@openguardrails/gateway 1.0.0

package/dist/index.js

@@ -0,0 +1,136 @@
+#!/usr/bin/env node
+/**
+ * OpenGuardrails AI Security Gateway
+ *
+ * Local HTTP proxy that intercepts LLM API calls, sanitizes sensitive data
+ * before sending to providers, and restores it in responses.
+ * Supports Anthropic, OpenAI, and Gemini protocols.
+ */
+import { createServer } from "node:http";
+import { loadConfig, validateConfig } from "./config.js";
+import { handleAnthropicRequest } from "./handlers/anthropic.js";
+import { handleOpenAIRequest } from "./handlers/openai.js";
+import { handleGeminiRequest } from "./handlers/gemini.js";
+const GATEWAY_MODE = process.env.GATEWAY_MODE || "selfhosted";
+let config;
+/**
+ * Main request handler
+ */
+async function handleRequest(req, res) {
+    const { method, url } = req;
+    // Log request
+    console.log(`[ai-security-gateway] ${method} ${url}`);
+    // CORS headers (for browser-based clients)
+    res.setHeader("Access-Control-Allow-Origin", "*");
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, x-api-key, anthropic-version");
+    // Handle OPTIONS for CORS preflight
+    if (method === "OPTIONS") {
+        res.writeHead(204);
+        res.end();
+        return;
+    }
+    // Health check (allow GET)
+    if (url === "/health") {
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ status: "ok", version: "1.0.0" }));
+        return;
+    }
+    // Only allow POST for API endpoints
+    if (method !== "POST") {
+        res.writeHead(405, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Method not allowed" }));
+        return;
+    }
+    // Route to appropriate handler
+    try {
+        if (url === "/v1/messages") {
+            // Anthropic Messages API
+            await handleAnthropicRequest(req, res, config);
+        }
+        else if (url === "/v1/chat/completions") {
+            // OpenAI Chat Completions API
+            await handleOpenAIRequest(req, res, config);
+        }
+        else if (url?.match(/^\/v1\/models\/(.+):generateContent$/)) {
+            // Gemini API
+            const match = url.match(/^\/v1\/models\/(.+):generateContent$/);
+            const modelName = match?.[1];
+            if (modelName) {
+                await handleGeminiRequest(req, res, config, modelName);
+            }
+            else {
+                res.writeHead(404, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "Model name required" }));
+            }
+        }
+        else {
+            // Unknown endpoint
+            res.writeHead(404, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Not found", url }));
+        }
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Request handler error:", error);
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({
+            error: "Internal server error",
+            message: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+/**
+ * Start gateway server
+ */
+export function startGateway(configPath) {
+    try {
+        // Load and validate configuration
+        config = loadConfig(configPath);
+        validateConfig(config);
+        console.log("[ai-security-gateway] Configuration loaded:");
+        console.log(`  Mode: ${GATEWAY_MODE}`);
+        console.log(`  Port: ${config.port}`);
+        console.log(`  Backends: ${Object.keys(config.backends).join(", ")}`);
+        // Create HTTP server
+        const server = createServer(handleRequest);
+        // Start listening
+        server.listen(config.port, "127.0.0.1", () => {
+            console.log(`[ai-security-gateway] Server listening on http://127.0.0.1:${config.port}`);
+            console.log("[ai-security-gateway] Ready to proxy requests");
+            console.log("");
+            console.log("Endpoints:");
+            console.log(`  POST http://127.0.0.1:${config.port}/v1/messages - Anthropic`);
+            console.log(`  POST http://127.0.0.1:${config.port}/v1/chat/completions - OpenAI`);
+            console.log(`  POST http://127.0.0.1:${config.port}/v1/models/:model:generateContent - Gemini`);
+            console.log(`  GET  http://127.0.0.1:${config.port}/health - Health check`);
