agentid-sdk 0.1.41 → 0.1.42

package/dist/langchain.mjs

@@ -2,12 +2,24 @@ import {
   PIIManager,
   SecurityBlockError,
   createAgentIdTelemetryContext
-} from "./chunk-L2WVWRAC.mjs";
+} from "./chunk-C5U4L4JY.mjs";
 
 // src/langchain.ts
 import { BaseCallbackHandler } from "@langchain/core/callbacks/base";
 var piiManager = new PIIManager();
 var LANGCHAIN_TELEMETRY_FIELD = "agentid_telemetry";
+var MAX_PROMPT_CONTEXT_CHARS = 64e3;
+function getZeroRetentionInput(rawInput, candidateInput) {
+  const raw = typeof rawInput === "string" ? rawInput : "";
+  const candidate = typeof candidateInput === "string" ? candidateInput : "";
+  if (candidate.length > 0 && candidate !== raw) {
+    return candidate;
+  }
+  return "[REDACTED]";
+}
+function isFailOpenGuardBypassReason(reason) {
+  return reason === "timeout_fallback" || reason === "guard_unreachable" || reason === "system_failure_fail_open";
+}
 function safeString(val) {
   return typeof val === "string" ? val : "";
 }
@@ -178,9 +190,6 @@ function setFiniteDurationMetadata(metadata, key, value) {
     metadata[key] = Math.max(0, Math.trunc(value));
   }
 }
-function isGuardFailureEligibleForLocalFallback(reason) {
-  return reason === "network_error_strict_mode" || reason === "server_error" || reason === "system_failure" || reason === "system_failure_db_unavailable" || reason === "logging_failed" || reason === "guard_unreachable" || reason === "api_key_pepper_missing" || reason === "encryption_key_missing";
-}
 function extractTextFromContent(content) {
   if (typeof content === "string") {
     return content;
@@ -230,6 +239,26 @@ function extractPromptFromPrompts(prompts) {
   }
   return "";
 }
+function truncatePromptContext(value) {
+  if (value.length <= MAX_PROMPT_CONTEXT_CHARS) {
+    return value;
+  }
+  const headChars = Math.floor((MAX_PROMPT_CONTEXT_CHARS - 32) / 2);
+  const tailChars = MAX_PROMPT_CONTEXT_CHARS - headChars - 32;
+  return `${value.slice(0, headChars)}
+[...TRUNCATED CONTEXT...]
+${value.slice(-tailChars)}`;
+}
+function extractPromptContextFromPrompts(prompts) {
+  if (!Array.isArray(prompts)) {
+    return "";
+  }
+  const sections = prompts.map((prompt, index) => {
+    const text = safeString(prompt);
+    return text ? `[prompt_${index + 1}] ${text}` : null;
+  }).filter((section) => section !== null);
+  return sections.length > 0 ? truncatePromptContext(sections.join("\n\n")) : "";
+}
 function extractPromptFromMessages(messages) {
   const flat = [];
   if (Array.isArray(messages)) {
@@ -255,6 +284,28 @@ function extractPromptFromMessages(messages) {
   const typedLast = last;
   return extractTextFromContent(typedLast.content ?? typedLast.text);
 }
+function extractPromptContextFromMessages(messages) {
+  const flat = [];
+  if (Array.isArray(messages)) {
+    for (const item of messages) {
+      if (Array.isArray(item)) {
+        flat.push(...item);
+      } else {
+        flat.push(item);
+      }
+    }
+  }
+  const sections = flat.map((message) => {
+    const role = getMessageRole(message) ?? "message";
+    const typed = message;
+    const text = extractTextFromContent(typed?.content ?? typed?.text);
+    return text ? `[${role}] ${text}` : null;
+  }).filter((section) => section !== null);
+  return sections.length > 0 ? truncatePromptContext(sections.join("\n\n")) : "";
+}
+function maskPromptContext(promptContext, options) {
+  return promptContext;
+}
 function setPromptInPrompts(prompts, sanitizedInput) {
   if (!Array.isArray(prompts) || prompts.length === 0) {
     return false;
@@ -384,6 +435,12 @@ function deanonymizeText(text, mapping) {
   }
   return piiManager.deanonymize(text, mapping);
 }
+function textContainsMappingPlaceholder(text, mapping) {
+  if (!text || !mapping) {
+    return false;
+  }
+  return Object.keys(mapping).some((placeholder) => placeholder.length > 0 && text.includes(placeholder));
+}
 function deanonymizeContent(content, mapping) {
   if (!mapping) {
     return content;
@@ -506,6 +563,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
     );
     this.apiKeyOverride = options.apiKey?.trim() || options.api_key?.trim() || void 0;
     this.telemetry = createAgentIdTelemetryContext(options.telemetry);
+    this.deanonymizeOutputForClient = options.deanonymizeOutputForClient === true || options.deanonymize_output_for_client === true;
   }
   get requestOptions() {
     return this.apiKeyOverride ? { apiKey: this.apiKeyOverride } : void 0;
@@ -539,9 +597,10 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
     }
     return false;
   }
-  async preflight(input, stream, clientEventId, telemetryMetadata) {
+  async preflight(input, stream, clientEventId, telemetryMetadata, promptContext) {
     const prepared = await this.agent.prepareInputForDispatch({
