npm - @lleverage-ai/agent-sdk - Versions diffs - 0.0.1 - Mend

@lleverage-ai/agent-sdk 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (327) hide show

package/LICENSE +21 -0
package/README.md +2321 -0
package/dist/agent.d.ts +52 -0
package/dist/agent.d.ts.map +1 -0
package/dist/agent.js +2122 -0
package/dist/agent.js.map +1 -0
package/dist/backend.d.ts +378 -0
package/dist/backend.d.ts.map +1 -0
package/dist/backend.js +71 -0
package/dist/backend.js.map +1 -0
package/dist/backends/composite.d.ts +258 -0
package/dist/backends/composite.d.ts.map +1 -0
package/dist/backends/composite.js +437 -0
package/dist/backends/composite.js.map +1 -0
package/dist/backends/filesystem.d.ts +268 -0
package/dist/backends/filesystem.d.ts.map +1 -0
package/dist/backends/filesystem.js +623 -0
package/dist/backends/filesystem.js.map +1 -0
package/dist/backends/index.d.ts +14 -0
package/dist/backends/index.d.ts.map +1 -0
package/dist/backends/index.js +14 -0
package/dist/backends/index.js.map +1 -0
package/dist/backends/persistent.d.ts +312 -0
package/dist/backends/persistent.d.ts.map +1 -0
package/dist/backends/persistent.js +519 -0
package/dist/backends/persistent.js.map +1 -0
package/dist/backends/sandbox.d.ts +315 -0
package/dist/backends/sandbox.d.ts.map +1 -0
package/dist/backends/sandbox.js +490 -0
package/dist/backends/sandbox.js.map +1 -0
package/dist/backends/state.d.ts +225 -0
package/dist/backends/state.d.ts.map +1 -0
package/dist/backends/state.js +396 -0
package/dist/backends/state.js.map +1 -0
package/dist/checkpointer/file-saver.d.ts +182 -0
package/dist/checkpointer/file-saver.d.ts.map +1 -0
package/dist/checkpointer/file-saver.js +298 -0
package/dist/checkpointer/file-saver.js.map +1 -0
package/dist/checkpointer/index.d.ts +40 -0
package/dist/checkpointer/index.d.ts.map +1 -0
package/dist/checkpointer/index.js +40 -0
package/dist/checkpointer/index.js.map +1 -0
package/dist/checkpointer/kv-saver.d.ts +142 -0
package/dist/checkpointer/kv-saver.d.ts.map +1 -0
package/dist/checkpointer/kv-saver.js +176 -0
package/dist/checkpointer/kv-saver.js.map +1 -0
package/dist/checkpointer/memory-saver.d.ts +158 -0
package/dist/checkpointer/memory-saver.d.ts.map +1 -0
package/dist/checkpointer/memory-saver.js +222 -0
package/dist/checkpointer/memory-saver.js.map +1 -0
package/dist/checkpointer/types.d.ts +353 -0
package/dist/checkpointer/types.d.ts.map +1 -0
package/dist/checkpointer/types.js +159 -0
package/dist/checkpointer/types.js.map +1 -0
package/dist/context-manager.d.ts +627 -0
package/dist/context-manager.d.ts.map +1 -0
package/dist/context-manager.js +1039 -0
package/dist/context-manager.js.map +1 -0
package/dist/context.d.ts +57 -0
package/dist/context.d.ts.map +1 -0
package/dist/context.js +76 -0
package/dist/context.js.map +1 -0
package/dist/errors/index.d.ts +611 -0
package/dist/errors/index.d.ts.map +1 -0
package/dist/errors/index.js +1023 -0
package/dist/errors/index.js.map +1 -0
package/dist/generation-helpers.d.ts +126 -0
package/dist/generation-helpers.d.ts.map +1 -0
package/dist/generation-helpers.js +181 -0
package/dist/generation-helpers.js.map +1 -0
package/dist/hooks/audit.d.ts +210 -0
package/dist/hooks/audit.d.ts.map +1 -0
package/dist/hooks/audit.js +305 -0
package/dist/hooks/audit.js.map +1 -0
package/dist/hooks/cache.d.ts +180 -0
package/dist/hooks/cache.d.ts.map +1 -0
package/dist/hooks/cache.js +273 -0
package/dist/hooks/cache.js.map +1 -0
package/dist/hooks/guardrails.d.ts +145 -0
package/dist/hooks/guardrails.d.ts.map +1 -0
package/dist/hooks/guardrails.js +326 -0
package/dist/hooks/guardrails.js.map +1 -0
package/dist/hooks/index.d.ts +18 -0
package/dist/hooks/index.d.ts.map +1 -0
package/dist/hooks/index.js +32 -0
package/dist/hooks/index.js.map +1 -0
package/dist/hooks/logging.d.ts +193 -0
package/dist/hooks/logging.d.ts.map +1 -0
package/dist/hooks/logging.js +345 -0
package/dist/hooks/logging.js.map +1 -0
package/dist/hooks/parallel-guardrails.d.ts +268 -0
package/dist/hooks/parallel-guardrails.d.ts.map +1 -0
package/dist/hooks/parallel-guardrails.js +416 -0
package/dist/hooks/parallel-guardrails.js.map +1 -0
package/dist/hooks/rate-limit.d.ts +305 -0
package/dist/hooks/rate-limit.d.ts.map +1 -0
package/dist/hooks/rate-limit.js +372 -0
package/dist/hooks/rate-limit.js.map +1 -0
