usesteady 0.1.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (665) hide show
  1. package/LICENSE +186 -0
  2. package/README.md +724 -0
  3. package/bin/use-steady.js +13 -0
  4. package/dist/server-store.d.ts +68 -0
  5. package/dist/server-store.d.ts.map +1 -0
  6. package/dist/server-store.js +133 -0
  7. package/dist/server-store.js.map +1 -0
  8. package/dist/server.d.ts +35 -0
  9. package/dist/server.d.ts.map +1 -0
  10. package/dist/server.js +569 -0
  11. package/dist/server.js.map +1 -0
  12. package/dist/src/claude/adapters/api-adapter.d.ts +99 -0
  13. package/dist/src/claude/adapters/api-adapter.d.ts.map +1 -0
  14. package/dist/src/claude/adapters/api-adapter.js +415 -0
  15. package/dist/src/claude/adapters/api-adapter.js.map +1 -0
  16. package/dist/src/claude/adapters/stub-adapter.d.ts +73 -0
  17. package/dist/src/claude/adapters/stub-adapter.d.ts.map +1 -0
  18. package/dist/src/claude/adapters/stub-adapter.js +114 -0
  19. package/dist/src/claude/adapters/stub-adapter.js.map +1 -0
  20. package/dist/src/claude/artifact-mapper.d.ts +85 -0
  21. package/dist/src/claude/artifact-mapper.d.ts.map +1 -0
  22. package/dist/src/claude/artifact-mapper.js +187 -0
  23. package/dist/src/claude/artifact-mapper.js.map +1 -0
  24. package/dist/src/claude/delivery-gate.d.ts +136 -0
  25. package/dist/src/claude/delivery-gate.d.ts.map +1 -0
  26. package/dist/src/claude/delivery-gate.js +231 -0
  27. package/dist/src/claude/delivery-gate.js.map +1 -0
  28. package/dist/src/claude/index.d.ts +24 -0
  29. package/dist/src/claude/index.d.ts.map +1 -0
  30. package/dist/src/claude/index.js +23 -0
  31. package/dist/src/claude/index.js.map +1 -0
  32. package/dist/src/claude/types.d.ts +223 -0
  33. package/dist/src/claude/types.d.ts.map +1 -0
  34. package/dist/src/claude/types.js +64 -0
  35. package/dist/src/claude/types.js.map +1 -0
  36. package/dist/src/control/compiler.d.ts +125 -0
  37. package/dist/src/control/compiler.d.ts.map +1 -0
  38. package/dist/src/control/compiler.js +179 -0
  39. package/dist/src/control/compiler.js.map +1 -0
  40. package/dist/src/control/constraints.d.ts +42 -0
  41. package/dist/src/control/constraints.d.ts.map +1 -0
  42. package/dist/src/control/constraints.js +116 -0
  43. package/dist/src/control/constraints.js.map +1 -0
  44. package/dist/src/control/drift-detector.d.ts +49 -0
  45. package/dist/src/control/drift-detector.d.ts.map +1 -0
  46. package/dist/src/control/drift-detector.js +115 -0
  47. package/dist/src/control/drift-detector.js.map +1 -0
  48. package/dist/src/control/index.d.ts +44 -0
  49. package/dist/src/control/index.d.ts.map +1 -0
  50. package/dist/src/control/index.js +40 -0
  51. package/dist/src/control/index.js.map +1 -0
  52. package/dist/src/control/types.d.ts +144 -0
  53. package/dist/src/control/types.d.ts.map +1 -0
  54. package/dist/src/control/types.js +57 -0
  55. package/dist/src/control/types.js.map +1 -0
  56. package/dist/src/cursor/adapters/inprocess-adapter.d.ts +78 -0
  57. package/dist/src/cursor/adapters/inprocess-adapter.d.ts.map +1 -0
  58. package/dist/src/cursor/adapters/inprocess-adapter.js +308 -0
  59. package/dist/src/cursor/adapters/inprocess-adapter.js.map +1 -0
  60. package/dist/src/cursor/adapters/stub-adapter.d.ts +75 -0
  61. package/dist/src/cursor/adapters/stub-adapter.d.ts.map +1 -0
  62. package/dist/src/cursor/adapters/stub-adapter.js +120 -0
  63. package/dist/src/cursor/adapters/stub-adapter.js.map +1 -0
  64. package/dist/src/cursor/artifact-mapper.d.ts +81 -0
  65. package/dist/src/cursor/artifact-mapper.d.ts.map +1 -0
  66. package/dist/src/cursor/artifact-mapper.js +203 -0
  67. package/dist/src/cursor/artifact-mapper.js.map +1 -0
  68. package/dist/src/cursor/delivery-gate.d.ts +144 -0
  69. package/dist/src/cursor/delivery-gate.d.ts.map +1 -0
  70. package/dist/src/cursor/delivery-gate.js +208 -0
  71. package/dist/src/cursor/delivery-gate.js.map +1 -0
  72. package/dist/src/cursor/glob-matcher.d.ts +30 -0
  73. package/dist/src/cursor/glob-matcher.d.ts.map +1 -0
  74. package/dist/src/cursor/glob-matcher.js +68 -0
  75. package/dist/src/cursor/glob-matcher.js.map +1 -0
  76. package/dist/src/cursor/index.d.ts +43 -0
  77. package/dist/src/cursor/index.d.ts.map +1 -0
  78. package/dist/src/cursor/index.js +44 -0
  79. package/dist/src/cursor/index.js.map +1 -0
  80. package/dist/src/cursor/ocd-evaluator.d.ts +89 -0
  81. package/dist/src/cursor/ocd-evaluator.d.ts.map +1 -0
  82. package/dist/src/cursor/ocd-evaluator.js +142 -0
  83. package/dist/src/cursor/ocd-evaluator.js.map +1 -0
  84. package/dist/src/cursor/types.d.ts +309 -0
  85. package/dist/src/cursor/types.d.ts.map +1 -0
  86. package/dist/src/cursor/types.js +48 -0
  87. package/dist/src/cursor/types.js.map +1 -0
  88. package/dist/src/execution/claude/claude-execution-coordinator.d.ts +164 -0
  89. package/dist/src/execution/claude/claude-execution-coordinator.d.ts.map +1 -0
  90. package/dist/src/execution/claude/claude-execution-coordinator.js +198 -0
  91. package/dist/src/execution/claude/claude-execution-coordinator.js.map +1 -0
  92. package/dist/src/execution/claude/index.d.ts +13 -0
  93. package/dist/src/execution/claude/index.d.ts.map +1 -0
  94. package/dist/src/execution/claude/index.js +12 -0
  95. package/dist/src/execution/claude/index.js.map +1 -0
  96. package/dist/src/execution/cursor/cursor-execution-coordinator.d.ts +216 -0
  97. package/dist/src/execution/cursor/cursor-execution-coordinator.d.ts.map +1 -0
  98. package/dist/src/execution/cursor/cursor-execution-coordinator.js +233 -0
  99. package/dist/src/execution/cursor/cursor-execution-coordinator.js.map +1 -0
  100. package/dist/src/execution/cursor/index.d.ts +20 -0
  101. package/dist/src/execution/cursor/index.d.ts.map +1 -0
  102. package/dist/src/execution/cursor/index.js +18 -0
  103. package/dist/src/execution/cursor/index.js.map +1 -0
  104. package/dist/src/execution/reminders/index.d.ts +11 -0
  105. package/dist/src/execution/reminders/index.d.ts.map +1 -0
  106. package/dist/src/execution/reminders/index.js +9 -0
  107. package/dist/src/execution/reminders/index.js.map +1 -0
  108. package/dist/src/execution/reminders/reminder-execution-coordinator.d.ts +125 -0
  109. package/dist/src/execution/reminders/reminder-execution-coordinator.d.ts.map +1 -0
  110. package/dist/src/execution/reminders/reminder-execution-coordinator.js +129 -0
  111. package/dist/src/execution/reminders/reminder-execution-coordinator.js.map +1 -0
  112. package/dist/src/execution/reminders/reminder-execution-types.d.ts +161 -0
  113. package/dist/src/execution/reminders/reminder-execution-types.d.ts.map +1 -0
  114. package/dist/src/execution/reminders/reminder-execution-types.js +39 -0
  115. package/dist/src/execution/reminders/reminder-execution-types.js.map +1 -0
  116. package/dist/src/execution/reminders/reminder-execution-validator.d.ts +45 -0
  117. package/dist/src/execution/reminders/reminder-execution-validator.d.ts.map +1 -0
  118. package/dist/src/execution/reminders/reminder-execution-validator.js +92 -0
  119. package/dist/src/execution/reminders/reminder-execution-validator.js.map +1 -0
  120. package/dist/src/execution/reminders/reminder-executor.d.ts +62 -0
  121. package/dist/src/execution/reminders/reminder-executor.d.ts.map +1 -0
  122. package/dist/src/execution/reminders/reminder-executor.js +113 -0
  123. package/dist/src/execution/reminders/reminder-executor.js.map +1 -0
  124. package/dist/src/execution/reminders/reminder-time-parser.d.ts +41 -0
  125. package/dist/src/execution/reminders/reminder-time-parser.d.ts.map +1 -0
  126. package/dist/src/execution/reminders/reminder-time-parser.js +113 -0
  127. package/dist/src/execution/reminders/reminder-time-parser.js.map +1 -0
  128. package/dist/src/friction/auto-capture.d.ts +38 -0
  129. package/dist/src/friction/auto-capture.d.ts.map +1 -0
  130. package/dist/src/friction/auto-capture.js +133 -0
  131. package/dist/src/friction/auto-capture.js.map +1 -0
  132. package/dist/src/friction/client.d.ts +39 -0
  133. package/dist/src/friction/client.d.ts.map +1 -0
  134. package/dist/src/friction/client.js +165 -0
  135. package/dist/src/friction/client.js.map +1 -0
  136. package/dist/src/friction/config.d.ts +16 -0
  137. package/dist/src/friction/config.d.ts.map +1 -0
  138. package/dist/src/friction/config.js +56 -0
  139. package/dist/src/friction/config.js.map +1 -0
  140. package/dist/src/friction/github-auth.d.ts +41 -0
  141. package/dist/src/friction/github-auth.d.ts.map +1 -0
  142. package/dist/src/friction/github-auth.js +155 -0
  143. package/dist/src/friction/github-auth.js.map +1 -0
  144. package/dist/src/friction/github-issues.d.ts +51 -0
  145. package/dist/src/friction/github-issues.d.ts.map +1 -0
  146. package/dist/src/friction/github-issues.js +118 -0
  147. package/dist/src/friction/github-issues.js.map +1 -0
  148. package/dist/src/friction/payout-ledger.d.ts +45 -0
  149. package/dist/src/friction/payout-ledger.d.ts.map +1 -0
  150. package/dist/src/friction/payout-ledger.js +111 -0
  151. package/dist/src/friction/payout-ledger.js.map +1 -0
  152. package/dist/src/friction/queue.d.ts +42 -0
  153. package/dist/src/friction/queue.d.ts.map +1 -0
  154. package/dist/src/friction/queue.js +179 -0
  155. package/dist/src/friction/queue.js.map +1 -0
  156. package/dist/src/friction/reviewer.d.ts +42 -0
  157. package/dist/src/friction/reviewer.d.ts.map +1 -0
  158. package/dist/src/friction/reviewer.js +269 -0
  159. package/dist/src/friction/reviewer.js.map +1 -0
