@clampd/sdk 0.5.1 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/langchain.d.ts +30 -0
- package/dist/langchain.d.ts.map +1 -0
- package/dist/langchain.js +66 -0
- package/dist/langchain.js.map +1 -0
- package/package.json +8 -2
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* LangChain.js adapter for Clampd.
|
|
3
|
+
*
|
|
4
|
+
* Routes tool calls through the Clampd proxy so every LLM-initiated
|
|
5
|
+
* action is classified, policy-checked, scoped, and audit-logged.
|
|
6
|
+
*
|
|
7
|
+
* Requires @langchain/core as a peer dependency.
|
|
8
|
+
*/
|
|
9
|
+
import { ClampdClient } from "./client.js";
|
|
10
|
+
export interface ClampdDatabaseToolOptions {
|
|
11
|
+
client: ClampdClient;
|
|
12
|
+
targetUrl?: string;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Create a LangChain DynamicStructuredTool that proxies database
|
|
16
|
+
* queries through the Clampd 9-stage security pipeline.
|
|
17
|
+
*
|
|
18
|
+
* ```ts
|
|
19
|
+
* const tool = await createClampdDatabaseTool({ client });
|
|
20
|
+
* const result = await tool.invoke({ query: "SELECT 1" });
|
|
21
|
+
* ```
|
|
22
|
+
*/
|
|
23
|
+
export declare function createClampdDatabaseTool(opts: ClampdDatabaseToolOptions): Promise<import("@langchain/core/tools").DynamicStructuredTool<import("zod").ZodObject<{
|
|
24
|
+
query: import("zod").ZodString;
|
|
25
|
+
}, import("zod/v4/core").$strip>, {
|
|
26
|
+
query: string;
|
|
27
|
+
}, {
|
|
28
|
+
query: string;
|
|
29
|
+
}, string, unknown, "database.query">>;
|
|
30
|
+
//# sourceMappingURL=langchain.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"langchain.d.ts","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAsB,MAAM,aAAa,CAAC;AAiC/D,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,YAAY,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID;;;;;;;;GAQG;AACH,wBAAsB,wBAAwB,CAC5C,IAAI,EAAE,yBAAyB;;;WAeI,MAAM;;;uCAwB1C"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* LangChain.js adapter for Clampd.
|
|
3
|
+
*
|
|
4
|
+
* Routes tool calls through the Clampd proxy so every LLM-initiated
|
|
5
|
+
* action is classified, policy-checked, scoped, and audit-logged.
|
|
6
|
+
*
|
|
7
|
+
* Requires @langchain/core as a peer dependency.
|
|
8
|
+
*/
|
|
9
|
+
// ── Lazy imports with helpful errors ───────────────────────────────
|
|
10
|
+
async function loadDeps() {
|
|
11
|
+
let DynamicStructuredTool;
|
|
12
|
+
let z;
|
|
13
|
+
try {
|
|
14
|
+
const toolsMod = await import("@langchain/core/tools");
|
|
15
|
+
DynamicStructuredTool = toolsMod.DynamicStructuredTool;
|
|
16
|
+
}
|
|
17
|
+
catch {
|
|
18
|
+
throw new Error("@langchain/core is required for the LangChain adapter. " +
|
|
19
|
+
"Install with: npm install @langchain/core");
|
|
20
|
+
}
|
|
21
|
+
try {
|
|
22
|
+
const zodMod = await import("zod");
|
|
23
|
+
z = zodMod.z;
|
|
24
|
+
}
|
|
25
|
+
catch {
|
|
26
|
+
throw new Error("zod is required for the LangChain adapter. " +
|
|
27
|
+
"Install with: npm install zod");
|
|
28
|
+
}
|
|
29
|
+
return { DynamicStructuredTool, z };
|
|
30
|
+
}
|
|
31
|
+
// ── Factory ────────────────────────────────────────────────────────
|
|
32
|
+
/**
|
|
33
|
+
* Create a LangChain DynamicStructuredTool that proxies database
|
|
34
|
+
* queries through the Clampd 9-stage security pipeline.
