@houtini/lm 1.0.0

package/dist/security/integration-helpers.d.ts

@@ -0,0 +1,121 @@
+/**
+ * Security Integration Helpers
+ *
+ * Provides easy-to-use wrapper functions and decorators for integrating
+ * security into existing plugins with minimal code changes.
+ */
+import { type PluginInterface } from './security-service.js';
+/**
+ * Simple wrapper function that can be added to any plugin's execute method
+ *
+ * Usage in any plugin:
+ *   import { withSecurity } from '../security/integration-helpers.js';
+ *
+ *   async execute(params: any, llmClient: any) {
+ *     return await withSecurity(this, params, llmClient, async (secureParams) => {
+ *       // Your existing plugin logic here
+ *       return await this.originalLogic(secureParams, llmClient);
+ *     });
+ *   }
+ */
+export declare function withSecurity<T>(plugin: PluginInterface, params: any, llmClient: any, originalLogic: (secureParams: any) => Promise<T>): Promise<T>;
+/**
+ * Quick parameter validation helper
+ *
+ * Usage:
+ *   const safePath = await secureParam(params.filePath, 'file-path');
+ *   const safeCode = await secureParam(params.code, 'code');
+ */
+export declare function secureParam(value: any, context?: 'file-path' | 'code' | 'prompt' | 'general'): Promise<any>;
+/**
+ * File path validation helper
+ *
+ * Usage:
+ *   const safePath = await validatePath(params.filePath);
+ *   const content = await readFileContent(safePath);
+ */
+export declare function validatePath(filePath: string): Promise<string>;
+/**
+ * Output encoding helper
+ *
+ * Usage:
+ *   const safeHtml = encodeForContext(userContent, 'html');
+ *   const safeJson = encodeForContext(responseData, 'json');
+ */
+export declare function encodeForContext(content: any, context: 'html' | 'json' | 'markdown' | 'plain-text' | 'code' | 'xml'): any;
+/**
+ * Plugin wrapper class for complete security integration
+ *
+ * Usage:
+ *   class MyPlugin extends SecurePlugin {
+ *     // Your plugin implementation
+ *   }
+ */
+export declare abstract class SecurePlugin implements PluginInterface {
+    abstract name: string;
+    abstract category: 'analyze' | 'generate' | 'multifile' | 'custom' | 'system';
+    abstract executeSecurely(params: any, llmClient: any): Promise<any>;
+    execute(params: any, llmClient: any): Promise<any>;
+    executeOriginal(params: any, llmClient: any): Promise<any>;
+}
+/**
+ * Utility function to wrap existing plugin execute methods
+ *
+ * Usage in plugin files:
+ *   const originalExecute = plugin.execute.bind(plugin);
+ *   plugin.execute = wrapPluginExecution(plugin, originalExecute);
+ */
+export declare function wrapPluginExecution(plugin: PluginInterface, originalExecute: (params: any, llmClient: any) => Promise<any>): (params: any, llmClient: any) => Promise<any>;
+/**
+ * Batch security processing for multiple parameters
+ *
+ * Usage:
+ *   const secureParams = await secureMultipleParams({
+ *     filePath: params.filePath,
+ *     code: params.code,
+ *     userInput: params.userInput
+ *   }, {
+ *     filePath: 'file-path',
+ *     code: 'code',
+ *     userInput: 'general'
+ *   });
+ */
+export declare function secureMultipleParams(params: Record<string, any>, contexts: Record<string, 'file-path' | 'code' | 'prompt' | 'general'>): Promise<Record<string, any>>;
+/**
+ * Security configuration helper
+ */
+export declare const SecurityConfig: {
+    /**
+     * Enable/disable security features globally
+     */
+    setGlobal(config: {
+        sanitisation?: boolean;
+        injectionDetection?: boolean;
+        outputEncoding?: boolean;
+        logEvents?: boolean;
+    }): void;
+    /**
+     * Get current security status
+     */
+    getStatus(): {
+        enabled: boolean;
+        features: Record<string, boolean>;
+        diagnostics: any;
+    };
+    /**
+     * Run security diagnostics
+     */
+    runTests(): {
+        sanitisation: boolean;
+        injection: {
+            passed: number;
+            failed: number;
+        };
+        encoding: {
+            passed: boolean;
+            errors: string[];
+        };
+        serviceHealth: boolean;
+    };
+};
+//# sourceMappingURL=integration-helpers.d.ts.map

