watchmyagents 0.2.0 → 0.3.0

package/package.json

@@ -1,20 +1,8 @@
 {
   "name": "watchmyagents",
-  "version": "0.2.0",
-  "description": "Security observability for AI agents — local-first NDJSON capture of every agent action (tool calls, prompts, state transitions, errors). Built for security audits, not just token counting.",
+  "version": "0.3.0",
+  "description": "Security observability + real-time policy enforcement for AI agents — local-first NDJSON capture of every agent action (tool calls, prompts, state transitions, errors) plus the Shield CLI that blocks policy violations live on Anthropic Managed Agents.",
   "type": "module",
-  "main": "./src/index.cjs",
-  "module": "./src/index.js",
-  "exports": {
-    ".": {
-      "import": "./src/index.js",
-      "require": "./src/index.cjs"
-    },
-    "./adapters/claude": "./src/adapters/claude.js",
-    "./adapters/openai": "./src/adapters/openai.js",
-    "./adapters/langchain": "./src/adapters/langchain.js",
-    "./adapters/generic": "./src/adapters/generic.js"
-  },
   "files": [
     "src/",
     "scripts/inspect.js",
@@ -32,15 +20,14 @@
   "scripts": {
     "inspect": "node scripts/inspect.js",
     "fetch": "node scripts/fetch-anthropic.js",
-    "shield": "node scripts/shield.js",
-    "example": "node examples/claude-agent/index.js"
+    "shield": "node scripts/shield.js"
   },
   "engines": {
     "node": ">=18.0.0"
   },
   "dependencies": {},
   "devDependencies": {
-    "@anthropic-ai/sdk": "latest"
+    "@anthropic-ai/sdk": "^0.42.0"
   },
   "keywords": [
     "ai",
@@ -54,7 +41,9 @@
     "claude",
     "managed-agents",
     "audit",
-    "ndjson"
+    "ndjson",
+    "policy-enforcement",
+    "shield"
   ],
   "author": "MinedorFBM <minedor@watchmyagents.com>",
   "license": "MIT",

package/scripts/shield.js

@@ -118,6 +118,9 @@ async function runSessionWorker({ sessionId, ctx }) {
   sinfo(sessionId, `attached (${mode} mode)`);
 
   let processed = 0, enforced = 0, sessionInterrupted = false;
+  // Cache is only needed for tool_confirmation mode (lookup by event_id when
+  // requires_action fires). Interrupt mode evaluates synchronously and never
+  // reads the cache, so caching there would just leak memory on long sessions.
   const toolUseCache = new Map();
 
   try {
@@ -131,7 +134,7 @@ async function runSessionWorker({ sessionId, ctx }) {
 
       // ── INTERRUPT MODE ──────────────────────────────────────────────
       if (mode === 'interrupt' && CACHEABLE_TOOL_TYPES.has(rawEvent.type)) {
-        toolUseCache.set(rawEvent.id, rawEvent);
+        // No caching in interrupt mode — react synchronously, free memory.
         const normalized = normalizeForPolicy(rawEvent);
         const t0 = Date.now();
         const result = evaluate(normalized, ruleset);

