@highflame/policy 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/_schemas/guardrails/context.json +132 -0
- package/_schemas/guardrails/schema.cedarschema +20 -0
- package/dist/ai_gateway-context.gen.d.ts +5 -0
- package/dist/ai_gateway-context.gen.js +67 -0
- package/dist/guardrails-context.gen.d.ts +11 -0
- package/dist/guardrails-context.gen.js +134 -0
- package/dist/index.d.ts +5 -5
- package/dist/index.js +5 -5
- package/dist/overwatch-context.gen.d.ts +5 -0
- package/dist/overwatch-context.gen.js +78 -0
- package/dist/palisade-context.gen.d.ts +5 -0
- package/dist/palisade-context.gen.js +21 -0
- package/dist/sentry-context.gen.d.ts +5 -0
- package/dist/sentry-context.gen.js +75 -0
- package/dist/service-schemas.gen.d.ts +1 -1
- package/dist/service-schemas.gen.js +42 -0
- package/dist/types.d.ts +5 -5
- package/dist/types.js +5 -5
- package/package.json +1 -1
|
@@ -19,6 +19,18 @@
|
|
|
19
19
|
"required": false,
|
|
20
20
|
"description": "Privilege-scope strings granted to the caller, projected from the token (AARM R6 / CAP-IDN-011), e.g. transfer:approve. Absent when the token carries no claim."
|
|
21
21
|
},
|
|
22
|
+
{
|
|
23
|
+
"key": "identity_type",
|
|
24
|
+
"type": "string",
|
|
25
|
+
"required": false,
|
|
26
|
+
"description": "Principal identity class projected from the token: 'human', 'agent', or 'service'. Use to apply identity-class-specific policies"
|
|
27
|
+
},
|
|
28
|
+
{
|
|
29
|
+
"key": "principal",
|
|
30
|
+
"type": "string",
|
|
31
|
+
"required": false,
|
|
32
|
+
"description": "Stable principal identifier projected from the token (e.g. a ZeroID / WIMSE URI or user id). Absent when the token carries no principal claim"
|
|
33
|
+
},
|
|
22
34
|
{
|
|
23
35
|
"key": "request_id",
|
|
24
36
|
"type": "string",
|
|
@@ -499,6 +511,18 @@
|
|
|
499
511
|
"required": false,
|
|
500
512
|
"description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
|
|
501
513
|
},
|
|
514
|
+
{
|
|
515
|
+
"key": "session_max_sensitivity",
|
|
516
|
+
"type": "string",
|
|
517
|
+
"required": false,
|
|
518
|
+
"description": "Highest data-sensitivity tier observed across the session (e.g. 'public', 'internal', 'confidential', 'restricted'). Use for session-level escalation policies"
|
|
519
|
+
},
|
|
520
|
+
{
|
|
521
|
+
"key": "session_original_request",
|
|
522
|
+
"type": "string",
|
|
523
|
+
"required": false,
|
|
524
|
+
"description": "The session's first user request, retained for drift / goal-hijack policies that compare later turns against the original intent"
|
|
525
|
+
},
|
|
502
526
|
{
|
|
503
527
|
"key": "agent_id",
|
|
504
528
|
"type": "string",
|
|
@@ -547,6 +571,18 @@
|
|
|
547
571
|
"required": false,
|
|
548
572
|
"description": "Privilege-scope strings granted to the caller, projected from the token (AARM R6 / CAP-IDN-011), e.g. transfer:approve. Absent when the token carries no claim."
|
|
549
573
|
},
|
|
574
|
+
{
|
|
575
|
+
"key": "identity_type",
|
|
576
|
+
"type": "string",
|
|
577
|
+
"required": false,
|
|
578
|
+
"description": "Principal identity class projected from the token: 'human', 'agent', or 'service'. Use to apply identity-class-specific policies"
|
|
579
|
+
},
|
|
580
|
+
{
|
|
581
|
+
"key": "principal",
|
|
582
|
+
"type": "string",
|
|
583
|
+
"required": false,
|
|
584
|
+
"description": "Stable principal identifier projected from the token (e.g. a ZeroID / WIMSE URI or user id). Absent when the token carries no principal claim"
|
|
585
|
+
},
|
|
550
586
|
{
|
|
551
587
|
"key": "request_id",
|
|
552
588
|
"type": "string",
|
|
@@ -589,6 +625,18 @@
|
|
|
589
625
|
"required": false,
|
|
590
626
|
"description": "Whether the tool is a built-in tool (vs MCP external tool). Built-in tools are generally more trusted"
|
|
591
627
|
},
|
|
628
|
+
{
|
|
629
|
+
"key": "param_type_violation",
|
|
630
|
+
"type": "boolean",
|
|
631
|
+
"required": false,
|
|
632
|
+
"description": "True when any projected tool-call argument (action_params, CAP-ENF-007 / AARM R3) was present but failed type coercion. Lets a policy deny on a type violation instead of the wrong-typed value silently vanishing"
|
|
633
|
+
},
|
|
634
|
+
{
|
|
635
|
+
"key": "param_type_violations",
|
|
636
|
+
"type": "array",
|
|
637
|
+
"required": false,
|
|
638
|
+
"description": "Names of the tool-call arguments that were present but failed type coercion (action_params, CAP-ENF-007 / AARM R3)"
|
|
639
|
+
},
|
|
592
640
|
{
|
|
593
641
|
"key": "mcp_server",
|
|
594
642
|
"type": "string",
|
|
@@ -1003,6 +1051,18 @@
|
|
|
1003
1051
|
"required": false,
|
|
1004
1052
|
"description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
|
|
1005
1053
|
},
|
|
1054
|
+
{
|
|
1055
|
+
"key": "session_max_sensitivity",
|
|
1056
|
+
"type": "string",
|
|
1057
|
+
"required": false,
|
|
1058
|
+
"description": "Highest data-sensitivity tier observed across the session (e.g. 'public', 'internal', 'confidential', 'restricted'). Use for session-level escalation policies"
|
|
1059
|
+
},
|
|
1060
|
+
{
|
|
1061
|
+
"key": "session_original_request",
|
|
1062
|
+
"type": "string",
|
|
1063
|
+
"required": false,
|
|
1064
|
+
"description": "The session's first user request, retained for drift / goal-hijack policies that compare later turns against the original intent"
|
|
1065
|
+
},
|
|
1006
1066
|
{
|
|
1007
1067
|
"key": "agent_id",
|
|
1008
1068
|
"type": "string",
|
|
@@ -1051,6 +1111,18 @@
|
|
|
1051
1111
|
"required": false,
|
|
1052
1112
|
"description": "Privilege-scope strings granted to the caller, projected from the token (AARM R6 / CAP-IDN-011), e.g. transfer:approve. Absent when the token carries no claim."
