agentid-sdk 0.1.22 → 0.1.24

package/dist/index.js

@@ -31,6 +31,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var index_exports = {};
 __export(index_exports, {
   AgentID: () => AgentID,
+  AgentIDTransparencyBadge: () => AgentIDTransparencyBadge,
   InjectionScanner: () => InjectionScanner,
   OpenAIAdapter: () => OpenAIAdapter,
   PIIManager: () => PIIManager,
@@ -84,7 +85,7 @@ var OpenAIAdapter = class {
 
 // src/sdk-version.ts
 var FALLBACK_SDK_VERSION = "js-0.0.0-dev";
-var AGENTID_SDK_VERSION_HEADER = "js-0.1.22".trim().length > 0 ? "js-0.1.22" : FALLBACK_SDK_VERSION;
+var AGENTID_SDK_VERSION_HEADER = "js-0.1.24".trim().length > 0 ? "js-0.1.24" : FALLBACK_SDK_VERSION;
 
 // src/pii-national-identifiers.ts
 var MAX_CANDIDATES_PER_RULE = 256;
@@ -1016,11 +1017,87 @@ var PHONE_CONTEXT_RE = new RegExp(
   `(?:^|[^\\p{L}])(?:${PHONE_CONTEXT_KEYWORDS.map(escapeRegex).join("|")})(?:$|[^\\p{L}])`,
   "iu"
 );
+var PERSON_NAME_STOPWORDS = /* @__PURE__ */ new Set([
+  "write",
+  "code",
+  "script",
+  "query",
+  "curl",
+  "http",
+  "https",
+  "import",
+  "python",
+  "javascript",
+  "typescript",
+  "node",
+  "bash",
+  "powershell",
+  "shell",
+  "command",
+  "example",
+  "demo",
+  "developer",
+  "mode",
+  "system",
+  "prompt",
+  "policy",
+  "security",
+  "instructions",
+  "instruction",
+  "rules",
+  "rule",
+  "json",
+  "output",
+  "input",
+  "database",
+  "sql",
+  "mongo",
+  "openai",
+  "agentid",
+  "risk",
+  "score",
+  "summary"
+]);
+var TECHNICAL_CONTEXT_WORD_REGEX = /\b(?:curl|http|https|import|python|javascript|typescript|sql|nosql|mongo|database|query|script|code|os\.system|eval|exec|node|npm|api|endpoint|regex|json|xml|yaml|bash|powershell)\b/i;
+var TECHNICAL_CONTEXT_SYMBOL_REGEX = /:\/\/|`|\{|\}|\[|\]|\(|\)|;|\$|=>|::|\/\//;
 function hasPhoneContext(text, matchStartIndex, windowSize = 50) {
   const start = Math.max(0, matchStartIndex - windowSize);
   const windowLower = text.slice(start, matchStartIndex).toLowerCase();
   return PHONE_CONTEXT_RE.test(windowLower);
 }
+function normalizePersonWord(value) {
+  return value.normalize("NFD").replace(/\p{M}+/gu, "").toLowerCase();
+}
+function buildContextWindow(source, index, length) {
+  const start = Math.max(0, index - 28);
+  const end = Math.min(source.length, index + length + 28);
+  return source.slice(start, end);
+}
+function isTechnicalContext(contextWindow) {
+  return TECHNICAL_CONTEXT_WORD_REGEX.test(contextWindow) || TECHNICAL_CONTEXT_SYMBOL_REGEX.test(contextWindow);
+}
+function isLikelyPersonNameCandidate(candidate, contextWindow) {
+  const words = candidate.trim().split(/\s+/);
+  if (words.length !== 2) {
+    return false;
+  }
+  if (isTechnicalContext(contextWindow)) {
+    return false;
+  }
+  for (const rawWord of words) {
+    const normalized = normalizePersonWord(rawWord);
+    if (normalized.length < 2) {
+      return false;
+    }
+    if (PERSON_NAME_STOPWORDS.has(normalized)) {
+      return false;
+    }
+    if (!/^\p{L}[\p{L}'-]+$/u.test(rawWord)) {
+      return false;
+    }
+  }
+  return true;
+}
 var PIIManager = class {
   /**
    * Reversible local-first masking using <TYPE_INDEX> placeholders.
