@dcyfr/ai 1.0.4 → 2.1.1

package/dist/ai/types/permission-tokens.d.ts

@@ -0,0 +1,365 @@
+/**
+ * DCYFR Permission Token Types
+ * TLP:AMBER - Internal Use Only
+ *
+ * Type definitions for hierarchical permission tokens with attenuation.
+ * Implements least-privilege access control for delegation chains.
+ *
+ * @module permission-tokens
+ * @version 1.0.0
+ * @date 2026-02-13
+ */
+/**
+ * Permission scope levels
+ * Hierarchical scopes use dot notation (e.g., "workspace.read.code")
+ */
+export type PermissionScope = string;
+/**
+ * Permission action types
+ */
+export type PermissionAction = 'read' | 'write' | 'execute' | 'delete' | 'create' | 'manage' | 'delegate';
+/**
+ * Resource types that can be protected by permissions
+ */
+export type ProtectedResourceType = 'file' | 'directory' | 'code' | 'config' | 'secret' | 'data' | 'api' | 'service' | 'agent' | 'workspace' | 'project' | 'package';
+/**
+ * Permission constraint types
+ */
+export interface PermissionConstraint {
+    /** Type of constraint */
+    type: 'time' | 'count' | 'rate' | 'size' | 'custom';
+    /** Constraint parameters */
+    parameters: Record<string, unknown>;
+    /** Human-readable constraint description */
+    description?: string;
+}
+/**
+ * Time-based permission constraint
+ */
+export interface TimeConstraint extends PermissionConstraint {
+    type: 'time';
+    parameters: {
+        /** Start time (ISO 8601) */
+        start_time?: string;
+        /** End time (ISO 8601) */
+        end_time?: string;
+        /** Duration in milliseconds */
+        duration_ms?: number;
+        /** Allowed time windows */
+        allowed_windows?: Array<{
+            start: string;
+            end: string;
+        }>;
+    };
+}
+/**
+ * Count-based permission constraint
+ */
+export interface CountConstraint extends PermissionConstraint {
+    type: 'count';
+    parameters: {
+        /** Maximum number of uses */
+        max_uses: number;
+        /** Current use count */
+        current_uses?: number;
+    };
+}
+/**
+ * Rate-based permission constraint
+ */
+export interface RateConstraint extends PermissionConstraint {
+    type: 'rate';
+    parameters: {
+        /** Maximum operations per window */
+        max_operations: number;
+        /** Time window in milliseconds */
+        window_ms: number;
+        /** Current operations in window */
+        current_operations?: number;
+        /** Window start time */
+        window_start?: string;
+    };
+}
+/**
+ * Size-based permission constraint
+ */
+export interface SizeConstraint extends PermissionConstraint {
+    type: 'size';
+    parameters: {
+        /** Maximum size in bytes */
+        max_size_bytes: number;
+        /** Applies to individual operations or cumulative */
+        cumulative?: boolean;
+    };
+}
+/**
+ * Permission revocation condition
+ */
+export interface RevocationCondition {
+    /** Condition type */
+    type: 'on_failure' | 'on_timeout' | 'on_security_event' | 'on_task_complete' | 'manual' | 'custom';
+    /** Condition parameters */
+    parameters?: Record<string, unknown>;
+    /** Whether this condition triggers automatic revocation */
+    auto_revoke: boolean;
+    /** Human-readable description */
+    description?: string;
+}
+/**
+ * Permission grant record
+ * Tracks who granted permission and when
+ */
+export interface PermissionGrant {
+    /** Who granted this permission */
+    granted_by: string;
+    /** When permission was granted */
+    granted_at: string;
+    /** Why permission was granted */
+    reason?: string;
+    /** Reference to authorization source (contract, policy, etc.) */
+    authorization_source?: string;
+}
+/**
+ * Permission usage record
+ * Tracks usage of permission tokens
+ */
+export interface PermissionUsage {
