heron-ai 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (92) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +423 -0
  3. package/dist/bin/heron.d.ts +3 -0
  4. package/dist/bin/heron.d.ts.map +1 -0
  5. package/dist/bin/heron.js +198 -0
  6. package/dist/bin/heron.js.map +1 -0
  7. package/dist/src/analysis/analyzer.d.ts +14 -0
  8. package/dist/src/analysis/analyzer.d.ts.map +1 -0
  9. package/dist/src/analysis/analyzer.js +130 -0
  10. package/dist/src/analysis/analyzer.js.map +1 -0
  11. package/dist/src/analysis/risk-scorer.d.ts +20 -0
  12. package/dist/src/analysis/risk-scorer.d.ts.map +1 -0
  13. package/dist/src/analysis/risk-scorer.js +143 -0
  14. package/dist/src/analysis/risk-scorer.js.map +1 -0
  15. package/dist/src/config/loader.d.ts +15 -0
  16. package/dist/src/config/loader.d.ts.map +1 -0
  17. package/dist/src/config/loader.js +39 -0
  18. package/dist/src/config/loader.js.map +1 -0
  19. package/dist/src/config/schema.d.ts +146 -0
  20. package/dist/src/config/schema.d.ts.map +1 -0
  21. package/dist/src/config/schema.js +27 -0
  22. package/dist/src/config/schema.js.map +1 -0
  23. package/dist/src/connectors/http-connector.d.ts +17 -0
  24. package/dist/src/connectors/http-connector.d.ts.map +1 -0
  25. package/dist/src/connectors/http-connector.js +56 -0
  26. package/dist/src/connectors/http-connector.js.map +1 -0
  27. package/dist/src/connectors/index.d.ts +5 -0
  28. package/dist/src/connectors/index.d.ts.map +1 -0
  29. package/dist/src/connectors/index.js +13 -0
  30. package/dist/src/connectors/index.js.map +1 -0
  31. package/dist/src/connectors/interactive-connector.d.ts +13 -0
  32. package/dist/src/connectors/interactive-connector.d.ts.map +1 -0
  33. package/dist/src/connectors/interactive-connector.js +44 -0
  34. package/dist/src/connectors/interactive-connector.js.map +1 -0
  35. package/dist/src/connectors/types.d.ts +15 -0
  36. package/dist/src/connectors/types.d.ts.map +1 -0
  37. package/dist/src/connectors/types.js +2 -0
  38. package/dist/src/connectors/types.js.map +1 -0
  39. package/dist/src/index.d.ts +12 -0
  40. package/dist/src/index.d.ts.map +1 -0
  41. package/dist/src/index.js +60 -0
  42. package/dist/src/index.js.map +1 -0
  43. package/dist/src/interview/interviewer.d.ts +19 -0
  44. package/dist/src/interview/interviewer.d.ts.map +1 -0
  45. package/dist/src/interview/interviewer.js +68 -0
  46. package/dist/src/interview/interviewer.js.map +1 -0
  47. package/dist/src/interview/protocol.d.ts +38 -0
  48. package/dist/src/interview/protocol.d.ts.map +1 -0
  49. package/dist/src/interview/protocol.js +290 -0
  50. package/dist/src/interview/protocol.js.map +1 -0
  51. package/dist/src/interview/questions.d.ts +20 -0
  52. package/dist/src/interview/questions.d.ts.map +1 -0
  53. package/dist/src/interview/questions.js +131 -0
  54. package/dist/src/interview/questions.js.map +1 -0
  55. package/dist/src/llm/client.d.ts +13 -0
  56. package/dist/src/llm/client.d.ts.map +1 -0
  57. package/dist/src/llm/client.js +128 -0
  58. package/dist/src/llm/client.js.map +1 -0
  59. package/dist/src/llm/prompts.d.ts +13 -0
  60. package/dist/src/llm/prompts.d.ts.map +1 -0
  61. package/dist/src/llm/prompts.js +192 -0
  62. package/dist/src/llm/prompts.js.map +1 -0
  63. package/dist/src/report/generator.d.ts +23 -0
  64. package/dist/src/report/generator.d.ts.map +1 -0
  65. package/dist/src/report/generator.js +304 -0
  66. package/dist/src/report/generator.js.map +1 -0
  67. package/dist/src/report/templates.d.ts +3 -0
  68. package/dist/src/report/templates.d.ts.map +1 -0
  69. package/dist/src/report/templates.js +386 -0
  70. package/dist/src/report/templates.js.map +1 -0
  71. package/dist/src/report/types.d.ts +954 -0
  72. package/dist/src/report/types.d.ts.map +1 -0
  73. package/dist/src/report/types.js +161 -0
  74. package/dist/src/report/types.js.map +1 -0
  75. package/dist/src/server/index.d.ts +17 -0
  76. package/dist/src/server/index.d.ts.map +1 -0
  77. package/dist/src/server/index.js +650 -0
  78. package/dist/src/server/index.js.map +1 -0
  79. package/dist/src/server/sessions.d.ts +68 -0
  80. package/dist/src/server/sessions.d.ts.map +1 -0
  81. package/dist/src/server/sessions.js +268 -0
  82. package/dist/src/server/sessions.js.map +1 -0
  83. package/dist/src/util/id.d.ts +2 -0
  84. package/dist/src/util/id.d.ts.map +1 -0
  85. package/dist/src/util/id.js +5 -0
