npm - @vorim/sdk - Versions diffs - 3.0.2 → 3.2.0 - Mend

@vorim/sdk 3.0.2 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/README.md +27 -10
package/dist/index.cjs +268 -10
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +300 -4
package/dist/index.d.ts +300 -4
package/dist/index.js +256 -9
package/dist/index.js.map +1 -1
package/dist/integrations/anthropic.cjs +108 -4
package/dist/integrations/anthropic.cjs.map +1 -1
package/dist/integrations/anthropic.d.cts +13 -2
package/dist/integrations/anthropic.d.ts +13 -2
package/dist/integrations/anthropic.js +96 -4
package/dist/integrations/anthropic.js.map +1 -1
package/dist/integrations/crewai.cjs +8 -2
package/dist/integrations/crewai.cjs.map +1 -1
package/dist/integrations/crewai.d.cts +18 -0
package/dist/integrations/crewai.d.ts +18 -0
package/dist/integrations/crewai.js +8 -2
package/dist/integrations/crewai.js.map +1 -1
package/dist/integrations/langchain.cjs +140 -10
package/dist/integrations/langchain.cjs.map +1 -1
package/dist/integrations/langchain.d.cts +23 -2
package/dist/integrations/langchain.d.ts +23 -2
package/dist/integrations/langchain.js +128 -10
package/dist/integrations/langchain.js.map +1 -1
package/dist/integrations/llamaindex.cjs +96 -4
package/dist/integrations/llamaindex.cjs.map +1 -1
package/dist/integrations/llamaindex.d.cts +7 -1
package/dist/integrations/llamaindex.d.ts +7 -1
package/dist/integrations/llamaindex.js +84 -4
package/dist/integrations/llamaindex.js.map +1 -1
package/dist/integrations/openai.cjs +108 -4
package/dist/integrations/openai.cjs.map +1 -1
package/dist/integrations/openai.d.cts +15 -2
package/dist/integrations/openai.d.ts +15 -2
package/dist/integrations/openai.js +96 -4
package/dist/integrations/openai.js.map +1 -1
package/package.json +2 -2

package/dist/integrations/anthropic.js CHANGED Viewed

@@ -1,3 +1,69 @@
+// src/replay.ts
+function jcsCanonicalise(value) {
+  if (value === null) return "null";
+  if (value === true) return "true";
+  if (value === false) return "false";
+  if (typeof value === "number") {
+    if (!Number.isFinite(value)) {
+      throw new Error("jcsCanonicalise: NaN and Infinity are not JCS-valid");
+    }
+    return value.toString();
+  }
+  if (typeof value === "string") {
+    return JSON.stringify(value);
+  }
+  if (Array.isArray(value)) {
+    return "[" + value.map(jcsCanonicalise).join(",") + "]";
+  }
+  if (typeof value === "object") {
+    const keys = Object.keys(value).sort();
+    const parts = keys.map((k) => {
+      return JSON.stringify(k) + ":" + jcsCanonicalise(value[k]);
+    });
+    return "{" + parts.join(",") + "}";
+  }
+  throw new Error(`jcsCanonicalise: unsupported value type: ${typeof value}`);
+}
+async function sha256Hex(input) {
+  const bytes = typeof input === "string" ? new TextEncoder().encode(input) : input;
+  const subtle = globalThis.crypto?.subtle;
+  if (subtle) {
+    const buf = await subtle.digest("SHA-256", bytes);
+    return Array.from(new Uint8Array(buf)).map((b) => b.toString(16).padStart(2, "0")).join("");
+  }
+  const nodeCrypto = await import("crypto");
+  return nodeCrypto.createHash("sha256").update(bytes).digest("hex");
+}
+async function hashTool(tool) {
+  const normalised = {
+    name: tool.name,
+    description: tool.description ?? "",
+    schema: tool.schema ?? {}
+  };
+  const hex = await sha256Hex(jcsCanonicalise(normalised));
+  return `sha256:${hex}`;
+}
+async function hashToolCatalogue(tools) {
+  if (tools.length === 0) {
+    return `sha256:${await sha256Hex("[]")}`;
+  }
+  const perTool = await Promise.all(tools.map(hashTool));
+  perTool.sort();
+  const hex = await sha256Hex(perTool.join(""));
+  return `sha256:${hex}`;
+}
+async function hashSystemPrompt(prompt) {
+  const hex = await sha256Hex(prompt);
+  return `sha256:${hex}`;
+}
+async function prepareReplayContext(inputs) {
+  const ctx = {};
+  if (inputs.modelVersion) ctx.model_version = inputs.modelVersion;
+  if (inputs.tools) ctx.tool_catalogue_hash = await hashToolCatalogue(inputs.tools);
+  if (inputs.systemPrompt) ctx.system_prompt_hash = await hashSystemPrompt(inputs.systemPrompt);
+  return ctx;
+}
 // src/integrations/anthropic.ts
 var VorimToolRegistry = class {
   vorim;
@@ -5,15 +71,37 @@ var VorimToolRegistry = class {
   defaultPermission;
   asyncAudit;
   tools = /* @__PURE__ */ new Map();
+  replayInputs;
+  replayCache = null;
   constructor(config) {
     this.vorim = config.vorim;
     this.agentId = config.agentId;
     this.defaultPermission = config.defaultPermission ?? "agent:execute";
     this.asyncAudit = config.asyncAudit ?? true;
+    this.replayInputs = config.replay;
+  }
+  async getReplayContext() {
+    if (!this.replayInputs) return {};
+    if (!this.replayCache) {
+      const inputs = {
+        ...this.replayInputs,
+        tools: this.replayInputs.tools ?? this.deriveCatalogue()
+      };
+      this.replayCache = prepareReplayContext(inputs);
+    }
+    return this.replayCache;
+  }
+  deriveCatalogue() {
+    return [...this.tools.values()].map((t) => ({
+      name: t.name,
+      description: t.description,
+      schema: t.input_schema
+    }));
   }
-  /** Register a tool. */
+  /** Register a tool. Invalidates the cached tool-catalogue hash. */
   add(definition) {
     this.tools.set(definition.name, definition);
+    this.replayCache = null;
     return this;
   }
   /** Register multiple tools. */
@@ -51,6 +139,7 @@ var VorimToolRegistry = class {
     }
     const scope = definition.permission ?? this.defaultPermission;
     const { allowed, reason } = await this.vorim.check(this.agentId, scope);
+    const replayCtx = await this.getReplayContext();
     if (!allowed) {
       const event = {
         agent_id: this.agentId,
@@ -59,7 +148,8 @@ var VorimToolRegistry = class {
         resource: truncate(JSON.stringify(block.input), 500),
         permission: scope,
         result: "denied",
-        metadata: { reason, framework: "anthropic" }
+        metadata: { reason, framework: "anthropic" },
+        ...replayCtx
       };
       this.emitAudit(event);
       return {
@@ -81,7 +171,8 @@ var VorimToolRegistry = class {
         permission: scope,
         result: "success",
         latency_ms: Date.now() - start,
-        metadata: { framework: "anthropic" }
+        metadata: { framework: "anthropic" },
+        ...replayCtx
       };
       this.emitAudit(event);
       return { type: "tool_result", tool_use_id: block.id, content };
@@ -96,7 +187,8 @@ var VorimToolRegistry = class {
         result: "error",
         latency_ms: Date.now() - start,
         error_code: err instanceof Error ? err.name : "UNKNOWN",
-        metadata: { error: errMsg, framework: "anthropic" }
+        metadata: { error: errMsg, framework: "anthropic" },
+        ...replayCtx
       };
       this.emitAudit(event);
       return {

package/dist/integrations/anthropic.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../src/integrations/anthropic.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /** Tool name (must match the tool name sent to Claude). /\n name: string;\n /* Description shown to Claude. /\n description: string;\n /* JSON Schema for the tool's input. /\n input_schema: Record<string, unknown>;\n /* The function to execute when the tool is called. /\n execute: (args: TArgs) => Promise<TResult>;\n /* Vorim permission scope required. @default 'agent:execute' /\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /* Vorim SDK instance. /\n vorim: VorimSDK;\n /* The Vorim agent_id. /\n agentId: string;\n /* Default permission scope for tools without an explicit one. @default 'agent:execute' /\n defaultPermission?: PermissionScope;\n /* Whether to emit audit events asynchronously (fire-and-forget). @default true /\n asyncAudit?: boolean;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/\n Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n \n @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n \n const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n \n registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n \n const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n \n // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n /\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n }\n\n /* Register a tool. /\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n return this;\n }\n\n /* Register multiple tools. /\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /* Convert registered tools to Anthropic's tool format. /\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /\n Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n /\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/* Minimal Anthropic client interface (avoids importing the full SDK). /\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /* Anthropic client instance. /\n anthropic: AnthropicClient;\n /* Model to use. @default 'claude-sonnet-4-20250514' /\n model?: string;\n /* System prompt for the agent. /\n systemPrompt?: string;\n /* Maximum tool-use iterations before stopping. @default 10 /\n maxIterations?: number;\n /* Max tokens per response. @default 1024 /\n maxTokens?: number;\n}\n\n/\n Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n \n @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n \n const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n \n const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n /\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' \|\| response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') \|\| '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/\n Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n \n @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n"],"mappings":";AA0GO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AAAA,EACzC;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AAEtE,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,MAC7C;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,MACrC;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,MACpD;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}
