@o-lang/olang 1.2.15 → 1.2.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/runtime/RuntimeAPI.js +46 -84
- package/src/runtime/index.js +26 -2
package/package.json
CHANGED
|
@@ -721,12 +721,50 @@ class RuntimeAPI {
|
|
|
721
721
|
});
|
|
722
722
|
}
|
|
723
723
|
|
|
724
|
-
|
|
724
|
+
// -----------------------------
|
|
725
725
|
// ✅ KERNEL-LEVEL LLM HALLUCINATION PREVENTION (CONJUGATION-AWARE + EVASION-RESISTANT)
|
|
726
726
|
// -----------------------------
|
|
727
727
|
_validateLLMOutput(output, actionContext) {
|
|
728
728
|
if (!output || typeof output !== 'string') return { passed: true };
|
|
729
|
-
|
|
729
|
+
|
|
730
|
+
// ── __verified_intent takes priority ──────────────────────────────────────
|
|
731
|
+
// If the workflow author has defined intent rules, use those exclusively.
|
|
732
|
+
// This makes governance dynamic — skip hardcoded patterns entirely.
|
|
733
|
+
const intent = this.context.__verified_intent;
|
|
734
|
+
if (intent) {
|
|
735
|
+
if (intent.prohibited_actions && Array.isArray(intent.prohibited_actions)) {
|
|
736
|
+
const lower = output.toLowerCase();
|
|
737
|
+
for (const action of intent.prohibited_actions) {
|
|
738
|
+
if (lower.includes(action.toLowerCase())) {
|
|
739
|
+
return {
|
|
740
|
+
passed: false,
|
|
741
|
+
reason: `Output violates prohibited action "${action}" defined in __verified_intent`,
|
|
742
|
+
detected: action,
|
|
743
|
+
language: 'multi'
|
|
744
|
+
};
|
|
745
|
+
}
|
|
746
|
+
}
|
|
747
|
+
}
|
|
748
|
+
|
|
749
|
+
if (intent.prohibited_topics && Array.isArray(intent.prohibited_topics)) {
|
|
750
|
+
const lower = output.toLowerCase();
|
|
751
|
+
for (const topic of intent.prohibited_topics) {
|
|
752
|
+
if (lower.includes(topic.toLowerCase())) {
|
|
753
|
+
return {
|
|
754
|
+
passed: false,
|
|
755
|
+
reason: `Output violates prohibited topic "${topic}" defined in __verified_intent`,
|
|
756
|
+
detected: topic,
|
|
757
|
+
language: 'multi'
|
|
758
|
+
};
|
|
759
|
+
}
|
|
760
|
+
}
|
|
761
|
+
}
|
|
762
|
+
|
|
763
|
+
// __verified_intent present and passed — skip hardcoded patterns
|
|
764
|
+
return { passed: true };
|
|
765
|
+
}
|
|
766
|
+
|
|
767
|
+
// ── No __verified_intent — fall through to hardcoded patterns ─────────────
|
|
730
768
|
// 🔑 Extract allowed capabilities from workflow allowlist
|
|
731
769
|
const allowedCapabilities = Array.from(this.allowedResolvers)
|
|
732
770
|
.filter(name => !name.startsWith('llm-') && name !== 'builtInMathResolver')
|
|
@@ -737,33 +775,23 @@ class RuntimeAPI {
|
|
|
737
775
|
// ────────────────────────────────────────────────
|
|
738
776
|
