@paybond/kit 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/completion-presets/catalog.json +1187 -0
- package/completion-presets/catalog.sha256 +1 -0
- package/dev/trace-ui/dashboard.html +617 -0
- package/dist/agent/adapter.d.ts +51 -0
- package/dist/agent/adapter.js +66 -0
- package/dist/agent/attach-bundle.d.ts +37 -0
- package/dist/agent/attach-bundle.js +118 -0
- package/dist/agent/authorization-cache.d.ts +22 -0
- package/dist/agent/authorization-cache.js +36 -0
- package/dist/agent/deferred-tools.d.ts +11 -0
- package/dist/agent/deferred-tools.js +62 -0
- package/dist/agent/discover.d.ts +41 -0
- package/dist/agent/discover.js +147 -0
- package/dist/agent/evidence.d.ts +9 -0
- package/dist/agent/evidence.js +28 -0
- package/dist/agent/facade.d.ts +48 -0
- package/dist/agent/facade.js +112 -0
- package/dist/agent/gateway-trace-reporter.d.ts +28 -0
- package/dist/agent/gateway-trace-reporter.js +49 -0
- package/dist/agent/generic-runner.d.ts +14 -0
- package/dist/agent/generic-runner.js +49 -0
- package/dist/agent/generic-sandbox-demo.d.ts +36 -0
- package/dist/agent/generic-sandbox-demo.js +82 -0
- package/dist/agent/guarded-agent.d.ts +49 -0
- package/dist/agent/guarded-agent.js +100 -0
- package/dist/agent/index.d.ts +13 -0
- package/dist/agent/index.js +13 -0
- package/dist/agent/instrument.d.ts +156 -0
- package/dist/agent/instrument.js +442 -0
- package/dist/agent/interceptor.d.ts +24 -0
- package/dist/agent/interceptor.js +440 -0
- package/dist/agent/lazy-context-tools.d.ts +15 -0
- package/dist/agent/lazy-context-tools.js +81 -0
- package/dist/agent/registry-file.d.ts +39 -0
- package/dist/agent/registry-file.js +219 -0
- package/dist/agent/registry.d.ts +37 -0
- package/dist/agent/registry.js +128 -0
- package/dist/agent/run.d.ts +124 -0
- package/dist/agent/run.js +301 -0
- package/dist/agent/types.d.ts +318 -0
- package/dist/agent/types.js +42 -0
- package/dist/agent-recognition.d.ts +72 -0
- package/dist/agent-recognition.js +165 -0
- package/dist/bincode-wire.d.ts +18 -0
- package/dist/bincode-wire.js +93 -0
- package/dist/claude-agents/config.d.ts +21 -0
- package/dist/claude-agents/config.js +145 -0
- package/dist/claude-agents/index.d.ts +2 -0
- package/dist/claude-agents/index.js +2 -0
- package/dist/claude-agents/sandbox-demo.d.ts +30 -0
- package/dist/claude-agents/sandbox-demo.js +91 -0
- package/dist/cli/agent/env-quote.d.ts +1 -0
- package/dist/cli/agent/env-quote.js +6 -0
- package/dist/cli/agent/env-write.d.ts +8 -0
- package/dist/cli/agent/env-write.js +47 -0
- package/dist/cli/agent/paybond.d.ts +16 -0
- package/dist/cli/agent/paybond.js +55 -0
- package/dist/cli/agent/policy-file.d.ts +29 -0
- package/dist/cli/agent/policy-file.js +61 -0
- package/dist/cli/agent/production-evidence.d.ts +24 -0
- package/dist/cli/agent/production-evidence.js +98 -0
- package/dist/cli/agent/run-store.d.ts +30 -0
- package/dist/cli/agent/run-store.js +42 -0
- package/dist/cli/agent/run-trace-store.d.ts +39 -0
- package/dist/cli/agent/run-trace-store.js +143 -0
- package/dist/cli/agent-run-trace-table.d.ts +9 -0
- package/dist/cli/agent-run-trace-table.js +24 -0
- package/dist/cli/agent-sandbox-smoke-checklist.d.ts +9 -0
- package/dist/cli/agent-sandbox-smoke-checklist.js +50 -0
- package/dist/cli/command-spec.d.ts +1 -0
- package/dist/cli/command-spec.js +286 -5
- package/dist/cli/commands/agent.d.ts +16 -0
- package/dist/cli/commands/agent.js +1135 -0
- package/dist/cli/commands/dev.d.ts +7 -0
- package/dist/cli/commands/dev.js +348 -0
- package/dist/cli/commands/discovery.js +3 -3
- package/dist/cli/commands/policy.d.ts +13 -0
- package/dist/cli/commands/policy.js +769 -0
- package/dist/cli/commands/setup.d.ts +3 -0
- package/dist/cli/commands/setup.js +124 -8
- package/dist/cli/commands/workflows.js +9 -4
- package/dist/cli/config.d.ts +2 -0
- package/dist/cli/config.js +4 -2
- package/dist/cli/context.js +2 -1
- package/dist/cli/credentials.js +2 -2
- package/dist/cli/doctor-agent-middleware.d.ts +5 -0
- package/dist/cli/doctor-agent-middleware.js +49 -0
- package/dist/cli/globals.d.ts +1 -0
- package/dist/cli/globals.js +11 -1
- package/dist/cli/help.d.ts +1 -1
- package/dist/cli/help.js +35 -3
- package/dist/cli/mcp-install.js +2 -2
- package/dist/cli/mcp-policy.d.ts +3 -0
- package/dist/cli/mcp-policy.js +19 -13
- package/dist/cli/mcp-verify-config.js +9 -11
- package/dist/cli/redact.js +29 -8
- package/dist/cli/router.js +105 -2
- package/dist/cli/smoke-deep-links.d.ts +15 -0
- package/dist/cli/smoke-deep-links.js +63 -0
- package/dist/cli/telemetry.d.ts +17 -0
- package/dist/cli/telemetry.js +94 -0
- package/dist/completion-catalog-digest.d.ts +2 -0
- package/dist/completion-catalog-digest.js +2 -0
- package/dist/completion-catalog-integrity.d.ts +2 -0
- package/dist/completion-catalog-integrity.js +17 -0
- package/dist/completion-catalog.d.ts +49 -0
- package/dist/completion-catalog.js +62 -0
- package/dist/completion-contract-digest.d.ts +37 -0
- package/dist/completion-contract-digest.js +73 -0
- package/dist/completion-forbidden-fields.d.ts +5 -0
- package/dist/completion-forbidden-fields.js +26 -0
- package/dist/completion-init.d.ts +8 -0
- package/dist/completion-init.js +334 -0
- package/dist/completion-resolve.d.ts +21 -0
- package/dist/completion-resolve.js +86 -0
- package/dist/completion-validate-evidence.d.ts +24 -0
- package/dist/completion-validate-evidence.js +145 -0
- package/dist/dev/offline-gateway.d.ts +24 -0
- package/dist/dev/offline-gateway.js +102 -0
- package/dist/dev/trace-buffer.d.ts +61 -0
- package/dist/dev/trace-buffer.js +330 -0
- package/dist/dev/trace-security-headers.d.ts +11 -0
- package/dist/dev/trace-security-headers.js +16 -0
- package/dist/dev/trace-server.d.ts +8 -0
- package/dist/dev/trace-server.js +38 -0
- package/dist/dev/trace-ui.d.ts +4 -0
- package/dist/dev/trace-ui.js +25 -0
- package/dist/dev/wiremock-up.d.ts +15 -0
- package/dist/dev/wiremock-up.js +118 -0
- package/dist/doctor-completion.d.ts +17 -0
- package/dist/doctor-completion.js +428 -0
- package/dist/gateway-url.d.ts +7 -0
- package/dist/gateway-url.js +69 -0
- package/dist/index.d.ts +119 -2
- package/dist/index.js +267 -6
- package/dist/init.js +374 -57
- package/dist/langgraph/awrap-tool-call.d.ts +25 -0
