agentid-sdk 0.1.36 → 0.1.38

package/dist/index.js

@@ -21,27 +21,105 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var index_exports = {};
 __export(index_exports, {
   AgentID: () => AgentID,
+  AgentIDWorkflowStep: () => AgentIDWorkflowStep,
+  AgentIDWorkflowTrail: () => AgentIDWorkflowTrail,
   DependencyError: () => DependencyError,
   InjectionScanner: () => InjectionScanner,
   OpenAIAdapter: () => OpenAIAdapter,
   PIIManager: () => PIIManager,
   SecurityBlockError: () => SecurityBlockError,
+  createAgentIdCorrelationId: () => createAgentIdCorrelationId,
+  createAgentIdOperationLog: () => createAgentIdOperationLog,
+  createAgentIdTelemetryContext: () => createAgentIdTelemetryContext,
+  createAgentIdWorkflowTrail: () => createAgentIdWorkflowTrail,
   getInjectionScanner: () => getInjectionScanner,
   scanWithRegex: () => scanWithRegex
 });
 module.exports = __toCommonJS(index_exports);
 
 // src/adapters.ts
+function getLastUserMessage(req) {
+  const messages = req?.messages;
+  if (!Array.isArray(messages)) return null;
+  let lastUser = null;
+  for (const msg of messages) {
+    if (msg && typeof msg === "object" && msg.role === "user") {
+      lastUser = msg;
+    }
+  }
+  return lastUser;
+}
+function normalizeFilename(value, fallback) {
+  if (typeof value !== "string") {
+    return fallback;
+  }
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : fallback;
+}
+function parseDataUrl(value) {
+  if (!value.startsWith("data:")) {
+    return null;
+  }
+  const commaIndex = value.indexOf(",");
+  if (commaIndex === -1) {
+    return null;
+  }
+  const header = value.slice(5, commaIndex);
+  if (!/;base64/i.test(header)) {
+    return null;
+  }
+  const mimeType = header.split(";")[0]?.trim().toLowerCase() || null;
+  return { mimeType };
+}
+function inferAttachmentExtension(mimeType) {
+  switch (mimeType) {
+    case "application/pdf":
+      return "pdf";
+    case "image/png":
+      return "png";
+    case "image/jpeg":
+      return "jpg";
+    case "image/webp":
+      return "webp";
+    case "image/gif":
+      return "gif";
+    case "text/plain":
+      return "txt";
+    default:
+      return "bin";
+  }
+}
+function defaultFilenameForMimeType(mimeType) {
+  return `attachment.${inferAttachmentExtension(mimeType)}`;
+}
+function normalizeFileAttachment(part) {
+  const file = part?.file;
+  const rawContent = typeof file?.file_data === "string" && file.file_data.trim().length > 0 ? file.file_data.trim() : null;
+  if (!rawContent) {
+    return null;
+  }
+  const detectedMimeType = parseDataUrl(rawContent)?.mimeType ?? null;
+  return {
+    filename: normalizeFilename(file?.filename, defaultFilenameForMimeType(detectedMimeType)),
+    ...detectedMimeType ? { mime_type: detectedMimeType } : {},
+    content_base64: rawContent
+  };
+}
+function normalizeImageAttachment(part) {
+  const imageUrl = typeof part?.image_url?.url === "string" && part.image_url.url.trim().length > 0 ? part.image_url.url.trim() : null;
+  if (!imageUrl || !imageUrl.startsWith("data:")) {
+    return null;
+  }
+  const detectedMimeType = parseDataUrl(imageUrl)?.mimeType ?? "image/png";
+  return {
+    filename: defaultFilenameForMimeType(detectedMimeType),
+    mime_type: detectedMimeType,
+    content_base64: imageUrl
+  };
+}
 var OpenAIAdapter = class {
   extractInput(req) {
-    const messages = req?.messages;
-    if (!Array.isArray(messages)) return null;
-    let lastUser = null;
-    for (const msg of messages) {
-      if (msg && typeof msg === "object" && msg.role === "user") {
-        lastUser = msg;
-      }
-    }
+    const lastUser = getLastUserMessage(req);
     if (!lastUser) return null;
     const content = lastUser.content;
     if (typeof content === "string") return content;
@@ -56,6 +134,34 @@ var OpenAIAdapter = class {
     }
     return null;
   }
+  extractAttachments(req) {
+    const lastUser = getLastUserMessage(req);
+    if (!lastUser) return [];
+    const content = lastUser?.content;
+    if (!Array.isArray(content)) {
+      return [];
+    }
+    const attachments = [];
+    for (const part of content) {
+      if (!part || typeof part !== "object") {
+        continue;
+      }
+      if (part.type === "file") {
+        const attachment = normalizeFileAttachment(part);
+        if (attachment) {
+          attachments.push(attachment);
+        }
+        continue;
+      }
+      if (part.type === "image_url") {
+        const attachment = normalizeImageAttachment(part);
+        if (attachment) {
+          attachments.push(attachment);
+        }
+      }
+    }
+    return attachments;
+  }
   getModelName(req, res) {
     const model = res?.model ?? req?.model ?? "unknown";
     return String(model);
@@ -75,7 +181,7 @@ var OpenAIAdapter = class {
 
 // src/sdk-version.ts
 var FALLBACK_SDK_VERSION = "js-0.0.0-dev";
-var AGENTID_SDK_VERSION_HEADER = "js-0.1.36".trim().length > 0 ? "js-0.1.36" : FALLBACK_SDK_VERSION;
+var AGENTID_SDK_VERSION_HEADER = "js-0.1.38".trim().length > 0 ? "js-0.1.38" : FALLBACK_SDK_VERSION;
 
 // src/pii-national-identifiers.ts
 var MAX_CANDIDATES_PER_RULE = 256;
@@ -939,8 +1045,173 @@ function detectNationalIdentifiers(text, options = {}) {
   return results;
 }
 
+// src/secret-patterns.ts
+var SDK_SECRET_PATTERN_DEFINITIONS = [
+  {
+    id: "openai_api_key",
+    placeholderType: "OPENAI_API_KEY",
+    patternSource: "\\bsk-(?:proj-)?[A-Za-z0-9_-]{20,}\\b",
+    flags: "iu",
+    prefilterTerms: ["sk-", "proj-", "openai"]
+  },
+  {
+    id: "aws_access_key",
+    placeholderType: "AWS_ACCESS_KEY",
+    patternSource: "\\b(?:AKIA|ASIA)[A-Z0-9]{16}\\b",
+    flags: "iu",
+    prefilterTerms: ["akia", "asia", "aws"]
+  },
+  {
+    id: "github_token",
+    placeholderType: "GITHUB_TOKEN",
+    patternSource: "\\b(?:gh[pousr]_[A-Za-z0-9]{24,255}|github_pat_[A-Za-z0-9_]{20,255})\\b",
+    flags: "iu",
+    prefilterTerms: ["ghp_", "gho_", "ghu_", "ghs_", "ghr_", "github_pat_"]
+  },
+  {
+    id: "slack_token",
+    placeholderType: "SLACK_TOKEN",
+    patternSource: "\\bxox(?:a|b|p|r|s)-[A-Za-z0-9-]{10,200}\\b",
+    flags: "iu",
+    prefilterTerms: ["xoxa-", "xoxb-", "xoxp-", "xoxr-", "xoxs-", "slack"]
+  },
+  {
+    id: "slack_webhook_url",
+    placeholderType: "SLACK_WEBHOOK_URL",
+    patternSource: "https:\\/\\/hooks\\.slack\\.com\\/services\\/[A-Za-z0-9/_-]{20,}",
+    flags: "iu",
+    prefilterTerms: ["hooks.slack.com/services", "slack"]
+  },
+  {
+    id: "discord_webhook_url",
+    placeholderType: "DISCORD_WEBHOOK_URL",
+    patternSource: "https:\\/\\/discord(?:app)?\\.com\\/api\\/webhooks\\/\\d+\\/[A-Za-z0-9_-]{16,}",
+    flags: "iu",
+    prefilterTerms: ["discord.com/api/webhooks", "discordapp.com/api/webhooks", "discord"]
+  },
+  {
+    id: "stripe_secret_key",
+    placeholderType: "STRIPE_SECRET_KEY",
+    patternSource: "\\b(?:sk|pk|ak|rk)_(?:live|test)_[A-Za-z0-9]+\\b",
+    flags: "iu",
+    prefilterTerms: [
+      "sk_live_",
+      "pk_live_",
+      "sk_test_",
+      "pk_test_",
+      "ak_live_",
+      "ak_test_",
+      "rk_live_",
+      "rk_test_",
+      "stripe"
+    ]
+  },
+  {
+    id: "google_api_key",
+    placeholderType: "GOOGLE_API_KEY",
+    patternSource: "\\bAIza[0-9A-Za-z_-]{35}\\b",
+    flags: "iu",
+    prefilterTerms: ["aiza", "google"]
+  },
+  {
+    id: "anthropic_api_key",
+    placeholderType: "ANTHROPIC_API_KEY",
+    patternSource: "\\bsk-ant-(?:api\\d{2}-)?[A-Za-z0-9_-]{20,}\\b",
+    flags: "iu",
+    prefilterTerms: ["sk-ant-", "anthropic"]
+  },
+  {
+    id: "evm_private_key",
+    placeholderType: "EVM_PRIVATE_KEY",
+    patternSource: "\\b0x[a-fA-F0-9]{64}\\b",
+    flags: "iu",
+    prefilterTerms: ["0x", "ethereum", "evm", "private key"]
+  },
+  {
+    id: "jwt_token",
+    placeholderType: "JWT_TOKEN",
+    patternSource: "\\beyJ[A-Za-z0-9_-]{6,}\\.[A-Za-z0-9_-]{8,}\\.[A-Za-z0-9_-]{8,}\\b",
+    flags: "iu",
+    prefilterTerms: ["eyj", "jwt", "bearer"]
+  },
+  {
+    id: "bearer_token",
+    placeholderType: "BEARER_TOKEN",
+    patternSource: "\\bauthorization\\b\\s*[:=]\\s*bearer\\s+[A-Za-z0-9._~+\\/-]{16,}|\\bbearer\\s+[A-Za-z0-9._~+\\/-]{24,}",
+    flags: "iu",
+    prefilterTerms: ["authorization", "bearer"]
+  },
+  {
+    id: "api_key_header",
+    placeholderType: "API_KEY_HEADER",
+    patternSource: "\\bx[-_]?api[-_]?key\\b\\s*[:=]\\s*[A-Za-z0-9._~+\\/-]{16,}",
+    flags: "iu",
+    prefilterTerms: ["x-api-key", "api-key", "x_api_key", "api_key"]
+  },
+  {
+    id: "credential_assignment",
+    placeholderType: "CREDENTIAL_ASSIGNMENT",
