agentid-sdk 0.1.22 → 0.1.24

package/dist/{chunk-FVTL572H.mjs → chunk-JLHAS2EE.mjs}

@@ -970,11 +970,87 @@ var PHONE_CONTEXT_RE = new RegExp(
   `(?:^|[^\\p{L}])(?:${PHONE_CONTEXT_KEYWORDS.map(escapeRegex).join("|")})(?:$|[^\\p{L}])`,
   "iu"
 );
+var PERSON_NAME_STOPWORDS = /* @__PURE__ */ new Set([
+  "write",
+  "code",
+  "script",
+  "query",
+  "curl",
+  "http",
+  "https",
+  "import",
+  "python",
+  "javascript",
+  "typescript",
+  "node",
+  "bash",
+  "powershell",
+  "shell",
+  "command",
+  "example",
+  "demo",
+  "developer",
+  "mode",
+  "system",
+  "prompt",
+  "policy",
+  "security",
+  "instructions",
+  "instruction",
+  "rules",
+  "rule",
+  "json",
+  "output",
+  "input",
+  "database",
+  "sql",
+  "mongo",
+  "openai",
+  "agentid",
+  "risk",
+  "score",
+  "summary"
+]);
+var TECHNICAL_CONTEXT_WORD_REGEX = /\b(?:curl|http|https|import|python|javascript|typescript|sql|nosql|mongo|database|query|script|code|os\.system|eval|exec|node|npm|api|endpoint|regex|json|xml|yaml|bash|powershell)\b/i;
+var TECHNICAL_CONTEXT_SYMBOL_REGEX = /:\/\/|`|\{|\}|\[|\]|\(|\)|;|\$|=>|::|\/\//;
 function hasPhoneContext(text, matchStartIndex, windowSize = 50) {
   const start = Math.max(0, matchStartIndex - windowSize);
   const windowLower = text.slice(start, matchStartIndex).toLowerCase();
   return PHONE_CONTEXT_RE.test(windowLower);
 }
+function normalizePersonWord(value) {
+  return value.normalize("NFD").replace(/\p{M}+/gu, "").toLowerCase();
+}
+function buildContextWindow(source, index, length) {
+  const start = Math.max(0, index - 28);
+  const end = Math.min(source.length, index + length + 28);
+  return source.slice(start, end);
+}
+function isTechnicalContext(contextWindow) {
+  return TECHNICAL_CONTEXT_WORD_REGEX.test(contextWindow) || TECHNICAL_CONTEXT_SYMBOL_REGEX.test(contextWindow);
+}
+function isLikelyPersonNameCandidate(candidate, contextWindow) {
+  const words = candidate.trim().split(/\s+/);
+  if (words.length !== 2) {
+    return false;
+  }
+  if (isTechnicalContext(contextWindow)) {
+    return false;
+  }
+  for (const rawWord of words) {
+    const normalized = normalizePersonWord(rawWord);
+    if (normalized.length < 2) {
+      return false;
+    }
+    if (PERSON_NAME_STOPWORDS.has(normalized)) {
+      return false;
+    }
+    if (!/^\p{L}[\p{L}'-]+$/u.test(rawWord)) {
+      return false;
+    }
+  }
+  return true;
+}
 var PIIManager = class {
   /**
    * Reversible local-first masking using <TYPE_INDEX> placeholders.
