perimeterx-js-core 0.35.1 → 0.37.0

package/lib/esm/products/agentic_trust/AgenticTrust.js

@@ -0,0 +1,84 @@
+import { HttpMethod } from '../../http/index.js';
+const MCP_SESSION_ID_HEADER = 'mcp-session-id';
+export class AgenticTrust {
+    config;
+    constructor(config) {
+        this.config = config;
+    }
+    async enrichContextFromRequest(context) {
+        if (!this.config.agenticTrustEnabled) {
+            return null;
+        }
+        if (!this.isMatchingEndpoint(context)) {
+            return null;
+        }
+        const data = {
+            mcpHttpMethod: context.requestData.method,
+        };
+        const sessionId = context.requestData.request.headers.get(MCP_SESSION_ID_HEADER);
+        if (sessionId) {
+            data.mcpSessionId = sessionId;
+        }
+        if (context.requestData.method === HttpMethod.POST) {
+            await this.extractFromBody(context, data);
+        }
+        return data;
+    }
+    async enrichContextFromRiskApi(_context) {
+        return null;
+    }
+    async modifyIncomingRequest(_context) {
+        // no-op
+    }
+    async enrichContextFromResponse(context) {
+        if (!context.productData.at) {
+            return null;
+        }
+        if (context.productData.at.mcpSessionId) {
+            return null;
+        }
+        const responseHeaders = context.response?.headers;
+        if (!responseHeaders) {
+            return null;
+        }
+        const sessionId = responseHeaders.get(MCP_SESSION_ID_HEADER);
+        if (sessionId) {
+            return { mcpSessionId: sessionId };
+        }
+        return null;
+    }
+    async modifyOutgoingResponse(_context) {
+        // no-op
+    }
+    isMatchingEndpoint(context) {
+        const pathname = context.requestData.url.pathname.replace(/\/+$/, '');
+        const configuredPath = this.config.agenticTrustMcpEndpointPath.replace(/\/+$/, '');
+        return pathname === configuredPath;
+    }
+    async extractFromBody(context, data) {
+        try {
+            const body = await context.requestData.request.json();
+            if (!body) {
+                return;
+            }
+            const jsonRpcMessage = Array.isArray(body) ? body[0] : body;
+            if (!jsonRpcMessage) {
+                return;
+            }
+            if (typeof jsonRpcMessage.method === 'string') {
+                data.mcpMethod = jsonRpcMessage.method;
+            }
+            if (jsonRpcMessage.params) {
+                if (typeof jsonRpcMessage.params.name === 'string') {
+                    data.mcpToolName = jsonRpcMessage.params.name;
+                }
+                if (jsonRpcMessage.params.arguments && typeof jsonRpcMessage.params.arguments === 'object') {
+                    data.mcpToolArgumentKeys = Object.keys(jsonRpcMessage.params.arguments).join(',');
+                }
+            }
+        }
+        catch {
+            // failed to parse request body
+        }
+    }
+}

package/lib/esm/products/agentic_trust/IAgenticTrust.js

@@ -0,0 +1 @@
+export {};

package/lib/esm/products/agentic_trust/index.js

@@ -0,0 +1,3 @@
+export * from './AgenticTrust.js';
+export * from './IAgenticTrust.js';
+export * from './model/index.js';

package/lib/esm/products/agentic_trust/model/AgenticTrustData.js

@@ -0,0 +1 @@
+export {};

package/lib/esm/products/agentic_trust/model/index.js

@@ -0,0 +1 @@
+export * from './AgenticTrustData.js';

