@salucallc/tiresias-sdk 0.1.0

package/dist/tiresias.js

@@ -0,0 +1,174 @@
+"use strict";
+/**
+ * Tiresias SDK — Main Orchestrator
+ *
+ * tiresias.call(messages, adapter, options) is the high-level entry point.
+ * It runs the three safety signals, computes composite score, applies policy,
+ * writes a hash-chained audit entry, and either passes through to the LLM
+ * or blocks the request.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Tiresias = void 0;
+const types_js_1 = require("./types.js");
+const scoring_js_1 = require("./scoring.js");
+const audit_js_1 = require("./audit.js");
+const session_js_1 = require("./session.js");
+// Lazily import sub-modules to allow tree-shaking
+const tiresias_watch_1 = require("@salucallc/tiresias-watch");
+const tiresias_report_1 = require("@salucallc/tiresias-report");
+class Tiresias {
+    config;
+    sessions;
+    auditStore;
+    constructor(config = {}) {
+        this.config = config;
+        this.sessions = new session_js_1.SessionManager();
+        this.auditStore = config.auditStore ?? new audit_js_1.MemoryAuditStore();
+    }
+    /**
+     * Main entry point.
+     * 1. Run watch (injection detection)
+     * 2. Run report (PII scan)
+     * 3. Get network signal (passthrough or provider)
+     * 4. Compute composite score
+     * 5. Apply policy
+     * 6. Write hash-chained audit entry
+     * 7. If ALLOW/WARN: call LLM adapter and return response
+     *    If BLOCK/QUARANTINE: return without calling LLM
+     */
+    async call(messages, adapter, options = {}) {
+        const { sessionId: sid, ...llmOptions } = options;
+        const session = this.sessions.getOrCreate(sid ?? "default");
+        // Serialize request for hashing and scanning
+        const requestContent = messages.map((m) => `${m.role}: ${m.content}`).join("\n");
+        // ── Signal 1: Injection Detection (tiresias-watch) ────────────────────────
+        const key = (0, tiresias_watch_1.generateKey)();
+        const guardedMessages = messages.map((m) => ({
+            ...m,
+            content: (0, tiresias_watch_1.injectGuard)(m.content, key),
+        }));
+        // We scan the original content for injection markers from prior round-trips.
+        // For a fresh request, injection threat comes from structural analysis.
+        const watchSignal = await this.runWatchSignal(messages, key);
+        // ── Signal 2: PII Detection (tiresias-report) ─────────────────────────────
+        const reportSignal = await this.runReportSignal(requestContent);
+        // ── Signal 3: Network Threat (tiresias-network or stub) ───────────────────
+        const networkSignal = await this.runNetworkSignal();
+        // ── Composite Score (PATENT-CRITICAL) ─────────────────────────────────────
+        const thresholds = this.config.policy ?? types_js_1.DEFAULT_POLICY_THRESHOLDS;
+        const composite = (0, scoring_js_1.computeCompositeScore)(watchSignal, reportSignal, networkSignal, thresholds);
+        // ── Audit Entry (PATENT-CRITICAL hash chain) ──────────────────────────────
+        const prevHash = await this.auditStore.getHead(session.sessionId);
+        const auditEntry = (0, audit_js_1.buildAuditEntry)(session.sessionId, requestContent, composite, prevHash);
+        await this.auditStore.append(auditEntry);
+        this.sessions.update(session.sessionId, composite, auditEntry.chainHash);
+        const blocked = composite.policy === "BLOCK" || composite.policy === "QUARANTINE";
+        // ── Policy Callbacks ──────────────────────────────────────────────────────
+        if (composite.policy === "WARN" && this.config.onWarn) {
+            await this.config.onWarn(auditEntry);
+        }
+        if (blocked && this.config.onBlock) {
+            await this.config.onBlock(auditEntry);
+        }
+        // ── LLM Call ──────────────────────────────────────────────────────────────
