@vigil-guard/vge-cc-guard 0.9.0-beta.2 → 0.9.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/commands/doctor.d.ts.map +1 -1
- package/dist/commands/doctor.js +29 -1
- package/dist/commands/doctor.js.map +1 -1
- package/dist/daemon/active-conversation-decisions.d.ts +1 -1
- package/dist/daemon/active-conversation-decisions.d.ts.map +1 -1
- package/dist/daemon/active-conversation-decisions.js +0 -4
- package/dist/daemon/active-conversation-decisions.js.map +1 -1
- package/dist/daemon/ask-dialog.d.ts +1 -12
- package/dist/daemon/ask-dialog.d.ts.map +1 -1
- package/dist/daemon/ask-dialog.js +0 -51
- package/dist/daemon/ask-dialog.js.map +1 -1
- package/dist/daemon/audit-decisions.d.ts +7 -0
- package/dist/daemon/audit-decisions.d.ts.map +1 -1
- package/dist/daemon/audit-decisions.js +11 -2
- package/dist/daemon/audit-decisions.js.map +1 -1
- package/dist/daemon/audit-posttool.d.ts +11 -1
- package/dist/daemon/audit-posttool.d.ts.map +1 -1
- package/dist/daemon/audit-posttool.js +14 -1
- package/dist/daemon/audit-posttool.js.map +1 -1
- package/dist/daemon/audit-pretool.d.ts +0 -35
- package/dist/daemon/audit-pretool.d.ts.map +1 -1
- package/dist/daemon/audit-pretool.js +0 -48
- package/dist/daemon/audit-pretool.js.map +1 -1
- package/dist/daemon/blocking-decision-triggers.d.ts.map +1 -1
- package/dist/daemon/blocking-decision-triggers.js +4 -1
- package/dist/daemon/blocking-decision-triggers.js.map +1 -1
- package/dist/daemon/conversation-decision-cleanup.d.ts.map +1 -1
- package/dist/daemon/conversation-decision-cleanup.js +0 -3
- package/dist/daemon/conversation-decision-cleanup.js.map +1 -1
- package/dist/daemon/conversation-decision-escrow.d.ts.map +1 -1
- package/dist/daemon/conversation-decision-escrow.js +7 -17
- package/dist/daemon/conversation-decision-escrow.js.map +1 -1
- package/dist/daemon/conversation-decision-prompt.d.ts.map +1 -1
- package/dist/daemon/conversation-decision-prompt.js +7 -23
- package/dist/daemon/conversation-decision-prompt.js.map +1 -1
- package/dist/daemon/decision-broker.d.ts +1 -0
- package/dist/daemon/decision-broker.d.ts.map +1 -1
- package/dist/daemon/decision-broker.js +9 -3
- package/dist/daemon/decision-broker.js.map +1 -1
- package/dist/daemon/decision-metrics.d.ts.map +1 -1
- package/dist/daemon/decision-metrics.js +0 -2
- package/dist/daemon/decision-metrics.js.map +1 -1
- package/dist/daemon/http-server.d.ts.map +1 -1
- package/dist/daemon/http-server.js +19 -2
- package/dist/daemon/http-server.js.map +1 -1
- package/dist/daemon/posttool-decision-escrow.d.ts.map +1 -1
- package/dist/daemon/posttool-decision-escrow.js +3 -2
- package/dist/daemon/posttool-decision-escrow.js.map +1 -1
- package/dist/daemon/posttool-decision-state.d.ts +2 -1
- package/dist/daemon/posttool-decision-state.d.ts.map +1 -1
- package/dist/daemon/posttool-decision-state.js +3 -3
- package/dist/daemon/posttool-decision-state.js.map +1 -1
- package/dist/daemon/posttool-disposition.d.ts +22 -0
- package/dist/daemon/posttool-disposition.d.ts.map +1 -0
- package/dist/daemon/posttool-disposition.js +26 -0
- package/dist/daemon/posttool-disposition.js.map +1 -0
- package/dist/daemon/posttool-enforcement.d.ts.map +1 -1
- package/dist/daemon/posttool-enforcement.js +55 -43
- package/dist/daemon/posttool-enforcement.js.map +1 -1
- package/dist/daemon/posttool-render.d.ts +2 -0
- package/dist/daemon/posttool-render.d.ts.map +1 -1
- package/dist/daemon/posttool-render.js +36 -11
- package/dist/daemon/posttool-render.js.map +1 -1
- package/dist/daemon/posttool-research-quarantine.d.ts +15 -0
- package/dist/daemon/posttool-research-quarantine.d.ts.map +1 -0
- package/dist/daemon/posttool-research-quarantine.js +66 -0
- package/dist/daemon/posttool-research-quarantine.js.map +1 -0
- package/dist/daemon/pretool-url-gate.js +1 -1
- package/dist/daemon/pretool-url-gate.js.map +1 -1
- package/dist/daemon/reply-parser.d.ts +1 -5
- package/dist/daemon/reply-parser.d.ts.map +1 -1
- package/dist/daemon/reply-parser.js +0 -40
- package/dist/daemon/reply-parser.js.map +1 -1
- package/dist/daemon/resolve-escalation-route.d.ts.map +1 -1
- package/dist/daemon/resolve-escalation-route.js +0 -21
- package/dist/daemon/resolve-escalation-route.js.map +1 -1
- package/dist/daemon/session-state.d.ts +0 -4
- package/dist/daemon/session-state.d.ts.map +1 -1
- package/dist/daemon/session-state.js +0 -35
- package/dist/daemon/session-state.js.map +1 -1
- package/dist/daemon/subagent-lifecycle.d.ts.map +1 -1
- package/dist/daemon/subagent-lifecycle.js +1 -2
- package/dist/daemon/subagent-lifecycle.js.map +1 -1
- package/dist/daemon/tool-output-redactor.d.ts.map +1 -1
- package/dist/daemon/tool-output-redactor.js +12 -1
- package/dist/daemon/tool-output-redactor.js.map +1 -1
- package/dist/daemon/tool-policy.d.ts +4 -1
- package/dist/daemon/tool-policy.d.ts.map +1 -1
- package/dist/daemon/tool-policy.js +3 -1
- package/dist/daemon/tool-policy.js.map +1 -1
- package/dist/daemon/url-resource-id.d.ts +4 -0
- package/dist/daemon/url-resource-id.d.ts.map +1 -0
- package/dist/daemon/url-resource-id.js +14 -0
- package/dist/daemon/url-resource-id.js.map +1 -0
- package/dist/daemon/vge-client-types.d.ts +45 -0
- package/dist/daemon/vge-client-types.d.ts.map +1 -0
- package/dist/daemon/vge-client-types.js +2 -0
- package/dist/daemon/vge-client-types.js.map +1 -0
- package/dist/daemon/vge-client.d.ts +2 -44
- package/dist/daemon/vge-client.d.ts.map +1 -1
- package/dist/daemon/vge-client.js +3 -3
- package/dist/daemon/vge-client.js.map +1 -1
- package/dist/daemon/vge-connectivity.d.ts.map +1 -1
- package/dist/daemon/vge-connectivity.js +72 -16
- package/dist/daemon/vge-connectivity.js.map +1 -1
- package/dist/shared/config-schema.d.ts +19 -0
- package/dist/shared/config-schema.d.ts.map +1 -1
- package/dist/shared/config-schema.js +11 -0
- package/dist/shared/config-schema.js.map +1 -1
- package/dist/shared/system-ca.d.ts +9 -1
- package/dist/shared/system-ca.d.ts.map +1 -1
- package/dist/shared/system-ca.js +35 -14
- package/dist/shared/system-ca.js.map +1 -1
- package/dist/shared/types.d.ts +3 -3
- package/dist/shared/types.d.ts.map +1 -1
- package/dist/shim/inline-resolver-terminal.d.ts.map +1 -1
- package/dist/shim/inline-resolver-terminal.js +9 -4
- package/dist/shim/inline-resolver-terminal.js.map +1 -1
- package/dist/tui/components/BlockingDecisionModal.d.ts.map +1 -1
- package/dist/tui/components/BlockingDecisionModal.js +5 -1
- package/dist/tui/components/BlockingDecisionModal.js.map +1 -1
- package/dist/tui/lib/daemon-client.d.ts +7 -0
- package/dist/tui/lib/daemon-client.d.ts.map +1 -1
- package/dist/tui/lib/daemon-client.js +31 -0
- package/dist/tui/lib/daemon-client.js.map +1 -1
- package/dist/tui/screens/ViewConfig.d.ts.map +1 -1
- package/dist/tui/screens/ViewConfig.js +1 -1
- package/dist/tui/screens/ViewConfig.js.map +1 -1
- package/package.json +1 -1
- package/dist/daemon/pretool-decision-escrow.d.ts +0 -51
- package/dist/daemon/pretool-decision-escrow.d.ts.map +0 -1
- package/dist/daemon/pretool-decision-escrow.js +0 -295
- package/dist/daemon/pretool-decision-escrow.js.map +0 -1
- package/dist/daemon/url-block-decisions.d.ts +0 -27
- package/dist/daemon/url-block-decisions.d.ts.map +0 -1
- package/dist/daemon/url-block-decisions.js +0 -100
- package/dist/daemon/url-block-decisions.js.map +0 -1
package/README.md
CHANGED
|
@@ -5,7 +5,7 @@ Code hooks, gates tool calls before execution, sends configured prompt and tool
|
|
|
5
5
|
content to Vigil Guard Enterprise (VGE), manages user decisions for blocked
|
|
6
6
|
content, and writes a private local audit trail.
