@kya-os/checkpoint-nextjs 1.0.1 → 1.1.1

package/dist/edge-runtime-loader.d.mts

@@ -1,10 +1,37 @@
 import { NextRequest } from 'next/server';
 
 /**
- * Edge Runtime Compatible WASM Loader for AgentShield
+ * Edge Runtime Compatible WASM Loader for Checkpoint
  *
  * This module provides a pre-built solution for loading WASM in Edge Runtime.
  * It requires the WASM file to be manually placed in the project.
+ *
+ * ## SSOT for pattern detection
+ *
+ * The fallback `patternDetection` path imports BOTH pattern arrays
+ * from `@kya-os/checkpoint-shared/constants/agents`:
+ *
+ *   - `KNOWN_AGENT_PATTERNS` — strict SSOT carved for the server-side
+ *     classifier (per-agent rows with category + isLegitimate fields).
+ *   - `INTERACTIVE_AGENT_PATTERNS` — supplement holding interactive-
+ *     session tokens, generic vendor fallbacks, and the GPT-Crawler
+ *     entry that lives in seed-agent-types-data.ts (NOT in the strict
+ *     SSOT).
+ *
+ * Pre-#2599 this file had a 15-pattern inline subset that diverged
+ * from the shared SSOT — the you.com regex was tightened in agents.ts
+ * but reverted here. SSOT-Fallback-Drift-1 (this PR) collapsed the
+ * inline duplication and moved the supplement into checkpoint-shared
+ * so both layers reference the same source. EPIC #2573 (PDM-2) is the
+ * future unified-SSOT consolidation that folds the two arrays into
+ * one canonical table.
+ *
+ * ## Naming
+ *
+ * Old `AgentShield`-prefixed exports are kept as `@deprecated` aliases
+ * for one release (`createEdgeAgentShield`, `EdgeRuntimeAgentShield`,
+ * `AgentShieldConfig`, `getDefaultAgentShield`). New code should import
+ * the `Checkpoint`-prefixed names directly.
  */
 
 interface WasmModule {
@@ -19,7 +46,7 @@ interface DetectionResult {
     riskLevel?: 'low' | 'medium' | 'high' | 'critical';
     timestamp: string;
 }
-interface AgentShieldConfig {
+interface EdgeCheckpointConfig {
     wasmModule?: WebAssembly.Module;
     enableWasm?: boolean;
     onAgentDetected?: (result: DetectionResult) => void;
@@ -27,12 +54,12 @@ interface AgentShieldConfig {
     allowedAgents?: string[];
     debug?: boolean;
 }
-declare class EdgeRuntimeAgentShield {
+declare class EdgeRuntimeCheckpoint {
     private wasmInstance;
     private wasmMemory;
     private config;
     private initialized;
-    constructor(config?: AgentShieldConfig);
+    constructor(config?: EdgeCheckpointConfig);
     init(wasmModule?: WebAssembly.Module): Promise<void>;
     private readString;
     private writeString;
@@ -42,9 +69,18 @@ declare class EdgeRuntimeAgentShield {
     getVerificationMethod(): 'cryptographic' | 'pattern';
 }
 /**
- * Factory function to create an AgentShield instance for Edge Runtime
+ * Factory function to create a Checkpoint instance for Edge Runtime.
  */
-declare function createEdgeAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-declare function getDefaultAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
+declare function createEdgeCheckpoint(config?: EdgeCheckpointConfig): EdgeRuntimeCheckpoint;
+declare function getDefaultEdgeCheckpoint(config?: EdgeCheckpointConfig): EdgeRuntimeCheckpoint;
+
+/** @deprecated Renamed to {@link EdgeCheckpointConfig}. */
+type AgentShieldConfig = EdgeCheckpointConfig;
+/** @deprecated Renamed to {@link EdgeRuntimeCheckpoint}. */
+declare const EdgeRuntimeAgentShield: typeof EdgeRuntimeCheckpoint;
+/** @deprecated Renamed to {@link createEdgeCheckpoint}. */
+declare const createEdgeAgentShield: typeof createEdgeCheckpoint;
+/** @deprecated Renamed to {@link getDefaultEdgeCheckpoint}. */
+declare const getDefaultAgentShield: typeof getDefaultEdgeCheckpoint;
 