|
|
1053
1113
|
},
|
|
1114
|
+
{
|
|
1115
|
+
"key": "identity_type",
|
|
1116
|
+
"type": "string",
|
|
1117
|
+
"required": false,
|
|
1118
|
+
"description": "Principal identity class projected from the token: 'human', 'agent', or 'service'. Use to apply identity-class-specific policies"
|
|
1119
|
+
},
|
|
1120
|
+
{
|
|
1121
|
+
"key": "principal",
|
|
1122
|
+
"type": "string",
|
|
1123
|
+
"required": false,
|
|
1124
|
+
"description": "Stable principal identifier projected from the token (e.g. a ZeroID / WIMSE URI or user id). Absent when the token carries no principal claim"
|
|
1125
|
+
},
|
|
1054
1126
|
{
|
|
1055
1127
|
"key": "request_id",
|
|
1056
1128
|
"type": "string",
|
|
@@ -1195,6 +1267,18 @@
|
|
|
1195
1267
|
"required": false,
|
|
1196
1268
|
"description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
|
|
1197
1269
|
},
|
|
1270
|
+
{
|
|
1271
|
+
"key": "session_max_sensitivity",
|
|
1272
|
+
"type": "string",
|
|
1273
|
+
"required": false,
|
|
1274
|
+
"description": "Highest data-sensitivity tier observed across the session (e.g. 'public', 'internal', 'confidential', 'restricted'). Use for session-level escalation policies"
|
|
1275
|
+
},
|
|
1276
|
+
{
|
|
1277
|
+
"key": "session_original_request",
|
|
1278
|
+
"type": "string",
|
|
1279
|
+
"required": false,
|
|
1280
|
+
"description": "The session's first user request, retained for drift / goal-hijack policies that compare later turns against the original intent"
|
|
1281
|
+
},
|
|
1198
1282
|
{
|
|
1199
1283
|
"key": "agent_id",
|
|
1200
1284
|
"type": "string",
|
|
@@ -1243,6 +1327,18 @@
|
|
|
1243
1327
|
"required": false,
|
|
1244
1328
|
"description": "Privilege-scope strings granted to the caller, projected from the token (AARM R6 / CAP-IDN-011), e.g. transfer:approve. Absent when the token carries no claim."
|
|
1245
1329
|
},
|
|
1330
|
+
{
|
|
1331
|
+
"key": "identity_type",
|
|
1332
|
+
"type": "string",
|
|
1333
|
+
"required": false,
|
|
1334
|
+
"description": "Principal identity class projected from the token: 'human', 'agent', or 'service'. Use to apply identity-class-specific policies"
|
|
1335
|
+
},
|
|
1336
|
+
{
|
|
1337
|
+
"key": "principal",
|
|
1338
|
+
"type": "string",
|
|
1339
|
+
"required": false,
|
|
1340
|
+
"description": "Stable principal identifier projected from the token (e.g. a ZeroID / WIMSE URI or user id). Absent when the token carries no principal claim"
|
|
1341
|
+
},
|
|
1246
1342
|
{
|
|
1247
1343
|
"key": "request_id",
|
|
1248
1344
|
"type": "string",
|
|
@@ -1399,6 +1495,18 @@
|
|
|
1399
1495
|
"required": false,
|
|
1400
1496
|
"description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
|
|
1401
1497
|
},
|
|
1498
|
+
{
|
|
1499
|
+
"key": "session_max_sensitivity",
|
|
1500
|
+
"type": "string",
|
|
1501
|
+
"required": false,
|
|
1502
|
+
"description": "Highest data-sensitivity tier observed across the session (e.g. 'public', 'internal', 'confidential', 'restricted'). Use for session-level escalation policies"
|
|
1503
|
+
},
|
|
1504
|
+
{
|
|
1505
|
+
"key": "session_original_request",
|
|
1506
|
+
"type": "string",
|
|
1507
|
+
"required": false,
|
|
1508
|
+
"description": "The session's first user request, retained for drift / goal-hijack policies that compare later turns against the original intent"
|
|
1509
|
+
},
|
|
1402
1510
|
{
|
|
1403
1511
|
"key": "agent_id",
|
|
1404
1512
|
"type": "string",
|
|
@@ -1447,6 +1555,18 @@
|
|
|
1447
1555
|
"required": false,
|
|
1448
1556
|
"description": "Privilege-scope strings granted to the caller, projected from the token (AARM R6 / CAP-IDN-011), e.g. transfer:approve. Absent when the token carries no claim."
|
|
1449
1557
|
},
|
|
1558
|
+
{
|
|
1559
|
+
"key": "identity_type",
|
|
1560
|
+
"type": "string",
|
|
1561
|
+
"required": false,
|
|
1562
|
+
"description": "Principal identity class projected from the token: 'human', 'agent', or 'service'. Use to apply identity-class-specific policies"
|
|
1563
|
+
},
|
|
1564
|
+
{
|
|
1565
|
+
"key": "principal",
|
|
1566
|
+
"type": "string",
|
|
1567
|
+
"required": false,
|
|
1568
|
+
"description": "Stable principal identifier projected from the token (e.g. a ZeroID / WIMSE URI or user id). Absent when the token carries no principal claim"
|
|
1569
|
+
},
|
|
1450
1570
|
{
|
|
1451
1571
|
"key": "request_id",
|
|
1452
1572
|
"type": "string",
|
|
@@ -1603,6 +1723,18 @@
|
|
|
1603
1723
|
"required": false,
|
|
1604
1724
|
"description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
|
|
1605
1725
|
},
|
|
1726
|
+
{
|
|
1727
|
+
"key": "session_max_sensitivity",
|
|
1728
|
+
"type": "string",
|
|
1729
|
+
"required": false,
|
|
1730
|
+
"description": "Highest data-sensitivity tier observed across the session (e.g. 'public', 'internal', 'confidential', 'restricted'). Use for session-level escalation policies"
|
|
1731
|
+
},
|
|
1732
|
+
{
|
|
1733
|
+
"key": "session_original_request",
|
|
1734
|
+
"type": "string",
|
|
1735
|
+
"required": false,
|
|
1736
|
+
"description": "The session's first user request, retained for drift / goal-hijack policies that compare later turns against the original intent"
|
|
1737
|
+
},
|
|
1606
1738
|
{
|
|
1607
1739
|
"key": "agent_id",
|
|
1608
1740
|
"type": "string",
|
|
@@ -99,6 +99,8 @@ namespace Guardrails {
|
|
|
99
99
|
// Identity (AARM R6 / CAP-IDN-011) — projected from the principal's token; optional.