  86. package/dist/src/util/id.js.map +1 -0
  87. package/dist/src/util/logger.d.ts +9 -0
  88. package/dist/src/util/logger.d.ts.map +1 -0
  89. package/dist/src/util/logger.js +32 -0
  90. package/dist/src/util/logger.js.map +1 -0
  91. package/heron.example.yaml +46 -0
  92. package/package.json +40 -0
package/dist/src/report/types.d.ts ADDED
@@ -0,0 +1,954 @@
1
+ import { z } from 'zod';
2
+ export declare const severityLevels: readonly ["low", "medium", "high", "critical"];
3
+ export declare const severitySchema: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
4
+ export type Severity = 'low' | 'medium' | 'high' | 'critical';
5
+ export declare const blastRadiusLevels: readonly ["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"];
6
+ export declare const blastRadiusSchema: z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>;
7
+ export type BlastRadius = z.infer<typeof blastRadiusSchema>;
8
+ export declare const categoryValues: readonly ["purpose", "data", "frequency", "access", "writes", "followup"];
9
+ export declare const qaPairSchema: z.ZodObject<{
10
+ question: z.ZodString;
11
+ answer: z.ZodString;
12
+ category: z.ZodEnum<["purpose", "data", "frequency", "access", "writes", "followup"]>;
13
+ }, "strip", z.ZodTypeAny, {
14
+ question: string;
15
+ answer: string;
16
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
17
+ }, {
18
+ question: string;
19
+ answer: string;
20
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
21
+ }>;
22
+ export type QAPair = z.infer<typeof qaPairSchema>;
23
+ export declare const writeOperationSchema: z.ZodObject<{
24
+ operation: z.ZodString;
25
+ target: z.ZodString;
26
+ reversible: z.ZodDefault<z.ZodBoolean>;
27
+ approvalRequired: z.ZodDefault<z.ZodBoolean>;
28
+ volumePerDay: z.ZodDefault<z.ZodString>;
29
+ }, "strip", z.ZodTypeAny, {
30
+ target: string;
31
+ operation: string;
32
+ reversible: boolean;
33
+ approvalRequired: boolean;
34
+ volumePerDay: string;
35
+ }, {
36
+ target: string;
37
+ operation: string;
38
+ reversible?: boolean | undefined;
39
+ approvalRequired?: boolean | undefined;
40
+ volumePerDay?: string | undefined;
41
+ }>;
42
+ export type WriteOperation = z.infer<typeof writeOperationSchema>;
43
+ export declare const systemAssessmentSchema: z.ZodObject<{
44
+ systemId: z.ZodString;
45
+ scopesRequested: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
46
+ scopesNeeded: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
47
+ scopesDelta: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
48
+ dataSensitivity: z.ZodDefault<z.ZodString>;
49
+ blastRadius: z.ZodDefault<z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>]>>;
50
+ frequencyAndVolume: z.ZodDefault<z.ZodString>;
51
+ writeOperations: z.ZodDefault<z.ZodArray<z.ZodObject<{
52
+ operation: z.ZodString;
53
+ target: z.ZodString;
54
+ reversible: z.ZodDefault<z.ZodBoolean>;
55
+ approvalRequired: z.ZodDefault<z.ZodBoolean>;
56
+ volumePerDay: z.ZodDefault<z.ZodString>;
57
+ }, "strip", z.ZodTypeAny, {
58
+ target: string;
59
+ operation: string;
60
+ reversible: boolean;
61
+ approvalRequired: boolean;
62
+ volumePerDay: string;
63
+ }, {
64
+ target: string;
65
+ operation: string;
66
+ reversible?: boolean | undefined;
67
+ approvalRequired?: boolean | undefined;
68
+ volumePerDay?: string | undefined;
69
+ }>, "many">>;
70
+ }, "strip", z.ZodTypeAny, {
71
+ systemId: string;
72
+ scopesRequested: string[];
73
+ scopesNeeded: string[];
74
+ scopesDelta: string[];
75
+ dataSensitivity: string;
76
+ blastRadius: "single-record" | "single-user" | "team-scope" | "org-wide" | "cross-tenant";
77
+ frequencyAndVolume: string;
78
+ writeOperations: {
79
+ target: string;
80
+ operation: string;
81
+ reversible: boolean;
82
+ approvalRequired: boolean;
83
+ volumePerDay: string;
84
+ }[];
85
+ }, {
86
+ systemId: string;
87
+ scopesRequested?: string[] | undefined;
88
+ scopesNeeded?: string[] | undefined;
89
+ scopesDelta?: string[] | undefined;
90
+ dataSensitivity?: string | undefined;
91
+ blastRadius?: string | undefined;
92
+ frequencyAndVolume?: string | undefined;
93
+ writeOperations?: {
94
+ target: string;
95
+ operation: string;
96
+ reversible?: boolean | undefined;
97
+ approvalRequired?: boolean | undefined;
98
+ volumePerDay?: string | undefined;
99
+ }[] | undefined;
100
+ }>;
101
+ export type SystemAssessment = z.infer<typeof systemAssessmentSchema>;
