@highflame/policy 1.2.1 → 2.0.1

package/dist/studio-ui.test.js

@@ -0,0 +1,165 @@
+/**
+ * Studio UI Integration Tests
+ *
+ * These tests simulate exactly how the Studio UI (Overwatch admin dashboard)
+ * will use the @highflame/policy npm package.
+ */
+import { describe, it, expect } from 'vitest';
+// Browser-safe imports (simulating '@highflame/policy/types')
+import { PolicyBuilder, OVERWATCH_SCHEMA, PALISADE_SCHEMA, OVERWATCH_CONTEXT, OverwatchContextKey, PalisadeContextKey, } from './types.js';
+// Node.js only imports (for API routes)
+import { PolicyEngine, PolicyValidator, newEntityUID, newEntity, } from './index.js';
+describe('Studio UI Integration Tests', () => {
+    /**
+     * Test: PolicyBuilder action formatting
+     *
+     * Tests that simple action names are properly formatted to Cedar syntax.
+     * This is the "normal approach" for non-namespaced schemas.
+     */
+    it('should format simple action names to Cedar syntax', () => {
+        // Using simple action name (normal approach)
+        const policy = PolicyBuilder.permit()
+            .principalType('User')
+            .action('call_tool')
+            .resourceType('Tool')
+            .build();
+        const cedarText = policy.toCedar();
+        // Simple actions should be wrapped as Action::"..."
+        expect(cedarText).toContain('action == Action::"call_tool"');
+        expect(cedarText).not.toContain('Action::"Action::'); // No double-wrapping
+    });
+    /**
+     * Test 1: Schema and Context Loading
+     *
+     * Studio UI needs to load schemas for validation and context metadata
+     * for populating form dropdowns.
+     */
+    it('should load schemas and context metadata for form builders', () => {
+        // Schemas should be strings
+        expect(typeof OVERWATCH_SCHEMA).toBe('string');
+        expect(OVERWATCH_SCHEMA).toContain('namespace Overwatch');
+        expect(typeof PALISADE_SCHEMA).toBe('string');
+        expect(PALISADE_SCHEMA).toContain('namespace Palisade');
+        // Context metadata should have action definitions
+        expect(OVERWATCH_CONTEXT.service).toBe('overwatch');
+        expect(OVERWATCH_CONTEXT.actions.length).toBeGreaterThan(0);
+        // Find call_tool action and verify context attributes
+        const callToolAction = OVERWATCH_CONTEXT.actions.find((a) => a.name === 'call_tool');
+        expect(callToolAction).toBeDefined();
+        expect(callToolAction.context_attributes.length).toBeGreaterThan(0);
+        // Context keys should be available for type-safe form building
+        expect(OverwatchContextKey.ToolName).toBe('tool_name');
+        expect(OverwatchContextKey.ThreatCount).toBe('threat_count');
+        expect(PalisadeContextKey.Severity).toBe('severity');
+        expect(PalisadeContextKey.Environment).toBe('environment');
+    });
+    /**
+     * Test 2: Full Round-Trip - Create Policy → Validate → Evaluate
+     *
+     * This simulates the complete flow:
+     * 1. User creates a policy using PolicyBuilder in the UI
+     * 2. API validates the policy against the schema
+     * 3. Runtime evaluates the policy
+     */
+    it('should complete full policy lifecycle for Overwatch', () => {
+        // Step 1: User creates policy in form UI
+        const policy = PolicyBuilder.permit()
+            .principalType('Overwatch::User')
+            .action('Overwatch::Action::"call_tool"')
+            .resourceType('Overwatch::Tool')
+            .whenRaw('context.threat_count < 5')
+            .build();
+        const cedarText = policy.toCedar();
+        expect(cedarText).toContain('permit');
+        expect(cedarText).toContain('Overwatch::User');
+        // Step 2: API validates policy against schema
+        const validator = new PolicyValidator(OVERWATCH_SCHEMA);