package/src/adapters/claude.js

@@ -1,46 +0,0 @@
-import { WatchMyAgents } from '../collector.js';
-
-export function createClaudeMonitor(opts = {}) {
-  const wma = WatchMyAgents.current() || new WatchMyAgents({ ...opts, framework: 'claude' });
-
-  return {
-    wma,
-    wrap(client) {
-      const m = client?.messages;
-      if (!m?.create) return client;
-      const orig = m.create.bind(m);
-      m.create = async (params) => {
-        const start = Date.now();
-        let status = 'ok', error = null, res;
-        try { res = await orig(params); return res; }
-        catch (e) { status = 'error'; error = e?.message || String(e); throw e; }
-        finally {
-          const u = res?.usage || {};
-          const inT = u.input_tokens || 0;
-          const outT = u.output_tokens || 0;
-          const cr = u.cache_read_input_tokens || 0;
-          const cw = u.cache_creation_input_tokens || 0;
-          const toolUses = Array.isArray(res?.content)
-            ? res.content.filter(b => b?.type === 'tool_use').map(b => b.name) : [];
-          await wma.logAction({
-            framework: 'claude', action_type: 'llm_call',
-            tool_name: params?.model || 'messages.create',
-            model: params?.model || null,
-            duration_ms: Date.now() - start,
-            input_tokens: inT || null,
-            output_tokens: outT || null,
-            cache_read_tokens: cr || null,
-            cache_creation_tokens: cw || null,
-            tokens_used: (inT + outT + cr + cw) || null,
-            status, error,
-            input: { model: params?.model, message_count: params?.messages?.length, tool_count: params?.tools?.length || 0 },
-            output: { stop_reason: res?.stop_reason || null, tool_uses: toolUses },
-          });
-        }
-      };
-      return client;
-    },
-    logToolUse: (name, input, output, duration_ms) =>
-      wma.logAction({ framework: 'claude', action_type: 'tool_use', tool_name: name, duration_ms: duration_ms ?? null, status: 'ok', input, output }),
-  };
-}

package/src/adapters/generic.js

@@ -1,21 +0,0 @@
-import { WatchMyAgents } from '../collector.js';
-
-export async function watch(toolName, params, fn, meta = {}) {
-  const wma = WatchMyAgents.getOrCreate();
-  return wma.watch(toolName, params, fn, { framework: 'generic', ...meta });
-}
-
-export function createGenericMonitor(opts = {}) {
-  const wma = WatchMyAgents.current() || new WatchMyAgents(opts);
-  return {
-    watch: (toolName, params, fn, meta) => wma.watch(toolName, params, fn, { framework: 'generic', ...meta }),
-    wrap(obj, methodNames) {
-      const names = methodNames || Object.keys(obj).filter(k => typeof obj[k] === 'function');
-      const wrapped = {};
-      for (const name of names) {
-        wrapped[name] = (...args) => wma.watch(name, args, () => obj[name](...args), { framework: 'generic' });
-      }
-      return { ...obj, ...wrapped };
-    },
-  };
-}

package/src/adapters/langchain.js

@@ -1,42 +0,0 @@
-import { WatchMyAgents } from '../collector.js';
-
-export function createLangChainHandler(opts = {}) {
-  const wma = WatchMyAgents.current() || new WatchMyAgents({ ...opts, framework: 'langchain' });
-  const starts = new Map();
-  const begin = id => starts.set(id, Date.now());
-  const elapsed = id => { const t = starts.get(id); starts.delete(id); return t ? Date.now() - t : null; };
-
-  return {
-    name: 'WatchMyAgentsHandler',
-    handleLLMStart: async (_l, _p, runId) => begin(runId),
-    handleLLMEnd: async (out, runId) => {
-      const u = out?.llmOutput?.tokenUsage || {};
-      const inT = u.promptTokens || 0, outT = u.completionTokens || 0;
-      return wma.logAction({
-        framework: 'langchain', action_type: 'llm_call', tool_name: 'llm',
-        model: out?.llmOutput?.modelName || null,
-        duration_ms: elapsed(runId),
-        input_tokens: inT || null, output_tokens: outT || null,
-        tokens_used: (inT + outT) || null, status: 'ok',
-      });
-    },
-    handleLLMError: async (err, runId) => wma.logAction({
-      framework: 'langchain', action_type: 'llm_call', tool_name: 'llm',
-      duration_ms: elapsed(runId), status: 'error', error: err?.message || String(err),
-    }),
-    handleToolStart: async (_t, _i, runId) => begin(runId),
-    handleToolEnd: async (_o, runId) => wma.logAction({
-      framework: 'langchain', action_type: 'tool_call', tool_name: 'tool',
-      duration_ms: elapsed(runId), status: 'ok',
-    }),
-    handleToolError: async (err, runId) => wma.logAction({
-      framework: 'langchain', action_type: 'tool_call', tool_name: 'tool',
-      duration_ms: elapsed(runId), status: 'error', error: err?.message || String(err),
-    }),
-    handleChainStart: async (_c, _i, runId) => begin(runId),
-    handleChainEnd: async (_o, runId) => wma.logAction({
-      framework: 'langchain', action_type: 'chain', tool_name: 'chain',
-      duration_ms: elapsed(runId), status: 'ok',
-    }),
-  };
-}