       input,
+      promptContext,
       systemId: this.systemId,
       stream,
       clientEventId,
@@ -602,6 +661,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
   }
   async handleLLMStart(serialized, prompts, runId, _parentRunId, extraParams) {
     const input = extractPromptFromPrompts(prompts);
+    const rawPromptContext = extractPromptContextFromPrompts(prompts);
     const id = String(runId ?? "");
     logCallbackDebug("handleLLMStart", { runId: id, hasInput: input.length > 0 });
     if (!input) {
@@ -614,7 +674,8 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       input,
       stream,
       requestedClientEventId,
-      telemetryMetadata
+      telemetryMetadata,
+      rawPromptContext
     );
     const sanitizedInput = prepared.sanitizedInput;
     const piiMaskingEnabled = this.resolvePreparedPiiMaskingEnabled(prepared);
@@ -627,10 +688,18 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
         );
       }
     }
+    const promptContextForGuard = maskPromptContext(
+      extractPromptContextFromPrompts(prompts),
+      {
+        pii: piiMaskingEnabled,
+        secrets: secretMaskingEnabled
+      }
+    );
     const modelName = extractModel(serialized, extraParams);
     const pipelineStartedAtMs = Date.now();
     const verdict = await this.agent.guard({
       input: sanitizedInput,
+      prompt_context: promptContextForGuard || void 0,
       system_id: this.systemId,
       model: modelName,
       client_event_id: requestedClientEventId,
@@ -642,28 +711,30 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       )
     }, this.requestOptions);
     let transformedForRun = sanitizedInput;
-    let sdkLocalScanMs = prepared.sdkLocalScanMs;
+    let sdkConfigFetchMs = prepared.sdkConfigFetchMs ?? 0;
+    let sdkLocalScanMs = prepared.sdkLocalScanMs ?? 0;
     let localFallbackApplied = false;
     let localFallbackReason = null;
     if (!verdict.allowed) {
-      const fallbackEligible = isGuardFailureEligibleForLocalFallback(verdict.reason) && verdict.reason !== "guard_denied";
-      if (fallbackEligible) {
-        const fallback = await this.agent.applyLocalFallbackForGuardFailure({
-          input: sanitizedInput,
+      throw new SecurityBlockError(verdict.reason ?? "guard_denied");
+    }
+    if (isFailOpenGuardBypassReason(verdict.reason)) {
+      const fallback = await this.agent.runLocalPromptInjectionFallback(
+        {
+          input,
+          promptContext: rawPromptContext,
           systemId: this.systemId,
-          stream,
           clientEventId: requestedClientEventId,
           capabilityConfig: prepared.capabilityConfig,
-          sdkConfigFetchMs: prepared.sdkConfigFetchMs,
+          sdkConfigFetchMs,
           telemetryMetadata
-        }, this.requestOptions);
-        transformedForRun = fallback.sanitizedInput;
-        sdkLocalScanMs = fallback.sdkLocalScanMs;
-        localFallbackApplied = true;
-        localFallbackReason = verdict.reason ?? "guard_unreachable";
-      } else {
-        throw new SecurityBlockError(verdict.reason ?? "guard_denied");
-      }
+        },
+        this.requestOptions
+      );
+      sdkConfigFetchMs = fallback.sdkConfigFetchMs;
+      sdkLocalScanMs += fallback.sdkLocalScanMs;
+      localFallbackApplied = true;
+      localFallbackReason = verdict.reason ?? null;
     }
     if (transformedForRun !== sanitizedInput) {
       const mutated = setPromptInPrompts(prompts, transformedForRun);
@@ -682,12 +753,13 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
         transformedInput = transformedForRun;
       }
     }
+    const retainedInput = getZeroRetentionInput(input, transformedInput);
     this.runs.set(id, {
-      input: transformedInput,
+      input: retainedInput,
       startedAtMs: Date.now(),
       pipelineStartedAtMs,
       guardLatencyMs,
-      sdkConfigFetchMs: prepared.sdkConfigFetchMs,
+      sdkConfigFetchMs,
       sdkLocalScanMs,
       localFallbackApplied,
       localFallbackReason,
@@ -697,7 +769,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       telemetryMetadata,
       transparency,
       piiMapping: normalizePiiMapping(prepared.piiMapping),
-      shouldDeanonymize: prepared.shouldDeanonymize === true,
+      shouldDeanonymize: this.deanonymizeOutputForClient && prepared.shouldDeanonymize === true,
       responseStreamed: stream,
       sdkConfigVersion: prepared.capabilityConfig?.version ?? null,
       piiMaskingEnabled,
@@ -711,6 +783,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
   }
   async handleChatModelStart(serialized, messages, runId, _parentRunId, extraParams) {
     const input = extractPromptFromMessages(messages);
+    const rawPromptContext = extractPromptContextFromMessages(messages);
