governance-sdk 0.5.0

package/dist/plugins/composio.js

@@ -0,0 +1,118 @@
+/**
+ * governance-sdk Composio Plugin
+ *
+ * Integrates governance enforcement into Composio tool execution.
+ * Wraps tools with before-action policy checks and audit logging.
+ *
+ * Updated for @composio/core v0.6+ (Actions→Tools, Apps→Toolkits).
+ *
+ * @example
+ * ```ts
+ * import { createGovernance, blockTools } from 'governance-sdk';
+ * import { governComposioTools } from 'governance-sdk/plugins/composio';
+ *
+ * const gov = createGovernance({
+ *   rules: [blockTools(['GMAIL_SEND_EMAIL'])],
+ * });
+ *
+ * const { tools } = await governComposioTools(gov, myTools, {
+ *   agentName: 'composio-agent',
+ *   owner: 'integration-team',
+ * });
+ * ```
+ */
+// ─── Blocked Error ──────────────────────────────────────────
+export class GovernanceBlockedError extends Error {
+    decision;
+    toolName;
+    constructor(decision, toolName) {
+        super(`Governance blocked: ${decision.reason} (tool: ${toolName})`);
+        this.name = "GovernanceBlockedError";
+        this.decision = decision;
+        this.toolName = toolName;
+    }
+}
+// ─── Shared Helpers ─────────────────────────────────────────
+function buildRegistration(config, toolNames) {
+    return {
+        name: config.agentName,
+        framework: config.framework ?? "composio",
+        owner: config.owner,
+        description: config.description,
+        version: config.version,
+        channels: config.channels,
+        tools: toolNames,
+        hasAuth: config.hasAuth,
+        hasGuardrails: config.hasGuardrails,
+        hasObservability: config.hasObservability,
+        hasAuditLog: true,
+        permissions: config.permissions,
+        metadata: config.metadata,
+    };
+}
+function createEnforcer(governance, agentId, config) {
+    return async (toolName, input) => {
+        const toolkitMapper = config.toolkitActionMapper ?? config.appActionMapper;
+        const action = toolkitMapper?.(toolName.split("_")[0] ?? toolName)
+            ?? config.actionMapper?.(toolName)
+            ?? "tool_call";
+        const decision = await governance.enforce({
+            agentId, agentName: config.agentName, agentLevel: 0,
+            action, tool: toolName, input,
+            sessionTokensUsed: config.sessionTokenTracker?.(),
+        });
+        config.onDecision?.(decision, toolName);
+        if (decision.blocked)
+            config.onBlocked?.(decision, toolName);
+        return decision;
+    };
+}
+function createAuditor(governance, agentId) {
+    return (toolName, outcome, detail) => governance.audit.log({
+        agentId, eventType: "tool_call", outcome,
+        severity: outcome === "failure" ? "warning" : "info",
+        detail: { tool: toolName, ...detail },
+    });
+}
+// ─── Main Export ────────────────────────────────────────────
+/** Govern Composio tools (v0.6+ API) */
+export async function governComposioTools(governance, tools, config) {
+    const toolNames = tools.map((t) => t.name);
+    const reg = buildRegistration(config, toolNames);
+    const result = await governance.register(reg);
+    const enforce = createEnforcer(governance, result.id, config);
+    const audit = createAuditor(governance, result.id);
+    const governedTools = tools.map((tool) => ({
+        ...tool,
+        execute: async (params) => {
+            const decision = await enforce(tool.name, params);
+            if (decision.blocked)
+                throw new GovernanceBlockedError(decision, tool.name);
+            try {
+                const output = await tool.execute(params);
+                await audit(tool.name, "success", { toolkitSlug: tool.toolkitSlug });
+                return output;
+            }
+            catch (error) {
+                await audit(tool.name, "failure", {
+                    toolkitSlug: tool.toolkitSlug,
+                    error: error instanceof Error ? error.message : String(error),
+                });
+                throw error;
+            }
+        },
+    }));
+    return {
+        tools: governedTools,
+        actions: governedTools, // backward compat
+        agentId: result.id,
+        score: result.score,
+        level: result.level,
+        governance,
+        enforce,
+        audit,
+    };
+}
+/** @deprecated Use governComposioTools instead */
+export const governComposioActions = governComposioTools;
+//# sourceMappingURL=composio.js.map

