agentic-qe 2.8.0 → 2.8.2

package/dist/infrastructure/network/policies/default-policies.js

@@ -0,0 +1,312 @@
+"use strict";
+/**
+ * Default Network Policies for QE Agents
+ *
+ * IMPORTANT: Network policy enforcement is OPT-IN, not opt-out.
+ * By default, agents have unrestricted network access for flexibility.
+ *
+ * Enable restrictive policies only when:
+ * - Deploying in security-sensitive environments
+ * - Running untrusted agent code
+ * - Compliance requirements mandate network isolation
+ *
+ * @module infrastructure/network/policies/default-policies
+ * @see Issue #146 - Security Hardening: SP-3 Network Policy Enforcement
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_NETWORK_POLICIES = exports.RESTRICTIVE_POLICY_TEMPLATE = exports.DEVELOPMENT_DOMAINS = exports.LLM_PROVIDER_DOMAINS = void 0;
+exports.getNetworkPolicy = getNetworkPolicy;
+exports.listPolicyAgentTypes = listPolicyAgentTypes;
+exports.mergePolicy = mergePolicy;
+exports.createRestrictivePolicy = createRestrictivePolicy;
+exports.enableRestrictiveModeGlobally = enableRestrictiveModeGlobally;
+/**
+ * All known LLM provider domains that the multi-model router may access
+ * Add new providers here as they're supported
+ */
+exports.LLM_PROVIDER_DOMAINS = [
+    // Anthropic (Claude)
+    'api.anthropic.com',
+    // OpenAI
+    'api.openai.com',
+    // OpenRouter (multi-provider gateway)
+    'openrouter.ai',
+    // Groq
+    'api.groq.com',
+    // Google (Gemini)
+    'generativelanguage.googleapis.com',
+    // Together AI
+    'api.together.xyz',
+    // GitHub Models
+    'models.inference.ai.azure.com',
+    // Azure OpenAI
+    'openai.azure.com',
+    // Fireworks AI
+    'api.fireworks.ai',
+    // Mistral AI
+    'api.mistral.ai',
+    // Cohere
+    'api.cohere.ai',
+    // Perplexity
+    'api.perplexity.ai',
+    // DeepSeek
+    'api.deepseek.com',
+    // Local inference (Ollama, ruvLLM, vLLM, etc.)
+    'localhost',
+    '127.0.0.1',
+];
+/**
+ * Development/testing domains that agents commonly need
+ */
+exports.DEVELOPMENT_DOMAINS = [
+    // Package registries
+    'registry.npmjs.org',
+    'pypi.org',
+    // Code hosting
+    'api.github.com',
+    'github.com',
+    'gitlab.com',
+    'api.gitlab.com',
+    'bitbucket.org',
+    // Security databases (for security scanner)
+    'nvd.nist.gov',
+    'cve.mitre.org',
+    'osv.dev',
+    'security.snyk.io',
+    'cvedetails.com',
+];
+/**
+ * Default permissive policy - agents can access any domain
+ * This is the base policy when no restrictions are needed
+ */
+const PERMISSIVE_POLICY = {
+    agentType: 'default',
+    allowedDomains: [], // Empty = no whitelist = allow all
+    rateLimit: {
+        requestsPerMinute: 120,
+        requestsPerHour: 3000,
+        burstSize: 20,
+    },
+    auditLogging: true,
+    blockUnknownDomains: false, // OPT-IN: false = permissive by default
+    timeoutMs: 60000,
+};
+/**
+ * Restrictive policy template for security-sensitive deployments
+ * Use this when you need to lock down agent network access
+ */
+exports.RESTRICTIVE_POLICY_TEMPLATE = {
+    agentType: 'restrictive-template',
+    allowedDomains: [...exports.LLM_PROVIDER_DOMAINS, ...exports.DEVELOPMENT_DOMAINS],
+    rateLimit: {
+        requestsPerMinute: 60,
+        requestsPerHour: 1000,
+        burstSize: 10,
+    },
+    auditLogging: true,
+    blockUnknownDomains: true, // Restrictive: only allow whitelisted domains
+    timeoutMs: 30000,
+};
+/**
+ * Default network policies for all QE agent types
+ *
+ * DESIGN PRINCIPLE: Permissive by default (blockUnknownDomains: false)
