wunderland 0.45.2 → 0.47.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/chat-runtime.d.ts.map +1 -1
- package/dist/api/chat-runtime.js +17 -0
- package/dist/api/chat-runtime.js.map +1 -1
- package/dist/cli/commands/chat-ui.d.ts +2 -0
- package/dist/cli/commands/chat-ui.d.ts.map +1 -1
- package/dist/cli/commands/chat-ui.js +7 -0
- package/dist/cli/commands/chat-ui.js.map +1 -1
- package/dist/cli/commands/chat.d.ts.map +1 -1
- package/dist/cli/commands/chat.js +37 -0
- package/dist/cli/commands/chat.js.map +1 -1
- package/dist/cli/commands/completions.d.ts.map +1 -1
- package/dist/cli/commands/completions.js +18 -1
- package/dist/cli/commands/completions.js.map +1 -1
- package/dist/cli/commands/start/seed-initializer.d.ts.map +1 -1
- package/dist/cli/commands/start/seed-initializer.js +45 -1
- package/dist/cli/commands/start/seed-initializer.js.map +1 -1
- package/dist/config/index.d.ts +19 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +20 -0
- package/dist/config/index.js.map +1 -0
- package/dist/guardrails/index.d.ts +10 -0
- package/dist/guardrails/index.d.ts.map +1 -0
- package/dist/guardrails/index.js +10 -0
- package/dist/guardrails/index.js.map +1 -0
- package/dist/runtime/policy.d.ts +55 -0
- package/dist/runtime/policy.d.ts.map +1 -1
- package/dist/runtime/policy.js +47 -1
- package/dist/runtime/policy.js.map +1 -1
- package/dist/runtime/tool-calling.d.ts +1 -1
- package/dist/runtime/tool-calling.d.ts.map +1 -1
- package/dist/runtime/tool-calling.js +51 -2
- package/dist/runtime/tool-calling.js.map +1 -1
- package/dist/runtime/tool-helpers.d.ts +60 -0
- package/dist/runtime/tool-helpers.d.ts.map +1 -1
- package/dist/runtime/tool-helpers.js +120 -0
- package/dist/runtime/tool-helpers.js.map +1 -1
- package/dist/security/SecurityTiers.d.ts.map +1 -1
- package/dist/security/SecurityTiers.js +35 -0
- package/dist/security/SecurityTiers.js.map +1 -1
- package/dist/security/WunderlandSecurityPipeline.d.ts +61 -3
- package/dist/security/WunderlandSecurityPipeline.d.ts.map +1 -1
- package/dist/security/WunderlandSecurityPipeline.js +247 -2
- package/dist/security/WunderlandSecurityPipeline.js.map +1 -1
- package/dist/security/index.d.ts +1 -1
- package/dist/security/index.d.ts.map +1 -1
- package/dist/security/index.js +1 -1
- package/dist/security/index.js.map +1 -1
- package/dist/security/types.d.ts +24 -0
- package/dist/security/types.d.ts.map +1 -1
- package/dist/security/types.js.map +1 -1
- package/dist/voice/index.d.ts +14 -0
- package/dist/voice/index.d.ts.map +1 -0
- package/dist/voice/index.js +14 -0
- package/dist/voice/index.js.map +1 -0
- package/package.json +49 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"completions.js","sourceRoot":"","sources":["../../../src/cli/commands/completions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AAEvC,+EAA+E;AAE/E,gDAAgD;AAChD,MAAM,QAAQ,GAAkC;IAC9C,CAAC,OAAO,EAAE,+BAA+B,CAAC;IAC1C,CAAC,MAAM,EAAE,2BAA2B,CAAC;IACrC,CAAC,QAAQ,EAAE,oCAAoC,CAAC;IAChD,CAAC,OAAO,EAAE,0BAA0B,CAAC;IACrC,CAAC,MAAM,EAAE,gCAAgC,CAAC;IAC1C,CAAC,MAAM,EAAE,uCAAuC,CAAC;IACjD,CAAC,QAAQ,EAAE,yCAAyC,CAAC;IACrD,CAAC,UAAU,EAAE,0BAA0B,CAAC;IACxC,CAAC,QAAQ,EAAE,0BAA0B,CAAC;IACtC,CAAC,QAAQ,EAAE,2BAA2B,CAAC;IACvC,CAAC,OAAO,EAAE,uBAAuB,CAAC;IAClC,CAAC,MAAM,EAAE,2BAA2B,CAAC;IACrC,CAAC,MAAM,EAAE,oCAAoC,CAAC;IAC9C,CAAC,aAAa,EAAE,8BAA8B,CAAC;IAC/C,CAAC,cAAc,EAAE,kCAAkC,CAAC;IACpD,CAAC,eAAe,EAAE,uBAAuB,CAAC;IAC1C,CAAC,QAAQ,EAAE,mBAAmB,CAAC;IAC/B,CAAC,YAAY,EAAE,sBAAsB,CAAC;IACtC,CAAC,KAAK,EAAE,uBAAuB,CAAC;IAChC,CAAC,QAAQ,EAAE,yBAAyB,CAAC;IACrC,CAAC,WAAW,EAAE,iBAAiB,CAAC;IAChC,CAAC,UAAU,EAAE,kBAAkB,CAAC;IAChC,CAAC,YAAY,EAAE,0BAA0B,CAAC;IAC1C,CAAC,WAAW,EAAE,iBAAiB,CAAC;IAChC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,QAAQ,EAAE,yBAAyB,CAAC;IACrC,CAAC,SAAS,EAAE,gCAAgC,CAAC;IAC7C,CAAC,QAAQ,EAAE,oCAAoC,CAAC;IAChD,CAAC,QAAQ,EAAE,iCAAiC,CAAC;IAC7C,CAAC,cAAc,EAAE,8BAA8B,CAAC;IAChD,CAAC,gBAAgB,EAAE,6BAA6B,CAAC;IACjD,CAAC,QAAQ,EAAE,+BAA+B,CAAC;IAC3C,CAAC,OAAO,EAAE,kCAAkC,CAAC;IAC7C,CAAC,IAAI,EAAE,8BAA8B,CAAC;IACtC,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAC3B,CAAC,MAAM,EAAE,sBAAsB,CAAC;IAChC,CAAC,SAAS,EAAE,kCAAkC,CAAC;IAC/C,CAAC,OAAO,EAAE,oCAAoC,CAAC;IAC/C,CAAC,QAAQ,EAAE,6BAA6B,CAAC;IACzC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,SAAS,EAAE,iCAAiC,CAAC;IAC9C,CAAC,KAAK,EAAE,2BAA2B,CAAC;IACpC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,MAAM,EAAE,kBAAkB,CAAC;IAC5B,CAAC,SAAS,EAAE,cAAc,CAAC;CAC5B,CAAC;AAEF,+CAA+C;AAC/C,MAAM,WAAW,GAA6B;IAC5C,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,GAAG,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/D,GAAG,EAAE,
|
|
1
|
+
{"version":3,"file":"completions.js","sourceRoot":"","sources":["../../../src/cli/commands/completions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,KAAK,GAAG,MAAM,iBAAiB,CAAC;AAEvC,+EAA+E;AAE/E,gDAAgD;AAChD,MAAM,QAAQ,GAAkC;IAC9C,CAAC,OAAO,EAAE,+BAA+B,CAAC;IAC1C,CAAC,MAAM,EAAE,2BAA2B,CAAC;IACrC,CAAC,QAAQ,EAAE,oCAAoC,CAAC;IAChD,CAAC,OAAO,EAAE,0BAA0B,CAAC;IACrC,CAAC,MAAM,EAAE,gCAAgC,CAAC;IAC1C,CAAC,MAAM,EAAE,uCAAuC,CAAC;IACjD,CAAC,QAAQ,EAAE,yCAAyC,CAAC;IACrD,CAAC,UAAU,EAAE,0BAA0B,CAAC;IACxC,CAAC,QAAQ,EAAE,0BAA0B,CAAC;IACtC,CAAC,QAAQ,EAAE,2BAA2B,CAAC;IACvC,CAAC,OAAO,EAAE,uBAAuB,CAAC;IAClC,CAAC,MAAM,EAAE,2BAA2B,CAAC;IACrC,CAAC,MAAM,EAAE,oCAAoC,CAAC;IAC9C,CAAC,aAAa,EAAE,8BAA8B,CAAC;IAC/C,CAAC,cAAc,EAAE,kCAAkC,CAAC;IACpD,CAAC,eAAe,EAAE,uBAAuB,CAAC;IAC1C,CAAC,QAAQ,EAAE,mBAAmB,CAAC;IAC/B,CAAC,YAAY,EAAE,sBAAsB,CAAC;IACtC,CAAC,KAAK,EAAE,uBAAuB,CAAC;IAChC,CAAC,QAAQ,EAAE,yBAAyB,CAAC;IACrC,CAAC,WAAW,EAAE,iBAAiB,CAAC;IAChC,CAAC,UAAU,EAAE,kBAAkB,CAAC;IAChC,CAAC,YAAY,EAAE,0BAA0B,CAAC;IAC1C,CAAC,WAAW,EAAE,iBAAiB,CAAC;IAChC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,QAAQ,EAAE,yBAAyB,CAAC;IACrC,CAAC,SAAS,EAAE,gCAAgC,CAAC;IAC7C,CAAC,QAAQ,EAAE,oCAAoC,CAAC;IAChD,CAAC,QAAQ,EAAE,iCAAiC,CAAC;IAC7C,CAAC,cAAc,EAAE,8BAA8B,CAAC;IAChD,CAAC,gBAAgB,EAAE,6BAA6B,CAAC;IACjD,CAAC,QAAQ,EAAE,+BAA+B,CAAC;IAC3C,CAAC,OAAO,EAAE,kCAAkC,CAAC;IAC7C,CAAC,IAAI,EAAE,8BAA8B,CAAC;IACtC,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAC3B,CAAC,MAAM,EAAE,sBAAsB,CAAC;IAChC,CAAC,SAAS,EAAE,kCAAkC,CAAC;IAC/C,CAAC,OAAO,EAAE,oCAAoC,CAAC;IAC/C,CAAC,QAAQ,EAAE,6BAA6B,CAAC;IACzC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,SAAS,EAAE,iCAAiC,CAAC;IAC9C,CAAC,KAAK,EAAE,2BAA2B,CAAC;IACpC,CAAC,aAAa,EAAE,4BAA4B,CAAC;IAC7C,CAAC,MAAM,EAAE,kBAAkB,CAAC;IAC5B,CAAC,SAAS,EAAE,cAAc,CAAC;CAC5B,CAAC;AAEF,+CAA+C;AAC/C,MAAM,WAAW,GAA6B;IAC5C,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