llm-trust-guard 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +318 -0
- package/dist/guards/agent-communication-guard.d.ts +169 -0
- package/dist/guards/agent-communication-guard.d.ts.map +1 -0
- package/dist/guards/agent-communication-guard.js +468 -0
- package/dist/guards/agent-communication-guard.js.map +1 -0
- package/dist/guards/autonomy-escalation-guard.d.ts +137 -0
- package/dist/guards/autonomy-escalation-guard.d.ts.map +1 -0
- package/dist/guards/autonomy-escalation-guard.js +470 -0
- package/dist/guards/autonomy-escalation-guard.js.map +1 -0
- package/dist/guards/circuit-breaker.d.ts +142 -0
- package/dist/guards/circuit-breaker.d.ts.map +1 -0
- package/dist/guards/circuit-breaker.js +347 -0
- package/dist/guards/circuit-breaker.js.map +1 -0
- package/dist/guards/code-execution-guard.d.ts +114 -0
- package/dist/guards/code-execution-guard.d.ts.map +1 -0
- package/dist/guards/code-execution-guard.js +467 -0
- package/dist/guards/code-execution-guard.js.map +1 -0
- package/dist/guards/conversation-guard.d.ts +73 -0
- package/dist/guards/conversation-guard.d.ts.map +1 -0
- package/dist/guards/conversation-guard.js +281 -0
- package/dist/guards/conversation-guard.js.map +1 -0
- package/dist/guards/drift-detector.d.ts +182 -0
- package/dist/guards/drift-detector.d.ts.map +1 -0
- package/dist/guards/drift-detector.js +480 -0
- package/dist/guards/drift-detector.js.map +1 -0
- package/dist/guards/encoding-detector.d.ts +76 -0
- package/dist/guards/encoding-detector.d.ts.map +1 -0
- package/dist/guards/encoding-detector.js +698 -0
- package/dist/guards/encoding-detector.js.map +1 -0
- package/dist/guards/execution-monitor.d.ts +73 -0
- package/dist/guards/execution-monitor.d.ts.map +1 -0
- package/dist/guards/execution-monitor.js +205 -0
- package/dist/guards/execution-monitor.js.map +1 -0
- package/dist/guards/input-sanitizer.d.ts +87 -0
- package/dist/guards/input-sanitizer.d.ts.map +1 -0
- package/dist/guards/input-sanitizer.js +301 -0
- package/dist/guards/input-sanitizer.js.map +1 -0
- package/dist/guards/mcp-security-guard.d.ts +204 -0
- package/dist/guards/mcp-security-guard.d.ts.map +1 -0
- package/dist/guards/mcp-security-guard.js +618 -0
- package/dist/guards/mcp-security-guard.js.map +1 -0
- package/dist/guards/memory-guard.d.ts +124 -0
- package/dist/guards/memory-guard.d.ts.map +1 -0
- package/dist/guards/memory-guard.js +476 -0
- package/dist/guards/memory-guard.js.map +1 -0
- package/dist/guards/multimodal-guard.d.ts +93 -0
- package/dist/guards/multimodal-guard.d.ts.map +1 -0
- package/dist/guards/multimodal-guard.js +507 -0
- package/dist/guards/multimodal-guard.js.map +1 -0
- package/dist/guards/output-filter.d.ts +76 -0
- package/dist/guards/output-filter.d.ts.map +1 -0
- package/dist/guards/output-filter.js +289 -0
- package/dist/guards/output-filter.js.map +1 -0
- package/dist/guards/policy-gate.d.ts +57 -0
- package/dist/guards/policy-gate.d.ts.map +1 -0
- package/dist/guards/policy-gate.js +182 -0
- package/dist/guards/policy-gate.js.map +1 -0
- package/dist/guards/prompt-leakage-guard.d.ts +110 -0
- package/dist/guards/prompt-leakage-guard.d.ts.map +1 -0
- package/dist/guards/prompt-leakage-guard.js +529 -0
- package/dist/guards/prompt-leakage-guard.js.map +1 -0
- package/dist/guards/rag-guard.d.ts +188 -0
- package/dist/guards/rag-guard.d.ts.map +1 -0
- package/dist/guards/rag-guard.js +769 -0
- package/dist/guards/rag-guard.js.map +1 -0
- package/dist/guards/schema-validator.d.ts +35 -0
- package/dist/guards/schema-validator.d.ts.map +1 -0
- package/dist/guards/schema-validator.js +316 -0
- package/dist/guards/schema-validator.js.map +1 -0
- package/dist/guards/state-persistence-guard.d.ts +153 -0
- package/dist/guards/state-persistence-guard.d.ts.map +1 -0
- package/dist/guards/state-persistence-guard.js +484 -0
- package/dist/guards/state-persistence-guard.js.map +1 -0
- package/dist/guards/tenant-boundary.d.ts +67 -0
- package/dist/guards/tenant-boundary.d.ts.map +1 -0
- package/dist/guards/tenant-boundary.js +187 -0
- package/dist/guards/tenant-boundary.js.map +1 -0
- package/dist/guards/tool-chain-validator.d.ts +102 -0
- package/dist/guards/tool-chain-validator.d.ts.map +1 -0
- package/dist/guards/tool-chain-validator.js +480 -0
- package/dist/guards/tool-chain-validator.js.map +1 -0
- package/dist/guards/tool-registry.d.ts +45 -0
- package/dist/guards/tool-registry.d.ts.map +1 -0
- package/dist/guards/tool-registry.js +155 -0
- package/dist/guards/tool-registry.js.map +1 -0
- package/dist/guards/trust-exploitation-guard.d.ts +134 -0
- package/dist/guards/trust-exploitation-guard.d.ts.map +1 -0
- package/dist/guards/trust-exploitation-guard.js +354 -0
- package/dist/guards/trust-exploitation-guard.js.map +1 -0
- package/dist/index.d.ts +133 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +430 -0
- package/dist/index.js.map +1 -0
- package/dist/integrations/express.d.ts +119 -0
- package/dist/integrations/express.d.ts.map +1 -0
- package/dist/integrations/express.js +244 -0
- package/dist/integrations/express.js.map +1 -0
- package/dist/integrations/index.d.ts +9 -0
- package/dist/integrations/index.d.ts.map +1 -0
- package/dist/integrations/index.js +26 -0
- package/dist/integrations/index.js.map +1 -0
- package/dist/integrations/langchain.d.ts +165 -0
- package/dist/integrations/langchain.d.ts.map +1 -0
- package/dist/integrations/langchain.js +308 -0
- package/dist/integrations/langchain.js.map +1 -0
- package/dist/integrations/openai.d.ts +205 -0
- package/dist/integrations/openai.d.ts.map +1 -0
