@guardion/guardion 0.2.0 → 0.4.0

package/dist/core/config.js

@@ -0,0 +1,154 @@
+import fs from 'node:fs';
+import yaml from 'js-yaml';
+import { z } from 'zod';
+import { GUARDION_DIR, CONFIG_YAML_PATH, CONFIG_JSON_PATH, DEFAULT_API_URL, DEFAULT_GATEWAY_URL, DEFAULT_MCP_URL, ALL_HOOK_EVENTS, } from './constants.js';
+// ── Sub-schemas ───────────────────────────────────────────────────────────────
+const GatewaySchema = z.object({
+    /** Base URL of the Guardion gateway container / cloud endpoint */
+    url: z.string().url().default(DEFAULT_GATEWAY_URL),
+    /** MCP proxy base URL */
+    mcp_url: z.string().url().default(DEFAULT_MCP_URL),
+    /** LLM provider the gateway will forward to */
+    provider: z.enum(['anthropic', 'vertex-ai', 'bedrock', 'openai']).default('anthropic'),
+    /** Vertex AI only */
+    vertex_project_id: z.string().default(''),
+    vertex_region: z.string().default(''),
+});
+const HooksConfigSchema = z.object({
+    /**
+     * Subset of Claude Code hook events to register.
+     * Defaults to all supported events when omitted.
+     * Security teams can narrow this list via MDM config.
+     */
+    events: z.array(z.string()).default([...ALL_HOOK_EVENTS]),
+    /** Milliseconds to wait for Guard API before giving up (fire-and-forget) */
+    timeout_ms: z.number().int().positive().default(3000),
+});
+const InventoryConfigSchema = z.object({
+    /** Master switch — set to false to disable all local tool inventory scanning */
+    enabled: z.boolean().default(true),
+    /** Scan local SKILL.md files (~/.claude/skills, project .claude/skills, plugin cache) */
+    scan_skills: z.boolean().default(true),
+    /** Scan configured MCP servers (settings.json, .mcp.json) */
+    scan_mcp: z.boolean().default(true),
+    /** Scan installed plugins / their declared MCP servers */
+    scan_plugins: z.boolean().default(true),
+    /** Include Claude Code built-in tools (Bash, Read, Write, …) */
+    scan_builtins: z.boolean().default(true),
+});
+// ── Root schema ───────────────────────────────────────────────────────────────
+const ConfigSchema = z.object({
+    version: z.literal(1),
+    /**
+     * Deployment tier:
+     *   hooks — fire-and-forget hook events to Guard API, no LLM proxy
+     *   full  — route all LLM traffic through Guardion gateway + hook events
+     */
+    tier: z.enum(['hooks', 'full']),
+    /** Guard API base URL */
+    api_url: z.string().url(),
+    /** Policy slug to evaluate hook events against */
+    policy: z.string().min(1),
+    /** Application label attached to every event in the console */
+    application: z.string().min(1),
+    /** Gateway proxy settings (full tier only) */
+    gateway: GatewaySchema.optional(),
+    /** Hook event configuration */
+    hooks: HooksConfigSchema.optional(),
+    /** Local tool inventory scanning (sent to Guard API on SessionStart) */
+    inventory: InventoryConfigSchema.optional(),
+    /**
+     * P2 enforcement: when true, PreToolUse/PostToolUse make a SYNCHRONOUS Guard
+     * eval and can deny/warn on tool input+output. Default OFF (observability-
+     * first) so policy false positives can't block real work on day one.
+     */
+    enforce: z.boolean().default(false),
+    /**
+     * If the Guard eval is unreachable/times out: false (default) = fail-open
+     * (allow); true = fail-closed (deny). Should mirror the policy's fail_mode.
+     */
+    fail_closed: z.boolean().default(false),
+    /**
+     * Default mode for the `guardion mcp` interposer when not set per-server:
+     *   dlp (anonymize, never block) | enforce (block on deny + redact) | monitor (observe).
+     * Per-server `--mode` on the injected prefix overrides this.
+     */
+    mode: z.enum(['dlp', 'enforce', 'monitor']).optional(),
+    /** Interposer: apply Guard corrections (default true). */
+    redact: z.boolean().optional(),
+    /** Interposer: tool-list integrity check at connect (default true). */
+    integrity: z.boolean().optional(),
+});
+// ── Defaults ──────────────────────────────────────────────────────────────────
+export const DEFAULT_GATEWAY = {
+    url: DEFAULT_GATEWAY_URL,
+    mcp_url: DEFAULT_MCP_URL,
+    provider: 'anthropic',
+    vertex_project_id: '',
+    vertex_region: '',
+};
+export const DEFAULT_HOOKS_CONFIG = {
+    events: [...ALL_HOOK_EVENTS],
+    timeout_ms: 3000,
+};
+export const DEFAULT_INVENTORY_CONFIG = {
+    enabled: true,
+    scan_skills: true,
+    scan_mcp: true,
+    scan_plugins: true,
+    scan_builtins: true,
+};
+export const DEFAULT_CONFIG = {
+    version: 1,
+    tier: 'hooks',
+    api_url: DEFAULT_API_URL,
+    policy: 'prompt-defense',
+    application: 'claude-code',
+    enforce: false,
+    fail_closed: false,
+};
+/** Resolved hooks events — falls back to all events when not configured */
+export function resolvedHookEvents(cfg) {
+    const events = cfg.hooks?.events;
+    if (!events || events.length === 0)
+        return ALL_HOOK_EVENTS;
+    // Filter to only known events to prevent config injection
+    return events.filter(e => ALL_HOOK_EVENTS.includes(e));
+}
+// ── Read ──────────────────────────────────────────────────────────────────────
+export function readConfig() {
+    for (const p of [CONFIG_YAML_PATH, CONFIG_YAML_PATH.replace('.yaml', '.json')]) {
+        try {
+            const raw = fs.readFileSync(p, 'utf-8');
+            const parsed = p.endsWith('.json') ? JSON.parse(raw) : yaml.load(raw);
+            return ConfigSchema.parse(parsed);
+        }
+        catch { /* try next */ }
+    }
+    return null;
+}
+export function readConfigOrDefault() {
+    return readConfig() ?? DEFAULT_CONFIG;
+}
+// ── Write ─────────────────────────────────────────────────────────────────────
+export function writeConfig(cfg) {
+    const validated = ConfigSchema.parse(cfg);
+    fs.mkdirSync(GUARDION_DIR, { recursive: true });
+    // Human-editable YAML
+    const header = [
+        '# Guardion config — edit freely, generated by `npx guardion init`',
+        '# Token is stored in your OS keychain, not here.',
+        '# Docs: https://guardion.ai/docs/claude-code',
+        '',
+    ].join('\n');
+    writeAtomic(CONFIG_YAML_PATH, header + yaml.dump(validated, { indent: 2 }));
+    // JSON for the CJS hook (zero-dep, no YAML parser)
+    writeAtomic(CONFIG_JSON_PATH, JSON.stringify(validated, null, 2) + '\n');
+}
+// ── Atomic write ──────────────────────────────────────────────────────────────
+function writeAtomic(filePath, content) {
+    const tmp = filePath + '.tmp';
+    fs.writeFileSync(tmp, content, 'utf-8');
+    fs.renameSync(tmp, filePath);
+}
+//# sourceMappingURL=config.js.map

