npm - @relayplane/proxy - Versions diffs - 1.9.25 → 1.9.27 - Mend

@relayplane/proxy 1.9.25 → 1.9.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/kill-switch.d.ts +83 -0
package/dist/kill-switch.d.ts.map +1 -0
package/dist/kill-switch.js +208 -0
package/dist/kill-switch.js.map +1 -0
package/dist/spec-match-plugin.d.ts +99 -0
package/dist/spec-match-plugin.d.ts.map +1 -0
package/dist/spec-match-plugin.js +206 -0
package/dist/spec-match-plugin.js.map +1 -0
package/dist/tenant-isolation.d.ts +121 -0
package/dist/tenant-isolation.d.ts.map +1 -0
package/dist/tenant-isolation.js +272 -0
package/dist/tenant-isolation.js.map +1 -0
package/dist/tool-search-semantic.d.ts +12 -0
package/dist/tool-search-semantic.d.ts.map +1 -0
package/dist/tool-search-semantic.js +52 -0
package/dist/tool-search-semantic.js.map +1 -0
package/package.json +1 -1

package/dist/kill-switch.d.ts ADDED Viewed

@@ -0,0 +1,83 @@
+/**
+ * Kill-Switch API
+ *
+ * Instantly halts ALL traffic for a specific tenant. Designed for:
+ * - Runaway agent loops detected by anomaly monitoring
+ * - Billing emergencies (unexpected spend spike)
+ * - Security incidents requiring immediate isolation
+ * - Client-requested suspension
+ *
+ * The kill-switch is checked in-memory first (O(1), no disk I/O) on every
+ * request so it activates within a single request cycle — effectively
+ * instantaneous. The flag is also persisted to disk so it survives proxy
+ * restarts.
+ *
+ * HTTP API (served by the proxy server):
+ *   POST   /v1/tenants/:tenantId/kill    { reason?: string } → activates
+ *   DELETE /v1/tenants/:tenantId/kill                        → lifts
+ *   GET    /v1/tenants/:tenantId/kill                        → status
+ */
+export interface KillSwitchEntry {
+    tenant_id: string;
+    active: boolean;
+    reason?: string;
+    activated_at?: string;
+    activated_by?: string;
+    lifted_at?: string;
+    lifted_by?: string;
+}
+export interface KillSwitchStore {
+    entries: Record<string, KillSwitchEntry>;
+    updated_at: string;
+}
+export interface ActivateOptions {
+    reason?: string;
+    activated_by?: string;
+}
+export interface LiftOptions {
+    lifted_by?: string;
+}
+/**
+ * KillSwitchManager provides instant tenant traffic halting with persistence.
+ *
+ * Thread-safety note: this is single-process Node.js, so the in-memory Set
+ * is the authoritative source of truth for the hot path. Disk writes are
+ * fire-and-forget for persistence across restarts.
+ */
+export declare class KillSwitchManager {
+    private storePath;
+    private activeKillSwitches;
+    private entries;
+    constructor(storePath?: string);
+    private load;
+    private persist;
+    /**
+     * Activate kill-switch for a tenant. Subsequent isActive() checks return
+     * true immediately (in-memory). Fire-and-forget persist to disk.
+     */
+    activate(tenantId: string, options?: ActivateOptions): KillSwitchEntry;
+    /**
+     * Lift kill-switch for a tenant. Requests resume immediately.
+     * Returns false if no active kill-switch was found.
+     */
+    lift(tenantId: string, options?: LiftOptions): boolean;
+    /**
+     * Check if a kill-switch is active for a tenant.
+     * O(1) — reads only from the in-memory Set.
+     */
+    isActive(tenantId: string): boolean;
+    /** Get the full kill-switch entry for a tenant. */
+    getEntry(tenantId: string): KillSwitchEntry | undefined;
+    /** List all kill-switch entries (active and historical). */
+    listAll(): KillSwitchEntry[];
+    /** List only currently active kill-switches. */
+    listActive(): KillSwitchEntry[];
+    /**
+     * Build the response payload for a blocked request.
+     * Use with HTTP 429 status and x-relayplane-kill-switch: true header.
+     */
+    buildBlockedResponse(tenantId: string): object;
+}
+export declare function getKillSwitchManager(storePath?: string): KillSwitchManager;
+export declare function resetKillSwitchManager(): void;
+//# sourceMappingURL=kill-switch.d.ts.map

package/dist/kill-switch.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"kill-switch.d.ts","sourceRoot":"","sources":["../src/kill-switch.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAMH,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IACzC,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAQD;;;;;;GAMG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,kBAAkB,CAA0B;IACpD,OAAO,CAAC,OAAO,CAA2C;gBAE9C,SAAS,CAAC,EAAE,MAAM;IAM9B,OAAO,CAAC,IAAI;IAcZ,OAAO,CAAC,OAAO;IAef;;;OAGG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,GAAE,eAAoB,GAAG,eAAe;IAwB1E;;;OAGG;IACH,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,GAAE,WAAgB,GAAG,OAAO;IAwB1D;;;OAGG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAInC,mDAAmD;IACnD,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;IAIvD,4DAA4D;IAC5D,OAAO,IAAI,eAAe,EAAE;IAI5B,gDAAgD;IAChD,UAAU,IAAI,eAAe,EAAE;IAI/B;;;OAGG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;CAa/C;AAKD,wBAAgB,oBAAoB,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAG1E;AAED,wBAAgB,sBAAsB,IAAI,IAAI,CAE7C"}

