@vainplex/openclaw-governance 0.1.0

package/dist/src/cross-agent.d.ts

@@ -0,0 +1,23 @@
+import type { AgentRelationship, EvaluationContext, PluginLogger, Policy, PolicyIndex } from "./types.js";
+import type { TrustManager } from "./trust-manager.js";
+export declare class CrossAgentManager {
+    private readonly graph;
+    private readonly trustManager;
+    private readonly logger;
+    constructor(trustManager: TrustManager, logger: PluginLogger);
+    registerRelationship(parentSessionKey: string, childSessionKey: string): void;
+    removeRelationship(childSessionKey: string): void;
+    getParent(childSessionKey: string): AgentRelationship | null;
+    getChildren(parentSessionKey: string): AgentRelationship[];
+    enrichContext(ctx: EvaluationContext): EvaluationContext;
+    resolveEffectivePolicies(ctx: EvaluationContext, index: PolicyIndex): Policy[];
+    computeTrustCeiling(sessionKey: string): number;
+    getGraphSummary(): {
+        agentCount: number;
+        relationships: AgentRelationship[];
+    };
+    private getInheritedPolicyIds;
+    private collectAgentPolicies;
+    private mergePolicies;
+}
+//# sourceMappingURL=cross-agent.d.ts.map

package/dist/src/cross-agent.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cross-agent.d.ts","sourceRoot":"","sources":["../../src/cross-agent.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAEV,iBAAiB,EACjB,iBAAiB,EACjB,YAAY,EACZ,MAAM,EACN,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAQvD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAa;IACnC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;gBAE1B,YAAY,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IAM5D,oBAAoB,CAClB,gBAAgB,EAAE,MAAM,EACxB,eAAe,EAAE,MAAM,GACtB,IAAI;IAkBP,kBAAkB,CAAC,eAAe,EAAE,MAAM,GAAG,IAAI;IAIjD,SAAS,CAAC,eAAe,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;IAoB5D,WAAW,CAAC,gBAAgB,EAAE,MAAM,GAAG,iBAAiB,EAAE;IAU1D,aAAa,CAAC,GAAG,EAAE,iBAAiB,GAAG,iBAAiB;IAuBxD,wBAAwB,CACtB,GAAG,EAAE,iBAAiB,EACtB,KAAK,EAAE,WAAW,GACjB,MAAM,EAAE;IAkBX,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;IAU/C,eAAe,IAAI;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,EAAE,iBAAiB,EAAE,CAAC;KACpC;IAOD,OAAO,CAAC,qBAAqB;IAO7B,OAAO,CAAC,oBAAoB;IAsC5B,OAAO,CAAC,aAAa;CAgBtB"}

