@clampd/sdk 0.4.0

package/README.md

@@ -0,0 +1,139 @@
+# Clampd TypeScript SDK
+
+Runtime security for AI agents. Guard every tool call — OpenAI, Anthropic, LangChain.js — in 1 line.
+
+## Installation
+
+```bash
+npm install clampd
+```
+
+## Quick Start
+
+```typescript
+import clampd from "clampd";
+import OpenAI from "openai";
+
+// Configure once at startup
+clampd.init({
+  agentId: "my-agent",
+  secret: "ags_...",              // from dashboard → Agent → Secret
+  gatewayUrl: "http://localhost:8080",
+  apiKey: "ag_live_...",
+});
+
+// Wrap your OpenAI client — done
+const client = clampd.openai(new OpenAI());
+
+// Use it exactly like before. Clampd intercepts every tool call.
+const response = await client.chat.completions.create({
+  model: "gpt-4o",
+  messages: [{ role: "user", content: "Look up active users" }],
+  tools: [...],
+});
+// Dangerous tool calls → blocked before execution
+// Safe tool calls → proceed normally
+```
+
+## Configuration
+
+Three ways to configure (pick one):
+
+```typescript
+// Option 1: Environment variables
+// CLAMPD_GATEWAY_URL=http://localhost:8080
+// CLAMPD_API_KEY=ag_live_...
+// CLAMPD_AGENT_ID=my-agent
+// CLAMPD_AGENT_SECRET=ags_...
+
+// Option 2: Global init (recommended)
+clampd.init({ agentId: "my-agent", secret: "ags_...", gatewayUrl: "...", apiKey: "..." });
+
+// Option 3: Inline per-call
+const safeFn = clampd.guard(myFn, {
+  toolName: "db.query",
+  agentId: "my-agent",
+  secret: "ags_...",
+});
+```
+
+## Anthropic / Claude
+
+```typescript
+import clampd from "clampd";
+import Anthropic from "@anthropic-ai/sdk";
+
+clampd.init({ agentId: "my-agent", secret: "ags_..." });
+const client = clampd.anthropic(new Anthropic());
+
+const response = await client.messages.create({
+  model: "claude-sonnet-4-20250514",
+  max_tokens: 1024,
+  messages: [{ role: "user", content: "..." }],
+  tools: [...],
+});
+```
+
+## Direct Guard (any function)
+
+```typescript
+import clampd from "clampd";
+
+clampd.init({ agentId: "my-agent", secret: "ags_..." });
+
+const safeQuery = clampd.guard(runQuery, {
+  toolName: "database.query",
+});
+
+// With response checking (opt-in)
+const safeRead = clampd.guard(readFile, {
+  toolName: "file_read",
+  checkResponse: true,
+});
+
+await safeQuery("SELECT * FROM users");  // allowed
+await safeQuery("DROP TABLE users");     // throws ClampdBlockedError
+```
+
+## Tool Definitions Wrapper
+
+```typescript
+import clampd from "clampd";
+
+// Wrap OpenAI-style tool definitions
+const safeTools = clampd.tools(myToolDefs, { agentId: "my-agent", secret: "ags_..." });
+```
+
+## Error Handling
+
+```typescript
+import { ClampdBlockedError } from "clampd";
+
+try {
+  await safeQuery("DROP TABLE users");
+} catch (e) {
+  if (e instanceof ClampdBlockedError) {
+    console.log(`Blocked: ${e.message}`);
+    // e.response.risk_score, e.response.denial_reason
+  }
+}
+```
+
+## API Reference
+
+| Function | Description |
+|----------|-------------|
+| `clampd.init(opts)` | Configure global client (once at startup) |
+| `clampd.openai(client)` | Wrap OpenAI client |
+| `clampd.anthropic(client)` | Wrap Anthropic client |
+| `clampd.guard(fn, opts)` | Wrap any async function |
+| `clampd.tools(defs, opts)` | Wrap OpenAI tool definitions |
+
+## Requirements
+
+- Node.js 18+
+- A running [Clampd](https://clampd.dev) gateway
+
+## License
+
+BUSL-1.1

