npm - @sunaiva/gate - Versions diffs - 1.0.0 → 1.1.0 - Mend

@sunaiva/gate 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/BUSINESS_LICENSE.md +70 -0
package/CHANGELOG.md +148 -0
package/LICENSE +0 -0
package/README.md +411 -27
package/dist/config/defaults.d.ts +22 -1
package/dist/config/defaults.d.ts.map +1 -1
package/dist/config/defaults.js +56 -8
package/dist/config/defaults.js.map +1 -1
package/dist/config/loader.d.ts +0 -0
package/dist/config/loader.d.ts.map +1 -1
package/dist/config/loader.js +24 -6
package/dist/config/loader.js.map +1 -1
package/dist/engine/backend-client.d.ts +58 -0
package/dist/engine/backend-client.d.ts.map +1 -0
package/dist/engine/backend-client.js +287 -0
package/dist/engine/backend-client.js.map +1 -0
package/dist/engine/hmac-verifier.d.ts +33 -0
package/dist/engine/hmac-verifier.d.ts.map +1 -0
package/dist/engine/hmac-verifier.js +161 -0
package/dist/engine/hmac-verifier.js.map +1 -0
package/dist/engine/immutability.d.ts +59 -0
package/dist/engine/immutability.d.ts.map +1 -0
package/dist/engine/immutability.js +129 -0
package/dist/engine/immutability.js.map +1 -0
package/dist/engine/pattern-matcher.d.ts +13 -0
package/dist/engine/pattern-matcher.d.ts.map +1 -1
package/dist/engine/pattern-matcher.js +85 -17
package/dist/engine/pattern-matcher.js.map +1 -1
package/dist/engine/rule-engine.d.ts +62 -1
package/dist/engine/rule-engine.d.ts.map +1 -1
package/dist/engine/rule-engine.js +222 -12
package/dist/engine/rule-engine.js.map +1 -1
package/dist/engine/session-state.d.ts +0 -0
package/dist/engine/session-state.d.ts.map +1 -1
package/dist/engine/session-state.js +8 -2
package/dist/engine/session-state.js.map +1 -1
package/dist/engine/ship-confidence-gate.d.ts +184 -0
package/dist/engine/ship-confidence-gate.d.ts.map +1 -0
package/dist/engine/ship-confidence-gate.js +768 -0
package/dist/engine/ship-confidence-gate.js.map +1 -0
package/dist/index.d.ts +0 -0
package/dist/index.d.ts.map +0 -0
package/dist/index.js +289 -2
package/dist/index.js.map +1 -1
package/dist/rules/categories.json +0 -0
package/dist/rules/presets.json +0 -0
package/dist/rules/rules.json +200 -100
package/dist/tools/audit.d.ts +6 -0
package/dist/tools/audit.d.ts.map +1 -1
package/dist/tools/audit.js +43 -6
package/dist/tools/audit.js.map +1 -1
package/dist/tools/bypass.d.ts +0 -0
package/dist/tools/bypass.d.ts.map +1 -1
package/dist/tools/bypass.js +50 -6
package/dist/tools/bypass.js.map +1 -1
package/dist/tools/rules.d.ts +0 -0
package/dist/tools/rules.d.ts.map +0 -0
package/dist/tools/rules.js +0 -0
package/dist/tools/rules.js.map +0 -0
package/dist/tools/ship-confidence.d.ts +11 -0
package/dist/tools/ship-confidence.d.ts.map +1 -0
package/dist/tools/ship-confidence.js +42 -0
package/dist/tools/ship-confidence.js.map +1 -0
package/dist/tools/update.d.ts +0 -0
package/dist/tools/update.d.ts.map +1 -1
package/dist/tools/update.js +45 -9
package/dist/tools/update.js.map +1 -1
package/dist/tools/validate.d.ts +0 -0
package/dist/tools/validate.d.ts.map +1 -1
package/dist/tools/validate.js +56 -4
package/dist/tools/validate.js.map +1 -1
package/dist/types/backend.d.ts +69 -0
package/dist/types/backend.d.ts.map +1 -0
package/dist/types/backend.js +18 -0
package/dist/types/backend.js.map +1 -0
package/package.json +11 -3

package/dist/rules/rules.json CHANGED Viewed

@@ -7,6 +7,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Stripe charges, PayPal payments, checkout URLs, credit card forms, subscription signups, Buy Now buttons, in-app purchases, recurring billing setup",
     "example_blocked": "Agent attempts to subscribe to a $5,000/yr software license on behalf of the user",
     "example_allowed": "Agent presents purchase options with pricing and asks for human approval before proceeding",
     "tags": [
@@ -21,7 +22,7 @@
       "full-suite",
       "minimal"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-002",
@@ -31,6 +32,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: cumulative spend tracking, API cost estimates, cloud billing events, token usage costs, service invoices exceeding budget threshold",
     "example_blocked": "Agent triggers 35 parallel Gemini API workers totalling $800 in one week without billing cap",
     "example_allowed": "Agent estimates API cost before run, confirms it is within budget, then proceeds",
     "tags": [
@@ -44,7 +46,7 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-003",
@@ -54,6 +56,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: recurring billing setup, subscription plan changes, free trial conversions, annual plan upgrades, auto-renewal toggles",
     "example_blocked": "Agent upgrades a free Slack plan to Business+ without user confirmation",
     "example_allowed": "Agent presents upgrade options and cost impact, waits for explicit approval before clicking upgrade",
     "tags": [
@@ -65,7 +68,7 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-004",
@@ -75,6 +78,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: wallet addresses, ETH/BTC/USDC transfers, DeFi interactions, NFT purchases, gas fee submissions, seed phrase usage",
     "example_blocked": "Agent sends 0.5 ETH to a contract address during an automated DeFi strategy",
     "example_allowed": "Agent prepares transaction details for human review and requires signed confirmation before any transfer",
     "tags": [
@@ -87,7 +91,7 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-005",
@@ -108,7 +112,8 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "fin-006",
