sapper-ai 0.2.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 SapperAI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,30 @@
+# sapper-ai
+
+Single-install AI security guardrails for tool-calling systems.
+
+## Quick start
+
+```bash
+pnpm add sapper-ai
+npx sapper-ai init
+```
+
+```ts
+import { createGuard } from 'sapper-ai'
+
+const guard = createGuard()
+const decision = await guard.check({ toolName: 'shell', arguments: { cmd: 'ls' } })
+```
+
+## Presets
+
+| Preset | Description |
+|---|---|
+| monitor | Monitor only - logs threats but never blocks |
+| standard | Balanced protection with sensible defaults |
+| strict | Strict enforcement with lower thresholds |
+| paranoid | Maximum security - aggressive blocking, fail closed, LLM analysis |
+| ci | CI/CD pipeline - deterministic, fail closed, no LLM |
+| development | Development mode - permissive, monitor only |
+
+More details: https://github.com/sapper-ai/sapperai#readme

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export declare function runCli(argv?: string[]): Promise<number>;
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAUA,wBAAsB,MAAM,CAAC,IAAI,GAAE,MAAM,EAA0B,GAAG,OAAO,CAAC,MAAM,CAAC,CA2BpF"}

package/dist/cli.js

@@ -0,0 +1,213 @@
+#!/usr/bin/env node
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runCli = runCli;
+const node_fs_1 = require("node:fs");
+const node_child_process_1 = require("node:child_process");
+const node_path_1 = require("node:path");
+const readline = __importStar(require("node:readline"));
+const presets_1 = require("./presets");
+const scan_1 = require("./scan");
+async function runCli(argv = process.argv.slice(2)) {
+    if (argv[0] === '--help' || argv[0] === '-h') {
+        printUsage();
+        return 0;
+    }
+    if (argv[0] === 'scan') {
+        const parsed = parseScanArgs(argv.slice(1));
+        if (!parsed) {
+            printUsage();
+            return 1;
+        }
+        return (0, scan_1.runScan)(parsed);
+    }
+    if (argv[0] === 'dashboard') {
+        return runDashboard();
+    }
+    if (argv[0] !== 'init') {
+        printUsage();
+        return 1;
+    }
+    await runInitWizard();
+    return 0;
+}
+function printUsage() {
+    console.log(`
+sapper-ai - AI security guardrails
+
+Usage:
+  sapper-ai scan          Scan environment for threats
+  sapper-ai scan --fix    Scan and quarantine blocked files
+  sapper-ai init          Interactive setup wizard
+  sapper-ai dashboard     Launch web dashboard
+  sapper-ai --help        Show this help
+
+Learn more: https://github.com/sapper-ai/sapperai
+`);
+}
+function parseScanArgs(argv) {
+    const targets = [];
+    let fix = false;
+    for (const arg of argv) {
+        if (arg === '--fix') {
+            fix = true;
+            continue;
+        }
+        if (arg.startsWith('-')) {
+            return null;
+        }
+        targets.push(arg);
+    }
+    return { targets, fix };
+}
+async function runDashboard() {
+    const configuredPort = process.env.PORT;
+    const standalonePort = configuredPort ?? '4100';
+    const devPort = configuredPort ?? '3000';
+    try {
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        const startPath = require.resolve('@sapper-ai/dashboard/bin/start');
+        process.env.PORT = standalonePort;
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        require(startPath);
+        return await new Promise((resolveExit) => {
+            const stop = () => resolveExit(0);
+            process.once('SIGINT', stop);
+            process.once('SIGTERM', stop);
+        });
+    }
+    catch {
+    }
+    const webDir = (0, node_path_1.resolve)(__dirname, '../../../apps/web');
+    if ((0, node_fs_1.existsSync)((0, node_path_1.resolve)(webDir, 'package.json'))) {
+        console.log(`\n  SapperAI Dashboard (dev): http://localhost:${devPort}/dashboard\n`);
