sentinel-agentos 0.1.0

package/dist/evaluator/profiler.js

@@ -0,0 +1,108 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AgentProfiler = void 0;
+/**
+ * AgentProfiler — builds and maintains the agent's quality profile.
+ *
+ * Aggregates PreExec + Runtime + PostExec metrics and
+ * ImplicitFeedback to produce a composite quality score
+ * that improves over time through self-correction.
+ */
+class AgentProfiler {
+    feedbackEngine;
+    preMetrics = [];
+    runMetrics = [];
+    postMetrics = [];
+    sessionScores = new Map();
+    constructor(feedbackEngine) {
+        this.feedbackEngine = feedbackEngine;
+    }
+    /**
+     * Record a complete evaluation cycle for one tool call.
+     */
+    recordCycle(sessionId, pre, run, post) {
+        this.preMetrics.push(pre);
+        this.runMetrics.push(run);
+        this.postMetrics.push(post);
+        // Track per-session scores
+        const sessionScores = this.sessionScores.get(sessionId) ?? [];
+        sessionScores.push(post.outcomeScore);
+        this.sessionScores.set(sessionId, sessionScores);
+    }
+    /**
+     * Build the current agent profile.
+     */
+    getProfile(sessionId) {
+        const totalOps = this.preMetrics.length;
+        // Pre-exec scores
+        const preExecScore = this.average(this.preMetrics.map((m) => ((m.paramQuality.score + m.contextUtilization.score) / 2) * 100));
+        // Runtime scores
+        const runtimeScore = this.average(this.runMetrics.map((m) => m.adaptiveScore * 100));
+        // Post-exec scores
+        const postExecScore = this.average(this.postMetrics.map((m) => m.outcomeScore * 100));
+        // User satisfaction
+        const satisfaction = this.feedbackEngine.getSatisfactionScore(sessionId);
+        const satisfactionScore = ((satisfaction + 1) / 2) * 100; // Map -1..1 to 0..100
+        // Overall: weighted
+        const overallScore = Math.round(preExecScore * 0.2 +
+            runtimeScore * 0.25 +
+            postExecScore * 0.3 +
+            satisfactionScore * 0.25);
+        // Recent trend
+        const recentCutoff = Date.now() - 24 * 60 * 60 * 1000;
+        const recentPre = this.preMetrics.filter((m) => m.timestamp >= recentCutoff);
+        const recentRun = this.runMetrics.slice(-recentPre.length);
+        const recentPost = this.postMetrics.slice(-recentPre.length);
+        const recentScore = recentPre.length > 0
+            ? Math.round(this.average(recentPre.map((m) => (m.paramQuality.score + m.contextUtilization.score) / 2)) * 100 * 0.2 +
+                this.average(recentRun.map((m) => m.adaptiveScore)) * 100 * 0.25 +
+                this.average(recentPost.map((m) => m.outcomeScore)) * 100 * 0.3 +
+                satisfactionScore * 0.25)
+            : overallScore;
+        // Warnings and strengths
+        const warnings = [];
+        const strengths = [];
+        if (runtimeScore < 0.5) {
+            warnings.push('High retry rate — consider more planning before execution');
+        }
+        if (postExecScore < 0.5) {
+            warnings.push('Low verify pass rate — verify results before claiming success');
+        }
+        if (satisfaction < -0.3) {
+            warnings.push('User satisfaction declining — review recent sessions');
+        }
+        if (runtimeScore > 0.9) {
+            strengths.push('Excellent execution reliability');
+        }
+        if (postExecScore > 0.9) {
+            strengths.push('Verify gate passing consistently');
+        }
+        if (satisfaction > 0.5) {
+            strengths.push('Strong positive user feedback');
+        }
+        return {
+            overallScore: overallScore, // 0-100
+            totalOps,
+            breakdown: {
+                preExec: Math.round(preExecScore * 100) / 100,
+                runtime: Math.round(runtimeScore * 100) / 100,
+                postExec: Math.round(postExecScore * 100) / 100,
+                userSatisfaction: Math.round(satisfactionScore * 100) / 100,
+            },
+            trends: {
+                improving: recentScore > overallScore,
+                recentOps: recentPre.length,
+                recentScore: Math.round(recentScore) / 100,
+            },
+            warnings,
