npm - @highflame/sdk - Versions diffs - 0.3.0 → 0.3.2 - Mend

@highflame/sdk 0.3.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
- * Generated types from spec/shield-v1.yaml — DO NOT EDIT.
+ * Generated types from spec/shield-v1.json — DO NOT EDIT.
  *
- * Regenerate: python codegen/generate.py --spec spec/shield-v1.yaml
+ * Regenerate: python codegen/generate.py --spec spec/shield-v1.json
  */
 /** Type of content being evaluated. */
 type ContentType = "prompt" | "response" | "tool_call" | "file";
@@ -9,106 +9,136 @@ type ContentType = "prompt" | "response" | "tool_call" | "file";
 type Decision = "allow" | "deny";
 /** enforce: block on deny. monitor: allow + log. alert: allow + signal. */
 type Mode = "enforce" | "monitor" | "alert";
-/** Authenticated agent identity from token claims. */
+/**  */
 interface AgentIdentityTrace {
     /** Agent identifier. */
     agent_id: string;
     /** Type of agent (e.g. claude, cursor, custom). */
     agent_type: string;
-    /** Trust level (verified, unverified, etc.). */
-    trust_level: string;
+    /** Authentication method: api_key or jwt. */
+    auth_method: string;
     /** Agent framework (e.g. Python SDK, Node SDK). */
     framework?: string;
     /** Publisher/organization. */
     publisher?: string;
-    /** Authentication method: api_key or jwt. */
-    auth_method: string;
+    /** Trust level (verified, unverified, etc.). */
+    trust_level: string;
 }
-/** Specification of a context key emitted by a detector. */
+/**  */
+interface EvidenceSource {
+    /** Detector name (e.g. injection, secrets, tool_validator). */
+    detector: string;
+    /** Producer-specific metadata (e.g. tier, phase, priority). */
+    labels?: Record<string, string>;
+    /** Detector execution latency in milliseconds. */
+    latency_ms?: number;
+}
+/**  */
+interface ConditionResult {
+    /** Actual value from the context (null if field was missing). */
+    actual: Record<string, unknown>;
+    /** Expected value (threshold from the rule). */
+    expected: Record<string, unknown>;
+    /** Context field name. */
+    field: string;
+    /** Whether this condition matched. */
+    matched: boolean;
+    /** Comparison operator. */
+    operator: string;
+    /** Detector that produced this context value (when available). */
+    source?: EvidenceSource;
+}
+/**  */
 interface ContextKeySpec {
-    /** Context key name (e.g. injection_score). */
-    key: string;
-    /** Cedar type: long, bool, string, or set. */
-    type: string;
     /** Human-readable description. */
     description: string;
+    /** Context key name (e.g. injection_score). */
+    key: string;
     /** Value range (e.g. 0-100). */
     range?: string;
+    /** Cedar type: long, bool, string, or set. */
+    type: string;
 }
-/** Entity in the Cedar evaluation context. */
+/**  */
 interface EntityDebug {
-    /** Entity type. */
-    type: string;
     /** Entity ID. */
     id: string;
     /** Parent entity UIDs. */
     parents?: string[];
+    /** Entity type. */
+    type: string;
 }
-/** Resolved tenant identity. */
+/**  */
 interface TenantDebug {
+    /** Account ID. */
     account_id: string;
-    project_id: string;
+    /** Application ID. */
     application_id: string;
+    /** Project ID. */
+    project_id: string;
 }
-/** Cedar evaluation debug info (when debug=true). */
+/**  */
 interface DebugInfo {
-    /** Product namespace. */
-    product: string;
-    /** Cedar namespace (e.g. Guardrails). */
-    namespace: string;
-    /** Principal entity type. */
-    principal_type: string;
-    /** Principal entity ID. */
-    principal_id: string;
     /** Cedar action. */
     action: string;
-    /** Resource entity type. */
-    resource_type: string;
-    /** Resource entity ID. */
-    resource_id: string;
     /** Entity hierarchy. */
     entities: EntityDebug[];
     /** Number of loaded policies. */
     loaded_policy_count: number;
+    /** Cedar namespace. */
+    namespace: string;
+    /** Principal entity ID. */
+    principal_id: string;
+    /** Principal entity type. */
+    principal_type: string;
+    /** Product namespace. */
+    product: string;
