@kya-os/agentshield-nextjs 0.1.41 → 0.1.43

package/dist/create-middleware.js

@@ -1,21 +1,151 @@
 'use strict';
 
 var server = require('next/server');
+var ed25519 = require('@noble/ed25519');
+var sha2_js = require('@noble/hashes/sha2.js');
+var agentshieldShared = require('@kya-os/agentshield-shared');
 
-// src/create-middleware.ts
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
+
+var ed25519__namespace = /*#__PURE__*/_interopNamespace(ed25519);
 
-// src/signature-verifier.ts
+// src/create-middleware.ts
+ed25519__namespace.etc.sha512Sync = (...m) => sha2_js.sha512(ed25519__namespace.etc.concatBytes(...m));
 var KNOWN_KEYS = {
   chatgpt: [
     {
       kid: "otMqcjr17mGyruktGvJU8oojQTSMHlVm7uO-lrcqbdg",
       // ChatGPT's current Ed25519 public key (base64)
+      // Source: https://chatgpt.com/.well-known/http-message-signatures-directory
       publicKey: "7F_3jDlxaquwh291MiACkcS3Opq88NksyHiakzS-Y1g",
-      validFrom: (/* @__PURE__ */ new Date("2025-01-01")).getTime() / 1e3,
-      validUntil: (/* @__PURE__ */ new Date("2025-04-11")).getTime() / 1e3
+      validFrom: 1735689600,
+      // Jan 1, 2025 (from OpenAI's nbf)
+      // Extended expiration as fallback safety - API fetch should provide fresh keys
+      // Check OpenAI's well-known endpoint for actual expiration dates
+      validUntil: 1799625600
+      // Jan 1, 2027 (extended for fallback safety)
     }
   ]
 };
+var keyCache = /* @__PURE__ */ new Map();
+var CACHE_TTL_MS = 5 * 60 * 1e3;
+var CACHE_MAX_SIZE = 100;
+function getApiBaseUrl() {
+  if (typeof window !== "undefined") {
+    return "/api/internal";
+  }
+  const baseUrl2 = process.env.NEXT_PUBLIC_APP_URL || process.env.NEXT_PUBLIC_API_URL || process.env.API_URL || (process.env.VERCEL_URL ? `https://${process.env.VERCEL_URL}` : null);
+  if (baseUrl2) {
+    return baseUrl2.replace(/\/$/, "") + "/api/internal";
+  }
+  if (process.env.NODE_ENV !== "production") {
+    console.warn(
+      "[Signature] No base URL configured for server-side fetch. Using localhost fallback."
+    );
+    return "http://localhost:3000/api/internal";
+  }
+  console.error(
+    "[Signature] CRITICAL: No base URL configured for server-side fetch in production!"
+  );
+  return "/api/internal";
+}
+function cleanupExpiredCache() {
+  const now = Date.now();
+  const entriesToDelete = [];
+  for (const [agent, cached] of keyCache.entries()) {
+    if (now - cached.cachedAt > CACHE_TTL_MS) {
+      entriesToDelete.push(agent);
+    }
+  }
+  for (const agent of entriesToDelete) {
+    keyCache.delete(agent);
+  }
+  if (keyCache.size > CACHE_MAX_SIZE) {
+    const entries = Array.from(keyCache.entries()).map(([agent, cached]) => ({
+      agent,
+      cachedAt: cached.cachedAt
+    }));
+    entries.sort((a, b) => a.cachedAt - b.cachedAt);
+    const toRemove = entries.slice(0, keyCache.size - CACHE_MAX_SIZE);
+    for (const entry of toRemove) {
+      keyCache.delete(entry.agent);
+    }
+  }
+}
+async function fetchKeysFromApi(agent) {
+  if (keyCache.size > CACHE_MAX_SIZE) {
+    cleanupExpiredCache();
+  }
+  const cached = keyCache.get(agent);
+  if (cached && Date.now() - cached.cachedAt < CACHE_TTL_MS) {
+    return cached.keys;
+  }
+  if (typeof fetch === "undefined") {
+    console.warn("[Signature] fetch() not available in this environment");
+    return null;
+  }
+  try {
+    const apiBaseUrl = getApiBaseUrl();
+    const url = `${apiBaseUrl}/signature-keys?agent=${encodeURIComponent(agent)}`;
+    const response = await fetch(url, {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      // 5 second timeout
+      signal: AbortSignal.timeout(5e3)
+    });
+    if (!response.ok) {
+      console.warn(`[Signature] Failed to fetch keys from API: ${response.status}`);
+      return null;
+    }
+    const data = await response.json();
+    if (!data.keys || !Array.isArray(data.keys) || data.keys.length === 0) {
+      console.warn(`[Signature] No keys returned from API for agent: ${agent}`);
+      return null;
+    }
+    keyCache.set(agent, {
+      keys: data.keys,
+      cachedAt: Date.now()
+    });
+    return data.keys;
+  } catch (error) {
+    console.warn("[Signature] Error fetching keys from API, using fallback", {
+      error: error instanceof Error ? error.message : "Unknown error",
+      agent
+    });
+    return null;
+  }
+}
+function isValidAgent(agent) {
+  return agent in KNOWN_KEYS;
+}
+async function getKeysForAgent(agent) {
+  const apiKeys = await fetchKeysFromApi(agent);
+  if (apiKeys && apiKeys.length > 0) {
+    return apiKeys;
+  }
+  if (isValidAgent(agent)) {
+    return KNOWN_KEYS[agent];
+  }
+  return [];
+}
 function parseSignatureInput(signatureInput) {
