qati-sdk 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -12
- package/dist/index.cjs +268 -155
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +457 -32
- package/dist/index.d.ts +457 -32
- package/dist/index.js +268 -155
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -550,15 +550,3 @@ Transient failures are retried automatically for **`POST /v1/events:batch`** acc
|
|
|
550
550
|
| Errors | `QatiSDKError`, `QatiAPIError`, `QatiAuthError`, `QatiNotFoundError`, `QatiRateLimitError`, `QatiServerError`, `QatiConfigError`. |
|
|
551
551
|
|
|
552
552
|
`HttpClient.request(...)` exists for advanced use; prefer resource methods for application code.
|
|
553
|
-
|
|
554
|
-
## Build (maintainers)
|
|
555
|
-
|
|
556
|
-
From `sdks/typescript/`:
|
|
557
|
-
|
|
558
|
-
```bash
|
|
559
|
-
npm ci
|
|
560
|
-
npm test
|
|
561
|
-
npm run build
|
|
562
|
-
```
|
|
563
|
-
|
|
564
|
-
Outputs land in `dist/` (ESM + CJS + declarations).
|
package/dist/index.cjs
CHANGED
|
@@ -640,7 +640,7 @@ var TrustStateResource = class {
|
|
|
640
640
|
/**
|
|
641
641
|
* Fetches the latest trust state for one entity.
|
|
642
642
|
*
|
|
643
|
-
* @param entityType - Lowercase entity class
|
|
643
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
644
644
|
* @param entityId - Id for the entity(Required)
|
|
645
645
|
* @param options - Optional contributor limits/window.
|
|
646
646
|
* @returns {@link TrustState} including `current_closure_score`, `risk_tier`, and `top_contributors`.
|
|
@@ -661,7 +661,7 @@ var TrustStateResource = class {
|
|
|
661
661
|
/**
|
|
662
662
|
* Fetches trust states for many entities in one request.
|
|
663
663
|
*
|
|
664
|
-
* @param entityType - Lowercase entity class
|
|
664
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
665
665
|
* @param entityIds - Distinct ids to query. Prefer length ≤ 100 or the server may reject the request.
|
|
666
666
|
* @param options - Optional contributor limits/window.
|
|
667
667
|
* @returns Array of {@link TrustState} in server-defined order; empty array when `entityIds` is empty.
|
|
@@ -828,8 +828,13 @@ var EventPrincipalSchema = zod.z.object({
|
|
|
828
828
|
device_id: zod.z.string().min(1).optional(),
|
|
829
829
|
session_id: zod.z.string().min(1).optional(),
|
|
830
830
|
model_id: zod.z.string().min(1).optional(),
|
|
831
|
-
service_id: zod.z.string().min(1).optional()
|
|
832
|
-
|
|
831
|
+
service_id: zod.z.string().min(1).optional(),
|
|
832
|
+
conversation_id: zod.z.string().min(1).optional(),
|
|
833
|
+
document_id: zod.z.string().min(1).optional(),
|
|
834
|
+
tool_id: zod.z.string().min(1).optional(),
|
|
835
|
+
workflow_id: zod.z.string().min(1).optional(),
|
|
836
|
+
api_key_id: zod.z.string().min(1).optional()
|
|
837
|
+
}).strict();
|
|
833
838
|
|
|
834
839
|
// src/v1/schemas/raw-event.ts
|
|
835
840
|
var BaseEventSchema = zod.z.object({
|
|
@@ -898,20 +903,26 @@ var HTTP_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE"];
|
|
|
898
903
|
|
|
899
904
|
// src/v1/schemas/api-call.ts
|
|
900
905
|
var ApiCallSignalPayloadSchema = zod.z.object({
|
|
901
|
-
service_id: nonEmptyString(),
|
|
902
|
-
endpoint: nonEmptyString(),
|
|
903
|
-
method: zod.z.enum(HTTP_METHODS),
|
|
904
|
-
status_code: zod.z.number().int().min(100).max(599),
|
|
905
|
-
authorized: zod.z.boolean().nullable()
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
|
|
910
|
-
|
|
911
|
-
|
|
912
|
-
|
|
913
|
-
|
|
914
|
-
|
|
906
|
+
service_id: nonEmptyString().describe("Target service identifier."),
|
|
907
|
+
endpoint: nonEmptyString().describe("API route path."),
|
|
908
|
+
method: zod.z.enum(HTTP_METHODS).describe("HTTP method: GET, POST, PUT, PATCH, or DELETE."),
|
|
909
|
+
status_code: zod.z.number().int().min(100).max(599).describe("HTTP response status code."),
|
|
910
|
+
authorized: zod.z.boolean().nullable().describe(
|
|
911
|
+
"Whether the call was authorized; null means authorization is unknown."
|
|
912
|
+
),
|
|
913
|
+
authentication_present: zod.z.boolean().nullable().optional().describe(
|
|
914
|
+
"Whether authentication credentials were present when known."
|
|
915
|
+
),
|
|
916
|
+
rate_limited: zod.z.boolean().nullable().optional().describe("Whether the call was rate limited when known."),
|
|
917
|
+
external_side_effect: zod.z.boolean().nullable().optional().describe(
|
|
918
|
+
"Whether the call modifies state outside the caller context when known."