+        let llmResponse;
+        if (!blocked) {
+            // Use guarded messages so we can detect echo manipulation in future turns
+            llmResponse = await adapter.call(guardedMessages, llmOptions);
+            // Strip guard tokens from response before returning to caller
+            if (llmResponse.content) {
+                llmResponse = {
+                    ...llmResponse,
+                    content: (0, tiresias_watch_1.stripEcho)(llmResponse.content),
+                };
+            }
+        }
+        return {
+            decision: composite.policy,
+            composite,
+            auditEntry,
+            llmResponse,
+            blocked,
+        };
+    }
+    /** Audit log access */
+    get audit() {
+        return this.auditStore;
+    }
+    /** Session access */
+    get session() {
+        return this.sessions;
+    }
+    // ── Private signal runners ────────────────────────────────────────────────
+    async runWatchSignal(messages, key) {
+        // For a fresh outbound request, injection threat is determined by
+        // checking if any inbound message contains injection markers aimed at
+        // hijacking the guard echo. We use verifyResponse on each user message.
+        let maxThreat = 0;
+        let echoFound = false;
+        let failureMode;
+        for (const m of messages) {
+            if (m.role !== "user")
+                continue;
+            const result = (0, tiresias_watch_1.verify)(m.content, key);
+            if (!result.verified) {
+                if (result.failure_mode) {
+                    failureMode = result.failure_mode;
+                    maxThreat = Math.max(maxThreat, result.threat);
+                    echoFound = true;
+                }
+            }
+        }
+        // Check for common injection patterns in user messages
+        const injectionPatterns = [
+            /ignore\s+(all\s+)?previous\s+instructions?/i,
+            /you\s+are\s+now\s+(?:a\s+)?(?:an?\s+)?(?:different|new|another|alternative)/i,
+            /disregard\s+(?:your\s+)?(?:previous\s+|prior\s+)?(?:instructions?|rules?|guidelines?)/i,
+            /\[SYSTEM\]/i,
+            /<\|system\|>/i,
+            /###\s*SYSTEM/i,
+        ];
+        for (const m of messages) {
+            if (m.role !== "user")
+                continue;
+            let patternHits = 0;
+            for (const p of injectionPatterns) {
+                if (p.test(m.content))
+                    patternHits++;
+            }
+            if (patternHits > 0) {
+                maxThreat = Math.max(maxThreat, Math.min(0.3 + patternHits * 0.2, 1.0));
+            }
+        }
+        return { injectionThreat: maxThreat, echoFound, failureMode };
+    }
+    async runReportSignal(content) {
+        try {
+            const result = await (0, tiresias_report_1.scan)(content);
+            const highConf = result.entities.filter((e) => e.confidence > 0.85).length;
+            return {
+                piiRisk: result.risk,
+                entityCount: result.entity_count,
+                highConfidenceCount: highConf,
+            };
+        }
+        catch {
+            // Fail safe: treat scan failure as zero risk (don't block on scan error)
+            return { piiRisk: 0, entityCount: 0, highConfidenceCount: 0 };
+        }
+    }
+    async runNetworkSignal() {
+        if (this.config.networkThreatProvider) {
+            try {
+                const threat = await this.config.networkThreatProvider();
+                return { networkThreat: Math.min(Math.max(threat, 0), 1) };
+            }
+            catch {
+                return { networkThreat: 0 };
+            }
+        }
+        return { networkThreat: 0 };
+    }
+}
+exports.Tiresias = Tiresias;
+//# sourceMappingURL=tiresias.js.map

