@goplus/agentguard 1.1.1 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +41 -2
- package/dist/cli.d.ts +3 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +335 -0
- package/dist/cli.js.map +1 -0
- package/dist/cloud/client.d.ts +41 -0
- package/dist/cloud/client.d.ts.map +1 -0
- package/dist/cloud/client.js +145 -0
- package/dist/cloud/client.js.map +1 -0
- package/dist/config.d.ts +31 -0
- package/dist/config.d.ts.map +1 -0
- package/dist/config.js +133 -0
- package/dist/config.js.map +1 -0
- package/dist/feed/selfcheck.d.ts +36 -0
- package/dist/feed/selfcheck.d.ts.map +1 -0
- package/dist/feed/selfcheck.js +198 -0
- package/dist/feed/selfcheck.js.map +1 -0
- package/dist/feed/state.d.ts +14 -0
- package/dist/feed/state.d.ts.map +1 -0
- package/dist/feed/state.js +57 -0
- package/dist/feed/state.js.map +1 -0
- package/dist/feed/types.d.ts +102 -0
- package/dist/feed/types.d.ts.map +1 -0
- package/dist/feed/types.js +15 -0
- package/dist/feed/types.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +25 -1
- package/dist/index.js.map +1 -1
- package/dist/installers.d.ts +10 -0
- package/dist/installers.d.ts.map +1 -0
- package/dist/installers.js +137 -0
- package/dist/installers.js.map +1 -0
- package/dist/mcp-server.js +3 -2
- package/dist/mcp-server.js.map +1 -1
- package/dist/postinstall.d.ts +3 -0
- package/dist/postinstall.d.ts.map +1 -0
- package/dist/postinstall.js +13 -0
- package/dist/postinstall.js.map +1 -0
- package/dist/runtime/audit.d.ts +10 -0
- package/dist/runtime/audit.d.ts.map +1 -0
- package/dist/runtime/audit.js +94 -0
- package/dist/runtime/audit.js.map +1 -0
- package/dist/runtime/evaluator.d.ts +3 -0
- package/dist/runtime/evaluator.d.ts.map +1 -0
- package/dist/runtime/evaluator.js +197 -0
- package/dist/runtime/evaluator.js.map +1 -0
- package/dist/runtime/policy.d.ts +12 -0
- package/dist/runtime/policy.d.ts.map +1 -0
- package/dist/runtime/policy.js +81 -0
- package/dist/runtime/policy.js.map +1 -0
- package/dist/runtime/protect.d.ts +22 -0
- package/dist/runtime/protect.d.ts.map +1 -0
- package/dist/runtime/protect.js +172 -0
- package/dist/runtime/protect.js.map +1 -0
- package/dist/runtime/redaction.d.ts +6 -0
- package/dist/runtime/redaction.d.ts.map +1 -0
- package/dist/runtime/redaction.js +103 -0
- package/dist/runtime/redaction.js.map +1 -0
- package/dist/runtime/types.d.ts +62 -0
- package/dist/runtime/types.d.ts.map +1 -0
- package/dist/runtime/types.js +3 -0
- package/dist/runtime/types.js.map +1 -0
- package/dist/tests/cloud-live.test.d.ts +2 -0
- package/dist/tests/cloud-live.test.d.ts.map +1 -0
- package/dist/tests/cloud-live.test.js +68 -0
- package/dist/tests/cloud-live.test.js.map +1 -0
- package/dist/tests/feed-cloud.test.d.ts +2 -0
- package/dist/tests/feed-cloud.test.d.ts.map +1 -0
- package/dist/tests/feed-cloud.test.js +93 -0
- package/dist/tests/feed-cloud.test.js.map +1 -0
- package/dist/tests/feed-selfcheck.test.d.ts +2 -0
- package/dist/tests/feed-selfcheck.test.d.ts.map +1 -0
- package/dist/tests/feed-selfcheck.test.js +118 -0
- package/dist/tests/feed-selfcheck.test.js.map +1 -0
- package/dist/tests/installer.test.d.ts +2 -0
- package/dist/tests/installer.test.d.ts.map +1 -0
- package/dist/tests/installer.test.js +32 -0
- package/dist/tests/installer.test.js.map +1 -0
- package/dist/tests/runtime-cloud.test.d.ts +2 -0
- package/dist/tests/runtime-cloud.test.d.ts.map +1 -0
- package/dist/tests/runtime-cloud.test.js +206 -0
- package/dist/tests/runtime-cloud.test.js.map +1 -0
- package/dist/version.d.ts +2 -0
- package/dist/version.d.ts.map +1 -0
- package/dist/version.js +7 -0
- package/dist/version.js.map +1 -0
- package/docs/SECURITY-POLICY.md +558 -0
- package/docs/architecture.md +54 -0
- package/docs/claude-code.md +41 -0
- package/docs/cloud-connect.md +73 -0
- package/docs/cloud-native-api.md +526 -0
- package/docs/codex.md +38 -0
- package/docs/goplus-api.md +38 -0
- package/docs/mcp-server.md +39 -0
- package/docs/openclaw.md +41 -0
- package/docs/privacy-boundary.md +37 -0
- package/docs/sdk.md +83 -0
- package/docs/trust-cli.md +58 -0
- package/examples/openclaw-docker/Dockerfile +10 -0
- package/examples/openclaw-docker/README.md +16 -0
- package/examples/openclaw-docker/docker-compose.yml +8 -0
- package/examples/openclaw-docker/plugin.ts +8 -0
- package/package.json +7 -2
- package/skills/agentguard/SKILL.md +19 -0
- package/skills/agentguard/package.json +2 -1
- package/skills/agentguard/scripts/checkup-report.js +2 -15
|
@@ -0,0 +1,197 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.evaluateLocalAction = evaluateLocalAction;
|
|
4
|
+
const index_js_1 = require("../action/index.js");
|
|
5
|
+
const skill_js_1 = require("../types/skill.js");
|
|
6
|
+
const redaction_js_1 = require("./redaction.js");
|
|
7
|
+
function reason(code, severity, title, description, evidence) {
|
|
8
|
+
return {
|
|
9
|
+
code,
|
|
10
|
+
severity,
|
|
11
|
+
title,
|
|
12
|
+
description,
|
|
13
|
+
evidence: evidence === undefined ? undefined : (0, redaction_js_1.redactPreview)(evidence, 240),
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
async function evaluateLocalAction(policy, action) {
|
|
17
|
+
const customReasons = customPolicyReasons(policy, action);
|
|
18
|
+
const ossDecision = await evaluateWithOssActionScanner(policy, action);
|
|
19
|
+
const ossReasons = (ossDecision?.risk_tags || []).map((tag, index) => normalizeOssReason(tag, ossDecision?.evidence?.[index], action));
|
|
20
|
+
const reasons = (0, redaction_js_1.redactReasons)([...customReasons, ...ossReasons]);
|
|
21
|
+
const riskScore = riskScoreFor(reasons, ossDecision?.risk_level || 'safe');
|
|
22
|
+
const riskLevel = riskLevelFor(riskScore);
|
|
23
|
+
const decision = decisionFor(policy, reasons, riskLevel, ossDecision?.decision);
|
|
24
|
+
return {
|
|
25
|
+
actionId: `act_local_${Date.now()}_${process.pid}`,
|
|
26
|
+
decision: policy.mode === 'observe' && decision === 'block' ? 'warn' : decision,
|
|
27
|
+
riskScore,
|
|
28
|
+
riskLevel,
|
|
29
|
+
reasons,
|
|
30
|
+
policyVersion: policy.policyVersion || 'runtime-local-v0.1',
|
|
31
|
+
};
|
|
32
|
+
}
|
|
33
|
+
function customPolicyReasons(policy, action) {
|
|
34
|
+
const reasons = [];
|
|
35
|
+
const input = action.input || '';
|
|
36
|
+
const lower = input.toLowerCase();
|
|
37
