@sandrobuilds/tracerney 0.9.6

package/dist/domain/guard/ToolGuard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolGuard.js","sourceRoot":"","sources":["../../../src/domain/guard/ToolGuard.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAc,aAAa,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EAAiB,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAWrE,MAAM,OAAO,SAAS;IACpB,YAAoB,MAAkB;QAAlB,WAAM,GAAN,MAAM,CAAY;QACpC,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CACN,SAA0C,EAC1C,SAAiB;QAEjB,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC,CAAC,8BAA8B;QAC7C,CAAC;QAED,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;YAExC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;gBAC1C,OAAO,mBAAmB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,CAAC,wBAAwB;IACvC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAkB;QAC7B,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC9C,CAAC;CACF"}

package/dist/domain/guard/ToolPolicy.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Tool Policy
+ * Domain value object: the allow-list rule set
+ */
+export interface ToolPolicy {
+    readonly allowedTools: ReadonlySet<string>;
+}
+/**
+ * Factory to create a ToolPolicy from an array
+ */
+export declare function createToolPolicy(allowedTools: readonly string[]): ToolPolicy;
+/**
+ * Check if a tool is allowed by the policy
+ */
+export declare function isToolAllowed(policy: ToolPolicy, toolName: string): boolean;
+//# sourceMappingURL=ToolPolicy.d.ts.map

package/dist/domain/guard/ToolPolicy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolPolicy.d.ts","sourceRoot":"","sources":["../../../src/domain/guard/ToolPolicy.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,YAAY,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAC5C;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,GAAG,UAAU,CAI5E;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAE3E"}

package/dist/domain/guard/ToolPolicy.js

@@ -0,0 +1,19 @@
+/**
+ * Tool Policy
+ * Domain value object: the allow-list rule set
+ */
+/**
+ * Factory to create a ToolPolicy from an array
+ */
+export function createToolPolicy(allowedTools) {
+    return {
+        allowedTools: new Set(allowedTools),
+    };
+}
+/**
+ * Check if a tool is allowed by the policy
+ */
+export function isToolAllowed(policy, toolName) {
+    return policy.allowedTools.has(toolName);
+}
+//# sourceMappingURL=ToolPolicy.js.map

package/dist/domain/guard/ToolPolicy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolPolicy.js","sourceRoot":"","sources":["../../../src/domain/guard/ToolPolicy.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,YAA+B;IAC9D,OAAO;QACL,YAAY,EAAE,IAAI,GAAG,CAAC,YAAY,CAAC;KACpC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAkB,EAAE,QAAgB;IAChE,OAAO,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAC3C,CAAC"}

package/dist/domain/guard/ToolViolation.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Tool Violation
+ * Domain value object: result of a policy breach
+ */
+export interface ToolViolation {
+    readonly toolName: string;
+    readonly requestId: string;
+    readonly detectedAt: number;
+}
+/**
+ * Factory to create a ToolViolation
+ */
+export declare function createToolViolation(toolName: string, requestId: string, detectedAt?: number): ToolViolation;
+//# sourceMappingURL=ToolViolation.d.ts.map

package/dist/domain/guard/ToolViolation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolViolation.d.ts","sourceRoot":"","sources":["../../../src/domain/guard/ToolViolation.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,UAAU,CAAC,EAAE,MAAM,GAClB,aAAa,CAMf"}

package/dist/domain/guard/ToolViolation.js

@@ -0,0 +1,15 @@
+/**
+ * Tool Violation
+ * Domain value object: result of a policy breach
+ */
+/**
+ * Factory to create a ToolViolation
+ */
+export function createToolViolation(toolName, requestId, detectedAt) {
+    return {
+        toolName,
+        requestId,
+        detectedAt: detectedAt ?? Date.now(),
+    };
+}
+//# sourceMappingURL=ToolViolation.js.map

package/dist/domain/guard/ToolViolation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ToolViolation.js","sourceRoot":"","sources":["../../../src/domain/guard/ToolViolation.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,SAAiB,EACjB,UAAmB;IAEnB,OAAO;QACL,QAAQ;QACR,SAAS;QACT,UAAU,EAAE,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE;KACrC,CAAC;AACJ,CAAC"}

