@grc-claw/openapi-generator 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/OpenAPIGenerator.d.ts +14 -0
  2. package/dist/OpenAPIGenerator.d.ts.map +1 -0
  3. package/dist/OpenAPIGenerator.js +1188 -0
  4. package/dist/OpenAPIGenerator.js.map +1 -0
  5. package/dist/index.d.ts +3 -0
  6. package/dist/index.d.ts.map +1 -0
  7. package/dist/index.js +2 -0
  8. package/dist/index.js.map +1 -0
  9. package/dist/types.d.ts +58 -0
  10. package/dist/types.d.ts.map +1 -0
  11. package/dist/types.js +2 -0
  12. package/dist/types.js.map +1 -0
  13. package/package.json +29 -0
package/dist/OpenAPIGenerator.js ADDED
@@ -0,0 +1,1188 @@
1
+ const DEFAULT_CONFIG = {
2
+ title: 'GRC_Claw Gateway API',
3
+ version: '1.0.0',
4
+ description: 'GRC_Claw supervised control-plane gateway — ISO 42001-compliant agentic AI chassis for GRC, compliance automation, and security operations',
5
+ baseUrl: 'http://localhost:3000',
6
+ };
7
+ function yamlEscape(s) {
8
+ if (s.includes(':') || s.includes('#') || s.includes("'") || s.includes('"') || s.includes('\n') || s.startsWith(' ') || s.endsWith(' ')) {
9
+ return `"${s.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
10
+ }
11
+ return s;
12
+ }
13
+ function buildSchema(type, description) {
14
+ const schema = { type };
15
+ if (description)
16
+ schema['description'] = description;
17
+ return schema;
18
+ }
19
+ function buildOkResponse(schema) {
20
+ return {
21
+ description: 'Successful response',
22
+ content: {
23
+ 'application/json': {
24
+ schema: schema ?? {
25
+ type: 'object',
26
+ properties: {
27
+ ok: { type: 'boolean' },
28
+ },
29
+ },
30
+ },
31
+ },
32
+ };
33
+ }
34
+ function buildErrorResponse() {
35
+ return {
36
+ description: 'Error response',
37
+ content: {
38
+ 'application/json': {
39
+ schema: {
40
+ type: 'object',
41
+ properties: {
42
+ error: { type: 'string' },
43
+ },
44
+ },
45
+ },
46
+ },
47
+ };
48
+ }
49
+ function buildAuthResponse() {
50
+ return {
51
+ description: 'Unauthorized',
52
+ content: {
53
+ 'application/json': {
54
+ schema: {
55
+ type: 'object',
56
+ properties: {
57
+ error: { type: 'string', example: 'unauthorized' },
58
+ },
59
+ },
60
+ },
61
+ },
62
+ };
63
+ }
64
+ function buildSecurity(authenticated) {
65
+ return authenticated ? [{ BearerAuth: [] }] : undefined;
66
+ }
67
+ export class OpenAPIGenerator {
68
+ config;
69
+ endpoints = [];
70
+ constructor(config) {
71
+ this.config = { ...DEFAULT_CONFIG, ...config };
72
+ }
73
+ addEndpoint(endpoint) {
74
+ this.endpoints.push(endpoint);
75
+ }
76
+ addEndpoints(endpoints) {
77
+ this.endpoints.push(...endpoints);
78
+ }
79
+ generate() {
80
+ const paths = {};
81
+ const tagsSet = new Set();
82
+ for (const endpoint of this.endpoints) {
83
+ const pathKey = endpoint.path;
84
+ if (!paths[pathKey])
85
+ paths[pathKey] = {};
86
+ const responses = {};
87
+ for (const [code, resp] of Object.entries(endpoint.responses)) {
88
+ const respObj = resp;
89
+ responses[code] = {
90
+ description: respObj.description,
91
+ content: respObj.contentType
92
+ ? { [respObj.contentType]: { schema: respObj.schema ?? {} } }
93
+ : undefined,
94
+ };
95
+ }
96
+ const parameters = [];
97
+ if (endpoint.queryParams) {
98
+ for (const param of endpoint.queryParams) {
99
+ parameters.push({
100
+ name: param.name,
101
+ in: param.in,
102
+ required: param.required,
103
+ schema: param.schema,
104
+ description: param.description,
105
+ });
106
+ }
107
+ }
108
+ const operation = {
109
+ summary: endpoint.summary,
110
+ description: endpoint.description,
111
+ operationId: endpoint.operationId,
112
+ tags: endpoint.tags,
113
+ security: buildSecurity(endpoint.authenticated),
114
+ responses,
115
+ };
116
+ if (parameters.length > 0)
117
+ operation['parameters'] = parameters;
118
+ if (endpoint.requestBody) {
119
+ operation['requestBody'] = {
120
+ required: true,
121
+ content: {
122
+ [endpoint.requestBody.contentType]: {
123
+ schema: endpoint.requestBody.schema,
124
+ },
125
+ },
126
+ };
127
+ }
128
+ paths[pathKey][endpoint.method.toLowerCase()] = operation;
129
+ for (const tag of endpoint.tags)
130
+ tagsSet.add(tag);
131
+ }
132
+ const tags = [...tagsSet].map((name) => ({
133
+ name,
134
+ description: `${name} endpoints for GRC_Claw Gateway`,
135
+ }));
136
+ return {
137
+ openapi: '3.0.3',
138
+ info: {
139
+ title: this.config.title,
140
+ version: this.config.version,
141
+ description: this.config.description,
142
+ license: { name: 'MIT', url: 'https://opensource.org/licenses/MIT' },
143
+ },
144
+ servers: [
145
+ { url: this.config.baseUrl, description: 'GRC_Claw Gateway' },
146
+ ],
147
+ paths,
148
+ components: {
149
+ securitySchemes: {
150
+ BearerAuth: {
151
+ type: 'http',
152
+ scheme: 'bearer',
153
