@vettly/shared 0.1.15 → 0.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -9
- package/dist/index.cjs +101 -0
- package/dist/index.d.cts +218 -5
- package/dist/index.d.ts +218 -5
- package/dist/index.js +90 -0
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
# @vettly/shared
|
|
2
2
|
|
|
3
|
-
Type-safe contracts for
|
|
3
|
+
Type-safe contracts for UGC moderation. Runtime-validated schemas that ensure consistency across all Vettly packages.
|
|
4
4
|
|
|
5
|
-
##
|
|
5
|
+
## UGC Moderation Essentials
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
Apps with user-generated content need four things to stay compliant and keep users safe. This package provides the canonical types and schemas that enforce each requirement across all Vettly packages:
|
|
8
8
|
|
|
9
|
-
| Requirement |
|
|
10
|
-
|
|
11
|
-
| **Content filtering** |
|
|
12
|
-
| **User reporting** |
|
|
13
|
-
| **User blocking** |
|
|
14
|
-
| **Audit trail** |
|
|
9
|
+
| Requirement | Shared Types |
|
|
10
|
+
|-------------|--------------|
|
|
11
|
+
| **Content filtering** | `CheckRequest`, `CheckResponse`, `Action` |
|
|
12
|
+
| **User reporting** | `WebhookEventType`, `Decision` |
|
|
13
|
+
| **User blocking** | `ModerationContext`, `Action` |
|
|
14
|
+
| **Audit trail** | `Decision`, `ContentType`, `Policy` |
|
|
15
15
|
|
|
16
16
|
All packages (`@vettly/sdk`, `@vettly/react`, `@vettly/express`, `@vettly/nextjs`) depend on these shared contracts. See [@vettly/sdk](https://www.npmjs.com/package/@vettly/sdk) for the full integration picture.
|
|
17
17
|
|
package/dist/index.cjs
CHANGED
|
@@ -41,13 +41,24 @@ __export(index_exports, {
|
|
|
41
41
|
ModerationError: () => ModerationError,
|
|
42
42
|
MultiModalCheckRequestSchema: () => MultiModalCheckRequestSchema,
|
|
43
43
|
MultiModalCheckResponseSchema: () => MultiModalCheckResponseSchema,
|
|
44
|
+
OpenClawActionAuthorizeRequestSchema: () => OpenClawActionAuthorizeRequestSchema,
|
|
45
|
+
OpenClawActionAuthorizeResponseSchema: () => OpenClawActionAuthorizeResponseSchema,
|
|
46
|
+
OpenClawActionTypeSchema: () => OpenClawActionTypeSchema,
|
|
47
|
+
OpenClawGuardrailActionSchema: () => OpenClawGuardrailActionSchema,
|
|
48
|
+
OpenClawGuardrailPolicySchema: () => OpenClawGuardrailPolicySchema,
|
|
49
|
+
OpenClawPermissionSchema: () => OpenClawPermissionSchema,
|
|
50
|
+
OpenClawSkillSourceSchema: () => OpenClawSkillSourceSchema,
|
|
51
|
+
OpenClawSkillVettingRequestSchema: () => OpenClawSkillVettingRequestSchema,
|
|
52
|
+
OpenClawSkillVettingResponseSchema: () => OpenClawSkillVettingResponseSchema,
|
|
44
53
|
OverrideSchema: () => OverrideSchema,
|
|
45
54
|
PolicySchema: () => PolicySchema,
|
|
46
55
|
PolicyValidationError: () => PolicyValidationError,
|
|
47
56
|
ProviderError: () => ProviderError,
|
|
48
57
|
ProviderNameSchema: () => ProviderNameSchema,
|
|
49
58
|
ReplayRequestSchema: () => ReplayRequestSchema,
|
|
59
|
+
RollbackOpenClawGuardrailPolicyRequestSchema: () => RollbackOpenClawGuardrailPolicyRequestSchema,
|
|
50
60
|
RuleSchema: () => RuleSchema,
|
|
61
|
+
UpdateOpenClawGuardrailPolicyRequestSchema: () => UpdateOpenClawGuardrailPolicyRequestSchema,
|
|
51
62
|
UseCaseTypeSchema: () => UseCaseTypeSchema,
|
|
52
63
|
WebhookEndpointSchema: () => WebhookEndpointSchema,
|
|
53
64
|
WebhookEventTypeSchema: () => WebhookEventTypeSchema,
|
|
@@ -268,6 +279,83 @@ var ReplayRequestSchema = import_zod.z.object({
|
|
|
268
279
|
decisionId: import_zod.z.string().uuid(),
|
|
269
280
|
policyId: import_zod.z.string()
|
|
270
281
|
});
|
|
282
|
+
var OpenClawSkillSourceSchema = import_zod.z.enum(["local", "github", "clawhub", "remote_url"]);
|
|
283
|
+
var OpenClawPermissionSchema = import_zod.z.enum([
|
|
284
|
+
"read_file",
|
|
285
|
+
"write_file",
|
|
286
|
+
"delete_file",
|
|
287
|
+
"run_shell",
|
|
288
|
+
"network_access",
|
|
289
|
+
"access_secrets"
|
|
290
|
+
]);
|
|
291
|
+
var OpenClawActionTypeSchema = import_zod.z.enum([
|
|
292
|
+
"exec",
|
|
293
|
+
"file_read",
|
|
294
|
+
"file_write",
|
|
295
|
+
"network",
|
|
296
|
+
"env_access",
|
|
297
|
+
"skill_install"
|
|
298
|
+
]);
|
|
299
|
+
var OpenClawGuardrailActionSchema = import_zod.z.enum(["allow", "warn", "flag", "block"]);
|
|
300
|
+
var OpenClawSkillVettingRequestSchema = import_zod.z.object({
|
|
301
|
+
skillId: import_zod.z.string().min(1).max(200),
|
|
302
|
+
name: import_zod.z.string().min(1).max(200),
|
|
303
|
+
source: OpenClawSkillSourceSchema,
|
|
304
|
+
prompt: import_zod.z.string().min(1).max(5e4),
|
|
305
|
+
requestedPermissions: import_zod.z.array(OpenClawPermissionSchema).max(20).default([]),
|
|
306
|
+
hasChecksum: import_zod.z.boolean().default(false),
|
|
307
|
+
signedPublisher: import_zod.z.boolean().default(false),
|
|
308
|
+
maintainerReputation: import_zod.z.enum(["unknown", "trusted", "untrusted"]).default("unknown"),
|
|
309
|
+
metadata: import_zod.z.record(import_zod.z.unknown()).optional(),
|
|
310
|
+
requestId: import_zod.z.string().optional()
|
|
311
|
+
});
|
|
312
|
+
var OpenClawSkillVettingResponseSchema = import_zod.z.object({
|
|
313
|
+
decisionId: import_zod.z.string().uuid(),
|
|
314
|
+
action: OpenClawGuardrailActionSchema,
|
|
315
|
+
riskScore: import_zod.z.number().int().min(0).max(100),
|
|
316
|
+
reasons: import_zod.z.array(import_zod.z.string()),
|
|
317
|
+
categories: import_zod.z.array(import_zod.z.string()),
|
|
318
|
+
requiresApproval: import_zod.z.boolean(),
|
|
319
|
+
requestId: import_zod.z.string().optional()
|
|
320
|
+
});
|
|
321
|
+
var OpenClawActionAuthorizeRequestSchema = import_zod.z.object({
|
|
322
|
+
actionType: OpenClawActionTypeSchema,
|
|
323
|
+
command: import_zod.z.string().max(5e3).optional(),
|
|
324
|
+
targetPath: import_zod.z.string().max(2e3).optional(),
|
|
325
|
+
targetDomain: import_zod.z.string().max(500).optional(),
|
|
326
|
+
requestedPermissions: import_zod.z.array(OpenClawPermissionSchema).max(20).default([]),
|
|
327
|
+
policy: import_zod.z.object({
|
|
328
|
+
