@goplus/agentguard 1.0.1 → 1.0.4

package/dist/adapters/openclaw-plugin.js

@@ -0,0 +1,369 @@
+"use strict";
+/**
+ * GoPlus AgentGuard — OpenClaw Plugin
+ *
+ * Registers before_tool_call, after_tool_call, and session_start hooks
+ * with the OpenClaw plugin API to evaluate tool safety at runtime and
+ * auto-scan installed skills on session startup.
+ *
+ * Features:
+ * - Auto-scan all loaded plugins on registration
+ * - Auto-scan skill directories (~/.openclaw/skills/, ~/.claude/skills/) on session_start
+ * - Auto-register plugins to AgentGuard trust registry
+ * - Build toolName → pluginId mapping for initiating skill inference
+ *
+ * Usage in OpenClaw plugin config:
+ *   import agentguard from '@goplus/agentguard/openclaw';
+ *   export default agentguard;
+ *
+ * Or register manually:
+ *   import { registerOpenClawPlugin } from '@goplus/agentguard';
+ *   registerOpenClawPlugin(api);
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getPluginIdFromTool = getPluginIdFromTool;
+exports.getPluginScanResult = getPluginScanResult;
+exports.registerOpenClawPlugin = registerOpenClawPlugin;
+exports.default = register;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const node_os_1 = require("node:os");
+const path = __importStar(require("node:path"));
+const openclaw_js_1 = require("./openclaw.js");
+const engine_js_1 = require("./engine.js");
+const common_js_1 = require("./common.js");
+const index_js_1 = require("../scanner/index.js");
+const index_js_2 = require("../registry/index.js");
+// ---------------------------------------------------------------------------
+// Auto-scan helpers (skill directories)
+// ---------------------------------------------------------------------------
+const OPENCLAW_SKILLS_DIR = (0, node_path_1.join)((0, node_os_1.homedir)(), '.openclaw', 'skills');
+const CLAUDE_SKILLS_DIR = (0, node_path_1.join)((0, node_os_1.homedir)(), '.claude', 'skills');
+const AGENTGUARD_DIR = process.env.AGENTGUARD_HOME || (0, node_path_1.join)((0, node_os_1.homedir)(), '.agentguard');
+const AUDIT_PATH = (0, node_path_1.join)(AGENTGUARD_DIR, 'audit.jsonl');
+function ensureAgentGuardDir() {
+    if (!(0, node_fs_1.existsSync)(AGENTGUARD_DIR)) {
+        (0, node_fs_1.mkdirSync)(AGENTGUARD_DIR, { recursive: true });
+    }
+}
+function writeScanAuditLog(entry) {
+    try {
+        ensureAgentGuardDir();
+        (0, node_fs_1.appendFileSync)(AUDIT_PATH, JSON.stringify(entry) + '\n');
+    }
+    catch {
+        // Non-critical
+    }
+}
+/**
+ * Discover skill directories (containing SKILL.md) under the given path.
+ */
+function discoverSkillDirs(skillsDir) {
+    if (!(0, node_fs_1.existsSync)(skillsDir))
+        return [];
+    const skills = [];
+    try {
+        const entries = (0, node_fs_1.readdirSync)(skillsDir, { withFileTypes: true });
+        for (const entry of entries) {
+            if (!entry.isDirectory())
+                continue;
+            const skillDir = (0, node_path_1.join)(skillsDir, entry.name);
+            if ((0, node_fs_1.existsSync)((0, node_path_1.join)(skillDir, 'SKILL.md'))) {
+                skills.push({ name: entry.name, path: skillDir });
+            }
+        }
+    }
+    catch {
+        // Can't read skills dir
+    }
+    return skills;
+}
+/**
+ * Scan skill directories (~/.openclaw/skills/ and ~/.claude/skills/).
+ * Scan-only mode: reports results via logger, does NOT modify the trust registry.
+ * Users can register skills manually with /agentguard trust attest.
