qati-sdk 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -550,15 +550,3 @@ Transient failures are retried automatically for **`POST /v1/events:batch`** acc
550
550
  | Errors | `QatiSDKError`, `QatiAPIError`, `QatiAuthError`, `QatiNotFoundError`, `QatiRateLimitError`, `QatiServerError`, `QatiConfigError`. |
551
551
 
552
552
  `HttpClient.request(...)` exists for advanced use; prefer resource methods for application code.
553
-
554
- ## Build (maintainers)
555
-
556
- From `sdks/typescript/`:
557
-
558
- ```bash
559
- npm ci
560
- npm test
561
- npm run build
562
- ```
563
-
564
- Outputs land in `dist/` (ESM + CJS + declarations).
package/dist/index.cjs CHANGED
@@ -640,7 +640,7 @@ var TrustStateResource = class {
640
640
  /**
641
641
  * Fetches the latest trust state for one entity.
642
642
  *
643
- * @param entityType - Lowercase entity class: `user`, `device`, `account`, `model`, `session`, or `service` (see {@link EntityTypeLowerCase}).
643
+ * @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
644
644
  * @param entityId - Id for the entity(Required)
645
645
  * @param options - Optional contributor limits/window.
646
646
  * @returns {@link TrustState} including `current_closure_score`, `risk_tier`, and `top_contributors`.
@@ -661,7 +661,7 @@ var TrustStateResource = class {
661
661
  /**
662
662
  * Fetches trust states for many entities in one request.
663
663
  *
664
- * @param entityType - Lowercase entity class: `user`, `device`, `account`, `model`, `session`, or `service` (see {@link EntityTypeLowerCase}).
664
+ * @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
665
665
  * @param entityIds - Distinct ids to query. Prefer length ≤ 100 or the server may reject the request.
666
666
  * @param options - Optional contributor limits/window.
667
667
  * @returns Array of {@link TrustState} in server-defined order; empty array when `entityIds` is empty.
@@ -780,6 +780,9 @@ var Session = class {
780
780
  return new Client(this._config, httpClients ?? {});
781
781
  }
782
782
  };
783
+ var fraction01 = () => zod.z.number().min(0).max(1);
784
+ var fraction01Nullable = () => fraction01().nullable().optional();
785
+ var nonEmptyString = () => zod.z.string().min(1);
783
786
 
784
787
  // src/shared/types/signal-type.ts
785
788
  var SIGNAL_TYPES = [
@@ -789,7 +792,16 @@ var SIGNAL_TYPES = [
789
792
  "SYSTEM_TELEMETRY",
790
793
  "MODEL_OUTPUT",
791
794
  "ANOMALY_FLAG",
792
- "NETWORK_EVENT"
795
+ "NETWORK_EVENT",
796
+ "SESSION",
797
+ "PROMPT_INPUT",
798
+ "CONTEXT_INTEGRITY",
799
+ "TOOL_CALL",
800
+ "RAG_RETRIEVAL",
801
+ "POLICY_EVENT",
802
+ "USER_FEEDBACK",
803
+ "WORKFLOW_ACTION",
804
+ "API_CALL"
793
805
  ];
794
806
 
795
807
  // src/shared/types/provenance-mode.ts
@@ -816,8 +828,13 @@ var EventPrincipalSchema = zod.z.object({
816
828
  device_id: zod.z.string().min(1).optional(),
817
829
  session_id: zod.z.string().min(1).optional(),
818
830
  model_id: zod.z.string().min(1).optional(),
819
- service_id: zod.z.string().min(1).optional()
820
- });
831
+ service_id: zod.z.string().min(1).optional(),
832
+ conversation_id: zod.z.string().min(1).optional(),
833
+ document_id: zod.z.string().min(1).optional(),
834
+ tool_id: zod.z.string().min(1).optional(),
835
+ workflow_id: zod.z.string().min(1).optional(),
836
+ api_key_id: zod.z.string().min(1).optional()
837
+ }).strict();
821
838
 
822
839
  // src/v1/schemas/raw-event.ts
823
840
  var BaseEventSchema = zod.z.object({
@@ -838,103 +855,15 @@ var RawEventRequestSchema = zod.z.object({
838
855
  payload: zod.z.record(zod.z.any()).describe("JSON payload (stored as JSONB in DB).")
