qati-sdk 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -839,7 +839,7 @@ var EventPrincipalSchema = zod.z.object({
839
839
  // src/v1/schemas/raw-event.ts
840
840
  var BaseEventSchema = zod.z.object({
841
841
  tenant_id: zod.z.string().describe("Tenant partition key (required)."),
842
- signal_version: zod.z.string().describe("Schema version (e.g. v1)."),
842
+ signal_version: zod.z.string().default("v1").describe("Schema version (e.g. v1)."),
843
843
  signal_type: zod.z.enum(SIGNAL_TYPES).describe("Type of signal."),
844
844
  signal_payload: zod.z.record(zod.z.any()).describe("Payload validated per signal_type."),
845
845
  principal: EventPrincipalSchema,
@@ -848,7 +848,8 @@ var BaseEventSchema = zod.z.object({
848
848
  provenance: ProvenanceSchema.optional().describe(
849
849
  "Optional provenance (mode, source_id, epoch_counter, health_summary)."
850
850
  ),
851
- integrity: IntegritySchema.optional()
851
+ integrity: IntegritySchema.optional(),
852
+ event_source: zod.z.string().default("SDK_CLIENT").describe("Origin of the event (e.g. SDK_CLIENT, API_GATEWAY).")
852
853
  });
853
854
  var RawEventRequestSchema = zod.z.object({
854
855
  tenant_id: zod.z.string().describe("Tenant partition key (required)."),
@@ -874,7 +875,8 @@ var buildRawEventPayload = (event, signalPayload, signalType) => {
874
875
  signal_version: "v1",
875
876
  signal_type: signalType,
876
877
  signal_payload: signalPayload,
877
- integrity: event.integrity
878
+ integrity: event.integrity,
879
+ event_source: event.event_source ?? "SDK_CLIENT"
878
880
  };
879
881
  return BaseEventSchema.parse(rawEventPayload);
880
882
  };
@@ -903,20 +905,26 @@ var HTTP_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE"];
903
905
 
904
906
  // src/v1/schemas/api-call.ts
905
907
  var ApiCallSignalPayloadSchema = zod.z.object({
906
- service_id: nonEmptyString(),
907
- endpoint: nonEmptyString(),
908
- method: zod.z.enum(HTTP_METHODS),
909
- status_code: zod.z.number().int().min(100).max(599),
910
- authorized: zod.z.boolean().nullable(),
911
- authentication_present: zod.z.boolean().nullable().optional(),
912
- rate_limited: zod.z.boolean().nullable().optional(),
913
- external_side_effect: zod.z.boolean().nullable().optional(),
914
- records_returned: zod.z.number().int().nonnegative().nullable().optional(),
915
- records_modified: zod.z.number().int().nonnegative().nullable().optional(),
916
- contains_sensitive_data: zod.z.boolean().nullable().optional(),
917
- latency_ms: zod.z.number().nonnegative().nullable().optional(),
918
- retry_count: zod.z.number().int().nonnegative().nullable().optional(),
919
- api_key_id: zod.z.string().nullable().optional()
908
+ service_id: nonEmptyString().describe("Target service identifier."),
909
+ endpoint: nonEmptyString().describe("API route path."),
910
+ method: zod.z.enum(HTTP_METHODS).describe("HTTP method: GET, POST, PUT, PATCH, or DELETE."),
911
+ status_code: zod.z.number().int().min(100).max(599).describe("HTTP response status code."),
912
+ authorized: zod.z.boolean().nullable().describe(
913
+ "Whether the call was authorized; null means authorization is unknown."
914
+ ),
915
+ authentication_present: zod.z.boolean().nullable().optional().describe(
916
+ "Whether authentication credentials were present when known."
917
+ ),
918
+ rate_limited: zod.z.boolean().nullable().optional().describe("Whether the call was rate limited when known."),
919
+ external_side_effect: zod.z.boolean().nullable().optional().describe(
920
+ "Whether the call modifies state outside the caller context when known."
921
+ ),
922
+ records_returned: zod.z.number().int().nonnegative().nullable().optional().describe("Number of records returned when available."),
923
+ records_modified: zod.z.number().int().nonnegative().nullable().optional().describe("Number of records modified when available."),
924
+ contains_sensitive_data: zod.z.boolean().nullable().optional().describe("Whether sensitive data was involved when known."),
925
+ latency_ms: zod.z.number().nonnegative().nullable().optional().describe("API latency in milliseconds when available."),
926
+ retry_count: zod.z.number().int().nonnegative().nullable().optional().describe("Number of retry attempts when available."),
927
+ api_key_id: zod.z.string().nullable().optional().describe("API key identifier used for the call when applicable.")
