npm - @vorim/sdk - Versions diffs - 1.0.1 → 2.0.0 - Mend

@vorim/sdk 1.0.1 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/README.md +224 -47
package/dist/integrations/crewai.cjs +141 -0
package/dist/integrations/crewai.cjs.map +1 -0
package/dist/integrations/crewai.d.cts +174 -0
package/dist/integrations/crewai.d.ts +174 -0
package/dist/integrations/crewai.js +111 -0
package/dist/integrations/crewai.js.map +1 -0
package/dist/integrations/langchain.cjs +197 -0
package/dist/integrations/langchain.cjs.map +1 -0
package/dist/integrations/langchain.d.cts +145 -0
package/dist/integrations/langchain.d.ts +145 -0
package/dist/integrations/langchain.js +169 -0
package/dist/integrations/langchain.js.map +1 -0
package/dist/integrations/llamaindex.cjs +162 -0
package/dist/integrations/llamaindex.cjs.map +1 -0
package/dist/integrations/llamaindex.d.cts +131 -0
package/dist/integrations/llamaindex.d.ts +131 -0
package/dist/integrations/llamaindex.js +134 -0
package/dist/integrations/llamaindex.js.map +1 -0
package/dist/integrations/openai.cjs +208 -0
package/dist/integrations/openai.cjs.map +1 -0
package/dist/integrations/openai.d.cts +189 -0
package/dist/integrations/openai.d.ts +189 -0
package/dist/integrations/openai.js +181 -0
package/dist/integrations/openai.js.map +1 -0
package/package.json +51 -4

package/README.md CHANGED Viewed

@@ -1,11 +1,35 @@
 # @vorim/sdk
-The official TypeScript SDK for **[Vorim AI](https://vorim.ai)** — the identity and trust layer for AI agents.
+**The identity and trust layer for AI agents.**
-Register agents with cryptographic identities, enforce scoped permissions, emit tamper-evident audit trails, and verify trust scores — all in a few lines of code.
+Register agents with cryptographic Ed25519 identities, enforce scoped permissions in under 5ms, emit tamper-evident audit trails, and verify trust scores — all in a few lines of code.
 [![npm version](https://img.shields.io/npm/v/@vorim/sdk.svg)](https://www.npmjs.com/package/@vorim/sdk)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![TypeScript](https://img.shields.io/badge/TypeScript-5.0%2B-blue.svg)](https://www.typescriptlang.org/)
+[![Node](https://img.shields.io/badge/Node.js-18%2B-green.svg)](https://nodejs.org/)
+[![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)]()
+> **[vorim.ai](https://vorim.ai)** — Create a free account and get your API key in 30 seconds.
+> **[Documentation](https://vorim.ai/docs)** — Full API reference, framework integrations, and examples.
+> **[Quick Start](https://vorim.ai/quickstart)** — Set up in under 5 minutes.
+---
+## Why Vorim?
+AI agents are shipping into production without identity, permissions, or audit trails. This is a problem:
+- **No identity** — agents share API keys. You can't tell which agent did what.
+- **No permissions** — agents get all-or-nothing access. No scoped, time-bounded controls.
+- **No audit trail** — no tamper-evident record of agent actions. Compliance teams are blind.
+- **No trust signal** — third parties can't verify an agent before interacting with it.
+Vorim solves all four. One SDK. One protocol. Ships in minutes.
+> **EU AI Act** (enforced Aug 2025) mandates traceability and audit trails for high-risk AI systems. Vorim makes your agents compliant out of the box.