@@ -129,7 +134,8 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "fin-007",
@@ -151,7 +157,8 @@
       "full-suite",
       "developer-safety"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "fin-008",
@@ -161,6 +168,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: bank routing numbers, SWIFT codes, ACH batch files, wire transfer form submissions, IBAN entries, banking API payment calls",
     "example_blocked": "Agent submits ACH payroll file containing $250,000 in transfers after misreading a payroll spreadsheet",
     "example_allowed": "Agent prepares wire transfer details for human review — no submission occurs without signed approval",
     "tags": [
@@ -173,7 +181,7 @@
       "full-suite",
       "minimal"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-009",
@@ -183,6 +191,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Google Ads campaign creation, Meta Ads budget changes, TikTok ad launches, LinkedIn ad spend, programmatic bid submissions",
     "example_blocked": "Agent launches a Google Ads campaign with $5,000 daily budget after misinterpreting targeting instructions",
     "example_allowed": "Agent sets up campaign draft, presents estimated spend, and activates only after explicit budget approval",
     "tags": [
@@ -194,7 +203,7 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "fin-010",
@@ -216,7 +225,8 @@
       "full-suite",
       "developer-safety"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "fin-011",
@@ -237,7 +247,8 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "fin-012",
@@ -259,7 +270,8 @@
       "financial-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-001",
@@ -269,6 +281,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: API key patterns (sk-ant, AKIA, ghp_, Bearer tokens), password fields in logs, secret environment variables in stdout, credential strings in commit diffs",
     "example_blocked": "Agent logs full Stripe secret key to a public Cloudflare Worker debug endpoint",
     "example_allowed": "Agent references credentials by variable name only, uses secret manager references, never logs actual values",
     "tags": [
@@ -282,7 +295,7 @@
       "full-suite",
       "minimal"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "dat-002",
@@ -292,6 +305,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: names + email combinations, SSNs, passport numbers, date of birth fields, health identifiers, financial account numbers, geolocation data",
     "example_blocked": "Agent scrapes contact page and stores 500 visitor email addresses in a public Google Sheet",
     "example_allowed": "Agent collects only name and email for lead form, stores encrypted in approved database, confirms storage policy before proceeding",
     "tags": [
@@ -304,7 +318,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "dat-003",
@@ -326,7 +340,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-004",
@@ -336,6 +351,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: API key patterns in git diffs, hardcoded secrets in source files, keys pasted into chat logs, secrets in PR descriptions, env vars echoed to stdout",
     "example_blocked": "Agent commits hardcoded Stripe secret key directly into index.js before pushing to GitHub",
     "example_allowed": "Agent uses environment variable references and secret manager calls, never hardcodes values",
     "tags": [
@@ -349,7 +365,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "dat-005",
@@ -372,7 +388,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-006",
@@ -392,7 +409,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-007",
@@ -414,7 +432,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-008",
@@ -434,7 +453,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-009",
@@ -454,7 +474,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-010",
@@ -464,6 +485,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: log file deletion, audit table truncation, log rotation bypasses, timestamp modification in records, access log purging commands",
     "example_blocked": "Agent deletes application error logs to clean up a server before an audit, removing evidence of prior failures",
     "example_allowed": "Agent archives old logs to cold storage, preserving integrity, with human approval before any archival",
     "tags": [
@@ -475,7 +497,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "dat-011",
@@ -495,7 +517,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "dat-012",
@@ -515,7 +538,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-001",
@@ -525,6 +549,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: git push to main/master, Netlify production deploys, Docker production image pushes, Kubernetes production namespace changes, AWS production stack updates",
     "example_blocked": "Agent auto-deploys a breaking change to production at 2am after a failed test suite",
     "example_allowed": "Agent builds, tests, and stages the release, then presents for human approval before any production promotion",
     "tags": [
@@ -538,7 +563,7 @@
       "full-suite",
       "minimal"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-002",
@@ -548,6 +573,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: rm -rf commands, DROP TABLE statements, git reset --hard, git clean -fd, file overwrite without backup, S3 bucket deletion, database truncation",
     "example_blocked": "Agent runs git clean -fd to tidy the repo and deletes 3 years of research reports stored in untracked files",
