llm-trust-guard 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +318 -0
- package/dist/guards/agent-communication-guard.d.ts +169 -0
- package/dist/guards/agent-communication-guard.d.ts.map +1 -0
- package/dist/guards/agent-communication-guard.js +468 -0
- package/dist/guards/agent-communication-guard.js.map +1 -0
- package/dist/guards/autonomy-escalation-guard.d.ts +137 -0
- package/dist/guards/autonomy-escalation-guard.d.ts.map +1 -0
- package/dist/guards/autonomy-escalation-guard.js +470 -0
- package/dist/guards/autonomy-escalation-guard.js.map +1 -0
- package/dist/guards/circuit-breaker.d.ts +142 -0
- package/dist/guards/circuit-breaker.d.ts.map +1 -0
- package/dist/guards/circuit-breaker.js +347 -0
- package/dist/guards/circuit-breaker.js.map +1 -0
- package/dist/guards/code-execution-guard.d.ts +114 -0
- package/dist/guards/code-execution-guard.d.ts.map +1 -0
- package/dist/guards/code-execution-guard.js +467 -0
- package/dist/guards/code-execution-guard.js.map +1 -0
- package/dist/guards/conversation-guard.d.ts +73 -0
- package/dist/guards/conversation-guard.d.ts.map +1 -0
- package/dist/guards/conversation-guard.js +281 -0
- package/dist/guards/conversation-guard.js.map +1 -0
- package/dist/guards/drift-detector.d.ts +182 -0
- package/dist/guards/drift-detector.d.ts.map +1 -0
- package/dist/guards/drift-detector.js +480 -0
- package/dist/guards/drift-detector.js.map +1 -0
- package/dist/guards/encoding-detector.d.ts +76 -0
- package/dist/guards/encoding-detector.d.ts.map +1 -0
- package/dist/guards/encoding-detector.js +698 -0
- package/dist/guards/encoding-detector.js.map +1 -0
- package/dist/guards/execution-monitor.d.ts +73 -0
- package/dist/guards/execution-monitor.d.ts.map +1 -0
- package/dist/guards/execution-monitor.js +205 -0
- package/dist/guards/execution-monitor.js.map +1 -0
- package/dist/guards/input-sanitizer.d.ts +87 -0
- package/dist/guards/input-sanitizer.d.ts.map +1 -0
- package/dist/guards/input-sanitizer.js +301 -0
- package/dist/guards/input-sanitizer.js.map +1 -0
- package/dist/guards/mcp-security-guard.d.ts +204 -0
- package/dist/guards/mcp-security-guard.d.ts.map +1 -0
- package/dist/guards/mcp-security-guard.js +618 -0
- package/dist/guards/mcp-security-guard.js.map +1 -0
- package/dist/guards/memory-guard.d.ts +124 -0
- package/dist/guards/memory-guard.d.ts.map +1 -0
- package/dist/guards/memory-guard.js +476 -0
- package/dist/guards/memory-guard.js.map +1 -0
- package/dist/guards/multimodal-guard.d.ts +93 -0
- package/dist/guards/multimodal-guard.d.ts.map +1 -0
- package/dist/guards/multimodal-guard.js +507 -0
- package/dist/guards/multimodal-guard.js.map +1 -0
- package/dist/guards/output-filter.d.ts +76 -0
- package/dist/guards/output-filter.d.ts.map +1 -0
- package/dist/guards/output-filter.js +289 -0
- package/dist/guards/output-filter.js.map +1 -0
- package/dist/guards/policy-gate.d.ts +57 -0
- package/dist/guards/policy-gate.d.ts.map +1 -0
- package/dist/guards/policy-gate.js +182 -0
- package/dist/guards/policy-gate.js.map +1 -0
- package/dist/guards/prompt-leakage-guard.d.ts +110 -0
- package/dist/guards/prompt-leakage-guard.d.ts.map +1 -0
- package/dist/guards/prompt-leakage-guard.js +529 -0
- package/dist/guards/prompt-leakage-guard.js.map +1 -0
- package/dist/guards/rag-guard.d.ts +188 -0
- package/dist/guards/rag-guard.d.ts.map +1 -0
- package/dist/guards/rag-guard.js +769 -0
- package/dist/guards/rag-guard.js.map +1 -0
- package/dist/guards/schema-validator.d.ts +35 -0
- package/dist/guards/schema-validator.d.ts.map +1 -0
- package/dist/guards/schema-validator.js +316 -0
- package/dist/guards/schema-validator.js.map +1 -0
- package/dist/guards/state-persistence-guard.d.ts +153 -0
- package/dist/guards/state-persistence-guard.d.ts.map +1 -0
- package/dist/guards/state-persistence-guard.js +484 -0
- package/dist/guards/state-persistence-guard.js.map +1 -0
- package/dist/guards/tenant-boundary.d.ts +67 -0
- package/dist/guards/tenant-boundary.d.ts.map +1 -0
- package/dist/guards/tenant-boundary.js +187 -0
- package/dist/guards/tenant-boundary.js.map +1 -0
- package/dist/guards/tool-chain-validator.d.ts +102 -0
- package/dist/guards/tool-chain-validator.d.ts.map +1 -0
- package/dist/guards/tool-chain-validator.js +480 -0
- package/dist/guards/tool-chain-validator.js.map +1 -0
- package/dist/guards/tool-registry.d.ts +45 -0
- package/dist/guards/tool-registry.d.ts.map +1 -0
- package/dist/guards/tool-registry.js +155 -0
- package/dist/guards/tool-registry.js.map +1 -0
- package/dist/guards/trust-exploitation-guard.d.ts +134 -0
- package/dist/guards/trust-exploitation-guard.d.ts.map +1 -0
- package/dist/guards/trust-exploitation-guard.js +354 -0
- package/dist/guards/trust-exploitation-guard.js.map +1 -0
- package/dist/index.d.ts +133 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +430 -0
- package/dist/index.js.map +1 -0
- package/dist/integrations/express.d.ts +119 -0
- package/dist/integrations/express.d.ts.map +1 -0
- package/dist/integrations/express.js +244 -0
- package/dist/integrations/express.js.map +1 -0
- package/dist/integrations/index.d.ts +9 -0
- package/dist/integrations/index.d.ts.map +1 -0
- package/dist/integrations/index.js +26 -0
- package/dist/integrations/index.js.map +1 -0
- package/dist/integrations/langchain.d.ts +165 -0
- package/dist/integrations/langchain.d.ts.map +1 -0
- package/dist/integrations/langchain.js +308 -0
- package/dist/integrations/langchain.js.map +1 -0
- package/dist/integrations/openai.d.ts +205 -0
- package/dist/integrations/openai.d.ts.map +1 -0
- package/dist/integrations/openai.js +380 -0
- package/dist/integrations/openai.js.map +1 -0
- package/dist/types/index.d.ts +245 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +6 -0
- package/dist/types/index.js.map +1 -0
- package/package.json +64 -0
|
@@ -0,0 +1,468 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* AgentCommunicationGuard (L12)
|
|
4
|
+
*
|
|
5
|
+
* Secures communication between agents in multi-agent systems.
