@tangle-network/agent-eval 0.58.1 → 0.59.0

package/dist/chunk-SHTXZ4O2.js

@@ -1,113 +0,0 @@
-import {
-  llmSpans
-} from "./chunk-47X6LRCE.js";
-
-// src/contamination-guard.ts
-function checkCanaries(output, scenarios) {
-  const leaks = [];
-  for (const s of scenarios) {
-    if (!s.canary) continue;
-    if (output.includes(s.canary)) {
-      leaks.push({ scenarioId: s.id, canary: s.canary, evidence: excerpt(output, s.canary) });
-    }
-  }
-  return leaks;
-}
-function checkBehavioralCanary(output, scenario) {
-  const pattern = scenario.forbiddenPattern ?? scenario.canary;
-  if (!pattern) return null;
-  const hit = matchForbidden(output, pattern);
-  if (!hit) return null;
-  return {
-    scenarioId: scenario.id,
-    canary: pattern,
-    evidence: excerpt(output, hit)
-  };
-}
-function runBehavioralCanaries(cases) {
-  const leaks = [];
-  for (const c of cases) {
-    const leak = checkBehavioralCanary(c.output, c.scenario);
-    if (leak) leaks.push({ ...leak, runId: c.runId ?? leak.runId });
-  }
-  return leaks;
-}
-function matchForbidden(output, pattern) {
-  const re = tryParseRegex(pattern);
-  if (re) {
-    const m = output.match(re);
-    return m && m[0].length > 0 ? m[0] : null;
-  }
-  return output.includes(pattern) ? pattern : null;
-}
-function tryParseRegex(pattern) {
-  if (pattern.length < 2 || pattern[0] !== "/") return null;
-  const last = pattern.lastIndexOf("/");
-  if (last <= 0) return null;
-  const body = pattern.slice(1, last);
-  const flags = pattern.slice(last + 1);
-  if (!/^[gimsuy]*$/.test(flags)) return null;
-  try {
-    return new RegExp(body, flags);
-  } catch {
-    return null;
-  }
-}
-async function canaryLeakView(store, scenarios) {
-  const targets = scenarios.filter((s) => !!s.canary);
-  if (targets.length === 0) return [];
-  const spans = await llmSpans(store);
-  const leaks = [];
-  for (const span of spans) {
-    const output = span.output ?? "";
-    for (const s of targets) {
-      if (s.canary && output.includes(s.canary)) {
-        leaks.push({
-          scenarioId: s.id,
-          canary: s.canary,
-          runId: span.runId,
-          evidence: excerpt(output, s.canary)
-        });
-      }
-    }
-  }
-  return leaks;
-}
-var HoldoutAuditor = class {
-  scenarios;
-  accessLog = [];
-  constructor(scenarios) {
-    this.scenarios = scenarios;
-  }
-  /** Retrieve a holdout scenario for a declared purpose. Non-'evaluation' throws. */
-  get(scenarioId, purpose) {
-    if (purpose !== "evaluation" && purpose !== "debugging") {
-      throw new Error(
-        `HoldoutAuditor.get: purpose must be 'evaluation' or 'debugging', got ${purpose}`
-      );
-    }
-    const s = this.scenarios.find((x) => x.id === scenarioId);
-    if (!s) throw new Error(`holdout scenario "${scenarioId}" not found`);
-    this.accessLog.push({ scenarioId, purpose, at: Date.now() });
-    return s;
-  }
-  getAccessLog() {
-    return this.accessLog;
-  }
-};
-function excerpt(source, needle) {
-  const at = source.indexOf(needle);
-  if (at < 0) return "";
-  const start = Math.max(0, at - 30);
-  const end = Math.min(source.length, at + needle.length + 30);