// 🇳🇬 NIGERIAN LANGUAGES (Conjugation-aware)
|
|
739
777
|
// ────────────────────────────────────────────────
|
|
740
|
-
// Yoruba (yo) - Perfective "ti" + Progressive "ń/ǹ/n"
|
|
741
778
|
{ pattern: /\bti\s+(?:fi|san|gba|da|lo)\b/i, capability: 'unauthorized_action', lang: 'yo' },
|
|
742
779
|
{ pattern: /\b(?:ń|ǹ|n)\s+(?:fi|san|gba)\b/i, capability: 'unauthorized_action', lang: 'yo' },
|
|
743
780
|
{ pattern: /\b(fi\s+(?:owo|ẹ̀wọ̀|ewo|ku|fun|s'ọkọọ))\b/i, capability: 'transfer', lang: 'yo' },
|
|
744
781
|
{ pattern: /\b(san\s+(?:owo|ẹ̀wọ̀|ewo|fun|wo))\b/i, capability: 'payment', lang: 'yo' },
|
|
745
782
|
{ pattern: /\b(gba\s+owo)\b/i, capability: 'withdrawal', lang: 'yo' },
|
|
746
783
|
{ pattern: /\b(mo\s+ti\s+(?:fi|san|gba))\b/i, capability: 'unauthorized_action', lang: 'yo' },
|
|
747
|
-
|
|
748
|
-
// Hausa (ha) - Perfective "ya/ta/su" + Future "za a/za ta"
|
|
749
784
|
{ pattern: /\b(?:ya|ta|su)\s+(?:ciyar|biya|sahawa|sake)\b/i, capability: 'unauthorized_action', lang: 'ha' },
|
|
750
785
|
{ pattern: /\b(?:za\sa|za\s+ta)\s+(?:ciyar|biya)\b/i, capability: 'unauthorized_action', lang: 'ha' },
|
|
751
786
|
{ pattern: /\b(ciyar\s*(?:da)?|ciya\s*(?:da)?|shiga\s+kuɗi)\b/i, capability: 'transfer', lang: 'ha' },
|
|
752
787
|
{ pattern: /\b(biya\s*(?:da)?)\b/i, capability: 'payment', lang: 'ha' },
|
|
753
788
|
{ pattern: /\b(sahaw[ae]\s+kuɗi)\b/i, capability: 'withdrawal', lang: 'ha' },
|
|
754
789
|
{ pattern: /\b(ina\s+(?:ciyar|biya|sahawa))\b/i, capability: 'unauthorized_action', lang: 'ha' },
|
|
755
|
-
|
|
756
|
-
// Igbo (ig) - Perfective suffixes
|
|
757
790
|
{ pattern: /\b(?:ziri|bururu|tinyere|gbara)\b/i, capability: 'unauthorized_action', lang: 'ig' },
|
|
758
791
|
{ pattern: /\b(zipu\s+(?:ego|moni|isi|na))\b/i, capability: 'transfer', lang: 'ig' },
|
|
759
792
|
{ pattern: /\b(buru\s+(?:ego|moni|isi))\b/i, capability: 'transfer', lang: 'ig' },
|
|
760
793
|
{ pattern: /\b(tinye\s+(?:ego|moni|isi))\b/i, capability: 'deposit', lang: 'ig' },
|
|
761
794
|
{ pattern: /\b(m\s+(?:ziri|buru|zipuru|tinyere))\b/i, capability: 'unauthorized_action', lang: 'ig' },
|
|
762
|
-
|
|
763
|
-
// ────────────────────────────────────────────────
|
|
764
|
-
// 🌍 PAN-AFRICAN LANGUAGES (Conjugation-aware + Evasion-resistant)
|
|
765
|
-
// ────────────────────────────────────────────────
|
|
766
|
-
// Swahili (sw) - ALL ASPECTS: Perfect, Continuous Passive, Future
|
|
767
795
|
{ pattern: /\b(?:ni|u|a|tu|m|wa|ki|vi|zi|i)\s*me\s*(?:ongeza|weka|tuma|peleka|lipa|wasilisha)\b/i, capability: 'unauthorized_action', lang: 'sw' },
|
|
768
796
|