package/lib/esm/products/bot_defender/block/DefaultBotDefenderBlocker.js

@@ -1,18 +1,20 @@
 import { Action } from '../../../action/index.js';
-import { BlockAction } from '../../../blocker/index.js';
+import { BlockAction, createBlockData, renderHtml } from '../../../blocker/index.js';
 import { ContentType, CONTENT_TYPE_HEADER_NAME, MinimalResponseImpl } from '../../../http/index.js';
 import { ProductName } from '../../utils/index.js';
 import { CaptchaBlocker } from './captcha/index.js';
-import { CAPTCHA_TEMPLATE, RATE_LIMIT_TEMPLATE } from './templates/index.js';
+import { CAPTCHA_TEMPLATE, HARD_BLOCK_TEMPLATE, RATE_LIMIT_TEMPLATE } from './templates/index.js';
 export class DefaultBotDefenderBlocker {
     config;
     captchaBlocker;
+    base64Utils;
     constructor(config, options) {
         this.config = config;
         if ('captchaBlocker' in options) {
             this.captchaBlocker = options.captchaBlocker;
         }
         else {
+            this.base64Utils = options.base64Utils;
             this.captchaBlocker = new CaptchaBlocker({
                 config,
                 base64Utils: options.base64Utils,
@@ -25,6 +27,8 @@ export class DefaultBotDefenderBlocker {
     }
     createBlockResponse(context) {
         switch (context.blockAction) {
+            case BlockAction.BLOCK:
+                return this.createHardBlockResponse(context);
             case BlockAction.RATE_LIMIT:
                 return this.createRateLimitResponse();
             case BlockAction.CHALLENGE:
@@ -33,6 +37,17 @@ export class DefaultBotDefenderBlocker {
                 return this.createCaptchaResponse(context);
         }
     }
+    createHardBlockResponse(context) {
+        const blockData = this.base64Utils ? createBlockData(this.config, context, this.base64Utils) : undefined;
+        const body = renderHtml(HARD_BLOCK_TEMPLATE, blockData);
+        return new MinimalResponseImpl({
+            body,
+            status: 403,
+            headers: {
+                [CONTENT_TYPE_HEADER_NAME]: [ContentType.TEXT_HTML],
+            },
+        });
+    }
     createRateLimitResponse() {
         const status = 429;
         const headers = {

package/lib/esm/products/bot_defender/block/captcha/JsonCaptchaBlocker.js

@@ -11,7 +11,9 @@ export class JsonCaptchaBlocker extends JsonBlockerBase {
         if (!this.config.advancedBlockingResponseEnabled) {
             return false;
         }
-        return context.blockAction !== BlockAction.RATE_LIMIT && super.shouldBlock(context);
+        return (context.blockAction !== BlockAction.RATE_LIMIT &&
+            context.blockAction !== BlockAction.BLOCK &&
+            super.shouldBlock(context));
     }
     createJsonPayload(context) {
         const blockData = createBlockData(this.config, context, this.base64Utils);

package/lib/esm/products/bot_defender/block/templates/hard_block_template.js

@@ -0,0 +1,109 @@
+export const HARD_BLOCK_TEMPLATE = `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="description" content="px-hard-block">
+    <title>Access Denied</title>
+    {{cssRef}}
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap');
+        body {
+            background-color: #fafbfc;
+            margin: 0;
+            padding: 0;
+        }
+        .px-hard-block-container {
+            position: fixed;
+            background-color: #fff;
+            font-family: Roboto, sans-serif;
+        }
+        .px-hard-block-logo {
+            text-align: center;
+            margin: 30px 0 0;
+        }
+        .px-hard-block-logo img {
+            max-height: 50px;
+        }
+        .px-hard-block-logo img[src=""] {
+            display: none;
+        }
+        .px-hard-block-header {
+            color: #000;
+            font-size: 29px;
+            margin: 35px 0 20px;
+            font-weight: 500;
+            line-height: 1;
+            text-align: center;
+        }
+        .px-hard-block-message {
+            color: #646464;
+            font-size: 16px;
+            margin: 0 30px 25px;
+            line-height: 1.4;
+            text-align: center;
+        }
+        .px-hard-block-refid {
+            border-top: solid 1px #f0eeee;
+            height: 27px;
+            margin: 15px 0 0;
+            border-radius: 0 0 3px 3px;
+            background-color: #fafbfc;
+            font-size: 10px;
+            line-height: 2.5;
+            text-align: center;
+            color: #b1b5b8;
+        }
+        @media (min-width: 620px) {
+            .px-hard-block-container {
+                width: 530px;
+                top: 50%;
+                left: 50%;
+                margin-top: -150px;
+                margin-left: -265px;
+                border-radius: 3px;
+                box-shadow: 0 2px 9px -1px rgba(0,0,0,.13);
+            }
+        }
+        @media (min-width: 481px) and (max-width: 619px) {
+            .px-hard-block-container {
+                width: 85%;
+                top: 50%;
+                left: 50%;
+                margin-top: -150px;
+                margin-left: -42.5%;
+                border-radius: 3px;
+                box-shadow: 0 2px 9px -1px rgba(0,0,0,.13);
+            }
+        }
+        @media (max-width: 480px) {
+            body { background-color: #fff; }
+            .px-hard-block-container {
+                width: 100%;
+                top: 50%;
+                left: 0;
+                margin-top: -150px;
+            }
+            .px-hard-block-refid {
+                position: fixed;
+                width: 100%;
+                left: 0;
+                bottom: 0;
+                border-radius: 0;
+                font-size: 14px;
+                line-height: 2;
+            }
+        }
+    </style>
+</head>
+<body>
+    <div class="px-hard-block-container">
+        <div class="px-hard-block-logo"><img src="{{customLogo}}" alt=""></div>
+        <div class="px-hard-block-header">Access Denied</div>
+        <div class="px-hard-block-message">Access to this page has been denied.<br>Please contact the site administrator if you believe this is an error.</div>
+        <div class="px-hard-block-refid">Reference ID: {{uuid}}</div>
+    </div>
+    {{jsRef}}
+</body>
+</html>
+`;

