visus-mcp 0.1.0

package/dist/sanitizer/patterns.js

@@ -0,0 +1,372 @@
+/**
+ * Lateos Injection Pattern Library
+ *
+ * 43 validated injection pattern categories for detecting and neutralizing
+ * prompt injection attacks in web content before it reaches the LLM.
+ *
+ * Each pattern includes:
+ * - name: Pattern identifier
+ * - description: What this pattern detects
+ * - regex: Detection pattern (case-insensitive by default)
+ * - severity: risk level (critical, high, medium, low)
+ * - action: how to handle matches (strip, redact, escape)
+ */
+export const INJECTION_PATTERNS = [
+    // 1. Comment injection (must come before direct_instruction_injection to avoid false positives)
+    {
+        name: 'comment_injection',
+        description: 'Instructions hidden in HTML/JS/SQL comments',
+        regex: /<!--[\s\S]*?(ignore|admin|system|instruction|bypass|override)[\s\S]*?-->|\/\*[\s\S]*?(ignore|admin|system|instruction)[\s\S]*?\*\/|\/\/\s*(ignore|admin|system)\b|--\s*(ignore|bypass)\b|#\s*(ignore|admin|override)\b/gi,
+        severity: 'medium',
+        action: 'strip'
+    },
+    // 2. Direct instruction injection
+    {
+        name: 'direct_instruction_injection',
+        description: 'Attempts to override or ignore previous instructions',
+        regex: /\b(ignore|disregard|forget|override|replace|substitute)\s+(all\s+)?(previous|prior|above|earlier|your)\s+(instructions?|prompts?|commands?|directions?|rules?)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 3. Role hijacking
+    {
+        name: 'role_hijacking',
+        description: 'Attempts to change AI persona or role',
+        regex: /\b(you\s+are\s+now|your\s+new\s+(role|persona|identity)\s+is|act\s+as|pretend\s+(you\s+are|to\s+be)|roleplay\s+as)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 3. System prompt extraction
+    {
+        name: 'system_prompt_extraction',
+        description: 'Attempts to reveal system instructions',
+        regex: /\b(repeat|print|show|display|reveal|output|tell\s+me)\s+(your|the)\s+(system\s+)?(prompt|instructions?|rules|guidelines|directives|configuration)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 4. Privilege escalation
+    {
+        name: 'privilege_escalation',
+        description: 'Attempts to gain elevated permissions',
+        regex: /\b(admin\s+mode|administrator\s+access|developer\s+(mode|override)|root\s+access|elevated\s+privileges?|emergency\s+protocol|debug\s+mode|sudo\s+mode)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 5. Context poisoning
+    {
+        name: 'context_poisoning',
+        description: 'Falsely claims prior agreement or context',
+        regex: /\b(the\s+user\s+(said|told|mentioned|confirmed)|as\s+(we\s+)?(discussed|agreed|confirmed)\s+(earlier|previously|before)|you\s+already\s+(said|agreed|confirmed)|continuing\s+from\s+(our|the)\s+previous)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 6. Data exfiltration
+    {
+        name: 'data_exfiltration',
+        description: 'Attempts to send data to external endpoints',
+        regex: /\b(send|post|transmit|forward|email|upload)\s+(this|the|all|your)\s+(to|data|information)\b.*?\b(http|mailto|ftp):/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 7. Encoding obfuscation - Base64
+    {
+        name: 'base64_obfuscation',
+        description: 'Base64-encoded instructions',
+        regex: /\b(decode|decipher|decrypt)\s+(this\s+)?(base64|b64)\b.*?[A-Za-z0-9+/]{20,}={0,2}/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 8. Unicode lookalike characters
+    {
+        name: 'unicode_lookalikes',
+        description: 'Uses visually similar Unicode characters',
+        regex: /[\u0430-\u044f\u0410-\u042f].*\b(ignore|admin|system)\b/gi, // Cyrillic mixed with English
+        severity: 'medium',
+        action: 'strip'
+    },
+    // 9. Zero-width characters
+    {
+        name: 'zero_width_characters',
+        description: 'Hidden zero-width Unicode characters',
+        regex: /[\u200B-\u200D\uFEFF]/g,
+        severity: 'high',
+        action: 'strip'
+    },
+    // 10. HTML script injection
+    {
+        name: 'html_script_injection',
+        description: 'HTML script tags or event handlers',
+        regex: /<script\b[^>]*>[\s\S]*?<\/script>|<iframe\b[^>]*>|on(click|load|error|mouse\w+)\s*=/gi,
+        severity: 'critical',
+        action: 'escape'
+    },
+    // 11. Data URI injection
+    {
+        name: 'data_uri_injection',
+        description: 'Data URIs that could contain instructions',
+        regex: /data:text\/(html|javascript)[;,]/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 12. Markdown link injection
