@occ-core/policy-sdk 1.0.0

package/dist/commitment.d.ts

@@ -0,0 +1,16 @@
+import type { AgentPolicy, PolicyCommitment } from "./types.js";
+/**
+ * Hash a policy to a base64 SHA-256 digest using OCC canonical serialization.
+ */
+export declare function hashPolicy(policy: AgentPolicy): string;
+/**
+ * Commit a policy to the OCC commit service.
+ *
+ * Validates the policy, hashes it, sends the digest to /commit,
+ * and returns the PolicyCommitment with the OCC proof.
+ */
+export declare function commitPolicy(policy: AgentPolicy, config: {
+    apiUrl: string;
+    apiKey?: string | undefined;
+}): Promise<PolicyCommitment>;
+//# sourceMappingURL=commitment.d.ts.map

package/dist/commitment.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"commitment.d.ts","sourceRoot":"","sources":["../src/commitment.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAIhE;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,CAItD;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAAE,GACtD,OAAO,CAAC,gBAAgB,CAAC,CAqD3B"}

package/dist/commitment.js

@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+import { sha256 } from "@noble/hashes/sha256";
+import { canonicalize } from "occproof";
+import { PolicyCommitmentError } from "./errors.js";
+import { validatePolicy } from "./schema.js";
+/**
+ * Hash a policy to a base64 SHA-256 digest using OCC canonical serialization.
+ */
+export function hashPolicy(policy) {
+    const bytes = canonicalize(policy);
+    const digest = sha256(bytes);
+    return Buffer.from(digest).toString("base64");
+}
+/**
+ * Commit a policy to the OCC commit service.
+ *
+ * Validates the policy, hashes it, sends the digest to /commit,
+ * and returns the PolicyCommitment with the OCC proof.
+ */
+export async function commitPolicy(policy, config) {
+    // Validate first
+    validatePolicy(policy);
+    const digestB64 = hashPolicy(policy);
+    const headers = {
+        "Content-Type": "application/json",
+    };
+    if (config.apiKey) {
+        headers["Authorization"] = `Bearer ${config.apiKey}`;
+    }
+    let response;
+    try {
+        response = await fetch(config.apiUrl, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({
+                digests: [{ digestB64, hashAlg: "sha256" }],
+                metadata: {
+                    kind: "policy-commitment",
+                    adapter: "occ-agent",
+                    policyName: policy.name,
+                    policyVersion: policy.version,
+                },
+            }),
+        });
+    }
+    catch (err) {
+        throw new PolicyCommitmentError(`Failed to reach OCC commit service: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    if (!response.ok) {
+        const body = await response.text();
+        throw new PolicyCommitmentError(`OCC policy commit failed (${response.status}): ${body}`);
+    }
+    const proofs = (await response.json());
+    const proof = proofs[0];
+    if (!proof) {
+        throw new PolicyCommitmentError("OCC commit returned empty proof array");
+    }
+    return {
+        policy,
+        policyDigestB64: digestB64,
+        occProof: proof,
+        committedAt: Date.now(),
+    };
+}
+//# sourceMappingURL=commitment.js.map

package/dist/commitment.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"commitment.js","sourceRoot":"","sources":["../src/commitment.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AAEnC,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,MAAmB;IAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAAmB,EACnB,MAAuD;IAEvD,iBAAiB;IACjB,cAAc,CAAC,MAAM,CAAC,CAAC;IAEvB,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;IAErC,MAAM,OAAO,GAA2B;QACtC,cAAc,EAAE,kBAAkB;KACnC,CAAC;IACF,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC;IACvD,CAAC;IAED,IAAI,QAAkB,CAAC;IACvB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;gBAC3C,QAAQ,EAAE;oBACR,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,WAAW;oBACpB,UAAU,EAAE,MAAM,CAAC,IAAI;oBACvB,aAAa,EAAE,MAAM,CAAC,OAAO;iBAC9B;aACF,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,qBAAqB,CAC7B,uCAAuC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAC1F,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,qBAAqB,CAC7B,6BAA6B,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CACzD,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAe,CAAC;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,qBAAqB,CAAC,uCAAuC,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO;QACL,MAAM;QACN,eAAe,EAAE,SAAS;QAC1B,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;KACxB,CAAC;AACJ,CAAC"}

package/dist/context.d.ts

@@ -0,0 +1,35 @@
+import type { AuditEntry, EnforcementDecision, ExecutionContextState } from "./types.js";
+/**
+ * Mutable execution context tracking cumulative state for policy enforcement.
+ * One instance per agent session.
+ */
+export declare class ExecutionContext {
+    #private;
+    constructor(initial?: Partial<ExecutionContextState>);
+    /** Record a completed tool call. */
+    recordCall(tool: string, skill: string | undefined, costCents: number, timestamp?: number): void;
+    /** Start a skill invocation (for concurrency tracking). */
+    startSkill(skill: string): void;
+    /** End a skill invocation. */
+    endSkill(skill: string): void;
+    /** Add an audit entry and return its ID. */
+    addAudit(tool: string, decision: EnforcementDecision, opts?: {
+        skill?: string;
+        costCents?: number;
+        proofDigestB64?: string;
+    }): string;
+    /** Prune timestamps outside all rate limit windows (memory hygiene). */
+    prune(maxAgeMs: number, now?: number): void;
+    /** Snapshot the current state (read-only copy). */
+    snapshot(): Readonly<ExecutionContextState>;
+    /** Get audit log entries. */
+    getAuditLog(opts?: {
+        offset?: number;
+        limit?: number;
+    }): readonly AuditEntry[];
+    /** Get a specific audit entry by ID. */
+    getAuditEntry(id: string): AuditEntry | undefined;
+    /** Total audit entries. */
+    get auditCount(): number;
+}
+//# sourceMappingURL=context.d.ts.map