+    /** Unique usage event ID */
+    usage_id: string;
+    /** When permission was used */
+    used_at: string;
+    /** Who used the permission */
+    used_by: string;
+    /** What action was performed */
+    action: PermissionAction;
+    /** Resource accessed */
+    resource: string;
+    /** Result of the operation */
+    result: 'success' | 'failure' | 'denied';
+    /** Additional usage metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Permission token status
+ */
+export type PermissionTokenStatus = 'active' | 'expired' | 'revoked' | 'suspended' | 'exhausted';
+/**
+ * Permission Token
+ * Hierarchical permission token with attenuation support
+ */
+export interface PermissionToken {
+    /** Unique token identifier */
+    token_id: string;
+    /** Token version */
+    version: string;
+    /** Token status */
+    status: PermissionTokenStatus;
+    /** Holder of this token (agent_id) */
+    holder: string;
+    /** Issuer of this token (agent_id) */
+    issuer: string;
+    /** Permission scopes granted (hierarchical) */
+    scopes: PermissionScope[];
+    /** Allowed actions */
+    actions: PermissionAction[];
+    /** Resource types this token grants access to */
+    resource_types: ProtectedResourceType[];
+    /** Specific resources (paths, IDs, etc.) */
+    resources?: string[];
+    /** Resource patterns (glob, regex) */
+    resource_patterns?: string[];
+    /** Token constraints */
+    constraints?: PermissionConstraint[];
+    /** Revocation conditions */
+    revocation_conditions?: RevocationCondition[];
+    /** Token expiration timestamp (ISO 8601) */
+    expires_at?: string;
+    /** Whether this token can be further delegated */
+    delegatable: boolean;
+    /** Maximum delegation depth allowed from this token */
+    max_delegation_depth: number;
+    /** Current delegation depth (0 = original token) */
+    delegation_depth: number;
+    /** Parent token ID (for attenuation tracking) */
+    parent_token_id?: string;
+    /** Child token IDs (tokens attenuated from this one) */
+    child_token_ids?: string[];
+    /** Grant record */
+    grant: PermissionGrant;
+    /** Usage history */
+    usage_history?: PermissionUsage[];
+    /** Token metadata */
+    metadata?: Record<string, unknown>;
+    /** Token creation timestamp */
+    created_at: string;
+    /** Last usage timestamp */
+    last_used_at?: string;
+    /** Revocation timestamp */
+    revoked_at?: string;
+    /** Revocation reason */
+    revocation_reason?: string;
+}
+/**
+ * Permission attenuation request
+ * Request to create an attenuated (reduced-scope) child token
+ */
+export interface AttenuatePermissionRequest {
+    /** Parent token to attenuate */
+    parent_token_id: string;
+    /** New token holder */
+    new_holder: string;
+    /** Reduced scopes (must be subset of parent) */
+    scopes: PermissionScope[];
+    /** Reduced actions (must be subset of parent) */
+    actions?: PermissionAction[];
+    /** Reduced resources (must be subset of parent) */
+    resources?: string[];
+    /** Additional constraints (additive only) */
+    additional_constraints?: PermissionConstraint[];
+    /** Additional revocation conditions (additive only) */
+    additional_revocation_conditions?: RevocationCondition[];
+    /** Whether attenuated token can be further delegated */
+    delegatable?: boolean;
+    /** Expiration time (cannot exceed parent expiration) */
+    expires_at?: string;
+    /** Reason for attenuation */
+    reason?: string;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Permission token creation request
+ */
+export interface CreatePermissionTokenRequest {
+    /** Token holder (agent_id) */
+    holder: string;
+    /** Token issuer (agent_id) */
+    issuer: string;
+    /** Permission scopes */