  160. package/dist/src/friction/types.d.ts +63 -0
  161. package/dist/src/friction/types.d.ts.map +1 -0
  162. package/dist/src/friction/types.js +18 -0
  163. package/dist/src/friction/types.js.map +1 -0
  164. package/dist/src/history/index.d.ts +39 -0
  165. package/dist/src/history/index.d.ts.map +1 -0
  166. package/dist/src/history/index.js +41 -0
  167. package/dist/src/history/index.js.map +1 -0
  168. package/dist/src/history/session-chain.d.ts +36 -0
  169. package/dist/src/history/session-chain.d.ts.map +1 -0
  170. package/dist/src/history/session-chain.js +91 -0
  171. package/dist/src/history/session-chain.js.map +1 -0
  172. package/dist/src/history/types.d.ts +130 -0
  173. package/dist/src/history/types.d.ts.map +1 -0
  174. package/dist/src/history/types.js +32 -0
  175. package/dist/src/history/types.js.map +1 -0
  176. package/dist/src/history/workflow-history.d.ts +48 -0
  177. package/dist/src/history/workflow-history.d.ts.map +1 -0
  178. package/dist/src/history/workflow-history.js +116 -0
  179. package/dist/src/history/workflow-history.js.map +1 -0
  180. package/dist/src/index.d.ts +88 -0
  181. package/dist/src/index.d.ts.map +1 -0
  182. package/dist/src/index.js +58 -0
  183. package/dist/src/index.js.map +1 -0
  184. package/dist/src/intake/classify-intent-state.d.ts +20 -0
  185. package/dist/src/intake/classify-intent-state.d.ts.map +1 -0
  186. package/dist/src/intake/classify-intent-state.js +29 -0
  187. package/dist/src/intake/classify-intent-state.js.map +1 -0
  188. package/dist/src/intake/intake-service.d.ts +105 -0
  189. package/dist/src/intake/intake-service.d.ts.map +1 -0
  190. package/dist/src/intake/intake-service.js +407 -0
  191. package/dist/src/intake/intake-service.js.map +1 -0
  192. package/dist/src/intake/response-planner.d.ts +25 -0
  193. package/dist/src/intake/response-planner.d.ts.map +1 -0
  194. package/dist/src/intake/response-planner.js +52 -0
  195. package/dist/src/intake/response-planner.js.map +1 -0
  196. package/dist/src/intake/signal-extractor.d.ts +25 -0
  197. package/dist/src/intake/signal-extractor.d.ts.map +1 -0
  198. package/dist/src/intake/signal-extractor.js +42 -0
  199. package/dist/src/intake/signal-extractor.js.map +1 -0
  200. package/dist/src/intake/trace.d.ts +157 -0
  201. package/dist/src/intake/trace.d.ts.map +1 -0
  202. package/dist/src/intake/trace.js +38 -0
  203. package/dist/src/intake/trace.js.map +1 -0
  204. package/dist/src/intake/types.d.ts +70 -0
  205. package/dist/src/intake/types.d.ts.map +1 -0
  206. package/dist/src/intake/types.js +30 -0
  207. package/dist/src/intake/types.js.map +1 -0
  208. package/dist/src/interaction/defaults.d.ts +12 -0
  209. package/dist/src/interaction/defaults.d.ts.map +1 -0
  210. package/dist/src/interaction/defaults.js +26 -0
  211. package/dist/src/interaction/defaults.js.map +1 -0
  212. package/dist/src/interaction/guidance-order.d.ts +53 -0
  213. package/dist/src/interaction/guidance-order.d.ts.map +1 -0
  214. package/dist/src/interaction/guidance-order.js +131 -0
  215. package/dist/src/interaction/guidance-order.js.map +1 -0
  216. package/dist/src/interaction/observe.d.ts +57 -0
  217. package/dist/src/interaction/observe.d.ts.map +1 -0
  218. package/dist/src/interaction/observe.js +77 -0
  219. package/dist/src/interaction/observe.js.map +1 -0
  220. package/dist/src/interaction/selectors.d.ts +16 -0
  221. package/dist/src/interaction/selectors.d.ts.map +1 -0
  222. package/dist/src/interaction/selectors.js +23 -0
  223. package/dist/src/interaction/selectors.js.map +1 -0
  224. package/dist/src/interaction/types.d.ts +105 -0
  225. package/dist/src/interaction/types.d.ts.map +1 -0
  226. package/dist/src/interaction/types.js +48 -0
  227. package/dist/src/interaction/types.js.map +1 -0
  228. package/dist/src/interaction/updater.d.ts +22 -0
  229. package/dist/src/interaction/updater.d.ts.map +1 -0
  230. package/dist/src/interaction/updater.js +87 -0
  231. package/dist/src/interaction/updater.js.map +1 -0
  232. package/dist/src/present/boundary-explanation/boundary-explanation-detector.d.ts +48 -0
  233. package/dist/src/present/boundary-explanation/boundary-explanation-detector.d.ts.map +1 -0
  234. package/dist/src/present/boundary-explanation/boundary-explanation-detector.js +107 -0
  235. package/dist/src/present/boundary-explanation/boundary-explanation-detector.js.map +1 -0
  236. package/dist/src/present/boundary-explanation/boundary-explanation-types.d.ts +43 -0
  237. package/dist/src/present/boundary-explanation/boundary-explanation-types.d.ts.map +1 -0
  238. package/dist/src/present/boundary-explanation/boundary-explanation-types.js +20 -0
  239. package/dist/src/present/boundary-explanation/boundary-explanation-types.js.map +1 -0
  240. package/dist/src/present/boundary-explanation/index.d.ts +10 -0
  241. package/dist/src/present/boundary-explanation/index.d.ts.map +1 -0
  242. package/dist/src/present/boundary-explanation/index.js +2 -0
  243. package/dist/src/present/boundary-explanation/index.js.map +1 -0
  244. package/dist/src/present/control-visibility/control-visibility-assertions.d.ts +70 -0
  245. package/dist/src/present/control-visibility/control-visibility-assertions.d.ts.map +1 -0
  246. package/dist/src/present/control-visibility/control-visibility-assertions.js +138 -0
  247. package/dist/src/present/control-visibility/control-visibility-assertions.js.map +1 -0
  248. package/dist/src/present/control-visibility/control-visibility-evaluator.d.ts +67 -0
  249. package/dist/src/present/control-visibility/control-visibility-evaluator.d.ts.map +1 -0
  250. package/dist/src/present/control-visibility/control-visibility-evaluator.js +146 -0
  251. package/dist/src/present/control-visibility/control-visibility-evaluator.js.map +1 -0
  252. package/dist/src/present/control-visibility/control-visibility-types.d.ts +113 -0
  253. package/dist/src/present/control-visibility/control-visibility-types.d.ts.map +1 -0
  254. package/dist/src/present/control-visibility/control-visibility-types.js +24 -0
  255. package/dist/src/present/control-visibility/control-visibility-types.js.map +1 -0
  256. package/dist/src/present/control-visibility/index.d.ts +16 -0
  257. package/dist/src/present/control-visibility/index.d.ts.map +1 -0
  258. package/dist/src/present/control-visibility/index.js +15 -0
  259. package/dist/src/present/control-visibility/index.js.map +1 -0
  260. package/dist/src/present/format.d.ts +57 -0
  261. package/dist/src/present/format.d.ts.map +1 -0
  262. package/dist/src/present/format.js +150 -0
  263. package/dist/src/present/format.js.map +1 -0
  264. package/dist/src/present/present-coordinator.d.ts +153 -0
  265. package/dist/src/present/present-coordinator.d.ts.map +1 -0
  266. package/dist/src/present/present-coordinator.js +213 -0
  267. package/dist/src/present/present-coordinator.js.map +1 -0
  268. package/dist/src/present/reminders/index.d.ts +22 -0
  269. package/dist/src/present/reminders/index.d.ts.map +1 -0
  270. package/dist/src/present/reminders/index.js +22 -0
  271. package/dist/src/present/reminders/index.js.map +1 -0
  272. package/dist/src/present/reminders/reminder-presenter.d.ts +76 -0
  273. package/dist/src/present/reminders/reminder-presenter.d.ts.map +1 -0
  274. package/dist/src/present/reminders/reminder-presenter.js +359 -0
  275. package/dist/src/present/reminders/reminder-presenter.js.map +1 -0
  276. package/dist/src/present/reminders/reminder-renderer.d.ts +82 -0
  277. package/dist/src/present/reminders/reminder-renderer.d.ts.map +1 -0
  278. package/dist/src/present/reminders/reminder-renderer.js +136 -0
  279. package/dist/src/present/reminders/reminder-renderer.js.map +1 -0
  280. package/dist/src/present/reminders/reminder-types.d.ts +131 -0
  281. package/dist/src/present/reminders/reminder-types.d.ts.map +1 -0
  282. package/dist/src/present/reminders/reminder-types.js +29 -0
  283. package/dist/src/present/reminders/reminder-types.js.map +1 -0
  284. package/dist/src/present/types.d.ts +114 -0
  285. package/dist/src/present/types.d.ts.map +1 -0
  286. package/dist/src/present/types.js +18 -0
  287. package/dist/src/present/types.js.map +1 -0
  288. package/dist/src/product/claude-product-session.d.ts +146 -0
  289. package/dist/src/product/claude-product-session.d.ts.map +1 -0
  290. package/dist/src/product/claude-product-session.js +362 -0
  291. package/dist/src/product/claude-product-session.js.map +1 -0
  292. package/dist/src/product/cursor-product-session.d.ts +211 -0
  293. package/dist/src/product/cursor-product-session.d.ts.map +1 -0
  294. package/dist/src/product/cursor-product-session.js +390 -0
  295. package/dist/src/product/cursor-product-session.js.map +1 -0
  296. package/dist/src/product/index.d.ts +28 -0
  297. package/dist/src/product/index.d.ts.map +1 -0
  298. package/dist/src/product/index.js +22 -0
  299. package/dist/src/product/index.js.map +1 -0
  300. package/dist/src/product/session-resilience/index.d.ts +17 -0
  301. package/dist/src/product/session-resilience/index.d.ts.map +1 -0
  302. package/dist/src/product/session-resilience/index.js +15 -0
  303. package/dist/src/product/session-resilience/index.js.map +1 -0
  304. package/dist/src/product/session-resilience/session-serializer.d.ts +43 -0
  305. package/dist/src/product/session-resilience/session-serializer.d.ts.map +1 -0
  306. package/dist/src/product/session-resilience/session-serializer.js +84 -0
  307. package/dist/src/product/session-resilience/session-serializer.js.map +1 -0
  308. package/dist/src/product/session-resilience/session-snapshot-types.d.ts +35 -0