+ */
+async function autoScanSkillDirs(scanner, _registry, logger) {
+    const skills = [
+        ...discoverSkillDirs(OPENCLAW_SKILLS_DIR),
+        ...discoverSkillDirs(CLAUDE_SKILLS_DIR),
+    ];
+    if (skills.length === 0)
+        return;
+    let scanned = 0;
+    for (const skill of skills) {
+        // Skip self
+        if (skill.name === 'agentguard')
+            continue;
+        try {
+            const result = await scanner.quickScan(skill.path);
+            scanned++;
+            // Audit log — only record skill name, risk level, and tag names (no code/evidence)
+            writeScanAuditLog({
+                timestamp: new Date().toISOString(),
+                event: 'auto_scan',
+                skill_name: skill.name,
+                risk_level: result.risk_level,
+                risk_tags: result.risk_tags,
+            });
+            logger(`[AgentGuard] Skill "${skill.name}": ${result.risk_level} risk [${result.risk_tags.join(', ')}]`);
+        }
+        catch {
+            // Skip skills that fail to scan
+        }
+    }
+    if (scanned > 0) {
+        logger(`[AgentGuard] Scanned ${scanned} skill dir(s). Use /agentguard trust attest to register.`);
+    }
+}
+// ---------------------------------------------------------------------------
+// Global State
+// ---------------------------------------------------------------------------
+/** Symbol to access OpenClaw's global registry */
+const OPENCLAW_REGISTRY_STATE = Symbol.for('openclaw.pluginRegistryState');
+/** Tool name → Plugin ID mapping */
+const toolToPluginMap = new Map();
+/** Plugin ID → Scan result cache */
+const pluginScanCache = new Map();
+// ---------------------------------------------------------------------------
+// Helper Functions
+// ---------------------------------------------------------------------------
+/**
+ * Get OpenClaw's active plugin registry via global symbol
+ */
+function getOpenClawRegistry() {
+    const globalState = globalThis;
+    const state = globalState[OPENCLAW_REGISTRY_STATE];
+    return state?.registry ?? null;
+}
+/**
+ * Get plugin directory from source path
+ */
+function getPluginDir(source) {
+    // source is typically the entry file (e.g., /path/to/plugin/index.ts)
+    // We want the directory
+    return path.dirname(source);
+}
+/**
+ * Scan a plugin and cache its risk level. Scan-only: does NOT modify trust registry.
+ * Users can register plugins manually with /agentguard trust attest.
+ */
+async function scanAndRegisterPlugin(plugin, scanner, _registry, logger) {
+    // Skip if already scanned
+    if (pluginScanCache.has(plugin.id)) {
+        return;
+    }
+    const pluginDir = getPluginDir(plugin.source);
+    try {
+        // Perform scan
+        const scanResult = await scanner.quickScan(pluginDir);
+        // Cache result (for runtime before_tool_call checks)
+        pluginScanCache.set(plugin.id, {
+            riskLevel: scanResult.risk_level,
+            riskTags: scanResult.risk_tags,
+        });
+        // Build tool → plugin mapping
+        for (const toolName of plugin.toolNames) {
+            toolToPluginMap.set(toolName, plugin.id);
+        }
+        logger(`[AgentGuard] Scanned plugin "${plugin.id}": ${scanResult.risk_level} risk [${scanResult.risk_tags.join(', ')}]`);
+    }
+    catch (err) {
+        // If scan fails, cache as unknown
+        pluginScanCache.set(plugin.id, {
+            riskLevel: 'unknown',
+            riskTags: ['SCAN_FAILED'],
+        });
+        // Still build tool mapping
+        for (const toolName of plugin.toolNames) {
+            toolToPluginMap.set(toolName, plugin.id);
+        }
+        logger(`[AgentGuard] Plugin "${plugin.id}" scan failed: ${String(err)}`);
+    }
+}
+/**
+ * Scan all loaded OpenClaw plugins
+ */
+async function scanAllPlugins(scanner, registry, logger, selfPluginId) {
+    const openclawRegistry = getOpenClawRegistry();
+    if (!openclawRegistry) {
+        logger('[AgentGuard] OpenClaw registry not available, skipping plugin auto-scan');
+        return;
+    }
+    const plugins = openclawRegistry.plugins.filter(p => p.status === 'loaded' &&
+        p.enabled &&
+        p.id !== selfPluginId // Don't scan ourselves
+    );
+    logger(`[AgentGuard] Auto-scanning ${plugins.length} loaded plugins...`);
+    // Scan plugins in parallel (with concurrency limit)
+    const CONCURRENCY = 3;
+    for (let i = 0; i < plugins.length; i += CONCURRENCY) {
+        const batch = plugins.slice(i, i + CONCURRENCY);
+        await Promise.all(batch.map(plugin => scanAndRegisterPlugin(plugin, scanner, registry, logger)));
+    }
