mcp-rubber-duck 1.8.0 → 1.9.0

package/dist/guardrails/plugins/token-limiter.d.ts

@@ -0,0 +1,30 @@
+import { BaseGuardrailPlugin } from './base-plugin.js';
+import { GuardrailPhase, GuardrailContext, GuardrailResult } from '../types.js';
+/**
+ * Token limiter plugin - limits input/output token counts
+ */
+export declare class TokenLimiterPlugin extends BaseGuardrailPlugin {
+    name: string;
+    phases: GuardrailPhase[];
+    private maxInputTokens;
+    private maxOutputTokens;
+    private warnAtPercentage;
+    initialize(config: Record<string, unknown>): Promise<void>;
+    execute(phase: GuardrailPhase, context: GuardrailContext): Promise<GuardrailResult>;
+    private checkInputTokens;
+    private checkOutputTokens;
+    /**
+     * Estimate token count from text
+     * Uses a simple heuristic: ~4 characters per token for English text
+     * This is a rough approximation - for accuracy, use tiktoken
+     */
+    estimateTokenCount(text: string): number;
+    /**
+     * Get configured limits (for testing/monitoring)
+     */
+    getLimits(): {
+        maxInputTokens: number;
+        maxOutputTokens: number | undefined;
+    };
+}
+//# sourceMappingURL=token-limiter.d.ts.map

package/dist/guardrails/plugins/token-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-limiter.d.ts","sourceRoot":"","sources":["../../../src/guardrails/plugins/token-limiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAGhF;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,mBAAmB;IACzD,IAAI,SAAmB;IACvB,MAAM,EAAE,cAAc,EAAE,CAAoC;IAE5D,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,eAAe,CAAqB;IAC5C,OAAO,CAAC,gBAAgB,CAAc;IAEhC,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAUhE,OAAO,CAAC,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IASnF,OAAO,CAAC,gBAAgB;IAiDxB,OAAO,CAAC,iBAAiB;IAkDzB;;;;OAIG;IACH,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAOxC;;OAEG;IACH,SAAS,IAAI;QAAE,cAAc,EAAE,MAAM,CAAC;QAAC,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;KAAE;CAM7E"}

package/dist/guardrails/plugins/token-limiter.js

@@ -0,0 +1,98 @@
+import { BaseGuardrailPlugin } from './base-plugin.js';
+/**
+ * Token limiter plugin - limits input/output token counts
+ */
+export class TokenLimiterPlugin extends BaseGuardrailPlugin {
+    name = 'token_limiter';
+    phases = ['pre_request', 'post_response'];
+    maxInputTokens = 8192;
+    maxOutputTokens;
+    warnAtPercentage = 80;
+    async initialize(config) {
+        await super.initialize(config);
+        const typedConfig = config;
+        this.maxInputTokens = typedConfig.max_input_tokens ?? 8192;
+        this.maxOutputTokens = typedConfig.max_output_tokens;
+        this.warnAtPercentage = typedConfig.warn_at_percentage ?? 80;
+        this.priority = typedConfig.priority ?? 20;
+    }
+    execute(phase, context) {
+        if (phase === 'pre_request') {
+            return this.checkInputTokens(context, phase);
+        }
+        else if (phase === 'post_response') {
+            return this.checkOutputTokens(context, phase);
+        }
+        return Promise.resolve(this.allow(context));
+    }
+    checkInputTokens(context, phase) {
+        // Estimate token count from prompt
+        const prompt = context.prompt || '';
+        const estimatedTokens = this.estimateTokenCount(prompt);
+        // Also count messages if present
+        let totalTokens = estimatedTokens;
+        for (const msg of context.messages) {
+            totalTokens += this.estimateTokenCount(msg.content);
+        }
+        // Check if over limit
+        if (totalTokens > this.maxInputTokens) {
+            this.addViolation(context, phase, 'max_input_tokens', 'error', `Token limit exceeded: estimated ${totalTokens} tokens (limit: ${this.maxInputTokens})`, { estimatedTokens: totalTokens, limit: this.maxInputTokens });
+            return Promise.resolve(this.block(context, `Token limit exceeded: ~${totalTokens}/${this.maxInputTokens} tokens`));
+        }
+        // Warn if approaching limit
+        const warnThreshold = this.maxInputTokens * (this.warnAtPercentage / 100);
+        if (totalTokens >= warnThreshold) {
+            this.addViolation(context, phase, 'max_input_tokens_warning', 'warning', `Approaching token limit: estimated ${totalTokens}/${this.maxInputTokens} tokens (${Math.round((totalTokens / this.maxInputTokens) * 100)}%)`, {
+                estimatedTokens: totalTokens,
+                limit: this.maxInputTokens,
+                percentage: Math.round((totalTokens / this.maxInputTokens) * 100),
+            });
+        }
+        return Promise.resolve(this.allow(context));
+    }
+    checkOutputTokens(context, phase) {
+        // Skip if no output limit configured
+        if (!this.maxOutputTokens) {
+            return Promise.resolve(this.allow(context));
+        }
+        const response = context.response || '';
+        const estimatedTokens = this.estimateTokenCount(response);
+        // Check if over limit
+        if (estimatedTokens > this.maxOutputTokens) {
+            this.addViolation(context, phase, 'max_output_tokens', 'error', `Output token limit exceeded: estimated ${estimatedTokens} tokens (limit: ${this.maxOutputTokens})`, { estimatedTokens, limit: this.maxOutputTokens });
+            return Promise.resolve(this.block(context, `Output token limit exceeded: ~${estimatedTokens}/${this.maxOutputTokens} tokens`));
+        }
+        // Warn if approaching limit
+        const warnThreshold = this.maxOutputTokens * (this.warnAtPercentage / 100);
+        if (estimatedTokens >= warnThreshold) {
+            this.addViolation(context, phase, 'max_output_tokens_warning', 'warning', `Approaching output token limit: estimated ${estimatedTokens}/${this.maxOutputTokens} tokens (${Math.round((estimatedTokens / this.maxOutputTokens) * 100)}%)`, {
+                estimatedTokens,
+                limit: this.maxOutputTokens,
+                percentage: Math.round((estimatedTokens / this.maxOutputTokens) * 100),
+            });
+        }
+        return Promise.resolve(this.allow(context));
+    }
+    /**
+     * Estimate token count from text
+     * Uses a simple heuristic: ~4 characters per token for English text
+     * This is a rough approximation - for accuracy, use tiktoken
+     */
+    estimateTokenCount(text) {
+        if (!text)
+            return 0;
+        // Rough approximation: 1 token ≈ 4 characters for English
+        // Add some overhead for special tokens
+        return Math.ceil(text.length / 4) + 4;
+    }
+    /**
+     * Get configured limits (for testing/monitoring)
+     */
+    getLimits() {
+        return {
+            maxInputTokens: this.maxInputTokens,
+            maxOutputTokens: this.maxOutputTokens,
+        };
+    }
+}
+//# sourceMappingURL=token-limiter.js.map

