@congzhen/changewayguard 6.8.12

package/dist/agent/runner.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Agent Runner - Multi-backend analysis
+ *
+ * Supports two detection backends:
+ * 1. Dashboard (preferred) - Routes through local/remote dashboard → core
+ * 2. OpenGuardrails API (fallback) - Direct API call
+ *
+ * Content is always sanitized locally before being sent to any API.
+ */
+import type { AnalysisTarget, AnalysisVerdict, Logger, OpenGuardrailsApiResponse } from "./types.js";
+export type RunnerConfig = {
+    apiKey: string;
+    timeoutMs: number;
+    autoRegister: boolean;
+    coreUrl: string;
+    /** Dashboard URL - when set, uses dashboard for detection */
+    dashboardUrl?: string;
+    /** Dashboard session token */
+    dashboardSessionToken?: string;
+};
+export declare function mapApiResponseToVerdict(apiResponse: OpenGuardrailsApiResponse): AnalysisVerdict;
+export declare function runGuardAgent(target: AnalysisTarget, config: RunnerConfig, log: Logger): Promise<AnalysisVerdict>;
+//# sourceMappingURL=runner.d.ts.map

package/dist/agent/runner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"runner.d.ts","sourceRoot":"","sources":["../../agent/runner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EACV,cAAc,EACd,eAAe,EAEf,MAAM,EACN,yBAAyB,EAC1B,MAAM,YAAY,CAAC;AASpB,MAAM,MAAM,YAAY,GAAG;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,6DAA6D;IAC7D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,8BAA8B;IAC9B,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAyFF,wBAAgB,uBAAuB,CAAC,WAAW,EAAE,yBAAyB,GAAG,eAAe,CAgB/F;AAiDD,wBAAsB,aAAa,CACjC,MAAM,EAAE,cAAc,EACtB,MAAM,EAAE,YAAY,EACpB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,eAAe,CAAC,CAuC1B"}

