qati-sdk 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -12
- package/dist/index.cjs +473 -109
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2403 -373
- package/dist/index.d.ts +2403 -373
- package/dist/index.js +465 -110
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -634,7 +634,7 @@ var TrustStateResource = class {
|
|
|
634
634
|
/**
|
|
635
635
|
* Fetches the latest trust state for one entity.
|
|
636
636
|
*
|
|
637
|
-
* @param entityType - Lowercase entity class
|
|
637
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
638
638
|
* @param entityId - Id for the entity(Required)
|
|
639
639
|
* @param options - Optional contributor limits/window.
|
|
640
640
|
* @returns {@link TrustState} including `current_closure_score`, `risk_tier`, and `top_contributors`.
|
|
@@ -655,7 +655,7 @@ var TrustStateResource = class {
|
|
|
655
655
|
/**
|
|
656
656
|
* Fetches trust states for many entities in one request.
|
|
657
657
|
*
|
|
658
|
-
* @param entityType - Lowercase entity class
|
|
658
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
659
659
|
* @param entityIds - Distinct ids to query. Prefer length ≤ 100 or the server may reject the request.
|
|
660
660
|
* @param options - Optional contributor limits/window.
|
|
661
661
|
* @returns Array of {@link TrustState} in server-defined order; empty array when `entityIds` is empty.
|
|
@@ -774,6 +774,9 @@ var Session = class {
|
|
|
774
774
|
return new Client(this._config, httpClients ?? {});
|
|
775
775
|
}
|
|
776
776
|
};
|
|
777
|
+
var fraction01 = () => z.number().min(0).max(1);
|
|
778
|
+
var fraction01Nullable = () => fraction01().nullable().optional();
|
|
779
|
+
var nonEmptyString = () => z.string().min(1);
|
|
777
780
|
|
|
778
781
|
// src/shared/types/signal-type.ts
|
|
779
782
|
var SIGNAL_TYPES = [
|
|
@@ -783,7 +786,16 @@ var SIGNAL_TYPES = [
|
|
|
783
786
|
"SYSTEM_TELEMETRY",
|
|
784
787
|
"MODEL_OUTPUT",
|
|
785
788
|
"ANOMALY_FLAG",
|
|
786
|
-
"NETWORK_EVENT"
|
|
789
|
+
"NETWORK_EVENT",
|
|
790
|
+
"SESSION",
|
|
791
|
+
"PROMPT_INPUT",
|
|
792
|
+
"CONTEXT_INTEGRITY",
|
|
793
|
+
"TOOL_CALL",
|
|
794
|
+
"RAG_RETRIEVAL",
|
|
795
|
+
"POLICY_EVENT",
|
|
796
|
+
"USER_FEEDBACK",
|
|
797
|
+
"WORKFLOW_ACTION",
|
|
798
|
+
"API_CALL"
|
|
787
799
|
];
|
|
788
800
|
|
|
789
801
|
// src/shared/types/provenance-mode.ts
|
|
@@ -810,8 +822,13 @@ var EventPrincipalSchema = z.object({
|
|
|
810
822
|
device_id: z.string().min(1).optional(),
|
|
811
823
|
session_id: z.string().min(1).optional(),
|
|
812
824
|
model_id: z.string().min(1).optional(),
|
|
813
|
-
service_id: z.string().min(1).optional()
|
|
814
|
-
|
|
825
|
+
service_id: z.string().min(1).optional(),
|
|
826
|
+
conversation_id: z.string().min(1).optional(),
|
|
827
|
+
document_id: z.string().min(1).optional(),
|
|
828
|
+
tool_id: z.string().min(1).optional(),
|
|
829
|
+
workflow_id: z.string().min(1).optional(),
|
|
830
|
+
api_key_id: z.string().min(1).optional()
|
|
831
|
+
}).strict();
|
|
815
832
|
|
|
816
833
|
// src/v1/schemas/raw-event.ts
|
|
817
834
|
var BaseEventSchema = z.object({
|
|
@@ -832,103 +849,15 @@ var RawEventRequestSchema = z.object({
|
|
|
832
849
|
payload: z.record(z.any()).describe("JSON payload (stored as JSONB in DB).")
