@sandrobuilds/tracerney 0.9.27 → 0.9.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -0
- package/dist/application/ShieldApplicationService.d.ts +13 -6
- package/dist/application/ShieldApplicationService.d.ts.map +1 -1
- package/dist/application/ShieldApplicationService.js +78 -53
- package/dist/application/ShieldApplicationService.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -81,6 +81,17 @@ if (result.suspicious) {
|
|
|
81
81
|
- **Structured threat metadata** — detailed fingerprints for audit trails and tracking
|
|
82
82
|
- **Advanced rate limiting** — prevents cost spikes with intelligent throttling
|
|
83
83
|
|
|
84
|
+
### Layer 1 Forensic Routing
|
|
85
|
+
|
|
86
|
+
Layer 1 is the Executioner for binary violations. It stops immediately — no tokens wasted, no second opinion needed. Layer 2 is only called when Layer 1 is inconclusive.
|
|
87
|
+
|
|
88
|
+
| Event | Action | Why |
|
|
89
|
+
|---|---|---|
|
|
90
|
+
| API Key / SSH Key | **Layer 1 stops immediately** | Binary. Zero legitimate export use-case. |
|
|
91
|
+
| Email / Phone / CC / SSN | **Layer 1 stops immediately** | Clear PII violation. No reasoning required. |
|
|
92
|
+
| Unauthorized Domain | **Layer 1 stops immediately** | Network boundary violation. Deterministic. |
|
|
93
|
+
| Complex Encoding / Obfuscation | **Escalated to Layer 2** | Probabilistic. Needs a brain to verify. |
|
|
94
|
+
|
|
84
95
|
## Layer 2: LLM Sentinel Deep Dive
|
|
85
96
|
|
|
86
97
|
Layer 2 adds advanced security with LLM Sentinel, an AI-powered verification system that analyzes LLM responses for injection patterns and validates output safety. Combines local pattern detection (Layer 1) with server-side verification for defense-in-depth protection.
|
|
@@ -30,6 +30,7 @@ export interface ScanResult {
|
|
|
30
30
|
patternName?: string;
|
|
31
31
|
severity?: string;
|
|
32
32
|
blocked: boolean;
|
|
33
|
+
blockedBy?: "layer1" | "layer2";
|
|
33
34
|
}
|
|
34
35
|
export type { SuspiciousTrace };
|
|
35
36
|
export interface ServiceStatus {
|
|
@@ -70,13 +71,19 @@ export declare class ShieldApplicationService {
|
|
|
70
71
|
wrap<T extends LLMResponse>(llmCall: () => Promise<T>, options?: WrapOptions): Promise<T>;
|
|
71
72
|
/**
|
|
72
73
|
* Scan a raw prompt pre-LLM for inline use.
|
|
73
|
-
* Returns result object with suspicious flag and blocking decision.
|
|
74
|
-
* Only throws if Layer 2 (LLM Sentinel) confirms attack.
|
|
75
74
|
*
|
|
76
|
-
*
|
|
77
|
-
*
|
|
78
|
-
*
|
|
79
|
-
*
|
|
75
|
+
* Forensic routing:
|
|
76
|
+
*
|
|
77
|
+
* Layer 1 — The Executioner (CRITICAL / HIGH severity)
|
|
78
|
+
* Binary violations: API keys, SSH keys, PII, unauthorized domains.
|
|
79
|
+
* There is no context that makes exporting a raw AWS key acceptable.
|
|
80
|
+
* Stop immediately. Do not waste tokens on Layer 2.
|
|
81
|
+
* Throws ShieldBlockError instantly.
|
|
82
|
+
*
|
|
83
|
+
* Layer 2 — The Jury (MEDIUM / LOW severity)
|
|
84
|
+
* Inconclusive threats: complex encoding, obfuscated payloads, ambiguous tone.
|
|
85
|
+
* Probabilistic — needs a reasoning model to verify.
|
|
86
|
+
* Passed to LLM Sentinel only when Layer 1 is inconclusive.