920
928
  });
921
929
  BaseEventSchema.extend({
922
930
  signal_payload: ApiCallSignalPayloadSchema
@@ -928,16 +936,16 @@ var createApiCallEvent = (event) => {
928
936
  return buildRawEventRequest(event, signalPayload, "API_CALL");
929
937
  };
930
938
  var AuthSignalPayloadSchema = zod.z.object({
931
- result: zod.z.string().nullable().optional(),
932
- auth_method: zod.z.string().nullable().optional(),
933
- mfa_used: zod.z.boolean().nullable().optional(),
939
+ result: zod.z.string().nullable().optional().describe("Auth result (SUCCESS, FAILURE)"),
940
+ auth_method: zod.z.string().nullable().optional().describe("Auth method (PASSWORD, MFA_TOTP, etc.)"),
941
+ mfa_used: zod.z.boolean().nullable().optional().describe("Whether MFA was used"),
934
942
  mfa_bypassed: zod.z.boolean().optional().default(false),
935
943
  failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
936
944
  ip: zod.z.string().nullable().optional(),
937
- country: zod.z.string().nullable().optional(),
945
+ country: zod.z.string().nullable().optional().describe("ISO 3166-1 alpha-2 country code"),
938
946
  user_agent: zod.z.string().nullable().optional(),
939
947
  unusual_location: zod.z.boolean().optional().default(false),
940
- after_hours_login: zod.z.boolean().optional().default(false)
948
+ after_hours_login: zod.z.boolean().optional().default(false).describe("Login outside normal business hours")
941
949
  });
942
950
  BaseEventSchema.extend({
943
951
  signal_payload: AuthSignalPayloadSchema
@@ -973,24 +981,50 @@ var CONTEXT_SOURCES = [
973
981
 
974
982
  // src/v1/schemas/context-integrity.ts
975
983
  var ContextIntegritySignalPayloadSchema = zod.z.object({
976
- context_source: zod.z.enum(CONTEXT_SOURCES),
977
- instruction_conflict_detected: zod.z.boolean(),
978
- untrusted_instruction_detected: zod.z.boolean(),
979
- context_priority_violation: zod.z.boolean(),
980
- recursive_instruction_pattern: zod.z.boolean().optional().default(false),
981
- context_drift_score: fraction01Nullable(),
982
- system_prompt_conflict_score: fraction01Nullable(),
983
- developer_prompt_conflict_score: fraction01Nullable(),
984
- retrieved_instruction_count: zod.z.number().int().nonnegative().optional().default(0),
985
- hidden_instruction_score: fraction01Nullable(),
986
- source_document_id: zod.z.string().nullable().optional(),
987
- untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
988
- source_trust_score: fraction01Nullable(),
989
- lowest_source_trust_score: fraction01Nullable(),
990
- recursive_pattern_score: fraction01Nullable(),
991
- prompt_injection_score: fraction01Nullable(),
992
- contains_instruction_override: zod.z.boolean().optional().default(false),
993
- context_injection_score: fraction01Nullable()
984
+ context_source: zod.z.enum(CONTEXT_SOURCES).describe(
985
+ "Origin of the evaluated context: CONVERSATION_HISTORY, RETRIEVED_DOCUMENT, TOOL_OUTPUT, SYSTEM, DEVELOPER, or USER."
986
+ ),
987
+ instruction_conflict_detected: zod.z.boolean().describe("Whether conflicting instructions were detected in context."),
988
+ untrusted_instruction_detected: zod.z.boolean().describe(
989
+ "Whether an untrusted source contains instruction-like text."
990
+ ),
991
+ context_priority_violation: zod.z.boolean().describe(
992
+ "Whether lower-priority context attempts to override higher-priority context."
993
+ ),
994
+ recursive_instruction_pattern: zod.z.boolean().optional().default(false).describe("Whether the context contains a loop or recursive instruction."),
995
+ context_drift_score: fraction01Nullable().describe(
996
+ "0\u20131 context drift score when available."
997
+ ),
998
+ system_prompt_conflict_score: fraction01Nullable().describe(
999
+ "0\u20131 conflict with system prompt intent when available."
1000
+ ),
1001
+ developer_prompt_conflict_score: fraction01Nullable().describe(
1002
+ "0\u20131 conflict with developer prompt intent when available."
1003
+ ),
1004
+ retrieved_instruction_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of instruction-like snippets in retrieved context."),
1005
+ hidden_instruction_score: fraction01Nullable().describe(
1006
+ "0\u20131 likelihood of hidden instructions when available."
1007
+ ),
1008
+ source_document_id: zod.z.string().nullable().optional().describe("Related document identifier when applicable."),
1009
+ untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0).describe(
1010
+ "Count of untrusted sources; contributes to untrusted-instruction detection."
1011
+ ),
1012
+ source_trust_score: fraction01Nullable().describe(
1013
+ "0\u20131 trust score for the context source when available."