sensitivePathPrefixes: import_zod.z.array(import_zod.z.string().min(1).max(500)).max(200).default([]),
|
|
329
|
+
networkAllowlist: import_zod.z.array(import_zod.z.string().min(1).max(200)).max(500).default([]),
|
|
330
|
+
blockShellPatterns: import_zod.z.array(import_zod.z.string().min(1).max(200)).max(200).default([]),
|
|
331
|
+
requireApprovalScore: import_zod.z.number().int().min(0).max(100).default(40)
|
|
332
|
+
}).optional(),
|
|
333
|
+
metadata: import_zod.z.record(import_zod.z.unknown()).optional(),
|
|
334
|
+
requestId: import_zod.z.string().optional()
|
|
335
|
+
});
|
|
336
|
+
var OpenClawActionAuthorizeResponseSchema = import_zod.z.object({
|
|
337
|
+
decisionId: import_zod.z.string().uuid(),
|
|
338
|
+
action: OpenClawGuardrailActionSchema,
|
|
339
|
+
riskScore: import_zod.z.number().int().min(0).max(100),
|
|
340
|
+
reasons: import_zod.z.array(import_zod.z.string()),
|
|
341
|
+
categories: import_zod.z.array(import_zod.z.string()),
|
|
342
|
+
requiresApproval: import_zod.z.boolean(),
|
|
343
|
+
requestId: import_zod.z.string().optional()
|
|
344
|
+
});
|
|
345
|
+
var OpenClawGuardrailPolicySchema = import_zod.z.object({
|
|
346
|
+
sensitivePathPrefixes: import_zod.z.array(import_zod.z.string().min(1).max(500)).max(200).default([]),
|
|
347
|
+
networkAllowlist: import_zod.z.array(import_zod.z.string().min(1).max(200)).max(500).default([]),
|
|
348
|
+
blockShellPatterns: import_zod.z.array(import_zod.z.string().min(1).max(200)).max(200).default([]),
|
|
349
|
+
requireApprovalScore: import_zod.z.number().int().min(0).max(100).default(40)
|
|
350
|
+
});
|
|
351
|
+
var UpdateOpenClawGuardrailPolicyRequestSchema = import_zod.z.object({
|
|
352
|
+
projectId: import_zod.z.string().uuid(),
|
|
353
|
+
policy: OpenClawGuardrailPolicySchema
|
|
354
|
+
});
|
|
355
|
+
var RollbackOpenClawGuardrailPolicyRequestSchema = import_zod.z.object({
|
|
356
|
+
projectId: import_zod.z.string().uuid(),
|
|
357
|
+
version: import_zod.z.string().min(1).max(64)
|
|
358
|
+
});
|
|
271
359
|
var ModerationError = class extends Error {
|
|
272
360
|
constructor(message, code, statusCode = 500, details) {
|
|
273
361
|
super(message);
|
|
@@ -293,6 +381,8 @@ var WebhookEventTypeSchema = import_zod.z.enum([
|
|
|
293
381
|
"decision.created",
|
|
294
382
|
"decision.flagged",
|
|
295
383
|
"decision.blocked",
|
|
384
|
+
"openclaw.guardrail.blocked",
|
|
385
|
+
"openclaw.guardrail.approval_required",
|
|
296
386
|
"policy.created",
|
|
297
387
|
"policy.updated"
|
|
298
388
|
]);
|
|
@@ -346,13 +436,24 @@ function formatLatency(ms) {
|
|
|
346
436
|
ModerationError,
|
|
347
437
|
MultiModalCheckRequestSchema,
|
|
348
438
|
MultiModalCheckResponseSchema,
|
|
439
|
+
OpenClawActionAuthorizeRequestSchema,
|
|
440
|
+
OpenClawActionAuthorizeResponseSchema,
|
|
441
|
+
OpenClawActionTypeSchema,
|
|
442
|
+
OpenClawGuardrailActionSchema,
|
|
443
|
+
OpenClawGuardrailPolicySchema,
|
|
444
|
+
OpenClawPermissionSchema,
|
|
445
|
+
OpenClawSkillSourceSchema,
|
|
446
|
+
OpenClawSkillVettingRequestSchema,
|
|
447
|
+
OpenClawSkillVettingResponseSchema,
|
|
349
448
|
OverrideSchema,
|
|
350
449
|
PolicySchema,
|
|
351
450
|
PolicyValidationError,
|
|
352
451
|
ProviderError,
|
|
353
452
|
ProviderNameSchema,
|
|
354
453
|
ReplayRequestSchema,
|
|
454
|
+
RollbackOpenClawGuardrailPolicyRequestSchema,
|
|
355
455
|
RuleSchema,
|
|
456
|
+
UpdateOpenClawGuardrailPolicyRequestSchema,
|
|
356
457
|
UseCaseTypeSchema,
|
|
357
458
|
WebhookEndpointSchema,
|
|
358
459
|
WebhookEventTypeSchema,
|
package/dist/index.d.cts
CHANGED
|
@@ -735,6 +735,219 @@ declare const ReplayRequestSchema: z.ZodObject<{
|
|
|
735
735
|
decisionId: string;
|
|
736
736
|
}>;
|
|
737
737
|
type ReplayRequest = z.infer<typeof ReplayRequestSchema>;
|
|
738
|
+
declare const OpenClawSkillSourceSchema: z.ZodEnum<["local", "github", "clawhub", "remote_url"]>;
|
|
739
|
+
type OpenClawSkillSource = z.infer<typeof OpenClawSkillSourceSchema>;
|
|
740
|
+
declare const OpenClawPermissionSchema: z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>;
|
|
741
|
+
type OpenClawPermission = z.infer<typeof OpenClawPermissionSchema>;
|
|
742
|
+
declare const OpenClawActionTypeSchema: z.ZodEnum<["exec", "file_read", "file_write", "network", "env_access", "skill_install"]>;
|
|
743
|
+
type OpenClawActionType = z.infer<typeof OpenClawActionTypeSchema>;
|
|
744
|
+
declare const OpenClawGuardrailActionSchema: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
745
|
+
type OpenClawGuardrailAction = z.infer<typeof OpenClawGuardrailActionSchema>;
|
|
746
|
+
declare const OpenClawSkillVettingRequestSchema: z.ZodObject<{
|
|
747
|
+
skillId: z.ZodString;
|
|
748
|
+
name: z.ZodString;
|
|
749
|
+
source: z.ZodEnum<["local", "github", "clawhub", "remote_url"]>;
|
|
750
|
+
prompt: z.ZodString;
|
|
751
|
+
requestedPermissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>, "many">>;
|
|
752
|
+
hasChecksum: z.ZodDefault<z.ZodBoolean>;
|
|
753
|
+
signedPublisher: z.ZodDefault<z.ZodBoolean>;
|
|
754
|
+
maintainerReputation: z.ZodDefault<z.ZodEnum<["unknown", "trusted", "untrusted"]>>;
|
|
755
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
756
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
757
|
+
}, "strip", z.ZodTypeAny, {
|
|
758
|
+
name: string;
|
|
759
|
+
skillId: string;
|
|
760
|
+
source: "local" | "github" | "clawhub" | "remote_url";
|
|
761
|
+
prompt: string;
|
|
762
|
+
requestedPermissions: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[];
|
|
763
|
+
hasChecksum: boolean;
|
|
764
|
+
signedPublisher: boolean;
|
|
765
|
+
maintainerReputation: "unknown" | "trusted" | "untrusted";
|
|
766
|
+
metadata?: Record<string, unknown> | undefined;
|
|
767
|
+
requestId?: string | undefined;
|
|
768
|
+
}, {
|
|
769
|
+
name: string;
|
|
770
|
+
skillId: string;
|
|
771
|
+
source: "local" | "github" | "clawhub" | "remote_url";
|
|
772
|
+
prompt: string;
|
|
773
|
+
metadata?: Record<string, unknown> | undefined;
|
|
774
|
+
requestId?: string | undefined;
|
|
775
|
+