- package/dist/langgraph/awrap-tool-call.js +81 -0
- package/dist/langgraph/config.d.ts +13 -0
- package/dist/langgraph/config.js +11 -0
- package/dist/langgraph/index.d.ts +4 -0
- package/dist/langgraph/index.js +4 -0
- package/dist/langgraph/sandbox-demo.d.ts +40 -0
- package/dist/langgraph/sandbox-demo.js +96 -0
- package/dist/langgraph/tool-node.d.ts +10 -0
- package/dist/langgraph/tool-node.js +38 -0
- package/dist/login.js +7 -0
- package/dist/mcp/index.d.ts +1 -0
- package/dist/mcp/index.js +1 -0
- package/dist/mcp/tool-surface.d.ts +25 -0
- package/dist/mcp/tool-surface.js +17 -0
- package/dist/mcp-capability-token-cache.d.ts +24 -0
- package/dist/mcp-capability-token-cache.js +101 -0
- package/dist/mcp-evidence-policy.d.ts +48 -0
- package/dist/mcp-evidence-policy.js +117 -0
- package/dist/mcp-policy-reload.d.ts +79 -0
- package/dist/mcp-policy-reload.js +200 -0
- package/dist/mcp-sep2828-evidence.d.ts +36 -0
- package/dist/mcp-sep2828-evidence.js +65 -0
- package/dist/mcp-server.d.ts +6 -0
- package/dist/mcp-server.js +224 -44
- package/dist/openai-agents/index.d.ts +40 -0
- package/dist/openai-agents/index.js +151 -0
- package/dist/openai-agents/sandbox-demo.d.ts +34 -0
- package/dist/openai-agents/sandbox-demo.js +118 -0
- package/dist/payee-evidence.js +2 -29
- package/dist/policy/catalog.d.ts +31 -0
- package/dist/policy/catalog.js +48 -0
- package/dist/policy/compose-utils.d.ts +3 -0
- package/dist/policy/compose-utils.js +4 -0
- package/dist/policy/compose.d.ts +20 -0
- package/dist/policy/compose.js +240 -0
- package/dist/policy/digest.d.ts +7 -0
- package/dist/policy/digest.js +75 -0
- package/dist/policy/domain.d.ts +15 -0
- package/dist/policy/domain.js +28 -0
- package/dist/policy/guardrail-spec.d.ts +17 -0
- package/dist/policy/guardrail-spec.js +140 -0
- package/dist/policy/guardrails.d.ts +48 -0
- package/dist/policy/guardrails.js +72 -0
- package/dist/policy/index.d.ts +21 -0
- package/dist/policy/index.js +21 -0
- package/dist/policy/init.d.ts +102 -0
- package/dist/policy/init.js +351 -0
- package/dist/policy/intent-spec.d.ts +52 -0
- package/dist/policy/intent-spec.js +176 -0
- package/dist/policy/json-path.d.ts +4 -0
- package/dist/policy/json-path.js +23 -0
- package/dist/policy/layers-io.d.ts +7 -0
- package/dist/policy/layers-io.js +28 -0
- package/dist/policy/load-effective.d.ts +22 -0
- package/dist/policy/load-effective.js +77 -0
- package/dist/policy/load.d.ts +85 -0
- package/dist/policy/load.js +164 -0
- package/dist/policy/merge.d.ts +29 -0
- package/dist/policy/merge.js +297 -0
- package/dist/policy/parse-text.d.ts +2 -0
- package/dist/policy/parse-text.js +126 -0
- package/dist/policy/policy-api.d.ts +45 -0
- package/dist/policy/policy-api.js +61 -0
- package/dist/policy/presets.d.ts +19 -0
- package/dist/policy/presets.js +66 -0
- package/dist/policy/registry.d.ts +7 -0
- package/dist/policy/registry.js +33 -0
- package/dist/policy/reload.d.ts +86 -0
- package/dist/policy/reload.js +233 -0
- package/dist/policy/render-yaml.d.ts +3 -0
- package/dist/policy/render-yaml.js +69 -0
- package/dist/policy/sandbox-bootstrap.d.ts +19 -0
- package/dist/policy/sandbox-bootstrap.js +66 -0
- package/dist/policy/schema.d.ts +204 -0
- package/dist/policy/schema.js +255 -0
- package/dist/policy/snapshot.d.ts +33 -0
- package/dist/policy/snapshot.js +23 -0
- package/dist/policy/validate-remote.d.ts +43 -0
- package/dist/policy/validate-remote.js +104 -0
- package/dist/policy/validate.d.ts +36 -0
- package/dist/policy/validate.js +150 -0
- package/dist/policy/watcher.d.ts +29 -0
- package/dist/policy/watcher.js +112 -0
- package/dist/principal-intent.d.ts +52 -0
- package/dist/principal-intent.js +193 -37
- package/dist/project-init.d.ts +34 -0
- package/dist/project-init.js +898 -0
- package/dist/sep2828-signature.d.ts +10 -0
- package/dist/sep2828-signature.js +134 -0
- package/dist/solutions/api.d.ts +22 -0
- package/dist/solutions/api.js +40 -0
- package/dist/solutions/catalog.d.ts +34 -0
- package/dist/solutions/catalog.js +129 -0
- package/dist/solutions/index.d.ts +2 -0
- package/dist/solutions/index.js +2 -0
- package/dist/template-init.d.ts +54 -0
- package/dist/template-init.js +203 -0
- package/dist/vercel-ai/config.d.ts +15 -0
- package/dist/vercel-ai/config.js +13 -0
- package/dist/vercel-ai/index.d.ts +4 -0
- package/dist/vercel-ai/index.js +4 -0
- package/dist/vercel-ai/sandbox-demo.d.ts +44 -0
- package/dist/vercel-ai/sandbox-demo.js +153 -0
- package/dist/vercel-ai/tool-approval.d.ts +16 -0
- package/dist/vercel-ai/tool-approval.js +41 -0
- package/dist/vercel-ai/wrap-tools.d.ts +9 -0
- package/dist/vercel-ai/wrap-tools.js +40 -0
- package/dist/x402-receipt-evidence.d.ts +29 -0
- package/dist/x402-receipt-evidence.js +97 -0
- package/dist/x402-receipt-signature.d.ts +12 -0
- package/dist/x402-receipt-signature.js +211 -0
- package/package.json +75 -3
- package/solutions/aws.json +17 -0
- package/solutions/saas.json +17 -0
- package/solutions/shopping.json +17 -0
- package/solutions/travel.json +18 -0
- package/templates/manifest.json +169 -0
- package/templates/openai-shopping-agent/.env.example +3 -0
- package/templates/openai-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/openai-shopping-agent/LICENSE +201 -0
- package/templates/openai-shopping-agent/README.md +29 -0
- package/templates/openai-shopping-agent/package.json +22 -0
- package/templates/openai-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/openai-shopping-agent/src/index.ts +22 -0
- package/templates/openai-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/openai-shopping-agent/tsconfig.json +13 -0
- package/templates/paybond-aws-operator/.env.example +3 -0
- package/templates/paybond-aws-operator/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-aws-operator/LICENSE +201 -0
- package/templates/paybond-aws-operator/README.md +29 -0
- package/templates/paybond-aws-operator/package.json +20 -0
- package/templates/paybond-aws-operator/paybond.policy.yaml +22 -0
- package/templates/paybond-aws-operator/src/index.ts +54 -0
- package/templates/paybond-aws-operator/src/paybond.config.ts +51 -0
- package/templates/paybond-aws-operator/tsconfig.json +13 -0
- package/templates/paybond-claude-agents-demo/.env.example +3 -0