1014
+ ),
1015
+ lowest_source_trust_score: fraction01Nullable().describe(
1016
+ "0\u20131 lowest trust score among sources when available."
1017
+ ),
1018
+ recursive_pattern_score: fraction01Nullable().describe(
1019
+ "0\u20131 recursive pattern score when available."
1020
+ ),
1021
+ prompt_injection_score: fraction01Nullable().describe(
1022
+ "0\u20131 prompt injection score when available; omit if unknown."
1023
+ ),
1024
+ contains_instruction_override: zod.z.boolean().optional().default(false).describe("Whether the context contains an instruction override."),
1025
+ context_injection_score: fraction01Nullable().describe(
1026
+ "0\u20131 context injection score when available; omit if unknown."
1027
+ )
994
1028
  });
995
1029
  BaseEventSchema.extend({
996
1030
  signal_payload: ContextIntegritySignalPayloadSchema
@@ -1006,17 +1040,29 @@ var createContextIntegrityEvent = (event) => {
1006
1040
  var ModelOutputSignalPayloadSchema = zod.z.object({
1007
1041
  missing_citations_rate: fraction01Nullable(),
1008
1042
  citation_rate: fraction01Nullable(),
1009
- expected_citation_rate: fraction01Nullable(),
1010
- policy_violations: zod.z.number().int().nonnegative().optional().default(0),
1043
+ expected_citation_rate: fraction01Nullable().describe(
1044
+ "Baseline or policy-expected citation rate (use with citation_rate)"
1045
+ ),
1046
+ policy_violations: zod.z.number().int().nonnegative().optional().default(0).describe("Count of policy violations when available."),
1011
1047
  policy_violation_rate: fraction01Nullable(),
1012
1048
  tool_call_inconsistency: fraction01().optional().default(0),
1013
- tool_inconsistency_rate: fraction01Nullable(),
1049
+ tool_inconsistency_rate: fraction01Nullable().describe(
1050
+ "Rate of inconsistent tool calls in the eval window"
1051
+ ),
1014
1052
  tool_miss_rate: fraction01Nullable(),
1015
- eval_window_n: zod.z.number().int().min(1).nullable().optional(),
1016
- hallucination_risk_score: fraction01Nullable(),
1017
- self_contradiction_score: fraction01Nullable(),
1018
- grounding_score: fraction01Nullable(),
1019
- contains_unsupported_claims: zod.z.boolean().optional().default(false)
1053
+ eval_window_n: zod.z.number().int().min(1).nullable().optional().describe("Evaluation window size"),
1054
+ hallucination_risk_score: fraction01Nullable().describe(
1055
+ "0\u20131 hallucination risk when available; omit if unknown."
1056
+ ),
1057
+ self_contradiction_score: fraction01Nullable().describe(
1058
+ "0\u20131 self-contradiction score when available; omit if unknown."
1059
+ ),
1060
+ grounding_score: fraction01Nullable().describe(
1061
+ "0\u20131 grounding score when available; omit if unknown."
1062
+ ),
1063
+ contains_unsupported_claims: zod.z.boolean().optional().default(false).describe(
1064
+ "Whether the output contains unsupported claims; confirm with clients."
1065
+ )
1020
1066
  });
1021
1067
  BaseEventSchema.extend({
1022
1068
  signal_payload: ModelOutputSignalPayloadSchema
@@ -1035,8 +1081,10 @@ var NetworkSignalPayloadSchema = zod.z.object({
1035
1081
  reputation_score: fraction01Nullable(),
1036
1082
  threat_score: fraction01Nullable(),
1037
1083
  is_datacenter: zod.z.boolean().nullable().optional(),
1038
- is_untrusted_segment: zod.z.boolean().optional().default(false),
1039
- asn_reputation: fraction01Nullable()
1084
+ is_untrusted_segment: zod.z.boolean().optional().default(false).describe("Traffic originated from an untrusted network segment"),
1085
+ asn_reputation: fraction01Nullable().describe(
1086
+ "Reputation score for the origin ASN (0\u20131, higher is more trusted)"
1087
+ )
1040
1088
  });
1041
1089
  BaseEventSchema.extend({
1042
1090
  signal_payload: NetworkSignalPayloadSchema
@@ -1061,14 +1109,18 @@ var POLICY_RESULTS = ["PASS", "WARN", "FAIL", "BLOCKED"];
1061
1109
 
1062
1110
  // src/v1/schemas/policy-event.ts
1063
1111
  var PolicyEventSignalPayloadSchema = zod.z.object({
1064
- policy_check_name: nonEmptyString(),
1065
- policy_category: zod.z.enum(POLICY_CATEGORIES),
1066
- policy_result: zod.z.enum(POLICY_RESULTS),
1067
- severity: fraction01(),
1068
- blocked: zod.z.boolean().optional().default(false),
1069
- violation_count: zod.z.number().int().nonnegative().optional().default(0),
1070
- policy_confidence: fraction01Nullable(),
1071
- redaction_applied: zod.z.boolean().optional().default(false)
1112
+ policy_check_name: nonEmptyString().describe("Name of the policy check."),
1113
+ policy_category: zod.z.enum(POLICY_CATEGORIES).describe(
1114
+ "Policy domain: SAFETY, PRIVACY, SECURITY, COMPLIANCE, CONTENT, or OTHER."
