@cdot65/prisma-airs 0.3.0-alpha.0 → 0.3.0

package/README.md

@@ -122,8 +122,6 @@ Each security feature supports three modes:
 - `prisma_airs_scan_response` — replaces outbound scanning
 - `prisma_airs_check_tool_safety` — replaces tool gating
 
-**Backward compatibility**: Old boolean flags (`audit_enabled`, `context_injection_enabled`, etc.) still work. `true` maps to `deterministic`, `false` maps to `off`. New `*_mode` fields take precedence.
-
 **`fail_closed` constraint**: When `fail_closed=true` (default), all features must be `deterministic` or `off`. Probabilistic mode is rejected because the model might skip scanning.
 
 ## Usage

package/hooks/prisma-airs-audit/HOOK.md

@@ -42,6 +42,6 @@ This hook runs asynchronously on every inbound message. It:
 
 Controlled by plugin config:
 
-- `audit_enabled`: Enable/disable audit logging (default: true)
+- `audit_mode`: Scanning mode (default: `deterministic`). Options: `deterministic` / `probabilistic` / `off`
 - `profile_name`: AIRS profile to use for scanning
 - `app_name`: Application name for scan metadata

package/hooks/prisma-airs-audit/handler.ts

@@ -41,7 +41,6 @@ interface PluginConfig {
     entries?: {
       "prisma-airs"?: {
         config?: {
-          audit_enabled?: boolean;
           profile_name?: string;
           app_name?: string;
           api_key?: string;
@@ -64,7 +63,7 @@ function getPluginConfig(ctx: HookContext & { cfg?: PluginConfig }): {
 } {
   const cfg = ctx.cfg?.plugins?.entries?.["prisma-airs"]?.config;
   return {
-    enabled: cfg?.audit_enabled !== false,
+    enabled: true,
     profileName: cfg?.profile_name ?? "default",
     appName: cfg?.app_name ?? "openclaw",
     apiKey: cfg?.api_key ?? "",

package/hooks/prisma-airs-context/HOOK.md

@@ -37,5 +37,5 @@ The hook provides category-specific instructions to the agent:
 
 ## Configuration
 
-- `context_injection_enabled`: Enable/disable (default: true)
+- `context_injection_mode`: Scanning mode (default: `deterministic`). Options: `deterministic` / `probabilistic` / `off`
 - `fail_closed`: Block on scan failure (default: true)

package/hooks/prisma-airs-context/handler.ts

@@ -47,7 +47,6 @@ interface PluginConfig {
     entries?: {
       "prisma-airs"?: {
         config?: {
-          context_injection_enabled?: boolean;
           profile_name?: string;
           app_name?: string;
           api_key?: string;
@@ -145,7 +144,7 @@ function getPluginConfig(ctx: HookContext): {
 } {
   const cfg = ctx.cfg?.plugins?.entries?.["prisma-airs"]?.config;
   return {
-    enabled: cfg?.context_injection_enabled !== false,
+    enabled: true,
     profileName: cfg?.profile_name ?? "default",
     appName: cfg?.app_name ?? "openclaw",
     apiKey: cfg?.api_key ?? "",