+    scopes: PermissionScope[];
+    /** Allowed actions */
+    actions: PermissionAction[];
+    /** Resource types */
+    resource_types: ProtectedResourceType[];
+    /** Specific resources */
+    resources?: string[];
+    /** Resource patterns */
+    resource_patterns?: string[];
+    /** Constraints */
+    constraints?: PermissionConstraint[];
+    /** Revocation conditions */
+    revocation_conditions?: RevocationCondition[];
+    /** Expiration time */
+    expires_at?: string;
+    /** Whether token can be delegated */
+    delegatable: boolean;
+    /** Maximum delegation depth */
+    max_delegation_depth?: number;
+    /** Grant reason */
+    grant_reason?: string;
+    /** Authorization source */
+    authorization_source?: string;
+    /** Metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Permission token validation request
+ */
+export interface ValidatePermissionTokenRequest {
+    /** Token to validate */
+    token_id: string;
+    /** Requested action */
+    action: PermissionAction;
+    /** Resource being accessed */
+    resource: string;
+    /** Resource type */
+    resource_type: ProtectedResourceType;
+    /** Additional context for validation */
+    context?: Record<string, unknown>;
+}
+/**
+ * Permission token validation result
+ */
+export interface PermissionTokenValidationResult {
+    /** Whether permission is granted */
+    granted: boolean;
+    /** Token that was validated */
+    token_id: string;
+    /** Validation timestamp */
+    validated_at: string;
+    /** Reasons for denial (if not granted) */
+    denial_reasons?: string[];
+    /** Active constraints */
+    active_constraints?: PermissionConstraint[];
+    /** Remaining usage (if count-limited) */
+    remaining_uses?: number;
+    /** Time until expiration */
+    time_until_expiration_ms?: number;
+    /** Validation metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Permission token revocation request
+ */
+export interface RevokePermissionTokenRequest {
+    /** Token to revoke */
+    token_id: string;
+    /** Who is revoking the token */
+    revoked_by: string;
+    /** Reason for revocation */
+    reason: string;
+    /** Whether to cascade revoke child tokens */
+    cascade?: boolean;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Permission token query options
+ */
+export interface PermissionTokenQuery {
+    /** Filter by holder */
+    holder?: string;
+    /** Filter by issuer */
+    issuer?: string;
+    /** Filter by status */
+    status?: PermissionTokenStatus | PermissionTokenStatus[];
+    /** Filter by scope */
+    scopes?: PermissionScope[];
+    /** Filter by action */
+    actions?: PermissionAction[];
+    /** Filter by resource type */
+    resource_types?: ProtectedResourceType[];
+    /** Filter by delegation depth */
+    delegation_depth?: number;
+    /** Only delegatable tokens */
+    delegatable_only?: boolean;
+    /** Include expired tokens */
+    include_expired?: boolean;
+    /** Include revoked tokens */
+    include_revoked?: boolean;
+    /** Limit results */
+    limit?: number;
+    /** Offset for pagination */
+    offset?: number;
+    /** Sort by field */
+    sort_by?: 'created_at' | 'expires_at' | 'last_used_at';
+    /** Sort direction */
+    sort_order?: 'asc' | 'desc';
+}
+/**
+ * Permission scope hierarchy
+ * Defines hierarchical relationships between scopes
+ */
+export interface PermissionScopeHierarchy {
+    /** Scope name */
+    scope: PermissionScope;
+    /** Parent scope */
+    parent?: PermissionScope;
+    /** Child scopes */
+    children?: PermissionScope[];
+    /** Implied actions for this scope */
+    implied_actions?: PermissionAction[];
+    /** Description */
+    description?: string;
+}
+//# sourceMappingURL=permission-tokens.d.ts.map

