@jterrats/open-orchestra 1.0.17 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +44 -0
- package/CLAUDE.md +1 -0
- package/dist/active-runtime-store.d.ts +18 -0
- package/dist/active-runtime-store.js +75 -0
- package/dist/active-runtime-store.js.map +1 -0
- package/dist/chat-api-errors.d.ts +7 -0
- package/dist/chat-api-errors.js +15 -0
- package/dist/chat-api-errors.js.map +1 -0
- package/dist/chat-api-message-persistence.d.ts +12 -0
- package/dist/chat-api-message-persistence.js +125 -0
- package/dist/chat-api-message-persistence.js.map +1 -0
- package/dist/chat-api-records.d.ts +35 -0
- package/dist/chat-api-records.js +94 -0
- package/dist/chat-api-records.js.map +1 -0
- package/dist/chat-api-service.d.ts +32 -0
- package/dist/chat-api-service.js +120 -0
- package/dist/chat-api-service.js.map +1 -0
- package/dist/chat-api-storage.d.ts +1 -0
- package/dist/chat-api-storage.js +14 -0
- package/dist/chat-api-storage.js.map +1 -0
- package/dist/chat-api-types.d.ts +81 -0
- package/dist/chat-api-types.js +2 -0
- package/dist/chat-api-types.js.map +1 -0
- package/dist/chat-compliance-service.d.ts +60 -0
- package/dist/chat-compliance-service.js +241 -0
- package/dist/chat-compliance-service.js.map +1 -0
- package/dist/chat-event-stream.d.ts +13 -0
- package/dist/chat-event-stream.js +124 -0
- package/dist/chat-event-stream.js.map +1 -0
- package/dist/chat-pagination.d.ts +6 -0
- package/dist/chat-pagination.js +64 -0
- package/dist/chat-pagination.js.map +1 -0
- package/dist/chat-storage-actor-validation.d.ts +4 -0
- package/dist/chat-storage-actor-validation.js +65 -0
- package/dist/chat-storage-actor-validation.js.map +1 -0
- package/dist/chat-storage-content-policy.d.ts +6 -0
- package/dist/chat-storage-content-policy.js +84 -0
- package/dist/chat-storage-content-policy.js.map +1 -0
- package/dist/chat-storage-errors.d.ts +20 -0
- package/dist/chat-storage-errors.js +17 -0
- package/dist/chat-storage-errors.js.map +1 -0
- package/dist/chat-storage-local-files.d.ts +17 -0
- package/dist/chat-storage-local-files.js +78 -0
- package/dist/chat-storage-local-files.js.map +1 -0
- package/dist/chat-storage-local-paths.d.ts +6 -0
- package/dist/chat-storage-local-paths.js +124 -0
- package/dist/chat-storage-local-paths.js.map +1 -0
- package/dist/chat-storage-local-projection.d.ts +10 -0
- package/dist/chat-storage-local-projection.js +55 -0
- package/dist/chat-storage-local-projection.js.map +1 -0
- package/dist/chat-storage-local-records.d.ts +13 -0
- package/dist/chat-storage-local-records.js +56 -0
- package/dist/chat-storage-local-records.js.map +1 -0
- package/dist/chat-storage-local.d.ts +6 -0
- package/dist/chat-storage-local.js +114 -0
- package/dist/chat-storage-local.js.map +1 -0
- package/dist/chat-storage-validation.d.ts +10 -0
- package/dist/chat-storage-validation.js +100 -0
- package/dist/chat-storage-validation.js.map +1 -0
- package/dist/chat-storage.d.ts +16 -0
- package/dist/chat-storage.js +4 -0
- package/dist/chat-storage.js.map +1 -0
- package/dist/chat-workflow-timeline.d.ts +17 -0
- package/dist/chat-workflow-timeline.js +210 -0
- package/dist/chat-workflow-timeline.js.map +1 -0
- package/dist/{workspace-claude-settings.d.ts → claude-settings.d.ts} +22 -3
- package/dist/{workspace-claude-settings.js → claude-settings.js} +28 -9
- package/dist/claude-settings.js.map +1 -0
- package/dist/command-init.d.ts +2 -0
- package/dist/command-init.js +150 -0
- package/dist/command-init.js.map +1 -0
- package/dist/command-manifest.js +1 -1
- package/dist/command-manifest.js.map +1 -1
- package/dist/commands.d.ts +1 -1
- package/dist/commands.js +1 -140
- package/dist/commands.js.map +1 -1
- package/dist/constants.d.ts +1 -0
- package/dist/constants.js +1 -0
- package/dist/constants.js.map +1 -1
- package/dist/context-runtime-preprocessor.d.ts +41 -0
- package/dist/context-runtime-preprocessor.js +199 -0
- package/dist/context-runtime-preprocessor.js.map +1 -0
- package/dist/cursor-settings.d.ts +25 -0
- package/dist/cursor-settings.js +72 -0
- package/dist/cursor-settings.js.map +1 -0
- package/dist/health-commands.js +43 -3
- package/dist/health-commands.js.map +1 -1
- package/dist/model-aliases.d.ts +5 -0
- package/dist/model-aliases.js +37 -0
- package/dist/model-aliases.js.map +1 -0
- package/dist/ollama-provider.js +25 -0
- package/dist/ollama-provider.js.map +1 -1
- package/dist/phase-playbooks.js +11 -0
- package/dist/phase-playbooks.js.map +1 -1
- package/dist/provider-agent-wrapper.js +14 -0
- package/dist/provider-agent-wrapper.js.map +1 -1
- package/dist/qa-e2e-artifacts.js +71 -3
- package/dist/qa-e2e-artifacts.js.map +1 -1
- package/dist/runtime-adapters.js +56 -0
- package/dist/runtime-adapters.js.map +1 -1
- package/dist/runtime-bootstrap.js +32 -22
- package/dist/runtime-bootstrap.js.map +1 -1
- package/dist/runtime-child-prompt.js +8 -0
- package/dist/runtime-child-prompt.js.map +1 -1
- package/dist/runtime-context-manifest.d.ts +4 -1
- package/dist/runtime-context-manifest.js +59 -3
- package/dist/runtime-context-manifest.js.map +1 -1
- package/dist/runtime-execution-adapters.js +19 -0
- package/dist/runtime-execution-adapters.js.map +1 -1
- package/dist/runtime-execution-renderer.js +4 -0
- package/dist/runtime-execution-renderer.js.map +1 -1
- package/dist/runtime-execution.js +13 -82
- package/dist/runtime-execution.js.map +1 -1
- package/dist/runtime-hooks.d.ts +46 -0
- package/dist/runtime-hooks.js +95 -0
- package/dist/runtime-hooks.js.map +1 -0
- package/dist/runtime-parent-actions.js +5 -0
- package/dist/runtime-parent-actions.js.map +1 -1
- package/dist/runtime-spawn-bridge.js +1 -0
- package/dist/runtime-spawn-bridge.js.map +1 -1
- package/dist/runtime-spawn-guidance.js +15 -61
- package/dist/runtime-spawn-guidance.js.map +1 -1
- package/dist/security/chat-guardrail-policy.d.ts +7 -0
- package/dist/security/chat-guardrail-policy.js +61 -0
- package/dist/security/chat-guardrail-policy.js.map +1 -0
- package/dist/security/chat-guardrail-types.d.ts +65 -0
- package/dist/security/chat-guardrail-types.js +2 -0
- package/dist/security/chat-guardrail-types.js.map +1 -0
- package/dist/security/chat-guardrail-validation.d.ts +9 -0
- package/dist/security/chat-guardrail-validation.js +64 -0
- package/dist/security/chat-guardrail-validation.js.map +1 -0
- package/dist/security/chat-guardrails.d.ts +3 -0
- package/dist/security/chat-guardrails.js +136 -0
- package/dist/security/chat-guardrails.js.map +1 -0
- package/dist/security/content-classifier.js +33 -1
- package/dist/security/content-classifier.js.map +1 -1
- package/dist/security/payment-card-detection.d.ts +3 -0
- package/dist/security/payment-card-detection.js +48 -0
- package/dist/security/payment-card-detection.js.map +1 -0
- package/dist/security/policy-types.d.ts +1 -1
- package/dist/security/provider-egress-policy.d.ts +27 -0
- package/dist/security/provider-egress-policy.js +72 -0
- package/dist/security/provider-egress-policy.js.map +1 -0
- package/dist/security/public-api-auth.d.ts +20 -0
- package/dist/security/public-api-auth.js +55 -0
- package/dist/security/public-api-auth.js.map +1 -0
- package/dist/security/public-api-policy.d.ts +8 -0