package/dist/agent/runner.js

@@ -0,0 +1,154 @@
+/**
+ * Agent Runner - Multi-backend analysis
+ *
+ * Supports two detection backends:
+ * 1. Dashboard (preferred) - Routes through local/remote dashboard → core
+ * 2. OpenGuardrails API (fallback) - Direct API call
+ *
+ * Content is always sanitized locally before being sent to any API.
+ */
+import { DEFAULT_CORE_URL } from "./config.js";
+import { buildSignedAuthHeadersForUrl, withChangewayOpenPrefix } from "./auth.js";
+import { sanitizeContent } from "./sanitizer.js";
+async function runViaDashboard(sanitizedContent, config, log) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), config.timeoutMs);
+    const url = withChangewayOpenPrefix(`${config.dashboardUrl}/api/detect`);
+    const requestBody = {
+        messages: [{ role: "user", content: sanitizedContent }],
+    };
+    try {
+        const headers = {
+            "Content-Type": "application/json",
+            ...buildSignedAuthHeadersForUrl({
+                method: "POST",
+                url,
+                body: requestBody,
+                authorization: config.dashboardSessionToken
+                    ? `Bearer ${config.dashboardSessionToken}`
+                    : null,
+            }),
+        };
+        const response = await fetch(url, {
+            method: "POST",
+            headers,
+            body: JSON.stringify(requestBody),
+            signal: controller.signal,
+        });
+        if (!response.ok) {
+            const text = await response.text();
+            throw new Error(`Dashboard API error: ${response.status} ${text}`);
+        }
+        const result = (await response.json());
+        if (!result.success || !result.data) {
+            throw new Error(`Dashboard error: ${result.error ?? "unknown"}`);
+        }
+        const data = result.data;
+        const findings = data.findings.map((f) => ({
+            suspiciousContent: f.name,
+            reason: f.description,
+            confidence: data.sensitivity_score,
+        }));
+        return {
+            isInjection: !data.safe,
+            confidence: data.sensitivity_score,
+            reason: data.safe ? "No issues detected" : `Detected: ${data.categories.join(", ")}`,
+            findings,
+            chunksAnalyzed: 1,
+        };
+    }
+    finally {
+        clearTimeout(timeoutId);
+    }
+}
+// =============================================================================
+// OpenGuardrails API Detection (Fallback)
+// =============================================================================
+export function mapApiResponseToVerdict(apiResponse) {
+    const verdict = apiResponse.verdict;
+    const findings = (verdict.findings ?? []).map((f) => ({
+        suspiciousContent: f.suspiciousContent,
+        reason: f.reason,
+        confidence: f.confidence,
+    }));
+    return {
+        isInjection: verdict.isInjection,
+        confidence: verdict.confidence,
+        reason: verdict.reason,
+        findings,
+        chunksAnalyzed: 1,
+    };
+}
+async function runViaApi(sanitizedContent, config, _log) {
+    const baseUrl = config.coreUrl || DEFAULT_CORE_URL;
+    const url = withChangewayOpenPrefix(`${baseUrl}/api/check/tool-call`);
+    const requestBody = { content: sanitizedContent, async: false };
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), config.timeoutMs);
+    try {
+        const response = await fetch(url, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                ...buildSignedAuthHeadersForUrl({
+                    method: "POST",
+                    url,
+                    body: requestBody,
+                }),
+            },
+            body: JSON.stringify(requestBody),
+            signal: controller.signal,
+        });
+        if (!response.ok) {
+            throw new Error(`changewayGuard API error: ${response.status} ${response.statusText}`);
+        }
+        const apiResponse = (await response.json());
+        if (!apiResponse.ok) {
+            throw new Error(`changewayGuard API returned error: ${apiResponse.error ?? "unknown"}`);
+        }
+        return mapApiResponseToVerdict(apiResponse);
+    }
+    finally {
+        clearTimeout(timeoutId);
+    }
+}
+// =============================================================================
+// Main Analysis Function
+// =============================================================================
+export async function runGuardAgent(target, config, log) {
+    const startTime = Date.now();
+    log.info(`Analyzing content: ${target.content.length} chars`);
+    // Always sanitize locally first
+    const { sanitized, redactions, totalRedactions } = sanitizeContent(target.content);
+    if (totalRedactions > 0) {
+        log.info(`Sanitized ${totalRedactions} sensitive items: ${Object.entries(redactions).map(([k, v]) => `${v} ${k}`).join(", ")}`);
+    }
+    try {
+        let verdict;
+        // Route to dashboard if configured, otherwise fall back to API
+        if (config.dashboardUrl) {
+            log.info("Using dashboard for detection");
+            verdict = await runViaDashboard(sanitized, config, log);
+        }
+        else {
+            verdict = await runViaApi(sanitized, config, log);
+        }
+        const durationMs = Date.now() - startTime;
+        log.info(`Analysis complete in ${durationMs}ms: ${verdict.isInjection ? "INJECTION DETECTED" : "SAFE"}`);
+        return verdict;
+    }
+    catch (error) {
+        if (error.name === "AbortError") {
+            log.warn("Analysis timed out");
+            return {
+                isInjection: false,
+                confidence: 0,
+                reason: "Timeout",
+                findings: [],
+                chunksAnalyzed: 0,
+            };
+        }
+        throw error;
+    }
+}
+//# sourceMappingURL=runner.js.map