  309. package/dist/src/product/session-resilience/session-snapshot-types.d.ts.map +1 -0
  310. package/dist/src/product/session-resilience/session-snapshot-types.js +21 -0
  311. package/dist/src/product/session-resilience/session-snapshot-types.js.map +1 -0
  312. package/dist/src/product/session-resilience/session-staleness.d.ts +54 -0
  313. package/dist/src/product/session-resilience/session-staleness.d.ts.map +1 -0
  314. package/dist/src/product/session-resilience/session-staleness.js +62 -0
  315. package/dist/src/product/session-resilience/session-staleness.js.map +1 -0
  316. package/dist/src/product/session-resilience/session-summary.d.ts +40 -0
  317. package/dist/src/product/session-resilience/session-summary.d.ts.map +1 -0
  318. package/dist/src/product/session-resilience/session-summary.js +72 -0
  319. package/dist/src/product/session-resilience/session-summary.js.map +1 -0
  320. package/dist/src/prv/patterns.d.ts +32 -0
  321. package/dist/src/prv/patterns.d.ts.map +1 -0
  322. package/dist/src/prv/patterns.js +40 -0
  323. package/dist/src/prv/patterns.js.map +1 -0
  324. package/dist/src/prv/prv.d.ts +13 -0
  325. package/dist/src/prv/prv.d.ts.map +1 -0
  326. package/dist/src/prv/prv.js +22 -0
  327. package/dist/src/prv/prv.js.map +1 -0
  328. package/dist/src/prv/types.d.ts +26 -0
  329. package/dist/src/prv/types.d.ts.map +1 -0
  330. package/dist/src/prv/types.js +15 -0
  331. package/dist/src/prv/types.js.map +1 -0
  332. package/dist/src/safety/detectors/arbitrary-exec.detector.d.ts +3 -0
  333. package/dist/src/safety/detectors/arbitrary-exec.detector.d.ts.map +1 -0
  334. package/dist/src/safety/detectors/arbitrary-exec.detector.js +31 -0
  335. package/dist/src/safety/detectors/arbitrary-exec.detector.js.map +1 -0
  336. package/dist/src/safety/detectors/bulk-data-exfil.detector.d.ts +21 -0
  337. package/dist/src/safety/detectors/bulk-data-exfil.detector.d.ts.map +1 -0
  338. package/dist/src/safety/detectors/bulk-data-exfil.detector.js +90 -0
  339. package/dist/src/safety/detectors/bulk-data-exfil.detector.js.map +1 -0
  340. package/dist/src/safety/detectors/destructive.detector.d.ts +3 -0
  341. package/dist/src/safety/detectors/destructive.detector.d.ts.map +1 -0
  342. package/dist/src/safety/detectors/destructive.detector.js +28 -0
  343. package/dist/src/safety/detectors/destructive.detector.js.map +1 -0
  344. package/dist/src/safety/detectors/evasion.detector.d.ts +3 -0
  345. package/dist/src/safety/detectors/evasion.detector.d.ts.map +1 -0
  346. package/dist/src/safety/detectors/evasion.detector.js +28 -0
  347. package/dist/src/safety/detectors/evasion.detector.js.map +1 -0
  348. package/dist/src/safety/detectors/secret-access.detector.d.ts +31 -0
  349. package/dist/src/safety/detectors/secret-access.detector.d.ts.map +1 -0
  350. package/dist/src/safety/detectors/secret-access.detector.js +78 -0
  351. package/dist/src/safety/detectors/secret-access.detector.js.map +1 -0
  352. package/dist/src/safety/registry.d.ts +9 -0
  353. package/dist/src/safety/registry.d.ts.map +1 -0
  354. package/dist/src/safety/registry.js +22 -0
  355. package/dist/src/safety/registry.js.map +1 -0
  356. package/dist/src/safety/safety-gate.d.ts +16 -0
  357. package/dist/src/safety/safety-gate.d.ts.map +1 -0
  358. package/dist/src/safety/safety-gate.js +26 -0
  359. package/dist/src/safety/safety-gate.js.map +1 -0
  360. package/dist/src/safety/types.d.ts +35 -0
  361. package/dist/src/safety/types.d.ts.map +1 -0
  362. package/dist/src/safety/types.js +14 -0
  363. package/dist/src/safety/types.js.map +1 -0
  364. package/dist/src/shell/claude-shell.d.ts +63 -0
  365. package/dist/src/shell/claude-shell.d.ts.map +1 -0
  366. package/dist/src/shell/claude-shell.js +81 -0
  367. package/dist/src/shell/claude-shell.js.map +1 -0
  368. package/dist/src/shell/cli/friction-admin.d.ts +14 -0
  369. package/dist/src/shell/cli/friction-admin.d.ts.map +1 -0
  370. package/dist/src/shell/cli/friction-admin.js +276 -0
  371. package/dist/src/shell/cli/friction-admin.js.map +1 -0
  372. package/dist/src/shell/cli/friction-report.d.ts +16 -0
  373. package/dist/src/shell/cli/friction-report.d.ts.map +1 -0
  374. package/dist/src/shell/cli/friction-report.js +156 -0
  375. package/dist/src/shell/cli/friction-report.js.map +1 -0
  376. package/dist/src/shell/cli/main.d.ts +68 -0
  377. package/dist/src/shell/cli/main.d.ts.map +1 -0
  378. package/dist/src/shell/cli/main.js +488 -0
  379. package/dist/src/shell/cli/main.js.map +1 -0
  380. package/dist/src/shell/cli/use-steady.d.ts +26 -0
  381. package/dist/src/shell/cli/use-steady.d.ts.map +1 -0
  382. package/dist/src/shell/cli/use-steady.js +117 -0
  383. package/dist/src/shell/cli/use-steady.js.map +1 -0
  384. package/dist/src/shell/cursor-shell.d.ts +63 -0
  385. package/dist/src/shell/cursor-shell.d.ts.map +1 -0
  386. package/dist/src/shell/cursor-shell.js +88 -0
  387. package/dist/src/shell/cursor-shell.js.map +1 -0
  388. package/dist/src/shell/defaults.d.ts +51 -0
  389. package/dist/src/shell/defaults.d.ts.map +1 -0
  390. package/dist/src/shell/defaults.js +78 -0
  391. package/dist/src/shell/defaults.js.map +1 -0
  392. package/dist/src/shell/history-render.d.ts +56 -0
  393. package/dist/src/shell/history-render.d.ts.map +1 -0
  394. package/dist/src/shell/history-render.js +166 -0
  395. package/dist/src/shell/history-render.js.map +1 -0
  396. package/dist/src/shell/index.d.ts +43 -0
  397. package/dist/src/shell/index.d.ts.map +1 -0
  398. package/dist/src/shell/index.js +45 -0
  399. package/dist/src/shell/index.js.map +1 -0
  400. package/dist/src/shell/render.d.ts +42 -0
  401. package/dist/src/shell/render.d.ts.map +1 -0
  402. package/dist/src/shell/render.js +122 -0
  403. package/dist/src/shell/render.js.map +1 -0
  404. package/dist/src/shell/types.d.ts +46 -0
  405. package/dist/src/shell/types.d.ts.map +1 -0
  406. package/dist/src/shell/types.js +19 -0
  407. package/dist/src/shell/types.js.map +1 -0
  408. package/dist/src/shell/workflow-defaults.d.ts +23 -0
  409. package/dist/src/shell/workflow-defaults.d.ts.map +1 -0
  410. package/dist/src/shell/workflow-defaults.js +27 -0
  411. package/dist/src/shell/workflow-defaults.js.map +1 -0
  412. package/dist/src/shell/workflow-render.d.ts +54 -0
  413. package/dist/src/shell/workflow-render.d.ts.map +1 -0
  414. package/dist/src/shell/workflow-render.js +319 -0
  415. package/dist/src/shell/workflow-render.js.map +1 -0
  416. package/dist/src/shell/workflow-shell.d.ts +110 -0
  417. package/dist/src/shell/workflow-shell.d.ts.map +1 -0
  418. package/dist/src/shell/workflow-shell.js +180 -0
  419. package/dist/src/shell/workflow-shell.js.map +1 -0
  420. package/dist/src/skills/audit.d.ts +118 -0
  421. package/dist/src/skills/audit.d.ts.map +1 -0
  422. package/dist/src/skills/audit.js +147 -0
  423. package/dist/src/skills/audit.js.map +1 -0
  424. package/dist/src/skills/invocation.d.ts +131 -0
  425. package/dist/src/skills/invocation.d.ts.map +1 -0
  426. package/dist/src/skills/invocation.js +165 -0
  427. package/dist/src/skills/invocation.js.map +1 -0
  428. package/dist/src/skills/loader.d.ts +70 -0
  429. package/dist/src/skills/loader.d.ts.map +1 -0
  430. package/dist/src/skills/loader.js +220 -0
  431. package/dist/src/skills/loader.js.map +1 -0
  432. package/dist/src/skills/local-recovery-adapter.d.ts +49 -0
  433. package/dist/src/skills/local-recovery-adapter.d.ts.map +1 -0
  434. package/dist/src/skills/local-recovery-adapter.js +184 -0
  435. package/dist/src/skills/local-recovery-adapter.js.map +1 -0
  436. package/dist/src/skills/parser.d.ts +53 -0
  437. package/dist/src/skills/parser.d.ts.map +1 -0
  438. package/dist/src/skills/parser.js +336 -0
  439. package/dist/src/skills/parser.js.map +1 -0
  440. package/dist/src/skills/registry.d.ts +123 -0
  441. package/dist/src/skills/registry.d.ts.map +1 -0
  442. package/dist/src/skills/registry.js +144 -0
  443. package/dist/src/skills/registry.js.map +1 -0
  444. package/dist/src/skills/types.d.ts +242 -0
  445. package/dist/src/skills/types.d.ts.map +1 -0
  446. package/dist/src/skills/types.js +50 -0
  447. package/dist/src/skills/types.js.map +1 -0
  448. package/dist/src/skills/validator.d.ts +31 -0
  449. package/dist/src/skills/validator.d.ts.map +1 -0
  450. package/dist/src/skills/validator.js +366 -0
  451. package/dist/src/skills/validator.js.map +1 -0
  452. package/dist/src/ucp/envelope.d.ts +165 -0
  453. package/dist/src/ucp/envelope.d.ts.map +1 -0
  454. package/dist/src/ucp/envelope.js +241 -0
  455. package/dist/src/ucp/envelope.js.map +1 -0
  456. package/dist/src/ucp/hashes.d.ts +36 -0
  457. package/dist/src/ucp/hashes.d.ts.map +1 -0
  458. package/dist/src/ucp/hashes.js +59 -0
  459. package/dist/src/ucp/hashes.js.map +1 -0
  460. package/dist/src/ucp/mappers/map-artifact.d.ts +58 -0
  461. package/dist/src/ucp/mappers/map-artifact.d.ts.map +1 -0
  462. package/dist/src/ucp/mappers/map-artifact.js +51 -0
  463. package/dist/src/ucp/mappers/map-artifact.js.map +1 -0
  464. package/dist/src/ucp/mappers/map-change-interpretation.d.ts +12 -0
  465. package/dist/src/ucp/mappers/map-change-interpretation.d.ts.map +1 -0
  466. package/dist/src/ucp/mappers/map-change-interpretation.js +18 -0
  467. package/dist/src/ucp/mappers/map-change-interpretation.js.map +1 -0
  468. package/dist/src/ucp/mappers/map-completion.d.ts +10 -0
  469. package/dist/src/ucp/mappers/map-completion.d.ts.map +1 -0
  470. package/dist/src/ucp/mappers/map-completion.js +24 -0