+    {
+        name: 'markdown_link_injection',
+        description: 'Malicious markdown links',
+        regex: /\[.*?\]\s*\(\s*javascript:|!\[.*?\]\s*\(\s*data:/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 13. URL fragment attacks (HashJack)
+    {
+        name: 'url_fragment_hashjack',
+        description: 'Instructions hidden in URL fragments',
+        regex: /#(ignore|admin|system|prompt)[_\w]*\s+/gi,
+        severity: 'medium',
+        action: 'strip'
+    },
+    // 14. Social engineering urgency
+    {
+        name: 'social_engineering_urgency',
+        description: 'Urgency language to bypass caution',
+        regex: /\b(urgent|critical|emergency|immediately|asap|right\s+now|time\s+sensitive|must\s+act\s+now)\b.*\b(ignore|override|bypass)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 15. Instruction delimiter injection
+    {
+        name: 'instruction_delimiter_injection',
+        description: 'Fake instruction boundaries',
+        regex: /\b(end\s+of\s+(instructions?|prompt)|new\s+instructions?|<\/?instruction>|---\s*system\s*---)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 16. Multi-language obfuscation
+    {
+        name: 'multi_language_obfuscation',
+        description: 'Instructions in non-English using English keywords',
+        regex: /\b(ignorar|ignorer|ignora|überspringen)\b.*\b(instrucciones|instructions|istruzioni)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 17. Reverse text obfuscation
+    {
+        name: 'reverse_text_obfuscation',
+        description: 'Instructions written backwards',
+        regex: /\b(erongi|nimda|tpmorp|metsys)\b/gi, // "ignore", "admin", "prompt", "system" reversed
+        severity: 'medium',
+        action: 'strip'
+    },
+    // 18. Leetspeak obfuscation
+    {
+        name: 'leetspeak_obfuscation',
+        description: 'L33tspeak encoded instructions',
+        regex: /\b(1gn0r3|4dm1n|sy5t3m|pr0mpt|1nstruct10n)\b/gi,
+        severity: 'low',
+        action: 'strip'
+    },
+    // 19. Jailbreak keywords
+    {
+        name: 'jailbreak_keywords',
+        description: 'Common jailbreak attempt keywords',
+        regex: /\b(jailbreak|dan\s+mode|developer\s+mode\s+enabled|anarchy\s+mode|unrestricted\s+mode)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 20. Token smuggling
+    {
+        name: 'token_smuggling',
+        description: 'Attempts to inject special tokens',
+        regex: /<\|im_(start|end)\|>|<\|endoftext\|>|\[INST\]|\[\/INST\]/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 21. System message injection
+    {
+        name: 'system_message_injection',
+        description: 'Fake system messages',
+        regex: /\[SYSTEM\]|\[ASSISTANT\]|\[USER\]|<\|system\|>/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 22. Conversation reset
+    {
+        name: 'conversation_reset',
+        description: 'Attempts to reset conversation state',
+        regex: /\b(reset|restart|clear|new)\s+(conversation|chat|session|context)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 23. Memory manipulation
+    {
+        name: 'memory_manipulation',
+        description: 'Attempts to manipulate AI memory or implant false context',
+        regex: /\b(remember|memorize|recall|don'?t\s+forget)\s+(that\s+)?(I\s+am|you\s+are|we\s+are|you\s+must|I\s+told\s+you|you\s+already|your\s+administrator|your\s+creator)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 24. Capability probing
+    {
+        name: 'capability_probing',
+        description: 'Probes for hidden capabilities',
+        regex: /\b(can\s+you|are\s+you\s+able\s+to)\s+(access|browse|execute|run|download)\b/gi,
+        severity: 'low',
+        action: 'strip'
+    },
+    // 25. Chain-of-thought manipulation
+    {
+        name: 'chain_of_thought_manipulation',
+        description: 'Manipulates reasoning process',
+        regex: /\blet'?s\s+think\s+step\s+by\s+step\b.*\b(ignore|bypass|override)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 26. Hypothetical scenario injection
+    {
+        name: 'hypothetical_scenario_injection',
+        description: 'Uses hypotheticals to bypass restrictions',
+        regex: /\b(hypothetically|imagine\s+you\s+could|in\s+a\s+world\s+where|pretend\s+there\s+are\s+no|let'?s\s+say\s+you\s+were\s+allowed|if\s+you\s+had\s+no\s+restrictions|for\s+the\s+sake\s+of\s+argument|suppose|what\s+if)\b.*\b(unrestricted|ignore|bypass|allowed|no\s+rules|no\s+guidelines|were\s+able)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 27. Ethical override
+    {
+        name: 'ethical_override',
