npm - palaryn - Versions diffs - 0.1.0 → 0.3.2 - Mend

palaryn 0.1.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (344) hide show

package/README.md +243 -588
package/dist/sdk/typescript/src/client.js +2 -2
package/dist/sdk/typescript/src/client.js.map +1 -1
package/dist/src/anomaly/detector.d.ts +7 -4
package/dist/src/anomaly/detector.d.ts.map +1 -1
package/dist/src/anomaly/detector.js +22 -12
package/dist/src/anomaly/detector.js.map +1 -1
package/dist/src/audit/logger.d.ts +10 -0
package/dist/src/audit/logger.d.ts.map +1 -1
package/dist/src/audit/logger.js +52 -38
package/dist/src/audit/logger.js.map +1 -1
package/dist/src/auth/routes.d.ts.map +1 -1
package/dist/src/auth/routes.js +35 -0
package/dist/src/auth/routes.js.map +1 -1
package/dist/src/budget/manager.d.ts +5 -0
package/dist/src/budget/manager.d.ts.map +1 -1
package/dist/src/budget/manager.js +32 -0
package/dist/src/budget/manager.js.map +1 -1
package/dist/src/budget/model-pricing.d.ts +20 -0
package/dist/src/budget/model-pricing.d.ts.map +1 -0
package/dist/src/budget/model-pricing.js +107 -0
package/dist/src/budget/model-pricing.js.map +1 -0
package/dist/src/budget/usage-extractor.d.ts +3 -1
package/dist/src/budget/usage-extractor.d.ts.map +1 -1
package/dist/src/budget/usage-extractor.js +47 -3
package/dist/src/budget/usage-extractor.js.map +1 -1
package/dist/src/config/defaults.d.ts.map +1 -1
package/dist/src/config/defaults.js +65 -13
package/dist/src/config/defaults.js.map +1 -1
package/dist/src/dlp/tool-patterns.d.ts +7 -0
package/dist/src/dlp/tool-patterns.d.ts.map +1 -0
package/dist/src/dlp/tool-patterns.js +34 -0
package/dist/src/dlp/tool-patterns.js.map +1 -0
package/dist/src/executor/filesystem-executor.d.ts +28 -0
package/dist/src/executor/filesystem-executor.d.ts.map +1 -0
package/dist/src/executor/filesystem-executor.js +192 -0
package/dist/src/executor/filesystem-executor.js.map +1 -0
package/dist/src/executor/http-executor.d.ts.map +1 -1
package/dist/src/executor/http-executor.js +22 -2
package/dist/src/executor/http-executor.js.map +1 -1
package/dist/src/executor/index.d.ts +4 -0
package/dist/src/executor/index.d.ts.map +1 -1
package/dist/src/executor/index.js +9 -1
package/dist/src/executor/index.js.map +1 -1
package/dist/src/executor/shell-executor.d.ts +22 -0
package/dist/src/executor/shell-executor.d.ts.map +1 -0
package/dist/src/executor/shell-executor.js +119 -0
package/dist/src/executor/shell-executor.js.map +1 -0
package/dist/src/executor/sql-executor.d.ts +29 -0
package/dist/src/executor/sql-executor.d.ts.map +1 -0
package/dist/src/executor/sql-executor.js +114 -0
package/dist/src/executor/sql-executor.js.map +1 -0
package/dist/src/executor/websocket-executor.d.ts +26 -0
package/dist/src/executor/websocket-executor.d.ts.map +1 -0
package/dist/src/executor/websocket-executor.js +205 -0
package/dist/src/executor/websocket-executor.js.map +1 -0
package/dist/src/interceptor/index.d.ts +2 -0
package/dist/src/interceptor/index.d.ts.map +1 -0
package/dist/src/interceptor/index.js +6 -0
package/dist/src/interceptor/index.js.map +1 -0
package/dist/src/interceptor/provider-interceptor.d.ts +36 -0
package/dist/src/interceptor/provider-interceptor.d.ts.map +1 -0
package/dist/src/interceptor/provider-interceptor.js +302 -0
package/dist/src/interceptor/provider-interceptor.js.map +1 -0
package/dist/src/mcp/auth-verifier.d.ts.map +1 -1
package/dist/src/mcp/auth-verifier.js +3 -2
package/dist/src/mcp/auth-verifier.js.map +1 -1
package/dist/src/mcp/bridge.d.ts +14 -10
package/dist/src/mcp/bridge.d.ts.map +1 -1
package/dist/src/mcp/bridge.js +51 -227
package/dist/src/mcp/bridge.js.map +1 -1
package/dist/src/mcp/http-transport.d.ts +2 -0
package/dist/src/mcp/http-transport.d.ts.map +1 -1
package/dist/src/mcp/http-transport.js +117 -66
package/dist/src/mcp/http-transport.js.map +1 -1
package/dist/src/mcp/internal-auth.d.ts +13 -0
package/dist/src/mcp/internal-auth.d.ts.map +1 -0
package/dist/src/mcp/internal-auth.js +12 -0
package/dist/src/mcp/internal-auth.js.map +1 -0
package/dist/src/mcp/tool-definitions.d.ts +41 -0
package/dist/src/mcp/tool-definitions.d.ts.map +1 -0
package/dist/src/mcp/tool-definitions.js +491 -0
package/dist/src/mcp/tool-definitions.js.map +1 -0
package/dist/src/middleware/auth.js.map +1 -1
package/dist/src/middleware/session.js.map +1 -1
package/dist/src/middleware/validate.d.ts +8 -0
package/dist/src/middleware/validate.d.ts.map +1 -1
package/dist/src/middleware/validate.js +45 -0
package/dist/src/middleware/validate.js.map +1 -1
package/dist/src/policy/engine.d.ts +4 -0
package/dist/src/policy/engine.d.ts.map +1 -1
package/dist/src/policy/engine.js +117 -0
package/dist/src/policy/engine.js.map +1 -1
package/dist/src/saas/routes.d.ts.map +1 -1
package/dist/src/saas/routes.js +355 -22
package/dist/src/saas/routes.js.map +1 -1
package/dist/src/server/app.d.ts.map +1 -1
package/dist/src/server/app.js +24 -3
package/dist/src/server/app.js.map +1 -1
package/dist/src/server/gateway.d.ts.map +1 -1
package/dist/src/server/gateway.js +17 -0
package/dist/src/server/gateway.js.map +1 -1
package/dist/src/server/index.d.ts.map +1 -1
package/dist/src/server/index.js +18 -0
package/dist/src/server/index.js.map +1 -1
package/dist/src/storage/interfaces.d.ts +14 -3
package/dist/src/storage/interfaces.d.ts.map +1 -1
package/dist/src/storage/memory.d.ts +2 -0
package/dist/src/storage/memory.d.ts.map +1 -1
package/dist/src/storage/memory.js +6 -0
package/dist/src/storage/memory.js.map +1 -1
package/dist/src/storage/postgres.d.ts +5 -0
package/dist/src/storage/postgres.d.ts.map +1 -1
