llm-trust-guard 4.0.0

package/dist/integrations/langchain.js

@@ -0,0 +1,308 @@
+"use strict";
+/**
+ * LangChain Integration for llm-trust-guard
+ *
+ * Provides callbacks, wrappers, and utilities for securing
+ * LangChain-based applications.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TrustGuardViolationError = exports.TrustGuardLangChain = void 0;
+exports.createInputValidator = createInputValidator;
+exports.createOutputFilter = createOutputFilter;
+const index_js_1 = require("../index.js");
+/**
+ * TrustGuard wrapper for LangChain
+ *
+ * @example
+ * ```typescript
+ * import { ChatOpenAI } from '@langchain/openai';
+ * import { TrustGuardLangChain } from 'llm-trust-guard/integrations/langchain';
+ *
+ * const guard = new TrustGuardLangChain({
+ *   validateInput: true,
+ *   filterOutput: true,
+ *   throwOnViolation: true
+ * });
+ *
+ * // Validate before sending to LLM
+ * const result = guard.validateInput(userMessage);
+ * if (!result.allowed) {
+ *   throw new Error(`Blocked: ${result.violations.join(', ')}`);
+ * }
+ *
+ * // Use with LangChain
+ * const llm = new ChatOpenAI();
+ * const response = await llm.invoke(result.sanitizedInput || userMessage);
+ *
+ * // Filter output before returning to user
+ * const filtered = guard.filterOutput(response.content);
+ * ```
+ */
+class TrustGuardLangChain {
+    constructor(config = {}) {
+        this.config = {
+            validateInput: true,
+            filterOutput: true,
+            validateTools: true,
+            throwOnViolation: false,
+            ...config,
+        };
+        this.inputSanitizer = new index_js_1.InputSanitizer(config.sanitizerConfig);
+        this.encodingDetector = new index_js_1.EncodingDetector();
+        this.memoryGuard = new index_js_1.MemoryGuard();
+        this.toolChainValidator = new index_js_1.ToolChainValidator();
+        this.outputFilter = new index_js_1.OutputFilter(config.outputConfig);
+    }
+    /**
+     * Validate user input before sending to LLM
+     */
+    validateInput(input, requestId) {
+        const reqId = requestId || `lc-${Date.now()}`;
+        // Check input sanitization
+        const sanitizeResult = this.inputSanitizer.sanitize(input, reqId);
+        if (!sanitizeResult.allowed) {
+            this.handleViolation("input_sanitization", sanitizeResult);
+            return {
+                allowed: false,
+                guard: "InputSanitizer",
+                violations: sanitizeResult.violations,
+                sanitizedInput: sanitizeResult.sanitizedInput,
+                details: sanitizeResult,
+            };
+        }
+        // Check encoding attacks
+        const encodingResult = this.encodingDetector.detect(input, reqId);
+        if (!encodingResult.allowed) {
+            this.handleViolation("encoding_attack", encodingResult);
+            return {
+                allowed: false,
+                guard: "EncodingDetector",
+                violations: encodingResult.violations,
+                details: encodingResult,
+            };
+        }
+        return {
+            allowed: true,
+            guard: "all",
+            violations: [],
+            sanitizedInput: sanitizeResult.sanitizedInput,
+        };
+    }
+    /**
+     * Validate context/memory before injection
+     */
+    validateContext(context, sessionId, requestId) {
+        const reqId = requestId || `lc-ctx-${Date.now()}`;
+        const result = this.memoryGuard.validateContextInjection(context, sessionId, reqId);
+        if (!result.allowed) {
+            this.handleViolation("context_injection", result);
+            return {
+                allowed: false,
+                guard: "MemoryGuard",
+                violations: result.violations,
+                details: result,
+            };
+        }
+        return {
+            allowed: true,
+            guard: "MemoryGuard",
+            violations: [],
+        };
+    }
+    /**
+     * Validate RAG documents before context injection
+     */
+    validateDocuments(documents, sessionId) {
+        const violations = [];
+        for (let i = 0; i < documents.length; i++) {
+            const doc = documents[i];
+            // Check content for injections
+            const contentResult = this.memoryGuard.validateContextInjection(doc.content, sessionId);