package/dist/auth.d.ts

@@ -0,0 +1,22 @@
+/**
+ * JWT helper for Clampd agent authentication.
+ *
+ * Uses HMAC-SHA256 when `secret` is provided or `CLAMPD_JWT_SECRET` env var
+ * is set. Throws an error if no signing secret is available — unsigned JWTs
+ * (alg: none) are NOT supported.
+ */
+/**
+ * Create a JWT with `sub` = agentId.
+ *
+ * @param agentId  Agent identifier (becomes the `sub` claim).
+ * @param opts.secret  HMAC-SHA256 signing key. Falls back to
+ *   `CLAMPD_JWT_SECRET` env var. If unset, creates an unsigned JWT.
+ * @param opts.scopes  Optional scopes to include in the token.
+ * @param opts.ttlSeconds  Token TTL in seconds (default: 3600).
+ */
+export declare function makeAgentJwt(agentId: string, opts?: {
+    secret?: string;
+    scopes?: string[];
+    ttlSeconds?: number;
+}): string;
+//# sourceMappingURL=auth.d.ts.map

package/dist/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AASH;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAC1B,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAAE,GACjE,MAAM,CAqCR"}

package/dist/auth.js

@@ -0,0 +1,54 @@
+/**
+ * JWT helper for Clampd agent authentication.
+ *
+ * Uses HMAC-SHA256 when `secret` is provided or `CLAMPD_JWT_SECRET` env var
+ * is set. Throws an error if no signing secret is available — unsigned JWTs
+ * (alg: none) are NOT supported.
+ */
+import { createHmac, createHash } from "node:crypto";
+function b64url(data) {
+    const bytes = typeof data === "string" ? Buffer.from(data) : Buffer.from(data);
+    return bytes.toString("base64url");
+}
+/**
+ * Create a JWT with `sub` = agentId.
+ *
+ * @param agentId  Agent identifier (becomes the `sub` claim).
+ * @param opts.secret  HMAC-SHA256 signing key. Falls back to
+ *   `CLAMPD_JWT_SECRET` env var. If unset, creates an unsigned JWT.
+ * @param opts.scopes  Optional scopes to include in the token.
+ * @param opts.ttlSeconds  Token TTL in seconds (default: 3600).
+ */
+export function makeAgentJwt(agentId, opts) {
+    const rawSecret = opts?.secret || process.env.CLAMPD_AGENT_SECRET || process.env.CLAMPD_JWT_SECRET || "";
+    const ttl = opts?.ttlSeconds ?? 3600;
+    const now = Math.floor(Date.now() / 1000);
+    const payloadObj = {
+        sub: agentId,
+        iss: "clampd-sdk",
+        iat: now,
+        exp: now + ttl,
+    };
+    if (opts?.scopes?.length) {
+        payloadObj.scopes = opts.scopes;
+    }
+    if (rawSecret) {
+        // Derive signing key: if agent secret (ags_ prefix), hash with SHA-256
+        // so the HMAC key matches the credential_hash stored server-side.
+        // Otherwise use as-is (legacy global JWT_SECRET).
+        const signingKey = rawSecret.startsWith("ags_")
+            ? createHash("sha256").update(rawSecret).digest("hex")
+            : rawSecret;
+        const header = b64url(JSON.stringify({ alg: "HS256", typ: "JWT" }));
+        const payload = b64url(JSON.stringify(payloadObj));
+        const signingInput = `${header}.${payload}`;
+        const sig = createHmac("sha256", signingKey).update(signingInput).digest();
+        const signature = Buffer.from(sig).toString("base64url");
+        return `${header}.${payload}.${signature}`;
+    }
+    // Fail-closed: unsigned JWTs are not supported
+    throw new Error("[clampd] No signing secret available. " +
+        "Set CLAMPD_JWT_SECRET env var or pass { secret } to makeAgentJwt(). " +
+        "Unsigned JWTs (alg: none) are not supported — gateways require JWT_SECRET.");
+}
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAErD,SAAS,MAAM,CAAC,IAAyB;IACvC,MAAM,KAAK,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/E,OAAO,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACrC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,YAAY,CAC1B,OAAe,EACf,IAAkE;IAElE,MAAM,SAAS,GAAG,IAAI,EAAE,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;IACzG,MAAM,GAAG,GAAG,IAAI,EAAE,UAAU,IAAI,IAAI,CAAC;IACrC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,MAAM,UAAU,GAA4B;QAC1C,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,YAAY;QACjB,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG,GAAG,GAAG;KACf,CAAC;IACF,IAAI,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QACzB,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAClC,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,uEAAuE;QACvE,kEAAkE;QAClE,kDAAkD;QAClD,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC;YAC7C,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;YACtD,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC;QAC5C,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CAAC;QAC3E,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACzD,OAAO,GAAG,MAAM,IAAI,OAAO,IAAI,SAAS,EAAE,CAAC;IAC7C,CAAC;IAED,+CAA+C;IAC/C,MAAM,IAAI,KAAK,CACb,wCAAwC;QACxC,sEAAsE;QACtE,4EAA4E,CAC7E,CAAC;AACJ,CAAC"}