package/lib/esm/products/bot_defender/block/templates/index.js

@@ -1,2 +1,3 @@
 export * from './captcha_template.js';
+export * from './hard_block_template.js';
 export * from './rate_limit_template.js';

package/lib/esm/products/index.js

@@ -4,3 +4,4 @@ export * from './bot_defender/index.js';
 export * from './credential_intelligence/index.js';
 export * from './account_defender/index.js';
 export * from './hype_sale_challenge/index.js';
+export * from './agentic_trust/index.js';

package/lib/esm/products/utils/ProductName.js

@@ -5,4 +5,5 @@ export var ProductName;
     ProductName["CODE_DEFENDER"] = "cd";
     ProductName["CREDENTIAL_INTELLIGENCE"] = "ci";
     ProductName["HYPE_SALE_CHALLENGE"] = "hsc";
+    ProductName["AGENTIC_TRUST"] = "at";
 })(ProductName || (ProductName = {}));

package/lib/esm/products/utils/ProductPriorityOrder.js

@@ -5,4 +5,5 @@ export const PRODUCT_PRIORITY_ORDER = [
     ProductName.ACCOUNT_DEFENDER,
     ProductName.CREDENTIAL_INTELLIGENCE,
     ProductName.CODE_DEFENDER,
+    ProductName.AGENTIC_TRUST,
 ];

package/lib/esm/risk_api/model/GetRiskRequestHeaders.js

@@ -94,6 +94,9 @@ export const RISK_ACTIVITY_ADDITIONAL_FIELDS_TO_HEADER_NAMES = {
     enforcer_vid_source: {
         header: 'x-px-add-enforcer-vid-source',
     },
+    orig_cookie_vid: {
+        header: 'x-px-add-orig-cookie-vid',
+    },
     server_info_datacenter: {
         header: 'x-px-add-server-info-datacenter',
     },
@@ -183,4 +186,19 @@ export const RISK_ACTIVITY_ADDITIONAL_FIELDS_TO_HEADER_NAMES = {
         header: 'x-px-add-is-sensitive-route',
         convertToString: (value) => `${value}`,
     },
+    mcp_method: {
+        header: 'x-px-add-mcp-method',
+    },
+    mcp_tool_name: {
+        header: 'x-px-add-mcp-tool-name',
+    },
+    mcp_tool_argument_keys: {
+        header: 'x-px-add-mcp-tool-argument-keys',
+    },
+    mcp_session_id: {
+        header: 'x-px-add-mcp-session-id',
+    },
+    mcp_http_method: {
+        header: 'x-px-add-mcp-http-method',
+    },
 };

package/lib/esm/utils/constants.js

@@ -12,4 +12,4 @@ export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
 export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-export const CORE_MODULE_VERSION = 'JS Core 0.35.1';
+export const CORE_MODULE_VERSION = 'JS Core 0.37.0';