-export { type AgentShieldConfig, type DetectionResult, type WasmModule, createEdgeAgentShield, getDefaultAgentShield };
+export { type AgentShieldConfig, type DetectionResult, type EdgeCheckpointConfig, EdgeRuntimeAgentShield, EdgeRuntimeCheckpoint, type WasmModule, createEdgeAgentShield, createEdgeCheckpoint, getDefaultAgentShield, getDefaultEdgeCheckpoint };

package/dist/edge-runtime-loader.d.ts

@@ -1,10 +1,37 @@
 import { NextRequest } from 'next/server';
 
 /**
- * Edge Runtime Compatible WASM Loader for AgentShield
+ * Edge Runtime Compatible WASM Loader for Checkpoint
  *
  * This module provides a pre-built solution for loading WASM in Edge Runtime.
  * It requires the WASM file to be manually placed in the project.
+ *
+ * ## SSOT for pattern detection
+ *
+ * The fallback `patternDetection` path imports BOTH pattern arrays
+ * from `@kya-os/checkpoint-shared/constants/agents`:
+ *
+ *   - `KNOWN_AGENT_PATTERNS` — strict SSOT carved for the server-side
+ *     classifier (per-agent rows with category + isLegitimate fields).
+ *   - `INTERACTIVE_AGENT_PATTERNS` — supplement holding interactive-
+ *     session tokens, generic vendor fallbacks, and the GPT-Crawler
+ *     entry that lives in seed-agent-types-data.ts (NOT in the strict
+ *     SSOT).
+ *
+ * Pre-#2599 this file had a 15-pattern inline subset that diverged
+ * from the shared SSOT — the you.com regex was tightened in agents.ts
+ * but reverted here. SSOT-Fallback-Drift-1 (this PR) collapsed the
+ * inline duplication and moved the supplement into checkpoint-shared
+ * so both layers reference the same source. EPIC #2573 (PDM-2) is the
+ * future unified-SSOT consolidation that folds the two arrays into
+ * one canonical table.
+ *
+ * ## Naming
+ *
+ * Old `AgentShield`-prefixed exports are kept as `@deprecated` aliases
+ * for one release (`createEdgeAgentShield`, `EdgeRuntimeAgentShield`,
+ * `AgentShieldConfig`, `getDefaultAgentShield`). New code should import
+ * the `Checkpoint`-prefixed names directly.
  */
 
 interface WasmModule {
@@ -19,7 +46,7 @@ interface DetectionResult {
     riskLevel?: 'low' | 'medium' | 'high' | 'critical';
     timestamp: string;
 }
-interface AgentShieldConfig {
+interface EdgeCheckpointConfig {
     wasmModule?: WebAssembly.Module;
     enableWasm?: boolean;
     onAgentDetected?: (result: DetectionResult) => void;
@@ -27,12 +54,12 @@ interface AgentShieldConfig {
     allowedAgents?: string[];
     debug?: boolean;
 }
-declare class EdgeRuntimeAgentShield {
+declare class EdgeRuntimeCheckpoint {
     private wasmInstance;
     private wasmMemory;
     private config;
     private initialized;
-    constructor(config?: AgentShieldConfig);
+    constructor(config?: EdgeCheckpointConfig);
     init(wasmModule?: WebAssembly.Module): Promise<void>;
     private readString;
     private writeString;
@@ -42,9 +69,18 @@ declare class EdgeRuntimeAgentShield {
     getVerificationMethod(): 'cryptographic' | 'pattern';
 }
 /**
- * Factory function to create an AgentShield instance for Edge Runtime
+ * Factory function to create a Checkpoint instance for Edge Runtime.
  */
-declare function createEdgeAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-declare function getDefaultAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
+declare function createEdgeCheckpoint(config?: EdgeCheckpointConfig): EdgeRuntimeCheckpoint;
+declare function getDefaultEdgeCheckpoint(config?: EdgeCheckpointConfig): EdgeRuntimeCheckpoint;
+
+/** @deprecated Renamed to {@link EdgeCheckpointConfig}. */
+type AgentShieldConfig = EdgeCheckpointConfig;
+/** @deprecated Renamed to {@link EdgeRuntimeCheckpoint}. */
+declare const EdgeRuntimeAgentShield: typeof EdgeRuntimeCheckpoint;
+/** @deprecated Renamed to {@link createEdgeCheckpoint}. */
+declare const createEdgeAgentShield: typeof createEdgeCheckpoint;
+/** @deprecated Renamed to {@link getDefaultEdgeCheckpoint}. */
+declare const getDefaultAgentShield: typeof getDefaultEdgeCheckpoint;
 