package/dist/guardrails/plugins/token-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-limiter.js","sourceRoot":"","sources":["../../../src/guardrails/plugins/token-limiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAIvD;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,mBAAmB;IACzD,IAAI,GAAG,eAAe,CAAC;IACvB,MAAM,GAAqB,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IAEpD,cAAc,GAAW,IAAI,CAAC;IAC9B,eAAe,CAAqB;IACpC,gBAAgB,GAAW,EAAE,CAAC;IAEtC,KAAK,CAAC,UAAU,CAAC,MAA+B;QAC9C,MAAM,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAE/B,MAAM,WAAW,GAAG,MAAqC,CAAC;QAC1D,IAAI,CAAC,cAAc,GAAG,WAAW,CAAC,gBAAgB,IAAI,IAAI,CAAC;QAC3D,IAAI,CAAC,eAAe,GAAG,WAAW,CAAC,iBAAiB,CAAC;QACrD,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAC,kBAAkB,IAAI,EAAE,CAAC;QAC7D,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED,OAAO,CAAC,KAAqB,EAAE,OAAyB;QACtD,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC/C,CAAC;aAAM,IAAI,KAAK,KAAK,eAAe,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9C,CAAC;IAEO,gBAAgB,CACtB,OAAyB,EACzB,KAAqB;QAErB,mCAAmC;QACnC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;QACpC,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAExD,iCAAiC;QACjC,IAAI,WAAW,GAAG,eAAe,CAAC;QAClC,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACnC,WAAW,IAAI,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACtD,CAAC;QAED,sBAAsB;QACtB,IAAI,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YACtC,IAAI,CAAC,YAAY,CACf,OAAO,EACP,KAAK,EACL,kBAAkB,EAClB,OAAO,EACP,mCAAmC,WAAW,mBAAmB,IAAI,CAAC,cAAc,GAAG,EACvF,EAAE,eAAe,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,cAAc,EAAE,CAC7D,CAAC;YACF,OAAO,OAAO,CAAC,OAAO,CACpB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,0BAA0B,WAAW,IAAI,IAAI,CAAC,cAAc,SAAS,CAAC,CAC3F,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,MAAM,aAAa,GAAG,IAAI,CAAC,cAAc,GAAG,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,CAAC;QAC1E,IAAI,WAAW,IAAI,aAAa,EAAE,CAAC;YACjC,IAAI,CAAC,YAAY,CACf,OAAO,EACP,KAAK,EACL,0BAA0B,EAC1B,SAAS,EACT,sCAAsC,WAAW,IAAI,IAAI,CAAC,cAAc,YAAY,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC,IAAI,EAC7I;gBACE,eAAe,EAAE,WAAW;gBAC5B,KAAK,EAAE,IAAI,CAAC,cAAc;gBAC1B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC;aAClE,CACF,CAAC;QACJ,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,OAAyB,EACzB,KAAqB;QAErB,qCAAqC;QACrC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC;QACxC,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAE1D,sBAAsB;QACtB,IAAI,eAAe,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,YAAY,CACf,OAAO,EACP,KAAK,EACL,mBAAmB,EACnB,OAAO,EACP,0CAA0C,eAAe,mBAAmB,IAAI,CAAC,eAAe,GAAG,EACnG,EAAE,eAAe,EAAE,KAAK,EAAE,IAAI,CAAC,eAAe,EAAE,CACjD,CAAC;YACF,OAAO,OAAO,CAAC,OAAO,CACpB,IAAI,CAAC,KAAK,CACR,OAAO,EACP,iCAAiC,eAAe,IAAI,IAAI,CAAC,eAAe,SAAS,CAClF,CACF,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,GAAG,CAAC,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,CAAC;QAC3E,IAAI,eAAe,IAAI,aAAa,EAAE,CAAC;YACrC,IAAI,CAAC,YAAY,CACf,OAAO,EACP,KAAK,EACL,2BAA2B,EAC3B,SAAS,EACT,6CAA6C,eAAe,IAAI,IAAI,CAAC,eAAe,YAAY,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,GAAG,CAAC,IAAI,EAC9J;gBACE,eAAe;gBACf,KAAK,EAAE,IAAI,CAAC,eAAe;gBAC3B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,GAAG,CAAC;aACvE,CACF,CAAC;QACJ,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED;;;;OAIG;IACH,kBAAkB,CAAC,IAAY;QAC7B,IAAI,CAAC,IAAI;YAAE,OAAO,CAAC,CAAC;QACpB,0DAA0D;QAC1D,uCAAuC;QACvC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO;YACL,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;IACJ,CAAC;CACF"}

