@compilr-dev/sdk 0.9.16 → 0.9.18

package/dist/agent.js

@@ -3,6 +3,7 @@
  */
 import { Agent, ContextManager, createSuggestTool, } from '@compilr-dev/agents';
 import { createCompressorHook } from './compressors/index.js';
+import { createInjectionDetectionHook } from '@compilr-dev/agents';
 import { resolveProvider } from './provider.js';
 import { resolvePreset } from './presets/index.js';
 import { assembleTools, deduplicateTools } from './tools.js';
@@ -242,13 +243,17 @@ class CompilrAgentImpl {
                 : [];
             mergedHooks.beforeLLM = [...existingHooks, ...capabilityHooks];
         }
-        // Add output compressor as the first afterTool hook (runs before delegation)
+        // Add output compressor and injection detection as afterTool hooks
         const existingAfterTool = config?.hooks?.afterTool
             ? Array.isArray(config.hooks.afterTool)
                 ? config.hooks.afterTool
                 : [config.hooks.afterTool]
             : [];
-        mergedHooks.afterTool = [createCompressorHook(), ...existingAfterTool];
+        mergedHooks.afterTool = [
+            createCompressorHook(),
+            createInjectionDetectionHook(), // Scan tool results for prompt injection
+            ...existingAfterTool,
+        ];
         // Build observation mask config — SDK defaults include platform tools
         const observationMask = config?.context?.observationMask !== false
             ? {

package/dist/entitlements/cache.d.ts

@@ -0,0 +1,84 @@
+/**
+ * EntitlementCache — In-memory cache for server-driven entitlements.
+ *
+ * The server is the single source of truth. This cache:
+ * 1. Fetches entitlements from the server on first access
+ * 2. Caches in memory with a configurable TTL (default: 1 hour)
+ * 3. Falls back to encrypted offline backup if server is unreachable
+ * 4. Degrades to minimal fallback limits after offline grace period expires
+ *
+ * The host app (Desktop/CLI) provides:
+ * - fetchFn: how to call the server endpoint
+ * - store (optional): encrypted persistence for offline grace (IEntitlementStore)
+ */
+import type { TierLimits, EntitlementResponse, LimitCheckResult } from './types.js';
+/**
+ * Persistence adapter for offline grace period.
+ * Desktop: Electron safeStorage. CLI: encrypted file.
+ */
+export interface IEntitlementStore {
+    /** Save encrypted entitlement data */
+    save(data: string): Promise<void>;
+    /** Load encrypted entitlement data (null if not found) */
+    load(): Promise<string | null>;
+}
+export interface EntitlementCacheConfig {
+    /** How to fetch entitlements from the server */
+    fetchFn: () => Promise<EntitlementResponse>;
+    /** Optional encrypted persistence for offline grace */
+    store?: IEntitlementStore;
+    /** Cache TTL in milliseconds (default: 1 hour) */
+    ttlMs?: number;
+    /** Offline grace period in milliseconds (default: 24 hours) */
+    offlineGraceMs?: number;
+    /** Called when entitlements are refreshed (for logging, UI updates) */
+    onRefresh?: (response: EntitlementResponse) => void;
+}
+export declare class EntitlementCache {
+    private entitlements;
+    private fetchedAtMonotonic;
+    private fetchedAtWall;
+    private readonly fetchFn;
+    private readonly store?;
+    private readonly ttlMs;
+    private readonly offlineGraceMs;
+    private readonly onRefresh?;
+    private fetchPromise;
+    constructor(config: EntitlementCacheConfig);
+    /**
+     * Get current tier limits. Fetches from server if stale, falls back to cache/store/defaults.
+     */
+    get(): Promise<TierLimits>;
+    /**
+     * Get the full entitlement response (tier, beta, features, etc.)
+     */
+    getResponse(): Promise<EntitlementResponse | null>;
+    /**
+     * Check if a numeric limit is exceeded.
+     */
+    checkLimit(field: keyof TierLimits, currentCount: number): LimitCheckResult;
+    /**
+     * Check if a feature flag is enabled for the current user.
+     */
+    isFeatureEnabled(featureSlug: string): boolean;
+    /**
+     * Whether the user is in beta mode (all features unlocked).
+     */
+    isBeta(): boolean;
+    /**
+     * Current tier name.
+     */
+    getTier(): string;
+    /**
+     * Force a refresh from the server (e.g., after login, after subscription change).
+     */
+    refresh(): Promise<TierLimits>;
+    /**
+     * Clear the cache (e.g., on logout).
+     */
+    clear(): void;
+    private isFresh;
+    private isWithinOfflineGrace;
+    private fetchAndCache;
+    private fallback;
+}

