@bookedsolid/reagent 0.7.2 → 0.11.0

package/dist/gateway/middleware/injection.js

@@ -0,0 +1,129 @@
+import { InvocationStatus } from '../../types/index.js';
+/**
+ * Known prompt injection phrases (lowercase for case-insensitive matching).
+ * These patterns are commonly used to override system instructions in tool
+ * descriptions or resource content returned by downstream MCP servers.
+ */
+const INJECTION_PHRASES = [
+    'ignore previous instructions',
+    'disregard your',
+    'your new instructions are',
+    'system prompt override',
+    'forget all previous',
+    // 'you are now' is too broad — fires on "you are now connected", "you are now in /home/foo", etc.
+    // The role-reassignment vector is "you are now a [different persona]" — the trailing space+article
+    // is what distinguishes injection from ordinary status messages.
+    'you are now a ',
+    'you are now an ',
+];
+/**
+ * Decode a base64 string, returning the decoded text or null if decoding fails.
+ * Only decodes if the input looks like base64 (64-char alphabet, length divisible by 4 or padded).
+ */
+function tryDecodeBase64(input) {
+    // Quick heuristic: must be at least 20 chars and use only base64 chars
+    if (input.length < 20)
+        return null;
+    if (!/^[A-Za-z0-9+/]+=*$/.test(input))
+        return null;
+    try {
+        return Buffer.from(input, 'base64').toString('utf8');
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Scan a string for known prompt injection phrases.
+ * Also decodes base64 tokens and checks the decoded content.
+ * Returns an array of matched phrase descriptions, empty if clean.
+ */
+export function scanForInjection(input) {
+    if (!input || typeof input !== 'string')
+        return [];
+    const lower = input.toLowerCase();
+    const matches = [];
+    // Check literal phrases
+    for (const phrase of INJECTION_PHRASES) {
+        if (lower.includes(phrase)) {
+            matches.push(`literal: "${phrase}"`);
+        }
+    }
+    // Check base64-encoded variants — scan word-like tokens that look like base64
+    const base64Tokens = input.match(/[A-Za-z0-9+/]{20,}={0,2}/g) ?? [];
+    for (const token of base64Tokens) {
+        const decoded = tryDecodeBase64(token);
+        if (!decoded)
+            continue;
+        const decodedLower = decoded.toLowerCase();
+        for (const phrase of INJECTION_PHRASES) {
+            if (decodedLower.includes(phrase)) {
+                matches.push(`base64-encoded: "${phrase}"`);
+                break; // One report per token is enough
+            }
+        }
+    }
+    return matches;
+}
+/**
+ * Scan an unknown value recursively, collecting all injection matches.
+ * Walks strings, arrays, and plain objects.
+ */
+function scanValue(value, matches) {
+    if (typeof value === 'string') {
+        matches.push(...scanForInjection(value));
+        return;
+    }
+    if (Array.isArray(value)) {
+        for (const item of value) {
+            scanValue(item, matches);
+        }
+        return;
+    }
+    if (value !== null && typeof value === 'object') {
+        for (const v of Object.values(value)) {
+            scanValue(v, matches);
+        }
+    }
+}
+/**
+ * PostToolUse middleware: scans tool results for prompt injection patterns.
+ *
+ * Operates on tool output (ctx.result) returned from downstream MCP servers.
+ * On detection:
+ *   - Always logs to audit metadata and emits a warning to stderr.
+ *   - If action is 'block' (default), sets ctx.status to Denied and blocks the result.
+ *   - If action is 'warn', allows the result through with a warning only.
+ *
+ * SECURITY: Checking PostToolUse (after downstream execution, before the result
+ * reaches the LLM) is the correct place to catch injection in tool descriptions
+ * and resource content coming from potentially untrusted downstream servers.
+ */
+export function createInjectionMiddleware(action = 'block') {
+    return async (ctx, next) => {
+        await next();
+        // Only scan if we have a result to inspect
+        if (ctx.result == null)
+            return;
+        const matches = [];
+        scanValue(ctx.result, matches);
+        if (matches.length === 0)
+            return;
+        // Deduplicate matches
+        const unique = [...new Set(matches)];
+        // Always log to audit metadata
+        ctx.metadata.injection_matches = unique;
+        // Always emit warning to stderr
+        process.stderr.write(`[reagent] INJECTION-GUARD: Prompt injection pattern detected in tool "${ctx.tool_name}" result\n`);
+        for (const match of unique) {
+            process.stderr.write(`  Pattern: ${match}\n`);
+        }
+        process.stderr.write(`  Action: ${action} — review the downstream server "${ctx.server_name}" for compromise.\n`);
+        if (action === 'block') {
+            ctx.status = InvocationStatus.Denied;
+            ctx.error = `Prompt injection detected in tool result (${unique.length} pattern(s) matched). Result blocked.`;
+            ctx.result = undefined;
+        }
+    };
+}
+//# sourceMappingURL=injection.js.map

package/dist/gateway/middleware/injection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection.js","sourceRoot":"","sources":["../../../src/gateway/middleware/injection.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAExD;;;;GAIG;AACH,MAAM,iBAAiB,GAAa;IAClC,8BAA8B;IAC9B,gBAAgB;IAChB,2BAA2B;IAC3B,wBAAwB;IACxB,qBAAqB;IACrB,kGAAkG;IAClG,mGAAmG;IACnG,iEAAiE;IACjE,gBAAgB;IAChB,iBAAiB;CAClB,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe,CAAC,KAAa;IACpC,uEAAuE;IACvE,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE;QAAE,OAAO,IAAI,CAAC;IACnC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IAEnD,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IAClC,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,wBAAwB;IACxB,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;QACvC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,IAAI,CAAC,aAAa,MAAM,GAAG,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,2BAA2B,CAAC,IAAI,EAAE,CAAC;IACpE,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO;YAAE,SAAS;QACvB,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;YACvC,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClC,OAAO,CAAC,IAAI,CAAC,oBAAoB,MAAM,GAAG,CAAC,CAAC;gBAC5C,MAAM,CAAC,iCAAiC;YAC1C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,SAAS,SAAS,CAAC,KAAc,EAAE,OAAiB;IAClD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO;IACT,CAAC;IACD,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAChD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,KAAgC,CAAC,EAAE,CAAC;YAChE,SAAS,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;AACH,CAAC;AAID;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,yBAAyB,CAAC,SAA0B,OAAO;IACzE,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,IAAI,EAAE,CAAC;QAEb,2CAA2C;QAC3C,IAAI,GAAG,CAAC,MAAM,IAAI,IAAI;YAAE,OAAO;QAE/B,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE/B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAEjC,sBAAsB;QACtB,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QAErC,+BAA+B;QAC/B,GAAG,CAAC,QAAQ,CAAC,iBAAiB,GAAG,MAAM,CAAC;QAExC,gCAAgC;QAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yEAAyE,GAAG,CAAC,SAAS,YAAY,CACnG,CAAC;QACF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,aAAa,MAAM,oCAAoC,GAAG,CAAC,WAAW,qBAAqB,CAC5F,CAAC;QAEF,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,6CAA6C,MAAM,CAAC,MAAM,uCAAuC,CAAC;YAC9G,GAAG,CAAC,MAAM,GAAG,SAAS,CAAC;QACzB,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/gateway/middleware/policy.js