1	+ {"version":3,"sources":["../../src/replay.ts","../../src/integrations/anthropic.ts"],"sourcesContent":["/*\n Replayable agent decision evidence helpers.\n \n Canonical-form hashing for the VAIP -02 schema fields that the SDK\n * attaches to audit events. The hashes recorded in audit_events.tool_catalogue_hash\n * and audit_events.system_prompt_hash use these functions, so the bytes\n * an auditor or counterparty reconstructs must match what the SDK produced.\n \n These helpers are intentionally separate from the signing path. The\n * v0 canonical signature form (event_type\|action\|resource\|input_hash\|\n * output_hash\|result) does NOT cover model_version, tool_catalogue_hash,\n * or system_prompt_hash. They will enter the canonical bytes in v1\n * (RFC 8785 JCS) in a follow-up release.\n \n Stable across SDK versions: the canonical-form version is documented\n * in CANONICAL_TOOL_CATALOGUE_VERSION. Future changes get a v2 etc;\n * never edit the existing v1 logic, or already-recorded hashes lose\n * their meaning.\n /\n\n// ─── Versioning ───────────────────────────────────────────────────────────\n\n/\n Canonical-form version for tool catalogue hashes produced by this SDK.\n * Recorded in tool_catalogue_canon_version on the event metadata (when\n * the metadata field is used) so verifiers know which hash recipe to\n * reproduce. Increment ONLY if the algorithm changes in a way that\n * would change the hash for the same logical catalogue.\n /\nexport const CANONICAL_TOOL_CATALOGUE_VERSION = 'v1' as const;\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\n/\n Minimum shape a tool needs for catalogue hashing. The framework\n * integrations adapt their native tool objects to this shape before\n * calling hashToolCatalogue.\n /\nexport interface CatalogueTool {\n /* The name the model sees and calls. Required. /\n name: string;\n /* Human-readable description shown to the model. Optional; absent ↔ empty string. /\n description?: string;\n /\n JSON Schema describing the tool's input parameters. Optional;\n * absent ↔ empty object `{}`. The schema gets RFC 8785 JCS-canonicalised\n * before hashing so semantically-equivalent variations (key order,\n * whitespace) produce the same hash.\n /\n schema?: Record<string, unknown> \| null;\n}\n\n// ─── RFC 8785 JCS subset ──────────────────────────────────────────────────\n\n/\n RFC 8785 JSON Canonicalization Scheme, sufficient subset for tool\n * catalogue values.\n \n Rules:\n * - Object keys sorted lexicographically by UTF-16 code units (which\n * is what JS string comparison does naturally).\n * - No whitespace between tokens.\n * - Numbers: integers as integers, finite floats per ECMAScript\n * Number.prototype.toString. JCS forbids NaN and Infinity.\n * - Strings: JSON-escape using minimal set per RFC 8259 § 7.\n * - null, true, false, arrays: as JSON.stringify produces them, since\n * JSON.stringify already produces the canonical form for these.\n \n Not vendoring a full library because tool schemas don't carry\n * non-integer numbers in practice and the JS spec for Number.toString\n * happens to coincide with JCS § 3.2.2.2 for the integer case.\n /\nexport function jcsCanonicalise(value: unknown): string {\n if (value === null) return 'null';\n if (value === true) return 'true';\n if (value === false) return 'false';\n\n if (typeof value === 'number') {\n if (!Number.isFinite(value)) {\n throw new Error('jcsCanonicalise: NaN and Infinity are not JCS-valid');\n }\n // For integers in safe range, .toString() matches JCS. For\n // non-integer floats, .toString() also matches in modern JS\n // engines (V8, JavaScriptCore, SpiderMonkey all use the shortest\n // round-trip representation, which is what JCS § 3.2.2.2 requires).\n return value.toString();\n }\n\n if (typeof value === 'string') {\n return JSON.stringify(value);\n }\n\n if (Array.isArray(value)) {\n return '[' + value.map(jcsCanonicalise).join(',') + ']';\n }\n\n if (typeof value === 'object') {\n const keys = Object.keys(value as Record<string, unknown>).sort();\n const parts = keys.map(k => {\n return JSON.stringify(k) + ':' + jcsCanonicalise((value as Record<string, unknown>)[k]);\n });\n return '{' + parts.join(',') + '}';\n }\n\n // undefined, function, symbol, bigint — not JSON-representable\n throw new Error(`jcsCanonicalise: unsupported value type: ${typeof value}`);\n}\n\n// ─── SHA-256 ──────────────────────────────────────────────────────────────\n\nasync function sha256Hex(input: string \| Uint8Array): Promise<string> {\n const bytes = typeof input === 'string' ? new TextEncoder().encode(input) : input;\n\n // Node.js Web Crypto (Node 18+) supports digest. Browser Web Crypto does too.\n // Fall back to node:crypto if Web Crypto is unavailable.\n const subtle = (globalThis as any).crypto?.subtle;\n if (subtle) {\n const buf = await subtle.digest('SHA-256', bytes);\n return Array.from(new Uint8Array(buf))\n .map(b => b.toString(16).padStart(2, '0'))\n .join('');\n }\n\n // Node fallback\n const nodeCrypto = await import('node:crypto');\n return nodeCrypto.createHash('sha256').update(bytes).digest('hex');\n}\n\n// ─── Public API ───────────────────────────────────────────────────────────\n\n/\n Hash a single tool definition. Returns `sha256:<hex>`.\n \n Canonical form (v1):\n * JCS-canonicalised JSON of `{name, description, schema}` where\n * absent fields substitute `description: \"\"` and `schema: {}`.\n /\nexport async function hashTool(tool: CatalogueTool): Promise<string> {\n const normalised = {\n name: tool.name,\n description: tool.description ?? '',\n schema: tool.schema ?? {},\n };\n const hex = await sha256Hex(jcsCanonicalise(normalised));\n return `sha256:${hex}`;\n}\n\n/\n Hash an entire tool catalogue. Returns `sha256:<hex>`.\n \n Reordering tools does NOT change the hash (tool hashes sorted\n * lexicographically before concatenation). Adding, removing, or\n * modifying a tool DOES change the hash.\n \n Per-tool hashing first means a verifier comparing two catalogue\n * hashes that differ can also be given the per-tool hashes to\n * identify which specific tool changed.\n /\nexport async function hashToolCatalogue(tools: CatalogueTool[]): Promise<string> {\n if (tools.length === 0) {\n // Empty catalogue has a deterministic, stable hash distinct from \"no field\"\n return `sha256:${await sha256Hex('[]')}`;\n }\n const perTool = await Promise.all(tools.map(hashTool));\n perTool.sort();\n const hex = await sha256Hex(perTool.join(''));\n return `sha256:${hex}`;\n}\n\n/\n Hash a system prompt. Returns `sha256:<hex>`.\n \n The prompt is UTF-8 encoded and hashed verbatim — no normalisation.\n * If a caller wants to ignore whitespace or comment differences, they\n * should normalise before calling. The intent here is deterministic\n * reproducibility, not semantic equivalence.\n /\nexport async function hashSystemPrompt(prompt: string): Promise<string> {\n const hex = await sha256Hex(prompt);\n return `sha256:${hex}`;\n}\n\n/\n Convenience: hash the previous event's canonical bytes for use in\n * the prev_event_hash field of hash-chained ingest. Caller provides\n * the canonical bytes (use canonicalPayloadV0 from the main module).\n /\nexport async function hashPreviousEvent(canonicalBytes: string): Promise<string> {\n const hex = await sha256Hex(canonicalBytes);\n return `sha256:${hex}`;\n}\n\n// ─── Replay context — framework integration helper ────────────────────────\n\n/\n Raw inputs the integration captures from the framework. Set by the\n * integration's config; turned into hashes by {@link prepareReplayContext}.\n /\nexport interface ReplayInputs {\n /* Stable identifier for the model. E.g. `\"anthropic:claude-opus-4-8\"`. /\n modelVersion?: string;\n /* Tools available to the agent at call time. Hashed via {@link hashToolCatalogue}. /\n tools?: CatalogueTool[];\n /* System prompt active at call time. Hashed via {@link hashSystemPrompt}. /\n systemPrompt?: string;\n}\n\n/\n Pre-computed hashes ready to attach to audit events. The three keys\n * match the audit_events column names.\n /\nexport interface ReplayContext {\n model_version?: string;\n tool_catalogue_hash?: string;\n system_prompt_hash?: string;\n}\n\n/\n Compute replay context once from raw inputs. Use at integration\n * setup time so each emit can attach the hashes without re-hashing.\n \n Returns an object suitable for spreading into an AuditEventInput:\n * `await vorim.emit({ ...event, ...replayContext })`\n \n If a field is absent in the inputs, it is absent in the result\n * (not the empty string). That keeps the event lean.\n /\nexport async function prepareReplayContext(\n inputs: ReplayInputs,\n): Promise<ReplayContext> {\n const ctx: ReplayContext = {};\n if (inputs.modelVersion) ctx.model_version = inputs.modelVersion;\n if (inputs.tools) ctx.tool_catalogue_hash = await hashToolCatalogue(inputs.tools);\n if (inputs.systemPrompt) ctx.system_prompt_hash = await hashSystemPrompt(inputs.systemPrompt);\n return ctx;\n}\n","// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\nimport {\n prepareReplayContext,\n type ReplayInputs,\n type ReplayContext,\n type CatalogueTool,\n} from '../replay.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /* Tool name (must match the tool name sent to Claude). /\n name: string;\n /* Description shown to Claude. /\n description: string;\n /* JSON Schema for the tool's input. /\n input_schema: Record<string, unknown>;\n /* The function to execute when the tool is called. /\n execute: (args: TArgs) => Promise<TResult>;\n /* Vorim permission scope required. @default 'agent:execute' /\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /* Vorim SDK instance. /\n vorim: VorimSDK;\n /* The Vorim agent_id. /\n agentId: string;\n /* Default permission scope for tools without an explicit one. @default 'agent:execute' /\n defaultPermission?: PermissionScope;\n /* Whether to emit audit events asynchronously (fire-and-forget). @default true /\n asyncAudit?: boolean;\n /\n Replayable agent decision evidence (VAIP -02). Hashes attached to\n * every audit event. If `replay.tools` is omitted, the registry's\n * own tool list is used automatically. Not covered by v0 canonical\n * signature form.