   try {
     const match = signatureInput.match(/sig1=\((.*?)\);(.+)/);
@@ -51,21 +181,29 @@ function buildSignatureBase(method, path, headers, signedHeaders) {
       case "@authority":
         value = headers["host"] || headers["Host"] || "";
         break;
-      default:
-        const key = Object.keys(headers).find(
-          (k) => k.toLowerCase() === headerName.toLowerCase()
-        );
+      default: {
+        const key = Object.keys(headers).find((k) => k.toLowerCase() === headerName.toLowerCase());
         value = key ? headers[key] || "" : "";
         break;
+      }
     }
     components.push(`"${headerName}": ${value}`);
   }
   return components.join("\n");
 }
+function base64ToBytes(base64) {
+  let standardBase64 = base64.replace(/-/g, "+").replace(/_/g, "/");
+  const padding = standardBase64.length % 4;
+  if (padding) {
+    standardBase64 += "=".repeat(4 - padding);
+  }
+  const binaryString = atob(standardBase64);
+  return Uint8Array.from(binaryString, (c) => c.charCodeAt(0));
+}
 async function verifyEd25519Signature(publicKeyBase64, signatureBase64, message) {
   try {
-    const publicKeyBytes = Uint8Array.from(atob(publicKeyBase64), (c) => c.charCodeAt(0));
-    const signatureBytes = Uint8Array.from(atob(signatureBase64), (c) => c.charCodeAt(0));
+    const publicKeyBytes = base64ToBytes(publicKeyBase64);
+    const signatureBytes = base64ToBytes(signatureBase64);
     const messageBytes = new TextEncoder().encode(message);
     if (publicKeyBytes.length !== 32) {
       console.error("[Signature] Invalid public key length:", publicKeyBytes.length);
@@ -75,34 +213,36 @@ async function verifyEd25519Signature(publicKeyBase64, signatureBase64, message)
       console.error("[Signature] Invalid signature length:", signatureBytes.length);
       return false;
     }
-    const publicKey = await crypto.subtle.importKey(
-      "raw",
-      publicKeyBytes,
-      {
-        name: "Ed25519",
-        namedCurve: "Ed25519"
-      },
-      false,
-      ["verify"]
-    );
-    const isValid = await crypto.subtle.verify(
-      "Ed25519",
-      publicKey,
-      signatureBytes,
-      messageBytes
-    );
-    return isValid;
-  } catch (error) {
-    console.error("[Signature] Ed25519 verification failed:", error);
-    if (typeof window === "undefined") {
-      try {
-        console.warn("[Signature] Ed25519 not supported in this environment");
-        return false;
-      } catch {
-        return false;
-      }
+    return ed25519__namespace.verify(signatureBytes, messageBytes, publicKeyBytes);
+  } catch (nobleError) {
+    console.warn("[Signature] @noble/ed25519 failed, trying Web Crypto fallback:", nobleError);
+    try {
+      const publicKeyBytes = base64ToBytes(publicKeyBase64);
+      const signatureBytes = base64ToBytes(signatureBase64);
+      const messageBytes = new TextEncoder().encode(message);
+      const publicKey = await crypto.subtle.importKey(
+        "raw",
+        publicKeyBytes.buffer,
+        {
+          name: "Ed25519",
+          namedCurve: "Ed25519"
+        },
+        false,
+        ["verify"]
+      );
+      return await crypto.subtle.verify(
+        "Ed25519",
+        publicKey,
+        signatureBytes.buffer,
+        messageBytes
+      );
+    } catch (cryptoError) {
+      console.error("[Signature] Both @noble/ed25519 and Web Crypto failed:", {
+        nobleError: nobleError instanceof Error ? nobleError.message : "Unknown",
+        cryptoError: cryptoError instanceof Error ? cryptoError.message : "Unknown"
+      });
+      return false;
     }
-    return false;
   }
 }
 async function verifyAgentSignature(method, path, headers) {
@@ -147,12 +287,12 @@ async function verifyAgentSignature(method, path, headers) {
     }
   }
   let agent;
-  let knownKeys;
+  let agentKey;
   if (signatureAgent === '"https://chatgpt.com"' || signatureAgent?.includes("chatgpt.com")) {
     agent = "ChatGPT";
-    knownKeys = KNOWN_KEYS.chatgpt;
+    agentKey = "chatgpt";
   }
-  if (!agent || !knownKeys) {
+  if (!agent || !agentKey) {
     return {
       isValid: false,
       confidence: 0,
@@ -160,6 +300,15 @@ async function verifyAgentSignature(method, path, headers) {
       verificationMethod: "none"
     };
   }
+  const knownKeys = await getKeysForAgent(agentKey);
+  if (knownKeys.length === 0) {
+    return {
+      isValid: false,
+      confidence: 0,
+      reason: "No keys available for agent",
+      verificationMethod: "none"
+    };
+  }
   const key = knownKeys.find((k) => k.kid === parsed.keyid);
   if (!key) {
     return {
@@ -186,11 +335,7 @@ async function verifyAgentSignature(method, path, headers) {
   if (signatureValue.endsWith(":")) {
