@praxis.guard/auditor-cli 0.0.32 → 0.0.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/approval/argv-fingerprint.d.ts +10 -1
- package/dist/approval/argv-fingerprint.d.ts.map +1 -1
- package/dist/approval/argv-fingerprint.js +10 -1
- package/dist/approval/argv-fingerprint.js.map +1 -1
- package/dist/approval/hook-inline-approval.d.ts +2 -0
- package/dist/approval/hook-inline-approval.d.ts.map +1 -1
- package/dist/approval/hook-inline-approval.js +6 -2
- package/dist/approval/hook-inline-approval.js.map +1 -1
- package/dist/approval/mcp-flow.d.ts +4 -2
- package/dist/approval/mcp-flow.d.ts.map +1 -1
- package/dist/approval/mcp-flow.js +9 -3
- package/dist/approval/mcp-flow.js.map +1 -1
- package/dist/approval/redeem.d.ts +2 -0
- package/dist/approval/redeem.d.ts.map +1 -1
- package/dist/approval/redeem.js +7 -2
- package/dist/approval/redeem.js.map +1 -1
- package/dist/bridge/execution-ticket.d.ts +3 -0
- package/dist/bridge/execution-ticket.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.js +38 -9
- package/dist/bridge/execution-ticket.js.map +1 -1
- package/dist/bridge/shell-approval-bridge.d.ts +14 -5
- package/dist/bridge/shell-approval-bridge.d.ts.map +1 -1
- package/dist/bridge/shell-approval-bridge.js +47 -24
- package/dist/bridge/shell-approval-bridge.js.map +1 -1
- package/dist/hooks/before-mcp-argv.d.ts +17 -0
- package/dist/hooks/before-mcp-argv.d.ts.map +1 -0
- package/dist/hooks/before-mcp-argv.js +67 -0
- package/dist/hooks/before-mcp-argv.js.map +1 -0
- package/dist/hooks/before-mcp-mutate.d.ts +23 -0
- package/dist/hooks/before-mcp-mutate.d.ts.map +1 -0
- package/dist/hooks/before-mcp-mutate.js +76 -0
- package/dist/hooks/before-mcp-mutate.js.map +1 -0
- package/dist/hooks/before-mcp-skipped.d.ts +14 -0
- package/dist/hooks/before-mcp-skipped.d.ts.map +1 -0
- package/dist/hooks/before-mcp-skipped.js +56 -0
- package/dist/hooks/before-mcp-skipped.js.map +1 -0
- package/dist/hooks/before-mcp-types.d.ts +15 -0
- package/dist/hooks/before-mcp-types.d.ts.map +1 -0
- package/dist/hooks/before-mcp-types.js +2 -0
- package/dist/hooks/before-mcp-types.js.map +1 -0
- package/dist/hooks/before-shell-io.d.ts +3 -0
- package/dist/hooks/before-shell-io.d.ts.map +1 -0
- package/dist/hooks/before-shell-io.js +26 -0
- package/dist/hooks/before-shell-io.js.map +1 -0
- package/dist/hooks/before-shell-mutate.d.ts +23 -0
- package/dist/hooks/before-shell-mutate.d.ts.map +1 -0
- package/dist/hooks/before-shell-mutate.js +74 -0
- package/dist/hooks/before-shell-mutate.js.map +1 -0
- package/dist/hooks/before-shell-skipped.d.ts +11 -0
- package/dist/hooks/before-shell-skipped.d.ts.map +1 -0
- package/dist/hooks/before-shell-skipped.js +49 -0
- package/dist/hooks/before-shell-skipped.js.map +1 -0
- package/dist/hooks/before-shell-types.d.ts +12 -0
- package/dist/hooks/before-shell-types.d.ts.map +1 -0
- package/dist/hooks/before-shell-types.js +2 -0
- package/dist/hooks/before-shell-types.js.map +1 -0
- package/dist/hooks/run-before-mcp.d.ts +3 -27
- package/dist/hooks/run-before-mcp.d.ts.map +1 -1
- package/dist/hooks/run-before-mcp.js +57 -195
- package/dist/hooks/run-before-mcp.js.map +1 -1
- package/dist/hooks/run-before-shell.d.ts +2 -10
- package/dist/hooks/run-before-shell.d.ts.map +1 -1
- package/dist/hooks/run-before-shell.js +63 -142
- package/dist/hooks/run-before-shell.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -2
- package/dist/index.js.map +1 -1
- package/dist/mcp/evaluate-guard.d.ts +11 -0
- package/dist/mcp/evaluate-guard.d.ts.map +1 -0
- package/dist/mcp/evaluate-guard.js +159 -0
- package/dist/mcp/evaluate-guard.js.map +1 -0
- package/dist/mcp/guard-approval-block.d.ts +27 -0
- package/dist/mcp/guard-approval-block.d.ts.map +1 -0
- package/dist/mcp/guard-approval-block.js +155 -0
- package/dist/mcp/guard-approval-block.js.map +1 -0
- package/dist/mcp/guard-heartbeat.d.ts +6 -0
- package/dist/mcp/guard-heartbeat.d.ts.map +1 -0
- package/dist/mcp/guard-heartbeat.js +68 -0
- package/dist/mcp/guard-heartbeat.js.map +1 -0
- package/dist/mcp/guard-schemas.d.ts +42 -0
- package/dist/mcp/guard-schemas.d.ts.map +1 -0
- package/dist/mcp/guard-schemas.js +39 -0
- package/dist/mcp/guard-schemas.js.map +1 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +4 -327
- package/dist/mcp/server.js.map +1 -1
- package/dist/policies.v1.json +4 -0
- package/dist/policy/index.d.ts +4 -0
- package/dist/policy/index.d.ts.map +1 -1
- package/dist/policy/index.js +6 -0
- package/dist/policy/index.js.map +1 -1
- package/dist/shell/analyze-command-aggregate.d.ts +16 -0
- package/dist/shell/analyze-command-aggregate.d.ts.map +1 -0
- package/dist/shell/analyze-command-aggregate.js +89 -0
- package/dist/shell/analyze-command-aggregate.js.map +1 -0
- package/dist/shell/analyze-command-invocations.d.ts +11 -0
- package/dist/shell/analyze-command-invocations.d.ts.map +1 -0
- package/dist/shell/analyze-command-invocations.js +113 -0
- package/dist/shell/analyze-command-invocations.js.map +1 -0
- package/dist/shell/analyze-command.d.ts +7 -0
- package/dist/shell/analyze-command.d.ts.map +1 -0
- package/dist/shell/analyze-command.js +46 -0
- package/dist/shell/analyze-command.js.map +1 -0
- package/dist/shell/analyze-command.types.d.ts +38 -0
- package/dist/shell/analyze-command.types.d.ts.map +1 -0
- package/dist/shell/analyze-command.types.js +2 -0
- package/dist/shell/analyze-command.types.js.map +1 -0
- package/dist/shell/evaluate.d.ts +15 -18
- package/dist/shell/evaluate.d.ts.map +1 -1
- package/dist/shell/evaluate.js +57 -47
- package/dist/shell/evaluate.js.map +1 -1
- package/dist/shell/governed-tools.d.ts +18 -1
- package/dist/shell/governed-tools.d.ts.map +1 -1
- package/dist/shell/governed-tools.js +60 -1
- package/dist/shell/governed-tools.js.map +1 -1
- package/dist/shell/guard-eval.d.ts +15 -0
- package/dist/shell/guard-eval.d.ts.map +1 -0
- package/dist/shell/guard-eval.js +35 -0
- package/dist/shell/guard-eval.js.map +1 -0
- package/dist/shell/parse-segments.d.ts +14 -0
- package/dist/shell/parse-segments.d.ts.map +1 -0
- package/dist/shell/parse-segments.js +41 -0
- package/dist/shell/parse-segments.js.map +1 -0