package/dist/entitlements/cache.js

@@ -0,0 +1,185 @@
+/**
+ * EntitlementCache — In-memory cache for server-driven entitlements.
+ *
+ * The server is the single source of truth. This cache:
+ * 1. Fetches entitlements from the server on first access
+ * 2. Caches in memory with a configurable TTL (default: 1 hour)
+ * 3. Falls back to encrypted offline backup if server is unreachable
+ * 4. Degrades to minimal fallback limits after offline grace period expires
+ *
+ * The host app (Desktop/CLI) provides:
+ * - fetchFn: how to call the server endpoint
+ * - store (optional): encrypted persistence for offline grace (IEntitlementStore)
+ */
+import { UNLIMITED, OFFLINE_FALLBACK_LIMITS } from './types.js';
+// =============================================================================
+// Cache Implementation
+// =============================================================================
+const DEFAULT_TTL_MS = 60 * 60 * 1000; // 1 hour
+const DEFAULT_OFFLINE_GRACE_MS = 24 * 60 * 60 * 1000; // 24 hours
+export class EntitlementCache {
+    entitlements = null;
+    fetchedAtMonotonic = 0n; // process.hrtime.bigint() — monotonic, not clockable
+    fetchedAtWall = 0; // Date.now() — for serialization only
+    fetchFn;
+    store;
+    ttlMs;
+    offlineGraceMs;
+    onRefresh;
+    fetchPromise = null; // Dedup concurrent fetches
+    constructor(config) {
+        this.fetchFn = config.fetchFn;
+        this.store = config.store;
+        this.ttlMs = config.ttlMs ?? DEFAULT_TTL_MS;
+        this.offlineGraceMs = config.offlineGraceMs ?? DEFAULT_OFFLINE_GRACE_MS;
+        this.onRefresh = config.onRefresh;
+    }
+    /**
+     * Get current tier limits. Fetches from server if stale, falls back to cache/store/defaults.
+     */
+    async get() {
+        // Fresh cache → return immediately
+        if (this.entitlements && this.isFresh()) {
+            return this.entitlements.limits;
+        }
+        // Dedup concurrent fetch calls
+        if (this.fetchPromise)
+            return this.fetchPromise;
+        this.fetchPromise = this.fetchAndCache();
+        try {
+            return await this.fetchPromise;
+        }
+        finally {
+            this.fetchPromise = null;
+        }
+    }
+    /**
+     * Get the full entitlement response (tier, beta, features, etc.)
+     */
+    async getResponse() {
+        await this.get(); // Ensure cache is populated
+        return this.entitlements;
+    }
+    /**
+     * Check if a numeric limit is exceeded.
+     */
+    checkLimit(field, currentCount) {
+        if (!this.entitlements) {
+            return { allowed: true }; // No entitlements loaded yet — allow (fail open during init)
+        }
+        const limit = this.entitlements.limits[field];
+        // Unlimited
+        if (limit === UNLIMITED) {
+            return { allowed: true };
+        }
+        if (currentCount >= limit) {
+            return {
+                allowed: false,
+                reason: `Limit reached (${String(currentCount)}/${String(limit)})`,
+                upgradeHint: this.entitlements.beta
+                    ? undefined // No upgrade prompt during beta
+                    : 'Upgrade to Pro for unlimited access',
+                current: currentCount,
+                limit,
+            };
+        }
+        return { allowed: true, current: currentCount, limit };
+    }
+    /**
+     * Check if a feature flag is enabled for the current user.
+     */
+    isFeatureEnabled(featureSlug) {
+        if (!this.entitlements)
+            return true; // Fail open during init
+        return featureSlug in this.entitlements.features
+            ? this.entitlements.features[featureSlug]
+            : true; // Default: enabled if not explicitly listed
+    }
+    /**
+     * Whether the user is in beta mode (all features unlocked).
+     */
+    isBeta() {
+        return this.entitlements?.beta ?? false;
+    }
+    /**
+     * Current tier name.
+     */
+    getTier() {
+        return this.entitlements?.tier ?? 'free';
+    }
+    /**
+     * Force a refresh from the server (e.g., after login, after subscription change).
+     */
+    async refresh() {
+        this.fetchPromise = null; // Clear any pending dedup
+        return this.fetchAndCache();
+    }
+    /**
+     * Clear the cache (e.g., on logout).
+     */
+    clear() {
+        this.entitlements = null;
+        this.fetchedAtMonotonic = 0n;
+        this.fetchedAtWall = 0;
+        this.fetchPromise = null;
+    }
+    // ─── Private ───────────────────────────────────────────────────────────────
+    isFresh() {
+        if (this.fetchedAtMonotonic === 0n)
+            return false;
+        const elapsed = process.hrtime.bigint() - this.fetchedAtMonotonic;
+        return elapsed < BigInt(this.ttlMs) * 1000000n; // Convert ms to ns
+    }
+    isWithinOfflineGrace() {
+        if (this.fetchedAtMonotonic === 0n)
+            return false;
+        const elapsed = process.hrtime.bigint() - this.fetchedAtMonotonic;
+        return elapsed < BigInt(this.offlineGraceMs) * 1000000n;
+    }
+    async fetchAndCache() {
+        try {
+            const response = await this.fetchFn();
+            this.entitlements = response;
+            this.fetchedAtMonotonic = process.hrtime.bigint();
+            this.fetchedAtWall = Date.now();
+            // Persist encrypted for offline grace
+            if (this.store) {
+                const serialized = JSON.stringify({ response, fetchedAtWall: this.fetchedAtWall });
+                await this.store.save(serialized).catch(() => { }); // Best effort
+            }
+            this.onRefresh?.(response);
+            return response.limits;
+        }
+        catch {
+            // Server unreachable — try fallbacks
+            return this.fallback();
+        }
+    }
+    async fallback() {
+        // 1. Stale in-memory cache within offline grace
+        if (this.entitlements && this.isWithinOfflineGrace()) {
+            return this.entitlements.limits;
+        }
+        // 2. Encrypted store backup
+        if (this.store) {
+            try {
+                const stored = await this.store.load();
+                if (stored) {
+                    const parsed = JSON.parse(stored);
+                    const age = Date.now() - parsed.fetchedAtWall;
+                    if (age < this.offlineGraceMs) {
+                        this.entitlements = parsed.response;
+                        this.fetchedAtMonotonic = process.hrtime.bigint(); // Reset monotonic to now
+                        this.fetchedAtWall = parsed.fetchedAtWall;
+                        return this.entitlements.limits;
+                    }
+                }
+            }
+            catch {
+                // Corrupted store — fall through to defaults
+            }
+        }
+        // 3. Offline grace expired or no store — degrade to minimal fallback
+        return OFFLINE_FALLBACK_LIMITS;
+    }
+}