package/dist/guardrails/service.d.ts

@@ -0,0 +1,38 @@
+import { GuardrailPlugin, GuardrailPhase, GuardrailContext, GuardrailResult, CreateContextOptions } from './types.js';
+import { GuardrailsConfig } from '../config/types.js';
+/**
+ * Main service that orchestrates guardrail plugins
+ */
+export declare class GuardrailsService {
+    private plugins;
+    private config;
+    private enabled;
+    constructor(config?: Partial<GuardrailsConfig>);
+    /**
+     * Initialize the service and all configured plugins
+     */
+    initialize(): Promise<void>;
+    private loadPluginsFromConfig;
+    private loadPlugin;
+    /**
+     * Check if guardrails are enabled
+     */
+    isEnabled(): boolean;
+    /**
+     * Create a new context for guardrail execution
+     */
+    createContext(options: CreateContextOptions): GuardrailContext;
+    /**
+     * Execute all relevant plugins for a given phase
+     */
+    execute(phase: GuardrailPhase, context: GuardrailContext): Promise<GuardrailResult>;
+    /**
+     * Shutdown the service and all plugins
+     */
+    shutdown(): Promise<void>;
+    /**
+     * Get list of loaded plugins
+     */
+    getPlugins(): GuardrailPlugin[];
+}
+//# sourceMappingURL=service.d.ts.map

package/dist/guardrails/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../src/guardrails/service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,gBAAgB,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAEtH,OAAO,EAAE,gBAAgB,EAA2B,MAAM,oBAAoB,CAAC;AAG/E;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,OAAO,CAAyB;IACxC,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,OAAO,CAAkB;gBAErB,MAAM,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC;IAY9C;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YAkBnB,qBAAqB;YA2BrB,UAAU;IAwBxB;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,gBAAgB;IAI9D;;OAEG;IACG,OAAO,CAAC,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAyEzF;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;IAY/B;;OAEG;IACH,UAAU,IAAI,eAAe,EAAE;CAGhC"}

