@sandrobuilds/tracerney 0.9.6

package/dist/application/ports/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/application/ports/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/application/utils/index.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Application utility exports
+ */
+export { normalizePrompt, normalizePrompts } from './normalizePrompt';
+export { jitter } from './jitter';
+//# sourceMappingURL=index.d.ts.map

package/dist/application/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/application/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC"}

package/dist/application/utils/index.js

@@ -0,0 +1,6 @@
+/**
+ * Application utility exports
+ */
+export { normalizePrompt, normalizePrompts } from './normalizePrompt.js';
+export { jitter } from './jitter.js';
+//# sourceMappingURL=index.js.map

package/dist/application/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/application/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC"}

package/dist/application/utils/jitter.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Latency jitter to obfuscate security layer timing
+ *
+ * Prevents attackers from timing responses to identify which security layer
+ * blocked their attack or determine if the system is even protecting them.
+ *
+ * Default range: 300-500ms (adds consistent overhead to all outcomes)
+ */
+export declare function jitter(minMs?: number, maxMs?: number): Promise<void>;
+//# sourceMappingURL=jitter.d.ts.map

package/dist/application/utils/jitter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jitter.d.ts","sourceRoot":"","sources":["../../../src/application/utils/jitter.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,wBAAsB,MAAM,CAAC,KAAK,GAAE,MAAY,EAAE,KAAK,GAAE,MAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAGpF"}

package/dist/application/utils/jitter.js

@@ -0,0 +1,13 @@
+/**
+ * Latency jitter to obfuscate security layer timing
+ *
+ * Prevents attackers from timing responses to identify which security layer
+ * blocked their attack or determine if the system is even protecting them.
+ *
+ * Default range: 300-500ms (adds consistent overhead to all outcomes)
+ */
+export async function jitter(minMs = 300, maxMs = 500) {
+    const delay = Math.random() * (maxMs - minMs) + minMs;
+    return new Promise((resolve) => setTimeout(resolve, delay));
+}
+//# sourceMappingURL=jitter.js.map

package/dist/application/utils/jitter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jitter.js","sourceRoot":"","sources":["../../../src/application/utils/jitter.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,QAAgB,GAAG,EAAE,QAAgB,GAAG;IACnE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,KAAK,CAAC;IACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAC9D,CAAC"}

package/dist/application/utils/normalizePrompt.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Normalize prompt text for consistent pattern matching
+ *
+ * Steps:
+ * 1. Lowercase
+ * 2. Unicode NFKC normalization (collapses homoglyphs: ｐ→p, ＡＢＣ→ABC)
+ * 3. Strip non-alphanumeric except basic punctuation
+ * 4. Collapse multiple whitespace → single space
+ * 5. Trim
+ *
+ * This prevents attackers from using Unicode tricks or weird spacing to bypass regex.
+ */
+export declare function normalizePrompt(input: string): string;
+/**
+ * Batch normalize multiple prompts
+ */
+export declare function normalizePrompts(inputs: string[]): string[];
+//# sourceMappingURL=normalizePrompt.d.ts.map

package/dist/application/utils/normalizePrompt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"normalizePrompt.d.ts","sourceRoot":"","sources":["../../../src/application/utils/normalizePrompt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAkBrD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAE3D"}

package/dist/application/utils/normalizePrompt.js

@@ -0,0 +1,36 @@
+/**
+ * Normalize prompt text for consistent pattern matching
+ *
+ * Steps:
+ * 1. Lowercase
+ * 2. Unicode NFKC normalization (collapses homoglyphs: ｐ→p, ＡＢＣ→ABC)
+ * 3. Strip non-alphanumeric except basic punctuation
+ * 4. Collapse multiple whitespace → single space
+ * 5. Trim
+ *
+ * This prevents attackers from using Unicode tricks or weird spacing to bypass regex.
+ */
+export function normalizePrompt(input) {
+    if (!input || typeof input !== 'string') {
+        return '';
+    }
+    let normalized = input
+        // Step 1: Lowercase
+        .toLowerCase()
+        // Step 2: Unicode normalization (NFKC collapses fullwidth, superscripts, ligatures, etc.)
+        .normalize('NFKC')
+        // Step 3: Keep only alphanumeric + basic punctuation (. , ! ? ' " - _ ( ) [ ])
+        .replace(/[^\w\s.,'!?"_\-()[\]]/g, '')
+        // Step 4: Collapse multiple spaces/newlines/tabs into single space
+        .replace(/\s+/g, ' ')
+        // Step 5: Trim
+        .trim();
+    return normalized;
+}
+/**
+ * Batch normalize multiple prompts
+ */
+export function normalizePrompts(inputs) {
+    return inputs.map(normalizePrompt);
+}
+//# sourceMappingURL=normalizePrompt.js.map