     signatureValue = signatureValue.slice(0, -1);
   }
-  const isValid = await verifyEd25519Signature(
-    key.publicKey,
-    signatureValue,
-    signatureBase
-  );
+  const isValid = await verifyEd25519Signature(key.publicKey, signatureValue, signatureBase);
   if (isValid) {
     return {
       isValid: true,
@@ -214,27 +359,27 @@ function hasSignatureHeaders(headers) {
 }
 function isChatGPTSignature(headers) {
   const signatureAgent = headers["signature-agent"] || headers["Signature-Agent"];
-  return signatureAgent === '"https://chatgpt.com"' || (signatureAgent?.includes("chatgpt.com") || false);
+  if (!signatureAgent) {
+    return false;
+  }
+  const agentUrlStr = signatureAgent.replace(/^"+|"+$/g, "");
+  if (agentUrlStr === "https://chatgpt.com") {
+    return true;
+  }
+  try {
+    const agentUrl = new URL(agentUrlStr);
+    const allowedHosts = ["chatgpt.com", "www.chatgpt.com"];
+    return allowedHosts.includes(agentUrl.host);
+  } catch {
+    return false;
+  }
 }
-
-// src/edge-detector-wrapper.ts
-var AI_AGENT_PATTERNS = [
-  { pattern: /chatgpt-user/i, type: "chatgpt", name: "ChatGPT" },
-  { pattern: /claude-web/i, type: "claude", name: "Claude" },
-  { pattern: /perplexitybot/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity-user/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity-ai/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity/i, type: "perplexity", name: "Perplexity" },
-  // Fallback
-  { pattern: /bingbot/i, type: "bing", name: "Bing AI" },
-  { pattern: /anthropic-ai/i, type: "anthropic", name: "Anthropic" }
-];
-var CLOUD_PROVIDERS = {
-  aws: ["54.", "52.", "35.", "18.", "3."],
-  gcp: ["35.", "34.", "104.", "107.", "108."],
-  azure: ["13.", "20.", "40.", "52.", "104."]
-};
+var rules = agentshieldShared.loadRulesSync();
 var EdgeAgentDetector = class {
+  rules;
+  constructor() {
+    this.rules = rules;
+  }
   async analyze(input) {
     const reasons = [];
     let detectedAgent;
@@ -253,7 +398,7 @@ var EdgeAgentDetector = class {
           headers
         );
         if (signatureResult.isValid) {
-          confidence = signatureResult.confidence;
+          confidence = signatureResult.confidence * 100;
           reasons.push(`verified_signature:${signatureResult.agent?.toLowerCase() || "unknown"}`);
           if (signatureResult.agent) {
             detectedAgent = {
@@ -266,7 +411,13 @@ var EdgeAgentDetector = class {
             reasons.push(`keyid:${signatureResult.keyid}`);
           }
         } else {
-          confidence = Math.max(confidence, 0.3);
+          console.warn("[EdgeAgentDetector] Signature verification failed:", {
+            reason: signatureResult.reason,
+            agent: signatureResult.agent,
+            hasSignatureAgent: !!headers["signature-agent"] || !!headers["Signature-Agent"],
+            signatureAgentValue: headers["signature-agent"] || headers["Signature-Agent"]
+          });
+          confidence = Math.max(confidence, 30);
           reasons.push("invalid_signature");
           if (signatureResult.reason) {
             reasons.push(`signature_error:${signatureResult.reason}`);
@@ -278,68 +429,133 @@ var EdgeAgentDetector = class {
         }
       } catch (error) {
         console.error("[EdgeAgentDetector] Signature verification error:", error);
-        confidence = Math.max(confidence, 0.2);
+        confidence = Math.max(confidence, 20);
         reasons.push("signature_verification_error");
       }
     }
     const userAgent = input.userAgent || input.headers?.["user-agent"] || "";
     if (userAgent) {
-      for (const { pattern, type, name } of AI_AGENT_PATTERNS) {
-        if (pattern.test(userAgent)) {
-          const highConfidenceAgents = [
-            "chatgpt",
-            "claude",
-            "perplexity",
-            "anthropic"
-          ];
-          const patternConfidence = highConfidenceAgents.includes(type) ? 0.85 : 0.5;
-          confidence = Math.max(confidence, patternConfidence);
-          reasons.push(`known_pattern:${type}`);
+      const userAgentEntries = Object.entries(this.rules.rules.userAgents);
+      const genericKeys = ["generic_bot", "dev_tools", "automation_tools"];
+      const sortedEntries = userAgentEntries.sort((a, b) => {
+        const aIsGeneric = genericKeys.includes(a[0]);
+        const bIsGeneric = genericKeys.includes(b[0]);
+        if (aIsGeneric && !bIsGeneric) return 1;
+        if (!aIsGeneric && bIsGeneric) return -1;
+        return 0;
+      });
+      for (const [agentKey, agentRule] of sortedEntries) {
+        const rule = agentRule;
+        const matched = rule.patterns.some((pattern) => {
