@solongate/proxy 0.12.1 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/hooks/guard.mjs +16 -1
- package/package.json +1 -1
package/hooks/guard.mjs
CHANGED
|
@@ -314,9 +314,24 @@ process.stdin.on('end', async () => {
|
|
|
314
314
|
}
|
|
315
315
|
}
|
|
316
316
|
|
|
317
|
+
// ── Check if PI detection is enabled for this project ──
|
|
318
|
+
let piEnabled = true;
|
|
319
|
+
if (API_KEY && API_KEY.startsWith('sg_live_')) {
|
|
320
|
+
try {
|
|
321
|
+
const cfgRes = await fetch(API_URL + '/api/v1/project-config', {
|
|
322
|
+
headers: { 'Authorization': 'Bearer ' + API_KEY },
|
|
323
|
+
signal: AbortSignal.timeout(3000),
|
|
324
|
+
});
|
|
325
|
+
if (cfgRes.ok) {
|
|
326
|
+
const cfg = await cfgRes.json();
|
|
327
|
+
piEnabled = cfg.piEnabled !== false;
|
|
328
|
+
}
|
|
329
|
+
} catch {} // Fallback: enabled (safe default)
|
|
330
|
+
}
|
|
331
|
+
|
|
317
332
|
// ── Prompt Injection Detection (Stage 1: Rules) ──
|
|
318
333
|
const allText = scanStrings(args).join(' ');
|
|
319
|
-
const piResult = detectPromptInjection(allText);
|
|
334
|
+
const piResult = piEnabled ? detectPromptInjection(allText) : null;
|
|
320
335
|
|
|
321
336
|
if (piResult && piResult.blocked) {
|
|
322
337
|
const msg = 'SOLONGATE: Prompt injection detected (trust score: ' +
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solongate/proxy",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.13.0",
|
|
4
4
|
"description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|