package/dist/src/cross-agent.js

@@ -0,0 +1,142 @@
+import { extractAgentId, extractParentSessionKey, isSubAgent, scoreToTier, } from "./util.js";
+export class CrossAgentManager {
+    graph;
+    trustManager;
+    logger;
+    constructor(trustManager, logger) {
+        this.graph = { relationships: new Map() };
+        this.trustManager = trustManager;
+        this.logger = logger;
+    }
+    registerRelationship(parentSessionKey, childSessionKey) {
+        const parentAgentId = extractAgentId(parentSessionKey);
+        const childAgentId = extractAgentId(childSessionKey);
+        const rel = {
+            parentAgentId,
+            parentSessionKey,
+            childAgentId,
+            childSessionKey,
+            createdAt: Date.now(),
+        };
+        this.graph.relationships.set(childSessionKey, rel);
+        this.logger.info(`[governance] Registered sub-agent: ${childAgentId} → parent ${parentAgentId}`);
+    }
+    removeRelationship(childSessionKey) {
+        this.graph.relationships.delete(childSessionKey);
+    }
+    getParent(childSessionKey) {
+        // First check explicit registrations
+        const explicit = this.graph.relationships.get(childSessionKey);
+        if (explicit)
+            return explicit;
+        // Fall back to session key parsing
+        if (!isSubAgent(childSessionKey))
+            return null;
+        const parentKey = extractParentSessionKey(childSessionKey);
+        if (!parentKey)
+            return null;
+        return {
+            parentAgentId: extractAgentId(parentKey),
+            parentSessionKey: parentKey,
+            childAgentId: extractAgentId(childSessionKey),
+            childSessionKey,
+            createdAt: 0,
+        };
+    }
+    getChildren(parentSessionKey) {
+        const children = [];
+        for (const rel of this.graph.relationships.values()) {
+            if (rel.parentSessionKey === parentSessionKey) {
+                children.push(rel);
+            }
+        }
+        return children;
+    }
+    enrichContext(ctx) {
+        const parent = this.getParent(ctx.sessionKey);
+        if (!parent)
+            return ctx;
+        const ceiling = this.computeTrustCeiling(ctx.sessionKey);
+        const cappedScore = Math.min(ctx.trust.score, ceiling);
+        const cappedTier = scoreToTier(cappedScore);
+        // Collect inherited policy IDs (we'll resolve them later)
+        const inheritedPolicyIds = this.getInheritedPolicyIds(parent);
+        return {
+            ...ctx,
+            trust: { score: cappedScore, tier: cappedTier },
+            crossAgent: {
+                parentAgentId: parent.parentAgentId,
+                parentSessionKey: parent.parentSessionKey,
+                inheritedPolicyIds,
+                trustCeiling: ceiling,
+            },
+        };
+    }
+    resolveEffectivePolicies(ctx, index) {
+        // Collect own policies
+        const ownPolicies = this.collectAgentPolicies(ctx.agentId, ctx.hook, index);
+        const parent = this.getParent(ctx.sessionKey);
+        if (!parent)
+            return ownPolicies;
+        // Collect parent policies (1-level only)
+        const parentPolicies = this.collectAgentPolicies(parent.parentAgentId, ctx.hook, index);
+        // Merge with deduplication by policy ID
+        return this.mergePolicies(ownPolicies, parentPolicies);
+    }
+    computeTrustCeiling(sessionKey) {
+        const parent = this.getParent(sessionKey);
+        if (!parent)
+            return Infinity;
+        const parentTrust = this.trustManager.getAgentTrust(parent.parentAgentId);
+        return parentTrust.score;
+    }
+    getGraphSummary() {
+        return {
+            agentCount: this.graph.relationships.size,
+            relationships: [...this.graph.relationships.values()],
+        };
+    }
+    getInheritedPolicyIds(parent) {
+        // We don't have the index here, so just record the parent info
+        return [`inherited-from:${parent.parentAgentId}`];
+    }
+    collectAgentPolicies(agentId, hook, index) {
+        const result = [];
+        const seen = new Set();
+        // Agent-specific policies
+        const agentPolicies = index.byAgent.get(agentId) ?? [];
+        for (const p of agentPolicies) {
+            if (!seen.has(p.id)) {
+                seen.add(p.id);
+                result.push(p);
+            }
+        }
+        // Global policies
+        const globalPolicies = index.byAgent.get("*") ?? [];
+        for (const p of globalPolicies) {
+            if (!seen.has(p.id)) {
+                seen.add(p.id);
+                result.push(p);
+            }
+        }
+        // Filter by hook
+        const hookPolicies = index.byHook.get(hook);
+        if (hookPolicies) {
+            const hookIds = new Set(hookPolicies.map((p) => p.id));
+            return result.filter((p) => hookIds.has(p.id));
+        }
+        return result;
+    }
+    mergePolicies(own, parent) {
+        const merged = [...own];
+        const seenIds = new Set(own.map((p) => p.id));
+        for (const p of parent) {
+            if (!seenIds.has(p.id)) {
+                seenIds.add(p.id);
+                merged.push(p);
+            }
+        }
+        return merged;
+    }
+}
+//# sourceMappingURL=cross-agent.js.map