;IACtB,GAAG,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;IAC/D,GAAG,EAAE;QACH,QAAQ;QACR,cAAc;QACd,cAAc;QACd,iBAAiB;QACjB,OAAO;QACP,aAAa;QACb,aAAa;QACb,aAAa;QACb,aAAa;QACb,WAAW;QACX,OAAO;QACP,OAAO;QACP,QAAQ;QACR,OAAO;KACR;IACD,MAAM,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;IACpC,SAAS,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC;IAC9C,WAAW,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC;CACrC,CAAC;AAEF,oBAAoB;AACpB,MAAM,YAAY,GAAG;IACnB,QAAQ,EAAE,IAAI;IACd,WAAW,EAAE,IAAI;IACjB,SAAS,EAAE,IAAI;IACf,OAAO,EAAE,IAAI;IACb,sBAAsB;IACtB,SAAS;IACT,SAAS;IACT,YAAY;IACZ,WAAW;IACX,OAAO;IACP,UAAU;IACV,UAAU;IACV,QAAQ;IACR,SAAS;IACT,UAAU;IACV,iBAAiB;IACjB,iBAAiB;IACjB,cAAc;IACd,UAAU;IACV,OAAO;IACP,SAAS;IACT,WAAW;IACX,OAAO;IACP,aAAa;IACb,SAAS;IACT,UAAU,EAAE,IAAI;IAChB,UAAU;IACV,SAAS;IACT,cAAc;IACd,aAAa;IACb,cAAc;IACd,cAAc;IACd,UAAU;IACV,UAAU;IACV,UAAU;CACX,CAAC;AAEF,+EAA+E;AAE/E,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,cAAc,CAC1C,IAAc,EACd,MAAwC,EACxC,QAAqB;IAErB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC;IAErC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,MAAM;YACT,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;YAC5B,OAAO;QACT,KAAK,KAAK;YACR,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YAC3B,OAAO;QACT,KAAK,MAAM;YACT,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;YAC5B,OAAO;QACT;YACE,iBAAiB,EAAE,CAAC;IACxB,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,SAAS,iBAAiB;IACxB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAE/B,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;IACjC,GAAG,CAAC,KAAK,EAAE,CAAC;IAEZ,IAAI,QAAQ,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,KAAK,EAAE,CAAC;IACd,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,0CAA0C,CAAC,EAAE,CAAC,CAAC;IACtE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAC9C,GAAG,CAAC,KAAK,EAAE,CAAC;IAEZ,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClC,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,wCAAwC,CAAC,EAAE,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC7C,GAAG,CAAC,KAAK,EAAE,CAAC;IAEZ,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,0EAA0E,CAAC,EAAE,CAAC,CAAC;IACtG,GAAG,CAAC,KAAK,EAAE,CAAC;AACd,CAAC;AAED,SAAS,WAAW;IAClB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;IACtC,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IAC1C,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+EAA+E;AAE/E,SAAS,YAAY;IACnB,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAErC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC;SAChD,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,SAAS,GAAG,+BAA+B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC;SAClG,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,OAAO;;;;;;oBAMW,IAAI;wBACA,KAAK;;;;;;;;;EAS3B,eAAe;;;;;;;;;;;CAWhB,CAAC;AACF,CAAC;AAED,+EAA+E;AAE/E,SAAS,WAAW;IAClB,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAC7B,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,QAAQ,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAC/D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC;SAChD,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpD,OAAO,OAAO,GAAG,oBAAoB,OAAO,YAAY,CAAC;IAC3D,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,MAAM,WAAW,GAAG,YAAY;SAC7B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;SACjC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;SACxB,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,OAAO;;;;;;;;EAQP,UAAU;;;;EAIV,WAAW;;;;;;;;;;EAUX,eAAe;;;;;CAKhB,CAAC;AACF,CAAC;AAED,+EAA+E;AAE/E,SAAS,YAAY;IACnB,MAAM,KAAK,GAAa;QACtB,+BAA+B;QAC/B,6CAA6C;QAC7C,EAAE;QACF,uCAAuC;QACvC,2BAA2B;QAC3B,EAAE;QACF,YAAY;KACb,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,QAAQ,EAAE,CAAC;QACnC,KAAK,CAAC,IAAI,CACR,yDAAyD,GAAG,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAClG,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACtD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CACR,0DAA0D,GAAG,SAAS,GAAG,GAAG,CAC7E,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAC7B,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3B,KAAK,CAAC,IAAI,CAAC,8BAA8B,IAAI,GAAG,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrD,KAAK,CAAC,IAAI,CAAC,8BAA8B,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"seed-initializer.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/start/seed-initializer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAgBH,wBAAsB,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"seed-initializer.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/start/seed-initializer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAgBH,wBAAsB,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAmI5D"}
|
|
@@ -8,7 +8,19 @@ import { normalizeRuntimePolicy, getPermissionsForSet, } from '../../security/ru
|
|
|
8
8
|
import { startWunderlandOtel } from '../../observability/otel.js';
|
|
9
9
|
import { createWunderlandSeed, DEFAULT_INFERENCE_HIERARCHY, DEFAULT_SECURITY_PROFILE, DEFAULT_STEP_UP_AUTH_CONFIG, } from '../../../core/index.js';
|
|
10
10
|
export async function initializeSeed(ctx) {
|
|
11
|
-
const { cfg, globalConfig } = ctx;
|
|
11
|
+
const { cfg, globalConfig, flags } = ctx;
|
|
12
|
+
// ── Inject CLI guardrail flags into the config before policy normalization ──
|
|
13
|
+
// --no-guardrails → disableGuardrailPacks
|
|
14
|
+
// --guardrails=pii,code-safety → enableOnlyGuardrailPacks
|
|
15
|
+
if (flags?.['no-guardrails'] === true) {
|
|
16
|
+
cfg.disableGuardrailPacks = true;
|
|
17
|
+
}
|
|
18
|
+
const guardrailsFlag = typeof flags?.['guardrails'] === 'string'
|
|
19
|
+
? String(flags['guardrails']).trim()
|
|
20
|
+
: '';
|
|
21
|
+
if (guardrailsFlag) {
|
|
22
|
+
cfg.enableOnlyGuardrailPacks = guardrailsFlag.split(',').map((s) => s.trim()).filter(Boolean);
|
|
23
|
+
}
|
|
12
24
|
const seedId = String(cfg.seedId || 'seed_local_agent');
|
|
13
25
|
const displayName = resolveAgentDisplayName({
|
|
14
26
|
displayName: cfg.displayName,
|
|
@@ -68,6 +80,37 @@ export async function initializeSeed(ctx) {
|
|
|
68
80
|
inferenceHierarchy: DEFAULT_INFERENCE_HIERARCHY,
|
|
69
81
|
stepUpAuthConfig: DEFAULT_STEP_UP_AUTH_CONFIG,
|
|
70
82
|
});
|
|
83
|
+
// ── Content Security Pipeline (optional) ──────────────────────────────────
|
|
84
|
+
// Creates the WunderlandSecurityPipeline from the resolved tier + config
|
|
85
|
+
// overrides. Fail-safe: if creation fails, agent runs without content guardrails.