- package/templates/paybond-claude-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-claude-agents-demo/LICENSE +201 -0
- package/templates/paybond-claude-agents-demo/README.md +29 -0
- package/templates/paybond-claude-agents-demo/package.json +22 -0
- package/templates/paybond-claude-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-claude-agents-demo/src/index.ts +22 -0
- package/templates/paybond-claude-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-claude-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-invoice-agent/.env.example +3 -0
- package/templates/paybond-invoice-agent/.github/workflows/smoke.yml +19 -0
- package/templates/paybond-invoice-agent/LICENSE +201 -0
- package/templates/paybond-invoice-agent/README.md +29 -0
- package/templates/paybond-invoice-agent/app.py +27 -0
- package/templates/paybond-invoice-agent/package.json +6 -0
- package/templates/paybond-invoice-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-invoice-agent/paybond_config.py +45 -0
- package/templates/paybond-invoice-agent/requirements.txt +2 -0
- package/templates/paybond-mcp-coding-agent/.env.example +3 -0
- package/templates/paybond-mcp-coding-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-mcp-coding-agent/LICENSE +201 -0
- package/templates/paybond-mcp-coding-agent/README.md +39 -0
- package/templates/paybond-mcp-coding-agent/package.json +20 -0
- package/templates/paybond-mcp-coding-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-mcp-coding-agent/src/index.ts +40 -0
- package/templates/paybond-mcp-coding-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-mcp-coding-agent/tsconfig.json +13 -0
- package/templates/paybond-openai-agents-demo/.env.example +3 -0
- package/templates/paybond-openai-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-openai-agents-demo/LICENSE +201 -0
- package/templates/paybond-openai-agents-demo/README.md +29 -0
- package/templates/paybond-openai-agents-demo/package.json +22 -0
- package/templates/paybond-openai-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-openai-agents-demo/src/index.ts +22 -0
- package/templates/paybond-openai-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-openai-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-procurement-agent/.env.example +3 -0
- package/templates/paybond-procurement-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-procurement-agent/LICENSE +201 -0
- package/templates/paybond-procurement-agent/README.md +29 -0
- package/templates/paybond-procurement-agent/package.json +20 -0
- package/templates/paybond-procurement-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-procurement-agent/src/index.ts +54 -0
- package/templates/paybond-procurement-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-procurement-agent/tsconfig.json +13 -0
- package/templates/paybond-travel-agent/.env.example +3 -0
- package/templates/paybond-travel-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-travel-agent/LICENSE +201 -0
- package/templates/paybond-travel-agent/README.md +29 -0
- package/templates/paybond-travel-agent/package.json +23 -0
- package/templates/paybond-travel-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-travel-agent/src/index.ts +22 -0
- package/templates/paybond-travel-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-travel-agent/tsconfig.json +13 -0
- package/templates/paybond-vercel-shopping-agent/.env.example +3 -0
- package/templates/paybond-vercel-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-vercel-shopping-agent/LICENSE +201 -0
- package/templates/paybond-vercel-shopping-agent/README.md +29 -0
- package/templates/paybond-vercel-shopping-agent/package.json +22 -0
- package/templates/paybond-vercel-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-vercel-shopping-agent/src/index.ts +22 -0
- package/templates/paybond-vercel-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-vercel-shopping-agent/tsconfig.json +13 -0
|
@@ -0,0 +1,156 @@
|
|
|
1
|
+
import type { PaybondPolicy, PaybondPolicyLoadSource } from "../policy/load.js";
|
|
2
|
+
import type { PaybondPolicyDocumentV1 } from "../policy/schema.js";
|
|
3
|
+
import { type PaybondInstrumentAgentOptions } from "./discover.js";
|
|
4
|
+
import { type CreateGuardedAgentInput, type GuardedAgentFramework } from "./guarded-agent.js";
|
|
5
|
+
import { type PaybondAgentHooks, type PaybondWrapToolsOptions } from "./facade.js";
|
|
6
|
+
import { PaybondAgentRun, type PaybondAgentRunHost } from "./run.js";
|
|
7
|
+
import type { PaybondRunBinding, PaybondRunBindingAttachInput, PaybondRunProductionEvidenceCredentials, PaybondTraceSink } from "./types.js";
|
|
8
|
+
/** Production attach from console env vars or an explicit funded-intent binding. */
|
|
9
|
+
export type PaybondInstrumentAttachInput = PaybondRunBindingAttachInput | "env";
|
|
10
|
+
/** Simplified inline policy for tutorials and quick examples. */
|
|
11
|
+
export type PaybondInlinePolicy = {
|
|
12
|
+
name?: string;
|
|
13
|
+
budget?: string | {
|
|
14
|
+
max_spend_usd?: number;
|
|
15
|
+
currency?: string;
|
|
16
|
+
period?: string;
|
|
17
|
+
};
|
|
18
|
+
approve?: readonly string[];
|
|
19
|
+
deny?: readonly string[];
|
|
20
|
+
};
|
|
21
|
+
/** Intent + capability for a single agent session, HTTP request, or task. */
|
|
22
|
+
export type PaybondInstrumentContext = {
|
|
23
|
+
intentId: string;
|
|
24
|
+
capabilityToken: string;
|
|
25
|
+
/** Optional operator or end-user id for audit attribution (`agentSubject` on intercept). */
|
|
26
|
+
userId?: string;
|
|
27
|
+
allowedTools?: readonly string[];
|
|
28
|
+
productionEvidence?: PaybondRunProductionEvidenceCredentials;
|
|
29
|
+
sandbox?: PaybondRunBinding["sandbox"];
|
|
30
|
+
};
|
|
31
|
+
/** Resolves request-local intent binding on each tool execution. */
|
|
32
|
+
export type PaybondInstrumentContextProvider = () => PaybondInstrumentContext | Promise<PaybondInstrumentContext>;
|
|
33
|
+
/** Static bind object or per-request provider passed to {@link instrumentPaybondAgent}. */
|
|
34
|
+
export type PaybondInstrumentContextInput = PaybondInstrumentContext | PaybondInstrumentContextProvider;
|
|
35
|
+
/**
|
|
36
|
+
* Where the active intent comes from — inspect via `.binding` or `.status` on any instrument surface.