+        description: 'Attempts to override ethical guidelines',
+        regex: /\b(ignore|bypass|disable)\s+(ethics|safety|guidelines|guardrails|restrictions)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 28. Output format manipulation
+    {
+        name: 'output_format_manipulation',
+        description: 'Manipulates output format to hide instructions',
+        regex: /\b(format|structure|style)\s+your\s+(response|output)\s+as\b.*\b(system|admin|instruction)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 29. Negative instruction
+    {
+        name: 'negative_instruction',
+        description: 'Uses negation to inject instructions',
+        regex: /\bdo\s+not\s+(tell|mention|say)\s+(anyone|the\s+user)\b/gi,
+        severity: 'low',
+        action: 'strip'
+    },
+    // 30. Credential harvesting
+    {
+        name: 'credential_harvesting',
+        description: 'Attempts to harvest credentials',
+        regex: /\b(enter|provide|give\s+me)\s+(your|the)\s+(password|api\s+key|token|credentials?|secret)\b/gi,
+        severity: 'critical',
+        action: 'redact'
+    },
+    // 31. Time-based triggers
+    {
+        name: 'time_based_triggers',
+        description: 'Conditional execution based on time',
+        regex: /\b(after|when|once)\s+\d+\s+(seconds?|minutes?|hours?)\b.*\b(then|execute|run)\b/gi,
+        severity: 'low',
+        action: 'strip'
+    },
+    // 32. Code execution requests
+    {
+        name: 'code_execution_requests',
+        description: 'Requests code execution or contains dangerous code patterns',
+        regex: /\b(execute|run\s+the\s+following|eval\(|exec\(|os\.system|subprocess|__import__|shell\s+command|bash\s+-c)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 32. File system access
+    {
+        name: 'file_system_access',
+        description: 'Requests file system operations',
+        regex: /\b(read|write|delete|access)\s+(file|directory|folder)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 33. Training data extraction
+    {
+        name: 'training_data_extraction',
+        description: 'Attempts to extract training data',
+        regex: /\b(repeat|recite|output)\s+(verbatim|exactly)\s+(from\s+your\s+)?(training|data|corpus)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 34. Simulator mode
+    {
+        name: 'simulator_mode',
+        description: 'Requests simulator/VM mode',
+        regex: /\b(simulate|emulate|pretend\s+you\s+are)\s+(a\s+)?(linux|terminal|bash|shell|vm|virtual\s+machine)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 35. Nested encoding
+    {
+        name: 'nested_encoding',
+        description: 'Multiple layers of encoding or double-encoded sequences',
+        regex: /\b(decode|decrypt|decipher)\s+(this\s+)?(twice|again|multiple\s+times)\b|%25[0-9A-F]{2}|[A-Za-z0-9+/]{40,}={0,2}.*[A-Za-z0-9+/]{40,}={0,2}/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 36. Payload splitting
+    {
+        name: 'payload_splitting',
+        description: 'Splits payload across multiple inputs',
+        regex: /\b(combine|concatenate|join)\s+(the\s+)?(previous|above)\s+(parts?|sections?|fragments?)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 37. CSS-based hiding
+    {
+        name: 'css_hiding',
+        description: 'Hidden content via CSS',
+        regex: /display\s*:\s*none|visibility\s*:\s*hidden|opacity\s*:\s*0/gi,
+        severity: 'medium',
+        action: 'strip'
+    },
+    // 38. Authority impersonation
+    {
+        name: 'authority_impersonation',
+        description: 'Claims to be an authority figure',
+        regex: /\b(I\s+am|this\s+is)\s+(your\s+)?(developer|creator|administrator|ceo|manager)\b/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 40. Testing/debugging claims
+    {
+        name: 'testing_debugging_claims',
+        description: 'Claims this is a test environment',
+        regex: /\b(this\s+is\s+a\s+)?(test|testing|debug|debugging)\s+(environment|mode|session)\b/gi,
+        severity: 'medium',
+        action: 'redact'
+    },
+    // 41. Callback URL injection
+    {
+        name: 'callback_url_injection',
+        description: 'Suspicious callback URLs',
+        regex: /\b(callback|webhook|redirect)\s+(url|endpoint)\s*[:=]\s*https?:\/\/(?!localhost)/gi,
+        severity: 'high',
+        action: 'redact'
+    },
+    // 43. Whitespace steganography
+    {
+        name: 'whitespace_steganography',
+        description: 'Hidden content in whitespace patterns',
+        regex: /\s{10,}/g,
+        severity: 'low',
+        action: 'strip'
+    }
+];
+/**
+ * Get all pattern names for logging/testing
+ */