|
|
80
87
|
*/
|
|
81
88
|
scanPrompt(prompt: string, requestId?: string): Promise<ScanResult>;
|
|
82
89
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ShieldApplicationService.d.ts","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAuB,KAAK,eAAe,EAAsB,MAAM,mCAAmC,CAAC;AAElH,OAAO,EAAoB,KAAK,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAO/E,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAyB,MAAM,6BAA6B,CAAC;AAIvF,MAAM,WAAW,8BAA8B;IAC7C,iBAAiB,EAAE,kBAAkB,CAAC;IACtC,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,QAAQ,CAAC,EAAE,SAAS,CAAC;IACrB,aAAa,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"ShieldApplicationService.d.ts","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAuB,KAAK,eAAe,EAAsB,MAAM,mCAAmC,CAAC;AAElH,OAAO,EAAoB,KAAK,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAO/E,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAyB,MAAM,6BAA6B,CAAC;AAIvF,MAAM,WAAW,8BAA8B;IAC7C,iBAAiB,EAAE,kBAAkB,CAAC;IACtC,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,QAAQ,CAAC,EAAE,SAAS,CAAC;IACrB,aAAa,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAC;CACjC;AAED,YAAY,EAAE,eAAe,EAAE,CAAC;AAEhC,MAAM,WAAW,aAAa;IAC5B,cAAc,EAAE;QACd,KAAK,EAAE,OAAO,CAAC;QACf,KAAK,CAAC,EAAE,OAAO,CAAC;KACjB,CAAC;IACF,SAAS,EAAE;QACT,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;KACjC,CAAC;IACF,SAAS,EAAE;QACT,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;CACH;AAED,qBAAa,wBAAwB;IAUvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IATnC,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAsB;IAC1D,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,aAAa,CAAC,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAC,CAAe;IACnC,OAAO,CAAC,QAAQ,CAAC,CAAY;IAE7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBAEP,MAAM,EAAE,8BAA8B;IAkBnE;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAmB5B;;;;;;OAMG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IA6Gb;;;;;;;;;;;;;;;OAeG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAsHzE;;;OAGG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAIvC;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI;IAK/C;;OAEG;IACH,SAAS,IAAI,aAAa;IAgB1B;;OAEG;IACH,OAAO,CAAC,MAAM;IAMd;;OAEG;IACH,OAAO,IAAI,IAAI;IAIf;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAG1B"}
|
|
@@ -131,69 +131,90 @@ export class ShieldApplicationService {
|
|
|
131
131
|
}
|
|
132
132
|
/**
|
|
133
133
|
* Scan a raw prompt pre-LLM for inline use.
|
|
134
|
-
* Returns result object with suspicious flag and blocking decision.
|
|
135
|
-
* Only throws if Layer 2 (LLM Sentinel) confirms attack.
|
|
136
134
|
*
|
|
137
|
-
*
|
|
138
|
-
*
|
|
139
|
-
*
|
|
140
|
-
*
|
|
135
|
+
* Forensic routing:
|
|
136
|
+
*
|
|
137
|
+
* Layer 1 — The Executioner (CRITICAL / HIGH severity)
|
|
138
|
+
* Binary violations: API keys, SSH keys, PII, unauthorized domains.
|
|
139
|
+
* There is no context that makes exporting a raw AWS key acceptable.
|
|
140
|
+
* Stop immediately. Do not waste tokens on Layer 2.
|
|
141
|
+
* Throws ShieldBlockError instantly.
|
|
142
|
+
*
|
|
143
|
+
* Layer 2 — The Jury (MEDIUM / LOW severity)
|
|
144
|
+
* Inconclusive threats: complex encoding, obfuscated payloads, ambiguous tone.
|
|
145
|
+
* Probabilistic — needs a reasoning model to verify.
|
|
146
|
+
* Passed to LLM Sentinel only when Layer 1 is inconclusive.