+        console.log('  Press Ctrl+C to stop\n');
+        const child = (0, node_child_process_1.spawn)('npx', ['next', 'dev', '--port', devPort], {
+            cwd: webDir,
+            stdio: 'inherit',
+            env: process.env,
+        });
+        process.on('SIGINT', () => child.kill('SIGINT'));
+        process.on('SIGTERM', () => child.kill('SIGTERM'));
+        return await new Promise((resolveExit) => {
+            child.on('close', (code) => resolveExit(code ?? 0));
+        });
+    }
+    console.error('\n  Install @sapper-ai/dashboard for standalone mode:');
+    console.error('  pnpm add @sapper-ai/dashboard\n');
+    return 1;
+}
+async function runInitWizard() {
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    const ask = (q) => new Promise((res) => rl.question(q, res));
+    console.log('\n  SapperAI Setup\n');
+    console.log('  Available presets:\n');
+    const entries = Object.entries(presets_1.presets);
+    entries.forEach(([key, p], i) => {
+        const marker = key === 'standard' ? ' (default)' : '';
+        console.log(`    ${i + 1}) ${key}${marker} - ${p.description}`);
+    });
+    console.log();
+    const presetAnswer = await ask(`  Choose preset [1-${entries.length}] (default: 2): `);
+    const presetIndex = (Number.parseInt(presetAnswer, 10) || 2) - 1;
+    const clampedIndex = Math.max(0, Math.min(presetIndex, entries.length - 1));
+    const selectedPreset = entries[clampedIndex][0];
+    const auditAnswer = await ask('  Audit log file path (enter to skip): ');
+    const auditLogPath = auditAnswer.trim() || undefined;
+    const outputPath = (0, node_path_1.resolve)(process.cwd(), 'sapperai.config.yaml');
+    if ((0, node_fs_1.existsSync)(outputPath)) {
+        const overwrite = await ask('  sapperai.config.yaml exists. Overwrite? [y/N]: ');
+        if (overwrite.trim().toLowerCase() !== 'y') {
+            console.log('  Aborted.');
+            rl.close();
+            return;
+        }
+    }
+    const lines = [
+        '# SapperAI Configuration',
+        '# Generated by: sapper-ai init',
+        '# Docs: https://github.com/sapper-ai/sapperai',
+        '',
+        ...buildPolicyYaml(selectedPreset, auditLogPath),
+    ];
+    (0, node_fs_1.writeFileSync)(outputPath, `${lines.join('\n')}\n`, 'utf8');
+    console.log(`\n  Created ${outputPath}\n`);
+    console.log('  Quick start:\n');
+    console.log("    import { createGuard } from 'sapper-ai'");
+    console.log('    const guard = createGuard()');
+    console.log('    const decision = await guard.check(toolCall)');
+    console.log();
+    rl.close();
+}
+function buildPolicyYaml(preset, auditLogPath) {
+    const p = presets_1.presets[preset].policy;
+    const lines = [];
+    lines.push(`mode: ${p.mode}`);
+    lines.push(`defaultAction: ${p.defaultAction}`);
+    lines.push(`failOpen: ${p.failOpen}`);
+    lines.push('');
+    lines.push('detectors:');
+    const detectors = p.detectors ?? ['rules'];
+    for (const d of detectors) {
+        lines.push(`  - ${d}`);
+    }
+    lines.push('');
+    lines.push('thresholds:');
+    const thresholds = p.thresholds ?? {};
+    lines.push(`  riskThreshold: ${thresholds.riskThreshold ?? 0.7}`);
+    lines.push(`  blockMinConfidence: ${thresholds.blockMinConfidence ?? 0.5}`);
+    if (auditLogPath) {
+        lines.push('');
+        lines.push(`auditLogPath: ${auditLogPath}`);
+    }
+    return lines;
+}
+function isDirectExecution(argv) {
+    const entry = argv[1];
+    if (!entry) {
+        return false;
+    }
+    return entry.endsWith('/cli.js') || entry.endsWith('\\cli.js') || entry.endsWith('/cli.ts');
+}
+if (isDirectExecution(process.argv)) {
+    runCli().then((exitCode) => {
+        process.exit(exitCode);
+    }, (error) => {
+        const msg = error instanceof Error ? error.message : String(error);
+        console.error(msg);
+        process.exit(1);
+    });
+}