+          const regex = new RegExp(pattern, "i");
+          return regex.test(userAgent);
+        });
+        if (matched) {
+          const agentType = this.getAgentType(agentKey);
+          const agentName = this.getAgentName(agentKey);
+          confidence = Math.max(confidence, rule.confidence * 100);
+          reasons.push(`known_pattern:${agentType}`);
           if (!detectedAgent) {
-            detectedAgent = { type, name };
+            detectedAgent = { type: agentType, name: agentName };
             verificationMethod = "pattern";
           }
           break;
         }
       }
     }
-    const aiHeaders = [
-      "openai-conversation-id",
-      "openai-ephemeral-user-id",
-      "anthropic-client-id",
-      "x-goog-api-client",
-      "x-ms-copilot-id"
-    ];
-    const foundAiHeaders = aiHeaders.filter(
-      (header) => normalizedHeaders[header]
+    const suspiciousHeaders = this.rules.rules.headers.suspicious;
+    const foundAiHeaders = suspiciousHeaders.filter(
+      (headerRule) => normalizedHeaders[headerRule.name.toLowerCase()]
     );
     if (foundAiHeaders.length > 0) {
-      confidence = Math.max(confidence, 0.6);
+      const maxConfidence = Math.max(...foundAiHeaders.map((h) => h.confidence * 100));
+      confidence = Math.max(confidence, maxConfidence);
       reasons.push(`ai_headers:${foundAiHeaders.length}`);
     }
     const ip = input.ip || input.ipAddress;
     if (ip && !normalizedHeaders["x-forwarded-for"] && !normalizedHeaders["x-real-ip"]) {
-      for (const [provider, prefixes] of Object.entries(CLOUD_PROVIDERS)) {
-        if (prefixes.some((prefix) => ip.startsWith(prefix))) {
-          confidence = Math.max(confidence, 0.4);
+      const ipRanges = "providers" in this.rules.rules.ipRanges ? this.rules.rules.ipRanges.providers : this.rules.rules.ipRanges;
+      for (const [provider, ipRule] of Object.entries(ipRanges)) {
+        if (!ipRule || typeof ipRule !== "object" || !("ranges" in ipRule) || !Array.isArray(ipRule.ranges))
+          continue;
+        const matched = ipRule.ranges.some((range) => {
+          const prefix = range.split("/")[0];
+          const prefixParts = prefix.split(".");
+          const ipParts = ip.split(".");
+          for (let i = 0; i < Math.min(prefixParts.length - 1, 2); i++) {
+            if (prefixParts[i] !== ipParts[i] && prefixParts[i] !== "0") {
+              return false;
+            }
+          }
+          return true;
+        });
+        if (matched) {
+          const rule = ipRule;
+          confidence = Math.max(confidence, rule.confidence * 40);
           reasons.push(`cloud_provider:${provider}`);
           break;
         }
       }
     }
-    if (reasons.length > 2 && confidence < 1) {
-      confidence = Math.min(confidence * 1.2, 0.95);
+    if (reasons.length > 2 && confidence < 100) {
+      confidence = Math.min(confidence * 1.2, 95);
     }
+    confidence = Math.min(Math.max(confidence, 0), 100);
     return {
-      isAgent: confidence > 0.3,
+      isAgent: confidence > 30,
+      // Updated to 0-100 scale (was 0.3)
       confidence,
+      detectionClass: confidence > 30 && detectedAgent ? { type: "AiAgent", agentType: detectedAgent.name } : confidence > 30 ? { type: "Unknown" } : { type: "Human" },
+      signals: [],
+      // Will be populated by enhanced detection engine in future tasks
       ...detectedAgent && { detectedAgent },
       reasons,
-      ...verificationMethod && { verificationMethod },
-      forgeabilityRisk: verificationMethod === "signature" ? "low" : confidence > 0.8 ? "medium" : "high",
+      ...verificationMethod && {
+        verificationMethod
+      },
+      forgeabilityRisk: verificationMethod === "signature" ? "low" : confidence > 80 ? "medium" : "high",
+      // Updated to 0-100 scale
       timestamp: /* @__PURE__ */ new Date()
     };
   }
+  /**
+   * Get agent type from rule key
+   */
+  getAgentType(agentKey) {
+    const typeMap = {
+      openai_gptbot: "openai",
+      anthropic_claude: "anthropic",
+      perplexity_bot: "perplexity",
+      google_ai: "google",
+      microsoft_ai: "microsoft",
+      meta_ai: "meta",
+      cohere_bot: "cohere",
+      huggingface_bot: "huggingface",
+      generic_bot: "generic",
+      dev_tools: "dev",
+      automation_tools: "automation"
+    };
+    return typeMap[agentKey] || agentKey;
+  }
+  /**
+   * Get agent name from rule key
+   */
+  getAgentName(agentKey) {
+    const nameMap = {
+      openai_gptbot: "ChatGPT/GPTBot",
+      anthropic_claude: "Claude",
+      perplexity_bot: "Perplexity",
+      google_ai: "Google AI",
+      microsoft_ai: "Microsoft Copilot",
+      meta_ai: "Meta AI",