  471. package/dist/src/ucp/mappers/map-completion.js.map +1 -0
  472. package/dist/src/ucp/mappers/map-context.d.ts +9 -0
  473. package/dist/src/ucp/mappers/map-context.d.ts.map +1 -0
  474. package/dist/src/ucp/mappers/map-context.js +13 -0
  475. package/dist/src/ucp/mappers/map-context.js.map +1 -0
  476. package/dist/src/ucp/mappers/map-debug-trace.d.ts +10 -0
  477. package/dist/src/ucp/mappers/map-debug-trace.d.ts.map +1 -0
  478. package/dist/src/ucp/mappers/map-debug-trace.js +18 -0
  479. package/dist/src/ucp/mappers/map-debug-trace.js.map +1 -0
  480. package/dist/src/ucp/mappers/map-disambiguation.d.ts +10 -0
  481. package/dist/src/ucp/mappers/map-disambiguation.d.ts.map +1 -0
  482. package/dist/src/ucp/mappers/map-disambiguation.js +21 -0
  483. package/dist/src/ucp/mappers/map-disambiguation.js.map +1 -0
  484. package/dist/src/ucp/mappers/map-execution-trace.d.ts +64 -0
  485. package/dist/src/ucp/mappers/map-execution-trace.d.ts.map +1 -0
  486. package/dist/src/ucp/mappers/map-execution-trace.js +57 -0
  487. package/dist/src/ucp/mappers/map-execution-trace.js.map +1 -0
  488. package/dist/src/ucp/mappers/map-intent-interpretation.d.ts +11 -0
  489. package/dist/src/ucp/mappers/map-intent-interpretation.d.ts.map +1 -0
  490. package/dist/src/ucp/mappers/map-intent-interpretation.js +17 -0
  491. package/dist/src/ucp/mappers/map-intent-interpretation.js.map +1 -0
  492. package/dist/src/ucp/mappers/map-intent.d.ts +9 -0
  493. package/dist/src/ucp/mappers/map-intent.d.ts.map +1 -0
  494. package/dist/src/ucp/mappers/map-intent.js +11 -0
  495. package/dist/src/ucp/mappers/map-intent.js.map +1 -0
  496. package/dist/src/ucp/mappers/map-prv.d.ts +10 -0
  497. package/dist/src/ucp/mappers/map-prv.d.ts.map +1 -0
  498. package/dist/src/ucp/mappers/map-prv.js +14 -0
  499. package/dist/src/ucp/mappers/map-prv.js.map +1 -0
  500. package/dist/src/ucp/mappers/map-reminder-execution.d.ts +57 -0
  501. package/dist/src/ucp/mappers/map-reminder-execution.d.ts.map +1 -0
  502. package/dist/src/ucp/mappers/map-reminder-execution.js +69 -0
  503. package/dist/src/ucp/mappers/map-reminder-execution.js.map +1 -0
  504. package/dist/src/ucp/mappers/map-replay-report.d.ts +81 -0
  505. package/dist/src/ucp/mappers/map-replay-report.d.ts.map +1 -0
  506. package/dist/src/ucp/mappers/map-replay-report.js +76 -0
  507. package/dist/src/ucp/mappers/map-replay-report.js.map +1 -0
  508. package/dist/src/ucp/mappers/map-response.d.ts +13 -0
  509. package/dist/src/ucp/mappers/map-response.d.ts.map +1 -0
  510. package/dist/src/ucp/mappers/map-response.js +25 -0
  511. package/dist/src/ucp/mappers/map-response.js.map +1 -0
  512. package/dist/src/ucp/mappers/map-safety.d.ts +14 -0
  513. package/dist/src/ucp/mappers/map-safety.d.ts.map +1 -0
  514. package/dist/src/ucp/mappers/map-safety.js +22 -0
  515. package/dist/src/ucp/mappers/map-safety.js.map +1 -0
  516. package/dist/src/ucp/persistence/index.d.ts +24 -0
  517. package/dist/src/ucp/persistence/index.d.ts.map +1 -0
  518. package/dist/src/ucp/persistence/index.js +22 -0
  519. package/dist/src/ucp/persistence/index.js.map +1 -0
  520. package/dist/src/ucp/persistence/query.d.ts +164 -0
  521. package/dist/src/ucp/persistence/query.d.ts.map +1 -0
  522. package/dist/src/ucp/persistence/query.js +240 -0
  523. package/dist/src/ucp/persistence/query.js.map +1 -0
  524. package/dist/src/ucp/persistence/reader.d.ts +43 -0
  525. package/dist/src/ucp/persistence/reader.d.ts.map +1 -0
  526. package/dist/src/ucp/persistence/reader.js +104 -0
  527. package/dist/src/ucp/persistence/reader.js.map +1 -0
  528. package/dist/src/ucp/persistence/store.d.ts +77 -0
  529. package/dist/src/ucp/persistence/store.d.ts.map +1 -0
  530. package/dist/src/ucp/persistence/store.js +177 -0
  531. package/dist/src/ucp/persistence/store.js.map +1 -0
  532. package/dist/src/ucp/persistence/write.d.ts +48 -0
  533. package/dist/src/ucp/persistence/write.d.ts.map +1 -0
  534. package/dist/src/ucp/persistence/write.js +59 -0
  535. package/dist/src/ucp/persistence/write.js.map +1 -0
  536. package/dist/src/ucp/projection.d.ts +146 -0
  537. package/dist/src/ucp/projection.d.ts.map +1 -0
  538. package/dist/src/ucp/projection.js +139 -0
  539. package/dist/src/ucp/projection.js.map +1 -0
  540. package/dist/src/ucp/types.d.ts +585 -0
  541. package/dist/src/ucp/types.d.ts.map +1 -0
  542. package/dist/src/ucp/types.js +57 -0
  543. package/dist/src/ucp/types.js.map +1 -0
  544. package/dist/src/understand/completion/completion.d.ts +26 -0
  545. package/dist/src/understand/completion/completion.d.ts.map +1 -0
  546. package/dist/src/understand/completion/completion.js +45 -0
  547. package/dist/src/understand/completion/completion.js.map +1 -0
  548. package/dist/src/understand/completion/rules.d.ts +61 -0
  549. package/dist/src/understand/completion/rules.d.ts.map +1 -0
  550. package/dist/src/understand/completion/rules.js +268 -0
  551. package/dist/src/understand/completion/rules.js.map +1 -0
  552. package/dist/src/understand/completion/types.d.ts +68 -0
  553. package/dist/src/understand/completion/types.d.ts.map +1 -0
  554. package/dist/src/understand/completion/types.js +34 -0
  555. package/dist/src/understand/completion/types.js.map +1 -0
  556. package/dist/src/understand/context/context-alignment.d.ts +18 -0
  557. package/dist/src/understand/context/context-alignment.d.ts.map +1 -0
  558. package/dist/src/understand/context/context-alignment.js +61 -0
  559. package/dist/src/understand/context/context-alignment.js.map +1 -0
  560. package/dist/src/understand/context/types.d.ts +20 -0
  561. package/dist/src/understand/context/types.d.ts.map +1 -0
  562. package/dist/src/understand/context/types.js +13 -0
  563. package/dist/src/understand/context/types.js.map +1 -0
  564. package/dist/src/understand/disambiguation/detectors/missing-context.detector.d.ts +12 -0
  565. package/dist/src/understand/disambiguation/detectors/missing-context.detector.d.ts.map +1 -0
  566. package/dist/src/understand/disambiguation/detectors/missing-context.detector.js +60 -0
  567. package/dist/src/understand/disambiguation/detectors/missing-context.detector.js.map +1 -0
  568. package/dist/src/understand/disambiguation/detectors/overloaded-term.detector.d.ts +13 -0
  569. package/dist/src/understand/disambiguation/detectors/overloaded-term.detector.d.ts.map +1 -0
  570. package/dist/src/understand/disambiguation/detectors/overloaded-term.detector.js +57 -0
  571. package/dist/src/understand/disambiguation/detectors/overloaded-term.detector.js.map +1 -0
  572. package/dist/src/understand/disambiguation/detectors/typo-adjacent.detector.d.ts +16 -0
  573. package/dist/src/understand/disambiguation/detectors/typo-adjacent.detector.d.ts.map +1 -0
  574. package/dist/src/understand/disambiguation/detectors/typo-adjacent.detector.js +56 -0
  575. package/dist/src/understand/disambiguation/detectors/typo-adjacent.detector.js.map +1 -0
  576. package/dist/src/understand/disambiguation/registry.d.ts +14 -0
  577. package/dist/src/understand/disambiguation/registry.d.ts.map +1 -0
  578. package/dist/src/understand/disambiguation/registry.js +27 -0
  579. package/dist/src/understand/disambiguation/registry.js.map +1 -0
  580. package/dist/src/understand/disambiguation/types.d.ts +34 -0
  581. package/dist/src/understand/disambiguation/types.d.ts.map +1 -0
  582. package/dist/src/understand/disambiguation/types.js +15 -0
  583. package/dist/src/understand/disambiguation/types.js.map +1 -0
  584. package/dist/src/understand/intent-interpretation/intent-interpretation.d.ts +86 -0
  585. package/dist/src/understand/intent-interpretation/intent-interpretation.d.ts.map +1 -0
  586. package/dist/src/understand/intent-interpretation/intent-interpretation.js +141 -0
  587. package/dist/src/understand/intent-interpretation/intent-interpretation.js.map +1 -0
  588. package/dist/src/understand/intent-interpretation/interpreters/color-intent.interpreter.d.ts +33 -0
  589. package/dist/src/understand/intent-interpretation/interpreters/color-intent.interpreter.d.ts.map +1 -0
  590. package/dist/src/understand/intent-interpretation/interpreters/color-intent.interpreter.js +66 -0
  591. package/dist/src/understand/intent-interpretation/interpreters/color-intent.interpreter.js.map +1 -0
  592. package/dist/src/understand/intent-interpretation/interpreters/config-intent.interpreter.d.ts +20 -0
  593. package/dist/src/understand/intent-interpretation/interpreters/config-intent.interpreter.d.ts.map +1 -0
  594. package/dist/src/understand/intent-interpretation/interpreters/config-intent.interpreter.js +80 -0
  595. package/dist/src/understand/intent-interpretation/interpreters/config-intent.interpreter.js.map +1 -0
  596. package/dist/src/understand/intent-interpretation/interpreters/text-intent.interpreter.d.ts +25 -0
  597. package/dist/src/understand/intent-interpretation/interpreters/text-intent.interpreter.d.ts.map +1 -0
  598. package/dist/src/understand/intent-interpretation/interpreters/text-intent.interpreter.js +47 -0
  599. package/dist/src/understand/intent-interpretation/interpreters/text-intent.interpreter.js.map +1 -0
  600. package/dist/src/understand/intent-interpretation/interpreters/workflow-intent.interpreter.d.ts +35 -0
  601. package/dist/src/understand/intent-interpretation/interpreters/workflow-intent.interpreter.d.ts.map +1 -0
  602. package/dist/src/understand/intent-interpretation/interpreters/workflow-intent.interpreter.js +89 -0
  603. package/dist/src/understand/intent-interpretation/interpreters/workflow-intent.interpreter.js.map +1 -0
