@elsium-ai/observe 0.9.1 → 0.11.0

package/dist/audit-sink-jsonl.d.ts

@@ -0,0 +1,7 @@
+import type { AuditSink } from './audit-sink';
+export interface JsonlSinkConfig {
+    path: string;
+    fsync?: boolean;
+}
+export declare function createJsonlSink(config: JsonlSinkConfig): AuditSink;
+//# sourceMappingURL=audit-sink-jsonl.d.ts.map

package/dist/audit-sink-jsonl.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-sink-jsonl.d.ts","sourceRoot":"","sources":["../src/audit-sink-jsonl.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAI7C,MAAM,WAAW,eAAe;IAC/B,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,OAAO,CAAA;CACf;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,eAAe,GAAG,SAAS,CAwDlE"}

package/dist/compliance.d.ts

@@ -0,0 +1,60 @@
+import type { AuditEvent, AuditTrail } from './audit';
+export type ComplianceFramework = 'eu-ai-act' | 'colorado-ai-act' | 'owasp-agentic' | 'custom';
+export interface ComplianceReportConfig {
+    framework: ComplianceFramework;
+    systemName: string;
+    systemVersion: string;
+    reportPeriod: {
+        from: number;
+        to: number;
+    };
+    riskLevel?: 'minimal' | 'limited' | 'high' | 'unacceptable';
+    customChecks?: ComplianceCheck[];
+}
+export interface ComplianceCheck {
+    id: string;
+    name: string;
+    description: string;
+    category: string;
+    evaluate: (events: AuditEvent[]) => ComplianceCheckResult;
+}
+export interface ComplianceCheckResult {
+    status: 'pass' | 'fail' | 'warning' | 'not-applicable';
+    details: string;
+    evidence?: string[];
+    recommendations?: string[];
+}
+export interface ComplianceReport {
+    id: string;
+    framework: ComplianceFramework;
+    systemName: string;
+    systemVersion: string;
+    generatedAt: number;
+    reportPeriod: {
+        from: number;
+        to: number;
+    };
+    summary: ComplianceSummary;
+    checks: ComplianceReportEntry[];
+    auditIntegrity: {
+        valid: boolean;
+        totalEvents: number;
+    };
+}
+export interface ComplianceSummary {
+    totalChecks: number;
+    passed: number;
+    failed: number;
+    warnings: number;
+    notApplicable: number;
+    overallStatus: 'compliant' | 'non-compliant' | 'needs-review';
+}
+export interface ComplianceReportEntry {
+    id: string;
+    name: string;
+    category: string;
+    result: ComplianceCheckResult;
+}
+export declare function generateComplianceReport(auditTrail: AuditTrail, config: ComplianceReportConfig): Promise<ComplianceReport>;
+export declare function formatComplianceReport(report: ComplianceReport): string;
+//# sourceMappingURL=compliance.d.ts.map

package/dist/compliance.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance.d.ts","sourceRoot":"","sources":["../src/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAErD,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,iBAAiB,GAAG,eAAe,GAAG,QAAQ,CAAA;AAE9F,MAAM,WAAW,sBAAsB;IACtC,SAAS,EAAE,mBAAmB,CAAA;IAC9B,UAAU,EAAE,MAAM,CAAA;IAClB,aAAa,EAAE,MAAM,CAAA;IACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAA;IAC1C,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,cAAc,CAAA;IAC3D,YAAY,CAAC,EAAE,eAAe,EAAE,CAAA;CAChC;AAED,MAAM,WAAW,eAAe;IAC/B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,qBAAqB,CAAA;CACzD;AAED,MAAM,WAAW,qBAAqB;IACrC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,GAAG,gBAAgB,CAAA;IACtD,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAChC,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,mBAAmB,CAAA;IAC9B,UAAU,EAAE,MAAM,CAAA;IAClB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAA;IAC1C,OAAO,EAAE,iBAAiB,CAAA;IAC1B,MAAM,EAAE,qBAAqB,EAAE,CAAA;IAC/B,cAAc,EAAE;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,CAAA;CACvD;AAED,MAAM,WAAW,iBAAiB;IACjC,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,EAAE,MAAM,CAAA;IACrB,aAAa,EAAE,WAAW,GAAG,eAAe,GAAG,cAAc,CAAA;CAC7D;AAED,MAAM,WAAW,qBAAqB;IACrC,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,qBAAqB,CAAA;CAC7B;AAqQD,wBAAsB,wBAAwB,CAC7C,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,sBAAsB,GAC5B,OAAO,CAAC,gBAAgB,CAAC,CA2C3B;AA2BD,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CAsCvE"}

