@clampd/sdk 0.13.0 → 0.13.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/interceptor.d.ts +8 -1
- package/dist/interceptor.d.ts.map +1 -1
- package/dist/interceptor.js +25 -5
- package/dist/interceptor.js.map +1 -1
- package/dist/langchain.d.ts.map +1 -1
- package/dist/langchain.js +27 -4
- package/dist/langchain.js.map +1 -1
- package/package.json +1 -1
package/dist/interceptor.d.ts
CHANGED
|
@@ -81,6 +81,10 @@ export interface WrapFunctionOptions<TArgs extends unknown[]> {
|
|
|
81
81
|
blockOnDeny?: boolean;
|
|
82
82
|
/** Optional prompt context forwarded to the gateway. */
|
|
83
83
|
promptContext?: string;
|
|
84
|
+
/** Tool description — used to compute descriptor_hash for rug-pull detection. */
|
|
85
|
+
description?: string;
|
|
86
|
+
/** JSON Schema of tool parameters — used to compute descriptor_hash. */
|
|
87
|
+
paramSchema?: Record<string, unknown>;
|
|
84
88
|
}
|
|
85
89
|
/**
|
|
86
90
|
* Wrap any async function so every invocation first passes through the
|
|
@@ -166,7 +170,10 @@ export declare class ClampdGuard {
|
|
|
166
170
|
* @returns An object containing both the function result and the raw
|
|
167
171
|
* `ProxyResponse` from the gateway.
|
|
168
172
|
*/
|
|
169
|
-
execute<T>(tool: string, params: Record<string, unknown>, fn: () => Promise<T>, targetUrl?: string
|
|
173
|
+
execute<T>(tool: string, params: Record<string, unknown>, fn: () => Promise<T>, targetUrl?: string, opts?: {
|
|
174
|
+
description?: string;
|
|
175
|
+
paramSchema?: Record<string, unknown>;
|
|
176
|
+
}): Promise<{
|
|
170
177
|
result: T;
|
|
171
178
|
proxyResponse: ProxyResponse;
|
|
172
179
|
}>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interceptor.d.ts","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"interceptor.d.ts","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAM/D;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,UAAU,CAAC;IACjB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID;;;GAGG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,SAAgB,QAAQ,EAAE,aAAa,CAAC;IACxC,SAAgB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvC,SAAgB,YAAY,EAAE,MAAM,EAAE,CAAC;gBAE3B,QAAQ,EAAE,aAAa;CAgBpC;AAID,MAAM,WAAW,mBAAmB,CAAC,KAAK,SAAS,OAAO,EAAE;IAC1D,6CAA6C;IAC7C,MAAM,EAAE,YAAY,CAAC;IAErB,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;;;;;OAQG;IACH,cAAc,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE7D;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,wDAAwD;IACxD,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,iFAAiF;IACjF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wEAAwE;IACxE,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACvC;AA0BD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,YAAY,CAAC,KAAK,SAAS,OAAO,EAAE,EAAE,OAAO,EAC3D,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,EACxC,IAAI,EAAE,mBAAmB,CAAC,KAAK,CAAC,GAC/B,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CA6CtC;AAID,MAAM,WAAW,sBAAsB;IACrC,6CAA6C;IAC7C,MAAM,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,UAAU,EAAE,EACnB,IAAI,EAAE,sBAAsB,GAC3B,UAAU,EAAE,CAgDd;AAID,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IACtC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;gBAE9B,MAAM,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,kBAAkB;IAK3D;;;OAGG;IACG,KAAK,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,OAAO,CAAC,aAAa,CAAC;IAIzB;;;;;;;;OAQG;IACG,OAAO,CAAC,CAAC,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACpB,SAAS,CAAC,EAAE,MAAM,EAClB,IAAI,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GACrE,OAAO,CAAC;QAAE,MAAM,EAAE,CAAC,CAAC;QAAC,aAAa,EAAE,aAAa,CAAA;KAAE,CAAC;CAiCxD"}
|
package/dist/interceptor.js
CHANGED
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
*
|
|
11
11
|
* No external dependencies — pure TypeScript.