+---
 ## Install
@@ -14,13 +38,14 @@ npm install @vorim/sdk
 ```
 ```bash
+# or
 yarn add @vorim/sdk
-```
-```bash
+# or
 pnpm add @vorim/sdk
 ```
+---
 ## Quick Start
 ```typescript
@@ -30,17 +55,17 @@ const vorim = createVorim({
   apiKey: "agid_sk_live_...",
 });
-// 1. Register an agent — returns Ed25519 keypair (private key shown once)
+// 1. Register an agent — Ed25519 keypair generated, private key shown once
 const { agent, private_key } = await vorim.register({
   name: "invoice-processor",
   capabilities: ["read_documents", "extract_data"],
   scopes: ["agent:read", "agent:execute"],
 });
-console.log(agent.agent_id); // agid_acme_a1b2c3d4
-console.log(agent.trust_score); // 50 (initial score)
+console.log(agent.agent_id);    // agid_acme_a1b2c3d4
+console.log(agent.trust_score); // 50 (initial)
-// 2. Check permissions before acting (sub-5ms via Redis cache)
+// 2. Check permissions before acting (<5ms via Redis)
 const { allowed } = await vorim.check(agent.agent_id, "agent:execute");
 if (allowed) {
@@ -55,31 +80,119 @@ if (allowed) {
   });
 }
-// 4. Verify any agent's trust (public API, no auth needed)
+// 4. Verify any agent's trust (public endpoint, no auth required)
 const trust = await vorim.verify(agent.agent_id);
-console.log(trust.trust_score); // 0–100
+console.log(trust.trust_score);  // 0–100
 console.log(trust.active_scopes); // ['agent:read', 'agent:execute']
 ```
-## Features
+---
-| Feature | Description |
-|---------|-------------|
-| **Cryptographic Identity** | Ed25519 keypairs with SHA-256 fingerprints for every agent |
-| **7 Permission Scopes** | `read`, `write`, `execute`, `transact`, `communicate`, `delegate`, `elevate` |
-| **Immutable Audit Trail** | ULID-ordered events with input/output content hashing |
-| **Trust Scoring** | 5-factor algorithm producing a 0–100 score |
-| **Payload Signing** | Client-side Ed25519 signatures via Web Crypto or Node.js |
-| **Dual Runtime** | Works in Node.js 18+ and modern browsers |
-| **Zero Dependencies** | Types are bundled — no external dependencies |
+## Framework Integration
+### LangChain
+```typescript
+import createVorim from "@vorim/sdk";
+import { ChatOpenAI } from "@langchain/openai";
+import { AgentExecutor } from "langchain/agents";
+const vorim = createVorim({ apiKey: "agid_sk_live_..." });
+// Register your LangChain agent with Vorim
+const { agent: identity } = await vorim.register({
+  name: "langchain-research-agent",
+  capabilities: ["web_browsing", "api_calls"],
+  scopes: ["agent:read", "agent:execute", "agent:communicate"],
+});
+// Check permissions before every tool call
+async function guardedToolCall(toolName: string, input: any) {
+  const { allowed } = await vorim.check(identity.agent_id, "agent:execute");
+  if (!allowed) throw new Error("Permission denied by Vorim");
+  const result = await executeTool(toolName, input);
+  // Audit every action
+  await vorim.emit({
+    agent_id: identity.agent_id,
+    event_type: "tool_call",
+    action: `${toolName}: ${JSON.stringify(input)}`,
+    result: "success",
+  });
+  return result;
+}
+```
+### CrewAI
+```typescript
+import createVorim from "@vorim/sdk";
+const vorim = createVorim({ apiKey: "agid_sk_live_..." });
+// Register each crew member as a Vorim agent
+const researcher = await vorim.register({
+  name: "crew-researcher",
+  capabilities: ["web_browsing"],
+  scopes: ["agent:read"],
+});
+const writer = await vorim.register({
+  name: "crew-writer",
+  capabilities: ["file_access"],
+  scopes: ["agent:read", "agent:write"],
+});
+// Verify permissions before delegation
+const { allowed } = await vorim.check(writer.agent.agent_id, "agent:write");
+```
+### OpenAI Agents SDK
+```typescript