package/dist/guardrails/service.js

@@ -0,0 +1,183 @@
+import { createGuardrailContext } from './context.js';
+import { logger } from '../utils/logger.js';
+/**
+ * Main service that orchestrates guardrail plugins
+ */
+export class GuardrailsService {
+    plugins = [];
+    config;
+    enabled = false;
+    constructor(config) {
+        this.config = {
+            enabled: config?.enabled ?? false,
+            log_violations: config?.log_violations ?? true,
+            log_modifications: config?.log_modifications ?? false,
+            fail_open: config?.fail_open ?? false,
+            plugins: config?.plugins,
+        };
+        // Start disabled - will be enabled after successful initialization with plugins
+        this.enabled = false;
+    }
+    /**
+     * Initialize the service and all configured plugins
+     */
+    async initialize() {
+        if (!this.config.enabled) {
+            logger.info('Guardrails disabled in configuration');
+            return;
+        }
+        const pluginConfigs = this.config.plugins || {};
+        // Load plugins in order
+        await this.loadPluginsFromConfig(pluginConfigs);
+        // Sort by priority (lower = runs first)
+        this.plugins.sort((a, b) => a.priority - b.priority);
+        this.enabled = this.plugins.length > 0;
+        logger.info(`Guardrails initialized with ${this.plugins.length} plugins`);
+    }
+    async loadPluginsFromConfig(pluginConfigs) {
+        const pluginOrder = [
+            ['rate_limiter', pluginConfigs.rate_limiter],
+            ['token_limiter', pluginConfigs.token_limiter],
+            ['pii_redactor', pluginConfigs.pii_redactor],
+            ['pattern_blocker', pluginConfigs.pattern_blocker],
+        ];
+        for (const [pluginName, pluginConfig] of pluginOrder) {
+            if (!pluginConfig || !pluginConfig.enabled) {
+                continue;
+            }
+            try {
+                const plugin = await this.loadPlugin(pluginName);
+                await plugin.initialize(pluginConfig);
+                if (pluginConfig.priority !== undefined) {
+                    plugin.priority = pluginConfig.priority;
+                }
+                this.plugins.push(plugin);
+                logger.info(`Guardrail plugin '${pluginName}' initialized`);
+            }
+            catch (error) {
+                logger.error(`Failed to initialize guardrail plugin '${pluginName}':`, error);
+            }
+        }
+    }
+    async loadPlugin(name) {
+        // Dynamic plugin loading
+        switch (name) {
+            case 'rate_limiter': {
+                const { RateLimiterPlugin } = await import('./plugins/rate-limiter.js');
+                return new RateLimiterPlugin();
+            }
+            case 'token_limiter': {
+                const { TokenLimiterPlugin } = await import('./plugins/token-limiter.js');
+                return new TokenLimiterPlugin();
+            }
+            case 'pattern_blocker': {
+                const { PatternBlockerPlugin } = await import('./plugins/pattern-blocker.js');
+                return new PatternBlockerPlugin();
+            }
+            case 'pii_redactor': {
+                const { PIIRedactorPlugin } = await import('./plugins/pii-redactor/index.js');
+                return new PIIRedactorPlugin();
+            }
+            default:
+                throw new Error(`Unknown guardrail plugin: ${name}`);
+        }
+    }
+    /**
+     * Check if guardrails are enabled
+     */
+    isEnabled() {
+        return this.enabled;
+    }
+    /**
+     * Create a new context for guardrail execution
+     */
+    createContext(options) {
+        return createGuardrailContext(options);
+    }
+    /**
+     * Execute all relevant plugins for a given phase
+     */
+    async execute(phase, context) {
+        if (!this.enabled) {
+            return { action: 'allow', context };
+        }
+        const relevantPlugins = this.plugins.filter((p) => p.enabled && p.phases.includes(phase));
+        // Track logged items to avoid duplicates
+        let lastViolationCount = 0;
+        let lastModificationCount = 0;
+        let wasModified = false;
+        for (const plugin of relevantPlugins) {
+            try {
+                const result = await plugin.execute(phase, context);
+                // Log only NEW violations if configured
+                if (this.config.log_violations && context.violations.length > lastViolationCount) {
+                    for (let i = lastViolationCount; i < context.violations.length; i++) {
+                        const violation = context.violations[i];
+                        logger.warn(`Guardrail violation: ${violation.pluginName} - ${violation.message}`, {
+                            rule: violation.rule,
+                            severity: violation.severity,
+                            details: violation.details,
+                        });
+                    }
+                    lastViolationCount = context.violations.length;
+                }
+                // Log only NEW modifications if configured
+                if (this.config.log_modifications && context.modifications.length > lastModificationCount) {
+                    for (let i = lastModificationCount; i < context.modifications.length; i++) {
+                        const mod = context.modifications[i];
+                        logger.info(`Guardrail modification: ${mod.pluginName} - ${mod.reason}`, {
+                            field: mod.field,
+                        });
+                    }
+                    lastModificationCount = context.modifications.length;
+                }
+                if (result.action === 'block') {
+                    logger.warn(`Request blocked by guardrail '${plugin.name}': ${result.blockReason}`);
+                    return result;
+                }
+                // Track if any plugin modified the context
+                if (result.action === 'modify') {
+                    wasModified = true;
+                }
+                // Update context for next plugin
+                context = result.context;
+            }
+            catch (error) {
+                const errorMessage = error instanceof Error ? error.message : String(error);
+                logger.error(`Guardrail plugin '${plugin.name}' error:`, error);
+                if (!this.config.fail_open) {
+                    return {
+                        action: 'block',
+                        context,
+                        blockedBy: plugin.name,
+                        blockReason: `Plugin error: ${errorMessage}`,
+                    };
+                }
+                // fail_open: continue to next plugin
+            }
+        }
+        return { action: wasModified ? 'modify' : 'allow', context };
+    }
+    /**
+     * Shutdown the service and all plugins
+     */
+    async shutdown() {
+        for (const plugin of this.plugins) {
+            try {
+                await plugin.shutdown();
+            }
+            catch (error) {
+                logger.error(`Error shutting down plugin '${plugin.name}':`, error);
+            }
+        }
+        this.plugins = [];
+        this.enabled = false;
+    }
+    /**
+     * Get list of loaded plugins
+     */
+    getPlugins() {
+        return [...this.plugins];
+    }
+}
+//# sourceMappingURL=service.js.map