+ bearerFormat: 'API Token',
154
+ description: 'GRC_Claw gateway token — pass via Authorization: Bearer <token> or X-GRC-Claw-Token header',
155
+ },
156
+ },
157
+ schemas: {},
158
+ },
159
+ tags,
160
+ };
161
+ }
162
+ toJson() {
163
+ return JSON.stringify(this.generate(), null, 2);
164
+ }
165
+ toYaml() {
166
+ const spec = this.generate();
167
+ return this.specToYaml(spec, 0);
168
+ }
169
+ specToYaml(obj, indent) {
170
+ const pad = ' '.repeat(indent);
171
+ if (obj === null || obj === undefined)
172
+ return 'null';
173
+ if (typeof obj === 'boolean')
174
+ return String(obj);
175
+ if (typeof obj === 'number')
176
+ return String(obj);
177
+ if (typeof obj === 'string')
178
+ return yamlEscape(obj);
179
+ if (Array.isArray(obj)) {
180
+ if (obj.length === 0)
181
+ return '[]';
182
+ const items = obj.map((item) => {
183
+ const yaml = this.specToYaml(item, indent + 1);
184
+ if (typeof item === 'object' && item !== null && !Array.isArray(item)) {
185
+ const firstLine = yaml.split('\n')[0];
186
+ const rest = yaml.split('\n').slice(1).join('\n');
187
+ return `${pad}- ${firstLine.trimStart()}\n${rest}`;
188
+ }
189
+ return `${pad}- ${yaml}`;
190
+ });
191
+ return items.join('\n');
192
+ }
193
+ if (typeof obj === 'object') {
194
+ const entries = Object.entries(obj);
195
+ if (entries.length === 0)
196
+ return '{}';
197
+ const lines = entries.map(([key, value]) => {
198
+ const yamlValue = this.specToYaml(value, indent + 1);
199
+ if (typeof value === 'object' && value !== null) {
200
+ if (Array.isArray(value) && value.length > 0) {
201
+ return `${pad}${yamlEscape(key)}:\n${yamlValue}`;
202
+ }
203
+ if (!Array.isArray(value) && Object.keys(value).length > 0) {
204
+ return `${pad}${yamlEscape(key)}:\n${yamlValue}`;
205
+ }
206
+ return `${pad}${yamlEscape(key)}: ${yamlValue}`;
207
+ }
208
+ return `${pad}${yamlEscape(key)}: ${yamlValue}`;
209
+ });
210
+ return lines.join('\n');
211
+ }
212
+ return String(obj);
213
+ }
214
+ static buildGatewayEndpoints() {
215
+ return [
216
+ {
217
+ path: '/health',
218
+ method: 'GET',
219
+ summary: 'Health check',
220
+ description: 'Returns gateway health status, connected services, and configuration',
221
+ tags: ['System'],
222
+ operationId: 'getHealth',
223
+ authenticated: false,
224
+ responses: {
225
+ '200': { description: 'Gateway is healthy', contentType: 'application/json' },
226
+ },
227
+ },
228
+ {
229
+ path: '/metrics',
230
+ method: 'GET',
231
+ summary: 'Prometheus metrics',
232
+ description: 'Returns gateway metrics in Prometheus exposition format',
233
+ tags: ['System'],
234
+ operationId: 'getMetrics',
235
+ authenticated: false,
236
+ responses: {
237
+ '200': { description: 'Metrics in Prometheus format', contentType: 'text/plain' },
238
+ },
239
+ },
240
+ {
241
+ path: '/api/frameworks',
242
+ method: 'GET',
243
+ summary: 'List framework packs',
244
+ description: 'Returns all available compliance framework packs and their controls',
245
+ tags: ['Frameworks'],
246
+ operationId: 'listFrameworks',
247
+ authenticated: false,
248
+ responses: {
249
+ '200': { description: 'Framework packs', contentType: 'application/json' },
250
+ },
251
+ },
252
+ {
253
+ path: '/api/aims/vendor-gaps',
254
+ method: 'GET',
255
+ summary: 'AI vendor gaps',
256
+ description: 'Returns AIMS vendor gap analysis for AI providers (Anthropic, OpenAI, Cursor, OpenClaw)',
257
+ tags: ['AIMS'],
258
+ operationId: 'getVendorGaps',
259
+ authenticated: false,
260
+ queryParams: [
261
+ { name: 'vendor', in: 'query', required: false, schema: { type: 'string', enum: ['anthropic', 'openai', 'cursor', 'openclaw'] }, description: 'Filter by vendor ID' },
262
+ ],
263
+ responses: {
264
+ '200': { description: 'Vendor gap summary', contentType: 'application/json' },
265
+ },
266
+ },
267
+ {
268
+ path: '/api/aims/technical-controls',
269
+ method: 'GET',
270
+ summary: 'Technical controls',
271
+ description: 'Returns AIMS scope template, clause map, and technical controls',
272
+ tags: ['AIMS'],
273
+ operationId: 'getTechnicalControls',
274
+ authenticated: false,
275
+ responses: {
276
+ '200': { description: 'AIMS technical controls', contentType: 'application/json' },
277
+ },
278
+ },
279
+ {
280
+ path: '/api/agent/invoke',
281
+ method: 'POST',
282
+ summary: 'Invoke agent tool',
283
+ description: 'Invoke a tool via the agent session with assurance envelope, idempotency, and audit trail',
284
+ tags: ['Agent'],
285
+ operationId: 'invokeAgentTool',
286
+ authenticated: true,
287
+ requestBody: {
288
+ contentType: 'application/json',
289
+ schema: {
290
+ type: 'object',
291
+ required: ['tool'],
292
+ properties: {
293
+ tool: { type: 'string', description: 'Tool name to invoke' },
294