- package/dist/integrations/openai.js +380 -0
- package/dist/integrations/openai.js.map +1 -0
- package/dist/types/index.d.ts +245 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +6 -0
- package/dist/types/index.js.map +1 -0
- package/package.json +64 -0
|
@@ -0,0 +1,480 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* ToolChainValidator v2
|
|
4
|
+
*
|
|
5
|
+
* Detects and prevents dangerous tool chaining attacks by:
|
|
6
|
+
* - Validating tool call sequences
|
|
7
|
+
* - Blocking dangerous tool combinations
|
|
8
|
+
* - Enforcing cooldown periods between sensitive operations
|
|
9
|
+
* - Tracking tool usage patterns for anomaly detection
|
|
10
|
+
*
|
|
11
|
+
* v2 Enhancements (2026):
|
|
12
|
+
* - ASI07: Agent State Corruption detection
|
|
13
|
+
* - ASI04: Agent Autonomy Escalation detection
|
|
14
|
+
* - Loop/repetition attack detection
|
|
15
|
+
* - Resource accumulation monitoring
|
|
16
|
+
* - Time-based anomaly detection
|
|
17
|
+
* - Cumulative impact scoring
|
|
18
|
+
* - Cross-tool data flow tracking
|
|
19
|
+
*/
|
|
20
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
21
|
+
exports.ToolChainValidator = void 0;
|
|
22
|
+
class ToolChainValidator {
|
|
23
|
+
constructor(config = {}) {
|
|
24
|
+
this.sessions = new Map();
|
|
25
|
+
this.defaultForbiddenSequences = [
|
|
26
|
+
{
|
|
27
|
+
name: "read_then_delete",
|
|
28
|
+
sequence: ["read_file", "delete_file"],
|
|
29
|
+
reason: "Reading then deleting files may indicate data exfiltration",
|
|
30
|
+
severity: "block",
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
name: "list_then_bulk_delete",
|
|
34
|
+
sequence: ["list_users", "delete_user"],
|
|
35
|
+
reason: "Listing then deleting users may indicate account takeover",
|
|
36
|
+
severity: "block",
|
|
37
|
+
},
|
|
38
|
+
{
|
|
39
|
+
name: "get_credentials_then_external",
|
|
40
|
+
sequence: ["get_api_key", "http_request"],
|
|
41
|
+
reason: "Accessing credentials then making external requests is suspicious",
|
|
42
|
+
severity: "block",
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
name: "modify_config_then_execute",
|
|
46
|
+
sequence: ["update_config", "execute_command"],
|
|
47
|
+
reason: "Modifying config then executing commands may indicate system compromise",
|
|
48
|
+
severity: "block",
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
name: "disable_security_then_action",
|
|
52
|
+
sequence: ["disable_audit", "delete_records"],
|
|
53
|
+
reason: "Disabling audit then deleting records indicates malicious activity",
|
|
54
|
+
severity: "block",
|
|
55
|
+
},
|
|
56
|
+
{
|
|
57
|
+
name: "escalate_then_sensitive",
|
|
58
|
+
sequence: ["modify_user_role", "access_admin_panel"],
|
|
59
|
+
reason: "Role escalation followed by admin access is suspicious",
|
|
60
|
+
severity: "block",
|
|
61
|
+
},
|
|
62
|
+
];
|
|
63
|
+
this.defaultSensitiveTools = [
|
|
64
|
+
"delete",
|
|
65
|
+
"remove",
|
|
66
|
+
"drop",
|
|
67
|
+
"truncate",
|
|
68
|
+
"execute",
|
|
69
|
+
"run",
|
|
70
|
+
"admin",
|
|
71
|
+
"system",
|
|
72
|
+
"config",
|
|
73
|
+
"modify_role",
|
|
74
|
+
"grant",
|
|
75
|
+
"revoke",
|
|
76
|
+
"transfer_funds",
|
|
77
|
+
"bulk_",
|
|
78
|
+
"export",
|
|
79
|
+
];
|
|
80
|
+
// v2: Tools that modify agent/system state
|
|
81
|
+
this.defaultStateModifyingTools = [
|
|
82
|
+
"set_config",
|
|
83
|
+
"update_settings",
|
|
84
|
+
"modify_state",
|
|
85
|
+
"change_mode",
|
|
86
|
+
"set_variable",
|
|
87
|
+
"store_memory",
|
|
88
|
+
"update_context",
|
|
89
|
+
"modify_prompt",
|
|
90
|
+
"change_behavior",
|
|
91
|
+
"set_preference",
|
|
92
|
+
"alter_state",
|
|
93
|
+
"write_memory",
|
|
94
|
+
"persist_data",
|
|
95
|
+
];
|
|
96
|
+
// v2: Tools that expand agent autonomy
|
|
97
|
+
this.defaultAutonomyExpandingTools = [
|
|
98
|
+
"grant_permission",
|
|
99
|
+
"enable_capability",
|
|
100
|
+
"unlock_feature",
|
|
101
|
+
"expand_scope",
|
|
102
|
+
"add_tool",
|
|
103
|
+
"register_handler",
|
|
104
|
+
"create_webhook",
|
|
105
|
+
"schedule_task",
|
|
106
|
+
"spawn_agent",
|
|
107
|
+
"create_subprocess",
|
|
108
|
+
"enable_auto",
|
|
109
|
+
"set_autonomous",
|
|
110
|
+
"bypass_approval",
|
|
111
|
+
"disable_confirmation",
|
|
112
|
+
"skip_verification",
|
|
113
|
+
];
|
|
114
|
+
// v2: Tools that acquire resources
|
|
115
|
+
this.defaultResourceAcquiringTools = [
|
|
116
|
+
"get_credentials",
|
|
117
|
+
"fetch_api_key",
|
|
118
|
+
"acquire_token",
|
|
119
|
+
"download_file",
|
|
120
|
+
"copy_data",
|
|
121
|
+
"clone_repo",
|
|
122
|
+
"export_data",
|
|
123
|
+
"backup_database",
|
|
124
|
+
"snapshot",
|
|
125
|
+
"read_secrets",
|
|
126
|
+
"access_vault",
|
|
127
|
+
"get_certificate",
|
|
128
|
+
];
|
|
129
|
+
// v2: Impact scores for tools
|
|
130
|
+
this.defaultToolImpactScores = {
|
|
131
|
+
"delete": 20,
|
|
132
|
+
"remove": 15,
|
|
133
|
+
"execute": 25,
|
|
134
|
+
"admin": 30,
|
|
135
|
+
"system": 25,
|
|
136
|
+
"config": 15,
|
|
137
|
+
"grant": 20,
|
|
138
|
+
"transfer": 30,
|
|
139
|
+
"export": 15,
|
|
140
|
+
"credential": 25,
|
|
141
|
+
"secret": 25,
|
|
142
|
+
"password": 30,
|
|
143
|
+
"spawn": 30,
|
|
144
|
+
"subprocess": 25,
|
|
145
|
+
"bypass": 35,
|
|
146
|
+
};
|
|
147
|
+
this.config = {
|
|
148
|
+
forbiddenSequences: config.forbiddenSequences ?? this.defaultForbiddenSequences,
|
|
149
|
+
requiredPreconditions: config.requiredPreconditions ?? [],
|
|
150
|
+
toolCooldowns: config.toolCooldowns ?? {},
|
|
151
|
+
maxToolsPerRequest: config.maxToolsPerRequest ?? 10,
|
|
152