package/dist/context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAEzF;;;GAGG;AACH,qBAAa,gBAAgB;;gBAIf,OAAO,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC;IAkBpD,oCAAoC;IACpC,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI;IAYhG,2DAA2D;IAC3D,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAI/B,8BAA8B;IAC9B,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAK7B,4CAA4C;IAC5C,QAAQ,CACN,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,mBAAmB,EAC7B,IAAI,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,GACrE,MAAM;IAeT,wEAAwE;IACxE,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,IAAI;IAQ3C,mDAAmD;IACnD,QAAQ,IAAI,QAAQ,CAAC,qBAAqB,CAAC;IAI3C,6BAA6B;IAC7B,WAAW,CAAC,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,UAAU,EAAE;IAO9E,wCAAwC;IACxC,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS;IAIjD,2BAA2B;IAC3B,IAAI,UAAU,IAAI,MAAM,CAEvB;CACF"}

package/dist/context.js

@@ -0,0 +1,90 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+/**
+ * Mutable execution context tracking cumulative state for policy enforcement.
+ * One instance per agent session.
+ */
+export class ExecutionContext {
+    #state;
+    #nextAuditId;
+    constructor(initial) {
+        this.#state = {
+            totalSpendCents: initial?.totalSpendCents ?? 0,
+            toolCallCounts: { ...initial?.toolCallCounts },
+            toolCallTimestamps: {},
+            globalCallTimestamps: [...(initial?.globalCallTimestamps ?? [])],
+            activeSkills: { ...initial?.activeSkills },
+            auditLog: [...(initial?.auditLog ?? [])],
+        };
+        // Deep-copy timestamp arrays
+        if (initial?.toolCallTimestamps) {
+            for (const [k, v] of Object.entries(initial.toolCallTimestamps)) {
+                this.#state.toolCallTimestamps[k] = [...v];
+            }
+        }
+        this.#nextAuditId = this.#state.auditLog.length + 1;
+    }
+    /** Record a completed tool call. */
+    recordCall(tool, skill, costCents, timestamp) {
+        const now = timestamp ?? Date.now();
+        this.#state.totalSpendCents += costCents;
+        this.#state.toolCallCounts[tool] = (this.#state.toolCallCounts[tool] ?? 0) + 1;
+        if (!this.#state.toolCallTimestamps[tool]) {
+            this.#state.toolCallTimestamps[tool] = [];
+        }
+        this.#state.toolCallTimestamps[tool].push(now);
+        this.#state.globalCallTimestamps.push(now);
+    }
+    /** Start a skill invocation (for concurrency tracking). */
+    startSkill(skill) {
+        this.#state.activeSkills[skill] = (this.#state.activeSkills[skill] ?? 0) + 1;
+    }
+    /** End a skill invocation. */
+    endSkill(skill) {
+        const current = this.#state.activeSkills[skill] ?? 0;
+        this.#state.activeSkills[skill] = Math.max(0, current - 1);
+    }
+    /** Add an audit entry and return its ID. */
+    addAudit(tool, decision, opts) {
+        const id = `audit-${this.#nextAuditId++}`;
+        const entry = {
+            id,
+            timestamp: Date.now(),
+            tool,
+            skill: opts?.skill,
+            decision,
+            costCents: opts?.costCents,
+            proofDigestB64: opts?.proofDigestB64,
+        };
+        this.#state.auditLog.push(entry);
+        return id;
+    }
+    /** Prune timestamps outside all rate limit windows (memory hygiene). */
+    prune(maxAgeMs, now) {
+        const cutoff = (now ?? Date.now()) - maxAgeMs;
+        this.#state.globalCallTimestamps = this.#state.globalCallTimestamps.filter((t) => t > cutoff);
+        for (const [tool, ts] of Object.entries(this.#state.toolCallTimestamps)) {
+            this.#state.toolCallTimestamps[tool] = ts.filter((t) => t > cutoff);
+        }
+    }
+    /** Snapshot the current state (read-only copy). */
+    snapshot() {
+        return structuredClone(this.#state);
+    }
+    /** Get audit log entries. */
+    getAuditLog(opts) {
+        const log = this.#state.auditLog;
+        const offset = opts?.offset ?? 0;
+        const limit = opts?.limit ?? log.length;
+        return log.slice(offset, offset + limit);
+    }
+    /** Get a specific audit entry by ID. */
+    getAuditEntry(id) {
+        return this.#state.auditLog.find((e) => e.id === id);
+    }
+    /** Total audit entries. */
+    get auditCount() {
+        return this.#state.auditLog.length;
+    }
+}
+//# sourceMappingURL=context.js.map

package/dist/context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AAInC;;;GAGG;AACH,MAAM,OAAO,gBAAgB;IAC3B,MAAM,CAAwB;IAC9B,YAAY,CAAS;IAErB,YAAY,OAAwC;QAClD,IAAI,CAAC,MAAM,GAAG;YACZ,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,CAAC;YAC9C,cAAc,EAAE,EAAE,GAAG,OAAO,EAAE,cAAc,EAAE;YAC9C,kBAAkB,EAAE,EAAE;YACtB,oBAAoB,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;YAChE,YAAY,EAAE,EAAE,GAAG,OAAO,EAAE,YAAY,EAAE;YAC1C,QAAQ,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC;SACzC,CAAC;QACF,6BAA6B;QAC7B,IAAI,OAAO,EAAE,kBAAkB,EAAE,CAAC;YAChC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAChE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IACtD,CAAC;IAED,oCAAoC;IACpC,UAAU,CAAC,IAAY,EAAE,KAAyB,EAAE,SAAiB,EAAE,SAAkB;QACvF,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QACpC,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,SAAS,CAAC;QACzC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAE/E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1C,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5C,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC/C,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC;IAED,2DAA2D;IAC3D,UAAU,CAAC,KAAa;QACtB,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAC/E,CAAC;IAED,8BAA8B;IAC9B,QAAQ,CAAC,KAAa;QACpB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,4CAA4C;IAC5C,QAAQ,CACN,IAAY,EACZ,QAA6B,EAC7B,IAAsE;QAEtE,MAAM,EAAE,GAAG,SAAS,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAe;YACxB,EAAE;YACF,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,IAAI;YACJ,KAAK,EAAE,IAAI,EAAE,KAAK;YAClB,QAAQ;YACR,SAAS,EAAE,IAAI,EAAE,SAAS;YAC1B,cAAc,EAAE,IAAI,EAAE,cAAc;SACrC,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACjC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,wEAAwE;IACxE,KAAK,CAAC,QAAgB,EAAE,GAAY;QAClC,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,QAAQ,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,oBAAoB,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QAC9F,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACxE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAED,mDAAmD;IACnD,QAAQ;QACN,OAAO,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED,6BAA6B;IAC7B,WAAW,CAAC,IAA0C;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QACjC,MAAM,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,GAAG,CAAC,MAAM,CAAC;QACxC,OAAO,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC;IAC3C,CAAC;IAED,wCAAwC;IACxC,aAAa,CAAC,EAAU;QACtB,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,2BAA2B;IAC3B,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;IACrC,CAAC;CACF"}