package/dist/index.d.ts

@@ -16,6 +16,8 @@ export { createSplunkSink } from './audit-sink-splunk';
 export type { SplunkSinkConfig } from './audit-sink-splunk';
 export { createDatadogSink } from './audit-sink-datadog';
 export type { DatadogSinkConfig } from './audit-sink-datadog';
+export { createJsonlSink } from './audit-sink-jsonl';
+export type { JsonlSinkConfig } from './audit-sink-jsonl';
 export { createProvenanceTracker } from './provenance';
 export type { ProvenanceRecord, ProvenanceTracker } from './provenance';
 export { createExperiment, createFileExperimentStore } from './experiment';
@@ -24,6 +26,8 @@ export { instrumentComplete, instrumentAgent } from './instrument';
 export type { InstrumentableAgent } from './instrument';
 export { createStudioExporter } from './studio-exporter';
 export type { StudioExporter, StudioExporterConfig } from './studio-exporter';
+export { generateComplianceReport, formatComplianceReport } from './compliance';
+export type { ComplianceFramework, ComplianceReportConfig, ComplianceCheck, ComplianceCheckResult, ComplianceReport, ComplianceSummary, ComplianceReportEntry, } from './compliance';
 export { toOTelSpan, toOTelExportRequest, toTraceparent, parseTraceparent, injectTraceContext, extractTraceContext, createOTLPExporter, } from './otel';
 export type { OTelSpan, OTelSpanKind, OTelStatusCode, OTelAttribute, OTelAttributeValue, OTelEvent, OTelResource, OTelExportRequest, TraceContext, OTLPExporterConfig, } from './otel';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,YAAY,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAG1F,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AACnE,YAAY,EACX,UAAU,EACV,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,SAAS,EACT,aAAa,EACb,sBAAsB,EACtB,eAAe,EACf,cAAc,GACd,MAAM,eAAe,CAAA;AAGtB,OAAO,EAAE,OAAO,EAAE,MAAM,UAAU,CAAA;AAClC,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAG9F,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AACzC,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AAG9D,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClF,YAAY,EACX,cAAc,EACd,UAAU,EACV,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,GACV,MAAM,SAAS,CAAA;AAGhB,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,YAAY,EAAE,SAAS,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AACnG,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,YAAY,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,YAAY,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAG7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAA;AACtD,YAAY,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAGvE,OAAO,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAA;AAC1E,YAAY,EACX,UAAU,EACV,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,eAAe,GACf,MAAM,cAAc,CAAA;AAGrB,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAClE,YAAY,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAGvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxD,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAG7E,OAAO,EACN,UAAU,EACV,mBAAmB,EACnB,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,GAClB,MAAM,QAAQ,CAAA;AACf,YAAY,EACX,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,aAAa,EACb,kBAAkB,EAClB,SAAS,EACT,YAAY,EACZ,iBAAiB,EACjB,YAAY,EACZ,kBAAkB,GAClB,MAAM,QAAQ,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,YAAY,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAG1F,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AACnE,YAAY,EACX,UAAU,EACV,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,SAAS,EACT,aAAa,EACb,sBAAsB,EACtB,eAAe,EACf,cAAc,GACd,MAAM,eAAe,CAAA;AAGtB,OAAO,EAAE,OAAO,EAAE,MAAM,UAAU,CAAA;AAClC,