839
856
  });
840
857
 
841
- // src/v1/schemas/signal-payload.ts
842
- var TransactionSignalPayloadSchema = zod.z.object({
843
- amount: zod.z.number().nonnegative().default(0),
844
- amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
845
- amount_usd: zod.z.number().nonnegative().nullable().optional(),
846
- currency: zod.z.string().nullable().optional(),
847
- merchant_category: zod.z.string().nullable().optional(),
848
- merchant_id: zod.z.string().nullable().optional(),
849
- channel: zod.z.string().nullable().optional(),
850
- country: zod.z.string().nullable().optional(),
851
- velocity: zod.z.number().nonnegative().nullable().optional(),
852
- external_anomaly_score: zod.z.number().nullable().optional(),
853
- geo_distance: zod.z.number().nonnegative().nullable().optional(),
854
- geo_distance_km: zod.z.number().nonnegative().nullable().optional(),
855
- records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
856
- baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
857
- sensitivity_level: zod.z.string().nullable().optional(),
858
- export_count: zod.z.number().int().nonnegative().nullable().optional(),
859
- bulk_export: zod.z.boolean().optional().default(false),
860
- contains_phi: zod.z.boolean().optional().default(false),
861
- control_command: zod.z.string().nullable().optional(),
862
- authorized: zod.z.boolean().nullable().optional(),
863
- safety_critical: zod.z.boolean().optional().default(false)
864
- });
865
- var AuthSignalPayloadSchema = zod.z.object({
866
- result: zod.z.string().nullable().optional(),
867
- auth_method: zod.z.string().nullable().optional(),
868
- mfa_used: zod.z.boolean().nullable().optional(),
869
- mfa_bypassed: zod.z.boolean().optional().default(false),
870
- failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
871
- ip: zod.z.string().nullable().optional(),
872
- country: zod.z.string().nullable().optional(),
873
- user_agent: zod.z.string().nullable().optional(),
874
- unusual_location: zod.z.boolean().optional().default(false),
875
- after_hours_login: zod.z.boolean().optional().default(false)
876
- });
877
- var ModelOutputSignalPayloadSchema = zod.z.object({
878
- missing_citations_rate: zod.z.number().min(0).max(1).nullable().optional(),
879
- citation_rate: zod.z.number().min(0).max(1).nullable().optional(),
880
- expected_citation_rate: zod.z.number().min(0).max(1).nullable().optional(),
881
- policy_violations: zod.z.number().int().nonnegative().optional().default(0),
882
- policy_violation_rate: zod.z.number().min(0).max(1).nullable().optional(),
883
- tool_call_inconsistency: zod.z.number().min(0).max(1).optional().default(0),
884
- tool_inconsistency_rate: zod.z.number().min(0).max(1).nullable().optional(),
885
- tool_miss_rate: zod.z.number().min(0).max(1).nullable().optional(),
886
- eval_window_n: zod.z.number().int().min(1).nullable().optional()
887
- });
888
- var SystemTelemetrySignalPayloadSchema = zod.z.object({
889
- metric_name: zod.z.string().nullable().optional(),
890
- value: zod.z.number().nullable().optional(),
891
- baseline: zod.z.number().nullable().optional(),
892
- window_seconds: zod.z.number().int().min(1).nullable().optional(),
893
- error_rate: zod.z.number().min(0).max(1).optional().default(0),
894
- baseline_error_rate: zod.z.number().min(0).max(1).nullable().optional(),
895
- unusual_auth_rate: zod.z.number().min(0).max(1).optional().default(0),
896
- firmware_hash_changed: zod.z.boolean().optional().default(false),
897
- expected_hash_match: zod.z.boolean().nullable().optional(),
898
- sensor_deviation_score: zod.z.number().min(0).max(1).nullable().optional()
899
- });
858
+ // src/v1/schemas/anomaly-flag.ts
900
859
  var AnomalyFlagSignalPayloadSchema = zod.z.object({
901
- severity: zod.z.number().min(0).max(1)
902
- });
903
- var BehaviorSignalPayloadSchema = zod.z.object({
904
- deviation_score: zod.z.number().min(0).max(1)
905
- });
906