1115
+ ),
1116
+ policy_result: zod.z.enum(POLICY_RESULTS).describe("Policy check result: PASS, WARN, FAIL, or BLOCKED."),
1117
+ severity: fraction01().describe("0\u20131 policy event severity."),
1118
+ blocked: zod.z.boolean().optional().default(false).describe("Whether the action or output was blocked."),
1119
+ violation_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of policy violations when available."),
1120
+ policy_confidence: fraction01Nullable().describe(
1121
+ "0\u20131 policy classifier confidence when available."
1122
+ ),
1123
+ redaction_applied: zod.z.boolean().optional().default(false).describe("Whether content was redacted.")
1072
1124
  });
1073
1125
  BaseEventSchema.extend({
1074
1126
  signal_payload: PolicyEventSignalPayloadSchema
@@ -1081,18 +1133,30 @@ var createPolicyEvent = (event) => {
1081
1133
  );
1082
1134
  return buildRawEventRequest(event, signalPayload, "POLICY_EVENT");
1083
1135
  };
1084
- var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional();
1136
+ var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional().describe("Optional SHA-256 hash of prompt text (64 hex characters).");
1085
1137
  var PromptInputSignalPayloadSchema = zod.z.object({
1086
- prompt_length_chars: zod.z.number().int().nonnegative(),
1087
- conversation_turn_index: zod.z.number().int().nonnegative(),
1088
- contains_instruction_override: zod.z.boolean(),
1089
- contains_tool_request: zod.z.boolean().optional().default(false),
1090
- contains_secret_request: zod.z.boolean().optional().default(false),
1091
- contains_policy_challenge: zod.z.boolean().optional().default(false),
1092
- recursive_pattern_score: fraction01Nullable(),
1093
- prompt_injection_score: fraction01Nullable(),
1094
- sensitive_domain: zod.z.boolean().optional().default(false),
1095
- complexity_score: fraction01Nullable(),
1138
+ prompt_length_chars: zod.z.number().int().nonnegative().describe("Prompt size in characters."),
1139
+ conversation_turn_index: zod.z.number().int().nonnegative().describe("Turn number in the conversation."),
1140
+ contains_instruction_override: zod.z.boolean().describe(
1141
+ "Whether the prompt tries to override prior rules or instructions."
1142
+ ),
1143
+ contains_tool_request: zod.z.boolean().optional().default(false).describe("Whether the prompt requests tool or API execution."),
1144
+ contains_secret_request: zod.z.boolean().optional().default(false).describe(
1145
+ "Whether the prompt requests hidden or confidential information."
1146
+ ),
1147
+ contains_policy_challenge: zod.z.boolean().optional().default(false).describe("Whether the prompt challenges rules, safety, or policy."),
1148
+ recursive_pattern_score: fraction01Nullable().describe(
1149
+ "0\u20131 recursive or looping structure score; omit or null to treat as 0.0."
1150
+ ),
1151
+ prompt_injection_score: fraction01Nullable().describe(
1152
+ "0\u20131 prompt-injection likelihood score; omit or null to treat as 0.0."
1153
+ ),
1154
+ sensitive_domain: zod.z.boolean().optional().default(false).describe(
1155
+ "Whether the prompt targets a sensitive domain (finance, health, legal, cybersecurity, etc.)."
1156
+ ),
1157
+ complexity_score: fraction01Nullable().describe(
1158
+ "0\u20131 prompt complexity or ambiguity score; omit or null to treat as 0.0."
1159
+ ),
1096
1160
  prompt_hash: promptHashSchema
1097
1161
  });
1098
1162
  BaseEventSchema.extend({
@@ -1107,17 +1171,25 @@ var createPromptInputEvent = (event) => {
1107
1171
  return buildRawEventRequest(event, signalPayload, "PROMPT_INPUT");
1108
1172
  };
1109
1173
  var RagRetrievalSignalPayloadSchema = zod.z.object({
1110
- retriever_id: nonEmptyString(),
1111
- query_hash: zod.z.string().nullable().optional(),
1112
- documents_retrieved: zod.z.number().int().nonnegative(),
1113
- top_k: zod.z.number().int().min(1),
1114
- average_relevance_score: fraction01(),
1115
- source_trust_score: fraction01(),
1116
- lowest_source_trust_score: fraction01Nullable(),
1117
- untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
1118
- retrieved_context_tokens: zod.z.number().int().nonnegative().optional().default(0),
1119
- context_injection_score: fraction01().optional().default(0),
1120
- document_ids: zod.z.array(zod.z.string()).optional().default([])
1174
+ retriever_id: nonEmptyString().describe("Retriever service identifier."),
1175
+ query_hash: zod.z.string().nullable().optional().describe("Hash of the retrieval query when available."),
1176
+ documents_retrieved: zod.z.number().int().nonnegative().describe("Number of documents retrieved."),
1177
+ top_k: zod.z.number().int().min(1).describe("Requested top-k document count."),
1178
+ average_relevance_score: fraction01().describe(
1179
+ "0\u20131 average relevance score across retrieved documents."
