npm - @vaikora/sdk - Versions diffs - 0.2.0 - Mend

@vaikora/sdk 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,1106 @@
+/**
+ * Types for the Vaikora SDK & Dashboard
+ * Synced with Backend Pydantic Models (Transformed to CamelCase for SDK)
+ */
+type AgentType = 'autonomous' | 'internal' | 'external' | 'custom';
+type AgentStatus = 'active' | 'paused' | 'blocked' | 'inactive';
+type ActionStatus = 'pending' | 'approved' | 'denied' | 'executed' | 'failed' | 'blocked' | 'anomaly_detected';
+type AlertSeverity = 'low' | 'medium' | 'high' | 'critical';
+type AlertStatus = 'open' | 'acknowledged' | 'resolved' | 'ignored';
+declare enum ApprovalStatus {
+    PENDING = "pending",
+    APPROVED = "approved",
+    DENIED = "denied",
+    EXPIRED = "expired"
+}
+interface Agent {
+    id: string;
+    organizationId: string;
+    name: string;
+    description?: string;
+    agentKey: string;
+    apiKey?: string;
+    agentType: AgentType;
+    status: AgentStatus;
+    riskScore: number;
+    capabilities: Record<string, any>;
+    extraData: {
+        metrics?: {
+            actions_today: number;
+            actionsToday?: number;
+            uptime: number;
+            latency: number;
+        };
+        [key: string]: any;
+    };
+    createdAt: string;
+    updatedAt: string;
+}
+interface AgentCreate {
+    name: string;
+    description?: string;
+    agentType?: AgentType;
+    capabilities?: Record<string, any>;
+    extraData?: Record<string, any>;
+    metadata?: Record<string, any>;
+}
+interface AgentUpdate {
+    name?: string;
+    description?: string;
+    agentType?: AgentType;
+    status?: AgentStatus;
+    capabilities?: Record<string, any>;
+    extraData?: Record<string, any>;
+}
+interface OrganizationStats {
+    activeAgents: number;
+    totalAgents: number;
+    totalActionsToday: number;
+    openAlerts: number;
+    securityScore: number;
+}
+interface AlertStats {
+    openAlerts: number;
+    alertsBySeverity: {
+        low: number;
+        medium: number;
+        high: number;
+        critical: number;
+    };
+}
+interface Action {
+    id: string;
+    agentId: string;
+    actionType: string;
+    resourceType?: string;
+    resourceId?: string;
+    payload: Record<string, any>;
+    status: ActionStatus;
+    severity: string;
+    policyId?: string;
+    policyDecision?: string;
+    isAnomaly: boolean;
+    anomalyScore?: number;
+    anomalyReason?: string;
+    result?: any;
+    timestamp: string;
+}
+interface Alert {
+    id: string;
+    organizationId: string;
+    agentId?: string;
+    title: string;
+    description?: string;
+    severity: AlertSeverity;
+    status: AlertStatus;
+    metadata?: Record<string, any>;
+    createdAt: string;
+}
+interface Policy {
+    id: string;
+    name: string;
+    description?: string;
+    policyType: string;
+    enabled: boolean;
+    priority: number;
+    rules: Record<string, any>;
+    createdAt: string;
+}
+interface PaginatedResponse<T> {
+    items: T[];
+    agents?: T[];
+    alerts?: T[];
+    actions?: T[];
+    total: number;
+    page: number;
+    perPage: number;
+}
+type PaginatedList<T> = PaginatedResponse<T>;
+interface ActionResponse {
+    id: string;
+    status: ActionStatus;
+    result?: any;
+}
+interface ActionDecision {
+    actionId: string;
+    decision: 'allow' | 'block' | 'require_approval';
+    reason?: string;
+    warnings?: string[];
+}
+interface VaikoraClientConfig {
+    apiKey: string;
+    baseUrl?: string;
+    timeout?: number;
+    retryCount?: number;
+    agentId?: string;
+}
+interface ConfigureOptions {
+    baseUrl?: string;
+    timeout?: number;
+    retryCount?: number;
+}
+interface RegisterOptions {
+    name: string;
+    agentType?: AgentType;
+    capabilities?: string[];
+    metadata?: Record<string, unknown>;
+}
+interface ValidateDataOptions {
+    checkPii?: boolean;
+    checkAnomalies?: boolean;
+    checkToxicity?: boolean;
+    autoClean?: boolean;
+}
+interface DataValidationResult {
