@hazeljs/guardrails 0.2.0-beta.50

package/LICENSE

@@ -0,0 +1,192 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   Copyright 2024 HazelJS Team
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+---
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+   Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+   stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+   that You distribute, all copyright, patent, trademark, and
+   attribution notices from the Source form of the Work,
+   excluding those notices that do not pertain to any part of
+   the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+   distribution, then any Derivative Works that You distribute must
+   include a readable copy of the attribution notices contained
+   within such NOTICE file, excluding those notices that do not
+   pertain to any part of the Derivative Works, in at least one
+   of the following places: within a NOTICE text file distributed
+   as part of the Derivative Works; within the Source form or
+   documentation, if provided along with the Derivative Works; or,
+   within a display generated by the Derivative Works, if and
+   wherever such third-party notices normally appear. The contents
+   of the NOTICE file are for informational purposes only and
+   do not modify the License. You may add Your own attribution
+   notices within Derivative Works that You distribute, alongside
+   or as an addendum to the NOTICE text from the Work, provided
+   that such additional attribution notices cannot be construed
+   as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS

package/README.md

@@ -0,0 +1,158 @@
+# @hazeljs/guardrails
+
+**Content safety, PII handling, and output validation for HazelJS AI applications.**
+
+[![npm version](https://img.shields.io/npm/v/@hazeljs/guardrails.svg)](https://www.npmjs.com/package/@hazeljs/guardrails)
+[![npm downloads](https://img.shields.io/npm/dm/@hazeljs/guardrails)](https://www.npmjs.com/package/@hazeljs/guardrails)
+[![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)
+
+## Why Guardrails?
+
+AI applications face unique security challenges: prompt injection, PII leakage, toxic output. Unlike LangChain or Vercel AI SDK, HazelJS provides **built-in guardrails** that plug into HTTP, AI, and agent layers—no separate middleware.
+
+## Features
+
+- **PII Detection & Redaction** — Email, phone, SSN, credit card (configurable entities)
+- **Prompt Injection Detection** — Heuristic patterns (e.g. "ignore previous instructions", "jailbreak")
+- **Toxicity Check** — Keyword blocklist for harmful content
+- **Output Validation** — Schema validation and PII redaction on LLM responses
+- **HTTP Integration** — GuardrailPipe and GuardrailInterceptor for routes
+- **AI Integration** — @GuardrailInput and @GuardrailOutput decorators for @AITask
+- **Agent Integration** — Automatic input/output guardrails for @hazeljs/agent tools
+
+## Installation
+
+```bash
+npm install @hazeljs/guardrails
+```
+
+Or with the HazelJS CLI:
+
+```bash
+hazel add guardrails
+```
+
+## Quick Start
+
+### 1. Import the Module
+
+```typescript
+import { HazelModule } from '@hazeljs/core';
+import { GuardrailsModule } from '@hazeljs/guardrails';
+
+@HazelModule({
+  imports: [
+    GuardrailsModule.forRoot({
+      redactPIIByDefault: true,
+      blockInjectionByDefault: true,
+      blockToxicityByDefault: true,
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+### 2. Use with HTTP Routes
+
+**GuardrailPipe** — Validate request body:
+
+```typescript
+import { Controller, Post, Body, UsePipes } from '@hazeljs/core';
+import { GuardrailPipe } from '@hazeljs/guardrails';
+
+@Controller({ path: '/chat' })
+export class ChatController {
+  @Post()
+  @UsePipes(GuardrailPipe)
+  async chat(@Body() body: { message: string }) {
+    return { reply: '...' };
+  }
+}
+```
+
+**GuardrailInterceptor** — Validate input and output:
+
+```typescript
+import { Controller, UseInterceptors } from '@hazeljs/core';
+import { GuardrailInterceptor } from '@hazeljs/guardrails';
+
+@Controller({ path: '/chat' })
+@UseInterceptors(GuardrailInterceptor)
+export class ChatController {
+  @Post()
+  async chat(@Body() body: { message: string }) {
+    return { reply: '...' };
+  }
+}
+```
+
+### 3. Use with @AITask
+
+```typescript
+import { Controller, Post, Body } from '@hazeljs/core';
+import { AIService, AITask } from '@hazeljs/ai';
+import { GuardrailsService, GuardrailInput, GuardrailOutput } from '@hazeljs/guardrails';
+
+@Controller({ path: '/chat' })
+export class ChatController {
+  constructor(private aiService: AIService, private guardrailsService: GuardrailsService) {}
+
+  @GuardrailInput()
+  @GuardrailOutput()
+  @AITask({ provider: 'openai', model: 'gpt-4' })
+  @Post()
+  async chat(@Body() body: { message: string }) {
+    return body.message;
+  }
+}
+```
+
+### 4. Use with @hazeljs/agent
+
+When both `GuardrailsModule` and `AgentModule` are imported, tool input and output are automatically validated:
+
+```typescript
+@HazelModule({
+  imports: [
+    GuardrailsModule.forRoot(),
+    AgentModule.forRoot(),
+  ],
+})
+export class AppModule {}
+```
+
+## Configuration
+
+| Option | Type | Default | Description |
+|--------|------|---------|-------------|
+| `piiEntities` | `PIIEntityType[]` | `['email','phone','ssn','credit_card']` | Entities to detect/redact |
+| `redactPIIByDefault` | `boolean` | `false` | Redact PII in input by default |
+| `blockInjectionByDefault` | `boolean` | `true` | Block prompt injection by default |
+| `blockToxicityByDefault` | `boolean` | `true` | Block toxic content by default |
+| `injectionBlocklist` | `string[]` | — | Custom injection patterns |
+| `toxicityBlocklist` | `string[]` | — | Custom toxicity keywords |
+
+## API
+
+### GuardrailsService
+
+- `checkInput(input, options?)` — Validate input, returns `{ allowed, modified?, violations? }`
+- `checkOutput(output, options?)` — Validate output, returns `{ allowed, modified?, violations? }`
+- `redactPII(text, entities?)` — Redact PII from text
+
+### GuardrailViolationError
+
+Thrown when content is blocked. Includes `violations` and `blockedReason`. Use an Exception Filter to map to HTTP 400.
+
+### Use Cases
+
+- **Customer support chatbot** — Block injection, redact PII, validate responses
+- **Internal AI tools** — Ensure agent tools don't leak sensitive data
+- **Public chat API** — GuardrailPipe on `/chat` to reject toxic or injection attempts
+- **Compliance** — PII redaction for GDPR/CCPA, documented controls for audits
+
+## Learn More
+
+- [Documentation](https://hazeljs.com/docs/packages/guardrails)
+- [@hazeljs/ai](https://hazeljs.com/docs/packages/ai) — AI integration
+- [@hazeljs/agent](https://hazeljs.com/docs/packages/agent) — Agent runtime