package/dist/security/integration-helpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"integration-helpers.d.ts","sourceRoot":"","sources":["../../src/security/integration-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAoC,KAAK,eAAe,EAAuB,MAAM,uBAAuB,CAAC;AAEpH;;;;;;;;;;;;GAYG;AACH,wBAAsB,YAAY,CAAC,CAAC,EAClC,MAAM,EAAE,eAAe,EACvB,MAAM,EAAE,GAAG,EACX,SAAS,EAAE,GAAG,EACd,aAAa,EAAE,CAAC,YAAY,EAAE,GAAG,KAAK,OAAO,CAAC,CAAC,CAAC,GAC/C,OAAO,CAAC,CAAC,CAAC,CAaZ;AAED;;;;;;GAMG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,GAAG,EACV,OAAO,GAAE,WAAW,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAqB,GAC/D,OAAO,CAAC,GAAG,CAAC,CAgBd;AAED;;;;;;GAMG;AACH,wBAAsB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAQpE;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,GAAG,YAAY,GAAG,MAAM,GAAG,KAAK,GACpE,GAAG,CAQL;AAED;;;;;;;GAOG;AACH,8BAAsB,YAAa,YAAW,eAAe;IAC3D,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,QAAQ,GAAG,QAAQ,CAAC;IAG9E,QAAQ,CAAC,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;IAG7D,OAAO,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;IAKlD,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;CAGjE;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,eAAe,EACvB,eAAe,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,GAC7D,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,CAW/C;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC3B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,CAAC,GACpE,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAqB9B;AAED;;GAEG;AACH,eAAO,MAAM,cAAc;IACzB;;OAEG;sBACe;QAChB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,SAAS,CAAC,EAAE,OAAO,CAAC;KACrB,GAAG,IAAI;IASR;;OAEG;iBACU;QACX,OAAO,EAAE,OAAO,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAClC,WAAW,EAAE,GAAG,CAAC;KAClB;IAgBD;;OAEG;;;;;;;;;;;;;CAIJ,CAAC"}