+    /** Resource entity ID. */
+    resource_id: string;
+    /** Resource entity type. */
+    resource_type: string;
+    /** Resolved tenant identity. */
     tenant: TenantDebug;
 }
-/** Summary of a loaded Cedar policy. */
+/**  */
 interface PolicySummary {
+    /** Policy domain category. */
+    category?: string;
+    /** Policy mode: enforce, monitor, or alert. */
+    mode: string;
     /** Database UUID. */
     policy_id: string;
     /** Human-readable name. */
     policy_name: string;
-    /** Policy mode: enforce, monitor, or alert. */
-    mode: string;
-    /** Policy domain category. */
-    category?: string;
     /** Cedar @id annotations from this policy. */
     rule_ids: string[];
 }
-/** Response from GET /v1/debug/policies. */
+/**  */
 interface DebugPoliciesResponse {
-    /** Product namespace inspected. */
-    product: string;
     /** Whether the evaluator has loaded policies. */
     has_policies: boolean;
+    /** Loaded policies with IDs, names, modes, and Cedar rule IDs. */
+    policies: PolicySummary[];
     /** Number of distinct DB policies loaded. */
     policy_count: number;
-    /** Loaded policies with metadata. */
-    policies: PolicySummary[];
+    /** Product namespace inspected. */
+    product: string;
 }
-/** File operation context. */
+/**  */
 interface FileContext {
-    /** File path. */
-    path: string;
+    /** File MIME type. */
+    mime_type?: string;
     /** File operation: read, write, delete, append, etc. */
     operation: string;
+    /** File path. */
+    path: string;
     /** File size in bytes. */
     size?: number;
-    /** File MIME type. */
-    mime_type?: string;
 }
-/** MCP server interaction context. */
+/**  */
 interface MCPContext {
+    /** Advertised MCP capabilities from server manifest. */
+    capabilities?: string[];
     /** MCP server name. */
     server_name: string;
     /** MCP server URL. */
@@ -117,304 +147,382 @@ interface MCPContext {
     transport?: string;
     /** Whether the server passed trust/signature verification. */
     verified?: boolean;
-    /** Advertised MCP capabilities from server manifest. */
-    capabilities?: string[];
 }
-/** LLM model context (provider, temperature, token usage). */
+/**  */
 interface ModelContext {
-    /** LLM provider (e.g. openai, anthropic). */
-    provider?: string;
+    /** Max token limit for the session. */
+    max_tokens?: number;
     /** Model name (e.g. gpt-4, claude-3). */
     model?: string;
+    /** LLM provider (e.g. openai, anthropic). */
+    provider?: string;
     /** Temperature setting. */
     temperature?: number;
     /** Tokens consumed so far in the session. */
     tokens_used?: number;
-    /** Max token limit for the session. */
-    max_tokens?: number;
 }
-/** Tool call context for agentic evaluation. */
+/**  */
 interface ToolContext {
-    /** Tool name. */
-    name: string;
-    /** Whether the tool is built-in to the LLM or externally registered. */
-    is_builtin: boolean;
     /** Tool arguments as a JSON object. */
     arguments?: Record<string, unknown>;
-    /** MCP server ID (for externally-registered tools). */
-    server_id?: string;
     /** Tool description from MCP manifest, for tool-poisoning analysis. */
     description?: string;
+    /** Whether the tool is built-in to the LLM or externally registered. */
+    is_builtin: boolean;
+    /** Tool name. */
+    name: string;
+    /** MCP server ID (for externally-registered tools). */
+    server_id?: string;
 }
-/** Request body for POST /v1/detect. Detection only, no policy evaluation. */
+/**  */
 interface DetectRequest {
-    /** Content to analyze. */
+    /** Content to analyze */
     content: string;
+    /** Type of content being analyzed */
     content_type: ContentType;
+    /** Reference material for context-aware detection (hallucination, groundedness). For response evaluation, include the original prompt and any RAG context. */
+    contexts?: string[];
     /** Specific detectors to run. Empty runs all enabled detectors. */
     detectors?: string[];
-    /** Caller-provided metadata passed through to detectors. */
+    /** File operation context */