|
|
6
|
+
* Prevents impersonation, replay attacks, and message tampering.
|
|
7
|
+
*
|
|
8
|
+
* Threat Model:
|
|
9
|
+
* - ASI07: Insecure Inter-Agent Communication
|
|
10
|
+
* - Agent impersonation attacks
|
|
11
|
+
* - Message replay attacks
|
|
12
|
+
* - Man-in-the-middle attacks
|
|
13
|
+
*
|
|
14
|
+
* Protection Capabilities:
|
|
15
|
+
* - Message authentication (HMAC signing)
|
|
16
|
+
* - Agent identity verification
|
|
17
|
+
* - Replay attack prevention (nonces)
|
|
18
|
+
* - Message encryption (optional)
|
|
19
|
+
* - Channel integrity validation
|
|
20
|
+
*/
|
|
21
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
22
|
+
if (k2 === undefined) k2 = k;
|
|
23
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
24
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
25
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
26
|
+
}
|
|
27
|
+
Object.defineProperty(o, k2, desc);
|
|
28
|
+
}) : (function(o, m, k, k2) {
|
|
29
|
+
if (k2 === undefined) k2 = k;
|
|
30
|
+
o[k2] = m[k];
|
|
31
|
+
}));
|
|
32
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
33
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
34
|
+
}) : function(o, v) {
|
|
35
|
+
o["default"] = v;
|
|
36
|
+
});
|
|
37
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
38
|
+
var ownKeys = function(o) {
|
|
39
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
40
|
+
var ar = [];
|
|
41
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
42
|
+
return ar;
|
|
43
|
+
};
|
|
44
|
+
return ownKeys(o);
|
|
45
|
+
};
|
|
46
|
+
return function (mod) {
|
|
47
|
+
if (mod && mod.__esModule) return mod;
|
|
48
|
+
var result = {};
|
|
49
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
50
|
+
__setModuleDefault(result, mod);
|
|
51
|
+
return result;
|
|
52
|
+
};
|
|
53
|
+
})();
|
|
54
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
55
|
+
exports.AgentCommunicationGuard = void 0;
|
|
56
|
+
const crypto = __importStar(require("crypto"));
|
|
57
|
+
class AgentCommunicationGuard {
|
|
58
|
+
constructor(config = {}) {
|
|
59
|
+
this.registeredAgents = new Map();
|
|
60
|
+
this.usedNonces = new Map(); // nonce -> timestamp
|
|
61
|
+
this.messageHistory = new Map(); // messageId -> timestamp
|
|
62
|
+
this.agentViolations = new Map();
|
|
63
|
+
// Dangerous payload patterns
|
|
64
|
+
this.PAYLOAD_INJECTION_PATTERNS = [
|
|
65
|
+
{ name: "instruction_injection", pattern: /"instruction"\s*:\s*"[^"]*ignore|override/i, severity: 40 },
|
|
66
|
+
{ name: "role_escalation", pattern: /"(role|permission|capability)"\s*:\s*"(admin|root|system)"/i, severity: 50 },
|
|
67
|
+
{ name: "command_injection", pattern: /"(command|action|execute)"\s*:\s*"(rm|delete|drop|exec)/i, severity: 55 },
|
|
68
|
+
{ name: "redirect_attack", pattern: /"(redirect|forward|proxy)"\s*:\s*"https?:\/\/(?!localhost)/i, severity: 45 },
|
|
69
|
+
{ name: "credential_request", pattern: /"(request|get|retrieve)"\s*:\s*"(password|secret|key|token)"/i, severity: 50 },
|
|
70
|
+
];
|
|
71
|
+
this.config = {
|
|
72
|
+
signingKey: config.signingKey ?? crypto.randomBytes(32).toString("hex"),
|
|
73
|
+
enableEncryption: config.enableEncryption ?? false,
|
|
74
|
+
encryptionKey: config.encryptionKey ?? "",
|
|
75
|
+
nonceExpiration: config.nonceExpiration ?? 5 * 60 * 1000, // 5 minutes
|
|
76
|
+
maxMessageAge: config.maxMessageAge ?? 60 * 1000, // 1 minute
|
|
77
|
+
requireSignatures: config.requireSignatures ?? true,
|
|
78
|
+
allowedAgents: config.allowedAgents ?? [],
|
|
79
|
+
strictMode: config.strictMode ?? false,
|
|
80
|
+
};
|
|
81
|
+
this.signingKey = Buffer.from(this.config.signingKey, "hex");
|
|
82
|
+
if (this.config.enableEncryption) {
|
|
83
|
+
if (!this.config.encryptionKey) {
|
|
84
|
+
this.config.encryptionKey = crypto.randomBytes(32).toString("hex");
|
|
85
|
+
}
|
|
86
|
+
this.encryptionKey = Buffer.from(this.config.encryptionKey, "hex");
|
|
87
|
+
}
|
|
88
|
+
// Start nonce cleanup interval
|
|
89
|
+
setInterval(() => this.cleanupNonces(), 60 * 1000);
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* Register an agent for communication
|
|
93
|
+
*/
|
|
94
|
+
registerAgent(agentId, agentType, capabilities, metadata) {
|
|
95
|
+
const identity = {
|
|
96
|
+
agentId,
|
|
97
|
+
agentType,
|
|
98
|
+
capabilities,
|
|
99
|
+
registeredAt: Date.now(),
|
|
100
|
+
trustScore: 80, // Start with good trust
|
|
101
|
+
metadata,
|
|
102
|
+
};
|
|
103
|
+
this.registeredAgents.set(agentId, identity);
|
|
104
|
+
return identity;
|
|
105
|
+
}
|
|
106
|
+
/**
|
|
107
|
+
* Unregister an agent
|
|
108
|
+
*/
|
|
109
|
+
unregisterAgent(agentId) {
|
|
110
|
+
return this.registeredAgents.delete(agentId);
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Create a signed message
|
|
114
|
+
*/
|
|
115
|
+
createMessage(fromAgent, toAgent, type, payload, replyTo, ttl) {
|
|
116
|
+
const messageId = `msg-${Date.now()}-${crypto.randomBytes(8).toString("hex")}`;
|
|
117
|
+
const nonce = crypto.randomBytes(16).toString("hex");
|
|
118
|
+
const timestamp = Date.now();
|
|
119
|
+
let finalPayload = payload;
|
|
120
|
+
// Encrypt if enabled
|
|
121
|
+
if (this.config.enableEncryption && this.encryptionKey) {
|
|
122
|
+
finalPayload = this.encryptPayload(payload);
|
|
123
|
+
}
|
|
124
|
+
const message = {
|
|
125
|
+
messageId,
|
|
126
|
+
fromAgent,
|
|
127
|
+
toAgent,
|
|
128
|
+
type,
|
|
129
|
+
payload: finalPayload,
|
|
130
|
+
timestamp,
|
|
131
|
+
nonce,
|
|
132
|
+
replyTo,
|
|
133
|
+
ttl: ttl ?? this.config.maxMessageAge,
|
|
134
|
+
encrypted: this.config.enableEncryption,
|
|
135
|
+
};
|
|
136
|
+
// Sign the message
|
|
137
|
+
message.signature = this.signMessage(message);