@@ -1019,7 +1095,12 @@ var PIIManager = class {
       const personRe = /(?<!\p{L})\p{Lu}\p{Ll}{2,}\s+\p{Lu}\p{Ll}{2,}(?!\p{L})/gu;
       for (const m of text.matchAll(personRe)) {
         if (m.index == null) continue;
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "PERSON", text: m[0] });
+        const candidate = m[0];
+        const contextWindow = buildContextWindow(text, m.index, candidate.length);
+        if (!isLikelyPersonNameCandidate(candidate, contextWindow)) {
+          continue;
+        }
+        detections.push({ start: m.index, end: m.index + candidate.length, type: "PERSON", text: candidate });
       }
       const nationalIdMatches = detectNationalIdentifiers(text, {
         deadlineMs: defaultScanDeadlineMs,
@@ -1090,15 +1171,15 @@ var DE_STOPWORDS = /* @__PURE__ */ new Set(["bitte", "anweisung", "system", "reg
 var HEURISTIC_RULES = [
   {
     name: "heuristic_combo_ignore_instructions",
-    re: /\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b[\s\S]{0,120}\b(instruction(?:s)?|previous|system|developer|policy|rules|guardrails|safety|instrukce|pokyny|pravidla|syst[eé]m|bezpecnost|politika)\b/i
+    re: /\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b[\s\S]{0,160}\b(instruction(?:s)?|previous|system|developer|policy|rules?|guardrails|safety|instrukce|pokyny|pravidla|systemove?|bezpecnost(?:ni)?|politika)\b/i
   },
   {
     name: "heuristic_combo_instruction_override_reverse",
-    re: /\b(instruction(?:s)?|previous|system|developer|policy|rules|guardrails|safety|instrukce|pokyny|pravidla|syst[eé]m|bezpecnost|politika)\b[\s\S]{0,120}\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b/i
+    re: /\b(instruction(?:s)?|previous|system|developer|policy|rules?|guardrails|safety|instrukce|pokyny|pravidla|systemove?|bezpecnost(?:ni)?|politika)\b[\s\S]{0,160}\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b/i
   },
   {
     name: "heuristic_combo_exfil_system_prompt",
-    re: /\b(show|reveal|print|dump|leak|display|expose|tell|extract|ukaz|zobraz|vypis|odhal|prozrad)\b[\s\S]{0,140}\b(system prompt|system instruction(?:s)?|developer message|hidden prompt|internal instruction(?:s)?|policy|guardrails|intern[ií] instrukce)\b/i
+    re: /\b(show|reveal|print|dump|leak|display|expose|tell|extract|ukaz|zobraz|vypis|odhal|prozrad)\b[\s\S]{0,180}\b(system prompt|system instruction(?:s)?|developer message|hidden prompt|internal instruction(?:s)?|policy|guardrails|interni instrukce|systemove nastaveni)\b/i
   },
   {
     name: "heuristic_role_prefix_system_developer",
@@ -1107,6 +1188,14 @@ var HEURISTIC_RULES = [
   {
     name: "heuristic_delimiter_system_prompt",
     re: /\b(begin|start)\s+(system|developer)\s+prompt\b|\bend\s+(system|developer)\s+prompt\b/i
+  },
+  {
+    name: "heuristic_developer_mode_override",
+    re: /\b(developer\s*mode|dev\s*mode)\b[\s\S]{0,200}\b(ignore|bypass|disable|override|ignoruj|obejdi|zapomen)\b/i
+  },
+  {
+    name: "heuristic_czech_injection_phrase",
+    re: /\b(zapomen|ignoruj)\b[\s\S]{0,220}\b(predchozi\s+instrukce|bezpecnostni\s+pravidla|systemove\s+nastaveni)\b/i
   }
 ];
 var scannerSingleton = null;
@@ -1157,6 +1246,9 @@ ${input.slice(-WINDOW_SLICE_SIZE)}`;
 [...]