|
|
12
12
|
*/
|
|
13
|
+
import { contractHash } from "./contract-hash.js";
|
|
13
14
|
import { setScopeToken, withScopeToken } from "./tool-verify.js";
|
|
14
15
|
// ── Error ─────────────────────────────────────────────────────────
|
|
15
16
|
/**
|
|
@@ -71,12 +72,19 @@ function defaultExtractParams(args) {
|
|
|
71
72
|
* ```
|
|
72
73
|
*/
|
|
73
74
|
export function wrapFunction(fn, opts) {
|
|
74
|
-
const { client, toolName, targetUrl = "", paramExtractor, blockOnDeny = true, promptContext, } = opts;
|
|
75
|
+
const { client, toolName, targetUrl = "", paramExtractor, blockOnDeny = true, promptContext, description, paramSchema, } = opts;
|
|
76
|
+
const descriptorHash = description !== undefined || paramSchema !== undefined
|
|
77
|
+
? contractHash({
|
|
78
|
+
name: toolName,
|
|
79
|
+
description: description ?? "",
|
|
80
|
+
parameters: paramSchema ?? {},
|
|
81
|
+
})
|
|
82
|
+
: undefined;
|
|
75
83
|
return async (...args) => {
|
|
76
84
|
const params = paramExtractor
|
|
77
85
|
? paramExtractor(...args)
|
|
78
86
|
: defaultExtractParams(args);
|
|
79
|
-
const proxyRes = await client.proxy(toolName, params, targetUrl, promptContext);
|
|
87
|
+
const proxyRes = await client.proxy(toolName, params, targetUrl, promptContext, descriptorHash);
|
|
80
88
|
if (!proxyRes.allowed && blockOnDeny) {
|
|
81
89
|
throw new ClampdBlockedError(proxyRes);
|
|
82
90
|
}
|
|
@@ -106,8 +114,13 @@ export function wrapOpenAITools(tools, opts) {
|
|
|
106
114
|
if (typeof originalExecute !== "function") {
|
|
107
115
|
return tool;
|
|
108
116
|
}
|
|
117
|
+
const descriptorHash = contractHash({
|
|
118
|
+
name: tool.function.name,
|
|
119
|
+
description: tool.function.description ?? "",
|
|
120
|
+
parameters: tool.function.parameters ?? {},
|
|
121
|
+
});
|
|
109
122
|
const wrappedExecute = async (args) => {
|
|
110
|
-
const proxyRes = await client.proxy(tool.function.name, args, targetUrl);
|
|
123
|
+
const proxyRes = await client.proxy(tool.function.name, args, targetUrl, undefined, descriptorHash);
|
|
111
124
|
if (!proxyRes.allowed && blockOnDeny) {
|
|
112
125
|
throw new ClampdBlockedError(proxyRes);
|
|
113
126
|
}
|
|
@@ -169,9 +182,16 @@ export class ClampdGuard {
|
|
|
169
182
|
* @returns An object containing both the function result and the raw
|
|
170
183
|
* `ProxyResponse` from the gateway.