+    patternSource: `(?:\\b|["'])(?:api(?:[_-]?|\\s+)key|access(?:[_-]?|\\s+)token|auth(?:[_-]?|\\s+)token|client(?:[_-]?|\\s+)secret|private(?:[_-]?|\\s+)key)(?:\\b|["'])\\s*(?::|=|=>)\\s*(?:"[A-Za-z0-9._~+\\/=:-]{16,}"|'[A-Za-z0-9._~+\\/=:-]{16,}'|[A-Za-z0-9._~+\\/=:-]{16,})`,
+    flags: "iu",
+    prefilterTerms: [
+      "api key",
+      "apikey",
+      "api_key",
+      "access token",
+      "access_token",
+      "auth token",
+      "client secret",
+      "private key"
+    ]
+  },
+  {
+    id: "password_assignment",
+    placeholderType: "PASSWORD_ASSIGNMENT",
+    patternSource: `(?:\\b|["'])(?:password|passwd|pwd)(?:\\b|["'])\\s*(?:(?::|=|=>)|(?:is|are|was|were)\\b)\\s*(?:"[A-Za-z0-9._~!@#$%^&*+=\\/-]{8,}"|'[A-Za-z0-9._~!@#$%^&*+=\\/-]{8,}'|[A-Za-z0-9._~!@#$%^&*+=\\/-]{8,})`,
+    flags: "iu",
+    prefilterTerms: ["password", "passwd", "pwd"]
+  },
+  {
+    id: "private_key_material",
+    placeholderType: "PRIVATE_KEY_MATERIAL",
+    patternSource: "-----BEGIN (?:(?:RSA |EC |OPENSSH |DSA )?PRIVATE KEY|PGP PRIVATE KEY BLOCK|CERTIFICATE)-----[\\s\\S]{20,12000}(?:-----END (?:(?:RSA |EC |OPENSSH |DSA )?PRIVATE KEY|PGP PRIVATE KEY BLOCK|CERTIFICATE)-----|$)",
+    flags: "iu",
+    prefilterTerms: ["begin private key", "begin pgp private key block", "private key"]
+  },
+  {
+    id: "azure_connection_string",
+    placeholderType: "AZURE_CONNECTION_STRING",
+    patternSource: "\\bDefaultEndpointsProtocol=https;AccountName=[A-Za-z0-9.-]{3,};AccountKey=[A-Za-z0-9+/=]{20,}(?:;EndpointSuffix=[A-Za-z0-9.-]+)?\\b",
+    flags: "iu",
+    prefilterTerms: ["defaultendpointsprotocol", "accountname", "accountkey", "azure"]
+  },
+  {
+    id: "azure_sas_token",
+    placeholderType: "AZURE_SAS_TOKEN",
+    patternSource: "\\bsv=[^\\s&]{2,}&[^\\s]{0,200}\\bsig=[A-Za-z0-9%/+_-]{16,}",
+    flags: "iu",
+    prefilterTerms: ["sv=", "sig=", "accountkey", "azure"]
+  }
+];
+function ensureGlobalFlag(flags) {
+  const normalized = new Set(flags.split(""));
+  normalized.add("g");
+  return [...normalized].join("");
+}
+var COMPILED_SDK_SECRET_PATTERNS = SDK_SECRET_PATTERN_DEFINITIONS.map((definition) => ({
+  ...definition,
+  scanRegex: new RegExp(definition.patternSource, ensureGlobalFlag(definition.flags)),
+  prefilterTermsLower: definition.prefilterTerms.map((term) => term.toLowerCase())
+}));
+function getSdkSecretDetectionMatchers() {
+  return COMPILED_SDK_SECRET_PATTERNS;
+}
+
 // src/pii.ts
 var defaultScanDeadlineMs = 100;
+var sdkSecretMatchers = getSdkSecretDetectionMatchers();
+var DISCORD_WEBHOOK_TOKEN_RE = /https:\/\/discord(?:app)?\.com\/api\/webhooks\/\d+\/([A-Za-z0-9_-]{16,})/giu;
+var BASIC_AUTH_PASSWORD_RE = /\/\/[^:\s/?#@]+:([^@\s/?#]+)@/giu;
 function countDigits2(value) {
   let count = 0;
   for (const ch of value) {
@@ -965,15 +1236,32 @@ function luhnCheck(value) {
   return sum % 10 === 0;
 }
 function normalizeDetections(text, detections) {
-  const sorted = detections.filter((d) => d.start >= 0 && d.end > d.start && d.end <= text.length).sort((a, b) => a.start - b.start || b.end - b.start - (a.end - a.start));
+  const sorted = detections.filter((d) => d.start >= 0 && d.end > d.start && d.end <= text.length).sort(
+    (a, b) => detectionPriority(b.type) - detectionPriority(a.type) || a.start - b.start || b.end - b.start - (a.end - a.start)
+  );
   const kept = [];
-  let cursor = 0;
   for (const d of sorted) {
-    if (d.start < cursor) continue;
+    if (kept.some((candidate) => rangesOverlap(candidate, d))) continue;
     kept.push(d);
-    cursor = d.end;
   }
-  return kept;
+  return kept.sort((a, b) => a.start - b.start || a.end - b.end);
+}
+function rangesOverlap(left, right) {
+  return left.start < right.end && right.start < left.end;
+}
+function detectionPriority(type) {
+  if (/^(?:OPENAI_API_KEY|AWS_ACCESS_KEY|GITHUB_TOKEN|SLACK_TOKEN|SLACK_WEBHOOK_URL|DISCORD_WEBHOOK_URL|STRIPE_SECRET_KEY|GOOGLE_API_KEY|ANTHROPIC_API_KEY|EVM_PRIVATE_KEY|JWT_TOKEN|BEARER_TOKEN|API_KEY_HEADER|AZURE_CONNECTION_STRING|AZURE_SAS_TOKEN)$/u.test(
+    type
+  )) {
+    return 100;
+  }
+  if (/^(?:CREDENTIAL_ASSIGNMENT|PASSWORD_ASSIGNMENT|PRIVATE_KEY_MATERIAL|ENV_SECRET_ASSIGNMENT)$/u.test(type)) {
+    return 80;
+  }
+  if (type === "PERSON_NAME" || type === "PERSON") {
+    return 10;
+  }
+  return 50;
 }
 var PHONE_CONTEXT_KEYWORDS = [
   "tel",
@@ -1008,6 +1296,59 @@ var PHONE_CONTEXT_RE = new RegExp(
   "iu"
 );
 var PERSON_NAME_STOPWORDS = /* @__PURE__ */ new Set([
+  "name",
+  "names",
+  "namen",
+  "firstname",
+  "lastname",
+  "first",
+  "last",
+  "forename",
+  "surname",
+  "family",
+  "given",
+  "jmeno",
+  "jake",
+  "jaky",
+  "jaka",
+  "jsem",
+  "jsme",
+  "napsal",
+  "napsali",
+  "napsala",
+  "napsane",
+  "pouzil",
+  "pouzili",
+  "prijmeni",
+  "vorname",
+  "nachname",
+  "familienname",
+  "what",
+  "which",
+  "whose",
+  "did",
+  "we",
+  "write",
+  "wrote",
+  "written",
+  "type",
+  "typed",
+  "use",
+  "used",
+  "wie",
+  "welchen",
+  "welche",
+  "welches",
+  "haben",
+  "wir",
+  "geschrieben",
+  "getippt",
+  "quel",
+  "quelle",
+  "nom",
+  "que",
+  "cual",
+  "nombre",
   "write",
   "code",
   "script",
@@ -1034,6 +1375,52 @@ var PERSON_NAME_STOPWORDS = /* @__PURE__ */ new Set([
   "security",
   "instructions",
   "instruction",
+  "google",
+  "form",
+  "forms",
+  "engineering",
+  "leadership",
+  "weekly",
+  "daily",
+  "monthly",
+  "quarterly",
+  "sync",
+  "office",
+  "updates",
+  "update",
+  "meeting",
+  "meetings",
+  "agenda",
+  "minutes",
+  "subject",
+  "calendar",
+  "roadmap",
+  "platform",
+  "product",
+  "design",
+  "operations",
+  "business",
+  "newsletter",
+  "report",
+  "reports",
+  "amazon",
+  "web",
+  "services",
+  "aws",
+  "velka",
+  "transformace",
+  "project",
+  "projekt",
+  "program",
+  "initiative",
+  "iniciativa",
+  "migration",
+  "migrace",
+  "test",
+  "uuid",
+  "fixture",
+  "data",
+  "firma",
   "rules",
   "rule",
   "json",
@@ -1046,10 +1433,22 @@ var PERSON_NAME_STOPWORDS = /* @__PURE__ */ new Set([
   "agentid",
   "risk",
   "score",
-  "summary"
+  "summary",
+  "hi",
+  "hello",
+  "hey",
+  "dear",
+  "team",
+  "ahoj",
+  "dobry",
+  "dobryden",
+  "zdravim"
 ]);
 var TECHNICAL_CONTEXT_WORD_REGEX = /\b(?:curl|http|https|import|python|javascript|typescript|sql|nosql|mongo|database|query|script|code|os\.system|eval|exec|node|npm|api|endpoint|regex|json|xml|yaml|bash|powershell)\b/i;
 var TECHNICAL_CONTEXT_SYMBOL_REGEX = /:\/\/|`|\{|\}|\[|\]|\(|\)|;|\$|=>|::|\/\//;
+var NAME_LABEL_QUESTION_CONTEXT_REGEX = /\b(?:jak(?:e|y|a|ou)|kter(?:e|y|a|ou)|co|what|which|whose|wie|welch(?:e|er|es|en|em)?|quel(?:le|s|les)?|que|cual(?:es)?|wat|welke|jaki|jakie|jaka)\b[\s\S]{0,80}\b(?:jmeno|prijmeni|name|names|namen|nom|nombre|nome|naam|imie|nazwisko|meno)\b[\s\S]{0,96}\b(?:napsal\p{L}*|napsan\p{L}*|psal\p{L}*|pouzil\p{L}*|pouzili\p{L}*|write|wrote|written|type|typed|enter(?:ed)?|use(?:d)?|say|said|geschrieben|getippt|eingetragen|ecrit|escrib\p{L}*|scritt\p{L}*)\b/iu;
+var NAME_VALUE_ASSIGNMENT_BEFORE_CANDIDATE_REGEX = /(?:[:=]|=>|-|\b(?:is|was|je|jsou|jmenuje|called|named|ist|sind|lautet|est|es)\b)\s*$/iu;
+var BIRTH_NUMBER_CONTEXT_RE = /\b(?:rodn[eé]\s*(?:č[ií]slo|cislo)|r\.?\s*c\.?|birth\s+number)\b[^0-9]{0,80}(\d{6}(?:\/?\d{3,4})?)\b/giu;
 function hasPhoneContext(text, matchStartIndex, windowSize = 50) {
   const start = Math.max(0, matchStartIndex - windowSize);
   const windowLower = text.slice(start, matchStartIndex).toLowerCase();
@@ -1066,6 +1465,16 @@ function buildContextWindow(source, index, length) {
 function isTechnicalContext(contextWindow) {
   return TECHNICAL_CONTEXT_WORD_REGEX.test(contextWindow) || TECHNICAL_CONTEXT_SYMBOL_REGEX.test(contextWindow);
 }
+function isNameLabelQuestionContext(contextWindow) {
+  const normalized = normalizePersonWord(contextWindow);
+  if (!normalized.trim()) {
+    return false;
+  }
+  if (!NAME_LABEL_QUESTION_CONTEXT_REGEX.test(normalized)) {
+    return false;
+  }
+  return !NAME_VALUE_ASSIGNMENT_BEFORE_CANDIDATE_REGEX.test(normalized.slice(-32));
+}
 function isLikelyPersonNameCandidate(candidate, contextWindow) {
   const words = candidate.trim().split(/\s+/);
   if (words.length !== 2) {
@@ -1074,6 +1483,9 @@ function isLikelyPersonNameCandidate(candidate, contextWindow) {
   if (isTechnicalContext(contextWindow)) {
     return false;
   }
+  if (isNameLabelQuestionContext(contextWindow)) {
+    return false;
+  }
   for (const rawWord of words) {
     const normalized = normalizePersonWord(rawWord);
     if (normalized.length < 2) {
@@ -1094,63 +1506,135 @@ var PIIManager = class {
    *
    * Zero-dependency fallback with strict checksum validation for CEE national IDs.