|
|
919
|
+
),
|
|
920
|
+
records_returned: zod.z.number().int().nonnegative().nullable().optional().describe("Number of records returned when available."),
|
|
921
|
+
records_modified: zod.z.number().int().nonnegative().nullable().optional().describe("Number of records modified when available."),
|
|
922
|
+
contains_sensitive_data: zod.z.boolean().nullable().optional().describe("Whether sensitive data was involved when known."),
|
|
923
|
+
latency_ms: zod.z.number().nonnegative().nullable().optional().describe("API latency in milliseconds when available."),
|
|
924
|
+
retry_count: zod.z.number().int().nonnegative().nullable().optional().describe("Number of retry attempts when available."),
|
|
925
|
+
api_key_id: zod.z.string().nullable().optional().describe("API key identifier used for the call when applicable.")
|
|
915
926
|
});
|
|
916
927
|
BaseEventSchema.extend({
|
|
917
928
|
signal_payload: ApiCallSignalPayloadSchema
|
|
@@ -923,16 +934,16 @@ var createApiCallEvent = (event) => {
|
|
|
923
934
|
return buildRawEventRequest(event, signalPayload, "API_CALL");
|
|
924
935
|
};
|
|
925
936
|
var AuthSignalPayloadSchema = zod.z.object({
|
|
926
|
-
result: zod.z.string().nullable().optional(),
|
|
927
|
-
auth_method: zod.z.string().nullable().optional(),
|
|
928
|
-
mfa_used: zod.z.boolean().nullable().optional(),
|
|
937
|
+
result: zod.z.string().nullable().optional().describe("Auth result (SUCCESS, FAILURE)"),
|
|
938
|
+
auth_method: zod.z.string().nullable().optional().describe("Auth method (PASSWORD, MFA_TOTP, etc.)"),
|
|
939
|
+
mfa_used: zod.z.boolean().nullable().optional().describe("Whether MFA was used"),
|
|
929
940
|
mfa_bypassed: zod.z.boolean().optional().default(false),
|
|
930
941
|
failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
|
|
931
942
|
ip: zod.z.string().nullable().optional(),
|
|
932
|
-
country: zod.z.string().nullable().optional(),
|
|
943
|
+
country: zod.z.string().nullable().optional().describe("ISO 3166-1 alpha-2 country code"),
|
|
933
944
|
user_agent: zod.z.string().nullable().optional(),
|
|
934
945
|
unusual_location: zod.z.boolean().optional().default(false),
|
|
935
|
-
after_hours_login: zod.z.boolean().optional().default(false)
|
|
946
|
+
after_hours_login: zod.z.boolean().optional().default(false).describe("Login outside normal business hours")
|
|
936
947
|
});
|
|
937
948
|
BaseEventSchema.extend({
|
|
938
949
|
signal_payload: AuthSignalPayloadSchema
|
|
@@ -968,24 +979,50 @@ var CONTEXT_SOURCES = [
|
|
|
968
979
|
|
|
969
980
|
// src/v1/schemas/context-integrity.ts
|
|
970
981
|
var ContextIntegritySignalPayloadSchema = zod.z.object({
|
|
971
|
-
context_source: zod.z.enum(CONTEXT_SOURCES)
|
|
972
|
-
|
|
973
|
-
|
|
974
|
-
|
|
975
|
-
|
|
976
|
-
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
|
|
983
|
-
|
|
984
|
-
|
|
985
|
-
|
|
986
|
-
|
|
987
|
-
|
|
988
|
-
|
|
982
|
+
context_source: zod.z.enum(CONTEXT_SOURCES).describe(
|
|
983
|
+
"Origin of the evaluated context: CONVERSATION_HISTORY, RETRIEVED_DOCUMENT, TOOL_OUTPUT, SYSTEM, DEVELOPER, or USER."
|
|
984
|
+
),
|
|
985
|
+
instruction_conflict_detected: zod.z.boolean().describe("Whether conflicting instructions were detected in context."),
|
|
986
|
+
untrusted_instruction_detected: zod.z.boolean().describe(
|
|
987
|
+
"Whether an untrusted source contains instruction-like text."
|
|
988
|
+
),
|
|
989
|
+
context_priority_violation: zod.z.boolean().describe(
|
|
990
|
+
"Whether lower-priority context attempts to override higher-priority context."
|
|
991
|
+
),
|
|
992
|
+
recursive_instruction_pattern: zod.z.boolean().optional().default(false).describe("Whether the context contains a loop or recursive instruction."),
|
|
993
|
+
context_drift_score: fraction01Nullable().describe(
|
|
994
|
+
"0\u20131 context drift score when available."
|
|
995
|
+
),
|
|
996
|
+
system_prompt_conflict_score: fraction01Nullable().describe(
|
|
997
|
+
"0\u20131 conflict with system prompt intent when available."
|
|
998
|
+
),
|
|
999
|
+
developer_prompt_conflict_score: fraction01Nullable().describe(
|
|
1000
|
+
"0\u20131 conflict with developer prompt intent when available."