package/lib/types/activities/model/CommonActivityDetails.d.ts

@@ -24,6 +24,7 @@ export type CommonActivityDetails = {
     tls_preferred_ciphers?: string;
     tls_ja3_fingerprint?: string;
     enforcer_vid_source?: VidSource;
+    orig_cookie_vid?: string;
     original_uuid?: string;
     original_token_error?: string;
     original_token?: string;
@@ -47,4 +48,9 @@ export type CommonActivityDetails = {
     raw_url?: string;
     used_cookie_secret?: string;
     is_sensitive_route?: boolean;
+    mcp_method?: string;
+    mcp_tool_name?: string;
+    mcp_tool_argument_keys?: string;
+    mcp_session_id?: string;
+    mcp_http_method?: string;
 } & CustomParameters;

package/lib/types/blocker/model/BlockAction.d.ts

@@ -1,4 +1,5 @@
 export declare enum BlockAction {
+    BLOCK = "b",
     CAPTCHA = "c",
     RATE_LIMIT = "r",
     CHALLENGE = "j",

package/lib/types/config/ConfigurationBase.d.ts

@@ -150,6 +150,8 @@ export declare abstract class ConfigurationBase<Req, Res, Supported extends stri
     get createCustomSnippet(): CustomSnippetFunction<Req, Res, Supported, Added> | null;
     get dataEnrichmentHeaderName(): string;
     get proxyUrl(): string;
+    get agenticTrustEnabled(): boolean;
+    get agenticTrustMcpEndpointPath(): string;
     get enableBlockedUrlOnCaptchaBlockPage(): boolean;
     get awaitAsyncHttpRequests(): boolean;
     get isPostEnforceEnabled(): boolean;

package/lib/types/config/IConfiguration.d.ts

@@ -348,6 +348,14 @@ export interface IConfiguration<Req, Res, Supported extends string, Added> {
      * The default login successful custom callback to use if none is defined for an endpoint.
      */
     readonly ciDefaultLoginSuccessfulCustomCallback: CustomLoginSuccessfulCallback<Res> | null;
+    /**
+     * Whether to enable Agentic Trust.
+     */
+    readonly agenticTrustEnabled: boolean;
+    /**
+     * The endpoint path used for MCP requests.
+     */
+    readonly agenticTrustMcpEndpointPath: string;
     /**
      * The authentication token for the logging service.
      */

package/lib/types/config/params/CoreConfigurationParams.d.ts

@@ -122,6 +122,8 @@ export type CommonConfigurationParams<Req, Res, Supported extends string, Added>
     px_secured_pxhd_enabled?: boolean;
     px_data_enrichment_header_name?: string;
     px_proxy_url?: string;
+    px_agentic_trust_enabled?: boolean;
+    px_agentic_trust_mcp_endpoint_path?: string;
     px_additional_activity_handler?: AdditionalActivityHandler<Req, Res, Supported, Added> | null;
     px_enrich_custom_parameters?: CustomParametersFunction<Req, Res, Supported, Added> | null;
     px_enrich_response_custom_parameters?: ResponseCustomParametersFunction<Req, Res, Supported, Added> | null;

package/lib/types/context/ContextJson.d.ts

@@ -29,6 +29,7 @@ export type ContextJson<Req = unknown, Res = unknown> = {
     readonly productData: ProductData;
     uuid?: string;
     vid?: string;
+    origCookieVid?: string;
     vidSource?: VidSource;
     tokenOrigin: TokenOrigin;
     score?: number;

package/lib/types/context/DefaultContext.d.ts

@@ -34,6 +34,7 @@ export declare class DefaultContext<Req, Res, Supported extends string, Added> i
     readonly productData: ProductData;
     uuid?: string;
     vid?: string;
+    origCookieVid?: string;
     vidSource?: VidSource;
     action: Action;
     reasons: Partial<Record<ProductName, string>>;

package/lib/types/context/SerializedContext.d.ts

@@ -41,6 +41,7 @@ export declare class SerializedContext<Req, Res, Supported extends string, Added
     customParameters?: CustomParameters;
     graphqlData?: GraphQLData[];
     vid?: string;
+    origCookieVid?: string;
     vidSource?: VidSource;
     tokenOrigin: TokenOrigin;
     uuid?: string;