@@ -1,6 +1,6 @@
 import { AutonomyLevel, InvocationStatus, Tier } from '../../types/index.js';
 import { classifyTool, isToolBlocked } from '../../config/tier-map.js';
-import { loadPolicy } from '../../config/policy-loader.js';
+import { loadPolicyAsync } from '../../config/policy-loader.js';
 /**
  * Autonomy level tier permissions:
  * - L0: Read only
@@ -33,7 +33,7 @@ export function createPolicyMiddleware(initialPolicy, gatewayConfig, baseDir) {
         let policy = lastGoodPolicy;
         if (baseDir) {
             try {
-                policy = loadPolicy(baseDir);
+                policy = await loadPolicyAsync(baseDir);
                 lastGoodPolicy = policy; // Cache successful parse
             }
             catch {

package/dist/gateway/middleware/policy.js.map

@@ -1 +1 @@
-{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/gateway/middleware/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC7E,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAI3D;;;;;;GAMG;AACH,MAAM,YAAY,GAAqC;IACrD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxC,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IACpD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IACpD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;CACvE,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CACpC,aAAqB,EACrB,aAA6B,EAC7B,OAAgB;IAEhB,gEAAgE;IAChE,6EAA6E;IAC7E,+DAA+D;IAC/D,IAAI,cAAc,GAAG,aAAa,CAAC;IAEnC,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,yEAAyE;QACzE,iEAAiE;QACjE,IAAI,MAAM,GAAG,cAAc,CAAC;QAC5B,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;gBAC7B,cAAc,GAAG,MAAM,CAAC,CAAC,yBAAyB;YACpD,CAAC;YAAC,MAAM,CAAC;gBACP,kEAAkE;YACpE,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,EAAE,CAAC;YACjE,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,SAAS,GAAG,CAAC,SAAS,2CAA2C,CAAC;YAC9E,OAAO;QACT,CAAC;QAED,yFAAyF;QACzF,qFAAqF;QACrF,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QACzE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,8CAA8C;QAE/D,mCAAmC;QACnC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,2BAA2B,MAAM,CAAC,cAAc,uBAAuB,CAAC;YACpF,OAAO;QACT,CAAC;QAED,mEAAmE;QACnE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,kBAAkB,MAAM,CAAC,cAAc,mBAAmB,IAAI,sBAAsB,GAAG,CAAC,SAAS,EAAE,CAAC;YAChH,OAAO;QACT,CAAC;QAED,gEAAgE;QAChE,GAAG,CAAC,QAAQ,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAEpD,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/gateway/middleware/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAC7E,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAIhE;;;;;;GAMG;AACH,MAAM,YAAY,GAAqC;IACrD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxC,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IACpD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IACpD,CAAC,aAAa,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;CACvE,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CACpC,aAAqB,EACrB,aAA6B,EAC7B,OAAgB;IAEhB,gEAAgE;IAChE,6EAA6E;IAC7E,+DAA+D;IAC/D,IAAI,cAAc,GAAG,aAAa,CAAC;IAEnC,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,yEAAyE;QACzE,iEAAiE;QACjE,IAAI,MAAM,GAAG,cAAc,CAAC;QAC5B,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC;gBACxC,cAAc,GAAG,MAAM,CAAC,CAAC,yBAAyB;YACpD,CAAC;YAAC,MAAM,CAAC;gBACP,kEAAkE;YACpE,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,EAAE,CAAC;YACjE,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,SAAS,GAAG,CAAC,SAAS,2CAA2C,CAAC;YAC9E,OAAO;QACT,CAAC;QAED,yFAAyF;QACzF,qFAAqF;QACrF,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QACzE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,8CAA8C;QAE/D,mCAAmC;QACnC,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,2BAA2B,MAAM,CAAC,cAAc,uBAAuB,CAAC;YACpF,OAAO;QACT,CAAC;QAED,mEAAmE;QACnE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,kBAAkB,MAAM,CAAC,cAAc,mBAAmB,IAAI,sBAAsB,GAAG,CAAC,SAAS,EAAE,CAAC;YAChH,OAAO;QACT,CAAC;QAED,gEAAgE;QAChE,GAAG,CAAC,QAAQ,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAEpD,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC;AACJ,CAAC"}

package/dist/gateway/middleware/rate-limit.d.ts

@@ -0,0 +1,13 @@
+import type { RateLimiter } from '../rate-limiter.js';
+import type { Middleware } from './chain.js';
+/**
+ * PreToolUse + PostToolUse middleware: enforces per-server concurrency and rate limits.
+ *
+ * On entry: tries to acquire a slot. If over limit, denies the call immediately
+ * without ever reaching the downstream server.
+ *
+ * On exit (finally): releases the concurrency slot so the next queued call can proceed.
+ * The slot is released even if the downstream call errors — we track capacity, not success.
+ */
+export declare function createRateLimitMiddleware(limiter: RateLimiter): Middleware;
+//# sourceMappingURL=rate-limit.d.ts.map

package/dist/gateway/middleware/rate-limit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../../src/gateway/middleware/rate-limit.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,WAAW,GAAG,UAAU,CAqB1E"}

package/dist/gateway/middleware/rate-limit.js

@@ -0,0 +1,32 @@
+import { InvocationStatus } from '../../types/index.js';
+/**
+ * PreToolUse + PostToolUse middleware: enforces per-server concurrency and rate limits.
+ *
+ * On entry: tries to acquire a slot. If over limit, denies the call immediately
+ * without ever reaching the downstream server.
+ *
+ * On exit (finally): releases the concurrency slot so the next queued call can proceed.
+ * The slot is released even if the downstream call errors — we track capacity, not success.
+ */
+export function createRateLimitMiddleware(limiter) {
+    return async (ctx, next) => {
+        const err = limiter.tryAcquire(ctx.server_name);
+        if (err !== null) {
+            ctx.status = InvocationStatus.Denied;
+            ctx.error = err.message;
+            ctx.metadata.rate_limit_exceeded = {
+                type: err.type,
+                current: err.current,
+                limit: err.limit,
+            };
+            return; // Do not call next() — gate is closed
+        }
+        try {
+            await next();
+        }
+        finally {
+            limiter.release(ctx.server_name);
+        }
+    };
+}
+//# sourceMappingURL=rate-limit.js.map