|
|
1001
|
+
),
|
|
1002
|
+
retrieved_instruction_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of instruction-like snippets in retrieved context."),
|
|
1003
|
+
hidden_instruction_score: fraction01Nullable().describe(
|
|
1004
|
+
"0\u20131 likelihood of hidden instructions when available."
|
|
1005
|
+
),
|
|
1006
|
+
source_document_id: zod.z.string().nullable().optional().describe("Related document identifier when applicable."),
|
|
1007
|
+
untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0).describe(
|
|
1008
|
+
"Count of untrusted sources; contributes to untrusted-instruction detection."
|
|
1009
|
+
),
|
|
1010
|
+
source_trust_score: fraction01Nullable().describe(
|
|
1011
|
+
"0\u20131 trust score for the context source when available."
|
|
1012
|
+
),
|
|
1013
|
+
lowest_source_trust_score: fraction01Nullable().describe(
|
|
1014
|
+
"0\u20131 lowest trust score among sources when available."
|
|
1015
|
+
),
|
|
1016
|
+
recursive_pattern_score: fraction01Nullable().describe(
|
|
1017
|
+
"0\u20131 recursive pattern score when available."
|
|
1018
|
+
),
|
|
1019
|
+
prompt_injection_score: fraction01Nullable().describe(
|
|
1020
|
+
"0\u20131 prompt injection score when available; omit if unknown."
|
|
1021
|
+
),
|
|
1022
|
+
contains_instruction_override: zod.z.boolean().optional().default(false).describe("Whether the context contains an instruction override."),
|
|
1023
|
+
context_injection_score: fraction01Nullable().describe(
|
|
1024
|
+
"0\u20131 context injection score when available; omit if unknown."
|
|
1025
|
+
)
|
|
989
1026
|
});
|
|
990
1027
|
BaseEventSchema.extend({
|
|
991
1028
|
signal_payload: ContextIntegritySignalPayloadSchema
|
|
@@ -1001,17 +1038,29 @@ var createContextIntegrityEvent = (event) => {
|
|
|
1001
1038
|
var ModelOutputSignalPayloadSchema = zod.z.object({
|
|
1002
1039
|
missing_citations_rate: fraction01Nullable(),
|
|
1003
1040
|
citation_rate: fraction01Nullable(),
|
|
1004
|
-
expected_citation_rate: fraction01Nullable()
|
|
1005
|
-
|
|
1041
|
+
expected_citation_rate: fraction01Nullable().describe(
|
|
1042
|
+
"Baseline or policy-expected citation rate (use with citation_rate)"
|
|
1043
|
+
),
|
|
1044
|
+
policy_violations: zod.z.number().int().nonnegative().optional().default(0).describe("Count of policy violations when available."),
|
|
1006
1045
|
policy_violation_rate: fraction01Nullable(),
|
|
1007
1046
|
tool_call_inconsistency: fraction01().optional().default(0),
|
|
1008
|
-
tool_inconsistency_rate: fraction01Nullable()
|
|
1047
|
+
tool_inconsistency_rate: fraction01Nullable().describe(
|
|
1048
|
+
"Rate of inconsistent tool calls in the eval window"
|
|
1049
|
+
),
|
|
1009
1050
|
tool_miss_rate: fraction01Nullable(),
|
|
1010
|
-
eval_window_n: zod.z.number().int().min(1).nullable().optional(),
|
|
1011
|
-
hallucination_risk_score: fraction01Nullable()
|
|
1012
|
-
|
|
1013
|
-
|
|
1014
|
-
|
|
1051
|
+
eval_window_n: zod.z.number().int().min(1).nullable().optional().describe("Evaluation window size"),
|
|
1052
|
+
hallucination_risk_score: fraction01Nullable().describe(
|
|
1053
|
+
"0\u20131 hallucination risk when available; omit if unknown."
|
|
1054
|
+
),
|
|
1055
|
+
self_contradiction_score: fraction01Nullable().describe(
|
|
1056
|
+
"0\u20131 self-contradiction score when available; omit if unknown."
|
|
1057
|
+
),
|
|
1058
|
+
grounding_score: fraction01Nullable().describe(
|
|
1059
|
+
"0\u20131 grounding score when available; omit if unknown."
|
|
1060
|
+
),
|
|
1061
|
+
contains_unsupported_claims: zod.z.boolean().optional().default(false).describe(
|
|
1062
|
+
"Whether the output contains unsupported claims; confirm with clients."
