@usetorii/gateway 0.0.0

package/dist/security/policy.js

@@ -0,0 +1,114 @@
+// ═══════════════════════════════════════════════════════════════════
+// Torii — Policy Engine (Layer 4)
+//
+// Evaluates declarative allow/deny rules before tool execution.
+// Policies are fetched from the API at startup and refreshed every 60s.
+// First matching enabled policy wins (ordered by priority desc).
+// ═══════════════════════════════════════════════════════════════════
+// ── In-memory cache ───────────────────────────────────────────────
+let cache = [];
+let refreshTimer = null;
+// ── Pattern matching ──────────────────────────────────────────────
+function matchesPattern(pattern, value) {
+    if (pattern === "*")
+        return true;
+    // Regex: /pattern/
+    if (pattern.startsWith("/") && pattern.lastIndexOf("/") > 0) {
+        const lastSlash = pattern.lastIndexOf("/");
+        const flags = pattern.slice(lastSlash + 1);
+        const src = pattern.slice(1, lastSlash);
+        try {
+            return new RegExp(src, flags || "i").test(value);
+        }
+        catch {
+            return false;
+        }
+    }
+    // Glob: contains *
+    if (pattern.includes("*")) {
+        const escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
+        return new RegExp(`^${escaped}$`, "i").test(value);
+    }
+    // Exact (case-insensitive)
+    return pattern.toLowerCase() === value.toLowerCase();
+}
+function getByPath(obj, path) {
+    return path.split(".").reduce((acc, key) => {
+        if (acc !== null && typeof acc === "object") {
+            return acc[key];
+        }
+        return undefined;
+    }, obj);
+}
+function matchesCondition(condition, args) {
+    if (args === null || typeof args !== "object")
+        return false;
+    const raw = getByPath(args, condition.field);
+    const actual = String(raw ?? "");
+    switch (condition.operator) {
+        case "equals": return actual === condition.value;
+        case "contains": return actual.includes(condition.value);
+        case "startsWith": return actual.startsWith(condition.value);
+        case "endsWith": return actual.endsWith(condition.value);
+        case "matches": {
+            try {
+                return new RegExp(condition.value, "i").test(actual);
+            }
+            catch {
+                return false;
+            }
+        }
+        default: return false;
+    }
+}
+// ── Evaluation ────────────────────────────────────────────────────
+export function evaluatePolicy(serverId, toolName, args) {
+    const active = cache
+        .filter((p) => p.enabled)
+        .sort((a, b) => b.priority - a.priority);
+    for (const policy of active) {
+        if (!matchesPattern(policy.serverPattern, serverId))
+            continue;
+        if (!matchesPattern(policy.toolPattern, toolName))
+            continue;
+        if (policy.argsCondition && !matchesCondition(policy.argsCondition, args))
+            continue;
+        return policy;
+    }
+    return null;
+}
+// ── Fetch & cache ─────────────────────────────────────────────────
+export async function loadPolicies() {
+    const apiUrl = process.env.TORII_API_URL;
+    const apiKey = process.env.TORII_API_KEY;
+    if (!apiUrl || !apiKey)
+        return;
+    try {
+        const res = await fetch(`${apiUrl}/v1/policies`, {
+            headers: { "X-Torii-Key": apiKey },
+            signal: AbortSignal.timeout(5_000),
+        });
+        if (!res.ok)
+            return;
+        cache = (await res.json());
+        if (cache.length > 0) {
+            process.stderr.write(`[torii/policy] loaded ${cache.length} polic${cache.length === 1 ? "y" : "ies"}\n`);
+        }
+    }
+    catch {
+        process.stderr.write("[torii/policy] warn: could not fetch policies — running without them\n");
+    }
+}
+export function startPolicyRefresh(intervalMs = 60_000) {
+    if (refreshTimer)
+        clearInterval(refreshTimer);
+    refreshTimer = setInterval(() => {
+        loadPolicies().catch(() => { });
+    }, intervalMs);
+    // Allow the process to exit even if this interval is active
+    refreshTimer.unref?.();
+}
+export function getPolicies() {
+    return cache;
+}
+//# sourceMappingURL=policy.js.map