package/dist/kill-switch.js ADDED Viewed

@@ -0,0 +1,208 @@
+"use strict";
+/**
+ * Kill-Switch API
+ *
+ * Instantly halts ALL traffic for a specific tenant. Designed for:
+ * - Runaway agent loops detected by anomaly monitoring
+ * - Billing emergencies (unexpected spend spike)
+ * - Security incidents requiring immediate isolation
+ * - Client-requested suspension
+ *
+ * The kill-switch is checked in-memory first (O(1), no disk I/O) on every
+ * request so it activates within a single request cycle — effectively
+ * instantaneous. The flag is also persisted to disk so it survives proxy
+ * restarts.
+ *
+ * HTTP API (served by the proxy server):
+ *   POST   /v1/tenants/:tenantId/kill    { reason?: string } → activates
+ *   DELETE /v1/tenants/:tenantId/kill                        → lifts
+ *   GET    /v1/tenants/:tenantId/kill                        → status
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KillSwitchManager = void 0;
+exports.getKillSwitchManager = getKillSwitchManager;
+exports.resetKillSwitchManager = resetKillSwitchManager;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+function resolveRelayplaneDir() {
+    const homeOverride = process.env['RELAYPLANE_HOME_OVERRIDE'];
+    const base = homeOverride ?? os.homedir();
+    return path.join(base, '.relayplane');
+}
+/**
+ * KillSwitchManager provides instant tenant traffic halting with persistence.
+ *
+ * Thread-safety note: this is single-process Node.js, so the in-memory Set
+ * is the authoritative source of truth for the hot path. Disk writes are
+ * fire-and-forget for persistence across restarts.
+ */
+class KillSwitchManager {
+    storePath;
+    activeKillSwitches = new Set();
+    entries = new Map();
+    constructor(storePath) {
+        const dir = resolveRelayplaneDir();
+        this.storePath = storePath ?? path.join(dir, 'kill-switches.json');
+        this.load();
+    }
+    load() {
+        if (fs.existsSync(this.storePath)) {
+            try {
+                const store = JSON.parse(fs.readFileSync(this.storePath, 'utf-8'));
+                for (const [id, entry] of Object.entries(store.entries)) {
+                    this.entries.set(id, entry);
+                    if (entry.active)
+                        this.activeKillSwitches.add(id);
+                }
+            }
+            catch {
+                // Corrupt store — start fresh
+            }
+        }
+    }
+    persist() {
+        const dir = path.dirname(this.storePath);
+        if (!fs.existsSync(dir))
+            fs.mkdirSync(dir, { recursive: true });
+        const store = {
+            entries: Object.fromEntries(this.entries),
+            updated_at: new Date().toISOString(),
+        };
+        // Atomic write
+        const tmp = this.storePath + '.tmp';
+        fs.writeFileSync(tmp, JSON.stringify(store, null, 2));
+        fs.renameSync(tmp, this.storePath);
+    }
+    /**
+     * Activate kill-switch for a tenant. Subsequent isActive() checks return
+     * true immediately (in-memory). Fire-and-forget persist to disk.
+     */
+    activate(tenantId, options = {}) {
+        const now = new Date().toISOString();
+        const entry = {
+            tenant_id: tenantId,
+            active: true,
+            reason: options.reason,
+            activated_at: now,
+            activated_by: options.activated_by,
+        };
+        // In-memory first (hot path)
+        this.activeKillSwitches.add(tenantId);
+        this.entries.set(tenantId, entry);
+        // Persist (async-ish — but Node.js writeFileSync is sync, this is fast enough)
+        try {
+            this.persist();
+        }
+        catch {
+            // Don't throw — in-memory state is authoritative
+        }
+        return entry;
+    }
+    /**
+     * Lift kill-switch for a tenant. Requests resume immediately.
+     * Returns false if no active kill-switch was found.
+     */
+    lift(tenantId, options = {}) {
+        if (!this.activeKillSwitches.has(tenantId))
+            return false;
+        const now = new Date().toISOString();
+        const existing = this.entries.get(tenantId);
+        const entry = {
+            ...(existing ?? { tenant_id: tenantId }),
+            active: false,
+            lifted_at: now,
+            lifted_by: options.lifted_by,
+        };
+        this.activeKillSwitches.delete(tenantId);
+        this.entries.set(tenantId, entry);
+        try {
+            this.persist();
+        }
+        catch {
+            // In-memory state is authoritative
+        }
+        return true;
+    }
+    /**
+     * Check if a kill-switch is active for a tenant.
+     * O(1) — reads only from the in-memory Set.
+     */
+    isActive(tenantId) {
+        return this.activeKillSwitches.has(tenantId);
+    }
+    /** Get the full kill-switch entry for a tenant. */
+    getEntry(tenantId) {
+        return this.entries.get(tenantId);
+    }
+    /** List all kill-switch entries (active and historical). */
+    listAll() {
+        return Array.from(this.entries.values());
+    }
+    /** List only currently active kill-switches. */
+    listActive() {
+        return Array.from(this.entries.values()).filter(e => e.active);
+    }
+    /**
+     * Build the response payload for a blocked request.
+     * Use with HTTP 429 status and x-relayplane-kill-switch: true header.
+     */
+    buildBlockedResponse(tenantId) {
+        const entry = this.entries.get(tenantId);
+        return {
+            error: {
+                type: 'kill_switch_active',
+                message: `All traffic for tenant '${tenantId}' has been suspended.`,
+                tenant_id: tenantId,
+                activated_at: entry?.activated_at,
+                reason: entry?.reason ?? 'No reason provided.',
+                contact: 'Contact your RelayPlane administrator to lift the kill-switch.',
+            },
+        };
+    }
+}
+exports.KillSwitchManager = KillSwitchManager;
+/** Singleton instance. */
+let _instance;
+function getKillSwitchManager(storePath) {
+    if (!_instance)
+        _instance = new KillSwitchManager(storePath);
+    return _instance;
+}
+function resetKillSwitchManager() {
+    _instance = undefined;
+}
+//# sourceMappingURL=kill-switch.js.map

package/dist/kill-switch.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"kill-switch.js","sourceRoot":"","sources":["../src/kill-switch.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwLH,oDAGC;AAED,wDAEC;AA7LD,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AA0BzB,SAAS,oBAAoB;IAC3B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,YAAY,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;IAC1C,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;GAMG;AACH,MAAa,iBAAiB;IACpB,SAAS,CAAS;IAClB,kBAAkB,GAAgB,IAAI,GAAG,EAAE,CAAC;IAC5C,OAAO,GAAiC,IAAI,GAAG,EAAE,CAAC;IAE1D,YAAY,SAAkB;QAC5B,MAAM,GAAG,GAAG,oBAAoB,EAAE,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;QACnE,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;IAEO,IAAI;QACV,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAoB,CAAC;gBACtF,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBACxD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;oBAC5B,IAAI,KAAK,CAAC,MAAM;wBAAE,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,8BAA8B;YAChC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,OAAO;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhE,MAAM,KAAK,GAAoB;YAC7B,OAAO,EAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC;YACzC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAC;QAEF,eAAe;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC;QACpC,EAAE,CAAC,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,QAAgB,EAAE,UAA2B,EAAE;QACtD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,KAAK,GAAoB;YAC7B,SAAS,EAAE,QAAQ;YACnB,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,YAAY,EAAE,GAAG;YACjB,YAAY,EAAE,OAAO,CAAC,YAAY;SACnC,CAAC;QAEF,6BAA6B;QAC7B,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAElC,+EAA+E;QAC/E,IAAI,CAAC;YACH,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;OAGG;IACH,IAAI,CAAC,QAAgB,EAAE,UAAuB,EAAE;QAC9C,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,OAAO,KAAK,CAAC;QAEzD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,KAAK,GAAoB;YAC7B,GAAG,CAAC,QAAQ,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;YACxC,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;QAEF,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAElC,IAAI,CAAC;YACH,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,QAAgB;QACvB,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED,mDAAmD;IACnD,QAAQ,CAAC,QAAgB;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,4DAA4D;IAC5D,OAAO;QACL,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,gDAAgD;IAChD,UAAU;QACR,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACjE,CAAC;IAED;;;OAGG;IACH,oBAAoB,CAAC,QAAgB;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACzC,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,2BAA2B,QAAQ,uBAAuB;gBACnE,SAAS,EAAE,QAAQ;gBACnB,YAAY,EAAE,KAAK,EAAE,YAAY;gBACjC,MAAM,EAAE,KAAK,EAAE,MAAM,IAAI,qBAAqB;gBAC9C,OAAO,EAAE,gEAAgE;aAC1E;SACF,CAAC;IACJ,CAAC;CACF;AAxID,8CAwIC;AAED,0BAA0B;AAC1B,IAAI,SAAwC,CAAC;AAE7C,SAAgB,oBAAoB,CAAC,SAAkB;IACrD,IAAI,CAAC,SAAS;QAAE,SAAS,GAAG,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAgB,sBAAsB;IACpC,SAAS,GAAG,SAAS,CAAC;AACxB,CAAC"}