102
+ export declare const dataNeedSchema: z.ZodObject<{
103
+ dataType: z.ZodString;
104
+ system: z.ZodString;
105
+ justification: z.ZodString;
106
+ }, "strip", z.ZodTypeAny, {
107
+ system: string;
108
+ dataType: string;
109
+ justification: string;
110
+ }, {
111
+ system: string;
112
+ dataType: string;
113
+ justification: string;
114
+ }>;
115
+ export type DataNeed = z.infer<typeof dataNeedSchema>;
116
+ export declare const accessClaimSchema: z.ZodObject<{
117
+ resource: z.ZodString;
118
+ accessLevel: z.ZodString;
119
+ justification: z.ZodString;
120
+ }, "strip", z.ZodTypeAny, {
121
+ justification: string;
122
+ resource: string;
123
+ accessLevel: string;
124
+ }, {
125
+ justification: string;
126
+ resource: string;
127
+ accessLevel: string;
128
+ }>;
129
+ export type AccessClaim = z.infer<typeof accessClaimSchema>;
130
+ export declare const writeActionSchema: z.ZodObject<{
131
+ target: z.ZodString;
132
+ action: z.ZodString;
133
+ scope: z.ZodString;
134
+ }, "strip", z.ZodTypeAny, {
135
+ target: string;
136
+ action: string;
137
+ scope: string;
138
+ }, {
139
+ target: string;
140
+ action: string;
141
+ scope: string;
142
+ }>;
143
+ export type WriteAction = z.infer<typeof writeActionSchema>;
144
+ export declare const riskSchema: z.ZodObject<{
145
+ severity: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
146
+ title: z.ZodString;
147
+ description: z.ZodString;
148
+ mitigation: z.ZodOptional<z.ZodString>;
149
+ }, "strip", z.ZodTypeAny, {
150
+ description: string;
151
+ severity: "low" | "medium" | "high" | "critical";
152
+ title: string;
153
+ mitigation?: string | undefined;
154
+ }, {
155
+ description: string;
156
+ severity: string;
157
+ title: string;
158
+ mitigation?: string | undefined;
159
+ }>;
160
+ export type Risk = z.infer<typeof riskSchema>;
161
+ export declare const accessAssessmentSchema: z.ZodObject<{
162
+ claimed: z.ZodArray<z.ZodObject<{
163
+ resource: z.ZodString;
164
+ accessLevel: z.ZodString;
165
+ justification: z.ZodString;
166
+ }, "strip", z.ZodTypeAny, {
167
+ justification: string;
168
+ resource: string;
169
+ accessLevel: string;
170
+ }, {
171
+ justification: string;
172
+ resource: string;
173
+ accessLevel: string;
174
+ }>, "many">;
175
+ actuallyNeeded: z.ZodArray<z.ZodObject<{
176
+ resource: z.ZodString;
177
+ accessLevel: z.ZodString;
178
+ justification: z.ZodString;
179
+ }, "strip", z.ZodTypeAny, {
180
+ justification: string;
181
+ resource: string;
182
+ accessLevel: string;
183
+ }, {
184
+ justification: string;
185
+ resource: string;
186
+ accessLevel: string;
187
+ }>, "many">;
188
+ excessive: z.ZodArray<z.ZodObject<{
189
+ resource: z.ZodString;
190
+ accessLevel: z.ZodString;
191
+ justification: z.ZodString;
192
+ }, "strip", z.ZodTypeAny, {
193
+ justification: string;
194
+ resource: string;
195
+ accessLevel: string;
196
+ }, {
197
+ justification: string;
198
+ resource: string;
199
+ accessLevel: string;
200
+ }>, "many">;
201
+ missing: z.ZodArray<z.ZodObject<{
202
+ resource: z.ZodString;
203
+ accessLevel: z.ZodString;
204
+ justification: z.ZodString;
205
+ }, "strip", z.ZodTypeAny, {
206
+ justification: string;
207
+ resource: string;
208
+ accessLevel: string;
209
+ }, {
210
+ justification: string;
211
+ resource: string;
212
+ accessLevel: string;
213
+ }>, "many">;
214
+ }, "strip", z.ZodTypeAny, {
215
+ claimed: {
216
+ justification: string;
217
+ resource: string;
218
+ accessLevel: string;
219
+ }[];
220
+ actuallyNeeded: {
221
+ justification: string;
222
+ resource: string;
223
+ accessLevel: string;
224
+ }[];
225
+ excessive: {
226
+ justification: string;
227
+ resource: string;
228
+ accessLevel: string;
229
+ }[];
230
+ missing: {
231
+ justification: string;
232
+ resource: string;
233
+ accessLevel: string;
234
+ }[];
235
+ }, {
236
+ claimed: {
237
+ justification: string;
238
+ resource: string;
239
+ accessLevel: string;
240
+ }[];
241
+ actuallyNeeded: {
242
+ justification: string;
243
+ resource: string;
244
+ accessLevel: string;
245
+ }[];
246
+ excessive: {
247
+ justification: string;
248
+ resource: string;
249
+ accessLevel: string;
250
+ }[];
251
+ missing: {
252
+ justification: string;
253
+ resource: string;
254
+ accessLevel: string;
255
+ }[];
256
+ }>;
257
+ export type AccessAssessment = z.infer<typeof accessAssessmentSchema>;
258
+ export declare const interviewResultSchema: z.ZodObject<{