  604. package/dist/src/understand/intent-interpretation/registry.d.ts +18 -0
  605. package/dist/src/understand/intent-interpretation/registry.d.ts.map +1 -0
  606. package/dist/src/understand/intent-interpretation/registry.js +26 -0
  607. package/dist/src/understand/intent-interpretation/registry.js.map +1 -0
  608. package/dist/src/understand/intent-interpretation/types.d.ts +83 -0
  609. package/dist/src/understand/intent-interpretation/types.d.ts.map +1 -0
  610. package/dist/src/understand/intent-interpretation/types.js +40 -0
  611. package/dist/src/understand/intent-interpretation/types.js.map +1 -0
  612. package/dist/src/understand/interpretation/intent.d.ts +72 -0
  613. package/dist/src/understand/interpretation/intent.d.ts.map +1 -0
  614. package/dist/src/understand/interpretation/intent.js +414 -0
  615. package/dist/src/understand/interpretation/intent.js.map +1 -0
  616. package/dist/src/understand/interpretation/interpretation.d.ts +26 -0
  617. package/dist/src/understand/interpretation/interpretation.d.ts.map +1 -0
  618. package/dist/src/understand/interpretation/interpretation.js +43 -0
  619. package/dist/src/understand/interpretation/interpretation.js.map +1 -0
  620. package/dist/src/understand/interpretation/parser.d.ts +20 -0
  621. package/dist/src/understand/interpretation/parser.d.ts.map +1 -0
  622. package/dist/src/understand/interpretation/parser.js +88 -0
  623. package/dist/src/understand/interpretation/parser.js.map +1 -0
  624. package/dist/src/understand/interpretation/rules.d.ts +19 -0
  625. package/dist/src/understand/interpretation/rules.d.ts.map +1 -0
  626. package/dist/src/understand/interpretation/rules.js +222 -0
  627. package/dist/src/understand/interpretation/rules.js.map +1 -0
  628. package/dist/src/understand/interpretation/types.d.ts +90 -0
  629. package/dist/src/understand/interpretation/types.d.ts.map +1 -0
  630. package/dist/src/understand/interpretation/types.js +29 -0
  631. package/dist/src/understand/interpretation/types.js.map +1 -0
  632. package/dist/src/understand/shared/types.d.ts +13 -0
  633. package/dist/src/understand/shared/types.d.ts.map +1 -0
  634. package/dist/src/understand/shared/types.js +9 -0
  635. package/dist/src/understand/shared/types.js.map +1 -0
  636. package/dist/src/understand/silent-guidance/index.d.ts +4 -0
  637. package/dist/src/understand/silent-guidance/index.d.ts.map +1 -0
  638. package/dist/src/understand/silent-guidance/index.js +3 -0
  639. package/dist/src/understand/silent-guidance/index.js.map +1 -0
  640. package/dist/src/understand/silent-guidance/selector.d.ts +44 -0
  641. package/dist/src/understand/silent-guidance/selector.d.ts.map +1 -0
  642. package/dist/src/understand/silent-guidance/selector.js +158 -0
  643. package/dist/src/understand/silent-guidance/selector.js.map +1 -0
  644. package/dist/src/understand/silent-guidance/templates.d.ts +31 -0
  645. package/dist/src/understand/silent-guidance/templates.d.ts.map +1 -0
  646. package/dist/src/understand/silent-guidance/templates.js +109 -0
  647. package/dist/src/understand/silent-guidance/templates.js.map +1 -0
  648. package/dist/src/understand/silent-guidance/types.d.ts +36 -0
  649. package/dist/src/understand/silent-guidance/types.d.ts.map +1 -0
  650. package/dist/src/understand/silent-guidance/types.js +2 -0
  651. package/dist/src/understand/silent-guidance/types.js.map +1 -0
  652. package/dist/src/workflow/coordinator.d.ts +197 -0
  653. package/dist/src/workflow/coordinator.d.ts.map +1 -0
  654. package/dist/src/workflow/coordinator.js +682 -0
  655. package/dist/src/workflow/coordinator.js.map +1 -0
  656. package/dist/src/workflow/index.d.ts +30 -0
  657. package/dist/src/workflow/index.d.ts.map +1 -0
  658. package/dist/src/workflow/index.js +30 -0
  659. package/dist/src/workflow/index.js.map +1 -0
  660. package/dist/src/workflow/types.d.ts +213 -0
  661. package/dist/src/workflow/types.d.ts.map +1 -0
  662. package/dist/src/workflow/types.js +27 -0
  663. package/dist/src/workflow/types.js.map +1 -0
  664. package/package.json +54 -0
  665. package/ui/README.md +73 -0
package/dist/src/safety/detectors/bulk-data-exfil.detector.js ADDED
@@ -0,0 +1,90 @@
1
+ /**
2
+ * Bulk data exfiltration detector.
3
+ *
4
+ * Catches inputs that combine:
5
+ * - a data-movement verb (export, dump, extract, download, send, pull, get)
6
+ * - with a bulk-scope qualifier (all, every, entire, full)
7
+ * - with a sensitive target (customer, user, account + emails, passwords,
8
+ * credentials, data, PII, records)
9
+ *
10
+ * Also catches standalone high-signal credential-dump phrases regardless
11
+ * of the bulk qualifier.
12
+ *
13
+ * Scope: NARROW. Only fires on language that clearly describes bulk exfiltration
14
+ * of sensitive user data. Does not fire on legitimate analytics queries
15
+ * ("pull the conversion funnel") or single-record lookups.
16
+ *
17
+ * Priority: 15 (between destructive_mass_action:10 and credential_or_secret_access:20)
18
+ */
19
+ /**
20
+ * High-confidence patterns: explicit credential dump phrases that are
21
+ * inherently exfiltration-shaped in any context.
22
+ *
23
+ * Scope: deliberately narrow. Only covers clear "X's passwords/credentials"
24
+ * noun phrases where exfiltration intent is unambiguous. Does NOT cover
25
+ * "reset user password" (legitimate single-record operation) or "set password"
26
+ * flows. The combinator patterns below handle verb+bulk+target cases.
27
+ */
28
+ const HIGH_CONFIDENCE_PATTERNS = [
29
+ // "customer passwords/credentials" — almost exclusively exfiltration language
30
+ { regex: /\bcustomer\s+passwords?\b/i, label: "customer passwords" },
31
+ { regex: /\bcustomer\s+credentials?\b/i, label: "customer credentials" },
32
+ // Explicit bulk credential dumps
33
+ { regex: /\bpassword\s+(list|dump|export|file)\b/i, label: "password list/dump" },
34
+ // Plaintext credential exposure
35
+ { regex: /\bplaintext\s+passwords?\b/i, label: "plaintext passwords" },
36
+ { regex: /\bclear\s*text\s+passwords?\b/i, label: "cleartext passwords" },
37
+ ];
38
+ /**
39
+ * Verb × bulk-qualifier × sensitive-target combinator patterns.
40
+ * All three components must be present in the input.
41
+ *
42
+ * Target terms include plural forms (emails, passwords, credentials, records)
43
+ * and data-class terms (data, database, PII, info).
44
+ */
45
+ const MOVEMENT_VERBS = /\b(export|dump|extract|download|send|pull|get|fetch|retrieve|expose)\b/i;
46
+ const BULK_QUALIFIERS = /\b(all|every|entire|full|bulk|complete|whole)\b/i;
47
+ const SENSITIVE_TARGETS = /\b(customer|user|account|member|subscriber)\b[\s\S]*?\b(emails?|passwords?|credentials?|pii|personal\s+data|private\s+data|records?|database|data|info)\b/i;
48
+ const BULK_EXFIL_COMBO = {
49
+ // Label only — actual matching uses isBulkExfil() with separate regexes
50
+ regex: /^$/,
51
+ label: "bulk customer data exfiltration",
52
+ };
53
+ function findHighConfidenceMatch(input) {
54
+ return HIGH_CONFIDENCE_PATTERNS.find(({ regex }) => regex.test(input)) ?? null;
55
+ }
56
+ function isBulkExfil(input) {
57
+ // All three components must appear anywhere in the input
58
+ return MOVEMENT_VERBS.test(input)
59
+ && BULK_QUALIFIERS.test(input)
60
+ && SENSITIVE_TARGETS.test(input);
61
+ }
62
+ function findMatch(input) {
63
+ // High-confidence patterns fire first (no verb/bulk context needed)
64
+ const hc = findHighConfidenceMatch(input);
65
+ if (hc !== null)
66
+ return hc;
67
+ // Then try the three-component combinator
68
+ if (isBulkExfil(input))
69
+ return BULK_EXFIL_COMBO;
70
+ return null;
71
+ }
72
+ export const bulkDataExfilDetector = {
73
+ id: "bulk_data_exfiltration",
74
+ priority: 15,
75
+ supports(input) {
76
+ return findMatch(input) !== null;
77
+ },
78
+ detect(input) {
79
+ const match = findMatch(input);
80
+ if (match === null)
81
+ return null;
82
+ return {
83
+ verdict: "block",
84
+ reason: "bulk_data_exfiltration",
85
+ matchedPattern: match.label,
86
+ note: "Input contains a pattern associated with bulk extraction of sensitive user data or credentials.",
87
+ };
88
+ },
89
+ };
90
+ //# sourceMappingURL=bulk-data-exfil.detector.js.map
package/dist/src/safety/detectors/bulk-data-exfil.detector.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"bulk-data-exfil.detector.js","sourceRoot":"","sources":["../../../../src/safety/detectors/bulk-data-exfil.detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAMH;;;;;;;;GAQG;AACH,MAAM,wBAAwB,GAAkC;IAC9D,8EAA8E;IAC9E,EAAE,KAAK,EAAE,4BAA4B,EAAe,KAAK,EAAE,oBAAoB,EAAE;IACjF,EAAE,KAAK,EAAE,8BAA8B,EAAa,KAAK,EAAE,sBAAsB,EAAE;IACnF,iCAAiC;IACjC,EAAE,KAAK,EAAE,yCAAyC,EAAE,KAAK,EAAE,oBAAoB,EAAE;IACjF,gCAAgC;IAChC,EAAE,KAAK,EAAE,6BAA6B,EAAc,KAAK,EAAE,qBAAqB,EAAE;IAClF,EAAE,KAAK,EAAE,gCAAgC,EAAW,KAAK,EAAE,qBAAqB,EAAE;CACnF,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,cAAc,GAAM,yEAAyE,CAAC;AACpG,MAAM,eAAe,GAAK,kDAAkD,CAAC;AAC7E,MAAM,iBAAiB,GAAG,4JAA4J,CAAC;AAEvL,MAAM,gBAAgB,GAAmB;IACvC,wEAAwE;IACxE,KAAK,EAAE,IAAI;IACX,KAAK,EAAE,iCAAiC;CACzC,CAAC;AAEF,SAAS,uBAAuB,CAAC,KAAa;IAC5C,OAAO,wBAAwB,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC;AACjF,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,yDAAyD;IACzD,OAAO,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC;WAC5B,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC;WAC3B,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC9B,oEAAoE;IACpE,MAAM,EAAE,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC;IAC1C,IAAI,EAAE,KAAK,IAAI;QAAE,OAAO,EAAE,CAAC;IAC3B,0CAA0C;IAC1C,IAAI,WAAW,CAAC,KAAK,CAAC;QAAE,OAAO,gBAAgB,CAAC;IAChD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAmB;IACnD,EAAE,EAAE,wBAAwB;IAC5B,QAAQ,EAAE,EAAE;IAEZ,QAAQ,CAAC,KAAa;QACpB,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC;IACnC,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAChC,OAAO;YACL,OAAO,EAAS,OAAO;YACvB,MAAM,EAAU,wBAAwB;YACxC,cAAc,EAAE,KAAK,CAAC,KAAK;YAC3B,IAAI,EAAE,iGAAiG;SACxG,CAAC;IACJ,CAAC;CACF,CAAC"}