+ * - QE agents need to test arbitrary websites/APIs
+ * - Multi-model router accesses multiple LLM providers
+ * - Rate limiting still applies for protection
+ *
+ * To enable restrictive mode:
+ * ```typescript
+ * const policy = getNetworkPolicy('qe-test-generator');
+ * policy.blockUnknownDomains = true;
+ * policy.allowedDomains = [...LLM_PROVIDER_DOMAINS, 'my-api.example.com'];
+ * ```
+ */
+exports.DEFAULT_NETWORK_POLICIES = {
+    // ============================================
+    // Core QE Agents - Permissive with audit logging
+    // ============================================
+    'qe-test-generator': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-test-generator',
+        auditLogging: true,
+    },
+    'qe-coverage-analyzer': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-coverage-analyzer',
+    },
+    'qe-security-scanner': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-security-scanner',
+        // Security scanner gets higher rate limits for vulnerability DB queries
+        rateLimit: {
+            requestsPerMinute: 180,
+            requestsPerHour: 5000,
+            burstSize: 30,
+        },
+        timeoutMs: 90000, // Longer timeout for security scans
+    },
+    'qe-performance-tester': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-performance-tester',
+        // Performance testing may need high request rates
+        rateLimit: {
+            requestsPerMinute: 300,
+            requestsPerHour: 10000,
+            burstSize: 50,
+        },
+        timeoutMs: 120000, // Longer timeout for perf tests
+    },
+    'qe-flaky-test-hunter': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-flaky-test-hunter',
+    },
+    'qe-api-contract-validator': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-api-contract-validator',
+        // Contract validation needs to hit various API endpoints
+        rateLimit: {
+            requestsPerMinute: 120,
+            requestsPerHour: 3000,
+            burstSize: 25,
+        },
+    },
+    'qe-visual-tester': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-visual-tester',
+        timeoutMs: 90000, // Screenshots take time
+    },
+    'qe-code-intelligence': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-code-intelligence',
+    },
+    'qe-quality-analyzer': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-quality-analyzer',
+    },
+    'qe-a11y-ally': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-a11y-ally',
+        // A11y testing needs to fetch web pages
+        rateLimit: {
+            requestsPerMinute: 60,
+            requestsPerHour: 1500,
+            burstSize: 15,
+        },
+    },
+    'qe-chaos-engineer': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-chaos-engineer',
+        // Chaos engineering may need to probe many endpoints
+        rateLimit: {
+            requestsPerMinute: 200,
+            requestsPerHour: 5000,
+            burstSize: 40,
+        },
+        timeoutMs: 90000,
+    },
+    'qe-deployment-readiness': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-deployment-readiness',
+    },
+    'qe-production-intelligence': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qe-production-intelligence',
+    },
+    'qx-partner': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'qx-partner',
+    },
+    // ============================================
+    // n8n Workflow Agents - Permissive
+    // ============================================
+    'n8n-workflow-executor': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'n8n-workflow-executor',
