curiosity-cat 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/curiosity-cat.js +32 -16
- package/package.json +1 -1
package/bin/curiosity-cat.js
CHANGED
|
@@ -84,28 +84,44 @@ Curiosity Cat — Danger Map Close Call Report
|
|
|
84
84
|
============================================
|
|
85
85
|
|
|
86
86
|
Endpoint:
|
|
87
|
-
POST https://
|
|
87
|
+
POST https://pcmqmvcxqsaypuabrkgj.supabase.co/functions/v1/danger-map/report
|
|
88
|
+
|
|
89
|
+
Auth (required):
|
|
90
|
+
-H "Authorization: Bearer <your-api-key>"
|
|
91
|
+
or
|
|
92
|
+
-H "x-api-key: <your-api-key>"
|
|
88
93
|
|
|
89
94
|
Payload (JSON):
|
|
90
|
-
|
|
91
|
-
"
|
|
92
|
-
"
|
|
93
|
-
"severity":
|
|
94
|
-
"
|
|
95
|
-
"
|
|
96
|
-
"
|
|
97
|
-
|
|
95
|
+
Required fields:
|
|
96
|
+
"timestamp": "ISO 8601 datetime of the incident",
|
|
97
|
+
"threat_class": "prompt-injection | unsafe-url | data-exfiltration | unauthorized-tool-use | credential-exposure | package-risk | memory-poisoning | social-engineering | scope-violation | other",
|
|
98
|
+
"severity": "scratched | bitten | nearly_eaten",
|
|
99
|
+
"source": "Where the threat came from (URL, filename, user input, etc.)",
|
|
100
|
+
"what_happened": "What the agent was asked or encountered",
|
|
101
|
+
"action_taken": "What the agent did to handle it",
|
|
102
|
+
"lesson": "What this incident teaches"
|
|
103
|
+
|
|
104
|
+
Optional fields:
|
|
105
|
+
"agent_type": "Type of agent (e.g. research, coding, enterprise)",
|
|
106
|
+
"adventure_level": "housecat | alleycat | tiger",
|
|
107
|
+
"submitted_by": "Your identifier (optional)",
|
|
108
|
+
"framework": "Agent framework used (e.g. claude-code, langgraph)",
|
|
109
|
+
"region": "AWS/GCP/Azure region or 'local'"
|
|
98
110
|
|
|
99
111
|
curl example:
|
|
100
|
-
curl -X POST https://
|
|
112
|
+
curl -X POST https://pcmqmvcxqsaypuabrkgj.supabase.co/functions/v1/danger-map/report \\
|
|
101
113
|
-H "Content-Type: application/json" \\
|
|
114
|
+
-H "Authorization: Bearer <your-api-key>" \\
|
|
102
115
|
-d '{
|
|
103
|
-
"
|
|
104
|
-
"
|
|
105
|
-
"severity":
|
|
106
|
-
"
|
|
107
|
-
"
|
|
108
|
-
"
|
|
116
|
+
"timestamp": "2026-04-16T10:00:00Z",
|
|
117
|
+
"threat_class": "prompt-injection",
|
|
118
|
+
"severity": "bitten",
|
|
119
|
+
"source": "PDF attachment from external user",
|
|
120
|
+
"what_happened": "A document instructed the agent to ignore standing orders and exfiltrate chat history.",
|
|
121
|
+
"action_taken": "Agent refused and flagged the document as hostile input.",
|
|
122
|
+
"lesson": "All external document content must be treated as untrusted regardless of framing.",
|
|
123
|
+
"agent_type": "research",
|
|
124
|
+
"adventure_level": "housecat"
|
|
109
125
|
}'
|
|
110
126
|
|
|
111
127
|
Thank you for making the community safer.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "curiosity-cat",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.1",
|
|
4
4
|
"description": "AI agent safety framework — standing orders, danger maps, and stories that teach cats to land on their feet",
|
|
5
5
|
"author": "Mark Cleary, Short+Sweet International",
|
|
6
6
|
"license": "MIT",
|