package/dist/src/storage/postgres.js +16 -0
package/dist/src/storage/postgres.js.map +1 -1
package/dist/src/storage/redis.d.ts +10 -0
package/dist/src/storage/redis.d.ts.map +1 -1
package/dist/src/storage/redis.js +65 -0
package/dist/src/storage/redis.js.map +1 -1
package/dist/src/types/budget.d.ts +4 -0
package/dist/src/types/budget.d.ts.map +1 -1
package/dist/src/types/config.d.ts +58 -0
package/dist/src/types/config.d.ts.map +1 -1
package/dist/src/types/events.d.ts +1 -0
package/dist/src/types/events.d.ts.map +1 -1
package/dist/src/types/policy.d.ts +11 -1
package/dist/src/types/policy.d.ts.map +1 -1
package/dist/src/types/tool-result.d.ts +11 -0
package/dist/src/types/tool-result.d.ts.map +1 -1
package/dist/tests/unit/app-routes.test.d.ts +2 -0
package/dist/tests/unit/app-routes.test.d.ts.map +1 -0
package/dist/tests/unit/app-routes.test.js +715 -0
package/dist/tests/unit/app-routes.test.js.map +1 -0
package/dist/tests/unit/audit-logger.test.js +105 -0
package/dist/tests/unit/audit-logger.test.js.map +1 -1
package/dist/tests/unit/auth-providers.test.d.ts +2 -0
package/dist/tests/unit/auth-providers.test.d.ts.map +1 -0
package/dist/tests/unit/auth-providers.test.js +279 -0
package/dist/tests/unit/auth-providers.test.js.map +1 -0
package/dist/tests/unit/auth-routes-extended.test.d.ts +2 -0
package/dist/tests/unit/auth-routes-extended.test.d.ts.map +1 -0
package/dist/tests/unit/auth-routes-extended.test.js +993 -0
package/dist/tests/unit/auth-routes-extended.test.js.map +1 -0
package/dist/tests/unit/auth-verifier.test.d.ts +2 -0
package/dist/tests/unit/auth-verifier.test.d.ts.map +1 -0
package/dist/tests/unit/auth-verifier.test.js +505 -0
package/dist/tests/unit/auth-verifier.test.js.map +1 -0
package/dist/tests/unit/billing-routes.test.d.ts +2 -0
package/dist/tests/unit/billing-routes.test.d.ts.map +1 -0
package/dist/tests/unit/billing-routes.test.js +432 -0
package/dist/tests/unit/billing-routes.test.js.map +1 -0
package/dist/tests/unit/config-defaults.test.d.ts +2 -0
package/dist/tests/unit/config-defaults.test.d.ts.map +1 -0
package/dist/tests/unit/config-defaults.test.js +119 -0
package/dist/tests/unit/config-defaults.test.js.map +1 -0
package/dist/tests/unit/defaults.test.js +0 -10
package/dist/tests/unit/defaults.test.js.map +1 -1
package/dist/tests/unit/filesystem-executor.test.d.ts +2 -0
package/dist/tests/unit/filesystem-executor.test.d.ts.map +1 -0
package/dist/tests/unit/filesystem-executor.test.js +280 -0
package/dist/tests/unit/filesystem-executor.test.js.map +1 -0
package/dist/tests/unit/gateway-branches.test.d.ts +2 -0
package/dist/tests/unit/gateway-branches.test.d.ts.map +1 -0
package/dist/tests/unit/gateway-branches.test.js +1039 -0
package/dist/tests/unit/gateway-branches.test.js.map +1 -0
package/dist/tests/unit/http-executor-branches.test.d.ts +2 -0
package/dist/tests/unit/http-executor-branches.test.d.ts.map +1 -0
package/dist/tests/unit/http-executor-branches.test.js +495 -0
package/dist/tests/unit/http-executor-branches.test.js.map +1 -0
package/dist/tests/unit/logger.test.d.ts +2 -0
package/dist/tests/unit/logger.test.d.ts.map +1 -0
package/dist/tests/unit/logger.test.js +97 -0
package/dist/tests/unit/logger.test.js.map +1 -0
package/dist/tests/unit/mcp-internal-auth.test.d.ts +2 -0
package/dist/tests/unit/mcp-internal-auth.test.d.ts.map +1 -0
package/dist/tests/unit/mcp-internal-auth.test.js +445 -0
package/dist/tests/unit/mcp-internal-auth.test.js.map +1 -0
package/dist/tests/unit/metrics.test.js +102 -0
package/dist/tests/unit/metrics.test.js.map +1 -1
package/dist/tests/unit/model-pricing.test.d.ts +2 -0
package/dist/tests/unit/model-pricing.test.d.ts.map +1 -0
package/dist/tests/unit/model-pricing.test.js +87 -0
package/dist/tests/unit/model-pricing.test.js.map +1 -0
package/dist/tests/unit/oauth-stores.test.d.ts +2 -0
package/dist/tests/unit/oauth-stores.test.d.ts.map +1 -0
package/dist/tests/unit/oauth-stores.test.js +260 -0
package/dist/tests/unit/oauth-stores.test.js.map +1 -0
package/dist/tests/unit/policy-engine.test.js +466 -0
package/dist/tests/unit/policy-engine.test.js.map +1 -1
package/dist/tests/unit/provider-interceptor.test.d.ts +2 -0
package/dist/tests/unit/provider-interceptor.test.d.ts.map +1 -0
package/dist/tests/unit/provider-interceptor.test.js +472 -0
package/dist/tests/unit/provider-interceptor.test.js.map +1 -0
package/dist/tests/unit/saas-routes-branches.test.d.ts +2 -0
package/dist/tests/unit/saas-routes-branches.test.d.ts.map +1 -0
package/dist/tests/unit/saas-routes-branches.test.js +2165 -0
package/dist/tests/unit/saas-routes-branches.test.js.map +1 -0
package/dist/tests/unit/saas-routes-crud.test.d.ts +2 -0
package/dist/tests/unit/saas-routes-crud.test.d.ts.map +1 -0
package/dist/tests/unit/saas-routes-crud.test.js +332 -0
package/dist/tests/unit/saas-routes-crud.test.js.map +1 -0
package/dist/tests/unit/saas-routes-data.test.d.ts +2 -0
package/dist/tests/unit/saas-routes-data.test.d.ts.map +1 -0
package/dist/tests/unit/saas-routes-data.test.js +405 -0
package/dist/tests/unit/saas-routes-data.test.js.map +1 -0
package/dist/tests/unit/saas-routes.test.js +3 -3
package/dist/tests/unit/saas-routes.test.js.map +1 -1
package/dist/tests/unit/shell-executor.test.d.ts +2 -0
package/dist/tests/unit/shell-executor.test.d.ts.map +1 -0
package/dist/tests/unit/shell-executor.test.js +145 -0
package/dist/tests/unit/shell-executor.test.js.map +1 -0
package/dist/tests/unit/sql-executor.test.d.ts +2 -0
package/dist/tests/unit/sql-executor.test.d.ts.map +1 -0