|
+
maxSensitiveToolsPerSession: config.maxSensitiveToolsPerSession ?? 5,
|
|
153
|
+
sensitiveTools: config.sensitiveTools ?? this.defaultSensitiveTools,
|
|
154
|
+
sessionTTLMinutes: config.sessionTTLMinutes ?? 30,
|
|
155
|
+
// v2 defaults
|
|
156
|
+
enableStateTracking: config.enableStateTracking ?? true,
|
|
157
|
+
stateModifyingTools: config.stateModifyingTools ?? this.defaultStateModifyingTools,
|
|
158
|
+
enableAutonomyDetection: config.enableAutonomyDetection ?? true,
|
|
159
|
+
autonomyExpandingTools: config.autonomyExpandingTools ?? this.defaultAutonomyExpandingTools,
|
|
160
|
+
enableLoopDetection: config.enableLoopDetection ?? true,
|
|
161
|
+
maxRepetitionsPerMinute: config.maxRepetitionsPerMinute ?? 5,
|
|
162
|
+
enableResourceTracking: config.enableResourceTracking ?? true,
|
|
163
|
+
resourceAcquiringTools: config.resourceAcquiringTools ?? this.defaultResourceAcquiringTools,
|
|
164
|
+
maxResourcesPerSession: config.maxResourcesPerSession ?? 10,
|
|
165
|
+
enableTimeAnomalyDetection: config.enableTimeAnomalyDetection ?? true,
|
|
166
|
+
minTimeBetweenToolsMs: config.minTimeBetweenToolsMs ?? 50,
|
|
167
|
+
enableImpactScoring: config.enableImpactScoring ?? true,
|
|
168
|
+
maxCumulativeImpact: config.maxCumulativeImpact ?? 100,
|
|
169
|
+
toolImpactScores: config.toolImpactScores ?? this.defaultToolImpactScores,
|
|
170
|
+
};
|
|
171
|
+
// Cleanup expired sessions periodically
|
|
172
|
+
setInterval(() => this.cleanupSessions(), 60000);
|
|
173
|
+
}
|
|
174
|
+
/**
|
|
175
|
+
* Validate a tool call in context of the session
|
|
176
|
+
*/
|
|
177
|
+
validate(sessionId, toolName, allToolsInRequest, requestId = "") {
|
|
178
|
+
const violations = [];
|
|
179
|
+
const warnings = [];
|
|
180
|
+
const forbiddenSequencesDetected = [];
|
|
181
|
+
const preconditionViolations = [];
|
|
182
|
+
const cooldownViolations = [];
|
|
183
|
+
// v2 tracking
|
|
184
|
+
let stateCorruptionDetected = false;
|
|
185
|
+
let autonomyEscalationDetected = false;
|
|
186
|
+
let loopDetected = false;
|
|
187
|
+
let timeAnomalyDetected = false;
|
|
188
|
+
// Get or create session
|
|
189
|
+
const session = this.getOrCreateSession(sessionId);
|
|
190
|
+
const now = Date.now();
|
|
191
|
+
// Get recent tool history
|
|
192
|
+
const recentTools = session.tool_history
|
|
193
|
+
.filter((t) => now - t.timestamp < this.config.sessionTTLMinutes * 60000)
|
|
194
|
+
.map((t) => t.tool);
|
|
195
|
+
// Check max tools per request
|
|
196
|
+
if (allToolsInRequest && allToolsInRequest.length > this.config.maxToolsPerRequest) {
|
|
197
|
+
violations.push("MAX_TOOLS_PER_REQUEST_EXCEEDED");
|
|
198
|
+
}
|
|
199
|
+
// Check forbidden sequences
|
|
200
|
+
for (const forbidden of this.config.forbiddenSequences) {
|
|
201
|
+
if (this.matchesSequence(recentTools, toolName, forbidden.sequence)) {
|
|
202
|
+
forbiddenSequencesDetected.push(forbidden.name);
|
|
203
|
+
if (forbidden.severity === "block") {
|
|
204
|
+
violations.push(`FORBIDDEN_SEQUENCE_${forbidden.name.toUpperCase()}`);
|
|
205
|
+
}
|
|
206
|
+
else {
|
|
207
|
+
warnings.push(`Suspicious sequence detected: ${forbidden.name}`);
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
// Check preconditions
|
|
212
|
+
for (const precondition of this.config.requiredPreconditions) {
|
|
213
|
+
if (toolName === precondition.tool) {
|
|
214
|
+
const turnsToCheck = precondition.within_turns ?? 10;
|
|
215
|
+
const recentHistory = session.tool_history.slice(-turnsToCheck);
|
|
216
|
+
const hasRequired = precondition.requires.every((req) => recentHistory.some((h) => h.tool === req));
|
|
217
|
+
if (!hasRequired) {
|
|
218
|
+
preconditionViolations.push(`${toolName} requires: ${precondition.requires.join(", ")}`);
|
|
219
|
+
violations.push(`PRECONDITION_VIOLATED_${toolName.toUpperCase()}`);
|
|
220
|
+
}
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
// Check cooldowns
|
|
224
|
+
const cooldown = this.config.toolCooldowns?.[toolName];
|
|
225
|
+
if (cooldown) {
|
|
226
|
+
const lastUsage = session.tool_history
|
|
227
|
+
.filter((t) => t.tool === toolName)
|
|
228
|
+
.sort((a, b) => b.timestamp - a.timestamp)[0];
|
|
229
|
+
if (lastUsage && now - lastUsage.timestamp < cooldown) {
|
|
230
|
+
const remainingMs = cooldown - (now - lastUsage.timestamp);
|
|
231
|
+
cooldownViolations.push(`${toolName} on cooldown for ${Math.ceil(remainingMs / 1000)}s`);
|
|
232
|
+
violations.push(`COOLDOWN_VIOLATION_${toolName.toUpperCase()}`);
|
|
233
|
+
}
|
|
234
|
+
}
|
|
235
|
+
// Check sensitive tool limits
|
|
236
|
+
const isSensitive = this.config.sensitiveTools.some((s) => toolName.toLowerCase().includes(s.toLowerCase()));
|
|
237
|
+
if (isSensitive) {
|
|
238
|
+
if (session.sensitive_tool_count >= this.config.maxSensitiveToolsPerSession) {
|
|
239
|
+
violations.push("MAX_SENSITIVE_TOOLS_EXCEEDED");
|
|
240
|
+
}
|
|
241
|
+
}
|
|
242
|
+
// ===== v2 CHECKS =====
|
|
243
|
+
// v2: State corruption detection (ASI07)
|
|
244
|
+
if (this.config.enableStateTracking) {
|
|
245
|
+
const modifiesState = this.config.stateModifyingTools.some((s) => toolName.toLowerCase().includes(s.toLowerCase()));
|
|
246
|
+
if (modifiesState) {
|
|
247
|
+
session.state_modifications++;
|
|
248
|
+
// Check for rapid state modifications (potential corruption)
|
|
249
|
+
const recentStateModifications = session.tool_history.filter((t) => t.modifies_state && now - t.timestamp < 60000).length;
|
|
250
|
+
if (recentStateModifications >= 3) {
|
|
251
|
+
stateCorruptionDetected = true;