@@ -1065,7 +1142,12 @@ var PIIManager = class {
       const personRe = /(?<!\p{L})\p{Lu}\p{Ll}{2,}\s+\p{Lu}\p{Ll}{2,}(?!\p{L})/gu;
       for (const m of text.matchAll(personRe)) {
         if (m.index == null) continue;
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "PERSON", text: m[0] });
+        const candidate = m[0];
+        const contextWindow = buildContextWindow(text, m.index, candidate.length);
+        if (!isLikelyPersonNameCandidate(candidate, contextWindow)) {
+          continue;
+        }
+        detections.push({ start: m.index, end: m.index + candidate.length, type: "PERSON", text: candidate });
       }
       const nationalIdMatches = detectNationalIdentifiers(text, {
         deadlineMs: defaultScanDeadlineMs,
@@ -1120,12 +1202,21 @@ var DEFAULT_FAIL_OPEN_CONFIG = {
   strict_security_mode: false,
   failure_mode: "fail_open",
   block_on_heuristic: false,
+  inject_transparency_metadata: false,
   block_pii_leakage: false,
   block_db_access: false,
   block_code_execution: false,
   block_toxicity: false
 };
 var SQL_DATABASE_ACCESS_PATTERN = /\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|ALTER)\b[\s\S]+?\b(FROM|INTO|TABLE|DATABASE|VIEW|INDEX)\b/i;
+var NOSQL_DATABASE_ACCESS_PATTERNS = [
+  /\bdb\.[A-Za-z_][A-Za-z0-9_]*\.(find|findOne|aggregate|updateOne|updateMany|deleteOne|deleteMany|insertOne|insertMany)\s*\(/i,
+  /\b(collection|mongodb)\.(find|findOne|aggregate|updateOne|updateMany|deleteOne|deleteMany|insertOne|insertMany)\s*\(/i,
+  /\b\$where\b/i,
+  /\b\$expr\b/i,
+  /\b\$regex\b/i,
+  /\bMongoClient\.connect\s*\(/i
+];
 var PYTHON_GENERAL_RCE_PATTERN = /(import\s+(os|sys|subprocess)|from\s+(os|sys|subprocess)\s+import|exec\s*\(|eval\s*\(|__import__)/i;
 var SHELL_BASH_RCE_PATTERN = /(wget\s+|curl\s+|rm\s+-rf|chmod\s+\+x|cat\s+\/etc\/passwd|\/bin\/sh|\/bin\/bash)/i;
 var JAVASCRIPT_RCE_PATTERN = /(new\s+Function\(|process\.env|child_process)/i;
@@ -1139,8 +1230,15 @@ var SecurityPolicyViolationError = class extends Error {
   }
 };
 function detectCapabilityViolation(text, config) {
-  if (config.block_db_access && SQL_DATABASE_ACCESS_PATTERN.test(text)) {
-    return "SQL_INJECTION_ATTEMPT";
+  if (config.block_db_access) {
+    if (SQL_DATABASE_ACCESS_PATTERN.test(text)) {
+      return "SQL_INJECTION_ATTEMPT";
+    }
+    for (const pattern of NOSQL_DATABASE_ACCESS_PATTERNS) {
+      if (pattern.test(text)) {
+        return "SQL_INJECTION_ATTEMPT";
+      }
+    }
   }
   if (config.block_code_execution && (PYTHON_GENERAL_RCE_PATTERN.test(text) || SHELL_BASH_RCE_PATTERN.test(text) || JAVASCRIPT_RCE_PATTERN.test(text))) {
     return "RCE_ATTEMPT";
@@ -1287,6 +1385,11 @@ function normalizeCapabilityConfig(payload) {
     strict_security_mode: effectiveStrictMode,
     failure_mode: effectiveStrictMode ? "fail_close" : "fail_open",
     block_on_heuristic: blockOnHeuristic,