package/dist/plugins/composio.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"composio.js","sourceRoot":"","sources":["../../src/plugins/composio.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAiBH,+DAA+D;AAE/D,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAC/B,QAAQ,CAAsB;IAC9B,QAAQ,CAAS;IAEjC,YAAY,QAA6B,EAAE,QAAgB;QACzD,KAAK,CAAC,uBAAuB,QAAQ,CAAC,MAAM,WAAW,QAAQ,GAAG,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF;AAED,+DAA+D;AAE/D,SAAS,iBAAiB,CAAC,MAA4B,EAAE,SAAmB;IAC1E,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,SAAS;QACtB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,UAAU;QACzC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,KAAK,EAAE,SAAS;QAChB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,WAAW,EAAE,IAAI;QACjB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,UAA8B,EAAE,OAAe,EAAE,MAA4B;IACnG,OAAO,KAAK,EAAE,QAAgB,EAAE,KAA+B,EAAgC,EAAE;QAC/F,MAAM,aAAa,GAAG,MAAM,CAAC,mBAAmB,IAAI,MAAM,CAAC,eAAe,CAAC;QAC3E,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC;eAC7D,MAAM,CAAC,YAAY,EAAE,CAAC,QAAQ,CAAC;eAC9B,WAA4B,CAAC;QACnC,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YACxC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,CAAC;YACnD,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK;YAC7B,iBAAiB,EAAE,MAAM,CAAC,mBAAmB,EAAE,EAAE;SAClD,CAAC,CAAC;QACH,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACxC,IAAI,QAAQ,CAAC,OAAO;YAAE,MAAM,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC7D,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,UAA8B,EAAE,OAAe;IACpE,OAAO,CAAC,QAAgB,EAAE,OAA8B,EAAE,MAAgC,EAAuB,EAAE,CACjH,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC;QACnB,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,OAAO;QACxC,QAAQ,EAAE,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;QACpD,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,MAAM,EAAE;KACtC,CAAC,CAAC;AACP,CAAC;AAED,+DAA+D;AAE/D,wCAAwC;AACxC,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,UAA8B,EAC9B,KAAqB,EACrB,MAA4B;IAE5B,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAE9C,MAAM,OAAO,GAAG,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IAEnD,MAAM,aAAa,GAAmB,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACzD,GAAG,IAAI;QACP,OAAO,EAAE,KAAK,EAAE,MAA+B,EAAE,EAAE;YACjD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAClD,IAAI,QAAQ,CAAC,OAAO;gBAAE,MAAM,IAAI,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5E,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAQ,CAAC,MAAM,CAAC,CAAC;gBAC3C,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;gBACrE,OAAO,MAAM,CAAC;YAChB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE;oBAChC,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBAC9D,CAAC,CAAC;gBACH,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;KACF,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,KAAK,EAAE,aAAa;QACpB,OAAO,EAAE,aAAa,EAAE,kBAAkB;QAC1C,OAAO,EAAE,MAAM,CAAC,EAAE;QAClB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU;QACV,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAED,kDAAkD;AAClD,MAAM,CAAC,MAAM,qBAAqB,GAAG,mBAAmB,CAAC"}