1180
+ ),
1181
+ source_trust_score: fraction01().describe(
1182
+ "0\u20131 average trust score across retrieved sources."
1183
+ ),
1184
+ lowest_source_trust_score: fraction01Nullable().describe(
1185
+ "0\u20131 weakest source trust score when available."
1186
+ ),
1187
+ untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0).describe("Count of low-trust or untrusted retrieved sources."),
1188
+ retrieved_context_tokens: zod.z.number().int().nonnegative().optional().default(0).describe("Total retrieved context token count when available."),
1189
+ context_injection_score: fraction01().optional().default(0).describe(
1190
+ "0\u20131 context injection risk score; use 0.0 when unavailable."
1191
+ ),
1192
+ document_ids: zod.z.array(zod.z.string()).optional().default([]).describe("Identifiers for retrieved documents when available.")
1121
1193
  });
1122
1194
  BaseEventSchema.extend({
1123
1195
  signal_payload: RagRetrievalSignalPayloadSchema
@@ -1142,16 +1214,18 @@ var SESSION_STATUSES = [
1142
1214
 
1143
1215
  // src/v1/schemas/session.ts
1144
1216
  var SessionSignalPayloadSchema = zod.z.object({
1145
- session_status: zod.z.enum(SESSION_STATUSES),
1146
- session_age_seconds: zod.z.number().nonnegative().optional().default(0),
1147
- turn_count: zod.z.number().int().nonnegative().optional().default(0),
1148
- messages_last_minute: zod.z.number().nonnegative().optional().default(0),
1149
- avg_seconds_between_turns: zod.z.number().nonnegative().nullable().optional(),
1150
- restart_count_10m: zod.z.number().int().nonnegative().optional().default(0),
1151
- session_timeout: zod.z.boolean().optional().default(false),
1152
- abandoned: zod.z.boolean().optional().default(false),
1153
- conversation_id: zod.z.string().nullable().optional(),
1154
- user_id: zod.z.string().nullable().optional()
1217
+ session_status: zod.z.enum(SESSION_STATUSES).describe(
1218
+ "Session lifecycle status: STARTED, ACTIVE, ENDED, TIMEOUT, or ABANDONED."
1219
+ ),
1220
+ session_age_seconds: zod.z.number().nonnegative().optional().default(0).describe("Current duration of the session in seconds."),
1221
+ turn_count: zod.z.number().int().nonnegative().optional().default(0).describe("Number of user/model turns in the session."),
1222
+ messages_last_minute: zod.z.number().nonnegative().optional().default(0).describe("Prompt or message rate over the last minute."),
1223
+ avg_seconds_between_turns: zod.z.number().nonnegative().nullable().optional().describe("Average interaction cadence between turns in seconds."),
1224
+ restart_count_10m: zod.z.number().int().nonnegative().optional().default(0).describe("How often the user restarted sessions in the last 10 minutes."),
1225
+ session_timeout: zod.z.boolean().optional().default(false).describe("Whether the session ended due to a timeout."),
1226
+ abandoned: zod.z.boolean().optional().default(false).describe("Whether the session ended abruptly without a clean close."),
1227
+ conversation_id: zod.z.string().nullable().optional().describe("Related conversation identifier when available."),
1228
+ user_id: zod.z.string().nullable().optional().describe("Related user identifier when available.")