|
|
252
|
+
violations.push("STATE_CORRUPTION_PATTERN");
|
|
253
|
+
warnings.push("Multiple rapid state modifications detected - potential state corruption attack");
|
|
254
|
+
}
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
// v2: Autonomy escalation detection (ASI04)
|
|
258
|
+
if (this.config.enableAutonomyDetection) {
|
|
259
|
+
const expandsAutonomy = this.config.autonomyExpandingTools.some((s) => toolName.toLowerCase().includes(s.toLowerCase()));
|
|
260
|
+
if (expandsAutonomy) {
|
|
261
|
+
session.autonomy_expansions++;
|
|
262
|
+
if (session.autonomy_expansions >= 2) {
|
|
263
|
+
autonomyEscalationDetected = true;
|
|
264
|
+
violations.push("AUTONOMY_ESCALATION_DETECTED");
|
|
265
|
+
warnings.push("Agent attempting to expand its own autonomy");
|
|
266
|
+
}
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
// v2: Loop/repetition detection
|
|
270
|
+
if (this.config.enableLoopDetection) {
|
|
271
|
+
// Track this tool's repetitions
|
|
272
|
+
if (!session.tool_repetitions.has(toolName)) {
|
|
273
|
+
session.tool_repetitions.set(toolName, []);
|
|
274
|
+
}
|
|
275
|
+
const repetitions = session.tool_repetitions.get(toolName);
|
|
276
|
+
repetitions.push(now);
|
|
277
|
+
// Clean up old timestamps
|
|
278
|
+
const oneMinuteAgo = now - 60000;
|
|
279
|
+
const recentReps = repetitions.filter((t) => t > oneMinuteAgo);
|
|
280
|
+
session.tool_repetitions.set(toolName, recentReps);
|
|
281
|
+
if (recentReps.length > this.config.maxRepetitionsPerMinute) {
|
|
282
|
+
loopDetected = true;
|
|
283
|
+
violations.push("LOOP_ATTACK_DETECTED");
|
|
284
|
+
warnings.push(`Tool "${toolName}" called ${recentReps.length} times in the last minute`);
|
|
285
|
+
}
|
|
286
|
+
}
|
|
287
|
+
// v2: Resource accumulation detection
|
|
288
|
+
if (this.config.enableResourceTracking) {
|
|
289
|
+
const acquiresResource = this.config.resourceAcquiringTools.some((s) => toolName.toLowerCase().includes(s.toLowerCase()));
|
|
290
|
+
if (acquiresResource) {
|
|
291
|
+
session.resources_acquired++;
|
|
292
|
+
if (session.resources_acquired > this.config.maxResourcesPerSession) {
|
|
293
|
+
violations.push("RESOURCE_ACCUMULATION_EXCEEDED");
|
|
294
|
+
warnings.push("Agent has acquired too many resources in this session");
|
|
295
|
+
}
|
|
296
|
+
}
|
|
297
|
+
}
|
|
298
|
+
// v2: Time anomaly detection (unusually rapid tool calls)
|
|
299
|
+
if (this.config.enableTimeAnomalyDetection) {
|
|
300
|
+
const lastTool = session.tool_history[session.tool_history.length - 1];
|
|
301
|
+
if (lastTool && now - lastTool.timestamp < this.config.minTimeBetweenToolsMs) {
|
|
302
|
+
timeAnomalyDetected = true;
|
|
303
|
+
violations.push("TIME_ANOMALY_DETECTED");
|
|
304
|
+
warnings.push("Tool calls too rapid - possible automated attack");
|
|
305
|
+
}
|
|
306
|
+
}
|
|
307
|
+
// v2: Impact scoring
|
|
308
|
+
let toolImpact = 0;
|
|
309
|
+
if (this.config.enableImpactScoring) {
|
|
310
|
+
// Calculate impact for this tool
|
|
311
|
+
for (const [keyword, score] of Object.entries(this.config.toolImpactScores)) {
|
|
312
|
+
if (toolName.toLowerCase().includes(keyword.toLowerCase())) {
|
|
313
|
+
toolImpact = Math.max(toolImpact, score);
|
|
314
|
+
}
|
|
315
|
+
}
|
|
316
|
+
const newCumulativeImpact = session.cumulative_impact + toolImpact;
|
|
317
|
+
if (newCumulativeImpact > this.config.maxCumulativeImpact) {
|
|
318
|
+
violations.push("MAX_CUMULATIVE_IMPACT_EXCEEDED");
|
|
319
|
+
warnings.push(`Cumulative impact ${newCumulativeImpact} exceeds threshold ${this.config.maxCumulativeImpact}`);
|
|
320
|
+
}
|
|
321
|
+
}
|
|
322
|
+
// ===== END v2 CHECKS =====
|
|
323
|
+
const allowed = violations.length === 0;
|
|
324
|
+
// Record tool usage if allowed
|
|
325
|
+
if (allowed) {
|
|
326
|
+
const modifiesState = this.config.stateModifyingTools?.some((s) => toolName.toLowerCase().includes(s.toLowerCase())) ?? false;
|
|
327
|
+
const expandsAutonomy = this.config.autonomyExpandingTools?.some((s) => toolName.toLowerCase().includes(s.toLowerCase())) ?? false;
|
|
328
|
+
const acquiresResource = this.config.resourceAcquiringTools?.some((s) => toolName.toLowerCase().includes(s.toLowerCase())) ?? false;
|
|
329
|
+
session.tool_history.push({
|
|
330
|
+
tool: toolName,
|
|
331
|
+
timestamp: now,
|
|
332
|
+
modifies_state: modifiesState,
|
|
333
|
+
expands_autonomy: expandsAutonomy,
|
|
334
|
+
acquires_resource: acquiresResource,
|
|
335
|
+
impact_score: toolImpact,
|
|
336
|
+
});
|
|
337
|
+
if (isSensitive) {
|
|
338
|
+
session.sensitive_tool_count++;
|
|
339
|
+
}
|
|
340
|
+
session.cumulative_impact += toolImpact;
|
|
341
|
+
session.last_activity = now;
|
|
342
|
+
}
|
|
343
|
+
if (!allowed) {
|
|
344
|
+
console.log(`[ToolChainValidator:${requestId}] BLOCKED: ${violations.join(", ")}`);
|
|
345
|
+
}
|
|
346
|
+
return {
|
|
347
|
+
allowed,
|
|
348
|
+
reason: allowed ? undefined : `Tool chain validation failed: ${violations.join(", ")}`,
|
|
349
|
+
violations,
|
|
350
|
+
chain_analysis: {
|
|
351
|
+
current_tool: toolName,
|
|
352
|
+
previous_tools: recentTools.slice(-10),
|
|
353
|
+
forbidden_sequences_detected: forbiddenSequencesDetected,
|
|
354
|
+
precondition_violations: preconditionViolations,
|
|
355
|
+
cooldown_violations: cooldownViolations,
|
|
356
|
+
// v2 additions
|
|
357
|
+
state_corruption_detected: stateCorruptionDetected,
|
|
358
|
+
autonomy_escalation_detected: autonomyEscalationDetected,
|
|
359
|
+
loop_detected: loopDetected,
|
|
360
|
+
resource_accumulation: session.resources_acquired,
