@neuroverseos/governance 0.2.3 → 0.3.1

package/dist/chunk-IZSO75NZ.js

@@ -1,792 +0,0 @@
-import {
-  buildPlanCheck,
-  evaluatePlan,
-  matchesAllKeywords,
-  normalizeEventText
-} from "./chunk-QLPTHTVB.js";
-
-// src/engine/guard-engine.ts
-var PROMPT_INJECTION_PATTERNS = [
-  // Instruction override
-  { pattern: /ignore\s+(previous|all|prior|above)\s+(instructions?|rules?)/i, label: "ignore-instructions" },
-  { pattern: /disregard\s+(your|the)\s+(rules|constraints)/i, label: "disregard-rules" },
-  { pattern: /new\s+instructions?:/i, label: "new-instructions" },
-  // Identity manipulation
-  { pattern: /you\s+are\s+now/i, label: "identity-override" },
-  { pattern: /new\s+persona/i, label: "new-persona" },
-  { pattern: /act\s+as\s+if/i, label: "act-as-if" },
-  { pattern: /pretend\s+(you|to\s+be|you\s+are\s+unrestricted)/i, label: "pretend-to-be" },
-  // Context reset
-  { pattern: /forget\s+(everything|all|your)/i, label: "forget-context" },
-  { pattern: /system\s*:\s*override/i, label: "system-override" },
-  // Constraint bypass
-  { pattern: /override\s+(your|the)\s+(programming|constraints)/i, label: "override-constraints" },
-  { pattern: /bypass\s+(your|the)\s+(filters|constraints|rules)/i, label: "bypass-filters" },
-  // Prompt extraction
-  { pattern: /system\s+prompt/i, label: "system-prompt-probe" },
-  { pattern: /reveal\s+your\s+(instructions?|prompt|rules)/i, label: "reveal-instructions" },
-  // Known jailbreak terms
-  { pattern: /jailbreak/i, label: "jailbreak" },
-  { pattern: /DAN\s+mode/i, label: "dan-mode" },
-  { pattern: /developer\s+mode/i, label: "developer-mode" }
-];
-var EXECUTION_CLAIM_PATTERNS = [
-  { pattern: /I have (executed|completed|performed|done|made|created|sent|deleted|modified|updated)/i, label: "claim-i-have" },
-  { pattern: /Successfully (created|deleted|modified|updated|sent|executed|performed)/i, label: "claim-successfully" },
-  { pattern: /The file has been/i, label: "claim-file-modified" },
-  { pattern: /I've made the changes/i, label: "claim-made-changes" },
-  { pattern: /I('ve| have) (sent|posted|submitted|uploaded|downloaded)/i, label: "claim-sent" },
-  { pattern: /Your (email|message|file|request) has been (sent|submitted)/i, label: "claim-your-sent" },
-  { pattern: /Transaction complete/i, label: "claim-transaction" },
-  { pattern: /Order placed/i, label: "claim-order" },
-  { pattern: /Payment processed/i, label: "claim-payment" }
-];
-var EXECUTION_INTENT_PATTERNS = [
-  { pattern: /^(execute|run|perform|do this)/i, label: "intent-execute" },
-  { pattern: /^(create|write|delete|modify) (a |the )?(file|folder|document)/i, label: "intent-file-ops" },
-  { pattern: /^(send|post|submit) (a |an |the )?(email|message|tweet|post)/i, label: "intent-send" },
-  { pattern: /^(search|look up|browse) (the )?web/i, label: "intent-web-search" },
-  { pattern: /^(make|call|invoke) (a |an )?(api|http|rest) (call|request)/i, label: "intent-api-call" },
-  { pattern: /^(buy|purchase|order|pay|transfer|send money)/i, label: "intent-financial" },
-  { pattern: /^(book|schedule|reserve)/i, label: "intent-booking" },
-  { pattern: /^(download|upload|save to|export to)/i, label: "intent-transfer" }
-];
-var SCOPE_ESCAPE_PATTERNS = [
-  { pattern: /\.\.\//, label: "parent-traversal" },
-  { pattern: /^\/(?!home|project|workspace)/i, label: "absolute-path-outside-safe" },
-  { pattern: /~\//, label: "home-directory" },
-  { pattern: /\/etc\//i, label: "system-config" },
-  { pattern: /\/usr\//i, label: "system-binaries" },
-  { pattern: /\/var\//i, label: "system-variable-data" }
-];
-var NEUTRAL_MESSAGES = {
-  "prompt-injection": "This input contains patterns that could alter agent behavior.",
-  "scope-escape": "This action would affect resources outside the declared scope.",
-  "execution-claim": "This response claims to have performed an action.",
-  "execution-intent": "This input requests execution in a thinking-only environment.",
-  "delete": "This action would remove files. Confirmation needed.",
-  "write-external": "This action would write outside the project folder.",
-  "network-mutate": "This action would send data to an external service.",
-  "credential-access": "This action would access stored credentials."