package/dist/spec-match-plugin.d.ts ADDED Viewed

@@ -0,0 +1,99 @@
+/**
+ * Spec-Match Verification Plugin
+ *
+ * Before an agent marks a task complete, the orchestrator POSTs the task's
+ * acceptance criteria + the agent's output (diff, text, screenshots) to
+ * RelayPlane's /v1/spec-match endpoint. This plugin uses a cheap LLM
+ * (Haiku by default) to evaluate whether the output satisfies each criterion.
+ *
+ * Returns a structured pass/fail result with per-criterion evidence and
+ * confidence scores. Only pass:true results should proceed to production.
+ *
+ * Use in Matt's swarm: every coder task dispatch includes acceptance_criteria.
+ * On completion, orchestrator calls spec-match. Failing results trigger retry
+ * with escalation before the verifier agent sees the output.
+ */
+export interface AcceptanceCriterion {
+    /** Short identifier, e.g. "hero-headline-changed" */
+    id: string;
+    /** Human-readable description of what must be true */
+    description: string;
+    /** How critical this criterion is */
+    severity: 'blocker' | 'major' | 'minor';
+}
+export interface SpecMatchRequest {
+    /** Task title or identifier for trace logging */
+    task_id: string;
+    /** Tenant this evaluation belongs to */
+    tenant_id?: string;
+    /** List of acceptance criteria to evaluate */
+    acceptance_criteria: AcceptanceCriterion[];
+    /**
+     * The agent's output to evaluate against criteria.
+     * At least one of diff, output_text, or screenshots must be provided.
+     */
+    diff?: string;
+    output_text?: string;
+    /** Base64-encoded PNG screenshots, or URLs */
+    screenshots?: string[];
+    /** Override the default evaluation model */
+    model_override?: string;
+    /** If true, include the full LLM prompt/response in the result */
+    debug?: boolean;
+}
+export interface CriterionResult {
+    criterion_id: string;
+    criterion_description: string;
+    met: boolean;
+    evidence: string;
+    confidence: 'high' | 'medium' | 'low';
+    severity: 'blocker' | 'major' | 'minor';
+}
+export interface SpecMatchResult {
+    /** True if all blocker criteria are met */
+    pass: boolean;
+    /** 0–100 score (percentage of weighted criteria met) */
+    score: number;
+    /** Per-criterion results */
+    criteria_results: CriterionResult[];
+    /** Criteria with severity=blocker that were not met */
+    blockers: string[];
+    /** Criteria with severity=major that were not met */
+    warnings: string[];
+    /** Model used for evaluation */
+    model_used: string;
+    /** Estimated cost of the spec-match call in USD */
+    cost_usd: number;
+    /** Trace ID for audit linking */
+    trace_id: string;
+    /** ISO timestamp */
+    evaluated_at: string;
+    /** Only present when request.debug=true */
+    debug_prompt?: string;
+    debug_response?: string;
+}
+export interface SpecMatchPluginOptions {
+    /** Anthropic-compatible base URL (defaults to https://api.anthropic.com) */
+    apiBaseUrl?: string;
+    /** API key for the evaluation model */
+    apiKey?: string;
+    /** Model to use for evaluation (default: claude-haiku-4-5-20251001) */
+    defaultModel?: string;
+    /** Max tokens for the evaluation response (default: 2048) */
+    maxTokens?: number;
+}
+/**
+ * SpecMatchPlugin evaluates agent output against acceptance criteria using
+ * an LLM judge. Use this at task completion before marking work as done.
+ */
+export declare class SpecMatchPlugin {
+    private apiBaseUrl;
+    private apiKey;
+    private defaultModel;
+    private maxTokens;
+    constructor(options?: SpecMatchPluginOptions);
+    evaluate(request: SpecMatchRequest): Promise<SpecMatchResult>;
+}
+export declare function getSpecMatchPlugin(options?: SpecMatchPluginOptions): SpecMatchPlugin;
+export declare function resetSpecMatchPlugin(): void;
+//# sourceMappingURL=spec-match-plugin.d.ts.map

package/dist/spec-match-plugin.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"spec-match-plugin.d.ts","sourceRoot":"","sources":["../src/spec-match-plugin.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,MAAM,WAAW,mBAAmB;IAClC,qDAAqD;IACrD,EAAE,EAAE,MAAM,CAAC;IACX,sDAAsD;IACtD,WAAW,EAAE,MAAM,CAAC;IACpB,qCAAqC;IACrC,QAAQ,EAAE,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC/B,iDAAiD;IACjD,OAAO,EAAE,MAAM,CAAC;IAChB,wCAAwC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,8CAA8C;IAC9C,mBAAmB,EAAE,mBAAmB,EAAE,CAAC;IAC3C;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,4CAA4C;IAC5C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kEAAkE;IAClE,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,GAAG,EAAE,OAAO,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,QAAQ,EAAE,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,eAAe;IAC9B,2CAA2C;IAC3C,IAAI,EAAE,OAAO,CAAC;IACd,wDAAwD;IACxD,KAAK,EAAE,MAAM,CAAC;IACd,4BAA4B;IAC5B,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,uDAAuD;IACvD,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,qDAAqD;IACrD,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gCAAgC;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,mDAAmD;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,2CAA2C;IAC3C,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,4EAA4E;IAC5E,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uEAAuE;IACvE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,6DAA6D;IAC7D,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAsDD;;;GAGG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,SAAS,CAAS;gBAEd,OAAO,GAAE,sBAA2B;IAO1C,QAAQ,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;CAiIpE;AAKD,wBAAgB,kBAAkB,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,eAAe,CAGpF;AAED,wBAAgB,oBAAoB,IAAI,IAAI,CAE3C"}