+ args: { type: 'object', description: 'Tool arguments' },
295
+ sessionId: { type: 'string', description: 'Session identifier' },
296
+ agentId: { type: 'string', description: 'Agent DID or identifier' },
297
+ idempotencyKey: { type: 'string', description: 'Idempotency key' },
298
+ approvalToken: { type: 'string', description: 'Approval token for destructive actions' },
299
+ tenantId: { type: 'number', description: 'Tenant ID' },
300
+ },
301
+ },
302
+ },
303
+ responses: {
304
+ '200': { description: 'Tool execution result', contentType: 'application/json' },
305
+ '401': { description: 'Unauthorized', contentType: 'application/json' },
306
+ '403': { description: 'Tool denied by policy', contentType: 'application/json' },
307
+ },
308
+ },
309
+ {
310
+ path: '/api/skills',
311
+ method: 'GET',
312
+ summary: 'List skills',
313
+ description: 'Returns all registered GRC_Claw skills',
314
+ tags: ['Skills'],
315
+ operationId: 'listSkills',
316
+ authenticated: false,
317
+ responses: {
318
+ '200': { description: 'Skill catalog', contentType: 'application/json' },
319
+ },
320
+ },
321
+ {
322
+ path: '/api/skills/{skillId}',
323
+ method: 'GET',
324
+ summary: 'Get skill detail',
325
+ description: 'Returns details for a specific skill by ID',
326
+ tags: ['Skills'],
327
+ operationId: 'getSkill',
328
+ authenticated: false,
329
+ responses: {
330
+ '200': { description: 'Skill details', contentType: 'application/json' },
331
+ '404': { description: 'Skill not found', contentType: 'application/json' },
332
+ },
333
+ },
334
+ {
335
+ path: '/api/skills/run',
336
+ method: 'POST',
337
+ summary: 'Run a skill',
338
+ description: 'Execute a skill with a given task via the Claw dispatch context',
339
+ tags: ['Skills'],
340
+ operationId: 'runSkill',
341
+ authenticated: true,
342
+ requestBody: {
343
+ contentType: 'application/json',
344
+ schema: {
345
+ type: 'object',
346
+ required: ['skillId', 'task'],
347
+ properties: {
348
+ skillId: { type: 'string' },
349
+ task: { type: 'string' },
350
+ sessionId: { type: 'string' },
351
+ llmProviderId: { type: 'string' },
352
+ maxSteps: { type: 'number' },
353
+ readOnlyTools: { type: 'boolean' },
354
+ idempotencyKey: { type: 'string' },
355
+ },
356
+ },
357
+ },
358
+ responses: {
359
+ '200': { description: 'Skill execution result', contentType: 'application/json' },
360
+ '403': { description: 'Skill denied', contentType: 'application/json' },
361
+ },
362
+ },
363
+ {
364
+ path: '/api/action-ledger',
365
+ method: 'GET',
366
+ summary: 'Action ledger',
367
+ description: 'Returns the action ledger events with integrity verification',
368
+ tags: ['Audit'],
369
+ operationId: 'getActionLedger',
370
+ authenticated: true,
371
+ queryParams: [
372
+ { name: 'limit', in: 'query', required: false, schema: { type: 'integer', default: 100 } },
373
+ ],
374
+ responses: {
375
+ '200': { description: 'Ledger events', contentType: 'application/json' },
376
+ },
377
+ },
378
+ {
379
+ path: '/api/assurance',
380
+ method: 'GET',
381
+ summary: 'Assurance summary',
382
+ description: 'Returns the assurance graph summary for agent actions',
383
+ tags: ['Assurance'],
384
+ operationId: 'getAssurance',
385
+ authenticated: true,
386
+ responses: {
387
+ '200': { description: 'Assurance summary', contentType: 'application/json' },
388
+ },
389
+ },
390
+ {
391
+ path: '/api/ingest/normalize',
392
+ method: 'POST',
393
+ summary: 'Normalize security event',
394
+ description: 'Ingest and normalize a security event from a cloud or SIEM source',
395
+ tags: ['Ingest'],
396
+ operationId: 'normalizeEvent',
397
+ authenticated: true,
398
+ requestBody: {
399
+ contentType: 'application/json',
400
+ schema: {
401
+ type: 'object',
402
+ required: ['source'],
403
+ properties: {
404
+ source: { type: 'string', description: 'Ingest source identifier' },
405
+ tenantId: { type: 'number' },
406
+ payload: { type: 'object' },
407
+ },
408
+ },
409
+ },
410
+ responses: {
411
+ '200': { description: 'Normalized event', contentType: 'application/json' },
412
+ '400': { description: 'Normalize failed', contentType: 'application/json' },
413
+ },
414
+ },
415
+ {
416
+ path: '/api/risk/monte-carlo',
417
+ method: 'POST',
418
+ summary: 'Monte Carlo simulation',
419
+ description: 'Run a Monte Carlo risk simulation for a scenario',
420
+ tags: ['Risk'],
421
+ operationId: 'runMonteCarlo',
422
+ authenticated: true,
423
+ requestBody: {
424
+ contentType: 'application/json',
425
+ schema: {
426
+ type: 'object',
427
+ properties: {
428
+ scenario: { type: 'object' },
429
+ iterations: { type: 'number' },
430
+ seed: { type: 'number' },
431
+ },
432
+ },
433
+ },
434
+ responses: {
435
+ '200': { description: 'Simulation result', contentType: 'application/json' },
