agentid-sdk 0.1.19 → 0.1.21

package/dist/index.d.mts

@@ -1,5 +1,4 @@
-export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-DJDqqpbT.mjs';
-import '@langchain/core/callbacks/base';
+export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BmsXTOCc.mjs';
 
 type PIIMapping = Record<string, string>;
 declare class PIIManager {

package/dist/index.d.ts

@@ -1,5 +1,4 @@
-export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-DJDqqpbT.js';
-import '@langchain/core/callbacks/base';
+export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BmsXTOCc.js';
 
 type PIIMapping = Record<string, string>;
 declare class PIIManager {

package/dist/index.js

@@ -31,10 +31,10 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var index_exports = {};
 __export(index_exports, {
   AgentID: () => AgentID,
-  AgentIDCallbackHandler: () => AgentIDCallbackHandler,
   InjectionScanner: () => InjectionScanner,
   OpenAIAdapter: () => OpenAIAdapter,
   PIIManager: () => PIIManager,
+  SecurityBlockError: () => SecurityBlockError,
   getInjectionScanner: () => getInjectionScanner,
   scanWithRegex: () => scanWithRegex
 });
@@ -84,7 +84,7 @@ var OpenAIAdapter = class {
 
 // src/sdk-version.ts
 var FALLBACK_SDK_VERSION = "js-0.0.0-dev";
-var AGENTID_SDK_VERSION_HEADER = "js-0.1.19".trim().length > 0 ? "js-0.1.19" : FALLBACK_SDK_VERSION;
+var AGENTID_SDK_VERSION_HEADER = "js-0.1.21".trim().length > 0 ? "js-0.1.21" : FALLBACK_SDK_VERSION;
 
 // src/pii-national-identifiers.ts
 var MAX_CANDIDATES_PER_RULE = 256;
@@ -1119,6 +1119,7 @@ var DEFAULT_FAIL_OPEN_CONFIG = {
   shadow_mode: false,
   strict_security_mode: false,
   failure_mode: "fail_open",
+  block_on_heuristic: false,
   block_pii_leakage: false,
   block_db_access: false,
   block_code_execution: false,
@@ -1245,6 +1246,19 @@ function readOptionalBooleanField(body, key, fallback) {
   }
   throw new Error(`Invalid config field: ${key}`);
 }
+function readOptionalBooleanAliases(body, keys, fallback) {
+  for (const key of keys) {
+    if (!(key in body)) {
+      continue;
+    }
+    const value = body[key];
+    if (typeof value === "boolean") {
+      return value;
+    }
+    throw new Error(`Invalid config field: ${key}`);
+  }
+  return fallback;
+}
 function readOptionalFailureModeField(body, fallback) {
   const value = body.failure_mode;
   if (value === "fail_open" || value === "fail_close") {
@@ -1263,10 +1277,16 @@ function normalizeCapabilityConfig(payload) {
     strictSecurityMode ? "fail_close" : "fail_open"
   );
   const effectiveStrictMode = strictSecurityMode || failureMode === "fail_close";
+  const blockOnHeuristic = readOptionalBooleanAliases(
+    body,
+    ["block_on_heuristic", "block_on_injection", "block_on_jailbreak"],
+    false
+  );
   return {
     shadow_mode: readOptionalBooleanField(body, "shadow_mode", false),
     strict_security_mode: effectiveStrictMode,
     failure_mode: effectiveStrictMode ? "fail_close" : "fail_open",
+    block_on_heuristic: blockOnHeuristic,
     block_pii_leakage: readBooleanField(body, "block_pii_leakage", "block_pii"),
     block_db_access: readBooleanField(body, "block_db_access", "block_db"),
     block_code_execution: readBooleanField(
@@ -1827,6 +1847,9 @@ function getInjectionScanner() {
 var DEFAULT_GUARD_TIMEOUT_MS = 1e4;
 var MIN_GUARD_TIMEOUT_MS = 500;
 var MAX_GUARD_TIMEOUT_MS = 15e3;
+var DEFAULT_INGEST_TIMEOUT_MS = 1e4;
+var MIN_INGEST_TIMEOUT_MS = 500;
+var MAX_INGEST_TIMEOUT_MS = 15e3;
 var GUARD_MAX_ATTEMPTS = 3;
 var GUARD_RETRY_DELAYS_MS = [250, 500];
 var INGEST_MAX_ATTEMPTS = 3;
