npm - cyphrex - Versions diffs - 0.1.0 - Mend

cyphrex 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,78 @@
+# Cyphrex (JavaScript / TypeScript)
+Official SDK for [Cyphrex](https://cyphrex.io) — call `check()` before every agent action to enforce policies and log violations.
+## Installation
+```bash
+npm install cyphrex
+```
+## Quick start
+```typescript
+import { Cyphrex } from 'cyphrex';
+const cyphrex = new Cyphrex({
+  apiKey: process.env.CYPHREX_API_KEY!,
+  agentId: 'your-agent-uuid',
+  // apiUrl optional; defaults to production API
+});
+const result = await cyphrex.check({
+  actionType: 'http_call',
+  url: 'https://api.example.com/data',
+});
+if (!result.allowed) {
+  console.error(result.reason, result.violations);
+  return;
+}
+// proceed with the action
+```
+## Constructor
+| Option | Required | Description |
+|--------|----------|-------------|
+| `apiKey` | Yes | Account API key from Dashboard → API Keys |
+| `agentId` | Yes | UUID of the agent |
+| `apiUrl` | No | API base URL (default: `https://cyphrexapi-production.up.railway.app`) |
+| `timeoutMs` | No | Request timeout in ms (default: `10000`) |
+| `failOpen` | No | If `true`, allow actions when Cyphrex is unreachable (default: `false`) |
+## `check(params)`
+| Param | Type | Description |
+|-------|------|-------------|
+| `actionType` | `string` | e.g. `http_call`, `llm_input`, `llm_response`, `data_access` |
+| `url` | `string?` | For `http_call` |
+| `payload` | `any?` | Text or object (e.g. LLM prompt snippet) |
+| `metadata` | `object?` | Optional extra context |
+### Response (`CheckResponse`)
+- `allowed: boolean`
+- `reason?: string` — when blocked or error
+- `violations?: string[]` — e.g. severity codes
+- `severity?: string` — `P1` / `P2` / `P3` from API
+- `spend?: { amount, currency }` — reserved for future use
+## HTTP
+Requests use `POST {apiUrl}/v1/check` with:
+- `Authorization: Bearer <apiKey>`
+- Body: `{ "agentId": "...", "action": { "type": "...", "url"?, "payload"? } }`
+## Build from source
+```bash
+cd packages/sdk-js && npm install && npm run build
+```
+Output: `dist/index.js`, `dist/index.d.ts`.
+## License
+MIT