package/dist/core/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../core/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAQ,SAAS,CAAC;AAC3B,OAAO,IAAI,MAAO,SAAS,CAAC;AAC5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,eAAe,EACf,eAAe,GAChB,MAAM,gBAAgB,CAAC;AAExB,iFAAiF;AAEjF,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7B,kEAAkE;IAClE,GAAG,EAAgB,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,mBAAmB,CAAC;IAChE,yBAAyB;IACzB,OAAO,EAAY,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,eAAe,CAAC;IAC5D,+CAA+C;IAC/C,QAAQ,EAAW,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;IAC/F,qBAAqB;IACrB,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACzC,aAAa,EAAM,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;CAC1C,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC;;;;OAIG;IACH,MAAM,EAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,eAAe,CAAC,CAAC;IAC7D,4EAA4E;IAC5E,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;CACtD,CAAC,CAAC;AAEH,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,gFAAgF;IAChF,OAAO,EAAQ,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACxC,yFAAyF;IACzF,WAAW,EAAI,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACxC,6DAA6D;IAC7D,QAAQ,EAAO,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACxC,0DAA0D;IAC1D,YAAY,EAAG,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACxC,gEAAgE;IAChE,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;CACzC,CAAC,CAAC;AAEH,iFAAiF;AAEjF,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5B,OAAO,EAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACzB;;;;OAIG;IACH,IAAI,EAAS,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACtC,yBAAyB;IACzB,OAAO,EAAM,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC7B,kDAAkD;IAClD,MAAM,EAAO,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9B,+DAA+D;IAC/D,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9B,8CAA8C;IAC9C,OAAO,EAAM,aAAa,CAAC,QAAQ,EAAE;IACrC,+BAA+B;IAC/B,KAAK,EAAQ,iBAAiB,CAAC,QAAQ,EAAE;IACzC,wEAAwE;IACxE,SAAS,EAAI,qBAAqB,CAAC,QAAQ,EAAE;IAC7C;;;;OAIG;IACH,OAAO,EAAM,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACvC;;;OAGG;IACH,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACvC;;;;OAIG;IACH,IAAI,EAAS,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC7D,0DAA0D;IAC1D,MAAM,EAAO,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACnC,uEAAuE;IACvE,SAAS,EAAI,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAOH,iFAAiF;AAEjF,MAAM,CAAC,MAAM,eAAe,GAAkB;IAC5C,GAAG,EAAgB,mBAAmB;IACtC,OAAO,EAAY,eAAe;IAClC,QAAQ,EAAW,WAAW;IAC9B,iBAAiB,EAAE,EAAE;IACrB,aAAa,EAAM,EAAE;CACtB,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAgB;IAC/C,MAAM,EAAM,CAAC,GAAG,eAAe,CAAC;IAChC,UAAU,EAAE,IAAI;CACjB,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAoB;IACvD,OAAO,EAAQ,IAAI;IACnB,WAAW,EAAI,IAAI;IACnB,QAAQ,EAAO,IAAI;IACnB,YAAY,EAAG,IAAI;IACnB,aAAa,EAAE,IAAI;CACpB,CAAC;AAEF,MAAM,CAAC,MAAM,cAAc,GAAmB;IAC5C,OAAO,EAAM,CAAC;IACd,IAAI,EAAS,OAAO;IACpB,OAAO,EAAM,eAAe;IAC5B,MAAM,EAAO,gBAAgB;IAC7B,WAAW,EAAE,aAAa;IAC1B,OAAO,EAAM,KAAK;IAClB,WAAW,EAAE,KAAK;CACnB,CAAC;AAEF,2EAA2E;AAC3E,MAAM,UAAU,kBAAkB,CAAC,GAAmB;IACpD,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC;IACjC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,eAAe,CAAC;IAC3D,0DAA0D;IAC1D,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAE,eAAqC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AAChF,CAAC;AAED,iFAAiF;AAEjF,MAAM,UAAU,UAAU;IACxB,KAAK,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC;QAC/E,IAAI,CAAC;YACH,MAAM,GAAG,GAAM,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC3C,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtE,OAAO,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC,CAAC,cAAc,CAAC,CAAC;IAC5B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,OAAO,UAAU,EAAE,IAAI,cAAc,CAAC;AACxC,CAAC;AAED,iFAAiF;AAEjF,MAAM,UAAU,WAAW,CAAC,GAAmB;IAC7C,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1C,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEhD,sBAAsB;IACtB,MAAM,MAAM,GAAG;QACb,mEAAmE;QACnE,kDAAkD;QAClD,8CAA8C;QAC9C,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACb,WAAW,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5E,mDAAmD;IACnD,WAAW,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC3E,CAAC;AAED,iFAAiF;AAEjF,SAAS,WAAW,CAAC,QAAgB,EAAE,OAAe;IACpD,MAAM,GAAG,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC9B,EAAE,CAAC,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACxC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AAC/B,CAAC"}