package/dist/hooks/retry.d.ts +144 -0
package/dist/hooks/retry.d.ts.map +1 -0
package/dist/hooks/retry.js +210 -0
package/dist/hooks/retry.js.map +1 -0
package/dist/hooks/secrets.d.ts +174 -0
package/dist/hooks/secrets.d.ts.map +1 -0
package/dist/hooks/secrets.js +306 -0
package/dist/hooks/secrets.js.map +1 -0
package/dist/hooks.d.ts +229 -0
package/dist/hooks.d.ts.map +1 -0
package/dist/hooks.js +352 -0
package/dist/hooks.js.map +1 -0
package/dist/index.d.ts +97 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +182 -0
package/dist/index.js.map +1 -0
package/dist/mcp/env.d.ts +25 -0
package/dist/mcp/env.d.ts.map +1 -0
package/dist/mcp/env.js +18 -0
package/dist/mcp/env.js.map +1 -0
package/dist/mcp/index.d.ts +16 -0
package/dist/mcp/index.d.ts.map +1 -0
package/dist/mcp/index.js +17 -0
package/dist/mcp/index.js.map +1 -0
package/dist/mcp/manager.d.ts +184 -0
package/dist/mcp/manager.d.ts.map +1 -0
package/dist/mcp/manager.js +446 -0
package/dist/mcp/manager.js.map +1 -0
package/dist/mcp/types.d.ts +58 -0
package/dist/mcp/types.d.ts.map +1 -0
package/dist/mcp/types.js +7 -0
package/dist/mcp/types.js.map +1 -0
package/dist/mcp/validation.d.ts +119 -0
package/dist/mcp/validation.d.ts.map +1 -0
package/dist/mcp/validation.js +407 -0
package/dist/mcp/validation.js.map +1 -0
package/dist/mcp/virtual-server.d.ts +78 -0
package/dist/mcp/virtual-server.d.ts.map +1 -0
package/dist/mcp/virtual-server.js +137 -0
package/dist/mcp/virtual-server.js.map +1 -0
package/dist/memory/filesystem-store.d.ts +217 -0
package/dist/memory/filesystem-store.d.ts.map +1 -0
package/dist/memory/filesystem-store.js +343 -0
package/dist/memory/filesystem-store.js.map +1 -0
package/dist/memory/index.d.ts +46 -0
package/dist/memory/index.d.ts.map +1 -0
package/dist/memory/index.js +46 -0
package/dist/memory/index.js.map +1 -0
package/dist/memory/loader.d.ts +396 -0
package/dist/memory/loader.d.ts.map +1 -0
package/dist/memory/loader.js +419 -0
package/dist/memory/loader.js.map +1 -0
package/dist/memory/permissions.d.ts +282 -0
package/dist/memory/permissions.d.ts.map +1 -0
package/dist/memory/permissions.js +297 -0
package/dist/memory/permissions.js.map +1 -0
package/dist/memory/rules.d.ts +249 -0
package/dist/memory/rules.d.ts.map +1 -0
package/dist/memory/rules.js +362 -0
package/dist/memory/rules.js.map +1 -0
package/dist/memory/store.d.ts +286 -0
package/dist/memory/store.d.ts.map +1 -0
package/dist/memory/store.js +263 -0
package/dist/memory/store.js.map +1 -0
package/dist/middleware/apply.d.ts +73 -0
package/dist/middleware/apply.d.ts.map +1 -0
package/dist/middleware/apply.js +219 -0
package/dist/middleware/apply.js.map +1 -0
package/dist/middleware/context.d.ts +33 -0
package/dist/middleware/context.d.ts.map +1 -0
package/dist/middleware/context.js +176 -0
package/dist/middleware/context.js.map +1 -0
package/dist/middleware/index.d.ts +31 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/index.js +32 -0
package/dist/middleware/index.js.map +1 -0
package/dist/middleware/logging.d.ts +137 -0
package/dist/middleware/logging.d.ts.map +1 -0
package/dist/middleware/logging.js +374 -0
package/dist/middleware/logging.js.map +1 -0
package/dist/middleware/types.d.ts +183 -0
package/dist/middleware/types.d.ts.map +1 -0
package/dist/middleware/types.js +11 -0
package/dist/middleware/types.js.map +1 -0
package/dist/observability/events.d.ts +183 -0
package/dist/observability/events.d.ts.map +1 -0
package/dist/observability/events.js +305 -0
package/dist/observability/events.js.map +1 -0
package/dist/observability/index.d.ts +55 -0
package/dist/observability/index.d.ts.map +1 -0
package/dist/observability/index.js +87 -0
package/dist/observability/index.js.map +1 -0
package/dist/observability/logger.d.ts +318 -0
package/dist/observability/logger.d.ts.map +1 -0
package/dist/observability/logger.js +436 -0
package/dist/observability/logger.js.map +1 -0
package/dist/observability/metrics.d.ts +341 -0
package/dist/observability/metrics.d.ts.map +1 -0
package/dist/observability/metrics.js +490 -0
package/dist/observability/metrics.js.map +1 -0
package/dist/observability/preset.d.ts +161 -0
package/dist/observability/preset.d.ts.map +1 -0
package/dist/observability/preset.js +133 -0
package/dist/observability/preset.js.map +1 -0
package/dist/observability/streaming.d.ts +113 -0
