@exfil/canary 1.0.0

package/dist/proxy/ProxyServer.js

@@ -0,0 +1,480 @@
+/**
+ * ProxyServer — transparent canary-token proxy for MCP tool calls.
+ *
+ * The agent connects to ProxyServer as its only MCP server.  ProxyServer:
+ *
+ *   1. Aggregates all tools from downstream servers (namespaced as `{id}__{tool}`).
+ *   2. On every tool call:
+ *      a. Serialises the arguments and scans for active canary sequences.
+ *         → Blocks (or logs/alerts) if a token is found in outbound args.
+ *      b. Forwards the call to the downstream server.
+ *      c. Walks the response, wrapping every text string ≥ MIN_WRAP_CHARS
+ *         with a freshly generated canary token registered in session state.
+ *   3. Exposes a single built-in tool `canary__get_report` for operator use.
+ *
+ * The agent never needs to explicitly call wrap_content or scan_outbound —
+ * interception happens transparently on every I/O crossing.
+ */
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { CallToolRequestSchema, ListToolsRequestSchema, ErrorCode, McpError, } from '@modelcontextprotocol/sdk/types.js';
+import { generateTokenSequence, generateTokenId, embedToken, } from '../token.js';
+import { registerToken, getActiveTokens, recordLeakage, pruneExpiredTokens, } from '../state.js';
+import { scanForAllTokens } from '../scanner.js';
+import { extractEntities, scanForEntityValues } from '../entities.js';
+import { computeSimHash, isSimilar } from '../simhash.js';
+import { persistState } from '../persistence.js';
+import { log } from '../logger.js';
+import { DownstreamManager } from './DownstreamManager.js';
+import { DualAuditor } from './auditor/DualAuditor.js';
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+/** Minimum character length to bother wrapping a text response. */
+const MIN_WRAP_CHARS = 50;
+/** Management key env var (same convention as CanaryMcpServer). */
+const MGMT_KEY_ENV = 'CANARY_MCP_MGMT_KEY';
+// ---------------------------------------------------------------------------
+// Tool allowlist helpers
+// ---------------------------------------------------------------------------
+/**
+ * Returns true if `toolName` is permitted by `allowlist`.
+ *
+ * Entries ending with `*` are prefix wildcards:
+ *   "filesystem__*"  matches any tool whose name starts with "filesystem__".
+ *   "*"              matches any tool name.
+ * All other entries are exact matches.
+ */
+function isToolAllowed(toolName, allowlist) {
+    for (const entry of allowlist) {
+        if (entry.endsWith('*')) {
+            const prefix = entry.slice(0, -1);
+            if (toolName.startsWith(prefix))
+                return true;
+        }
+        else {
+            if (toolName === entry)
+                return true;
+        }
+    }
+    return false;
+}
+// ---------------------------------------------------------------------------
+// Domain allowlist helpers
+// ---------------------------------------------------------------------------
+/** Extracts all unique hostnames from URLs found in serialised args. */
+function extractHostnames(dataStr) {
+    const seen = new Set();
+    const re = /https?:\/\/([^/"'\s<>?#]+)/g;
+    let m;
+    while ((m = re.exec(dataStr)) !== null) {
+        const raw = m[1];
+        // Strip port if present.
+        const hostname = raw.split(':')[0].toLowerCase();
+        seen.add(hostname);
+    }
+    return [...seen];
+}
+/**
+ * Returns true if `hostname` is permitted by `allowlist`.
+ * Entries starting with `*.` match any direct subdomain.
+ * All matching is case-insensitive.
+ */
+function isDomainAllowed(hostname, allowlist) {
+    const h = hostname.toLowerCase();
+    for (const entry of allowlist) {
+        const e = entry.toLowerCase();
+        if (e.startsWith('*.')) {
+            // *.github.com matches api.github.com but not github.com itself.
+            const parent = e.slice(2);
+            if (h.endsWith('.' + parent))
+                return true;
+        }
+        else {
+            if (h === e)
+                return true;
+        }
+    }
+    return false;
+}
+// ---------------------------------------------------------------------------
+// ProxyServer
+// ---------------------------------------------------------------------------
+export class ProxyServer {
+    upstream;
+    downstream;
+    config;
+    state;
+    /** Accumulated tool results for auditor context (ring-buffered to 50). */
+    storedResults = [];
+    resultCounter = 0;
+    /** Dual-auditor instance, or null if not configured. */
+    auditor;
+    /** Number of detections made by the LLM auditor layer (for report). */
+    auditorDetections = 0;
+    constructor(state, config, proxyConfig) {
+        this.state = state;
+        this.config = config;
+        this.downstream = new DownstreamManager();
+        this.upstream = new Server({ name: 'exfil/canary-proxy', version: '1.0.0' }, { capabilities: { tools: {} } });
+        // Initialise dual auditor if configured.