-  return (start > 0 ? "\u2026" : "") + source.slice(start, end) + (end < source.length ? "\u2026" : "");
-}
-
-export {
-  checkCanaries,
-  checkBehavioralCanary,
-  runBehavioralCanaries,
-  canaryLeakView,
-  HoldoutAuditor
-};
-//# sourceMappingURL=chunk-SHTXZ4O2.js.map

package/dist/chunk-SHTXZ4O2.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/contamination-guard.ts"],"sourcesContent":["/**\n * ContaminationGuard — ensures held-out scenarios don't leak into\n * training/prompt paths, and flags model memorization.\n *\n * Three probes:\n *   1. `checkCanaries(output, scenario)` — if the scenario carries a\n *      canary token, it MUST NOT appear in the agent's output.\n *      Canaries are strings that are statistically impossible to\n *      reconstruct from the scenario description alone — so if they\n *      echo back, the model memorized them.\n *   2. `canaryLeakView(store)` — cross-corpus view of every run whose\n *      output contained a canary, with the offending scenario + run.\n *   3. `HoldoutAuditor` — wraps a Dataset and emits a structured error\n *      on any code path that reads holdout scenarios but doesn't flag\n *      `purpose: 'evaluation'`. Keeps engineers honest.\n */\n\nimport type { DatasetScenario } from './dataset'\nimport { llmSpans } from './trace/query'\nimport type { TraceStore } from './trace/store'\n\nexport interface CanaryLeak {\n  scenarioId: string\n  canary: string\n  runId?: string\n  evidence: string\n}\n\nexport function checkCanaries(output: string, scenarios: DatasetScenario[]): CanaryLeak[] {\n  const leaks: CanaryLeak[] = []\n  for (const s of scenarios) {\n    if (!s.canary) continue\n    if (output.includes(s.canary)) {\n      leaks.push({ scenarioId: s.id, canary: s.canary, evidence: excerpt(output, s.canary) })\n    }\n  }\n  return leaks\n}\n\n/**\n * Behavioral canary: tests the AGENT, not the eval grep.\n *\n *   - `forbiddenPattern` PRESENT in output ⇒ AGENT EMITTED BAD CONTENT ⇒ LEAK.\n *   - `forbiddenPattern` ABSENT from output ⇒ AGENT HELD THE LINE       ⇒ PASS.\n *\n * Use when running known-bad-prompt scenarios against the agent under\n * test and you want to know if the agent misbehaved. The classical\n * {@link checkCanaries} / {@link import('./canary').runCanaries | runCanaries}\n * test whether the eval check fires when the bad output is forced\n * into the eval flow — different question, different answer.\n *\n * Pattern resolution order (first match wins):\n *   1. `scenario.forbiddenPattern` — if it parses as `/body/flags`,\n *      treated as a regex; otherwise a literal substring.\n *   2. `scenario.canary` — literal substring fallback so the helper\n *      works on existing scenario fixtures.\n *\n * Returns `null` when nothing forbidden was found OR the scenario\n * declared no pattern.\n */\nexport function checkBehavioralCanary(\n  output: string,\n  scenario: DatasetScenario,\n): CanaryLeak | null {\n  const pattern = scenario.forbiddenPattern ?? scenario.canary\n  if (!pattern) return null\n  const hit = matchForbidden(output, pattern)\n  if (!hit) return null\n  return {\n    scenarioId: scenario.id,\n    canary: pattern,\n    evidence: excerpt(output, hit),\n  }\n}\n\n/**\n * Behavioral canary over many (scenario, output) pairs. Sibling to\n * {@link import('./canary').runCanaries | runCanaries} — same idea\n * (run-many → report) but the question being answered is \"did the\n * AGENT misbehave?