+    inject_transparency_metadata: readOptionalBooleanAliases(
+      body,
+      ["inject_transparency_metadata", "transparency_metadata_enabled"],
+      false
+    ),
     block_pii_leakage: readBooleanField(body, "block_pii_leakage", "block_pii"),
     block_db_access: readBooleanField(body, "block_db_access", "block_db"),
     block_code_execution: readBooleanField(
@@ -1473,15 +1576,15 @@ var DE_STOPWORDS = /* @__PURE__ */ new Set(["bitte", "anweisung", "system", "reg
 var HEURISTIC_RULES = [
   {
     name: "heuristic_combo_ignore_instructions",
-    re: /\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b[\s\S]{0,120}\b(instruction(?:s)?|previous|system|developer|policy|rules|guardrails|safety|instrukce|pokyny|pravidla|syst[eé]m|bezpecnost|politika)\b/i
+    re: /\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b[\s\S]{0,160}\b(instruction(?:s)?|previous|system|developer|policy|rules?|guardrails|safety|instrukce|pokyny|pravidla|systemove?|bezpecnost(?:ni)?|politika)\b/i
   },
   {
     name: "heuristic_combo_instruction_override_reverse",
-    re: /\b(instruction(?:s)?|previous|system|developer|policy|rules|guardrails|safety|instrukce|pokyny|pravidla|syst[eé]m|bezpecnost|politika)\b[\s\S]{0,120}\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b/i
+    re: /\b(instruction(?:s)?|previous|system|developer|policy|rules?|guardrails|safety|instrukce|pokyny|pravidla|systemove?|bezpecnost(?:ni)?|politika)\b[\s\S]{0,160}\b(ignore|disregard|forget|override|bypass|disable|jailbreak|dan|ignoruj|zapomen|obejdi|prepis)\b/i
   },
   {
     name: "heuristic_combo_exfil_system_prompt",
-    re: /\b(show|reveal|print|dump|leak|display|expose|tell|extract|ukaz|zobraz|vypis|odhal|prozrad)\b[\s\S]{0,140}\b(system prompt|system instruction(?:s)?|developer message|hidden prompt|internal instruction(?:s)?|policy|guardrails|intern[ií] instrukce)\b/i
+    re: /\b(show|reveal|print|dump|leak|display|expose|tell|extract|ukaz|zobraz|vypis|odhal|prozrad)\b[\s\S]{0,180}\b(system prompt|system instruction(?:s)?|developer message|hidden prompt|internal instruction(?:s)?|policy|guardrails|interni instrukce|systemove nastaveni)\b/i
   },
   {
     name: "heuristic_role_prefix_system_developer",
@@ -1490,6 +1593,14 @@ var HEURISTIC_RULES = [
   {
     name: "heuristic_delimiter_system_prompt",
     re: /\b(begin|start)\s+(system|developer)\s+prompt\b|\bend\s+(system|developer)\s+prompt\b/i
+  },
+  {
+    name: "heuristic_developer_mode_override",
+    re: /\b(developer\s*mode|dev\s*mode)\b[\s\S]{0,200}\b(ignore|bypass|disable|override|ignoruj|obejdi|zapomen)\b/i
+  },
+  {
+    name: "heuristic_czech_injection_phrase",
+    re: /\b(zapomen|ignoruj)\b[\s\S]{0,220}\b(predchozi\s+instrukce|bezpecnostni\s+pravidla|systemove\s+nastaveni)\b/i
   }
 ];
 var scannerSingleton = null;
@@ -1540,6 +1651,9 @@ ${input.slice(-WINDOW_SLICE_SIZE)}`;
 [...]