|
|
833
850
|
});
|
|
834
851
|
|
|
835
|
-
// src/v1/schemas/
|
|
836
|
-
var TransactionSignalPayloadSchema = z.object({
|
|
837
|
-
amount: z.number().nonnegative().default(0),
|
|
838
|
-
amount_minor: z.number().int().nonnegative().nullable().optional(),
|
|
839
|
-
amount_usd: z.number().nonnegative().nullable().optional(),
|
|
840
|
-
currency: z.string().nullable().optional(),
|
|
841
|
-
merchant_category: z.string().nullable().optional(),
|
|
842
|
-
merchant_id: z.string().nullable().optional(),
|
|
843
|
-
channel: z.string().nullable().optional(),
|
|
844
|
-
country: z.string().nullable().optional(),
|
|
845
|
-
velocity: z.number().nonnegative().nullable().optional(),
|
|
846
|
-
external_anomaly_score: z.number().nullable().optional(),
|
|
847
|
-
geo_distance: z.number().nonnegative().nullable().optional(),
|
|
848
|
-
geo_distance_km: z.number().nonnegative().nullable().optional(),
|
|
849
|
-
records_accessed: z.number().int().nonnegative().nullable().optional(),
|
|
850
|
-
baseline_records_accessed: z.number().int().nonnegative().nullable().optional(),
|
|
851
|
-
sensitivity_level: z.string().nullable().optional(),
|
|
852
|
-
export_count: z.number().int().nonnegative().nullable().optional(),
|
|
853
|
-
bulk_export: z.boolean().optional().default(false),
|
|
854
|
-
contains_phi: z.boolean().optional().default(false),
|
|
855
|
-
control_command: z.string().nullable().optional(),
|
|
856
|
-
authorized: z.boolean().nullable().optional(),
|
|
857
|
-
safety_critical: z.boolean().optional().default(false)
|
|
858
|
-
});
|
|
859
|
-
var AuthSignalPayloadSchema = z.object({
|
|
860
|
-
result: z.string().nullable().optional(),
|
|
861
|
-
auth_method: z.string().nullable().optional(),
|
|
862
|
-
mfa_used: z.boolean().nullable().optional(),
|
|
863
|
-
mfa_bypassed: z.boolean().optional().default(false),
|
|
864
|
-
failed_attempts: z.number().int().nonnegative().optional().default(0),
|
|
865
|
-
ip: z.string().nullable().optional(),
|
|
866
|
-
country: z.string().nullable().optional(),
|
|
867
|
-
user_agent: z.string().nullable().optional(),
|
|
868
|
-
unusual_location: z.boolean().optional().default(false),
|
|
869
|
-
after_hours_login: z.boolean().optional().default(false)
|
|
870
|
-
});
|
|
871
|
-
var ModelOutputSignalPayloadSchema = z.object({
|
|
872
|
-
missing_citations_rate: z.number().min(0).max(1).nullable().optional(),
|
|
873
|
-
citation_rate: z.number().min(0).max(1).nullable().optional(),
|
|
874
|
-
expected_citation_rate: z.number().min(0).max(1).nullable().optional(),
|
|
875
|
-
policy_violations: z.number().int().nonnegative().optional().default(0),
|
|
876
|
-
policy_violation_rate: z.number().min(0).max(1).nullable().optional(),
|
|
877
|
-
tool_call_inconsistency: z.number().min(0).max(1).optional().default(0),
|
|
878
|
-
tool_inconsistency_rate: z.number().min(0).max(1).nullable().optional(),
|
|
879
|
-
tool_miss_rate: z.number().min(0).max(1).nullable().optional(),
|
|
880
|
-
eval_window_n: z.number().int().min(1).nullable().optional()
|
|
881
|
-
});
|
|
882
|
-
var SystemTelemetrySignalPayloadSchema = z.object({
|
|
883
|
-
metric_name: z.string().nullable().optional(),
|
|
884
|
-
value: z.number().nullable().optional(),
|
|
885
|
-
baseline: z.number().nullable().optional(),
|
|
886
|
-
window_seconds: z.number().int().min(1).nullable().optional(),
|
|
887
|
-
error_rate: z.number().min(0).max(1).optional().default(0),
|
|
888
|
-
baseline_error_rate: z.number().min(0).max(1).nullable().optional(),
|
|
889
|
-
unusual_auth_rate: z.number().min(0).max(1).optional().default(0),
|
|
890
|
-
firmware_hash_changed: z.boolean().optional().default(false),
|
|
891
|
-
expected_hash_match: z.boolean().nullable().optional(),
|
|
892
|
-
sensor_deviation_score: z.number().min(0).max(1).nullable().optional()
|
|
893
|
-
});
|
|
852
|
+
// src/v1/schemas/anomaly-flag.ts
|
|
894
853
|
var AnomalyFlagSignalPayloadSchema = z.object({
|
|
895
|
-
severity:
|
|
896
|
-
});
|
|
897
|
-
var BehaviorSignalPayloadSchema = z.object({
|
|
898
|
-
deviation_score: z.number().min(0).max(1)
|
|
899
|
-
});
|
|
900
|
-
var NetworkSignalPayloadSchema = z.object({
