id: "stripe_sk", label: "STRIPE", pattern: /\b(?:sk|rk)_(?:live|test)_[A-Za-z0-9]{16,128}\b/g },
+        { id: "slack_token", label: "SLACK", pattern: /\bxox[baprs]-[A-Za-z0-9-]{10,128}\b/g },
+        { id: "google_api_key", label: "GOOGLE_KEY", pattern: /\bAIza[0-9A-Za-z_-]{35}\b/g },
+        { id: "jwt", label: "JWT", pattern: /\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b/g },
+        { id: "email", label: "EMAIL", pattern: /[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/gi },
+        { id: "ssn", label: "SSN", pattern: /\b\d{3}-\d{2}-\d{4}\b/g },
+        { id: "iban", label: "IBAN", pattern: /\b[A-Z]{2}\d{2}(?:[ -]?[A-Z0-9]){11,30}\b/gi },
+        { id: "card", label: "CARD", pattern: /\b(?:\d[ -]?){12,19}\b/g },
+    ];
+}
+export function scanTextForSecrets(text) {
+    const findings = [];
+    for (const { id, label, pattern } of buildSecretPatterns()) {
+        const re = new RegExp(pattern.source, pattern.flags.includes("g") ? pattern.flags : `${pattern.flags}g`);
+        let m;
+        while ((m = re.exec(text)) !== null) {
+            const match = m[0];
+            if (match.includes("[") && match.includes("]"))
+                continue;
+            findings.push({ id, label, match, start: m.index, end: m.index + match.length });
+        }
+    }
+    return findings;
+}

package/openapi.yaml

@@ -0,0 +1,248 @@
+openapi: 3.1.0
+info:
+  title: Blekline Ingress Control Plane API
+  version: 1.0.0
+  description: |
+    Enterprise ingress governance for prompts, events, MCP tool calls, and universal LLM proxies.
+servers:
+  - url: https://app.blekline.com
+  - url: http://localhost:3000
+security:
+  - workspaceToken: []
+components:
+  securitySchemes:
+    workspaceToken:
+      type: apiKey
+      in: header
+      name: x-blekline-workspace-token
+  schemas:
+    MaskRequest:
+      type: object
+      required: [text]
+      properties:
+        text:
+          type: string
+        platform:
+          type: string
+    MaskResponse:
+      type: object
+      properties:
+        maskedText:
+          type: string
+        entitiesMasked:
+          type: integer
+        decision:
+          type: string
+          enum: [mask_and_send, mask_and_confirm, block_and_review]
+        provider:
+          type: string
+        requestId:
+          type: string
+        latencyMs:
+          type: number
+          description: Total request latency in milliseconds
+        maskPath:
+          type: string
+          enum: [azure_first, local_first, local_only]
+        region:
+          type: string
+          description: Ingress region label (x-blekline-ingress-region)
+    EnforceToolCallRequest:
+      type: object
+      required: [toolName, arguments]
+      properties:
+        toolName:
+          type: string
+        arguments:
+          type: object
+        platform:
+          type: string
+        clientSurface:
+          type: string
+          enum: [cursor, claude-desktop, codex, sdk, extension, unknown]
+    EnforceToolCallResult:
+      type: object
+      properties:
+        action:
+          type: string
+          enum: [allow, mask, block]
+        maskedArguments:
+          type: object
+        entitiesMasked:
+          type: integer
+        riskTier:
+          type: string
+          enum: [low, medium, high]
+        requestId:
+          type: string
+    McpToolPolicy:
+      type: object
+      properties:
+        allowedTools:
+          type: array
+          items:
+            type: string
+        deniedTools:
+          type: array
+          items:
+            type: string
+        defaultAction:
+          type: string
+          enum: [allow, mask, block]
+paths:
+  /api/mask:
+    post:
+      summary: Mask prompt text
+      operationId: maskPrompt
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/MaskRequest"
+      responses:
+        "200":
+          description: Masked prompt
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/MaskResponse"
+  /api/events:
+    post:
+      summary: Emit governance event (metadata-only)
+      operationId: emitEvent
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [kind, platform]
+              properties:
+                kind:
+                  type: string
+                platform:
+                  type: string
+                entitiesMasked:
+                  type: integer
+                riskTier:
+                  type: string
+                action:
+                  type: string
+                clientSurface:
+                  type: string
+                modelProvider:
+                  type: string
+                modelId:
+                  type: string
+      responses:
+        "200":
+          description: Event accepted
+  /api/mcp/enforce-tool-call:
+    post:
+      summary: Enforce MCP tool call policy
+      operationId: enforceToolCall
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/EnforceToolCallRequest"
+      responses:
+        "200":
+          description: Enforcement decision
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/EnforceToolCallResult"
+  /api/policy/simulate:
+    post:
+      summary: Simulate redaction policy on a prompt
+      operationId: simulatePolicy
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [prompt]
+              properties:
+                prompt:
+                  type: string
+                platform:
+                  type: string
+                sourceHost:
+                  type: string
+      responses:
+        "200":
+          description: Simulation result
+  /api/workspace/mcp-policy:
+    get:
+      summary: Read workspace MCP tool policy
+      operationId: getMcpToolPolicy
+      responses:
+        "200":
+          description: Current policy
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  mcpToolPolicy:
+                    $ref: "#/components/schemas/McpToolPolicy"
+    post:
+      summary: Update workspace MCP tool policy
+      operationId: updateMcpToolPolicy
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/McpToolPolicy"
+      responses:
+        "200":
+          description: Updated policy
+  /api/ingress/v1/chat/completions:
+    post:
+      summary: OpenAI-compatible ingress proxy (masks user messages)
+      operationId: ingressOpenAiChatCompletions
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                model:
+                  type: string
+                messages:
+                  type: array
+                  items:
+                    type: object
+      responses:
+        "200":
+          description: Upstream completion response
+        "403":
+          description: Blocked by ingress policy
+  /api/ingress/v1/messages:
+    post:
+      summary: Anthropic Messages API ingress proxy
+      operationId: ingressAnthropicMessages
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                model:
+                  type: string
+                messages:
+                  type: array
+                  items:
+                    type: object
+      responses:
+        "200":
+          description: Upstream message response
+        "403":
+          description: Blocked by ingress policy