 ${input.slice(tailStart)}`;
 }
+function normalizeForHeuristics(input) {
+  return input.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "").replace(/\s+/g, " ").trim();
+}
 function scoreStopwords(tokens, stopwords) {
   let score = 0;
   for (const token of tokens) {
@@ -1582,9 +1696,10 @@ function findRegexMatch(prompt) {
   if (!prompt) {
     return null;
   }
+  const normalizedPrompt = normalizeForHeuristics(prompt);
   for (const rule of HEURISTIC_RULES) {
     try {
-      const match = rule.re.exec(prompt);
+      const match = rule.re.exec(normalizedPrompt);
       if (match && typeof match[0] === "string" && match[0].trim()) {
         return {
           rule: rule.name,
@@ -1993,6 +2108,53 @@ async function safeReadJson2(response) {
     return null;
   }
 }
+function coerceTransparencyMetadata(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return void 0;
+  }
+  const raw = value;
+  if (raw.is_ai_generated !== true) {
+    return void 0;
+  }
+  if (raw.disclosure !== "You are interacting with an AI.") {
+    return void 0;
+  }
+  if (raw.article !== "EU_AI_ACT_ARTICLE_50") {
+    return void 0;
+  }
+  if (raw.injection_mode !== "deterministic") {
+    return void 0;
+  }
+  return {
+    is_ai_generated: true,
+    disclosure: "You are interacting with an AI.",
+    article: "EU_AI_ACT_ARTICLE_50",
+    injection_mode: "deterministic"
+  };
+}
+function attachTransparencyMetadata(target, transparency) {
+  if (!transparency) {
+    return target;
+  }
+  if (!target || typeof target !== "object" && typeof target !== "function") {
+    return target;
+  }
+  try {
+    Object.defineProperty(target, "agentid_transparency", {
+      value: transparency,
+      enumerable: false,
+      configurable: true,
+      writable: false
+    });
+    return target;
+  } catch {
+    try {
+      target.agentid_transparency = transparency;
+    } catch {
+    }
+    return target;
+  }
+}
 function createCompletionChunkCollector() {
   if (typeof TransformStream === "function") {
     const stream = new TransformStream({
@@ -2317,6 +2479,16 @@ var AgentID = class {
    * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
    */
   async guard(params, options) {
+    const guardStartedAt = Date.now();
+    const withGuardLatency = (response) => {
+      if (typeof response.guard_latency_ms === "number" && Number.isFinite(response.guard_latency_ms)) {
+        return response;
+      }
+      return {
+        ...response,
+        guard_latency_ms: Math.max(0, Date.now() - guardStartedAt)
+      };
+    };
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
     const effectiveStrictMode = await this.resolveEffectiveStrictMode({
       apiKey: effectiveApiKey
@@ -2328,7 +2500,7 @@ var AgentID = class {
     const guardCacheKey = this.buildGuardCacheKey(payload);
     const cachedVerdict = this.readCachedGuardVerdict(guardCacheKey);
     if (cachedVerdict) {
-      return cachedVerdict;
+      return withGuardLatency(cachedVerdict);
     }
     const correlationId = createCorrelationId(payload.client_event_id);
     let lastStatusCode = null;
@@ -2352,7 +2524,12 @@ var AgentID = class {
         lastStatusCode = res.status;
         const responseBody = await safeReadJson2(res);
         if (responseBody && typeof responseBody.allowed === "boolean") {
-          const verdict = responseBody;
+          const rawVerdict = responseBody;
+          const transparency = coerceTransparencyMetadata(rawVerdict.transparency);
+          const verdict = {
+            ...rawVerdict,
+            ...transparency ? { transparency } : {}
+          };
           const infrastructureFailure = verdict.allowed === false && (isInfrastructureGuardReason(verdict.reason) || !verdict.reason && res.status >= 500);
           if (infrastructureFailure) {
             if (attempt < GUARD_MAX_ATTEMPTS - 1) {
@@ -2363,7 +2540,10 @@ var AgentID = class {
               console.warn(
                 `[AgentID] Guard API infrastructure failure in strict mode (${verdict.reason ?? `http_${res.status}`}). Blocking request.`
               );
-              return { allowed: false, reason: verdict.reason ?? "network_error_strict_mode" };
+              return withGuardLatency({