|
|
1063
|
+
)
|
|
1015
1064
|
});
|
|
1016
1065
|
BaseEventSchema.extend({
|
|
1017
1066
|
signal_payload: ModelOutputSignalPayloadSchema
|
|
@@ -1030,8 +1079,10 @@ var NetworkSignalPayloadSchema = zod.z.object({
|
|
|
1030
1079
|
reputation_score: fraction01Nullable(),
|
|
1031
1080
|
threat_score: fraction01Nullable(),
|
|
1032
1081
|
is_datacenter: zod.z.boolean().nullable().optional(),
|
|
1033
|
-
is_untrusted_segment: zod.z.boolean().optional().default(false),
|
|
1034
|
-
asn_reputation: fraction01Nullable()
|
|
1082
|
+
is_untrusted_segment: zod.z.boolean().optional().default(false).describe("Traffic originated from an untrusted network segment"),
|
|
1083
|
+
asn_reputation: fraction01Nullable().describe(
|
|
1084
|
+
"Reputation score for the origin ASN (0\u20131, higher is more trusted)"
|
|
1085
|
+
)
|
|
1035
1086
|
});
|
|
1036
1087
|
BaseEventSchema.extend({
|
|
1037
1088
|
signal_payload: NetworkSignalPayloadSchema
|
|
@@ -1056,14 +1107,18 @@ var POLICY_RESULTS = ["PASS", "WARN", "FAIL", "BLOCKED"];
|
|
|
1056
1107
|
|
|
1057
1108
|
// src/v1/schemas/policy-event.ts
|
|
1058
1109
|
var PolicyEventSignalPayloadSchema = zod.z.object({
|
|
1059
|
-
policy_check_name: nonEmptyString(),
|
|
1060
|
-
policy_category: zod.z.enum(POLICY_CATEGORIES)
|
|
1061
|
-
|
|
1062
|
-
|
|
1063
|
-
|
|
1064
|
-
|
|
1065
|
-
|
|
1066
|
-
|
|
1110
|
+
policy_check_name: nonEmptyString().describe("Name of the policy check."),
|
|
1111
|
+
policy_category: zod.z.enum(POLICY_CATEGORIES).describe(
|
|
1112
|
+
"Policy domain: SAFETY, PRIVACY, SECURITY, COMPLIANCE, CONTENT, or OTHER."
|
|
1113
|
+
),
|
|
1114
|
+
policy_result: zod.z.enum(POLICY_RESULTS).describe("Policy check result: PASS, WARN, FAIL, or BLOCKED."),
|
|
1115
|
+
severity: fraction01().describe("0\u20131 policy event severity."),
|
|
1116
|
+
blocked: zod.z.boolean().optional().default(false).describe("Whether the action or output was blocked."),
|
|
1117
|
+
violation_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of policy violations when available."),
|
|
1118
|
+
policy_confidence: fraction01Nullable().describe(
|
|
1119
|
+
"0\u20131 policy classifier confidence when available."
|
|
1120
|
+
),
|
|
1121
|
+
redaction_applied: zod.z.boolean().optional().default(false).describe("Whether content was redacted.")
|
|
1067
1122
|
});
|
|
1068
1123
|
BaseEventSchema.extend({
|
|
1069
1124
|
signal_payload: PolicyEventSignalPayloadSchema
|
|
@@ -1076,18 +1131,30 @@ var createPolicyEvent = (event) => {
|
|
|
1076
1131
|
);
|
|
1077
1132
|
return buildRawEventRequest(event, signalPayload, "POLICY_EVENT");
|
|
1078
1133
|
};
|
|
1079
|
-
var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional();
|
|
1134
|
+
var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional().describe("Optional SHA-256 hash of prompt text (64 hex characters).");
|
|
1080
1135
|
var PromptInputSignalPayloadSchema = zod.z.object({
|
|
1081
|
-
prompt_length_chars: zod.z.number().int().nonnegative(),
|
|
1082
|
-
conversation_turn_index: zod.z.number().int().nonnegative(),
|
|
1083
|
-
contains_instruction_override: zod.z.boolean()
|
|
1084
|
-
|
|
1085
|
-
|
|
1086
|
-
|
|
1087
|
-
|
|
1088
|
-
|
|
1089
|
-
|
|
1090
|
-
|
|
1136
|
+
prompt_length_chars: zod.z.number().int().nonnegative().describe("Prompt size in characters."),
|
|
1137
|
+
conversation_turn_index: zod.z.number().int().nonnegative().describe("Turn number in the conversation."),
|
|
1138
|
+
contains_instruction_override: zod.z.boolean().describe(
|
|
1139
|
+
"Whether the prompt tries to override prior rules or instructions."
|
|
1140
|
+
),
|
|
1141
|
+
contains_tool_request: zod.z.boolean().optional().default(false).describe("Whether the prompt requests tool or API execution."),
|
|
1142
|
+
contains_secret_request: zod.z.boolean().optional().default(false).describe(
|
|
1143
|
+
"Whether the prompt requests hidden or confidential information."
|
|
1144
|
+
),
|
|
1145
|
+
contains_policy_challenge: zod.z.boolean().optional().default(false).describe("Whether the prompt challenges rules, safety, or policy."),
|
|
1146
|
+
recursive_pattern_score: fraction01Nullable().describe(
|
|
1147
|
+
"0\u20131 recursive or looping structure score; omit or null to treat as 0.0."
|
|
1148
|
+
),
|
|
1149
|
+
prompt_injection_score: fraction01Nullable().describe(
|
|
1150
|
+
"0\u20131 prompt-injection likelihood score; omit or null to treat as 0.0."
|
|
1151
|
+
),
|
|
1152
|
+
sensitive_domain: zod.z.boolean().optional().default(false).describe(
|
|
1153
|
+
"Whether the prompt targets a sensitive domain (finance, health, legal, cybersecurity, etc.)."
|
|
1154
|
+
),
|
|
1155
|
+
complexity_score: fraction01Nullable().describe(
|
|
1156
|
+
"0\u20131 prompt complexity or ambiguity score; omit or null to treat as 0.0."