- var NetworkSignalPayloadSchema = zod.z.object({
907
- ip: zod.z.string().nullable().optional(),
908
- asn: zod.z.string().nullable().optional(),
909
- reputation_score: zod.z.number().min(0).max(1).nullable().optional(),
910
- threat_score: zod.z.number().min(0).max(1).nullable().optional(),
911
- is_datacenter: zod.z.boolean().nullable().optional(),
912
- is_untrusted_segment: zod.z.boolean().optional().default(false),
913
- asn_reputation: zod.z.number().min(0).max(1).nullable().optional()
914
- });
915
- BaseEventSchema.extend({
916
- signal_payload: TransactionSignalPayloadSchema
860
+ severity: fraction01()
917
861
  });
918
862
  BaseEventSchema.extend({
919
863
  signal_payload: AnomalyFlagSignalPayloadSchema
920
864
  });
921
- BaseEventSchema.extend({
922
- signal_payload: AuthSignalPayloadSchema
923
- });
924
- BaseEventSchema.extend({
925
- signal_payload: BehaviorSignalPayloadSchema
926
- });
927
- BaseEventSchema.extend({
928
- signal_payload: NetworkSignalPayloadSchema
929
- });
930
- BaseEventSchema.extend({
931
- signal_payload: ModelOutputSignalPayloadSchema
932
- });
933
- BaseEventSchema.extend({
934
- signal_payload: SystemTelemetrySignalPayloadSchema
935
- });
936
865
 
937
- // src/v1/builders/event-builder.ts
866
+ // src/v1/builders/_common.ts
938
867
  var buildRawEventPayload = (event, signalPayload, signalType) => {
939
868
  const rawEventPayload = {
940
869
  timestamp: event.timestamp,
@@ -960,36 +889,296 @@ var buildRawEventRequest = (event, signalPayload, signalType) => {
960
889
  payload: rawEventPayload
961
890
  };
962
891
  };
963
- var createAuthEvent = (event) => {
964
- const signalPayload = AuthSignalPayloadSchema.parse(event.signal_payload);
965
- return buildRawEventRequest(event, signalPayload, "AUTH");
966
- };
967
- function createTransactionEvent(event) {
968
- const signalPayload = TransactionSignalPayloadSchema.parse(
969
- event.signal_payload
970
- );
971
- return buildRawEventRequest(event, signalPayload, "TRANSACTION");
972
- }
892
+
893
+ // src/v1/builders/anomaly-flag-builder.ts
973
894
  var createAnomalyFlagEvent = (event) => {
974
895
  const signalPayload = AnomalyFlagSignalPayloadSchema.parse(
975
896
  event.signal_payload
976
897
  );
977
898
  return buildRawEventRequest(event, signalPayload, "ANOMALY_FLAG");
978
899
  };
900
+
901
+ // src/shared/types/http-method.ts
902
+ var HTTP_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE"];
903
+
904
+ // src/v1/schemas/api-call.ts
905
+ var ApiCallSignalPayloadSchema = zod.z.object({
906
+ service_id: nonEmptyString(),
907
+ endpoint: nonEmptyString(),
908
+ method: zod.z.enum(HTTP_METHODS),
909
+ status_code: zod.z.number().int().min(100).max(599),
910
+ authorized: zod.z.boolean().nullable(),
911
+ authentication_present: zod.z.boolean().nullable().optional(),
912
+ rate_limited: zod.z.boolean().nullable().optional(),
913
+ external_side_effect: zod.z.boolean().nullable().optional(),
914
+ records_returned: zod.z.number().int().nonnegative().nullable().optional(),
915
+ records_modified: zod.z.number().int().nonnegative().nullable().optional(),
916
+ contains_sensitive_data: zod.z.boolean().nullable().optional(),
917
+ latency_ms: zod.z.number().nonnegative().nullable().optional(),
918
+ retry_count: zod.z.number().int().nonnegative().nullable().optional(),
919
+ api_key_id: zod.z.string().nullable().optional()
920
+ });
921
+ BaseEventSchema.extend({
922
+ signal_payload: ApiCallSignalPayloadSchema
923
+ });
924
+
925
+ // src/v1/builders/api-call-builder.ts
926
+ var createApiCallEvent = (event) => {
927
+ const signalPayload = ApiCallSignalPayloadSchema.parse(event.signal_payload);
928
+ return buildRawEventRequest(event, signalPayload, "API_CALL");
929
+ };
930
+ var AuthSignalPayloadSchema = zod.z.object({
931
+ result: zod.z.string().nullable().optional(),
932
+ auth_method: zod.z.string().nullable().optional(),
933
+ mfa_used: zod.z.boolean().nullable().optional(),