package/dist/observability/streaming.d.ts.map +1 -0
package/dist/observability/streaming.js +114 -0
package/dist/observability/streaming.js.map +1 -0
package/dist/observability/tracing.d.ts +378 -0
package/dist/observability/tracing.d.ts.map +1 -0
package/dist/observability/tracing.js +539 -0
package/dist/observability/tracing.js.map +1 -0
package/dist/plugins.d.ts +55 -0
package/dist/plugins.d.ts.map +1 -0
package/dist/plugins.js +63 -0
package/dist/plugins.js.map +1 -0
package/dist/presets/index.d.ts +7 -0
package/dist/presets/index.d.ts.map +1 -0
package/dist/presets/index.js +7 -0
package/dist/presets/index.js.map +1 -0
package/dist/presets/production.d.ts +262 -0
package/dist/presets/production.d.ts.map +1 -0
package/dist/presets/production.js +295 -0
package/dist/presets/production.js.map +1 -0
package/dist/security/index.d.ts +179 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +323 -0
package/dist/security/index.js.map +1 -0
package/dist/subagents/advanced.d.ts +413 -0
package/dist/subagents/advanced.d.ts.map +1 -0
package/dist/subagents/advanced.js +396 -0
package/dist/subagents/advanced.js.map +1 -0
package/dist/subagents/index.d.ts +14 -0
package/dist/subagents/index.d.ts.map +1 -0
package/dist/subagents/index.js +15 -0
package/dist/subagents/index.js.map +1 -0
package/dist/subagents.d.ts +73 -0
package/dist/subagents.d.ts.map +1 -0
package/dist/subagents.js +213 -0
package/dist/subagents.js.map +1 -0
package/dist/task-store/file-store.d.ts +76 -0
package/dist/task-store/file-store.d.ts.map +1 -0
package/dist/task-store/file-store.js +190 -0
package/dist/task-store/file-store.js.map +1 -0
package/dist/task-store/index.d.ts +11 -0
package/dist/task-store/index.d.ts.map +1 -0
package/dist/task-store/index.js +10 -0
package/dist/task-store/index.js.map +1 -0
package/dist/task-store/kv-store.d.ts +140 -0
package/dist/task-store/kv-store.d.ts.map +1 -0
package/dist/task-store/kv-store.js +169 -0
package/dist/task-store/kv-store.js.map +1 -0
package/dist/task-store/memory-store.d.ts +66 -0
package/dist/task-store/memory-store.d.ts.map +1 -0
package/dist/task-store/memory-store.js +125 -0
package/dist/task-store/memory-store.js.map +1 -0
package/dist/task-store/types.d.ts +235 -0
package/dist/task-store/types.d.ts.map +1 -0
package/dist/task-store/types.js +110 -0
package/dist/task-store/types.js.map +1 -0
package/dist/testing/assertions.d.ts +401 -0
package/dist/testing/assertions.d.ts.map +1 -0
package/dist/testing/assertions.js +630 -0
package/dist/testing/assertions.js.map +1 -0
package/dist/testing/index.d.ts +343 -0
package/dist/testing/index.d.ts.map +1 -0
package/dist/testing/index.js +360 -0
package/dist/testing/index.js.map +1 -0
package/dist/testing/mock-agent.d.ts +214 -0
package/dist/testing/mock-agent.d.ts.map +1 -0
package/dist/testing/mock-agent.js +448 -0
package/dist/testing/mock-agent.js.map +1 -0
package/dist/testing/recorder.d.ts +288 -0
package/dist/testing/recorder.d.ts.map +1 -0
package/dist/testing/recorder.js +499 -0
package/dist/testing/recorder.js.map +1 -0
package/dist/tools/execute.d.ts +104 -0
package/dist/tools/execute.d.ts.map +1 -0
package/dist/tools/execute.js +191 -0
package/dist/tools/execute.js.map +1 -0
package/dist/tools/factory.d.ts +260 -0
package/dist/tools/factory.d.ts.map +1 -0
package/dist/tools/factory.js +241 -0
package/dist/tools/factory.js.map +1 -0
package/dist/tools/filesystem.d.ts +215 -0
package/dist/tools/filesystem.d.ts.map +1 -0
package/dist/tools/filesystem.js +311 -0
package/dist/tools/filesystem.js.map +1 -0
package/dist/tools/index.d.ts +33 -0
package/dist/tools/index.d.ts.map +1 -0
package/dist/tools/index.js +33 -0
package/dist/tools/index.js.map +1 -0
package/dist/tools/search.d.ts +59 -0
package/dist/tools/search.d.ts.map +1 -0
package/dist/tools/search.js +94 -0
package/dist/tools/search.js.map +1 -0
package/dist/tools/skills.d.ts +354 -0
package/dist/tools/skills.d.ts.map +1 -0
package/dist/tools/skills.js +413 -0
package/dist/tools/skills.js.map +1 -0
package/dist/tools/task.d.ts +272 -0
package/dist/tools/task.d.ts.map +1 -0
package/dist/tools/task.js +521 -0
package/dist/tools/task.js.map +1 -0
package/dist/tools/todos.d.ts +131 -0
package/dist/tools/todos.d.ts.map +1 -0
package/dist/tools/todos.js +120 -0