|
|
86
|
+
let guardrailSummary = null;
|
|
87
|
+
try {
|
|
88
|
+
const { initializeSecurityPipeline } = await import('../../../runtime/tool-helpers.js');
|
|
89
|
+
guardrailSummary = await initializeSecurityPipeline({
|
|
90
|
+
securityTier: policy.securityTier,
|
|
91
|
+
guardrailPackOverrides: policy.guardrailPackOverrides,
|
|
92
|
+
disableGuardrailPacks: policy.disableGuardrailPacks,
|
|
93
|
+
enableOnlyPacks: policy.enableOnlyGuardrailPacks,
|
|
94
|
+
seedId,
|
|
95
|
+
});
|
|
96
|
+
}
|
|
97
|
+
catch (err) {
|
|
98
|
+
console.warn('[wunderland] Security pipeline not available, running without content guardrails:', err?.message ?? err);
|
|
99
|
+
}
|
|
100
|
+
// Log active guardrail packs for operator visibility.
|
|
101
|
+
if (guardrailSummary) {
|
|
102
|
+
const { active, total } = guardrailSummary;
|
|
103
|
+
if (active.length > 0) {
|
|
104
|
+
console.log(`[wunderland] Security tier: ${policy.securityTier}`);
|
|
105
|
+
console.log(`[wunderland] Guardrail packs: ${active.join(', ')} (${active.length} of ${total} active)`);
|
|
106
|
+
}
|
|
107
|
+
else {
|
|
108
|
+
console.log(`[wunderland] Security tier: ${policy.securityTier} (no guardrail packs active)`);
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
else {
|
|
112
|
+
console.log(`[wunderland] Security tier: ${policy.securityTier} (content guardrails unavailable)`);
|
|
113
|
+
}
|
|
71
114
|
ctx.seedId = seedId;
|
|
72
115
|
ctx.displayName = displayName;
|
|
73
116
|
ctx.description = description;
|
|
@@ -75,6 +118,7 @@ export async function initializeSeed(ctx) {
|
|
|
75
118
|
ctx.permissions = permissions;
|
|
76
119
|
ctx.seed = seed;
|
|
77
120
|
ctx.security = security;
|
|
121
|
+
ctx.guardrailSummary = guardrailSummary;
|
|
78
122
|
ctx.LOCAL_ONLY_CHANNELS = LOCAL_ONLY_CHANNELS;
|
|
79
123
|
ctx.CLI_REQUIRED_CHANNELS = CLI_REQUIRED_CHANNELS;
|
|
80
124
|
ctx.turnApprovalMode = turnApprovalMode;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"seed-initializer.js","sourceRoot":"","sources":["../../../../src/cli/commands/start/seed-initializer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EACL,oBAAoB,EACpB,2BAA2B,EAC3B,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,wBAAwB,CAAC;AAEhC,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAQ;IAC3C,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"seed-initializer.js","sourceRoot":"","sources":["../../../../src/cli/commands/start/seed-initializer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EACL,oBAAoB,EACpB,2BAA2B,EAC3B,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,wBAAwB,CAAC;AAEhC,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAQ;IAC3C,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAEzC,+EAA+E;IAC/E,0CAA0C;IAC1C,0DAA0D;IAC1D,IAAI,KAAK,EAAE,CAAC,eAAe,CAAC,KAAK,IAAI,EAAE,CAAC;QACtC,GAAG,CAAC,qBAAqB,GAAG,IAAI,CAAC;IACnC,CAAC;IACD,MAAM,cAAc,GAAG,OAAO,KAAK,EAAE,CAAC,YAAY,CAAC,KAAK,QAAQ;QAC9D,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE;QACpC,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,cAAc,EAAE,CAAC;QACnB,GAAG,CAAC,wBAAwB,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACxG,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,IAAI,kBAAkB,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,uBAAuB,CAAC;QAC1C,WAAW,EAAE,GAAG,CAAC,WAAW;QAC5B,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,eAAe,EAAE,YAAY,CAAC,SAAS;QACvC,MAAM;QACN,QAAQ,EAAE,UAAU;KACrB,CAAC,CAAC;IACH,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,sBAAsB,CAAC,CAAC;IAC9D,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,WAAW,GAAG,oBAAoB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC/D,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAS,CAAC,SAAS,CAAC,CAAC,CAAC;IACzD,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;IACtE,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE;QAC7B,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACjF,CAAC,CAAE,GAAG,CAAC,IAAY,CAAC,gBAAgB,IAAK,GAAG,CAAC,IAAY,CAAC,YAAY;YACtE,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,CAAC,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAClE,IAAI,CAAC,KAAK,iBAAiB;YAAE,OAAO,iBAAiB,CAAC;QACtD,IAAI,CAAC,KAAK,kBAAkB;YAAE,OAAO,kBAAkB,CAAC;QACxD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,eAAe,GAAG,sBAAsB,CAAE,GAAW,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC;IAE3F,+DAA+D;IAC/D,MAAM,cAAc,GAAG,GAAG,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC;IACzD,IAAI,OAAO,cAAc,KAAK,SAAS,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IAC7E,CAAC;IACD,MAAM,kBAAkB,GAAG,GAAG,EAAE,aAAa,EAAE,IAAI,EAAE,UAAU,CAAC;IAChE,IAAI,OAAO,kBAAkB,KAAK,SAAS,EAAE,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IACtF,CAAC;IAED,MAAM,mBAAmB,CAAC,EAAE,WAAW,EAAE,aAAa,MAAM,EAAE,EAAE,CAAC,CAAC;IAElE,MAAM,QAAQ,GAAG;QACf,GAAG,wBAAwB;QAC3B,sBAAsB,EAAE,GAAG,EAAE,QAAQ,EAAE,gBAAgB,IAAI,wBAAwB,CAAC,sBAAsB;QAC1G,oBAAoB,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,IAAI,wBAAwB,CAAC,oBAAoB;QAClG,mBAAmB,EAAE,GAAG,EAAE,QAAQ,EAAE,aAAa,IAAI,wBAAwB,CAAC,mBAAmB;KAClG,CAAC;IAEF,MAAM,IAAI,GAAG,oBAAoB,CAAC;QAChC,MAAM;QACN,IAAI,EAAE,WAAW;QACjB,WAAW;QACX,YAAY,EAAE;YACZ,gBAAgB,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;YAC9D,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,GAAG;YACpE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,GAAG;YACpE,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG;YACvE,iBAAiB,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,GAAG;YACnF,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG;SACzD;QACD,gBAAgB,EAAE,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;QACrF,eAAe,EAAE,QAAQ;QACzB,kBAAkB,EAAE,2BAA2B;QAC/C,gBAAgB,EAAE,2BAA2B;KAC9C,CAAC,CAAC;IAEH,6EAA6E;IAC7E,yEAAyE;IACzE,kFAAkF;IAClF,IAAI,gBAAgB,GAA+C,IAAI,CAAC;IACxE,IAAI,CAAC;QACH,MAAM,EAAE,0BAA0B,EAAE,GAAG,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;QACxF,gBAAgB,GAAG,MAAM,0BAA0B,CAAC;YAClD,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;YACrD,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;YACnD,eAAe,EAAE,MAAM,CAAC,wBAAwB;YAChD,MAAM;SACP,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CACV,mFAAmF,EACnF,GAAG,EAAE,OAAO,IAAI,GAAG,CACpB,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,IAAI,gBAAgB,EAAE,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,gBAAgB,CAAC;QAC3C,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,+BAA+B,MAAM,CAAC,YAAY,EAAE,CACrD,CAAC;YACF,OAAO,CAAC,GAAG,CACT,iCAAiC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,MAAM,OAAO,KAAK,UAAU,CAC3F,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,+BAA+B,MAAM,CAAC,YAAY,8BAA8B,CACjF,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CACT,+BAA+B,MAAM,CAAC,YAAY,mCAAmC,CACtF,CAAC;IACJ,CAAC;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;IACpB,GAAG,CAAC,WAAW,GAAG,WAAW,CAAC;IAC9B,GAAG,CAAC,WAAW,GAAG,WAAW,CAAC;IAC9B,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;IACpB,GAAG,CAAC,WAAW,GAAG,WAAW,CAAC;IAC9B,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;IAChB,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACxB,GAAG,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IACxC,GAAG,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;IAC9C,GAAG,CAAC,qBAAqB,GAAG,qBAAqB,CAAC;IAClD,GAAG,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IACxC,GAAG,CAAC,eAAe,GAAG,eAAe,CAAC;AACxC,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Agent configuration loading, validation, and resolution.
|
|
3
|
+
*
|
|
4
|
+
* Provides the full config pipeline: load from disk or object, validate against
|
|
5
|
+
* the Wunderland agent-config schema, merge with presets and personas, and
|
|
6
|
+
* resolve the effective runtime configuration including LLM credentials.
|
|
7
|
+
*
|
|
8
|
+
* @module wunderland/config
|
|
9
|
+
*/
|
|
10
|
+
export { loadAgentConfig, resolveLlmConfig, resolveProviderId } from './load.js';
|
|
11
|
+
export type { ResolvedLlmConfig } from './load.js';
|
|
12
|
+
export { validateWunderlandAgentConfig } from './schema.js';
|
|
13
|
+
export { WunderlandConfigError } from './errors.js';
|
|
14
|
+
export type { WunderlandConfigIssue } from './errors.js';
|
|
15
|
+
export { resolveEffectiveAgentConfig, buildDiscoveryOptionsFromAgentConfig, } from './effective-agent-config.js';
|
|
16
|
+
export type { EffectiveAgentConfigResult } from './effective-agent-config.js';
|
|
17
|
+
export { resolveConfiguredPersonas, resolveSelectedPersonaId, summarizePersona, extractSystemPromptFromPersona, extractHexacoTraitsFromPersona, buildRagConfigFromPersona, } from './persona-registry.js';
|
|
18
|
+
export type { ResolvedPersonaEntry, PersonaSummary, ResolvedPersonaCatalog, } from './persona-registry.js';
|
|
19
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AACjF,YAAY,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAGnD,OAAO,EAAE,6BAA6B,EAAE,MAAM,aAAa,CAAC;AAG5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,YAAY,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGzD,OAAO,EACL,2BAA2B,EAC3B,oCAAoC,GACrC,MAAM,6BAA6B,CAAC;AACrC,YAAY,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AAG9E,OAAO,EACL,yBAAyB,EACzB,wBAAwB,EACxB,gBAAgB,EAChB,8BAA8B,EAC9B,8BAA8B,EAC9B,yBAAyB,GAC1B,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EACV,oBAAoB,EACpB,cAAc,EACd,sBAAsB,GACvB,MAAM,uBAAuB,CAAC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Agent configuration loading, validation, and resolution.
|
|
3
|
+
*
|
|
4
|
+
* Provides the full config pipeline: load from disk or object, validate against
|
|
5
|
+
* the Wunderland agent-config schema, merge with presets and personas, and
|
|
6
|
+
* resolve the effective runtime configuration including LLM credentials.
|
|
7
|
+
*
|
|
8
|
+
* @module wunderland/config
|
|
9
|
+
*/
|
|
10
|
+
// ── Config loading & LLM resolution ────────────────────────────────────────
|
|
11
|
+
export { loadAgentConfig, resolveLlmConfig, resolveProviderId } from './load.js';
|
|
12
|
+
// ── Schema validation ──────────────────────────────────────────────────────
|
|
13
|
+
export { validateWunderlandAgentConfig } from './schema.js';
|
|
14
|
+
// ── Error types ────────────────────────────────────────────────────────────
|
|
15
|
+
export { WunderlandConfigError } from './errors.js';
|
|
16
|
+
// ── Effective agent config (preset + persona merge) ────────────────────────
|
|
17
|
+
export { resolveEffectiveAgentConfig, buildDiscoveryOptionsFromAgentConfig, } from './effective-agent-config.js';
|
|
18
|
+
// ── Persona registry ───────────────────────────────────────────────────────
|
|
19
|
+
export { resolveConfiguredPersonas, resolveSelectedPersonaId, summarizePersona, extractSystemPromptFromPersona, extractHexacoTraitsFromPersona, buildRagConfigFromPersona, } from './persona-registry.js';
|
|
20
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,8EAA8E;AAC9E,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAGjF,8EAA8E;AAC9E,OAAO,EAAE,6BAA6B,EAAE,MAAM,aAAa,CAAC;AAE5D,8EAA8E;AAC9E,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD,8EAA8E;AAC9E,OAAO,EACL,2BAA2B,EAC3B,oCAAoC,GACrC,MAAM,6BAA6B,CAAC;AAGrC,8EAA8E;AAC9E,OAAO,EACL,yBAAyB,EACzB,wBAAwB,EACxB,gBAAgB,EAChB,8BAA8B,EAC9B,8BAA8B,EAC9B,yBAAyB,GAC1B,MAAM,uBAAuB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Content guardrails for agent safety.
|
|
3
|
+
*
|
|
4
|
+
* Provides the {@link CitizenModeGuardrail} which enforces the "no prompting"
|
|
5
|
+
* policy when an agent operates in Public (Citizen) mode on Wonderland.
