guardrail-plug-sdk 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +48 -0
- package/dist/Guardrail.d.ts +1 -0
- package/dist/Guardrail.d.ts.map +1 -0
- package/dist/Guardrail.js +1 -0
- package/dist/Guardrail.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -0
- package/dist/types.d.ts +1 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +1 -0
- package/dist/types.js.map +1 -0
- package/package.json +2 -1
- package/src/Guardrail.ts +63 -0
- package/src/index.ts +2 -0
- package/src/types.ts +97 -0
package/README.md
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# Guardrail Plug SDK
|
|
2
|
+
|
|
3
|
+
A plug-and-play AI Auditing, Safety, and Hallucination Interception SDK. Wrap any LLM agent to intercept prompt injections, redact PII, trace reasoning, verify factual grounding against corporate knowledge bases, and block ungrounded responses in real time.
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
npm install guardrail-plug-sdk
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
## Quick Start
|
|
12
|
+
|
|
13
|
+
Initialize the SDK and route your chat prompts through the security gateway:
|
|
14
|
+
|
|
15
|
+
```typescript
|
|
16
|
+
import { Guardrail } from 'guardrail-plug-sdk';
|
|
17
|
+
|
|
18
|
+
const guardrail = new Guardrail({
|
|
19
|
+
endpoint: 'http://localhost:5050', // Gateway server address
|
|
20
|
+
apiKey: 'gr_sec_your_api_key_here',
|
|
21
|
+
provider: 'openrouter', // 'openrouter' | 'openai' | 'gemini' | 'ollama' | 'mock'
|
|
22
|
+
model: 'google/gemini-2.5-flash',
|
|
23
|
+
applicationName: 'HR Compliance Assistant'
|
|
24
|
+
});
|
|
25
|
+
|
|
26
|
+
async function askAgent(userInput: string) {
|
|
27
|
+
const response = await guardrail.chat({
|
|
28
|
+
messages: [{ role: 'user', content: userInput }],
|
|
29
|
+
groundingSource: 'web' // 'kb' (Knowledge base files) or 'web' (Real-time web search)
|
|
30
|
+
});
|
|
31
|
+
|
|
32
|
+
if (response.decision === 'BLOCKED') {
|
|
33
|
+
console.warn(`Blocked by Policy: ${response.policyExplanation}`);
|
|
34
|
+
// Output safe fallback
|
|
35
|
+
return response.text;
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
console.log(`Factual Trust Score: ${response.factualTrustScore}`); // Score from 0.0 to 1.0
|
|
39
|
+
return response.text;
|
|
40
|
+
}
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
## Features
|
|
44
|
+
|
|
45
|
+
- **Input Interception & Redaction**: Scans prompts for PII/PHI (emails, SSNs, credit cards) and prompt injections before hitting target LLMs.
|
|
46
|
+
- **Dynamic Factual Auditing**: Extracts claims and performs Natural Language Inference (NLI) audits against vector database documentation or live web citations.
|
|
47
|
+
- **Trust Scoring**: Generates a deterministic mathematical Trust Score indicating the percentage of grounding.
|
|
48
|
+
- **Real-Time Policy Enforcement**: Blocks or flags responses that exceed configured hallucination or safety thresholds.