package/dist/enforcer.d.ts

@@ -0,0 +1,10 @@
+import type { AgentPolicy, EnforcementDecision, EnforcementRequest, ExecutionContextState } from "./types.js";
+/**
+ * Stateless policy enforcement. Checks a proposed tool call against
+ * the committed policy and current execution context.
+ *
+ * Check order: blocked → allowed → time windows → global rate limit →
+ * global spend → per-tool constraints → argument restrictions → skill constraints.
+ */
+export declare function enforcePolicy(policy: AgentPolicy, context: ExecutionContextState, request: EnforcementRequest): EnforcementDecision;
+//# sourceMappingURL=enforcer.d.ts.map

package/dist/enforcer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcer.d.ts","sourceRoot":"","sources":["../src/enforcer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,WAAW,EACX,mBAAmB,EACnB,kBAAkB,EAClB,qBAAqB,EACtB,MAAM,YAAY,CAAC;AAEpB;;;;;;GAMG;AACH,wBAAgB,aAAa,CAC3B,MAAM,EAAE,WAAW,EACnB,OAAO,EAAE,qBAAqB,EAC9B,OAAO,EAAE,kBAAkB,GAC1B,mBAAmB,CA0JrB"}

package/dist/enforcer.js

@@ -0,0 +1,216 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+/**
+ * Stateless policy enforcement. Checks a proposed tool call against
+ * the committed policy and current execution context.
+ *
+ * Check order: blocked → allowed → time windows → global rate limit →
+ * global spend → per-tool constraints → argument restrictions → skill constraints.
+ */
+export function enforcePolicy(policy, context, request) {
+    const now = request.timestamp ?? Date.now();
+    const gc = policy.globalConstraints;
+    // 1. Blocked tools (always reject)
+    if (gc.blockedTools && gc.blockedTools.includes(request.tool)) {
+        return {
+            allowed: false,
+            reason: `Tool "${request.tool}" is blocked by policy`,
+            constraint: "globalConstraints.blockedTools",
+        };
+    }
+    // 2. Allowed tools (default-deny: if no allowedTools specified, deny all)
+    if (!gc.allowedTools || gc.allowedTools.length === 0) {
+        return {
+            allowed: false,
+            reason: `Tool "${request.tool}" is not allowed — no tools enabled`,
+            constraint: "globalConstraints.allowedTools",
+        };
+    }
+    if (!gc.allowedTools.includes(request.tool)) {
+        return {
+            allowed: false,
+            reason: `Tool "${request.tool}" is not in the allowed tools list`,
+            constraint: "globalConstraints.allowedTools",
+        };
+    }
+    // 3. Time windows
+    if (gc.allowedTimeWindows && gc.allowedTimeWindows.length > 0) {
+        const inWindow = gc.allowedTimeWindows.some((tw) => isInTimeWindow(now, tw));
+        if (!inWindow) {
+            return {
+                allowed: false,
+                reason: "Current time is outside all allowed time windows",
+                constraint: "globalConstraints.allowedTimeWindows",
+            };
+        }
+    }
+    // 4. Global rate limit
+    if (gc.rateLimit) {
+        const windowStart = now - gc.rateLimit.windowMs;
+        const recentCalls = context.globalCallTimestamps.filter((t) => t > windowStart).length;
+        if (recentCalls >= gc.rateLimit.maxCalls) {
+            return {
+                allowed: false,
+                reason: `Global rate limit exceeded: ${recentCalls}/${gc.rateLimit.maxCalls} calls in ${gc.rateLimit.windowMs}ms window`,
+                constraint: "globalConstraints.rateLimit",
+            };
+        }
+    }
+    // 5. Global spend
+    if (gc.maxSpendCents !== undefined) {
+        const projectedSpend = context.totalSpendCents + (request.estimatedCostCents ?? 0);
+        if (projectedSpend > gc.maxSpendCents) {
+            return {
+                allowed: false,
+                reason: `Would exceed global spend limit: ${projectedSpend}c > ${gc.maxSpendCents}c`,
+                constraint: "globalConstraints.maxSpendCents",
+            };
+        }
+    }
+    // 6. Per-tool constraints
+    const tc = policy.toolConstraints?.[request.tool];
+    if (tc) {
+        // Per-tool rate limit
+        if (tc.rateLimit) {
+            const toolTimestamps = context.toolCallTimestamps[request.tool] ?? [];
+            const windowStart = now - tc.rateLimit.windowMs;
+            const recentCalls = toolTimestamps.filter((t) => t > windowStart).length;
+            if (recentCalls >= tc.rateLimit.maxCalls) {
+                return {
+                    allowed: false,
+                    reason: `Rate limit for "${request.tool}": ${recentCalls}/${tc.rateLimit.maxCalls} calls in ${tc.rateLimit.windowMs}ms`,
+                    constraint: `toolConstraints.${request.tool}.rateLimit`,
+                };
+            }
+        }
+        // Per-call spend cap
+        if (tc.maxSpendPerCallCents !== undefined && request.estimatedCostCents !== undefined) {
+            if (request.estimatedCostCents > tc.maxSpendPerCallCents) {
+                return {
+                    allowed: false,
+                    reason: `Tool "${request.tool}" call cost ${request.estimatedCostCents}c exceeds per-call limit of ${tc.maxSpendPerCallCents}c`,
+                    constraint: `toolConstraints.${request.tool}.maxSpendPerCallCents`,
+                };
+            }
+        }
+        // Argument restrictions
+        if (tc.argumentRestrictions) {