package/dist/domain/guard/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Guard Bounded Context
+ * Barrel export
+ */
+export { createToolPolicy, isToolAllowed } from "./ToolPolicy";
+export type { ToolPolicy } from "./ToolPolicy";
+export { createToolViolation } from "./ToolViolation";
+export type { ToolViolation } from "./ToolViolation";
+export { ToolGuard } from "./ToolGuard";
+export type { ToolCall } from "./ToolGuard";
+//# sourceMappingURL=index.d.ts.map

package/dist/domain/guard/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/domain/guard/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC/D,YAAY,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE/C,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAErD,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,YAAY,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC"}

package/dist/domain/guard/index.js

@@ -0,0 +1,8 @@
+/**
+ * Guard Bounded Context
+ * Barrel export
+ */
+export { createToolPolicy, isToolAllowed } from './ToolPolicy.js';
+export { createToolViolation } from './ToolViolation.js';
+export { ToolGuard } from './ToolGuard.js';
+//# sourceMappingURL=index.js.map

package/dist/domain/guard/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/domain/guard/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAGtD,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,168 @@
+/**
+ * Tracerny
+ * Transparent Proxy Runtime Sentinel for Prompt Injection Defense
+ *
+ * @example
+ * ```typescript
+ * import { Tracerny } from 'tracerney';
+ *
+ * const shield = new Tracerny({
+ *   allowedTools: ['search', 'calculator'],
+ *   apiEndpoint: 'https://api.myapp.com/v1/signal',
+ * });
+ *
+ * const response = await shield.wrap(() =>
+ *   openai.chat.completions.create({...})
+ * );
+ * ```
+ */
+import { type WrapOptions, type ServiceStatus } from "./application";
+import { ShieldBlockError } from "./application/ShieldBlockError";
+import { type LLMResponse } from "./application/ports/ILLMProvider";
+/**
+ * Public configuration for Tracerny
+ */
+export interface TracernyOptions {
+    /**
+     * List of tool names the LLM is allowed to call
+     */
+    allowedTools?: string[];
+    /**
+     * Base URL for your Tracerny backend (RECOMMENDED)
+     * Automatically constructs all required endpoints:
+     * - Signal endpoint: {baseUrl}/api/v1/signal
+     * - Verification endpoint: {baseUrl}/api/v1/verify-prompt
+     * - Shadow log endpoint: {baseUrl}/api/v1/shadow-log
+     * - Definitions endpoint: {baseUrl}/api/v1/definitions
+     *
+     * Example: https://myapp.com or http://localhost:3000
+     *
+     * If provided, individual endpoint URLs below are ignored.
+     */
+    baseUrl?: string;
+    /**
+     * Your backend's Signal Sink endpoint for receiving security events
+     * Only needed if NOT using baseUrl
+     * Example: https://myapp.com/api/v1/signal
+     */
+    apiEndpoint?: string;
+    /**
+     * API key for Signal Sink (optional, sent in Authorization header)
+     */
+    apiKey?: string;
+    /**
+     * URL to fetch pattern manifest from (for zero-day updates)
+     * If not provided, bundled patterns are used
+     */
+    manifestUrl?: string;
+    /**
+     * Enable telemetry reporting (default: true)
+     */
+    enableTelemetry?: boolean;
+    /**
+     * Local path to cache manifest (useful in serverless, e.g., /tmp)
+     */
+    localManifestPath?: string;
+    /**
+     * Layer 2: Backend endpoint for LLM verification
+     * SDK sends suspicious prompts here (backend calls OpenRouter internally)
+     * Example: https://myapp.com/api/v1/verify-prompt
+     */
+    sentinelEndpoint?: string;
+    /**
+     * Endpoint for shadow log (records of potential attacks)
+     * Example: https://myapp.com/api/v1/shadow-log
+     */
+    shadowLogEndpoint?: string;
+    /**
+     * Enable Layer 2 LLM Sentinel (default: true if sentinelEndpoint provided)
+     */
+    sentinelEnabled?: boolean;
+}
+/**
+ * Tracerny Facade
+ * Main entry point for the SDK
+ * Wires all dependencies: domain + application + infrastructure
+ */
+export declare class Tracerny {
+    private service;
+    /**
+     * Constructor: wires the full dependency graph
+     */
+    constructor(options?: TracernyOptions);
+    /**
+     * Resolves baseUrl into individual endpoint URLs
+     * baseUrl takes precedence over individual endpoint options
+     */
+    private resolveEndpoints;
+    /**
+     * Main wrapper for LLM calls
+     *
+     * @param llmCall - Function that executes the LLM call