+export function getAllPatternNames() {
+    return INJECTION_PATTERNS.map(p => p.name);
+}
+/**
+ * Get patterns by severity level
+ */
+export function getPatternsBySeverity(severity) {
+    return INJECTION_PATTERNS.filter(p => p.severity === severity);
+}
+//# sourceMappingURL=patterns.js.map

package/dist/sanitizer/patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/sanitizer/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAUH,MAAM,CAAC,MAAM,kBAAkB,GAAuB;IACpD,gGAAgG;IAChG;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6CAA6C;QAC1D,KAAK,EAAE,0NAA0N;QACjO,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,kCAAkC;IAClC;QACE,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,sDAAsD;QACnE,KAAK,EAAE,oKAAoK;QAC3K,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,oBAAoB;IACpB;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,wHAAwH;QAC/H,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,wCAAwC;QACrD,KAAK,EAAE,uJAAuJ;QAC9J,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,4JAA4J;QACnK,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,+MAA+M;QACtN,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6CAA6C;QAC1D,KAAK,EAAE,sHAAsH;QAC7H,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,mCAAmC;IACnC;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,6BAA6B;QAC1C,KAAK,EAAE,qFAAqF;QAC5F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,kCAAkC;IAClC;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,0CAA0C;QACvD,KAAK,EAAE,2DAA2D,EAAE,8BAA8B;QAClG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,wBAAwB;QAC/B,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,oCAAoC;QACjD,KAAK,EAAE,uFAAuF;QAC9F,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,oCAAoC;QAC3C,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,0BAA0B;QACvC,KAAK,EAAE,oDAAoD;QAC3D,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,0CAA0C;QACjD,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,oCAAoC;QACjD,KAAK,EAAE,gIAAgI;QACvI,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,6BAA6B;QAC1C,KAAK,EAAE,mGAAmG;QAC1G,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,oDAAoD;QACjE,KAAK,EAAE,0FAA0F;QACjG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,oCAAoC,EAAE,iDAAiD;QAC9F,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,gDAAgD;QACvD,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,4FAA4F;QACnG,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,4DAA4D;QACnE,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,sBAAsB;QACnC,KAAK,EAAE,kDAAkD;QACzD,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,uEAAuE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,2DAA2D;QACxE,KAAK,EAAE,sKAAsK;QAC7K,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,gFAAgF;QACvF,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,oCAAoC;IACpC;QACE,IAAI,EAAE,+BAA+B;QACrC,WAAW,EAAE,+BAA+B;QAC5C,KAAK,EAAE,uEAAuE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,2SAA2S;QAClT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,yCAAyC;QACtD,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,gDAAgD;QAC7D,KAAK,EAAE,gGAAgG;QACvG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,2DAA2D;QAClE,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,iCAAiC;QAC9C,KAAK,EAAE,+FAA+F;QACtG,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qCAAqC;QAClD,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6DAA6D;QAC1E,KAAK,EAAE,gHAAgH;QACvH,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,iCAAiC;QAC9C,KAAK,EAAE,4DAA4D;QACnE,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,6FAA6F;QACpG,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,qBAAqB;IACrB;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4BAA4B;QACzC,KAAK,EAAE,wGAAwG;QAC/G,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,yDAAyD;QACtE,KAAK,EAAE,8IAA8I;QACrJ,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,wBAAwB;IACxB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,8FAA8F;QACrG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,wBAAwB;QACrC,KAAK,EAAE,8DAA8D;QACrE,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,kCAAkC;QAC/C,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,sFAAsF;QAC7F,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,6BAA6B;IAC7B;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,0BAA0B;QACvC,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgD;IACpF,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AACjE,CAAC"}

package/dist/sanitizer/pii-redactor.d.ts

@@ -0,0 +1,29 @@
+/**
+ * PII Redaction Engine
+ *
+ * Detects and redacts personally identifiable information (PII) from content
+ * to prevent leakage of sensitive data to the LLM.