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run-before-shell.js","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"run-before-shell.js","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAC3E,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,gCAAgC,EAAE,MAAM,0BAA0B,CAAC;AAC5E,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC1E,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,EACL,mCAAmC,EACnC,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAK5B,SAAS,gBAAgB,CAAC,IAAU;IAClC,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B;IAC/C,MAAM,OAAO,GAAG,MAAM,aAAa,EAA+B,CAAC;IACnE,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAEhC,IAAI,CAAC,6BAA6B,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,YAAY,CAAC;QAC5E,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QACzF,MAAM,cAAc,GAAG,MAAM,sBAAsB,EAAE,CAAC;QACtD,MAAM,sBAAsB,CAAC;YAC3B,OAAO;YACP,UAAU;YACV,cAAc;YACd,YAAY,EAAE,YAAY,IAAI,EAAE;YAChC,eAAe;SAChB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,sBAAsB,EAAE,CAAC,CAAC,CAAC;IACjG,MAAM,QAAQ,GAAG,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAEtD,MAAM,WAAW,GAAG,uBAAuB,CACzC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAC1D,CAAC;IAEF,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,sBAAsB,CAAC;YAC3B,OAAO;YACP,UAAU,EAAE,wBAAwB;YACpC,cAAc;YACd,YAAY,EAAE,WAAW;YACzB,eAAe;YACf,QAAQ;SACT,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC;IAC7C,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC;IAC/C,MAAM,IAAI,GAAS,QAAQ,CAAC,IAAI,CAAC;IAEjC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,OAAO;QAAE,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IACtF,IAAI,UAAU,CAAC,KAAK,CAAC,cAAc,IAAI,QAAQ,CAAC,kBAAkB;QAAE,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACnG,IAAI,UAAU,CAAC,KAAK,CAAC,eAAe;QAAE,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACtE,IAAI,QAAQ,CAAC,WAAW;QAAE,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACnE,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,iCAAiC,QAAQ,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;IAChF,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,kBAAkB,GAAkB,IAAI,CAAC;IAC7C,IAAI,cAAc,GAAoD,IAAI,CAAC;IAE3E,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,MAAM,GAAG,MAAM,gCAAgC,CAAC;YACpD,IAAI;YACJ,IAAI;YACJ,QAAQ;YACR,WAAW;YACX,UAAU,EAAE,OAAO,CAAC,OAAO;YAC3B,cAAc;YACd,cAAc,EAAE,OAAO;SACxB,CAAC,CAAC;QACH,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QAC/B,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QACvC,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,CAAC;QAC/C,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QACvC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;IAClC,CAAC;IAED,MAAM,YAAY,GAAG,mCAAmC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAChB,UAAU,KAAK,MAAM;QACnB,CAAC,CAAC,sBAAsB,CAAC;YACrB,IAAI,EAAE,sBAAsB;YAC5B,IAAI;YACJ,IAAI;YACJ,OAAO;YACP,cAAc;SACf,CAAC;QACJ,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,QAAQ,GACZ,UAAU,KAAK,OAAO;QACpB,CAAC,CAAC;YACE,UAAU;YACV,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD;QACH,CAAC,CAAC;YACE,UAAU;YACV,YAAY,EAAE,YAAa,CAAC,YAAY;YACxC,aAAa,EAAE,YAAa,CAAC,aAAa;SAC3C,CAAC;IAER,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;IACvD,MAAM,mBAAmB,CACvB;QACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,IAAI,EAAE,sBAAsB;QAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,IAAI;QACJ,aAAa,EAAE,IAAI;QACnB,gBAAgB,EAAE,QAAQ,CAAC,WAAW,CAAC,MAAM;QAC7C,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,IAAI;QACJ,UAAU;QACV,cAAc;QACd,iBAAiB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;QACrD,OAAO;QACP,oBAAoB,EAAE,kBAAkB;QACxC,UAAU;KACX,EACD,WAAW,CACZ,CAAC;IAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExD,MAAM,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,cAAc,CAAC;QACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,IAAI,EAAE,cAAc;QACpB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI;QAC1B,GAAG,EAAE,OAAO,CAAC,OAAO;QACpB,IAAI;QACJ,QAAQ,EAAE,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACpD,UAAU;QACV,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,OAAO;QACb,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,EAAE;YACJ,IAAI,EAAE,sBAAsB;YAC5B,cAAc;YACd,mBAAmB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;YACvD,oBAAoB,EAAE,kBAAkB;YACxC,gBAAgB,EAAE,QAAQ,CAAC,WAAW,CAAC,MAAM;SAC9C;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,GAAY;IACtD,OAAO;QACL,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,0DAA0D;QACxE,aAAa,EAAE,uBAAuB,MAAM,CAAC,GAAG,CAAC,EAAE;KACpD,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export { loadPoliciesV1 } from "./policy/index.js";
|
|
2
2
|
export type { PoliciesV1, Tier, Classification } from "./policy/index.js";
|
|
3
3
|
export { appendAuditJsonl } from "./audit/jsonl.js";
|
|
4
|
-
export { DEFAULT_SHELL_BRIDGE_TTL_MS, recordShellApprovalBridge, shellArgvApprovalId, shellBridgeDir, shouldRecordShellBridge, tryConsumeShellApprovalBridge, } from "./bridge/shell-approval-bridge.js";
|
|
5
|
-
export {
|
|
4
|
+
export { DEFAULT_SHELL_BRIDGE_TTL_MS, recordShellApprovalBridge, shellApprovalFingerprintId, shellArgvApprovalId, shellBridgeDir, shouldRecordShellBridge, tryConsumeShellApprovalBridge, } from "./bridge/shell-approval-bridge.js";
|
|
5
|
+
export { analyzeShellCommand, evaluateArgv, evaluateMcpProposal, evaluateShellProposal, gateShellCommand, listShellGovernedTools, parseCommandToArgv, commandMayContainGovernedTool, DEFAULT_GOVERNED_SHELL_TOOLS, type GuardEvaluation, type GuardReason, type ShellAnalysis, type ShellApprovalFingerprintPayload, type ShellGateDecision, } from "./shell/evaluate.js";
|
|
6
6
|
export { failClosedHookErrorResponse, runBeforeShellHookFromStdin, type BeforeShellExecutionPayload, type BeforeShellExecutionResponse, } from "./hooks/run-before-shell.js";
|
|
7
7
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAE1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,mBAAmB,EACnB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAE1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,0BAA0B,EAC1B,mBAAmB,EACnB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,EACtB,kBAAkB,EAClB,6BAA6B,EAC7B,4BAA4B,EAC5B,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,+BAA+B,EACpC,KAAK,iBAAiB,GACvB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,2BAA2B,EAC3B,2BAA2B,EAC3B,KAAK,2BAA2B,EAChC,KAAK,4BAA4B,GAClC,MAAM,6BAA6B,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export { loadPoliciesV1 } from "./policy/index.js";
|
|
2
2
|
export { appendAuditJsonl } from "./audit/jsonl.js";
|
|
3
|
-
export { DEFAULT_SHELL_BRIDGE_TTL_MS, recordShellApprovalBridge, shellArgvApprovalId, shellBridgeDir, shouldRecordShellBridge, tryConsumeShellApprovalBridge, } from "./bridge/shell-approval-bridge.js";
|
|
4
|
-
export {
|
|
3
|
+
export { DEFAULT_SHELL_BRIDGE_TTL_MS, recordShellApprovalBridge, shellApprovalFingerprintId, shellArgvApprovalId, shellBridgeDir, shouldRecordShellBridge, tryConsumeShellApprovalBridge, } from "./bridge/shell-approval-bridge.js";
|
|
4
|
+
export { analyzeShellCommand, evaluateArgv, evaluateMcpProposal, evaluateShellProposal, gateShellCommand, listShellGovernedTools, parseCommandToArgv, commandMayContainGovernedTool, DEFAULT_GOVERNED_SHELL_TOOLS, } from "./shell/evaluate.js";