- package/dist/security/public-api-policy.js +40 -0
- package/dist/security/public-api-policy.js.map +1 -0
- package/dist/security/redaction.js +44 -13
- package/dist/security/redaction.js.map +1 -1
- package/dist/security/restricted-content-quarantine.d.ts +17 -0
- package/dist/security/restricted-content-quarantine.js +50 -0
- package/dist/security/restricted-content-quarantine.js.map +1 -0
- package/dist/security/restricted-data-classifier.d.ts +9 -0
- package/dist/security/restricted-data-classifier.js +358 -0
- package/dist/security/restricted-data-classifier.js.map +1 -0
- package/dist/skills-render.js +7 -14
- package/dist/skills-render.js.map +1 -1
- package/dist/telemetry-redaction.d.ts +2 -0
- package/dist/telemetry-redaction.js +25 -2
- package/dist/telemetry-redaction.js.map +1 -1
- package/dist/types/chat.d.ts +203 -0
- package/dist/types/chat.js +10 -0
- package/dist/types/chat.js.map +1 -0
- package/dist/types/model-config.d.ts +4 -0
- package/dist/types/public-api.d.ts +75 -0
- package/dist/types/public-api.js +2 -0
- package/dist/types/public-api.js.map +1 -0
- package/dist/types/restricted-data.d.ts +69 -0
- package/dist/types/restricted-data.js +8 -0
- package/dist/types/restricted-data.js.map +1 -0
- package/dist/types/restricted-fragment.d.ts +82 -0
- package/dist/types/restricted-fragment.js +14 -0
- package/dist/types/restricted-fragment.js.map +1 -0
- package/dist/types/runtime.d.ts +12 -0
- package/dist/types.d.ts +6 -0
- package/dist/types.js.map +1 -1
- package/dist/web-api.js +24 -0
- package/dist/web-api.js.map +1 -1
- package/dist/web-artifact-parsers.d.ts +6 -0
- package/dist/web-artifact-parsers.js +266 -0
- package/dist/web-artifact-parsers.js.map +1 -0
- package/dist/web-artifact-types.d.ts +76 -0
- package/dist/web-artifact-types.js +2 -0
- package/dist/web-artifact-types.js.map +1 -0
- package/dist/web-artifacts.d.ts +2 -43
- package/dist/web-artifacts.js +106 -57
- package/dist/web-artifacts.js.map +1 -1
- package/dist/web-chat-route-inputs.d.ts +11 -0
- package/dist/web-chat-route-inputs.js +156 -0
- package/dist/web-chat-route-inputs.js.map +1 -0
- package/dist/web-chat-routes.d.ts +7 -0
- package/dist/web-chat-routes.js +213 -0
- package/dist/web-chat-routes.js.map +1 -0
- package/dist/web-console/assets/index-CJup1cIA.css +1 -0
- package/dist/web-console/assets/index-CVDOfipu.js +11 -0
- package/dist/web-console/index.html +2 -2
- package/dist/web-evidence.d.ts +1 -1
- package/dist/web-evidence.js +9 -2
- package/dist/web-evidence.js.map +1 -1
- package/dist/web-public-route-inputs.d.ts +14 -0
- package/dist/web-public-route-inputs.js +136 -0
- package/dist/web-public-route-inputs.js.map +1 -0
- package/dist/web-public-routes.d.ts +6 -0
- package/dist/web-public-routes.js +194 -0
- package/dist/web-public-routes.js.map +1 -0
- package/dist/web-public-service.d.ts +16 -0
- package/dist/web-public-service.js +154 -0
- package/dist/web-public-service.js.map +1 -0
- package/dist/workflow-services.js +5 -0
- package/dist/workflow-services.js.map +1 -1
- package/dist/workspace-runtime-bootstrap.js +15 -4
- package/dist/workspace-runtime-bootstrap.js.map +1 -1
- package/docs/chat-audit-retention.md +76 -0
- package/docs/chat-provider-provenance-ledger.md +75 -0
- package/docs/context-runtime-preprocessing.md +37 -0
- package/docs/orchestra-mvp.md +8 -2
- package/docs/public-api-contract.md +43 -0
- package/docs/release-test-matrix.md +14 -14
- package/docs/restricted-fragment-storage-contract.md +147 -0
- package/docs/runtime-adapters.md +40 -7
- package/docs/site-manifest.json +128 -30
- package/package.json +5 -2
- package/site/dist/_headers +9 -0
- package/site/dist/_redirects +2 -0
- package/site/dist/architecture.mmd +61 -0
- package/site/dist/assets/index-Bi8l6tCE.js +10 -0
- package/site/dist/assets/index-BsCLqY__.css +1 -0
- package/site/dist/favicon.svg +19 -0
- package/site/dist/index.html +28 -0
- package/site/package.json +19 -0
- package/dist/web-console/assets/index-BHs7OIv8.css +0 -1
- package/dist/web-console/assets/index-BJuVTqfQ.js +0 -11
- package/dist/workspace-claude-settings.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runtime-spawn-bridge.js","sourceRoot":"","sources":["../src/runtime-spawn-bridge.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,2BAA2B,EAC3B,oCAAoC,GACrC,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,gCAAgC,EAAE,MAAM,qCAAqC,CAAC;AACvF,OAAO,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAC;AACzE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAaxE,MAAM,CAAC,KAAK,UAAU,iCAAiC,CAAC,EACtD,IAAI,EACJ,MAAM,EACN,KAAK,EACL,KAAK,EACL,IAAI,EACJ,OAAO,EACP,SAAS,EACT,MAAM,EACN,UAAU,EACV,OAAO,EACP,UAAU,EACV,aAAa,GAcd;IACC,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,WAAW,OAAO,CAAC,EAAE,gDAAgD,CACtE,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,wBAAwB,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,EAAE,kBAAkB,CAAC;IAC5H,MAAM,WAAW,GAAG,MAAM,gCAAgC,CAAC;QACzD,IAAI;QACJ,OAAO;QACP,MAAM;QACN,KAAK;QACL,IAAI;QACJ,UAAU;KACX,CAAC,CAAC;IACH,MAAM,eAAe,GAAG,MAAM,2BAA2B,CAAC;QACxD,IAAI;QACJ,MAAM;QACN,KAAK;QACL,IAAI;QACJ,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3C,WAAW;
|
|
1
|
+
{"version":3,"file":"runtime-spawn-bridge.js","sourceRoot":"","sources":["../src/runtime-spawn-bridge.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,2BAA2B,EAC3B,oCAAoC,GACrC,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,gCAAgC,EAAE,MAAM,qCAAqC,CAAC;AACvF,OAAO,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAC;AACzE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAaxE,MAAM,CAAC,KAAK,UAAU,iCAAiC,CAAC,EACtD,IAAI,EACJ,MAAM,EACN,KAAK,EACL,KAAK,EACL,IAAI,EACJ,OAAO,EACP,SAAS,EACT,MAAM,EACN,UAAU,EACV,OAAO,EACP,UAAU,EACV,aAAa,GAcd;IACC,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,WAAW,OAAO,CAAC,EAAE,gDAAgD,CACtE,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,wBAAwB,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,EAAE,kBAAkB,CAAC;IAC5H,MAAM,WAAW,GAAG,MAAM,gCAAgC,CAAC;QACzD,IAAI;QACJ,OAAO;QACP,MAAM;QACN,KAAK;QACL,IAAI;QACJ,UAAU;KACX,CAAC,CAAC;IACH,MAAM,eAAe,GAAG,MAAM,2BAA2B,CAAC;QACxD,IAAI;QACJ,MAAM;QACN,KAAK;QACL,IAAI;QACJ,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3C,WAAW;QACX,cAAc,EAAE,UAAU,CAAC,KAAK;KACjC,CAAC,CAAC;IACH,MAAM,uBAAuB,GAAG,MAAM,aAAa,CACjD,IAAI,EACJ,MAAM,EACN,GAAG,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,EAAE,wBAAwB,EACrF,GAAG,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAChD,CAAC;IACF,MAAM,sBAAsB,GAAG,4BAA4B,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,IAAI,IAAI,qBAAqB,CAAC;IAC7H,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;QACnD,OAAO;QACP,SAAS;QACT,KAAK;QACL,IAAI;QACJ,UAAU;QACV,cAAc;QACd,uBAAuB;QACvB,GAAG,CAAC,WAAW,CAAC,MAAM,KAAK,OAAO;YAChC,CAAC,CAAC;gBACE,mBAAmB,EAAE,WAAW,CAAC,gBAAgB;gBACjD,iBAAiB,EAAE;oBACjB,SAAS,EAAE,WAAW,CAAC,SAAS;oBAChC,WAAW,EAAE,WAAW,CAAC,WAAW;oBACpC,SAAS,EAAE,WAAW,CAAC,SAAS;iBACjC;aACF;YACH,CAAC,CAAC,EAAE,CAAC;QACP,sBAAsB;KACvB,CAAC,CAAC;IACH,MAAM,qBAAqB,GAAG;QAC5B,MAAM;QACN,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3B,KAAK;QACL,IAAI;QACJ,OAAO,EAAE,OAAO,CAAC,EAAE;QACnB,SAAS;QACT,MAAM;QACN,eAAe,EAAE,OAAO,CAAC,SAAS,CAAC