{ pattern: /\b(?:kime|lime|ime|ume|nime|vime|zyme|yame|mame)(?:ongezwa|wekwa|tumwa|pelekwa|lipwa|wasilishwa|fanyika)\b/i, capability: 'unauthorized_action', lang: 'sw' },
|
|
769
797
|
{ pattern: /\b(?:ki|vi|mi|ma|u|wa|i|zi|ya|li|tu|mu|a|pa|ku)na(?:cho|vyo|yo|lo|mo|o)?(?:tum|pelek|wasil|ongez|wek|lip)\w*wa\b/i, capability: 'unauthorized_action', lang: 'sw' },
|
|
@@ -772,77 +800,44 @@ class RuntimeAPI {
|
|
|
772
800
|
{ pattern: /\b(lipa|maliza\s+malipo)\b/i, capability: 'payment', lang: 'sw' },
|
|
773
801
|
{ pattern: /\b(ongez[ae]?\s*(?:kiasi|pesa|fedha)|wek[ae]?\s+(?:katika|ndani)\s+(?:akaunti|hisa))\b/i, capability: 'deposit', lang: 'sw' },
|
|
774
802
|
{ pattern: /\b(nime(?:tuma|lipa|ongeza|weka|peleka))\b/i, capability: 'unauthorized_action', lang: 'sw' },
|
|
775
|
-
|
|
776
|
-
// Amharic (am) - Perfective suffix (Ethiopic script)
|
|
777
803
|
{ pattern: /[\u1200-\u137F]{0,4}(?:ተላላፈ|ላክ|ክፈል|ጨምር|ወጣ|ገባ)[\u1200-\u137F]{0,2}(?:\u1205|\u122d|\u1265)[\u1200-\u137F]{0,2}/u, capability: 'financial_action', lang: 'am' },
|
|
778
|
-
|
|
779
|
-
// Oromo (om) - Perfective "ni...e"
|
|
780
804
|
{ pattern: /\bni\s+(?:kuufe|dhiibe|kennine|gurgure)\b/i, capability: 'unauthorized_action', lang: 'om' },
|
|
781
805
|
{ pattern: /\b(kuuf\s+(?:qilleensaa|bilbila)|dhiib\s+(?:qilleensaa|bilbila))\b/i, capability: 'transfer', lang: 'om' },
|
|
782
806
|
{ pattern: /\b(kenn\s*i|gurgur\s*i)\b/i, capability: 'payment', lang: 'om' },
|
|
783
|
-
|
|
784
|
-
// Fula (ff)
|
|
785
807
|
{ pattern: /\b(sakkit\s+(?:ndo|ndoo)|tawt\s+(?:ndo|ndoo))\b/i, capability: 'transfer', lang: 'ff' },
|
|
786
808
|
{ pattern: /\b(jokk\s*i|soodug\s*i)\b/i, capability: 'payment', lang: 'ff' },
|
|
787
|
-
|
|
788
|
-
// Somali (so) - Perfective "waxaa"
|
|
789
809
|
{ pattern: /\bwaxaa\s+(?:diray|bixiyay|ku\s+daray|sameeyay)\b/i, capability: 'unauthorized_action', lang: 'so' },
|
|
790
810
|
{ pattern: /\b(dir\s+(?:lacag|maal|qarsoon))\b/i, capability: 'transfer', lang: 'so' },
|
|
791
811
|
{ pattern: /\b(bixi|bixis\s*o)\b/i, capability: 'payment', lang: 'so' },
|
|
792
|
-
|
|
793
|
-
// Zulu (zu) - Perfective "-ile"
|
|
794
812
|
{ pattern: /\b(?:thumel|hlawul|fik)\s*ile\b/i, capability: 'unauthorized_action', lang: 'zu' },
|
|
795
813
|
{ pattern: /\b(thumel\s*a\s+(?:imali|imali))\b/i, capability: 'transfer', lang: 'zu' },
|
|
796
814
|
{ pattern: /\b(hlawul\s*a|hlawulel\s*a)\b/i, capability: 'payment', lang: 'zu' },
|
|
797
815
|
{ pattern: /\b(siyithumel\s*e|siyihlawul\s*e)\b/i, capability: 'unauthorized_action', lang: 'zu' },
|
|
798
|
-
|
|
799
|
-
// Shona (sn) - Perfective "-a/-e"
|
|
800
816
|
{ pattern: /\b(?:tumir|bhadhar)\s*a\b/i, capability: 'unauthorized_action', lang: 'sn' },
|
|
