@trentapps/manager-protocol 1.1.1

package/dist/rules/operational.js

@@ -0,0 +1,318 @@
+/**
+ * Enterprise Agent Supervisor - Operational Rules
+ *
+ * Built-in rules for operational excellence, resource management, and cost control.
+ */
+export const operationalRules = [
+    // ============================================================================
+    // RESOURCE MANAGEMENT RULES
+    // ============================================================================
+    {
+        id: 'ops-001',
+        name: 'Resource Allocation Limit',
+        description: 'Prevents excessive resource allocation',
+        type: 'operational',
+        enabled: true,
+        priority: 880,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'resource_allocation' },
+            { field: 'resourceCost', operator: 'greater_than', value: 1000 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Resource allocation exceeds $1000 - requires approval' }
+        ],
+        riskWeight: 30,
+        tags: ['operational', 'cost', 'resources']
+    },
+    {
+        id: 'ops-002',
+        name: 'Concurrent Operation Limit',
+        description: 'Limits concurrent expensive operations',
+        type: 'operational',
+        enabled: true,
+        priority: 850,
+        conditions: [
+            { field: 'operationType', operator: 'equals', value: 'expensive' },
+            { field: 'concurrentCount', operator: 'greater_than', value: 5 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'rate_limit', message: 'Too many concurrent expensive operations' }
+        ],
+        riskWeight: 25,
+        tags: ['operational', 'concurrency', 'limits']
+    },
+    {
+        id: 'ops-003',
+        name: 'Memory Usage Warning',
+        description: 'Warns when operations may consume excessive memory',
+        type: 'operational',
+        enabled: true,
+        priority: 800,
+        conditions: [
+            { field: 'estimatedMemoryMb', operator: 'greater_than', value: 512 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'Operation may consume >512MB memory - consider streaming' }
+        ],
+        riskWeight: 15,
+        tags: ['operational', 'memory', 'performance']
+    },
+    // ============================================================================
+    // PRODUCTION SAFETY RULES
+    // ============================================================================
+    {
+        id: 'ops-010',
+        name: 'Production Deployment Window',
+        description: 'Restricts deployments to approved windows',
+        type: 'operational',
+        enabled: true,
+        priority: 920,
+        conditions: [
+            { field: 'actionName', operator: 'equals', value: 'deploy' },
+            { field: 'environment', operator: 'equals', value: 'production' },
+            { field: 'deploymentWindowOpen', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Production deployment outside approved window requires approval' }
+        ],
+        riskWeight: 40,
+        tags: ['operational', 'deployment', 'change-management']
+    },
+    {
+        id: 'ops-011',
+        name: 'Rollback Plan Required',
+        description: 'Requires rollback plan for production changes',
+        type: 'operational',
+        enabled: true,
+        priority: 900,
+        conditions: [
+            { field: 'environment', operator: 'equals', value: 'production' },
+            { field: 'actionCategory', operator: 'in', value: ['system_config', 'data_modification'] },
+            { field: 'rollbackPlanDefined', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'Production changes should have a rollback plan defined' }
+        ],
+        riskWeight: 30,
+        tags: ['operational', 'rollback', 'safety']
+    },
+    {
+        id: 'ops-012',
+        name: 'Feature Flag for New Features',
+        description: 'Requires feature flags for new functionality in production',
+        type: 'operational',
+        enabled: true,
+        priority: 780,
+        conditions: [
+            { field: 'environment', operator: 'equals', value: 'production' },
+            { field: 'isNewFeature', operator: 'equals', value: true },
+            { field: 'featureFlagEnabled', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'New features in production should use feature flags' }
+        ],
+        riskWeight: 20,
+        tags: ['operational', 'feature-flags', 'deployment']
+    },
+    // ============================================================================
+    // INCIDENT MANAGEMENT RULES
+    // ============================================================================
+    {
+        id: 'ops-020',
+        name: 'Incident Response Escalation',
+        description: 'Escalates critical issues for immediate attention',
+        type: 'operational',
+        enabled: true,
+        priority: 980,
+        conditions: [
+            { field: 'incidentSeverity', operator: 'in', value: ['critical', 'high'] },