package/dist/client.d.ts

@@ -0,0 +1,118 @@
+/**
+ * ClampdClient — thin wrapper around the ag-gateway HTTP API.
+ */
+export interface ProxyResponse {
+    request_id: string;
+    allowed: boolean;
+    /** Intent action: "pass", "flag", or "block". */
+    action?: string;
+    risk_score: number;
+    scope_granted?: string | null;
+    tool_response?: unknown | null;
+    denial_reason?: string | null;
+    /** Human-readable explanation of the risk assessment. */
+    reasoning?: string | null;
+    /** Rule IDs that matched this request (e.g. ["R001", "R005"]). */
+    matched_rules?: string[];
+    latency_ms: number;
+    degraded_stages: string[];
+    session_flags: string[];
+    /** HMAC scope token binding this approval to response scanning. */
+    scope_token?: string | null;
+}
+export interface ScanResponse {
+    allowed: boolean;
+    risk_score: number;
+    denial_reason?: string;
+    matched_rules: string[];
+    latency_ms: number;
+}
+export interface ScanOutputResponse extends ScanResponse {
+    pii_found: Array<{
+        pii_type: string;
+        count: number;
+    }>;
+    secrets_found: Array<{
+        secret_type: string;
+        count: number;
+    }>;
+}
+export interface ProxyRequest {
+    tool: string;
+    params: Record<string, unknown>;
+    target_url: string;
+    prompt_context?: string;
+}
+export interface VerifyRequest {
+    tool: string;
+    params: Record<string, unknown>;
+    target_url?: string;
+}
+export interface ClampdClientOptions {
+    gatewayUrl?: string;
+    agentId: string;
+    apiKey?: string;
+    secret?: string;
+    timeoutMs?: number;
+}
+/**
+ * Synchronous-style (async/await) client for the Clampd gateway proxy API.
+ *
+ * Uses the built-in `fetch` available in Node 18+.
+ */
+export declare class ClampdClient {
+    private readonly gatewayUrl;
+    readonly agentId: string;
+    private readonly apiKey;
+    private readonly jwt;
+    private readonly timeoutMs;
+    constructor(opts: ClampdClientOptions);
+    private headers;
+    /**
+     * Send a tool call through the Clampd gateway for evaluation.
+     *
+     * When targetUrl is empty (default), the gateway runs evaluate-only mode:
+     * classify + policy check, no token exchange or forwarding. The tool
+     * executes locally in the agent's runtime.
+     *
+     * When targetUrl is set, the gateway also exchanges a micro-token and
+     * forwards the request to the target, inspecting the response.
+     */
+    proxy(tool: string, params: Record<string, unknown>, targetUrl?: string, promptContext?: string, toolDescriptorHash?: string): Promise<ProxyResponse>;
+    /**
+     * Get delegation headers for cross-service HTTP propagation.
+     * Static convenience method.
+     */
+    static delegationHeaders(): Record<string, string>;
+    /**
+     * Inspect a tool response for PII, anomalies, or policy violations.
+     *
+     * When scopeToken is provided (from a prior proxy() call),
+     * the gateway can verify this response came from a Clampd-approved call.
+     */
+    inspect(tool: string, responseData: unknown, requestId?: string, scopeToken?: string): Promise<ProxyResponse>;
+    /**
+     * Dry-run: stages 1-6 only — no token exchange or forwarding.
+     */
+    verify(tool: string, params: Record<string, unknown>, targetUrl?: string): Promise<ProxyResponse>;
+    /**
+     * Scan input text (prompt) for injection attacks, jailbreaks, etc.
+     * Unlike proxy/verify, this throws on network errors so callers can
+     * implement fail-open vs fail-closed logic.
+     */
+    scanInput(text: string, messageCount?: number): Promise<ScanResponse>;
+    /**
+     * Scan output text (LLM response) for PII, secrets, policy violations.
+     * Unlike proxy/verify, this throws on network errors so callers can
+     * implement fail-open vs fail-closed logic.
+     */
+    scanOutput(text: string, requestId?: string): Promise<ScanOutputResponse>;
+    private post;
+    /**
+     * Like `post`, but throws on network errors and non-OK responses
+     * instead of synthesizing a blocked response. Used by scan methods
+     * so callers can distinguish gateway errors from policy decisions.
+     */
+    private postOrThrow;
+}
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,iDAAiD;IACjD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,aAAa,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,kEAAkE;IAClE,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,mEAAmE;IACnE,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,SAAS,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtD,aAAa,EAAE,KAAK,CAAC;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC9D;AAID,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAID,MAAM,WAAW,mBAAmB;IAClC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAmBD;;;;GAIG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,SAAgB,OAAO,EAAE,MAAM,CAAC;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEvB,IAAI,EAAE,mBAAmB;IAWrC,OAAO,CAAC,OAAO;IASf;;;;;;;;;OASG;IACG,KAAK,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,SAAS,GAAE,MAAW,EACtB,aAAa,CAAC,EAAE,MAAM,EACtB,kBAAkB,CAAC,EAAE,MAAM,GAC1B,OAAO,CAAC,aAAa,CAAC;IAwBzB;;;OAGG;IACH,MAAM,CAAC,iBAAiB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAIlD;;;;;OAKG;IACG,OAAO,CACX,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,OAAO,EACrB,SAAS,CAAC,EAAE,MAAM,EAClB,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,aAAa,CAAC;IAOzB;;OAEG;IACG,MAAM,CACV,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,SAAS,GAAE,MAAW,GACrB,OAAO,CAAC,aAAa,CAAC;IAUzB;;;;OAIG;IACG,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAM3E;;;;OAIG;IACG,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;YAQjE,IAAI;IAuClB;;;;OAIG;YACW,WAAW;CA0B1B"}