package/dist/spec-match-plugin.js ADDED Viewed

@@ -0,0 +1,206 @@
+"use strict";
+/**
+ * Spec-Match Verification Plugin
+ *
+ * Before an agent marks a task complete, the orchestrator POSTs the task's
+ * acceptance criteria + the agent's output (diff, text, screenshots) to
+ * RelayPlane's /v1/spec-match endpoint. This plugin uses a cheap LLM
+ * (Haiku by default) to evaluate whether the output satisfies each criterion.
+ *
+ * Returns a structured pass/fail result with per-criterion evidence and
+ * confidence scores. Only pass:true results should proceed to production.
+ *
+ * Use in Matt's swarm: every coder task dispatch includes acceptance_criteria.
+ * On completion, orchestrator calls spec-match. Failing results trigger retry
+ * with escalation before the verifier agent sees the output.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SpecMatchPlugin = void 0;
+exports.getSpecMatchPlugin = getSpecMatchPlugin;
+exports.resetSpecMatchPlugin = resetSpecMatchPlugin;
+/** Haiku price per 1M tokens (input/output) for cost estimation */
+const HAIKU_INPUT_COST_PER_1M = 0.80;
+const HAIKU_OUTPUT_COST_PER_1M = 4.00;
+function buildEvaluationPrompt(request) {
+    const criteriaList = request.acceptance_criteria
+        .map((c, i) => `${i + 1}. [${c.id}] (${c.severity}) ${c.description}`)
+        .join('\n');
+    const outputSections = [];
+    if (request.diff)
+        outputSections.push(`<diff>\n${request.diff}\n</diff>`);
+    if (request.output_text)
+        outputSections.push(`<output>\n${request.output_text}\n</output>`);
+    if (request.screenshots?.length) {
+        outputSections.push(`<screenshots>${request.screenshots.length} screenshot(s) provided.</screenshots>`);
+    }
+    return `You are a strict QA evaluator. Evaluate whether the agent's output satisfies each acceptance criterion below.
+<acceptance_criteria>
+${criteriaList}
+</acceptance_criteria>
+<agent_output>
+${outputSections.join('\n\n')}
+</agent_output>
+For each criterion, respond with a JSON array. Each element must be:
+{
+  "criterion_id": "<id from above>",
+  "met": true|false,
+  "evidence": "<one sentence citing specific evidence from the output>",
+  "confidence": "high"|"medium"|"low"
+}
+Rules:
+- met:true only when you see clear, direct evidence in the output
+- confidence:high = definitive evidence; medium = likely but not certain; low = cannot tell
+- For missing/unclear evidence, met:false with confidence:low
+- Do not infer; evaluate only what is present
+Respond with ONLY the JSON array. No preamble.`;
+}
+function estimateCost(inputTokens, outputTokens) {
+    return (inputTokens / 1_000_000) * HAIKU_INPUT_COST_PER_1M +
+        (outputTokens / 1_000_000) * HAIKU_OUTPUT_COST_PER_1M;
+}
+function buildTraceId() {
+    return `sm_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 8)}`;
+}
+/**
+ * SpecMatchPlugin evaluates agent output against acceptance criteria using
+ * an LLM judge. Use this at task completion before marking work as done.
+ */
+class SpecMatchPlugin {
+    apiBaseUrl;
+    apiKey;
+    defaultModel;
+    maxTokens;
+    constructor(options = {}) {
+        this.apiBaseUrl = options.apiBaseUrl ?? (process.env['ANTHROPIC_BASE_URL'] ?? 'https://api.anthropic.com');
+        this.apiKey = options.apiKey ?? (process.env['ANTHROPIC_API_KEY'] ?? '');
+        this.defaultModel = options.defaultModel ?? 'claude-haiku-4-5-20251001';
+        this.maxTokens = options.maxTokens ?? 2048;
+    }
+    async evaluate(request) {
+        const traceId = buildTraceId();
+        const model = request.model_override ?? this.defaultModel;
+        const prompt = buildEvaluationPrompt(request);
+        let rawResponse = '';
+        let inputTokens = 0;
+        let outputTokens = 0;
+        try {
+            const response = await fetch(`${this.apiBaseUrl}/v1/messages`, {
+                method: 'POST',
+                headers: {
+                    'content-type': 'application/json',
+                    'x-api-key': this.apiKey,
+                    'anthropic-version': '2023-06-01',
+                },
+                body: JSON.stringify({
+                    model,
+                    max_tokens: this.maxTokens,
+                    messages: [{ role: 'user', content: prompt }],
+                }),
+            });
+            if (!response.ok) {
+                const errText = await response.text();
+                throw new Error(`Spec-match LLM call failed: ${response.status} ${errText}`);
+            }
+            const body = await response.json();
+            rawResponse = body.content.find(c => c.type === 'text')?.text ?? '[]';
+            inputTokens = body.usage?.input_tokens ?? Math.ceil(prompt.length / 4);
+            outputTokens = body.usage?.output_tokens ?? Math.ceil(rawResponse.length / 4);
+        }
+        catch (err) {
+            // Return a graceful failure result rather than throwing
+            return {
+                pass: false,
+                score: 0,
+                criteria_results: request.acceptance_criteria.map(c => ({
+                    criterion_id: c.id,
+                    criterion_description: c.description,
+                    met: false,
+                    evidence: `Spec-match evaluation failed: ${err instanceof Error ? err.message : String(err)}`,
+                    confidence: 'low',
+                    severity: c.severity,
+                })),
+                blockers: request.acceptance_criteria.filter(c => c.severity === 'blocker').map(c => c.id),
+                warnings: request.acceptance_criteria.filter(c => c.severity === 'major').map(c => c.id),
+                model_used: model,
+                cost_usd: 0,
+                trace_id: traceId,
+                evaluated_at: new Date().toISOString(),
+            };
+        }
+        // Parse LLM response
+        let llmResults = [];
+        try {
+            // Strip markdown fences if present
+            const cleaned = rawResponse.replace(/^```json\n?/i, '').replace(/\n?```$/i, '').trim();
+            llmResults = JSON.parse(cleaned);
+        }
+        catch {
+            // Fallback: all criteria unmet if we can't parse
+            llmResults = request.acceptance_criteria.map(c => ({
+                criterion_id: c.id,
+                met: false,
+                evidence: 'Could not parse evaluator response.',
+                confidence: 'low',
+            }));
+        }
+        // Build per-criterion results
+        const criteriaMap = new Map(request.acceptance_criteria.map(c => [c.id, c]));
+        const criteriaResults = llmResults.map(r => {
+            const criterion = criteriaMap.get(r.criterion_id);
+            return {
+                criterion_id: r.criterion_id,
+                criterion_description: criterion?.description ?? r.criterion_id,
+                met: r.met,
+                evidence: r.evidence,
+                confidence: r.confidence,
+                severity: criterion?.severity ?? 'minor',
+            };
+        });
+        // Score: weighted by severity (blocker=3, major=2, minor=1)
+        const weights = { blocker: 3, major: 2, minor: 1 };
+        const totalWeight = criteriaResults.reduce((sum, c) => sum + weights[c.severity], 0);
+        const metWeight = criteriaResults
+            .filter(c => c.met)
+            .reduce((sum, c) => sum + weights[c.severity], 0);
+        const score = totalWeight > 0 ? Math.round((metWeight / totalWeight) * 100) : 100;
+        const blockers = criteriaResults
+            .filter(c => c.severity === 'blocker' && !c.met)
+            .map(c => c.criterion_id);
+        const warnings = criteriaResults
+            .filter(c => c.severity === 'major' && !c.met)
+            .map(c => c.criterion_id);
+        const result = {
+            pass: blockers.length === 0,
+            score,
+            criteria_results: criteriaResults,
+            blockers,
+            warnings,
+            model_used: model,
+            cost_usd: estimateCost(inputTokens, outputTokens),
+            trace_id: traceId,
+            evaluated_at: new Date().toISOString(),
+        };
+        if (request.debug) {
+            result.debug_prompt = prompt;
+            result.debug_response = rawResponse;
+        }
+        return result;
+    }
+}
+exports.SpecMatchPlugin = SpecMatchPlugin;
+/** Singleton instance. */
+let _instance;
+function getSpecMatchPlugin(options) {
+    if (!_instance)
+        _instance = new SpecMatchPlugin(options);
+    return _instance;
+}
+function resetSpecMatchPlugin() {
+    _instance = undefined;
+}
+//# sourceMappingURL=spec-match-plugin.js.map

