agentcheck-sdk 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.js +6 -1
- package/dist/safety.d.ts +69 -0
- package/dist/safety.js +161 -0
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -8,6 +8,7 @@ export { quickStart } from "./quickstart";
|
|
|
8
8
|
export { templates } from "./templates";
|
|
9
9
|
export { TelemetryPlugin } from "./telemetry";
|
|
10
10
|
export { ScopeEngine, buildScope } from "./scope-engine";
|
|
11
|
+
export { SafetyStack, BudgetTracker, PatternMonitor, HumanEscalation } from "./safety";
|
|
11
12
|
export type { WebhookEvent } from "./webhook";
|
|
12
13
|
export type { ScopeVerifier, DelegationProviderConfig } from "./provider";
|
|
13
14
|
export type { GuardConfig } from "./guard";
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.RateLimitError = exports.ValidationError = exports.NotFoundError = exports.AuthenticationError = exports.AgentCheckError = exports.buildScope = exports.ScopeEngine = exports.TelemetryPlugin = exports.templates = exports.quickStart = exports.DelegationDashboard = exports.AgentToolChecker = exports.delegationGuard = exports.DelegationProvider = exports.WebhookHandler = exports.AgentCheckClient = void 0;
|
|
3
|
+
exports.RateLimitError = exports.ValidationError = exports.NotFoundError = exports.AuthenticationError = exports.AgentCheckError = exports.HumanEscalation = exports.PatternMonitor = exports.BudgetTracker = exports.SafetyStack = exports.buildScope = exports.ScopeEngine = exports.TelemetryPlugin = exports.templates = exports.quickStart = exports.DelegationDashboard = exports.AgentToolChecker = exports.delegationGuard = exports.DelegationProvider = exports.WebhookHandler = exports.AgentCheckClient = void 0;
|
|
4
4
|
// Individual commands (basic menu)
|
|
5
5
|
var client_1 = require("./client");
|
|
6
6
|
Object.defineProperty(exports, "AgentCheckClient", { enumerable: true, get: function () { return client_1.AgentCheckClient; } });
|
|
@@ -24,6 +24,11 @@ Object.defineProperty(exports, "TelemetryPlugin", { enumerable: true, get: funct
|
|
|
24
24
|
var scope_engine_1 = require("./scope-engine");
|
|
25
25
|
Object.defineProperty(exports, "ScopeEngine", { enumerable: true, get: function () { return scope_engine_1.ScopeEngine; } });
|
|
26
26
|
Object.defineProperty(exports, "buildScope", { enumerable: true, get: function () { return scope_engine_1.buildScope; } });
|
|
27
|
+
var safety_1 = require("./safety");
|
|
28
|
+
Object.defineProperty(exports, "SafetyStack", { enumerable: true, get: function () { return safety_1.SafetyStack; } });
|
|
29
|
+
Object.defineProperty(exports, "BudgetTracker", { enumerable: true, get: function () { return safety_1.BudgetTracker; } });
|
|
30
|
+
Object.defineProperty(exports, "PatternMonitor", { enumerable: true, get: function () { return safety_1.PatternMonitor; } });
|
|
31
|
+
Object.defineProperty(exports, "HumanEscalation", { enumerable: true, get: function () { return safety_1.HumanEscalation; } });
|
|
27
32
|
var errors_1 = require("./errors");
|
|
28
33
|
Object.defineProperty(exports, "AgentCheckError", { enumerable: true, get: function () { return errors_1.AgentCheckError; } });
|
|
29
34
|
Object.defineProperty(exports, "AuthenticationError", { enumerable: true, get: function () { return errors_1.AuthenticationError; } });
|
package/dist/safety.d.ts
ADDED
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Safety Layers - Multi-layered action verification.
|
|
3
|
+
*
|
|
4
|
+
* Layer 1: ScopeEngine - "What is it doing?"
|
|
5
|
+
* Layer 2: BudgetTracker - "How much total?"
|
|
6
|
+
* Layer 3: PatternMonitor - "Is this normal?"
|
|
7
|
+
* Layer 4: HumanEscalation - "Should a human decide?"