package/dist/createGuard.d.ts

@@ -0,0 +1,17 @@
+import { Guard } from '@sapper-ai/core';
+import type { Decision, Policy, ToolCall, ToolResult } from '@sapper-ai/types';
+import { type PresetName } from './presets';
+export interface CreateGuardOptions {
+    preset?: PresetName;
+    policy?: Partial<Policy>;
+    configPath?: string;
+    auditLogPath?: string;
+}
+export interface SapperGuard {
+    check(toolCall: ToolCall): Promise<Decision>;
+    checkResult(toolCall: ToolCall, toolResult: ToolResult): Promise<Decision>;
+    guard: Guard;
+    policy: Policy;
+}
+export declare function createGuard(options?: CreateGuardOptions | PresetName): SapperGuard;
+//# sourceMappingURL=createGuard.d.ts.map

package/dist/createGuard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"createGuard.d.ts","sourceRoot":"","sources":["../src/createGuard.ts"],"names":[],"mappings":"AAGA,OAAO,EAAgD,KAAK,EAAiB,MAAM,iBAAiB,CAAA;AACpG,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE9E,OAAO,EAAW,KAAK,UAAU,EAAE,MAAM,WAAW,CAAA;AAEpD,MAAM,WAAW,kBAAkB;IACjC,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACxB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC5C,WAAW,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC1E,KAAK,EAAE,KAAK,CAAA;IACZ,MAAM,EAAE,MAAM,CAAA;CACf;AAED,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,kBAAkB,GAAG,UAAU,GAAG,WAAW,CAiBlF"}

package/dist/createGuard.js

@@ -0,0 +1,83 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createGuard = createGuard;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const core_1 = require("@sapper-ai/core");
+const presets_1 = require("./presets");
+function createGuard(options) {
+    const opts = typeof options === 'string' ? { preset: options } : (options ?? {});
+    const policy = resolvePolicy(opts);
+    warnIfLlmMisconfigured(policy);
+    const detectors = (0, core_1.createDetectors)({ policy });
+    const engine = new core_1.DecisionEngine(detectors);
+    const logger = opts.auditLogPath ? new core_1.AuditLogger({ filePath: opts.auditLogPath }) : new core_1.AuditLogger();
+    const guard = new core_1.Guard(engine, logger, policy);
+    return {
+        check: (toolCall) => guard.preTool(toolCall),
+        checkResult: (toolCall, toolResult) => guard.postTool(toolCall, toolResult),
+        guard,
+        policy,
+    };
+}
+function resolvePolicy(opts) {
+    const base = resolveBasePolicy(opts);
+    if (!opts.policy) {
+        return base;
+    }
+    return mergePolicy(base, opts.policy);
+}
+function resolveBasePolicy(opts) {
+    if (opts.preset) {
+        const preset = presets_1.presets[opts.preset];
+        if (!preset) {
+            const valid = Object.keys(presets_1.presets).join(', ');
+            throw new Error(`Unknown preset "${opts.preset}". Valid presets: ${valid}`);
+        }
+        return { ...preset.policy };
+    }
+    const fromFile = loadConfigFile(opts.configPath);
+    return fromFile ?? { ...presets_1.presets.standard.policy };
+}
+function mergePolicy(base, override) {
+    const mergedThresholds = {
+        ...(base.thresholds ?? {}),
+        ...(override.thresholds ?? {}),
+    };
+    const hasThresholds = typeof mergedThresholds.riskThreshold === 'number' || typeof mergedThresholds.blockMinConfidence === 'number';
+    return {
+        ...base,
+        ...override,
+        thresholds: hasThresholds ? mergedThresholds : undefined,
+    };
+}
+function loadConfigFile(explicitPath) {
+    const configPath = explicitPath ?? findConfigFile();
+    if (!configPath)
+        return null;
+    if (!(0, node_fs_1.existsSync)(configPath))
+        return null;
+    try {
+        const manager = new core_1.PolicyManager();
+        return manager.loadFromFile(configPath);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        throw new Error(`Failed to load config from ${configPath}: ${message}`);
+    }
+}
+const CONFIG_FILE_NAMES = ['sapperai.config.yaml', 'sapperai.config.yml'];
+function findConfigFile() {
+    for (const name of CONFIG_FILE_NAMES) {
+        const fullPath = (0, node_path_1.resolve)(process.cwd(), name);
+        if ((0, node_fs_1.existsSync)(fullPath))
+            return fullPath;
+    }
+    return null;
+}
+function warnIfLlmMisconfigured(policy) {
+    if (policy.detectors?.includes('llm') && !policy.llm) {
+        console.warn('[sapper-ai] Warning: Policy includes "llm" detector but no llm config provided. ' +
+            'LLM detector will be inactive. Set policy.llm to enable it.');
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,6 @@
+export { createGuard, type CreateGuardOptions, type SapperGuard } from './createGuard';
+export { presets, type Preset, type PresetName } from './presets';
+export { Guard, DecisionEngine, RulesDetector, LlmDetector, ThreatIntelDetector, createDetectors, AuditLogger, PolicyManager, validatePolicy, Scanner, QuarantineManager, ThreatIntelStore, } from '@sapper-ai/core';
+export type { Policy, ToolCall, ToolResult, ToolMetadata, ToolPolicy, Decision, DetectorOutput, Detector, AssessmentContext, AuditLogEntry, GuardAction, MatchList, ThreatFeedConfig, LlmConfig, } from '@sapper-ai/types';
+export type { QuarantineRecord, ThreatIntelEntry, ThreatIntelSnapshot, IntelMatchList } from '@sapper-ai/core';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,KAAK,kBAAkB,EAAE,KAAK,WAAW,EAAE,MAAM,eAAe,CAAA;AACtF,OAAO,EAAE,OAAO,EAAE,KAAK,MAAM,EAAE,KAAK,UAAU,EAAE,MAAM,WAAW,CAAA;AAEjE,OAAO,EACL,KAAK,EACL,cAAc,EACd,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,eAAe,EACf,WAAW,EACX,aAAa,EACb,cAAc,EACd,OAAO,EACP,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,iBAAiB,CAAA;AAExB,YAAY,EACV,MAAM,EACN,QAAQ,EACR,UAAU,EACV,YAAY,EACZ,UAAU,EACV,QAAQ,EACR,cAAc,EACd,QAAQ,EACR,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,SAAS,EACT,gBAAgB,EAChB,SAAS,GACV,MAAM,kBAAkB,CAAA;AAEzB,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA"}