+        if (proxyConfig.auditors && proxyConfig.auditors.length === 2) {
+            this.auditor = new DualAuditor(proxyConfig.auditors);
+            log('info', 'ProxyServer: dual-auditor enabled.', {
+                providers: proxyConfig.auditors.map((a) => a.provider),
+            });
+        }
+        else {
+            this.auditor = null;
+        }
+        // Stash proxy config for later connect() call.
+        this._proxyConfig = proxyConfig;
+        this.registerHandlers();
+    }
+    _proxyConfig;
+    // -------------------------------------------------------------------------
+    // Lifecycle
+    // -------------------------------------------------------------------------
+    async start() {
+        // Connect to downstream servers first.
+        await this.downstream.connect(this._proxyConfig);
+        const transport = new StdioServerTransport();
+        await this.upstream.connect(transport);
+        log('info', 'exfil/canary-proxy started.', { session_id: this.state.session_id });
+    }
+    async shutdown() {
+        log('info', 'Shutting down exfil/canary-proxy.');
+        await persistState(this.state, this.config).catch(() => { });
+        await this.downstream.disconnect();
+        await this.upstream.close();
+    }
+    sweepExpiredTokens() {
+        const removed = pruneExpiredTokens(this.state);
+        if (removed > 0) {
+            log('debug', `Expiry sweep removed ${removed} token(s).`);
+            persistState(this.state, this.config).catch(() => { });
+        }
+    }
+    // -------------------------------------------------------------------------
+    // Handler registration
+    // -------------------------------------------------------------------------
+    registerHandlers() {
+        this.upstream.setRequestHandler(ListToolsRequestSchema, async () => {
+            const downstreamTools = this.downstream.listAllTools().map((dt) => dt.tool);
+            return {
+                tools: [
+                    ...downstreamTools,
+                    {
+                        name: 'canary__get_report',
+                        description: 'Returns the canary token session report: active tokens, detected leakage events, and action history.',
+                        inputSchema: {
+                            type: 'object',
+                            properties: {
+                                mgmt_key: {
+                                    type: 'string',
+                                    description: 'Management key (required if CANARY_MCP_MGMT_KEY is set).',
+                                },
+                            },
+                            required: [],
+                        },
+                    },
+                ],
+            };
+        });
+        this.upstream.setRequestHandler(CallToolRequestSchema, async (request) => {
+            const { name, arguments: rawArgs = {} } = request.params;
+            const args = rawArgs;
+            if (name === 'canary__get_report') {
+                return this.handleGetReport(args);
+            }
+            // ── Tool allowlist ─────────────────────────────────────────────────────
+            const toolAllowlist = this._proxyConfig.allowed_tools;
+            if (toolAllowlist && toolAllowlist.length > 0 && !isToolAllowed(name, toolAllowlist)) {
+                log('warn', 'Proxy: tool call blocked by allowed_tools.', { name });
+                throw new McpError(ErrorCode.MethodNotFound, `Tool "${name}" is not in the allowed_tools list.`);
+            }
+            // Resolve which downstream server handles this tool.
+            const resolved = this.downstream.resolveTool(name);
+            if (!resolved) {
+                throw new McpError(ErrorCode.MethodNotFound, `Unknown tool: "${name}"`);
+            }
+            // ── Inbound scan: args → check for canary exfiltration attempt ─────────
+            await this.scanInboundArgs(args, resolved.server_id, resolved.original_name);
+            // ── Forward to downstream ──────────────────────────────────────────────
+            let response;
+            try {
+                response = await this.downstream.callTool(resolved.server_id, resolved.original_name, args);
+            }
+            catch (err) {
+                // Propagate downstream errors as MCP errors.
+                throw new McpError(ErrorCode.InternalError, `Downstream error from "${name}": ${err.message}`);
+            }
+            // ── Wrap text responses with canary tokens ─────────────────────────────
+            const wrappedContent = await this.wrapResponseContent(response.content, resolved.server_id, resolved.original_name);
+            return { content: wrappedContent, isError: response.isError };
+        });
+    }
+    // -------------------------------------------------------------------------
+    // Inbound scan (outbound args from the agent → downstream)
+    // -------------------------------------------------------------------------
+    /**
+     * Scans serialised tool arguments for any active canary tokens.
+     * Fires resolveAction (which may throw McpError to halt) if a token is found.
+     */
+    async scanInboundArgs(args, targetServer, targetTool) {
+        const dataStr = JSON.stringify(args);
+        // ── Domain allowlist (fail-closed) ───────────────────────────────────────
+        // Absent or empty = block all outbound URLs.
+        // Only URLs whose hostname matches an entry are allowed through.