     "example_allowed": "Agent lists files to be deleted in a dry-run, presents list for approval, only executes after explicit confirmation",
     "tags": [
@@ -562,7 +588,7 @@
       "full-suite",
       "minimal"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-003",
@@ -583,7 +609,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-004",
@@ -593,6 +620,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Cloudflare DNS API writes, Route 53 record changes, GoDaddy DNS modifications, CNAME/A/MX record updates via any registrar API",
     "example_blocked": "Agent deletes an MX record while reconfiguring email routing, taking down all inbound email for the domain",
     "example_allowed": "Agent proposes DNS changes with impact analysis, waits for explicit approval, stages changes in preview first",
     "tags": [
@@ -604,7 +632,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-005",
@@ -614,6 +642,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: IAM role assignment, OAuth scope escalation, admin privilege grants, GHL team member permission changes, database user privilege modifications",
     "example_blocked": "Agent grants a new team member admin privileges on the production AWS account to simplify onboarding",
     "example_allowed": "Agent proposes minimum-required role for new member, presents for approval, applies principle of least privilege",
     "tags": [
@@ -625,7 +654,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-006",
@@ -635,6 +664,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: DELETE /users/{id} API calls, Stripe customer deletion, GHL contact purges, workspace deactivation, account closure form submissions",
     "example_blocked": "Agent deletes a churned customer's account and all associated data, making refund impossible and violating retention policy",
     "example_allowed": "Agent flags account for review, proposes data export and anonymisation, requires two-step human confirmation before any deletion",
     "tags": [
@@ -645,7 +675,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-007",
@@ -666,7 +696,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-008",
@@ -676,6 +707,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Instantly campaign activation, Mailchimp bulk sends, Klaviyo broadcast triggers, Twilio SMS bulk sends, LinkedIn Sales Navigator connection requests at scale",
     "example_blocked": "Agent activates a cold email campaign to 15,000 contacts without Kinan's go-ahead after preparing the sequence",
     "example_allowed": "Agent prepares campaign, shows preview, estimated reach, and cost — waits for explicit 'ship it' before any send",
     "tags": [
@@ -688,7 +720,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "gov-009",
@@ -709,7 +741,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-010",
@@ -731,7 +764,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-011",
@@ -752,7 +786,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "gov-012",
@@ -762,6 +797,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: terraform destroy, AWS CloudFormation stack deletion, GCP project deletion, Kubernetes namespace purges, Elestio service termination",
     "example_blocked": "Agent runs terraform destroy on the production environment while attempting to recreate a staging environment",
     "example_allowed": "Agent confirms backup exists, lists resources to be destroyed, receives explicit confirmation before any teardown command",
     "tags": [
@@ -774,7 +810,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "qlt-001",
@@ -795,7 +831,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-002",
@@ -817,7 +854,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-003",
@@ -838,7 +876,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-004",
@@ -859,7 +898,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-005",
@@ -880,7 +920,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-006",
@@ -901,7 +942,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-007",
@@ -922,7 +964,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-008",
@@ -943,7 +986,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-009",
@@ -964,7 +1008,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-010",
@@ -985,7 +1030,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-011",
@@ -1006,7 +1052,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "qlt-012",
@@ -1027,7 +1074,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "com-001",
@@ -1037,6 +1085,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: SMTP send commands, Gmail API message sends, Postmark/SendGrid single sends, nodemailer send calls with external recipients",
     "example_blocked": "Agent sends a follow-up email to 40 prospects with incorrect pricing information attached",
     "example_allowed": "Agent drafts email, presents for review with recipient list and subject, sends only after explicit approval",
     "tags": [
@@ -1048,7 +1097,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-002",
@@ -1058,6 +1107,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Twitter/X API post calls, LinkedIn share submissions, Facebook page post API, Instagram media publishes, TikTok upload completions",
     "example_blocked": "Agent posts a draft meme to the company LinkedIn page without review, causing brand damage",
     "example_allowed": "Agent prepares post with caption, image, and scheduled time — presents for approval before any publication",