package/dist/index.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThreatIntelStore = exports.QuarantineManager = exports.Scanner = exports.validatePolicy = exports.PolicyManager = exports.AuditLogger = exports.createDetectors = exports.ThreatIntelDetector = exports.LlmDetector = exports.RulesDetector = exports.DecisionEngine = exports.Guard = exports.presets = exports.createGuard = void 0;
+var createGuard_1 = require("./createGuard");
+Object.defineProperty(exports, "createGuard", { enumerable: true, get: function () { return createGuard_1.createGuard; } });
+var presets_1 = require("./presets");
+Object.defineProperty(exports, "presets", { enumerable: true, get: function () { return presets_1.presets; } });
+var core_1 = require("@sapper-ai/core");
+Object.defineProperty(exports, "Guard", { enumerable: true, get: function () { return core_1.Guard; } });
+Object.defineProperty(exports, "DecisionEngine", { enumerable: true, get: function () { return core_1.DecisionEngine; } });
+Object.defineProperty(exports, "RulesDetector", { enumerable: true, get: function () { return core_1.RulesDetector; } });
+Object.defineProperty(exports, "LlmDetector", { enumerable: true, get: function () { return core_1.LlmDetector; } });
+Object.defineProperty(exports, "ThreatIntelDetector", { enumerable: true, get: function () { return core_1.ThreatIntelDetector; } });
+Object.defineProperty(exports, "createDetectors", { enumerable: true, get: function () { return core_1.createDetectors; } });
+Object.defineProperty(exports, "AuditLogger", { enumerable: true, get: function () { return core_1.AuditLogger; } });
+Object.defineProperty(exports, "PolicyManager", { enumerable: true, get: function () { return core_1.PolicyManager; } });
+Object.defineProperty(exports, "validatePolicy", { enumerable: true, get: function () { return core_1.validatePolicy; } });
+Object.defineProperty(exports, "Scanner", { enumerable: true, get: function () { return core_1.Scanner; } });
+Object.defineProperty(exports, "QuarantineManager", { enumerable: true, get: function () { return core_1.QuarantineManager; } });
+Object.defineProperty(exports, "ThreatIntelStore", { enumerable: true, get: function () { return core_1.ThreatIntelStore; } });

package/dist/postinstall.d.ts

@@ -0,0 +1,2 @@
+export declare function runPostinstall(): void;
+//# sourceMappingURL=postinstall.d.ts.map