|
|
138
|
+
return message;
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Validate an incoming message
|
|
142
|
+
*/
|
|
143
|
+
validateMessage(message, receivingAgentId, requestId) {
|
|
144
|
+
const reqId = requestId || `amsg-${Date.now()}`;
|
|
145
|
+
const violations = [];
|
|
146
|
+
let senderVerified = false;
|
|
147
|
+
let recipientValid = false;
|
|
148
|
+
let signatureValid = false;
|
|
149
|
+
let nonceValid = false;
|
|
150
|
+
let timestampValid = false;
|
|
151
|
+
let payloadSafe = false;
|
|
152
|
+
let trustScore = 0;
|
|
153
|
+
// Check sender is registered
|
|
154
|
+
const sender = this.registeredAgents.get(message.fromAgent);
|
|
155
|
+
if (sender) {
|
|
156
|
+
senderVerified = true;
|
|
157
|
+
trustScore = sender.trustScore;
|
|
158
|
+
// Check if sender is in allowed list (if configured)
|
|
159
|
+
if (this.config.allowedAgents.length > 0 && !this.config.allowedAgents.includes(message.fromAgent)) {
|
|
160
|
+
violations.push("sender_not_allowed");
|
|
161
|
+
senderVerified = false;
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
else {
|
|
165
|
+
violations.push("sender_not_registered");
|
|
166
|
+
}
|
|
167
|
+
// Check recipient
|
|
168
|
+
const recipients = Array.isArray(message.toAgent) ? message.toAgent : [message.toAgent];
|
|
169
|
+
if (recipients.includes(receivingAgentId) || recipients.includes("*")) {
|
|
170
|
+
recipientValid = true;
|
|
171
|
+
}
|
|
172
|
+
else {
|
|
173
|
+
violations.push("recipient_mismatch");
|
|
174
|
+
}
|
|
175
|
+
// Verify signature
|
|
176
|
+
if (this.config.requireSignatures) {
|
|
177
|
+
if (!message.signature) {
|
|
178
|
+
violations.push("missing_signature");
|
|
179
|
+
}
|
|
180
|
+
else {
|
|
181
|
+
const { signature: _, ...messageWithoutSig } = message;
|
|
182
|
+
const expectedSignature = this.signMessage(messageWithoutSig);
|
|
183
|
+
if (message.signature === expectedSignature) {
|
|
184
|
+
signatureValid = true;
|
|
185
|
+
}
|
|
186
|
+
else {
|
|
187
|
+
violations.push("invalid_signature");
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
}
|
|
191
|
+
else {
|
|
192
|
+
signatureValid = true; // Skip if not required
|
|
193
|
+
}
|
|
194
|
+
// Check nonce (replay prevention)
|
|
195
|
+
if (this.usedNonces.has(message.nonce)) {
|
|
196
|
+
violations.push("nonce_reused");
|
|
197
|
+
}
|
|
198
|
+
else {
|
|
199
|
+
nonceValid = true;
|
|
200
|
+
this.usedNonces.set(message.nonce, Date.now());
|
|
201
|
+
}
|
|
202
|
+
// Check message ID uniqueness
|
|
203
|
+
if (this.messageHistory.has(message.messageId)) {
|
|
204
|
+
violations.push("duplicate_message");
|
|
205
|
+
}
|
|
206
|
+
else {
|
|
207
|
+
this.messageHistory.set(message.messageId, Date.now());
|
|
208
|
+
}
|
|
209
|
+
// Check timestamp
|
|
210
|
+
const messageAge = Date.now() - message.timestamp;
|
|
211
|
+
if (messageAge < 0) {
|
|
212
|
+
violations.push("future_timestamp");
|
|
213
|
+
}
|
|
214
|
+
else if (messageAge > (message.ttl || this.config.maxMessageAge)) {
|
|
215
|
+
violations.push("message_expired");
|
|
216
|
+
}
|
|
217
|
+
else {
|
|
218
|
+
timestampValid = true;
|
|
219
|
+
}
|
|
220
|
+
// Validate payload
|
|
221
|
+
let decryptedPayload = message.payload;
|
|
222
|
+
if (message.encrypted && this.encryptionKey) {
|
|
223
|
+
try {
|
|
224
|
+
decryptedPayload = this.decryptPayload(message.payload);
|
|
225
|
+
}
|
|
226
|
+
catch {
|
|
227
|
+
violations.push("decryption_failed");
|
|
228
|
+
}
|
|
229
|
+
}
|
|
230
|
+
const payloadCheck = this.validatePayload(decryptedPayload);
|
|
231
|
+
if (payloadCheck.safe) {
|
|
232
|
+
payloadSafe = true;
|
|
233
|
+
}
|
|
234
|
+
else {
|
|
235
|
+
violations.push(...payloadCheck.violations);
|
|
236
|
+
trustScore -= payloadCheck.riskContribution;
|
|
237
|
+
}
|
|
238
|
+
// Update agent violations
|
|
239
|
+
if (violations.length > 0 && sender) {
|
|
240
|
+
const currentViolations = this.agentViolations.get(message.fromAgent) || 0;
|
|
241
|
+
this.agentViolations.set(message.fromAgent, currentViolations + violations.length);
|
|
242
|
+
// Reduce trust score for violations
|
|
243
|
+
sender.trustScore = Math.max(0, sender.trustScore - violations.length * 5);
|
|
244
|
+
this.registeredAgents.set(message.fromAgent, sender);
|
|
245
|
+
}
|
|
246
|
+
// Decision
|
|
247
|
+
const criticalViolations = violations.filter((v) => ["invalid_signature", "sender_not_registered", "nonce_reused", "duplicate_message"].includes(v));
|
|
248
|
+
const blocked = this.config.strictMode
|
|
249
|
+
? violations.length > 0
|
|
250
|
+
: criticalViolations.length > 0;
|
|
251
|
+
return {
|
|
252
|
+
allowed: !blocked,
|
|
253
|
+
reason: blocked
|
|
254
|
+
? `Message blocked: ${violations.slice(0, 3).join(", ")}`
|
|
255
|
+
: "Message validated successfully",
|
|
256
|
+
violations,
|
|
257
|
+
request_id: reqId,
|
|
258
|
+
validation: {
|
|
259
|
+
sender_verified: senderVerified,
|
|
260
|
+
recipient_valid: recipientValid,
|
|
261
|
+
signature_valid: signatureValid,
|
|
262
|
+
nonce_valid: nonceValid,
|
|
263
|
+
timestamp_valid: timestampValid,
|
|
264
|
+
payload_safe: payloadSafe,
|
|
265
|
+
trust_score: Math.max(0, trustScore),
|
|
266
|
+
},
|
|
267
|
+
decrypted_payload: !blocked ? decryptedPayload : undefined,
|
|
268
|
+
recommendations: this.generateRecommendations(violations),
|
|
269
|
+
};
|
|
270
|
+
}
|
|
271
|
+
/**
|
|
272
|
+
* Create a response to a message
|
|
273
|
+
*/
|
|
274
|
+
createResponse(originalMessage, fromAgent, payload) {
|
|
275
|
+
return this.createMessage(fromAgent, originalMessage.fromAgent, "response", payload, originalMessage.messageId);
|
|
276
|
+
}
|
|
277
|
+
/**
|
|
278