+            strengths,
+        };
+    }
+    average(values) {
+        return values.length > 0
+            ? values.reduce((s, v) => s + v, 0) / values.length
+            : 0;
+    }
+}
+exports.AgentProfiler = AgentProfiler;
+//# sourceMappingURL=profiler.js.map

package/dist/evaluator/profiler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"profiler.js","sourceRoot":"","sources":["../../src/evaluator/profiler.ts"],"names":[],"mappings":";;;AAkCA;;;;;;GAMG;AACH,MAAa,aAAa;IAChB,cAAc,CAAyB;IAEvC,UAAU,GAAqB,EAAE,CAAC;IAClC,UAAU,GAAqB,EAAE,CAAC;IAClC,WAAW,GAAsB,EAAE,CAAC;IACpC,aAAa,GAA0B,IAAI,GAAG,EAAE,CAAC;IAEzD,YAAY,cAAsC;QAChD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,SAAiB,EAAE,GAAmB,EAAE,GAAmB,EAAE,IAAqB;QAC5F,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5B,2BAA2B;QAC3B,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;QAC9D,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACtC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,SAAkB;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;QAExC,kBAAkB;QAClB,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAC/B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACxB,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,GAAG,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAChE,CACF,CAAC;QAEF,iBAAiB;QACjB,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAC/B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,GAAG,GAAG,CAAC,CAClD,CAAC;QAEF,mBAAmB;QACnB,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAChC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,GAAG,GAAG,CAAC,CAClD,CAAC;QAEF,oBAAoB;QACpB,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;QACzE,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,sBAAsB;QAEhF,oBAAoB;QACpB,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAC7B,YAAY,GAAG,GAAG;YAClB,YAAY,GAAG,IAAI;YACnB,aAAa,GAAG,GAAG;YACnB,iBAAiB,GAAG,IAAI,CACzB,CAAC;QAEF,eAAe;QACf,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACtD,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,YAAY,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAE7D,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC;YACtC,CAAC,CAAC,IAAI,CAAC,KAAK,CACV,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,GAAG,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG;gBACvG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,GAAG,GAAG,GAAG,IAAI;gBAChE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG;gBAC/D,iBAAiB,GAAG,IAAI,CACzB;YACD,CAAC,CAAC,YAAY,CAAC;QAEjB,yBAAyB;QACzB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAa,EAAE,CAAC;QAE/B,IAAI,YAAY,GAAG,GAAG,EAAE,CAAC;YACvB,QAAQ,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,aAAa,GAAG,GAAG,EAAE,CAAC;YACxB,QAAQ,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAC;QACjF,CAAC;QACD,IAAI,YAAY,GAAG,CAAC,GAAG,EAAE,CAAC;YACxB,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,YAAY,GAAG,GAAG,EAAE,CAAC;YACvB,SAAS,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,aAAa,GAAG,GAAG,EAAE,CAAC;YACxB,SAAS,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QACrD,CAAC;QACD,IAAI,YAAY,GAAG,GAAG,EAAE,CAAC;YACvB,SAAS,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAClD,CAAC;QAED,OAAO;YACL,YAAY,EAAE,YAAY,EAAE,QAAQ;YACpC,QAAQ;YACR,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,GAAG;gBAC7C,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,GAAG;gBAC7C,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,GAAG,CAAC,GAAG,GAAG;gBAC/C,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,iBAAiB,GAAG,GAAG,CAAC,GAAG,GAAG;aAC5D;YACD,MAAM,EAAE;gBACN,SAAS,EAAE,WAAW,GAAG,YAAY;gBACrC,SAAS,EAAE,SAAS,CAAC,MAAM;gBAC3B,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,GAAG;aAC3C;YACD,QAAQ;YACR,SAAS;SACV,CAAC;IACJ,CAAC;IAEO,OAAO,CAAC,MAAgB;QAC9B,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC;YACtB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM;YACnD,CAAC,CAAC,CAAC,CAAC;IACR,CAAC;CACF;AA5HD,sCA4HC"}

package/dist/guard/audit-log.d.ts

@@ -0,0 +1,75 @@
+import { AuditEntry, VerifyStatus, Snapshot, VerifyCheck } from '../types';
+import { RiskGate } from './risk-gate';
+import { SchemaGate } from './schema-gate';
+/**
+ * Audit Log — append-only, immutable operation record.