,KAAK;QACxC,mBAAmB;QACnB,UAAU;QACV,cAAc;QACd,uBAAuB;QACvB,GAAG,CAAC,WAAW,CAAC,MAAM,KAAK,OAAO;YAChC,CAAC,CAAC;gBACE,mBAAmB,EAAE,WAAW,CAAC,gBAAgB;gBACjD,iBAAiB,EAAE;oBACjB,SAAS,EAAE,WAAW,CAAC,SAAS;oBAChC,WAAW,EAAE,WAAW,CAAC,WAAW;oBACpC,SAAS,EAAE,WAAW,CAAC,SAAS;iBACjC;aACF;YACH,CAAC,CAAC,EAAE,CAAC;QACP,sBAAsB;QACtB,wBAAwB,EAAE,KAAc;QACxC,YAAY,EAAE;YACZ,IAAI,EAAE,YAAqB;YAC3B,iBAAiB,EAAE,KAAc;YACjC,UAAU,EAAE,kCAA2C;YACvD,YAAY,EAAE,mBAAmB,CAAC,iBAAiB;SACpD;QACD,eAAe,EAAE,2BAA2B,CAAC,OAAO,CAAC;QACrD,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,UAAU;KACX,CAAC;IACF,MAAM,mBAAmB,GAAG,yBAAyB,CACnD,OAAO,CAAC,iBAAiB,CAC1B,CAAC;IACF,MAAM,aAAa,GAAG,wBAAwB,CAAC;QAC7C,MAAM;QACN,KAAK;QACL,IAAI;QACJ,OAAO;QACP,SAAS;QACT,UAAU;QACV,OAAO;QACP,uBAAuB,EACrB,oCAAoC,CAAC,eAAe,CAAC;QACvD,sBAAsB;QACtB,mBAAmB;QACnB,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3C,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxD,CAAC,CAAC;IACH,MAAM,aAAa,CACjB,IAAI,EACJ,MAAM,EACN,GAAG,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,EAAE,kBAAkB,EAC/E,aAAa,CACd,CAAC;IAEF,MAAM,OAAO,GAAG,0BAA0B,CAAC;QACzC,OAAO;QACP,OAAO;QACP,OAAO,EAAE,qBAAqB;QAC9B,eAAe;QACf,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC5C,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAClC,IAAI,EACJ,MAAM,EACN,GAAG,MAAM,IAAI,KAAK,IAAI,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,EAAE,mBAAmB,EAChF,OAAO,CACR,CAAC;IACF,MAAM,OAAO,GAAwB;QACnC,GAAG,qBAAqB;QACxB,QAAQ;QACR,OAAO;KACR,CAAC;IAEF,MAAM,WAAW,CAAC,IAAI,EAAE;QACtB,IAAI,EACF,MAAM,KAAK,QAAQ;YACjB,CAAC,CAAC,mCAAmC;YACrC,CAAC,CAAC,gCAAgC;QACtC,MAAM;QACN,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,yBAAyB,MAAM,KAAK,KAAK,QAAQ,OAAO,CAAC,EAAE,EAAE;QACtE,SAAS,EAAE,CAAC,QAAQ,EAAE,cAAc,EAAE,uBAAuB,CAAC;QAC9D,QAAQ,EAAE;YACR,SAAS;YACT,OAAO,EAAE,OAAO,CAAC,EAAE;YACnB,KAAK;YACL,IAAI;YACJ,MAAM;YACN,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI;YACvC,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI;YACvC,mBAAmB;YACnB,cAAc;YACd,uBAAuB;YACvB,GAAG,CAAC,WAAW,CAAC,MAAM,KAAK,OAAO;gBAChC,CAAC,CAAC;oBACE,mBAAmB,EAAE,WAAW,CAAC,gBAAgB;oBACjD,iBAAiB,EAAE;wBACjB,SAAS,EAAE,WAAW,CAAC,SAAS;wBAChC,WAAW,EAAE,WAAW,CAAC,WAAW;wBACpC,SAAS,EAAE,WAAW,CAAC,SAAS;qBACjC;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;YACP,sBAAsB;YACtB,wBAAwB,EAAE,KAAK;YAC/B,UAAU;SACX;KACF,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAaD,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAAC,EAChD,IAAI,EACJ,SAAS,EACT,MAAM,EACN,OAAO,EACP,cAAc,EACd,QAAQ,GAQT;IACC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;IACtE,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,0BAA0B,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CACb,kDAAkD,SAAS,EAAE,CAC9D,CAAC;IACJ,CAAC;IACD,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IAClE,OAAO,WAAW,CAAC,IAAI,EAAE;QACvB,IAAI,EAAE,0BAA0B,CAAC,MAAM,CAAC;QACxC,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,OAAO,IAAI,2BAA2B,MAAM,KAAK,SAAS,EAAE;QACrE,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;QAC5D,QAAQ,EAAE;YACR,SAAS;YACT,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC;YAC3C,KAAK,EAAE,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC;YACvC,IAAI,EAAE,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC;YACrC,KAAK,EAAE,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,MAAM;gBAC3C,CAAC,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC;gBACjC,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;YACrD,cAAc,EAAE,cAAc,IAAI,eAAe;YACjD,iBAAiB,EAAE,OAAO,CAAC,IAAI;YAC/B,MAAM;YACN,wBAAwB,EAAE,KAAK;SAChC;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,gCAAgC,CAC9C,KAAa;IAEb,IACE,KAAK,KAAK,SAAS;QACnB,KAAK,KAAK,QAAQ;QAClB,KAAK,KAAK,WAAW;QACrB,KAAK,KAAK,QAAQ;QAClB,KAAK,KAAK,WAAW;QACrB,KAAK,KAAK,UAAU;QACpB,KAAK,KAAK,QAAQ,EAClB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,IAAI,KAAK,CACb,2GAA2G,CAC5G,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,MAAoB,EACpB,SAAiB;IAEjB,OAAO,MAAM;SACV,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,KAAK,SAAS,CAAC;SACzD,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,0BAA0B,CACjC,MAAmC;IAEnC,MAAM,MAAM,GAAgD;QAC1D,OAAO,EAAE,oCAAoC;QAC7C,MAAM,EAAE,sCAAsC;QAC9C,SAAS,EAAE,sCAAsC;QACjD,MAAM,EAAE,mCAAmC;QAC3C,SAAS,EAAE,sCAAsC;QACjD,QAAQ,EAAE,qCAAqC;QAC/C,MAAM,EAAE,mCAAmC;KAC5C,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,cAAc,CAAC,KAAiB,EAAE,GAAW;IACpD,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACvE,CAAC;AAED,SAAS,aAAa,CAAC,KAAiB,EAAE,GAAW;IACnD,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QACzB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC;QAClE,CAAC,CAAC,EAAE,CAAC;AACT,CAAC;AAED,SAAS,yBAAyB,CAChC,UAAuC;IAEvC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC9C,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAE,CAAC;IAC3B,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,GAAG,CAAC;IAC1C,OAAO;QACL,OAAO,QAAQ,CAAC,IAAI,EAAE;QACtB,EAAE;QACF,QAAQ,CAAC,OAAO;QAChB,EAAE;QACF,YAAY,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACvC,aAAa,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACzC,cAAc,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC3C,eAAe,QAAQ,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACzD,YAAY,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACvC,uBAAuB,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE;QACzF,EAAE;QACF,QAAQ;QACR,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;KAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAgB;IAClD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC5C,IACE,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAC3B,CAAC,UAAU,CAAC,UAAU,CAAC,iBAAiB,CAAC,EACzC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;AACH,CAAC"}
|
|
@@ -1,67 +1,21 @@
|
|
|
1
|
+
import { getRuntimeAdapter } from "./runtime-adapters.js";
|
|
2
|
+
const COMMON_SPAWN_PROTOCOL_LINES = [
|
|
3
|
+
"- Spawn only from an Orchestra `runtime spawn-request` artifact; do not invent child context.",
|
|
4
|
+
"- Keep detached children in background and let the parent continue talking to the user.",
|
|
5
|
+
"- Record `spawned`, terminal status, evidence artifact, and agent id through `runtime spawn-lifecycle`.",
|
|
6
|
+
];
|
|
7
|
+
const GENERIC_SPAWN_PROTOCOL_FALLBACK = "- Unknown runtimes: keep the request-only packet and ask before falling back to single-agent execution.";
|
|
1
8
|
export function runtimeBootstrapSpawnLines(target) {
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
"- Codex parent runtimes should use `spawn_agent` for the rendered packet and avoid waiting by default.",
|
|
5
|
-
];
|
|
6
|
-
}
|
|
7
|
-
if (target === "claude") {
|
|
8
|
-
return [
|
|
9
|
-
"- Claude Code parent runtimes should launch the rendered packet with the native Agent/Subagent tool; use Task only when that is the exposed legacy alias.",
|
|
10
|
-
"- Prefer a role-named Claude subagent and record the resulting id or label in spawn lifecycle.",
|
|
11
|
-
"",
|
|
12
|
-
"### Claude Subagent Delegation — Exact Sequence",
|
|
13
|
-
"",
|
|
14
|
-
"When the user asks to delegate, or a workflow phase requires a subagent, follow this sequence without skipping steps:",
|
|
15
|
-
"",
|
|
16
|
-