package/dist/security/integration-helpers.js

@@ -0,0 +1,190 @@
+/**
+ * Security Integration Helpers
+ *
+ * Provides easy-to-use wrapper functions and decorators for integrating
+ * security into existing plugins with minimal code changes.
+ */
+import { securityService } from './security-service.js';
+/**
+ * Simple wrapper function that can be added to any plugin's execute method
+ *
+ * Usage in any plugin:
+ *   import { withSecurity } from '../security/integration-helpers.js';
+ *
+ *   async execute(params: any, llmClient: any) {
+ *     return await withSecurity(this, params, llmClient, async (secureParams) => {
+ *       // Your existing plugin logic here
+ *       return await this.originalLogic(secureParams, llmClient);
+ *     });
+ *   }
+ */
+export async function withSecurity(plugin, params, llmClient, originalLogic) {
+    // Use the singleton security service
+    const securityResult = await securityService.secureParameters(params, plugin.name);
+    if (securityResult.blocked) {
+        throw new Error(`Security violation: ${securityResult.warnings.join(', ')}`);
+    }
+    // Execute original logic with secured parameters
+    const result = await originalLogic(securityResult.sanitised);
+    // Secure the output
+    return await securityService.secureOutput(result, plugin.category);
+}
+/**
+ * Quick parameter validation helper
+ *
+ * Usage:
+ *   const safePath = await secureParam(params.filePath, 'file-path');
+ *   const safeCode = await secureParam(params.code, 'code');
+ */
+export async function secureParam(value, context = 'general') {
+    if (typeof value !== 'string') {
+        return value; // Non-string values pass through
+    }
+    const result = await securityService.quickCheck(value, 'parameter');
+    if (result.blocked) {
+        throw new Error(`Parameter blocked: ${result.warnings.join(', ')}`);
+    }
+    if (result.warnings.length > 0) {
+        console.warn('Parameter security warnings:', result.warnings);
+    }
+    return result.sanitised;
+}
+/**
+ * File path validation helper
+ *
+ * Usage:
+ *   const safePath = await validatePath(params.filePath);
+ *   const content = await readFileContent(safePath);
+ */
+export async function validatePath(filePath) {
+    const result = await securityService.validateFilePath(filePath);
+    if (result.blocked) {
+        throw new Error(`File path blocked: ${result.warnings.join(', ')}`);
+    }
+    return result.sanitised;
+}
+/**
+ * Output encoding helper
+ *
+ * Usage:
+ *   const safeHtml = encodeForContext(userContent, 'html');
+ *   const safeJson = encodeForContext(responseData, 'json');
+ */
+export function encodeForContext(content, context) {
+    const result = securityService.encodeOutput(content, context);
+    if (result.warnings.length > 0) {
+        console.warn('Output encoding warnings:', result.warnings);
+    }
+    return result.encoded;
+}
+/**
+ * Plugin wrapper class for complete security integration
+ *
+ * Usage:
+ *   class MyPlugin extends SecurePlugin {
+ *     // Your plugin implementation
+ *   }
+ */
+export class SecurePlugin {
+    // This is called by the MCP system
+    async execute(params, llmClient) {
+        return await securityService.executeSecurely(this, params, llmClient);
+    }
+    // Redirect to executeSecurely for the security service
+    async executeOriginal(params, llmClient) {
+        return await this.executeSecurely(params, llmClient);
+    }
+}
+/**
+ * Utility function to wrap existing plugin execute methods
+ *
+ * Usage in plugin files:
+ *   const originalExecute = plugin.execute.bind(plugin);
+ *   plugin.execute = wrapPluginExecution(plugin, originalExecute);
+ */
+export function wrapPluginExecution(plugin, originalExecute) {
+    return async (params, llmClient) => {
+        // Create a temporary plugin interface for the security service
+        const wrappedPlugin = {
+            name: plugin.name,
+            category: plugin.category,
+            execute: originalExecute
+        };
+        return await securityService.executeSecurely(wrappedPlugin, params, llmClient);
+    };
+}
+/**
+ * Batch security processing for multiple parameters
+ *
+ * Usage:
+ *   const secureParams = await secureMultipleParams({
+ *     filePath: params.filePath,
+ *     code: params.code,
+ *     userInput: params.userInput
+ *   }, {
+ *     filePath: 'file-path',
+ *     code: 'code',
+ *     userInput: 'general'
+ *   });
+ */
+export async function secureMultipleParams(params, contexts) {
+    const secured = {};
+    const warnings = [];
+    for (const [key, value] of Object.entries(params)) {
+        if (typeof value === 'string' && contexts[key]) {
+            try {
+                secured[key] = await secureParam(value, contexts[key]);
+            }
+            catch (error) {
+                throw new Error(`Security violation in parameter '${key}': ${error.message}`);
+            }
+        }
+        else {
+            secured[key] = value;
+        }
+    }
+    if (warnings.length > 0) {
+        console.warn('Batch security warnings:', warnings);
+    }
+    return secured;
+}
+/**
+ * Security configuration helper
+ */
+export const SecurityConfig = {
+    /**
+     * Enable/disable security features globally
+     */
+    setGlobal(config) {
+        securityService.updateConfig({
+            enableSanitisation: config.sanitisation,
+            enableInjectionDetection: config.injectionDetection,
+            enableOutputEncoding: config.outputEncoding,
+            logSecurityEvents: config.logEvents
+        });
+    },
+    /**
+     * Get current security status
+     */
+    getStatus() {
+        const config = securityService.getConfig();
+        const diagnostics = securityService.runDiagnostics();
+        return {
+            enabled: config.enableSanitisation || config.enableInjectionDetection || config.enableOutputEncoding,
+            features: {
+                sanitisation: config.enableSanitisation || false,
+                injectionDetection: config.enableInjectionDetection || false,
+                outputEncoding: config.enableOutputEncoding || false,
+                logging: config.logSecurityEvents || false
+            },
+            diagnostics
+        };
+    },
+    /**
+     * Run security diagnostics
+     */
+    runTests() {
+        return securityService.runDiagnostics();
+    }
+};
+//# sourceMappingURL=integration-helpers.js.map

