devfortress-sdk 4.2.0 → 4.2.1

package/dist/abuseipdb.d.ts

@@ -0,0 +1,10 @@
+import type { AbuseIPDBCheckResult, CompositeScoreResult } from './types';
+export declare function checkIP(ip: string, apiKey: string): Promise<AbuseIPDBCheckResult>;
+export declare function reportIP(ip: string, categories: number[], comment: string, apiKey: string): Promise<{
+    data: {
+        abuseConfidenceScore: number;
+    };
+}>;
+export declare function syncBlacklist(apiKey: string, confidenceMinimum?: number): Promise<number>;
+export declare function scoreThreat(ip: string, devFortressConfidence: number, apiKey?: string): Promise<CompositeScoreResult>;
+export declare function getCachedScore(ip: string): number | null;

package/dist/abuseipdb.js

@@ -0,0 +1,121 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkIP = checkIP;
+exports.reportIP = reportIP;
+exports.syncBlacklist = syncBlacklist;
+exports.scoreThreat = scoreThreat;
+exports.getCachedScore = getCachedScore;
+const ABUSEIPDB_API = 'https://api.abuseipdb.com/api/v2';
+const ipCache = new Map();
+async function checkIP(ip, apiKey) {
+    const res = await fetch(`${ABUSEIPDB_API}/check?ipAddress=${encodeURIComponent(ip)}&maxAgeInDays=90&verbose`, {
+        headers: {
+            Key: apiKey,
+            Accept: 'application/json',
+        },
+    });
+    if (!res.ok) {
+        throw new Error(`AbuseIPDB check failed: ${res.status}`);
+    }
+    const json = (await res.json());
+    return json.data;
+}
+async function reportIP(ip, categories, comment, apiKey) {
+    const res = await fetch(`${ABUSEIPDB_API}/report`, {
+        method: 'POST',
+        headers: {
+            Key: apiKey,
+            'Content-Type': 'application/x-www-form-urlencoded',
+            Accept: 'application/json',
+        },
+        body: new URLSearchParams({
+            ip,
+            categories: categories.join(','),
+            comment,
+        }),
+    });
+    if (!res.ok) {
+        throw new Error(`AbuseIPDB report failed: ${res.status}`);
+    }
+    return res.json();
+}
+async function syncBlacklist(apiKey, confidenceMinimum = 90) {
+    const res = await fetch(`${ABUSEIPDB_API}/blacklist?confidenceMinimum=${confidenceMinimum}&limit=10000`, {
+        headers: {
+            Key: apiKey,
+            Accept: 'application/json',
+        },
+    });
+    if (!res.ok) {
+        throw new Error(`AbuseIPDB blacklist sync failed: ${res.status}`);
+    }
+    const json = (await res.json());
+    const ttl = 6 * 60 * 60 * 1000;
+    for (const entry of json.data) {
+        ipCache.set(`abuseipdb:${entry.ipAddress}`, {
+            score: entry.abuseConfidenceScore,
+            expiresAt: Date.now() + ttl,
+        });
+    }
+    return json.data.length;
+}
+async function scoreThreat(ip, devFortressConfidence, apiKey) {
+    const cached = ipCache.get(`abuseipdb:${ip}`);
+    let abuseScore = 0;
+    let isTor = false;
+    let isDatacenter = false;
+    let distinctUsers = 0;
+    let fromCache = false;
+    if (cached && Date.now() < cached.expiresAt) {
+        abuseScore = cached.score;
+        fromCache = true;
+    }
+    else if (apiKey) {
+        try {
+            const data = await checkIP(ip, apiKey);
+            abuseScore = data.abuseConfidenceScore;
+            isTor = data.isTor;
+            isDatacenter = (data.usageType || '').includes('Data Center');
+            distinctUsers = data.numDistinctUsers;
+            ipCache.set(`abuseipdb:${ip}`, {
+                score: abuseScore,
+                expiresAt: Date.now() + 3600000,
+            });
+        }
+        catch {
+            abuseScore = 0;
+        }
+    }
+    let score = 0;
+    score += abuseScore * 0.4;
+    score += devFortressConfidence * 100 * 0.6;
+    if (isTor)
+        score += 20;
+    if (isDatacenter)
+        score += 10;
+    if (distinctUsers >= 10)
+        score += 10;
+    score = Math.min(Math.round(score), 100);
+    const severity = score >= 85
+        ? 'critical'
+        : score >= 60
+            ? 'high'
+            : score >= 35
+                ? 'medium'
+                : 'low';
+    return {
+        score,
+        severity,
+        abuseScore,
+        isTor,
+        isDatacenter,
+        distinctUsers,
+        fromCache,