package/dist/src/cross-agent.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cross-agent.js","sourceRoot":"","sources":["../../src/cross-agent.ts"],"names":[],"mappings":"AASA,OAAO,EACL,cAAc,EACd,uBAAuB,EACvB,UAAU,EACV,WAAW,GACZ,MAAM,WAAW,CAAC;AAEnB,MAAM,OAAO,iBAAiB;IACX,KAAK,CAAa;IAClB,YAAY,CAAe;IAC3B,MAAM,CAAe;IAEtC,YAAY,YAA0B,EAAE,MAAoB;QAC1D,IAAI,CAAC,KAAK,GAAG,EAAE,aAAa,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC;QAC1C,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,oBAAoB,CAClB,gBAAwB,EACxB,eAAuB;QAEvB,MAAM,aAAa,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;QACvD,MAAM,YAAY,GAAG,cAAc,CAAC,eAAe,CAAC,CAAC;QAErD,MAAM,GAAG,GAAsB;YAC7B,aAAa;YACb,gBAAgB;YAChB,YAAY;YACZ,eAAe;YACf,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sCAAsC,YAAY,aAAa,aAAa,EAAE,CAC/E,CAAC;IACJ,CAAC;IAED,kBAAkB,CAAC,eAAuB;QACxC,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IACnD,CAAC;IAED,SAAS,CAAC,eAAuB;QAC/B,qCAAqC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC/D,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAE9B,mCAAmC;QACnC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC;YAAE,OAAO,IAAI,CAAC;QAE9C,MAAM,SAAS,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAC3D,IAAI,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC;QAE5B,OAAO;YACL,aAAa,EAAE,cAAc,CAAC,SAAS,CAAC;YACxC,gBAAgB,EAAE,SAAS;YAC3B,YAAY,EAAE,cAAc,CAAC,eAAe,CAAC;YAC7C,eAAe;YACf,SAAS,EAAE,CAAC;SACb,CAAC;IACJ,CAAC;IAED,WAAW,CAAC,gBAAwB;QAClC,MAAM,QAAQ,GAAwB,EAAE,CAAC;QACzC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,EAAE,CAAC;YACpD,IAAI,GAAG,CAAC,gBAAgB,KAAK,gBAAgB,EAAE,CAAC;gBAC9C,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,aAAa,CAAC,GAAsB;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM;YAAE,OAAO,GAAG,CAAC;QAExB,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;QAE5C,0DAA0D;QAC1D,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAE9D,OAAO;YACL,GAAG,GAAG;YACN,KAAK,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,UAAU,EAAE;YAC/C,UAAU,EAAE;gBACV,aAAa,EAAE,MAAM,CAAC,aAAa;gBACnC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;gBACzC,kBAAkB;gBAClB,YAAY,EAAE,OAAO;aACtB;SACF,CAAC;IACJ,CAAC;IAED,wBAAwB,CACtB,GAAsB,EACtB,KAAkB;QAElB,uBAAuB;QACvB,MAAM,WAAW,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAE5E,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM;YAAE,OAAO,WAAW,CAAC;QAEhC,yCAAyC;QACzC,MAAM,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAC9C,MAAM,CAAC,aAAa,EACpB,GAAG,CAAC,IAAI,EACR,KAAK,CACN,CAAC;QAEF,wCAAwC;QACxC,OAAO,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IACzD,CAAC;IAED,mBAAmB,CAAC,UAAkB;QACpC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,OAAO,QAAQ,CAAC;QAE7B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,aAAa,CACjD,MAAM,CAAC,aAAa,CACrB,CAAC;QACF,OAAO,WAAW,CAAC,KAAK,CAAC;IAC3B,CAAC;IAED,eAAe;QAIb,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI;YACzC,aAAa,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;SACtD,CAAC;IACJ,CAAC;IAEO,qBAAqB,CAC3B,MAAyB;QAEzB,+DAA+D;QAC/D,OAAO,CAAC,kBAAkB,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;IACpD,CAAC;IAEO,oBAAoB,CAC1B,OAAe,EACf,IAAY,EACZ,KAAkB;QAElB,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAE/B,0BAA0B;QAC1B,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACvD,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACf,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,MAAM,cAAc,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACpD,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACf,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,CACnC,IAAiC,CAClC,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACvD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACjD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,aAAa,CACnB,GAAa,EACb,MAAgB;QAEhB,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAE9C,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAClB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/src/engine.d.ts