package/dist/tiresias.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tiresias.js","sourceRoot":"","sources":["../src/tiresias.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAYH,yCAAuD;AACvD,6CAAqD;AACrD,yCAA+D;AAC/D,6CAA8C;AAE9C,kDAAkD;AAClD,8DAKmC;AAEnC,gEAAkD;AAElD,MAAa,QAAQ;IACX,MAAM,CAAiB;IACvB,QAAQ,CAAiB;IACzB,UAAU,CAAmB;IAErC,YAAY,SAAyB,EAAE;QACrC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,IAAI,2BAAc,EAAE,CAAC;QACrC,IAAI,CAAC,UAAU,GAAI,MAAM,CAAC,UAA+B,IAAI,IAAI,2BAAgB,EAAE,CAAC;IACtF,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,IAAI,CACR,QAAmB,EACnB,OAAmB,EACnB,UAAmD,EAAE;QAErD,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,UAAU,EAAE,GAAG,OAAO,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,IAAI,SAAS,CAAC,CAAC;QAE5D,6CAA6C;QAC7C,MAAM,cAAc,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjF,6EAA6E;QAC7E,MAAM,GAAG,GAAG,IAAA,4BAAW,GAAE,CAAC;QAC1B,MAAM,eAAe,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3C,GAAG,CAAC;YACJ,OAAO,EAAE,IAAA,4BAAW,EAAC,CAAC,CAAC,OAAO,EAAE,GAAG,CAAC;SACrC,CAAC,CAAC,CAAC;QACJ,6EAA6E;QAC7E,wEAAwE;QACxE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAE7D,6EAA6E;QAC7E,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QAEhE,6EAA6E;QAC7E,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAEpD,6EAA6E;QAC7E,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,oCAAyB,CAAC;QACnE,MAAM,SAAS,GAAG,IAAA,kCAAqB,EAAC,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC;QAE9F,6EAA6E;QAC7E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAClE,MAAM,UAAU,GAAG,IAAA,0BAAe,EAChC,OAAO,CAAC,SAAS,EACjB,cAAc,EACd,SAAS,EACT,QAAQ,CACT,CAAC;QACF,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACzC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC;QAEzE,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,KAAK,OAAO,IAAI,SAAS,CAAC,MAAM,KAAK,YAAY,CAAC;QAElF,6EAA6E;QAC7E,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACtD,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACnC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;QAED,6EAA6E;QAC7E,IAAI,WAAW,CAAC;QAChB,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,0EAA0E;YAC1E,WAAW,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;YAE9D,8DAA8D;YAC9D,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;gBACxB,WAAW,GAAG;oBACZ,GAAG,WAAW;oBACd,OAAO,EAAE,IAAA,0BAAS,EAAC,WAAW,CAAC,OAAO,CAAC;iBACxC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,SAAS,CAAC,MAAM;YAC1B,SAAS;YACT,UAAU;YACV,WAAW;YACX,OAAO;SACR,CAAC;IACJ,CAAC;IAED,uBAAuB;IACvB,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,qBAAqB;IACrB,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,6EAA6E;IAErE,KAAK,CAAC,cAAc,CAAC,QAAmB,EAAE,GAAW;QAC3D,kEAAkE;QAClE,sEAAsE;QACtE,wEAAwE;QACxE,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,WAA+B,CAAC;QAEpC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM;gBAAE,SAAS;YAChC,MAAM,MAAM,GAAG,IAAA,uBAAM,EAAC,CAAC,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YACtC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACrB,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACxB,WAAW,GAAG,MAAM,CAAC,YAAY,CAAC;oBAClC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;oBAC/C,SAAS,GAAG,IAAI,CAAC;gBACnB,CAAC;YACH,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,MAAM,iBAAiB,GAAG;YACxB,6CAA6C;YAC7C,8EAA8E;YAC9E,wFAAwF;YACxF,aAAa;YACb,eAAe;YACf,eAAe;SAChB,CAAC;QAEF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM;gBAAE,SAAS;YAChC,IAAI,WAAW,GAAG,CAAC,CAAC;YACpB,KAAK,MAAM,CAAC,IAAI,iBAAiB,EAAE,CAAC;gBAClC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC;oBAAE,WAAW,EAAE,CAAC;YACvC,CAAC;YACD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;gBACpB,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,WAAW,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC;IAChE,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,OAAe;QAC3C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAI,EAAC,OAAO,CAAC,CAAC;YACnC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;YAC3E,OAAO;gBACL,OAAO,EAAE,MAAM,CAAC,IAAI;gBACpB,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,mBAAmB,EAAE,QAAQ;aAC9B,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,yEAAyE;YACzE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,mBAAmB,EAAE,CAAC,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,gBAAgB;QAC5B,IAAI,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;gBACzD,OAAO,EAAE,aAAa,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC7D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC;QACD,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;IAC9B,CAAC;CACF;AApLD,4BAoLC"}

