contextguard 0.2.2 → 0.2.3

package/dist/agent.d.ts

@@ -4,8 +4,7 @@
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.
  */
-import { Logger } from "./logger";
-import { SupabaseConfig } from "./lib/supabase-client";
+import { Logger, ContextGuardConfig } from "./logger";
 import { AgentPolicyRow } from "./types/database.types";
 /**
  * Agent interface
@@ -17,8 +16,9 @@ export interface Agent {
 /**
  * Create an MCP security agent
  * @param serverCommand - Command to start MCP server
- * @param policyConfig - Policy configuration
- * @param supabaseConfig - Optional Supabase configuration
+ * @param policyConfig - Policy configuration (should be complete with defaults already merged)
+ * @param agentId - Agent identifier
+ * @param contextGuardConfig - Optional ContextGuard API configuration
  * @returns Agent functions
  */
-export declare const createAgent: (serverCommand: string[], policyConfig?: AgentPolicyRow, supabaseConfig?: SupabaseConfig) => Agent;
+export declare const createAgent: (serverCommand: string[], policyConfig: Required<AgentPolicyRow>, agentId: string, contextGuardConfig?: ContextGuardConfig) => Agent;

package/dist/agent.js

@@ -8,32 +8,20 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createAgent = void 0;
 const child_process_1 = require("child_process");
-const policy_1 = require("./policy");
+const security_engine_1 = require("./security-engine");
 const logger_1 = require("./logger");
-const supabase_client_1 = require("./lib/supabase-client");
 const mcp_1 = require("./types/mcp");
-/**
- * Merge policy with defaults
- */
-const mergePolicyWithDefaults = (policy) => ({
-    ...policy_1.DEFAULT_POLICY,
-    ...policy,
-});
 /**
  * Create an MCP security agent
  * @param serverCommand - Command to start MCP server
- * @param policyConfig - Policy configuration
- * @param supabaseConfig - Optional Supabase configuration
+ * @param policyConfig - Policy configuration (should be complete with defaults already merged)
+ * @param agentId - Agent identifier
+ * @param contextGuardConfig - Optional ContextGuard API configuration
  * @returns Agent functions
  */
-const createAgent = (serverCommand, policyConfig = {}, supabaseConfig) => {
-    const config = mergePolicyWithDefaults(policyConfig);
-    const policy = (0, policy_1.createPolicyChecker)(config);
-    // Create Supabase client if config provided
-    const supabaseClient = supabaseConfig
-        ? (0, supabase_client_1.createSupabaseClient)(supabaseConfig)
-        : undefined;
-    const logger = (0, logger_1.createLogger)(config.logPath, supabaseClient, supabaseConfig?.agentId, config.alertWebhook, config.alertOnSeverity);
+const createAgent = (serverCommand, policyConfig, agentId, contextGuardConfig) => {
+    const policy = (0, security_engine_1.createPolicyChecker)(policyConfig);
+    const logger = (0, logger_1.createLogger)(policyConfig.logPath, agentId, policyConfig.alertWebhook, policyConfig.alertOnSeverity, contextGuardConfig);
     const sessionId = (0, mcp_1.generateSessionId)();
     const state = {
         process: null,
@@ -278,45 +266,13 @@ const createAgent = (serverCommand, policyConfig = {}, supabaseConfig) => {
         logger.logEvent("SERVER_EXIT", "MEDIUM", { exitCode: code }, sessionId);
         console.error("\n=== MCP Security Statistics ===");
         console.error(JSON.stringify(logger.getStatistics(), null, 2));
-        const finish = () => setImmediate(() => process.exit(code || 0));
-        if (supabaseClient && supabaseConfig?.agentId) {
-            supabaseClient
-                .updateAgentStatus(supabaseConfig.agentId, "offline")
-                .catch(() => { })
-                .finally(finish);
-        }
-        else {
-            finish();
-        }
+        setImmediate(() => process.exit(code || 0));
     };
     return {
         /**
          * Start the MCP server wrapper
          */
         start: async () => {
-            // Fetch policy from Supabase if configured
-            if (supabaseClient && supabaseConfig?.agentId) {
-                try {
-                    const remotePolicy = await supabaseClient.fetchPolicy(supabaseConfig.agentId);
-                    if (remotePolicy) {
-                        console.log("✓ Loaded policy from Supabase");
-                        // Merge remote policy with local config
-                        Object.assign(config, remotePolicy);
-                    }
-                }
-                catch (error) {
-                    console.warn("⚠ Failed to fetch policy from Supabase:", error);
-                }
-                // Update agent status to online
-                await supabaseClient.updateAgentStatus(supabaseConfig.agentId, "online");
-                // Send periodic heartbeats every 30 seconds
-                const heartbeatInterval = setInterval(() => {
-                    supabaseClient
-                        .updateAgentStatus(supabaseConfig.agentId, "online")
-                        .catch(() => { });
-                }, 30000);
-                heartbeatInterval.unref();
-            }
             state.process = (0, child_process_1.spawn)(serverCommand[0], serverCommand.slice(1), {
                 stdio: ["pipe", "pipe", "pipe"],
             });
@@ -353,16 +309,7 @@ const createAgent = (serverCommand, policyConfig = {}, supabaseConfig) => {
                 logger.logEvent("AGENT_SHUTDOWN", "MEDIUM", { signal }, sessionId);
                 if (state.process)
                     state.process.kill();
-                const finish = () => process.exit(0);
-                if (supabaseClient && supabaseConfig?.agentId) {
-                    supabaseClient
-                        .updateAgentStatus(supabaseConfig.agentId, "offline")
-                        .catch(() => { })
-                        .finally(finish);
-                }
-                else {
-                    finish();
-                }
+                process.exit(0);
             };
             process.on("SIGTERM", () => shutdown("SIGTERM"));
             process.on("SIGINT", () => shutdown("SIGINT"));