package/dist/checks/injection.check.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Prompt injection detection (heuristic-based)
+ */
+export interface InjectionCheckOptions {
+    customPatterns?: RegExp[];
+    useDefaults?: boolean;
+}
+export declare function checkPromptInjection(text: string, options?: InjectionCheckOptions): {
+    detected: boolean;
+    matchedPattern?: string;
+};
+//# sourceMappingURL=injection.check.d.ts.map

package/dist/checks/injection.check.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection.check.d.ts","sourceRoot":"","sources":["../../src/checks/injection.check.ts"],"names":[],"mappings":"AAAA;;GAEG;AAqBH,MAAM,WAAW,qBAAqB;IACpC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,qBAA0B,GAClC;IAAE,QAAQ,EAAE,OAAO,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,CAchD"}

package/dist/checks/injection.check.js

@@ -0,0 +1,36 @@
+"use strict";
+/**
+ * Prompt injection detection (heuristic-based)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkPromptInjection = checkPromptInjection;
+const DEFAULT_INJECTION_PATTERNS = [
+    /\bignore\s+(?:all\s+)?(?:previous|above|prior)\s+instructions?\b/i,
+    /\bdisregard\s+(?:all\s+)?(?:previous|above|prior)\b/i,
+    /\bforget\s+(?:everything|all)\s+(?:you\s+)?(?:have\s+)?(?:been\s+)?(?:told|taught)\b/i,
+    /\b(?:new|different)\s+instructions?\s*:\s*/i,
+    /\bsystem\s*:\s*/i,
+    /\b(?:user|assistant)\s*:\s*/i,
+    /\b###\s*(?:system|instruction|prompt)\s*:/i,
+    /\b\[INST\]\b/i,
+    /\b\[\/INST\]\b/i,
+    /\boverride\s+(?:your|the)\s+(?:instructions?|rules?)\b/i,
+    /\bpretend\s+(?:you\s+)?(?:are|to\s+be)\b/i,
+    /\bact\s+as\s+if\b/i,
+    /\byou\s+are\s+now\s+(?:a|an)\b/i,
+    /\b(?:jailbreak|jail\s*break)\b/i,
+    /\bDAN\s+mode\b/i,
+    /\bdeveloper\s+mode\b/i,
+];
+function checkPromptInjection(text, options = {}) {
+    const { customPatterns = [], useDefaults = true } = options;
+    const patterns = useDefaults
+        ? [...DEFAULT_INJECTION_PATTERNS, ...customPatterns]
+        : customPatterns;
+    for (const pattern of patterns) {
+        if (pattern.test(text)) {
+            return { detected: true, matchedPattern: pattern.source };
+        }
+    }
+    return { detected: false };
+}

package/dist/checks/pii.check.d.ts

@@ -0,0 +1,10 @@
+/**
+ * PII detection and redaction
+ */
+import type { PIIEntityType } from '../guardrails.types';
+export declare function detectPII(text: string, entityTypes?: PIIEntityType[]): {
+    entities: PIIEntityType[];
+    matches: string[];
+};
+export declare function redactPII(text: string, entityTypes?: PIIEntityType[]): string;
+//# sourceMappingURL=pii.check.d.ts.map

package/dist/checks/pii.check.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii.check.d.ts","sourceRoot":"","sources":["../../src/checks/pii.check.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAgBzD,wBAAgB,SAAS,CACvB,IAAI,EAAE,MAAM,EACZ,WAAW,GAAE,aAAa,EAA6C,GACtE;IAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE,CAclD;AAED,wBAAgB,SAAS,CACvB,IAAI,EAAE,MAAM,EACZ,WAAW,GAAE,aAAa,EAA6C,GACtE,MAAM,CAUR"}

package/dist/checks/pii.check.js

@@ -0,0 +1,41 @@
+"use strict";
+/**
+ * PII detection and redaction
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectPII = detectPII;
+exports.redactPII = redactPII;
+const PII_PATTERNS = {
+    email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g,
+    phone: /\b(?:\+?1[-.\s]?)?\(?[0-9]{3}\)?[-.\s]?[0-9]{3}[-.\s]?[0-9]{4}\b|\b\+?[0-9]{10,15}\b/g,
+    ssn: /\b\d{3}-\d{2}-\d{4}\b|\b\d{9}\b/g,
+    credit_card: /\b(?:\d{4}[-.\s]?){3}\d{4}\b|\b\d{13,19}\b/g,
+};
+const PII_REPLACEMENTS = {
+    email: '[EMAIL_REDACTED]',
+    phone: '[PHONE_REDACTED]',
+    ssn: '[SSN_REDACTED]',
+    credit_card: '[CARD_REDACTED]',
+};
+function detectPII(text, entityTypes = ['email', 'phone', 'ssn', 'credit_card']) {
+    const entities = [];
+    const matches = [];
+    for (const entityType of entityTypes) {
+        const pattern = PII_PATTERNS[entityType];
+        const found = text.match(pattern);
+        if (found) {
+            entities.push(entityType);
+            matches.push(...found);
+        }
+    }
+    return { entities, matches };
+}
+function redactPII(text, entityTypes = ['email', 'phone', 'ssn', 'credit_card']) {
+    let result = text;
+    for (const entityType of entityTypes) {
+        const pattern = PII_PATTERNS[entityType];
+        const replacement = PII_REPLACEMENTS[entityType];
+        result = result.replace(pattern, replacement);
+    }
+    return result;
+}