package/dist/ai/types/permission-tokens.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission-tokens.d.ts","sourceRoot":"","sources":["../../../packages/ai/types/permission-tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC;AAErC;;GAEG;AACH,MAAM,MAAM,gBAAgB,GACxB,MAAM,GACN,OAAO,GACP,SAAS,GACT,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,UAAU,CAAC;AAEf;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAC7B,MAAM,GACN,WAAW,GACX,MAAM,GACN,QAAQ,GACR,QAAQ,GACR,MAAM,GACN,KAAK,GACL,SAAS,GACT,OAAO,GACP,WAAW,GACX,SAAS,GACT,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,yBAAyB;IACzB,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,CAAC;IAEpD,4BAA4B;IAC5B,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEpC,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,oBAAoB;IAC1D,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE;QACV,4BAA4B;QAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;QAEpB,0BAA0B;QAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;QAElB,+BAA+B;QAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;QAErB,2BAA2B;QAC3B,eAAe,CAAC,EAAE,KAAK,CAAC;YACtB,KAAK,EAAE,MAAM,CAAC;YACd,GAAG,EAAE,MAAM,CAAC;SACb,CAAC,CAAC;KACJ,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,eAAgB,SAAQ,oBAAoB;IAC3D,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE;QACV,6BAA6B;QAC7B,QAAQ,EAAE,MAAM,CAAC;QAEjB,wBAAwB;QACxB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,oBAAoB;IAC1D,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE;QACV,oCAAoC;QACpC,cAAc,EAAE,MAAM,CAAC;QAEvB,kCAAkC;QAClC,SAAS,EAAE,MAAM,CAAC;QAElB,mCAAmC;QACnC,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAE5B,wBAAwB;QACxB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,oBAAoB;IAC1D,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE;QACV,4BAA4B;QAC5B,cAAc,EAAE,MAAM,CAAC;QAEvB,qDAAqD;QACrD,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,qBAAqB;IACrB,IAAI,EAAE,YAAY,GAAG,YAAY,GAAG,mBAAmB,GAAG,kBAAkB,GAAG,QAAQ,GAAG,QAAQ,CAAC;IAEnG,2BAA2B;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAErC,2DAA2D;IAC3D,WAAW,EAAE,OAAO,CAAC;IAErB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IAEnB,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IAEnB,iCAAiC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,iEAAiE;IACjE,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,4BAA4B;IAC5B,QAAQ,EAAE,MAAM,CAAC;IAEjB,+BAA+B;IAC/B,OAAO,EAAE,MAAM,CAAC;IAEhB,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAEhB,gCAAgC;IAChC,MAAM,EAAE,gBAAgB,CAAC;IAEzB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IAEjB,8BAA8B;IAC9B,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,CAAC;IAEzC,gCAAgC;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAC7B,QAAQ,GACR,SAAS,GACT,SAAS,GACT,WAAW,GACX,WAAW,CAAC;AAEhB;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,CAAC;IAEjB,oBAAoB;IACpB,OAAO,EAAE,MAAM,CAAC;IAEhB,mBAAmB;IACnB,MAAM,EAAE,qBAAqB,CAAC;IAE9B,sCAAsC;IACtC,MAAM,EAAE,MAAM,CAAC;IAEf,sCAAsC;IACtC,MAAM,EAAE,MAAM,CAAC;IAEf,+CAA+C;IAC/C,MAAM,EAAE,eAAe,EAAE,CAAC;IAE1B,sBAAsB;IACtB,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAE5B,iDAAiD;IACjD,cAAc,EAAE,qBAAqB,EAAE,CAAC;IAExC,4CAA4C;IAC5C,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB,sCAAsC;IACtC,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE7B,wBAAwB;IACxB,WAAW,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAErC,4BAA4B;IAC5B,qBAAqB,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAE9C,4CAA4C;IAC5C,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,kDAAkD;IAClD,WAAW,EAAE,OAAO,CAAC;IAErB,uDAAuD;IACvD,oBAAoB,EAAE,MAAM,CAAC;IAE7B,oDAAoD;IACpD,gBAAgB,EAAE,MAAM,CAAC;IAEzB,iDAAiD;IACjD,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,wDAAwD;IACxD,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B,mBAAmB;IACnB,KAAK,EAAE,eAAe,CAAC;IAEvB,oBAAoB;IACpB,aAAa,CAAC,