+                allowed: false,
+                reason: verdict.reason ?? "network_error_strict_mode"
+              });
             }
             console.warn(
               `[AgentID] Guard API infrastructure fallback in fail-open mode (${verdict.reason ?? `http_${res.status}`}).`
@@ -2374,10 +2554,10 @@ var AgentID = class {
               guardParams: params,
               apiKey: effectiveApiKey
             });
-            return { allowed: true, reason: "system_failure_fail_open" };
+            return withGuardLatency({ allowed: true, reason: "system_failure_fail_open" });
           }
           this.cacheGuardVerdict(guardCacheKey, verdict);
-          return verdict;
+          return withGuardLatency(verdict);
         }
         if (!res.ok) {
           if (res.status >= 500 && attempt < GUARD_MAX_ATTEMPTS - 1) {
@@ -2407,9 +2587,9 @@ var AgentID = class {
             apiKey: effectiveApiKey
           });
           if (effectiveStrictMode) {
-            return { allowed: false, reason: "network_error_strict_mode" };
+            return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
           }
-          return { allowed: true, reason: "timeout_fallback" };
+          return withGuardLatency({ allowed: true, reason: "timeout_fallback" });
         }
         console.warn(
           effectiveStrictMode ? "[AgentID] Guard check failed (Strict mode active):" : "[AgentID] Guard check failed (Fail-Open active):",
@@ -2422,33 +2602,33 @@ var AgentID = class {
           apiKey: effectiveApiKey
         });
         if (effectiveStrictMode) {
-          return { allowed: false, reason: "network_error_strict_mode" };
+          return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
         }
-        return { allowed: true, reason: "guard_unreachable" };
+        return withGuardLatency({ allowed: true, reason: "guard_unreachable" });
       } finally {
         clearTimeout(timeoutId);
       }
     }
     if (lastAbort) {
       if (effectiveStrictMode) {
-        return { allowed: false, reason: "network_error_strict_mode" };
+        return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
       }
-      return { allowed: true, reason: "timeout_fallback" };
+      return withGuardLatency({ allowed: true, reason: "timeout_fallback" });
     }
     if (typeof lastStatusCode === "number" && lastStatusCode >= 500) {
       if (effectiveStrictMode) {
-        return { allowed: false, reason: "server_error" };
+        return withGuardLatency({ allowed: false, reason: "server_error" });
       }
-      return { allowed: true, reason: "system_failure_fail_open" };
+      return withGuardLatency({ allowed: true, reason: "system_failure_fail_open" });
     }
     console.warn(
       effectiveStrictMode ? "[AgentID] Guard check failed (Strict mode active):" : "[AgentID] Guard check failed (Fail-Open active):",
       lastError
     );
     if (effectiveStrictMode) {
-      return { allowed: false, reason: "network_error_strict_mode" };
+      return withGuardLatency({ allowed: false, reason: "network_error_strict_mode" });
     }
-    return { allowed: true, reason: "guard_unreachable" };
+    return withGuardLatency({ allowed: true, reason: "guard_unreachable" });
   }
   async sendIngest(params, options) {
     const effectiveApiKey = this.resolveApiKey(options?.apiKey);
@@ -2457,13 +2637,18 @@ var AgentID = class {
     const metadata = {
       ...params.metadata ?? {}
     };
+    const metadataClientEventId = typeof metadata.client_event_id === "string" && isUuidLike(metadata.client_event_id) ? metadata.client_event_id : null;
+    const canonicalClientEventId = metadataClientEventId ?? eventId;
+    if (!metadataClientEventId) {
+      metadata.client_event_id = canonicalClientEventId;
+    }
     if (!Object.prototype.hasOwnProperty.call(metadata, "agentid_base_url")) {
       metadata.agentid_base_url = this.baseUrl;
     }
     void this.getCapabilityConfig(false, { apiKey: effectiveApiKey }).catch(() => void 0);
     const payload = {
       ...params,
-      event_id: eventId,
+      event_id: canonicalClientEventId,
       timestamp,
       input: sanitizeIngestText(params.input),