+ *
+ * Every tool call that passes through AgentOS Guard gets logged here.
+ * The log is an append-only JSONL file — entries are never deleted or modified.
+ *
+ * In production: use SQLite WAL or a remote append-only service.
+ * MVP: flat JSONL file.
+ */
+export declare class AuditLog {
+    private logPath;
+    private schemaGate;
+    private riskGate;
+    private snapshotGate;
+    constructor(workspaceRoot: string, schemaGate: SchemaGate, riskGate: RiskGate);
+    /**
+     * Record a tool call in the audit log.
+     *
+     * Called AFTER execution completes. Returns the full audit entry.
+     */
+    record(options: {
+        sessionId: string;
+        agentId: string;
+        startedAt: number;
+        completedAt: number;
+        toolName: string;
+        toolParameters: Record<string, unknown>;
+        toolResult: unknown;
+        snapshot: Snapshot | null;
+        verifyStatus: VerifyStatus;
+        verifyChecks: VerifyCheck[];
+    }): AuditEntry;
+    /**
+     * Query audit entries by filter.
+     */
+    query(filter?: {
+        sessionId?: string;
+        toolName?: string;
+        verifyStatus?: VerifyStatus;
+        minScore?: number;
+        maxScore?: number;
+        limit?: number;
+    }): AuditEntry[];
+    /**
+     * Get summary statistics from the audit log.
+     */
+    stats(): {
+        totalOperations: number;
+        byTool: Record<string, number>;
+        averageRiskScore: number;
+        verifyFailures: number;
+        sessionsTracked: number;
+        highRiskOps: number;
+    };
+    /**
+     * Saintize sensitive parameters before logging.
+     */
+    private sanitizeParams;
+    /**
+     * Truncate large results to prevent log bloat.
+     */
+    private truncateResult;
+    /**
+     * Append an entry to the JSONL audit log file.
+     */
+    private append;
+    /**
+     * Read all audit entries from the log file.
+     */
+    private readAll;
+}
+//# sourceMappingURL=audit-log.d.ts.map

package/dist/guard/audit-log.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-log.d.ts","sourceRoot":"","sources":["../../src/guard/audit-log.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAE3E,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAY3C;;;;;;;;GAQG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,QAAQ,CAAW;IAC3B,OAAO,CAAC,YAAY,CAAe;gBAGjC,aAAa,EAAE,MAAM,EACrB,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ;IAQpB;;;;OAIG;IACH,MAAM,CAAC,OAAO,EAAE;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACxC,UAAU,EAAE,OAAO,CAAC;QACpB,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAC;QAC1B,YAAY,EAAE,YAAY,CAAC;QAC3B,YAAY,EAAE,WAAW,EAAE,CAAC;KAC7B,GAAG,UAAU;IA2Bd;;OAEG;IACH,KAAK,CAAC,MAAM,GAAE;QACZ,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,YAAY,CAAC;QAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KACX,GAAG,UAAU,EAAE;IAwBrB;;OAEG;IACH,KAAK,IAAI;QACP,eAAe,EAAE,MAAM,CAAC;QACxB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC;QACzB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,WAAW,EAAE,MAAM,CAAC;KACrB;IA6BD;;OAEG;IACH,OAAO,CAAC,cAAc;IAetB;;OAEG;IACH,OAAO,CAAC,cAAc;IAYtB;;OAEG;IACH,OAAO,CAAC,MAAM;IAUd;;OAEG;IACH,OAAO,CAAC,OAAO;CAWhB"}

package/dist/guard/audit-log.js

@@ -0,0 +1,207 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuditLog = void 0;
+const snapshot_verify_1 = require("./snapshot-verify");
+const crypto = __importStar(require("crypto"));
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+/**
+ * Generate a unique audit entry ID.