     const id = String(runId ?? "");
     logCallbackDebug("handleChatModelStart", { runId: id, hasInput: input.length > 0 });
     if (!input) {
@@ -723,7 +796,8 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       input,
       stream,
       requestedClientEventId,
-      telemetryMetadata
+      telemetryMetadata,
+      rawPromptContext
     );
     const sanitizedInput = prepared.sanitizedInput;
     const piiMaskingEnabled = this.resolvePreparedPiiMaskingEnabled(prepared);
@@ -736,10 +810,18 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
         );
       }
     }
+    const promptContextForGuard = maskPromptContext(
+      extractPromptContextFromMessages(messages),
+      {
+        pii: piiMaskingEnabled,
+        secrets: secretMaskingEnabled
+      }
+    );
     const modelName = extractModel(serialized, extraParams);
     const pipelineStartedAtMs = Date.now();
     const verdict = await this.agent.guard({
       input: sanitizedInput,
+      prompt_context: promptContextForGuard || void 0,
       system_id: this.systemId,
       model: modelName,
       client_event_id: requestedClientEventId,
@@ -751,28 +833,30 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       )
     }, this.requestOptions);
     let transformedForRun = sanitizedInput;
-    let sdkLocalScanMs = prepared.sdkLocalScanMs;
+    let sdkConfigFetchMs = prepared.sdkConfigFetchMs ?? 0;
+    let sdkLocalScanMs = prepared.sdkLocalScanMs ?? 0;
     let localFallbackApplied = false;
     let localFallbackReason = null;
     if (!verdict.allowed) {
-      const fallbackEligible = isGuardFailureEligibleForLocalFallback(verdict.reason) && verdict.reason !== "guard_denied";
-      if (fallbackEligible) {
-        const fallback = await this.agent.applyLocalFallbackForGuardFailure({
-          input: sanitizedInput,
+      throw new SecurityBlockError(verdict.reason ?? "guard_denied");
+    }
+    if (isFailOpenGuardBypassReason(verdict.reason)) {
+      const fallback = await this.agent.runLocalPromptInjectionFallback(
+        {
+          input,
+          promptContext: rawPromptContext,
           systemId: this.systemId,
-          stream,
           clientEventId: requestedClientEventId,
           capabilityConfig: prepared.capabilityConfig,
-          sdkConfigFetchMs: prepared.sdkConfigFetchMs,
+          sdkConfigFetchMs,
           telemetryMetadata
-        }, this.requestOptions);
-        transformedForRun = fallback.sanitizedInput;
-        sdkLocalScanMs = fallback.sdkLocalScanMs;
-        localFallbackApplied = true;
-        localFallbackReason = verdict.reason ?? "guard_unreachable";
-      } else {
-        throw new SecurityBlockError(verdict.reason ?? "guard_denied");
-      }
+        },
+        this.requestOptions
+      );
+      sdkConfigFetchMs = fallback.sdkConfigFetchMs;
+      sdkLocalScanMs += fallback.sdkLocalScanMs;
+      localFallbackApplied = true;
+      localFallbackReason = verdict.reason ?? null;
     }
     if (transformedForRun !== sanitizedInput) {
       const mutated = setPromptInMessages(messages, transformedForRun);
@@ -791,12 +875,13 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
         transformedInput = transformedForRun;
       }
     }
+    const retainedInput = getZeroRetentionInput(input, transformedInput);
     this.runs.set(id, {
-      input: transformedInput,
+      input: retainedInput,
       startedAtMs: Date.now(),
       pipelineStartedAtMs,
       guardLatencyMs,
-      sdkConfigFetchMs: prepared.sdkConfigFetchMs,
+      sdkConfigFetchMs,
       sdkLocalScanMs,
       localFallbackApplied,
       localFallbackReason,
@@ -806,7 +891,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
       telemetryMetadata,
       transparency,
       piiMapping: normalizePiiMapping(prepared.piiMapping),
-      shouldDeanonymize: prepared.shouldDeanonymize === true,
+      shouldDeanonymize: this.deanonymizeOutputForClient && prepared.shouldDeanonymize === true,
       responseStreamed: stream,
       sdkConfigVersion: prepared.capabilityConfig?.version ?? null,
       piiMaskingEnabled,
@@ -863,7 +948,7 @@ var AgentIDCallbackHandler = class extends BaseCallbackHandler {
     }
     metadata.response_streamed = state.responseStreamed === true;
     metadata.transformed_output = maskedOutputText;
-    metadata.output_masked = maskedOutputText !== clientOutputText;
+    metadata.output_masked = maskedOutputText !== clientOutputText || textContainsMappingPlaceholder(maskedOutputText, state.piiMapping);
     metadata.model_latency_ms = modelLatencyMs;
     metadata.total_pipeline_latency_ms = totalPipelineLatencyMs;
     const resolvedModel = state.model ?? extractModelFromOutput(output) ?? "unknown";