package/dist/gateway/middleware/rate-limit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.js","sourceRoot":"","sources":["../../../src/gateway/middleware/rate-limit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAIxD;;;;;;;;GAQG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAoB;IAC5D,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAEhD,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACjB,GAAG,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC;YACxB,GAAG,CAAC,QAAQ,CAAC,mBAAmB,GAAG;gBACjC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,OAAO,EAAE,GAAG,CAAC,OAAO;gBACpB,KAAK,EAAE,GAAG,CAAC,KAAK;aACjB,CAAC;YACF,OAAO,CAAC,sCAAsC;QAChD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;gBAAS,CAAC;YACT,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/gateway/middleware/redact.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"redact.d.ts","sourceRoot":"","sources":["../../../src/gateway/middleware/redact.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAkC7C;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,CAenF;AAED;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,EAAE,UA6B9B,CAAC"}
+{"version":3,"file":"redact.d.ts","sourceRoot":"","sources":["../../../src/gateway/middleware/redact.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAyC7C;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,CAenF;AAED;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,EAAE,UA6B9B,CAAC"}

package/dist/gateway/middleware/redact.js

@@ -21,6 +21,13 @@ const SECRET_PATTERNS = [
     { name: 'Discord Token', pattern: /[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27,}/g },
     // Base64-encoded AWS access key (AKIA... in base64 starts with QUTJQ)
     { name: 'Base64 AWS Key', pattern: /QUtJQ[A-Za-z0-9+/]{17,}={0,2}/g },
+    // Anthropic API keys (sk-ant-api03-... and similar)
+    { name: 'Anthropic API Key', pattern: /sk-ant-[a-zA-Z0-9\-_]{32,}/g },
+    // OpenAI API keys — project keys (sk-proj-...) and legacy (sk-...)
+    { name: 'OpenAI Project Key', pattern: /sk-proj-[a-zA-Z0-9\-_]{32,}/g },
+    { name: 'OpenAI API Key', pattern: /sk-[a-zA-Z0-9]{32,}/g },
+    // Hugging Face access tokens
+    { name: 'Hugging Face Token', pattern: /hf_[a-zA-Z0-9]{32,}/g },
 ];
 /**
  * Strip null bytes and other control characters that could break regex matching.

package/dist/gateway/middleware/redact.js.map

@@ -1 +1 @@
-{"version":3,"file":"redact.js","sourceRoot":"","sources":["../../../src/gateway/middleware/redact.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;AACH,MAAM,eAAe,GAA6C;IAChE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,oBAAoB,EAAE;IACzD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,oEAAoE;KAC9E;IACD,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE;IACjE;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,kEAAkE;KAC5E;IACD,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,kCAAkC,EAAE;IACrE,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,2DAA2D,EAAE;IAC7F,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,4CAA4C,EAAE;IAChF,sEAAsE;IACtE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gCAAgC,EAAE;CACtE,CAAC;AAEF;;GAEG;AACH,SAAS,aAAa,CAAC,KAAa;IAClC,OAAO,KAAK,CAAC,OAAO,CAAC,+BAA+B,EAAE,EAAE,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,eAAe,EAAE,CAAC;QAChD,qCAAqC;QACrC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAC/C,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAe,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC9D,8FAA8F;IAC9F,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;QAClB,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;QACvC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,IAAI,EAAE,CAAC;IAEb,IAAI,GAAG,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO;IAE/B,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACnC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpF,CAAC;QACD,OAAO;IACT,CAAC;IAED,wDAAwD;IACxD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACvF,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,SAAS,UAAU,CAAC,GAAY,EAAE,QAAkB,EAAE,IAAI,GAAG,IAAI,OAAO,EAAE;IACxE,IAAI,GAAG,IAAI,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO;IAEnD,oCAAoC;IACpC,IAAI,IAAI,CAAC,GAAG,CAAC,GAAa,CAAC;QAAE,OAAO;IACpC,IAAI,CAAC,GAAG,CAAC,GAAa,CAAC,CAAC;IAExB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjB,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;oBAChB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,GAA8B,CAAC;IAC9C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,IAAI,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,GAAG,CAAW,CAAC,CAAC;YACrE,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjB,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;gBACrB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;AACH,CAAC"}
+{"version":3,"file":"redact.js","sourceRoot":"","sources":["../../../src/gateway/middleware/redact.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;AACH,MAAM,eAAe,GAA6C;IAChE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,oBAAoB,EAAE;IACzD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,oEAAoE;KAC9E;IACD,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE;IACjE;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,kEAAkE;KAC5E;IACD,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,kCAAkC,EAAE;IACrE,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,2DAA2D,EAAE;IAC7F,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,4CAA4C,EAAE;IAChF,sEAAsE;IACtE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gCAAgC,EAAE;IACrE,oDAAoD;IACpD,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,6BAA6B,EAAE;IACrE,mEAAmE;IACnE,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,8BAA8B,EAAE;IACvE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,sBAAsB,EAAE;IAC3D,6BAA6B;IAC7B,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,sBAAsB,EAAE;CAChE,CAAC;AAEF;;GAEG;AACH,SAAS,aAAa,CAAC,KAAa;IAClC,OAAO,KAAK,CAAC,OAAO,CAAC,+BAA+B,EAAE,EAAE,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,eAAe,EAAE,CAAC;QAChD,qCAAqC;QACrC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAC/C,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAe,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC9D,8FAA8F;IAC9F,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;QAClB,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;QACvC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,IAAI,EAAE,CAAC;IAEb,IAAI,GAAG,CAAC,MAAM,IAAI,IAAI;QAAE,OAAO;IAE/B,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACnC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpF,CAAC;QACD,OAAO;IACT,CAAC;IAED,wDAAwD;IACxD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACpC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,GAAG,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACvF,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,SAAS,UAAU,CAAC,GAAY,EAAE,QAAkB,EAAE,IAAI,GAAG,IAAI,OAAO,EAAE;IACxE,IAAI,GAAG,IAAI,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO;IAEnD,oCAAoC;IACpC,IAAI,IAAI,CAAC,GAAG,CAAC,GAAa,CAAC;QAAE,OAAO;IACpC,IAAI,CAAC,GAAG,CAAC,GAAa,CAAC,CAAC;IAExB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjB,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;oBAChB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,GAA8B,CAAC;IAC9C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,IAAI,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,GAAG,CAAW,CAAC,CAAC;YACrE,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjB,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;gBACrB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/gateway/middleware/result-size-cap.d.ts