package/hooks/prisma-airs-guard/HOOK.md

@@ -28,7 +28,7 @@ Enable/disable via plugin config:
 plugins:
   prisma-airs:
     config:
-      reminder_enabled: true # default
+      reminder_mode: "on" # default ("on" / "off")
 ```
 
 ## Requirements

package/hooks/prisma-airs-guard/handler.test.ts

@@ -60,27 +60,6 @@ describe("prisma-airs-guard hook", () => {
     expect(files[1].path).toBe("SECURITY.md");
   });
 
-  it("does not inject when reminder_enabled is false", async () => {
-    const event: TestEvent = {
-      type: "agent",
-      action: "bootstrap",
-      context: {
-        bootstrapFiles: [],
-        cfg: {
-          plugins: {
-            entries: {
-              "prisma-airs": { config: { reminder_enabled: false } },
-            },
-          },
-        },
-      },
-    };
-
-    await handler(event);
-
-    expect(event.context!.bootstrapFiles).toHaveLength(0);
-  });
-
   it("ignores non-bootstrap events", async () => {
     const event: TestEvent = {
       type: "agent",
@@ -158,7 +137,7 @@ describe("prisma-airs-guard hook", () => {
     expect(event.context!.bootstrapFiles).toHaveLength(0);
   });
 
-  it("reminder_mode takes precedence over reminder_enabled", async () => {
+  it("injects when reminder_mode is on", async () => {
     const event: TestEvent = {
       type: "agent",
       action: "bootstrap",
@@ -168,7 +147,7 @@ describe("prisma-airs-guard hook", () => {
           plugins: {
             entries: {
               "prisma-airs": {
-                config: { reminder_mode: "on", reminder_enabled: false },
+                config: { reminder_mode: "on" },
               },
             },
           },

package/hooks/prisma-airs-guard/handler.ts

@@ -161,11 +161,9 @@ const handler: HookHandler = async (event: HookEvent) => {
   const pluginSettings = prismaConfig?.config as Record<string, unknown> | undefined;
 
   // Check if reminder is enabled (default true)
-  // Support both new reminder_mode and deprecated reminder_enabled
   const reminderMode = pluginSettings?.reminder_mode as string | undefined;
-  const reminderEnabled = pluginSettings?.reminder_enabled as boolean | undefined;
 
-  if (reminderMode === "off" || (reminderMode === undefined && reminderEnabled === false)) {
+  if (reminderMode === "off") {
     return;
   }
 

package/hooks/prisma-airs-outbound/HOOK.md

@@ -38,6 +38,6 @@ Masked patterns include:
 
 ## Configuration
 
-- `outbound_scanning_enabled`: Enable/disable (default: true)
+- `outbound_mode`: Scanning mode (default: `deterministic`). Options: `deterministic` / `probabilistic` / `off`
 - `fail_closed`: Block on scan failure (default: true)
 - `dlp_mask_only`: Mask DLP instead of blocking (default: true)

package/hooks/prisma-airs-outbound/handler.test.ts

@@ -61,7 +61,6 @@ describe("prisma-airs-outbound handler", () => {
         entries: {
           "prisma-airs": {
             config: {
-              outbound_scanning_enabled: true,
               profile_name: "default",
               app_name: "test-app",
               api_key: "test-api-key",
@@ -299,29 +298,6 @@ describe("prisma-airs-outbound handler", () => {
     });
   });
 
-  describe("disabled scanning", () => {
-    it("should skip scanning when disabled", async () => {
-      const ctxDisabled = {
-        ...baseCtx,
-        cfg: {
-          plugins: {
-            entries: {
-              "prisma-airs": {
-                config: {
-                  outbound_scanning_enabled: false,
-                },
-              },
-            },
-          },
-        },
-      };
-
-      const result = await handler(baseEvent, ctxDisabled);
-      expect(result).toBeUndefined();
-      expect(mockScan).not.toHaveBeenCalled();
-    });
-  });
-
   describe("empty content", () => {
     it("should skip empty content", async () => {
       const emptyEvent = { ...baseEvent, content: "" };

package/hooks/prisma-airs-outbound/handler.ts

@@ -40,7 +40,6 @@ interface PluginConfig {
     entries?: {
       "prisma-airs"?: {
         config?: {
-          outbound_scanning_enabled?: boolean;
           profile_name?: string;
           app_name?: string;
           api_key?: string;
@@ -129,7 +128,7 @@ function getPluginConfig(ctx: HookContext): {
 } {