+    logger(`[AgentGuard] Plugin auto-scan complete. ${toolToPluginMap.size} tools mapped.`);
+}
+/**
+ * Get plugin ID from tool name
+ */
+function getPluginIdFromTool(toolName) {
+    return toolToPluginMap.get(toolName) ?? null;
+}
+/**
+ * Get scan result for a plugin
+ */
+function getPluginScanResult(pluginId) {
+    return pluginScanCache.get(pluginId) ?? null;
+}
+// ---------------------------------------------------------------------------
+// Main Registration
+// ---------------------------------------------------------------------------
+/**
+ * Register AgentGuard hooks with OpenClaw plugin API
+ */
+function registerOpenClawPlugin(api, options = {}) {
+    const adapter = new openclaw_js_1.OpenClawAdapter();
+    const config = options.level ? { level: options.level } : (0, common_js_1.loadConfig)();
+    const scanner = options.scanner ?? new index_js_1.SkillScanner({ useExternalScanner: false });
+    const trustRegistry = options.registry ?? new index_js_2.SkillRegistry();
+    // Simple logger
+    const logger = (msg) => console.log(msg);
+    // Lazy-initialize agentguard instance
+    let agentguard = null;
+    function getAgentGuard() {
+        if (!agentguard) {
+            if (options.agentguardFactory) {
+                agentguard = options.agentguardFactory();
+            }
+            else {
+                try {
+                    // eslint-disable-next-line @typescript-eslint/no-require-imports
+                    const { createAgentGuard } = require('@goplus/agentguard');
+                    agentguard = createAgentGuard();
+                }
+                catch {
+                    throw new Error('AgentGuard: unable to load engine. Install @goplus/agentguard.');
+                }
+            }
+        }
+        return agentguard;
+    }
+    // Auto-scan plugins on registration (async, non-blocking, opt-in)
+    if (options.skipAutoScan === false) {
+        // Use setImmediate to allow plugin registration to complete first
+        setImmediate(async () => {
+            try {
+                await scanAllPlugins(scanner, trustRegistry, logger, api.id);
+            }
+            catch (err) {
+                logger(`[AgentGuard] Plugin auto-scan error: ${String(err)}`);
+            }
+        });
+    }
+    // session_start → auto-scan skill directories (only when opt-in)
+    if (options.skipAutoScan === false) {
+        api.on('session_start', async () => {
+            try {
+                await autoScanSkillDirs(scanner, trustRegistry, logger);
+            }
+            catch {
+                // Non-critical — never block session startup
+            }
+        });
+    }
+    // before_tool_call → evaluate and optionally block
+    api.on('before_tool_call', async (event) => {
+        try {
+            // Try to infer plugin from tool name
+            const toolEvent = event;
+            const pluginId = toolEvent.toolName ? getPluginIdFromTool(toolEvent.toolName) : null;
+            // Check if plugin is untrusted
+            if (pluginId) {
+                const scanResult = getPluginScanResult(pluginId);
+                if (scanResult?.riskLevel === 'critical') {
+                    return {
+                        block: true,
+                        blockReason: `GoPlus AgentGuard: Plugin "${pluginId}" has critical security findings and is blocked. Run /agentguard trust attest to manually approve.`,
+                    };
+                }
+            }
+            const result = await (0, engine_js_1.evaluateHook)(adapter, event, {
+                config,
+                agentguard: getAgentGuard(),
+            });
+            if (result.decision === 'deny') {
+                return {
+                    block: true,
+                    blockReason: result.reason || 'Blocked by GoPlus AgentGuard',
+                };
+            }
+            // OpenClaw has no 'ask' mode — block with explanation in strict/balanced
+            if (result.decision === 'ask') {
+                return {
+                    block: true,
+                    blockReason: result.reason || 'Requires confirmation (GoPlus AgentGuard)',
+                };
+            }
+            return undefined; // allow
+        }
+        catch {
+            // Fail open
+            return undefined;
+        }
+    });
+    // after_tool_call → audit log
+    api.on('after_tool_call', async (event) => {
+        try {
+            const input = adapter.parseInput(event);
+            const toolEvent = event;
+            const pluginId = toolEvent.toolName ? getPluginIdFromTool(toolEvent.toolName) : null;
+            (0, common_js_1.writeAuditLog)(input, null, pluginId);