+    };
+}
+function getCachedScore(ip) {
+    const cached = ipCache.get(`abuseipdb:${ip}`);
+    if (!cached || Date.now() > cached.expiresAt)
+        return null;
+    return cached.score;
+}

package/dist/agent-security.d.ts

@@ -0,0 +1,96 @@
+import type { CacheAdapter } from './token-alias';
+import { TokenAliasManager } from './token-alias';
+import type { RevocationReason } from './token-alias';
+export type AgentCredentialType = 'agent_api_key' | 'agent_oauth_token' | 'service_account';
+export interface AgentCredentialAliasData {
+    alias: string;
+    agentId: string;
+    credentialType: AgentCredentialType;
+    createdAt: number;
+    quarantined: boolean;
+    quarantineReason?: string;
+    quarantinedAt?: number;
+}
+export interface AgentBaselineMetrics {
+    avgToolsPerSession: number;
+    toolDiversityEntropy: number;
+    avgDataVolumeBytes: number;
+    avgSessionDurationMs: number;
+    topTools: string[];
+    totalSessions: number;
+    createdAt: number;
+    lastUpdatedAt: number;
+    taskDefinition?: string;
+}
+export interface AgentSessionRecord {
+    sessionId: string;
+    agentId: string;
+    toolCalls: {
+        tool: string;
+        durationMs?: number;
+        dataBytes?: number;
+    }[];
+    startedAt: number;
+    endedAt?: number;
+    totalDataBytes: number;
+}
+export type AgentAnomalyType = 'sequence_entropy_anomaly' | 'scope_deviation' | 'data_volume_anomaly' | 'cross_agent_credential_sharing' | 'unsanctioned_tool';
+export interface AgentAnomalySignal {
+    type: AgentAnomalyType;
+    agentId: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    description: string;
+    detectedAt: number;
+    details: Record<string, unknown>;
+}
+export interface AgentScopeDefinition {
+    agentId: string;
+    allowedTools: string[];
+    strictMode: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+export declare function _resetAgentSecurityStores(): void;
+export declare class AgentCredentialManager {
+    private tokenManager;
+    private cache;
+    constructor(tokenManager: TokenAliasManager, cache?: CacheAdapter);
+    createAgentAlias(realCredential: string, agentId: string, credentialType: AgentCredentialType, ttlSeconds?: number): Promise<string>;
+    revokeAgentAccess(agentId: string, reason?: RevocationReason): Promise<number>;
+    quarantineAgent(agentId: string, reason: string): Promise<void>;
+    unquarantineAgent(agentId: string): Promise<void>;
+    isQuarantined(agentId: string): boolean;
+    getQuarantineDetails(agentId: string): {
+        reason: string;
+        at: number;
+    } | null;
+    getAgentCredentials(agentId: string): AgentCredentialAliasData[];
+}
+export declare class AgentBaselineEngine {
+    private readonly BASELINE_WINDOW_DAYS;
+    private readonly MIN_SESSIONS_FOR_BASELINE;
+    recordSession(record: AgentSessionRecord): void;
+    agentBaseline(agentId: string, taskDefinition: string): AgentBaselineMetrics | null;
+    getBaseline(agentId: string): AgentBaselineMetrics | null;
+    private recalculateBaseline;
+    private stdDev;
+    is3SigmaDeviation(values: number[], newValue: number): boolean;
+}
+export declare class AgentAnomalyDetector {
+    private baselineEngine;
+    private anomalyHandlers;
+    private credentialUsage;
+    constructor(baselineEngine: AgentBaselineEngine);
+    onAnomaly(handler: (signal: AgentAnomalySignal) => void): void;
+    analyzeToolCall(agentId: string, toolName: string, dataBytes?: number, credentialAlias?: string): AgentAnomalySignal[];
+    analyzeSession(record: AgentSessionRecord): AgentAnomalySignal[];
+    private emitSignal;
+}
+export declare class AgentScopeEnforcer {
+    defineAgentScope(agentId: string, allowedTools: string[], strictMode?: boolean): AgentScopeDefinition;
+    isToolAllowed(agentId: string, toolName: string): boolean;
+    getScope(agentId: string): AgentScopeDefinition | null;
+    removeScope(agentId: string): void;
+    addAllowedTools(agentId: string, tools: string[]): void;
+    removeAllowedTools(agentId: string, tools: string[]): void;
+}

package/dist/agent-security.js

@@ -0,0 +1,390 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AgentScopeEnforcer = exports.AgentAnomalyDetector = exports.AgentBaselineEngine = exports.AgentCredentialManager = void 0;