+            { field: 'environment', operator: 'equals', value: 'production' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'escalate', message: 'Critical production incident - immediate escalation required' },
+            { type: 'notify', message: 'ALERT: Critical production incident detected' }
+        ],
+        riskWeight: 50,
+        tags: ['operational', 'incident', 'escalation']
+    },
+    {
+        id: 'ops-021',
+        name: 'Change Freeze Enforcement',
+        description: 'Blocks changes during declared change freeze',
+        type: 'operational',
+        enabled: true,
+        priority: 990,
+        conditions: [
+            { field: 'changeFreezeActive', operator: 'equals', value: true },
+            { field: 'actionCategory', operator: 'in', value: ['system_config', 'data_modification', 'code_execution'] }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Changes blocked during change freeze period' }
+        ],
+        riskWeight: 60,
+        tags: ['operational', 'change-freeze', 'stability']
+    },
+    // ============================================================================
+    // COST CONTROL RULES
+    // ============================================================================
+    {
+        id: 'ops-030',
+        name: 'API Cost Threshold',
+        description: 'Requires approval for high-cost API operations',
+        type: 'operational',
+        enabled: true,
+        priority: 860,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'external_api' },
+            { field: 'estimatedCost', operator: 'greater_than', value: 10 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'API call cost exceeds $10 - requires approval' },
+            { type: 'log' }
+        ],
+        riskWeight: 25,
+        tags: ['operational', 'cost', 'api']
+    },
+    {
+        id: 'ops-031',
+        name: 'Token Usage Limit',
+        description: 'Limits AI/LLM token consumption',
+        type: 'operational',
+        enabled: true,
+        priority: 830,
+        conditions: [
+            { field: 'actionName', operator: 'contains', value: 'llm' },
+            { field: 'tokenCount', operator: 'greater_than', value: 100000 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'LLM call exceeds 100K tokens - requires approval' }
+        ],
+        riskWeight: 20,
+        tags: ['operational', 'cost', 'llm', 'tokens']
+    },
+    {
+        id: 'ops-032',
+        name: 'Daily Budget Enforcement',
+        description: 'Enforces daily spending limits',
+        type: 'operational',
+        enabled: true,
+        priority: 870,
+        conditions: [
+            { field: 'dailySpend', operator: 'greater_than', value: 500 },
+            { field: 'budgetOverrideApproved', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Daily budget limit ($500) exceeded - operation blocked' }
+        ],
+        riskWeight: 35,
+        tags: ['operational', 'budget', 'cost']
+    },
+    // ============================================================================
+    // MAINTENANCE WINDOW RULES
+    // ============================================================================
+    {
+        id: 'ops-040',
+        name: 'Maintenance Window Check',
+        description: 'Flags operations during maintenance windows',
+        type: 'operational',
+        enabled: true,
+        priority: 750,
+        conditions: [
+            { field: 'maintenanceWindowActive', operator: 'equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'System is in maintenance window - operations may be affected' }
+        ],
+        riskWeight: 10,
+        tags: ['operational', 'maintenance', 'awareness']
+    },
+    {
+        id: 'ops-041',
+        name: 'Backup Verification Required',
+        description: 'Requires backup verification before destructive operations',
+        type: 'operational',
+        enabled: true,
+        priority: 890,
+        conditions: [
+            { field: 'operation', operator: 'in', value: ['delete', 'truncate', 'drop', 'purge'] },
+            { field: 'environment', operator: 'equals', value: 'production' },
+            { field: 'backupVerified', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Destructive operation requires backup verification' }
+        ],
+        riskWeight: 45,
+        tags: ['operational', 'backup', 'destructive']
+    },
+    // ============================================================================
+    // AGENT OPERATION LIMITS
+    // ============================================================================
+    {
+        id: 'ops-050',
+        name: 'Agent Action Per-Session Limit',
+        description: 'Limits total actions an agent can take per session',
+        type: 'operational',
+        enabled: true,
+        priority: 840,
+        conditions: [
+            { field: 'sessionActionCount', operator: 'greater_than', value: 1000 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'Session action count exceeds 1000 - consider session rotation' }
+        ],
+        riskWeight: 15,
+        tags: ['operational', 'limits', 'session']
