guardrail-plug-sdk 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -18,3 +18,13 @@ export declare class Guardrail {
18
18
  */
19
19
  chat(request: SDKChatRequest): Promise<SDKChatResponse>;
20
20
  }
21
+ /**
22
+ * Wraps an OpenAI client instance so its chat completions are automatically
23
+ * audited and secured by the Guardrail Middleware Gateway.
24
+ */
25
+ export declare function wrapOpenAI(openaiClient: any, options: GuardrailOptions): any;
26
+ /**
27
+ * Express Middleware to intercept, scan, and secure incoming chatbot routes.
28
+ */
29
+ export declare function guardrailExpress(options: GuardrailOptions): (req: any, res: any, next: any) => Promise<any>;
30
+ //# sourceMappingURL=Guardrail.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"Guardrail.d.ts","sourceRoot":"","sources":["../src/Guardrail.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7D,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,MAAM,CAAC;IAC5D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,eAAe,CAAS;gBAEpB,OAAO,EAAE,gBAAgB;IAYrC;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,eAAe,CAAC;CA+B9D;AAED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,YAAY,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,OAkCtE;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,gBAAgB,IAG1C,KAAK,GAAG,EAAE,KAAK,GAAG,EAAE,MAAM,GAAG,kBA+B5C"}
package/dist/Guardrail.js CHANGED
@@ -32,7 +32,8 @@ export class Guardrail {
32
32
  provider: request.provider || this.provider,
33
33
  model: request.model || this.model,
34
34
  applicationName: request.applicationName || this.applicationName,
35
- metadata: request.metadata || {}
35
+ metadata: request.metadata || {},
36
+ groundingSource: request.groundingSource || 'kb'
36
37
  })
37
38
  });
38
39
  if (!response.ok) {
@@ -47,3 +48,74 @@ export class Guardrail {
47
48
  }
48
49
  }
49
50
  }
51
+ /**
52
+ * Wraps an OpenAI client instance so its chat completions are automatically
53
+ * audited and secured by the Guardrail Middleware Gateway.
54
+ */
55
+ export function wrapOpenAI(openaiClient, options) {
56
+ const guardrail = new Guardrail(options);
57
+ if (openaiClient?.chat?.completions) {
58
+ const originalCreate = openaiClient.chat.completions.create.bind(openaiClient.chat.completions);
59
+ openaiClient.chat.completions.create = async function (params, requestOptions) {
60
+ const res = await guardrail.chat({
61
+ messages: params.messages,
62
+ model: params.model || options.model,
63
+ provider: 'openai',
64
+ applicationName: options.applicationName,
65
+ metadata: { originalParams: params }
66
+ });
67
+ return {
68
+ id: res.auditId,
69
+ object: 'chat.completion',
70
+ created: Math.floor(Date.now() / 1000),
71
+ model: params.model,
72
+ choices: [{
73
+ index: 0,
74
+ message: { role: 'assistant', content: res.text },
75
+ finish_reason: res.decision === 'BLOCKED' ? 'content_filter' : 'stop'
76
+ }],
77
+ usage: {
78
+ prompt_tokens: res.metrics?.tokenUsage?.promptTokens || 0,
79
+ completion_tokens: res.metrics?.tokenUsage?.completionTokens || 0,
80
+ total_tokens: res.metrics?.tokenUsage?.totalTokens || 0
81
+ }
82
+ };
83
+ };
84
+ }
85
+ return openaiClient;
86
+ }
87
+ /**
88
+ * Express Middleware to intercept, scan, and secure incoming chatbot routes.