package/dist/transparency-badge.d.mts

@@ -1,5 +1,5 @@
 import * as react_jsx_runtime from 'react/jsx-runtime';
-import { T as TransparencyMetadata } from './agentid-Mjh8rXn0.mjs';
+import { T as TransparencyMetadata } from './agentid-DbTWrLnN.mjs';
 
 type AgentIDTransparencyBadgeTelemetry = {
     systemId: string;

package/dist/transparency-badge.d.ts

@@ -1,5 +1,5 @@
 import * as react_jsx_runtime from 'react/jsx-runtime';
-import { T as TransparencyMetadata } from './agentid-Mjh8rXn0.js';
+import { T as TransparencyMetadata } from './agentid-DbTWrLnN.js';
 
 type AgentIDTransparencyBadgeTelemetry = {
     systemId: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentid-sdk",
-  "version": "0.1.41",
+  "version": "0.1.42",
   "description": "AgentID JavaScript/TypeScript SDK for guardrails, masking, workflow telemetry, and audit logging.",
   "license": "MIT",
   "homepage": "https://agentid.ai",
@@ -66,6 +66,7 @@
   "devDependencies": {
     "@langchain/core": "^1.1.42",
     "@types/react": "^19.2.2",
+    "langsmith": "^0.7.1",
     "tsup": "^8.3.5",
     "typescript": "^5.0.0",
     "vitest": "^4.0.16"