+    },
+    {
+        id: 'ops-051',
+        name: 'Agent Retry Limit',
+        description: 'Limits retry attempts for failed operations',
+        type: 'operational',
+        enabled: true,
+        priority: 820,
+        conditions: [
+            { field: 'retryCount', operator: 'greater_than', value: 5 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Maximum retry attempts (5) exceeded - operation blocked' },
+            { type: 'escalate', message: 'Operation repeatedly failing - escalation required' }
+        ],
+        riskWeight: 25,
+        tags: ['operational', 'retry', 'limits']
+    },
+    {
+        id: 'ops-052',
+        name: 'Agent Loop Detection',
+        description: 'Detects and prevents agent operation loops',
+        type: 'operational',
+        enabled: true,
+        priority: 950,
+        conditions: [
+            { field: 'actionPattern', operator: 'equals', value: 'loop_detected' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Operational loop detected - breaking cycle' },
+            { type: 'notify', message: 'Alert: Agent operation loop detected and broken' }
+        ],
+        riskWeight: 40,
+        tags: ['operational', 'loop', 'safety']
+    }
+];
+export default operationalRules;
+//# sourceMappingURL=operational.js.map

package/dist/rules/operational.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"operational.js","sourceRoot":"","sources":["../../src/rules/operational.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,gBAAgB,GAAmB;IAC9C,+EAA+E;IAC/E,4BAA4B;IAC5B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,2BAA2B;QACjC,WAAW,EAAE,wCAAwC;QACrD,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,qBAAqB,EAAE;YAC7E,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE;SACjE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,uDAAuD,EAAE;SAC/F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,WAAW,CAAC;KAC3C;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,wCAAwC;QACrD,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE;YAClE,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE;SACjE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,0CAA0C,EAAE;SAC5E;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC;KAC/C;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,oDAAoD;QACjE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,mBAAmB,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE;SACrE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,0DAA0D,EAAE;SACtF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,QAAQ,EAAE,aAAa,CAAC;KAC/C;IAED,+EAA+E;IAC/E,0BAA0B;IAC1B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,2CAA2C;QACxD,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE;YAC5D,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;YACjE,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SACvE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,iEAAiE,EAAE;SACzG;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,YAAY,EAAE,mBAAmB,CAAC;KACzD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,+CAA+C;QAC5D,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;YACjE,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,eAAe,EAAE,mBAAmB,CAAC,EAAE;YAC1F,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SACtE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,wDAAwD,EAAE;SACpF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,UAAU,EAAE,QAAQ,CAAC;KAC5C;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,+BAA+B;QACrC,WAAW,EAAE,4DAA4D;QACzE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;YACjE,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE;YAC1D,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SACrE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,qDAAqD,EAAE;SACjF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,eAAe,EAAE,YAAY,CAAC;KACrD;IAED,+EAA+E;IAC/E,4BAA4B;IAC5B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,mDAAmD;QAChE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE;YAC1E,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;SAClE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,8DAA8D,EAAE;YAC7F,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,8CAA8C,EAAE;SAC5E;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,UAAU,EAAE,YAAY,CAAC;KAChD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,2BAA2B;QACjC,WAAW,EAAE,8CAA8C;QAC3D,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE;YAChE,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,eAAe,EAAE,mBAAmB,EAAE,gBAAgB,CAAC,EAAE;SAC7G;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,6CAA6C,EAAE;SACzE;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,eAAe,EAAE,WAAW,CAAC;KACpD;IAED,+EAA+E;IAC/E,qBAAqB;IACrB,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,gDAAgD;QAC7D,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE;YACtE,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,EAAE,EAAE;SAChE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,+CAA+C,EAAE;YACtF,EAAE,IAAI,EAAE,KAAK,EAAE;SAChB;