 ${input.slice(tailStart)}`;
 }
+function normalizeForHeuristics(input) {
+  return input.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "").replace(/\s+/g, " ").trim();
+}
 function scoreStopwords(tokens, stopwords) {
   let score = 0;
   for (const token of tokens) {
@@ -1199,9 +1291,10 @@ function findRegexMatch(prompt) {
   if (!prompt) {
     return null;
   }
+  const normalizedPrompt = normalizeForHeuristics(prompt);
   for (const rule of HEURISTIC_RULES) {
     try {
-      const match = rule.re.exec(prompt);
+      const match = rule.re.exec(normalizedPrompt);
       if (match && typeof match[0] === "string" && match[0].trim()) {
         return {
           rule: rule.name,
@@ -1462,7 +1555,7 @@ function getInjectionScanner() {
 
 // src/sdk-version.ts
 var FALLBACK_SDK_VERSION = "js-0.0.0-dev";
-var AGENTID_SDK_VERSION_HEADER = "js-0.1.22".trim().length > 0 ? "js-0.1.22" : FALLBACK_SDK_VERSION;
+var AGENTID_SDK_VERSION_HEADER = "js-0.1.24".trim().length > 0 ? "js-0.1.24" : FALLBACK_SDK_VERSION;
 
 // src/local-security-enforcer.ts
 var DEFAULT_FAIL_OPEN_CONFIG = {
@@ -1470,12 +1563,21 @@ var DEFAULT_FAIL_OPEN_CONFIG = {
   strict_security_mode: false,
   failure_mode: "fail_open",
   block_on_heuristic: false,
+  inject_transparency_metadata: false,
   block_pii_leakage: false,
   block_db_access: false,
   block_code_execution: false,
   block_toxicity: false
 };
 var SQL_DATABASE_ACCESS_PATTERN = /\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|ALTER)\b[\s\S]+?\b(FROM|INTO|TABLE|DATABASE|VIEW|INDEX)\b/i;
+var NOSQL_DATABASE_ACCESS_PATTERNS = [
+  /\bdb\.[A-Za-z_][A-Za-z0-9_]*\.(find|findOne|aggregate|updateOne|updateMany|deleteOne|deleteMany|insertOne|insertMany)\s*\(/i,
+  /\b(collection|mongodb)\.(find|findOne|aggregate|updateOne|updateMany|deleteOne|deleteMany|insertOne|insertMany)\s*\(/i,
+  /\b\$where\b/i,
+  /\b\$expr\b/i,
+  /\b\$regex\b/i,
+  /\bMongoClient\.connect\s*\(/i
+];
 var PYTHON_GENERAL_RCE_PATTERN = /(import\s+(os|sys|subprocess)|from\s+(os|sys|subprocess)\s+import|exec\s*\(|eval\s*\(|__import__)/i;
 var SHELL_BASH_RCE_PATTERN = /(wget\s+|curl\s+|rm\s+-rf|chmod\s+\+x|cat\s+\/etc\/passwd|\/bin\/sh|\/bin\/bash)/i;
 var JAVASCRIPT_RCE_PATTERN = /(new\s+Function\(|process\.env|child_process)/i;
@@ -1489,8 +1591,15 @@ var SecurityPolicyViolationError = class extends Error {
   }
 };
 function detectCapabilityViolation(text, config) {
-  if (config.block_db_access && SQL_DATABASE_ACCESS_PATTERN.test(text)) {
-    return "SQL_INJECTION_ATTEMPT";
+  if (config.block_db_access) {
+    if (SQL_DATABASE_ACCESS_PATTERN.test(text)) {
+      return "SQL_INJECTION_ATTEMPT";
+    }
+    for (const pattern of NOSQL_DATABASE_ACCESS_PATTERNS) {
+      if (pattern.test(text)) {
+        return "SQL_INJECTION_ATTEMPT";
+      }
+    }
   }
   if (config.block_code_execution && (PYTHON_GENERAL_RCE_PATTERN.test(text) || SHELL_BASH_RCE_PATTERN.test(text) || JAVASCRIPT_RCE_PATTERN.test(text))) {
     return "RCE_ATTEMPT";
@@ -1637,6 +1746,11 @@ function normalizeCapabilityConfig(payload) {
     strict_security_mode: effectiveStrictMode,
     failure_mode: effectiveStrictMode ? "fail_close" : "fail_open",
     block_on_heuristic: blockOnHeuristic,
+    inject_transparency_metadata: readOptionalBooleanAliases(
+      body,
+      ["inject_transparency_metadata", "transparency_metadata_enabled"],
+      false
+    ),
     block_pii_leakage: readBooleanField(body, "block_pii_leakage", "block_pii"),
     block_db_access: readBooleanField(body, "block_db_access", "block_db"),
     block_code_execution: readBooleanField(
@@ -1951,6 +2065,53 @@ async function safeReadJson2(response) {
     return null;
   }
 }
+function coerceTransparencyMetadata(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return void 0;
+  }
+  const raw = value;
+  if (raw.is_ai_generated !== true) {
+    return void 0;
+  }
+  if (raw.disclosure !== "You are interacting with an AI.") {
+    return void 0;
+  }
+  if (raw.article !== "EU_AI_ACT_ARTICLE_50") {
+    return void 0;
+  }
+  if (raw.injection_mode !== "deterministic") {
+    return void 0;
+  }
+  return {
+    is_ai_generated: true,
+    disclosure: "You are interacting with an AI.",
+    article: "EU_AI_ACT_ARTICLE_50",
+    injection_mode: "deterministic"
+  };
+}