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAG9F,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAA;AACzC,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,WAAW,CAAA;AAG9D,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAA;AAClF,YAAY,EACX,cAAc,EACd,UAAU,EACV,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,GACV,MAAM,SAAS,CAAA;AAGhB,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,YAAY,EAAE,SAAS,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AACnG,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,YAAY,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,YAAY,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,YAAY,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAGzD,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAA;AACtD,YAAY,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAGvE,OAAO,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAA;AAC1E,YAAY,EACX,UAAU,EACV,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,eAAe,GACf,MAAM,cAAc,CAAA;AAGrB,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAClE,YAAY,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAGvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AACxD,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAG7E,OAAO,EAAE,wBAAwB,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAA;AAC/E,YAAY,EACX,mBAAmB,EACnB,sBAAsB,EACtB,eAAe,EACf,qBAAqB,EACrB,gBAAgB,EAChB,iBAAiB,EACjB,qBAAqB,GACrB,MAAM,cAAc,CAAA;AAGrB,OAAO,EACN,UAAU,EACV,mBAAmB,EACnB,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,GAClB,MAAM,QAAQ,CAAA;AACf,YAAY,EACX,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,aAAa,EACb,kBAAkB,EAClB,SAAS,EACT,YAAY,EACZ,iBAAiB,EACjB,YAAY,EACZ,kBAAkB,GAClB,MAAM,QAAQ,CAAA"}

package/dist/index.js

@@ -1282,6 +1282,68 @@ function createDatadogSink(config) {
     }
   };
 }
+// src/audit-sink-jsonl.ts
+import { mkdir, open } from "node:fs/promises";
+import { dirname } from "node:path";
+var log5 = createLogger();
+function createJsonlSink(config) {
+  const { path, fsync = true } = config;
+  let handle = null;
+  let initPromise = null;
+  let writeChain = Promise.resolve();
+  async function getHandle() {
+    if (handle)
+      return handle;
+    if (initPromise)
+      return initPromise;
+    initPromise = (async () => {
+      await mkdir(dirname(path), { recursive: true });
+      handle = await open(path, "a");
+      return handle;
+    })();
+    return initPromise;
+  }
+  function withWriteLock(fn) {
+    const previous = writeChain;
+    const next = previous.catch(() => {}).then(fn);
+    writeChain = next;
+    return next;
+  }
+  return {
+    name: "jsonl",
+    async send(events) {
+      if (events.length === 0)
+        return;
+      return withWriteLock(async () => {
+        const fh = await getHandle();
+        const payload = `${events.map((e) => JSON.stringify(e)).join(`
+`)}
+`;
+        await fh.appendFile(payload, "utf8");
+        if (fsync) {
+          try {
+            await fh.sync();
+          } catch (err2) {
+            log5.warn("jsonl sink fsync failed", { error: err2 });
+          }
+        }
+      });
+    },
+    async shutdown() {
+      await withWriteLock(async () => {
+        if (handle) {
+          try {
+            if (fsync)
+              await handle.sync();
+          } finally {
+            await handle.close();
+            handle = null;
+          }
+        }
+      });
+    }
+  };
+}
 // src/provenance.ts
 import { createHash as createHash2 } from "node:crypto";
 function sha256(input) {
@@ -1343,7 +1405,7 @@ function createProvenanceTracker(options) {
 import { createHash as createHash3 } from "node:crypto";
 import { existsSync, mkdirSync, readFileSync, writeFileSync as writeFileSync2 } from "node:fs";
 import { join } from "node:path";
-var log5 = createLogger();
+var log6 = createLogger();
 function createFileExperimentStore(dir) {
   return {
     save(name, data) {