|
|
35
|
+
*
|
|
36
|
+
* ```ts
|
|
37
|
+
* const tool = await createClampdDatabaseTool({ client });
|
|
38
|
+
* const result = await tool.invoke({ query: "SELECT 1" });
|
|
39
|
+
* ```
|
|
40
|
+
*/
|
|
41
|
+
export async function createClampdDatabaseTool(opts) {
|
|
42
|
+
const { DynamicStructuredTool, z } = await loadDeps();
|
|
43
|
+
const targetUrl = opts.targetUrl ?? "http://mock-tool:5555";
|
|
44
|
+
const schema = z.object({
|
|
45
|
+
query: z.string().describe("SQL query to execute"),
|
|
46
|
+
});
|
|
47
|
+
return new DynamicStructuredTool({
|
|
48
|
+
name: "database.query",
|
|
49
|
+
description: "Execute a SQL query against the database. " +
|
|
50
|
+
"The query is security-scanned before execution.",
|
|
51
|
+
schema,
|
|
52
|
+
func: async ({ query }) => {
|
|
53
|
+
const result = await opts.client.proxy("database.query", { query }, targetUrl, `Agent executing SQL: ${query.slice(0, 200)}`);
|
|
54
|
+
if (!result.allowed) {
|
|
55
|
+
return (`BLOCKED: ${result.denial_reason} ` +
|
|
56
|
+
`(risk_score=${result.risk_score.toFixed(2)}, ` +
|
|
57
|
+
`latency=${result.latency_ms}ms)`);
|
|
58
|
+
}
|
|
59
|
+
return (`ALLOWED: ${JSON.stringify(result.tool_response)} ` +
|
|
60
|
+
`(risk_score=${result.risk_score.toFixed(2)}, ` +
|
|
61
|
+
`scope=${result.scope_granted}, ` +
|
|
62
|
+
`latency=${result.latency_ms}ms)`);
|
|
63
|
+
},
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=langchain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"langchain.js","sourceRoot":"","sources":["../src/langchain.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,sEAAsE;AAEtE,KAAK,UAAU,QAAQ;IACrB,IAAI,qBAAmF,CAAC;IACxF,IAAI,CAAyB,CAAC;IAE9B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;QACvD,qBAAqB,GAAG,QAAQ,CAAC,qBAAqB,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,yDAAyD;YACvD,2CAA2C,CAC9C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,6CAA6C;YAC3C,+BAA+B,CAClC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,qBAAqB,EAAE,CAAC,EAAE,CAAC;AACtC,CAAC;AASD,sEAAsE;AAEtE;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,IAA+B;IAE/B,MAAM,EAAE,qBAAqB,EAAE,CAAC,EAAE,GAAG,MAAM,QAAQ,EAAE,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,uBAAuB,CAAC;IAE5D,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;QACtB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;KACnD,CAAC,CAAC;IAEH,OAAO,IAAI,qBAAqB,CAAC;QAC/B,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,4CAA4C;YAC5C,iDAAiD;QACnD,MAAM;QACN,IAAI,EAAE,KAAK,EAAE,EAAE,KAAK,EAAqB,EAAmB,EAAE;YAC5D,MAAM,MAAM,GAAkB,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CACnD,gBAAgB,EAChB,EAAE,KAAK,EAAE,EACT,SAAS,EACT,wBAAwB,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAC9C,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,CACL,YAAY,MAAM,CAAC,aAAa,GAAG;oBACnC,eAAe,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;oBAC/C,WAAW,MAAM,CAAC,UAAU,KAAK,CAClC,CAAC;YACJ,CAAC;YAED,OAAO,CACL,YAAY,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG;gBACnD,eAAe,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;gBAC/C,SAAS,MAAM,CAAC,aAAa,IAAI;gBACjC,WAAW,MAAM,CAAC,UAAU,KAAK,CAClC,CAAC;QACJ,CAAC;KACF,CAAC,CAAC;AACL,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@clampd/sdk",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.2",
|
|
4
4
|
"description": "Runtime security SDK for AI agents — guard tool calls in 1 line",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -10,6 +10,10 @@
|
|
|
10
10
|
"import": "./dist/index.js",
|
|
11
11
|
"require": "./dist/index.cjs",
|
|
12
12
|
"types": "./dist/index.d.ts"
|
|
13
|
+
},
|
|
14
|
+
"./langchain": {
|
|
15
|
+
"import": "./dist/langchain.js",
|
|
16
|
+
"types": "./dist/langchain.d.ts"
|
|
13
17
|
}
|
|
14
18
|
},
|
|
15
19
|
"files": [
|
|
@@ -45,9 +49,11 @@
|
|
|
45
49
|
"node": ">=18.0.0"
|
|
46
50
|
},
|
|
47
51
|
"devDependencies": {
|
|
52
|
+
"@langchain/core": "^1.1.35",
|
|
48
53
|
"@types/node": "^20.14.0",
|
|
49
54
|
"typescript": "^5.9.3",
|
|
50
|
-
"vitest": "^3.2.4"
|
|
55
|
+
"vitest": "^3.2.4",
|
|
56
|
+
"zod": "^4.3.6"
|
|
51
57
|
},
|
|
52
58
|
"peerDependencies": {
|
|
53
59
|
"@langchain/core": ">=0.2.0"
|