|
|
7
7
|
|
|
8
|
-
Current package version: `0.9.0-beta.
|
|
8
|
+
Current package version: `0.9.0-beta.3`.
|
|
9
9
|
|
|
10
10
|
## Current State
|
|
11
11
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"doctor.d.ts","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"doctor.d.ts","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAWA,wBAAsB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CA0C7D"}
|
package/dist/commands/doctor.js
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { ccContractNextAction, createCcContractStatus, getCcContractHealth, writeCcContractStatus, } from '../daemon/cc-contract-status.js';
|
|
2
2
|
import { checkVgeConnectivity } from '../daemon/vge-connectivity.js';
|
|
3
3
|
import { readConfigOrDefault } from '../shared/config-io.js';
|
|
4
|
+
import { installSystemCAs } from '../shared/system-ca.js';
|
|
5
|
+
import { readDaemonStatus } from '../tui/lib/daemon-client.js';
|
|
4
6
|
export async function runDoctor(args) {
|
|
5
7
|
if (!args.includes('--cc-contract')) {
|
|
6
8
|
const skipVge = args.includes('--no-vge');
|
|
@@ -14,6 +16,7 @@ export async function runDoctor(args) {
|
|
|
14
16
|
console.log(`Checked at: ${health.checkedAt ?? 'never'}`);
|
|
15
17
|
if (skipVge) {
|
|
16
18
|
console.log('VGE connectivity: skipped (--no-vge)');
|
|
19
|
+
await printSystemCaDiagnostics();
|
|
17
20
|
return;
|
|
18
21
|
}
|
|
19
22
|
const vgeHealth = await checkVgeConnectivity(readConfigOrDefault());
|
|
@@ -23,8 +26,11 @@ export async function runDoctor(args) {
|
|
|
23
26
|
console.log(`VGE output key: ${vgeHealth.outputKey}`);
|
|
24
27
|
if (!vgeHealth.ok) {
|
|
25
28
|
console.log(`VGE reason: ${vgeHealth.failureReason ?? 'unknown'}`);
|
|
29
|
+
if (vgeHealth.detail)
|
|
30
|
+
console.log(`VGE detail: ${vgeHealth.detail}`);
|
|
26
31
|
console.log(`VGE next action: ${vgeNextAction(vgeHealth.failureReason)}`);
|
|
27
32
|
}
|
|
33
|
+
await printSystemCaDiagnostics();
|
|
28
34
|
return;
|
|
29
35
|
}
|
|
30
36
|
const assumeLivePassed = args.includes('--assume-live-pass');
|
|
@@ -46,8 +52,30 @@ function vgeNextAction(reason) {
|
|
|
46
52
|
return 'Verify the input and output key roles for the configured VGE endpoint.';
|
|
47
53
|
}
|
|
48
54
|
if (reason === 'tls_error') {
|
|
49
|
-
return '
|
|
55
|
+
return 'Add the VGE root CA to your OS keychain or NODE_EXTRA_CA_CERTS, then run `vge-cc-guard daemon reload`.';
|
|
50
56
|
}
|
|
51
57
|
return 'Check daemon Runtime VGE status and verify endpoint, CA trust, and key role configuration.';
|
|
52
58
|
}
|
|
59
|
+
async function printSystemCaDiagnostics() {
|
|
60
|
+
const localSnapshot = installSystemCAs();
|
|
61
|
+
console.log(`System CA store: ${localSnapshot.runtimeSupported ? 'supported' : 'unsupported'}`);
|
|
62
|
+
console.log(`System CAs loaded: ${localSnapshot.systemCount}`);
|
|
63
|
+
console.log(`Extra CAs loaded: ${localSnapshot.extraCount}`);
|
|
64
|
+
const daemonStatus = await readDaemonStatus();
|
|
65
|
+
if (!daemonStatus.ok || !daemonStatus.caSnapshot) {
|
|
66
|
+
console.log('Daemon CA snapshot: unavailable');
|
|
67
|
+
console.log('CA drift: unknown');
|
|
68
|
+
return;
|
|
69
|
+
}
|
|
70
|
+
console.log(`Daemon CA snapshot: ${formatDaemonCaSnapshot(daemonStatus.caSnapshot)}`);
|
|
71
|
+
console.log(`CA drift: ${hasCaDrift(localSnapshot, daemonStatus.caSnapshot) ? 'yes' : 'no'}`);
|
|
72
|
+
}
|
|
73
|
+
function formatDaemonCaSnapshot(snapshot) {
|
|
74
|
+
return `systemCount=${snapshot.systemCount} extraCount=${snapshot.extraCount} checkedAt=${snapshot.checkedAt}`;
|
|
75
|
+
}
|
|
76
|
+
function hasCaDrift(localSnapshot, daemonSnapshot) {
|
|
77
|
+
return localSnapshot.systemCount !== daemonSnapshot.systemCount ||
|
|
78
|
+
localSnapshot.extraCount !== daemonSnapshot.extraCount ||
|
|
79
|
+
localSnapshot.runtimeSupported !== daemonSnapshot.runtimeSupported;
|
|
80
|
+
}
|
|
53
81
|
//# sourceMappingURL=doctor.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"doctor.js","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"doctor.js","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAyB,MAAM,wBAAwB,CAAC;AACjF,OAAO,EAAE,gBAAgB,EAAyB,MAAM,6BAA6B,CAAC;AAEtF,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,IAAc;IAC5C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,+BAA+B,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,0BAA0B,MAAM,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9F,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,oBAAoB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,aAAa,IAAI,SAAS,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,YAAY,IAAI,SAAS,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,SAAS,IAAI,OAAO,EAAE,CAAC,CAAC;QAC1D,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;YACpD,MAAM,wBAAwB,EAAE,CAAC;YACjC,OAAO;QACT,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,oBAAoB,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACpE,OAAO,CAAC,GAAG,CAAC,qBAAqB,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,SAAS,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,kBAAkB,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,mBAAmB,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,eAAe,SAAS,CAAC,aAAa,IAAI,SAAS,EAAE,CAAC,CAAC;YACnE,IAAI,SAAS,CAAC,MAAM;gBAAE,OAAO,CAAC,GAAG,CAAC,eAAe,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;YACrE,OAAO,CAAC,GAAG,CAAC,oBAAoB,aAAa,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;QAC5E,CAAC;QACD,MAAM,wBAAwB,EAAE,CAAC;QACjC,OAAO;IACT,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC7D,IAAI,gBAAgB,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CACV,oKAAoK,CACrK,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,sBAAsB,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,gCAAgC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7D,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,YAAY,IAAI,SAAS,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,EAAE,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,aAAa,CAAC,MAA0B;IAC/C,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;QAChC,OAAO,wEAAwE,CAAC;IAClF,CAAC;IACD,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;QAC7B,OAAO,wEAAwE,CAAC;IAClF,CAAC;IACD,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;QAC3B,OAAO,wGAAwG,CAAC;IAClH,CAAC;IACD,OAAO,4FAA4F,CAAC;AACtG,CAAC;AAED,KAAK,UAAU,wBAAwB;IACrC,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,oBAAoB,aAAa,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;IAChG,OAAO,CAAC,GAAG,CAAC,sBAAsB,aAAa,CAAC,WAAW,EAAE,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,qBAAqB,aAAa,CAAC,UAAU,EAAE,CAAC,CAAC;IAE7D,MAAM,YAAY,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAC9C,IAAI,CAAC,YAAY,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,sBAAsB,CAAC,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACtF,OAAO,CAAC,GAAG,CAAC,aAAa,UAAU,CAAC,aAAa,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,sBAAsB,CAAC,QAA0B;IACxD,OAAO,eAAe,QAAQ,CAAC,WAAW,eAAe,QAAQ,CAAC,UAAU,cAAc,QAAQ,CAAC,SAAS,EAAE,CAAC;AACjH,CAAC;AAED,SAAS,UAAU,CAAC,aAA+B,EAAE,cAAgC;IACnF,OAAO,aAAa,CAAC,WAAW,KAAK,cAAc,CAAC,WAAW;QAC7D,aAAa,CAAC,UAAU,KAAK,cAAc,CAAC,UAAU;QACtD,aAAa,CAAC,gBAAgB,KAAK,cAAc,CAAC,gBAAgB,CAAC;AACvE,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import type { BlockingDecision } from '../shared/types.js';