+        }
+        catch {
+            // Non-critical
+        }
+    });
+    logger(`[AgentGuard] Registered with OpenClaw (protection level: ${config.level || 'balanced'})`);
+}
+/**
+ * Default export for OpenClaw plugin registration
+ *
+ * Usage: export default from '@goplus/agentguard/openclaw'
+ */
+function register(api) {
+    registerOpenClawPlugin(api);
+}
+//# sourceMappingURL=openclaw-plugin.js.map

package/dist/adapters/openclaw-plugin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openclaw-plugin.js","sourceRoot":"","sources":["../../src/adapters/openclaw-plugin.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8RH,kDAEC;AAKD,kDAEC;AASD,wDAiHC;AAOD,2BAEC;AAxaD,qCAA6E;AAC7E,yCAAiC;AACjC,qCAAkC;AAClC,gDAAkC;AAClC,+CAAgD;AAChD,2CAA2C;AAC3C,2CAAwD;AAExD,kDAAmD;AACnD,mDAAqD;AAqCrD,8EAA8E;AAC9E,wCAAwC;AACxC,8EAA8E;AAE9E,MAAM,mBAAmB,GAAG,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;AACnE,MAAM,iBAAiB,GAAG,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;AAC/D,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,aAAa,CAAC,CAAC;AACrF,MAAM,UAAU,GAAG,IAAA,gBAAI,EAAC,cAAc,EAAE,aAAa,CAAC,CAAC;AAEvD,SAAS,mBAAmB;IAC1B,IAAI,CAAC,IAAA,oBAAU,EAAC,cAAc,CAAC,EAAE,CAAC;QAChC,IAAA,mBAAS,EAAC,cAAc,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,KAA8B;IACvD,IAAI,CAAC;QACH,mBAAmB,EAAE,CAAC;QACtB,IAAA,wBAAc,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,SAAiB;IAC1C,IAAI,CAAC,IAAA,oBAAU,EAAC,SAAS,CAAC;QAAE,OAAO,EAAE,CAAC;IACtC,MAAM,MAAM,GAAqC,EAAE,CAAC;IACpD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAA,qBAAW,EAAC,SAAS,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAChE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;gBAAE,SAAS;YACnC,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAC7C,IAAI,IAAA,oBAAU,EAAC,IAAA,gBAAI,EAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC;gBAC3C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,wBAAwB;IAC1B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,iBAAiB,CAC9B,OAAqB,EACrB,SAAwB,EACxB,MAA6B;IAE7B,MAAM,MAAM,GAAG;QACb,GAAG,iBAAiB,CAAC,mBAAmB,CAAC;QACzC,GAAG,iBAAiB,CAAC,iBAAiB,CAAC;KACxC,CAAC;IAEF,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAEhC,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,YAAY;QACZ,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY;YAAE,SAAS;QAE1C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACnD,OAAO,EAAE,CAAC;YAEV,mFAAmF;YACnF,iBAAiB,CAAC;gBAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,KAAK,EAAE,WAAW;gBAClB,UAAU,EAAE,KAAK,CAAC,IAAI;gBACtB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;aAC5B,CAAC,CAAC;YAEH,MAAM,CAAC,uBAAuB,KAAK,CAAC,IAAI,MAAM,MAAM,CAAC,UAAU,UAAU,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3G,CAAC;QAAC,MAAM,CAAC;YACP,gCAAgC;QAClC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,MAAM,CAAC,wBAAwB,OAAO,0DAA0D,CAAC,CAAC;IACpG,CAAC;AACH,CAAC;AAsBD,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E,kDAAkD;AAClD,MAAM,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;AAE3E,oCAAoC;AACpC,MAAM,eAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;AAElD,oCAAoC;AACpC,MAAM,eAAe,GAAG,IAAI,GAAG,EAAqD,CAAC;AAErF,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E;;GAEG;AACH,SAAS,mBAAmB;IAC1B,MAAM,WAAW,GAAG,UAEnB,CAAC;IACF,MAAM,KAAK,GAAG,WAAW,CAAC,uBAAuB,CAAC,CAAC;IACnD,OAAO,KAAK,EAAE,QAAQ,IAAI,IAAI,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,MAAc;IAClC,sEAAsE;IACtE,wBAAwB;IACxB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAC9B,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,qBAAqB,CAClC,MAA4B,EAC5B,OAAqB,EACrB,SAAwB,EACxB,MAA6B;IAE7B,0BAA0B;IAC1B,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;QACnC,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAE9C,IAAI,CAAC;QACH,eAAe;QACf,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEtD,qDAAqD;QACrD,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE;YAC7B,SAAS,EAAE,UAAU,CAAC,UAAU;YAChC,QAAQ,EAAE,UAAU,CAAC,SAAS;SAC/B,CAAC,CAAC;QAEH,8BAA8B;QAC9B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACxC,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,CAAC,gCAAgC,MAAM,CAAC,EAAE,MAAM,UAAU,CAAC,UAAU,UAAU,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3H,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,kCAAkC;QAClC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE;YAC7B,SAAS,EAAE,SAAS;YACpB,QAAQ,EAAE,CAAC,aAAa,CAAC;SAC1B,CAAC,CAAC;QAEH,2BAA2B;QAC3B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACxC,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,CAAC,wBAAwB,MAAM,CAAC,EAAE,kBAAkB,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,OAAqB,EACrB,QAAuB,EACvB,MAA6B,EAC7B,YAAqB;