+    file?: FileContext;
+    /** MCP server context */
+    mcp?: MCPContext;
+    /** Caller-provided metadata passed through to detectors */
     metadata?: Record<string, unknown>;
-    /** Reference material for context-aware detection. */
-    contexts?: string[];
-    /** Session ID for cross-turn state tracking. */
+    /** LLM model context */
+    model?: ModelContext;
+    /** Session ID for cross-turn state tracking */
     session_id?: string;
+    /** Tool call context */
     tool?: ToolContext;
-    model?: ModelContext;
-    file?: FileContext;
-    mcp?: MCPContext;
 }
-/** Result from a single detector execution. */
+/**  */
 interface DetectorResult {
-    /** Detector name (e.g. injection, secrets, toxicity). */
-    name: string;
-    /** Detector tier: fast, standard, or slow. */
-    tier: string;
+    /** Emitted context attributes (e.g. injection_score). */
+    context: Record<string, unknown>;
+    /** Error message (when status is error or timeout). */
+    error?: string;
     /** Detector execution latency in milliseconds. */
     latency_ms: number;
-    /** Emitted context attributes (e.g. injection_score, contains_secrets). */
-    context: Record<string, unknown>;
+    /** Detector name (e.g. injection, secrets, toxicity). */
+    name: string;
     /** Detector status: healthy, degraded, error, or timeout. */
     status: string;
-    /** Error message (when status is error or timeout). */
-    error?: string;
+    /** Detector tier: fast, standard, or slow. */
+    tier: string;
 }
-/** Response from POST /v1/detect. */
+/**  */
 interface DetectResponse {
-    /** Per-detector results. */
-    detectors: DetectorResult[];
     /** Merged context from all detectors. */
     context: Record<string, unknown>;
+    /** Per-detector results. */
+    detectors: DetectorResult[];
     /** Total detection latency in milliseconds. */
     latency_ms: number;
     /** Detector tiers that ran. */
     tiers_evaluated: string[];
 }
-/** Metadata about an available detector. */
+/**  */
 interface DetectorInfo {
-    /** Detector name. */
-    name: string;
-    /** Detector version. */
-    version: string;
-    /** Detector tier: fast, standard, or slow. */
-    tier: string;
+    /** Detection category (e.g. semantic, tools, pii). */
+    category?: string;
+    /** Configuration schema type (if configurable). */
+    config_type?: string;
+    /** Whether the detector accepts configuration. */
+    configurable?: boolean;
     /** Keys this detector may emit. */
     context_keys: ContextKeySpec[];
-    /** Detector status: healthy, degraded, or disabled. */
-    status: string;
-    /** Human-readable display name. */
-    display_name?: string;
     /** What the detector detects. */
     description?: string;
-    /** Detection category (e.g. Security, Content Safety). */
-    category?: string;
-    /** Whether the detector accepts configuration. */
-    configurable?: boolean;
-    /** Configuration schema type (if configurable). */
-    config_type?: string;
-    /** Tags for filtering. */
-    tags?: string[];
+    /** Human-readable display name. */
+    display_name?: string;
     /** Typical latency estimate. */
     latency?: string;
+    /** Detector name. */
+    name: string;
+    /** Detector status: healthy, degraded, or disabled. */
+    status: string;
+    /** Tags for filtering. */
+    tags?: string[];
+    /** Detector tier: fast, standard, or slow. */
+    tier: string;
+    /** Detector version. */
+    version: string;
 }
-/** Entry in the detector optimization plan. */
+/**  */
 interface DetectorPlanEntry {
+    /** Full scoped config (dry run only). */
+    config?: Record<string, unknown>;
     /** Detector name. */
     name: string;
-    /** Detector tier. */
-    tier: string;
     /** Why included/excluded: policy_required, always_run, not_required. */
     reason: string;
-    /** Full scoped config (dry run only). */
-    config?: Record<string, unknown>;
+    /** Detector tier. */
+    tier: string;
 }
-/** A Cedar policy that contributed to the guard decision. */
+/**  */
 interface DeterminingPolicy {