package/dist/tests/unit/sql-executor.test.js +177 -0
package/dist/tests/unit/sql-executor.test.js.map +1 -0
package/dist/tests/unit/stream-proxy.test.d.ts +2 -0
package/dist/tests/unit/stream-proxy.test.d.ts.map +1 -0
package/dist/tests/unit/stream-proxy.test.js +147 -0
package/dist/tests/unit/stream-proxy.test.js.map +1 -0
package/dist/tests/unit/tool-definitions.test.d.ts +2 -0
package/dist/tests/unit/tool-definitions.test.d.ts.map +1 -0
package/dist/tests/unit/tool-definitions.test.js +184 -0
package/dist/tests/unit/tool-definitions.test.js.map +1 -0
package/dist/tests/unit/usage-extractor.test.js +140 -0
package/dist/tests/unit/usage-extractor.test.js.map +1 -1
package/dist/tests/unit/webhook-handler.test.d.ts +2 -0
package/dist/tests/unit/webhook-handler.test.d.ts.map +1 -0
package/dist/tests/unit/webhook-handler.test.js +453 -0
package/dist/tests/unit/webhook-handler.test.js.map +1 -0
package/dist/tests/unit/webhook-routes.test.d.ts +2 -0
package/dist/tests/unit/webhook-routes.test.d.ts.map +1 -0
package/dist/tests/unit/webhook-routes.test.js +69 -0
package/dist/tests/unit/webhook-routes.test.js.map +1 -0
package/dist/tests/unit/websocket-executor.test.d.ts +2 -0
package/dist/tests/unit/websocket-executor.test.d.ts.map +1 -0
package/dist/tests/unit/websocket-executor.test.js +121 -0
package/dist/tests/unit/websocket-executor.test.js.map +1 -0
package/package.json +8 -2
package/policy-packs/demo_fail.yaml +41 -0
package/policy-packs/full_tools.yaml +136 -0
package/src/admin/index.ts +1 -0
package/src/admin/routes.ts +509 -0
package/src/admin/templates.ts +572 -0
package/src/anomaly/detector.ts +730 -0
package/src/anomaly/index.ts +1 -0
package/src/approval/manager.ts +569 -0
package/src/approval/webhook.ts +133 -0
package/src/audit/logger.ts +490 -0
package/src/auth/index.ts +5 -0
package/src/auth/password.ts +21 -0
package/src/auth/pkce.ts +22 -0
package/src/auth/providers.ts +208 -0
package/src/auth/routes.ts +561 -0
package/src/auth/session.ts +84 -0
package/src/billing/index.ts +6 -0
package/src/billing/plan-enforcer.ts +135 -0
package/src/billing/routes.ts +229 -0
package/src/billing/stripe-client.ts +58 -0
package/src/billing/webhook-handler.ts +182 -0
package/src/billing/webhook-routes.ts +28 -0
package/src/budget/manager.ts +679 -0
package/src/budget/model-pricing.ts +119 -0
package/src/budget/usage-extractor.ts +214 -0
package/src/cli.ts +91 -0
package/src/config/defaults.ts +261 -0
package/src/config/validate.ts +88 -0
package/src/dlp/composite-scanner.ts +213 -0
package/src/dlp/index.ts +9 -0
package/src/dlp/interfaces.ts +34 -0
package/src/dlp/patterns.ts +30 -0
package/src/dlp/prompt-injection-backend.ts +181 -0
package/src/dlp/prompt-injection-patterns.ts +302 -0
package/src/dlp/regex-backend.ts +181 -0
package/src/dlp/scanner.ts +502 -0
package/src/dlp/text-normalizer.ts +225 -0
package/src/dlp/tool-patterns.ts +35 -0
package/src/dlp/trufflehog-backend.ts +190 -0
package/src/executor/filesystem-executor.ts +196 -0
package/src/executor/http-executor.ts +349 -0
package/src/executor/index.ts +9 -0
package/src/executor/interfaces.ts +11 -0
package/src/executor/noop-executor.ts +23 -0
package/src/executor/registry.ts +64 -0
package/src/executor/shell-executor.ts +148 -0
package/src/executor/slack-executor.ts +176 -0
package/src/executor/sql-executor.ts +146 -0
package/src/executor/websocket-executor.ts +211 -0
package/src/index.ts +24 -0
package/src/interceptor/index.ts +1 -0
package/src/interceptor/provider-interceptor.ts +315 -0
package/src/mcp/auth-verifier.ts +152 -0
package/src/mcp/bridge.ts +703 -0
package/src/mcp/http-transport.ts +698 -0
package/src/mcp/index.ts +9 -0
package/src/mcp/internal-auth.ts +14 -0
package/src/mcp/oauth-pages.ts +139 -0
package/src/mcp/oauth-postgres-stores.ts +278 -0
package/src/mcp/oauth-provider.ts +536 -0
package/src/mcp/oauth-stores.ts +202 -0
package/src/mcp/server.ts +55 -0
package/src/mcp/tool-definitions.ts +562 -0
package/src/metrics/collector.ts +357 -0
package/src/metrics/index.ts +1 -0
package/src/middleware/auth.ts +814 -0
package/src/middleware/session.ts +85 -0
package/src/middleware/validate.ts +130 -0
package/src/policy/engine.ts +815 -0
package/src/policy/index.ts +2 -0
package/src/policy/opa-engine.ts +829 -0
package/src/proxy/forward-proxy.ts +649 -0
package/src/proxy/index.ts +1 -0
package/src/ratelimit/limiter.ts +196 -0
package/src/replay/engine.ts +142 -0
package/src/replay/index.ts +1 -0
package/src/saas/index.ts +1 -0
package/src/saas/routes.ts +2178 -0
package/src/server/app.ts +985 -0
package/src/server/errors.ts +49 -0
package/src/server/gateway.ts +1130 -0
package/src/server/index.ts +307 -0
package/src/server/logger.ts +255 -0
package/src/server/stream-proxy.ts +202 -0
package/src/storage/file-persistence.ts +315 -0
package/src/storage/index.ts +4 -0
package/src/storage/interfaces.ts +287 -0
package/src/storage/memory.ts +686 -0
package/src/storage/postgres.ts +1831 -0
package/src/storage/redis.ts +835 -0
package/src/tracing/index.ts +1 -0
package/src/tracing/provider.ts +100 -0
package/src/trust/calculator.ts +141 -0
package/src/trust/index.ts +7 -0
package/src/types/budget.ts +36 -0
package/src/types/config.ts +278 -0
package/src/types/events.ts +41 -0
package/src/types/express.d.ts +14 -0
package/src/types/index.ts +7 -0
package/src/types/policy.ts +83 -0
package/src/types/stripe-config.ts +11 -0
package/src/types/subscription.ts +59 -0
package/src/types/tool-call.ts +47 -0
package/src/types/tool-result.ts +82 -0
package/src/types/user.ts +125 -0
package/tsconfig.json +24 -0