+        const validationResult = validator.validate(cedarText);
+        expect(validationResult.valid).toBe(true);
+        // Step 3: Runtime loads and evaluates policy
+        const engine = new PolicyEngine({ schema: OVERWATCH_SCHEMA });
+        engine.loadPolicies(cedarText);
+        const entities = [
+            newEntity('Overwatch::User', 'mcp_client', { user_type: 'external', email: 'test@example.com' }),
+            newEntity('Overwatch::Tool', 'shell', { tool_name: 'shell', risk_level: 'high' }),
+        ];
+        // Full context as Guardian will provide at runtime
+        const baseContext = {
+            content: 'ls -la',
+            source: 'claudecode',
+            event: 'PreToolUse',
+            user_email: 'test@example.com',
+            tool_name: 'shell',
+            mcp_server: 'filesystem',
+            mcp_tool: 'shell',
+            path: '/workspace',
+            cwd: '/workspace',
+            workspace_root: '/workspace',
+            highest_severity: 'low',
+            threat_categories: [],
+            threat_types: [],
+            yara_threats: [],
+            max_threat_severity: 1,
+            contains_secrets: false,
+            response_content: '',
+        };
+        // Should allow when threat_count < 5
+        const allowDecision = engine.evaluate({
+            principal: newEntityUID('Overwatch::User', 'mcp_client'),
+            action: 'Overwatch::Action::"call_tool"',
+            resource: newEntityUID('Overwatch::Tool', 'shell'),
+            context: { ...baseContext, threat_count: 3 },
+            entities,
+        });
+        expect(allowDecision.effect).toBe('Allow');
+        // Should deny when threat_count >= 5 (no matching permit)
+        const denyDecision = engine.evaluate({
+            principal: newEntityUID('Overwatch::User', 'mcp_client'),
+            action: 'Overwatch::Action::"call_tool"',
+            resource: newEntityUID('Overwatch::Tool', 'shell'),
+            context: { ...baseContext, threat_count: 10 },
+            entities,
+        });
+        expect(denyDecision.effect).toBe('Deny');
+    });
+    /**
+     * Test 3: Full Round-Trip for Palisade
+     *
+     * Same flow but for Palisade ML security policies.
+     */
+    it('should complete full policy lifecycle for Palisade', () => {
+        // Step 1: Create a forbid policy for CRITICAL findings
+        const policy = PolicyBuilder.forbid()
+            .principalType('Palisade::Scanner')
+            .action('Palisade::Action::"load_model"')
+            .resourceType('Palisade::Artifact')
+            .whenRaw('context.severity == "CRITICAL"')
+            .build();
+        const cedarText = policy.toCedar();
+        // Step 2: Validate
+        const validator = new PolicyValidator(PALISADE_SCHEMA);
+        expect(validator.validate(cedarText).valid).toBe(true);
+        // Step 3: Evaluate
+        const engine = new PolicyEngine({ schema: PALISADE_SCHEMA });
+        engine.loadPolicies(cedarText);
+        const entities = [
+            newEntity('Palisade::Scanner', 'palisade', { scanner_type: 'ml' }),
+            newEntity('Palisade::Artifact', 'model.pkl', {
+                artifact_format: 'pickle',
+                path: '/model.pkl',
+                signed: false,
+                signer: 'unsigned',
+            }),
+        ];
+        // Should deny CRITICAL findings
+        const decision = engine.evaluate({
+            principal: newEntityUID('Palisade::Scanner', 'palisade'),
+            action: 'Palisade::Action::"load_model"',
+            resource: newEntityUID('Palisade::Artifact', 'model.pkl'),
+            context: { severity: 'CRITICAL' },
+            entities,
+        });
+        expect(decision.effect).toBe('Deny');
+    });
+});
+//# sourceMappingURL=studio-ui.test.js.map