\" rather than \"did the EVAL grep fire?\".\n *\n * Returns one `CanaryLeak` per pair where the agent's output\n * contained its scenario's `forbiddenPattern` (or `canary` fallback).\n */\nexport function runBehavioralCanaries(\n  cases: Array<{ scenario: DatasetScenario; output: string; runId?: string }>,\n): CanaryLeak[] {\n  const leaks: CanaryLeak[] = []\n  for (const c of cases) {\n    const leak = checkBehavioralCanary(c.output, c.scenario)\n    if (leak) leaks.push({ ...leak, runId: c.runId ?? leak.runId })\n  }\n  return leaks\n}\n\n/**\n * Resolve a forbidden-pattern string to the matched substring inside\n * `output`. `/body/flags` notation is interpreted as a regex; anything\n * else is a literal substring.\n */\nfunction matchForbidden(output: string, pattern: string): string | null {\n  const re = tryParseRegex(pattern)\n  if (re) {\n    const m = output.match(re)\n    return m && m[0].length > 0 ? m[0] : null\n  }\n  return output.includes(pattern) ? pattern : null\n}\n\nfunction tryParseRegex(pattern: string): RegExp | null {\n  if (pattern.length < 2 || pattern[0] !== '/') return null\n  const last = pattern.lastIndexOf('/')\n  if (last <= 0) return null\n  const body = pattern.slice(1, last)\n  const flags = pattern.slice(last + 1)\n  if (!/^[gimsuy]*$/.test(flags)) return null\n  try {\n    return new RegExp(body, flags)\n  } catch {\n    return null\n  }\n}\n\n/**\n * Scan the LLM-output history in a corpus; returns every case where a\n * canary from a known scenario appeared in agent output. Pass the full\n * set of scenarios whose canaries you care about (typically the whole\n * held-out slice).\n */\nexport async function canaryLeakView(\n  store: TraceStore,\n  scenarios: DatasetScenario[],\n): Promise<CanaryLeak[]> {\n  const targets = scenarios.filter((s) => !!s.canary)\n  if (targets.length === 0) return []\n  const spans = await llmSpans(store)\n  const leaks: CanaryLeak[] = []\n  for (const span of spans) {\n    const output = span.output ?? ''\n    for (const s of targets) {\n      if (s.canary && output.includes(s.canary)) {\n        leaks.push({\n          scenarioId: s.id,\n          canary: s.canary,\n          runId: span.runId,\n          evidence: excerpt(output, s.canary),\n        })\n      }\n    }\n  }\n  return leaks\n}\n\nexport class HoldoutAuditor {\n  private scenarios: DatasetScenario[]\n  private accessLog: Array<{ scenarioId: string; purpose: string; at: number }> = []\n\n  constructor(scenarios: DatasetScenario[]) {\n    this.scenarios = scenarios\n  }\n\n  /** Retrieve a holdout scenario for a declared purpose. Non-'evaluation' throws. */\n  get(scenarioId: string, purpose: 'evaluation' | 'debugging'): DatasetScenario {\n    if (purpose !== 'evaluation' && purpose !