agentspd 1.0.0

package/dist/commands/webhooks.js

@@ -0,0 +1,222 @@
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import { api } from '../api.js';
+import * as output from '../output.js';
+const AVAILABLE_EVENTS = [
+    'agent.created',
+    'agent.revoked',
+    'agent.suspended',
+    'agent.reputation_changed',
+    'threat.detected',
+    'threat.blocked',
+    'threat.escalated',
+    'threat.resolved',
+    'policy.updated',
+    'policy.activated',
+    'audit.high_volume',
+];
+export function createWebhooksCommand() {
+    const webhooks = new Command('webhooks')
+        .alias('webhook')
+        .description('Manage webhook integrations');
+    webhooks
+        .command('create')
+        .alias('add')
+        .description('Create a new webhook')
+        .option('-u, --url <url>', 'Webhook URL')
+        .option('-e, --events <events>', 'Comma-separated list of events')
+        .option('-s, --secret <secret>', 'Webhook secret for signature verification')
+        .option('--json', 'Output as JSON')
+        .action(async (options) => {
+        let url = options.url;
+        let events = options.events ? options.events.split(',') : [];
+        let secret = options.secret;
+        // Interactive prompts
+        if (!url) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'input',
+                    name: 'url',
+                    message: 'Webhook URL:',
+                    validate: (input) => {
+                        try {
+                            new URL(input);
+                            return true;
+                        }
+                        catch {
+                            return 'Please enter a valid URL';
+                        }
+                    },
+                },
+            ]);
+            url = answers.url;
+        }
+        if (events.length === 0) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'checkbox',
+                    name: 'events',
+                    message: 'Select events to subscribe to:',
+                    choices: AVAILABLE_EVENTS.map(e => ({
+                        name: e,
+                        checked: e.startsWith('threat.'),
+                    })),
+                    validate: (input) => input.length > 0 || 'Select at least one event',
+                },
+            ]);
+            events = answers.events;
+        }
+        if (!secret) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'password',
+                    name: 'secret',
+                    message: 'Webhook secret (optional, for signature verification):',
+                    mask: '*',
+                },
+            ]);
+            secret = answers.secret || undefined;
+        }
+        const spinner = ora('Creating webhook...').start();
+        const result = await api.createWebhook({ url, events, secret });
+        if (result.error) {
+            spinner.fail('Failed to create webhook');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Webhook created successfully!');
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            console.log();
+            output.printKeyValue([
+                ['Webhook ID', result.data.id],
+                ['URL', result.data.url],
+                ['Events', result.data.events.join(', ')],
+                ['Created', output.formatDate(result.data.createdAt)],
+            ]);
+            console.log();
+            output.info('Webhook payload example:');
+            output.printJson({
+                id: 'evt_123',
+                type: 'threat.blocked',
+                timestamp: new Date().toISOString(),
+                data: {
+                    agentId: 'agent_abc',
+                    threatType: 'prompt_injection',
+                    severity: 'high',
+                },
+            });
+        }
+    });
+    webhooks
+        .command('list')
+        .alias('ls')
+        .description('List all webhooks')
+        .option('--json', 'Output as JSON')
+        .action(async (options) => {
+        const spinner = ora('Fetching webhooks...').start();
+        const result = await api.listWebhooks();
+        if (result.error) {
+            spinner.fail('Failed to fetch webhooks');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.stop();
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            if (result.data.webhooks.length === 0) {
+                output.info('No webhooks configured');
+                output.info('Create one with: emotos webhooks create');
+                return;
+            }
+            output.heading('Webhooks');
+            output.printWebhookTable(result.data.webhooks);
+        }
+    });
+    webhooks
+        .command('delete <webhookId>')
+        .alias('rm')
+        .description('Delete a webhook')
+        .option('-f, --force', 'Skip confirmation')