package/dist/studio-ui.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"studio-ui.test.js","sourceRoot":"","sources":["../src/studio-ui.test.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAE9C,8DAA8D;AAC9D,OAAO,EAGL,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EAEjB,mBAAmB,EACnB,kBAAkB,GAGnB,MAAM,YAAY,CAAC;AAEpB,wCAAwC;AACxC,OAAO,EACL,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,SAAS,GACV,MAAM,YAAY,CAAC;AAEpB,QAAQ,CAAC,6BAA6B,EAAE,GAAG,EAAE;IAC3C;;;;;OAKG;IACH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,6CAA6C;QAC7C,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,MAAM,CAAC;aACrB,MAAM,CAAC,WAAW,CAAC;aACnB,YAAY,CAAC,MAAM,CAAC;aACpB,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAEnC,oDAAoD;QACpD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QAC7D,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAE,qBAAqB;IAC9E,CAAC,CAAC,CAAC;IAEH;;;;;OAKG;IACH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;QACpE,4BAA4B;QAC5B,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,CAAC,gBAAgB,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAC1D,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAExD,kDAAkD;QAClD,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAE5D,sDAAsD;QACtD,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC,IAAI,CACnD,CAAC,CAAgB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAC7C,CAAC;QACF,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,cAAe,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAErE,+DAA+D;QAC/D,MAAM,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC7D,MAAM,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrD,MAAM,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH;;;;;;;OAOG;IACH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,yCAAyC;QACzC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,iBAAiB,CAAC;aAChC,MAAM,CAAC,gCAAgC,CAAC;aACxC,YAAY,CAAC,iBAAiB,CAAC;aAC/B,OAAO,CAAC,0BAA0B,CAAC;aACnC,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QACnC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAE/C,8CAA8C;QAC9C,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACxD,MAAM,gBAAgB,GAAG,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACvD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE1C,6CAA6C;QAC7C,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,QAAQ,GAAG;YACf,SAAS,CAAC,iBAAiB,EAAE,YAAY,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC;YAChG,SAAS,CAAC,iBAAiB,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;SAClF,CAAC;QAEF,mDAAmD;QACnD,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,QAAQ;YACjB,MAAM,EAAE,YAAY;YACpB,KAAK,EAAE,YAAY;YACnB,UAAU,EAAE,kBAAkB;YAC9B,SAAS,EAAE,OAAO;YAClB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,OAAO;YACjB,IAAI,EAAE,YAAY;YAClB,GAAG,EAAE,YAAY;YACjB,cAAc,EAAE,YAAY;YAC5B,gBAAgB,EAAE,KAAK;YACvB,iBAAiB,EAAE,EAAE;YACrB,YAAY,EAAE,EAAE;YAChB,YAAY,EAAE,EAAE;YAChB,mBAAmB,EAAE,CAAC;YACtB,gBAAgB,EAAE,KAAK;YACvB,gBAAgB,EAAE,EAAE;SACrB,CAAC;QAEF,qCAAqC;QACrC,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC;YACpC,SAAS,EAAE,YAAY,CAAC,iBAAiB,EAAE,YAAY,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC;YAClD,OAAO,EAAE,EAAE,GAAG,WAAW,EAAE,YAAY,EAAE,CAAC,EAAE;YAC5C,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE3C,0DAA0D;QAC1D,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC;YACnC,SAAS,EAAE,YAAY,CAAC,iBAAiB,EAAE,YAAY,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC;YAClD,OAAO,EAAE,EAAE,GAAG,WAAW,EAAE,YAAY,EAAE,EAAE,EAAE;YAC7C,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH;;;;OAIG;IACH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,uDAAuD;QACvD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,mBAAmB,CAAC;aAClC,MAAM,CAAC,gCAAgC,CAAC;aACxC,YAAY,CAAC,oBAAoB,CAAC;aAClC,OAAO,CAAC,gCAAgC,CAAC;aACzC,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAEnC,mBAAmB;QACnB,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;QACvD,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEvD,mBAAmB;QACnB,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CAAC;QAC7D,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,QAAQ,GAAG;YACf,SAAS,CAAC,mBAAmB,EAAE,UAAU,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;YAClE,SAAS,CAAC,oBAAoB,EAAE,WAAW,EAAE;gBAC3C,eAAe,EAAE,QAAQ;gBACzB,IAAI,EAAE,YAAY;gBAClB,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,UAAU;aACnB,CAAC;SACH,CAAC;QAEF,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC/B,SAAS,EAAE,YAAY,CAAC,mBAAmB,EAAE,UAAU,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,oBAAoB,EAAE,WAAW,CAAC;YACzD,OAAO,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjC,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/types.d.ts