+ *
+ * Redacts: emails, phone numbers, SSNs, credit cards, IP addresses
+ */
+export interface PIIRedactionResult {
+    content: string;
+    pii_types_redacted: string[];
+    content_modified: boolean;
+    metadata: {
+        redaction_counts: Record<string, number>;
+    };
+}
+/**
+ * Redact PII from content
+ */
+export declare function redactPII(content: string): PIIRedactionResult;
+/**
+ * Check if content contains any PII (without redacting)
+ */
+export declare function containsPII(content: string): boolean;
+/**
+ * Get list of PII types detected (without redacting)
+ */
+export declare function detectPIITypes(content: string): string[];
+//# sourceMappingURL=pii-redactor.d.ts.map

package/dist/sanitizer/pii-redactor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii-redactor.d.ts","sourceRoot":"","sources":["../../src/sanitizer/pii-redactor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,QAAQ,EAAE;QACR,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;CACH;AAuID;;GAEG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,kBAAkB,CAmC7D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAYpD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAcxD"}

package/dist/sanitizer/pii-redactor.js

@@ -0,0 +1,189 @@
+/**
+ * PII Redaction Engine
+ *
+ * Detects and redacts personally identifiable information (PII) from content
+ * to prevent leakage of sensitive data to the LLM.
+ *
+ * Redacts: emails, phone numbers, SSNs, credit cards, IP addresses
+ */
+/**
+ * PII detection patterns with validators
+ */
+const PII_PATTERNS = [
+    // Email addresses
+    {
+        type: 'EMAIL',
+        name: 'email',
+        regex: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g,
+        validator: (match) => {
+            // Basic email validation
+            return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(match);
+        }
+    },
+    // Phone numbers (US and international formats)
+    {
+        type: 'PHONE',
+        name: 'phone',
+        regex: /(\+\d{1,3}[\s-]?)?\(?\d{3}\)?[\s.-]?\d{3}[\s.-]?\d{4}\b/g,
+        validator: (match) => {
+            // Remove non-digits and check length
+            const digits = match.replace(/\D/g, '');
+            return digits.length >= 10 && digits.length <= 15;
+        }
+    },
+    // US Social Security Numbers
+    {
+        type: 'SSN',
+        name: 'ssn',
+        regex: /\b\d{3}[-\s]?\d{2}[-\s]?\d{4}\b/g,
+        validator: (match) => {
+            const digits = match.replace(/\D/g, '');
+            // Basic SSN format check (9 digits)
+            if (digits.length !== 9)
+                return false;
+            // Reject invalid SSN patterns
+            if (digits === '000000000')
+                return false;
+            if (digits.startsWith('000'))
+                return false;
+            if (digits.startsWith('666'))
+                return false;
+            if (digits.startsWith('9'))
+                return false;
+            return true;
+        }
+    },
+    // Credit card numbers (13-19 digits with optional separators)
+    // Matches: 4-4-4-4 (Visa/MC), 4-6-5 (AmEx), or continuous digits
+    {
+        type: 'CC',
+        name: 'credit_card',
+        regex: /\b(?:\d{4}[\s-]?\d{6}[\s-]?\d{5}|\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4,7}|\d{13,19})\b/g,
+        validator: (match) => {
+            const digits = match.replace(/\D/g, '');
+            if (digits.length < 13 || digits.length > 19)
+                return false;
+            return luhnCheck(digits);
+        }
+    },
+    // IPv4 addresses
+    {
+        type: 'IP',
+        name: 'ipv4',
+        regex: /\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b/g,
+        validator: (match) => {
+            // Exclude common non-PII patterns like version numbers
+            if (match.startsWith('0.0.0'))
+                return false;
+            if (match.startsWith('255.255.255'))
+                return false;
+            return true;
+        }
+    },
+    // IPv6 addresses (simplified pattern)
+    {
+        type: 'IP',
+        name: 'ipv6',
+        regex: /\b(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\b/g,
+        validator: () => true
+    },
+    // US Passport numbers
+    {
+        type: 'PASSPORT',
+        name: 'passport',
+        regex: /\b[A-Z]{1,2}\d{6,9}\b/g,