+        .action(async (webhookId, options) => {
+        if (!options.force) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'confirm',
+                    name: 'confirm',
+                    message: `Delete webhook ${webhookId}?`,
+                    default: false,
+                },
+            ]);
+            if (!answers.confirm) {
+                output.info('Operation cancelled');
+                return;
+            }
+        }
+        const spinner = ora('Deleting webhook...').start();
+        const result = await api.deleteWebhook(webhookId);
+        if (result.error) {
+            spinner.fail('Failed to delete webhook');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Webhook deleted');
+    });
+    webhooks
+        .command('test <webhookId>')
+        .description('Send a test webhook')
+        .action(async (webhookId) => {
+        const spinner = ora('Sending test webhook...').start();
+        const result = await api.testWebhook(webhookId);
+        if (result.error) {
+            spinner.fail('Failed to send test webhook');
+            output.error(result.error.message);
+            return;
+        }
+        if (result.data?.success) {
+            spinner.succeed('Test webhook sent successfully!');
+            output.info(`Response status: ${result.data.statusCode}`);
+        }
+        else {
+            spinner.fail('Test webhook failed');
+            if (result.data?.error) {
+                output.error(result.data.error);
+            }
+        }
+    });
+    webhooks
+        .command('events')
+        .description('List available webhook events')
+        .action(() => {
+        output.heading('Available Webhook Events');
+        const agentEvents = AVAILABLE_EVENTS.filter(e => e.startsWith('agent.'));
+        const threatEvents = AVAILABLE_EVENTS.filter(e => e.startsWith('threat.'));
+        const policyEvents = AVAILABLE_EVENTS.filter(e => e.startsWith('policy.'));
+        const auditEvents = AVAILABLE_EVENTS.filter(e => e.startsWith('audit.'));
+        console.log(output.bold('Agent Events'));
+        for (const event of agentEvents) {
+            console.log(`  - ${event}`);
+        }
+        console.log();
+        console.log(output.bold('Threat Events'));
+        for (const event of threatEvents) {
+            console.log(`  - ${event}`);
+        }
+        console.log();
+        console.log(output.bold('Policy Events'));
+        for (const event of policyEvents) {
+            console.log(`  - ${event}`);
+        }
+        console.log();
+        console.log(output.bold('Audit Events'));
+        for (const event of auditEvents) {
+            console.log(`  - ${event}`);
+        }
+    });
+    return webhooks;
+}

package/dist/config.d.ts

@@ -0,0 +1,24 @@
+import Conf from 'conf';
+export interface EmotosConfig {
+    apiUrl: string;
+    apiKey?: string;
+    sessionToken?: string;
+    orgId?: string;
+    orgName?: string;
+    userId?: string;
+    userName?: string;
+    defaultEnvironment: 'development' | 'staging' | 'production';
+    outputFormat: 'table' | 'json' | 'yaml';
+}
+declare const config: Conf<EmotosConfig>;
+export declare function getConfig(): EmotosConfig;
+export declare function setConfig<K extends keyof EmotosConfig>(key: K, value: EmotosConfig[K]): void;
+export declare function clearConfig(): void;
+export declare function getApiUrl(): string;
+export declare function getApiKey(): string | undefined;
+export declare function getSessionToken(): string | undefined;
+export declare function getOrgId(): string | undefined;
+export declare function isAuthenticated(): boolean;
+export declare function getAuthHeader(): Record<string, string>;
+export { config };
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,aAAa,GAAG,SAAS,GAAG,YAAY,CAAC;IAC7D,YAAY,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;CACzC;AAoBD,QAAA,MAAM,MAAM,oBAIV,CAAC;AAEH,wBAAgB,SAAS,IAAI,YAAY,CAExC;AAED,wBAAgB,SAAS,CAAC,CAAC,SAAS,MAAM,YAAY,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,GAAG,IAAI,CAE5F;AAED,wBAAgB,WAAW,IAAI,IAAI,CAElC;AAED,wBAAgB,SAAS,IAAI,MAAM,CAElC;AAED,wBAAgB,SAAS,IAAI,MAAM,GAAG,SAAS,CAE9C;AAED,wBAAgB,eAAe,IAAI,MAAM,GAAG,SAAS,CAEpD;AAED,wBAAgB,QAAQ,IAAI,MAAM,GAAG,SAAS,CAE7C;AAED,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED,wBAAgB,aAAa,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAWtD;AAED,OAAO,EAAE,MAAM,EAAE,CAAC"}

package/dist/config.js

@@ -0,0 +1,58 @@
+import Conf from 'conf';
+const defaults = {
+    apiUrl: 'https://api.emotos.ai',
+    defaultEnvironment: 'development',
+    outputFormat: 'table',
+};
+const schema = {
+    apiUrl: { type: 'string' },
+    apiKey: { type: 'string' },
+    sessionToken: { type: 'string' },
+    orgId: { type: 'string' },
+    orgName: { type: 'string' },
+    userId: { type: 'string' },