|
|
2
2
|
export interface ActiveConversationDecision {
|
|
3
3
|
decision: BlockingDecision;
|
|
4
|
-
source: '
|
|
4
|
+
source: 'posttool' | 'attachment' | 'prompt';
|
|
5
5
|
}
|
|
6
6
|
export declare function nextDecisionCreationSequence(): number;
|
|
7
7
|
export declare function activeConversationDecisionsForSession(sessionId: string): ActiveConversationDecision[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"active-conversation-decisions.d.ts","sourceRoot":"","sources":["../../src/daemon/active-conversation-decisions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"active-conversation-decisions.d.ts","sourceRoot":"","sources":["../../src/daemon/active-conversation-decisions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAO3D,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,gBAAgB,CAAC;IAC3B,MAAM,EAAE,UAAU,GAAG,YAAY,GAAG,QAAQ,CAAC;CAC9C;AAID,wBAAgB,4BAA4B,IAAI,MAAM,CAErD;AAkBD,wBAAgB,qCAAqC,CAAC,SAAS,EAAE,MAAM,GAAG,0BAA0B,EAAE,CASrG;AAED,wBAAgB,8CAA8C,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CA0BxF"}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
import { activeAttachmentEscrowDecisionsForSession } from './attachment-decision-escrow.js';
|
|
2
2
|
import { decisionOwnerFromDecision, decisionOwnerLabel } from './decision-owner.js';
|
|
3
3
|
import { activePostToolEscrowDecisionsForSession } from './posttool-decision-escrow.js';
|
|
4
|
-
import { activePreToolEscrowDecisionsForSession } from './pretool-decision-escrow.js';
|
|
5
4
|
import { sanitizeDecisionResourceLabel } from './conversation-decision-prompt.js';
|
|
6
5
|
import { activeUserPromptEscrowDecisionsForSession } from './userprompt-decision-escrow.js';
|
|
7
6
|
let decisionCreationSequence = 0;
|
|
@@ -20,8 +19,6 @@ function compareActiveDecision(left, right) {
|
|
|
20
19
|
return a < b ? -1 : a > b ? 1 : 0;
|
|
21
20
|
}
|
|
22
21
|
function sourceLabel(source) {
|
|
23
|
-
if (source === 'pretool')
|
|
24
|
-
return 'PreTool';
|
|
25
22
|
if (source === 'posttool')
|
|
26
23
|
return 'PostTool';
|
|
27
24
|
if (source === 'attachment')
|
|
@@ -30,7 +27,6 @@ function sourceLabel(source) {
|
|
|
30
27
|
}
|
|
31
28
|
export function activeConversationDecisionsForSession(sessionId) {
|
|
32
29
|
return [
|
|
33
|
-
...activePreToolEscrowDecisionsForSession(sessionId).map((decision) => ({ decision, source: 'pretool' })),
|
|
34
30
|
...activePostToolEscrowDecisionsForSession(sessionId).map((decision) => ({ decision, source: 'posttool' })),
|
|
35
31
|
...activeAttachmentEscrowDecisionsForSession(sessionId).map((decision) => ({ decision, source: 'attachment' })),
|
|
36
32
|
...activeUserPromptEscrowDecisionsForSession(sessionId, 'prompt_input').map((decision) => ({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"active-conversation-decisions.js","sourceRoot":"","sources":["../../src/daemon/active-conversation-decisions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,yCAAyC,EAAE,MAAM,iCAAiC,CAAC;AAC5F,OAAO,EAAE,yBAAyB,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACpF,OAAO,EAAE,uCAAuC,EAAE,MAAM,+BAA+B,CAAC;AACxF,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"active-conversation-decisions.js","sourceRoot":"","sources":["../../src/daemon/active-conversation-decisions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,yCAAyC,EAAE,MAAM,iCAAiC,CAAC;AAC5F,OAAO,EAAE,yBAAyB,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACpF,OAAO,EAAE,uCAAuC,EAAE,MAAM,+BAA+B,CAAC;AACxF,OAAO,EAAE,6BAA6B,EAAE,MAAM,mCAAmC,CAAC;AAClF,OAAO,EAAE,yCAAyC,EAAE,MAAM,iCAAiC,CAAC;AAO5F,IAAI,wBAAwB,GAAG,CAAC,CAAC;AAEjC,MAAM,UAAU,4BAA4B;IAC1C,OAAO,EAAE,wBAAwB,CAAC;AACpC,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAgC,EAAE,KAAiC;IAChG,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,GAAG,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;IAClE,IAAI,MAAM,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAChC,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,gBAAgB,IAAI,CAAC,CAAC,CAAC;IAC7F,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC9B,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,WAAW,CAAC,MAA4C;IAC/D,IAAI,MAAM,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IAC7C,IAAI,MAAM,KAAK,YAAY;QAAE,OAAO,YAAY,CAAC;IACjD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,qCAAqC,CAAC,SAAiB;IACrE,OAAO;QACL,GAAG,uCAAuC,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAmB,EAAE,CAAC,CAAC;QACpH,GAAG,yCAAyC,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAqB,EAAE,CAAC,CAAC;QACxH,GAAG,yCAAyC,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACzF,QAAQ;YACR,MAAM,EAAE,QAAiB;SAC1B,CAAC,CAAC;KACJ,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,8CAA8C,CAAC,SAAiB;IAC9E,MAAM,MAAM,GAAG,qCAAqC,CAAC,SAAS,CAAC,CAAC;IAChE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,uEAAuE,CAAC;IACjF,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,oDAAoD;QACpD,6DAA6D;QAC7D,EAAE;KACH,CAAC;IAEF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;QAChC,KAAK,CAAC,IAAI,CACR,gBAAgB,QAAQ,CAAC,UAAU,EAAE,EACrC,UAAU,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,EACrC,UAAU,kBAAkB,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,EAAE,EACnE,SAAS,QAAQ,CAAC,QAAQ,EAAE,EAC5B,aAAa,6BAA6B,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,EACpE,uBAAuB,QAAQ,CAAC,UAAU,gBAAgB,QAAQ,CAAC,UAAU,wBAAwB,QAAQ,CAAC,UAAU,EAAE,EAC1H,EAAE,CACH,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;AACpC,CAAC"}
|
|
@@ -1,23 +1,12 @@
|
|
|
1
|
-
import type { SessionData, Escalation, EscalationDecision, RouterOutcome, SessionState
|
|
1
|
+
import type { SessionData, Escalation, EscalationDecision, RouterOutcome, SessionState } from '../shared/types.js';
|
|
2
2
|
export declare function hasPending(session: SessionData): boolean;
|
|
3
3
|
export declare function enqueue(session: SessionData, escalation: Escalation): RouterOutcome;
|
|
4
4
|
export declare function formatDenyReason(escalation: Escalation, triggerExcerpt: string): string;
|
|
5
|
-
export declare function formatUrlBlockDenyReason(escalation: Escalation): string;
|
|
6
5
|
interface StateStore {
|
|
7
6
|
transitionState: (sessionId: string, state: SessionState) => void;
|
|
8
7
|
addToAllowlist: (sessionId: string, key: string, escalationId?: string) => void;
|
|
9
8
|
addToBlocklist: (sessionId: string, key: string, escalationId?: string) => void;
|
|
10
9
|
}
|
|
11
10
|
export declare function applyDecision(session: SessionData, decision: EscalationDecision, stateStore: StateStore, escalationId?: string): Escalation | undefined;
|
|
12
|
-
interface UrlBlockStateStore {
|
|
13
|
-
addUrlAllowOnce: (sessionId: string, key: string) => void;
|
|
14
|
-
addResourceToBlocklist: (sessionId: string, key: string, escalationId?: string) => void;
|
|
15
|
-
addHostToUrlAllowlist: (host: string) => boolean;
|
|
16
|
-
}
|
|
17
|
-
export declare function applyUrlBlockDecision(session: SessionData, decision: UrlBlockDecision, stateStore: UrlBlockStateStore, escalationId?: string): {
|
|
18
|
-
escalation: Escalation;
|
|
19
|
-
decision: UrlBlockDecision;
|
|
20
|
-
blockReason?: 'user_block' | 'malformed_url' | 'persist_failed';
|
|
21
|
-
} | undefined;
|
|
22
11
|
export {};
|
|
23
12
|