package/dist/plugins/crewai-types.d.ts

@@ -0,0 +1,153 @@
+/**
+ * Types for the CrewAI governance integration.
+ *
+ * NOTE: CrewAI is Python-first with no official TypeScript SDK.
+ * These types approximate CrewAI Python shapes for governance
+ * wrapping purposes. The Python SDK uses `_run()` / `_arun()`
+ * methods, not `execute()`.
+ */
+import type { GovernanceInstance, AuditEvent } from "../index";
+import type { EnforcementDecision, PolicyAction } from "../policy";
+import type { AgentFramework } from "../types";
+/** CrewAI tool shape */
+export interface CrewAITool {
+    name: string;
+    description: string;
+    /** Pydantic model schema for tool input validation */
+    argsSchema?: Record<string, unknown>;
+    /** Whether result should be used as final answer */
+    resultAsAnswer?: boolean;
+    /** Maximum number of times this tool can be used per task */
+    maxUsageCount?: number;
+    /** Custom caching logic */
+    cacheFunction?: (args: Record<string, unknown>, result: unknown) => boolean;
+    /**
+     * Execute the tool — governance wrapper method.
+     * Maps to Python `_run()` / `_arun()` methods.
+     */
+    execute: (input: Record<string, unknown>) => Promise<unknown>;
+}
+/** CrewAI agent shape */
+export interface CrewAIAgent {
+    role: string;
+    goal: string;
+    backstory: string;
+    tools?: CrewAITool[];
+    allowDelegation?: boolean;
+    /** Language model configuration */
+    llm?: string | Record<string, unknown>;
+    /** Language model for tool calling; overrides crew's LLM */
+    functionCallingLlm?: string | Record<string, unknown>;
+    /** Agent memory configuration (accepts Memory objects in Python SDK) */
+    memory?: boolean | unknown;
+    /** Maximum iterations before stopping (default: 25) */
+    maxIter?: number;
+    /** Maximum requests per minute to avoid rate limits */
+    maxRpm?: number;
+    /** Maximum execution time in seconds */
+    maxExecutionTime?: number;
+    /** Maximum retry attempts (default: 2) */
+    maxRetryLimit?: number;
+    /** Whether code execution is allowed — SECURITY CRITICAL */
+    allowCodeExecution?: boolean;
+    /** Code execution safety mode — SECURITY CRITICAL */
+    codeExecutionMode?: "safe" | "unsafe";
+    /** Step callback for per-step hooks */
+    stepCallback?: (step: unknown) => void;
+    /** Whether to enable verbose logging */
+    verbose?: boolean;
+    /** Enable caching for tool usage (default: true) */
+    cache?: boolean;
+    /** Custom system prompt template */
+    systemTemplate?: string;
+    /** Custom prompt template for input */
+    promptTemplate?: string;
+    /** Custom response template for output */
+    responseTemplate?: string;
+    /** Keep messages under context window size by summarizing (default: true) */
+    respectContextWindow?: boolean;
+    /** Support for multimodal capabilities */
+    multimodal?: boolean;
+    /** Whether to use system prompt — needed for o1 model support (default: true) */
+    useSystemPrompt?: boolean;
+    /** Whether agent should reflect and plan before executing */
+    reasoning?: boolean;
+    /** Maximum reasoning attempts before task execution */
+    maxReasoningAttempts?: number;
+    /** Configuration for embedder used by agent */
+    embedder?: Record<string, unknown>;
+    /** Knowledge sources available to agent */
+    knowledgeSources?: unknown[];
+    /** Automatically inject current date into tasks */
+    injectDate?: boolean;
+    /** Format string for injected dates (default: "%Y-%m-%d") */
+    dateFormat?: string;
+}
+/** CrewAI task shape */
+export interface CrewAITask {
+    description: string;
+    agent?: CrewAIAgent;
+    tools?: CrewAITool[];
+    expectedOutput: string;
+    /** Task identifier label */
+    name?: string;
+    /** Task dependencies — other tasks whose outputs become context */
+    context?: CrewAITask[];
+    /** Whether this task requires human input */
+    humanInput?: boolean;
+    /** Run task asynchronously */
+    asyncExecution?: boolean;
+    /** Callback on task completion */
+    callback?: (output: unknown) => void;
+    /** Pydantic model for structured JSON output */
+    outputJson?: Record<string, unknown>;
+    /** Pydantic model for structured pydantic output */
+    outputPydantic?: Record<string, unknown>;
+    /** File path for storing task output */
+    outputFile?: string;
+    /** Whether to create directory for output_file if absent (default: true) */
+    createDirectory?: boolean;
+    /** Whether to format final answer in Markdown */
+    markdown?: boolean;
+    /** Task-specific configuration parameters */
+    config?: Record<string, unknown>;
+    /** Function to validate task output before proceeding */
+    guardrail?: (output: unknown) => unknown;
+    /** List of guardrail functions to validate task output */
+    guardrails?: Array<(output: unknown) => unknown>;
+    /** Maximum retry attempts when guardrail validation fails (default: 3) */
+    guardrailMaxRetries?: number;
+}
+export interface GovernCrewAIConfig {
+    agentName: string;
+    owner: string;
+    framework?: AgentFramework;
+    description?: string;
+    version?: string;
+    channels?: string[];
+    hasAuth?: boolean;
+    hasGuardrails?: boolean;
+    hasObservability?: boolean;
+    permissions?: Record<string, unknown>;
+    metadata?: Record<string, unknown>;
+    onBlocked?: (decision: EnforcementDecision, toolName: string) => void;
+    onDecision?: (decision: EnforcementDecision, toolName: string) => void;
+    actionMapper?: (toolName: string) => PolicyAction;
+    sessionTokenTracker?: () => number;
+}
+export interface GovernedCrewAIAgentResult {
+    agent: CrewAIAgent;
+    agentId: string;
+    score: number;
+    level: number;
+    governance: GovernanceInstance;
+    enforce: (toolName: string, input?: Record<string, unknown>) => Promise<EnforcementDecision>;
+    audit: (toolName: string, outcome: "success" | "failure", detail?: Record<string, unknown>) => Promise<AuditEvent>;
+}
+export interface GovernedCrewAIToolsResult {
+    tools: CrewAITool[];
+    agentId: string;
+    score: number;
+    level: number;
+}
+//# sourceMappingURL=crewai-types.d.ts.map