package/dist/client.js

@@ -0,0 +1,191 @@
+/**
+ * ClampdClient — thin wrapper around the ag-gateway HTTP API.
+ */
+import { makeAgentJwt } from "./auth.js";
+import { getDelegation, delegationHeaders } from "./delegation.js";
+// ── Synthesized error response ─────────────────────────────────────
+function blockedResponse(reason) {
+    return {
+        request_id: "error",
+        allowed: false,
+        risk_score: 1.0,
+        denial_reason: reason,
+        matched_rules: [],
+        latency_ms: 0,
+        degraded_stages: [],
+        session_flags: [],
+    };
+}
+// ── Client ─────────────────────────────────────────────────────────
+/**
+ * Synchronous-style (async/await) client for the Clampd gateway proxy API.
+ *
+ * Uses the built-in `fetch` available in Node 18+.
+ */
+export class ClampdClient {
+    gatewayUrl;
+    agentId;
+    apiKey;
+    jwt;
+    timeoutMs;
+    constructor(opts) {
+        this.gatewayUrl = (opts.gatewayUrl ?? "http://localhost:8080").replace(/\/$/, "");
+        this.agentId = opts.agentId;
+        this.apiKey = opts.apiKey ?? process.env.CLAMPD_API_KEY ?? "";
+        this.jwt = makeAgentJwt(this.agentId, { secret: opts.secret });
+        this.timeoutMs = opts.timeoutMs ?? 30_000;
+    }
+    headers() {
+        return {
+            Authorization: `Bearer ${this.jwt}`,
+            "X-AG-Key": this.apiKey,
+            "Content-Type": "application/json",
+            ...delegationHeaders(),
+        };
+    }
+    /**
+     * Send a tool call through the Clampd gateway for evaluation.
+     *
+     * When targetUrl is empty (default), the gateway runs evaluate-only mode:
+     * classify + policy check, no token exchange or forwarding. The tool
+     * executes locally in the agent's runtime.
+     *
+     * When targetUrl is set, the gateway also exchanges a micro-token and
+     * forwards the request to the target, inspecting the response.
+     */
+    async proxy(tool, params, targetUrl = "", promptContext, toolDescriptorHash) {
+        const body = {
+            tool,
+            params,
+            target_url: targetUrl,
+        };
+        if (promptContext) {
+            body.prompt_context = promptContext;
+        }
+        if (toolDescriptorHash) {
+            body.tool_descriptor_hash = toolDescriptorHash;
+        }
+        // Auto-include delegation context if present
+        const delegation = getDelegation();
+        if (delegation && delegation.chain.length > 1) {
+            body.caller_agent_id = delegation.chain[delegation.chain.length - 2];
+            body.delegation_chain = delegation.chain;
+            body.delegation_trace_id = delegation.traceId;
+        }
+        return this.post("/v1/proxy", body);
+    }
+    /**
+     * Get delegation headers for cross-service HTTP propagation.
+     * Static convenience method.
+     */
+    static delegationHeaders() {
+        return delegationHeaders();
+    }
+    /**
+     * Inspect a tool response for PII, anomalies, or policy violations.
+     *
+     * When scopeToken is provided (from a prior proxy() call),
+     * the gateway can verify this response came from a Clampd-approved call.
+     */
+    async inspect(tool, responseData, requestId, scopeToken) {
+        const body = { tool, response_data: responseData };
+        if (requestId)
+            body.request_id = requestId;
+        if (scopeToken)
+            body.scope_token = scopeToken;
+        return this.post("/v1/inspect", body);
+    }
+    /**
+     * Dry-run: stages 1-6 only — no token exchange or forwarding.
+     */
+    async verify(tool, params, targetUrl = "") {
+        const body = {
+            tool,