@@ -4,4 +4,8 @@ export * from './context.gen.js';
 export * from './schema.gen.js';
 export * from './builder.js';
 export * from './errors.js';
+export { OVERWATCH_SCHEMA, PALISADE_SCHEMA, OVERWATCH_CONTEXT, PALISADE_CONTEXT, } from './service-schemas.gen.js';
+export type { ContextAttribute, ActionContext, ServiceContext, } from './service-schemas.gen.js';
+export { OverwatchContextKey } from './overwatch-context.gen.js';
+export { PalisadeContextKey } from './palisade-context.gen.js';
 //# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,cAAc,CAAC;AAG7B,cAAc,aAAa,CAAC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,cAAc,CAAC;AAG7B,cAAc,aAAa,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EACV,gBAAgB,EAChB,aAAa,EACb,cAAc,GACf,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC"}

package/dist/types.js

@@ -13,4 +13,9 @@ export * from './schema.gen.js';
 export * from './builder.js';
 // Error types - works in browser (no WASM dependency)
 export * from './errors.js';
+// Service-specific schemas and context (inlined, browser-safe)
+export { OVERWATCH_SCHEMA, PALISADE_SCHEMA, OVERWATCH_CONTEXT, PALISADE_CONTEXT, } from './service-schemas.gen.js';
+// Service-specific context key enums
+export { OverwatchContextKey } from './overwatch-context.gen.js';
+export { PalisadeContextKey } from './palisade-context.gen.js';
 //# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,6CAA6C;AAC7C,gDAAgD;AAChD,yEAAyE;AAEzE,gDAAgD;AAChD,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,wDAAwD;AACxD,cAAc,cAAc,CAAC;AAE7B,sDAAsD;AACtD,cAAc,aAAa,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,6CAA6C;AAC7C,gDAAgD;AAChD,yEAAyE;AAEzE,gDAAgD;AAChD,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,wDAAwD;AACxD,cAAc,cAAc,CAAC;AAE7B,sDAAsD;AACtD,cAAc,aAAa,CAAC;AAE5B,+DAA+D;AAC/D,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAOlC,qCAAqC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC"}

package/package.json

@@ -1,7 +1,8 @@
 {
   "name": "@highflame/policy",
-  "version": "1.2.1",
+  "version": "2.0.1",
   "description": "Highflame Cedar policy types and engine wrapper",
+  "readme": "README.md",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
@@ -26,10 +27,10 @@
       "import": "./dist/actions.gen.js",
       "types": "./dist/actions.gen.d.ts"
     },
-    "./context": {
-      "import": "./dist/context.gen.js",
-      "types": "./dist/context.gen.d.ts"
-    },
+    "./schemas/overwatch": "./_schemas/overwatch/schema.cedarschema",
+    "./schemas/palisade": "./_schemas/palisade/schema.cedarschema",
+    "./context/overwatch": "./_schemas/overwatch/context.json",
+    "./context/palisade": "./_schemas/palisade/context.json",
     "./engine": {
       "import": "./dist/engine.js",
       "types": "./dist/engine.d.ts"
@@ -53,12 +54,14 @@
     "@cedar-policy/cedar-wasm": "^4.0.0"
   },
   "devDependencies": {
+    "@types/node": "^25.2.0",
     "typescript": "^5.3.0",
     "vitest": "^2.0.0"
   },
   "files": [
     "dist",
-    "src"
+    "src",
+    "_schemas"
   ],
   "keywords": [
     "cedar",

package/src/builder.ts

@@ -24,7 +24,20 @@
 
 import { EntityType, EntityUID } from './entities.gen.js';
 import { ActionType } from './actions.gen.js';
-import { ContextKey } from './context.gen.js';
+
+/**
+ * Format an action string for Cedar policy text.
+ * Detects if action is already namespaced (contains 'Action::"') and preserves it,
+ * otherwise wraps with Action::"...".
+ */
+function formatAction(action: string): string {
+    if (action.includes('Action::"')) {
+        // Already namespaced (e.g., 'Overwatch::Action::"call_tool"')
+        return action;
+    }
+    // Non-namespaced, wrap with Action::"..."
+    return `Action::"${action}"`;
+}
 
 /**
  * Policy effect - permit or forbid
@@ -164,13 +177,13 @@ export class Policy {
         // Action
         if (Array.isArray(this.data.action)) {
             if (this.data.action.length === 1) {
-                policyLine += `,\n    action == Action::\"${this.data.action[0]}\"`;
+                policyLine += `,\n    action == ${formatAction(this.data.action[0])}`;
             } else {
-                const actions = this.data.action.map(a => `Action::\"${a}\"`).join(', ');
+                const actions = this.data.action.map(a => formatAction(a)).join(', ');
                 policyLine += `,\n    action in [${actions}]`;
             }
         } else {
-            policyLine += `,\n    action == Action::\"${this.data.action}\"`;
+            policyLine += `,\n    action == ${formatAction(this.data.action)}`;
         }
 
