npm - agentid-sdk - Versions diffs - 0.1.0 - Mend

agentid-sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/LICENSE +21 -0
package/README.md +51 -0
package/dist/chunk-5VHWMLV2.mjs +232 -0
package/dist/index.d.mts +55 -0
package/dist/index.d.ts +55 -0
package/dist/index.js +1538 -0
package/dist/index.mjs +1270 -0
package/dist/langchain-BdIOZZVq.d.mts +128 -0
package/dist/langchain-BdIOZZVq.d.ts +128 -0
package/dist/langchain.d.mts +1 -0
package/dist/langchain.d.ts +1 -0
package/dist/langchain.js +256 -0
package/dist/langchain.mjs +6 -0
package/package.json +54 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 AgentID
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,51 @@
+# 🛡️ AgentID: Enterprise AI Governance & PII Shield
+AgentID je inteligentní brána (gateway) pro vaše LLM aplikace. Monitoruje náklady, filtruje PII (osobní údaje) v reálném čase a zajišťuje soulad s GDPR.
+## 🚀 Rychlý start (60 sekund)
+### 1. Instalace
+```bash
+# Pro Python projekty
+pip install agentid-sdk
+# Pro JavaScript/TypeScript projekty
+npm install agentid-sdk
+```
+### 2. Integrace (Python)
+Stačí zabalit vašeho stávajícího OpenAI klienta.
+```python
+from openai import OpenAI
+from agentid import AgentID
+client = OpenAI(api_key="your_openai_key")
+agent = AgentID(api_key="ag_prod_...")
+# Automaticky filtruje PII a loguje metriky
+response = agent.wrap_openai(client, system_id="sys_...").chat.completions.create(
+    model="gpt-4",
+    messages=[{"role": "user", "content": "Můj email je jan.novak@firma.cz"}]
+)
+```
+### 3. Integrace (Node.js)
+```ts
+import { AgentID } from "agentid-sdk";
+import OpenAI from "openai";
+const openai = new OpenAI();
+const agent = new AgentID({ apiKey: "ag_prod_..." });
+const proxiedOpenAI = agent.wrapOpenAI(openai, { system_id: "sys_..." });
+```
+## 🔒 Klíčové vlastnosti
+- PII Scrubbing: Automatická redakce e-mailů, rodných čísel a hesel před odesláním do cloudu.
+- Crypto-Shredding: Možnost nenávratně smazat citlivá data z logů na žádost uživatele (GDPR).
+- Fail-Safe architektura: Inteligentní přepínání mezi bezpečností a dostupností (Fail-Open/Closed).