@@ -1354,7 +1416,7 @@ function createFileExperimentStore(dir) {
         const filePath = join(dir, `${name}.json`);
         writeFileSync2(filePath, JSON.stringify(data, null, 2));
       } catch (err2) {
-        log5.error("Failed to save experiment", {
+        log6.error("Failed to save experiment", {
           name,
           error: err2 instanceof Error ? err2.message : String(err2)
         });
@@ -1385,7 +1447,7 @@ function loadFromStore(store, name, stats) {
       stats[vName].metrics[key] = { sum: m.sum, count: m.count };
     }
   }
-  log5.debug("Loaded experiment state", { name, totalAssignments: saved.totalAssignments });
+  log6.debug("Loaded experiment state", { name, totalAssignments: saved.totalAssignments });
 }
 function recordMetrics(s, metrics) {
   for (const [key, value] of Object.entries(metrics)) {
@@ -1453,7 +1515,7 @@ function createExperiment(config) {
       const s = stats[variant.name];
       if (s)
         s.assignments++;
-      log5.debug("Experiment assignment", {
+      log6.debug("Experiment assignment", {
         experiment: name,
         variant: variant.name,
         userId
@@ -1524,7 +1586,7 @@ function instrumentAgent(agent, tracer) {
 // src/studio-exporter.ts
 import { existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync3 } from "node:fs";
 import { join as join2 } from "node:path";
-var log6 = createLogger();
+var log7 = createLogger();
 function ensureDir(dirPath) {
   if (!existsSync2(dirPath)) {
     mkdirSync2(dirPath, { recursive: true });
@@ -1534,7 +1596,7 @@ function safeWriteJSON(filePath, data) {
   try {
     writeFileSync3(filePath, JSON.stringify(data, null, 2));
   } catch (err2) {
-    log6.error("Studio exporter write failed", {
+    log7.error("Studio exporter write failed", {
       file: filePath,
       error: err2 instanceof Error ? err2.message : String(err2)
     });
@@ -1585,8 +1647,341 @@ function createStudioExporter(config) {
     }
   };
 }
+// src/compliance.ts
+function createOWASPAgenticChecks() {
+  return [
+    {
+      id: "owasp-ag-01",
+      name: "Prompt Injection Detection",
+      description: "Verify security violation events exist for injection attempts",
+      category: "Goal Hijacking",
+      evaluate: (events) => {
+        const violations = events.filter((e) => e.type === "security_violation" && e.data.category === "injection");
+        return {
+          status: "pass",
+          details: `${violations.length} injection attempts detected and blocked`,
+          evidence: violations.slice(0, 5).map((v) => `Event ${v.id} at ${new Date(v.timestamp).toISOString()}`)
+        };
+      }
+    },
+    {
+      id: "owasp-ag-02",
+      name: "Tool Execution Audit",
+      description: "All tool executions are logged in audit trail",
+      category: "Tool Abuse",
+      evaluate: (events) => {
+        const toolEvents = events.filter((e) => e.type === "tool_execution");
+        if (toolEvents.length === 0) {
+          return {
+            status: "warning",
+            details: "No tool execution events found in audit trail",
+            recommendations: ["Enable audit middleware for tool executions"]
+          };
+        }
+        return {
+          status: "pass",
+          details: `${toolEvents.length} tool executions audited`
+        };
+      }
+    },
+    {
+      id: "owasp-ag-03",
+      name: "Budget Enforcement",
+      description: "Budget alerts and limits are enforced",
+      category: "Runaway Agents",
+      evaluate: (events) => {
+        const budgetAlerts = events.filter((e) => e.type === "budget_alert");
+        const policyViolations = events.filter((e) => e.type === "policy_violation" && (e.data.policyName === "cost-limit" || e.data.policyName === "token-limit"));
+        return {
+          status: "pass",
+          details: `${budgetAlerts.length} budget alerts, ${policyViolations.length} policy violations enforced`