|
package/dist/Guardrail.d.ts
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Guardrail.d.ts","sourceRoot":"","sources":["../src/Guardrail.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7D,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,MAAM,CAAC;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,eAAe,CAAS;gBAEpB,OAAO,EAAE,gBAAgB;IAYrC;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,eAAe,CAAC;CA8B9D"}
|
package/dist/Guardrail.js
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Guardrail.js","sourceRoot":"","sources":["../src/Guardrail.ts"],"names":[],"mappings":"AAUA,MAAM,OAAO,SAAS;IACZ,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,QAAQ,CAAS;IACjB,KAAK,CAAS;IACd,eAAe,CAAS;IAEhC,YAAY,OAAyB;QACnC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC5D,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC7C,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,aAAa,CAAC;QAC5C,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,iBAAiB,CAAC;QAEpE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuB;QAChC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,QAAQ,WAAW,EAAE;gBACxD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE;iBACzC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,UAAU;oBACpC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,aAAa;oBAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ;oBAC3C,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK;oBAClC,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe;oBAChE,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE;iBACjC,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,MAAM,SAAS,EAAE,CAAC,CAAC;YACnF,CAAC;YAED,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAqB,CAAC;QAClD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YACnE,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;CACF"}
|
package/dist/index.d.ts
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,QAAQ,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC/B,eAAe,CAAC,EAAE,IAAI,GAAG,KAAK,CAAC;CAChC;AAED,MAAM,WAAW,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,KAAK;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,WAAW,GAAG,qBAAqB,GAAG,aAAa,CAAC;IAC5D,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAClD,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,KAAK,EAAE,CAAC;IACzB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IAClD,OAAO,EAAE,MAAM,CAAC;CACjB"}
|
package/dist/types.js
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "guardrail-plug-sdk",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"description": "A plug-and-play AI Auditing & Hallucination Detection SDK. Intercepts LLM inputs/outputs, verifies factual grounding against your knowledge base, and blocks or flags unverified responses.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -13,6 +13,7 @@
|
|
|
13
13
|
},
|
|
14
14
|
"files": [
|
|
15
15
|
"dist",
|
|
16
|
+
"src",
|
|
16
17
|
"README.md"
|
|
17
18
|
],
|
|
18
19
|
"scripts": {
|
package/src/Guardrail.ts
ADDED
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { SDKChatRequest, SDKChatResponse } from './types.js';
|
|
2
|
+
|
|
3
|
+
export interface GuardrailOptions {
|
|
4
|
+
endpoint?: string;
|
|
5
|
+
apiKey: string;
|
|
6
|
+
provider?: 'openai' | 'gemini' | 'ollama' | 'mock' | string;
|
|
7
|
+
model?: string;
|
|
8
|
+
applicationName?: string;
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
export class Guardrail {
|
|
12
|
+
private endpoint: string;
|
|
13
|
+
private apiKey: string;
|
|
14
|
+
private provider: string;
|
|
15
|
+
private model: string;
|
|
16
|
+
private applicationName: string;
|
|
17
|
+
|
|
18
|
+
constructor(options: GuardrailOptions) {
|
|
19
|
+
this.endpoint = options.endpoint || 'http://localhost:5050';
|
|
20
|
+
this.apiKey = options.apiKey;
|
|
21
|
+
this.provider = options.provider || 'openai';
|
|
22
|
+
this.model = options.model || 'gpt-4o-mini';
|
|
23
|
+
this.applicationName = options.applicationName || 'SDK Application';
|
|
24
|
+
|
|
25
|
+
if (!this.apiKey) {
|
|
26
|
+
throw new Error('[Guardrail SDK] Initialisation Error: API Key (apiKey) is required.');
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
/**
|
|
31
|
+
* Routes chat completions through the Guardrail Middleware Gateway
|
|
32
|
+
*/
|
|
33
|
+
async chat(request: SDKChatRequest): Promise<SDKChatResponse> {
|
|
34
|
+
try {
|
|
35
|
+