+import createVorim from "@vorim/sdk";
+import OpenAI from "openai";
+const vorim = createVorim({ apiKey: "agid_sk_live_..." });
+const openai = new OpenAI();
+// Register your OpenAI agent
+const { agent: identity } = await vorim.register({
+  name: "openai-assistant",
+  capabilities: ["api_calls", "code_execution"],
+  scopes: ["agent:read", "agent:execute"],
+});
+// Wrap function calls with Vorim permission checks
+async function handleFunctionCall(call: any) {
+  const { allowed } = await vorim.check(identity.agent_id, "agent:execute");
+  if (!allowed) return { error: "Blocked by Vorim trust layer" };
+  const result = await executeFunction(call);
+  await vorim.emit({
+    agent_id: identity.agent_id,
+    event_type: "tool_call",
+    action: call.name,
+    resource: JSON.stringify(call.arguments),
+    result: "success",
+  });
+  return result;
+}
+```
+---
 ## API Reference
 ### Identity
 ```typescript
-// Register a new agent (returns keypair — private key shown once)
-const result = await vorim.register({
+// Register a new agent (private key returned once — store it securely)
+const { agent, private_key } = await vorim.register({
   name: "my-agent",
   description: "Processes invoices",
   capabilities: ["read_documents"],
@@ -99,20 +212,20 @@ await vorim.revoke("agid_acme_a1b2c3d4");
 ### Permissions
 ```typescript
-// Check if an agent has a specific permission
+// Check if an agent has a specific permission (<5ms)
 const { allowed, remaining_quota } = await vorim.check(
   "agid_acme_a1b2c3d4",
   "agent:execute"
 );
-// Grant a time-bounded permission with rate limiting
+// Grant a time-bounded, rate-limited permission
 await vorim.grant("agid_acme_a1b2c3d4", "agent:transact", {
   valid_until: "2026-06-01T00:00:00Z",
   rate_limit: { max: 100, window: "1h" },
 });
 ```
-### Permission Scopes
+#### Permission Scopes
 | Scope | Description |
 |-------|-------------|
@@ -151,16 +264,16 @@ await vorim.emitBatch([
 // Public endpoint — no API key required
 const trust = await vorim.verify("agid_acme_a1b2c3d4");
-console.log(trust.verified);          // true
-console.log(trust.trust_score);       // 82
-console.log(trust.status);            // 'active'
-console.log(trust.owner.org_name);    // 'Acme Corp'
-console.log(trust.active_scopes);     // ['agent:read', 'agent:execute']
-console.log(trust.key_fingerprint);   // 'a1b2c3d4...'
-console.log(trust.revocation_status); // false
+trust.verified;          // true
+trust.trust_score;       // 82
+trust.status;            // 'active'
+trust.owner.org_name;    // 'Acme Corp'
+trust.active_scopes;     // ['agent:read', 'agent:execute']
+trust.key_fingerprint;   // 'a1b2c3d4...'
+trust.revocation_status; // false
 ```
-**Trust Score Factors:**
+**Trust score factors:**
 - Agent status (active, suspended, revoked)
 - Account age (older = more trusted)
 - Success rate over last 30 days
@@ -170,7 +283,7 @@ console.log(trust.revocation_status); // false
 ### Payload Signing
 ```typescript
-// Sign a payload with the agent's Ed25519 private key
+// Sign a payload with the agent's Ed25519 private key (client-side)
 const signature = await vorim.sign(
   JSON.stringify({ action: "transfer", amount: 500 }),
   privateKeyPem
@@ -187,20 +300,43 @@ await vorim.emit({
 });
 ```
+### Embeddable Trust Badge
+Every registered agent gets a public SVG trust badge you can embed anywhere:
+```html
+<!-- Embed in your docs, landing page, or agent marketplace listing -->
+<img src="https://api.vorim.ai/v1/trust/badge/agid_acme_a1b2c3d4.svg" alt="Vorim Trust Badge" />
+```
+The badge displays the agent's current trust score and updates in real-time. Use it to signal trust to end users, partners, and other agents.