+     * @param options - Optional: prompt for pre-LLM scanning, request context
+     *
+     * @throws ShieldBlockError if an injection or unauthorized tool is detected
+     * @throws Other errors from the LLM provider or network failures
+     *
+     * @example
+     * ```typescript
+     * // With optional prompt for pre-LLM scanning (fixes Gap 3)
+     * const response = await shield.wrap(
+     *   () => openai.chat.completions.create({...}),
+     *   { prompt: userInput }
+     * );
+     * ```
+     */
+    wrap<T extends LLMResponse>(llmCall: () => Promise<T>, options?: WrapOptions): Promise<T>;
+    /**
+     * Scan a raw prompt for injection attempts (standalone use)
+     *
+     * @param prompt - The user input to scan
+     * @throws ShieldBlockError if injection is detected
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   await shield.scanPrompt(userInput);
+     *   // Safe to proceed
+     * } catch (err) {
+     *   if (err instanceof ShieldBlockError) {
+     *     // Attack detected
+     *   }
+     * }
+     * ```
+     */
+    scanPrompt(prompt: string): Promise<void>;
+    /**
+     * Update allowed tools at runtime
+     *
+     * @param tools - New list of allowed tool names
+     */
+    setAllowedTools(tools: string[]): void;
+    /**
+     * Get Shield status and diagnostics
+     */
+    getStatus(): ServiceStatus;
+    /**
+     * Graceful shutdown: flushes telemetry and releases resources
+     * Call this before process exit
+     */
+    destroy(): void;
+}
+export { ShieldBlockError };
+export type { WrapOptions, ServiceStatus, LLMResponse };
+export type { VanguardPattern, PatternCategory, InjectionThreat, } from "./domain/detection";
+export type { ToolPolicy, ToolViolation } from "./domain/guard";
+export type { SecurityEvent, SecurityEventMetadata, ThreatSeverity, SecurityEventType, } from "./domain/events";
+export type { ILLMProvider, LLMRequest, LLMMessage, LLMChoice, ToolCall, LLMTool, TokenUsage, ITelemetrySink, IPatternRepository, } from "./application";
+export { BundledPatternRepository, RemotePatternRepository } from "./infrastructure/patterns";
+export type { RemotePatternRepositoryConfig } from "./infrastructure/patterns";
+export { normalizePrompt, normalizePrompts, jitter } from "./application/utils";
+export { HttpSignalSink } from "./infrastructure/telemetry";
+export type { HttpSignalSinkConfig } from "./infrastructure/telemetry";
+export { LLMSentinel } from "./infrastructure/sentinel/LLMSentinel";
+export type { LLMSentinelOptions } from "./infrastructure/sentinel/LLMSentinel";
+export { HttpShadowLogSink } from "./infrastructure/telemetry/HttpShadowLogSink";
+export type { ShadowLogPayload } from "./infrastructure/telemetry/HttpShadowLogSink";
+export { ShieldApplicationService } from "./application/ShieldApplicationService";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAA4B,KAAK,WAAW,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAElE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAMpE;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,OAAO,CAA2B;IAE1C;;OAEG;gBACS,OAAO,GAAE,eAAoB;IAiDzC;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;;;;;;;;;;;;;;;;OAiBG;IACG,IAAI,CAAC,CAAC,SAAS,WAAW,EAC9B,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,CAAC,CAAC;IAIb;;;;;;;;;;;;;;;;;OAiBG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/C;;;;OAIG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI;IAItC;;OAEG;IACH,SAAS,IAAI,aAAa;IAI1B;;;OAGG;IACH,OAAO,IAAI,IAAI;CAGhB;AAOD,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAG5B,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,WAAW,EAAE,CAAC;AAGxD,YAAY,EACV,eAAe,EACf,eAAe,EACf,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAE5B,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEhE,YAAY,EACV,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,iBAAiB,GAClB,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,YAAY,EACZ,UAAU,EACV,UAAU,EACV,SAAS,EACT,QAAQ,EACR,OAAO,EACP,UAAU,EACV,cAAc,EACd,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAC9F,YAAY,EAAE,6BAA6B,EAAE,MAAM,2BAA2B,CAAC;AAG/E,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,YAAY,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAGvE,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AACpE,YAAY,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAEhF,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AACjF,YAAY,EAAE,gBAAgB,EAAE,MAAM,8CAA8C,CAAC;AAErF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}