|
+
* Get channel status for an agent
|
|
279
|
+
*/
|
|
280
|
+
getChannelStatus(agentId) {
|
|
281
|
+
const agent = this.registeredAgents.get(agentId);
|
|
282
|
+
if (!agent)
|
|
283
|
+
return null;
|
|
284
|
+
const messageCount = [...this.messageHistory.entries()].filter(([id]) => id.includes(agentId)).length;
|
|
285
|
+
return {
|
|
286
|
+
agentId,
|
|
287
|
+
connected: true,
|
|
288
|
+
lastSeen: agent.registeredAt,
|
|
289
|
+
messageCount,
|
|
290
|
+
trustScore: agent.trustScore,
|
|
291
|
+
violations: this.agentViolations.get(agentId) || 0,
|
|
292
|
+
};
|
|
293
|
+
}
|
|
294
|
+
/**
|
|
295
|
+
* Get all registered agents
|
|
296
|
+
*/
|
|
297
|
+
getRegisteredAgents() {
|
|
298
|
+
return [...this.registeredAgents.values()];
|
|
299
|
+
}
|
|
300
|
+
/**
|
|
301
|
+
* Check if agent has capability
|
|
302
|
+
*/
|
|
303
|
+
hasCapability(agentId, capability) {
|
|
304
|
+
const agent = this.registeredAgents.get(agentId);
|
|
305
|
+
return agent?.capabilities.includes(capability) ?? false;
|
|
306
|
+
}
|
|
307
|
+
/**
|
|
308
|
+
* Update agent trust score
|
|
309
|
+
*/
|
|
310
|
+
updateTrustScore(agentId, delta) {
|
|
311
|
+
const agent = this.registeredAgents.get(agentId);
|
|
312
|
+
if (agent) {
|
|
313
|
+
agent.trustScore = Math.max(0, Math.min(100, agent.trustScore + delta));
|
|
314
|
+
this.registeredAgents.set(agentId, agent);
|
|
315
|
+
}
|
|
316
|
+
}
|
|
317
|
+
/**
|
|
318
|
+
* Reset agent violations
|
|
319
|
+
*/
|
|
320
|
+
resetViolations(agentId) {
|
|
321
|
+
this.agentViolations.delete(agentId);
|
|
322
|
+
}
|
|
323
|
+
/**
|
|
324
|
+
* Verify message chain (for multi-hop scenarios)
|
|
325
|
+
*/
|
|
326
|
+
verifyMessageChain(messages) {
|
|
327
|
+
const violations = [];
|
|
328
|
+
for (let i = 1; i < messages.length; i++) {
|
|
329
|
+
const current = messages[i];
|
|
330
|
+
const previous = messages[i - 1];
|
|
331
|
+
// Check that current message replies to previous
|
|
332
|
+
if (current.replyTo !== previous.messageId) {
|
|
333
|
+
violations.push(`chain_broken_at_${i}`);
|
|
334
|
+
return { valid: false, broken_at: i, violations };
|
|
335
|
+
}
|
|
336
|
+
// Check timestamps are sequential
|
|
337
|
+
if (current.timestamp < previous.timestamp) {
|
|
338
|
+
violations.push(`timestamp_order_violation_at_${i}`);
|
|
339
|
+
return { valid: false, broken_at: i, violations };
|
|
340
|
+
}
|
|
341
|
+
// Verify signature
|
|
342
|
+
const { signature: _sig, ...currentWithoutSig } = current;
|
|
343
|
+
const expectedSig = this.signMessage(currentWithoutSig);
|
|
344
|
+
if (current.signature !== expectedSig) {
|
|
345
|
+
violations.push(`signature_invalid_at_${i}`);
|
|
346
|
+
return { valid: false, broken_at: i, violations };
|
|
347
|
+
}
|
|
348
|
+
}
|
|
349
|
+
return { valid: true, violations: [] };
|
|
350
|
+
}
|
|
351
|
+
signMessage(message) {
|
|
352
|
+
const data = JSON.stringify({
|
|
353
|
+
messageId: message.messageId,
|
|
354
|
+
fromAgent: message.fromAgent,
|
|
355
|
+
toAgent: message.toAgent,
|
|
356
|
+
type: message.type,
|
|
357
|
+
payload: message.payload,
|
|
358
|
+
timestamp: message.timestamp,
|
|
359
|
+
nonce: message.nonce,
|
|
360
|
+
replyTo: message.replyTo,
|
|
361
|
+
});
|
|
362
|
+
return crypto
|
|
363
|
+
.createHmac("sha256", this.signingKey)
|
|
364
|
+
.update(data)
|
|
365
|
+
.digest("hex");
|
|
366
|
+
}
|
|
367
|
+
encryptPayload(payload) {
|
|
368
|
+
if (!this.encryptionKey)
|
|
369
|
+
throw new Error("Encryption key not set");
|
|
370
|
+
const iv = crypto.randomBytes(16);
|
|
371
|
+
const cipher = crypto.createCipheriv("aes-256-gcm", this.encryptionKey, iv);
|
|
372
|
+
const plaintext = JSON.stringify(payload);
|
|
373
|
+
let encrypted = cipher.update(plaintext, "utf8", "hex");
|
|
374
|
+
encrypted += cipher.final("hex");
|
|
375
|
+
const authTag = cipher.getAuthTag();
|
|
376
|
+
return `${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted}`;
|
|
377
|
+
}
|
|
378
|
+
decryptPayload(encryptedPayload) {
|
|
379
|
+
if (!this.encryptionKey)
|
|
380
|
+
throw new Error("Encryption key not set");
|
|
381
|
+
const [ivHex, authTagHex, encrypted] = encryptedPayload.split(":");
|
|
382
|
+
const iv = Buffer.from(ivHex, "hex");
|
|
383
|
+
const authTag = Buffer.from(authTagHex, "hex");
|
|
384
|
+
const decipher = crypto.createDecipheriv("aes-256-gcm", this.encryptionKey, iv);
|
|
385
|
+
decipher.setAuthTag(authTag);
|
|
386
|
+
let decrypted = decipher.update(encrypted, "hex", "utf8");
|
|
387
|
+
decrypted += decipher.final("utf8");
|
|
388
|
+
return JSON.parse(decrypted);
|
|
389
|
+
}
|
|
390
|
+
validatePayload(payload) {
|
|
391
|
+
const violations = [];
|
|
392
|
+
let riskContribution = 0;
|
|
393
|
+
const payloadStr = JSON.stringify(payload);
|
|
394
|
+
for (const { name, pattern, severity } of this.PAYLOAD_INJECTION_PATTERNS) {
|
|
395
|
+
if (pattern.test(payloadStr)) {
|
|
396
|
+
violations.push(`payload_${name}`);
|
|
397
|
+
riskContribution += severity;
|
|
398
|
+
}
|
|
399
|
+
}
|
|
400
|
+
// Check for excessive payload size
|
|
401
|
+
if (payloadStr.length > 100000) {
|
|
402
|
+
violations.push("payload_too_large");
|
|
403
|
+
riskContribution += 20;
|
|
404
|
+
}
|
|
405
|
+
// Check for deeply nested structures (potential DoS)
|
|
406
|
+
const depth = this.getObjectDepth(payload);
|
|
407
|
+
if (depth > 10) {
|
|
408
|
+
violations.push("payload_too_deep");
|
|
409
|
+
riskContribution += 15;
|
|
410
|
+
}
|
|
411
|
+
return {
|
|
412
|
+
safe: violations.length === 0,
|
|
413
|
+
violations,
|
|
414
|
+
riskContribution: Math.min(60, riskContribution),
|
|
415
|
+
};
|
|
416
|
+
}
|
|
417
|
+
getObjectDepth(obj, currentDepth = 0) {