requestedPermissions?: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[] | undefined;
|
|
776
|
+
hasChecksum?: boolean | undefined;
|
|
777
|
+
signedPublisher?: boolean | undefined;
|
|
778
|
+
maintainerReputation?: "unknown" | "trusted" | "untrusted" | undefined;
|
|
779
|
+
}>;
|
|
780
|
+
type OpenClawSkillVettingRequest = z.infer<typeof OpenClawSkillVettingRequestSchema>;
|
|
781
|
+
declare const OpenClawSkillVettingResponseSchema: z.ZodObject<{
|
|
782
|
+
decisionId: z.ZodString;
|
|
783
|
+
action: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
784
|
+
riskScore: z.ZodNumber;
|
|
785
|
+
reasons: z.ZodArray<z.ZodString, "many">;
|
|
786
|
+
categories: z.ZodArray<z.ZodString, "many">;
|
|
787
|
+
requiresApproval: z.ZodBoolean;
|
|
788
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
789
|
+
}, "strip", z.ZodTypeAny, {
|
|
790
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
791
|
+
categories: string[];
|
|
792
|
+
decisionId: string;
|
|
793
|
+
riskScore: number;
|
|
794
|
+
reasons: string[];
|
|
795
|
+
requiresApproval: boolean;
|
|
796
|
+
requestId?: string | undefined;
|
|
797
|
+
}, {
|
|
798
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
799
|
+
categories: string[];
|
|
800
|
+
decisionId: string;
|
|
801
|
+
riskScore: number;
|
|
802
|
+
reasons: string[];
|
|
803
|
+
requiresApproval: boolean;
|
|
804
|
+
requestId?: string | undefined;
|
|
805
|
+
}>;
|
|
806
|
+
type OpenClawSkillVettingResponse = z.infer<typeof OpenClawSkillVettingResponseSchema>;
|
|
807
|
+
declare const OpenClawActionAuthorizeRequestSchema: z.ZodObject<{
|
|
808
|
+
actionType: z.ZodEnum<["exec", "file_read", "file_write", "network", "env_access", "skill_install"]>;
|
|
809
|
+
command: z.ZodOptional<z.ZodString>;
|
|
810
|
+
targetPath: z.ZodOptional<z.ZodString>;
|
|
811
|
+
targetDomain: z.ZodOptional<z.ZodString>;
|
|
812
|
+
requestedPermissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>, "many">>;
|
|
813
|
+
policy: z.ZodOptional<z.ZodObject<{
|
|
814
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
815
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
816
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
817
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
818
|
+
}, "strip", z.ZodTypeAny, {
|
|
819
|
+
sensitivePathPrefixes: string[];
|
|
820
|
+
networkAllowlist: string[];
|
|
821
|
+
blockShellPatterns: string[];
|
|
822
|
+
requireApprovalScore: number;
|
|
823
|
+
}, {
|
|
824
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
825
|
+
networkAllowlist?: string[] | undefined;
|
|
826
|
+
blockShellPatterns?: string[] | undefined;
|
|
827
|
+
requireApprovalScore?: number | undefined;
|
|
828
|
+
}>>;
|
|
829
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
830
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
831
|
+
}, "strip", z.ZodTypeAny, {
|
|
832
|
+
requestedPermissions: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[];
|
|
833
|
+
actionType: "exec" | "file_read" | "file_write" | "network" | "env_access" | "skill_install";
|
|
834
|
+
policy?: {
|
|
835
|
+
sensitivePathPrefixes: string[];
|
|
836
|
+
networkAllowlist: string[];
|
|
837
|
+
blockShellPatterns: string[];
|
|
838
|
+
requireApprovalScore: number;
|
|
839
|
+
} | undefined;
|
|
840
|
+
metadata?: Record<string, unknown> | undefined;
|
|
841
|
+
requestId?: string | undefined;
|
|
842
|
+
command?: string | undefined;
|
|
843
|
+
targetPath?: string | undefined;
|
|
844
|
+
targetDomain?: string | undefined;
|
|
845
|
+
}, {
|
|
846
|
+
actionType: "exec" | "file_read" | "file_write" | "network" | "env_access" | "skill_install";
|
|
847
|
+
policy?: {
|
|
848
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
849
|
+
networkAllowlist?: string[] | undefined;
|
|
850
|
+
blockShellPatterns?: string[] | undefined;
|
|
851
|
+
requireApprovalScore?: number | undefined;
|
|
852
|
+
} | undefined;
|
|
853
|
+
metadata?: Record<string, unknown> | undefined;
|
|
854
|
+
requestId?: string | undefined;
|
|
855
|
+
requestedPermissions?: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[] | undefined;
|
|
856
|
+
command?: string | undefined;
|
|
857
|
+
targetPath?: string | undefined;
|
|
858
|
+
targetDomain?: string | undefined;
|
|
859
|
+
}>;
|
|
860
|
+
type OpenClawActionAuthorizeRequest = z.infer<typeof OpenClawActionAuthorizeRequestSchema>;
|
|
861
|
+
declare const OpenClawActionAuthorizeResponseSchema: z.ZodObject<{
|
|
862
|
+
decisionId: z.ZodString;
|
|
863
|
+
action: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
864
|
+
riskScore: z.ZodNumber;
|
|
865
|
+
reasons: z.ZodArray<z.ZodString, "many">;
|
|
866
|
+
categories: z.ZodArray<z.ZodString, "many">;
|
|
867
|
+
requiresApproval: z.ZodBoolean;
|
|
868
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
869
|
+
}, "strip", z.ZodTypeAny, {
|
|
870
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
871
|
+
categories: string[];
|
|
872
|
+
decisionId: string;
|
|
873
|
+
riskScore: number;
|
|
874
|
+
reasons: string[];
|
|
875
|
+
requiresApproval: boolean;
|
|
876
|
+
requestId?: string | undefined;
|
|
877
|
+
}, {
|
|
878
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
879
|
+
categories: string[];
|
|
880
|
+
decisionId: string;
|
|
881
|
+
riskScore: number;
|
|
882
|
+
reasons: string[];
|
|
883
|
+
requiresApproval: boolean;
|
|
884
|
+
requestId?: string | undefined;
|
|
885
|
+
}>;
|
|
886
|
+
type OpenClawActionAuthorizeResponse = z.infer<typeof OpenClawActionAuthorizeResponseSchema>;
|
|
887
|
+
declare const OpenClawGuardrailPolicySchema: z.ZodObject<{
|
|
888
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
889
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
890
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
891
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
892
|
+
}, "strip", z.ZodTypeAny, {
|
|
893
|
+
sensitivePathPrefixes: string[];
|
|
894
|
+
networkAllowlist: string[];
|
|
895
|
+
blockShellPatterns: string[];
|
|
896
|
+
requireApprovalScore: number;