package/dist/index.js

@@ -0,0 +1,173 @@
+/**
+ * Tracerny
+ * Transparent Proxy Runtime Sentinel for Prompt Injection Defense
+ *
+ * @example
+ * ```typescript
+ * import { Tracerny } from 'tracerney';
+ *
+ * const shield = new Tracerny({
+ *   allowedTools: ['search', 'calculator'],
+ *   apiEndpoint: 'https://api.myapp.com/v1/signal',
+ * });
+ *
+ * const response = await shield.wrap(() =>
+ *   openai.chat.completions.create({...})
+ * );
+ * ```
+ */
+import { ShieldApplicationService } from './application/index.js';
+import { ShieldBlockError } from './application/ShieldBlockError.js';
+import { createToolPolicy } from './domain/guard/ToolPolicy.js';
+import { BundledPatternRepository } from './infrastructure/patterns/BundledPatternRepository.js';
+import { HttpSignalSink } from './infrastructure/telemetry/HttpSignalSink.js';
+// import { HttpShadowLogSink } from './infrastructure/telemetry/HttpShadowLogSink.js'; // Disabled
+import { LLMSentinel } from './infrastructure/sentinel/LLMSentinel.js';
+/**
+ * Tracerny Facade
+ * Main entry point for the SDK
+ * Wires all dependencies: domain + application + infrastructure
+ */
+export class Tracerny {
+    /**
+     * Constructor: wires the full dependency graph
+     */
+    constructor(options = {}) {
+        // Step 0: Resolve endpoints from baseUrl if provided
+        const resolvedOptions = this.resolveEndpoints(options);
+        // Step 1: Build pattern repository
+        // Always use bundled patterns (288 forensic patterns)
+        // No remote updates - bundled patterns are production-ready
+        const patternRepo = new BundledPatternRepository();
+        // Step 2: Build telemetry sink
+        const telemetrySink = options.enableTelemetry !== false && resolvedOptions.apiEndpoint
+            ? new HttpSignalSink({
+                endpoint: resolvedOptions.apiEndpoint,
+                apiKey: resolvedOptions.apiKey,
+            })
+            : undefined;
+        // Step 3: Create tool policy
+        const toolPolicy = createToolPolicy(options.allowedTools ?? []);
+        // Step 4: Build Layer 2 LLM Sentinel (if enabled)
+        let sentinel = undefined;
+        if (options.sentinelEnabled !== false && resolvedOptions.sentinelEndpoint) {
+            sentinel = new LLMSentinel(resolvedOptions.sentinelEndpoint, resolvedOptions.apiKey);
+        }
+        // Step 5: Build shadow log sink (if endpoint provided)
+        // DISABLED FOR NOW - will re-enable after fixing endpoint
+        // let shadowLogSink = undefined;
+        // if (resolvedOptions.shadowLogEndpoint) {
+        //   shadowLogSink = new HttpShadowLogSink({
+        //     endpoint: resolvedOptions.shadowLogEndpoint,
+        //     apiKey: resolvedOptions.apiKey,
+        //   });
+        // }
+        const shadowLogSink = undefined;
+        // Step 6: Wire application service
+        this.service = new ShieldApplicationService({
+            patternRepository: patternRepo,
+            telemetrySink,
+            toolPolicy,
+            sentinel,
+            shadowLogSink,
+            sdkVersion: "0.2.0",
+        });
+    }
+    /**
+     * Resolves baseUrl into individual endpoint URLs
+     * baseUrl takes precedence over individual endpoint options
+     */
+    resolveEndpoints(options) {
+        if (options.baseUrl) {
+            // Remove trailing slash for consistency
+            const baseUrl = options.baseUrl.replace(/\/$/, '');
+            return {
+                ...options,
+                apiEndpoint: `${baseUrl}/api/v1/signal`,
+                sentinelEndpoint: `${baseUrl}/api/v1/verify-prompt`,
+                shadowLogEndpoint: `${baseUrl}/api/v1/shadow-log`,
+                manifestUrl: `${baseUrl}/api/v1/definitions`,
+            };
+        }
+        // No baseUrl, use individual options as-is
+        return options;
+    }
+    /**
+     * Main wrapper for LLM calls
+     *
+     * @param llmCall - Function that executes the LLM call
+     * @param options - Optional: prompt for pre-LLM scanning, request context
+     *
+     * @throws ShieldBlockError if an injection or unauthorized tool is detected
+     * @throws Other errors from the LLM provider or network failures
+     *
+     * @example
+     * ```typescript
+     * // With optional prompt for pre-LLM scanning (fixes Gap 3)
+     * const response = await shield.wrap(
+     *   () => openai.chat.completions.create({...}),
+     *   { prompt: userInput }
+     * );
+     * ```
+     */
+    async wrap(llmCall, options) {