+    isValid: boolean;
+    issues?: string[];
+    piiDetected?: boolean;
+    piiDetections?: any[];
+    anomalyDetected?: boolean;
+    anomalyDetections?: any[];
+    toxicityDetected?: boolean;
+    toxicityDetections?: any[];
+}
+interface SecureActionOptions {
+    actionType: string;
+    resource?: string;
+    agentId?: string;
+    metadata?: Record<string, unknown>;
+}
+interface ActionComplete {
+    status: string;
+    executionTimeMs: number;
+    errorMessage?: string;
+    resultMetadata?: Record<string, any>;
+}
+interface ListParams {
+    page?: number;
+    pageSize?: number;
+    startDate?: Date;
+    endDate?: Date;
+}
+interface AgentListParams extends ListParams {
+    status?: AgentStatus;
+    agentType?: AgentType;
+}
+interface PolicyListParams extends ListParams {
+    enabled?: boolean;
+    policyType?: string;
+}
+interface AlertListParams extends ListParams {
+    status?: AlertStatus;
+    severity?: AlertSeverity;
+    agentId?: string;
+}
+interface ActionListParams extends ListParams {
+    agentId?: string;
+    actionType?: string;
+    status?: ActionStatus;
+    isAnomaly?: boolean;
+}
+interface SDKActionSubmit {
+    agentId: string;
+    actionType: string;
+    resource?: string;
+    payload?: Record<string, any>;
+    metadata?: Record<string, any>;
+}
+interface ThreatDetail {
+    threatType: string;
+    severity: string;
+    confidence: number;
+    description: string;
+}
+interface RiskFactor {
+    factor: string;
+    score: number;
+    reason: string;
+}
+interface SDKActionResult {
+    actionId: string;
+    approved: boolean;
+    decision: 'allow' | 'block' | 'require_approval';
+    denialReason?: string;
+    policyId?: string;
+    threatDetected: boolean;
+    threatScore: number;
+    threatDetails: ThreatDetail[];
+    riskScore: number;
+    riskLevel: string;
+    riskFactors: string[];
+    isAnomaly: boolean;
+    anomalyScore: number;
+    anomalyReasons: string[];
+    warnings: string[];
+    requiresApproval?: boolean;
+    approvalId?: string;
+    status: string;
+    result?: any;
+}
+type ActionSubmit = SDKActionSubmit;
+type ActionResult = SDKActionResult;
+type ActionSubmitResult = SDKActionResult;
+/**
+ * Emergency Controls - Agent Freeze/Resume Capabilities
+ *
+ * Provides:
+ * - Immediate agent freeze
+ * - Controlled resume
+ * - Emergency killswitch
+ * - Circuit breaker patterns
+ */
+declare enum FreezeReason {
+    MANUAL = "manual",
+    POLICY_VIOLATION = "policy_violation",
+    ANOMALY_DETECTED = "anomaly_detected",
+    RATE_LIMIT = "rate_limit",
+    SECURITY_THREAT = "security_threat",
+    SYSTEM_OVERLOAD = "system_overload",
+    CIRCUIT_BREAKER = "circuit_breaker",
+    MAINTENANCE = "maintenance"
+}
+declare enum FreezeScope {
+    ALL_ACTIONS = "all_actions",
+    WRITE_ACTIONS = "write_actions",
+    SPECIFIC_RESOURCE = "specific_resource",
+    SPECIFIC_ACTION_TYPE = "specific_action_type"
+}
+interface FreezeState {
+    isFrozen: boolean;
+    reason?: FreezeReason;
+    scope: FreezeScope;
+    frozenAt?: Date;
+    frozenBy?: string;
+    freezeUntil?: Date;
+    affectedResources: string[];
+    affectedActionTypes: string[];
+    message?: string;
+    metadata: Record<string, unknown>;
+}
+interface FreezeOptions {
+    reason: FreezeReason;
+    scope?: FreezeScope;
+    durationSeconds?: number;
+    frozenBy?: string;
+    message?: string;
+    affectedResources?: string[];
+    affectedActionTypes?: string[];
+    metadata?: Record<string, unknown>;
+}
+interface ResumeOptions {
+    resumedBy?: string;
+    verificationPassed?: boolean;
+    notes?: string;
+}
+interface CircuitBreakerConfig {
+    failureThreshold: number;
+    successThreshold: number;
+    timeoutSeconds: number;
+    halfOpenMaxCalls: number;
+}
+declare enum CircuitState {
+    CLOSED = "closed",// Normal operation
+    OPEN = "open",// Blocking all calls
+    HALF_OPEN = "half_open"
+}
+/**
+ * Circuit breaker for resilient operations.