    */
-  anonymize(text) {
+  anonymize(text, options) {
     if (!text) return { maskedText: text, mapping: {} };
     try {
       const detections = [];
-      const emailRe = /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi;
-      for (const m of text.matchAll(emailRe)) {
-        if (m.index == null) continue;
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "EMAIL", text: m[0] });
-      }
-      const ibanRe = /\b[A-Z]{2}\d{2}[A-Z0-9]{11,30}\b/gi;
-      for (const m of text.matchAll(ibanRe)) {
-        if (m.index == null) continue;
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "IBAN", text: m[0] });
-      }
-      const ccRe = /(?:\b\d[\d -]{10,22}\d\b)/g;
-      for (const m of text.matchAll(ccRe)) {
-        if (m.index == null) continue;
-        const digits = countDigits2(m[0]);
-        if (digits < 12 || digits > 19) continue;
-        if (!luhnCheck(m[0])) continue;
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "CREDIT_CARD", text: m[0] });
+      const loweredText = text.toLowerCase();
+      const resolvedOptions = {
+        pii: options?.pii !== false,
+        secrets: options?.secrets !== false
+      };
+      if (!resolvedOptions.pii && !resolvedOptions.secrets) {
+        return { maskedText: text, mapping: {} };
       }
-      const phoneRe = /(?<!\d)(?:\+?\d[\d\s().-]{7,}\d)(?!\d)/g;
-      for (const m of text.matchAll(phoneRe)) {
-        if (m.index == null) continue;
-        const candidate = m[0];
-        const digits = countDigits2(candidate);
-        if (digits < 9 || digits > 15) continue;
-        const isStrongInternational = candidate.startsWith("+") || candidate.startsWith("00");
-        if (!isStrongInternational) {
-          const hasContext = hasPhoneContext(text, m.index);
-          if (!hasContext) continue;
+      if (resolvedOptions.pii) {
+        const emailRe = /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi;
+        for (const m of text.matchAll(emailRe)) {
+          if (m.index == null) continue;
+          detections.push({ start: m.index, end: m.index + m[0].length, type: "EMAIL", text: m[0] });
         }
-        detections.push({ start: m.index, end: m.index + m[0].length, type: "PHONE", text: m[0] });
-      }
-      const personRe = /(?<!\p{L})\p{Lu}\p{Ll}{2,}\s+\p{Lu}\p{Ll}{2,}(?!\p{L})/gu;
-      for (const m of text.matchAll(personRe)) {
-        if (m.index == null) continue;
-        const candidate = m[0];
-        const contextWindow = buildContextWindow(text, m.index, candidate.length);
-        if (!isLikelyPersonNameCandidate(candidate, contextWindow)) {
-          continue;
+        const ibanRe = /\b[A-Z]{2}\d{2}[A-Z0-9]{11,30}\b/gi;
+        for (const m of text.matchAll(ibanRe)) {
+          if (m.index == null) continue;
+          detections.push({ start: m.index, end: m.index + m[0].length, type: "IBAN", text: m[0] });
         }
-        detections.push({ start: m.index, end: m.index + candidate.length, type: "PERSON", text: candidate });
-      }
-      const nationalIdMatches = detectNationalIdentifiers(text, {
-        deadlineMs: defaultScanDeadlineMs,
-        allowContextBirthNumberFallback: false
-      });
-      for (const match of nationalIdMatches) {
-        if (match.start < 0 || match.end <= match.start) continue;
-        detections.push({
-          start: match.start,
-          end: match.end,
-          type: "NATIONAL_ID",
-          text: text.slice(match.start, match.end)
+        const ccRe = /(?:\b\d[\d -]{10,22}\d\b)/g;
+        for (const m of text.matchAll(ccRe)) {
+          if (m.index == null) continue;
+          const digits = countDigits2(m[0]);
+          if (digits < 12 || digits > 19) continue;
+          if (!luhnCheck(m[0])) continue;
+          detections.push({ start: m.index, end: m.index + m[0].length, type: "CREDIT_CARD", text: m[0] });
+        }
+        const phoneRe = /(?<!\d)(?:\+?\d[\d\s().-]{7,}\d)(?!\d)/g;
+        for (const m of text.matchAll(phoneRe)) {
+          if (m.index == null) continue;
+          const candidate = m[0];
+          const digits = countDigits2(candidate);
+          if (digits < 9 || digits > 15) continue;
+          const isStrongInternational = candidate.startsWith("+") || candidate.startsWith("00");
+          if (!isStrongInternational) {
+            const hasContext = hasPhoneContext(text, m.index);
+            if (!hasContext) continue;
+          }
+          detections.push({ start: m.index, end: m.index + m[0].length, type: "PHONE", text: m[0] });
+        }
+        const personRe = /(?<!\p{L})\p{Lu}\p{Ll}{2,}\s+\p{Lu}\p{Ll}{2,}(?!\p{L})/gu;
+        for (const m of text.matchAll(personRe)) {
+          if (m.index == null) continue;
+          const candidate = m[0];
+          const contextWindow = buildContextWindow(text, m.index, candidate.length);
+          if (!isLikelyPersonNameCandidate(candidate, contextWindow)) {
+            continue;
+          }
+          detections.push({ start: m.index, end: m.index + candidate.length, type: "PERSON", text: candidate });
+        }
+        BIRTH_NUMBER_CONTEXT_RE.lastIndex = 0;
+        for (const match of text.matchAll(BIRTH_NUMBER_CONTEXT_RE)) {
+          if (match.index == null) continue;
+          const value = match[1] ?? "";
+          if (!/^\d{6}(?:\/?\d{3,4})?$/.test(value)) continue;
+          const localIndex = match[0].lastIndexOf(value);
+          const start = match.index + Math.max(0, localIndex);
+          detections.push({
+            start,
+            end: start + value.length,
+            type: "BIRTH_NUMBER",
+            text: value
+          });
+        }
+        const nationalIdMatches = detectNationalIdentifiers(text, {
+          deadlineMs: defaultScanDeadlineMs,
+          allowContextBirthNumberFallback: false
         });
+        for (const match of nationalIdMatches) {
+          if (match.start < 0 || match.end <= match.start) continue;
+          detections.push({
+            start: match.start,
+            end: match.end,
+            type: "NATIONAL_ID",
+            text: text.slice(match.start, match.end)
+          });
+        }
+      }
+      if (resolvedOptions.secrets) {
+        BASIC_AUTH_PASSWORD_RE.lastIndex = 0;
+        for (const match of text.matchAll(BASIC_AUTH_PASSWORD_RE)) {
+          if (match.index == null) continue;
+          const password = match[1] ?? "";
+          if (!password) continue;
+          const localIndex = match[0].lastIndexOf(password);
+          const start = match.index + Math.max(0, localIndex);
+          detections.push({
+            start,
+            end: start + password.length,
+            type: "BASIC_AUTH_PASSWORD",
+            text: password
+          });
+        }
+        DISCORD_WEBHOOK_TOKEN_RE.lastIndex = 0;
+        for (const match of text.matchAll(DISCORD_WEBHOOK_TOKEN_RE)) {
+          if (match.index == null) continue;
+          const token = match[1] ?? "";
+          if (!token) continue;
+          const localIndex = match[0].lastIndexOf(token);
+          const start = match.index + Math.max(0, localIndex);
+          detections.push({
+            start,
+            end: start + token.length,
+            type: "DISCORD_WEBHOOK_TOKEN",
+            text: token
+          });
+        }
+        for (const matcher of sdkSecretMatchers) {
+          if (matcher.id === "discord_webhook_url") {
+            continue;
+          }
+          if (matcher.prefilterTermsLower.length > 0 && !matcher.prefilterTermsLower.some((term) => loweredText.includes(term))) {
+            continue;
+          }
+          matcher.scanRegex.lastIndex = 0;
+          for (const match of text.matchAll(matcher.scanRegex)) {
+            if (match.index == null) continue;
+            detections.push({
+              start: match.index,
+              end: match.index + match[0].length,
+              type: matcher.placeholderType,
+              text: match[0]
+            });
+          }
+        }
       }
       const kept = normalizeDetections(text, detections);
       if (!kept.length) return { maskedText: text, mapping: {} };
@@ -1196,6 +1680,8 @@ var DEFAULT_FAIL_OPEN_CONFIG = {
   inject_transparency_metadata: false,
   block_pii_leakage: false,
   enable_sdk_pii_masking: false,
+  block_secret_leakage: false,
+  enable_sdk_secret_masking: false,
   block_db_access: false,
   block_code_execution: false,
   block_toxicity: false
@@ -1237,11 +1723,11 @@ function detectCapabilityViolation(text, config) {
   }
   return null;
 }
-function redactPiiStrict(pii, text) {
+function redactPiiStrict(pii, text, options) {
   if (!text) {
     return { redactedText: text, changed: false };
   }
-  const masked = pii.anonymize(text);
+  const masked = pii.anonymize(text, options);
   let redactedText = masked.maskedText;
   const placeholders = Object.keys(masked.mapping).sort((a, b) => b.length - a.length);
   for (const placeholder of placeholders) {
@@ -1270,7 +1756,7 @@ var LocalSecurityEnforcer = class {
         `AgentID: Security policy blocked (${violationType})`
       );
     }
-    if (!config.block_pii_leakage) {
+    if (!config.block_pii_leakage && !config.block_secret_leakage) {
       return {
         sanitizedInput: input,
         events: []
@@ -1280,10 +1766,13 @@ var LocalSecurityEnforcer = class {
       throw new SecurityPolicyViolationError(
         "PII_LEAKAGE_STRICT",
         "BLOCKED",
-        "AgentID: Streaming is not supported when Strict PII Mode is enabled. Please disable streaming or adjust security settings."
+        "AgentID: Streaming is not supported when strict masking/blocking mode is enabled. Please disable streaming or adjust security settings."