@@ -0,0 +1,14 @@
+import type { GatewayConfig } from '../../types/index.js';
+import type { Middleware } from './chain.js';
+/**
+ * PostToolUse middleware: truncates tool results that exceed a configurable size cap.
+ *
+ * Operates on the serialized form of the result — if the downstream tool returns
+ * a large object or binary-encoded string, we measure and truncate the serialized
+ * representation. A human-readable notice is appended so the agent knows the
+ * result was cut.
+ *
+ * Default cap: 512 KB. Override via `gateway.max_result_size_kb` in gateway.yaml.
+ */
+export declare function createResultSizeCapMiddleware(gatewayConfig?: GatewayConfig): Middleware;
+//# sourceMappingURL=result-size-cap.d.ts.map

package/dist/gateway/middleware/result-size-cap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"result-size-cap.d.ts","sourceRoot":"","sources":["../../../src/gateway/middleware/result-size-cap.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAiB7C;;;;;;;;;GASG;AACH,wBAAgB,6BAA6B,CAAC,aAAa,CAAC,EAAE,aAAa,GAAG,UAAU,CA+BvF"}

package/dist/gateway/middleware/result-size-cap.js

@@ -0,0 +1,49 @@
+const DEFAULT_CAP_KB = 512;
+/**
+ * Serialize any result to a string for size measurement.
+ * If it's already a string, use it directly; otherwise JSON.stringify.
+ */
+function resultToString(value) {
+    if (typeof value === 'string')
+        return value;
+    try {
+        return JSON.stringify(value);
+    }
+    catch {
+        return String(value);
+    }
+}
+/**
+ * PostToolUse middleware: truncates tool results that exceed a configurable size cap.
+ *
+ * Operates on the serialized form of the result — if the downstream tool returns
+ * a large object or binary-encoded string, we measure and truncate the serialized
+ * representation. A human-readable notice is appended so the agent knows the
+ * result was cut.
+ *
+ * Default cap: 512 KB. Override via `gateway.max_result_size_kb` in gateway.yaml.
+ */
+export function createResultSizeCapMiddleware(gatewayConfig) {
+    const capKb = gatewayConfig?.gateway?.max_result_size_kb ?? DEFAULT_CAP_KB;
+    const capBytes = capKb * 1024;
+    return async (ctx, next) => {
+        await next();
+        if (ctx.result == null)
+            return;
+        const serialized = resultToString(ctx.result);
+        const byteLength = Buffer.byteLength(serialized, 'utf8');
+        if (byteLength <= capBytes)
+            return;
+        const removedBytes = byteLength - capBytes;
+        const removedKb = Math.ceil(removedBytes / 1024);
+        const notice = `\n[TRUNCATED: result exceeded ${capKb}KB limit. ${removedKb}KB removed.]`;
+        // Truncate to cap, then append notice. We truncate the serialized string and
+        // store it back — the agent sees the notice and knows context was lost.
+        const noticeBytes = Buffer.byteLength(notice, 'utf8');
+        const keepBytes = capBytes - noticeBytes;
+        const truncated = Buffer.from(serialized, 'utf8').subarray(0, keepBytes).toString('utf8') + notice;
+        ctx.result = truncated;
+        console.error(`[reagent] result-size-cap: truncated tool "${ctx.tool_name}" result from ${Math.ceil(byteLength / 1024)}KB to ${capKb}KB`);
+    };
+}
+//# sourceMappingURL=result-size-cap.js.map

package/dist/gateway/middleware/result-size-cap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"result-size-cap.js","sourceRoot":"","sources":["../../../src/gateway/middleware/result-size-cap.ts"],"names":[],"mappings":"AAGA,MAAM,cAAc,GAAG,GAAG,CAAC;AAE3B;;;GAGG;AACH,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,6BAA6B,CAAC,aAA6B;IACzE,MAAM,KAAK,GAAG,aAAa,EAAE,OAAO,EAAE,kBAAkB,IAAI,cAAc,CAAC;IAC3E,MAAM,QAAQ,GAAG,KAAK,GAAG,IAAI,CAAC;IAE9B,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,IAAI,EAAE,CAAC;QAEb,IAAI,GAAG,CAAC,MAAM,IAAI,IAAI;YAAE,OAAO;QAE/B,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAEzD,IAAI,UAAU,IAAI,QAAQ;YAAE,OAAO;QAEnC,MAAM,YAAY,GAAG,UAAU,GAAG,QAAQ,CAAC;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,iCAAiC,KAAK,aAAa,SAAS,cAAc,CAAC;QAE1F,6EAA6E;QAC7E,wEAAwE;QACxE,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtD,MAAM,SAAS,GAAG,QAAQ,GAAG,WAAW,CAAC;QACzC,MAAM,SAAS,GACb,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;QAEnF,GAAG,CAAC,MAAM,GAAG,SAAS,CAAC;QAEvB,OAAO,CAAC,KAAK,CACX,8CAA8C,GAAG,CAAC,SAAS,iBAAiB,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,SAAS,KAAK,IAAI,CAC3H,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/gateway/native-tools.js

@@ -19,7 +19,7 @@ export function registerNativeTools(gateway, baseDir, middlewares) {
                 tool_name: toolName,
                 server_name: 'reagent',
                 arguments: params,
-                session_id: '',
+                session_id: crypto.randomUUID(),
                 status: InvocationStatus.Allowed,
                 start_time: Date.now(),
                 metadata: {},