|
|
6
|
+
*
|
|
7
|
+
* @module wunderland/guardrails
|
|
8
|
+
*/
|
|
9
|
+
export { CitizenModeGuardrail, type CitizenGuardrailAction, type CitizenGuardrailResult, } from './CitizenModeGuardrail.js';
|
|
10
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/guardrails/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,oBAAoB,EACpB,KAAK,sBAAsB,EAC3B,KAAK,sBAAsB,GAC5B,MAAM,2BAA2B,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Content guardrails for agent safety.
|
|
3
|
+
*
|
|
4
|
+
* Provides the {@link CitizenModeGuardrail} which enforces the "no prompting"
|
|
5
|
+
* policy when an agent operates in Public (Citizen) mode on Wonderland.
|
|
6
|
+
*
|
|
7
|
+
* @module wunderland/guardrails
|
|
8
|
+
*/
|
|
9
|
+
export { CitizenModeGuardrail, } from './CitizenModeGuardrail.js';
|
|
10
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/guardrails/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,oBAAoB,GAGrB,MAAM,2BAA2B,CAAC"}
|
package/dist/runtime/policy.d.ts
CHANGED
|
@@ -13,6 +13,29 @@ import { type ToolAccessProfileName } from '../social/ToolAccessProfiles.js';
|
|
|
13
13
|
import type { FolderPermissionConfig } from '../security/FolderPermissions.js';
|
|
14
14
|
import type { ToolInstance } from './tool-calling.js';
|
|
15
15
|
export type ExecutionMode = 'autonomous' | 'human-all' | 'human-dangerous';
|
|
16
|
+
/**
|
|
17
|
+
* Resolved guardrail pack overrides from `agent.config.json` `security.guardrailPacks`.
|
|
18
|
+
* Each key toggles a specific guardrail extension pack on/off, overriding tier defaults.
|
|
19
|
+
*/
|
|
20
|
+
export interface GuardrailPackOverrides {
|
|
21
|
+
/** Four-tier PII detection and redaction. */
|
|
22
|
+
piiRedaction?: boolean;
|
|
23
|
+
/** ML-based toxicity, injection, and jailbreak detection. */
|
|
24
|
+
mlClassifiers?: boolean;
|
|
25
|
+
/** Embedding-based topic enforcement + drift detection. */
|
|
26
|
+
topicality?: boolean;
|
|
27
|
+
/** OWASP Top 10 code safety scanning. */
|
|
28
|
+
codeSafety?: boolean;
|
|
29
|
+
/** RAG-grounded hallucination detection via NLI. */
|
|
30
|
+
groundingGuard?: boolean;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Fully normalized runtime policy resolved from agent config + CLI flags.
|
|
34
|
+
*
|
|
35
|
+
* This structure is passed to every runtime subsystem (tool filtering,
|
|
36
|
+
* authorization, system prompt building, guardrails) so they all use a
|
|
37
|
+
* single, consistent set of resolved values.
|
|
38
|
+
*/
|
|
16
39
|
export type NormalizedRuntimePolicy = {
|
|
17
40
|
securityTier: SecurityTierName;
|
|
18
41
|
permissionSet: PermissionSetName;
|
|
@@ -20,6 +43,21 @@ export type NormalizedRuntimePolicy = {
|
|
|
20
43
|
executionMode: ExecutionMode;
|
|
21
44
|
wrapToolOutputs: boolean;
|
|
22
45
|
folderPermissions?: FolderPermissionConfig;
|
|
46
|
+
/**
|
|
47
|
+
* Per-agent guardrail pack overrides (from `security.guardrailPacks`).
|
|
48
|
+
* When present, merged on top of the tier's default pack config.
|
|
49
|
+
*/
|
|
50
|
+
guardrailPackOverrides?: GuardrailPackOverrides;
|
|
51
|
+
/**
|
|
52
|
+
* When `true`, all guardrail extension packs are disabled.
|
|
53
|
+
* Equivalent to `--no-guardrails` CLI flag.
|
|
54
|
+
*/
|
|
55
|
+
disableGuardrailPacks?: boolean;
|
|
56
|
+
/**
|
|
57
|
+
* Explicit list of pack short-names to enable (overrides tier defaults).
|
|
58
|
+
* Equivalent to `--guardrails=pii,code-safety` CLI flag.
|
|
59
|
+
*/
|
|
60
|
+
enableOnlyGuardrailPacks?: string[];
|
|
23
61
|
};
|
|
24
62
|
export declare function normalizeSecurityTier(raw: unknown): SecurityTierName;
|
|
25
63
|
export declare function normalizePermissionSet(raw: unknown, tier: SecurityTierName): PermissionSetName;
|
|
@@ -27,6 +65,23 @@ export declare function normalizeExecutionMode(raw: unknown, tier: SecurityTierN
|
|
|
27
65
|
export declare function normalizeToolAccessProfile(raw: unknown): ToolAccessProfileName;
|
|
28
66
|
export declare function normalizeWrapToolOutputs(raw: unknown, tier: SecurityTierName): boolean;
|
|
29
67
|
export declare function normalizeFolderPermissions(raw: unknown): FolderPermissionConfig | undefined;
|
|
68
|
+
/**
|
|
69
|
+
* Extracts guardrail pack overrides from `security.guardrailPacks` in agent config.
|
|
70
|
+
*
|
|
71
|
+
* @param raw - The `security.guardrailPacks` value from agent.config.json.
|
|
72
|
+
* @returns Normalized overrides, or `undefined` if none specified.
|
|
73
|
+
*/
|
|
74
|
+
export declare function normalizeGuardrailPackOverrides(raw: unknown): GuardrailPackOverrides | undefined;
|
|
75
|
+
/**
|
|
76
|
+
* Normalizes the full runtime policy from agent config (merged with CLI overrides).
|
|
77
|
+
*
|
|
78
|
+
* This is the single source of truth for all runtime security decisions.
|
|
79
|
+
* CLI flags like `--security-tier`, `--no-guardrails`, and `--guardrails=...`
|
|
80
|
+
* should be merged into the `agentConfig` object before calling this function.
|
|
81
|
+
*
|
|
82
|
+
* @param agentConfig - Merged agent config object (config file + CLI overrides).
|
|
83
|
+
* @returns Fully normalized runtime policy.
|
|
84
|
+
*/
|
|
30
85
|
export declare function normalizeRuntimePolicy(agentConfig: any): NormalizedRuntimePolicy;
|
|
31
86
|
export declare function getPermissionsForSet(name: PermissionSetName): GranularPermissions;
|
|
32
87
|
export declare function filterToolMapByPolicy(opts: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAGL,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,EACtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAKL,KAAK,qBAAqB,EAC3B,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG,WAAW,GAAG,iBAAiB,CAAC;AAE3E,MAAM,MAAM,uBAAuB,GAAG;IACpC,YAAY,EAAE,gBAAgB,CAAC;IAC/B,aAAa,EAAE,iBAAiB,CAAC;IACjC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,aAAa,EAAE,aAAa,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAGL,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,EACtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAKL,KAAK,qBAAqB,EAC3B,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG,WAAW,GAAG,iBAAiB,CAAC;AAE3E;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC,6CAA6C;IAC7C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,6DAA6D;IAC7D,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,2DAA2D;IAC3D,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,yCAAyC;IACzC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,oDAAoD;IACpD,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED;;;;;;GAMG;AACH,MAAM,MAAM,uBAAuB,GAAG;IACpC,YAAY,EAAE,gBAAgB,CAAC;IAC/B,aAAa,EAAE,iBAAiB,CAAC;IACjC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,aAAa,EAAE,aAAa,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;IAC3C;;;OAGG;IACH,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD;;;OAGG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;;OAGG;IACH,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC,CAAC;AAEF,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,OAAO,GAAG,gBAAgB,CAIpE;AAED,wBAAgB,sBAAsB,CACpC,GAAG,EAAE,OAAO,EACZ,IAAI,EAAE,gBAAgB,GACrB,iBAAiB,CAKnB;AAED,wBAAgB,sBAAsB,CACpC,GAAG,EAAE,OAAO,EACZ,IAAI,EAAE,gBAAgB,GACrB,aAAa,CAQf;AAED,wBAAgB,0BAA0B,CAAC,GAAG,EAAE,OAAO,GAAG,qBAAqB,CAI9E;AAED,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAItF;AAED,wBAAgB,0BAA0B,CAAC,GAAG,EAAE,OAAO,GAAG,sBAAsB,GAAG,SAAS,CAG3F;AAED;;;;;GAKG;AACH,wBAAgB,+BAA+B,CAAC,GAAG,EAAE,OAAO,GAAG,sBAAsB,GAAG,SAAS,CAYhG;AAED;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,GAAG,GAAG,uBAAuB,CA2BhF;AAED,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,iBAAiB,GAAG,mBAAmB,CAOjF;AA8CD,wBAAgB,qBAAqB,CAAC,IAAI,EAAE;IAC1C,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IACnC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,WAAW,EAAE,mBAAmB,CAAC;CAClC,GAAG;IAAE,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAAC,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAAE,CAsF3F"}
|
package/dist/runtime/policy.js
CHANGED
|
@@ -51,6 +51,36 @@ export function normalizeFolderPermissions(raw) {
|
|
|
51
51
|
return undefined;
|
|
52
52
|
return raw;
|
|
53
53
|
}
|
|
54
|
+
/**
|
|
55
|
+
* Extracts guardrail pack overrides from `security.guardrailPacks` in agent config.