259
+ agentPurpose: z.ZodString;
260
+ dataNeeds: z.ZodArray<z.ZodObject<{
261
+ dataType: z.ZodString;
262
+ system: z.ZodString;
263
+ justification: z.ZodString;
264
+ }, "strip", z.ZodTypeAny, {
265
+ system: string;
266
+ dataType: string;
267
+ justification: string;
268
+ }, {
269
+ system: string;
270
+ dataType: string;
271
+ justification: string;
272
+ }>, "many">;
273
+ accessFrequency: z.ZodString;
274
+ currentAccess: z.ZodArray<z.ZodObject<{
275
+ resource: z.ZodString;
276
+ accessLevel: z.ZodString;
277
+ justification: z.ZodString;
278
+ }, "strip", z.ZodTypeAny, {
279
+ justification: string;
280
+ resource: string;
281
+ accessLevel: string;
282
+ }, {
283
+ justification: string;
284
+ resource: string;
285
+ accessLevel: string;
286
+ }>, "many">;
287
+ writesAndModifications: z.ZodArray<z.ZodObject<{
288
+ target: z.ZodString;
289
+ action: z.ZodString;
290
+ scope: z.ZodString;
291
+ }, "strip", z.ZodTypeAny, {
292
+ target: string;
293
+ action: string;
294
+ scope: string;
295
+ }, {
296
+ target: string;
297
+ action: string;
298
+ scope: string;
299
+ }>, "many">;
300
+ rawTranscript: z.ZodArray<z.ZodObject<{
301
+ question: z.ZodString;
302
+ answer: z.ZodString;
303
+ category: z.ZodEnum<["purpose", "data", "frequency", "access", "writes", "followup"]>;
304
+ }, "strip", z.ZodTypeAny, {
305
+ question: string;
306
+ answer: string;
307
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
308
+ }, {
309
+ question: string;
310
+ answer: string;
311
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
312
+ }>, "many">;
313
+ }, "strip", z.ZodTypeAny, {
314
+ agentPurpose: string;
315
+ dataNeeds: {
316
+ system: string;
317
+ dataType: string;
318
+ justification: string;
319
+ }[];
320
+ accessFrequency: string;
321
+ currentAccess: {
322
+ justification: string;
323
+ resource: string;
324
+ accessLevel: string;
325
+ }[];
326
+ writesAndModifications: {
327
+ target: string;
328
+ action: string;
329
+ scope: string;
330
+ }[];
331
+ rawTranscript: {
332
+ question: string;
333
+ answer: string;
334
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
335
+ }[];
336
+ }, {
337
+ agentPurpose: string;
338
+ dataNeeds: {
339
+ system: string;
340
+ dataType: string;
341
+ justification: string;
342
+ }[];
343
+ accessFrequency: string;
344
+ currentAccess: {
345
+ justification: string;
346
+ resource: string;
347
+ accessLevel: string;
348
+ }[];
349
+ writesAndModifications: {
350
+ target: string;
351
+ action: string;
352
+ scope: string;
353
+ }[];
354
+ rawTranscript: {
355
+ question: string;
356
+ answer: string;
357
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
358
+ }[];
359
+ }>;
360
+ export type InterviewResult = z.infer<typeof interviewResultSchema>;
361
+ export declare const recommendationValues: readonly ["APPROVE", "APPROVE WITH CONDITIONS", "DENY"];
362
+ export declare const recommendationSchema: z.ZodEnum<["APPROVE", "APPROVE WITH CONDITIONS", "DENY"]>;
363
+ export type Recommendation = z.infer<typeof recommendationSchema>;
364
+ export declare const analysisResultSchema: z.ZodObject<{
365
+ summary: z.ZodString;
366
+ agentPurpose: z.ZodString;
367
+ agentTrigger: z.ZodOptional<z.ZodString>;
368
+ agentOwner: z.ZodOptional<z.ZodString>;
369
+ systems: z.ZodArray<z.ZodObject<{
370
+ systemId: z.ZodString;
371
+ scopesRequested: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
372
+ scopesNeeded: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
373
+ scopesDelta: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
374
+ dataSensitivity: z.ZodDefault<z.ZodString>;
375
+ blastRadius: z.ZodDefault<z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>]>>;
376
+ frequencyAndVolume: z.ZodDefault<z.ZodString>;
377
+ writeOperations: z.ZodDefault<z.ZodArray<z.ZodObject<{
378
+ operation: z.ZodString;
379
+ target: z.ZodString;
380
+ reversible: z.ZodDefault<z.ZodBoolean>;
381
+ approvalRequired: z.ZodDefault<z.ZodBoolean>;
382
+ volumePerDay: z.ZodDefault<z.ZodString>;
383
+ }, "strip", z.ZodTypeAny, {
384
+ target: string;
385
+ operation: string;
386
+ reversible: boolean;
387
+ approvalRequired: boolean;
388
+ volumePerDay: string;
389
+ }, {
390
+ target: string;
391
+ operation: string;
392
+ reversible?: boolean | undefined;
393
+ approvalRequired?: boolean | undefined;
394
+ volumePerDay?: string | undefined;
395
+ }>, "many">>;
396
