@wardnmesh/sdk-node 0.2.1

package/dist/wardn.js

@@ -0,0 +1,443 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Wardn = void 0;
+const pattern_1 = require("./detectors/pattern");
+const sequence_1 = require("./detectors/sequence");
+const state_1 = require("./detectors/state");
+const safe_regex_1 = require("./utils/safe-regex");
+const update_checker_1 = require("./update-checker");
+const session_manager_1 = require("./state/session-manager");
+const reporter_1 = require("./telemetry/reporter");
+const semantic_detector_1 = require("./detectors/semantic-detector");
+const rule_validator_1 = require("./utils/rule-validator");
+const logger_1 = require("./utils/logger");
+const security_limits_1 = require("./config/security-limits");
+/** Synchronous state adapter for in-request state management */
+class SyncStateAdapter {
+    constructor(initialState, maxHistory = 50) {
+        this.maxHistory = maxHistory;
+        this.state = {
+            startTime: initialState.startTime || new Date().toISOString(),
+            toolCalls: initialState.toolCalls || [],
+            recentTools: initialState.recentTools || [],
+            detectedViolations: initialState.detectedViolations || [],
+            customState: initialState.customState || {},
+            currentFile: initialState.currentFile,
+        };
+    }
+    getRecentTools(count) {
+        const tools = this.state.recentTools || [];
+        return count ? tools.slice(-count) : tools;
+    }
+    setCustomState(key, value) {
+        this.state.customState[key] = value;
+    }
+    getCustomState(key) {
+        return this.state.customState[key];
+    }
+    addToolCall(tool) {
+        if (!this.state.recentTools)
+            this.state.recentTools = [];
+        this.state.recentTools.push(tool);
+        if (this.state.recentTools.length > this.maxHistory) {
+            this.state.recentTools.shift();
+        }
+    }
+    exportState() {
+        return this.state;
+    }
+    addViolation(violation) {
+        if (!this.state.detectedViolations)
+            this.state.detectedViolations = [];
+        this.state.detectedViolations.push(violation);
+    }
+}
+class Wardn {
+    constructor(config, stateProvider) {
+        this.pollTimer = null;
+        this.isShutdown = false;
+        // Rate limiting for rule updates
+        this.lastRuleUpdate = 0;
+        this.updateCount = 0;
+        this.updateCountResetTime = Date.now();
+        this.config = config;
+        this.stateProvider = stateProvider || new session_manager_1.InMemorySessionStateProvider();
+        this.telemetry = this.initTelemetry();
+        this.patternDetector = new pattern_1.PatternDetector();
+        this.sequenceDetector = new sequence_1.SequenceDetector();
+        this.stateDetector = new state_1.StateDetector();
+        this.semanticDetector = semantic_detector_1.SemanticDetector.getInstance();
+        // Emit startup event
+        this.telemetry.emit({
+            eventType: "agent_started",
+            timestamp: new Date().toISOString(),
+            data: {
+                config: {
+                    appName: this.config.telemetry?.serviceName,
+                    ruleCount: this.config.rules.length,
+                },
+            },
+        });
+        // Start polling if configured (with URL validation)
+        if (this.config.remoteRulesUrl) {
+            const urlValidation = (0, rule_validator_1.validateRemoteUrl)(this.config.remoteRulesUrl);
+            if (urlValidation.valid) {
+                this.pollRemoteRules();
+            }
+            else {
+                logger_1.logger.error("Invalid remote rules URL:", urlValidation.errors.join(", "));
+            }
+        }
+    }
+    initTelemetry() {
+        if (this.config.telemetry?.enabled && process.env.WARDN_API_URL) {
+            const apiKey = this.config.apiKey;
+            return new reporter_1.WardnReporter(process.env.WARDN_API_URL, apiKey || "", this.config.telemetry.serviceName || "unknown-service");
+        }
+        return new reporter_1.ConsoleReporter();
+    }
+    static getInstance() {
+        if (!Wardn.instance) {
+            throw new Error("Wardn not initialized. Call Wardn.init() first.");
+        }
+        return Wardn.instance;
+    }
+    static init(config, stateProvider) {
+        const apiKey = config.apiKey || process.env.WARDN_API_KEY;
+        if (!apiKey) {
+            const errorMsg = "\n\n" +
+                "[Wardn] ACTIVE DEFENSE NOT INITIALIZED\n" +
+                "===================================================\n" +
+                "The immune system requires an identity to function.\n" +
+                "\n" +
+                "1. Get your API Key: https://wardnmesh.ai (Free for Devs)\n" +
+                "2. Set Variable:     WARDNMESH_API_KEY=wk_...\n" +
+                "\n" +