|
|
56
|
+
*
|
|
57
|
+
* @param raw - The `security.guardrailPacks` value from agent.config.json.
|
|
58
|
+
* @returns Normalized overrides, or `undefined` if none specified.
|
|
59
|
+
*/
|
|
60
|
+
export function normalizeGuardrailPackOverrides(raw) {
|
|
61
|
+
if (!raw || typeof raw !== 'object' || Array.isArray(raw))
|
|
62
|
+
return undefined;
|
|
63
|
+
const obj = raw;
|
|
64
|
+
const result = {};
|
|
65
|
+
let hasAny = false;
|
|
66
|
+
for (const [key, value] of Object.entries(obj)) {
|
|
67
|
+
if (typeof value === 'boolean') {
|
|
68
|
+
result[key] = value;
|
|
69
|
+
hasAny = true;
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
return hasAny ? result : undefined;
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Normalizes the full runtime policy from agent config (merged with CLI overrides).
|
|
76
|
+
*
|
|
77
|
+
* This is the single source of truth for all runtime security decisions.
|
|
78
|
+
* CLI flags like `--security-tier`, `--no-guardrails`, and `--guardrails=...`
|
|
79
|
+
* should be merged into the `agentConfig` object before calling this function.
|
|
80
|
+
*
|
|
81
|
+
* @param agentConfig - Merged agent config object (config file + CLI overrides).
|
|
82
|
+
* @returns Fully normalized runtime policy.
|
|
83
|
+
*/
|
|
54
84
|
export function normalizeRuntimePolicy(agentConfig) {
|
|
55
85
|
const securityTier = normalizeSecurityTier(agentConfig?.securityTier ?? agentConfig?.security?.tier);
|
|
56
86
|
const permissionSet = normalizePermissionSet(agentConfig?.permissionSet ?? agentConfig?.security?.permissionSet, securityTier);
|
|
@@ -58,7 +88,23 @@ export function normalizeRuntimePolicy(agentConfig) {
|
|
|
58
88
|
const executionMode = normalizeExecutionMode(agentConfig?.executionMode, securityTier);
|
|
59
89
|
const wrapToolOutputs = normalizeWrapToolOutputs(agentConfig?.security?.wrapToolOutputs, securityTier);
|
|
60
90
|
const folderPermissions = normalizeFolderPermissions(agentConfig?.security?.folderPermissions);
|
|
61
|
-
|
|
91
|
+
const guardrailPackOverrides = normalizeGuardrailPackOverrides(agentConfig?.security?.guardrailPacks);
|
|
92
|
+
// CLI-level guardrail flags (injected by chat.ts / start command before calling this).
|
|
93
|
+
const disableGuardrailPacks = agentConfig?.disableGuardrailPacks === true;
|
|
94
|
+
const enableOnlyGuardrailPacks = Array.isArray(agentConfig?.enableOnlyGuardrailPacks) && agentConfig.enableOnlyGuardrailPacks.length > 0
|
|
95
|
+
? agentConfig.enableOnlyGuardrailPacks
|
|
96
|
+
: undefined;
|
|
97
|
+
return {
|
|
98
|
+
securityTier,
|
|
99
|
+
permissionSet,
|
|
100
|
+
toolAccessProfile,
|
|
101
|
+
executionMode,
|
|
102
|
+
wrapToolOutputs,
|
|
103
|
+
folderPermissions,
|
|
104
|
+
guardrailPackOverrides,
|
|
105
|
+
disableGuardrailPacks,
|
|
106
|
+
enableOnlyGuardrailPacks,
|
|
107
|
+
};
|
|
62
108
|
}
|
|
63
109
|
export function getPermissionsForSet(name) {
|
|
64
110
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,eAAe,EACf,cAAc,GAIf,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,oBAAoB,EACpB,eAAe,EACf,wBAAwB,GAGzB,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../src/runtime/policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,eAAe,EACf,cAAc,GAIf,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,oBAAoB,EACpB,eAAe,EACf,wBAAwB,GAGzB,MAAM,iCAAiC,CAAC;AAsDzC,MAAM,UAAU,qBAAqB,CAAC,GAAY;IAChD,MAAM,CAAC,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAClE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,cAAc,CAAC;QAAE,OAAO,CAAqB,CAAC;IAC7D,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,GAAY,EACZ,IAAsB;IAEtB,MAAM,CAAC,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,eAAe,CAAC;QAAE,OAAO,CAAsB,CAAC;IAC/D,0DAA0D;IAC1D,OAAO,cAAc,CAAC,IAAI,CAAC,EAAE,aAAa,IAAI,YAAY,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,GAAY,EACZ,IAAsB;IAEtB,MAAM,CAAC,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,IAAI,CAAC,KAAK,YAAY,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,iBAAiB;QAAE,OAAO,CAAC,CAAC;IAEjF,2CAA2C;IAC3C,IAAI,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,YAAY;QAAE,OAAO,YAAY,CAAC;IACvE,IAAI,IAAI,KAAK,UAAU;QAAE,OAAO,WAAW,CAAC;IAC5C,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,GAAY;IACrD,MAAM,CAAC,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,IAAI,CAAC,IAAI,wBAAwB,CAAC,CAAC,CAAC;QAAE,OAAO,CAAC,CAAC;IAC/C,OAAO,WAAW,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,GAAY,EAAE,IAAsB;IAC3E,kDAAkD;IAClD,IAAI,OAAO,GAAG,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC;IACzC,OAAO,IAAI,KAAK,WAAW,CAAC;AAC9B,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,GAAY;IACrD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5E,OAAO,GAA6B,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,+BAA+B,CAAC,GAAY;IAC1D,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5E,MAAM,GAAG,GAAG,GAA8B,CAAC;IAC3C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAc,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAC7B,MAAM,GAAG,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AACrC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,sBAAsB,CAAC,WAAgB;IACrD,MAAM,YAAY,GAAG,qBAAqB,CAAC,WAAW,EAAE,YAAY,IAAI,WAAW,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;IACrG,MAAM,aAAa,GAAG,sBAAsB,CAAC,WAAW,EAAE,aAAa,IAAI,WAAW,EAAE,QAAQ,EAAE,aAAa,EAAE,YAAY,CAAC,CAAC;IAC/H,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;IACrF,MAAM,aAAa,GAAG,sBAAsB,CAAC,WAAW,EAAE,aAAa,EAAE,YAAY,CAAC,CAAC;IACvF,MAAM,eAAe,GAAG,wBAAwB,CAAC,WAAW,EAAE,QAAQ,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC;IACvG,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,WAAW,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC/F,MAAM,sBAAsB,GAAG,+BAA+B,CAAC,WAAW,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IAEtG,uFAAuF;IACvF,MAAM,qBAAqB,GAAG,WAAW,EAAE,qBAAqB,KAAK,IAAI,CAAC;IAC1E,MAAM,wBAAwB,GAC5B,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,wBAAwB,CAAC,IAAI,WAAW,CAAC,wBAAwB,CAAC,MAAM,GAAG,CAAC;QACrG,CAAC,CAAC,WAAW,CAAC,wBAAwB;QACtC,CAAC,CAAC,SAAS,CAAC;IAEhB,OAAO;QACL,YAAY;QACZ,aAAa;QACb,iBAAiB;QACjB,aAAa;QACb,eAAe;QACf,iBAAiB;QACjB,sBAAsB;QACtB,qBAAqB;QACrB,wBAAwB;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,IAAuB;IAC1D,OAAO;QACL,UAAU,EAAE,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;QACnD,OAAO,EAAE,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE;QAC7C,MAAM,EAAE,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE;QAC3C,IAAI,EAAE,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE;KACxC,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB;IAC5C,OAAO,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,gBAAgB,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,WAAW,CAAC;AACzJ,CAAC;AAED,SAAS,qBAAqB,CAAC,QAAgB;IAC7C,OAAO,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,YAAY,CAAC;AAC5H,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,OAAO,QAAQ,KAAK,eAAe,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,YAAY,CAAC;AACjG,CAAC;AAED,SAAS,aAAa,CAAC,IAAkB;IACvC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,IAAI,KAAK,YAAY,IAAI,IAAI,KAAK,aAAa;QAAE,OAAO,IAAI,CAAC;IACjE,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACzG,CAAC;IACD,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACxF,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,UAAU;QAAE,OAAO,IAAI,CAAC;IACxD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,2BAA2B,CAAC,IAAkB;IACrD,6EAA6E;IAC7E,4EAA4E;IAC5E,sDAAsD;IACtD,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAE/C,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACxF,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,GAAG,KAAK,YAAY,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC/E,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAgB;IACxC,OAAO,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,sBAAsB,CAAC;AAC3E,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB;IACzC,OAAO,QAAQ,KAAK,cAAc,CAAC;AACrC,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,IAIrC;IACC,MAAM,OAAO,GAAG,oBAAoB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC5C,MAAM,OAAO,GAA4C,EAAE,CAAC;IAE5D,SAAS,eAAe,CAAC,IAAkB;QACzC,gDAAgD;QAChD,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxC,IAAI,IAAI;YAAE,OAAO,IAAI,CAAC;QAEtB,kEAAkE;QAClE,MAAM,CAAC,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACtF,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC;QAEzB,IAAI,CAAC,KAAK,UAAU;YAAE,OAAO,QAAQ,CAAC;QACtC,IAAI,CAAC,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAC;QACpC,IAAI,CAAC,KAAK,OAAO;YAAE,OAAO,OAAO,CAAC;QAClC,IAAI,CAAC,KAAK,cAAc;YAAE,OAAO,cAAc,CAAC;QAChD,IAAI,CAAC,KAAK,eAAe,IAAI,CAAC,KAAK,gBAAgB;YAAE,OAAO,eAAe,CAAC;QAC5E,IAAI,CAAC,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAC;QACpC,IAAI,CAAC,KAAK,QAAQ;YAAE,OAAO,QAAQ,CAAC;QACpC,IAAI,CAAC,KAAK,YAAY;YAAE,OAAO,YAAY,CAAC;QAE5C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,SAAS,kBAAkB,CAAC,IAAkB;QAC5C,yDAAyD;QACzD,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,GAAiB,YAAY,CAAC;YACvC,IAAI,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC1D,OAAO,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClC,MAAM,GAAG,GAAiB,QAAQ,CAAC;YACnC,IAAI,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC1D,OAAO,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,GAAG;YAAE,OAAO,OAAO,CAAC,IAAI,KAAK,cAAc,CAAC;QACjD,IAAI,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAC1D,OAAO,OAAO,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QAClD,IAAI,CAAC,IAAI,EAAE,IAAI;YAAE,SAAS;QAE1B,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,kCAAkC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC5F,SAAS;QACX,CAAC;QAED,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YACjF,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,iDAAiD,EAAE,CAAC,CAAC;YAC7F,SAAS;QACX,CAAC;QACD,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;YACnF,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,kDAAkD,EAAE,CAAC,CAAC;YAC9F,SAAS;QACX,CAAC;QACD,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YACnF,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,qDAAqD,EAAE,CAAC,CAAC;YACjG,SAAS;QACX,CAAC;QACD,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YAC1E,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,sDAAsD,EAAE,CAAC,CAAC;YAClG,SAAS;QACX,CAAC;QACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;YAC7E,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,iDAAiD,EAAE,CAAC,CAAC;YAC7F,SAAS;QACX,CAAC;QACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAC/E,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,kDAAkD,EAAE,CAAC,CAAC;YAC9F,SAAS;QACX,CAAC;QACD,IAAI,2BAA2B,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YACxF,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,sDAAsD,EAAE,CAAC,CAAC;YAClG,SAAS;QACX,CAAC;QAED,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AACnC,CAAC"}
|
|
@@ -19,7 +19,7 @@ import { type StepUpAuthorizationConfig } from '../core/types.js';
|
|
|
19
19
|
* Detects when a tool returned success but with an empty results array.
|
|
20
20
|
* Used to inject `suggestedFallbacks` so the LLM tries alternative tools.
|
|
21
21
|
*/
|
|
22
|
-
export { getGuardrailsInstance, safeJsonStringify, truncateString, buildToolDefs, openaiChatWithTools, type ToolInstance, type ToolCallMessage, type LLMProviderConfig, } from './tool-helpers.js';
|
|
22
|
+
export { getGuardrailsInstance, getSecurityPipeline, initializeSecurityPipeline, resetSecurityPipeline, safeJsonStringify, truncateString, buildToolDefs, openaiChatWithTools, type ToolInstance, type ToolCallMessage, type LLMProviderConfig, type SecurityPipelineInitOptions, } from './tool-helpers.js';
|
|
23
23
|
import type { ToolInstance, LLMProviderConfig } from './tool-helpers.js';
|
|
24
24
|
export declare function runToolCallingTurn(opts: {
|
|
25
25
|
providerId?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tool-calling.d.ts","sourceRoot":"","sources":["../../src/runtime/tool-calling.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EACL,0BAA0B,EAC3B,MAAM,gDAAgD,CAAC;AACxD,OAAO,EAGL,KAAK,yBAAyB,EAC/B,MAAM,kBAAkB,CAAC;AAwC1B;;;GAGG;AAGH,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,mBAAmB,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,iBAAiB,
|
|
1
|
+
{"version":3,"file":"tool-calling.d.ts","sourceRoot":"","sources":["../../src/runtime/tool-calling.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EACL,0BAA0B,EAC3B,MAAM,gDAAgD,CAAC;AACxD,OAAO,EAGL,KAAK,yBAAyB,EAC/B,MAAM,kBAAkB,CAAC;AAwC1B;;;GAGG;AAGH,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,0BAA0B,EAC1B,qBAAqB,EACrB,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,mBAAmB,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,2BAA2B,GACjC,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AA2BzE,wBAAsB,kBAAkB,CAAC,IAAI,EAAE;IAC7C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACzC,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IACnC;;;OAGG;IACH,QAAQ,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1C,2EAA2E;IAC3E,WAAW,CAAC,EAAE,MAAM,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACnD,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B,EAAE,OAAO,CAAC;IACpC,2FAA2F;IAC3F,gBAAgB,CAAC,EAAE,yBAAyB,CAAC;IAC7C,aAAa,EAAE,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IACvF,0EAA0E;IAC1E,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE;QACrB,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,KAAK,CAAC;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,cAAc,EAAE,OAAO,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;SAAE,CAAC,CAAC;KAChG,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IACvB,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;IACzE,4FAA4F;IAC5F,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9B,OAAO,EAAE,OAAO,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,MAAM,CAAC;KACpB,KAAK,IAAI,CAAC;IACX,4FAA4F;IAC5F,oBAAoB,CAAC,EAAE,0BAA0B,CAAC;IAClD,0DAA0D;IAC1D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,2CAA2C;IAC3C,UAAU,CAAC,EAAE,CAAC,YAAY,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,KAAK,IAAI,CAAC;IACrE,yFAAyF;IACzF,SAAS,CAAC,EAAE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC3C,+DAA+D;IAC/D,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,sDAAsD;IACtD,eAAe,CAAC,EAAE,WAAW,GAAG,aAAa,CAAC;IAC9C,uFAAuF;IACvF,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,uGAAuG;IACvG,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE;QACtB,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,KAAK,IAAI,CAAC;CACZ,GAAG,OAAO,CAAC,MAAM,CAAC,CAmrBlB"}
|
|
@@ -49,8 +49,8 @@ const TOOL_FALLBACK_MAP = {
|
|
|
49
49
|
* Used to inject `suggestedFallbacks` so the LLM tries alternative tools.