+        const allowlist = this._proxyConfig.allowed_domains ?? [];
+        const hostnames = extractHostnames(dataStr);
+        for (const hostname of hostnames) {
+            if (!isDomainAllowed(hostname, allowlist)) {
+                log('warn', 'Proxy: outbound call to non-allowlisted domain blocked.', {
+                    hostname,
+                    target_server: targetServer,
+                    target_tool: targetTool,
+                });
+                throw new McpError(ErrorCode.InternalError, `Outbound domain "${hostname}" is not in the allowed_domains list.`);
+            }
+        }
+        const activeTokens = getActiveTokens(this.state).filter((t) => t.sequence !== '');
+        if (activeTokens.length === 0)
+            return;
+        const resolvedTokenIds = new Set();
+        // ── Unicode marker scan ──────────────────────────────────────────────────
+        const results = scanForAllTokens(dataStr, activeTokens);
+        for (const result of results) {
+            if (result.found) {
+                log('warn', 'Proxy inbound scan: canary token found in tool args.', {
+                    token_id: result.token_id,
+                    target_server: targetServer,
+                    target_tool: targetTool,
+                });
+                await this.resolveAction(result.token_id, 'scan_outbound', targetServer, targetTool);
+                resolvedTokenIds.add(result.token_id);
+            }
+        }
+        // ── v1.1: Named entity scan ──────────────────────────────────────────────
+        for (const token of activeTokens) {
+            if (token.entity_canaries.length === 0)
+                continue;
+            const matched = scanForEntityValues(dataStr, token.entity_canaries);
+            if (matched.length > 0 && !resolvedTokenIds.has(token.token_id)) {
+                log('warn', 'Proxy inbound scan: entity canary found in tool args.', {
+                    token_id: token.token_id,
+                    entity_types: matched.map((e) => e.entity_type),
+                    target_server: targetServer,
+                    target_tool: targetTool,
+                });
+                await this.resolveAction(token.token_id, 'scan_outbound', targetServer, targetTool);
+                resolvedTokenIds.add(token.token_id);
+            }
+        }
+        // ── v1.6: SimHash semantic scan ──────────────────────────────────────────
+        const dataSimhash = computeSimHash(dataStr);
+        if (dataSimhash !== null) {
+            for (const token of activeTokens) {
+                if (token.simhash === null || resolvedTokenIds.has(token.token_id))
+                    continue;
+                if (isSimilar(token.simhash, dataSimhash)) {
+                    log('warn', 'Proxy inbound scan: semantic match in tool args.', {
+                        token_id: token.token_id,
+                        target_server: targetServer,
+                        target_tool: targetTool,
+                    });
+                    await this.resolveAction(token.token_id, 'scan_outbound', targetServer, targetTool);
+                    resolvedTokenIds.add(token.token_id);
+                }
+            }
+        }
+        // ── v2.0: Dual-LLM auditor ───────────────────────────────────────────────
+        if (this.auditor !== null && this.storedResults.length > 0) {
+            let outcome;
+            try {
+                outcome = await this.auditor.check(this.storedResults, dataStr);
+            }
+            catch (err) {
+                // Should not happen — DualAuditor catches internally — but be safe.
+                log('warn', `Proxy: auditor threw unexpectedly: ${err.message} — applying timeout action.`);
+                const timeoutAction = this._proxyConfig.audit_timeout_action ?? 'block';
+                if (timeoutAction === 'block') {
+                    outcome = { clean: false, results: [] };
+                }
+                else {
+                    return;
+                }
+            }
+            if (!outcome.clean) {
+                this.auditorDetections++;
+                // Use a sentinel token_id since the auditor fires without a specific token.
+                const derivedCallId = outcome.results.find((r) => r.result.derived_call_id)?.result.derived_call_id;
+                log('warn', 'Proxy inbound scan: auditor DERIVED verdict.', {
+                    derived_call_id: derivedCallId,
+                    target_server: targetServer,
+                    target_tool: targetTool,
+                });
+                await this.resolveAuditorAction(targetServer, targetTool, derivedCallId);
+            }
+        }
+    }
+    // -------------------------------------------------------------------------
+    // Response wrapping
+    // -------------------------------------------------------------------------
+    /**
+     * Walks the content array from a downstream response.
+     * For every text item with ≥ MIN_WRAP_CHARS characters, embeds a new
+     * canary token and registers it in session state.
+     *
+     * Non-text content (images, etc.) is passed through unchanged.
+     */
+    async wrapResponseContent(content, sourceServer, sourceTool) {
+        const wrapped = [];
+        for (const item of content) {
+            if (item !== null &&
+                typeof item === 'object' &&
+                item['type'] === 'text' &&
+                typeof item['text'] === 'string') {
+                const text = item.text;
+                if (text.length >= MIN_WRAP_CHARS) {
+                    const sequence = generateTokenSequence();
+                    const token_id = generateTokenId();
+                    // Store raw text for the LLM auditor before embedding the token.
+                    const call_id = `r${++this.resultCounter}`;
+                    this.storedResults.push({ call_id, source_server: sourceServer, source_tool: sourceTool, text });
+                    // Ring-buffer: keep only the 50 most recent results.