+ */
+declare class CircuitBreaker {
+    readonly name: string;
+    readonly config: CircuitBreakerConfig;
+    state: CircuitState;
+    failureCount: number;
+    successCount: number;
+    lastFailureTime?: number;
+    halfOpenCalls: number;
+    constructor(name: string, config?: Partial<CircuitBreakerConfig>);
+    /**
+     * Check if circuit is open (blocking).
+     */
+    isOpen(): boolean;
+    /**
+     * Record a successful call.
+     */
+    recordSuccess(): void;
+    /**
+     * Record a failed call.
+     */
+    recordFailure(): void;
+    /**
+     * Check if request should be allowed.
+     */
+    allowRequest(): boolean;
+    /**
+     * Wrap a function with circuit breaker protection.
+     */
+    wrap<T>(fn: () => Promise<T>): Promise<T>;
+}
+/**
+ * Error thrown when circuit breaker is open.
+ */
+declare class CircuitBreakerOpenError extends Error {
+    constructor(message: string);
+}
+/**
+ * Error thrown when attempting an action while agent is frozen.
+ */
+declare class AgentFrozenError extends Error {
+    readonly freezeState: FreezeState;
+    constructor(message: string, freezeState: FreezeState);
+}
+/**
+ * Callback types for freeze/resume events.
+ */
+type FreezeCallback = (state: FreezeState) => void;
+type ResumeCallback = (oldState: FreezeState, notes?: string) => void;
+/**
+ * Emergency control system for AI agents.
+ */
+declare class EmergencyController {
+    private agentId;
+    private freezeState;
+    private circuitBreakers;
+    private freezeCallbacks;
+    private resumeCallbacks;
+    private rateLimits;
+    constructor(agentId: string);
+    /**
+     * Check if agent is currently frozen.
+     */
+    get isFrozen(): boolean;
+    /**
+     * Get current freeze state.
+     */
+    getFreezeState(): FreezeState;
+    /**
+     * Check if freeze has expired.
+     */
+    private isExpired;
+    /**
+     * Freeze the agent immediately.
+     */
+    freeze(options: FreezeOptions): FreezeState;
+    /**
+     * Resume agent operations.
+     */
+    resume(options?: ResumeOptions): FreezeState;
+    /**
+     * Auto-unfreeze when time expires.
+     */
+    private autoUnfreeze;
+    /**
+     * Check if a specific action is blocked.
+     */
+    isActionBlocked(actionType: string, resource?: string): {
+        blocked: boolean;
+        message?: string;
+    };
+    /**
+     * Register a callback for freeze events.
+     */
+    onFreeze(callback: FreezeCallback): void;
+    /**
+     * Register a callback for resume events.
+     */
+    onResume(callback: ResumeCallback): void;
+    /**
+     * Get or create a circuit breaker.
+     */
+    getCircuitBreaker(name: string, config?: Partial<CircuitBreakerConfig>): CircuitBreaker;
+    /**
+     * Check if rate limit is exceeded.
+     */
+    checkRateLimit(key: string, maxRequests: number, windowSeconds: number): {
+        allowed: boolean;
+        remaining: number;
+    };
+    /**
+     * Get agent ID.
+     */
+    getAgentId(): string;
+}
+/**
+ * Guard function that throws if action is blocked.
+ */
+declare function assertNotFrozen(controller: EmergencyController, actionType: string, resource?: string): void;
+/**
+ * Decorator-like wrapper for functions that should be blocked when frozen.