package/dist/agent/runner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"runner.js","sourceRoot":"","sources":["../../agent/runner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AASH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,4BAA4B,EAAE,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAClF,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAqCjD,KAAK,UAAU,eAAe,CAC5B,gBAAwB,EACxB,MAAoB,EACpB,GAAW;IAEX,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IACzE,MAAM,GAAG,GAAG,uBAAuB,CAAC,GAAG,MAAM,CAAC,YAAY,aAAa,CAAC,CAAC;IACzE,MAAM,WAAW,GAAG;QAClB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC;KACxD,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,OAAO,GAA2B;YACtC,cAAc,EAAE,kBAAkB;YAClC,GAAG,4BAA4B,CAAC;gBAC9B,MAAM,EAAE,MAAM;gBACd,GAAG;gBACH,IAAI,EAAE,WAAW;gBACjB,aAAa,EAAE,MAAM,CAAC,qBAAqB;oBACzC,CAAC,CAAC,UAAU,MAAM,CAAC,qBAAqB,EAAE;oBAC1C,CAAC,CAAC,IAAI;aACT,CAAC;SACH,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;YACjC,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA0B,CAAC;QAEhE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,oBAAoB,MAAM,CAAC,KAAK,IAAI,SAAS,EAAE,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QAEzB,MAAM,QAAQ,GAAc,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACpD,iBAAiB,EAAE,CAAC,CAAC,IAAI;YACzB,MAAM,EAAE,CAAC,CAAC,WAAW;YACrB,UAAU,EAAE,IAAI,CAAC,iBAAiB;SACnC,CAAC,CAAC,CAAC;QAEJ,OAAO;YACL,WAAW,EAAE,CAAC,IAAI,CAAC,IAAI;YACvB,UAAU,EAAE,IAAI,CAAC,iBAAiB;YAClC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpF,QAAQ;YACR,cAAc,EAAE,CAAC;SAClB,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,SAAS,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,0CAA0C;AAC1C,gFAAgF;AAEhF,MAAM,UAAU,uBAAuB,CAAC,WAAsC;IAC5E,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC;IAEpC,MAAM,QAAQ,GAAc,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;QACtC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ;QACR,cAAc,EAAE,CAAC;KAClB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CACtB,gBAAwB,EACxB,MAAoB,EACpB,IAAY;IAEZ,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,gBAAgB,CAAC;IACnD,MAAM,GAAG,GAAG,uBAAuB,CAAC,GAAG,OAAO,sBAAsB,CAAC,CAAC;IACtE,MAAM,WAAW,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IAEhE,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAEzE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,4BAA4B,CAAC;oBAC9B,MAAM,EAAE,MAAM;oBACd,GAAG;oBACH,IAAI,EAAE,WAAW;iBAClB,CAAC;aACH;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;YACjC,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACzF,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;QAEzE,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,sCAAsC,WAAW,CAAC,KAAK,IAAI,SAAS,EAAE,CAAC,CAAC;QAC1F,CAAC;QAED,OAAO,uBAAuB,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,SAAS,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,yBAAyB;AACzB,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAsB,EACtB,MAAoB,EACpB,GAAW;IAEX,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,GAAG,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,OAAO,CAAC,MAAM,QAAQ,CAAC,CAAC;IAE9D,gCAAgC;IAChC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnF,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;QACxB,GAAG,CAAC,IAAI,CAAC,aAAa,eAAe,qBAAqB,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClI,CAAC;IAED,IAAI,CAAC;QACH,IAAI,OAAwB,CAAC;QAE7B,+DAA+D;QAC/D,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,GAAG,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC1C,OAAO,GAAG,MAAM,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,MAAM,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAC1C,GAAG,CAAC,IAAI,CAAC,wBAAwB,UAAU,OAAO,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAEzG,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAK,KAAe,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YAC3C,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAC/B,OAAO;gBACL,WAAW,EAAE,KAAK;gBAClB,UAAU,EAAE,CAAC;gBACb,MAAM,EAAE,SAAS;gBACjB,QAAQ,EAAE,EAAE;gBACZ,cAAc,EAAE,CAAC;aAClB,CAAC;QACJ,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/agent/sanitizer.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Local content sanitizer — strips PII and secrets before sending to API.
+ *
+ * Inspired by n8n's guardrails implementation (MIT).
+ * Replaces sensitive data with category placeholders while preserving
+ * the structure and context needed for injection detection.
+ */
+import type { SanitizeResult } from "./types.js";
+export declare function sanitizeContent(content: string): SanitizeResult;
+//# sourceMappingURL=sanitizer.d.ts.map

package/dist/agent/sanitizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizer.d.ts","sourceRoot":"","sources":["../../agent/sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AA6KjD,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,cAAc,CAqC/D"}