89
+ */
90
+ export function guardrailExpress(options) {
91
+ const guardrail = new Guardrail(options);
92
+ return async (req, res, next) => {
93
+ try {
94
+ const messages = req.body.messages;
95
+ if (!messages || !Array.isArray(messages)) {
96
+ return next();
97
+ }
98
+ const auditRes = await guardrail.chat({
99
+ messages,
100
+ userId: req.body.userId || 'express_user',
101
+ sessionId: req.body.sessionId || 'express_session',
102
+ groundingSource: req.body.groundingSource || 'kb'
103
+ });
104
+ req.guardrail = auditRes;
105
+ if (auditRes.decision === 'BLOCKED') {
106
+ return res.status(400).json({
107
+ error: 'Blocked by Guardrail Security Policy',
108
+ explanation: auditRes.policyExplanation,
109
+ fallbackText: auditRes.text,
110
+ auditId: auditRes.auditId
111
+ });
112
+ }
113
+ next();
114
+ }
115
+ catch (err) {
116
+ console.error('[Guardrail Middleware] Audit scan failed:', err.message);
117
+ next();
118
+ }
119
+ };
120
+ }
121
+ //# sourceMappingURL=Guardrail.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"Guardrail.js","sourceRoot":"","sources":["../src/Guardrail.ts"],"names":[],"mappings":"AAUA,MAAM,OAAO,SAAS;IACZ,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,QAAQ,CAAS;IACjB,KAAK,CAAS;IACd,eAAe,CAAS;IAEhC,YAAY,OAAyB;QACnC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC5D,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC7C,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,aAAa,CAAC;QAC5C,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,iBAAiB,CAAC;QAEpE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuB;QAChC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,QAAQ,WAAW,EAAE;gBACxD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE;iBACzC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,UAAU;oBACpC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,aAAa;oBAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ;oBAC3C,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK;oBAClC,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe;oBAChE,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,IAAI;iBACjD,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,MAAM,SAAS,EAAE,CAAC,CAAC;YACnF,CAAC;YAED,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAqB,CAAC;QAClD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YACnE,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,YAAiB,EAAE,OAAyB;IACrE,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC;IAEzC,IAAI,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;QACpC,MAAM,cAAc,GAAG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAEhG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,KAAK,WAAU,MAAW,EAAE,cAAoB;YACrF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC;gBAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK;gBACpC,QAAQ,EAAE,QAAQ;gBAClB,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,QAAQ,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;aACrC,CAAC,CAAC;YAEH,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,OAAO;gBACf,MAAM,EAAE,iBAAiB;gBACzB,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;gBACtC,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,OAAO,EAAE,CAAC;wBACR,KAAK,EAAE,CAAC;wBACR,OAAO,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE;wBACjD,aAAa,EAAE,GAAG,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM;qBACtE,CAAC;gBACF,KAAK,EAAE;oBACL,aAAa,EAAE,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,IAAI,CAAC;oBACzD,iBAAiB,EAAE,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,gBAAgB,IAAI,CAAC;oBACjE,YAAY,EAAE,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,WAAW,IAAI,CAAC;iBACxD;aACF,CAAC;QACJ,CAAC,CAAC;IACJ,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAyB;IACxD,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC;IAEzC,OAAO,KAAK,EAAE,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;QAC7C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC;gBACpC,QAAQ;gBACR,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,cAAc;gBACzC,SAAS,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,iBAAiB;gBAClD,eAAe,EAAE,GAAG,CAAC,IAAI,CAAC,eAAe,IAAI,IAAI;aAClD,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,GAAG,QAAQ,CAAC;YAEzB,IAAI,QAAQ,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;gBACpC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,sCAAsC;oBAC7C,WAAW,EAAE,QAAQ,CAAC,iBAAiB;oBACvC,YAAY,EAAE,QAAQ,CAAC,IAAI;oBAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YACxE,IAAI,EAAE,CAAC;QACT,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
package/dist/index.d.ts CHANGED
@@ -1,2 +1,3 @@
1
1
  export * from './Guardrail.js';
2
2
  export * from './types.js';
3
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC"}
package/dist/index.js CHANGED
@@ -1,2 +1,3 @@
1
1
  export * from './Guardrail.js';
2
2
  export * from './types.js';
3
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC"}