|
|
5
5
|
export { failClosedHookErrorResponse, runBeforeShellHookFromStdin, } from "./hooks/run-before-shell.js";
|
|
6
6
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,mBAAmB,EACnB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,0BAA0B,EAC1B,mBAAmB,EACnB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,EACtB,kBAAkB,EAClB,6BAA6B,EAC7B,4BAA4B,GAM7B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,2BAA2B,EAC3B,2BAA2B,GAG5B,MAAM,6BAA6B,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { loadPoliciesV1 } from "../policy/index.js";
|
|
2
|
+
import type { GuardInput } from "./guard-schemas.js";
|
|
3
|
+
export type PolicyState = {
|
|
4
|
+
policy: Awaited<ReturnType<typeof loadPoliciesV1>>;
|
|
5
|
+
policyRevision: number | null;
|
|
6
|
+
};
|
|
7
|
+
export declare function evaluateGuard(input: GuardInput, policyState: PolicyState): Promise<{
|
|
8
|
+
response: Record<string, unknown>;
|
|
9
|
+
startedAt: number;
|
|
10
|
+
}>;
|
|
11
|
+
//# sourceMappingURL=evaluate-guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evaluate-guard.d.ts","sourceRoot":"","sources":["../../src/mcp/evaluate-guard.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAqC,MAAM,oBAAoB,CAAC;AAavF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,cAAc,CAAC,CAAC,CAAC;IACnD,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B,CAAC;AA+CF,wBAAsB,aAAa,CACjC,KAAK,EAAE,UAAU,EACjB,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC,CA+HnE"}
|
|
@@ -0,0 +1,159 @@
|
|
|
1
|
+
import { v4 as uuidv4 } from "uuid";
|
|
2
|
+
import { loadPoliciesV1, readPoliciesV1Revision } from "../policy/index.js";
|
|
3
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
4
|
+
import { evaluateMcpProposal, evaluateShellProposal } from "../shell/evaluate.js";
|
|
5
|
+
import { sendGuardEvent } from "../telemetry/guard-events.js";
|
|
6
|
+
import { getInstallId } from "../cli/install-id.js";
|
|
7
|
+
import { resolveGuardAuditStatus } from "./guard-audit-status.js";
|
|
8
|
+
import { applyGuardMode, tierToPolicyDecision } from "./guard-mode.js";
|
|
9
|
+
import { resetHeartbeatIdle } from "./guard-heartbeat.js";
|
|
10
|
+
import { defaultApprovalBlock, resolveEnforceMutateApproval, } from "./guard-approval-block.js";
|
|
11
|
+
function riskScore(skipped, tier) {
|
|
12
|
+
if (skipped)
|
|
13
|
+
return 0;
|
|
14
|
+
if (tier === "READ")
|
|
15
|
+
return 0;
|
|
16
|
+
if (tier === "MUTATE")
|
|
17
|
+
return 60;
|
|
18
|
+
return 95;
|
|
19
|
+
}
|
|
20
|
+
function resolveTierDecision(input) {
|
|
21
|
+
const { mode, skipped, tier } = input;
|
|
22
|
+
let enforceDecision = tierToPolicyDecision(tier, skipped);
|
|
23
|
+
const approvalBlock = defaultApprovalBlock();
|
|
24
|
+
if (skipped) {
|
|
25
|
+
return { enforceDecision: "allow", approvalBlock };
|
|
26
|
+
}
|
|
27
|
+
if (tier === "DESTRUCTIVE") {
|
|
28
|
+
return {
|
|
29
|
+
enforceDecision: "block",
|
|
30
|
+
approvalBlock: {
|
|
31
|
+
...approvalBlock,
|
|
32
|
+
instructions: "DESTRUCTIVE actions cannot be approved via guard. Escalate outside the agent loop.",
|
|
33
|
+
},
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
if (tier === "READ") {
|
|
37
|
+
return { enforceDecision: "allow", approvalBlock };
|
|
38
|
+
}
|
|
39
|
+
if (mode === "shadow") {
|
|
40
|
+
return {
|
|
41
|
+
enforceDecision: "require_approval",
|
|
42
|
+
approvalBlock: {
|
|
43
|
+
...approvalBlock,
|
|
44
|
+
instructions: "Shadow mode: no approval request created. Re-call with mode enforce to coordinate human approval.",
|
|
45
|
+
},
|
|
46
|
+
};
|
|
47
|
+
}
|
|
48
|
+
return { enforceDecision, approvalBlock };
|
|
49
|
+
}
|
|
50
|
+
export async function evaluateGuard(input, policyState) {
|
|
51
|
+
const startedAt = performance.now();
|
|
52
|
+
const event_id = uuidv4();
|
|
53
|
+
resetHeartbeatIdle();
|
|
54
|
+
policyState.policy = await loadPoliciesV1();
|
|
55
|
+
policyState.policyRevision = await readPoliciesV1Revision();
|
|
56
|
+
const storageRoot = resolveGuardStorageRoot(input.proposal.cwd);
|
|
57
|
+
const shellCommand = input.proposal.kind === "shell"
|
|
58
|
+
? input.proposal.raw_command ?? input.proposal.argv.join(" ")
|
|
59
|
+
: null;
|
|
60
|
+
const shellResult = input.proposal.kind === "shell" && shellCommand
|
|
61
|
+
? evaluateShellProposal(policyState.policy, shellCommand)
|
|
62
|
+
: null;
|
|
63
|
+
const mcpResult = input.proposal.kind === "mcp"
|
|
64
|
+
? evaluateMcpProposal(policyState.policy, input.proposal.argv)
|
|
65
|
+
: null;
|
|
66
|
+
const skipped = shellResult?.skipped ?? mcpResult?.skipped ?? true;
|
|
67
|
+
const evaluation = shellResult?.evaluation ?? mcpResult.evaluation;
|
|
68
|
+
const analysis = shellResult?.analysis;
|
|
69
|
+
const argv = evaluation.argv;
|
|
70
|
+
const tier = evaluation.tier;
|
|
71
|
+
const reasons = [...evaluation.reasons];
|
|
72
|
+
const policyReasons = [...evaluation.reasons];
|
|
73
|
+
let { enforceDecision, approvalBlock } = resolveTierDecision({
|
|
74
|
+
mode: input.mode,
|
|
75
|
+
skipped,
|
|
76
|
+
tier,
|
|
77
|
+
});
|
|
78
|
+
let approvalRequestId = null;
|
|
79
|
+
if (!skipped &&
|
|
80
|
+
tier !== "DESTRUCTIVE" &&
|
|
81
|
+
tier !== "READ" &&
|
|
82
|
+
input.mode === "enforce") {
|
|
83
|
+
const mutate = await resolveEnforceMutateApproval({
|
|
84
|
+
guardInput: input,
|
|
85
|
+
argv,
|
|
86
|
+
storageRoot,
|
|
87
|
+
eventId: event_id,
|
|
88
|
+
policyRevision: policyState.policyRevision,
|
|
89
|
+
reasons,
|
|
90
|
+
approval_fingerprint: analysis?.approval_fingerprint_payload ?? null,
|
|
91
|
+
});
|
|
92
|
+
enforceDecision = mutate.enforceDecision;
|
|
93
|
+
approvalBlock = mutate.approvalBlock;
|
|
94
|
+
approvalRequestId = mutate.approvalRequestId;
|
|
95
|
+
}
|
|
96
|
+
const { decision, shadow } = applyGuardMode({
|
|
97
|
+
mode: input.mode,
|
|
98
|
+
skipped,
|
|
99
|
+
tier,
|
|
100
|
+
policyReasons,
|
|
101
|
+
enforceDecision,
|
|
102
|
+
});
|
|
103
|
+
const response = {
|
|
104
|
+
mode: input.mode,
|
|
105
|
+
decision,
|
|
106
|
+
skipped,
|
|
107
|
+
tier,
|
|
108
|
+
risk_score: riskScore(skipped, tier),
|
|
109
|
+
reasons,
|
|
110
|
+
shadow,
|
|
111
|
+
approval: approvalBlock,
|
|
112
|
+
audit: {
|
|
113
|
+
event_id,
|
|
114
|
+
timestamp: new Date().toISOString(),
|
|
115
|
+
latency_ms: performance.now() - startedAt,
|
|
116
|
+
},
|
|
117
|
+
execution: {
|
|
118
|
+
attempted: false,
|
|
119
|
+
result: null,
|
|
120
|
+
},
|
|
121
|
+
};
|
|
122
|
+
const firstReason = reasons.find((r) => typeof r?.message === "string")?.message ??
