diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 8601e43..34f6842 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -1,6 +1,6 @@ # @agent-score/sdk -TypeScript client for the AgentScore trust and reputation API. +TypeScript client for the AgentScore APIs. ## Identity Model diff --git a/README.md b/README.md index a29ceb6..f69275c 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![npm version](https://img.shields.io/npm/v/@agent-score/sdk.svg)](https://www.npmjs.com/package/@agent-score/sdk) [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE) -TypeScript/Node.js client for the [AgentScore](https://agentscore.sh) trust and reputation API. +TypeScript/Node.js client for the [AgentScore](https://agentscore.sh) APIs. ## Install diff --git a/package.json b/package.json index bcefb3a..2f3c95a 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@agent-score/sdk", - "version": "2.0.0", - "description": "TypeScript client for the AgentScore trust and reputation API", + "version": "2.1.0", + "description": "TypeScript client for the AgentScore APIs", "main": "./dist/index.cjs", "module": "./dist/index.js", "types": "./dist/index.d.ts", @@ -48,7 +48,7 @@ "url": "https://github.com/agentscore/node-sdk/issues" }, "engines": { - "node": ">=18" + "node": ">=20" }, "devDependencies": { "@eslint/js": "^9.39.4", diff --git a/src/types.ts b/src/types.ts index 0ebca12..2ae0db3 100644 --- a/src/types.ts +++ b/src/types.ts @@ -12,7 +12,11 @@ export type ReputationStatus = 'scored' | 'stale' | 'known_unscored'; export interface Subject { chains: string[]; - address: string; + /** Wallet-based subject. Present for assess/reputation responses keyed by `address`. + * Absent on credential-based assess (use `credential_prefix` instead). */ + address?: string; + /** Credential-based subject. Present for assess responses keyed by `operator_token`. */ + credential_prefix?: string; } export interface Classification { @@ -217,18 +221,25 @@ export interface AgentScoreErrorBody { * until verified, receive a fresh operator_token. Existing account KYC persists. */ export type DenialCode = - | 'operator_verification_required' - | 'compliance_denied' - | 'compliance_error' - | 'wallet_not_trusted' + // Gate-emitted codes from commerce middleware (canonical 9-element union) | 'missing_identity' | 'identity_verification_required' - | 'payment_required' - | 'api_error' - | 'kyc_required' + | 'token_expired' + | 'invalid_credential' | 'wallet_signer_mismatch' | 'wallet_auth_requires_wallet_signing' - | 'token_expired'; + | 'wallet_not_trusted' + | 'api_error' + | 'payment_required' + // Merchant-emitted convenience codes (e.g. martin-estate's onDenied wraps gate denials + // into wine-specific business codes). These are not emitted by the AgentScore API + // itself but appear in 4xx bodies the SDK may surface back to callers. + | 'operator_verification_required' + | 'compliance_denied' + | 'compliance_error' + // Decision-reason code surfaced in error.code by some merchants — kept for back-compat + // with merchants that flatten policy reasons into the error envelope. + | 'kyc_required'; /** * Recommended agent action encoded in `next_steps.action`. Granular codes let agents pick the @@ -466,7 +477,10 @@ export interface AccountVerification { export interface CredentialListResponse { credentials: CredentialItem[]; - account_verification: AccountVerification; + /** Account-level KYC facts. Conditionally emitted by the API — only present when the + * account has an associated `account_verifications` row. Absent for accounts that + * have minted credentials but never started KYC. */ + account_verification?: AccountVerification; } export interface CredentialRevokeResponse { diff --git a/tests/index.test.ts b/tests/index.test.ts index 325d62c..399be2c 100644 --- a/tests/index.test.ts +++ b/tests/index.test.ts @@ -518,7 +518,7 @@ describe('Integration: compliance policy deny with verify_url', () => { evidence_summary: { metadata_kind: null, has_a2a_agent_card: false, website_url: null, website_reachable: false, website_mentions_mcp: false, website_mentions_x402: false, github_url: null, github_stars: null }, }], decision: 'deny', - decision_reasons: ['kyc_required', 'sanctions_check_pending'], + decision_reasons: ['kyc_required', 'sanctions_flagged'], on_the_fly: false, data_semantics: 'v1', caveats: [], @@ -544,7 +544,7 @@ describe('Integration: compliance policy deny with verify_url', () => { expect(result.decision).toBe('deny'); expect(result.decision_reasons).toContain('kyc_required'); - expect(result.decision_reasons).toContain('sanctions_check_pending'); + expect(result.decision_reasons).toContain('sanctions_flagged'); expect(result.verify_url).toBe('https://agentscore.sh/verify/xyz789'); expect(result.operator_verification).toBeDefined(); expect(result.operator_verification!.level).toBe('none'); diff --git a/tests/sessions-credentials.test.ts b/tests/sessions-credentials.test.ts index a942477..e81d753 100644 --- a/tests/sessions-credentials.test.ts +++ b/tests/sessions-credentials.test.ts @@ -199,8 +199,8 @@ describe('AgentScore.pollSession()', () => { const CREDENTIAL_CREATE_RESPONSE = { id: 'cred_abc123', - credential: 'opc_live_abc123def456', - prefix: 'opc_live_abc', + credential: 'opc_test_abc123def456', + prefix: 'opc_test_abc', label: 'Production API', expires_at: '2027-04-09T00:00:00Z', created_at: '2026-04-09T00:00:00Z', @@ -288,7 +288,7 @@ const CREDENTIAL_LIST_RESPONSE = { credentials: [ { id: 'cred_abc123', - prefix: 'opc_live_abc', + prefix: 'opc_test_abc', label: 'Production API', expires_at: '2027-04-09T00:00:00Z', last_used_at: '2026-04-08T12:00:00Z', @@ -296,7 +296,7 @@ const CREDENTIAL_LIST_RESPONSE = { }, { id: 'cred_def456', - prefix: 'opc_live_def', + prefix: 'opc_test_def', label: 'Staging', expires_at: '2026-05-01T00:00:00Z', last_used_at: null,