+            const argCheck = checkArgumentRestrictions(request.tool, request.arguments, tc.argumentRestrictions);
+            if (!argCheck.allowed)
+                return argCheck;
+        }
+    }
+    // 7. Skill constraints
+    if (request.skill) {
+        const skill = policy.skills[request.skill];
+        if (skill?.constraints) {
+            const sc = skill.constraints;
+            // Require approval
+            if (sc.requireApproval) {
+                return {
+                    allowed: false,
+                    reason: `Skill "${request.skill}" requires human approval`,
+                    constraint: `skills.${request.skill}.constraints.requireApproval`,
+                };
+            }
+            // Max concurrent
+            if (sc.maxConcurrent !== undefined) {
+                const active = context.activeSkills[request.skill] ?? 0;
+                if (active >= sc.maxConcurrent) {
+                    return {
+                        allowed: false,
+                        reason: `Skill "${request.skill}" at max concurrency: ${active}/${sc.maxConcurrent}`,
+                        constraint: `skills.${request.skill}.constraints.maxConcurrent`,
+                    };
+                }
+            }
+            // Skill rate limit
+            if (sc.rateLimit) {
+                // Use global timestamps filtered to this skill's tools as a proxy
+                // (ExecutionContext tracks per-tool, so sum up the skill's tools)
+                const windowStart = now - sc.rateLimit.windowMs;
+                let skillCalls = 0;
+                for (const toolName of skill.tools) {
+                    const ts = context.toolCallTimestamps[toolName] ?? [];
+                    skillCalls += ts.filter((t) => t > windowStart).length;
+                }
+                if (skillCalls >= sc.rateLimit.maxCalls) {
+                    return {
+                        allowed: false,
+                        reason: `Skill "${request.skill}" rate limit exceeded: ${skillCalls}/${sc.rateLimit.maxCalls}`,
+                        constraint: `skills.${request.skill}.constraints.rateLimit`,
+                    };
+                }
+            }
+        }
+    }
+    return { allowed: true };
+}
+function isInTimeWindow(now, tw) {
+    const d = new Date(now);
+    const day = d.getUTCDay();
+    if (tw.daysOfWeek && tw.daysOfWeek.length > 0 && !tw.daysOfWeek.includes(day)) {
+        return false;
+    }
+    const nowMinutes = d.getUTCHours() * 60 + d.getUTCMinutes();
+    const startMinutes = parseTimeToMinutes(tw.startUtc);
+    const endMinutes = parseTimeToMinutes(tw.endUtc);
+    if (startMinutes <= endMinutes) {
+        return nowMinutes >= startMinutes && nowMinutes < endMinutes;
+    }
+    // Wraps midnight
+    return nowMinutes >= startMinutes || nowMinutes < endMinutes;
+}
+function parseTimeToMinutes(time) {
+    const parts = time.split(":");
+    return Number(parts[0]) * 60 + Number(parts[1]);
+}
+function checkArgumentRestrictions(tool, args, restrictions) {
+    for (const [argName, restriction] of Object.entries(restrictions)) {
+        const value = args[argName];
+        if (value === undefined)
+            continue;
+        if (restriction.allowedValues && !restriction.allowedValues.includes(value)) {
+            return {
+                allowed: false,
+                reason: `Argument "${argName}" value not in allowed values for tool "${tool}"`,
+                constraint: `toolConstraints.${tool}.argumentRestrictions.${argName}.allowedValues`,
+            };
+        }
+        if (restriction.blockedValues && restriction.blockedValues.includes(value)) {
+            return {
+                allowed: false,
+                reason: `Argument "${argName}" value is blocked for tool "${tool}"`,
+                constraint: `toolConstraints.${tool}.argumentRestrictions.${argName}.blockedValues`,
+            };
+        }
+        if (typeof value === "number") {
+            if (restriction.max !== undefined && value > restriction.max) {
+                return {
+                    allowed: false,
+                    reason: `Argument "${argName}" value ${value} exceeds max ${restriction.max} for tool "${tool}"`,
+                    constraint: `toolConstraints.${tool}.argumentRestrictions.${argName}.max`,
+                };
+            }
+            if (restriction.min !== undefined && value < restriction.min) {
+                return {
+                    allowed: false,
+                    reason: `Argument "${argName}" value ${value} below min ${restriction.min} for tool "${tool}"`,
+                    constraint: `toolConstraints.${tool}.argumentRestrictions.${argName}.min`,
+                };
+            }
+        }
+        if (typeof value === "string" && restriction.pattern) {
+            const re = new RegExp(restriction.pattern);
+            if (!re.test(value)) {
+                return {
+                    allowed: false,
+                    reason: `Argument "${argName}" does not match pattern /${restriction.pattern}/ for tool "${tool}"`,
+                    constraint: `toolConstraints.${tool}.argumentRestrictions.${argName}.pattern`,
+                };
+            }
+        }
+    }
+    return { allowed: true };
+}
+//# sourceMappingURL=enforcer.js.map