|
|
123
|
+
reasons.find((r) => typeof r?.code === "string")?.code ??
|
|
124
|
+
null;
|
|
125
|
+
const actionVerb = argv[1] ?? null;
|
|
126
|
+
const actionResource = argv.length > 2 ? argv.slice(2).join(" ") : null;
|
|
127
|
+
const status = resolveGuardAuditStatus({ skipped, decision });
|
|
128
|
+
void sendGuardEvent({
|
|
129
|
+
ts: new Date().toISOString(),
|
|
130
|
+
status,
|
|
131
|
+
skipped,
|
|
132
|
+
...(skipped
|
|
133
|
+
? {
|
|
134
|
+
skip_reason: input.proposal.kind === "shell" ? "no_governed_invocation" : "mcp_policy_unmatched",
|
|
135
|
+
}
|
|
136
|
+
: {}),
|
|
137
|
+
tool: "auditor-mcp",
|
|
138
|
+
command_path: argv[0] ?? null,
|
|
139
|
+
verb: actionVerb,
|
|
140
|
+
resource: actionResource,
|
|
141
|
+
reason: firstReason,
|
|
142
|
+
cmd: shellCommand ?? argv.join(" "),
|
|
143
|
+
tier,
|
|
144
|
+
decision,
|
|
145
|
+
latency_ms: performance.now() - startedAt,
|
|
146
|
+
event_id,
|
|
147
|
+
installId: getInstallId(),
|
|
148
|
+
kind: input.proposal.kind,
|
|
149
|
+
...(policyState.policyRevision !== null
|
|
150
|
+
? { policy_revision: policyState.policyRevision }
|
|
151
|
+
: {}),
|
|
152
|
+
...(approvalRequestId ? { approval_request_id: approvalRequestId } : {}),
|
|
153
|
+
meta: {
|
|
154
|
+
invocation_count: analysis?.invocations.length ?? null,
|
|
155
|
+
},
|
|
156
|
+
});
|
|
157
|
+
return { response, startedAt };
|
|
158
|
+
}
|
|
159
|
+
//# sourceMappingURL=evaluate-guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evaluate-guard.js","sourceRoot":"","sources":["../../src/mcp/evaluate-guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AAEpC,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AACvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAsB,MAAM,iBAAiB,CAAC;AAC3F,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EACL,oBAAoB,EACpB,4BAA4B,GAE7B,MAAM,2BAA2B,CAAC;AAQnC,SAAS,SAAS,CAAC,OAAgB,EAAE,IAAU;IAC7C,IAAI,OAAO;QAAE,OAAO,CAAC,CAAC;IACtB,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,CAAC,CAAC;IAC9B,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACjC,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,mBAAmB,CAAC,KAI5B;IACC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;IACtC,IAAI,eAAe,GAAG,oBAAoB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC1D,MAAM,aAAa,GAAG,oBAAoB,EAAE,CAAC;IAE7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC;IACrD,CAAC;IACD,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;QAC3B,OAAO;YACL,eAAe,EAAE,OAAO;YACxB,aAAa,EAAE;gBACb,GAAG,aAAa;gBAChB,YAAY,EACV,oFAAoF;aACvF;SACF,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC;IACrD,CAAC;IACD,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,OAAO;YACL,eAAe,EAAE,kBAAkB;YACnC,aAAa,EAAE;gBACb,GAAG,aAAa;gBAChB,YAAY,EACV,mGAAmG;aACtG;SACF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAiB,EACjB,WAAwB;IAExB,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC;IAC1B,kBAAkB,EAAE,CAAC;IAErB,WAAW,CAAC,MAAM,GAAG,MAAM,cAAc,EAAE,CAAC;IAC5C,WAAW,CAAC,cAAc,GAAG,MAAM,sBAAsB,EAAE,CAAC;IAE5D,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAChE,MAAM,YAAY,GAChB,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,OAAO;QAC7B,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7D,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,WAAW,GACf,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,OAAO,IAAI,YAAY;QAC7C,CAAC,CAAC,qBAAqB,CAAC,WAAW,CAAC,MAAM,EAAE,YAAY,CAAC;QACzD,CAAC,CAAC,IAAI,CAAC;IACX,MAAM,SAAS,GACb,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK;QAC3B,CAAC,CAAC,mBAAmB,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC9D,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,OAAO,GAAG,WAAW,EAAE,OAAO,IAAI,SAAS,EAAE,OAAO,IAAI,IAAI,CAAC;IACnE,MAAM,UAAU,GAAG,WAAW,EAAE,UAAU,IAAI,SAAU,CAAC,UAAU,CAAC;IACpE,MAAM,QAAQ,GAAG,WAAW,EAAE,QAAQ,CAAC;IACvC,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC;IAE7B,MAAM,IAAI,GAAS,UAAU,CAAC,IAAI,CAAC;IACnC,MAAM,OAAO,GAAG,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,aAAa,GAAG,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IAE9C,IAAI,EAAE,eAAe,EAAE,aAAa,EAAE,GAAG,mBAAmB,CAAC;QAC3D,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,OAAO;QACP,IAAI;KACL,CAAC,CAAC;IACH,IAAI,iBAAiB,GAAkB,IAAI,CAAC;IAE5C,IACE,CAAC,OAAO;QACR,IAAI,KAAK,aAAa;QACtB,IAAI,KAAK,MAAM;QACf,KAAK,CAAC,IAAI,KAAK,SAAS,EACxB,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,4BAA4B,CAAC;YAChD,UAAU,EAAE,KAAK;YACjB,IAAI;YACJ,WAAW;YACX,OAAO,EAAE,QAAQ;YACjB,cAAc,EAAE,WAAW,CAAC,cAAc;YAC1C,OAAO;YACP,oBAAoB,EAAE,QAAQ,EAAE,4BAA4B,IAAI,IAAI;SACrE,CAAC,CAAC;QACH,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;QACzC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QACrC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAC/C,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,cAAc,CAAC;QAC1C,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,OAAO;QACP,IAAI;QACJ,aAAa;QACb,eAAe;KAChB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG;QACf,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,QAAQ;QACR,OAAO;QACP,IAAI;QACJ,UAAU,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC;QACpC,OAAO;QACP,MAAM;QACN,QAAQ,EAAE,aAAa;QACvB,KAAK,EAAE;YACL,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;SAC1C;QACD,SAAS,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,MAAM,EAAE,IAAI;SACb;KACF,CAAC;IAEF,MAAM,WAAW,GACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,OAAO,KAAK,QAAQ,CAAC,EAAE,OAAO;QAC5D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,IAAI,KAAK,QAAQ,CAAC,EAAE,IAAI;QACtD,IAAI,CAAC;IACP,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IACnC,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACxE,MAAM,MAAM,GAAG,uBAAuB,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC;IAE9D,KAAK,cAAc,CAAC;QAClB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,OAAO;QACP,GAAG,CAAC,OAAO;YACT,CAAC,CAAC;gBACE,WAAW,EACT,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,sBAAsB;aACtF;YACH,CAAC,CAAC,EAAE,CAAC;QACP,IAAI,EAAE,aAAa;QACnB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,cAAc;QACxB,MAAM,EAAE,WAAW;QACnB,GAAG,EAAE,YAAY,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;QACnC,IAAI;QACJ,QAAQ;QACR,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;QACzC,QAAQ;QACR,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI;QACzB,GAAG,CAAC,WAAW,CAAC,cAAc,KAAK,IAAI;YACrC,CAAC,CAAC,EAAE,eAAe,EAAE,WAAW,CAAC,cAAc,EAAE;YACjD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,IAAI,EAAE;YACJ,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC,MAAM,IAAI,IAAI;SACvD;KACF,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import type { GuardDecision } from "./guard-mode.js";