-};
-function levelRequiresConfirmation(level, actionType) {
-  if (level === "strict") return true;
-  if (level === "standard") {
-    return actionType === "delete" || actionType === "credential-access";
-  }
-  return false;
-}
-function isExternalScope(scope) {
-  const internalPatterns = [
-    /^\.?\/?src\//i,
-    /^\.?\/?lib\//i,
-    /^\.?\/?app\//i,
-    /^\.?\/?components\//i,
-    /^\.?\/?pages\//i,
-    /^\.?\/?public\//i,
-    /^\.?\/?assets\//i,
-    /^\.\//
-  ];
-  return !internalPatterns.some((p) => p.test(scope));
-}
-function evaluateGuard(event, world, options = {}) {
-  const startTime = performance.now();
-  const level = options.level ?? "standard";
-  const includeTrace = options.trace ?? false;
-  const eventText = normalizeEventText(event);
-  const invariantChecks = [];
-  const safetyChecks = [];
-  let planCheckResult;
-  const roleChecks = [];
-  const guardChecks = [];
-  const kernelRuleChecks = [];
-  const levelChecks = [];
-  let decidingLayer = "default-allow";
-  let decidingId;
-  const guardsMatched = [];
-  const rulesMatched = [];
-  checkInvariantCoverage(world, invariantChecks);
-  if (event.roleId && options.agentStates) {
-    const agentState = options.agentStates.get(event.roleId);
-    if (agentState && agentState.cooldownRemaining > 0) {
-      decidingLayer = "safety";
-      decidingId = `penalize-cooldown-${event.roleId}`;
-      const verdict = buildVerdict(
-        "PENALIZE",
-        `Agent "${event.roleId}" is frozen for ${agentState.cooldownRemaining} more round(s) due to prior penalty.`,
-        `penalize-cooldown-${event.roleId}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-      verdict.intentRecord = {
-        originalIntent: event.intent,
-        finalAction: "blocked (agent frozen)",
-        enforcement: "PENALIZE",
-        consequence: { type: "freeze", rounds: agentState.cooldownRemaining, description: "Agent still in cooldown from prior penalty" }
-      };
-      return verdict;
-    }
-  }
-  if (options.sessionAllowlist) {
-    const key = eventToAllowlistKey(event);
-    if (options.sessionAllowlist.has(key)) {
-      decidingLayer = "session-allowlist";
-      decidingId = `allowlist:${key}`;
-      return buildVerdict(
-        "ALLOW",
-        void 0,
-        `allowlist:${key}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-    }
-  }
-  const safetyVerdict = checkSafety(event, eventText, safetyChecks);
-  if (safetyVerdict) {
-    decidingLayer = "safety";
-    decidingId = safetyVerdict.ruleId;
-    return buildVerdict(
-      safetyVerdict.status,
-      safetyVerdict.reason,
-      safetyVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  if (options.plan) {
-    const planVerdict = evaluatePlan(event, options.plan);
-    planCheckResult = buildPlanCheck(event, options.plan, planVerdict);
-    if (!planVerdict.allowed && planVerdict.status !== "PLAN_COMPLETE") {
-      decidingLayer = "plan-enforcement";
-      decidingId = `plan-${options.plan.plan_id}`;
-      const planStatus = planVerdict.status === "CONSTRAINT_VIOLATED" ? "PAUSE" : "BLOCK";
-      let reason = planVerdict.reason ?? "Action blocked by plan.";
-      if (planVerdict.status === "OFF_PLAN" && planVerdict.closestStep) {
-        reason += ` Closest step: "${planVerdict.closestStep}" (similarity: ${(planVerdict.similarityScore ?? 0).toFixed(2)})`;
-      }
-      return buildVerdict(
-        planStatus,
-        reason,
-        `plan-${options.plan.plan_id}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-    }
-  }
-  const roleVerdict = checkRoleRules(event, eventText, world, roleChecks);
-  if (roleVerdict) {
-    decidingLayer = "role";
-    decidingId = roleVerdict.ruleId;
-    return buildVerdict(
-      roleVerdict.status,
-      roleVerdict.reason,
-      roleVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const guardVerdict = checkGuards(event, eventText, world, guardChecks, guardsMatched);
-  if (guardVerdict) {
-    if (guardVerdict.status !== "ALLOW") {