package/dist/cli.js

@@ -41,11 +41,10 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.main = main;
-const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const agent_1 = require("./agent");
 const sse_proxy_1 = require("./sse-proxy");
-const policy_1 = require("./policy");
+const security_engine_1 = require("./security-engine");
 const init_1 = require("./init");
 /**
  * Display help message
@@ -59,10 +58,10 @@ Usage:
   contextguard init --api-key <key>
 
   # stdio transport (Claude Desktop)
-  contextguard --server "node server.js" --config config.json
+  contextguard --server "node server.js"
 
   # SSE/HTTP transport proxy
-  contextguard --transport sse --port 3100 --target http://localhost:3000 --config config.json
+  contextguard --transport sse --port 3100 --target http://localhost:3000
 
 Commands:
   init                  Auto-patch claude_desktop_config.json
@@ -77,28 +76,10 @@ Options:
   --transport <type>    stdio | sse | http  (default: stdio)
   --port <n>            Proxy listen port   (SSE/HTTP mode, default: 3100)
   --target <url>        Upstream server URL (SSE/HTTP mode)
-  --config <file>       Path to security config JSON (optional)
   --help                Show this help
 
-Configuration File Format (JSON):
-  {
-    "mode": "monitor",                          // "monitor" (log only) | "block" (block + log)
-    "maxToolCallsPerMinute": 30,
-    "enablePromptInjectionDetection": true,
-    "enableSensitiveDataDetection": true,
-    "enablePathTraversalPrevention": true,
-    "enableSQLInjectionDetection": true,
-    "enableXSSDetection": true,
-    "enableSemanticDetection": false,
-    "blockedPatterns": ["ignore previous", "system prompt"],
-    "allowedFilePaths": ["/safe/path"],
-    "allowedTools": [],
-    "blockedTools": [],
-    "customRules": [{ "name": "my-rule", "pattern": "\\bforbidden\\b" }],
-    "alertWebhook": "https://hooks.example.com/alert",
-    "alertOnSeverity": ["HIGH", "CRITICAL"],
-    "logPath": "mcp_security.log"
-  }
+Note: Security policies are managed via the ContextGuard dashboard.
+Set CONTEXTGUARD_API_KEY to enable remote policy management.
 