+            if (!contentResult.allowed) {
+                violations.push(`doc[${i}]: ${contentResult.violations.join(", ")}`);
+            }
+            // Check for encoded threats
+            const encodingResult = this.encodingDetector.detect(doc.content);
+            if (!encodingResult.allowed) {
+                violations.push(`doc[${i}]: encoded threat detected`);
+            }
+        }
+        if (violations.length > 0) {
+            this.handleViolation("document_validation", { violations });
+            return {
+                allowed: false,
+                guard: "DocumentValidator",
+                violations,
+            };
+        }
+        return {
+            allowed: true,
+            guard: "DocumentValidator",
+            violations: [],
+        };
+    }
+    /**
+     * Validate tool calls before execution
+     */
+    validateToolCall(toolName, toolArgs, sessionId) {
+        // Register the tool call
+        const result = this.toolChainValidator.validate(sessionId, toolName);
+        if (!result.allowed) {
+            this.handleViolation("tool_call", result);
+            return {
+                allowed: false,
+                guard: "ToolChainValidator",
+                violations: result.violations,
+                details: result,
+            };
+        }
+        return {
+            allowed: true,
+            guard: "ToolChainValidator",
+            violations: [],
+        };
+    }
+    /**
+     * Filter LLM output before returning to user
+     */
+    filterOutput(output, requestId) {
+        if (!this.config.filterOutput) {
+            return output;
+        }
+        const reqId = requestId || `lc-out-${Date.now()}`;
+        const result = this.outputFilter.filter(output, reqId);
+        if (result.filtered_response !== output) {
+            this.handleViolation("output_filtered", {
+                original: output.substring(0, 100),
+                pii_detected: result.pii_detected.length,
+                secrets_detected: result.secrets_detected.length,
+            });
+        }
+        return typeof result.filtered_response === 'string' ? result.filtered_response : output;
+    }
+    /**
+     * Create a secure message processor
+     */
+    createSecureProcessor(sessionId) {
+        return {
+            /**
+             * Process user message with full validation
+             */
+            processUserMessage: (message) => {
+                const result = this.validateInput(message);
+                return {
+                    allowed: result.allowed,
+                    message: result.sanitizedInput || message,
+                    violations: result.violations,
+                };
+            },
+            /**
+             * Process context/RAG content
+             */
+            processContext: (context) => {
+                const result = this.validateContext(context, sessionId);
+                return {
+                    allowed: result.allowed,
+                    violations: result.violations,
+                };
+            },
+            /**
+             * Process tool call
+             */
+            processToolCall: (tool, args) => {
+                const result = this.validateToolCall(tool, args, sessionId);
+                return {
+                    allowed: result.allowed,
+                    violations: result.violations,
+                };
+            },
+            /**
+             * Process LLM output
+             */
+            processOutput: (output) => {
+                return this.filterOutput(output);
+            },
+        };
+    }
+    handleViolation(type, details) {
+        if (this.config.onViolation) {
+            this.config.onViolation(type, details);
+        }
+        if (this.config.throwOnViolation) {
+            throw new TrustGuardViolationError(type, details);
+        }
+    }
+}
+exports.TrustGuardLangChain = TrustGuardLangChain;
+/**
+ * Error thrown when throwOnViolation is true
+ */
+class TrustGuardViolationError extends Error {
+    constructor(type, details) {
+        super(`Trust guard violation: ${type}`);
+        this.name = "TrustGuardViolationError";
+        this.type = type;
+        this.details = details;
+    }
+}
+exports.TrustGuardViolationError = TrustGuardViolationError;
