@compilr-dev/agents 0.3.14 → 0.3.15

package/README.md

@@ -15,6 +15,9 @@
 [![npm version](https://img.shields.io/npm/v/@compilr-dev/agents.svg)](https://www.npmjs.com/package/@compilr-dev/agents)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 
+> [!WARNING]
+> This package is in beta. APIs may change between minor versions.
+
 ## Features
 
 - **Multi-LLM Support**: 9 providers -- Claude, OpenAI, Gemini, Ollama (local), Together AI, Groq, Fireworks, Perplexity, OpenRouter

package/dist/agent.js

@@ -1784,14 +1784,23 @@ export class Agent {
                 messages.push(assistantMsg);
                 newMessages.push(assistantMsg);
                 // Execute tools and add results
-                // Check if we can parallelize - only parallelize tools marked as parallel-safe
-                const parallelTools = toolUses.filter((tu) => {
+                // A tool is parallel-safe if explicitly marked parallel OR readonly
+                const isParallelSafe = (tu) => {
                     const tool = this.toolRegistry.get(tu.name);
-                    return tool?.parallel === true;
-                });
-                const canParallelize = parallelTools.length > 1 && parallelTools.length === toolUses.length;
+                    return tool?.parallel === true || tool?.readonly === true;
+                };
+                const groups = [];
+                for (const tu of toolUses) {
+                    const safe = isParallelSafe(tu);
+                    if (groups.length > 0 && groups[groups.length - 1].parallel === safe) {
+                        groups[groups.length - 1].tools.push(tu);
+                    }
+                    else {
+                        groups.push({ tools: [tu], parallel: safe });
+                    }
+                }
                 // Helper to execute a single tool with all checks
-                const executeSingleTool = async (toolUse) => {
+                const executeSingleTool = async (toolUse, inParallelGroup = false) => {
                     // Check for abort
                     if (signal?.aborted) {
                         return {
@@ -1992,7 +2001,7 @@ export class Agent {
                         ? JSON.stringify(result.result)
                         : `Error: ${result.error ?? 'Unknown error'}`;
                     // Context management (only for sequential - parallel handles this after)
-                    if (!canParallelize && this.contextManager && this.autoContextManagement) {
+                    if (!inParallelGroup && this.contextManager && this.autoContextManagement) {
                         const estimatedTokens = this.contextManager.estimateTokens(toolResultContent);
                         const preflight = this.contextManager.canAddContent(estimatedTokens, 'toolResults');
                         if (!preflight.allowed) {
@@ -2023,78 +2032,83 @@ export class Agent {
                         aborted: false,
                     };
                 };
-                // Execute tools - parallel if all are parallel-safe, otherwise sequential
-                if (canParallelize) {
-                    // Parallel execution
-                    const results = await Promise.all(toolUses.map((tu) => executeSingleTool(tu)));
-                    for (let i = 0; i < toolUses.length; i++) {
-                        const toolUse = toolUses[i];
-                        const { result, toolResultMsg, aborted: wasAborted } = results[i];
-                        if (wasAborted) {
-                            aborted = true;
-                            break;
-                        }
-                        // Tool loop detection (still applies per-tool)
-                        if (this.maxConsecutiveToolCalls > 0) {
-                            const currentHash = hashToolCall(toolUse.name, toolUse.input);
-                            if (currentHash === lastToolCallHash) {
-                                consecutiveIdenticalCalls++;
-                                if (consecutiveIdenticalCalls >= this.maxConsecutiveToolCalls) {
-                                    throw new ToolLoopError(toolUse.name, consecutiveIdenticalCalls, toolUse.input);
-                                }
-                                emit({
-                                    type: 'tool_loop_warning',
-                                    toolName: toolUse.name,
-                                    consecutiveCalls: consecutiveIdenticalCalls,
-                                });
+                // Execute tools — group-based scheduler
+                // Parallel-safe groups with >1 tool run concurrently; everything else runs sequentially.
+                for (const group of groups) {
+                    if (aborted)
+                        break;
+                    if (group.parallel && group.tools.length > 1) {
+                        // Parallel execution for this group
+                        const results = await Promise.all(group.tools.map((tu) => executeSingleTool(tu, true)));
+                        for (let i = 0; i < group.tools.length; i++) {
+                            const toolUse = group.tools[i];
+                            const { result, toolResultMsg, aborted: wasAborted } = results[i];
+                            if (wasAborted) {
+                                aborted = true;
+                                break;
                             }
-                            else {
-                                lastToolCallHash = currentHash;
-                                consecutiveIdenticalCalls = 1;
+                            // Tool loop detection (still applies per-tool)
+                            if (this.maxConsecutiveToolCalls > 0) {
+                                const currentHash = hashToolCall(toolUse.name, toolUse.input);