|
|
418
|
+
if (typeof obj !== "object" || obj === null)
|
|
419
|
+
return currentDepth;
|
|
420
|
+
if (currentDepth > 15)
|
|
421
|
+
return currentDepth; // Prevent stack overflow
|
|
422
|
+
let maxDepth = currentDepth;
|
|
423
|
+
for (const value of Object.values(obj)) {
|
|
424
|
+
const depth = this.getObjectDepth(value, currentDepth + 1);
|
|
425
|
+
maxDepth = Math.max(maxDepth, depth);
|
|
426
|
+
}
|
|
427
|
+
return maxDepth;
|
|
428
|
+
}
|
|
429
|
+
cleanupNonces() {
|
|
430
|
+
const now = Date.now();
|
|
431
|
+
const expiration = this.config.nonceExpiration;
|
|
432
|
+
for (const [nonce, timestamp] of this.usedNonces) {
|
|
433
|
+
if (now - timestamp > expiration) {
|
|
434
|
+
this.usedNonces.delete(nonce);
|
|
435
|
+
}
|
|
436
|
+
}
|
|
437
|
+
// Also clean message history
|
|
438
|
+
for (const [messageId, timestamp] of this.messageHistory) {
|
|
439
|
+
if (now - timestamp > expiration * 2) {
|
|
440
|
+
this.messageHistory.delete(messageId);
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
}
|
|
444
|
+
generateRecommendations(violations) {
|
|
445
|
+
const recommendations = [];
|
|
446
|
+
if (violations.some((v) => v.includes("signature"))) {
|
|
447
|
+
recommendations.push("Ensure messages are properly signed before sending");
|
|
448
|
+
}
|
|
449
|
+
if (violations.some((v) => v.includes("nonce") || v.includes("duplicate"))) {
|
|
450
|
+
recommendations.push("Implement proper nonce generation to prevent replay attacks");
|
|
451
|
+
}
|
|
452
|
+
if (violations.some((v) => v.includes("sender"))) {
|
|
453
|
+
recommendations.push("Register agents before they can communicate");
|
|
454
|
+
}
|
|
455
|
+
if (violations.some((v) => v.includes("payload"))) {
|
|
456
|
+
recommendations.push("Sanitize message payloads before sending");
|
|
457
|
+
}
|
|
458
|
+
if (violations.some((v) => v.includes("expired") || v.includes("timestamp"))) {
|
|
459
|
+
recommendations.push("Ensure agent clocks are synchronized");
|
|
460
|
+
}
|
|
461
|
+
if (recommendations.length === 0) {
|
|
462
|
+
recommendations.push("Message validated successfully");
|
|
463
|
+
}
|
|
464
|
+
return recommendations;
|
|
465
|
+
}
|
|
466
|
+
}
|
|
467
|
+
exports.AgentCommunicationGuard = AgentCommunicationGuard;
|
|
468
|
+
//# sourceMappingURL=agent-communication-guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"agent-communication-guard.js","sourceRoot":"","sources":["../../src/guards/agent-communication-guard.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,+CAAiC;AA0FjC,MAAa,uBAAuB;IAkBlC,YAAY,SAAwC,EAAE;QAd9C,qBAAgB,GAA+B,IAAI,GAAG,EAAE,CAAC;QACzD,eAAU,GAAwB,IAAI,GAAG,EAAE,CAAC,CAAC,qBAAqB;QAClE,mBAAc,GAAwB,IAAI,GAAG,EAAE,CAAC,CAAC,yBAAyB;QAC1E,oBAAe,GAAwB,IAAI,GAAG,EAAE,CAAC;QAEzD,6BAA6B;QACZ,+BAA0B,GAA+D;YACxG,EAAE,IAAI,EAAE,uBAAuB,EAAE,OAAO,EAAE,4CAA4C,EAAE,QAAQ,EAAE,EAAE,EAAE;YACtG,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,6DAA6D,EAAE,QAAQ,EAAE,EAAE,EAAE;YACjH,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,0DAA0D,EAAE,QAAQ,EAAE,EAAE,EAAE;YAChH,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,6DAA6D,EAAE,QAAQ,EAAE,EAAE,EAAE;YACjH,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,+DAA+D,EAAE,QAAQ,EAAE,EAAE,EAAE;SACvH,CAAC;QAGA,IAAI,CAAC,MAAM,GAAG;YACZ,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACvE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,KAAK;YAClD,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE;YACzC,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,YAAY;YACtE,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE,GAAG,IAAI,EAAE,WAAW;YAC7D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,IAAI;YACnD,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE;YACzC,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,KAAK;SACvC,CAAC;QAEF,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAE7D,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;gBAC/B,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACrE,CAAC;YACD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QACrE,CAAC;QAED,+BAA+B;QAC/B,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,aAAa,CACX,OAAe,EACf,SAAiB,EACjB,YAAsB,EACtB,QAA8B;QAE9B,MAAM,QAAQ,GAAkB;YAC9B,OAAO;YACP,SAAS;YACT,YAAY;YACZ,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;YACxB,UAAU,EAAE,EAAE,EAAE,wBAAwB;YACxC,QAAQ;SACT,CAAC;QAEF,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,aAAa,CACX,SAAiB,EACjB,OAA0B,EAC1B,IAA0B,EAC1B,OAAY,EACZ,OAAgB,EAChB,GAAY;QAEZ,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/E,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,YAAY,GAAG,OAAO,CAAC;QAE3B,qBAAqB;QACrB,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvD,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,OAAO,GAAiB;YAC5B,SAAS;YACT,SAAS;YACT,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,YAAY;YACrB,SAAS;YACT,KAAK;YACL,OAAO;YACP,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa;YACrC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;SACxC,CAAC;QAEF,mBAAmB;QACnB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAE9C,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,eAAe,CACb,OAAqB,EACrB,gBAAwB,EACxB,SAAkB;QAElB,MAAM,KAAK,GAAG,SAAS,IAAI,QAAQ,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAChD,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,6BAA6B;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,MAAM,EAAE,CAAC;YACX,cAAc,GAAG,IAAI,CAAC;YACtB,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;YAE/B,qDAAqD;YACrD,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;gBACnG,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBACtC,cAAc,GAAG,KAAK,CAAC;YACzB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC3C,CAAC;QAED,kBAAkB;QAClB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACxF,IAAI,UAAU,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACtE,cAAc,GAAG,IAAI,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACxC,CAAC;QAED,mBAAmB;QACnB,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;gBACvB,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACvC,CAAC;iBAAM,CAAC;gBACN,MAAM,EAAE,SAAS,EAAE,CAAC,EAAE,GAAG,iBAAiB,EAAE,GAAG,OAAO,CAAC;gBACvD,MAAM,iBAAiB,GAAG,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;gBAC9D,IAAI,OAAO,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;oBAC5C,cAAc,GAAG,IAAI,CAAC;gBACxB,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,IAAI,CAAC,CAAC,uBAAuB;QAChD,CAAC;QAED,kCAAkC;QAClC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACvC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,UAAU,GAAG,IAAI,CAAC;YAClB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACjD,CAAC;QAED,8BAA8B;QAC9B,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/C,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,kBAAkB;QAClB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC;QAClD,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,UAAU,GAAG,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC;YACnE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACrC,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,IAAI,CAAC;QACxB,CAAC;QAED,mBAAmB;QACnB,IAAI,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;QACvC,IAAI,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC5C,IAAI,CAAC;gBACH,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC1D,CAAC;YAAC,MAAM,CAAC;gBACP,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC;QAC5D,IAAI,YAAY,CAAC,IAAI,EAAE,CAAC;YACtB,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;YAC5C,UAAU,IAAI,YAAY,CAAC,gBAAgB,CAAC;QAC9C,CAAC;QAED,0BAA0B;QAC1B,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,EAAE,CAAC;YACpC,MAAM,iBAAiB,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC3E,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAEnF,oCAAoC;YACpC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,UAAU,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC3E,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QACvD,CAAC;QAED,WAAW;QACX,MAAM,kBAAkB,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACjD,CAAC,mBAAmB,EAAE,uBAAuB,EAAE,cAAc,EAAE,mBAAmB,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAChG,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU;YACpC,CAAC,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;YACvB,CAAC,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC;QAElC,OAAO;YACL,OAAO,EAAE,CAAC,OAAO;YACjB,MAAM,EAAE,OAAO;gBACb,CAAC,CAAC,oBAAoB,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACzD,CAAC,CAAC,gCAAgC;YACpC,UAAU;YACV,UAAU,EAAE,KAAK;YACjB,UAAU,EAAE;gBACV,eAAe,EAAE,cAAc;gBAC/B,eAAe,EAAE,cAAc;gBAC/B,eAAe,EAAE,cAAc;gBAC/B,WAAW,EAAE,UAAU;gBACvB,eAAe,EAAE,cAAc;gBAC/B,YAAY,EAAE,WAAW;gBACzB,WAAW,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC;aACrC;YACD,iBAAiB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;YAC1D,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC;SAC1D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,cAAc,CACZ,eAA6B,EAC7B,SAAiB,EACjB,OAAY;QAEZ,OAAO,IAAI,CAAC,aAAa,CACvB,SAAS,EACT,eAAe,CAAC,SAAS,EACzB,UAAU,EACV,OAAO,EACP,eAAe,CAAC,SAAS,CAC1B,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,OAAe;QAC9B,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAC5D,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC/B,CAAC,MAAM,CAAC;QAET,OAAO;YACL,OAAO;YACP,SAAS,EAAE,IAAI;YACf,QAAQ,EAAE,KAAK,CAAC,YAAY;YAC5B,YAAY;YACZ,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,UAAU,EAAE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;SACnD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,CAAC,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAe,EAAE,UAAkB;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACjD,OAAO,KAAK,EAAE,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,KAAK,CAAC;IAC3D,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,OAAe,EAAE,KAAa;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC;YACxE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,QAAwB;QAKzC,MAAM,UAAU,GAAa,EAAE,CAAC;QAEhC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC5B,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAEjC,iDAAiD;YACjD,IAAI,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,EAAE,CAAC;gBAC3C,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;gBACxC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC;YACpD,CAAC;YAED,kCAAkC;YAClC,IAAI,OAAO,CAAC,SAAS,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC;gBAC3C,UAAU,CAAC,IAAI,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;gBACrD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC;YACpD,CAAC;YAED,mBAAmB;YACnB,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,iBAAiB,EAAE,GAAG,OAAO,CAAC;YAC1D,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;YACxD,IAAI,OAAO,CAAC,SAAS,KAAK,WAAW,EAAE,CAAC;gBACtC,UAAU,CAAC,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;gBAC7C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC;YACpD,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IACzC,CAAC;IAEO,WAAW,CAAC,OAAwC;QAC1D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;SACzB,CAAC,CAAC;QAEH,OAAO,MAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC;aACrC,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC;IAEO,cAAc,CAAC,OAAY;QACjC,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAEnE,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAE5E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1C,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