|
|
37
|
+
*/
|
|
38
|
+
export type PaybondInstrumentBinding = {
|
|
39
|
+
phase: "deferred";
|
|
40
|
+
} | {
|
|
41
|
+
phase: "lazy";
|
|
42
|
+
} | {
|
|
43
|
+
phase: "bound";
|
|
44
|
+
mode: "sandbox" | "attach";
|
|
45
|
+
intentId: string;
|
|
46
|
+
capabilityToken: string;
|
|
47
|
+
tenantId: string;
|
|
48
|
+
userId?: string;
|
|
49
|
+
};
|
|
50
|
+
export type { PaybondAgentInstrumentation, PaybondInstrumentAgentOptions, } from "./discover.js";
|
|
51
|
+
export { PaybondUnboundContextError, wrapDeferredTools } from "./deferred-tools.js";
|
|
52
|
+
export { PaybondLazyContextError, wrapLazyContextTools, type LazyRuntimeResolver, } from "./lazy-context-tools.js";
|
|
53
|
+
export { discoverPolicyFromAgent, discoverToolsFromAgent, isInstrumentableAgentObject, readPaybondAgentInstrumentation, } from "./discover.js";
|
|
54
|
+
type PaybondInstrumentBaseInput<TTools = unknown> = Omit<CreateGuardedAgentInput<TTools>, "framework" | "policy" | "tools" | "attach"> & {
|
|
55
|
+
policy?: PaybondPolicyLoadSource | PaybondInlinePolicy | PaybondPolicy;
|
|
56
|
+
tools?: TTools;
|
|
57
|
+
framework?: GuardedAgentFramework;
|
|
58
|
+
/** Bootstrap a sandbox intent immediately (local dev). Default is deferred bind via {@link PaybondInstrumented.bind}. */
|
|
59
|
+
sandbox?: boolean;
|
|
60
|
+
/**
|
|
61
|
+
* Attach a funded production intent from console env vars (`attach: "env"`) or an explicit binding object.
|
|
62
|
+
* Returns a bound {@link PaybondInstrumentRuntime} immediately.
|
|
63
|
+
*/
|
|
64
|
+
attach?: PaybondInstrumentAttachInput;
|
|
65
|
+
/**
|
|
66
|
+
* Attach a funded intent during `instrument()` and return a bound {@link PaybondInstrumentRuntime},
|
|
67
|
+
* or pass a provider function for lazy per-execution binding (request-local context).
|
|
68
|
+
*/
|
|
69
|
+
context?: PaybondInstrumentContextInput;
|
|
70
|
+
};
|
|
71
|
+
/** Input for {@link instrumentPaybondAgent} — pass `{ policy, tools }` or a framework agent instance. */
|
|
72
|
+
export type PaybondInstrumentInput<TTools = unknown> = PaybondInstrumentBaseInput<TTools>;
|
|
73
|
+
export declare function isInlinePolicy(value: unknown): value is PaybondInlinePolicy;
|
|
74
|
+
export declare function discoverToolNames(tools: unknown): string[];
|
|
75
|
+
export declare function inlinePolicyToDocument(inline: PaybondInlinePolicy, tools: unknown): PaybondPolicyDocumentV1;
|
|
76
|
+
/**
|
|
77
|
+
* Bound Paybond runtime for one agent session — immutable; create a new runtime per request.
|
|
78
|
+
*/
|
|
79
|
+
export declare class PaybondInstrumentRuntime<TTools = unknown> {
|
|
80
|
+
readonly tools: TTools;
|
|
81
|
+
readonly run: PaybondAgentRun;
|
|
82
|
+
readonly policy: PaybondPolicy;
|
|
83
|
+
readonly hooks: PaybondAgentHooks;
|
|
84
|
+
readonly binding: Extract<PaybondInstrumentBinding, {
|
|
85
|
+
phase: "bound";
|
|
86
|
+
}>;
|
|
87
|
+
constructor(tools: TTools, run: PaybondAgentRun, policy: PaybondPolicy, hooks: PaybondAgentHooks, binding: Extract<PaybondInstrumentBinding, {
|
|
88
|
+
phase: "bound";
|
|
89
|
+
}>);
|
|
90
|
+
/** Alias for {@link PaybondInstrumentRuntime.binding}. */
|
|
91
|
+
get status(): PaybondInstrumentBinding;
|
|
92
|
+
/** Release hooks for this runtime (no-op today; reserved for long-lived sessions). */
|
|
93
|
+
close(): void;
|
|
94
|
+
}
|
|
95
|
+
/**
|
|
96
|
+
* Static instrumentation: policy + tool shells. Call {@link PaybondInstrumented.bind}
|
|
97
|
+
* per session, or pass a `context` provider for lazy per-execution binding.
|
|
98
|
+
*/
|
|
99
|
+
export declare class PaybondInstrumented<TTools = unknown> {
|
|
100
|
+
readonly tools: TTools;
|
|
101
|
+
readonly policy: PaybondPolicy;
|
|
102
|
+
readonly binding: Extract<PaybondInstrumentBinding, {
|
|
103
|
+
phase: "deferred";
|
|
104
|
+
} | {
|
|
105
|
+
phase: "lazy";
|
|
106
|
+
}>;
|
|
107
|
+
private readonly paybond;
|
|
108
|
+
private readonly rawTools;
|
|
109
|
+
private readonly framework;
|
|
110
|
+
private readonly contextProvider?;
|
|
111
|
+
private readonly traceSink?;
|
|
112
|
+
private readonly runtimeCache;
|
|
113
|
+
constructor(paybond: PaybondAgentRunHost, policy: PaybondPolicy, rawTools: TTools, framework: GuardedAgentFramework, options?: {
|
|
114
|
+
contextProvider?: PaybondInstrumentContextProvider;
|
|
115
|
+
traceSink?: PaybondTraceSink;
|
|
116
|
+
});
|
|
117
|
+
/** Alias for {@link PaybondInstrumented.binding}. */
|
|
118
|
+
get status(): PaybondInstrumentBinding;
|
|
119
|
+
private resolveRuntime;
|
|
120
|
+
private resolveRuntimeFromProvider;
|
|
121
|
+
/**
|
|
122
|
+
* Bind a per-request intent and capability. Returns a new immutable runtime — safe for concurrent sessions.