@@ -1896,6 +1919,19 @@ function normalizeGuardTimeoutMs(value) {
   }
   return rounded;
 }
+function normalizeIngestTimeoutMs(value) {
+  if (!Number.isFinite(value)) {
+    return DEFAULT_INGEST_TIMEOUT_MS;
+  }
+  const rounded = Math.trunc(value);
+  if (rounded < MIN_INGEST_TIMEOUT_MS) {
+    return MIN_INGEST_TIMEOUT_MS;
+  }
+  if (rounded > MAX_INGEST_TIMEOUT_MS) {
+    return MAX_INGEST_TIMEOUT_MS;
+  }
+  return rounded;
+}
 function resolveConfiguredApiKey(value) {
   const explicit = typeof value === "string" ? value.trim() : "";
   const fromEnv = globalThis.process?.env?.AGENTID_API_KEY ?? "";
@@ -2021,6 +2057,13 @@ function createCompletionChunkCollector() {
     result
   };
 }
+var SecurityBlockError = class extends Error {
+  constructor(reason = "guard_denied") {
+    super(`AgentID: Security Blocked (${reason})`);
+    this.name = "SecurityBlockError";
+    this.reason = reason;
+  }
+};
 var AgentID = class {
   constructor(config = {}) {
     this.injectionScanner = getInjectionScanner();
@@ -2033,6 +2076,7 @@ var AgentID = class {
     this.storePii = config.storePii === true;
     this.strictMode = config.strictMode === true;
     this.guardTimeoutMs = normalizeGuardTimeoutMs(config.guardTimeoutMs);
+    this.ingestTimeoutMs = normalizeIngestTimeoutMs(config.ingestTimeoutMs);
     this.pii = new PIIManager();
     this.localEnforcer = new LocalSecurityEnforcer(this.pii);
     void this.getCapabilityConfig();
@@ -2123,9 +2167,19 @@ var AgentID = class {
     const config = await this.getCapabilityConfig(false, options);
     return config.strict_security_mode || config.failure_mode === "fail_close";
   }
+  shouldRunLocalInjectionScan(config) {
+    if (!this.checkInjection) {
+      return false;
+    }
+    if (config.shadow_mode) {
+      return false;
+    }
+    return config.block_on_heuristic;
+  }
   async prepareInputForDispatch(params, options) {
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
-    if (this.checkInjection && !params.skipInjectionScan && params.input) {
+    const capabilityConfig = await this.getCapabilityConfig(false, options);
+    if (!params.skipInjectionScan && params.input && this.shouldRunLocalInjectionScan(capabilityConfig)) {
       await this.injectionScanner.scan({
         prompt: params.input,
         apiKey: effectiveApiKey,
@@ -2136,7 +2190,6 @@ var AgentID = class {
         source: "js_sdk"
       });
     }
-    const capabilityConfig = await this.getCapabilityConfig(false, options);
     try {
       const enforced = this.localEnforcer.enforce({
         input: params.input,
@@ -2168,7 +2221,11 @@ var AgentID = class {
     }
   }
   async scanPromptInjection(input, options) {
-    if (!this.checkInjection || !input) {
+    if (!input) {
+      return;
+    }
+    const capabilityConfig = await this.getCapabilityConfig(false, options);
+    if (!this.shouldRunLocalInjectionScan(capabilityConfig)) {
       return;
     }
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
@@ -2414,6 +2471,8 @@ var AgentID = class {
       client_capabilities: params.client_capabilities ?? this.buildClientCapabilities()
     };
     for (let attempt = 0; attempt < INGEST_MAX_ATTEMPTS; attempt += 1) {
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), this.ingestTimeoutMs);
       try {
         const response = await fetch(`${this.baseUrl}/ingest`, {
           method: "POST",
@@ -2423,7 +2482,8 @@ var AgentID = class {
             "x-agentid-api-key": effectiveApiKey,
             "X-AgentID-SDK-Version": AGENTID_SDK_VERSION_HEADER
           },