//# sourceMappingURL=ask-dialog.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ask-dialog.d.ts","sourceRoot":"","sources":["../../src/daemon/ask-dialog.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,kBAAkB,EAClB,aAAa,EACb,YAAY,
|
|
1
|
+
{"version":3,"file":"ask-dialog.d.ts","sourceRoot":"","sources":["../../src/daemon/ask-dialog.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,kBAAkB,EAClB,aAAa,EACb,YAAY,EACb,MAAM,oBAAoB,CAAC;AAE5B,wBAAgB,UAAU,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAExD;AAED,wBAAgB,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,GAAG,aAAa,CAInF;AAED,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,GAAG,MAAM,CA6BvF;AAED,UAAU,UAAU;IAClB,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,KAAK,IAAI,CAAC;IAClE,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;IAChF,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;CACjF;AAED,wBAAgB,aAAa,CAC3B,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,kBAAkB,EAC5B,UAAU,EAAE,UAAU,EACtB,YAAY,CAAC,EAAE,MAAM,GACpB,UAAU,GAAG,SAAS,CAwBxB"}
|
|
@@ -7,8 +7,6 @@ export function enqueue(session, escalation) {
|
|
|
7
7
|
return 'ESCALATE';
|
|
8
8
|
}
|
|
9
9
|
export function formatDenyReason(escalation, triggerExcerpt) {
|
|
10
|
-
if (escalation.kind === 'url-block')
|
|
11
|
-
return formatUrlBlockDenyReason(escalation);
|
|
12
10
|
const excerpt = triggerExcerpt.slice(0, 120);
|
|
13
11
|
const branchSummary = Object.entries(escalation.branches)
|
|
14
12
|
.filter(([, v]) => v > 0)
|
|
@@ -37,26 +35,6 @@ export function formatDenyReason(escalation, triggerExcerpt) {
|
|
|
37
35
|
.filter((line) => line !== '')
|
|
38
36
|
.join('\n');
|
|
39
37
|
}
|
|
40
|
-
export function formatUrlBlockDenyReason(escalation) {
|
|
41
|
-
const categories = escalation.vgeCategories && escalation.vgeCategories.length > 0
|
|
42
|
-
? escalation.vgeCategories.join(', ')
|
|
43
|
-
: 'none';
|
|
44
|
-
return [
|
|
45
|
-
'VGE Agent Guard: URL flagged before tool execution. Decide before continuing.',
|
|
46
|
-
'',
|
|
47
|
-
` Tool: ${escalation.toolName}`,
|
|
48
|
-
` URL: ${escalation.url ?? '(unknown)'}`,
|
|
49
|
-
` Host: ${escalation.host ?? '(unknown)'}`,
|
|
50
|
-
` Reason: ${escalation.blockMessage ?? 'Vigil Guard classified this URL as unsafe.'}`,
|
|
51
|
-
` VGE: decision ${escalation.vgeDecision ?? escalation.routerOutcome}, signal ${escalation.vgeArbiterSignal ?? 'n/a'}, action ${escalation.vgeRuleAction ?? 'n/a'}, score ${escalation.vgeScore ?? 0}, categories: [${categories}]`,
|
|
52
|
-
'',
|
|
53
|
-
' Reply:',
|
|
54
|
-
' block — keep this tool call blocked and block this exact URL',
|
|
55
|
-
' automatically for the rest of the session',
|
|
56
|
-
' allow once — allow this exact URL once, then ask again next time',
|
|
57
|
-
' session — allow + add this host to the persistent URL allowlist',
|
|
58
|
-
].join('\n');
|
|
59
|
-
}
|
|
60
38
|
export function applyDecision(session, decision, stateStore, escalationId) {
|
|
61
39
|
const escalationIndex = escalationId === undefined
|
|
62
40
|
? 0
|
|
@@ -82,33 +60,4 @@ export function applyDecision(session, decision, stateStore, escalationId) {
|
|
|
82
60
|
}
|
|
83
61
|
return esc;
|
|
84
62
|
}
|
|
85
|
-
export function applyUrlBlockDecision(session, decision, stateStore, escalationId) {
|
|
86
|
-
const escalationIndex = escalationId === undefined
|
|
87
|
-
? 0
|
|
88
|
-
: session.pendingEscalations.findIndex((esc) => esc.escalationId === escalationId);
|
|
89
|
-
if (escalationIndex < 0)
|
|
90
|
-
return undefined;
|
|
91
|
-
const [esc] = session.pendingEscalations.splice(escalationIndex, 1);
|
|
92
|
-
if (!esc)
|
|
93
|
-
return undefined;
|
|
94
|
-
let effectiveDecision = decision;
|
|
95
|
-
let blockReason = decision === 'block' ? 'user_block' : undefined;
|
|
96
|
-
if (decision === 'block') {
|
|
97
|
-
stateStore.addResourceToBlocklist(session.sessionId, esc.resourceId, esc.escalationId);
|
|
98
|
-
}
|
|
99
|
-
if (decision === 'allow_once') {
|
|
100
|
-
stateStore.addUrlAllowOnce(session.sessionId, esc.resourceId);
|
|
101
|
-
}
|
|
102
|
-
else if (decision === 'allow_persist') {
|
|
103
|
-
if (!esc.host) {
|
|
104
|
-
effectiveDecision = 'block';
|
|
105
|
-
blockReason = 'malformed_url';
|
|
106
|
-
}
|
|
107
|
-
else if (!stateStore.addHostToUrlAllowlist(esc.host)) {
|
|
108
|
-
effectiveDecision = 'block';
|
|
109
|
-
blockReason = 'persist_failed';
|
|
110
|
-
}
|
|
111
|
-
}
|
|
112
|
-
return { escalation: esc, decision: effectiveDecision, blockReason };
|
|
113
|
-
}
|
|
114
63
|
//# sourceMappingURL=ask-dialog.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ask-dialog.js","sourceRoot":"","sources":["../../src/daemon/ask-dialog.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ask-dialog.js","sourceRoot":"","sources":["../../src/daemon/ask-dialog.ts"],"names":[],"mappings":"AAQA,MAAM,UAAU,UAAU,CAAC,OAAoB;IAC7C,OAAO,OAAO,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,OAAoB,EAAE,UAAsB;IAClE,OAAO,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC5C,OAAO,CAAC,eAAe,EAAE,CAAC;IAC1B,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,UAAsB,EAAE,cAAsB;IAC7E,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;SACtD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;SACxB,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;SAC5B,IAAI,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC;IAExB,OAAO;QACL,wEAAwE;QACxE,EAAE;QACF,eAAe,UAAU,CAAC,QAAQ,EAAE;QACpC,eAAe,UAAU,CAAC,UAAU,EAAE;QACtC,eAAe,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,aAAa,GAAG;QAC3G,OAAO,CAAC,CAAC,CAAC,mBAAmB,OAAO,MAAM,CAAC,CAAC,CAAC,EAAE;QAC/C,EAAE;QACF,+DAA+D;QAC/D,4CAA4C;QAC5C,EAAE;QACF,UAAU;QACV,oEAAoE;QACpE,mDAAmD;QACnD,sEAAsE;QACtE,kCAAkC;QAClC,oEAAoE;QACpE,6DAA6D;QAC7D,gFAAgF;KACjF;SACE,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC;SAC7B,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAQD,MAAM,UAAU,aAAa,CAC3B,OAAoB,EACpB,QAA4B,EAC5B,UAAsB,EACtB,YAAqB;IAErB,MAAM,eAAe,GAAG,YAAY,KAAK,SAAS;QAChD,CAAC,CAAC,CAAC;QACH,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,KAAK,YAAY,CAAC,CAAC;IACrF,IAAI,eAAe,GAAG,CAAC;QAAE,OAAO,SAAS,CAAC;IAC1C,MAAM,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC;IACpE,IAAI,CAAC,GAAG;QAAE,OAAO,SAAS,CAAC;IAE3B,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,MAAM;YACT,MAAM;QACR,KAAK,SAAS;YACZ,8EAA8E;YAC9E,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;YAC/E,MAAM;QACR,KAAK,OAAO;YACV,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;YAC/E,MAAM;QACR,KAAK,YAAY;YACf,UAAU,CAAC,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YACzD,MAAM;IACV,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
@@ -21,6 +21,13 @@ export declare function logBlockingDecisionResolved(params: {
|
|
|
21
21
|
}): void;
|
|
22
22
|
export declare function logBlockingDecisionCapacityEvicted(decision: BlockingDecision): void;
|
|
23
23
|
export declare function logBlockingDecisionDroppedOnRestart(decision: BlockingDecision): void;
|
|
24
|
+
export declare function logSnapshotPretoolUrlDecisionDropped(decision: {
|
|
25
|
+
decisionId?: unknown;
|
|
26
|
+
sessionId?: unknown;
|
|
27
|
+
kind?: unknown;
|
|
28
|
+
toolName?: unknown;
|
|
29
|
+
resourceId?: unknown;
|
|
30
|
+
}): void;
|
|
24
31
|
export declare function logBlockingDecisionConflict(params: {
|
|
25
32
|
decision: BlockingDecision;