       );
     }
-    const strictRedaction = redactPiiStrict(this.pii, input);
+    const strictRedaction = redactPiiStrict(this.pii, input, {
+      pii: config.block_pii_leakage,
+      secrets: config.block_secret_leakage
+    });
     return {
       sanitizedInput: strictRedaction.redactedText,
       events: strictRedaction.changed ? [
@@ -1409,6 +1898,16 @@ function normalizeCapabilityConfig(payload) {
       "enable_sdk_pii_masking",
       false
     ),
+    block_secret_leakage: readOptionalBooleanField(
+      body,
+      "block_secret_leakage",
+      false
+    ),
+    enable_sdk_secret_masking: readOptionalBooleanField(
+      body,
+      "enable_sdk_secret_masking",
+      false
+    ),
     block_db_access: readBooleanField(body, "block_db_access", "block_db"),
     block_code_execution: readBooleanField(
       body,
@@ -2069,14 +2568,14 @@ async function reportSecurityEvent(options) {
   const inputValue = options.storePii ? snippet : snippetHash;
   const eventId = createEventId(options.eventId ?? options.clientEventId);
   const metadata = {
+    ...options.telemetryMetadata ?? {},
     source: options.source,
     detector: options.detector,
     trigger_rule: options.triggerRule,
     language: options.language,
     ai_scan_status: options.aiStatus ?? null,
     reason: options.reason ?? null,
-    client_event_id: eventId,
-    ...options.telemetryMetadata ?? {}
+    client_event_id: eventId
   };
   if (options.storePii) {
     metadata.snippet = snippet;
@@ -2248,9 +2747,18 @@ var INGEST_MAX_ATTEMPTS = 3;
 var INGEST_RETRY_DELAYS_MS = [250, 500];
 var GUARD_VERDICT_CACHE_TTL_MS = 0;
 var MAX_INGEST_TEXT_CHARS = 32e3;
+var OPENAI_TELEMETRY_FIELD = "agentid_telemetry";
 function normalizeBaseUrl3(baseUrl) {
   return baseUrl.replace(/\/+$/, "");
 }
+function firstNonEmptyString(...values) {
+  for (const value of values) {
+    if (typeof value === "string" && value.trim().length > 0) {
+      return value.trim();
+    }
+  }
+  return void 0;
+}
 function isAbortSignalLike(value) {
   if (!value || typeof value !== "object") return false;
   const candidate = value;
@@ -2412,6 +2920,424 @@ function createCorrelationId(seed) {
   }
   return createPseudoUuidV42();
 }
+function getObjectString(value, ...keys) {
+  for (const key of keys) {
+    const candidate = value?.[key];
+    if (typeof candidate === "string" && candidate.trim().length > 0) {
+      return candidate.trim();
+    }
+  }
+  return void 0;
+}
+function getObjectNumber(value, ...keys) {
+  for (const key of keys) {
+    const candidate = value?.[key];
+    if (typeof candidate === "number" && Number.isFinite(candidate)) {
+      return candidate;
+    }
+    if (typeof candidate === "string" && candidate.trim().length > 0) {
+      const parsed = Number(candidate);
+      if (Number.isFinite(parsed)) {
+        return parsed;
+      }
+    }
+  }
+  return void 0;
+}
+function normalizeTelemetryString(value) {
+  return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
+}
+function normalizeTelemetryCategory(value) {
+  const normalized = normalizeTelemetryString(value);
+  if (!normalized) return void 0;
+  return normalized.toLowerCase().replace(/[\s-]+/g, "_");
+}
+function toSnakeToken(value) {
+  return value.trim().replace(/([a-z0-9])([A-Z])/g, "$1_$2").replace(/[^a-zA-Z0-9]+/g, "_").replace(/^_+|_+$/g, "").replace(/_+/g, "_").toLowerCase();
+}
+function hasUsageSignals(value) {
+  if (!value) return false;
+  for (const entry of Object.values(value)) {
+    if (typeof entry === "number" && Number.isFinite(entry) && entry > 0) {
+      return true;
+    }
+    if (typeof entry === "string" && entry.trim().length > 0) {
+      const parsed = Number(entry);
+      if (Number.isFinite(parsed) && parsed > 0) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+function truncatePromptPreflightPreview(value, maxChars = 280) {
+  const normalized = value.trim();
+  if (normalized.length <= maxChars) {
+    return normalized;
+  }
+  return `${normalized.slice(0, Math.max(0, maxChars - 1)).trimEnd()}\u2026`;
+}
+function formatPromptPreflightReason(reason) {
+  const normalized = normalizeTelemetryString(reason);
+  if (!normalized) {
+    return void 0;
+  }
+  return normalized.replace(/[_-]+/g, " ");
+}
+function summarizePromptPreflightResult(params) {
+  const reason = formatPromptPreflightReason(
+    params.localFallbackApplied ? params.localFallbackReason ?? void 0 : params.verdict.reason
+  ) ?? "policy evaluation";
+  if (!params.verdict.allowed && !params.localFallbackApplied) {
+    return `Blocked the prompt before model execution because ${reason}.`;
+  }
+  if (params.localFallbackApplied) {
+    return `Guard preflight degraded, so the SDK applied local fallback checks before model execution (${reason}).`;
+  }
+  if (params.verdict.shadow_mode && params.verdict.shadow_blocked) {
+    return "Evaluated the prompt in shadow mode before model execution; shadow policy would have blocked it.";
+  }
+  if (params.verdict.simulated_decision === "masked" || params.verdict.detected_pii) {
+    return "Evaluated the prompt before model execution and masked sensitive content where needed.";
+  }
+  return "Evaluated the prompt and attachments against guardrails before model execution.";
+}
+function buildPromptPreflightTelemetry(params) {
+  const baseTelemetry = createAgentIdTelemetryContext(params.telemetry);
+  const baseStepName = firstNonEmptyString(
+    baseTelemetry?.workflow_step_name,
+    baseTelemetry?.workflowStepName
+  );
+  const stepName = baseStepName ? `${toSnakeToken(baseStepName)}_preflight` : "prompt_preflight";
+  const summary = summarizePromptPreflightResult({
+    verdict: params.verdict,
+    localFallbackApplied: params.local_fallback_applied,
+    localFallbackReason: params.local_fallback_reason
+  });
+  return mergeTelemetryContexts(baseTelemetry, {
+    workflow_step_id: createAgentIdCorrelationId(),
+    workflow_step_name: stepName,
+    event_title: "Prompt Preflight Evaluated",
+    event_category: "guard",
+    event_subtype: "prompt_preflight_evaluated",
+    event_status: !params.verdict.allowed && !params.local_fallback_applied ? "blocked" : "completed",
+    step_summary: summary,
+    input_preview: truncatePromptPreflightPreview(params.input),
+    output_preview: summary,
+    runtime_surface: params.runtime_surface ?? "openai_sdk_guard",
+    guard_event_id: params.guard_event_id ?? void 0,
+    guard_latency_ms: params.guard_latency_ms ?? void 0,
+    preflight_for_client_event_id: params.preflight_for_client_event_id,
+    preflight_logged_via_sdk: true,
+    lifecycle_status: "preflight_only"
+  });
+}
+function inferOperationCategory(telemetry, eventType) {
+  const explicitCategory = normalizeTelemetryCategory(
+    telemetry?.event_category ?? telemetry?.eventCategory
+  );
+  if (explicitCategory === "ai" || explicitCategory === "llm" || explicitCategory === "inference") {
+    return "ai";
+  }
+  if (explicitCategory === "guard" || explicitCategory === "security") {
+    return "guard";
+  }
+  if (explicitCategory === "tool") return "tool";
+  if (explicitCategory === "delivery" || explicitCategory === "send") return "delivery";
+  if (explicitCategory === "inbox" || explicitCategory === "reply") return "inbox";
+  if (explicitCategory === "workflow" || explicitCategory === "agent") return "workflow";
+  if (explicitCategory === "compliance" || explicitCategory === "transparency") {
+    return "compliance";
+  }
+  if (explicitCategory === "operational" || explicitCategory === "ops") {
+    return "operational";
+  }
+  const haystack = [
+    eventType,
+    telemetry?.event_subtype,
+    telemetry?.eventSubtype,
+    telemetry?.tool_name,
+    telemetry?.toolName,
+    telemetry?.tool_target_type,
+    telemetry?.toolTargetType,
+    telemetry?.workflow_name,
+    telemetry?.workflowName,
+    telemetry?.workflow_step_name,
+    telemetry?.workflowStepName,
+    getObjectString(telemetry, "operation_family", "domain")
+  ].filter((entry) => typeof entry === "string" && entry.trim().length > 0).join(" ").replace(/[_./-]+/g, " ").toLowerCase();
+  if (/\b(llm|ai|inference|completion|summary|classification|draft)\b/.test(haystack)) {
+    return "ai";
+  }
+  if (/\b(guard|security|policy|pii|prompt[_ ]?injection|review)\b/.test(haystack)) {
+    return "guard";
+  }
+  if (/\b(reply|inbox|inbound|received|bounce|opened|followup)\b/.test(haystack)) {
+    return "inbox";
+  }
+  if (/\b(email|mail|send|delivery|delivered|slack|sms|webhook|notification)\b/.test(haystack)) {
+    return "delivery";
+  }
+  if (/\b(workflow|step|run|agent)\b/.test(haystack)) {
+    return "workflow";
+  }
+  if (/\b(compliance|transparency|audit|evidence)\b/.test(haystack)) {
+    return "compliance";
+  }
+  if (/\b(tool|lookup|search|query|retrieve|fetch|crm|invoice|payment|ledger|expense|payroll|tax|finance|cv|resume|candidate|applicant|recruit|interview|screen|document|file|attachment|extract|parse|ocr|classify|sync|import|export|record|database|sql|shell|terminal|script)\b/.test(
+    haystack
+  )) {
+    return "tool";
+  }
+  return "operational";
+}
+function inferOperationStatus(params) {
+  const explicitStatus = normalizeTelemetryString(params.eventStatus)?.toLowerCase();
+  if (explicitStatus === "started" || explicitStatus === "completed" || explicitStatus === "failed") {
+    return explicitStatus;
+  }
+  if (explicitStatus === "blocked" || explicitStatus === "skipped") {
+    return explicitStatus;
+  }
+  const normalizedEventType = normalizeTelemetryString(params.eventType)?.toLowerCase();
+  if (normalizedEventType === "start") return "started";
+  if (normalizedEventType === "error") return "failed";
+  if (normalizedEventType === "security_block") return "blocked";
+  if (normalizedEventType === "human_override") return "completed";
+  if (normalizedEventType === "complete") return "completed";
+  return params.severity === "error" ? "failed" : "completed";
+}
+function deriveOperationEventType(params) {
+  const explicit = normalizeTelemetryString(params.explicitEventType);
+  if (explicit) {
+    return explicit;
+  }
+  if (params.status === "started") return "start";
+  if (params.status === "failed") return "error";
+  if (params.status === "blocked") {
+    return params.category === "guard" ? "security_block" : "error";
+  }
+  return "complete";
+}
+function deriveSubtypeBase(telemetry) {
+  const toolName = normalizeTelemetryString(telemetry?.tool_name ?? telemetry?.toolName);
+  if (toolName) {
+    const tokens = toSnakeToken(toolName).split("_").filter(Boolean);
+    if (tokens.length > 1 && ["workflow", "agent", "operation", "ops", "hr", "finance", "compliance"].includes(tokens[0])) {
+      return tokens.slice(1).join("_");
+    }
+    return tokens.join("_");
+  }
+  const workflowName = normalizeTelemetryString(
+    telemetry?.workflow_step_name ?? telemetry?.workflowStepName ?? telemetry?.workflow_name ?? telemetry?.workflowName
+  );
+  if (workflowName) {
+    return toSnakeToken(workflowName);
+  }
+  return void 0;
+}
+function deriveOperationSubtype(params) {
+  const explicitSubtype = normalizeTelemetryString(params.explicitSubtype);
+  if (explicitSubtype) {
+    return toSnakeToken(explicitSubtype);
+  }
+  const base = deriveSubtypeBase(params.telemetry);
+  const suffix = params.status === "started" ? "started" : params.status === "failed" ? "failed" : params.status === "blocked" ? "blocked" : params.status === "skipped" ? "skipped" : "completed";