+        // Workflows may call arbitrary APIs
+        rateLimit: {
+            requestsPerMinute: 120,
+            requestsPerHour: 3000,
+            burstSize: 20,
+        },
+    },
+    'n8n-security-auditor': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'n8n-security-auditor',
+    },
+    'n8n-chaos-tester': {
+        ...PERMISSIVE_POLICY,
+        agentType: 'n8n-chaos-tester',
+        rateLimit: {
+            requestsPerMinute: 150,
+            requestsPerHour: 4000,
+            burstSize: 30,
+        },
+    },
+    // ============================================
+    // Default Policy - Applied to unknown agent types
+    // ============================================
+    default: {
+        ...PERMISSIVE_POLICY,
+        agentType: 'default',
+    },
+};
+/**
+ * Get policy for an agent type
+ * Falls back to default if not found
+ */
+function getNetworkPolicy(agentType) {
+    return exports.DEFAULT_NETWORK_POLICIES[agentType] || exports.DEFAULT_NETWORK_POLICIES['default'];
+}
+/**
+ * List all agent types with policies
+ */
+function listPolicyAgentTypes() {
+    return Object.keys(exports.DEFAULT_NETWORK_POLICIES).filter((k) => k !== 'default');
+}
+/**
+ * Merge custom policy with default
+ */
+function mergePolicy(agentType, customPolicy) {
+    const basePolicy = getNetworkPolicy(agentType);
+    return {
+        ...basePolicy,
+        ...customPolicy,
+        rateLimit: {
+            ...basePolicy.rateLimit,
+            ...customPolicy.rateLimit,
+        },
+    };
+}
+/**
+ * Create a restrictive policy for security-sensitive deployments
+ *
+ * @example
+ * ```typescript
+ * // Lock down an agent to only access LLM providers and specific APIs
+ * const policy = createRestrictivePolicy('qe-test-generator', [
+ *   'api.example.com',
+ *   'staging.example.com'
+ * ]);
+ * manager.registerPolicy(policy);
+ * ```
+ */
+function createRestrictivePolicy(agentType, additionalDomains = []) {
+    const basePolicy = getNetworkPolicy(agentType);
+    return {
+        ...basePolicy,
+        allowedDomains: [...exports.LLM_PROVIDER_DOMAINS, ...exports.DEVELOPMENT_DOMAINS, ...additionalDomains],
+        blockUnknownDomains: true,
+    };
+}
+/**
+ * Enable restrictive mode for all default policies
+ * Call this when deploying in a security-sensitive environment
+ */
+function enableRestrictiveModeGlobally() {
+    for (const policy of Object.values(exports.DEFAULT_NETWORK_POLICIES)) {
+        policy.allowedDomains = [...exports.LLM_PROVIDER_DOMAINS, ...exports.DEVELOPMENT_DOMAINS];
+        policy.blockUnknownDomains = true;
+    }
+}
+//# sourceMappingURL=default-policies.js.map

package/dist/infrastructure/network/policies/default-policies.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"default-policies.js","sourceRoot":"","sources":["../../../../src/infrastructure/network/policies/default-policies.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAuRH,4CAEC;AAKD,oDAEC;AAKD,kCAaC;AAeD,0DAUC;AAMD,sEAKC;AAlVD;;;GAGG;AACU,QAAA,oBAAoB,GAAG;IAClC,qBAAqB;IACrB,mBAAmB;IAEnB,SAAS;IACT,gBAAgB;IAEhB,sCAAsC;IACtC,eAAe;IAEf,OAAO;IACP,cAAc;IAEd,kBAAkB;IAClB,mCAAmC;IAEnC,cAAc;IACd,kBAAkB;IAElB,gBAAgB;IAChB,+BAA+B;IAE/B,eAAe;IACf,kBAAkB;IAElB,eAAe;IACf,kBAAkB;IAElB,aAAa;IACb,gBAAgB;IAEhB,SAAS;IACT,eAAe;IAEf,aAAa;IACb,mBAAmB;IAEnB,WAAW;IACX,kBAAkB;IAElB,+CAA+C;IAC/C,WAAW;IACX,WAAW;CACH,CAAC;AAEX;;GAEG;AACU,QAAA,mBAAmB,GAAG;IACjC,qBAAqB;IACrB,oBAAoB;IACpB,UAAU;IAEV,eAAe;IACf,gBAAgB;IAChB,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,eAAe;IAEf,4CAA4C;IAC5C,cAAc;IACd,eAAe;IACf,SAAS;IACT,kBAAkB;IAClB,gBAAgB;CACR,CAAC;AAEX;;;GAGG;AACH,MAAM,iBAAiB,GAAkB;IACvC,SAAS,EAAE,SAAS;IACpB,cAAc,EAAE,EAAE,EAAE,mCAAmC;IACvD,SAAS,EAAE;QACT,iBAAiB,EAAE,GAAG;QACtB,eAAe,EAAE,IAAI;QACrB,SAAS,EAAE,EAAE;KACd;IACD,YAAY,EAAE,IAAI;IAClB,mBAAmB,EAAE,KAAK,EAAE,wCAAwC;IACpE,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF;;;GAGG;AACU,QAAA,2BAA2B,GAAkB;IACxD,SAAS,EAAE,sBAAsB;IACjC,cAAc,EAAE,CAAC,GAAG,4BAAoB,EAAE,GAAG,2BAAmB,CAAC;IACjE,SAAS,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,eAAe,EAAE,IAAI;QACrB,SAAS,EAAE,EAAE;KACd;IACD,YAAY,EAAE,IAAI;IAClB,mBAAmB,EAAE,IAAI,EAAE,8CAA8C;IACzE,SAAS,EAAE,KAAK;CACjB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACU,QAAA,wBAAwB,GAAkC;IACrE,+CAA+C;IAC/C,iDAAiD;IACjD,+CAA+C;IAE/C,mBAAmB,EAAE;QACnB,GAAG,iBAAiB;QACpB,SAAS,EAAE,mBAAmB;QAC9B,YAAY,EAAE,IAAI;KACnB;IAED,sBAAsB,EAAE;QACtB,GAAG,iBAAiB;QACpB,SAAS,EAAE,sBAAsB;KAClC;IAED,qBAAqB,EAAE;QACrB,GAAG,iBAAiB;QACpB,SAAS,EAAE,qBAAqB;QAChC,wEAAwE;QACxE,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;QACD,SAAS,EAAE,KAAK,EAAE,oCAAoC;KACvD;IAED,uBAAuB,EAAE;QACvB,GAAG,iBAAiB;QACpB,SAAS,EAAE,uBAAuB;QAClC,kDAAkD;QAClD,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,KAAK;YACtB,SAAS,EAAE,EAAE;SACd;QACD,SAAS,EAAE,MAAM,EAAE,gCAAgC;KACpD;IAED,sBAAsB,EAAE;QACtB,GAAG,iBAAiB;QACpB,SAAS,EAAE,sBAAsB;KAClC;IAED,2BAA2B,EAAE;QAC3B,GAAG,iBAAiB;QACpB,SAAS,EAAE,2BAA2B;QACtC,yDAAyD;QACzD,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;KACF;IAED,kBAAkB,EAAE;QAClB,GAAG,iBAAiB;QACpB,SAAS,EAAE,kBAAkB;QAC7B,SAAS,EAAE,KAAK,EAAE,wBAAwB;KAC3C;IAED,sBAAsB,EAAE;QACtB,GAAG,iBAAiB;QACpB,SAAS,EAAE,sBAAsB;KAClC;IAED,qBAAqB,EAAE;QACrB,GAAG,iBAAiB;QACpB,SAAS,EAAE,qBAAqB;KACjC;IAED,cAAc,EAAE;QACd,GAAG,iBAAiB;QACpB,SAAS,EAAE,cAAc;QACzB,wCAAwC;QACxC,SAAS,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;KACF;IAED,mBAAmB,EAAE;QACnB,GAAG,iBAAiB;QACpB,SAAS,EAAE,mBAAmB;QAC9B,qDAAqD;QACrD,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;QACD,SAAS,EAAE,KAAK;KACjB;IAED,yBAAyB,EAAE;QACzB,GAAG,iBAAiB;QACpB,SAAS,EAAE,yBAAyB;KACrC;IAED,4BAA4B,EAAE;QAC5B,GAAG,iBAAiB;QACpB,SAAS,EAAE,4BAA4B;KACxC;IAED,YAAY,EAAE;QACZ,GAAG,iBAAiB;QACpB,SAAS,EAAE,YAAY;KACxB;IAED,+CAA+C;IAC/C,mCAAmC;IACnC,+CAA+C;IAE/C,uBAAuB,EAAE;QACvB,GAAG,iBAAiB;QACpB,SAAS,EAAE,uBAAuB;QAClC,oCAAoC;QACpC,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;KACF;IAED,sBAAsB,EAAE;QACtB,GAAG,iBAAiB;QACpB,SAAS,EAAE,sBAAsB;KAClC;IAED,kBAAkB,EAAE;QAClB,GAAG,iBAAiB;QACpB,SAAS,EAAE,kBAAkB;QAC7B,SAAS,EAAE;YACT,iBAAiB,EAAE,GAAG;YACtB,eAAe,EAAE,IAAI;YACrB,SAAS,EAAE,EAAE;SACd;KACF;IAED,+CAA+C;IAC/C,kDAAkD;IAClD,+CAA+C;IAE/C,OAAO,EAAE;QACP,GAAG,iBAAiB;QACpB,SAAS,EAAE,SAAS;KACrB;CACF,CAAC;AAEF;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,SAAiB;IAChD,OAAO,gCAAwB,CAAC,SAAS,CAAC,IAAI,gCAAwB,CAAC,SAAS,CAAC,CAAC;AACpF,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB;IAClC,OAAO,MAAM,CAAC,IAAI,CAAC,gCAAwB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;AAC9E,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CACzB,SAAiB,EACjB,YAAoC;IAEpC,MAAM,UAAU,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC/C,OAAO;QACL,GAAG,UAAU;QACb,GAAG,YAAY;QACf,SAAS,EAAE;YACT,GAAG,UAAU,CAAC,SAAS;YACvB,GAAG,YAAY,CAAC,SAAS;SAC1B;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,uBAAuB,CACrC,SAAiB,EACjB,oBAA8B,EAAE;IAEhC,MAAM,UAAU,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC/C,OAAO;QACL,GAAG,UAAU;QACb,cAAc,EAAE,CAAC,GAAG,4BAAoB,EAAE,GAAG,2BAAmB,EAAE,GAAG,iBAAiB,CAAC;QACvF,mBAAmB,EAAE,IAAI;KAC1B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAgB,6BAA6B;IAC3C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,gCAAwB,CAAC,EAAE,CAAC;QAC7D,MAAM,CAAC,cAAc,GAAG,CAAC,GAAG,4BAAoB,EAAE,GAAG,2BAAmB,CAAC,CAAC;QAC1E,MAAM,CAAC,mBAAmB,GAAG,IAAI,CAAC;IACpC,CAAC;AACH,CAAC"}