package/dist/plugins/crewai-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crewai-types.d.ts","sourceRoot":"","sources":["../../src/plugins/crewai-types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAC/D,OAAO,KAAK,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAI/C,wBAAwB;AACxB,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,oDAAoD;IACpD,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,6DAA6D;IAC7D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC;IAC5E;;;OAGG;IACH,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CAC/D;AAED,yBAAyB;AACzB,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,UAAU,EAAE,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,mCAAmC;IACnC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,4DAA4D;IAC5D,kBAAkB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACtD,wEAAwE;IACxE,MAAM,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;IAC3B,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uDAAuD;IACvD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,0CAA0C;IAC1C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,4DAA4D;IAC5D,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,qDAAqD;IACrD,iBAAiB,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC;IACtC,uCAAuC;IACvC,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK,IAAI,CAAC;IACvC,wCAAwC;IACxC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,oDAAoD;IACpD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,oCAAoC;IACpC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,uCAAuC;IACvC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,0CAA0C;IAC1C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,6EAA6E;IAC7E,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,0CAA0C;IAC1C,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,iFAAiF;IACjF,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,6DAA6D;IAC7D,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,uDAAuD;IACvD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,2CAA2C;IAC3C,gBAAgB,CAAC,EAAE,OAAO,EAAE,CAAC;IAC7B,mDAAmD;IACnD,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,6DAA6D;IAC7D,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,wBAAwB;AACxB,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,KAAK,CAAC,EAAE,UAAU,EAAE,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,4BAA4B;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,mEAAmE;IACnE,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC;IACvB,6CAA6C;IAC7C,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,8BAA8B;IAC9B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kCAAkC;IAClC,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,IAAI,CAAC;IACrC,gDAAgD;IAChD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,oDAAoD;IACpD,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,4EAA4E;IAC5E,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,iDAAiD;IACjD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,6CAA6C;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,yDAAyD;IACzD,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC;IACzC,0DAA0D;IAC1D,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC,CAAC;IACjD,0EAA0E;IAC1E,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAID,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,cAAc,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,SAAS,CAAC,EAAE,CAAC,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IACtE,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IACvE,YAAY,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,YAAY,CAAC;IAClD,mBAAmB,CAAC,EAAE,MAAM,MAAM,CAAC;CACpC;AAID,MAAM,WAAW,yBAAyB;IACxC,KAAK,EAAE,WAAW,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC7F,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,GAAG,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;CACpH;AAED,MAAM,WAAW,yBAAyB;IACxC,KAAK,EAAE,UAAU,EAAE,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf"}

package/dist/plugins/crewai-types.js

@@ -0,0 +1,10 @@
+/**
+ * Types for the CrewAI governance integration.
+ *
+ * NOTE: CrewAI is Python-first with no official TypeScript SDK.
+ * These types approximate CrewAI Python shapes for governance
+ * wrapping purposes. The Python SDK uses `_run()` / `_arun()`
+ * methods, not `execute()`.
+ */
+export {};
+//# sourceMappingURL=crewai-types.js.map

package/dist/plugins/crewai-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crewai-types.js","sourceRoot":"","sources":["../../src/plugins/crewai-types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG"}