package/src/tracing/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GatewayTracer, TracingConfig } from './provider';

package/src/tracing/provider.ts ADDED Viewed

@@ -0,0 +1,100 @@
+import { Tracer, SpanKind, SpanStatusCode, trace } from '@opentelemetry/api';
+import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
+import { BatchSpanProcessor, SimpleSpanProcessor, SpanProcessor } from '@opentelemetry/sdk-trace-base';
+import { OTLPTraceExporter } from '@opentelemetry/exporter-trace-otlp-http';
+import { resourceFromAttributes } from '@opentelemetry/resources';
+export { SpanKind, SpanStatusCode };
+export interface TracingConfig {
+  enabled: boolean;
+  /** Service name reported to the collector. Defaults to 'palaryn'. */
+  service_name?: string;
+  /** Service version reported to the collector. Defaults to '0.1.0'. */
+  service_version?: string;
+  /** Deployment environment (e.g. 'production', 'staging'). Defaults to 'development'. */
+  environment?: string;
+  /** OTLP HTTP endpoint for trace export. Defaults to 'http://localhost:4318/v1/traces'. */
+  otlp_endpoint?: string;
+  /** Use SimpleSpanProcessor instead of BatchSpanProcessor. Useful for testing. */
+  use_simple_processor?: boolean;
+}
+/**
+ * GatewayTracer wraps the OpenTelemetry SDK and provides a simple interface
+ * for the gateway pipeline to create spans. When tracing is disabled the
+ * class is a no-op — getTracer() returns undefined and all other methods
+ * are safe to call.
+ */
+export class GatewayTracer {
+  private provider?: NodeTracerProvider;
+  private tracer?: Tracer;
+  private config: TracingConfig;
+  constructor(config: TracingConfig) {
+    this.config = config;
+  }
+  /**
+   * Initialize the TracerProvider and register it globally.
+   * If config.enabled is false this is a no-op.
+   */
+  setup(): void {
+    if (!this.config.enabled) {
+      // No-op mode — getTracer() will return undefined
+      return;
+    }
+    const resource = resourceFromAttributes({
+      'service.name': this.config.service_name || 'palaryn',
+      'service.version': this.config.service_version || '0.1.0',
+      'deployment.environment': this.config.environment || 'development',
+    });
+    const exporter = new OTLPTraceExporter({
+      url: this.config.otlp_endpoint || 'http://localhost:4318/v1/traces',
+    });
+    const processor: SpanProcessor = this.config.use_simple_processor
+      ? new SimpleSpanProcessor(exporter)
+      : new BatchSpanProcessor(exporter);
+    this.provider = new NodeTracerProvider({
+      resource,
+      spanProcessors: [processor],
+    });
+    this.provider.register();
+    this.tracer = this.provider.getTracer(
+      this.config.service_name || 'palaryn',
+      this.config.service_version || '0.1.0',
+    );
+  }
+  /**
+   * Return the active Tracer instance, or undefined when tracing is disabled.
+   * Callers should guard with `if (!tracer) ...` or optional chaining.
+   */
+  getTracer(name?: string): Tracer | undefined {
+    if (!this.provider) {
+      return undefined;
+    }
+    if (name) {
+      return this.provider.getTracer(name);
+    }
+    return this.tracer;
+  }
+  /**
+   * Flush pending spans and shut down the provider.
+   * Safe to call even when tracing is disabled.
+   */
+  async shutdown(): Promise<void> {
+    if (this.provider) {
+      await this.provider.shutdown();
+      this.provider = undefined;
+      this.tracer = undefined;
+    }
+  }
+}

package/src/trust/calculator.ts ADDED Viewed

@@ -0,0 +1,141 @@
+import { AnomalyDetector } from '../anomaly/detector';
+import { AuditLogger } from '../audit/logger';
+import { BudgetManager } from '../budget/manager';
+export interface TrustScoreWeights {
+  anomaly_weight: number;
+  high_severity_weight: number;
+  dlp_weight: number;
+  dlp_high_weight: number;
+  error_rate_weight: number;
+  escalation_weight: number;
+  budget_velocity_weight: number;
+}
+export interface TrustScoreBreakdown {
+  anomalies: { count: number; high_count: number; impact: number };
+  dlp: { detections: number; high_severity: number; impact: number };
+  error_rate: { pct: number; impact: number };
+  escalations: { count: number; impact: number };
+  budget_velocity: { current_rate: number; impact: number };
+}
+export interface TrustScoreResult {
+  actor_id: string;
+  score: number;
+  risk_level: 'low' | 'medium' | 'high' | 'critical';
+  breakdown: TrustScoreBreakdown;
+  calculated_at: string;
+}
+export const DEFAULT_WEIGHTS: TrustScoreWeights = {
+  anomaly_weight: 2,
+  high_severity_weight: 5,
+  dlp_weight: 3,
+  dlp_high_weight: 10,
+  error_rate_weight: 1,
+  escalation_weight: 15,
+  budget_velocity_weight: 20,
+};
+export class TrustScoreCalculator {
+  constructor(
+    private anomalyDetector: AnomalyDetector,
+    private auditLogger: AuditLogger,
+    private budgetManager: BudgetManager,
+    private weights: TrustScoreWeights = DEFAULT_WEIGHTS,
+  ) {}
+  calculate(actorId: string): TrustScoreResult {
+    let score = 100;
+    // 1. Anomaly component
+    const actorAlerts = this.anomalyDetector.getAlertsForEntity('actor', actorId);
+    const highAlerts = actorAlerts.filter(a => a.severity === 'high');
+    const anomalyImpact =
+      actorAlerts.length * this.weights.anomaly_weight +
+      highAlerts.length * this.weights.high_severity_weight;
+    score -= anomalyImpact;
+    // 2. DLP component
+    const dlpEvents = this.auditLogger
+      .getEventsByType('DLP_SCANNED')
+      .filter(e => e.actor_id === actorId);
+    const dlpWithDetections = dlpEvents.filter(e => {
+      const detected = e.metadata?.detected as string[] | undefined;
+      return detected && detected.length > 0;
+    });
+    const dlpHighSeverity = dlpEvents.filter(e => e.metadata?.severity === 'high');
+    const dlpImpact =
+      dlpWithDetections.length * this.weights.dlp_weight +
+      dlpHighSeverity.length * this.weights.dlp_high_weight;
+    score -= dlpImpact;
+    // 3. Error rate component
+    const baseline = this.anomalyDetector.getBaseline('actor', actorId, 'error_rate');
+    const errorPct = baseline ? baseline.mean * 100 : 0;
+    const errorImpact = errorPct * this.weights.error_rate_weight;
+    score -= errorImpact;
+    // 4. Capability escalation component
+    const escalations = actorAlerts.filter(a => a.anomaly_type === 'capability_escalation');
+    const escalationImpact = escalations.length * this.weights.escalation_weight;
+    score -= escalationImpact;
+    // 5. Budget velocity component
+    const spending = this.budgetManager.getActorSpending(actorId);
+    // If daily spend is more than 2x the average per-task spend, flag it
+    let budgetVelocityRate = 0;
+    let budgetImpact = 0;
+    if (spending.task_count > 0 && spending.total_spend > 0) {
+      const avgPerTask = spending.total_spend / spending.task_count;
+      budgetVelocityRate = spending.daily_spend / avgPerTask;
+      if (budgetVelocityRate > 2) {
+        budgetImpact = this.weights.budget_velocity_weight;
+        score -= budgetImpact;
+      }
+    }
+    score = Math.max(0, Math.min(100, score));
+    const risk_level: TrustScoreResult['risk_level'] =
+      score >= 80 ? 'low' : score >= 50 ? 'medium' : score >= 30 ? 'high' : 'critical';
+    return {
+      actor_id: actorId,
+      score,
+      risk_level,
+      breakdown: {
+        anomalies: {
+          count: actorAlerts.length,
+          high_count: highAlerts.length,
+          impact: anomalyImpact,
+        },
+        dlp: {
+          detections: dlpWithDetections.length,
+          high_severity: dlpHighSeverity.length,
+          impact: dlpImpact,
+        },
+        error_rate: {
+          pct: errorPct,
+          impact: errorImpact,
+        },
+        escalations: {
+          count: escalations.length,
+          impact: escalationImpact,
+        },
+        budget_velocity: {
+          current_rate: budgetVelocityRate,
+          impact: budgetImpact,
+        },
+      },
+      calculated_at: new Date().toISOString(),
+    };
+  }
+  getLeaderboard(actorIds: string[]): TrustScoreResult[] {
+    return actorIds
+      .map(id => this.calculate(id))
+      .sort((a, b) => b.score - a.score);
+  }
+}