+        validator: (match) => {
+            // Basic format: 1-2 letters + 6-9 digits
+            return /^[A-Z]{1,2}\d{6,9}$/.test(match);
+        }
+    },
+    // Driver's license patterns (varies by state, general pattern)
+    {
+        type: 'DL',
+        name: 'drivers_license',
+        regex: /\b[A-Z]{1,2}\d{5,8}\b/g,
+        validator: (match) => {
+            // Overlap with passport, but keep for completeness
+            return /^[A-Z]{1,2}\d{5,8}$/.test(match);
+        }
+    }
+];
+/**
+ * Luhn algorithm for credit card validation
+ */
+function luhnCheck(digits) {
+    let sum = 0;
+    let alternate = false;
+    for (let i = digits.length - 1; i >= 0; i--) {
+        let n = parseInt(digits.charAt(i), 10);
+        if (alternate) {
+            n *= 2;
+            if (n > 9) {
+                n = n - 9;
+            }
+        }
+        sum += n;
+        alternate = !alternate;
+    }
+    return sum % 10 === 0;
+}
+/**
+ * Redact PII from content
+ */
+export function redactPII(content) {
+    const piiTypesRedacted = new Set();
+    const redactionCounts = {};
+    let sanitizedContent = content;
+    for (const pattern of PII_PATTERNS) {
+        const matches = Array.from(sanitizedContent.matchAll(pattern.regex));
+        for (const match of matches) {
+            const matchedText = match[0];
+            // Apply validator if present
+            if (pattern.validator && !pattern.validator(matchedText)) {
+                continue;
+            }
+            // Redact the PII
+            sanitizedContent = sanitizedContent.replace(matchedText, `[REDACTED:${pattern.type}]`);
+            piiTypesRedacted.add(pattern.name);
+            redactionCounts[pattern.name] = (redactionCounts[pattern.name] || 0) + 1;
+        }
+    }
+    return {
+        content: sanitizedContent,
+        pii_types_redacted: Array.from(piiTypesRedacted),
+        content_modified: sanitizedContent !== content,
+        metadata: {
+            redaction_counts: redactionCounts
+        }
+    };
+}
+/**
+ * Check if content contains any PII (without redacting)
+ */
+export function containsPII(content) {
+    for (const pattern of PII_PATTERNS) {
+        const matches = Array.from(content.matchAll(pattern.regex));
+        for (const match of matches) {
+            if (!pattern.validator || pattern.validator(match[0])) {
+                return true;
+            }
+        }
+    }
+    return false;
+}
+/**
+ * Get list of PII types detected (without redacting)
+ */
+export function detectPIITypes(content) {
+    const detected = new Set();
+    for (const pattern of PII_PATTERNS) {
+        const matches = Array.from(content.matchAll(pattern.regex));
+        for (const match of matches) {
+            if (!pattern.validator || pattern.validator(match[0])) {
+                detected.add(pattern.name);
+            }
+        }
+    }
+    return Array.from(detected);
+}
+//# sourceMappingURL=pii-redactor.js.map

package/dist/sanitizer/pii-redactor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii-redactor.js","sourceRoot":"","sources":["../../src/sanitizer/pii-redactor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAkBH;;GAEG;AACH,MAAM,YAAY,GAAiB;IACjC,kBAAkB;IAClB;QACE,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO;QACb,KAAK,EAAE,sDAAsD;QAC7D,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yBAAyB;YACzB,OAAO,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClD,CAAC;KACF;IAED,+CAA+C;IAC/C;QACE,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,OAAO;QACb,KAAK,EAAE,0DAA0D;QACjE,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,qCAAqC;YACrC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO,MAAM,CAAC,MAAM,IAAI,EAAE,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;QACpD,CAAC;KACF;IAED,6BAA6B;IAC7B;QACE,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,KAAK;QACX,KAAK,EAAE,kCAAkC;QACzC,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,oCAAoC;YACpC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACtC,8BAA8B;YAC9B,IAAI,MAAM,KAAK,WAAW;gBAAE,OAAO,KAAK,CAAC;YACzC,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC3C,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC3C,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IAED,8DAA8D;IAC9D,iEAAiE;IACjE;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,aAAa;QACnB,KAAK,EAAE,yFAAyF;QAChG,