     "tags": [
@@ -1069,7 +1119,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-003",
@@ -1089,7 +1139,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "com-004",
@@ -1109,7 +1160,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "com-005",
@@ -1119,6 +1171,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: CRM-triggered customer emails, in-app messages sent to user segments, support ticket replies, automated refund communications, contract or invoice emails",
     "example_blocked": "Agent sends a billing dispute response email to a customer with incorrect account details",
     "example_allowed": "Agent drafts response, tags for human review in CRM, sends only after team member approves",
     "tags": [
@@ -1130,7 +1183,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-006",
@@ -1140,6 +1193,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: PR Newswire distribution API, Business Wire submissions, media contact outreach with embargo dates, investor relations email sends",
     "example_blocked": "Agent distributes a press release with incorrect acquisition details to 500 journalists",
     "example_allowed": "Agent drafts release, routes to legal and executive review, distributes only after sign-off",
     "tags": [
@@ -1150,7 +1204,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-007",
@@ -1160,6 +1214,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: DocuSign envelope sends, HelloSign request submissions, contract PDF emails, NDA generation and distribution, terms acceptance flows",
     "example_blocked": "Agent sends an NDA with incorrect jurisdiction and missing indemnity clauses to a potential partner",
     "example_allowed": "Agent generates contract draft from approved template, routes for legal review, sends via DocuSign only after approval",
     "tags": [
@@ -1170,7 +1225,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-008",
@@ -1190,7 +1245,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "com-009",
@@ -1200,6 +1256,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: Instantly.ai campaign activation, Lemlist sequence launch, Apollo.io sequence start, Outreach.io sequence enable, HubSpot sequence activation",
     "example_blocked": "Agent activates a 7-step cold email sequence to 2,000 contacts after completing sequence setup",
     "example_allowed": "Agent presents sequence, sample email, prospect count, and projected metrics, waits for explicit 'launch it' before activation",
     "tags": [
@@ -1211,7 +1268,7 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-010",
@@ -1231,7 +1288,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "com-011",
@@ -1241,6 +1299,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: emails sent with From: header matching a named human's address by an automated system, chat messages attributed to human staff members, voice calls pretending to be human",
     "example_blocked": "Agent sends cold emails as 'John Smith, CEO' without John's knowledge or a disclosure that the message was AI-assisted",
     "example_allowed": "Agent sends as a named AI assistant, or human reviews and sends from their own account with AI-assisted drafting clearly noted",
     "tags": [
@@ -1251,7 +1310,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "com-012",
@@ -1271,7 +1330,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-001",
@@ -1292,7 +1352,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-002",
@@ -1312,7 +1373,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-003",
@@ -1332,7 +1394,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-004",
@@ -1353,7 +1416,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-005",
@@ -1374,7 +1438,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-006",
@@ -1395,7 +1460,8 @@
       "essential",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-007",
@@ -1416,7 +1482,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-008",
@@ -1437,7 +1504,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-009",
@@ -1447,6 +1515,7 @@
     "enforcement": "constitutional",
     "gate_type": "post-action",
     "severity": "block",
+    "detection_pattern": "Detects: market size claims without cited research, performance benchmarks not sourced to a test run, conversion rates stated as fact without underlying data",
     "example_blocked": "Agent writes '73% of users prefer AI receptionists' in a sales document without any survey or research backing",
     "example_allowed": "Agent presents actual research data with source citation, or clearly labels projections as 'estimated' or 'modelled'",
     "tags": [
@@ -1457,7 +1526,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "know-010",
@@ -1477,7 +1546,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-011",
@@ -1497,7 +1567,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "know-012",
@@ -1518,7 +1589,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-001",
@@ -1540,7 +1612,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-002",
@@ -1563,7 +1636,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-003",
@@ -1585,7 +1659,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-004",
@@ -1607,7 +1682,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-005",
@@ -1628,7 +1704,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-006",
@@ -1649,7 +1726,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-007",
@@ -1671,7 +1749,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-008",
