@troykelly/openclaw-projects 0.0.10 → 0.0.12

package/dist/utils/auto-linker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-linker.js","sourceRoot":"","sources":["../../src/utils/auto-linker.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAIH,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AAErD,sDAAsD;AAEtD,wDAAwD;AACxD,MAAM,CAAC,MAAM,4BAA4B,GAAG,IAAI,CAAC;AAEjD,iEAAiE;AACjE,MAAM,QAAQ,GAAG,cAAc,CAAC;AAEhC,iEAAiE;AACjE,MAAM,UAAU,GAAG,cAAc,CAAC;AAElC,mDAAmD;AACnD,MAAM,uBAAuB,GAAG,GAAG,CAAC;AAEpC,uDAAuD;AACvD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;AAE3C,oDAAoD;AACpD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC;AAyEpE,oDAAoD;AAEpD;;;;;GAKG;AACH,SAAS,cAAc,CAAC,QAAgB;IACtC,OAAO,UAAU,QAAQ,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,UAAkB,EAAE,SAAiB,EAAE,UAAkB,EAAE,SAAiB;IAChG,OAAO,GAAG,UAAU,IAAI,SAAS,IAAI,UAAU,IAAI,SAAS,EAAE,CAAC;AACjE,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,UAAkB,EAAE,SAAiB;IAC3D,OAAO,OAAO,UAAU,IAAI,SAAS,EAAE,CAAC;AAC1C,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,gBAAgB,CAC7B,MAAiB,EACjB,MAAc,EACd,MAAc,EACd,UAAkB,EAClB,QAAgB,EAChB,UAAkB,EAClB,SAAiB,EACjB,KAAc;IAEd,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,MAAM,UAAU,GAAG,YAAY,CAAC,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IAC7E,MAAM,UAAU,GAAG,YAAY,CAAC,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;IAE7E,MAAM,WAAW,GAAG;QAClB,WAAW,EAAE,UAAU;QACvB,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,KAAK,IAAI,IAAI;QACpB,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,IAAI;KAClB,CAAC;IAEF,MAAM,WAAW,GAAG;QAClB,WAAW,EAAE,UAAU;QACvB,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,QAAQ;QACpB,KAAK,EAAE,KAAK,IAAI,IAAI;QACpB,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,IAAI;KAClB,CAAC;IAEF,sBAAsB;IACtB,MAAM,eAAe,GAAG,MAAM,MAAM,CAAC,IAAI,CACvC,wBAAwB,EACxB;QACE,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,UAAU;QACtB,GAAG,EAAE,UAAU;QACf,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;KAC7C,EACD,EAAE,MAAM,EAAE,CACX,CAAC;IAEF,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;YACxD,MAAM;YACN,UAAU;YACV,UAAU;YACV,MAAM,EAAE,eAAe,CAAC,KAAK,CAAC,MAAM;SACrC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sBAAsB;IACtB,MAAM,eAAe,GAAG,MAAM,MAAM,CAAC,IAAI,CACvC,wBAAwB,EACxB;QACE,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,UAAU;QACtB,GAAG,EAAE,UAAU;QACf,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;KAC9C,EACD,EAAE,MAAM,EAAE,CACX,CAAC;IAEF,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;YACxD,MAAM;YACN,UAAU;YACV,UAAU;YACV,MAAM,EAAE,eAAe,CAAC,KAAK,CAAC,MAAM;SACrC,CAAC,CAAC;QAEH,gDAAgD;QAChD,MAAM,gBAAgB,GAAG,MAAM,MAAM,CAAC,MAAM,CAC1C,0BAA0B,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EACnD,EAAE,MAAM,EAAE,CACX,CAAC;QAEF,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC9B,MAAM,CAAC,KAAK,CAAC,uEAAuE,EAAE;gBACpF,MAAM;gBACN,SAAS,EAAE,eAAe,CAAC,IAAI,CAAC,EAAE;gBAClC,cAAc,EAAE,gBAAgB,CAAC,KAAK,CAAC,MAAM;aAC9C,CAAC,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,4DAA4D;AAE5D;;;;;GAKG;AACH,KAAK,UAAU,qBAAqB,CAClC,MAAiB,EACjB,MAAc,EACd,MAAc,EACd,QAAgB,EAChB,WAAoB,EACpB,WAAoB;IAEpB,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,8DAA8D;IAC9D,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,IAAI,WAAW;QAAE,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACjD,IAAI,WAAW;QAAE,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAEjD,yCAAyC;IACzC,MAAM,WAAW,GAAoB,EAAE,CAAC;IAExC,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE,CAAC;QACxC,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC;YACtC,MAAM,EAAE,WAAW;YACnB,KAAK,EAAE,GAAG;YACV,UAAU,EAAE,MAAM;SACnB,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAI9B,iBAAiB,WAAW,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAE1D,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;gBACjD,MAAM;gBACN,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM;gBAC7B,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI;aAC1B,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;QACrE,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,+DAA+D;IAC/D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,eAAe,GAAoB,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;QAC5B,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,SAAS;QAE7B,MAAM,UAAU,GAAG,WAAW,IAAI,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,WAAW,CAAC,WAAW,EAAE,CAAC;QAC/F,MAAM,UAAU,GAAG,WAAW,IAAI,IAAI,IAAI,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC;QAElE,IAAI,UAAU,IAAI,UAAU,EAAE,CAAC;YAC7B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACf,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,gBAAgB,GAAa,EAAE,CAAC;IAEtC,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,IAAI,CAAC;YACH,0EAA0E;YAC1E,iEAAiE;YACjE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CACnC,MAAM,EACN,MAAM,EACN,MAAM,EACN,SAAS,EACT,OAAO,CAAC,EAAE,EACV,KAAK,EACL,SAAS,EACT,wBAAwB,CACzB,CAAC;YAEF,IAAI,MAAM,EAAE,CAAC;gBACX,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