801
817
|
{ pattern: /\b(tumir\s*a\s+(?:mhando|ari))\b/i, capability: 'transfer', lang: 'sn' },
|
|
802
818
|
{ pattern: /\b(bhadhara|bhadharis\s*o)\b/i, capability: 'payment', lang: 'sn' },
|
|
803
|
-
|
|
804
819
|
// ────────────────────────────────────────────────
|
|
805
|
-
// 🌐 GLOBAL LANGUAGES
|
|
820
|
+
// 🌐 GLOBAL LANGUAGES
|
|
806
821
|
// ────────────────────────────────────────────────
|
|
807
|
-
// English (en) - Perfective + Passive
|
|
808
822
|
{ pattern: /\b(?:have|has|had)\s+(?:transferred|sent|paid|withdrawn|deposited|wire[d])\b/i, capability: 'unauthorized_action', lang: 'en' },
|
|
809
823
|
{ pattern: /\b(?:was|were|been)\s+(?:added|credited|transferred|sent|paid)\b/i, capability: 'unauthorized_action', lang: 'en' },
|
|
810
824
|
{ pattern: /\b(transfer(?:red|ring)?|send(?:t|ing)?|wire(?:d)?|pay(?:ed|ing)?|withdraw(?:n)?|deposit(?:ed|ing)?|disburse(?:d)?)\b/i, capability: 'financial_action', lang: 'en' },
|
|
811
825
|
{ pattern: /\bI\s+(?:can|will|am able to|have|'ve|did|already)\s+(?:transfer|send|pay|withdraw|deposit|wire)\b/i, capability: 'unauthorized_action', lang: 'en' },
|
|
812
|
-
|
|
813
|
-
// French (fr) - Past participle
|
|
814
826
|
{ pattern: /\b(?:j'?ai|tu as|il a|elle a|nous avons|vous avez|ils ont|elles ont)\s+(?:viré|transféré|envoyé|payé|retiré|déposé)\b/i, capability: 'unauthorized_action', lang: 'fr' },
|
|
815
827
|
{ pattern: /\b(virer|transférer|envoyer|payer|retirer|déposer|débiter|créditer)\b/i, capability: 'financial_action', lang: 'fr' },
|
|
816
|
-
|
|
817
|
-
// Arabic (ar) - Perfective past tense
|
|
818
828
|
{ pattern: /[\u0600-\u06FF]{0,3}(?:حوّل|أرسل|ادفع|اودع|سحب)[\u0600-\u06FF]{0,3}(?:ت|نا|تم|تا|تِ|تُ|تَ)[\u0600-\u06FF]{0,3}/u, capability: 'financial_action', lang: 'ar' },
|
|
819
829
|
{ pattern: /[\u0600-\u06FF]{0,3}(?:أنا|تم|لقد)\s*(?:حوّلت|أرسلت|دفعت|اودعت)[\u0600-\u06FF]{0,3}/u, capability: 'unauthorized_action', lang: 'ar' },
|
|
820
|
-
|
|
821
|
-
// Chinese (zh) - Perfective "le" particle
|
|
822
830
|
{ pattern: /[\u4e00-\u9fff]{0,2}(?:转账 | 支付 | 存款 | 取款)[\u4e00-\u9fff]{0,2}(?:了)[\u4e00-\u9fff]{0,2}/u, capability: 'financial_action', lang: 'zh' },
|
|
823
831
|
{ pattern: /[\u4e00-\u9fff]{0,2}(?:转账 | 转帐 | 支付 | 付款 | 提款 | 取款 | 存款 | 存入 | 汇款 | 存)[\u4e00-\u9fff]{0,2}/u, capability: 'financial_action', lang: 'zh' },
|
|
824
832
|
{ pattern: /[\u4e00-\u9fff]{0,2}(?:我 | 已 | 已经)\s*(?:转账 | 支付 | 提款 | 存款)[\u4e00-\u9fff]{0,2}/u, capability: 'unauthorized_action', lang: 'zh' },
|
|
825
|
-
|
|
826
833
|
// ────────────────────────────────────────────────
|
|
827
|
-
// 🛡️ EVASION-RESISTANT
|
|
828
|
-
// ────────────────────────────────────────────────