1155
1229
  });
1156
1230
  BaseEventSchema.extend({
1157
1231
  signal_payload: SessionSignalPayloadSchema
@@ -1168,11 +1242,19 @@ var SystemTelemetrySignalPayloadSchema = zod.z.object({
1168
1242
  baseline: zod.z.number().nullable().optional(),
1169
1243
  window_seconds: zod.z.number().int().min(1).nullable().optional(),
1170
1244
  error_rate: fraction01().optional().default(0),
1171
- baseline_error_rate: fraction01Nullable(),
1245
+ baseline_error_rate: fraction01Nullable().describe(
1246
+ "Expected or steady-state error rate (excess over this drives impact)"
1247
+ ),
1172
1248
  unusual_auth_rate: fraction01().optional().default(0),
1173
- firmware_hash_changed: zod.z.boolean().optional().default(false),
1174
- expected_hash_match: zod.z.boolean().nullable().optional(),
1175
- sensor_deviation_score: fraction01Nullable()
1249
+ firmware_hash_changed: zod.z.boolean().optional().default(false).describe(
1250
+ "Device or component firmware hash differs from prior observation"
1251
+ ),
1252
+ expected_hash_match: zod.z.boolean().nullable().optional().describe(
1253
+ "True if hash matched expected; False if mismatch; omit if unknown"
1254
+ ),
1255
+ sensor_deviation_score: fraction01Nullable().describe(
1256
+ "Normalized deviation of sensor readings from baseline"
1257
+ )
1176
1258
  });
1177
1259
  BaseEventSchema.extend({
1178
1260
  signal_payload: SystemTelemetrySignalPayloadSchema
@@ -1200,24 +1282,38 @@ var TOOL_CATEGORIES = [
1200
1282
 
1201
1283
  // src/v1/schemas/tool-call.ts
1202
1284
  var ToolCallSignalPayloadSchema = zod.z.object({
1203
- tool_name: nonEmptyString(),
1204
- tool_category: zod.z.enum(TOOL_CATEGORIES),
1205
- action: nonEmptyString(),
1206
- authorized: zod.z.boolean().nullable(),
1207
- safety_critical: zod.z.boolean(),
1208
- external_side_effect: zod.z.boolean(),
1209
- tool_call_success: zod.z.boolean().nullable().optional(),
1210
- latency_ms: zod.z.number().nonnegative().nullable().optional(),
1211
- error_code: zod.z.string().nullable().optional(),
1212
- argument_risk_score: fraction01Nullable(),
1213
- result_size_bytes: zod.z.number().int().nonnegative().nullable().optional(),
1214
- records_accessed: zod.z.number().int().nonnegative().optional().default(0),
1215
- contains_sensitive_data: zod.z.boolean().optional().default(false),
1216
- action_category: zod.z.string().nullable().optional(),
1217
- method: zod.z.string().nullable().optional(),
1218
- sensitive_data_involved: zod.z.boolean().optional().default(false),
1219
- contains_phi: zod.z.boolean().optional().default(false),
1220
- sensitive_domain: zod.z.boolean().optional().default(false)
1285
+ tool_name: nonEmptyString().describe("Tool identifier."),
1286
+ tool_category: zod.z.enum(TOOL_CATEGORIES).describe(
1287
+ "Tool category: RETRIEVAL, DATABASE, PAYMENT, MESSAGING, CODE_EXECUTION, FILE, EXTERNAL_API, or OTHER."
1288
+ ),
1289
+ action: nonEmptyString().describe("Action attempted by the tool call."),
1290
+ authorized: zod.z.boolean().nullable().describe(
1291
+ "Whether policy allowed the tool call; null means authorization is unknown."
1292
+ ),
1293
+ safety_critical: zod.z.boolean().describe("Whether the call can create serious consequences."),
1294
+ external_side_effect: zod.z.boolean().describe(
1295
+ "Whether the action changes state outside the model context."
1296
+ ),
1297
+ tool_call_success: zod.z.boolean().nullable().optional().describe("Whether the tool call succeeded when known."),
1298
+ latency_ms: zod.z.number().nonnegative().nullable().optional().describe("Tool latency in milliseconds when available."),
1299
+ error_code: zod.z.string().nullable().optional().describe("Error code when the tool call failed."),
1300
+ argument_risk_score: fraction01Nullable().describe(
1301
+ "0\u20131 risk score for tool call arguments when available."
1302
+ ),
1303
+ result_size_bytes: zod.z.number().int().nonnegative().nullable().optional().describe("Size of returned data in bytes when available."),
1304
+ records_accessed: zod.z.number().int().nonnegative().optional().default(0).describe("Number of records touched by the call when available."),
1305
+ contains_sensitive_data: zod.z.boolean().optional().default(false).describe("Whether sensitive data was returned or touched."),
1306
+ action_category: zod.z.string().nullable().optional().describe(
1307
+ "Risk category for the attempted action (e.g. SECURITY, CODE, FINANCIAL, ADMIN) when available."
1308
+ ),
1309
+ method: zod.z.string().nullable().optional().describe("HTTP or RPC method for the tool call when applicable."),
1310
+ sensitive_data_involved: zod.z.boolean().optional().default(false).describe(
1311
+ "Whether sensitive data was involved in the request or result."
1312
+ ),
1313
+ contains_phi: zod.z.boolean().optional().default(false).describe(
1314
+ "Whether protected health information was returned or touched."
1315
+ ),
1316
+ sensitive_domain: zod.z.boolean().optional().default(false).describe("Whether the tool call applies to a sensitive domain.")