package/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "@blekline/contracts",
+  "version": "0.1.0",
+  "license": "Apache-2.0",
+  "private": false,
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Blekline/blekline-oss.git",
+    "directory": "packages/contracts"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "devDependencies": {
+    "typescript": "^5.7.3"
+  },
+  "dependencies": {
+    "zod": "^4.3.6"
+  },
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit"
+  }
+}

package/src/auth.ts

@@ -0,0 +1,21 @@
+export const WORKSPACE_TOOL_SCOPES = [
+  "mask:write",
+  "events:write",
+  "events:read",
+  "integrations:write",
+] as const;
+
+export type WorkspaceToolScope = (typeof WORKSPACE_TOOL_SCOPES)[number];
+
+export const BLEKLINE_HEADERS = {
+  workspaceToken: "x-blekline-workspace-token",
+  workspaceId: "x-blekline-workspace-id",
+  requestId: "x-request-id",
+  clientSurface: "x-blekline-client-surface",
+  modelProvider: "x-blekline-model-provider",
+  modelId: "x-blekline-model-id",
+} as const;
+
+export type ClientSurface = "cursor" | "claude-desktop" | "codex" | "sdk" | "extension" | "unknown";
+
+export type ModelProvider = "anthropic" | "openai" | "google" | "xai" | "cursor" | "unknown";

