@the_ro_show/agent-ads-sdk 0.16.0 → 0.16.1

package/README.md

@@ -176,17 +176,16 @@ const client = new AttentionMarketClient({
 
 ```typescript
 const client = new AttentionMarketClient({
-  apiKey: 'am_live_YOUR_KEY',        // Required: Your AttentionMarket API key
-  agentId: 'agt_YOUR_AGENT_ID',      // Required for decideFromContext()
-  supabaseAnonKey: 'YOUR_ANON_KEY',  // Required: Get from dashboard
+  apiKey: 'am_live_YOUR_KEY',       // Required: Your AttentionMarket API key
+  agentId: 'agt_YOUR_AGENT_ID',     // Required for decideFromContext()
   // baseUrl defaults to production Supabase endpoint
   // Only override if self-hosting or using different environment
-  timeoutMs: 4000,                   // Optional: request timeout in milliseconds
-  maxRetries: 2                      // Optional: automatic retry count
+  timeoutMs: 4000,                  // Optional: request timeout in milliseconds
+  maxRetries: 2                     // Optional: automatic retry count
 });
 ```
 
-**Note:** You need both `apiKey` (AttentionMarket) and `supabaseAnonKey` (infrastructure) for authentication. Get both from your [developer dashboard](https://api.attentionmarket.ai).
+**Note:** Get your API key and agent ID from your [developer dashboard](https://api.attentionmarket.ai).
 
 ## Core Concepts
 
@@ -550,13 +549,20 @@ Clicks are automatically and securely tracked when users visit the `click_url`.
 **Important:** Always use the provided `click_url` or `tracking_url` for click tracking. These URLs contain HMAC-signed tokens that prevent click fraud and ensure accurate attribution.
 
 ```typescript
-// When user clicks the ad, redirect them to:
-window.location.href = ad.click_url;
+import { sanitizeURL } from '@the_ro_show/agent-ads-sdk';
+
+// When user clicks the ad, sanitize URL for security
+const safeURL = sanitizeURL(ad.click_url);
+if (safeURL) {
+  window.location.href = safeURL;
+}
 
 // Or in a chat/messaging context, share:
 const shareableLink = ad.tracking_url;
 ```
 
+**Security Note:** While our backend validates all URLs, it's recommended to use the `sanitizeURL()` helper to protect against potential XSS attacks if the backend is ever compromised or misconfigured.
+
 Manual click tracking has been removed for security reasons. All clicks must go through the redirect URLs to ensure fraud prevention and accurate tracking.
 
 ### Conversion Tracking

package/dist/index.d.mts

@@ -82,7 +82,8 @@ interface DecideFromContextRequest {
     placement?: PlacementType;
     /**
      * Optional category hint (e.g., 'legal', 'insurance', 'travel').
-     * Used as fallback if semantic matching fails.
+     * Defaults to 'general.query'. Only used as fallback - semantic matching
+     * uses conversation context, not taxonomy.
      */
     suggestedCategory?: string;
     /** User's country code. Default: 'US' */
@@ -850,11 +851,6 @@ declare class AttentionMarketClient {
     private agentId;
     private appId;
     constructor(config: SDKConfig);
-    /**
-     * Infer taxonomy from user message using keyword matching
-     * Returns best-guess taxonomy based on common patterns
-     */
-    private inferTaxonomy;
     /**
      * Validate SDK configuration for security
      */

package/dist/index.d.ts

@@ -82,7 +82,8 @@ interface DecideFromContextRequest {
     placement?: PlacementType;
     /**
      * Optional category hint (e.g., 'legal', 'insurance', 'travel').
-     * Used as fallback if semantic matching fails.
+     * Defaults to 'general.query'. Only used as fallback - semantic matching
+     * uses conversation context, not taxonomy.
      */
     suggestedCategory?: string;
     /** User's country code. Default: 'US' */
@@ -850,11 +851,6 @@ declare class AttentionMarketClient {
     private agentId;
     private appId;
     constructor(config: SDKConfig);
-    /**
-     * Infer taxonomy from user message using keyword matching
-     * Returns best-guess taxonomy based on common patterns
-     */
-    private inferTaxonomy;
     /**
      * Validate SDK configuration for security
      */