+        });
+        // Handle shutdown
+        process.on("SIGINT", () => {
+            console.log("\n[ai-security-gateway] Shutting down...");
+            server.close(() => {
+                console.log("[ai-security-gateway] Server stopped");
+                process.exit(0);
+            });
+        });
+        process.on("SIGTERM", () => {
+            console.log("\n[ai-security-gateway] Shutting down...");
+            server.close(() => {
+                console.log("[ai-security-gateway] Server stopped");
+                process.exit(0);
+            });
+        });
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Failed to start:", error);
+        process.exit(1);
+    }
+}
+// Re-export for programmatic use
+export { sanitize, sanitizeMessages } from "./sanitizer.js";
+export { restore, restoreJSON, restoreSSELine } from "./restorer.js";
+// Start if run directly
+if (import.meta.url === `file://${process.argv[1]}`) {
+    const configPath = process.argv[2];
+    startGateway(configPath);
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;GAMG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEzC,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,YAAY,CAAC;AAE9D,IAAI,MAAqB,CAAC;AAE1B;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,GAAoB,EACpB,GAAmB;IAEnB,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IAE5B,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;IAEtD,2CAA2C;IAC3C,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;IACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,2DAA2D,CAAC,CAAC;IAE3G,oCAAoC;IACpC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,2BAA2B;IAC3B,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;QAC5D,OAAO;IACT,CAAC;IAED,oCAAoC;IACpC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC,CAAC;QACzD,OAAO;IACT,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC;QACH,IAAI,GAAG,KAAK,cAAc,EAAE,CAAC;YAC3B,yBAAyB;YACzB,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACjD,CAAC;aAAM,IAAI,GAAG,KAAK,sBAAsB,EAAE,CAAC;YAC1C,8BAA8B;YAC9B,MAAM,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC9C,CAAC;aAAM,IAAI,GAAG,EAAE,KAAK,CAAC,sCAAsC,CAAC,EAAE,CAAC;YAC9D,aAAa;YACb,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7B,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;YACzD,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;aAAM,CAAC;YACN,mBAAmB;YACnB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,KAAK,CAAC,CAAC;QACrE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,UAAmB;IAC9C,IAAI,CAAC;QACH,kCAAkC;QAClC,MAAM,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;QAChC,cAAc,CAAC,MAAM,CAAC,CAAC;QAEvB,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,WAAW,YAAY,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACtC,OAAO,CAAC,GAAG,CACT,eAAe,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzD,CAAC;QAEF,qBAAqB;QACrB,MAAM,MAAM,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;QAE3C,kBAAkB;QAClB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YAC3C,OAAO,CAAC,GAAG,CACT,8DAA8D,MAAM,CAAC,IAAI,EAAE,CAC5E,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC7D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,0BAA0B,CAAC,CAAC;YAC9E,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,+BAA+B,CAAC,CAAC;YACnF,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,4CAA4C,CAAC,CAAC;YAChG,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,wBAAwB,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QAEH,kBAAkB;QAClB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;YACxB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;YACxD,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;gBAChB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;YACzB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;YACxD,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;gBAChB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,iCAAiC;AACjC,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAGrE,wBAAwB;AACxB,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnC,YAAY,CAAC,UAAU,CAAC,CAAC;AAC3B,CAAC"}