|
|
897
|
+
}, {
|
|
898
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
899
|
+
networkAllowlist?: string[] | undefined;
|
|
900
|
+
blockShellPatterns?: string[] | undefined;
|
|
901
|
+
requireApprovalScore?: number | undefined;
|
|
902
|
+
}>;
|
|
903
|
+
type OpenClawGuardrailPolicy = z.infer<typeof OpenClawGuardrailPolicySchema>;
|
|
904
|
+
declare const UpdateOpenClawGuardrailPolicyRequestSchema: z.ZodObject<{
|
|
905
|
+
projectId: z.ZodString;
|
|
906
|
+
policy: z.ZodObject<{
|
|
907
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
908
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
909
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
910
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
911
|
+
}, "strip", z.ZodTypeAny, {
|
|
912
|
+
sensitivePathPrefixes: string[];
|
|
913
|
+
networkAllowlist: string[];
|
|
914
|
+
blockShellPatterns: string[];
|
|
915
|
+
requireApprovalScore: number;
|
|
916
|
+
}, {
|
|
917
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
918
|
+
networkAllowlist?: string[] | undefined;
|
|
919
|
+
blockShellPatterns?: string[] | undefined;
|
|
920
|
+
requireApprovalScore?: number | undefined;
|
|
921
|
+
}>;
|
|
922
|
+
}, "strip", z.ZodTypeAny, {
|
|
923
|
+
policy: {
|
|
924
|
+
sensitivePathPrefixes: string[];
|
|
925
|
+
networkAllowlist: string[];
|
|
926
|
+
blockShellPatterns: string[];
|
|
927
|
+
requireApprovalScore: number;
|
|
928
|
+
};
|
|
929
|
+
projectId: string;
|
|
930
|
+
}, {
|
|
931
|
+
policy: {
|
|
932
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
933
|
+
networkAllowlist?: string[] | undefined;
|
|
934
|
+
blockShellPatterns?: string[] | undefined;
|
|
935
|
+
requireApprovalScore?: number | undefined;
|
|
936
|
+
};
|
|
937
|
+
projectId: string;
|
|
938
|
+
}>;
|
|
939
|
+
type UpdateOpenClawGuardrailPolicyRequest = z.infer<typeof UpdateOpenClawGuardrailPolicyRequestSchema>;
|
|
940
|
+
declare const RollbackOpenClawGuardrailPolicyRequestSchema: z.ZodObject<{
|
|
941
|
+
projectId: z.ZodString;
|
|
942
|
+
version: z.ZodString;
|
|
943
|
+
}, "strip", z.ZodTypeAny, {
|
|
944
|
+
version: string;
|
|
945
|
+
projectId: string;
|
|
946
|
+
}, {
|
|
947
|
+
version: string;
|
|
948
|
+
projectId: string;
|
|
949
|
+
}>;
|
|
950
|
+
type RollbackOpenClawGuardrailPolicyRequest = z.infer<typeof RollbackOpenClawGuardrailPolicyRequestSchema>;
|
|
738
951
|
declare class ModerationError extends Error {
|
|
739
952
|
code: string;
|
|
740
953
|
statusCode: number;
|
|
@@ -747,19 +960,19 @@ declare class PolicyValidationError extends ModerationError {
|
|
|
747
960
|
declare class ProviderError extends ModerationError {
|
|
748
961
|
constructor(message: string, provider: ProviderName, details?: Record<string, unknown>);
|
|
749
962
|
}
|
|
750
|
-
declare const WebhookEventTypeSchema: z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "policy.created", "policy.updated"]>;
|
|
963
|
+
declare const WebhookEventTypeSchema: z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "openclaw.guardrail.blocked", "openclaw.guardrail.approval_required", "policy.created", "policy.updated"]>;
|
|
751
964
|
type WebhookEventType = z.infer<typeof WebhookEventTypeSchema>;
|
|
752
965
|
declare const WebhookEndpointSchema: z.ZodObject<{
|
|
753
966
|
url: z.ZodEffects<z.ZodString, string, string>;
|
|
754
|
-
events: z.ZodArray<z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "policy.created", "policy.updated"]>, "many">;
|
|
967
|
+
events: z.ZodArray<z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "openclaw.guardrail.blocked", "openclaw.guardrail.approval_required", "policy.created", "policy.updated"]>, "many">;
|
|
755
968
|
description: z.ZodOptional<z.ZodString>;
|
|
756
969
|
}, "strip", z.ZodTypeAny, {
|
|
757
970
|
url: string;
|
|
758
|
-
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "policy.created" | "policy.updated")[];
|
|
971
|
+
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "openclaw.guardrail.blocked" | "openclaw.guardrail.approval_required" | "policy.created" | "policy.updated")[];
|
|
759
972
|
description?: string | undefined;
|
|
760
973
|
}, {
|
|
761
974
|
url: string;
|
|
762
|
-
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "policy.created" | "policy.updated")[];
|
|
975
|
+
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "openclaw.guardrail.blocked" | "openclaw.guardrail.approval_required" | "policy.created" | "policy.updated")[];
|
|
763
976
|
description?: string | undefined;
|
|
764
977
|
}>;
|
|
765
978
|
type WebhookEndpoint = z.infer<typeof WebhookEndpointSchema>;
|
|
@@ -802,4 +1015,4 @@ declare function formatCost(cost: number): string;
|
|
|
802
1015
|
*/
|
|
803
1016
|
declare function formatLatency(ms: number): string;
|
|
804
1017
|
|
|
805
|
-
export { type Action, ActionSchema, type Category, CategorySchema, type CheckRequest, CheckRequestSchema, type CheckResponse, CheckResponseSchema, type ContentItemResult, ContentItemResultSchema, type ContentType, ContentTypeSchema, type Decision, DecisionSchema, type FallbackConfig, FallbackConfigSchema, type JsonArray, type JsonObject, type JsonPrimitive, type JsonValue, type ModerationContext, ModerationError, type MultiModalCheckRequest, MultiModalCheckRequestSchema, type MultiModalCheckResponse, MultiModalCheckResponseSchema, type Override, OverrideSchema, type Policy, PolicySchema, PolicyValidationError, ProviderError, type ProviderName, ProviderNameSchema, type ProviderResult, type ReplayRequest, ReplayRequestSchema, type Rule, RuleSchema, type UseCaseType, UseCaseTypeSchema, type WebhookEndpoint, WebhookEndpointSchema, type WebhookEventType, WebhookEventTypeSchema, calculatePolicyVersion, formatCost, formatLatency, generateRequestId, generateUUID, hashContent };
|
|
1018
|
+