+---
 ## Configuration
 ```typescript
 import createVorim from "@vorim/sdk";
 const vorim = createVorim({
-  apiKey: "agid_sk_live_...",          // Required
-  baseUrl: "https://api.vorim.ai",    // Optional (default)
-  timeout: 10000,                      // Optional — ms (default: 10000)
+  apiKey: "agid_sk_live_...",         // Required — your Vorim API key
+  baseUrl: "https://api.vorim.ai",   // Optional (default)
+  timeout: 10000,                     // Optional — request timeout in ms (default: 10000)
 });
 ```
+| Option | Type | Default | Description |
+|--------|------|---------|-------------|
+| `apiKey` | `string` | — | Your Vorim API key (`agid_sk_live_...` or `agid_sk_test_...`) |
+| `baseUrl` | `string` | `https://api.vorim.ai` | API base URL (override for self-hosted) |
+| `timeout` | `number` | `10000` | Request timeout in milliseconds |
+---
 ## Error Handling
+All errors throw `VorimError` with structured fields:
 ```typescript
 import createVorim, { VorimError } from "@vorim/sdk";
@@ -208,24 +344,65 @@ try {
   await vorim.check("invalid_id", "agent:read");
 } catch (err) {
   if (err instanceof VorimError) {
-    console.log(err.status);   // 404
-    console.log(err.code);     // 'AGENT_NOT_FOUND'
-    console.log(err.message);  // 'Agent invalid_id not found in the trust registry'
-    console.log(err.details);  // Additional error context
+    err.status;   // 404
+    err.code;     // 'AGENT_NOT_FOUND'
+    err.message;  // 'Agent invalid_id not found in the trust registry'
+    err.details;  // Additional context (optional)
   }
 }
 ```
+| Error Code | Status | Meaning |
+|-----------|--------|---------|
+| `INVALID_CREDENTIALS` | 401 | Bad or expired API key |
+| `AGENT_NOT_FOUND` | 404 | Agent ID doesn't exist |
+| `PERMISSION_DENIED` | 403 | Agent lacks required scope |
+| `RATE_LIMITED` | 429 | Too many requests |
+| `VALIDATION_ERROR` | 400 | Invalid request payload |
+---
+## Features
+| Feature | Details |
+|---------|---------|
+| **Cryptographic Identity** | Ed25519 keypairs with SHA-256 fingerprints |
+| **7 Permission Scopes** | `read`, `write`, `execute`, `transact`, `communicate`, `delegate`, `elevate` |
+| **Immutable Audit Trail** | Append-only events with content hashing |
+| **Trust Scoring** | 5-factor algorithm producing a 0–100 score |
+| **Payload Signing** | Client-side Ed25519 via Web Crypto or Node.js crypto |
+| **Dual Runtime** | Node.js 18+ and modern browsers |
+| **Zero Dependencies** | Types bundled — nothing extra to install |
+| **ESM + CJS** | Dual module output for any bundler or runtime |
+---
 ## Protocol
-`@vorim/sdk` implements the [Vorim Agent Identity Protocol (VAIP)](https://github.com/Kzino/vorim-protocol) — an open standard for AI agent identity, permissions, and cryptographic audit trails.
+This SDK implements the **[Vorim Agent Identity Protocol (VAIP)](https://github.com/Kzino/vorim-protocol)** — an open standard for AI agent identity, permissions, and cryptographic audit trails.
-Read the full specification: [SPEC.md](https://github.com/Kzino/vorim-protocol/blob/main/SPEC.md)
+VAIP defines 5 conformance levels, from basic identity to full cryptographic signing. The protocol is open-source under Apache 2.0 — anyone can implement it.
+Read the full specification: **[SPEC.md](https://github.com/Kzino/vorim-protocol/blob/main/SPEC.md)**
+---
 ## Requirements
-- Node.js 18+ or modern browser with Web Crypto API
-- TypeScript 5.0+ (optional, but recommended)
+- **Node.js** 18+ or modern browser with Web Crypto API
+- **TypeScript** 5.0+ (optional but recommended)
+---
+## Links
+- **Website:** [vorim.ai](https://vorim.ai)
+- **Protocol Spec:** [github.com/Kzino/vorim-protocol](https://github.com/Kzino/vorim-protocol)
+- **npm:** [@vorim/sdk](https://www.npmjs.com/package/@vorim/sdk)
+- **X:** [@vorim_ai_x](https://x.com/vorim_ai_x)
+- **Issues:** [GitHub Issues](https://github.com/Kzino/vorim-protocol/issues)
+---
 ## License
@@ -233,4 +410,4 @@ MIT — see [LICENSE](LICENSE) for details.