|
|
26
33
|
clientId: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-decisions.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-decisions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,sBAAsB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAOvH,KAAK,UAAU,GACX,iBAAiB,GACjB,qBAAqB,GACrB,WAAW,GACX,iBAAiB,GACjB,gBAAgB,GAChB,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"audit-decisions.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-decisions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,sBAAsB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAOvH,KAAK,UAAU,GACX,iBAAiB,GACjB,qBAAqB,GACrB,WAAW,GACX,iBAAiB,GACjB,gBAAgB,GAChB,mBAAmB,CAAC;AA6CxB,wBAAgB,0BAA0B,CACxC,QAAQ,EAAE,gBAAgB,EAC1B,MAAM,GAAE;IAAE,eAAe,CAAC,EAAE,iBAAiB,GAAG,iBAAiB,CAAA;CAAO,GACvE,IAAI,CASN;AAED,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAM3E;AAED,wBAAgB,+BAA+B,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAKhF;AAED,wBAAgB,gCAAgC,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAKjF;AAED,wBAAgB,kCAAkC,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAKnF;AAED,wBAAgB,2BAA2B,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,gBAAgB,CAAC;IAC3B,MAAM,EAAE,sBAAsB,CAAC;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,eAAe,CAAC,EAAE,aAAa,GAAG,kBAAkB,GAAG,YAAY,CAAC;IACpE,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,eAAe,CAAC,EAAE,iBAAiB,GAAG,iBAAiB,CAAC;CACzD,GAAG,IAAI,CAwBP;AAED,wBAAgB,kCAAkC,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAenF;AAED,wBAAgB,mCAAmC,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI,CAepF;AAED,wBAAgB,oCAAoC,CAAC,QAAQ,EAAE;IAC7D,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB,GAAG,IAAI,CAUP;AAED,wBAAgB,2BAA2B,CAAC,MAAM,EAAE;IAClD,QAAQ,EAAE,gBAAgB,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,sBAAsB,CAAC;IACtC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,UAAU,CAAC;CACxB,GAAG,IAAI,CAWP;AAED,wBAAgB,yBAAyB,CAAC,MAAM,EAAE;IAChD,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,oBAAoB,CAAC;IACtC,cAAc,EAAE,MAAM,CAAC;CACxB,GAAG,IAAI,CAaP;AAED,UAAU,oBAAoB;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,iCAAiC,CAAC,MAAM,EAAE;IACxD,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,UAAU,CAAC;CACxB,GAAG,IAAI,CAaP"}
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
import { appendEvent } from '../shared/audit-writer.js';
|
|
2
2
|
import { recordDecisionCreated, recordDecisionTerminal, } from './decision-metrics.js';
|
|
3
3
|
function decisionStage(decision) {
|
|
4
|
-
if (decision.kind === 'pretool_url')
|
|
5
|
-
return 'pretool';
|
|
6
4
|
if (decision.kind === 'posttool_output')
|
|
7
5
|
return 'posttool';
|
|
8
6
|
if (decision.kind === 'attachment_input')
|
|
@@ -135,6 +133,17 @@ export function logBlockingDecisionDroppedOnRestart(decision) {
|
|
|
135
133
|
latency_ms: Date.now() - decision.createdAt,
|
|
136
134
|
});
|
|
137
135
|
}
|
|
136
|
+
export function logSnapshotPretoolUrlDecisionDropped(decision) {
|
|
137
|
+
appendEvent({
|
|
138
|
+
event_type: 'snapshot_pretool_url_decision_dropped',
|
|
139
|
+
decision_id: decision.decisionId,
|
|
140
|
+
session_id: decision.sessionId,
|
|
141
|
+
kind: decision.kind,
|
|
142
|
+
tool_name: decision.toolName,
|
|
143
|
+
resource_id: decision.resourceId,
|
|
144
|
+
reason: 'legacy_pretool_url_decision',
|
|
145
|
+
});
|
|
146
|
+
}
|
|
138
147
|
export function logBlockingDecisionConflict(params) {
|
|
139
148
|
appendEvent({
|
|
140
149
|
event_type: 'blocking_decision_conflict',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-decisions.js","sourceRoot":"","sources":["../../src/daemon/audit-decisions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;AAU/B,SAAS,aAAa,CAAC,QAA0B;IAC/C,IAAI,QAAQ,CAAC,IAAI,KAAK,
|
|
1
|
+
{"version":3,"file":"audit-decisions.js","sourceRoot":"","sources":["../../src/daemon/audit-decisions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;AAU/B,SAAS,aAAa,CAAC,QAA0B;IAC/C,IAAI,QAAQ,CAAC,IAAI,KAAK,iBAAiB;QAAE,OAAO,UAAU,CAAC;IAC3D,IAAI,QAAQ,CAAC,IAAI,KAAK,kBAAkB;QAAE,OAAO,YAAY,CAAC;IAC9D,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CAAC,QAA0B;IACjD,OAAO,QAAQ,CAAC,KAAK,EAAE,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC;AAC3F,CAAC;AAED,SAAS,sBAAsB,CAAC,QAA0B;IACxD,OAAO;QACL,cAAc,EAAE,QAAQ,CAAC,UAAU;QACnC,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,UAAU,EAAE,QAAQ,CAAC,SAAS;QAC9B,UAAU,EAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,IAAI,SAAS;QAC7C,QAAQ,EAAE,eAAe,CAAC,QAAQ,CAAC;QACnC,KAAK,EAAE,aAAa,CAAC,QAAQ,CAAC;QAC9B,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,SAAS,EAAE,QAAQ,CAAC,QAAQ;QAC5B,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,MAAM,IAAI,KAAK;QACxC,YAAY,EAAE,QAAQ,CAAC,GAAG,CAAC,QAAQ;QACnC,kBAAkB,EAAE,QAAQ,CAAC,GAAG,CAAC,aAAa,IAAI,IAAI;QACtD,eAAe,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI;QAChD,SAAS,EAAE,QAAQ,CAAC,GAAG,CAAC,KAAK;QAC7B,cAAc,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE;QAC7C,qBAAqB,EAAE,QAAQ,CAAC,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI;KACzF,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,OAA0D;IACtF,OAAO,OAAO,KAAK,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,qBAAqB,CAAC;AACnF,CAAC;AAED,SAAS,wBAAwB,CAAC,QAA0B;IAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,qBAAqB,IAAI,QAAQ,CAAC,MAAM,KAAK,wBAAwB,IAAI,QAAQ,CAAC,MAAM,KAAK,gBAAgB,EAAE,CAAC;QACtI,OAAO,eAAe,CAAC;IACzB,CAAC;IACD,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,KAAK,gBAAgB;QAAE,OAAO,wBAAwB,CAAC;IAC9E,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,QAA0B,EAC1B,SAAsE,EAAE;IAExE,qBAAqB,CAAC,QAAQ,CAAC,CAAC;IAChC,WAAW,CAAC;QACV,UAAU,EAAE,2BAA2B;QACvC,GAAG,sBAAsB,CAAC,QAAQ,CAAC;QACnC,SAAS,EAAE,QAAQ,CAAC,QAAQ;QAC5B,UAAU,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;QACtD,gBAAgB,EAAE,MAAM,CAAC,eAAe,IAAI,IAAI;KACjD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,QAA0B;IACnE,WAAW,CAAC;QACV,UAAU,EAAE,2BAA2B;QACvC,GAAG,sBAAsB,CAAC,QAAQ,CAAC;QACnC,SAAS,EAAE,QAAQ,CAAC,QAAQ;KAC7B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,+BAA+B,CAAC,QAA0B;IACxE,WAAW,CAAC;QACV,UAAU,EAAE,iCAAiC;QAC7C,GAAG,sBAAsB,CAAC,QAAQ,CAAC;KACpC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,gCAAgC,CAAC,QAA0B;IACzE,WAAW,CAAC;QACV,UAAU,EAAE,kCAAkC;QAC9C,GAAG,sBAAsB,CAAC,QAAQ,CAAC;KACpC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,kCAAkC,CAAC,QAA0B;IAC3E,WAAW,CAAC;QACV,UAAU,EAAE,oCAAoC;QAChD,GAAG,sBAAsB,CAAC,QAAQ,CAAC;KACpC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,MAW3C;IACC,sBAAsB,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QAC/B,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,eAAe,CAAC;QACxD,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC,CAAC;IACH,WAAW,CAAC;QACV,UAAU,EAAE,4BAA4B;QACxC,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC;QAC1C,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QAC/B,WAAW,EAAE,oBAAoB,CAAC,MAAM,CAAC,eAAe,CAAC;QACzD,cAAc,EAAE,eAAe;QAC/B,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,gBAAgB,EAAE,MAAM,CAAC,eAAe,IAAI,IAAI;QAChD,iBAAiB,EAAE,MAAM,CAAC,eAAe,IAAI,IAAI;QACjD,YAAY,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI;QACxC,kBAAkB,EAAE,MAAM,CAAC,gBAAgB,IAAI,IAAI;QACnD,iBAAiB,EAAE,MAAM,CAAC,eAAe,IAAI,IAAI;QACjD,oBAAoB,EAAE,MAAM,CAAC,kBAAkB,IAAI,IAAI;KACxD