package/dist/{constants.d.ts → core/constants.d.ts}

@@ -1,4 +1,4 @@
-export declare const GUARDION_VERSION = "0.2.0";
+export declare const GUARDION_VERSION = "0.4.0";
 export declare const TOKEN_PREFIX = "grd_";
 export declare const BACKUP_KEEP = 5;
 export declare const DEFAULT_API_URL = "https://api.guardion.ai";
@@ -21,6 +21,11 @@ export declare const CLAUDE_SETTINGS_PATH: string;
 export declare const BACKUP_SUFFIX = ".guardion";
 export declare const KEYCHAIN_SERVICE = "guardion";
 export declare const KEYCHAIN_ACCOUNT = "token";
-export declare const HOOK_EVENTS: readonly ["SessionStart", "SessionEnd", "UserPromptSubmit", "PreToolUse", "PostToolUse", "PostToolUseFailure", "PostToolBatch", "SubagentStart", "SubagentStop", "Stop", "StopFailure", "PermissionDenied"];
-export type HookEvent = (typeof HOOK_EVENTS)[number];
+export declare const ALL_HOOK_EVENTS: readonly ["SessionStart", "SessionEnd", "UserPromptSubmit", "PreToolUse", "PostToolUse", "PostToolUseFailure", "PostToolBatch", "SubagentStart", "SubagentStop", "Stop", "StopFailure", "PermissionDenied"];
+export type HookEvent = (typeof ALL_HOOK_EVENTS)[number];
+export declare const HEADER_API_KEY = "x-guardion-api-key";
+export declare const HEADER_PROVIDER = "x-guardion-provider";
+export declare const HEADER_POLICY = "x-guardion-policy";
+export declare const HEADER_TRACE_ID = "x-guardion-trace-id";
+export declare const HEADER_METADATA = "x-guardion-metadata";
 //# sourceMappingURL=constants.d.ts.map

package/dist/core/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../core/constants.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,gBAAgB,UAAU,CAAC;AACxC,eAAO,MAAM,YAAY,SAAa,CAAC;AACvC,eAAO,MAAM,WAAW,IAAS,CAAC;AAGlC,eAAO,MAAM,eAAe,4BAAgC,CAAC;AAC7D,eAAO,MAAM,mBAAmB,gCAAgC,CAAC;AACjE,eAAO,MAAM,eAAe,4BAAgC,CAAC;AAG7D,eAAO,MAAM,WAAW,0BAA8B,CAAC;AACvD,eAAO,MAAM,eAAe,0BAA0B,CAAC;AACvD,eAAO,MAAM,WAAW,8BAAkC,CAAC;AAG3D,eAAO,MAAM,gBAAgB,qBAAqB,CAAC;AACnD,eAAO,MAAM,WAAW,YAAiB,CAAC;AAG1C,eAAO,MAAM,QAAQ,QAA2B,CAAC;AACjD,eAAO,MAAM,YAAY,QAA2C,CAAC;AACrE,eAAO,MAAM,gBAAgB,QAA6C,CAAC;AAC3E,eAAO,MAAM,gBAAgB,QAA6C,CAAC;AAC3E,eAAO,MAAM,eAAe,QAAwC,CAAC;AACrE,eAAO,MAAM,kBAAkB,8BAAgC,CAAC;AAChE,eAAO,MAAM,iBAAiB,wBAA2B,CAAC;AAE1D,eAAO,MAAM,UAAU,QAA2C,CAAC;AACnE,eAAO,MAAM,oBAAoB,QAAyC,CAAC;AAC3E,eAAO,MAAM,aAAa,cAAqB,CAAC;AAGhD,eAAO,MAAM,gBAAgB,aAAa,CAAC;AAC3C,eAAO,MAAM,gBAAgB,UAAU,CAAC;AAKxC,eAAO,MAAM,eAAe,6MAalB,CAAC;AAEX,MAAM,MAAM,SAAS,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC;AAGzD,eAAO,MAAM,cAAc,uBAAyB,CAAC;AACrD,eAAO,MAAM,eAAe,wBAAyB,CAAC;AACtD,eAAO,MAAM,aAAa,sBAAyB,CAAC;AACpD,eAAO,MAAM,eAAe,wBAAyB,CAAC;AACtD,eAAO,MAAM,eAAe,wBAAyB,CAAC"}

