@governed-ai/runtime 1.0.0

package/dist/src/tools/tool_guard.js

@@ -0,0 +1,226 @@
+const BULK_DATA_PATTERNS = [
+    /\ball\s+patients?\b/i,
+    /\bevery\s+(?:patient|record|user|account|client|claim)\b/i,
+    /\bbulk\s+(?:export|download|access|retrieve|fetch|query)\b/i,
+    /\bselect\s+\*\s+from\b/i,
+    /\bdump\s+(?:all|database|table|records)\b/i,
+    /\blist\s+all\s+(?:patients?|records?|users?|accounts?|clients?|claims?)\b/i,
+    /\bexport\s+(?:all|entire|full|complete)\b/i,
+];
+const SENSITIVE_FIELD_PATTERNS = [
+    /\bssn\b/i,
+    /\bsocial.?security\b/i,
+    /\bcredit.?card\b/i,
+    /\bbank.?account\b/i,
+    /\bpassword\b/i,
+    /\bsecret\b/i,
+    /\bprivate.?key\b/i,
+    /\baccess.?token\b/i,
+    /\bapi.?key\b/i,
+];
+const BLOCKED_TOOLS = new Set([
+    "database_drop",
+    "delete_all_records",
+    "truncate_table",
+    "raw_sql_execute",
+    "system_shell",
+    "file_system_write",
+    "admin_override",
+]);
+function containsPattern(value, patterns) {
+    for (const pattern of patterns) {
+        if (pattern.test(value)) {
+            return pattern;
+        }
+    }
+    return null;
+}
+function flattenParams(params) {
+    const values = [];
+    for (const [key, val] of Object.entries(params)) {
+        values.push(key);
+        if (typeof val === "string") {
+            values.push(val);
+        }
+        else if (Array.isArray(val)) {
+            for (const item of val) {
+                if (typeof item === "string") {
+                    values.push(item);
+                }
+                else if (item && typeof item === "object") {
+                    values.push(...flattenParams(item));
+                }
+            }
+        }
+        else if (val && typeof val === "object") {
+            values.push(...flattenParams(val));
+        }
+    }
+    return values;
+}
+function createDefaultRules() {
+    return [
+        {
+            id: "blocked_tool",
+            description: "Block tools that are explicitly forbidden",
+            severity: "critical",
+            check: (request) => {
+                if (BLOCKED_TOOLS.has(request.toolName)) {
+                    return {
+                        rule: "blocked_tool",
+                        severity: "critical",
+                        description: `Tool '${request.toolName}' is blocked by governance policy. Destructive or administrative tools are not permitted.`,
+                    };
+                }
+                return null;
+            },
+        },
+        {
+            id: "bulk_data_access",
+            description: "Prevent bulk or mass data access operations",
+            severity: "critical",
+            check: (request) => {
+                const paramValues = flattenParams(request.parameters);
+                for (const value of paramValues) {
+                    const match = containsPattern(value, BULK_DATA_PATTERNS);
+                    if (match) {
+                        return {
+                            rule: "bulk_data_access",
+                            severity: "critical",
+                            description: `Bulk data access detected in tool '${request.toolName}'. Mass data retrieval is not permitted. Specify a single entity.`,
+                        };
+                    }
+                }
+                return null;
+            },
+        },
+        {
+            id: "sensitive_field_access",
+            description: "Block access to sensitive personally identifiable fields",
+            severity: "critical",
+            check: (request) => {
+                const paramValues = flattenParams(request.parameters);
+                for (const value of paramValues) {
+                    const match = containsPattern(value, SENSITIVE_FIELD_PATTERNS);
+                    if (match) {
+                        return {
+                            rule: "sensitive_field_access",
+                            severity: "critical",
+                            description: `Sensitive field access detected in tool '${request.toolName}'. Access to personally identifiable or credential fields is not permitted.`,
+                        };
+                    }
+                }
+                return null;
+            },
+        },
+        {
+            id: "unauthorized_entity_retrieval",
+            description: "Block entity retrieval without a scoped identifier",
+            severity: "high",