package/dist/checks/toxicity.check.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Toxicity detection (keyword blocklist)
+ */
+export interface ToxicityCheckOptions {
+    customPatterns?: RegExp[];
+    customKeywords?: string[];
+    useDefaults?: boolean;
+}
+export declare function checkToxicity(text: string, options?: ToxicityCheckOptions): {
+    detected: boolean;
+    matchedPattern?: string;
+};
+//# sourceMappingURL=toxicity.check.d.ts.map

package/dist/checks/toxicity.check.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"toxicity.check.d.ts","sourceRoot":"","sources":["../../src/checks/toxicity.check.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,MAAM,WAAW,oBAAoB;IACnC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,wBAAgB,aAAa,CAC3B,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,oBAAyB,GACjC;IAAE,QAAQ,EAAE,OAAO,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,CAoBhD"}

package/dist/checks/toxicity.check.js

@@ -0,0 +1,31 @@
+"use strict";
+/**
+ * Toxicity detection (keyword blocklist)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkToxicity = checkToxicity;
+const DEFAULT_TOXICITY_PATTERNS = [
+    /\b(?:kill|murder|suicide|self[- ]?harm)\b/i,
+    /\b(?:bomb|explosive|terrorist)\b/i,
+    /\b(?:hate\s+speech|racial\s+slur)\b/i,
+    /\b(?:child\s+abuse|pedophil)\b/i,
+    /\b(?:illegal\s+drugs?|how\s+to\s+make\s+meth)\b/i,
+    /\b(?:weapon\s+of\s+mass\s+destruction)\b/i,
+];
+function checkToxicity(text, options = {}) {
+    const { customPatterns = [], customKeywords = [], useDefaults = true } = options;
+    const patterns = useDefaults ? [...DEFAULT_TOXICITY_PATTERNS, ...customPatterns] : customPatterns;
+    for (const pattern of patterns) {
+        if (pattern.test(text)) {
+            return { detected: true, matchedPattern: pattern.source };
+        }
+    }
+    for (const keyword of customKeywords) {
+        const escaped = keyword.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+        const regex = new RegExp(`\\b${escaped}\\b`, 'i');
+        if (regex.test(text)) {
+            return { detected: true, matchedPattern: keyword };
+        }
+    }
+    return { detected: false };
+}

package/dist/decorators/guardrail-input.decorator.d.ts

@@ -0,0 +1,8 @@
+/**
+ * @GuardrailInput - Run input guardrails before method execution
+ */
+import 'reflect-metadata';
+import type { GuardrailInputOptions } from '../guardrails.types';
+export declare function GuardrailInput(options?: GuardrailInputOptions): MethodDecorator;
+export declare function getGuardrailInputMetadata(target: object, propertyKey: string | symbol): GuardrailInputOptions | undefined;
+//# sourceMappingURL=guardrail-input.decorator.d.ts.map

package/dist/decorators/guardrail-input.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrail-input.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/guardrail-input.decorator.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,kBAAkB,CAAC;AAG1B,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAIjE,wBAAgB,cAAc,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,eAAe,CA8C/E;AAED,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,GAAG,MAAM,GAC3B,qBAAqB,GAAG,SAAS,CAEnC"}

package/dist/decorators/guardrail-input.decorator.js

@@ -0,0 +1,37 @@
+"use strict";
+/**
+ * @GuardrailInput - Run input guardrails before method execution
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailInput = GuardrailInput;
+exports.getGuardrailInputMetadata = getGuardrailInputMetadata;
+require("reflect-metadata");
+const guardrail_violation_error_1 = require("../errors/guardrail-violation.error");
+const GUARDRAIL_INPUT_METADATA_KEY = 'hazel:guardrail-input';
+function GuardrailInput(options) {
+    return (target, propertyKey, descriptor) => {
+        Reflect.defineMetadata(GUARDRAIL_INPUT_METADATA_KEY, options ?? {}, target, propertyKey);
+        const original = descriptor.value;
+        descriptor.value = async function (...args) {
+            const guardrailsService = this
+                .guardrailsService;
+            if (!guardrailsService) {
+                throw new Error('GuardrailsService not found. Inject GuardrailsService in the constructor and import GuardrailsModule.');
+            }
+            const opts = Reflect.getMetadata(GUARDRAIL_INPUT_METADATA_KEY, target, propertyKey);
+            const input = args[0];
+            const result = guardrailsService.checkInput(input, opts);
+            if (!result.allowed) {
+                throw new guardrail_violation_error_1.GuardrailViolationError(result.blockedReason ?? 'Input blocked by guardrails', result.violations, result.blockedReason);
+            }
+            if (result.modified !== undefined) {
+                args[0] = result.modified;
+            }
+            return original.apply(this, args);
+        };
+        return descriptor;
+    };
+}
+function getGuardrailInputMetadata(target, propertyKey) {
+    return Reflect.getMetadata(GUARDRAIL_INPUT_METADATA_KEY, target, propertyKey);
+}

package/dist/decorators/guardrail-output.decorator.d.ts

@@ -0,0 +1,8 @@
+/**
+ * @GuardrailOutput - Run output guardrails after method execution
+ */
+import 'reflect-metadata';
+import type { GuardrailOutputOptions } from '../guardrails.types';
+export declare function GuardrailOutput(options?: GuardrailOutputOptions): MethodDecorator;
+export declare function getGuardrailOutputMetadata(target: object, propertyKey: string | symbol): GuardrailOutputOptions | undefined;
+//# sourceMappingURL=guardrail-output.decorator.d.ts.map