package/dist/core/constants.js

@@ -0,0 +1,54 @@
+import path from 'node:path';
+import os from 'node:os';
+export const GUARDION_VERSION = '0.4.0';
+export const TOKEN_PREFIX = 'grd_';
+export const BACKUP_KEEP = 5;
+// ── Production URLs ───────────────────────────────────────────────────────────
+export const DEFAULT_API_URL = 'https://api.guardion.ai';
+export const DEFAULT_GATEWAY_URL = 'https://gateway.guardion.ai';
+export const DEFAULT_MCP_URL = 'https://mcp.guardion.ai';
+// ── Local dev (Docker stack) ──────────────────────────────────────────────────
+export const DEV_API_URL = 'http://localhost:8082'; // guardion-guard
+export const DEV_GATEWAY_URL = 'http://localhost:8788'; // guardion-gateway
+export const DEV_MCP_URL = 'http://localhost:8082/mcp';
+// ── Endpoint paths ────────────────────────────────────────────────────────────
+export const HOOK_EVENTS_PATH = '/v1/hooks/events';
+export const HEALTH_PATH = '/health';
+// ── Filesystem paths ──────────────────────────────────────────────────────────
+export const HOME_DIR = os.homedir();
+export const GUARDION_DIR = path.join(HOME_DIR, '.guardion');
+export const CONFIG_YAML_PATH = path.join(GUARDION_DIR, 'config.yaml');
+export const CONFIG_JSON_PATH = path.join(GUARDION_DIR, 'config.json');
+export const TOKEN_FILE_PATH = path.join(GUARDION_DIR, 'token');
+export const SYSTEM_CONFIG_PATH = '/etc/guardion/config.yaml';
+export const SYSTEM_TOKEN_PATH = '/etc/guardion/token';
+export const CLAUDE_DIR = path.join(HOME_DIR, '.claude');
+export const CLAUDE_SETTINGS_PATH = path.join(CLAUDE_DIR, 'settings.json');
+export const BACKUP_SUFFIX = '.guardion';
+// ── Keychain ──────────────────────────────────────────────────────────────────
+export const KEYCHAIN_SERVICE = 'guardion';
+export const KEYCHAIN_ACCOUNT = 'token';
+// ── Hook events ───────────────────────────────────────────────────────────────
+// Complete list of Claude Code hook events Guardion can register.
+// The active subset is controlled by config.yaml hooks.events.
+export const ALL_HOOK_EVENTS = [
+    'SessionStart',
+    'SessionEnd',
+    'UserPromptSubmit',
+    'PreToolUse',
+    'PostToolUse',
+    'PostToolUseFailure',
+    'PostToolBatch',
+    'SubagentStart',
+    'SubagentStop',
+    'Stop',
+    'StopFailure',
+    'PermissionDenied',
+];
+// ── Gateway header names ──────────────────────────────────────────────────────
+export const HEADER_API_KEY = 'x-guardion-api-key';
+export const HEADER_PROVIDER = 'x-guardion-provider';
+export const HEADER_POLICY = 'x-guardion-policy';
+export const HEADER_TRACE_ID = 'x-guardion-trace-id';
+export const HEADER_METADATA = 'x-guardion-metadata';
+//# sourceMappingURL=constants.js.map

package/dist/core/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../core/constants.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAQ,SAAS,CAAC;AAE3B,MAAM,CAAC,MAAM,gBAAgB,GAAG,OAAO,CAAC;AACxC,MAAM,CAAC,MAAM,YAAY,GAAO,MAAM,CAAC;AACvC,MAAM,CAAC,MAAM,WAAW,GAAQ,CAAC,CAAC;AAElC,iFAAiF;AACjF,MAAM,CAAC,MAAM,eAAe,GAAO,yBAAyB,CAAC;AAC7D,MAAM,CAAC,MAAM,mBAAmB,GAAG,6BAA6B,CAAC;AACjE,MAAM,CAAC,MAAM,eAAe,GAAO,yBAAyB,CAAC;AAE7D,iFAAiF;AACjF,MAAM,CAAC,MAAM,WAAW,GAAO,uBAAuB,CAAC,CAAG,iBAAiB;AAC3E,MAAM,CAAC,MAAM,eAAe,GAAG,uBAAuB,CAAC,CAAG,mBAAmB;AAC7E,MAAM,CAAC,MAAM,WAAW,GAAO,2BAA2B,CAAC;AAE3D,iFAAiF;AACjF,MAAM,CAAC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC;AACnD,MAAM,CAAC,MAAM,WAAW,GAAQ,SAAS,CAAC;AAE1C,iFAAiF;AACjF,MAAM,CAAC,MAAM,QAAQ,GAAe,EAAE,CAAC,OAAO,EAAE,CAAC;AACjD,MAAM,CAAC,MAAM,YAAY,GAAW,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;AACrE,MAAM,CAAC,MAAM,gBAAgB,GAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;AAC3E,MAAM,CAAC,MAAM,gBAAgB,GAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;AAC3E,MAAM,CAAC,MAAM,eAAe,GAAQ,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;AACrE,MAAM,CAAC,MAAM,kBAAkB,GAAK,2BAA2B,CAAC;AAChE,MAAM,CAAC,MAAM,iBAAiB,GAAM,qBAAqB,CAAC;AAE1D,MAAM,CAAC,MAAM,UAAU,GAAa,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACnE,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;AAC3E,MAAM,CAAC,MAAM,aAAa,GAAU,WAAW,CAAC;AAEhD,iFAAiF;AACjF,MAAM,CAAC,MAAM,gBAAgB,GAAG,UAAU,CAAC;AAC3C,MAAM,CAAC,MAAM,gBAAgB,GAAG,OAAO,CAAC;AAExC,iFAAiF;AACjF,kEAAkE;AAClE,+DAA+D;AAC/D,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,cAAc;IACd,YAAY;IACZ,kBAAkB;IAClB,YAAY;IACZ,aAAa;IACb,oBAAoB;IACpB,eAAe;IACf,eAAe;IACf,cAAc;IACd,MAAM;IACN,aAAa;IACb,kBAAkB;CACV,CAAC;AAIX,iFAAiF;AACjF,MAAM,CAAC,MAAM,cAAc,GAAK,oBAAoB,CAAC;AACrD,MAAM,CAAC,MAAM,eAAe,GAAI,qBAAqB,CAAC;AACtD,MAAM,CAAC,MAAM,aAAa,GAAM,mBAAmB,CAAC;AACpD,MAAM,CAAC,MAAM,eAAe,GAAI,qBAAqB,CAAC;AACtD,MAAM,CAAC,MAAM,eAAe,GAAI,qBAAqB,CAAC"}