+                "Your agent is currently UNPROTECTED from prompt injection.\n" +
+                "===================================================\n";
+            logger_1.logger.error(errorMsg);
+            throw new Error("[Wardn] Missing API Key. Registration required.");
+        }
+        // Ensure config has the key
+        const finalConfig = { ...config, apiKey };
+        Wardn.instance = new Wardn(finalConfig, stateProvider);
+        // Check for updates (non-blocking, don't await)
+        // Skip in test environment to avoid async warnings
+        if (security_limits_1.FEATURE_FLAGS.ENABLE_UPDATE_CHECK && process.env.NODE_ENV !== "test") {
+            (0, update_checker_1.notifyIfUpdateAvailable)().catch(() => {
+                // Silently fail - don't disrupt initialization
+            });
+        }
+        return Wardn.instance;
+    }
+    /**
+     * Reset the singleton instance (useful for testing)
+     */
+    static reset() {
+        if (Wardn.instance) {
+            Wardn.instance.shutdown();
+            Wardn.instance = null;
+        }
+    }
+    /**
+     * Shutdown the Wardn instance, cleaning up resources
+     */
+    shutdown() {
+        if (this.isShutdown)
+            return;
+        this.isShutdown = true;
+        // Clear polling timer
+        if (this.pollTimer) {
+            clearTimeout(this.pollTimer);
+            this.pollTimer = null;
+        }
+        // Emit shutdown event with pattern error metrics
+        const patternMetrics = (0, safe_regex_1.getPatternErrorMetrics)();
+        this.telemetry.emit({
+            eventType: "agent_shutdown",
+            timestamp: new Date().toISOString(),
+            data: {
+                uptime: Date.now() - new Date(this.stateProvider ? Date.now() : 0).getTime(),
+                patternErrorMetrics: patternMetrics,
+            },
+        });
+        // Stop telemetry auto-flush timer
+        if (this.telemetry.stop) {
+            this.telemetry.stop();
+        }
+        logger_1.logger.info("Shutdown complete");
+    }
+    /**
+     * Scan a request for security violations
+     * @param request The agent request context (prompt, tools, etc.)
+     * @returns ScanResult with allowed/blocked status and violations
+     */
+    async scan(request) {
+        if (this.isShutdown) {
+            return {
+                allowed: true,
+                violations: [],
+                latencyMs: 0,
+                metadata: { error: true, errorDetails: "Wardn instance is shutdown" },
+            };
+        }
+        const startTime = Date.now();
+        const failMode = this.config.failMode || "open";
+        try {
+            const { toolName = "llm_input", parameters = {}, sessionId, } = request;
+            const currentSessionId = sessionId || "default";
+            const rawState = await this.stateProvider.getState(currentSessionId);
+            const stateAdapter = new SyncStateAdapter(rawState, this.config.maxHistorySize);
+            const toolData = this.normalizeRequest(request);
+            stateAdapter.addToolCall(toolData);
+            // Lazy load semantic model if needed
+            if (this.config.rules.some((r) => r.detector.type === "semantic")) {
+                await this.semanticDetector.init();
+            }
+            const violations = [];
+            // Run all detectors
+            for (const rule of this.config.rules) {
+                const violation = await this.detectViolation(rule, toolData, stateAdapter);
+                if (violation) {
+                    violations.push(violation);
+                    stateAdapter.addViolation(violation);
+                    this.reportViolation(violation, toolData, currentSessionId);
+                }
+            }
+            await this.stateProvider.setState(currentSessionId, stateAdapter.exportState());
+            const result = {
+                allowed: !violations.some((v) => v.severity === "critical"),
+                violations,
+                latencyMs: Date.now() - startTime,
+                metadata: {
+                    analyzedRules: this.config.rules.length,
+                    sessionId: currentSessionId,
+                },
+            };
+            this.reportScanComplete(result, currentSessionId);
+            return result;
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : "Unknown error";
+            logger_1.logger.error(`Scan failed, failing ${failMode}:`, error);
+            this.telemetry.emit({
+                eventType: "error",
+                timestamp: new Date().toISOString(),
+                data: {
+                    error: errorMessage,
+                    sessionId: request.sessionId || "unknown",
+                },
+            });
+            // Configurable fail mode