package/dist/restorer.d.ts

@@ -0,0 +1,21 @@
+/**
+ * AI Security Gateway - Content restorer
+ *
+ * Restores sanitized placeholders back to original values using the mapping table.
+ */
+import type { MappingTable } from "./types.js";
+/**
+ * Restore any content (object, array, string) using the mapping table
+ */
+export declare function restore(content: any, mappingTable: MappingTable): any;
+/**
+ * Restore a JSON string
+ * Useful for SSE streaming where each chunk is a JSON string
+ */
+export declare function restoreJSON(jsonString: string, mappingTable: MappingTable): string;
+/**
+ * Restore SSE data line (for streaming responses)
+ * Format: "data: {...}\n"
+ */
+export declare function restoreSSELine(line: string, mappingTable: MappingTable): string;
+//# sourceMappingURL=restorer.d.ts.map

package/dist/restorer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"restorer.d.ts","sourceRoot":"","sources":["../src/restorer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAiD/C;;GAEG;AACH,wBAAgB,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,YAAY,GAAG,GAAG,CAGrE;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,MAAM,CAYlF;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,MAAM,CAe/E"}

package/dist/restorer.js

@@ -0,0 +1,91 @@
+/**
+ * AI Security Gateway - Content restorer
+ *
+ * Restores sanitized placeholders back to original values using the mapping table.
+ */
+/**
+ * Restore placeholders in a string
+ */
+function restoreText(text, mappingTable) {
+    let restored = text;
+    // Sort placeholders by length descending to handle nested cases
+    const placeholders = Array.from(mappingTable.keys()).sort((a, b) => b.length - a.length);
+    for (const placeholder of placeholders) {
+        const originalValue = mappingTable.get(placeholder);
+        // Use split/join for safe replacement (handles special regex chars)
+        restored = restored.split(placeholder).join(originalValue);
+    }
+    return restored;
+}
+/**
+ * Recursively restore any value (string, object, array)
+ */
+function restoreValue(value, mappingTable) {
+    // String: restore placeholders
+    if (typeof value === "string") {
+        return restoreText(value, mappingTable);
+    }
+    // Array: restore each element
+    if (Array.isArray(value)) {
+        return value.map((item) => restoreValue(item, mappingTable));
+    }
+    // Object: restore each property
+    if (value !== null && typeof value === "object") {
+        const restored = {};
+        for (const [key, val] of Object.entries(value)) {
+            restored[key] = restoreValue(val, mappingTable);
+        }
+        return restored;
+    }
+    // Primitives: return as-is
+    return value;
+}
+/**
+ * Restore any content (object, array, string) using the mapping table
+ */
+export function restore(content, mappingTable) {
+    if (mappingTable.size === 0)
+        return content;
+    return restoreValue(content, mappingTable);
+}
+/**
+ * Restore a JSON string
+ * Useful for SSE streaming where each chunk is a JSON string
+ */
+export function restoreJSON(jsonString, mappingTable) {
+    if (mappingTable.size === 0)
+        return jsonString;
+    try {
+        // Try to parse as JSON first
+        const parsed = JSON.parse(jsonString);
+        const restored = restore(parsed, mappingTable);
+        return JSON.stringify(restored);
+    }
+    catch {
+        // If not valid JSON, treat as plain text
+        return restoreText(jsonString, mappingTable);
+    }
+}
+/**
+ * Restore SSE data line (for streaming responses)
+ * Format: "data: {...}\n"
+ */
+export function restoreSSELine(line, mappingTable) {
+    if (mappingTable.size === 0)
+        return line;
+    if (!line.startsWith("data: "))
+        return line;
+    const dataContent = line.slice(6); // Remove "data: " prefix
+    if (dataContent === "[DONE]")
+        return line;
+    try {
+        const parsed = JSON.parse(dataContent);
+        const restored = restore(parsed, mappingTable);
+        return `data: ${JSON.stringify(restored)}\n`;
+    }
+    catch {
+        // Fallback to text restoration
+        return `data: ${restoreText(dataContent, mappingTable)}\n`;
+    }
+}
+//# sourceMappingURL=restorer.js.map

package/dist/restorer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"restorer.js","sourceRoot":"","sources":["../src/restorer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,SAAS,WAAW,CAAC,IAAY,EAAE,YAA0B;IAC3D,IAAI,QAAQ,GAAG,IAAI,CAAC;IAEpB,gEAAgE;IAChE,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CACvD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAC9B,CAAC;IAEF,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;QACvC,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAE,CAAC;QACrD,oEAAoE;QACpE,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,KAAU,EAAE,YAA0B;IAC1D,+BAA+B;IAC/B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,WAAW,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IAC1C,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED,gCAAgC;IAChC,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAChD,MAAM,QAAQ,GAAQ,EAAE,CAAC;QACzB,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/C,QAAQ,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,2BAA2B;IAC3B,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,OAAO,CAAC,OAAY,EAAE,YAA0B;IAC9D,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAC5C,OAAO,YAAY,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;AAC7C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,UAAkB,EAAE,YAA0B;IACxE,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,UAAU,CAAC;IAE/C,IAAI,CAAC;QACH,6BAA6B;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,yCAAyC;QACzC,OAAO,WAAW,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,IAAY,EAAE,YAA0B;IACrE,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,yBAAyB;IAC5D,IAAI,WAAW,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACvC,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;QAC/C,OAAO,SAAS,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,+BAA+B;QAC/B,OAAO,SAAS,WAAW,CAAC,WAAW,EAAE,YAAY,CAAC,IAAI,CAAC;IAC7D,CAAC;AACH,CAAC"}