-    /** Cedar @id annotation (e.g. secrets-block-prompts). */
-    rule_id: string;
-    /** Database UUID (for dashboard linking). */
-    policy_id?: string;
-    /** Human-readable policy name. */
-    policy_name?: string;
+    /** Custom Cedar annotations. */
+    annotations?: Record<string, string>;
+    /** Policy domain (e.g. secrets, pii, injection). */
+    category?: string;
     /** Cedar effect: permit or forbid. */
     effect?: string;
     /** Policy mode: enforce, monitor, or alert. */
     mode?: string;
-    /** Policy domain (e.g. secrets, pii, injection). */
-    category?: string;
+    /** Database UUID (for dashboard linking). */
+    policy_id?: string;
+    /** Human-readable policy name. */
+    policy_name?: string;
+    /** Cedar @id annotation (e.g. secrets-block-prompts). */
+    rule_id: string;
     /** From Cedar @severity annotation. */
     severity?: string;
     /** From Cedar @tags annotation. */
     tags?: string[];
-    /** Custom Cedar annotations. */
-    annotations?: Record<string, string>;
 }
-/** Request body for POST /v1/guard. */
+/**  */
+interface EvaluatedExpression {
+    /** Actual value from the context. */
+    actual?: Record<string, unknown>;
+    /** Child expression (for not nodes). */
+    child?: EvaluatedExpression;
+    /** Child expressions (for and/or nodes). */
+    children?: EvaluatedExpression[];
+    /** Expected value (threshold from the rule). */
+    expected?: Record<string, unknown>;
+    /** Context field name. */
+    field?: string;
+    /** Expression kind: comparison, contains, like, has, and, or, not, raw. */
+    kind: string;
+    /** Whether this expression matched. */
+    matched: boolean;
+    /** Comparison operator. */
+    operator?: string;
+    /** Like pattern (for like expressions). */
+    pattern?: string;
+    /** Detector that produced this context value (leaf nodes only). */
+    source?: EvidenceSource;
+    /** Raw text (for raw expressions). */
+    text?: string;
+}
+/**  */
+interface PolicyExplanation {
+    /** Per-condition match results (flat list from conditions or tree). */
+    condition_results: ConditionResult[];
+    /** Policy effect: permit or forbid. */
+    effect: string;
+    /** Recursive evaluated condition tree with actual values. */
+    evaluated_expression?: EvaluatedExpression;
+    /** Policy ID. */
+    policy_id: string;
+    /** Raw Cedar condition text (when no structured conditions). */
+    raw_condition?: string;
+    /** Human-readable explanation summary. */
+    summary: string;
+}
+/**  */
+interface ExplainedDecision {
+    /** Decision effect: Allow or Deny. */
+    effect: string;
+    /** Enriched explanations for each determining policy. */
+    explanations: PolicyExplanation[];
+    /** Determining policy IDs with no matching rule in the provided rules. */
+    unmatched_policies: string[];
+}
+/**  */
 interface GuardRequest {
-    /** Content to evaluate (prompt text, tool call arguments, file content, etc.). */
+    /** Cedar action to authorize (e.g. process_prompt, call_tool, read_file, write_file, connect_server) */
+    action: string;
+    /** Content to evaluate (prompt text, tool call arguments, file content, etc.) */
     content: string;
+    /** Type of content being evaluated */
     content_type: ContentType;
-    /** Cedar action (e.g. process_prompt, call_tool, read_file, write_file). */
-    action: string;
+    /** Reference material for context-aware detection (hallucination, groundedness). For response evaluation, include the original prompt and any RAG context. */
+    contexts?: string[];
+    /** Include debug-tier fields: detectors[] (per-detector breakdown), context (raw merged output), debug_info (Cedar eval inputs). Implies explain=true. */
+    debug?: boolean;
     /** Specific detectors to run. Empty runs all enabled detectors. */
     detectors?: string[];
-    mode?: Mode;
-    /** Enable early exit on deny after each tier (skips slower tiers). */
+    /** When true and optimize is true, return the optimization plan without executing detectors or Cedar evaluation. */
+    dryrun?: boolean;
+    /** Enable early exit on deny after each tier (skips slower tiers) */