+                    if (this.storedResults.length > 50) {
+                        this.storedResults.shift();
+                    }
+                    const entity_canaries = extractEntities(text);
+                    const simhash = computeSimHash(text);
+                    registerToken(this.state, {
+                        token_id,
+                        sequence,
+                        source_type: 'tool_result',
+                        source_server: sourceServer,
+                        source_tool: sourceTool,
+                        embed_position: 'suffix',
+                        ttl_ms: this.config.token_ttl_seconds * 1000,
+                        entity_canaries,
+                        simhash,
+                    });
+                    const wrappedText = embedToken(text, sequence, 'suffix');
+                    log('debug', 'Proxy: wrapped response text.', { token_id, source_server: sourceServer, source_tool: sourceTool });
+                    wrapped.push({ type: 'text', text: wrappedText });
+                    continue;
+                }
+            }
+            wrapped.push(item);
+        }
+        // Persist after potentially many token registrations.
+        await persistState(this.state, this.config).catch(() => { });
+        return wrapped;
+    }
+    // -------------------------------------------------------------------------
+    // Built-in tool: canary__get_report
+    // -------------------------------------------------------------------------
+    handleGetReport(args) {
+        const requiredKey = process.env[MGMT_KEY_ENV];
+        if (requiredKey) {
+            const provided = args['mgmt_key'];
+            if (typeof provided !== 'string' || provided !== requiredKey) {
+                throw new McpError(ErrorCode.InvalidParams, 'Invalid or missing mgmt_key.');
+            }
+        }
+        const now = Date.now();
+        const allTokens = [...this.state.tokens.values()];
+        const activeCount = allTokens.filter((t) => t.expires_at > now).length;
+        const expiredCount = allTokens.length - activeCount;
+        const leakedCount = allTokens.filter((t) => t.leaked).length;
+        const allEvents = [...this.state.leakage_events.values()];
+        const tokenSummaries = allTokens.map((t) => ({
+            token_id: t.token_id,
+            source_type: t.source_type,
+            source_server: t.source_server,
+            source_tool: t.source_tool,
+            embed_position: t.embed_position,
+            created_at: t.created_at,
+            expires_at: t.expires_at,
+            status: t.expires_at > now ? 'active' : 'expired',
+            leaked: t.leaked,
+            leakage_event_ids: t.leakage_event_ids,
+            // sequence deliberately omitted (RC-5).
+        }));
+        return {
+            content: [
+                {
+                    type: 'text',
+                    text: JSON.stringify({
+                        session_id: this.state.session_id,
+                        created_at: this.state.created_at,
+                        token_counter: this.state.token_counter,
+                        proxy_mode: true,
+                        summary: {
+                            total_tokens: allTokens.length,
+                            active_tokens: activeCount,
+                            expired_tokens: expiredCount,
+                            leaked_tokens: leakedCount,
+                            total_leakage_events: allEvents.length,
+                            auditor_detections: this.auditorDetections,
+                            auditor_enabled: this.auditor !== null,
+                            domain_allowlist: this._proxyConfig.allowed_domains ?? [],
+                            tool_allowlist: this._proxyConfig.allowed_tools ?? null,
+                        },
+                        tokens: tokenSummaries,
+                        leakage_events: allEvents,
+                    }),
+                },
+            ],
+        };
+    }
+    // -------------------------------------------------------------------------
+    // Action dispatch helper
+    // -------------------------------------------------------------------------
+    /**
+     * Fires response_mode action for an auditor DERIVED verdict.
+     * Unlike resolveAction, there may be no specific token_id — the auditor
+     * detected derived content without matching a canary marker.
+     */
+    async resolveAuditorAction(target_server, target_tool, derived_call_id) {
+        const mode = this.config.response_mode;
+        const action_taken = mode === 'halt' ? 'halted'
+            : mode === 'alert' ? 'alerted'
+                : 'logged';
+        // Record as a leakage event with a sentinel token_id.