+ */
+declare function frozenGuard<T extends (...args: unknown[]) => Promise<unknown>>(controller: EmergencyController, actionType: string, resource?: string): (fn: T) => T;
+/**
+ * Exception classes for the Vaikora SDK
+ */
+declare class VaikoraError extends Error {
+    statusCode?: number;
+    responseData?: Record<string, unknown>;
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class AuthenticationError extends VaikoraError {
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class AuthorizationError extends VaikoraError {
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class RateLimitError extends VaikoraError {
+    retryAfter?: number;
+    constructor(message: string, retryAfter?: number, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class PolicyViolationError extends VaikoraError {
+    policyId?: string;
+    policyName?: string;
+    constructor(message: string, policyId?: string, policyName?: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class NetworkError extends VaikoraError {
+    constructor(message: string);
+}
+declare class TimeoutError extends NetworkError {
+    constructor(message: string);
+}
+declare class ValidationError extends VaikoraError {
+    errors?: Array<{
+        msg: string;
+        loc?: string[];
+    }>;
+    constructor(message: string, errors?: Array<{
+        msg: string;
+        loc?: string[];
+    }>, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class NotFoundError extends VaikoraError {
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class ConflictError extends VaikoraError {
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+declare class ServerError extends VaikoraError {
+    constructor(message: string, statusCode?: number, responseData?: Record<string, unknown>);
+}
+/**
+ * Raise appropriate exception based on status code
+ */
+declare function raiseForStatus(statusCode: number, responseData: Record<string, unknown>): never;
+interface AgentCredentials {
+    agentId: string;
+    apiKey: string;
+    secretKey: string;
+    issuedAt: Date;
+    expiresAt?: Date;
+    scopes: string[];
+    metadata: Record<string, unknown>;
+}
+interface SignedRequest {
+    requestId: string;
+    agentId: string;
+    timestamp: string;
+    signature: string;
+    payloadHash: string;
+    nonce: string;
+}
+interface SignedHeaders {
+    'X-Vaikora-Agent-ID': string;
+    'X-Vaikora-Request-ID': string;
+    'X-Vaikora-Timestamp': string;
+    'X-Vaikora-Nonce': string;
+    'X-Vaikora-Signature': string;
+    'X-Vaikora-Payload-Hash': string;
+    [key: string]: string;
+}
+interface VerificationResult {
+    isValid: boolean;
+    errorMessage?: string;
+}
+interface AttestationClaims {
+    [key: string]: unknown;
+}
+interface Attestation {
+    agentId: string;
+    claims: AttestationClaims;
+    issuedAt: string;
+    environment: string;
+    signature?: string;
+}
+/**
+ * Manages agent identity and cryptographic operations.
+ */
+declare class AgentIdentity {
+    private static readonly NONCE_LENGTH;
+    private static readonly MAX_TIMESTAMP_DRIFT_SECONDS;
+    private agentId;
+    private apiKey;
+    private secretKey;
+    private environment;
+    private requestCounter;
+    private usedNonces;
+    private nonceExpiry;
+    constructor(agentId: string, apiKey: string, secretKey?: string, environment?: string);
+    /**
+     * Generate a cryptographically secure secret key.
+     */
+    private generateSecretKey;
+    /**
+     * Generate a unique nonce for request signing.
+     */
+    private generateNonce;
+    /**
+     * Get current timestamp in ISO format.
+     */
+    private getTimestamp;
+    /**
+     * Create SHA-256 hash of payload.
+     */
+    private hashPayload;
+    /**
+     * Sign an API request.
+     */
+    signRequest(method: string, path: string, payload?: unknown, additionalHeaders?: Record<string, string>): {
+        headers: SignedHeaders;
+        signature: SignedRequest;
+    };
+    /**
+     * Verify a signed request.
+     */
+    verifySignature(method: string, path: string, timestamp: string, nonce: string, payloadHash: string, providedSignature: string, agentId: string): VerificationResult;
+    /**
+     * Clean up expired nonces.
+     */
+    private cleanupNonces;
+    /**
+     * Create a signed attestation of claims.
+     */
+    createAttestation(claims: AttestationClaims): string;
+    /**
+     * Verify a signed attestation.
+     */
+    verifyAttestation(encodedAttestation: string): {
+        isValid: boolean;
+        attestation?: Attestation;
+    };
+    /**
+     * Rotate the secret key.
+     */
+    rotateSecret(): string;
+    /**
+     * Get identity information (without secrets).
+     */
+    getIdentityInfo(): Record<string, unknown>;
+    /**
+     * Get the agent ID.