|
|
123
|
+
*/
|
|
124
|
+
bind(context: PaybondInstrumentContext): Promise<PaybondInstrumentRuntime<TTools>>;
|
|
125
|
+
/** @deprecated Use {@link PaybondInstrumented.bind}. */
|
|
126
|
+
withContext(context: PaybondInstrumentContext): Promise<PaybondInstrumentRuntime<TTools>>;
|
|
127
|
+
}
|
|
128
|
+
/** Fluent builder: `paybond.policy("./paybond.policy.yaml").instrument(tools)`. */
|
|
129
|
+
export declare class PaybondInstrumentBuilder<TTools = unknown> {
|
|
130
|
+
private readonly paybond;
|
|
131
|
+
private readonly policy;
|
|
132
|
+
private readonly framework?;
|
|
133
|
+
constructor(paybond: PaybondAgentRunHost, policy: PaybondPolicyLoadSource | PaybondInlinePolicy, framework?: GuardedAgentFramework | undefined);
|
|
134
|
+
instrument(tools: TTools, options?: {
|
|
135
|
+
sandbox?: boolean;
|
|
136
|
+
context?: PaybondInstrumentContextInput;
|
|
137
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
138
|
+
withFramework(framework: GuardedAgentFramework): PaybondInstrumentBuilder<TTools>;
|
|
139
|
+
}
|
|
140
|
+
export declare function instrumentPaybondAgent<TTools>(paybond: PaybondAgentRunHost, input: PaybondInstrumentInput<TTools>, options?: PaybondWrapToolsOptions & PaybondInstrumentAgentOptions): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
141
|
+
export declare function instrumentPaybondAgent<TAgent extends object>(paybond: PaybondAgentRunHost, agent: TAgent, options?: PaybondWrapToolsOptions & PaybondInstrumentAgentOptions): Promise<TAgent>;
|
|
142
|
+
export declare function instrumentPaybondLangGraph<TTools>(paybond: PaybondAgentRunHost, input: Omit<PaybondInstrumentBaseInput<TTools>, "framework"> & {
|
|
143
|
+
tools: TTools;
|
|
144
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
145
|
+
export declare function instrumentPaybondOpenAI<TTools>(paybond: PaybondAgentRunHost, input: Omit<PaybondInstrumentBaseInput<TTools>, "framework"> & {
|
|
146
|
+
tools: TTools;
|
|
147
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
148
|
+
export declare function instrumentPaybondVercel<TTools>(paybond: PaybondAgentRunHost, input: Omit<PaybondInstrumentBaseInput<TTools>, "framework"> & {
|
|
149
|
+
tools: TTools;
|
|
150
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
151
|
+
export declare function instrumentPaybondClaudeAgents<TTools>(paybond: PaybondAgentRunHost, input: Omit<PaybondInstrumentBaseInput<TTools>, "framework"> & {
|
|
152
|
+
tools: TTools;
|
|
153
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
154
|
+
export declare function instrumentPaybondMCP<TTools>(paybond: PaybondAgentRunHost, input: Omit<PaybondInstrumentBaseInput<TTools>, "framework"> & {
|
|
155
|
+
tools: TTools;
|
|
156
|
+
}): Promise<PaybondInstrumented<TTools> | PaybondInstrumentRuntime<TTools>>;
|
|
@@ -0,0 +1,442 @@
|
|
|
1
|
+
import { PaybondPolicy as PaybondPolicyClass } from "../policy/load.js";
|
|
2
|
+
import { wrapDeferredTools } from "./deferred-tools.js";
|
|
3
|
+
import { PaybondLazyContextError, wrapLazyContextTools } from "./lazy-context-tools.js";
|
|
4
|
+
import { attachPaybondAgentInstrumentation, discoverPolicyFromAgent, discoverToolsFromAgent, isInstrumentableAgentObject, } from "./discover.js";
|
|
5
|
+
import { createGuardedAgent, } from "./guarded-agent.js";
|
|
6
|
+
import { toPaybondAgentResult, wrapPaybondTools, } from "./facade.js";
|
|
7
|
+
import { PaybondAgentRun } from "./run.js";
|
|
8
|
+
import { resolveAttachContextFromEnv, } from "./attach-bundle.js";
|
|
9
|
+
export { PaybondUnboundContextError, wrapDeferredTools } from "./deferred-tools.js";
|
|
10
|
+
export { PaybondLazyContextError, wrapLazyContextTools, } from "./lazy-context-tools.js";
|
|
11
|
+
export { discoverPolicyFromAgent, discoverToolsFromAgent, isInstrumentableAgentObject, readPaybondAgentInstrumentation, } from "./discover.js";
|
|
12
|
+
function isRecord(value) {
|
|
13
|
+
return typeof value === "object" && value !== null;
|
|
14
|
+
}
|
|
15
|
+
function isFullPolicyDocument(value) {
|
|
16
|
+
return (typeof value.version === "number" ||
|
|
17
|
+
typeof value.default_deny === "boolean" ||
|
|
18
|
+
(isRecord(value.tools) &&
|
|
19
|
+
Object.values(value.tools).some((entry) => isRecord(entry) && typeof entry.side_effecting === "boolean")));
|
|
20
|
+
}
|
|
21
|
+
export function isInlinePolicy(value) {
|
|
22
|
+
if (!isRecord(value)) {
|
|
23
|
+
return false;
|
|
24
|
+
}
|
|
25
|
+
if (isFullPolicyDocument(value)) {
|
|
26
|
+
return false;
|
|
27
|
+
}
|
|
28
|
+
return "budget" in value || "approve" in value || "deny" in value;
|
|
29
|
+
}
|
|
30
|
+
function globPatternToRegExp(pattern) {
|
|
31
|
+
const escaped = pattern
|
|
32
|
+
.trim()
|
|
33
|
+
.replace(/[.+^${}()|[\]\\]/g, "\\$&")
|
|
34
|
+
.replace(/\*/g, ".*")
|
|
35
|
+
.replace(/\?/g, ".");
|
|
36
|
+
return new RegExp(`^${escaped}$`);
|
|
37
|
+
}
|
|
38
|
+
function matchesAnyGlob(value, patterns) {
|
|
39
|
+
return patterns.some((pattern) => globPatternToRegExp(pattern).test(value));
|
|
40
|
+
}
|
|
41
|
+
function parseBudgetString(budget) {
|
|
42
|
+
const trimmed = budget.trim();
|
|
43
|
+
const match = /^\$?([\d,]+(?:\.\d+)?)(?:\s*\/\s*(day|week|month|year))?$/i.exec(trimmed);
|
|
44
|
+
if (!match) {
|
|
45
|
+
throw new Error(`inline policy budget must look like "$500/day" (got ${JSON.stringify(budget)})`);
|
|
46
|
+
}
|
|
47
|
+
const amount = Number.parseFloat(match[1].replace(/,/g, ""));
|
|
48
|
+
const period = match[2]?.toLowerCase();
|
|
49
|
+
return {
|
|
50
|
+
currency: "usd",
|
|
51
|
+
max_spend_usd: amount,
|
|
52
|
+
...(period ? { period } : {}),
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
function resolveInlineBudget(budget) {
|
|
56
|
+
if (budget === undefined) {
|
|
57
|
+
return undefined;
|
|
58
|
+
}
|
|
59
|
+
if (typeof budget === "string") {
|
|
60
|
+
return parseBudgetString(budget);
|
|
61
|
+
}
|
|
62
|
+
return {
|
|
63
|
+
currency: budget.currency ?? "usd",
|
|
64
|
+
...(budget.max_spend_usd !== undefined ? { max_spend_usd: budget.max_spend_usd } : {}),
|
|
65
|
+
...(budget.period ? { period: budget.period } : {}),
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
export function discoverToolNames(tools) {
|
|
69
|
+
if (Array.isArray(tools)) {
|
|
70
|
+
const names = [];
|
|
71
|
+