package/dist/security/policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../src/security/policy.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,kCAAkC;AAClC,EAAE;AACF,gEAAgE;AAChE,wEAAwE;AACxE,iEAAiE;AACjE,sEAAsE;AAoBtE,qEAAqE;AAErE,IAAI,KAAK,GAAiB,EAAE,CAAC;AAC7B,IAAI,YAAY,GAA0C,IAAI,CAAC;AAE/D,qEAAqE;AAErE,SAAS,cAAc,CAAC,OAAe,EAAE,KAAa;IACpD,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAEjC,mBAAmB;IACnB,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5D,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;QAC3C,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACxC,IAAI,CAAC;YACH,OAAO,IAAI,MAAM,CAAC,GAAG,EAAE,KAAK,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,mBAAmB;IACnB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACnF,OAAO,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC;IAED,2BAA2B;IAC3B,OAAO,OAAO,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC;AACvD,CAAC;AAED,SAAS,SAAS,CAAC,GAA4B,EAAE,IAAY;IAC3D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAU,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAClD,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5C,OAAQ,GAA+B,CAAC,GAAG,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,EAAE,GAAG,CAAC,CAAC;AACV,CAAC;AAED,SAAS,gBAAgB,CAAC,SAAwB,EAAE,IAAa;IAC/D,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE5D,MAAM,GAAG,GAAG,SAAS,CAAC,IAA+B,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;IAEjC,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;QAC3B,KAAK,QAAQ,CAAC,CAAK,OAAO,MAAM,KAAK,SAAS,CAAC,KAAK,CAAC;QACrD,KAAK,UAAU,CAAC,CAAG,OAAO,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC3D,KAAK,YAAY,CAAC,CAAC,OAAO,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC7D,KAAK,UAAU,CAAC,CAAG,OAAO,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC3D,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,IAAI,CAAC;gBAAC,OAAO,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAAC,CAAC;YAC7D,MAAM,CAAC;gBAAC,OAAO,KAAK,CAAC;YAAC,CAAC;QACzB,CAAC;QACD,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC;IACxB,CAAC;AACH,CAAC;AAED,qEAAqE;AAErE,MAAM,UAAU,cAAc,CAC5B,QAAgB,EAChB,QAAgB,EAChB,IAAa;IAEb,MAAM,MAAM,GAAG,KAAK;SACjB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;SACxB,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;IAE3C,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC;YAAE,SAAS;QAC9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC;YAAE,SAAS;QAC5D,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,CAAC;YAAE,SAAS;QACpF,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,qEAAqE;AAErE,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;IACzC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;IACzC,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;QAAE,OAAO;IAE/B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,cAAc,EAAE;YAC/C,OAAO,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE;YAClC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC;SACnC,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO;QACpB,KAAK,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAiB,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,KAAK,CAAC,MAAM,SAAS,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;QAC3G,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;IACjG,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,UAAU,GAAG,MAAM;IACpD,IAAI,YAAY;QAAE,aAAa,CAAC,YAAY,CAAC,CAAC;IAC9C,YAAY,GAAG,WAAW,CAAC,GAAG,EAAE;QAC9B,YAAY,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACjC,CAAC,EAAE,UAAU,CAAC,CAAC;IACf,4DAA4D;IAC5D,YAAY,CAAC,KAAK,EAAE,EAAE,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/security/scanner.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Tool-response scanner — thin client.
+ *
+ * Sends the raw text content of every MCP tool result to the Torii backend
+ * for analysis. The backend owns ALL policy decisions: which categories
+ * count, what severities are blocking, where the thresholds live, how the
+ * verdict maps to a threat level. The gateway only relays and enforces.
+ *
+ * Required env:
+ *   TORII_API_KEY  — your gateway key from the dashboard
+ * Optional env:
+ *   TORII_API_URL  — backend URL (default https://api.usetorii.dev)
+ *
+ * If either env is missing or the backend is unreachable, the scanner is
+ * a no-op — the call proceeds without analysis (graceful degradation).
+ */
+export interface ScanFinding {
+    id: string;
+    category: string;
+    severity: "low" | "medium" | "high" | "critical";
+    description: string;
+    matched_text?: string;
+}
+export interface ScanResult {
+    safe: boolean;
+    blocked: boolean;
+    threat_level: "none" | "low" | "medium" | "high" | "critical";
+    findings: ScanFinding[];
+    scanned_chars: number;
+}
+/**
+ * Sends the tool result to the backend for inspection. Returns whatever the
+ * backend decides; no local categorisation, no local thresholds, no local
+ * severity mapping. If the backend hasn't shipped the endpoint yet (404),
+ * if the network fails, or if the request times out, returns null and the
+ * gateway lets the call through.
+ */
+export declare function scanToolResult(serverId: string, toolName: string, result: unknown): Promise<ScanResult | null>;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/security/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/security/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAC9D,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,aAAa,EAAE,MAAM,CAAC;CACvB;AAyBD;;;;;;GAMG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,OAAO,GACd,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAuD5B"}