package/dist/entitlements/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Entitlements — Server-driven tier management for pricing.
+ */
+export type { TierLimits, EntitlementResponse, LimitCheckResult, } from './types.js';
+export { UNLIMITED, OFFLINE_FALLBACK_LIMITS, } from './types.js';
+export type { IEntitlementStore, EntitlementCacheConfig, } from './cache.js';
+export { EntitlementCache } from './cache.js';

package/dist/entitlements/index.js

@@ -0,0 +1,5 @@
+/**
+ * Entitlements — Server-driven tier management for pricing.
+ */
+export { UNLIMITED, OFFLINE_FALLBACK_LIMITS, } from './types.js';
+export { EntitlementCache } from './cache.js';

package/dist/entitlements/types.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Entitlement Types — Shared between server, SDK, Desktop, and CLI.
+ *
+ * TierLimits values: -1 = unlimited, 0+ = actual limit.
+ */
+/** Numeric limits for a tier. All values server-driven — never hardcoded in app logic. */
+export interface TierLimits {
+    maxProjects: number;
+    maxTeamAgents: number;
+    maxCustomAgents: number;
+    maxTemplates: number;
+    maxBackgroundTasks: number;
+    maxMcpServers: number;
+    maxKnowledgeDocs: number;
+    maxConversationsPerDay: number;
+    maxAgentMessagesPerDay: number;
+    maxScaffoldToolkits: number;
+}
+/** Response from the cli-entitlements endpoint */
+export interface EntitlementResponse {
+    tier: string;
+    beta: boolean;
+    limits: TierLimits;
+    pendingPayment: boolean;
+    trialEndsAt: string | null;
+    features: Record<string, boolean>;
+    issuedAt: string;
+    userId: string;
+    signature: string;
+}
+/** Result of checking a limit */
+export interface LimitCheckResult {
+    allowed: boolean;
+    reason?: string;
+    upgradeHint?: string;
+    current?: number;
+    limit?: number;
+}
+/** Sentinel value for unlimited */
+export declare const UNLIMITED = -1;
+/**
+ * Minimal fallback limits when server is unreachable AND no cached entitlements exist.
+ * Intentionally restrictive to push the user to connect.
+ */
+export declare const OFFLINE_FALLBACK_LIMITS: TierLimits;