package/dist/spec-match-plugin.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"spec-match-plugin.js","sourceRoot":"","sources":["../src/spec-match-plugin.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAuRH,gDAGC;AAED,oDAEC;AAlND,mEAAmE;AACnE,MAAM,uBAAuB,GAAG,IAAI,CAAC;AACrC,MAAM,wBAAwB,GAAG,IAAI,CAAC;AAEtC,SAAS,qBAAqB,CAAC,OAAyB;IACtD,MAAM,YAAY,GAAG,OAAO,CAAC,mBAAmB;SAC7C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;SACrE,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,IAAI,OAAO,CAAC,IAAI;QAAE,cAAc,CAAC,IAAI,CAAC,WAAW,OAAO,CAAC,IAAI,WAAW,CAAC,CAAC;IAC1E,IAAI,OAAO,CAAC,WAAW;QAAE,cAAc,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,WAAW,aAAa,CAAC,CAAC;IAC5F,IAAI,OAAO,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;QAChC,cAAc,CAAC,IAAI,CAAC,gBAAgB,OAAO,CAAC,WAAW,CAAC,MAAM,wCAAwC,CAAC,CAAC;IAC1G,CAAC;IAED,OAAO;;;EAGP,YAAY;;;;EAIZ,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC;;;;;;;;;;;;;;;;;+CAiBkB,CAAC;AAChD,CAAC;AAED,SAAS,YAAY,CAAC,WAAmB,EAAE,YAAoB;IAC7D,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,GAAG,uBAAuB;QACxD,CAAC,YAAY,GAAG,SAAS,CAAC,GAAG,wBAAwB,CAAC;AAC1D,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,MAAM,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;AACnF,CAAC;AAED;;;GAGG;AACH,MAAa,eAAe;IAClB,UAAU,CAAS;IACnB,MAAM,CAAS;IACf,YAAY,CAAS;IACrB,SAAS,CAAS;IAE1B,YAAY,UAAkC,EAAE;QAC9C,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAC3G,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,2BAA2B,CAAC;QACxE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAyB;QACtC,MAAM,OAAO,GAAG,YAAY,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,OAAO,CAAC,cAAc,IAAI,IAAI,CAAC,YAAY,CAAC;QAC1D,MAAM,MAAM,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAE9C,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,IAAI,YAAY,GAAG,CAAC,CAAC;QAErB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,UAAU,cAAc,EAAE;gBAC7D,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,WAAW,EAAE,IAAI,CAAC,MAAM;oBACxB,mBAAmB,EAAE,YAAY;iBAClC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK;oBACL,UAAU,EAAE,IAAI,CAAC,SAAS;oBAC1B,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;iBAC9C,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACtC,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,IAAI,OAAO,EAAE,CAAC,CAAC;YAC/E,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAG/B,CAAC;YAEF,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,EAAE,IAAI,IAAI,IAAI,CAAC;YACtE,WAAW,GAAG,IAAI,CAAC,KAAK,EAAE,YAAY,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACvE,YAAY,GAAG,IAAI,CAAC,KAAK,EAAE,aAAa,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAChF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,wDAAwD;YACxD,OAAO;gBACL,IAAI,EAAE,KAAK;gBACX,KAAK,EAAE,CAAC;gBACR,gBAAgB,EAAE,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBACtD,YAAY,EAAE,CAAC,CAAC,EAAE;oBAClB,qBAAqB,EAAE,CAAC,CAAC,WAAW;oBACpC,GAAG,EAAE,KAAK;oBACV,QAAQ,EAAE,iCAAiC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;oBAC7F,UAAU,EAAE,KAAK;oBACjB,QAAQ,EAAE,CAAC,CAAC,QAAQ;iBACrB,CAAC,CAAC;gBACH,QAAQ,EAAE,OAAO,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1F,QAAQ,EAAE,OAAO,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxF,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACvC,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,IAAI,UAAU,GAKT,EAAE,CAAC;QAER,IAAI,CAAC;YACH,mCAAmC;YACnC,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACvF,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;YACjD,UAAU,GAAG,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACjD,YAAY,EAAE,CAAC,CAAC,EAAE;gBAClB,GAAG,EAAE,KAAK;gBACV,QAAQ,EAAE,qCAAqC;gBAC/C,UAAU,EAAE,KAAc;aAC3B,CAAC,CAAC,CAAC;QACN,CAAC;QAED,8BAA8B;QAC9B,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,eAAe,GAAsB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC5D,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YAClD,OAAO;gBACL,YAAY,EAAE,CAAC,CAAC,YAAY;gBAC5B,qBAAqB,EAAE,SAAS,EAAE,WAAW,IAAI,CAAC,CAAC,YAAY;gBAC/D,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,QAAQ,EAAE,SAAS,EAAE,QAAQ,IAAI,OAAO;aACzC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QACnD,MAAM,WAAW,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;QACrF,MAAM,SAAS,GAAG,eAAe;aAC9B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;aAClB,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,MAAM,KAAK,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAElF,MAAM,QAAQ,GAAG,eAAe;aAC7B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;aAC/C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;QAC5B,MAAM,QAAQ,GAAG,eAAe;aAC7B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;aAC7C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;QAE5B,MAAM,MAAM,GAAoB;YAC9B,IAAI,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;YAC3B,KAAK;YACL,gBAAgB,EAAE,eAAe;YACjC,QAAQ;YACR,QAAQ;YACR,UAAU,EAAE,KAAK;YACjB,QAAQ,EAAE,YAAY,CAAC,WAAW,EAAE,YAAY,CAAC;YACjD,QAAQ,EAAE,OAAO;YACjB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvC,CAAC;QAEF,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC;YAC7B,MAAM,CAAC,cAAc,GAAG,WAAW,CAAC;QACtC,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AA9ID,0CA8IC;AAED,0BAA0B;AAC1B,IAAI,SAAsC,CAAC;AAE3C,SAAgB,kBAAkB,CAAC,OAAgC;IACjE,IAAI,CAAC,SAAS;QAAE,SAAS,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;IACzD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAgB,oBAAoB;IAClC,SAAS,GAAG,SAAS,CAAC;AACxB,CAAC"}

package/dist/tenant-isolation.d.ts ADDED Viewed

@@ -0,0 +1,121 @@
+/**
+ * Tenant Isolation — per-tenant request scoping for agent swarms.
+ *
+ * Each tenant gets an isolated lane: separate budget tracking, rate limits,
+ * audit namespace, and kill-switch flag. Tenant A's runaway agent can never
+ * affect Tenant B's traffic or billing.
+ *
+ * Tenants are identified by the `x-tenant-id` request header or by an API
+ * key prefix registered in config. The proxy strips tenant headers before
+ * forwarding to providers.
+ */
+export type TenantTier = 'free' | 'starter' | 'pro' | 'max' | 'enterprise';
+export interface TenantConfig {
+    label: string;
+    tier: TenantTier;
+    /** Hard daily spend cap in USD. Requests exceeding this are blocked. */
+    budget_usd_per_day?: number;
+    /** Hard monthly spend cap in USD. */
+    budget_usd_per_month?: number;
+    /** Allowlist of model IDs this tenant may use. Empty = all models allowed. */
+    allowed_models?: string[];
+    /** Denylist of model IDs. Checked after allowed_models. */
+    denied_models?: string[];
+    /** Maximum requests per minute for this tenant. */
+    rpm_limit?: number;
+    /** When true, ALL requests from this tenant are immediately rejected (kill-switch). */
+    kill_switch?: boolean;
+    /** Timestamp when the kill-switch was activated. */
+    kill_switch_activated_at?: string;
+    /** Human-readable reason for the kill-switch. */
+    kill_switch_reason?: string;
+    /** Metadata tags for dashboards and audit logs. */
+    tags?: Record<string, string>;
+    created_at: string;
+    updated_at: string;
+}
+export interface TenantSpend {
+    tenant_id: string;
+    date: string;
+    spend_usd: number;
+    request_count: number;
+    last_request_at: string;
+}
+export interface TenantRequestContext {
+    tenant_id: string;
+    trace_id: string;
+    request_id: string;
+    timestamp: string;
+}
+export interface TenantCheckResult {
+    allowed: boolean;
+    tenant_id: string;
+    reason?: string;
+    /** Set when kill-switch is active */
+    kill_switch_active?: boolean;
+    /** Set when a budget limit would be exceeded */
+    budget_exceeded?: boolean;
+    /** Set when the requested model is not allowed */
+    model_denied?: boolean;
+    /** Current daily spend for this tenant */
+    daily_spend_usd?: number;
+    /** Remaining daily budget */
+    daily_budget_remaining_usd?: number;
+}
+export interface TenantIsolatorOptions {
+    /** Path to the tenants config file. Defaults to ~/.relayplane/tenants.json */
+    configPath?: string;
+    /** Path to the spend tracking SQLite DB or JSON store. Defaults to ~/.relayplane/tenant-spend.json */
+    spendStorePath?: string;
+}
+/**
+ * Manages per-tenant isolation: configuration, budget enforcement, and
+ * kill-switch state. Designed to be instantiated once and reused per request.
+ */
+export declare class TenantIsolator {
+    private configPath;
+    private spendStorePath;
+    private tenants;
+    private spendCache;
+    private killSwitchCache;
+    constructor(options?: TenantIsolatorOptions);
+    private load;
+    private save;
+    private saveSpend;
+    /** Register or update a tenant configuration. */
+    upsertTenant(tenantId: string, config: Omit<TenantConfig, 'created_at' | 'updated_at'>): TenantConfig;
+    /** Remove a tenant and all their spend records. */
+    deleteTenant(tenantId: string): boolean;
+    /** Get a tenant config by ID. Returns undefined for unknown tenants. */
+    getTenant(tenantId: string): TenantConfig | undefined;
+    /** List all tenants. */
+    listTenants(): Array<{
+        id: string;
+        config: TenantConfig;
+    }>;
+    /**
+     * Extract tenant ID from an incoming request.
+     * Priority: x-tenant-id header > API key prefix registered in config.
+     * Returns 'default' if no tenant can be identified.
+     */
+    extractTenantId(headers: Record<string, string | string[] | undefined>, apiKey?: string): string;
+    /**
+     * Check whether a request from a tenant should be allowed.
+     * Checks kill-switch, model allowlist/denylist, and budget caps.
+     */
+    checkRequest(tenantId: string, model?: string, estimatedCostUsd?: number): TenantCheckResult;
+    /** Record spend for a tenant after a successful request. */
+    recordSpend(tenantId: string, costUsd: number): void;
+    /** Get today's spend for a tenant. */
+    getDailySpend(tenantId: string): number;
+    /**
+     * Generate the request context headers to inject into downstream traces.
+     * The proxy adds these before forwarding and strips them from the outbound
+     * request to the provider.
+     */
+    buildRequestContext(tenantId: string): TenantRequestContext;
+}
+export declare function getTenantIsolator(options?: TenantIsolatorOptions): TenantIsolator;
+/** Reset the singleton (for tests). */
+export declare function resetTenantIsolator(): void;
+//# sourceMappingURL=tenant-isolation.d.ts.map