|
|
901
|
-
ip: z.string().nullable().optional(),
|
|
902
|
-
asn: z.string().nullable().optional(),
|
|
903
|
-
reputation_score: z.number().min(0).max(1).nullable().optional(),
|
|
904
|
-
threat_score: z.number().min(0).max(1).nullable().optional(),
|
|
905
|
-
is_datacenter: z.boolean().nullable().optional(),
|
|
906
|
-
is_untrusted_segment: z.boolean().optional().default(false),
|
|
907
|
-
asn_reputation: z.number().min(0).max(1).nullable().optional()
|
|
908
|
-
});
|
|
909
|
-
BaseEventSchema.extend({
|
|
910
|
-
signal_payload: TransactionSignalPayloadSchema
|
|
854
|
+
severity: fraction01()
|
|
911
855
|
});
|
|
912
856
|
BaseEventSchema.extend({
|
|
913
857
|
signal_payload: AnomalyFlagSignalPayloadSchema
|
|
914
858
|
});
|
|
915
|
-
BaseEventSchema.extend({
|
|
916
|
-
signal_payload: AuthSignalPayloadSchema
|
|
917
|
-
});
|
|
918
|
-
BaseEventSchema.extend({
|
|
919
|
-
signal_payload: BehaviorSignalPayloadSchema
|
|
920
|
-
});
|
|
921
|
-
BaseEventSchema.extend({
|
|
922
|
-
signal_payload: NetworkSignalPayloadSchema
|
|
923
|
-
});
|
|
924
|
-
BaseEventSchema.extend({
|
|
925
|
-
signal_payload: ModelOutputSignalPayloadSchema
|
|
926
|
-
});
|
|
927
|
-
BaseEventSchema.extend({
|
|
928
|
-
signal_payload: SystemTelemetrySignalPayloadSchema
|
|
929
|
-
});
|
|
930
859
|
|
|
931
|
-
// src/v1/builders/
|
|
860
|
+
// src/v1/builders/_common.ts
|
|
932
861
|
var buildRawEventPayload = (event, signalPayload, signalType) => {
|
|
933
862
|
const rawEventPayload = {
|
|
934
863
|
timestamp: event.timestamp,
|
|
@@ -954,36 +883,296 @@ var buildRawEventRequest = (event, signalPayload, signalType) => {
|
|
|
954
883
|
payload: rawEventPayload
|
|
955
884
|
};
|
|
956
885
|
};
|
|
957
|
-
|
|
958
|
-
|
|
959
|
-
return buildRawEventRequest(event, signalPayload, "AUTH");
|
|
960
|
-
};
|
|
961
|
-
function createTransactionEvent(event) {
|
|
962
|
-
const signalPayload = TransactionSignalPayloadSchema.parse(
|
|
963
|
-
event.signal_payload
|
|
964
|
-
);
|
|
965
|
-
return buildRawEventRequest(event, signalPayload, "TRANSACTION");
|
|
966
|
-
}
|
|
886
|
+
|
|
887
|
+
// src/v1/builders/anomaly-flag-builder.ts
|
|
967
888
|
var createAnomalyFlagEvent = (event) => {
|
|
968
889
|
const signalPayload = AnomalyFlagSignalPayloadSchema.parse(
|
|
969
890
|
event.signal_payload
|
|
970
891
|
);
|
|
971
892
|
return buildRawEventRequest(event, signalPayload, "ANOMALY_FLAG");
|
|
972
893
|
};
|
|
894
|
+
|
|
895
|
+
// src/shared/types/http-method.ts
|
|
896
|
+
var HTTP_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE"];
|
|
897
|
+
|
|
898
|
+
// src/v1/schemas/api-call.ts
|
|
899
|
+
var ApiCallSignalPayloadSchema = z.object({
|
|
900
|
+
service_id: nonEmptyString(),
|
|
901
|
+
endpoint: nonEmptyString(),
|
|
902
|
+
method: z.enum(HTTP_METHODS),
|
|
903
|
+
status_code: z.number().int().min(100).max(599),
|
|
904
|
+
authorized: z.boolean().nullable(),
|
|
905
|
+
authentication_present: z.boolean().nullable().optional(),
|
|
906
|
+
rate_limited: z.boolean().nullable().optional(),
|
|
907
|
+
external_side_effect: z.boolean().nullable().optional(),
|
|
908
|
+
records_returned: z.number().int().nonnegative().nullable().optional(),
|
|
909
|
+
records_modified: z.number().int().nonnegative().nullable().optional(),
|
|
910
|
+
contains_sensitive_data: z.boolean().nullable().optional(),
|
|
911
|
+
latency_ms: z.number().nonnegative().nullable().optional(),
|
|
912
|
+
retry_count: z.number().int().nonnegative().nullable().optional(),
|
|
913
|
+
api_key_id: z.string().nullable().optional()
|
|
914
|
+
});
|
|
915
|
+
BaseEventSchema.extend({
|
|
916
|
+
signal_payload: ApiCallSignalPayloadSchema
|
|
917
|
+
});
|
|
918
|
+
|
|
919
|
+
// src/v1/builders/api-call-builder.ts
|
|
920
|
+
var createApiCallEvent = (event) => {
|
|
921
|
+
const signalPayload = ApiCallSignalPayloadSchema.parse(event.signal_payload);
|
|
922
|
+
return buildRawEventRequest(event, signalPayload, "API_CALL");
|
|
923
|
+
};
|
|
924
|
+
var AuthSignalPayloadSchema = z.object({
|
|
925
|
+
result: z.string().nullable().optional(),
|
|
926
|
+
auth_method: z.string().nullable().optional(),
|
|
927
|
+