,4CAA4C,EAAE;gBACzD,MAAM;gBACN,SAAS,EAAE,OAAO,CAAC,EAAE;gBACrB,KAAK,EAAE,oBAAoB,CAAC,KAAK,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,6DAA6D;AAE7D;;;GAGG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAiB,EACjB,MAAc,EACd,MAAc,EACd,QAAgB,EAChB,OAAe,EACf,mBAA2B;IAE3B,+DAA+D;IAC/D,oFAAoF;IACpF,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAE1D,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClC,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,sBAAsB;IACtB,MAAM,WAAW,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC,EAAE,uBAAuB,CAAC,CAAC;IAE3E,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC;QACtC,CAAC,EAAE,WAAW;QACd,KAAK,EAAE,WAAW;QAClB,KAAK,EAAE,IAAI;QACX,QAAQ,EAAE,MAAM;QAChB,UAAU,EAAE,MAAM;KACnB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAI9B,eAAe,WAAW,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;IAExD,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;YACjD,MAAM;YACN,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM;YAC7B,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI;SAC1B,CAAC,CAAC;QACH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;IAE5C,iDAAiD;IACjD,MAAM,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,mBAAmB,CAAC,CAAC;IAEpF,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvC,MAAM,CAAC,KAAK,CAAC,iDAAiD,EAAE;YAC9D,MAAM;YACN,SAAS,EAAE,mBAAmB;YAC9B,YAAY,EAAE,OAAO,CAAC,MAAM;YAC5B,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC;SACjC,CAAC,CAAC;QACH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,KAAK,MAAM,IAAI,IAAI,qBAAqB,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC;QACjC,MAAM,SAAS,GAAG,IAAI,KAAK,SAAS,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,KAAK,SAAS,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAE1D,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE,CAAC;YAC1B,SAAS;QACX,CAAC;QAED,MAAM,UAAU,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;QAElD,IAAI,CAAC;YACH,0EAA0E;YAC1E,iEAAiE;YACjE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CACnC,MAAM,EACN,MAAM,EACN,MAAM,EACN,UAAU,EACV,IAAI,CAAC,EAAE,EACP,KAAK,EACL,SAAS,EACT,eAAe,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAC7C,CAAC;YAEF,IAAI,MAAM,EAAE,CAAC;gBACX,IAAI,SAAS,EAAE,CAAC;oBACd,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC/B,CAAC;qBAAM,CAAC;oBACN,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,8CAA8C,EAAE;gBAC3D,MAAM;gBACN,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,oBAAoB,CAAC,KAAK,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;AAC1D,CAAC;AAED,0DAA0D;AAE1D;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,OAAwB;IACnE,MAAM,EACJ,MAAM,EACN,MAAM,EACN,MAAM,EACN,OAAO,EACP,mBAAmB,GAAG,4BAA4B,GACnD,GAAG,OAAO,CAAC;IAEZ,MAAM,WAAW,GAAmB;QAClC,YAAY,EAAE,CAAC;QACf,OAAO,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;KACnD,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;YACrD,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,cAAc,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW;YACrC,cAAc,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW;YACrC,aAAa,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM;SACtC,CAAC,CAAC;QAEH,sEAAsE;QACtE,MAAM,cAAc,GAAG,MAAM,qBAAqB,CAChD,MAAM,EACN,MAAM,EACN,MAAM,EACN,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,WAAW,EACnB,OAAO,CAAC,WAAW,CACpB,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAChB,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;gBAClD,MAAM;gBACN,KAAK,EAAE,oBAAoB,CAAC,KAAK,CAAC;aACnC,CAAC,CAAC;YACH,OAAO,EAAc,CAAC;QACxB,CAAC,CAAC,CAAC;QAEH,uEAAuE;QACvE,8EAA8E;QAC9E,6EAA6E;QAC7E,oCAAoC;QACpC,IAAI,cAAc,GAAG,EAAE,QAAQ,EAAE,EAAc,EAAE,KAAK,EAAE,EAAc,EAAE,CAAC;QAEzE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,cAAc,GAAG,MAAM,uBAAuB,CAC5C,MAAM,EACN,MAAM,EACN,MAAM,EACN,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,OAAO,EACf,mBAAmB,CACpB,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBAChB,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE;oBACnD,MAAM;oBACN,KAAK,EAAE,oBAAoB,CAAC,KAAK,CAAC;iBACnC,CAAC,CAAC;gBACH,OAAO,EAAE,QAAQ,EAAE,EAAc,EAAE,KAAK,EAAE,EAAc,EAAE,CAAC;YAC7D,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,kEAAkE,EAAE;gBAC/E,MAAM;gBACN,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC3B,CAAC,CAAC;QACL,CAAC;QAED,MAAM,MAAM,GAAmB;YAC7B,YAAY,EAAE,cAAc,CAAC,MAAM,GAAG,cAAc,CAAC,QAAQ,CAAC,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,MAAM;YAClG,OAAO,EAAE;gBACP,QAAQ,EAAE,cAAc;gBACxB,QAAQ,EAAE,cAAc,CAAC,QAAQ;gBACjC,KAAK,EAAE,cAAc,CAAC,KAAK;aAC5B;SACF,CAAC;QAEF,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;YACpC,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,cAAc,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;YAC9C,cAAc,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;YAC9C,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM;SACzC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;YAC9C,MAAM;YACN,KAAK,EAAE,oBAAoB,CAAC,KAAK,CAAC;SACnC,CAAC,CAAC;QACH,OAAO,WAAW,CAAC;IACrB,CAAC;AACH,CAAC"}