package/dist/security/integration-helpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"integration-helpers.js","sourceRoot":"","sources":["../../src/security/integration-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAmB,eAAe,EAA6C,MAAM,uBAAuB,CAAC;AAEpH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAAuB,EACvB,MAAW,EACX,SAAc,EACd,aAAgD;IAEhD,qCAAqC;IACrC,MAAM,cAAc,GAAG,MAAM,eAAe,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IAEnF,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,uBAAuB,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,iDAAiD;IACjD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IAE7D,oBAAoB;IACpB,OAAO,MAAM,eAAe,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAM,CAAC;AAC1E,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,KAAU,EACV,UAAuD,SAAS;IAEhE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC,CAAC,iCAAiC;IACjD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,UAAU,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IAEpE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,sBAAsB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,MAAM,CAAC,SAAS,CAAC;AAC1B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,QAAgB;IACjD,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAEhE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,sBAAsB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,OAAO,MAAM,CAAC,SAAmB,CAAC;AACpC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAC9B,OAAY,EACZ,OAAqE;IAErE,MAAM,MAAM,GAAG,eAAe,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAE9D,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,MAAM,CAAC,OAAO,CAAC;AACxB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,OAAgB,YAAY;IAOhC,mCAAmC;IACnC,KAAK,CAAC,OAAO,CAAC,MAAW,EAAE,SAAc;QACvC,OAAO,MAAM,eAAe,CAAC,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;IACxE,CAAC;IAED,uDAAuD;IACvD,KAAK,CAAC,eAAe,CAAC,MAAW,EAAE,SAAc;QAC/C,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACvD,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAuB,EACvB,eAA8D;IAE9D,OAAO,KAAK,EAAE,MAAW,EAAE,SAAc,EAAE,EAAE;QAC3C,+DAA+D;QAC/D,MAAM,aAAa,GAAoB;YACrC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,OAAO,EAAE,eAAe;SACzB,CAAC;QAEF,OAAO,MAAM,eAAe,CAAC,eAAe,CAAC,aAAa,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;IACjF,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA2B,EAC3B,QAAqE;IAErE,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;YACzD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,MAAO,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3F,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACvB,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B;;OAEG;IACH,SAAS,CAAC,MAKT;QACC,eAAe,CAAC,YAAY,CAAC;YAC3B,kBAAkB,EAAE,MAAM,CAAC,YAAY;YACvC,wBAAwB,EAAE,MAAM,CAAC,kBAAkB;YACnD,oBAAoB,EAAE,MAAM,CAAC,cAAc;YAC3C,iBAAiB,EAAE,MAAM,CAAC,SAAS;SACpC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,SAAS;QAKP,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAG,eAAe,CAAC,cAAc,EAAE,CAAC;QAErD,OAAO;YACL,OAAO,EAAE,MAAM,CAAC,kBAAkB,IAAI,MAAM,CAAC,wBAAwB,IAAI,MAAM,CAAC,oBAAoB;YACpG,QAAQ,EAAE;gBACR,YAAY,EAAE,MAAM,CAAC,kBAAkB,IAAI,KAAK;gBAChD,kBAAkB,EAAE,MAAM,CAAC,wBAAwB,IAAI,KAAK;gBAC5D,cAAc,EAAE,MAAM,CAAC,oBAAoB,IAAI,KAAK;gBACpD,OAAO,EAAE,MAAM,CAAC,iBAAiB,IAAI,KAAK;aAC3C;YACD,WAAW;SACZ,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,eAAe,CAAC,cAAc,EAAE,CAAC;IAC1C,CAAC;CACF,CAAC"}