mfa_used: z.boolean().nullable().optional(),
|
|
928
|
+
mfa_bypassed: z.boolean().optional().default(false),
|
|
929
|
+
failed_attempts: z.number().int().nonnegative().optional().default(0),
|
|
930
|
+
ip: z.string().nullable().optional(),
|
|
931
|
+
country: z.string().nullable().optional(),
|
|
932
|
+
user_agent: z.string().nullable().optional(),
|
|
933
|
+
unusual_location: z.boolean().optional().default(false),
|
|
934
|
+
after_hours_login: z.boolean().optional().default(false)
|
|
935
|
+
});
|
|
936
|
+
BaseEventSchema.extend({
|
|
937
|
+
signal_payload: AuthSignalPayloadSchema
|
|
938
|
+
});
|
|
939
|
+
|
|
940
|
+
// src/v1/builders/auth-builder.ts
|
|
941
|
+
var createAuthEvent = (event) => {
|
|
942
|
+
const signalPayload = AuthSignalPayloadSchema.parse(event.signal_payload);
|
|
943
|
+
return buildRawEventRequest(event, signalPayload, "AUTH");
|
|
944
|
+
};
|
|
945
|
+
var BehaviorSignalPayloadSchema = z.object({
|
|
946
|
+
deviation_score: fraction01()
|
|
947
|
+
});
|
|
948
|
+
BaseEventSchema.extend({
|
|
949
|
+
signal_payload: BehaviorSignalPayloadSchema
|
|
950
|
+
});
|
|
951
|
+
|
|
952
|
+
// src/v1/builders/behavior-builder.ts
|
|
973
953
|
var createBehaviorEvent = (event) => {
|
|
974
954
|
const signalPayload = BehaviorSignalPayloadSchema.parse(event.signal_payload);
|
|
975
955
|
return buildRawEventRequest(event, signalPayload, "BEHAVIOR");
|
|
976
956
|
};
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
957
|
+
|
|
958
|
+
// src/shared/types/context-integrity.ts
|
|
959
|
+
var CONTEXT_SOURCES = [
|
|
960
|
+
"CONVERSATION_HISTORY",
|
|
961
|
+
"RETRIEVED_DOCUMENT",
|
|
962
|
+
"TOOL_OUTPUT",
|
|
963
|
+
"SYSTEM",
|
|
964
|
+
"DEVELOPER",
|
|
965
|
+
"USER"
|
|
966
|
+
];
|
|
967
|
+
|
|
968
|
+
// src/v1/schemas/context-integrity.ts
|
|
969
|
+
var ContextIntegritySignalPayloadSchema = z.object({
|
|
970
|
+
context_source: z.enum(CONTEXT_SOURCES),
|
|
971
|
+
instruction_conflict_detected: z.boolean(),
|
|
972
|
+
untrusted_instruction_detected: z.boolean(),
|
|
973
|
+
context_priority_violation: z.boolean(),
|
|
974
|
+
recursive_instruction_pattern: z.boolean().optional().default(false),
|
|
975
|
+
context_drift_score: fraction01Nullable(),
|
|
976
|
+
system_prompt_conflict_score: fraction01Nullable(),
|
|
977
|
+
developer_prompt_conflict_score: fraction01Nullable(),
|
|
978
|
+
retrieved_instruction_count: z.number().int().nonnegative().optional().default(0),
|
|
979
|
+
hidden_instruction_score: fraction01Nullable(),
|
|
980
|
+
source_document_id: z.string().nullable().optional(),
|
|
981
|
+
untrusted_source_count: z.number().int().nonnegative().optional().default(0),
|
|
982
|
+
source_trust_score: fraction01Nullable(),
|
|
983
|
+
lowest_source_trust_score: fraction01Nullable(),
|
|
984
|
+
recursive_pattern_score: fraction01Nullable(),
|
|
985
|
+
prompt_injection_score: fraction01Nullable(),
|
|
986
|
+
contains_instruction_override: z.boolean().optional().default(false),
|
|
987
|
+
context_injection_score: fraction01Nullable()
|
|
988
|
+
});
|
|
989
|
+
BaseEventSchema.extend({
|
|
990
|
+
signal_payload: ContextIntegritySignalPayloadSchema
|
|
991
|
+
});
|
|
992
|
+
|
|
993
|
+
// src/v1/builders/context-integrity-builder.ts
|
|
994
|
+
var createContextIntegrityEvent = (event) => {
|
|
995
|
+
const signalPayload = ContextIntegritySignalPayloadSchema.parse(
|
|
996
|
+
event.signal_payload
|
|
997
|
+
);
|
|
998
|
+
return buildRawEventRequest(event, signalPayload, "CONTEXT_INTEGRITY");
|
|
980
999
|
};
|
|
1000
|
+
var ModelOutputSignalPayloadSchema = z.object({
|
|
1001
|
+
missing_citations_rate: fraction01Nullable(),
|
|
1002
|
+
citation_rate: fraction01Nullable(),
|
|
1003
|
+
expected_citation_rate: fraction01Nullable(),
|
|
1004
|
+
policy_violations: z.number().int().nonnegative().optional().default(0),
|
|
1005
|
+
policy_violation_rate: fraction01Nullable(),
|
|
1006
|
+
tool_call_inconsistency: fraction01().optional().default(0),
|
|
1007
|
+
tool_inconsistency_rate: fraction01Nullable(),
|
|
1008
|
+
tool_miss_rate: fraction01Nullable(),
|
|
1009
|
+
eval_window_n: z.number().int().min(1).nullable().optional(),
|
|
1010
|
+