package/dist/tools/todos.js.map +1 -0
package/dist/tools/tool-registry.d.ts +424 -0
package/dist/tools/tool-registry.d.ts.map +1 -0
package/dist/tools/tool-registry.js +607 -0
package/dist/tools/tool-registry.js.map +1 -0
package/dist/tools/user-interaction.d.ts +116 -0
package/dist/tools/user-interaction.d.ts.map +1 -0
package/dist/tools/user-interaction.js +147 -0
package/dist/tools/user-interaction.js.map +1 -0
package/dist/tools/utils.d.ts +124 -0
package/dist/tools/utils.d.ts.map +1 -0
package/dist/tools/utils.js +189 -0
package/dist/tools/utils.js.map +1 -0
package/dist/tools.d.ts +74 -0
package/dist/tools.d.ts.map +1 -0
package/dist/tools.js +73 -0
package/dist/tools.js.map +1 -0
package/dist/types.d.ts +2421 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +55 -0
package/dist/types.js.map +1 -0
package/package.json +81 -0

package/dist/security/index.d.ts ADDED Viewed

@@ -0,0 +1,179 @@
+/**
+ * Security policy presets for agent configuration.
+ *
+ * This module provides security policy presets that bundle together sandbox configuration,
+ * permission modes, and hook settings to enforce different security levels. The presets help
+ * developers quickly configure agents for different environments (development, CI, production)
+ * without manually configuring each security control.
+ *
+ * @example
+ * ```typescript
+ * import { createAgent } from "@lleverage-ai/agent-sdk";
+ * import { applySecurityPolicy, SecurityPolicyPreset } from "@lleverage-ai/agent-sdk/security";
+ *
+ * // Create an agent with production security settings
+ * const agent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("production"),
+ * });
+ *
+ * // Or customize a preset
+ * const customPolicy = applySecurityPolicy("ci", {
+ *   sandbox: { timeout: 60000 },
+ *   permissionMode: "plan",
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+import type { LocalSandboxOptions } from "../backends/sandbox.js";
+import { LocalSandbox } from "../backends/sandbox.js";
+import type { HookRegistration, PermissionMode } from "../types.js";
+/**
+ * File write patterns that should be blocked when acceptEdits mode is active.
+ * These patterns match common shell operations that perform file writes,
+ * which would bypass the file edit tool permission checks.
+ *
+ * @internal
+ */
+export declare const ACCEPT_EDITS_BLOCKED_PATTERNS: RegExp[];
+/**
+ * Security policy configuration that bundles sandbox, permission, and hook settings.
+ *
+ * This type combines multiple security controls into a single policy that can be
+ * applied to an agent. Policies can be created from presets or customized.
+ *
+ * @example
+ * ```typescript
+ * const policy: SecurityPolicy = {
+ *   sandbox: { allowDangerous: false, timeout: 30000 },
+ *   permissionMode: "default",
+ *   disallowedTools: ["bash"],
+ *   hooks: { PreToolUse: [auditHook] },
+ * };
+ * ```
+ *
+ * @category Security
+ */
+export interface SecurityPolicy {
+    /**
+     * Sandbox configuration for command execution security.
+     */
+    sandbox?: LocalSandboxOptions;
+    /**
+     * Permission mode for tool execution control.
+     */
+    permissionMode?: PermissionMode;
+    /**
+     * Tools that are explicitly disallowed.
+     */
+    disallowedTools?: string[];
+    /**
+     * Tools that are explicitly allowed (all others blocked).
+     */
+    allowedTools?: string[];
+    /**
+     * Hook registrations for lifecycle events.
+     */
+    hooks?: HookRegistration;
+    /**
+     * When true and permissionMode is "acceptEdits", automatically configures the
+     * sandbox to block shell-based file operations (e.g., echo > file, rm, mv).
+     * This prevents bash commands from bypassing the acceptEdits permission checks.
+     *
+     * @defaultValue true
+     */
+    blockShellFileOps?: boolean;
+}
+/**
+ * Preset names for common security levels.
+ *
+ * - `development`: Permissive settings for rapid iteration
+ * - `ci`: Restrictive settings for CI/CD environments
+ * - `production`: Balanced settings for production deployments
+ * - `readonly`: Maximum restrictions - no writes, no commands
+ *
+ * @category Security
+ */
+export type SecurityPolicyPreset = "development" | "ci" | "production" | "readonly";
+/**
+ * Apply a security policy preset to agent options.