 For more information, visit: https://contextguard.dev
   `);
@@ -110,7 +91,6 @@ For more information, visit: https://contextguard.dev
 function parseArgs() {
     const args = process.argv.slice(2);
     let serverCommand = "";
-    let configFile = "";
     let transport = "stdio";
     let port = 3100;
     let targetUrl = "";
@@ -119,10 +99,6 @@ function parseArgs() {
             serverCommand = args[i + 1];
             i++;
         }
-        else if (args[i] === "--config" && args[i + 1]) {
-            configFile = args[i + 1];
-            i++;
-        }
         else if (args[i] === "--transport" && args[i + 1]) {
             transport = args[i + 1];
             i++;
@@ -136,7 +112,7 @@ function parseArgs() {
             i++;
         }
     }
-    return { serverCommand, configFile, transport, port, targetUrl };
+    return { serverCommand, transport, port, targetUrl };
 }
 /**
  * Parse a shell command string into an array of arguments,
@@ -170,28 +146,6 @@ function parseCommand(cmd) {
         tokens.push(current);
     return tokens;
 }
-/**
- * Load configuration from file
- * @param configFile - Path to config file
- * @returns Security configuration
- */
-function loadConfig(configFile) {
-    if (!fs.existsSync(configFile)) {
-        console.error(`Error: Config file not found: ${configFile}`);
-        process.exit(1);
-    }
-    try {
-        const config = JSON.parse(fs.readFileSync(configFile, "utf-8"));
-        // validateConfig(config);
-        return config;
-    }
-    catch (error) {
-        console.error(`Error: Failed to load config file: ${error}`);
-        process.exit(1);
-    }
-    // TypeScript doesn't know process.exit() never returns
-    return {};
-}
 /**
  * Main CLI entry point
  */
@@ -208,33 +162,23 @@ async function main() {
         return;
     }
     // Parse arguments
-    const { serverCommand, configFile, transport, port, targetUrl } = parseArgs();
-    // Load configuration
-    let config = {};
-    if (configFile) {
-        config = loadConfig(configFile);
-    }
-    // Merge with defaults
-    const fullConfig = { ...policy_1.DEFAULT_POLICY, ...config };
-    // CLI flags override config file
-    if (transport !== "stdio") {
-        fullConfig.transport = transport;
-    }
-    if (port !== 3100) {
-        fullConfig.port = port;
-    }
-    if (targetUrl) {
-        fullConfig.targetUrl = targetUrl;
-    }
-    const effectiveTransport = fullConfig.transport || "stdio";
+    const { serverCommand, transport, port, targetUrl } = parseArgs();
+    // Agent identifier (used by both stdio and SSE/HTTP modes)
+    const agentId = process.env.AGENT_ID || `${os.hostname()}-${process.pid}`;
     // SSE/HTTP transport mode
-    if (effectiveTransport === "sse" || effectiveTransport === "http") {
-        if (!fullConfig.targetUrl && !targetUrl) {
+    if (transport === "sse" || transport === "http") {
+        if (!targetUrl) {
             console.error("Error: --target <url> is required for SSE/HTTP transport");
             process.exit(1);
         }
-        const proxy = (0, sse_proxy_1.createSSEProxy)(fullConfig);
-        proxy.start(fullConfig.port || 3100, fullConfig.targetUrl || targetUrl);
+        const proxyConfig = {
+            ...security_engine_1.DEFAULT_POLICY,
+            transport: transport,