package/src/enforce-local.ts

@@ -0,0 +1,127 @@
+import type { EnforceToolCallResult, EnforcementAction, ToolCallFinding } from "./enforcement.js";
+import type { McpToolPolicy } from "./mcp-policy.js";
+import { resolveMcpToolPolicyDecision } from "./mcp-policy.js";
+import { scanTextForSecrets } from "./secret-patterns.js";
+
+const DESTRUCTIVE_RE = /\brm\s+-rf\b|\bformat\s+c:\b|\bdrop\s+database\b/i;
+
+function stringifyArgs(args: Record<string, unknown>): string {
+  try {
+    return JSON.stringify(args);
+  } catch {
+    return String(args);
+  }
+}
+
+function maskStringValue(input: string): { text: string; count: number } {
+  const findings = scanTextForSecrets(input);
+  if (findings.length === 0) return { text: input, count: 0 };
+  let out = input;
+  let offset = 0;
+  let count = 0;
+  const sorted = [...findings].sort((a, b) => a.start - b.start);
+  for (const f of sorted) {
+    const start = f.start + offset;
+    const end = f.end + offset;
+    const token = `[${f.label}]`;
+    out = out.slice(0, start) + token + out.slice(end);
+    offset += token.length - (f.end - f.start);
+    count += 1;
+  }
+  return { text: out, count };
+}
+
+function maskDeep(value: unknown, fieldPath: string, findings: ToolCallFinding[]): { value: unknown; count: number } {
+  if (typeof value === "string") {
+    const scan = scanTextForSecrets(value);
+    for (const s of scan) {
+      findings.push({ id: s.id, label: s.label, field: fieldPath });
+    }
+    const masked = maskStringValue(value);
+    return { value: masked.text, count: masked.count };
+  }
+  if (Array.isArray(value)) {
+    let count = 0;
+    const next = value.map((item, i) => {
+      const r = maskDeep(item, `${fieldPath}[${i}]`, findings);
+      count += r.count;
+      return r.value;
+    });
+    return { value: next, count };
+  }
+  if (value && typeof value === "object") {
+    let count = 0;
+    const next: Record<string, unknown> = {};
+    for (const [k, v] of Object.entries(value as Record<string, unknown>)) {
+      const r = maskDeep(v, fieldPath ? `${fieldPath}.${k}` : k, findings);
+      count += r.count;
+      next[k] = r.value;
+    }
+    return { value: next, count };
+  }
+  return { value, count: 0 };
+}
+
+export function enforceToolCallLocally(input: {
+  toolName: string;
+  arguments: Record<string, unknown>;
+  requestId: string;
+  mcpToolPolicy?: McpToolPolicy;
+}): EnforceToolCallResult {
+  const findings: ToolCallFinding[] = [];
+  const blob = stringifyArgs(input.arguments);
+
+  if (DESTRUCTIVE_RE.test(blob)) {
+    findings.push({ id: "destructive_command", label: "DESTRUCTIVE", field: "arguments" });
+    return {
+      action: "block",
+      maskedArguments: input.arguments,
+      findings,
+      entitiesMasked: 0,
+      riskTier: "high",
+      requestId: input.requestId,
+    };
+  }
+
+  const secretScan = scanTextForSecrets(blob);
+  for (const s of secretScan) {
+    findings.push({ id: s.id, label: s.label });
+  }
+
+  const masked = maskDeep(input.arguments, "", findings);
+  const entitiesMasked = masked.count;
+
+  let action: EnforcementAction = "allow";
+  let riskTier: "low" | "medium" | "high" = "low";
+
+  const hasHighRiskSecret = secretScan.some((s) =>
+    ["aws_access_key", "openai_sk", "openai_sk_proj", "stripe_sk", "jwt", "ssn"].includes(s.id)
+  );
+
+  if (hasHighRiskSecret && entitiesMasked > 0) {
+    action = "mask";
+    riskTier = "high";
+  } else if (entitiesMasked > 0) {
+    action = "mask";
+    riskTier = "medium";
+  }
+
+  if (input.mcpToolPolicy) {
+    action = resolveMcpToolPolicyDecision(input.mcpToolPolicy, input.toolName, action);
+    if (action === "block") {
+      riskTier = "high";
+      if (!findings.some((f) => f.id === "policy_denied")) {
+        findings.push({ id: "policy_denied", label: "POLICY", field: "toolName" });
+      }
+    }
+  }
+
+  return {
+    action,
+    maskedArguments: masked.value as Record<string, unknown>,
+    findings,
+    entitiesMasked,
+    riskTier,
+    requestId: input.requestId,
+  };
+}

package/src/enforcement.ts

@@ -0,0 +1,27 @@
+import { z } from "zod";
+
+export type EnforcementAction = "allow" | "mask" | "block";
+
+export const enforceToolCallRequestSchema = z.object({
+  toolName: z.string().min(1).max(120),
+  arguments: z.record(z.string(), z.unknown()),
+  platform: z.string().max(40).optional(),
+  clientSurface: z.enum(["cursor", "claude-desktop", "codex", "sdk", "extension", "unknown"]).optional(),
+});
+
+export type EnforceToolCallRequest = z.infer<typeof enforceToolCallRequestSchema>;
+
+export type ToolCallFinding = {
+  id: string;
+  label: string;
+  field?: string;
+};
+
+export type EnforceToolCallResult = {
+  action: EnforcementAction;
+  maskedArguments: Record<string, unknown>;
+  findings: ToolCallFinding[];
+  entitiesMasked: number;
+  riskTier: "low" | "medium" | "high";
+  requestId: string;
+};