+            check: (request) => {
+                const entityTools = ["get_patient", "get_client", "get_account", "get_user", "fetch_record", "retrieve_entity"];
+                if (!entityTools.includes(request.toolName)) {
+                    return null;
+                }
+                const hasId = request.parameters.id || request.parameters.entityId || request.parameters.patientId || request.parameters.clientId || request.parameters.accountId || request.parameters.userId;
+                if (!hasId) {
+                    return {
+                        rule: "unauthorized_entity_retrieval",
+                        severity: "high",
+                        description: `Tool '${request.toolName}' requires a scoped entity identifier. Unscoped entity retrieval is not permitted.`,
+                    };
+                }
+                return null;
+            },
+        },
+        {
+            id: "excessive_limit",
+            description: "Block queries requesting excessive record counts",
+            severity: "high",
+            check: (request) => {
+                const raw = request.parameters.limit ?? request.parameters.count ?? request.parameters.size ?? request.parameters.pageSize;
+                if (raw == null)
+                    return null;
+                const limit = typeof raw === "number" ? raw : Number(raw);
+                if (!Number.isNaN(limit) && limit > 100) {
+                    return {
+                        rule: "excessive_limit",
+                        severity: "high",
+                        description: `Tool '${request.toolName}' requested ${limit} records, exceeding the maximum of 100. Reduce the limit to prevent bulk data exposure.`,
+                    };
+                }
+                return null;
+            },
+        },
+        {
+            id: "cross_entity_access",
+            description: "Detect potential cross-entity data access in a single call",
+            severity: "high",
+            check: (request) => {
+                const idFields = ["patientId", "clientId", "accountId", "userId", "entityId"];
+                const ids = new Set();
+                for (const field of idFields) {
+                    const val = request.parameters[field];
+                    if (typeof val === "string" && val.length > 0) {
+                        ids.add(val);
+                    }
+                    if (Array.isArray(val)) {
+                        for (const item of val) {
+                            if (typeof item === "string" && item.length > 0) {
+                                ids.add(item);
+                            }
+                        }
+                    }
+                }
+                if (ids.size > 1) {
+                    return {
+                        rule: "cross_entity_access",
+                        severity: "high",
+                        description: `Tool '${request.toolName}' references multiple distinct entities. Cross-entity data access in a single call is not permitted.`,
+                    };
+                }
+                return null;
+            },
+        },
+    ];
+}
+export class ToolGuard {
+    rules = new Map();
+    constructor(rules) {
+        const activeRules = rules ?? createDefaultRules();
+        for (const rule of activeRules) {
+            this.rules.set(rule.id, rule);
+        }
+    }
+    evaluate(request) {
+        const violations = [];
+        for (const rule of this.rules.values()) {
+            const violation = rule.check(request);
+            if (violation) {
+                violations.push(violation);
+            }
+        }
+        const hasCritical = violations.some((v) => v.severity === "critical");
+        const hasHigh = violations.some((v) => v.severity === "high");
+        const blocked = hasCritical || hasHigh;
+        return {
+            allowed: !blocked,
+            blockedReason: blocked
+                ? violations.map((v) => v.description).join("; ")
+                : null,
+            violations,
+            toolName: request.toolName,
+            sanitizedParameters: blocked ? null : request.parameters,
+        };
+    }
+    addRule(rule) {
+        this.rules.set(rule.id, rule);
+    }
+    removeRule(ruleId) {
+        this.rules.delete(ruleId);
+    }
+    listRules() {
+        return [...this.rules.values()];
+    }
+}
+//# sourceMappingURL=tool_guard.js.map