EAAE,eAAe,EAAE,CAAC;IAElC,qBAAqB;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IAEnB,2BAA2B;IAC3B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,2BAA2B;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,wBAAwB;IACxB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;;GAGG;AACH,MAAM,WAAW,0BAA0B;IACzC,gCAAgC;IAChC,eAAe,EAAE,MAAM,CAAC;IAExB,uBAAuB;IACvB,UAAU,EAAE,MAAM,CAAC;IAEnB,gDAAgD;IAChD,MAAM,EAAE,eAAe,EAAE,CAAC;IAE1B,iDAAiD;IACjD,OAAO,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAE7B,mDAAmD;IACnD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB,6CAA6C;IAC7C,sBAAsB,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAEhD,uDAAuD;IACvD,gCAAgC,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAEzD,wDAAwD;IACxD,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,6BAA6B;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IAEf,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IAEf,wBAAwB;IACxB,MAAM,EAAE,eAAe,EAAE,CAAC;IAE1B,sBAAsB;IACtB,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAE5B,qBAAqB;IACrB,cAAc,EAAE,qBAAqB,EAAE,CAAC;IAExC,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB,wBAAwB;IACxB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE7B,kBAAkB;IAClB,WAAW,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAErC,4BAA4B;IAC5B,qBAAqB,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAE9C,sBAAsB;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,qCAAqC;IACrC,WAAW,EAAE,OAAO,CAAC;IAErB,+BAA+B;IAC/B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B,mBAAmB;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,2BAA2B;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAE9B,eAAe;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC7C,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;IAEjB,uBAAuB;IACvB,MAAM,EAAE,gBAAgB,CAAC;IAEzB,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,CAAC;IAEjB,oBAAoB;IACpB,aAAa,EAAE,qBAAqB,CAAC;IAErC,wCAAwC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,+BAA+B;IAC9C,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IAEjB,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IAEjB,2BAA2B;IAC3B,YAAY,EAAE,MAAM,CAAC;IAErB,0CAA0C;IAC1C,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B,yBAAyB;IACzB,kBAAkB,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAE5C,yCAAyC;IACzC,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,4BAA4B;IAC5B,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAElC,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IAEjB,gCAAgC;IAChC,UAAU,EAAE,MAAM,CAAC;IAEnB,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IAEf,6CAA6C;IAC7C,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,uBAAuB;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,uBAAuB;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,uBAAuB;IACvB,MAAM,CAAC,EAAE,qBAAqB,GAAG,qBAAqB,EAAE,CAAC;IAEzD,sBAAsB;IACtB,MAAM,CAAC,EAAE,eAAe,EAAE,CAAC;IAE3B,uBAAuB;IACvB,OAAO,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAE7B,8BAA8B;IAC9B,cAAc,CAAC,EAAE,qBAAqB,EAAE,CAAC;IAEzC,iCAAiC;IACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,8BAA8B;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B,6BAA6B;IAC7B,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B,6BAA6B;IAC7B,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B,oBAAoB;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,4BAA4B;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,oBAAoB;IACpB,OAAO,CAAC,EAAE,YAAY,GAAG,YAAY,GAAG,cAAc,CAAC;IAEvD,qBAAqB;IACrB,UAAU,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAwB;IACvC,iBAAiB;IACjB,KAAK,EAAE,eAAe,CAAC;IAEvB,mBAAmB;IACnB,MAAM,CAAC,EAAE,eAAe,CAAC;IAEzB,mBAAmB;IACnB,QAAQ,CAAC,EAAE,eAAe,EAAE,CAAC;IAE7B,qCAAqC;IACrC,eAAe,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAErC,kBAAkB;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB"}