IAErB,MAAM,gBAAgB,GAAG,mBAAmB,EAAE,CAAC;IAE/C,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,CAAC,yEAAyE,CAAC,CAAC;QAClF,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAClD,CAAC,CAAC,MAAM,KAAK,QAAQ;QACrB,CAAC,CAAC,OAAO;QACT,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,uBAAuB;KAC9C,CAAC;IAEF,MAAM,CAAC,8BAA8B,OAAO,CAAC,MAAM,oBAAoB,CAAC,CAAC;IAEzE,oDAAoD;IACpD,MAAM,WAAW,GAAG,CAAC,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC;QAChD,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,qBAAqB,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAC9E,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,2CAA2C,eAAe,CAAC,IAAI,gBAAgB,CAAC,CAAC;AAC1F,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,OAAO,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,OAAO,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;AAC/C,CAAC;AAED,8EAA8E;AAC9E,oBAAoB;AACpB,8EAA8E;AAE9E;;GAEG;AACH,SAAgB,sBAAsB,CACpC,GAAsB,EACtB,UAAiC,EAAE;IAEnC,MAAM,OAAO,GAAG,IAAI,6BAAe,EAAE,CAAC;IACtC,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAA,sBAAU,GAAE,CAAC;IACvE,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,uBAAY,CAAC,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAAC,CAAC;IACnF,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,wBAAa,EAAE,CAAC;IAE9D,gBAAgB;IAChB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAEjD,sCAAsC;IACtC,IAAI,UAAU,GAA8B,IAAI,CAAC;IAEjD,SAAS,aAAa;QACpB,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBAC9B,UAAU,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC;YAC3C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC;oBACH,iEAAiE;oBACjE,MAAM,EAAE,gBAAgB,EAAE,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;oBAC3D,UAAU,GAAG,gBAAgB,EAAE,CAAC;gBAClC,CAAC;gBAAC,MAAM,CAAC;oBACP,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;gBACpF,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,UAAW,CAAC;IACrB,CAAC;IAED,kEAAkE;IAClE,IAAI,OAAO,CAAC,YAAY,KAAK,KAAK,EAAE,CAAC;QACnC,kEAAkE;QAClE,YAAY,CAAC,KAAK,IAAI,EAAE;YACtB,IAAI,CAAC;gBACH,MAAM,cAAc,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC/D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,wCAAwC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,iEAAiE;IACjE,IAAI,OAAO,CAAC,YAAY,KAAK,KAAK,EAAE,CAAC;QACnC,GAAG,CAAC,EAAE,CAAC,eAAe,EAAE,KAAK,IAAI,EAAE;YACjC,IAAI,CAAC;gBACH,MAAM,iBAAiB,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;YAC1D,CAAC;YAAC,MAAM,CAAC;gBACP,6CAA6C;YAC/C,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,mDAAmD;IACnD,GAAG,CAAC,EAAE,CAAC,kBAAkB,EAAE,KAAK,EAAE,KAAc,EAAE,EAAE;QAClD,IAAI,CAAC;YACH,qCAAqC;YACrC,MAAM,SAAS,GAAG,KAA8B,CAAC;YACjD,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YAErF,+BAA+B;YAC/B,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,UAAU,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACjD,IAAI,UAAU,EAAE,SAAS,KAAK,UAAU,EAAE,CAAC;oBACzC,OAAO;wBACL,KAAK,EAAE,IAAI;wBACX,WAAW,EAAE,8BAA8B,QAAQ,oGAAoG;qBACxJ,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAY,EAAC,OAAO,EAAE,KAAK,EAAE;gBAChD,MAAM;gBACN,UAAU,EAAE,aAAa,EAAE;aAC5B,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC/B,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,WAAW,EAAE,MAAM,CAAC,MAAM,IAAI,8BAA8B;iBAC7D,CAAC;YACJ,CAAC;YAED,yEAAyE;YACzE,IAAI,MAAM,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBAC9B,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,WAAW,EAAE,MAAM,CAAC,MAAM,IAAI,2CAA2C;iBAC1E,CAAC;YACJ,CAAC;YAED,OAAO,SAAS,CAAC,CAAC,QAAQ;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;YACZ,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,8BAA8B;IAC9B,GAAG,CAAC,EAAE,CAAC,iBAAiB,EAAE,KAAK,EAAE,KAAc,EAAE,EAAE;QACjD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YACxC,MAAM,SAAS,GAAG,KAA8B,CAAC;YACjD,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACrF,IAAA,yBAAa,EAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC;YACP,eAAe;QACjB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,4DAA4D,MAAM,CAAC,KAAK,IAAI,UAAU,GAAG,CAAC,CAAC;AACpG,CAAC;AAED;;;;GAIG;AACH,SAAwB,QAAQ,CAAC,GAAsB;IACrD,sBAAsB,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC"}

package/dist/adapters/openclaw.d.ts

@@ -0,0 +1,22 @@
+import type { ActionEnvelope } from '../types/action.js';
+import type { HookAdapter, HookInput } from './types.js';
+/**
+ * OpenClaw hook adapter
+ *
+ * Bridges OpenClaw's before_tool_call / after_tool_call plugin hooks
+ * to the common AgentGuard decision engine.
+ *
+ * OpenClaw plugin hooks receive an event object:
+ *   { toolName: string, params: Record<string, any>, toolCallId?: string }
+ *
+ * Blocking is done by returning { block: true, blockReason: "..." }
+ * from the before_tool_call handler.