|
|
100
100
|
"role"?: String,
|
|
101
101
|
"privilege_scope"?: Set<String>,
|
|
102
|
+
"identity_type"?: String, // Principal identity class: "human" | "agent" | "service"
|
|
103
|
+
"principal"?: String, // Stable principal identifier (e.g. ZeroID / WIMSE URI or user id)
|
|
102
104
|
// Core metadata (required)
|
|
103
105
|
"request_id": String,
|
|
104
106
|
"timestamp": Long,
|
|
@@ -208,6 +210,8 @@ namespace Guardrails {
|
|
|
208
210
|
"session_max_pii_score"?: Long,
|
|
209
211
|
"session_max_secret_score"?: Long,
|
|
210
212
|
"session_cumulative_risk_score"?: Long,
|
|
213
|
+
"session_original_request"?: String, // The session's first user request (drift / goal-hijack policies)
|
|
214
|
+
"session_max_sensitivity"?: String, // Highest data-sensitivity tier seen this session
|
|
211
215
|
|
|
212
216
|
// Usage Budget — multi-window token & cost enforcement (optional)
|
|
213
217
|
// Emitted by usage_budget detector. Enforced across session/daily/monthly windows
|
|
@@ -241,6 +245,8 @@ namespace Guardrails {
|
|
|
241
245
|
// Identity (AARM R6 / CAP-IDN-011) — projected from the principal's token; optional.
|
|
242
246
|
"role"?: String,
|
|
243
247
|
"privilege_scope"?: Set<String>,
|
|
248
|
+
"identity_type"?: String, // Principal identity class: "human" | "agent" | "service"
|
|
249
|
+
"principal"?: String, // Stable principal identifier (e.g. ZeroID / WIMSE URI or user id)
|
|
244
250
|
// Core metadata (required)
|
|
245
251
|
"request_id": String,
|
|
246
252
|
"timestamp": Long,
|
|
@@ -392,6 +398,8 @@ namespace Guardrails {
|
|
|
392
398
|
"session_max_pii_score"?: Long,
|
|
393
399
|
"session_max_secret_score"?: Long,
|
|
394
400
|
"session_cumulative_risk_score"?: Long,
|
|
401
|
+
"session_original_request"?: String, // The session's first user request (drift / goal-hijack policies)
|
|
402
|
+
"session_max_sensitivity"?: String, // Highest data-sensitivity tier seen this session
|
|
395
403
|
|
|
396
404
|
// Agent Identity — authenticated agent principal metadata (optional)
|
|
397
405
|
"agent_id"?: String,
|
|
@@ -407,6 +415,8 @@ namespace Guardrails {
|
|
|
407
415
|
// Identity (AARM R6 / CAP-IDN-011) — projected from the principal's token; optional.
|
|
408
416
|
"role"?: String,
|
|
409
417
|
"privilege_scope"?: Set<String>,
|
|
418
|
+
"identity_type"?: String, // Principal identity class: "human" | "agent" | "service"
|
|
419
|
+
"principal"?: String, // Stable principal identifier (e.g. ZeroID / WIMSE URI or user id)
|
|
410
420
|
// Core metadata (required)
|
|
411
421
|
"request_id": String,
|
|
412
422
|
"timestamp": Long,
|
|
@@ -440,6 +450,8 @@ namespace Guardrails {
|
|
|
440
450
|
"session_max_pii_score"?: Long,
|
|
441
451
|
"session_max_secret_score"?: Long,
|
|
442
452
|
"session_cumulative_risk_score"?: Long,
|
|
453
|
+
"session_original_request"?: String, // The session's first user request (drift / goal-hijack policies)
|
|
454
|
+
"session_max_sensitivity"?: String, // Highest data-sensitivity tier seen this session
|
|
443
455
|
|
|
444
456
|
// Usage Budget — multi-window token & cost enforcement (optional)
|
|
445
457
|
// See ProcessPromptContext for full documentation.
|
|
@@ -470,6 +482,8 @@ namespace Guardrails {
|
|
|
470
482
|
// Identity (AARM R6 / CAP-IDN-011) — projected from the principal's token; optional.
|
|
471
483
|
"role"?: String,
|
|
472
484
|
"privilege_scope"?: Set<String>,
|
|
485
|
+
"identity_type"?: String, // Principal identity class: "human" | "agent" | "service"
|
|
486
|
+
"principal"?: String, // Stable principal identifier (e.g. ZeroID / WIMSE URI or user id)
|
|
473
487
|
// Core metadata (required)
|
|
474
488
|
"request_id": String,
|
|
475
489
|
"timestamp": Long,
|
|
@@ -507,6 +521,8 @@ namespace Guardrails {
|
|
|
507
521
|
"session_max_pii_score"?: Long,
|
|
508
522
|
"session_max_secret_score"?: Long,
|
|
509
523
|
"session_cumulative_risk_score"?: Long,
|
|
524
|
+
"session_original_request"?: String, // The session's first user request (drift / goal-hijack policies)
|
|
525
|
+
"session_max_sensitivity"?: String, // Highest data-sensitivity tier seen this session
|
|
510
526
|
|
|
511
527
|
// Usage Budget — multi-window token & cost enforcement (optional)
|
|
512
528
|
// See ProcessPromptContext for full documentation.
|
|
@@ -537,6 +553,8 @@ namespace Guardrails {
|
|
|
537
553
|
// Identity (AARM R6 / CAP-IDN-011) — projected from the principal's token; optional.