package/dist/src/safety/detectors/destructive.detector.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import type { SafetyDetector } from "../types.js";
2
+ export declare const destructiveDetector: SafetyDetector;
3
+ //# sourceMappingURL=destructive.detector.d.ts.map
package/dist/src/safety/detectors/destructive.detector.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"destructive.detector.d.ts","sourceRoot":"","sources":["../../../../src/safety/detectors/destructive.detector.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAgB,MAAM,aAAa,CAAC;AAehE,eAAO,MAAM,mBAAmB,EAAE,cAkBjC,CAAC"}
package/dist/src/safety/detectors/destructive.detector.js ADDED
@@ -0,0 +1,28 @@
1
+ const PATTERNS = [
2
+ { regex: /\brm\s+-[a-zA-Z]*r[a-zA-Z]*f\b/i, label: "rm -rf" },
3
+ { regex: /\bdelete\s+all\b/i, label: "delete all" },
4
+ { regex: /\bwipe\b/i, label: "wipe" },
5
+ { regex: /\bpurge\b/i, label: "purge" },
6
+ ];
7
+ function findMatch(input) {
8
+ return PATTERNS.find(({ regex }) => regex.test(input)) ?? null;
9
+ }
10
+ export const destructiveDetector = {
11
+ id: "destructive_mass_action",
12
+ priority: 10,
13
+ supports(input) {
14
+ return findMatch(input) !== null;
15
+ },
16
+ detect(input) {
17
+ const match = findMatch(input);
18
+ if (match === null)
19
+ return null;
20
+ return {
21
+ verdict: "block",
22
+ reason: "destructive_mass_action",
23
+ matchedPattern: match.label,
24
+ note: "Input contains a pattern associated with irreversible bulk data destruction.",
25
+ };
26
+ },
27
+ };
28
+ //# sourceMappingURL=destructive.detector.js.map
package/dist/src/safety/detectors/destructive.detector.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"destructive.detector.js","sourceRoot":"","sources":["../../../../src/safety/detectors/destructive.detector.ts"],"names":[],"mappings":"AAIA,MAAM,QAAQ,GAAkC;IAC9C,EAAE,KAAK,EAAE,iCAAiC,EAAE,KAAK,EAAE,QAAQ,EAAE;IAC7D,EAAE,KAAK,EAAE,mBAAmB,EAAgB,KAAK,EAAE,YAAY,EAAE;IACjE,EAAE,KAAK,EAAE,WAAW,EAAyB,KAAK,EAAE,MAAM,EAAE;IAC5D,EAAE,KAAK,EAAE,YAAY,EAAwB,KAAK,EAAE,OAAO,EAAE;CAC9D,CAAC;AAEF,SAAS,SAAS,CAAC,KAAa;IAC9B,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC;AACjE,CAAC;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAmB;IACjD,EAAE,EAAE,yBAAyB;IAC7B,QAAQ,EAAE,EAAE;IAEZ,QAAQ,CAAC,KAAa;QACpB,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC;IACnC,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAChC,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE,yBAAyB;YACjC,cAAc,EAAE,KAAK,CAAC,KAAK;YAC3B,IAAI,EAAE,8EAA8E;SACrF,CAAC;IACJ,CAAC;CACF,CAAC"}
package/dist/src/safety/detectors/evasion.detector.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import type { SafetyDetector } from "../types.js";
2
+ export declare const evasionDetector: SafetyDetector;
3
+ //# sourceMappingURL=evasion.detector.d.ts.map
package/dist/src/safety/detectors/evasion.detector.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"evasion.detector.d.ts","sourceRoot":"","sources":["../../../../src/safety/detectors/evasion.detector.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAgB,MAAM,aAAa,CAAC;AAehE,eAAO,MAAM,eAAe,EAAE,cAkB7B,CAAC"}
package/dist/src/safety/detectors/evasion.detector.js ADDED
@@ -0,0 +1,28 @@
1
+ const PATTERNS = [
2
+ { regex: /\bignore\s+(?:the\s+)?rules?\b/i, label: "ignore rules" },
3
+ { regex: /\bwithout\s+approval\b/i, label: "without approval" },
4
+ { regex: /\bsilently\b/i, label: "silently" },
5
+ { regex: /\bbypass\b/i, label: "bypass" },
6
+ ];
7
+ function findMatch(input) {
8
+ return PATTERNS.find(({ regex }) => regex.test(input)) ?? null;
9
+ }
10
+ export const evasionDetector = {
11
+ id: "evasion_or_rule_bypass",
12
+ priority: 30,
13
+ supports(input) {
14
+ return findMatch(input) !== null;
15
+ },
16
+ detect(input) {
17
+ const match = findMatch(input);
18
+ if (match === null)
19
+ return null;
20
+ return {
21
+ verdict: "block",
22
+ reason: "evasion_or_rule_bypass",
23
+ matchedPattern: match.label,
24
+ note: "Input contains a pattern associated with policy evasion or rule bypass.",
25
+ };
26
+ },
27
+ };
28
+ //# sourceMappingURL=evasion.detector.js.map
package/dist/src/safety/detectors/evasion.detector.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"evasion.detector.js","sourceRoot":"","sources":["../../../../src/safety/detectors/evasion.detector.ts"],"names":[],"mappings":"AAIA,MAAM,QAAQ,GAAkC;IAC9C,EAAE,KAAK,EAAE,iCAAiC,EAAE,KAAK,EAAE,cAAc,EAAE;IACnE,EAAE,KAAK,EAAE,yBAAyB,EAAI,KAAK,EAAE,kBAAkB,EAAE;IACjE,EAAE,KAAK,EAAE,eAAe,EAAc,KAAK,EAAE,UAAU,EAAE;IACzD,EAAE,KAAK,EAAE,aAAa,EAAgB,KAAK,EAAE,QAAQ,EAAE;CACxD,CAAC;AAEF,SAAS,SAAS,CAAC,KAAa;IAC9B,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC;AACjE,CAAC;AAED,MAAM,CAAC,MAAM,eAAe,GAAmB;IAC7C,EAAE,EAAE,wBAAwB;IAC5B,QAAQ,EAAE,EAAE;IAEZ,QAAQ,CAAC,KAAa;QACpB,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC;IACnC,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAChC,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE,wBAAwB;YAChC,cAAc,EAAE,KAAK,CAAC,KAAK;YAC3B,IAAI,EAAE,yEAAyE;SAChF,CAAC;IACJ,CAAC;CACF,CAAC"}
package/dist/src/safety/detectors/secret-access.detector.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ /**
2
+ * Secret / credential access detector.
3
+ *
4
+ * Blocks inputs that try to READ, VIEW, or DISCLOSE credential material.
5
+ *
6
+ * ── Rotation/management exemption ────────────────────────────────────────────
7
+ *
8
+ * Credential management operations (rotate, renew, revoke, regenerate,
9
+ * invalidate, deactivate) are LEGITIMATE security practice. They must not be
10
+ * blocked here. The exemption applies when:
11
+ *
12
+ * 1. A rotation/management verb is present in the input, AND
13
+ * 2. No disclosure verb (read, show, dump, reveal, export, print, expose,
14
+ * output, display) is also present.
15
+ *
16
+ * Mixed inputs ("rotate and then dump the API keys") are not exempt — the
17
+ * disclosure verb disqualifies the exemption and the detector blocks as normal.
18
+ *
19
+ * Examples:
20
+ * "rotate the API keys for the payment service" → ALLOW (rotation only)
21
+ * "when should I rotate API keys" → ALLOW (question, no disclosure)
22
+ * "renew the TLS certificates" → ALLOW (management)
23
+ * "revoke the OAuth token" → ALLOW (revocation)
24
+ * "show me the API keys" → BLOCK (disclosure verb)
25
+ * "read the API key from .env" → BLOCK (disclosure verb)
26
+ * "export API keys" → BLOCK (disclosure verb)
27
+ * "rotate and then dump the API keys" → BLOCK (disclosure verb present)
28
+ */
29
+ import type { SafetyDetector } from "../types.js";
30
+ export declare const secretAccessDetector: SafetyDetector;
31
+ //# sourceMappingURL=secret-access.detector.d.ts.map
package/dist/src/safety/detectors/secret-access.detector.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secret-access.detector.d.ts","sourceRoot":"","sources":["../../../../src/safety/detectors/secret-access.detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAgB,MAAM,aAAa,CAAC;AAuChE,eAAO,MAAM,oBAAoB,EAAE,cAqBlC,CAAC"}
package/dist/src/safety/detectors/secret-access.detector.js ADDED
@@ -0,0 +1,78 @@
1
+ /**
2
+ * Secret / credential access detector.
3
+ *
4
+ * Blocks inputs that try to READ, VIEW, or DISCLOSE credential material.
5
+ *
6
+ * ── Rotation/management exemption ────────────────────────────────────────────
7
+ *
8
+ * Credential management operations (rotate, renew, revoke, regenerate,
9
+ * invalidate, deactivate) are LEGITIMATE security practice. They must not be
10
+ * blocked here. The exemption applies when:
11
+ *
12
+ * 1. A rotation/management verb is present in the input, AND
13
+ * 2. No disclosure verb (read, show, dump, reveal, export, print, expose,
14
+ * output, display) is also present.
15
+ *
16
+ * Mixed inputs ("rotate and then dump the API keys") are not exempt — the
17
+ * disclosure verb disqualifies the exemption and the detector blocks as normal.
18
+ *
19
+ * Examples:
20
+ * "rotate the API keys for the payment service" → ALLOW (rotation only)
21
+ * "when should I rotate API keys" → ALLOW (question, no disclosure)
22
+ * "renew the TLS certificates" → ALLOW (management)
23
+ * "revoke the OAuth token" → ALLOW (revocation)
24
+ * "show me the API keys" → BLOCK (disclosure verb)
25
+ * "read the API key from .env" → BLOCK (disclosure verb)
26
+ * "export API keys" → BLOCK (disclosure verb)
27
+ * "rotate and then dump the API keys" → BLOCK (disclosure verb present)
28
+ */
29
+ const PATTERNS = [
30
+ { regex: /\bapi\s*keys?\b/i, label: "api key" },
31
+ { regex: /\btoken\b/i, label: "token" },
32
+ { regex: /\bpasswords?\b/i, label: "password" },
33
+ { regex: /\.env\b/i, label: ".env" },
34
+ { regex: /\bsecret\b/i, label: "secret" },
35
+ ];
36
+ /**
37
+ * Verbs that indicate credential rotation or management — the user wants to
38
+ * CHANGE or REVOKE the credential, not read its current value.
39
+ */
40
+ const ROTATION_MGMT_RE = /\b(rotat\w*|renew(?:al|ing|ed)?|reissue\w*|regenerat\w*|revok\w*|invalidat\w*|deactivat\w*|expir(?:e|ed|ing|ation)?|cycl(?:e|ed|ing)|roll(?:(?:\s+(?:over|back))?(?:ing|ed)?))\b/i;
41
+ /**
42
+ * Verbs that indicate intent to read, view, or disclose the credential value.