package/dist/src/tools/tool_guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool_guard.js","sourceRoot":"","sources":["../../../src/tools/tool_guard.ts"],"names":[],"mappings":"AAmCA,MAAM,kBAAkB,GAAG;IACzB,sBAAsB;IACtB,2DAA2D;IAC3D,6DAA6D;IAC7D,yBAAyB;IACzB,4CAA4C;IAC5C,4EAA4E;IAC5E,4CAA4C;CAC7C,CAAC;AAEF,MAAM,wBAAwB,GAAG;IAC/B,UAAU;IACV,uBAAuB;IACvB,mBAAmB;IACnB,oBAAoB;IACpB,eAAe;IACf,aAAa;IACb,mBAAmB;IACnB,oBAAoB;IACpB,eAAe;CAChB,CAAC;AAEF,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,eAAe;IACf,oBAAoB;IACpB,gBAAgB;IAChB,iBAAiB;IACjB,cAAc;IACd,mBAAmB;IACnB,gBAAgB;CACjB,CAAC,CAAC;AAEH,SAAS,eAAe,CAAC,KAAa,EAAE,QAAkB;IACxD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,MAA2B;IAChD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;gBACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,CAAC;qBAAM,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC5C,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO;QACL;YACE,EAAE,EAAE,cAAc;YAClB,WAAW,EAAE,2CAA2C;YACxD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,IAAI,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACxC,OAAO;wBACL,IAAI,EAAE,cAAc;wBACpB,QAAQ,EAAE,UAAU;wBACpB,WAAW,EAAE,SAAS,OAAO,CAAC,QAAQ,2FAA2F;qBAClI,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;QACD;YACE,EAAE,EAAE,kBAAkB;YACtB,WAAW,EAAE,6CAA6C;YAC1D,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBACtD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;oBAChC,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;oBACzD,IAAI,KAAK,EAAE,CAAC;wBACV,OAAO;4BACL,IAAI,EAAE,kBAAkB;4BACxB,QAAQ,EAAE,UAAU;4BACpB,WAAW,EAAE,sCAAsC,OAAO,CAAC,QAAQ,mEAAmE;yBACvI,CAAC;oBACJ,CAAC;gBACH,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;QACD;YACE,EAAE,EAAE,wBAAwB;YAC5B,WAAW,EAAE,0DAA0D;YACvE,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBACtD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;oBAChC,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,EAAE,wBAAwB,CAAC,CAAC;oBAC/D,IAAI,KAAK,EAAE,CAAC;wBACV,OAAO;4BACL,IAAI,EAAE,wBAAwB;4BAC9B,QAAQ,EAAE,UAAU;4BACpB,WAAW,EAAE,4CAA4C,OAAO,CAAC,QAAQ,6EAA6E;yBACvJ,CAAC;oBACJ,CAAC;gBACH,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;QACD;YACE,EAAE,EAAE,+BAA+B;YACnC,WAAW,EAAE,oDAAoD;YACjE,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,MAAM,WAAW,GAAG,CAAC,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,cAAc,EAAE,iBAAiB,CAAC,CAAC;gBAChH,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC5C,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,EAAE,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;gBAC/L,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO;wBACL,IAAI,EAAE,+BAA+B;wBACrC,QAAQ,EAAE,MAAM;wBAChB,WAAW,EAAE,SAAS,OAAO,CAAC,QAAQ,oFAAoF;qBAC3H,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;QACD;YACE,EAAE,EAAE,iBAAiB;YACrB,WAAW,EAAE,kDAAkD;YAC/D,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,IAAI,OAAO,CAAC,UAAU,CAAC,KAAK,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAC3H,IAAI,GAAG,IAAI,IAAI;oBAAE,OAAO,IAAI,CAAC;gBAC7B,MAAM,KAAK,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC1D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;oBACxC,OAAO;wBACL,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,MAAM;wBAChB,WAAW,EAAE,SAAS,OAAO,CAAC,QAAQ,eAAe,KAAK,yFAAyF;qBACpJ,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;QACD;YACE,EAAE,EAAE,qBAAqB;YACzB,WAAW,EAAE,4DAA4D;YACzE,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,OAAoB,EAAwB,EAAE;gBACpD,MAAM,QAAQ,GAAG,CAAC,WAAW,EAAE,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;gBAC9E,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;gBAC9B,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;oBAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;oBACtC,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC9C,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBACf,CAAC;oBACD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;wBACvB,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;4BACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAChD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;4BAChB,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;oBACjB,OAAO;wBACL,IAAI,EAAE,qBAAqB;wBAC3B,QAAQ,EAAE,MAAM;wBAChB,WAAW,EAAE,SAAS,OAAO,CAAC,QAAQ,sGAAsG;qBAC7I,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAM,OAAO,SAAS;IACZ,KAAK,GAAgC,IAAI,GAAG,EAAE,CAAC;IAEvD,YAAY,KAAwB;QAClC,MAAM,WAAW,GAAG,KAAK,IAAI,kBAAkB,EAAE,CAAC;QAClD,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,QAAQ,CAAC,OAAoB;QAC3B,MAAM,UAAU,GAAoB,EAAE,CAAC;QAEvC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YACvC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACtC,IAAI,SAAS,EAAE,CAAC;gBACd,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,WAAW,IAAI,OAAO,CAAC;QAEvC,OAAO;YACL,OAAO,EAAE,CAAC,OAAO;YACjB,aAAa,EAAE,OAAO;gBACpB,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;gBACjD,CAAC,CAAC,IAAI;YACR,UAAU;YACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,mBAAmB,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU;SACzD,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,IAAoB;QAC1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,UAAU,CAAC,MAAc;QACvB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC;IAED,SAAS;QACP,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAClC,CAAC;CACF"}