|
|
1157
|
+
),
|
|
1091
1158
|
prompt_hash: promptHashSchema
|
|
1092
1159
|
});
|
|
1093
1160
|
BaseEventSchema.extend({
|
|
@@ -1102,17 +1169,25 @@ var createPromptInputEvent = (event) => {
|
|
|
1102
1169
|
return buildRawEventRequest(event, signalPayload, "PROMPT_INPUT");
|
|
1103
1170
|
};
|
|
1104
1171
|
var RagRetrievalSignalPayloadSchema = zod.z.object({
|
|
1105
|
-
retriever_id: nonEmptyString(),
|
|
1106
|
-
query_hash: zod.z.string().nullable().optional(),
|
|
1107
|
-
documents_retrieved: zod.z.number().int().nonnegative(),
|
|
1108
|
-
top_k: zod.z.number().int().min(1),
|
|
1109
|
-
average_relevance_score: fraction01()
|
|
1110
|
-
|
|
1111
|
-
|
|
1112
|
-
|
|
1113
|
-
|
|
1114
|
-
|
|
1115
|
-
|
|
1172
|
+
retriever_id: nonEmptyString().describe("Retriever service identifier."),
|
|
1173
|
+
query_hash: zod.z.string().nullable().optional().describe("Hash of the retrieval query when available."),
|
|
1174
|
+
documents_retrieved: zod.z.number().int().nonnegative().describe("Number of documents retrieved."),
|
|
1175
|
+
top_k: zod.z.number().int().min(1).describe("Requested top-k document count."),
|
|
1176
|
+
average_relevance_score: fraction01().describe(
|
|
1177
|
+
"0\u20131 average relevance score across retrieved documents."
|
|
1178
|
+
),
|
|
1179
|
+
source_trust_score: fraction01().describe(
|
|
1180
|
+
"0\u20131 average trust score across retrieved sources."
|
|
1181
|
+
),
|
|
1182
|
+
lowest_source_trust_score: fraction01Nullable().describe(
|
|
1183
|
+
"0\u20131 weakest source trust score when available."
|
|
1184
|
+
),
|
|
1185
|
+
untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of low-trust or untrusted retrieved sources."),
|
|
1186
|
+
retrieved_context_tokens: zod.z.number().int().nonnegative().optional().default(0).describe("Total retrieved context token count when available."),
|
|
1187
|
+
context_injection_score: fraction01().optional().default(0).describe(
|
|
1188
|
+
"0\u20131 context injection risk score; use 0.0 when unavailable."
|
|
1189
|
+
),
|
|
1190
|
+
document_ids: zod.z.array(zod.z.string()).optional().default([]).describe("Identifiers for retrieved documents when available.")
|
|
1116
1191
|
});
|
|
1117
1192
|
BaseEventSchema.extend({
|
|
1118
1193
|
signal_payload: RagRetrievalSignalPayloadSchema
|
|
@@ -1137,16 +1212,18 @@ var SESSION_STATUSES = [
|
|
|
1137
1212
|
|
|
1138
1213
|
// src/v1/schemas/session.ts
|
|
1139
1214
|
var SessionSignalPayloadSchema = zod.z.object({
|
|
1140
|
-
session_status: zod.z.enum(SESSION_STATUSES)
|
|
1141
|
-
|
|
1142
|
-
|
|
1143
|
-
|
|
1144
|
-
|
|
1145
|
-
|
|
1146
|
-
|
|
1147
|
-
|
|
1148
|
-
|
|
1149
|
-
|
|
1215
|
+
session_status: zod.z.enum(SESSION_STATUSES).describe(
|
|
1216
|
+
"Session lifecycle status: STARTED, ACTIVE, ENDED, TIMEOUT, or ABANDONED."
|
|
1217
|
+
),
|
|
1218
|
+
session_age_seconds: zod.z.number().nonnegative().optional().default(0).describe("Current duration of the session in seconds."),
|
|
1219
|
+
turn_count: zod.z.number().int().nonnegative().optional().default(0).describe("Number of user/model turns in the session."),
|
|
1220
|
+
messages_last_minute: zod.z.number().nonnegative().optional().default(0).describe("Prompt or message rate over the last minute."),
|
|
1221
|
+
avg_seconds_between_turns: zod.z.number().nonnegative().nullable().optional().describe("Average interaction cadence between turns in seconds."),
|
|
1222
|
+
restart_count_10m: zod.z.number().int().nonnegative().optional().default(0).describe("How often the user restarted sessions in the last 10 minutes."),
|
|
1223
|
+
session_timeout: zod.z.boolean().optional().default(false).describe("Whether the session ended due to a timeout."),
|
|
1224
|
+
abandoned: zod.z.boolean().optional().default(false).describe("Whether the session ended abruptly without a clean close."),
|
|
1225
|
+
conversation_id: zod.z.string().nullable().optional().describe("Related conversation identifier when available."),
|
|
1226
|
+
user_id: zod.z.string().nullable().optional().describe("Related user identifier when available.")