package/dist/gateway/native-tools.js.map

@@ -1 +1 @@
-{"version":3,"file":"native-tools.js","sourceRoot":"","sources":["../../src/gateway/native-tools.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAkB,EAClB,OAAe,EACf,WAAyB;IAEzB,MAAM,KAAK,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,SAAS,WAAW,CAClB,QAAgB,EAChB,OAAmD;QAInD,OAAO,KAAK,EAAE,MAAM,EAAE,EAAE;YACtB,MAAM,GAAG,GAAsB;gBAC7B,SAAS,EAAE,QAAQ;gBACnB,WAAW,EAAE,SAAS;gBACtB,SAAS,EAAE,MAAM;gBACjB,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,gBAAgB,CAAC,OAAO;gBAChC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;gBACtB,QAAQ,EAAE,EAAE;aACb,CAAC;YAEF,MAAM,SAAS,GAAiB;gBAC9B,GAAG,WAAW;gBACd,KAAK,EAAE,QAAQ,EAAE,EAAE;oBACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,gBAAgB,CAAC,OAAO;wBAAE,OAAO;oBACzD,IAAI,CAAC;wBACH,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;wBAC9C,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC;oBAC7C,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC;wBACzC,QAAQ,CAAC,KAAK,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACpE,CAAC;gBACH,CAAC;aACF,CAAC;YAEF,MAAM,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;YAEnC,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM,EAAE,CAAC;gBAC3C,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,YAAY,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,WAAW,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC;oBAClE,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;aAChF,CAAC;QACJ,CAAC,CAAC;IACJ,CAAC;IAED,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,2CAA2C,EAC3C;QACE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC;QACxC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;QAC/D,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;QAClF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,CAAC;QACtD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;QACtD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC;QACpD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,+BAA+B,CAAC;KAC3E,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1B,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE;YACF,IAAI,EAAE,SAAS;YACf,KAAK,EAAE,IAAI,CAAC,KAAe;YAC3B,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,OAAO,EAAG,IAAI,CAAC,OAAyC,IAAI,QAAQ;YACpE,KAAK,EAAE,IAAI,CAAC,KAA2B;YACvC,SAAS,EAAE,IAAI,CAAC,SAA+B;YAC/C,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,SAAS,EAAE,IAAI,CAAC,SAA+B;YAC/C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IACnC,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,gCAAgC,EAChC;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACjD,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;QACrF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,CAAC;QACtD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAClE,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QACzD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC9B,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE,EAAE,IAAI,CAAC,EAAY;YACrB,IAAI,EAAE,IAAI,CAAC,IAAyD;YACpE,KAAK,EAAG,IAAI,CAAC,KAAgB,IAAI,QAAQ,CAAC,KAAK;YAC/C,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,OAAO,EAAG,IAAI,CAAC,OAAyC,IAAI,QAAQ,CAAC,OAAO;YAC5E,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,UAAU,EAAE,IAAI,CAAC,UAAgC;YACjD,WAAW,EAAE,IAAI,CAAC,WAAmC;YACrD,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,IAAI,CAAC,IAAI,KAAK,WAAW,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YACvD,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,WAAW,EACX,kCAAkC,EAClC;QACE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;QAC1D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;QAC5D,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC;KACzD,EACD,WAAW,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,OAAO,KAAK,CAAC,SAAS,CAAC;YACrB,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,OAAO,EAAE,IAAI,CAAC,OAA6B;YAC3C,KAAK,EAAE,IAAI,CAAC,KAA2B;SACxC,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,UAAU,EACV,yBAAyB,EACzB;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;KAClD,EACD,WAAW,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE;QAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,iDAAiD,EACjD;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;KAClD,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE,EAAE,IAAI,CAAC,EAAY;YACrB,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAC9C,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,uEAAuE;IACvE,OAAO,CAAC,IAAI,CACV,kBAAkB,EAClB,qDAAqD,EACrD,EAAE,EACF,WAAW,CAAC,kBAAkB,EAAE,GAAG,EAAE;QACnC,0DAA0D;QAC1D,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QACD,sDAAsD;QACtD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QAChC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;gBACpF,OAAO,EAAE,CAAC;YACZ,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QACD,OAAO;YACL,IAAI;YACJ,cAAc,EAAE,OAAO;YACvB,aAAa,EAAE,OAAO;YACtB,IAAI,EAAE,kDAAkD;SACzD,CAAC;IACJ,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,eAAe,EACf,yEAAyE,EACzE;QACE,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACrE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QACnE,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;QAClF,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC;KAClF,EACD,WAAW,CAAC,eAAe,EAAE,CAAC,IAAI,EAAE,EAAE;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QAED,MAAM,aAAa,GAAG;YACpB,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE;YAC5E;gBACE,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,gCAAgC;aAC9C;YACD,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE;SAClF,CAAC;QAEF,OAAO,MAAM,CAAC,YAAY,CAAC;YACzB,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,MAAM,EAAE,IAAI,CAAC,MAA8B;YAC3C,MAAM,EAAE,aAAa;YACrB,UAAU,EAAE,IAAI,CAAC,UAAkC;SACpD,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,yEAAyE;IACzE,OAAO,CAAC,IAAI,CACV,cAAc,EACd,2EAA2E,EAC3E,EAAE,EACF,WAAW,CAAC,cAAc,EAAE,GAAG,EAAE;QAC/B,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QACD,OAAO,MAAM,CAAC,aAAa,EAAE,CAAC;IAChC,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,gBAAgB,EAChB,iJAAiJ,EACjJ;QACE,OAAO,EAAE,CAAC;aACP,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;aAC5C,QAAQ,CAAC,qDAAqD,CAAC;QAClE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QACvD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;KACtF,EACD,WAAW,CAAC,gBAAgB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO;gBACL,KAAK,EACH,0HAA0H;aAC7H,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAkD,CAAC;QACxE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAiB,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAA2B,CAAC;QAE/C,6DAA6D;QAC7D,KAAK,OAAO,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YACrF,gBAAgB;QAClB,CAAC,CAAC,CAAC;QAEH,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,uCAAuC,EAAE,CAAC;IAChF,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,OAAO,CAAC,KAAK,CAAC,wBAAwB,KAAK,eAAe,CAAC,CAAC;IAC5D,OAAO,KAAK,CAAC;AACf,CAAC"}
+{"version":3,"file":"native-tools.js","sourceRoot":"","sources":["../../src/gateway/native-tools.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAkB,EAClB,OAAe,EACf,WAAyB;IAEzB,MAAM,KAAK,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,SAAS,WAAW,CAClB,QAAgB,EAChB,OAAmD;QAInD,OAAO,KAAK,EAAE,MAAM,EAAE,EAAE;YACtB,MAAM,GAAG,GAAsB;gBAC7B,SAAS,EAAE,QAAQ;gBACnB,WAAW,EAAE,SAAS;gBACtB,SAAS,EAAE,MAAM;gBACjB,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE;gBAC/B,MAAM,EAAE,gBAAgB,CAAC,OAAO;gBAChC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;gBACtB,QAAQ,EAAE,EAAE;aACb,CAAC;YAEF,MAAM,SAAS,GAAiB;gBAC9B,GAAG,WAAW;gBACd,KAAK,EAAE,QAAQ,EAAE,EAAE;oBACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,gBAAgB,CAAC,OAAO;wBAAE,OAAO;oBACzD,IAAI,CAAC;wBACH,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;wBAC9C,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC;oBAC7C,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC;wBACzC,QAAQ,CAAC,KAAK,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACpE,CAAC;gBACH,CAAC;aACF,CAAC;YAEF,MAAM,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;YAEnC,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM,EAAE,CAAC;gBAC3C,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,YAAY,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,WAAW,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC;oBAClE,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;aAChF,CAAC;QACJ,CAAC,CAAC;IACJ,CAAC;IAED,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,2CAA2C,EAC3C;QACE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC;QACxC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;QAC/D,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;QAClF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,CAAC;QACtD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;QACtD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC;QACpD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,+BAA+B,CAAC;KAC3E,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC1B,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE;YACF,IAAI,EAAE,SAAS;YACf,KAAK,EAAE,IAAI,CAAC,KAAe;YAC3B,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,OAAO,EAAG,IAAI,CAAC,OAAyC,IAAI,QAAQ;YACpE,KAAK,EAAE,IAAI,CAAC,KAA2B;YACvC,SAAS,EAAE,IAAI,CAAC,SAA+B;YAC/C,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,SAAS,EAAE,IAAI,CAAC,SAA+B;YAC/C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IACnC,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,gCAAgC,EAChC;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACjD,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;QACrF,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,CAAC;QACtD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAClE,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QACzD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC9B,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE,EAAE,IAAI,CAAC,EAAY;YACrB,IAAI,EAAE,IAAI,CAAC,IAAyD;YACpE,KAAK,EAAG,IAAI,CAAC,KAAgB,IAAI,QAAQ,CAAC,KAAK;YAC/C,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,OAAO,EAAG,IAAI,CAAC,OAAyC,IAAI,QAAQ,CAAC,OAAO;YAC5E,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,UAAU,EAAE,IAAI,CAAC,UAAgC;YACjD,WAAW,EAAE,IAAI,CAAC,WAAmC;YACrD,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,IAAI,CAAC,IAAI,KAAK,WAAW,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YACvD,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,WAAW,EACX,kCAAkC,EAClC;QACE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;QAC1D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;QAC5D,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC;KACzD,EACD,WAAW,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE;QAChC,OAAO,KAAK,CAAC,SAAS,CAAC;YACrB,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,OAAO,EAAE,IAAI,CAAC,OAA6B;YAC3C,KAAK,EAAE,IAAI,CAAC,KAA2B;SACxC,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,UAAU,EACV,yBAAyB,EACzB;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;KAClD,EACD,WAAW,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE;QAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,aAAa,EACb,iDAAiD,EACjD;QACE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;KAClD,EACD,WAAW,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAY,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,WAAW,CAAC;YAChB,EAAE,EAAE,IAAI,CAAC,EAAY;YACrB,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAC9C,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,uEAAuE;IACvE,OAAO,CAAC,IAAI,CACV,kBAAkB,EAClB,qDAAqD,EACrD,EAAE,EACF,WAAW,CAAC,kBAAkB,EAAE,GAAG,EAAE;QACnC,0DAA0D;QAC1D,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QACD,sDAAsD;QACtD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QAChC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;gBACpF,OAAO,EAAE,CAAC;YACZ,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QACD,OAAO;YACL,IAAI;YACJ,cAAc,EAAE,OAAO;YACvB,aAAa,EAAE,OAAO;YACtB,IAAI,EAAE,kDAAkD;SACzD,CAAC;IACJ,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,eAAe,EACf,yEAAyE,EACzE;QACE,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACrE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QACnE,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;QAClF,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC;KAClF,EACD,WAAW,CAAC,eAAe,EAAE,CAAC,IAAI,EAAE,EAAE;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QAED,MAAM,aAAa,GAAG;YACpB,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE;YAC5E;gBACE,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,gCAAgC;aAC9C;YACD,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE;SAClF,CAAC;QAEF,OAAO,MAAM,CAAC,YAAY,CAAC;YACzB,WAAW,EAAE,IAAI,CAAC,WAAiC;YACnD,QAAQ,EAAE,IAAI,CAAC,QAA8B;YAC7C,MAAM,EAAE,IAAI,CAAC,MAA8B;YAC3C,MAAM,EAAE,aAAa;YACrB,UAAU,EAAE,IAAI,CAAC,UAAkC;SACpD,CAAC,CAAC;IACL,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,yEAAyE;IACzE,OAAO,CAAC,IAAI,CACV,cAAc,EACd,2EAA2E,EAC3E,EAAE,EACF,WAAW,CAAC,cAAc,EAAE,GAAG,EAAE;QAC/B,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC;QAClF,CAAC;QACD,OAAO,MAAM,CAAC,aAAa,EAAE,CAAC;IAChC,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,wEAAwE;IACxE,OAAO,CAAC,IAAI,CACV,gBAAgB,EAChB,iJAAiJ,EACjJ;QACE,OAAO,EAAE,CAAC;aACP,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;aAC5C,QAAQ,CAAC,qDAAqD,CAAC;QAClE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QACvD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;KACtF,EACD,WAAW,CAAC,gBAAgB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO;gBACL,KAAK,EACH,0HAA0H;aAC7H,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAkD,CAAC;QACxE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAiB,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAA2B,CAAC;QAE/C,6DAA6D;QAC7D,KAAK,OAAO,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YACrF,gBAAgB;QAClB,CAAC,CAAC,CAAC;QAEH,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,uCAAuC,EAAE,CAAC;IAChF,CAAC,CAAC,CACH,CAAC;IACF,KAAK,EAAE,CAAC;IAER,OAAO,CAAC,KAAK,CAAC,wBAAwB,KAAK,eAAe,CAAC,CAAC;IAC5D,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/gateway/rate-limiter.d.ts