+    userName: { type: 'string' },
+    defaultEnvironment: { type: 'string', enum: ['development', 'staging', 'production'] },
+    outputFormat: { type: 'string', enum: ['table', 'json', 'yaml'] },
+};
+const config = new Conf({
+    projectName: 'emotos',
+    defaults,
+    schema,
+});
+export function getConfig() {
+    return config.store;
+}
+export function setConfig(key, value) {
+    config.set(key, value);
+}
+export function clearConfig() {
+    config.clear();
+}
+export function getApiUrl() {
+    return config.get('apiUrl');
+}
+export function getApiKey() {
+    return config.get('apiKey');
+}
+export function getSessionToken() {
+    return config.get('sessionToken');
+}
+export function getOrgId() {
+    return config.get('orgId');
+}
+export function isAuthenticated() {
+    return !!(config.get('apiKey') || config.get('sessionToken'));
+}
+export function getAuthHeader() {
+    const apiKey = config.get('apiKey');
+    const sessionToken = config.get('sessionToken');
+    if (apiKey) {
+        return { 'Authorization': `Bearer ${apiKey}` };
+    }
+    if (sessionToken) {
+        return { 'Authorization': `Bearer ${sessionToken}` };
+    }
+    return {};
+}
+export { config };

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/dist/index.js

@@ -0,0 +1,328 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import chalk from 'chalk';
+import { createAuthCommand, createAgentsCommand, createPoliciesCommand, createAuditCommand, createThreatsCommand, createWebhooksCommand, createConfigCommand, createInitCommand, } from './commands/index.js';
+import { setConfig, getConfig } from './config.js';
+import * as output from './output.js';
+const VERSION = '1.0.0';
+const BANNER = `
+${chalk.cyan('╔═══════════════════════════════════════════════════════════╗')}
+${chalk.cyan('║')}  ${chalk.bold.white('EMOTOS CLI')} - Security Infrastructure for AI Agents   ${chalk.cyan('║')}
+${chalk.cyan('╚═══════════════════════════════════════════════════════════╝')}
+`;
+const program = new Command();
+program
+    .name('agentspd')
+    .description('Emotos CLI - Security Infrastructure for AI Agents')
+    .version(VERSION)
+    .option('--api-url <url>', 'Override API URL')
+    .option('--json', 'Output in JSON format')
+    .option('--yaml', 'Output in YAML format')
+    .hook('preAction', (thisCommand) => {
+    const opts = thisCommand.opts();
+    if (opts.apiUrl) {
+        setConfig('apiUrl', opts.apiUrl);
+    }
+    if (opts.json) {
+        setConfig('outputFormat', 'json');
+    }
+    else if (opts.yaml) {
+        setConfig('outputFormat', 'yaml');
+    }
+});
+// Add subcommands
+program.addCommand(createInitCommand());
+program.addCommand(createAuthCommand());
+program.addCommand(createAgentsCommand());
+program.addCommand(createPoliciesCommand());
+program.addCommand(createAuditCommand());
+program.addCommand(createThreatsCommand());
+program.addCommand(createWebhooksCommand());
+program.addCommand(createConfigCommand());
+// Quick commands (shortcuts)
+program
+    .command('login')
+    .description('Quick login (alias for auth login)')
+    .option('-k, --api-key <key>', 'Use API key')
+    .action(async (options) => {
+    const authCmd = createAuthCommand();
+    const loginCmd = authCmd.commands.find((c) => c.name() === 'login');
+    if (loginCmd) {
+        await loginCmd.parseAsync(['', '', ...(options.apiKey ? ['-k', options.apiKey] : [])]);
+    }
+});
+program
+    .command('status')
+    .description('Show authentication and system status')
+    .action(async () => {
+    const config = getConfig();
+    output.heading('Emotos Status');
+    // Auth status
+    const authStatus = config.apiKey || config.sessionToken ? 'Authenticated' : 'Not authenticated';
+    const authColor = config.apiKey || config.sessionToken ? chalk.green : chalk.red;
+    output.printKeyValue([
+        ['Auth Status', authColor(authStatus)],
+        ['API URL', config.apiUrl],
+        ['Organization', config.orgName || 'N/A'],
+        ['User', config.userName || 'N/A'],
+        ['Environment', config.defaultEnvironment],
+    ]);
+    if (!config.apiKey && !config.sessionToken) {
+        console.log();
+        output.info('Run `agentspd auth login` to authenticate');
+    }
+});
+// Help command enhancements
+program
+    .command('docs')
+    .description('Open documentation')
+    .action(() => {
+    console.log(BANNER);
+    output.heading('Documentation');
+    console.log('  Full documentation: ' + output.link('https://docs.emotos.ai'));
+    console.log('  API Reference: ' + output.link('https://api.emotos.ai/docs'));
+    console.log();
+    output.heading('Quick Start');
+    console.log('  1. Sign up:         ' + output.highlight('agentspd auth signup'));
+    console.log('  2. Create policy:   ' + output.highlight('agentspd policies create'));