+                                if (currentHash === lastToolCallHash) {
+                                    consecutiveIdenticalCalls++;
+                                    if (consecutiveIdenticalCalls >= this.maxConsecutiveToolCalls) {
+                                        throw new ToolLoopError(toolUse.name, consecutiveIdenticalCalls, toolUse.input);
+                                    }
+                                    emit({
+                                        type: 'tool_loop_warning',
+                                        toolName: toolUse.name,
+                                        consecutiveCalls: consecutiveIdenticalCalls,
+                                    });
+                                }
+                                else {
+                                    lastToolCallHash = currentHash;
+                                    consecutiveIdenticalCalls = 1;
+                                }
                             }
+                            const toolCallEntry = { name: toolUse.name, input: toolUse.input, result };
+                            toolCalls.push(toolCallEntry);
+                            iterationToolCalls.push(toolCallEntry);
+                            messages.push(toolResultMsg);
+                            newMessages.push(toolResultMsg);
                         }
-                        const toolCallEntry = { name: toolUse.name, input: toolUse.input, result };
-                        toolCalls.push(toolCallEntry);
-                        iterationToolCalls.push(toolCallEntry);
-                        messages.push(toolResultMsg);
-                        newMessages.push(toolResultMsg);
                     }
-                }
-                else {
-                    // Sequential execution (original loop, but using the helper)
-                    for (const toolUse of toolUses) {
-                        const { result, toolResultMsg, skipped, aborted: wasAborted, } = await executeSingleTool(toolUse);
-                        if (wasAborted) {
-                            aborted = true;
-                            break;
-                        }
-                        // Tool loop detection
-                        if (this.maxConsecutiveToolCalls > 0) {
-                            const currentHash = hashToolCall(toolUse.name, toolUse.input);
-                            if (currentHash === lastToolCallHash) {
-                                consecutiveIdenticalCalls++;
-                                if (consecutiveIdenticalCalls >= this.maxConsecutiveToolCalls) {
-                                    throw new ToolLoopError(toolUse.name, consecutiveIdenticalCalls, toolUse.input);
+                    else {
+                        // Sequential execution for this group
+                        for (const toolUse of group.tools) {
+                            const { result, toolResultMsg, skipped, aborted: wasAborted, } = await executeSingleTool(toolUse);
+                            if (wasAborted) {
+                                aborted = true;
+                                break;
+                            }
+                            // Tool loop detection
+                            if (this.maxConsecutiveToolCalls > 0) {
+                                const currentHash = hashToolCall(toolUse.name, toolUse.input);
+                                if (currentHash === lastToolCallHash) {
+                                    consecutiveIdenticalCalls++;
+                                    if (consecutiveIdenticalCalls >= this.maxConsecutiveToolCalls) {
+                                        throw new ToolLoopError(toolUse.name, consecutiveIdenticalCalls, toolUse.input);
+                                    }
+                                    emit({
+                                        type: 'tool_loop_warning',
+                                        toolName: toolUse.name,
+                                        consecutiveCalls: consecutiveIdenticalCalls,
+                                    });
+                                }
+                                else {
+                                    lastToolCallHash = currentHash;
+                                    consecutiveIdenticalCalls = 1;
                                 }
-                                emit({
-                                    type: 'tool_loop_warning',
-                                    toolName: toolUse.name,
-                                    consecutiveCalls: consecutiveIdenticalCalls,
-                                });
                             }
-                            else {
-                                lastToolCallHash = currentHash;
-                                consecutiveIdenticalCalls = 1;
+                            const toolCallEntry = { name: toolUse.name, input: toolUse.input, result };
+                            toolCalls.push(toolCallEntry);
+                            iterationToolCalls.push(toolCallEntry);
+                            messages.push(toolResultMsg);
+                            newMessages.push(toolResultMsg);
+                            if (skipped) {
+                                continue;
                             }
                         }
-                        const toolCallEntry = { name: toolUse.name, input: toolUse.input, result };
-                        toolCalls.push(toolCallEntry);
-                        iterationToolCalls.push(toolCallEntry);
-                        messages.push(toolResultMsg);
-                        newMessages.push(toolResultMsg);
-                        if (skipped) {
-                            continue;
-                        }
                     }
                 }
                 if (aborted) {