+            params,
+            target_url: targetUrl,
+        };
+        return this.post("/v1/verify", body);
+    }
+    /**
+     * Scan input text (prompt) for injection attacks, jailbreaks, etc.
+     * Unlike proxy/verify, this throws on network errors so callers can
+     * implement fail-open vs fail-closed logic.
+     */
+    async scanInput(text, messageCount) {
+        const body = { text };
+        if (messageCount)
+            body.message_count = messageCount;
+        return this.postOrThrow("/v1/scan-input", body);
+    }
+    /**
+     * Scan output text (LLM response) for PII, secrets, policy violations.
+     * Unlike proxy/verify, this throws on network errors so callers can
+     * implement fail-open vs fail-closed logic.
+     */
+    async scanOutput(text, requestId) {
+        const body = { text };
+        if (requestId)
+            body.request_id = requestId;
+        return this.postOrThrow("/v1/scan-output", body);
+    }
+    // ── Internal ────────────────────────────────────────────────────
+    async post(path, body) {
+        const url = `${this.gatewayUrl}${path}`;
+        let resp;
+        try {
+            resp = await fetch(url, {
+                method: "POST",
+                headers: this.headers(),
+                body: JSON.stringify(body),
+                signal: AbortSignal.timeout(this.timeoutMs),
+            });
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : "Unknown fetch error";
+            return blockedResponse(`Fetch error: ${message}`);
+        }
+        if (resp.ok) {
+            const json = (await resp.json());
+            // Ensure array fields are always present for ProxyResponse shape
+            if (typeof json === "object" && json !== null && "degraded_stages" in json) {
+                const pr = json;
+                return {
+                    ...json,
+                    degraded_stages: pr.degraded_stages ?? [],
+                    session_flags: pr.session_flags ?? [],
+                };
+            }
+            return json;
+        }
+        // Gateway returned an error — synthesize a blocked response
+        const text = await resp.text().catch(() => `HTTP ${resp.status}`);
+        return blockedResponse(text);
+    }
+    /**
+     * Like `post`, but throws on network errors and non-OK responses
+     * instead of synthesizing a blocked response. Used by scan methods
+     * so callers can distinguish gateway errors from policy decisions.
+     */
+    async postOrThrow(path, body) {
+        const url = `${this.gatewayUrl}${path}`;
+        let resp;
+        try {
+            resp = await fetch(url, {
+                method: "POST",
+                headers: this.headers(),
+                body: JSON.stringify(body),
+                signal: AbortSignal.timeout(this.timeoutMs),
+            });
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            throw new Error(`Scan fetch error: ${message}`);
+        }
+        if (!resp.ok) {
+            const text = await resp.text().catch(() => `HTTP ${resp.status}`);
+            throw new Error(`Scan request failed: ${text}`);
+        }
+        return (await resp.json());