|
+
if (action.actionType === 'shell') {
|
|
38
|
+
for (const pattern of policy.blockedCommandPatterns) {
|
|
39
|
+
if (matchesPattern(lower, pattern.toLowerCase())) {
|
|
40
|
+
reasons.push(reason('CUSTOM_BLOCKED_COMMAND', 'critical', 'Custom blocked command', 'The action matched a command pattern configured in runtime policy.', pattern));
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
for (const domain of policy.network.blockedDomains) {
|
|
44
|
+
if (domain && lower.includes(domain.toLowerCase())) {
|
|
45
|
+
reasons.push(reason('CUSTOM_BLOCKED_DOMAIN', 'high', 'Custom blocked domain', 'The action references a domain blocked by runtime policy.', domain));
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
if (action.actionType === 'file_read' || action.actionType === 'file_write') {
|
|
50
|
+
for (const pathPattern of policy.protectedPaths) {
|
|
51
|
+
if (matchesPath(input, pathPattern)) {
|
|
52
|
+
reasons.push(reason('SECRET_ACCESS', action.actionType === 'file_write' ? 'critical' : 'high', 'Protected path access', 'The agent attempted to access a path protected by runtime policy.', pathPattern));
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
if (action.actionType === 'deploy') {
|
|
57
|
+
reasons.push(reason('DEPLOYMENT_ACTION', 'high', 'Deployment action requires approval', 'Deployment actions can affect production systems and should be approved in cloud policy.', input));
|
|
58
|
+
}
|
|
59
|
+
return reasons;
|
|
60
|
+
}
|
|
61
|
+
async function evaluateWithOssActionScanner(policy, action) {
|
|
62
|
+
const mapped = mapRuntimeAction(action);
|
|
63
|
+
if (!mapped)
|
|
64
|
+
return null;
|
|
65
|
+
const registry = {
|
|
66
|
+
async lookup() {
|
|
67
|
+
return {
|
|
68
|
+
record: null,
|
|
69
|
+
effective_trust_level: 'trusted',
|
|
70
|
+
effective_capabilities: {
|
|
71
|
+
...skill_js_1.DEFAULT_CAPABILITY,
|
|
72
|
+
exec: 'allow',
|
|
73
|
+
network_allowlist: policy.network.approvalDomains,
|
|
74
|
+
filesystem_allowlist: policy.protectedPaths,
|
|
75
|
+
},
|
|
76
|
+
};
|
|
77
|
+
},
|
|
78
|
+
};
|
|
79
|
+
const scanner = new index_js_1.ActionScanner({ registry: registry });
|
|
80
|
+
return scanner.decide({
|
|
81
|
+
actor: {
|
|
82
|
+
skill: {
|
|
83
|
+
id: action.sourceSkill || 'local-agent',
|
|
84
|
+
source: action.agentHost,
|
|
85
|
+
version_ref: 'runtime',
|
|
86
|
+
artifact_hash: '',
|
|
87
|
+
},
|
|
88
|
+
},
|
|
89
|
+
action: mapped,
|
|
90
|
+
context: {
|
|
91
|
+
session_id: action.sessionId,
|
|
92
|
+
user_present: true,
|
|
93
|
+
env: 'dev',
|
|
94
|
+
time: new Date().toISOString(),
|
|
95
|
+
initiating_skill: action.sourceSkill,
|
|
96
|
+
},
|
|
97
|
+
});
|
|
98
|
+
}
|
|
99
|
+
function mapRuntimeAction(action) {
|
|
100
|
+
if (action.actionType === 'shell') {
|
|
101
|
+
return { type: 'exec_command', data: { command: action.input, cwd: action.cwd } };
|
|
102
|
+
}
|
|
103
|
+
if (action.actionType === 'file_read') {
|
|
104
|
+
return { type: 'read_file', data: { path: action.input } };
|
|
105
|
+
}
|
|
106
|
+
if (action.actionType === 'file_write') {
|
|
107
|
+
return { type: 'write_file', data: { path: action.input } };
|
|
108
|
+
}
|
|
109
|
+
if (action.actionType === 'network' || action.actionType === 'browser') {
|
|
110
|
+
return { type: 'network_request', data: { method: 'GET', url: action.input } };
|
|
111
|
+
}
|
|
112
|
+
return null;
|
|
113
|
+
}
|
|
114
|
+
function normalizeOssReason(tag, evidence, action) {
|
|
115
|
+
const evidenceText = evidence?.match || evidence?.description || action.input;
|
|
116
|
+
if (tag === 'DANGEROUS_COMMAND') {
|
|
117
|
+
return reason('DESTRUCTIVE_COMMAND', 'critical', 'Dangerous command', 'The local OSS runtime detected a dangerous command.', evidenceText);
|
|
118
|
+
}
|
|
119
|
+
if (tag === 'SENSITIVE_DATA_ACCESS' || tag === 'SENSITIVE_ENV_VAR') {
|
|
120
|
+
return reason('SECRET_ACCESS', 'high', 'Sensitive data access', 'The local OSS runtime detected access to sensitive data.', evidenceText);
|
|
121
|
+
}
|
|
122
|
+
if (tag === 'WEBHOOK_EXFIL' || tag === 'CRITICAL_SECRET_EXFIL' || tag === 'POTENTIAL_SECRET_EXFIL') {
|
|
123
|
+
return reason('DATA_EXFILTRATION', tag === 'CRITICAL_SECRET_EXFIL' ? 'critical' : 'high', 'Potential data exfiltration', 'The local OSS runtime detected exfiltration risk.', evidenceText);
|
|
124
|
+
}
|
|
125
|
+
if (tag === 'NETWORK_COMMAND' || tag === 'UNTRUSTED_DOMAIN') {
|
|
126
|
+
return reason('NETWORK_RISK', 'medium', 'Network action', 'The local OSS runtime detected network activity.', evidenceText);
|
|
127
|
+
}
|
|
128
|
+
if (tag === 'SHELL_INJECTION_RISK') {
|
|
129
|
+
return reason('SHELL_INJECTION_RISK', 'medium', 'Shell metacharacters', 'The local OSS runtime detected shell metacharacters.', evidenceText);
|
|
130
|
+
}
|
|
131
|
+
return reason(tag, 'medium', tag.replace(/_/g, ' ').toLowerCase(), 'The local OSS runtime detected a risky action.', evidenceText);
|
|
132
|
+
}
|
|
133
|
+
function decisionFor(policy, reasons, riskLevel, ossDecision) {
|
|
134
|
+
for (const item of reasons) {
|
|
135
|
+
const decision = policyDecisionFor(item.code, policy);
|
|
136
|
+
if (decision)
|
|
137
|
+
return decision;
|
|
138
|
+
}
|
|
139
|
+
if (ossDecision === 'deny')
|
|
140
|
+
return riskLevel === 'critical' ? 'block' : 'require_approval';
|
|
141
|
+
if (ossDecision === 'confirm')
|
|
142
|
+
return 'require_approval';
|
|
143
|
+
if (reasons.length > 0)
|
|
144
|
+
return 'warn';
|
|
145
|
+
return 'allow';
|
|
146
|
+
}
|
|
147
|
+
function policyDecisionFor(code, policy) {
|
|
148
|
+
if (code === 'CUSTOM_BLOCKED_COMMAND' || code === 'DESTRUCTIVE_COMMAND')
|
|
149
|
+
return policy.decisions.destructiveCommand;
|
|
150
|
+
if (code === 'REMOTE_CODE_EXECUTION')
|
|
151
|
+
return policy.decisions.remoteCodeExecution;
|
|
152
|
+
if (code === 'CUSTOM_BLOCKED_DOMAIN' || code === 'DATA_EXFILTRATION')
|
|
153
|
+
return policy.decisions.dataExfiltration;
|
|
154
|
+
if (code === 'SECRET_ACCESS')
|
|
155
|
+
return policy.decisions.secretAccess;
|
|
156
|
+
if (code === 'DEPLOYMENT_ACTION')
|
|
157
|
+
return policy.decisions.deployAction;
|
|
158
|
+
return null;
|
|
159
|
+
}
|
|
160
|
+
function riskScoreFor(reasons, ossRiskLevel) {
|
|
161
|
+
if (reasons.some((item) => item.severity === 'critical') || ossRiskLevel === 'critical')