-          body: JSON.stringify(payload)
+          body: JSON.stringify(payload),
+          signal: controller.signal
         });
         const responseBody = await safeReadJson2(response);
         if (response.ok) {
@@ -2439,12 +2499,17 @@ var AgentID = class {
           continue;
         }
         return { ok: false, status: response.status, reason };
-      } catch {
+      } catch (error) {
+        const isAbortError2 = Boolean(
+          error && typeof error === "object" && error.name === "AbortError"
+        );
         if (attempt < INGEST_MAX_ATTEMPTS - 1) {
           await waitForIngestRetry(attempt);
           continue;
         }
-        return { ok: false, status: null, reason: "network_error" };
+        return { ok: false, status: null, reason: isAbortError2 ? "timeout" : "network_error" };
+      } finally {
+        clearTimeout(timeoutId);
       }
     }
     return { ok: false, status: null, reason: "unknown_ingest_failure" };
@@ -2661,9 +2726,7 @@ var AgentID = class {
                   client_capabilities: this.buildClientCapabilities("openai", false)
                 }, requestOptions);
                 if (!verdict.allowed) {
-                  throw new Error(
-                    `AgentID: Security Blocked (${verdict.reason ?? "guard_denied"})`
-                  );
+                  throw new SecurityBlockError(verdict.reason ?? "guard_denied");
                 }
                 const canonicalClientEventId = typeof verdict.client_event_id === "string" && isUuidLike(verdict.client_event_id) ? verdict.client_event_id : clientEventId;
                 const guardEventId = typeof verdict.guard_event_id === "string" && verdict.guard_event_id.length > 0 ? verdict.guard_event_id : null;
@@ -2798,434 +2861,13 @@ var AgentID = class {
     });
   }
 };
-
-// src/langchain.ts
-var import_base = require("@langchain/core/callbacks/base");
-function safeString(val) {
-  return typeof val === "string" ? val : "";
-}
-function callbackDebugEnabled() {
-  try {
-    return typeof process !== "undefined" && process?.env?.AGENTID_DEBUG_CALLBACK === "1";
-  } catch {
-    return false;
-  }
-}
-function logCallbackDebug(message, details) {
-  if (!callbackDebugEnabled()) return;
-  if (details) {
-    console.log(`[AgentID][LC] ${message}`, details);
-    return;
-  }
-  console.log(`[AgentID][LC] ${message}`);
-}
-function extractTextFromContent(content) {
-  if (typeof content === "string") {
-    return content;
-  }
-  if (Array.isArray(content)) {
-    const parts = content.map((item) => {
-      if (typeof item === "string") return item;
-      if (!item || typeof item !== "object") return "";
-      const record = item;
-      if (typeof record.text === "string") return record.text;
-      if (typeof record.content === "string") return record.content;
-      return "";
-    }).filter((part) => part.length > 0);
-    return parts.join("\n");
-  }
-  if (content && typeof content === "object") {
-    const record = content;
-    if (typeof record.text === "string") return record.text;
-    if (typeof record.content === "string") return record.content;
-  }
-  return "";
-}
-function getMessageRole(msg) {
-  if (!msg || typeof msg !== "object") return null;
-  const typed = msg;
-  if (typeof typed.role === "string") return typed.role;
-  if (typeof typed.type === "string") return typed.type;
-  if (typeof typed._getType === "function") {
-    try {
-      const role = typed._getType();
-      if (typeof role === "string") return role;
-    } catch {
-    }
-  }
-  if (typeof typed.getType === "function") {