package/src/adapters/openai.js

@@ -1,47 +0,0 @@
-import { WatchMyAgents } from '../collector.js';
-
-export function createOpenAIMonitor(opts = {}) {
-  const wma = WatchMyAgents.current() || new WatchMyAgents({ ...opts, framework: 'openai' });
-
-  function wrapMethod(obj, method, action_type) {
-    if (!obj || typeof obj[method] !== 'function') return;
-    const orig = obj[method].bind(obj);
-    obj[method] = async (params) => {
-      const start = Date.now();
-      let status = 'ok', error = null, res;
-      try { res = await orig(params); return res; }
-      catch (e) { status = 'error'; error = e?.message || String(e); throw e; }
-      finally {
-        const u = res?.usage || {};
-        const inT = u.prompt_tokens || u.input_tokens || 0;
-        const outT = u.completion_tokens || u.output_tokens || 0;
-        const cr = u.prompt_tokens_details?.cached_tokens || 0;
-        await wma.logAction({
-          framework: 'openai', action_type,
-          tool_name: params?.model || params?.assistant_id || method,
-          model: params?.model || null,
-          duration_ms: Date.now() - start,
-          input_tokens: inT || null,
-          output_tokens: outT || null,
-          cache_read_tokens: cr || null,
-          tokens_used: (inT + outT) || null,
-          status, error,
-          input: { model: params?.model, assistant_id: params?.assistant_id },
-          output: { id: res?.id, status: res?.status },
-        });
-      }
-    };
-  }
-
-  return {
-    wma,
-    wrap(client) {
-      wrapMethod(client?.chat?.completions, 'create', 'llm_call');
-      wrapMethod(client?.completions, 'create', 'llm_call');
-      wrapMethod(client?.beta?.threads?.runs, 'create', 'assistant_run');
-      wrapMethod(client?.beta?.threads?.runs, 'createAndPoll', 'assistant_run');
-      wrapMethod(client?.responses, 'create', 'llm_call');
-      return client;
-    },
-  };
-}