package/dist/enforcer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcer.js","sourceRoot":"","sources":["../src/enforcer.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AASnC;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAC3B,MAAmB,EACnB,OAA8B,EAC9B,OAA2B;IAE3B,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IAC5C,MAAM,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAEpC,mCAAmC;IACnC,IAAI,EAAE,CAAC,YAAY,IAAI,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9D,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,SAAS,OAAO,CAAC,IAAI,wBAAwB;YACrD,UAAU,EAAE,gCAAgC;SAC7C,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,IAAI,CAAC,EAAE,CAAC,YAAY,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,SAAS,OAAO,CAAC,IAAI,qCAAqC;YAClE,UAAU,EAAE,gCAAgC;SAC7C,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,SAAS,OAAO,CAAC,IAAI,oCAAoC;YACjE,UAAU,EAAE,gCAAgC;SAC7C,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,IAAI,EAAE,CAAC,kBAAkB,IAAI,EAAE,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,MAAM,QAAQ,GAAG,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;QAC7E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,kDAAkD;gBAC1D,UAAU,EAAE,sCAAsC;aACnD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,IAAI,EAAE,CAAC,SAAS,EAAE,CAAC;QACjB,MAAM,WAAW,GAAG,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC;QAChD,MAAM,WAAW,GAAG,OAAO,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,MAAM,CAAC;QACvF,IAAI,WAAW,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YACzC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,+BAA+B,WAAW,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,aAAa,EAAE,CAAC,SAAS,CAAC,QAAQ,WAAW;gBACxH,UAAU,EAAE,6BAA6B;aAC1C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,IAAI,EAAE,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,cAAc,GAAG,OAAO,CAAC,eAAe,GAAG,CAAC,OAAO,CAAC,kBAAkB,IAAI,CAAC,CAAC,CAAC;QACnF,IAAI,cAAc,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;YACtC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,oCAAoC,cAAc,OAAO,EAAE,CAAC,aAAa,GAAG;gBACpF,UAAU,EAAE,iCAAiC;aAC9C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,EAAE,EAAE,CAAC;QACP,sBAAsB;QACtB,IAAI,EAAE,CAAC,SAAS,EAAE,CAAC;YACjB,MAAM,cAAc,GAAG,OAAO,CAAC,kBAAkB,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACtE,MAAM,WAAW,GAAG,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC;YAChD,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,MAAM,CAAC;YACzE,IAAI,WAAW,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACzC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,mBAAmB,OAAO,CAAC,IAAI,MAAM,WAAW,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,aAAa,EAAE,CAAC,SAAS,CAAC,QAAQ,IAAI;oBACvH,UAAU,EAAE,mBAAmB,OAAO,CAAC,IAAI,YAAY;iBACxD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,qBAAqB;QACrB,IAAI,EAAE,CAAC,oBAAoB,KAAK,SAAS,IAAI,OAAO,CAAC,kBAAkB,KAAK,SAAS,EAAE,CAAC;YACtF,IAAI,OAAO,CAAC,kBAAkB,GAAG,EAAE,CAAC,oBAAoB,EAAE,CAAC;gBACzD,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,SAAS,OAAO,CAAC,IAAI,eAAe,OAAO,CAAC,kBAAkB,+BAA+B,EAAE,CAAC,oBAAoB,GAAG;oBAC/H,UAAU,EAAE,mBAAmB,OAAO,CAAC,IAAI,uBAAuB;iBACnE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,IAAI,EAAE,CAAC,oBAAoB,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,yBAAyB,CACxC,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,SAAS,EACjB,EAAE,CAAC,oBAAoB,CACxB,CAAC;YACF,IAAI,CAAC,QAAQ,CAAC,OAAO;gBAAE,OAAO,QAAQ,CAAC;QACzC,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,KAAK,EAAE,WAAW,EAAE,CAAC;YACvB,MAAM,EAAE,GAAG,KAAK,CAAC,WAAW,CAAC;YAE7B,mBAAmB;YACnB,IAAI,EAAE,CAAC,eAAe,EAAE,CAAC;gBACvB,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,UAAU,OAAO,CAAC,KAAK,2BAA2B;oBAC1D,UAAU,EAAE,UAAU,OAAO,CAAC,KAAK,8BAA8B;iBAClE,CAAC;YACJ,CAAC;YAED,iBAAiB;YACjB,IAAI,EAAE,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;gBACnC,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACxD,IAAI,MAAM,IAAI,EAAE,CAAC,aAAa,EAAE,CAAC;oBAC/B,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,MAAM,EAAE,UAAU,OAAO,CAAC,KAAK,yBAAyB,MAAM,IAAI,EAAE,CAAC,aAAa,EAAE;wBACpF,UAAU,EAAE,UAAU,OAAO,CAAC,KAAK,4BAA4B;qBAChE,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,mBAAmB;YACnB,IAAI,EAAE,CAAC,SAAS,EAAE,CAAC;gBACjB,kEAAkE;gBAClE,kEAAkE;gBAClE,MAAM,WAAW,GAAG,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC;gBAChD,IAAI,UAAU,GAAG,CAAC,CAAC;gBACnB,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;oBACnC,MAAM,EAAE,GAAG,OAAO,CAAC,kBAAkB,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;oBACtD,UAAU,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,MAAM,CAAC;gBACzD,CAAC;gBACD,IAAI,UAAU,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACxC,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,MAAM,EAAE,UAAU,OAAO,CAAC,KAAK,0BAA0B,UAAU,IAAI,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE;wBAC9F,UAAU,EAAE,UAAU,OAAO,CAAC,KAAK,wBAAwB;qBAC5D,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,cAAc,CACrB,GAAW,EACX,EAA2E;IAE3E,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC;IACxB,MAAM,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC;IAC1B,IAAI,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,aAAa,EAAE,CAAC;IAC5D,MAAM,YAAY,GAAG,kBAAkB,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG,kBAAkB,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;IAEjD,IAAI,YAAY,IAAI,UAAU,EAAE,CAAC;QAC/B,OAAO,UAAU,IAAI,YAAY,IAAI,UAAU,GAAG,UAAU,CAAC;IAC/D,CAAC;IACD,iBAAiB;IACjB,OAAO,UAAU,IAAI,YAAY,IAAI,UAAU,GAAG,UAAU,CAAC;AAC/D,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY;IACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,yBAAyB,CAChC,IAAY,EACZ,IAA6B,EAC7B,YAAgM;IAEhM,KAAK,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,KAAK,KAAK,SAAS;YAAE,SAAS;QAElC,IAAI,WAAW,CAAC,aAAa,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5E,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,aAAa,OAAO,2CAA2C,IAAI,GAAG;gBAC9E,UAAU,EAAE,mBAAmB,IAAI,yBAAyB,OAAO,gBAAgB;aACpF,CAAC;QACJ,CAAC;QAED,IAAI,WAAW,CAAC,aAAa,IAAI,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3E,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,aAAa,OAAO,gCAAgC,IAAI,GAAG;gBACnE,UAAU,EAAE,mBAAmB,IAAI,yBAAyB,OAAO,gBAAgB;aACpF,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,IAAI,WAAW,CAAC,GAAG,KAAK,SAAS,IAAI,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;gBAC7D,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,aAAa,OAAO,WAAW,KAAK,gBAAgB,WAAW,CAAC,GAAG,cAAc,IAAI,GAAG;oBAChG,UAAU,EAAE,mBAAmB,IAAI,yBAAyB,OAAO,MAAM;iBAC1E,CAAC;YACJ,CAAC;YACD,IAAI,WAAW,CAAC,GAAG,KAAK,SAAS,IAAI,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;gBAC7D,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,aAAa,OAAO,WAAW,KAAK,cAAc,WAAW,CAAC,GAAG,cAAc,IAAI,GAAG;oBAC9F,UAAU,EAAE,mBAAmB,IAAI,yBAAyB,OAAO,MAAM;iBAC1E,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YACrD,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAC3C,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpB,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,aAAa,OAAO,6BAA6B,WAAW,CAAC,OAAO,eAAe,IAAI,GAAG;oBAClG,UAAU,EAAE,mBAAmB,IAAI,yBAAyB,OAAO,UAAU;iBAC9E,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC"}