+/**
+ * Create a simple input validator function for use with LangChain
+ *
+ * @example
+ * ```typescript
+ * const validateInput = createInputValidator();
+ *
+ * // In your chain
+ * const chain = RunnableSequence.from([
+ *   new RunnableLambda({ func: (input) => {
+ *     const result = validateInput(input.message);
+ *     if (!result.allowed) throw new Error('Blocked');
+ *     return { ...input, message: result.sanitized };
+ *   }}),
+ *   prompt,
+ *   llm,
+ *   outputParser
+ * ]);
+ * ```
+ */
+function createInputValidator(config) {
+    const sanitizer = new index_js_1.InputSanitizer(config);
+    const encoder = new index_js_1.EncodingDetector();
+    return function validateInput(input) {
+        const sanitizeResult = sanitizer.sanitize(input);
+        if (!sanitizeResult.allowed) {
+            return {
+                allowed: false,
+                sanitized: sanitizeResult.sanitizedInput,
+                violations: sanitizeResult.violations,
+                pap: sanitizeResult.pap,
+            };
+        }
+        const encodingResult = encoder.detect(input);
+        if (!encodingResult.allowed) {
+            return {
+                allowed: false,
+                sanitized: input,
+                violations: encodingResult.violations,
+            };
+        }
+        return {
+            allowed: true,
+            sanitized: sanitizeResult.sanitizedInput,
+            violations: [],
+            pap: sanitizeResult.pap,
+        };
+    };
+}
+/**
+ * Create an output filter function for use with LangChain
+ */
+function createOutputFilter(config) {
+    const filter = new index_js_1.OutputFilter(config);
+    return function filterOutput(output) {
+        const result = filter.filter(output);
+        return typeof result.filtered_response === 'string' ? result.filtered_response : output;
+    };
+}
+//# sourceMappingURL=langchain.js.map

package/dist/integrations/langchain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"langchain.js","sourceRoot":"","sources":["../../src/integrations/langchain.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAmVH,oDAoCC;AAKD,gDAOC;AAjYD,0CAMqB;AA+BrB;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAa,mBAAmB;IAQ9B,YAAY,SAAmC,EAAE;QAC/C,IAAI,CAAC,MAAM,GAAG;YACZ,aAAa,EAAE,IAAI;YACnB,YAAY,EAAE,IAAI;YAClB,aAAa,EAAE,IAAI;YACnB,gBAAgB,EAAE,KAAK;YACvB,GAAG,MAAM;SACV,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,yBAAc,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjE,IAAI,CAAC,gBAAgB,GAAG,IAAI,2BAAgB,EAAE,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,IAAI,sBAAW,EAAE,CAAC;QACrC,IAAI,CAAC,kBAAkB,GAAG,IAAI,6BAAkB,EAAE,CAAC;QACnD,IAAI,CAAC,YAAY,GAAG,IAAI,uBAAY,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,KAAa,EAAE,SAAkB;QAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,MAAM,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAE9C,2BAA2B;QAC3B,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,cAAc,CAAC,CAAC;YAC3D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,gBAAgB;gBACvB,UAAU,EAAE,cAAc,CAAC,UAAU;gBACrC,cAAc,EAAE,cAAc,CAAC,cAAc;gBAC7C,OAAO,EAAE,cAAc;aACxB,CAAC;QACJ,CAAC;QAED,yBAAyB;QACzB,MAAM,cAAc,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC;YACxD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kBAAkB;gBACzB,UAAU,EAAE,cAAc,CAAC,UAAU;gBACrC,OAAO,EAAE,cAAc;aACxB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,EAAE;YACd,cAAc,EAAE,cAAc,CAAC,cAAc;SAC9C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAA0B,EAAE,SAAiB,EAAE,SAAkB;QAC/E,MAAM,KAAK,GAAG,SAAS,IAAI,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,wBAAwB,CAAC,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QAEpF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,eAAe,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;YAClD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,aAAa;gBACpB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,MAAM;aAChB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,aAAa;YACpB,UAAU,EAAE,EAAE;SACf,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,iBAAiB,CACf,SAAqD,EACrD,SAAiB;QAEjB,MAAM,UAAU,GAAa,EAAE,CAAC;QAEhC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC1C,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAEzB,+BAA+B;YAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