@@ -0,0 +1,29 @@
+import type { AgentTrust, EvaluationContext, GovernanceConfig, GovernanceStatus, PluginLogger, TrustStore, Verdict } from "./types.js";
+export declare class GovernanceEngine {
+    private readonly config;
+    private readonly logger;
+    private policyIndex;
+    private readonly evaluator;
+    private readonly riskAssessor;
+    private readonly trustManager;
+    private readonly crossAgentManager;
+    private readonly auditTrail;
+    private readonly frequencyTracker;
+    private readonly stats;
+    private workspace;
+    constructor(config: GovernanceConfig, logger: PluginLogger, workspace?: string);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    evaluate(ctx: EvaluationContext): Promise<Verdict>;
+    private buildDeps;
+    private runPipeline;
+    private recordAudit;
+    private handleEvalError;
+    recordOutcome(agentId: string, _toolName: string, success: boolean): void;
+    registerSubAgent(parentSessionKey: string, childSessionKey: string): void;
+    getStatus(): GovernanceStatus;
+    getTrust(agentId?: string): AgentTrust | TrustStore;
+    setTrust(agentId: string, score: number): void;
+    private updateStats;
+}
+//# sourceMappingURL=engine.d.ts.map

package/dist/src/engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/engine.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAGV,UAAU,EAEV,iBAAiB,EAEjB,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EAIZ,UAAU,EACV,OAAO,EACR,MAAM,YAAY,CAAC;AAWpB,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAmB;IAC1C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IACtC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAkB;IAC5C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAoB;IACtD,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAa;IACxC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAuB;IACxD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkB;IACxC,OAAO,CAAC,SAAS,CAAS;gBAGxB,MAAM,EAAE,gBAAgB,EACxB,MAAM,EAAE,YAAY,EACpB,SAAS,CAAC,EAAE,MAAM;IA8Bd,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAoBtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAUrB,QAAQ,CAAC,GAAG,EAAE,iBAAiB,GAAG,OAAO,CAAC,OAAO,CAAC;IAWxD,OAAO,CAAC,SAAS;IASjB,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,WAAW;IA0BnB,OAAO,CAAC,eAAe;IAgCvB,aAAa,CACX,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,OAAO,GACf,IAAI;IASP,gBAAgB,CACd,gBAAgB,EAAE,MAAM,EACxB,eAAe,EAAE,MAAM,GACtB,IAAI;IAOP,SAAS,IAAI,gBAAgB;IAsB7B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,UAAU,GAAG,UAAU;IAKnD,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAI9C,OAAO,CAAC,WAAW;CAUpB"}