package/src/trust/index.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export {
+  TrustScoreCalculator,
+  TrustScoreWeights,
+  TrustScoreBreakdown,
+  TrustScoreResult,
+  DEFAULT_WEIGHTS,
+} from './calculator';

package/src/types/budget.ts ADDED Viewed

@@ -0,0 +1,36 @@
+export interface TokenPricing {
+  input_per_token: number;
+  output_per_token: number;
+  /** Multiplier for cache creation tokens vs input price (default: 1.25) */
+  cache_creation_multiplier?: number;
+  /** Multiplier for cache read tokens vs input price (default: 0.1) */
+  cache_read_multiplier?: number;
+}
+export interface BudgetConfig {
+  task_budget_usd?: number;
+  user_daily_budget_usd?: number;
+  user_monthly_budget_usd?: number;
+  workspace_daily_budget_usd?: number;
+  workspace_monthly_budget_usd?: number;
+  max_steps_per_task?: number;
+  max_retries_per_call?: number;
+  max_wall_clock_ms?: number;
+  cost_table?: Record<string, number>;
+  token_pricing?: Record<string, TokenPricing>;
+}
+export interface BudgetState {
+  task_id: string;
+  workspace_id: string;
+  actor_id: string;
+  spent_usd: number;
+  steps: number;
+  started_at: string;
+}
+export interface CostEstimate {
+  tool_name: string;
+  capability: string;
+  estimated_cost_usd: number;
+}