|
|
1150
1227
|
});
|
|
1151
1228
|
BaseEventSchema.extend({
|
|
1152
1229
|
signal_payload: SessionSignalPayloadSchema
|
|
@@ -1163,11 +1240,19 @@ var SystemTelemetrySignalPayloadSchema = zod.z.object({
|
|
|
1163
1240
|
baseline: zod.z.number().nullable().optional(),
|
|
1164
1241
|
window_seconds: zod.z.number().int().min(1).nullable().optional(),
|
|
1165
1242
|
error_rate: fraction01().optional().default(0),
|
|
1166
|
-
baseline_error_rate: fraction01Nullable()
|
|
1243
|
+
baseline_error_rate: fraction01Nullable().describe(
|
|
1244
|
+
"Expected or steady-state error rate (excess over this drives impact)"
|
|
1245
|
+
),
|
|
1167
1246
|
unusual_auth_rate: fraction01().optional().default(0),
|
|
1168
|
-
firmware_hash_changed: zod.z.boolean().optional().default(false)
|
|
1169
|
-
|
|
1170
|
-
|
|
1247
|
+
firmware_hash_changed: zod.z.boolean().optional().default(false).describe(
|
|
1248
|
+
"Device or component firmware hash differs from prior observation"
|
|
1249
|
+
),
|
|
1250
|
+
expected_hash_match: zod.z.boolean().nullable().optional().describe(
|
|
1251
|
+
"True if hash matched expected; False if mismatch; omit if unknown"
|
|
1252
|
+
),
|
|
1253
|
+
sensor_deviation_score: fraction01Nullable().describe(
|
|
1254
|
+
"Normalized deviation of sensor readings from baseline"
|
|
1255
|
+
)
|
|
1171
1256
|
});
|
|
1172
1257
|
BaseEventSchema.extend({
|
|
1173
1258
|
signal_payload: SystemTelemetrySignalPayloadSchema
|
|
@@ -1195,24 +1280,38 @@ var TOOL_CATEGORIES = [
|
|
|
1195
1280
|
|
|
1196
1281
|
// src/v1/schemas/tool-call.ts
|
|
1197
1282
|
var ToolCallSignalPayloadSchema = zod.z.object({
|
|
1198
|
-
tool_name: nonEmptyString(),
|
|
1199
|
-
tool_category: zod.z.enum(TOOL_CATEGORIES)
|
|
1200
|
-
|
|
1201
|
-
|
|
1202
|
-
|
|
1203
|
-
|
|
1204
|
-
|
|
1205
|
-
|
|
1206
|
-
|
|
1207
|
-
|
|
1208
|
-
|
|
1209
|
-
|
|
1210
|
-
|
|
1211
|
-
|
|
1212
|
-
|
|
1213
|
-
|
|
1214
|
-
|
|
1215
|
-
|
|
1283
|
+
tool_name: nonEmptyString().describe("Tool identifier."),
|
|
1284
|
+
tool_category: zod.z.enum(TOOL_CATEGORIES).describe(
|
|
1285
|
+
"Tool category: RETRIEVAL, DATABASE, PAYMENT, MESSAGING, CODE_EXECUTION, FILE, EXTERNAL_API, or OTHER."
|
|
1286
|
+
),
|
|
1287
|
+
action: nonEmptyString().describe("Action attempted by the tool call."),
|
|
1288
|
+
authorized: zod.z.boolean().nullable().describe(
|
|
1289
|
+
"Whether policy allowed the tool call; null means authorization is unknown."
|
|
1290
|
+
),
|
|
1291
|
+
safety_critical: zod.z.boolean().describe("Whether the call can create serious consequences."),
|
|
1292
|
+
external_side_effect: zod.z.boolean().describe(
|
|
1293
|
+
"Whether the action changes state outside the model context."
|
|
1294
|
+
),
|
|
1295
|
+
tool_call_success: zod.z.boolean().nullable().optional().describe("Whether the tool call succeeded when known."),
|
|
1296
|
+
latency_ms: zod.z.number().nonnegative().nullable().optional().describe("Tool latency in milliseconds when available."),
|
|
1297
|
+
error_code: zod.z.string().nullable().optional().describe("Error code when the tool call failed."),
|
|
1298
|
+
argument_risk_score: fraction01Nullable().describe(
|
|
1299
|
+
"0\u20131 risk score for tool call arguments when available."
|
|
1300
|
+
),
|
|
1301
|
+
result_size_bytes: zod.z.number().int().nonnegative().nullable().optional().describe("Size of returned data in bytes when available."),
|
|
1302
|
+
records_accessed: zod.z.number().int().nonnegative().optional().default(0).describe("Number of records touched by the call when available."),
|
|
1303
|
+
contains_sensitive_data: zod.z.boolean().optional().default(false).describe("Whether sensitive data was returned or touched."),
|
|
1304
|
+
action_category: zod.z.string().nullable().optional().describe(
|
|
1305
|
+
"Risk category for the attempted action (e.g. SECURITY, CODE, FINANCIAL, ADMIN) when available."
|
|
1306
|
+
),
|
|
1307
|
+
method: zod.z.string().nullable().optional().describe("HTTP or RPC method for the tool call when applicable."),
|
|
1308
|
+
sensitive_data_involved: zod.z.boolean().optional().default(false).describe(
|
|
1309
|
+
"Whether sensitive data was involved in the request or result."