package/dist/src/engine.js

@@ -0,0 +1,195 @@
+import { buildPolicyIndex, loadPolicies } from "./policy-loader.js";
+import { PolicyEvaluator } from "./policy-evaluator.js";
+import { createConditionEvaluators } from "./conditions/index.js";
+import { RiskAssessor } from "./risk-assessor.js";
+import { TrustManager } from "./trust-manager.js";
+import { CrossAgentManager } from "./cross-agent.js";
+import { AuditTrail } from "./audit-trail.js";
+import { FrequencyTrackerImpl } from "./frequency-tracker.js";
+import { nowUs } from "./util.js";
+export class GovernanceEngine {
+    config;
+    logger;
+    policyIndex;
+    evaluator;
+    riskAssessor;
+    trustManager;
+    crossAgentManager;
+    auditTrail;
+    frequencyTracker;
+    stats;
+    workspace;
+    constructor(config, logger, workspace) {
+        this.config = config;
+        this.logger = logger;
+        this.workspace =
+            workspace ?? `${process.env["HOME"] ?? "/tmp"}/.openclaw/plugins/openclaw-governance`;
+        const conditionEvaluators = createConditionEvaluators();
+        this.evaluator = new PolicyEvaluator(conditionEvaluators);
+        this.riskAssessor = new RiskAssessor(config.toolRiskOverrides);
+        this.trustManager = new TrustManager(config.trust, this.workspace, logger);
+        this.crossAgentManager = new CrossAgentManager(this.trustManager, logger);
+        this.auditTrail = new AuditTrail(config.audit, this.workspace, logger);
+        this.frequencyTracker = new FrequencyTrackerImpl(config.performance.frequencyBufferSize);
+        this.policyIndex = { byHook: new Map(), byAgent: new Map(), regexCache: new Map() };
+        this.stats = {
+            totalEvaluations: 0,
+            allowCount: 0,
+            denyCount: 0,
+            errorCount: 0,
+            avgEvaluationUs: 0,
+        };
+    }
+    async start() {
+        const allPolicies = loadPolicies(this.config.policies, this.config.builtinPolicies, this.logger);
+        this.policyIndex = buildPolicyIndex(allPolicies);
+        this.trustManager.load();
+        this.auditTrail.load();
+        this.frequencyTracker.clear();
+        this.trustManager.startPersistence();
+        this.auditTrail.startAutoFlush();
+        this.logger.info(`[governance] Engine started: ${allPolicies.length} policies loaded`);
+    }
+    async stop() {
+        try {
+            this.trustManager.stopPersistence();
+        }
+        catch (e) {
+            this.logger.error(`[governance] Error stopping trust persistence: ${e instanceof Error ? e.message : String(e)}`);
+        }
+        try {
+            this.auditTrail.stopAutoFlush();
+        }
+        catch (e) {
+            this.logger.error(`[governance] Error stopping audit flush: ${e instanceof Error ? e.message : String(e)}`);
+        }
+        this.logger.info("[governance] Engine stopped");
+    }
+    async evaluate(ctx) {
+        const startUs = nowUs();
+        try {
+            const verdict = this.runPipeline(ctx, startUs);
+            this.updateStats(verdict.action, verdict.evaluationUs);
+            return verdict;
+        }
+        catch (e) {
+            return this.handleEvalError(e, ctx, startUs);
+        }
+    }
+    buildDeps(risk) {
+        return {
+            regexCache: this.policyIndex.regexCache,
+            timeWindows: this.config.timeWindows,
+            risk,
+            frequencyTracker: this.frequencyTracker,
+        };
+    }
+    runPipeline(ctx, startUs) {
+        const enrichedCtx = this.crossAgentManager.enrichContext(ctx);
+        this.frequencyTracker.record({
+            timestamp: Date.now(),
+            agentId: enrichedCtx.agentId,
+            sessionKey: enrichedCtx.sessionKey,
+            toolName: enrichedCtx.toolName,
+        });
+        const risk = this.riskAssessor.assess(enrichedCtx, this.frequencyTracker);
+        const policies = this.crossAgentManager.resolveEffectivePolicies(enrichedCtx, this.policyIndex);