\n /\n replay?: ReplayInputs;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/\n Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n \n @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n \n const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n \n registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n \n const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n \n // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n /\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n private replayInputs: ReplayInputs \| undefined;\n private replayCache: Promise<ReplayContext> \| null = null;\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n this.replayInputs = config.replay;\n }\n\n private async getReplayContext(): Promise<ReplayContext> {\n if (!this.replayInputs) return {};\n if (!this.replayCache) {\n const inputs: ReplayInputs = {\n ...this.replayInputs,\n tools: this.replayInputs.tools ?? this.deriveCatalogue(),\n };\n this.replayCache = prepareReplayContext(inputs);\n }\n return this.replayCache;\n }\n\n private deriveCatalogue(): CatalogueTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n schema: t.input_schema,\n }));\n }\n\n /* Register a tool. Invalidates the cached tool-catalogue hash. /\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n this.replayCache = null;\n return this;\n }\n\n /* Register multiple tools. /\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /* Convert registered tools to Anthropic's tool format. /\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /\n Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n /\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n const replayCtx = await this.getReplayContext();\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n ...replayCtx,\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/* Minimal Anthropic client interface (avoids importing the full SDK). /\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /* Anthropic client instance. /\n anthropic: AnthropicClient;\n /* Model to use. @default 'claude-sonnet-4-20250514' /\n model?: string;\n /* System prompt for the agent. /\n systemPrompt?: string;\n /* Maximum tool-use iterations before stopping. @default 10 /\n maxIterations?: number;\n /* Max tokens per response. @default 1024 /\n maxTokens?: number;\n}\n\n/\n Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n \n @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n \n const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n \n const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n /\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' \|\| response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') \|\| '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/\n Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n \n @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n"],"mappings":";AAwEO,SAAS,gBAAgB,OAAwB;AACtD,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,UAAU,MAAO,QAAO;AAE5B,MAAI,OAAO,UAAU,UAAU;AAC7B,QAAI,CAAC,OAAO,SAAS,KAAK,GAAG;AAC3B,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AAKA,WAAO,MAAM,SAAS;AAAA,EACxB;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO,KAAK,UAAU,KAAK;AAAA,EAC7B;AAEA,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,MAAM,IAAI,eAAe,EAAE,KAAK,GAAG,IAAI;AAAA,EACtD;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,OAAO,OAAO,KAAK,KAAgC,EAAE,KAAK;AAChE,UAAM,QAAQ,KAAK,IAAI,OAAK;AAC1B,aAAO,KAAK,UAAU,CAAC,IAAI,MAAM,gBAAiB,MAAkC,CAAC,CAAC;AAAA,IACxF,CAAC;AACD,WAAO,MAAM,MAAM,KAAK,GAAG,IAAI;AAAA,EACjC;AAGA,QAAM,IAAI,MAAM,4CAA4C,OAAO,KAAK,EAAE;AAC5E;AAIA,eAAe,UAAU,OAA6C;AACpE,QAAM,QAAQ,OAAO,UAAU,WAAW,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;AAI5E,QAAM,SAAU,WAAmB,QAAQ;AAC3C,MAAI,QAAQ;AACV,UAAM,MAAM,MAAM,OAAO,OAAO,WAAW,KAAK;AAChD,WAAO,MAAM,KAAK,IAAI,WAAW,GAAG,CAAC,EAClC,IAAI,OAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EACxC,KAAK,EAAE;AAAA,EACZ;AAGA,QAAM,aAAa,MAAM,OAAO,QAAa;AAC7C,SAAO,WAAW,WAAW,QAAQ,EAAE,OAAO,KAAK,EAAE,OAAO,KAAK;AACnE;AAWA,eAAsB,SAAS,MAAsC;AACnE,QAAM,aAAa;AAAA,IACjB,MAAM,KAAK;AAAA,IACX,aAAa,KAAK,eAAe;AAAA,IACjC,QAAQ,KAAK,UAAU,CAAC;AAAA,EAC1B;AACA,QAAM,MAAM,MAAM,UAAU,gBAAgB,UAAU,CAAC;AACvD,SAAO,UAAU,GAAG;AACtB;AAaA,eAAsB,kBAAkB,OAAyC;AAC/E,MAAI,MAAM,WAAW,GAAG;AAEtB,WAAO,UAAU,MAAM,UAAU,IAAI,CAAC;AAAA,EACxC;AACA,QAAM,UAAU,MAAM,QAAQ,IAAI,MAAM,IAAI,QAAQ,CAAC;AACrD,UAAQ,KAAK;AACb,QAAM,MAAM,MAAM,UAAU,QAAQ,KAAK,EAAE,CAAC;AAC5C,SAAO,UAAU,GAAG;AACtB;AAUA,eAAsB,iBAAiB,QAAiC;AACtE,QAAM,MAAM,MAAM,UAAU,MAAM;AAClC,SAAO,UAAU,GAAG;AACtB;AA+CA,eAAsB,qBACpB,QACwB;AACxB,QAAM,MAAqB,CAAC;AAC5B,MAAI,OAAO,aAAc,KAAI,gBAAgB,OAAO;AACpD,MAAI,OAAO,MAAO,KAAI,sBAAsB,MAAM,kBAAkB,OAAO,KAAK;AAChF,MAAI,OAAO,aAAc,KAAI,qBAAqB,MAAM,iBAAiB,OAAO,YAAY;AAC5F,SAAO;AACT;;;ACpHO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAC7C;AAAA,EACA,cAA6C;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AACvC,SAAK,eAAe,OAAO;AAAA,EAC7B;AAAA,EAEA,MAAc,mBAA2C;AACvD,QAAI,CAAC,KAAK,aAAc,QAAO,CAAC;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,SAAuB;AAAA,QAC3B,GAAG,KAAK;AAAA,QACR,OAAO,KAAK,aAAa,SAAS,KAAK,gBAAgB;AAAA,MACzD;AACA,WAAK,cAAc,qBAAqB,MAAM;AAAA,IAChD;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,kBAAmC;AACzC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,QAAQ,EAAE;AAAA,IACZ,EAAE;AAAA,EACJ;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,SAAK,cAAc;AACnB,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AACtE,UAAM,YAAY,MAAM,KAAK,iBAAiB;AAE9C,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,QAC3C,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,QACnC,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,QAClD,GAAG;AAAA,MACL;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}

package/dist/integrations/crewai.cjs CHANGED Viewed

@@ -74,7 +74,10 @@ async function emitCrewTaskEvent(vorim, event) {
       ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
       ...event.error ? { error: event.error } : {},
       ...event.metadata
-    }
+    },
+    ...event.modelVersion ? { model_version: event.modelVersion } : {},
+    ...event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {},
+    ...event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}
   };
   await vorim.emit(auditEvent);
 }
@@ -93,7 +96,10 @@ async function emitCrewRunEvents(vorim, events) {
       ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
       ...event.error ? { error: event.error } : {},
       ...event.metadata
-    }
+    },
+    ...event.modelVersion ? { model_version: event.modelVersion } : {},
+    ...event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {},
+    ...event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}
   }));
   return vorim.emitBatch(auditEvents);
 }

package/dist/integrations/crewai.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../src/integrations/crewai.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — CrewAI Integration\n// CrewAI is Python-only, so this module provides:\n// 1. A TypeScript helper for managing CrewAI agent identities via Vorim\n// 2. Audit utilities for logging crew task execution\n// 3. A \"crew manifest\" pattern for registering entire crews at once\n//\n// Use this from a TypeScript orchestration layer that triggers CrewAI\n// runs via REST, CLI, or subprocess. For native Python integration,\n// use the Vorim REST API directly (see docs).\n//\n// No peer dependencies required — uses @vorim/sdk only.\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type {\n PermissionScope, AuditEventInput, AgentRegistrationResult,\n} from '../types.js';\n\n// ─── Crew Configuration ──────────────────────────────────────────────────\n\nexport interface CrewMemberConfig {\n /** Unique role name within the crew (e.g. \"researcher\", \"writer\"). /\n role: string;\n /* Display name for the Vorim agent. /\n name: string;\n /* Description of this crew member's responsibilities. /\n description?: string;\n /* Tools this agent can use (e.g. [\"web_search\", \"file_read\"]). /\n capabilities: string[];\n /* Permission scopes to grant. /\n scopes: PermissionScope[];\n /* Whether this agent can delegate to other crew members. /\n allowDelegation?: boolean;\n}\n\nexport interface CrewManifest {\n /* Name for the overall crew. /\n crewName: string;\n /* Members of the crew. /\n members: CrewMemberConfig[];\n /* Optional metadata for the crew. /\n metadata?: Record<string, unknown>;\n}\n\nexport interface RegisteredCrewMember {\n role: string;\n agentId: string;\n registration: AgentRegistrationResult;\n privateKey: string;\n}\n\nexport interface RegisteredCrew {\n crewName: string;\n members: RegisteredCrewMember[];\n /* Lookup a member by role. /\n getMember(role: string): RegisteredCrewMember \| undefined;\n /* Get all agent IDs in the crew. /\n agentIds(): string[];\n}\n\n// ─── Crew Registration ──────────────────────────────────────────────────\n\n/\n Registers an entire CrewAI crew with Vorim. Each crew member gets a\n * unique Vorim agent identity with Ed25519 keypair and scoped permissions.\n \n @example\n * ```ts\n * import createVorim from \"@vorim/sdk\";\n * import { registerCrew } from \"@vorim/sdk/integrations/crewai\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n \n const crew = await registerCrew(vorim, {\n * crewName: \"content-pipeline\",\n * members: [\n * {\n * role: \"researcher\",\n * name: \"crew-researcher\",\n * capabilities: [\"web_search\", \"summarization\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * },\n * {\n * role: \"writer\",\n * name: \"crew-writer\",\n * capabilities: [\"file_write\", \"formatting\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * },\n * {\n * role: \"editor\",\n * name: \"crew-editor\",\n * capabilities: [\"review\", \"approval\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * allowDelegation: true,\n * },\n * ],\n * });\n \n // Access individual members\n * const researcher = crew.getMember(\"researcher\");\n * console.log(researcher.agentId); // agid_acme_...