 ---
-Built by [Vorim AI](https://vorim.ai)
+Built by **[Vorim AI](https://vorim.ai)**

package/dist/integrations/crewai.cjs ADDED Viewed

@@ -0,0 +1,141 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/integrations/crewai.ts
+var crewai_exports = {};
+__export(crewai_exports, {
+  checkCrewPermission: () => checkCrewPermission,
+  checkDelegationPermission: () => checkDelegationPermission,
+  emitCrewRunEvents: () => emitCrewRunEvents,
+  emitCrewTaskEvent: () => emitCrewTaskEvent,
+  registerCrew: () => registerCrew,
+  verifyCrewTrust: () => verifyCrewTrust
+});
+module.exports = __toCommonJS(crewai_exports);
+async function registerCrew(vorim, manifest) {
+  const members = [];
+  for (const member of manifest.members) {
+    const scopes = [...member.scopes];
+    if (member.allowDelegation && !scopes.includes("agent:delegate")) {
+      scopes.push("agent:delegate");
+    }
+    const registration = await vorim.register({
+      name: member.name,
+      description: member.description ?? `CrewAI ${member.role} \u2014 ${manifest.crewName}`,
+      capabilities: member.capabilities,
+      scopes
+    });
+    members.push({
+      role: member.role,
+      agentId: registration.agent.agent_id,
+      registration,
+      privateKey: registration.private_key
+    });
+  }
+  return {
+    crewName: manifest.crewName,
+    members,
+    getMember(role) {
+      return members.find((m) => m.role === role);
+    },
+    agentIds() {
+      return members.map((m) => m.agentId);
+    }
+  };
+}
+async function emitCrewTaskEvent(vorim, event) {
+  const auditEvent = {
+    agent_id: event.agentId,
+    event_type: event.tool ? "tool_call" : "api_request",
+    action: event.task,
+    resource: event.tool,
+    result: event.result,
+    latency_ms: event.latencyMs,
+    error_code: event.error ? "CREW_TASK_ERROR" : void 0,
+    metadata: {
+      framework: "crewai",
+      role: event.role,
+      ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
+      ...event.error ? { error: event.error } : {},
+      ...event.metadata
+    }
+  };
+  await vorim.emit(auditEvent);
+}
+async function emitCrewRunEvents(vorim, events) {
+  const auditEvents = events.map((event) => ({
+    agent_id: event.agentId,
+    event_type: event.tool ? "tool_call" : "api_request",
+    action: event.task,
+    resource: event.tool,
+    result: event.result,
+    latency_ms: event.latencyMs,
+    error_code: event.error ? "CREW_TASK_ERROR" : void 0,
+    metadata: {
+      framework: "crewai",
+      role: event.role,
+      ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
+      ...event.error ? { error: event.error } : {},
+      ...event.metadata
+    }
+  }));
+  return vorim.emitBatch(auditEvents);
+}
+async function checkCrewPermission(vorim, crew, role, scope) {
+  const member = crew.getMember(role);
+  if (!member) {
+    return { allowed: false, reason: `Unknown crew member: ${role}` };
+  }
+  return vorim.check(member.agentId, scope);
+}
+async function checkDelegationPermission(vorim, crew, fromRole, toRole) {
+  const from = crew.getMember(fromRole);
+  const to = crew.getMember(toRole);
+  if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };
+  if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };
+  const result = await vorim.check(from.agentId, "agent:delegate");
+  if (!result.allowed) {
+    return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };
+  }
+  return { allowed: true };
+}
+async function verifyCrewTrust(vorim, crew) {
+  const results = await Promise.all(
+    crew.members.map(async (member) => {
+      const trust = await vorim.verify(member.agentId);
+      return {
+        role: member.role,
+        agentId: member.agentId,