|
|
829
|
-
{
|
|
830
|
-
pattern: /(?:^|\s|[:\(\[])(?:\d{1,3}(?:[,\s.]\d{3})*(?:[.,]\d{1,2})?|\d+(?:[.,]\d{1,2})?)(?:\s*(?:naira|ngn|₦|\$|usd|kes|tzs|ugx|rwf|cdf|xof|xaf|ghs|zar))?.{0,40}(?:account|acct|a\/c|akaunti|asusu|akwụkwọ\s+ọkụ|hesabu|namba|#)\b/i,
|
|
831
|
-
capability: 'unauthorized_action',
|
|
832
|
-
lang: 'multi'
|
|
833
|
-
},
|
|
834
|
-
|
|
835
|
-
// ────────────────────────────────────────────────
|
|
836
|
-
// 🔒 PII LEAKAGE PATTERNS
|
|
834
|
+
// 🛡️ EVASION-RESISTANT + PII + FAKE CONFIRMATION
|
|
837
835
|
// ────────────────────────────────────────────────
|
|
836
|
+
{ pattern: /(?:^|\s|[:\(\[])(?:\d{1,3}(?:[,\s.]\d{3})*(?:[.,]\d{1,2})?|\d+(?:[.,]\d{1,2})?)(?:\s*(?:naira|ngn|₦|\$|usd|kes|tzs|ugx|rwf|cdf|xof|xaf|ghs|zar))?.{0,40}(?:account|acct|a\/c|akaunti|asusu|akwụkwọ\s+ọkụ|hesabu|namba|#)\b/i, capability: 'unauthorized_action', lang: 'multi' },
|
|
838
837
|
{ pattern: /\b(?:account|acct|a\/c|akaunti|asusu|akwụkwọ\s+ọkụ|hesabu|namba|#)\s*[:\-—–]?\s*(\d{6,})\b/i, capability: 'pii_exposure', lang: 'multi' },
|
|
839
838
|
{ pattern: /\b(?:bvn|bank verification number)\s*[:\-]?\s*(\d{11})\b/i, capability: 'pii_exposure', lang: 'multi' },
|
|
840
839
|
{ pattern: /\b(?:\+?234\s*|0)(?:70|80|81|90|91)\d{8}\b/, capability: 'pii_exposure', lang: 'multi' },
|
|
841
|
-
|
|
842
|
-
// ────────────────────────────────────────────────
|
|
843
|
-
// ✅ FAKE CONFIRMATION PATTERNS
|
|
844
|
-
// ────────────────────────────────────────────────
|
|
845
|
-
{ pattern: /\b(successful(?:ly)?|confirmed|approved|completed|processed|accepted|verified|imethibitishwa|imefanikiwa|amthibitishwa|ti\s+da|ti\s+ṣe|gụnyere|kimefanyika|yamekamilika)\b/i, capability: 'deceptive_claim', lang: 'multi' }
|
|
840
|
+
{ pattern: /\b(successful(?:ly)?|confirmed|approved|completed|processed|accepted|verified|imethibitishwa|imefanikiwa|amthibitishwa|ti\s+da|ti\s+ṣe|gụnyere|kimefanyika|yamekamilika)\b/i, capability: 'deceptive_claim', lang: 'multi' },
|
|
846
841
|
];
|
|
847
842
|
|
|
848
843
|
// 🔍 SCAN OUTPUT FOR FORBIDDEN INTENTS
|
|
@@ -856,7 +851,7 @@ class RuntimeAPI {
|
|
|
856
851
|
c.includes('deposit') ||
|
|
857
852
|
c.includes('withdraw')
|
|
858
853
|
);
|
|
859
|
-
|
|
854
|
+
|
|
860
855
|
if (!hasCapability) {
|
|
861
856
|
const match = output.match(pattern);
|
|
862
857
|
return {
|
|
@@ -868,42 +863,9 @@ class RuntimeAPI {
|
|
|
868
863
|
}
|
|
869
864
|
}
|
|
870
865
|
}
|
|
871
|
-
|
|
872
|
-
// ✅ SEMANTIC INTENT DRIFT DETECTION
|
|
873
|
-
const intent = this.context.__verified_intent;
|
|
874
|
-
if (intent) {
|
|
875
|
-
if (intent.prohibited_topics && Array.isArray(intent.prohibited_topics)) {