"1. `orchestra workflow run --task <ID> --gates phase` — generates the spawn packet and session id.",
|
|
17
|
-
"2. `orchestra runtime parent-actions --task <ID> --json` — inspect pending `claude-agent-request` actions.",
|
|
18
|
-
"3. Read the `payload.promptArtifact` file from the action — this is the subagent prompt.",
|
|
19
|
-
"4. Launch a subagent using the native **Agent** tool with the prompt artifact content as the prompt.",
|
|
20
|
-
"5. `orchestra runtime spawn-lifecycle --session <sessionId> --status spawned --agent-id <label>` — record the child.",
|
|
21
|
-
"6. After the subagent writes its handoff artifact, run: `orchestra runtime parent-actions --task <ID> --dispatch --runtime claude-cli --until-idle` — this auto-detects completion and promotes queued sessions.",
|
|
22
|
-
"7. `orchestra workflow run --task <ID> --resume <run-id>` — advance the workflow to the next phase.",
|
|
23
|
-
"",
|
|
24
|
-
"**Never skip step 1.** The session id, spawn packet, and expected handoff path come from `orchestra workflow run`. Do not invent child context or launch subagents with ad-hoc prompts outside this sequence.",
|
|
25
|
-
"After the developer subagent completes, run `orchestra workflow run --task <ID> --resume <run-id>` to drive the QA phase; do not mark work done until QA evidence is recorded and the `qa→release` gate has been surfaced to the user.",
|
|
26
|
-
];
|
|
27
|
-
}
|
|
28
|
-
if (target === "cursor") {
|
|
29
|
-
return [
|
|
30
|
-
"- Cursor parent runtimes should launch the rendered packet as a Background Agent so work continues in parallel with the current chat.",
|
|
31
|
-
"- Record the Cursor Background Agent id or branch label in spawn lifecycle before resuming the workflow.",
|
|
32
|
-
];
|
|
33
|
-
}
|
|
34
|
-
return [
|
|
9
|
+
const adapter = getRuntimeAdapter(target);
|
|
10
|
+
return (adapter.bootstrapSpawnLines ?? [
|
|
35
11
|
"- If the runtime has no safe native background-agent mechanism, leave the packet as request-only and ask the user before falling back to single-agent execution.",
|
|
36
|
-
];
|
|
12
|
+
]);
|
|
37
13
|
}
|
|
38
14
|
export function runtimeSpawnProtocolLines(target) {
|
|
39
|
-
const
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
];
|
|
44
|
-
if (target === "claude") {
|
|
45
|
-
return [
|
|
46
|
-
...common,
|
|
47
|
-
"- Claude Code: use the native Agent/Subagent tool for the packet; use Task only if exposed as the legacy alias.",
|
|
48
|
-
];
|
|
49
|
-
}
|
|
50
|
-
if (target === "cursor") {
|
|
51
|
-
return [
|
|
52
|
-
...common,
|
|
53
|
-
"- Cursor: launch the packet as a Background Agent and record the Background Agent id or branch label.",
|
|
54
|
-
];
|
|
55
|
-
}
|
|
56
|
-
if (target === "codex") {
|
|
57
|
-
return [
|
|
58
|
-
...common,
|
|
59
|
-
"- Codex: use `spawn_agent` for the packet and avoid `wait_agent` unless the next critical step is blocked.",
|
|
60
|
-
];
|
|
61
|
-
}
|
|
62
|
-
return [
|
|
63
|
-
...common,
|
|
64
|
-
"- Unknown runtimes: keep the request-only packet and ask before falling back to single-agent execution.",
|
|
65
|
-
];
|
|
15
|
+
const adapter = getRuntimeAdapter(target);
|
|
16
|
+
return (adapter.spawnProtocolLines ?? [
|
|
17
|
+
...COMMON_SPAWN_PROTOCOL_LINES,
|
|
18
|
+
GENERIC_SPAWN_PROTOCOL_FALLBACK,
|
|
19
|
+
]);
|
|
66
20
|
}
|
|
67
21
|
//# sourceMappingURL=runtime-spawn-guidance.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runtime-spawn-guidance.js","sourceRoot":"","sources":["../src/runtime-spawn-guidance.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"runtime-spawn-guidance.js","sourceRoot":"","sources":["../src/runtime-spawn-guidance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,MAAM,2BAA2B,GAAG;IAClC,+FAA+F;IAC/F,yFAAyF;IACzF,yGAAyG;CAC1G,CAAC;AAEF,MAAM,+BAA+B,GACnC,yGAAyG,CAAC;AAE5G,MAAM,UAAU,0BAA0B,CACxC,MAAyB;IAEzB,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC1C,OAAO,CACL,OAAO,CAAC,mBAAmB,IAAI;QAC7B,kKAAkK;KACnK,CACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAAyB;IACjE,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC1C,OAAO,CACL,OAAO,CAAC,kBAAkB,IAAI;QAC5B,GAAG,2BAA2B;QAC9B,+BAA+B;KAChC,CACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import type { ChatGuardrailAction, ChatGuardrailOutcome, ChatGuardrailRequest } from "./chat-guardrail-types.js";
|
|
2
|
+
import type { DataClassification, PolicyAction, PolicyDecisionOutcome, PolicyResource, PolicySubject, PromptSegment } from "./policy-types.js";
|
|
3
|
+
export declare function chatOutcomeForPolicy(outcome: PolicyDecisionOutcome): ChatGuardrailOutcome;
|
|
4
|
+
export declare function policySubjectFor(request: ChatGuardrailRequest): PolicySubject;
|
|
5
|
+
export declare function policyResourceFor(resource: ChatGuardrailRequest["resource"]): PolicyResource;
|
|
6
|
+
export declare function policyActionFor(action: ChatGuardrailAction, resource: ChatGuardrailRequest["resource"]): PolicyAction;
|
|
7
|
+
export declare function highestClassification(segments: PromptSegment[]): DataClassification;
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
export function chatOutcomeForPolicy(outcome) {
|
|
2
|
+
if (outcome === "allow")
|
|
3
|
+
return "allow";
|
|
4
|
+
if (outcome === "deny")
|
|
5
|
+
return "block";
|
|
6
|
+
return "defer";
|
|
7
|
+
}
|
|
8
|
+
export function policySubjectFor(request) {
|
|
9
|
+
return {
|
|
10
|
+
id: request.actor.id,
|
|
11
|
+
subjectType: request.actor.actorType,
|
|
12
|
+
tenantId: request.tenantId,
|
|
13
|
+
workspaceId: request.workspaceId,
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
export function policyResourceFor(resource) {
|
|
17
|
+
return {
|
|
18
|
+
resourceType: policyResourceTypeFor(resource.resourceType),
|
|
19
|
+
summary: resource.summary,
|
|
20
|
+
tenantId: resource.tenantId,
|
|
21
|
+
workspaceId: resource.workspaceId,
|
|
22
|
+
};
|
|
23
|
+
}
|
|
24
|
+
export function policyActionFor(action, resource) {
|
|
25
|
+
if (action === "providerMessage")
|
|
26
|
+
return "provider.message";
|
|
27
|
+
if (action === "evidenceWrite")
|
|
28
|
+
return "evidence.write";
|
|
29
|
+
if (action === "toolRequest") {
|
|
30
|
+
if (resource.resourceType === "url")
|
|
31
|
+
return "url.fetch";
|
|
32
|
+
if (resource.resourceType === "file")
|
|
33
|
+
return "file.write";
|
|
34
|
+
return "command.execute";
|
|
35
|
+
}
|
|
36
|
+
return "content.ingest";
|
|
37
|
+
}
|
|
38
|
+
export function highestClassification(segments) {
|
|
39
|
+
if (segments.some((segment) => segment.classification.classification === "restricted")) {
|
|
40
|
+
return "restricted";
|
|
41
|
+
}
|
|
42
|
+
if (segments.some((segment) => segment.classification.classification === "unknown")) {
|
|
43
|
+
return "unknown";
|
|
44
|
+
}
|
|
45
|
+
if (segments.some((segment) => segment.classification.classification === "internal")) {
|
|
46
|
+
return "internal";
|
|
47
|
+
}
|
|
48
|
+
return "public";
|
|
49
|
+
}
|
|
50
|
+
function policyResourceTypeFor(resourceType) {
|
|
51
|
+
if (resourceType === "command")
|
|
52
|
+
return "command";
|
|
53
|
+
if (resourceType === "evidence")
|
|
54
|
+
return "evidence";
|
|
55
|
+
if (resourceType === "file")
|
|
56
|
+