+ */
+function generateAuditId() {
+    return `audit_${Date.now()}_${crypto.randomBytes(4).toString('hex')}`;
+}
+/**
+ * Audit Log — append-only, immutable operation record.
+ *
+ * Every tool call that passes through AgentOS Guard gets logged here.
+ * The log is an append-only JSONL file — entries are never deleted or modified.
+ *
+ * In production: use SQLite WAL or a remote append-only service.
+ * MVP: flat JSONL file.
+ */
+class AuditLog {
+    logPath;
+    schemaGate;
+    riskGate;
+    snapshotGate;
+    constructor(workspaceRoot, schemaGate, riskGate) {
+        this.logPath = path.join(workspaceRoot, '.agentos', 'audit.jsonl');
+        this.schemaGate = schemaGate;
+        this.riskGate = riskGate;
+        this.snapshotGate = new snapshot_verify_1.SnapshotGate(workspaceRoot);
+    }
+    /**
+     * Record a tool call in the audit log.
+     *
+     * Called AFTER execution completes. Returns the full audit entry.
+     */
+    record(options) {
+        const entry = {
+            id: generateAuditId(),
+            sessionId: options.sessionId,
+            agentId: options.agentId,
+            startedAt: options.startedAt,
+            completedAt: options.completedAt,
+            durationMs: options.completedAt - options.startedAt,
+            toolName: options.toolName,
+            toolParameters: this.sanitizeParams(options.toolParameters),
+            toolResult: this.truncateResult(options.toolResult),
+            schemaGate: this.schemaGate.check(options.toolName, options.toolParameters),
+            riskGate: this.riskGate.evaluate(options.toolName, options.toolParameters),
+            snapshot: options.snapshot,
+            verifyGate: {
+                status: options.verifyStatus,
+                checks: options.verifyChecks,
+            },
+            diff: options.snapshot
+                ? this.snapshotGate.computeDiff(options.snapshot)
+                : null,
+        };
+        this.append(entry);
+        return entry;
+    }
+    /**
+     * Query audit entries by filter.
+     */
+    query(filter = {}) {
+        const entries = this.readAll();
+        let results = entries;
+        if (filter.sessionId) {
+            results = results.filter((e) => e.sessionId === filter.sessionId);
+        }
+        if (filter.toolName) {
+            results = results.filter((e) => e.toolName === filter.toolName);
+        }
+        if (filter.verifyStatus) {
+            results = results.filter((e) => e.verifyGate.status === filter.verifyStatus);
+        }
+        if (filter.minScore !== undefined) {
+            results = results.filter((e) => e.riskGate.score >= filter.minScore);
+        }
+        if (filter.maxScore !== undefined) {
+            results = results.filter((e) => e.riskGate.score <= filter.maxScore);
+        }
+        const limit = filter.limit ?? 100;
+        return results.slice(-limit);
+    }
+    /**
+     * Get summary statistics from the audit log.
+     */
+    stats() {
+        const entries = this.readAll();
+        const byTool = {};
+        let totalScore = 0;
+        let verifyFailures = 0;
+        let highRiskOps = 0;
+        const sessions = new Set();
+        for (const entry of entries) {
+            byTool[entry.toolName] = (byTool[entry.toolName] || 0) + 1;
+            totalScore += entry.riskGate.score;
+            if (entry.verifyGate.status === 'FAIL')
+                verifyFailures++;
+            if (entry.riskGate.score > 3.0)
+                highRiskOps++;
+            sessions.add(entry.sessionId);
+        }
+        return {
+            totalOperations: entries.length,
+            byTool,
+            averageRiskScore: entries.length > 0
+                ? Math.round((totalScore / entries.length) * 100) / 100
+                : 0,
+            verifyFailures,
+            sessionsTracked: sessions.size,
+            highRiskOps,
+        };
+    }
+    /**
+     * Saintize sensitive parameters before logging.