+ *
+ * This function returns a partial AgentOptions object that can be spread into
+ * createAgent(). It configures the sandbox, permission mode, tool restrictions,
+ * and hooks according to the selected preset.
+ *
+ * When permissionMode is "acceptEdits" and blockShellFileOps is true (default),
+ * the sandbox will be automatically configured to block shell-based file operations
+ * like `echo > file`, `rm`, `mv`, etc. This prevents bash commands from bypassing
+ * the acceptEdits permission checks.
+ *
+ * @param preset - The security preset to apply
+ * @param overrides - Optional policy overrides to customize the preset
+ * @returns Partial agent options with security settings applied
+ *
+ * @example
+ * ```typescript
+ * // Apply production preset
+ * const agent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("production"),
+ * });
+ *
+ * // Apply CI preset with custom timeout
+ * const ciAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("ci", {
+ *     sandbox: { timeout: 120000 },
+ *   }),
+ * });
+ *
+ * // Apply readonly preset for audit-only agent
+ * const auditAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("readonly"),
+ * });
+ *
+ * // Use acceptEdits mode with shell file operation blocking
+ * const editAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("development", {
+ *     permissionMode: "acceptEdits",
+ *     blockShellFileOps: true, // default, blocks bash file ops
+ *   }),
+ * });
+ * ```
+ *
+ * @category Security
+ */
+export declare function applySecurityPolicy(preset: SecurityPolicyPreset, overrides?: Partial<SecurityPolicy>): {
+    backend: LocalSandbox;
+    permissionMode?: PermissionMode;
+    allowedTools?: string[];
+    disallowedTools?: string[];
+    hooks?: HookRegistration;
+};
+/**
+ * Helper function to get sandbox options that block shell-based file operations.
+ * Use this when you want to enable "acceptEdits" permission mode while preventing
+ * bash commands from bypassing the file edit restrictions.
+ *
+ * @param baseOptions - Optional base sandbox options to extend
+ * @returns Sandbox options with file operation blocking enabled
+ *
+ * @example
+ * ```typescript
+ * import { LocalSandbox } from "@lleverage-ai/agent-sdk/backends";
+ * import { getSandboxOptionsForAcceptEdits } from "@lleverage-ai/agent-sdk/security";
+ *
+ * const agent = createAgent({
+ *   model,
+ *   backend: new LocalSandbox(getSandboxOptionsForAcceptEdits()),
+ *   permissionMode: "acceptEdits",
+ * });
+ * ```
+ *
+ * @category Security
+ */
+export declare function getSandboxOptionsForAcceptEdits(baseOptions?: LocalSandboxOptions): LocalSandboxOptions;
+//# sourceMappingURL=index.d.ts.map

package/dist/security/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEpE;;;;;;GAMG;AACH,eAAO,MAAM,6BAA6B,EAAE,MAAM,EAyBjD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,OAAO,CAAC,EAAE,mBAAmB,CAAC;IAE9B;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;OAEG;IACH,KAAK,CAAC,EAAE,gBAAgB,CAAC;IAEzB;;;;;;OAMG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B;AAED;;;;;;;;;GASG;AACH,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG,IAAI,GAAG,YAAY,GAAG,UAAU,CAAC;AAEpF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,oBAAoB,EAC5B,SAAS,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAClC;IACD,OAAO,EAAE,YAAY,CAAC;IACtB,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,KAAK,CAAC,EAAE,gBAAgB,CAAC;CAC1B,CAmCA;AA4JD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,+BAA+B,CAC7C,WAAW,CAAC,EAAE,mBAAmB,GAChC,mBAAmB,CAMrB"}

package/dist/security/index.js ADDED Viewed

@@ -0,0 +1,323 @@
+/**
+ * Security policy presets for agent configuration.
+ *
+ * This module provides security policy presets that bundle together sandbox configuration,
+ * permission modes, and hook settings to enforce different security levels. The presets help
+ * developers quickly configure agents for different environments (development, CI, production)
+ * without manually configuring each security control.
+ *
+ * @example
+ * ```typescript
+ * import { createAgent } from "@lleverage-ai/agent-sdk";
+ * import { applySecurityPolicy, SecurityPolicyPreset } from "@lleverage-ai/agent-sdk/security";
+ *
+ * // Create an agent with production security settings
+ * const agent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("production"),
+ * });
+ *
+ * // Or customize a preset
+ * const customPolicy = applySecurityPolicy("ci", {
+ *   sandbox: { timeout: 60000 },
+ *   permissionMode: "plan",
+ * });
+ * ```
+ *
+ * @packageDocumentation
+ */
+import { LocalSandbox } from "../backends/sandbox.js";
+/**
+ * File write patterns that should be blocked when acceptEdits mode is active.
+ * These patterns match common shell operations that perform file writes,
+ * which would bypass the file edit tool permission checks.