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AA8DnE,sEAAsE;AAEtE,SAAS,eAAe,CAAC,MAAc;IACrC,OAAO;QACL,UAAU,EAAE,OAAO;QACnB,OAAO,EAAE,KAAK;QACd,UAAU,EAAE,GAAG;QACf,aAAa,EAAE,MAAM;QACrB,aAAa,EAAE,EAAE;QACjB,UAAU,EAAE,CAAC;QACb,eAAe,EAAE,EAAE;QACnB,aAAa,EAAE,EAAE;KAClB,CAAC;AACJ,CAAC;AAED,sEAAsE;AAEtE;;;;GAIG;AACH,MAAM,OAAO,YAAY;IACN,UAAU,CAAS;IACpB,OAAO,CAAS;IACf,MAAM,CAAS;IACf,GAAG,CAAS;IACZ,SAAS,CAAS;IAEnC,YAAY,IAAyB;QACnC,IAAI,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,uBAAuB,CAAC,CAAC,OAAO,CACpE,KAAK,EACL,EAAE,CACH,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC;QAC9D,IAAI,CAAC,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAC/D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;IAC5C,CAAC;IAEO,OAAO;QACb,OAAO;YACL,aAAa,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE;YACnC,UAAU,EAAE,IAAI,CAAC,MAAM;YACvB,cAAc,EAAE,kBAAkB;YAClC,GAAG,iBAAiB,EAAE;SACvB,CAAC;IACJ,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,KAAK,CACT,IAAY,EACZ,MAA+B,EAC/B,YAAoB,EAAE,EACtB,aAAsB,EACtB,kBAA2B;QAE3B,MAAM,IAAI,GAA4B;YACpC,IAAI;YACJ,MAAM;YACN,UAAU,EAAE,SAAS;SACtB,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,CAAC,cAAc,GAAG,aAAa,CAAC;QACtC,CAAC;QACD,IAAI,kBAAkB,EAAE,CAAC;YACvB,IAAI,CAAC,oBAAoB,GAAG,kBAAkB,CAAC;QACjD,CAAC;QAED,6CAA6C;QAC7C,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;QACnC,IAAI,UAAU,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACrE,IAAI,CAAC,gBAAgB,GAAG,UAAU,CAAC,KAAK,CAAC;YACzC,IAAI,CAAC,mBAAmB,GAAG,UAAU,CAAC,OAAO,CAAC;QAChD,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACtC,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,iBAAiB;QACtB,OAAO,iBAAiB,EAAE,CAAC;IAC7B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CACX,IAAY,EACZ,YAAqB,EACrB,SAAkB,EAClB,UAAmB;QAEnB,MAAM,IAAI,GAA4B,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;QAC5E,IAAI,SAAS;YAAE,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;QAC3C,IAAI,UAAU;YAAE,IAAI,CAAC,WAAW,GAAG,UAAU,CAAC;QAC9C,OAAO,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,IAAY,EACZ,MAA+B,EAC/B,YAAoB,EAAE;QAEtB,MAAM,IAAI,GAAkB;YAC1B,IAAI;YACJ,MAAM;YACN,UAAU,EAAE,SAAS;SACtB,CAAC;QAEF,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAA0C,CAAC,CAAC;IAC7E,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,IAAY,EAAE,YAAqB;QACjD,MAAM,IAAI,GAA4B,EAAE,IAAI,EAAE,CAAC;QAC/C,IAAI,YAAY;YAAE,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QACpD,OAAO,IAAI,CAAC,WAAW,CAAe,gBAAgB,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU,CAAC,IAAY,EAAE,SAAkB;QAC/C,MAAM,IAAI,GAA4B,EAAE,IAAI,EAAE,CAAC;QAC/C,IAAI,SAAS;YAAE,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;QAC3C,OAAO,IAAI,CAAC,WAAW,CAAqB,iBAAiB,EAAE,IAAI,CAAC,CAAC;IACvE,CAAC;IAED,mEAAmE;IAE3D,KAAK,CAAC,IAAI,CAChB,IAAY,EACZ,IAA6B;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;QAExC,IAAI,IAAc,CAAC;QACnB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACtB,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;gBACvB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;aAC5C,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GACX,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC;YAC7D,OAAO,eAAe,CAAC,gBAAgB,OAAO,EAAE,CAAiB,CAAC;QACpE,CAAC;QAED,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAM,CAAC;YACtC,iEAAiE;YACjE,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,iBAAiB,IAAI,IAAI,EAAE,CAAC;gBAC3E,MAAM,EAAE,GAAG,IAAgC,CAAC;gBAC5C,OAAO;oBACL,GAAG,IAAI;oBACP,eAAe,EAAE,EAAE,CAAC,eAAe,IAAI,EAAE;oBACzC,aAAa,EAAE,EAAE,CAAC,aAAa,IAAI,EAAE;iBACtC,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAClE,OAAO,eAAe,CAAC,IAAI,CAAiB,CAAC;IAC/C,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,WAAW,CACvB,IAAY,EACZ,IAA6B;QAE7B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;QAExC,IAAI,IAAc,CAAC;QACnB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACtB,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE;gBACvB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;aAC5C,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,MAAM,IAAI,KAAK,CAAC,qBAAqB,OAAO,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YAClE,MAAM,IAAI,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAM,CAAC;IAClC,CAAC;CACF"}