return "file";
|
|
57
|
+
if (resourceType === "url")
|
|
58
|
+
return "url";
|
|
59
|
+
return "prompt";
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=chat-guardrail-policy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chat-guardrail-policy.js","sourceRoot":"","sources":["../../src/security/chat-guardrail-policy.ts"],"names":[],"mappings":"AAeA,MAAM,UAAU,oBAAoB,CAClC,OAA8B;IAE9B,IAAI,OAAO,KAAK,OAAO;QAAE,OAAO,OAAO,CAAC;IACxC,IAAI,OAAO,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACvC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAA6B;IAC5D,OAAO;QACL,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE;QACpB,WAAW,EAAE,OAAO,CAAC,KAAK,CAAC,SAAS;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAA0C;IAE1C,OAAO;QACL,YAAY,EAAE,qBAAqB,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC1D,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,WAAW,EAAE,QAAQ,CAAC,WAAW;KAClC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAC7B,MAA2B,EAC3B,QAA0C;IAE1C,IAAI,MAAM,KAAK,iBAAiB;QAAE,OAAO,kBAAkB,CAAC;IAC5D,IAAI,MAAM,KAAK,eAAe;QAAE,OAAO,gBAAgB,CAAC;IACxD,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;QAC7B,IAAI,QAAQ,CAAC,YAAY,KAAK,KAAK;YAAE,OAAO,WAAW,CAAC;QACxD,IAAI,QAAQ,CAAC,YAAY,KAAK,MAAM;YAAE,OAAO,YAAY,CAAC;QAC1D,OAAO,iBAAiB,CAAC;IAC3B,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,QAAyB;IAEzB,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,YAAY,CACpE,EACD,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,SAAS,CACjE,EACD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,UAAU,CAClE,EACD,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,qBAAqB,CAC5B,YAAuC;IAEvC,IAAI,YAAY,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IACjD,IAAI,YAAY,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IACnD,IAAI,YAAY,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IAC3C,IAAI,YAAY,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IACzC,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import type { PolicyDecisionOutcome, PolicySink, PromptSegment, RedactedSegment, RedactionReport, RedactionStatus } from "./policy-types.js";
|
|
2
|
+
import type { PromptSegmentInput } from "./prompt-intake.js";
|
|
3
|
+
export declare const chatGuardrailOutcomes: readonly ["allow", "block", "defer"];
|
|
4
|
+
export type ChatGuardrailOutcome = (typeof chatGuardrailOutcomes)[number];
|
|
5
|
+
export type ChatGuardrailAction = "providerMessage" | "toolRequest" | "subagentRequest" | "messagePersist" | "evidenceWrite" | "outputRender";
|
|
6
|
+
export type ChatGuardrailActorType = "human" | "runtime" | "system" | "tool";
|
|
7
|
+
export type ChatGuardrailResourceType = "artifact" | "command" | "evidence" | "file" | "message" | "prompt" | "subagent" | "thread" | "url";
|
|
8
|
+
export interface ChatGuardrailActor {
|
|
9
|
+
id: string;
|
|
10
|
+
actorType: ChatGuardrailActorType;
|
|
11
|
+
tenantId: string;
|
|
12
|
+
workspaceId: string;
|
|
13
|
+
}
|
|
14
|
+
export interface ChatGuardrailResource {
|
|
15
|
+
resourceType: ChatGuardrailResourceType;
|
|
16
|
+
summary: string;
|
|
17
|
+
tenantId: string;
|
|
18
|
+
workspaceId: string;
|
|
19
|
+
}
|
|
20
|
+
export interface ChatGuardrailSink {
|
|
21
|
+
kind: PolicySink;
|
|
22
|
+
}
|
|
23
|
+
export interface ChatGuardrailRequest {
|
|
24
|
+
requestId: string;
|
|
25
|
+
tenantId: string;
|
|
26
|
+
workspaceId: string;
|
|
27
|
+
taskId?: string;
|
|
28
|
+
runId?: string;
|
|
29
|
+
threadId?: string;
|
|
30
|
+
messageId?: string;
|
|
31
|
+
actor: ChatGuardrailActor;
|
|
32
|
+
action: ChatGuardrailAction;
|
|
33
|
+
sink: ChatGuardrailSink;
|
|
34
|
+
resource: ChatGuardrailResource;
|
|
35
|
+
segments: PromptSegmentInput[];
|
|
36
|
+
redactionReportOverride?: RedactionReport;
|
|
37
|
+
}
|
|
38
|
+
export interface ChatGuardrailScope {
|
|
39
|
+
tenantId: string;
|
|
40
|
+
workspaceId: string;
|
|
41
|
+
resourceTenantId: string;
|
|
42
|
+
resourceWorkspaceId: string;
|
|
43
|
+
}
|
|
44
|
+
export interface ChatHumanReviewMetadata {
|
|
45
|
+
required: true;
|
|
46
|
+
reason: string;
|
|
47
|
+
decisionId: string;
|
|
48
|
+
matchedRuleIds: string[];
|
|
49
|
+
redactionStatus: RedactionStatus;
|
|
50
|
+
scope: ChatGuardrailScope;
|
|
51
|
+
}
|
|
52
|
+
export interface ChatGuardrailDecision {
|
|
53
|
+
requestId: string;
|
|
54
|
+
outcome: ChatGuardrailOutcome;
|
|
55
|
+
policyOutcome: PolicyDecisionOutcome;
|
|
56
|
+
matchedRuleIds: string[];
|
|
57
|
+
redactionStatus: RedactionStatus;
|
|
58
|
+
redactedSegments: RedactedSegment[];
|
|
59
|
+
sanitizedReasons: string[];
|
|
60
|
+
evidenceSummary: string;
|
|
61
|
+
humanReview?: ChatHumanReviewMetadata;
|
|
62
|
+
scope: ChatGuardrailScope;
|
|
63
|
+
canProceed: boolean;
|
|
64
|
+
policySegments: PromptSegment[];
|
|
65
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chat-guardrail-types.js","sourceRoot":"","sources":["../../src/security/chat-guardrail-types.ts"],"names":[],"mappings":"AAUA,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAU,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { ChatGuardrailRequest, ChatGuardrailScope } from "./chat-guardrail-types.js";
|
|
2
|
+
export interface ChatGuardrailRule {
|
|
3
|
+
ruleId: string;
|
|
4
|
+
reason: string;
|
|
5
|
+
}
|
|
6
|
+
export declare function validateChatRequestShape(request: Partial<ChatGuardrailRequest>): ChatGuardrailRule[];
|
|
7
|
+
export declare function validateScope(request: ChatGuardrailRequest): ChatGuardrailRule[];
|
|
8
|
+
export declare function scopeFor(request: ChatGuardrailRequest): ChatGuardrailScope;
|
|
9
|
+
export declare function emptyScope(): ChatGuardrailScope;
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
export function validateChatRequestShape(request) {
|
|
2
|
+
return [
|
|
3
|
+
requiredRule("chat.input.request-id", "request id", request.requestId),
|
|
4
|
+
requiredRule("chat.input.tenant-id", "tenant id", request.tenantId),
|
|
5
|
+
requiredRule("chat.input.workspace-id", "workspace id", request.workspaceId),
|
|
6
|
+
requiredRule("chat.input.actor", "actor", request.actor),
|
|
7
|
+
requiredRule("chat.input.action", "action", request.action),
|
|
8
|
+
requiredRule("chat.input.sink", "sink", request.sink),
|
|
9
|
+
requiredRule("chat.input.sink-kind", "sink kind", request.sink?.kind),
|
|
10
|
+
requiredRule("chat.input.resource", "resource", request.resource),
|
|
11
|
+
requiredRule("chat.input.segments", "segments", request.segments),
|
|
12
|
+
].filter((rule) => rule !== null);
|
|
13
|
+
}
|
|
14
|
+
export function validateScope(request) {
|
|
15
|
+
const rules = [
|
|
16
|
+
requiredRule("chat.scope.actor-tenant", "actor tenant id", request.actor.tenantId),
|
|
17
|
+
requiredRule("chat.scope.actor-workspace", "actor workspace id", request.actor.workspaceId),
|
|
18
|
+
requiredRule("chat.scope.resource-tenant", "resource tenant id", request.resource.tenantId),
|
|
19
|
+
requiredRule("chat.scope.resource-workspace", "resource workspace id", request.resource.workspaceId),
|
|
20
|
+
].filter((rule) => rule !== null);
|
|
21
|
+
if (rules.length > 0)
|
|
22
|
+
return rules;
|
|
23
|
+
if (request.tenantId !== request.actor.tenantId ||