package/dist/agent/sanitizer.js

@@ -0,0 +1,175 @@
+/**
+ * Local content sanitizer — strips PII and secrets before sending to API.
+ *
+ * Inspired by n8n's guardrails implementation (MIT).
+ * Replaces sensitive data with category placeholders while preserving
+ * the structure and context needed for injection detection.
+ */
+const ENTITIES = [
+    // URLs (must come before email to avoid partial matches on domain parts)
+    {
+        category: "URL",
+        placeholder: "<URL>",
+        pattern: /https?:\/\/[^\s<>"{}|\\^`\[\]]+/g,
+    },
+    // Email
+    {
+        category: "EMAIL",
+        placeholder: "<EMAIL>",
+        pattern: /[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}/g,
+    },
+    // Credit Card (4 groups of 4 digits)
+    {
+        category: "CREDIT_CARD",
+        placeholder: "<CREDIT_CARD>",
+        pattern: /\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b/g,
+    },
+    // SSN (###-##-####)
+    {
+        category: "SSN",
+        placeholder: "<SSN>",
+        pattern: /\b\d{3}-\d{2}-\d{4}\b/g,
+    },
+    // IBAN
+    {
+        category: "IBAN",
+        placeholder: "<IBAN>",
+        pattern: /\b[A-Z]{2}\d{2}[A-Z0-9]{4}\d{7}[A-Z0-9]{0,16}\b/g,
+    },
+    // IP Address
+    {
+        category: "IP_ADDRESS",
+        placeholder: "<IP_ADDRESS>",
+        pattern: /\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/g,
+    },
+    // Phone numbers (US/intl formats)
+    {
+        category: "PHONE",
+        placeholder: "<PHONE>",
+        pattern: /[+]?[(]?[0-9]{3}[)]?[-\s.][0-9]{3}[-\s.][0-9]{4,6}\b/g,
+    },
+];
+// Known secret prefixes
+const SECRET_PREFIXES = [
+    "sk-",
+    "sk_",
+    "pk_",
+    "ghp_",
+    "AKIA",
+    "xox",
+    "SG.",
+    "hf_",
+    "api-",
+    "token-",
+    "secret-",
+];
+const BEARER_PATTERN = /Bearer\s+[A-Za-z0-9\-_.~+/]+=*/g;
+// Secret-like tokens: known prefix followed by alphanumeric/special chars
+const SECRET_PREFIX_PATTERN = new RegExp(`(?:${SECRET_PREFIXES.map((p) => p.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")).join("|")})[A-Za-z0-9\\-_.~+/]{8,}=*`, "g");
+// =============================================================================
+// Shannon Entropy
+// =============================================================================
+function shannonEntropy(s) {
+    if (s.length === 0)
+        return 0;
+    const freq = new Map();
+    for (const ch of s) {
+        freq.set(ch, (freq.get(ch) ?? 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / s.length;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+function collectMatches(content) {
+    const matches = [];
+    // Regex-based entities
+    for (const entity of ENTITIES) {
+        // Reset lastIndex for global regexes
+        entity.pattern.lastIndex = 0;
+        let m;
+        while ((m = entity.pattern.exec(content)) !== null) {
+            matches.push({
+                text: m[0],
+                category: entity.category,
+                placeholder: entity.placeholder,
+            });
+        }
+    }
+    // Secret prefixes
+    SECRET_PREFIX_PATTERN.lastIndex = 0;
+    let m;
+    while ((m = SECRET_PREFIX_PATTERN.exec(content)) !== null) {
+        matches.push({
+            text: m[0],
+            category: "SECRET",
+            placeholder: "<SECRET>",
+        });
+    }
+    // Bearer tokens
+    BEARER_PATTERN.lastIndex = 0;
+    while ((m = BEARER_PATTERN.exec(content)) !== null) {
+        matches.push({
+            text: m[0],
+            category: "SECRET",
+            placeholder: "<SECRET>",
+        });
+    }
+    // High-entropy tokens (catch API keys/secrets that don't have known prefixes)
+    // Look for standalone tokens that look like secrets: 20+ chars, high entropy
+    const tokenPattern = /\b[A-Za-z0-9\-_.~+/]{20,}={0,3}\b/g;
+    tokenPattern.lastIndex = 0;
+    while ((m = tokenPattern.exec(content)) !== null) {
+        const token = m[0];
+        // Skip if already matched by another pattern
+        if (matches.some((existing) => existing.text === token))
+            continue;
+        // Skip if it looks like a normal word (all lowercase alpha, no digits/special)
+        if (/^[a-z]+$/.test(token))
+            continue;
+        // High entropy threshold (typical for random keys/tokens)
+        if (shannonEntropy(token) >= 4.0) {
+            matches.push({
+                text: token,
+                category: "SECRET",
+                placeholder: "<SECRET>",
+            });
+        }
+    }
+    return matches;
+}
+// =============================================================================
+// Main Sanitizer
+// =============================================================================
+export function sanitizeContent(content) {
+    const matches = collectMatches(content);
+    if (matches.length === 0) {
+        return { sanitized: content, redactions: {}, totalRedactions: 0 };
+    }
+    // Deduplicate matches by text
+    const unique = new Map();
+    for (const match of matches) {
+        // Keep the first match for each text (preserves priority from entity order)
+        if (!unique.has(match.text)) {
+            unique.set(match.text, match);
+        }
+    }
+    // Sort by length descending — prevents partial matches corrupting longer ones
+    const sorted = [...unique.values()].sort((a, b) => b.text.length - a.text.length);
+    // Replace using split/join — safe against regex special chars in matched text
+    let sanitized = content;
+    const redactions = {};
+    for (const match of sorted) {
+        const parts = sanitized.split(match.text);
+        const count = parts.length - 1;
+        if (count > 0) {
+            sanitized = parts.join(match.placeholder);
+            redactions[match.category] = (redactions[match.category] ?? 0) + count;
+        }
+    }
+    const totalRedactions = Object.values(redactions).reduce((a, b) => a + b, 0);
+    return { sanitized, redactions, totalRedactions };
+}
+//# sourceMappingURL=sanitizer.js.map