+     */
+    getAgentId(): string;
+}
+declare enum ExecutionMode {
+    ENFORCE = "enforce",// Full policy enforcement, block violations
+    MONITOR = "monitor",// Log violations but don't block
+    SIMULATE = "simulate"
+}
+declare enum ContextLevel {
+    ROOT = "root",
+    CHILD = "child",
+    NESTED = "nested"
+}
+interface TraceLog {
+    timestamp: string;
+    level: string;
+    message: string;
+}
+interface ExecutionTrace {
+    traceId: string;
+    spanId: string;
+    parentSpanId?: string;
+    operationName: string;
+    startTime: number;
+    endTime?: number;
+    durationMs?: number;
+    status: string;
+    tags: Record<string, unknown>;
+    logs: TraceLog[];
+}
+interface ExecutionContextOptions {
+    agentId: string;
+    sessionId?: string;
+    mode?: ExecutionMode;
+    environment?: string;
+    traceId?: string;
+    spanId?: string;
+    parentSpanId?: string;
+    level?: ContextLevel;
+    depth?: number;
+    userId?: string;
+    tenantId?: string;
+    correlationId?: string;
+    timeoutSeconds?: number;
+    attributes?: Record<string, unknown>;
+    baggage?: Record<string, string>;
+}
+interface ContextHeaders {
+    'X-Vaikora-Trace-ID': string;
+    'X-Vaikora-Span-ID': string;
+    'X-Vaikora-Agent-ID': string;
+    'X-Vaikora-Session-ID': string;
+    'X-Vaikora-Mode': string;
+    [key: string]: string;
+}
+/**
+ * Context for agent execution.
+ */
+declare class ExecutionContext {
+    readonly agentId: string;
+    readonly sessionId: string;
+    mode: ExecutionMode;
+    readonly environment: string;
+    readonly traceId: string;
+    readonly spanId: string;
+    readonly parentSpanId?: string;
+    readonly level: ContextLevel;
+    readonly depth: number;
+    readonly userId?: string;
+    readonly tenantId?: string;
+    readonly correlationId?: string;
+    readonly createdAt: Date;
+    readonly timeoutSeconds?: number;
+    readonly deadline?: Date;
+    attributes: Record<string, unknown>;
+    baggage: Record<string, string>;
+    private traces;
+    private activeTrace?;
+    constructor(options: ExecutionContextOptions);
+    /**
+     * Check if this is a dry-run (simulate mode).
+     */
+    isDryRun(): boolean;
+    /**
+     * Check if policy enforcement is active.
+     */
+    shouldEnforce(): boolean;
+    /**
+     * Check if violations should block execution.
+     */
+    shouldBlockViolations(): boolean;
+    /**
+     * Check if context deadline has passed.
+     */
+    isExpired(): boolean;
+    /**
+     * Get remaining time before deadline.
+     */
+    remainingTimeSeconds(): number | undefined;
+    /**
+     * Start a new trace span.
+     */
+    startSpan(operationName: string, tags?: Record<string, unknown>): ExecutionTrace;
+    /**
+     * End the current trace span.
+     */
+    endSpan(status?: string): void;
+    /**
+     * Add a log entry to the current trace.
+     */
+    addLog(message: string, level?: string): void;
+    /**
+     * Create a child context for nested operations.
+     */
+    childContext(_operation?: string): ExecutionContext;
+    /**
+     * Create a new context with different execution mode.
+     */
+    withMode(mode: ExecutionMode): ExecutionContext;
+    /**
+     * Set a context attribute.
+     */
+    setAttribute(key: string, value: unknown): void;
+    /**
+     * Get a context attribute.
+     */
+    getAttribute<T>(key: string, defaultValue?: T): T | undefined;
+    /**
+     * Set baggage (propagated across service boundaries).
+     */
+    setBaggage(key: string, value: string): void;
+    /**
+     * Get baggage value.
+     */
+    getBaggage(key: string, defaultValue?: string): string;
+    /**
+     * Export context to HTTP headers for propagation.
+     */
+    toHeaders(): ContextHeaders;
+    /**
+     * Create context from HTTP headers.
+     */
+    static fromHeaders(headers: Record<string, string>, agentId: string): ExecutionContext;
+    /**
+     * Export context to dictionary.
+     */
+    toDict(): Record<string, unknown>;
+    /**
+     * Get all traces.
+     */
+    getTraces(): ExecutionTrace[];
+}
+/**
+ * Get the current execution context.
+ */
+declare function getCurrentContext(): ExecutionContext | undefined;
+/**
+ * Set the current execution context.
+ */
+declare function setCurrentContext(ctx: ExecutionContext): void;
+/**
+ * Clear the current execution context.
+ */
+declare function clearContext(): void;
+/**
+ * Run a function within a context scope.
+ */
+declare function withContextScope<T>(ctx: ExecutionContext, fn: () => Promise<T>): Promise<T>;
+/**
+ * Decorator-like function to wrap async functions with context.