package/dist/security/scanner.js

@@ -0,0 +1,96 @@
+/**
+ * Tool-response scanner — thin client.
+ *
+ * Sends the raw text content of every MCP tool result to the Torii backend
+ * for analysis. The backend owns ALL policy decisions: which categories
+ * count, what severities are blocking, where the thresholds live, how the
+ * verdict maps to a threat level. The gateway only relays and enforces.
+ *
+ * Required env:
+ *   TORII_API_KEY  — your gateway key from the dashboard
+ * Optional env:
+ *   TORII_API_URL  — backend URL (default https://api.usetorii.dev)
+ *
+ * If either env is missing or the backend is unreachable, the scanner is
+ * a no-op — the call proceeds without analysis (graceful degradation).
+ */
+const DEFAULT_API_URL = "https://api.usetorii.dev";
+const SCAN_TIMEOUT_MS = 5_000;
+const MAX_PAYLOAD_BYTES = 32_768;
+/**
+ * Pulls all text content from an MCP tool result. Protocol-level extraction,
+ * not policy — kept client-side because the backend shouldn't have to know
+ * MCP's content[] shape.
+ */
+function extractText(result) {
+    if (typeof result === "string")
+        return result;
+    if (!result || typeof result !== "object")
+        return "";
+    const r = result;
+    if (Array.isArray(r.content)) {
+        const text = r.content
+            .filter((c) => c.type === "text" && typeof c.text === "string")
+            .map((c) => c.text)
+            .join("\n");
+        if (text)
+            return text;
+    }
+    return JSON.stringify(result).slice(0, MAX_PAYLOAD_BYTES);
+}
+/**
+ * Sends the tool result to the backend for inspection. Returns whatever the
+ * backend decides; no local categorisation, no local thresholds, no local
+ * severity mapping. If the backend hasn't shipped the endpoint yet (404),
+ * if the network fails, or if the request times out, returns null and the
+ * gateway lets the call through.
+ */
+export async function scanToolResult(serverId, toolName, result) {
+    const apiKey = process.env.TORII_API_KEY;
+    if (!apiKey)
+        return null;
+    const text = extractText(result);
+    if (!text.trim())
+        return null;
+    const baseUrl = (process.env.TORII_API_URL ?? DEFAULT_API_URL).replace(/\/$/, "");
+    try {
+        const res = await fetch(`${baseUrl}/v1/scan/response`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "X-Torii-Key": apiKey,
+            },
+            body: JSON.stringify({ serverId, toolName, text }),
+            signal: AbortSignal.timeout(SCAN_TIMEOUT_MS),
+        });
+        if (res.status === 404) {
+            // Endpoint not deployed yet (feature is "Coming soon" on the roadmap).
+            return null;
+        }
+        if (!res.ok) {
+            process.stderr.write(`[torii/security] backend returned ${res.status} for ${serverId}__${toolName}; skipping\n`);
+            return null;
+        }
+        const data = (await res.json());
+        // Trust the backend's verdict shape; only fill safe defaults if a field
+        // is missing.
+        return {
+            safe: data.safe ?? !(data.blocked ?? false),
+            blocked: data.blocked ?? false,
+            threat_level: data.threat_level ?? "none",
+            findings: data.findings ?? [],
+            scanned_chars: text.length,
+        };
+    }
+    catch (err) {
+        const name = err.name;
+        if (name === "TimeoutError" || name === "AbortError") {
+            process.stderr.write(`[torii/security] scan timed out after ${SCAN_TIMEOUT_MS}ms; skipping\n`);
+        }
+        else {
+            process.stderr.write(`[torii/security] backend unreachable (${err.message}); skipping scan\n`);
+        }
+        return null;
+    }
+}
+//# sourceMappingURL=scanner.js.map