|
|
1310
|
+
),
|
|
1311
|
+
contains_phi: zod.z.boolean().optional().default(false).describe(
|
|
1312
|
+
"Whether protected health information was returned or touched."
|
|
1313
|
+
),
|
|
1314
|
+
sensitive_domain: zod.z.boolean().optional().default(false).describe("Whether the tool call applies to a sensitive domain.")
|
|
1216
1315
|
});
|
|
1217
1316
|
BaseEventSchema.extend({
|
|
1218
1317
|
signal_payload: ToolCallSignalPayloadSchema
|
|
@@ -1224,27 +1323,29 @@ var createToolCallEvent = (event) => {
|
|
|
1224
1323
|
return buildRawEventRequest(event, signalPayload, "TOOL_CALL");
|
|
1225
1324
|
};
|
|
1226
1325
|
var TransactionSignalPayloadSchema = zod.z.object({
|
|
1227
|
-
amount: zod.z.number().nonnegative().default(0),
|
|
1228
|
-
amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1229
|
-
amount_usd: zod.z.number().nonnegative().nullable().optional(),
|
|
1230
|
-
currency: zod.z.string().nullable().optional(),
|
|
1326
|
+
amount: zod.z.number().nonnegative().default(0).describe("Transaction amount in base currency"),
|
|
1327
|
+
amount_minor: zod.z.number().int().nonnegative().nullable().optional().describe("Transaction amount in minor units (e.g. cents)"),
|
|
1328
|
+
amount_usd: zod.z.number().nonnegative().nullable().optional().describe("Transaction amount normalized to USD"),
|
|
1329
|
+
currency: zod.z.string().nullable().optional().describe("ISO 4217 currency code"),
|
|
1231
1330
|
merchant_category: zod.z.string().nullable().optional(),
|
|
1232
1331
|
merchant_id: zod.z.string().nullable().optional(),
|
|
1233
|
-
channel: zod.z.string().nullable().optional(),
|
|
1234
|
-
country: zod.z.string().nullable().optional(),
|
|
1235
|
-
velocity: zod.z.number().nonnegative().nullable().optional(),
|
|
1236
|
-
external_anomaly_score: zod.z.number().nullable().optional()
|
|
1237
|
-
|
|
1238
|
-
|
|
1239
|
-
|
|
1240
|
-
|
|
1241
|
-
|
|
1242
|
-
|
|
1243
|
-
|
|
1244
|
-
|
|
1245
|
-
|
|
1246
|
-
|
|
1247
|
-
|
|
1332
|
+
channel: zod.z.string().nullable().optional().describe("Transaction channel (WEB, MOBILE, ECOM)"),
|
|
1333
|
+
country: zod.z.string().nullable().optional().describe("ISO 3166-1 alpha-2 country code"),
|
|
1334
|
+
velocity: zod.z.number().nonnegative().nullable().optional().describe("Transactions per minute"),
|
|
1335
|
+
external_anomaly_score: zod.z.number().nullable().optional().describe(
|
|
1336
|
+
"Externally supplied anomaly score. When present, bypasses the internal extraction formula and is used directly as raw_value."
|
|
1337
|
+
),
|
|
1338
|
+
geo_distance: zod.z.number().nonnegative().nullable().optional().describe("Distance in km from usual location"),
|
|
1339
|
+
geo_distance_km: zod.z.number().nonnegative().nullable().optional().describe("Distance in km from usual location"),
|
|
1340
|
+
records_accessed: zod.z.number().int().nonnegative().nullable().optional().describe("Count of records touched in this transaction"),
|
|
1341
|
+
baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional().describe("Typical or policy baseline record count for comparison"),
|
|
1342
|
+
sensitivity_level: zod.z.string().nullable().optional().describe("Data sensitivity (e.g. LOW, MEDIUM, HIGH)"),
|
|
1343
|
+
export_count: zod.z.number().int().nonnegative().nullable().optional().describe("Number of export operations"),
|
|
1344
|
+
bulk_export: zod.z.boolean().optional().default(false).describe("Whether this is a bulk export"),
|
|
1345
|
+
contains_phi: zod.z.boolean().optional().default(false).describe("Whether exported or accessed data includes PHI"),
|
|
1346
|
+
control_command: zod.z.string().nullable().optional().describe("Issued control or OT command (e.g. VALVE_OPEN)"),
|
|
1347
|
+
authorized: zod.z.boolean().nullable().optional().describe("Whether the action was authorized; omit if unknown"),
|
|
1348
|
+
safety_critical: zod.z.boolean().optional().default(false).describe("Whether the transaction affects safety-critical systems")
|
|
1248
1349
|
});
|
|
1249
1350
|
BaseEventSchema.extend({
|
|
1250
1351
|
signal_payload: TransactionSignalPayloadSchema
|
|
@@ -1277,13 +1378,19 @@ var FEEDBACK_ISSUE_TYPES = [
|
|
|
1277
1378
|
|
|
1278
1379
|
// src/v1/schemas/user-feedback.ts
|
|
1279
1380
|
var UserFeedbackSignalPayloadSchema = zod.z.object({
|
|
1280
|
-
feedback_type: zod.z.enum(FEEDBACK_TYPES)
|
|
1281
|
-
|
|
1282
|
-
|
|
1283
|
-
|
|
1284
|
-
|
|
1285
|
-
|
|
1286
|
-
|
|
1381
|
+
feedback_type: zod.z.enum(FEEDBACK_TYPES).describe(
|
|
1382
|
+
"User feedback category: THUMBS_UP, THUMBS_DOWN, REPORT, CORRECTION, or RATING."