package/src/events.ts

@@ -0,0 +1,19 @@
+import { z } from "zod";
+
+export const eventIngestSchema = z.object({
+  platform: z.string().max(40).optional(),
+  kind: z.string().max(48).optional(),
+  entitiesMasked: z.number().int().min(0).max(5000).optional(),
+  riskTier: z.enum(["low", "medium", "high"]).optional(),
+  sourceHost: z.string().max(253).optional(),
+  action: z.string().max(48).optional(),
+  maskProvider: z.enum(["azure", "fallback_local"]).optional(),
+  maskPhase: z.string().max(48).optional(),
+  clientSurface: z.enum(["cursor", "claude-desktop", "codex", "sdk", "extension", "unknown"]).optional(),
+  modelProvider: z.enum(["anthropic", "openai", "google", "xai", "cursor", "unknown"]).optional(),
+  modelId: z.string().max(80).optional(),
+  mcpToolName: z.string().max(120).optional(),
+  downstreamServer: z.string().max(80).optional(),
+});
+
+export type EventIngest = z.infer<typeof eventIngestSchema>;

package/src/index.ts

@@ -0,0 +1,8 @@
+export * from "./mcp-policy.js";
+export * from "./auth.js";
+export * from "./mask.js";
+export * from "./events.js";
+export * from "./policy.js";
+export * from "./enforcement.js";
+export * from "./enforce-local.js";
+export * from "./secret-patterns.js";

package/src/mask.ts

@@ -0,0 +1,31 @@
+import { z } from "zod";
+
+export const maskRequestSchema = z.object({
+  text: z.string().min(1),
+  platform: z.string().max(40).optional(),
+});
+
+export type MaskRequest = z.infer<typeof maskRequestSchema>;
+
+export type WireRedactionAction = "mask_and_send" | "mask_and_confirm" | "block_and_review";
+
+export type MaskResponse = {
+  maskedText: string;
+  tokenMap: Record<string, string>;
+  entitiesMasked: number;
+  platform: string;
+  provider: "azure" | "fallback_local";
+  requestId: string;
+  piiLanguage?: string;
+  decision?: WireRedactionAction;
+  blocked?: boolean;
+  blockReason?: string;
+};
+
+export type MaskErrorCode =
+  | "billing_required"
+  | "credits_exhausted"
+  | "prompt_limit_exceeded"
+  | "mask_fallback_blocked"
+  | "high_risk_literal_remaining"
+  | "plan_upgrade_required";

package/src/mcp-policy.ts

@@ -0,0 +1,47 @@
+export type McpToolPolicyAction = "allow" | "mask" | "block";
+
+export type McpToolPolicy = {
+  allowedTools: string[];
+  deniedTools: string[];
+  defaultAction: McpToolPolicyAction;
+};
+
+export const DEFAULT_MCP_TOOL_POLICY: McpToolPolicy = {
+  allowedTools: [],
+  deniedTools: [],
+  defaultAction: "mask",
+};
+
+export function normalizeMcpToolPolicy(raw: unknown): McpToolPolicy {
+  if (!raw || typeof raw !== "object") return { ...DEFAULT_MCP_TOOL_POLICY };
+  const o = raw as Record<string, unknown>;
+  const allowedTools = Array.isArray(o.allowedTools)
+    ? o.allowedTools.filter((t): t is string => typeof t === "string").map((t) => t.trim()).filter(Boolean).slice(0, 64)
+    : [];
+  const deniedTools = Array.isArray(o.deniedTools)
+    ? o.deniedTools.filter((t): t is string => typeof t === "string").map((t) => t.trim()).filter(Boolean).slice(0, 64)
+    : [];
+  const defaultAction =
+    o.defaultAction === "allow" || o.defaultAction === "mask" || o.defaultAction === "block"
+      ? o.defaultAction
+      : "mask";
+  return { allowedTools, deniedTools, defaultAction };
+}
+
+/** Resolve workspace MCP tool policy before local/cloud enforcement. */
+export function resolveMcpToolPolicyDecision(
+  policy: McpToolPolicy,
+  toolName: string,
+  localAction: McpToolPolicyAction
+): McpToolPolicyAction {
+  const name = toolName.trim().toLowerCase();
+  if (policy.deniedTools.some((t) => t.toLowerCase() === name)) return "block";
+  if (policy.allowedTools.length > 0) {
+    const allowed = policy.allowedTools.some((t) => t.toLowerCase() === name);
+    if (!allowed) return "block";
+  }
+  if (localAction === "block") return "block";
+  if (policy.defaultAction === "block") return "block";
+  if (localAction === "mask") return "mask";
+  return policy.defaultAction;
+}