package/dist/decorators/guardrail-output.decorator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrail-output.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/guardrail-output.decorator.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,kBAAkB,CAAC;AAG1B,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAIlE,wBAAgB,eAAe,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,eAAe,CA2CjF;AAED,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,GAAG,MAAM,GAC3B,sBAAsB,GAAG,SAAS,CAEpC"}

package/dist/decorators/guardrail-output.decorator.js

@@ -0,0 +1,34 @@
+"use strict";
+/**
+ * @GuardrailOutput - Run output guardrails after method execution
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailOutput = GuardrailOutput;
+exports.getGuardrailOutputMetadata = getGuardrailOutputMetadata;
+require("reflect-metadata");
+const guardrail_violation_error_1 = require("../errors/guardrail-violation.error");
+const GUARDRAIL_OUTPUT_METADATA_KEY = 'hazel:guardrail-output';
+function GuardrailOutput(options) {
+    return (target, propertyKey, descriptor) => {
+        Reflect.defineMetadata(GUARDRAIL_OUTPUT_METADATA_KEY, options ?? {}, target, propertyKey);
+        const original = descriptor.value;
+        descriptor.value = async function (...args) {
+            const guardrailsService = this
+                .guardrailsService;
+            if (!guardrailsService) {
+                throw new Error('GuardrailsService not found. Inject GuardrailsService in the constructor and import GuardrailsModule.');
+            }
+            const result = await original.apply(this, args);
+            const opts = Reflect.getMetadata(GUARDRAIL_OUTPUT_METADATA_KEY, target, propertyKey);
+            const outputResult = guardrailsService.checkOutput(result, opts);
+            if (!outputResult.allowed) {
+                throw new guardrail_violation_error_1.GuardrailViolationError(outputResult.blockedReason ?? 'Output blocked by guardrails', outputResult.violations, outputResult.blockedReason);
+            }
+            return outputResult.modified ?? result;
+        };
+        return descriptor;
+    };
+}
+function getGuardrailOutputMetadata(target, propertyKey) {
+    return Reflect.getMetadata(GUARDRAIL_OUTPUT_METADATA_KEY, target, propertyKey);
+}

package/dist/errors/guardrail-violation.error.d.ts

@@ -0,0 +1,14 @@
+/**
+ * GuardrailViolationError - Thrown when guardrail check fails
+ */
+export declare class GuardrailViolationError extends Error {
+    readonly violations?: string[] | undefined;
+    readonly blockedReason?: string | undefined;
+    constructor(message: string, violations?: string[] | undefined, blockedReason?: string | undefined);
+    toJSON(): {
+        message: string;
+        violations?: string[];
+        blockedReason?: string;
+    };
+}
+//# sourceMappingURL=guardrail-violation.error.d.ts.map

package/dist/errors/guardrail-violation.error.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrail-violation.error.d.ts","sourceRoot":"","sources":["../../src/errors/guardrail-violation.error.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,qBAAa,uBAAwB,SAAQ,KAAK;aAG9B,UAAU,CAAC,EAAE,MAAM,EAAE;aACrB,aAAa,CAAC,EAAE,MAAM;gBAFtC,OAAO,EAAE,MAAM,EACC,UAAU,CAAC,EAAE,MAAM,EAAE,YAAA,EACrB,aAAa,CAAC,EAAE,MAAM,YAAA;IAOxC,MAAM,IAAI;QACR,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB;CAOF"}

package/dist/errors/guardrail-violation.error.js

@@ -0,0 +1,23 @@
+"use strict";
+/**
+ * GuardrailViolationError - Thrown when guardrail check fails
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailViolationError = void 0;
+class GuardrailViolationError extends Error {
+    constructor(message, violations, blockedReason) {
+        super(message);
+        this.violations = violations;
+        this.blockedReason = blockedReason;
+        this.name = 'GuardrailViolationError';
+        Object.setPrototypeOf(this, GuardrailViolationError.prototype);
+    }
+    toJSON() {
+        return {
+            message: this.message,
+            violations: this.violations,
+            blockedReason: this.blockedReason,
+        };
+    }
+}
+exports.GuardrailViolationError = GuardrailViolationError;

package/dist/guardrails.module.d.ts

@@ -0,0 +1,12 @@
+/**
+ * GuardrailsModule - Content safety for AI applications
+ */
+import type { GuardrailsModuleOptions } from './guardrails.types';
+/** Token for optional injection (e.g. in @hazeljs/agent) */
+export declare const GUARDRAILS_SERVICE_TOKEN = "GuardrailsService";
+export declare class GuardrailsModule {
+    private static options;
+    static forRoot(options?: GuardrailsModuleOptions): typeof GuardrailsModule;
+    static getOptions(): GuardrailsModuleOptions;
+}
+//# sourceMappingURL=guardrails.module.d.ts.map

package/dist/guardrails.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrails.module.d.ts","sourceRoot":"","sources":["../src/guardrails.module.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAElE,4DAA4D;AAC5D,eAAO,MAAM,wBAAwB,sBAAsB,CAAC;AAO5D,qBASa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAC,OAAO,CAA+B;IAErD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,gBAAgB;IAQ1E,MAAM,CAAC,UAAU,IAAI,uBAAuB;CAG7C"}