|
|
162
|
+
return 95;
|
|
163
|
+
if (reasons.some((item) => item.severity === 'high') || ossRiskLevel === 'high')
|
|
164
|
+
return 55;
|
|
165
|
+
if (reasons.some((item) => item.severity === 'medium') || ossRiskLevel === 'medium')
|
|
166
|
+
return 20;
|
|
167
|
+
if (reasons.length > 0 || ossRiskLevel === 'low')
|
|
168
|
+
return reasons.length > 0 ? 5 : 0;
|
|
169
|
+
return 0;
|
|
170
|
+
}
|
|
171
|
+
function riskLevelFor(score) {
|
|
172
|
+
if (score >= 90)
|
|
173
|
+
return 'critical';
|
|
174
|
+
if (score >= 55)
|
|
175
|
+
return 'high';
|
|
176
|
+
if (score >= 20)
|
|
177
|
+
return 'medium';
|
|
178
|
+
if (score > 0)
|
|
179
|
+
return 'low';
|
|
180
|
+
return 'safe';
|
|
181
|
+
}
|
|
182
|
+
function matchesPattern(input, pattern) {
|
|
183
|
+
if (!pattern)
|
|
184
|
+
return false;
|
|
185
|
+
if (input.includes(pattern))
|
|
186
|
+
return true;
|
|
187
|
+
const compact = pattern.replace(/\s*\.\.\.\s*/g, ' ');
|
|
188
|
+
return compact !== pattern && input.includes(compact);
|
|
189
|
+
}
|
|
190
|
+
function matchesPath(input, pattern) {
|
|
191
|
+
if (!pattern)
|
|
192
|
+
return false;
|
|
193
|
+
const normalizedInput = input.replace(/\\/g, '/');
|
|
194
|
+
const needle = pattern.replace(/\\/g, '/').replace(/\*\*/g, '').replace(/\*/g, '');
|
|
195
|
+
return Boolean(needle) && normalizedInput.includes(needle);
|
|
196
|
+
}
|
|
197
|
+
//# sourceMappingURL=evaluator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evaluator.js","sourceRoot":"","sources":["../../src/runtime/evaluator.ts"],"names":[],"mappings":";;AA8BA,kDAsBC;AApDD,iDAAmD;AACnD,gDAAuD;AAWvD,iDAA8D;AAE9D,SAAS,MAAM,CACb,IAAY,EACZ,QAAyB,EACzB,KAAa,EACb,WAAmB,EACnB,QAAkB;IAElB,OAAO;QACL,IAAI;QACJ,QAAQ;QACR,KAAK;QACL,WAAW;QACX,QAAQ,EAAE,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAA,4BAAa,EAAC,QAAQ,EAAE,GAAG,CAAC;KAC5E,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,MAA8B,EAC9B,MAAqB;IAErB,MAAM,aAAa,GAAG,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,MAAM,4BAA4B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACvE,MAAM,UAAU,GAAG,CAAC,WAAW,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CACnE,kBAAkB,CAAC,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,CAChE,CAAC;IACF,MAAM,OAAO,GAAG,IAAA,4BAAa,EAAC,CAAC,GAAG,aAAa,EAAE,GAAG,UAAU,CAAC,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,IAAI,MAAM,CAAC,CAAC;IAC3E,MAAM,SAAS,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;IAEhF,OAAO;QACL,QAAQ,EAAE,aAAa,IAAI,CAAC,GAAG,EAAE,IAAI,OAAO,CAAC,GAAG,EAAE;QAClD,QAAQ,EAAE,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;QAC/E,SAAS;QACT,SAAS;QACT,OAAO;QACP,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,oBAAoB;KAC5D,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,MAA8B,EAAE,MAAqB;IAChF,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;IACjC,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IAElC,IAAI,MAAM,CAAC,UAAU,KAAK,OAAO,EAAE,CAAC;QAClC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACpD,IAAI,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACjD,OAAO,CAAC,IAAI,CAAC,MAAM,CACjB,wBAAwB,EACxB,UAAU,EACV,wBAAwB,EACxB,oEAAoE,EACpE,OAAO,CACR,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YACnD,IAAI,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACnD,OAAO,CAAC,IAAI,CAAC,MAAM,CACjB,uBAAuB,EACvB,MAAM,EACN,uBAAuB,EACvB,2DAA2D,EAC3D,MAAM,CACP,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,UAAU,KAAK,WAAW,IAAI,MAAM,CAAC,UAAU,KAAK,YAAY,EAAE,CAAC;QAC5E,KAAK,MAAM,WAAW,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YAChD,IAAI,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,IAAI,CAAC,MAAM,CACjB,eAAe,EACf,MAAM,CAAC,UAAU,KAAK,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,EACxD,uBAAuB,EACvB,mEAAmE,EACnE,WAAW,CACZ,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QACnC,OAAO,CAAC,IAAI,CAAC,MAAM,CACjB,mBAAmB,EACnB,MAAM,EACN,qCAAqC,EACrC,0FAA0F,EAC1F,KAAK,CACN,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,4BAA4B,CACzC,MAA8B,EAC9B,MAAqB;IAErB,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IACxC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,QAAQ,GAAG;QACf,KAAK,CAAC,MAAM;YACV,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,qBAAqB,EAAE,SAAS;gBAChC,sBAAsB,EAAE;oBACtB,GAAG,6BAAkB;oBACrB,IAAI,EAAE,OAAgB;oBACtB,iBAAiB,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe;oBACjD,oBAAoB,EAAE,MAAM,CAAC,cAAc;iBAC5C;aACF,CAAC;QACJ,CAAC;KACF,CAAC;IAEF,MAAM,OAAO,GAAG,IAAI,wBAAa,CAAC,EAAE,QAAQ,EAAE,QAAiB,EAAE,CAAC,CAAC;IACnE,OAAO,OAAO,CAAC,MAAM,CAAC;QACpB,KAAK,EAAE;YACL,KAAK,EAAE;gBACL,EAAE,EAAE,MAAM,CAAC,WAAW,IAAI,aAAa;gBACvC,MAAM,EAAE,MAAM,CAAC,SAAS;gBACxB,WAAW,EAAE,SAAS;gBACtB,aAAa,EAAE,EAAE;aAClB;SACF;QACD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,UAAU,EAAE,MAAM,CAAC,SAAS;YAC5B,YAAY,EAAE,IAAI;YAClB,GAAG,EAAE,KAAK;YACV,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC9B,gBAAgB,EAAE,MAAM,CAAC,WAAW;SACrC;KACF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAqB;IAC7C,IAAI,MAAM,CAAC,UAAU,KAAK,OAAO,EAAE,CAAC;QAClC,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC;IACpF,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,WAAW,EAAE,CAAC;QACtC,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC;IAC7D,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,YAAY,EAAE,CAAC;QACvC,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC;IAC9D,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACvE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC;IACjF,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW,EAAE,QAAoC,EAAE,MAAqB;IAClG,MAAM,YAAY,GAAG,QAAQ,EAAE,KAAK,IAAI,QAAQ,EAAE,WAAW,IAAI,MAAM,CAAC,KAAK,CAAC;IAC9E,IAAI,GAAG,KAAK,mBAAmB,EAAE,CAAC;QAChC,OAAO,MAAM,CAAC,qBAAqB,EAAE,UAAU,EAAE,mBAAmB,EAAE,qDAAqD,EAAE,YAAY,CAAC,CAAC;IAC7I,CAAC;IACD,IAAI,GAAG,KAAK,uBAAuB,IAAI,GAAG,KAAK,mBAAmB,EAAE,CAAC;QACnE,OAAO,MAAM,CAAC,eAAe,EAAE,MAAM,EAAE,uBAAuB,EAAE,0DAA0D,EAAE,YAAY,CAAC,CAAC;IAC5I,CAAC;IACD,IAAI,GAAG,KAAK,eAAe,IAAI,GAAG,KAAK,uBAAuB,IAAI,GAAG,KAAK,wBAAwB,EAAE,CAAC;QACnG,OAAO,MAAM,CAAC,mBAAmB,EAAE,GAAG,KAAK,uBAAuB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,6BAA6B,EAAE,mDAAmD,EAAE,YAAY,CAAC,CAAC;IAC9L,CAAC;IACD,IAAI,GAAG,KAAK,iBAAiB,IAAI,GAAG,KAAK,kBAAkB,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,kDAAkD,EAAE,YAAY,CAAC,CAAC;IAC9H,CAAC;IACD,IAAI,GAAG,KAAK,sBAAsB,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,sBAAsB,EAAE,QAAQ,EAAE,sBAAsB,EAAE,sDAAsD,EAAE,YAAY,CAAC,CAAC;IAChJ,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,EAAE,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,gDAAgD,EAAE,YAAY,CAAC,CAAC;AACrI,CAAC;AAED,SAAS,WAAW,CAClB,MAA8B,EAC9B,OAAuB,EACvB,SAA2B,EAC3B,WAAoB;IAEpB,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACtD,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;IAChC,CAAC;IACD,IAAI,WAAW,KAAK,MAAM;QAAE,OAAO,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,kBAAkB,CAAC;IAC3F,IAAI,WAAW,KAAK,SAAS;QAAE,OAAO,kBAAkB,CAAC;IACzD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,MAAM,CAAC;IACtC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,MAA8B;IACrE,IAAI,IAAI,KAAK,wBAAwB,IAAI,IAAI,KAAK,qBAAqB;QAAE,OAAO,MAAM,CAAC,SAAS,CAAC,kBAAkB,CAAC;IACpH,IAAI,IAAI,KAAK,uBAAuB;QAAE,OAAO,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC;IAClF,IAAI,IAAI,KAAK,uBAAuB,IAAI,IAAI,KAAK,mBAAmB;QAAE,OAAO,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC;IAC/G,IAAI,IAAI,KAAK,eAAe;QAAE,OAAO,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC;IACnE,IAAI,IAAI,KAAK,mBAAmB;QAAE,OAAO,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC;IACvE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,OAAuB,EAAE,YAA8B;IAC3E,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,IAAI,YAAY,KAAK,UAAU;QAAE,OAAO,EAAE,CAAC;IACnG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,IAAI,YAAY,KAAK,MAAM;QAAE,OAAO,EAAE,CAAC;IAC3F,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,IAAI,YAAY,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IAC/F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,KAAK,KAAK;QAAE,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,UAAU,CAAC;IACnC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,MAAM,CAAC;IAC/B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,QAAQ,CAAC;IACjC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,cAAc,CAAC,KAAa,EAAE,OAAe;IACpD,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAC3B,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IACzC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IACtD,OAAO,OAAO,KAAK,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,WAAW,CAAC,KAAa,EAAE,OAAe;IACjD,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAC3B,MAAM,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACnF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AAC7D,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { EffectiveRuntimePolicy } from './types.js';
|
|
2
|
+
export declare function getDefaultEffectiveRuntimePolicy(): EffectiveRuntimePolicy;
|
|
3
|
+
export declare function loadCachedPolicy(cachePath: string): EffectiveRuntimePolicy | null;
|
|
4
|
+
export declare function saveCachedPolicy(cachePath: string, policy: EffectiveRuntimePolicy): void;
|
|
5
|
+
export declare function resolveRuntimePolicy(options: {
|
|
6
|
+
cachePath: string;
|
|
7
|
+
fetchPolicy?: () => Promise<EffectiveRuntimePolicy | null>;
|
|
8
|
+
}): Promise<{
|
|
9
|
+
policy: EffectiveRuntimePolicy;
|
|
10
|
+
source: 'cloud' | 'cache' | 'default';
|
|
11
|
+
}>;
|
|
12
|
+
//# sourceMappingURL=policy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAEzD,wBAAgB,gCAAgC,IAAI,sBAAsB,CAuCzE;AAED,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,sBAAsB,GAAG,IAAI,CAOjF;AAED,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,sBAAsB,GAAG,IAAI,CAGxF;AAED,wBAAsB,oBAAoB,CAAC,OAAO,EAAE;IAClD,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC,CAAC;CAC5D,GAAG,OAAO,CAAC;IAAE,MAAM,EAAE,sBAAsB,CAAC;IAAC,MAAM,EAAE,OAAO,GAAG,OAAO,GAAG,SAAS,CAAA;CAAE,CAAC,CAgBrF"}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getDefaultEffectiveRuntimePolicy = getDefaultEffectiveRuntimePolicy;
|
|
4
|
+
exports.loadCachedPolicy = loadCachedPolicy;
|
|
5
|
+
exports.saveCachedPolicy = saveCachedPolicy;
|
|
6
|
+
exports.resolveRuntimePolicy = resolveRuntimePolicy;
|
|
7
|
+
const node_fs_1 = require("node:fs");
|
|
8
|
+
const node_path_1 = require("node:path");
|
|
9
|
+
function getDefaultEffectiveRuntimePolicy() {
|
|
10
|
+
return {
|
|
11
|
+
policyVersion: 'runtime-local-v0.1',
|
|
12
|
+
mode: 'balanced',
|
|
13
|
+
decisions: {
|
|
14
|
+
destructiveCommand: 'block',
|
|
15
|
+
remoteCodeExecution: 'block',
|
|
16
|
+
dataExfiltration: 'block',
|
|
17
|
+
secretAccess: 'require_approval',
|
|
18
|
+
deployAction: 'require_approval',
|
|
19
|
+
},
|
|
20
|
+
protectedPaths: [
|
|
21
|
+
'~/.ssh/**',
|
|
22
|
+
'~/.aws/**',
|
|
23
|
+
'~/.config/**/credentials*',
|
|
24
|
+
'**/.env*',
|
|
25
|
+
'**/*private-key*',
|
|
26
|
+
'**/*seed*',
|
|
27
|
+
],
|
|
28
|
+
blockedCommandPatterns: [
|
|
29
|
+
'rm -rf /',
|
|
30
|
+
'curl ... | bash',
|
|
31
|
+
'wget ... | sh',
|
|
32
|
+
'base64 -d | bash',
|
|
33
|
+
'git push --force',
|
|
34
|
+
],
|
|
35
|
+
allowedCommandPatterns: [],
|
|
36
|
+
approvalActionTypes: ['file_read', 'file_write', 'deploy'],
|
|
37
|
+
network: {
|
|
38
|
+
defaultOutbound: 'warn',
|
|
39
|
+
blockedDomains: [
|
|
40
|
+
'discord.com/api/webhooks',
|
|
41
|
+
'hooks.slack.com/services',
|
|
42
|
+
'api.telegram.org/bot',
|
|
43
|
+
],
|
|
44
|
+
approvalDomains: [],
|
|
45
|
+
},
|
|
46
|
+
updatedAt: new Date(0).toISOString(),
|
|
47
|
+
};
|
|
48
|
+
}
|
|
49
|
+
function loadCachedPolicy(cachePath) {
|
|
50
|
+
try {
|
|
51
|
+
if (!(0, node_fs_1.existsSync)(cachePath))
|
|
52
|
+
return null;
|
|
53
|
+
return JSON.parse((0, node_fs_1.readFileSync)(cachePath, 'utf8'));
|
|
54
|
+
}
|
|
55
|
+
catch {
|
|
56
|
+
return null;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function saveCachedPolicy(cachePath, policy) {
|
|
60
|
+
(0, node_fs_1.mkdirSync)((0, node_path_1.dirname)(cachePath), { recursive: true });
|
|
61
|
+
(0, node_fs_1.writeFileSync)(cachePath, `${JSON.stringify(policy, null, 2)}\n`);
|
|
62
|
+
}
|
|
63
|
+
async function resolveRuntimePolicy(options) {
|
|
64
|
+
if (options.fetchPolicy) {
|
|
65
|
+
try {
|
|
66
|
+
const cloudPolicy = await options.fetchPolicy();
|
|
67
|
+
if (cloudPolicy) {
|
|
68
|
+
saveCachedPolicy(options.cachePath, cloudPolicy);
|
|
69
|
+
return { policy: cloudPolicy, source: 'cloud' };
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
catch {
|
|
73
|
+
// Fall through to cache/default.