+            const allowed = failMode === "open";
+            return {
+                allowed,
+                violations: [],
+                latencyMs: Date.now() - startTime,
+                metadata: {
+                    error: true,
+                    errorDetails: errorMessage,
+                    failMode,
+                },
+            };
+        }
+    }
+    /** Normalize request to ToolData format */
+    normalizeRequest(request) {
+        return {
+            toolName: request.toolName || "llm_input",
+            parameters: request.parameters || { prompt: request.prompt || "" },
+            result: { success: true },
+            duration: 0,
+            timestamp: new Date().toISOString(),
+        };
+    }
+    /** Run detector for a single rule */
+    async detectViolation(rule, toolData, stateAdapter) {
+        switch (rule.detector.type) {
+            case "pattern":
+                return this.patternDetector.detect(toolData, rule, stateAdapter);
+            case "sequence":
+                return this.sequenceDetector.detect(toolData, rule, stateAdapter);
+            case "state":
+                return this.stateDetector.detect(toolData, rule, stateAdapter);
+            case "semantic":
+                return this.detectSemanticViolation(rule, toolData);
+            default:
+                return null;
+        }
+    }
+    /** Handle semantic detection */
+    async detectSemanticViolation(rule, toolData) {
+        const prompt = toolData.parameters.prompt ||
+            JSON.stringify(toolData.parameters);
+        const config = rule.detector.config;
+        const { detected, reason, score } = await this.semanticDetector.scan(prompt, config.threshold || 0.75);
+        if (!detected)
+            return null;
+        return {
+            id: crypto.randomUUID(),
+            ruleId: rule.id,
+            ruleName: rule.name,
+            severity: rule.severity,
+            description: reason || "Semantic Violation",
+            context: {
+                toolName: toolData.toolName,
+                toolData,
+                additionalInfo: { score },
+            },
+            timestamp: new Date().toISOString(),
+        };
+    }
+    /** Report violation to telemetry */
+    reportViolation(violation, toolData, sessionId) {
+        // REDACTION: Create a safe copy for the cloud
+        const safeViolation = { ...violation };
+        if (safeViolation.context) {
+            // Remove raw toolData (prompts) from the cloud payload
+            const { toolData: _removed, ...safeContext } = safeViolation.context;
+            safeViolation.context = safeContext;
+        }
+        this.telemetry.emit({
+            eventType: "violation_detected",
+            timestamp: new Date().toISOString(),
+            data: { violation: safeViolation },
+            metadata: { sessionId },
+        });
+    }
+    /** Report scan completion to telemetry */
+    reportScanComplete(result, sessionId) {
+        this.telemetry.emit({
+            eventType: "scan_complete",
+            timestamp: new Date().toISOString(),
+            data: {
+                allowed: result.allowed,
+                latencyMs: result.latencyMs,
+                violationCount: result.violations.length,
+            },
+            metadata: { sessionId },
+        });
+    }
+    /**
+     * Update rules dynamically
+     * This allows external systems (like MCP server with Supabase threat rules)
+     * to update the rule set without restarting
+     *
+     * @param rules New rule set to use
+     * @returns void
+     */
+    updateRules(rules) {
+        if (this.isShutdown) {
+            logger_1.logger.warn("Cannot update rules: Wardn instance is shutdown");
+            return;
+        }
+        // Rate limiting: Prevent update spam
+        const now = Date.now();
+        const timeSinceLastUpdate = now - this.lastRuleUpdate;
+        if (timeSinceLastUpdate < security_limits_1.SECURITY_LIMITS.MIN_UPDATE_INTERVAL_MS) {
+            throw new Error(`Rate limit: Cannot update rules more than once per ${security_limits_1.SECURITY_LIMITS.MIN_UPDATE_INTERVAL_MS}ms. ` +
+                `Last update was ${timeSinceLastUpdate}ms ago.`);
+        }
+        // Reset update counter every minute
+        if (now - this.updateCountResetTime > 60000) {
+            this.updateCount = 0;
+            this.updateCountResetTime = now;
+        }
+        if (this.updateCount >= security_limits_1.SECURITY_LIMITS.MAX_UPDATES_PER_MINUTE) {
+            throw new Error(`Rate limit: Maximum ${security_limits_1.SECURITY_LIMITS.MAX_UPDATES_PER_MINUTE} updates per minute exceeded.`);
+        }
+        // Validate rule count before validation (fail fast)
+        if (rules.length > security_limits_1.SECURITY_LIMITS.MAX_RULES) {