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE;gBAAE,OAAO,KAAK,CAAC;YAC3D,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;KACF;IAED,iBAAiB;IACjB;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,MAAM;QACZ,KAAK,EAAE,gGAAgG;QACvG,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,uDAAuD;YACvD,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC5C,IAAI,KAAK,CAAC,UAAU,CAAC,aAAa,CAAC;gBAAE,OAAO,KAAK,CAAC;YAClD,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,MAAM;QACZ,KAAK,EAAE,+CAA+C;QACtD,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI;KACtB;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,KAAK,EAAE,wBAAwB;QAC/B,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yCAAyC;YACzC,OAAO,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;KACF;IAED,+DAA+D;IAC/D;QACE,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,iBAAiB;QACvB,KAAK,EAAE,wBAAwB;QAC/B,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,mDAAmD;YACnD,OAAO,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,SAAS,SAAS,CAAC,MAAc;IAC/B,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEvC,IAAI,SAAS,EAAE,CAAC;YACd,CAAC,IAAI,CAAC,CAAC;YACP,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACV,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACZ,CAAC;QACH,CAAC;QAED,GAAG,IAAI,CAAC,CAAC;QACT,SAAS,GAAG,CAAC,SAAS,CAAC;IACzB,CAAC;IAED,OAAO,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,OAAe;IACvC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC3C,MAAM,eAAe,GAA2B,EAAE,CAAC;IACnD,IAAI,gBAAgB,GAAG,OAAO,CAAC;IAE/B,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;QAErE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAE7B,6BAA6B;YAC7B,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzD,SAAS;YACX,CAAC;YAED,iBAAiB;YACjB,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,WAAW,EACX,aAAa,OAAO,CAAC,IAAI,GAAG,CAC7B,CAAC;YAEF,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,gBAAgB;QACzB,kBAAkB,EAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAChD,gBAAgB,EAAE,gBAAgB,KAAK,OAAO;QAC9C,QAAQ,EAAE;YACR,gBAAgB,EAAE,eAAe;SAClC;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;QAE5D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IAEnC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;QAE5D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtD,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC9B,CAAC"}

package/dist/tools/fetch-structured.d.ts

@@ -0,0 +1,46 @@
+/**
+ * visus_fetch_structured MCP Tool
+ *
+ * Fetches a web page and extracts structured data according to a schema.
+ * All extracted data is sanitized before being returned.
+ *
+ * CRITICAL: ALL content MUST pass through the sanitizer. This cannot be bypassed.
+ */
+import type { VisusFetchStructuredInput, VisusFetchStructuredOutput, Result } from '../types.js';
+/**
+ * visus_fetch_structured tool implementation
+ *
+ * @param input Tool input parameters
+ * @returns Extracted and sanitized structured data
+ */
+export declare function visusFetchStructured(input: VisusFetchStructuredInput): Promise<Result<VisusFetchStructuredOutput, Error>>;
+/**
+ * MCP tool definition for registration
+ */
+export declare const visusFetchStructuredToolDefinition: {
+    name: string;
+    description: string;
+    inputSchema: {
+        type: string;
+        properties: {
+            url: {
+                type: string;
+                description: string;
+            };
+            schema: {
+                type: string;
+                description: string;
+                additionalProperties: {
+                    type: string;
+                };
+            };
+            timeout_ms: {
+                type: string;
+                description: string;
+                default: number;
+            };
+        };
+        required: string[];
+    };
+};
+//# sourceMappingURL=fetch-structured.d.ts.map

package/dist/tools/fetch-structured.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch-structured.d.ts","sourceRoot":"","sources":["../../src/tools/fetch-structured.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,KAAK,EAAE,yBAAyB,EAAE,0BAA0B,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AA2EjG;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,yBAAyB,GAC/B,OAAO,CAAC,MAAM,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC,CA4FpD;AAED;;GAEG;AACH,eAAO,MAAM,kCAAkC;;;;;;;;;;;;;;;;;;;;;;;;;CAyB9C,CAAC"}