package/dist/guardrails.module.js

@@ -0,0 +1,48 @@
+"use strict";
+/**
+ * GuardrailsModule - Content safety for AI applications
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var GuardrailsModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailsModule = exports.GUARDRAILS_SERVICE_TOKEN = void 0;
+const core_1 = require("@hazeljs/core");
+const guardrails_service_1 = require("./guardrails.service");
+const guardrail_pipe_1 = require("./pipes/guardrail.pipe");
+const guardrail_interceptor_1 = require("./interceptors/guardrail.interceptor");
+/** Token for optional injection (e.g. in @hazeljs/agent) */
+exports.GUARDRAILS_SERVICE_TOKEN = 'GuardrailsService';
+const guardrailsServiceProvider = {
+    token: exports.GUARDRAILS_SERVICE_TOKEN,
+    useClass: guardrails_service_1.GuardrailsService,
+};
+let GuardrailsModule = GuardrailsModule_1 = class GuardrailsModule {
+    static forRoot(options) {
+        GuardrailsModule_1.options = options ?? {};
+        if (options) {
+            guardrails_service_1.GuardrailsService.configure(options);
+        }
+        return GuardrailsModule_1;
+    }
+    static getOptions() {
+        return GuardrailsModule_1.options;
+    }
+};
+exports.GuardrailsModule = GuardrailsModule;
+GuardrailsModule.options = {};
+exports.GuardrailsModule = GuardrailsModule = GuardrailsModule_1 = __decorate([
+    (0, core_1.HazelModule)({
+        providers: [
+            guardrails_service_1.GuardrailsService,
+            guardrail_pipe_1.GuardrailPipe,
+            guardrail_interceptor_1.GuardrailInterceptor,
+            guardrailsServiceProvider,
+        ],
+        exports: [guardrails_service_1.GuardrailsService, guardrail_pipe_1.GuardrailPipe, guardrail_interceptor_1.GuardrailInterceptor],
+    })
+], GuardrailsModule);

package/dist/guardrails.service.d.ts

@@ -0,0 +1,29 @@
+/**
+ * GuardrailsService - Content safety, PII, and output validation
+ */
+import type { GuardrailInputOptions, GuardrailOutputOptions, GuardrailResult, GuardrailsModuleOptions, PIIEntityType } from './guardrails.types';
+export declare class GuardrailsService {
+    private static staticOptions;
+    private options;
+    constructor(options?: GuardrailsModuleOptions);
+    static configure(options: GuardrailsModuleOptions): void;
+    configure(options: GuardrailsModuleOptions): void;
+    /**
+     * Check input for guardrail violations
+     */
+    checkInput(input: string | object, options?: GuardrailInputOptions): GuardrailResult;
+    /**
+     * Check output for guardrail violations
+     */
+    checkOutput(output: string | object, options?: GuardrailOutputOptions): GuardrailResult;
+    /**
+     * Redact PII from text
+     */
+    redactPII(text: string, entities?: PIIEntityType[]): string;
+    private mergeInputOptions;
+    private extractText;
+    private applyRedactionToObject;
+    private validateSchema;
+    private validateAgainstSchema;
+}
+//# sourceMappingURL=guardrails.service.d.ts.map

package/dist/guardrails.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrails.service.d.ts","sourceRoot":"","sources":["../src/guardrails.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EACV,qBAAqB,EACrB,sBAAsB,EACtB,eAAe,EACf,uBAAuB,EACvB,aAAa,EACd,MAAM,oBAAoB,CAAC;AAO5B,qBACa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,aAAa,CAA+B;IAC3D,OAAO,CAAC,OAAO,CAA+B;gBAElC,OAAO,CAAC,EAAE,uBAAuB;IAI7C,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,uBAAuB,GAAG,IAAI;IAIxD,SAAS,CAAC,OAAO,EAAE,uBAAuB,GAAG,IAAI;IAIjD;;OAEG;IACH,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,qBAAqB,GAAG,eAAe;IAqDpF;;OAEG;IACH,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,sBAAsB,GAAG,eAAe;IAiDvF;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,aAAa,EAAE,GAAG,MAAM;IAK3D,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,WAAW;IAmBnB,OAAO,CAAC,sBAAsB;IAU9B,OAAO,CAAC,cAAc;IAetB,OAAO,CAAC,qBAAqB;CAoB9B"}