package/dist/application/utils/normalizePrompt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"normalizePrompt.js","sourceRoot":"","sources":["../../../src/application/utils/normalizePrompt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,UAAU,GAAG,KAAK;QACpB,oBAAoB;SACnB,WAAW,EAAE;QACd,0FAA0F;SACzF,SAAS,CAAC,MAAM,CAAC;QAClB,+EAA+E;SAC9E,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC;QACtC,mEAAmE;SAClE,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;QACrB,eAAe;SACd,IAAI,EAAE,CAAC;IAEV,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAgB;IAC/C,OAAO,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;AACrC,CAAC"}

package/dist/domain/detection/InjectionThreat.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Injection Threat
+ * Domain value object: represents a confirmed pattern match
+ */
+import { ThreatSeverity } from "../events/ThreatSeverity";
+import { PatternCategory } from "./VanguardPattern";
+export interface InjectionThreat {
+    readonly patternId: string;
+    readonly patternName: string;
+    readonly category: PatternCategory;
+    readonly severity: ThreatSeverity;
+    readonly description: string;
+    readonly matchedAt: number;
+}
+/**
+ * Factory to create an InjectionThreat from a matched pattern
+ */
+export declare function createInjectionThreat(patternId: string, patternName: string, category: PatternCategory, severity: ThreatSeverity, description: string, matchedAt?: number): InjectionThreat;
+//# sourceMappingURL=InjectionThreat.d.ts.map

package/dist/domain/detection/InjectionThreat.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"InjectionThreat.d.ts","sourceRoot":"","sources":["../../../src/domain/detection/InjectionThreat.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAC;IACnC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,eAAe,EACzB,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,MAAM,EACnB,SAAS,CAAC,EAAE,MAAM,GACjB,eAAe,CASjB"}

package/dist/domain/detection/InjectionThreat.js

@@ -0,0 +1,18 @@
+/**
+ * Injection Threat
+ * Domain value object: represents a confirmed pattern match
+ */
+/**
+ * Factory to create an InjectionThreat from a matched pattern
+ */
+export function createInjectionThreat(patternId, patternName, category, severity, description, matchedAt) {
+    return {
+        patternId,
+        patternName,
+        category,
+        severity,
+        description,
+        matchedAt: matchedAt ?? Date.now(),
+    };
+}
+//# sourceMappingURL=InjectionThreat.js.map

package/dist/domain/detection/InjectionThreat.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"InjectionThreat.js","sourceRoot":"","sources":["../../../src/domain/detection/InjectionThreat.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,SAAiB,EACjB,WAAmB,EACnB,QAAyB,EACzB,QAAwB,EACxB,WAAmB,EACnB,SAAkB;IAElB,OAAO;QACL,SAAS;QACT,WAAW;QACX,QAAQ;QACR,QAAQ;QACR,WAAW;QACX,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;KACnC,CAAC;AACJ,CAAC"}

package/dist/domain/detection/PatternMatcher.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Pattern Matcher
+ * Domain service: pure injection detection logic, no I/O side effects
+ */
+import { VanguardPattern } from "./VanguardPattern";
+import { InjectionThreat } from "./InjectionThreat";
+export interface PatternMatcherStats {
+    readonly totalPatterns: number;
+    readonly bySeverity: {
+        readonly critical: number;
+        readonly high: number;
+        readonly medium: number;
+        readonly low: number;
+    };
+    readonly byCategory: Record<string, number>;
+}
+export declare class PatternMatcher {
+    private readonly patterns;
+    constructor(patterns: readonly VanguardPattern[]);
+    /**
+     * Scan a prompt against all patterns.
+     * Returns on first match (early exit for <2ms latency).
+     * Returns null if no match found.
+     */
+    match(prompt: string): InjectionThreat | null;
+    /**
+     * Scan a prompt and return all matches.
+     * Used for audit/analysis purposes.
+     */
+    matchAll(prompt: string): InjectionThreat[];
+    /**
+     * Get statistics about the loaded patterns
+     */
+    stats(): PatternMatcherStats;
+}
+//# sourceMappingURL=PatternMatcher.d.ts.map