+      cohere_bot: "Cohere",
+      huggingface_bot: "HuggingFace",
+      generic_bot: "Generic Bot",
+      dev_tools: "Development Tool",
+      automation_tools: "Automation Tool"
+    };
+    return nameMap[agentKey] || agentKey;
+  }
 };
 var EdgeAgentDetectorWrapper = class {
   detector;
@@ -410,26 +626,31 @@ async function initWasm() {
               throw new Error(`Failed to fetch WASM: ${response2.status}`);
             }
             const streamResponse = response2.clone();
-            const { instance } = await WebAssembly.instantiateStreaming(
-              streamResponse,
-              {
-                wbg: {
-                  __wbg_log_1d3ae13c3d5e6b8e: (ptr, len) => {
-                    console.log("WASM:", ptr, len);
-                  },
-                  __wbindgen_throw: (ptr, len) => {
-                    throw new Error(`WASM Error at ${ptr}, length ${len}`);
+            const { instance } = await WebAssembly.instantiateStreaming(streamResponse, {
+              wbg: {
+                __wbg_log_1d3ae13c3d5e6b8e: (ptr, len) => {
+                  if (process.env.NODE_ENV !== "production") {
+                    console.debug("WASM:", ptr, len);
                   }
+                },
+                __wbindgen_throw: (ptr, len) => {
+                  throw new Error(`WASM Error at ${ptr}, length ${len}`);
                 }
               }
-            );
+            });
             wasmInstance = instance;
             wasmExports = instance.exports;
-            console.log("[AgentShield] \u2705 WASM module initialized with streaming");
+            if (process.env.NODE_ENV !== "production") {
+              console.debug("[AgentShield] \u2705 WASM module initialized with streaming");
+            }
             return;
           } catch (streamError) {
             if (!controller.signal.aborted) {
-              console.log("[AgentShield] Streaming compilation failed, falling back to standard compilation");
+              if (process.env.NODE_ENV !== "production") {
+                console.debug(
+                  "[AgentShield] Streaming compilation failed, falling back to standard compilation"
+                );
+              }
             } else {
               throw streamError;
             }
@@ -445,7 +666,9 @@ async function initWasm() {
         const imports = {
           wbg: {
             __wbg_log_1d3ae13c3d5e6b8e: (ptr, len) => {
-              console.log("WASM:", ptr, len);
+              if (process.env.NODE_ENV !== "production") {
+                console.debug("WASM:", ptr, len);
+              }
             },
             __wbindgen_throw: (ptr, len) => {
               throw new Error(`WASM Error at ${ptr}, length ${len}`);
@@ -454,12 +677,20 @@ async function initWasm() {
         };
         wasmInstance = await WebAssembly.instantiate(compiledModule, imports);
         wasmExports = wasmInstance.exports;
-        console.log("[AgentShield] \u2705 WASM module initialized via fallback");
+        if (process.env.NODE_ENV !== "production") {
+          console.debug("[AgentShield] \u2705 WASM module initialized via fallback");
+        }
       } catch (fetchError) {
-        if (fetchError.name === "AbortError") {
-          console.warn("[AgentShield] WASM fetch timed out after 3 seconds - using pattern detection");
+        const error = fetchError;
+        if (error.name === "AbortError") {
+          console.warn(
+            "[AgentShield] WASM fetch timed out after 3 seconds - using pattern detection"
+          );
         } else {
-          console.warn("[AgentShield] Failed to fetch WASM file:", fetchError.message);
+          console.warn(
+            "[AgentShield] Failed to fetch WASM file:",
+            error.message || "Unknown error"
+          );
         }
         wasmExports = null;
       }
@@ -520,30 +751,16 @@ async function isWasmAvailable() {
     return false;
   }
 }
-
-// src/edge-detector-with-wasm.ts
-var AI_AGENT_PATTERNS2 = [
-  { pattern: /chatgpt-user/i, type: "chatgpt", name: "ChatGPT" },
-  { pattern: /claude-web/i, type: "claude", name: "Claude" },
-  { pattern: /perplexitybot/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity-user/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity-ai/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /perplexity/i, type: "perplexity", name: "Perplexity" },
-  { pattern: /bingbot/i, type: "bing", name: "Bing AI" },
-  { pattern: /anthropic-ai/i, type: "anthropic", name: "Anthropic" }
-];
-var CLOUD_PROVIDERS2 = {
-  aws: ["54.", "52.", "35.", "18.", "3."],
-  gcp: ["35.", "34.", "104.", "107.", "108."],
-  azure: ["13.", "20.", "40.", "52.", "104."]