+        return this.service.wrap(llmCall, options);
+    }
+    /**
+     * Scan a raw prompt for injection attempts (standalone use)
+     *
+     * @param prompt - The user input to scan
+     * @throws ShieldBlockError if injection is detected
+     *
+     * @example
+     * ```typescript
+     * try {
+     *   await shield.scanPrompt(userInput);
+     *   // Safe to proceed
+     * } catch (err) {
+     *   if (err instanceof ShieldBlockError) {
+     *     // Attack detected
+     *   }
+     * }
+     * ```
+     */
+    async scanPrompt(prompt) {
+        return this.service.scanPrompt(prompt);
+    }
+    /**
+     * Update allowed tools at runtime
+     *
+     * @param tools - New list of allowed tool names
+     */
+    setAllowedTools(tools) {
+        return this.service.setAllowedTools(tools);
+    }
+    /**
+     * Get Shield status and diagnostics
+     */
+    getStatus() {
+        return this.service.getStatus();
+    }
+    /**
+     * Graceful shutdown: flushes telemetry and releases resources
+     * Call this before process exit
+     */
+    destroy() {
+        return this.service.destroy();
+    }
+}
+// ============================================================================
+// Public Exports
+// ============================================================================
+// Error class
+export { ShieldBlockError };
+// Infrastructure adapter exports (for advanced/custom usage)
+export { BundledPatternRepository, RemotePatternRepository } from './infrastructure/patterns/index.js';
+// Utility exports (for middleware & advanced use)
+export { normalizePrompt, normalizePrompts, jitter } from './application/utils/index.js';
+export { HttpSignalSink } from './infrastructure/telemetry/index.js';
+// Layer 2 Sentinel exports
+export { LLMSentinel } from './infrastructure/sentinel/LLMSentinel.js';
+export { HttpShadowLogSink } from './infrastructure/telemetry/HttpShadowLogSink.js';
+export { ShieldApplicationService } from './application/ShieldApplicationService.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,wBAAwB,EAAwC,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,oDAAoD,CAAC;AAC9F,OAAO,EAAE,cAAc,EAAE,MAAM,2CAA2C,CAAC;AAC3E,gGAAgG;AAChG,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAwEpE;;;;GAIG;AACH,MAAM,OAAO,QAAQ;IAGnB;;OAEG;IACH,YAAY,UAA2B,EAAE;QACvC,qDAAqD;QACrD,MAAM,eAAe,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAEvD,mCAAmC;QACnC,sDAAsD;QACtD,4DAA4D;QAC5D,MAAM,WAAW,GAAG,IAAI,wBAAwB,EAAE,CAAC;QAEnD,+BAA+B;QAC/B,MAAM,aAAa,GACjB,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,WAAW;YAC9D,CAAC,CAAC,IAAI,cAAc,CAAC;gBACjB,QAAQ,EAAE,eAAe,CAAC,WAAW;gBACrC,MAAM,EAAE,eAAe,CAAC,MAAM;aAC/B,CAAC;YACJ,CAAC,CAAC,SAAS,CAAC;QAEhB,6BAA6B;QAC7B,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAEhE,kDAAkD;QAClD,IAAI,QAAQ,GAAG,SAAS,CAAC;QACzB,IAAI,OAAO,CAAC,eAAe,KAAK,KAAK,IAAI,eAAe,CAAC,gBAAgB,EAAE,CAAC;YAC1E,QAAQ,GAAG,IAAI,WAAW,CAAC,eAAe,CAAC,gBAAgB,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;QACvF,CAAC;QAED,uDAAuD;QACvD,0DAA0D;QAC1D,iCAAiC;QACjC,2CAA2C;QAC3C,4CAA4C;QAC5C,mDAAmD;QACnD,sCAAsC;QACtC,QAAQ;QACR,IAAI;QACJ,MAAM,aAAa,GAAG,SAAS,CAAC;QAEhC,mCAAmC;QACnC,IAAI,CAAC,OAAO,GAAG,IAAI,wBAAwB,CAAC;YAC1C,iBAAiB,EAAE,WAAW;YAC9B,aAAa;YACb,UAAU;YACV,QAAQ;YACR,aAAa;YACb,UAAU,EAAE,OAAO;SACpB,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,gBAAgB,CAAC,OAAwB;QAC/C,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,wCAAwC;YACxC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAEnD,OAAO;gBACL,GAAG,OAAO;gBACV,WAAW,EAAE,GAAG,OAAO,gBAAgB;gBACvC,gBAAgB,EAAE,GAAG,OAAO,uBAAuB;gBACnD,iBAAiB,EAAE,GAAG,OAAO,oBAAoB;gBACjD,WAAW,EAAE,GAAG,OAAO,qBAAqB;aAC7C,CAAC;QACJ,CAAC;QAED,2CAA2C;QAC3C,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,IAAI,CACR,OAAyB,EACzB,OAAqB;QAErB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,UAAU,CAAC,MAAc;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAe;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,OAAO;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;CACF;AAED,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,cAAc;AACd,OAAO,EAAE,gBAAgB,EAAE,CAAC;AAkC5B,6DAA6D;AAC7D,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAG9F,kDAAkD;AAClD,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAEhF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG5D,2BAA2B;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAC;AAGpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAGjF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC"}