package/dist/src/types/index.d.ts

@@ -0,0 +1,65 @@
+import type { QueryClassification } from "../classification/query_classifier";
+import type { PreInteractionResult } from "../gateway/pre_interaction_governance";
+import type { PostInteractionResult, Violation } from "../reasoning/reasoning_validator";
+import type { TraceValidationResult } from "../reasoning/trace_validator";
+import type { NormalizedResponse } from "../normalization/response_normalizer";
+import type { ToolGuardResult } from "../tools/tool_guard";
+export interface GovernanceLLMResult {
+    response: string;
+    confidence: number;
+    reasoning: string;
+    evidence: string[];
+    missingData: string[];
+    confidenceLabel: string;
+}
+export interface GovernanceRetrievalContext {
+    patientId: string | null;
+    patientName: string | null;
+    biomarkerData: Array<{
+        biomarkerId: string;
+        value: number;
+        unit?: string;
+        sourceDocumentId?: string;
+        name?: string;
+    }>;
+    documents: Array<{
+        documentId: string;
+        reportDate?: string;
+        rawText?: string;
+    }>;
+    extractedData?: any;
+    retrievalConfidence: number;
+}
+export interface GovernanceToolCall {
+    toolName: string;
+    parameters: Record<string, any>;
+}
+export interface GovernanceContext {
+    sessionPatientId: string | null;
+    retrievalContext?: GovernanceRetrievalContext;
+    reasoningMode?: string;
+    isRefinement?: boolean;
+    previousResponse?: string | null;
+    conversationSummary?: string | null;
+    activeTopic?: string | null;
+    patientSnapshotSummary?: string | null;
+    toolCalls?: GovernanceToolCall[];
+}
+export type GovernanceLLMCall = (query: string, context: GovernanceContext) => Promise<GovernanceLLMResult>;
+export interface GovernanceResult {
+    finalResponse: string;
+    blocked: boolean;
+    blockedStage: "pre_interaction" | "post_interaction" | "tool_guard" | "trace_validation" | null;
+    blockedReason: string | null;
+    classification: QueryClassification;
+    preInteraction: PreInteractionResult;
+    postInteraction: PostInteractionResult | null;
+    normalization: NormalizedResponse | null;
+    violations: Violation[];
+    llmCalled: boolean;
+    domain: string;
+    sessionId: string | null;
+    toolGuardResults: ToolGuardResult[];
+    traceValidation: TraceValidationResult | null;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/src/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAC9E,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAClF,OAAO,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,kCAAkC,CAAC;AACzF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC/E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,0BAA0B;IACzC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,aAAa,EAAE,KAAK,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC,CAAC;IACH,SAAS,EAAE,KAAK,CAAC;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC,CAAC;IACH,aAAa,CAAC,EAAE,GAAG,CAAC;IACpB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,iBAAiB;IAChC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,gBAAgB,CAAC,EAAE,0BAA0B,CAAC;IAC9C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,mBAAmB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,sBAAsB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvC,SAAS,CAAC,EAAE,kBAAkB,EAAE,CAAC;CAClC;AAED,MAAM,MAAM,iBAAiB,GAAG,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,iBAAiB,KACvB,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,iBAAiB,GAAG,kBAAkB,GAAG,YAAY,GAAG,kBAAkB,GAAG,IAAI,CAAC;IAChG,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,EAAE,mBAAmB,CAAC;IACpC,cAAc,EAAE,oBAAoB,CAAC;IACrC,eAAe,EAAE,qBAAqB,GAAG,IAAI,CAAC;IAC9C,aAAa,EAAE,kBAAkB,GAAG,IAAI,CAAC;IACzC,UAAU,EAAE,SAAS,EAAE,CAAC;IACxB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,eAAe,EAAE,qBAAqB,GAAG,IAAI,CAAC;CAC/C"}