package/dist/errors.d.ts

@@ -0,0 +1,19 @@
+import type { EnforcementDecision } from "./types.js";
+export declare class PolicyViolationError extends Error {
+    readonly decision: EnforcementDecision & {
+        allowed: false;
+    };
+    readonly tool: string;
+    readonly skill: string | undefined;
+    constructor(decision: EnforcementDecision & {
+        allowed: false;
+    }, tool: string, skill?: string);
+}
+export declare class PolicyCommitmentError extends Error {
+    constructor(message: string);
+}
+export declare class PolicyValidationError extends Error {
+    readonly issues: string[];
+    constructor(issues: string[]);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAEtD,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,SAAgB,QAAQ,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,KAAK,CAAA;KAAE,CAAC;IACnE,SAAgB,IAAI,EAAE,MAAM,CAAC;IAC7B,SAAgB,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;gBAGxC,QAAQ,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,KAAK,CAAA;KAAE,EAClD,IAAI,EAAE,MAAM,EACZ,KAAK,CAAC,EAAE,MAAM;CAQjB;AAED,qBAAa,qBAAsB,SAAQ,KAAK;gBAClC,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,SAAgB,MAAM,EAAE,MAAM,EAAE,CAAC;gBAErB,MAAM,EAAE,MAAM,EAAE;CAK7B"}

package/dist/errors.js

@@ -0,0 +1,29 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+export class PolicyViolationError extends Error {
+    decision;
+    tool;
+    skill;
+    constructor(decision, tool, skill) {
+        super(`Policy violation on tool "${tool}": ${decision.reason}`);
+        this.name = "PolicyViolationError";
+        this.decision = decision;
+        this.tool = tool;
+        this.skill = skill;
+    }
+}
+export class PolicyCommitmentError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "PolicyCommitmentError";
+    }
+}
+export class PolicyValidationError extends Error {
+    issues;
+    constructor(issues) {
+        super(`Invalid policy: ${issues.join("; ")}`);
+        this.name = "PolicyValidationError";
+        this.issues = issues;
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AAInC,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC7B,QAAQ,CAA2C;IACnD,IAAI,CAAS;IACb,KAAK,CAAqB;IAE1C,YACE,QAAkD,EAClD,IAAY,EACZ,KAAc;QAEd,KAAK,CAAC,6BAA6B,IAAI,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAChE,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAC9C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAC9B,MAAM,CAAW;IAEjC,YAAY,MAAgB;QAC1B,KAAK,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+export type { AgentPolicy, GlobalConstraints, RateLimit, TimeWindow, SkillDefinition, SkillConstraints, ToolConstraints, ArgumentRestriction, EnforcementDecision, EnforcementRequest, ExecutionContextState, AuditEntry, AgentInstance, PolicyCommitment, } from "./types.js";
+export { enforcePolicy } from "./enforcer.js";
+export { ExecutionContext } from "./context.js";
+export { commitPolicy, hashPolicy } from "./commitment.js";
+export { validatePolicy } from "./schema.js";
+export { PolicyViolationError, PolicyCommitmentError, PolicyValidationError, } from "./errors.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,YAAY,EACV,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,qBAAqB,EACrB,UAAU,EACV,aAAa,EACb,gBAAgB,GACjB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAG9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAGhD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAG7C,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,aAAa,CAAC"}

package/dist/index.js

@@ -0,0 +1,13 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+// Enforcement
+export { enforcePolicy } from "./enforcer.js";
+// Context
+export { ExecutionContext } from "./context.js";
+// Commitment
+export { commitPolicy, hashPolicy } from "./commitment.js";
+// Validation
+export { validatePolicy } from "./schema.js";
+// Errors
+export { PolicyViolationError, PolicyCommitmentError, PolicyValidationError, } from "./errors.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AAoBnC,cAAc;AACd,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,UAAU;AACV,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEhD,aAAa;AACb,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE3D,aAAa;AACb,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C,SAAS;AACT,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,aAAa,CAAC"}

package/dist/schema.d.ts

@@ -0,0 +1,6 @@
+import type { AgentPolicy } from "./types.js";
+/**
+ * Validate an AgentPolicy at runtime. Throws PolicyValidationError if invalid.
+ */
+export declare function validatePolicy(obj: unknown): asserts obj is AgentPolicy;
+//# sourceMappingURL=schema.d.ts.map

package/dist/schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAG9C;;GAEG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,GAAG,IAAI,WAAW,CA6CvE"}