package/dist/security/output-encoder.d.ts

@@ -0,0 +1,94 @@
+/**
+ * Output Encoding and Sanitisation
+ *
+ * Provides safe encoding of LLM outputs for different contexts
+ * preventing XSS and other injection attacks in responses
+ */
+export type OutputContext = 'html' | 'json' | 'markdown' | 'plain-text' | 'code' | 'xml';
+export interface EncodingOptions {
+    context: OutputContext;
+    preserveFormatting?: boolean;
+    allowedTags?: string[];
+    maxLength?: number;
+}
+export interface EncodingResult {
+    encoded: string;
+    truncated: boolean;
+    removedElements: string[];
+    warnings: string[];
+}
+export declare class OutputEncoder {
+    private static readonly HTML_ENTITIES;
+    private static readonly SAFE_HTML_TAGS;
+    private static readonly DANGEROUS_PATTERNS;
+    /**
+     * Encode output based on context
+     */
+    static encode(content: any, options: EncodingOptions): EncodingResult;
+    /**
+     * Encode for HTML context
+     */
+    private static encodeForHtml;
+    /**
+     * Encode for JSON context
+     */
+    private static encodeForJson;
+    /**
+     * Encode for Markdown context
+     */
+    private static encodeForMarkdown;
+    /**
+     * Encode for code context
+     */
+    private static encodeForCode;
+    /**
+     * Encode for XML context
+     */
+    private static encodeForXml;
+    /**
+     * Encode for plain text context
+     */
+    private static encodeForPlainText;
+    /**
+     * Escape HTML entities
+     */
+    private static escapeHtmlEntities;
+    /**
+     * Sanitise HTML while preserving whitelisted tags
+     */
+    private static sanitiseHtmlWithWhitelist;
+    /**
+     * Encode streaming response chunks safely
+     */
+    static encodeStreamChunk(chunk: string, context: OutputContext, chunkIndex: number): {
+        encoded: string;
+        safe: boolean;
+        warnings: string[];
+    };
+    /**
+     * Batch encode multiple outputs
+     */
+    static encodeBatch(contents: string[], options: EncodingOptions): EncodingResult[];
+    /**
+     * Create safe output object for API responses
+     */
+    static createSafeResponse(data: any, context?: OutputContext): {
+        data: any;
+        metadata: {
+            encoded: boolean;
+            warnings: string[];
+        };
+    };
+    /**
+     * Recursively encode object properties
+     */
+    private static encodeObjectRecursively;
+    /**
+     * Validate encoding is working correctly
+     */
+    static validateEncoding(): {
+        passed: boolean;
+        errors: string[];
+    };
+}
+//# sourceMappingURL=output-encoder.d.ts.map

package/dist/security/output-encoder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"output-encoder.d.ts","sourceRoot":"","sources":["../../src/security/output-encoder.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,GAAG,YAAY,GAAG,MAAM,GAAG,KAAK,CAAC;AAEzF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,aAAa,CAAC;IACvB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,qBAAa,aAAa;IAGxB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CASnC;IAGF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAGpC;IAIF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAaxC;IAEF;;OAEG;IACH,MAAM,CAAC,MAAM,CACX,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,eAAe,GACvB,cAAc;IA+DjB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAc5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IAQhC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAe5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAS3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,kBAAkB;IAQjC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,kBAAkB;IAIjC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,yBAAyB;IAmBxC;;OAEG;IACH,MAAM,CAAC,iBAAiB,CACtB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,aAAa,EACtB,UAAU,EAAE,MAAM,GACjB;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;KAAE;IAsBzD;;OAEG;IACH,MAAM,CAAC,WAAW,CAChB,QAAQ,EAAE,MAAM,EAAE,EAClB,OAAO,EAAE,eAAe,GACvB,cAAc,EAAE;IAInB;;OAEG;IACH,MAAM,CAAC,kBAAkB,CACvB,IAAI,EAAE,GAAG,EACT,OAAO,GAAE,aAAsB,GAC9B;QAAE,IAAI,EAAE,GAAG,CAAC;QAAC,QAAQ,EAAE;YAAE,OAAO,EAAE,OAAO,CAAC;YAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;SAAE,CAAA;KAAE;IAqBpE;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;IA0BtC;;OAEG;IACH,MAAM,CAAC,gBAAgB,IAAI;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE;CAiCjE"}