+        recordLeakage(this.state, {
+            token_id: `auditor:${derived_call_id ?? 'unknown'}`,
+            detection_method: 'scan_outbound',
+            target_server,
+            target_tool,
+            action_taken,
+            webhook_attempted: false,
+            webhook_delivered: null,
+        });
+        await persistState(this.state, this.config).catch(() => { });
+        if (mode === 'halt') {
+            throw new McpError(ErrorCode.InternalError, 'Auditor detected derived content in outbound data. Operation halted.');
+        }
+    }
+    async resolveAction(token_id, detection_method, target_server, target_tool) {
+        const mode = this.config.response_mode;
+        const action_taken = mode === 'halt' ? 'halted'
+            : mode === 'alert' ? 'alerted'
+                : 'logged';
+        recordLeakage(this.state, {
+            token_id,
+            detection_method,
+            target_server,
+            target_tool,
+            action_taken,
+            webhook_attempted: false,
+            webhook_delivered: null,
+        });
+        await persistState(this.state, this.config).catch(() => { });
+        if (mode === 'halt') {
+            throw new McpError(ErrorCode.InternalError, 'Integrity marker detected in outbound data. Operation halted.');
+        }
+        return action_taken;
+    }
+}
+//# sourceMappingURL=ProxyServer.js.map

package/dist/proxy/ProxyServer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ProxyServer.js","sourceRoot":"","sources":["../../src/proxy/ProxyServer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,SAAS,EACT,QAAQ,GACT,MAAM,oCAAoC,CAAC;AAG5C,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,UAAU,GACX,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,aAAa,EACb,eAAe,EACf,aAAa,EACb,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,mEAAmE;AACnE,MAAM,cAAc,GAAG,EAAE,CAAC;AAE1B,mEAAmE;AACnE,MAAM,YAAY,GAAG,qBAAqB,CAAC;AAE3C,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E;;;;;;;GAOG;AACH,SAAS,aAAa,CAAC,QAAgB,EAAE,SAAmB;IAC1D,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,IAAI,QAAQ,KAAK,KAAK;gBAAE,OAAO,IAAI,CAAC;QACtC,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,2BAA2B;AAC3B,8EAA8E;AAE9E,wEAAwE;AACxE,SAAS,gBAAgB,CAAC,OAAe;IACvC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,EAAE,GAAG,6BAA6B,CAAC;IACzC,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACvC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;QAClB,yBAAyB;QACzB,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IACD,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;AACnB,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,SAAmB;IAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACjC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QAC9B,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,iEAAiE;YACjE,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC1B,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC3B,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,OAAO,WAAW;IACL,QAAQ,CAAS;IACjB,UAAU,CAAoB;IAC9B,MAAM,CAAe;IAC9B,KAAK,CAAe;IAC5B,0EAA0E;IAClE,aAAa,GAAuB,EAAE,CAAC;IACvC,aAAa,GAAG,CAAC,CAAC;IAC1B,wDAAwD;IACvC,OAAO,CAAqB;IAC7C,uEAAuE;IAC/D,iBAAiB,GAAG,CAAC,CAAC;IAE9B,YAAY,KAAmB,EAAE,MAAoB,EAAE,WAAwB;QAC7E,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,IAAI,iBAAiB,EAAE,CAAC;QAE1C,IAAI,CAAC,QAAQ,GAAG,IAAI,MAAM,CACxB,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,OAAO,EAAE,EAChD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;QAEF,yCAAyC;QACzC,IAAI,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9D,IAAI,CAAC,OAAO,GAAG,IAAI,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YACrD,GAAG,CAAC,MAAM,EAAE,oCAAoC,EAAE;gBAChD,SAAS,EAAE,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;aACvD,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACtB,CAAC;QAED,+CAA+C;QAC/C,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC;QAChC,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAC1B,CAAC;IAEO,YAAY,CAAc;IAElC,4EAA4E;IAC5E,YAAY;IACZ,4EAA4E;IAE5E,KAAK,CAAC,KAAK;QACT,uCAAuC;QACvC,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAC7C,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACvC,GAAG,CAAC,MAAM,EAAE,6BAA6B,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,GAAG,CAAC,MAAM,EAAE,mCAAmC,CAAC,CAAC;QACjD,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;QACnC,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;IAC9B,CAAC;IAED,kBAAkB;QAChB,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/C,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAChB,GAAG,CAAC,OAAO,EAAE,wBAAwB,OAAO,YAAY,CAAC,CAAC;YAC1D,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,uBAAuB;IACvB,4EAA4E;IAEpE,gBAAgB;QACtB,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;YACjE,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;YAE5E,OAAO;gBACL,KAAK,EAAE;oBACL,GAAG,eAAe;oBAClB;wBACE,IAAI,EAAE,oBAAoB;wBAC1B,WAAW,EACT,sGAAsG;wBACxG,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,QAAQ,EAAE;oCACR,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,0DAA0D;iCACxE;6BACF;4BACD,QAAQ,EAAE,EAAE;yBACb;qBACF;iBACF;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YACvE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;YACzD,MAAM,IAAI,GAAG,OAAkC,CAAC;YAEhD,IAAI,IAAI,KAAK,oBAAoB,EAAE,CAAC;gBAClC,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;YAED,0EAA0E;YAC1E,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC;YACtD,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