package/dist/types.d.ts CHANGED
@@ -85,3 +85,4 @@ export interface ProviderConfig {
85
85
  healthStatus: 'healthy' | 'unhealthy' | 'unknown';
86
86
  latency: number;
87
87
  }
88
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,QAAQ,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC/B,eAAe,CAAC,EAAE,IAAI,GAAG,KAAK,CAAC;CAChC;AAED,MAAM,WAAW,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,KAAK;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,WAAW,GAAG,qBAAqB,GAAG,aAAa,CAAC;IAC5D,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAClD,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,KAAK,EAAE,CAAC;IACzB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IAClD,OAAO,EAAE,MAAM,CAAC;CACjB"}
package/dist/types.js CHANGED
@@ -1 +1,2 @@
1
1
  export {};
2
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "guardrail-plug-sdk",
3
- "version": "1.0.1",
3
+ "version": "1.0.3",
4
4
  "description": "A plug-and-play AI Auditing & Hallucination Detection SDK. Intercepts LLM inputs/outputs, verifies factual grounding against your knowledge base, and blocks or flags unverified responses.",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -13,6 +13,7 @@
13
13
  },
14
14
  "files": [
15
15
  "dist",
16
+ "src",
16
17
  "README.md"
17
18
  ],
18
19
  "scripts": {
@@ -0,0 +1,143 @@
1
+ import { SDKChatRequest, SDKChatResponse } from './types.js';
2
+
3
+ export interface GuardrailOptions {
4
+ endpoint?: string;
5
+ apiKey: string;
6
+ provider?: 'openai' | 'gemini' | 'ollama' | 'mock' | string;
7
+ model?: string;
8
+ applicationName?: string;
9
+ }
10
+
11
+ export class Guardrail {
12
+ private endpoint: string;
13
+ private apiKey: string;
14
+ private provider: string;
15
+ private model: string;
16
+ private applicationName: string;
17
+
18
+ constructor(options: GuardrailOptions) {
19
+ this.endpoint = options.endpoint || 'http://localhost:5050';
20
+ this.apiKey = options.apiKey;
21
+ this.provider = options.provider || 'openai';
22
+ this.model = options.model || 'gpt-4o-mini';
23
+ this.applicationName = options.applicationName || 'SDK Application';
24
+
25
+ if (!this.apiKey) {
26
+ throw new Error('[Guardrail SDK] Initialisation Error: API Key (apiKey) is required.');
27
+ }
28
+ }
29
+
30
+ /**
31
+ * Routes chat completions through the Guardrail Middleware Gateway
32
+ */
33
+ async chat(request: SDKChatRequest): Promise<SDKChatResponse> {
34
+ try {
35
+ const response = await fetch(`${this.endpoint}/api/chat`, {
36
+ method: 'POST',
37
+ headers: {
38
+ 'Content-Type': 'application/json',
39
+ 'Authorization': `Bearer ${this.apiKey}`
40
+ },
41
+ body: JSON.stringify({
42
+ messages: request.messages,
43
+ userId: request.userId || 'sdk_user',
44
+ sessionId: request.sessionId || 'sdk_session',
45
+ provider: request.provider || this.provider,
46
+ model: request.model || this.model,
47
+ applicationName: request.applicationName || this.applicationName,
48
+ metadata: request.metadata || {},
49
+ groundingSource: request.groundingSource || 'kb'
50
+ })
51
+ });
52
+
53
+ if (!response.ok) {
54
+ const errorText = await response.text();
55
+ throw new Error(`Guardrail Middleware Error [${response.status}]: ${errorText}`);
56
+ }
57
+
58
+ return await response.json() as SDKChatResponse;
59
+ } catch (err: any) {
60
+ console.error('[Guardrail SDK] Chat Request Failed:', err.message);
61
+ throw err;
62
+ }
63
+ }
64
+ }
65
+
66
+ /**
67
+ * Wraps an OpenAI client instance so its chat completions are automatically
68
+ * audited and secured by the Guardrail Middleware Gateway.
69
+ */
70
+ export function wrapOpenAI(openaiClient: any, options: GuardrailOptions) {
71
+ const guardrail = new Guardrail(options);
72
+
73
+ if (openaiClient?.chat?.completions) {
74
+ const originalCreate = openaiClient.chat.completions.create.bind(openaiClient.chat.completions);
75
+
76
+ openaiClient.chat.completions.create = async function(params: any, requestOptions?: any) {
77
+ const res = await guardrail.chat({
78
+ messages: params.messages,
79
+ model: params.model || options.model,
80
+ provider: 'openai',
81
+ applicationName: options.applicationName,
82
+ metadata: { originalParams: params }
83
+ });
84
+
85
+ return {
86
+ id: res.auditId,
87
+ object: 'chat.completion',
88
+ created: Math.floor(Date.now() / 1000),
89
+ model: params.model,
90
+ choices: [{
91
+ index: 0,
92
+ message: { role: 'assistant', content: res.text },
93
+ finish_reason: res.decision === 'BLOCKED' ? 'content_filter' : 'stop'
94
+ }],
95
+ usage: {
96
+ prompt_tokens: res.metrics?.tokenUsage?.promptTokens || 0,
97
+ completion_tokens: res.metrics?.tokenUsage?.completionTokens || 0,
98
+ total_tokens: res.metrics?.tokenUsage?.totalTokens || 0
99
+ }
100
+ };
101
+ };
102
+ }
103
+ return openaiClient;
104
+ }
105
+
106
+ /**
107
+ * Express Middleware to intercept, scan, and secure incoming chatbot routes.