package/dist/index.js

@@ -516,59 +516,6 @@ var AttentionMarketClient = class {
     }
     this.http = new HTTPClient(httpConfig);
   }
-  /**
-   * Infer taxonomy from user message using keyword matching
-   * Returns best-guess taxonomy based on common patterns
-   */
-  inferTaxonomy(userMessage) {
-    const msg = userMessage.toLowerCase();
-    if (msg.match(/\b(ecommerce|e-commerce|online store|shopify|sell products?|product brand)\b/)) {
-      return "business.ecommerce.platform.trial";
-    }
-    if (msg.match(/\b(start.*business|launch.*business|business formation|llc|incorporate)\b/)) {
-      return "business.ecommerce.platform.trial";
-    }
-    if (msg.match(/\b(car insurance|auto insurance|vehicle insurance)\b/)) {
-      return "insurance.auto.full_coverage.quote";
-    }
-    if (msg.match(/\b(health insurance|medical insurance)\b/)) {
-      return "insurance.health.individual.quote";
-    }
-    if (msg.match(/\b(life insurance)\b/)) {
-      return "insurance.life.term.quote";
-    }
-    if (msg.match(/\b(insurance)\b/)) {
-      return "insurance.auto.full_coverage.quote";
-    }
-    if (msg.match(/\b(personal loan|debt consolidation|borrow money)\b/)) {
-      return "finance.loans.personal.apply";
-    }
-    if (msg.match(/\b(credit card)\b/)) {
-      return "finance.credit_cards.rewards.apply";
-    }
-    if (msg.match(/\b(mover?s?|moving|relocat(e|ing))\b/)) {
-      return "home_services.moving.local.quote";
-    }
-    if (msg.match(/\b(plumber|plumbing|leak|pipe)\b/)) {
-      return "home_services.plumbing.emergency.quote";
-    }
-    if (msg.match(/\b(electrician|electrical|wiring)\b/)) {
-      return "home_services.electrical.repair.quote";
-    }
-    if (msg.match(/\b(clean(ing|er)|maid service)\b/)) {
-      return "home_services.cleaning.regular.book";
-    }
-    if (msg.match(/\b(hotel|lodging|accommodation)\b/)) {
-      return "travel.hotels.luxury.book";
-    }
-    if (msg.match(/\b(flight|plane ticket|airfare)\b/)) {
-      return "travel.flights.domestic.book";
-    }
-    if (msg.match(/\b(lawyer|attorney|legal help)\b/)) {
-      return "legal.general.consultation";
-    }
-    return "business.ecommerce.platform.trial";
-  }
   /**
    * Validate SDK configuration for security
    */
@@ -652,7 +599,7 @@ var AttentionMarketClient = class {
     const language = params.language || "en";
     const platform = params.platform || "web";
     const placementType = params.placement || "sponsored_suggestion";
-    const taxonomy = params.suggestedCategory || this.inferTaxonomy(params.userMessage);
+    const taxonomy = params.suggestedCategory || "general.query";
     if (params.minQualityScore !== void 0) {
       if (typeof params.minQualityScore !== "number" || params.minQualityScore < 0 || params.minQualityScore > 1) {
         throw new Error("minQualityScore must be a number between 0.0 and 1.0");
@@ -707,6 +654,11 @@ var AttentionMarketClient = class {
     if (params.optimizeFor && params.optimizeFor !== "revenue" && params.optimizeFor !== "relevance") {
       throw new Error('optimizeFor must be either "revenue" or "relevance"');
     }
+    const validFormats = ["minimal", "standard", "verbose"];
+    const responseFormat = params.response_format || "minimal";
+    if (!validFormats.includes(responseFormat)) {
+      throw new Error(`response_format must be one of: ${validFormats.join(", ")}. Got: ${responseFormat}`);
+    }
     const request = {
       request_id: generateUUID(),
       agent_id: this.agentId,
@@ -735,7 +687,7 @@ var AttentionMarketClient = class {
       context,
       user_intent: params.userMessage,
       // Use minimal response format by default for better performance
-      response_format: "minimal",
+      response_format: responseFormat,
       // === Smart Context Fields (v0.15.0) ===
       // Include user context if we have any data
       ...(interests.length > 0 || recentTopics.length > 0 || purchaseIntent) && {
@@ -778,7 +730,11 @@ var AttentionMarketClient = class {
             tracking_token: response.tracking_token
           });
         } catch (error) {
-          console.warn("[AttentionMarket] Failed to auto-track impression:", error);
+          console.error("[AttentionMarket] REVENUE RISK: Failed to auto-track impression. Clicks without impressions will NOT earn revenue.", {
+            error: error instanceof Error ? error.message : String(error),
+            tracking_token: response.tracking_token,
+            unit_id: response["_meta"]?.["unit_id"]
+          });
         }
       }
       const adResponse2 = {
@@ -823,7 +779,11 @@ var AttentionMarketClient = class {
         tracking_token: adUnit.tracking.token
       });
     } catch (error) {
-      console.warn("[AttentionMarket] Failed to auto-track impression:", error);
+      console.error("[AttentionMarket] REVENUE RISK: Failed to auto-track impression. Clicks without impressions will NOT earn revenue.", {
+        error: error instanceof Error ? error.message : String(error),
+        tracking_token: adUnit.tracking.token,
+        unit_id: adUnit.unit_id
+      });
     }
     const adResponse = {
       request_id: response.request_id,
@@ -1173,7 +1133,7 @@ var AttentionMarketClient = class {
     const context = contextParts.join("\n");
     const country = params.context?.geo?.country || "US";
     const language = this.normalizeLocale(params.context?.locale);
-    const taxonomy = params.suggestedCategory || "unknown";
+    const taxonomy = params.suggestedCategory || "general.query";
     const idempotencyKey = options?.idempotencyKey || generateUUID();
     const request = {
       request_id: idempotencyKey,