436
+ },
437
+ },
438
+ {
439
+ path: '/api/risk/fair',
440
+ method: 'POST',
441
+ summary: 'FAIR risk calculation',
442
+ description: 'Calculate risk using the FAIR (Factor Analysis of Information Risk) model',
443
+ tags: ['Risk'],
444
+ operationId: 'calculateFair',
445
+ authenticated: true,
446
+ requestBody: {
447
+ contentType: 'application/json',
448
+ schema: {
449
+ type: 'object',
450
+ properties: {
451
+ scenario: { type: 'object' },
452
+ iterations: { type: 'number' },
453
+ seed: { type: 'number' },
454
+ },
455
+ },
456
+ },
457
+ responses: {
458
+ '200': { description: 'FAIR calculation result', contentType: 'application/json' },
459
+ },
460
+ },
461
+ {
462
+ path: '/api/risk/register',
463
+ method: 'GET',
464
+ summary: 'Risk register',
465
+ description: 'Returns the risk register entries and portfolio metrics',
466
+ tags: ['Risk'],
467
+ operationId: 'getRiskRegister',
468
+ authenticated: true,
469
+ responses: {
470
+ '200': { description: 'Risk register', contentType: 'application/json' },
471
+ },
472
+ },
473
+ {
474
+ path: '/api/risk/heatmap',
475
+ method: 'GET',
476
+ summary: 'Risk heatmap',
477
+ description: 'Generate a risk heatmap from the register',
478
+ tags: ['Risk'],
479
+ operationId: 'getRiskHeatmap',
480
+ authenticated: true,
481
+ responses: {
482
+ '200': { description: 'Risk heatmap', contentType: 'application/json' },
483
+ },
484
+ },
485
+ {
486
+ path: '/api/entities',
487
+ method: 'GET',
488
+ summary: 'List entities',
489
+ description: 'List all organizational entities',
490
+ tags: ['Entities'],
491
+ operationId: 'listEntities',
492
+ authenticated: true,
493
+ responses: {
494
+ '200': { description: 'Entity list', contentType: 'application/json' },
495
+ },
496
+ },
497
+ {
498
+ path: '/api/entities',
499
+ method: 'POST',
500
+ summary: 'Create entity',
501
+ description: 'Create a new organizational entity',
502
+ tags: ['Entities'],
503
+ operationId: 'createEntity',
504
+ authenticated: true,
505
+ requestBody: {
506
+ contentType: 'application/json',
507
+ schema: {
508
+ type: 'object',
509
+ properties: {
510
+ name: { type: 'string' },
511
+ type: { type: 'string' },
512
+ parentId: { type: 'string' },
513
+ },
514
+ },
515
+ },
516
+ responses: {
517
+ '201': { description: 'Entity created', contentType: 'application/json' },
518
+ },
519
+ },
520
+ {
521
+ path: '/api/entities/consolidated-report',
522
+ method: 'GET',
523
+ summary: 'Consolidated compliance report',
524
+ description: 'Get a consolidated compliance report across all entities',
525
+ tags: ['Entities'],
526
+ operationId: 'getConsolidatedReport',
527
+ authenticated: true,
528
+ responses: {
529
+ '200': { description: 'Consolidated report', contentType: 'application/json' },
530
+ },
531
+ },
532
+ {
533
+ path: '/api/integrations',
534
+ method: 'GET',
535
+ summary: 'List integrations',
536
+ description: 'List enabled integration marketplace connectors',
537
+ tags: ['Integrations'],
538
+ operationId: 'listIntegrations',
539
+ authenticated: true,
540
+ responses: {
541
+ '200': { description: 'Integration list', contentType: 'application/json' },
542
+ },
543
+ },
544
+ {
545
+ path: '/api/integrations/collect',
546
+ method: 'POST',
547
+ summary: 'Collect from all integrations',
548
+ description: 'Trigger evidence collection from all enabled integration connectors',
549
+ tags: ['Integrations'],
550
+ operationId: 'collectAllIntegrations',
551
+ authenticated: true,
552
+ responses: {
553
+ '200': { description: 'Collection jobs', contentType: 'application/json' },
554
+ },
555
+ },
556
+ {
557
+ path: '/api/integrations/jobs',
558
+ method: 'GET',
559
+ summary: 'Integration collection jobs',
560
+ description: 'List recent integration collection jobs',
561
+ tags: ['Integrations'],
562
+ operationId: 'listIntegrationJobs',
563
+ authenticated: true,
564
+ responses: {
565
+ '200': { description: 'Job list', contentType: 'application/json' },
566
+ },
567
+ },
568
+ {
569
+ path: '/api/policies',
570
+ method: 'GET',
571
+ summary: 'List policies',
572
+ description: 'List all managed policies',
573
+ tags: ['Policies'],
574
+ operationId: 'listPolicies',
575
+ authenticated: true,
576
+ responses: {
577
+ '200': { description: 'Policy list', contentType: 'application/json' },
578
+ },
579
+ },
580
+ {
581
+ path: '/api/policies/create',
582
+ method: 'POST',
583
+ summary: 'Create policy',
584
+ description: 'Create a new policy',
585
+ tags: ['Policies'],
586
+ operationId: 'createPolicy',
587
+ authenticated: true,
588
+ requestBody: {
589
+ contentType: 'application/json',
590
+ schema: { type: 'object' },
591
+ },
592
+ responses: {
593
+ '201': { description: 'Policy created', contentType: 'application/json' },
