Release v0.0.1

.dockerignore

@@ -0,0 +1,12 @@
+node_modules
+.venv
+.git
+dist
+coverage
+test-results
+playwright-report
+*.log
+.cache
+__pycache__
+.env*
+!.env.agents.example

.env.example

@@ -0,0 +1,7 @@
+# Spellguard component env files live next to each component:
+#
+#   packages/verifier/.env.example        - Verifier server config
+#   packages/agents/agent-a/.env.example  - Agent A secrets (OPENROUTER_API_KEY)
+#   packages/agents/agent-b/.env.example  - Agent B secrets (OPENROUTER_API_KEY)
+#
+# Copy each .env.example to .env in its respective directory and fill in values.

.gitattributes

@@ -0,0 +1,2 @@
+# Normalize line endings to LF on commit
+* text=auto eol=lf

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# Default reviewers for every PR. Add more specific lines below to route
+# package-level changes to subject-matter owners.
+*       @Spellguard/spellguard-team

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,88 @@
+name: Bug report
+description: Report a defect in Spellguard
+labels: [bug]
+body:
+  - type: textarea
+    id: summary
+    attributes:
+      label: Summary
+      description: One or two sentences describing the bug.
+    validations:
+      required: true
+
+  - type: dropdown
+    id: package
+    attributes:
+      label: Affected package
+      multiple: true
+      options:
+        - "@spellguard/client"
+        - "@spellguard/verifier"
+        - "@spellguard/ctls"
+        - "@spellguard/amp"
+        - "@spellguard/langchain"
+        - "@spellguard/openai"
+        - "@openclaw/spellguard"
+        - "@spellguard/policy-sdk"
+        - "@spellguard/policy-catalog"
+        - "@spellguard/mcp-guard"
+        - spellguard-client (Python)
+        - spellguard-langchain (Python)
+        - spellguard-crewai (Python)
+        - spellguard-ctls (Python)
+        - spellguard-amp (Python)
+        - Other / unsure
+    validations:
+      required: true
+
+  - type: input
+    id: version
+    attributes:
+      label: Version
+      description: Release tag, branch, or commit SHA.
+      placeholder: v0.1.0
+    validations:
+      required: true
+
+  - type: textarea
+    id: repro
+    attributes:
+      label: Reproduction steps
+      description: Minimal steps to trigger the bug. Include code snippets or a link to a repro repo if possible.
+      placeholder: |
+        1. ...
+        2. ...
+        3. ...
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+      description: Include error messages, stack traces, or logs.
+    validations:
+      required: true
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: Environment
+      description: OS, Node version, Python version, pnpm version — whatever's relevant.
+      placeholder: |
+        - OS: macOS 14.5
+        - Node: 24.1.0
+        - pnpm: 9.15.0
+        - Python: 3.13.1
+
+  - type: textarea
+    id: extra
+    attributes:
+      label: Additional context

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security vulnerability
+    url: https://github.com/Spellguard/spellguard/security/advisories/new
+    about: Report a security issue privately. Do not file public issues for vulnerabilities.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,31 @@
+name: Feature request
+description: Suggest an enhancement or new capability
+labels: [enhancement]
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem
+      description: What is the user-facing problem this would solve? Why can't you accomplish it today?
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed solution
+      description: Sketch the API or behavior change you have in mind. Code samples welcome.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Other approaches you weighed, and why you preferred the proposal.
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional context
+      description: Links, prior art, related issues.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,34 @@
+<!--
+Thanks for contributing to Spellguard! Please fill in the sections below.
+For security-sensitive issues, do NOT open a PR — see SECURITY.md.
+-->
+
+## Summary
+
+<!-- One or two sentences. What does this change and why? -->
+
+## Motivation
+
+<!-- What problem does this solve? Link any related issues with "Fixes #123". -->
+
+## Changes
+
+<!-- Bulleted list of the substantive changes in this PR. -->
+
+-
+-
+
+## Test plan
+
+<!-- How did you verify this works? Include commands or test names. -->
+
+- [ ] `pnpm run typecheck`
+- [ ] `pnpm run lint:check`
+- [ ] `pnpm run test`
+- [ ] `pnpm run test:python` (if Python packages touched)
+
+## Checklist
+
+- [ ] I have added or updated tests covering the new behavior.
+- [ ] I have updated documentation (README, package READMEs) where relevant.
+- [ ] My commits are signed and follow Apache-2.0 (`SPDX-License-Identifier: Apache-2.0` headers on new source files).

.github/workflows/ci.yml

@@ -0,0 +1,56 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+jobs:
+  node:
+    name: Node (lint + typecheck + test)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+
+      # pnpm version comes from package.json's "packageManager" field.
+      # Setting `version:` here would conflict and fail with
+      # ERR_PNPM_BAD_PM_VERSION.
+      - uses: pnpm/action-setup@v5
+
+      - uses: actions/setup-node@v5
+        with:
+          node-version: 24
+          cache: pnpm
+
+      - run: pnpm install --frozen-lockfile
+
+      # Workspace packages resolve each other through ./dist/, so libs must
+      # be built before typecheck/test can resolve cross-package imports.
+      - run: pnpm run build:libs
+
+      - run: pnpm run lint:check
+
+      - run: pnpm run typecheck
+
+      - run: pnpm run test
+
+  python:
+    name: Python (pytest)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.13'
+          cache: pip
+          cache-dependency-path: requirements.txt
+
+      - run: python -m venv .venv
+      - run: .venv/bin/pip install -r requirements.txt
+
+      - run: .venv/bin/python -m pytest tests/ -k test_python_ -m 'not integration' -v --tb=short

.gitignore

@@ -0,0 +1,66 @@
+# Dependencies
+node_modules/
+.pnpm-store/
+
+# Build outputs
+dist/
+*.tsbuildinfo
+
+# Environment files (contain secrets)
+.env
+.env.local
+.env.*.local
+.dev.vars
+.env.agents
+.env.agents.*
+!.env.agents.example
+.env.production
+!.env.production.example
+.env.staging
+!.env.staging.example
+**/examples/*.env
+
+# Cloudflare Workers
+.wrangler/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# Git worktrees
+.worktrees/
+
+# Python
+.venv/
+__pycache__/
+*.pyc
+*.egg-info/
+.cache/
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Logs
+*.log
+npm-debug.log*
+
+# Test coverage
+coverage/
+
+# Playwright
+test-results/
+playwright-report/
+
+# Keys and credentials (NEVER commit these)
+*.pem
+*.key
+credentials.json
+
+# Verifier local runtime state
+packages/verifier/data/
+
+# OpenClaw plugin scan results (generated at runtime)
+spellguard-scan-results.json

.npmrc

@@ -0,0 +1,3 @@
+# Use hoisted node_modules so Wrangler (esbuild) can resolve dependencies on Windows.
+# Without this, pnpm's symlink layout can cause "Cannot read directory" when bundling agents.
+node-linker=hoisted

CHANGELOG.md

@@ -0,0 +1,14 @@
+# Changelog
+
+All notable changes to this project are documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)
+once it reaches `1.0.0`. Pre-`1.0.0` releases may contain breaking changes
+in any minor version bump — see the release notes for details.
+
+## [0.0.1] — 2026-05-18
+
+Initial OSS export of the Spellguard subset: client middleware, Verifier
+proxy server, cTLS, AMP, LangChain / OpenAI / OpenClaw adapters, policy
+SDK and catalog, demo agents, and the cross-language Python ports.