+    console.log('  3. Register agent:  ' + output.highlight('agentspd agents create'));
+    console.log('  4. Issue token:     ' + output.highlight('agentspd agents token <agent-id>'));
+    console.log('  5. Connect to MCP:  ' + output.highlight('wss://proxy.emotos.ai/v1/mcp'));
+    console.log();
+    output.heading('For Agent Providers');
+    console.log('  - Register and manage AI agents');
+    console.log('  - Define security policies');
+    console.log('  - Monitor agent reputation and behavior');
+    console.log();
+    output.heading('For Agent Consumers');
+    console.log('  - Vet and approve third-party agents');
+    console.log('  - Monitor threats in real-time');
+    console.log('  - Review audit logs for compliance');
+});
+program
+    .command('quickstart')
+    .alias('tutorial')
+    .description('Interactive quickstart tutorial')
+    .option('--provider', 'Agent provider tutorial')
+    .option('--consumer', 'Agent consumer tutorial')
+    .action(async (options) => {
+    console.log(BANNER);
+    if (options.provider) {
+        await providerTutorial();
+    }
+    else if (options.consumer) {
+        await consumerTutorial();
+    }
+    else {
+        const inquirer = await import('inquirer');
+        const answers = await inquirer.default.prompt([
+            {
+                type: 'list',
+                name: 'role',
+                message: 'Which tutorial would you like to follow?',
+                choices: [
+                    { name: 'Agent Provider - Build and deploy secure AI agents', value: 'provider' },
+                    { name: 'Agent Consumer - Protect your systems from AI agents', value: 'consumer' },
+                ],
+            },
+        ]);
+        if (answers.role === 'provider') {
+            await providerTutorial();
+        }
+        else {
+            await consumerTutorial();
+        }
+    }
+});
+async function providerTutorial() {
+    output.heading('Agent Provider Tutorial');
+    console.log('This tutorial will guide you through:');
+    console.log('  1. Creating a security policy');
+    console.log('  2. Registering an AI agent');
+    console.log('  3. Issuing identity tokens');
+    console.log('  4. Connecting to the MCP proxy');
+    console.log();
+    const inquirer = await import('inquirer');
+    // Step 1: Check authentication
+    output.heading('Step 1: Authentication');
+    const config = getConfig();
+    if (!config.apiKey && !config.sessionToken) {
+        console.log('You need to authenticate first.');
+        const answers = await inquirer.default.prompt([
+            {
+                type: 'confirm',
+                name: 'signup',
+                message: 'Would you like to create an account now?',
+                default: true,
+            },
+        ]);
+        if (answers.signup) {
+            console.log();
+            console.log('Run: ' + output.highlight('agentspd auth signup'));
+            console.log('Then run this tutorial again.');
+            return;
+        }
+    }
+    else {
+        output.success('Already authenticated');
+    }
+    // Step 2: Create a policy
+    output.heading('Step 2: Create a Security Policy');
+    console.log('Security policies define what your agents can and cannot do.');
+    console.log();
+    console.log('Example policy (save as my-policy.yaml):');
+    console.log();
+    console.log(chalk.gray(`version: "1.0"
+name: "my-agent-policy"
+
+settings:
+  default_action: deny
+  require_identity: true
+
+tools:
+  - pattern: "read_*"
+    action: allow
+  - pattern: "write_*"
+    action: allow
+    constraints:
+      paths:
+        allow: ["/data/**"]
+        deny: ["**/.env", "**/secrets/**"]
+
+prompt_injection:
+  enabled: true
+  action: block`));
+    console.log();
+    console.log('Create with: ' + output.highlight('agentspd policies create --file my-policy.yaml'));
+    // Step 3: Register an agent
+    output.heading('Step 3: Register Your Agent');
+    console.log('Each AI agent needs a unique identity.');
+    console.log();
+    console.log('Create with: ' + output.highlight('agentspd agents create --name my-agent --environment development'));
+    console.log();
+    console.log('This returns:');
+    console.log('  - Agent ID: unique identifier for your agent');
+    console.log('  - API Key: for authenticating API calls');
+    console.log();
+    output.warn('Save the API key securely - it will not be shown again!');
+    // Step 4: Issue tokens
+    output.heading('Step 4: Issue JWT Tokens');
+    console.log('Before connecting to the MCP proxy, issue a short-lived JWT:');
+    console.log();
+    console.log('Command: ' + output.highlight('agentspd agents token <agent-id> --ttl 3600'));
+    console.log();
+    console.log('The token contains:');