\n \n // Grant delegation permission to editor\n * // (done automatically if allowDelegation is true)\n * ```\n /\nexport async function registerCrew(\n vorim: VorimSDK,\n manifest: CrewManifest,\n): Promise<RegisteredCrew> {\n const members: RegisteredCrewMember[] = [];\n\n for (const member of manifest.members) {\n const scopes = [...member.scopes];\n\n // Auto-add delegate scope if delegation is allowed\n if (member.allowDelegation && !scopes.includes('agent:delegate')) {\n scopes.push('agent:delegate');\n }\n\n const registration = await vorim.register({\n name: member.name,\n description: member.description ?? `CrewAI ${member.role} — ${manifest.crewName}`,\n capabilities: member.capabilities,\n scopes,\n });\n\n members.push({\n role: member.role,\n agentId: registration.agent.agent_id,\n registration,\n privateKey: registration.private_key,\n });\n }\n\n return {\n crewName: manifest.crewName,\n members,\n getMember(role: string) {\n return members.find(m => m.role === role);\n },\n agentIds() {\n return members.map(m => m.agentId);\n },\n };\n}\n\n// ─── Task Audit ──────────────────────────────────────────────────────────\n\nexport interface CrewTaskEvent {\n /* The role of the crew member performing the task. /\n role: string;\n /* The Vorim agent_id (looked up from the crew). /\n agentId: string;\n /* Task description or name. /\n task: string;\n /* Tool used (if any). /\n tool?: string;\n /* Result of the action. /\n result: 'success' \| 'denied' \| 'error';\n /* Duration in milliseconds. /\n latencyMs?: number;\n /* Error details if result is 'error'. /\n error?: string;\n /* Whether this was a delegation to another crew member. /\n delegatedTo?: string;\n /* Additional context. /\n metadata?: Record<string, unknown>;\n}\n\n/\n Emits a Vorim audit event for a CrewAI task execution.\n * Call this from your orchestration layer after each CrewAI step completes.\n \n @example\n * ```ts\n * import { emitCrewTaskEvent } from \"@vorim/sdk/integrations/crewai\";\n \n // After a CrewAI task completes\n * await emitCrewTaskEvent(vorim, {\n * role: \"researcher\",\n * agentId: crew.getMember(\"researcher\").agentId,\n * task: \"research_competitors\",\n * tool: \"web_search\",\n * result: \"success\",\n * latencyMs: 3200,\n * });\n * ```\n /\nexport async function emitCrewTaskEvent(\n vorim: VorimSDK,\n event: CrewTaskEvent,\n): Promise<void> {\n const auditEvent: AuditEventInput = {\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n };\n\n await vorim.emit(auditEvent);\n}\n\n/\n Emits audit events for an entire crew run (batch of task results).\n \n @example\n * ```ts\n * await emitCrewRunEvents(vorim, [\n * { role: \"researcher\", agentId: \"...\", task: \"research\", result: \"success\" },\n * { role: \"writer\", agentId: \"...\", task: \"draft_article\", result: \"success\" },\n * { role: \"editor\", agentId: \"...\", task: \"review\", result: \"success\" },\n * ]);\n * ```\n /\nexport async function emitCrewRunEvents(\n vorim: VorimSDK,\n events: CrewTaskEvent[],\n): Promise<{ ingested: number }> {\n const auditEvents: AuditEventInput[] = events.map(event => ({\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n }));\n\n return vorim.emitBatch(auditEvents);\n}\n\n// ─── Permission Helpers ──────────────────────────────────────────────────\n\n/\n Check if a crew member has permission before executing a task.\n * Returns the check result — does not throw.\n \n @example\n * ```ts\n * const { allowed } = await checkCrewPermission(vorim, crew, \"writer\", \"agent:write\");\n * if (!allowed) {\n * console.log(\"Writer lacks write permission\");\n * }\n * ```\n /\nexport async function checkCrewPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n role: string,\n scope: PermissionScope,\n): Promise<{ allowed: boolean; reason?: string }> {\n const member = crew.getMember(role);\n if (!member) {\n return { allowed: false, reason: `Unknown crew member: ${role}` };\n }\n return vorim.check(member.agentId, scope);\n}\n\n/\n Check if delegation between two crew members is permitted.\n * The delegating agent must have the `agent:delegate` scope.\n /\nexport async function checkDelegationPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n fromRole: string,\n toRole: string,\n): Promise<{ allowed: boolean; reason?: string }> {\n const from = crew.getMember(fromRole);\n const to = crew.getMember(toRole);\n if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };\n if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };\n\n const result = await vorim.check(from.agentId, 'agent:delegate');\n if (!result.allowed) {\n return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };\n }\n return { allowed: true };\n}\n\n// ─── Trust Verification ──────────────────────────────────────────────────\n\n/\n Verify trust scores for all members of a crew.\n * Useful before starting a crew run to ensure all agents are active and trusted.\n */\nexport async function verifyCrewTrust(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n): Promise<{ role: string; agentId: string; trustScore: number; status: string }[]> {\n const results = await Promise.all(\n crew.members.map(async (member) => {\n const trust = await vorim.verify(member.agentId);\n return {\n role: member.role,\n agentId: member.agentId,\n trustScore: trust.trust_score,\n status: trust.status,\n };\n }),\n );\n return results;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA2GA,eAAsB,aACpB,OACA,UACyB;AACzB,QAAM,UAAkC,CAAC;AAEzC,aAAW,UAAU,SAAS,SAAS;AACrC,UAAM,SAAS,CAAC,GAAG,OAAO,MAAM;AAGhC,QAAI,OAAO,mBAAmB,CAAC,OAAO,SAAS,gBAAgB,GAAG;AAChE,aAAO,KAAK,gBAAgB;AAAA,IAC9B;AAEA,UAAM,eAAe,MAAM,MAAM,SAAS;AAAA,MACxC,MAAM,OAAO;AAAA,MACb,aAAa,OAAO,eAAe,UAAU,OAAO,IAAI,WAAM,SAAS,QAAQ;AAAA,MAC/E,cAAc,OAAO;AAAA,MACrB;AAAA,IACF,CAAC;AAED,YAAQ,KAAK;AAAA,MACX,MAAM,OAAO;AAAA,MACb,SAAS,aAAa,MAAM;AAAA,MAC5B;AAAA,MACA,YAAY,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAEA,SAAO;AAAA,IACL,UAAU,SAAS;AAAA,IACnB;AAAA,IACA,UAAU,MAAc;AACtB,aAAO,QAAQ,KAAK,OAAK,EAAE,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,WAAW;AACT,aAAO,QAAQ,IAAI,OAAK,EAAE,OAAO;AAAA,IACnC;AAAA,EACF;AACF;AA4CA,eAAsB,kBACpB,OACA,OACe;AACf,QAAM,aAA8B;AAAA,IAClC,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF;AAEA,QAAM,MAAM,KAAK,UAAU;AAC7B;AAcA,eAAsB,kBACpB,OACA,QAC+B;AAC/B,QAAM,cAAiC,OAAO,IAAI,YAAU;AAAA,IAC1D,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF,EAAE;AAEF,SAAO,MAAM,UAAU,WAAW;AACpC;AAgBA,eAAsB,oBACpB,OACA,MACA,MACA,OACgD;AAChD,QAAM,SAAS,KAAK,UAAU,IAAI;AAClC,MAAI,CAAC,QAAQ;AACX,WAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,IAAI,GAAG;AAAA,EAClE;AACA,SAAO,MAAM,MAAM,OAAO,SAAS,KAAK;AAC1C;AAMA,eAAsB,0BACpB,OACA,MACA,UACA,QACgD;AAChD,QAAM,OAAO,KAAK,UAAU,QAAQ;AACpC,QAAM,KAAK,KAAK,UAAU,MAAM;AAChC,MAAI,CAAC,KAAM,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,QAAQ,GAAG;AAC/E,MAAI,CAAC,GAAI,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,MAAM,GAAG;AAE3E,QAAM,SAAS,MAAM,MAAM,MAAM,KAAK,SAAS,gBAAgB;AAC/D,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,EAAE,SAAS,OAAO,QAAQ,GAAG,QAAQ,mCAAmC;AAAA,EACjF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;AAQA,eAAsB,gBACpB,OACA,MACkF;AAClF,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,KAAK,QAAQ,IAAI,OAAO,WAAW;AACjC,YAAM,QAAQ,MAAM,MAAM,OAAO,OAAO,OAAO;AAC/C,aAAO;AAAA,QACL,MAAM,OAAO;AAAA,QACb,SAAS,OAAO;AAAA,QAChB,YAAY,MAAM;AAAA,QAClB,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;","names":[]}
1	+ {"version":3,"sources":["../../src/integrations/crewai.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — CrewAI Integration\n// CrewAI is Python-only, so this module provides:\n// 1. A TypeScript helper for managing CrewAI agent identities via Vorim\n// 2. Audit utilities for logging crew task execution\n// 3. A \"crew manifest\" pattern for registering entire crews at once\n//\n// Use this from a TypeScript orchestration layer that triggers CrewAI\n// runs via REST, CLI, or subprocess. For native Python integration,\n// use the Vorim REST API directly (see docs).\n//\n// No peer dependencies required — uses @vorim/sdk only.\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type {\n PermissionScope, AuditEventInput, AgentRegistrationResult,\n} from '../types.js';\n\n// ─── Crew Configuration ──────────────────────────────────────────────────\n\nexport interface CrewMemberConfig {\n /** Unique role name within the crew (e.g. \"researcher\", \"writer\"). /\n role: string;\n /* Display name for the Vorim agent. /\n name: string;\n /* Description of this crew member's responsibilities. /\n description?: string;\n /* Tools this agent can use (e.g. [\"web_search\", \"file_read\"]). /\n capabilities: string[];\n /* Permission scopes to grant. /\n scopes: PermissionScope[];\n /* Whether this agent can delegate to other crew members. /\n allowDelegation?: boolean;\n}\n\nexport interface CrewManifest {\n /* Name for the overall crew. /\n crewName: string;\n /* Members of the crew. /\n members: CrewMemberConfig[];\n /* Optional metadata for the crew. /\n metadata?: Record<string, unknown>;\n}\n\nexport interface RegisteredCrewMember {\n role: string;\n agentId: string;\n registration: AgentRegistrationResult;\n privateKey: string;\n}\n\nexport interface RegisteredCrew {\n crewName: string;\n members: RegisteredCrewMember[];\n /* Lookup a member by role. /\n getMember(role: string): RegisteredCrewMember \| undefined;\n /* Get all agent IDs in the crew. /\n agentIds(): string[];\n}\n\n// ─── Crew Registration ──────────────────────────────────────────────────\n\n/\n Registers an entire CrewAI crew with Vorim. Each crew member gets a\n * unique Vorim agent identity with Ed25519 keypair and scoped permissions.