|
|
538
554
|
"role"?: String,
|
|
539
555
|
"privilege_scope"?: Set<String>,
|
|
556
|
+
"identity_type"?: String, // Principal identity class: "human" | "agent" | "service"
|
|
557
|
+
"principal"?: String, // Stable principal identifier (e.g. ZeroID / WIMSE URI or user id)
|
|
540
558
|
// Core metadata (required)
|
|
541
559
|
"request_id": String,
|
|
542
560
|
"timestamp": Long,
|
|
@@ -574,6 +592,8 @@ namespace Guardrails {
|
|
|
574
592
|
"session_max_pii_score"?: Long,
|
|
575
593
|
"session_max_secret_score"?: Long,
|
|
576
594
|
"session_cumulative_risk_score"?: Long,
|
|
595
|
+
"session_original_request"?: String, // The session's first user request (drift / goal-hijack policies)
|
|
596
|
+
"session_max_sensitivity"?: String, // Highest data-sensitivity tier seen this session
|
|
577
597
|
|
|
578
598
|
// Usage Budget — multi-window token & cost enforcement (optional)
|
|
579
599
|
// See ProcessPromptContext for full documentation.
|
|
@@ -68,3 +68,8 @@ export declare const AiGatewayContextKey: {
|
|
|
68
68
|
readonly WeaponsScore: "weapons_score";
|
|
69
69
|
};
|
|
70
70
|
export type AiGatewayContextKey = (typeof AiGatewayContextKey)[keyof typeof AiGatewayContextKey];
|
|
71
|
+
/**
|
|
72
|
+
* The full set of authorable context attribute keys for AiGateway.
|
|
73
|
+
* Iterate this to enumerate the authorable surface (cockpit, conformance).
|
|
74
|
+
*/
|
|
75
|
+
export declare const AiGatewayContextKeys: readonly ["content", "crime_score", "detected_threats", "hate_speech_score", "highest_severity", "indirect_injection_score", "injection_score", "invisible_chars_detected", "invisible_chars_score", "jailbreak_score", "loop_count", "loop_detected", "max_threat_severity", "mcp_config_risk", "mcp_risk_score", "mcp_server", "mcp_server_verified", "mcp_tool", "model_name", "model_provider", "pattern_type", "pii_count", "pii_detected", "pii_score", "pii_types", "privilege_scope", "profanity_score", "role", "rug_pull_detected", "rug_pull_score", "secret_count", "secret_types", "secrets_detected", "sequence_risk", "session_command_injection", "session_cumulative_risk_score", "session_injection_detected", "session_max_command_injection_score", "session_max_injection_score", "session_max_jailbreak_score", "session_max_pii_score", "session_max_secret_score", "session_pii_detected", "session_pii_types", "session_secret_types", "session_secrets_detected", "session_threat_turns", "sexual_score", "suspicious_pattern", "threat_categories", "threat_count", "tool_category", "tool_is_builtin", "tool_is_sensitive", "tool_name", "tool_operation_classes", "tool_poisoning_detected", "tool_poisoning_score", "tool_risk_score", "violence_score", "weapons_score"];
|
|
@@ -69,3 +69,70 @@ export const AiGatewayContextKey = {
|
|
|
69
69
|
ViolenceScore: 'violence_score',
|
|
70
70
|
WeaponsScore: 'weapons_score',
|
|
71
71
|
};
|
|
72
|
+
/**
|
|
73
|
+
* The full set of authorable context attribute keys for AiGateway.
|
|
74
|
+
* Iterate this to enumerate the authorable surface (cockpit, conformance).
|
|
75
|
+
*/
|
|
76
|
+
export const AiGatewayContextKeys = [
|
|
77
|
+
AiGatewayContextKey.Content,
|
|
78
|
+
AiGatewayContextKey.CrimeScore,
|
|
79
|
+
AiGatewayContextKey.DetectedThreats,
|
|
80
|
+
AiGatewayContextKey.HateSpeechScore,
|
|
81
|
+
AiGatewayContextKey.HighestSeverity,
|
|
82
|
+
AiGatewayContextKey.IndirectInjectionScore,
|
|
83
|
+
AiGatewayContextKey.InjectionScore,
|
|
84
|
+
AiGatewayContextKey.InvisibleCharsDetected,
|
|
85
|
+
AiGatewayContextKey.InvisibleCharsScore,
|
|
86
|
+
AiGatewayContextKey.JailbreakScore,
|
|
87
|
+
AiGatewayContextKey.LoopCount,
|
|
88
|
+
AiGatewayContextKey.LoopDetected,
|
|
89
|
+
AiGatewayContextKey.MaxThreatSeverity,
|
|
90
|
+
AiGatewayContextKey.McpConfigRisk,
|
|
91
|
+
AiGatewayContextKey.McpRiskScore,
|
|
92
|
+
AiGatewayContextKey.McpServer,
|
|
93
|
+
AiGatewayContextKey.McpServerVerified,
|
|
94
|
+
AiGatewayContextKey.McpTool,
|
|
95
|
+
AiGatewayContextKey.ModelName,
|
|
96
|
+
AiGatewayContextKey.ModelProvider,
|
|
97
|
+
AiGatewayContextKey.PatternType,
|
|
98
|
+
AiGatewayContextKey.PiiCount,
|
|
99
|
+
AiGatewayContextKey.PiiDetected,
|
|
100
|
+
AiGatewayContextKey.PiiScore,
|
|
101
|
+
AiGatewayContextKey.PiiTypes,
|
|
102
|
+
AiGatewayContextKey.PrivilegeScope,
|
|
103
|