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
const cached = loadCachedPolicy(options.cachePath);
|
|
77
|
+
if (cached)
|
|
78
|
+
return { policy: cached, source: 'cache' };
|
|
79
|
+
return { policy: getDefaultEffectiveRuntimePolicy(), source: 'default' };
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=policy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":";;AAIA,4EAuCC;AAED,4CAOC;AAED,4CAGC;AAED,oDAmBC;AA9ED,qCAA6E;AAC7E,yCAAoC;AAGpC,SAAgB,gCAAgC;IAC9C,OAAO;QACL,aAAa,EAAE,oBAAoB;QACnC,IAAI,EAAE,UAAU;QAChB,SAAS,EAAE;YACT,kBAAkB,EAAE,OAAO;YAC3B,mBAAmB,EAAE,OAAO;YAC5B,gBAAgB,EAAE,OAAO;YACzB,YAAY,EAAE,kBAAkB;YAChC,YAAY,EAAE,kBAAkB;SACjC;QACD,cAAc,EAAE;YACd,WAAW;YACX,WAAW;YACX,2BAA2B;YAC3B,UAAU;YACV,kBAAkB;YAClB,WAAW;SACZ;QACD,sBAAsB,EAAE;YACtB,UAAU;YACV,iBAAiB;YACjB,eAAe;YACf,kBAAkB;YAClB,kBAAkB;SACnB;QACD,sBAAsB,EAAE,EAAE;QAC1B,mBAAmB,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,CAAC;QAC1D,OAAO,EAAE;YACP,eAAe,EAAE,MAAM;YACvB,cAAc,EAAE;gBACd,0BAA0B;gBAC1B,0BAA0B;gBAC1B,sBAAsB;aACvB;YACD,eAAe,EAAE,EAAE;SACpB;QACD,SAAS,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE;KACrC,CAAC;AACJ,CAAC;AAED,SAAgB,gBAAgB,CAAC,SAAiB;IAChD,IAAI,CAAC;QACH,IAAI,CAAC,IAAA,oBAAU,EAAC,SAAS,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,sBAAY,EAAC,SAAS,EAAE,MAAM,CAAC,CAA2B,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAgB,gBAAgB,CAAC,SAAiB,EAAE,MAA8B;IAChF,IAAA,mBAAS,EAAC,IAAA,mBAAO,EAAC,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACnD,IAAA,uBAAa,EAAC,SAAS,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;AACnE,CAAC;AAEM,KAAK,UAAU,oBAAoB,CAAC,OAG1C;IACC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;YAChD,IAAI,WAAW,EAAE,CAAC;gBAChB,gBAAgB,CAAC,OAAO,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBACjD,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YAClD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;QACnC,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACnD,IAAI,MAAM;QAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;IACvD,OAAO,EAAE,MAAM,EAAE,gCAAgC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;AAC3E,CAAC"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import type { AgentGuardConfig } from '../config.js';
|
|
2
|
+
import type { RuntimeAgentHost, RuntimeAuditEvent, RuntimeActionType, RuntimeDecision } from './types.js';
|
|
3
|
+
export interface ProtectOptions {
|
|
4
|
+
config: AgentGuardConfig;
|
|
5
|
+
rawInput?: unknown;
|
|
6
|
+
stdinText?: string;
|
|
7
|
+
agentHost?: RuntimeAgentHost;
|
|
8
|
+
actionType?: RuntimeActionType;
|
|
9
|
+
toolName?: string;
|
|
10
|
+
sessionId?: string;
|
|
11
|
+
decisionMode?: 'local-first' | 'cloud';
|
|
12
|
+
}
|
|
13
|
+
export interface ProtectResult {
|
|
14
|
+
decision: RuntimeDecision;
|
|
15
|
+
event: RuntimeAuditEvent;
|
|
16
|
+
approvalId?: string | null;
|
|
17
|
+
policySource: 'cloud' | 'cache' | 'default' | 'cloud-decision';
|
|
18
|
+
}
|
|
19
|
+
export declare function protectAction(options: ProtectOptions): Promise<ProtectResult | null>;
|
|
20
|
+
export declare function formatProtectResult(result: ProtectResult, json?: boolean): string;
|
|
21
|
+
export declare function exitCodeForDecision(decision: RuntimeDecision): number;
|
|
22
|
+
//# sourceMappingURL=protect.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protect.d.ts","sourceRoot":"","sources":["../../src/runtime/protect.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAIrD,OAAO,KAAK,EAAiB,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAEzH,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,gBAAgB,CAAC;IACzB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,gBAAgB,CAAC;IAC7B,UAAU,CAAC,EAAE,iBAAiB,CAAC;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC;CACxC;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,eAAe,CAAC;IAC1B,KAAK,EAAE,iBAAiB,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,YAAY,EAAE,OAAO,GAAG,OAAO,GAAG,SAAS,GAAG,gBAAgB,CAAC;CAChE;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAiD1F;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,aAAa,EAAE,IAAI,UAAQ,GAAG,MAAM,CA0B/E;AAED,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,eAAe,GAAG,MAAM,CAErE"}
|
|
@@ -0,0 +1,172 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.protectAction = protectAction;
|
|
4
|
+
exports.formatProtectResult = formatProtectResult;
|
|
5
|
+
exports.exitCodeForDecision = exitCodeForDecision;
|
|
6
|
+
const node_process_1 = require("node:process");
|
|
7
|
+
const client_js_1 = require("../cloud/client.js");
|
|
8
|
+
const audit_js_1 = require("./audit.js");
|
|
9
|
+
const evaluator_js_1 = require("./evaluator.js");
|
|
10
|
+
const policy_js_1 = require("./policy.js");
|
|
11
|
+
async function protectAction(options) {
|
|
12
|
+
const action = buildRuntimeAction(options);
|
|
13
|
+
if (!action.input)
|
|
14
|
+
return null;
|
|
15
|
+
const client = new client_js_1.AgentGuardCloudClient(options.config);
|
|
16
|
+
if (client.connected) {
|
|
17
|
+
await (0, audit_js_1.flushEventSpool)(options.config.eventSpoolPath, (events) => client.ingestEvents(events)).catch(() => undefined);
|
|
18
|
+
}
|
|
19
|
+
let decision;
|
|
20
|
+
let policySource;
|
|
21
|
+
if (options.decisionMode === 'cloud' && client.connected) {
|
|
22
|
+
decision = await client.evaluateAction(action);
|
|
23
|
+
policySource = 'cloud-decision';
|
|
24
|
+
}
|
|
25
|
+
else {
|
|
26
|
+
const { policy, source } = await (0, policy_js_1.resolveRuntimePolicy)({
|
|
27
|
+
cachePath: options.config.policyCachePath,
|
|
28
|
+
fetchPolicy: client.connected ? () => client.fetchEffectivePolicy() : undefined,
|
|
29
|
+
});
|
|
30
|
+
decision = await (0, evaluator_js_1.evaluateLocalAction)(policy, action);
|
|
31
|
+
policySource = source;
|
|
32
|
+
}
|
|
33
|
+
const event = {
|
|
34
|
+
...action,
|
|
35
|
+
actionId: decision.actionId,
|
|
36
|
+
decision: decision.decision,
|
|
37
|
+
riskScore: decision.riskScore,
|
|
38
|
+
riskLevel: decision.riskLevel,
|
|
39
|
+
reasons: decision.reasons,
|
|
40
|
+
policyVersion: decision.policyVersion,
|
|
41
|