+ }, "strip", z.ZodTypeAny, {
397
+ systemId: string;
398
+ scopesRequested: string[];
399
+ scopesNeeded: string[];
400
+ scopesDelta: string[];
401
+ dataSensitivity: string;
402
+ blastRadius: "single-record" | "single-user" | "team-scope" | "org-wide" | "cross-tenant";
403
+ frequencyAndVolume: string;
404
+ writeOperations: {
405
+ target: string;
406
+ operation: string;
407
+ reversible: boolean;
408
+ approvalRequired: boolean;
409
+ volumePerDay: string;
410
+ }[];
411
+ }, {
412
+ systemId: string;
413
+ scopesRequested?: string[] | undefined;
414
+ scopesNeeded?: string[] | undefined;
415
+ scopesDelta?: string[] | undefined;
416
+ dataSensitivity?: string | undefined;
417
+ blastRadius?: string | undefined;
418
+ frequencyAndVolume?: string | undefined;
419
+ writeOperations?: {
420
+ target: string;
421
+ operation: string;
422
+ reversible?: boolean | undefined;
423
+ approvalRequired?: boolean | undefined;
424
+ volumePerDay?: string | undefined;
425
+ }[] | undefined;
426
+ }>, "many">;
427
+ risks: z.ZodArray<z.ZodObject<{
428
+ severity: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
429
+ title: z.ZodString;
430
+ description: z.ZodString;
431
+ mitigation: z.ZodOptional<z.ZodString>;
432
+ }, "strip", z.ZodTypeAny, {
433
+ description: string;
434
+ severity: "low" | "medium" | "high" | "critical";
435
+ title: string;
436
+ mitigation?: string | undefined;
437
+ }, {
438
+ description: string;
439
+ severity: string;
440
+ title: string;
441
+ mitigation?: string | undefined;
442
+ }>, "many">;
443
+ recommendations: z.ZodArray<z.ZodString, "many">;
444
+ recommendation: z.ZodOptional<z.ZodEnum<["APPROVE", "APPROVE WITH CONDITIONS", "DENY"]>>;
445
+ overallRiskLevel: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
446
+ makesDecisionsAboutPeople: z.ZodOptional<z.ZodBoolean>;
447
+ decisionMakingDetails: z.ZodOptional<z.ZodString>;
448
+ }, "strip", z.ZodTypeAny, {
449
+ agentPurpose: string;
450
+ summary: string;
451
+ systems: {
452
+ systemId: string;
453
+ scopesRequested: string[];
454
+ scopesNeeded: string[];
455
+ scopesDelta: string[];
456
+ dataSensitivity: string;
457
+ blastRadius: "single-record" | "single-user" | "team-scope" | "org-wide" | "cross-tenant";
458
+ frequencyAndVolume: string;
459
+ writeOperations: {
460
+ target: string;
461
+ operation: string;
462
+ reversible: boolean;
463
+ approvalRequired: boolean;
464
+ volumePerDay: string;
465
+ }[];
466
+ }[];
467
+ risks: {
468
+ description: string;
469
+ severity: "low" | "medium" | "high" | "critical";
470
+ title: string;
471
+ mitigation?: string | undefined;
472
+ }[];
473
+ recommendations: string[];
474
+ overallRiskLevel: "low" | "medium" | "high" | "critical";
475
+ agentTrigger?: string | undefined;
476
+ agentOwner?: string | undefined;
477
+ recommendation?: "APPROVE" | "APPROVE WITH CONDITIONS" | "DENY" | undefined;
478
+ makesDecisionsAboutPeople?: boolean | undefined;
479
+ decisionMakingDetails?: string | undefined;
480
+ }, {
481
+ agentPurpose: string;
482
+ summary: string;
483
+ systems: {
484
+ systemId: string;
485
+ scopesRequested?: string[] | undefined;
486
+ scopesNeeded?: string[] | undefined;
487
+ scopesDelta?: string[] | undefined;
488
+ dataSensitivity?: string | undefined;
489
+ blastRadius?: string | undefined;
490
+ frequencyAndVolume?: string | undefined;
491
+ writeOperations?: {
492
+ target: string;
493
+ operation: string;
494
+ reversible?: boolean | undefined;
495
+ approvalRequired?: boolean | undefined;
496
+ volumePerDay?: string | undefined;
497
+ }[] | undefined;
498
+ }[];
499
+ risks: {
500
+ description: string;
501
+ severity: string;
502
+ title: string;
503
+ mitigation?: string | undefined;
504
+ }[];
505
+ recommendations: string[];
506
+ overallRiskLevel: string;
507
+ agentTrigger?: string | undefined;
508
+ agentOwner?: string | undefined;
509
+ recommendation?: "APPROVE" | "APPROVE WITH CONDITIONS" | "DENY" | undefined;
510
+ makesDecisionsAboutPeople?: boolean | undefined;
511
+ decisionMakingDetails?: string | undefined;
512
+ }>;
513
+ export type AnalysisResult = z.infer<typeof analysisResultSchema>;
514
+ export declare const dataQualitySchema: z.ZodObject<{
515
+ score: z.ZodNumber;
516
+ uniqueAnswers: z.ZodNumber;
517
+ totalQuestions: z.ZodNumber;
518
+ fieldsProvided: z.ZodArray<z.ZodString, "many">;
519
+ fieldsMissing: z.ZodArray<z.ZodString, "many">;
520