package/dist/domain/detection/PatternMatcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PatternMatcher.d.ts","sourceRoot":"","sources":["../../../src/domain/detection/PatternMatcher.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAyB,MAAM,mBAAmB,CAAC;AAE3E,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,UAAU,EAAE;QACnB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC7C;AAED,qBAAa,cAAc;IACb,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,SAAS,eAAe,EAAE;IAMjE;;;;OAIG;IACH,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI;IAqB7C;;;OAGG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe,EAAE;IAsB3C;;OAEG;IACH,KAAK,IAAI,mBAAmB;CAkB7B"}

package/dist/domain/detection/PatternMatcher.js

@@ -0,0 +1,65 @@
+/**
+ * Pattern Matcher
+ * Domain service: pure injection detection logic, no I/O side effects
+ */
+import { createInjectionThreat } from './InjectionThreat.js';
+export class PatternMatcher {
+    constructor(patterns) {
+        this.patterns = patterns;
+        if (!patterns || patterns.length === 0) {
+            throw new Error("[PatternMatcher] At least one pattern is required");
+        }
+    }
+    /**
+     * Scan a prompt against all patterns.
+     * Returns on first match (early exit for <2ms latency).
+     * Returns null if no match found.
+     */
+    match(prompt) {
+        if (!prompt || typeof prompt !== "string") {
+            return null;
+        }
+        // Early exit on first match
+        for (const pattern of this.patterns) {
+            if (pattern.pattern.test(prompt)) {
+                return createInjectionThreat(pattern.id, pattern.name, pattern.category, pattern.severity, pattern.description);
+            }
+        }
+        return null;
+    }
+    /**
+     * Scan a prompt and return all matches.
+     * Used for audit/analysis purposes.
+     */
+    matchAll(prompt) {
+        if (!prompt || typeof prompt !== "string") {
+            return [];
+        }
+        const matches = [];
+        for (const pattern of this.patterns) {
+            if (pattern.pattern.test(prompt)) {
+                matches.push(createInjectionThreat(pattern.id, pattern.name, pattern.category, pattern.severity, pattern.description));
+            }
+        }
+        return matches;
+    }
+    /**
+     * Get statistics about the loaded patterns
+     */
+    stats() {
+        return {
+            totalPatterns: this.patterns.length,
+            bySeverity: {
+                critical: this.patterns.filter((p) => p.severity === "critical").length,
+                high: this.patterns.filter((p) => p.severity === "high").length,
+                medium: this.patterns.filter((p) => p.severity === "medium").length,
+                low: this.patterns.filter((p) => p.severity === "low").length,
+            },
+            byCategory: this.patterns.reduce((acc, p) => {
+                acc[p.category] = (acc[p.category] || 0) + 1;
+                return acc;
+            }, {}),
+        };
+    }
+}
+//# sourceMappingURL=PatternMatcher.js.map