         // Resource
@@ -397,7 +410,7 @@ export class PolicyBuilder {
     /**
      * Add a structured condition
      */
-    when(field: ContextKey | string, operator: ConditionOperator, value: string | number | boolean | string[]): PolicyBuilder {
+    when(field: string, operator: ConditionOperator, value: string | number | boolean | string[]): PolicyBuilder {
         this.data.conditions.push({ field, operator, value });
         return this;
     }

package/src/context.gen.ts

@@ -5,103 +5,6 @@
  * Context attribute keys for Cedar policy evaluation.
  */
 export const ContextKey = {
-    // Guardrails/Core context attributes
-    /** Name of tool being called */
-    ToolName: 'tool_name',
-    /** Name of resource being accessed */
-    ResourceName: 'resource_name',
-    /** Name of prompt */
-    PromptName: 'prompt_name',
-    /** Raw prompt text */
-    PromptText: 'prompt_text',
-    /** Response size in megabytes */
-    ResponseSizeMb: 'response_size_mb',
-    /** Set of detected YARA threat names */
-    YaraThreats: 'yara_threats',
-    /** Number of threats detected */
-    ThreatCount: 'threat_count',
-    /** Highest severity (0-4) */
-    MaxThreatSeverity: 'max_threat_severity',
-    /** User type: external or internal */
-    UserType: 'user_type',
-    /** Whether monitoring is active */
-    MonitoringEnabled: 'monitoring_enabled',
-    /** File path */
-    Path: 'path',
-    /** HTTP hostname */
-    Hostname: 'hostname',
-    /** IP address */
-    IpAddress: 'ip_address',
-    /** Whether the IP is private/loopback (set by application layer) */
-    IsPrivateIp: 'is_private_ip',
-    /** HTTP scheme */
-    Scheme: 'scheme',
-    /** Port number */
-    Port: 'port',
-
-    // Palisade context attributes
-    /** Environment: production, development, research */
-    Environment: 'environment',
-    /** Format: pickle, safetensors, gguf, onnx */
-    ArtifactFormat: 'artifact_format',
-    /** Whether artifact has signature */
-    ArtifactSigned: 'artifact_signed',
-    /** Severity: CRITICAL, HIGH, MEDIUM, LOW, INFO */
-    Severity: 'severity',
-    /** Type of security finding */
-    FindingType: 'finding_type',
-    /** Who signed the artifact */
-    ProvenanceSigner: 'provenance_signer',
-    /** RCE path found in pickle */
-    PickleExecPathDetected: 'pickle_exec_path_detected',
-    /** Malicious pattern in metadata */
-    MetadataMaliciousPattern: 'metadata_malicious_pattern',
-    /** Number of added tokens */
-    TokenizerAddedTokensCount: 'tokenizer_added_tokens_count',
-    /** Safetensors integrity failed */
-    SafetensorsIntegrityViolation: 'safetensors_integrity_violation',
-    /** Suspicious GGUF metadata */
-    GgufSuspiciousMetadata: 'gguf_suspicious_metadata',
-    /** LoRA adapter digest mismatch */
-    AdapterBaseDigestMismatch: 'adapter_base_digest_mismatch',
-    /** CoSAI maturity level (0-5) */
-    MetadataCosaiLevelNumeric: 'metadata_cosai_level_numeric',
-
-    // Overwatch context attributes
-    /** IDE source: cursor, claudecode, vscode, geminicli */
-    Source: 'source',
-    /** Hook event type: beforeShellExecution, PreToolUse, etc. */
-    Event: 'event',
-    /** The prompt/request content being evaluated */
-    Content: 'content',
-    /** User's email address (or 'anonymous') */
-    UserEmail: 'user_email',
-    /** Custom principal ID for policy evaluation */
-    CedarPrincipal: 'cedar_principal',
-    /** MCP server name: filesystem, playwright, etc. */
-    ServerName: 'server_name',
-    /** Whether the path is within the workspace */
-    IsWithinWorkspace: 'is_within_workspace',
-    /** Response content from tool execution */
-    ResponseContent: 'response_content',
-    /** Highest severity level: critical, high, medium, low */
-    HighestSeverity: 'highest_severity',
-    /** Array of threat types detected */
-    ThreatTypes: 'threat_types',
-    /** Array of threat categories found */
-    ThreatCategories: 'threat_categories',
-    /** Whether secrets were detected in the content */
-    ContainsSecrets: 'contains_secrets',
-    /** Number of concurrent calls */
-    ConcurrentCalls: 'concurrent_calls',
-    /** Request rate per minute */
-    RequestsPerMinute: 'requests_per_minute',
-    /** User trust level: high, medium, low */
-    UserTrustLevel: 'user_trust_level',
-    /** Whether alerting is enabled for this request */
-    AlertEnabled: 'alert_enabled',
-    /** Type of security scan being performed */
-    ScanType: 'scan_type',
 } as const;
 