package/dist/utils/geo.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Geo utilities for location-aware memory recall.
+ * Part of Epic #1204, Issue #1206.
+ */
+/**
+ * Calculate the great-circle distance between two points using the Haversine formula.
+ * Returns distance in kilometres.
+ */
+export declare function haversineDistanceKm(lat1: number, lng1: number, lat2: number, lng2: number): number;
+/**
+ * Compute a geo relevance score using exponential decay.
+ * Returns 1.0 for distance 0, approaching 0 for large distances.
+ * @param distanceKm - distance in kilometres
+ * @param scaleKm - decay scale factor (default 10 km)
+ */
+export declare function computeGeoScore(distanceKm: number, scaleKm?: number): number;
+/**
+ * Blend a content relevance score with a geo relevance score.
+ * @param contentScore - semantic similarity score (0-1)
+ * @param geoScore - geo proximity score (0-1)
+ * @param weight - weight given to geo score (0 = content only, 1 = geo only)
+ */
+export declare function blendScores(contentScore: number, geoScore: number, weight: number): number;
+//# sourceMappingURL=geo.d.ts.map

package/dist/utils/geo.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"geo.d.ts","sourceRoot":"","sources":["../../src/utils/geo.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,GACX,MAAM,CAQR;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,SAAK,GAAG,MAAM,CAExE;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAE1F"}

package/dist/utils/geo.js

@@ -0,0 +1,38 @@
+/**
+ * Geo utilities for location-aware memory recall.
+ * Part of Epic #1204, Issue #1206.
+ */
+function toRad(deg) {
+    return (deg * Math.PI) / 180;
+}
+/**
+ * Calculate the great-circle distance between two points using the Haversine formula.
+ * Returns distance in kilometres.
+ */
+export function haversineDistanceKm(lat1, lng1, lat2, lng2) {
+    const R = 6371; // Earth radius in km
+    const dLat = toRad(lat2 - lat1);
+    const dLng = toRad(lng2 - lng1);
+    const a = Math.sin(dLat / 2) ** 2 +
+        Math.cos(toRad(lat1)) * Math.cos(toRad(lat2)) * Math.sin(dLng / 2) ** 2;
+    return R * 2 * Math.atan2(Math.sqrt(a), Math.sqrt(1 - a));
+}
+/**
+ * Compute a geo relevance score using exponential decay.
+ * Returns 1.0 for distance 0, approaching 0 for large distances.
+ * @param distanceKm - distance in kilometres
+ * @param scaleKm - decay scale factor (default 10 km)
+ */
+export function computeGeoScore(distanceKm, scaleKm = 10) {
+    return Math.exp(-distanceKm / scaleKm);
+}
+/**
+ * Blend a content relevance score with a geo relevance score.
+ * @param contentScore - semantic similarity score (0-1)
+ * @param geoScore - geo proximity score (0-1)
+ * @param weight - weight given to geo score (0 = content only, 1 = geo only)
+ */
+export function blendScores(contentScore, geoScore, weight) {
+    return (1 - weight) * contentScore + weight * geoScore;
+}
+//# sourceMappingURL=geo.js.map

package/dist/utils/geo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"geo.js","sourceRoot":"","sources":["../../src/utils/geo.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,SAAS,KAAK,CAAC,GAAW;IACxB,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,IAAY,EACZ,IAAY,EACZ,IAAY,EACZ,IAAY;IAEZ,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,qBAAqB;IACrC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAChC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IAChC,MAAM,CAAC,GACL,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,UAAkB,EAAE,OAAO,GAAG,EAAE;IAC9D,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,UAAU,GAAG,OAAO,CAAC,CAAC;AACzC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,YAAoB,EAAE,QAAgB,EAAE,MAAc;IAChF,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,YAAY,GAAG,MAAM,GAAG,QAAQ,CAAC;AACzD,CAAC"}

