Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@aegis-sdk/core
Advanced tools
@aegis-sdk/core - npm Package Compare versions
+69
-2
@@ -55,3 +55,3 @@ /** | ||
| } | ||
| type DetectionType = "instruction_override" | "role_manipulation" | "skeleton_key" | "delimiter_escape" | "encoding_attack" | "adversarial_suffix" | "many_shot" | "multi_language" | "virtualization" | "markdown_injection" | "context_flooding" | "custom"; | ||
| type DetectionType = "instruction_override" | "role_manipulation" | "skeleton_key" | "delimiter_escape" | "encoding_attack" | "adversarial_suffix" | "many_shot" | "multi_language" | "virtualization" | "markdown_injection" | "context_flooding" | "indirect_injection" | "tool_abuse" | "data_exfiltration" | "privilege_escalation" | "memory_poisoning" | "chain_injection" | "history_manipulation" | "denial_of_wallet" | "language_switching" | "model_fingerprinting" | "custom"; | ||
| interface LanguageResult { | ||
@@ -320,2 +320,4 @@ primary: string; | ||
| private validator; | ||
| private recovery; | ||
| private sessionQuarantined; | ||
| constructor(config?: AegisConfig); | ||
@@ -336,2 +338,16 @@ /** | ||
| /** | ||
| * Handle a blocked message according to the configured recovery mode. | ||
| * | ||
| * Recovery modes: | ||
| * - `continue`: Throw immediately (default, same as no recovery) | ||
| * - `reset-last`: Strip the offending message and return the remaining history | ||
| * - `quarantine-session`: Lock the session — all future input is blocked | ||
| * - `terminate-session`: Throw a terminal error (session must be recreated) | ||
| */ | ||
| private handleRecovery; | ||
| /** | ||
| * Check whether the current session has been quarantined. | ||
| */ | ||
| isSessionQuarantined(): boolean; | ||
| /** | ||
| * Create a TransformStream for monitoring LLM output. | ||
@@ -365,2 +381,17 @@ * | ||
| } | ||
| /** | ||
| * Error thrown when a session has been quarantined. | ||
| * No further input will be accepted until a new Aegis instance is created. | ||
| */ | ||
| declare class AegisSessionQuarantined extends Error { | ||
| constructor(); | ||
| } | ||
| /** | ||
| * Error thrown when a session is terminated due to a critical violation. | ||
| * The session cannot be recovered — a new Aegis instance must be created. | ||
| */ | ||
| declare class AegisSessionTerminated extends Error { | ||
| readonly scanResult: ScanResult; | ||
| constructor(result: ScanResult); | ||
| } | ||
| declare const aegis: { | ||
@@ -594,2 +625,38 @@ configure(config: AegisConfig): Aegis; | ||
| export { type ActionValidationRequest, type ActionValidationResult, ActionValidator, Aegis, type AegisConfig, AegisInputBlocked, type AegisPolicy, type AlertRule, type AlertingConfig, type AuditEntry, type AuditEventType, type AuditLevel, AuditLog, type AuditLogConfig, type AuditTransport, type BuiltPrompt, type ChunkStrategy, type ContentSource, type DelimiterStrategy, type Detection, type DetectionType, type EntropyResult, type ExtractionSchema, type GuardInputOptions, InputScanner, type InputScannerConfig, type LanguageResult, type LanguageSwitch, type PiiHandling, type PresetPolicy, PromptBuilder, type PromptBuilderConfig, type PromptMessage, type QuarantineMetadata, type QuarantineOptions, type Quarantined, type RecoveryConfig, type RecoveryMode, type RiskLevel, Sandbox, type SandboxConfig, type ScanResult, type ScanStrategy, type Sensitivity, StreamMonitor, type StreamMonitorConfig, type StreamViolation, type TrajectoryResult, type UnsafeUnwrapOptions, aegis, analyzeEntropy, getPreset, isActionAllowed, isQuarantined, normalizeEncoding, quarantine, resolvePolicy, shannonEntropy, tryDecodeBase64 }; | ||
| /** | ||
| * Language/script detection module. | ||
| * | ||
| * Detects Unicode script switches in text to identify language-switching | ||
| * attacks (T18). Attackers embed instructions in different scripts | ||
| * (e.g., Cyrillic, Arabic, CJK) to evade pattern-matching defenses | ||
| * that only target Latin-script prompts. | ||
| * | ||
| * This module performs script-level detection using Unicode character | ||
| * ranges -- not full NLP language identification. Script detection is | ||
| * sufficient to flag suspicious polyglot content. | ||
| */ | ||
| /** | ||
| * Detect script/language switches in a text string. | ||
| * | ||
| * Walks through the text character by character, classifying each | ||