594
+ },
595
+ },
596
+ {
597
+ path: '/api/policies/stats',
598
+ method: 'GET',
599
+ summary: 'Policy statistics',
600
+ description: 'Get policy management statistics',
601
+ tags: ['Policies'],
602
+ operationId: 'getPolicyStats',
603
+ authenticated: true,
604
+ responses: {
605
+ '200': { description: 'Policy stats', contentType: 'application/json' },
606
+ },
607
+ },
608
+ {
609
+ path: '/api/vendor-risk/vendors',
610
+ method: 'GET',
611
+ summary: 'List vendors',
612
+ description: 'List all vendor risk assessments',
613
+ tags: ['Vendor Risk'],
614
+ operationId: 'listVendorRiskVendors',
615
+ authenticated: true,
616
+ responses: {
617
+ '200': { description: 'Vendor list', contentType: 'application/json' },
618
+ },
619
+ },
620
+ {
621
+ path: '/api/vendor-risk/vendors',
622
+ method: 'POST',
623
+ summary: 'Create vendor',
624
+ description: 'Create a new vendor risk assessment',
625
+ tags: ['Vendor Risk'],
626
+ operationId: 'createVendorRiskVendor',
627
+ authenticated: true,
628
+ requestBody: {
629
+ contentType: 'application/json',
630
+ schema: { type: 'object' },
631
+ },
632
+ responses: {
633
+ '201': { description: 'Vendor created', contentType: 'application/json' },
634
+ },
635
+ },
636
+ {
637
+ path: '/api/vendor-risk/dashboard',
638
+ method: 'GET',
639
+ summary: 'Vendor risk dashboard',
640
+ description: 'Get the vendor risk management dashboard',
641
+ tags: ['Vendor Risk'],
642
+ operationId: 'getVendorRiskDashboard',
643
+ authenticated: true,
644
+ responses: {
645
+ '200': { description: 'Vendor risk dashboard', contentType: 'application/json' },
646
+ },
647
+ },
648
+ {
649
+ path: '/api/employees',
650
+ method: 'GET',
651
+ summary: 'List employees',
652
+ description: 'List all employees in the lifecycle engine',
653
+ tags: ['Employees'],
654
+ operationId: 'listEmployees',
655
+ authenticated: true,
656
+ queryParams: [
657
+ { name: 'state', in: 'query', required: false, schema: { type: 'string' } },
658
+ { name: 'department', in: 'query', required: false, schema: { type: 'string' } },
659
+ ],
660
+ responses: {
661
+ '200': { description: 'Employee list', contentType: 'application/json' },
662
+ },
663
+ },
664
+ {
665
+ path: '/api/employees',
666
+ method: 'POST',
667
+ summary: 'Create employee',
668
+ description: 'Create a new employee record',
669
+ tags: ['Employees'],
670
+ operationId: 'createEmployee',
671
+ authenticated: true,
672
+ requestBody: {
673
+ contentType: 'application/json',
674
+ schema: { type: 'object' },
675
+ },
676
+ responses: {
677
+ '201': { description: 'Employee created', contentType: 'application/json' },
678
+ },
679
+ },
680
+ {
681
+ path: '/api/employees/compliance-dashboard',
682
+ method: 'GET',
683
+ summary: 'Employee compliance dashboard',
684
+ description: 'Get the employee lifecycle compliance dashboard',
685
+ tags: ['Employees'],
686
+ operationId: 'getEmployeeComplianceDashboard',
687
+ authenticated: true,
688
+ responses: {
689
+ '200': { description: 'Compliance dashboard', contentType: 'application/json' },
690
+ },
691
+ },
692
+ {
693
+ path: '/api/tasks',
694
+ method: 'GET',
695
+ summary: 'List tasks',
696
+ description: 'List all compliance tasks',
697
+ tags: ['Tasks'],
698
+ operationId: 'listTasks',
699
+ authenticated: true,
700
+ responses: {
701
+ '200': { description: 'Task list', contentType: 'application/json' },
702
+ },
703
+ },
704
+ {
705
+ path: '/api/tasks',
706
+ method: 'POST',
707
+ summary: 'Create task',
708
+ description: 'Create a new compliance task',
709
+ tags: ['Tasks'],
710
+ operationId: 'createTask',
711
+ authenticated: true,
712
+ requestBody: {
713
+ contentType: 'application/json',
714
+ schema: { type: 'object' },
715
+ },
716
+ responses: {
717
+ '201': { description: 'Task created', contentType: 'application/json' },
718
+ },
719
+ },
720
+ {
721
+ path: '/api/tasks/analytics',
722
+ method: 'GET',
723
+ summary: 'Task analytics',
724
+ description: 'Get compliance task analytics',
725
+ tags: ['Tasks'],
726
+ operationId: 'getTaskAnalytics',
727
+ authenticated: true,
728
+ responses: {
729
+ '200': { description: 'Task analytics', contentType: 'application/json' },
730
+ },
731
+ },
732
+ {
733
+ path: '/api/autopilot/run-cycle',
734
+ method: 'POST',
735
+ summary: 'Run autopilot cycle',
736
+ description: 'Execute a full compliance autopilot cycle (monitor, detect, remediate, verify)',
737
+ tags: ['Autopilot'],
738
+ operationId: 'runAutopilotCycle',
739
+ authenticated: true,
740
+ responses: {
741
+ '200': { description: 'Cycle result', contentType: 'application/json' },
742
+ },
743
+ },
744
+ {
745
+ path: '/api/autopilot/status',
746
+ method: 'GET',
747
+ summary: 'Autopilot status',