package/dist/entitlements/types.js

@@ -0,0 +1,23 @@
+/**
+ * Entitlement Types — Shared between server, SDK, Desktop, and CLI.
+ *
+ * TierLimits values: -1 = unlimited, 0+ = actual limit.
+ */
+/** Sentinel value for unlimited */
+export const UNLIMITED = -1;
+/**
+ * Minimal fallback limits when server is unreachable AND no cached entitlements exist.
+ * Intentionally restrictive to push the user to connect.
+ */
+export const OFFLINE_FALLBACK_LIMITS = {
+    maxProjects: 1,
+    maxTeamAgents: 1,
+    maxCustomAgents: 0,
+    maxTemplates: 0,
+    maxBackgroundTasks: 0,
+    maxMcpServers: 0,
+    maxKnowledgeDocs: 0,
+    maxConversationsPerDay: 5,
+    maxAgentMessagesPerDay: 20,
+    maxScaffoldToolkits: 0,
+};

package/dist/index.d.ts

@@ -58,6 +58,8 @@ export { createSQLiteRepositories, SQLiteProjectRepository, SQLiteWorkItemReposi
 export type { SQLiteRepositories, CreateSQLiteRepositoriesOptions, ProjectDeleteHooks, ProjectRecord, WorkItemRecord, ProjectDocumentRecord, WorkItemCommentRecord, } from './platform/index.js';
 export { createAskUserTool, createAskUserSimpleTool, createProposeAlternativesTool } from './tools/index.js';
 export type { AskUserQuestion, AskUserInput, AskUserResult, AskUserHandler, AskUserSimpleInput, AskUserSimpleResult, AskUserSimpleHandler, Alternative, ProposeAlternativesInput, ProposeAlternativesResult, ProposeAlternativesHandler, } from './tools/index.js';
+export { EntitlementCache, UNLIMITED, OFFLINE_FALLBACK_LIMITS } from './entitlements/index.js';
+export type { TierLimits, EntitlementResponse, LimitCheckResult, IEntitlementStore, EntitlementCacheConfig, } from './entitlements/index.js';
 export { detectProject, suggestProjectType, detectCommon } from './detection/index.js';
 export type { DetectProjectOptions, DetectionResult, ContentSummary } from './detection/index.js';
 export { createGuideTool, SHARED_GUIDE_ENTRIES, searchGuideEntries, topicToGuideEntry, } from './guide/index.js';

package/dist/index.js

@@ -133,6 +133,10 @@ export { createSQLiteRepositories, SQLiteProjectRepository, SQLiteWorkItemReposi
 // =============================================================================
 export { createAskUserTool, createAskUserSimpleTool, createProposeAlternativesTool } from './tools/index.js';
 // =============================================================================
+// Entitlements (server-driven tier management)
+// =============================================================================
+export { EntitlementCache, UNLIMITED, OFFLINE_FALLBACK_LIMITS } from './entitlements/index.js';
+// =============================================================================
 // Project Detection (universal project content detection)
 // =============================================================================
 export { detectProject, suggestProjectType, detectCommon } from './detection/index.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@compilr-dev/sdk",
-  "version": "0.9.16",
+  "version": "0.9.18",
   "description": "Universal agent runtime for building AI-powered applications",
   "type": "module",
   "main": "dist/index.js",
@@ -53,7 +53,7 @@
     "node": ">=22.0.0"
   },
   "dependencies": {
-    "@compilr-dev/agents": "^0.5.1",
+    "@compilr-dev/agents": "^0.5.4",
     "@compilr-dev/logger": "^0.1.0",
     "ajv": "^6.14.0"
   },