+  if (base) {
+    return `${base}_${suffix}`;
+  }
+  if (params.eventType === "start") return `${params.category}_started`;
+  if (params.eventType === "error") return `${params.category}_failed`;
+  if (params.eventType === "security_block") return `${params.category}_blocked`;
+  return `${params.category}_completed`;
+}
+function inferOperationSeverity(params) {
+  if (params.explicitSeverity) {
+    return params.explicitSeverity;
+  }
+  if (params.status === "failed" || params.status === "blocked") {
+    return "error";
+  }
+  if (params.status === "skipped") {
+    return "warning";
+  }
+  return "info";
+}
+function createAgentIdCorrelationId(seed) {
+  return createCorrelationId(seed);
+}
+function createAgentIdTelemetryContext(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return void 0;
+  }
+  const raw = { ...value };
+  const normalized = {};
+  const assignString = (key, ...aliases) => {
+    const next = getObjectString(raw, key, ...aliases);
+    if (next) {
+      normalized[key] = next;
+    }
+  };
+  const assignNumber = (key, ...aliases) => {
+    const next = getObjectNumber(raw, key, ...aliases);
+    if (typeof next === "number") {
+      normalized[key] = next;
+    }
+  };
+  assignString("workflow_id", "workflowId");
+  assignString("workflow_run_id", "workflowRunId");
+  assignString("workflow_step_id", "workflowStepId");
+  assignString("workflow_name", "workflowName");
+  assignString("workflow_step_name", "workflowStepName");
+  assignNumber("workflow_step_index", "workflowStepIndex");
+  assignString("parent_event_id", "parentEventId");
+  assignString("tool_name", "toolName");
+  assignString("tool_target", "toolTarget");
+  assignString("tool_target_type", "toolTargetType");
+  assignString("event_title", "eventTitle");
+  assignString("event_status", "eventStatus");
+  assignString("event_category", "eventCategory");
+  assignString("event_subtype", "eventSubtype");
+  const consumedKeys = /* @__PURE__ */ new Set([
+    "workflow_id",
+    "workflowId",
+    "workflow_run_id",
+    "workflowRunId",
+    "workflow_step_id",
+    "workflowStepId",
+    "workflow_name",
+    "workflowName",
+    "workflow_step_name",
+    "workflowStepName",
+    "workflow_step_index",
+    "workflowStepIndex",
+    "parent_event_id",
+    "parentEventId",
+    "tool_name",
+    "toolName",
+    "tool_target",
+    "toolTarget",
+    "tool_target_type",
+    "toolTargetType",
+    "event_title",
+    "eventTitle",
+    "event_status",
+    "eventStatus",
+    "event_category",
+    "eventCategory",
+    "event_subtype",
+    "eventSubtype"
+  ]);
+  for (const [key, entry] of Object.entries(raw)) {
+    if (consumedKeys.has(key) || entry === void 0) {
+      continue;
+    }
+    if (typeof entry === "string") {
+      if (entry.trim().length > 0) {
+        normalized[key] = entry.trim();
+      }
+      continue;
+    }
+    normalized[key] = entry;
+  }
+  if (typeof normalized.workflow_id !== "string" && typeof normalized.workflow_run_id === "string") {
+    normalized.workflow_id = normalized.workflow_run_id;
+  }
+  return Object.keys(normalized).length > 0 ? normalized : void 0;
+}
+function createAgentIdOperationLog(params) {
+  const telemetry = createAgentIdTelemetryContext(params.telemetry);
+  const category = inferOperationCategory(
+    createAgentIdTelemetryContext({
+      ...telemetry ?? {},
+      event_category: params.event_category ?? telemetry?.event_category
+    }),
+    params.event_type
+  );
+  const status = inferOperationStatus({
+    eventStatus: normalizeTelemetryString(params.event_status) ?? normalizeTelemetryString(telemetry?.event_status ?? telemetry?.eventStatus),
+    eventType: params.event_type,
+    severity: params.severity
+  });
+  const eventType = deriveOperationEventType({
+    explicitEventType: params.event_type,
+    status,
+    category
+  });
+  const subtype = deriveOperationSubtype({
+    explicitSubtype: normalizeTelemetryString(params.event_subtype) ?? normalizeTelemetryString(telemetry?.event_subtype ?? telemetry?.eventSubtype),
+    telemetry,
+    category,
+    status,
+    eventType
+  });
+  const severity = inferOperationSeverity({
+    explicitSeverity: params.severity,
+    status
+  });
+  const usage = params.usage;
+  const clientEventId = normalizeTelemetryString(params.client_event_id) ?? normalizeTelemetryString(telemetry?.client_event_id);
+  const modelUsed = category === "ai" || hasUsageSignals(usage) || typeof params.model === "string" && params.model.trim().length > 0 && params.model.trim().toLowerCase() !== "not_applicable";
+  const metadata = {
+    ...params.metadata ?? {},
+    ...telemetry ?? {},
+    event_category: category,
+    event_subtype: subtype,
+    event_status: status,
+    status,
+    model_used: modelUsed,
+    spend_bearing: category === "ai" && hasUsageSignals(usage)
+  };
+  if (clientEventId && typeof metadata.client_event_id !== "string") {
+    metadata.client_event_id = clientEventId;
+  }
+  return {
+    event_id: normalizeTelemetryString(params.event_id) ?? createEventId2(),
+    system_id: params.system_id,
+    user_id: params.user_id,
+    request_identity: params.request_identity,
+    input: params.input ?? "",
+    output: params.output ?? "",
+    model: normalizeTelemetryString(params.model) ?? "not_applicable",
+    usage,
+    tokens: params.tokens,
+    latency: params.latency,
+    metadata,
+    event_type: eventType,
+    severity,
+    timestamp: params.timestamp,
+    client_capabilities: params.client_capabilities
+  };
+}
+function asTelemetryContext(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return void 0;
+  }
+  return createAgentIdTelemetryContext(value);
+}
+function mergeTelemetryContexts(...contexts) {
+  const merged = {};
+  let hasValues = false;
+  for (const context of contexts) {
+    if (!context) {
+      continue;
+    }
+    Object.assign(merged, createAgentIdTelemetryContext(context));
+    hasValues = true;
+  }
+  return hasValues ? createAgentIdTelemetryContext(merged) : void 0;
+}
+function extractRequestTelemetryContext(requestBody) {
+  return asTelemetryContext(requestBody[OPENAI_TELEMETRY_FIELD]);
+}
+function stripRequestTelemetryContext(requestBody) {
+  if (!Object.prototype.hasOwnProperty.call(requestBody, OPENAI_TELEMETRY_FIELD)) {
+    return requestBody;
+  }
+  const nextRequestBody = { ...requestBody };
+  delete nextRequestBody[OPENAI_TELEMETRY_FIELD];
+  return nextRequestBody;
+}
 async function waitForRetry(attemptIndex) {
   const delay = GUARD_RETRY_DELAYS_MS[attemptIndex];
   if (!delay) return;
@@ -2591,6 +3517,61 @@ function createStreamingPlaceholderRewriter(piiManager, mapping) {
     }
   };
 }
+var TYPED_PLACEHOLDER_RE = /<[A-Z][A-Z0-9_]*_\d+>/g;
+function derivePlaceholderMappingFromTransform(source, transformed) {
+  if (!source || !transformed || source === transformed) {
+    return {};
+  }
+  const placeholders = [...transformed.matchAll(TYPED_PLACEHOLDER_RE)].map((match) => ({
+    token: match[0],
+    start: match.index ?? 0,
+    end: (match.index ?? 0) + match[0].length
+  }));
+  if (placeholders.length === 0) {
+    return {};
+  }
+  const mapping = {};
+  let sourceCursor = 0;
+  let transformedCursor = 0;
+  for (const placeholder of placeholders) {
+    const literalBefore = transformed.slice(transformedCursor, placeholder.start);
+    if (literalBefore) {
+      const literalIndex = source.indexOf(literalBefore, sourceCursor);
+      if (literalIndex < 0) {
+        return {};
+      }
+      sourceCursor = literalIndex + literalBefore.length;
+    }
+    const nextPlaceholderStart = placeholders.find((candidate) => candidate.start > placeholder.start)?.start ?? transformed.length;
+    const literalAfter = transformed.slice(placeholder.end, nextPlaceholderStart);
+    const nextLiteralIndex = literalAfter ? source.indexOf(literalAfter, sourceCursor) : nextPlaceholderStart >= transformed.length ? source.length : sourceCursor;
+    if (nextLiteralIndex < sourceCursor) {
+      return {};
+    }
+    const originalValue = source.slice(sourceCursor, nextLiteralIndex);
+    if (originalValue.length > 0 && typeof mapping[placeholder.token] !== "string") {
+      mapping[placeholder.token] = originalValue;
+    }
+    sourceCursor = nextLiteralIndex;
+    transformedCursor = placeholder.end;
+  }
+  return mapping;
+}
+function mergePiiMappings(primary, fallback) {
+  const merged = { ...primary };
+  for (const [placeholder, value] of Object.entries(fallback)) {
+    if (typeof merged[placeholder] !== "string" && typeof value === "string") {
+      merged[placeholder] = value;
+    }
+  }
+  return merged;
+}
+function textContainsMappingPlaceholder(text, mapping) {
+  if (!text || !mapping) {
+    return false;
+  }
+  return Object.keys(mapping).some((placeholder) => placeholder.length > 0 && text.includes(placeholder));
+}
 var SecurityBlockError = class extends Error {
   constructor(reason = "guard_denied") {
     super(`AgentID: Security Blocked (${reason})`);
@@ -2615,6 +3596,7 @@ var AgentID = class {
     this.apiKey = resolveConfiguredApiKey(config.apiKey);
     this.baseUrl = normalizeBaseUrl3(config.baseUrl ?? "https://app.getagentid.com/api/v1");
     this.configuredPiiMasking = typeof config.piiMasking === "boolean" ? config.piiMasking : null;
+    this.configuredSecretMasking = typeof config.secretMasking === "boolean" ? config.secretMasking : null;
     this.checkInjection = config.checkInjection !== false;
     this.clientFastFail = config.clientFastFail === true || config.client_fast_fail === true;
     this.aiScanEnabled = config.aiScanEnabled !== false;
@@ -2636,11 +3618,26 @@ var AgentID = class {
   get piiMasking() {
     return this.configuredPiiMasking ?? void 0;
   }
+  get secretMasking() {
+    return this.configuredSecretMasking ?? void 0;
+  }
   resolveEffectivePiiMasking(config) {
+    if (config?.enable_sdk_pii_masking === true) {
+      return true;
+    }
     if (this.configuredPiiMasking !== null) {
       return this.configuredPiiMasking;
     }
-    return config?.enable_sdk_pii_masking === true;
+    return false;
+  }
+  resolveEffectiveSecretMasking(config) {
+    if (config?.enable_sdk_secret_masking === true || config?.enable_sdk_pii_masking === true) {
+      return true;
+    }
+    if (this.configuredSecretMasking !== null) {
+      return this.configuredSecretMasking;
+    }
+    return false;
   }
   getEffectivePiiMasking(options) {
     return this.resolveEffectivePiiMasking(this.getCachedCapabilityConfig(options));
@@ -2648,6 +3645,9 @@ var AgentID = class {
   getEffectivePiiMaskingForConfig(capabilityConfig) {
     return this.resolveEffectivePiiMasking(capabilityConfig);
   }
+  getEffectiveSecretMaskingForConfig(capabilityConfig) {
+    return this.resolveEffectiveSecretMasking(capabilityConfig);
+  }
   buildClientCapabilities(framework = "js_sdk", hasFeedbackHandler = false, capabilityConfig) {
     return {
       capabilities: {
@@ -2655,6 +3655,9 @@ var AgentID = class {
         pii_masking_enabled: this.resolveEffectivePiiMasking(
           capabilityConfig ?? this.getCachedCapabilityConfig()
         ),
+        secret_masking_enabled: this.resolveEffectiveSecretMasking(
+          capabilityConfig ?? this.getCachedCapabilityConfig()
+        ),
         framework
       }
     };
@@ -2794,10 +3797,13 @@ var AgentID = class {
         systemId: params.systemId,
         eventId: params.clientEventId,
         clientEventId: params.clientEventId,