package/dist/episodes/effort.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Effort Estimation
+ *
+ * Pure function to estimate effort level from raw signals.
+ * Score-based: each signal contributes points, thresholds map to effort levels.
+ */
+import type { Effort, EffortSignals, EffortWeights } from './types.js';
+/**
+ * Default weights for effort estimation.
+ */
+export declare const DEFAULT_WEIGHTS: EffortWeights;
+/**
+ * Ordered effort levels for ordinal comparison.
+ * Index 0 = lowest, index 4 = highest.
+ */
+export declare const EFFORT_ORDER: readonly Effort[];
+/**
+ * Estimate effort level from raw signals.
+ *
+ * Score formula:
+ *   fileCount * fileCountMultiplier
+ *   + min(linesChanged / linesPerPoint, 10)
+ *   + toolCallCount * toolCallWeight
+ *   + (durationMs / 60000) / minutesPerPoint
+ *   + complexity bonuses: newFiles(+5), multiLang(+3), tests(+5), config(+2)
+ *
+ * Thresholds:
+ *   < 5 = trivial, < 15 = low, < 40 = medium, < 100 = high, else = significant
+ */
+export declare function estimateEffort(signals: EffortSignals, weights?: Partial<EffortWeights>): Effort;

package/dist/episodes/effort.js

@@ -0,0 +1,86 @@
+/**
+ * Effort Estimation
+ *
+ * Pure function to estimate effort level from raw signals.
+ * Score-based: each signal contributes points, thresholds map to effort levels.
+ */
+// =============================================================================
+// Constants
+// =============================================================================
+/**
+ * Default weights for effort estimation.
+ */
+export const DEFAULT_WEIGHTS = {
+    fileCountMultiplier: 2,
+    linesPerPoint: 50,
+    minutesPerPoint: 1,
+    toolCallWeight: 1,
+};
+/**
+ * Ordered effort levels for ordinal comparison.
+ * Index 0 = lowest, index 4 = highest.
+ */
+export const EFFORT_ORDER = [
+    'trivial',
+    'low',
+    'medium',
+    'high',
+    'significant',
+];
+// Lines-changed contribution is capped at this many points
+const LINES_CAP = 10;
+// Complexity bonuses
+const BONUS_NEW_FILES = 5;
+const BONUS_MULTI_LANG = 3;
+const BONUS_TESTS = 5;
+const BONUS_CONFIG = 2;
+// Score thresholds (exclusive upper bounds)
+const THRESHOLD_TRIVIAL = 5;
+const THRESHOLD_LOW = 15;
+const THRESHOLD_MEDIUM = 40;
+const THRESHOLD_HIGH = 100;
+// =============================================================================
+// Public API
+// =============================================================================
+/**
+ * Estimate effort level from raw signals.
+ *
+ * Score formula:
+ *   fileCount * fileCountMultiplier
+ *   + min(linesChanged / linesPerPoint, 10)
+ *   + toolCallCount * toolCallWeight
+ *   + (durationMs / 60000) / minutesPerPoint
+ *   + complexity bonuses: newFiles(+5), multiLang(+3), tests(+5), config(+2)
+ *
+ * Thresholds:
+ *   < 5 = trivial, < 15 = low, < 40 = medium, < 100 = high, else = significant
+ */
+export function estimateEffort(signals, weights) {
+    const w = { ...DEFAULT_WEIGHTS, ...weights };
+    // Base score components
+    const fileScore = signals.fileCount * w.fileCountMultiplier;
+    const linesScore = Math.min(signals.linesChanged / w.linesPerPoint, LINES_CAP);
+    const toolScore = signals.toolCallCount * w.toolCallWeight;
+    const timeScore = signals.durationMs / 60_000 / w.minutesPerPoint;
+    // Complexity bonuses
+    let bonus = 0;
+    if (signals.complexityIndicators.newFiles)
+        bonus += BONUS_NEW_FILES;
+    if (signals.complexityIndicators.multiLanguage)
+        bonus += BONUS_MULTI_LANG;
+    if (signals.complexityIndicators.tests)
+        bonus += BONUS_TESTS;
+    if (signals.complexityIndicators.configChanges)
+        bonus += BONUS_CONFIG;
+    const score = fileScore + linesScore + toolScore + timeScore + bonus;
+    // Map score to effort level
+    if (score < THRESHOLD_TRIVIAL)
+        return 'trivial';
+    if (score < THRESHOLD_LOW)
+        return 'low';
+    if (score < THRESHOLD_MEDIUM)
+        return 'medium';
+    if (score < THRESHOLD_HIGH)
+        return 'high';
+    return 'significant';
+}