-      decidingLayer = "guard";
-      decidingId = guardVerdict.ruleId;
-      const intentRecord = {
-        originalIntent: event.intent,
-        finalAction: guardVerdict.status === "MODIFY" ? guardVerdict.modifiedTo ?? "modified" : guardVerdict.status === "PENALIZE" ? "blocked + penalized" : guardVerdict.status === "REWARD" ? event.intent : guardVerdict.status === "NEUTRAL" ? event.intent : guardVerdict.status === "BLOCK" ? "blocked" : "paused",
-        ruleApplied: guardVerdict.ruleId,
-        enforcement: guardVerdict.status,
-        modifiedTo: guardVerdict.modifiedTo,
-        consequence: guardVerdict.consequence,
-        reward: guardVerdict.reward
-      };
-      const verdict = buildVerdict(
-        guardVerdict.status,
-        guardVerdict.reason,
-        guardVerdict.ruleId,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-      verdict.intentRecord = intentRecord;
-      if (guardVerdict.consequence) verdict.consequence = guardVerdict.consequence;
-      if (guardVerdict.reward) verdict.reward = guardVerdict.reward;
-      return verdict;
-    }
-  }
-  const kernelVerdict = checkKernelRules(eventText, world, kernelRuleChecks, rulesMatched);
-  if (kernelVerdict) {
-    decidingLayer = "kernel-rule";
-    decidingId = kernelVerdict.ruleId;
-    return buildVerdict(
-      kernelVerdict.status,
-      kernelVerdict.reason,
-      kernelVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const levelVerdict = checkLevelConstraints(event, level, levelChecks);
-  if (levelVerdict) {
-    decidingLayer = "level-constraint";
-    decidingId = levelVerdict.ruleId;
-    return buildVerdict(
-      levelVerdict.status,
-      levelVerdict.reason,
-      levelVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const warning = guardVerdict?.warning;
-  return buildVerdict(
-    "ALLOW",
-    void 0,
-    void 0,
-    warning,
-    world,
-    level,
-    invariantChecks,
-    guardsMatched,
-    rulesMatched,
-    includeTrace ? buildTrace(
-      invariantChecks,
-      safetyChecks,
-      planCheckResult,
-      roleChecks,
-      guardChecks,
-      kernelRuleChecks,
-      levelChecks,
-      decidingLayer,
-      decidingId,
-      startTime
-    ) : void 0
-  );
-}
-function checkInvariantCoverage(world, checks) {
-  const invariants = world.invariants ?? [];
-  const guards = world.guards?.guards ?? [];
-  for (const invariant of invariants) {
-    const coveringGuard = guards.find(
-      (g) => g.invariant_ref === invariant.id && g.immutable
-    );
-    checks.push({
-      invariantId: invariant.id,
-      label: invariant.label,
-      hasGuardCoverage: !!coveringGuard,
-      coveringGuardId: coveringGuard?.id
-    });
-  }
-}
-function checkSafety(event, eventText, checks) {
-  const textToCheck = event.intent + (event.payload ? JSON.stringify(event.payload) : "");
-  for (const { pattern, label } of PROMPT_INJECTION_PATTERNS) {
-    const triggered = pattern.test(textToCheck);
-    checks.push({
-      checkType: "prompt-injection",
-      triggered,
-      matchedPattern: triggered ? label : void 0
-    });
-    if (triggered) {
-      for (const remaining of PROMPT_INJECTION_PATTERNS.filter((p) => p.label !== label)) {
-        checks.push({
-          checkType: "prompt-injection",
-          triggered: remaining.pattern.test(textToCheck),
-          matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
-        });
-      }
-      return {
-        status: "PAUSE",
-        reason: NEUTRAL_MESSAGES["prompt-injection"],
-        ruleId: `safety-injection-${label}`
-      };
-    }
-  }
-  const scopeToCheck = event.scope ?? event.intent;
-  for (const { pattern, label } of SCOPE_ESCAPE_PATTERNS) {
-    const triggered = pattern.test(scopeToCheck);
-    checks.push({
-      checkType: "scope-escape",
-      triggered,
-      matchedPattern: triggered ? label : void 0
-    });
-    if (triggered) {
-      for (const remaining of SCOPE_ESCAPE_PATTERNS.filter((p) => p.label !== label)) {
-        checks.push({
-          checkType: "scope-escape",