934
+ mfa_bypassed: zod.z.boolean().optional().default(false),
935
+ failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
936
+ ip: zod.z.string().nullable().optional(),
937
+ country: zod.z.string().nullable().optional(),
938
+ user_agent: zod.z.string().nullable().optional(),
939
+ unusual_location: zod.z.boolean().optional().default(false),
940
+ after_hours_login: zod.z.boolean().optional().default(false)
941
+ });
942
+ BaseEventSchema.extend({
943
+ signal_payload: AuthSignalPayloadSchema
944
+ });
945
+
946
+ // src/v1/builders/auth-builder.ts
947
+ var createAuthEvent = (event) => {
948
+ const signalPayload = AuthSignalPayloadSchema.parse(event.signal_payload);
949
+ return buildRawEventRequest(event, signalPayload, "AUTH");
950
+ };
951
+ var BehaviorSignalPayloadSchema = zod.z.object({
952
+ deviation_score: fraction01()
953
+ });
954
+ BaseEventSchema.extend({
955
+ signal_payload: BehaviorSignalPayloadSchema
956
+ });
957
+
958
+ // src/v1/builders/behavior-builder.ts
979
959
  var createBehaviorEvent = (event) => {
980
960
  const signalPayload = BehaviorSignalPayloadSchema.parse(event.signal_payload);
981
961
  return buildRawEventRequest(event, signalPayload, "BEHAVIOR");
982
962
  };
983
- var createNetworkEvent = (event) => {
984
- const signalPayload = NetworkSignalPayloadSchema.parse(event.signal_payload);
985
- return buildRawEventRequest(event, signalPayload, "NETWORK_EVENT");
963
+
964
+ // src/shared/types/context-integrity.ts
965
+ var CONTEXT_SOURCES = [
966
+ "CONVERSATION_HISTORY",
967
+ "RETRIEVED_DOCUMENT",
968
+ "TOOL_OUTPUT",
969
+ "SYSTEM",
970
+ "DEVELOPER",
971
+ "USER"
972
+ ];
973
+
974
+ // src/v1/schemas/context-integrity.ts
975
+ var ContextIntegritySignalPayloadSchema = zod.z.object({
976
+ context_source: zod.z.enum(CONTEXT_SOURCES),
977
+ instruction_conflict_detected: zod.z.boolean(),
978
+ untrusted_instruction_detected: zod.z.boolean(),
979
+ context_priority_violation: zod.z.boolean(),
980
+ recursive_instruction_pattern: zod.z.boolean().optional().default(false),
981
+ context_drift_score: fraction01Nullable(),
982
+ system_prompt_conflict_score: fraction01Nullable(),
983
+ developer_prompt_conflict_score: fraction01Nullable(),
984
+ retrieved_instruction_count: zod.z.number().int().nonnegative().optional().default(0),
985
+ hidden_instruction_score: fraction01Nullable(),
986
+ source_document_id: zod.z.string().nullable().optional(),
987
+ untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
988
+ source_trust_score: fraction01Nullable(),
989
+ lowest_source_trust_score: fraction01Nullable(),
990
+ recursive_pattern_score: fraction01Nullable(),
991
+ prompt_injection_score: fraction01Nullable(),
992
+ contains_instruction_override: zod.z.boolean().optional().default(false),
993
+ context_injection_score: fraction01Nullable()
994
+ });
995
+ BaseEventSchema.extend({
996
+ signal_payload: ContextIntegritySignalPayloadSchema
997
+ });
998
+
999
+ // src/v1/builders/context-integrity-builder.ts
1000
+ var createContextIntegrityEvent = (event) => {
1001
+ const signalPayload = ContextIntegritySignalPayloadSchema.parse(
1002
+ event.signal_payload
1003
+ );
1004
+ return buildRawEventRequest(event, signalPayload, "CONTEXT_INTEGRITY");
986
1005
  };
1006
+ var ModelOutputSignalPayloadSchema = zod.z.object({
1007
+ missing_citations_rate: fraction01Nullable(),
1008
+ citation_rate: fraction01Nullable(),
1009
+ expected_citation_rate: fraction01Nullable(),
1010
+ policy_violations: zod.z.number().int().nonnegative().optional().default(0),
1011
+ policy_violation_rate: fraction01Nullable(),
1012
+ tool_call_inconsistency: fraction01().optional().default(0),
1013
+ tool_inconsistency_rate: fraction01Nullable(),
1014
+ tool_miss_rate: fraction01Nullable(),
1015
+ eval_window_n: zod.z.number().int().min(1).nullable().optional(),
1016
+ hallucination_risk_score: fraction01Nullable(),
1017