package/dist/core/discover.d.ts

@@ -0,0 +1,36 @@
+export type Scanner = 'process' | 'config' | 'repo';
+export interface DiscoveredAgent {
+    fingerprint: string;
+    name: string;
+    agent_type: string;
+    scanner: Scanner;
+    evidence: string;
+    source_location: string;
+    confidence: number;
+    risk_level: 'info' | 'low' | 'medium' | 'high' | 'critical';
+    risk_score: number;
+}
+interface Sig {
+    agent_type: string;
+    proc: RegExp;
+    deps: RegExp;
+}
+export declare const SIGNATURES: Sig[];
+/** Redact obvious secrets from a string before it's displayed/stored. */
+export declare function redactSecrets(text: string): string;
+/** Pure: classify `ps`-style command lines into discovered agents. */
+export declare function scanProcessLines(lines: string[]): DiscoveredAgent[];
+/** Pure: classify dependency names (from a manifest) into discovered agents. */
+export declare function scanDeps(deps: string[], location: string): DiscoveredAgent[];
+export interface DiscoverOpts {
+    cwd?: string;
+    scanners?: Scanner[];
+}
+/** Run the requested scanners and return de-duplicated discovered agents. */
+export declare function discover(opts?: DiscoverOpts): DiscoveredAgent[];
+/** Submit discovered agents to Guard (/v1/discovery → ai_shadow_agents). */
+export declare function submitDiscovery(apiUrl: string, token: string, agents: DiscoveredAgent[], application?: string): Promise<{
+    status: number;
+}>;
+export {};
+//# sourceMappingURL=discover.d.ts.map

package/dist/core/discover.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"discover.d.ts","sourceRoot":"","sources":["../../core/discover.ts"],"names":[],"mappings":"AAYA,MAAM,MAAM,OAAO,GAAG,SAAS,GAAG,QAAQ,GAAG,MAAM,CAAC;AAEpD,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAC5D,UAAU,EAAE,MAAM,CAAC;CACpB;AAID,UAAU,GAAG;IAAG,UAAU,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE;AAChE,eAAO,MAAM,UAAU,EAAE,GAAG,EAY3B,CAAC;AAEF,yEAAyE;AACzE,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAKlD;AAqBD,sEAAsE;AACtE,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,CAcnE;AAED,gFAAgF;AAChF,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,GAAG,eAAe,EAAE,CAY5E;AAmBD,MAAM,WAAW,YAAY;IAAG,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAA;CAAE;AAEpE,6EAA6E;AAC7E,wBAAgB,QAAQ,CAAC,IAAI,GAAE,YAAiB,GAAG,eAAe,EAAE,CA8BnE;AAED,4EAA4E;AAC5E,wBAAgB,eAAe,CAC7B,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,EAAE,WAAW,SAAa,GACjF,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAa7B"}