|
|
24
|
+
request.tenantId !== request.resource.tenantId) {
|
|
25
|
+
return [
|
|
26
|
+
{
|
|
27
|
+
ruleId: "chat.scope.tenant-mismatch",
|
|
28
|
+
reason: "request scope is not authorized for this tenant",
|
|
29
|
+
},
|
|
30
|
+
];
|
|
31
|
+
}
|
|
32
|
+
if (request.workspaceId !== request.actor.workspaceId ||
|
|
33
|
+
request.workspaceId !== request.resource.workspaceId) {
|
|
34
|
+
return [
|
|
35
|
+
{
|
|
36
|
+
ruleId: "chat.scope.workspace-mismatch",
|
|
37
|
+
reason: "request scope is not authorized for this workspace",
|
|
38
|
+
},
|
|
39
|
+
];
|
|
40
|
+
}
|
|
41
|
+
return [];
|
|
42
|
+
}
|
|
43
|
+
export function scopeFor(request) {
|
|
44
|
+
return {
|
|
45
|
+
tenantId: request.tenantId,
|
|
46
|
+
workspaceId: request.workspaceId,
|
|
47
|
+
resourceTenantId: request.resource.tenantId,
|
|
48
|
+
resourceWorkspaceId: request.resource.workspaceId,
|
|
49
|
+
};
|
|
50
|
+
}
|
|
51
|
+
export function emptyScope() {
|
|
52
|
+
return {
|
|
53
|
+
tenantId: "unknown",
|
|
54
|
+
workspaceId: "unknown",
|
|
55
|
+
resourceTenantId: "unknown",
|
|
56
|
+
resourceWorkspaceId: "unknown",
|
|
57
|
+
};
|
|
58
|
+
}
|
|
59
|
+
function requiredRule(ruleId, label, value) {
|
|
60
|
+
if (value)
|
|
61
|
+
return null;
|
|
62
|
+
return { ruleId, reason: `missing ${label}` };
|
|
63
|
+
}
|
|
64
|
+
//# sourceMappingURL=chat-guardrail-validation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chat-guardrail-validation.js","sourceRoot":"","sources":["../../src/security/chat-guardrail-validation.ts"],"names":[],"mappings":"AAUA,MAAM,UAAU,wBAAwB,CACtC,OAAsC;IAEtC,OAAO;QACL,YAAY,CAAC,uBAAuB,EAAE,YAAY,EAAE,OAAO,CAAC,SAAS,CAAC;QACtE,YAAY,CAAC,sBAAsB,EAAE,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC;QACnE,YAAY,CACV,yBAAyB,EACzB,cAAc,EACd,OAAO,CAAC,WAAW,CACpB;QACD,YAAY,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC;QACxD,YAAY,CAAC,mBAAmB,EAAE,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC;QAC3D,YAAY,CAAC,iBAAiB,EAAE,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC;QACrD,YAAY,CAAC,sBAAsB,EAAE,WAAW,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC;QACrE,YAAY,CAAC,qBAAqB,EAAE,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC;QACjE,YAAY,CAAC,qBAAqB,EAAE,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC;KAClE,CAAC,MAAM,CAAC,CAAC,IAAI,EAA6B,EAAE,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAA6B;IAE7B,MAAM,KAAK,GAAG;QACZ,YAAY,CACV,yBAAyB,EACzB,iBAAiB,EACjB,OAAO,CAAC,KAAK,CAAC,QAAQ,CACvB;QACD,YAAY,CACV,4BAA4B,EAC5B,oBAAoB,EACpB,OAAO,CAAC,KAAK,CAAC,WAAW,CAC1B;QACD,YAAY,CACV,4BAA4B,EAC5B,oBAAoB,EACpB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAC1B;QACD,YAAY,CACV,+BAA+B,EAC/B,uBAAuB,EACvB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAC7B;KACF,CAAC,MAAM,CAAC,CAAC,IAAI,EAA6B,EAAE,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAC7D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACnC,IACE,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,KAAK,CAAC,QAAQ;QAC3C,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAC9C,CAAC;QACD,OAAO;YACL;gBACE,MAAM,EAAE,4BAA4B;gBACpC,MAAM,EAAE,iDAAiD;aAC1D;SACF,CAAC;IACJ,CAAC;IACD,IACE,OAAO,CAAC,WAAW,KAAK,OAAO,CAAC,KAAK,CAAC,WAAW;QACjD,OAAO,CAAC,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,WAAW,EACpD,CAAC;QACD,OAAO;YACL;gBACE,MAAM,EAAE,+BAA+B;gBACvC,MAAM,EAAE,oDAAoD;aAC7D;SACF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,OAA6B;IACpD,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,gBAAgB,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ;QAC3C,mBAAmB,EAAE,OAAO,CAAC,QAAQ,CAAC,WAAW;KAClD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO;QACL,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,SAAS;QACtB,gBAAgB,EAAE,SAAS;QAC3B,mBAAmB,EAAE,SAAS;KAC/B,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CACnB,MAAc,EACd,KAAa,EACb,KAAc;IAEd,IAAI,KAAK;QAAE,OAAO,IAAI,CAAC;IACvB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
import { evaluateSecurityPolicy } from "./policy-engine.js";
|
|
2
|
+
import { intakePromptPacket } from "./prompt-intake.js";
|
|
3
|
+
import { redactPromptSegments } from "./redaction.js";
|
|
4
|
+
import { chatOutcomeForPolicy, highestClassification, policyActionFor, policyResourceFor, policySubjectFor, } from "./chat-guardrail-policy.js";
|
|
5
|
+
import { emptyScope, scopeFor, validateChatRequestShape, validateScope, } from "./chat-guardrail-validation.js";
|
|
6
|
+
export { chatOutcomeForPolicy } from "./chat-guardrail-policy.js";
|
|
7
|
+
const unsafeToolFindingKinds = [
|
|
8
|
+
"pathTraversal",
|
|
9
|
+
"shellLike",
|
|
10
|
+
"unsafeUrl",
|
|
11
|
+
];
|
|
12
|
+
export function evaluateChatGuardrail(request) {
|
|
13
|
+
const shapeRules = validateChatRequestShape(request);
|
|
14
|
+
if (shapeRules.length > 0) {
|
|
15
|
+
return chatDecisionFromRules(request.requestId, shapeRules);
|
|
16
|
+
}
|
|
17
|
+
const scopedRequest = request;
|
|
18
|
+
const scopeRules = validateScope(scopedRequest);
|
|
19
|
+
const scope = scopeFor(scopedRequest);
|
|
20
|
+
if (scopeRules.length > 0) {
|
|
21
|
+
return chatDecisionFromRules(scopedRequest.requestId, scopeRules, scope);
|
|
22
|
+
}
|
|
23
|
+
try {
|
|
24
|
+
const rawSegments = intakePromptPacket({
|
|
25
|
+
segments: scopedRequest.segments,
|
|
26
|
+
});
|
|
27
|
+
const redactionReport = scopedRequest.redactionReportOverride ??
|
|
28
|
+
redactPromptSegments(rawSegments);
|
|
29
|
+
const policySegments = policySegmentsFor(scopedRequest, rawSegments, redactionReport);
|
|
30
|
+
const unsafeToolRules = unsafeToolRequestRules(scopedRequest.action, rawSegments);
|
|
31
|
+
if (unsafeToolRules.length > 0) {
|
|
32
|
+
return chatDecisionFromRules(scopedRequest.requestId, unsafeToolRules, scope, redactionReport, policySegments);
|
|
33
|
+
}
|
|
34
|
+
const policyDecision = evaluateSecurityPolicy({
|
|
35
|
+
requestId: scopedRequest.requestId,
|
|
36
|
+
subject: policySubjectFor(scopedRequest),
|
|
37
|
+
action: policyActionFor(scopedRequest.action, scopedRequest.resource),
|
|
38
|
+
resource: policyResourceFor(scopedRequest.resource),
|
|
39
|
+
sink: scopedRequest.sink.kind,
|
|
40
|
+
dataClassification: highestClassification(policySegments),
|
|
41
|
+
segments: policySegments,
|
|
42
|
+
redactionReport,
|
|
43
|
+
});
|
|
44
|
+
return chatDecisionFromPolicy(scopedRequest, scope, policyDecision, redactionReport, policySegments);
|
|
45
|
+
}
|
|
46
|
+
catch {
|
|
47
|
+
return chatDecisionFromRules(scopedRequest.requestId, [
|
|
48
|
+
{
|
|
49
|
+
ruleId: "chat.guardrail.exception",
|
|
50
|
+
reason: "chat guardrail failed closed",
|
|
51
|
+
},
|
|
52
|
+
], scope);
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
function unsafeToolRequestRules(action, segments) {
|
|
56
|
+
if (action !== "toolRequest")
|
|
57
|
+
return [];
|
|
58
|
+
return segments.flatMap((segment) => segment.classification.findings
|
|
59
|
+
.filter((finding) => isUnsafeToolFinding(finding.kind))
|
|
60
|
+
.map((finding) => ({
|
|
61
|
+
ruleId: `chat.tool.block.${finding.kind}`,
|
|
62
|
+
reason: `segment ${segment.id} matched unsafe tool request content`,
|
|
63
|
+
})));
|
|
64
|
+
}
|
|
65