748
+ description: 'Get the current compliance autopilot status and control overview',
749
+ tags: ['Autopilot'],
750
+ operationId: 'getAutopilotStatus',
751
+ authenticated: true,
752
+ responses: {
753
+ '200': { description: 'Autopilot status', contentType: 'application/json' },
754
+ },
755
+ },
756
+ {
757
+ path: '/api/autopilot/audit-trail',
758
+ method: 'GET',
759
+ summary: 'Autopilot audit trail',
760
+ description: 'Get the compliance autopilot audit trail with integrity verification',
761
+ tags: ['Autopilot'],
762
+ operationId: 'getAutopilotAuditTrail',
763
+ authenticated: true,
764
+ responses: {
765
+ '200': { description: 'Audit trail', contentType: 'application/json' },
766
+ },
767
+ },
768
+ {
769
+ path: '/api/drift/capture-baseline',
770
+ method: 'POST',
771
+ summary: 'Capture drift baseline',
772
+ description: 'Capture a new compliance baseline snapshot for drift detection',
773
+ tags: ['Drift'],
774
+ operationId: 'captureBaseline',
775
+ authenticated: true,
776
+ responses: {
777
+ '200': { description: 'Baseline captured', contentType: 'application/json' },
778
+ },
779
+ },
780
+ {
781
+ path: '/api/drift/detect',
782
+ method: 'POST',
783
+ summary: 'Detect drift',
784
+ description: 'Run a drift detection cycle against the current baseline',
785
+ tags: ['Drift'],
786
+ operationId: 'detectDrift',
787
+ authenticated: true,
788
+ responses: {
789
+ '200': { description: 'Drift detection result', contentType: 'application/json' },
790
+ },
791
+ },
792
+ {
793
+ path: '/api/drift/history',
794
+ method: 'GET',
795
+ summary: 'Drift history',
796
+ description: 'Get the drift event history',
797
+ tags: ['Drift'],
798
+ operationId: 'getDriftHistory',
799
+ authenticated: true,
800
+ responses: {
801
+ '200': { description: 'Drift history', contentType: 'application/json' },
802
+ },
803
+ },
804
+ {
805
+ path: '/api/drift/alerts',
806
+ method: 'GET',
807
+ summary: 'Drift alerts',
808
+ description: 'Get drift detection alert history',
809
+ tags: ['Drift'],
810
+ operationId: 'getDriftAlerts',
811
+ authenticated: true,
812
+ responses: {
813
+ '200': { description: 'Drift alerts', contentType: 'application/json' },
814
+ },
815
+ },
816
+ {
817
+ path: '/api/evidence/collect',
818
+ method: 'POST',
819
+ summary: 'Collect evidence',
820
+ description: 'Collect compliance evidence for a specific control and framework',
821
+ tags: ['Evidence'],
822
+ operationId: 'collectEvidence',
823
+ authenticated: true,
824
+ requestBody: {
825
+ contentType: 'application/json',
826
+ schema: {
827
+ type: 'object',
828
+ properties: {
829
+ framework: { type: 'string' },
830
+ category: { type: 'string' },
831
+ controlId: { type: 'string' },
832
+ },
833
+ },
834
+ },
835
+ responses: {
836
+ '200': { description: 'Evidence collected', contentType: 'application/json' },
837
+ },
838
+ },
839
+ {
840
+ path: '/api/evidence/inventory',
841
+ method: 'GET',
842
+ summary: 'Evidence inventory',
843
+ description: 'Get the full evidence inventory',
844
+ tags: ['Evidence'],
845
+ operationId: 'getEvidenceInventory',
846
+ authenticated: true,
847
+ responses: {
848
+ '200': { description: 'Evidence inventory', contentType: 'application/json' },
849
+ },
850
+ },
851
+ {
852
+ path: '/api/accm/detect-gaps',
853
+ method: 'POST',
854
+ summary: 'Detect ACCM gaps',
855
+ description: 'Detect compliance gaps for a framework via the ACCM engine',
856
+ tags: ['ACCM'],
857
+ operationId: 'detectAccmGaps',
858
+ authenticated: true,
859
+ requestBody: {
860
+ contentType: 'application/json',
861
+ schema: {
862
+ type: 'object',
863
+ properties: {
864
+ frameworkCode: { type: 'string', default: 'iso27001' },
865
+ },
866
+ },
867
+ },
868
+ responses: {
869
+ '200': { description: 'Gaps detected', contentType: 'application/json' },
870
+ },
871
+ },
872
+ {
873
+ path: '/api/accm/full-cycle',
874
+ method: 'POST',
875
+ summary: 'ACCM full cycle',
876
+ description: 'Run a full ACCM compliance cycle: detect gaps, remediate, and verify',
877
+ tags: ['ACCM'],
878
+ operationId: 'accmFullCycle',
879
+ authenticated: true,
880
+ requestBody: {
881
+ contentType: 'application/json',
882
+ schema: {
883
+ type: 'object',
884
+ properties: {
885
+ frameworkCode: { type: 'string', default: 'iso27001' },
886
+ },
887
+ },
888
+ },
889
+ responses: {
890
+ '200': { description: 'Full cycle report', contentType: 'application/json' },
891
+ },
892
+ },
893
+ {
894
+ path: '/api/agents',
895
+ method: 'GET',
896
+ summary: 'List agents',
897
+ description: 'List all registered agents in the agent builder',
898
+ tags: ['Agents'],
899
+ operationId: 'listAgents',
900
+ authenticated: true,
901
+ responses: {
902