package/src/anonymizer.js

@@ -1,48 +0,0 @@
-import { createHash } from 'node:crypto';
-
-const PII_PATTERNS = [
-  [/\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/g, '[EMAIL]'],
-  [/Bearer\s+[A-Za-z0-9\-_\.=]+/gi, '[TOKEN]'],
-  [/eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+/g, '[TOKEN]'],
-  [/\b(sk|pk|rk)-[A-Za-z0-9_\-]{16,}\b/g, '[API_KEY]'],
-  [/\bwma_[A-Za-z0-9_\-]{8,}\b/g, '[API_KEY]'],
-  [/\b(?:\d[ -]*?){13,19}\b/g, '[CARD]'],
-  [/\b\+?\d{1,3}[\s.-]?\(?\d{2,4}\)?[\s.-]?\d{3,4}[\s.-]?\d{3,4}\b/g, '[PHONE]'],
-  [/https?:\/\/[^\s"'<>]+/gi, '[URL]'],
-  [/\b(?:\d{1,3}\.){3}\d{1,3}\b/g, '[IP]'],
-  [/\b(?:[a-f0-9]{1,4}:){7}[a-f0-9]{1,4}\b/gi, '[IP]'],
-];
-
-const HASH_FIELDS = new Set(['user_id', 'session_id', 'agent_id']);
-
-export function scrubString(str) {
-  if (typeof str !== 'string') return str;
-  let out = str;
-  for (const [re, tag] of PII_PATTERNS) out = out.replace(re, tag);
-  return out;
-}
-
-export function hashId(value) {
-  if (value == null) return value;
-  return 'h_' + createHash('sha256').update(String(value)).digest('hex').slice(0, 24);
-}
-
-export function anonymize(obj) {
-  if (obj == null) return obj;
-  if (typeof obj === 'string') return scrubString(obj);
-  if (typeof obj !== 'object') return obj;
-  if (Array.isArray(obj)) return obj.map(anonymize);
-  const out = {};
-  for (const [k, v] of Object.entries(obj)) {
-    if (HASH_FIELDS.has(k) && (typeof v === 'string' || typeof v === 'number')) {
-      out[k] = hashId(v);
-    } else if (typeof v === 'string') {
-      out[k] = scrubString(v);
-    } else if (typeof v === 'object') {
-      out[k] = anonymize(v);
-    } else {
-      out[k] = v;
-    }
-  }
-  return out;
-}

package/src/collector.js

@@ -1,113 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { Logger } from './logger.js';
-import { Exporter } from './exporter.js';
-import { TokenTracker, estimateCost } from './tokens.js';
-
-let _instance = null;
-
-export class WatchMyAgents {
-  constructor(opts = {}) {
-    this.apiKey = opts.apiKey || process.env.WMA_API_KEY || null;
-    this.agentId = opts.agentId || 'default-agent';
-    this.logDir = opts.logDir || process.env.WMA_LOG_DIR || './watchmyagents-logs';
-    this.exportUrl = opts.exportUrl || process.env.WMA_EXPORT_URL || null;
-    this.silent = opts.silent !== false;
-    this.sessionId = opts.sessionId || randomUUID();
-    this.framework = opts.framework || 'generic';
-    this.tokenPricing = opts.tokenPricing || null;
-    this.tracker = new TokenTracker();
-    this.logger = new Logger({ logDir: this.logDir, agentId: this.agentId, sessionId: this.sessionId, silent: this.silent });
-    this.exporter = new Exporter({
-      apiKey: this.apiKey, exportUrl: this.exportUrl, agentId: this.agentId,
-      batchInterval: opts.batchInterval ?? 30000, silent: this.silent,
-    });
-    this.exporter.start();
-    _instance = this;
-  }
-
-  static current() { return _instance; }
-  static getOrCreate(opts) { return _instance || new WatchMyAgents(opts); }
-
-  summarize(v) {
-    if (v == null) return null;
-    const t = typeof v;
-    if (t === 'string') return { type: 'string', length: v.length };
-    if (t === 'number' || t === 'boolean') return { type: t };
-    if (Array.isArray(v)) return { type: 'array', length: v.length };
-    if (t === 'object') return { type: 'object', keys: Object.keys(v).length };
-    return { type: t };
-  }
-
-  _enrichTokens(entry) {
-    const i = entry.input_tokens, o = entry.output_tokens;
-    const cr = entry.cache_read_tokens || 0, cw = entry.cache_creation_tokens || 0;
-    if (entry.tokens_used == null && (i != null || o != null)) {
-      entry.tokens_used = (i || 0) + (o || 0) + cr + cw;
-    }
-    if (entry.cost_usd == null && entry.model) {
-      entry.cost_usd = estimateCost(entry.model, {
-        input_tokens: i, output_tokens: o,
-        cache_read_tokens: cr, cache_creation_tokens: cw,
-      }, this.tokenPricing);
-    }
-    return entry;
-  }
-
-  async watch(toolName, params, fn, meta = {}) {
-    const start = Date.now();
-    const id = randomUUID();
-    let status = 'ok', error = null, result;
-    try { result = await fn(); return result; }
-    catch (e) { status = 'error'; error = e?.message || String(e); throw e; }
-    finally {
-      const entry = await this.logger.write(this._enrichTokens({
-        id, framework: meta.framework || this.framework,
-        action_type: meta.action_type || 'tool_call',
-        tool_name: toolName, duration_ms: Date.now() - start,
-        model: meta.model ?? null,
-        tokens_used: meta.tokens_used ?? null,
-        input_tokens: meta.input_tokens ?? null,
-        output_tokens: meta.output_tokens ?? null,
-        cache_read_tokens: meta.cache_read_tokens ?? null,
-        cache_creation_tokens: meta.cache_creation_tokens ?? null,
-        status, error, input: params, output: this.summarize(result),
-      }));
-      this.tracker.record(entry);
-      this.exporter.enqueue(this.logger.toExportRecord(entry));
-    }
-  }
-
-  async logAction(entry) {
-    const written = await this.logger.write(this._enrichTokens({ ...entry }));
-    this.tracker.record(written);
-    this.exporter.enqueue(this.logger.toExportRecord(written));
-    return written;
-  }
-
-  tokenStats() { return this.tracker.stats(); }
-
-  async flush() { await this.exporter.flush(); }
-
-  async shutdown() {
-    const stats = this.tracker.stats().total;
-    const entry = await this.logger.write({
-      action_type: 'session_end',
-      tool_name: null,
-      framework: this.framework,
-      status: 'ok',
-      session_tokens: {
-        input: stats.input,
-        output: stats.output,
-        cache_read: stats.cache_read,
-        cache_creation: stats.cache_creation,
-        total: stats.sum,
-      },
-      session_cost_usd: stats.cost_usd,
-    });
-    this.exporter.enqueue(this.logger.toExportRecord(entry));
-    this.exporter.stop();
-    await this.exporter.flush();
-  }
-  get logPath() { return this.logger._pathForToday(); }
-  get actionCount() { return this.logger.count; }
-}