|
|
361
|
+
time_anomaly_detected: timeAnomalyDetected,
|
|
362
|
+
cumulative_impact: session.cumulative_impact,
|
|
363
|
+
},
|
|
364
|
+
warnings,
|
|
365
|
+
};
|
|
366
|
+
}
|
|
367
|
+
/**
|
|
368
|
+
* Validate multiple tools at once (for parallel tool calls)
|
|
369
|
+
*/
|
|
370
|
+
validateBatch(sessionId, tools, requestId = "") {
|
|
371
|
+
const allViolations = [];
|
|
372
|
+
const allWarnings = [];
|
|
373
|
+
const allForbidden = [];
|
|
374
|
+
const allPrecondition = [];
|
|
375
|
+
const allCooldown = [];
|
|
376
|
+
// Check if too many tools
|
|
377
|
+
if (tools.length > this.config.maxToolsPerRequest) {
|
|
378
|
+
allViolations.push("MAX_TOOLS_PER_REQUEST_EXCEEDED");
|
|
379
|
+
}
|
|
380
|
+
// Check each tool
|
|
381
|
+
for (const tool of tools) {
|
|
382
|
+
const result = this.validate(sessionId, tool, tools, requestId);
|
|
383
|
+
allViolations.push(...result.violations);
|
|
384
|
+
allWarnings.push(...result.warnings);
|
|
385
|
+
allForbidden.push(...result.chain_analysis.forbidden_sequences_detected);
|
|
386
|
+
allPrecondition.push(...result.chain_analysis.precondition_violations);
|
|
387
|
+
allCooldown.push(...result.chain_analysis.cooldown_violations);
|
|
388
|
+
}
|
|
389
|
+
// Check for forbidden sequences within the batch
|
|
390
|
+
for (const forbidden of this.config.forbiddenSequences) {
|
|
391
|
+
if (forbidden.sequence.every((s) => tools.some((t) => t.toLowerCase().includes(s.toLowerCase())))) {
|
|
392
|
+
allForbidden.push(forbidden.name);
|
|
393
|
+
if (forbidden.severity === "block") {
|
|
394
|
+
allViolations.push(`BATCH_FORBIDDEN_SEQUENCE_${forbidden.name.toUpperCase()}`);
|
|
395
|
+
}
|
|
396
|
+
}
|
|
397
|
+
}
|
|
398
|
+
const session = this.sessions.get(sessionId);
|
|
399
|
+
const recentTools = session?.tool_history.map((t) => t.tool) ?? [];
|
|
400
|
+
return {
|
|
401
|
+
allowed: allViolations.length === 0,
|
|
402
|
+
reason: allViolations.length === 0
|
|
403
|
+
? undefined
|
|
404
|
+
: `Batch validation failed: ${allViolations.join(", ")}`,
|
|
405
|
+
violations: [...new Set(allViolations)],
|
|
406
|
+
chain_analysis: {
|
|
407
|
+
current_tool: tools.join(", "),
|
|
408
|
+
previous_tools: recentTools.slice(-10),
|
|
409
|
+
forbidden_sequences_detected: [...new Set(allForbidden)],
|
|
410
|
+
precondition_violations: [...new Set(allPrecondition)],
|
|
411
|
+
cooldown_violations: [...new Set(allCooldown)],
|
|
412
|
+
},
|
|
413
|
+
warnings: [...new Set(allWarnings)],
|
|
414
|
+
};
|
|
415
|
+
}
|
|
416
|
+
/**
|
|
417
|
+
* Get session tool history
|
|
418
|
+
*/
|
|
419
|
+
getToolHistory(sessionId) {
|
|
420
|
+
const session = this.sessions.get(sessionId);
|
|
421
|
+
return session?.tool_history.map((t) => t.tool) ?? [];
|
|
422
|
+
}
|
|
423
|
+
/**
|
|
424
|
+
* Reset session
|
|
425
|
+
*/
|
|
426
|
+
resetSession(sessionId) {
|
|
427
|
+
this.sessions.delete(sessionId);
|
|
428
|
+
}
|
|
429
|
+
getOrCreateSession(sessionId) {
|
|
430
|
+
if (!this.sessions.has(sessionId)) {
|
|
431
|
+
this.sessions.set(sessionId, {
|
|
432
|
+
id: sessionId,
|
|
433
|
+
tool_history: [],
|
|
434
|
+
sensitive_tool_count: 0,
|
|
435
|
+
last_activity: Date.now(),
|
|
436
|
+
// v2 fields
|
|
437
|
+
state_modifications: 0,
|
|
438
|
+
autonomy_expansions: 0,
|
|
439
|
+
resources_acquired: 0,
|
|
440
|
+
cumulative_impact: 0,
|
|
441
|
+
tool_repetitions: new Map(),
|
|
442
|
+
});
|
|
443
|
+
}
|
|
444
|
+
return this.sessions.get(sessionId);
|
|
445
|
+
}
|
|
446
|
+
matchesSequence(history, currentTool, sequence) {
|
|
447
|
+
if (sequence.length === 0)
|
|
448
|
+
return false;
|
|
449
|
+
// Check if current tool matches the last in sequence
|
|
450
|
+
const lastInSequence = sequence[sequence.length - 1];
|
|
451
|
+
if (!currentTool.toLowerCase().includes(lastInSequence.toLowerCase())) {
|
|
452
|
+
return false;
|
|
453
|
+
}
|
|
454
|
+
// Check if history contains the preceding tools in order
|
|
455
|
+
if (sequence.length === 1)
|
|
456
|
+
return true;
|
|
457
|
+
const precedingSequence = sequence.slice(0, -1);
|
|
458
|
+
let seqIndex = 0;
|
|
459
|
+
for (const histTool of history) {
|
|
460
|
+
if (histTool.toLowerCase().includes(precedingSequence[seqIndex].toLowerCase())) {
|
|
461
|
+
seqIndex++;
|
|
462
|
+
if (seqIndex >= precedingSequence.length) {
|
|
463
|
+
return true;
|
|
464
|
+
}
|
|
465
|
+
}
|
|
466
|
+
}
|
|
467
|
+
return false;
|
|
468
|
+
}
|
|
469
|
+
cleanupSessions() {
|
|
470
|
+
const ttlMs = this.config.sessionTTLMinutes * 60000;
|
|
471
|
+
const now = Date.now();
|
|
472
|
+
for (const [id, session] of this.sessions.entries()) {
|
|
473
|
+
if (now - session.last_activity > ttlMs) {
|
|
474
|
+
this.sessions.delete(id);
|
|
475
|
+
}
|
|
476
|
+
}
|
|
477
|
+
}
|
|
478
|
+
}
|
|
479
|
+
exports.ToolChainValidator = ToolChainValidator;
|
|
480
|
+