+        trustScore: trust.trust_score,
+        status: trust.status
+      };
+    })
+  );
+  return results;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  checkCrewPermission,
+  checkDelegationPermission,
+  emitCrewRunEvents,
+  emitCrewTaskEvent,
+  registerCrew,
+  verifyCrewTrust
+});
+//# sourceMappingURL=crewai.cjs.map

package/dist/integrations/crewai.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/integrations/crewai.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — CrewAI Integration\n// CrewAI is Python-only, so this module provides:\n// 1. A TypeScript helper for managing CrewAI agent identities via Vorim\n// 2. Audit utilities for logging crew task execution\n// 3. A \"crew manifest\" pattern for registering entire crews at once\n//\n// Use this from a TypeScript orchestration layer that triggers CrewAI\n// runs via REST, CLI, or subprocess. For native Python integration,\n// use the Vorim REST API directly (see docs).\n//\n// No peer dependencies required — uses @vorim/sdk only.\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type {\n PermissionScope, AuditEventInput, AgentRegistrationResult,\n} from '../types.js';\n\n// ─── Crew Configuration ──────────────────────────────────────────────────\n\nexport interface CrewMemberConfig {\n /** Unique role name within the crew (e.g. \"researcher\", \"writer\"). */\n role: string;\n /** Display name for the Vorim agent. */\n name: string;\n /** Description of this crew member's responsibilities. */\n description?: string;\n /** Tools this agent can use (e.g. [\"web_search\", \"file_read\"]). */\n capabilities: string[];\n /** Permission scopes to grant. */\n scopes: PermissionScope[];\n /** Whether this agent can delegate to other crew members. */\n allowDelegation?: boolean;\n}\n\nexport interface CrewManifest {\n /** Name for the overall crew. */\n crewName: string;\n /** Members of the crew. */\n members: CrewMemberConfig[];\n /** Optional metadata for the crew. */\n metadata?: Record<string, unknown>;\n}\n\nexport interface RegisteredCrewMember {\n role: string;\n agentId: string;\n registration: AgentRegistrationResult;\n privateKey: string;\n}\n\nexport interface RegisteredCrew {\n crewName: string;\n members: RegisteredCrewMember[];\n /** Lookup a member by role. */\n getMember(role: string): RegisteredCrewMember | undefined;\n /** Get all agent IDs in the crew. */\n agentIds(): string[];\n}\n\n// ─── Crew Registration ──────────────────────────────────────────────────\n\n/**\n * Registers an entire CrewAI crew with Vorim. Each crew member gets a\n * unique Vorim agent identity with Ed25519 keypair and scoped permissions.\n *\n * @example\n * ```ts\n * import createVorim from \"@vorim/sdk\";\n * import { registerCrew } from \"@vorim/sdk/integrations/crewai\";\n *\n * const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n *\n * const crew = await registerCrew(vorim, {\n * crewName: \"content-pipeline\",\n * members: [\n * {\n * role: \"researcher\",\n * name: \"crew-researcher\",\n * capabilities: [\"web_search\", \"summarization\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * },\n * {\n * role: \"writer\",\n * name: \"crew-writer\",\n * capabilities: [\"file_write\", \"formatting\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * },\n * {\n * role: \"editor\",\n * name: \"crew-editor\",\n * capabilities: [\"review\", \"approval\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * allowDelegation: true,\n * },\n * ],\n * });\n *\n * // Access individual members\n * const researcher = crew.getMember(\"researcher\");\n * console.log(researcher.agentId); // agid_acme_...