package/dist/ai/types/permission-tokens.js

@@ -0,0 +1,13 @@
+/**
+ * DCYFR Permission Token Types
+ * TLP:AMBER - Internal Use Only
+ *
+ * Type definitions for hierarchical permission tokens with attenuation.
+ * Implements least-privilege access control for delegation chains.
+ *
+ * @module permission-tokens
+ * @version 1.0.0
+ * @date 2026-02-13
+ */
+export {};
+//# sourceMappingURL=permission-tokens.js.map

package/dist/ai/types/permission-tokens.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission-tokens.js","sourceRoot":"","sources":["../../../packages/ai/types/permission-tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG"}

package/dist/ai/types/security-middleware.d.ts

@@ -0,0 +1,130 @@
+/**
+ * Security Middleware Types for DCYFR Delegation Framework
+ * TLP:AMBER - Internal Use Only
+ *
+ * Defines the pluggable middleware contracts used by SecurityMiddlewareChain to
+ * evaluate delegation operation requests against a composable set of guards.
+ *
+ * @module types/security-middleware
+ * @version 1.0.0
+ * @date 2026-02-24
+ */
+import type { DelegationContract, AuthenticatedAgent, TaskContent } from './delegation-contracts.js';
+/**
+ * Allow or block the delegation operation.
+ *
+ * - `allow`  – proceed unchanged
+ * - `warn`   – proceed but attach an advisory annotation
+ * - `block`  – reject with `reason` and log a threat event
+ */
+export type SecurityVerdictAction = 'allow' | 'warn' | 'block';
+/**
+ * Typed verdict returned by every SecurityMiddleware.evaluate() call.
+ */
+export type SecurityVerdict = {
+    action: 'allow';
+} | {
+    action: 'warn';
+    reason: string;
+    threat_type: SecurityThreatType;
+    severity?: SecuritySeverity;
+    evidence?: Record<string, unknown>;
+} | {
+    action: 'block';
+    reason: string;
+    threat_type: SecurityThreatType;
+    severity: SecuritySeverity;
+    evidence?: Record<string, unknown>;
+};
+/**
+ * Threat type taxonomy — kept in sync with ThreatDetectionResult.threat_type
+ * from the standalone security-threat-model.
+ */
+export type SecurityThreatType = 'permission_escalation' | 'reputation_gaming' | 'abuse_pattern' | 'anomaly' | 'context_insufficiency' | 'prompt_injection' | 'resource_exhaustion' | 'identity_failure' | 'tlp_violation' | 'chain_depth_exceeded' | 'fan_out_exceeded' | 'rate_limit_exceeded' | 'circuit_open' | 'content_policy_violation' | 'none';
+/** Severity levels aligned with ThreatDetectionResult */
+export type SecuritySeverity = 'low' | 'medium' | 'high' | 'critical';
+/** Operation type being evaluated — controls which middlewares fire */
+export type SecurityOperationType = 'create' | 'update' | 'handoff';
+/**
+ * Full evaluation context passed to every SecurityMiddleware.evaluate().
+ *
+ * Optional fields are not always available — middleware should handle absence
+ * gracefully (e.g. `context.delegatee_auth` is absent for bare DelegationAgent callers).
+ */
+export interface SecurityContext {
+    /** What kind of operation is being evaluated */
+    operation: SecurityOperationType;
+    /** The contract being created/updated/handed-off (may be partial pre-creation) */
+    contract: Partial<DelegationContract>;
+    /** Authenticated identity of the delegating agent */
+    delegator_auth?: AuthenticatedAgent;
+    /** Authenticated identity of the receiving agent */
+    delegatee_auth?: AuthenticatedAgent;
+    /** Resolved task content for content-policy checks */
+    task_content?: TaskContent;
+    /** Wall clock for expiry/timeout math — defaults to Date.now() */
+    timestamp_ms?: number;
+    /** feature-flag state snapshot at evaluation time */
+    feature_flags?: Record<string, boolean>;
+    /** Arbitrary pass-through for middleware-specific enrichment */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Single middleware unit.
+ *
+ * Implement this interface to add a new guard to the SecurityMiddlewareChain.
+ *
+ * ORDERING:
+ * Middleware is evaluated in the order it is registered. Early-blocking
+ * middleware should be registered first (feature-flags, identity) so
+ * expensive checks (threat-model, rate-limits) are skipped when not needed.
+ */
+export interface SecurityMiddleware {
+    /**
+     * Human-readable identifier — must be unique within a chain.
+     * Used in events, logs, and circuit-breaker metrics.
+     */
+    readonly name: string;
+    /**
+     * Optional feature-flag name that gates this middleware.
+     * When the flag is absent from `context.feature_flags` or explicitly false,
+     * the middleware returns `{ action: 'allow' }` without evaluation.
+     */
+    readonly featureFlag?: string;
+    /**
+     * Set of operation types this middleware applies to.
+     * When omitted, the middleware fires for all operations.
+     */
+    readonly appliesTo?: SecurityOperationType[];
+    /**
+     * Evaluate the context and return a verdict.
+     * Must NOT mutate `context`.
+     */
+    evaluate(context: SecurityContext): Promise<SecurityVerdict>;
+}
+/**
+ * Aggregated output from SecurityMiddlewareChain.evaluate().
+ */
+export interface SecurityChainResult {
+    /** Final outcome: first `block` verdict wins; otherwise `allow` (or `warn` if any advisories). */
+    action: SecurityVerdictAction;
+    /** Populated when action === 'block' */
+    blocking_verdict?: Extract<SecurityVerdict, {
+        action: 'block';
+    }>;
+    /** All advisory warnings accumulated (action may still be 'allow') */
+    warnings: Array<Extract<SecurityVerdict, {
+        action: 'warn';
+    }>>;
+    /** Name of the middleware that issued the blocking verdict (if any) */
+    blocked_by?: string;
+    /** Total elapsed evaluation time (ms) */
+    evaluation_time_ms: number;
+    /** Per-middleware verdicts for audit trails */
+    middleware_results: Array<{
+        middleware: string;
+        verdict: SecurityVerdict;
+        elapsed_ms: number;
+    }>;
+}
+//# sourceMappingURL=security-middleware.d.ts.map