package/dist/src/types/index.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.js.map

package/dist/src/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/types/index.ts"],"names":[],"mappings":""}

package/domains/finance/policy.yaml

@@ -0,0 +1,85 @@
+domain: finance
+version: "1.0"
+
+blocked_query_types:
+  investment_advice:
+    action: block
+    response: >-
+      I cannot provide specific investment advice or recommend buying, selling,
+      or holding any financial instruments. Investment decisions should be made
+      in consultation with a licensed financial advisor who understands your
+      complete financial situation and risk tolerance.
+
+  tax_advice:
+    action: block
+    response: >-
+      I cannot provide tax advice or guidance on tax filings, deductions, or
+      strategies. Tax matters require the expertise of a licensed tax
+      professional or certified public accountant who can evaluate your specific
+      circumstances.
+
+  account_fraud:
+    action: block
+    response: >-
+      I cannot assist with any activity that could constitute fraud, including
+      misrepresentation of financial information, unauthorized account access,
+      or manipulation of financial records.
+
+  privacy_request:
+    action: block
+    response: >-
+      I cannot disclose information about other account holders or their
+      financial data. Account privacy is protected under strict regulatory
+      policies. Please reference only your own account.
+
+  safety_override:
+    action: block
+    response: >-
+      It is not possible to bypass or override compliance rules and governance
+      constraints. These safeguards exist to protect financial integrity and
+      regulatory compliance.
+
+  regulatory_violation:
+    action: block
+    response: >-
+      I cannot assist with any action that would violate financial regulations,
+      including but not limited to insider trading, money laundering, or
+      circumventing know-your-customer requirements.
+
+privacy_rules:
+  - id: no_cross_account_access
+    description: Prevent access to another account holder's financial data
+    severity: critical
+
+  - id: no_bulk_account_disclosure
+    description: Prevent bulk disclosure of account information
+    severity: critical
+
+  - id: require_account_identity
+    description: Require a verified account identity before returning financial data
+    severity: high
+
+  - id: no_raw_identifier_exposure
+    description: Do not expose internal account numbers or routing numbers in responses
+    severity: high
+
+safety_rules:
+  - id: no_investment_recommendations
+    description: System must not recommend specific investments or trades
+    severity: critical
+
+  - id: no_tax_guidance
+    description: System must not provide specific tax filing advice
+    severity: critical
+
+  - id: no_compliance_bypass
+    description: Reject any attempt to override regulatory compliance safeguards
+    severity: critical
+
+  - id: require_advisor_caveat
+    description: Include a financial-advisor consultation caveat in advisory responses
+    severity: high
+
+  - id: flag_low_confidence
+    description: Flag responses with low data confidence so the user is aware of limitations
+    severity: medium