package/dist/plugins/crewai.d.ts

@@ -0,0 +1,37 @@
+/**
+ * governance-sdk CrewAI Plugin
+ *
+ * Integrates governance enforcement into CrewAI agent tool execution.
+ * Wraps tools with before-action policy checks and audit logging.
+ *
+ * @example
+ * ```ts
+ * import { createGovernance, blockTools } from 'governance-sdk';
+ * import { governCrewAIAgent } from 'governance-sdk/plugins/crewai';
+ *
+ * const gov = createGovernance({
+ *   rules: [blockTools(['shell_exec'])],
+ * });
+ *
+ * const { agent } = await governCrewAIAgent(gov, {
+ *   role: 'researcher',
+ *   goal: 'Find information',
+ *   tools: [webSearchTool, fileReadTool],
+ * }, {
+ *   agentName: 'researcher',
+ *   owner: 'research-team',
+ * });
+ * ```
+ */
+import type { GovernanceInstance } from "../index";
+import type { EnforcementDecision } from "../policy";
+import type { CrewAITool, CrewAIAgent, GovernCrewAIConfig, GovernedCrewAIAgentResult, GovernedCrewAIToolsResult } from "./crewai-types.js";
+export type { CrewAITool, CrewAIAgent, CrewAITask, GovernCrewAIConfig, GovernedCrewAIAgentResult, GovernedCrewAIToolsResult, } from "./crewai-types.js";
+export declare class GovernanceBlockedError extends Error {
+    readonly decision: EnforcementDecision;
+    readonly toolName: string;
+    constructor(decision: EnforcementDecision, toolName: string);
+}
+export declare function governCrewAIAgent(governance: GovernanceInstance, agent: CrewAIAgent, config: GovernCrewAIConfig): Promise<GovernedCrewAIAgentResult>;
+export declare function governCrewAITools(governance: GovernanceInstance, tools: CrewAITool[], config: GovernCrewAIConfig): Promise<GovernedCrewAIToolsResult>;
+//# sourceMappingURL=crewai.d.ts.map

package/dist/plugins/crewai.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crewai.d.ts","sourceRoot":"","sources":["../../src/plugins/crewai.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAc,MAAM,UAAU,CAAC;AAC/D,OAAO,KAAK,EAAE,mBAAmB,EAAgB,MAAM,WAAW,CAAC;AAEnE,OAAO,KAAK,EACV,UAAU,EAAE,WAAW,EACvB,kBAAkB,EAAE,yBAAyB,EAAE,yBAAyB,EACzE,MAAM,mBAAmB,CAAC;AAG3B,YAAY,EACV,UAAU,EAAE,WAAW,EAAE,UAAU,EACnC,kBAAkB,EAAE,yBAAyB,EAAE,yBAAyB,GACzE,MAAM,mBAAmB,CAAC;AAI3B,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,SAAgB,QAAQ,EAAE,mBAAmB,CAAC;IAC9C,SAAgB,QAAQ,EAAE,MAAM,CAAC;gBAErB,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM;CAM5D;AAqED,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,kBAAkB,EAC9B,KAAK,EAAE,WAAW,EAClB,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,yBAAyB,CAAC,CAkBpC;AAID,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,kBAAkB,EAC9B,KAAK,EAAE,UAAU,EAAE,EACnB,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,yBAAyB,CAAC,CAcpC"}