-        telemetryMetadata: buildSdkTimingMetadata({
-          sdkConfigFetchMs: params.sdkConfigFetchMs,
-          sdkConfigVersion: params.capabilityConfig.version
-        })
+        telemetryMetadata: mergeTelemetryContexts(
+          params.telemetryMetadata,
+          buildSdkTimingMetadata({
+            sdkConfigFetchMs: params.sdkConfigFetchMs,
+            sdkConfigVersion: params.capabilityConfig.version
+          })
+        )
       });
     }
     try {
@@ -2814,7 +3820,8 @@ var AgentID = class {
           actionTaken: event.actionTaken,
           apiKey: params.apiKey,
           sdkConfigFetchMs: params.sdkConfigFetchMs,
-          sdkLocalScanMs
+          sdkLocalScanMs,
+          telemetryMetadata: params.telemetryMetadata
         });
       }
       return {
@@ -2829,7 +3836,8 @@ var AgentID = class {
           actionTaken: error.actionTaken,
           apiKey: params.apiKey,
           sdkConfigFetchMs: params.sdkConfigFetchMs,
-          sdkLocalScanMs: Math.max(0, Date.now() - localScanStartedAt)
+          sdkLocalScanMs: Math.max(0, Date.now() - localScanStartedAt),
+          telemetryMetadata: params.telemetryMetadata
         });
       }
       throw error;
@@ -2843,7 +3851,7 @@ var AgentID = class {
     );
     let sanitizedInput = params.input;
     let sdkLocalScanMs = 0;
-    if (this.configuredPiiMasking === null) {
+    if (this.configuredPiiMasking === null || this.configuredSecretMasking === null) {
       const refreshed = await this.refreshCapabilityConfigBeforeClientControl({
         capabilityConfig,
         sdkConfigFetchMs,
@@ -2854,8 +3862,12 @@ var AgentID = class {
     }
     if (!this.clientFastFail) {
       const effectivePiiMasking2 = this.resolveEffectivePiiMasking(capabilityConfig);
-      if (!capabilityConfig.block_pii_leakage && effectivePiiMasking2) {
-        const masked = this.pii.anonymize(sanitizedInput);
+      const effectiveSecretMasking2 = this.resolveEffectiveSecretMasking(capabilityConfig);
+      if (!capabilityConfig.block_pii_leakage && effectivePiiMasking2 || !capabilityConfig.block_secret_leakage && effectiveSecretMasking2) {
+        const masked = this.pii.anonymize(sanitizedInput, {
+          pii: !capabilityConfig.block_pii_leakage && effectivePiiMasking2,
+          secrets: !capabilityConfig.block_secret_leakage && effectiveSecretMasking2
+        });
         return {
           sanitizedInput: masked.maskedText,
           capabilityConfig,
@@ -2887,13 +3899,18 @@ var AgentID = class {
       apiKey: effectiveApiKey,
       clientEventId: params.clientEventId,
       sdkConfigFetchMs,
+      telemetryMetadata: params.telemetryMetadata,
       runPromptInjectionCheck: !params.skipInjectionScan
     });
     sanitizedInput = enforced.sanitizedInput;
     sdkLocalScanMs = enforced.sdkLocalScanMs;
     const effectivePiiMasking = this.resolveEffectivePiiMasking(capabilityConfig);
-    if (!capabilityConfig.block_pii_leakage && effectivePiiMasking) {
-      const masked = this.pii.anonymize(sanitizedInput);
+    const effectiveSecretMasking = this.resolveEffectiveSecretMasking(capabilityConfig);
+    if (!capabilityConfig.block_pii_leakage && effectivePiiMasking || !capabilityConfig.block_secret_leakage && effectiveSecretMasking) {
+      const masked = this.pii.anonymize(sanitizedInput, {
+        pii: !capabilityConfig.block_pii_leakage && effectivePiiMasking,
+        secrets: !capabilityConfig.block_secret_leakage && effectiveSecretMasking
+      });
       return {
         sanitizedInput: masked.maskedText,
         capabilityConfig,
@@ -2929,6 +3946,7 @@ var AgentID = class {
       apiKey: effectiveApiKey,
       clientEventId: params.clientEventId,
       sdkConfigFetchMs: refreshedConfig.sdkConfigFetchMs,
+      telemetryMetadata: params.telemetryMetadata,
       runPromptInjectionCheck: true
     });
     return {
@@ -2992,9 +4010,30 @@ var AgentID = class {
     if (!message || typeof message !== "object") {
       return req;
     }
+    const currentContent = message.content;
+    let nextContent = maskedText;
+    if (Array.isArray(currentContent)) {
+      let textReplaced = false;
+      const preservedParts = [];
+      for (const part of currentContent) {
+        if (!part || typeof part !== "object" || part.type !== "text" || typeof part.text !== "string") {
+          preservedParts.push(part);
+          continue;
+        }
+        if (textReplaced) {
+          continue;
+        }
+        textReplaced = true;
+        preservedParts.push({
+          ...part,
+          text: maskedText
+        });
+      }
+      nextContent = textReplaced ? preservedParts : [{ type: "text", text: maskedText }, ...currentContent];
+    }
     newMessages[lastUserIdx] = {
       ...message,
-      content: maskedText
+      content: nextContent
     };
     if (!req || typeof req !== "object") {
       return req;
@@ -3013,6 +4052,7 @@ var AgentID = class {
       event_type: "security_policy_violation",
       severity: "high",
       metadata: {
+        ...params.telemetryMetadata ?? {},
         event_type: "security_policy_violation",
         severity: "high",
         system_id: params.systemId,
@@ -3040,6 +4080,7 @@ var AgentID = class {
         event_type: "security_alert",
         severity: "warning",
         metadata: {
+          ...params.guardParams.metadata ?? {},
           source: "guard",
           status: params.status,
           guard_reason: params.reason,
@@ -3482,21 +4523,29 @@ var AgentID = class {
   wrapCompletion(completion, options) {
     if (typeof completion === "string") {
       const masked = this.pii.anonymize(completion);
+      const placeholderOutputMasked = textContainsMappingPlaceholder(
+        completion,
+        options?.piiMapping
+      );
       return {
         mode: "static",
         rawOutput: completion,
         transformedOutput: masked.maskedText,
-        outputMasked: masked.maskedText !== completion
+        outputMasked: masked.maskedText !== completion || placeholderOutputMasked
       };
     }
     if (!isAsyncIterable(completion)) {
       const asText = String(completion ?? "");
       const masked = this.pii.anonymize(asText);
+      const placeholderOutputMasked = textContainsMappingPlaceholder(
+        asText,
+        options?.piiMapping
+      );
       return {
         mode: "static",
         rawOutput: asText,
         transformedOutput: masked.maskedText,
-        outputMasked: masked.maskedText !== asText
+        outputMasked: masked.maskedText !== asText || placeholderOutputMasked
       };
     }
     const source = completion;
@@ -3506,8 +4555,10 @@ var AgentID = class {
     const isOpenAIStreamFinishChunk = this.isOpenAIStreamFinishChunk.bind(this);
     const rewriteOpenAIStreamChunkForClient = this.rewriteOpenAIStreamChunkForClient.bind(this);
     const createSyntheticOpenAIStreamChunk = this.createSyntheticOpenAIStreamChunk.bind(this);
+    const setOpenAIStreamChunkText = this.setOpenAIStreamChunkText.bind(this);
     const piiManager = this.pii;
     const streamRewriter = options?.deanonymizeForClient === true && options.piiMapping ? createStreamingPlaceholderRewriter(piiManager, options.piiMapping) : null;
+    const maskForClient = options?.maskForClient === true && streamRewriter === null;
     let lastUsage;
     let resolveDone = null;
     let rejectDone = null;
@@ -3520,12 +4571,17 @@ var AgentID = class {
         try {
           let finishChunkFlushed = false;
           let lastChunkTemplate;
+          let clientRawText = "";
+          let clientMaskFlushed = false;
           for await (const chunk of source) {
             const chunkText = extractStreamChunkText(chunk);
-            const isFinishChunk = streamRewriter ? isOpenAIStreamFinishChunk(chunk) : false;
+            const isFinishChunk = streamRewriter || maskForClient ? isOpenAIStreamFinishChunk(chunk) : false;
             if (chunkText) {
               await collector.push(chunkText);
               lastChunkTemplate = chunk;
+              if (maskForClient) {
+                clientRawText += chunkText;
+              }
             }
             const chunkUsage = extractStreamChunkUsage(chunk);
             if (chunkUsage) {
@@ -3545,6 +4601,28 @@ var AgentID = class {
               }
               continue;
             }
+            if (maskForClient) {
+              if (isFinishChunk) {
+                const maskedClientText = piiManager.anonymize(clientRawText).maskedText;
+                clientMaskFlushed = true;
+                if (maskedClientText.length > 0) {
+                  yield createSyntheticOpenAIStreamChunk(
+                    maskedClientText,
+                    lastChunkTemplate ?? chunk
+                  );
+                }
+                if (chunkText) {
+                  setOpenAIStreamChunkText(chunk, "");
+                }
+                yield chunk;
+                finishChunkFlushed = true;
+                continue;
+              }
+              if (!chunkText) {
+                yield chunk;
+              }
+              continue;
+            }
             yield chunk;
           }
           if (streamRewriter && !finishChunkFlushed) {
@@ -3556,14 +4634,27 @@ var AgentID = class {
               );
             }
           }
+          if (maskForClient && !clientMaskFlushed) {
+            const maskedClientText = piiManager.anonymize(clientRawText).maskedText;
+            if (maskedClientText.length > 0) {
+              yield createSyntheticOpenAIStreamChunk(
+                maskedClientText,
+                lastChunkTemplate
+              );
+            }
+          }
           await collector.close();
           const rawOutput = await collector.result;
           const masked = piiManager.anonymize(rawOutput);
+          const placeholderOutputMasked = textContainsMappingPlaceholder(
+            rawOutput,
+            options?.piiMapping
+          );
           resolveDone?.({
             mode: "static",
             rawOutput,
             transformedOutput: masked.maskedText,
-            outputMasked: masked.maskedText !== rawOutput,
+            outputMasked: masked.maskedText !== rawOutput || placeholderOutputMasked,
             usage: lastUsage
           });
         } catch (error) {
@@ -3598,6 +4689,37 @@ var AgentID = class {
       );
     }
   }
+  buildOperationLogParams(params) {
+    return createAgentIdOperationLog(params);
+  }
+  async logOperation(params, options) {
+    return this.log(this.buildOperationLogParams(params), options);
+  }
+  async logPromptPreflightStep(params, options) {
+    const telemetry = buildPromptPreflightTelemetry(params);
+    const summary = firstNonEmptyString(telemetry?.step_summary, telemetry?.stepSummary) ?? summarizePromptPreflightResult({
+      verdict: params.verdict,
+      localFallbackApplied: params.local_fallback_applied,
+      localFallbackReason: params.local_fallback_reason
+    });
+    await this.logOperation(
+      {
+        system_id: params.system_id,
+        user_id: params.user_id,
+        request_identity: params.request_identity,
+        input: params.input,
+        output: summary,
+        model: "not_applicable",
+        latency: params.guard_latency_ms ?? void 0,
+        telemetry,
+        client_capabilities: params.client_capabilities
+      },
+      options
+    );
+  }
+  operation(params, options) {
+    return this.logOperation(params, options);
+  }
   /**
    * Analytics alias for telemetry logging.