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,kCAAkC,CAAC,QAA0B;IAC3E,sBAAsB,CAAC;QACrB,QAAQ;QACR,OAAO,EAAE,kBAAkB;QAC3B,UAAU,EAAE,mBAAmB;QAC/B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS;KAC3C,CAAC,CAAC;IACH,WAAW,CAAC;QACV,UAAU,EAAE,oCAAoC;QAChD,GAAG,sBAAsB,CAAC,QAAQ,CAAC;QACnC,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,mBAAmB;QAChC,cAAc,EAAE,wBAAwB,CAAC,QAAQ,CAAC;QAClD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS;KAC5C,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,QAA0B;IAC5E,sBAAsB,CAAC;QACrB,QAAQ;QACR,OAAO,EAAE,oBAAoB;QAC7B,UAAU,EAAE,gBAAgB;QAC5B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS;KAC3C,CAAC,CAAC;IACH,WAAW,CAAC;QACV,UAAU,EAAE,sCAAsC;QAClD,GAAG,sBAAsB,CAAC,QAAQ,CAAC;QACnC,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EAAE,gBAAgB;QAC7B,cAAc,EAAE,wBAAwB,CAAC,QAAQ,CAAC;QAClD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,SAAS;KAC5C,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,QAMpD;IACC,WAAW,CAAC;QACV,UAAU,EAAE,uCAAuC;QACnD,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,UAAU,EAAE,QAAQ,CAAC,SAAS;QAC9B,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,SAAS,EAAE,QAAQ,CAAC,QAAQ;QAC5B,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,MAAM,EAAE,6BAA6B;KACtC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,MAO3C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,4BAA4B;QACxC,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC;QAC1C,OAAO,EAAE,UAAU;QACnB,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,eAAe,EAAE,MAAM,CAAC,MAAM;QAC9B,UAAU,EAAE,MAAM,CAAC,SAAS;KAC7B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAMzC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,2BAA2B;QACvC,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,gBAAgB,EAAE,MAAM,CAAC,cAAc;QACvC,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,iBAAiB,EAAE,MAAM,CAAC,eAAe,CAAC,QAAQ;QAClD,WAAW,EAAE,MAAM,CAAC,eAAe,CAAC,EAAE;QACtC,cAAc,EAAE,MAAM,CAAC,eAAe,CAAC,KAAK;QAC5C,oBAAoB,EAAE,MAAM,CAAC,eAAe,CAAC,UAAU;QACvD,uBAAuB,EAAE,MAAM,CAAC,eAAe,CAAC,aAAa;QAC7D,UAAU,EAAE,MAAM,CAAC,SAAS;KAC7B,CAAC,CAAC;AACL,CAAC;AAUD,MAAM,UAAU,iCAAiC,CAAC,MAGjD;IACC,WAAW,CAAC;QACV,UAAU,EAAE,mCAAmC;QAC/C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,aAAa,EAAE,MAAM,CAAC,UAAU,CAAC,YAAY;QAC7C,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,IAAI,aAAa;QAC7C,SAAS,EAAE,MAAM,CAAC,UAAU,CAAC,QAAQ;QACrC,WAAW,EAAE,MAAM,CAAC,UAAU,CAAC,UAAU;QACzC,YAAY,EAAE,MAAM,CAAC,UAAU,CAAC,WAAW,IAAI,IAAI;QACnD,kBAAkB,EAAE,MAAM,CAAC,UAAU,CAAC,gBAAgB,IAAI,IAAI;QAC9D,eAAe,EAAE,MAAM,CAAC,UAAU,CAAC,aAAa,IAAI,IAAI;QACxD,SAAS,EAAE,MAAM,CAAC,UAAU,CAAC,QAAQ,IAAI,IAAI;KAC9C,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -23,7 +23,7 @@ export declare function logToolOutputAnalyzed(params: {
|
|
|
23
23
|
toolName: string;
|
|
24
24
|
resourceId: string;
|
|
25
25
|
escalationId?: string | null;
|
|
26
|
-
|
|
26
|
+
userApprovedResource: boolean;
|
|
27
27
|
routerOutcome: RouterOutcome;
|
|
28
28
|
enforcementTaken: 'none' | 'tainted' | 'escalated' | 'denied';
|
|
29
29
|
analysisSource: AnalysisSourceKind;
|
|
@@ -74,6 +74,16 @@ export declare function logPostToolOutputRedacted(params: {
|
|
|
74
74
|
originalHash: string;
|
|
75
75
|
synthesizedBy: SynthesizedBy;
|
|
76
76
|
}): void;
|
|
77
|
+
export declare function logPostToolOutputQuarantined(params: {
|
|
78
|
+
sessionId: string;
|
|
79
|
+
toolName: string;
|
|
80
|
+
resourceId: string;
|
|
81
|
+
decisionId: string;
|
|
82
|
+
routerOutcome: RouterOutcome;
|
|
83
|
+
originalSizeBytes: number;
|
|
84
|
+
originalHash: string;
|
|
85
|
+
blocksSession: boolean;
|
|
86
|
+
}): void;
|
|
77
87
|
export declare function logPostToolKillTurn(params: {
|
|
78
88
|
sessionId: string;
|
|
79
89
|
toolName: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-posttool.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-posttool.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAE5E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC/D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAEhE,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,wBAAwB,GAAG,eAAe,GAAG,eAAe,CAAC;AACjG,MAAM,MAAM,kBAAkB,GAC1B,uBAAuB,GACvB,2BAA2B,GAC3B,gCAAgC,GAChC,kBAAkB,CAAC;AAEvB,wBAAgB,sBAAsB,CAAC,MAAM,EAAE;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,aAAa,EAAE,aAAa,CAAC;CAC9B,GAAG,IAAI,CAWP;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB,GAAG,IAAI,CASP;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,
|
|
1
|
+
{"version":3,"file":"audit-posttool.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-posttool.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAE5E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC/D,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAEhE,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,wBAAwB,GAAG,eAAe,GAAG,eAAe,CAAC;AACjG,MAAM,MAAM,kBAAkB,GAC1B,uBAAuB,GACvB,2BAA2B,GAC3B,gCAAgC,GAChC,kBAAkB,CAAC;AAEvB,wBAAgB,sBAAsB,CAAC,MAAM,EAAE;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,aAAa,EAAE,aAAa,CAAC;CAC9B,GAAG,IAAI,CAWP;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB,GAAG,IAAI,CASP;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,oBAAoB,EAAE,OAAO,CAAC;IAC9B,aAAa,EAAE,aAAa,CAAC;IAC7B,gBAAgB,EAAE,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;IAC9D,cAAc,EAAE,kBAAkB,CAAC;IACnC,4BAA4B,CAAC,EAAE,MAAM,CAAC;CACvC,GAAG,IAAI,CAeP;AAED,wBAAgB,wCAAwC,CAAC,MAAM,EAAE;IAC/D,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB,GAAG,IAAI,CAUP;AAED,wBAAgB,+BAA+B,CAAC,MAAM,EAAE;IACtD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,GAAG,IAAI,CAiBP;AAED,wBAAgB,oCAAoC,CAAC,MAAM,EAAE;IAC3D,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,uBAAuB,CAAC;IACpC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,GAAG,IAAI,CAcP;AAED,wBAAgB,uBAAuB,CAAC,MAAM,EAAE;IAC9C,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,2BAA2B,EAAE,OAAO,CAAC;CACtC,GAAG,IAAI,CAOP;AAED,wBAAgB,yBAAyB,CAAC,MAAM,EAAE;IAChD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,aAAa,CAAC;CAC9B,GAAG,IAAI,CAWP;AAED,wBAAgB,4BAA4B,CAAC,MAAM,EAAE;IACnD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,OAAO,CAAC;CACxB,GAAG,IAAI,CAYP;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,aAAa,CAAC;IAC7B,UAAU,EAAE,kBAAkB,CAAC;IAC/B,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC,GAAG,IAAI,CAaP;AAED,wBAAgB,wBAAwB,CAAC,MAAM,EAAE;IAC/C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,kBAAkB,CAAC;IACnC,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,aAAa,CAAC;IAC7B,YAAY,CAAC,EAAE,oBAAoB,CAAC;CACrC,GAAG,IAAI,CAgBP;AAED,wBAAgB,4BAA4B,CAAC,MAAM,EAAE;IACnD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;CACpB,GAAG,IAAI,CAUP;AAED,wBAAgB,6BAA6B,CAAC,MAAM,EAAE;IACpD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB,GAAG,IAAI,CAQP;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE;IACrD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB,GAAG,IAAI,CASP;AAED,wBAAgB,oCAAoC,CAAC,MAAM,EAAE;IAC3D,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,2BAA2B,GAAG,sBAAsB,CAAC;CAC9D,GAAG,IAAI,CAOP"}
|
|
@@ -28,7 +28,7 @@ export function logToolOutputAnalyzed(params) {
|
|
|
28
28
|
tool_name: params.toolName,
|
|
29
29
|
resource_id: params.resourceId,
|
|
30
30
|
escalation_id: params.escalationId ?? null,
|
|
31
|
-
user_allowlisted: params.