+exports._resetAgentSecurityStores = _resetAgentSecurityStores;
+const agent_1 = require("./agent");
+const agentCredentials = new Map();
+const agentBaselines = new Map();
+const agentSessions = new Map();
+const agentScopes = new Map();
+const agentQuarantines = new Map();
+function _resetAgentSecurityStores() {
+    agentCredentials.clear();
+    agentBaselines.clear();
+    agentSessions.clear();
+    agentScopes.clear();
+    agentQuarantines.clear();
+}
+function shannonEntropy(items) {
+    if (items.length === 0)
+        return 0;
+    const freq = new Map();
+    for (const item of items) {
+        freq.set(item, (freq.get(item) || 0) + 1);
+    }
+    let entropy = 0;
+    const total = items.length;
+    for (const count of freq.values()) {
+        const p = count / total;
+        if (p > 0)
+            entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+class AgentCredentialManager {
+    constructor(tokenManager, cache) {
+        this.tokenManager = tokenManager;
+        this.cache = cache || null;
+    }
+    async createAgentAlias(realCredential, agentId, credentialType, ttlSeconds = 7200) {
+        (0, agent_1.validateAgentId)(agentId);
+        const alias = await this.tokenManager.createAlias(realCredential, agentId, ttlSeconds);
+        const data = {
+            alias,
+            agentId,
+            credentialType,
+            createdAt: Date.now(),
+            quarantined: false,
+        };
+        if (!agentCredentials.has(agentId)) {
+            agentCredentials.set(agentId, []);
+        }
+        agentCredentials.get(agentId).push(data);
+        if (this.cache) {
+            try {
+                const existing = await this.cache.get(`agent:creds:${agentId}`);
+                const list = existing
+                    ? JSON.parse(existing)
+                    : [];
+                list.push(data);
+                await this.cache.set(`agent:creds:${agentId}`, JSON.stringify(list), ttlSeconds);
+            }
+            catch {
+            }
+        }
+        return alias;
+    }
+    async revokeAgentAccess(agentId, reason = 'active_threat') {
+        const creds = agentCredentials.get(agentId) || [];
+        let revokedCount = 0;
+        for (const cred of creds) {
+            try {
+                await this.tokenManager.revokeByAlias(cred.alias, reason, agentId);
+                revokedCount++;
+            }
+            catch {
+            }
+        }
+        agentCredentials.delete(agentId);
+        agentQuarantines.delete(agentId);
+        if (this.cache) {
+            try {
+                await this.cache.del(`agent:creds:${agentId}`);
+                await this.cache.del(`agent:quarantine:${agentId}`);
+            }
+            catch {
+            }
+        }
+        return revokedCount;
+    }
+    async quarantineAgent(agentId, reason) {
+        const quarantine = { reason, at: Date.now() };
+        agentQuarantines.set(agentId, quarantine);
+        const creds = agentCredentials.get(agentId) || [];
+        for (const cred of creds) {
+            cred.quarantined = true;
+            cred.quarantineReason = reason;
+            cred.quarantinedAt = quarantine.at;
+        }
+        if (this.cache) {
+            try {
+                await this.cache.set(`agent:quarantine:${agentId}`, JSON.stringify(quarantine), 86400);
+            }
+            catch {
+            }
+        }
+    }
+    async unquarantineAgent(agentId) {
+        agentQuarantines.delete(agentId);
+        const creds = agentCredentials.get(agentId) || [];
+        for (const cred of creds) {
+            cred.quarantined = false;
+            cred.quarantineReason = undefined;
+            cred.quarantinedAt = undefined;
+        }
+        if (this.cache) {
+            try {
+                await this.cache.del(`agent:quarantine:${agentId}`);
+            }
+            catch {
+            }
+        }
+    }
+    isQuarantined(agentId) {
+        return agentQuarantines.has(agentId);
+    }
+    getQuarantineDetails(agentId) {
+        return agentQuarantines.get(agentId) || null;
+    }
+    getAgentCredentials(agentId) {
+        return agentCredentials.get(agentId) || [];
+    }
+}