     early_exit?: boolean;
-    /** Include structured policy explanation showing why each determining policy matched. */
+    /** Include explain-tier fields: projected_context, eval_latency_ms, tiers_evaluated, tiers_skipped, explanation, root_causes. */
     explain?: boolean;
-    /** Caller-provided metadata passed through to detectors. */
-    metadata?: Record<string, unknown>;
-    /** Reference material for context-aware detection (hallucination, groundedness). */
-    contexts?: string[];
-    /** Session ID for cross-turn state tracking. */
-    session_id?: string;
-    tool?: ToolContext;
-    model?: ModelContext;
+    /** File operation context (path, operation, size) */
     file?: FileContext;
+    /** MCP server interaction context */
     mcp?: MCPContext;
-    /** When true, only run detectors whose outputs are referenced by active policies. */
+    /** Caller-provided metadata passed through to detectors */
+    metadata?: Record<string, unknown>;
+    /** enforce: block on deny. monitor: allow + log actual_decision. alert: allow + signal alerting pipeline. */
+    mode?: Mode;
+    /** LLM model context (provider, temperature, token usage) */
+    model?: ModelContext;
+    /** When true, only run detectors whose outputs are referenced by active policies for this scope. */
     optimize?: boolean;
-    /** When true and optimize is true, return the optimization plan without executing. */
-    dry_run?: boolean;
-    /** Include debug_info showing exact Cedar evaluation inputs. */
-    debug?: boolean;
+    /** Session ID for cross-turn state tracking (enables cumulative risk, action sequences, token budgets) */
+    session_id?: string;
+    /** Tool call context for agentic evaluation */
+    tool?: ToolContext;
 }
-/** Detector optimization plan (when optimize=true). */
+/**  */
 interface OptimizationReport {
+    /** Policies matching this action/product scope. */
+    active_policies: string[];
+    /** True if fell back to running all detectors. */
+    fallback_to_all: boolean;
+    /** Why this optimization plan was chosen. */
+    reason: string;
     /** Context keys required by active policies. */
     required_context_keys: string[];
     /** Detectors required by policies. */
     required_detectors: DetectorPlanEntry[];
     /** Detectors skipped (not required by policies). */
     skipped_detectors: DetectorPlanEntry[];
-    /** Policies matching this action/product scope. */
-    active_policies: string[];
-    /** Why this optimization plan was chosen. */
-    reason: string;
-    /** True if fell back to running all detectors. */
-    fallback_to_all: boolean;
 }
-/** Root cause analysis for a triggered detection. */
+/**  */
 interface RootCause {
-    /** Human-readable summary of the root cause. */
-    summary: string;
     /** Detector that triggered. */
     detector: string;
-    /** Key-value pairs explaining the threat. */
-    labels?: Record<string, string>;
-    /** Context values that caused the trigger. */
-    triggering_context: Record<string, unknown>;
     /** Supporting evidence. */
     evidence?: Record<string, unknown>;
+    /** Key-value pairs explaining the threat. */
+    labels?: Record<string, string>;
+    /** Human-readable summary of the root cause. */
+    summary: string;
     /** Policy IDs triggered by this root cause. */
     triggered_policies: string[];
+    /** Context values that caused the trigger. */
+    triggering_context: Record<string, unknown>;
 }
-/** Session state changes after evaluation. */
+/**  */
 interface SessionDelta {
-    /** Updated turn count. */
-    turn_count: number;
     /** Updated cumulative risk score (0-100). */
     cumulative_risk: number;
-    /** Tokens used in this turn. */
-    tokens_used_delta?: number;
     /** Action performed in this turn. */
     new_action?: string;
+    /** Tokens used in this turn. */
+    tokens_used_delta?: number;
+    /** Updated turn count. */
+    turn_count: number;
 }
-/** Response from POST /v1/guard. */
+/**  */
+interface Signal {
+    /** Taxonomy domain (e.g. semantic, tools, agent_security). */
+    category: string;