|
|
141
147
|
*/
|
|
142
148
|
async scanPrompt(prompt, requestId) {
|
|
143
149
|
if (!prompt) {
|
|
144
|
-
return { suspicious: false, blocked: false };
|
|
150
|
+
return { suspicious: false, blocked: false };
|
|
145
151
|
}
|
|
146
152
|
const rid = requestId ?? this.generateRequestId();
|
|
147
153
|
const startTime = Date.now();
|
|
148
154
|
try {
|
|
149
|
-
// Normalize prompt to prevent Unicode/whitespace evasion
|
|
150
155
|
const normalizedPrompt = normalizePrompt(prompt);
|
|
151
|
-
//
|
|
156
|
+
// ── Egress check (runs first, before injection patterns) ──────────────
|
|
157
|
+
// Scans for PII, secrets, and active exfiltration patterns in the prompt.
|
|
158
|
+
// SUSPICIOUS_EGRESS → throw immediately. No Layer 2, no second opinion.
|
|
159
|
+
const egressTrace = this.deterministicFilter.validate(normalizedPrompt);
|
|
160
|
+
if (egressTrace.isSuspicious && egressTrace.label === "SUSPICIOUS_EGRESS") {
|
|
161
|
+
const blockLatencyMs = Date.now() - startTime;
|
|
162
|
+
const event = createSecurityEvent(rid, SecurityEventType.SUSPICIOUS_EGRESS, ThreatSeverity.CRITICAL, `Egress attack in prompt: ${egressTrace.reason}`, {
|
|
163
|
+
patternName: egressTrace.findings[0]?.patternName,
|
|
164
|
+
requestSnippet: prompt.substring(0, 100),
|
|
165
|
+
blockLatencyMs,
|
|
166
|
+
});
|
|
167
|
+
this.report(event);
|
|
168
|
+
throw new ShieldBlockError("Tracerney Block: Suspicious Egress in Prompt", event);
|
|
169
|
+
}
|
|
170
|
+
// Layer 1: deterministic regex scan
|
|
152
171
|
const threat = this.patternMatcher.match(normalizedPrompt);
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
blocked: false,
|
|
179
|
-
};
|
|
180
|
-
}
|
|
181
|
-
catch (error) {
|
|
182
|
-
// If sentinel throws (network error, etc), check if it's our block or a system error
|
|
183
|
-
if (error instanceof ShieldBlockError) {
|
|
184
|
-
throw error;
|
|
185
|
-
}
|
|
186
|
-
// Other errors: treat as suspicious but don't block (Layer 2 unavailable)
|
|
187
|
-
return {
|
|
188
|
-
suspicious: true,
|
|
172
|
+
if (!threat) {
|
|
173
|
+
return { suspicious: false, blocked: false };
|
|
174
|
+
}
|
|
175
|
+
const isBinary = threat.severity === ThreatSeverity.CRITICAL ||
|
|
176
|
+
threat.severity === ThreatSeverity.HIGH;
|
|
177
|
+
if (isBinary) {
|
|
178
|
+
// ── Layer 1: Executioner ─────────────────────────────────────────────
|
|
179
|
+
// Binary violation — stop immediately. No Layer 2, no second opinion.
|
|
180
|
+
const blockLatencyMs = Date.now() - startTime;
|
|
181
|
+
const event = createSecurityEvent(rid, SecurityEventType.PROMPT_INJECTION, ThreatSeverity.CRITICAL, `Layer 1 stopped: ${threat.patternName} [${threat.severity}]`, {
|
|
182
|
+
patternName: threat.patternName,
|
|
183
|
+
requestSnippet: prompt.substring(0, 100),
|
|
184
|
+
blockLatencyMs,
|
|
185
|
+
});
|
|
186
|
+
this.report(event);
|
|
187
|
+
throw new ShieldBlockError("Tracerney Block: Layer 1 Violation", event);
|
|
188
|
+
}
|
|
189
|
+
// ── Layer 2: Jury ──────────────────────────────────────────────────────
|
|
190
|
+
// Inconclusive threat (MEDIUM / LOW) — needs a reasoning model to judge.