+ */
+declare function withContext(mode?: ExecutionMode, timeoutSeconds?: number): <T extends (...args: unknown[]) => Promise<unknown>>(target: T, context?: ClassMethodDecoratorContext) => T;
+/**
+ * Vaikora Interceptor - Function wrapper for AI agent security
+ *
+ * Provides decorator-like functionality for securing AI agent actions:
+ * - Data validation (PII, anomalies, toxicity)
+ * - Policy evaluation
+ * - Human-in-the-loop approval
+ */
+/**
+ * Action to take when policy denies or issues are found
+ */
+declare enum InterceptorAction {
+    BLOCK = "block",
+    WARN = "warn",
+    QUEUE = "queue",
+    FALLBACK = "fallback"
+}
+/**
+ * Result from an intercepted function call
+ */
+interface InterceptorResult<T = unknown> {
+    success: boolean;
+    actionId?: string;
+    result?: T;
+    error?: string;
+    validationIssues: string[];
+    policyViolation?: string;
+    approvalRequired: boolean;
+    approvalId?: string;
+    executionTimeMs: number;
+}
+/**
+ * Configuration for the interceptor
+ */
+interface InterceptorConfig {
+    actionType: string;
+    resource?: string;
+    agentId?: string;
+    validateInputs?: boolean;
+    validateOutputs?: boolean;
+    validationStrict?: boolean;
+    checkPii?: boolean;
+    checkAnomalies?: boolean;
+    checkToxicity?: boolean;
+    autoClean?: boolean;
+    evaluatePolicy?: boolean;
+    onPolicyDeny?: InterceptorAction;
+    requireApproval?: boolean;
+    approvalTimeoutSeconds?: number;
+    approvalNotifyChannels?: string[];
+    approvalMessage?: string;
+    fallbackFunction?: (...args: unknown[]) => Promise<unknown>;
+    metadata?: Record<string, unknown>;
+    tags?: string[];
+}
+/**
+ * Exception thrown when policy denies the action
+ */
+declare class PolicyDeniedException extends Error {
+    policyId?: string | undefined;
+    actionId?: string | undefined;
+    constructor(message: string, policyId?: string | undefined, actionId?: string | undefined);
+}
+/**
+ * Exception thrown when validation fails
+ */
+declare class ValidationException extends Error {
+    issues: string[];
+    constructor(message: string, issues: string[]);
+}
+/**
+ * Exception thrown when approval is required
+ */
+declare class ApprovalRequiredException extends Error {
+    approvalId: string;
+    actionId?: string | undefined;
+    constructor(message: string, approvalId: string, actionId?: string | undefined);
+}
+/**
+ * Exception thrown when approval is denied
+ */
+declare class ApprovalDeniedException extends Error {
+    approvalId: string;
+    reason?: string | undefined;
+    constructor(message: string, approvalId: string, reason?: string | undefined);
+}
+/**
+ * Vaikora Interceptor class
+ */
+declare class VaikoraInterceptor {
+    private client;
+    private config;
+    constructor(client: VaikoraClient, config: InterceptorConfig);
+    /**
+     * Wrap a function with Vaikora security
+     */
+    wrap<TArgs extends unknown[], TResult>(fn: (...args: TArgs) => Promise<TResult>): (...args: TArgs) => Promise<InterceptorResult<TResult>>;
+    /**
+     * Validate data using Vaikora API
+     */
+    private validateData;
+    /**
+     * Wait for approval to be granted or denied
+     */
+    private waitForApproval;
+}
+/**
+ * Create an interceptor decorator
+ */
+declare function createInterceptor(client: VaikoraClient, config: InterceptorConfig): <TArgs extends unknown[], TResult>(fn: (...args: TArgs) => Promise<TResult>) => (...args: TArgs) => Promise<InterceptorResult<TResult>>;
+/**
+ * Decorator factory for intercepting functions
+ */
+declare function interceptor(client: VaikoraClient, config: InterceptorConfig): <TArgs extends unknown[], TResult>(_target: unknown, _propertyKey: string, descriptor: TypedPropertyDescriptor<(...args: TArgs) => Promise<TResult>>) => TypedPropertyDescriptor<(...args: TArgs) => Promise<TResult>>;
+/**
+ * Agents API
+ */
+declare class AgentsAPI {
+    private client;
+    constructor(client: VaikoraClient);
+    register(data: AgentCreate): Promise<Agent>;