package/dist/infrastructure/llm/OpenRouterProvider.d.ts

@@ -0,0 +1,32 @@
+/**
+ * OpenRouter LLM Provider
+ * Adapter: implements ILLMProvider for OpenRouter
+ * Uses native fetch — zero dependencies (no openai npm package)
+ */
+import { ILLMProvider, LLMRequest, LLMResponse } from "../../application/ports/ILLMProvider";
+export interface OpenRouterConfig {
+    apiKey: string;
+    baseUrl?: string;
+    siteUrl?: string;
+    siteTitle?: string;
+    defaultModel?: string;
+    timeoutMs?: number;
+}
+export declare class OpenRouterProvider implements ILLMProvider {
+    private readonly config;
+    readonly providerName = "openrouter";
+    private readonly baseUrl;
+    private readonly timeoutMs;
+    constructor(config: OpenRouterConfig);
+    /**
+     * Execute an LLM call via OpenRouter.
+     * Implements ILLMProvider.complete()
+     */
+    complete(request: LLMRequest): Promise<LLMResponse>;
+    /**
+     * Create an AbortSignal for request timeout.
+     * Node.js 17+ supports AbortSignal.timeout()
+     */
+    private createAbortSignal;
+}
+//# sourceMappingURL=OpenRouterProvider.d.ts.map

package/dist/infrastructure/llm/OpenRouterProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenRouterProvider.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/llm/OpenRouterProvider.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,YAAY,EACZ,UAAU,EACV,WAAW,EAEZ,MAAM,sCAAsC,CAAC;AAE9C,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,kBAAmB,YAAW,YAAY;IAMzC,OAAO,CAAC,QAAQ,CAAC,MAAM;IALnC,QAAQ,CAAC,YAAY,gBAAgB;IAErC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEN,MAAM,EAAE,gBAAgB;IASrD;;;OAGG;IACG,QAAQ,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC;IA0EzD;;;OAGG;IACH,OAAO,CAAC,iBAAiB;CA2D1B"}