 export type ContextKey = (typeof ContextKey)[keyof typeof ContextKey];

package/src/engine.test.ts

@@ -11,7 +11,6 @@ import {
   Decision,
   EntityType,
   ActionType,
-  ContextKey,
   InputValidationError,
   DEFAULT_LIMITS,
 } from './index.js';

package/src/engine.ts

@@ -6,7 +6,6 @@
 import * as cedar from "@cedar-policy/cedar-wasm/nodejs";
 import { EntityType, EntityUID, Entity } from "./entities.gen.js";
 import { ActionType } from "./actions.gen.js";
-import { CEDAR_SCHEMA } from "./schema.gen.js";
 
 // =============================================================================
 // INPUT VALIDATION LIMITS (consistent across all language SDKs)
@@ -35,6 +34,8 @@ export interface InputLimits {
 }
 
 export interface EngineOptions {
+  /** Cedar schema string (optional - can also use loadSchema() method) */
+  schema?: string;
   /** Custom input validation limits */
   limits?: InputLimits;
   /** Skip input validation (not recommended for production) */
@@ -142,9 +143,15 @@ export interface Decision {
 
 export interface EvaluateRequest {
   principal: EntityUID;
-  action: ActionType;
+  /**
+   * Action to evaluate. Can be:
+   * - A generated ActionType value (e.g., ActionType.CallTool)
+   * - A namespaced action string (e.g., 'Overwatch::Action::"call_tool"')
+   */
+  action: ActionType | string;
   resource: EntityUID;
   context?: Record<string, unknown>;
+  entities?: Entity[];
 }
 
 /**
@@ -170,6 +177,33 @@ function toCedarValue(value: unknown): cedar.CedarValueJson {
   return String(value);
 }
 
+/**
+ * Parse an action string into Cedar EntityUID format.
+ * Handles both non-namespaced and namespaced actions:
+ * - "call_tool" → { type: "Action", id: "call_tool" }
+ * - "Overwatch::Action::\"call_tool\"" → { type: "Overwatch::Action", id: "call_tool" }
+ * - "Overwatch::Action::call_tool" → { type: "Overwatch::Action", id: "call_tool" }
+ */
+function parseActionString(action: string): cedar.EntityUidJson {
+  // Check if action contains namespace separator
+  if (!action.includes("::")) {
+    // Non-namespaced action
+    return { type: "Action", id: action };
+  }
+
+  // Namespaced action - find the last :: separator
+  const lastSeparator = action.lastIndexOf("::");
+  const actionType = action.substring(0, lastSeparator);
+  let actionId = action.substring(lastSeparator + 2);
+
+  // Remove surrounding quotes if present (e.g., "call_tool" → call_tool)
+  if (actionId.startsWith('"') && actionId.endsWith('"')) {
+    actionId = actionId.slice(1, -1);
+  }
+
+  return { type: actionType, id: actionId };
+}
+
 /**
  * PolicyEngine wraps cedar-wasm with Highflame schema types.
  */
@@ -181,6 +215,7 @@ export class PolicyEngine {
 
   constructor(options?: EngineOptions) {
     this.options = options ?? {};
+    this.schema = options?.schema;
     this.limits = {
       maxContextKeys: options?.limits?.maxContextKeys ?? DEFAULT_LIMITS.maxContextKeys,
       maxStringLength: options?.limits?.maxStringLength ?? DEFAULT_LIMITS.maxStringLength,
@@ -198,19 +233,11 @@ export class PolicyEngine {
 
   /**
    * Load schema from a Cedar schema string.
-   * If not called, uses the embedded Highflame schema.
    */
   loadSchema(schema: string): void {
     this.schema = schema;
   }
 
-  /**
-   * Load the embedded Highflame schema.
-   */
-  loadHighflameSchema(): void {
-    this.schema = CEDAR_SCHEMA;
-  }
-
   /**
    * Evaluate a policy request and return a decision.
    * @throws InputValidationError if context validation fails
@@ -226,10 +253,7 @@ export class PolicyEngine {
       type: req.principal.type,
       id: req.principal.id,
     };
-    const action: cedar.EntityUidJson = {
-      type: "Action",
-      id: req.action,
-    };
+    const action: cedar.EntityUidJson = parseActionString(req.action);
     const resource: cedar.EntityUidJson = {
       type: req.resource.type,
       id: req.resource.id,
@@ -243,6 +267,15 @@ export class PolicyEngine {
       }
     }
 