for (const tool of tools) {
|
|
72
|
+
if (!isRecord(tool) || typeof tool.name !== "string" || !tool.name.trim()) {
|
|
73
|
+
throw new TypeError("discovered tool array entries must include a non-empty name");
|
|
74
|
+
}
|
|
75
|
+
names.push(tool.name.trim());
|
|
76
|
+
}
|
|
77
|
+
return names;
|
|
78
|
+
}
|
|
79
|
+
if (isRecord(tools)) {
|
|
80
|
+
return Object.keys(tools).filter((key) => key.trim().length > 0);
|
|
81
|
+
}
|
|
82
|
+
throw new TypeError("could not discover tool names; pass an object map or { name, execute }[]");
|
|
83
|
+
}
|
|
84
|
+
export function inlinePolicyToDocument(inline, tools) {
|
|
85
|
+
const toolNames = discoverToolNames(tools);
|
|
86
|
+
const approve = inline.approve ?? ["*"];
|
|
87
|
+
const deny = inline.deny ?? [];
|
|
88
|
+
const allowedTools = [];
|
|
89
|
+
const toolsSection = {};
|
|
90
|
+
for (const toolName of toolNames) {
|
|
91
|
+
if (deny.length > 0 && matchesAnyGlob(toolName, deny)) {
|
|
92
|
+
continue;
|
|
93
|
+
}
|
|
94
|
+
if (!matchesAnyGlob(toolName, approve)) {
|
|
95
|
+
continue;
|
|
96
|
+
}
|
|
97
|
+
allowedTools.push(toolName);
|
|
98
|
+
toolsSection[toolName] = {
|
|
99
|
+
side_effecting: true,
|
|
100
|
+
evidence_preset: "cost_and_completion",
|
|
101
|
+
};
|
|
102
|
+
}
|
|
103
|
+
if (allowedTools.length === 0) {
|
|
104
|
+
throw new Error("inline policy matched no tools; widen approve patterns or pass explicit tools");
|
|
105
|
+
}
|
|
106
|
+
const budget = resolveInlineBudget(inline.budget);
|
|
107
|
+
return {
|
|
108
|
+
version: 1,
|
|
109
|
+
name: inline.name ?? "inline-policy",
|
|
110
|
+
default_deny: true,
|
|
111
|
+
tools: toolsSection,
|
|
112
|
+
intent: {
|
|
113
|
+
allowed_tools: allowedTools,
|
|
114
|
+
...(budget ? { budget } : {}),
|
|
115
|
+
},
|
|
116
|
+
};
|
|
117
|
+
}
|
|
118
|
+
function isContextProvider(value) {
|
|
119
|
+
return typeof value === "function";
|
|
120
|
+
}
|
|
121
|
+
function runtimeCacheKey(context) {
|
|
122
|
+
return `${context.intentId}\0${context.capabilityToken}\0${context.userId ?? ""}`;
|
|
123
|
+
}
|
|
124
|
+
function assertInstrumentContext(context) {
|
|
125
|
+
if (!context.intentId?.trim() || !context.capabilityToken?.trim()) {
|
|
126
|
+
throw new PaybondLazyContextError();
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
function resolveInstrumentAttachContext(attach, env = process.env) {
|
|
130
|
+
if (attach === undefined) {
|
|
131
|
+
return undefined;
|
|
132
|
+
}
|
|
133
|
+
if (attach === "env") {
|
|
134
|
+
const resolved = resolveAttachContextFromEnv(env);
|
|
135
|
+
return {
|
|
136
|
+
intentId: resolved.intentId,
|
|
137
|
+
capabilityToken: resolved.capabilityToken,
|
|
138
|
+
productionEvidence: resolved.productionEvidence,
|
|
139
|
+
};
|
|
140
|
+
}
|
|
141
|
+
return {
|
|
142
|
+
intentId: attach.intentId,
|
|
143
|
+
capabilityToken: attach.capabilityToken,
|
|
144
|
+
allowedTools: attach.allowedTools,
|
|
145
|
+
productionEvidence: attach.productionEvidence,
|
|
146
|
+
sandbox: attach.sandbox,
|
|
147
|
+
};
|
|
148
|
+
}
|
|
149
|
+
function normalizeInstrumentConfig(input) {
|
|
150
|
+
if (input.tools === undefined) {
|
|
151
|
+
throw new Error("instrument() requires tools when using { policy, tools } config");
|
|
152
|
+
}
|
|
153
|
+
if (input.policy === undefined) {
|
|
154
|
+
throw new Error("instrument() requires policy when using { policy, tools } config");
|
|
155
|
+
}
|
|
156
|
+
if (input.sandbox && (input.context !== undefined || input.attach !== undefined)) {
|
|
157
|
+
throw new Error('instrument() accepts either sandbox: true, attach, or context — not multiple bind modes');
|
|
158
|
+
}
|
|
159
|
+
if (input.attach !== undefined && input.context !== undefined) {
|
|
160
|
+
throw new Error('instrument() accepts either attach or context, not both');
|
|
161
|
+
}
|
|
162
|
+
return { ...input, tools: input.tools };
|
|
163
|
+
}
|
|
164
|
+
async function resolveInstrumentPolicy(policySource, tools) {
|
|
165
|
+
if (policySource instanceof PaybondPolicyClass) {
|
|
166
|
+
return policySource;
|
|
167
|
+
}
|
|
168
|
+
if (policySource === undefined) {
|
|
169
|
+
throw new Error("instrument() requires policy (file path, preset id, inline object, or PaybondPolicy)");
|
|
170
|
+
}
|
|
171
|
+
if (isInlinePolicy(policySource)) {
|
|
172
|
+
return PaybondPolicyClass.fromDocument(inlinePolicyToDocument(policySource, tools));
|
|
173
|
+
}
|
|
174
|
+
return PaybondPolicyClass.load(policySource);
|
|
175
|
+
}
|
|
176
|
+
function bindingFromRun(run, mode, userId) {
|
|
177
|
+
return {
|
|
178
|
+
phase: "bound",
|
|
179
|
+
mode,
|
|
180
|
+
intentId: run.binding.intentId,
|
|
181
|
+
capabilityToken: run.binding.capabilityToken,
|
|
182
|
+
tenantId: run.binding.tenantId,
|
|
183
|
+
...(userId ? { userId } : {}),
|
|
184
|
+
};
|
|
185
|
+
}
|
|
186
|
+
function hooksFromGuardedResult(result) {
|
|
187
|
+
return toPaybondAgentResult(result).hooks;
|
|
188
|
+
}
|
|
189
|
+
function wrapToolsForFramework(run, rawTools, framework, guarded) {
|
|
190
|
+
if (framework === "langgraph") {
|
|
191
|
+
return rawTools;
|
|
192
|
+
}
|
|
193
|
+
if (guarded) {
|
|
194
|
+
return guarded.agentTools;
|
|
195
|
+
}
|
|
196
|
+
return wrapPaybondTools(run, rawTools, { framework });
|
|
197
|
+
}
|
|
198
|
+
/**
|
|
199
|
+
* Bound Paybond runtime for one agent session — immutable; create a new runtime per request.
|
|
200
|
+
*/
|
|
201
|
+
export class PaybondInstrumentRuntime {
|
|
202
|
+
tools;
|
|
203
|
+
run;
|
|
204
|
+
policy;
|
|
205
|
+
hooks;
|
|
206
|
+
binding;
|
|
207
|
+
constructor(tools, run, policy, hooks, binding) {
|
|
208
|
+
this.tools = tools;
|
|
209
|
+
this.run = run;
|
|
210
|
+
this.policy = policy;
|
|
211
|
+
this.hooks = hooks;
|
|
212
|
+
this.binding = binding;
|
|
213
|
+
}
|
|
214
|
+
/** Alias for {@link PaybondInstrumentRuntime.binding}. */
|
|
215
|
+
get status() {
|
|
216
|
+
return this.binding;
|
|
217
|
+
}
|
|
218
|
+
/** Release hooks for this runtime (no-op today; reserved for long-lived sessions). */
|
|
219
|
+
close() { }
|
|
220
|
+
}
|
|
221
|
+
/**
|
|
222
|
+
* Static instrumentation: policy + tool shells. Call {@link PaybondInstrumented.bind}
|
|
223
|
+
* per session, or pass a `context` provider for lazy per-execution binding.