package/dist/schema.js

@@ -0,0 +1,103 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+import { PolicyValidationError } from "./errors.js";
+/**
+ * Validate an AgentPolicy at runtime. Throws PolicyValidationError if invalid.
+ */
+export function validatePolicy(obj) {
+    const issues = [];
+    if (typeof obj !== "object" || obj === null) {
+        throw new PolicyValidationError(["Policy must be an object"]);
+    }
+    const p = obj;
+    if (p["version"] !== "occ/policy/1" && p["version"] !== "occ/policy/1") {
+        issues.push('version must be "occ/policy/1" or "occ/policy/1"');
+    }
+    if (typeof p["name"] !== "string" || p["name"].length === 0) {
+        issues.push("name must be a non-empty string");
+    }
+    if (typeof p["createdAt"] !== "number") {
+        issues.push("createdAt must be a number (Unix ms)");
+    }
+    if (typeof p["globalConstraints"] !== "object" || p["globalConstraints"] === null) {
+        issues.push("globalConstraints must be an object");
+    }
+    else {
+        validateGlobalConstraints(p["globalConstraints"], issues);
+    }
+    if (typeof p["skills"] !== "object" || p["skills"] === null) {
+        issues.push("skills must be an object");
+    }
+    else {
+        const skills = p["skills"];
+        for (const [key, skill] of Object.entries(skills)) {
+            validateSkill(key, skill, issues);
+        }
+    }
+    if (p["toolConstraints"] !== undefined) {
+        if (typeof p["toolConstraints"] !== "object" || p["toolConstraints"] === null) {
+            issues.push("toolConstraints must be an object if provided");
+        }
+    }
+    if (issues.length > 0) {
+        throw new PolicyValidationError(issues);
+    }
+}
+function validateGlobalConstraints(gc, issues) {
+    if (gc["maxSpendCents"] !== undefined && typeof gc["maxSpendCents"] !== "number") {
+        issues.push("globalConstraints.maxSpendCents must be a number");
+    }
+    if (gc["rateLimit"] !== undefined) {
+        validateRateLimit(gc["rateLimit"], "globalConstraints.rateLimit", issues);
+    }
+    if (gc["allowedTools"] !== undefined && !Array.isArray(gc["allowedTools"])) {
+        issues.push("globalConstraints.allowedTools must be an array");
+    }
+    if (gc["blockedTools"] !== undefined && !Array.isArray(gc["blockedTools"])) {
+        issues.push("globalConstraints.blockedTools must be an array");
+    }
+    if (gc["allowedTimeWindows"] !== undefined) {
+        if (!Array.isArray(gc["allowedTimeWindows"])) {
+            issues.push("globalConstraints.allowedTimeWindows must be an array");
+        }
+        else {
+            for (const tw of gc["allowedTimeWindows"]) {
+                if (typeof tw !== "object" || tw === null) {
+                    issues.push("Each time window must be an object");
+                }
+                else {
+                    const w = tw;
+                    if (typeof w["startUtc"] !== "string")
+                        issues.push("TimeWindow.startUtc must be a string");
+                    if (typeof w["endUtc"] !== "string")
+                        issues.push("TimeWindow.endUtc must be a string");
+                }
+            }
+        }
+    }
+}
+function validateSkill(key, skill, issues) {
+    if (typeof skill !== "object" || skill === null) {
+        issues.push(`skills.${key} must be an object`);
+        return;
+    }
+    const s = skill;
+    if (typeof s["name"] !== "string") {
+        issues.push(`skills.${key}.name must be a string`);
+    }
+    if (!Array.isArray(s["tools"])) {
+        issues.push(`skills.${key}.tools must be an array`);
+    }
+}
+function validateRateLimit(rl, path, issues) {
+    if (typeof rl !== "object" || rl === null) {
+        issues.push(`${path} must be an object`);
+        return;
+    }
+    const r = rl;
+    if (typeof r["maxCalls"] !== "number")
+        issues.push(`${path}.maxCalls must be a number`);
+    if (typeof r["windowMs"] !== "number")
+        issues.push(`${path}.windowMs must be a number`);
+}
+//# sourceMappingURL=schema.js.map