package/dist/utils/inbound-gate.d.ts

@@ -0,0 +1,85 @@
+/**
+ * Inbound message gate — unified pre-processing gate for inbound messages.
+ *
+ * Orchestrates spam filter, rate limiter, and token budget as a single
+ * evaluation point before any message processing (embedding, linking, etc.).
+ *
+ * NOTE: All state (rate limiter windows, token budget counters) is held
+ * in-memory and does not persist across process restarts or span multiple
+ * instances. This is acceptable for single-instance deployments. For
+ * multi-instance deployments, the rate limiter and token budget would need
+ * to be backed by skill_store or an external store (e.g. Redis) to share
+ * state across processes.
+ *
+ * Part of Issue #1225 — rate limiting and spam protection.
+ */
+import { type SpamFilterConfig, type InboundMessage } from './spam-filter.js';
+import { type RateLimiterConfig, type SenderTrust } from './rate-limiter.js';
+import { type TokenBudgetConfig } from './token-budget.js';
+import type { Logger } from '../logger.js';
+/** Re-export InboundMessage for convenience */
+export type { InboundMessage } from './spam-filter.js';
+/** Actions the gate can take on a message */
+export type GateAction = 'allow' | 'reject' | 'rate_limited' | 'budget_exceeded' | 'defer';
+/** Result of the inbound gate evaluation */
+export interface InboundGateDecision {
+    /** Action to take on the message */
+    action: GateAction;
+    /** Human-readable reason for the decision, null if allowed */
+    reason: string | null;
+    /** Whether to skip embedding for this message */
+    skipEmbedding: boolean;
+}
+/** Configuration for the inbound gate */
+export interface InboundGateConfig {
+    /** Spam filter configuration */
+    spamFilter: SpamFilterConfig;
+    /** Rate limiter configuration */
+    rateLimiter: RateLimiterConfig;
+    /** Token budget configuration */
+    tokenBudget: TokenBudgetConfig;
+    /** Whether to defer processing for unknown senders */
+    deferUnknownSenders?: boolean;
+}
+/** Aggregate gate statistics */
+export interface InboundGateStats {
+    /** Total messages evaluated */
+    totalEvaluated: number;
+    /** Messages allowed through */
+    allowed: number;
+    /** Messages rejected as spam */
+    rejected: number;
+    /** Messages rate-limited */
+    rateLimited: number;
+    /** Messages denied due to budget */
+    budgetExceeded: number;
+    /** Messages deferred */
+    deferred: number;
+}
+/** Inbound gate instance */
+export interface InboundGate {
+    /**
+     * Evaluate a message and return a gate decision.
+     * When estimatedTokens > 0 and the message is allowed, the token budget
+     * is atomically consumed during evaluation — callers must NOT separately
+     * record token usage or the budget will be double-counted.
+     */
+    evaluate(message: InboundMessage, trust: SenderTrust, estimatedTokens?: number): InboundGateDecision;
+    /** Get aggregate statistics */
+    getStats(): InboundGateStats;
+}
+/**
+ * Create an inbound message gate.
+ *
+ * Checks are applied in this order:
+ * 1. Spam filter (reject bulk/marketing/known spam)
+ * 2. Rate limiter (per-sender and per-recipient caps)
+ * 3. Token budget (cost protection)
+ * 4. Deferred processing (unknown senders, if configured)
+ *
+ * @param config - Gate configuration
+ * @param logger - Logger for recording decisions
+ * @returns InboundGate instance
+ */
+export declare function createInboundGate(config: InboundGateConfig, logger: Logger): InboundGate;
+//# sourceMappingURL=inbound-gate.d.ts.map

package/dist/utils/inbound-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inbound-gate.d.ts","sourceRoot":"","sources":["../../src/utils/inbound-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAU,KAAK,gBAAgB,EAAE,KAAK,cAAc,EAAE,MAAM,kBAAkB,CAAC;AACtF,OAAO,EAAqB,KAAK,iBAAiB,EAAoB,KAAK,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAClH,OAAO,EAAqB,KAAK,iBAAiB,EAAoB,MAAM,mBAAmB,CAAC;AAChG,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAE3C,+CAA+C;AAC/C,YAAY,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEvD,6CAA6C;AAC7C,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,QAAQ,GAAG,cAAc,GAAG,iBAAiB,GAAG,OAAO,CAAC;AAE3F,4CAA4C;AAC5C,MAAM,WAAW,mBAAmB;IAClC,oCAAoC;IACpC,MAAM,EAAE,UAAU,CAAC;IACnB,8DAA8D;IAC9D,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,iDAAiD;IACjD,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,yCAAyC;AACzC,MAAM,WAAW,iBAAiB;IAChC,gCAAgC;IAChC,UAAU,EAAE,gBAAgB,CAAC;IAC7B,iCAAiC;IACjC,WAAW,EAAE,iBAAiB,CAAC;IAC/B,iCAAiC;IACjC,WAAW,EAAE,iBAAiB,CAAC;IAC/B,sDAAsD;IACtD,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED,gCAAgC;AAChC,MAAM,WAAW,gBAAgB;IAC/B,+BAA+B;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,+BAA+B;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,gCAAgC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,4BAA4B;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,oCAAoC;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,4BAA4B;AAC5B,MAAM,WAAW,WAAW;IAC1B;;;;;OAKG;IACH,QAAQ,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,CAAC,EAAE,MAAM,GAAG,mBAAmB,CAAC;IACrG,+BAA+B;IAC/B,QAAQ,IAAI,gBAAgB,CAAC;CAC9B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM,GAAG,WAAW,CA4GxF"}