+    // Convert entities to Cedar JSON format
+    const entities = (req.entities || []).map(e => ({
+      uid: e.uid,
+      attrs: e.attrs ? Object.fromEntries(
+        Object.entries(e.attrs).map(([k, v]) => [k, toCedarValue(v)])
+      ) : {},
+      parents: e.parents || [],
+    }));
+
     // Build the authorization call
     const call: cedar.AuthorizationCall = {
       principal,
@@ -250,7 +283,7 @@ export class PolicyEngine {
       resource,
       context,
       policies: { staticPolicies: this.policies },
-      entities: [],
+      entities,
     };
 
     // Add schema if available
@@ -284,7 +317,7 @@ export class PolicyEngine {
   evaluateSimple(
     principalType: EntityType,
     principalId: string,
-    action: ActionType,
+    action: ActionType | string,
     resourceType: EntityType,
     resourceId: string,
     context?: Record<string, unknown>
@@ -302,11 +335,13 @@ export class PolicyEngine {
    * Returns validation errors or empty array if valid.
    */
   validatePolicies(policies: string): string[] {
-    const schemaToUse = this.schema ?? CEDAR_SCHEMA;
+    if (!this.schema) {
+      throw new Error("Schema is required for validation. Provide schema via constructor options or loadSchema().");
+    }
 
     const result = cedar.validate({
       validationSettings: { mode: "strict" },
-      schema: schemaToUse,
+      schema: this.schema,
       policies: { staticPolicies: policies },
     });
 
@@ -326,10 +361,11 @@ export class PolicyValidator {
   private schema: string;
 
   /**
-   * Create a validator with the embedded Highflame schema.
+   * Create a validator with a Cedar schema.
+   * @param schema Cedar schema string (required)
    */
-  constructor(schema?: string) {
-    this.schema = schema ?? CEDAR_SCHEMA;
+  constructor(schema: string) {
+    this.schema = schema;
   }
 
   /**
@@ -375,23 +411,16 @@ export class PolicyValidator {
 }
 
 /**
- * Validate a Cedar policy against the Highflame schema.
+ * Validate a Cedar policy against a schema.
  * Convenience function that doesn't require creating a validator instance.
+ * @param schema Cedar schema string
+ * @param policy Policy text to validate
  */
-export function validatePolicy(policy: string): { valid: boolean; errors: string[] } {
-  const validator = new PolicyValidator();
+export function validatePolicy(schema: string, policy: string): { valid: boolean; errors: string[] } {
+  const validator = new PolicyValidator(schema);
   return validator.validate(policy);
 }
 
-/**
- * Get the embedded Highflame Cedar schema.
- */
-export function getHighflameSchema(): string {
-  return CEDAR_SCHEMA;
-}
-
 // Re-export types
 export { EntityType, EntityUID, Entity, newEntityUID, newEntity } from "./entities.gen.js";
 export { ActionType, actionUID } from "./actions.gen.js";
-export * from "./context.gen.js";
-export { CEDAR_SCHEMA } from "./schema.gen.js";

package/src/entities.gen.ts

@@ -11,6 +11,7 @@ export const EntityType = {
     FilePath: 'FilePath',
     GitBranch: 'GitBranch',
     HttpEndpoint: 'HttpEndpoint',
+    LlmPrompt: 'LlmPrompt',
     Memory: 'Memory',
     Model: 'Model',
     Package: 'Package',

package/src/index.ts

@@ -14,3 +14,20 @@ export * from './engine.js';
 export * from './builder.js';
 export * from './parser.js';
 export * from './errors.js';
+
+// Service-specific schemas and context (inlined)
+export {
+  OVERWATCH_SCHEMA,
+  PALISADE_SCHEMA,
+  OVERWATCH_CONTEXT,
+  PALISADE_CONTEXT,
+} from './service-schemas.gen.js';
+export type {
+  ContextAttribute,
+  ActionContext,
+  ServiceContext,
+} from './service-schemas.gen.js';
+
+// Service-specific context key enums
+export { OverwatchContextKey } from './overwatch-context.gen.js';
+export { PalisadeContextKey } from './palisade-context.gen.js';