+ */
+export declare class OpenClawAdapter implements HookAdapter {
+    readonly name = "openclaw";
+    parseInput(raw: unknown): HookInput;
+    mapToolToActionType(toolName: string): string | null;
+    buildEnvelope(input: HookInput, initiatingSkill?: string | null): ActionEnvelope | null;
+    inferInitiatingSkill(input: HookInput): Promise<string | null>;
+}
+//# sourceMappingURL=openclaw.d.ts.map

package/dist/adapters/openclaw.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"openclaw.d.ts","sourceRoot":"","sources":["../../src/adapters/openclaw.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAazD;;;;;;;;;;;GAWG;AACH,qBAAa,eAAgB,YAAW,WAAW;IACjD,QAAQ,CAAC,IAAI,cAAc;IAE3B,UAAU,CAAC,GAAG,EAAE,OAAO,GAAG,SAAS;IAUnC,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAcpD,aAAa,CAAC,KAAK,EAAE,SAAS,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,cAAc,GAAG,IAAI;IAgEjF,oBAAoB,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CAUrE"}

package/dist/adapters/openclaw.js

@@ -0,0 +1,118 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OpenClawAdapter = void 0;
+/**
+ * Tool name → action type mapping for OpenClaw
+ */
+const TOOL_ACTION_MAP = {
+    exec: 'exec_command',
+    write: 'write_file',
+    read: 'read_file',
+    web_fetch: 'network_request',
+    browser: 'network_request',
+};
+/**
+ * OpenClaw hook adapter
+ *
+ * Bridges OpenClaw's before_tool_call / after_tool_call plugin hooks
+ * to the common AgentGuard decision engine.
+ *
+ * OpenClaw plugin hooks receive an event object:
+ *   { toolName: string, params: Record<string, any>, toolCallId?: string }
+ *
+ * Blocking is done by returning { block: true, blockReason: "..." }
+ * from the before_tool_call handler.
+ */
+class OpenClawAdapter {
+    name = 'openclaw';
+    parseInput(raw) {
+        const event = raw;
+        return {
+            toolName: event.toolName || '',
+            toolInput: event.params || {},
+            eventType: 'pre', // before_tool_call = pre
+            raw: event,
+        };
+    }
+    mapToolToActionType(toolName) {
+        // Direct match
+        if (TOOL_ACTION_MAP[toolName]) {
+            return TOOL_ACTION_MAP[toolName];
+        }
+        // Prefix match for tool families (e.g. "exec_python" → "exec_command")
+        for (const [prefix, actionType] of Object.entries(TOOL_ACTION_MAP)) {
+            if (toolName.startsWith(prefix)) {
+                return actionType;
+            }
+        }
+        return null;
+    }
+    buildEnvelope(input, initiatingSkill) {
+        const actionType = this.mapToolToActionType(input.toolName);
+        if (!actionType)
+            return null;
+        const actor = {
+            skill: {
+                id: initiatingSkill || 'openclaw-session',
+                source: initiatingSkill || 'openclaw',
+                version_ref: '0.0.0',
+                artifact_hash: '',
+            },
+        };
+        const context = {
+            session_id: `openclaw-${Date.now()}`,
+            user_present: true,
+            env: 'prod',
+            time: new Date().toISOString(),
+            initiating_skill: initiatingSkill || undefined,
+        };
+        let actionData;
+        switch (actionType) {
+            case 'exec_command':
+                actionData = {
+                    command: input.toolInput.command || '',
+                    args: [],
+                };
+                break;
+            case 'write_file':
+                actionData = {
+                    path: input.toolInput.path ||
+                        input.toolInput.file_path || '',
+                };
+                break;
+            case 'read_file':
+                actionData = {
+                    path: input.toolInput.path ||
+                        input.toolInput.file_path || '',
+                };
+                break;
+            case 'network_request':
+                actionData = {
+                    method: input.toolInput.method || 'GET',
+                    url: input.toolInput.url || '',
+                    body_preview: input.toolInput.body,
+                };
+                break;
+            default:
+                return null;
+        }
+        return {
+            actor,