package/dist/domain/detection/PatternMatcher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PatternMatcher.js","sourceRoot":"","sources":["../../../src/domain/detection/PatternMatcher.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAmB,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAa3E,MAAM,OAAO,cAAc;IACzB,YAA6B,QAAoC;QAApC,aAAQ,GAAR,QAAQ,CAA4B;QAC/D,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAc;QAClB,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4BAA4B;QAC5B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,qBAAqB,CAC1B,OAAO,CAAC,EAAE,EACV,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,WAAW,CACpB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,MAAc;QACrB,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,OAAO,GAAsB,EAAE,CAAC;QACtC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,CAAC,IAAI,CACV,qBAAqB,CACnB,OAAO,CAAC,EAAE,EACV,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,WAAW,CACpB,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;YACnC,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;gBACvE,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;gBAC/D,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;gBACnE,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;aAC9D;YACD,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAC9B,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;gBACT,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBAC7C,OAAO,GAAG,CAAC;YACb,CAAC,EACD,EAA4B,CAC7B;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/domain/detection/VanguardPattern.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Vanguard Pattern
+ * Domain value object: immutable pattern definition for injection detection
+ */
+import { ThreatSeverity } from "../events/ThreatSeverity";
+export type PatternCategory = "system_override" | "prompt_leak" | "privilege_escalation" | "data_exfiltration" | "code_injection" | "unknown";
+export interface VanguardPattern {
+    readonly id: string;
+    readonly name: string;
+    readonly pattern: RegExp;
+    readonly severity: ThreatSeverity;
+    readonly description: string;
+    readonly category: PatternCategory;
+}
+/**
+ * Factory to create a VanguardPattern with validation
+ */
+export declare function createVanguardPattern(id: string, name: string, pattern: RegExp, severity: ThreatSeverity, description: string, category: PatternCategory): VanguardPattern;
+//# sourceMappingURL=VanguardPattern.d.ts.map

package/dist/domain/detection/VanguardPattern.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"VanguardPattern.d.ts","sourceRoot":"","sources":["../../../src/domain/detection/VanguardPattern.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAE1D,MAAM,MAAM,eAAe,GACvB,iBAAiB,GACjB,aAAa,GACb,sBAAsB,GACtB,mBAAmB,GACnB,gBAAgB,GAChB,SAAS,CAAC;AAEd,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAC;CACpC;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,eAAe,GACxB,eAAe,CAYjB"}

package/dist/domain/detection/VanguardPattern.js

@@ -0,0 +1,21 @@
+/**
+ * Vanguard Pattern
+ * Domain value object: immutable pattern definition for injection detection
+ */
+/**
+ * Factory to create a VanguardPattern with validation
+ */
+export function createVanguardPattern(id, name, pattern, severity, description, category) {
+    if (!id || !name || !pattern || !description) {
+        throw new Error("[VanguardPattern] All required fields must be non-empty");
+    }
+    return {
+        id,
+        name,
+        pattern,
+        severity,
+        description,
+        category,
+    };
+}
+//# sourceMappingURL=VanguardPattern.js.map

package/dist/domain/detection/VanguardPattern.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"VanguardPattern.js","sourceRoot":"","sources":["../../../src/domain/detection/VanguardPattern.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAqBH;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,EAAU,EACV,IAAY,EACZ,OAAe,EACf,QAAwB,EACxB,WAAmB,EACnB,QAAyB;IAEzB,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IACD,OAAO;QACL,EAAE;QACF,IAAI;QACJ,OAAO;QACP,QAAQ;QACR,WAAW;QACX,QAAQ;KACT,CAAC;AACJ,CAAC"}

package/dist/domain/detection/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Detection Bounded Context
+ * Barrel export
+ */
+export { createVanguardPattern } from "./VanguardPattern";
+export type { VanguardPattern, PatternCategory } from "./VanguardPattern";
+export { createInjectionThreat } from "./InjectionThreat";
+export type { InjectionThreat } from "./InjectionThreat";
+export { PatternMatcher } from "./PatternMatcher";
+export type { PatternMatcherStats } from "./PatternMatcher";
+//# sourceMappingURL=index.d.ts.map

package/dist/domain/detection/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/domain/detection/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAE1E,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEzD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,YAAY,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/domain/detection/index.js

@@ -0,0 +1,8 @@
+/**
+ * Detection Bounded Context
+ * Barrel export
+ */
+export { createVanguardPattern } from './VanguardPattern.js';
+export { createInjectionThreat } from './InjectionThreat.js';
+export { PatternMatcher } from './PatternMatcher.js';
+//# sourceMappingURL=index.js.map