package/dist/utils/inbound-gate.js

@@ -0,0 +1,133 @@
+/**
+ * Inbound message gate — unified pre-processing gate for inbound messages.
+ *
+ * Orchestrates spam filter, rate limiter, and token budget as a single
+ * evaluation point before any message processing (embedding, linking, etc.).
+ *
+ * NOTE: All state (rate limiter windows, token budget counters) is held
+ * in-memory and does not persist across process restarts or span multiple
+ * instances. This is acceptable for single-instance deployments. For
+ * multi-instance deployments, the rate limiter and token budget would need
+ * to be backed by skill_store or an external store (e.g. Redis) to share
+ * state across processes.
+ *
+ * Part of Issue #1225 — rate limiting and spam protection.
+ */
+import { isSpam } from './spam-filter.js';
+import { createRateLimiter } from './rate-limiter.js';
+import { createTokenBudget } from './token-budget.js';
+/**
+ * Create an inbound message gate.
+ *
+ * Checks are applied in this order:
+ * 1. Spam filter (reject bulk/marketing/known spam)
+ * 2. Rate limiter (per-sender and per-recipient caps)
+ * 3. Token budget (cost protection)
+ * 4. Deferred processing (unknown senders, if configured)
+ *
+ * @param config - Gate configuration
+ * @param logger - Logger for recording decisions
+ * @returns InboundGate instance
+ */
+export function createInboundGate(config, logger) {
+    const rateLimiter = createRateLimiter(config.rateLimiter);
+    const tokenBudget = createTokenBudget(config.tokenBudget);
+    let totalEvaluated = 0;
+    let allowed = 0;
+    let rejected = 0;
+    let rateLimited = 0;
+    let budgetExceeded = 0;
+    let deferred = 0;
+    return {
+        evaluate(message, trust, estimatedTokens = 0) {
+            totalEvaluated++;
+            // Step 1: Spam filter
+            const spamResult = isSpam(message, config.spamFilter);
+            if (spamResult.isSpam) {
+                rejected++;
+                logger.info('inbound gate: spam rejected', {
+                    sender: message.sender,
+                    channel: message.channel,
+                    reason: spamResult.reason,
+                });
+                return {
+                    action: 'reject',
+                    reason: `spam: ${spamResult.reason}`,
+                    skipEmbedding: true,
+                };
+            }
+            // Step 2: Rate limiter (pass channel for sender normalization)
+            const rateResult = rateLimiter.check(message.sender, message.recipient, trust, message.channel);
+            if (!rateResult.allowed) {
+                rateLimited++;
+                logger.warn('inbound gate: rate limited', {
+                    sender: message.sender,
+                    channel: message.channel,
+                    trust,
+                    reason: rateResult.reason,
+                    remaining: rateResult.remaining,
+                    retryAfterMs: rateResult.retryAfterMs,
+                });
+                return {
+                    action: 'rate_limited',
+                    reason: `rate limited: ${rateResult.reason}`,
+                    skipEmbedding: true,
+                };
+            }
+            // Step 3: Token budget (uses tryConsume for atomic check-and-record)
+            if (estimatedTokens > 0) {
+                const budgetResult = tokenBudget.tryConsume(estimatedTokens);
+                if (!budgetResult.allowed) {
+                    budgetExceeded++;
+                    logger.warn('inbound gate: token budget exceeded', {
+                        sender: message.sender,
+                        channel: message.channel,
+                        estimatedTokens,
+                        reason: budgetResult.reason,
+                    });
+                    return {
+                        action: 'budget_exceeded',
+                        reason: `budget exceeded: ${budgetResult.reason}`,
+                        skipEmbedding: true,
+                    };
+                }
+            }
+            // Step 4: Deferred processing for unknown senders
+            if (config.deferUnknownSenders && trust === 'unknown') {
+                deferred++;
+                logger.debug('inbound gate: deferring unknown sender', {
+                    sender: message.sender,
+                    channel: message.channel,
+                });
+                return {
+                    action: 'defer',
+                    reason: 'unknown sender deferred for batch processing',
+                    skipEmbedding: true,
+                };
+            }
+            // Message is allowed
+            allowed++;
+            logger.debug('inbound gate: allowed', {
+                sender: message.sender,
+                channel: message.channel,
+                trust,
+            });
+            return {
+                action: 'allow',
+                reason: null,
+                skipEmbedding: false,
+            };
+        },
+        getStats() {
+            return {
+                totalEvaluated,
+                allowed,
+                rejected,
+                rateLimited,
+                budgetExceeded,
+                deferred,
+            };
+        },
+    };
+}
+//# sourceMappingURL=inbound-gate.js.map