hallucination_risk_score: fraction01Nullable(),
|
|
1011
|
+
self_contradiction_score: fraction01Nullable(),
|
|
1012
|
+
grounding_score: fraction01Nullable(),
|
|
1013
|
+
contains_unsupported_claims: z.boolean().optional().default(false)
|
|
1014
|
+
});
|
|
1015
|
+
BaseEventSchema.extend({
|
|
1016
|
+
signal_payload: ModelOutputSignalPayloadSchema
|
|
1017
|
+
});
|
|
1018
|
+
|
|
1019
|
+
// src/v1/builders/model-output-builder.ts
|
|
981
1020
|
var createModelOutputEvent = (event) => {
|
|
982
1021
|
const signalPayload = ModelOutputSignalPayloadSchema.parse(
|
|
983
1022
|
event.signal_payload
|
|
984
1023
|
);
|
|
985
1024
|
return buildRawEventRequest(event, signalPayload, "MODEL_OUTPUT");
|
|
986
1025
|
};
|
|
1026
|
+
var NetworkSignalPayloadSchema = z.object({
|
|
1027
|
+
ip: z.string().nullable().optional(),
|
|
1028
|
+
asn: z.string().nullable().optional(),
|
|
1029
|
+
reputation_score: fraction01Nullable(),
|
|
1030
|
+
threat_score: fraction01Nullable(),
|
|
1031
|
+
is_datacenter: z.boolean().nullable().optional(),
|
|
1032
|
+
is_untrusted_segment: z.boolean().optional().default(false),
|
|
1033
|
+
asn_reputation: fraction01Nullable()
|
|
1034
|
+
});
|
|
1035
|
+
BaseEventSchema.extend({
|
|
1036
|
+
signal_payload: NetworkSignalPayloadSchema
|
|
1037
|
+
});
|
|
1038
|
+
|
|
1039
|
+
// src/v1/builders/network-builder.ts
|
|
1040
|
+
var createNetworkEvent = (event) => {
|
|
1041
|
+
const signalPayload = NetworkSignalPayloadSchema.parse(event.signal_payload);
|
|
1042
|
+
return buildRawEventRequest(event, signalPayload, "NETWORK_EVENT");
|
|
1043
|
+
};
|
|
1044
|
+
|
|
1045
|
+
// src/shared/types/policy-event.ts
|
|
1046
|
+
var POLICY_CATEGORIES = [
|
|
1047
|
+
"SAFETY",
|
|
1048
|
+
"PRIVACY",
|
|
1049
|
+
"SECURITY",
|
|
1050
|
+
"COMPLIANCE",
|
|
1051
|
+
"CONTENT",
|
|
1052
|
+
"OTHER"
|
|
1053
|
+
];
|
|
1054
|
+
var POLICY_RESULTS = ["PASS", "WARN", "FAIL", "BLOCKED"];
|
|
1055
|
+
|
|
1056
|
+
// src/v1/schemas/policy-event.ts
|
|
1057
|
+
var PolicyEventSignalPayloadSchema = z.object({
|
|
1058
|
+
policy_check_name: nonEmptyString(),
|
|
1059
|
+
policy_category: z.enum(POLICY_CATEGORIES),
|
|
1060
|
+
policy_result: z.enum(POLICY_RESULTS),
|
|
1061
|
+
severity: fraction01(),
|
|
1062
|
+
blocked: z.boolean().optional().default(false),
|
|
1063
|
+
violation_count: z.number().int().nonnegative().optional().default(0),
|
|
1064
|
+
policy_confidence: fraction01Nullable(),
|
|
1065
|
+
redaction_applied: z.boolean().optional().default(false)
|
|
1066
|
+
});
|
|
1067
|
+
BaseEventSchema.extend({
|
|
1068
|
+
signal_payload: PolicyEventSignalPayloadSchema
|
|
1069
|
+
});
|
|
1070
|
+
|
|
1071
|
+
// src/v1/builders/policy-event-builder.ts
|
|
1072
|
+
var createPolicyEvent = (event) => {
|
|
1073
|
+
const signalPayload = PolicyEventSignalPayloadSchema.parse(
|
|
1074
|
+
event.signal_payload
|
|
1075
|
+
);
|
|
1076
|
+
return buildRawEventRequest(event, signalPayload, "POLICY_EVENT");
|
|
1077
|
+
};
|
|
1078
|
+
var promptHashSchema = z.string().regex(/^[a-fA-F0-9]{64}$/).optional();
|
|
1079
|
+
var PromptInputSignalPayloadSchema = z.object({
|
|
1080
|
+
prompt_length_chars: z.number().int().nonnegative(),
|
|
1081
|
+
conversation_turn_index: z.number().int().nonnegative(),
|
|
1082
|
+
contains_instruction_override: z.boolean(),
|
|
1083
|
+
contains_tool_request: z.boolean().optional().default(false),
|
|
1084
|
+
contains_secret_request: z.boolean().optional().default(false),
|
|
1085
|
+
contains_policy_challenge: z.boolean().optional().default(false),
|
|
1086
|
+
recursive_pattern_score: fraction01Nullable(),
|
|
1087
|
+
prompt_injection_score: fraction01Nullable(),
|
|
1088
|
+
sensitive_domain: z.boolean().optional().default(false),
|
|
1089
|
+
complexity_score: fraction01Nullable(),
|
|
1090
|
+
prompt_hash: promptHashSchema
|
|
1091
|
+
});
|
|
1092
|
+
BaseEventSchema.extend({
|
|
1093
|
+
signal_payload: PromptInputSignalPayloadSchema
|
|
1094
|
+
});
|
|
1095
|
+
|
|
1096
|
+
// src/v1/builders/prompt-input-builder.ts
|
|
1097
|
+
var createPromptInputEvent = (event) => {
|
|
1098
|
+
const signalPayload = PromptInputSignalPayloadSchema.parse(