|
|
2
|
+
import type { GuardInput } from "./guard-schemas.js";
|
|
3
|
+
export type ApprovalBlock = {
|
|
4
|
+
required: boolean;
|
|
5
|
+
request_id: string | null;
|
|
6
|
+
expires_at: string | null;
|
|
7
|
+
open_url: string | null;
|
|
8
|
+
instructions: string | null;
|
|
9
|
+
redeemed: boolean;
|
|
10
|
+
approved_by: string | null;
|
|
11
|
+
};
|
|
12
|
+
export declare function defaultApprovalBlock(): ApprovalBlock;
|
|
13
|
+
export declare function approvalBlockNoToken(): ApprovalBlock;
|
|
14
|
+
export declare function resolveEnforceMutateApproval(input: {
|
|
15
|
+
guardInput: GuardInput;
|
|
16
|
+
argv: string[];
|
|
17
|
+
storageRoot: string;
|
|
18
|
+
eventId: string;
|
|
19
|
+
policyRevision: number | null;
|
|
20
|
+
reasons: unknown[];
|
|
21
|
+
approval_fingerprint?: import("../shell/analyze-command.js").ShellApprovalFingerprintPayload | null;
|
|
22
|
+
}): Promise<{
|
|
23
|
+
enforceDecision: GuardDecision;
|
|
24
|
+
approvalBlock: ApprovalBlock;
|
|
25
|
+
approvalRequestId: string | null;
|
|
26
|
+
}>;
|
|
27
|
+
//# sourceMappingURL=guard-approval-block.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-approval-block.d.ts","sourceRoot":"","sources":["../../src/mcp/guard-approval-block.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B,CAAC;AAEF,wBAAgB,oBAAoB,IAAI,aAAa,CAUpD;AAED,wBAAgB,oBAAoB,IAAI,aAAa,CAWpD;AAuFD,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,UAAU,EAAE,UAAU,CAAC;IACvB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,OAAO,EAAE,OAAO,EAAE,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,6BAA6B,EAAE,+BAA+B,GAAG,IAAI,CAAC;CACrG,GAAG,OAAO,CAAC;IACV,eAAe,EAAE,aAAa,CAAC;IAC/B,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;CAClC,CAAC,CA2DD"}
|
|
@@ -0,0 +1,155 @@
|
|
|
1
|
+
import { resolveGuardToken } from "../cli/credentials.js";
|
|
2
|
+
import { resolveMutateApproval } from "../approval/mcp-flow.js";
|
|
3
|
+
export function defaultApprovalBlock() {
|
|
4
|
+
return {
|
|
5
|
+
required: false,
|
|
6
|
+
request_id: null,
|
|
7
|
+
expires_at: null,
|
|
8
|
+
open_url: null,
|
|
9
|
+
instructions: null,
|
|
10
|
+
redeemed: false,
|
|
11
|
+
approved_by: null,
|
|
12
|
+
};
|
|
13
|
+
}
|
|
14
|
+
export function approvalBlockNoToken() {
|
|
15
|
+
return {
|
|
16
|
+
required: true,
|
|
17
|
+
request_id: null,
|
|
18
|
+
expires_at: null,
|
|
19
|
+
open_url: null,
|
|
20
|
+
instructions: "MUTATE requires human approval. Run `auditor login` (or set PRAXIS_GUARD_TOKEN), then call guard again.",
|
|
21
|
+
redeemed: false,
|
|
22
|
+
approved_by: null,
|
|
23
|
+
};
|
|
24
|
+
}
|
|
25
|
+
function approvalBlockFromOutcome(outcome, fallbackRequestId) {
|
|
26
|
+
if (outcome.kind === "allow") {
|
|
27
|
+
if (!outcome.ticketRecorded) {
|
|
28
|
+
return {
|
|
29
|
+
enforceDecision: "require_approval",
|
|
30
|
+
approvalRequestId: outcome.request_id,
|
|
31
|
+
approvalBlock: {
|
|
32
|
+
required: true,
|
|
33
|
+
request_id: outcome.request_id,
|
|
34
|
+
expires_at: null,
|
|
35
|
+
open_url: null,
|
|
36
|
+
instructions: "Approval redeemed but execution ticket was not written under .cursor/guard/tickets. Fix permissions and call guard_wait again.",
|
|
37
|
+
redeemed: false,
|
|
38
|
+
approved_by: outcome.approved_by,
|
|
39
|
+
},
|
|
40
|
+
};
|
|
41
|
+
}
|
|
42
|
+
return {
|
|
43
|
+
enforceDecision: "allow",
|
|
44
|
+
approvalRequestId: outcome.request_id,
|
|
45
|
+
approvalBlock: {
|
|
46
|
+
required: false,
|
|
47
|
+
request_id: outcome.request_id,
|
|
48
|
+
expires_at: null,
|
|
49
|
+
open_url: null,
|
|
50
|
+
instructions: "Approval redeemed; retry the same shell/MCP invocation (hook consumes execution ticket).",
|
|
51
|
+
redeemed: outcome.redeemed,
|
|
52
|
+
approved_by: outcome.approved_by,
|
|
53
|
+
},
|
|
54
|
+
};
|
|
55
|
+
}
|
|
56
|
+
if (outcome.kind === "credential_not_recorded") {
|
|
57
|
+
return {
|
|
58
|
+
enforceDecision: "require_approval",
|
|
59
|
+
approvalRequestId: outcome.request_id,
|
|
60
|
+
approvalBlock: {
|
|
61
|
+
required: true,
|
|
62
|
+
request_id: outcome.request_id,
|
|
63
|
+
expires_at: null,
|
|
64
|
+
open_url: null,
|
|
65
|
+
instructions: `${outcome.message} Hooks will deny until a credential is recorded; retry guard after fixing local write permissions.`,
|
|
66
|
+
redeemed: false,
|
|
67
|
+
approved_by: null,
|
|
68
|
+
},
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
if (outcome.kind === "require_approval") {
|
|
72
|
+
return {
|
|
73
|
+
enforceDecision: "require_approval",
|
|
74
|
+
approvalRequestId: outcome.request_id,
|
|
75
|
+
approvalBlock: {
|
|
76
|
+
required: true,
|
|
77
|
+
request_id: outcome.request_id,
|
|
78
|
+
expires_at: outcome.expires_at,
|
|
79
|
+
open_url: outcome.open_url,
|
|
80
|
+
instructions: "Human must approve in the Praxis app (or dev: `auditor approvals approve <id>`). Prefer guard_wait with context.approval.request_id and context.wait_ms, then retry once.",
|
|
81
|
+
redeemed: false,
|
|
82
|
+
approved_by: null,
|
|
83
|
+
},
|
|