+    /** Projected context key that triggered this signal. */
+    context_key: string;
+    /** Human-readable signal name from taxonomy. */
+    name: string;
+    /** Normalized detection score (0-100). Boolean detectors default to 100. */
+    score: number;
+    /** Severity from taxonomy: low, medium, high, or critical. */
+    severity: string;
+    /** Taxonomy vulnerability ID (e.g. prompt_injection, credential_leakage). */
+    vulnerability_id: string;
+}
+/**  */
 interface GuardResponse {
-    decision: Decision;
     /** Cedar decision before mode override. */
     actual_decision?: string;
-    /** True if decision was changed by per-policy mode. */
-    mode_overridden?: boolean;
-    /** Strictest mode among determining policies. */
-    effective_mode?: string;
+    /** Authenticated agent identity (when agent request). */
+    agent_identity?: AgentIdentityTrace;
     /** True when alert-mode policy fired. */
     alerted?: boolean;
-    /** Human-readable policy decision reasoning. */
-    policy_reason?: string;
-    /** Mode override explanation (monitor/alert). */
-    mode_reason?: string;
-    /** Cedar diagnostic errors (rare). */
-    eval_errors?: string;
-    /** Unique audit trail ID. */
-    audit_id?: string;
-    /** Request trace ID. */
-    request_id?: string;
-    /** Response timestamp (RFC 3339). */
-    timestamp: string;
+    /** Merged detector context (when debug=true). */
+    context?: Record<string, unknown>;
+    /** Cedar evaluation debug info (when debug=true). */
+    debug_info?: DebugInfo;
+    /** Guard decision: allow or deny. */
+    decision: Decision;
+    /** Per-detector results (when debug=true). */
+    detectors?: DetectorResult[];
     /** Policies that determined the decision. */
     determining_policies?: DeterminingPolicy[];
-    /** Per-detector results. */
-    detectors: DetectorResult[];
-    /** Merged detector context. */
-    context: Record<string, unknown>;
-    /** Total evaluation latency in milliseconds. */
-    latency_ms: number;
+    /** Strictest mode among determining policies. */
+    effective_mode?: string;
+    /** Cedar diagnostic errors (rare). */
+    eval_errors?: string;
     /** Cedar evaluation latency in milliseconds. */
     eval_latency_ms?: number;
-    /** Detector tiers that ran (fast, standard, slow). */
-    tiers_evaluated: string[];
-    /** Detector tiers skipped due to early exit. */
-    tiers_skipped?: string[];
-    session_delta?: SessionDelta;
-    agent_identity?: AgentIdentityTrace;
     /** Structured policy explanation (when explain=true). */
-    explanation?: Record<string, unknown>;
+    explanation?: ExplainedDecision;
+    /** Total evaluation latency in milliseconds. */
+    latency_ms: number;
+    /** True if decision was changed by per-policy mode. */
+    mode_overridden?: boolean;
+    /** Mode override explanation (monitor/alert). */
+    mode_reason?: string;
+    /** Detector optimization plan (when optimize=true). */
+    optimization?: OptimizationReport;
+    /** Human-readable policy decision reasoning. */
+    policy_reason?: string;
+    /** Cedar-normalized context sent to the evaluator (when explain=true). */
+    projected_context?: Record<string, unknown>;
+    /** Request trace ID. */
+    request_id: string;
     /** Root cause analysis for triggered detections. */
     root_causes?: RootCause[];
-    /** Cedar-normalized context (when debug=true). */
-    projected_context?: Record<string, unknown>;
-    optimization?: OptimizationReport;
-    debug_info?: DebugInfo;
+    /** Session state changes after evaluation. */
+    session_delta?: SessionDelta;
+    /** Taxonomy-aligned detection signals. Always populated when detectors fire above threshold, sorted by severity. */
+    signals: Signal[];
+    /** Detector tiers that ran (fast, standard, slow). */
+    tiers_evaluated?: string[];
+    /** Detector tiers skipped due to early exit. */
+    tiers_skipped?: string[];
+    /** Response timestamp (RFC 3339). */
+    timestamp: string;
 }
-/** Response from GET /v1/health. */
+/**  */
 interface HealthResponse {
-    /** Overall health status. */
-    status: "healthy" | "degraded";