-};
+var rules2 = agentshieldShared.loadRulesSync();
 var EdgeAgentDetectorWithWasm = class {
   constructor(enableWasm = true) {
     this.enableWasm = enableWasm;
+    this.rules = rules2;
   }
   wasmEnabled = false;
   initPromise = null;
   baseUrl = null;
+  rules;
   /**
    * Set the base URL for WASM loading in Edge Runtime
    */
@@ -566,11 +783,14 @@ var EdgeAgentDetectorWithWasm = class {
     this.initPromise = (async () => {
       try {
         const wasmAvailable = await isWasmAvailable();
-        this.wasmEnabled = wasmAvailable;
-        if (this.wasmEnabled) {
-          console.log("[AgentShield] WASM detection enabled");
+        if (wasmAvailable) {
+          if (this.baseUrl) {
+            setWasmBaseUrl(this.baseUrl);
+          }
+          await initWasm();
+          this.wasmEnabled = true;
         } else {
-          console.log("[AgentShield] WASM not available, using pattern detection");
+          this.wasmEnabled = false;
         }
       } catch (error) {
         console.error("[AgentShield] Failed to initialize WASM:", error);
@@ -595,69 +815,84 @@ var EdgeAgentDetectorWithWasm = class {
     const signaturePresent = !!(normalizedHeaders["signature"] || normalizedHeaders["signature-input"]);
     const signatureAgent = normalizedHeaders["signature-agent"];
     if (signatureAgent?.includes("chatgpt.com")) {
-      confidence = 0.85;
+      confidence = 85;
       reasons.push("signature_agent:chatgpt");
       detectedAgent = { type: "chatgpt", name: "ChatGPT" };
       verificationMethod = "signature";
     } else if (signaturePresent) {
-      confidence = Math.max(confidence, 0.4);
+      confidence = Math.max(confidence, 40);
       reasons.push("signature_present");
     }
     const userAgent = input.userAgent || input.headers?.["user-agent"] || "";
     if (userAgent) {
-      for (const { pattern, type, name } of AI_AGENT_PATTERNS2) {
-        if (pattern.test(userAgent)) {
-          const highConfidenceAgents = [
-            "chatgpt",
-            "claude",
-            "perplexity",
-            "anthropic"
-          ];
-          const patternConfidence = highConfidenceAgents.includes(type) ? 0.85 : 0.5;
-          confidence = Math.max(confidence, patternConfidence);
-          reasons.push(`known_pattern:${type}`);
+      for (const [agentKey, agentRule] of Object.entries(this.rules.rules.userAgents)) {
+        const matched = agentRule.patterns.some((pattern) => {
+          const regex = new RegExp(pattern, "i");
+          return regex.test(userAgent);
+        });
+        if (matched) {
+          const agentType = this.getAgentType(agentKey);
+          const agentName = this.getAgentName(agentKey);
+          confidence = Math.max(confidence, Math.round(agentRule.confidence * 0.85 * 100));
+          reasons.push(`known_pattern:${agentType}`);
           if (!detectedAgent) {
-            detectedAgent = { type, name };
+            detectedAgent = { type: agentType, name: agentName };
             verificationMethod = "pattern";
           }
           break;
         }
       }
     }
-    const aiHeaders = [
-      "openai-conversation-id",
-      "openai-ephemeral-user-id",
-      "anthropic-client-id",
-      "x-goog-api-client",
-      "x-ms-copilot-id"
-    ];
-    const foundAiHeaders = aiHeaders.filter(
-      (header) => normalizedHeaders[header]
+    const suspiciousHeaders = this.rules.rules.headers.suspicious;
+    const foundAiHeaders = suspiciousHeaders.filter(
+      (headerRule) => normalizedHeaders[headerRule.name.toLowerCase()]
     );
     if (foundAiHeaders.length > 0) {
-      confidence = Math.max(confidence, 0.6);
+      const maxConfidence = Math.max(...foundAiHeaders.map((h) => h.confidence));
+      confidence = Math.max(confidence, maxConfidence);
       reasons.push(`ai_headers:${foundAiHeaders.length}`);
     }
     const ip = input.ip || input.ipAddress;
     if (ip && !normalizedHeaders["x-forwarded-for"] && !normalizedHeaders["x-real-ip"]) {
-      for (const [provider, prefixes] of Object.entries(CLOUD_PROVIDERS2)) {
-        if (prefixes.some((prefix) => ip.startsWith(prefix))) {
-          confidence = Math.max(confidence, 0.4);
+      const ipRanges = "providers" in this.rules.rules.ipRanges ? this.rules.rules.ipRanges.providers : this.rules.rules.ipRanges;
+      for (const [provider, ipRule] of Object.entries(ipRanges)) {
+        if (!ipRule || typeof ipRule !== "object" || !("ranges" in ipRule) || !Array.isArray(ipRule.ranges))
+          continue;
+        const matched = ipRule.ranges.some((range) => {
+          const prefix = range.split("/")[0];
+          const prefixParts = prefix.split(".");
+          const ipParts = ip.split(".");