package/domains/health/policy.yaml

@@ -0,0 +1,95 @@
+domain: health
+version: "1.0"
+
+blocked_query_types:
+  diagnosis_request:
+    action: block
+    response: >-
+      I cannot provide medical diagnoses. It is not possible for this system
+      to diagnose conditions. Diagnosis requires clinical examination,
+      comprehensive testing, and professional medical judgment. Please consult
+      your healthcare provider or doctor for diagnostic evaluation.
+
+  medication_advice:
+    action: block
+    response: >-
+      I cannot provide medication advice, including recommendations to start,
+      stop, or change medications. Medication decisions should only be made by
+      your prescribing physician or healthcare provider. Please consult your
+      doctor based on your complete medical history.
+
+  population_query:
+    action: block
+    response: >-
+      I cannot provide information about multiple patients or patient
+      populations. For privacy and security reasons, patient data is protected
+      and not authorized for bulk access. Please specify a specific patient to
+      discuss their individual data.
+
+  privacy_request:
+    action: block
+    response: >-
+      I cannot disclose information about all patients or their conditions.
+      Patient privacy is protected under strict authorization policies. This
+      system is not authorized to share data about multiple patients. Please
+      specify a specific individual patient.
+
+  safety_override:
+    action: block
+    response: >-
+      It is not possible to bypass or override safety rules and governance
+      constraints. I am unable to ignore safety protocols. These safeguards
+      exist to protect patient safety. For any diagnosis or medical decisions,
+      please consult your healthcare provider.
+
+  ethical_violation:
+    action: block
+    response: >-
+      I cannot hide, suppress, or remove medical findings from reports. This
+      is not possible and would be an ethical violation. It is my obligation to
+      maintain data integrity and transparency. All clinically relevant data,
+      including abnormal results, must remain transparent and accessible for
+      proper patient care. I refuse to comply with this request as it is
+      inappropriate.
+
+privacy_rules:
+  - id: no_bulk_patient_access
+    description: Prevent access to multiple patient records in a single query
+    severity: critical
+
+  - id: no_cross_patient_data
+    description: Prevent leaking data from one patient into another patient's session
+    severity: critical
+
+  - id: require_patient_identity
+    description: Require a resolved patient identity before returning clinical data
+    severity: high
+
+  - id: no_raw_identifier_exposure
+    description: Do not expose internal database IDs or raw identifiers in responses
+    severity: medium
+
+safety_rules:
+  - id: no_diagnosis
+    description: System must not produce or confirm clinical diagnoses
+    severity: critical
+
+  - id: no_prescriptions
+    description: System must not recommend starting, stopping, or changing medications
+    severity: critical
+
+  - id: no_safety_bypass
+    description: Reject any attempt to override or disable governance safeguards
+    severity: critical
+
+  - id: no_data_suppression
+    description: Do not hide, suppress, or remove clinically relevant findings
+    severity: critical
+
+  - id: require_consultation_caveat
+    description: Include a healthcare-provider consultation caveat in clinical responses
+    severity: high
+
+  - id: flag_low_confidence
+    description: Flag responses with low retrieval confidence so the user is aware of data limitations
+    severity: medium