43
+ * Presence of any of these disqualifies the rotation exemption.
44
+ */
45
+ const DISCLOSURE_VERBS_RE = /\b(read|show|dump|print|expos\w*|reveal|output|display)\b/i;
46
+ /**
47
+ * Returns true when the input describes a credential rotation/management
48
+ * operation with no disclosure intent. These inputs are security-hygiene
49
+ * operations and must not be blocked.
50
+ */
51
+ function isRotationWithoutDisclosure(input) {
52
+ return ROTATION_MGMT_RE.test(input) && !DISCLOSURE_VERBS_RE.test(input);
53
+ }
54
+ function findMatch(input) {
55
+ return PATTERNS.find(({ regex }) => regex.test(input)) ?? null;
56
+ }
57
+ export const secretAccessDetector = {
58
+ id: "credential_or_secret_access",
59
+ priority: 20,
60
+ supports(input) {
61
+ return findMatch(input) !== null;
62
+ },
63
+ detect(input) {
64
+ // Rotation/management intents are legitimate security practice — allow them.
65
+ if (isRotationWithoutDisclosure(input))
66
+ return null;
67
+ const match = findMatch(input);
68
+ if (match === null)
69
+ return null;
70
+ return {
71
+ verdict: "block",
72
+ reason: "credential_or_secret_access",
73
+ matchedPattern: match.label,
74
+ note: "Input contains a pattern associated with credential or secret material access.",
75
+ };
76
+ },
77
+ };
78
+ //# sourceMappingURL=secret-access.detector.js.map
package/dist/src/safety/detectors/secret-access.detector.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secret-access.detector.js","sourceRoot":"","sources":["../../../../src/safety/detectors/secret-access.detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAMH,MAAM,QAAQ,GAAkC;IAC9C,EAAE,KAAK,EAAE,kBAAkB,EAAG,KAAK,EAAE,SAAS,EAAE;IAChD,EAAE,KAAK,EAAE,YAAY,EAAS,KAAK,EAAE,OAAO,EAAE;IAC9C,EAAE,KAAK,EAAE,iBAAiB,EAAI,KAAK,EAAE,UAAU,EAAE;IACjD,EAAE,KAAK,EAAE,UAAU,EAAW,KAAK,EAAE,MAAM,EAAE;IAC7C,EAAE,KAAK,EAAE,aAAa,EAAQ,KAAK,EAAE,QAAQ,EAAE;CAChD,CAAC;AAEF;;;GAGG;AACH,MAAM,gBAAgB,GACpB,mLAAmL,CAAC;AAEtL;;;GAGG;AACH,MAAM,mBAAmB,GACvB,4DAA4D,CAAC;AAE/D;;;;GAIG;AACH,SAAS,2BAA2B,CAAC,KAAa;IAChD,OAAO,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC9B,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC;AACjE,CAAC;AAED,MAAM,CAAC,MAAM,oBAAoB,GAAmB;IAClD,EAAE,EAAE,6BAA6B;IACjC,QAAQ,EAAE,EAAE;IAEZ,QAAQ,CAAC,KAAa;QACpB,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC;IACnC,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,6EAA6E;QAC7E,IAAI,2BAA2B,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpD,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAChC,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE,6BAA6B;YACrC,cAAc,EAAE,KAAK,CAAC,KAAK;YAC3B,IAAI,EAAE,gFAAgF;SACvF,CAAC;IACJ,CAAC;CACF,CAAC"}
package/dist/src/safety/registry.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ /**
2
+ * Safety detector registry.
3
+ *
4
+ * Detectors are sorted by priority ascending (lower number = runs first).
5
+ * The gate iterates in priority order and returns the first blocking match.
6
+ */
7
+ import type { SafetyDetector } from "./types.js";
8
+ export declare function getSafetyDetectors(): ReadonlyArray<SafetyDetector>;
9
+ //# sourceMappingURL=registry.d.ts.map
package/dist/src/safety/registry.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../../src/safety/registry.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAejD,wBAAgB,kBAAkB,IAAI,aAAa,CAAC,cAAc,CAAC,CAElE"}
package/dist/src/safety/registry.js ADDED
@@ -0,0 +1,22 @@
1
+ /**
2
+ * Safety detector registry.
3
+ *
4
+ * Detectors are sorted by priority ascending (lower number = runs first).
5
+ * The gate iterates in priority order and returns the first blocking match.
6
+ */
7
+ import { destructiveDetector } from "./detectors/destructive.detector.js";
8
+ import { bulkDataExfilDetector } from "./detectors/bulk-data-exfil.detector.js";
9
+ import { secretAccessDetector } from "./detectors/secret-access.detector.js";
10
+ import { evasionDetector } from "./detectors/evasion.detector.js";
11
+ import { arbitraryExecDetector } from "./detectors/arbitrary-exec.detector.js";
12
+ const REGISTERED_DETECTORS = [
13
+ destructiveDetector, // priority 10
14
+ bulkDataExfilDetector, // priority 15
15
+ secretAccessDetector, // priority 20
16
+ evasionDetector,
17
+ arbitraryExecDetector,
18
+ ].sort((a, b) => a.priority - b.priority);
19
+ export function getSafetyDetectors() {
20
+ return REGISTERED_DETECTORS;
21
+ }
22
+ //# sourceMappingURL=registry.js.map
package/dist/src/safety/registry.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"registry.js","sourceRoot":"","sources":["../../../src/safety/registry.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAS,qCAAqC,CAAC;AAC7E,OAAO,EAAE,qBAAqB,EAAE,MAAQ,yCAAyC,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,MAAS,uCAAuC,CAAC;AAChF,OAAO,EAAE,eAAe,EAAE,MAAc,iCAAiC,CAAC;AAC1E,OAAO,EAAE,qBAAqB,EAAE,MAAQ,wCAAwC,CAAC;AAEjF,MAAM,oBAAoB,GAAkC;IAC1D,mBAAmB,EAAQ,cAAc;IACzC,qBAAqB,EAAM,cAAc;IACzC,oBAAoB,EAAO,cAAc;IACzC,eAAe;IACf,qBAAqB;CACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;AAE1C,MAAM,UAAU,kBAAkB;IAChC,OAAO,oBAAoB,CAAC;AAC9B,CAAC"}
package/dist/src/safety/safety-gate.d.ts ADDED
@@ -0,0 +1,16 @@
1
+ /**
2
+ * Safety Gate — runs detectors in priority order, injects detectorId on block.
3
+ *
4
+ * Detectors report `matchedPattern` (the specific phrase that matched).
5
+ * The gate adds `detectorId` from `detector.id` so callers can identify
6
+ * which detector fired without inspecting the source.
7
+ *
8
+ * Inspectable fields on a block result:
9
+ * result.detectorId — which detector fired
10
+ * result.matchedPattern — which phrase triggered it
11
+ * result.reason — enum category
12
+ * result.note — plain-English explanation
13
+ */
14
+ import type { SafetyResult } from "./types.js";
15
+ export declare function runSafetyGate(input: string): SafetyResult;
16
+ //# sourceMappingURL=safety-gate.d.ts.map
package/dist/src/safety/safety-gate.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"safety-gate.d.ts","sourceRoot":"","sources":["../../../src/safety/safety-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG/C,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,CAUzD"}
package/dist/src/safety/safety-gate.js ADDED
@@ -0,0 +1,26 @@
1
+ /**
2
+ * Safety Gate — runs detectors in priority order, injects detectorId on block.
3
+ *
4
+ * Detectors report `matchedPattern` (the specific phrase that matched).
5
+ * The gate adds `detectorId` from `detector.id` so callers can identify
6
+ * which detector fired without inspecting the source.
7
+ *
8
+ * Inspectable fields on a block result:
9
+ * result.detectorId — which detector fired
10
+ * result.matchedPattern — which phrase triggered it
11
+ * result.reason — enum category
12
+ * result.note — plain-English explanation
13
+ */
14
+ import { getSafetyDetectors } from "./registry.js";
15
+ export function runSafetyGate(input) {
16
+ for (const detector of getSafetyDetectors()) {
17
+ if (detector.supports(input)) {
18
+ const result = detector.detect(input);
19
+ if (result !== null && result.verdict === "block") {
20
+ return { ...result, detectorId: detector.id };
21
+ }
22
+ }
23
+ }
24
+ return { verdict: "allow" };
25
+ }
26
+ //# sourceMappingURL=safety-gate.js.map
package/dist/src/safety/safety-gate.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"safety-gate.js","sourceRoot":"","sources":["../../../src/safety/safety-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,KAAK,MAAM,QAAQ,IAAI,kBAAkB,EAAE,EAAE,CAAC;QAC5C,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBAClD,OAAO,EAAE,GAAG,MAAM,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC9B,CAAC"}
package/dist/src/safety/types.d.ts ADDED
@@ -0,0 +1,35 @@
1
+ /**
2
+ * Safety Gate types.
3
+ *
4
+ * SafetyResult now carries inspection fields so callers can determine
5
+ * exactly which detector fired and which input phrase triggered it —
6
+ * without needing to re-run detectors or read source code.
7
+ *
8
+ * Fields:
9
+ * detectorId — id of the detector that produced this result (injected by gate)
10
+ * matchedPattern — human-readable label of the specific phrase that matched
11
+ * note — plain-English explanation of why this is blocked
12
+ */
13
+ export type SafetyVerdict = "allow" | "block";
14
+ export type SafetyReason = "destructive_mass_action" | "bulk_data_exfiltration" | "credential_or_secret_access" | "evasion_or_rule_bypass" | "arbitrary_script_execution";
15
+ export type SafetyResult = {
16
+ readonly verdict: SafetyVerdict;
17
+ readonly reason?: SafetyReason;
18
+ readonly detectorId?: string;
19
+ readonly matchedPattern?: string;
20
+ readonly note?: string;
21
+ };
22
+ /**
23
+ * A SafetyDetector examines an input string and returns a blocking SafetyResult
24
+ * if it detects a pattern it covers, or null if the input is outside its scope.
25
+ *
26
+ * Detectors set `matchedPattern` on their results.
27
+ * The gate injects `detectorId` from `detector.id` — detectors do not self-report their id.
28
+ */
29
+ export type SafetyDetector = {
30
+ readonly id: string;
31
+ readonly priority: number;
32
+ supports(input: string): boolean;
33
+ detect(input: string): SafetyResult | null;
34
+ };
35
+ //# sourceMappingURL=types.d.ts.map
package/dist/src/safety/types.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/safety/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,OAAO,CAAC;AAE9C,MAAM,MAAM,YAAY,GACpB,yBAAyB,GACzB,wBAAwB,GACxB,6BAA6B,GAC7B,wBAAwB,GACxB,4BAA4B,CAAC;AAEjC,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC;IAC/B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;IACjC,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CAAC;CAC5C,CAAC"}
package/dist/src/safety/types.js ADDED
@@ -0,0 +1,14 @@
1
+ /**
2
+ * Safety Gate types.
3
+ *
4
+ * SafetyResult now carries inspection fields so callers can determine
5
+ * exactly which detector fired and which input phrase triggered it —
6
+ * without needing to re-run detectors or read source code.