package/dist/ai/types/security-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-middleware.d.ts","sourceRoot":"","sources":["../../../packages/ai/types/security-middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAMrG;;;;;;GAMG;AACH,MAAM,MAAM,qBAAqB,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,eAAe,GACvB;IAAE,MAAM,EAAE,OAAO,CAAA;CAAE,GACnB;IACE,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,kBAAkB,CAAC;IAChC,QAAQ,CAAC,EAAE,gBAAgB,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,GACD;IACE,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,kBAAkB,CAAC;IAChC,QAAQ,EAAE,gBAAgB,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,CAAC;AAEN;;;GAGG;AACH,MAAM,MAAM,kBAAkB,GAC1B,uBAAuB,GACvB,mBAAmB,GACnB,eAAe,GACf,SAAS,GACT,uBAAuB,GACvB,kBAAkB,GAClB,qBAAqB,GACrB,kBAAkB,GAClB,eAAe,GACf,sBAAsB,GACtB,kBAAkB,GAClB,qBAAqB,GACrB,cAAc,GACd,0BAA0B,GAC1B,MAAM,CAAC;AAEX,yDAAyD;AACzD,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAMtE,uEAAuE;AACvE,MAAM,MAAM,qBAAqB,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEpE;;;;;GAKG;AACH,MAAM,WAAW,eAAe;IAC9B,gDAAgD;IAChD,SAAS,EAAE,qBAAqB,CAAC;IAEjC,kFAAkF;IAClF,QAAQ,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAEtC,qDAAqD;IACrD,cAAc,CAAC,EAAE,kBAAkB,CAAC;IAEpC,oDAAoD;IACpD,cAAc,CAAC,EAAE,kBAAkB,CAAC;IAEpC,sDAAsD;IACtD,YAAY,CAAC,EAAE,WAAW,CAAC;IAE3B,kEAAkE;IAClE,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,qDAAqD;IACrD,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAExC,gEAAgE;IAChE,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAMD;;;;;;;;;GASG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAE9B;;;OAGG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,qBAAqB,EAAE,CAAC;IAE7C;;;OAGG;IACH,QAAQ,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;CAC9D;AAMD;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,kGAAkG;IAClG,MAAM,EAAE,qBAAqB,CAAC;IAE9B,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,OAAO,CAAC,eAAe,EAAE;QAAE,MAAM,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IAEjE,sEAAsE;IACtE,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC,CAAC;IAE9D,uEAAuE;IACvE,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,yCAAyC;IACzC,kBAAkB,EAAE,MAAM,CAAC;IAE3B,+CAA+C;IAC/C,kBAAkB,EAAE,KAAK,CAAC;QACxB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,eAAe,CAAC;QACzB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;CACJ"}

package/dist/ai/types/security-middleware.js

@@ -0,0 +1,13 @@
+/**
+ * Security Middleware Types for DCYFR Delegation Framework
+ * TLP:AMBER - Internal Use Only
+ *
+ * Defines the pluggable middleware contracts used by SecurityMiddlewareChain to
+ * evaluate delegation operation requests against a composable set of guards.
+ *
+ * @module types/security-middleware
+ * @version 1.0.0
+ * @date 2026-02-24
+ */
+export {};
+//# sourceMappingURL=security-middleware.js.map

package/dist/ai/types/security-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-middleware.js","sourceRoot":"","sources":["../../../packages/ai/types/security-middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG"}

package/dist/ai/utils/storage.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../packages/ai/utils/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAS5D;;GAEG;AACH,qBAAa,oBAAqB,YAAW,cAAc;IACzD,IAAI,EAAE,WAAW,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAmC;IAE1C,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAKtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAMxC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,cAAc;IACvD,IAAI,EAAE,WAAW,CAAU;IAC3B,OAAO,CAAC,QAAQ,CAAS;gBAEb,QAAQ,EAAE,MAAM;IAUtB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAoBtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAe5C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAuBxC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAoB7B;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,cAAc,CAsBvG"}
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../packages/ai/utils/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAW5D;;GAEG;AACH,qBAAa,oBAAqB,YAAW,cAAc;IACzD,IAAI,EAAE,WAAW,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAmC;IAE1C,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAKtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAMxC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG7B;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,cAAc;IACvD,IAAI,EAAE,WAAW,CAAU;IAC3B,OAAO,CAAC,QAAQ,CAAS;gBAEb,QAAQ,EAAE,MAAM;IAUtB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAoBtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAe5C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBlC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAuBxC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAoB7B;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,cAAc,CAsBvG"}

package/dist/ai/utils/storage.js

@@ -5,9 +5,12 @@
 /**
  * Check if running in browser environment
  */
-const isBrowser = typeof globalThis !== 'undefined' &&
-    typeof globalThis.window !== 'undefined' &&
-    typeof globalThis.window.document !== 'undefined';
+const isBrowser = (() => {
+    if (typeof globalThis === 'undefined')
+        return false;
+    const g = globalThis;
+    return g.window !== undefined && g.window.document !== undefined;
+})();
 /**
  * In-memory storage adapter (default, works in both browser and Node.js)
  */