package/dist/guardrails/service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.js","sourceRoot":"","sources":["../../src/guardrails/service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAEtD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C;;GAEG;AACH,MAAM,OAAO,iBAAiB;IACpB,OAAO,GAAsB,EAAE,CAAC;IAChC,MAAM,CAAmB;IACzB,OAAO,GAAY,KAAK,CAAC;IAEjC,YAAY,MAAkC;QAC5C,IAAI,CAAC,MAAM,GAAG;YACZ,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,KAAK;YACjC,cAAc,EAAE,MAAM,EAAE,cAAc,IAAI,IAAI;YAC9C,iBAAiB,EAAE,MAAM,EAAE,iBAAiB,IAAI,KAAK;YACrD,SAAS,EAAE,MAAM,EAAE,SAAS,IAAI,KAAK;YACrC,OAAO,EAAE,MAAM,EAAE,OAAO;SACzB,CAAC;QACF,gFAAgF;QAChF,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACpD,OAAO;QACT,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;QAEhD,wBAAwB;QACxB,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;QAEhD,wCAAwC;QACxC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;QAErD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,+BAA+B,IAAI,CAAC,OAAO,CAAC,MAAM,UAAU,CAAC,CAAC;IAC5E,CAAC;IAEO,KAAK,CAAC,qBAAqB,CAAC,aAA+C;QACjF,MAAM,WAAW,GAA6B;YAC5C,CAAC,cAAc,EAAE,aAAa,CAAC,YAAY,CAAC;YAC5C,CAAC,eAAe,EAAE,aAAa,CAAC,aAAa,CAAC;YAC9C,CAAC,cAAc,EAAE,aAAa,CAAC,YAAY,CAAC;YAC5C,CAAC,iBAAiB,EAAE,aAAa,CAAC,eAAe,CAAC;SACnD,CAAC;QAEF,KAAK,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,IAAI,WAAW,EAAE,CAAC;YACrD,IAAI,CAAC,YAAY,IAAI,CAAE,YAAsC,CAAC,OAAO,EAAE,CAAC;gBACtE,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;gBACjD,MAAM,MAAM,CAAC,UAAU,CAAC,YAAuC,CAAC,CAAC;gBACjE,IAAK,YAAsC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;oBACnE,MAAM,CAAC,QAAQ,GAAI,YAAqC,CAAC,QAAQ,CAAC;gBACpE,CAAC;gBACD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBAC1B,MAAM,CAAC,IAAI,CAAC,qBAAqB,UAAU,eAAe,CAAC,CAAC;YAC9D,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,0CAA0C,UAAU,IAAI,EAAE,KAAK,CAAC,CAAC;YAChF,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,IAAY;QACnC,yBAAyB;QACzB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;gBACxE,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACjC,CAAC;YACD,KAAK,eAAe,CAAC,CAAC,CAAC;gBACrB,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,4BAA4B,CAAC,CAAC;gBAC1E,OAAO,IAAI,kBAAkB,EAAE,CAAC;YAClC,CAAC;YACD,KAAK,iBAAiB,CAAC,CAAC,CAAC;gBACvB,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAAC,8BAA8B,CAAC,CAAC;gBAC9E,OAAO,IAAI,oBAAoB,EAAE,CAAC;YACpC,CAAC;YACD,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,MAAM,CAAC,iCAAiC,CAAC,CAAC;gBAC9E,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACjC,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAA6B;QACzC,OAAO,sBAAsB,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,KAAqB,EAAE,OAAyB;QAC5D,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QACtC,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CACzC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC7C,CAAC;QAEF,yCAAyC;QACzC,IAAI,kBAAkB,GAAG,CAAC,CAAC;QAC3B,IAAI,qBAAqB,GAAG,CAAC,CAAC;QAC9B,IAAI,WAAW,GAAG,KAAK,CAAC;QAExB,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAEpD,wCAAwC;gBACxC,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,GAAG,kBAAkB,EAAE,CAAC;oBACjF,KAAK,IAAI,CAAC,GAAG,kBAAkB,EAAE,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACpE,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;wBACxC,MAAM,CAAC,IAAI,CAAC,wBAAwB,SAAS,CAAC,UAAU,MAAM,SAAS,CAAC,OAAO,EAAE,EAAE;4BACjF,IAAI,EAAE,SAAS,CAAC,IAAI;4BACpB,QAAQ,EAAE,SAAS,CAAC,QAAQ;4BAC5B,OAAO,EAAE,SAAS,CAAC,OAAO;yBAC3B,CAAC,CAAC;oBACL,CAAC;oBACD,kBAAkB,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;gBACjD,CAAC;gBAED,2CAA2C;gBAC3C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,qBAAqB,EAAE,CAAC;oBAC1F,KAAK,IAAI,CAAC,GAAG,qBAAqB,EAAE,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC1E,MAAM,GAAG,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;wBACrC,MAAM,CAAC,IAAI,CAAC,2BAA2B,GAAG,CAAC,UAAU,MAAM,GAAG,CAAC,MAAM,EAAE,EAAE;4BACvE,KAAK,EAAE,GAAG,CAAC,KAAK;yBACjB,CAAC,CAAC;oBACL,CAAC;oBACD,qBAAqB,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC;gBACvD,CAAC;gBAED,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC,iCAAiC,MAAM,CAAC,IAAI,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;oBACpF,OAAO,MAAM,CAAC;gBAChB,CAAC;gBAED,2CAA2C;gBAC3C,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAC/B,WAAW,GAAG,IAAI,CAAC;gBACrB,CAAC;gBAED,iCAAiC;gBACjC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;YAC3B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5E,MAAM,CAAC,KAAK,CAAC,qBAAqB,MAAM,CAAC,IAAI,UAAU,EAAE,KAAK,CAAC,CAAC;gBAEhE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;oBAC3B,OAAO;wBACL,MAAM,EAAE,OAAO;wBACf,OAAO;wBACP,SAAS,EAAE,MAAM,CAAC,IAAI;wBACtB,WAAW,EAAE,iBAAiB,YAAY,EAAE;qBAC7C,CAAC;gBACJ,CAAC;gBACD,qCAAqC;YACvC,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ;QACZ,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC1B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,+BAA+B,MAAM,CAAC,IAAI,IAAI,EAAE,KAAK,CAAC,CAAC;YACtE,CAAC;QACH,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;QAClB,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;CACF"}