+function attachTransparencyMetadata(target, transparency) {
+  if (!transparency) {
+    return target;
+  }
+  if (!target || typeof target !== "object" && typeof target !== "function") {
+    return target;
+  }
+  try {
+    Object.defineProperty(target, "agentid_transparency", {
+      value: transparency,
+      enumerable: false,
+      configurable: true,
+      writable: false
+    });
+    return target;
+  } catch {
+    try {
+      target.agentid_transparency = transparency;
+    } catch {
+    }
+    return target;
+  }
+}
 function createCompletionChunkCollector() {
   if (typeof TransformStream === "function") {
     const stream = new TransformStream({
@@ -2275,6 +2436,16 @@ var AgentID = class {
    * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
    */
   async guard(params, options) {
+    const guardStartedAt = Date.now();
+    const withGuardLatency = (response) => {
+      if (typeof response.guard_latency_ms === "number" && Number.isFinite(response.guard_latency_ms)) {
+        return response;
+      }
+      return {
+        ...response,
+        guard_latency_ms: Math.max(0, Date.now() - guardStartedAt)
+      };
+    };
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
     const effectiveStrictMode = await this.resolveEffectiveStrictMode({
       apiKey: effectiveApiKey
@@ -2286,7 +2457,7 @@ var AgentID = class {
     const guardCacheKey = this.buildGuardCacheKey(payload);
     const cachedVerdict = this.readCachedGuardVerdict(guardCacheKey);
     if (cachedVerdict) {
-      return cachedVerdict;
+      return withGuardLatency(cachedVerdict);
     }
     const correlationId = createCorrelationId(payload.client_event_id);
     let lastStatusCode = null;
@@ -2310,7 +2481,12 @@ var AgentID = class {
         lastStatusCode = res.status;
         const responseBody = await safeReadJson2(res);
         if (responseBody && typeof responseBody.allowed === "boolean") {
-          const verdict = responseBody;
+          const rawVerdict = responseBody;
+          const transparency = coerceTransparencyMetadata(rawVerdict.transparency);
+          const verdict = {
+            ...rawVerdict,
+            ...transparency ? { transparency } : {}
+          };
           const infrastructureFailure = verdict.allowed === false && (isInfrastructureGuardReason(verdict.reason) || !verdict.reason && res.status >= 500);
           if (infrastructureFailure) {
             if (attempt < GUARD_MAX_ATTEMPTS - 1) {
@@ -2321,7 +2497,10 @@ var AgentID = class {
               console.warn(
                 `[AgentID] Guard API infrastructure failure in strict mode (${verdict.reason ?? `http_${res.status}`}). Blocking request.`
               );
-              return { allowed: false, reason: verdict.reason ?? "network_error_strict_mode" };
+              return withGuardLatency({
+                allowed: false,
+                reason: verdict.reason ?? "network_error_strict_mode"
+              });
             }
             console.warn(
               `[AgentID] Guard API infrastructure fallback in fail-open mode (${verdict.reason ?? `http_${res.status}`}).`
@@ -2332,10 +2511,10 @@ var AgentID = class {
               guardParams: params,
               apiKey: effectiveApiKey
             });
-            return { allowed: true, reason: "system_failure_fail_open" };
+            return withGuardLatency({ allowed: true, reason: "system_failure_fail_open" });
           }
           this.cacheGuardVerdict(guardCacheKey, verdict);
-          return verdict;
+          return withGuardLatency(verdict);
         }
         if (!res.ok) {
           if (res.status >= 500 && attempt < GUARD_MAX_ATTEMPTS - 1) {
@@ -2365,9 +2544,9 @@ var AgentID = class {
             apiKey: effectiveApiKey
           });
           if (effectiveStrictMode) {
-            return { allowed: false, reason: "network_error_strict_mode" };
+            return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
           }
-          return { allowed: true, reason: "timeout_fallback" };
+          return withGuardLatency({ allowed: true, reason: "timeout_fallback" });
         }
         console.warn(
           effectiveStrictMode ? "[AgentID] Guard check failed (Strict mode active):" : "[AgentID] Guard check failed (Fail-Open active):",