+            port,
+            targetUrl,
+        };
+        const proxy = (0, sse_proxy_1.createSSEProxy)(proxyConfig, agentId);
+        proxy.start(port, targetUrl);
         return;
     }
     // stdio transport mode
@@ -243,20 +187,30 @@ async function main() {
         console.error("Run 'contextguard --help' for usage information");
         process.exit(1);
     }
-    // Load Supabase configuration from environment
-    const supabaseConfig = process.env.SUPABASE_URL && process.env.SUPABASE_SERVICE_KEY
-        ? {
-            url: process.env.SUPABASE_URL,
-            serviceKey: process.env.SUPABASE_SERVICE_KEY,
-            agentId: process.env.AGENT_ID || "default-agent",
-        }
-        : undefined;
-    // Supabase integration is configured silently to avoid polluting stderr
-    // Start REST-based heartbeat if CONTEXTGUARD_API_KEY is set
+    // ContextGuard API configuration
     const cgApiKey = process.env.CONTEXTGUARD_API_KEY;
+    const baseUrl = process.env.CONTEXTGUARD_BASE_URL || "https://contextguard.dev";
+    let remotePolicy = null;
     if (cgApiKey) {
-        const baseUrl = process.env.CONTEXTGUARD_BASE_URL || "https://contextguard.dev";
-        const agentId = process.env.AGENT_ID || `${os.hostname()}-${process.pid}`;
+        // Fetch policy from ContextGuard API
+        const fetchPolicy = async () => {
+            try {
+                const response = await fetch(`${baseUrl}/api/agents/policy/${agentId}`, {
+                    headers: {
+                        Authorization: `Bearer ${cgApiKey}`,
+                    },
+                });
+                if (response.ok) {
+                    const data = await response.json();
+                    if (data.policy) {
+                        remotePolicy = data.policy;
+                    }
+                }
+            }
+            catch {
+                // silently ignore — use local config if API is unreachable
+            }
+        };
         const sendHeartbeat = async () => {
             try {
                 await fetch(`${baseUrl}/api/agents/heartbeat`, {
@@ -278,13 +232,24 @@ async function main() {
                 // silently ignore — don't break the agent if dashboard is unreachable
             }
         };
+        // Fetch policy first, then start heartbeat
+        await fetchPolicy();
         sendHeartbeat();
         const interval = setInterval(sendHeartbeat, 30000);
         interval.unref();
+        // Periodically refresh policy (every 5 minutes)
+        const policyInterval = setInterval(fetchPolicy, 5 * 60000);
+        policyInterval.unref();
         // Heartbeat configured silently to avoid polluting stderr
     }
+    // Use remote policy if available, otherwise use default policy
+    const finalConfig = remotePolicy ?? security_engine_1.DEFAULT_POLICY;
+    // Create ContextGuard config if API key is set
+    const contextGuardConfig = cgApiKey
+        ? { apiKey: cgApiKey, baseUrl }
+        : undefined;
     // Create and start agent
-    const agent = (0, agent_1.createAgent)(parseCommand(serverCommand), config, supabaseConfig);
+    const agent = (0, agent_1.createAgent)(parseCommand(serverCommand), finalConfig, agentId, contextGuardConfig);
     await agent.start();
 }
 // Run CLI if this is the main module