package/dist/guardrails/types.d.ts

@@ -0,0 +1,96 @@
+import { ConversationMessage } from '../config/types.js';
+/**
+ * Phases in the guardrail pipeline where plugins can intercept
+ */
+export type GuardrailPhase = 'pre_request' | 'post_response' | 'pre_tool_input' | 'post_tool_output' | 'pre_cache';
+/**
+ * Action to take after guardrail evaluation
+ */
+export type GuardrailAction = 'allow' | 'block' | 'modify';
+/**
+ * Severity levels for violations
+ */
+export type ViolationSeverity = 'info' | 'warning' | 'error' | 'critical';
+/**
+ * A violation detected by a guardrail plugin
+ */
+export interface GuardrailViolation {
+    pluginName: string;
+    phase: GuardrailPhase;
+    rule: string;
+    severity: ViolationSeverity;
+    message: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * A modification made by a guardrail plugin
+ */
+export interface GuardrailModification {
+    pluginName: string;
+    phase: GuardrailPhase;
+    field: string;
+    originalValue?: unknown;
+    newValue?: unknown;
+    reason: string;
+}
+/**
+ * Context passed through the guardrail pipeline
+ */
+export interface GuardrailContext {
+    requestId: string;
+    provider: string;
+    model: string;
+    timestamp: Date;
+    messages: ConversationMessage[];
+    prompt?: string;
+    response?: string;
+    toolName?: string;
+    toolArgs?: Record<string, unknown>;
+    toolResult?: unknown;
+    metadata: Map<string, unknown>;
+    violations: GuardrailViolation[];
+    modifications: GuardrailModification[];
+}
+/**
+ * Result from a guardrail plugin execution
+ */
+export interface GuardrailResult {
+    action: GuardrailAction;
+    context: GuardrailContext;
+    blockedBy?: string;
+    blockReason?: string;
+}
+/**
+ * Base interface for guardrail plugins
+ */
+export interface GuardrailPlugin {
+    /** Unique plugin name */
+    name: string;
+    /** Whether the plugin is currently enabled */
+    enabled: boolean;
+    /** Execution priority (lower = runs first) */
+    priority: number;
+    /** Which phases this plugin handles */
+    phases: GuardrailPhase[];
+    /** Initialize the plugin with its configuration */
+    initialize(config: Record<string, unknown>): Promise<void>;
+    /** Execute the plugin for a specific phase */
+    execute(phase: GuardrailPhase, context: GuardrailContext): Promise<GuardrailResult>;
+    /** Cleanup plugin resources */
+    shutdown(): Promise<void>;
+}
+/**
+ * Options for creating a guardrail context
+ */
+export interface CreateContextOptions {
+    requestId?: string;
+    provider?: string;
+    model?: string;
+    messages?: ConversationMessage[];
+    prompt?: string;
+    response?: string;
+    toolName?: string;
+    toolArgs?: Record<string, unknown>;
+    toolResult?: unknown;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/guardrails/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/guardrails/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,aAAa,GACb,eAAe,GACf,gBAAgB,GAChB,kBAAkB,GAClB,WAAW,CAAC;AAEhB;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAE3D;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,GAAG,SAAS,GAAG,OAAO,GAAG,UAAU,CAAC;AAE1E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,cAAc,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,cAAc,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAE/B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,IAAI,CAAC;IAGhB,QAAQ,EAAE,mBAAmB,EAAE,CAAC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,UAAU,CAAC,EAAE,OAAO,CAAC;IAGrB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/B,UAAU,EAAE,kBAAkB,EAAE,CAAC;IACjC,aAAa,EAAE,qBAAqB,EAAE,CAAC;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,OAAO,EAAE,gBAAgB,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IAEb,8CAA8C;IAC9C,OAAO,EAAE,OAAO,CAAC;IAEjB,8CAA8C;IAC9C,QAAQ,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,MAAM,EAAE,cAAc,EAAE,CAAC;IAEzB,mDAAmD;IACnD,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3D,8CAA8C;IAC9C,OAAO,CAAC,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAEpF,+BAA+B;IAC/B,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,mBAAmB,EAAE,CAAC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB"}