+            action: { type: actionType, data: actionData },
+            context,
+        };
+    }
+    async inferInitiatingSkill(input) {
+        // Try to get plugin ID from tool → plugin mapping
+        try {
+            const { getPluginIdFromTool } = await import('./openclaw-plugin.js');
+            return getPluginIdFromTool(input.toolName);
+        }
+        catch {
+            // Mapping not available (plugin not loaded)
+            return null;
+        }
+    }
+}
+exports.OpenClawAdapter = OpenClawAdapter;
+//# sourceMappingURL=openclaw.js.map

package/dist/adapters/openclaw.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openclaw.js","sourceRoot":"","sources":["../../src/adapters/openclaw.ts"],"names":[],"mappings":";;;AAGA;;GAEG;AACH,MAAM,eAAe,GAA2B;IAC9C,IAAI,EAAE,cAAc;IACpB,KAAK,EAAE,YAAY;IACnB,IAAI,EAAE,WAAW;IACjB,SAAS,EAAE,iBAAiB;IAC5B,OAAO,EAAE,iBAAiB;CAC3B,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAa,eAAe;IACjB,IAAI,GAAG,UAAU,CAAC;IAE3B,UAAU,CAAC,GAAY;QACrB,MAAM,KAAK,GAAG,GAA8B,CAAC;QAC7C,OAAO;YACL,QAAQ,EAAG,KAAK,CAAC,QAAmB,IAAI,EAAE;YAC1C,SAAS,EAAG,KAAK,CAAC,MAAkC,IAAI,EAAE;YAC1D,SAAS,EAAE,KAAK,EAAE,yBAAyB;YAC3C,GAAG,EAAE,KAAK;SACX,CAAC;IACJ,CAAC;IAED,mBAAmB,CAAC,QAAgB;QAClC,eAAe;QACf,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9B,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;QACD,uEAAuE;QACvE,KAAK,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;YACnE,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,UAAU,CAAC;YACpB,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,KAAgB,EAAE,eAA+B;QAC7D,MAAM,UAAU,GAAG,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5D,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAE7B,MAAM,KAAK,GAAG;YACZ,KAAK,EAAE;gBACL,EAAE,EAAE,eAAe,IAAI,kBAAkB;gBACzC,MAAM,EAAE,eAAe,IAAI,UAAU;gBACrC,WAAW,EAAE,OAAO;gBACpB,aAAa,EAAE,EAAE;aAClB;SACF,CAAC;QAEF,MAAM,OAAO,GAAG;YACd,UAAU,EAAE,YAAY,IAAI,CAAC,GAAG,EAAE,EAAE;YACpC,YAAY,EAAE,IAAI;YAClB,GAAG,EAAE,MAAe;YACpB,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC9B,gBAAgB,EAAE,eAAe,IAAI,SAAS;SAC/C,CAAC;QAEF,IAAI,UAAmC,CAAC;QAExC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,cAAc;gBACjB,UAAU,GAAG;oBACX,OAAO,EAAG,KAAK,CAAC,SAAS,CAAC,OAAkB,IAAI,EAAE;oBAClD,IAAI,EAAE,EAAE;iBACT,CAAC;gBACF,MAAM;YAER,KAAK,YAAY;gBACf,UAAU,GAAG;oBACX,IAAI,EAAG,KAAK,CAAC,SAAS,CAAC,IAAe;wBAC/B,KAAK,CAAC,SAAS,CAAC,SAAoB,IAAI,EAAE;iBAClD,CAAC;gBACF,MAAM;YAER,KAAK,WAAW;gBACd,UAAU,GAAG;oBACX,IAAI,EAAG,KAAK,CAAC,SAAS,CAAC,IAAe;wBAC/B,KAAK,CAAC,SAAS,CAAC,SAAoB,IAAI,EAAE;iBAClD,CAAC;gBACF,MAAM;YAER,KAAK,iBAAiB;gBACpB,UAAU,GAAG;oBACX,MAAM,EAAG,KAAK,CAAC,SAAS,CAAC,MAAiB,IAAI,KAAK;oBACnD,GAAG,EAAG,KAAK,CAAC,SAAS,CAAC,GAAc,IAAI,EAAE;oBAC1C,YAAY,EAAE,KAAK,CAAC,SAAS,CAAC,IAA0B;iBACzD,CAAC;gBACF,MAAM;YAER;gBACE,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,OAAO;YACL,KAAK;YACL,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE;YAC9C,OAAO;SACqB,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,KAAgB;QACzC,kDAAkD;QAClD,IAAI,CAAC;YACH,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,CAAC;YACrE,OAAO,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF;AArGD,0CAqGC"}

package/dist/adapters/types.d.ts

@@ -0,0 +1,81 @@
+import type { ActionEnvelope, PolicyDecision } from '../types/action.js';
+/**
+ * Standardized hook input — platform-agnostic representation
+ */
+export interface HookInput {
+    /** Tool name (platform-specific, e.g. "Bash" or "exec") */
+    toolName: string;
+    /** Tool parameters */
+    toolInput: Record<string, unknown>;
+    /** Hook event type */
+    eventType: 'pre' | 'post';
+    /** Session identifier */
+    sessionId?: string;
+    /** Working directory */
+    cwd?: string;
+    /** Raw platform-specific input */
+    raw: unknown;
+}
+/**
+ * Hook evaluation result
+ */
+export interface HookOutput {
+    /** Decision */
+    decision: 'allow' | 'deny' | 'ask';
+    /** Human-readable reason */
+    reason?: string;
+    /** Risk level */
+    riskLevel?: string;
+    /** Risk tags */
+    riskTags?: string[];
+    /** Initiating skill (if detected) */
+    initiatingSkill?: string | null;
+}
+/**
+ * Platform adapter interface
+ *
+ * Each platform (Claude Code, OpenClaw, etc.) implements this interface
+ * to bridge its hook protocol to the common AgentGuard decision engine.