-          triggered: remaining.pattern.test(scopeToCheck),
-          matchedPattern: remaining.pattern.test(scopeToCheck) ? remaining.label : void 0
-        });
-      }
-      return {
-        status: "PAUSE",
-        reason: NEUTRAL_MESSAGES["scope-escape"],
-        ruleId: `safety-scope-${label}`
-      };
-    }
-  }
-  if (event.direction === "output") {
-    for (const { pattern, label } of EXECUTION_CLAIM_PATTERNS) {
-      const triggered = pattern.test(textToCheck);
-      checks.push({
-        checkType: "execution-claim",
-        triggered,
-        matchedPattern: triggered ? label : void 0
-      });
-      if (triggered) {
-        for (const remaining of EXECUTION_CLAIM_PATTERNS.filter((p) => p.label !== label)) {
-          checks.push({
-            checkType: "execution-claim",
-            triggered: remaining.pattern.test(textToCheck),
-            matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
-          });
-        }
-        return {
-          status: "PAUSE",
-          reason: NEUTRAL_MESSAGES["execution-claim"],
-          ruleId: `safety-execution-claim-${label}`
-        };
-      }
-    }
-  }
-  if (event.direction === "input") {
-    const intentTrimmed = event.intent.trim();
-    for (const { pattern, label } of EXECUTION_INTENT_PATTERNS) {
-      const triggered = pattern.test(intentTrimmed);
-      checks.push({
-        checkType: "execution-intent",
-        triggered,
-        matchedPattern: triggered ? label : void 0
-      });
-      if (triggered) {
-        for (const remaining of EXECUTION_INTENT_PATTERNS.filter((p) => p.label !== label)) {
-          checks.push({
-            checkType: "execution-intent",
-            triggered: remaining.pattern.test(intentTrimmed),
-            matchedPattern: remaining.pattern.test(intentTrimmed) ? remaining.label : void 0
-          });
-        }
-        return {
-          status: "PAUSE",
-          reason: NEUTRAL_MESSAGES["execution-intent"],
-          ruleId: `safety-execution-intent-${label}`
-        };
-      }
-    }
-  }
-  return null;
-}
-function checkRoleRules(event, eventText, world, checks) {
-  if (!event.roleId || !world.roles) return null;
-  const role = world.roles.roles.find((r) => r.id === event.roleId);
-  if (!role) return null;
-  if (role.requiresApproval) {
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule: "All actions require approval",
-      ruleType: "requiresApproval",
-      matched: true
-    });
-    return {
-      status: "PAUSE",
-      reason: `Role "${role.name}" requires approval for all actions.`,
-      ruleId: `role-${role.id}-requires-approval`
-    };
-  }
-  for (const rule of role.cannotDo) {
-    const matched = matchesKeywords(eventText, rule);
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule,
-      ruleType: "cannotDo",
-      matched
-    });
-    if (matched) {
-      return {
-        status: "BLOCK",
-        reason: `Role "${role.name}" cannot: ${rule}`,
-        ruleId: `role-${role.id}-cannotdo`
-      };
-    }
-  }
-  for (const rule of role.canDo) {
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule,
-      ruleType: "canDo",
-      matched: matchesKeywords(eventText, rule)
-    });
-  }
-  return null;
-}
-function checkGuards(event, eventText, world, checks, guardsMatched) {
-  if (!world.guards) return null;
-  const guardsConfig = world.guards;
-  let warnResult = null;
-  const compiledPatterns = /* @__PURE__ */ new Map();
-  for (const [key, def] of Object.entries(guardsConfig.intent_vocabulary)) {
-    try {
-      compiledPatterns.set(key, new RegExp(def.pattern, "i"));
-    } catch {
-    }
-  }
-  const eventTool = (event.tool ?? "").toLowerCase();
-  for (const guard of guardsConfig.guards) {
-    if (guard.appliesTo && guard.appliesTo.length > 0) {
-      const normalizedAppliesTo = guard.appliesTo.map((t) => t.toLowerCase());
-      if (!normalizedAppliesTo.includes(eventTool)) {
-        continue;
-      }
-    }