\n \n @example\n * ```ts\n * import createVorim from \"@vorim/sdk\";\n * import { registerCrew } from \"@vorim/sdk/integrations/crewai\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n \n const crew = await registerCrew(vorim, {\n * crewName: \"content-pipeline\",\n * members: [\n * {\n * role: \"researcher\",\n * name: \"crew-researcher\",\n * capabilities: [\"web_search\", \"summarization\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * },\n * {\n * role: \"writer\",\n * name: \"crew-writer\",\n * capabilities: [\"file_write\", \"formatting\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * },\n * {\n * role: \"editor\",\n * name: \"crew-editor\",\n * capabilities: [\"review\", \"approval\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * allowDelegation: true,\n * },\n * ],\n * });\n \n // Access individual members\n * const researcher = crew.getMember(\"researcher\");\n * console.log(researcher.agentId); // agid_acme_...\n \n // Grant delegation permission to editor\n * // (done automatically if allowDelegation is true)\n * ```\n /\nexport async function registerCrew(\n vorim: VorimSDK,\n manifest: CrewManifest,\n): Promise<RegisteredCrew> {\n const members: RegisteredCrewMember[] = [];\n\n for (const member of manifest.members) {\n const scopes = [...member.scopes];\n\n // Auto-add delegate scope if delegation is allowed\n if (member.allowDelegation && !scopes.includes('agent:delegate')) {\n scopes.push('agent:delegate');\n }\n\n const registration = await vorim.register({\n name: member.name,\n description: member.description ?? `CrewAI ${member.role} — ${manifest.crewName}`,\n capabilities: member.capabilities,\n scopes,\n });\n\n members.push({\n role: member.role,\n agentId: registration.agent.agent_id,\n registration,\n privateKey: registration.private_key,\n });\n }\n\n return {\n crewName: manifest.crewName,\n members,\n getMember(role: string) {\n return members.find(m => m.role === role);\n },\n agentIds() {\n return members.map(m => m.agentId);\n },\n };\n}\n\n// ─── Task Audit ──────────────────────────────────────────────────────────\n\nexport interface CrewTaskEvent {\n /* The role of the crew member performing the task. /\n role: string;\n /* The Vorim agent_id (looked up from the crew). /\n agentId: string;\n /* Task description or name. /\n task: string;\n /* Tool used (if any). /\n tool?: string;\n /* Result of the action. /\n result: 'success' \| 'denied' \| 'error';\n /* Duration in milliseconds. /\n latencyMs?: number;\n /* Error details if result is 'error'. /\n error?: string;\n /* Whether this was a delegation to another crew member. /\n delegatedTo?: string;\n /* Additional context. /\n metadata?: Record<string, unknown>;\n /\n Replayable agent decision evidence (VAIP -02).\n \n Stable identifier for the model that produced this task. Free-form\n * but recommended convention is `provider:model-name-version`.\n /\n modelVersion?: string;\n /\n SHA-256 of the canonicalised tool catalogue available to the\n * crew member at task time. Compute via {@link hashToolCatalogue}\n * from `@vorim/sdk`.\n /\n toolCatalogueHash?: string;\n /\n SHA-256 of the system prompt active at task time. Compute via\n * {@link hashSystemPrompt} from `@vorim/sdk`.\n /\n systemPromptHash?: string;\n}\n\n/\n Emits a Vorim audit event for a CrewAI task execution.\n * Call this from your orchestration layer after each CrewAI step completes.\n \n @example\n * ```ts\n * import { emitCrewTaskEvent } from \"@vorim/sdk/integrations/crewai\";\n \n // After a CrewAI task completes\n * await emitCrewTaskEvent(vorim, {\n * role: \"researcher\",\n * agentId: crew.getMember(\"researcher\").agentId,\n * task: \"research_competitors\",\n * tool: \"web_search\",\n * result: \"success\",\n * latencyMs: 3200,\n * });\n * ```\n /\nexport async function emitCrewTaskEvent(\n vorim: VorimSDK,\n event: CrewTaskEvent,\n): Promise<void> {\n const auditEvent: AuditEventInput = {\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n ...(event.modelVersion ? { model_version: event.modelVersion } : {}),\n ...(event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {}),\n ...(event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}),\n };\n\n await vorim.emit(auditEvent);\n}\n\n/\n Emits audit events for an entire crew run (batch of task results).\n \n @example\n * ```ts\n * await emitCrewRunEvents(vorim, [\n * { role: \"researcher\", agentId: \"...\", task: \"research\", result: \"success\" },\n * { role: \"writer\", agentId: \"...\", task: \"draft_article\", result: \"success\" },\n * { role: \"editor\", agentId: \"...\", task: \"review\", result: \"success\" },\n * ]);\n * ```\n /\nexport async function emitCrewRunEvents(\n vorim: VorimSDK,\n events: CrewTaskEvent[],\n): Promise<{ ingested: number }> {\n const auditEvents: AuditEventInput[] = events.map(event => ({\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n ...(event.modelVersion ? { model_version: event.modelVersion } : {}),\n ...(event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {}),\n ...(event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}),\n }));\n\n return vorim.emitBatch(auditEvents);\n}\n\n// ─── Permission Helpers ──────────────────────────────────────────────────\n\n/\n Check if a crew member has permission before executing a task.\n * Returns the check result — does not throw.\n \n @example\n * ```ts\n * const { allowed } = await checkCrewPermission(vorim, crew, \"writer\", \"agent:write\");\n * if (!allowed) {\n * console.log(\"Writer lacks write permission\");\n * }\n * ```\n /\nexport async function checkCrewPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n role: string,\n scope: PermissionScope,\n): Promise<{ allowed: boolean; reason?: string }> {\n const member = crew.getMember(role);\n if (!member) {\n return { allowed: false, reason: `Unknown crew member: ${role}` };\n }\n return vorim.check(member.agentId, scope);\n}\n\n/\n Check if delegation between two crew members is permitted.\n * The delegating agent must have the `agent:delegate` scope.\n /\nexport async function checkDelegationPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n fromRole: string,\n toRole: string,\n): Promise<{ allowed: boolean; reason?: string }> {\n const from = crew.getMember(fromRole);\n const to = crew.getMember(toRole);\n if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };\n if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };\n\n const result = await vorim.check(from.agentId, 'agent:delegate');\n if (!result.allowed) {\n return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };\n }\n return { allowed: true };\n}\n\n// ─── Trust Verification ──────────────────────────────────────────────────\n\n/\n Verify trust scores for all members of a crew.\n * Useful before starting a crew run to ensure all agents are active and trusted.\n */\nexport async function verifyCrewTrust(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n): Promise<{ role: string; agentId: string; trustScore: number; status: string }[]> {\n const results = await Promise.all(\n crew.members.map(async (member) => {\n const trust = await vorim.verify(member.agentId);\n return {\n role: member.role,\n agentId: member.agentId,\n trustScore: trust.trust_score,\n status: trust.status,\n };\n }),\n );\n return results;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA2GA,eAAsB,aACpB,OACA,UACyB;AACzB,QAAM,UAAkC,CAAC;AAEzC,aAAW,UAAU,SAAS,SAAS;AACrC,UAAM,SAAS,CAAC,GAAG,OAAO,MAAM;AAGhC,QAAI,OAAO,mBAAmB,CAAC,OAAO,SAAS,gBAAgB,GAAG;AAChE,aAAO,KAAK,gBAAgB;AAAA,IAC9B;AAEA,UAAM,eAAe,MAAM,MAAM,SAAS;AAAA,MACxC,MAAM,OAAO;AAAA,MACb,aAAa,OAAO,eAAe,UAAU,OAAO,IAAI,WAAM,SAAS,QAAQ;AAAA,MAC/E,cAAc,OAAO;AAAA,MACrB;AAAA,IACF,CAAC;AAED,YAAQ,KAAK;AAAA,MACX,MAAM,OAAO;AAAA,MACb,SAAS,aAAa,MAAM;AAAA,MAC5B;AAAA,MACA,YAAY,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAEA,SAAO;AAAA,IACL,UAAU,SAAS;AAAA,IACnB;AAAA,IACA,UAAU,MAAc;AACtB,aAAO,QAAQ,KAAK,OAAK,EAAE,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,WAAW;AACT,aAAO,QAAQ,IAAI,OAAK,EAAE,OAAO;AAAA,IACnC;AAAA,EACF;AACF;AA8DA,eAAsB,kBACpB,OACA,OACe;AACf,QAAM,aAA8B;AAAA,IAClC,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,IACA,GAAI,MAAM,eAAe,EAAE,eAAe,MAAM,aAAa,IAAI,CAAC;AAAA,IAClE,GAAI,MAAM,oBAAoB,EAAE,qBAAqB,MAAM,kBAAkB,IAAI,CAAC;AAAA,IAClF,GAAI,MAAM,mBAAmB,EAAE,oBAAoB,MAAM,iBAAiB,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,MAAM,KAAK,UAAU;AAC7B;AAcA,eAAsB,kBACpB,OACA,QAC+B;AAC/B,QAAM,cAAiC,OAAO,IAAI,YAAU;AAAA,IAC1D,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,IACA,GAAI,MAAM,eAAe,EAAE,eAAe,MAAM,aAAa,IAAI,CAAC;AAAA,IAClE,GAAI,MAAM,oBAAoB,EAAE,qBAAqB,MAAM,kBAAkB,IAAI,CAAC;AAAA,IAClF,GAAI,MAAM,mBAAmB,EAAE,oBAAoB,MAAM,iBAAiB,IAAI,CAAC;AAAA,EACjF,EAAE;AAEF,SAAO,MAAM,UAAU,WAAW;AACpC;AAgBA,eAAsB,oBACpB,OACA,MACA,MACA,OACgD;AAChD,QAAM,SAAS,KAAK,UAAU,IAAI;AAClC,MAAI,CAAC,QAAQ;AACX,WAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,IAAI,GAAG;AAAA,EAClE;AACA,SAAO,MAAM,MAAM,OAAO,SAAS,KAAK;AAC1C;AAMA,eAAsB,0BACpB,OACA,MACA,UACA,QACgD;AAChD,QAAM,OAAO,KAAK,UAAU,QAAQ;AACpC,QAAM,KAAK,KAAK,UAAU,MAAM;AAChC,MAAI,CAAC,KAAM,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,QAAQ,GAAG;AAC/E,MAAI,CAAC,GAAI,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,MAAM,GAAG;AAE3E,QAAM,SAAS,MAAM,MAAM,MAAM,KAAK,SAAS,gBAAgB;AAC/D,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,EAAE,SAAS,OAAO,QAAQ,GAAG,QAAQ,mCAAmC;AAAA,EACjF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;AAQA,eAAsB,gBACpB,OACA,MACkF;AAClF,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,KAAK,QAAQ,IAAI,OAAO,WAAW;AACjC,YAAM,QAAQ,MAAM,MAAM,OAAO,OAAO,OAAO;AAC/C,aAAO;AAAA,QACL,MAAM,OAAO;AAAA,QACb,SAAS,OAAO;AAAA,QAChB,YAAY,MAAM;AAAA,QAClB,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;","names":[]}

package/dist/integrations/crewai.d.cts CHANGED Viewed

@@ -100,6 +100,24 @@ interface CrewTaskEvent {
     delegatedTo?: string;
     /** Additional context. */
     metadata?: Record<string, unknown>;
+    /**
+     * Replayable agent decision evidence (VAIP -02).