+ self_contradiction_score: fraction01Nullable(),
1018
+ grounding_score: fraction01Nullable(),
1019
+ contains_unsupported_claims: zod.z.boolean().optional().default(false)
1020
+ });
1021
+ BaseEventSchema.extend({
1022
+ signal_payload: ModelOutputSignalPayloadSchema
1023
+ });
1024
+
1025
+ // src/v1/builders/model-output-builder.ts
987
1026
  var createModelOutputEvent = (event) => {
988
1027
  const signalPayload = ModelOutputSignalPayloadSchema.parse(
989
1028
  event.signal_payload
990
1029
  );
991
1030
  return buildRawEventRequest(event, signalPayload, "MODEL_OUTPUT");
992
1031
  };
1032
+ var NetworkSignalPayloadSchema = zod.z.object({
1033
+ ip: zod.z.string().nullable().optional(),
1034
+ asn: zod.z.string().nullable().optional(),
1035
+ reputation_score: fraction01Nullable(),
1036
+ threat_score: fraction01Nullable(),
1037
+ is_datacenter: zod.z.boolean().nullable().optional(),
1038
+ is_untrusted_segment: zod.z.boolean().optional().default(false),
1039
+ asn_reputation: fraction01Nullable()
1040
+ });
1041
+ BaseEventSchema.extend({
1042
+ signal_payload: NetworkSignalPayloadSchema
1043
+ });
1044
+
1045
+ // src/v1/builders/network-builder.ts
1046
+ var createNetworkEvent = (event) => {
1047
+ const signalPayload = NetworkSignalPayloadSchema.parse(event.signal_payload);
1048
+ return buildRawEventRequest(event, signalPayload, "NETWORK_EVENT");
1049
+ };
1050
+
1051
+ // src/shared/types/policy-event.ts
1052
+ var POLICY_CATEGORIES = [
1053
+ "SAFETY",
1054
+ "PRIVACY",
1055
+ "SECURITY",
1056
+ "COMPLIANCE",
1057
+ "CONTENT",
1058
+ "OTHER"
1059
+ ];
1060
+ var POLICY_RESULTS = ["PASS", "WARN", "FAIL", "BLOCKED"];
1061
+
1062
+ // src/v1/schemas/policy-event.ts
1063
+ var PolicyEventSignalPayloadSchema = zod.z.object({
1064
+ policy_check_name: nonEmptyString(),
1065
+ policy_category: zod.z.enum(POLICY_CATEGORIES),
1066
+ policy_result: zod.z.enum(POLICY_RESULTS),
1067
+ severity: fraction01(),
1068
+ blocked: zod.z.boolean().optional().default(false),
1069
+ violation_count: zod.z.number().int().nonnegative().optional().default(0),
1070
+ policy_confidence: fraction01Nullable(),
1071
+ redaction_applied: zod.z.boolean().optional().default(false)
1072
+ });
1073
+ BaseEventSchema.extend({
1074
+ signal_payload: PolicyEventSignalPayloadSchema
1075
+ });
1076
+
1077
+ // src/v1/builders/policy-event-builder.ts
1078
+ var createPolicyEvent = (event) => {
1079
+ const signalPayload = PolicyEventSignalPayloadSchema.parse(
1080
+ event.signal_payload
1081
+ );
1082
+ return buildRawEventRequest(event, signalPayload, "POLICY_EVENT");
1083
+ };
1084
+ var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional();
1085
+ var PromptInputSignalPayloadSchema = zod.z.object({
1086
+ prompt_length_chars: zod.z.number().int().nonnegative(),
1087
+ conversation_turn_index: zod.z.number().int().nonnegative(),
1088
+ contains_instruction_override: zod.z.boolean(),
1089
+ contains_tool_request: zod.z.boolean().optional().default(false),
1090
+ contains_secret_request: zod.z.boolean().optional().default(false),
1091
+ contains_policy_challenge: zod.z.boolean().optional().default(false),
1092
+ recursive_pattern_score: fraction01Nullable(),
1093
+ prompt_injection_score: fraction01Nullable(),
1094
+ sensitive_domain: zod.z.boolean().optional().default(false),
1095
+ complexity_score: fraction01Nullable(),
1096
+ prompt_hash: promptHashSchema
1097
+ });
1098
+ BaseEventSchema.extend({
1099
+ signal_payload: PromptInputSignalPayloadSchema
1100
+ });
1101
+
1102
+ // src/v1/builders/prompt-input-builder.ts
1103
+ var createPromptInputEvent = (event) => {
1104
+ const signalPayload = PromptInputSignalPayloadSchema.parse(
1105
+ event.signal_payload
1106
+ );
1107
+ return buildRawEventRequest(event, signalPayload, "PROMPT_INPUT");
1108
+ };
1109
+ var RagRetrievalSignalPayloadSchema = zod.z.object({
1110
+ retriever_id: nonEmptyString(),
1111
+ query_hash: zod.z.string().nullable().optional(),