package/dist/sanitizer.d.ts

@@ -0,0 +1,17 @@
+/**
+ * AI Security Gateway - Content sanitizer
+ *
+ * Recursively processes message structures, replaces sensitive data with
+ * numbered placeholders, and returns a mapping table for restoration.
+ */
+import type { SanitizeResult } from "./types.js";
+/**
+ * Sanitize any content (messages array, object, string)
+ * Returns sanitized content and mapping table for restoration
+ */
+export declare function sanitize(content: any): SanitizeResult;
+/**
+ * Sanitize messages array (common case for LLM APIs)
+ */
+export declare function sanitizeMessages(messages: any[]): SanitizeResult;
+//# sourceMappingURL=sanitizer.d.ts.map

package/dist/sanitizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizer.d.ts","sourceRoot":"","sources":["../src/sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAA6B,MAAM,YAAY,CAAC;AAwP5E;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,OAAO,EAAE,GAAG,GAAG,cAAc,CAWrD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,cAAc,CAEhE"}

package/dist/sanitizer.js

@@ -0,0 +1,226 @@
+/**
+ * AI Security Gateway - Content sanitizer
+ *
+ * Recursively processes message structures, replaces sensitive data with
+ * numbered placeholders, and returns a mapping table for restoration.
+ */
+const ENTITIES = [
+    // URLs (must come before email to avoid partial matches)
+    {
+        category: "URL",
+        categoryKey: "url",
+        pattern: /https?:\/\/[^\s<>"{}|\\^`\[\]]+/g,
+    },
+    // Email
+    {
+        category: "EMAIL",
+        categoryKey: "email",
+        pattern: /[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}/g,
+    },
+    // Credit Card (4 groups of 4 digits)
+    {
+        category: "CREDIT_CARD",
+        categoryKey: "credit_card",
+        pattern: /\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b/g,
+    },
+    // Bank Card (Chinese format: 16-19 digits)
+    {
+        category: "BANK_CARD",
+        categoryKey: "bank_card",
+        pattern: /\b\d{16,19}\b/g,
+    },
+    // SSN (###-##-####)
+    {
+        category: "SSN",
+        categoryKey: "ssn",
+        pattern: /\b\d{3}-\d{2}-\d{4}\b/g,
+    },
+    // IBAN
+    {
+        category: "IBAN",
+        categoryKey: "iban",
+        pattern: /\b[A-Z]{2}\d{2}[A-Z0-9]{4}\d{7}[A-Z0-9]{0,16}\b/g,
+    },
+    // IP Address
+    {
+        category: "IP_ADDRESS",
+        categoryKey: "ip",
+        pattern: /\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/g,
+    },
+    // Phone numbers (US/intl formats, including +86-xxx-xxxx-xxxx)
+    {
+        category: "PHONE",
+        categoryKey: "phone",
+        pattern: /[+]?[0-9]{1,3}?[-\s.]?[(]?[0-9]{3}[)]?[-\s.][0-9]{3,4}[-\s.][0-9]{4,6}\b/g,
+    },
+];
+// Known secret prefixes
+const SECRET_PREFIXES = [
+    "sk-",
+    "sk_",
+    "pk_",
+    "ghp_",
+    "AKIA",
+    "xox",
+    "SG.",
+    "hf_",
+    "api-",
+    "token-",
+    "secret-",
+];
+const BEARER_PATTERN = /Bearer\s+[A-Za-z0-9\-_.~+/]+=*/g;
+const SECRET_PREFIX_PATTERN = new RegExp(`(?:${SECRET_PREFIXES.map((p) => p.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")).join("|")})[A-Za-z0-9\\-_.~+/]{8,}=*`, "g");
+// =============================================================================
+// Shannon Entropy
+// =============================================================================
+function shannonEntropy(s) {
+    if (s.length === 0)
+        return 0;
+    const freq = new Map();
+    for (const ch of s) {
+        freq.set(ch, (freq.get(ch) ?? 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / s.length;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+// =============================================================================
+// Match Collection
+// =============================================================================
+function collectMatches(content) {
+    const matches = [];
+    // Regex-based entities
+    for (const entity of ENTITIES) {
+        entity.pattern.lastIndex = 0;
+        let m;
+        while ((m = entity.pattern.exec(content)) !== null) {
+            matches.push({
+                originalText: m[0],
+                category: entity.categoryKey,
+                placeholder: "", // Will be set later with numbering
+            });
+        }
+    }