-export { type AgentShieldConfig, type DetectionResult, type WasmModule, createEdgeAgentShield, getDefaultAgentShield };
+export { type AgentShieldConfig, type DetectionResult, type EdgeCheckpointConfig, EdgeRuntimeAgentShield, EdgeRuntimeCheckpoint, type WasmModule, createEdgeAgentShield, createEdgeCheckpoint, getDefaultAgentShield, getDefaultEdgeCheckpoint };

package/dist/edge-runtime-loader.js

@@ -1,5 +1,9 @@
 'use strict';
 
+var checkpointShared = require('@kya-os/checkpoint-shared');
+
+// src/edge-runtime-loader.ts
+
 // src/utils.ts
 function getClientIp(request) {
   const forwardedFor = request.headers.get("x-forwarded-for");
@@ -17,7 +21,40 @@ function getClientIp(request) {
 }
 
 // src/edge-runtime-loader.ts
-var EdgeRuntimeAgentShield = class {
+var SUSPICIOUS_HEADER_PREFIXES = ["x-openai-", "x-anthropic-", "x-ai-", "x-llm-", "x-gpt-"];
+function escapeRegex(s) {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+var TOKEN_REGEX_CACHE = /* @__PURE__ */ new Map();
+function tokenRegex(token) {
+  const cached = TOKEN_REGEX_CACHE.get(token);
+  if (cached) return cached;
+  const regex = new RegExp(`\\b${escapeRegex(token)}\\b`, "i");
+  TOKEN_REGEX_CACHE.set(token, regex);
+  return regex;
+}
+function matchKnownAgent(lowercasedUa) {
+  let best = null;
+  for (const entry of checkpointShared.KNOWN_AGENT_PATTERNS) {
+    for (const pattern of entry.patterns) {
+      if (tokenRegex(pattern).test(lowercasedUa)) {
+        if (!best || entry.confidence > best.confidence) {
+          best = { name: entry.name, confidence: entry.confidence };
+        }
+        break;
+      }
+    }
+  }
+  for (const { pattern, name, confidence } of checkpointShared.INTERACTIVE_AGENT_PATTERNS) {
+    if (pattern.test(lowercasedUa)) {
+      if (!best || confidence > best.confidence) {
+        best = { name, confidence };
+      }
+    }
+  }
+  return best;
+}
+var EdgeRuntimeCheckpoint = class {
   wasmInstance = null;
   wasmMemory = null;
   config;
@@ -49,7 +86,7 @@ var EdgeRuntimeAgentShield = class {
         this.wasmInstance = await WebAssembly.instantiate(module, imports);
         this.initialized = true;
         if (this.config.debug) {
-          console.log("\u2705 AgentShield WASM initialized in Edge Runtime");
+          console.log("\u2705 Checkpoint WASM initialized in Edge Runtime");
         }
       } catch (error) {
         console.warn("\u26A0\uFE0F WASM initialization failed, using pattern detection:", error);
@@ -126,52 +163,29 @@ var EdgeRuntimeAgentShield = class {
     return this.patternDetection(metadata);
   }
   patternDetection(metadata) {
-    const userAgent = metadata.userAgent.toLowerCase();
-    const patterns = [
-      // High confidence - explicit AI identifiers
-      { pattern: /chatgpt-user/i, name: "ChatGPT", confidence: 0.95 },
-      { pattern: /claude-web/i, name: "Claude", confidence: 0.95 },
-      { pattern: /claude-user/i, name: "Claude", confidence: 0.95 },
-      { pattern: /gpt-crawler/i, name: "GPT Crawler", confidence: 0.95 },
-      { pattern: /perplexitybot/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-user/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-ai/i, name: "Perplexity", confidence: 0.95 },