+    console.log('  - Agent identity claims');
+    console.log('  - Permissions and policy version');
+    console.log('  - Reputation score');
+    // Step 5: Connect to proxy
+    output.heading('Step 5: Connect to MCP Proxy');
+    console.log('Use the JWT token to connect your agent:');
+    console.log();
+    console.log(chalk.gray(`const WebSocket = require('ws');
+
+const ws = new WebSocket('wss://proxy.emotos.ai/v1/mcp', {
+  headers: {
+    'Authorization': 'Bearer ' + agentToken
+  }
+});
+
+ws.on('open', () => {
+  console.log('Connected to Emotos MCP Proxy');
+});
+
+ws.on('message', (data) => {
+  // Handle MCP messages
+});`));
+    console.log();
+    output.success('Tutorial complete!');
+    console.log();
+    console.log('Next steps:');
+    console.log('  - Monitor your agent: ' + output.highlight('agentspd agents monitor <agent-id>'));
+    console.log('  - Check threats: ' + output.highlight('agentspd threats list'));
+    console.log('  - View audit logs: ' + output.highlight('agentspd audit events'));
+}
+async function consumerTutorial() {
+    output.heading('Agent Consumer Tutorial');
+    console.log('This tutorial will guide you through:');
+    console.log('  1. Setting up threat monitoring');
+    console.log('  2. Configuring webhooks for alerts');
+    console.log('  3. Reviewing audit logs');
+    console.log('  4. Responding to security incidents');
+    console.log();
+    const inquirer = await import('inquirer');
+    // Step 1: Check authentication
+    output.heading('Step 1: Authentication');
+    const config = getConfig();
+    if (!config.apiKey && !config.sessionToken) {
+        console.log('You need to authenticate first.');
+        console.log('Run: ' + output.highlight('agentspd auth signup --role consumer'));
+        return;
+    }
+    output.success('Already authenticated');
+    // Step 2: Configure webhooks
+    output.heading('Step 2: Configure Webhook Alerts');
+    console.log('Get real-time alerts when threats are detected:');
+    console.log();
+    console.log('Command: ' + output.highlight('agentspd webhooks create'));
+    console.log();
+    console.log('Recommended events to subscribe:');
+    console.log('  - threat.detected');
+    console.log('  - threat.blocked');
+    console.log('  - agent.suspended');
+    console.log('  - agent.reputation_changed');
+    // Step 3: Monitor threats
+    output.heading('Step 3: Monitor Threats');
+    console.log('View current threats:');
+    console.log('  ' + output.highlight('agentspd threats list'));
+    console.log();
+    console.log('Watch threats in real-time:');
+    console.log('  ' + output.highlight('agentspd threats watch'));
+    console.log();
+    console.log('Filter by severity:');
+    console.log('  ' + output.highlight('agentspd threats list --severity high'));
+    // Step 4: Review audit logs
+    output.heading('Step 4: Review Audit Logs');
+    console.log('Query audit events for compliance:');
+    console.log('  ' + output.highlight('agentspd audit events --start 2026-01-01'));
+    console.log();
+    console.log('Export for reports:');
+    console.log('  ' + output.highlight('agentspd audit export --output audit-report.json'));
+    // Step 5: Respond to incidents
+    output.heading('Step 5: Respond to Incidents');
+    console.log('When a threat is detected:');
+    console.log();
+    console.log('1. Review the threat details:');
+    console.log('   ' + output.highlight('agentspd threats list --status detected'));
+    console.log();
+    console.log('2. Revoke compromised agent if needed:');
+    console.log('   ' + output.highlight('agentspd agents revoke <agent-id>'));
+    console.log();
+    console.log('3. Resolve the threat after investigation:');
+    console.log('   ' + output.highlight('agentspd threats resolve <threat-id>'));
+    console.log();
+    output.success('Tutorial complete!');
+    console.log();
+    console.log('Useful commands:');
+    console.log('  - View all agents: ' + output.highlight('agentspd agents list'));
+    console.log('  - Get threat stats: ' + output.highlight('agentspd threats stats'));
+    console.log('  - Audit statistics: ' + output.highlight('agentspd audit stats'));
+}
+// Error handling
+program.exitOverride();
+try {
+    await program.parseAsync(process.argv);
+}
+catch (err) {
+    // Handle Commander.js special exits (help, version, etc.)
+    if (err instanceof Error && 'code' in err) {
+        const code = err.code;
+        if (code === 'commander.help' || code === 'commander.helpDisplayed' || code === 'commander.version') {
+            // Help or version was displayed, exit cleanly
+            process.exit(0);
+        }
+    }
+    // Real error
+    console.error(chalk.red('Error:'), err instanceof Error ? err.message : err);
+    process.exit(1);
+}