package/dist/utils/inbound-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inbound-gate.js","sourceRoot":"","sources":["../../src/utils/inbound-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,MAAM,EAA8C,MAAM,kBAAkB,CAAC;AACtF,OAAO,EAAE,iBAAiB,EAA8D,MAAM,mBAAmB,CAAC;AAClH,OAAO,EAAE,iBAAiB,EAA4C,MAAM,mBAAmB,CAAC;AA4DhG;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAyB,EAAE,MAAc;IACzE,MAAM,WAAW,GAAgB,iBAAiB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACvE,MAAM,WAAW,GAAgB,iBAAiB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAEvE,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,OAAO;QACL,QAAQ,CAAC,OAAuB,EAAE,KAAkB,EAAE,eAAe,GAAG,CAAC;YACvE,cAAc,EAAE,CAAC;YAEjB,sBAAsB;YACtB,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;YACtD,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;gBACtB,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;oBACzC,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;gBACH,OAAO;oBACL,MAAM,EAAE,QAAQ;oBAChB,MAAM,EAAE,SAAS,UAAU,CAAC,MAAM,EAAE;oBACpC,aAAa,EAAE,IAAI;iBACpB,CAAC;YACJ,CAAC;YAED,+DAA+D;YAC/D,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;YAChG,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;gBACxB,WAAW,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;oBACxC,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,KAAK;oBACL,MAAM,EAAE,UAAU,CAAC,MAAM;oBACzB,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,YAAY,EAAE,UAAU,CAAC,YAAY;iBACtC,CAAC,CAAC;gBACH,OAAO;oBACL,MAAM,EAAE,cAAc;oBACtB,MAAM,EAAE,iBAAiB,UAAU,CAAC,MAAM,EAAE;oBAC5C,aAAa,EAAE,IAAI;iBACpB,CAAC;YACJ,CAAC;YAED,qEAAqE;YACrE,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;gBACxB,MAAM,YAAY,GAAG,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;gBAC7D,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;oBAC1B,cAAc,EAAE,CAAC;oBACjB,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;wBACjD,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,eAAe;wBACf,MAAM,EAAE,YAAY,CAAC,MAAM;qBAC5B,CAAC,CAAC;oBACH,OAAO;wBACL,MAAM,EAAE,iBAAiB;wBACzB,MAAM,EAAE,oBAAoB,YAAY,CAAC,MAAM,EAAE;wBACjD,aAAa,EAAE,IAAI;qBACpB,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,kDAAkD;YAClD,IAAI,MAAM,CAAC,mBAAmB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACtD,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE;oBACrD,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;iBACzB,CAAC,CAAC;gBACH,OAAO;oBACL,MAAM,EAAE,OAAO;oBACf,MAAM,EAAE,8CAA8C;oBACtD,aAAa,EAAE,IAAI;iBACpB,CAAC;YACJ,CAAC;YAED,qBAAqB;YACrB,OAAO,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;gBACpC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,KAAK;aACN,CAAC,CAAC;YACH,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,IAAI;gBACZ,aAAa,EAAE,KAAK;aACrB,CAAC;QACJ,CAAC;QAED,QAAQ;YACN,OAAO;gBACL,cAAc;gBACd,OAAO;gBACP,QAAQ;gBACR,WAAW;gBACX,cAAc;gBACd,QAAQ;aACT,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/utils/injection-protection.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Prompt injection protection utilities for inbound message processing.
+ *
+ * Provides layered defence for external message content before LLM exposure:
+ * 1. Unicode/control character sanitisation
+ * 2. Data boundary marking (spotlighting)
+ * 3. Suspicious pattern detection and logging
+ *
+ * Issue #1224
+ */
+/** Result of injection pattern detection */
+export interface InjectionDetectionResult {
+    /** Whether any injection patterns were detected */
+    detected: boolean;
+    /** Names of the patterns that matched */
+    patterns: string[];
+}
+/** Options for wrapping external messages */
+export interface WrapOptions {
+    /** Communication channel (sms, email) */
+    channel?: string;
+    /** Sender name or identifier */
+    sender?: string;
+}
+/** Options for context sanitisation */
+export interface ContextSanitizeOptions {
+    /** Message direction */
+    direction?: 'inbound' | 'outbound';
+    /** Communication channel */
+    channel?: string;
+    /** Sender name */
+    sender?: string;
+}
+/**
+ * Sanitize external message content by removing control characters
+ * and invisible Unicode characters that could be used for obfuscation.
+ *
+ * Preserves legitimate Unicode (emoji, CJK, Arabic, etc.) and whitespace
+ * characters (tab, newline, carriage return).
+ */
+export declare function sanitizeExternalMessage(text: string): string;
+/**
+ * Sanitize a metadata field (sender, channel) for safe insertion into
+ * the boundary wrapper header. Strips control chars, invisible Unicode,
+ * newlines (which could break out of the header line), and boundary markers.
+ */
+export declare function sanitizeMetadataField(field: string): string;
+/**
+ * Wrap external message content with data boundary markers.
+ *
+ * Uses the "spotlighting" / data marking pattern to clearly delineate
+ * untrusted external content from system instructions. This tells the LLM
+ * "this is external data, not instructions to follow."
+ *
+ * Content, sender, and channel are all sanitized and have boundary markers
+ * escaped before wrapping to prevent breakout attacks.
+ */
+export declare function wrapExternalMessage(content: string, options?: WrapOptions): string;
+/**
+ * Detect suspicious prompt injection patterns in message content.
+ *
+ * Returns detection results for logging/monitoring purposes.
+ * This function does NOT block or modify the message — it is purely
+ * for detection and alerting. Blocking legitimate messages based on
+ * pattern matching has too high a false positive rate.
+ *
+ * The content is sanitized (invisible chars removed) before scanning
+ * to prevent Unicode obfuscation from bypassing detection.
+ */
+export declare function detectInjectionPatterns(text: string): InjectionDetectionResult;
+/**
+ * Sanitize message content for safe inclusion in LLM context.
+ *
+ * For inbound (external) messages: sanitizes and wraps with boundary markers.
+ * For outbound messages: sanitizes only (no boundary wrapping needed).
+ *
+ * This is the primary function to call when preparing message content
+ * for any LLM-facing output (auto-recall context, tool results, etc.).
+ */
+export declare function sanitizeMessageForContext(content: string, options?: ContextSanitizeOptions): string;
+//# sourceMappingURL=injection-protection.d.ts.map

package/dist/utils/injection-protection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection-protection.d.ts","sourceRoot":"","sources":["../../src/utils/injection-protection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAsFH,4CAA4C;AAC5C,MAAM,WAAW,wBAAwB;IACvC,mDAAmD;IACnD,QAAQ,EAAE,OAAO,CAAC;IAClB,yCAAyC;IACzC,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,6CAA6C;AAC7C,MAAM,WAAW,WAAW;IAC1B,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,gCAAgC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,uCAAuC;AACvC,MAAM,WAAW,sBAAsB;IACrC,wBAAwB;IACxB,SAAS,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC;IACnC,4BAA4B;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAK5D;AAcD;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAI3D;AAED;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE,WAAgB,GAAG,MAAM,CAmBtF;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,wBAAwB,CAc9E;AAED;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,CACvC,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,sBAA2B,GACnC,MAAM,CAQR"}