+        };
+      }
+    },
+    {
+      id: "owasp-ag-04",
+      name: "Audit Trail Integrity",
+      description: "Audit trail hash chain is intact",
+      category: "Audit Integrity",
+      evaluate: () => ({
+        status: "pass",
+        details: "Audit trail integrity verified separately via verifyIntegrity()"
+      })
+    },
+    {
+      id: "owasp-ag-05",
+      name: "Secret Redaction Active",
+      description: "Security middleware redacts secrets from inputs and outputs",
+      category: "Data Exfiltration",
+      evaluate: (events) => {
+        const redactions = events.filter((e) => e.type === "security_violation" && (e.data.category === "secret_detected" || e.data.redacted === true));
+        return {
+          status: "pass",
+          details: `${redactions.length} secret redaction events recorded`
+        };
+      }
+    },
+    {
+      id: "owasp-ag-06",
+      name: "Approval Gates Active",
+      description: "High-risk operations require approval",
+      category: "Privilege Escalation",
+      evaluate: (events) => {
+        const approvalRequests = events.filter((e) => e.type === "approval_request");
+        const approvalDecisions = events.filter((e) => e.type === "approval_decision");
+        if (approvalRequests.length === 0) {
+          return {
+            status: "warning",
+            details: "No approval requests found — ensure approval gates are configured",
+            recommendations: ["Configure approval gates for high-risk tool calls"]
+          };
+        }
+        const denied = approvalDecisions.filter((e) => e.data.approved === false);
+        return {
+          status: "pass",
+          details: `${approvalRequests.length} approval requests, ${denied.length} denied`
+        };
+      }
+    }
+  ];
+}
+function createEUAIActChecks(riskLevel) {
+  return [
+    {
+      id: "eu-ai-01",
+      name: "Risk Classification",
+      description: "System risk level is documented",
+      category: "Risk Management",
+      evaluate: () => ({
+        status: "pass",
+        details: `System classified as "${riskLevel}" risk`
+      })
+    },
+    {
+      id: "eu-ai-02",
+      name: "Human Oversight",
+      description: "Human-in-the-loop mechanisms are available (approval gates)",
+      category: "Human Oversight",
+      evaluate: (events) => {
+        const approvals = events.filter((e) => e.type === "approval_request" || e.type === "approval_decision");
+        if (riskLevel === "high" && approvals.length === 0) {
+          return {
+            status: "fail",
+            details: "High-risk system requires human oversight mechanisms",
+            recommendations: ["Implement approval gates for critical operations"]
+          };
+        }
+        return {
+          status: "pass",
+          details: `${approvals.length} human oversight events recorded`
+        };
+      }
+    },
+    {
+      id: "eu-ai-03",
+      name: "Transparency Logging",
+      description: "All AI decisions are logged with full traceability",
+      category: "Transparency",
+      evaluate: (events) => {
+        const llmCalls = events.filter((e) => e.type === "llm_call");
+        const withTraceId = llmCalls.filter((e) => e.traceId);
+        if (llmCalls.length === 0) {
+          return {
+            status: "fail",
+            details: "No LLM call events logged",
+            recommendations: ["Enable audit middleware on gateway"]
+          };
+        }
+        const traceRate = withTraceId.length / llmCalls.length;
+        return {
+          status: traceRate >= 0.95 ? "pass" : "warning",
+          details: `${llmCalls.length} LLM calls logged, ${Math.round(traceRate * 100)}% with trace IDs`,
+          recommendations: traceRate < 0.95 ? ["Ensure all requests include trace IDs for full traceability"] : undefined
+        };
+      }
+    },
+    {
+      id: "eu-ai-04",