,wBAAwB,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACxF,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;gBAC3B,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACvE,CAAC;YAED,4BAA4B;YAC5B,MAAM,cAAc,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACjE,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBAC5B,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,IAAI,CAAC,eAAe,CAAC,qBAAqB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YAC5D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,mBAAmB;gBAC1B,UAAU;aACX,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,mBAAmB;YAC1B,UAAU,EAAE,EAAE;SACf,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CACd,QAAgB,EAChB,QAA6B,EAC7B,SAAiB;QAEjB,yBAAyB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAErE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;YAC1C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,oBAAoB;gBAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,MAAM;aAChB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,oBAAoB;YAC3B,UAAU,EAAE,EAAE;SACf,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAc,EAAE,SAAkB;QAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC9B,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,KAAK,GAAG,SAAS,IAAI,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAEvD,IAAI,MAAM,CAAC,iBAAiB,KAAK,MAAM,EAAE,CAAC;YACxC,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE;gBACtC,QAAQ,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;gBAClC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,MAAM;gBACxC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,CAAC,MAAM;aACjD,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,MAAM,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,CAAC;IAC1F,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,SAAiB;QACrC,OAAO;YACL;;eAEG;YACH,kBAAkB,EAAE,CAAC,OAAe,EAA+D,EAAE;gBACnG,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBAC3C,OAAO;oBACL,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,OAAO,EAAE,MAAM,CAAC,cAAc,IAAI,OAAO;oBACzC,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B,CAAC;YACJ,CAAC;YAED;;eAEG;YACH,cAAc,EAAE,CAAC,OAAiB,EAA8C,EAAE;gBAChF,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;gBACxD,OAAO;oBACL,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B,CAAC;YACJ,CAAC;YAED;;eAEG;YACH,eAAe,EAAE,CAAC,IAAY,EAAE,IAAS,EAA8C,EAAE;gBACvF,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;gBAC5D,OAAO;oBACL,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B,CAAC;YACJ,CAAC;YAED;;eAEG;YACH,aAAa,EAAE,CAAC,MAAc,EAAU,EAAE;gBACxC,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;SACF,CAAC;IACJ,CAAC;IAEO,eAAe,CAAC,IAAY,EAAE,OAAY;QAChD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACjC,MAAM,IAAI,wBAAwB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;CACF;AA3OD,kDA2OC;AAED;;GAEG;AACH,MAAa,wBAAyB,SAAQ,KAAK;IAIjD,YAAY,IAAY,EAAE,OAAY;QACpC,KAAK,CAAC,0BAA0B,IAAI,EAAE,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI,GAAG,0BAA0B,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAVD,4DAUC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,SAAgB,oBAAoB,CAAC,MAAwD;IAC3F,MAAM,SAAS,GAAG,IAAI,yBAAc,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,2BAAgB,EAAE,CAAC;IAEvC,OAAO,SAAS,aAAa,CAAC,KAAa;QAMzC,MAAM,cAAc,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACjD,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,cAAc,CAAC,cAAc;gBACxC,UAAU,EAAE,cAAc,CAAC,UAAU;gBACrC,GAAG,EAAE,cAAc,CAAC,GAAG;aACxB,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC7C,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,KAAK;gBAChB,UAAU,EAAE,cAAc,CAAC,UAAU;aACtC,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,cAAc,CAAC,cAAc;YACxC,UAAU,EAAE,EAAE;YACd,GAAG,EAAE,cAAc,CAAC,GAAG;SACxB,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,MAAsD;IACvF,MAAM,MAAM,GAAG,IAAI,uBAAY,CAAC,MAAM,CAAC,CAAC;IAExC,OAAO,SAAS,YAAY,CAAC,MAAc;QACzC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACrC,OAAO,OAAO,MAAM,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,CAAC,MAAM,CAAC;IAC1F,CAAC,CAAC;AACJ,CAAC"}

package/dist/integrations/openai.d.ts

@@ -0,0 +1,205 @@
+/**
+ * OpenAI Integration for llm-trust-guard
+ *
+ * Provides wrappers and utilities for securing OpenAI API calls.
+ * Works with both the official OpenAI SDK and direct API calls.