package/dist/delegation.d.ts

@@ -0,0 +1,31 @@
+export interface DelegationContext {
+    traceId: string;
+    chain: string[];
+    confidence: "verified" | "inferred" | "declared";
+}
+export declare const MAX_DELEGATION_DEPTH = 5;
+/**
+ * Get the current delegation context, if any.
+ */
+export declare function getDelegation(): DelegationContext | undefined;
+/**
+ * Get the caller (parent) agent ID from the delegation chain.
+ * Returns undefined if there is no parent (single agent or no context).
+ */
+export declare function getCallerAgentId(): string | undefined;
+/**
+ * Check whether a chain contains a cycle (duplicate agent ID).
+ */
+export declare function hasCycle(chain: string[]): boolean;
+/**
+ * Run a function within a delegation context.
+ * If already inside a delegation, extends the chain.
+ * If not, starts a new chain.
+ */
+export declare function withDelegation<T>(agentId: string, fn: () => T): T;
+/**
+ * Get delegation headers for cross-service HTTP propagation.
+ * Returns an empty object when called outside a delegation context.
+ */
+export declare function delegationHeaders(): Record<string, string>;
+//# sourceMappingURL=delegation.d.ts.map

package/dist/delegation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegation.d.ts","sourceRoot":"","sources":["../src/delegation.ts"],"names":[],"mappings":"AAWA,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,EAAE,UAAU,GAAG,UAAU,GAAG,UAAU,CAAC;CAClD;AAID,eAAO,MAAM,oBAAoB,IAAI,CAAC;AAEtC;;GAEG;AACH,wBAAgB,aAAa,IAAI,iBAAiB,GAAG,SAAS,CAE7D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,GAAG,SAAS,CAIrD;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAEjD;AAED;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAgCjE;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAQ1D"}