+
AiGatewayContextKey.ProfanityScore,
|
|
104
|
+
AiGatewayContextKey.Role,
|
|
105
|
+
AiGatewayContextKey.RugPullDetected,
|
|
106
|
+
AiGatewayContextKey.RugPullScore,
|
|
107
|
+
AiGatewayContextKey.SecretCount,
|
|
108
|
+
AiGatewayContextKey.SecretTypes,
|
|
109
|
+
AiGatewayContextKey.SecretsDetected,
|
|
110
|
+
AiGatewayContextKey.SequenceRisk,
|
|
111
|
+
AiGatewayContextKey.SessionCommandInjection,
|
|
112
|
+
AiGatewayContextKey.SessionCumulativeRiskScore,
|
|
113
|
+
AiGatewayContextKey.SessionInjectionDetected,
|
|
114
|
+
AiGatewayContextKey.SessionMaxCommandInjectionScore,
|
|
115
|
+
AiGatewayContextKey.SessionMaxInjectionScore,
|
|
116
|
+
AiGatewayContextKey.SessionMaxJailbreakScore,
|
|
117
|
+
AiGatewayContextKey.SessionMaxPiiScore,
|
|
118
|
+
AiGatewayContextKey.SessionMaxSecretScore,
|
|
119
|
+
AiGatewayContextKey.SessionPiiDetected,
|
|
120
|
+
AiGatewayContextKey.SessionPiiTypes,
|
|
121
|
+
AiGatewayContextKey.SessionSecretTypes,
|
|
122
|
+
AiGatewayContextKey.SessionSecretsDetected,
|
|
123
|
+
AiGatewayContextKey.SessionThreatTurns,
|
|
124
|
+
AiGatewayContextKey.SexualScore,
|
|
125
|
+
AiGatewayContextKey.SuspiciousPattern,
|
|
126
|
+
AiGatewayContextKey.ThreatCategories,
|
|
127
|
+
AiGatewayContextKey.ThreatCount,
|
|
128
|
+
AiGatewayContextKey.ToolCategory,
|
|
129
|
+
AiGatewayContextKey.ToolIsBuiltin,
|
|
130
|
+
AiGatewayContextKey.ToolIsSensitive,
|
|
131
|
+
AiGatewayContextKey.ToolName,
|
|
132
|
+
AiGatewayContextKey.ToolOperationClasses,
|
|
133
|
+
AiGatewayContextKey.ToolPoisoningDetected,
|
|
134
|
+
AiGatewayContextKey.ToolPoisoningScore,
|
|
135
|
+
AiGatewayContextKey.ToolRiskScore,
|
|
136
|
+
AiGatewayContextKey.ViolenceScore,
|
|
137
|
+
AiGatewayContextKey.WeaponsScore,
|
|
138
|
+
];
|
|
@@ -40,6 +40,7 @@ export declare const GuardrailsContextKey: {
|
|
|
40
40
|
readonly HallucinationScore: "hallucination_score";
|
|
41
41
|
readonly HateSpeechScore: "hate_speech_score";
|
|
42
42
|
readonly HighestSeverity: "highest_severity";
|
|
43
|
+
readonly IdentityType: "identity_type";
|
|
43
44
|
readonly IndirectInjectionScore: "indirect_injection_score";
|
|
44
45
|
readonly IndirectInjectionType: "indirect_injection_type";
|
|
45
46
|
readonly InjectionDeepContextScore: "injection_deep_context_score";
|
|
@@ -67,6 +68,8 @@ export declare const GuardrailsContextKey: {
|
|
|
67
68
|
readonly McpServerVerified: "mcp_server_verified";
|
|
68
69
|
readonly McpTool: "mcp_tool";
|
|
69
70
|
readonly MultiTurnDetection: "multi_turn_detection";
|
|
71
|
+
readonly ParamTypeViolation: "param_type_violation";
|
|
72
|
+
readonly ParamTypeViolations: "param_type_violations";
|
|
70
73
|
readonly Path: "path";
|
|
71
74
|
readonly PathTraversalDetected: "path_traversal_detected";
|
|
72
75
|
readonly PathTraversalSeverity: "path_traversal_severity";
|
|
@@ -77,6 +80,7 @@ export declare const GuardrailsContextKey: {
|
|
|
77
80
|
readonly PiiDetected: "pii_detected";
|
|
78
81
|
readonly PiiScore: "pii_score";
|
|
79
82
|
readonly PiiTypes: "pii_types";
|
|
83
|
+
readonly Principal: "principal";
|
|
80
84
|
readonly PrivilegeScope: "privilege_scope";
|
|
81
85
|
readonly ProfanityScore: "profanity_score";
|
|
82
86
|
readonly RequestId: "request_id";
|
|
@@ -98,6 +102,8 @@ export declare const GuardrailsContextKey: {
|
|
|
98
102
|
readonly SessionMaxJailbreakScore: "session_max_jailbreak_score";
|
|
99
103
|
readonly SessionMaxPiiScore: "session_max_pii_score";
|
|
100
104
|
readonly SessionMaxSecretScore: "session_max_secret_score";
|
|
105
|
+
readonly SessionMaxSensitivity: "session_max_sensitivity";
|
|
106
|
+
readonly SessionOriginalRequest: "session_original_request";
|
|
101
107
|
readonly SessionPiiDetected: "session_pii_detected";
|
|
102
108
|
readonly SessionPiiTypes: "session_pii_types";
|
|
103
109
|
readonly SessionSecretTypes: "session_secret_types";
|
|
@@ -123,3 +129,8 @@ export declare const GuardrailsContextKey: {
|
|
|
123
129
|
readonly WeaponsScore: "weapons_score";
|
|
124
130
|
};
|
|
125
131
|
export type GuardrailsContextKey = (typeof GuardrailsContextKey)[keyof typeof GuardrailsContextKey];
|
|
132
|
+
/**
|
|
133
|
+
* The full set of authorable context attribute keys for Guardrails.
|
|
134
|
+
* Iterate this to enumerate the authorable surface (cockpit, conformance).