108
+ */
109
+ export function guardrailExpress(options: GuardrailOptions) {
110
+ const guardrail = new Guardrail(options);
111
+
112
+ return async (req: any, res: any, next: any) => {
113
+ try {
114
+ const messages = req.body.messages;
115
+ if (!messages || !Array.isArray(messages)) {
116
+ return next();
117
+ }
118
+
119
+ const auditRes = await guardrail.chat({
120
+ messages,
121
+ userId: req.body.userId || 'express_user',
122
+ sessionId: req.body.sessionId || 'express_session',
123
+ groundingSource: req.body.groundingSource || 'kb'
124
+ });
125
+
126
+ req.guardrail = auditRes;
127
+
128
+ if (auditRes.decision === 'BLOCKED') {
129
+ return res.status(400).json({
130
+ error: 'Blocked by Guardrail Security Policy',
131
+ explanation: auditRes.policyExplanation,
132
+ fallbackText: auditRes.text,
133
+ auditId: auditRes.auditId
134
+ });
135
+ }
136
+
137
+ next();
138
+ } catch (err: any) {
139
+ console.error('[Guardrail Middleware] Audit scan failed:', err.message);
140
+ next();
141
+ }
142
+ };
143
+ }
package/src/index.ts ADDED
@@ -0,0 +1,2 @@
1
+ export * from './Guardrail.js';
2
+ export * from './types.js';
package/src/types.ts ADDED
@@ -0,0 +1,97 @@
1
+ export interface Message {
2
+ role: 'user' | 'assistant' | 'system';
3
+ content: string;
4
+ }
5
+
6
+ export interface SDKChatRequest {
7
+ messages: Message[];
8
+ userId?: string;
9
+ sessionId?: string;
10
+ provider?: string;
11
+ model?: string;
12
+ applicationName?: string;
13
+ metadata?: Record<string, any>;
14
+ groundingSource?: 'kb' | 'web';
15
+ }
16
+
17
+ export interface Citation {
18
+ citationId: string;
19
+ documentId: string;
20
+ documentName: string;
21
+ content: string;
22
+ score: number;
23
+ }
24
+
25
+ export interface Claim {
26
+ claim: string;
27
+ status: 'SUPPORTED' | 'PARTIALLY_SUPPORTED' | 'UNSUPPORTED';
28
+ explanation: string;
29
+ citationId?: string;
30
+ }
31
+
32
+ export interface PolicyResult {
33
+ decision: 'APPROVED' | 'FLAGGED' | 'BLOCKED';
34
+ violatedRules: string[];
35
+ explanation: string;
36
+ }
37
+
38
+ export interface TokenUsage {
39
+ promptTokens: number;
40
+ completionTokens: number;
41
+ totalTokens: number;
42
+ }
43
+
44
+ export interface Metrics {
45
+ totalLatencyMs: number;
46
+ llmLatencyMs: number;
47
+ ragLatencyMs: number;
48
+ verificationLatencyMs: number;
49
+ tokenUsage: TokenUsage;
50
+ costUsd: number;
51
+ }
52
+
53
+ export interface SDKChatResponse {
54
+ auditId: string;
55
+ text: string;
56
+ decision: 'APPROVED' | 'FLAGGED' | 'BLOCKED';
57
+ hallucinationScore: number;
58
+ factualTrustScore: number; // 0.0 to 1.0 grounding metric
59
+ riskLevel: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
60
+ citations: Citation[];
61
+ claims: Claim[];
62
+ policyExplanation: string;
63
+ metrics: Metrics;
64
+ rawThinking?: string;
65
+ thinkingClaims?: Claim[];
66
+ rawResponseBeforeBlock?: string;
67
+ }
68
+
69
+ export interface UploadedDocument {
70
+ id: string;
71
+ name: string;
72
+ type: string;
73
+ uploadedAt: string;
74
+ size: number;
75
+ status: 'indexing' | 'indexed' | 'failed';
76
+ version: number;
77
+ owner?: string;
78
+ }
79
+
80
+ export interface DocumentChunk {
81
+ id: string;
82
+ documentId: string;
83
+ documentName: string;
84
+ content: string;
85
+ embedding?: number[];
86
+ metadata?: Record<string, any>;
87
+ }
88
+
89
+ export interface ProviderConfig {
90
+ providerId: string;
91
+ name: string;
92
+ enabled: boolean;
93
+ defaultModel: string;
94
+ apiKey?: string;
95
+ healthStatus: 'healthy' | 'unhealthy' | 'unknown';
96
+ latency: number;
97
+ }