|
|
8
|
+
*/
|
|
9
|
+
import { ScopeEngine, StructuredScope, VerificationResult } from "./scope-engine";
|
|
10
|
+
export declare class BudgetTracker {
|
|
11
|
+
private dailyLimit?;
|
|
12
|
+
private monthlyLimit?;
|
|
13
|
+
private dailyCountLimit?;
|
|
14
|
+
private dailyTotals;
|
|
15
|
+
private dailyCounts;
|
|
16
|
+
private monthlyTotals;
|
|
17
|
+
constructor(opts: {
|
|
18
|
+
dailyLimit?: number;
|
|
19
|
+
monthlyLimit?: number;
|
|
20
|
+
dailyCountLimit?: number;
|
|
21
|
+
});
|
|
22
|
+
check(action: string, amount?: number): VerificationResult;
|
|
23
|
+
recordUsage(action: string, amount?: number): void;
|
|
24
|
+
}
|
|
25
|
+
export interface PatternAlert {
|
|
26
|
+
level: "warning" | "critical";
|
|
27
|
+
message: string;
|
|
28
|
+
details?: Record<string, unknown>;
|
|
29
|
+
}
|
|
30
|
+
export declare class PatternMonitor {
|
|
31
|
+
private history;
|
|
32
|
+
private windowDays;
|
|
33
|
+
private threshold;
|
|
34
|
+
constructor(windowDays?: number, frequencyThreshold?: number);
|
|
35
|
+
record(action: string, amount?: number): void;
|
|
36
|
+
check(action: string, amount?: number): PatternAlert[];
|
|
37
|
+
}
|
|
38
|
+
export declare class HumanEscalation {
|
|
39
|
+
private threshold?;
|
|
40
|
+
private highRiskActions;
|
|
41
|
+
private onEscalate?;
|
|
42
|
+
constructor(opts: {
|
|
43
|
+
thresholdAmount?: number;
|
|
44
|
+
highRiskActions?: string[];
|
|
45
|
+
onEscalate?: (action: string, amount: number) => void;
|
|
46
|
+
});
|
|
47
|
+
check(action: string, amount?: number): VerificationResult;
|
|
48
|
+
}
|
|
49
|
+
export interface SafetyResult {
|
|
50
|
+
allowed: boolean;
|
|
51
|
+
passedLayers: string[];
|
|
52
|
+
failedLayer?: string;
|
|
53
|
+
reason: string;
|
|
54
|
+
alerts: PatternAlert[];
|
|
55
|
+
}
|
|
56
|
+
export declare class SafetyStack {
|
|
57
|
+
private scopeEngine;
|
|
58
|
+
private budget?;
|
|
59
|
+
private pattern?;
|
|
60
|
+
private escalation?;
|
|
61
|
+
constructor(opts?: {
|
|
62
|
+
scopeEngine?: ScopeEngine;
|
|
63
|
+
budget?: BudgetTracker;
|
|
64
|
+
pattern?: PatternMonitor;
|
|
65
|
+
escalation?: HumanEscalation;
|
|
66
|
+
});
|
|
67
|
+
check(scope: StructuredScope | string, action: string, amount?: number): SafetyResult;
|
|
68
|
+
recordExecution(action: string, amount?: number): void;
|
|
69
|
+
}
|
package/dist/safety.js
ADDED
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Safety Layers - Multi-layered action verification.
|
|
4
|
+
*
|
|
5
|
+
* Layer 1: ScopeEngine - "What is it doing?"
|
|
6
|
+
* Layer 2: BudgetTracker - "How much total?"
|
|
7
|
+
* Layer 3: PatternMonitor - "Is this normal?"
|
|
8
|
+
* Layer 4: HumanEscalation - "Should a human decide?"