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,KAAK,CAAC;KACrC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,iCAAiC;QAC9C,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE;YAC3D,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE;SACjE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,kDAAkD,EAAE;SAC1F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC;KAC/C;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,gCAAgC;QAC7C,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE;YAC7D,EAAE,KAAK,EAAE,wBAAwB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SACzE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,wDAAwD,EAAE;SACpF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAM,CAAC;KACxC;IAED,+EAA+E;IAC/E,2BAA2B;IAC3B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,6CAA6C;QAC1D,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,yBAAyB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE;SACtE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,8DAA8D,EAAE;SAC1F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,WAAW,CAAC;KAClD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,4DAA4D;QACzE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;YACtF,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;YACjE,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SACjE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,oDAAoD,EAAE;SAC5F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,QAAQ,EAAE,aAAa,CAAC;KAC/C;IAED,+EAA+E;IAC/E,yBAAyB;IACzB,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,oDAAoD;QACjE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE;SACvE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,+DAA+D,EAAE;SAC3F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,QAAQ,EAAE,SAAS,CAAC;KAC3C;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6CAA6C;QAC1D,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE;SAC5D;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,yDAAyD,EAAE;YACpF,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,oDAAoD,EAAE;SACpF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,OAAO,EAAE,QAAQ,CAAC;KACzC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,4CAA4C;QACzD,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,EAAE;SACvE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,4CAA4C,EAAE;YACvE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,iDAAiD,EAAE;SAC/E;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KACxC;CACF,CAAC;AAEF,eAAe,gBAAgB,CAAC"}

package/dist/rules/security.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Enterprise Agent Supervisor - Security Rules
+ *
+ * Built-in security rules for protecting against common vulnerabilities and threats.
+ */
+import type { BusinessRule } from '../types/index.js';
+export declare const securityRules: BusinessRule[];
+export default securityRules;
+//# sourceMappingURL=security.d.ts.map

package/dist/rules/security.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/rules/security.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,eAAO,MAAM,aAAa,EAAE,YAAY,EA4RvC,CAAC;AAEF,eAAe,aAAa,CAAC"}

package/dist/rules/security.js

@@ -0,0 +1,287 @@
+/**
+ * Enterprise Agent Supervisor - Security Rules
+ *
+ * Built-in security rules for protecting against common vulnerabilities and threats.
+ */
+export const securityRules = [
+    // ============================================================================
+    // DATA PROTECTION RULES
+    // ============================================================================
+    {
+        id: 'sec-001',
+        name: 'Block PII Access Without Authorization',
+        description: 'Prevents unauthorized access to personally identifiable information',
+        type: 'security',
+        enabled: true,
+        priority: 950,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'pii_access' },
+            { field: 'userRole', operator: 'not_in', value: ['admin', 'data_officer', 'compliance'] }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'PII access requires authorized role (admin, data_officer, compliance)' },
+            { type: 'log' }
+        ],
+        riskWeight: 45,
+        tags: ['pii', 'gdpr', 'privacy']
+    },
+    {
+        id: 'sec-002',
+        name: 'Require Approval for Bulk Data Export',
+        description: 'Requires human approval for exporting large datasets',
+        type: 'security',
+        enabled: true,
+        priority: 900,
+        conditions: [
+            { field: 'actionName', operator: 'contains', value: 'export' },
+            { field: 'recordCount', operator: 'greater_than', value: 1000 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Bulk data export (>1000 records) requires human approval' }
+        ],
+        riskWeight: 35,
+        tags: ['data-export', 'bulk-operations']
+    },
+    {
+        id: 'sec-003',
+        name: 'Block Sensitive Data in Logs',
+        description: 'Prevents logging of sensitive information',
+        type: 'security',
+        enabled: true,