-      // Medium-high confidence - company identifiers
-      { pattern: /anthropic/i, name: "Anthropic", confidence: 0.9 },
-      { pattern: /openai/i, name: "OpenAI", confidence: 0.9 },
-      // Medium confidence - product names
-      { pattern: /copilot/i, name: "GitHub Copilot", confidence: 0.85 },
-      { pattern: /bard/i, name: "Google Bard", confidence: 0.85 },
-      { pattern: /gemini/i, name: "Google Gemini", confidence: 0.85 },
-      { pattern: /perplexity/i, name: "Perplexity", confidence: 0.85 },
-      // Fallback
-      { pattern: /\byou\.com\b/i, name: "You.com", confidence: 0.8 },
-      { pattern: /\bphind\b/i, name: "Phind", confidence: 0.8 }
-    ];
-    const suspiciousHeaders = ["x-openai-", "x-anthropic-", "x-ai-", "x-llm-", "x-gpt-"];
+    const lowercasedUa = metadata.userAgent.toLowerCase();
     let headerBoost = 0;
-    for (const [key] of Object.entries(metadata.headers)) {
-      if (suspiciousHeaders.some((prefix) => key.toLowerCase().startsWith(prefix))) {
+    for (const key of Object.keys(metadata.headers)) {
+      if (SUSPICIOUS_HEADER_PREFIXES.some((prefix) => key.toLowerCase().startsWith(prefix))) {
         headerBoost = 0.1;
         break;
       }
     }
-    for (const { pattern, name, confidence } of patterns) {
-      if (pattern.test(userAgent)) {
-        const finalConfidence = Math.min(confidence + headerBoost, 1);
-        const result = {
-          isAgent: true,
-          confidence: finalConfidence,
-          agent: name,
-          verificationMethod: "pattern",
-          riskLevel: finalConfidence > 0.9 ? "high" : "medium",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString()
-        };
-        if (this.config.onAgentDetected) {
-          this.config.onAgentDetected(result);
-        }
-        return result;
+    const match = matchKnownAgent(lowercasedUa);
+    if (match) {
+      const finalConfidence = Math.min(match.confidence + headerBoost, 1);
+      const result = {
+        isAgent: true,
+        confidence: finalConfidence,
+        agent: match.name,
+        verificationMethod: "pattern",
+        riskLevel: finalConfidence > 0.9 ? "high" : "medium",
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      if (this.config.onAgentDetected) {
+        this.config.onAgentDetected(result);
       }
+      return result;
     }
     return {
       isAgent: false,
@@ -187,16 +201,23 @@ var EdgeRuntimeAgentShield = class {
     return this.wasmInstance ? "cryptographic" : "pattern";
   }
 };
-function createEdgeAgentShield(config) {
-  return new EdgeRuntimeAgentShield(config);
+function createEdgeCheckpoint(config) {
+  return new EdgeRuntimeCheckpoint(config);
 }
 var defaultInstance = null;
-function getDefaultAgentShield(config) {
+function getDefaultEdgeCheckpoint(config) {
   if (!defaultInstance) {
-    defaultInstance = new EdgeRuntimeAgentShield(config);
+    defaultInstance = new EdgeRuntimeCheckpoint(config);
   }
   return defaultInstance;
 }
+var EdgeRuntimeAgentShield = EdgeRuntimeCheckpoint;
+var createEdgeAgentShield = createEdgeCheckpoint;
+var getDefaultAgentShield = getDefaultEdgeCheckpoint;
 