export { type Action, ActionSchema, type Category, CategorySchema, type CheckRequest, CheckRequestSchema, type CheckResponse, CheckResponseSchema, type ContentItemResult, ContentItemResultSchema, type ContentType, ContentTypeSchema, type Decision, DecisionSchema, type FallbackConfig, FallbackConfigSchema, type JsonArray, type JsonObject, type JsonPrimitive, type JsonValue, type ModerationContext, ModerationError, type MultiModalCheckRequest, MultiModalCheckRequestSchema, type MultiModalCheckResponse, MultiModalCheckResponseSchema, type OpenClawActionAuthorizeRequest, OpenClawActionAuthorizeRequestSchema, type OpenClawActionAuthorizeResponse, OpenClawActionAuthorizeResponseSchema, type OpenClawActionType, OpenClawActionTypeSchema, type OpenClawGuardrailAction, OpenClawGuardrailActionSchema, type OpenClawGuardrailPolicy, OpenClawGuardrailPolicySchema, type OpenClawPermission, OpenClawPermissionSchema, type OpenClawSkillSource, OpenClawSkillSourceSchema, type OpenClawSkillVettingRequest, OpenClawSkillVettingRequestSchema, type OpenClawSkillVettingResponse, OpenClawSkillVettingResponseSchema, type Override, OverrideSchema, type Policy, PolicySchema, PolicyValidationError, ProviderError, type ProviderName, ProviderNameSchema, type ProviderResult, type ReplayRequest, ReplayRequestSchema, type RollbackOpenClawGuardrailPolicyRequest, RollbackOpenClawGuardrailPolicyRequestSchema, type Rule, RuleSchema, type UpdateOpenClawGuardrailPolicyRequest, UpdateOpenClawGuardrailPolicyRequestSchema, type UseCaseType, UseCaseTypeSchema, type WebhookEndpoint, WebhookEndpointSchema, type WebhookEventType, WebhookEventTypeSchema, calculatePolicyVersion, formatCost, formatLatency, generateRequestId, generateUUID, hashContent };
|
package/dist/index.d.ts
CHANGED
|
@@ -735,6 +735,219 @@ declare const ReplayRequestSchema: z.ZodObject<{
|
|
|
735
735
|
decisionId: string;
|
|
736
736
|
}>;
|
|
737
737
|
type ReplayRequest = z.infer<typeof ReplayRequestSchema>;
|
|
738
|
+
declare const OpenClawSkillSourceSchema: z.ZodEnum<["local", "github", "clawhub", "remote_url"]>;
|
|
739
|
+
type OpenClawSkillSource = z.infer<typeof OpenClawSkillSourceSchema>;
|
|
740
|
+
declare const OpenClawPermissionSchema: z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>;
|
|
741
|
+
type OpenClawPermission = z.infer<typeof OpenClawPermissionSchema>;
|
|
742
|
+
declare const OpenClawActionTypeSchema: z.ZodEnum<["exec", "file_read", "file_write", "network", "env_access", "skill_install"]>;
|
|
743
|
+
type OpenClawActionType = z.infer<typeof OpenClawActionTypeSchema>;
|
|
744
|
+
declare const OpenClawGuardrailActionSchema: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
745
|
+
type OpenClawGuardrailAction = z.infer<typeof OpenClawGuardrailActionSchema>;
|
|
746
|
+
declare const OpenClawSkillVettingRequestSchema: z.ZodObject<{
|
|
747
|
+
skillId: z.ZodString;
|
|
748
|
+
name: z.ZodString;
|
|
749
|
+
source: z.ZodEnum<["local", "github", "clawhub", "remote_url"]>;
|
|
750
|
+
prompt: z.ZodString;
|
|
751
|
+
requestedPermissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>, "many">>;
|
|
752
|
+
hasChecksum: z.ZodDefault<z.ZodBoolean>;
|
|
753
|
+
signedPublisher: z.ZodDefault<z.ZodBoolean>;
|
|
754
|
+
maintainerReputation: z.ZodDefault<z.ZodEnum<["unknown", "trusted", "untrusted"]>>;
|
|
755
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
756
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
757
|
+
}, "strip", z.ZodTypeAny, {
|
|
758
|
+
name: string;
|
|
759
|
+
skillId: string;
|
|
760
|
+
source: "local" | "github" | "clawhub" | "remote_url";
|
|
761
|
+
prompt: string;
|
|
762
|
+
requestedPermissions: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[];
|
|
763
|
+
hasChecksum: boolean;
|
|
764
|
+
signedPublisher: boolean;
|
|
765
|
+
maintainerReputation: "unknown" | "trusted" | "untrusted";
|
|
766
|
+
metadata?: Record<string, unknown> | undefined;
|
|
767
|
+
requestId?: string | undefined;
|
|
768
|
+
}, {
|
|
769
|
+
name: string;
|
|
770
|
+
skillId: string;
|
|
771
|
+
source: "local" | "github" | "clawhub" | "remote_url";
|
|
772
|
+
prompt: string;
|
|
773
|
+
metadata?: Record<string, unknown> | undefined;
|
|
774
|
+
requestId?: string | undefined;
|
|
775
|
+
requestedPermissions?: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[] | undefined;
|
|
776
|
+
hasChecksum?: boolean | undefined;
|
|
777
|
+
signedPublisher?: boolean | undefined;
|
|
778
|
+
maintainerReputation?: "unknown" | "trusted" | "untrusted" | undefined;
|
|
779
|
+
}>;
|
|
780
|
+
type OpenClawSkillVettingRequest = z.infer<typeof OpenClawSkillVettingRequestSchema>;
|
|
781
|
+
declare const OpenClawSkillVettingResponseSchema: z.ZodObject<{
|
|
782
|
+
decisionId: z.ZodString;
|
|
783
|
+
action: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
784
|
+
riskScore: z.ZodNumber;
|
|
785
|
+
reasons: z.ZodArray<z.ZodString, "many">;
|
|
786
|
+
categories: z.ZodArray<z.ZodString, "many">;
|
|
787
|
+
requiresApproval: z.ZodBoolean;
|
|
788
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
789
|
+
}, "strip", z.ZodTypeAny, {
|
|
790
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
791
|
+
categories: string[];
|
|
792
|
+
decisionId: string;
|
|
793
|
+
riskScore: number;
|
|
794
|
+
reasons: string[];
|
|
795
|
+
requiresApproval: boolean;
|
|
796
|
+
requestId?: string | undefined;
|
|
797
|
+
}, {
|
|
798
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
799
|
+
categories: string[];
|
|
800
|
+
decisionId: string;
|
|
801
|
+
riskScore: number;
|
|
802
|
+
reasons: string[];
|
|
803
|
+
requiresApproval: boolean;
|
|
804
|
+
requestId?: string | undefined;
|
|
805
|
+
}>;
|
|
806
|
+
type OpenClawSkillVettingResponse = z.infer<typeof OpenClawSkillVettingResponseSchema>;
|
|
807
|
+
declare const OpenClawActionAuthorizeRequestSchema: z.ZodObject<{
|
|
808
|
+
actionType: z.ZodEnum<["exec", "file_read", "file_write", "network", "env_access", "skill_install"]>;
|
|
809
|
+
command: z.ZodOptional<z.ZodString>;
|
|
810
|
+
targetPath: z.ZodOptional<z.ZodString>;
|
|
811
|
+
targetDomain: z.ZodOptional<z.ZodString>;
|
|
812
|
+
requestedPermissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["read_file", "write_file", "delete_file", "run_shell", "network_access", "access_secrets"]>, "many">>;