+
metadata: {
|
|
42
|
+
...(action.metadata || {}),
|
|
43
|
+
evaluation: policySource === 'cloud-decision' ? 'cloud' : 'local-oss',
|
|
44
|
+
policySource,
|
|
45
|
+
},
|
|
46
|
+
};
|
|
47
|
+
(0, audit_js_1.writeAuditLog)(options.config.auditPath, event);
|
|
48
|
+
let approvalId;
|
|
49
|
+
if (client.connected && policySource !== 'cloud-decision') {
|
|
50
|
+
await client.ingestEvents([event]).catch(() => (0, audit_js_1.spoolEvent)(options.config.eventSpoolPath, event));
|
|
51
|
+
}
|
|
52
|
+
if (client.connected && decision.decision === 'require_approval') {
|
|
53
|
+
approvalId = await client.createApproval(event).catch(() => null);
|
|
54
|
+
}
|
|
55
|
+
return { decision, event, approvalId, policySource };
|
|
56
|
+
}
|
|
57
|
+
function formatProtectResult(result, json = false) {
|
|
58
|
+
if (json) {
|
|
59
|
+
return JSON.stringify({
|
|
60
|
+
decision: publicDecision(result.decision.decision),
|
|
61
|
+
cloudDecision: result.decision.decision,
|
|
62
|
+
actionId: result.decision.actionId,
|
|
63
|
+
riskScore: result.decision.riskScore,
|
|
64
|
+
riskLevel: result.decision.riskLevel,
|
|
65
|
+
reasons: result.decision.reasons,
|
|
66
|
+
approvalId: result.approvalId,
|
|
67
|
+
policySource: result.policySource,
|
|
68
|
+
}, null, 2);
|
|
69
|
+
}
|
|
70
|
+
const reasonCount = result.decision.reasons.length;
|
|
71
|
+
if (result.decision.decision === 'block') {
|
|
72
|
+
return `BLOCKED by AgentGuard (action: ${result.decision.actionId}, risk: ${result.decision.riskScore}/100, level: ${result.decision.riskLevel}, reasons: ${reasonCount}).`;
|
|
73
|
+
}
|
|
74
|
+
if (result.decision.decision === 'require_approval') {
|
|
75
|
+
const approval = result.approvalId ? `approval: ${result.approvalId}, ` : '';
|
|
76
|
+
return `CONFIRM required by AgentGuard (${approval}action: ${result.decision.actionId}, risk: ${result.decision.riskScore}/100, level: ${result.decision.riskLevel}, reasons: ${reasonCount}).`;
|
|
77
|
+
}
|
|
78
|
+
if (result.decision.decision === 'warn') {
|
|
79
|
+
return `WARN from AgentGuard (action: ${result.decision.actionId}, risk: ${result.decision.riskScore}/100, level: ${result.decision.riskLevel}, reasons: ${reasonCount}).`;
|
|
80
|
+
}
|
|
81
|
+
return 'ALLOW by AgentGuard.';
|
|
82
|
+
}
|
|
83
|
+
function exitCodeForDecision(decision) {
|
|
84
|
+
return decision.decision === 'block' || decision.decision === 'require_approval' ? 2 : 0;
|
|
85
|
+
}
|
|
86
|
+
function publicDecision(decision) {
|
|
87
|
+
return decision === 'require_approval' ? 'confirm' : decision;
|
|
88
|
+
}
|
|
89
|
+
function buildRuntimeAction(options) {
|
|
90
|
+
const raw = parseRawInput(options.rawInput, options.stdinText);
|
|
91
|
+
const envActionType = process.env.AGENTGUARD_ACTION_TYPE;
|
|
92
|
+
const envAgentHost = process.env.AGENTGUARD_AGENT_HOST;
|
|
93
|
+
const toolName = options.toolName || process.env.AGENTGUARD_TOOL_NAME || pickToolName(raw);
|
|
94
|
+
const actionType = options.actionType || envActionType || mapToolToRuntimeAction(toolName, raw);
|
|
95
|
+
return {
|
|
96
|
+
sessionId: options.sessionId || process.env.AGENTGUARD_SESSION_ID || pickSessionId(raw),
|
|
97
|
+
agentHost: options.agentHost || envAgentHost || 'claude-code',
|
|
98
|
+
actionType,
|
|
99
|
+
toolName,
|
|
100
|
+
input: process.env.TOOL_INPUT || pickInput(raw, actionType),
|
|
101
|
+
cwd: pickCwd(raw),
|
|
102
|
+
sourceSkill: pickSourceSkill(raw),
|
|
103
|
+
metadata: { rawProtocol: raw ? 'stdin-json' : 'env' },
|
|
104
|
+
};
|
|
105
|
+
}
|
|
106
|
+
function parseRawInput(rawInput, stdinText) {
|
|
107
|
+
if (rawInput && typeof rawInput === 'object')
|
|
108
|
+
return rawInput;
|
|
109
|
+
const text = stdinText?.trim();
|
|
110
|
+
if (!text)
|
|
111
|
+
return null;
|
|
112
|
+
try {
|
|
113
|
+
const parsed = JSON.parse(text);
|
|
114
|
+
return parsed && typeof parsed === 'object' ? parsed : null;
|
|
115
|
+
}
|
|
116
|
+
catch {
|
|
117
|
+
return { content: text };
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
function pickToolName(raw) {
|
|
121
|
+
if (!raw)
|
|
122
|
+
return 'Tool';
|
|
123
|
+
return String(raw.tool_name || raw.toolName || raw.name || 'Tool');
|
|
124
|
+
}
|
|
125
|
+
function mapToolToRuntimeAction(toolName, raw) {
|
|
126
|
+
const lower = toolName.toLowerCase();
|
|
127
|
+
if (toolName === 'Bash' || lower.includes('shell') || lower.includes('exec'))
|
|
128
|
+
return 'shell';
|
|
129
|
+
if (toolName === 'Read' || lower.includes('read'))
|
|
130
|
+
return 'file_read';
|
|
131
|
+
if (['Write', 'Edit', 'MultiEdit'].includes(toolName) || lower.includes('write'))
|
|
132
|
+
return 'file_write';
|
|
133
|
+
if (lower.includes('web') || lower.includes('browser'))
|
|
134
|
+
return 'network';
|
|
135
|
+
if (raw?.actionType && typeof raw.actionType === 'string')
|
|
136
|
+
return raw.actionType;
|
|
137
|
+
return 'other';
|
|
138
|
+
}
|
|
139
|
+
function pickInput(raw, actionType) {
|
|
140
|
+
if (!raw)
|
|
141
|
+
return '';
|
|
142
|
+
if (typeof raw.input === 'string')
|
|
143
|
+
return raw.input;
|
|
144
|
+
if (typeof raw.content === 'string')
|
|
145
|
+
return raw.content;
|
|
146
|
+
const toolInput = (raw.tool_input || raw.toolInput || raw.params);
|
|
147
|
+
if (toolInput && typeof toolInput === 'object') {
|
|
148
|
+
if (actionType === 'shell' && typeof toolInput.command === 'string')
|
|
149
|
+
return toolInput.command;
|
|
150
|
+
const filePath = toolInput.file_path || toolInput.path;
|
|
151
|
+
if ((actionType === 'file_read' || actionType === 'file_write') && typeof filePath === 'string')
|
|
152
|
+
return filePath;
|
|
153
|
+
const url = toolInput.url || toolInput.query;
|
|
154
|
+
if (typeof url === 'string')
|
|
155
|
+
return url;
|
|
156
|
+
return JSON.stringify(toolInput);
|
|
157
|
+
}
|
|
158
|
+
return JSON.stringify(raw);
|
|
159
|
+
}
|
|
160
|
+
function pickSessionId(raw) {
|
|
161
|
+
const sessionId = raw?.session_id || raw?.sessionId;
|
|
162
|
+
return typeof sessionId === 'string' ? sessionId : `sess_local_${Date.now()}`;
|
|
163
|
+