package/dist/episodes/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Episodes Module
+ *
+ * Work history tracking with effort estimation.
+ */
+export type { Effort, WorkEpisode, EffortSignals, EffortWeights, EffortSummary, ProjectWorkSummary, EpisodeStore, } from './types.js';
+export { estimateEffort, DEFAULT_WEIGHTS, EFFORT_ORDER } from './effort.js';

package/dist/episodes/index.js

@@ -0,0 +1,7 @@
+/**
+ * Episodes Module
+ *
+ * Work history tracking with effort estimation.
+ */
+// Functions and constants
+export { estimateEffort, DEFAULT_WEIGHTS, EFFORT_ORDER } from './effort.js';

package/dist/episodes/types.d.ts

@@ -0,0 +1,158 @@
+/**
+ * Episodic Memory Types
+ *
+ * Core types for tracking work history with effort estimation.
+ * These types enable agents to understand what work has been done,
+ * by whom, and how much effort was involved.
+ */
+/**
+ * Effort level for a work episode.
+ * Ordered from least to most significant.
+ */
+export type Effort = 'trivial' | 'low' | 'medium' | 'high' | 'significant';
+/**
+ * A single unit of tracked work.
+ * Represents something an agent did — e.g., editing files, running tests, committing.
+ */
+export interface WorkEpisode {
+    /** Unique episode ID (UUID) */
+    id: string;
+    /** Agent ID that performed this work (e.g., 'default', 'backend', 'tester') */
+    agentId: string;
+    /** Terminal session prefix (first 8 chars of session ID) */
+    terminalPrefix: string;
+    /** High-level action label (e.g., 'edit', 'test', 'commit', 'refactor') */
+    action: string;
+    /** Human-readable summary of what was done */
+    summary: string;
+    /** Files affected by this episode */
+    files: string[];
+    /** Total lines changed (added + removed), if known */
+    linesChanged?: number;
+    /** ISO timestamp when the episode was recorded */
+    timestamp: string;
+    /** Session ID for grouping episodes within a session */
+    sessionId: string;
+    /** Estimated effort level */
+    effort: Effort;
+    /** Duration in milliseconds, if tracked */
+    durationMs?: number;
+    /** Number of tool calls in this episode */
+    toolCalls?: number;
+    /** Related work item ID (from workitem system) */
+    workItemId?: string;
+    /** Related git commit hashes */
+    relatedCommits?: string[];
+    /** Parent episode ID (for sub-tasks) */
+    parentEpisode?: string;
+}
+/**
+ * Raw signals used to estimate effort.
+ * These are collected from tool calls and timing data.
+ */
+export interface EffortSignals {
+    /** Number of unique files touched */
+    fileCount: number;
+    /** Total lines changed (added + removed) */
+    linesChanged: number;
+    /** Total number of tool calls */
+    toolCallCount: number;
+    /** Duration in milliseconds */
+    durationMs: number;
+    /** Number of edit/write iterations on same files */
+    iterationCount: number;
+    /** Complexity indicators detected */
+    complexityIndicators: {
+        /** New files were created (not just edited) */
+        newFiles?: boolean;
+        /** Multiple languages involved */
+        multiLanguage?: boolean;
+        /** Test files were created or modified */
+        tests?: boolean;
+        /** Config files were modified */
+        configChanges?: boolean;
+    };
+}
+/**
+ * Tunable weights for effort estimation.
+ * All weights are multipliers or divisors applied to raw signals.
+ */
+export interface EffortWeights {
+    /** Points per file (default: 2) */
+    fileCountMultiplier: number;
+    /** Lines per point (default: 50) — higher means lines matter less */
+    linesPerPoint: number;
+    /** Minutes per point (default: 1) */
+    minutesPerPoint: number;
+    /** Points per tool call (default: 1) */
+    toolCallWeight: number;
+}
+/**
+ * Summary of effort across multiple episodes.
+ */
+export interface EffortSummary {
+    /** Number of episodes included */
+    episodeCount: number;
+    /** Maximum effort level across episodes */
+    totalEffort: Effort;
+    /** Total time spent in milliseconds */
+    timeSpentMs: number;
+    /** Unique agent IDs involved */
+    agents: string[];
+    /** Human-readable description */
+    description: string;
+}
+/**
+ * Project-level work summary with breakdown.
+ */
+export interface ProjectWorkSummary {
+    /** Total number of episodes */
+    episodeCount: number;
+    /** Maximum effort level */
+    totalEffort: Effort;
+    /** Total time spent in milliseconds */
+    timeSpentMs: number;
+    /** Effort breakdown by agent */
+    agentBreakdown: Array<{
+        agentId: string;
+        episodeCount: number;
+        maxEffort: Effort;
+        timeSpentMs: number;
+    }>;
+    /** Most frequently touched files */
+    topFiles: Array<{
+        path: string;
+        touchCount: number;
+    }>;
+    /** Episodes since the last git commit */
+    uncommittedWork: WorkEpisode[];
+}
+/**
+ * Persistence interface for work episodes.
+ * Write methods may be async (for file I/O), read methods are synchronous
+ * (read from in-memory cache).
+ */
+export interface EpisodeStore {
+    /** Save a single episode */
+    save(episode: WorkEpisode): void | Promise<void>;
+    /** Save multiple episodes at once */
+    saveBatch(episodes: WorkEpisode[]): void | Promise<void>;
+    /** Get all episodes */
+    getAll(): WorkEpisode[];
+    /** Get episodes for specific files */
+    getByFiles(files: string[]): WorkEpisode[];
+    /** Get episodes by agent ID */
+    getByAgent(agentId: string): WorkEpisode[];
+    /** Get episodes by session ID */
+    getBySession(sessionId: string): WorkEpisode[];
+    /** Get episodes within a time range (ISO timestamps) */
+    getByTimeRange(start: string, end: string): WorkEpisode[];
+    /** Get the N most recent episodes */
+    getRecent(count: number): WorkEpisode[];
+    /** Get project work summary */
+    getWorkSummary(): ProjectWorkSummary;
+    /** Get the maximum effort level across all episodes (or a subset) */
+    getTotalEffort(episodes?: WorkEpisode[]): Effort;
+    /** Remove episodes older than maxAge milliseconds. Returns count removed. */
+    cleanup(maxAgeMs: number): number | Promise<number>;
+}