|
+
function isUnsafeToolFinding(kind) {
|
|
66
|
+
return unsafeToolFindingKinds.some((unsafeKind) => unsafeKind === kind);
|
|
67
|
+
}
|
|
68
|
+
function policySegmentsFor(request, rawSegments, redactionReport) {
|
|
69
|
+
return redactionReport.redactedSegments.map((redactedSegment, index) => {
|
|
70
|
+
const rawSegment = rawSegments[index];
|
|
71
|
+
return intakePromptPacket({
|
|
72
|
+
segments: [
|
|
73
|
+
{
|
|
74
|
+
id: redactedSegment.id,
|
|
75
|
+
kind: rawSegment?.kind ?? "unknown",
|
|
76
|
+
provenance: rawSegment?.provenance ?? "unknown",
|
|
77
|
+
sink: request.sink.kind,
|
|
78
|
+
text: redactedSegment.text,
|
|
79
|
+
},
|
|
80
|
+
],
|
|
81
|
+
})[0];
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
function chatDecisionFromPolicy(request, scope, policyDecision, redactionReport, policySegments) {
|
|
85
|
+
const outcome = chatOutcomeForPolicy(policyDecision.outcome);
|
|
86
|
+
const decision = {
|
|
87
|
+
requestId: request.requestId,
|
|
88
|
+
outcome,
|
|
89
|
+
policyOutcome: policyDecision.outcome,
|
|
90
|
+
matchedRuleIds: policyDecision.matchedRuleIds,
|
|
91
|
+
redactionStatus: policyDecision.redactionStatus,
|
|
92
|
+
redactedSegments: redactionReport.redactedSegments,
|
|
93
|
+
sanitizedReasons: [
|
|
94
|
+
...policyDecision.sanitizedReasons,
|
|
95
|
+
...redactionReport.sanitizedReasons,
|
|
96
|
+
],
|
|
97
|
+
evidenceSummary: `${outcome}: chat guardrail mapped ${policyDecision.outcome}`,
|
|
98
|
+
scope,
|
|
99
|
+
canProceed: outcome === "allow",
|
|
100
|
+
policySegments,
|
|
101
|
+
};
|
|
102
|
+
if (outcome === "defer") {
|
|
103
|
+
decision.humanReview = {
|
|
104
|
+
required: true,
|
|
105
|
+
reason: policyDecision.sanitizedReasons[0] ?? "human review required",
|
|
106
|
+
decisionId: request.requestId,
|
|
107
|
+
matchedRuleIds: policyDecision.matchedRuleIds,
|
|
108
|
+
redactionStatus: policyDecision.redactionStatus,
|
|
109
|
+
scope,
|
|
110
|
+
};
|
|
111
|
+
}
|
|
112
|
+
return decision;
|
|
113
|
+
}
|
|
114
|
+
function chatDecisionFromRules(requestId, rules, scope = emptyScope(), redactionReport = emptyRedactionReport(), policySegments = []) {
|
|
115
|
+
return {
|
|
116
|
+
requestId: requestId ?? "unknown",
|
|
117
|
+
outcome: "block",
|
|
118
|
+
policyOutcome: "deny",
|
|
119
|
+
matchedRuleIds: rules.map((rule) => rule.ruleId),
|
|
120
|
+
redactionStatus: redactionReport.status,
|
|
121
|
+
redactedSegments: redactionReport.redactedSegments,
|
|
122
|
+
sanitizedReasons: rules.map((rule) => rule.reason),
|
|
123
|
+
evidenceSummary: "block: chat guardrail failed closed",
|
|
124
|
+
scope,
|
|
125
|
+
canProceed: false,
|
|
126
|
+
policySegments,
|
|
127
|
+
};
|
|
128
|
+
}
|
|
129
|
+
function emptyRedactionReport() {
|
|
130
|
+
return {
|
|
131
|
+
status: "unsafeUnredacted",
|
|
132
|
+
redactedSegments: [],
|
|
133
|
+
sanitizedReasons: ["redaction unavailable"],
|
|
134
|
+
};
|
|
135
|
+
}
|
|
136
|
+
//# sourceMappingURL=chat-guardrails.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chat-guardrails.js","sourceRoot":"","sources":["../../src/security/chat-guardrails.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,UAAU,EACV,QAAQ,EACR,wBAAwB,EACxB,aAAa,GAEd,MAAM,gCAAgC,CAAC;AAexC,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAElE,MAAM,sBAAsB,GAAG;IAC7B,eAAe;IACf,WAAW;IACX,WAAW;CAC4B,CAAC;AAE1C,MAAM,UAAU,qBAAqB,CACnC,OAAsC;IAEtC,MAAM,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;IACrD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,qBAAqB,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,aAAa,GAAG,OAA+B,CAAC;IACtD,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,QAAQ,CAAC,aAAa,CAAC,CAAC;IACtC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,qBAAqB,CAAC,aAAa,CAAC,SAAS,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,kBAAkB,CAAC;YACrC,QAAQ,EAAE,aAAa,CAAC,QAAQ;SACjC,CAAC,CAAC;QACH,MAAM,eAAe,GACnB,aAAa,CAAC,uBAAuB;YACrC,oBAAoB,CAAC,WAAW,CAAC,CAAC;QACpC,MAAM,cAAc,GAAG,iBAAiB,CACtC,aAAa,EACb,WAAW,EACX,eAAe,CAChB,CAAC;QACF,MAAM,eAAe,GAAG,sBAAsB,CAC5C,aAAa,CAAC,MAAM,EACpB,WAAW,CACZ,CAAC;QACF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,OAAO,qBAAqB,CAC1B,aAAa,CAAC,SAAS,EACvB,eAAe,EACf,KAAK,EACL,eAAe,EACf,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,sBAAsB,CAAC;YAC5C,SAAS,EAAE,aAAa,CAAC,SAAS;YAClC,OAAO,EAAE,gBAAgB,CAAC,aAAa,CAAC;YACxC,MAAM,EAAE,eAAe,CAAC,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC;YACrE,QAAQ,EAAE,iBAAiB,CAAC,aAAa,CAAC,QAAQ,CAAC;YACnD,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI;YAC7B,kBAAkB,EAAE,qBAAqB,CAAC,cAAc,CAAC;YACzD,QAAQ,EAAE,cAAc;YACxB,eAAe;SAChB,CAAC,CAAC;QAEH,OAAO,sBAAsB,CAC3B,aAAa,EACb,KAAK,EACL,cAAc,EACd,eAAe,EACf,cAAc,CACf,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,qBAAqB,CAC1B,aAAa,CAAC,SAAS,EACvB;YACE;gBACE,MAAM,EAAE,0BAA0B;gBAClC,MAAM,EAAE,8BAA8B;aACvC;SACF,EACD,KAAK,CACN,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAC7B,MAA2B,EAC3B,QAAyB;IAEzB,IAAI,MAAM,KAAK,aAAa;QAAE,OAAO,EAAE,CAAC;IACxC,OAAO,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAClC,OAAO,CAAC,cAAc,CAAC,QAAQ;SAC5B,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;SACtD,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACjB,MAAM,EAAE,mBAAmB,OAAO,CAAC,IAAI,EAAE;QACzC,MAAM,EAAE,WAAW,OAAO,CAAC,EAAE,sCAAsC;KACpE,CAAC,CAAC,CACN,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAwB;IACnD,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,KAAK,IAAI,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,iBAAiB,CACxB,OAA6B,EAC7B,WAA4B,EAC5B,eAAgC;IAEhC,OAAO,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,eAAe,EAAE,KAAK,EAAE,EAAE;QACrE,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,kBAAkB,CAAC;YACxB,QAAQ,EAAE;gBACR;oBACE,EAAE,EAAE,eAAe,CAAC,EAAE;oBACtB,IAAI,EAAE,UAAU,EAAE,IAAI,IAAI,SAAS;oBACnC,UAAU,EAAE,UAAU,EAAE,UAAU,IAAI,SAAS;oBAC/C,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,IAAI;oBACvB,IAAI,EAAE,eAAe,CAAC,IAAI;iBAC3B;aACF;SACF,CAAC,CAAC,CAAC,CAAkB,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,sBAAsB,CAC7B,OAA6B,EAC7B,KAAyB,EACzB,cAA8B,EAC9B,eAAgC,EAChC,cAA+B;IAE/B,MAAM,OAAO,GAAG,oBAAoB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IAC7D,MAAM,QAAQ,GAA0B;QACtC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,OAAO;QACP,aAAa,EAAE,cAAc,CAAC,OAAO;QACrC,cAAc,EAAE,cAAc,CAAC,cAAc;QAC7C,eAAe,EAAE,cAAc,CAAC,eAAe;QAC/C,gBAAgB,EAAE,eAAe,CAAC,gBAAgB;QAClD,gBAAgB,EAAE;YAChB,GAAG,cAAc,CAAC,gBAAgB;YAClC,GAAG,eAAe,CAAC,gBAAgB;SACpC;QACD,eAAe,EAAE,GAAG,OAAO,2BAA2B,cAAc,CAAC,OAAO,EAAE;QAC9E,KAAK;QACL,UAAU,EAAE,OAAO,KAAK,OAAO;QAC/B,cAAc;KACf,CAAC;IACF,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;QACxB,QAAQ,CAAC,WAAW,GAAG;YACrB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,cAAc,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,uBAAuB;YACrE,UAAU,EAAE,OAAO,CAAC,SAAS;YAC7B,cAAc,EAAE,cAAc,CAAC,cAAc;YAC7C,eAAe,EAAE,cAAc,CAAC,eAAe;YAC/C,KAAK;SACN,CAAC;IACJ,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,qBAAqB,CAC5B,SAA6B,EAC7B,KAA0B,EAC1B,KAAK,GAAG,UAAU,EAAE,EACpB,eAAe,GAAG,oBAAoB,EAAE,EACxC,iBAAkC,EAAE;IAEpC,OAAO;QACL,SAAS,EAAE,SAAS,IAAI,SAAS;QACjC,OAAO,EAAE,OAAO;QAChB,aAAa,EAAE,MAAM;QACrB,cAAc,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;QAChD,eAAe,EAAE,eAAe,CAAC,MAAM;QACvC,gBAAgB,EAAE,eAAe,CAAC,gBAAgB;QAClD,gBAAgB,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;QAClD,eAAe,EAAE,qCAAqC;QACtD,KAAK;QACL,UAAU,EAAE,KAAK;QACjB,cAAc;KACf,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB;IAC3B,OAAO;QACL,MAAM,EAAE,kBAA4C;QACpD,gBAAgB,EAAE,EAAE;QACpB,gBAAgB,EAAE,CAAC,uBAAuB,CAAC;KAC5C,CAAC;AACJ,CAAC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { hasPaymentCardLikeValue } from "./payment-card-detection.js";