|
|
31
|
+
user_allowlisted: params.userApprovedResource,
|
|
32
32
|
router_outcome: params.routerOutcome,
|
|
33
33
|
enforcement_taken: params.enforcementTaken,
|
|
34
34
|
analysis_source: params.analysisSource,
|
|
@@ -101,6 +101,19 @@ export function logPostToolOutputRedacted(params) {
|
|
|
101
101
|
synthesized_by: params.synthesizedBy,
|
|
102
102
|
});
|
|
103
103
|
}
|
|
104
|
+
export function logPostToolOutputQuarantined(params) {
|
|
105
|
+
appendEvent({
|
|
106
|
+
event_type: 'posttool_output_quarantined',
|
|
107
|
+
session_id: params.sessionId,
|
|
108
|
+
tool_name: params.toolName,
|
|
109
|
+
resource_id: params.resourceId,
|
|
110
|
+
decision_id: params.decisionId,
|
|
111
|
+
router_outcome: params.routerOutcome,
|
|
112
|
+
original_size_bytes: params.originalSizeBytes,
|
|
113
|
+
original_hash: params.originalHash,
|
|
114
|
+
blocks_session: params.blocksSession,
|
|
115
|
+
});
|
|
116
|
+
}
|
|
104
117
|
export function logPostToolKillTurn(params) {
|
|
105
118
|
appendEvent({
|
|
106
119
|
event_type: 'posttool_kill_turn',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-posttool.js","sourceRoot":"","sources":["../../src/daemon/audit-posttool.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAWxD,MAAM,UAAU,sBAAsB,CAAC,MAQtC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,uBAAuB;QACnC,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,cAAc,EAAE,MAAM,CAAC,aAAa;KACrC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAKrC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,qBAAqB;QACjC,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,eAAe,EAAE,MAAM;QACvB,mBAAmB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU;KACpD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAUrC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,sBAAsB;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,aAAa,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;QAC1C,gBAAgB,EAAE,MAAM,CAAC,
|
|
1
|
+
{"version":3,"file":"audit-posttool.js","sourceRoot":"","sources":["../../src/daemon/audit-posttool.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAWxD,MAAM,UAAU,sBAAsB,CAAC,MAQtC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,uBAAuB;QACnC,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,cAAc,EAAE,MAAM,CAAC,aAAa;KACrC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAKrC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,qBAAqB;QACjC,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,eAAe,EAAE,MAAM;QACvB,mBAAmB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU;KACpD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAUrC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,sBAAsB;QAClC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,aAAa,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;QAC1C,gBAAgB,EAAE,MAAM,CAAC,oBAAoB;QAC7C,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,iBAAiB,EAAE,MAAM,CAAC,gBAAgB;QAC1C,eAAe,EAAE,MAAM,CAAC,cAAc;QACtC,GAAG,CAAC,MAAM,CAAC,4BAA4B;YACrC,CAAC,CAAC,EAAE,+BAA+B,EAAE,MAAM,CAAC,4BAA4B,EAAE;YAC1E,CAAC,CAAC,EAAE,CAAC;KACR,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,wCAAwC,CAAC,MAKxD;IACC,WAAW,CAAC;QACV,UAAU,EAAE,4CAA4C;QACxD,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,MAAM,EAAE,8BAA8B;QACtC,iBAAiB,EAAE,MAAM;KAC1B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,+BAA+B,CAAC,MAa/C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,kCAAkC;QAC9C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,GAAG,CAAC,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpF,GAAG,CAAC,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjF,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7E,GAAG,CAAC,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,OAAO,MAAM,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3F,GAAG,CAAC,OAAO,MAAM,CAAC,eAAe,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpG,GAAG,CAAC,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpF,GAAG,CAAC,OAAO,MAAM,CAAC,eAAe,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpG,iBAAiB,EAAE,WAAW;KAC/B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,MAUpD;IACC,WAAW,CAAC;QACV,UAAU,EAAE,wCAAwC;QACpD,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,qBAAqB,EAAE,MAAM,CAAC,mBAAmB;QACjD,sBAAsB,EAAE,MAAM,CAAC,oBAAoB;QACnD,GAAG,CAAC,OAAO,MAAM,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1G,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB;QAC7C,iBAAiB,EAAE,WAAW;KAC/B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAIvC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,wBAAwB;QACpC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,6BAA6B,EAAE,MAAM,CAAC,2BAA2B;KAClE,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAQzC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,0BAA0B;QACtC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB;QAC7C,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,cAAc,EAAE,MAAM,CAAC,aAAa;KACrC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,MAS5C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,6BAA6B;QACzC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB;QAC7C,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,cAAc,EAAE,MAAM,CAAC,aAAa;KACrC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAUnC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,oBAAoB;QAChC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB;QAC7C,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,wBAAwB,EAAE,MAAM,CAAC,sBAAsB;KACxD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,MAWxC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,yBAAyB;QACrC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,mBAAmB,EAAE,MAAM,CAAC,iBAAiB;QAC7C,aAAa,EAAE,MAAM,CAAC,YAAY;QAClC,eAAe,EAAE,MAAM,CAAC,cAAc;QACtC,cAAc,EAAE,MAAM,CAAC,aAAa;QACpC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACtE,GAAG,CAAC,MAAM,CAAC,4BAA4B;YACrC,CAAC,CAAC,EAAE,+BAA+B,EAAE,MAAM,CAAC,4BAA4B,EAAE;YAC1E,CAAC,CAAC,EAAE,CAAC;KACR,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,MAM5C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,8BAA8B;QAC1C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,iBAAiB,EAAE,IAAI;KACxB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,MAI7C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,+BAA+B;QAC3C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,oBAAoB,EAAE,IAAI;KAC3B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,8BAA8B,CAAC,MAK9C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,gCAAgC;QAC5C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,oBAAoB,EAAE,KAAK;KAC5B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,MAIpD;IACC,WAAW,CAAC;QACV,UAAU,EAAE,uCAAuC;QACnD,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -18,39 +18,4 @@ export declare function logPretoolUrlDenylistBlocked(params: {
|
|
|
18
18
|
preset?: string;
|
|
19
19
|
matchedRule: string;
|
|
20
20
|
}): void;
|
|
21
|
-
export declare function logPretoolUrlNativeAsk(params: {
|
|
22
|
-
sessionId: string;
|
|
23
|
-
toolName: string;
|
|
24
|
-
resourceId: string;
|
|
25
|
-
urlHash: string;
|
|
26
|
-
host: string | null;
|
|
27
|
-
vgeDecision?: string;
|
|
28
|
-
vgeScore?: number;
|
|
29
|
-
}): void;
|
|
30
|
-
export declare function logPretoolUrlAllowOnce(params: {
|
|
31
|
-
sessionId: string;
|
|
32
|
-
toolName: string;
|
|
33
|
-
resourceId: string;
|
|
34
|
-
urlHash: string;
|
|
35
|
-
host: string | null;
|
|
36
|
-
vgeDecision?: string;
|
|
37
|
-
vgeScore?: number;
|
|
38
|
-
}): void;
|
|
39
|
-
export declare function logPretoolUrlAllowlistedByUser(params: {
|
|
40
|
-
sessionId: string;
|
|
41
|
-
toolName: string;
|
|
42
|
-
resourceId: string;
|
|
43
|
-
urlHash: string;
|
|
44
|
-
host: string;
|
|
45
|
-
vgeDecision?: string;
|
|
46
|
-
vgeScore?: number;
|
|
47
|
-
}): void;
|
|
48
|
-
export declare function logPretoolUrlAllowlistBypass(params: {
|
|
49
|
-
sessionId: string;
|
|
50
|
-
toolName: string;
|
|
51
|
-
resourceId: string;
|
|
52
|
-
urlHash: string;
|
|
53
|
-
host: string;
|
|
54
|
-
pattern: string;
|
|
55
|
-
}): void;
|
|
56
21
|
//# sourceMappingURL=audit-pretool.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-pretool.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-pretool.ts"],"names":[],"mappings":"AAEA,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAYP;AAED,wBAAgB,4BAA4B,CAAC,MAAM,EAAE;IACnD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,GAAG,IAAI,CAaP