|
|
224
|
+
*/
|
|
225
|
+
export class PaybondInstrumented {
|
|
226
|
+
tools;
|
|
227
|
+
policy;
|
|
228
|
+
binding;
|
|
229
|
+
paybond;
|
|
230
|
+
rawTools;
|
|
231
|
+
framework;
|
|
232
|
+
contextProvider;
|
|
233
|
+
traceSink;
|
|
234
|
+
runtimeCache = new Map();
|
|
235
|
+
constructor(paybond, policy, rawTools, framework, options) {
|
|
236
|
+
this.paybond = paybond;
|
|
237
|
+
this.policy = policy;
|
|
238
|
+
this.rawTools = rawTools;
|
|
239
|
+
this.framework = framework;
|
|
240
|
+
this.contextProvider = options?.contextProvider;
|
|
241
|
+
this.traceSink = options?.traceSink;
|
|
242
|
+
this.binding = options?.contextProvider ? { phase: "lazy" } : { phase: "deferred" };
|
|
243
|
+
this.tools = options?.contextProvider
|
|
244
|
+
? wrapLazyContextTools(rawTools, { resolve: () => this.resolveRuntimeFromProvider() })
|
|
245
|
+
: wrapDeferredTools(rawTools);
|
|
246
|
+
}
|
|
247
|
+
/** Alias for {@link PaybondInstrumented.binding}. */
|
|
248
|
+
get status() {
|
|
249
|
+
return this.binding;
|
|
250
|
+
}
|
|
251
|
+
async resolveRuntime(context) {
|
|
252
|
+
assertInstrumentContext(context);
|
|
253
|
+
const key = runtimeCacheKey(context);
|
|
254
|
+
const cached = this.runtimeCache.get(key);
|
|
255
|
+
if (cached) {
|
|
256
|
+
return cached;
|
|
257
|
+
}
|
|
258
|
+
const runtime = await createBoundRuntime(this.paybond, this.policy, this.rawTools, this.framework, context, "attach", this.traceSink);
|
|
259
|
+
this.runtimeCache.set(key, runtime);
|
|
260
|
+
return runtime;
|
|
261
|
+
}
|
|
262
|
+
async resolveRuntimeFromProvider() {
|
|
263
|
+
if (!this.contextProvider) {
|
|
264
|
+
throw new Error("lazy context resolution requires a context provider on instrument()");
|
|
265
|
+
}
|
|
266
|
+
const context = await this.contextProvider();
|
|
267
|
+
return this.resolveRuntime(context);
|
|
268
|
+
}
|
|
269
|
+
/**
|
|
270
|
+
* Bind a per-request intent and capability. Returns a new immutable runtime — safe for concurrent sessions.
|
|
271
|
+
*/
|
|
272
|
+
bind(context) {
|
|
273
|
+
return createBoundRuntime(this.paybond, this.policy, this.rawTools, this.framework, context, "attach", this.traceSink);
|
|
274
|
+
}
|
|
275
|
+
/** @deprecated Use {@link PaybondInstrumented.bind}. */
|
|
276
|
+
withContext(context) {
|
|
277
|
+
return this.bind(context);
|
|
278
|
+
}
|
|
279
|
+
}
|
|
280
|
+
async function createBoundRuntime(paybond, policy, rawTools, framework, context, bindMode, traceSink) {
|
|
281
|
+
if (bindMode === "sandbox") {
|
|
282
|
+
const result = await createGuardedAgent(paybond, {
|
|
283
|
+
policy,
|
|
284
|
+
framework,
|
|
285
|
+
tools: rawTools,
|
|
286
|
+
traceSink,
|
|
287
|
+
});
|
|
288
|
+
return toPaybondInstrumentRuntime(result, rawTools, result.run.binding.sandbox ? "sandbox" : "attach", context.userId);
|
|
289
|
+
}
|
|
290
|
+
const attach = {
|
|
291
|
+
intentId: context.intentId,
|
|
292
|
+
capabilityToken: context.capabilityToken,
|
|
293
|
+
allowedTools: context.allowedTools,
|
|
294
|
+
productionEvidence: context.productionEvidence,
|
|
295
|
+
sandbox: context.sandbox,
|
|
296
|
+
};
|
|
297
|
+
const run = await PaybondAgentRun.bind(paybond, {
|
|
298
|
+
registry: policy.toToolRegistry(),
|
|
299
|
+
attach,
|
|
300
|
+
traceSink,
|
|
301
|
+
});
|
|
302
|
+
const tools = wrapToolsForFramework(run, rawTools, framework);
|
|
303
|
+
const hooks = hooksFromGuardedResult({
|
|
304
|
+
run,
|
|
305
|
+
policy,
|
|
306
|
+
registry: policy.toToolRegistry(),
|
|
307
|
+
framework,
|
|
308
|
+
agentTools: tools,
|
|
309
|
+
});
|
|
310
|
+
return new PaybondInstrumentRuntime(tools, run, policy, hooks, bindingFromRun(run, "attach", context.userId));
|
|
311
|
+
}
|
|
312
|
+
function toPaybondInstrumentRuntime(result, rawTools, bindMode, userId) {
|
|
313
|
+
const agentResult = toPaybondAgentResult(result);
|
|
314
|
+
return new PaybondInstrumentRuntime(agentResult.tools, agentResult.run, agentResult.policy, agentResult.hooks, bindingFromRun(agentResult.run, bindMode, userId));
|
|
315
|
+
}
|
|
316
|
+
function createDeferredInstrumented(paybond, policy, rawTools, framework, options) {
|
|
317
|
+
return new PaybondInstrumented(paybond, policy, rawTools, framework, options);
|
|
318
|
+
}
|
|
319
|
+
function resolveInstrumentFramework(framework) {
|
|
320
|
+
return framework ?? "generic";
|
|
321
|
+
}
|
|
322
|
+
/** Fluent builder: `paybond.policy("./paybond.policy.yaml").instrument(tools)`. */
|
|
323
|
+
export class PaybondInstrumentBuilder {
|
|
324
|
+
paybond;
|
|
325
|
+
policy;
|
|
326
|
+
framework;
|
|
327
|
+
constructor(paybond, policy, framework) {
|
|
328
|
+
this.paybond = paybond;
|
|
329
|
+
this.policy = policy;
|
|
330
|
+
this.framework = framework;
|
|
331
|
+
}
|
|
332
|
+
instrument(tools, options) {
|
|
333
|
+
return instrumentPaybondAgent(this.paybond, {
|
|
334
|
+
policy: this.policy,
|
|
335
|
+
tools,
|
|
336
|
+
framework: this.framework,
|
|
337
|
+
sandbox: options?.sandbox,
|
|
338
|
+
context: options?.context,
|
|
339
|
+
});
|
|
340
|
+
}
|
|
341
|
+
withFramework(framework) {
|
|
342
|
+
return new PaybondInstrumentBuilder(this.paybond, this.policy, framework);
|
|
343
|
+
}
|
|
344
|
+
}
|
|
345
|
+
function instrumentationFromRuntime(runtime) {
|
|
346
|
+
return {
|
|
347
|
+
run: runtime.run,
|
|
348
|
+
policy: runtime.policy,
|
|
349
|
+
hooks: runtime.hooks,
|
|
350
|
+
tools: runtime.tools,
|
|
351
|
+
binding: runtime.binding,
|
|
352
|
+
status: runtime.status,
|
|
353
|
+
};
|
|
354
|
+
}
|
|
355
|
+
function instrumentationFromInstrumented(agent, instrumented) {
|
|
356
|
+
const surface = {
|
|
357
|
+
policy: instrumented.policy,
|
|
358
|
+
hooks: {},
|
|
359
|
+
tools: instrumented.tools,
|
|
360
|
+
binding: instrumented.binding,
|
|
361
|
+
status: instrumented.status,
|
|
362
|
+
bind: async (context) => {
|
|
363
|
+
const runtime = await instrumented.bind(context);
|
|
364
|
+
const bound = instrumentationFromRuntime(runtime);
|
|
365
|
+