-    const enabled = guard.immutable || guard.default_enabled !== false;
-    const matchedPatterns = [];
-    for (const patternKey of guard.intent_patterns) {
-      const regex = compiledPatterns.get(patternKey);
-      if (regex?.test(eventText)) {
-        matchedPatterns.push(patternKey);
-      }
-    }
-    const matched = matchedPatterns.length > 0 && enabled;
-    let roleGated = false;
-    if (matched && guard.required_roles && guard.required_roles.length > 0 && event.roleId && guard.required_roles.includes(event.roleId)) {
-      roleGated = true;
-    }
-    checks.push({
-      guardId: guard.id,
-      label: guard.label,
-      category: guard.category,
-      enabled,
-      matched: matched && !roleGated,
-      enforcement: guard.enforcement,
-      matchedPatterns,
-      roleGated
-    });
-    if (!matched || roleGated) continue;
-    guardsMatched.push(guard.id);
-    const actionMode = guard.player_modes?.action ?? guard.enforcement;
-    const reason = guard.redirect ? `${guard.description} \u2014 ${guard.redirect}` : guard.description;
-    if (actionMode === "block") {
-      return { status: "BLOCK", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "pause") {
-      return { status: "PAUSE", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "penalize") {
-      const consequence = guard.consequence ? { ...guard.consequence } : { type: "freeze", rounds: 1, description: `Penalized for violating: ${guard.label}` };
-      return { status: "PENALIZE", reason, ruleId: `guard-${guard.id}`, consequence };
-    }
-    if (actionMode === "reward") {
-      const reward = guard.reward ? { ...guard.reward } : { type: "boost_influence", magnitude: 0.1, description: `Rewarded for: ${guard.label}` };
-      return { status: "REWARD", reason, ruleId: `guard-${guard.id}`, reward };
-    }
-    if (actionMode === "modify") {
-      const modifiedTo = guard.modify_to ?? guard.redirect ?? "hold";
-      return { status: "MODIFY", reason: `${reason} \u2192 Modified to: ${modifiedTo}`, ruleId: `guard-${guard.id}`, modifiedTo };
-    }
-    if (actionMode === "neutral") {
-      return { status: "NEUTRAL", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "warn" && !warnResult) {
-      warnResult = { status: "ALLOW", warning: reason, ruleId: `guard-${guard.id}` };
-    }
-  }
-  return warnResult;
-}
-function checkKernelRules(eventText, world, checks, rulesMatched) {
-  if (!world.kernel) return null;
-  const forbidden = world.kernel.input_boundaries?.forbidden_patterns ?? [];
-  const output = world.kernel.output_boundaries?.forbidden_patterns ?? [];
-  for (const rule of forbidden) {
-    let matched = false;
-    let matchMethod = "none";
-    if (rule.pattern) {
-      try {
-        matched = new RegExp(rule.pattern, "i").test(eventText);
-        matchMethod = "pattern";
-      } catch {
-      }
-    }
-    if (!matched && rule.reason) {
-      matched = matchesKeywords(eventText, rule.reason);
-      if (matched) matchMethod = "keyword";
-    }
-    checks.push({
-      ruleId: rule.id,
-      text: rule.reason,
-      category: "forbidden",
-      matched,
-      matchMethod
-    });
-    if (matched) {
-      rulesMatched.push(rule.id);
-      if (rule.action === "BLOCK") {
-        return {
-          status: "BLOCK",
-          reason: rule.reason,
-          ruleId: `kernel-${rule.id}`
-        };
-      }
-    }
-  }
-  return null;
-}
-function checkLevelConstraints(event, level, checks) {
-  if (level === "basic") return null;
-  const intent = event.intent.toLowerCase();
-  const tool = (event.tool ?? "").toLowerCase();
-  const isDelete = intent.includes("delete") || intent.includes("remove") || intent.includes("rm ") || tool === "delete";
-  const deleteTriggered = isDelete && levelRequiresConfirmation(level, "delete");
-  checks.push({
-    checkType: "delete",
-    level,
-    triggered: deleteTriggered,
-    reason: deleteTriggered ? NEUTRAL_MESSAGES["delete"] : void 0
-  });
-  if (deleteTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["delete"], ruleId: "level-delete-check" };