@@ -0,0 +1,47 @@
+import type { GatewayConfig } from '../types/index.js';
+export interface LimitExceededError {
+    type: 'concurrency' | 'rate';
+    serverName: string;
+    current: number;
+    limit: number;
+    message: string;
+}
+interface ServerState {
+    /** Number of calls currently in-flight */
+    activeCalls: number;
+    /** Timestamps (ms) of calls in the current rate window */
+    callTimestamps: number[];
+    maxConcurrent: number;
+    callsPerMinute: number;
+}
+/**
+ * In-memory per-server rate limiter and concurrency cap.
+ *
+ * Concurrency: tracks active in-flight calls. If at the limit, new calls
+ * are rejected immediately with a structured error.
+ *
+ * Rate: sliding window — calls in the last 60 seconds must not exceed the
+ * configured calls_per_minute. 0 means unlimited for either dimension.
+ *
+ * State is kept in a Map keyed by server name. No disk I/O.
+ */
+export declare class RateLimiter {
+    private state;
+    constructor(gatewayConfig?: GatewayConfig);
+    /**
+     * Try to acquire a slot for a call to `serverName`.
+     * Returns null on success, or a LimitExceededError if rejected.
+     *
+     * On success, call `release()` when the downstream call completes.
+     */
+    tryAcquire(serverName: string): LimitExceededError | null;
+    /**
+     * Release a previously acquired concurrency slot.
+     * Safe to call even if `serverName` is unknown — no-op.
+     */
+    release(serverName: string): void;
+    /** Expose state for testing */
+    getState(serverName: string): ServerState | undefined;
+}
+export {};
+//# sourceMappingURL=rate-limiter.d.ts.map

package/dist/gateway/rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/gateway/rate-limiter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,aAAa,GAAG,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,UAAU,WAAW;IACnB,0CAA0C;IAC1C,WAAW,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;CACxB;AAID;;;;;;;;;;GAUG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,KAAK,CAAkC;gBAEnC,aAAa,CAAC,EAAE,aAAa;IAYzC;;;;;OAKG;IACH,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,kBAAkB,GAAG,IAAI;IA6CzD;;;OAGG;IACH,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAMjC,+BAA+B;IAC/B,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS;CAGtD"}