package/dist/ai/utils/storage.js.map

@@ -1 +1 @@
-{"version":3,"file":"storage.js","sourceRoot":"","sources":["../../../packages/ai/utils/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;GAEG;AACH,MAAM,SAAS,GAAG,OAAO,UAAU,KAAK,WAAW;IACjD,OAAQ,UAAkB,CAAC,MAAM,KAAK,WAAW;IACjD,OAAQ,UAAkB,CAAC,MAAM,CAAC,QAAQ,KAAK,WAAW,CAAC;AAE7D;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B,IAAI,GAAgB,QAAQ,CAAC;IACrB,KAAK,GAAyB,IAAI,GAAG,EAAE,CAAC;IAEhD,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAE,KAAW,CAAC,CAAC,CAAC,IAAI,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ;QAChC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,kBAAkB;IAC7B,IAAI,GAAgB,MAAM,CAAC;IACnB,QAAQ,CAAS;IAEzB,YAAY,QAAgB;QAC1B,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CACb,+DAA+D;gBAC/D,mEAAmE,CACpE,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;YACjD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;YACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;YACpD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAClD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAM,CAAC;QAClC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ;QAChC,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;QAEpD,0BAA0B;QAC1B,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC/C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;QAEpD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAEhD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,SAAS,GAAG,KAAK;iBACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAChC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;YAEtC,IAAI,CAAC,MAAM;gBAAE,OAAO,SAAS,CAAC;YAC9B,OAAO,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC/C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QAEtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAChC,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;gBACd,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;gBACpD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,6BAA6B;QAC/B,CAAC;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAiB,EAAE,OAA+B;IACrF,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,QAAQ;YACX,OAAO,IAAI,oBAAoB,EAAE,CAAC;QACpC,KAAK,MAAM;YACT,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,IAAI,CACV,0DAA0D;oBAC1D,8DAA8D,CAC/D,CAAC;gBACF,OAAO,IAAI,oBAAoB,EAAE,CAAC;YACpC,CAAC;YACD,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClD,KAAK,OAAO,CAAC;QACb,KAAK,UAAU;YACb,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,gDAAgD,CAAC,CAAC;QACzF;YACE,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;IACrD,CAAC;AACH,CAAC"}
+{"version":3,"file":"storage.js","sourceRoot":"","sources":["../../../packages/ai/utils/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;GAEG;AACH,MAAM,SAAS,GAAG,CAAC,GAAG,EAAE;IACtB,IAAI,OAAO,UAAU,KAAK,WAAW;QAAE,OAAO,KAAK,CAAC;IACpD,MAAM,CAAC,GAAG,UAAqE,CAAC;IAChF,OAAO,CAAC,CAAC,MAAM,KAAK,SAAS,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC;AACnE,CAAC,CAAC,EAAE,CAAC;AAEL;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B,IAAI,GAAgB,QAAQ,CAAC;IACrB,KAAK,GAAyB,IAAI,GAAG,EAAE,CAAC;IAEhD,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAE,KAAW,CAAC,CAAC,CAAC,IAAI,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ;QAChC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,kBAAkB;IAC7B,IAAI,GAAgB,MAAM,CAAC;IACnB,QAAQ,CAAS;IAEzB,YAAY,QAAgB;QAC1B,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CACb,+DAA+D;gBAC/D,mEAAmE,CACpE,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;YACjD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;YACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;YACpD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAClD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAM,CAAC;QAClC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ;QAChC,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QACzD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;QAEpD,0BAA0B;QAC1B,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC/C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;QAEpD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAEhD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,SAAS,GAAG,KAAK;iBACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAChC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;YAEtC,IAAI,CAAC,MAAM;gBAAE,OAAO,SAAS,CAAC;YAC9B,OAAO,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC/C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QAEtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAChC,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;gBACd,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,GAAG,OAAO,CAAC,CAAC;gBACpD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,6BAA6B;QAC/B,CAAC;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAiB,EAAE,OAA+B;IACrF,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,QAAQ;YACX,OAAO,IAAI,oBAAoB,EAAE,CAAC;QACpC,KAAK,MAAM;YACT,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,IAAI,CACV,0DAA0D;oBAC1D,8DAA8D,CAC/D,CAAC;gBACF,OAAO,IAAI,oBAAoB,EAAE,CAAC;YACpC,CAAC;YACD,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClD,KAAK,OAAO,CAAC;QACb,KAAK,UAAU;YACb,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,gDAAgD,CAAC,CAAC;QACzF;YACE,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;IACrD,CAAC;AACH,CAAC"}

package/dist/ai/validation/validation-framework.js

@@ -23,7 +23,7 @@
  * }
  * ```
  */
-import { PluginLoader } from '../plugins/plugin-loader';
+import { PluginLoader } from '../plugins/plugin-loader.js';
 /**
  * Validation Framework - high-level validation orchestrator
  */