+     *
+     * Stable identifier for the model that produced this task. Free-form
+     * but recommended convention is `provider:model-name-version`.
+     */
+    modelVersion?: string;
+    /**
+     * SHA-256 of the canonicalised tool catalogue available to the
+     * crew member at task time. Compute via {@link hashToolCatalogue}
+     * from `@vorim/sdk`.
+     */
+    toolCatalogueHash?: string;
+    /**
+     * SHA-256 of the system prompt active at task time. Compute via
+     * {@link hashSystemPrompt} from `@vorim/sdk`.
+     */
+    systemPromptHash?: string;
 }
 /**
  * Emits a Vorim audit event for a CrewAI task execution.

package/dist/integrations/crewai.d.ts CHANGED Viewed

@@ -100,6 +100,24 @@ interface CrewTaskEvent {
     delegatedTo?: string;
     /** Additional context. */
     metadata?: Record<string, unknown>;
+    /**
+     * Replayable agent decision evidence (VAIP -02).
+     *
+     * Stable identifier for the model that produced this task. Free-form
+     * but recommended convention is `provider:model-name-version`.
+     */
+    modelVersion?: string;
+    /**
+     * SHA-256 of the canonicalised tool catalogue available to the
+     * crew member at task time. Compute via {@link hashToolCatalogue}
+     * from `@vorim/sdk`.
+     */
+    toolCatalogueHash?: string;
+    /**
+     * SHA-256 of the system prompt active at task time. Compute via
+     * {@link hashSystemPrompt} from `@vorim/sdk`.
+     */
+    systemPromptHash?: string;
 }
 /**
  * Emits a Vorim audit event for a CrewAI task execution.

package/dist/integrations/crewai.js CHANGED Viewed

@@ -45,7 +45,10 @@ async function emitCrewTaskEvent(vorim, event) {
       ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
       ...event.error ? { error: event.error } : {},
       ...event.metadata
-    }
+    },
+    ...event.modelVersion ? { model_version: event.modelVersion } : {},
+    ...event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {},
+    ...event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}
   };
   await vorim.emit(auditEvent);
 }
@@ -64,7 +67,10 @@ async function emitCrewRunEvents(vorim, events) {
       ...event.delegatedTo ? { delegated_to: event.delegatedTo } : {},
       ...event.error ? { error: event.error } : {},
       ...event.metadata
-    }
+    },
+    ...event.modelVersion ? { model_version: event.modelVersion } : {},
+    ...event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {},
+    ...event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}
   }));
   return vorim.emitBatch(auditEvents);
 }

package/dist/integrations/crewai.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../src/integrations/crewai.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — CrewAI Integration\n// CrewAI is Python-only, so this module provides:\n// 1. A TypeScript helper for managing CrewAI agent identities via Vorim\n// 2. Audit utilities for logging crew task execution\n// 3. A \"crew manifest\" pattern for registering entire crews at once\n//\n// Use this from a TypeScript orchestration layer that triggers CrewAI\n// runs via REST, CLI, or subprocess. For native Python integration,\n// use the Vorim REST API directly (see docs).\n//\n// No peer dependencies required — uses @vorim/sdk only.\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type {\n PermissionScope, AuditEventInput, AgentRegistrationResult,\n} from '../types.js';\n\n// ─── Crew Configuration ──────────────────────────────────────────────────\n\nexport interface CrewMemberConfig {\n /** Unique role name within the crew (e.g. \"researcher\", \"writer\"). /\n role: string;\n /* Display name for the Vorim agent. /\n name: string;\n /* Description of this crew member's responsibilities. /\n description?: string;\n /* Tools this agent can use (e.g. [\"web_search\", \"file_read\"]). /\n capabilities: string[];\n /* Permission scopes to grant. /\n scopes: PermissionScope[];\n /* Whether this agent can delegate to other crew members. /\n allowDelegation?: boolean;\n}\n\nexport interface CrewManifest {\n /* Name for the overall crew. /\n crewName: string;\n /* Members of the crew. /\n members: CrewMemberConfig[];\n /* Optional metadata for the crew. /\n metadata?: Record<string, unknown>;\n}\n\nexport interface RegisteredCrewMember {\n role: string;\n agentId: string;\n registration: AgentRegistrationResult;\n privateKey: string;\n}\n\nexport interface RegisteredCrew {\n crewName: string;\n members: RegisteredCrewMember[];\n /* Lookup a member by role. /\n getMember(role: string): RegisteredCrewMember \| undefined;\n /* Get all agent IDs in the crew. /\n agentIds(): string[];\n}\n\n// ─── Crew Registration ──────────────────────────────────────────────────\n\n/\n Registers an entire CrewAI crew with Vorim. Each crew member gets a\n * unique Vorim agent identity with Ed25519 keypair and scoped permissions.\n \n @example\n * ```ts\n * import createVorim from \"@vorim/sdk\";\n * import { registerCrew } from \"@vorim/sdk/integrations/crewai\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n \n const crew = await registerCrew(vorim, {\n * crewName: \"content-pipeline\",\n * members: [\n * {\n * role: \"researcher\",\n * name: \"crew-researcher\",\n * capabilities: [\"web_search\", \"summarization\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * },\n * {\n * role: \"writer\",\n * name: \"crew-writer\",\n * capabilities: [\"file_write\", \"formatting\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * },\n * {\n * role: \"editor\",\n * name: \"crew-editor\",\n * capabilities: [\"review\", \"approval\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * allowDelegation: true,\n * },\n * ],\n * });\n \n // Access individual members\n * const researcher = crew.getMember(\"researcher\");\n * console.log(researcher.agentId); // agid_acme_...\n \n // Grant delegation permission to editor\n * // (done automatically if allowDelegation is true)\n * ```\n /\nexport async function registerCrew(\n vorim: VorimSDK,\n manifest: CrewManifest,\n): Promise<RegisteredCrew> {\n const members: RegisteredCrewMember[] = [];\n\n for (const member of manifest.members) {\n const scopes = [...member.scopes];\n\n // Auto-add delegate scope if delegation is allowed\n if (member.allowDelegation && !scopes.includes('agent:delegate')) {\n scopes.push('agent:delegate');\n }\n\n const registration = await vorim.register({\n name: member.name,\n description: member.description ?? `CrewAI ${member.role} — ${manifest.crewName}`,\n capabilities: member.capabilities,\n scopes,\n });\n\n members.push({\n role: member.role,\n agentId: registration.agent.agent_id,\n registration,\n privateKey: registration.private_key,\n });\n }\n\n return {\n crewName: manifest.crewName,\n members,\n getMember(role: string) {\n return members.find(m => m.role === role);\n },\n agentIds() {\n return members.map(m => m.agentId);\n },\n };\n}\n\n// ─── Task Audit ──────────────────────────────────────────────────────────\n\nexport interface CrewTaskEvent {\n /* The role of the crew member performing the task. /\n role: string;\n /* The Vorim agent_id (looked up from the crew). /\n agentId: string;\n /* Task description or name. /\n task: string;\n /* Tool used (if any). /\n tool?: string;\n /* Result of the action. /\n result: 'success' \| 'denied' \| 'error';\n /* Duration in milliseconds. /\n latencyMs?: number;\n /* Error details if result is 'error'. /\n error?: string;\n /* Whether this was a delegation to another crew member. /\n delegatedTo?: string;\n /* Additional context. /\n metadata?: Record<string, unknown>;\n}\n\n/\n Emits a Vorim audit event for a CrewAI task execution.\n * Call this from your orchestration layer after each CrewAI step completes.\n \n @example\n * ```ts\n * import { emitCrewTaskEvent } from \"@vorim/sdk/integrations/crewai\";\n \n // After a CrewAI task completes\n * await emitCrewTaskEvent(vorim, {\n * role: \"researcher\",\n * agentId: crew.getMember(\"researcher\").agentId,\n * task: \"research_competitors\",\n * tool: \"web_search\",\n * result: \"success\",\n * latencyMs: 3200,\n * });\n * ```\n /\nexport async function emitCrewTaskEvent(\n vorim: VorimSDK,\n event: CrewTaskEvent,\n): Promise<void> {\n const auditEvent: AuditEventInput = {\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n };\n\n await vorim.emit(auditEvent);\n}\n\n/\n Emits audit events for an entire crew run (batch of task results).\n \n @example\n * ```ts\n * await emitCrewRunEvents(vorim, [\n * { role: \"researcher\", agentId: \"...\", task: \"research\", result: \"success\" },\n * { role: \"writer\", agentId: \"...\", task: \"draft_article\", result: \"success\" },\n * { role: \"editor\", agentId: \"...