attachPaybondAgentInstrumentation(agent, bound, runtime.tools);
|
|
366
|
+
return bound;
|
|
367
|
+
},
|
|
368
|
+
withContext: async (context) => surface.bind(context),
|
|
369
|
+
};
|
|
370
|
+
return surface;
|
|
371
|
+
}
|
|
372
|
+
async function instrumentAgentObject(paybond, agent, options) {
|
|
373
|
+
const rawTools = discoverToolsFromAgent(agent);
|
|
374
|
+
const policySource = discoverPolicyFromAgent(agent, options);
|
|
375
|
+
const framework = resolveInstrumentFramework(options?.framework);
|
|
376
|
+
const policy = await resolveInstrumentPolicy(policySource, rawTools);
|
|
377
|
+
const traceSink = options?.traceSink ?? options?.onTrace;
|
|
378
|
+
if (options?.sandbox) {
|
|
379
|
+
const runtime = await createBoundRuntime(paybond, policy, rawTools, framework, { intentId: "", capabilityToken: "" }, "sandbox", traceSink);
|
|
380
|
+
attachPaybondAgentInstrumentation(agent, instrumentationFromRuntime(runtime), runtime.tools);
|
|
381
|
+
return agent;
|
|
382
|
+
}
|
|
383
|
+
if (options?.context) {
|
|
384
|
+
if (isContextProvider(options.context)) {
|
|
385
|
+
const instrumented = createDeferredInstrumented(paybond, policy, rawTools, framework, {
|
|
386
|
+
contextProvider: options.context,
|
|
387
|
+
traceSink,
|
|
388
|
+
});
|
|
389
|
+
attachPaybondAgentInstrumentation(agent, instrumentationFromInstrumented(agent, instrumented), instrumented.tools);
|
|
390
|
+
return agent;
|
|
391
|
+
}
|
|
392
|
+
const runtime = await createBoundRuntime(paybond, policy, rawTools, framework, options.context, "attach", traceSink);
|
|
393
|
+
attachPaybondAgentInstrumentation(agent, instrumentationFromRuntime(runtime), runtime.tools);
|
|
394
|
+
return agent;
|
|
395
|
+
}
|
|
396
|
+
const instrumented = createDeferredInstrumented(paybond, policy, rawTools, framework, { traceSink });
|
|
397
|
+
attachPaybondAgentInstrumentation(agent, instrumentationFromInstrumented(agent, instrumented), instrumented.tools);
|
|
398
|
+
return agent;
|
|
399
|
+
}
|
|
400
|
+
export async function instrumentPaybondAgent(paybond, input, options) {
|
|
401
|
+
if (isInstrumentableAgentObject(input)) {
|
|
402
|
+
return instrumentAgentObject(paybond, input, options);
|
|
403
|
+
}
|
|
404
|
+
const normalized = normalizeInstrumentConfig(input);
|
|
405
|
+
const framework = resolveInstrumentFramework(options?.framework ?? normalized.framework);
|
|
406
|
+
const policy = await resolveInstrumentPolicy(normalized.policy, normalized.tools);
|
|
407
|
+
const traceSink = normalized.traceSink ?? normalized.onTrace;
|
|
408
|
+
const sandbox = normalized.sandbox ?? options?.sandbox ?? false;
|
|
409
|
+
const attachContext = resolveInstrumentAttachContext(normalized.attach ?? options?.attach);
|
|
410
|
+
const context = attachContext ?? normalized.context ?? options?.context;
|
|
411
|
+
if (sandbox) {
|
|
412
|
+
return createBoundRuntime(paybond, policy, normalized.tools, framework, { intentId: "", capabilityToken: "" }, "sandbox", traceSink);
|
|
413
|
+
}
|
|
414
|
+
if (context !== undefined) {
|
|
415
|
+
if (isContextProvider(context)) {
|
|
416
|
+
return createDeferredInstrumented(paybond, policy, normalized.tools, framework, {
|
|
417
|
+
contextProvider: context,
|
|
418
|
+
traceSink,
|
|
419
|
+
});
|
|
420
|
+
}
|
|
421
|
+
return createBoundRuntime(paybond, policy, normalized.tools, framework, context, "attach", traceSink);
|
|
422
|
+
}
|
|
423
|
+
return createDeferredInstrumented(paybond, policy, normalized.tools, framework, { traceSink });
|
|
424
|
+
}
|
|
425
|
+
function frameworkInstrument(paybond, framework, input) {
|
|
426
|
+
return instrumentPaybondAgent(paybond, { ...input, framework });
|
|
427
|
+
}
|
|
428
|
+
export function instrumentPaybondLangGraph(paybond, input) {
|
|
429
|
+
return frameworkInstrument(paybond, "langgraph", input);
|
|
430
|
+
}
|
|
431
|
+
export function instrumentPaybondOpenAI(paybond, input) {
|
|
432
|
+
return frameworkInstrument(paybond, "openai-agents", input);
|
|
433
|
+
}
|
|
434
|
+
export function instrumentPaybondVercel(paybond, input) {
|
|
435
|
+
return frameworkInstrument(paybond, "vercel-ai", input);
|
|
436
|
+
}
|
|
437
|
+
export function instrumentPaybondClaudeAgents(paybond, input) {
|
|
438
|
+
return frameworkInstrument(paybond, "claude-agents", input);
|
|
439
|
+
}
|
|
440
|
+
export function instrumentPaybondMCP(paybond, input) {
|
|
441
|
+
return frameworkInstrument(paybond, "generic", input);
|
|
442
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import type { PaybondAgentRunHost } from "./run.js";
|
|
2
|
+
import { PaybondAuthorizeToolCallInput, PaybondInterceptWrapExecuteInput, PaybondInterceptWrapExecuteResult, PaybondRunBinding, PaybondToolInputGuardDecision } from "./types.js";
|
|
3
|
+
export { PaybondAutoEvidenceSubmitError, PaybondEvidenceSubmitError } from "./types.js";
|
|
4
|
+
/**
|
|
5
|
+
* Pre/post intercept for side-effecting tools: authorize, execute, finalize spend, auto-evidence.
|
|
6
|
+
*/
|
|
7
|
+
export declare class PaybondToolInterceptor {
|
|
8
|
+
private readonly binding;
|
|
9
|
+
private readonly host;
|
|
10
|
+
private readonly authorizedCalls;
|
|
11
|
+
private _inFlightCount;
|
|
12
|
+
constructor(binding: PaybondRunBinding, host: PaybondAgentRunHost);
|
|
13
|
+
/** Active in-flight authorize/execute cycles (blocks policy reload until zero). */
|
|
14
|
+
get inFlightCount(): number;
|
|
15
|
+
private beginInFlight;
|
|
16
|
+
private endInFlight;
|
|
17
|
+
private emitTrace;
|
|
18
|
+
/** Authorize-only pre-execution check for framework tool input guardrails. */
|
|
19
|
+
authorizeToolCall(input: PaybondAuthorizeToolCallInput): Promise<PaybondToolInputGuardDecision>;
|
|
20
|
+
/** Run one tool through the middleware authorize → execute → evidence cycle. */
|
|
21
|
+
wrapExecute<TResult>(input: PaybondInterceptWrapExecuteInput<TResult>): Promise<PaybondInterceptWrapExecuteResult<TResult>>;
|
|
22
|
+
private resolveSideEffectingCall;
|
|
23
|
+
private submitAutoEvidence;
|
|
24
|
+
}
|