1221
1317
  });
1222
1318
  BaseEventSchema.extend({
1223
1319
  signal_payload: ToolCallSignalPayloadSchema
@@ -1229,27 +1325,29 @@ var createToolCallEvent = (event) => {
1229
1325
  return buildRawEventRequest(event, signalPayload, "TOOL_CALL");
1230
1326
  };
1231
1327
  var TransactionSignalPayloadSchema = zod.z.object({
1232
- amount: zod.z.number().nonnegative().default(0),
1233
- amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
1234
- amount_usd: zod.z.number().nonnegative().nullable().optional(),
1235
- currency: zod.z.string().nullable().optional(),
1328
+ amount: zod.z.number().nonnegative().default(0).describe("Transaction amount in base currency"),
1329
+ amount_minor: zod.z.number().int().nonnegative().nullable().optional().describe("Transaction amount in minor units (e.g. cents)"),
1330
+ amount_usd: zod.z.number().nonnegative().nullable().optional().describe("Transaction amount normalized to USD"),
1331
+ currency: zod.z.string().nullable().optional().describe("ISO 4217 currency code"),
1236
1332
  merchant_category: zod.z.string().nullable().optional(),
1237
1333
  merchant_id: zod.z.string().nullable().optional(),
1238
- channel: zod.z.string().nullable().optional(),
1239
- country: zod.z.string().nullable().optional(),
1240
- velocity: zod.z.number().nonnegative().nullable().optional(),
1241
- external_anomaly_score: zod.z.number().nullable().optional(),
1242
- geo_distance: zod.z.number().nonnegative().nullable().optional(),
1243
- geo_distance_km: zod.z.number().nonnegative().nullable().optional(),
1244
- records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
1245
- baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
1246
- sensitivity_level: zod.z.string().nullable().optional(),
1247
- export_count: zod.z.number().int().nonnegative().nullable().optional(),
1248
- bulk_export: zod.z.boolean().optional().default(false),
1249
- contains_phi: zod.z.boolean().optional().default(false),
1250
- control_command: zod.z.string().nullable().optional(),
1251
- authorized: zod.z.boolean().nullable().optional(),
1252
- safety_critical: zod.z.boolean().optional().default(false)
1334
+ channel: zod.z.string().nullable().optional().describe("Transaction channel (WEB, MOBILE, ECOM)"),
1335
+ country: zod.z.string().nullable().optional().describe("ISO 3166-1 alpha-2 country code"),
1336
+ velocity: zod.z.number().nonnegative().nullable().optional().describe("Transactions per minute"),
1337
+ external_anomaly_score: zod.z.number().nullable().optional().describe(
1338
+ "Externally supplied anomaly score. When present, bypasses the internal extraction formula and is used directly as raw_value."
1339
+ ),
1340
+ geo_distance: zod.z.number().nonnegative().nullable().optional().describe("Distance in km from usual location"),
1341
+ geo_distance_km: zod.z.number().nonnegative().nullable().optional().describe("Distance in km from usual location"),
1342
+ records_accessed: zod.z.number().int().nonnegative().nullable().optional().describe("Count of records touched in this transaction"),
1343
+ baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional().describe("Typical or policy baseline record count for comparison"),
1344
+ sensitivity_level: zod.z.string().nullable().optional().describe("Data sensitivity (e.g. LOW, MEDIUM, HIGH)"),
1345
+ export_count: zod.z.number().int().nonnegative().nullable().optional().describe("Number of export operations"),
1346
+ bulk_export: zod.z.boolean().optional().default(false).describe("Whether this is a bulk export"),
1347
+ contains_phi: zod.z.boolean().optional().default(false).describe("Whether exported or accessed data includes PHI"),
1348
+ control_command: zod.z.string().nullable().optional().describe("Issued control or OT command (e.g. VALVE_OPEN)"),
1349
+ authorized: zod.z.boolean().nullable().optional().describe("Whether the action was authorized; omit if unknown"),
1350
+ safety_critical: zod.z.boolean().optional().default(false).describe("Whether the transaction affects safety-critical systems")
1253
1351
  });
1254
1352
  BaseEventSchema.extend({
1255
1353
  signal_payload: TransactionSignalPayloadSchema
@@ -1282,13 +1380,19 @@ var FEEDBACK_ISSUE_TYPES = [
1282
1380
 
1283
1381
  // src/v1/schemas/user-feedback.ts
1284
1382
  var UserFeedbackSignalPayloadSchema = zod.z.object({
1285
- feedback_type: zod.z.enum(FEEDBACK_TYPES),
1286
- rating: zod.z.number().nullable().optional(),
1287
- reported_issue: zod.z.boolean().optional().default(false),
1288
- issue_type: zod.z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional(),
1289
- severity: fraction01Nullable(),
1290
- response_id: zod.z.string().nullable().optional(),
1291
- user_comment_hash: zod.z.string().nullable().optional()
1383
+ feedback_type: zod.z.enum(FEEDBACK_TYPES).describe(
1384
+ "User feedback category: THUMBS_UP, THUMBS_DOWN, REPORT, CORRECTION, or RATING."