-    try {
-      const role = typed.getType();
-      if (typeof role === "string") return role;
-    } catch {
-    }
-  }
-  return null;
-}
-function extractPromptFromPrompts(prompts) {
-  if (Array.isArray(prompts) && prompts.length > 0) {
-    return safeString(prompts[prompts.length - 1]);
-  }
-  return "";
-}
-function extractPromptFromMessages(messages) {
-  const flat = [];
-  if (Array.isArray(messages)) {
-    for (const item of messages) {
-      if (Array.isArray(item)) {
-        flat.push(...item);
-      } else {
-        flat.push(item);
-      }
-    }
-  }
-  let last = null;
-  for (const msg of flat) {
-    const typed = msg;
-    const role = getMessageRole(msg);
-    if (role === "user" || role === "human") {
-      last = typed;
-    }
-  }
-  if (!last || typeof last !== "object") {
-    return "";
-  }
-  const typedLast = last;
-  return extractTextFromContent(typedLast.content ?? typedLast.text);
-}
-function setPromptInPrompts(prompts, sanitizedInput) {
-  if (!Array.isArray(prompts) || prompts.length === 0) {
-    return false;
-  }
-  prompts[prompts.length - 1] = sanitizedInput;
-  return true;
-}
-function setPromptInMessages(messages, sanitizedInput) {
-  if (!Array.isArray(messages)) {
-    return false;
-  }
-  const flat = [];
-  for (const item of messages) {
-    if (Array.isArray(item)) {
-      flat.push(...item);
-    } else {
-      flat.push(item);
-    }
-  }
-  for (let i = flat.length - 1; i >= 0; i -= 1) {
-    const candidate = flat[i];
-    if (!candidate || typeof candidate !== "object") {
-      continue;
-    }
-    const typed = candidate;
-    const role = typed.role ?? typed.type;
-    if (role !== "user" && role !== "human") {
-      continue;
-    }
-    if ("content" in typed) {
-      typed.content = sanitizedInput;
-      return true;
-    }
-    if ("text" in typed) {
-      typed.text = sanitizedInput;
-      return true;
-    }
-    typed.content = sanitizedInput;
-    return true;
-  }
-  return false;
-}
-function extractModel(serialized, kwargs) {
-  const kw = (kwargs && typeof kwargs === "object" ? kwargs : null) ?? null;
-  const directModel = kw?.model ?? kw?.model_name ?? kw?.modelName;
-  if (typeof directModel === "string" && directModel) return directModel;
-  const invocationModel = kw?.invocation_params?.model ?? kw?.invocation_params?.model_name ?? kw?.invocation_params?.modelName;
-  if (typeof invocationModel === "string" && invocationModel) return invocationModel;
-  const nestedModel = kw?.options?.model ?? kw?.options?.model_name ?? kw?.options?.modelName ?? kw?.kwargs?.model ?? kw?.kwargs?.model_name ?? kw?.kwargs?.modelName;
-  if (typeof nestedModel === "string" && nestedModel) return nestedModel;
-  const ser = (serialized && typeof serialized === "object" ? serialized : null) ?? null;
-  const serKw = (ser?.kwargs && typeof ser.kwargs === "object" ? ser.kwargs : null) ?? null;
-  const serModel = serKw?.model ?? serKw?.model_name ?? serKw?.modelName;
-  if (typeof serModel === "string" && serModel) return serModel;
-  const name = ser?.name ?? ser?.id;
-  if (typeof name === "string" && name) return name;
-  return void 0;
-}
-function extractModelFromOutput(output) {
-  const llmOutput = output?.llmOutput ?? output?.llm_output;
-  const llmModel = llmOutput?.model ?? llmOutput?.model_name ?? llmOutput?.modelName;
-  if (typeof llmModel === "string" && llmModel) return llmModel;
-  const first = output?.generations?.[0]?.[0];
-  const responseMeta = first?.message?.response_metadata ?? first?.message?.responseMetadata;