84
|
+
};
|
|
85
|
+
}
|
|
86
|
+
return {
|
|
87
|
+
enforceDecision: "require_approval",
|
|
88
|
+
approvalRequestId: null,
|
|
89
|
+
approvalBlock: {
|
|
90
|
+
required: true,
|
|
91
|
+
request_id: fallbackRequestId,
|
|
92
|
+
expires_at: null,
|
|
93
|
+
open_url: null,
|
|
94
|
+
instructions: `Approval backend error: ${outcome.message}. Hooks will deny MUTATE until resolved.`,
|
|
95
|
+
redeemed: false,
|
|
96
|
+
approved_by: null,
|
|
97
|
+
},
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
export async function resolveEnforceMutateApproval(input) {
|
|
101
|
+
const { guardInput, argv, storageRoot, eventId, policyRevision, reasons } = input;
|
|
102
|
+
if (!resolveGuardToken()) {
|
|
103
|
+
reasons.push({
|
|
104
|
+
code: "approval_backend_unavailable",
|
|
105
|
+
message: "No guard token; cannot create approval request.",
|
|
106
|
+
});
|
|
107
|
+
return {
|
|
108
|
+
enforceDecision: "require_approval",
|
|
109
|
+
approvalBlock: approvalBlockNoToken(),
|
|
110
|
+
approvalRequestId: null,
|
|
111
|
+
};
|
|
112
|
+
}
|
|
113
|
+
const outcome = await resolveMutateApproval({
|
|
114
|
+
argv,
|
|
115
|
+
proposalKind: guardInput.proposal.kind,
|
|
116
|
+
storageRoot,
|
|
117
|
+
rawDisplay: guardInput.proposal.raw_command ?? argv.join(" "),
|
|
118
|
+
eventId,
|
|
119
|
+
policyRevision,
|
|
120
|
+
reasons,
|
|
121
|
+
sessionId: guardInput.context?.session_id ?? null,
|
|
122
|
+
environment: guardInput.context?.environment ?? null,
|
|
123
|
+
approval: guardInput.context?.approval ?? null,
|
|
124
|
+
waitMs: guardInput.context?.wait_ms ?? null,
|
|
125
|
+
tool_input_sha256: guardInput.context?.tool_input_sha256 ?? null,
|
|
126
|
+
approval_fingerprint: input.approval_fingerprint ?? null,
|
|
127
|
+
});
|
|
128
|
+
const mapped = approvalBlockFromOutcome(outcome, guardInput.context?.approval?.request_id ?? null);
|
|
129
|
+
if (outcome.kind === "allow" && outcome.ticketRecorded) {
|
|
130
|
+
reasons.push({
|
|
131
|
+
code: "execution_ticket_recorded",
|
|
132
|
+
message: "Recorded signed execution ticket for hooks (same argv within TTL).",
|
|
133
|
+
});
|
|
134
|
+
}
|
|
135
|
+
else if (outcome.kind === "allow" && !outcome.ticketRecorded) {
|
|
136
|
+
reasons.push({
|
|
137
|
+
code: "hook_credential_not_recorded",
|
|
138
|
+
message: "Execution ticket file was not recorded for hooks.",
|
|
139
|
+
});
|
|
140
|
+
}
|
|
141
|
+
else if (outcome.kind === "credential_not_recorded") {
|
|
142
|
+
reasons.push({
|
|
143
|
+
code: "hook_credential_not_recorded",
|
|
144
|
+
message: outcome.message,
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
else if (outcome.kind === "backend_unavailable") {
|
|
148
|
+
reasons.push({
|
|
149
|
+
code: "approval_backend_unavailable",
|
|
150
|
+
message: outcome.message,
|
|
151
|
+
});
|
|
152
|
+
}
|
|
153
|
+
return mapped;
|
|
154
|
+
}
|
|
155
|
+
//# sourceMappingURL=guard-approval-block.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-approval-block.js","sourceRoot":"","sources":["../../src/mcp/guard-approval-block.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAA2B,MAAM,yBAAyB,CAAC;AAczF,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,UAAU,EAAE,IAAI;QAChB,UAAU,EAAE,IAAI;QAChB,QAAQ,EAAE,IAAI;QACd,YAAY,EAAE,IAAI;QAClB,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,UAAU,EAAE,IAAI;QAChB,UAAU,EAAE,IAAI;QAChB,QAAQ,EAAE,IAAI;QACd,YAAY,EACV,yGAAyG;QAC3G,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAC/B,OAA2B,EAC3B,iBAAgC;IAEhC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YAC5B,OAAO;gBACL,eAAe,EAAE,kBAAkB;gBACnC,iBAAiB,EAAE,OAAO,CAAC,UAAU;gBACrC,aAAa,EAAE;oBACb,QAAQ,EAAE,IAAI;oBACd,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,UAAU,EAAE,IAAI;oBAChB,QAAQ,EAAE,IAAI;oBACd,YAAY,EACV,gIAAgI;oBAClI,QAAQ,EAAE,KAAK;oBACf,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC;aACF,CAAC;QACJ,CAAC;QACD,OAAO;YACL,eAAe,EAAE,OAAO;YACxB,iBAAiB,EAAE,OAAO,CAAC,UAAU;YACrC,aAAa,EAAE;gBACb,QAAQ,EAAE,KAAK;gBACf,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,UAAU,EAAE,IAAI;gBAChB,QAAQ,EAAE,IAAI;gBACd,YAAY,EACV,0FAA0F;gBAC5F,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC;SACF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;QAC/C,OAAO;YACL,eAAe,EAAE,kBAAkB;YACnC,iBAAiB,EAAE,OAAO,CAAC,UAAU;YACrC,aAAa,EAAE;gBACb,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,UAAU,EAAE,IAAI;gBAChB,QAAQ,EAAE,IAAI;gBACd,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,oGAAoG;gBACpI,QAAQ,EAAE,KAAK;gBACf,WAAW,EAAE,IAAI;aAClB;SACF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QACxC,OAAO;YACL,eAAe,EAAE,kBAAkB;YACnC,iBAAiB,EAAE,OAAO,CAAC,UAAU;YACrC,aAAa,EAAE;gBACb,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,YAAY,EACV,2KAA2K;gBAC7K,QAAQ,EAAE,KAAK;gBACf,WAAW,EAAE,IAAI;aAClB;SACF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,eAAe,EAAE,kBAAkB;QACnC,iBAAiB,EAAE,IAAI;QACvB,aAAa,EAAE;YACb,QAAQ,EAAE,IAAI;YACd,UAAU,EAAE,iBAAiB;YAC7B,UAAU,EAAE,IAAI;YAChB,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,2BAA2B,OAAO,CAAC,OAAO,0CAA0C;YAClG,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,IAAI;SAClB;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAAC,KAQlD;IAKC,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC;IAElF,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,iDAAiD;SAC3D,CAAC,CAAC;QACH,OAAO;YACL,eAAe,EAAE,kBAAkB;YACnC,aAAa,EAAE,oBAAoB,EAAE;YACrC,iBAAiB,EAAE,IAAI;SACxB,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC;QAC1C,IAAI;QACJ,YAAY,EAAE,UAAU,CAAC,QAAQ,CAAC,IAAI;QACtC,WAAW;QACX,UAAU,EAAE,UAAU,CAAC,QAAQ,CAAC,WAAW,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7D,OAAO;QACP,cAAc;QACd,OAAO;QACP,SAAS,EAAE,UAAU,CAAC,OAAO,EAAE,UAAU,IAAI,IAAI;QACjD,WAAW,EAAE,UAAU,CAAC,OAAO,EAAE,WAAW,IAAI,IAAI;QACpD,QAAQ,EAAE,UAAU,CAAC,OAAO,EAAE,QAAQ,IAAI,IAAI;QAC9C,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,OAAO,IAAI,IAAI;QAC3C,iBAAiB,EAAE,UAAU,CAAC,OAAO,EAAE,iBAAiB,IAAI,IAAI;QAChE,oBAAoB,EAAE,KAAK,CAAC,oBAAoB,IAAI,IAAI;KACzD,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,wBAAwB,CACrC,OAAO,EACP,UAAU,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,IAAI,IAAI,CACjD,CAAC;IAEF,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,oEAAoE;SAC9E,CAAC,CAAC;IACL,CAAC;SAAM,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,mDAAmD;SAC7D,CAAC,CAAC;IACL,CAAC;SAAM,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;SACzB,CAAC,CAAC;IACL,CAAC;SAAM,IAAI,OAAO,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;SACzB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