|
|
1099
|
+
event.signal_payload
|
|
1100
|
+
);
|
|
1101
|
+
return buildRawEventRequest(event, signalPayload, "PROMPT_INPUT");
|
|
1102
|
+
};
|
|
1103
|
+
var RagRetrievalSignalPayloadSchema = z.object({
|
|
1104
|
+
retriever_id: nonEmptyString(),
|
|
1105
|
+
query_hash: z.string().nullable().optional(),
|
|
1106
|
+
documents_retrieved: z.number().int().nonnegative(),
|
|
1107
|
+
top_k: z.number().int().min(1),
|
|
1108
|
+
average_relevance_score: fraction01(),
|
|
1109
|
+
source_trust_score: fraction01(),
|
|
1110
|
+
lowest_source_trust_score: fraction01Nullable(),
|
|
1111
|
+
untrusted_source_count: z.number().int().nonnegative().optional().default(0),
|
|
1112
|
+
retrieved_context_tokens: z.number().int().nonnegative().optional().default(0),
|
|
1113
|
+
context_injection_score: fraction01().optional().default(0),
|
|
1114
|
+
document_ids: z.array(z.string()).optional().default([])
|
|
1115
|
+
});
|
|
1116
|
+
BaseEventSchema.extend({
|
|
1117
|
+
signal_payload: RagRetrievalSignalPayloadSchema
|
|
1118
|
+
});
|
|
1119
|
+
|
|
1120
|
+
// src/v1/builders/rag-retrieval-builder.ts
|
|
1121
|
+
var createRagRetrievalEvent = (event) => {
|
|
1122
|
+
const signalPayload = RagRetrievalSignalPayloadSchema.parse(
|
|
1123
|
+
event.signal_payload
|
|
1124
|
+
);
|
|
1125
|
+
return buildRawEventRequest(event, signalPayload, "RAG_RETRIEVAL");
|
|
1126
|
+
};
|
|
1127
|
+
|
|
1128
|
+
// src/shared/types/session.ts
|
|
1129
|
+
var SESSION_STATUSES = [
|
|
1130
|
+
"STARTED",
|
|
1131
|
+
"ACTIVE",
|
|
1132
|
+
"ENDED",
|
|
1133
|
+
"TIMEOUT",
|
|
1134
|
+
"ABANDONED"
|
|
1135
|
+
];
|
|
1136
|
+
|
|
1137
|
+
// src/v1/schemas/session.ts
|
|
1138
|
+
var SessionSignalPayloadSchema = z.object({
|
|
1139
|
+
session_status: z.enum(SESSION_STATUSES),
|
|
1140
|
+
session_age_seconds: z.number().nonnegative().optional().default(0),
|
|
1141
|
+
turn_count: z.number().int().nonnegative().optional().default(0),
|
|
1142
|
+
messages_last_minute: z.number().nonnegative().optional().default(0),
|
|
1143
|
+
avg_seconds_between_turns: z.number().nonnegative().nullable().optional(),
|
|
1144
|
+
restart_count_10m: z.number().int().nonnegative().optional().default(0),
|
|
1145
|
+
session_timeout: z.boolean().optional().default(false),
|
|
1146
|
+
abandoned: z.boolean().optional().default(false),
|
|
1147
|
+
conversation_id: z.string().nullable().optional(),
|
|
1148
|
+
user_id: z.string().nullable().optional()
|
|
1149
|
+
});
|
|
1150
|
+
BaseEventSchema.extend({
|
|
1151
|
+
signal_payload: SessionSignalPayloadSchema
|
|
1152
|
+
});
|
|
1153
|
+
|
|
1154
|
+
// src/v1/builders/session-builder.ts
|
|
1155
|
+
var createSessionEvent = (event) => {
|
|
1156
|
+
const signalPayload = SessionSignalPayloadSchema.parse(event.signal_payload);
|
|
1157
|
+
return buildRawEventRequest(event, signalPayload, "SESSION");
|
|
1158
|
+
};
|
|
1159
|
+
var SystemTelemetrySignalPayloadSchema = z.object({
|
|
1160
|
+
metric_name: z.string().nullable().optional(),
|
|
1161
|
+
value: z.number().nullable().optional(),
|
|
1162
|
+
baseline: z.number().nullable().optional(),
|
|
1163
|
+
window_seconds: z.number().int().min(1).nullable().optional(),
|
|
1164
|
+
error_rate: fraction01().optional().default(0),
|
|
1165
|
+
baseline_error_rate: fraction01Nullable(),
|
|
1166
|
+
unusual_auth_rate: fraction01().optional().default(0),
|
|
1167
|
+
firmware_hash_changed: z.boolean().optional().default(false),
|
|
1168
|
+
expected_hash_match: z.boolean().nullable().optional(),
|
|
1169
|
+
sensor_deviation_score: fraction01Nullable()
|
|
1170
|
+
});
|
|
1171
|
+
BaseEventSchema.extend({
|
|
1172
|
+
signal_payload: SystemTelemetrySignalPayloadSchema
|
|
1173
|
+
});
|
|
1174
|
+
|
|
1175
|
+
// src/v1/builders/system-telemetry-builder.ts
|
|
987
1176
|
var createSystemTelemetryEvent = (event) => {
|
|
988
1177
|
const signalPayload = SystemTelemetrySignalPayloadSchema.parse(
|
|
989
1178
|
event.signal_payload
|
|
@@ -991,6 +1180,172 @@ var createSystemTelemetryEvent = (event) => {
|
|
|
991
1180
|
return buildRawEventRequest(event, signalPayload, "SYSTEM_TELEMETRY");
|
|
992
1181
|
};
|
|
993
1182
|
|
|