//# sourceMappingURL=tool-chain-validator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-chain-validator.js","sourceRoot":"","sources":["../../src/guards/tool-chain-validator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;;AA+FH,MAAa,kBAAkB;IAoI7B,YAAY,SAAmC,EAAE;QAlIzC,aAAQ,GAA6B,IAAI,GAAG,EAAE,CAAC;QAE/C,8BAAyB,GAAwB;YACvD;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,CAAC,WAAW,EAAE,aAAa,CAAC;gBACtC,MAAM,EAAE,4DAA4D;gBACpE,QAAQ,EAAE,OAAO;aAClB;YACD;gBACE,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,CAAC,YAAY,EAAE,aAAa,CAAC;gBACvC,MAAM,EAAE,2DAA2D;gBACnE,QAAQ,EAAE,OAAO;aAClB;YACD;gBACE,IAAI,EAAE,+BAA+B;gBACrC,QAAQ,EAAE,CAAC,aAAa,EAAE,cAAc,CAAC;gBACzC,MAAM,EAAE,mEAAmE;gBAC3E,QAAQ,EAAE,OAAO;aAClB;YACD;gBACE,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,CAAC,eAAe,EAAE,iBAAiB,CAAC;gBAC9C,MAAM,EAAE,yEAAyE;gBACjF,QAAQ,EAAE,OAAO;aAClB;YACD;gBACE,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,CAAC,eAAe,EAAE,gBAAgB,CAAC;gBAC7C,MAAM,EAAE,oEAAoE;gBAC5E,QAAQ,EAAE,OAAO;aAClB;YACD;gBACE,IAAI,EAAE,yBAAyB;gBAC/B,QAAQ,EAAE,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;gBACpD,MAAM,EAAE,wDAAwD;gBAChE,QAAQ,EAAE,OAAO;aAClB;SACF,CAAC;QAEM,0BAAqB,GAAa;YACxC,QAAQ;YACR,QAAQ;YACR,MAAM;YACN,UAAU;YACV,SAAS;YACT,KAAK;YACL,OAAO;YACP,QAAQ;YACR,QAAQ;YACR,aAAa;YACb,OAAO;YACP,QAAQ;YACR,gBAAgB;YAChB,OAAO;YACP,QAAQ;SACT,CAAC;QAEF,2CAA2C;QACnC,+BAA0B,GAAa;YAC7C,YAAY;YACZ,iBAAiB;YACjB,cAAc;YACd,aAAa;YACb,cAAc;YACd,cAAc;YACd,gBAAgB;YAChB,eAAe;YACf,iBAAiB;YACjB,gBAAgB;YAChB,aAAa;YACb,cAAc;YACd,cAAc;SACf,CAAC;QAEF,uCAAuC;QAC/B,kCAA6B,GAAa;YAChD,kBAAkB;YAClB,mBAAmB;YACnB,gBAAgB;YAChB,cAAc;YACd,UAAU;YACV,kBAAkB;YAClB,gBAAgB;YAChB,eAAe;YACf,aAAa;YACb,mBAAmB;YACnB,aAAa;YACb,gBAAgB;YAChB,iBAAiB;YACjB,sBAAsB;YACtB,mBAAmB;SACpB,CAAC;QAEF,mCAAmC;QAC3B,kCAA6B,GAAa;YAChD,iBAAiB;YACjB,eAAe;YACf,eAAe;YACf,eAAe;YACf,WAAW;YACX,YAAY;YACZ,aAAa;YACb,iBAAiB;YACjB,UAAU;YACV,cAAc;YACd,cAAc;YACd,iBAAiB;SAClB,CAAC;QAEF,8BAA8B;QACtB,4BAAuB,GAA2B;YACxD,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,EAAE;YAChB,QAAQ,EAAE,EAAE;YACZ,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,EAAE;YACX,YAAY,EAAE,EAAE;YAChB,QAAQ,EAAE,EAAE;SACb,CAAC;QAGA,IAAI,CAAC,MAAM,GAAG;YACZ,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,IAAI,CAAC,yBAAyB;YAC/E,qBAAqB,EAAE,MAAM,CAAC,qBAAqB,IAAI,EAAE;YACzD,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE;YACzC,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,EAAE;YACnD,2BAA2B,EAAE,MAAM,CAAC,2BAA2B,IAAI,CAAC;YACpE,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,IAAI,CAAC,qBAAqB;YACnE,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,EAAE;YACjD,cAAc;YACd,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;YACvD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI,CAAC,0BAA0B;YAClF,uBAAuB,EAAE,MAAM,CAAC,uBAAuB,IAAI,IAAI;YAC/D,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,IAAI,IAAI,CAAC,6BAA6B;YAC3F,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;YACvD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB,IAAI,CAAC;YAC5D,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,IAAI,IAAI;YAC7D,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,IAAI,IAAI,CAAC,6BAA6B;YAC3F,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,IAAI,EAAE;YAC3D,0BAA0B,EAAE,MAAM,CAAC,0BAA0B,IAAI,IAAI;YACrE,qBAAqB,EAAE,MAAM,CAAC,qBAAqB,IAAI,EAAE;YACzD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;YACvD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,GAAG;YACtD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,IAAI,CAAC,uBAAuB;SAC1E,CAAC;QAEF,wCAAwC;QACxC,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,QAAQ,CACN,SAAiB,EACjB,QAAgB,EAChB,iBAA4B,EAC5B,YAAoB,EAAE;QAEtB,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,0BAA0B,GAAa,EAAE,CAAC;QAChD,MAAM,sBAAsB,GAAa,EAAE,CAAC;QAC5C,MAAM,kBAAkB,GAAa,EAAE,CAAC;QAExC,cAAc;QACd,IAAI,uBAAuB,GAAG,KAAK,CAAC;QACpC,IAAI,0BAA0B,GAAG,KAAK,CAAC;QACvC,IAAI,YAAY,GAAG,KAAK,CAAC;QACzB,IAAI,mBAAmB,GAAG,KAAK,CAAC;QAEhC,wBAAwB;QACxB,MAAM,OAAO,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,0BAA0B;QAC1B,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY;aACrC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAkB,GAAG,KAAK,CAAC;aACzE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEtB,8BAA8B;QAC9B,IAAI,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAmB,EAAE,CAAC;YACpF,UAAU,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QAED,4BAA4B;QAC5B,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAmB,EAAE,CAAC;YACxD,IAAI,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpE,0BAA0B,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;gBAChD,IAAI,SAAS,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;oBACnC,UAAU,CAAC,IAAI,CAAC,sBAAsB,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;gBACxE,CAAC;qBAAM,CAAC;oBACN,QAAQ,CAAC,IAAI,CAAC,iCAAiC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;gBACnE,CAAC;YACH,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,qBAAsB,EAAE,CAAC;YAC9D,IAAI,QAAQ,KAAK,YAAY,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM,YAAY,GAAG,YAAY,CAAC,YAAY,IAAI,EAAE,CAAC;gBACrD,MAAM,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC;gBAChE,MAAM,WAAW,GAAG,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CACtD,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,CAC1C,CAAC;gBAEF,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,sBAAsB,CAAC,IAAI,CACzB,GAAG,QAAQ,cAAc,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC5D,CAAC;oBACF,UAAU,CAAC,IAAI,CAAC,yBAAyB,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;gBACrE,CAAC;YACH,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY;iBACnC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC;iBAClC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;YAEhD,IAAI,SAAS,IAAI,GAAG,GAAG,SAAS,CAAC,SAAS,GAAG,QAAQ,EAAE,CAAC;gBACtD,MAAM,WAAW,GAAG,QAAQ,GAAG,CAAC,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;gBAC3D,kBAAkB,CAAC,IAAI,CACrB,GAAG,QAAQ,oBAAoB,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,CAChE,CAAC;gBACF,UAAU,CAAC,IAAI,CAAC,sBAAsB,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,8BAA8B;QAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,cAAe,CAAC,IAAI,CAClD,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