package/dist/chunk-5VHWMLV2.mjs ADDED Viewed

@@ -0,0 +1,232 @@
+// src/langchain.ts
+function safeString(val) {
+  return typeof val === "string" ? val : "";
+}
+function extractPromptFromPrompts(prompts) {
+  if (Array.isArray(prompts) && prompts.length > 0) {
+    return safeString(prompts[prompts.length - 1]);
+  }
+  return "";
+}
+function extractPromptFromMessages(messages) {
+  const flat = [];
+  if (Array.isArray(messages)) {
+    for (const item of messages) {
+      if (Array.isArray(item)) {
+        flat.push(...item);
+      } else {
+        flat.push(item);
+      }
+    }
+  }
+  let last = null;
+  for (const msg of flat) {
+    const typed = msg;
+    const role = typed?.role ?? typed?.type;
+    if (role === "user" || role === "human") {
+      last = typed;
+    }
+  }
+  if (!last || typeof last !== "object") {
+    return "";
+  }
+  const typedLast = last;
+  return safeString(typedLast.content ?? typedLast.text);
+}
+function setPromptInPrompts(prompts, sanitizedInput) {
+  if (!Array.isArray(prompts) || prompts.length === 0) {
+    return false;
+  }
+  prompts[prompts.length - 1] = sanitizedInput;
+  return true;
+}
+function setPromptInMessages(messages, sanitizedInput) {
+  if (!Array.isArray(messages)) {
+    return false;
+  }
+  const flat = [];
+  for (const item of messages) {
+    if (Array.isArray(item)) {
+      flat.push(...item);
+    } else {
+      flat.push(item);
+    }
+  }
+  for (let i = flat.length - 1; i >= 0; i -= 1) {
+    const candidate = flat[i];
+    if (!candidate || typeof candidate !== "object") {
+      continue;
+    }
+    const typed = candidate;
+    const role = typed.role ?? typed.type;
+    if (role !== "user" && role !== "human") {
+      continue;
+    }
+    if ("content" in typed) {
+      typed.content = sanitizedInput;
+      return true;
+    }
+    if ("text" in typed) {
+      typed.text = sanitizedInput;
+      return true;
+    }
+    typed.content = sanitizedInput;
+    return true;
+  }
+  return false;
+}
+function extractModel(serialized, kwargs) {
+  const kw = (kwargs && typeof kwargs === "object" ? kwargs : null) ?? null;
+  const model = kw?.model ?? kw?.model_name ?? kw?.modelName;
+  if (typeof model === "string" && model) return model;
+  const ser = (serialized && typeof serialized === "object" ? serialized : null) ?? null;
+  const name = ser?.name ?? ser?.id;
+  if (typeof name === "string" && name) return name;
+  return void 0;
+}
+function extractOutputText(output) {
+  const gens = output?.generations;
+  const first = gens?.[0]?.[0];
+  const text = first?.text ?? first?.message?.content;
+  return typeof text === "string" ? text : "";
+}
+function extractTokenUsage(output) {
+  const llmOutput = output?.llmOutput ?? output?.llm_output;
+  const usage = llmOutput?.tokenUsage ?? llmOutput?.token_usage ?? llmOutput?.usage ?? void 0;
+  return usage && typeof usage === "object" ? usage : void 0;
+}
+function readBooleanField(value) {
+  return typeof value === "boolean" ? value : null;
+}
+function extractStreamFlag(serialized, extraParams) {
+  const extras = extraParams && typeof extraParams === "object" ? extraParams : null;
+  const direct = readBooleanField(extras?.stream) ?? readBooleanField(extras?.streaming);
+  if (direct !== null) {
+    return direct;
+  }
+  const invocation = extras?.invocation_params && typeof extras.invocation_params === "object" ? extras.invocation_params : null;
+  const invocationStream = readBooleanField(invocation?.stream) ?? readBooleanField(invocation?.streaming);
+  if (invocationStream !== null) {
+    return invocationStream;
+  }
+  const serializedRecord = serialized && typeof serialized === "object" ? serialized : null;
+  const kwargs = serializedRecord?.kwargs && typeof serializedRecord.kwargs === "object" ? serializedRecord.kwargs : null;
+  return readBooleanField(kwargs?.stream) ?? readBooleanField(kwargs?.streaming) ?? false;
+}
+var AgentIDCallbackHandler = class {
+  constructor(agent, options) {
+    this.runs = /* @__PURE__ */ new Map();
+    this.agent = agent;
+    this.systemId = options.system_id;
+    this.apiKeyOverride = options.apiKey?.trim() || options.api_key?.trim() || void 0;
+  }
+  get requestOptions() {
+    return this.apiKeyOverride ? { apiKey: this.apiKeyOverride } : void 0;
+  }
+  async preflight(input, stream) {
+    await this.agent.scanPromptInjection(input, this.requestOptions);
+    const prepared = await this.agent.prepareInputForDispatch({
+      input,
+      systemId: this.systemId,
+      stream,
+      skipInjectionScan: true
+    }, this.requestOptions);
+    return prepared.sanitizedInput;
+  }
+  async handleLLMStart(serialized, prompts, runId, _parentRunId, extraParams) {
+    const input = extractPromptFromPrompts(prompts);
+    const id = String(runId ?? "");
+    if (!input) {
+      throw new Error("AgentID: No prompt found. Security guard requires string input.");
+    }
+    const stream = extractStreamFlag(serialized, extraParams);
+    const sanitizedInput = await this.preflight(input, stream);
+    if (sanitizedInput !== input) {
+      const mutated = setPromptInPrompts(prompts, sanitizedInput);
+      if (!mutated) {
+        throw new Error(
+          "AgentID: Strict PII mode requires mutable LangChain prompt payload."
+        );
+      }
+    }
+    const verdict = await this.agent.guard({
+      input: sanitizedInput,
+      system_id: this.systemId
+    }, this.requestOptions);
+    if (!verdict.allowed) {
+      throw new Error(`AgentID: Security Blocked (${verdict.reason ?? "guard_denied"})`);
+    }
+    this.runs.set(id, {
+      input: sanitizedInput,
+      startedAtMs: Date.now(),
+      model: extractModel(serialized, extraParams)
+    });
+  }
+  async handleChatModelStart(serialized, messages, runId, _parentRunId, extraParams) {
+    const input = extractPromptFromMessages(messages);
+    const id = String(runId ?? "");
+    if (!input) {
+      throw new Error("AgentID: No user message found. Security guard requires string input.");
+    }
+    const stream = extractStreamFlag(serialized, extraParams);
+    const sanitizedInput = await this.preflight(input, stream);
+    if (sanitizedInput !== input) {
+      const mutated = setPromptInMessages(messages, sanitizedInput);
+      if (!mutated) {
+        throw new Error(
+          "AgentID: Strict PII mode requires mutable LangChain message payload."
+        );
+      }
+    }
+    const verdict = await this.agent.guard({
+      input: sanitizedInput,
+      system_id: this.systemId
+    }, this.requestOptions);
+    if (!verdict.allowed) {
+      throw new Error(`AgentID: Security Blocked (${verdict.reason ?? "guard_denied"})`);
+    }
+    this.runs.set(id, {
+      input: sanitizedInput,
+      startedAtMs: Date.now(),
+      model: extractModel(serialized, extraParams)
+    });
+  }
+  async handleLLMEnd(output, runId) {
+    const id = String(runId ?? "");
+    const state = this.runs.get(id);
+    if (!state) return;
+    this.runs.delete(id);
+    const latency = Date.now() - state.startedAtMs;
+    const outText = extractOutputText(output);
+    const usage = extractTokenUsage(output);
+    this.agent.log({
+      system_id: this.systemId,
+      input: state.input,
+      output: outText,
+      model: state.model ?? "unknown",
+      usage,
+      latency
+    }, this.requestOptions);
+  }
+  async handleLLMError(err, runId) {
+    const id = String(runId ?? "");
+    const state = this.runs.get(id);
+    if (state) this.runs.delete(id);
+    const message = err && typeof err === "object" && "message" in err ? String(err.message) : String(err ?? "");
+    this.agent.log({
+      system_id: this.systemId,
+      input: state?.input ?? "",
+      output: "",
+      model: state?.model ?? "unknown",
+      event_type: "error",
+      severity: "error",
+      metadata: {
+        error_message: message
+      }
+    }, this.requestOptions);
+  }
+};
+export {
+  AgentIDCallbackHandler
+};