+    // Secret prefixes
+    SECRET_PREFIX_PATTERN.lastIndex = 0;
+    let m;
+    while ((m = SECRET_PREFIX_PATTERN.exec(content)) !== null) {
+        matches.push({
+            originalText: m[0],
+            category: "secret",
+            placeholder: "",
+        });
+    }
+    // Bearer tokens
+    BEARER_PATTERN.lastIndex = 0;
+    while ((m = BEARER_PATTERN.exec(content)) !== null) {
+        matches.push({
+            originalText: m[0],
+            category: "secret",
+            placeholder: "",
+        });
+    }
+    // High-entropy tokens
+    const tokenPattern = /\b[A-Za-z0-9\-_.~+/]{20,}={0,3}\b/g;
+    tokenPattern.lastIndex = 0;
+    while ((m = tokenPattern.exec(content)) !== null) {
+        const token = m[0];
+        if (matches.some((existing) => existing.originalText === token))
+            continue;
+        if (/^[a-z]+$/.test(token))
+            continue;
+        if (shannonEntropy(token) >= 4.0) {
+            matches.push({
+                originalText: token,
+                category: "secret",
+                placeholder: "",
+            });
+        }
+    }
+    return matches;
+}
+// =============================================================================
+// Text Sanitization
+// =============================================================================
+function sanitizeText(text, mappingTable, categoryCounters) {
+    const matches = collectMatches(text);
+    if (matches.length === 0)
+        return text;
+    // Deduplicate by original text
+    const unique = new Map();
+    for (const match of matches) {
+        if (!unique.has(match.originalText)) {
+            unique.set(match.originalText, match);
+        }
+    }
+    // Sort by length descending
+    const sorted = [...unique.values()].sort((a, b) => b.originalText.length - a.originalText.length);
+    // Replace and build mapping table
+    let sanitized = text;
+    for (const match of sorted) {
+        // Generate numbered placeholder
+        const counter = (categoryCounters.get(match.category) ?? 0) + 1;
+        categoryCounters.set(match.category, counter);
+        const placeholder = `__${match.category}_${counter}__`;
+        // Replace all occurrences
+        const parts = sanitized.split(match.originalText);
+        if (parts.length > 1) {
+            sanitized = parts.join(placeholder);
+            mappingTable.set(placeholder, match.originalText);
+        }
+    }
+    return sanitized;
+}
+// =============================================================================
+// Recursive Sanitization
+// =============================================================================
+/**
+ * Recursively sanitize any value (string, object, array)
+ */
+function sanitizeValue(value, mappingTable, categoryCounters) {
+    // String: sanitize directly
+    if (typeof value === "string") {
+        return sanitizeText(value, mappingTable, categoryCounters);
+    }
+    // Array: sanitize each element
+    if (Array.isArray(value)) {
+        return value.map((item) => sanitizeValue(item, mappingTable, categoryCounters));
+    }
+    // Object: sanitize each property
+    if (value !== null && typeof value === "object") {
+        const sanitized = {};
+        for (const [key, val] of Object.entries(value)) {
+            sanitized[key] = sanitizeValue(val, mappingTable, categoryCounters);
+        }
+        return sanitized;
+    }
+    // Primitives: return as-is
+    return value;
+}
+// =============================================================================
+// Public API
+// =============================================================================
+/**
+ * Sanitize any content (messages array, object, string)
+ * Returns sanitized content and mapping table for restoration
+ */
+export function sanitize(content) {
+    const mappingTable = new Map();
+    const categoryCounters = new Map();
+    const sanitized = sanitizeValue(content, mappingTable, categoryCounters);
+    return {
+        sanitized,
+        mappingTable,
+        redactionCount: mappingTable.size,
+    };
+}
+/**
+ * Sanitize messages array (common case for LLM APIs)
+ */
+export function sanitizeMessages(messages) {
+    return sanitize(messages);
+}
+//# sourceMappingURL=sanitizer.js.map