package/dist/plugins/crewai.js

@@ -0,0 +1,127 @@
+/**
+ * governance-sdk CrewAI Plugin
+ *
+ * Integrates governance enforcement into CrewAI agent tool execution.
+ * Wraps tools with before-action policy checks and audit logging.
+ *
+ * @example
+ * ```ts
+ * import { createGovernance, blockTools } from 'governance-sdk';
+ * import { governCrewAIAgent } from 'governance-sdk/plugins/crewai';
+ *
+ * const gov = createGovernance({
+ *   rules: [blockTools(['shell_exec'])],
+ * });
+ *
+ * const { agent } = await governCrewAIAgent(gov, {
+ *   role: 'researcher',
+ *   goal: 'Find information',
+ *   tools: [webSearchTool, fileReadTool],
+ * }, {
+ *   agentName: 'researcher',
+ *   owner: 'research-team',
+ * });
+ * ```
+ */
+// ─── Blocked Error ──────────────────────────────────────────
+export class GovernanceBlockedError extends Error {
+    decision;
+    toolName;
+    constructor(decision, toolName) {
+        super(`Governance blocked: ${decision.reason} (tool: ${toolName})`);
+        this.name = "GovernanceBlockedError";
+        this.decision = decision;
+        this.toolName = toolName;
+    }
+}
+// ─── Shared Helpers ─────────────────────────────────────────
+function buildRegistration(config, toolNames, description) {
+    return {
+        name: config.agentName,
+        framework: config.framework ?? "crewai",
+        owner: config.owner,
+        description: config.description ?? description,
+        version: config.version,
+        channels: config.channels,
+        tools: toolNames,
+        hasAuth: config.hasAuth,
+        hasGuardrails: config.hasGuardrails,
+        hasObservability: config.hasObservability,
+        hasAuditLog: true,
+        permissions: config.permissions,
+        metadata: config.metadata,
+    };
+}
+function createEnforcer(governance, agentId, config) {
+    return async (toolName, input) => {
+        const action = config.actionMapper?.(toolName) ?? "tool_call";
+        const decision = await governance.enforce({
+            agentId, agentName: config.agentName, agentLevel: 0,
+            action, tool: toolName, input,
+            sessionTokensUsed: config.sessionTokenTracker?.(),
+        });
+        config.onDecision?.(decision, toolName);
+        if (decision.blocked)
+            config.onBlocked?.(decision, toolName);
+        return decision;
+    };
+}
+function createAuditor(governance, agentId) {
+    return (toolName, outcome, detail) => governance.audit.log({
+        agentId, eventType: "tool_call", outcome,
+        severity: outcome === "failure" ? "warning" : "info",
+        detail: { tool: toolName, ...detail },
+    });
+}
+function wrapTool(tool, enforce, audit) {
+    return {
+        ...tool,
+        execute: async (input) => {
+            const decision = await enforce(tool.name, input);
+            if (decision.blocked)
+                throw new GovernanceBlockedError(decision, tool.name);
+            try {
+                const output = await tool.execute(input);
+                await audit(tool.name, "success");
+                return output;
+            }
+            catch (error) {
+                await audit(tool.name, "failure", { error: error instanceof Error ? error.message : String(error) });
+                throw error;
+            }
+        },
+    };
+}
+// ─── Govern CrewAI Agent ────────────────────────────────────
+export async function governCrewAIAgent(governance, agent, config) {
+    const toolNames = (agent.tools ?? []).map((t) => t.name);
+    const reg = buildRegistration(config, toolNames, agent.goal);
+    const result = await governance.register(reg);
+    const enforce = createEnforcer(governance, result.id, config);
+    const audit = createAuditor(governance, result.id);
+    const wrappedTools = (agent.tools ?? []).map((tool) => wrapTool(tool, enforce, audit));
+    return {
+        agent: { ...agent, tools: wrappedTools },
+        agentId: result.id,
+        score: result.score,
+        level: result.level,
+        governance,
+        enforce,
+        audit,
+    };
+}
+// ─── Govern Tools Only ──────────────────────────────────────
+export async function governCrewAITools(governance, tools, config) {
+    const toolNames = tools.map((t) => t.name);
+    const reg = buildRegistration(config, toolNames);
+    const result = await governance.register(reg);
+    const enforce = createEnforcer(governance, result.id, config);
+    const audit = createAuditor(governance, result.id);
+    return {
+        tools: tools.map((tool) => wrapTool(tool, enforce, audit)),
+        agentId: result.id,
+        score: result.score,
+        level: result.level,
+    };
+}
+//# sourceMappingURL=crewai.js.map

package/dist/plugins/crewai.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crewai.js","sourceRoot":"","sources":["../../src/plugins/crewai.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAgBH,+DAA+D;AAE/D,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAC/B,QAAQ,CAAsB;IAC9B,QAAQ,CAAS;IAEjC,YAAY,QAA6B,EAAE,QAAgB;QACzD,KAAK,CAAC,uBAAuB,QAAQ,CAAC,MAAM,WAAW,QAAQ,GAAG,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF;AAED,+DAA+D;AAE/D,SAAS,iBAAiB,CAAC,MAA0B,EAAE,SAAmB,EAAE,WAAoB;IAC9F,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,SAAS;QACtB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,QAAQ;QACvC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,WAAW;QAC9C,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,KAAK,EAAE,SAAS;QAChB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,WAAW,EAAE,IAAI;QACjB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,UAA8B,EAAE,OAAe,EAAE,MAA0B;IACjG,OAAO,KAAK,EAAE,QAAgB,EAAE,KAA+B,EAAgC,EAAE;QAC/F,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC,QAAQ,CAAC,IAAK,WAA4B,CAAC;QAChF,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YACxC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,CAAC;YACnD,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK;YAC7B,iBAAiB,EAAE,MAAM,CAAC,mBAAmB,EAAE,EAAE;SAClD,CAAC,CAAC;QACH,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACxC,IAAI,QAAQ,CAAC,OAAO;YAAE,MAAM,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC7D,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,UAA8B,EAAE,OAAe;IACpE,OAAO,CAAC,QAAgB,EAAE,OAA8B,EAAE,MAAgC,EAAuB,EAAE,CACjH,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC;QACnB,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,OAAO;QACxC,QAAQ,EAAE,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;QACpD,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,MAAM,EAAE;KACtC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,QAAQ,CACf,IAAgB,EAChB,OAA0C,EAC1C,KAAuC;IAEvC,OAAO;QACL,GAAG,IAAI;QACP,OAAO,EAAE,KAAK,EAAE,KAA8B,EAAoB,EAAE;YAClE,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,QAAQ,CAAC,OAAO;gBAAE,MAAM,IAAI,sBAAsB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5E,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;gBACzC,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;gBAClC,OAAO,MAAM,CAAC;YAChB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBACrG,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,+DAA+D;AAE/D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,UAA8B,EAC9B,KAAkB,EAClB,MAA0B;IAE1B,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACzD,MAAM,GAAG,GAAG,iBAAiB,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAE9C,MAAM,OAAO,GAAG,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;IAEvF,OAAO;QACL,KAAK,EAAE,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE;QACxC,OAAO,EAAE,MAAM,CAAC,EAAE;QAClB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU;QACV,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAED,+DAA+D;AAE/D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,UAA8B,EAC9B,KAAmB,EACnB,MAA0B;IAE1B,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAE9C,MAAM,OAAO,GAAG,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IAEnD,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1D,OAAO,EAAE,MAAM,CAAC,EAAE;QAClB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;AACJ,CAAC"}