7
+ *
8
+ * Fields:
9
+ * detectorId — id of the detector that produced this result (injected by gate)
10
+ * matchedPattern — human-readable label of the specific phrase that matched
11
+ * note — plain-English explanation of why this is blocked
12
+ */
13
+ export {};
14
+ //# sourceMappingURL=types.js.map
package/dist/src/safety/types.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/safety/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG"}
package/dist/src/shell/claude-shell.d.ts ADDED
@@ -0,0 +1,63 @@
1
+ /**
2
+ * Phase 9A: Claude shell advance functions.
3
+ *
4
+ * ── Purpose ───────────────────────────────────────────────────────────────────
5
+ *
6
+ * Pure (or async-pure) functions that map a user answer + current Claude
7
+ * session state → next session state. Mirror of cursor-shell.ts for Claude.
8
+ *
9
+ * ── What these functions do ───────────────────────────────────────────────────
10
+ *
11
+ * advanceClaudeOnConfirm — handles "confirm" prompt answers (y/n).
12
+ * - From "conflict": y → acceptClaudeConflict() → back to "prepared"
13
+ * n → rejectClaude()
14
+ * - From "prepared": y → approveClaude() then immediately deliverClaude()
15
+ * n → rejectClaude()
16
+ *
17
+ * advanceClaudeOnChoice — handles "choose" prompt answers (1-N).
18
+ * - From "scope_question": resolves the candidate file, calls answerClaudeScope(),
19
+ * then immediately delivers (answerClaudeScope → "approved" → deliverClaude).
20
+ * - Out-of-range index: returns state unchanged (re-prompt).
21
+ *
22
+ * ── Design note ───────────────────────────────────────────────────────────────
23
+ *
24
+ * Same approve-then-deliver combination as cursor-shell.ts.
25
+ * approveClaude() and deliverClaude() remain distinct session transitions
26
+ * (P3, P4). The CLI collapses them into one user action for the same reason.
27
+ *
28
+ * ── What these functions are NOT ──────────────────────────────────────────────
29
+ *
30
+ * NOT authority layers — all decisions are delegated to session functions.
31
+ * NOT renderers — rendering is in render.ts.
32
+ * NOT stateful — they return new state; they do not mutate.
33
+ */
34
+ import type { ClaudeSessionState } from "../product/claude-product-session.js";
35
+ import type { ClaudeAgentPlugin } from "../claude/delivery-gate.js";
36
+ import type { ClaudeGateDeps } from "../claude/delivery-gate.js";
37
+ /**
38
+ * Advance the Claude session based on a yes/no answer.
39
+ *
40
+ * Called when `renderClaudeFrame(state).prompt.kind === "confirm"`.
41
+ *
42
+ * @param state Current session state (must be "prepared" or "conflict").
43
+ * @param yes true = user said yes; false = user said no.
44
+ * @param plugin The Claude agent plugin for delivery.
45
+ * @param storeDir UCP store directory for envelope persistence.
46
+ * @param deps Optional gate dependencies (for test injection).
47
+ */
48
+ export declare function advanceClaudeOnConfirm(state: ClaudeSessionState, yes: boolean, plugin: ClaudeAgentPlugin, storeDir: string, deps?: ClaudeGateDeps): Promise<ClaudeSessionState>;
49
+ /**
50
+ * Advance the Claude session based on a numbered scope candidate selection.
51
+ *
52
+ * Called when `renderClaudeFrame(state).prompt.kind === "choose"`.
53
+ *
54
+ * @param state Current session state (must be "scope_question").
55
+ * @param choiceIdx 1-based index into `state.scopeQuestion.candidates`.
56
+ * @param plugin The Claude agent plugin for delivery.
57
+ * @param storeDir UCP store directory for envelope persistence.
58
+ * @param deps Optional gate dependencies (for test injection).
59
+ * @returns Next session state. If choiceIdx is out of range,
60
+ * returns state unchanged so the CLI can re-prompt.
61
+ */
62
+ export declare function advanceClaudeOnChoice(state: ClaudeSessionState, choiceIdx: number, plugin: ClaudeAgentPlugin, storeDir: string, deps?: ClaudeGateDeps): Promise<ClaudeSessionState>;
63
+ //# sourceMappingURL=claude-shell.d.ts.map
package/dist/src/shell/claude-shell.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"claude-shell.d.ts","sourceRoot":"","sources":["../../../src/shell/claude-shell.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC/E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAO,4BAA4B,CAAC;AACrE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAU,4BAA4B,CAAC;AAWrE;;;;;;;;;;GAUG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAK,kBAAkB,EAC5B,GAAG,EAAO,OAAO,EACjB,MAAM,EAAI,iBAAiB,EAC3B,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAK,cAAc,GACvB,OAAO,CAAC,kBAAkB,CAAC,CAa7B;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,qBAAqB,CACzC,KAAK,EAAM,kBAAkB,EAC7B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAK,iBAAiB,EAC5B,QAAQ,EAAG,MAAM,EACjB,IAAI,CAAC,EAAM,cAAc,GACxB,OAAO,CAAC,kBAAkB,CAAC,CAQ7B"}
package/dist/src/shell/claude-shell.js ADDED
@@ -0,0 +1,81 @@
1
+ /**
2
+ * Phase 9A: Claude shell advance functions.
3
+ *
4
+ * ── Purpose ───────────────────────────────────────────────────────────────────
5
+ *
6
+ * Pure (or async-pure) functions that map a user answer + current Claude
7
+ * session state → next session state. Mirror of cursor-shell.ts for Claude.
8
+ *
9
+ * ── What these functions do ───────────────────────────────────────────────────
10
+ *
11
+ * advanceClaudeOnConfirm — handles "confirm" prompt answers (y/n).
12
+ * - From "conflict": y → acceptClaudeConflict() → back to "prepared"
13
+ * n → rejectClaude()
14
+ * - From "prepared": y → approveClaude() then immediately deliverClaude()
15
+ * n → rejectClaude()
16
+ *
17
+ * advanceClaudeOnChoice — handles "choose" prompt answers (1-N).
18
+ * - From "scope_question": resolves the candidate file, calls answerClaudeScope(),
19
+ * then immediately delivers (answerClaudeScope → "approved" → deliverClaude).
20
+ * - Out-of-range index: returns state unchanged (re-prompt).
21
+ *
22
+ * ── Design note ───────────────────────────────────────────────────────────────
23
+ *
24
+ * Same approve-then-deliver combination as cursor-shell.ts.
25
+ * approveClaude() and deliverClaude() remain distinct session transitions
26
+ * (P3, P4). The CLI collapses them into one user action for the same reason.
27
+ *
28
+ * ── What these functions are NOT ──────────────────────────────────────────────
29
+ *
30
+ * NOT authority layers — all decisions are delegated to session functions.
31
+ * NOT renderers — rendering is in render.ts.
32
+ * NOT stateful — they return new state; they do not mutate.
33
+ */
34
+ import { approveClaude, rejectClaude, acceptClaudeConflict, answerClaudeScope, deliverClaude, } from "../product/claude-product-session.js";
35
+ // ─── Confirm advance (y/n) ────────────────────────────────────────────────────
36
+ /**
37
+ * Advance the Claude session based on a yes/no answer.
38
+ *
39
+ * Called when `renderClaudeFrame(state).prompt.kind === "confirm"`.
40
+ *
41
+ * @param state Current session state (must be "prepared" or "conflict").
42
+ * @param yes true = user said yes; false = user said no.
43
+ * @param plugin The Claude agent plugin for delivery.
44
+ * @param storeDir UCP store directory for envelope persistence.
45
+ * @param deps Optional gate dependencies (for test injection).
46
+ */
47
+ export async function advanceClaudeOnConfirm(state, yes, plugin, storeDir, deps) {
48
+ if (!yes)
49
+ return rejectClaude(state);
50
+ if (state.phase === "conflict") {
51
+ return acceptClaudeConflict(state);
52
+ }
53
+ if (state.phase === "prepared") {
54
+ const approved = approveClaude(state);
55
+ return deliverClaude(approved, plugin, storeDir, deps);
56
+ }
57
+ return state;
58
+ }
59
+ // ─── Choice advance (1-N selection) ──────────────────────────────────────────
60
+ /**
61
+ * Advance the Claude session based on a numbered scope candidate selection.
62
+ *
63
+ * Called when `renderClaudeFrame(state).prompt.kind === "choose"`.
64
+ *
65
+ * @param state Current session state (must be "scope_question").
66
+ * @param choiceIdx 1-based index into `state.scopeQuestion.candidates`.
67
+ * @param plugin The Claude agent plugin for delivery.
68
+ * @param storeDir UCP store directory for envelope persistence.
69
+ * @param deps Optional gate dependencies (for test injection).
70
+ * @returns Next session state. If choiceIdx is out of range,
71
+ * returns state unchanged so the CLI can re-prompt.
72
+ */
73
+ export async function advanceClaudeOnChoice(state, choiceIdx, plugin, storeDir, deps) {
74
+ const candidates = state.scopeQuestion?.candidates ?? [];
75
+ const file = candidates[choiceIdx - 1];
76
+ if (!file)
77
+ return state;
78
+ const narrowed = answerClaudeScope(state, file);
79
+ return deliverClaude(narrowed, plugin, storeDir, deps);
80
+ }
81
+ //# sourceMappingURL=claude-shell.js.map
package/dist/src/shell/claude-shell.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"claude-shell.js","sourceRoot":"","sources":["../../../src/shell/claude-shell.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAKH,OAAO,EACL,aAAa,EACb,YAAY,EACZ,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,GACd,MAAM,sCAAsC,CAAC;AAE9C,iFAAiF;AAEjF;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,KAA4B,EAC5B,GAAiB,EACjB,MAA2B,EAC3B,QAAgB,EAChB,IAAwB;IAExB,IAAI,CAAC,GAAG;QAAE,OAAO,YAAY,CAAC,KAAK,CAAC,CAAC;IAErC,IAAI,KAAK,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,oBAAoB,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED,IAAI,KAAK,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QACtC,OAAO,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gFAAgF;AAEhF;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAA6B,EAC7B,SAAiB,EACjB,MAA4B,EAC5B,QAAiB,EACjB,IAAyB;IAEzB,MAAM,UAAU,GAAG,KAAK,CAAC,aAAa,EAAE,UAAU,IAAI,EAAE,CAAC;IACzD,MAAM,IAAI,GAAS,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IAE7C,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAExB,MAAM,QAAQ,GAAG,iBAAiB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAChD,OAAO,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;AACzD,CAAC"}
package/dist/src/shell/cli/friction-admin.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ /**
2
+ * src/shell/cli/friction-admin.ts
3
+ *
4
+ * Admin CLI for friction report review and payout management.
5
+ *
6
+ * Usage (via `usesteady admin friction <sub>`):
7
+ * usesteady admin friction list List pending friction issues
8
+ * usesteady admin friction review AI-classify + approve/reject interactively
9
+ * usesteady admin friction review --dry-run AI-classify only, no writes
10
+ * usesteady admin friction payouts Show payout ledger
11
+ * usesteady admin friction payouts --pending Show only unpaid approved entries
12
+ */
13
+ export declare function runAdmin(args: string[]): Promise<void>;
14
+ //# sourceMappingURL=friction-admin.d.ts.map
package/dist/src/shell/cli/friction-admin.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"friction-admin.d.ts","sourceRoot":"","sources":["../../../../src/shell/cli/friction-admin.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;GAWG;AAySH,wBAAsB,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAgD5D"}