| * code point into a Unicode script. Script-neutral characters (spaces, | ||
| * punctuation, digits) are ignored -- they do not trigger or reset | ||
| * script tracking. | ||
| * | ||
| * Returns: | ||
| * - `primary`: the most frequently occurring script in the text | ||
| * - `switches`: an array of positions where the script changes, | ||
| * recording the `from` script, the `to` script, and the character | ||
| * `position` in the original string | ||
| * | ||
| * @example | ||
| * ```ts | ||
| * const result = detectLanguageSwitches("Hello Мир"); | ||
| * // result.primary === "Latin" | ||
| * // result.switches === [{ from: "Latin", to: "Cyrillic", position: 6 }] | ||
| * ``` | ||
| */ | ||
| declare function detectLanguageSwitches(text: string): LanguageResult; | ||
| export { type ActionValidationRequest, type ActionValidationResult, ActionValidator, Aegis, type AegisConfig, AegisInputBlocked, type AegisPolicy, AegisSessionQuarantined, AegisSessionTerminated, type AlertRule, type AlertingConfig, type AuditEntry, type AuditEventType, type AuditLevel, AuditLog, type AuditLogConfig, type AuditTransport, type BuiltPrompt, type ChunkStrategy, type ContentSource, type DelimiterStrategy, type Detection, type DetectionType, type EntropyResult, type ExtractionSchema, type GuardInputOptions, InputScanner, type InputScannerConfig, type LanguageResult, type LanguageSwitch, type PiiHandling, type PresetPolicy, PromptBuilder, type PromptBuilderConfig, type PromptMessage, type QuarantineMetadata, type QuarantineOptions, type Quarantined, type RecoveryConfig, type RecoveryMode, type RiskLevel, Sandbox, type SandboxConfig, type ScanResult, type ScanStrategy, type Sensitivity, StreamMonitor, type StreamMonitorConfig, type StreamViolation, type TrajectoryResult, type UnsafeUnwrapOptions, aegis, analyzeEntropy, detectLanguageSwitches, getPreset, isActionAllowed, isQuarantined, normalizeEncoding, quarantine, resolvePolicy, shannonEntropy, tryDecodeBase64 }; |
+69
-2
@@ -55,3 +55,3 @@ /** | ||
| } | ||
| type DetectionType = "instruction_override" | "role_manipulation" | "skeleton_key" | "delimiter_escape" | "encoding_attack" | "adversarial_suffix" | "many_shot" | "multi_language" | "virtualization" | "markdown_injection" | "context_flooding" | "custom"; | ||
| type DetectionType = "instruction_override" | "role_manipulation" | "skeleton_key" | "delimiter_escape" | "encoding_attack" | "adversarial_suffix" | "many_shot" | "multi_language" | "virtualization" | "markdown_injection" | "context_flooding" | "indirect_injection" | "tool_abuse" | "data_exfiltration" | "privilege_escalation" | "memory_poisoning" | "chain_injection" | "history_manipulation" | "denial_of_wallet" | "language_switching" | "model_fingerprinting" | "custom"; | ||
| interface LanguageResult { | ||
@@ -320,2 +320,4 @@ primary: string; | ||
| private validator; | ||
| private recovery; | ||
| private sessionQuarantined; | ||
| constructor(config?: AegisConfig); | ||
@@ -336,2 +338,16 @@ /** | ||
| /** | ||
| * Handle a blocked message according to the configured recovery mode. | ||
| * | ||
| * Recovery modes: | ||
| * - `continue`: Throw immediately (default, same as no recovery) | ||
| * - `reset-last`: Strip the offending message and return the remaining history | ||
| * - `quarantine-session`: Lock the session — all future input is blocked | ||
| * - `terminate-session`: Throw a terminal error (session must be recreated) | ||
| */ | ||
| private handleRecovery; | ||
| /** | ||
| * Check whether the current session has been quarantined. | ||
| */ | ||
| isSessionQuarantined(): boolean; | ||
| /** | ||
| * Create a TransformStream for monitoring LLM output. | ||
@@ -365,2 +381,17 @@ * | ||
| } | ||
| /** | ||
| * Error thrown when a session has been quarantined. | ||
| * No further input will be accepted until a new Aegis instance is created. | ||
| */ | ||
| declare class AegisSessionQuarantined extends Error { | ||
| constructor(); | ||
| } | ||
| /** | ||
| * Error thrown when a session is terminated due to a critical violation. | ||
| * The session cannot be recovered — a new Aegis instance must be created. | ||
| */ | ||
| declare class AegisSessionTerminated extends Error { | ||
| readonly scanResult: ScanResult; | ||
| constructor(result: ScanResult); | ||
| } | ||
| declare const aegis: { | ||