package/dist/guardrails.service.js

@@ -0,0 +1,207 @@
+"use strict";
+/**
+ * GuardrailsService - Content safety, PII, and output validation
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var GuardrailsService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailsService = void 0;
+const core_1 = require("@hazeljs/core");
+const core_2 = require("@hazeljs/core");
+const pii_check_1 = require("./checks/pii.check");
+const injection_check_1 = require("./checks/injection.check");
+const toxicity_check_1 = require("./checks/toxicity.check");
+const DEFAULT_ENTITY_TYPES = ['email', 'phone', 'ssn', 'credit_card'];
+let GuardrailsService = GuardrailsService_1 = class GuardrailsService {
+    constructor(options) {
+        this.options = {};
+        this.options = options ?? { ...GuardrailsService_1.staticOptions };
+    }
+    static configure(options) {
+        GuardrailsService_1.staticOptions = { ...GuardrailsService_1.staticOptions, ...options };
+    }
+    configure(options) {
+        this.options = { ...this.options, ...options };
+    }
+    /**
+     * Check input for guardrail violations
+     */
+    checkInput(input, options) {
+        const opts = this.mergeInputOptions(options);
+        const text = this.extractText(input);
+        if (!text) {
+            return { allowed: true };
+        }
+        const violations = [];
+        let modified;
+        if (opts.blockInjection) {
+            const injection = (0, injection_check_1.checkPromptInjection)(text);
+            if (injection.detected) {
+                return {
+                    allowed: false,
+                    violations: ['prompt_injection'],
+                    blockedReason: 'Potential prompt injection detected',
+                };
+            }
+        }
+        if (opts.blockToxicity) {
+            const toxicity = (0, toxicity_check_1.checkToxicity)(text, {
+                customKeywords: this.options.toxicityBlocklist,
+            });
+            if (toxicity.detected) {
+                return {
+                    allowed: false,
+                    violations: ['toxicity'],
+                    blockedReason: 'Toxic content detected',
+                };
+            }
+        }
+        if (opts.redactPII) {
+            const entityTypes = opts.entityTypes ?? this.options.piiEntities ?? DEFAULT_ENTITY_TYPES;
+            const piiDetected = (0, pii_check_1.detectPII)(text, entityTypes);
+            if (piiDetected.entities.length > 0) {
+                const redacted = (0, pii_check_1.redactPII)(text, entityTypes);
+                modified =
+                    typeof input === 'string' ? redacted : this.applyRedactionToObject(input, entityTypes);
+                violations.push('pii_redacted');
+            }
+        }
+        return {
+            allowed: true,
+            modified,
+            violations: violations.length > 0 ? violations : undefined,
+        };
+    }
+    /**
+     * Check output for guardrail violations
+     */
+    checkOutput(output, options) {
+        const text = this.extractText(output);
+        if (!text) {
+            return { allowed: true };
+        }
+        if (options?.allowPII !== true) {
+            const entityTypes = this.options.piiEntities ?? DEFAULT_ENTITY_TYPES;
+            const piiDetected = (0, pii_check_1.detectPII)(text, entityTypes);
+            if (piiDetected.entities.length > 0) {
+                const redacted = (0, pii_check_1.redactPII)(text, entityTypes);
+                const modified = typeof output === 'string'
+                    ? redacted
+                    : this.applyRedactionToObject(output, entityTypes);
+                return {
+                    allowed: true,
+                    modified,
+                    violations: ['pii_redacted'],
+                };
+            }
+        }
+        const toxicity = (0, toxicity_check_1.checkToxicity)(text, {
+            customKeywords: this.options.toxicityBlocklist,
+        });
+        if (toxicity.detected) {
+            return {
+                allowed: false,
+                violations: ['toxicity'],
+                blockedReason: 'Toxic content in output',
+            };
+        }
+        if (options?.schema) {
+            const schemaResult = this.validateSchema(output, options.schema);
+            if (!schemaResult.valid) {
+                return {
+                    allowed: false,
+                    violations: ['schema_validation'],
+                    blockedReason: schemaResult.error,
+                };
+            }
+        }
+        return { allowed: true };
+    }
+    /**
+     * Redact PII from text
+     */
+    redactPII(text, entities) {
+        const entityTypes = entities ?? this.options.piiEntities ?? DEFAULT_ENTITY_TYPES;
+        return (0, pii_check_1.redactPII)(text, entityTypes);
+    }
+    mergeInputOptions(options) {
+        return {
+            entityTypes: options?.entityTypes ?? this.options.piiEntities ?? DEFAULT_ENTITY_TYPES,
+            redactPII: options?.redactPII ?? this.options.redactPIIByDefault ?? false,
+            blockInjection: options?.blockInjection ?? this.options.blockInjectionByDefault ?? true,
+            blockToxicity: options?.blockToxicity ?? this.options.blockToxicityByDefault ?? true,
+        };
+    }
+    extractText(input) {
+        if (typeof input === 'string') {
+            return (0, core_2.sanitizeString)(input);
+        }
+        if (input && typeof input === 'object') {
+            if ('message' in input && typeof input.message === 'string') {
+                return (0, core_2.sanitizeString)(input.message);
+            }
+            if ('prompt' in input && typeof input.prompt === 'string') {
+                return (0, core_2.sanitizeString)(input.prompt);
+            }
+            if ('content' in input && typeof input.content === 'string') {
+                return (0, core_2.sanitizeString)(input.content);
+            }
+            return (0, core_2.sanitizeString)(JSON.stringify(input));
+        }
+        return '';
+    }
+    applyRedactionToObject(obj, entityTypes) {
+        const str = JSON.stringify(obj);
+        const redacted = (0, pii_check_1.redactPII)(str, entityTypes);
+        try {
+            return JSON.parse(redacted);
+        }
+        catch {
+            return { _redacted: redacted };
+        }
+    }
+    validateSchema(output, schema) {
+        if (typeof output === 'string') {
+            try {
+                const parsed = JSON.parse(output);
+                return this.validateAgainstSchema(parsed, schema);
+            }
+            catch {
+                return { valid: false, error: 'Output is not valid JSON' };
+            }
+        }
+        return this.validateAgainstSchema(output, schema);
+    }
+    validateAgainstSchema(data, schema) {
+        if (typeof schema !== 'object' || schema === null) {
+            return { valid: true };
+        }
+        const s = schema;
+        if (s.type === 'object' && s.properties) {
+            if (typeof data !== 'object' || data === null || Array.isArray(data)) {
+                return { valid: false, error: 'Expected object' };
+            }
+            for (const [key, propSchema] of Object.entries(s.properties)) {
+                const prop = propSchema;
+                if (prop?.required && !(key in data)) {
+                    return { valid: false, error: `Missing required property: ${key}` };
+                }
+            }
+        }
+        return { valid: true };
+    }
+};
+exports.GuardrailsService = GuardrailsService;
+GuardrailsService.staticOptions = {};
+exports.GuardrailsService = GuardrailsService = GuardrailsService_1 = __decorate([
+    (0, core_1.Injectable)(),
+    __metadata("design:paramtypes", [Object])
+], GuardrailsService);

package/dist/guardrails.types.d.ts

@@ -0,0 +1,29 @@
+/**
+ * @hazeljs/guardrails - Types and interfaces
+ */
+export type PIIEntityType = 'email' | 'phone' | 'ssn' | 'credit_card';
+export interface GuardrailInputOptions {
+    entityTypes?: PIIEntityType[];
+    redactPII?: boolean;
+    blockInjection?: boolean;
+    blockToxicity?: boolean;
+}
+export interface GuardrailOutputOptions {
+    allowPII?: boolean;
+    schema?: object;
+}
+export interface GuardrailResult {
+    allowed: boolean;
+    modified?: string | object;
+    violations?: string[];
+    blockedReason?: string;
+}
+export interface GuardrailsModuleOptions {
+    piiEntities?: PIIEntityType[];
+    injectionBlocklist?: string[];
+    toxicityBlocklist?: string[];
+    redactPIIByDefault?: boolean;
+    blockInjectionByDefault?: boolean;
+    blockToxicityByDefault?: boolean;
+}
+//# sourceMappingURL=guardrails.types.d.ts.map

package/dist/guardrails.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrails.types.d.ts","sourceRoot":"","sources":["../src/guardrails.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,OAAO,GAAG,KAAK,GAAG,aAAa,CAAC;AAEtE,MAAM,WAAW,qBAAqB;IACpC,WAAW,CAAC,EAAE,aAAa,EAAE,CAAC;IAC9B,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,uBAAuB;IACtC,WAAW,CAAC,EAAE,aAAa,EAAE,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,sBAAsB,CAAC,EAAE,OAAO,CAAC;CAClC"}