package/lib/types/context/interfaces/IContext.d.ts

@@ -61,6 +61,10 @@ export interface IContext<Req, Res> {
      * The visitor ID, unique to the end-user.
      */
     vid?: string;
+    /**
+     * The raw `_pxvid` cookie value when it fails UUID validation.
+     */
+    origCookieVid?: string;
     /**
      * The secret used to decrypt the risk cookie.
      */

package/lib/types/products/agentic_trust/AgenticTrust.d.ts

@@ -0,0 +1,15 @@
+import { IConfiguration } from '../../config';
+import { ReadonlyContext } from '../../context';
+import { IAgenticTrust } from './IAgenticTrust';
+import { AgenticTrustData } from './model';
+export declare class AgenticTrust<Req, Res, Supported extends string, Added> implements IAgenticTrust<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Supported, Added>;
+    constructor(config: IConfiguration<Req, Res, Supported, Added>);
+    enrichContextFromRequest(context: ReadonlyContext<Req, Res>): Promise<AgenticTrustData | null>;
+    enrichContextFromRiskApi(_context: ReadonlyContext<Req, Res>): Promise<Partial<AgenticTrustData> | null>;
+    modifyIncomingRequest(_context: ReadonlyContext<Req, Res>): Promise<void>;
+    enrichContextFromResponse(context: ReadonlyContext<Req, Res>): Promise<Partial<AgenticTrustData> | null>;
+    modifyOutgoingResponse(_context: ReadonlyContext<Req, Res>): Promise<void>;
+    protected isMatchingEndpoint(context: ReadonlyContext<Req, Res>): boolean;
+    protected extractFromBody(context: ReadonlyContext<Req, Res>, data: AgenticTrustData): Promise<void>;
+}

package/lib/types/products/agentic_trust/IAgenticTrust.d.ts

@@ -0,0 +1,4 @@
+import { IProduct } from '../interfaces';
+import { ProductName } from '../utils';
+export interface IAgenticTrust<Req, Res> extends IProduct<ProductName.AGENTIC_TRUST, Req, Res> {
+}

package/lib/types/products/agentic_trust/index.d.ts

@@ -0,0 +1,3 @@
+export * from './AgenticTrust';
+export * from './IAgenticTrust';
+export * from './model';

package/lib/types/products/agentic_trust/model/AgenticTrustData.d.ts

@@ -0,0 +1,7 @@
+export type AgenticTrustData = {
+    mcpMethod?: string;
+    mcpToolName?: string;
+    mcpToolArgumentKeys?: string;
+    mcpSessionId?: string;
+    mcpHttpMethod?: string;
+};

package/lib/types/products/agentic_trust/model/index.d.ts

@@ -0,0 +1 @@
+export * from './AgenticTrustData';

package/lib/types/products/bot_defender/block/DefaultBotDefenderBlocker.d.ts

@@ -11,9 +11,11 @@ export type DefaultBotDefenderBlockerConstructorOptions<Req, Res> = {
 export declare class DefaultBotDefenderBlocker<Req, Res, Supported extends string, Added> implements IConditionalBlocker<Req, Res> {
     protected readonly config: IConfiguration<Req, Res, Supported, Added>;
     protected readonly captchaBlocker: IBlocker<Req, Res>;
+    protected readonly base64Utils?: IBase64Utils;
     constructor(config: IConfiguration<Req, Res, Supported, Added>, options: DefaultBotDefenderBlockerConstructorOptions<Req, Res>);
     shouldBlock({ action, reasons }: ReadonlyContext<Req, Res>): boolean;
     createBlockResponse(context: ReadonlyContext<Req, Res>): IMinimalResponse;
+    protected createHardBlockResponse(context: ReadonlyContext<Req, Res>): IMinimalResponse;
     protected createRateLimitResponse(): IMinimalResponse;
     private createCaptchaResponse;
 }