package/dist/infrastructure/network/types.d.ts

@@ -0,0 +1,214 @@
+/**
+ * Types for Network Policy Enforcement
+ *
+ * Provides type definitions for agent network access control,
+ * domain whitelisting, rate limiting, and audit logging.
+ *
+ * @module infrastructure/network/types
+ * @see Issue #146 - Security Hardening: SP-3 Network Policy Enforcement
+ */
+/**
+ * Network policy for an agent type
+ */
+export interface NetworkPolicy {
+    /** Agent type this policy applies to */
+    agentType: string;
+    /** Allowed domains for network access */
+    allowedDomains: string[];
+    /** Rate limiting configuration */
+    rateLimit: RateLimitConfig;
+    /** Enable audit logging for this agent type */
+    auditLogging: boolean;
+    /** Block requests to domains not in allowedDomains */
+    blockUnknownDomains: boolean;
+    /** Custom headers to add to requests */
+    customHeaders?: Record<string, string>;
+    /** Timeout for requests in ms */
+    timeoutMs?: number;
+}
+/**
+ * Rate limit configuration
+ */
+export interface RateLimitConfig {
+    /** Maximum requests per minute */
+    requestsPerMinute: number;
+    /** Maximum requests per hour */
+    requestsPerHour: number;
+    /** Burst size for token bucket */
+    burstSize: number;
+}
+/**
+ * Policy check result
+ */
+export interface PolicyCheckResult {
+    /** Whether the request is allowed */
+    allowed: boolean;
+    /** Policy that was applied */
+    policy: NetworkPolicy;
+    /** Reason if blocked */
+    reason?: PolicyBlockReason;
+    /** Details about the block */
+    details?: string;
+    /** Rate limit status */
+    rateLimitStatus?: RateLimitStatus;
+}
+/**
+ * Reasons for blocking a request
+ */
+export type PolicyBlockReason = 'domain_not_allowed' | 'rate_limit_exceeded' | 'policy_not_found' | 'agent_blocked';
+/**
+ * Rate limit status
+ */
+export interface RateLimitStatus {
+    /** Whether currently rate limited */
+    limited: boolean;
+    /** Current request count in window */
+    currentRate: number;
+    /** Remaining requests in window */
+    remaining: number;
+    /** Time until rate limit resets (ms) */
+    resetIn: number;
+    /** Retry after time if limited (ms) */
+    retryAfter?: number;
+}
+/**
+ * Audit entry for network requests
+ */
+export interface AuditEntry {
+    /** Entry ID */
+    id: string;
+    /** Timestamp of the request */
+    timestamp: Date;
+    /** Agent ID making the request */
+    agentId: string;
+    /** Agent type */
+    agentType: string;
+    /** Target domain */
+    domain: string;
+    /** Full URL (optional, may be redacted) */
+    url?: string;
+    /** Action taken */
+    action: AuditAction;
+    /** Reason for action */
+    reason?: string;
+    /** HTTP method */
+    requestMethod?: string;
+    /** Request path */
+    requestPath?: string;
+    /** Response status code */
+    responseStatus?: number;
+    /** Response time in ms */
+    responseTimeMs?: number;
+    /** Request body size */
+    requestSizeBytes?: number;
+    /** Response body size */
+    responseSizeBytes?: number;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Audit action types
+ */
+export type AuditAction = 'allowed' | 'blocked' | 'rate_limited';
+/**
+ * Query filter for audit entries
+ */
+export interface AuditQueryFilter {
+    /** Filter by agent ID */
+    agentId?: string;
+    /** Filter by agent type */