|
|
1
2
|
const promptInjectionPhrases = [
|
|
2
3
|
"ignore previous instructions",
|
|
3
4
|
"ignore all previous instructions",
|
|
@@ -37,6 +38,36 @@ const privateHostPatterns = [
|
|
|
37
38
|
"172.31.",
|
|
38
39
|
"[::1]",
|
|
39
40
|
];
|
|
41
|
+
const piiRules = [
|
|
42
|
+
{
|
|
43
|
+
kind: "piiEmail",
|
|
44
|
+
ruleId: "content.pii.email",
|
|
45
|
+
severity: "high",
|
|
46
|
+
summary: "content contains an email address",
|
|
47
|
+
matches: (value) => /\b[a-z0-9._%+-]+@[a-z0-9.-]+[.][a-z]{2,}\b/i.test(value),
|
|
48
|
+
},
|
|
49
|
+
{
|
|
50
|
+
kind: "piiPhone",
|
|
51
|
+
ruleId: "content.pii.phone",
|
|
52
|
+
severity: "high",
|
|
53
|
+
summary: "content contains a phone-number-like value",
|
|
54
|
+
matches: (value) => /(?:\+?1[\s.-]?)?(?:[(]\d{3}[)]|\b\d{3})[\s.-]?\d{3}[\s.-]?\d{4}\b/.test(value),
|
|
55
|
+
},
|
|
56
|
+
{
|
|
57
|
+
kind: "piiSsn",
|
|
58
|
+
ruleId: "content.pii.ssn",
|
|
59
|
+
severity: "critical",
|
|
60
|
+
summary: "content contains an SSN-like identifier",
|
|
61
|
+
matches: (value) => /\b\d{3}-\d{2}-\d{4}\b/.test(value),
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
kind: "piiPaymentCard",
|
|
65
|
+
ruleId: "content.pii.payment-card",
|
|
66
|
+
severity: "critical",
|
|
67
|
+
summary: "content contains a payment-card-like value",
|
|
68
|
+
matches: hasPaymentCardLikeValue,
|
|
69
|
+
},
|
|
70
|
+
];
|
|
40
71
|
const contentRules = [
|
|
41
72
|
{
|
|
42
73
|
kind: "promptInjection",
|
|
@@ -98,6 +129,7 @@ const contentRules = [
|
|
|
98
129
|
matches: (value) => /\bbearer\s+[a-z0-9._-]{12,}/i.test(value) ||
|
|
99
130
|
/\b(api[_-]?key|password|secret|token)\s*[:=]\s*[^\s"']{12,}/i.test(value),
|
|
100
131
|
},
|
|
132
|
+
...piiRules,
|
|
101
133
|
];
|
|
102
134
|
export function classifyContent(text) {
|
|
103
135
|
const findings = contentRules
|
|
@@ -117,7 +149,7 @@ function toFinding(rule) {
|
|
|
117
149
|
};
|
|
118
150
|
}
|
|
119
151
|
function classificationForFindings(findings) {
|
|
120
|
-
if (findings.some((finding) => finding.kind === "secretShaped")) {
|
|
152
|
+
if (findings.some((finding) => finding.kind === "secretShaped" || finding.kind.startsWith("pii"))) {
|
|
121
153
|
return "restricted";
|
|
122
154
|
}
|
|
123
155
|
if (findings.length > 0) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"content-classifier.js","sourceRoot":"","sources":["../../src/security/content-classifier.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"content-classifier.js","sourceRoot":"","sources":["../../src/security/content-classifier.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AAUtE,MAAM,sBAAsB,GAAG;IAC7B,8BAA8B;IAC9B,kCAAkC;IAClC,0BAA0B;IAC1B,6BAA6B;IAC7B,eAAe;IACf,gBAAgB;IAChB,mBAAmB;CACX,CAAC;AAEX,MAAM,qBAAqB,GAAG;IAC5B,KAAK;IACL,MAAM;IACN,OAAO;IACP,oBAAoB;CACZ,CAAC;AAEX,MAAM,mBAAmB,GAAG;IAC1B,WAAW;IACX,MAAM;IACN,KAAK;IACL,UAAU;IACV,UAAU;IACV,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,OAAO;CACC,CAAC;AAEX,MAAM,QAAQ,GAAG;IACf;QACE,IAAI,EAAE,UAAU;QAChB,MAAM,EAAE,mBAAmB;QAC3B,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,mCAAmC;QAC5C,OAAO,EAAE,CAAC,KAAa,EAAE,EAAE,CACzB,6CAA6C,CAAC,IAAI,CAAC,KAAK,CAAC;KAC5D;IACD;QACE,IAAI,EAAE,UAAU;QAChB,MAAM,EAAE,mBAAmB;QAC3B,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,4CAA4C;QACrD,OAAO,EAAE,CAAC,KAAa,EAAE,EAAE,CACzB,mEAAmE,CAAC,IAAI,CACtE,KAAK,CACN;KACJ;IACD;QACE,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,iBAAiB;QACzB,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,yCAAyC;QAClD,OAAO,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC;KAChE;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,4CAA4C;QACrD,OAAO,EAAE,uBAAuB;KACjC;CACsB,CAAC;AAE1B,MAAM,YAAY,GAAkB;IAClC;QACE,IAAI,EAAE,iBAAiB;QACvB,MAAM,EAAE,oCAAoC;QAC5C,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,gEAAgE;QACzE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,sBAAsB,CAAC;KAC/D;IACD;QACE,IAAI,EAAE,yBAAyB;QAC/B,MAAM,EAAE,4CAA4C;QACpD,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,gEAAgE;QACzE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,WAAW,CAAC,KAAK,EAAE,qBAAqB,CAAC;YACzC,WAAW,CAAC,KAAK,EAAE,sBAAsB,CAAC;KAC7C;IACD;QACE,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,wBAAwB;QAChC,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,8CAA8C;QACvD,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,6FAA6F,CAAC,IAAI,CAChG,KAAK,CACN,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC;KACzC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,2DAA2D;QACpE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,sCAAsC,CAAC,IAAI,CAAC,KAAK,CAAC;YAClD,mDAAmD,CAAC,IAAI,CAAC,KAAK,CAAC;KAClE;IACD;QACE,IAAI,EAAE,WAAW;QACjB,MAAM,EAAE,+BAA+B;QACvC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,4DAA4D;QACrE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,iEAAiE,CAAC,IAAI,CACpE,KAAK,CACN,IAAI,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC;KAC7C;IACD;QACE,IAAI,EAAE,WAAW;QACjB,MAAM,EAAE,+BAA+B;QACvC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,oDAAoD;QAC7D,OAAO,EAAE,YAAY;KACtB;IACD;QACE,IAAI,EAAE,eAAe;QACrB,MAAM,EAAE,6BAA6B;QACrC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,iEAAiE;QAC1E,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,0BAA0B,CAAC,IAAI,CAAC,KAAK,CAAC;YACtC,+DAA+D,CAAC,IAAI,CAClE,KAAK,CACN;KACJ;IACD;QACE,IAAI,EAAE,cAAc;QACpB,MAAM,EAAE,6BAA6B;QACrC,QAAQ,EAAE,UAAU;QACpB,OAAO,EACL,oEAAoE;QACtE,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CACjB,8BAA8B,CAAC,IAAI,CAAC,KAAK,CAAC;YAC1C,8DAA8D,CAAC,IAAI,CACjE,KAAK,CACN;KACJ;IACD,GAAG,QAAQ;CACZ,CAAC;AAEF,MAAM,UAAU,eAAe,CAAC,IAAY;IAC1C,MAAM,QAAQ,GAAG,YAAY;SAC1B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;SACpC,GAAG,CAAC,SAAS,CAAC,CAAC;IAClB,OAAO;QACL,cAAc,EAAE,yBAAyB,CAAC,QAAQ,CAAC;QACnD,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,IAAiB;IAClC,OAAO;QACL,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;KACtB,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAChC,QAA0B;IAE1B,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CACV,OAAO,CAAC,IAAI,KAAK,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CACpE,EACD,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,WAAW,CAAC,KAAa,EAAE,OAA0B;IAC5D,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IACvC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,uCAAuC,CAAC,IAAI,EAAE,CAAC;IACxE,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;QAC1B,IAAI,MAAW,CAAC;QAChB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC/C,OAAO,CACL,MAAM,CAAC,QAAQ,KAAK,QAAQ;YAC5B,mBAAmB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CACpE,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC"}
|