package/lib/types/products/bot_defender/block/templates/hard_block_template.d.ts

@@ -0,0 +1 @@
+export declare const HARD_BLOCK_TEMPLATE = "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n    <meta charset=\"utf-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n    <meta name=\"description\" content=\"px-hard-block\">\n    <title>Access Denied</title>\n    {{cssRef}}\n    <style>\n        @import url('https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap');\n        body {\n            background-color: #fafbfc;\n            margin: 0;\n            padding: 0;\n        }\n        .px-hard-block-container {\n            position: fixed;\n            background-color: #fff;\n            font-family: Roboto, sans-serif;\n        }\n        .px-hard-block-logo {\n            text-align: center;\n            margin: 30px 0 0;\n        }\n        .px-hard-block-logo img {\n            max-height: 50px;\n        }\n        .px-hard-block-logo img[src=\"\"] {\n            display: none;\n        }\n        .px-hard-block-header {\n            color: #000;\n            font-size: 29px;\n            margin: 35px 0 20px;\n            font-weight: 500;\n            line-height: 1;\n            text-align: center;\n        }\n        .px-hard-block-message {\n            color: #646464;\n            font-size: 16px;\n            margin: 0 30px 25px;\n            line-height: 1.4;\n            text-align: center;\n        }\n        .px-hard-block-refid {\n            border-top: solid 1px #f0eeee;\n            height: 27px;\n            margin: 15px 0 0;\n            border-radius: 0 0 3px 3px;\n            background-color: #fafbfc;\n            font-size: 10px;\n            line-height: 2.5;\n            text-align: center;\n            color: #b1b5b8;\n        }\n        @media (min-width: 620px) {\n            .px-hard-block-container {\n                width: 530px;\n                top: 50%;\n                left: 50%;\n                margin-top: -150px;\n                margin-left: -265px;\n                border-radius: 3px;\n                box-shadow: 0 2px 9px -1px rgba(0,0,0,.13);\n            }\n        }\n        @media (min-width: 481px) and (max-width: 619px) {\n            .px-hard-block-container {\n                width: 85%;\n                top: 50%;\n                left: 50%;\n                margin-top: -150px;\n                margin-left: -42.5%;\n                border-radius: 3px;\n                box-shadow: 0 2px 9px -1px rgba(0,0,0,.13);\n            }\n        }\n        @media (max-width: 480px) {\n            body { background-color: #fff; }\n            .px-hard-block-container {\n                width: 100%;\n                top: 50%;\n                left: 0;\n                margin-top: -150px;\n            }\n            .px-hard-block-refid {\n                position: fixed;\n                width: 100%;\n                left: 0;\n                bottom: 0;\n                border-radius: 0;\n                font-size: 14px;\n                line-height: 2;\n            }\n        }\n    </style>\n</head>\n<body>\n    <div class=\"px-hard-block-container\">\n        <div class=\"px-hard-block-logo\"><img src=\"{{customLogo}}\" alt=\"\"></div>\n        <div class=\"px-hard-block-header\">Access Denied</div>\n        <div class=\"px-hard-block-message\">Access to this page has been denied.<br>Please contact the site administrator if you believe this is an error.</div>\n        <div class=\"px-hard-block-refid\">Reference ID: {{uuid}}</div>\n    </div>\n    {{jsRef}}\n</body>\n</html>\n";

package/lib/types/products/bot_defender/block/templates/index.d.ts

@@ -1,2 +1,3 @@
 export * from './captcha_template';
+export * from './hard_block_template';
 export * from './rate_limit_template';

package/lib/types/products/index.d.ts

@@ -4,3 +4,4 @@ export * from './bot_defender';
 export * from './credential_intelligence';
 export * from './account_defender';
 export * from './hype_sale_challenge';
+export * from './agentic_trust';