+exports.EdgeRuntimeAgentShield = EdgeRuntimeAgentShield;
+exports.EdgeRuntimeCheckpoint = EdgeRuntimeCheckpoint;
 exports.createEdgeAgentShield = createEdgeAgentShield;
+exports.createEdgeCheckpoint = createEdgeCheckpoint;
 exports.getDefaultAgentShield = getDefaultAgentShield;
+exports.getDefaultEdgeCheckpoint = getDefaultEdgeCheckpoint;

package/dist/edge-runtime-loader.mjs

@@ -1,3 +1,7 @@
+import { KNOWN_AGENT_PATTERNS, INTERACTIVE_AGENT_PATTERNS } from '@kya-os/checkpoint-shared';
+
+// src/edge-runtime-loader.ts
+
 // src/utils.ts
 function getClientIp(request) {
   const forwardedFor = request.headers.get("x-forwarded-for");
@@ -15,7 +19,40 @@ function getClientIp(request) {
 }
 
 // src/edge-runtime-loader.ts
-var EdgeRuntimeAgentShield = class {
+var SUSPICIOUS_HEADER_PREFIXES = ["x-openai-", "x-anthropic-", "x-ai-", "x-llm-", "x-gpt-"];
+function escapeRegex(s) {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+var TOKEN_REGEX_CACHE = /* @__PURE__ */ new Map();
+function tokenRegex(token) {
+  const cached = TOKEN_REGEX_CACHE.get(token);
+  if (cached) return cached;
+  const regex = new RegExp(`\\b${escapeRegex(token)}\\b`, "i");
+  TOKEN_REGEX_CACHE.set(token, regex);
+  return regex;
+}
+function matchKnownAgent(lowercasedUa) {
+  let best = null;
+  for (const entry of KNOWN_AGENT_PATTERNS) {
+    for (const pattern of entry.patterns) {
+      if (tokenRegex(pattern).test(lowercasedUa)) {
+        if (!best || entry.confidence > best.confidence) {
+          best = { name: entry.name, confidence: entry.confidence };
+        }
+        break;
+      }
+    }
+  }
+  for (const { pattern, name, confidence } of INTERACTIVE_AGENT_PATTERNS) {
+    if (pattern.test(lowercasedUa)) {
+      if (!best || confidence > best.confidence) {
+        best = { name, confidence };
+      }
+    }
+  }
+  return best;
+}
+var EdgeRuntimeCheckpoint = class {
   wasmInstance = null;
   wasmMemory = null;
   config;
@@ -47,7 +84,7 @@ var EdgeRuntimeAgentShield = class {
         this.wasmInstance = await WebAssembly.instantiate(module, imports);
         this.initialized = true;
         if (this.config.debug) {
-          console.log("\u2705 AgentShield WASM initialized in Edge Runtime");
+          console.log("\u2705 Checkpoint WASM initialized in Edge Runtime");
         }
       } catch (error) {
         console.warn("\u26A0\uFE0F WASM initialization failed, using pattern detection:", error);
@@ -124,52 +161,29 @@ var EdgeRuntimeAgentShield = class {
     return this.patternDetection(metadata);
   }
   patternDetection(metadata) {
-    const userAgent = metadata.userAgent.toLowerCase();
-    const patterns = [
-      // High confidence - explicit AI identifiers
-      { pattern: /chatgpt-user/i, name: "ChatGPT", confidence: 0.95 },
-      { pattern: /claude-web/i, name: "Claude", confidence: 0.95 },
-      { pattern: /claude-user/i, name: "Claude", confidence: 0.95 },
-      { pattern: /gpt-crawler/i, name: "GPT Crawler", confidence: 0.95 },
-      { pattern: /perplexitybot/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-user/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-ai/i, name: "Perplexity", confidence: 0.95 },