|
|
813
|
+
policy: z.ZodOptional<z.ZodObject<{
|
|
814
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
815
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
816
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
817
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
818
|
+
}, "strip", z.ZodTypeAny, {
|
|
819
|
+
sensitivePathPrefixes: string[];
|
|
820
|
+
networkAllowlist: string[];
|
|
821
|
+
blockShellPatterns: string[];
|
|
822
|
+
requireApprovalScore: number;
|
|
823
|
+
}, {
|
|
824
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
825
|
+
networkAllowlist?: string[] | undefined;
|
|
826
|
+
blockShellPatterns?: string[] | undefined;
|
|
827
|
+
requireApprovalScore?: number | undefined;
|
|
828
|
+
}>>;
|
|
829
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
830
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
831
|
+
}, "strip", z.ZodTypeAny, {
|
|
832
|
+
requestedPermissions: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[];
|
|
833
|
+
actionType: "exec" | "file_read" | "file_write" | "network" | "env_access" | "skill_install";
|
|
834
|
+
policy?: {
|
|
835
|
+
sensitivePathPrefixes: string[];
|
|
836
|
+
networkAllowlist: string[];
|
|
837
|
+
blockShellPatterns: string[];
|
|
838
|
+
requireApprovalScore: number;
|
|
839
|
+
} | undefined;
|
|
840
|
+
metadata?: Record<string, unknown> | undefined;
|
|
841
|
+
requestId?: string | undefined;
|
|
842
|
+
command?: string | undefined;
|
|
843
|
+
targetPath?: string | undefined;
|
|
844
|
+
targetDomain?: string | undefined;
|
|
845
|
+
}, {
|
|
846
|
+
actionType: "exec" | "file_read" | "file_write" | "network" | "env_access" | "skill_install";
|
|
847
|
+
policy?: {
|
|
848
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
849
|
+
networkAllowlist?: string[] | undefined;
|
|
850
|
+
blockShellPatterns?: string[] | undefined;
|
|
851
|
+
requireApprovalScore?: number | undefined;
|
|
852
|
+
} | undefined;
|
|
853
|
+
metadata?: Record<string, unknown> | undefined;
|
|
854
|
+
requestId?: string | undefined;
|
|
855
|
+
requestedPermissions?: ("read_file" | "write_file" | "delete_file" | "run_shell" | "network_access" | "access_secrets")[] | undefined;
|
|
856
|
+
command?: string | undefined;
|
|
857
|
+
targetPath?: string | undefined;
|
|
858
|
+
targetDomain?: string | undefined;
|
|
859
|
+
}>;
|
|
860
|
+
type OpenClawActionAuthorizeRequest = z.infer<typeof OpenClawActionAuthorizeRequestSchema>;
|
|
861
|
+
declare const OpenClawActionAuthorizeResponseSchema: z.ZodObject<{
|
|
862
|
+
decisionId: z.ZodString;
|
|
863
|
+
action: z.ZodEnum<["allow", "warn", "flag", "block"]>;
|
|
864
|
+
riskScore: z.ZodNumber;
|
|
865
|
+
reasons: z.ZodArray<z.ZodString, "many">;
|
|
866
|
+
categories: z.ZodArray<z.ZodString, "many">;
|
|
867
|
+
requiresApproval: z.ZodBoolean;
|
|
868
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
869
|
+
}, "strip", z.ZodTypeAny, {
|
|
870
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
871
|
+
categories: string[];
|
|
872
|
+
decisionId: string;
|
|
873
|
+
riskScore: number;
|
|
874
|
+
reasons: string[];
|
|
875
|
+
requiresApproval: boolean;
|
|
876
|
+
requestId?: string | undefined;
|
|
877
|
+
}, {
|
|
878
|
+
action: "block" | "warn" | "flag" | "allow";
|
|
879
|
+
categories: string[];
|
|
880
|
+
decisionId: string;
|
|
881
|
+
riskScore: number;
|
|
882
|
+
reasons: string[];
|
|
883
|
+
requiresApproval: boolean;
|
|
884
|
+
requestId?: string | undefined;
|
|
885
|
+
}>;
|
|
886
|
+
type OpenClawActionAuthorizeResponse = z.infer<typeof OpenClawActionAuthorizeResponseSchema>;
|
|
887
|
+
declare const OpenClawGuardrailPolicySchema: z.ZodObject<{
|
|
888
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
889
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
890
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
891
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
892
|
+
}, "strip", z.ZodTypeAny, {
|
|
893
|
+
sensitivePathPrefixes: string[];
|
|
894
|
+
networkAllowlist: string[];
|
|
895
|
+
blockShellPatterns: string[];
|
|
896
|
+
requireApprovalScore: number;
|
|
897
|
+
}, {
|
|
898
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
899
|
+
networkAllowlist?: string[] | undefined;
|
|
900
|
+
blockShellPatterns?: string[] | undefined;
|
|
901
|
+
requireApprovalScore?: number | undefined;
|
|
902
|
+
}>;
|
|
903
|
+
type OpenClawGuardrailPolicy = z.infer<typeof OpenClawGuardrailPolicySchema>;
|
|
904
|
+
declare const UpdateOpenClawGuardrailPolicyRequestSchema: z.ZodObject<{
|
|
905
|
+
projectId: z.ZodString;
|
|
906
|
+
policy: z.ZodObject<{
|
|
907
|
+
sensitivePathPrefixes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
908
|
+
networkAllowlist: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
909
|
+
blockShellPatterns: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
910
|
+
requireApprovalScore: z.ZodDefault<z.ZodNumber>;
|
|
911
|
+
}, "strip", z.ZodTypeAny, {
|
|
912
|
+
sensitivePathPrefixes: string[];
|
|
913
|
+
networkAllowlist: string[];
|
|
914
|
+
blockShellPatterns: string[];
|
|
915
|
+
requireApprovalScore: number;
|
|
916
|
+
}, {
|
|
917
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
918
|
+
networkAllowlist?: string[] | undefined;
|
|
919
|
+
blockShellPatterns?: string[] | undefined;
|
|
920
|
+
requireApprovalScore?: number | undefined;
|
|
921
|
+
}>;
|
|
922
|
+
}, "strip", z.ZodTypeAny, {
|
|
923
|
+
policy: {
|
|
924
|
+
sensitivePathPrefixes: string[];
|
|
925
|
+
networkAllowlist: string[];
|
|
926
|
+
blockShellPatterns: string[];
|
|
927
|
+
requireApprovalScore: number;
|
|
928
|
+
};
|
|
929
|
+
projectId: string;
|
|
930
|
+
}, {
|
|
931
|
+
policy: {
|
|
932
|
+
sensitivePathPrefixes?: string[] | undefined;
|
|
933
|
+
networkAllowlist?: string[] | undefined;
|
|
934
|
+
blockShellPatterns?: string[] | undefined;
|
|
935
|
+
requireApprovalScore?: number | undefined;
|
|
936
|
+
};
|
|
937
|
+
projectId: string;
|
|
938
|
+
}>;
|
|
939
|
+