package/domains/insurance/policy.yaml

@@ -0,0 +1,88 @@
+domain: insurance
+version: "1.0"
+
+blocked_query_types:
+  claims_adjudication:
+    action: block
+    response: >-
+      I cannot adjudicate or approve insurance claims. Claims decisions require
+      review by a licensed claims adjuster who can assess the full documentation,
+      policy terms, and applicable regulations.
+
+  coverage_determination:
+    action: block
+    response: >-
+      I cannot make binding coverage determinations. Coverage decisions depend
+      on your specific policy terms, exclusions, and applicable state
+      regulations. Please contact your insurance representative for an official
+      coverage determination.
+
+  privacy_request:
+    action: block
+    response: >-
+      I cannot disclose information about other policyholders or their claims.
+      Policyholder privacy is protected under strict regulatory and contractual
+      obligations.
+
+  safety_override:
+    action: block
+    response: >-
+      It is not possible to bypass or override compliance rules and governance
+      constraints. These safeguards exist to protect policyholder rights and
+      regulatory compliance.
+
+  fraudulent_claim:
+    action: block
+    response: >-
+      I cannot assist with submitting false or misleading claim information.
+      Insurance fraud is a serious offense with legal consequences. All claim
+      information must be truthful and accurately documented.
+
+  regulatory_violation:
+    action: block
+    response: >-
+      I cannot assist with any action that would violate insurance regulations,
+      including unfair claims practices, discriminatory underwriting, or
+      misrepresentation of policy terms.
+
+privacy_rules:
+  - id: no_cross_policyholder_access
+    description: Prevent access to another policyholder's claims or policy data
+    severity: critical
+
+  - id: no_bulk_policyholder_disclosure
+    description: Prevent bulk disclosure of policyholder information
+    severity: critical
+
+  - id: require_policyholder_identity
+    description: Require a verified policyholder identity before returning policy or claims data
+    severity: high
+
+  - id: no_raw_identifier_exposure
+    description: Do not expose internal policy numbers or claim IDs in responses
+    severity: medium
+
+safety_rules:
+  - id: no_claims_adjudication
+    description: System must not approve or deny insurance claims
+    severity: critical
+
+  - id: no_coverage_binding
+    description: System must not make binding coverage determinations
+    severity: critical
+
+  - id: no_compliance_bypass
+    description: Reject any attempt to override regulatory compliance safeguards
+    severity: critical
+
+  - id: no_fraud_assistance
+    description: Refuse any request that could facilitate insurance fraud
+    severity: critical
+
+  - id: require_representative_caveat
+    description: Include an insurance-representative consultation caveat in policy responses
+    severity: high
+
+  - id: flag_low_confidence
+    description: Flag responses with low data confidence so the user is aware of limitations
+    severity: medium

package/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "@governed-ai/runtime",
+  "version": "1.0.0",
+  "description": "Agent-agnostic governance middleware for AI applications. Provides classification, pre/post-interaction governance, tool guarding, trace validation, telemetry, and certification.",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./sdk": {
+      "types": "./dist/sdk/governance.d.ts",
+      "import": "./dist/sdk/governance.js"
+    },
+    "./orchestrator": {
+      "types": "./dist/src/orchestrator.d.ts",
+      "import": "./dist/src/orchestrator.js"
+    },
+    "./domains": {
+      "types": "./dist/domains/registry.d.ts",
+      "import": "./dist/domains/registry.js"
+    }
+  },
+  "files": [
+    "dist/",
+    "domains/**/*.yaml"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json && node scripts/fix-esm-imports.cjs && node -e \"const fs=require('fs');const path=require('path');function copyYaml(src,dest){const entries=fs.readdirSync(src,{withFileTypes:true});for(const e of entries){const s=path.join(src,e.name);const d=path.join(dest,e.name);if(e.isDirectory()){fs.mkdirSync(d,{recursive:true});copyYaml(s,d)}else if(e.name.endsWith('.yaml')){fs.copyFileSync(s,d)}}};copyYaml('domains','dist/domains')\"",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "governance",
+    "ai",
+    "safety",
+    "compliance",
+    "middleware",
+    "agent",
+    "llm",
+    "health",
+    "finance",
+    "insurance"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "yaml": "^2.0.0"
+  },
+  "peerDependencies": {
+    "express": ">=4.0.0"
+  },
+  "peerDependenciesMeta": {
+    "express": {
+      "optional": true
+    }
+  }
+}