@solongate/proxy 0.10.0 → 0.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +57 -1
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -6171,6 +6171,61 @@ var SolonGateProxy = class {
6171
6171
  };
6172
6172
  }
6173
6173
  log2(`Tool call: ${name}`);
6174
+ let piResult;
6175
+ if (args && typeof args === "object") {
6176
+ const guardConfig = this.config.advancedDetection ? { ...DEFAULT_INPUT_GUARD_CONFIG2, advancedDetection: this.config.advancedDetection } : DEFAULT_INPUT_GUARD_CONFIG2;
6177
+ const argsCheck = this.config.advancedDetection ? await sanitizeInputAsync("tool.arguments", args, guardConfig) : sanitizeInput("tool.arguments", args);
6178
+ const hasPromptInjection = argsCheck.threats.some((t) => t.type === "PROMPT_INJECTION");
6179
+ if (hasPromptInjection) {
6180
+ const trustResult = "trustScore" in argsCheck ? argsCheck.trustScore : void 0;
6181
+ const matchedCategories = trustResult?.stages?.[0]?.details?.filter((d) => d.startsWith("matched:"))?.map((d) => d.replace("matched:", "")) ?? [];
6182
+ piResult = {
6183
+ detected: true,
6184
+ trustScore: trustResult?.trustScore ?? 0,
6185
+ blocked: true,
6186
+ matchedCategories,
6187
+ stageScores: {
6188
+ rules: trustResult?.stages?.[0]?.score ?? 0,
6189
+ embedding: trustResult?.stages?.[1]?.score ?? 0,
6190
+ classifier: trustResult?.stages?.[2]?.score ?? 0
6191
+ }
6192
+ };
6193
+ const threats = argsCheck.threats.map((t) => `${t.type}: ${t.description}`).join("; ");
6194
+ log2(`DENY tool call: ${name} \u2014 ${threats}`);
6195
+ if (this.config.apiKey && !this.config.apiKey.startsWith("sg_test_")) {
6196
+ const apiUrl = this.config.apiUrl ?? "https://api.solongate.com";
6197
+ sendAuditLog(this.config.apiKey, apiUrl, {
6198
+ tool: name,
6199
+ arguments: args ?? {},
6200
+ decision: "DENY",
6201
+ reason: `Prompt injection detected: ${threats}`,
6202
+ evaluationTimeMs: 0,
6203
+ promptInjection: piResult
6204
+ });
6205
+ }
6206
+ return {
6207
+ content: [{ type: "text", text: `Tool call blocked by input guard: ${threats}` }],
6208
+ isError: true
6209
+ };
6210
+ }
6211
+ if (this.config.advancedDetection && "trustScore" in argsCheck) {
6212
+ const trustResult = argsCheck.trustScore;
6213
+ if (trustResult) {
6214
+ const matchedCategories = trustResult.stages?.[0]?.details?.filter((d) => d.startsWith("matched:"))?.map((d) => d.replace("matched:", "")) ?? [];
6215
+ piResult = {
6216
+ detected: trustResult.rawScore > 0,
6217
+ trustScore: trustResult.trustScore,
6218
+ blocked: false,
6219
+ matchedCategories,
6220
+ stageScores: {
6221
+ rules: trustResult.stages?.[0]?.score ?? 0,
6222
+ embedding: trustResult.stages?.[1]?.score ?? 0,
6223
+ classifier: trustResult.stages?.[2]?.score ?? 0
6224
+ }
6225
+ };
6226
+ }
6227
+ }
6228
+ }
6174
6229
  const mutex = this.toolMutexes.get(name);
6175
6230
  try {
6176
6231
  await mutex.acquire(MUTEX_TIMEOUT_MS);
@@ -6219,7 +6274,8 @@ var SolonGateProxy = class {
6219
6274
  decision,
6220
6275
  reason,
6221
6276
  matchedRule,
6222
- evaluationTimeMs
6277
+ evaluationTimeMs,
6278
+ promptInjection: piResult
6223
6279
  });
6224
6280
  } else {
6225
6281
  log2(`Skipping audit log (apiKey: ${this.config.apiKey ? "test key" : "not set"})`);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@solongate/proxy",
3
- "version": "0.10.0",
3
+ "version": "0.10.1",
4
4
  "description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
5
5
  "type": "module",
6
6
  "bin": {