\n *\n * // Grant delegation permission to editor\n * // (done automatically if allowDelegation is true)\n * ```\n */\nexport async function registerCrew(\n vorim: VorimSDK,\n manifest: CrewManifest,\n): Promise<RegisteredCrew> {\n const members: RegisteredCrewMember[] = [];\n\n for (const member of manifest.members) {\n const scopes = [...member.scopes];\n\n // Auto-add delegate scope if delegation is allowed\n if (member.allowDelegation && !scopes.includes('agent:delegate')) {\n scopes.push('agent:delegate');\n }\n\n const registration = await vorim.register({\n name: member.name,\n description: member.description ?? `CrewAI ${member.role} — ${manifest.crewName}`,\n capabilities: member.capabilities,\n scopes,\n });\n\n members.push({\n role: member.role,\n agentId: registration.agent.agent_id,\n registration,\n privateKey: registration.private_key,\n });\n }\n\n return {\n crewName: manifest.crewName,\n members,\n getMember(role: string) {\n return members.find(m => m.role === role);\n },\n agentIds() {\n return members.map(m => m.agentId);\n },\n };\n}\n\n// ─── Task Audit ──────────────────────────────────────────────────────────\n\nexport interface CrewTaskEvent {\n /** The role of the crew member performing the task. */\n role: string;\n /** The Vorim agent_id (looked up from the crew). */\n agentId: string;\n /** Task description or name. */\n task: string;\n /** Tool used (if any). */\n tool?: string;\n /** Result of the action. */\n result: 'success' | 'denied' | 'error';\n /** Duration in milliseconds. */\n latencyMs?: number;\n /** Error details if result is 'error'. */\n error?: string;\n /** Whether this was a delegation to another crew member. */\n delegatedTo?: string;\n /** Additional context. */\n metadata?: Record<string, unknown>;\n}\n\n/**\n * Emits a Vorim audit event for a CrewAI task execution.\n * Call this from your orchestration layer after each CrewAI step completes.\n *\n * @example\n * ```ts\n * import { emitCrewTaskEvent } from \"@vorim/sdk/integrations/crewai\";\n *\n * // After a CrewAI task completes\n * await emitCrewTaskEvent(vorim, {\n * role: \"researcher\",\n * agentId: crew.getMember(\"researcher\").agentId,\n * task: \"research_competitors\",\n * tool: \"web_search\",\n * result: \"success\",\n * latencyMs: 3200,\n * });\n * ```\n */\nexport async function emitCrewTaskEvent(\n vorim: VorimSDK,\n event: CrewTaskEvent,\n): Promise<void> {\n const auditEvent: AuditEventInput = {\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n };\n\n await vorim.emit(auditEvent);\n}\n\n/**\n * Emits audit events for an entire crew run (batch of task results).\n *\n * @example\n * ```ts\n * await emitCrewRunEvents(vorim, [\n * { role: \"researcher\", agentId: \"...\", task: \"research\", result: \"success\" },\n * { role: \"writer\", agentId: \"...\", task: \"draft_article\", result: \"success\" },\n * { role: \"editor\", agentId: \"...\", task: \"review\", result: \"success\" },\n * ]);\n * ```\n */\nexport async function emitCrewRunEvents(\n vorim: VorimSDK,\n events: CrewTaskEvent[],\n): Promise<{ ingested: number }> {\n const auditEvents: AuditEventInput[] = events.map(event => ({\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n }));\n\n return vorim.emitBatch(auditEvents);\n}\n\n// ─── Permission Helpers ──────────────────────────────────────────────────\n\n/**\n * Check if a crew member has permission before executing a task.\n * Returns the check result — does not throw.