== 'debugging') {\n      throw new Error(\n        `HoldoutAuditor.get: purpose must be 'evaluation' or 'debugging', got ${purpose}`,\n      )\n    }\n    const s = this.scenarios.find((x) => x.id === scenarioId)\n    if (!s) throw new Error(`holdout scenario \"${scenarioId}\" not found`)\n    this.accessLog.push({ scenarioId, purpose, at: Date.now() })\n    return s\n  }\n\n  getAccessLog(): ReadonlyArray<{ scenarioId: string; purpose: string; at: number }> {\n    return this.accessLog\n  }\n}\n\nfunction excerpt(source: string, needle: string): string {\n  const at = source.indexOf(needle)\n  if (at < 0) return ''\n  const start = Math.max(0, at - 30)\n  const end = Math.min(source.length, at + needle.length + 30)\n  return (start > 0 ? '…' : '') + source.slice(start, end) + (end < source.length ? '…' : '')\n}\n"],"mappings":";;;;;AA4BO,SAAS,cAAc,QAAgB,WAA4C;AACxF,QAAM,QAAsB,CAAC;AAC7B,aAAW,KAAK,WAAW;AACzB,QAAI,CAAC,EAAE,OAAQ;AACf,QAAI,OAAO,SAAS,EAAE,MAAM,GAAG;AAC7B,YAAM,KAAK,EAAE,YAAY,EAAE,IAAI,QAAQ,EAAE,QAAQ,UAAU,QAAQ,QAAQ,EAAE,MAAM,EAAE,CAAC;AAAA,IACxF;AAAA,EACF;AACA,SAAO;AACT;AAuBO,SAAS,sBACd,QACA,UACmB;AACnB,QAAM,UAAU,SAAS,oBAAoB,SAAS;AACtD,MAAI,CAAC,QAAS,QAAO;AACrB,QAAM,MAAM,eAAe,QAAQ,OAAO;AAC1C,MAAI,CAAC,IAAK,QAAO;AACjB,SAAO;AAAA,IACL,YAAY,SAAS;AAAA,IACrB,QAAQ;AAAA,IACR,UAAU,QAAQ,QAAQ,GAAG;AAAA,EAC/B;AACF;AAWO,SAAS,sBACd,OACc;AACd,QAAM,QAAsB,CAAC;AAC7B,aAAW,KAAK,OAAO;AACrB,UAAM,OAAO,sBAAsB,EAAE,QAAQ,EAAE,QAAQ;AACvD,QAAI,KAAM,OAAM,KAAK,EAAE,GAAG,MAAM,OAAO,EAAE,SAAS,KAAK,MAAM,CAAC;AAAA,EAChE;AACA,SAAO;AACT;AAOA,SAAS,eAAe,QAAgB,SAAgC;AACtE,QAAM,KAAK,cAAc,OAAO;AAChC,MAAI,IAAI;AACN,UAAM,IAAI,OAAO,MAAM,EAAE;AACzB,WAAO,KAAK,EAAE,CAAC,EAAE,SAAS,IAAI,EAAE,CAAC,IAAI;AAAA,EACvC;AACA,SAAO,OAAO,SAAS,OAAO,IAAI,UAAU;AAC9C;AAEA,SAAS,cAAc,SAAgC;AACrD,MAAI,QAAQ,SAAS,KAAK,QAAQ,CAAC,MAAM,IAAK,QAAO;AACrD,QAAM,OAAO,QAAQ,YAAY,GAAG;AACpC,MAAI,QAAQ,EAAG,QAAO;AACtB,QAAM,OAAO,QAAQ,MAAM,GAAG,IAAI;AAClC,QAAM,QAAQ,QAAQ,MAAM,OAAO,CAAC;AACpC,MAAI,CAAC,cAAc,KAAK,KAAK,EAAG,QAAO;AACvC,MAAI;AACF,WAAO,IAAI,OAAO,MAAM,KAAK;AAAA,EAC/B,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAQA,eAAsB,eACpB,OACA,WACuB;AACvB,QAAM,UAAU,UAAU,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM;AAClD,MAAI,QAAQ,WAAW,EAAG,QAAO,CAAC;AAClC,QAAM,QAAQ,MAAM,SAAS,KAAK;AAClC,QAAM,QAAsB,CAAC;AAC7B,aAAW,QAAQ,OAAO;AACxB,UAAM,SAAS,KAAK,UAAU;AAC9B,eAAW,KAAK,SAAS;AACvB,UAAI,EAAE,UAAU,OAAO,SAAS,EAAE,MAAM,GAAG;AACzC,cAAM,KAAK;AAAA,UACT,YAAY,EAAE;AAAA,UACd,QAAQ,EAAE;AAAA,UACV,OAAO,KAAK;AAAA,UACZ,UAAU,QAAQ,QAAQ,EAAE,MAAM;AAAA,QACpC,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEO,IAAM,iBAAN,MAAqB;AAAA,EAClB;AAAA,EACA,YAAwE,CAAC;AAAA,EAEjF,YAAY,WAA8B;AACxC,SAAK,YAAY;AAAA,EACnB;AAAA;AAAA,EAGA,IAAI,YAAoB,SAAsD;AAC5E,QAAI,YAAY,gBAAgB,YAAY,aAAa;AACvD,YAAM,IAAI;AAAA,QACR,wEAAwE,OAAO;AAAA,MACjF;AAAA,IACF;AACA,UAAM,IAAI,KAAK,UAAU,KAAK,CAAC,MAAM,EAAE,OAAO,UAAU;AACxD,QAAI,CAAC,EAAG,OAAM,IAAI,MAAM,qBAAqB,UAAU,aAAa;AACpE,SAAK,UAAU,KAAK,EAAE,YAAY,SAAS,IAAI,KAAK,IAAI,EAAE,CAAC;AAC3D,WAAO;AAAA,EACT;AAAA,EAEA,eAAmF;AACjF,WAAO,KAAK;AAAA,EACd;AACF;AAEA,SAAS,QAAQ,QAAgB,QAAwB;AACvD,QAAM,KAAK,OAAO,QAAQ,MAAM;AAChC,MAAI,KAAK,EAAG,QAAO;AACnB,QAAM,QAAQ,KAAK,IAAI,GAAG,KAAK,EAAE;AACjC,QAAM,MAAM,KAAK,IAAI,OAAO,QAAQ,KAAK,OAAO,SAAS,EAAE;AAC3D,UAAQ,QAAQ,IAAI,WAAM,MAAM,OAAO,MAAM,OAAO,GAAG,KAAK,MAAM,OAAO,SAAS,WAAM;AAC1F;","names":[]}