+ *
+ * @internal
+ */
+export const ACCEPT_EDITS_BLOCKED_PATTERNS = [
+    // Output redirection
+    />/,
+    // File deletion and movement
+    /\brm\b/i,
+    /\bmv\b/i,
+    // File creation and modification
+    /\btouch\b/i,
+    /\bcp\b/i,
+    // Directory operations
+    /\bmkdir\b/i,
+    /\brmdir\b/i,
+    // File permissions
+    /\bchmod\b/i,
+    /\bchown\b/i,
+    // Link creation
+    /\bln\b/i,
+    // Disk operations
+    /\bdd\b/i,
+    // Text editor invocations that might modify files
+    /\b(nano|vi|vim|emacs|sed -i)\b/i,
+    // Package managers that modify filesystem
+    /\bnpm\s+(install|uninstall|update)/i,
+    /\byarn\s+(add|remove)/i,
+    /\bpip\s+(install|uninstall)/i,
+];
+/**
+ * Apply a security policy preset to agent options.
+ *
+ * This function returns a partial AgentOptions object that can be spread into
+ * createAgent(). It configures the sandbox, permission mode, tool restrictions,
+ * and hooks according to the selected preset.
+ *
+ * When permissionMode is "acceptEdits" and blockShellFileOps is true (default),
+ * the sandbox will be automatically configured to block shell-based file operations
+ * like `echo > file`, `rm`, `mv`, etc. This prevents bash commands from bypassing
+ * the acceptEdits permission checks.
+ *
+ * @param preset - The security preset to apply
+ * @param overrides - Optional policy overrides to customize the preset
+ * @returns Partial agent options with security settings applied
+ *
+ * @example
+ * ```typescript
+ * // Apply production preset
+ * const agent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("production"),
+ * });
+ *
+ * // Apply CI preset with custom timeout
+ * const ciAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("ci", {
+ *     sandbox: { timeout: 120000 },
+ *   }),
+ * });
+ *
+ * // Apply readonly preset for audit-only agent
+ * const auditAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("readonly"),
+ * });
+ *
+ * // Use acceptEdits mode with shell file operation blocking
+ * const editAgent = createAgent({
+ *   model,
+ *   ...applySecurityPolicy("development", {
+ *     permissionMode: "acceptEdits",
+ *     blockShellFileOps: true, // default, blocks bash file ops
+ *   }),
+ * });
+ * ```
+ *
+ * @category Security
+ */
+export function applySecurityPolicy(preset, overrides) {
+    // Get base policy for preset
+    const basePolicy = getPresetPolicy(preset);
+    // Merge with overrides
+    const policy = {
+        sandbox: { ...basePolicy.sandbox, ...overrides?.sandbox },
+        permissionMode: overrides?.permissionMode ?? basePolicy.permissionMode,
+        allowedTools: overrides?.allowedTools ?? basePolicy.allowedTools,
+        disallowedTools: overrides?.disallowedTools ?? basePolicy.disallowedTools,
+        hooks: overrides?.hooks ?? basePolicy.hooks,
+        blockShellFileOps: overrides?.blockShellFileOps ?? basePolicy.blockShellFileOps ?? true,
+    };
+    // If acceptEdits mode is enabled and blockShellFileOps is true,
+    // add shell file operation patterns to blocked commands
+    if (policy.permissionMode === "acceptEdits" && policy.blockShellFileOps) {
+        const existingBlocked = policy.sandbox?.blockedCommands ?? [];
+        policy.sandbox = {
+            ...policy.sandbox,
+            blockedCommands: [...existingBlocked, ...ACCEPT_EDITS_BLOCKED_PATTERNS],
+        };
+    }
+    // Create sandbox backend
+    const backend = new LocalSandbox(policy.sandbox);
+    // Return agent options
+    return {
+        backend,
+        permissionMode: policy.permissionMode,
+        allowedTools: policy.allowedTools,
+        disallowedTools: policy.disallowedTools,
+        hooks: policy.hooks,
+    };
+}
+/**
+ * Get the security policy configuration for a preset.
+ * @internal
+ */
+function getPresetPolicy(preset) {
+    switch (preset) {
+        case "development":
+            return getDevelopmentPolicy();
+        case "ci":
+            return getCiPolicy();
+        case "production":
+            return getProductionPolicy();
+        case "readonly":
+            return getReadOnlyPolicy();
+        default:
+            throw new Error(`Unknown security preset: ${preset}`);
+    }
+}
+/**
+ * Development preset - permissive settings for rapid iteration.
+ *
+ * Features:
+ * - Allows all commands (including dangerous ones)
+ * - 2 minute timeout
+ * - No tool restrictions
+ * - Default permission mode (prompts for unclear cases)
+ *
+ * @internal
+ */
+function getDevelopmentPolicy() {
+    return {
+        sandbox: {
+            allowDangerous: true,
+            timeout: 120000,
+            maxFileSizeMb: 100,
+        },
+        permissionMode: "default",
+    };
+}
+/**
+ * CI preset - restrictive settings for automated testing.
+ *
+ * Features:
+ * - Blocks dangerous commands (rm -rf, shutdown, etc.)