,CAAC;QAEF,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,OAAO,CAAC,oBAAoB,IAAI,IAAI,CAAC,MAAM,CAAC,2BAA4B,EAAE,CAAC;gBAC7E,UAAU,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QAED,wBAAwB;QAExB,yCAAyC;QACzC,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAoB,CAAC,IAAI,CACzD,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,CAAC;YACF,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,CAAC,mBAAmB,EAAE,CAAC;gBAC9B,6DAA6D;gBAC7D,MAAM,wBAAwB,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAC1D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,IAAI,GAAG,GAAG,CAAC,CAAC,SAAS,GAAG,KAAK,CACrD,CAAC,MAAM,CAAC;gBACT,IAAI,wBAAwB,IAAI,CAAC,EAAE,CAAC;oBAClC,uBAAuB,GAAG,IAAI,CAAC;oBAC/B,UAAU,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;oBAC5C,QAAQ,CAAC,IAAI,CAAC,iFAAiF,CAAC,CAAC;gBACnG,CAAC;YACH,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,uBAAuB,EAAE,CAAC;YACxC,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAuB,CAAC,IAAI,CAC9D,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,CAAC;YACF,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,CAAC,mBAAmB,EAAE,CAAC;gBAC9B,IAAI,OAAO,CAAC,mBAAmB,IAAI,CAAC,EAAE,CAAC;oBACrC,0BAA0B,GAAG,IAAI,CAAC;oBAClC,UAAU,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;oBAChD,QAAQ,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,gCAAgC;YAChC,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAC7C,CAAC;YACD,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;YAC5D,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAEtB,0BAA0B;YAC1B,MAAM,YAAY,GAAG,GAAG,GAAG,KAAK,CAAC;YACjC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,YAAY,CAAC,CAAC;YAC/D,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YAEnD,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,uBAAwB,EAAE,CAAC;gBAC7D,YAAY,GAAG,IAAI,CAAC;gBACpB,UAAU,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACxC,QAAQ,CAAC,IAAI,CAAC,SAAS,QAAQ,YAAY,UAAU,CAAC,MAAM,2BAA2B,CAAC,CAAC;YAC3F,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACvC,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAuB,CAAC,IAAI,CAC/D,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,CAAC;YACF,IAAI,gBAAgB,EAAE,CAAC;gBACrB,OAAO,CAAC,kBAAkB,EAAE,CAAC;gBAC7B,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAuB,EAAE,CAAC;oBACrE,UAAU,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;oBAClD,QAAQ,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;gBACzE,CAAC;YACH,CAAC;QACH,CAAC;QAED,0DAA0D;QAC1D,IAAI,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,CAAC;YAC3C,MAAM,QAAQ,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACvE,IAAI,QAAQ,IAAI,GAAG,GAAG,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAsB,EAAE,CAAC;gBAC9E,mBAAmB,GAAG,IAAI,CAAC;gBAC3B,UAAU,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;gBACzC,QAAQ,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAED,qBAAqB;QACrB,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,iCAAiC;YACjC,KAAK,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAiB,CAAC,EAAE,CAAC;gBAC7E,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;oBAC3D,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;YAED,MAAM,mBAAmB,GAAG,OAAO,CAAC,iBAAiB,GAAG,UAAU,CAAC;YACnE,IAAI,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAoB,EAAE,CAAC;gBAC3D,UAAU,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;gBAClD,QAAQ,CAAC,IAAI,CAAC,qBAAqB,mBAAmB,sBAAsB,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC;YACjH,CAAC;QACH,CAAC;QAED,4BAA4B;QAE5B,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,KAAK,CAAC,CAAC;QAExC,+BAA+B;QAC/B,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,IAAI,CACzD,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,IAAI,KAAK,CAAC;YACX,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,IAAI,CAC9D,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,IAAI,KAAK,CAAC;YACX,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,IAAI,CAC/D,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACxD,IAAI,KAAK,CAAC;YAEX,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC;gBACxB,IAAI,EAAE,QAAQ;gBACd,SAAS,EAAE,GAAG;gBACd,cAAc,EAAE,aAAa;gBAC7B,gBAAgB,EAAE,eAAe;gBACjC,iBAAiB,EAAE,gBAAgB;gBACnC,YAAY,EAAE,UAAU;aACzB,CAAC,CAAC;YACH,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,CAAC,oBAAoB,EAAE,CAAC;YACjC,CAAC;YACD,OAAO,CAAC,iBAAiB,IAAI,UAAU,CAAC;YACxC,OAAO,CAAC,aAAa,GAAG,GAAG,CAAC;QAC9B,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CACT,uBAAuB,SAAS,cAAc,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtE,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO;YACP,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iCAAiC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACtF,UAAU;YACV,cAAc,EAAE;gBACd,YAAY,EAAE,QAAQ;gBACtB,cAAc,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBACtC,4BAA4B,EAAE,0BAA0B;gBACxD,uBAAuB,EAAE,sBAAsB;gBAC/C,mBAAmB,EAAE,kBAAkB;gBACvC,eAAe;gBACf,yBAAyB,EAAE,uBAAuB;gBAClD,4BAA4B,EAAE,0BAA0B;gBACxD,aAAa,EAAE,YAAY;gBAC3B,qBAAqB,EAAE,OAAO,CAAC,kBAAkB;gBACjD,qBAAqB,EAAE,mBAAmB;gBAC1C,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;aAC7C;YACD,QAAQ;SACT,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,aAAa,CACX,SAAiB,EACjB,KAAe,EACf,YAAoB,EAAE;QAEtB,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,MAAM,YAAY,GAAa,EAAE,CAAC;QAClC,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,MAAM,WAAW,GAAa,EAAE,CAAC;QAEjC,0BAA0B;QAC1B,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAmB,EAAE,CAAC;YACnD,aAAa,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACvD,CAAC;QAED,kBAAkB;QAClB