1112
+ documents_retrieved: zod.z.number().int().nonnegative(),
1113
+ top_k: zod.z.number().int().min(1),
1114
+ average_relevance_score: fraction01(),
1115
+ source_trust_score: fraction01(),
1116
+ lowest_source_trust_score: fraction01Nullable(),
1117
+ untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
1118
+ retrieved_context_tokens: zod.z.number().int().nonnegative().optional().default(0),
1119
+ context_injection_score: fraction01().optional().default(0),
1120
+ document_ids: zod.z.array(zod.z.string()).optional().default([])
1121
+ });
1122
+ BaseEventSchema.extend({
1123
+ signal_payload: RagRetrievalSignalPayloadSchema
1124
+ });
1125
+
1126
+ // src/v1/builders/rag-retrieval-builder.ts
1127
+ var createRagRetrievalEvent = (event) => {
1128
+ const signalPayload = RagRetrievalSignalPayloadSchema.parse(
1129
+ event.signal_payload
1130
+ );
1131
+ return buildRawEventRequest(event, signalPayload, "RAG_RETRIEVAL");
1132
+ };
1133
+
1134
+ // src/shared/types/session.ts
1135
+ var SESSION_STATUSES = [
1136
+ "STARTED",
1137
+ "ACTIVE",
1138
+ "ENDED",
1139
+ "TIMEOUT",
1140
+ "ABANDONED"
1141
+ ];
1142
+
1143
+ // src/v1/schemas/session.ts
1144
+ var SessionSignalPayloadSchema = zod.z.object({
1145
+ session_status: zod.z.enum(SESSION_STATUSES),
1146
+ session_age_seconds: zod.z.number().nonnegative().optional().default(0),
1147
+ turn_count: zod.z.number().int().nonnegative().optional().default(0),
1148
+ messages_last_minute: zod.z.number().nonnegative().optional().default(0),
1149
+ avg_seconds_between_turns: zod.z.number().nonnegative().nullable().optional(),
1150
+ restart_count_10m: zod.z.number().int().nonnegative().optional().default(0),
1151
+ session_timeout: zod.z.boolean().optional().default(false),
1152
+ abandoned: zod.z.boolean().optional().default(false),
1153
+ conversation_id: zod.z.string().nullable().optional(),
1154
+ user_id: zod.z.string().nullable().optional()
1155
+ });
1156
+ BaseEventSchema.extend({
1157
+ signal_payload: SessionSignalPayloadSchema
1158
+ });
1159
+
1160
+ // src/v1/builders/session-builder.ts
1161
+ var createSessionEvent = (event) => {
1162
+ const signalPayload = SessionSignalPayloadSchema.parse(event.signal_payload);
1163
+ return buildRawEventRequest(event, signalPayload, "SESSION");
1164
+ };
1165
+ var SystemTelemetrySignalPayloadSchema = zod.z.object({
1166
+ metric_name: zod.z.string().nullable().optional(),
1167
+ value: zod.z.number().nullable().optional(),
1168
+ baseline: zod.z.number().nullable().optional(),
1169
+ window_seconds: zod.z.number().int().min(1).nullable().optional(),
1170
+ error_rate: fraction01().optional().default(0),
1171
+ baseline_error_rate: fraction01Nullable(),
1172
+ unusual_auth_rate: fraction01().optional().default(0),
1173
+ firmware_hash_changed: zod.z.boolean().optional().default(false),
1174
+ expected_hash_match: zod.z.boolean().nullable().optional(),
1175
+ sensor_deviation_score: fraction01Nullable()
1176
+ });
1177
+ BaseEventSchema.extend({
1178
+ signal_payload: SystemTelemetrySignalPayloadSchema
1179
+ });
1180
+
1181
+ // src/v1/builders/system-telemetry-builder.ts
993
1182
  var createSystemTelemetryEvent = (event) => {
994
1183
  const signalPayload = SystemTelemetrySignalPayloadSchema.parse(
995
1184
  event.signal_payload
@@ -997,6 +1186,172 @@ var createSystemTelemetryEvent = (event) => {
997
1186
  return buildRawEventRequest(event, signalPayload, "SYSTEM_TELEMETRY");
998
1187
  };
999
1188
 
1189
+ // src/shared/types/tool-call.ts
1190
+ var TOOL_CATEGORIES = [
1191
+ "RETRIEVAL",
1192
+ "DATABASE",
1193
+ "PAYMENT",
1194
+ "MESSAGING",
1195
+ "CODE_EXECUTION",
1196
+ "FILE",
1197
+ "EXTERNAL_API",
1198
+ "OTHER"
1199
+ ];
1200
+
1201
+ // src/v1/schemas/tool-call.ts
1202
+ var ToolCallSignalPayloadSchema = zod.z.object({
1203
+ tool_name: nonEmptyString(),
1204
+ tool_category: zod.z.enum(TOOL_CATEGORIES),
1205
+ action: nonEmptyString(),