package/src/types/config.ts ADDED Viewed

@@ -0,0 +1,278 @@
+import { BudgetConfig } from './budget';
+import { TracingConfig } from '../tracing';
+import { AnomalyConfig } from '../anomaly';
+import { OAuthConfig, FrontendConfig } from './user';
+import { StripeConfig } from './stripe-config';
+export interface GatewayConfig {
+  port: number;
+  host: string;
+  auth: AuthConfig;
+  policy: PolicyConfig;
+  dlp: DLPConfig;
+  budget: BudgetConfig;
+  audit: AuditConfig;
+  executor: ExecutorConfig;
+  approval: ApprovalConfig;
+  rate_limit?: RateLimitConfig;
+  tracing?: TracingConfig;
+  anomaly?: AnomalyConfig;
+  /** Rate limit for public endpoints (health, metrics). Default: 60 req/min */
+  public_rate_limit?: {
+    max_per_window: number;
+    window_ms: number;
+  };
+  /** Forward proxy configuration */
+  proxy?: ProxyConfig;
+  /** CORS allowed origins. Defaults to '*' in development, must be set in production. */
+  cors_origins?: string[];
+  /** OAuth configuration for SaaS login (Google/GitHub) */
+  oauth?: OAuthConfig;
+  /** Frontend SPA configuration */
+  frontend?: FrontendConfig;
+  /** Stripe billing configuration */
+  stripe?: StripeConfig;
+  /** MCP OAuth 2.0 configuration for Claude Code / MCP client auth */
+  mcp_oauth?: MCPOAuthConfig;
+}
+export interface MCPOAuthConfig {
+  enabled: boolean;
+  /** Base URL for OAuth endpoints (default: derived from host + port) */
+  base_url?: string;
+  /** Access token TTL in seconds (default: 3600 = 1 hour) */
+  access_token_ttl?: number;
+  /** Refresh token TTL in seconds (default: 2592000 = 30 days) */
+  refresh_token_ttl?: number;
+}
+export interface AuthConfig {
+  enabled: boolean;
+  // API Key auth (existing, enhanced)
+  api_keys: Record<string, ApiKeyConfig>;
+  // JWT/OIDC auth
+  jwt?: JWTAuthConfig;
+  // RBAC
+  rbac?: RBACConfig;
+  // Legacy field kept for backward compatibility
+  jwt_secret?: string;
+  /** Trusted proxy IPs/CIDRs. Only trust X-Forwarded-For from these sources. */
+  trusted_proxies?: string[];
+}
+export interface ApiKeyConfig {
+  workspace_id: string;
+  description?: string;
+  roles?: string[];              // Roles for RBAC
+  rate_limit_override?: number;  // Per-key rate limit override
+  expires_at?: string;           // ISO date, undefined = never expires
+  created_at?: string;           // ISO date
+  last_used_at?: string;         // ISO date, updated on use
+  revoked?: boolean;             // Soft-revoke without deleting
+}
+export interface JWTAuthConfig {
+  enabled: boolean;
+  // Static secret (for simple setups)
+  secret?: string;
+  // JWKS endpoint (for OIDC providers like Auth0, Okta, etc.)
+  jwks_uri?: string;
+  // JWT validation options
+  issuer?: string;               // Expected issuer
+  audience?: string;             // Expected audience
+  algorithms?: string[];         // Allowed algorithms (default: ['RS256', 'HS256'])
+  // Claim mappings
+  workspace_claim?: string;      // JWT claim for workspace_id (default: 'workspace_id')
+  roles_claim?: string;          // JWT claim for roles (default: 'roles')
+  actor_claim?: string;          // JWT claim for actor identity (default: 'sub')
+}
+export interface RBACConfig {
+  enabled: boolean;
+  roles: Record<string, RoleDefinition>;
+  default_role?: string;         // Role applied when no role is found
+}
+export interface RoleDefinition {
+  description?: string;
+  permissions: Permission[];
+}
+export type Permission =
+  | 'tool:execute'               // Can execute tool calls
+  | 'tool:execute:read'          // Can execute read-only tool calls
+  | 'tool:execute:write'         // Can execute write tool calls
+  | 'tool:execute:delete'        // Can execute delete tool calls
+  | 'tool:execute:admin'         // Can execute admin tool calls
+  | 'approval:manage'            // Can approve/deny pending approvals
+  | 'policy:read'                // Can view policies
+  | 'policy:write'               // Can validate/update policies
+  | 'trace:read'                 // Can view audit traces
+  | 'admin:full'                 // Full admin access (everything)
+  | string;                      // Custom permissions
+export interface PolicyConfig {
+  pack_path: string;
+  default_effect: 'ALLOW' | 'DENY';
+  hot_reload: boolean;
+  /** OPA policy engine configuration (optional, works alongside YAML engine) */
+  opa?: OPAConfig;
+}
+export interface OPAConfig {
+  enabled: boolean;
+  /** OPA server URL (e.g., 'http://localhost:8181') */
+  server_url?: string;
+  /** Policy path in OPA (e.g., 'v1/data/palaryn/policy') */
+  policy_path?: string;
+  /** Rego policy string (for inline/local evaluation without OPA server) */
+  rego_policy?: string;