@@ -2380,33 +2559,33 @@ var AgentID = class {
           apiKey: effectiveApiKey
         });
         if (effectiveStrictMode) {
-          return { allowed: false, reason: "network_error_strict_mode" };
+          return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
         }
-        return { allowed: true, reason: "guard_unreachable" };
+        return withGuardLatency({ allowed: true, reason: "guard_unreachable" });
       } finally {
         clearTimeout(timeoutId);
       }
     }
     if (lastAbort) {
       if (effectiveStrictMode) {
-        return { allowed: false, reason: "network_error_strict_mode" };
+        return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
       }
-      return { allowed: true, reason: "timeout_fallback" };
+      return withGuardLatency({ allowed: true, reason: "timeout_fallback" });
     }
     if (typeof lastStatusCode === "number" && lastStatusCode >= 500) {
       if (effectiveStrictMode) {
-        return { allowed: false, reason: "server_error" };
+        return withGuardLatency({ allowed: false, reason: "server_error" });
       }
-      return { allowed: true, reason: "system_failure_fail_open" };
+      return withGuardLatency({ allowed: true, reason: "system_failure_fail_open" });
     }
     console.warn(
       effectiveStrictMode ? "[AgentID] Guard check failed (Strict mode active):" : "[AgentID] Guard check failed (Fail-Open active):",
       lastError
     );
     if (effectiveStrictMode) {
-      return { allowed: false, reason: "network_error_strict_mode" };
+      return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
     }
-    return { allowed: true, reason: "guard_unreachable" };
+    return withGuardLatency({ allowed: true, reason: "guard_unreachable" });
   }
   async sendIngest(params, options) {
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
@@ -2415,13 +2594,18 @@ var AgentID = class {
     const metadata = {
       ...params.metadata ?? {}
     };
+    const metadataClientEventId = typeof metadata.client_event_id === "string" && isUuidLike(metadata.client_event_id) ? metadata.client_event_id : null;
+    const canonicalClientEventId = metadataClientEventId ?? eventId;
+    if (!metadataClientEventId) {
+      metadata.client_event_id = canonicalClientEventId;
+    }
     if (!Object.prototype.hasOwnProperty.call(metadata, "agentid_base_url")) {
       metadata.agentid_base_url = this.baseUrl;
     }
     void this.getCapabilityConfig(false, { apiKey: effectiveApiKey }).catch(() => void 0);
     const payload = {
       ...params,
-      event_id: eventId,
+      event_id: canonicalClientEventId,
       timestamp,
       input: sanitizeIngestText(params.input),
       output: sanitizeIngestText(params.output),
@@ -2438,6 +2622,7 @@ var AgentID = class {
           headers: {
             "Content-Type": "application/json",
             "x-agentid-api-key": effectiveApiKey,
+            "x-correlation-id": canonicalClientEventId,
             "X-AgentID-SDK-Version": AGENTID_SDK_VERSION_HEADER
           },
           body: JSON.stringify(payload),
@@ -2621,6 +2806,7 @@ var AgentID = class {
               return async (...args) => {
                 const normalizedCreateArgs = normalizeOpenAICreateArgs(args);
                 const req = normalizedCreateArgs?.[0] ?? {};
+                const pipelineStartedAt = Date.now();
                 const requestLevelApiKey = options.resolveApiKey?.(req) ?? options.apiKey ?? options.api_key;
                 const effectiveApiKey = this.resolveApiKey(requestLevelApiKey);
                 const requestOptions = { apiKey: effectiveApiKey };
@@ -2688,6 +2874,8 @@ var AgentID = class {
                 }
                 const canonicalClientEventId = typeof verdict.client_event_id === "string" && isUuidLike(verdict.client_event_id) ? verdict.client_event_id : clientEventId;
                 const guardEventId = typeof verdict.guard_event_id === "string" && verdict.guard_event_id.length > 0 ? verdict.guard_event_id : null;
+                const guardLatencyMs = typeof verdict.guard_latency_ms === "number" && Number.isFinite(verdict.guard_latency_ms) ? Math.max(0, Math.trunc(verdict.guard_latency_ms)) : Math.max(0, Date.now() - pipelineStartedAt);