package/dist/agent/sanitizer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizer.js","sourceRoot":"","sources":["../../agent/sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAcH,MAAM,QAAQ,GAAa;IACzB,yEAAyE;IACzE;QACE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,OAAO;QACpB,OAAO,EAAE,kCAAkC;KAC5C;IACD,QAAQ;IACR;QACE,QAAQ,EAAE,OAAO;QACjB,WAAW,EAAE,SAAS;QACtB,OAAO,EAAE,mDAAmD;KAC7D;IACD,qCAAqC;IACrC;QACE,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,eAAe;QAC5B,OAAO,EAAE,6CAA6C;KACvD;IACD,oBAAoB;IACpB;QACE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,OAAO;QACpB,OAAO,EAAE,wBAAwB;KAClC;IACD,OAAO;IACP;QACE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,QAAQ;QACrB,OAAO,EAAE,kDAAkD;KAC5D;IACD,aAAa;IACb;QACE,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,cAAc;QAC3B,OAAO,EAAE,oCAAoC;KAC9C;IACD,kCAAkC;IAClC;QACE,QAAQ,EAAE,OAAO;QACjB,WAAW,EAAE,SAAS;QACtB,OAAO,EAAE,uDAAuD;KACjE;CACF,CAAC;AAEF,wBAAwB;AACxB,MAAM,eAAe,GAAG;IACtB,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,QAAQ;IACR,SAAS;CACV,CAAC;AAEF,MAAM,cAAc,GAAG,iCAAiC,CAAC;AAEzD,0EAA0E;AAC1E,MAAM,qBAAqB,GAAG,IAAI,MAAM,CACtC,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,4BAA4B,EAChH,GAAG,CACJ,CAAC;AAEF,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF,SAAS,cAAc,CAAC,CAAS;IAC/B,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QAC3B,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAYD,SAAS,cAAc,CAAC,OAAe;IACrC,MAAM,OAAO,GAAY,EAAE,CAAC;IAE5B,uBAAuB;IACvB,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,qCAAqC;QACrC,MAAM,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAyB,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACV,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,WAAW,EAAE,MAAM,CAAC,WAAW;aAChC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,qBAAqB,CAAC,SAAS,GAAG,CAAC,CAAC;IACpC,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,UAAU;SACxB,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB;IAChB,cAAc,CAAC,SAAS,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,UAAU;SACxB,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,6EAA6E;IAC7E,MAAM,YAAY,GAAG,oCAAoC,CAAC;IAC1D,YAAY,CAAC,SAAS,GAAG,CAAC,CAAC;IAC3B,OAAO,CAAC,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,6CAA6C;QAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC;YAAE,SAAS;QAClE,+EAA+E;QAC/E,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,SAAS;QACrC,0DAA0D;QAC1D,IAAI,cAAc,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,KAAK;gBACX,QAAQ,EAAE,QAAQ;gBAClB,WAAW,EAAE,UAAU;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,gFAAgF;AAChF,iBAAiB;AACjB,gFAAgF;AAEhF,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IAExC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,eAAe,EAAE,CAAC,EAAE,CAAC;IACpE,CAAC;IAED,8BAA8B;IAC9B,MAAM,MAAM,GAAG,IAAI,GAAG,EAAiB,CAAC;IACxC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,4EAA4E;QAC5E,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,MAAM,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CACxC,CAAC;IAEF,8EAA8E;IAC9E,IAAI,SAAS,GAAG,OAAO,CAAC;IACxB,MAAM,UAAU,GAA2B,EAAE,CAAC;IAE9C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YACd,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC1C,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAE7E,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,eAAe,EAAE,CAAC;AACpD,CAAC"}

package/dist/agent/scan-activity.d.ts

@@ -0,0 +1,18 @@
+import type { ToolCallObservationRequest } from "../platform-client/types.js";
+type ScanSource = "prompt" | "content";
+type ScanAction = "allow" | "alert" | "block" | string | undefined;
+export type ScanActivityInput = {
+    source: ScanSource;
+    action: ScanAction;
+    agentId: string;
+    sessionKey?: string;
+    riskLevel?: string;
+    confidence?: number;
+    categories?: string[];
+    explanation?: string;
+    latencyMs?: number;
+    scannedToolName?: string;
+};
+export declare function buildScanActivityObservation(input: ScanActivityInput): ToolCallObservationRequest | null;
+export {};
+//# sourceMappingURL=scan-activity.d.ts.map