1385
+ ),
1386
+ rating: zod.z.number().nullable().optional().describe("Optional rating in [-1, 1] or on a 1\u20135 scale."),
1387
+ reported_issue: zod.z.boolean().optional().default(false).describe("Whether the user reported a problem."),
1388
+ issue_type: zod.z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional().describe(
1389
+ "Category of the reported issue: hallucination, unsafe, irrelevant, privacy, offensive, or other."
1390
+ ),
1391
+ severity: fraction01Nullable().describe(
1392
+ "0\u20131 user-reported severity when available."
1393
+ ),
1394
+ response_id: zod.z.string().nullable().optional().describe("Identifier of the response being evaluated."),
1395
+ user_comment_hash: zod.z.string().nullable().optional().describe("Hash of optional user comment when available.")
1292
1396
  });
1293
1397
  BaseEventSchema.extend({
1294
1398
  signal_payload: UserFeedbackSignalPayloadSchema
@@ -1323,22 +1427,28 @@ var WORKFLOW_ACTOR_TYPES = ["USER", "AI_AGENT", "SYSTEM"];
1323
1427
 
1324
1428
  // src/v1/schemas/workflow-action.ts
1325
1429
  var WorkflowActionSignalPayloadSchema = zod.z.object({
1326
- workflow_id: nonEmptyString(),
1327
- workflow_type: nonEmptyString(),
1328
- action_name: nonEmptyString(),
1329
- action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES),
1330
- action_stage: zod.z.enum(WORKFLOW_ACTION_STAGES),
1331
- actor_type: zod.z.enum(WORKFLOW_ACTOR_TYPES),
1332
- requires_approval: zod.z.boolean().optional().default(false),
1333
- approval_present: zod.z.boolean().optional().default(false),
1334
- external_side_effect: zod.z.boolean().nullable().optional(),
1335
- safety_critical: zod.z.boolean().nullable().optional(),
1336
- amount_usd: zod.z.number().nonnegative().nullable().optional(),
1337
- sensitive_data_involved: zod.z.boolean().optional().default(false),
1338
- new_counterparty: zod.z.boolean().optional().default(false),
1339
- is_new_vendor: zod.z.boolean().optional().default(false),
1340
- is_new_recipient: zod.z.boolean().optional().default(false),
1341
- is_new_endpoint: zod.z.boolean().optional().default(false)
1430
+ workflow_id: nonEmptyString().describe("Workflow identifier."),
1431
+ workflow_type: nonEmptyString().describe("Type of workflow."),
1432
+ action_name: nonEmptyString().describe("Workflow action attempted."),
1433
+ action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES).describe(
1434
+ "Risk category: FINANCIAL, DATA_ACCESS, COMMUNICATION, ADMIN, SECURITY, CODE, or OTHER."
1435
+ ),
1436
+ action_stage: zod.z.enum(WORKFLOW_ACTION_STAGES).describe(
1437
+ "Lifecycle stage: PROPOSED, PRE_EXECUTION, EXECUTED, FAILED, or ROLLED_BACK."
1438
+ ),
1439
+ actor_type: zod.z.enum(WORKFLOW_ACTOR_TYPES).describe("Who initiated the action: USER, AI_AGENT, or SYSTEM."),
1440
+ requires_approval: zod.z.boolean().optional().default(false).describe("Whether approval is required before execution."),
1441
+ approval_present: zod.z.boolean().optional().default(false).describe("Whether required approval is present."),
1442
+ external_side_effect: zod.z.boolean().nullable().optional().describe("Whether the action changes external state when known."),
1443
+ safety_critical: zod.z.boolean().nullable().optional().describe(
1444
+ "Whether the action is safety, security, or business critical when known."
1445
+ ),
1446
+ amount_usd: zod.z.number().nonnegative().nullable().optional().describe("Financial magnitude in USD when applicable."),
1447
+ sensitive_data_involved: zod.z.boolean().optional().default(false).describe("Whether sensitive data was touched."),
1448
+ new_counterparty: zod.z.boolean().optional().default(false).describe("Whether a new vendor, customer, or recipient is involved."),
1449
+ is_new_vendor: zod.z.boolean().optional().default(false).describe("Whether the action involves a new vendor."),
1450
+ is_new_recipient: zod.z.boolean().optional().default(false).describe("Whether the action involves a new recipient."),
1451
+ is_new_endpoint: zod.z.boolean().optional().default(false).describe("Whether the action targets a new endpoint.")
1342
1452
  });
1343
1453
  BaseEventSchema.extend({
1344
1454
  signal_payload: WorkflowActionSignalPayloadSchema