package/dist/plugins/deno-types.d.ts

@@ -0,0 +1,68 @@
+/**
+ * Types for the Deno AI governance integration.
+ *
+ * Mirrors Deno-native AI agent patterns and permission system
+ * without requiring Deno APIs as a dependency.
+ */
+import type { GovernanceInstance, AuditEvent } from "../index";
+import type { EnforcementDecision, PolicyAction } from "../policy";
+import type { AgentFramework } from "../types";
+/** Deno AI tool shape */
+export interface DenoTool {
+    name: string;
+    description: string;
+    parameters?: Record<string, unknown>;
+    execute: (args: Record<string, unknown>) => Promise<unknown>;
+}
+/** Deno permission descriptor */
+export interface DenoPermissionDescriptor {
+    name: "read" | "write" | "net" | "env" | "run" | "ffi" | "sys" | "import";
+    path?: string | URL;
+    host?: string;
+    command?: string | URL;
+    variable?: string;
+    /** Scope for sys permission */
+    kind?: "loadavg" | "hostname" | "systemMemoryInfo" | "networkInterfaces" | "osRelease" | "osUptime" | "uid" | "gid" | "username" | "cpus" | "homedir" | "statfs" | "getPriority" | "setPriority";
+}
+/** Deno AI agent shape */
+export interface DenoAgent {
+    name: string;
+    description?: string;
+    tools: DenoTool[];
+    permissions?: DenoPermissionDescriptor[];
+}
+export interface GovernDenoConfig {
+    agentName: string;
+    owner: string;
+    framework?: AgentFramework;
+    description?: string;
+    version?: string;
+    channels?: string[];
+    hasAuth?: boolean;
+    hasGuardrails?: boolean;
+    hasObservability?: boolean;
+    permissions?: Record<string, unknown>;
+    metadata?: Record<string, unknown>;
+    onBlocked?: (decision: EnforcementDecision, toolName: string) => void;
+    onDecision?: (decision: EnforcementDecision, toolName: string) => void;
+    actionMapper?: (toolName: string) => PolicyAction;
+    sessionTokenTracker?: () => number;
+    /** Map Deno permissions to policy actions */
+    permissionMapper?: (perm: DenoPermissionDescriptor) => PolicyAction;
+}
+export interface GovernedDenoAgentResult {
+    agent: DenoAgent;
+    agentId: string;
+    score: number;
+    level: number;
+    governance: GovernanceInstance;
+    enforce: (toolName: string, input?: Record<string, unknown>) => Promise<EnforcementDecision>;
+    audit: (toolName: string, outcome: "success" | "failure", detail?: Record<string, unknown>) => Promise<AuditEvent>;
+}
+export interface GovernedDenoToolsResult {
+    tools: DenoTool[];
+    agentId: string;
+    score: number;
+    level: number;
+}
+//# sourceMappingURL=deno-types.d.ts.map

