Types

Complete TypeScript type reference for @sentinel-sdk/core

4 min read

Types

All types are exported from @sentinel-sdk/core. All fields are readonly.

Union Types

ThreatType

typescript

type ThreatType =
  | 'ROLE_OVERRIDE'
  | 'DRAIN_INTENT'
  | 'URGENCY_MANIPULATION'
  | 'JAILBREAK'
  | 'CONTEXT_MANIPULATION'
  | 'OUT_OF_SCOPE'

The category of threat detected by the PromptGuard.

RiskLevel

typescript

type RiskLevel = 'low' | 'medium' | 'high' | 'critical'

Risk severity computed by the RiskScorer. Maps to score ranges: low (0–29), medium (30–59), high (60–84), critical (85–100).

ScanMode

typescript

type ScanMode = 'llm' | 'rules' | 'both'

The mode used for a PromptGuard scan. The mode_used field in ScanResult reflects which mode actually ran.

SentinelMode

typescript

type SentinelMode = 'full' | 'guard-only' | 'sandbox-only'

Controls which pipeline components are active.

LLMProvider

typescript

type LLMProvider = 'anthropic' | 'openai' | 'custom'

The LLM backend for the judge. Use 'custom' with a baseUrl for OpenAI-compatible APIs.

SentinelEvent

typescript

type SentinelEvent =
  | 'threat:detected'
  | 'tx:simulated'
  | 'policy:violated'

Event names for the sentinel.on() / sentinel.off() API.

Result Types

ScanResult

Returned by PromptGuard.scanInput() and Sentinel.scanInput().

typescript

interface ScanResult {
  readonly safe: boolean
  readonly threatType?: ThreatType
  readonly confidence?: number
  readonly flags: readonly RiskFlag[]
  readonly mode_used: ScanMode
  readonly latency_ms: number
  readonly reasoning?: string
}

Field	Description
`safe`	`true` if no threat was detected
`threatType`	Category of detected threat (present when `safe: false`)
`confidence`	0–1 detection confidence (present for LLM results)
`flags`	Individual risk signals
`mode_used`	Scan mode that produced this result
`latency_ms`	Time taken to produce the result
`reasoning`	LLM explanation (LLM mode only)

SimulationResult

Returned by ExecutionSandbox.evaluate() and Sentinel.evaluateTransaction().

typescript

interface SimulationResult {
  readonly approved: boolean
  readonly riskScore: number
  readonly riskLevel: RiskLevel
  readonly riskFlags: readonly RiskFlag[]
  readonly policyViolations: readonly PolicyViolation[]
  readonly balanceChanges: readonly TokenChange[]
  readonly programInvocations: readonly string[]
  readonly latency_ms: number
}

Field	Description
`approved`	`false` if risk exceeds threshold or policy is violated
`riskScore`	0–100 composite risk score
`riskLevel`	Categorical risk level
`riskFlags`	Factors contributing to the risk score
`policyViolations`	Policy rules that were violated
`balanceChanges`	Detected token/SOL balance changes
`programInvocations`	Program IDs the transaction invokes
`latency_ms`	Total simulation time

ExecutionResult

Returned by Sentinel.execute().

typescript

interface ExecutionResult {
  readonly approved: boolean
  readonly guardResult?: ScanResult
  readonly sandboxResult?: SimulationResult
  readonly blocked_by?: 'prompt_guard' | 'execution_sandbox'
  readonly latency_ms: number
}

Supporting Types

AgentAction

Input to Sentinel.execute().

typescript

interface AgentAction {
  readonly input?: string
  readonly transaction?: string
  readonly metadata?: Readonly<Record<string, unknown>>
}

RiskFlag

A single risk signal contributing to a score or scan result.

typescript

interface RiskFlag {
  readonly factor: string
  readonly weight: number
  readonly score: number
  readonly description: string
}

PolicyViolation

A policy rule that was violated during sandbox evaluation.

typescript

interface PolicyViolation {
  readonly rule: string
  readonly message: string
  readonly details?: Readonly<Record<string, unknown>>
}

TokenChange

A token balance change detected during simulation.

typescript

interface TokenChange {
  readonly mint: string
  readonly symbol?: string
  readonly amount: number
  readonly decimals: number
}

RuleDefinition

A single rule entry in a YAML rule pack.

typescript

interface RuleDefinition {
  readonly id: string
  readonly description: string
  readonly pattern: string
  readonly flags?: string
  readonly action: 'BLOCK' | 'FLAG'
  readonly severity: RiskLevel
  readonly threat_type: ThreatType
}

RulePack

A collection of rules loaded by the RuleEngine.

typescript

interface RulePack {
  readonly name: string
  readonly version: string
  readonly description: string
  readonly rules: readonly RuleDefinition[]
}

SentinelEventData

Maps event names to their payload types.

typescript

interface SentinelEventData {
  readonly 'threat:detected': { readonly result: ScanResult }
  readonly 'tx:simulated': { readonly result: SimulationResult }
  readonly 'policy:violated': { readonly violation: PolicyViolation }
}