+        priority: 920,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'data_access' },
+            { field: 'dataClassification', operator: 'in', value: ['confidential', 'restricted'] },
+            { field: 'logEnabled', operator: 'equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'warn', message: 'Sensitive data should not be logged - ensure data masking is enabled' }
+        ],
+        riskWeight: 25,
+        tags: ['logging', 'data-masking']
+    },
+    // ============================================================================
+    // AUTHENTICATION & AUTHORIZATION RULES
+    // ============================================================================
+    {
+        id: 'sec-010',
+        name: 'Block Unauthenticated API Calls',
+        description: 'Prevents API calls without proper authentication',
+        type: 'security',
+        enabled: true,
+        priority: 990,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'external_api' },
+            { field: 'authToken', operator: 'not_exists', value: null }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'External API calls require authentication token' }
+        ],
+        riskWeight: 50,
+        tags: ['authentication', 'api']
+    },
+    {
+        id: 'sec-011',
+        name: 'Privilege Escalation Detection',
+        description: 'Detects and blocks privilege escalation attempts',
+        type: 'security',
+        enabled: true,
+        priority: 980,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'authorization' },
+            { field: 'targetRole', operator: 'in', value: ['admin', 'superuser', 'root'] },
+            { field: 'userRole', operator: 'not_in', value: ['admin', 'superuser'] }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Privilege escalation attempt blocked' },
+            { type: 'notify', message: 'Security alert: Privilege escalation attempt detected' }
+        ],
+        riskWeight: 60,
+        tags: ['privilege-escalation', 'authorization']
+    },
+    {
+        id: 'sec-012',
+        name: 'Session Hijacking Prevention',
+        description: 'Blocks actions from suspicious session patterns',
+        type: 'security',
+        enabled: true,
+        priority: 970,
+        conditions: [
+            { field: 'sessionAnomalyScore', operator: 'greater_than', value: 0.8 }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Session anomaly detected - action blocked for security' },
+            { type: 'notify', message: 'Security alert: Possible session hijacking detected' }
+        ],
+        riskWeight: 55,
+        tags: ['session-security', 'anomaly-detection']
+    },
+    // ============================================================================
+    // CODE EXECUTION RULES
+    // ============================================================================
+    {
+        id: 'sec-020',
+        name: 'Block Arbitrary Code Execution',
+        description: 'Prevents execution of unvalidated code',
+        type: 'security',
+        enabled: true,
+        priority: 1000,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'code_execution' },
+            { field: 'codeValidated', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Code execution requires validation before execution' }
+        ],
+        riskWeight: 70,
+        tags: ['code-execution', 'validation']
+    },
+    {
+        id: 'sec-021',
+        name: 'Sandbox Requirement for Scripts',
+        description: 'Requires sandbox for script execution',
+        type: 'security',
+        enabled: true,
+        priority: 960,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'code_execution' },
+            { field: 'sandboxed', operator: 'not_equals', value: true },
+            { field: 'environment', operator: 'equals', value: 'production' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Script execution in production requires sandboxing' }
+        ],
+        riskWeight: 50,
+        tags: ['sandbox', 'code-execution', 'production']
+    },
+    // ============================================================================
+    // NETWORK SECURITY RULES
+    // ============================================================================
+    {
+        id: 'sec-030',
+        name: 'Block Unauthorized External Connections',
+        description: 'Prevents connections to non-whitelisted external hosts',
+        type: 'security',
+        enabled: true,
+        priority: 940,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'network' },
+            { field: 'hostWhitelisted', operator: 'not_equals', value: true }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Connection to non-whitelisted host requires approval' }
+        ],
+        riskWeight: 35,
+        tags: ['network', 'whitelist']
+    },
+    {
+        id: 'sec-031',
+        name: 'Enforce HTTPS for External APIs',
+        description: 'Requires HTTPS for all external API communications',
+        type: 'security',
+        enabled: true,
+        priority: 930,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'external_api' },