package/dist/domain/detection/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/domain/detection/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAG1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAG1D,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/domain/events/SecurityEvent.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Security Event
+ * Domain entity: represents a security incident that was blocked
+ * Has identity (eventId), immutable after construction
+ */
+import { SecurityEventType } from "./SecurityEventType";
+import { ThreatSeverity } from "./ThreatSeverity";
+export interface SecurityEventMetadata {
+    readonly toolName?: string;
+    readonly patternName?: string;
+    readonly requestSnippet?: string;
+    readonly blockLatencyMs?: number;
+    readonly modelName?: string;
+    readonly provider?: string;
+}
+export interface SecurityEvent {
+    readonly id: string;
+    readonly requestId: string;
+    readonly type: SecurityEventType;
+    readonly severity: ThreatSeverity;
+    readonly timestamp: number;
+    readonly blockReason: string;
+    readonly metadata: SecurityEventMetadata;
+    readonly anonymized: boolean;
+}
+/**
+ * Factory function to construct a SecurityEvent with a unique ID
+ */
+export declare function createSecurityEvent(requestId: string, type: SecurityEventType, severity: ThreatSeverity, blockReason: string, metadata: SecurityEventMetadata, timestamp?: number): SecurityEvent;
+//# sourceMappingURL=SecurityEvent.d.ts.map

package/dist/domain/events/SecurityEvent.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityEvent.d.ts","sourceRoot":"","sources":["../../../src/domain/events/SecurityEvent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAElD,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC;IACjC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IACzC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;CAC9B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,iBAAiB,EACvB,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,qBAAqB,EAC/B,SAAS,CAAC,EAAE,MAAM,GACjB,aAAa,CAWf"}

package/dist/domain/events/SecurityEvent.js

@@ -0,0 +1,21 @@
+/**
+ * Security Event
+ * Domain entity: represents a security incident that was blocked
+ * Has identity (eventId), immutable after construction
+ */
+/**
+ * Factory function to construct a SecurityEvent with a unique ID
+ */
+export function createSecurityEvent(requestId, type, severity, blockReason, metadata, timestamp) {
+    return {
+        id: `event_${Date.now()}_${Math.random().toString(36).substring(2, 9)}`,
+        requestId,
+        type,
+        severity,
+        timestamp: timestamp ?? Date.now(),
+        blockReason,
+        metadata,
+        anonymized: true,
+    };
+}
+//# sourceMappingURL=SecurityEvent.js.map

package/dist/domain/events/SecurityEvent.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityEvent.js","sourceRoot":"","sources":["../../../src/domain/events/SecurityEvent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAyBH;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,SAAiB,EACjB,IAAuB,EACvB,QAAwB,EACxB,WAAmB,EACnB,QAA+B,EAC/B,SAAkB;IAElB,OAAO;QACL,EAAE,EAAE,SAAS,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QACvE,SAAS;QACT,IAAI;QACJ,QAAQ;QACR,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;QAClC,WAAW;QACX,QAAQ;QACR,UAAU,EAAE,IAAI;KACjB,CAAC;AACJ,CAAC"}

package/dist/domain/events/SecurityEventType.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Security Event Types
+ * Domain value object (enum)
+ */
+export declare enum SecurityEventType {
+    PROMPT_INJECTION = "PROMPT_INJECTION",
+    UNAUTHORIZED_TOOL = "UNAUTHORIZED_TOOL",
+    PATTERN_MATCH = "PATTERN_MATCH",
+    SCHEMA_VIOLATION = "SCHEMA_VIOLATION"
+}
+export type SecurityEventTypeString = keyof typeof SecurityEventType;
+export declare function isSecurityEventType(value: unknown): value is SecurityEventType;
+//# sourceMappingURL=SecurityEventType.d.ts.map

package/dist/domain/events/SecurityEventType.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityEventType.d.ts","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oBAAY,iBAAiB;IAC3B,gBAAgB,qBAAqB;IACrC,iBAAiB,sBAAsB;IACvC,aAAa,kBAAkB;IAC/B,gBAAgB,qBAAqB;CACtC;AAED,MAAM,MAAM,uBAAuB,GAAG,MAAM,OAAO,iBAAiB,CAAC;AAErE,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,iBAAiB,CAE9E"}