   const cfg = ctx.cfg?.plugins?.entries?.["prisma-airs"]?.config;
   return {
-    enabled: cfg?.outbound_scanning_enabled !== false,
+    enabled: true,
     profileName: cfg?.profile_name ?? "default",
     appName: cfg?.app_name ?? "openclaw",
     apiKey: cfg?.api_key ?? "",

package/hooks/prisma-airs-tools/HOOK.md

@@ -36,5 +36,5 @@ These tools are blocked on ANY detected threat:
 
 ## Configuration
 
-- `tool_gating_enabled`: Enable/disable (default: true)
+- `tool_gating_mode`: Scanning mode (default: `deterministic`). Options: `deterministic` / `probabilistic` / `off`
 - `high_risk_tools`: List of tools to block on any threat

package/hooks/prisma-airs-tools/handler.ts

@@ -30,7 +30,6 @@ interface PluginConfig {
     entries?: {
       "prisma-airs"?: {
         config?: {
-          tool_gating_enabled?: boolean;
           high_risk_tools?: string[];
           api_key?: string;
         };
@@ -149,7 +148,7 @@ function getPluginConfig(ctx: HookContext): {
 } {
   const cfg = ctx.cfg?.plugins?.entries?.["prisma-airs"]?.config;
   return {
-    enabled: cfg?.tool_gating_enabled !== false,
+    enabled: true,
     highRiskTools: cfg?.high_risk_tools ?? DEFAULT_HIGH_RISK_TOOLS,
   };
 }

package/index.ts

@@ -419,7 +419,7 @@ export default function register(api: PluginApi): void {
     const hasApiKey = isConfigured(cfg.api_key);
     respond(true, {
       plugin: "prisma-airs",
-      version: "0.3.0-alpha.0",
+      version: "0.3.0",
       modes,
       config: {
         profile_name: cfg.profile_name ?? "default",
@@ -511,7 +511,7 @@ export default function register(api: PluginApi): void {
           const hasKey = isConfigured(cfg.api_key);
           console.log("Prisma AIRS Plugin Status");
           console.log("-------------------------");
-          console.log(`Version: 0.3.0-alpha.0`);
+          console.log(`Version: 0.3.0`);
           console.log(`Profile: ${cfg.profile_name ?? "default"}`);
           console.log(`App Name: ${cfg.app_name ?? "openclaw"}`);
           console.log(`Modes:`);
@@ -567,7 +567,7 @@ export default function register(api: PluginApi): void {
 // Export plugin metadata for discovery
 export const id = "prisma-airs";
 export const name = "Prisma AIRS Security";
-export const version = "0.3.0-alpha.0";
+export const version = "0.3.0";
 
 // Re-export scanner types and functions
 export { scan, isConfigured } from "./src/scanner";

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "prisma-airs",
   "name": "Prisma AIRS Security",
   "description": "AI Runtime Security - full AIRS detection suite with audit logging, context injection, outbound blocking, and tool gating",
-  "version": "0.3.0-alpha.0",
+  "version": "0.3.0",
   "entrypoint": "index.ts",
   "hooks": [
     "hooks/prisma-airs-guard",
@@ -55,36 +55,6 @@
         "default": "deterministic",
         "description": "Tool gating mode: deterministic (hook, always gate), probabilistic (tool, model decides), or off"
       },
-      "reminder_enabled": {
-        "type": "boolean",
-        "default": true,
-        "description": "DEPRECATED: Use reminder_mode instead. Inject security scanning reminder on agent bootstrap",
-        "deprecated": true
-      },
-      "audit_enabled": {
-        "type": "boolean",
-        "default": true,
-        "description": "DEPRECATED: Use audit_mode instead. Enable audit logging of all inbound messages",
-        "deprecated": true
-      },
-      "context_injection_enabled": {
-        "type": "boolean",
-        "default": true,
-        "description": "DEPRECATED: Use context_injection_mode instead. Inject security warnings into agent context",
-        "deprecated": true
-      },
-      "outbound_scanning_enabled": {
-        "type": "boolean",
-        "default": true,
-        "description": "DEPRECATED: Use outbound_mode instead. Enable scanning and blocking of outbound responses",
-        "deprecated": true
-      },
-      "tool_gating_enabled": {
-        "type": "boolean",
-        "default": true,
-        "description": "DEPRECATED: Use tool_gating_mode instead. Block dangerous tools when threats are detected",
-        "deprecated": true
-      },
       "fail_closed": {
         "type": "boolean",
         "default": true,
@@ -152,26 +122,6 @@
       "label": "Tool Gating Mode",