package/dist/episodes/types.js

@@ -0,0 +1,8 @@
+/**
+ * Episodic Memory Types
+ *
+ * Core types for tracking work history with effort estimation.
+ * These types enable agents to understand what work has been done,
+ * by whom, and how much effort was involved.
+ */
+export {};

package/dist/guardrails/index.d.ts

@@ -2,5 +2,7 @@
  * Guardrails module - Pattern-based safety checks for tool execution
  */
 export { GuardrailManager } from './manager.js';
+export { parseShellCommand } from './shell-parser.js';
+export type { ShellToken } from './shell-parser.js';
 export { getBuiltinGuardrails, isBuiltinGuardrail, getBuiltinGuardrailIds, getGuardrailsByTag, BUILTIN_GUARDRAILS, } from './builtin.js';
 export type { Guardrail, GuardrailInput, GuardrailAction, GuardrailResult, GuardrailContext, GuardrailManagerOptions, GuardrailTriggeredHandler, GuardrailEventType, GuardrailEvent, GuardrailEventHandler, } from './types.js';

package/dist/guardrails/index.js

@@ -2,4 +2,5 @@
  * Guardrails module - Pattern-based safety checks for tool execution
  */
 export { GuardrailManager } from './manager.js';
+export { parseShellCommand } from './shell-parser.js';
 export { getBuiltinGuardrails, isBuiltinGuardrail, getBuiltinGuardrailIds, getGuardrailsByTag, BUILTIN_GUARDRAILS, } from './builtin.js';