type UpdateOpenClawGuardrailPolicyRequest = z.infer<typeof UpdateOpenClawGuardrailPolicyRequestSchema>;
|
|
940
|
+
declare const RollbackOpenClawGuardrailPolicyRequestSchema: z.ZodObject<{
|
|
941
|
+
projectId: z.ZodString;
|
|
942
|
+
version: z.ZodString;
|
|
943
|
+
}, "strip", z.ZodTypeAny, {
|
|
944
|
+
version: string;
|
|
945
|
+
projectId: string;
|
|
946
|
+
}, {
|
|
947
|
+
version: string;
|
|
948
|
+
projectId: string;
|
|
949
|
+
}>;
|
|
950
|
+
type RollbackOpenClawGuardrailPolicyRequest = z.infer<typeof RollbackOpenClawGuardrailPolicyRequestSchema>;
|
|
738
951
|
declare class ModerationError extends Error {
|
|
739
952
|
code: string;
|
|
740
953
|
statusCode: number;
|
|
@@ -747,19 +960,19 @@ declare class PolicyValidationError extends ModerationError {
|
|
|
747
960
|
declare class ProviderError extends ModerationError {
|
|
748
961
|
constructor(message: string, provider: ProviderName, details?: Record<string, unknown>);
|
|
749
962
|
}
|
|
750
|
-
declare const WebhookEventTypeSchema: z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "policy.created", "policy.updated"]>;
|
|
963
|
+
declare const WebhookEventTypeSchema: z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "openclaw.guardrail.blocked", "openclaw.guardrail.approval_required", "policy.created", "policy.updated"]>;
|
|
751
964
|
type WebhookEventType = z.infer<typeof WebhookEventTypeSchema>;
|
|
752
965
|
declare const WebhookEndpointSchema: z.ZodObject<{
|
|
753
966
|
url: z.ZodEffects<z.ZodString, string, string>;
|
|
754
|
-
events: z.ZodArray<z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "policy.created", "policy.updated"]>, "many">;
|
|
967
|
+
events: z.ZodArray<z.ZodEnum<["decision.created", "decision.flagged", "decision.blocked", "openclaw.guardrail.blocked", "openclaw.guardrail.approval_required", "policy.created", "policy.updated"]>, "many">;
|
|
755
968
|
description: z.ZodOptional<z.ZodString>;
|
|
756
969
|
}, "strip", z.ZodTypeAny, {
|
|
757
970
|
url: string;
|
|
758
|
-
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "policy.created" | "policy.updated")[];
|
|
971
|
+
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "openclaw.guardrail.blocked" | "openclaw.guardrail.approval_required" | "policy.created" | "policy.updated")[];
|
|
759
972
|
description?: string | undefined;
|
|
760
973
|
}, {
|
|
761
974
|
url: string;
|
|
762
|
-
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "policy.created" | "policy.updated")[];
|
|
975
|
+
events: ("decision.created" | "decision.flagged" | "decision.blocked" | "openclaw.guardrail.blocked" | "openclaw.guardrail.approval_required" | "policy.created" | "policy.updated")[];
|
|
763
976
|
description?: string | undefined;
|
|
764
977
|
}>;
|
|
765
978
|
type WebhookEndpoint = z.infer<typeof WebhookEndpointSchema>;
|
|
@@ -802,4 +1015,4 @@ declare function formatCost(cost: number): string;
|
|
|
802
1015
|
*/
|
|
803
1016
|
declare function formatLatency(ms: number): string;
|
|
804
1017
|
|
|
805
|
-
export { type Action, ActionSchema, type Category, CategorySchema, type CheckRequest, CheckRequestSchema, type CheckResponse, CheckResponseSchema, type ContentItemResult, ContentItemResultSchema, type ContentType, ContentTypeSchema, type Decision, DecisionSchema, type FallbackConfig, FallbackConfigSchema, type JsonArray, type JsonObject, type JsonPrimitive, type JsonValue, type ModerationContext, ModerationError, type MultiModalCheckRequest, MultiModalCheckRequestSchema, type MultiModalCheckResponse, MultiModalCheckResponseSchema, type Override, OverrideSchema, type Policy, PolicySchema, PolicyValidationError, ProviderError, type ProviderName, ProviderNameSchema, type ProviderResult, type ReplayRequest, ReplayRequestSchema, type Rule, RuleSchema, type UseCaseType, UseCaseTypeSchema, type WebhookEndpoint, WebhookEndpointSchema, type WebhookEventType, WebhookEventTypeSchema, calculatePolicyVersion, formatCost, formatLatency, generateRequestId, generateUUID, hashContent };
|
|
1018
|
+
export { type Action, ActionSchema, type Category, CategorySchema, type CheckRequest, CheckRequestSchema, type CheckResponse, CheckResponseSchema, type ContentItemResult, ContentItemResultSchema, type ContentType, ContentTypeSchema, type Decision, DecisionSchema, type FallbackConfig, FallbackConfigSchema, type JsonArray, type JsonObject, type JsonPrimitive, type JsonValue, type ModerationContext, ModerationError, type MultiModalCheckRequest, MultiModalCheckRequestSchema, type MultiModalCheckResponse, MultiModalCheckResponseSchema, type OpenClawActionAuthorizeRequest, OpenClawActionAuthorizeRequestSchema, type OpenClawActionAuthorizeResponse, OpenClawActionAuthorizeResponseSchema, type OpenClawActionType, OpenClawActionTypeSchema, type OpenClawGuardrailAction, OpenClawGuardrailActionSchema, type OpenClawGuardrailPolicy, OpenClawGuardrailPolicySchema, type OpenClawPermission, OpenClawPermissionSchema, type OpenClawSkillSource, OpenClawSkillSourceSchema, type OpenClawSkillVettingRequest, OpenClawSkillVettingRequestSchema, type OpenClawSkillVettingResponse, OpenClawSkillVettingResponseSchema, type Override, OverrideSchema, type Policy, PolicySchema, PolicyValidationError, ProviderError, type ProviderName, ProviderNameSchema, type ProviderResult, type ReplayRequest, ReplayRequestSchema, type RollbackOpenClawGuardrailPolicyRequest, RollbackOpenClawGuardrailPolicyRequestSchema, type Rule, RuleSchema, type UpdateOpenClawGuardrailPolicyRequest, UpdateOpenClawGuardrailPolicyRequestSchema, type UseCaseType, UseCaseTypeSchema, type WebhookEndpoint, WebhookEndpointSchema, type WebhookEventType, WebhookEventTypeSchema, calculatePolicyVersion, formatCost, formatLatency, generateRequestId, generateUUID, hashContent };
|
package/dist/index.js
CHANGED
|
@@ -206,6 +206,83 @@ var ReplayRequestSchema = z.object({
|
|
|
206
206
|
decisionId: z.string().uuid(),
|
|
207
207
|
policyId: z.string()
|
|
208
208
|
});
|
|
209
|
+
var OpenClawSkillSourceSchema = z.enum(["local", "github", "clawhub", "remote_url"]);
|
|
210
|
+
var OpenClawPermissionSchema = z.enum([