    */
@@ -3642,49 +4764,56 @@ var AgentID = class {
               if (typeof originalCreate !== "function") return originalCreate;
               return async (...args) => {
                 const normalizedCreateArgs = normalizeOpenAICreateArgs(args);
-                const req = normalizedCreateArgs?.[0] ?? {};
+                const rawReq = normalizedCreateArgs?.[0] ?? {};
+                const requestTelemetry = extractRequestTelemetryContext(rawReq);
+                const telemetryMetadata = mergeTelemetryContexts(
+                  options.telemetry,
+                  requestTelemetry
+                );
+                const providerReq = stripRequestTelemetryContext(rawReq);
                 const pipelineStartedAt = Date.now();
-                const requestLevelApiKey = options.resolveApiKey?.(req) ?? options.apiKey ?? options.api_key;
+                const requestLevelApiKey = options.resolveApiKey?.(rawReq) ?? options.apiKey ?? options.api_key;
                 const effectiveApiKey = this.resolveApiKey(requestLevelApiKey);
                 const requestOptions = { apiKey: effectiveApiKey };
-                const clientEventId = this.resolveClientEventId(req);
+                const clientEventId = this.resolveClientEventId(rawReq);
                 const effectiveStrictMode = await this.resolveEffectiveStrictMode(requestOptions);
-                const stream = adapter.isStream(req);
+                const stream = adapter.isStream(providerReq);
                 let capabilityConfig = this.getCachedCapabilityConfig(requestOptions);
-                const userText = adapter.extractInput(req);
-                let maskedText = userText;
-                let maskedReq = req;
-                let createArgs = normalizedCreateArgs;
+                const userText = adapter.extractInput(providerReq);
+                const requestAttachments = adapter.extractAttachments(providerReq);
+                const hasGuardContent = userText !== null || requestAttachments.length > 0;
+                let maskedText = userText ?? "";
+                let maskedReq = providerReq;
+                let createArgs = providerReq === rawReq ? normalizedCreateArgs : [{ ...providerReq }, ...normalizedCreateArgs.slice(1)];
                 let mapping = {};
-                let shouldDeanonymize = false;
                 let sdkConfigFetchMs = 0;
                 let sdkLocalScanMs = 0;
-                if (userText) {
+                if (hasGuardContent) {
                   const prepared = await this.prepareInputForDispatch({
-                    input: userText,
+                    input: userText ?? "",
                     systemId,
                     stream,
-                    clientEventId
+                    clientEventId,
+                    telemetryMetadata
                   }, requestOptions);
                   capabilityConfig = prepared.capabilityConfig;
                   maskedText = prepared.sanitizedInput;
                   mapping = prepared.piiMapping ?? {};
-                  shouldDeanonymize = prepared.shouldDeanonymize === true;
                   sdkConfigFetchMs = prepared.sdkConfigFetchMs ?? 0;
                   sdkLocalScanMs = prepared.sdkLocalScanMs ?? 0;
-                  if (maskedText !== userText) {
+                  if (maskedText !== (userText ?? "")) {
                     maskedReq = this.withMaskedOpenAIRequest(
-                      req,
+                      providerReq,
                       maskedText
                     );
-                    const nextCreateArgs = [...normalizedCreateArgs];
+                    const nextCreateArgs = [...createArgs];
                     nextCreateArgs[0] = maskedReq;
                     createArgs = nextCreateArgs;
                   }
                 }
-                if (!maskedText) {
+                if (!hasGuardContent) {
                   throw new Error(
-                    "AgentID: No user message found. Security guard requires string input."
+                    "AgentID: No user message or supported inline attachment found. Security guard requires prompt content."
                   );
                 }
                 const verdict = await this.guard({
@@ -3695,6 +4824,8 @@ var AgentID = class {
                   client_event_id: clientEventId,
                   expected_languages: expectedLanguages,
                   request_identity: options.request_identity,
+                  metadata: telemetryMetadata,
+                  attachments: requestAttachments,
                   client_capabilities: this.buildClientCapabilities(
                     "openai",
                     false,
@@ -3716,22 +4847,43 @@ var AgentID = class {
                         apiKey: effectiveApiKey,
                         clientEventId,
                         sdkConfigFetchMs,
+                        telemetryMetadata,
                         runPromptInjectionCheck: true
                       });
                       maskedText = fallback.sanitizedInput;
                       sdkLocalScanMs = fallback.sdkLocalScanMs;
                     }
                   } else {
+                    await this.logPromptPreflightStep(
+                      {
+                        system_id: systemId,
+                        user_id: options.user_id,
+                        request_identity: options.request_identity,
+                        input: maskedText,
+                        telemetry: telemetryMetadata,
+                        verdict,
+                        guard_event_id: verdict.guard_event_id ?? null,
+                        guard_latency_ms: typeof verdict.guard_latency_ms === "number" && Number.isFinite(verdict.guard_latency_ms) ? Math.max(0, Math.trunc(verdict.guard_latency_ms)) : Math.max(0, Date.now() - pipelineStartedAt),
+                        preflight_for_client_event_id: typeof verdict.client_event_id === "string" && isUuidLike2(verdict.client_event_id) ? verdict.client_event_id : clientEventId,
+                        client_capabilities: this.buildClientCapabilities(
+                          "openai",
+                          false,
+                          capabilityConfig
+                        ),
+                        runtime_surface: "openai_sdk_guard"
+                      },
+                      requestOptions
+                    );
                     throw new SecurityBlockError(verdict.reason ?? "guard_denied");
                   }
                 }
-                const currentRequestInput = adapter.extractInput(maskedReq);
+                const currentRequestInput = adapter.extractInput(maskedReq) ?? "";
                 if (maskedText !== currentRequestInput) {
                   maskedReq = this.withMaskedOpenAIRequest(
-                    req,
+                    providerReq,
                     maskedText
                   );
-                  const nextCreateArgs = [...normalizedCreateArgs];
+                  const nextCreateArgs = [...createArgs];
                   nextCreateArgs[0] = maskedReq;
                   createArgs = nextCreateArgs;
                 }
@@ -3742,15 +4894,44 @@ var AgentID = class {
                 const isShadowMode = verdict.shadow_mode === true;
                 const transformedInput = isShadowMode ? maskedText : typeof verdict.transformed_input === "string" && verdict.transformed_input.length > 0 ? verdict.transformed_input : maskedText;
                 if (transformedInput !== maskedText) {
+                  const serverDerivedMapping = derivePlaceholderMappingFromTransform(
+                    maskedText,
+                    transformedInput
+                  );
+                  if (Object.keys(serverDerivedMapping).length > 0) {
+                    mapping = mergePiiMappings(mapping, serverDerivedMapping);
+                  }
                   maskedText = transformedInput;
                   maskedReq = this.withMaskedOpenAIRequest(
-                    req,
+                    providerReq,
                     transformedInput
                   );
-                  const nextCreateArgs = [...normalizedCreateArgs];
+                  const nextCreateArgs = [...createArgs];
                   nextCreateArgs[0] = maskedReq;
                   createArgs = nextCreateArgs;
                 }
+                await this.logPromptPreflightStep(
+                  {
+                    system_id: systemId,
+                    user_id: options.user_id,
+                    request_identity: options.request_identity,
+                    input: maskedText,
+                    telemetry: telemetryMetadata,
+                    verdict,
+                    guard_event_id: guardEventId,
+                    guard_latency_ms: guardLatencyMs,
+                    preflight_for_client_event_id: canonicalClientEventId,
+                    client_capabilities: this.buildClientCapabilities(
+                      "openai",
+                      false,
+                      capabilityConfig
+                    ),
+                    local_fallback_applied: localFallbackApplied,
+                    local_fallback_reason: localFallbackReason,
+                    runtime_surface: "openai_sdk_guard"
+                  },
+                  requestOptions
+                );
                 if (stream) {
                   const modelStartedAt2 = Date.now();
                   const streamResponse = await originalCreate.apply(compTarget, createArgs);
@@ -3762,7 +4943,8 @@ var AgentID = class {
                     })(),
                     {
                       piiMapping: mapping,
-                      deanonymizeForClient: shouldDeanonymize
+                      deanonymizeForClient: false,
+                      maskForClient: !isShadowMode
                     }
                   );
                   if (maskedText && wrappedCompletion.mode === "stream") {
@@ -3781,29 +4963,32 @@ var AgentID = class {
                         usage: result.usage,
                         latency: modelLatencyMs2,
                         event_type: "complete",
-                        metadata: {
-                          transformed_input: maskedText,
-                          transformed_output: result.transformedOutput,
-                          output_masked: result.outputMasked,
-                          shadow_mode: isShadowMode,
-                          simulated_decision: verdict.simulated_decision ?? null,
-                          simulated_output_decision: isShadowMode && result.outputMasked ? "masked" : "allowed",
-                          response_streamed: true,
-                          sdk_local_fallback_applied: localFallbackApplied,
-                          sdk_local_fallback_reason: localFallbackReason,
-                          guard_latency_ms: guardLatencyMs,
-                          model_latency_ms: modelLatencyMs2,
-                          total_pipeline_latency_ms: totalPipelineLatencyMs2,
-                          guard_event_id: guardEventId,
-                          client_event_id: canonicalClientEventId,
-                          transparency,
-                          ...buildSdkTimingMetadata({
+                        metadata: mergeTelemetryContexts(
+                          telemetryMetadata,
+                          {
+                            transformed_input: maskedText,
+                            transformed_output: result.transformedOutput,
+                            output_masked: result.outputMasked,
+                            shadow_mode: isShadowMode,
+                            simulated_decision: verdict.simulated_decision ?? null,
