@o-lang/olang 1.2.11 → 1.2.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/runtime/RuntimeAPI.js +46 -2
package/package.json
CHANGED
|
@@ -467,7 +467,7 @@ _validateLLMOutput(output, actionContext) {
|
|
|
467
467
|
{ pattern: /\b(successful(?:ly)?|confirmed|approved|completed|processed|accepted|verified|imethibitishwa|imefanikiwa|amthibitishwa|ti\s+da|ti\s+ṣe|gụnyere|kimefanyika|yamekamilika)\b/i, capability: 'deceptive_claim', lang: 'multi' }
|
|
468
468
|
];
|
|
469
469
|
|
|
470
|
-
// 🔍 SCAN OUTPUT FOR FORBIDDEN INTENTS
|
|
470
|
+
// 🔍 SCAN OUTPUT FOR FORBIDDEN INTENTS (financial/PII/fake confirmations)
|
|
471
471
|
for (const { pattern, capability, lang } of forbiddenPatterns) {
|
|
472
472
|
if (pattern.test(output)) {
|
|
473
473
|
// ✅ Only block if capability NOT in workflow allowlist
|
|
@@ -492,6 +492,40 @@ _validateLLMOutput(output, actionContext) {
|
|
|
492
492
|
}
|
|
493
493
|
}
|
|
494
494
|
|
|
495
|
+
// ✅ NEW: SEMANTIC INTENT DRIFT DETECTION (BACKWARD-COMPATIBLE)
|
|
496
|
+
const intent = this.context.__verified_intent;
|
|
497
|
+
if (intent) {
|
|
498
|
+
// Check prohibited topics
|
|
499
|
+
if (intent.prohibited_topics && Array.isArray(intent.prohibited_topics)) {
|
|
500
|
+
const lower = output.toLowerCase();
|
|
501
|
+
for (const topic of intent.prohibited_topics) {
|
|
502
|
+
if (lower.includes(topic.toLowerCase())) {
|
|
503
|
+
return {
|
|
504
|
+
passed: false,
|
|
505
|
+
reason: `Resolver output violates prohibited topic "${topic}" defined in __verified_intent`,
|
|
506
|
+
detected: topic,
|
|
507
|
+
language: 'multi'
|
|
508
|
+
};
|
|
509
|
+
}
|
|
510
|
+
}
|
|
511
|
+
}
|
|
512
|
+
|
|
513
|
+
// Check prohibited actions
|
|
514
|
+
if (intent.prohibited_actions && Array.isArray(intent.prohibited_actions)) {
|
|
515
|
+
const lower = output.toLowerCase();
|
|
516
|
+
for (const action of intent.prohibited_actions) {
|
|
517
|
+
if (lower.includes(action.toLowerCase())) {
|
|
518
|
+
return {
|
|
519
|
+
passed: false,
|
|
520
|
+
reason: `Resolver output violates prohibited action "${action}" defined in __verified_intent`,
|
|
521
|
+
detected: action,
|
|
522
|
+
language: 'multi'
|
|
523
|
+
};
|
|
524
|
+
}
|
|
525
|
+
}
|
|
526
|
+
}
|
|
527
|
+
}
|
|
528
|
+
|
|
495
529
|
return { passed: true };
|
|
496
530
|
}
|
|
497
531
|
// -----------------------------
|
|
@@ -1170,7 +1204,17 @@ const isLLMAction = action.toLowerCase().includes('groq') ||
|
|
|
1170
1204
|
...inputs,
|
|
1171
1205
|
workflow_name: workflow.name
|
|
1172
1206
|
};
|
|
1173
|
-
|
|
1207
|
+
|
|
1208
|
+
// Optional strict mode: enforce resolver-originated inputs
|
|
1209
|
+
if (process.env.OLANG_STRICT_INPUTS === 'true') {
|
|
1210
|
+
if (!inputs.__resolver_origin) {
|
|
1211
|
+
throw new Error(
|
|
1212
|
+
'[O-Lang SAFETY] Inputs must originate from a certified resolver. ' +
|
|
1213
|
+
'Use @o-lang/input-validator to validate external data.'
|
|
1214
|
+
);
|
|
1215
|
+
}
|
|
1216
|
+
}
|
|
1217
|
+
|
|
1174
1218
|
const currentGeneration = inputs.__generation || 1;
|
|
1175
1219
|
if (workflow.maxGenerations !== null && currentGeneration > workflow.maxGenerations) {
|
|
1176
1220
|
throw new Error(`Workflow generation ${currentGeneration} exceeds Constraint: max_generations = ${workflow.maxGenerations}`);
|