+ repeatedAnswers: z.ZodNumber;
521
+ }, "strip", z.ZodTypeAny, {
522
+ score: number;
523
+ uniqueAnswers: number;
524
+ totalQuestions: number;
525
+ fieldsProvided: string[];
526
+ fieldsMissing: string[];
527
+ repeatedAnswers: number;
528
+ }, {
529
+ score: number;
530
+ uniqueAnswers: number;
531
+ totalQuestions: number;
532
+ fieldsProvided: string[];
533
+ fieldsMissing: string[];
534
+ repeatedAnswers: number;
535
+ }>;
536
+ export type DataQuality = z.infer<typeof dataQualitySchema>;
537
+ export interface RegulatoryFlag {
538
+ framework: string;
539
+ severity: 'info' | 'warning' | 'action-required' | 'clarification-needed';
540
+ description: string;
541
+ }
542
+ export interface RegulatoryCompliance {
543
+ eu: RegulatoryFlag[];
544
+ us: RegulatoryFlag[];
545
+ uk: RegulatoryFlag[];
546
+ }
547
+ export declare const auditReportSchema: z.ZodObject<{
548
+ summary: z.ZodString;
549
+ agentPurpose: z.ZodString;
550
+ agentTrigger: z.ZodOptional<z.ZodString>;
551
+ agentOwner: z.ZodOptional<z.ZodString>;
552
+ systems: z.ZodArray<z.ZodObject<{
553
+ systemId: z.ZodString;
554
+ scopesRequested: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
555
+ scopesNeeded: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
556
+ scopesDelta: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
557
+ dataSensitivity: z.ZodDefault<z.ZodString>;
558
+ blastRadius: z.ZodDefault<z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>>, z.ZodEnum<["single-record", "single-user", "team-scope", "org-wide", "cross-tenant"]>]>>;
559
+ frequencyAndVolume: z.ZodDefault<z.ZodString>;
560
+ writeOperations: z.ZodDefault<z.ZodArray<z.ZodObject<{
561
+ operation: z.ZodString;
562
+ target: z.ZodString;
563
+ reversible: z.ZodDefault<z.ZodBoolean>;
564
+ approvalRequired: z.ZodDefault<z.ZodBoolean>;
565
+ volumePerDay: z.ZodDefault<z.ZodString>;
566
+ }, "strip", z.ZodTypeAny, {
567
+ target: string;
568
+ operation: string;
569
+ reversible: boolean;
570
+ approvalRequired: boolean;
571
+ volumePerDay: string;
572
+ }, {
573
+ target: string;
574
+ operation: string;
575
+ reversible?: boolean | undefined;
576
+ approvalRequired?: boolean | undefined;
577
+ volumePerDay?: string | undefined;
578
+ }>, "many">>;
579
+ }, "strip", z.ZodTypeAny, {
580
+ systemId: string;
581
+ scopesRequested: string[];
582
+ scopesNeeded: string[];
583
+ scopesDelta: string[];
584
+ dataSensitivity: string;
585
+ blastRadius: "single-record" | "single-user" | "team-scope" | "org-wide" | "cross-tenant";
586
+ frequencyAndVolume: string;
587
+ writeOperations: {
588
+ target: string;
589
+ operation: string;
590
+ reversible: boolean;
591
+ approvalRequired: boolean;
592
+ volumePerDay: string;
593
+ }[];
594
+ }, {
595
+ systemId: string;
596
+ scopesRequested?: string[] | undefined;
597
+ scopesNeeded?: string[] | undefined;
598
+ scopesDelta?: string[] | undefined;
599
+ dataSensitivity?: string | undefined;
600
+ blastRadius?: string | undefined;
601
+ frequencyAndVolume?: string | undefined;
602
+ writeOperations?: {
603
+ target: string;
604
+ operation: string;
605
+ reversible?: boolean | undefined;
606
+ approvalRequired?: boolean | undefined;
607
+ volumePerDay?: string | undefined;
608
+ }[] | undefined;
609
+ }>, "many">;
610
+ dataNeeds: z.ZodArray<z.ZodObject<{
611
+ dataType: z.ZodString;
612
+ system: z.ZodString;
613
+ justification: z.ZodString;
614
+ }, "strip", z.ZodTypeAny, {
615
+ system: string;
616
+ dataType: string;
617
+ justification: string;
618
+ }, {
619
+ system: string;
620
+ dataType: string;
621
+ justification: string;
622
+ }>, "many">;
623
+ accessAssessment: z.ZodObject<{
624
+ claimed: z.ZodArray<z.ZodObject<{
625
+ resource: z.ZodString;
626
+ accessLevel: z.ZodString;
627
+ justification: z.ZodString;
628
+ }, "strip", z.ZodTypeAny, {
629
+ justification: string;
630
+ resource: string;
631
+ accessLevel: string;
632
+ }, {
633
+ justification: string;
634
+ resource: string;
635
+ accessLevel: string;
636
+ }>, "many">;
637
+ actuallyNeeded: z.ZodArray<z.ZodObject<{
638
+ resource: z.ZodString;
639
+ accessLevel: z.ZodString;
640
+ justification: z.ZodString;
641
+ }, "strip", z.ZodTypeAny, {
642
+ justification: string;
643
+ resource: string;
644
+ accessLevel: string;
645
+ }, {
646
+ justification: string;
647
+ resource: string;
648
+ accessLevel: string;
649
+ }>, "many">;
650
+ excessive: z.ZodArray<z.ZodObject<{