/** Reset adaptive heartbeat backoff after guard tool activity. */
|
|
2
|
+
export declare function resetHeartbeatIdle(): void;
|
|
3
|
+
export declare function sendGuardHeartbeat(): Promise<void>;
|
|
4
|
+
/** Send an initial heartbeat and schedule periodic idle heartbeats. */
|
|
5
|
+
export declare function startGuardHeartbeatLoop(): void;
|
|
6
|
+
//# sourceMappingURL=guard-heartbeat.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-heartbeat.d.ts","sourceRoot":"","sources":["../../src/mcp/guard-heartbeat.ts"],"names":[],"mappings":"AA6BA,kEAAkE;AAClE,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC;AAED,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC,CAmCxD;AAED,uEAAuE;AACvE,wBAAgB,uBAAuB,IAAI,IAAI,CAG9C"}
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
import { resolveGuardToken } from "../cli/credentials.js";
|
|
2
|
+
import { getInstallId } from "../cli/install-id.js";
|
|
3
|
+
import { AUDITOR_CLI_VERSION } from "../runtime/version.js";
|
|
4
|
+
import { prodFunctionUrl } from "../cli/function-url.js";
|
|
5
|
+
const DEFAULT_HEARTBEAT_URL = prodFunctionUrl("guardHeartbeat");
|
|
6
|
+
const HEARTBEAT_BASE_INTERVAL_MS = 5 * 60 * 1000;
|
|
7
|
+
const HEARTBEAT_MAX_INTERVAL_MS = 30 * 60 * 1000;
|
|
8
|
+
let heartbeatTimer = null;
|
|
9
|
+
let consecutiveIdleHeartbeats = 0;
|
|
10
|
+
function getNextHeartbeatInterval() {
|
|
11
|
+
if (consecutiveIdleHeartbeats < 3)
|
|
12
|
+
return HEARTBEAT_BASE_INTERVAL_MS;
|
|
13
|
+
return Math.min(HEARTBEAT_BASE_INTERVAL_MS * Math.pow(1.5, consecutiveIdleHeartbeats - 2), HEARTBEAT_MAX_INTERVAL_MS);
|
|
14
|
+
}
|
|
15
|
+
function scheduleNextHeartbeat() {
|
|
16
|
+
if (heartbeatTimer)
|
|
17
|
+
clearTimeout(heartbeatTimer);
|
|
18
|
+
heartbeatTimer = setTimeout(async () => {
|
|
19
|
+
consecutiveIdleHeartbeats++;
|
|
20
|
+
await sendGuardHeartbeat();
|
|
21
|
+
scheduleNextHeartbeat();
|
|
22
|
+
}, getNextHeartbeatInterval());
|
|
23
|
+
}
|
|
24
|
+
/** Reset adaptive heartbeat backoff after guard tool activity. */
|
|
25
|
+
export function resetHeartbeatIdle() {
|
|
26
|
+
consecutiveIdleHeartbeats = 0;
|
|
27
|
+
}
|
|
28
|
+
export async function sendGuardHeartbeat() {
|
|
29
|
+
const heartbeatUrl = process.env.PRAXIS_GUARD_HEARTBEAT_URL || DEFAULT_HEARTBEAT_URL;
|
|
30
|
+
const token = resolveGuardToken();
|
|
31
|
+
if (!token)
|
|
32
|
+
return;
|
|
33
|
+
const payload = {
|
|
34
|
+
installId: getInstallId(),
|
|
35
|
+
kind: "auditor-mcp",
|
|
36
|
+
version: AUDITOR_CLI_VERSION,
|
|
37
|
+
status: "running",
|
|
38
|
+
client: {
|
|
39
|
+
os: process.platform,
|
|
40
|
+
arch: process.arch,
|
|
41
|
+
node: process.version,
|
|
42
|
+
},
|
|
43
|
+
};
|
|
44
|
+
try {
|
|
45
|
+
const res = await fetch(heartbeatUrl, {
|
|
46
|
+
method: "POST",
|
|
47
|
+
headers: {
|
|
48
|
+
Authorization: `Bearer ${token}`,
|
|
49
|
+
"Content-Type": "application/json",
|
|
50
|
+
},
|
|
51
|
+
body: JSON.stringify(payload),
|
|
52
|
+
signal: AbortSignal.timeout(3000),
|
|
53
|
+
});
|
|
54
|
+
if (!res.ok) {
|
|
55
|
+
process.stderr.write(`[auditor:mcp] heartbeat failed (${res.status}).\n`);
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
catch (err) {
|
|
59
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
60
|
+
process.stderr.write(`[auditor:mcp] heartbeat error: ${msg}\n`);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
/** Send an initial heartbeat and schedule periodic idle heartbeats. */
|
|
64
|
+
export function startGuardHeartbeatLoop() {
|
|
65
|
+
void sendGuardHeartbeat();
|
|
66
|
+
scheduleNextHeartbeat();
|
|
67
|
+
}
|
|
68
|
+
//# sourceMappingURL=guard-heartbeat.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-heartbeat.js","sourceRoot":"","sources":["../../src/mcp/guard-heartbeat.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,MAAM,qBAAqB,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;AAEhE,MAAM,0BAA0B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AACjD,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AACjD,IAAI,cAAc,GAAyC,IAAI,CAAC;AAChE,IAAI,yBAAyB,GAAG,CAAC,CAAC;AAElC,SAAS,wBAAwB;IAC/B,IAAI,yBAAyB,GAAG,CAAC;QAAE,OAAO,0BAA0B,CAAC;IACrE,OAAO,IAAI,CAAC,GAAG,CACb,0BAA0B,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,yBAAyB,GAAG,CAAC,CAAC,EACzE,yBAAyB,CAC1B,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB;IAC5B,IAAI,cAAc;QAAE,YAAY,CAAC,cAAc,CAAC,CAAC;IACjD,cAAc,GAAG,UAAU,CAAC,KAAK,IAAI,EAAE;QACrC,yBAAyB,EAAE,CAAC;QAC5B,MAAM,kBAAkB,EAAE,CAAC;QAC3B,qBAAqB,EAAE,CAAC;IAC1B,CAAC,EAAE,wBAAwB,EAAE,CAAC,CAAC;AACjC,CAAC;AAED,kEAAkE;AAClE,MAAM,UAAU,kBAAkB;IAChC,yBAAyB,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,qBAAqB,CAAC;IACrF,MAAM,KAAK,GAAG,iBAAiB,EAAE,CAAC;IAClC,IAAI,CAAC,KAAK;QAAE,OAAO;IAEnB,MAAM,OAAO,GAAG;QACd,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,mBAAmB;QAC5B,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE;YACN,EAAE,EAAE,OAAO,CAAC,QAAQ;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,OAAO;SACtB;KACF,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,KAAK,EAAE;gBAChC,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAC7B,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,GAAG,CAAC,MAAM,MAAM,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,GAAG,IAAI,CAAC,CAAC;IAClE,CAAC;AACH,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,uBAAuB;IACrC,KAAK,kBAAkB,EAAE,CAAC;IAC1B,qBAAqB,EAAE,CAAC;AAC1B,CAAC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export declare const GuardModeSchema: z.ZodEnum<{