-    /** Per-detector health status. */
+    /** Per-detector health status (healthy, degraded, or error) */
     detectors?: Record<string, string>;
-    /** Cedar evaluator status. */
+    /** Cedar evaluator status */
     evaluator?: "ready" | "no_policies";
+    /** Overall health status */
+    status: "healthy" | "degraded";
 }
-/** Response from GET /v1/detectors. */
+/**  */
 interface ListDetectorsResponse {
-    /** Available detectors. */
-    detectors: DetectorInfo[];
-    /** Total number of registered detectors. */
+    /** Total number of registered detectors */
     count: number;
+    /** Available detectors with name, version, tier, context keys, and health status */
+    detectors: DetectorInfo[];
 }
 /** RFC 9457 Problem Details error format. */
 interface ProblemDetails {
+    /** Detailed error message. */
+    detail?: string;
     /** HTTP status code. */
     status: number;
     /** Short error title. */
     title: string;
-    /** Detailed error message. */
-    detail?: string;
 }
 /** A Server-Sent Event from the guard stream. */
 interface StreamEvent {
-    /** Event type: detector_result (per-detector), decision (final), or error. */
-    type: "detector_result" | "decision" | "error";
     /** Event payload (DetectorResult for detector_result, GuardResponse for decision). */
     data: Record<string, unknown>;
+    /** Event type: detector_result (per-detector), decision (final), or error. */
+    type: "detector_result" | "decision" | "error";
 }
 /** Response from the token exchange endpoint (used by SDK auth). */
 interface TokenResponse {
     /** RS256 JWT token. */
     access_token: string;
-    /** Token type (always Bearer). */
-    token_type?: string;
-    /** Token lifetime in seconds. */
-    expires_in: number;
     /** Account ID from token claims. */
     account_id?: string;
+    /** Token lifetime in seconds. */
+    expires_in: number;
     /** Gateway ID from token claims. */
     gateway_id?: string;
     /** Project ID from token claims. */
     project_id?: string;
+    /** Token type (always Bearer). */
+    token_type?: string;
 }
 /**
@@ -641,4 +749,4 @@ declare class Shield {
     wrap(options: WrapOptions): <TArgs extends unknown[], TReturn>(fn: (...args: TArgs) => TReturn | Promise<TReturn>) => (...args: TArgs) => Promise<Awaited<TReturn>>;
 }
-export { APIConnectionError, APIError, type AgentIdentityTrace, AuthenticationError, BlockedError, type ContentType, type ContextKeySpec, type DebugInfo, type DebugPoliciesResponse, DebugResource, type Decision, type DetectRequest, DetectResource, type DetectResponse, type DetectorInfo, type DetectorResult, DetectorsResource, type DeterminingPolicy, type FileContext, type GuardRequest, GuardResource, type GuardResponse, type HealthResponse, Highflame, HighflameError, type HighflameOptions, type ListDetectorsResponse, type Logger, type MCPContext, type Mode, type ModelContext, type ModelResponseOptions, type OptimizationReport, type PolicySummary, type ProblemDetails, type PromptOptions, RateLimitError, type RequestOptions, type RootCause, type SessionDelta, Shield, type StreamEvent, type TokenResponse, type ToolContext, type ToolOptions, type ToolResponseOptions, VERSION, type WrapOptions };
+export { APIConnectionError, APIError, type AgentIdentityTrace, AuthenticationError, BlockedError, type ContentType, type ContextKeySpec, type DebugInfo, type DebugPoliciesResponse, DebugResource, type Decision, type DetectRequest, DetectResource, type DetectResponse, type DetectorInfo, type DetectorResult, DetectorsResource, type DeterminingPolicy, type FileContext, type GuardRequest, GuardResource, type GuardResponse, type HealthResponse, Highflame, HighflameError, type HighflameOptions, type ListDetectorsResponse, type Logger, type MCPContext, type Mode, type ModelContext, type ModelResponseOptions, type OptimizationReport, type PolicySummary, type ProblemDetails, type PromptOptions, RateLimitError, type RequestOptions, type RootCause, type SessionDelta, Shield, type Signal, type StreamEvent, type TokenResponse, type ToolContext, type ToolOptions, type ToolResponseOptions, VERSION, type WrapOptions };