package/dist/guardrails.types.js

@@ -0,0 +1,5 @@
+"use strict";
+/**
+ * @hazeljs/guardrails - Types and interfaces
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * @hazeljs/guardrails - Content safety, PII handling, and output validation
+ */
+export { GuardrailsModule, GUARDRAILS_SERVICE_TOKEN } from './guardrails.module';
+export { GuardrailsService } from './guardrails.service';
+export { GuardrailPipe } from './pipes/guardrail.pipe';
+export { GuardrailInterceptor } from './interceptors/guardrail.interceptor';
+export { GuardrailInput, getGuardrailInputMetadata } from './decorators/guardrail-input.decorator';
+export { GuardrailOutput, getGuardrailOutputMetadata, } from './decorators/guardrail-output.decorator';
+export { GuardrailViolationError } from './errors/guardrail-violation.error';
+export type { GuardrailInputOptions, GuardrailOutputOptions, GuardrailResult, GuardrailsModuleOptions, PIIEntityType, } from './guardrails.types';
+export type { GuardrailPipeOptions } from './pipes/guardrail.pipe';
+export type { GuardrailInterceptorOptions } from './interceptors/guardrail.interceptor';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,yBAAyB,EAAE,MAAM,wCAAwC,CAAC;AACnG,OAAO,EACL,eAAe,EACf,0BAA0B,GAC3B,MAAM,yCAAyC,CAAC;AACjD,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAE7E,YAAY,EACV,qBAAqB,EACrB,sBAAsB,EACtB,eAAe,EACf,uBAAuB,EACvB,aAAa,GACd,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AACnE,YAAY,EAAE,2BAA2B,EAAE,MAAM,sCAAsC,CAAC"}

package/dist/index.js

@@ -0,0 +1,23 @@
+"use strict";
+/**
+ * @hazeljs/guardrails - Content safety, PII handling, and output validation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailViolationError = exports.getGuardrailOutputMetadata = exports.GuardrailOutput = exports.getGuardrailInputMetadata = exports.GuardrailInput = exports.GuardrailInterceptor = exports.GuardrailPipe = exports.GuardrailsService = exports.GUARDRAILS_SERVICE_TOKEN = exports.GuardrailsModule = void 0;
+var guardrails_module_1 = require("./guardrails.module");
+Object.defineProperty(exports, "GuardrailsModule", { enumerable: true, get: function () { return guardrails_module_1.GuardrailsModule; } });
+Object.defineProperty(exports, "GUARDRAILS_SERVICE_TOKEN", { enumerable: true, get: function () { return guardrails_module_1.GUARDRAILS_SERVICE_TOKEN; } });
+var guardrails_service_1 = require("./guardrails.service");
+Object.defineProperty(exports, "GuardrailsService", { enumerable: true, get: function () { return guardrails_service_1.GuardrailsService; } });
+var guardrail_pipe_1 = require("./pipes/guardrail.pipe");
+Object.defineProperty(exports, "GuardrailPipe", { enumerable: true, get: function () { return guardrail_pipe_1.GuardrailPipe; } });
+var guardrail_interceptor_1 = require("./interceptors/guardrail.interceptor");
+Object.defineProperty(exports, "GuardrailInterceptor", { enumerable: true, get: function () { return guardrail_interceptor_1.GuardrailInterceptor; } });
+var guardrail_input_decorator_1 = require("./decorators/guardrail-input.decorator");
+Object.defineProperty(exports, "GuardrailInput", { enumerable: true, get: function () { return guardrail_input_decorator_1.GuardrailInput; } });
+Object.defineProperty(exports, "getGuardrailInputMetadata", { enumerable: true, get: function () { return guardrail_input_decorator_1.getGuardrailInputMetadata; } });
+var guardrail_output_decorator_1 = require("./decorators/guardrail-output.decorator");
+Object.defineProperty(exports, "GuardrailOutput", { enumerable: true, get: function () { return guardrail_output_decorator_1.GuardrailOutput; } });
+Object.defineProperty(exports, "getGuardrailOutputMetadata", { enumerable: true, get: function () { return guardrail_output_decorator_1.getGuardrailOutputMetadata; } });
+var guardrail_violation_error_1 = require("./errors/guardrail-violation.error");
+Object.defineProperty(exports, "GuardrailViolationError", { enumerable: true, get: function () { return guardrail_violation_error_1.GuardrailViolationError; } });

package/dist/interceptors/guardrail.interceptor.d.ts

@@ -0,0 +1,18 @@
+/**
+ * GuardrailInterceptor - Input/output guardrails for HTTP requests
+ */
+import type { Interceptor } from '@hazeljs/core';
+import type { RequestContext } from '@hazeljs/core';
+import { GuardrailsService } from '../guardrails.service';
+import type { GuardrailInputOptions, GuardrailOutputOptions } from '../guardrails.types';
+export interface GuardrailInterceptorOptions {
+    input?: GuardrailInputOptions;
+    output?: GuardrailOutputOptions;
+    checkOutput?: boolean;
+}
+export declare class GuardrailInterceptor implements Interceptor {
+    private readonly guardrailsService;
+    constructor(guardrailsService: GuardrailsService);
+    intercept(context: RequestContext, next: () => Promise<unknown>): Promise<unknown>;
+}
+//# sourceMappingURL=guardrail.interceptor.d.ts.map

package/dist/interceptors/guardrail.interceptor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrail.interceptor.d.ts","sourceRoot":"","sources":["../../src/interceptors/guardrail.interceptor.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAE1D,OAAO,KAAK,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAEzF,MAAM,WAAW,2BAA2B;IAC1C,KAAK,CAAC,EAAE,qBAAqB,CAAC;IAC9B,MAAM,CAAC,EAAE,sBAAsB,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,qBACa,oBAAqB,YAAW,WAAW;IAC1C,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAAjB,iBAAiB,EAAE,iBAAiB;IAE3D,SAAS,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;CAiCzF"}