       output: sanitizeIngestText(params.output),
@@ -2480,6 +2665,7 @@ var AgentID = class {
           headers: {
             "Content-Type": "application/json",
             "x-agentid-api-key": effectiveApiKey,
+            "x-correlation-id": canonicalClientEventId,
             "X-AgentID-SDK-Version": AGENTID_SDK_VERSION_HEADER
           },
           body: JSON.stringify(payload),
@@ -2663,6 +2849,7 @@ var AgentID = class {
               return async (...args) => {
                 const normalizedCreateArgs = normalizeOpenAICreateArgs(args);
                 const req = normalizedCreateArgs?.[0] ?? {};
+                const pipelineStartedAt = Date.now();
                 const requestLevelApiKey = options.resolveApiKey?.(req) ?? options.apiKey ?? options.api_key;
                 const effectiveApiKey = this.resolveApiKey(requestLevelApiKey);
                 const requestOptions = { apiKey: effectiveApiKey };
@@ -2730,6 +2917,8 @@ var AgentID = class {
                 }
                 const canonicalClientEventId = typeof verdict.client_event_id === "string" && isUuidLike(verdict.client_event_id) ? verdict.client_event_id : clientEventId;
                 const guardEventId = typeof verdict.guard_event_id === "string" && verdict.guard_event_id.length > 0 ? verdict.guard_event_id : null;
+                const guardLatencyMs = typeof verdict.guard_latency_ms === "number" && Number.isFinite(verdict.guard_latency_ms) ? Math.max(0, Math.trunc(verdict.guard_latency_ms)) : Math.max(0, Date.now() - pipelineStartedAt);
+                const transparency = coerceTransparencyMetadata(verdict.transparency);
                 const isShadowMode = verdict.shadow_mode === true;
                 const transformedInput = isShadowMode ? maskedText : typeof verdict.transformed_input === "string" && verdict.transformed_input.length > 0 ? verdict.transformed_input : maskedText;
                 if (transformedInput !== maskedText) {
@@ -2743,6 +2932,7 @@ var AgentID = class {
                   createArgs = nextCreateArgs;
                 }
                 if (stream) {
+                  const modelStartedAt2 = Date.now();
                   const streamResponse = await originalCreate.apply(compTarget, createArgs);
                   const wrappedCompletion = this.wrapCompletion(
                     isAsyncIterable(streamResponse) ? streamResponse : (async function* () {
@@ -2753,6 +2943,8 @@ var AgentID = class {
                   );
                   if (maskedText && wrappedCompletion.mode === "stream") {
                     void wrappedCompletion.done.then(async (result) => {
+                      const modelLatencyMs2 = Math.max(0, Date.now() - modelStartedAt2);
+                      const totalPipelineLatencyMs2 = Math.max(0, Date.now() - pipelineStartedAt);
                       const outputForLog = isShadowMode ? result.rawOutput : result.transformedOutput;
                       const ingestResult = await this.sendIngest({
                         event_id: canonicalClientEventId,
@@ -2762,7 +2954,7 @@ var AgentID = class {
                         output: outputForLog,
                         model: adapter.getModelName(maskedReq),
                         usage: void 0,
-                        latency: void 0,
+                        latency: modelLatencyMs2,
                         event_type: "complete",
                         metadata: {
                           transformed_input: maskedText,
@@ -2772,8 +2964,12 @@ var AgentID = class {
                           simulated_decision: verdict.simulated_decision ?? null,
                           simulated_output_decision: isShadowMode && result.outputMasked ? "masked" : "allowed",
                           response_streamed: true,
+                          guard_latency_ms: guardLatencyMs,
+                          model_latency_ms: modelLatencyMs2,
+                          total_pipeline_latency_ms: totalPipelineLatencyMs2,
                           guard_event_id: guardEventId,
-                          client_event_id: canonicalClientEventId
+                          client_event_id: canonicalClientEventId,
+                          transparency
                         },