package/dist/tenant-isolation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tenant-isolation.d.ts","sourceRoot":"","sources":["../src/tenant-isolation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAOH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,KAAK,GAAG,KAAK,GAAG,YAAY,CAAC;AAE3E,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,UAAU,CAAC;IACjB,wEAAwE;IACxE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,qCAAqC;IACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,8EAA8E;IAC9E,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,2DAA2D;IAC3D,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,mDAAmD;IACnD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,uFAAuF;IACvF,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,oDAAoD;IACpD,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,iDAAiD;IACjD,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mDAAmD;IACnD,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qCAAqC;IACrC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,gDAAgD;IAChD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,kDAAkD;IAClD,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,0CAA0C;IAC1C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,6BAA6B;IAC7B,0BAA0B,CAAC,EAAE,MAAM,CAAC;CACrC;AAED,MAAM,WAAW,qBAAqB;IACpC,8EAA8E;IAC9E,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sGAAsG;IACtG,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAQD;;;GAGG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,OAAO,CAAwC;IACvD,OAAO,CAAC,UAAU,CAAuC;IACzD,OAAO,CAAC,eAAe,CAA0B;gBAErC,OAAO,GAAE,qBAA0B;IAO/C,OAAO,CAAC,IAAI;IAuBZ,OAAO,CAAC,IAAI;IAQZ,OAAO,CAAC,SAAS;IAQjB,iDAAiD;IACjD,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,YAAY,GAAG,YAAY,CAAC,GAAG,YAAY;IAkBrG,mDAAmD;IACnD,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAWvC,wEAAwE;IACxE,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS;IAIrD,wBAAwB;IACxB,WAAW,IAAI,KAAK,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,YAAY,CAAA;KAAE,CAAC;IAI1D;;;;OAIG;IACH,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM;IAiBhG;;;OAGG;IACH,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,gBAAgB,SAAI,GAAG,iBAAiB;IAsDvF,4DAA4D;IAC5D,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAgBpD,sCAAsC;IACtC,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAKvC;;;;OAIG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB;CAQ5D;AAKD,wBAAgB,iBAAiB,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,cAAc,CAGjF;AAED,uCAAuC;AACvC,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C"}