package/dist/agent/scan-activity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-activity.d.ts","sourceRoot":"","sources":["../../agent/scan-activity.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AAE9E,KAAK,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAC;AACvC,KAAK,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEnE,MAAM,MAAM,iBAAiB,GAAG;IAC9B,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,EAAE,UAAU,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,iBAAiB,GAAG,0BAA0B,GAAG,IAAI,CAiCxG"}

package/dist/agent/scan-activity.js

@@ -0,0 +1,32 @@
+export function buildScanActivityObservation(input) {
+    if (input.action !== "block" && input.action !== "alert") {
+        return null;
+    }
+    const confidencePercent = typeof input.confidence === "number"
+        ? `${Math.round(input.confidence * 100)}%`
+        : null;
+    const reasonParts = [
+        `${input.source}_scan`,
+        `action=${input.action}`,
+        input.riskLevel ? `risk=${input.riskLevel}` : null,
+        confidencePercent ? `confidence=${confidencePercent}` : null,
+        input.explanation ? `reason=${input.explanation}` : null,
+    ].filter((part) => !!part);
+    return {
+        agentId: input.agentId,
+        sessionKey: input.sessionKey,
+        toolName: input.source === "prompt" ? "security_prompt_scan" : "security_content_scan",
+        params: {
+            source: input.source,
+            scanAction: input.action,
+            riskLevel: input.riskLevel ?? null,
+            categories: input.categories ?? [],
+            ...(input.scannedToolName ? { scannedToolName: input.scannedToolName } : {}),
+        },
+        phase: "after",
+        blocked: true,
+        blockReason: reasonParts.join(" | "),
+        durationMs: input.latencyMs,
+    };
+}
+//# sourceMappingURL=scan-activity.js.map

package/dist/agent/scan-activity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-activity.js","sourceRoot":"","sources":["../../agent/scan-activity.ts"],"names":[],"mappings":"AAkBA,MAAM,UAAU,4BAA4B,CAAC,KAAwB;IACnE,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QACzD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,iBAAiB,GAAG,OAAO,KAAK,CAAC,UAAU,KAAK,QAAQ;QAC5D,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,GAAG,GAAG,CAAC,GAAG;QAC1C,CAAC,CAAC,IAAI,CAAC;IAET,MAAM,WAAW,GAAG;QAClB,GAAG,KAAK,CAAC,MAAM,OAAO;QACtB,UAAU,KAAK,CAAC,MAAM,EAAE;QACxB,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,IAAI;QAClD,iBAAiB,CAAC,CAAC,CAAC,cAAc,iBAAiB,EAAE,CAAC,CAAC,CAAC,IAAI;QAC5D,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,UAAU,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;KACzD,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE3C,OAAO;QACL,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,QAAQ,EAAE,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,uBAAuB;QACtF,MAAM,EAAE;YACN,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,UAAU,EAAE,KAAK,CAAC,MAAM;YACxB,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI;YAClC,UAAU,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;YAClC,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,KAAK,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7E;QACD,KAAK,EAAE,OAAO;QACd,OAAO,EAAE,IAAI;QACb,WAAW,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC;QACpC,UAAU,EAAE,KAAK,CAAC,SAAS;KAC5B,CAAC;AACJ,CAAC"}