package/dist/index.d.ts

@@ -7,10 +7,8 @@
 export { createAgent } from "./agent";
 export type { Agent } from "./agent";
 export type { MCPMessage } from "./types/mcp";
-export { createPolicyChecker, DEFAULT_POLICY } from "./policy";
-export type { PolicyChecker } from "./policy";
+export { createPolicyChecker, DEFAULT_POLICY } from "./security-engine";
+export type { PolicyChecker } from "./security-engine";
 export { createLogger } from "./logger";
-export type { Logger, SecurityStatistics } from "./logger";
-export { createSupabaseClient } from "./lib/supabase-client";
-export type { SupabaseConfig } from "./lib/supabase-client";
+export type { Logger, SecurityStatistics, ContextGuardConfig } from "./logger";
 export type { AgentPolicyRow, AgentPolicyInsert, AgentPolicyUpdate, SecurityEventRow, SecurityEventInsert, SecurityEventUpdate, AgentStatusRow, AgentStatusInsert, AgentStatusUpdate, EventStatisticsRow, SecuritySeverity, AgentStatus, } from "./types/database.types";

package/dist/index.js

@@ -6,13 +6,11 @@
  * LICENSE file in the root directory of this source tree.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createSupabaseClient = exports.createLogger = exports.DEFAULT_POLICY = exports.createPolicyChecker = exports.createAgent = void 0;
+exports.createLogger = exports.DEFAULT_POLICY = exports.createPolicyChecker = exports.createAgent = void 0;
 var agent_1 = require("./agent");
 Object.defineProperty(exports, "createAgent", { enumerable: true, get: function () { return agent_1.createAgent; } });
-var policy_1 = require("./policy");
-Object.defineProperty(exports, "createPolicyChecker", { enumerable: true, get: function () { return policy_1.createPolicyChecker; } });
-Object.defineProperty(exports, "DEFAULT_POLICY", { enumerable: true, get: function () { return policy_1.DEFAULT_POLICY; } });
+var security_engine_1 = require("./security-engine");
+Object.defineProperty(exports, "createPolicyChecker", { enumerable: true, get: function () { return security_engine_1.createPolicyChecker; } });
+Object.defineProperty(exports, "DEFAULT_POLICY", { enumerable: true, get: function () { return security_engine_1.DEFAULT_POLICY; } });
 var logger_1 = require("./logger");
 Object.defineProperty(exports, "createLogger", { enumerable: true, get: function () { return logger_1.createLogger; } });
-var supabase_client_1 = require("./lib/supabase-client");
-Object.defineProperty(exports, "createSupabaseClient", { enumerable: true, get: function () { return supabase_client_1.createSupabaseClient; } });

package/dist/logger.d.ts

@@ -4,8 +4,14 @@
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.
  */
-import { SupabaseClient } from "./lib/supabase-client";
 import { SecurityEventRow, SecuritySeverity } from "./types/database.types";
+/**
+ * ContextGuard API configuration
+ */
+export interface ContextGuardConfig {
+    apiKey: string;
+    baseUrl: string;
+}
 /**
  * Security statistics interface
  */
@@ -27,10 +33,10 @@ export interface Logger {
 /**
  * Create a security event logger
  * @param logFile - Path to log file
- * @param supabaseClient - Optional Supabase client for remote logging
  * @param agentId - Agent identifier for event attribution
  * @param alertWebhook - Optional webhook URL for HIGH/CRITICAL alerts
  * @param alertOnSeverity - Severity levels that trigger webhook alerts
+ * @param contextGuardConfig - Optional ContextGuard API config for remote logging
  * @returns Logger functions
  */
-export declare const createLogger: (logFile?: string, supabaseClient?: SupabaseClient, agentId?: string, alertWebhook?: string, alertOnSeverity?: string[]) => Logger;
+export declare const createLogger: (logFile?: string, agentId?: string, alertWebhook?: string, alertOnSeverity?: string[], contextGuardConfig?: ContextGuardConfig) => Logger;

package/dist/logger.js

@@ -73,13 +73,13 @@ const fireWebhookAlert = (webhookUrl, event) => {
 /**
  * Create a security event logger
  * @param logFile - Path to log file
- * @param supabaseClient - Optional Supabase client for remote logging
  * @param agentId - Agent identifier for event attribution
  * @param alertWebhook - Optional webhook URL for HIGH/CRITICAL alerts
  * @param alertOnSeverity - Severity levels that trigger webhook alerts
+ * @param contextGuardConfig - Optional ContextGuard API config for remote logging
  * @returns Logger functions
  */
-const createLogger = (logFile = path.join(os.homedir(), ".contextguard", "mcp_security.log"), supabaseClient, agentId = "", alertWebhook, alertOnSeverity = ["HIGH", "CRITICAL"]) => {
+const createLogger = (logFile = path.join(os.homedir(), ".contextguard", "mcp_security.log"), agentId = "", alertWebhook, alertOnSeverity = ["HIGH", "CRITICAL"], contextGuardConfig) => {
     let events = [];
     return {
         /**
@@ -118,10 +118,17 @@ const createLogger = (logFile = path.join(os.homedir(), ".contextguard", "mcp_se
             if (alertWebhook && alertOnSeverity.includes(severity)) {
                 fireWebhookAlert(alertWebhook, event);
             }
-            // Report to Supabase if client is provided
-            if (supabaseClient) {
-                supabaseClient.reportEvent(event).catch((err) => {
-                    console.error("Failed to report event to Supabase:", err);
+            // Report to ContextGuard API if configured
+            if (contextGuardConfig) {
+                fetch(`${contextGuardConfig.baseUrl}/api/events`, {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/json",
+                        Authorization: `Bearer ${contextGuardConfig.apiKey}`,
+                    },
+                    body: JSON.stringify(event),
+                }).catch(() => {
+                    // Silently ignore - don't break agent if API is unreachable
                 });
             }
         },