+    get(agentId: string): Promise<Agent>;
+    list(params?: AgentListParams): Promise<PaginatedList<Agent>>;
+    update(agentId: string, data: AgentUpdate): Promise<Agent>;
+    deactivate(agentId: string): Promise<Agent>;
+    delete(agentId: string): Promise<void>;
+}
+/**
+ * Actions API
+ */
+declare class ActionsAPI {
+    private client;
+    constructor(client: VaikoraClient);
+    submit(data: SDKActionSubmit): Promise<SDKActionResult>;
+    submitSandbox(data: SDKActionSubmit): Promise<any>;
+    get(actionId: string): Promise<Action>;
+    list(params?: ActionListParams): Promise<PaginatedList<Action>>;
+    complete(actionId: string, data: ActionComplete): Promise<Action>;
+}
+/**
+ * Policies API
+ */
+declare class PoliciesAPI {
+    private client;
+    constructor(client: VaikoraClient);
+    list(params?: PolicyListParams): Promise<PaginatedList<Policy>>;
+    get(policyId: string): Promise<Policy>;
+}
+/**
+ * Alerts API
+ */
+declare class AlertsAPI {
+    private client;
+    constructor(client: VaikoraClient);
+    list(params?: AlertListParams): Promise<PaginatedList<Alert>>;
+    get(alertId: string): Promise<Alert>;
+    acknowledge(alertId: string): Promise<Alert>;
+    resolve(alertId: string, options?: {
+        notes?: string;
+    }): Promise<Alert>;
+    ignore(alertId: string): Promise<Alert>;
+}
+/**
+ * Main Vaikora Client
+ */
+declare class VaikoraClient {
+    private httpClient;
+    private defaultAgentId?;
+    agents: AgentsAPI;
+    actions: ActionsAPI;
+    policies: PoliciesAPI;
+    alerts: AlertsAPI;
+    constructor(config: VaikoraClientConfig);
+    /**
+     * Make an HTTP request
+     */
+    request<T>(method: string, path: string, data?: Record<string, unknown>, params?: Record<string, unknown>): Promise<T>;
+    /**
+     * Get the default agent ID
+     */
+    getDefaultAgentId(): string | undefined;
+}
+/**
+ * Higher-order function to wrap actions with Vaikora security evaluation
+ */
+declare function secureAction<TArgs extends unknown[], TResult>(client: VaikoraClient, options: SecureActionOptions): (fn: (...args: TArgs) => Promise<TResult>) => (...args: TArgs) => Promise<TResult>;
+/**
+ * Configure the global Vaikora client
+ *
+ * @example
+ * ```typescript
+ * import { configure } from '@vaikora/sdk';
+ *
+ * configure('your-api-key', {
+ *   baseUrl: 'https://api.vaikora.ai',
+ *   timeout: 30000,
+ * });
+ * ```
+ */
+declare function configure(apiKey: string, options?: ConfigureOptions): VaikoraClient;
+/**
+ * Get the global client instance
+ *
+ * @throws Error if client is not configured
+ */
+declare function getClient(): VaikoraClient;
+/**
+ * Register an AI agent with Vaikora
+ *
+ * @example
+ * ```typescript
+ * import { configure, register } from '@vaikora/sdk';
+ *
+ * configure('your-api-key');
+ *
+ * const agent = await register({
+ *   name: 'my-assistant',
+ *   agentType: 'autonomous',
+ *   capabilities: ['data_access', 'email_send'],
+ * });
+ * ```
+ */
+declare function register(options: RegisterOptions): Promise<Agent>;
+/**
+ * Get the globally registered agent ID
+ */
+declare function getAgentId(): string | null;
+/**
+ * Set the global agent ID (for existing agents)
+ */
+declare function setAgentId(agentId: string): void;
+/**
+ * Validate data for PII, anomalies, and toxicity
+ *
+ * @example
+ * ```typescript
+ * import { configure, validateData } from '@vaikora/sdk';
+ *
+ * configure('your-api-key');
+ *
+ * const result = await validateData(
+ *   { email: 'user@example.com', message: 'Hello world' },
+ *   { checkPii: true, checkToxicity: true }
+ * );
+ *
+ * if (!result.isValid) {
+ *   console.log('Issues found:', result.issues);
+ * }
+ * ```
+ */
+declare function validateData(data: unknown, options?: ValidateDataOptions): Promise<DataValidationResult>;
+/**
+ * Submit an action for policy evaluation
+ *
+ * @example
+ * ```typescript
+ * import { configure, register, submitAction } from '@vaikora/sdk';
+ *
+ * configure('your-api-key');