+    agentType?: string;
+    /** Filter by domain */
+    domain?: string;
+    /** Filter by action */
+    action?: AuditAction;
+    /** Start timestamp */
+    since?: Date;
+    /** End timestamp */
+    until?: Date;
+    /** Maximum entries to return */
+    limit?: number;
+    /** Offset for pagination */
+    offset?: number;
+}
+/**
+ * Audit statistics
+ */
+export interface AuditStats {
+    /** Total requests */
+    totalRequests: number;
+    /** Allowed requests */
+    allowedRequests: number;
+    /** Blocked requests */
+    blockedRequests: number;
+    /** Rate limited requests */
+    rateLimitedRequests: number;
+    /** Requests by domain */
+    byDomain: Record<string, number>;
+    /** Requests by agent type */
+    byAgentType: Record<string, number>;
+    /** Average response time */
+    avgResponseTimeMs: number;
+    /** Time period for stats */
+    since: Date;
+    /** Stats collection timestamp */
+    timestamp: Date;
+}
+/**
+ * Network policy manager configuration
+ */
+export interface NetworkPolicyManagerConfig {
+    /** Default policy for unknown agent types */
+    defaultPolicy: NetworkPolicy;
+    /** Enable audit logging */
+    enableAuditLogging: boolean;
+    /** Maximum audit entries to keep in memory */
+    maxAuditEntries: number;
+    /** Persist audit log to file */
+    persistAuditLog?: boolean;
+    /** Audit log file path */
+    auditLogPath?: string;
+    /** Enable debug logging */
+    debug: boolean;
+}
+/**
+ * Network policy error
+ */
+export declare class NetworkPolicyError extends Error {
+    readonly reason: PolicyBlockReason;
+    readonly details?: Record<string, unknown> | undefined;
+    constructor(message: string, reason: PolicyBlockReason, details?: Record<string, unknown> | undefined);
+}
+/**
+ * Rate limiter interface
+ */
+export interface IRateLimiter {
+    /** Check if request is allowed (doesn't consume) */
+    check(agentId: string): RateLimitStatus;
+    /** Consume a request (returns status) */
+    consume(agentId: string): RateLimitStatus;
+    /** Reset rate limit for agent */
+    reset(agentId: string): void;
+    /** Get current status for agent */
+    getStatus(agentId: string): RateLimitStatus;
+}
+/**
+ * Event types for network policy events
+ */
+export type NetworkPolicyEventType = 'request_allowed' | 'request_blocked' | 'request_rate_limited' | 'policy_updated' | 'policy_violation';
+/**
+ * Network policy event
+ */
+export interface NetworkPolicyEvent {
+    type: NetworkPolicyEventType;
+    timestamp: Date;
+    agentId: string;
+    agentType: string;
+    domain?: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * Event handler type
+ */
+export type NetworkPolicyEventHandler = (event: NetworkPolicyEvent) => void | Promise<void>;
+//# sourceMappingURL=types.d.ts.map

package/dist/infrastructure/network/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/network/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,SAAS,EAAE,MAAM,CAAC;IAElB,yCAAyC;IACzC,cAAc,EAAE,MAAM,EAAE,CAAC;IAEzB,kCAAkC;IAClC,SAAS,EAAE,eAAe,CAAC;IAE3B,+CAA+C;IAC/C,YAAY,EAAE,OAAO,CAAC;IAEtB,sDAAsD;IACtD,mBAAmB,EAAE,OAAO,CAAC;IAE7B,wCAAwC;IACxC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEvC,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,kCAAkC;IAClC,iBAAiB,EAAE,MAAM,CAAC;IAE1B,gCAAgC;IAChC,eAAe,EAAE,MAAM,CAAC;IAExB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,qCAAqC;IACrC,OAAO,EAAE,OAAO,CAAC;IAEjB,8BAA8B;IAC9B,MAAM,EAAE,aAAa,CAAC;IAEtB,wBAAwB;IACxB,MAAM,CAAC,EAAE,iBAAiB,CAAC;IAE3B,8BAA8B;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