package/dist/security-engine.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Copyright (c) 2026 Amir Mironi
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+import { AgentPolicyRow } from "./types/database.types";
+/**
+ * Policy checker interface
+ */
+export interface PolicyChecker {
+    checkPromptInjection: (text: string) => string[];
+    checkSensitiveData: (text: string) => string[];
+    checkFileAccess: (filePath: string) => string[];
+    checkRateLimit: (timestamps: number[]) => boolean;
+    checkBlockedPatterns: (text: string) => string[];
+    checkToolAccess: (toolName: string) => string[];
+    checkSQLInjection: (text: string) => string[];
+    checkXSS: (text: string) => string[];
+    checkCustomRules: (text: string) => string[];
+    isBlockingMode: () => boolean;
+    getConfig: () => Required<AgentPolicyRow>;
+}
+/**
+ * Create a policy checker with the given configuration
+ * @param config - Policy configuration
+ * @returns Policy checker functions
+ */
+export declare const createPolicyChecker: (config: Required<AgentPolicyRow>) => PolicyChecker;
+export declare const DEFAULT_POLICY: Required<AgentPolicyRow>;

package/dist/security-engine.js

@@ -0,0 +1,273 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Amir Mironi
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_POLICY = exports.createPolicyChecker = void 0;
+/**
+ * Initialize patterns for detecting sensitive data
+ */
+const initSensitiveDataPatterns = () => [
+    // Generic secrets
+    /(?:password|secret|api[_-]?key|token)\s*[:=]\s*['"]?[\w\-.]+['"]?/gi,
+    // Email addresses
+    /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g,
+    // Social Security Numbers
+    /\b\d{3}-\d{2}-\d{4}\b/g,
+    // OpenAI API keys
+    /sk-[a-zA-Z0-9]{20,}/g,
+    // GitHub tokens
+    /ghp_[a-zA-Z0-9]{36}/g,
+    // AWS Access Keys
+    /AKIA[0-9A-Z]{16}/g,
+    // Stripe API keys
+    /sk_(live|test)_[a-zA-Z0-9]{24,}/g,
+];
+/**
+ * Initialize patterns for detecting SQL injection
+ */
+const initSQLInjectionPatterns = () => [
+    /\bUNION\b.{0,50}\bSELECT\b/gi,
+    /\bDROP\b\s+\b(TABLE|DATABASE|SCHEMA)\b/gi,
+    /\bDELETE\b\s+\bFROM\b/gi,
+    /\bTRUNCATE\b\s+\bTABLE\b/gi,
+    /\bINSERT\b\s+\bINTO\b.{0,50}\bVALUES\b/gi,
+    /\bEXEC\s*\(|\bEXECUTE\s*\(/gi,
+    /--\s*$|\/\*[\s\S]*?\*\//gm,
+    /\bOR\b\s+['"]?\d+['"]?\s*=\s*['"]?\d+['"]?/gi,
+    /'\s*OR\s*'1'\s*=\s*'1/gi,
+    /;\s*(DROP|DELETE|INSERT|UPDATE|CREATE|ALTER)\b/gi,
+];
+/**
+ * Initialize patterns for detecting XSS attacks
+ */
+const initXSSPatterns = () => [
+    /<script[\s>]/gi,
+    /javascript:/gi,
+    /on\w+\s*=\s*["']?[^"'>]*/gi, // onerror=, onload=, onclick=, etc.
+    /<iframe[\s>]/gi,
+    /<object[\s>]/gi,
+    /<embed[\s>]/gi,
+    /eval\s*\(/gi,
+    /document\.(cookie|write|location)/gi,
+    /window\.(location|open)\s*[=(]/gi,
+    /<img[^>]+src\s*=\s*["']?javascript:/gi,
+];
+/**
+ * Initialize patterns for detecting prompt injection
+ */
+const initPromptInjectionPatterns = () => [
+    /ignore\s+(previous|all)\s+(instructions|prompts)/gi,
+    /system:\s*you\s+are\s+now/gi,
+    /forget\s+(everything|all)/gi,
+    /new\s+instructions:/gi,
+    /\[INST\].*?\[\/INST\]/gs,
+    /<\|im_start\|>/g,
+    /disregard\s+previous/gi,
+    /override\s+previous/gi,
+];
+/**
+ * Create a policy checker with the given configuration
+ * @param config - Policy configuration
+ * @returns Policy checker functions
+ */
+const createPolicyChecker = (config) => {
+    const sensitiveDataPatterns = initSensitiveDataPatterns();
+    const promptInjectionPatterns = initPromptInjectionPatterns();
+    const sqlInjectionPatterns = initSQLInjectionPatterns();
+    const xssPatterns = initXSSPatterns();
+    return {
+        /**
+         * Check text for prompt injection attempts
+         */
+        checkPromptInjection: (text) => {
+            if (!config.enablePromptInjectionDetection) {
+                return [];
+            }
+            const violations = [];
+            for (const pattern of promptInjectionPatterns) {
+                const matches = text.match(pattern);
+                if (matches) {
+                    violations.push(`Potential prompt injection detected: "${matches[0].substring(0, 50)}..."`);
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check text for sensitive data exposure
+         */
+        checkSensitiveData: (text) => {
+            if (!config.enableSensitiveDataDetection) {
+                return [];
+            }
+            const violations = [];
+            for (const pattern of sensitiveDataPatterns) {
+                const matches = text.match(pattern);
+                if (matches) {
+                    violations.push(`Sensitive data pattern detected (redacted): ${pattern.source.substring(0, 30)}...`);
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check file path for security violations
+         */
+        checkFileAccess: (filePath) => {
+            if (!config.enablePathTraversalPrevention) {
+                return [];
+            }
+            const violations = [];
+            // Check for path traversal