+                const transparency = coerceTransparencyMetadata(verdict.transparency);
                 const isShadowMode = verdict.shadow_mode === true;
                 const transformedInput = isShadowMode ? maskedText : typeof verdict.transformed_input === "string" && verdict.transformed_input.length > 0 ? verdict.transformed_input : maskedText;
                 if (transformedInput !== maskedText) {
@@ -2701,6 +2889,7 @@ var AgentID = class {
                   createArgs = nextCreateArgs;
                 }
                 if (stream) {
+                  const modelStartedAt2 = Date.now();
                   const streamResponse = await originalCreate.apply(compTarget, createArgs);
                   const wrappedCompletion = this.wrapCompletion(
                     isAsyncIterable(streamResponse) ? streamResponse : (async function* () {
@@ -2711,6 +2900,8 @@ var AgentID = class {
                   );
                   if (maskedText && wrappedCompletion.mode === "stream") {
                     void wrappedCompletion.done.then(async (result) => {
+                      const modelLatencyMs2 = Math.max(0, Date.now() - modelStartedAt2);
+                      const totalPipelineLatencyMs2 = Math.max(0, Date.now() - pipelineStartedAt);
                       const outputForLog = isShadowMode ? result.rawOutput : result.transformedOutput;
                       const ingestResult = await this.sendIngest({
                         event_id: canonicalClientEventId,
@@ -2720,7 +2911,7 @@ var AgentID = class {
                         output: outputForLog,
                         model: adapter.getModelName(maskedReq),
                         usage: void 0,
-                        latency: void 0,
+                        latency: modelLatencyMs2,
                         event_type: "complete",
                         metadata: {
                           transformed_input: maskedText,
@@ -2730,8 +2921,12 @@ var AgentID = class {
                           simulated_decision: verdict.simulated_decision ?? null,
                           simulated_output_decision: isShadowMode && result.outputMasked ? "masked" : "allowed",
                           response_streamed: true,
+                          guard_latency_ms: guardLatencyMs,
+                          model_latency_ms: modelLatencyMs2,
+                          total_pipeline_latency_ms: totalPipelineLatencyMs2,
                           guard_event_id: guardEventId,
-                          client_event_id: canonicalClientEventId
+                          client_event_id: canonicalClientEventId,
+                          transparency
                         },
                         client_capabilities: this.buildClientCapabilities("openai", false)
                       }, requestOptions);
@@ -2744,11 +2939,15 @@ var AgentID = class {
                       console.error("[AgentID] Stream completion wrapping failed:", error);
                     });
                   }
-                  return wrappedCompletion.mode === "stream" ? wrappedCompletion.completion : streamResponse;
+                  if (wrappedCompletion.mode === "stream") {
+                    return attachTransparencyMetadata(wrappedCompletion.completion, transparency);
+                  }
+                  return attachTransparencyMetadata(streamResponse, transparency);
                 }
-                const start = Date.now();
+                const modelStartedAt = Date.now();
                 const res = await originalCreate.apply(compTarget, createArgs);
-                const latency = Date.now() - start;
+                const modelLatencyMs = Math.max(0, Date.now() - modelStartedAt);
+                const totalPipelineLatencyMs = Math.max(0, Date.now() - pipelineStartedAt);
                 if (maskedText) {
                   const output = adapter.extractOutput(res);
                   const wrappedCompletion = this.wrapCompletion(output);
@@ -2763,7 +2962,7 @@ var AgentID = class {
                     output: outputForLog,
                     model,
                     usage,
-                    latency,
+                    latency: modelLatencyMs,
                     event_type: "complete",
                     metadata: {
                       transformed_input: maskedText,