|
|
171
184
|
*/
|
|
172
|
-
async execute(tool, params, fn, targetUrl) {
|
|
185
|
+
async execute(tool, params, fn, targetUrl, opts) {
|
|
173
186
|
const url = targetUrl ?? this.defaultTargetUrl;
|
|
174
|
-
const
|
|
187
|
+
const descriptorHash = opts && (opts.description !== undefined || opts.paramSchema !== undefined)
|
|
188
|
+
? contractHash({
|
|
189
|
+
name: tool,
|
|
190
|
+
description: opts.description ?? "",
|
|
191
|
+
parameters: opts.paramSchema ?? {},
|
|
192
|
+
})
|
|
193
|
+
: undefined;
|
|
194
|
+
const proxyResponse = await this.client.proxy(tool, params, url, undefined, descriptorHash);
|
|
175
195
|
if (!proxyResponse.allowed) {
|
|
176
196
|
throw new ClampdBlockedError(proxyResponse);
|
|
177
197
|
}
|
package/dist/interceptor.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interceptor.js","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAuCjE,qEAAqE;AAErE;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAC3B,QAAQ,CAAgB;IACxB,YAAY,CAAW;IACvB,YAAY,CAAW;IAEvC,YAAY,QAAuB;QACjC,MAAM,KAAK,GAAG;YACZ,YAAY,QAAQ,CAAC,aAAa,IAAI,gBAAgB,UAAU,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SAClG,CAAC;QACF,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,UAAU,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;IACnD,CAAC;CACF;
|
|
1
|
+
{"version":3,"file":"interceptor.js","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAuCjE,qEAAqE;AAErE;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAC3B,QAAQ,CAAgB;IACxB,YAAY,CAAW;IACvB,YAAY,CAAW;IAEvC,YAAY,QAAuB;QACjC,MAAM,KAAK,GAAG;YACZ,YAAY,QAAQ,CAAC,aAAa,IAAI,gBAAgB,UAAU,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SAClG,CAAC;QACF,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,UAAU,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;IACnD,CAAC;CACF;AA2CD;;;GAGG;AACH,SAAS,oBAAoB,CAAC,IAAe;IAC3C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IACE,MAAM,KAAK,IAAI;YACf,OAAO,MAAM,KAAK,QAAQ;YAC1B,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EACtB,CAAC;YACD,OAAO,MAAiC,CAAC;QAC3C,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,YAAY,CAC1B,EAAwC,EACxC,IAAgC;IAEhC,MAAM,EACJ,MAAM,EACN,QAAQ,EACR,SAAS,GAAG,EAAE,EACd,cAAc,EACd,WAAW,GAAG,IAAI,EAClB,aAAa,EACb,WAAW,EACX,WAAW,GACZ,GAAG,IAAI,CAAC;IAET,MAAM,cAAc,GAClB,WAAW,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS;QACpD,CAAC,CAAC,YAAY,CAAC;YACX,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,WAAW,IAAI,EAAE;YAC9B,UAAU,EAAG,WAAsB,IAAI,EAAE;SAC1C,CAAC;QACJ,CAAC,CAAC,SAAS,CAAC;IAEhB,OAAO,KAAK,EAAE,GAAG,IAAW,EAAoB,EAAE;QAChD,MAAM,MAAM,GAAG,cAAc;YAC3B,CAAC,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC;YACzB,CAAC,CAAC,oBAAoB,CAAC,IAAiB,CAAC,CAAC;QAE5C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CACjC,QAAQ,EACR,MAAM,EACN,SAAS,EACT,aAAa,EACb,cAAc,CACf,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;YACrC,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,kEAAkE;QAClE,IAAI,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,aAAa,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YACpC,OAAO,cAAc,CAAC,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QACjE,CAAC;QACD,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACrB,CAAC,CAAC;AACJ,CAAC;AAqBD;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAmB,EACnB,IAA4B;IAE5B,MAAM,EAAE,MAAM,EAAE,SAAS,GAAG,EAAE,EAAE,WAAW,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;IAE5D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;QAE9C,oEAAoE;QACpE,IAAI,OAAO,eAAe,KAAK,UAAU,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,cAAc,GAAG,YAAY,CAAC;YAClC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;YACxB,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE;YAC5C,UAAU,EAAG,IAAI,CAAC,QAAQ,CAAC,UAAqB,IAAI,EAAE;SACvD,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,KAAK,EAC1B,IAA6B,EACX,EAAE;YACpB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CACjC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAClB,IAAI,EACJ,SAAS,EACT,SAAS,EACT,cAAc,CACf,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;gBACrC,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC7C,aAAa,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;gBACpC,OAAO,cAAc,CAAC,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC,CAAC;QAEF,gEAAgE;QAChE,OAAO;YACL,GAAG,IAAI;YACP,QAAQ,EAAE;gBACR,GAAG,IAAI,CAAC,QAAQ;gBAChB,OAAO,EAAE,cAAc;aACxB;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAYD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,WAAW;IACL,MAAM,CAAe;IACrB,gBAAgB,CAAS;IAE1C,YAAY,MAAoB,EAAE,IAAyB;QACzD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,gBAAgB,GAAG,IAAI,EAAE,gBAAgB,IAAI,EAAE,CAAC;IACvD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CACT,IAAY,EACZ,MAA+B;QAE/B,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,OAAO,CACX,IAAY,EACZ,MAA+B,EAC/B,EAAoB,EACpB,SAAkB,EAClB,IAAsE;QAEtE,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAE/C,MAAM,cAAc,GAClB,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,KAAK,SAAS,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC;YACxE,CAAC,CAAC,YAAY,CAAC;gBACX,IAAI,EAAE,IAAI;gBACV,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;gBACnC,UAAU,EAAG,IAAI,CAAC,WAAsB,IAAI,EAAE;aAC/C,CAAC;YACJ,CAAC,CAAC,SAAS,CAAC;QAEhB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAC3C,IAAI,EACJ,MAAM,EACN,GAAG,EACH,SAAS,EACT,cAAc,CACf,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,kBAAkB,CAAC,aAAa,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,aAAa,CAAC,WAAW,EAAE,CAAC;YAC9B,aAAa,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YACzC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,aAAa,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACnE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;QACnC,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAC;QAC1B,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACnC,CAAC;CACF"}
|
package/dist/langchain.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"langchain.d.ts","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAsB,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"langchain.d.ts","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAsB,MAAM,aAAa,CAAC;AAkC/D,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,YAAY,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID;;;;;;;;GAQG;AACH,wBAAsB,wBAAwB,CAC5C,IAAI,EAAE,yBAAyB;;;WAsCI,MAAM;;;uCAyB1C"}
|
package/dist/langchain.js
CHANGED
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
*
|
|
7
7
|
* Requires @langchain/core as a peer dependency.
|
|
8
8
|
*/
|
|
9
|
+
import { contractHash } from "./contract-hash.js";
|
|
9
10
|
// ── Lazy imports with helpful errors ───────────────────────────────
|
|
10
11
|
async function loadDeps() {
|
|
11
12
|
let DynamicStructuredTool;
|
|
@@ -44,13 +45,35 @@ export async function createClampdDatabaseTool(opts) {
|
|
|
44
45
|
const schema = z.object({
|
|
45
46
|
query: z.string().describe("SQL query to execute"),
|
|
46
47
|
});
|
|
48
|
+
const toolName = "database.query";
|
|
49
|
+
const toolDescription = "Execute a SQL query against the database. " +
|
|
50
|
+
"The query is security-scanned before execution.";
|
|
51
|
+
// Compute the descriptor hash once at wrap time. zod 4 exposes
|
|
52
|
+
// `z.toJSONSchema()` natively — no extra dependency required.
|
|
53
|
+
// The resulting JSON Schema is content-hashed together with name
|
|
54
|
+
// and description so rug-pull detection matches a pre-registered
|
|
55
|
+
// descriptor in the dashboard.
|
|
56
|
+
let parameters = {};
|
|
57
|
+
try {
|
|
58
|
+
parameters = z.toJSONSchema(schema);
|
|
59
|
+
}
|
|
60
|
+
catch {
|
|
61
|
+
// Fallback: leave parameters empty if conversion fails. The tool
|
|
62
|
+
// still works; rug-pull detection degrades to "hash mismatch,
|
|
63
|
+
// informational only" rather than blocking the call.