-  const responseModel = responseMeta?.model_name ?? responseMeta?.model ?? responseMeta?.modelName;
-  if (typeof responseModel === "string" && responseModel) return responseModel;
-  const generationInfo = first?.generation_info ?? first?.generationInfo;
-  const genModel = generationInfo?.model_name ?? generationInfo?.model ?? generationInfo?.modelName;
-  if (typeof genModel === "string" && genModel) return genModel;
-  return void 0;
-}
-function extractOutputText(output) {
-  const gens = output?.generations;
-  const first = gens?.[0]?.[0];
-  const text = first?.text ?? first?.message?.content;
-  return typeof text === "string" ? text : "";
-}
-function extractTokenUsage(output) {
-  const llmOutput = output?.llmOutput ?? output?.llm_output;
-  const usage = llmOutput?.tokenUsage ?? llmOutput?.token_usage ?? llmOutput?.usage ?? void 0;
-  if (usage && typeof usage === "object") {
-    return usage;
-  }
-  const first = output?.generations?.[0]?.[0];
-  const usageMetadata = first?.message?.usage_metadata;
-  if (usageMetadata && typeof usageMetadata === "object") {
-    return usageMetadata;
-  }
-  const responseTokenUsage = first?.message?.response_metadata?.token_usage ?? first?.message?.response_metadata?.tokenUsage ?? void 0;
-  if (responseTokenUsage && typeof responseTokenUsage === "object") {
-    return responseTokenUsage;
-  }
-  const generationTokenUsage = first?.generation_info?.token_usage ?? first?.generation_info?.tokenUsage ?? void 0;
-  if (generationTokenUsage && typeof generationTokenUsage === "object") {
-    return generationTokenUsage;
-  }
-  return void 0;
-}
-function isUuidLike2(value) {
-  return typeof value === "string" && /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(value.trim());
-}
-function createClientEventId() {
-  if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
-    return crypto.randomUUID();
-  }
-  const segment = () => Math.floor((1 + Math.random()) * 65536).toString(16).slice(1);
-  return `${segment()}${segment()}-${segment()}-4${segment().slice(1)}-a${segment().slice(1)}-${segment()}${segment()}${segment()}`;
-}
-function readBooleanField2(value) {
-  return typeof value === "boolean" ? value : null;
-}
-function extractStreamFlag(serialized, extraParams) {
-  const extras = extraParams && typeof extraParams === "object" ? extraParams : null;
-  const direct = readBooleanField2(extras?.stream) ?? readBooleanField2(extras?.streaming);
-  if (direct !== null) {
-    return direct;
-  }
-  const invocation = extras?.invocation_params && typeof extras.invocation_params === "object" ? extras.invocation_params : null;
-  const invocationStream = readBooleanField2(invocation?.stream) ?? readBooleanField2(invocation?.streaming);
-  if (invocationStream !== null) {
-    return invocationStream;
-  }
-  const serializedRecord = serialized && typeof serialized === "object" ? serialized : null;
-  const kwargs = serializedRecord?.kwargs && typeof serializedRecord.kwargs === "object" ? serializedRecord.kwargs : null;
-  return readBooleanField2(kwargs?.stream) ?? readBooleanField2(kwargs?.streaming) ?? false;
-}
-var AgentIDCallbackHandler = class extends import_base.BaseCallbackHandler {
-  constructor(agent, options) {
-    super();
-    this.name = "agentid_callback_handler";
-    this.runs = /* @__PURE__ */ new Map();
-    this.agent = agent;
-    this.systemId = options.system_id;
-    this.apiKeyOverride = options.apiKey?.trim() || options.api_key?.trim() || void 0;
-  }
-  get requestOptions() {