|
|
135
|
+
*/
|
|
136
|
+
export declare const GuardrailsContextKeys: readonly ["agent_framework", "agent_id", "agent_publisher", "agent_trust_level", "agent_type", "budget_exceeded", "budget_remaining_pct", "code_languages", "code_ratio", "command_injection_detected", "command_injection_score", "command_injection_type", "contains_code", "contains_non_ascii", "content_safety_blocked", "content_safety_score", "content_topics", "content_type", "conversation_turn", "crime_score", "cross_origin_detected", "cross_origin_score", "cross_origin_type", "detected_language", "detected_script", "detector_count", "direction", "encoded_content_detected", "encoded_count", "encoded_score", "encoded_types", "factuality_score", "hallucination_score", "hate_speech_score", "highest_severity", "identity_type", "indirect_injection_score", "indirect_injection_type", "injection_deep_context_score", "injection_pulse_score", "injection_score", "injection_type", "invisible_chars_detected", "invisible_chars_score", "is_english", "is_latin_script", "jailbreak_deep_context_score", "jailbreak_pulse_score", "jailbreak_score", "keyword_categories", "keyword_count", "keyword_matched", "language_confidence", "loop_count", "loop_detected", "loop_tool", "mcp_config_risk", "mcp_risk_score", "mcp_risk_type", "mcp_server", "mcp_server_verified", "mcp_tool", "multi_turn_detection", "param_type_violation", "param_type_violations", "path", "path_traversal_detected", "path_traversal_severity", "path_traversal_type", "pattern_type", "phishing_detected", "pii_count", "pii_detected", "pii_score", "pii_types", "principal", "privilege_scope", "profanity_score", "request_id", "role", "rug_pull_detected", "rug_pull_score", "rug_pull_type", "script_confidence", "secret_count", "secret_types", "secrets_detected", "sentiment_score", "sequence_risk", "session_command_injection", "session_cumulative_risk_score", "session_injection_detected", "session_max_command_injection_score", "session_max_injection_score", "session_max_jailbreak_score", "session_max_pii_score", "session_max_secret_score", "session_max_sensitivity", "session_original_request", "session_pii_detected", "session_pii_types", "session_secret_types", "session_secrets_detected", "session_threat_turns", "sexual_score", "sql_injection_detected", "sql_injection_score", "sql_injection_type", "suspicious_pattern", "timestamp", "tool_category", "tool_is_builtin", "tool_is_sensitive", "tool_name", "tool_operation_classes", "tool_poisoning_detected", "tool_poisoning_score", "tool_poisoning_type", "tool_risk_score", "topic_confidence", "violence_score", "weapons_score"];
|
|
@@ -42,6 +42,7 @@ export const GuardrailsContextKey = {
|
|
|
42
42
|
HallucinationScore: 'hallucination_score',
|
|
43
43
|
HateSpeechScore: 'hate_speech_score',
|
|
44
44
|
HighestSeverity: 'highest_severity',
|
|
45
|
+
IdentityType: 'identity_type',
|
|
45
46
|
IndirectInjectionScore: 'indirect_injection_score',
|
|
46
47
|
IndirectInjectionType: 'indirect_injection_type',
|
|
47
48
|
InjectionDeepContextScore: 'injection_deep_context_score',
|
|
@@ -69,6 +70,8 @@ export const GuardrailsContextKey = {
|
|
|
69
70
|
McpServerVerified: 'mcp_server_verified',
|
|
70
71
|
McpTool: 'mcp_tool',
|
|
71
72
|
MultiTurnDetection: 'multi_turn_detection',
|
|
73
|
+
ParamTypeViolation: 'param_type_violation',
|
|
74
|
+
ParamTypeViolations: 'param_type_violations',
|
|
72
75
|
Path: 'path',
|
|
73
76
|
PathTraversalDetected: 'path_traversal_detected',
|
|
74
77
|
PathTraversalSeverity: 'path_traversal_severity',
|
|
@@ -79,6 +82,7 @@ export const GuardrailsContextKey = {
|
|
|
79
82
|
PiiDetected: 'pii_detected',
|
|
80
83
|
PiiScore: 'pii_score',
|
|
81
84
|
PiiTypes: 'pii_types',
|
|
85
|
+
Principal: 'principal',
|
|
82
86
|
PrivilegeScope: 'privilege_scope',
|
|
83
87
|
ProfanityScore: 'profanity_score',
|
|
84
88
|
RequestId: 'request_id',
|
|
@@ -100,6 +104,8 @@ export const GuardrailsContextKey = {
|
|
|
100
104
|
SessionMaxJailbreakScore: 'session_max_jailbreak_score',
|
|
101
105
|
SessionMaxPiiScore: 'session_max_pii_score',
|
|
102
106
|
SessionMaxSecretScore: 'session_max_secret_score',
|
|
107
|
+
SessionMaxSensitivity: 'session_max_sensitivity',
|
|
108
|
+
SessionOriginalRequest: 'session_original_request',
|
|
103
109
|
SessionPiiDetected: 'session_pii_detected',
|
|
104
110
|
SessionPiiTypes: 'session_pii_types',
|
|
105
111
|
SessionSecretTypes: 'session_secret_types',
|
|
@@ -124,3 +130,131 @@ export const GuardrailsContextKey = {
|
|
|
124
130
|
ViolenceScore: 'violence_score',
|
|
125
131
|
WeaponsScore: 'weapons_score',
|
|
126
132
|
};
|
|
133
|
+
/**
|
|
134
|
+
* The full set of authorable context attribute keys for Guardrails.
|
|
135
|
+
* Iterate this to enumerate the authorable surface (cockpit, conformance).
|
|
136
|
+
*/
|
|
137
|
+
export const GuardrailsContextKeys = [
|
|
138
|
+
GuardrailsContextKey.AgentFramework,
|
|
139
|
+
GuardrailsContextKey.AgentId,
|
|
140
|
+
GuardrailsContextKey.AgentPublisher,
|
|
141
|
+
GuardrailsContextKey.AgentTrustLevel,
|
|
142
|
+
GuardrailsContextKey.AgentType,
|
|
143
|
+
GuardrailsContextKey.BudgetExceeded,
|
|
144
|
+
GuardrailsContextKey.BudgetRemainingPct,
|
|
145
|
+
GuardrailsContextKey.CodeLanguages,
|
|
146
|
+
GuardrailsContextKey.CodeRatio,
|
|
147
|
+
GuardrailsContextKey.CommandInjectionDetected,
|
|
148
|
+
GuardrailsContextKey.CommandInjectionScore,