+exports.AgentCredentialManager = AgentCredentialManager;
+class AgentBaselineEngine {
+    constructor() {
+        this.BASELINE_WINDOW_DAYS = 30;
+        this.MIN_SESSIONS_FOR_BASELINE = 5;
+    }
+    recordSession(record) {
+        if (!agentSessions.has(record.agentId)) {
+            agentSessions.set(record.agentId, []);
+        }
+        const sessions = agentSessions.get(record.agentId);
+        const windowStart = Date.now() - this.BASELINE_WINDOW_DAYS * 24 * 60 * 60 * 1000;
+        const filtered = sessions.filter(s => s.startedAt > windowStart);
+        filtered.push(record);
+        agentSessions.set(record.agentId, filtered);
+        if (filtered.length >= this.MIN_SESSIONS_FOR_BASELINE) {
+            this.recalculateBaseline(record.agentId);
+        }
+    }
+    agentBaseline(agentId, taskDefinition) {
+        const existing = agentBaselines.get(agentId);
+        if (existing) {
+            existing.taskDefinition = taskDefinition;
+            existing.lastUpdatedAt = Date.now();
+            return existing;
+        }
+        const sessions = agentSessions.get(agentId) || [];
+        if (sessions.length < this.MIN_SESSIONS_FOR_BASELINE) {
+            return null;
+        }
+        return this.recalculateBaseline(agentId, taskDefinition);
+    }
+    getBaseline(agentId) {
+        return agentBaselines.get(agentId) || null;
+    }
+    recalculateBaseline(agentId, taskDefinition) {
+        const sessions = agentSessions.get(agentId) || [];
+        const toolsPerSession = sessions.map(s => s.toolCalls.length);
+        const avgToolsPerSession = toolsPerSession.reduce((a, b) => a + b, 0) / sessions.length;
+        const allTools = sessions.flatMap(s => s.toolCalls.map(tc => tc.tool));
+        const toolDiversityEntropy = shannonEntropy(allTools);
+        const dataVolumes = sessions.map(s => s.totalDataBytes);
+        const avgDataVolumeBytes = dataVolumes.reduce((a, b) => a + b, 0) / sessions.length;
+        const durations = sessions
+            .filter(s => s.endedAt)
+            .map(s => s.endedAt - s.startedAt);
+        const avgSessionDurationMs = durations.length > 0
+            ? durations.reduce((a, b) => a + b, 0) / durations.length
+            : 0;
+        const toolFreq = new Map();
+        for (const tool of allTools) {
+            toolFreq.set(tool, (toolFreq.get(tool) || 0) + 1);
+        }
+        const topTools = [...toolFreq.entries()]
+            .sort((a, b) => b[1] - a[1])
+            .slice(0, 10)
+            .map(([tool]) => tool);
+        const baseline = {
+            avgToolsPerSession,
+            toolDiversityEntropy,
+            avgDataVolumeBytes,
+            avgSessionDurationMs,
+            topTools,
+            totalSessions: sessions.length,
+            createdAt: agentBaselines.get(agentId)?.createdAt || Date.now(),
+            lastUpdatedAt: Date.now(),
+            taskDefinition: taskDefinition || agentBaselines.get(agentId)?.taskDefinition,
+        };
+        agentBaselines.set(agentId, baseline);
+        return baseline;
+    }
+    stdDev(values) {
+        if (values.length < 2)
+            return 0;
+        const mean = values.reduce((a, b) => a + b, 0) / values.length;
+        const sqDiffs = values.map(v => Math.pow(v - mean, 2));
+        return Math.sqrt(sqDiffs.reduce((a, b) => a + b, 0) / values.length);
+    }
+    is3SigmaDeviation(values, newValue) {
+        if (values.length < 2)
+            return false;
+        const mean = values.reduce((a, b) => a + b, 0) / values.length;
+        const sd = this.stdDev(values);
+        if (sd === 0)
+            return newValue !== mean;
+        return Math.abs(newValue - mean) > 3 * sd;
+    }
+}
+exports.AgentBaselineEngine = AgentBaselineEngine;
+class AgentAnomalyDetector {
+    constructor(baselineEngine) {
+        this.anomalyHandlers = [];
+        this.credentialUsage = new Map();
+        this.baselineEngine = baselineEngine;
+    }
+    onAnomaly(handler) {
+        this.anomalyHandlers.push(handler);
+    }
+    analyzeToolCall(agentId, toolName, dataBytes = 0, credentialAlias) {
+        const signals = [];
+        const baseline = this.baselineEngine.getBaseline(agentId);
+        const scope = agentScopes.get(agentId);