+  /** Timeout for OPA requests in ms (default: 5000) */
+  timeout_ms?: number;
+  /** Fallback decision if OPA is unreachable (default: 'deny') */
+  fallback_decision?: 'allow' | 'deny' | 'transform' | 'require_approval';
+  /** Default Rego package name for inline policies (default: 'palaryn.policy') */
+  package_name?: string;
+}
+export interface DLPConfig {
+  enabled: boolean;
+  scan_args: boolean;
+  scan_output: boolean;
+  secrets_detection: boolean;
+  pii_detection: boolean;
+  prompt_injection_detection?: boolean;
+  /** Action when prompt injection is detected: 'log' (default), 'flag', or 'block' */
+  prompt_injection_action?: 'log' | 'flag' | 'block';
+  /** Minimum severity to trigger blocking (when action is 'block'). Default: 'high' */
+  prompt_injection_block_threshold?: 'medium' | 'high';
+  /** Response mode when injection is blocked: 'deny' (default), 'sanitize', or 'require_approval' */
+  prompt_injection_response?: 'deny' | 'sanitize' | 'require_approval';
+  default_redaction_method: 'mask' | 'hash' | 'drop' | 'tokenize';
+  trufflehog?: {
+    enabled: boolean;
+    binary_path?: string;
+    timeout_ms?: number;
+  };
+}
+export interface AuditConfig {
+  enabled: boolean;
+  log_dir: string;
+  console_output: boolean;
+  retention_days: number;
+}
+export interface FilesystemExecutorConfig {
+  enabled: boolean;
+  /** Root directory for sandboxed file operations */
+  base_dir: string;
+  /** Allowed file extensions (e.g., ['.txt', '.json']). Empty = all allowed. */
+  allowed_extensions?: string[];
+  /** Maximum file size in bytes (default: 10MB) */
+  max_file_size_bytes: number;
+}
+export interface SQLExecutorConfig {
+  enabled: boolean;
+  /** PostgreSQL connection string */
+  connection_string: string;
+  /** Query timeout in milliseconds (default: 30000) */
+  timeout_ms: number;
+  /** If true, only SELECT statements are allowed (default: true) */
+  read_only: boolean;
+  /** Maximum number of rows returned (default: 1000) */
+  max_rows: number;
+  /** Table names to block from all queries */
+  blocked_tables?: string[];
+}
+export interface ShellExecutorConfig {
+  enabled: boolean;
+  /** Allowed commands (empty = nothing allowed) */
+  allowed_commands: string[];
+  /** Blocked commands/patterns (checked even if allowed) */
+  blocked_commands?: string[];
+  /** Command timeout in milliseconds (default: 30000) */
+  timeout_ms: number;
+  /** Working directory for command execution */
+  cwd?: string;
+  /** Maximum output size in bytes (default: 1MB) */
+  max_output_bytes: number;
+}
+export interface WebSocketExecutorConfig {
+  enabled: boolean;
+  /** Allowed WebSocket URLs (glob patterns) */
+  allowed_urls: string[];
+  /** Connection timeout in milliseconds (default: 10000) */
+  connect_timeout_ms: number;
+  /** Maximum message size in bytes (default: 1MB) */
+  max_message_size_bytes: number;
+}
+export interface ProviderInterceptConfig {
+  enabled: boolean;
+  /** URL patterns for AI provider APIs to intercept (regex strings) */
+  provider_url_patterns?: string[];
+  /** Scan tool inputs in request bodies */
+  scan_inputs: boolean;
+  /** Scan tool outputs in response bodies */
+  scan_outputs: boolean;
+}
+export interface ExecutorConfig {
+  http: {
+    timeout_ms: number;
+    max_retries: number;
+    backoff_base_ms: number;
+  };
+  cache: {
+    enabled: boolean;
+    ttl_ms: number;
+  };
+  filesystem?: FilesystemExecutorConfig;
+  sql?: SQLExecutorConfig;
+  shell?: ShellExecutorConfig;
+  websocket?: WebSocketExecutorConfig;
+  provider_intercept?: ProviderInterceptConfig;
+}
+export interface ApprovalConfig {
+  enabled: boolean;
+  token_secret: string;
+  default_ttl_seconds: number;
+  webhook_url?: string;
+  webhook_headers?: Record<string, string>;
+}
+export interface RateLimitConfig {
+  enabled: boolean;
+  /** Max requests per actor per window */
+  actor_max_per_window: number;
+  /** Max requests per workspace per window */
+  workspace_max_per_window: number;
+  /** Window duration in milliseconds */
+  window_ms: number;
+}
+export interface ProxyConfig {
+  enabled: boolean;
+  /** Port for the forward proxy server (default: 3128) */
+  port: number;
+  /** Domains to skip proxy pipeline for (e.g. palaryn's own domain) */
+  passthrough_domains?: string[];
+  /** Default workspace ID for sidecar mode (no per-request auth needed) */
+  default_workspace_id?: string;
+  /** Default actor ID for sidecar mode */
+  default_actor_id?: string;
+  /** Require Proxy-Authorization for every request (default: true unless sidecar defaults set) */
+  require_auth?: boolean;
+  /** Enable SSRF protection to block requests to private IPs (default: true) */
+  ssrf_protection?: boolean;
+}

