import { guardTool } from '@agntor/sdk';

const policy = { toolBlocklist: ['shell.exec', 'fs.rm'] };

// guardTool(toolName, args?, policy?)
const result = guardTool('shell.exec', undefined, policy);

if (!result.allowed) {
  console.log(result.reason);       // "Tool 'shell.exec' is blocked by policy"
  console.log(result.violations);   // ["tool-blocked"]
}

const policy = {
  // Block specific tools
  toolBlocklist: ['shell.exec', 'fs.rm'],

  // OR allow only specific tools (mutually exclusive with blocklist)
  toolAllowlist: ['fetchUrl', 'readFile'],

  // Custom validation function
  toolValidator: (tool, args) => {
    if (tool === 'fetchUrl' && args?.url?.includes('internal')) {
      return 'Cannot access internal URLs';  // string = block with reason
    }
    return true;  // boolean = allow/block
  },
};

import { wrapAgentTool } from '@agntor/sdk';

const fetchData = async (url: string) => {
  const res = await fetch(url);
  return res.text();
};

const safeFetch = wrapAgentTool(fetchData, {
  policy: {
    toolBlocklist: ['dangerousTool'],
  },
  ssrfCheck: true,  // validates URLs against private IPs (default: true)
});

// Arguments are automatically:
// 1. Checked against the tool policy
// 2. Scanned for prompt injection
// 3. Redacted for PII/secrets (strings and nested objects)
// 4. Validated for SSRF (if args contain URLs)
const result = await safeFetch('https://api.example.com/data');