}
|
|
164
|
+
function pickCwd(raw) {
|
|
165
|
+
const value = raw?.cwd;
|
|
166
|
+
return typeof value === 'string' ? value : (0, node_process_1.cwd)();
|
|
167
|
+
}
|
|
168
|
+
function pickSourceSkill(raw) {
|
|
169
|
+
const value = raw?.sourceSkill || raw?.initiating_skill;
|
|
170
|
+
return typeof value === 'string' ? value : undefined;
|
|
171
|
+
}
|
|
172
|
+
//# sourceMappingURL=protect.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protect.js","sourceRoot":"","sources":["../../src/runtime/protect.ts"],"names":[],"mappings":";;AA0BA,sCAiDC;AAED,kDA0BC;AAED,kDAEC;AA3GD,+CAAmC;AACnC,kDAA2D;AAE3D,yCAAwE;AACxE,iDAAqD;AACrD,2CAAmD;AAqB5C,KAAK,UAAU,aAAa,CAAC,OAAuB;IACzD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,MAAM,IAAA,0BAAe,EAAC,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IACvH,CAAC;IAED,IAAI,QAAyB,CAAC;IAC9B,IAAI,YAA2C,CAAC;IAChD,IAAI,OAAO,CAAC,YAAY,KAAK,OAAO,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACzD,QAAQ,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC/C,YAAY,GAAG,gBAAgB,CAAC;IAClC,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,gCAAoB,EAAC;YACpD,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,eAAe;YACzC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC,CAAC,CAAC,SAAS;SAChF,CAAC,CAAC;QACH,QAAQ,GAAG,MAAM,IAAA,kCAAmB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACrD,YAAY,GAAG,MAAM,CAAC;IACxB,CAAC;IAED,MAAM,KAAK,GAAsB;QAC/B,GAAG,MAAM;QACT,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,aAAa,EAAE,QAAQ,CAAC,aAAa;QACrC,QAAQ,EAAE;YACR,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;YAC1B,UAAU,EAAE,YAAY,KAAK,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW;YACrE,YAAY;SACb;KACF,CAAC;IAEF,IAAA,wBAAa,EAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAE/C,IAAI,UAAqC,CAAC;IAC1C,IAAI,MAAM,CAAC,SAAS,IAAI,YAAY,KAAK,gBAAgB,EAAE,CAAC;QAC1D,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAA,qBAAU,EAAC,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;IACnG,CAAC;IACD,IAAI,MAAM,CAAC,SAAS,IAAI,QAAQ,CAAC,QAAQ,KAAK,kBAAkB,EAAE,CAAC;QACjE,UAAU,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IACpE,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,CAAC;AACvD,CAAC;AAED,SAAgB,mBAAmB,CAAC,MAAqB,EAAE,IAAI,GAAG,KAAK;IACrE,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,QAAQ,EAAE,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAClD,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YACvC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YAClC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS;YACpC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS;YACpC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO;YAChC,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;IACnD,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzC,OAAO,kCAAkC,MAAM,CAAC,QAAQ,CAAC,QAAQ,WAAW,MAAM,CAAC,QAAQ,CAAC,SAAS,gBAAgB,MAAM,CAAC,QAAQ,CAAC,SAAS,cAAc,WAAW,IAAI,CAAC;IAC9K,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,kBAAkB,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7E,OAAO,mCAAmC,QAAQ,WAAW,MAAM,CAAC,QAAQ,CAAC,QAAQ,WAAW,MAAM,CAAC,QAAQ,CAAC,SAAS,gBAAgB,MAAM,CAAC,QAAQ,CAAC,SAAS,cAAc,WAAW,IAAI,CAAC;IAClM,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxC,OAAO,iCAAiC,MAAM,CAAC,QAAQ,CAAC,QAAQ,WAAW,MAAM,CAAC,QAAQ,CAAC,SAAS,gBAAgB,MAAM,CAAC,QAAQ,CAAC,SAAS,cAAc,WAAW,IAAI,CAAC;IAC7K,CAAC;IACD,OAAO,sBAAsB,CAAC;AAChC,CAAC;AAED,SAAgB,mBAAmB,CAAC,QAAyB;IAC3D,OAAO,QAAQ,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,QAAQ,KAAK,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED,SAAS,cAAc,CAAC,QAAqC;IAC3D,OAAO,QAAQ,KAAK,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC;AAChE,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAuB;IACjD,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAuD,CAAC;IAC1F,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqD,CAAC;IACvF,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC;IAC3F,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,aAAa,IAAI,sBAAsB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAEhG,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,aAAa,CAAC,GAAG,CAAC;QACvF,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,YAAY,IAAI,aAAa;QAC7D,UAAU;QACV,QAAQ;QACR,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC;QAC3D,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC;QACjB,WAAW,EAAE,eAAe,CAAC,GAAG,CAAC;QACjC,QAAQ,EAAE,EAAE,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,EAAE;KACtD,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,QAAiB,EAAE,SAAkB;IAC1D,IAAI,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ;QAAE,OAAO,QAAmC,CAAC;IACzF,MAAM,IAAI,GAAG,SAAS,EAAE,IAAI,EAAE,CAAC;IAC/B,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAY,CAAC;QAC3C,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAiC,CAAC,CAAC,CAAC,IAAI,CAAC;IACzF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,GAAmC;IACvD,IAAI,CAAC,GAAG;QAAE,OAAO,MAAM,CAAC;IACxB,OAAO,MAAM,CAAC,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,IAAI,IAAI,MAAM,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB,EAAE,GAAmC;IACnF,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,IAAI,QAAQ,KAAK,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,OAAO,CAAC;IAC7F,IAAI,QAAQ,KAAK,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,WAAW,CAAC;IACtE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;QAAE,OAAO,YAAY,CAAC;IACtG,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IACzE,IAAI,GAAG,EAAE,UAAU,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC,UAA+B,CAAC;IACtG,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,SAAS,CAAC,GAAmC,EAAE,UAA6B;IACnF,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC,KAAK,CAAC;IACpD,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC,OAAO,CAAC;IACxD,MAAM,SAAS,GAAG,CAAC,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,MAAM,CAAwC,CAAC;IACzG,IAAI,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC/C,IAAI,UAAU,KAAK,OAAO,IAAI,OAAO,SAAS,CAAC,OAAO,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC,OAAO,CAAC;QAC9F,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC;QACvD,IAAI,CAAC,UAAU,KAAK,WAAW,IAAI,UAAU,KAAK,YAAY,CAAC,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAC;QACjH,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,IAAI,SAAS,CAAC,KAAK,CAAC;QAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,GAAG,CAAC;QACxC,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,aAAa,CAAC,GAAmC;IACxD,MAAM,SAAS,GAAG,GAAG,EAAE,UAAU,IAAI,GAAG,EAAE,SAAS,CAAC;IACpD,OAAO,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;AAChF,CAAC;AAED,SAAS,OAAO,CAAC,GAAmC;IAClD,MAAM,KAAK,GAAG,GAAG,EAAE,GAAG,CAAC;IACvB,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAA,kBAAG,GAAE,CAAC;AACnD,CAAC;AAED,SAAS,eAAe,CAAC,GAAmC;IAC1D,MAAM,KAAK,GAAG,GAAG,EAAE,WAAW,IAAI,GAAG,EAAE,gBAAgB,CAAC;IACxD,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACvD,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { PolicyReason } from './types.js';