@@ -1693,7 +1772,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-009",
@@ -1715,7 +1795,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-010",
@@ -1736,7 +1817,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-011",
@@ -1758,7 +1840,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "res-012",
@@ -1780,7 +1863,8 @@
       "resource-protection",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-001",
@@ -1790,6 +1874,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: print(api_key), logger.info(password), console.log(token), secret values in exception stack traces, env vars echoed to shell output",
     "example_blocked": "Agent logs the full contents of os.environ to debug a configuration issue, exposing all API keys in plaintext logs",
     "example_allowed": "Agent logs environment variable names but masks values: 'STRIPE_KEY=sk-***[masked]'",
     "tags": [
@@ -1802,7 +1887,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-002",
@@ -1812,6 +1897,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: eval() on external input, exec() with user-provided strings, subprocess.run with unvalidated arguments, dynamic import of unverified modules",
     "example_blocked": "Agent executes code from a web-scraped code block directly in the production environment without sandboxing",
     "example_allowed": "Agent runs external code in a containerised environment with no network access and resource limits, presents output for review",
     "tags": [
@@ -1823,7 +1909,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-003",
@@ -1844,7 +1930,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-004",
@@ -1854,6 +1941,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: sudo commands not in approved list, IAM role assumption beyond declared need, OAuth scope requests exceeding task requirements, root shell acquisition",
     "example_blocked": "Agent requests full S3 admin permissions to upload a single file to one bucket",
     "example_allowed": "Agent requests PutObject permission scoped to the specific bucket and prefix required, nothing more",
     "tags": [
@@ -1865,7 +1953,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-005",
@@ -1886,7 +1974,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-006",
@@ -1896,6 +1985,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: JWT secret changes, OAuth provider config modifications, session store migrations, MFA bypass code additions, password hashing algorithm changes",
     "example_blocked": "Agent modifies JWT signing algorithm from RS256 to HS256 to simplify local development, breaking production auth",
     "example_allowed": "Agent proposes auth change, documents security implications, routes for security review before any implementation",
     "tags": [
@@ -1907,7 +1997,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-007",
@@ -1928,7 +2018,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-008",
@@ -1949,7 +2040,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-009",
@@ -1971,7 +2063,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "sec-010",
@@ -1981,6 +2074,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: API calls to Kimi, MiniMax, DeepSeek, or other banned provider endpoints; model IDs matching banned provider prefixes in routing configs",
     "example_blocked": "Agent routes a prompt containing proprietary code to a DeepSeek API endpoint to save costs",
     "example_allowed": "Agent routes all requests through approved providers (Anthropic, Google, OpenRouter with approved models only)",
     "tags": [
@@ -1992,7 +2086,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-011",
@@ -2002,6 +2096,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: MFA disable API calls, 2FA removal from admin accounts, TOTP secret deletion, backup code exposure, auth app removal from account",
     "example_blocked": "Agent disables 2FA on the production GCP account to simplify a deployment script's authentication flow",
     "example_allowed": "Agent uses service account keys or workload identity for automation, never touches human account MFA settings",
     "tags": [
@@ -2013,7 +2108,7 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "sec-012",
@@ -2034,7 +2129,8 @@
       "developer-safety",
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "cmp-001",
@@ -2054,7 +2150,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "cmp-002",
@@ -2064,6 +2161,7 @@
     "enforcement": "constitutional",
     "gate_type": "pre-action",
     "severity": "block",
+    "detection_pattern": "Detects: EU resident data stored without consent record, PII processed without documented lawful basis, data transferred outside EU/EEA without Standard Contractual Clauses",
     "example_blocked": "Agent stores email addresses of EU website visitors for marketing without a consent record or privacy policy reference",
     "example_allowed": "Agent confirms consent record exists, stores only consented data, includes lawful basis in storage metadata",
     "tags": [
@@ -2074,7 +2172,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "backend_required": false
   },
   {
     "id": "cmp-003",
@@ -2094,7 +2192,8 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   },
   {
     "id": "cmp-004",
@@ -2114,6 +2213,7 @@
     "preset_groups": [
       "full-suite"
     ],
-    "detection_pattern": "[server-side]"
+    "detection_pattern": "[server-side]",
+    "backend_required": true
   }
 ]