+        if (scope?.strictMode && !scope.allowedTools.includes(toolName)) {
+            const signal = {
+                type: 'unsanctioned_tool',
+                agentId,
+                severity: 'critical',
+                description: `Agent ${agentId} invoked unsanctioned tool "${toolName}". Allowed: [${scope.allowedTools.join(', ')}]`,
+                detectedAt: Date.now(),
+                details: { tool: toolName, allowedTools: scope.allowedTools },
+            };
+            signals.push(signal);
+            this.emitSignal(signal);
+        }
+        if (!baseline)
+            return signals;
+        if (baseline.topTools.length > 0 && !baseline.topTools.includes(toolName)) {
+            const signal = {
+                type: 'scope_deviation',
+                agentId,
+                severity: 'medium',
+                description: `Agent ${agentId} invoked tool "${toolName}" outside its baseline tool set`,
+                detectedAt: Date.now(),
+                details: {
+                    tool: toolName,
+                    baselineTools: baseline.topTools,
+                },
+            };
+            signals.push(signal);
+            this.emitSignal(signal);
+        }
+        if (dataBytes > 0) {
+            const sessions = agentSessions.get(agentId) || [];
+            const volumes = sessions.map(s => s.totalDataBytes);
+            if (this.baselineEngine.is3SigmaDeviation(volumes, dataBytes)) {
+                const signal = {
+                    type: 'data_volume_anomaly',
+                    agentId,
+                    severity: 'high',
+                    description: `Agent ${agentId} data volume ${dataBytes}B is 3σ deviation from baseline avg ${Math.round(baseline.avgDataVolumeBytes)}B`,
+                    detectedAt: Date.now(),
+                    details: {
+                        dataBytes,
+                        baselineAvg: baseline.avgDataVolumeBytes,
+                    },
+                };
+                signals.push(signal);
+                this.emitSignal(signal);
+            }
+        }
+        if (credentialAlias) {
+            if (!this.credentialUsage.has(credentialAlias)) {
+                this.credentialUsage.set(credentialAlias, new Set());
+            }
+            const agents = this.credentialUsage.get(credentialAlias);
+            agents.add(agentId);
+            if (agents.size > 1) {
+                const signal = {
+                    type: 'cross_agent_credential_sharing',
+                    agentId,
+                    severity: 'critical',
+                    description: `Credential ${credentialAlias.substring(0, 16)}... shared across ${agents.size} agents: [${[...agents].join(', ')}]`,
+                    detectedAt: Date.now(),
+                    details: {
+                        credentialAlias: credentialAlias.substring(0, 16) + '...',
+                        sharingAgents: [...agents],
+                    },
+                };
+                signals.push(signal);
+                this.emitSignal(signal);
+            }
+        }
+        return signals;
+    }
+    analyzeSession(record) {
+        const signals = [];
+        const baseline = this.baselineEngine.getBaseline(record.agentId);
+        if (!baseline || baseline.totalSessions < 5)
+            return signals;
+        const sessionTools = record.toolCalls.map(tc => tc.tool);
+        const sessionEntropy = shannonEntropy(sessionTools);
+        const entropyDeviation = Math.abs(sessionEntropy - baseline.toolDiversityEntropy);
+        if (baseline.toolDiversityEntropy > 0 &&
+            entropyDeviation / baseline.toolDiversityEntropy > 0.5) {
+            const signal = {
+                type: 'sequence_entropy_anomaly',
+                agentId: record.agentId,
+                severity: 'high',
+                description: `Agent ${record.agentId} session entropy ${sessionEntropy.toFixed(2)} deviates ${((entropyDeviation / baseline.toolDiversityEntropy) * 100).toFixed(0)}% from baseline ${baseline.toolDiversityEntropy.toFixed(2)}`,
+                detectedAt: Date.now(),
+                details: {
+                    sessionEntropy,
+                    baselineEntropy: baseline.toolDiversityEntropy,