+ '200': { description: 'Agent list', contentType: 'application/json' },
903
+ },
904
+ },
905
+ {
906
+ path: '/api/agents',
907
+ method: 'POST',
908
+ summary: 'Create agent',
909
+ description: 'Create a new agent definition',
910
+ tags: ['Agents'],
911
+ operationId: 'createAgent',
912
+ authenticated: true,
913
+ requestBody: {
914
+ contentType: 'application/json',
915
+ schema: { type: 'object' },
916
+ },
917
+ responses: {
918
+ '201': { description: 'Agent created', contentType: 'application/json' },
919
+ },
920
+ },
921
+ {
922
+ path: '/api/agents/{agentId}/trigger',
923
+ method: 'POST',
924
+ summary: 'Trigger agent',
925
+ description: 'Trigger an agent execution run',
926
+ tags: ['Agents'],
927
+ operationId: 'triggerAgent',
928
+ authenticated: true,
929
+ requestBody: {
930
+ contentType: 'application/json',
931
+ schema: { type: 'object' },
932
+ },
933
+ responses: {
934
+ '200': { description: 'Agent run result', contentType: 'application/json' },
935
+ },
936
+ },
937
+ {
938
+ path: '/api/crosswalk/{source}/{target}',
939
+ method: 'GET',
940
+ summary: 'Framework crosswalk',
941
+ description: 'Generate a crosswalk report between two compliance frameworks',
942
+ tags: ['Crosswalk'],
943
+ operationId: 'getCrosswalk',
944
+ authenticated: true,
945
+ responses: {
946
+ '200': { description: 'Crosswalk report', contentType: 'application/json' },
947
+ },
948
+ },
949
+ {
950
+ path: '/api/crosswalk/overlaps',
951
+ method: 'GET',
952
+ summary: 'Framework overlaps',
953
+ description: 'Find control overlaps between supported framework pairs',
954
+ tags: ['Crosswalk'],
955
+ operationId: 'getOverlaps',
956
+ authenticated: true,
957
+ responses: {
958
+ '200': { description: 'Overlap data', contentType: 'application/json' },
959
+ },
960
+ },
961
+ {
962
+ path: '/api/chat',
963
+ method: 'POST',
964
+ summary: 'Chat with GRC assistant',
965
+ description: 'Send a message to the GRC chat assistant',
966
+ tags: ['Chat'],
967
+ operationId: 'chatMessage',
968
+ authenticated: true,
969
+ requestBody: {
970
+ contentType: 'application/json',
971
+ schema: {
972
+ type: 'object',
973
+ required: ['message'],
974
+ properties: {
975
+ message: { type: 'string' },
976
+ context: { type: 'object' },
977
+ sessionId: { type: 'string' },
978
+ },
979
+ },
980
+ },
981
+ responses: {
982
+ '200': { description: 'Chat response', contentType: 'application/json' },
983
+ },
984
+ },
985
+ {
986
+ path: '/api/reporting/board',
987
+ method: 'GET',
988
+ summary: 'Board report',
989
+ description: 'Generate a board-level compliance report',
990
+ tags: ['Reporting'],
991
+ operationId: 'getBoardReport',
992
+ authenticated: true,
993
+ queryParams: [
994
+ { name: 'type', in: 'query', required: false, schema: { type: 'string', default: 'board_summary' } },
995
+ { name: 'period', in: 'query', required: false, schema: { type: 'string' } },
996
+ ],
997
+ responses: {
998
+ '200': { description: 'Board report', contentType: 'application/json' },
999
+ },
1000
+ },
1001
+ {
1002
+ path: '/api/reporting/dashboard',
1003
+ method: 'GET',
1004
+ summary: 'Executive dashboard',
1005
+ description: 'Get the executive compliance dashboard',
1006
+ tags: ['Reporting'],
1007
+ operationId: 'getExecutiveDashboard',
1008
+ authenticated: true,
1009
+ responses: {
1010
+ '200': { description: 'Executive dashboard', contentType: 'application/json' },
1011
+ },
1012
+ },
1013
+ {
1014
+ path: '/api/traces',
1015
+ method: 'GET',
1016
+ summary: 'List traces',
1017
+ description: 'List observability traces with stats',
1018
+ tags: ['Observability'],
1019
+ operationId: 'listTraces',
1020
+ authenticated: true,
1021
+ queryParams: [
1022
+ { name: 'limit', in: 'query', required: false, schema: { type: 'integer', default: 50 } },
1023
+ ],
1024
+ responses: {
1025
+ '200': { description: 'Trace list', contentType: 'application/json' },
1026
+ },
1027
+ },
1028
+ {
1029
+ path: '/api/traces/metrics',
1030
+ method: 'GET',
1031
+ summary: 'Trace metrics',
1032
+ description: 'Get observability trace metrics',
1033
+ tags: ['Observability'],
1034
+ operationId: 'getTraceMetrics',
1035
+ authenticated: true,
1036
+ responses: {
1037
+ '200': { description: 'Trace metrics', contentType: 'application/json' },
1038
+ },
1039
+ },
1040
+ {
1041
+ path: '/api/audit-trail',
1042
+ method: 'GET',
1043
+ summary: 'Agent audit trail',
1044
+ description: 'Get the agent audit trail records',
1045
+ tags: ['Audit'],
1046
+ operationId: 'getAuditTrail',
1047
+ authenticated: true,
1048
+ queryParams: [
1049
+ { name: 'limit', in: 'query', required: false, schema: { type: 'integer', default: 100 } },
1050
+ ],
1051
+ responses: {
1052
+ '200': { description: 'Audit trail records', contentType: 'application/json' },