package/dist/tenant-isolation.js ADDED Viewed

@@ -0,0 +1,272 @@
+"use strict";
+/**
+ * Tenant Isolation — per-tenant request scoping for agent swarms.
+ *
+ * Each tenant gets an isolated lane: separate budget tracking, rate limits,
+ * audit namespace, and kill-switch flag. Tenant A's runaway agent can never
+ * affect Tenant B's traffic or billing.
+ *
+ * Tenants are identified by the `x-tenant-id` request header or by an API
+ * key prefix registered in config. The proxy strips tenant headers before
+ * forwarding to providers.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TenantIsolator = void 0;
+exports.getTenantIsolator = getTenantIsolator;
+exports.resetTenantIsolator = resetTenantIsolator;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const crypto = __importStar(require("crypto"));
+function resolveRelayplaneDir() {
+    const homeOverride = process.env['RELAYPLANE_HOME_OVERRIDE'];
+    const base = homeOverride ?? os.homedir();
+    return path.join(base, '.relayplane');
+}
+/**
+ * Manages per-tenant isolation: configuration, budget enforcement, and
+ * kill-switch state. Designed to be instantiated once and reused per request.
+ */
+class TenantIsolator {
+    configPath;
+    spendStorePath;
+    tenants = new Map();
+    spendCache = new Map();
+    killSwitchCache = new Set();
+    constructor(options = {}) {
+        const dir = resolveRelayplaneDir();
+        this.configPath = options.configPath ?? path.join(dir, 'tenants.json');
+        this.spendStorePath = options.spendStorePath ?? path.join(dir, 'tenant-spend.json');
+        this.load();
+    }
+    load() {
+        if (fs.existsSync(this.configPath)) {
+            try {
+                const raw = JSON.parse(fs.readFileSync(this.configPath, 'utf-8'));
+                this.tenants = new Map(Object.entries(raw));
+                // Seed in-memory kill-switch cache from persisted state
+                for (const [id, cfg] of this.tenants) {
+                    if (cfg.kill_switch)
+                        this.killSwitchCache.add(id);
+                }
+            }
+            catch {
+                // Corrupt config — start with empty map
+            }
+        }
+        if (fs.existsSync(this.spendStorePath)) {
+            try {
+                const raw = JSON.parse(fs.readFileSync(this.spendStorePath, 'utf-8'));
+                this.spendCache = new Map(Object.entries(raw));
+            }
+            catch {
+                // Corrupt spend store — start fresh
+            }
+        }
+    }
+    save() {
+        const dir = path.dirname(this.configPath);
+        if (!fs.existsSync(dir))
+            fs.mkdirSync(dir, { recursive: true });
+        const obj = {};
+        for (const [id, cfg] of this.tenants)
+            obj[id] = cfg;
+        fs.writeFileSync(this.configPath, JSON.stringify(obj, null, 2));
+    }
+    saveSpend() {
+        const dir = path.dirname(this.spendStorePath);
+        if (!fs.existsSync(dir))
+            fs.mkdirSync(dir, { recursive: true });
+        const obj = {};
+        for (const [id, spend] of this.spendCache)
+            obj[id] = spend;
+        fs.writeFileSync(this.spendStorePath, JSON.stringify(obj, null, 2));
+    }
+    /** Register or update a tenant configuration. */
+    upsertTenant(tenantId, config) {
+        const now = new Date().toISOString();
+        const existing = this.tenants.get(tenantId);
+        const full = {
+            ...config,
+            created_at: existing?.created_at ?? now,
+            updated_at: now,
+        };
+        this.tenants.set(tenantId, full);
+        if (full.kill_switch) {
+            this.killSwitchCache.add(tenantId);
+        }
+        else {
+            this.killSwitchCache.delete(tenantId);
+        }
+        this.save();
+        return full;
+    }
+    /** Remove a tenant and all their spend records. */
+    deleteTenant(tenantId) {
+        const existed = this.tenants.delete(tenantId);
+        this.spendCache.delete(tenantId);
+        this.killSwitchCache.delete(tenantId);
+        if (existed) {
+            this.save();
+            this.saveSpend();
+        }
+        return existed;
+    }
+    /** Get a tenant config by ID. Returns undefined for unknown tenants. */
+    getTenant(tenantId) {
+        return this.tenants.get(tenantId);
+    }
+    /** List all tenants. */
+    listTenants() {
+        return Array.from(this.tenants.entries()).map(([id, config]) => ({ id, config }));
+    }
+    /**
+     * Extract tenant ID from an incoming request.
+     * Priority: x-tenant-id header > API key prefix registered in config.
+     * Returns 'default' if no tenant can be identified.
+     */
+    extractTenantId(headers, apiKey) {
+        // 1. Explicit header
+        const header = headers['x-tenant-id'];
+        if (header)
+            return Array.isArray(header) ? header[0] : header;
+        // 2. API key prefix match
+        if (apiKey) {
+            for (const [id, cfg] of this.tenants) {
+                if (cfg.tags?.['api_key_prefix'] && apiKey.startsWith(cfg.tags['api_key_prefix'])) {
+                    return id;
+                }
+            }
+        }
+        return 'default';
+    }
+    /**
+     * Check whether a request from a tenant should be allowed.
+     * Checks kill-switch, model allowlist/denylist, and budget caps.
+     */
+    checkRequest(tenantId, model, estimatedCostUsd = 0) {
+        // Fast path: in-memory kill-switch check (no disk I/O)
+        if (this.killSwitchCache.has(tenantId)) {
+            return { allowed: false, tenant_id: tenantId, kill_switch_active: true, reason: 'Kill-switch is active for this tenant.' };
+        }
+        const config = this.tenants.get(tenantId);
+        if (!config) {
+            // Unknown tenant — allow by default (open proxy mode)
+            return { allowed: true, tenant_id: tenantId };
+        }
+        // Model allowlist check
+        if (model && config.allowed_models && config.allowed_models.length > 0) {
+            if (!config.allowed_models.includes(model)) {
+                return { allowed: false, tenant_id: tenantId, model_denied: true, reason: `Model '${model}' is not in the allowlist for tenant '${tenantId}'.` };
+            }
+        }
+        // Model denylist check
+        if (model && config.denied_models && config.denied_models.includes(model)) {
+            return { allowed: false, tenant_id: tenantId, model_denied: true, reason: `Model '${model}' is denied for tenant '${tenantId}'.` };
+        }
+        // Budget check
+        if (config.budget_usd_per_day !== undefined) {
+            const today = new Date().toISOString().slice(0, 10);
+            const spendKey = `${tenantId}:${today}`;
+            const spend = this.spendCache.get(spendKey);
+            const currentSpend = spend?.spend_usd ?? 0;
+            const remaining = config.budget_usd_per_day - currentSpend;
+            if (estimatedCostUsd > 0 && currentSpend + estimatedCostUsd > config.budget_usd_per_day) {
+                return {
+                    allowed: false,
+                    tenant_id: tenantId,
+                    budget_exceeded: true,
+                    daily_spend_usd: currentSpend,
+                    daily_budget_remaining_usd: Math.max(0, remaining),
+                    reason: `Daily budget of $${config.budget_usd_per_day} exceeded for tenant '${tenantId}'.`,
+                };
+            }
+            return {
+                allowed: true,
+                tenant_id: tenantId,
+                daily_spend_usd: currentSpend,
+                daily_budget_remaining_usd: Math.max(0, remaining),
+            };
+        }
+        return { allowed: true, tenant_id: tenantId };
+    }
+    /** Record spend for a tenant after a successful request. */
+    recordSpend(tenantId, costUsd) {
+        const today = new Date().toISOString().slice(0, 10);
+        const spendKey = `${tenantId}:${today}`;
+        const existing = this.spendCache.get(spendKey);
+        const now = new Date().toISOString();
+        this.spendCache.set(spendKey, {
+            tenant_id: tenantId,
+            date: today,
+            spend_usd: (existing?.spend_usd ?? 0) + costUsd,
+            request_count: (existing?.request_count ?? 0) + 1,
+            last_request_at: now,
+        });
+        this.saveSpend();
+    }
+    /** Get today's spend for a tenant. */
+    getDailySpend(tenantId) {
+        const today = new Date().toISOString().slice(0, 10);
+        return this.spendCache.get(`${tenantId}:${today}`)?.spend_usd ?? 0;
+    }
+    /**
+     * Generate the request context headers to inject into downstream traces.
+     * The proxy adds these before forwarding and strips them from the outbound
+     * request to the provider.
+     */
+    buildRequestContext(tenantId) {
+        return {
+            tenant_id: tenantId,
+            trace_id: `trace_${crypto.randomBytes(8).toString('hex')}`,
+            request_id: `req_${crypto.randomBytes(6).toString('hex')}`,
+            timestamp: new Date().toISOString(),
+        };
+    }
+}
+exports.TenantIsolator = TenantIsolator;
+/** Singleton instance for use across the proxy server. */
+let _instance;
+function getTenantIsolator(options) {
+    if (!_instance)
+        _instance = new TenantIsolator(options);
+    return _instance;
+}
+/** Reset the singleton (for tests). */
+function resetTenantIsolator() {
+    _instance = undefined;
+}
+//# sourceMappingURL=tenant-isolation.js.map