+                    deviationPercent: (entropyDeviation / baseline.toolDiversityEntropy) * 100,
+                },
+            };
+            signals.push(signal);
+            this.emitSignal(signal);
+        }
+        return signals;
+    }
+    emitSignal(signal) {
+        for (const handler of this.anomalyHandlers) {
+            try {
+                handler(signal);
+            }
+            catch {
+            }
+        }
+    }
+}
+exports.AgentAnomalyDetector = AgentAnomalyDetector;
+class AgentScopeEnforcer {
+    defineAgentScope(agentId, allowedTools, strictMode = true) {
+        const scope = {
+            agentId,
+            allowedTools,
+            strictMode,
+            createdAt: agentScopes.get(agentId)?.createdAt || Date.now(),
+            updatedAt: Date.now(),
+        };
+        agentScopes.set(agentId, scope);
+        return scope;
+    }
+    isToolAllowed(agentId, toolName) {
+        const scope = agentScopes.get(agentId);
+        if (!scope)
+            return true;
+        if (!scope.strictMode)
+            return true;
+        return scope.allowedTools.includes(toolName);
+    }
+    getScope(agentId) {
+        return agentScopes.get(agentId) || null;
+    }
+    removeScope(agentId) {
+        agentScopes.delete(agentId);
+    }
+    addAllowedTools(agentId, tools) {
+        const scope = agentScopes.get(agentId);
+        if (!scope) {
+            this.defineAgentScope(agentId, tools, true);
+            return;
+        }
+        const toolSet = new Set([...scope.allowedTools, ...tools]);
+        scope.allowedTools = [...toolSet];
+        scope.updatedAt = Date.now();
+    }
+    removeAllowedTools(agentId, tools) {
+        const scope = agentScopes.get(agentId);
+        if (!scope)
+            return;
+        const removeSet = new Set(tools);
+        scope.allowedTools = scope.allowedTools.filter(t => !removeSet.has(t));
+        scope.updatedAt = Date.now();
+    }
+}
+exports.AgentScopeEnforcer = AgentScopeEnforcer;

package/dist/agent.d.ts

@@ -0,0 +1,61 @@
+import type { DevFortress } from './devfortress';
+import type { ObserveResult } from './types';
+export interface AgentToolCall {
+    tool: string;
+    input?: Record<string, unknown>;
+    output?: unknown;
+    durationMs?: number;
+    model?: string;
+    framework?: 'langchain' | 'langgraph' | 'openai' | 'anthropic' | 'raw_http' | 'custom';
+    meta?: Record<string, unknown>;
+}
+export interface AgentAdapterConfig {
+    agentId: string;
+    agentName?: string;
+    agentIp?: string;
+    maxInputSummaryLength?: number;
+    sanitizeInputs?: boolean;
+    onFlagged?: (toolCall: AgentToolCall, result: ObserveResult) => void | Promise<void>;
+}
+declare function validateAgentId(agentId: string): void;
+export { validateAgentId };
+export declare class AgentAdapter {
+    private df;
+    private agentId;
+    private agentName;
+    private agentIp;
+    private maxInputSummaryLength;
+    private sanitizeInputs;
+    private onFlagged?;
+    private sessionToolCounts;
+    constructor(df: DevFortress, config: AgentAdapterConfig);
+    observeToolCall(toolCall: AgentToolCall, sessionId?: string): Promise<ObserveResult | null>;
+    observeLangChainTool(toolName: string, toolInput: Record<string, unknown>, options?: {
+        sessionId?: string;
+        model?: string;
+        durationMs?: number;
+    }): Promise<ObserveResult | null>;
+    observeOpenAIToolCall(toolCall: {
+        function: {
+            name: string;
+            arguments: string;
+        };
+    }, options?: {
+        sessionId?: string;
+        model?: string;
+        durationMs?: number;
+    }): Promise<ObserveResult | null>;
+    observeHttpToolCall(url: string, method: string, options?: {
+        statusCode?: number;
+        durationMs?: number;
+        sessionId?: string;
+        meta?: Record<string, unknown>;
+    }): Promise<ObserveResult | null>;
+    trackSessionStart(sessionId: string, taskDescription?: string): Promise<ObserveResult | null>;
+    trackSessionEnd(sessionId: string, summary?: {
+        totalTools?: number;
+        durationMs?: number;
+        success?: boolean;
+    }): Promise<ObserveResult | null>;
+    getSessionToolCount(sessionId: string): number;
+}