package/dist/postinstall.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"postinstall.d.ts","sourceRoot":"","sources":["../src/postinstall.ts"],"names":[],"mappings":"AAEA,wBAAgB,cAAc,IAAI,IAAI,CAKrC"}

package/dist/postinstall.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runPostinstall = runPostinstall;
+const MESSAGE = "SapperAI installed. Run 'npx sapper-ai scan' to check your environment.";
+function runPostinstall() {
+    try {
+        console.log(MESSAGE);
+    }
+    catch {
+    }
+}
+if (require.main === module) {
+    runPostinstall();
+}

package/dist/presets.d.ts

@@ -0,0 +1,9 @@
+import type { Policy } from '@sapper-ai/types';
+export interface Preset {
+    name: string;
+    description: string;
+    policy: Policy;
+}
+export type PresetName = 'monitor' | 'standard' | 'strict' | 'paranoid' | 'ci' | 'development';
+export declare const presets: Record<PresetName, Preset>;
+//# sourceMappingURL=presets.d.ts.map

package/dist/presets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"presets.d.ts","sourceRoot":"","sources":["../src/presets.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAE9C,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,GAAG,QAAQ,GAAG,UAAU,GAAG,IAAI,GAAG,aAAa,CAAA;AAE9F,eAAO,MAAM,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAwE9C,CAAA"}

package/dist/presets.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.presets = void 0;
+exports.presets = {
+    monitor: {
+        name: 'monitor',
+        description: 'Monitor only - logs threats but never blocks',
+        policy: {
+            mode: 'monitor',
+            defaultAction: 'allow',
+            failOpen: true,
+            detectors: ['rules'],
+            thresholds: { riskThreshold: 0.7, blockMinConfidence: 0.5 },
+        },
+    },
+    standard: {
+        name: 'standard',
+        description: 'Balanced protection with sensible defaults',
+        policy: {
+            mode: 'enforce',
+            defaultAction: 'allow',
+            failOpen: true,
+            detectors: ['rules'],
+            thresholds: { riskThreshold: 0.7, blockMinConfidence: 0.5 },
+        },
+    },
+    strict: {
+        name: 'strict',
+        description: 'Strict enforcement with lower thresholds',
+        policy: {
+            mode: 'enforce',
+            defaultAction: 'allow',
+            failOpen: false,
+            detectors: ['rules'],
+            thresholds: { riskThreshold: 0.5, blockMinConfidence: 0.3 },
+        },
+    },
+    paranoid: {
+        name: 'paranoid',
+        description: 'Maximum security - aggressive blocking, fail closed, LLM analysis',
+        policy: {
+            mode: 'enforce',
+            defaultAction: 'allow',
+            failOpen: false,
+            detectors: ['rules', 'llm'],
+            thresholds: { riskThreshold: 0.3, blockMinConfidence: 0.2 },
+        },
+    },
+    ci: {
+        name: 'ci',
+        description: 'CI/CD pipeline - deterministic, fail closed, no LLM',
+        policy: {
+            mode: 'enforce',
+            defaultAction: 'allow',
+            failOpen: false,
+            detectors: ['rules'],
+            thresholds: { riskThreshold: 0.7, blockMinConfidence: 0.5 },
+        },
+    },
+    development: {
+        name: 'development',
+        description: 'Development mode - permissive, monitor only',
+        policy: {
+            mode: 'monitor',
+            defaultAction: 'allow',
+            failOpen: true,
+            detectors: ['rules'],
+            thresholds: { riskThreshold: 0.9, blockMinConfidence: 0.8 },
+        },
+    },
+};

package/dist/scan.d.ts

@@ -0,0 +1,6 @@
+export interface ScanOptions {
+    targets?: string[];
+    fix?: boolean;
+}
+export declare function runScan(options?: ScanOptions): Promise<number>;
+//# sourceMappingURL=scan.d.ts.map

package/dist/scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":"AAoBA,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,GAAG,CAAC,EAAE,OAAO,CAAA;CACd;AAqMD,wBAAsB,OAAO,CAAC,OAAO,GAAE,WAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CAwDxE"}