package/dist/index.d.mts ADDED Viewed

@@ -0,0 +1,55 @@
+export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-BdIOZZVq.mjs';
+type PIIMapping = Record<string, string>;
+declare class PIIManager {
+    /**
+     * Reversible local-first masking using <TYPE_INDEX> placeholders.
+     *
+     * Zero-dep (regex-based). Designed for "good enough" privacy first-pass.
+     */
+    anonymize(text: string): {
+        maskedText: string;
+        mapping: PIIMapping;
+    };
+    deanonymize(text: string, mapping: PIIMapping): string;
+}
+type TokenUsage = Record<string, number>;
+interface LLMAdapter {
+    extractInput(req: unknown): string | null;
+    getModelName(req: unknown, res?: unknown): string;
+    extractOutput(res: unknown): string;
+    getTokenUsage(res: unknown): TokenUsage | undefined;
+    isStream(req: unknown): boolean;
+}
+declare class OpenAIAdapter implements LLMAdapter {
+    extractInput(req: any): string | null;
+    getModelName(req: any, res?: any): string;
+    extractOutput(res: any): string;
+    getTokenUsage(res: any): TokenUsage | undefined;
+    isStream(req: any): boolean;
+}
+type InjectionScanParams = {
+    prompt: string;
+    apiKey: string;
+    baseUrl: string;
+    aiScanEnabled?: boolean;
+    storePii?: boolean;
+    piiManager?: PIIManager;
+    source?: string;
+};
+declare function scanWithRegex(prompt: string): string | null;
+declare class InjectionScanner {
+    static getInstance(): InjectionScanner;
+    static scan(prompt: string, apiKey: string, baseUrl: string, options?: {
+        aiScanEnabled?: boolean;
+        storePii?: boolean;
+        piiManager?: PIIManager;
+        source?: string;
+    }): Promise<void>;
+    scan(params: InjectionScanParams): Promise<void>;
+}
+declare function getInjectionScanner(): InjectionScanner;
+export { type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, getInjectionScanner, scanWithRegex };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-BdIOZZVq.js';
+type PIIMapping = Record<string, string>;
+declare class PIIManager {
+    /**
+     * Reversible local-first masking using <TYPE_INDEX> placeholders.
+     *
+     * Zero-dep (regex-based). Designed for "good enough" privacy first-pass.
+     */
+    anonymize(text: string): {
+        maskedText: string;
+        mapping: PIIMapping;
+    };
+    deanonymize(text: string, mapping: PIIMapping): string;
+}
+type TokenUsage = Record<string, number>;
+interface LLMAdapter {
+    extractInput(req: unknown): string | null;
+    getModelName(req: unknown, res?: unknown): string;
+    extractOutput(res: unknown): string;
+    getTokenUsage(res: unknown): TokenUsage | undefined;
+    isStream(req: unknown): boolean;
+}
+declare class OpenAIAdapter implements LLMAdapter {
+    extractInput(req: any): string | null;
+    getModelName(req: any, res?: any): string;
+    extractOutput(res: any): string;
+    getTokenUsage(res: any): TokenUsage | undefined;
+    isStream(req: any): boolean;
+}
+type InjectionScanParams = {
+    prompt: string;
+    apiKey: string;
+    baseUrl: string;
+    aiScanEnabled?: boolean;
+    storePii?: boolean;
+    piiManager?: PIIManager;
+    source?: string;
+};
+declare function scanWithRegex(prompt: string): string | null;
+declare class InjectionScanner {
+    static getInstance(): InjectionScanner;
+    static scan(prompt: string, apiKey: string, baseUrl: string, options?: {
+        aiScanEnabled?: boolean;
+        storePii?: boolean;
+        piiManager?: PIIManager;
+        source?: string;
+    }): Promise<void>;
+    scan(params: InjectionScanParams): Promise<void>;
+}
+declare function getInjectionScanner(): InjectionScanner;
+export { type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, getInjectionScanner, scanWithRegex };