-      // Medium-high confidence - company identifiers
-      { pattern: /anthropic/i, name: "Anthropic", confidence: 0.9 },
-      { pattern: /openai/i, name: "OpenAI", confidence: 0.9 },
-      // Medium confidence - product names
-      { pattern: /copilot/i, name: "GitHub Copilot", confidence: 0.85 },
-      { pattern: /bard/i, name: "Google Bard", confidence: 0.85 },
-      { pattern: /gemini/i, name: "Google Gemini", confidence: 0.85 },
-      { pattern: /perplexity/i, name: "Perplexity", confidence: 0.85 },
-      // Fallback
-      { pattern: /\byou\.com\b/i, name: "You.com", confidence: 0.8 },
-      { pattern: /\bphind\b/i, name: "Phind", confidence: 0.8 }
-    ];
-    const suspiciousHeaders = ["x-openai-", "x-anthropic-", "x-ai-", "x-llm-", "x-gpt-"];
+    const lowercasedUa = metadata.userAgent.toLowerCase();
     let headerBoost = 0;
-    for (const [key] of Object.entries(metadata.headers)) {
-      if (suspiciousHeaders.some((prefix) => key.toLowerCase().startsWith(prefix))) {
+    for (const key of Object.keys(metadata.headers)) {
+      if (SUSPICIOUS_HEADER_PREFIXES.some((prefix) => key.toLowerCase().startsWith(prefix))) {
         headerBoost = 0.1;
         break;
       }
     }
-    for (const { pattern, name, confidence } of patterns) {
-      if (pattern.test(userAgent)) {
-        const finalConfidence = Math.min(confidence + headerBoost, 1);
-        const result = {
-          isAgent: true,
-          confidence: finalConfidence,
-          agent: name,
-          verificationMethod: "pattern",
-          riskLevel: finalConfidence > 0.9 ? "high" : "medium",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString()
-        };
-        if (this.config.onAgentDetected) {
-          this.config.onAgentDetected(result);
-        }
-        return result;
+    const match = matchKnownAgent(lowercasedUa);
+    if (match) {
+      const finalConfidence = Math.min(match.confidence + headerBoost, 1);
+      const result = {
+        isAgent: true,
+        confidence: finalConfidence,
+        agent: match.name,
+        verificationMethod: "pattern",
+        riskLevel: finalConfidence > 0.9 ? "high" : "medium",
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      if (this.config.onAgentDetected) {
+        this.config.onAgentDetected(result);
       }
+      return result;
     }
     return {
       isAgent: false,
@@ -185,15 +199,18 @@ var EdgeRuntimeAgentShield = class {
     return this.wasmInstance ? "cryptographic" : "pattern";
   }
 };
-function createEdgeAgentShield(config) {
-  return new EdgeRuntimeAgentShield(config);
+function createEdgeCheckpoint(config) {
+  return new EdgeRuntimeCheckpoint(config);
 }
 var defaultInstance = null;
-function getDefaultAgentShield(config) {
+function getDefaultEdgeCheckpoint(config) {
   if (!defaultInstance) {
-    defaultInstance = new EdgeRuntimeAgentShield(config);
+    defaultInstance = new EdgeRuntimeCheckpoint(config);
   }
   return defaultInstance;
 }
+var EdgeRuntimeAgentShield = EdgeRuntimeCheckpoint;
+var createEdgeAgentShield = createEdgeCheckpoint;
+var getDefaultAgentShield = getDefaultEdgeCheckpoint;
 