package/dist/types.d.ts

@@ -0,0 +1,106 @@
+/**
+ * Tiresias SDK — Shared Types
+ * Composite scoring, policy engine, session, and audit types.
+ */
+export interface WatchSignal {
+    injectionThreat: number;
+    echoFound: boolean;
+    failureMode?: string;
+}
+export interface ReportSignal {
+    piiRisk: number;
+    entityCount: number;
+    highConfidenceCount: number;
+}
+export interface NetworkSignal {
+    networkThreat: number;
+}
+/**
+ * PATENT-CRITICAL: Composite risk score formula (SALUCA-005 / cross_layer_orchestration)
+ * score = (0.5 × injection_threat) + (0.4 × pii_risk) + (0.1 × network_threat)
+ */
+export interface CompositeScore {
+    score: number;
+    injectionThreat: number;
+    piiRisk: number;
+    networkThreat: number;
+    policy: PolicyDecision;
+    timestamp: number;
+}
+export type PolicyDecision = "ALLOW" | "WARN" | "BLOCK" | "QUARANTINE";
+/**
+ * Policy thresholds (configurable, defaults are patent-critical values)
+ * ALLOW    < 0.30
+ * WARN     < 0.60
+ * BLOCK    < 0.85
+ * QUARANTINE >= 0.85
+ */
+export interface PolicyThresholds {
+    warnAt: number;
+    blockAt: number;
+    quarantineAt: number;
+}
+export declare const DEFAULT_POLICY_THRESHOLDS: PolicyThresholds;
+/**
+ * PATENT-CRITICAL: Hash-chained audit log entry (SALUCA-005)
+ * chain_hash = SHA3-256(prev_chain_hash || session_id || timestamp || score_json)
+ */
+export interface AuditEntry {
+    entryId: string;
+    sessionId: string;
+    timestamp: number;
+    requestHash: string;
+    composite: CompositeScore;
+    chainHash: string;
+    prevChainHash: string;
+    metadata?: Record<string, unknown>;
+}
+export interface TiresiasSession {
+    sessionId: string;
+    createdAt: number;
+    requestCount: number;
+    lastScore: CompositeScore | null;
+    auditChainHead: string;
+}
+export type MessageRole = "system" | "user" | "assistant";
+export interface Message {
+    role: MessageRole;
+    content: string;
+}
+export interface LLMResponse {
+    content: string;
+    usage?: {
+        inputTokens: number;
+        outputTokens: number;
+    };
+    raw?: unknown;
+}
+export interface LLMAdapter {
+    call(messages: Message[], options?: LLMCallOptions): Promise<LLMResponse>;
+}
+export interface LLMCallOptions {
+    model?: string;
+    maxTokens?: number;
+    temperature?: number;
+    systemPrompt?: string;
+}
+export interface TiresiasConfig {
+    policy?: PolicyThresholds;
+    auditStore?: AuditStore;
+    networkThreatProvider?: () => Promise<number>;
+    onBlock?: (entry: AuditEntry) => void | Promise<void>;
+    onWarn?: (entry: AuditEntry) => void | Promise<void>;
+}
+export interface AuditStore {
+    append(entry: AuditEntry): Promise<void>;
+    getHead(sessionId: string): Promise<string>;
+    query(sessionId: string, limit?: number): Promise<AuditEntry[]>;
+}
+export interface TiresiasCallResult {
+    decision: PolicyDecision;
+    composite: CompositeScore;
+    auditEntry: AuditEntry;
+    llmResponse?: LLMResponse;
+    blocked: boolean;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,WAAW;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAC;CACvB;AAID;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,cAAc,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,GAAG,YAAY,CAAC;AAEvE;;;;;;GAMG;AACH,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,eAAO,MAAM,yBAAyB,EAAE,gBAIvC,CAAC;AAIF;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,cAAc,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAID,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,cAAc,GAAG,IAAI,CAAC;IACjC,cAAc,EAAE,MAAM,CAAC;CACxB;AAID,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,MAAM,GAAG,WAAW,CAAC;AAE1D,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,WAAW,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE;QACN,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CAC3E;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAID,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAC1B,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,qBAAqB,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9C,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtD,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACtD;AAID,MAAM,WAAW,UAAU;IACzB,MAAM,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACzC,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;CACjE;AAID,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,cAAc,CAAC;IACzB,SAAS,EAAE,cAAc,CAAC;IAC1B,UAAU,EAAE,UAAU,CAAC;IACvB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,OAAO,EAAE,OAAO,CAAC;CAClB"}

package/dist/types.js

@@ -0,0 +1,13 @@
+"use strict";
+/**
+ * Tiresias SDK — Shared Types
+ * Composite scoring, policy engine, session, and audit types.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_POLICY_THRESHOLDS = void 0;
+exports.DEFAULT_POLICY_THRESHOLDS = {
+    warnAt: 0.30,
+    blockAt: 0.60,
+    quarantineAt: 0.85,
+};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAoDU,QAAA,yBAAyB,GAAqB;IACzD,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,IAAI;CACnB,CAAC"}

package/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "@salucallc/tiresias-sdk",
+  "version": "0.1.0",
+  "description": "Unified Tiresias AI Safety SDK — composite scoring, policy engine, and hash-chained audit log for LLM APIs",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": ["dist", "src"],
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "tsc --noEmit"
+  },
+  "keywords": ["llm", "security", "pii", "prompt-injection", "audit", "ai-safety", "tiresias"],
+  "license": "Apache-2.0",
+  "publishConfig": { "access": "public" },
+  "dependencies": {
+    "@salucallc/tiresias-watch": "^0.1.0",
+    "@salucallc/tiresias-report": "^0.1.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.6.0",
+    "vitest": "^2.0.0",
+    "@types/node": "^22.0.0"
+  }
+}