package/dist/agent/types.d.ts

@@ -0,0 +1,177 @@
+/**
+ * Type definitions for OpenGuardrails Plugin
+ */
+export type OpenClawGuardConfig = {
+    enabled?: boolean;
+    blockOnRisk?: boolean;
+    /** Optional API key override for configured Core endpoint. */
+    apiKey?: string;
+    timeoutMs?: number;
+    /** Core API URL (behavior detection).
+     *  Default: http://10.16.148.67:53666 */
+    coreUrl?: string;
+    /** Agent name for dashboard metadata */
+    agentName?: string;
+    /** Deployment plan. Set to "enterprise" for self-hosted enterprise deployment.
+     *  When "enterprise", coreUrl must point to the enterprise Core instance.
+     *  Core API calls go to the enterprise coreUrl; dashboard reports to both
+     *  local and enterprise Core for centralized security management. */
+    plan?: "enterprise";
+};
+export type AnalysisTarget = {
+    type: "message" | "tool_call" | "tool_result";
+    content: string;
+    toolName?: string;
+    toolParams?: Record<string, unknown>;
+    metadata?: Record<string, unknown>;
+};
+export type Finding = {
+    suspiciousContent: string;
+    reason: string;
+    confidence: number;
+    location?: {
+        start: number;
+        end: number;
+    };
+};
+export type AnalysisVerdict = {
+    isInjection: boolean;
+    confidence: number;
+    reason: string;
+    findings: Finding[];
+    chunksAnalyzed: number;
+};
+export type OpenGuardrailsApiResponse = {
+    ok: boolean;
+    verdict: {
+        isInjection: boolean;
+        confidence: number;
+        reason: string;
+        findings: Array<{
+            suspiciousContent: string;
+            reason: string;
+            confidence: number;
+        }>;
+    };
+    error?: string;
+};
+export type AnalysisLogEntry = {
+    id: number;
+    timestamp: string;
+    targetType: string;
+    contentLength: number;
+    chunksAnalyzed: number;
+    verdict: AnalysisVerdict;
+    durationMs: number;
+    blocked: boolean;
+};
+export type Logger = {
+    info: (msg: string) => void;
+    warn: (msg: string) => void;
+    error: (msg: string) => void;
+    debug?: (msg: string) => void;
+};
+export type SanitizeResult = {
+    sanitized: string;
+    redactions: Record<string, number>;
+    totalRedactions: number;
+};
+export type RiskLevel = "no_risk" | "low" | "medium" | "high" | "critical";
+export type AssessAction = "allow" | "alert" | "block";
+export type DetectionRiskType = "PROMPT_INJECTION" | "DATA_EXFILTRATION" | "COMMAND_EXECUTION";
+export type DetectionFinding = {
+    riskLevel: RiskLevel;
+    riskType: DetectionRiskType;
+    riskContent: string;
+    reason: string;
+};
+export type ToolChainEntry = {
+    seq: number;
+    toolName: string;
+    sanitizedParams: Record<string, string>;
+    outcome: "success" | "error" | "timeout";
+    durationMs: number;
+    resultCategory: "text_small" | "text_large" | "binary" | "empty" | "error";
+    resultSizeBytes: number;
+    dataFlowFrom?: string;
+};
+export type PendingToolCall = {
+    toolName: string;
+    params: Record<string, string>;
+};
+export type ContentInjectionFinding = {
+    category: string;
+    confidence: "high" | "medium";
+    matchedText: string;
+    pattern: string;
+};
+export type BehaviorAssessRequest = {
+    agentId: string;
+    sessionKey: string;
+    runId: string;
+    userIntent: string;
+    toolChain: ToolChainEntry[];
+    /** The tool call about to execute — Core classifies and evaluates it. */
+    pendingTool?: PendingToolCall;
+    /** Content injection findings from local regex scanner. */
+    contentFindings?: ContentInjectionFinding[];
+    context: {
+        messageHistoryLength: number;
+        recentUserMessages: string[];
+    };
+    /**
+     * Client-supplied metadata for server-side correlation.
+     * Server merges these with its own fields (sourceIp, apiKey ref, serverTimestamp)
+     * before storing in behavior_events and surfacing in the dashboard.
+     */
+    meta: {
+        pluginVersion: string;
+        clientTimestamp: string;
+    };
+};
+export type BehaviorAssessResponse = {
+    behaviorId: string;
+    riskLevel: RiskLevel;
+    anomalyTypes: string[];
+    confidence: number;
+    action: AssessAction;
+    explanation: string;
+    affectedTools: number[];
+    findings?: DetectionFinding[];
+};
+export type PromptScanRequest = {
+    agentId: string;
+    sessionKey: string;
+    runId: string;
+    prompt: string;
+    role: "user";
+    source: "message_received";
+    context: {
+        messageHistoryLength: number;
+        recentUserMessages: string[];
+        userIntent: string;
+    };
+    meta: {
+        pluginVersion: string;
+        clientTimestamp: string;
+    };
+};
+export type PromptScanFinding = {
+    riskType: DetectionRiskType | string;
+    reason: string;
+    matchedText?: string;
+    confidence?: "high" | "medium" | "low" | number;
+};
+export type PromptScanResponse = {
+    promptId: string;
+    riskLevel: RiskLevel;
+    action: AssessAction;
+    confidence: number;
+    categories: string[];
+    findings?: PromptScanFinding[];
+    explanation: string;
+    latency_ms: number;
+};
+export type { HookType, HookEvent, HookEventData, EventStreamRequest, EventStreamResponse, BeforeAgentStartData, AgentEndData, SessionStartData, SessionEndData, MessageReceivedData, MessageSendingData, MessageSentData, BeforeMessageWriteData, BeforeModelResolveData, BeforePromptBuildData, LlmInputData, LlmOutputData, BeforeToolCallData, AfterToolCallData, ToolResultPersistData, BeforeCompactionData, AfterCompactionData, BeforeResetData, SubagentSpawningData, SubagentDeliveryTargetData, SubagentSpawnedData, SubagentEndedData, GatewayStartData, GatewayStopData, } from "./hook-types.js";
+export { isBlockingHook, BLOCKING_HOOKS } from "./hook-types.js";
+//# sourceMappingURL=types.d.ts.map