|
|
9
|
+
*/
|
|
10
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
+
exports.SafetyStack = exports.HumanEscalation = exports.PatternMonitor = exports.BudgetTracker = void 0;
|
|
12
|
+
const scope_engine_1 = require("./scope-engine");
|
|
13
|
+
// ── Layer 2: Budget Tracker ──
|
|
14
|
+
class BudgetTracker {
|
|
15
|
+
constructor(opts) {
|
|
16
|
+
this.dailyTotals = {};
|
|
17
|
+
this.dailyCounts = {};
|
|
18
|
+
this.monthlyTotals = {};
|
|
19
|
+
this.dailyLimit = opts.dailyLimit;
|
|
20
|
+
this.monthlyLimit = opts.monthlyLimit;
|
|
21
|
+
this.dailyCountLimit = opts.dailyCountLimit;
|
|
22
|
+
}
|
|
23
|
+
check(action, amount = 0) {
|
|
24
|
+
const dayKey = new Date().toISOString().slice(0, 10);
|
|
25
|
+
const monthKey = dayKey.slice(0, 7);
|
|
26
|
+
if (this.dailyCountLimit && (this.dailyCounts[dayKey] || 0) >= this.dailyCountLimit) {
|
|
27
|
+
return { allowed: false, reason: `Daily action count limit reached (${this.dailyCountLimit})` };
|
|
28
|
+
}
|
|
29
|
+
if (this.dailyLimit && amount > 0) {
|
|
30
|
+
const projected = (this.dailyTotals[dayKey] || 0) + amount;
|
|
31
|
+
if (projected > this.dailyLimit) {
|
|
32
|
+
return { allowed: false, reason: `Daily budget exceeded: ${projected} > ${this.dailyLimit}` };
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
if (this.monthlyLimit && amount > 0) {
|
|
36
|
+
const projected = (this.monthlyTotals[monthKey] || 0) + amount;
|
|
37
|
+
if (projected > this.monthlyLimit) {
|
|
38
|
+
return { allowed: false, reason: `Monthly budget exceeded: ${projected} > ${this.monthlyLimit}` };
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
return { allowed: true, reason: "Within budget" };
|
|
42
|
+
}
|
|
43
|
+
recordUsage(action, amount = 0) {
|
|
44
|
+
const dayKey = new Date().toISOString().slice(0, 10);
|
|
45
|
+
const monthKey = dayKey.slice(0, 7);
|
|
46
|
+
this.dailyTotals[dayKey] = (this.dailyTotals[dayKey] || 0) + amount;
|
|
47
|
+
this.dailyCounts[dayKey] = (this.dailyCounts[dayKey] || 0) + 1;
|
|
48
|
+
this.monthlyTotals[monthKey] = (this.monthlyTotals[monthKey] || 0) + amount;
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
exports.BudgetTracker = BudgetTracker;
|
|
52
|
+
class PatternMonitor {
|
|
53
|
+
constructor(windowDays = 7, frequencyThreshold = 3.0) {
|
|
54
|
+
this.history = [];
|
|
55
|
+
this.windowDays = windowDays;
|
|
56
|
+
this.threshold = frequencyThreshold;
|
|
57
|
+
}
|
|
58
|
+
record(action, amount = 0) {
|
|
59
|
+
this.history.push({ action, amount, timestamp: Date.now() });
|
|
60
|
+
}
|
|
61
|
+
check(action, amount = 0) {
|
|
62
|
+
const alerts = [];
|
|
63
|
+
const cutoff = Date.now() - this.windowDays * 86400000;
|
|
64
|
+
const recent = this.history.filter(h => h.action === action && h.timestamp > cutoff);
|
|
65
|
+
if (recent.length < 3)
|
|
66
|
+
return alerts;
|
|
67
|
+
const todayStart = new Date();
|
|
68
|
+
todayStart.setHours(0, 0, 0, 0);
|
|
69
|
+
const todayCount = recent.filter(h => h.timestamp >= todayStart.getTime()).length;
|
|
70
|
+
const uniqueDays = new Set(recent.map(h => new Date(h.timestamp).toDateString())).size;
|
|
71
|
+
const avgDaily = recent.length / Math.max(uniqueDays, 1);
|
|
72
|
+
if (avgDaily > 0 && todayCount > avgDaily * this.threshold) {
|
|
73
|
+
alerts.push({
|
|
74
|
+
level: "warning",
|
|
75
|
+
message: `Unusual frequency: ${todayCount} today vs ${avgDaily.toFixed(1)} avg/day (${(todayCount / avgDaily).toFixed(1)}x normal)`,
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
if (amount > 0) {
|
|
79
|
+
const amounts = recent.filter(h => h.amount > 0).map(h => h.amount);
|
|
80
|
+
if (amounts.length) {
|
|