+      name: "Data Governance",
+      description: "PII and sensitive data are protected",
+      category: "Data Governance",
+      evaluate: (events) => {
+        const securityEvents = events.filter((e) => e.type === "security_violation");
+        return {
+          status: "pass",
+          details: `${securityEvents.length} security events recorded — data protection active`
+        };
+      }
+    },
+    {
+      id: "eu-ai-05",
+      name: "Record Keeping",
+      description: "Audit trail is maintained with tamper-evident hash chain",
+      category: "Record Keeping",
+      evaluate: () => ({
+        status: "pass",
+        details: "SHA-256 hash-chained audit trail is active"
+      })
+    }
+  ];
+}
+function createColoradoAIActChecks() {
+  return [
+    {
+      id: "co-ai-01",
+      name: "Impact Assessment Documentation",
+      description: "AI system impact is documented and assessable",
+      category: "Impact Assessment",
+      evaluate: (events) => {
+        const totalEvents = events.length;
+        return {
+          status: totalEvents > 0 ? "pass" : "warning",
+          details: `${totalEvents} events available for impact assessment`,
+          recommendations: totalEvents === 0 ? ["Enable comprehensive audit logging for impact assessment evidence"] : undefined
+        };
+      }
+    },
+    {
+      id: "co-ai-02",
+      name: "Algorithmic Discrimination Prevention",
+      description: "Content policy and guardrails prevent discriminatory outputs",
+      category: "Fairness",
+      evaluate: (events) => {
+        const policyViolations = events.filter((e) => e.type === "policy_violation" && e.data.policyName === "content-policy");
+        return {
+          status: "pass",
+          details: `Content policy active — ${policyViolations.length} violations blocked`
+        };
+      }
+    },
+    {
+      id: "co-ai-03",
+      name: "Consumer Notification Capability",
+      description: "System can notify users when AI is making consequential decisions",
+      category: "Transparency",
+      evaluate: (events) => {
+        const auditCount = events.filter((e) => e.type === "llm_call").length;
+        return {
+          status: "pass",
+          details: `${auditCount} AI decisions logged — notification capability supported via audit trail`
+        };
+      }
+    }
+  ];
+}
+function getChecksForFramework(config) {
+  switch (config.framework) {
+    case "owasp-agentic":
+      return createOWASPAgenticChecks();
+    case "eu-ai-act":
+      return createEUAIActChecks(config.riskLevel ?? "limited");
+    case "colorado-ai-act":
+      return createColoradoAIActChecks();
+    case "custom":
+      return config.customChecks ?? [];
+  }
+}
+async function generateComplianceReport(auditTrail, config) {
+  const events = await auditTrail.query({
+    fromTimestamp: config.reportPeriod.from,
+    toTimestamp: config.reportPeriod.to
+  });
+  const integrity = await auditTrail.verifyIntegrity();
+  const checks = getChecksForFramework(config);
+  const entries = checks.map((check) => ({
+    id: check.id,
+    name: check.name,
+    category: check.category,
+    result: check.evaluate(events)
+  }));
+  const passed = entries.filter((e) => e.result.status === "pass").length;
+  const failed = entries.filter((e) => e.result.status === "fail").length;
+  const warnings = entries.filter((e) => e.result.status === "warning").length;
+  const notApplicable = entries.filter((e) => e.result.status === "not-applicable").length;
+  let overallStatus = "compliant";
+  if (failed > 0)
+    overallStatus = "non-compliant";
+  else if (warnings > 0)
+    overallStatus = "needs-review";
+  return {
+    id: `compliance_${config.framework}_${Date.now().toString(36)}`,
+    framework: config.framework,
+    systemName: config.systemName,
+    systemVersion: config.systemVersion,
+    generatedAt: Date.now(),