\", task: \"review\", result: \"success\" },\n * ]);\n * ```\n /\nexport async function emitCrewRunEvents(\n vorim: VorimSDK,\n events: CrewTaskEvent[],\n): Promise<{ ingested: number }> {\n const auditEvents: AuditEventInput[] = events.map(event => ({\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n }));\n\n return vorim.emitBatch(auditEvents);\n}\n\n// ─── Permission Helpers ──────────────────────────────────────────────────\n\n/\n Check if a crew member has permission before executing a task.\n * Returns the check result — does not throw.\n \n @example\n * ```ts\n * const { allowed } = await checkCrewPermission(vorim, crew, \"writer\", \"agent:write\");\n * if (!allowed) {\n * console.log(\"Writer lacks write permission\");\n * }\n * ```\n /\nexport async function checkCrewPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n role: string,\n scope: PermissionScope,\n): Promise<{ allowed: boolean; reason?: string }> {\n const member = crew.getMember(role);\n if (!member) {\n return { allowed: false, reason: `Unknown crew member: ${role}` };\n }\n return vorim.check(member.agentId, scope);\n}\n\n/\n Check if delegation between two crew members is permitted.\n * The delegating agent must have the `agent:delegate` scope.\n /\nexport async function checkDelegationPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n fromRole: string,\n toRole: string,\n): Promise<{ allowed: boolean; reason?: string }> {\n const from = crew.getMember(fromRole);\n const to = crew.getMember(toRole);\n if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };\n if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };\n\n const result = await vorim.check(from.agentId, 'agent:delegate');\n if (!result.allowed) {\n return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };\n }\n return { allowed: true };\n}\n\n// ─── Trust Verification ──────────────────────────────────────────────────\n\n/\n Verify trust scores for all members of a crew.\n * Useful before starting a crew run to ensure all agents are active and trusted.\n */\nexport async function verifyCrewTrust(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n): Promise<{ role: string; agentId: string; trustScore: number; status: string }[]> {\n const results = await Promise.all(\n crew.members.map(async (member) => {\n const trust = await vorim.verify(member.agentId);\n return {\n role: member.role,\n agentId: member.agentId,\n trustScore: trust.trust_score,\n status: trust.status,\n };\n }),\n );\n return results;\n}\n"],"mappings":";AA2GA,eAAsB,aACpB,OACA,UACyB;AACzB,QAAM,UAAkC,CAAC;AAEzC,aAAW,UAAU,SAAS,SAAS;AACrC,UAAM,SAAS,CAAC,GAAG,OAAO,MAAM;AAGhC,QAAI,OAAO,mBAAmB,CAAC,OAAO,SAAS,gBAAgB,GAAG;AAChE,aAAO,KAAK,gBAAgB;AAAA,IAC9B;AAEA,UAAM,eAAe,MAAM,MAAM,SAAS;AAAA,MACxC,MAAM,OAAO;AAAA,MACb,aAAa,OAAO,eAAe,UAAU,OAAO,IAAI,WAAM,SAAS,QAAQ;AAAA,MAC/E,cAAc,OAAO;AAAA,MACrB;AAAA,IACF,CAAC;AAED,YAAQ,KAAK;AAAA,MACX,MAAM,OAAO;AAAA,MACb,SAAS,aAAa,MAAM;AAAA,MAC5B;AAAA,MACA,YAAY,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAEA,SAAO;AAAA,IACL,UAAU,SAAS;AAAA,IACnB;AAAA,IACA,UAAU,MAAc;AACtB,aAAO,QAAQ,KAAK,OAAK,EAAE,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,WAAW;AACT,aAAO,QAAQ,IAAI,OAAK,EAAE,OAAO;AAAA,IACnC;AAAA,EACF;AACF;AA4CA,eAAsB,kBACpB,OACA,OACe;AACf,QAAM,aAA8B;AAAA,IAClC,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF;AAEA,QAAM,MAAM,KAAK,UAAU;AAC7B;AAcA,eAAsB,kBACpB,OACA,QAC+B;AAC/B,QAAM,cAAiC,OAAO,IAAI,YAAU;AAAA,IAC1D,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,EACF,EAAE;AAEF,SAAO,MAAM,UAAU,WAAW;AACpC;AAgBA,eAAsB,oBACpB,OACA,MACA,MACA,OACgD;AAChD,QAAM,SAAS,KAAK,UAAU,IAAI;AAClC,MAAI,CAAC,QAAQ;AACX,WAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,IAAI,GAAG;AAAA,EAClE;AACA,SAAO,MAAM,MAAM,OAAO,SAAS,KAAK;AAC1C;AAMA,eAAsB,0BACpB,OACA,MACA,UACA,QACgD;AAChD,QAAM,OAAO,KAAK,UAAU,QAAQ;AACpC,QAAM,KAAK,KAAK,UAAU,MAAM;AAChC,MAAI,CAAC,KAAM,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,QAAQ,GAAG;AAC/E,MAAI,CAAC,GAAI,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,MAAM,GAAG;AAE3E,QAAM,SAAS,MAAM,MAAM,MAAM,KAAK,SAAS,gBAAgB;AAC/D,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,EAAE,SAAS,OAAO,QAAQ,GAAG,QAAQ,mCAAmC;AAAA,EACjF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;AAQA,eAAsB,gBACpB,OACA,MACkF;AAClF,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,KAAK,QAAQ,IAAI,OAAO,WAAW;AACjC,YAAM,QAAQ,MAAM,MAAM,OAAO,OAAO,OAAO;AAC/C,aAAO;AAAA,QACL,MAAM,OAAO;AAAA,QACb,SAAS,OAAO;AAAA,QAChB,YAAY,MAAM;AAAA,QAClB,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;","names":[]}
1	+ {"version":3,"sources":["../../src/integrations/crewai.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — CrewAI Integration\n// CrewAI is Python-only, so this module provides:\n// 1. A TypeScript helper for managing CrewAI agent identities via Vorim\n// 2. Audit utilities for logging crew task execution\n// 3. A \"crew manifest\" pattern for registering entire crews at once\n//\n// Use this from a TypeScript orchestration layer that triggers CrewAI\n// runs via REST, CLI, or subprocess. For native Python integration,\n// use the Vorim REST API directly (see docs).\n//\n// No peer dependencies required — uses @vorim/sdk only.\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type {\n PermissionScope, AuditEventInput, AgentRegistrationResult,\n} from '../types.js';\n\n// ─── Crew Configuration ──────────────────────────────────────────────────\n\nexport interface CrewMemberConfig {\n /** Unique role name within the crew (e.g. \"researcher\", \"writer\"). /\n role: string;\n /* Display name for the Vorim agent. /\n name: string;\n /* Description of this crew member's responsibilities. /\n description?: string;\n /* Tools this agent can use (e.g. [\"web_search\", \"file_read\"]). /\n capabilities: string[];\n /* Permission scopes to grant. /\n scopes: PermissionScope[];\n /* Whether this agent can delegate to other crew members. /\n allowDelegation?: boolean;\n}\n\nexport interface CrewManifest {\n /* Name for the overall crew. /\n crewName: string;\n /* Members of the crew. /\n members: CrewMemberConfig[];\n /* Optional metadata for the crew. /\n metadata?: Record<string, unknown>;\n}\n\nexport interface RegisteredCrewMember {\n role: string;\n agentId: string;\n registration: AgentRegistrationResult;\n privateKey: string;\n}\n\nexport interface RegisteredCrew {\n crewName: string;\n members: RegisteredCrewMember[];\n /* Lookup a member by role. /\n getMember(role: string): RegisteredCrewMember \| undefined;\n /* Get all agent IDs in the crew. /\n agentIds(): string[];\n}\n\n// ─── Crew Registration ──────────────────────────────────────────────────\n\n/\n Registers an entire CrewAI crew with Vorim. Each crew member gets a\n * unique Vorim agent identity with Ed25519 keypair and scoped permissions.\n \n @example\n * ```ts\n * import createVorim from \"@vorim/sdk\";\n * import { registerCrew } from \"@vorim/sdk/integrations/crewai\";\n \n const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n \n const crew = await registerCrew(vorim, {\n * crewName: \"content-pipeline\",\n * members: [\n * {\n * role: \"researcher\",\n * name: \"crew-researcher\",\n * capabilities: [\"web_search\", \"summarization\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * },\n * {\n * role: \"writer\",\n * name: \"crew-writer\",\n * capabilities: [\"file_write\", \"formatting\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * },\n * {\n * role: \"editor\",\n * name: \"crew-editor\",\n * capabilities: [\"review\", \"approval\"],\n * scopes: [\"agent:read\", \"agent:write\"],\n * allowDelegation: true,\n * },\n * ],\n * });\n \n // Access individual members\n * const researcher = crew.getMember(\"researcher\");\n * console.log(researcher.agentId); // agid_acme_...