package/dist/guardrails/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/guardrails/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/guardrails/types.ts"],"names":[],"mappings":""}

package/dist/providers/duck-provider-enhanced.d.ts

@@ -2,6 +2,7 @@ import { DuckProvider } from './provider.js';
 import { ChatOptions, ChatResponse, ProviderOptions, MCPResult } from './types.js';
 import { FunctionBridge } from '../services/function-bridge.js';
 import { ConversationMessage } from '../config/types.js';
+import { GuardrailsService } from '../guardrails/service.js';
 export interface EnhancedChatResponse extends ChatResponse {
     pendingApprovals?: {
         id: string;
@@ -12,7 +13,7 @@ export interface EnhancedChatResponse extends ChatResponse {
 export declare class EnhancedDuckProvider extends DuckProvider {
     private functionBridge;
     private mcpEnabled;
-    constructor(name: string, nickname: string, options: ProviderOptions, functionBridge: FunctionBridge, mcpEnabled?: boolean);
+    constructor(name: string, nickname: string, options: ProviderOptions, functionBridge: FunctionBridge, mcpEnabled?: boolean, guardrailsService?: GuardrailsService);
     chat(options: ChatOptions): Promise<EnhancedChatResponse>;
     private handleToolCalls;
     retryWithApproval(approvalId: string, originalMessages: ConversationMessage[], options: ChatOptions): Promise<EnhancedChatResponse>;

package/dist/providers/duck-provider-enhanced.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"duck-provider-enhanced.d.ts","sourceRoot":"","sources":["../../src/providers/duck-provider-enhanced.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,EAAmC,SAAS,EAAkB,MAAM,YAAY,CAAC;AACpI,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAIzD,MAAM,WAAW,oBAAqB,SAAQ,YAAY;IACxD,gBAAgB,CAAC,EAAE;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,EAAE,CAAC;IACJ,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;CAC1B;AAED,qBAAa,oBAAqB,SAAQ,YAAY;IACpD,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,UAAU,CAAU;gBAG1B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,eAAe,EACxB,cAAc,EAAE,cAAc,EAC9B,UAAU,GAAE,OAAc;IAOtB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,oBAAoB,CAAC;YAyEjD,eAAe;IAgIvB,iBAAiB,CACrB,UAAU,EAAE,MAAM,EAClB,gBAAgB,EAAE,mBAAmB,EAAE,EACvC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,oBAAoB,CAAC;IA0B1B,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAc5C,WAAW;;;;;;IASX,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAKrC,YAAY,IAAI,OAAO;CAGxB"}
+{"version":3,"file":"duck-provider-enhanced.d.ts","sourceRoot":"","sources":["../../src/providers/duck-provider-enhanced.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,eAAe,EAAmC,SAAS,EAAkB,MAAM,YAAY,CAAC;AACpI,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAGzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAG7D,MAAM,WAAW,oBAAqB,SAAQ,YAAY;IACxD,gBAAgB,CAAC,EAAE;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;KACjB,EAAE,CAAC;IACJ,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;CAC1B;AAED,qBAAa,oBAAqB,SAAQ,YAAY;IACpD,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,UAAU,CAAU;gBAG1B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,eAAe,EACxB,cAAc,EAAE,cAAc,EAC9B,UAAU,GAAE,OAAc,EAC1B,iBAAiB,CAAC,EAAE,iBAAiB;IAOjC,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,oBAAoB,CAAC;YA0IjD,eAAe;IAiIvB,iBAAiB,CACrB,UAAU,EAAE,MAAM,EAClB,gBAAgB,EAAE,mBAAmB,EAAE,EACvC,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,oBAAoB,CAAC;IA0B1B,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAc5C,WAAW;;;;;;IASX,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAKrC,YAAY,IAAI,OAAO;CAGxB"}