package/dist/gateway/rate-limiter.js

@@ -0,0 +1,89 @@
+const WINDOW_MS = 60_000;
+/**
+ * In-memory per-server rate limiter and concurrency cap.
+ *
+ * Concurrency: tracks active in-flight calls. If at the limit, new calls
+ * are rejected immediately with a structured error.
+ *
+ * Rate: sliding window — calls in the last 60 seconds must not exceed the
+ * configured calls_per_minute. 0 means unlimited for either dimension.
+ *
+ * State is kept in a Map keyed by server name. No disk I/O.
+ */
+export class RateLimiter {
+    state = new Map();
+    constructor(gatewayConfig) {
+        if (!gatewayConfig)
+            return;
+        for (const [name, serverCfg] of Object.entries(gatewayConfig.servers)) {
+            this.state.set(name, {
+                activeCalls: 0,
+                callTimestamps: [],
+                maxConcurrent: serverCfg.max_concurrent_calls ?? 0,
+                callsPerMinute: serverCfg.calls_per_minute ?? 0,
+            });
+        }
+    }
+    /**
+     * Try to acquire a slot for a call to `serverName`.
+     * Returns null on success, or a LimitExceededError if rejected.
+     *
+     * On success, call `release()` when the downstream call completes.
+     */
+    tryAcquire(serverName) {
+        let s = this.state.get(serverName);
+        if (!s) {
+            // Server not in config — allow through (no limits configured)
+            this.state.set(serverName, {
+                activeCalls: 0,
+                callTimestamps: [],
+                maxConcurrent: 0,
+                callsPerMinute: 0,
+            });
+            s = this.state.get(serverName);
+        }
+        // Prune timestamps outside the sliding window before checking rate
+        const now = Date.now();
+        s.callTimestamps = s.callTimestamps.filter((t) => now - t < WINDOW_MS);
+        // Check rate limit
+        if (s.callsPerMinute > 0 && s.callTimestamps.length >= s.callsPerMinute) {
+            return {
+                type: 'rate',
+                serverName,
+                current: s.callTimestamps.length,
+                limit: s.callsPerMinute,
+                message: `Rate limit exceeded for server "${serverName}": ${s.callTimestamps.length}/${s.callsPerMinute} calls in the last 60s`,
+            };
+        }
+        // Check concurrency limit
+        if (s.maxConcurrent > 0 && s.activeCalls >= s.maxConcurrent) {
+            return {
+                type: 'concurrency',
+                serverName,
+                current: s.activeCalls,
+                limit: s.maxConcurrent,
+                message: `Concurrency limit exceeded for server "${serverName}": ${s.activeCalls}/${s.maxConcurrent} active calls`,
+            };
+        }
+        // Acquire
+        s.activeCalls++;
+        s.callTimestamps.push(now);
+        return null;
+    }
+    /**
+     * Release a previously acquired concurrency slot.
+     * Safe to call even if `serverName` is unknown — no-op.
+     */
+    release(serverName) {
+        const s = this.state.get(serverName);
+        if (!s)
+            return;
+        if (s.activeCalls > 0)
+            s.activeCalls--;
+    }
+    /** Expose state for testing */
+    getState(serverName) {
+        return this.state.get(serverName);
+    }
+}
+//# sourceMappingURL=rate-limiter.js.map

package/dist/gateway/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/gateway/rate-limiter.ts"],"names":[],"mappings":"AAmBA,MAAM,SAAS,GAAG,MAAM,CAAC;AAEzB;;;;;;;;;;GAUG;AACH,MAAM,OAAO,WAAW;IACd,KAAK,GAAG,IAAI,GAAG,EAAuB,CAAC;IAE/C,YAAY,aAA6B;QACvC,IAAI,CAAC,aAAa;YAAE,OAAO;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;YACtE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;gBACnB,WAAW,EAAE,CAAC;gBACd,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,SAAS,CAAC,oBAAoB,IAAI,CAAC;gBAClD,cAAc,EAAE,SAAS,CAAC,gBAAgB,IAAI,CAAC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,UAAU,CAAC,UAAkB;QAC3B,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACnC,IAAI,CAAC,CAAC,EAAE,CAAC;YACP,8DAA8D;YAC9D,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE;gBACzB,WAAW,EAAE,CAAC;gBACd,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,CAAC;gBAChB,cAAc,EAAE,CAAC;aAClB,CAAC,CAAC;YACH,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC;QAClC,CAAC;QAED,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,CAAC,CAAC,cAAc,GAAG,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;QAEvE,mBAAmB;QACnB,IAAI,CAAC,CAAC,cAAc,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC,cAAc,EAAE,CAAC;YACxE,OAAO;gBACL,IAAI,EAAE,MAAM;gBACZ,UAAU;gBACV,OAAO,EAAE,CAAC,CAAC,cAAc,CAAC,MAAM;gBAChC,KAAK,EAAE,CAAC,CAAC,cAAc;gBACvB,OAAO,EAAE,mCAAmC,UAAU,MAAM,CAAC,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC,cAAc,wBAAwB;aAChI,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,CAAC,aAAa,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;YAC5D,OAAO;gBACL,IAAI,EAAE,aAAa;gBACnB,UAAU;gBACV,OAAO,EAAE,CAAC,CAAC,WAAW;gBACtB,KAAK,EAAE,CAAC,CAAC,aAAa;gBACtB,OAAO,EAAE,0CAA0C,UAAU,MAAM,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,aAAa,eAAe;aACnH,CAAC;QACJ,CAAC;QAED,UAAU;QACV,CAAC,CAAC,WAAW,EAAE,CAAC;QAChB,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,UAAkB;QACxB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACrC,IAAI,CAAC,CAAC;YAAE,OAAO;QACf,IAAI,CAAC,CAAC,WAAW,GAAG,CAAC;YAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACzC,CAAC;IAED,+BAA+B;IAC/B,QAAQ,CAAC,UAAkB;QACzB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;CACF"}

package/dist/gateway/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAiBA,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAkFvE"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAwBA,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA2GvE"}