package/dist/scan.js

@@ -0,0 +1,201 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runScan = runScan;
+const node_fs_1 = require("node:fs");
+const promises_1 = require("node:fs/promises");
+const node_os_1 = require("node:os");
+const node_path_1 = require("node:path");
+const core_1 = require("@sapper-ai/core");
+const presets_1 = require("./presets");
+const CONFIG_FILE_NAMES = ['sapperai.config.yaml', 'sapperai.config.yml'];
+function findConfigFile(cwd) {
+    for (const name of CONFIG_FILE_NAMES) {
+        const fullPath = (0, node_path_1.resolve)(cwd, name);
+        if ((0, node_fs_1.existsSync)(fullPath)) {
+            return fullPath;
+        }
+    }
+    return null;
+}
+function resolvePolicy(cwd) {
+    const configPath = findConfigFile(cwd);
+    if (!configPath) {
+        return { ...presets_1.presets.standard.policy };
+    }
+    return new core_1.PolicyManager().loadFromFile(configPath);
+}
+function getThresholds(policy) {
+    const extended = policy;
+    const riskThreshold = typeof extended.thresholds?.riskThreshold === 'number' ? extended.thresholds.riskThreshold : 0.7;
+    const blockMinConfidence = typeof extended.thresholds?.blockMinConfidence === 'number' ? extended.thresholds.blockMinConfidence : 0.5;
+    return { riskThreshold, blockMinConfidence };
+}
+function toDefaultTargets(cwd) {
+    const home = (0, node_os_1.homedir)();
+    return [(0, node_path_1.join)(home, '.claude', 'plugins'), (0, node_path_1.join)(home, '.config', 'claude-code'), cwd];
+}
+function shouldSkipDir(dirName) {
+    const base = (0, node_path_1.basename)(dirName);
+    return base === 'node_modules' || base === '.git' || base === 'dist';
+}
+async function collectFiles(targetPath) {
+    try {
+        const info = await (0, promises_1.stat)(targetPath);
+        if (info.isFile()) {
+            return [targetPath];
+        }
+        if (!info.isDirectory()) {
+            return [];
+        }
+    }
+    catch {
+        return [];
+    }
+    const results = [];
+    const stack = [targetPath];
+    while (stack.length > 0) {
+        const current = stack.pop();
+        if (!current)
+            continue;
+        let entries;
+        try {
+            entries = await (0, promises_1.readdir)(current, { withFileTypes: true });
+        }
+        catch {
+            continue;
+        }
+        for (const entry of entries) {
+            const fullPath = (0, node_path_1.join)(current, entry.name);
+            if (entry.isDirectory()) {
+                if (shouldSkipDir(fullPath)) {
+                    continue;
+                }
+                stack.push(fullPath);
+                continue;
+            }
+            if (entry.isFile()) {
+                results.push(fullPath);
+            }
+        }
+    }
+    return results;
+}
+function isThreat(decision, policy) {
+    const { riskThreshold, blockMinConfidence } = getThresholds(policy);
+    return decision.risk >= riskThreshold && decision.confidence >= blockMinConfidence;
+}
+async function readFileIfPresent(filePath) {
+    try {
+        return await (0, promises_1.readFile)(filePath, 'utf8');
+    }
+    catch {
+        return null;
+    }
+}
+async function scanFile(filePath, policy, scanner, detectors, fix, quarantineManager) {
+    if (!(0, core_1.isConfigLikeFile)(filePath)) {
+        return { scanned: false };
+    }
+    const raw = await readFileIfPresent(filePath);
+    if (raw === null || raw.trim().length === 0) {
+        return { scanned: false };
+    }
+    const fileSurface = (0, core_1.normalizeSurfaceText)(raw);
+    const targetType = (0, core_1.classifyTargetType)(filePath);
+    const targets = [
+        {
+            id: `${targetType}:${(0, core_1.buildEntryName)(filePath)}`,
+            surface: fileSurface,
+        },
+    ];
+    if (filePath.endsWith('.json')) {
+        try {
+            const parsed = JSON.parse(raw);
+            const mcpTargets = (0, core_1.collectMcpTargetsFromJson)(filePath, parsed);
+            for (const t of mcpTargets) {
+                targets.push({ id: `${t.type}:${t.name}`, surface: t.surface });
+            }
+        }
+        catch {
+        }
+    }
+    let bestThreat = null;
+    for (const target of targets) {
+        const decision = await scanner.scanTool(target.id, target.surface, policy, detectors);
+        if (!isThreat(decision, policy)) {
+            continue;
+        }
+        if (!bestThreat || decision.risk > bestThreat.risk) {
+            bestThreat = decision;
+        }
+        if (fix && decision.action === 'block') {
+            try {
+                const record = await quarantineManager.quarantine(filePath, decision);
+                return { scanned: true, finding: { filePath, decision, quarantinedId: record.id } };
+            }
+            catch {
+            }
+        }
+    }
+    if (!bestThreat) {
+        return { scanned: true };
+    }
+    return { scanned: true, finding: { filePath, decision: bestThreat } };
+}
+function formatFindingLine(index, finding) {
+    const reason = finding.decision.reasons[0];
+    const label = reason?.startsWith('Detected pattern: ')
+        ? reason.slice('Detected pattern: '.length)
+        : reason ?? 'threat';
+    const risk = finding.decision.risk.toFixed(2);
+    const quarantineSuffix = finding.quarantinedId ? ` (quarantined: ${finding.quarantinedId})` : '';
+    return `  ${index}. ${finding.filePath}\n     Risk: ${risk} | ${label}${quarantineSuffix}`;
+}
+async function runScan(options = {}) {
+    const cwd = process.cwd();
+    const policy = resolvePolicy(cwd);
+    const fix = options.fix === true;
+    const targets = options.targets && options.targets.length > 0 ? options.targets : toDefaultTargets(cwd);
+    const scanner = new core_1.Scanner();
+    const detectors = (0, core_1.createDetectors)({ policy });
+    const quarantineDir = process.env.SAPPERAI_QUARANTINE_DIR;
+    const quarantineManager = quarantineDir ? new core_1.QuarantineManager({ quarantineDir }) : new core_1.QuarantineManager();
+    console.log('\n  SapperAI Environment Scan\n');
+    console.log('  Scanning:');
+    for (const target of targets) {
+        console.log(`    ${target}`);
+    }
+    console.log();
+    const fileSet = new Set();
+    for (const target of targets) {
+        const files = await collectFiles(target);
+        for (const f of files) {
+            fileSet.add(f);
+        }
+    }
+    let scannedFiles = 0;
+    const findings = [];
+    for (const filePath of Array.from(fileSet).sort()) {
+        const result = await scanFile(filePath, policy, scanner, detectors, fix, quarantineManager);
+        if (result.scanned) {
+            scannedFiles += 1;
+        }
+        if (result.finding) {
+            findings.push(result.finding);
+        }
+    }
+    console.log('  Results:');
+    console.log(`    ${scannedFiles} files scanned, ${findings.length} threats detected`);
+    console.log();
+    if (findings.length > 0) {
+        findings.forEach((finding, idx) => {
+            console.log(formatFindingLine(idx + 1, finding));
+            console.log();
+        });
+        if (!fix) {
+            console.log("  Run 'npx sapper-ai scan --fix' to quarantine blocked files.");
+            console.log();
+        }
+    }
+    return findings.length > 0 ? 1 : 0;
+}