,aAAa,CAAC,EAAE,CAAC;gBACrF,GAAG,CAAC,MAAM,EAAE,4CAA4C,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,MAAM,IAAI,QAAQ,CAChB,SAAS,CAAC,cAAc,EACxB,SAAS,IAAI,qCAAqC,CACnD,CAAC;YACJ,CAAC;YAED,qDAAqD;YACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YACnD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,QAAQ,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,IAAI,GAAG,CAAC,CAAC;YAC1E,CAAC;YAED,0EAA0E;YAC1E,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;YAE7E,0EAA0E;YAC1E,IAAI,QAAmD,CAAC;YACxD,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CACvC,QAAQ,CAAC,SAAS,EAClB,QAAQ,CAAC,aAAa,EACtB,IAAI,CACL,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,6CAA6C;gBAC7C,MAAM,IAAI,QAAQ,CAChB,SAAS,CAAC,aAAa,EACvB,0BAA0B,IAAI,MAAO,GAAa,CAAC,OAAO,EAAE,CAC7D,CAAC;YACJ,CAAC;YAED,0EAA0E;YAC1E,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,mBAAmB,CACnD,QAAQ,CAAC,OAAO,EAChB,QAAQ,CAAC,SAAS,EAClB,QAAQ,CAAC,aAAa,CACvB,CAAC;YAEF,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,CAAC;QAChE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,4EAA4E;IAC5E,2DAA2D;IAC3D,4EAA4E;IAE5E;;;OAGG;IACK,KAAK,CAAC,eAAe,CAC3B,IAA6B,EAC7B,YAAoB,EACpB,UAAkB;QAElB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAErC,4EAA4E;QAC5E,6CAA6C;QAC7C,iEAAiE;QACjE,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,eAAe,IAAI,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAC5C,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC;gBAC1C,GAAG,CAAC,MAAM,EAAE,yDAAyD,EAAE;oBACrE,QAAQ;oBACR,aAAa,EAAE,YAAY;oBAC3B,WAAW,EAAE,UAAU;iBACxB,CAAC,CAAC;gBACH,MAAM,IAAI,QAAQ,CAChB,SAAS,CAAC,aAAa,EACvB,oBAAoB,QAAQ,uCAAuC,CACpE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,EAAE,CAAC,CAAC;QAClF,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAEtC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE3C,4EAA4E;QAC5E,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACxD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,GAAG,CAAC,MAAM,EAAE,sDAAsD,EAAE;oBAClE,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,aAAa,EAAE,YAAY;oBAC3B,WAAW,EAAE,UAAU;iBACxB,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,eAAe,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;gBACrF,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;YACjC,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YACjD,MAAM,OAAO,GAAG,mBAAmB,CAAC,OAAO,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC;YACpE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAChE,GAAG,CAAC,MAAM,EAAE,uDAAuD,EAAE;oBACnE,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;oBAC/C,aAAa,EAAE,YAAY;oBAC3B,WAAW,EAAE,UAAU;iBACxB,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,EAAE,eAAe,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;gBACpF,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,MAAM,WAAW,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACzB,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;gBACjC,IAAI,KAAK,CAAC,OAAO,KAAK,IAAI,IAAI,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAC7E,IAAI,SAAS,CAAC,KAAK,CAAC,OAAO,EAAE,WAAW,CAAC,EAAE,CAAC;oBAC1C,GAAG,CAAC,MAAM,EAAE,kDAAkD,EAAE;wBAC9D,QAAQ,EAAE,KAAK,CAAC,QAAQ;wBACxB,aAAa,EAAE,YAAY;wBAC3B,WAAW,EAAE,UAAU;qBACxB,CAAC,CAAC;oBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,EAAE,eAAe,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;oBACpF,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3D,IAAI,OAAkD,CAAC;YACvD,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAClE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,oEAAoE;gBACpE,GAAG,CAAC,MAAM,EAAE,sCAAuC,GAAa,CAAC,OAAO,6BAA6B,CAAC,CAAC;gBACvG,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,oBAAoB,IAAI,OAAO,CAAC;gBACxE,IAAI,aAAa,KAAK,OAAO,EAAE,CAAC;oBAC9B,OAAO,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;gBAC1C,CAAC;qBAAM,CAAC;oBACN,OAAO;gBACT,CAAC;YACH,CAAC;YAED,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACnB,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACzB,4EAA4E;gBAC5E,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,eAAe,CAAC;gBACpG,GAAG,CAAC,MAAM,EAAE,8CAA8C,EAAE;oBAC1D,eAAe,EAAE,aAAa;oBAC9B,aAAa,EAAE,YAAY;oBAC3B,WAAW,EAAE,UAAU;iBACxB,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,oBAAoB,CAAC,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,oBAAoB;IACpB,4EAA4E;IAE5E;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAC/B,OAAkB,EAClB,YAAoB,EACpB,UAAkB;QAElB,MAAM,OAAO,GAAc,EAAE,CAAC;QAE9B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,IACE,IAAI,KAAK,IAAI;gBACb,OAAO,IAAI,KAAK,QAAQ;gBACvB,IAAgC,CAAC,MAAM,CAAC,KAAK,MAAM;gBACpD,OAAQ,IAAgC,CAAC,MAAM,CAAC,KAAK,QAAQ,EAC7D,CAAC;gBACD,MAAM,IAAI,GAAI,IAAuC,CAAC,IAAI,CAAC;gBAE3D,IAAI,IAAI,CAAC,MAAM,IAAI,cAAc,EAAE,CAAC;oBAClC,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAC;oBACzC,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;oBAEnC,iEAAiE;oBACjE,MAAM,OAAO,GAAG,IAAI,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;oBAC3C,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;oBACjG,qDAAqD;oBACrD,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;wBACnC,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;oBAC7B,CAAC;oBAED,MAAM,eAAe,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC9C,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;oBAErC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE;wBACxB,QAAQ;wBACR,QAAQ;wBACR,WAAW,EAAE,aAAa;wBAC1B,aAAa,EAAE,YAAY;wBAC3B,WAAW,EAAE,UAAU;wBACvB,cAAc,EAAE,QAAQ;wBACxB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