                         client_capabilities: this.buildClientCapabilities("openai", false)
                       }, requestOptions);
@@ -2786,11 +2982,15 @@ var AgentID = class {
                       console.error("[AgentID] Stream completion wrapping failed:", error);
                     });
                   }
-                  return wrappedCompletion.mode === "stream" ? wrappedCompletion.completion : streamResponse;
+                  if (wrappedCompletion.mode === "stream") {
+                    return attachTransparencyMetadata(wrappedCompletion.completion, transparency);
+                  }
+                  return attachTransparencyMetadata(streamResponse, transparency);
                 }
-                const start = Date.now();
+                const modelStartedAt = Date.now();
                 const res = await originalCreate.apply(compTarget, createArgs);
-                const latency = Date.now() - start;
+                const modelLatencyMs = Math.max(0, Date.now() - modelStartedAt);
+                const totalPipelineLatencyMs = Math.max(0, Date.now() - pipelineStartedAt);
                 if (maskedText) {
                   const output = adapter.extractOutput(res);
                   const wrappedCompletion = this.wrapCompletion(output);
@@ -2805,7 +3005,7 @@ var AgentID = class {
                     output: outputForLog,
                     model,
                     usage,
-                    latency,
+                    latency: modelLatencyMs,
                     event_type: "complete",
                     metadata: {
                       transformed_input: maskedText,
@@ -2815,8 +3015,12 @@ var AgentID = class {
                       simulated_decision: verdict.simulated_decision ?? null,
                       simulated_output_decision: isShadowMode && wrappedCompletion.outputMasked ? "masked" : "allowed",
                       response_streamed: false,
+                      guard_latency_ms: guardLatencyMs,
+                      model_latency_ms: modelLatencyMs,
+                      total_pipeline_latency_ms: totalPipelineLatencyMs,
                       guard_event_id: guardEventId,
-                      client_event_id: canonicalClientEventId
+                      client_event_id: canonicalClientEventId,
+                      transparency
                     },
                     client_capabilities: this.buildClientCapabilities("openai", false)
                   }, requestOptions);
@@ -2843,7 +3047,7 @@ var AgentID = class {
                   } catch {
                   }
                 }
-                return res;
+                return attachTransparencyMetadata(res, transparency);
               };
             }
           });
@@ -2861,9 +3065,169 @@ var AgentID = class {
     });
   }
 };
+
+// src/transparency-badge.tsx
+var React = __toESM(require("react"));
+var import_jsx_runtime = require("react/jsx-runtime");
+var DEFAULT_MESSAGE = "You are interacting with an AI.";
+var DEFAULT_BASE_URL = "https://api.getagentid.com/v1";
+function resolveBadgeMessage(params) {
+  if (typeof params.message === "string" && params.message.trim().length > 0) {
+    return params.message.trim();
+  }
+  if (params.metadata?.disclosure) {
+    return params.metadata.disclosure;
+  }
+  return DEFAULT_MESSAGE;
+}
+function normalizeBaseUrl4(baseUrl) {
+  const candidate = typeof baseUrl === "string" && baseUrl.trim().length > 0 ? baseUrl.trim() : DEFAULT_BASE_URL;
+  return candidate.replace(/\/+$/, "");
+}
+function createEventId2() {
+  try {
+    if (typeof globalThis !== "undefined" && globalThis.crypto?.randomUUID) {
+      return globalThis.crypto.randomUUID();
+    }
+  } catch {
+  }
+  const seed = Math.random().toString(16).slice(2).padEnd(12, "0").slice(0, 12);
+  return `00000000-0000-4000-8000-${seed}`;
+}
+async function sendTransparencyBadgeRenderedTelemetry(params) {
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  const eventId = createEventId2();
+  const payload = {
+    event_id: eventId,
+    system_id: params.telemetry.systemId,
+    input: "__agentid_transparency_badge_rendered__",
+    output: params.disclosureText,