package/dist/guardrails/manager.d.ts

@@ -91,11 +91,32 @@ export declare class GuardrailManager {
     /**
      * Check tool input against all applicable guardrails
      *
+     * For inputs with a `command` field (e.g. bash tool), automatically
+     * parses compound commands and checks each subcommand independently.
+     *
      * @param toolName - Name of the tool being called
      * @param input - Tool input to check
      * @returns GuardrailResult indicating if any guardrail was triggered
      */
     check(toolName: string, input: unknown): GuardrailResult;
+    /**
+     * Check a compound shell command against guardrails.
+     *
+     * Parses the command into subcommands (splitting on |, &&, ||, ;)
+     * and validates each independently. Also checks the full command string
+     * to catch cross-subcommand patterns (e.g. `curl ... | bash`).
+     * Returns the highest-severity match with subcommand context.
+     *
+     * @param toolName - Name of the tool being called
+     * @param command - The shell command string
+     * @param originalInput - The original tool input (for result metadata)
+     * @returns GuardrailResult indicating if any guardrail was triggered
+     */
+    checkCommand(toolName: string, command: string, originalInput?: unknown): GuardrailResult;
+    /**
+     * Check an input string against all applicable guardrail patterns
+     */
+    private checkPatterns;
     /**
      * Check and handle guardrail triggering
      *

package/dist/guardrails/manager.js

@@ -2,6 +2,7 @@
  * GuardrailManager - Pattern-based safety checks for tool execution
  */
 import { getBuiltinGuardrails } from './builtin.js';
+import { parseShellCommand } from './shell-parser.js';
 /**
  * Default options for GuardrailManager
  */
@@ -159,6 +160,9 @@ export class GuardrailManager {
     /**
      * Check tool input against all applicable guardrails
      *
+     * For inputs with a `command` field (e.g. bash tool), automatically
+     * parses compound commands and checks each subcommand independently.
+     *
      * @param toolName - Name of the tool being called
      * @param input - Tool input to check
      * @returns GuardrailResult indicating if any guardrail was triggered
@@ -168,8 +172,72 @@ export class GuardrailManager {
         if (!this.options.enabled) {
             return { triggered: false };
         }
-        // Stringify the input for pattern matching
+        // Auto-detect compound shell commands (bash tool sends { command: "..." })
+        if (typeof input === 'object' && input !== null && 'command' in input) {
+            const cmd = input.command;
+            if (typeof cmd === 'string') {
+                return this.checkCommand(toolName, cmd, input);
+            }
+        }
+        // Original: pattern match on stringified input
         const inputString = this.stringifyInput(input);
+        return this.checkPatterns(toolName, inputString, input);
+    }
+    /**
+     * Check a compound shell command against guardrails.
+     *
+     * Parses the command into subcommands (splitting on |, &&, ||, ;)
+     * and validates each independently. Also checks the full command string
+     * to catch cross-subcommand patterns (e.g. `curl ... | bash`).
+     * Returns the highest-severity match with subcommand context.
+     *
+     * @param toolName - Name of the tool being called
+     * @param command - The shell command string
+     * @param originalInput - The original tool input (for result metadata)
+     * @returns GuardrailResult indicating if any guardrail was triggered
+     */
+    checkCommand(toolName, command, originalInput) {
+        const tokens = parseShellCommand(command);
+        if (tokens.length <= 1) {
+            // Single command — delegate to pattern matching directly
+            return this.checkPatterns(toolName, command, originalInput);
+        }
+        const applicableGuardrails = this.getForTool(toolName);
+        const severityOrder = { block: 3, confirm: 2, warn: 1 };
+        // Start with full-string check (catches cross-subcommand patterns like curl|bash)
+        let worst = this.checkPatterns(toolName, command, originalInput);
+        // Check each subcommand against all guardrails, keep highest severity
+        for (const token of tokens) {
+            for (const guardrail of applicableGuardrails) {
+                for (const pattern of guardrail.patterns) {
+                    const match = token.command.match(pattern);
+                    if (match) {
+                        const result = {
+                            triggered: true,
+                            guardrail,
+                            match: match[0],
+                            action: guardrail.action,
+                            toolName,
+                            input: originalInput,
+                            subcommand: token.command,
+                            subcommandIndex: token.index,
+                        };
+                        const resultSeverity = severityOrder[result.action ?? 'warn'] ?? 0;
+                        const worstSeverity = severityOrder[worst.action ?? ''] ?? 0;
+                        if (resultSeverity >= worstSeverity) {
+                            worst = result;
+                        }
+                        break; // Found match for this guardrail, move to next
+                    }
+                }
+            }
+        }
+        return worst;
+    }
+    /**
+     * Check an input string against all applicable guardrail patterns
+     */
+    checkPatterns(toolName, inputString, input) {
         // Get guardrails that apply to this tool
         const applicableGuardrails = this.getForTool(toolName);
         // Check each guardrail