|
|
2
|
+
export declare function redactText(value: unknown): string;
|
|
3
|
+
export declare function redactPreview(value: unknown, maxLength?: number): string;
|
|
4
|
+
export declare function redactReasons(reasons: PolicyReason[]): PolicyReason[];
|
|
5
|
+
export declare function redactMetadata(value: Record<string, unknown> | undefined, maxKeys?: number): Record<string, unknown>;
|
|
6
|
+
//# sourceMappingURL=redaction.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"redaction.d.ts","sourceRoot":"","sources":["../../src/runtime/redaction.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AA2B/C,wBAAgB,UAAU,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMjD;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,SAAS,SAAO,GAAG,MAAM,CAEtE;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,YAAY,EAAE,CASrE;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,EAC1C,OAAO,SAAK,GACX,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CASzB"}
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.redactText = redactText;
|
|
4
|
+
exports.redactPreview = redactPreview;
|
|
5
|
+
exports.redactReasons = redactReasons;
|
|
6
|
+
exports.redactMetadata = redactMetadata;
|
|
7
|
+
const REDACTED = '[REDACTED]';
|
|
8
|
+
const SECRET_VALUE_PATTERN = /(?:token|api[_-]?key|secret|password|passwd|authorization|access[_-]?key|client[_-]?secret)=([^&\s'"`]+)/gi;
|
|
9
|
+
const SENSITIVE_KEY_PATTERN = /(?:token|api[_-]?key|secret|password|passwd|authorization|access[_-]?key|client[_-]?secret|signature|sig)/i;
|
|
10
|
+
const REDACTION_PATTERNS = [
|
|
11
|
+
[/\bag_live_[A-Za-z0-9_-]{12,}\b/g, () => REDACTED],
|
|
12
|
+
[/\bsk-or-v1-[A-Za-z0-9_-]{12,}\b/g, () => REDACTED],
|
|
13
|
+
[/\bsk-[A-Za-z0-9_-]{12,}\b/g, () => REDACTED],
|
|
14
|
+
[/\bBearer\s+[A-Za-z0-9._~+/=-]{12,}\b/gi, () => `Bearer ${REDACTED}`],
|
|
15
|
+
[
|
|
16
|
+
/-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g,
|
|
17
|
+
() => REDACTED,
|
|
18
|
+
],
|
|
19
|
+
[
|
|
20
|
+
SECRET_VALUE_PATTERN,
|
|
21
|
+
(match) => {
|
|
22
|
+
const [key] = match.split('=');
|
|
23
|
+
return `${key}=${REDACTED}`;
|
|
24
|
+
},
|
|
25
|
+
],
|
|
26
|
+
];
|
|
27
|
+
function redactText(value) {
|
|
28
|
+
let redacted = String(value ?? '');
|
|
29
|
+
for (const [pattern, replacement] of REDACTION_PATTERNS) {
|
|
30
|
+
redacted = redacted.replace(pattern, replacement);
|
|
31
|
+
}
|
|
32
|
+
return redactUrlSecrets(redacted);
|
|
33
|
+
}
|
|
34
|
+
function redactPreview(value, maxLength = 2000) {
|
|
35
|
+
return redactText(value).slice(0, maxLength);
|
|
36
|
+
}
|
|
37
|
+
function redactReasons(reasons) {
|
|
38
|
+
return reasons.map((reason) => ({
|
|
39
|
+
...reason,
|
|
40
|
+
code: redactPreview(reason.code, 120),
|
|
41
|
+
title: redactPreview(reason.title, 240),
|
|
42
|
+
description: redactPreview(reason.description, 500),
|
|
43
|
+
evidence: reason.evidence ? redactPreview(reason.evidence, 240) : reason.evidence,
|
|
44
|
+
remediation: reason.remediation ? redactPreview(reason.remediation, 500) : reason.remediation,
|
|
45
|
+
}));
|
|
46
|
+
}
|
|
47
|
+
function redactMetadata(value, maxKeys = 25) {
|
|
48
|
+
if (!value)
|
|
49
|
+
return {};
|
|
50
|
+
const result = {};
|
|
51
|
+
for (const [key, item] of Object.entries(value).slice(0, maxKeys)) {
|
|
52
|
+
result[redactPreview(key, 120)] = SENSITIVE_KEY_PATTERN.test(key)
|
|
53
|
+
? REDACTED
|
|
54
|
+
: redactUnknown(item, 0);
|
|
55
|
+
}
|
|
56
|
+
return result;
|
|
57
|
+
}
|
|
58
|
+
function redactUnknown(value, depth) {
|
|
59
|
+
if (value === null || value === undefined)
|
|
60
|
+
return value;
|
|
61
|
+
if (typeof value === 'string')
|
|
62
|
+
return redactPreview(value, 500);
|
|
63
|
+
if (typeof value === 'number' || typeof value === 'boolean')
|
|
64
|
+
return value;
|
|
65
|
+
if (Array.isArray(value)) {
|
|
66
|
+
if (depth >= 2)
|
|
67
|
+
return '[REDACTED_OBJECT]';
|
|
68
|
+
return value.slice(0, 25).map((item) => redactUnknown(item, depth + 1));
|
|
69
|
+
}
|
|
70
|
+
if (typeof value === 'object') {
|
|
71
|
+
if (depth >= 2)
|
|
72
|
+
return '[REDACTED_OBJECT]';
|
|
73
|
+
const result = {};
|
|
74
|
+
for (const [key, item] of Object.entries(value).slice(0, 25)) {
|
|
75
|
+
result[redactPreview(key, 120)] = SENSITIVE_KEY_PATTERN.test(key)
|
|
76
|
+
? REDACTED
|
|
77
|
+
: redactUnknown(item, depth + 1);
|
|
78
|
+
}
|
|
79
|
+
return result;
|
|
80
|
+
}
|
|
81
|
+
return redactPreview(String(value), 500);
|
|
82
|
+
}
|
|
83
|
+
function redactUrlSecrets(value) {
|
|
84
|
+
return value.replace(/https?:\/\/[^\s'"`<>]+/gi, (rawUrl) => {
|
|
85
|
+
try {
|
|
86
|
+
const url = new URL(rawUrl);
|
|
87
|
+
for (const key of [...url.searchParams.keys()]) {
|
|
88
|
+
if (SENSITIVE_KEY_PATTERN.test(key)) {
|
|
89
|
+
url.searchParams.set(key, REDACTED);
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
if (url.username)
|
|
93
|
+
url.username = REDACTED;
|
|
94
|
+
if (url.password)
|
|
95
|
+
url.password = REDACTED;
|
|
96
|
+
return url.toString();
|
|
97
|
+
}
|
|
98
|
+
catch {
|
|
99
|
+
return rawUrl;
|
|
100
|
+
}
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
|
+
//# sourceMappingURL=redaction.js.map
|