|
|
191
|
+
if (this.sentinel) {
|
|
192
|
+
try {
|
|
193
|
+
const sentinelResult = await this.sentinel.check(normalizedPrompt, rid);
|
|
194
|
+
if (sentinelResult.action === "BLOCK") {
|
|
195
|
+
const blockLatencyMs = Date.now() - startTime;
|
|
196
|
+
const event = createSecurityEvent(rid, SecurityEventType.PROMPT_INJECTION, ThreatSeverity.HIGH, `Layer 2 confirmed: ${sentinelResult.class} (confidence: ${sentinelResult.confidence}, fingerprint: ${sentinelResult.fingerprint})`, {
|
|
189
197
|
patternName: threat.patternName,
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
198
|
+
requestSnippet: prompt.substring(0, 100),
|
|
199
|
+
blockLatencyMs,
|
|
200
|
+
threatClass: sentinelResult.class,
|
|
201
|
+
fingerprint: sentinelResult.fingerprint,
|
|
202
|
+
});
|
|
203
|
+
this.report(event);
|
|
204
|
+
throw new ShieldBlockError("Tracerney Block: Layer 2 Confirmed", event);
|
|
193
205
|
}
|
|
206
|
+
// Layer 2 cleared it — suspicious but allowed
|
|
207
|
+
return {
|
|
208
|
+
suspicious: true,
|
|
209
|
+
patternName: threat.patternName,
|
|
210
|
+
severity: threat.severity,
|
|
211
|
+
blocked: false,
|
|
212
|
+
};
|
|
194
213
|
}
|
|
195
|
-
|
|
196
|
-
|
|
214
|
+
catch (error) {
|
|
215
|
+
if (error instanceof ShieldBlockError)
|
|
216
|
+
throw error;
|
|
217
|
+
// Layer 2 unavailable — mark suspicious but don't block
|
|
197
218
|
return {
|
|
198
219
|
suspicious: true,
|
|
199
220
|
patternName: threat.patternName,
|
|
@@ -202,11 +223,15 @@ export class ShieldApplicationService {
|
|
|
202
223
|
};
|
|
203
224
|
}
|
|
204
225
|
}
|
|
205
|
-
//
|
|
206
|
-
return {
|
|
226
|
+
// No sentinel configured — surface the finding, let developer decide
|
|
227
|
+
return {
|
|
228
|
+
suspicious: true,
|
|
229
|
+
patternName: threat.patternName,
|
|
230
|
+
severity: threat.severity,
|
|
231
|
+
blocked: false,
|
|
232
|
+
};
|
|
207
233
|
}
|
|
208
234
|
finally {
|
|
209
|
-
// Jitter: Add random delay to obfuscate timing (always runs, masked from caller)
|
|
210
235
|
await jitter();
|
|
211
236
|
}
|
|
212
237
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ShieldApplicationService.js","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAA4C,MAAM,mCAAmC,CAAC;AAClH,OAAO,EAAE,SAAS,EAAiB,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAmB,MAAM,4BAA4B,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,GAEf,MAAM,kBAAkB,CAAC;AAK1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,qDAAqD,CAAC;
|
|
1
|
+
{"version":3,"file":"ShieldApplicationService.js","sourceRoot":"","sources":["../../src/application/ShieldApplicationService.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAA4C,MAAM,mCAAmC,CAAC;AAClH,OAAO,EAAE,SAAS,EAAiB,MAAM,2BAA2B,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAmB,MAAM,4BAA4B,CAAC;AAC/E,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,GAEf,MAAM,kBAAkB,CAAC;AAK1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6CAA6C,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,qDAAqD,CAAC;AA2C/F,MAAM,OAAO,wBAAwB;IAUnC,YAA6B,MAAsC;QAAtC,WAAM,GAAN,MAAM,CAAgC;QACjE,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAClD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,UAAU;QAC3C,iEAAiE;QACjE,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC;QAE/C,gEAAgE;QAChE,IAAI,CAAC,mBAAmB,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAErD,wEAAwE;QACxE,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAE3D,sEAAsE;QACtE,IAAI,CAAC,oBAAoB,EAAE,CAAC;IAC9B,CAAC;IAED;;;OAGG