package/dist/delegation.js

@@ -0,0 +1,80 @@
+/**
+ * Automatic delegation chain tracking via AsyncLocalStorage.
+ * Propagates through async/await, Promises, and callbacks automatically.
+ *
+ * When Agent A's guarded tool calls Agent B's guarded tool in the same
+ * process, the SDK auto-detects the cross-agent hop and includes
+ * delegation metadata in proxy requests.
+ */
+import { AsyncLocalStorage } from "node:async_hooks";
+import { randomUUID } from "node:crypto";
+const delegationStore = new AsyncLocalStorage();
+export const MAX_DELEGATION_DEPTH = 5;
+/**
+ * Get the current delegation context, if any.
+ */
+export function getDelegation() {
+    return delegationStore.getStore();
+}
+/**
+ * Get the caller (parent) agent ID from the delegation chain.
+ * Returns undefined if there is no parent (single agent or no context).
+ */
+export function getCallerAgentId() {
+    const ctx = delegationStore.getStore();
+    if (!ctx || ctx.chain.length < 2)
+        return undefined;
+    return ctx.chain[ctx.chain.length - 2];
+}
+/**
+ * Check whether a chain contains a cycle (duplicate agent ID).
+ */
+export function hasCycle(chain) {
+    return new Set(chain).size !== chain.length;
+}
+/**
+ * Run a function within a delegation context.
+ * If already inside a delegation, extends the chain.
+ * If not, starts a new chain.
+ */
+export function withDelegation(agentId, fn) {
+    const parent = delegationStore.getStore();
+    let ctx;
+    if (parent) {
+        ctx = {
+            traceId: parent.traceId,
+            chain: [...parent.chain, agentId],
+            confidence: parent.confidence,
+        };
+    }
+    else {
+        ctx = {
+            traceId: randomUUID().replace(/-/g, "").slice(0, 16),
+            chain: [agentId],
+            confidence: "verified",
+        };
+    }
+    if (ctx.chain.length > MAX_DELEGATION_DEPTH) {
+        throw new Error(`Delegation depth ${ctx.chain.length} exceeds maximum ${MAX_DELEGATION_DEPTH}. ` +
+            `Chain: ${ctx.chain.join(" \u2192 ")}`);
+    }
+    if (hasCycle(ctx.chain)) {
+        throw new Error(`Circular delegation detected: ${ctx.chain.join(" \u2192 ")}`);
+    }
+    return delegationStore.run(ctx, fn);
+}
+/**
+ * Get delegation headers for cross-service HTTP propagation.
+ * Returns an empty object when called outside a delegation context.
+ */
+export function delegationHeaders() {
+    const ctx = delegationStore.getStore();
+    if (!ctx)
+        return {};
+    return {
+        "X-Clampd-Delegation-Trace": ctx.traceId,
+        "X-Clampd-Delegation-Chain": ctx.chain.join(","),
+        "X-Clampd-Delegation-Confidence": ctx.confidence,
+    };
+}
+//# sourceMappingURL=delegation.js.map

package/dist/delegation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegation.js","sourceRoot":"","sources":["../src/delegation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAQzC,MAAM,eAAe,GAAG,IAAI,iBAAiB,EAAqB,CAAC;AAEnE,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAEtC;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,eAAe,CAAC,QAAQ,EAAE,CAAC;AACpC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,GAAG,GAAG,eAAe,CAAC,QAAQ,EAAE,CAAC;IACvC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,SAAS,CAAC;IACnD,OAAO,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,KAAe;IACtC,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,CAAC;AAC9C,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAI,OAAe,EAAE,EAAW;IAC5D,MAAM,MAAM,GAAG,eAAe,CAAC,QAAQ,EAAE,CAAC;IAE1C,IAAI,GAAsB,CAAC;IAC3B,IAAI,MAAM,EAAE,CAAC;QACX,GAAG,GAAG;YACJ,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,KAAK,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC;YACjC,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,GAAG,GAAG;YACJ,OAAO,EAAE,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACpD,KAAK,EAAE,CAAC,OAAO,CAAC;YAChB,UAAU,EAAE,UAAU;SACvB,CAAC;IACJ,CAAC;IAED,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,oBAAoB,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CACb,oBAAoB,GAAG,CAAC,KAAK,CAAC,MAAM,oBAAoB,oBAAoB,IAAI;YAC9E,UAAU,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CACzC,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAC9D,CAAC;IACJ,CAAC;IAED,OAAO,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,GAAG,GAAG,eAAe,CAAC,QAAQ,EAAE,CAAC;IACvC,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,OAAO;QACL,2BAA2B,EAAE,GAAG,CAAC,OAAO;QACxC,2BAA2B,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;QAChD,gCAAgC,EAAE,GAAG,CAAC,UAAU;KACjD,CAAC;AACJ,CAAC"}