|
|
3
|
+
shadow: "shadow";
|
|
4
|
+
enforce: "enforce";
|
|
5
|
+
}>;
|
|
6
|
+
export declare const ProposalKindSchema: z.ZodEnum<{
|
|
7
|
+
shell: "shell";
|
|
8
|
+
mcp: "mcp";
|
|
9
|
+
}>;
|
|
10
|
+
export declare const GuardInputSchema: z.ZodObject<{
|
|
11
|
+
mode: z.ZodEnum<{
|
|
12
|
+
shadow: "shadow";
|
|
13
|
+
enforce: "enforce";
|
|
14
|
+
}>;
|
|
15
|
+
proposal: z.ZodObject<{
|
|
16
|
+
kind: z.ZodEnum<{
|
|
17
|
+
shell: "shell";
|
|
18
|
+
mcp: "mcp";
|
|
19
|
+
}>;
|
|
20
|
+
argv: z.ZodArray<z.ZodString>;
|
|
21
|
+
cwd: z.ZodOptional<z.ZodString>;
|
|
22
|
+
raw_command: z.ZodOptional<z.ZodString>;
|
|
23
|
+
}, z.core.$strip>;
|
|
24
|
+
context: z.ZodOptional<z.ZodObject<{
|
|
25
|
+
provider: z.ZodOptional<z.ZodString>;
|
|
26
|
+
session_id: z.ZodOptional<z.ZodString>;
|
|
27
|
+
trace_id: z.ZodOptional<z.ZodString>;
|
|
28
|
+
agent_id: z.ZodOptional<z.ZodString>;
|
|
29
|
+
user_id: z.ZodOptional<z.ZodString>;
|
|
30
|
+
environment: z.ZodOptional<z.ZodString>;
|
|
31
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
32
|
+
request_id: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
33
|
+
grant: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
34
|
+
}, z.core.$strip>>;
|
|
35
|
+
wait_ms: z.ZodOptional<z.ZodNumber>;
|
|
36
|
+
tool_input_sha256: z.ZodOptional<z.ZodNullable<z.ZodString>>;
|
|
37
|
+
}, z.core.$strip>>;
|
|
38
|
+
}, z.core.$strip>;
|
|
39
|
+
export type GuardInput = z.infer<typeof GuardInputSchema>;
|
|
40
|
+
export declare const GUARD_TOOL_DESCRIPTION: string;
|
|
41
|
+
export declare const GUARD_WAIT_TOOL_DESCRIPTION: string;
|
|
42
|
+
//# sourceMappingURL=guard-schemas.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-schemas.d.ts","sourceRoot":"","sources":["../../src/mcp/guard-schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,eAAe;;;EAAgC,CAAC;AAC7D,eAAO,MAAM,kBAAkB;;;EAA2B,CAAC;AAS3D,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAqB3B,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,sBAAsB,QAI8E,CAAC;AAElH,eAAO,MAAM,2BAA2B,QAGyE,CAAC"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export const GuardModeSchema = z.enum(["shadow", "enforce"]);
|
|
3
|
+
export const ProposalKindSchema = z.enum(["shell", "mcp"]);
|
|
4
|
+
const ApprovalContextSchema = z
|
|
5
|
+
.object({
|
|
6
|
+
request_id: z.string().nullable().optional(),
|
|
7
|
+
grant: z.string().nullable().optional(),
|
|
8
|
+
})
|
|
9
|
+
.optional();
|
|
10
|
+
export const GuardInputSchema = z.object({
|
|
11
|
+
mode: GuardModeSchema,
|
|
12
|
+
proposal: z.object({
|
|
13
|
+
kind: ProposalKindSchema,
|
|
14
|
+
argv: z.array(z.string()).min(1),
|
|
15
|
+
cwd: z.string().optional(),
|
|
16
|
+
raw_command: z.string().optional(),
|
|
17
|
+
}),
|
|
18
|
+
context: z
|
|
19
|
+
.object({
|
|
20
|
+
provider: z.string().optional(),
|
|
21
|
+
session_id: z.string().optional(),
|
|
22
|
+
trace_id: z.string().optional(),
|
|
23
|
+
agent_id: z.string().optional(),
|
|
24
|
+
user_id: z.string().optional(),
|
|
25
|
+
environment: z.string().optional(),
|
|
26
|
+
approval: ApprovalContextSchema,
|
|
27
|
+
wait_ms: z.number().int().nonnegative().optional(),
|
|
28
|
+
tool_input_sha256: z.string().nullable().optional(),
|
|
29
|
+
})
|
|
30
|
+
.optional(),
|
|
31
|
+
});
|
|
32
|
+
export const GUARD_TOOL_DESCRIPTION = "Policy gatekeeper for agent actions. Evaluates a proposal argv against policies.v1.json. " +
|
|
33
|
+
"Required `mode`: `shadow` (dry-run — response `decision` is always `allow`; see `shadow` for the policy verdict) " +
|
|
34
|
+
"or `enforce` (coordination — real `allow` / `require_approval` / `block`; runs human approval for MUTATE). " +
|
|
35
|
+
"For MUTATE after approval, pass `context.approval.request_id` (and optional `grant`) from the app or dev CLI.";
|
|
36
|
+
export const GUARD_WAIT_TOOL_DESCRIPTION = "Poll until a MUTATE approval request is approved, redeem grant, and record a signed execution ticket for hooks. " +
|
|
37
|
+
"Uses enforce semantics (approval backend). Prefer this over a separate `guard` + retry. " +
|
|
38
|
+
"Set `context.wait_ms` (e.g. 120000) and `context.approval.request_id` from hook deny or a prior `guard` call.";
|
|
39
|
+
//# sourceMappingURL=guard-schemas.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-schemas.js","sourceRoot":"","sources":["../../src/mcp/guard-schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;AAC7D,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAE3D,MAAM,qBAAqB,GAAG,CAAC;KAC5B,MAAM,CAAC;IACN,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC5C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CACxC,CAAC;KACD,QAAQ,EAAE,CAAC;AAEd,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,IAAI,EAAE,eAAe;IACrB,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC;QACjB,IAAI,EAAE,kBAAkB;QACxB,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC1B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACnC,CAAC;IACF,OAAO,EAAE,CAAC;SACP,MAAM,CAAC;QACN,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC9B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAClC,QAAQ,EAAE,qBAAqB;QAC/B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;QAClD,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;KACpD,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAIH,MAAM,CAAC,MAAM,sBAAsB,GACjC,2FAA2F;IAC3F,mHAAmH;IACnH,6GAA6G;IAC7G,+GAA+G,CAAC;AAElH,MAAM,CAAC,MAAM,2BAA2B,GACtC,kHAAkH;IAClH,0FAA0F;IAC1F,+GAA+G,CAAC"}
|