       "description": "deterministic: always gate tool calls via hook; probabilistic: model checks tool safety via tool; off: disabled"
     },
-    "reminder_enabled": {
-      "label": "Enable Bootstrap Reminder (deprecated)",
-      "description": "DEPRECATED: Use reminder_mode instead"
-    },
-    "audit_enabled": {
-      "label": "Enable Audit Logging (deprecated)",
-      "description": "DEPRECATED: Use audit_mode instead"
-    },
-    "context_injection_enabled": {
-      "label": "Enable Context Injection (deprecated)",
-      "description": "DEPRECATED: Use context_injection_mode instead"
-    },
-    "outbound_scanning_enabled": {
-      "label": "Enable Outbound Scanning (deprecated)",
-      "description": "DEPRECATED: Use outbound_mode instead"
-    },
-    "tool_gating_enabled": {
-      "label": "Enable Tool Gating (deprecated)",
-      "description": "DEPRECATED: Use tool_gating_mode instead"
-    },
     "fail_closed": {
       "label": "Fail Closed",
       "description": "Block on scan failure (recommended for security)"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cdot65/prisma-airs",
-  "version": "0.3.0-alpha.0",
+  "version": "0.3.0",
   "description": "Prisma AIRS (AI Runtime Security) plugin for OpenClaw - Full security suite with audit logging, context injection, outbound blocking, and tool gating",
   "type": "module",
   "main": "index.ts",

package/src/config.test.ts

@@ -6,59 +6,37 @@ import { describe, it, expect } from "vitest";
 import { resolveMode, resolveReminderMode, resolveAllModes } from "./config";
 
 describe("resolveMode", () => {
-  it("returns default when both undefined", () => {
-    expect(resolveMode(undefined, undefined)).toBe("deterministic");
+  it("returns default when undefined", () => {
+    expect(resolveMode(undefined)).toBe("deterministic");
   });
 
   it("returns custom default", () => {
-    expect(resolveMode(undefined, undefined, "off")).toBe("off");
-  });
-
-  it("mode string takes precedence over boolean", () => {
-    expect(resolveMode("probabilistic", true)).toBe("probabilistic");
-    expect(resolveMode("off", true)).toBe("off");
-    expect(resolveMode("deterministic", false)).toBe("deterministic");
-  });
-
-  it("falls back to boolean when mode undefined", () => {
-    expect(resolveMode(undefined, true)).toBe("deterministic");
-    expect(resolveMode(undefined, false)).toBe("off");
-  });
-
-  it("ignores invalid mode string and falls back to boolean", () => {
-    expect(resolveMode("invalid", true)).toBe("deterministic");
-    expect(resolveMode("invalid", false)).toBe("off");
+    expect(resolveMode(undefined, "off")).toBe("off");
   });
 
   it("ignores invalid mode string and falls back to default", () => {
-    expect(resolveMode("invalid", undefined)).toBe("deterministic");
+    expect(resolveMode("invalid")).toBe("deterministic");
   });
 
   it("accepts all valid mode values", () => {
-    expect(resolveMode("deterministic", undefined)).toBe("deterministic");
-    expect(resolveMode("probabilistic", undefined)).toBe("probabilistic");
-    expect(resolveMode("off", undefined)).toBe("off");
+    expect(resolveMode("deterministic")).toBe("deterministic");
+    expect(resolveMode("probabilistic")).toBe("probabilistic");
+    expect(resolveMode("off")).toBe("off");
   });
 });
 
 describe("resolveReminderMode", () => {
-  it("returns default when both undefined", () => {
-    expect(resolveReminderMode(undefined, undefined)).toBe("on");
+  it("returns default when undefined", () => {
+    expect(resolveReminderMode(undefined)).toBe("on");
   });
 
-  it("mode string takes precedence", () => {
-    expect(resolveReminderMode("off", true)).toBe("off");
-    expect(resolveReminderMode("on", false)).toBe("on");
-  });
-
-  it("falls back to boolean", () => {
-    expect(resolveReminderMode(undefined, true)).toBe("on");
-    expect(resolveReminderMode(undefined, false)).toBe("off");
+  it("resolves valid mode values", () => {
+    expect(resolveReminderMode("off")).toBe("off");
+    expect(resolveReminderMode("on")).toBe("on");
   });
 
   it("ignores invalid mode string", () => {
-    expect(resolveReminderMode("invalid", true)).toBe("on");
-    expect(resolveReminderMode("invalid", undefined)).toBe("on");