package/dist/plugins/deno-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deno-types.d.ts","sourceRoot":"","sources":["../../src/plugins/deno-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAC/D,OAAO,KAAK,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACnE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAI/C,yBAAyB;AACzB,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CAC9D;AAED,iCAAiC;AACjC,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,QAAQ,CAAC;IAC1E,IAAI,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,+BAA+B;IAC/B,IAAI,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,kBAAkB,GAAG,mBAAmB,GAAG,WAAW,GAAG,UAAU,GAAG,KAAK,GAAG,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,QAAQ,GAAG,aAAa,GAAG,aAAa,CAAC;CAClM;AAED,0BAA0B;AAC1B,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,QAAQ,EAAE,CAAC;IAClB,WAAW,CAAC,EAAE,wBAAwB,EAAE,CAAC;CAC1C;AAID,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,cAAc,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,SAAS,CAAC,EAAE,CAAC,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IACtE,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;IACvE,YAAY,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,YAAY,CAAC;IAClD,mBAAmB,CAAC,EAAE,MAAM,MAAM,CAAC;IACnC,6CAA6C;IAC7C,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE,wBAAwB,KAAK,YAAY,CAAC;CACrE;AAID,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,SAAS,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC7F,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,GAAG,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;CACpH;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf"}

package/dist/plugins/deno-types.js

@@ -0,0 +1,8 @@
+/**
+ * Types for the Deno AI governance integration.
+ *
+ * Mirrors Deno-native AI agent patterns and permission system
+ * without requiring Deno APIs as a dependency.
+ */
+export {};
+//# sourceMappingURL=deno-types.js.map

package/dist/plugins/deno-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deno-types.js","sourceRoot":"","sources":["../../src/plugins/deno-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}

package/dist/plugins/deno.d.ts

@@ -0,0 +1,37 @@
+/**
+ * governance-sdk Deno AI Plugin
+ *
+ * Integrates governance enforcement into Deno-native AI agent patterns.
+ * Wraps tools with policy checks and integrates with Deno's permission model.
+ *
+ * @example
+ * ```ts
+ * import { createGovernance, blockTools } from 'governance-sdk';
+ * import { governDenoAgent } from 'governance-sdk/plugins/deno';
+ *
+ * const gov = createGovernance({
+ *   rules: [blockTools(['file_delete', 'shell_exec'])],
+ * });
+ *
+ * const { agent } = await governDenoAgent(gov, {
+ *   name: 'deno-agent',
+ *   tools: [readFileTool, writeFileTool],
+ *   permissions: [{ name: 'read', path: '/data' }],
+ * }, {
+ *   agentName: 'deno-agent',
+ *   owner: 'platform-team',
+ * });
+ * ```
+ */
+import type { GovernanceInstance } from "../index";
+import type { EnforcementDecision } from "../policy";
+import type { DenoTool, DenoAgent, GovernDenoConfig, GovernedDenoAgentResult, GovernedDenoToolsResult } from "./deno-types.js";
+export type { DenoTool, DenoAgent, DenoPermissionDescriptor, GovernDenoConfig, GovernedDenoAgentResult, GovernedDenoToolsResult, } from "./deno-types.js";
+export declare class GovernanceBlockedError extends Error {
+    readonly decision: EnforcementDecision;
+    readonly toolName: string;
+    constructor(decision: EnforcementDecision, toolName: string);
+}
+export declare function governDenoAgent(governance: GovernanceInstance, agent: DenoAgent, config: GovernDenoConfig): Promise<GovernedDenoAgentResult>;
+export declare function governDenoTools(governance: GovernanceInstance, tools: DenoTool[], config: GovernDenoConfig): Promise<GovernedDenoToolsResult>;
+//# sourceMappingURL=deno.d.ts.map

package/dist/plugins/deno.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deno.d.ts","sourceRoot":"","sources":["../../src/plugins/deno.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAc,MAAM,UAAU,CAAC;AAC/D,OAAO,KAAK,EAAE,mBAAmB,EAAgB,MAAM,WAAW,CAAC;AAEnE,OAAO,KAAK,EACV,QAAQ,EAAE,SAAS,EACnB,gBAAgB,EAAE,uBAAuB,EAAE,uBAAuB,EACnE,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,QAAQ,EAAE,SAAS,EAAE,wBAAwB,EAC7C,gBAAgB,EAAE,uBAAuB,EAAE,uBAAuB,GACnE,MAAM,iBAAiB,CAAC;AAIzB,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,SAAgB,QAAQ,EAAE,mBAAmB,CAAC;IAC9C,SAAgB,QAAQ,EAAE,MAAM,CAAC;gBAErB,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM;CAM5D;AAwED,wBAAsB,eAAe,CACnC,UAAU,EAAE,kBAAkB,EAC9B,KAAK,EAAE,SAAS,EAChB,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,uBAAuB,CAAC,CAiBlC;AAID,wBAAsB,eAAe,CACnC,UAAU,EAAE,kBAAkB,EAC9B,KAAK,EAAE,QAAQ,EAAE,EACjB,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAAC,uBAAuB,CAAC,CAclC"}