+     */
+    sanitizeParams(params) {
+        const sensitive = ['token', 'password', 'secret', 'key', 'api_key', 'auth'];
+        const sanitized = {};
+        for (const [key, value] of Object.entries(params)) {
+            if (sensitive.some((s) => key.toLowerCase().includes(s))) {
+                sanitized[key] = '***REDACTED***';
+            }
+            else {
+                sanitized[key] = value;
+            }
+        }
+        return sanitized;
+    }
+    /**
+     * Truncate large results to prevent log bloat.
+     */
+    truncateResult(result, maxChars = 5000) {
+        const str = typeof result === 'string'
+            ? result
+            : JSON.stringify(result);
+        if (str.length > maxChars) {
+            return str.slice(0, maxChars) + `... [truncated ${str.length - maxChars} chars]`;
+        }
+        return result;
+    }
+    /**
+     * Append an entry to the JSONL audit log file.
+     */
+    append(entry) {
+        const dir = path.dirname(this.logPath);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        const line = JSON.stringify(entry) + '\n';
+        fs.appendFileSync(this.logPath, line, 'utf-8');
+    }
+    /**
+     * Read all audit entries from the log file.
+     */
+    readAll() {
+        try {
+            if (!fs.existsSync(this.logPath))
+                return [];
+            const content = fs.readFileSync(this.logPath, 'utf-8');
+            const lines = content.split('\n').filter((l) => l.trim());
+            return lines.map((l) => JSON.parse(l));
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.AuditLog = AuditLog;
+//# sourceMappingURL=audit-log.js.map

package/dist/guard/audit-log.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-log.js","sourceRoot":"","sources":["../../src/guard/audit-log.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,uDAAiD;AAGjD,+CAAiC;AACjC,uCAAyB;AACzB,2CAA6B;AAE7B;;GAEG;AACH,SAAS,eAAe;IACtB,OAAO,SAAS,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;AACxE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAa,QAAQ;IACX,OAAO,CAAS;IAChB,UAAU,CAAa;IACvB,QAAQ,CAAW;IACnB,YAAY,CAAe;IAEnC,YACE,aAAqB,EACrB,UAAsB,EACtB,QAAkB;QAElB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;QACnE,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,IAAI,8BAAY,CAAC,aAAa,CAAC,CAAC;IACtD,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,OAWN;QACC,MAAM,KAAK,GAAe;YACxB,EAAE,EAAE,eAAe,EAAE;YACrB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,UAAU,EAAE,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,SAAS;YACnD,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC;YAC3D,UAAU,EAAE,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;YAC3E,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;YAC1E,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE;gBACV,MAAM,EAAE,OAAO,CAAC,YAAY;gBAC5B,MAAM,EAAE,OAAO,CAAC,YAAY;aAC7B;YACD,IAAI,EAAE,OAAO,CAAC,QAAQ;gBACpB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC;gBACjD,CAAC,CAAC,IAAI;SACT,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAOF,EAAE;QACJ,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QAC/B,IAAI,OAAO,GAAG,OAAO,CAAC;QAEtB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,SAAS,CAAC,CAAC;QACpE,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,IAAI,MAAM,CAAC,QAAS,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,IAAI,MAAM,CAAC,QAAS,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC;QAClC,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,KAAK;QAQH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QAE/B,MAAM,MAAM,GAA2B,EAAE,CAAC;QAC1C,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;QAEnC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAC3D,UAAU,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;YACnC,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM;gBAAE,cAAc,EAAE,CAAC;YACzD,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG;gBAAE,WAAW,EAAE,CAAC;YAC9C,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QAED,OAAO;YACL,eAAe,EAAE,OAAO,CAAC,MAAM;YAC/B,MAAM;YACN,gBAAgB,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;gBAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG;gBACvD,CAAC,CAAC,CAAC;YACL,cAAc;YACd,eAAe,EAAE,QAAQ,CAAC,IAAI;YAC9B,WAAW;SACZ,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,MAA+B;QACpD,MAAM,SAAS,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;QAC5E,MAAM,SAAS,GAA4B,EAAE,CAAC;QAE9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzD,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACN,SAAS,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,MAAe,EAAE,QAAQ,GAAG,IAAI;QACrD,MAAM,GAAG,GAAG,OAAO,MAAM,KAAK,QAAQ;YACpC,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAE3B,IAAI,GAAG,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAC1B,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,GAAG,kBAAkB,GAAG,CAAC,MAAM,GAAG,QAAQ,SAAS,CAAC;QACnF,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAiB;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;QAC1C,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACK,OAAO;QACb,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC;gBAAE,OAAO,EAAE,CAAC;YAE5C,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACvD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAjMD,4BAiMC"}

package/dist/guard/risk-gate.d.ts

@@ -0,0 +1,97 @@
+import { RiskScore } from '../types';
+/**
+ * Impact level — how broadly the operation affects the system.