1206
+ authorized: zod.z.boolean().nullable(),
1207
+ safety_critical: zod.z.boolean(),
1208
+ external_side_effect: zod.z.boolean(),
1209
+ tool_call_success: zod.z.boolean().nullable().optional(),
1210
+ latency_ms: zod.z.number().nonnegative().nullable().optional(),
1211
+ error_code: zod.z.string().nullable().optional(),
1212
+ argument_risk_score: fraction01Nullable(),
1213
+ result_size_bytes: zod.z.number().int().nonnegative().nullable().optional(),
1214
+ records_accessed: zod.z.number().int().nonnegative().optional().default(0),
1215
+ contains_sensitive_data: zod.z.boolean().optional().default(false),
1216
+ action_category: zod.z.string().nullable().optional(),
1217
+ method: zod.z.string().nullable().optional(),
1218
+ sensitive_data_involved: zod.z.boolean().optional().default(false),
1219
+ contains_phi: zod.z.boolean().optional().default(false),
1220
+ sensitive_domain: zod.z.boolean().optional().default(false)
1221
+ });
1222
+ BaseEventSchema.extend({
1223
+ signal_payload: ToolCallSignalPayloadSchema
1224
+ });
1225
+
1226
+ // src/v1/builders/tool-call-builder.ts
1227
+ var createToolCallEvent = (event) => {
1228
+ const signalPayload = ToolCallSignalPayloadSchema.parse(event.signal_payload);
1229
+ return buildRawEventRequest(event, signalPayload, "TOOL_CALL");
1230
+ };
1231
+ var TransactionSignalPayloadSchema = zod.z.object({
1232
+ amount: zod.z.number().nonnegative().default(0),
1233
+ amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
1234
+ amount_usd: zod.z.number().nonnegative().nullable().optional(),
1235
+ currency: zod.z.string().nullable().optional(),
1236
+ merchant_category: zod.z.string().nullable().optional(),
1237
+ merchant_id: zod.z.string().nullable().optional(),
1238
+ channel: zod.z.string().nullable().optional(),
1239
+ country: zod.z.string().nullable().optional(),
1240
+ velocity: zod.z.number().nonnegative().nullable().optional(),
1241
+ external_anomaly_score: zod.z.number().nullable().optional(),
1242
+ geo_distance: zod.z.number().nonnegative().nullable().optional(),
1243
+ geo_distance_km: zod.z.number().nonnegative().nullable().optional(),
1244
+ records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
1245
+ baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
1246
+ sensitivity_level: zod.z.string().nullable().optional(),
1247
+ export_count: zod.z.number().int().nonnegative().nullable().optional(),
1248
+ bulk_export: zod.z.boolean().optional().default(false),
1249
+ contains_phi: zod.z.boolean().optional().default(false),
1250
+ control_command: zod.z.string().nullable().optional(),
1251
+ authorized: zod.z.boolean().nullable().optional(),
1252
+ safety_critical: zod.z.boolean().optional().default(false)
1253
+ });
1254
+ BaseEventSchema.extend({
1255
+ signal_payload: TransactionSignalPayloadSchema
1256
+ });
1257
+
1258
+ // src/v1/builders/transaction-builder.ts
1259
+ var createTransactionEvent = (event) => {
1260
+ const signalPayload = TransactionSignalPayloadSchema.parse(
1261
+ event.signal_payload
1262
+ );
1263
+ return buildRawEventRequest(event, signalPayload, "TRANSACTION");
1264
+ };
1265
+
1266
+ // src/shared/types/user-feedback.ts
1267
+ var FEEDBACK_TYPES = [
1268
+ "THUMBS_UP",
1269
+ "THUMBS_DOWN",
1270
+ "REPORT",
1271
+ "CORRECTION",
1272
+ "RATING"
1273
+ ];
1274
+ var FEEDBACK_ISSUE_TYPES = [
1275
+ "HALLUCINATION",
1276
+ "UNSAFE",
1277
+ "IRRELEVANT",
1278
+ "PRIVACY",
1279
+ "OFFENSIVE",
1280
+ "OTHER"
1281
+ ];
1282
+
1283
+ // src/v1/schemas/user-feedback.ts
1284
+ var UserFeedbackSignalPayloadSchema = zod.z.object({
1285
+ feedback_type: zod.z.enum(FEEDBACK_TYPES),
1286
+ rating: zod.z.number().nullable().optional(),
1287
+ reported_issue: zod.z.boolean().optional().default(false),
1288
+ issue_type: zod.z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional(),
1289
+ severity: fraction01Nullable(),
1290
+ response_id: zod.z.string().nullable().optional(),