+        const evalResult = this.evaluator.evaluateWithDeps(enrichedCtx, policies, risk, this.buildDeps(risk));
+        const elapsedUs = nowUs() - startUs;
+        const verdict = {
+            action: evalResult.action, reason: evalResult.reason, risk,
+            matchedPolicies: evalResult.matches,
+            trust: enrichedCtx.trust, evaluationUs: elapsedUs,
+        };
+        this.recordAudit(enrichedCtx, verdict, risk, elapsedUs);
+        return verdict;
+    }
+    recordAudit(ctx, verdict, risk, elapsedUs) {
+        if (!this.config.audit.enabled)
+            return;
+        const auditCtx = {
+            hook: ctx.hook,
+            agentId: ctx.agentId,
+            sessionKey: ctx.sessionKey,
+            channel: ctx.channel,
+            toolName: ctx.toolName,
+            toolParams: ctx.toolParams,
+            messageContent: ctx.messageContent,
+            messageTo: ctx.messageTo,
+            crossAgent: ctx.crossAgent,
+        };
+        this.auditTrail.record(verdict.action, auditCtx, verdict.trust, { level: risk.level, score: risk.score }, verdict.matchedPolicies, elapsedUs);
+    }
+    handleEvalError(e, ctx, startUs) {
+        const elapsedUs = nowUs() - startUs;
+        this.stats.errorCount++;
+        this.logger.error(`[governance] Evaluation error: ${e instanceof Error ? e.message : String(e)}`);
+        const fallback = this.config.failMode === "closed" ? "deny" : "allow";
+        if (this.config.audit.enabled) {
+            this.auditTrail.record("error_fallback", { hook: ctx.hook, agentId: ctx.agentId, sessionKey: ctx.sessionKey, toolName: ctx.toolName }, ctx.trust, { level: "critical", score: 100 }, [], elapsedUs);
+        }
+        return {
+            action: fallback,
+            reason: fallback === "deny"
+                ? "Governance engine error (fail-closed)"
+                : "Governance engine error (fail-open)",
+            risk: { level: "critical", score: 100, factors: [] },
+            matchedPolicies: [],
+            trust: ctx.trust,
+            evaluationUs: elapsedUs,
+        };
+    }
+    recordOutcome(agentId, _toolName, success) {
+        if (!this.config.trust.enabled)
+            return;
+        if (success) {
+            this.trustManager.recordSuccess(agentId);
+        }
+        else {
+            this.trustManager.recordViolation(agentId);
+        }
+    }
+    registerSubAgent(parentSessionKey, childSessionKey) {
+        this.crossAgentManager.registerRelationship(parentSessionKey, childSessionKey);
+    }
+    getStatus() {
+        let policyCount = 0;
+        const counted = new Set();
+        for (const policies of this.policyIndex.byHook.values()) {
+            for (const p of policies) {
+                if (!counted.has(p.id)) {
+                    counted.add(p.id);
+                    policyCount++;
+                }
+            }
+        }
+        return {
+            enabled: this.config.enabled,
+            policyCount,
+            trustEnabled: this.config.trust.enabled,
+            auditEnabled: this.config.audit.enabled,
+            failMode: this.config.failMode,
+            stats: { ...this.stats },
+        };
+    }
+    getTrust(agentId) {
+        if (agentId)
+            return this.trustManager.getAgentTrust(agentId);
+        return this.trustManager.getStore();
+    }
+    setTrust(agentId, score) {
+        this.trustManager.setScore(agentId, score);
+    }
+    updateStats(action, us) {
+        this.stats.totalEvaluations++;
+        if (action === "allow")
+            this.stats.allowCount++;
+        else
+            this.stats.denyCount++;
+        // Running average
+        this.stats.avgEvaluationUs =
+            (this.stats.avgEvaluationUs * (this.stats.totalEvaluations - 1) + us) /
+                this.stats.totalEvaluations;
+    }
+}
+//# sourceMappingURL=engine.js.map