+            if (filePath.includes("..")) {
+                violations.push(`Path traversal attempt detected: ${filePath}`);
+            }
+            // Check for dangerous system paths
+            const dangerousPaths = [
+                "/etc",
+                "/root",
+                "/sys",
+                "/proc",
+                "C:\\Windows\\System32",
+            ];
+            if (dangerousPaths.some((dangerous) => filePath.startsWith(dangerous))) {
+                violations.push(`Access to dangerous path detected: ${filePath}`);
+            }
+            // Check against allowed paths whitelist
+            if (config.allowedFilePaths.length > 0) {
+                const isAllowed = config.allowedFilePaths.some((allowed) => filePath.startsWith(allowed));
+                if (!isAllowed) {
+                    violations.push(`File path not in allowed list: ${filePath}`);
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check if rate limit is exceeded
+         */
+        checkRateLimit: (timestamps) => {
+            const oneMinuteAgo = Date.now() - 60000;
+            const recentCalls = timestamps.filter((t) => t > oneMinuteAgo);
+            return recentCalls.length < config.maxToolCallsPerMinute;
+        },
+        /**
+         * Check text against blocked patterns
+         */
+        checkBlockedPatterns: (text) => {
+            const violations = [];
+            for (const pattern of config.blockedPatterns) {
+                if (text.toLowerCase().includes(pattern.toLowerCase())) {
+                    violations.push(`Blocked pattern detected: "${pattern}"`);
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check if a tool is allowed or blocked
+         */
+        checkToolAccess: (toolName) => {
+            const violations = [];
+            if (config.blockedTools.includes(toolName)) {
+                violations.push(`Tool "${toolName}" is explicitly blocked`);
+            }
+            else if (config.allowedTools.length > 0 &&
+                !config.allowedTools.includes(toolName)) {
+                violations.push(`Tool "${toolName}" is not in the allowed list: [${config.allowedTools.join(", ")}]`);
+            }
+            return violations;
+        },
+        /**
+         * Check text for SQL injection attempts
+         */
+        checkSQLInjection: (text) => {
+            if (!config.enableSQLInjectionDetection) {
+                return [];
+            }
+            const violations = [];
+            for (const pattern of sqlInjectionPatterns) {
+                if (pattern.test(text)) {
+                    violations.push(`SQL injection pattern detected: ${pattern.source.substring(0, 40)}...`);
+                    pattern.lastIndex = 0; // reset stateful regex
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check text for XSS attack patterns
+         */
+        checkXSS: (text) => {
+            if (!config.enableXSSDetection) {
+                return [];
+            }
+            const violations = [];
+            for (const pattern of xssPatterns) {
+                if (pattern.test(text)) {
+                    violations.push(`XSS pattern detected: ${pattern.source.substring(0, 40)}...`);
+                    pattern.lastIndex = 0; // reset stateful regex
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check text against custom user-defined rules
+         */
+        checkCustomRules: (text) => {
+            const violations = [];
+            for (const rule of config.customRules) {
+                try {
+                    const regex = new RegExp(rule.pattern, "gi");
+                    if (regex.test(text)) {
+                        violations.push(`Custom rule "${rule.name}" triggered`);
+                    }
+                }
+                catch {
+                    // Invalid regex pattern — skip silently
+                }
+            }
+            return violations;
+        },
+        /**
+         * Check if blocking mode is enabled
+         */
+        isBlockingMode: () => {
+            return config.mode === "block";
+        },
+        /**
+         * Get the full configuration
+         */
+        getConfig: () => {
+            return config;
+        },
+    };
+};
+exports.createPolicyChecker = createPolicyChecker;
+exports.DEFAULT_POLICY = {
+    id: "",
+    agent_id: "",
+    created_at: "",
+    updated_at: "",
+    maxToolCallsPerMinute: 30,
+    blockedPatterns: [],
+    allowedFilePaths: [],
+    alertThreshold: 5,
+    enablePromptInjectionDetection: true,
+    enableSensitiveDataDetection: true,
+    enablePathTraversalPrevention: true,
+    enableSQLInjectionDetection: true,
+    enableSemanticDetection: false,
+    enableXSSDetection: true,
+    customRules: [],
+    mode: "monitor",
+    logPath: "mcp_security.log",
+    enableProFeatures: false,
+    licenseFilePath: ".contextguard-license",
+    transport: "stdio",
+    port: 3100,
+    targetUrl: "",
+    allowedTools: [],
+    blockedTools: [],
+    alertWebhook: "",
+    alertOnSeverity: ["HIGH", "CRITICAL"],
+};