package/dist/infrastructure/llm/OpenRouterProvider.js

@@ -0,0 +1,119 @@
+/**
+ * OpenRouter LLM Provider
+ * Adapter: implements ILLMProvider for OpenRouter
+ * Uses native fetch — zero dependencies (no openai npm package)
+ */
+import { ProviderError, } from '../../application/ports/ILLMProvider.js';
+export class OpenRouterProvider {
+    constructor(config) {
+        this.config = config;
+        this.providerName = "openrouter";
+        this.baseUrl = config.baseUrl ?? "https://openrouter.ai/api/v1";
+        this.timeoutMs = config.timeoutMs ?? 30000;
+        if (!config.apiKey) {
+            throw new Error("[OpenRouterProvider] apiKey is required");
+        }
+    }
+    /**
+     * Execute an LLM call via OpenRouter.
+     * Implements ILLMProvider.complete()
+     */
+    async complete(request) {
+        const model = request.model || this.config.defaultModel || "openai/gpt-4o";
+        // Build the request body — OpenAI-compatible format
+        const body = {
+            model,
+            messages: request.messages,
+            ...(request.tools && { tools: request.tools }),
+            ...(request.temperature !== undefined && { temperature: request.temperature }),
+            ...(request.maxTokens !== undefined && { max_tokens: request.maxTokens }),
+            // Pass through any additional provider-specific parameters
+            ...Object.fromEntries(Object.entries(request).filter(([key]) => ![
+                "messages",
+                "model",
+                "tools",
+                "temperature",
+                "maxTokens",
+            ].includes(key))),
+        };
+        try {
+            const response = await fetch(`${this.baseUrl}/chat/completions`, {
+                method: "POST",
+                headers: {
+                    "Content-Type": "application/json",
+                    Authorization: `Bearer ${this.config.apiKey}`,
+                    // OpenRouter required headers
+                    "HTTP-Referer": this.config.siteUrl ?? "",
+                    "X-Title": this.config.siteTitle ?? "Tracerny",
+                },
+                body: JSON.stringify(body),
+                signal: this.createAbortSignal(),
+            });
+            if (!response.ok) {
+                const errorBody = await response.text().catch(() => "");
+                throw new ProviderError(`OpenRouter returned ${response.status}: ${response.statusText}\n${errorBody}`, "openrouter", response.status);
+            }
+            // Response shape is OpenAI-compatible — cast directly
+            const data = (await response.json());
+            return data;
+        }
+        catch (error) {
+            if (error instanceof ProviderError) {
+                throw error;
+            }
+            if (error instanceof TypeError && error.message.includes("fetch")) {
+                throw new ProviderError(`Network error: ${error.message}`, "openrouter", undefined, error);
+            }
+            throw new ProviderError(`OpenRouter call failed: ${error instanceof Error ? error.message : String(error)}`, "openrouter", undefined, error);
+        }
+    }
+    /**
+     * Create an AbortSignal for request timeout.
+     * Node.js 17+ supports AbortSignal.timeout()
+     */
+    createAbortSignal() {
+        // Try Node.js 17+ AbortSignal.timeout()
+        if (AbortSignal && "timeout" in AbortSignal) {
+            try {
+                return AbortSignal.timeout(this.timeoutMs);
+            }
+            catch {
+                // Fallback if timeout() not available
+            }
+        }
+        // Fallback: use AbortController with timer
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), this.timeoutMs);
+        // Clean up timeout on early resolution
+        const originalSignal = controller.signal;
+        const wrappedSignal = new (class {
+            constructor() {
+                this.aborted = originalSignal.aborted;
+                this.addEventListener = (type, listener, options) => {
+                    originalSignal.addEventListener(type, listener, options);
+                };
+                this.removeEventListener = (type, listener, options) => {
+                    originalSignal.removeEventListener(type, listener, options);
+                };
+                this.dispatchEvent = (event) => {
+                    clearTimeout(timeoutId);
+                    return originalSignal.dispatchEvent(event);
+                };
+            }
+            get onabort() {
+                return originalSignal.onabort;
+            }
+            set onabort(handler) {
+                originalSignal.onabort = handler;
+            }
+            get reason() {
+                return originalSignal.reason;
+            }
+            throwIfAborted() {
+                originalSignal.throwIfAborted?.();
+            }
+        })();
+        return wrappedSignal;
+    }
+}
+//# sourceMappingURL=OpenRouterProvider.js.map