package/dist/core/discover.js

@@ -0,0 +1,154 @@
+// `guardion discover` — Shadow-AI Discovery (AGT port). Finds UNREGISTERED agents
+// running or configured on this machine across three scanners: process (running
+// agent frameworks), config (agent config files), and repo (framework deps in
+// manifests). Output is local-only; CLI secrets are redacted before display.
+import fs from 'node:fs';
+import path from 'node:path';
+import http from 'node:http';
+import https from 'node:https';
+import crypto from 'node:crypto';
+import { spawnSync } from 'node:child_process';
+export const SIGNATURES = [
+    { agent_type: 'langchain', proc: /langchain|langgraph/i, deps: /^(langchain|langgraph|@langchain\/)/i },
+    { agent_type: 'crewai', proc: /crewai/i, deps: /^crewai/i },
+    { agent_type: 'autogen', proc: /autogen|pyautogen|\bag2\b/i, deps: /^(autogen|pyautogen|ag2)/i },
+    { agent_type: 'openai_agents', proc: /openai[-_ ]agents/i, deps: /^(openai-agents|@openai\/agents)/i },
+    { agent_type: 'semantic_kernel', proc: /semantic[-_ ]kernel/i, deps: /semantic[-_]kernel/i },
+    { agent_type: 'llamaindex', proc: /llama[-_ ]?index/i, deps: /llama[-_]?index/i },
+    { agent_type: 'haystack', proc: /haystack/i, deps: /haystack/i },
+    { agent_type: 'pydantic_ai', proc: /pydantic[-_ ]ai/i, deps: /^pydantic-ai/i },
+    { agent_type: 'google_adk', proc: /google[-_ ]adk|google\.adk/i, deps: /google[-_]adk/i },
+    { agent_type: 'mcp_server', proc: /modelcontextprotocol|mcp[-_ ]?server/i, deps: /(@modelcontextprotocol\/|^mcp$|^fastmcp$)/i },
+    { agent_type: 'agt', proc: /agentmesh|agent[-_ ]governance/i, deps: /(agentmesh|agent-governance)/i },
+];
+/** Redact obvious secrets from a string before it's displayed/stored. */
+export function redactSecrets(text) {
+    return (text || '')
+        .replace(/\b(sk|grd|ghp|gho|xox[baprs]|AKIA)[-_][A-Za-z0-9_-]{8,}/g, '$1-[REDACTED]')
+        .replace(/\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/g, '[REDACTED_JWT]')
+        .replace(/\b[A-Za-z0-9_-]{32,}\b/g, (m) => (/[0-9]/.test(m) && /[a-zA-Z]/.test(m) ? '[REDACTED]' : m));
+}
+function fingerprint(agent_type, name, location) {
+    return crypto.createHash('sha256').update(`${agent_type}:${name}:${location}`).digest('hex').slice(0, 16);
+}
+function score(agent_type, scanner) {
+    // Running (process) > configured (config) > declared (repo dep).
+    const base = scanner === 'process' ? 70 : scanner === 'config' ? 45 : 25;
+    const conf = scanner === 'process' ? 0.9 : scanner === 'config' ? 0.7 : 0.5;
+    const risk_score = Math.min(100, base + (agent_type === 'mcp_server' ? 10 : 0));
+    const risk_level = risk_score >= 80 ? 'high' : risk_score >= 55 ? 'medium' : risk_score >= 30 ? 'low' : 'info';
+    return { confidence: conf, risk_score, risk_level };
+}
+function mk(agent_type, name, scanner, evidence, location) {
+    const s = score(agent_type, scanner);
+    return { fingerprint: fingerprint(agent_type, name, location), name, agent_type, scanner,
+        evidence: redactSecrets(evidence).slice(0, 200), source_location: location, ...s };
+}
+/** Pure: classify `ps`-style command lines into discovered agents. */
+export function scanProcessLines(lines) {
+    const out = [];
+    for (const raw of lines) {
+        const line = (raw || '').trim();
+        if (!line)
+            continue;
+        for (const sig of SIGNATURES) {
+            if (sig.proc.test(line)) {
+                const name = (line.split(/\s+/).find((w) => /\.(py|ts|js|mjs)$/.test(w)) || sig.agent_type);
+                out.push(mk(sig.agent_type, path.basename(name), 'process', line, 'process'));
+                break;
+            }
+        }
+    }
+    return out;
+}
+/** Pure: classify dependency names (from a manifest) into discovered agents. */
+export function scanDeps(deps, location) {
+    const out = [];
+    const seen = new Set();
+    for (const dep of deps) {
+        for (const sig of SIGNATURES) {
+            if (sig.deps.test(dep) && !seen.has(sig.agent_type)) {
+                seen.add(sig.agent_type);
+                out.push(mk(sig.agent_type, dep, 'repo', `dependency: ${dep}`, location));
+            }
+        }
+    }
+    return out;
+}
+function depsFromManifest(file) {
+    try {
+        const raw = fs.readFileSync(file, 'utf8');
+        if (file.endsWith('package.json')) {
+            const j = JSON.parse(raw);
+            return [...Object.keys(j.dependencies || {}), ...Object.keys(j.devDependencies || {})];
+        }
+        if (file.endsWith('requirements.txt')) {
+            return raw.split('\n').map((l) => l.split(/[=<>~!\[ ]/)[0].trim()).filter(Boolean);
+        }
+        if (file.endsWith('pyproject.toml')) {
+            return (raw.match(/^[\s"']*([A-Za-z0-9._-]+)\s*[=>~]/gm) || []).map((l) => l.replace(/[\s"'=>~].*$/, '').trim()).filter(Boolean);
+        }
+    }
+    catch { /* ignore */ }
+    return [];
+}
+/** Run the requested scanners and return de-duplicated discovered agents. */
+export function discover(opts = {}) {
+    const cwd = opts.cwd || process.cwd();
+    const scanners = opts.scanners || ['process', 'config', 'repo'];
+    const found = [];
+    if (scanners.includes('process')) {
+        try {
+            const ps = spawnSync('ps', ['-axo', 'command='], { encoding: 'utf8', timeout: 5000 });
+            if (ps.stdout)
+                found.push(...scanProcessLines(ps.stdout.split('\n')));
+        }
+        catch { /* ps unavailable */ }
+    }
+    if (scanners.includes('repo')) {
+        for (const f of ['package.json', 'requirements.txt', 'pyproject.toml']) {
+            const p = path.join(cwd, f);
+            if (fs.existsSync(p))
+                found.push(...scanDeps(depsFromManifest(p), p));
+        }
+    }
+    if (scanners.includes('config')) {
+        const map = {
+            'agentmesh.yaml': 'agt', 'crewai.yaml': 'crewai', 'mcp.json': 'mcp_server', '.mcp.json': 'mcp_server',
+        };
+        for (const [fname, type] of Object.entries(map)) {
+            const p = path.join(cwd, fname);
+            if (fs.existsSync(p))
+                found.push(mk(type, fname, 'config', `config: ${fname}`, p));
+        }
+    }
+    // de-dup by fingerprint
+    const byFp = new Map();
+    for (const a of found)
+        if (!byFp.has(a.fingerprint))
+            byFp.set(a.fingerprint, a);
+    return [...byFp.values()];
+}
+/** Submit discovered agents to Guard (/v1/discovery → ai_shadow_agents). */
+export function submitDiscovery(apiUrl, token, agents, application = 'discover') {
+    const body = JSON.stringify({ agents, application });
+    return new Promise((resolve, reject) => {
+        let url;
+        try {
+            url = new URL('/v1/discovery', apiUrl);
+        }
+        catch (e) {
+            return reject(e);
+        }
+        const transport = url.protocol === 'https:' ? https : http;
+        const req = transport.request({
+            hostname: url.hostname, port: url.port, path: url.pathname, method: 'POST', timeout: 8000,
+            headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${token}`, 'Content-Length': Buffer.byteLength(body) },
+        }, (res) => { res.resume(); res.on('end', () => resolve({ status: res.statusCode ?? 0 })); });
+        req.on('error', reject);
+        req.on('timeout', () => { req.destroy(); reject(new Error('timeout')); });
+        req.write(body);
+        req.end();
+    });
+}
+//# sourceMappingURL=discover.js.map