package/dist/providers/duck-provider-enhanced.js

@@ -1,16 +1,38 @@
 import { DuckProvider } from './provider.js';
 import { logger } from '../utils/logger.js';
 import { SafeLogger } from '../utils/safe-logger.js';
+import { GuardrailBlockError } from '../guardrails/errors.js';
 export class EnhancedDuckProvider extends DuckProvider {
     functionBridge;
     mcpEnabled;
-    constructor(name, nickname, options, functionBridge, mcpEnabled = true) {
-        super(name, nickname, options);
+    constructor(name, nickname, options, functionBridge, mcpEnabled = true, guardrailsService) {
+        super(name, nickname, options, guardrailsService);
         this.functionBridge = functionBridge;
         this.mcpEnabled = mcpEnabled;
     }
     async chat(options) {
         try {
+            const modelToUse = options.model || this.options.model;
+            // Create guardrail context if service is enabled
+            const guardrailContext = this.guardrailsService?.isEnabled()
+                ? this.guardrailsService.createContext({
+                    provider: this.name,
+                    model: modelToUse,
+                    messages: options.messages,
+                    prompt: options.messages[options.messages.length - 1]?.content,
+                })
+                : undefined;
+            // Execute pre_request guardrails
+            if (guardrailContext && this.guardrailsService?.isEnabled()) {
+                const preResult = await this.guardrailsService.execute('pre_request', guardrailContext);
+                if (preResult.action === 'block') {
+                    throw new GuardrailBlockError(preResult.blockedBy || 'unknown', preResult.blockReason || 'Request blocked by guardrails');
+                }
+                // Update messages if modified by guardrails (e.g., PII redaction)
+                if (preResult.action === 'modify' && guardrailContext.messages.length > 0) {
+                    options = { ...options, messages: guardrailContext.messages };
+                }
+            }
             // If MCP is enabled, add function definitions
             if (this.mcpEnabled) {
                 const functions = await this.functionBridge.getFunctionDefinitions();
@@ -22,7 +44,6 @@ export class EnhancedDuckProvider extends DuckProvider {
             }
             // Prepare messages for function calling
             const messages = this.prepareMessages(options.messages, options.systemPrompt);
-            const modelToUse = options.model || this.options.model;
             const baseParams = {
                 model: modelToUse,
                 messages: messages,
@@ -49,11 +70,35 @@ export class EnhancedDuckProvider extends DuckProvider {
             const choice = response.choices[0];
             // Check if the model wants to call functions
             if (choice.message?.tool_calls && choice.message.tool_calls.length > 0) {
-                return await this.handleToolCalls(choice.message.tool_calls, messages, baseParams, modelToUse);
+                const toolResult = await this.handleToolCalls(choice.message.tool_calls, messages, baseParams, modelToUse, guardrailContext);
+                // Execute post_response guardrails on final result
+                if (guardrailContext && this.guardrailsService?.isEnabled()) {
+                    guardrailContext.response = toolResult.content;
+                    const postResult = await this.guardrailsService.execute('post_response', guardrailContext);
+                    if (postResult.action === 'block') {
+                        throw new GuardrailBlockError(postResult.blockedBy || 'unknown', postResult.blockReason || 'Response blocked by guardrails');
+                    }
+                    if (postResult.action === 'modify' && guardrailContext.response) {
+                        toolResult.content = guardrailContext.response;
+                    }
+                }
+                return toolResult;
+            }
+            let content = choice.message?.content || '';
+            // Execute post_response guardrails
+            if (guardrailContext && this.guardrailsService?.isEnabled()) {
+                guardrailContext.response = content;
+                const postResult = await this.guardrailsService.execute('post_response', guardrailContext);
+                if (postResult.action === 'block') {
+                    throw new GuardrailBlockError(postResult.blockedBy || 'unknown', postResult.blockReason || 'Response blocked by guardrails');
+                }
+                if (postResult.action === 'modify' && guardrailContext.response) {
+                    content = guardrailContext.response;
+                }
             }
             // No tool calls, return regular response
             return {
-                content: choice.message?.content || '',
+                content,
                 usage: response.usage ? {
                     promptTokens: response.usage.prompt_tokens,
                     completionTokens: response.usage.completion_tokens,
@@ -64,12 +109,16 @@ export class EnhancedDuckProvider extends DuckProvider {
             };
         }
         catch (error) {
+            // Re-throw GuardrailBlockError as-is
+            if (error instanceof GuardrailBlockError) {
+                throw error;
+            }
             logger.error(`Enhanced provider ${this.name} chat error:`, error);
             const errorMessage = error instanceof Error ? error.message : String(error);
             throw new Error(`Duck ${this.nickname} couldn't respond: ${errorMessage}`);
         }
     }
-    async handleToolCalls(toolCalls, messages, baseParams, modelToUse) {
+    async handleToolCalls(toolCalls, messages, baseParams, modelToUse, _guardrailContext) {
         const pendingApprovals = [];
         const toolMessages = [];
         let hasExecutedTools = false;