994
|
-
|
|
1183
|
+
// src/shared/types/tool-call.ts
|
|
1184
|
+
var TOOL_CATEGORIES = [
|
|
1185
|
+
"RETRIEVAL",
|
|
1186
|
+
"DATABASE",
|
|
1187
|
+
"PAYMENT",
|
|
1188
|
+
"MESSAGING",
|
|
1189
|
+
"CODE_EXECUTION",
|
|
1190
|
+
"FILE",
|
|
1191
|
+
"EXTERNAL_API",
|
|
1192
|
+
"OTHER"
|
|
1193
|
+
];
|
|
1194
|
+
|
|
1195
|
+
// src/v1/schemas/tool-call.ts
|
|
1196
|
+
var ToolCallSignalPayloadSchema = z.object({
|
|
1197
|
+
tool_name: nonEmptyString(),
|
|
1198
|
+
tool_category: z.enum(TOOL_CATEGORIES),
|
|
1199
|
+
action: nonEmptyString(),
|
|
1200
|
+
authorized: z.boolean().nullable(),
|
|
1201
|
+
safety_critical: z.boolean(),
|
|
1202
|
+
external_side_effect: z.boolean(),
|
|
1203
|
+
tool_call_success: z.boolean().nullable().optional(),
|
|
1204
|
+
latency_ms: z.number().nonnegative().nullable().optional(),
|
|
1205
|
+
error_code: z.string().nullable().optional(),
|
|
1206
|
+
argument_risk_score: fraction01Nullable(),
|
|
1207
|
+
result_size_bytes: z.number().int().nonnegative().nullable().optional(),
|
|
1208
|
+
records_accessed: z.number().int().nonnegative().optional().default(0),
|
|
1209
|
+
contains_sensitive_data: z.boolean().optional().default(false),
|
|
1210
|
+
action_category: z.string().nullable().optional(),
|
|
1211
|
+
method: z.string().nullable().optional(),
|
|
1212
|
+
sensitive_data_involved: z.boolean().optional().default(false),
|
|
1213
|
+
contains_phi: z.boolean().optional().default(false),
|
|
1214
|
+
sensitive_domain: z.boolean().optional().default(false)
|
|
1215
|
+
});
|
|
1216
|
+
BaseEventSchema.extend({
|
|
1217
|
+
signal_payload: ToolCallSignalPayloadSchema
|
|
1218
|
+
});
|
|
1219
|
+
|
|
1220
|
+
// src/v1/builders/tool-call-builder.ts
|
|
1221
|
+
var createToolCallEvent = (event) => {
|
|
1222
|
+
const signalPayload = ToolCallSignalPayloadSchema.parse(event.signal_payload);
|
|
1223
|
+
return buildRawEventRequest(event, signalPayload, "TOOL_CALL");
|
|
1224
|
+
};
|
|
1225
|
+
var TransactionSignalPayloadSchema = z.object({
|
|
1226
|
+
amount: z.number().nonnegative().default(0),
|
|
1227
|
+
amount_minor: z.number().int().nonnegative().nullable().optional(),
|
|
1228
|
+
amount_usd: z.number().nonnegative().nullable().optional(),
|
|
1229
|
+
currency: z.string().nullable().optional(),
|
|
1230
|
+
merchant_category: z.string().nullable().optional(),
|
|
1231
|
+
merchant_id: z.string().nullable().optional(),
|
|
1232
|
+
channel: z.string().nullable().optional(),
|
|
1233
|
+
country: z.string().nullable().optional(),
|
|
1234
|
+
velocity: z.number().nonnegative().nullable().optional(),
|
|
1235
|
+
external_anomaly_score: z.number().nullable().optional(),
|
|
1236
|
+
geo_distance: z.number().nonnegative().nullable().optional(),
|
|
1237
|
+
geo_distance_km: z.number().nonnegative().nullable().optional(),
|
|
1238
|
+
records_accessed: z.number().int().nonnegative().nullable().optional(),
|
|
1239
|
+
baseline_records_accessed: z.number().int().nonnegative().nullable().optional(),
|
|
1240
|
+
sensitivity_level: z.string().nullable().optional(),
|
|
1241
|
+
export_count: z.number().int().nonnegative().nullable().optional(),
|
|
1242
|
+
bulk_export: z.boolean().optional().default(false),
|
|
1243
|
+
contains_phi: z.boolean().optional().default(false),
|
|
1244
|
+
control_command: z.string().nullable().optional(),
|
|
1245
|
+
authorized: z.boolean().nullable().optional(),
|
|
1246
|
+
safety_critical: z.boolean().optional().default(false)
|
|
1247
|
+
});
|
|
1248
|
+
BaseEventSchema.extend({
|
|
1249
|
+
signal_payload: TransactionSignalPayloadSchema
|
|
1250
|
+
});
|
|
1251
|
+
|
|
1252
|
+
// src/v1/builders/transaction-builder.ts
|
|
1253
|
+
var createTransactionEvent = (event) => {
|
|
1254
|
+
const signalPayload = TransactionSignalPayloadSchema.parse(
|
|
1255
|
+
event.signal_payload
|
|
1256
|
+
);
|
|
1257
|
+
return buildRawEventRequest(event, signalPayload, "TRANSACTION");
|
|
1258
|
+
};
|
|
1259
|
+
|
|
1260
|
+
// src/shared/types/user-feedback.ts
|
|
1261
|
+
var FEEDBACK_TYPES = [
|
|
1262
|
+
"THUMBS_UP",
|
|
1263
|
+
"THUMBS_DOWN",
|
|
1264
|
+
"REPORT",
|
|
1265
|
+
"CORRECTION",
|
|
1266
|
+
"RATING"