+          for (let i = 0; i < Math.min(prefixParts.length - 1, 2); i++) {
+            if (prefixParts[i] !== ipParts[i] && prefixParts[i] !== "0") {
+              return false;
+            }
+          }
+          return true;
+        });
+        if (matched) {
+          confidence = Math.max(confidence, Math.round(ipRule.confidence * 0.4 * 100));
           reasons.push(`cloud_provider:${provider}`);
           break;
         }
       }
     }
     if (reasons.length > 2) {
-      confidence = Math.min(confidence * 1.2, 0.95);
+      confidence = Math.min(Math.round(confidence * 1.2), 95);
     }
+    confidence = Math.min(Math.max(confidence, 0), 100);
     return {
-      isAgent: confidence > 0.3,
+      isAgent: confidence > 30,
+      // 30% threshold
       confidence,
+      detectionClass: confidence > 30 && detectedAgent ? { type: "AiAgent", agentType: detectedAgent.name } : confidence > 30 ? { type: "Unknown" } : { type: "Human" },
+      signals: [],
+      // Will be populated by enhanced detection engine in future tasks
       ...detectedAgent && { detectedAgent },
       reasons,
-      ...verificationMethod && { verificationMethod },
-      forgeabilityRisk: confidence > 0.8 ? "medium" : "high",
+      ...verificationMethod && {
+        verificationMethod: agentshieldShared.mapVerificationMethod(verificationMethod)
+      },
+      forgeabilityRisk: confidence > 80 ? "medium" : "high",
       timestamp: /* @__PURE__ */ new Date()
     };
   }
@@ -674,15 +909,17 @@ var EdgeAgentDetectorWithWasm = class {
           input.ip || input.ipAddress
         );
         if (wasmResult) {
-          console.log("[AgentShield] Using WASM detection result");
           const detectedAgent = wasmResult.agent ? this.mapAgentName(wasmResult.agent) : void 0;
           return {
             isAgent: wasmResult.isAgent,
             confidence: wasmResult.confidence,
+            detectionClass: wasmResult.isAgent && detectedAgent ? { type: "AiAgent", agentType: detectedAgent.name } : wasmResult.isAgent ? { type: "Unknown" } : { type: "Human" },
+            signals: [],
+            // Will be populated by enhanced detection engine in future tasks
             ...detectedAgent && { detectedAgent },
             reasons: [`wasm:${wasmResult.verificationMethod}`],
-            verificationMethod: wasmResult.verificationMethod,
-            forgeabilityRisk: wasmResult.verificationMethod === "signature" ? "low" : wasmResult.confidence > 0.9 ? "medium" : "high",
+            verificationMethod: agentshieldShared.mapVerificationMethod(wasmResult.verificationMethod),
+            forgeabilityRisk: wasmResult.verificationMethod === "signature" ? "low" : wasmResult.confidence > 90 ? "medium" : "high",
             timestamp: /* @__PURE__ */ new Date()
           };
         }
@@ -691,15 +928,50 @@ var EdgeAgentDetectorWithWasm = class {
       }
     }
     const patternResult = await this.patternDetection(input);
-    if (this.wasmEnabled && patternResult.confidence >= 0.85) {
-      patternResult.confidence = Math.min(0.95, patternResult.confidence + 0.1);
+    if (this.wasmEnabled && patternResult.confidence >= 85) {
+      patternResult.confidence = Math.min(95, patternResult.confidence + 10);
       patternResult.reasons.push("wasm_enhanced");
-      if (!patternResult.verificationMethod) {
-        patternResult.verificationMethod = "wasm-enhanced";
-      }
     }
     return patternResult;
   }
+  /**
+   * Get agent type from rule key
+   */
+  getAgentType(agentKey) {
+    const typeMap = {
+      openai_gptbot: "openai",
+      anthropic_claude: "anthropic",
+      perplexity_bot: "perplexity",
+      google_ai: "google",
+      microsoft_ai: "microsoft",
+      meta_ai: "meta",
+      cohere_bot: "cohere",
+      huggingface_bot: "huggingface",
+      generic_bot: "generic",
+      dev_tools: "dev",
+      automation_tools: "automation"
+    };
+    return typeMap[agentKey] || agentKey;
+  }
+  /**
+   * Get agent name from rule key
+   */
+  getAgentName(agentKey) {
+    const nameMap = {
+      openai_gptbot: "ChatGPT/GPTBot",
+      anthropic_claude: "Claude",
+      perplexity_bot: "Perplexity",
+      google_ai: "Google AI",
+      microsoft_ai: "Microsoft Copilot",
+      meta_ai: "Meta AI",
+      cohere_bot: "Cohere",
+      huggingface_bot: "HuggingFace",
+      generic_bot: "Generic Bot",
+      dev_tools: "Development Tool",
+      automation_tools: "Automation Tool"
+    };
+    return nameMap[agentKey] || agentKey;
+  }
   /**
    * Map agent names from WASM to consistent format
    */
@@ -880,7 +1152,9 @@ function createAgentShieldMiddleware(config = {}) {
   }) : null;
   if (config.events) {
     Object.entries(config.events).forEach(([event, handler]) => {
-      detector.on(event, handler);