|
|
876
|
-
const lower = output.toLowerCase();
|
|
877
|
-
for (const topic of intent.prohibited_topics) {
|
|
878
|
-
if (lower.includes(topic.toLowerCase())) {
|
|
879
|
-
return {
|
|
880
|
-
passed: false,
|
|
881
|
-
reason: `Resolver output violates prohibited topic "${topic}" defined in __verified_intent`,
|
|
882
|
-
detected: topic,
|
|
883
|
-
language: 'multi'
|
|
884
|
-
};
|
|
885
|
-
}
|
|
886
|
-
}
|
|
887
|
-
}
|
|
888
|
-
|
|
889
|
-
if (intent.prohibited_actions && Array.isArray(intent.prohibited_actions)) {
|
|
890
|
-
const lower = output.toLowerCase();
|
|
891
|
-
for (const action of intent.prohibited_actions) {
|
|
892
|
-
if (lower.includes(action.toLowerCase())) {
|
|
893
|
-
return {
|
|
894
|
-
passed: false,
|
|
895
|
-
reason: `Resolver output violates prohibited action "${action}" defined in __verified_intent`,
|
|
896
|
-
detected: action,
|
|
897
|
-
language: 'multi'
|
|
898
|
-
};
|
|
899
|
-
}
|
|
900
|
-
}
|
|
901
|
-
}
|
|
902
|
-
}
|
|
903
|
-
|
|
866
|
+
|
|
904
867
|
return { passed: true };
|
|
905
868
|
}
|
|
906
|
-
|
|
907
869
|
// -----------------------------
|
|
908
870
|
// ✅ CRITICAL FIX: Resolver output unwrapping helper
|
|
909
871
|
// -----------------------------
|
package/src/runtime/index.js
CHANGED
|
@@ -1,5 +1,29 @@
|
|
|
1
1
|
// src/runtime/index.js
|
|
2
|
-
const { RuntimeAPI
|
|
3
|
-
const { parse} = require('../parser');
|
|
2
|
+
const { RuntimeAPI } = require('./RuntimeAPI');
|
|
3
|
+
const { parse } = require('../parser');
|
|
4
|
+
|
|
5
|
+
async function execute(workflow, inputs, agentResolver, verbose = false) {
|
|
6
|
+
const rt = new RuntimeAPI({ verbose });
|
|
7
|
+
|
|
8
|
+
// run the workflow — result only contains Return values
|
|
9
|
+
const result = await rt.executeWorkflow(workflow, inputs, agentResolver);
|
|
10
|
+
|
|
11
|
+
// rt is still alive here — grab audit before it dies
|
|
12
|
+
const lastEntry = rt.auditLog.at(-1);
|
|
13
|
+
const firstEntry = rt.auditLog.at(0);
|
|
14
|
+
|
|
15
|
+
result.__audit = {
|
|
16
|
+
execution_hash: lastEntry?.hash ?? null,
|
|
17
|
+
previous_hash: firstEntry?.hash ?? 'GENESIS',
|
|
18
|
+
merkle_root: rt._calculateMerkleRoot(),
|
|
19
|
+
kernel_version: lastEntry?.details?.kernel_version ?? null,
|
|
20
|
+
governance_profile_hash: lastEntry?.details?.governance_profile_hash ?? null,
|
|
21
|
+
signature: lastEntry?.signature ?? null,
|
|
22
|
+
integrity: rt.verifyAuditLogIntegrity(),
|
|
23
|
+
chain: rt.auditLog,
|
|
24
|
+
};
|
|
25
|
+
|
|
26
|
+
return result;
|
|
27
|
+
}
|
|
4
28
|
|
|
5
29
|
module.exports = { execute, parse };
|