|
|
64
|
+
parameters = {};
|
|
65
|
+
}
|
|
66
|
+
const descriptorHash = contractHash({
|
|
67
|
+
name: toolName,
|
|
68
|
+
description: toolDescription,
|
|
69
|
+
parameters,
|
|
70
|
+
});
|
|
47
71
|
return new DynamicStructuredTool({
|
|
48
|
-
name:
|
|
49
|
-
description:
|
|
50
|
-
"The query is security-scanned before execution.",
|
|
72
|
+
name: toolName,
|
|
73
|
+
description: toolDescription,
|
|
51
74
|
schema,
|
|
52
75
|
func: async ({ query }) => {
|
|
53
|
-
const result = await opts.client.proxy(
|
|
76
|
+
const result = await opts.client.proxy(toolName, { query }, targetUrl, `Agent executing SQL: ${query.slice(0, 200)}`, descriptorHash);
|
|
54
77
|
if (!result.allowed) {
|
|
55
78
|
return (`BLOCKED: ${result.denial_reason} ` +
|
|
56
79
|
`(risk_score=${result.risk_score.toFixed(2)}, ` +
|
package/dist/langchain.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"langchain.js","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;
|
|
1
|
+
{"version":3,"file":"langchain.js","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,sEAAsE;AAEtE,KAAK,UAAU,QAAQ;IACrB,IAAI,qBAAmF,CAAC;IACxF,IAAI,CAAyB,CAAC;IAE9B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;QACvD,qBAAqB,GAAG,QAAQ,CAAC,qBAAqB,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,yDAAyD;YACvD,2CAA2C,CAC9C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,6CAA6C;YAC3C,+BAA+B,CAClC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,qBAAqB,EAAE,CAAC,EAAE,CAAC;AACtC,CAAC;AASD,sEAAsE;AAEtE;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,IAA+B;IAE/B,MAAM,EAAE,qBAAqB,EAAE,CAAC,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,uBAAuB,CAAC;IAE5D,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;QACtB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;KACnD,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,MAAM,eAAe,GACnB,4CAA4C;QAC5C,iDAAiD,CAAC;IAEpD,+DAA+D;IAC/D,8DAA8D;IAC9D,iEAAiE;IACjE,iEAAiE;IACjE,+BAA+B;IAC/B,IAAI,UAAU,GAAW,EAAE,CAAC;IAC5B,IAAI,CAAC;QACH,UAAU,GAAG,CAAC,CAAC,YAAY,CAAC,MAAM,CAAW,CAAC;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;QACjE,8DAA8D;QAC9D,qDAAqD;QACrD,UAAU,GAAG,EAAE,CAAC;IAClB,CAAC;IACD,MAAM,cAAc,GAAG,YAAY,CAAC;QAClC,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,eAAe;QAC5B,UAAU;KACX,CAAC,CAAC;IAEH,OAAO,IAAI,qBAAqB,CAAC;QAC/B,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,eAAe;QAC5B,MAAM;QACN,IAAI,EAAE,KAAK,EAAE,EAAE,KAAK,EAAqB,EAAmB,EAAE;YAC5D,MAAM,MAAM,GAAkB,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CACnD,QAAQ,EACR,EAAE,KAAK,EAAE,EACT,SAAS,EACT,wBAAwB,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAC7C,cAAc,CACf,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,CACL,YAAY,MAAM,CAAC,aAAa,GAAG;oBACnC,eAAe,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;oBAC/C,WAAW,MAAM,CAAC,UAAU,KAAK,CAClC,CAAC;YACJ,CAAC;YAED,OAAO,CACL,YAAY,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG;gBACnD,eAAe,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;gBAC/C,SAAS,MAAM,CAAC,aAAa,IAAI;gBACjC,WAAW,MAAM,CAAC,UAAU,KAAK,CAClC,CAAC;QACJ,CAAC;KACF,CAAC,CAAC;AACL,CAAC"}
|