1053
+ },
1054
+ },
1055
+ {
1056
+ path: '/api/audit-trail/verify',
1057
+ method: 'POST',
1058
+ summary: 'Verify audit trail',
1059
+ description: 'Verify the integrity of the agent audit trail',
1060
+ tags: ['Audit'],
1061
+ operationId: 'verifyAuditTrail',
1062
+ authenticated: true,
1063
+ responses: {
1064
+ '200': { description: 'Integrity verification result', contentType: 'application/json' },
1065
+ },
1066
+ },
1067
+ {
1068
+ path: '/api/zk/prove',
1069
+ method: 'POST',
1070
+ summary: 'Generate ZK proof',
1071
+ description: 'Generate a zero-knowledge compliance proof for a control',
1072
+ tags: ['ZK Compliance'],
1073
+ operationId: 'generateZkProof',
1074
+ authenticated: true,
1075
+ requestBody: {
1076
+ contentType: 'application/json',
1077
+ schema: {
1078
+ type: 'object',
1079
+ properties: {
1080
+ controlId: { type: 'string' },
1081
+ frameworkCode: { type: 'string' },
1082
+ controlStatus: { type: 'string' },
1083
+ evidenceHashes: { type: 'array', items: { type: 'string' } },
1084
+ },
1085
+ },
1086
+ },
1087
+ responses: {
1088
+ '200': { description: 'ZK proof', contentType: 'application/json' },
1089
+ },
1090
+ },
1091
+ {
1092
+ path: '/api/zk/verify',
1093
+ method: 'POST',
1094
+ summary: 'Verify ZK proof',
1095
+ description: 'Verify a zero-knowledge compliance proof',
1096
+ tags: ['ZK Compliance'],
1097
+ operationId: 'verifyZkProof',
1098
+ authenticated: true,
1099
+ requestBody: {
1100
+ contentType: 'application/json',
1101
+ schema: { type: 'object' },
1102
+ },
1103
+ responses: {
1104
+ '200': { description: 'Verification result', contentType: 'application/json' },
1105
+ },
1106
+ },
1107
+ {
1108
+ path: '/api/dashboard/realtime',
1109
+ method: 'GET',
1110
+ summary: 'Real-time compliance dashboard',
1111
+ description: 'Get real-time compliance posture data from drift detector, autopilot, and evidence store. WebSocket-backed via ws://host/ws compliance_updates channel.',
1112
+ tags: ['Dashboard'],
1113
+ operationId: 'getRealtimeDashboard',
1114
+ authenticated: true,
1115
+ responses: {
1116
+ '200': {
1117
+ description: 'Real-time compliance data with framework breakdown, autopilot status, drift info, and WebSocket subscription details',
1118
+ contentType: 'application/json',
1119
+ },
1120
+ },
1121
+ },
1122
+ {
1123
+ path: '/api/dashboard/trends',
1124
+ method: 'GET',
1125
+ summary: 'Compliance trends',
1126
+ description: 'Get compliance trend data over a configurable period (default 30 days)',
1127
+ tags: ['Dashboard'],
1128
+ operationId: 'getComplianceTrends',
1129
+ authenticated: true,
1130
+ queryParams: [
1131
+ { name: 'days', in: 'query', required: false, schema: { type: 'integer', default: 30, description: 'Number of days to look back (30, 60, or 90)' } },
1132
+ ],
1133
+ responses: {
1134
+ '200': { description: 'Compliance trend data', contentType: 'application/json' },
1135
+ },
1136
+ },
1137
+ {
1138
+ path: '/api/dashboard/alerts',
1139
+ method: 'GET',
1140
+ summary: 'Compliance alerts',
1141
+ description: 'Get active compliance alerts from drift detector, autopilot gaps, and failed remediations',
1142
+ tags: ['Dashboard'],
1143
+ operationId: 'getComplianceAlerts',
1144
+ authenticated: true,
1145
+ responses: {
1146
+ '200': { description: 'Active compliance alerts sorted by priority', contentType: 'application/json' },
1147
+ },
1148
+ },
1149
+ {
1150
+ path: '/api/dashboard/kpis',
1151
+ method: 'GET',
1152
+ summary: 'Compliance KPIs',
1153
+ description: 'Get key performance indicators: compliance scores, autopilot metrics, drift stats, and activity counts',
1154
+ tags: ['Dashboard'],
1155
+ operationId: 'getComplianceKpis',
1156
+ authenticated: true,
1157
+ responses: {
1158
+ '200': { description: 'Compliance KPIs', contentType: 'application/json' },
1159
+ },
1160
+ },
1161
+ {
1162
+ path: '/api/openapi.json',
1163
+ method: 'GET',
1164
+ summary: 'OpenAPI spec (JSON)',
1165
+ description: 'Returns the complete OpenAPI 3.0 specification in JSON format',
1166
+ tags: ['API Spec'],
1167
+ operationId: 'getOpenApiJson',
1168
+ authenticated: false,
1169
+ responses: {
1170
+ '200': { description: 'OpenAPI 3.0 JSON specification', contentType: 'application/json' },
1171
+ },
1172
+ },
1173
+ {
1174
+ path: '/api/openapi.yaml',
1175
+ method: 'GET',
1176
+ summary: 'OpenAPI spec (YAML)',
1177
+ description: 'Returns the complete OpenAPI 3.0 specification in YAML format',
1178
+ tags: ['API Spec'],
1179
+ operationId: 'getOpenApiYaml',
1180
+ authenticated: false,
1181
+ responses: {
1182
+ '200': { description: 'OpenAPI 3.0 YAML specification', contentType: 'text/yaml' },
1183
+ },
1184
+ },
1185
+ ];
1186
+ }
1187
+ }
1188
+ //# sourceMappingURL=OpenAPIGenerator.js.map