|
|
1
|
+
{"version":3,"file":"audit-pretool.d.ts","sourceRoot":"","sources":["../../src/daemon/audit-pretool.ts"],"names":[],"mappings":"AAEA,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAYP;AAED,wBAAgB,4BAA4B,CAAC,MAAM,EAAE;IACnD,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,GAAG,IAAI,CAaP"}
|
|
@@ -26,52 +26,4 @@ export function logPretoolUrlDenylistBlocked(params) {
|
|
|
26
26
|
enforcement_taken: 'deny',
|
|
27
27
|
});
|
|
28
28
|
}
|
|
29
|
-
export function logPretoolUrlNativeAsk(params) {
|
|
30
|
-
appendEvent({
|
|
31
|
-
event_type: 'pretool_url_native_ask',
|
|
32
|
-
session_id: params.sessionId,
|
|
33
|
-
tool_name: params.toolName,
|
|
34
|
-
resource_id: params.resourceId,
|
|
35
|
-
url_hash: params.urlHash,
|
|
36
|
-
host: params.host,
|
|
37
|
-
vge_decision: params.vgeDecision ?? null,
|
|
38
|
-
vge_score: params.vgeScore ?? null,
|
|
39
|
-
enforcement_taken: 'native_ask',
|
|
40
|
-
});
|
|
41
|
-
}
|
|
42
|
-
export function logPretoolUrlAllowOnce(params) {
|
|
43
|
-
appendEvent({
|
|
44
|
-
event_type: 'pretool_url_allow_once',
|
|
45
|
-
session_id: params.sessionId,
|
|
46
|
-
tool_name: params.toolName,
|
|
47
|
-
resource_id: params.resourceId,
|
|
48
|
-
url_hash: params.urlHash,
|
|
49
|
-
host: params.host,
|
|
50
|
-
vge_decision: params.vgeDecision ?? null,
|
|
51
|
-
vge_score: params.vgeScore ?? null,
|
|
52
|
-
});
|
|
53
|
-
}
|
|
54
|
-
export function logPretoolUrlAllowlistedByUser(params) {
|
|
55
|
-
appendEvent({
|
|
56
|
-
event_type: 'pretool_url_allowlisted_by_user',
|
|
57
|
-
session_id: params.sessionId,
|
|
58
|
-
tool_name: params.toolName,
|
|
59
|
-
resource_id: params.resourceId,
|
|
60
|
-
url_hash: params.urlHash,
|
|
61
|
-
host: params.host,
|
|
62
|
-
vge_decision: params.vgeDecision ?? null,
|
|
63
|
-
vge_score: params.vgeScore ?? null,
|
|
64
|
-
});
|
|
65
|
-
}
|
|
66
|
-
export function logPretoolUrlAllowlistBypass(params) {
|
|
67
|
-
appendEvent({
|
|
68
|
-
event_type: 'pretool_url_allowlist_bypass',
|
|
69
|
-
session_id: params.sessionId,
|
|
70
|
-
tool_name: params.toolName,
|
|
71
|
-
resource_id: params.resourceId,
|
|
72
|
-
url_hash: params.urlHash,
|
|
73
|
-
host: params.host,
|
|
74
|
-
pattern: params.pattern,
|
|
75
|
-
});
|
|
76
|
-
}
|
|
77
29
|
//# sourceMappingURL=audit-pretool.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-pretool.js","sourceRoot":"","sources":["../../src/daemon/audit-pretool.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAExD,MAAM,UAAU,oBAAoB,CAAC,MASpC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,qBAAqB;QACjC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,YAAY,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI;QACxC,SAAS,EAAE,MAAM,CAAC,QAAQ,IAAI,IAAI;QAClC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI;KAC9B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,MAS5C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,8BAA8B;QAC1C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI;QAC7B,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,iBAAiB,EAAE,MAAM;KAC1B,CAAC,CAAC;AACL,CAAC
|
|
1
|
+
{"version":3,"file":"audit-pretool.js","sourceRoot":"","sources":["../../src/daemon/audit-pretool.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAExD,MAAM,UAAU,oBAAoB,CAAC,MASpC;IACC,WAAW,CAAC;QACV,UAAU,EAAE,qBAAqB;QACjC,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,YAAY,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI;QACxC,SAAS,EAAE,MAAM,CAAC,QAAQ,IAAI,IAAI;QAClC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI;KAC9B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,MAS5C;IACC,WAAW,CAAC;QACV,UAAU,EAAE,8BAA8B;QAC1C,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI;QAC7B,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,iBAAiB,EAAE,MAAM;KAC1B,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"blocking-decision-triggers.d.ts","sourceRoot":"","sources":["../../src/daemon/blocking-decision-triggers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAmB9D,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,mBAAmB,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"blocking-decision-triggers.d.ts","sourceRoot":"","sources":["../../src/daemon/blocking-decision-triggers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAmB9D,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAahF;AAED,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAO1E;AAED,wBAAgB,sBAAsB,CAAC,SAAS,EAAE,mBAAmB,GAAG,MAAM,CAa7E"}
|
|
@@ -10,8 +10,11 @@ function hasUnavailableDecisionFlag(vgeResult) {
|
|
|
10
10
|
flag.includes('TIMEOUT'))) ?? false;
|
|
11
11
|
}
|
|
12
12
|
export function isVgeAnalysisUnavailable(vgeResult) {
|
|
13
|
-
if (vgeResult.ruleAction === 'BLOCK' ||
|
|
13
|
+
if (vgeResult.ruleAction === 'BLOCK' ||
|
|
14
|
+
vgeResult.decision === 'BLOCKED' ||
|
|
15
|
+
vgeResult.arbiterSignal === 'BLOCK') {
|
|
14
16
|
return false;
|
|
17
|
+
}
|
|
15
18
|
return (vgeResult.failOpen === true ||
|
|
16
19
|
hasUnavailableDecisionFlag(vgeResult) ||
|
|
17
20
|
hasTimeoutOnlyCategories(vgeResult));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"blocking-decision-triggers.js","sourceRoot":"","sources":["../../src/daemon/blocking-decision-triggers.ts"],"names":[],"mappings":"AAEA,SAAS,wBAAwB,CAAC,SAA8B;IAC9D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9C,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAC7D,QAAQ,KAAK,SAAS;QACtB,QAAQ,KAAK,aAAa,CAC3B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,SAA8B;IAChE,OAAO,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAC7C,IAAI,KAAK,aAAa;QACtB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC1B,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;QACzB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CACzB,CAAC,IAAI,KAAK,CAAC;AACd,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,SAA8B;IACrE,
|
|
1
|
+
{"version":3,"file":"blocking-decision-triggers.js","sourceRoot":"","sources":["../../src/daemon/blocking-decision-triggers.ts"],"names":[],"mappings":"AAEA,SAAS,wBAAwB,CAAC,SAA8B;IAC9D,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9C,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAC7D,QAAQ,KAAK,SAAS;QACtB,QAAQ,KAAK,aAAa,CAC3B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,SAA8B;IAChE,OAAO,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAC7C,IAAI,KAAK,aAAa;QACtB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC1B,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;QACzB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CACzB,CAAC,IAAI,KAAK,CAAC;AACd,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,SAA8B;IACrE,IACE,SAAS,CAAC,UAAU,KAAK,OAAO;QAChC,SAAS,CAAC,QAAQ,KAAK,SAAS;QAChC,SAAS,CAAC,aAAa,KAAK,OAAO,EACnC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,CACL,SAAS,CAAC,QAAQ,KAAK,IAAI;QAC3B,0BAA0B,CAAC,SAAS,CAAC;QACrC,wBAAwB,CAAC,SAAS,CAAC,CACpC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,SAA8B;IAC/D,IAAI,wBAAwB,CAAC,SAAS,CAAC;QAAE,OAAO,KAAK,CAAC;IACtD,OAAO,CACL,SAAS,CAAC,UAAU,KAAK,OAAO;QAChC,SAAS,CAAC,QAAQ,KAAK,SAAS;QAChC,SAAS,CAAC,aAAa,KAAK,OAAO,CACpC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,SAA8B;IACnE,IAAI,SAAS,CAAC,mBAAmB;QAAE,OAAO,SAAS,CAAC,mBAAmB,CAAC;IACxE,MAAM,KAAK,GAAG;QACZ,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE;QAC9B,SAAS,CAAC,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI;QAC5D,SAAS,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI;QAC5D,SAAS,CAAC,aAAa,KAAK,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,IAAI;QAClE,SAAS,SAAS,CAAC,KAAK,EAAE;KAC3B,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IAElD,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC;QACrB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QACnB,CAAC,CAAC,wCAAwC,CAAC;AAC/C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conversation-decision-cleanup.d.ts","sourceRoot":"","sources":["../../src/daemon/conversation-decision-cleanup.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"conversation-decision-cleanup.d.ts","sourceRoot":"","sources":["../../src/daemon/conversation-decision-cleanup.ts"],"names":[],"mappings":"AAmBA,wBAAgB,2CAA2C,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CASnF"}
|