81
|
+
const avg = amounts.reduce((a, b) => a + b, 0) / amounts.length;
|
|
82
|
+
if (amount > avg * this.threshold) {
|
|
83
|
+
alerts.push({
|
|
84
|
+
level: "warning",
|
|
85
|
+
message: `Unusual amount: ${amount} vs ${avg.toFixed(0)} avg (${(amount / avg).toFixed(1)}x normal)`,
|
|
86
|
+
});
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
return alerts;
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
exports.PatternMonitor = PatternMonitor;
|
|
94
|
+
// ── Layer 4: Human Escalation ──
|
|
95
|
+
class HumanEscalation {
|
|
96
|
+
constructor(opts) {
|
|
97
|
+
this.threshold = opts.thresholdAmount;
|
|
98
|
+
this.highRiskActions = opts.highRiskActions || [];
|
|
99
|
+
this.onEscalate = opts.onEscalate;
|
|
100
|
+
}
|
|
101
|
+
check(action, amount = 0) {
|
|
102
|
+
let needsApproval = false;
|
|
103
|
+
let reason = "";
|
|
104
|
+
if (this.highRiskActions.includes(action)) {
|
|
105
|
+
needsApproval = true;
|
|
106
|
+
reason = `Action '${action}' is classified as high-risk`;
|
|
107
|
+
}
|
|
108
|
+
if (this.threshold && amount > this.threshold) {
|
|
109
|
+
needsApproval = true;
|
|
110
|
+
reason = `Amount ${amount} exceeds escalation threshold ${this.threshold}`;
|
|
111
|
+
}
|
|
112
|
+
if (needsApproval) {
|
|
113
|
+
this.onEscalate?.(action, amount);
|
|
114
|
+
return { allowed: false, reason: `Requires human approval: ${reason}`, details: { needs_human_approval: true } };
|
|
115
|
+
}
|
|
116
|
+
return { allowed: true, reason: "No escalation needed" };
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
exports.HumanEscalation = HumanEscalation;
|
|
120
|
+
class SafetyStack {
|
|
121
|
+
constructor(opts = {}) {
|
|
122
|
+
this.scopeEngine = opts.scopeEngine || new scope_engine_1.ScopeEngine();
|
|
123
|
+
this.budget = opts.budget;
|
|
124
|
+
this.pattern = opts.pattern;
|
|
125
|
+
this.escalation = opts.escalation;
|
|
126
|
+
}
|
|
127
|
+
check(scope, action, amount = 0) {
|
|
128
|
+
const passed = [];
|
|
129
|
+
const alerts = [];
|
|
130
|
+
const r1 = this.scopeEngine.verify(scope, action, { amount });
|
|
131
|
+
if (!r1.allowed)
|
|
132
|
+
return { allowed: false, passedLayers: passed, failedLayer: "scope_engine", reason: r1.reason, alerts };
|
|
133
|
+
passed.push("scope_engine");
|
|
134
|
+
if (this.budget) {
|
|
135
|
+
const r2 = this.budget.check(action, amount);
|
|
136
|
+
if (!r2.allowed)
|
|
137
|
+
return { allowed: false, passedLayers: passed, failedLayer: "budget_tracker", reason: r2.reason, alerts };
|
|
138
|
+
passed.push("budget_tracker");
|
|
139
|
+
}
|
|
140
|
+
if (this.pattern) {
|
|
141
|
+
const pa = this.pattern.check(action, amount);
|
|
142
|
+
alerts.push(...pa);
|
|
143
|
+
const critical = pa.filter(a => a.level === "critical");
|
|
144
|
+
if (critical.length)
|
|
145
|
+
return { allowed: false, passedLayers: passed, failedLayer: "pattern_monitor", reason: critical[0].message, alerts };
|
|
146
|
+
passed.push("pattern_monitor");
|
|
147
|
+
}
|
|
148
|
+
if (this.escalation) {
|
|
149
|
+
const r4 = this.escalation.check(action, amount);
|
|
150
|
+
if (!r4.allowed)
|
|
151
|
+
return { allowed: false, passedLayers: passed, failedLayer: "human_escalation", reason: r4.reason, alerts };
|
|
152
|
+
passed.push("human_escalation");
|
|
153
|
+
}
|
|
154
|
+
return { allowed: true, passedLayers: passed, reason: "All safety layers passed", alerts };
|
|
155
|
+
}
|
|
156
|
+
recordExecution(action, amount = 0) {
|
|
157
|
+
this.budget?.recordUsage(action, amount);
|
|
158
|
+
this.pattern?.record(action, amount);
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
exports.SafetyStack = SafetyStack;
|