+ */
+export type ImpactLevel = 'local' | 'workspace' | 'project' | 'system';
+/**
+ * Sensitivity level — how sensitive the data involved is.
+ */
+export type SensitivityLevel = 'none' | 'low' | 'medium' | 'high' | 'critical';
+/**
+ * Tool-level risk profile — users define this per tool.
+ */
+export interface ToolRiskProfile {
+    /** Tool name to match */
+    tool: string;
+    /** Impact level of this tool */
+    impact: ImpactLevel;
+    /** How reversible the operation is (0 = irreversible, 1 = fully reversible) */
+    reversibility: number;
+    /** Sensitivity of data this tool accesses */
+    sensitivity: SensitivityLevel;
+    /** Tool category for default error rate */
+    category?: 'read' | 'write' | 'delete' | 'network' | 'compute';
+    /** Optional override for initial error rate (skips category default) */
+    initialErrorRate?: number;
+}
+/**
+ * Tool call statistics for dynamic error-rate tracking.
+ */
+interface ToolStats {
+    totalCalls: number;
+    failures: number;
+    errorRate: number;
+    lastUpdated: number;
+}
+/**
+ * Threshold configuration for risk-based actions.
+ */
+export interface RiskThresholds {
+    /** Score ≤ autoApprove → execute immediately */
+    autoApprove: number;
+    /** Score ≤ notify → execute but notify user */
+    notify: number;
+    /** Score ≤ confirm → pause and ask for user confirmation */
+    confirm: number;
+    /** Score > deny → block entirely */
+    deny: number;
+}
+/**
+ * Default thresholds — conservative but workable.
+ */
+export declare const DEFAULT_RISK_THRESHOLDS: RiskThresholds;
+/**
+ * Risk Gate — deterministic, pure-math risk scoring.
+ *
+ * Formula: RiskScore = Impact × (1 - Reversibility) × Sensitivity × (1 + ErrorRate)
+ *
+ * Zero LLM dependency. The formula, thresholds, and mappings are all
+ * explicit and auditable.
+ */
+export declare class RiskGate {
+    private profiles;
+    private stats;
+    private thresholds;
+    constructor(thresholds?: RiskThresholds);
+    /** Register a risk profile for a tool */
+    registerProfile(profile: ToolRiskProfile): void;
+    /** Register multiple profiles at once */
+    registerProfiles(profiles: ToolRiskProfile[]): void;
+    /** Get all registered profiles */
+    getProfiles(): ToolRiskProfile[];
+    /** Check if a tool has a registered profile */
+    hasProfile(tool: string): boolean;
+    /**
+     * Compute the risk score for a tool call.
+     *
+     * If no profile is registered, returns a default moderate-risk score
+     * (auto-approve with notification).