-    return this.apiKeyOverride ? { apiKey: this.apiKeyOverride } : void 0;
-  }
-  getLangchainCapabilities() {
-    const piiMaskingEnabled = Boolean(
-      this.agent.piiMasking
-    );
-    return {
-      capabilities: {
-        has_feedback_handler: true,
-        pii_masking_enabled: piiMaskingEnabled,
-        framework: "langchain"
-      }
-    };
-  }
-  async preflight(input, stream) {
-    await this.agent.scanPromptInjection(input, this.requestOptions);
-    const prepared = await this.agent.prepareInputForDispatch({
-      input,
-      systemId: this.systemId,
-      stream,
-      skipInjectionScan: true
-    }, this.requestOptions);
-    return prepared.sanitizedInput;
-  }
-  async handleLLMStart(serialized, prompts, runId, _parentRunId, extraParams) {
-    const input = extractPromptFromPrompts(prompts);
-    const id = String(runId ?? "");
-    logCallbackDebug("handleLLMStart", { runId: id, hasInput: input.length > 0 });
-    if (!input) {
-      return;
-    }
-    const stream = extractStreamFlag(serialized, extraParams);
-    const sanitizedInput = await this.preflight(input, stream);
-    if (sanitizedInput !== input) {
-      const mutated = setPromptInPrompts(prompts, sanitizedInput);
-      if (!mutated) {
-        throw new Error(
-          "AgentID: Strict PII mode requires mutable LangChain prompt payload."
-        );
-      }
-    }
-    const requestedClientEventId = isUuidLike2(id) ? id.trim() : createClientEventId();
-    const modelName = extractModel(serialized, extraParams);
-    const verdict = await this.agent.guard({
-      input: sanitizedInput,
-      system_id: this.systemId,
-      model: modelName,
-      client_event_id: requestedClientEventId,
-      client_capabilities: this.getLangchainCapabilities()
-    }, this.requestOptions);
-    if (!verdict.allowed) {
-      throw new Error(`AgentID: Security Blocked (${verdict.reason ?? "guard_denied"})`);
-    }
-    const canonicalClientEventId = isUuidLike2(verdict.client_event_id) ? verdict.client_event_id.trim() : requestedClientEventId;
-    const guardEventId = typeof verdict.guard_event_id === "string" && verdict.guard_event_id.length > 0 ? verdict.guard_event_id : void 0;
-    let transformedInput = typeof verdict.transformed_input === "string" && verdict.transformed_input.length > 0 ? verdict.transformed_input : sanitizedInput;
-    if (transformedInput !== sanitizedInput) {
-      const mutated = setPromptInPrompts(prompts, transformedInput);
-      if (!mutated) {
-        transformedInput = sanitizedInput;
-      }
-    }
-    this.runs.set(id, {
-      input: transformedInput,
-      startedAtMs: Date.now(),
-      model: modelName,
-      clientEventId: canonicalClientEventId,
-      guardEventId
-    });
-    logCallbackDebug("handleLLMStart state_set", {
-      runId: id,
-      clientEventId: canonicalClientEventId,
-      guardEventId: guardEventId ?? null
-    });
-  }
-  async handleChatModelStart(serialized, messages, runId, _parentRunId, extraParams) {
-    const input = extractPromptFromMessages(messages);
-    const id = String(runId ?? "");
-    logCallbackDebug("handleChatModelStart", { runId: id, hasInput: input.length > 0 });
-    if (!input) {
-      return;
-    }
-    const stream = extractStreamFlag(serialized, extraParams);
-    const sanitizedInput = await this.preflight(input, stream);
-    if (sanitizedInput !== input) {
-      const mutated = setPromptInMessages(messages, sanitizedInput);
-      if (!mutated) {
-        throw new Error(
-          "AgentID: Strict PII mode requires mutable LangChain message payload."