@@ -594,2 +625,38 @@ configure(config: AegisConfig): Aegis; | ||
| export { type ActionValidationRequest, type ActionValidationResult, ActionValidator, Aegis, type AegisConfig, AegisInputBlocked, type AegisPolicy, type AlertRule, type AlertingConfig, type AuditEntry, type AuditEventType, type AuditLevel, AuditLog, type AuditLogConfig, type AuditTransport, type BuiltPrompt, type ChunkStrategy, type ContentSource, type DelimiterStrategy, type Detection, type DetectionType, type EntropyResult, type ExtractionSchema, type GuardInputOptions, InputScanner, type InputScannerConfig, type LanguageResult, type LanguageSwitch, type PiiHandling, type PresetPolicy, PromptBuilder, type PromptBuilderConfig, type PromptMessage, type QuarantineMetadata, type QuarantineOptions, type Quarantined, type RecoveryConfig, type RecoveryMode, type RiskLevel, Sandbox, type SandboxConfig, type ScanResult, type ScanStrategy, type Sensitivity, StreamMonitor, type StreamMonitorConfig, type StreamViolation, type TrajectoryResult, type UnsafeUnwrapOptions, aegis, analyzeEntropy, getPreset, isActionAllowed, isQuarantined, normalizeEncoding, quarantine, resolvePolicy, shannonEntropy, tryDecodeBase64 }; | ||
| /** | ||
| * Language/script detection module. | ||
| * | ||
| * Detects Unicode script switches in text to identify language-switching | ||
| * attacks (T18). Attackers embed instructions in different scripts | ||
| * (e.g., Cyrillic, Arabic, CJK) to evade pattern-matching defenses | ||
| * that only target Latin-script prompts. | ||
| * | ||
| * This module performs script-level detection using Unicode character | ||
| * ranges -- not full NLP language identification. Script detection is | ||
| * sufficient to flag suspicious polyglot content. | ||
| */ | ||
| /** | ||
| * Detect script/language switches in a text string. | ||
| * | ||
| * Walks through the text character by character, classifying each | ||
| * code point into a Unicode script. Script-neutral characters (spaces, | ||
| * punctuation, digits) are ignored -- they do not trigger or reset | ||
| * script tracking. | ||
| * | ||
| * Returns: | ||
| * - `primary`: the most frequently occurring script in the text | ||
| * - `switches`: an array of positions where the script changes, | ||
| * recording the `from` script, the `to` script, and the character | ||
| * `position` in the original string | ||
| * | ||
| * @example | ||
| * ```ts | ||
| * const result = detectLanguageSwitches("Hello Мир"); | ||
| * // result.primary === "Latin" | ||
| * // result.switches === [{ from: "Latin", to: "Cyrillic", position: 6 }] | ||
| * ``` | ||
| */ | ||
| declare function detectLanguageSwitches(text: string): LanguageResult; | ||
| export { type ActionValidationRequest, type ActionValidationResult, ActionValidator, Aegis, type AegisConfig, AegisInputBlocked, type AegisPolicy, AegisSessionQuarantined, AegisSessionTerminated, type AlertRule, type AlertingConfig, type AuditEntry, type AuditEventType, type AuditLevel, AuditLog, type AuditLogConfig, type AuditTransport, type BuiltPrompt, type ChunkStrategy, type ContentSource, type DelimiterStrategy, type Detection, type DetectionType, type EntropyResult, type ExtractionSchema, type GuardInputOptions, InputScanner, type InputScannerConfig, type LanguageResult, type LanguageSwitch, type PiiHandling, type PresetPolicy, PromptBuilder, type PromptBuilderConfig, type PromptMessage, type QuarantineMetadata, type QuarantineOptions, type Quarantined, type RecoveryConfig, type RecoveryMode, type RiskLevel, Sandbox, type SandboxConfig, type ScanResult, type ScanStrategy, type Sensitivity, StreamMonitor, type StreamMonitorConfig, type StreamViolation, type TrajectoryResult, type UnsafeUnwrapOptions, aegis, analyzeEntropy, detectLanguageSwitches, getPreset, isActionAllowed, isQuarantined, normalizeEncoding, quarantine, resolvePolicy, shannonEntropy, tryDecodeBase64 }; |
+1
-1
| { | ||
| "name": "@aegis-sdk/core", | ||
| "version": "0.0.0", | ||
| "version": "0.1.0", | ||
| "description": "Streaming-first prompt injection defense for AI applications", | ||
@@ -5,0 +5,0 @@ "license": "MIT", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
462690
43.77%- Lines of code
4656
39.19%Worsened metrics
- Number of low supply chain risk alerts
28
27.27%- Number of medium supply chain risk alerts
4
Infinity%No dependency changes