package/package.json

@@ -0,0 +1,67 @@
+{
+  "name": "sapper-ai",
+  "version": "0.2.1",
+  "description": "AI security guardrails - single install, sensible defaults",
+  "keywords": [
+    "security",
+    "ai",
+    "guardrails",
+    "prompt-injection",
+    "detection"
+  ],
+  "license": "MIT",
+  "author": "SapperAI",
+  "homepage": "https://github.com/sapper-ai/core#readme",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/sapper-ai/core.git",
+    "directory": "packages/sapper-ai"
+  },
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "sapper-ai": "./dist/cli.js"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    },
+    "./presets": {
+      "types": "./dist/presets.d.ts",
+      "default": "./dist/presets.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "@sapper-ai/core": "0.2.0",
+    "@sapper-ai/types": "0.2.0"
+  },
+  "peerDependencies": {
+    "@sapper-ai/mcp": ">=0.2.0",
+    "@sapper-ai/openai": ">=0.2.0"
+  },
+  "peerDependenciesMeta": {
+    "@sapper-ai/mcp": {
+      "optional": true
+    },
+    "@sapper-ai/openai": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.3.0",
+    "vitest": "^1.0.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "postinstall": "node dist/postinstall.js || exit 0",
+    "test": "vitest --run"
+  }
+}