+ */
+import { InputSanitizer, OutputFilter } from "../index.js";
+export interface SecureOpenAIConfig {
+    /** Enable input validation */
+    validateInput?: boolean;
+    /** Enable output filtering */
+    filterOutput?: boolean;
+    /** Enable function/tool call validation */
+    validateFunctions?: boolean;
+    /** Throw error on violation */
+    throwOnViolation?: boolean;
+    /** Custom violation handler */
+    onViolation?: (type: string, details: any) => void;
+    /** InputSanitizer configuration */
+    sanitizerConfig?: ConstructorParameters<typeof InputSanitizer>[0];
+    /** OutputFilter configuration */
+    outputConfig?: ConstructorParameters<typeof OutputFilter>[0];
+}
+export interface ValidationResult {
+    allowed: boolean;
+    violations: string[];
+    sanitized?: string;
+    details?: any;
+}
+export interface SecureMessage {
+    role: "system" | "user" | "assistant" | "function" | "tool";
+    content: string | null;
+    name?: string;
+    function_call?: any;
+    tool_calls?: any[];
+}
+/**
+ * Secure wrapper for OpenAI API calls
+ *
+ * @example
+ * ```typescript
+ * import OpenAI from 'openai';
+ * import { SecureOpenAI } from 'llm-trust-guard/integrations/openai';
+ *
+ * const openai = new OpenAI();
+ * const secure = new SecureOpenAI({
+ *   validateInput: true,
+ *   filterOutput: true,
+ *   throwOnViolation: true
+ * });
+ *
+ * // Validate messages before sending
+ * const messages = [
+ *   { role: 'system', content: 'You are a helpful assistant.' },
+ *   { role: 'user', content: userInput }
+ * ];
+ *
+ * const validatedMessages = secure.validateMessages(messages, sessionId);
+ * if (!validatedMessages.allowed) {
+ *   throw new Error(`Blocked: ${validatedMessages.violations.join(', ')}`);
+ * }
+ *
+ * // Make the API call
+ * const completion = await openai.chat.completions.create({
+ *   model: 'gpt-4',
+ *   messages: validatedMessages.messages
+ * });
+ *
+ * // Filter the response
+ * const safeResponse = secure.filterResponse(completion);
+ * ```
+ */
+export declare class SecureOpenAI {
+    private inputSanitizer;
+    private encodingDetector;
+    private memoryGuard;
+    private outputFilter;
+    private toolChainValidator;
+    private config;
+    constructor(config?: SecureOpenAIConfig);
+    /**
+     * Validate a single message content
+     */
+    validateContent(content: string, requestId?: string): ValidationResult;
+    /**
+     * Validate an array of chat messages
+     */
+    validateMessages(messages: SecureMessage[], sessionId: string, requestId?: string): {
+        allowed: boolean;
+        messages: SecureMessage[];
+        violations: string[];
+    };
+    /**
+     * Validate function/tool definitions
+     */
+    validateFunctions(functions: Array<{
+        name: string;
+        description?: string;
+        parameters?: any;
+    }>, sessionId: string): ValidationResult;
+    /**
+     * Validate a function/tool call before execution
+     */
+    validateFunctionCall(name: string, args: Record<string, any>, sessionId: string): ValidationResult;
+    /**
+     * Filter the response from OpenAI
+     */
+    filterResponse(response: {
+        choices?: Array<{
+            message?: {
+                content?: string | null;
+                function_call?: any;
+                tool_calls?: any[];
+            };
+            text?: string;
+        }>;
+    }, requestId?: string): typeof response;
+    /**
+     * Create a secure chat completion wrapper
+     */
+    createSecureChat(sessionId: string): {
+        /**
+         * Prepare messages for API call
+         */
+        prepareMessages: (messages: SecureMessage[]) => {
+            allowed: boolean;
+            messages: SecureMessage[];
+            violations: string[];
+        };
+        /**
+         * Validate function call before execution
+         */
+        validateFunctionCall: (name: string, args: any) => ValidationResult;
+        /**
+         * Filter response before returning
+         */
+        filterResponse: (response: any) => {
+            choices?: Array<{
+                message?: {
+                    content?: string | null;
+                    function_call?: any;
+                    tool_calls?: any[];
+                };
+                text?: string;
+            }>;
+        };
+    };
+    private handleViolation;
+}
+/**
+ * Error thrown on security violations
+ */
+export declare class OpenAISecurityError extends Error {