package/dist/schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC;AAGnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEpD;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,GAAY;IACzC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QAC5C,MAAM,IAAI,qBAAqB,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,GAAG,GAA8B,CAAC;IAEzC,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,cAAc,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,cAAc,EAAE,CAAC;QACvE,MAAM,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IACjD,CAAC;IAED,IAAI,OAAO,CAAC,CAAC,WAAW,CAAC,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,IAAI,OAAO,CAAC,CAAC,mBAAmB,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,IAAI,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,yBAAyB,CAAC,CAAC,CAAC,mBAAmB,CAA4B,EAAE,MAAM,CAAC,CAAC;IACvF,CAAC;IAED,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,CAA4B,CAAC;QACtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,aAAa,CAAC,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,CAAC,iBAAiB,CAAC,KAAK,SAAS,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,CAAC,iBAAiB,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;AACH,CAAC;AAED,SAAS,yBAAyB,CAAC,EAA2B,EAAE,MAAgB;IAC9E,IAAI,EAAE,CAAC,eAAe,CAAC,KAAK,SAAS,IAAI,OAAO,EAAE,CAAC,eAAe,CAAC,KAAK,QAAQ,EAAE,CAAC;QACjF,MAAM,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,EAAE,CAAC,WAAW,CAAC,KAAK,SAAS,EAAE,CAAC;QAClC,iBAAiB,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,6BAA6B,EAAE,MAAM,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,EAAE,CAAC,cAAc,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;QAC3E,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,EAAE,CAAC,cAAc,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;QAC3E,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,EAAE,CAAC,oBAAoB,CAAC,KAAK,SAAS,EAAE,CAAC;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QACvE,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,EAAE,IAAI,EAAE,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC1C,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;oBAC1C,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACpD,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,EAA6B,CAAC;oBACxC,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ;wBAAE,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;oBAC3F,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ;wBAAE,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACzF,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,KAAc,EAAE,MAAgB;IAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,oBAAoB,CAAC,CAAC;QAC/C,OAAO;IACT,CAAC;IACD,MAAM,CAAC,GAAG,KAAgC,CAAC;IAC3C,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,wBAAwB,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,yBAAyB,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,EAAW,EAAE,IAAY,EAAE,MAAgB;IACpE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,oBAAoB,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IACD,MAAM,CAAC,GAAG,EAA6B,CAAC;IACxC,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,4BAA4B,CAAC,CAAC;IACxF,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,4BAA4B,CAAC,CAAC;AAC1F,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,118 @@
+import type { OCCProof } from "occproof";
+/** Top-level agent policy document. Committed to OCC before agent runs. */
+export interface AgentPolicy {
+    version: "occ/policy/1" | "occ/policy/1";
+    name: string;
+    description?: string | undefined;
+    createdAt: number;
+    /** Global constraints that apply to ALL tool calls. */
+    globalConstraints: GlobalConstraints;
+    /** Named skills — groups of tools with skill-level constraints. */
+    skills: Record<string, SkillDefinition>;
+    /** Per-tool overrides. */
+    toolConstraints?: Record<string, ToolConstraints> | undefined;
+}
+/** Constraints that apply across all tools/skills. */
+export interface GlobalConstraints {
+    /** Max total spend (cumulative, in cents to avoid float issues). */
+    maxSpendCents?: number | undefined;
+    /** Max tool calls per time window. */
+    rateLimit?: RateLimit | undefined;
+    /** Time windows when agent is allowed to operate (UTC). */
+    allowedTimeWindows?: TimeWindow[] | undefined;
+    /** If set, only these tools are permitted (allowlist). */
+    allowedTools?: string[] | undefined;
+    /** These tools are never permitted (blocklist, overrides allowedTools). */
+    blockedTools?: string[] | undefined;
+}
+export interface RateLimit {
+    maxCalls: number;
+    windowMs: number;
+}
+export interface TimeWindow {
+    /** Day-of-week filter (0=Sun). Empty/undefined = every day. */
+    daysOfWeek?: number[] | undefined;
+    /** Start time "HH:MM" in UTC. */
+    startUtc: string;
+    /** End time "HH:MM" in UTC. */
+    endUtc: string;
+}
+/** A skill groups related tool calls with skill-level constraints. */
+export interface SkillDefinition {
+    name: string;
+    /** Ordered list of tool names this skill orchestrates. */
+    tools: string[];
+    constraints?: SkillConstraints | undefined;
+}
+export interface SkillConstraints {
+    /** Per-invocation spend limit for this skill (cents). */
+    maxSpendPerInvocationCents?: number | undefined;
+    /** Max concurrent executions of this skill. */
+    maxConcurrent?: number | undefined;
+    /** Skill-specific rate limit. */
+    rateLimit?: RateLimit | undefined;
+    /** If true, requires human approval before execution. */
+    requireApproval?: boolean | undefined;
+}
+/** Per-tool constraint overrides. */
+export interface ToolConstraints {
+    rateLimit?: RateLimit | undefined;
+    /** Per-call spend cap for this tool (cents). */
+    maxSpendPerCallCents?: number | undefined;
+    /** Specific argument value restrictions. */
+    argumentRestrictions?: Record<string, ArgumentRestriction> | undefined;
+}
+export interface ArgumentRestriction {
+    allowedValues?: unknown[] | undefined;
+    blockedValues?: unknown[] | undefined;
+    max?: number | undefined;
+    min?: number | undefined;
+    /** Regex pattern the string value must match. */
+    pattern?: string | undefined;
+}
+export type EnforcementDecision = {
+    allowed: true;
+} | {
+    allowed: false;
+    reason: string;
+    constraint: string;
+};
+export interface EnforcementRequest {
+    tool: string;
+    skill?: string | undefined;
+    arguments: Record<string, unknown>;
+    estimatedCostCents?: number | undefined;
+    timestamp?: number | undefined;
+}
+export interface ExecutionContextState {
+    totalSpendCents: number;
+    toolCallCounts: Record<string, number>;
+    toolCallTimestamps: Record<string, number[]>;
+    globalCallTimestamps: number[];
+    activeSkills: Record<string, number>;
+    auditLog: AuditEntry[];
+}
+export interface AuditEntry {
+    id: string;
+    timestamp: number;
+    tool: string;
+    skill?: string | undefined;
+    decision: EnforcementDecision;
+    costCents?: number | undefined;
+    proofDigestB64?: string | undefined;
+}
+/** An agent instance with its own policy and execution context. */
+export interface AgentInstance {
+    id: string;
+    name: string;
+    policy: AgentPolicy;
+    createdAt: number;
+    status: "active" | "paused";
+}
+export interface PolicyCommitment {
+    policy: AgentPolicy;
+    policyDigestB64: string;
+    occProof: OCCProof;
+    committedAt: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AAIzC,2EAA2E;AAC3E,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,cAAc,GAAG,cAAc,CAAC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,uDAAuD;IACvD,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,mEAAmE;IACnE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IACxC,0BAA0B;IAC1B,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,GAAG,SAAS,CAAC;CAC/D;AAED,sDAAsD;AACtD,MAAM,WAAW,iBAAiB;IAChC,oEAAoE;IACpE,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,sCAAsC;IACtC,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;IAClC,2DAA2D;IAC3D,kBAAkB,CAAC,EAAE,UAAU,EAAE,GAAG,SAAS,CAAC;IAC9C,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IACpC,2EAA2E;IAC3E,YAAY,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;CACrC;AAED,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,+DAA+D;IAC/D,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IAClC,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,sEAAsE;AACtE,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,0DAA0D;IAC1D,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAAC;CAC5C;AAED,MAAM,WAAW,gBAAgB;IAC/B,yDAAyD;IACzD,0BAA0B,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAChD,+CAA+C;IAC/C,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,iCAAiC;IACjC,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;IAClC,yDAAyD;IACzD,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;CACvC;AAED,qCAAqC;AACrC,MAAM,WAAW,eAAe;IAC9B,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;IAClC,gDAAgD;IAChD,oBAAoB,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1C,4CAA4C;IAC5C,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAAC,GAAG,SAAS,CAAC;CACxE;AAED,MAAM,WAAW,mBAAmB;IAClC,aAAa,CAAC,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC;IACtC,aAAa,CAAC,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC;IACtC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACzB,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACzB,iDAAiD;IACjD,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC9B;AAID,MAAM,MAAM,mBAAmB,GAC3B;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GACjB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC;AAI3D,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACxC,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAChC;AAID,MAAM,WAAW,qBAAqB;IACpC,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACvC,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7C,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,QAAQ,EAAE,UAAU,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC3B,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CACrC;AAID,mEAAmE;AACnE,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,WAAW,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,QAAQ,GAAG,QAAQ,CAAC;CAC7B;AAID,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB"}

package/dist/types.js

@@ -0,0 +1,4 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Mike Argento
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,mCAAmC"}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@occ-core/policy-sdk",
+  "version": "1.0.0",
+  "description": "Policy definition and enforcement for OCC Agent",
+  "author": "Mike Argento",
+  "license": "Apache-2.0",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mikeargento/occ",
+    "directory": "packages/policy-sdk"
+  },
+  "keywords": [
+    "occ",
+    "policy",
+    "enforcement",
+    "occ-agent",
+    "agent",
+    "constraints"
+  ],
+  "dependencies": {
+    "@noble/hashes": "^1.4.0",
+    "occproof": "^1.0.2"
+  },
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.4.0"
+  },
+  "engines": {
+    "node": ">=20.0.0"
+  }
+}