+ * - 5 minute timeout (for long test suites)
+ * - Blocks network-related operations
+ * - Plan mode (no tool execution, analysis only)
+ *
+ * @internal
+ */
+function getCiPolicy() {
+    return {
+        sandbox: {
+            allowDangerous: false,
+            timeout: 300000, // 5 minutes
+            maxFileSizeMb: 50,
+            blockedCommands: [
+                // Network operations that might be unstable in CI
+                /curl/i,
+                /wget/i,
+                /git\s+push/i,
+                /npm\s+publish/i,
+                /docker\s+push/i,
+            ],
+        },
+        permissionMode: "plan", // No tool execution in CI
+        disallowedTools: [
+            "bash", // Block direct bash access
+            "execute", // Block generic execute
+        ],
+    };
+}
+/**
+ * Production preset - balanced settings for production deployments.
+ *
+ * Features:
+ * - Blocks dangerous commands
+ * - 1 minute timeout (fail fast)
+ * - Limited file operations (10MB max)
+ * - Default permission mode with tool restrictions
+ * - Blocks destructive operations
+ *
+ * @internal
+ */
+function getProductionPolicy() {
+    return {
+        sandbox: {
+            allowDangerous: false,
+            timeout: 60000, // 1 minute
+            maxFileSizeMb: 10,
+            blockedCommands: [
+                // Block package management (immutable production)
+                /npm\s+(install|uninstall|update|publish)/i,
+                /yarn\s+(add|remove|upgrade|publish)/i,
+                /pip\s+(install|uninstall)/i,
+                // Block git writes
+                /git\s+(push|commit|merge|rebase)/i,
+            ],
+        },
+        permissionMode: "default",
+        disallowedTools: [
+            "write", // Block file writes
+            "edit", // Block file edits
+        ],
+    };
+}
+/**
+ * Read-only preset - maximum restrictions for audit-only agents.
+ *
+ * Features:
+ * - Blocks all write and modification commands
+ * - 30 second timeout
+ * - Very limited file operations (read-only, 5MB max)
+ * - Plan mode (no tool execution)
+ * - Blocks all write operations
+ *
+ * @internal
+ */
+function getReadOnlyPolicy() {
+    return {
+        sandbox: {
+            allowDangerous: false,
+            timeout: 30000, // 30 seconds
+            maxFileSizeMb: 5,
+            // Use blockedCommands from LocalSandbox.readOnly() pattern
+            blockedCommands: [
+                /\brm\b/i,
+                /\bmv\b/i,
+                /\bcp\b/i,
+                /\btouch\b/i,
+                /\bmkdir\b/i,
+                /\brmdir\b/i,
+                /\bchmod\b/i,
+                /\bchown\b/i,
+                /\bln\b/i,
+                />/,
+                /\bdd\b/i,
+                /\bwrite\b/i,
+                /\bnpm\s+(install|uninstall|update|publish)/i,
+                /\byarn\s+(add|remove|upgrade|publish)/i,
+                /\bpip\s+(install|uninstall)/i,
+                /\bgit\s+(push|commit|merge|rebase)/i,
+            ],
+        },
+        permissionMode: "plan", // No tool execution
+        disallowedTools: ["bash", "execute", "write", "edit"],
+        allowedTools: ["read", "glob", "grep", "ls"],
+    };
+}
+/**
+ * Helper function to get sandbox options that block shell-based file operations.
+ * Use this when you want to enable "acceptEdits" permission mode while preventing
+ * bash commands from bypassing the file edit restrictions.
+ *
+ * @param baseOptions - Optional base sandbox options to extend
+ * @returns Sandbox options with file operation blocking enabled
+ *
+ * @example
+ * ```typescript
+ * import { LocalSandbox } from "@lleverage-ai/agent-sdk/backends";
+ * import { getSandboxOptionsForAcceptEdits } from "@lleverage-ai/agent-sdk/security";
+ *
+ * const agent = createAgent({
+ *   model,