,wBAAwB;IACxB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACzB,oBAAoB,GACpB,qBAAqB,GACrB,kBAAkB,GAClB,eAAe,CAAC;AAEpB;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,qCAAqC;IACrC,OAAO,EAAE,OAAO,CAAC;IAEjB,sCAAsC;IACtC,WAAW,EAAE,MAAM,CAAC;IAEpB,mCAAmC;IACnC,SAAS,EAAE,MAAM,CAAC;IAElB,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAEhB,uCAAuC;IACvC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,eAAe;IACf,EAAE,EAAE,MAAM,CAAC;IAEX,+BAA+B;IAC/B,SAAS,EAAE,IAAI,CAAC;IAEhB,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAEhB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAElB,oBAAoB;IACpB,MAAM,EAAE,MAAM,CAAC;IAEf,2CAA2C;IAC3C,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,mBAAmB;IACnB,MAAM,EAAE,WAAW,CAAC;IAEpB,wBAAwB;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,kBAAkB;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,mBAAmB;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,2BAA2B;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,0BAA0B;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,wBAAwB;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,yBAAyB;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,SAAS,GAAG,SAAS,GAAG,cAAc,CAAC;AAEjE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2BAA2B;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,uBAAuB;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,uBAAuB;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IAErB,sBAAsB;IACtB,KAAK,CAAC,EAAE,IAAI,CAAC;IAEb,oBAAoB;IACpB,KAAK,CAAC,EAAE,IAAI,CAAC;IAEb,gCAAgC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,4BAA4B;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IAEtB,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC;IAExB,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC;IAExB,4BAA4B;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAE5B,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEjC,6BAA6B;IAC7B,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEpC,4BAA4B;IAC5B,iBAAiB,EAAE,MAAM,CAAC;IAE1B,4BAA4B;IAC5B,KAAK,EAAE,IAAI,CAAC;IAEZ,iCAAiC;IACjC,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,6CAA6C;IAC7C,aAAa,EAAE,aAAa,CAAC;IAE7B,2BAA2B;IAC3B,kBAAkB,EAAE,OAAO,CAAC;IAE5B,8CAA8C;IAC9C,eAAe,EAAE,MAAM,CAAC;IAExB,gCAAgC;IAChC,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B,0BAA0B;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,2BAA2B;IAC3B,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;aAGzB,MAAM,EAAE,iBAAiB;aACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;gBAFjD,OAAO,EAAE,MAAM,EACC,MAAM,EAAE,iBAAiB,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,YAAA;CAKpD;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,oDAAoD;IACpD,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,CAAC;IAExC,yCAAyC;IACzC,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,CAAC;IAE1C,iCAAiC;IACjC,KAAK,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IAE7B,mCAAmC;IACnC,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,CAAC;CAC7C;AAED;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAC9B,iBAAiB,GACjB,iBAAiB,GACjB,sBAAsB,GACtB,gBAAgB,GAChB,kBAAkB,CAAC;AAEvB;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,SAAS,EAAE,IAAI,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAAG,CAAC,KAAK,EAAE,kBAAkB,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC"}

package/dist/infrastructure/network/types.js

@@ -0,0 +1,25 @@
+"use strict";
+/**
+ * Types for Network Policy Enforcement
+ *
+ * Provides type definitions for agent network access control,
+ * domain whitelisting, rate limiting, and audit logging.