+    model: params.telemetry.model ?? "agentid-transparency-badge",
+    user_id: params.telemetry.userId,
+    event_type: "transparency_badge_rendered",
+    severity: "info",
+    timestamp,
+    metadata: {
+      compliance_event: "transparency_badge_rendered",
+      rendered_at: timestamp,
+      placement: params.placement,
+      disclosure_text: params.disclosureText,
+      ...params.telemetry.metadata ?? {}
+    }
+  };
+  const targetIngestUrl = typeof params.telemetry.ingestUrl === "string" && params.telemetry.ingestUrl.trim().length > 0 ? params.telemetry.ingestUrl.trim() : `${normalizeBaseUrl4(params.telemetry.baseUrl)}/ingest`;
+  const headers = {
+    "Content-Type": "application/json",
+    "X-AgentID-SDK-Version": "js-1.1.0",
+    ...params.telemetry.headers ?? {}
+  };
+  if (typeof params.telemetry.apiKey === "string" && params.telemetry.apiKey.trim().length > 0) {
+    headers["x-agentid-api-key"] = params.telemetry.apiKey.trim();
+  }
+  const response = await fetch(targetIngestUrl, {
+    method: "POST",
+    headers,
+    body: JSON.stringify(payload),
+    keepalive: true
+  });
+  if (!response.ok) {
+    throw new Error(
+      `AgentID transparency badge telemetry failed (status=${response.status})`
+    );
+  }
+}
+function AgentIDTransparencyBadge(props) {
+  const placement = props.placement ?? "chat-header";
+  const fixed = props.fixed ?? true;
+  const text = resolveBadgeMessage({
+    metadata: props.metadata,
+    message: props.message
+  });
+  const hasLoggedRenderRef = React.useRef(false);
+  React.useEffect(() => {
+    if (hasLoggedRenderRef.current) {
+      return;
+    }
+    hasLoggedRenderRef.current = true;
+    void sendTransparencyBadgeRenderedTelemetry({
+      telemetry: props.telemetry,
+      disclosureText: text,
+      placement
+    }).catch((error) => {
+      if (typeof props.telemetry.onError === "function") {
+        props.telemetry.onError(error);
+        return;
+      }
+      console.warn(error);
+    });
+  }, [placement, props.telemetry, text]);
+  const containerStyle = placement === "watermark-overlay" ? {
+    position: fixed ? "fixed" : "absolute",
+    right: 16,
+    bottom: 16,
+    zIndex: 2147483e3,
+    pointerEvents: "none",
+    opacity: 0.95
+  } : {
+    position: fixed ? "fixed" : "sticky",
+    top: 0,
+    left: 0,
+    right: 0,
+    zIndex: 2147483e3,
+    pointerEvents: "none"
+  };
+  const badgeStyle = placement === "watermark-overlay" ? {
+    display: "inline-flex",
+    alignItems: "center",
+    gap: 8,
+    background: "rgba(15, 23, 42, 0.9)",
+    color: "#f8fafc",
+    borderRadius: 9999,
+    padding: "8px 12px",
+    fontFamily: "ui-sans-serif, -apple-system, BlinkMacSystemFont, Segoe UI, Helvetica, Arial, sans-serif",
+    fontSize: 12,
+    fontWeight: 600,
+    boxShadow: "0 8px 24px rgba(15, 23, 42, 0.28)",
+    pointerEvents: "none"
+  } : {
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    gap: 8,
+    background: "#0f172a",
+    color: "#f8fafc",
+    borderBottom: "1px solid rgba(148, 163, 184, 0.35)",
+    padding: "9px 12px",
+    fontFamily: "ui-sans-serif, -apple-system, BlinkMacSystemFont, Segoe UI, Helvetica, Arial, sans-serif",
+    fontSize: 13,
+    fontWeight: 600,
+    pointerEvents: "none"
+  };
+  const iconStyle = {
+    width: 22,
+    height: 22,
+    minWidth: 22,
+    borderRadius: 9999,
+    background: "#2563eb",
+    color: "#eff6ff",
+    display: "inline-flex",
+    alignItems: "center",
+    justifyContent: "center",
+    fontSize: 10,
+    fontWeight: 800,
+    letterSpacing: 0.5,
+    lineHeight: 1,
+    border: "1px solid rgba(191, 219, 254, 0.55)"
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { className: props.className, style: containerStyle, "aria-live": "polite", role: "status", children: /* @__PURE__ */ (0, import_jsx_runtime.jsxs)("div", { style: badgeStyle, children: [
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)("span", { "aria-hidden": "true", style: iconStyle, children: "AI" }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)("span", { children: text })
+  ] }) });
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AgentID,
+  AgentIDTransparencyBadge,
   InjectionScanner,
   OpenAIAdapter,
   PIIManager,