+ *   backend: new LocalSandbox(getSandboxOptionsForAcceptEdits()),
+ *   permissionMode: "acceptEdits",
+ * });
+ * ```
+ *
+ * @category Security
+ */
+export function getSandboxOptionsForAcceptEdits(baseOptions) {
+    const existingBlocked = baseOptions?.blockedCommands ?? [];
+    return {
+        ...baseOptions,
+        blockedCommands: [...existingBlocked, ...ACCEPT_EDITS_BLOCKED_PATTERNS],
+    };
+}
+//# sourceMappingURL=index.js.map

package/dist/security/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAGtD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,6BAA6B,GAAa;IACrD,qBAAqB;IACrB,GAAG;IACH,6BAA6B;IAC7B,SAAS;IACT,SAAS;IACT,iCAAiC;IACjC,YAAY;IACZ,SAAS;IACT,uBAAuB;IACvB,YAAY;IACZ,YAAY;IACZ,mBAAmB;IACnB,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,SAAS;IACT,kBAAkB;IAClB,SAAS;IACT,kDAAkD;IAClD,iCAAiC;IACjC,0CAA0C;IAC1C,qCAAqC;IACrC,wBAAwB;IACxB,8BAA8B;CAC/B,CAAC;AAoEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAA4B,EAC5B,SAAmC;IAQnC,6BAA6B;IAC7B,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IAE3C,uBAAuB;IACvB,MAAM,MAAM,GAAmB;QAC7B,OAAO,EAAE,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE;QACzD,cAAc,EAAE,SAAS,EAAE,cAAc,IAAI,UAAU,CAAC,cAAc;QACtE,YAAY,EAAE,SAAS,EAAE,YAAY,IAAI,UAAU,CAAC,YAAY;QAChE,eAAe,EAAE,SAAS,EAAE,eAAe,IAAI,UAAU,CAAC,eAAe;QACzE,KAAK,EAAE,SAAS,EAAE,KAAK,IAAI,UAAU,CAAC,KAAK;QAC3C,iBAAiB,EAAE,SAAS,EAAE,iBAAiB,IAAI,UAAU,CAAC,iBAAiB,IAAI,IAAI;KACxF,CAAC;IAEF,gEAAgE;IAChE,wDAAwD;IACxD,IAAI,MAAM,CAAC,cAAc,KAAK,aAAa,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;QACxE,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,EAAE,eAAe,IAAI,EAAE,CAAC;QAC9D,MAAM,CAAC,OAAO,GAAG;YACf,GAAG,MAAM,CAAC,OAAO;YACjB,eAAe,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,6BAA6B,CAAC;SACxE,CAAC;IACJ,CAAC;IAED,yBAAyB;IACzB,MAAM,OAAO,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEjD,uBAAuB;IACvB,OAAO;QACL,OAAO;QACP,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,eAAe,EAAE,MAAM,CAAC,eAAe;QACvC,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,MAA4B;IACnD,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,oBAAoB,EAAE,CAAC;QAChC,KAAK,IAAI;YACP,OAAO,WAAW,EAAE,CAAC;QACvB,KAAK,YAAY;YACf,OAAO,mBAAmB,EAAE,CAAC;QAC/B,KAAK,UAAU;YACb,OAAO,iBAAiB,EAAE,CAAC;QAC7B;YACE,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,oBAAoB;IAC3B,OAAO;QACL,OAAO,EAAE;YACP,cAAc,EAAE,IAAI;YACpB,OAAO,EAAE,MAAM;YACf,aAAa,EAAE,GAAG;SACnB;QACD,cAAc,EAAE,SAAS;KAC1B,CAAC;AACJ,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,WAAW;IAClB,OAAO;QACL,OAAO,EAAE;YACP,cAAc,EAAE,KAAK;YACrB,OAAO,EAAE,MAAM,EAAE,YAAY;YAC7B,aAAa,EAAE,EAAE;YACjB,eAAe,EAAE;gBACf,kDAAkD;gBAClD,OAAO;gBACP,OAAO;gBACP,aAAa;gBACb,gBAAgB;gBAChB,gBAAgB;aACjB;SACF;QACD,cAAc,EAAE,MAAM,EAAE,0BAA0B;QAClD,eAAe,EAAE;YACf,MAAM,EAAE,2BAA2B;YACnC,SAAS,EAAE,wBAAwB;SACpC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,mBAAmB;IAC1B,OAAO;QACL,OAAO,EAAE;YACP,cAAc,EAAE,KAAK;YACrB,OAAO,EAAE,KAAK,EAAE,WAAW;YAC3B,aAAa,EAAE,EAAE;YACjB,eAAe,EAAE;gBACf,kDAAkD;gBAClD,2CAA2C;gBAC3C,sCAAsC;gBACtC,4BAA4B;gBAC5B,mBAAmB;gBACnB,mCAAmC;aACpC;SACF;QACD,cAAc,EAAE,SAAS;QACzB,eAAe,EAAE;YACf,OAAO,EAAE,oBAAoB;YAC7B,MAAM,EAAE,mBAAmB;SAC5B;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,iBAAiB;IACxB,OAAO;QACL,OAAO,EAAE;YACP,cAAc,EAAE,KAAK;YACrB,OAAO,EAAE,KAAK,EAAE,aAAa;YAC7B,aAAa,EAAE,CAAC;YAChB,2DAA2D;YAC3D,eAAe,EAAE;gBACf,SAAS;gBACT,SAAS;gBACT,SAAS;gBACT,YAAY;gBACZ,YAAY;gBACZ,YAAY;gBACZ,YAAY;gBACZ,YAAY;gBACZ,SAAS;gBACT,GAAG;gBACH,SAAS;gBACT,YAAY;gBACZ,6CAA6C;gBAC7C,wCAAwC;gBACxC,8BAA8B;gBAC9B,qCAAqC;aACtC;SACF;QACD,cAAc,EAAE,MAAM,EAAE,oBAAoB;QAC5C,eAAe,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC;QACrD,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,+BAA+B,CAC7C,WAAiC;IAEjC,MAAM,eAAe,GAAG,WAAW,EAAE,eAAe,IAAI,EAAE,CAAC;IAC3D,OAAO;QACL,GAAG,WAAW;QACd,eAAe,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,6BAA6B,CAAC;KACxE,CAAC;AACJ,CAAC"}