+ */
+export interface HookAdapter {
+    /** Platform identifier */
+    readonly name: string;
+    /** Parse raw platform input into standardized HookInput */
+    parseInput(raw: unknown): HookInput;
+    /** Map platform tool name to ActionEnvelope action type */
+    mapToolToActionType(toolName: string): string | null;
+    /** Build an ActionEnvelope from standardized input */
+    buildEnvelope(input: HookInput, initiatingSkill?: string | null): ActionEnvelope | null;
+    /** Infer which skill initiated the current tool call */
+    inferInitiatingSkill(input: HookInput): Promise<string | null>;
+}
+/**
+ * Agentguard instance interface (subset used by engine)
+ */
+export interface AgentGuardInstance {
+    actionScanner: {
+        decide(envelope: ActionEnvelope): Promise<PolicyDecision>;
+    };
+    registry: {
+        lookup(skill: {
+            id: string;
+            source: string;
+            version_ref: string;
+            artifact_hash: string;
+        }): Promise<{
+            effective_trust_level: string;
+            effective_capabilities: Record<string, unknown>;
+            record: unknown | null;
+        }>;
+    };
+}
+/**
+ * Engine options
+ */
+export interface EngineOptions {
+    config: {
+        level?: string;
+    };
+    agentguard: AgentGuardInstance;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/adapters/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/adapters/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,2DAA2D;IAC3D,QAAQ,EAAE,MAAM,CAAC;IACjB,sBAAsB;IACtB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,sBAAsB;IACtB,SAAS,EAAE,KAAK,GAAG,MAAM,CAAC;IAC1B,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,kCAAkC;IAClC,GAAG,EAAE,OAAO,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,eAAe;IACf,QAAQ,EAAE,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACnC,4BAA4B;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,gBAAgB;IAChB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,qCAAqC;IACrC,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACjC;AAED;;;;;GAKG;AACH,MAAM,WAAW,WAAW;IAC1B,0BAA0B;IAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB,2DAA2D;IAC3D,UAAU,CAAC,GAAG,EAAE,OAAO,GAAG,SAAS,CAAC;IAEpC,2DAA2D;IAC3D,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAErD,sDAAsD;IACtD,aAAa,CAAC,KAAK,EAAE,SAAS,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,GAAG,cAAc,GAAG,IAAI,CAAC;IAExF,wDAAwD;IACxD,oBAAoB,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;CAChE;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,aAAa,EAAE;QACb,MAAM,CAAC,QAAQ,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;KAC3D,CAAC;IACF,QAAQ,EAAE;QACR,MAAM,CAAC,KAAK,EAAE;YAAE,EAAE,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,GAAG,OAAO,CAAC;YACjG,qBAAqB,EAAE,MAAM,CAAC;YAC9B,sBAAsB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,EAAE,OAAO,GAAG,IAAI,CAAC;SACxB,CAAC,CAAC;KACJ,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3B,UAAU,EAAE,kBAAkB,CAAC;CAChC"}

package/dist/adapters/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/adapters/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/adapters/types.ts"],"names":[],"mappings":""}

package/dist/index.d.ts

@@ -12,6 +12,7 @@ export { SkillRegistry, RegistryStorage, type RegistryOptions, type StorageOptio
 export { ActionScanner, GoPlusClient, type ActionScannerOptions, } from './action/index.js';
 export { DEFAULT_POLICIES, RESTRICTIVE_CAPABILITY, PERMISSIVE_CAPABILITY, CAPABILITY_PRESETS, type PolicyConfig, } from './policy/default.js';
 export { containsSensitiveData, maskSensitiveData, extractDomain, isDomainAllowed, SENSITIVE_PATTERNS, } from './utils/patterns.js';
+export { ClaudeCodeAdapter, OpenClawAdapter, evaluateHook, registerOpenClawPlugin, loadConfig, type HookAdapter, type HookInput, type HookOutput, type EngineOptions, } from './adapters/index.js';
 import { SkillScanner } from './scanner/index.js';
 import { SkillRegistry } from './registry/index.js';
 import { ActionScanner } from './action/index.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;;;;EAgBA;AAGD,eAAe,gBAAgB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,YAAY,EACZ,sBAAsB,EACtB,UAAU,EACV,KAAK,WAAW,EAChB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;;;;EAgBA;AAGD,eAAe,gBAAgB,CAAC"}