|
|
149
|
+
GuardrailsContextKey.CommandInjectionType,
|
|
150
|
+
GuardrailsContextKey.ContainsCode,
|
|
151
|
+
GuardrailsContextKey.ContainsNonAscii,
|
|
152
|
+
GuardrailsContextKey.ContentSafetyBlocked,
|
|
153
|
+
GuardrailsContextKey.ContentSafetyScore,
|
|
154
|
+
GuardrailsContextKey.ContentTopics,
|
|
155
|
+
GuardrailsContextKey.ContentType,
|
|
156
|
+
GuardrailsContextKey.ConversationTurn,
|
|
157
|
+
GuardrailsContextKey.CrimeScore,
|
|
158
|
+
GuardrailsContextKey.CrossOriginDetected,
|
|
159
|
+
GuardrailsContextKey.CrossOriginScore,
|
|
160
|
+
GuardrailsContextKey.CrossOriginType,
|
|
161
|
+
GuardrailsContextKey.DetectedLanguage,
|
|
162
|
+
GuardrailsContextKey.DetectedScript,
|
|
163
|
+
GuardrailsContextKey.DetectorCount,
|
|
164
|
+
GuardrailsContextKey.Direction,
|
|
165
|
+
GuardrailsContextKey.EncodedContentDetected,
|
|
166
|
+
GuardrailsContextKey.EncodedCount,
|
|
167
|
+
GuardrailsContextKey.EncodedScore,
|
|
168
|
+
GuardrailsContextKey.EncodedTypes,
|
|
169
|
+
GuardrailsContextKey.FactualityScore,
|
|
170
|
+
GuardrailsContextKey.HallucinationScore,
|
|
171
|
+
GuardrailsContextKey.HateSpeechScore,
|
|
172
|
+
GuardrailsContextKey.HighestSeverity,
|
|
173
|
+
GuardrailsContextKey.IdentityType,
|
|
174
|
+
GuardrailsContextKey.IndirectInjectionScore,
|
|
175
|
+
GuardrailsContextKey.IndirectInjectionType,
|
|
176
|
+
GuardrailsContextKey.InjectionDeepContextScore,
|
|
177
|
+
GuardrailsContextKey.InjectionPulseScore,
|
|
178
|
+
GuardrailsContextKey.InjectionScore,
|
|
179
|
+
GuardrailsContextKey.InjectionType,
|
|
180
|
+
GuardrailsContextKey.InvisibleCharsDetected,
|
|
181
|
+
GuardrailsContextKey.InvisibleCharsScore,
|
|
182
|
+
GuardrailsContextKey.IsEnglish,
|
|
183
|
+
GuardrailsContextKey.IsLatinScript,
|
|
184
|
+
GuardrailsContextKey.JailbreakDeepContextScore,
|
|
185
|
+
GuardrailsContextKey.JailbreakPulseScore,
|
|
186
|
+
GuardrailsContextKey.JailbreakScore,
|
|
187
|
+
GuardrailsContextKey.KeywordCategories,
|
|
188
|
+
GuardrailsContextKey.KeywordCount,
|
|
189
|
+
GuardrailsContextKey.KeywordMatched,
|
|
190
|
+
GuardrailsContextKey.LanguageConfidence,
|
|
191
|
+
GuardrailsContextKey.LoopCount,
|
|
192
|
+
GuardrailsContextKey.LoopDetected,
|
|
193
|
+
GuardrailsContextKey.LoopTool,
|
|
194
|
+
GuardrailsContextKey.McpConfigRisk,
|
|
195
|
+
GuardrailsContextKey.McpRiskScore,
|
|
196
|
+
GuardrailsContextKey.McpRiskType,
|
|
197
|
+
GuardrailsContextKey.McpServer,
|
|
198
|
+
GuardrailsContextKey.McpServerVerified,
|
|
199
|
+
GuardrailsContextKey.McpTool,
|
|
200
|
+
GuardrailsContextKey.MultiTurnDetection,
|
|
201
|
+
GuardrailsContextKey.ParamTypeViolation,
|
|
202
|
+
GuardrailsContextKey.ParamTypeViolations,
|
|
203
|
+
GuardrailsContextKey.Path,
|
|
204
|
+
GuardrailsContextKey.PathTraversalDetected,
|
|
205
|
+
GuardrailsContextKey.PathTraversalSeverity,
|
|
206
|
+
GuardrailsContextKey.PathTraversalType,
|
|
207
|
+
GuardrailsContextKey.PatternType,
|
|
208
|
+
GuardrailsContextKey.PhishingDetected,
|
|
209
|
+
GuardrailsContextKey.PiiCount,
|
|
210
|
+
GuardrailsContextKey.PiiDetected,
|
|
211
|
+
GuardrailsContextKey.PiiScore,
|
|
212
|
+
GuardrailsContextKey.PiiTypes,
|
|
213
|
+
GuardrailsContextKey.Principal,
|
|
214
|
+
GuardrailsContextKey.PrivilegeScope,
|
|
215
|
+
GuardrailsContextKey.ProfanityScore,
|
|
216
|
+
GuardrailsContextKey.RequestId,
|
|
217
|
+
GuardrailsContextKey.Role,
|
|
218
|
+
GuardrailsContextKey.RugPullDetected,
|
|
219
|
+
GuardrailsContextKey.RugPullScore,
|
|
220
|
+
GuardrailsContextKey.RugPullType,
|
|
221
|
+
GuardrailsContextKey.ScriptConfidence,
|
|
222
|
+
GuardrailsContextKey.SecretCount,
|
|
223
|
+
GuardrailsContextKey.SecretTypes,
|
|
224
|
+
GuardrailsContextKey.SecretsDetected,
|
|
225
|
+
GuardrailsContextKey.SentimentScore,
|
|
226
|
+
GuardrailsContextKey.SequenceRisk,
|
|
227
|
+
GuardrailsContextKey.SessionCommandInjection,
|
|
228
|
+
GuardrailsContextKey.SessionCumulativeRiskScore,
|
|
229
|
+
GuardrailsContextKey.SessionInjectionDetected,
|
|
230
|
+
GuardrailsContextKey.SessionMaxCommandInjectionScore,
|
|
231
|
+
GuardrailsContextKey.SessionMaxInjectionScore,
|
|
232
|
+
GuardrailsContextKey.SessionMaxJailbreakScore,
|
|
233
|
+
GuardrailsContextKey.SessionMaxPiiScore,
|
|
234
|
+
GuardrailsContextKey.SessionMaxSecretScore,
|
|
235
|
+
GuardrailsContextKey.SessionMaxSensitivity,
|
|
236
|
+
GuardrailsContextKey.SessionOriginalRequest,
|
|
237
|
+
GuardrailsContextKey.SessionPiiDetected,
|
|
238
|
+
GuardrailsContextKey.SessionPiiTypes,
|
|
239
|
+
GuardrailsContextKey.SessionSecretTypes,
|
|
240
|
+
GuardrailsContextKey.SessionSecretsDetected,
|
|
241
|
+
GuardrailsContextKey.SessionThreatTurns,
|
|
242
|
+
GuardrailsContextKey.SexualScore,
|
|
243
|
+
GuardrailsContextKey.SqlInjectionDetected,
|
|
244
|
+
GuardrailsContextKey.SqlInjectionScore,
|
|
245
|
+
GuardrailsContextKey.SqlInjectionType,
|
|
246
|
+
GuardrailsContextKey.SuspiciousPattern,
|
|
247
|
+
GuardrailsContextKey.Timestamp,
|
|
248
|
+
GuardrailsContextKey.ToolCategory,
|
|
249
|
+
GuardrailsContextKey.ToolIsBuiltin,
|
|
250
|
+
GuardrailsContextKey.ToolIsSensitive,
|
|
251
|
+
GuardrailsContextKey.ToolName,
|
|
252
|
+
GuardrailsContextKey.ToolOperationClasses,
|
|
253
|
+
GuardrailsContextKey.ToolPoisoningDetected,
|
|
254
|
+
GuardrailsContextKey.ToolPoisoningScore,
|
|
255
|
+
GuardrailsContextKey.ToolPoisoningType,