package/dist/sanitizer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizer.js","sourceRoot":"","sources":["../src/sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAcH,MAAM,QAAQ,GAAa;IACzB,yDAAyD;IACzD;QACE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,OAAO,EAAE,kCAAkC;KAC5C;IACD,QAAQ;IACR;QACE,QAAQ,EAAE,OAAO;QACjB,WAAW,EAAE,OAAO;QACpB,OAAO,EAAE,mDAAmD;KAC7D;IACD,qCAAqC;IACrC;QACE,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,aAAa;QAC1B,OAAO,EAAE,6CAA6C;KACvD;IACD,2CAA2C;IAC3C;QACE,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,WAAW;QACxB,OAAO,EAAE,gBAAgB;KAC1B;IACD,oBAAoB;IACpB;QACE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,OAAO,EAAE,wBAAwB;KAClC;IACD,OAAO;IACP;QACE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,MAAM;QACnB,OAAO,EAAE,kDAAkD;KAC5D;IACD,aAAa;IACb;QACE,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,oCAAoC;KAC9C;IACD,+DAA+D;IAC/D;QACE,QAAQ,EAAE,OAAO;QACjB,WAAW,EAAE,OAAO;QACpB,OAAO,EAAE,2EAA2E;KACrF;CACF,CAAC;AAEF,wBAAwB;AACxB,MAAM,eAAe,GAAG;IACtB,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,QAAQ;IACR,SAAS;CACV,CAAC;AAEF,MAAM,cAAc,GAAG,iCAAiC,CAAC;AAEzD,MAAM,qBAAqB,GAAG,IAAI,MAAM,CACtC,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,4BAA4B,EAChH,GAAG,CACJ,CAAC;AAEF,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF,SAAS,cAAc,CAAC,CAAS;IAC/B,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QAC3B,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF,SAAS,cAAc,CAAC,OAAe;IACrC,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,uBAAuB;IACvB,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAyB,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC;gBACX,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAClB,QAAQ,EAAE,MAAM,CAAC,WAAW;gBAC5B,WAAW,EAAE,EAAE,EAAE,mCAAmC;aACrD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,qBAAqB,CAAC,SAAS,GAAG,CAAC,CAAC;IACpC,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC;YACX,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;YAClB,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,EAAE;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB;IAChB,cAAc,CAAC,SAAS,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC;YACX,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;YAClB,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,EAAE;SAChB,CAAC,CAAC;IACL,CAAC;IAED,sBAAsB;IACtB,MAAM,YAAY,GAAG,oCAAoC,CAAC;IAC1D,YAAY,CAAC,SAAS,GAAG,CAAC,CAAC;IAC3B,OAAO,CAAC,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,YAAY,KAAK,KAAK,CAAC;YAAE,SAAS;QAC1E,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,SAAS;QACrC,IAAI,cAAc,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC;gBACX,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,WAAW,EAAE,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,gFAAgF;AAChF,oBAAoB;AACpB,gFAAgF;AAEhF,SAAS,YAAY,CACnB,IAAY,EACZ,YAA0B,EAC1B,gBAAqC;IAErC,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACrC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,+BAA+B;IAC/B,MAAM,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,MAAM,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,YAAY,CAAC,MAAM,CACxD,CAAC;IAEF,kCAAkC;IAClC,IAAI,SAAS,GAAG,IAAI,CAAC;IACrB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,gCAAgC;QAChC,MAAM,OAAO,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAChE,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,KAAK,KAAK,CAAC,QAAQ,IAAI,OAAO,IAAI,CAAC;QAEvD,0BAA0B;QAC1B,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAClD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACpC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,gFAAgF;AAChF,yBAAyB;AACzB,gFAAgF;AAEhF;;GAEG;AACH,SAAS,aAAa,CACpB,KAAU,EACV,YAA0B,EAC1B,gBAAqC;IAErC,4BAA4B;IAC5B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,YAAY,CAAC,KAAK,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;IAC7D,CAAC;IAED,+BAA+B;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CACxB,aAAa,CAAC,IAAI,EAAE,YAAY,EAAE,gBAAgB,CAAC,CACpD,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAChD,MAAM,SAAS,GAAQ,EAAE,CAAC;QAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/C,SAAS,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,2BAA2B;IAC3B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gFAAgF;AAChF,aAAa;AACb,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,UAAU,QAAQ,CAAC,OAAY;IACnC,MAAM,YAAY,GAAiB,IAAI,GAAG,EAAE,CAAC;IAC7C,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAEnD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;IAEzE,OAAO;QACL,SAAS;QACT,YAAY;QACZ,cAAc,EAAE,YAAY,CAAC,IAAI;KAClC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAe;IAC9C,OAAO,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC5B,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,35 @@
+/**
+ * AI Security Gateway types
+ */
+export type MappingTable = Map<string, string>;
+export type SanitizeResult = {
+    sanitized: any;
+    mappingTable: MappingTable;
+    redactionCount: number;
+};
+export type GatewayConfig = {
+    port: number;
+    backends: {
+        anthropic?: {
+            baseUrl: string;
+            apiKey: string;
+        };
+        openai?: {
+            baseUrl: string;
+            apiKey: string;
+        };
+        gemini?: {
+            baseUrl: string;
+            apiKey: string;
+        };
+    };
+    routing?: {
+        [path: string]: keyof GatewayConfig["backends"];
+    };
+};
+export type EntityMatch = {
+    originalText: string;
+    category: string;
+    placeholder: string;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,MAAM,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAG/C,MAAM,MAAM,cAAc,GAAG;IAC3B,SAAS,EAAE,GAAG,CAAC;IACf,YAAY,EAAE,YAAY,CAAC;IAC3B,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAGF,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE;QACR,SAAS,CAAC,EAAE;YACV,OAAO,EAAE,MAAM,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC;QACF,MAAM,CAAC,EAAE;YACP,OAAO,EAAE,MAAM,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC;QACF,MAAM,CAAC,EAAE;YACP,OAAO,EAAE,MAAM,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC;KACH,CAAC;IAEF,OAAO,CAAC,EAAE;QACR,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;KACjD,CAAC;CACH,CAAC;AAGF,MAAM,MAAM,WAAW,GAAG;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC"}