package/dist/utils/injection-protection.js

@@ -0,0 +1,179 @@
+/**
+ * Prompt injection protection utilities for inbound message processing.
+ *
+ * Provides layered defence for external message content before LLM exposure:
+ * 1. Unicode/control character sanitisation
+ * 2. Data boundary marking (spotlighting)
+ * 3. Suspicious pattern detection and logging
+ *
+ * Issue #1224
+ */
+/** Boundary markers for external message content */
+const EXTERNAL_MSG_START = '[EXTERNAL_MSG_START]';
+const EXTERNAL_MSG_END = '[EXTERNAL_MSG_END]';
+/**
+ * Regex matching control characters to strip (ASCII 0x00-0x08, 0x0B, 0x0C, 0x0E-0x1F, 0x7F).
+ * Preserves tab (0x09), newline (0x0A), and carriage return (0x0D).
+ */
+const CONTROL_CHARS_REGEX = /[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g;
+/**
+ * Regex matching Unicode characters commonly used for text direction manipulation
+ * and zero-width obfuscation:
+ * - U+200B Zero-width space
+ * - U+200C Zero-width non-joiner
+ * - U+200D Zero-width joiner
+ * - U+200E Left-to-right mark
+ * - U+200F Right-to-left mark
+ * - U+202A Left-to-right embedding
+ * - U+202B Right-to-left embedding
+ * - U+202C Pop directional formatting
+ * - U+202D Left-to-right override
+ * - U+202E Right-to-left override
+ * - U+2066 Left-to-right isolate
+ * - U+2067 Right-to-left isolate
+ * - U+2068 First strong isolate
+ * - U+2069 Pop directional isolate
+ * - U+FEFF Byte order mark / zero-width no-break space
+ */
+const UNICODE_INVISIBLE_REGEX = /[\u200B-\u200F\u202A-\u202E\u2066-\u2069\uFEFF]/g;
+const INJECTION_PATTERNS = [
+    {
+        name: 'instruction_override',
+        regex: /\b(?:ignore|disregard|forget|override|bypass)\b.{0,30}\b(?:previous|prior|above|earlier|all|your|system|safety)\b.{0,30}\b(?:instructions?|rules?|guidelines?|prompts?|constraints?|directives?|and\b|do\b|instead\b)/i,
+    },
+    {
+        name: 'role_reassignment',
+        regex: /\b(?:you are now|act as|pretend (?:you are|to be)|roleplay as|behave as)\b.{0,50}\b(?:ai|assistant|bot|agent|unrestricted|dan|jailbreak|without.*?(?:restrictions?|limits?|safety|guidelines?))\b/i,
+    },
+    {
+        name: 'new_instructions',
+        regex: /\b(?:new instructions?|updated? instructions?|revised? instructions?|important (?:system )?update)\b\s*[:]/i,
+    },
+    {
+        name: 'system_prompt_override',
+        regex: /^(?:\s*[-=]{3,}\s*\n)?(?:SYSTEM|ADMIN|DEVELOPER|ROOT)\s*[:>]/im,
+    },
+    {
+        name: 'forget_everything',
+        regex: /\bforget (?:everything|all)\b.{0,30}\b(?:you (?:know|learned|were told)|and (?:start|begin))\b/i,
+    },
+    {
+        name: 'prompt_delimiter_exploit',
+        regex: /```\s*(?:system|admin|instructions?|prompt)\b/i,
+    },
+    {
+        name: 'tool_call_injection',
+        regex: /\b(?:call|use|invoke|execute|run)\b.{0,20}\b(?:the\s+)?(?:sms_send|email_send|memory_store|memory_forget|todo_create|contact_create|memory_recall)\b.{0,20}\btool\b/i,
+    },
+    {
+        name: 'data_exfiltration',
+        regex: /\b(?:send|forward|share|export|transmit|email|text)\b.{0,30}\b(?:all|every|the)\b.{0,20}\b(?:memories?|contacts?|data|information|messages?|threads?|projects?|todos?)\b.{0,30}\b(?:to|@)\b/i,
+    },
+    {
+        name: 'system_note_injection',
+        regex: /\[\s*(?:SYSTEM|ADMIN|INTERNAL)\s+(?:NOTE|MESSAGE|OVERRIDE|UPDATE)\s*[:]/i,
+    },
+    {
+        name: 'remember_for_later',
+        regex: /\bremember (?:this|that)\b.{0,30}\b(?:for later|when (?:someone|anyone|a user|the user))\b.{0,30}\b(?:send|forward|share|export)\b/i,
+    },
+];
+/**
+ * Sanitize external message content by removing control characters
+ * and invisible Unicode characters that could be used for obfuscation.
+ *
+ * Preserves legitimate Unicode (emoji, CJK, Arabic, etc.) and whitespace
+ * characters (tab, newline, carriage return).
+ */
+export function sanitizeExternalMessage(text) {
+    return text
+        .replace(CONTROL_CHARS_REGEX, '')
+        .replace(UNICODE_INVISIBLE_REGEX, '')
+        .trim();
+}
+/**
+ * Escape boundary marker keywords in a string to prevent breakout attacks.
+ * Replaces the keyword portion (EXTERNAL_MSG_START / EXTERNAL_MSG_END)
+ * regardless of surrounding brackets, since formatting code may supply
+ * brackets that complete a partial marker (e.g., channel `[...START` + `]`).
+ */
+function escapeBoundaryMarkers(text) {
+    return text
+        .replace(/EXTERNAL_MSG_START/g, 'EXTERNAL_MSG_START_ESCAPED')
+        .replace(/EXTERNAL_MSG_END/g, 'EXTERNAL_MSG_END_ESCAPED');
+}
+/**
+ * Sanitize a metadata field (sender, channel) for safe insertion into
+ * the boundary wrapper header. Strips control chars, invisible Unicode,
+ * newlines (which could break out of the header line), and boundary markers.
+ */
+export function sanitizeMetadataField(field) {
+    return escapeBoundaryMarkers(sanitizeExternalMessage(field).replace(/[\r\n]/g, ' '));
+}
+/**
+ * Wrap external message content with data boundary markers.
+ *
+ * Uses the "spotlighting" / data marking pattern to clearly delineate
+ * untrusted external content from system instructions. This tells the LLM
+ * "this is external data, not instructions to follow."
+ *
+ * Content, sender, and channel are all sanitized and have boundary markers
+ * escaped before wrapping to prevent breakout attacks.
+ */
+export function wrapExternalMessage(content, options = {}) {
+    const sanitized = sanitizeExternalMessage(content);
+    // Escape any existing boundary markers in the content to prevent breakout
+    const escaped = escapeBoundaryMarkers(sanitized);
+    const attribution = [];
+    if (options.channel) {
+        attribution.push(`[${sanitizeMetadataField(options.channel)}]`);
+    }
+    if (options.sender) {
+        attribution.push(`from: ${sanitizeMetadataField(options.sender)}`);
+    }
+    const header = attribution.length > 0
+        ? `${EXTERNAL_MSG_START} ${attribution.join(' ')}`
+        : EXTERNAL_MSG_START;
+    return `${header}\n${escaped}\n${EXTERNAL_MSG_END}`;
+}
+/**
+ * Detect suspicious prompt injection patterns in message content.
+ *
+ * Returns detection results for logging/monitoring purposes.
+ * This function does NOT block or modify the message — it is purely
+ * for detection and alerting. Blocking legitimate messages based on
+ * pattern matching has too high a false positive rate.
+ *
+ * The content is sanitized (invisible chars removed) before scanning
+ * to prevent Unicode obfuscation from bypassing detection.
+ */
+export function detectInjectionPatterns(text) {
+    const sanitized = sanitizeExternalMessage(text);
+    const matched = [];
+    for (const pattern of INJECTION_PATTERNS) {
+        if (pattern.regex.test(sanitized)) {
+            matched.push(pattern.name);
+        }
+    }
+    return {
+        detected: matched.length > 0,
+        patterns: matched,
+    };
+}
+/**
+ * Sanitize message content for safe inclusion in LLM context.
+ *
+ * For inbound (external) messages: sanitizes and wraps with boundary markers.
+ * For outbound messages: sanitizes only (no boundary wrapping needed).
+ *
+ * This is the primary function to call when preparing message content
+ * for any LLM-facing output (auto-recall context, tool results, etc.).
+ */
+export function sanitizeMessageForContext(content, options = {}) {
+    const { direction = 'inbound', channel, sender } = options;
+    if (direction === 'outbound') {
+        return sanitizeExternalMessage(content);
+    }
+    return wrapExternalMessage(content, { channel, sender });
+}
+//# sourceMappingURL=injection-protection.js.map