-        );
-      }
-    }
-    const requestedClientEventId = isUuidLike2(id) ? id.trim() : createClientEventId();
-    const modelName = extractModel(serialized, extraParams);
-    const verdict = await this.agent.guard({
-      input: sanitizedInput,
-      system_id: this.systemId,
-      model: modelName,
-      client_event_id: requestedClientEventId,
-      client_capabilities: this.getLangchainCapabilities()
-    }, this.requestOptions);
-    if (!verdict.allowed) {
-      throw new Error(`AgentID: Security Blocked (${verdict.reason ?? "guard_denied"})`);
-    }
-    const canonicalClientEventId = isUuidLike2(verdict.client_event_id) ? verdict.client_event_id.trim() : requestedClientEventId;
-    const guardEventId = typeof verdict.guard_event_id === "string" && verdict.guard_event_id.length > 0 ? verdict.guard_event_id : void 0;
-    let transformedInput = typeof verdict.transformed_input === "string" && verdict.transformed_input.length > 0 ? verdict.transformed_input : sanitizedInput;
-    if (transformedInput !== sanitizedInput) {
-      const mutated = setPromptInMessages(messages, transformedInput);
-      if (!mutated) {
-        transformedInput = sanitizedInput;
-      }
-    }
-    this.runs.set(id, {
-      input: transformedInput,
-      startedAtMs: Date.now(),
-      model: modelName,
-      clientEventId: canonicalClientEventId,
-      guardEventId
-    });
-    logCallbackDebug("handleChatModelStart state_set", {
-      runId: id,
-      clientEventId: canonicalClientEventId,
-      guardEventId: guardEventId ?? null
-    });
-  }
-  async handleLLMEnd(output, runId) {
-    const id = String(runId ?? "");
-    logCallbackDebug("handleLLMEnd", { runId: id });
-    const state = this.runs.get(id);
-    if (!state) {
-      logCallbackDebug("handleLLMEnd missing_state", { runId: id });
-      return;
-    }
-    this.runs.delete(id);
-    const latency = Date.now() - state.startedAtMs;
-    const outText = extractOutputText(output);
-    const usage = extractTokenUsage(output);
-    const metadata = {};
-    if (state.clientEventId) {
-      metadata.client_event_id = state.clientEventId;
-    }
-    if (state.guardEventId) {
-      metadata.guard_event_id = state.guardEventId;
-    }
-    const resolvedModel = state.model ?? extractModelFromOutput(output) ?? "unknown";
-    await this.agent.log({
-      system_id: this.systemId,
-      input: state.input,
-      output: outText,
-      event_id: state.clientEventId,
-      model: resolvedModel,
-      usage,
-      latency,
-      metadata: Object.keys(metadata).length > 0 ? metadata : void 0,
-      client_capabilities: this.getLangchainCapabilities()
-    }, this.requestOptions);
-    logCallbackDebug("handleLLMEnd logged", {
-      runId: id,
-      clientEventId: state.clientEventId ?? null
-    });
-  }
-  async handleLLMError(err, runId) {
-    const id = String(runId ?? "");
-    logCallbackDebug("handleLLMError", { runId: id });
-    const state = this.runs.get(id);
-    if (state) this.runs.delete(id);
-    const message = err && typeof err === "object" && "message" in err ? String(err.message) : String(err ?? "");
-    const metadata = {
-      error_message: message
-    };
-    if (state?.clientEventId) {
-      metadata.client_event_id = state.clientEventId;
-    }
-    if (state?.guardEventId) {
-      metadata.guard_event_id = state.guardEventId;
-    }
-    await this.agent.log({
-      system_id: this.systemId,
-      input: state?.input ?? "",
-      output: "",
-      event_id: state?.clientEventId,
-      model: state?.model ?? "unknown",
-      event_type: "error",
-      severity: "error",
-      metadata,
-      client_capabilities: this.getLangchainCapabilities()
-    }, this.requestOptions);
-  }
-};
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AgentID,
-  AgentIDCallbackHandler,
   InjectionScanner,
   OpenAIAdapter,
   PIIManager,
+  SecurityBlockError,
   getInjectionScanner,
   scanWithRegex
 });