package/dist/agent/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../agent/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,8DAA8D;IAC9D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;6CACyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,wCAAwC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;yEAGqE;IACrE,IAAI,CAAC,EAAE,YAAY,CAAC;CACrB,CAAC;AAMF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,SAAS,GAAG,WAAW,GAAG,aAAa,CAAC;IAC9C,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,CAAC;AAEF,MAAM,MAAM,OAAO,GAAG;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE;QACT,KAAK,EAAE,MAAM,CAAC;QACd,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,WAAW,EAAE,OAAO,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAMF,MAAM,MAAM,yBAAyB,GAAG;IACtC,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE;QACP,WAAW,EAAE,OAAO,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,MAAM,EAAE,MAAM,CAAC;QACf,QAAQ,EAAE,KAAK,CAAC;YACd,iBAAiB,EAAE,MAAM,CAAC;YAC1B,MAAM,EAAE,MAAM,CAAC;YACf,UAAU,EAAE,MAAM,CAAC;SACpB,CAAC,CAAC;KACJ,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAMF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE,eAAe,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAMF,MAAM,MAAM,MAAM,GAAG;IACnB,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC5B,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC5B,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAMF,MAAM,MAAM,cAAc,GAAG;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnC,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC;AAMF,MAAM,MAAM,SAAS,GAAG,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAC3E,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAEvD,MAAM,MAAM,iBAAiB,GAAG,kBAAkB,GAAG,mBAAmB,GAAG,mBAAmB,CAAC;AAE/F,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,SAAS,CAAC;IACrB,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,OAAO,EAAE,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,YAAY,GAAG,YAAY,GAAG,QAAQ,GAAG,OAAO,GAAG,OAAO,CAAC;IAC3E,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,QAAQ,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,cAAc,EAAE,CAAC;IAC5B,yEAAyE;IACzE,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,2DAA2D;IAC3D,eAAe,CAAC,EAAE,uBAAuB,EAAE,CAAC;IAC5C,OAAO,EAAE;QACP,oBAAoB,EAAE,MAAM,CAAC;QAC7B,kBAAkB,EAAE,MAAM,EAAE,CAAC;KAC9B,CAAC;IACF;;;;OAIG;IACH,IAAI,EAAE;QACJ,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,SAAS,CAAC;IACrB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,YAAY,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,QAAQ,CAAC,EAAE,gBAAgB,EAAE,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,kBAAkB,CAAC;IAC3B,OAAO,EAAE;QACP,oBAAoB,EAAE,MAAM,CAAC;QAC7B,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,IAAI,EAAE;QACJ,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,iBAAiB,GAAG,MAAM,CAAC;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACjD,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,YAAY,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,iBAAiB,EAAE,CAAC;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAMF,YAAY,EACV,QAAQ,EACR,SAAS,EACT,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EAEnB,oBAAoB,EACpB,YAAY,EACZ,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EACnB,kBAAkB,EAClB,eAAe,EACf,sBAAsB,EACtB,sBAAsB,EACtB,qBAAqB,EACrB,YAAY,EACZ,aAAa,EACb,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,eAAe,EACf,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,EACnB,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,GAChB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/agent/types.js

@@ -0,0 +1,5 @@
+/**
+ * Type definitions for OpenGuardrails Plugin
+ */
+export { isBlockingHook, BLOCKING_HOOKS } from "./hook-types.js";
+//# sourceMappingURL=types.js.map

package/dist/agent/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../agent/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAiQH,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC"}