-export { createEdgeAgentShield, getDefaultAgentShield };
+export { EdgeRuntimeAgentShield, EdgeRuntimeCheckpoint, createEdgeAgentShield, createEdgeCheckpoint, getDefaultAgentShield, getDefaultEdgeCheckpoint };

package/dist/index.js

@@ -56,21 +56,28 @@ function applyHeaders(res, headers) {
 }
 
 // src/translate.ts
-function nextRequestToHttpLike(req) {
+async function nextRequestToHttpLike(req, opts = {}) {
   const url = new URL(req.url);
+  const body = await tryDrainJsonBody(req, opts);
   return {
     method: req.method,
     // Path + query only — orchestrator's URL parsing expects no scheme/host.
     url: url.pathname + url.search,
     headers: headersToRecord(req.headers),
-    // NextRequest.body is a ReadableStream; we don't drain it here.
-    // The orchestrator routes to PlainHttp when body is falsy, which
-    // is the right call for streaming middlewares that don't want to
-    // buffer the request body just to detect agents.
-    body: null,
+    body,
     remoteAddress: extractRemoteAddress(req)
   };
 }
+async function tryDrainJsonBody(req, opts) {
+  if (opts.drainJsonBody === false) return null;
+  const contentType = req.headers.get("content-type") ?? "";
+  if (!contentType.toLowerCase().includes("application/json")) return null;
+  try {
+    return await req.clone().text();
+  } catch {
+    return null;
+  }
+}
 function headersToRecord(headers) {
   const out = {};
   headers.forEach((value, key) => {
@@ -91,8 +98,9 @@ function extractRemoteAddress(req) {
 // src/middleware-node.ts
 function withCheckpoint(config) {
   const opts = buildVerifyOpts(config);
+  const translateOpts = { drainJsonBody: config.drainJsonBody };
   return async function checkpointMiddleware(req) {
-    const httpLike = nextRequestToHttpLike(req);
+    const httpLike = await nextRequestToHttpLike(req, translateOpts);
     const result = await orchestrator.verifyRequest(httpLike, opts);
     await dispatchOnResult(config, result, req);
     const rendered = orchestrator.renderDecisionAsResponse(result);
@@ -110,7 +118,8 @@ function buildVerifyOpts(config) {
     tenantHost: config.tenantHost,
     enforcementMode: config.enforcementMode ?? "enforce",
     reputationBaseline: config.reputationBaseline,
-    argusUrl: config.argusUrl
+    argusUrl: config.argusUrl,
+    legacyEnvelopeFallback: config.legacyEnvelopeFallback ?? false
   };
 }
 async function dispatchOnResult(config, result, req) {
@@ -973,7 +982,13 @@ async function applyPolicy(request, detection, config) {
     const context = createContextFromDetection(detection, request);
     const decision = checkpointShared.evaluatePolicy(policy, context);
     if (config.onPolicyDecision) {
-      await config.onPolicyDecision(request, decision, context);
+      try {
+        await config.onPolicyDecision(request, decision, context);
+      } catch (error) {
+        if (config.debug) {
+          console.error("[Checkpoint] onPolicyDecision callback failed:", error);
+        }
+      }
     }
     return await handlePolicyDecision(request, decision, config, detection);
   } catch (error) {