|
|
211
|
+
"read_file",
|
|
212
|
+
"write_file",
|
|
213
|
+
"delete_file",
|
|
214
|
+
"run_shell",
|
|
215
|
+
"network_access",
|
|
216
|
+
"access_secrets"
|
|
217
|
+
]);
|
|
218
|
+
var OpenClawActionTypeSchema = z.enum([
|
|
219
|
+
"exec",
|
|
220
|
+
"file_read",
|
|
221
|
+
"file_write",
|
|
222
|
+
"network",
|
|
223
|
+
"env_access",
|
|
224
|
+
"skill_install"
|
|
225
|
+
]);
|
|
226
|
+
var OpenClawGuardrailActionSchema = z.enum(["allow", "warn", "flag", "block"]);
|
|
227
|
+
var OpenClawSkillVettingRequestSchema = z.object({
|
|
228
|
+
skillId: z.string().min(1).max(200),
|
|
229
|
+
name: z.string().min(1).max(200),
|
|
230
|
+
source: OpenClawSkillSourceSchema,
|
|
231
|
+
prompt: z.string().min(1).max(5e4),
|
|
232
|
+
requestedPermissions: z.array(OpenClawPermissionSchema).max(20).default([]),
|
|
233
|
+
hasChecksum: z.boolean().default(false),
|
|
234
|
+
signedPublisher: z.boolean().default(false),
|
|
235
|
+
maintainerReputation: z.enum(["unknown", "trusted", "untrusted"]).default("unknown"),
|
|
236
|
+
metadata: z.record(z.unknown()).optional(),
|
|
237
|
+
requestId: z.string().optional()
|
|
238
|
+
});
|
|
239
|
+
var OpenClawSkillVettingResponseSchema = z.object({
|
|
240
|
+
decisionId: z.string().uuid(),
|
|
241
|
+
action: OpenClawGuardrailActionSchema,
|
|
242
|
+
riskScore: z.number().int().min(0).max(100),
|
|
243
|
+
reasons: z.array(z.string()),
|
|
244
|
+
categories: z.array(z.string()),
|
|
245
|
+
requiresApproval: z.boolean(),
|
|
246
|
+
requestId: z.string().optional()
|
|
247
|
+
});
|
|
248
|
+
var OpenClawActionAuthorizeRequestSchema = z.object({
|
|
249
|
+
actionType: OpenClawActionTypeSchema,
|
|
250
|
+
command: z.string().max(5e3).optional(),
|
|
251
|
+
targetPath: z.string().max(2e3).optional(),
|
|
252
|
+
targetDomain: z.string().max(500).optional(),
|
|
253
|
+
requestedPermissions: z.array(OpenClawPermissionSchema).max(20).default([]),
|
|
254
|
+
policy: z.object({
|
|
255
|
+
sensitivePathPrefixes: z.array(z.string().min(1).max(500)).max(200).default([]),
|
|
256
|
+
networkAllowlist: z.array(z.string().min(1).max(200)).max(500).default([]),
|
|
257
|
+
blockShellPatterns: z.array(z.string().min(1).max(200)).max(200).default([]),
|
|
258
|
+
requireApprovalScore: z.number().int().min(0).max(100).default(40)
|
|
259
|
+
}).optional(),
|
|
260
|
+
metadata: z.record(z.unknown()).optional(),
|
|
261
|
+
requestId: z.string().optional()
|
|
262
|
+
});
|
|
263
|
+
var OpenClawActionAuthorizeResponseSchema = z.object({
|
|
264
|
+
decisionId: z.string().uuid(),
|
|
265
|
+
action: OpenClawGuardrailActionSchema,
|
|
266
|
+
riskScore: z.number().int().min(0).max(100),
|
|
267
|
+
reasons: z.array(z.string()),
|
|
268
|
+
categories: z.array(z.string()),
|
|
269
|
+
requiresApproval: z.boolean(),
|
|
270
|
+
requestId: z.string().optional()
|
|
271
|
+
});
|
|
272
|
+
var OpenClawGuardrailPolicySchema = z.object({
|
|
273
|
+
sensitivePathPrefixes: z.array(z.string().min(1).max(500)).max(200).default([]),
|
|
274
|
+
networkAllowlist: z.array(z.string().min(1).max(200)).max(500).default([]),
|
|
275
|
+
blockShellPatterns: z.array(z.string().min(1).max(200)).max(200).default([]),
|
|
276
|
+
requireApprovalScore: z.number().int().min(0).max(100).default(40)
|
|
277
|
+
});
|
|
278
|
+
var UpdateOpenClawGuardrailPolicyRequestSchema = z.object({
|
|
279
|
+
projectId: z.string().uuid(),
|
|
280
|
+
policy: OpenClawGuardrailPolicySchema
|
|
281
|
+
});
|
|
282
|
+
var RollbackOpenClawGuardrailPolicyRequestSchema = z.object({
|
|
283
|
+
projectId: z.string().uuid(),
|
|
284
|
+
version: z.string().min(1).max(64)
|
|
285
|
+
});
|
|
209
286
|
var ModerationError = class extends Error {
|
|
210
287
|
constructor(message, code, statusCode = 500, details) {
|
|
211
288
|
super(message);
|
|
@@ -231,6 +308,8 @@ var WebhookEventTypeSchema = z.enum([
|
|
|
231
308
|
"decision.created",
|
|
232
309
|
"decision.flagged",
|
|
233
310
|
"decision.blocked",
|
|
311
|
+
"openclaw.guardrail.blocked",
|
|
312
|
+
"openclaw.guardrail.approval_required",
|
|
234
313
|
"policy.created",
|
|
235
314
|
"policy.updated"
|
|
236
315
|
]);
|
|
@@ -283,13 +362,24 @@ export {
|
|
|
283
362
|
ModerationError,
|
|
284
363
|
MultiModalCheckRequestSchema,
|
|
285
364
|
MultiModalCheckResponseSchema,
|
|
365
|
+
OpenClawActionAuthorizeRequestSchema,
|
|
366
|
+
OpenClawActionAuthorizeResponseSchema,
|
|
367
|
+
OpenClawActionTypeSchema,
|
|
368
|
+
OpenClawGuardrailActionSchema,
|
|
369
|
+
OpenClawGuardrailPolicySchema,
|
|
370
|
+
OpenClawPermissionSchema,
|
|
371
|
+
OpenClawSkillSourceSchema,
|
|
372
|
+
OpenClawSkillVettingRequestSchema,
|
|
373
|
+
OpenClawSkillVettingResponseSchema,
|
|
286
374
|
OverrideSchema,
|
|
287
375
|
PolicySchema,
|
|
288
376
|
PolicyValidationError,
|
|
289
377
|
ProviderError,
|
|
290
378
|
ProviderNameSchema,
|
|
291
379
|
ReplayRequestSchema,
|
|
380
|
+
RollbackOpenClawGuardrailPolicyRequestSchema,
|
|
292
381
|
RuleSchema,
|
|
382
|
+
UpdateOpenClawGuardrailPolicyRequestSchema,
|
|
293
383
|
UseCaseTypeSchema,
|
|
294
384
|
WebhookEndpointSchema,
|
|
295
385
|
WebhookEventTypeSchema,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vettly/shared",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.16",
|
|
4
4
|
"description": "Shared TypeScript types for Vettly decision infrastructure",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
"license": "MIT",
|
|
34
34
|
"repository": {
|
|
35
35
|
"type": "git",
|
|
36
|
-
"url": "https://github.com/nextauralabs/vettly
|
|
36
|
+
"url": "https://github.com/nextauralabs/vettly.git",
|
|
37
37
|
"directory": "packages/shared"
|
|
38
38
|
},
|
|
39
39
|
"homepage": "https://vettly.dev",
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
"access": "public"
|
|
42
42
|
},
|
|
43
43
|
"bugs": {
|
|
44
|
-
"url": "https://github.com/nextauralabs/vettly
|
|
44
|
+
"url": "https://github.com/nextauralabs/vettly/issues"
|
|
45
45
|
},
|
|
46
46
|
"dependencies": {
|
|
47
47
|
"zod": "^3.22.4"
|