;IACK,oBAAoB;QAC1B,mDAAmD;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,YAAY,wBAAwB,KAAK,KAAK,EAAE,CAAC;YAChF,IAAI,CAAC,MAAM,CAAC,iBAAiB;iBAC1B,WAAW,EAAE;iBACb,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACjB,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACpC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC;gBACrD,CAAC;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CACV,iEAAiE,EACjE,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC,CAAC;QACP,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,gDAAgD;YAChD,iFAAiF;YACjF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;gBACpE,qEAAqE;gBACrE,oDAAoD;YACtD,CAAC;YAED,uBAAuB;YACvB,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE,CAAC;YAEpC,wEAAwE;YACxE,4EAA4E;YAC5E,EAAE;YACF,iDAAiD;YACjD,mFAAmF;YACnF,8CAA8C;YAC9C,EAAE;YACF,2EAA2E;YAC3E,wEAAwE;YACxE,wEAAwE;YACxE,4DAA4D;YAC5D,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,aAAa,EAAE,GACxC,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAEvD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACzC,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC;YAElC,IAAI,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;gBACtC,IAAI,KAAK,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;oBACxC,+DAA+D;oBAC/D,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,YAAY,KAAK,CAAC,MAAM,EAAE,EAC1B;wBACE,WAAW,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW;wBAC3C,cAAc,EAAE,SAAS;wBACzB,SAAS,EAAE,OAAO,EAAE,SAAS;wBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;qBAC5B,EACD,SAAS,CACV,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBACnB,MAAM,IAAI,gBAAgB,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;gBACnF,CAAC;gBAED,IAAI,KAAK,CAAC,KAAK,KAAK,mBAAmB,IAAI,KAAK,CAAC,KAAK,KAAK,qBAAqB,EAAE,CAAC;oBACjF,gFAAgF;oBAChF,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,QAAQ,EAC1B,cAAc,CAAC,IAAI,EACnB,YAAY,KAAK,CAAC,MAAM,EAAE,EAC1B;wBACE,WAAW,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW;wBAC3C,cAAc,EAAE,SAAS;wBACzB,SAAS,EAAE,OAAO,EAAE,SAAS;wBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;qBAC5B,EACD,SAAS,CACV,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACrB,CAAC;gBACD,8EAA8E;YAChF,CAAC;YAED,qCAAqC;YACrC,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC;YAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YAEhE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,KAAK,GAAG,mBAAmB,CAC/B,SAAS,EACT,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,SAAS,SAAS,CAAC,QAAQ,wBAAwB,EACnD;oBACE,QAAQ,EAAE,SAAS,CAAC,QAAQ;oBAC5B,cAAc,EAAE,SAAS,EAAE,0BAA0B;oBACrD,SAAS,EAAE,OAAO,EAAE,SAAS;oBAC7B,QAAQ,EAAE,OAAO,EAAE,QAAQ;iBAC5B,EACD,SAAS,CACV,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnB,MAAM,IAAI,gBAAgB,CACxB,uCAAuC,SAAS,CAAC,QAAQ,GAAG,EAC5D,KAAK,CACN,CAAC;YACJ,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,4BAA4B;YAC5B,IAAI,KAAK,YAAY,gBAAgB,EAAE,CAAC;gBACtC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,4DAA4D;YAC5D,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,SAAkB;QACjD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC/C,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;YAEjD,yEAAyE;YACzE,0EAA0E;YAC1E,wEAAwE;YACxE,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACxE,IAAI,WAAW,CAAC,YAAY,IAAI,WAAW,CAAC,KAAK,KAAK,mBAAmB,EAAE,CAAC;gBAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;gBAC9C,MAAM,KAAK,GAAG,mBAAmB,CAC/B,GAAG,EACH,iBAAiB,CAAC,iBAAiB,EACnC,cAAc,CAAC,QAAQ,EACvB,4BAA4B,WAAW,CAAC,MAAM,EAAE,EAChD;oBACE,WAAW,