package/dist/domain/events/SecurityEventType.js

@@ -0,0 +1,15 @@
+/**
+ * Security Event Types
+ * Domain value object (enum)
+ */
+export var SecurityEventType;
+(function (SecurityEventType) {
+    SecurityEventType["PROMPT_INJECTION"] = "PROMPT_INJECTION";
+    SecurityEventType["UNAUTHORIZED_TOOL"] = "UNAUTHORIZED_TOOL";
+    SecurityEventType["PATTERN_MATCH"] = "PATTERN_MATCH";
+    SecurityEventType["SCHEMA_VIOLATION"] = "SCHEMA_VIOLATION";
+})(SecurityEventType || (SecurityEventType = {}));
+export function isSecurityEventType(value) {
+    return Object.values(SecurityEventType).includes(value);
+}
+//# sourceMappingURL=SecurityEventType.js.map

package/dist/domain/events/SecurityEventType.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecurityEventType.js","sourceRoot":"","sources":["../../../src/domain/events/SecurityEventType.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,CAAN,IAAY,iBAKX;AALD,WAAY,iBAAiB;IAC3B,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IACvC,oDAA+B,CAAA;IAC/B,0DAAqC,CAAA;AACvC,CAAC,EALW,iBAAiB,KAAjB,iBAAiB,QAK5B;AAID,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,OAAO,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC,KAA0B,CAAC,CAAC;AAC/E,CAAC"}

package/dist/domain/events/ThreatSeverity.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Threat Severity Levels
+ * Domain value object (enum)
+ */
+export declare enum ThreatSeverity {
+    LOW = "low",
+    MEDIUM = "medium",
+    HIGH = "high",
+    CRITICAL = "critical"
+}
+export type ThreatSeverityString = keyof typeof ThreatSeverity;
+export declare function isThreatSeverity(value: unknown): value is ThreatSeverity;
+//# sourceMappingURL=ThreatSeverity.d.ts.map

package/dist/domain/events/ThreatSeverity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ThreatSeverity.d.ts","sourceRoot":"","sources":["../../../src/domain/events/ThreatSeverity.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,oBAAY,cAAc;IACxB,GAAG,QAAQ;IACX,MAAM,WAAW;IACjB,IAAI,SAAS;IACb,QAAQ,aAAa;CACtB;AAED,MAAM,MAAM,oBAAoB,GAAG,MAAM,OAAO,cAAc,CAAC;AAE/D,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,cAAc,CAExE"}

package/dist/domain/events/ThreatSeverity.js

@@ -0,0 +1,15 @@
+/**
+ * Threat Severity Levels
+ * Domain value object (enum)
+ */
+export var ThreatSeverity;
+(function (ThreatSeverity) {
+    ThreatSeverity["LOW"] = "low";
+    ThreatSeverity["MEDIUM"] = "medium";
+    ThreatSeverity["HIGH"] = "high";
+    ThreatSeverity["CRITICAL"] = "critical";
+})(ThreatSeverity || (ThreatSeverity = {}));
+export function isThreatSeverity(value) {
+    return Object.values(ThreatSeverity).includes(value);
+}
+//# sourceMappingURL=ThreatSeverity.js.map

package/dist/domain/events/ThreatSeverity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ThreatSeverity.js","sourceRoot":"","sources":["../../../src/domain/events/ThreatSeverity.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,CAAN,IAAY,cAKX;AALD,WAAY,cAAc;IACxB,6BAAW,CAAA;IACX,mCAAiB,CAAA;IACjB,+BAAa,CAAA;IACb,uCAAqB,CAAA;AACvB,CAAC,EALW,cAAc,KAAd,cAAc,QAKzB;AAID,MAAM,UAAU,gBAAgB,CAAC,KAAc;IAC7C,OAAO,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,KAAuB,CAAC,CAAC;AACzE,CAAC"}

package/dist/domain/events/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Events Bounded Context
+ * Barrel export
+ */
+export { ThreatSeverity, isThreatSeverity } from "./ThreatSeverity";
+export type { ThreatSeverityString } from "./ThreatSeverity";
+export { SecurityEventType, isSecurityEventType } from "./SecurityEventType";
+export type { SecurityEventTypeString } from "./SecurityEventType";
+export { createSecurityEvent } from "./SecurityEvent";
+export type { SecurityEvent, SecurityEventMetadata } from "./SecurityEvent";
+//# sourceMappingURL=index.d.ts.map

package/dist/domain/events/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/domain/events/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpE,YAAY,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAE7D,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC7E,YAAY,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/domain/events/index.js