package/dist/core/discover.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"discover.js","sourceRoot":"","sources":["../../core/discover.ts"],"names":[],"mappings":"AAAA,kFAAkF;AAClF,gFAAgF;AAChF,8EAA8E;AAC9E,6EAA6E;AAC7E,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAmB/C,MAAM,CAAC,MAAM,UAAU,GAAU;IAC/B,EAAE,UAAU,EAAE,WAAW,EAAQ,IAAI,EAAE,sBAAsB,EAAkB,IAAI,EAAE,sCAAsC,EAAE;IAC7H,EAAE,UAAU,EAAE,QAAQ,EAAW,IAAI,EAAE,SAAS,EAA+B,IAAI,EAAE,UAAU,EAAE;IACjG,EAAE,UAAU,EAAE,SAAS,EAAU,IAAI,EAAE,4BAA4B,EAAY,IAAI,EAAE,2BAA2B,EAAE;IAClH,EAAE,UAAU,EAAE,eAAe,EAAI,IAAI,EAAE,oBAAoB,EAAoB,IAAI,EAAE,mCAAmC,EAAE;IAC1H,EAAE,UAAU,EAAE,iBAAiB,EAAE,IAAI,EAAE,sBAAsB,EAAkB,IAAI,EAAE,qBAAqB,EAAE;IAC5G,EAAE,UAAU,EAAE,YAAY,EAAO,IAAI,EAAE,mBAAmB,EAAqB,IAAI,EAAE,kBAAkB,EAAE;IACzG,EAAE,UAAU,EAAE,UAAU,EAAS,IAAI,EAAE,WAAW,EAA6B,IAAI,EAAE,WAAW,EAAE;IAClG,EAAE,UAAU,EAAE,aAAa,EAAM,IAAI,EAAE,kBAAkB,EAAsB,IAAI,EAAE,eAAe,EAAE;IACtG,EAAE,UAAU,EAAE,YAAY,EAAO,IAAI,EAAE,6BAA6B,EAAW,IAAI,EAAE,gBAAgB,EAAE;IACvG,EAAE,UAAU,EAAE,YAAY,EAAO,IAAI,EAAE,uCAAuC,EAAE,IAAI,EAAE,4CAA4C,EAAE;IACpI,EAAE,UAAU,EAAE,KAAK,EAAc,IAAI,EAAE,iCAAiC,EAAO,IAAI,EAAE,+BAA+B,EAAE;CACvH,CAAC;AAEF,yEAAyE;AACzE,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;SAChB,OAAO,CAAC,0DAA0D,EAAE,eAAe,CAAC;SACpF,OAAO,CAAC,0DAA0D,EAAE,gBAAgB,CAAC;SACrF,OAAO,CAAC,yBAAyB,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3G,CAAC;AAED,SAAS,WAAW,CAAC,UAAkB,EAAE,IAAY,EAAE,QAAgB;IACrE,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,UAAU,IAAI,IAAI,IAAI,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5G,CAAC;AAED,SAAS,KAAK,CAAC,UAAkB,EAAE,OAAgB;IACjD,iEAAiE;IACjE,MAAM,IAAI,GAAG,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACzE,MAAM,IAAI,GAAG,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,GAAG,CAAC,UAAU,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;IAC/G,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;AACtD,CAAC;AAED,SAAS,EAAE,CAAC,UAAkB,EAAE,IAAY,EAAE,OAAgB,EAAE,QAAgB,EAAE,QAAgB;IAChG,MAAM,CAAC,GAAG,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACrC,OAAO,EAAE,WAAW,EAAE,WAAW,CAAC,UAAU,EAAE,IAAI,EAAE,QAAQ,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO;QACtF,QAAQ,EAAE,aAAa,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,eAAe,EAAE,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;AACvF,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,gBAAgB,CAAC,KAAe;IAC9C,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;YAC7B,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;gBAC5F,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;gBAC9E,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,gFAAgF;AAChF,MAAM,UAAU,QAAQ,CAAC,IAAc,EAAE,QAAgB;IACvD,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;YAC7B,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACpD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACzB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,eAAe,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAY;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC1C,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC1B,OAAO,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC;QACzF,CAAC;QACD,IAAI,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACtC,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACrF,CAAC;QACD,IAAI,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,qCAAqC,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACnI,CAAC;IACH,CAAC;IAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IACxB,OAAO,EAAE,CAAC;AACZ,CAAC;AAID,6EAA6E;AAC7E,MAAM,UAAU,QAAQ,CAAC,OAAqB,EAAE;IAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IAChE,MAAM,KAAK,GAAsB,EAAE,CAAC;IAEpC,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACtF,IAAI,EAAE,CAAC,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACxE,CAAC;QAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAClC,CAAC;IACD,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9B,KAAK,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,kBAAkB,EAAE,gBAAgB,CAAC,EAAE,CAAC;YACvE,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC5B,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IACD,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChC,MAAM,GAAG,GAA2B;YAClC,gBAAgB,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY;SACtG,CAAC;QACF,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAChD,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IACD,wBAAwB;IACxB,MAAM,IAAI,GAAG,IAAI,GAAG,EAA2B,CAAC;IAChD,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAChF,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5B,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,eAAe,CAC7B,MAAc,EAAE,KAAa,EAAE,MAAyB,EAAE,WAAW,GAAG,UAAU;IAElF,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;IACrD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,GAAQ,CAAC;QAAC,IAAI,CAAC;YAAC,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAAC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YAAC,OAAO,MAAM,CAAC,CAAU,CAAC,CAAC;QAAC,CAAC;QACtG,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAC3D,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC;YAC5B,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI;YACzF,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;SAC7H,EAAE,CAAC,GAAG,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,UAAU,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9F,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1E,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAAC,GAAG,CAAC,GAAG,EAAE,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/core/fingerprint.cjs