,IAAI;wBAC5C,eAAe;wBACf,OAAO;qBACR,CAAC,CAAC;oBAEH,MAAM,WAAW,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;oBACzD,GAAG,CAAC,OAAO,EAAE,+BAA+B,EAAE,EAAE,QAAQ,EAAE,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAC;oBAElH,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;oBAClD,SAAS;gBACX,CAAC;YACH,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;QAED,sDAAsD;QACtD,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAE5D,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,4EAA4E;IAC5E,oCAAoC;IACpC,4EAA4E;IAEpE,eAAe,CACrB,IAA6B;QAE7B,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC9C,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;YAClC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;gBAC7D,MAAM,IAAI,QAAQ,CAAC,SAAS,CAAC,aAAa,EAAE,8BAA8B,CAAC,CAAC;YAC9E,CAAC;QACH,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QAClD,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC;QACvE,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,GAAG,WAAW,CAAC;QACpD,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAC7D,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;QAE1D,MAAM,cAAc,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3C,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,cAAc,EAAE,CAAC,CAAC,cAAc;YAChC,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,MAAM,EAAE,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;YACjD,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;YACtC,wCAAwC;SACzC,CAAC,CAAC,CAAC;QAEJ,OAAO;YACL,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU;wBACjC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU;wBACjC,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa;wBACvC,UAAU,EAAE,IAAI;wBAChB,OAAO,EAAE;4BACP,YAAY,EAAE,SAAS,CAAC,MAAM;4BAC9B,aAAa,EAAE,WAAW;4BAC1B,cAAc,EAAE,YAAY;4BAC5B,aAAa,EAAE,WAAW;4BAC1B,oBAAoB,EAAE,SAAS,CAAC,MAAM;4BACtC,kBAAkB,EAAE,IAAI,CAAC,iBAAiB;4BAC1C,eAAe,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;4BACtC,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,eAAe,IAAI,EAAE;4BACzD,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,aAAa,IAAI,IAAI;yBACxD;wBACD,MAAM,EAAE,cAAc;wBACtB,cAAc,EAAE,SAAS;qBAC1B,CAAC;iBACH;aACF;SACF,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,yBAAyB;IACzB,4EAA4E;IAE5E;;;;OAIG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAAqB,EACrB,WAAmB,EACnB,eAAwB;QAExB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAEvC,MAAM,YAAY,GAChB,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS;gBAC9B,CAAC,CAAC,QAAQ,CAAC;QAEb,sDAAsD;QACtD,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE;YACxB,QAAQ,EAAE,WAAW,eAAe,IAAI,SAAS,EAAE;YACnD,gBAAgB,EAAE,eAAe;YACjC,aAAa;YACb,WAAW;YACX,YAAY;YACZ,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,IAAI;SACxB,CAAC,CAAC;QAEH,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAE5D,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YACpB,MAAM,IAAI,QAAQ,CAChB,SAAS,CAAC,aAAa,EACvB,sEAAsE,CACvE,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,QAAgB,EAChB,gBAAmD,EACnD,aAAsB,EACtB,WAAoB;QAEpB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAEvC,MAAM,YAAY,GAChB,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS;gBAC9B,CAAC,CAAC,QAAQ,CAAC;QAEb,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE;YACxB,QAAQ;YACR,gBAAgB;YAChB,aAAa;YACb,WAAW;YACX,YAAY;YACZ,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,IAAI;SACxB,CAAC,CAAC;QAEH,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAE5D,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YACpB,MAAM,IAAI,QAAQ,CAChB,SAAS,CAAC,aAAa,EACvB,+DAA+D,CAChE,CAAC;QACJ,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}

package/dist/proxy/auditor/DualAuditor.d.ts

@@ -0,0 +1,27 @@
+/**
+ * DualAuditor — runs two independent LLM auditors in parallel.
+ *
+ * Both auditors must return CLEAN for the overall verdict to be CLEAN.
+ * If either returns DERIVED (or times out / errors), the call is blocked.
+ *
+ * Using two different model providers makes it much harder for a
+ * prompt-injection payload to fool both simultaneously.
+ */
+import type { AuditorConfig, AuditResult } from './types.js';
+import type { StoredToolResult } from './types.js';
+export interface DualAuditOutcome {
+    /** True only if both auditors returned CLEAN. */
+    clean: boolean;
+    /** Individual results from each auditor. */
+    results: Array<{
+        provider: string;
+        result: AuditResult;
+    }>;
+}
+export declare class DualAuditor {
+    private readonly auditors;
+    private readonly configs;
+    constructor(configs: AuditorConfig[]);
+    check(storedResults: StoredToolResult[], outboundArgs: string): Promise<DualAuditOutcome>;
+}
+//# sourceMappingURL=DualAuditor.d.ts.map

package/dist/proxy/auditor/DualAuditor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DualAuditor.d.ts","sourceRoot":"","sources":["../../../src/proxy/auditor/DualAuditor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAInD,MAAM,WAAW,gBAAgB;IAC/B,iDAAiD;IACjD,KAAK,EAAE,OAAO,CAAC;IACf,4CAA4C;IAC5C,OAAO,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,WAAW,CAAA;KAAE,CAAC,CAAC;CAC3D;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAe;IACxC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAkB;gBAE9B,OAAO,EAAE,aAAa,EAAE;IAU9B,KAAK,CACT,aAAa,EAAE,gBAAgB,EAAE,EACjC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,gBAAgB,CAAC;CAwB7B"}

package/dist/proxy/auditor/DualAuditor.js

@@ -0,0 +1,44 @@
+/**
+ * DualAuditor — runs two independent LLM auditors in parallel.