package/dist/src/engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/engine.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,WAAW,CAAC;AAElC,MAAM,OAAO,gBAAgB;IACV,MAAM,CAAmB;IACzB,MAAM,CAAe;IAC9B,WAAW,CAAc;IAChB,SAAS,CAAkB;IAC3B,YAAY,CAAe;IAC3B,YAAY,CAAe;IAC3B,iBAAiB,CAAoB;IACrC,UAAU,CAAa;IACvB,gBAAgB,CAAuB;IACvC,KAAK,CAAkB;IAChC,SAAS,CAAS;IAE1B,YACE,MAAwB,EACxB,MAAoB,EACpB,SAAkB;QAElB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,SAAS;YACZ,SAAS,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,wCAAwC,CAAC;QAExF,MAAM,mBAAmB,GAAG,yBAAyB,EAAE,CAAC;QACxD,IAAI,CAAC,SAAS,GAAG,IAAI,eAAe,CAAC,mBAAmB,CAAC,CAAC;QAC1D,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC/D,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,MAAM,CAAC,KAAK,EACZ,IAAI,CAAC,SAAS,EACd,MAAM,CACP,CAAC;QACF,IAAI,CAAC,iBAAiB,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QAC1E,IAAI,CAAC,UAAU,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QACvE,IAAI,CAAC,gBAAgB,GAAG,IAAI,oBAAoB,CAC9C,MAAM,CAAC,WAAW,CAAC,mBAAmB,CACvC,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,EAAE,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,GAAG,EAAE,EAAE,UAAU,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC;QACpF,IAAI,CAAC,KAAK,GAAG;YACX,gBAAgB,EAAE,CAAC;YACnB,UAAU,EAAE,CAAC;YACb,SAAS,EAAE,CAAC;YACZ,UAAU,EAAE,CAAC;YACb,eAAe,EAAE,CAAC;SACnB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,WAAW,GAAG,YAAY,CAC9B,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,eAAe,EAC3B,IAAI,CAAC,MAAM,CACZ,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;QAEjD,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;QACzB,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;QAE9B,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;QAEjC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gCAAgC,WAAW,CAAC,MAAM,kBAAkB,CACrE,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YAAC,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;QAAC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACpH,CAAC;QACD,IAAI,CAAC;YAAC,IAAI,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC;QAAC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC9G,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,GAAsB;QACnC,MAAM,OAAO,GAAG,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;YAC/C,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;YACvD,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,eAAe,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IAEO,SAAS,CAAC,IAAoB;QACpC,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,UAAU;YACvC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,IAAI;YACJ,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;SACxC,CAAC;IACJ,CAAC;IAEO,WAAW,CAAC,GAAsB,EAAE,OAAe;QACzD,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QAC9D,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC;YAC3B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,OAAO,EAAE,WAAW,CAAC,OAAO;YAC5B,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,QAAQ,EAAE,WAAW,CAAC,QAAQ;SAC/B,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC1E,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,wBAAwB,CAC9D,WAAW,EAAE,IAAI,CAAC,WAAW,CAC9B,CAAC;QACF,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAChD,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAClD,CAAC;QAEF,MAAM,SAAS,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;QACpC,MAAM,OAAO,GAAY;YACvB,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,IAAI;YAC1D,eAAe,EAAE,UAAU,CAAC,OAAO;YACnC,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,YAAY,EAAE,SAAS;SAClD,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACxD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,WAAW,CACjB,GAAsB,EACtB,OAAgB,EAChB,IAAyC,EACzC,SAAiB;QAEjB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;YAAE,OAAO;QACvC,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,UAAU,EAAE,GAAG,CAAC,UAAU;SAC3B,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,MAAM,CACpB,OAAO,CAAC,MAAsB,EAC9B,QAAQ,EAAE,OAAO,CAAC,KAAK,EACvB,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,EACxC,OAAO,CAAC,eAAe,EAAE,SAAS,CACnC,CAAC;IACJ,CAAC;IAEO,eAAe,CACrB,CAAU,EACV,GAAsB,EACtB,OAAe;QAEf,MAAM,SAAS,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;QACpC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,kCAAkC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC/E,CAAC;QACF,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;QAEtE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,UAAU,CAAC,MAAM,CACpB,gBAAgB,EAChB,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,EAC5F,GAAG,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,SAAS,CAC5D,CAAC;QACJ,CAAC;QAED,OAAO;YACL,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,QAAQ,KAAK,MAAM;gBACzB,CAAC,CAAC,uCAAuC;gBACzC,CAAC,CAAC,qCAAqC;YACzC,IAAI,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE;YACpD,eAAe,EAAE,EAAE;YACnB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,YAAY,EAAE,SAAS;SACxB,CAAC;IACJ,CAAC;IAED,aAAa,CACX,OAAe,EACf,SAAiB,EACjB,OAAgB;QAEhB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;YAAE,OAAO;QACvC,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,gBAAgB,CACd,gBAAwB,EACxB,eAAuB;QAEvB,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,CACzC,gBAAgB,EAChB,eAAe,CAChB,CAAC;IACJ,CAAC;IAED,SAAS;QACP,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;QAClC,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACxD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;oBACvB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBAClB,WAAW,EAAE,CAAC;gBAChB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,WAAW;YACX,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;YACvC,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;YACvC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,KAAK,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE;SACzB,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,OAAgB;QACvB,IAAI,OAAO;YAAE,OAAO,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC;IACtC,CAAC;IAED,QAAQ,CAAC,OAAe,EAAE,KAAa;QACrC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC7C,CAAC;IAEO,WAAW,CAAC,MAAwB,EAAE,EAAU;QACtD,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAC9B,IAAI,MAAM,KAAK,OAAO;YAAE,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;;YAC3C,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAE5B,kBAAkB;QAClB,IAAI,CAAC,KAAK,CAAC,eAAe;YACxB,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACrE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;IAChC,CAAC;CACF"}