QACxD,SAAS,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,SAAS,EAAE,CAAC;IACzE,CAAC;IAEO,cAAc,CAAC,gBAAwB;QAC7C,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAEnE,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnE,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAE/C,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAChF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1D,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B,CAAC;IAEO,eAAe,CAAC,OAAY;QAKlC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAE3C,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,0BAA0B,EAAE,CAAC;YAC1E,IAAI,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC7B,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;gBACnC,gBAAgB,IAAI,QAAQ,CAAC;YAC/B,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,UAAU,CAAC,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACrC,gBAAgB,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,qDAAqD;QACrD,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;YACf,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACpC,gBAAgB,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,OAAO;YACL,IAAI,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;YAC7B,UAAU;YACV,gBAAgB,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,gBAAgB,CAAC;SACjD,CAAC;IACJ,CAAC;IAEO,cAAc,CAAC,GAAQ,EAAE,YAAY,GAAG,CAAC;QAC/C,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;YAAE,OAAO,YAAY,CAAC;QACjE,IAAI,YAAY,GAAG,EAAE;YAAE,OAAO,YAAY,CAAC,CAAC,yBAAyB;QAErE,IAAI,QAAQ,GAAG,YAAY,CAAC;QAC5B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACvC,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,YAAY,GAAG,CAAC,CAAC,CAAC;YAC3D,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,aAAa;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;QAE/C,KAAK,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACjD,IAAI,GAAG,GAAG,SAAS,GAAG,UAAU,EAAE,CAAC;gBACjC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,KAAK,MAAM,CAAC,SAAS,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACzD,IAAI,GAAG,GAAG,SAAS,GAAG,UAAU,GAAG,CAAC,EAAE,CAAC;gBACrC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,uBAAuB,CAAC,UAAoB;QAClD,MAAM,eAAe,GAAa,EAAE,CAAC;QAErC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACpD,eAAe,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YAC3E,eAAe,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QACtF,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YAClD,eAAe,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YAC7E,eAAe,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,eAAe,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;CACF;AAxfD,0DAwfC"}
|
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AutonomyEscalationGuard (L21)
|
|
3
|
+
*
|
|
4
|
+
* Detects and prevents unauthorized autonomy escalation attempts.
|
|
5
|
+
* Implements ASI10 from OWASP Agentic Applications 2026.
|
|
6
|
+
*
|
|
7
|
+
* Threat Model:
|
|
8
|
+
* - ASI10: Unauthorized Autonomy Escalation
|
|
9
|
+
* - Self-modification attempts
|
|
10
|
+
* - Capability expansion
|
|
11
|
+
* - Human-in-the-loop bypass
|
|
12
|
+
* - Sub-agent spawning without approval
|
|
13
|
+
*
|
|
14
|
+
* Protection Capabilities:
|
|
15
|
+
* - Autonomy level tracking
|
|
16
|
+
* - Capability boundary enforcement
|
|
17
|
+
* - Self-modification detection
|
|
18
|
+
* - Sub-agent control
|
|
19
|
+
* - Escalation pattern detection
|
|
20
|
+
*/
|
|
21
|
+
export interface AutonomyEscalationGuardConfig {
|
|
22
|
+
/** Maximum allowed autonomy level (0-100) */
|
|
23
|
+
maxAutonomyLevel?: number;
|
|
24
|
+
/** Base autonomy level for new sessions */
|
|
25
|
+
baseAutonomyLevel?: number;
|
|
26
|
+
/** Enable self-modification detection */
|
|
27
|
+
detectSelfModification?: boolean;
|
|
28
|
+
/** Enable sub-agent spawning control */
|
|
29
|
+
controlSubAgents?: boolean;
|
|
30
|
+
/** Maximum allowed sub-agents */
|
|
31
|
+
maxSubAgents?: number;
|
|
32
|
+
/** Actions that require autonomy escalation approval */
|
|
33
|
+
escalationRequiredActions?: string[];
|
|
34
|
+
/** Enable capability boundary enforcement */
|
|
35
|
+
enforceCapabilityBoundaries?: boolean;
|
|
36
|
+
/** Allowed capabilities per autonomy level */
|
|
37
|
+
capabilityLevels?: Record<number, string[]>;
|
|
38
|
+
/** Enable human-in-the-loop enforcement */
|
|
39
|
+
enforceHITL?: boolean;
|
|
40
|
+
/** Actions that always require human approval */
|
|
41
|
+
alwaysRequireHuman?: string[];
|
|
42
|
+
}
|
|
43
|
+
export interface AutonomyRequest {
|
|
44
|
+
/** Request identifier */
|
|
45
|
+
request_id: string;
|
|
46
|
+
/** Type of autonomy request */
|
|
47
|
+
request_type: "capability_expansion" | "level_increase" | "spawn_agent" | "self_modify" | "bypass_hitl" | "persist_state";
|
|
48
|
+
/** Requested capability or action */
|
|
49
|
+
requested_capability?: string;
|
|
50
|
+
/** Requested autonomy level */
|
|
51
|
+
requested_level?: number;
|
|
52
|
+
/** Reason provided for the request */
|
|
53
|
+
reason?: string;
|
|
54
|
+
/** Source of the request (agent, tool, external) */
|
|
55
|
+
source: string;
|
|
56
|
+
/** Timestamp */
|
|
57
|
+
timestamp: number;
|
|
58
|
+
/** Additional metadata */
|
|
59
|
+
metadata?: Record<string, any>;
|
|
60
|
+
}
|
|
61
|
+
export interface AgentCapabilities {
|
|
62
|
+
/** Current capabilities */
|
|
63
|
+
capabilities: Set<string>;
|
|
64
|
+
/** Current autonomy level */
|
|
65
|
+
autonomy_level: number;
|
|
66
|
+
/** Sub-agents spawned */
|
|
67
|
+
sub_agents: string[];
|
|
68
|
+
/** Pending escalation requests */
|
|
69
|
+
pending_requests: AutonomyRequest[];
|
|
70
|
+
/** Denied requests history */
|
|
71
|