package/dist/sse-proxy.d.ts

@@ -16,6 +16,7 @@ export interface SSEProxy {
 /**
  * Create an SSE/HTTP proxy for MCP servers
  * @param policyConfig - Policy configuration
+ * @param agentId - Agent identifier
  * @returns SSE proxy functions
  */
-export declare const createSSEProxy: (policyConfig: Required<AgentPolicyRow>) => SSEProxy;
+export declare const createSSEProxy: (policyConfig: Required<AgentPolicyRow>, agentId?: string) => SSEProxy;

package/dist/sse-proxy.js

@@ -42,17 +42,18 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createSSEProxy = void 0;
 const http = __importStar(require("http"));
 const https = __importStar(require("https"));
-const policy_1 = require("./policy");
+const security_engine_1 = require("./security-engine");
 const logger_1 = require("./logger");
 const mcp_1 = require("./types/mcp");
 /**
  * Create an SSE/HTTP proxy for MCP servers
  * @param policyConfig - Policy configuration
+ * @param agentId - Agent identifier
  * @returns SSE proxy functions
  */
-const createSSEProxy = (policyConfig) => {
-    const policy = (0, policy_1.createPolicyChecker)(policyConfig);
-    const logger = (0, logger_1.createLogger)(policyConfig.logPath);
+const createSSEProxy = (policyConfig, agentId = "sse-proxy") => {
+    const policy = (0, security_engine_1.createPolicyChecker)(policyConfig);
+    const logger = (0, logger_1.createLogger)(policyConfig.logPath, agentId);
     const sessionId = (0, mcp_1.generateSessionId)();
     let toolCallTimestamps = [];
     /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "contextguard",
-  "version": "0.2.2",
+  "version": "0.2.3",
   "description": "Security monitoring wrapper for MCP servers with enterprise features",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -67,4 +67,4 @@
     "@anthropic-ai/sdk": "^0.54.0",
     "@supabase/supabase-js": "^2.79.0"
   }
-}
+}