+     */
+    evaluate(tool: string, _params?: Record<string, unknown>): RiskScore;
+    /** Record the outcome of a tool call to update stats */
+    recordOutcome(tool: string, success: boolean): void;
+    /** Get tool statistics */
+    getStats(tool: string): ToolStats | undefined;
+    /** Get all tool statistics */
+    getAllStats(): Map<string, ToolStats>;
+    /** Update thresholds at runtime */
+    setThresholds(thresholds: Partial<RiskThresholds>): void;
+    /** Get current thresholds */
+    getThresholds(): RiskThresholds;
+    /**
+     * Map a numeric risk score to the appropriate action.
+     */
+    private scoreToAction;
+}
+export {};
+//# sourceMappingURL=risk-gate.d.ts.map

package/dist/guard/risk-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"risk-gate.d.ts","sourceRoot":"","sources":["../../src/guard/risk-gate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,SAAS,EAAE,MAAM,UAAU,CAAC;AAEjD;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,WAAW,GAAG,SAAS,GAAG,QAAQ,CAAC;AASvE;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAqB/E;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,gCAAgC;IAChC,MAAM,EAAE,WAAW,CAAC;IACpB,+EAA+E;IAC/E,aAAa,EAAE,MAAM,CAAC;IACtB,6CAA6C;IAC7C,WAAW,EAAE,gBAAgB,CAAC;IAC9B,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;IAC/D,wEAAwE;IACxE,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,UAAU,SAAS;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,gDAAgD;IAChD,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,MAAM,EAAE,MAAM,CAAC;IACf,4DAA4D;IAC5D,OAAO,EAAE,MAAM,CAAC;IAChB,oCAAoC;IACpC,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,cAKrC,CAAC;AAEF;;;;;;;GAOG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAA2C;IAC3D,OAAO,CAAC,KAAK,CAAqC;IAClD,OAAO,CAAC,UAAU,CAAiB;gBAEvB,UAAU,GAAE,cAAwC;IAIhE,yCAAyC;IACzC,eAAe,CAAC,OAAO,EAAE,eAAe,GAAG,IAAI;IAgB/C,yCAAyC;IACzC,gBAAgB,CAAC,QAAQ,EAAE,eAAe,EAAE,GAAG,IAAI;IAInD,kCAAkC;IAClC,WAAW,IAAI,eAAe,EAAE;IAIhC,+CAA+C;IAC/C,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIjC;;;;;OAKG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS;IAyCpE,wDAAwD;IACxD,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI;IAWnD,0BAA0B;IAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS;IAI7C,8BAA8B;IAC9B,WAAW,IAAI,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC;IAIrC,mCAAmC;IACnC,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI;IAIxD,6BAA6B;IAC7B,aAAa,IAAI,cAAc;IAI/B;;OAEG;IACH,OAAO,CAAC,aAAa;CAMtB"}

package/dist/guard/risk-gate.js

@@ -0,0 +1,160 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RiskGate = exports.DEFAULT_RISK_THRESHOLDS = void 0;
+const IMPACT_VALUES = {
+    local: 1,
+    workspace: 3,
+    project: 6,
+    system: 10,
+};
+const SENSITIVITY_VALUES = {
+    none: 0.0,
+    low: 0.3,
+    medium: 0.6,
+    high: 0.9,
+    critical: 1.0,
+};
+/**
+ * Default error rates by tool category (cold start).
+ */
+const DEFAULT_ERROR_RATES = {
+    read: 0.01,
+    write: 0.05,
+    delete: 0.10,
+    network: 0.08,
+    compute: 0.02,
+};
+/**
+ * Default thresholds — conservative but workable.
+ */
+exports.DEFAULT_RISK_THRESHOLDS = {
+    autoApprove: 0.5,
+    notify: 1.0,
+    confirm: 3.0,
+    deny: 8.0,
+};
+/**
+ * Risk Gate — deterministic, pure-math risk scoring.
+ *
+ * Formula: RiskScore = Impact × (1 - Reversibility) × Sensitivity × (1 + ErrorRate)
+ *
+ * Zero LLM dependency. The formula, thresholds, and mappings are all
+ * explicit and auditable.