+                            simulated_output_decision: isShadowMode && result.outputMasked ? "masked" : "allowed",
+                            response_streamed: true,
+                            sdk_local_fallback_applied: localFallbackApplied,
+                            sdk_local_fallback_reason: localFallbackReason,
+                            guard_latency_ms: guardLatencyMs,
+                            model_latency_ms: modelLatencyMs2,
+                            total_pipeline_latency_ms: totalPipelineLatencyMs2,
+                            guard_event_id: guardEventId,
+                            client_event_id: canonicalClientEventId,
+                            transparency
+                          },
+                          buildSdkTimingMetadata({
                             sdkConfigFetchMs,
                             sdkLocalScanMs,
                             sdkGuardMs: guardLatencyMs,
                             sdkConfigVersion: capabilityConfig.version
                           })
-                        },
+                        ),
                         client_capabilities: this.buildClientCapabilities(
                           "openai",
                           false,
@@ -3834,7 +5019,10 @@ var AgentID = class {
                 const totalPipelineLatencyMs = Math.max(0, Date.now() - pipelineStartedAt);
                 if (maskedText) {
                   const output = adapter.extractOutput(res);
-                  const wrappedCompletion = this.wrapCompletion(output);
+                  const wrappedCompletion = this.wrapCompletion(output, {
+                    piiMapping: mapping,
+                    deanonymizeForClient: false
+                  });
                   const model = adapter.getModelName(maskedReq, res);
                   const usage = adapter.getTokenUsage(res);
                   const outputForLog = isShadowMode ? wrappedCompletion.rawOutput : wrappedCompletion.transformedOutput;
@@ -3849,29 +5037,32 @@ var AgentID = class {
                     usage,
                     latency: modelLatencyMs,
                     event_type: "complete",
-                    metadata: {
-                      transformed_input: maskedText,
-                      transformed_output: wrappedCompletion.transformedOutput,
-                      output_masked: wrappedCompletion.outputMasked,
-                      shadow_mode: isShadowMode,
-                      simulated_decision: verdict.simulated_decision ?? null,
-                      simulated_output_decision: isShadowMode && wrappedCompletion.outputMasked ? "masked" : "allowed",
-                      response_streamed: false,
-                      sdk_local_fallback_applied: localFallbackApplied,
-                      sdk_local_fallback_reason: localFallbackReason,
-                      guard_latency_ms: guardLatencyMs,
-                      model_latency_ms: modelLatencyMs,
-                      total_pipeline_latency_ms: totalPipelineLatencyMs,
-                      guard_event_id: guardEventId,
-                      client_event_id: canonicalClientEventId,
-                      transparency,
-                      ...buildSdkTimingMetadata({
+                    metadata: mergeTelemetryContexts(
+                      telemetryMetadata,
+                      {
+                        transformed_input: maskedText,
+                        transformed_output: wrappedCompletion.transformedOutput,
+                        output_masked: wrappedCompletion.outputMasked,
+                        shadow_mode: isShadowMode,
+                        simulated_decision: verdict.simulated_decision ?? null,
+                        simulated_output_decision: isShadowMode && wrappedCompletion.outputMasked ? "masked" : "allowed",
+                        response_streamed: false,
+                        sdk_local_fallback_applied: localFallbackApplied,
+                        sdk_local_fallback_reason: localFallbackReason,
+                        guard_latency_ms: guardLatencyMs,
+                        model_latency_ms: modelLatencyMs,
+                        total_pipeline_latency_ms: totalPipelineLatencyMs,
+                        guard_event_id: guardEventId,
+                        client_event_id: canonicalClientEventId,
+                        transparency
+                      },
+                      buildSdkTimingMetadata({
                         sdkConfigFetchMs,
                         sdkLocalScanMs,
                         sdkGuardMs: guardLatencyMs,
                         sdkConfigVersion: capabilityConfig.version
                       })
-                    },
+                    ),
                     client_capabilities: this.buildClientCapabilities(
                       "openai",
                       false,
@@ -3888,17 +5079,21 @@ var AgentID = class {
                     );
                   }
                 }
-                if (!capabilityConfig.block_pii_leakage && this.resolveEffectivePiiMasking(capabilityConfig) && shouldDeanonymize) {
-                  const deanon = this.pii.deanonymize(adapter.extractOutput(res), mapping);
+                if (!isShadowMode && maskedText) {
+                  const output = adapter.extractOutput(res);
+                  const maskedOutput = this.wrapCompletion(output, {
+                    piiMapping: mapping,
+                    deanonymizeForClient: false
+                  }).transformedOutput;
                   try {
                     if (Array.isArray(res?.choices)) {
                       for (const choice of res.choices) {
                         const typedChoice = choice;
                         if (typedChoice?.message && typeof typedChoice.message.content === "string") {
-                          typedChoice.message.content = deanon;
+                          typedChoice.message.content = maskedOutput;
                         }
                         if (typedChoice?.delta && typeof typedChoice.delta.content === "string") {
-                          typedChoice.delta.content = deanon;
+                          typedChoice.delta.content = maskedOutput;
                         }
                       }
                     }
@@ -3923,14 +5118,169 @@ var AgentID = class {
     });
   }
 };
+function mergeWorkflowTrailRequestOptions(base, override) {
+  const apiKey = firstNonEmptyString(override?.apiKey, base?.apiKey);
+  return apiKey ? { apiKey } : void 0;
+}
+function appendWorkflowErrorMetadata(metadata, error) {
+  const nextMetadata = { ...metadata ?? {} };
+  if (error instanceof Error) {
+    if (typeof nextMetadata.error_name !== "string") {
+      nextMetadata.error_name = error.name;
+    }
+    if (typeof nextMetadata.error_message !== "string" && error.message.trim().length > 0) {
+      nextMetadata.error_message = error.message.trim();
+    }
+    return Object.keys(nextMetadata).length > 0 ? nextMetadata : void 0;
+  }
+  if (typeof nextMetadata.error_message !== "string" && typeof error !== "undefined") {
+    const errorMessage = String(error).trim();
+    if (errorMessage.length > 0) {
+      nextMetadata.error_message = errorMessage;
+    }
+  }
+  return Object.keys(nextMetadata).length > 0 ? nextMetadata : void 0;
+}
+var AgentIDWorkflowStep = class {
+  constructor(params) {
+    this.trail = params.trail;
+    this.workflowStepId = params.workflowStepId;
+    this.startEventId = params.startEventId;
+    this.telemetry = params.telemetry;
+    this.startedAtMs = params.startedAtMs;
+  }
+  resolveStepTelemetry(telemetry) {
+    return mergeTelemetryContexts(
+      this.telemetry,
+      createAgentIdTelemetryContext({
+        workflow_step_id: this.workflowStepId,
+        parent_event_id: this.startEventId
+      }),
+      telemetry
+    );
+  }
+  async log(params = {}, options) {
+    return this.trail.logStep(
+      {
+        ...params,
+        telemetry: this.resolveStepTelemetry(params.telemetry)
+      },
+      options
+    );
+  }
+  async complete(params = {}, options) {
+    return this.log(
+      {
+        ...params,
+        latency: typeof params.latency === "number" ? params.latency : Math.max(0, Date.now() - this.startedAtMs),
+        event_status: params.event_status ?? "completed"
+      },
+      options
+    );
+  }
+  async fail(error, params = {}, options) {
+    return this.log(
+      {
+        ...params,
+        latency: typeof params.latency === "number" ? params.latency : Math.max(0, Date.now() - this.startedAtMs),
+        metadata: appendWorkflowErrorMetadata(params.metadata, error),
+        event_type: params.event_type ?? "error",
+        event_status: params.event_status ?? "failed",
+        severity: params.severity ?? "error"
+      },
+      options
+    );
+  }
+};
+var AgentIDWorkflowTrail = class {
+  constructor(options) {
+    this.agent = options.agent;
+    this.systemId = options.system_id;
+    this.userId = options.user_id;
+    this.requestIdentity = options.request_identity;
+    this.telemetry = createAgentIdTelemetryContext(options.telemetry);
+    this.clientCapabilities = options.client_capabilities;
+    this.requestOptions = options.requestOptions;
+  }
+  async logStep(params = {}, options) {
+    const payload = this.agent.buildOperationLogParams({
+      ...params,
+      system_id: this.systemId,
+      user_id: this.userId,
+      request_identity: this.requestIdentity,
+      telemetry: mergeTelemetryContexts(this.telemetry, params.telemetry),
+      client_capabilities: params.client_capabilities ?? this.clientCapabilities
+    });
+    await this.agent.log(
+      payload,
+      mergeWorkflowTrailRequestOptions(this.requestOptions, options)
+    );
+    return payload;
+  }
+  async startStep(params = {}, options) {
+    const startedAtMs = Date.now();
+    const requestedTelemetry = createAgentIdTelemetryContext(params.telemetry);
+    const workflowStepId = firstNonEmptyString(requestedTelemetry?.workflow_step_id, requestedTelemetry?.workflowStepId) ?? createAgentIdCorrelationId();
+    const startTelemetry = mergeTelemetryContexts(
+      requestedTelemetry,
+      createAgentIdTelemetryContext({
+        workflow_step_id: workflowStepId
+      })
+    );
+    const startPayload = await this.logStep(
+      {
+        ...params,
+        telemetry: startTelemetry,
+        event_type: params.event_type ?? "start",
+        event_status: params.event_status ?? "started"
+      },
+      options
+    );
+    return new AgentIDWorkflowStep({
+      trail: this,
+      workflowStepId,
+      startEventId: startPayload.event_id ?? createEventId2(),
+      telemetry: startTelemetry,
+      startedAtMs
+    });
+  }
+  async runStep(params, run, hooks, options) {
+    const step = await this.startStep(params, options);
+    try {
+      const result = await run();
+      const completeParams = {
+        ...hooks?.complete ?? {},
+        ...hooks?.onComplete?.(result) ?? {}
+      };
+      await step.complete(completeParams, options);
+      return result;
+    } catch (error) {
+      const failParams = {
+        ...hooks?.fail ?? {},
+        ...hooks?.onError?.(error) ?? {}
+      };
+      await step.fail(error, failParams, options);
+      throw error;
+    }
+  }
+};
+function createAgentIdWorkflowTrail(options) {
+  return new AgentIDWorkflowTrail(options);
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AgentID,
+  AgentIDWorkflowStep,
+  AgentIDWorkflowTrail,
   DependencyError,
   InjectionScanner,
   OpenAIAdapter,
   PIIManager,
   SecurityBlockError,
+  createAgentIdCorrelationId,
+  createAgentIdOperationLog,
+  createAgentIdTelemetryContext,
+  createAgentIdWorkflowTrail,
   getInjectionScanner,
   scanWithRegex
 });