\n \n // Grant delegation permission to editor\n * // (done automatically if allowDelegation is true)\n * ```\n /\nexport async function registerCrew(\n vorim: VorimSDK,\n manifest: CrewManifest,\n): Promise<RegisteredCrew> {\n const members: RegisteredCrewMember[] = [];\n\n for (const member of manifest.members) {\n const scopes = [...member.scopes];\n\n // Auto-add delegate scope if delegation is allowed\n if (member.allowDelegation && !scopes.includes('agent:delegate')) {\n scopes.push('agent:delegate');\n }\n\n const registration = await vorim.register({\n name: member.name,\n description: member.description ?? `CrewAI ${member.role} — ${manifest.crewName}`,\n capabilities: member.capabilities,\n scopes,\n });\n\n members.push({\n role: member.role,\n agentId: registration.agent.agent_id,\n registration,\n privateKey: registration.private_key,\n });\n }\n\n return {\n crewName: manifest.crewName,\n members,\n getMember(role: string) {\n return members.find(m => m.role === role);\n },\n agentIds() {\n return members.map(m => m.agentId);\n },\n };\n}\n\n// ─── Task Audit ──────────────────────────────────────────────────────────\n\nexport interface CrewTaskEvent {\n /* The role of the crew member performing the task. /\n role: string;\n /* The Vorim agent_id (looked up from the crew). /\n agentId: string;\n /* Task description or name. /\n task: string;\n /* Tool used (if any). /\n tool?: string;\n /* Result of the action. /\n result: 'success' \| 'denied' \| 'error';\n /* Duration in milliseconds. /\n latencyMs?: number;\n /* Error details if result is 'error'. /\n error?: string;\n /* Whether this was a delegation to another crew member. /\n delegatedTo?: string;\n /* Additional context. /\n metadata?: Record<string, unknown>;\n /\n Replayable agent decision evidence (VAIP -02).\n \n Stable identifier for the model that produced this task. Free-form\n * but recommended convention is `provider:model-name-version`.\n /\n modelVersion?: string;\n /\n SHA-256 of the canonicalised tool catalogue available to the\n * crew member at task time. Compute via {@link hashToolCatalogue}\n * from `@vorim/sdk`.\n /\n toolCatalogueHash?: string;\n /\n SHA-256 of the system prompt active at task time. Compute via\n * {@link hashSystemPrompt} from `@vorim/sdk`.\n /\n systemPromptHash?: string;\n}\n\n/\n Emits a Vorim audit event for a CrewAI task execution.\n * Call this from your orchestration layer after each CrewAI step completes.\n \n @example\n * ```ts\n * import { emitCrewTaskEvent } from \"@vorim/sdk/integrations/crewai\";\n \n // After a CrewAI task completes\n * await emitCrewTaskEvent(vorim, {\n * role: \"researcher\",\n * agentId: crew.getMember(\"researcher\").agentId,\n * task: \"research_competitors\",\n * tool: \"web_search\",\n * result: \"success\",\n * latencyMs: 3200,\n * });\n * ```\n /\nexport async function emitCrewTaskEvent(\n vorim: VorimSDK,\n event: CrewTaskEvent,\n): Promise<void> {\n const auditEvent: AuditEventInput = {\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n ...(event.modelVersion ? { model_version: event.modelVersion } : {}),\n ...(event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {}),\n ...(event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}),\n };\n\n await vorim.emit(auditEvent);\n}\n\n/\n Emits audit events for an entire crew run (batch of task results).\n \n @example\n * ```ts\n * await emitCrewRunEvents(vorim, [\n * { role: \"researcher\", agentId: \"...\", task: \"research\", result: \"success\" },\n * { role: \"writer\", agentId: \"...\", task: \"draft_article\", result: \"success\" },\n * { role: \"editor\", agentId: \"...\", task: \"review\", result: \"success\" },\n * ]);\n * ```\n /\nexport async function emitCrewRunEvents(\n vorim: VorimSDK,\n events: CrewTaskEvent[],\n): Promise<{ ingested: number }> {\n const auditEvents: AuditEventInput[] = events.map(event => ({\n agent_id: event.agentId,\n event_type: event.tool ? 'tool_call' : 'api_request',\n action: event.task,\n resource: event.tool,\n result: event.result,\n latency_ms: event.latencyMs,\n error_code: event.error ? 'CREW_TASK_ERROR' : undefined,\n metadata: {\n framework: 'crewai',\n role: event.role,\n ...(event.delegatedTo ? { delegated_to: event.delegatedTo } : {}),\n ...(event.error ? { error: event.error } : {}),\n ...event.metadata,\n },\n ...(event.modelVersion ? { model_version: event.modelVersion } : {}),\n ...(event.toolCatalogueHash ? { tool_catalogue_hash: event.toolCatalogueHash } : {}),\n ...(event.systemPromptHash ? { system_prompt_hash: event.systemPromptHash } : {}),\n }));\n\n return vorim.emitBatch(auditEvents);\n}\n\n// ─── Permission Helpers ──────────────────────────────────────────────────\n\n/\n Check if a crew member has permission before executing a task.\n * Returns the check result — does not throw.\n \n @example\n * ```ts\n * const { allowed } = await checkCrewPermission(vorim, crew, \"writer\", \"agent:write\");\n * if (!allowed) {\n * console.log(\"Writer lacks write permission\");\n * }\n * ```\n /\nexport async function checkCrewPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n role: string,\n scope: PermissionScope,\n): Promise<{ allowed: boolean; reason?: string }> {\n const member = crew.getMember(role);\n if (!member) {\n return { allowed: false, reason: `Unknown crew member: ${role}` };\n }\n return vorim.check(member.agentId, scope);\n}\n\n/\n Check if delegation between two crew members is permitted.\n * The delegating agent must have the `agent:delegate` scope.\n /\nexport async function checkDelegationPermission(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n fromRole: string,\n toRole: string,\n): Promise<{ allowed: boolean; reason?: string }> {\n const from = crew.getMember(fromRole);\n const to = crew.getMember(toRole);\n if (!from) return { allowed: false, reason: `Unknown crew member: ${fromRole}` };\n if (!to) return { allowed: false, reason: `Unknown crew member: ${toRole}` };\n\n const result = await vorim.check(from.agentId, 'agent:delegate');\n if (!result.allowed) {\n return { allowed: false, reason: `${fromRole} lacks agent:delegate permission` };\n }\n return { allowed: true };\n}\n\n// ─── Trust Verification ──────────────────────────────────────────────────\n\n/\n Verify trust scores for all members of a crew.\n * Useful before starting a crew run to ensure all agents are active and trusted.\n */\nexport async function verifyCrewTrust(\n vorim: VorimSDK,\n crew: RegisteredCrew,\n): Promise<{ role: string; agentId: string; trustScore: number; status: string }[]> {\n const results = await Promise.all(\n crew.members.map(async (member) => {\n const trust = await vorim.verify(member.agentId);\n return {\n role: member.role,\n agentId: member.agentId,\n trustScore: trust.trust_score,\n status: trust.status,\n };\n }),\n );\n return results;\n}\n"],"mappings":";AA2GA,eAAsB,aACpB,OACA,UACyB;AACzB,QAAM,UAAkC,CAAC;AAEzC,aAAW,UAAU,SAAS,SAAS;AACrC,UAAM,SAAS,CAAC,GAAG,OAAO,MAAM;AAGhC,QAAI,OAAO,mBAAmB,CAAC,OAAO,SAAS,gBAAgB,GAAG;AAChE,aAAO,KAAK,gBAAgB;AAAA,IAC9B;AAEA,UAAM,eAAe,MAAM,MAAM,SAAS;AAAA,MACxC,MAAM,OAAO;AAAA,MACb,aAAa,OAAO,eAAe,UAAU,OAAO,IAAI,WAAM,SAAS,QAAQ;AAAA,MAC/E,cAAc,OAAO;AAAA,MACrB;AAAA,IACF,CAAC;AAED,YAAQ,KAAK;AAAA,MACX,MAAM,OAAO;AAAA,MACb,SAAS,aAAa,MAAM;AAAA,MAC5B;AAAA,MACA,YAAY,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAEA,SAAO;AAAA,IACL,UAAU,SAAS;AAAA,IACnB;AAAA,IACA,UAAU,MAAc;AACtB,aAAO,QAAQ,KAAK,OAAK,EAAE,SAAS,IAAI;AAAA,IAC1C;AAAA,IACA,WAAW;AACT,aAAO,QAAQ,IAAI,OAAK,EAAE,OAAO;AAAA,IACnC;AAAA,EACF;AACF;AA8DA,eAAsB,kBACpB,OACA,OACe;AACf,QAAM,aAA8B;AAAA,IAClC,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,IACA,GAAI,MAAM,eAAe,EAAE,eAAe,MAAM,aAAa,IAAI,CAAC;AAAA,IAClE,GAAI,MAAM,oBAAoB,EAAE,qBAAqB,MAAM,kBAAkB,IAAI,CAAC;AAAA,IAClF,GAAI,MAAM,mBAAmB,EAAE,oBAAoB,MAAM,iBAAiB,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,MAAM,KAAK,UAAU;AAC7B;AAcA,eAAsB,kBACpB,OACA,QAC+B;AAC/B,QAAM,cAAiC,OAAO,IAAI,YAAU;AAAA,IAC1D,UAAU,MAAM;AAAA,IAChB,YAAY,MAAM,OAAO,cAAc;AAAA,IACvC,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM;AAAA,IAChB,QAAQ,MAAM;AAAA,IACd,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM,QAAQ,oBAAoB;AAAA,IAC9C,UAAU;AAAA,MACR,WAAW;AAAA,MACX,MAAM,MAAM;AAAA,MACZ,GAAI,MAAM,cAAc,EAAE,cAAc,MAAM,YAAY,IAAI,CAAC;AAAA,MAC/D,GAAI,MAAM,QAAQ,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,MAC5C,GAAG,MAAM;AAAA,IACX;AAAA,IACA,GAAI,MAAM,eAAe,EAAE,eAAe,MAAM,aAAa,IAAI,CAAC;AAAA,IAClE,GAAI,MAAM,oBAAoB,EAAE,qBAAqB,MAAM,kBAAkB,IAAI,CAAC;AAAA,IAClF,GAAI,MAAM,mBAAmB,EAAE,oBAAoB,MAAM,iBAAiB,IAAI,CAAC;AAAA,EACjF,EAAE;AAEF,SAAO,MAAM,UAAU,WAAW;AACpC;AAgBA,eAAsB,oBACpB,OACA,MACA,MACA,OACgD;AAChD,QAAM,SAAS,KAAK,UAAU,IAAI;AAClC,MAAI,CAAC,QAAQ;AACX,WAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,IAAI,GAAG;AAAA,EAClE;AACA,SAAO,MAAM,MAAM,OAAO,SAAS,KAAK;AAC1C;AAMA,eAAsB,0BACpB,OACA,MACA,UACA,QACgD;AAChD,QAAM,OAAO,KAAK,UAAU,QAAQ;AACpC,QAAM,KAAK,KAAK,UAAU,MAAM;AAChC,MAAI,CAAC,KAAM,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,QAAQ,GAAG;AAC/E,MAAI,CAAC,GAAI,QAAO,EAAE,SAAS,OAAO,QAAQ,wBAAwB,MAAM,GAAG;AAE3E,QAAM,SAAS,MAAM,MAAM,MAAM,KAAK,SAAS,gBAAgB;AAC/D,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,EAAE,SAAS,OAAO,QAAQ,GAAG,QAAQ,mCAAmC;AAAA,EACjF;AACA,SAAO,EAAE,SAAS,KAAK;AACzB;AAQA,eAAsB,gBACpB,OACA,MACkF;AAClF,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,KAAK,QAAQ,IAAI,OAAO,WAAW;AACjC,YAAM,QAAQ,MAAM,MAAM,OAAO,OAAO,OAAO;AAC/C,aAAO;AAAA,QACL,MAAM,OAAO;AAAA,QACb,SAAS,OAAO;AAAA,QAChB,YAAY,MAAM;AAAA,QAClB,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;","names":[]}