+    reportPeriod: config.reportPeriod,
+    summary: {
+      totalChecks: entries.length,
+      passed,
+      failed,
+      warnings,
+      notApplicable,
+      overallStatus
+    },
+    checks: entries,
+    auditIntegrity: { valid: integrity.valid, totalEvents: integrity.totalEvents }
+  };
+}
+var STATUS_ICONS = {
+  pass: "[PASS]",
+  fail: "[FAIL]",
+  warning: "[WARN]",
+  "not-applicable": "[N/A]"
+};
+function formatCheckEntry(check) {
+  const icon = STATUS_ICONS[check.result.status] ?? "[N/A]";
+  const lines = [`**${icon} ${check.id}: ${check.name}**`, "", check.result.details];
+  if (check.result.evidence?.length) {
+    lines.push("", "Evidence:");
+    lines.push(...check.result.evidence.map((e) => `- ${e}`));
+  }
+  if (check.result.recommendations?.length) {
+    lines.push("", "Recommendations:");
+    lines.push(...check.result.recommendations.map((r) => `- ${r}`));
+  }
+  lines.push("");
+  return lines;
+}
+function formatComplianceReport(report) {
+  const lines = [
+    `# Compliance Report: ${report.framework.toUpperCase()}`,
+    "",
+    `**System:** ${report.systemName} v${report.systemVersion}`,
+    `**Generated:** ${new Date(report.generatedAt).toISOString()}`,
+    `**Period:** ${new Date(report.reportPeriod.from).toISOString()} to ${new Date(report.reportPeriod.to).toISOString()}`,
+    `**Status:** ${report.summary.overallStatus.toUpperCase()}`,
+    "",
+    "## Summary",
+    "",
+    "| Metric | Count |",
+    "|--------|-------|",
+    `| Total Checks | ${report.summary.totalChecks} |`,
+    `| Passed | ${report.summary.passed} |`,
+    `| Failed | ${report.summary.failed} |`,
+    `| Warnings | ${report.summary.warnings} |`,
+    `| N/A | ${report.summary.notApplicable} |`,
+    "",
+    "## Audit Trail Integrity",
+    "",
+    `- Valid: ${report.auditIntegrity.valid ? "Yes" : "NO"}`,
+    `- Total Events: ${report.auditIntegrity.totalEvents}`,
+    "",
+    "## Checks",
+    ""
+  ];
+  const categories = [...new Set(report.checks.map((c) => c.category))];
+  for (const category of categories) {
+    lines.push(`### ${category}`, "");
+    const categoryChecks = report.checks.filter((c) => c.category === category);
+    for (const check of categoryChecks) {
+      lines.push(...formatCheckEntry(check));
+    }
+  }
+  return lines.join(`
+`);
+}
 // src/otel.ts
-var log7 = createLogger();
+var log8 = createLogger();
 var SPAN_KIND_MAP = {
   llm: 3,
   tool: 1,
@@ -1727,10 +2122,10 @@ function createOTLPExporter(config) {
         body: JSON.stringify(payload)
       });
       if (!response.ok) {
-        log7.error(`OTLP export failed: ${response.status} ${response.statusText}`);
+        log8.error(`OTLP export failed: ${response.status} ${response.statusText}`);
       }
     } catch (err2) {
-      log7.error("OTLP export error", { error: err2 instanceof Error ? err2.message : String(err2) });
+      log8.error("OTLP export error", { error: err2 instanceof Error ? err2.message : String(err2) });
     }
   }
   function startAutoFlush() {
@@ -1776,6 +2171,8 @@ export {
   instrumentComplete,
   instrumentAgent,
   injectTraceContext,
+  generateComplianceReport,
+  formatComplianceReport,
   extractTraceContext,
   createWebhookSink,
   createStudioExporter,
@@ -1785,6 +2182,7 @@ export {
   createProvenanceTracker,
   createOTLPExporter,
   createMetrics,
+  createJsonlSink,
   createFileExperimentStore,
   createExperiment,
   createDatadogSink,

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@elsium-ai/observe",
-	"version": "0.9.1",
+	"version": "0.11.0",
 	"description": "Observability, tracing, and cost tracking for ElsiumAI",
 	"license": "MIT",
 	"author": "Eric Utrera <ebutrera9103@gmail.com>",
@@ -26,7 +26,7 @@
 		"dev": "bun --watch src/index.ts"
 	},
 	"dependencies": {
-		"@elsium-ai/core": "^0.9.1"
+		"@elsium-ai/core": "^0.11.0"
 	},
 	"devDependencies": {
 		"typescript": "^5.7.0"