package/dist/tenant-isolation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tenant-isolation.js","sourceRoot":"","sources":["../src/tenant-isolation.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAySH,8CAGC;AAGD,kDAEC;AA/SD,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,+CAAiC;AAmEjC,SAAS,oBAAoB;IAC3B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,YAAY,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;IAC1C,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAa,cAAc;IACjB,UAAU,CAAS;IACnB,cAAc,CAAS;IACvB,OAAO,GAA8B,IAAI,GAAG,EAAE,CAAC;IAC/C,UAAU,GAA6B,IAAI,GAAG,EAAE,CAAC;IACjD,eAAe,GAAgB,IAAI,GAAG,EAAE,CAAC;IAEjD,YAAY,UAAiC,EAAE;QAC7C,MAAM,GAAG,GAAG,oBAAoB,EAAE,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QACvE,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;QACpF,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;IAEO,IAAI;QACV,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAiC,CAAC;gBAClG,IAAI,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC5C,wDAAwD;gBACxD,KAAK,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;oBACrC,IAAI,GAAG,CAAC,WAAW;wBAAE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,wCAAwC;YAC1C,CAAC;QACH,CAAC;QACD,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YACvC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,EAAE,OAAO,CAAC,CAAgC,CAAC;gBACrG,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACjD,CAAC;YAAC,MAAM,CAAC;gBACP,oCAAoC;YACtC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,IAAI;QACV,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChE,MAAM,GAAG,GAAiC,EAAE,CAAC;QAC7C,KAAK,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO;YAAE,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC;QACpD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAClE,CAAC;IAEO,SAAS;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChE,MAAM,GAAG,GAAgC,EAAE,CAAC;QAC5C,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU;YAAE,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC;QAC3D,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,iDAAiD;IACjD,YAAY,CAAC,QAAgB,EAAE,MAAuD;QACpF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,IAAI,GAAiB;YACzB,GAAG,MAAM;YACT,UAAU,EAAE,QAAQ,EAAE,UAAU,IAAI,GAAG;YACvC,UAAU,EAAE,GAAG;SAChB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACjC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,mDAAmD;IACnD,YAAY,CAAC,QAAgB;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,IAAI,EAAE,CAAC;YACZ,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,wEAAwE;IACxE,SAAS,CAAC,QAAgB;QACxB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,wBAAwB;IACxB,WAAW;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IACpF,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,OAAsD,EAAE,MAAe;QACrF,qBAAqB;QACrB,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QACtC,IAAI,MAAM;YAAE,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAE9D,0BAA0B;QAC1B,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACrC,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC;oBAClF,OAAO,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,QAAgB,EAAE,KAAc,EAAE,gBAAgB,GAAG,CAAC;QACjE,uDAAuD;QACvD,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,kBAAkB,EAAE,IAAI,EAAE,MAAM,EAAE,wCAAwC,EAAE,CAAC;QAC7H,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,sDAAsD;YACtD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;QAChD,CAAC;QAED,wBAAwB;QACxB,IAAI,KAAK,IAAI,MAAM,CAAC,cAAc,IAAI,MAAM,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvE,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,KAAK,yCAAyC,QAAQ,IAAI,EAAE,CAAC;YACnJ,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,IAAI,KAAK,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1E,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,KAAK,2BAA2B,QAAQ,IAAI,EAAE,CAAC;QACrI,CAAC;QAED,eAAe;QACf,IAAI,MAAM,CAAC,kBAAkB,KAAK,SAAS,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACpD,MAAM,QAAQ,GAAG,GAAG,QAAQ,IAAI,KAAK,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,YAAY,GAAG,KAAK,EAAE,SAAS,IAAI,CAAC,CAAC;YAC3C,MAAM,SAAS,GAAG,MAAM,CAAC,kBAAkB,GAAG,YAAY,CAAC;YAE3D,IAAI,gBAAgB,GAAG,CAAC,IAAI,YAAY,GAAG,gBAAgB,GAAG,MAAM,CAAC,kBAAkB,EAAE,CAAC;gBACxF,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,QAAQ;oBACnB,eAAe,EAAE,IAAI;oBACrB,eAAe,EAAE,YAAY;oBAC7B,0BAA0B,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC;oBAClD,MAAM,EAAE,oBAAoB,MAAM,CAAC,kBAAkB,yBAAyB,QAAQ,IAAI;iBAC3F,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,QAAQ;gBACnB,eAAe,EAAE,YAAY;gBAC7B,0BAA0B,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC;aACnD,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;IAChD,CAAC;IAED,4DAA4D;IAC5D,WAAW,CAAC,QAAgB,EAAE,OAAe;QAC3C,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,GAAG,QAAQ,IAAI,KAAK,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;YAC5B,SAAS,EAAE,QAAQ;YACnB,IAAI,EAAE,KAAK;YACX,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,IAAI,CAAC,CAAC,GAAG,OAAO;YAC/C,aAAa,EAAE,CAAC,QAAQ,EAAE,aAAa,IAAI,CAAC,CAAC,GAAG,CAAC;YACjD,eAAe,EAAE,GAAG;SACrB,CAAC,CAAC;QACH,IAAI,CAAC,SAAS,EAAE,CAAC;IACnB,CAAC;IAED,sCAAsC;IACtC,aAAa,CAAC,QAAgB;QAC5B,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,QAAQ,IAAI,KAAK,EAAE,CAAC,EAAE,SAAS,IAAI,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,mBAAmB,CAAC,QAAgB;QAClC,OAAO;YACL,SAAS,EAAE,QAAQ;YACnB,QAAQ,EAAE,SAAS,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;YAC1D,UAAU,EAAE,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;YAC1D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;IACJ,CAAC;CACF;AAlND,wCAkNC;AAED,0DAA0D;AAC1D,IAAI,SAAqC,CAAC;AAE1C,SAAgB,iBAAiB,CAAC,OAA+B;IAC/D,IAAI,CAAC,SAAS;QAAE,SAAS,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;IACxD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,uCAAuC;AACvC,SAAgB,mBAAmB;IACjC,SAAS,GAAG,SAAS,CAAC;AACxB,CAAC"}

package/dist/tool-search-semantic.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export interface SearchableTool {
+    name: string;
+    description: string;
+}
+export declare class SemanticToolSearch {
+    private tools;
+    private vectors;
+    get size(): number;
+    indexTools(tools: SearchableTool[]): void;
+    search(query: string, topK: number): SearchableTool[];
+}
+//# sourceMappingURL=tool-search-semantic.d.ts.map

package/dist/tool-search-semantic.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tool-search-semantic.d.ts","sourceRoot":"","sources":["../src/tool-search-semantic.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AA6BD,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,KAAK,CAAwB;IACrC,OAAO,CAAC,OAAO,CAA6B;IAE5C,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,UAAU,CAAC,KAAK,EAAE,cAAc,EAAE,GAAG,IAAI;IAOzC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,cAAc,EAAE;CAUtD"}

package/dist/tool-search-semantic.js ADDED Viewed

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SemanticToolSearch = void 0;
+function tokenize(text) {
+    return text.toLowerCase().replace(/[^a-z0-9\s]/g, ' ').split(/\s+/).filter(t => t.length > 1);
+}
+function buildVector(tokens) {
+    const freq = new Map();
+    for (const t of tokens) {
+        freq.set(t, (freq.get(t) ?? 0) + 1);
+    }
+    return freq;
+}
+function cosineSimilarity(a, b) {
+    let dot = 0;
+    let normA = 0;
+    let normB = 0;
+    for (const [term, countA] of a) {
+        dot += countA * (b.get(term) ?? 0);
+        normA += countA * countA;
+    }
+    for (const [, countB] of b) {
+        normB += countB * countB;
+    }
+    if (normA === 0 || normB === 0)
+        return 0;
+    return dot / (Math.sqrt(normA) * Math.sqrt(normB));
+}
+class SemanticToolSearch {
+    tools = [];
+    vectors = [];
+    get size() {
+        return this.tools.length;
+    }
+    indexTools(tools) {
+        this.tools = [...tools];
+        this.vectors = tools.map(t => buildVector(tokenize(`${t.name} ${t.description}`)));
+    }
+    search(query, topK) {
+        if (this.tools.length === 0)
+            return [];
+        const queryVec = buildVector(tokenize(query));
+        const scored = this.tools.map((tool, i) => ({
+            tool,
+            score: cosineSimilarity(queryVec, this.vectors[i]),
+        }));
+        scored.sort((a, b) => b.score - a.score || a.tool.name.localeCompare(b.tool.name));
+        return scored.slice(0, topK).map(s => s.tool);
+    }
+}
+exports.SemanticToolSearch = SemanticToolSearch;
+//# sourceMappingURL=tool-search-semantic.js.map

package/dist/tool-search-semantic.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tool-search-semantic.js","sourceRoot":"","sources":["../src/tool-search-semantic.ts"],"names":[],"mappings":";;;AAKA,SAAS,QAAQ,CAAC,IAAY;IAC5B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,WAAW,CAAC,MAAgB;IACnC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,gBAAgB,CAAC,CAAsB,EAAE,CAAsB;IACtE,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,IAAI,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,KAAK,IAAI,MAAM,GAAG,MAAM,CAAC;IAC3B,CAAC;IACD,KAAK,MAAM,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,KAAK,IAAI,MAAM,GAAG,MAAM,CAAC;IAC3B,CAAC;IACD,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IACzC,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,MAAa,kBAAkB;IACrB,KAAK,GAAqB,EAAE,CAAC;IAC7B,OAAO,GAA0B,EAAE,CAAC;IAE5C,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,UAAU,CAAC,KAAuB;QAChC,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAC3B,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CACpD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,KAAa,EAAE,IAAY;QAChC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1C,IAAI;YACJ,KAAK,EAAE,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;SACnD,CAAC,CAAC,CAAC;QACJ,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACnF,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC;CACF;AAzBD,gDAyBC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@relayplane/proxy",
-  "version": "1.9.25",
+  "version": "1.9.27",
   "description": "Open source cost intelligence proxy for AI agents. Cut LLM costs ~80% with smart model routing. Dashboard, policy engine, 11 providers. MIT licensed.",
   "homepage": "https://relayplane.com",
   "repository": {