package/dist/gateway/server.js

@@ -10,9 +10,16 @@ import { createKillSwitchMiddleware } from './middleware/kill-switch.js';
 import { createTierMiddleware } from './middleware/tier.js';
 import { createPolicyMiddleware } from './middleware/policy.js';
 import { redactMiddleware } from './middleware/redact.js';
+import { createInjectionMiddleware } from './middleware/injection.js';
 import { createAuditMiddleware } from './middleware/audit.js';
 import { createBlockedPathsMiddleware } from './middleware/blocked-paths.js';
+import { createResultSizeCapMiddleware } from './middleware/result-size-cap.js';
+import { createRateLimitMiddleware } from './middleware/rate-limit.js';
+import { createCircuitBreakerMiddleware } from './middleware/circuit-breaker.js';
+import { RateLimiter } from './rate-limiter.js';
+import { CircuitBreaker } from './circuit-breaker.js';
 import { registerNativeTools } from './native-tools.js';
+import { detectToolCollisions } from './collision-detector.js';
 /**
  * Starts the MCP gateway server.
  *
@@ -33,7 +40,17 @@ export async function startGateway(options) {
     // Build middleware chain
     // SECURITY: Audit is outermost so it records ALL invocations, including kill-switch denials.
     // SECURITY: blocked-paths runs before tool execution to prevent writes to protected paths.
-    // Order (onion): audit → session → kill-switch → tier → policy → blocked-paths → redact → [execute]
+    // SECURITY: injection runs PostToolUse (after redact) to scan downstream results for prompt injection.
+    // SECURITY: result-size-cap runs PostToolUse after injection so it caps already-scanned output.
+    // SECURITY: rate-limit runs after policy (so denied calls don't burn rate budget) but before execution.
+    // SECURITY: circuit-breaker wraps the execute step so it can observe Error status and track failures.
+    //   Placed after rate-limit so a rate-limited call doesn't count as a downstream failure.
+    // Order (onion): audit → session → kill-switch → tier → policy → blocked-paths → rate-limit → circuit-breaker → redact → injection → result-size-cap → [execute]
+    const injectionAction = policy.injection_detection === 'warn'
+        ? 'warn'
+        : 'block';
+    const rateLimiter = new RateLimiter(gatewayConfig);
+    const circuitBreaker = new CircuitBreaker();
     const middlewares = [
         createAuditMiddleware(baseDir, policy),
         createSessionMiddleware(),
@@ -41,13 +58,22 @@ export async function startGateway(options) {
         createTierMiddleware(gatewayConfig),
         createPolicyMiddleware(policy, gatewayConfig, baseDir),
         createBlockedPathsMiddleware(policy, baseDir),
+        createRateLimitMiddleware(rateLimiter),
+        createCircuitBreakerMiddleware(circuitBreaker),
         redactMiddleware,
+        createInjectionMiddleware(injectionAction),
+        createResultSizeCapMiddleware(gatewayConfig),
     ];
     // Create gateway MCP server
     const gateway = new McpServer({ name: 'reagent', version: getPkgVersion() }, { capabilities: { tools: {} } });
     // Connect to downstream servers
     const clientManager = new ClientManager();
     await clientManager.connectAll(gatewayConfig);
+    // Detect tool name collisions before accepting connections (GHSA-4j9r)
+    const { collisions } = await detectToolCollisions(clientManager);
+    if (collisions.length > 0) {
+        console.error(`[reagent] ${collisions.length} tool name collision(s) detected — shadowed tools will be registered with server-prefixed names`);
+    }
     // Register native (first-party) tools
     const nativeCount = registerNativeTools(gateway, baseDir, middlewares);
     // Discover and register proxied tools

package/dist/gateway/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,4BAA4B,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAOxD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAqB;IACtD,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAE5B,qBAAqB;IACrB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEjD,OAAO,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,cAAc,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChG,OAAO,CAAC,KAAK,CACX,sBAAsB,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,uBAAuB,CACvF,CAAC;IAEF,yBAAyB;IACzB,6FAA6F;IAC7F,2FAA2F;IAC3F,oGAAoG;IACpG,MAAM,WAAW,GAAiB;QAChC,qBAAqB,CAAC,OAAO,EAAE,MAAM,CAAC;QACtC,uBAAuB,EAAE;QACzB,0BAA0B,CAAC,OAAO,CAAC;QACnC,oBAAoB,CAAC,aAAa,CAAC;QACnC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,4BAA4B,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7C,gBAAgB;KACjB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,OAAO,GAAG,IAAI,SAAS,CAC3B,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAC7C,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;IAEF,gCAAgC;IAChC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;IAC1C,MAAM,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAE9C,sCAAsC;IACtC,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IAEvE,sCAAsC;IACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,mBAAmB,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAC5F,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,CAAC;IAE3C,OAAO,CAAC,KAAK,CACX,4BAA4B,SAAS,sBAAsB,WAAW,YAAY,UAAU,WAAW,CACxG,CAAC;IAEF,kBAAkB;IAClB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEjC,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAEjD,sDAAsD;IACtD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,IAAI,YAAY;YAAE,OAAO;QACzB,YAAY,GAAG,IAAI,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,aAAa,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,2CAA2C,EAC3C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,uCAAuC,EACvC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,4BAA4B,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAC;AAChF,OAAO,EAAE,yBAAyB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,iCAAiC,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAO/D;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAqB;IACtD,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAE5B,qBAAqB;IACrB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEjD,OAAO,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,cAAc,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChG,OAAO,CAAC,KAAK,CACX,sBAAsB,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,uBAAuB,CACvF,CAAC;IAEF,yBAAyB;IACzB,6FAA6F;IAC7F,2FAA2F;IAC3F,uGAAuG;IACvG,gGAAgG;IAChG,wGAAwG;IACxG,sGAAsG;IACtG,0FAA0F;IAC1F,iKAAiK;IACjK,MAAM,eAAe,GAClB,MAA6C,CAAC,mBAAmB,KAAK,MAAM;QAC3E,CAAC,CAAE,MAAgB;QACnB,CAAC,CAAE,OAAiB,CAAC;IAEzB,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,aAAa,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;IAE5C,MAAM,WAAW,GAAiB;QAChC,qBAAqB,CAAC,OAAO,EAAE,MAAM,CAAC;QACtC,uBAAuB,EAAE;QACzB,0BAA0B,CAAC,OAAO,CAAC;QACnC,oBAAoB,CAAC,aAAa,CAAC;QACnC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,4BAA4B,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7C,yBAAyB,CAAC,WAAW,CAAC;QACtC,8BAA8B,CAAC,cAAc,CAAC;QAC9C,gBAAgB;QAChB,yBAAyB,CAAC,eAAe,CAAC;QAC1C,6BAA6B,CAAC,aAAa,CAAC;KAC7C,CAAC;IAEF,4BAA4B;IAC5B,MAAM,OAAO,GAAG,IAAI,SAAS,CAC3B,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAC7C,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;IAEF,gCAAgC;IAChC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;IAC1C,MAAM,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAE9C,uEAAuE;IACvE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,oBAAoB,CAAC,aAAa,CAAC,CAAC;IACjE,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CACX,aAAa,UAAU,CAAC,MAAM,iGAAiG,CAChI,CAAC;IACJ,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IAEvE,sCAAsC;IACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,mBAAmB,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAC5F,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,CAAC;IAE3C,OAAO,CAAC,KAAK,CACX,4BAA4B,SAAS,sBAAsB,WAAW,YAAY,UAAU,WAAW,CACxG,CAAC;IAEF,kBAAkB;IAClB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEjC,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAEjD,sDAAsD;IACtD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,IAAI,YAAY;YAAE,OAAO;QACzB,YAAY,GAAG,IAAI,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,aAAa,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,2CAA2C,EAC3C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,uCAAuC,EACvC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC"}