-  }
-  const isExternal = event.scope ? isExternalScope(event.scope) : false;
-  const externalTriggered = isExternal && levelRequiresConfirmation(level, "write-external");
-  checks.push({
-    checkType: "write-external",
-    level,
-    triggered: externalTriggered,
-    reason: externalTriggered ? NEUTRAL_MESSAGES["write-external"] : void 0
-  });
-  if (externalTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["write-external"], ruleId: "level-external-write-check" };
-  }
-  const isNetwork = tool === "http" || tool === "fetch" || tool === "request" || intent.includes("post ") || intent.includes("sending");
-  const networkTriggered = isNetwork && levelRequiresConfirmation(level, "network-mutate");
-  checks.push({
-    checkType: "network-mutate",
-    level,
-    triggered: networkTriggered,
-    reason: networkTriggered ? NEUTRAL_MESSAGES["network-mutate"] : void 0
-  });
-  if (networkTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["network-mutate"], ruleId: "level-network-mutate-check" };
-  }
-  const isCredential = intent.includes("credential") || intent.includes("password") || intent.includes("secret") || intent.includes("api key") || intent.includes("token");
-  const credentialTriggered = isCredential && levelRequiresConfirmation(level, "credential-access");
-  checks.push({
-    checkType: "credential-access",
-    level,
-    triggered: credentialTriggered,
-    reason: credentialTriggered ? NEUTRAL_MESSAGES["credential-access"] : void 0
-  });
-  if (credentialTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["credential-access"], ruleId: "level-credential-check" };
-  }
-  const irreversibleTriggered = !!event.irreversible && level !== "basic";
-  checks.push({
-    checkType: "irreversible",
-    level,
-    triggered: irreversibleTriggered,
-    reason: irreversibleTriggered ? "This action is marked as irreversible." : void 0
-  });
-  if (irreversibleTriggered) {
-    return {
-      status: "PAUSE",
-      reason: "This action is marked as irreversible.",
-      ruleId: "level-irreversible-check"
-    };
-  }
-  return null;
-}
-function matchesKeywords(eventText, ruleText) {
-  return matchesAllKeywords(eventText, ruleText);
-}
-function eventToAllowlistKey(event) {
-  return `${(event.tool ?? "*").toLowerCase()}::${event.intent.toLowerCase().trim()}`;
-}
-function buildTrace(invariantChecks, safetyChecks, planCheck, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
-  const trace = {
-    invariantChecks,
-    safetyChecks,
-    roleChecks,
-    guardChecks,
-    kernelRuleChecks,
-    levelChecks,
-    precedenceResolution: {
-      decidingLayer,
-      decidingId,
-      strategy: "first-match-wins",
-      chainOrder: [
-        "invariant-coverage",
-        "session-allowlist",
-        "safety-injection",
-        "safety-scope-escape",
-        "safety-execution-claim",
-        "safety-execution-intent",
-        "plan-enforcement",
-        "role-rules",
-        "declarative-guards",
-        "kernel-rules",
-        "level-constraints",
-        "default-allow"
-      ]
-    },
-    durationMs: performance.now() - startTime
-  };
-  if (planCheck) {
-    trace.planCheck = planCheck;
-  }
-  return trace;
-}
-function buildVerdict(status, reason, ruleId, warning, world, level, invariantChecks, guardsMatched, rulesMatched, trace) {
-  const evidence = {
-    worldId: world.world.world_id,
-    worldName: world.world.name,
-    worldVersion: world.world.version,
-    evaluatedAt: Date.now(),
-    invariantsSatisfied: invariantChecks.filter((c) => c.hasGuardCoverage).length,
-    invariantsTotal: invariantChecks.length,
-    guardsMatched,
-    rulesMatched,
-    enforcementLevel: level
-  };
-  const verdict = {
-    status,
-    evidence
-  };
-  if (reason) verdict.reason = reason;
-  if (ruleId) verdict.ruleId = ruleId;
-  if (warning) verdict.warning = warning;
-  if (trace) verdict.trace = trace;
-  return verdict;
-}
-
-export {
-  evaluateGuard,
-  eventToAllowlistKey
-};