package/dist/infrastructure/llm/OpenRouterProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenRouterProvider.js","sourceRoot":"","sources":["../../../src/infrastructure/llm/OpenRouterProvider.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAIL,aAAa,GACd,MAAM,sCAAsC,CAAC;AAW9C,MAAM,OAAO,kBAAkB;IAM7B,YAA6B,MAAwB;QAAxB,WAAM,GAAN,MAAM,CAAkB;QAL5C,iBAAY,GAAG,YAAY,CAAC;QAMnC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,8BAA8B,CAAC;QAChE,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,KAAM,CAAC;QAE5C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAmB;QAChC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,eAAe,CAAC;QAE3E,oDAAoD;QACpD,MAAM,IAAI,GAAG;YACX,KAAK;YACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,GAAG,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;YAC9C,GAAG,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;YAC9E,GAAG,CAAC,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;YACzE,2DAA2D;YAC3D,GAAG,MAAM,CAAC,WAAW,CACnB,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,CAC5B,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CACR,CAAC;gBACC,UAAU;gBACV,OAAO;gBACP,OAAO;gBACP,aAAa;gBACb,WAAW;aACZ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAClB,CACF;SACF,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,mBAAmB,EAAE;gBAC/D,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;oBAC7C,8BAA8B;oBAC9B,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE;oBACzC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,UAAU;iBAC/C;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,IAAI,CAAC,iBAAiB,EAAE;aACjC,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;gBACxD,MAAM,IAAI,aAAa,CACrB,uBAAuB,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,KAAK,SAAS,EAAE,EAC9E,YAAY,EACZ,QAAQ,CAAC,MAAM,CAChB,CAAC;YACJ,CAAC;YAED,sDAAsD;YACtD,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;YACpD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,aAAa,EAAE,CAAC;gBACnC,MAAM,KAAK,CAAC;YACd,CAAC;YAED,IAAI,KAAK,YAAY,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClE,MAAM,IAAI,aAAa,CACrB,kBAAkB,KAAK,CAAC,OAAO,EAAE,EACjC,YAAY,EACZ,SAAS,EACT,KAAK,CACN,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,aAAa,CACrB,2BAA2B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EACnF,YAAY,EACZ,SAAS,EACT,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,iBAAiB;QACvB,wCAAwC;QACxC,IAAI,WAAW,IAAI,SAAS,IAAI,WAAW,EAAE,CAAC;YAC5C,IAAI,CAAC;gBACH,OAAQ,WAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACtD,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;YACxC,CAAC;QACH,CAAC;QAED,2CAA2C;QAC3C,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvE,uCAAuC;QACvC,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,CAAC;QACzC,MAAM,aAAa,GAAG,IAAI,CAAC;YAAA;gBAChB,YAAO,GAAG,cAAc,CAAC,OAAO,CAAC;gBAE1C,qBAAgB,GAAoC,CAClD,IAAS,EACT,QAAa,EACb,OAAY,EACZ,EAAE;oBACF,cAAc,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAC3D,CAAC,CAAC;gBAEF,wBAAmB,GAAuC,CACxD,IAAS,EACT,QAAa,EACb,OAAY,EACZ,EAAE;oBACF,cAAc,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAC9D,CAAC,CAAC;gBAEF,kBAAa,GAAiC,CAAC,KAAU,EAAE,EAAE;oBAC3D,YAAY,CAAC,SAAS,CAAC,CAAC;oBACxB,OAAO,cAAc,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;gBAC7C,CAAC,CAAC;YAiBJ,CAAC;YAfC,IAAI,OAAO;gBACT,OAAO,cAAc,CAAC,OAAO,CAAC;YAChC,CAAC;YAED,IAAI,OAAO,CAAC,OAAO;gBACjB,cAAc,CAAC,OAAO,GAAG,OAAO,CAAC;YACnC,CAAC;YAED,IAAI,MAAM;gBACR,OAAQ,cAAsB,CAAC,MAAM,CAAC;YACxC,CAAC;YAED,cAAc;gBACZ,cAAc,CAAC,cAAc,EAAE,EAAE,CAAC;YACpC,CAAC;SACF,CAAC,EAAE,CAAC;QAEL,OAAO,aAAa,CAAC;IACvB,CAAC;CACF"}

package/dist/infrastructure/llm/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * LLM Provider Infrastructure
+ * Barrel export
+ */
+export { OpenRouterProvider } from "./OpenRouterProvider";
+export type { OpenRouterConfig } from "./OpenRouterProvider";
+//# sourceMappingURL=index.d.ts.map

package/dist/infrastructure/llm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/llm/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,YAAY,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/infrastructure/llm/index.js

@@ -0,0 +1,6 @@
+/**
+ * LLM Provider Infrastructure
+ * Barrel export
+ */
+export { OpenRouterProvider } from './OpenRouterProvider.js';
+//# sourceMappingURL=index.js.map