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;YAChE,aAAa,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;YACzC,WAAW,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;YACrC,YAAY,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC,4BAA4B,CAAC,CAAC;YACzE,eAAe,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC,uBAAuB,CAAC,CAAC;YACvE,WAAW,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC,mBAAmB,CAAC,CAAC;QACjE,CAAC;QAED,iDAAiD;QACjD,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAmB,EAAE,CAAC;YACxD,IACE,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAC7D,EACD,CAAC;gBACD,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;gBAClC,IAAI,SAAS,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;oBACnC,aAAa,CAAC,IAAI,CAAC,4BAA4B,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7C,MAAM,WAAW,GAAG,OAAO,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAEnE,OAAO;YACL,OAAO,EAAE,aAAa,CAAC,MAAM,KAAK,CAAC;YACnC,MAAM,EAAE,aAAa,CAAC,MAAM,KAAK,CAAC;gBAChC,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,4BAA4B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC1D,UAAU,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;YACvC,cAAc,EAAE;gBACd,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;gBAC9B,cAAc,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBACtC,4BAA4B,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;gBACxD,uBAAuB,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;gBACtD,mBAAmB,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;aAC/C;YACD,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,SAAiB;QAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7C,OAAO,OAAO,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAiB;QAC5B,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAClC,CAAC;IAEO,kBAAkB,CAAC,SAAiB;QAC1C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE;gBAC3B,EAAE,EAAE,SAAS;gBACb,YAAY,EAAE,EAAE;gBAChB,oBAAoB,EAAE,CAAC;gBACvB,aAAa,EAAE,IAAI,CAAC,GAAG,EAAE;gBACzB,YAAY;gBACZ,mBAAmB,EAAE,CAAC;gBACtB,mBAAmB,EAAE,CAAC;gBACtB,kBAAkB,EAAE,CAAC;gBACrB,iBAAiB,EAAE,CAAC;gBACpB,gBAAgB,EAAE,IAAI,GAAG,EAAE;aAC5B,CAAC,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;IACvC,CAAC;IAEO,eAAe,CACrB,OAAiB,EACjB,WAAmB,EACnB,QAAkB;QAElB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAExC,qDAAqD;QACrD,MAAM,cAAc,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YACtE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,yDAAyD;QACzD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEvC,MAAM,iBAAiB,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAChD,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;YAC/B,IACE,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC,EAC1E,CAAC;gBACD,QAAQ,EAAE,CAAC;gBACX,IAAI,QAAQ,IAAI,iBAAiB,CAAC,MAAM,EAAE,CAAC;oBACzC,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,eAAe;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAkB,GAAG,KAAK,CAAC;QACrD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;YACpD,IAAI,GAAG,GAAG,OAAO,CAAC,aAAa,GAAG,KAAK,EAAE,CAAC;gBACxC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAtiBD,gDAsiBC"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* L2 Tool Registry Guard
|
|
3
|
+
*
|
|
4
|
+
* Maintains strict control over which tools can be executed.
|
|
5
|
+
* Prevents LLM hallucination attacks.
|
|
6
|
+
*/
|
|
7
|
+
import { ToolDefinition, ToolRegistryResult, Role } from "../types";
|
|
8
|
+
export interface ToolRegistryConfig {
|
|
9
|
+
tools: ToolDefinition[];
|
|
10
|
+
strictMatching?: boolean;
|
|
11
|
+
}
|
|
12
|
+
export declare class ToolRegistry {
|
|
13
|
+
private tools;
|
|
14
|
+
private strictMatching;
|
|
15
|
+
constructor(config: ToolRegistryConfig);
|
|
16
|
+
/**
|
|
17
|
+
* Check if a tool exists and is accessible for the given role
|
|
18
|
+
*/
|
|
19
|
+
check(toolName: string, role: Role, requestId?: string): ToolRegistryResult;
|
|
20
|
+
/**
|
|
21
|
+
* Detect if tool name looks like a hallucination
|
|
22
|
+
*/
|
|
23
|
+
private detectHallucination;
|
|
24
|
+
/**
|
|
25
|
+
* Find similar registered tools for helpful error messages
|
|
26
|
+
*/
|
|
27
|
+
private findSimilarTools;
|
|
28
|
+
/**
|
|
29
|
+
* Get tools for a specific role
|
|
30
|
+
*/
|
|
31
|
+
getToolsForRole(role: Role): ToolDefinition[];
|
|
32
|
+
/**
|
|
33
|
+
* Get all registered tool names
|
|
34
|
+
*/
|
|
35
|
+
getRegisteredToolNames(): string[];
|
|
36
|
+
/**
|
|
37
|
+
* Register a new tool at runtime
|
|
38
|
+
*/
|
|
39
|
+
registerTool(tool: ToolDefinition): void;
|
|
40
|
+
/**
|
|
41
|
+
* Unregister a tool
|
|
42
|
+
*/
|
|
43
|
+
unregisterTool(toolName: string): boolean;
|
|
44
|
+
}
|
|
45
|
+
//# sourceMappingURL=tool-registry.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-registry.d.ts","sourceRoot":"","sources":["../../src/guards/tool-registry.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAmBpE,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,cAAc,EAAE,CAAC;IACxB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,qBAAa,YAAY;IACvB,OAAO,CAAC,KAAK,CAA8B;IAC3C,OAAO,CAAC,cAAc,CAAU;gBAEpB,MAAM,EAAE,kBAAkB;IAStC;;OAEG;IACH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,GAAE,MAAW,GAAG,kBAAkB;IAmD/E;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAyB3B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAsBxB;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,cAAc,EAAE;IAU7C;;OAEG;IACH,sBAAsB,IAAI,MAAM,EAAE;IAIlC;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,cAAc,GAAG,IAAI;IAIxC;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;CAG1C"}
|