package/lib/types/products/interfaces/ProductDataType.d.ts

@@ -3,4 +3,5 @@ import { BotDefenderData } from '../bot_defender';
 import { CredentialIntelligenceData } from '../credential_intelligence';
 import { AccountDefenderData } from '../account_defender';
 import { HypeSaleChallengeData } from '../hype_sale_challenge';
-export type ProductDataType<Name extends ProductName> = Name extends ProductName.BOT_DEFENDER ? BotDefenderData : Name extends ProductName.CREDENTIAL_INTELLIGENCE ? CredentialIntelligenceData : Name extends ProductName.ACCOUNT_DEFENDER ? AccountDefenderData : Name extends ProductName.HYPE_SALE_CHALLENGE ? HypeSaleChallengeData : never;
+import { AgenticTrustData } from '../agentic_trust';
+export type ProductDataType<Name extends ProductName> = Name extends ProductName.BOT_DEFENDER ? BotDefenderData : Name extends ProductName.CREDENTIAL_INTELLIGENCE ? CredentialIntelligenceData : Name extends ProductName.ACCOUNT_DEFENDER ? AccountDefenderData : Name extends ProductName.HYPE_SALE_CHALLENGE ? HypeSaleChallengeData : Name extends ProductName.AGENTIC_TRUST ? AgenticTrustData : never;

package/lib/types/products/interfaces/ProductType.d.ts

@@ -3,4 +3,5 @@ import { IBotDefender } from '../bot_defender';
 import { ICredentialIntelligence } from '../credential_intelligence';
 import { IAccountDefender } from '../account_defender';
 import { IHypeSaleChallenge } from '../hype_sale_challenge';
-export type ProductType<Name extends ProductName, Req, Res> = Name extends ProductName.BOT_DEFENDER ? IBotDefender<Req, Res> : Name extends ProductName.CREDENTIAL_INTELLIGENCE ? ICredentialIntelligence<Req, Res> : Name extends ProductName.ACCOUNT_DEFENDER ? IAccountDefender<Req, Res> : Name extends ProductName.HYPE_SALE_CHALLENGE ? IHypeSaleChallenge<Req, Res> : never;
+import { IAgenticTrust } from '../agentic_trust';
+export type ProductType<Name extends ProductName, Req, Res> = Name extends ProductName.BOT_DEFENDER ? IBotDefender<Req, Res> : Name extends ProductName.CREDENTIAL_INTELLIGENCE ? ICredentialIntelligence<Req, Res> : Name extends ProductName.ACCOUNT_DEFENDER ? IAccountDefender<Req, Res> : Name extends ProductName.HYPE_SALE_CHALLENGE ? IHypeSaleChallenge<Req, Res> : Name extends ProductName.AGENTIC_TRUST ? IAgenticTrust<Req, Res> : never;

package/lib/types/products/utils/ProductName.d.ts

@@ -3,5 +3,6 @@ export declare enum ProductName {
     ACCOUNT_DEFENDER = "ad",
     CODE_DEFENDER = "cd",
     CREDENTIAL_INTELLIGENCE = "ci",
-    HYPE_SALE_CHALLENGE = "hsc"
+    HYPE_SALE_CHALLENGE = "hsc",
+    AGENTIC_TRUST = "at"
 }

package/lib/types/risk_api/utils.d.ts

@@ -31,6 +31,7 @@ export declare const createRiskApiActivity: <Req, Res, Supported extends string,
         tls_preferred_ciphers?: string;
         tls_ja3_fingerprint?: string;
         enforcer_vid_source?: import("../utils").VidSource;
+        orig_cookie_vid?: string;
         original_uuid?: string;
         original_token_error?: string;
         original_token?: string;
@@ -54,6 +55,11 @@ export declare const createRiskApiActivity: <Req, Res, Supported extends string,
         raw_url?: string;
         used_cookie_secret?: string;
         is_sensitive_route?: boolean;
+        mcp_method?: string;
+        mcp_tool_name?: string;
+        mcp_tool_argument_keys?: string;
+        mcp_session_id?: string;
+        mcp_http_method?: string;
         custom_param1?: any;
         custom_param2?: any;
         custom_param3?: any;

package/lib/types/utils/constants.d.ts

@@ -12,4 +12,4 @@ export declare const PUSH_DATA_FEATURE_HEADER_NAME = "x-px-feature";
 export declare const EMAIL_ADDRESS_REGEX: RegExp;
 export declare const URL_REGEX: RegExp;
 export declare const REGEX_STRUCTURE: RegExp;
-export declare const CORE_MODULE_VERSION = "JS Core 0.35.1";
+export declare const CORE_MODULE_VERSION = "JS Core 0.37.0";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-js-core",
-  "version": "0.35.1",
+  "version": "0.37.0",
   "description": "",
   "type": "module",
   "typesVersions": {