|
|
1267
|
+
];
|
|
1268
|
+
var FEEDBACK_ISSUE_TYPES = [
|
|
1269
|
+
"HALLUCINATION",
|
|
1270
|
+
"UNSAFE",
|
|
1271
|
+
"IRRELEVANT",
|
|
1272
|
+
"PRIVACY",
|
|
1273
|
+
"OFFENSIVE",
|
|
1274
|
+
"OTHER"
|
|
1275
|
+
];
|
|
1276
|
+
|
|
1277
|
+
// src/v1/schemas/user-feedback.ts
|
|
1278
|
+
var UserFeedbackSignalPayloadSchema = z.object({
|
|
1279
|
+
feedback_type: z.enum(FEEDBACK_TYPES),
|
|
1280
|
+
rating: z.number().nullable().optional(),
|
|
1281
|
+
reported_issue: z.boolean().optional().default(false),
|
|
1282
|
+
issue_type: z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional(),
|
|
1283
|
+
severity: fraction01Nullable(),
|
|
1284
|
+
response_id: z.string().nullable().optional(),
|
|
1285
|
+
user_comment_hash: z.string().nullable().optional()
|
|
1286
|
+
});
|
|
1287
|
+
BaseEventSchema.extend({
|
|
1288
|
+
signal_payload: UserFeedbackSignalPayloadSchema
|
|
1289
|
+
});
|
|
1290
|
+
|
|
1291
|
+
// src/v1/builders/user-feedback-builder.ts
|
|
1292
|
+
var createUserFeedbackEvent = (event) => {
|
|
1293
|
+
const signalPayload = UserFeedbackSignalPayloadSchema.parse(
|
|
1294
|
+
event.signal_payload
|
|
1295
|
+
);
|
|
1296
|
+
return buildRawEventRequest(event, signalPayload, "USER_FEEDBACK");
|
|
1297
|
+
};
|
|
1298
|
+
|
|
1299
|
+
// src/shared/types/workflow-action.ts
|
|
1300
|
+
var WORKFLOW_ACTION_CATEGORIES = [
|
|
1301
|
+
"FINANCIAL",
|
|
1302
|
+
"DATA_ACCESS",
|
|
1303
|
+
"COMMUNICATION",
|
|
1304
|
+
"ADMIN",
|
|
1305
|
+
"SECURITY",
|
|
1306
|
+
"CODE",
|
|
1307
|
+
"OTHER"
|
|
1308
|
+
];
|
|
1309
|
+
var WORKFLOW_ACTION_STAGES = [
|
|
1310
|
+
"PROPOSED",
|
|
1311
|
+
"PRE_EXECUTION",
|
|
1312
|
+
"EXECUTED",
|
|
1313
|
+
"FAILED",
|
|
1314
|
+
"ROLLED_BACK"
|
|
1315
|
+
];
|
|
1316
|
+
var WORKFLOW_ACTOR_TYPES = ["USER", "AI_AGENT", "SYSTEM"];
|
|
1317
|
+
|
|
1318
|
+
// src/v1/schemas/workflow-action.ts
|
|
1319
|
+
var WorkflowActionSignalPayloadSchema = z.object({
|
|
1320
|
+
workflow_id: nonEmptyString(),
|
|
1321
|
+
workflow_type: nonEmptyString(),
|
|
1322
|
+
action_name: nonEmptyString(),
|
|
1323
|
+
action_category: z.enum(WORKFLOW_ACTION_CATEGORIES),
|
|
1324
|
+
action_stage: z.enum(WORKFLOW_ACTION_STAGES),
|
|
1325
|
+
actor_type: z.enum(WORKFLOW_ACTOR_TYPES),
|
|
1326
|
+
requires_approval: z.boolean().optional().default(false),
|
|
1327
|
+
approval_present: z.boolean().optional().default(false),
|
|
1328
|
+
external_side_effect: z.boolean().nullable().optional(),
|
|
1329
|
+
safety_critical: z.boolean().nullable().optional(),
|
|
1330
|
+
amount_usd: z.number().nonnegative().nullable().optional(),
|
|
1331
|
+
sensitive_data_involved: z.boolean().optional().default(false),
|
|
1332
|
+
new_counterparty: z.boolean().optional().default(false),
|
|
1333
|
+
is_new_vendor: z.boolean().optional().default(false),
|
|
1334
|
+
is_new_recipient: z.boolean().optional().default(false),
|
|
1335
|
+
is_new_endpoint: z.boolean().optional().default(false)
|
|
1336
|
+
});
|
|
1337
|
+
BaseEventSchema.extend({
|
|
1338
|
+
signal_payload: WorkflowActionSignalPayloadSchema
|
|
1339
|
+
});
|
|
1340
|
+
|
|
1341
|
+
// src/v1/builders/workflow-action-builder.ts
|
|
1342
|
+
var createWorkflowActionEvent = (event) => {
|
|
1343
|
+
const signalPayload = WorkflowActionSignalPayloadSchema.parse(
|
|
1344
|
+
event.signal_payload
|
|
1345
|
+
);
|
|
1346
|
+
return buildRawEventRequest(event, signalPayload, "WORKFLOW_ACTION");
|
|
1347
|
+
};
|
|
1348
|
+
|
|
1349
|
+
export { API_REGISTRY, QatiAPIError, QatiAuthError, QatiConfigError, QatiNotFoundError, QatiRateLimitError, QatiSDKError, QatiServerError, RawEventRequestSchema, Session, baseUrlFor, createAnomalyFlagEvent, createApiCallEvent, createAuthEvent, createBehaviorEvent, createContextIntegrityEvent, createModelOutputEvent, createNetworkEvent, createPolicyEvent, createPromptInputEvent, createRagRetrievalEvent, createSessionEvent, createSystemTelemetryEvent, createToolCallEvent, createTransactionEvent, createUserFeedbackEvent, createWorkflowActionEvent, parseQatiConfig, resolveQatiConfig };
|
|
995
1350
|
//# sourceMappingURL=index.js.map
|
|
996
1351
|
//# sourceMappingURL=index.js.map
|