package/dist/interceptors/guardrail.interceptor.js

@@ -0,0 +1,47 @@
+"use strict";
+/**
+ * GuardrailInterceptor - Input/output guardrails for HTTP requests
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailInterceptor = void 0;
+const core_1 = require("@hazeljs/core");
+const guardrails_service_1 = require("../guardrails.service");
+const guardrail_violation_error_1 = require("../errors/guardrail-violation.error");
+let GuardrailInterceptor = class GuardrailInterceptor {
+    constructor(guardrailsService) {
+        this.guardrailsService = guardrailsService;
+    }
+    async intercept(context, next) {
+        if (context.body) {
+            const result = this.guardrailsService.checkInput(context.body, undefined);
+            if (!result.allowed) {
+                throw new guardrail_violation_error_1.GuardrailViolationError(result.blockedReason ?? 'Input blocked by guardrails', result.violations, result.blockedReason);
+            }
+            if (result.modified !== undefined) {
+                context.body = result.modified;
+            }
+        }
+        const response = await next();
+        if (response !== undefined && response !== null) {
+            const result = this.guardrailsService.checkOutput(response, undefined);
+            if (!result.allowed) {
+                throw new guardrail_violation_error_1.GuardrailViolationError(result.blockedReason ?? 'Output blocked by guardrails', result.violations, result.blockedReason);
+            }
+        }
+        return response;
+    }
+};
+exports.GuardrailInterceptor = GuardrailInterceptor;
+exports.GuardrailInterceptor = GuardrailInterceptor = __decorate([
+    (0, core_1.Injectable)(),
+    __metadata("design:paramtypes", [guardrails_service_1.GuardrailsService])
+], GuardrailInterceptor);

package/dist/pipes/guardrail.pipe.d.ts

@@ -0,0 +1,14 @@
+/**
+ * GuardrailPipe - Input guardrails for HTTP request body/query
+ */
+import { PipeTransform } from '@hazeljs/core';
+import type { RequestContext } from '@hazeljs/core';
+import { GuardrailsService } from '../guardrails.service';
+import type { GuardrailInputOptions } from '../guardrails.types';
+export type GuardrailPipeOptions = GuardrailInputOptions;
+export declare class GuardrailPipe implements PipeTransform {
+    private readonly guardrailsService;
+    constructor(guardrailsService: GuardrailsService);
+    transform<T>(value: T, _context: RequestContext): T | Promise<T>;
+}
+//# sourceMappingURL=guardrail.pipe.d.ts.map

package/dist/pipes/guardrail.pipe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrail.pipe.d.ts","sourceRoot":"","sources":["../../src/pipes/guardrail.pipe.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAc,aAAa,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAE1D,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAEjE,MAAM,MAAM,oBAAoB,GAAG,qBAAqB,CAAC;AAEzD,qBACa,aAAc,YAAW,aAAa;IACrC,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAAjB,iBAAiB,EAAE,iBAAiB;IAEjE,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,cAAc,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAiBjE"}

package/dist/pipes/guardrail.pipe.js

@@ -0,0 +1,38 @@
+"use strict";
+/**
+ * GuardrailPipe - Input guardrails for HTTP request body/query
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GuardrailPipe = void 0;
+const core_1 = require("@hazeljs/core");
+const guardrails_service_1 = require("../guardrails.service");
+const guardrail_violation_error_1 = require("../errors/guardrail-violation.error");
+let GuardrailPipe = class GuardrailPipe {
+    constructor(guardrailsService) {
+        this.guardrailsService = guardrailsService;
+    }
+    transform(value, _context) {
+        const result = this.guardrailsService.checkInput(value);
+        if (!result.allowed) {
+            throw new guardrail_violation_error_1.GuardrailViolationError(result.blockedReason ?? 'Input blocked by guardrails', result.violations, result.blockedReason);
+        }
+        if (result.modified !== undefined) {
+            return result.modified;
+        }
+        return value;
+    }
+};
+exports.GuardrailPipe = GuardrailPipe;
+exports.GuardrailPipe = GuardrailPipe = __decorate([
+    (0, core_1.Injectable)(),
+    __metadata("design:paramtypes", [guardrails_service_1.GuardrailsService])
+], GuardrailPipe);

package/package.json

@@ -0,0 +1,57 @@
+{
+  "name": "@hazeljs/guardrails",
+  "version": "0.2.0-beta.50",
+  "description": "Content safety, PII handling, and output validation for HazelJS AI applications",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "test": "jest --coverage --passWithNoTests",
+    "lint": "eslint \"src/**/*.ts\"",
+    "lint:fix": "eslint \"src/**/*.ts\" --fix",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "reflect-metadata": "^0.2.1"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.11",
+    "@types/node": "^20.17.50",
+    "@typescript-eslint/eslint-plugin": "^8.18.2",
+    "@typescript-eslint/parser": "^8.18.2",
+    "eslint": "^8.56.0",
+    "jest": "^29.7.0",
+    "ts-jest": "^29.1.2",
+    "typescript": "^5.3.3"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/hazel-js/hazeljs.git",
+    "directory": "packages/guardrails"
+  },
+  "keywords": [
+    "hazeljs",
+    "guardrails",
+    "ai",
+    "pii",
+    "content-safety",
+    "prompt-injection",
+    "validation"
+  ],
+  "author": "Muhammad Arslan <muhammad.arslan@hazeljs.com>",
+  "license": "Apache-2.0",
+  "bugs": {
+    "url": "https://github.com/hazeljs/hazel-js/issues"
+  },
+  "homepage": "https://hazeljs.com",
+  "peerDependencies": {
+    "@hazeljs/core": ">=0.2.0-beta.0"
+  },
+  "gitHead": "aefca57a74856e3b0055ad65843e2a61681f6b99"
+}