const response = await fetch(`${this.endpoint}/api/chat`, {
|
|
36
|
+
method: 'POST',
|
|
37
|
+
headers: {
|
|
38
|
+
'Content-Type': 'application/json',
|
|
39
|
+
'Authorization': `Bearer ${this.apiKey}`
|
|
40
|
+
},
|
|
41
|
+
body: JSON.stringify({
|
|
42
|
+
messages: request.messages,
|
|
43
|
+
userId: request.userId || 'sdk_user',
|
|
44
|
+
sessionId: request.sessionId || 'sdk_session',
|
|
45
|
+
provider: request.provider || this.provider,
|
|
46
|
+
model: request.model || this.model,
|
|
47
|
+
applicationName: request.applicationName || this.applicationName,
|
|
48
|
+
metadata: request.metadata || {}
|
|
49
|
+
})
|
|
50
|
+
});
|
|
51
|
+
|
|
52
|
+
if (!response.ok) {
|
|
53
|
+
const errorText = await response.text();
|
|
54
|
+
throw new Error(`Guardrail Middleware Error [${response.status}]: ${errorText}`);
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
return await response.json() as SDKChatResponse;
|
|
58
|
+
} catch (err: any) {
|
|
59
|
+
console.error('[Guardrail SDK] Chat Request Failed:', err.message);
|
|
60
|
+
throw err;
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
}
|
package/src/index.ts
ADDED
package/src/types.ts
ADDED
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
export interface Message {
|
|
2
|
+
role: 'user' | 'assistant' | 'system';
|
|
3
|
+
content: string;
|
|
4
|
+
}
|
|
5
|
+
|
|
6
|
+
export interface SDKChatRequest {
|
|
7
|
+
messages: Message[];
|
|
8
|
+
userId?: string;
|
|
9
|
+
sessionId?: string;
|
|
10
|
+
provider?: string;
|
|
11
|
+
model?: string;
|
|
12
|
+
applicationName?: string;
|
|
13
|
+
metadata?: Record<string, any>;
|
|
14
|
+
groundingSource?: 'kb' | 'web';
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
export interface Citation {
|
|
18
|
+
citationId: string;
|
|
19
|
+
documentId: string;
|
|
20
|
+
documentName: string;
|
|
21
|
+
content: string;
|
|
22
|
+
score: number;
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
export interface Claim {
|
|
26
|
+
claim: string;
|
|
27
|
+
status: 'SUPPORTED' | 'PARTIALLY_SUPPORTED' | 'UNSUPPORTED';
|
|
28
|
+
explanation: string;
|
|
29
|
+
citationId?: string;
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
export interface PolicyResult {
|
|
33
|
+
decision: 'APPROVED' | 'FLAGGED' | 'BLOCKED';
|
|
34
|
+
violatedRules: string[];
|
|
35
|
+
explanation: string;
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
export interface TokenUsage {
|
|
39
|
+
promptTokens: number;
|
|
40
|
+
completionTokens: number;
|
|
41
|
+
totalTokens: number;
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
export interface Metrics {
|
|
45
|
+
totalLatencyMs: number;
|
|
46
|
+
llmLatencyMs: number;
|
|
47
|
+
ragLatencyMs: number;
|
|
48
|
+
verificationLatencyMs: number;
|
|
49
|
+
tokenUsage: TokenUsage;
|
|
50
|
+
costUsd: number;
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
export interface SDKChatResponse {
|
|
54
|
+
auditId: string;
|
|
55
|
+
text: string;
|
|
56
|
+
decision: 'APPROVED' | 'FLAGGED' | 'BLOCKED';
|
|
57
|
+
hallucinationScore: number;
|
|
58
|
+
factualTrustScore: number; // 0.0 to 1.0 grounding metric
|
|
59
|
+
riskLevel: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
|
|
60
|
+
citations: Citation[];
|
|
61
|
+
claims: Claim[];
|
|
62
|
+
policyExplanation: string;
|
|
63
|
+
metrics: Metrics;
|
|
64
|
+
rawThinking?: string;
|
|
65
|
+
thinkingClaims?: Claim[];
|
|
66
|
+
rawResponseBeforeBlock?: string;
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
export interface UploadedDocument {
|
|
70
|
+
id: string;
|
|
71
|
+
name: string;
|
|
72
|
+
type: string;
|
|
73
|
+
uploadedAt: string;
|
|
74
|
+
size: number;
|
|
75
|
+
status: 'indexing' | 'indexed' | 'failed';
|
|
76
|
+
version: number;
|
|
77
|
+
owner?: string;
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
export interface DocumentChunk {
|
|
81
|
+
id: string;
|
|
82
|
+
documentId: string;
|
|
83
|
+
documentName: string;
|
|
84
|
+
content: string;
|
|
85
|
+
embedding?: number[];
|
|
86
|
+
metadata?: Record<string, any>;
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
export interface ProviderConfig {
|
|
90
|
+
providerId: string;
|
|
91
|
+
name: string;
|
|
92
|
+
enabled: boolean;
|
|
93
|
+
defaultModel: string;
|
|
94
|
+
apiKey?: string;
|
|
95
|
+
healthStatus: 'healthy' | 'unhealthy' | 'unknown';
|
|
96
|
+
latency: number;
|
|
97
|
+
}
|