@@ -2773,8 +2972,12 @@ var AgentID = class {
                       simulated_decision: verdict.simulated_decision ?? null,
                       simulated_output_decision: isShadowMode && wrappedCompletion.outputMasked ? "masked" : "allowed",
                       response_streamed: false,
+                      guard_latency_ms: guardLatencyMs,
+                      model_latency_ms: modelLatencyMs,
+                      total_pipeline_latency_ms: totalPipelineLatencyMs,
                       guard_event_id: guardEventId,
-                      client_event_id: canonicalClientEventId
+                      client_event_id: canonicalClientEventId,
+                      transparency
                     },
                     client_capabilities: this.buildClientCapabilities("openai", false)
                   }, requestOptions);
@@ -2801,7 +3004,7 @@ var AgentID = class {
                   } catch {
                   }
                 }
-                return res;
+                return attachTransparencyMetadata(res, transparency);
               };
             }
           });

package/dist/index.d.mts

@@ -1,4 +1,6 @@
-export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BmsXTOCc.mjs';
+import { T as TransparencyMetadata } from './agentid-BGCUoYV7.mjs';
+export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BGCUoYV7.mjs';
+import * as react_jsx_runtime from 'react/jsx-runtime';
 
 type PIIMapping = Record<string, string>;
 declare class PIIManager {
@@ -52,4 +54,25 @@ declare class InjectionScanner {
 }
 declare function getInjectionScanner(): InjectionScanner;
 
-export { type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, getInjectionScanner, scanWithRegex };
+type AgentIDTransparencyBadgeTelemetry = {
+    systemId: string;
+    apiKey?: string;
+    ingestUrl?: string;
+    baseUrl?: string;
+    userId?: string;
+    model?: string;
+    headers?: Record<string, string>;
+    metadata?: Record<string, unknown>;
+    onError?: (error: unknown) => void;
+};
+type AgentIDTransparencyBadgeProps = {
+    telemetry: AgentIDTransparencyBadgeTelemetry;
+    metadata?: TransparencyMetadata | null;
+    message?: string;
+    placement?: "chat-header" | "watermark-overlay";
+    fixed?: boolean;
+    className?: string;
+};
+declare function AgentIDTransparencyBadge(props: AgentIDTransparencyBadgeProps): react_jsx_runtime.JSX.Element;
+
+export { AgentIDTransparencyBadge, type AgentIDTransparencyBadgeProps, type AgentIDTransparencyBadgeTelemetry, type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, TransparencyMetadata, getInjectionScanner, scanWithRegex };

package/dist/index.d.ts

@@ -1,4 +1,6 @@
-export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BmsXTOCc.js';
+import { T as TransparencyMetadata } from './agentid-BGCUoYV7.js';
+export { A as AgentID, G as GuardParams, a as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions, S as SecurityBlockError } from './agentid-BGCUoYV7.js';
+import * as react_jsx_runtime from 'react/jsx-runtime';
 
 type PIIMapping = Record<string, string>;
 declare class PIIManager {
@@ -52,4 +54,25 @@ declare class InjectionScanner {
 }
 declare function getInjectionScanner(): InjectionScanner;
 
-export { type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, getInjectionScanner, scanWithRegex };
+type AgentIDTransparencyBadgeTelemetry = {
+    systemId: string;
+    apiKey?: string;
+    ingestUrl?: string;
+    baseUrl?: string;
+    userId?: string;
+    model?: string;
+    headers?: Record<string, string>;
+    metadata?: Record<string, unknown>;
+    onError?: (error: unknown) => void;
+};
+type AgentIDTransparencyBadgeProps = {
+    telemetry: AgentIDTransparencyBadgeTelemetry;
+    metadata?: TransparencyMetadata | null;
+    message?: string;
+    placement?: "chat-header" | "watermark-overlay";
+    fixed?: boolean;
+    className?: string;
+};
+declare function AgentIDTransparencyBadge(props: AgentIDTransparencyBadgeProps): react_jsx_runtime.JSX.Element;
+
+export { AgentIDTransparencyBadge, type AgentIDTransparencyBadgeProps, type AgentIDTransparencyBadgeTelemetry, type InjectionScanParams, InjectionScanner, type LLMAdapter, OpenAIAdapter, PIIManager, type PIIMapping, type TokenUsage, TransparencyMetadata, getInjectionScanner, scanWithRegex };