+    violations: string[];
+    constructor(message: string, violations: string[]);
+}
+/**
+ * Create a simple wrapper function for validating OpenAI messages
+ *
+ * @example
+ * ```typescript
+ * const validate = createMessageValidator();
+ *
+ * const userMessage = await getUserInput();
+ * const result = validate(userMessage);
+ *
+ * if (!result.allowed) {
+ *   console.log('Blocked:', result.violations);
+ *   return;
+ * }
+ *
+ * // Use result.sanitized in your API call
+ * ```
+ */
+export declare function createMessageValidator(config?: ConstructorParameters<typeof InputSanitizer>[0]): (content: string) => {
+    allowed: boolean;
+    sanitized: string;
+    violations: string[];
+};
+/**
+ * Middleware-style wrapper for OpenAI client
+ *
+ * @example
+ * ```typescript
+ * import OpenAI from 'openai';
+ * import { wrapOpenAIClient } from 'llm-trust-guard/integrations/openai';
+ *
+ * const openai = new OpenAI();
+ * const secureOpenAI = wrapOpenAIClient(openai, {
+ *   validateInput: true,
+ *   filterOutput: true
+ * });
+ *
+ * // Use secureOpenAI.chat.completions.create() as normal
+ * // Input will be validated, output will be filtered
+ * ```
+ */
+export declare function wrapOpenAIClient<T extends {
+    chat: {
+        completions: {
+            create: Function;
+        };
+    };
+}>(client: T, config?: SecureOpenAIConfig): T;
+//# sourceMappingURL=openai.d.ts.map

package/dist/integrations/openai.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"openai.d.ts","sourceRoot":"","sources":["../../src/integrations/openai.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,cAAc,EAGd,YAAY,EAEb,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,kBAAkB;IACjC,8BAA8B;IAC9B,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,8BAA8B;IAC9B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,2CAA2C;IAC3C,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,+BAA+B;IAC/B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,+BAA+B;IAC/B,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAC;IACnD,mCAAmC;IACnC,eAAe,CAAC,EAAE,qBAAqB,CAAC,OAAO,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,iCAAiC;IACjC,YAAY,CAAC,EAAE,qBAAqB,CAAC,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;CAC9D;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,GAAG,CAAC;CACf;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,GAAG,MAAM,GAAG,WAAW,GAAG,UAAU,GAAG,MAAM,CAAC;IAC5D,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,GAAG,CAAC;IACpB,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,kBAAkB,CAAqB;IAC/C,OAAO,CAAC,MAAM,CAAqB;gBAEvB,MAAM,GAAE,kBAAuB;IAgB3C;;OAEG;IACH,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,gBAAgB;IAiCtE;;OAEG;IACH,gBAAgB,CACd,QAAQ,EAAE,aAAa,EAAE,EACzB,SAAS,EAAE,MAAM,EACjB,SAAS,CAAC,EAAE,MAAM,GACjB;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,aAAa,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAA;KAAE;IAoDxE;;OAEG;IACH,iBAAiB,CACf,SAAS,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,CAAC,EAAE,GAAG,CAAA;KAAE,CAAC,EAC1E,SAAS,EAAE,MAAM,GAChB,gBAAgB;IA4BnB;;OAEG;IACH,oBAAoB,CAClB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,SAAS,EAAE,MAAM,GAChB,gBAAgB;IAiCnB;;OAEG;IACH,cAAc,CACZ,QAAQ,EAAE;QACR,OAAO,CAAC,EAAE,KAAK,CAAC;YACd,OAAO,CAAC,EAAE;gBAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;gBAAC,aAAa,CAAC,EAAE,GAAG,CAAC;gBAAC,UAAU,CAAC,EAAE,GAAG,EAAE,CAAA;aAAE,CAAC;YAC/E,IAAI,CAAC,EAAE,MAAM,CAAC;SACf,CAAC,CAAC;KACJ,EACD,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,QAAQ;IA0ClB;;OAEG;IACH,gBAAgB,CAAC,SAAS,EAAE,MAAM;QAE9B;;WAEG;oCACyB,aAAa,EAAE;qBA3LjC,OAAO;sBAAY,aAAa,EAAE;wBAAc,MAAM,EAAE;;QA+LlE;;WAEG;qCAC0B,MAAM,QAAQ,GAAG;QAI9C;;WAEG;mCACwB,GAAG;sBAtEpB,KAAK,CAAC;gBACd,OAAO,CAAC,EAAE;oBAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;oBAAC,aAAa,CAAC,EAAE,GAAG,CAAC;oBAAC,UAAU,CAAC,EAAE,GAAG,EAAE,CAAA;iBAAE,CAAC;gBAC/E,IAAI,CAAC,EAAE,MAAM,CAAC;aACf,CAAC;;;IAyEN,OAAO,CAAC,eAAe;CASxB;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,KAAK;IACrC,UAAU,EAAE,MAAM,EAAE,CAAC;gBAEhB,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE;CAKlD;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,CAAC,EAAE,qBAAqB,CAAC,OAAO,cAAc,CAAC,CAAC,CAAC,CAAC,IAIpE,SAAS,MAAM,KAAG;IACzC,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB,CAyBF;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,SAAS;IAAE,IAAI,EAAE;QAAE,WAAW,EAAE;YAAE,MAAM,EAAE,QAAQ,CAAA;SAAE,CAAA;KAAE,CAAA;CAAE,EACxF,MAAM,EAAE,CAAC,EACT,MAAM,GAAE,kBAAuB,GAC9B,CAAC,CAgCH"}