package/dist/security/scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/security/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAkBH,MAAM,eAAe,GAAG,0BAA0B,CAAC;AACnD,MAAM,eAAe,GAAG,KAAK,CAAC;AAC9B,MAAM,iBAAiB,GAAG,MAAM,CAAC;AAEjC;;;;GAIG;AACH,SAAS,WAAW,CAAC,MAAe;IAClC,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC;IAC9C,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACrD,MAAM,CAAC,GAAG,MAAiC,CAAC;IAC5C,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAI,CAAC,CAAC,OAA0C;aACvD,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC;aAC9D,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAc,CAAC;aAC5B,IAAI,CAAC,IAAI,CAAC,CAAC;QACd,IAAI,IAAI;YAAE,OAAO,IAAI,CAAC;IACxB,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC;AAC5D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,QAAgB,EAChB,QAAgB,EAChB,MAAe;IAEf,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;IACzC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;QAAE,OAAO,IAAI,CAAC;IAE9B,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,eAAe,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAElF,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,mBAAmB,EAAE;YACrD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,MAAM;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;YAClD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,eAAe,CAAC;SAC7C,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,uEAAuE;YACvE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qCAAqC,GAAG,CAAC,MAAM,QAAQ,QAAQ,KAAK,QAAQ,cAAc,CAC3F,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwB,CAAC;QAEvD,wEAAwE;QACxE,cAAc;QACd,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC;YAC3C,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,KAAK;YAC9B,YAAY,EAAE,IAAI,CAAC,YAAY,IAAI,MAAM;YACzC,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE;YAC7B,aAAa,EAAE,IAAI,CAAC,MAAM;SAC3B,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,GAAI,GAAa,CAAC,IAAI,CAAC;QACjC,IAAI,IAAI,KAAK,cAAc,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yCAAyC,eAAe,gBAAgB,CACzE,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yCAA0C,GAAa,CAAC,OAAO,oBAAoB,CACpF,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/package.json

@@ -0,0 +1,46 @@
+{
+  "name": "@usetorii/gateway",
+  "version": "0.0.0",
+  "description": "The secure gateway for AI tools. Sits between AI assistants (Claude, Cursor) and MCP servers, providing static analysis, threat modelling, policy enforcement, consent, and audit.",
+  "type": "module",
+  "bin": {
+    "torii": "./dist/index.js"
+  },
+  "main": "./dist/index.js",
+  "exports": {
+    ".": "./dist/index.js"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "start": "node dist/index.js",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.10.0",
+    "yaml": "^2.4.5",
+    "zod": "^3.23.8"
+  },
+  "devDependencies": {
+    "@types/node": "^20.14.0",
+    "typescript": "^5.5.0"
+  },
+  "homepage": "https://usetorii.dev",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/scumfrog/Torii-gateway.git"
+  },
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  }
+}