+ *
+ * Both auditors must return CLEAN for the overall verdict to be CLEAN.
+ * If either returns DERIVED (or times out / errors), the call is blocked.
+ *
+ * Using two different model providers makes it much harder for a
+ * prompt-injection payload to fool both simultaneously.
+ */
+import { LLMAuditor } from './LLMAuditor.js';
+import { log } from '../../logger.js';
+export class DualAuditor {
+    auditors;
+    configs;
+    constructor(configs) {
+        if (configs.length < 2) {
+            throw new Error(`DualAuditor requires exactly 2 auditor configs, got ${configs.length}.`);
+        }
+        this.configs = configs;
+        this.auditors = configs.map((c) => new LLMAuditor(c));
+    }
+    async check(storedResults, outboundArgs) {
+        const [resultA, resultB] = await Promise.all([
+            this.auditors[0].check(storedResults, outboundArgs),
+            this.auditors[1].check(storedResults, outboundArgs),
+        ]);
+        const results = [
+            { provider: this.configs[0].provider, result: resultA },
+            { provider: this.configs[1].provider, result: resultB },
+        ];
+        const clean = resultA.verdict === 'CLEAN' && resultB.verdict === 'CLEAN';
+        if (!clean) {
+            log('warn', 'DualAuditor: DERIVED verdict — outbound call blocked.', {
+                auditor_a: { provider: this.configs[0].provider, verdict: resultA.verdict, fail_safe: resultA.fail_safe },
+                auditor_b: { provider: this.configs[1].provider, verdict: resultB.verdict, fail_safe: resultB.fail_safe },
+            });
+        }
+        else {
+            log('debug', 'DualAuditor: both auditors returned CLEAN.');
+        }
+        return { clean, results };
+    }
+}
+//# sourceMappingURL=DualAuditor.js.map

package/dist/proxy/auditor/DualAuditor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DualAuditor.js","sourceRoot":"","sources":["../../../src/proxy/auditor/DualAuditor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AAStC,MAAM,OAAO,WAAW;IACL,QAAQ,CAAe;IACvB,OAAO,CAAkB;IAE1C,YAAY,OAAwB;QAClC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CACb,uDAAuD,OAAO,CAAC,MAAM,GAAG,CACzE,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,KAAK,CACT,aAAiC,EACjC,YAAoB;QAEpB,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YAC3C,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC,aAAa,EAAE,YAAY,CAAC;YACpD,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC,aAAa,EAAE,YAAY,CAAC;SACrD,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG;YACd,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;YACxD,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;SACzD,CAAC;QAEF,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,KAAK,OAAO,IAAI,OAAO,CAAC,OAAO,KAAK,OAAO,CAAC;QAEzE,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,CAAC,MAAM,EAAE,uDAAuD,EAAE;gBACnE,SAAS,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE;gBAC1G,SAAS,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE;aAC3G,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,OAAO,EAAE,4CAA4C,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC5B,CAAC;CACF"}

package/dist/proxy/auditor/LLMAuditor.d.ts

@@ -0,0 +1,16 @@
+/**
+ * LLMAuditor — sends one audit request to a single LLM provider.
+ *
+ * Supports Anthropic, OpenAI, and Google (Gemini) via their REST APIs.
+ * Uses Node 18+ built-in `fetch` — no extra runtime dependencies.
+ *
+ * Fail-safe: any unexpected response, timeout, or network error returns
+ * { verdict: 'DERIVED', fail_safe: true } so the proxy blocks by default.
+ */
+import type { AuditorConfig, AuditResult, StoredToolResult } from './types.js';
+export declare class LLMAuditor {
+    private readonly config;
+    constructor(config: AuditorConfig);
+    check(storedResults: StoredToolResult[], outboundArgs: string): Promise<AuditResult>;
+}
+//# sourceMappingURL=LLMAuditor.d.ts.map

package/dist/proxy/auditor/LLMAuditor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"LLMAuditor.d.ts","sourceRoot":"","sources":["../../../src/proxy/auditor/LLMAuditor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAgM/E,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;gBAE3B,MAAM,EAAE,aAAa;IAI3B,KAAK,CACT,aAAa,EAAE,gBAAgB,EAAE,EACjC,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,WAAW,CAAC;CA+DxB"}