+ * await register({ name: 'my-agent' });
+ *
+ * const result = await submitAction({
+ *   actionType: 'data_export',
+ *   resource: 'users',
+ *   payload: { format: 'csv', limit: 1000 },
+ * });
+ *
+ * if (result.approved) {
+ *   // Execute the action
+ * }
+ * ```
+ */
+declare function submitAction(options: {
+    actionType: string;
+    resource?: string;
+    payload?: Record<string, unknown>;
+    metadata?: Record<string, unknown>;
+    agentId?: string;
+}): Promise<SDKActionResult>;
+/**
+ * Create a secure action wrapper using the global client
+ *
+ * @example
+ * ```typescript
+ * import { configure, register, wrapAction } from '@vaikora/sdk';
+ *
+ * configure('your-api-key');
+ * await register({ name: 'my-agent' });
+ *
+ * const secureExport = wrapAction(
+ *   { actionType: 'data_export', resource: 'users' },
+ *   async (query: string) => {
+ *     return await database.query(query);
+ *   }
+ * );
+ *
+ * // Now the function is secured
+ * const data = await secureExport('SELECT * FROM users');
+ * ```
+ */
+declare function wrapAction<TArgs extends unknown[], TResult>(options: SecureActionOptions, fn: (...args: TArgs) => Promise<TResult>): (...args: TArgs) => Promise<TResult>;
+/**
+ * Immediately freeze the agent
+ *
+ * @example
+ * ```typescript
+ * import { freezeAgent, FreezeReason } from '@vaikora/sdk';
+ *
+ * await freezeAgent({
+ *   reason: FreezeReason.ANOMALY_DETECTED,
+ *   message: 'Unusual behavior detected',
+ *   durationSeconds: 3600, // 1 hour
+ * });
+ * ```
+ */
+declare function freezeAgent(options: FreezeOptions): FreezeState;
+/**
+ * Resume agent operations after a freeze
+ *
+ * @example
+ * ```typescript
+ * import { resumeAgent } from '@vaikora/sdk';
+ *
+ * resumeAgent({ notes: 'Issue resolved' });
+ * ```
+ */
+declare function resumeAgent(options?: ResumeOptions): FreezeState;
+/**
+ * Check if the agent is currently frozen
+ */
+declare function isAgentFrozen(): boolean;
+/**
+ * Get the current freeze state
+ */
+declare function getFreezeState(): FreezeState | null;
+export { type Action, type ActionComplete, type ActionDecision, type ActionListParams, type ActionResponse, type ActionResult, type ActionStatus, type ActionSubmit, type ActionSubmitResult, type Agent, type AgentCreate, type AgentCredentials, AgentFrozenError, AgentIdentity, type AgentListParams, type AgentStatus, type AgentType, type AgentUpdate, type Alert, type AlertListParams, type AlertSeverity, type AlertStats, type AlertStatus, ApprovalDeniedException, ApprovalRequiredException, ApprovalStatus, type Attestation, type AttestationClaims, AuthenticationError, AuthorizationError, CircuitBreaker, type CircuitBreakerConfig, CircuitBreakerOpenError, CircuitState, type ConfigureOptions, ConflictError, type ContextHeaders, ContextLevel, type DataValidationResult, EmergencyController, ExecutionContext, type ExecutionContextOptions, ExecutionMode, type ExecutionTrace, type FreezeCallback, type FreezeOptions, FreezeReason, FreezeScope, type FreezeState, InterceptorAction, type InterceptorConfig, type InterceptorResult, type ListParams, NetworkError, NotFoundError, type OrganizationStats, type PaginatedList, type PaginatedResponse, type Policy, PolicyDeniedException, type PolicyListParams, PolicyViolationError, RateLimitError, type RegisterOptions, type ResumeCallback, type ResumeOptions, type RiskFactor, type SDKActionResult, type SDKActionSubmit, type SecureActionOptions, ServerError, type SignedHeaders, type SignedRequest, type ThreatDetail, TimeoutError, type TraceLog, VaikoraClient, type VaikoraClientConfig, VaikoraError, VaikoraInterceptor, type ValidateDataOptions, ValidationError, ValidationException, type VerificationResult, assertNotFrozen, clearContext, configure, createInterceptor, freezeAgent, frozenGuard, getAgentId, getClient, getCurrentContext, getFreezeState, interceptor, isAgentFrozen, raiseForStatus, register, resumeAgent, secureAction, setAgentId, setCurrentContext, submitAction, validateData, withContext, withContextScope, wrapAction };