651
+ resource: z.ZodString;
652
+ accessLevel: z.ZodString;
653
+ justification: z.ZodString;
654
+ }, "strip", z.ZodTypeAny, {
655
+ justification: string;
656
+ resource: string;
657
+ accessLevel: string;
658
+ }, {
659
+ justification: string;
660
+ resource: string;
661
+ accessLevel: string;
662
+ }>, "many">;
663
+ missing: z.ZodArray<z.ZodObject<{
664
+ resource: z.ZodString;
665
+ accessLevel: z.ZodString;
666
+ justification: z.ZodString;
667
+ }, "strip", z.ZodTypeAny, {
668
+ justification: string;
669
+ resource: string;
670
+ accessLevel: string;
671
+ }, {
672
+ justification: string;
673
+ resource: string;
674
+ accessLevel: string;
675
+ }>, "many">;
676
+ }, "strip", z.ZodTypeAny, {
677
+ claimed: {
678
+ justification: string;
679
+ resource: string;
680
+ accessLevel: string;
681
+ }[];
682
+ actuallyNeeded: {
683
+ justification: string;
684
+ resource: string;
685
+ accessLevel: string;
686
+ }[];
687
+ excessive: {
688
+ justification: string;
689
+ resource: string;
690
+ accessLevel: string;
691
+ }[];
692
+ missing: {
693
+ justification: string;
694
+ resource: string;
695
+ accessLevel: string;
696
+ }[];
697
+ }, {
698
+ claimed: {
699
+ justification: string;
700
+ resource: string;
701
+ accessLevel: string;
702
+ }[];
703
+ actuallyNeeded: {
704
+ justification: string;
705
+ resource: string;
706
+ accessLevel: string;
707
+ }[];
708
+ excessive: {
709
+ justification: string;
710
+ resource: string;
711
+ accessLevel: string;
712
+ }[];
713
+ missing: {
714
+ justification: string;
715
+ resource: string;
716
+ accessLevel: string;
717
+ }[];
718
+ }>;
719
+ risks: z.ZodArray<z.ZodObject<{
720
+ severity: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
721
+ title: z.ZodString;
722
+ description: z.ZodString;
723
+ mitigation: z.ZodOptional<z.ZodString>;
724
+ }, "strip", z.ZodTypeAny, {
725
+ description: string;
726
+ severity: "low" | "medium" | "high" | "critical";
727
+ title: string;
728
+ mitigation?: string | undefined;
729
+ }, {
730
+ description: string;
731
+ severity: string;
732
+ title: string;
733
+ mitigation?: string | undefined;
734
+ }>, "many">;
735
+ recommendations: z.ZodArray<z.ZodString, "many">;
736
+ recommendation: z.ZodOptional<z.ZodEnum<["APPROVE", "APPROVE WITH CONDITIONS", "DENY"]>>;
737
+ overallRiskLevel: z.ZodUnion<[z.ZodPipeline<z.ZodEffects<z.ZodString, string, string>, z.ZodEnum<["low", "medium", "high", "critical"]>>, z.ZodEnum<["low", "medium", "high", "critical"]>]>;
738
+ transcript: z.ZodArray<z.ZodObject<{
739
+ question: z.ZodString;
740
+ answer: z.ZodString;
741
+ category: z.ZodEnum<["purpose", "data", "frequency", "access", "writes", "followup"]>;
742
+ }, "strip", z.ZodTypeAny, {
743
+ question: string;
744
+ answer: string;
745
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
746
+ }, {
747
+ question: string;
748
+ answer: string;
749
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
750
+ }>, "many">;
751
+ dataQuality: z.ZodOptional<z.ZodObject<{
752
+ score: z.ZodNumber;
753
+ uniqueAnswers: z.ZodNumber;
754
+ totalQuestions: z.ZodNumber;
755
+ fieldsProvided: z.ZodArray<z.ZodString, "many">;
756
+ fieldsMissing: z.ZodArray<z.ZodString, "many">;
757
+ repeatedAnswers: z.ZodNumber;
758
+ }, "strip", z.ZodTypeAny, {
759
+ score: number;
760
+ uniqueAnswers: number;
761
+ totalQuestions: number;
762
+ fieldsProvided: string[];
763
+ fieldsMissing: string[];
764
+ repeatedAnswers: number;
765
+ }, {
766
+ score: number;
767
+ uniqueAnswers: number;
768
+ totalQuestions: number;
769
+ fieldsProvided: string[];
770
+ fieldsMissing: string[];
771
+ repeatedAnswers: number;
772
+ }>>;
773
+ makesDecisionsAboutPeople: z.ZodOptional<z.ZodBoolean>;
774
+ decisionMakingDetails: z.ZodOptional<z.ZodString>;
775
+ regulatoryCompliance: z.ZodOptional<z.ZodAny>;
776
+ metadata: z.ZodObject<{
777
+ date: z.ZodString;
778
+ target: z.ZodString;
779
+ interviewDuration: z.ZodNumber;
780
+ questionsAsked: z.ZodNumber;
781
+ }, "strip", z.ZodTypeAny, {
782
+ date: string;
783
+ target: string;
784
+ interviewDuration: number;
785
+ questionsAsked: number;
786
+ }, {
787
+ date: string;
788
+ target: string;
789
+ interviewDuration: number;
790
+ questionsAsked: number;
791
+ }>;
792
+ }, "strip", z.ZodTypeAny, {
793
+ agentPurpose: string;
794
+ dataNeeds: {
795
+ system: string;
796
+ dataType: string;
797
+ justification: string;
798