+            { field: 'protocol', operator: 'not_equals', value: 'https' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'External API calls must use HTTPS' }
+        ],
+        riskWeight: 40,
+        tags: ['https', 'encryption', 'api']
+    },
+    // ============================================================================
+    // FILE SYSTEM SECURITY RULES
+    // ============================================================================
+    {
+        id: 'sec-040',
+        name: 'Block Access to System Files',
+        description: 'Prevents access to critical system files',
+        type: 'security',
+        enabled: true,
+        priority: 990,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'file_system' },
+            { field: 'filePath', operator: 'matches_regex', value: '^(/etc|/sys|/proc|C:\\\\Windows)' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Access to system files is prohibited' }
+        ],
+        riskWeight: 60,
+        tags: ['file-system', 'system-files']
+    },
+    {
+        id: 'sec-041',
+        name: 'Require Approval for Config File Changes',
+        description: 'Requires approval for modifying configuration files',
+        type: 'security',
+        enabled: true,
+        priority: 880,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'file_system' },
+            { field: 'operation', operator: 'in', value: ['write', 'delete', 'modify'] },
+            { field: 'filePath', operator: 'matches_regex', value: '\\.(conf|config|yml|yaml|json|env)$' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'require_approval', message: 'Configuration file changes require approval' }
+        ],
+        riskWeight: 30,
+        tags: ['configuration', 'file-system']
+    },
+    // ============================================================================
+    // INJECTION PREVENTION RULES
+    // ============================================================================
+    {
+        id: 'sec-050',
+        name: 'SQL Injection Prevention',
+        description: 'Detects and blocks SQL injection patterns',
+        type: 'security',
+        enabled: true,
+        priority: 1000,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'data_access' },
+            { field: 'query', operator: 'matches_regex', value: '(\\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|OR|AND)\\b.*[\'";])|(--)|(\\*/)|(/\\*)' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'SQL injection pattern detected - action blocked' },
+            { type: 'notify', message: 'Security alert: SQL injection attempt detected' }
+        ],
+        riskWeight: 80,
+        tags: ['sql-injection', 'owasp']
+    },
+    {
+        id: 'sec-051',
+        name: 'Command Injection Prevention',
+        description: 'Detects and blocks command injection patterns',
+        type: 'security',
+        enabled: true,
+        priority: 1000,
+        conditions: [
+            { field: 'actionCategory', operator: 'equals', value: 'code_execution' },
+            { field: 'command', operator: 'matches_regex', value: '([;&|`$]|\\$\\(|\\{\\{)' }
+        ],
+        conditionLogic: 'all',
+        actions: [
+            { type: 'deny', message: 'Command injection pattern detected - action blocked' },
+            { type: 'notify', message: 'Security alert: Command injection attempt detected' }
+        ],
+        riskWeight: 80,
+        tags: ['command-injection', 'owasp']
+    }
+];
+export default securityRules;
+//# sourceMappingURL=security.js.map

package/dist/rules/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../../src/rules/security.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,aAAa,GAAmB;IAC3C,+EAA+E;IAC/E,wBAAwB;IACxB,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,wCAAwC;QAC9C,WAAW,EAAE,qEAAqE;QAClF,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;YACpE,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,YAAY,CAAC,EAAE;SAC1F;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,uEAAuE,EAAE;YAClG,EAAE,IAAI,EAAE,KAAK,EAAE;SAChB;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;KACjC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uCAAuC;QAC7C,WAAW,EAAE,sDAAsD;QACnE,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE;YAC9D,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE;SAChE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,0DAA0D,EAAE;SAClG;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,iBAAiB,CAAC;KACzC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,2CAA2C;QACxD,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE;YACrE,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC,EAAE;YACtF,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE;SACzD;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,sEAAsE,EAAE;SAClG;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,SAAS,EAAE,cAAc,CAAC;KAClC;IAED,+EAA+E;IAC/E,uCAAuC;IACvC,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,kDAAkD;QAC/D,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE;YACtE,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SAC5D;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iDAAiD,EAAE;SAC7E;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,gBAAgB,EAAE,KAAK,CAAC;KAChC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,kDAAkD;QAC/D,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,EAAE;YACvE,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE;YAC9E,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,OAAO,EAAE,WAAW,CAAC,EAAE;SACzE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,sCAAsC,EAAE;YACjE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,uDAAuD,EAAE;SACrF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,sBAAsB,EAAE,eAAe,CAAC;KAChD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,iDAAiD;QAC9D,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE;SACvE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,wDAAwD,EAAE;YACnF,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,qDAAqD,EAAE;SACnF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,kBAAkB,EAAE,mBAAmB,CAAC;KAChD;IAED,+EAA+E;IAC/E,uBAAuB;IACvB,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,wCAAwC;QACrD,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,IAAI;QACd,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE;YACxE,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SAChE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,qDAAqD,EAAE;SACjF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,gBAAgB,EAAE,YAAY,CAAC;KACvC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,uCAAuC;QACpD,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE;YACxE,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;YAC3D,EAAE,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE;SAClE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,oDAAoD,EAAE;SAChF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,YAAY,CAAC;KAClD;IAED,+EAA+E;IAC/E,yBAAyB;IACzB,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,yCAAyC;QAC/C,WAAW,EAAE,wDAAwD;QACrE,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE;YACjE,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE;SAClE;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,sDAAsD,EAAE;SAC9F;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC;KAC/B;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,oDAAoD;QACjE,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE;YACtE,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE;SAC9D;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,mCAAmC,EAAE;SAC/D;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC;KACrC;IAED,+EAA+E;IAC/E,6BAA6B;IAC7B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,0CAA0C;QACvD,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE;YACrE,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,kCAAkC,EAAE;SAC5F;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,sCAAsC,EAAE;SAClE;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,aAAa,EAAE,cAAc,CAAC;KACtC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0CAA0C;QAChD,WAAW,EAAE,qDAAqD;QAClE,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG;QACb,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE;YACrE,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,EAAE;YAC5E,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,qCAAqC,EAAE;SAC/F;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,6CAA6C,EAAE;SACrF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,CAAC;KACvC;IAED,+EAA+E;IAC/E,6BAA6B;IAC7B,+EAA+E;IAC/E;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,2CAA2C;QACxD,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,IAAI;QACd,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE;YACrE,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,oFAAoF,EAAE;SAC3I;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iDAAiD,EAAE;YAC5E,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,gDAAgD,EAAE;SAC9E;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,eAAe,EAAE,OAAO,CAAC;KACjC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,+CAA+C;QAC5D,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,IAAI;QACd,UAAU,EAAE;YACV,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE;YACxE,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,yBAAyB,EAAE;SAClF;QACD,cAAc,EAAE,KAAK;QACrB,OAAO,EAAE;YACP,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,qDAAqD,EAAE;YAChF,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,oDAAoD,EAAE;SAClF;QACD,UAAU,EAAE,EAAE;QACd,IAAI,EAAE,CAAC,mBAAmB,EAAE,OAAO,CAAC;KACrC;CACF,CAAC;AAEF,eAAe,aAAa,CAAC"}

package/dist/rules/storage.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Browser Storage Rules
+ * Governance rules for localStorage, sessionStorage, and IndexedDB
+ */
+import type { BusinessRule } from '../types/index.js';
+export declare const storageRules: BusinessRule[];
+//# sourceMappingURL=storage.d.ts.map

package/dist/rules/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../src/rules/storage.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,eAAO,MAAM,YAAY,EAAE,YAAY,EAgItC,CAAC"}