package/dist/types.js

@@ -0,0 +1,5 @@
+/**
+ * AI Security Gateway types
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@openguardrails/gateway",
+  "version": "1.0.0",
+  "description": "AI Security Gateway — secure proxy for LLM APIs with PII sanitization, credential detection, and content security",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "og-gateway": "./dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsx src/index.ts",
+    "start": "node dist/index.js",
+    "typecheck": "tsc --noEmit",
+    "test": "tsx test/sanitizer.test.ts"
+  },
+  "keywords": [
+    "ai-security",
+    "ai-gateway",
+    "llm-proxy",
+    "pii-sanitization",
+    "credential-detection",
+    "openguardrails",
+    "anthropic",
+    "openai",
+    "gemini"
+  ],
+  "author": "OpenGuardrails",
+  "license": "Apache-2.0",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/openguardrails/openguardrails.git",
+    "directory": "gateway"
+  },
+  "bugs": {
+    "url": "https://github.com/openguardrails/openguardrails/issues"
+  },
+  "homepage": "https://github.com/openguardrails/openguardrails/tree/main/gateway#readme",
+  "files": [
+    "dist/",
+    "src/"
+  ],
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "tsx": "^4.0.0",
+    "typescript": "^5.6.0"
+  },
+  "engines": {
+    "node": ">=22.0.0"
+  }
+}