|
|
50
50
|
*/
|
|
51
51
|
// Helpers, types, and utilities extracted to tool-helpers.ts
|
|
52
|
-
export { getGuardrailsInstance, safeJsonStringify, truncateString, buildToolDefs, openaiChatWithTools, } from './tool-helpers.js';
|
|
53
|
-
import { isEmptySearchResult, getGuardrails, safeJsonStringify, toAuthorizableTool, createAuthorizationManager, parseProviderId, toAnthropicMessagePayload, anthropicMessagesRequest, toAnthropicTools, openaiChatWithTools, redactToolOutputForLLM, getStringProp, getBooleanProp, normalizeToolFailureMode, wrapUntrustedToolOutput, getAgentIdForGuardrails, getAgentWorkspaceDirFromContext, maybeConfigureGuardrailsForAgent, emitOtelLog, withSpan, buildStrictToolNameError, shouldLogRewrite, } from "./tool-helpers.js";
|
|
52
|
+
export { getGuardrailsInstance, getSecurityPipeline, initializeSecurityPipeline, resetSecurityPipeline, safeJsonStringify, truncateString, buildToolDefs, openaiChatWithTools, } from './tool-helpers.js';
|
|
53
|
+
import { isEmptySearchResult, getGuardrails, safeJsonStringify, toAuthorizableTool, createAuthorizationManager, parseProviderId, toAnthropicMessagePayload, anthropicMessagesRequest, toAnthropicTools, openaiChatWithTools, redactToolOutputForLLM, getStringProp, getBooleanProp, normalizeToolFailureMode, wrapUntrustedToolOutput, getAgentIdForGuardrails, getAgentWorkspaceDirFromContext, maybeConfigureGuardrailsForAgent, emitOtelLog, withSpan, buildStrictToolNameError, shouldLogRewrite, getSecurityPipeline, } from "./tool-helpers.js";
|
|
54
54
|
export async function runToolCallingTurn(opts) {
|
|
55
55
|
const rounds = opts.maxRounds > 0 ? opts.maxRounds : 8;
|
|
56
56
|
const debugMode = opts.debug ?? (process.env.DEBUG === '1' || process.env.DEBUG === 'true' || process.env.WUNDERLAND_DEBUG === '1');
|
|
@@ -75,6 +75,37 @@ export async function runToolCallingTurn(opts) {
|
|
|
75
75
|
catch {
|
|
76
76
|
// Non-fatal: guardrails will still deny filesystem tools when configured to require it.
|
|
77
77
|
}
|
|
78
|
+
// ── Content Security Pipeline: evaluate user input before LLM call ────────
|
|
79
|
+
// The pipeline runs Pre-LLM Classification + guardrail extension packs on
|
|
80
|
+
// the latest user message. If the input is blocked, we return immediately
|
|
81
|
+
// without invoking the LLM.
|
|
82
|
+
const contentPipeline = getSecurityPipeline();
|
|
83
|
+
if (contentPipeline) {
|
|
84
|
+
try {
|
|
85
|
+
// Extract the most recent user message text for classification.
|
|
86
|
+
const lastMsg = opts.messages[opts.messages.length - 1];
|
|
87
|
+
const userText = lastMsg?.role === 'user' && typeof lastMsg.content === 'string'
|
|
88
|
+
? lastMsg.content
|
|
89
|
+
: undefined;
|
|
90
|
+
if (userText) {
|
|
91
|
+
contentPipeline.reset();
|
|
92
|
+
const inputResult = await contentPipeline.evaluateInput({
|
|
93
|
+
input: { textInput: userText },
|
|
94
|
+
});
|
|
95
|
+
if (inputResult?.action === 'block') {
|
|
96
|
+
const blockReason = inputResult.metadata?.reason ??
|
|
97
|
+
inputResult.metadata?.explanation ??
|
|
98
|
+
'Input blocked by security pipeline.';
|
|
99
|
+
const blockMsg = `I'm unable to process that request. ${blockReason}`;
|
|
100
|
+
opts.messages.push({ role: 'assistant', content: blockMsg });
|
|
101
|
+
return blockMsg;
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
catch {
|
|
106
|
+
// Non-fatal: if input evaluation fails, proceed without blocking.
|
|
107
|
+
}
|
|
108
|
+
}
|
|
78
109
|
// Use provided manager or create one based on permission mode
|
|
79
110
|
const authManager = opts.authorizationManager ?? createAuthorizationManager({
|
|
80
111
|
dangerouslySkipPermissions: opts.dangerouslySkipPermissions,
|
|
@@ -298,6 +329,24 @@ export async function runToolCallingTurn(opts) {
|
|
|
298
329
|
content = content.replace(/<think>[\s\S]*?<\/think>\s*/g, '').trim();
|
|
299
330
|
// Also strip leading **<think>...</think>** markdown-wrapped variants.
|
|
300
331
|
content = content.replace(/\*{0,2}<think>[\s\S]*?<\/think>\*{0,2}\s*/g, '').trim();
|
|
332
|
+
// ── Content Security Pipeline: evaluate LLM output ──────────────
|
|
333
|
+
// Run Dual-LLM Auditor + guardrail extension packs on the final
|
|
334
|
+
// assistant response. If blocked, replace with a safe message.
|
|
335
|
+
if (contentPipeline && content) {
|
|
336
|
+
try {
|
|
337
|
+
const outputResult = await contentPipeline.evaluateOutput({
|
|
338
|
+
chunk: { finalResponseText: content },
|
|
339
|
+
});
|
|
340
|
+
if (outputResult?.action === 'block') {
|
|
341
|
+
const safeMsg = 'I generated a response but it was blocked by the security pipeline. Please try rephrasing your request.';
|
|
342
|
+
opts.messages.push({ role: 'assistant', content: safeMsg });
|
|
343
|
+
return safeMsg;
|
|
344
|
+
}
|
|
345
|
+
}
|
|
346
|
+
catch {
|
|
347
|
+
// Non-fatal: if output evaluation fails, return the original content.
|
|
348
|
+
}
|
|
349
|
+
}
|
|
301
350
|
opts.messages.push({ role: 'assistant', content: content || '(no content)' });
|
|
302
351
|
return content || '';
|
|
303
352
|
}
|