+    expect(resolveReminderMode("invalid")).toBe("on");
   });
 });
 
@@ -92,33 +70,6 @@ describe("resolveAllModes", () => {
     });
   });
 
-  it("resolves deprecated booleans", () => {
-    const modes = resolveAllModes({
-      reminder_enabled: false,
-      audit_enabled: false,
-      context_injection_enabled: true,
-      outbound_scanning_enabled: false,
-      tool_gating_enabled: true,
-      fail_closed: false,
-    });
-    expect(modes).toEqual({
-      reminder: "off",
-      audit: "off",
-      context: "deterministic",
-      outbound: "off",
-      toolGating: "deterministic",
-    });
-  });
-
-  it("new mode takes precedence over deprecated boolean", () => {
-    const modes = resolveAllModes({
-      audit_mode: "probabilistic",
-      audit_enabled: false, // would be "off", but mode overrides
-      fail_closed: false,
-    });
-    expect(modes.audit).toBe("probabilistic");
-  });
-
   it("throws when fail_closed=true with probabilistic audit", () => {
     expect(() =>
       resolveAllModes({

package/src/config.ts

@@ -1,7 +1,7 @@
 /**
  * Configuration mode resolution for Prisma AIRS plugin.
  *
- * Maps new tri-state mode enums + deprecated boolean flags to resolved modes.
+ * Maps tri-state mode enums to resolved modes.
  */
 
 export type FeatureMode = "deterministic" | "probabilistic" | "off";
@@ -17,19 +17,11 @@ export interface ResolvedModes {
 
 /** Raw plugin config (from openclaw.plugin.json) */
 export interface RawPluginConfig {
-  // New mode fields
   reminder_mode?: string;
   audit_mode?: string;
   context_injection_mode?: string;
   outbound_mode?: string;
   tool_gating_mode?: string;
-  // Deprecated boolean fields
-  reminder_enabled?: boolean;
-  audit_enabled?: boolean;
-  context_injection_enabled?: boolean;
-  outbound_scanning_enabled?: boolean;
-  tool_gating_enabled?: boolean;
-  // Other config
   fail_closed?: boolean;
   [key: string]: unknown;
 }
@@ -38,36 +30,26 @@ const VALID_FEATURE_MODES: FeatureMode[] = ["deterministic", "probabilistic", "o
 const VALID_REMINDER_MODES: ReminderMode[] = ["on", "off"];
 
 /**
- * Resolve a single feature mode from new mode string + deprecated boolean.
- * New mode field takes precedence when both are set.
+ * Resolve a single feature mode from mode string.
  */
 export function resolveMode(
   modeValue: string | undefined,
-  enabledValue: boolean | undefined,
   defaultMode: FeatureMode = "deterministic"
 ): FeatureMode {
-  // New mode field takes precedence
   if (modeValue !== undefined) {
     if (VALID_FEATURE_MODES.includes(modeValue as FeatureMode)) {
       return modeValue as FeatureMode;
     }
-    // Invalid value → fall through to boolean/default
-  }
-
-  // Deprecated boolean fallback
-  if (enabledValue !== undefined) {
-    return enabledValue ? "deterministic" : "off";
   }
 
   return defaultMode;
 }
 
 /**
- * Resolve reminder mode from new mode string + deprecated boolean.
+ * Resolve reminder mode from mode string.
  */
 export function resolveReminderMode(
   modeValue: string | undefined,
-  enabledValue: boolean | undefined,
   defaultMode: ReminderMode = "on"
 ): ReminderMode {
   if (modeValue !== undefined) {
@@ -76,10 +58,6 @@ export function resolveReminderMode(
     }
   }
 
-  if (enabledValue !== undefined) {
-    return enabledValue ? "on" : "off";
-  }
-
   return defaultMode;
 }
 
@@ -89,11 +67,11 @@ export function resolveReminderMode(
  */
 export function resolveAllModes(config: RawPluginConfig): ResolvedModes {
   const modes: ResolvedModes = {
-    reminder: resolveReminderMode(config.reminder_mode, config.reminder_enabled),
-    audit: resolveMode(config.audit_mode, config.audit_enabled),
-    context: resolveMode(config.context_injection_mode, config.context_injection_enabled),
-    outbound: resolveMode(config.outbound_mode, config.outbound_scanning_enabled),
-    toolGating: resolveMode(config.tool_gating_mode, config.tool_gating_enabled),
+    reminder: resolveReminderMode(config.reminder_mode),
+    audit: resolveMode(config.audit_mode),
+    context: resolveMode(config.context_injection_mode),
+    outbound: resolveMode(config.outbound_mode),
+    toolGating: resolveMode(config.tool_gating_mode),
   };
 
   // Validate: fail_closed + probabilistic is not allowed