package/dist/src/frequency-tracker.d.ts

@@ -0,0 +1,12 @@
+import type { FrequencyEntry, FrequencyTracker as IFrequencyTracker } from "./types.js";
+export declare class FrequencyTrackerImpl implements IFrequencyTracker {
+    private buffer;
+    private head;
+    private size;
+    private readonly capacity;
+    constructor(bufferSize: number);
+    record(entry: FrequencyEntry): void;
+    count(windowSeconds: number, scope: "agent" | "session" | "global", agentId: string, sessionKey: string): number;
+    clear(): void;
+}
+//# sourceMappingURL=frequency-tracker.d.ts.map

package/dist/src/frequency-tracker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"frequency-tracker.d.ts","sourceRoot":"","sources":["../../src/frequency-tracker.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,IAAI,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAExF,qBAAa,oBAAqB,YAAW,iBAAiB;IAC5D,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;gBAEtB,UAAU,EAAE,MAAM;IAO9B,MAAM,CAAC,KAAK,EAAE,cAAc,GAAG,IAAI;IAMnC,KAAK,CACH,aAAa,EAAE,MAAM,EACrB,KAAK,EAAE,OAAO,GAAG,SAAS,GAAG,QAAQ,EACrC,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,GACjB,MAAM;IAqBT,KAAK,IAAI,IAAI;CAKd"}

package/dist/src/frequency-tracker.js

@@ -0,0 +1,44 @@
+export class FrequencyTrackerImpl {
+    buffer;
+    head;
+    size;
+    capacity;
+    constructor(bufferSize) {
+        this.capacity = bufferSize;
+        this.buffer = new Array(bufferSize);
+        this.head = 0;
+        this.size = 0;
+    }
+    record(entry) {
+        this.buffer[this.head] = entry;
+        this.head = (this.head + 1) % this.capacity;
+        if (this.size < this.capacity)
+            this.size++;
+    }
+    count(windowSeconds, scope, agentId, sessionKey) {
+        const cutoff = Date.now() - windowSeconds * 1000;
+        let total = 0;
+        for (let i = 0; i < this.size; i++) {
+            const idx = (this.head - 1 - i + this.capacity) % this.capacity;
+            const entry = this.buffer[idx];
+            if (!entry || entry.timestamp < cutoff)
+                continue;
+            if (scope === "global") {
+                total++;
+            }
+            else if (scope === "agent" && entry.agentId === agentId) {
+                total++;
+            }
+            else if (scope === "session" && entry.sessionKey === sessionKey) {
+                total++;
+            }
+        }
+        return total;
+    }
+    clear() {
+        this.buffer = new Array(this.capacity);
+        this.head = 0;
+        this.size = 0;
+    }
+}
+//# sourceMappingURL=frequency-tracker.js.map

package/dist/src/frequency-tracker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"frequency-tracker.js","sourceRoot":"","sources":["../../src/frequency-tracker.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAmB;IACzB,IAAI,CAAS;IACb,IAAI,CAAS;IACJ,QAAQ,CAAS;IAElC,YAAY,UAAkB;QAC5B,IAAI,CAAC,QAAQ,GAAG,UAAU,CAAC;QAC3B,IAAI,CAAC,MAAM,GAAG,IAAI,KAAK,CAAiB,UAAU,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;QACd,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,KAAqB;QAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;QAC/B,IAAI,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5C,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ;YAAE,IAAI,CAAC,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED,KAAK,CACH,aAAqB,EACrB,KAAqC,EACrC,OAAe,EACf,UAAkB;QAElB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,GAAG,IAAI,CAAC;QACjD,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,SAAS,GAAG,MAAM;gBAAE,SAAS;YAEjD,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACvB,KAAK,EAAE,CAAC;YACV,CAAC;iBAAM,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBAC1D,KAAK,EAAE,CAAC;YACV,CAAC;iBAAM,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;gBAClE,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK;QACH,IAAI,CAAC,MAAM,GAAG,IAAI,KAAK,CAAiB,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;QACd,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;IAChB,CAAC;CACF"}

package/dist/src/hooks.d.ts

@@ -0,0 +1,4 @@
+import type { GovernanceConfig, OpenClawPluginApi } from "./types.js";
+import type { GovernanceEngine } from "./engine.js";
+export declare function registerGovernanceHooks(api: OpenClawPluginApi, engine: GovernanceEngine, config: GovernanceConfig): void;
+//# sourceMappingURL=hooks.d.ts.map

package/dist/src/hooks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../src/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAWhB,iBAAiB,EAElB,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAiOpD,wBAAgB,uBAAuB,CACrC,GAAG,EAAE,iBAAiB,EACtB,MAAM,EAAE,gBAAgB,EACxB,MAAM,EAAE,gBAAgB,GACvB,IAAI,CAwBN"}