1291
+ user_comment_hash: zod.z.string().nullable().optional()
1292
+ });
1293
+ BaseEventSchema.extend({
1294
+ signal_payload: UserFeedbackSignalPayloadSchema
1295
+ });
1296
+
1297
+ // src/v1/builders/user-feedback-builder.ts
1298
+ var createUserFeedbackEvent = (event) => {
1299
+ const signalPayload = UserFeedbackSignalPayloadSchema.parse(
1300
+ event.signal_payload
1301
+ );
1302
+ return buildRawEventRequest(event, signalPayload, "USER_FEEDBACK");
1303
+ };
1304
+
1305
+ // src/shared/types/workflow-action.ts
1306
+ var WORKFLOW_ACTION_CATEGORIES = [
1307
+ "FINANCIAL",
1308
+ "DATA_ACCESS",
1309
+ "COMMUNICATION",
1310
+ "ADMIN",
1311
+ "SECURITY",
1312
+ "CODE",
1313
+ "OTHER"
1314
+ ];
1315
+ var WORKFLOW_ACTION_STAGES = [
1316
+ "PROPOSED",
1317
+ "PRE_EXECUTION",
1318
+ "EXECUTED",
1319
+ "FAILED",
1320
+ "ROLLED_BACK"
1321
+ ];
1322
+ var WORKFLOW_ACTOR_TYPES = ["USER", "AI_AGENT", "SYSTEM"];
1323
+
1324
+ // src/v1/schemas/workflow-action.ts
1325
+ var WorkflowActionSignalPayloadSchema = zod.z.object({
1326
+ workflow_id: nonEmptyString(),
1327
+ workflow_type: nonEmptyString(),
1328
+ action_name: nonEmptyString(),
1329
+ action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES),
1330
+ action_stage: zod.z.enum(WORKFLOW_ACTION_STAGES),
1331
+ actor_type: zod.z.enum(WORKFLOW_ACTOR_TYPES),
1332
+ requires_approval: zod.z.boolean().optional().default(false),
1333
+ approval_present: zod.z.boolean().optional().default(false),
1334
+ external_side_effect: zod.z.boolean().nullable().optional(),
1335
+ safety_critical: zod.z.boolean().nullable().optional(),
1336
+ amount_usd: zod.z.number().nonnegative().nullable().optional(),
1337
+ sensitive_data_involved: zod.z.boolean().optional().default(false),
1338
+ new_counterparty: zod.z.boolean().optional().default(false),
1339
+ is_new_vendor: zod.z.boolean().optional().default(false),
1340
+ is_new_recipient: zod.z.boolean().optional().default(false),
1341
+ is_new_endpoint: zod.z.boolean().optional().default(false)
1342
+ });
1343
+ BaseEventSchema.extend({
1344
+ signal_payload: WorkflowActionSignalPayloadSchema
1345
+ });
1346
+
1347
+ // src/v1/builders/workflow-action-builder.ts
1348
+ var createWorkflowActionEvent = (event) => {
1349
+ const signalPayload = WorkflowActionSignalPayloadSchema.parse(
1350
+ event.signal_payload
1351
+ );
1352
+ return buildRawEventRequest(event, signalPayload, "WORKFLOW_ACTION");
1353
+ };
1354
+
1000
1355
  exports.API_REGISTRY = API_REGISTRY;
1001
1356
  exports.QatiAPIError = QatiAPIError;
1002
1357
  exports.QatiAuthError = QatiAuthError;
@@ -1009,12 +1364,21 @@ exports.RawEventRequestSchema = RawEventRequestSchema;
1009
1364
  exports.Session = Session;
1010
1365
  exports.baseUrlFor = baseUrlFor;
1011
1366
  exports.createAnomalyFlagEvent = createAnomalyFlagEvent;
1367
+ exports.createApiCallEvent = createApiCallEvent;
1012
1368
  exports.createAuthEvent = createAuthEvent;
1013
1369
  exports.createBehaviorEvent = createBehaviorEvent;
1370
+ exports.createContextIntegrityEvent = createContextIntegrityEvent;
1014
1371
  exports.createModelOutputEvent = createModelOutputEvent;
1015
1372
  exports.createNetworkEvent = createNetworkEvent;
1373
+ exports.createPolicyEvent = createPolicyEvent;
1374
+ exports.createPromptInputEvent = createPromptInputEvent;
1375
+ exports.createRagRetrievalEvent = createRagRetrievalEvent;
1376
+ exports.createSessionEvent = createSessionEvent;
1016
1377
  exports.createSystemTelemetryEvent = createSystemTelemetryEvent;
1378
+ exports.createToolCallEvent = createToolCallEvent;
1017
1379
  exports.createTransactionEvent = createTransactionEvent;
1380
+ exports.createUserFeedbackEvent = createUserFeedbackEvent;
1381
+ exports.createWorkflowActionEvent = createWorkflowActionEvent;
1018
1382
  exports.parseQatiConfig = parseQatiConfig;
1019
1383
  exports.resolveQatiConfig = resolveQatiConfig;
1020
1384
  //# sourceMappingURL=index.cjs.map