+      if (handler) {
+        detector.on(event, handler);
+      }
     });
   }
   const {
@@ -912,19 +1186,22 @@ function createAgentShieldMiddleware(config = {}) {
         const response2 = server.NextResponse.next();
         response2.headers.set("x-agentshield-detected", "true");
         response2.headers.set("x-agentshield-agent", existingSession.agent);
-        response2.headers.set(
-          "x-agentshield-confidence",
-          existingSession.confidence.toString()
-        );
+        response2.headers.set("x-agentshield-confidence", existingSession.confidence.toString());
         response2.headers.set("x-agentshield-session", "continued");
         response2.headers.set("x-agentshield-session-id", existingSession.id);
         request.agentShield = {
           result: {
             isAgent: true,
             confidence: existingSession.confidence,
-            detectedAgent: { name: existingSession.agent },
+            detectionClass: { type: "AiAgent" },
+            detectedAgent: {
+              type: "ai_agent",
+              name: existingSession.agent
+            },
             timestamp: /* @__PURE__ */ new Date(),
-            verificationMethod: "session"
+            verificationMethod: "behavioral",
+            reasons: ["Session continued"],
+            signals: []
           },
           session: existingSession,
           skipped: false
@@ -954,7 +1231,7 @@ function createAgentShieldMiddleware(config = {}) {
         timestamp: /* @__PURE__ */ new Date()
       };
       const result = await detector.analyze(context);
-      if (result.isAgent && result.confidence >= (config.confidenceThreshold ?? 0.7)) {
+      if (result.isAgent && result.confidence >= (config.confidenceThreshold ?? 70)) {
         if (onDetection) {
           const customResponse = await onDetection(request, result);
           if (customResponse) {
@@ -973,11 +1250,9 @@ function createAgentShieldMiddleware(config = {}) {
               { status: blockedResponse.status }
             );
             if (blockedResponse.headers) {
-              Object.entries(blockedResponse.headers).forEach(
-                ([key, value]) => {
-                  response2.headers.set(key, value);
-                }
-              );
+              Object.entries(blockedResponse.headers).forEach(([key, value]) => {
+                response2.headers.set(key, value);
+              });
             }
             detector.emit("agent.blocked", result, context);
             return response2;
@@ -987,17 +1262,19 @@ function createAgentShieldMiddleware(config = {}) {
           case "rewrite":
             return server.NextResponse.rewrite(new URL(rewriteUrl, request.url));
           case "log":
-            console.warn("AgentShield: Agent detected", {
-              ipAddress: context.ipAddress,
-              userAgent: context.userAgent,
-              confidence: result.confidence,
-              reasons: result.reasons,
-              pathname: request.nextUrl.pathname
-            });
+            if (process.env.NODE_ENV !== "production") {
+              console.debug("AgentShield: Agent detected", {
+                ipAddress: context.ipAddress,
+                userAgent: context.userAgent,
+                confidence: result.confidence,
+                reasons: result.reasons,
+                pathname: request.nextUrl.pathname
+              });
+            }
             break;
           case "allow":
           default:
-            if (result.isAgent && result.confidence >= (config.confidenceThreshold ?? 0.7)) {
+            if (result.isAgent && result.confidence >= (config.confidenceThreshold ?? 70)) {
               detector.emit("agent.allowed", result, context);
             }
             break;
@@ -1009,14 +1286,11 @@ function createAgentShieldMiddleware(config = {}) {
       };
       let response = server.NextResponse.next();
       response.headers.set("x-agentshield-detected", result.isAgent.toString());
-      response.headers.set(
-        "x-agentshield-confidence",
-        result.confidence.toString()
-      );
+      response.headers.set("x-agentshield-confidence", result.confidence.toString());
       if (result.detectedAgent?.name) {
         response.headers.set("x-agentshield-agent", result.detectedAgent.name);
       }
-      if (sessionTracker && result.isAgent && result.confidence >= (config.confidenceThreshold ?? 0.7)) {
+      if (sessionTracker && result.isAgent && result.confidence >= (config.confidenceThreshold ?? 70)) {
         response = await sessionTracker.track(request, response, result);
         response.headers.set("x-agentshield-session", "new");
         detector.emit("agent.session.started", result, context);