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW;oBACjD,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;oBACxC,cAAc;iBACf,CACF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnB,MAAM,IAAI,gBAAgB,CAAC,8CAA8C,EAAE,KAAK,CAAC,CAAC;YACpF,CAAC;YAED,oCAAoC;YACpC,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAE3D,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YAC/C,CAAC;YAED,MAAM,QAAQ,GACZ,MAAM,CAAC,QAAQ,KAAK,cAAc,CAAC,QAAQ;gBAC3C,MAAM,CAAC,QAAQ,KAAK,cAAc,CAAC,IAAI,CAAC;YAE1C,IAAI,QAAQ,EAAE,CAAC;gBACb,wEAAwE;gBACxE,sEAAsE;gBACtE,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;gBAC9C,MAAM,KAAK,GAAG,mBAAmB,CAC/B,GAAG,EACH,iBAAiB,CAAC,gBAAgB,EAClC,cAAc,CAAC,QAAQ,EACvB,oBAAoB,MAAM,CAAC,WAAW,KAAK,MAAM,CAAC,QAAQ,GAAG,EAC7D;oBACE,WAAW,EAAE,MAAM,CAAC,WAAW;oBAC/B,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;oBACxC,cAAc;iBACf,CACF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnB,MAAM,IAAI,gBAAgB,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;YAED,0EAA0E;YAC1E,yEAAyE;YACzE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,IAAI,CAAC;oBACH,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;oBAExE,IAAI,cAAc,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;wBACtC,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;wBAC9C,MAAM,KAAK,GAAG,mBAAmB,CAC/B,GAAG,EACH,iBAAiB,CAAC,gBAAgB,EAClC,cAAc,CAAC,IAAI,EACnB,sBAAsB,cAAc,CAAC,KAAK,iBAAiB,cAAc,CAAC,UAAU,kBAAkB,cAAc,CAAC,WAAW,GAAG,EACnI;4BACE,WAAW,EAAE,MAAM,CAAC,WAAW;4BAC/B,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;4BACxC,cAAc;4BACd,WAAW,EAAE,cAAc,CAAC,KAAK;4BACjC,WAAW,EAAE,cAAc,CAAC,WAAW;yBACxC,CACF,CAAC;wBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;wBACnB,MAAM,IAAI,gBAAgB,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;oBAC1E,CAAC;oBAED,8CAA8C;oBAC9C,OAAO;wBACL,UAAU,EAAE,IAAI;wBAChB,WAAW,EAAE,MAAM,CAAC,WAAW;wBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,OAAO,EAAE,KAAK;qBACf,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,IAAI,KAAK,YAAY,gBAAgB;wBAAE,MAAM,KAAK,CAAC;oBACnD,wDAAwD;oBACxD,OAAO;wBACL,UAAU,EAAE,IAAI;wBAChB,WAAW,EAAE,MAAM,CAAC,WAAW;wBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,OAAO,EAAE,KAAK;qBACf,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,qEAAqE;YACrE,OAAO;gBACL,UAAU,EAAE,IAAI;gBAChB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,OAAO,EAAE,KAAK;aACf,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,MAAM,MAAM,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,IAAY;QACnB,OAAO,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,KAAwB;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO;YACL,cAAc,EAAE;gBACd,KAAK,EAAE,IAAI,CAAC,cAAc,KAAK,IAAI;gBACnC,KAAK,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE;aACpC;YACD,SAAS,EAAE;gBACT,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;aAC/C;YACD,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI,CAAC,aAAa,KAAK,SAAS;gBACzC,MAAM,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE;aACxC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAoB;QACjC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;CACF"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sandrobuilds/tracerney",
|
|
3
|
-
"version": "0.9.
|
|
3
|
+
"version": "0.9.29",
|
|
4
4
|
"description": "Lightweight prompt injection detection with Layer 1 (258 patterns) + Layer 2 (AI verification). Runs locally with zero data storage. Upgrade to Pro for context-aware threat analysis at tracerney.com",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|