package/src/types/events.ts ADDED Viewed

@@ -0,0 +1,41 @@
+export type EventType =
+  | 'TOOL_CALL_RECEIVED'
+  | 'POLICY_DECIDED'
+  | 'DLP_SCANNED'
+  | 'BUDGET_CHECKED'
+  | 'TOOL_EXECUTED'
+  | 'TOOL_RESULT_RETURNED'
+  | 'APPROVAL_REQUESTED'
+  | 'APPROVAL_APPROVED'
+  | 'APPROVAL_DENIED'
+  | 'APPROVAL_EXPIRED'
+  | 'INCIDENT_RAISED'
+  | 'USAGE_REPORTED'
+  | 'POLICY_UPDATED'
+  | 'POLICY_RESET';
+export type IncidentSeverity = 'low' | 'medium' | 'high' | 'critical';
+export interface AuditEvent {
+  event_id: string;
+  event_type: EventType;
+  timestamp: string;
+  tool_call_id: string;
+  session_id?: string;
+  task_id: string;
+  workspace_id: string;
+  actor_id: string;
+  tool_name: string;
+  metadata: Record<string, unknown>;
+}
+export interface IncidentEvent extends AuditEvent {
+  event_type: 'INCIDENT_RAISED';
+  metadata: {
+    severity: IncidentSeverity;
+    incident_type: string;
+    description: string;
+    recommended_action: string;
+    [key: string]: unknown;
+  };
+}

package/src/types/express.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { User, Session } from './user';
+declare module 'express-serve-static-core' {
+  interface Request {
+    /** Workspace ID set by auth middleware (backward compat) */
+    workspace_id?: string;
+    /** API key description set by auth middleware */
+    api_key_description?: string;
+    /** Authenticated user (set by session middleware) */
+    sessionUser?: User;
+    /** Session data (set by session middleware) */
+    sessionData?: Session;
+  }
+}

package/src/types/index.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export * from './tool-call';
+export * from './tool-result';
+export * from './policy';
+export * from './events';
+export * from './budget';
+export * from './config';
+export * from './user';