\n *\n * @example\n * ```ts\n * const { allowed } = await checkCrewPermission(vorim, crew, \"writer\", \"agent:write\");\n * if (!allowed) {\n * console.log(\"Writer lacks write permission\");\n * }\n * ```\n */\nexport async function checkCrewPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n role: string,\n scope: PermissionScope,\n): Promise<{ allowed: boolean; reason?: string }> {\n const member = crew.getMember(role);\n if (!member) {\n return { allowed: false, reason: `Unknown crew member: ${role}` };\n }\n return vorim.check(member.agentId, scope);\n}\n\n/**\n * Check if delegation between two crew members is permitted.\n * The delegating agent must have the `agent:delegate` scope.\n */\nexport async function checkDelegationPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n fromRole: string,\n toRole: string,\n): Promise<{ allowed: boolean; reason?: string }> {\n const from = crew.getMember(fromRole);\n const to = crew.getMember(toRole);\n if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };\n if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };\n\n const result = await vorim.check(from.agentId, 'agent:delegate');\n if (!result.allowed) {\n return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };\n }\n return { allowed: true };\n}\n\n// ─── Trust Verification ──────────────────────────────────────────────────\n\n/**\n * Verify trust scores for all members of a crew.\n * Useful before starting a crew run to ensure all agents are active and trusted.\n */\nexport async function verifyCrewTrust(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n): Promise<{ role: string; agentId: string; trustScore: number; status: string }[]> {\n const results = await Promise.all(\n crew.members.map(async (member) => {\n const trust = await vorim.verify(member.agentId);\n return {\n role: member.role,\n agentId: member.agentId,\n trustScore: trust.trust_score,\n status: trust.status,\n };\n }),\n );\n return results;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA2GA,eAAsB,aACpB,OACA,UACyB;AACzB,QAAM,UAAkC,CAAC;AAEzC,aAAW,UAAU,SAAS,SAAS;AACrC,UAAM,SAAS,CAAC,GAAG,OAAO,MAAM;AAGhC,QAAI,OAAO,mBAAmB,CAAC,OAAO,SAAS,gBAAgB,GAAG;AAChE,aAAO,KAAK,gBAAgB;AAAA,IAC9B;AAEA,UAAM,eAAe,MAAM,MAAM,SAAS;AAAA,MACxC,MAAM,OAAO;AAAA,MACb,aAAa,OAAO,eAAe,UAAU,OAAO,IAAI,WAAM,SAAS,QAAQ;AAAA,MAC/E,cAAc,OAAO;AAAA,MACrB;AAAA,IACF,CAAC;AAED,YAAQ,KAAK;AAAA,MACX,MAAM,OAAO;AAAA,MACb,SAAS,aAAa,MAAM;AAAA,MAC5B;AAAA,MACA,YAAY,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAEA,SAAO;AAAA,IACL,UAAU,SAAS;AAAA,IACnB;AAAA,IACA,UAAU,MAAc;AACtB,aAAO,QAAQ,KAAK,OAAK,EAAE,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,WAAW;AACT,aAAO,QAAQ,IAAI,OAAK,EAAE,OAAO;AAAA,IACnC;AAAA,EACF;AACF;AA4CA,eAAsB,kBACpB,OACA,OACe;AACf,QAAM,aAA8B;AAAA,IAClC,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF;AAEA,QAAM,MAAM,KAAK,UAAU;AAC7B;AAcA,eAAsB,kBACpB,OACA,QAC+B;AAC/B,QAAM,cAAiC,OAAO,IAAI,YAAU;AAAA,IAC1D,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF,EAAE;AAEF,SAAO,MAAM,UAAU,WAAW;AACpC;AAgBA,eAAsB,oBACpB,OACA,MACA,MACA,OACgD;AAChD,QAAM,SAAS,KAAK,UAAU,IAAI;AAClC,MAAI,CAAC,QAAQ;AACX,WAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,IAAI,GAAG;AAAA,EAClE;AACA,SAAO,MAAM,MAAM,OAAO,SAAS,KAAK;AAC1C;AAMA,eAAsB,0BACpB,OACA,MACA,UACA,QACgD;AAChD,QAAM,OAAO,KAAK,UAAU,QAAQ;AACpC,QAAM,KAAK,KAAK,UAAU,MAAM;AAChC,MAAI,CAAC,KAAM,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,QAAQ,GAAG;AAC/E,MAAI,CAAC,GAAI,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,MAAM,GAAG;AAE3E,QAAM,SAAS,MAAM,MAAM,MAAM,KAAK,SAAS,gBAAgB;AAC/D,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,EAAE,SAAS,OAAO,QAAQ,GAAG,QAAQ,mCAAmC;AAAA,EACjF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;AAQA,eAAsB,gBACpB,OACA,MACkF;AAClF,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,KAAK,QAAQ,IAAI,OAAO,WAAW;AACjC,YAAM,QAAQ,MAAM,MAAM,OAAO,OAAO,OAAO;AAC/C,aAAO;AAAA,QACL,MAAM,OAAO;AAAA,QACb,SAAS,OAAO;AAAA,QAChB,YAAY,MAAM;AAAA,QAClB,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;","names":[]}