package/src/exporter.js

@@ -1,71 +0,0 @@
-import { request } from 'node:https';
-import { URL } from 'node:url';
-import { createCipheriv, randomBytes, scryptSync } from 'node:crypto';
-import { anonymize } from './anonymizer.js';
-
-const SALT = Buffer.from('watchmyagents.v1.salt', 'utf8');
-
-export class Exporter {
-  constructor({ apiKey, exportUrl, agentId, batchInterval = 30000, silent = true }) {
-    this.apiKey = apiKey;
-    this.exportUrl = exportUrl;
-    this.agentId = agentId;
-    this.silent = silent;
-    this.queue = [];
-    this.enabled = !!(apiKey && exportUrl);
-    this.key = this.enabled ? scryptSync(apiKey, SALT, 32) : null;
-    this.timer = null;
-    this.batchInterval = batchInterval;
-  }
-
-  start() {
-    if (this.timer || !this.enabled) return;
-    this.timer = setInterval(() => this.flush().catch(() => {}), this.batchInterval);
-    if (this.timer.unref) this.timer.unref();
-  }
-  stop() { if (this.timer) { clearInterval(this.timer); this.timer = null; } }
-  enqueue(record) { if (this.enabled) this.queue.push(anonymize(record)); }
-
-  _encrypt(payload) {
-    const iv = randomBytes(16);
-    const c = createCipheriv('aes-256-gcm', this.key, iv);
-    const data = Buffer.concat([c.update(payload, 'utf8'), c.final()]);
-    return { iv: iv.toString('base64'), tag: c.getAuthTag().toString('base64'), data: data.toString('base64') };
-  }
-
-  async flush() {
-    if (!this.exportUrl || !this.apiKey || this.queue.length === 0) return;
-    const batch = this.queue.splice(0, this.queue.length);
-    const body = JSON.stringify({ agent_id: this.agentId, count: batch.length, records: batch });
-    const payload = JSON.stringify({ v: 1, agent_id: this.agentId, ...this._encrypt(body) });
-    for (let attempt = 1; attempt <= 3; attempt++) {
-      try { await this._post(payload); return; }
-      catch (e) {
-        if (attempt === 3) {
-          this.queue.unshift(...batch);
-          if (!this.silent) process.stderr.write(`[wma] export failed: ${e.message}\n`);
-          return;
-        }
-        await new Promise(r => setTimeout(r, 1000 * 2 ** attempt));
-      }
-    }
-  }
-
-  _post(payload) {
-    return new Promise((resolve, reject) => {
-      let u; try { u = new URL(this.exportUrl); } catch (e) { return reject(e); }
-      if (u.protocol !== 'https:') return reject(new Error('HTTPS only'));
-      const req = request({
-        host: u.hostname, port: u.port || 443, path: u.pathname + u.search,
-        method: 'POST', rejectUnauthorized: true,
-        headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload), 'X-WMA-Key': this.apiKey },
-      }, res => {
-        res.resume();
-        if (res.statusCode >= 200 && res.statusCode < 300) resolve();
-        else reject(new Error(`HTTP ${res.statusCode}`));
-      });
-      req.on('error', reject);
-      req.write(payload); req.end();
-    });
-  }
-}