+ */
+class RiskGate {
+    profiles = new Map();
+    stats = new Map();
+    thresholds;
+    constructor(thresholds = exports.DEFAULT_RISK_THRESHOLDS) {
+        this.thresholds = thresholds;
+    }
+    /** Register a risk profile for a tool */
+    registerProfile(profile) {
+        this.profiles.set(profile.tool, profile);
+        // Initialize stats if not already tracked
+        if (!this.stats.has(profile.tool)) {
+            const errorRate = profile.initialErrorRate ??
+                (profile.category ? (DEFAULT_ERROR_RATES[profile.category] ?? 0.05) : 0.05);
+            this.stats.set(profile.tool, {
+                totalCalls: 0,
+                failures: 0,
+                errorRate,
+                lastUpdated: Date.now(),
+            });
+        }
+    }
+    /** Register multiple profiles at once */
+    registerProfiles(profiles) {
+        profiles.forEach((p) => this.registerProfile(p));
+    }
+    /** Get all registered profiles */
+    getProfiles() {
+        return Array.from(this.profiles.values());
+    }
+    /** Check if a tool has a registered profile */
+    hasProfile(tool) {
+        return this.profiles.has(tool);
+    }
+    /**
+     * Compute the risk score for a tool call.
+     *
+     * If no profile is registered, returns a default moderate-risk score
+     * (auto-approve with notification).
+     */
+    evaluate(tool, _params) {
+        const profile = this.profiles.get(tool);
+        // Fallback for unregistered tools — moderate risk, allow but notify
+        if (!profile) {
+            const fallbackScore = this.thresholds.autoApprove + 0.1;
+            return {
+                score: fallbackScore,
+                action: 'auto',
+                dimensions: {
+                    impact: 1,
+                    reversibility: 1,
+                    sensitivity: 0,
+                    errorRate: 0,
+                },
+            };
+        }
+        const impact = IMPACT_VALUES[profile.impact];
+        const reversibility = Math.min(1, Math.max(0, profile.reversibility));
+        const sensitivity = SENSITIVITY_VALUES[profile.sensitivity];
+        const stats = this.stats.get(profile.tool);
+        const errorRate = stats?.errorRate ?? 0.05;
+        const score = impact * (1 - reversibility) * sensitivity * (1 + errorRate);
+        const action = this.scoreToAction(score);
+        return {
+            score: Math.round(score * 100) / 100, // round to 2 decimal places
+            action,
+            dimensions: {
+                impact,
+                reversibility,
+                sensitivity,
+                errorRate: Math.round(errorRate * 1000) / 1000,
+            },
+        };
+    }
+    /** Record the outcome of a tool call to update stats */
+    recordOutcome(tool, success) {
+        const stats = this.stats.get(tool);
+        if (!stats)
+            return;
+        stats.totalCalls++;
+        if (!success)
+            stats.failures++;
+        stats.errorRate =
+            stats.totalCalls > 0 ? stats.failures / stats.totalCalls : 0;
+        stats.lastUpdated = Date.now();
+    }
+    /** Get tool statistics */
+    getStats(tool) {
+        return this.stats.get(tool);
+    }
+    /** Get all tool statistics */
+    getAllStats() {
+        return new Map(this.stats);
+    }
+    /** Update thresholds at runtime */
+    setThresholds(thresholds) {
+        this.thresholds = { ...this.thresholds, ...thresholds };
+    }
+    /** Get current thresholds */
+    getThresholds() {
+        return { ...this.thresholds };
+    }
+    /**
+     * Map a numeric risk score to the appropriate action.
+     */
+    scoreToAction(score) {
+        if (score <= this.thresholds.autoApprove)
+            return 'auto';
+        if (score <= this.thresholds.notify)
+            return 'notify';
+        if (score <= this.thresholds.confirm)
+            return 'confirm';
+        return 'deny';
+    }
+}
+exports.RiskGate = RiskGate;
+//# sourceMappingURL=risk-gate.js.map