+            throw new Error(`Too many rules: ${rules.length}. Maximum allowed: ${security_limits_1.SECURITY_LIMITS.MAX_RULES}`);
+        }
+        // Validate rules before applying
+        const validation = (0, rule_validator_1.validateRules)(rules);
+        if (!validation.valid) {
+            logger_1.logger.error("Invalid rules provided to updateRules():", validation.errors.slice(0, 5).join("; "));
+            throw new Error(`Invalid rules: ${validation.errors[0]}`);
+        }
+        const oldCount = this.config.rules.length;
+        // Atomic update: Create defensive copy then assign atomically
+        // This prevents race conditions where scan() might iterate during update
+        const newRules = [...rules]; // Defensive copy
+        this.config.rules = newRules; // Atomic assignment (V8 guarantees atomicity)
+        logger_1.logger.info(`Rules updated: ${oldCount} → ${this.config.rules.length} rules`);
+        // Emit telemetry event for rule update
+        this.telemetry.emit({
+            eventType: "rules_updated",
+            timestamp: new Date().toISOString(),
+            data: {
+                oldCount,
+                newCount: this.config.rules.length,
+            },
+        });
+        // Update rate limiting tracking
+        this.lastRuleUpdate = now;
+        this.updateCount++;
+    }
+    /**
+     * Get current rules
+     * @returns Current rule set
+     */
+    getRules() {
+        return [...this.config.rules];
+    }
+    /**
+     * Get pattern error metrics for monitoring
+     * @returns Pattern error statistics
+     */
+    getPatternErrorMetrics() {
+        return (0, safe_regex_1.getPatternErrorMetrics)();
+    }
+    /** Poll remote rules for updates with validation */
+    async pollRemoteRules() {
+        if (!this.config.remoteRulesUrl || this.isShutdown)
+            return;
+        const FETCH_TIMEOUT_MS = 10000; // 10 second timeout
+        const poll = async () => {
+            if (this.isShutdown)
+                return;
+            try {
+                // Create AbortController for timeout
+                const controller = new AbortController();
+                const timeoutId = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
+                const response = await fetch(this.config.remoteRulesUrl, {
+                    headers: {
+                        "Accept": "application/json",
+                        "X-Wardn-Client": "sdk-node",
+                    },
+                    signal: controller.signal,
+                });
+                clearTimeout(timeoutId);
+                if (response.ok) {
+                    const remoteRules = await response.json();
+                    // Validate rules before applying
+                    const validation = (0, rule_validator_1.validateRules)(remoteRules);
+                    if (validation.valid) {
+                        this.config.rules = remoteRules;
+                        logger_1.logger.info(`Rules synced from remote: ${this.config.rules.length} rules`);
+                    }
+                    else {
+                        logger_1.logger.error("Invalid remote rules:", validation.errors.slice(0, 5).join("; "));
+                    }
+                }
+                else {
+                    logger_1.logger.warn("Failed to fetch rules:", response.statusText);
+                }
+            }
+            catch (error) {
+                logger_1.logger.error("Rule polling error:", error);
+            }
+            finally {
+                // Schedule next poll if not shutdown
+                if (!this.isShutdown) {
+                    this.pollTimer = setTimeout(poll, this.config.pollingIntervalMs || 60000);
+                }
+            }
+        };
+        // Initial call
+        poll();
+    }
+}
+exports.Wardn = Wardn;
+Wardn.instance = null;

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@wardnmesh/sdk-node",
+  "version": "0.2.1",
+  "description": "WardnMesh.AI Node.js SDK - Active Defense Middleware for AI Agents",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "test": "jest"
+  },
+  "bin": {
+    "wardn-init": "./bin/setup.js"
+  },
+  "files": [
+    "dist",
+    "bin",
+    "README.md",
+    "LICENSE"
+  ],
+  "keywords": [
+    "ai-security",
+    "prompt-injection",
+    "middleware",
+    "agent-guard"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/PCIRCLE-AI/wardnmesh.git"
+  },
+  "bugs": {
+    "url": "https://github.com/PCIRCLE-AI/wardnmesh/issues"
+  },
+  "homepage": "https://wardnmesh.ai",
+  "author": "KT",
+  "license": "Elastic-2.0",
+  "devDependencies": {
+    "@types/jest": "^29.5.11",
+    "@types/node": "^20.10.0",
+    "jest": "^29.7.0",
+    "next": "^16.1.1",
+    "ts-jest": "^29.1.1",
+    "typescript": "^5.0.0"
+  },
+  "dependencies": {
+    "@xenova/transformers": "^2.17.2"
+  }
+}