package/src/index.cjs

@@ -1,36 +0,0 @@
-'use strict';
-
-// CommonJS entrypoint — re-exports the ESM build via dynamic import.
-// All consumers receive the same singleton-backed API.
-
-const esmPromise = import('./index.js');
-
-function bind(name) {
-  return async function (...args) {
-    const mod = await esmPromise;
-    return mod[name](...args);
-  };
-}
-
-class WatchMyAgentsLazy {
-  constructor(opts) {
-    this._ready = esmPromise.then(mod => new mod.WatchMyAgents(opts));
-  }
-  async watch(...args) { return (await this._ready).watch(...args); }
-  async logAction(...args) { return (await this._ready).logAction(...args); }
-  async flush() { return (await this._ready).flush(); }
-  async shutdown() { return (await this._ready).shutdown(); }
-  get instance() { return this._ready; }
-}
-
-module.exports = WatchMyAgentsLazy;
-module.exports.default = WatchMyAgentsLazy;
-module.exports.WatchMyAgents = WatchMyAgentsLazy;
-module.exports.watch = bind('watch');
-module.exports.createGenericMonitor = bind('createGenericMonitor');
-module.exports.createClaudeMonitor = bind('createClaudeMonitor');
-module.exports.createOpenAIMonitor = bind('createOpenAIMonitor');
-module.exports.createLangChainHandler = bind('createLangChainHandler');
-module.exports.anonymize = bind('anonymize');
-module.exports.scrubString = bind('scrubString');
-module.exports.hashId = bind('hashId');

package/src/index.js

@@ -1,26 +0,0 @@
-import { WatchMyAgents } from './collector.js';
-import { watch, createGenericMonitor } from './adapters/generic.js';
-import { createClaudeMonitor } from './adapters/claude.js';
-import { createOpenAIMonitor } from './adapters/openai.js';
-import { createLangChainHandler } from './adapters/langchain.js';
-import { anonymize, scrubString, hashId } from './anonymizer.js';
-import { DEFAULT_PRICING, estimateCost, TokenTracker } from './tokens.js';
-import * as anthropicManaged from './sources/anthropic-managed.js';
-
-export {
-  WatchMyAgents,
-  watch,
-  createGenericMonitor,
-  createClaudeMonitor,
-  createOpenAIMonitor,
-  createLangChainHandler,
-  anonymize,
-  scrubString,
-  hashId,
-  DEFAULT_PRICING,
-  estimateCost,
-  TokenTracker,
-  anthropicManaged,
-};
-
-export default WatchMyAgents;