+
denied_requests: AutonomyRequest[];
|
|
72
|
+
/** Last capability change timestamp */
|
|
73
|
+
last_capability_change: number;
|
|
74
|
+
/** HITL checkpoint count */
|
|
75
|
+
hitl_checkpoints: number;
|
|
76
|
+
}
|
|
77
|
+
export interface AutonomyEscalationResult {
|
|
78
|
+
allowed: boolean;
|
|
79
|
+
reason: string;
|
|
80
|
+
violations: string[];
|
|
81
|
+
request_id: string;
|
|
82
|
+
analysis: {
|
|
83
|
+
current_autonomy_level: number;
|
|
84
|
+
requested_autonomy_level?: number;
|
|
85
|
+
capability_violation: boolean;
|
|
86
|
+
self_modification_detected: boolean;
|
|
87
|
+
sub_agent_limit_exceeded: boolean;
|
|
88
|
+
hitl_required: boolean;
|
|
89
|
+
escalation_patterns_detected: string[];
|
|
90
|
+
};
|
|
91
|
+
requires_approval: boolean;
|
|
92
|
+
approval_type?: "human" | "admin" | "system";
|
|
93
|
+
recommendations: string[];
|
|
94
|
+
}
|
|
95
|
+
export declare class AutonomyEscalationGuard {
|
|
96
|
+
private config;
|
|
97
|
+
private agentStates;
|
|
98
|
+
private readonly ESCALATION_PATTERNS;
|
|
99
|
+
private readonly DEFAULT_CAPABILITY_LEVELS;
|
|
100
|
+
constructor(config?: AutonomyEscalationGuardConfig);
|
|
101
|
+
/**
|
|
102
|
+
* Validate an autonomy-related action or request
|
|
103
|
+
*/
|
|
104
|
+
validate(action: string, sessionId: string, params?: Record<string, any>, requestId?: string): AutonomyEscalationResult;
|
|
105
|
+
/**
|
|
106
|
+
* Request autonomy escalation
|
|
107
|
+
*/
|
|
108
|
+
requestEscalation(sessionId: string, request: Omit<AutonomyRequest, "request_id" | "timestamp">): AutonomyEscalationResult;
|
|
109
|
+
/**
|
|
110
|
+
* Approve a pending escalation request (called by human/admin)
|
|
111
|
+
*/
|
|
112
|
+
approveEscalation(sessionId: string, requestId: string): boolean;
|
|
113
|
+
/**
|
|
114
|
+
* Deny a pending escalation request
|
|
115
|
+
*/
|
|
116
|
+
denyEscalation(sessionId: string, requestId: string): boolean;
|
|
117
|
+
/**
|
|
118
|
+
* Register a sub-agent
|
|
119
|
+
*/
|
|
120
|
+
registerSubAgent(sessionId: string, subAgentId: string): boolean;
|
|
121
|
+
/**
|
|
122
|
+
* Get current agent capabilities
|
|
123
|
+
*/
|
|
124
|
+
getAgentState(sessionId: string): AgentCapabilities | undefined;
|
|
125
|
+
/**
|
|
126
|
+
* Set autonomy level directly (admin only)
|
|
127
|
+
*/
|
|
128
|
+
setAutonomyLevel(sessionId: string, level: number): void;
|
|
129
|
+
/**
|
|
130
|
+
* Reset agent state
|
|
131
|
+
*/
|
|
132
|
+
resetSession(sessionId: string): void;
|
|
133
|
+
private createAgentState;
|
|
134
|
+
private getCapabilitiesForLevel;
|
|
135
|
+
private generateRecommendations;
|
|
136
|
+
}
|
|
137
|
+
//# sourceMappingURL=autonomy-escalation-guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"autonomy-escalation-guard.d.ts","sourceRoot":"","sources":["../../src/guards/autonomy-escalation-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,WAAW,6BAA6B;IAC5C,6CAA6C;IAC7C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2CAA2C;IAC3C,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,yCAAyC;IACzC,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,iCAAiC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wDAAwD;IACxD,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IACrC,6CAA6C;IAC7C,2BAA2B,CAAC,EAAE,OAAO,CAAC;IACtC,8CAA8C;IAC9C,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5C,2CAA2C;IAC3C,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,iDAAiD;IACjD,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC9B,yBAAyB;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,YAAY,EAAE,sBAAsB,GAAG,gBAAgB,GAAG,aAAa,GAAG,aAAa,GAAG,aAAa,GAAG,eAAe,CAAC;IAC1H,qCAAqC;IACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,+BAA+B;IAC/B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,sCAAsC;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oDAAoD;IACpD,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,iBAAiB;IAChC,2BAA2B;IAC3B,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC1B,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,yBAAyB;IACzB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,kCAAkC;IAClC,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,8BAA8B;IAC9B,eAAe,EAAE,eAAe,EAAE,CAAC;IACnC,uCAAuC;IACvC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,4BAA4B;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE;QACR,sBAAsB,EAAE,MAAM,CAAC;QAC/B,wBAAwB,CAAC,EAAE,MAAM,CAAC;QAClC,oBAAoB,EAAE,OAAO,CAAC;QAC9B,0BAA0B,EAAE,OAAO,CAAC;QACpC,wBAAwB,EAAE,OAAO,CAAC;QAClC,aAAa,EAAE,OAAO,CAAC;QACvB,4BAA4B,EAAE,MAAM,EAAE,CAAC;KACxC,CAAC;IACF,iBAAiB,EAAE,OAAO,CAAC;IAC3B,aAAa,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;IAC7C,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,qBAAa,uBAAuB;IAClC,OAAO,CAAC,MAAM,CAA0C;IACxD,OAAO,CAAC,WAAW,CAA6C;IAGhE,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAoClC;IAGF,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAMxC;gBAEU,MAAM,GAAE,6BAAkC;IA2BtD;;OAEG;IACH,QAAQ,CACN,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC5B,SAAS,CAAC,EAAE,MAAM,GACjB,wBAAwB;IAmI3B;;OAEG;IACH,iBAAiB,CACf,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,YAAY,GAAG,WAAW,CAAC,GACzD,wBAAwB;IA4H3B;;OAEG;IACH,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO;IAqChE;;OAEG;IACH,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO;IAiB7D;;OAEG;IACH,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO;IAgBhE;;OAEG;IACH,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,iBAAiB,GAAG,SAAS;IAI/D;;OAEG;IACH,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAUxD;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAMrC,OAAO,CAAC,gBAAgB;IAYxB,OAAO,CAAC,uBAAuB;IAW/B,OAAO,CAAC,uBAAuB;CAgChC"}
|