package/dist/utils/injection-protection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection-protection.js","sourceRoot":"","sources":["../../src/utils/injection-protection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,oDAAoD;AACpD,MAAM,kBAAkB,GAAG,sBAAsB,CAAC;AAClD,MAAM,gBAAgB,GAAG,oBAAoB,CAAC;AAE9C;;;GAGG;AACH,MAAM,mBAAmB,GAAG,mCAAmC,CAAC;AAEhE;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,uBAAuB,GAAG,kDAAkD,CAAC;AAYnF,MAAM,kBAAkB,GAAuB;IAC7C;QACE,IAAI,EAAE,sBAAsB;QAC5B,KAAK,EAAE,wNAAwN;KAChO;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,KAAK,EAAE,oMAAoM;KAC5M;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,KAAK,EAAE,6GAA6G;KACrH;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,KAAK,EAAE,gEAAgE;KACxE;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,KAAK,EAAE,iGAAiG;KACzG;IACD;QACE,IAAI,EAAE,0BAA0B;QAChC,KAAK,EAAE,gDAAgD;KACxD;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,KAAK,EAAE,sKAAsK;KAC9K;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,KAAK,EAAE,8LAA8L;KACtM;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,KAAK,EAAE,0EAA0E;KAClF;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,KAAK,EAAE,qIAAqI;KAC7I;CACF,CAAC;AA4BF;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAY;IAClD,OAAO,IAAI;SACR,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC;SAChC,OAAO,CAAC,uBAAuB,EAAE,EAAE,CAAC;SACpC,IAAI,EAAE,CAAC;AACZ,CAAC;AAED;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,IAAY;IACzC,OAAO,IAAI;SACR,OAAO,CAAC,qBAAqB,EAAE,4BAA4B,CAAC;SAC5D,OAAO,CAAC,mBAAmB,EAAE,0BAA0B,CAAC,CAAC;AAC9D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,OAAO,qBAAqB,CAC1B,uBAAuB,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CACvD,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe,EAAE,UAAuB,EAAE;IAC5E,MAAM,SAAS,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAEnD,0EAA0E;IAC1E,MAAM,OAAO,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,WAAW,CAAC,IAAI,CAAC,IAAI,qBAAqB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,SAAS,qBAAqB,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC;QACnC,CAAC,CAAC,GAAG,kBAAkB,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClD,CAAC,CAAC,kBAAkB,CAAC;IAEvB,OAAO,GAAG,MAAM,KAAK,OAAO,KAAK,gBAAgB,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,uBAAuB,CAAC,IAAY;IAClD,MAAM,SAAS,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YAClC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;QAC5B,QAAQ,EAAE,OAAO;KAClB,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,yBAAyB,CACvC,OAAe,EACf,UAAkC,EAAE;IAEpC,MAAM,EAAE,SAAS,GAAG,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAE3D,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;QAC7B,OAAO,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO,mBAAmB,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;AAC3D,CAAC"}

package/dist/utils/nominatim.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Nominatim reverse geocoding client with LRU cache.
+ * Resolves lat/lng to human-readable address and place label.
+ */
+export interface GeocodedLocation {
+    address: string;
+    placeLabel: string;
+}
+/**
+ * Reverse geocode a lat/lng pair via Nominatim.
+ * Returns null on any failure (timeout, network error, bad response).
+ */
+export declare function reverseGeocode(lat: number, lng: number, nominatimUrl: string): Promise<GeocodedLocation | null>;
+/**
+ * Clears the geocode cache (for testing).
+ */
+export declare function clearGeocodeCache(): void;
+//# sourceMappingURL=nominatim.d.ts.map

package/dist/utils/nominatim.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nominatim.d.ts","sourceRoot":"","sources":["../../src/utils/nominatim.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAYD;;;GAGG;AACH,wBAAsB,cAAc,CAClC,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CA2ClC;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,IAAI,CAExC"}