|
|
1383
|
+
),
|
|
1384
|
+
rating: zod.z.number().nullable().optional().describe("Optional rating in [-1, 1] or on a 1\u20135 scale."),
|
|
1385
|
+
reported_issue: zod.z.boolean().optional().default(false).describe("Whether the user reported a problem."),
|
|
1386
|
+
issue_type: zod.z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional().describe(
|
|
1387
|
+
"Category of the reported issue: hallucination, unsafe, irrelevant, privacy, offensive, or other."
|
|
1388
|
+
),
|
|
1389
|
+
severity: fraction01Nullable().describe(
|
|
1390
|
+
"0\u20131 user-reported severity when available."
|
|
1391
|
+
),
|
|
1392
|
+
response_id: zod.z.string().nullable().optional().describe("Identifier of the response being evaluated."),
|
|
1393
|
+
user_comment_hash: zod.z.string().nullable().optional().describe("Hash of optional user comment when available.")
|
|
1287
1394
|
});
|
|
1288
1395
|
BaseEventSchema.extend({
|
|
1289
1396
|
signal_payload: UserFeedbackSignalPayloadSchema
|
|
@@ -1318,22 +1425,28 @@ var WORKFLOW_ACTOR_TYPES = ["USER", "AI_AGENT", "SYSTEM"];
|
|
|
1318
1425
|
|
|
1319
1426
|
// src/v1/schemas/workflow-action.ts
|
|
1320
1427
|
var WorkflowActionSignalPayloadSchema = zod.z.object({
|
|
1321
|
-
workflow_id: nonEmptyString(),
|
|
1322
|
-
workflow_type: nonEmptyString(),
|
|
1323
|
-
action_name: nonEmptyString(),
|
|
1324
|
-
action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES)
|
|
1325
|
-
|
|
1326
|
-
|
|
1327
|
-
|
|
1328
|
-
|
|
1329
|
-
|
|
1330
|
-
|
|
1331
|
-
|
|
1332
|
-
|
|
1333
|
-
|
|
1334
|
-
|
|
1335
|
-
|
|
1336
|
-
|
|
1428
|
+
workflow_id: nonEmptyString().describe("Workflow identifier."),
|
|
1429
|
+
workflow_type: nonEmptyString().describe("Type of workflow."),
|
|
1430
|
+
action_name: nonEmptyString().describe("Workflow action attempted."),
|
|
1431
|
+
action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES).describe(
|
|
1432
|
+
"Risk category: FINANCIAL, DATA_ACCESS, COMMUNICATION, ADMIN, SECURITY, CODE, or OTHER."
|
|
1433
|
+
),
|
|
1434
|
+
action_stage: zod.z.enum(WORKFLOW_ACTION_STAGES).describe(
|
|
1435
|
+
"Lifecycle stage: PROPOSED, PRE_EXECUTION, EXECUTED, FAILED, or ROLLED_BACK."
|
|
1436
|
+
),
|
|
1437
|
+
actor_type: zod.z.enum(WORKFLOW_ACTOR_TYPES).describe("Who initiated the action: USER, AI_AGENT, or SYSTEM."),
|
|
1438
|
+
requires_approval: zod.z.boolean().optional().default(false).describe("Whether approval is required before execution."),
|
|
1439
|
+
approval_present: zod.z.boolean().optional().default(false).describe("Whether required approval is present."),
|
|
1440
|
+
external_side_effect: zod.z.boolean().nullable().optional().describe("Whether the action changes external state when known."),
|
|
1441
|
+
safety_critical: zod.z.boolean().nullable().optional().describe(
|
|
1442
|
+
"Whether the action is safety, security, or business critical when known."
|
|
1443
|
+
),
|
|
1444
|
+
amount_usd: zod.z.number().nonnegative().nullable().optional().describe("Financial magnitude in USD when applicable."),
|
|
1445
|
+
sensitive_data_involved: zod.z.boolean().optional().default(false).describe("Whether sensitive data was touched."),
|
|
1446
|
+
new_counterparty: zod.z.boolean().optional().default(false).describe("Whether a new vendor, customer, or recipient is involved."),
|
|
1447
|
+
is_new_vendor: zod.z.boolean().optional().default(false).describe("Whether the action involves a new vendor."),
|
|
1448
|
+
is_new_recipient: zod.z.boolean().optional().default(false).describe("Whether the action involves a new recipient."),
|
|
1449
|
+
is_new_endpoint: zod.z.boolean().optional().default(false).describe("Whether the action targets a new endpoint.")
|
|
1337
1450
|
});
|
|
1338
1451
|
BaseEventSchema.extend({
|
|
1339
1452
|
signal_payload: WorkflowActionSignalPayloadSchema
|