+ }[];
799
+ summary: string;
800
+ systems: {
801
+ systemId: string;
802
+ scopesRequested: string[];
803
+ scopesNeeded: string[];
804
+ scopesDelta: string[];
805
+ dataSensitivity: string;
806
+ blastRadius: "single-record" | "single-user" | "team-scope" | "org-wide" | "cross-tenant";
807
+ frequencyAndVolume: string;
808
+ writeOperations: {
809
+ target: string;
810
+ operation: string;
811
+ reversible: boolean;
812
+ approvalRequired: boolean;
813
+ volumePerDay: string;
814
+ }[];
815
+ }[];
816
+ risks: {
817
+ description: string;
818
+ severity: "low" | "medium" | "high" | "critical";
819
+ title: string;
820
+ mitigation?: string | undefined;
821
+ }[];
822
+ recommendations: string[];
823
+ overallRiskLevel: "low" | "medium" | "high" | "critical";
824
+ accessAssessment: {
825
+ claimed: {
826
+ justification: string;
827
+ resource: string;
828
+ accessLevel: string;
829
+ }[];
830
+ actuallyNeeded: {
831
+ justification: string;
832
+ resource: string;
833
+ accessLevel: string;
834
+ }[];
835
+ excessive: {
836
+ justification: string;
837
+ resource: string;
838
+ accessLevel: string;
839
+ }[];
840
+ missing: {
841
+ justification: string;
842
+ resource: string;
843
+ accessLevel: string;
844
+ }[];
845
+ };
846
+ transcript: {
847
+ question: string;
848
+ answer: string;
849
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
850
+ }[];
851
+ metadata: {
852
+ date: string;
853
+ target: string;
854
+ interviewDuration: number;
855
+ questionsAsked: number;
856
+ };
857
+ agentTrigger?: string | undefined;
858
+ agentOwner?: string | undefined;
859
+ recommendation?: "APPROVE" | "APPROVE WITH CONDITIONS" | "DENY" | undefined;
860
+ makesDecisionsAboutPeople?: boolean | undefined;
861
+ decisionMakingDetails?: string | undefined;
862
+ dataQuality?: {
863
+ score: number;
864
+ uniqueAnswers: number;
865
+ totalQuestions: number;
866
+ fieldsProvided: string[];
867
+ fieldsMissing: string[];
868
+ repeatedAnswers: number;
869
+ } | undefined;
870
+ regulatoryCompliance?: any;
871
+ }, {
872
+ agentPurpose: string;
873
+ dataNeeds: {
874
+ system: string;
875
+ dataType: string;
876
+ justification: string;
877
+ }[];
878
+ summary: string;
879
+ systems: {
880
+ systemId: string;
881
+ scopesRequested?: string[] | undefined;
882
+ scopesNeeded?: string[] | undefined;
883
+ scopesDelta?: string[] | undefined;
884
+ dataSensitivity?: string | undefined;
885
+ blastRadius?: string | undefined;
886
+ frequencyAndVolume?: string | undefined;
887
+ writeOperations?: {
888
+ target: string;
889
+ operation: string;
890
+ reversible?: boolean | undefined;
891
+ approvalRequired?: boolean | undefined;
892
+ volumePerDay?: string | undefined;
893
+ }[] | undefined;
894
+ }[];
895
+ risks: {
896
+ description: string;
897
+ severity: string;
898
+ title: string;
899
+ mitigation?: string | undefined;
900
+ }[];
901
+ recommendations: string[];
902
+ overallRiskLevel: string;
903
+ accessAssessment: {
904
+ claimed: {
905
+ justification: string;
906
+ resource: string;
907
+ accessLevel: string;
908
+ }[];
909
+ actuallyNeeded: {
910
+ justification: string;
911
+ resource: string;
912
+ accessLevel: string;
913
+ }[];
914
+ excessive: {
915
+ justification: string;
916
+ resource: string;
917
+ accessLevel: string;
918
+ }[];
919
+ missing: {
920
+ justification: string;
921
+ resource: string;
922
+ accessLevel: string;
923
+ }[];
924
+ };
925
+ transcript: {
926
+ question: string;
927
+ answer: string;
928
+ category: "purpose" | "data" | "frequency" | "access" | "writes" | "followup";
929
+ }[];
930
+ metadata: {
931
+ date: string;
932
+ target: string;
933
+ interviewDuration: number;
934
+ questionsAsked: number;
935
+ };
936
+ agentTrigger?: string | undefined;
937
+ agentOwner?: string | undefined;
938
+ recommendation?: "APPROVE" | "APPROVE WITH CONDITIONS" | "DENY" | undefined;
939
+ makesDecisionsAboutPeople?: boolean | undefined;
940
+ decisionMakingDetails?: string | undefined;
941
+ dataQuality?: {
942
+ score: number;
943
+ uniqueAnswers: number;
944
+ totalQuestions: number;
945
+ fieldsProvided: string[];
946
+ fieldsMissing: string[];
947
+ repeatedAnswers: number;
948
+ } | undefined;
949
+ regulatoryCompliance?: any;
950
+ }>;
951
+ export type AuditReport = z.infer<typeof auditReportSchema> & {
952
+ regulatoryCompliance?: RegulatoryCompliance;
953
+ };
954
+ //# sourceMappingURL=types.d.ts.map