@@ -0,0 +1,84 @@
+'use strict';
+/**
+ * Local tool fingerprint pin (P1, AGT rug-pull). Zero-dep (node:crypto + fs).
+ *
+ * MUST match guard/core/tools/fingerprint.py byte-for-byte so the server can
+ * compare the prev_* hashes we send against the current ones it computes:
+ *   description_hash = sha256(description.trim())[:16]
+ *   schema_hash      = sha256(canonicalSchema(parameters))[:16]
+ *   canonicalSchema  = JSON of params sorted by name, fields {name,type,description},
+ *                      no whitespace (JSON.stringify default == python separators=(",",":")).
+ *
+ * The pin (~/.guardion/fingerprints.json) records the last hashes seen per tool;
+ * on the next scan we attach prev_* so a changed description/schema is flagged as
+ * a rug-pull by the server, then we update the pin to the new baseline.
+ */
+const crypto = require('crypto');
+const fs = require('fs');
+const path = require('path');
+
+const HASH_LEN = 16;
+
+function _h(text) {
+  return crypto.createHash('sha256').update(String(text == null ? '' : text), 'utf8')
+    .digest('hex').slice(0, HASH_LEN);
+}
+
+function descriptionHash(description) {
+  return _h(String(description == null ? '' : description).trim());
+}
+
+function canonicalSchema(parameters) {
+  const items = (parameters || []).map((p) => ({
+    name: (p && p.name) || '',
+    type: (p && p.type) || '',
+    description: (p && p.description) || '',
+  }));
+  items.sort((a, b) => (a.name < b.name ? -1 : a.name > b.name ? 1 : 0));
+  return JSON.stringify(items);
+}
+
+function schemaHash(parameters) {
+  return _h(canonicalSchema(parameters));
+}
+
+function _key(t) {
+  return `${t.source || 'unknown'}:${t.server || ''}:${t.name || ''}`;
+}
+
+function _readPin(pinPath) {
+  try { return JSON.parse(fs.readFileSync(pinPath, 'utf8')) || {}; } catch { return {}; }
+}
+
+function _writePin(pinPath, pin) {
+  try {
+    fs.mkdirSync(path.dirname(pinPath), { recursive: true });
+    const tmp = pinPath + '.tmp';
+    fs.writeFileSync(tmp, JSON.stringify(pin), 'utf8');
+    fs.renameSync(tmp, pinPath);
+  } catch { /* non-critical */ }
+}
+
+/**
+ * Attach prev_description_hash/prev_schema_hash to each tool from the local pin,
+ * then update the pin to the current hashes. Mutates + returns `tools`. Never throws.
+ */
+function pinAndEnrich(tools, pinPath) {
+  if (!Array.isArray(tools) || tools.length === 0) return tools || [];
+  let pin;
+  try { pin = _readPin(pinPath); } catch { pin = {}; }
+  for (const t of tools) {
+    try {
+      const dh = descriptionHash(t.description);
+      const sh = schemaHash(t.parameters);   // [] for scan tools (no params) → constant
+      const prev = pin[_key(t)] || {};
+      t.prev_description_hash = prev.description_hash || '';
+      t.prev_schema_hash = prev.schema_hash || '';
+      pin[_key(t)] = { description_hash: dh, schema_hash: sh };
+    } catch { /* skip a bad tool, keep going */ }
+  }
+  _writePin(pinPath, pin);
+  return tools;
+}
+
+module.exports = { descriptionHash, schemaHash, canonicalSchema, pinAndEnrich };

package/dist/core/inventory.d.ts

@@ -0,0 +1,35 @@
+export interface ScannedTool {
+    name: string;
+    description: string;
+    server: string;
+    source: string;
+    snapshot_source: string;
+    version?: string;
+    marketplace?: string;
+    capabilities?: string[];
+    has_hooks?: boolean;
+    has_mcp?: boolean;
+    has_skills?: boolean;
+    parameters?: Array<{
+        name: string;
+        type?: string;
+        description?: string;
+    }>;
+    prev_description_hash?: string;
+    prev_schema_hash?: string;
+}
+/** Attach prev_* fingerprints from the local pin (~/.guardion/fingerprints.json)
+ *  so the server can flag a changed tool as a rug-pull. Best-effort; never throws. */
+export declare function pinInventory(tools: ScannedTool[]): ScannedTool[];
+export interface SubmitOptions {
+    apiUrl: string;
+    token: string;
+    tools: ScannedTool[];
+    policy?: string;
+    application?: string;
+}
+/** POST the inventory to Guard API /v1/guard, tagged snapshot_source=plugin_scan. */
+export declare function submitInventory(opts: SubmitOptions): Promise<{
+    status: number;
+}>;
+//# sourceMappingURL=inventory.d.ts.map

package/dist/core/inventory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inventory.d.ts","sourceRoot":"","sources":["../../core/inventory.ts"],"names":[],"mappings":"AAWA,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;IAExB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,UAAU,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC1E,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;sFACsF;AACtF,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,WAAW,EAAE,CAUhE;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,WAAW,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,qFAAqF;AACrF,wBAAgB,eAAe,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CA6ChF"}