@@ -0,0 +1,8 @@
+/**
+ * Events Bounded Context
+ * Barrel export
+ */
+export { ThreatSeverity, isThreatSeverity } from './ThreatSeverity.js';
+export { SecurityEventType, isSecurityEventType } from './SecurityEventType.js';
+export { createSecurityEvent } from './SecurityEvent.js';
+//# sourceMappingURL=index.js.map

package/dist/domain/events/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/domain/events/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGpE,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAG7E,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/domain/guard/ToolGuard.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Tool Guard
+ * Domain service: pure tool call validation, no I/O side effects
+ * Does NOT throw — callers decide what to do with violations
+ */
+import { ToolPolicy } from "./ToolPolicy";
+import { ToolViolation } from "./ToolViolation";
+export interface ToolCall {
+    readonly id: string;
+    readonly function: {
+        readonly name: string;
+        readonly arguments?: string | Record<string, unknown>;
+    };
+    readonly type?: "function";
+}
+export declare class ToolGuard {
+    private policy;
+    constructor(policy: ToolPolicy);
+    /**
+     * Validate a set of tool calls against the policy.
+     * Returns null if all tools are compliant.
+     * Returns the first violation found.
+     * Does NOT throw.
+     */
+    validate(toolCalls: readonly ToolCall[] | undefined, requestId: string): ToolViolation | null;
+    /**
+     * Update the policy at runtime
+     */
+    updatePolicy(policy: ToolPolicy): void;
+    /**
+     * Get current allowed tools (for diagnostics)
+     */
+    getAllowedTools(): readonly string[];
+}
+//# sourceMappingURL=ToolGuard.d.ts.map

package/dist/domain/guard/ToolGuard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolGuard.d.ts","sourceRoot":"","sources":["../../../src/domain/guard/ToolGuard.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAiB,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,aAAa,EAAuB,MAAM,iBAAiB,CAAC;AAErE,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,QAAQ,EAAE;QACjB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QACtB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACvD,CAAC;IACF,QAAQ,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC;CAC5B;AAED,qBAAa,SAAS;IACR,OAAO,CAAC,MAAM;gBAAN,MAAM,EAAE,UAAU;IAMtC;;;;;OAKG;IACH,QAAQ,CACN,SAAS,EAAE,SAAS,QAAQ,EAAE,GAAG,SAAS,EAC1C,SAAS,EAAE,MAAM,GAChB,aAAa,GAAG,IAAI;IAgBvB;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAOtC;;OAEG;IACH,eAAe,IAAI,SAAS,MAAM,EAAE;CAGrC"}

package/dist/domain/guard/ToolGuard.js

@@ -0,0 +1,49 @@
+/**
+ * Tool Guard
+ * Domain service: pure tool call validation, no I/O side effects
+ * Does NOT throw — callers decide what to do with violations
+ */
+import { isToolAllowed } from './ToolPolicy.js';
+import { createToolViolation } from './ToolViolation.js';
+export class ToolGuard {
+    constructor(policy) {
+        this.policy = policy;
+        if (!policy || !policy.allowedTools) {
+            throw new Error("[ToolGuard] Policy is required");
+        }
+    }
+    /**
+     * Validate a set of tool calls against the policy.
+     * Returns null if all tools are compliant.
+     * Returns the first violation found.
+     * Does NOT throw.
+     */
+    validate(toolCalls, requestId) {
+        if (!toolCalls || toolCalls.length === 0) {
+            return null; // No tools called — compliant
+        }
+        for (const toolCall of toolCalls) {
+            const toolName = toolCall.function.name;
+            if (!isToolAllowed(this.policy, toolName)) {
+                return createToolViolation(toolName, requestId);
+            }
+        }
+        return null; // All tools are allowed
+    }
+    /**
+     * Update the policy at runtime
+     */
+    updatePolicy(policy) {
+        if (!policy || !policy.allowedTools) {
+            throw new Error("[ToolGuard] Policy is required");
+        }
+        this.policy = policy;
+    }
+    /**
+     * Get current allowed tools (for diagnostics)
+     */
+    getAllowedTools() {
+        return Array.from(this.policy.allowedTools);
+    }
+}
+//# sourceMappingURL=ToolGuard.js.map