|
|
256
|
+
GuardrailsContextKey.ToolRiskScore,
|
|
257
|
+
GuardrailsContextKey.TopicConfidence,
|
|
258
|
+
GuardrailsContextKey.ViolenceScore,
|
|
259
|
+
GuardrailsContextKey.WeaponsScore,
|
|
260
|
+
];
|
package/dist/index.d.ts
CHANGED
|
@@ -15,11 +15,11 @@ export * from './explain.js';
|
|
|
15
15
|
export * from './condition-groups.js';
|
|
16
16
|
export { AI_GATEWAY_SCHEMA, AI_GATEWAY_CONTEXT, GUARDRAILS_SCHEMA, GUARDRAILS_CONTEXT, OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, SENTRY_SCHEMA, SENTRY_CONTEXT, } from './service-schemas.gen.js';
|
|
17
17
|
export type { ContextAttribute, ActionContext, ServiceContext, } from './service-schemas.gen.js';
|
|
18
|
-
export { AiGatewayContextKey } from './ai_gateway-context.gen.js';
|
|
19
|
-
export { GuardrailsContextKey } from './guardrails-context.gen.js';
|
|
20
|
-
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
21
|
-
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
22
|
-
export { SentryContextKey } from './sentry-context.gen.js';
|
|
18
|
+
export { AiGatewayContextKey, AiGatewayContextKeys } from './ai_gateway-context.gen.js';
|
|
19
|
+
export { GuardrailsContextKey, GuardrailsContextKeys } from './guardrails-context.gen.js';
|
|
20
|
+
export { OverwatchContextKey, OverwatchContextKeys } from './overwatch-context.gen.js';
|
|
21
|
+
export { PalisadeContextKey, PalisadeContextKeys } from './palisade-context.gen.js';
|
|
22
|
+
export { SentryContextKey, SentryContextKeys } from './sentry-context.gen.js';
|
|
23
23
|
export { AI_GATEWAY_ENTITIES, AI_GATEWAY_ACTION_ENTITIES, } from './ai_gateway-entities.gen.js';
|
|
24
24
|
export { GUARDRAILS_ENTITIES, GUARDRAILS_ACTION_ENTITIES, } from './guardrails-entities.gen.js';
|
|
25
25
|
export { OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, } from './overwatch-entities.gen.js';
|
package/dist/index.js
CHANGED
|
@@ -32,11 +32,11 @@ export * from './condition-groups.js';
|
|
|
32
32
|
// Service-specific schemas and context (inlined)
|
|
33
33
|
export { AI_GATEWAY_SCHEMA, AI_GATEWAY_CONTEXT, GUARDRAILS_SCHEMA, GUARDRAILS_CONTEXT, OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, SENTRY_SCHEMA, SENTRY_CONTEXT, } from './service-schemas.gen.js';
|
|
34
34
|
// Service-specific context key enums
|
|
35
|
-
export { AiGatewayContextKey } from './ai_gateway-context.gen.js';
|
|
36
|
-
export { GuardrailsContextKey } from './guardrails-context.gen.js';
|
|
37
|
-
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
38
|
-
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
39
|
-
export { SentryContextKey } from './sentry-context.gen.js';
|
|
35
|
+
export { AiGatewayContextKey, AiGatewayContextKeys } from './ai_gateway-context.gen.js';
|
|
36
|
+
export { GuardrailsContextKey, GuardrailsContextKeys } from './guardrails-context.gen.js';
|
|
37
|
+
export { OverwatchContextKey, OverwatchContextKeys } from './overwatch-context.gen.js';
|
|
38
|
+
export { PalisadeContextKey, PalisadeContextKeys } from './palisade-context.gen.js';
|
|
39
|
+
export { SentryContextKey, SentryContextKeys } from './sentry-context.gen.js';
|
|
40
40
|
// Service-specific entity metadata (for UI - principals, resources, actions)
|
|
41
41
|
export { AI_GATEWAY_ENTITIES, AI_GATEWAY_ACTION_ENTITIES, } from './ai_gateway-entities.gen.js';
|
|
42
42
|
export { GUARDRAILS_ENTITIES, GUARDRAILS_ACTION_ENTITIES, } from './guardrails-entities.gen.js';
|
|
@@ -79,3 +79,8 @@ export declare const OverwatchContextKey: {
|
|
|
79
79
|
readonly WorkspaceRoot: "workspace_root";
|
|
80
80
|
};
|
|
81
81
|
export type OverwatchContextKey = (typeof OverwatchContextKey)[keyof typeof OverwatchContextKey];
|
|
82
|
+
/**
|
|
83
|
+
* The full set of authorable context attribute keys for Overwatch.
|
|
84
|
+
* Iterate this to enumerate the authorable surface (cockpit, conformance).
|
|
85
|
+
*/
|
|
86
|
+
export declare const OverwatchContextKeys: readonly ["content", "crime_score", "cwd", "detected_threats", "event", "hate_speech_score", "highest_severity", "indirect_injection_score", "injection_deep_context_score", "injection_pulse_score", "injection_score", "invisible_chars_detected", "invisible_chars_score", "jailbreak_deep_context_score", "jailbreak_pulse_score", "jailbreak_score", "loop_count", "loop_detected", "loop_tool", "max_threat_severity", "mcp_config_risk", "mcp_risk_score", "mcp_server", "mcp_server_verified", "mcp_tool", "path", "pattern_type", "pii_count", "pii_detected", "pii_score", "pii_types", "privilege_scope", "profanity_score", "prompt_text", "response_content", "role", "rug_pull_detected", "rug_pull_score", "secret_count", "secret_types", "secrets_detected", "sequence_risk", "session_command_injection", "session_cumulative_risk_score", "session_injection_detected", "session_max_command_injection_score", "session_max_injection_score", "session_max_jailbreak_score", "session_max_pii_score", "session_max_secret_score", "session_pii_detected", "session_pii_types", "session_secret_types", "session_secrets_detected", "session_threat_turns", "sexual_score", "source", "suspicious_pattern", "threat_categories", "threat_count", "tool_category", "tool_is_builtin", "tool_is_sensitive", "tool_name", "tool_operation_classes", "tool_poisoning_detected", "tool_poisoning_score", "tool_risk_score", "user_email", "violence_score", "weapons_score", "workspace_root"];
|