package/src/policy.ts

@@ -0,0 +1,17 @@
+import type { WireRedactionAction } from "./mask.js";
+
+export type PromptRiskTier = "low" | "medium" | "high";
+
+export type PolicySimulation = {
+  platform: string;
+  risk: PromptRiskTier;
+  action: WireRedactionAction;
+  matchedKeywords: string[];
+  shieldEnabled: boolean;
+};
+
+export type PolicySimulateRequest = {
+  prompt: string;
+  platform?: string;
+  sourceHost?: string;
+};

package/src/secret-patterns.ts

@@ -0,0 +1,43 @@
+/** Portable secret/PII patterns for local fast scan (aligned with webapp detectors). */
+
+export type SecretPattern = { id: string; label: string; pattern: RegExp };
+
+export function buildSecretPatterns(): SecretPattern[] {
+  return [
+    { id: "aws_access_key", label: "AWS_KEY", pattern: /\b(?:AKIA|ASIA|AIDA|AROA|AGPA|AIPA|ANPA|ANVA|APKA|ASCA|ACCA)[A-Z0-9]{16}\b/g },
+    { id: "github_pat", label: "GITHUB", pattern: /\bgh[oprus]_[A-Za-z0-9_]{36,255}\b/g },
+    { id: "github_pat_fine", label: "GITHUB_FINE", pattern: /\bgithub_pat_[A-Za-z0-9_]{80,500}\b/g },
+    { id: "openai_sk", label: "OPENAI", pattern: /\bsk-[A-Za-z0-9]{20,}\b/g },
+    { id: "openai_sk_proj", label: "OPENAI_PROJ", pattern: /\bsk-proj-[A-Za-z0-9_-]{20,500}\b/g },
+    { id: "stripe_sk", label: "STRIPE", pattern: /\b(?:sk|rk)_(?:live|test)_[A-Za-z0-9]{16,128}\b/g },
+    { id: "slack_token", label: "SLACK", pattern: /\bxox[baprs]-[A-Za-z0-9-]{10,128}\b/g },
+    { id: "google_api_key", label: "GOOGLE_KEY", pattern: /\bAIza[0-9A-Za-z_-]{35}\b/g },
+    { id: "jwt", label: "JWT", pattern: /\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b/g },
+    { id: "email", label: "EMAIL", pattern: /[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/gi },
+    { id: "ssn", label: "SSN", pattern: /\b\d{3}-\d{2}-\d{4}\b/g },
+    { id: "iban", label: "IBAN", pattern: /\b[A-Z]{2}\d{2}(?:[ -]?[A-Z0-9]){11,30}\b/gi },
+    { id: "card", label: "CARD", pattern: /\b(?:\d[ -]?){12,19}\b/g },
+  ];
+}
+
+export type ScanFinding = {
+  id: string;
+  label: string;
+  match: string;
+  start: number;
+  end: number;
+};
+
+export function scanTextForSecrets(text: string): ScanFinding[] {
+  const findings: ScanFinding[] = [];
+  for (const { id, label, pattern } of buildSecretPatterns()) {
+    const re = new RegExp(pattern.source, pattern.flags.includes("g") ? pattern.flags : `${pattern.flags}g`);
+    let m: RegExpExecArray | null;
+    while ((m = re.exec(text)) !== null) {
+      const match = m[0];
+      if (match.includes("[") && match.includes("]")) continue;
+      findings.push({ id, label, match, start: m.index, end: m.index + match.length });
+    }
+  }
+  return findings;
+}

package/tsconfig.json

@@ -0,0 +1,14 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
+    "declaration": true,
+    "declarationMap": true,
+    "outDir": "dist",
+    "rootDir": "src",
+    "strict": true,
+    "skipLibCheck": true
+  },
+  "include": ["src/**/*"]
+}