+ *
+ * @module infrastructure/network/types
+ * @see Issue #146 - Security Hardening: SP-3 Network Policy Enforcement
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NetworkPolicyError = void 0;
+/**
+ * Network policy error
+ */
+class NetworkPolicyError extends Error {
+    constructor(message, reason, details) {
+        super(message);
+        this.reason = reason;
+        this.details = details;
+        this.name = 'NetworkPolicyError';
+    }
+}
+exports.NetworkPolicyError = NetworkPolicyError;
+//# sourceMappingURL=types.js.map

package/dist/infrastructure/network/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/infrastructure/network/types.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAsOH;;GAEG;AACH,MAAa,kBAAmB,SAAQ,KAAK;IAC3C,YACE,OAAe,EACC,MAAyB,EACzB,OAAiC;QAEjD,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,WAAM,GAAN,MAAM,CAAmB;QACzB,YAAO,GAAP,OAAO,CAA0B;QAGjD,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AATD,gDASC"}

package/dist/infrastructure/sandbox/ResourceMonitor.d.ts

@@ -0,0 +1,124 @@
+/**
+ * Resource Monitor for Docker Containers
+ *
+ * Monitors CPU, memory, disk, and network usage for sandboxed agent containers.
+ * Provides real-time stats and threshold-based alerts.
+ *
+ * @module infrastructure/sandbox/ResourceMonitor
+ * @see Issue #146 - Security Hardening: Docker Sandboxing
+ */
+import type Docker from 'dockerode';
+import type { ResourceStats, SandboxEventHandler } from './types.js';
+/**
+ * Resource threshold configuration
+ */
+export interface ResourceThresholds {
+    /** CPU usage percentage threshold (0-100) */
+    cpuPercent: number;
+    /** Memory usage percentage threshold (0-100) */
+    memoryPercent: number;
+    /** Disk usage percentage threshold (0-100) */
+    diskPercent: number;
+}
+/**
+ * Default resource thresholds for alerts
+ */
+export declare const DEFAULT_THRESHOLDS: ResourceThresholds;
+/**
+ * Resource monitor configuration
+ */
+export interface ResourceMonitorConfig {
+    /** Monitoring interval in milliseconds */
+    intervalMs: number;
+    /** Resource thresholds for alerts */
+    thresholds: ResourceThresholds;
+    /** Enable automatic OOM prevention */
+    enableOomPrevention: boolean;
+    /** Memory threshold for OOM prevention (percentage) */
+    oomPreventionThreshold: number;
+}
+/**
+ * Default monitor configuration
+ */
+export declare const DEFAULT_MONITOR_CONFIG: ResourceMonitorConfig;
+/**
+ * ResourceMonitor class for tracking container resource usage
+ */
+export declare class ResourceMonitor {
+    private docker;
+    private config;
+    private containers;
+    private monitorInterval;
+    private eventHandlers;
+    private isRunning;
+    constructor(docker: Docker, config?: Partial<ResourceMonitorConfig>);
+    /**
+     * Start monitoring a container
+     */
+    addContainer(containerId: string, agentId: string, agentType: string): void;
+    /**
+     * Stop monitoring a container
+     */
+    removeContainer(containerId: string): void;
+    /**
+     * Start the monitoring loop
+     */
+    start(): void;
+    /**
+     * Stop the monitoring loop
+     */
+    stop(): void;
+    /**
+     * Get stats for a specific container
+     */
+    getStats(containerId: string): Promise<ResourceStats | null>;
+    /**
+     * Get cached stats for a container (no API call)
+     */
+    getCachedStats(containerId: string): ResourceStats | null;
+    /**
+     * Get stats for all monitored containers
+     */
+    getAllStats(): Promise<Map<string, ResourceStats>>;
+    /**
+     * Add event handler
+     */
+    on(handler: SandboxEventHandler): void;
+    /**
+     * Remove event handler
+     */
+    off(handler: SandboxEventHandler): void;
+    /**
+     * Collect stats for all monitored containers
+     */
+    private collectAllStats;
+    /**
+     * Collect stats and check thresholds for a container
+     */
+    private collectAndCheckContainer;
+    /**
+     * Collect resource stats for a container
+     */
+    private collectContainerStats;
+    /**
+     * Parse Docker stats response into ResourceStats
+     */
+    private parseDockerStats;
+    /**
+     * Check resource thresholds and emit events
+     */
+    private checkThresholds;
+    /**
+     * Emit event to all handlers
+     */
+    private emitEvent;
+    /**
+     * Get monitoring status
+     */
+    getStatus(): {
+        running: boolean;
+        containerCount: number;
+        intervalMs: number;
+    };
+}
+//# sourceMappingURL=ResourceMonitor.d.ts.map