package/dist/index.mjs

@@ -55,21 +55,28 @@ function applyHeaders(res, headers) {
 }
 
 // src/translate.ts
-function nextRequestToHttpLike(req) {
+async function nextRequestToHttpLike(req, opts = {}) {
   const url = new URL(req.url);
+  const body = await tryDrainJsonBody(req, opts);
   return {
     method: req.method,
     // Path + query only — orchestrator's URL parsing expects no scheme/host.
     url: url.pathname + url.search,
     headers: headersToRecord(req.headers),
-    // NextRequest.body is a ReadableStream; we don't drain it here.
-    // The orchestrator routes to PlainHttp when body is falsy, which
-    // is the right call for streaming middlewares that don't want to
-    // buffer the request body just to detect agents.
-    body: null,
+    body,
     remoteAddress: extractRemoteAddress(req)
   };
 }
+async function tryDrainJsonBody(req, opts) {
+  if (opts.drainJsonBody === false) return null;
+  const contentType = req.headers.get("content-type") ?? "";
+  if (!contentType.toLowerCase().includes("application/json")) return null;
+  try {
+    return await req.clone().text();
+  } catch {
+    return null;
+  }
+}
 function headersToRecord(headers) {
   const out = {};
   headers.forEach((value, key) => {
@@ -90,8 +97,9 @@ function extractRemoteAddress(req) {
 // src/middleware-node.ts
 function withCheckpoint(config) {
   const opts = buildVerifyOpts(config);
+  const translateOpts = { drainJsonBody: config.drainJsonBody };
   return async function checkpointMiddleware(req) {
-    const httpLike = nextRequestToHttpLike(req);
+    const httpLike = await nextRequestToHttpLike(req, translateOpts);
     const result = await verifyRequest(httpLike, opts);
     await dispatchOnResult(config, result, req);
     const rendered = renderDecisionAsResponse(result);
@@ -109,7 +117,8 @@ function buildVerifyOpts(config) {
     tenantHost: config.tenantHost,
     enforcementMode: config.enforcementMode ?? "enforce",
     reputationBaseline: config.reputationBaseline,
-    argusUrl: config.argusUrl
+    argusUrl: config.argusUrl,
+    legacyEnvelopeFallback: config.legacyEnvelopeFallback ?? false
   };
 }
 async function dispatchOnResult(config, result, req) {
@@ -972,7 +981,13 @@ async function applyPolicy(request, detection, config) {
     const context = createContextFromDetection(detection, request);
     const decision = evaluatePolicy(policy, context);
     if (config.onPolicyDecision) {
-      await config.onPolicyDecision(request, decision, context);
+      try {
+        await config.onPolicyDecision(request, decision, context);
+      } catch (error) {
+        if (config.debug) {
+          console.error("[Checkpoint] onPolicyDecision callback failed:", error);
+        }
+      }
     }
     return await handlePolicyDecision(request, decision, config, detection);
   } catch (error) {

package/dist/middleware-edge.js

@@ -57,21 +57,28 @@ function applyHeaders(res, headers) {
 }
 
 // src/translate.ts
-function nextRequestToHttpLike(req) {
+async function nextRequestToHttpLike(req, opts = {}) {
   const url = new URL(req.url);
+  const body = await tryDrainJsonBody(req, opts);
   return {
     method: req.method,
     // Path + query only — orchestrator's URL parsing expects no scheme/host.
     url: url.pathname + url.search,
     headers: headersToRecord(req.headers),
-    // NextRequest.body is a ReadableStream; we don't drain it here.
-    // The orchestrator routes to PlainHttp when body is falsy, which
-    // is the right call for streaming middlewares that don't want to
-    // buffer the request body just to detect agents.
-    body: null,
+    body,
     remoteAddress: extractRemoteAddress(req)
   };
 }
+async function tryDrainJsonBody(req, opts) {
+  if (opts.drainJsonBody === false) return null;
+  const contentType = req.headers.get("content-type") ?? "";
+  if (!contentType.toLowerCase().includes("application/json")) return null;
+  try {
+    return await req.clone().text();
+  } catch {
+    return null;
+  }
+}
 function headersToRecord(headers) {
   const out = {};
   headers.forEach((value, key) => {
@@ -101,7 +108,8 @@ function buildVerifyOpts(config) {
     tenantHost: config.tenantHost,
     enforcementMode: config.enforcementMode ?? "enforce",
     reputationBaseline: config.reputationBaseline,
-    argusUrl: config.argusUrl
+    argusUrl: config.argusUrl,
+    legacyEnvelopeFallback: config.legacyEnvelopeFallback ?? false
   };
 }
 
@@ -109,8 +117,9 @@ function buildVerifyOpts(config) {
 function withCheckpoint(config) {
   void edge.initEngineEdge();
   const opts = buildVerifyOpts(config);
+  const translateOpts = { drainJsonBody: config.drainJsonBody };
   return async function checkpointMiddlewareEdge(req) {
-    const httpLike = nextRequestToHttpLike(req);
+    const httpLike = await nextRequestToHttpLike(req, translateOpts);
     const result = await edge.verifyRequestEdge(httpLike, opts);
     await dispatchOnResult(config, result, req);
     const rendered = edge.renderDecisionAsResponse(result);