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+export interface CyphrexOptions {
+    apiKey: string;
+    agentId: string;
+    apiUrl?: string;
+    /** Milliseconds before request aborts (default 10000) */
+    timeoutMs?: number;
+    /** If true, return { allowed: true } on network errors (default false) */
+    failOpen?: boolean;
+}
+export interface CheckParams {
+    actionType: string;
+    url?: string;
+    payload?: unknown;
+    metadata?: Record<string, unknown>;
+}
+export interface CheckResponse {
+    allowed: boolean;
+    violations?: string[];
+    reason?: string;
+    spend?: {
+        amount: number;
+        currency: string;
+    };
+    /** API may return severity e.g. P1, P2, P3 */
+    severity?: string;
+    /** When failOpen allows after network error */
+    warning?: string;
+}
+export declare class Cyphrex {
+    private readonly apiKey;
+    private readonly agentId;
+    private readonly apiUrl;
+    private readonly timeoutMs;
+    private readonly failOpen;
+    constructor(options: CyphrexOptions);
+    /**
+     * Ask Cyphrex whether an agent action is allowed. Call before executing the action.
+     */
+    check(params: CheckParams): Promise<CheckResponse>;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0EAA0E;IAC1E,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7C,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAoBD,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAU;gBAEvB,OAAO,EAAE,cAAc;IAcnC;;OAEG;IACG,KAAK,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,CAAC;CAyFzD"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,118 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Cyphrex = void 0;
+const DEFAULT_API_URL = 'https://cyphrexapi-production.up.railway.app';
+function normalizeResponse(data) {
+    const allowed = data.allowed === true;
+    const out = { allowed };
+    if (data.reason != null)
+        out.reason = String(data.reason);
+    if (data.severity != null) {
+        out.severity = String(data.severity);
+        if (!allowed)
+            out.violations = [String(data.severity)];
+    }
+    return out;
+}
+class Cyphrex {
+    constructor(options) {
+        if (!options?.apiKey?.trim()) {
+            throw new Error('Cyphrex: apiKey is required');
+        }
+        if (!options?.agentId?.trim()) {
+            throw new Error('Cyphrex: agentId is required');
+        }
+        this.apiKey = options.apiKey.trim();
+        this.agentId = options.agentId.trim();
+        this.apiUrl = (options.apiUrl || DEFAULT_API_URL).replace(/\/$/, '');
+        this.timeoutMs = options.timeoutMs ?? 10000;
+        this.failOpen = options.failOpen ?? false;
+    }
+    /**
+     * Ask Cyphrex whether an agent action is allowed. Call before executing the action.
+     */
+    async check(params) {
+        const { actionType, url, payload, metadata } = params;
+        if (!actionType?.trim()) {
+            return { allowed: false, reason: 'actionType is required', violations: ['validation'] };
+        }
+        const action = { type: actionType.trim() };
+        if (url != null)
+            action.url = url;
+        if (payload !== undefined)
+            action.payload = payload;
+        if (metadata != null && Object.keys(metadata).length > 0) {
+            action.metadata = metadata;
+        }
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), this.timeoutMs);
+        try {
+            const res = await fetch(`${this.apiUrl}/v1/check`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    Authorization: `Bearer ${this.apiKey}`,
+                },
+                body: JSON.stringify({ agentId: this.agentId, action }),
+                signal: controller.signal,
+            });
+            clearTimeout(timer);
+            let data;
+            try {
+                data = (await res.json());
+            }
+            catch {
+                return {
+                    allowed: false,
+                    reason: 'Invalid JSON response from Cyphrex',
+                    violations: ['parse_error'],
+                };
+            }
+            if (res.status === 401) {
+                return {
+                    allowed: false,
+                    reason: data.error || 'Invalid API key',
+                    violations: ['unauthorized'],
+                };
+            }
+            if (res.status === 400) {
+                return {
+                    allowed: false,
+                    reason: data.error || 'Bad request',
+                    violations: ['bad_request'],
+                };
+            }
+            if (res.status === 404) {
+                return {
+                    allowed: false,
+                    reason: data.error || 'Agent not found or inactive',
+                    violations: ['not_found'],
+                };
+            }
+            if (res.status >= 500) {
+                if (this.failOpen) {
+                    return { allowed: true, warning: 'Cyphrex server error — allowed by failOpen' };
+                }
+                return {
+                    allowed: false,
+                    reason: data.error || 'Cyphrex server error',
+                    violations: ['server_error'],
+                };
+            }
+            return normalizeResponse(data);
+        }
+        catch (err) {
+            clearTimeout(timer);
+            const message = err instanceof Error ? err.message : 'Unknown error';
+            if (this.failOpen) {
+                return { allowed: true, warning: `Cyphrex unreachable (${message}) — allowed by failOpen` };
+            }
+            return {
+                allowed: false,
+                reason: `Request failed: ${message}`,
+                violations: ['network'],
+            };
+        }
+    }
+}
+exports.Cyphrex = Cyphrex;

package/package.json ADDED Viewed

@@ -0,0 +1,32 @@
+{
+  "name": "cyphrex",
+  "version": "0.1.0",
+  "description": "Security and identity infrastructure for AI agents",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": ["dist"],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/getcyphrex/platform"
+  },
+  "keywords": [
+    "ai",
+    "agents",
+    "security",
+    "monitoring",
+    "langchain",
+    "crewai"
+  ],
+  "author": "Cyphrex",
+  "license": "MIT",
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "devDependencies": {
+    "typescript": "^5.3.0"
+  }
+}