@enclave-vm/ast package.
Installation
JSAstValidator Class
Main AST validation class.Constructor
Methods
validate(code)
Validate JavaScript code against the preset rules.ValidationResult
PreScanner Class
Fast pre-scanning for DoS protection.Constructor
Methods
scan(code)
Scan code for potential issues before parsing.PreScanResult
Factory Functions
createAgentScriptPreset(options?)
Create the AgentScript validation preset.createPreScannerConfig(preset)
Create pre-scanner configuration.createSecurityRules()
Get all built-in security rules.ValidationPreset
ValidationRule
Built-in Rules
| Rule ID | Description |
|---|---|
no-eval | Block eval() and Function() |
no-dynamic-code | Block setTimeout/setInterval with strings |
no-system-access | Block process, require, import |
no-global-access | Block window, global, globalThis |
no-prototype-access | Block proto, constructor |
no-metaprogramming | Block Proxy, Reflect |
no-network | Block fetch, XMLHttpRequest, WebSocket |
no-storage | Block localStorage, sessionStorage |
no-native-code | Block WebAssembly, Worker |
no-this | Block this keyword |
no-user-functions | Block function declarations |
no-unbounded-loops | Block while, do-while |
no-for-in | Block for-in loops |
allowed-globals-only | Only allow specified globals |
static-tool-calls | Require string literals for tool names |
bounded-iterations | Enforce iteration limits |
Code Transformation
transformAgentScript(code, options)
Transform code for safe execution.Custom Rules
Creating a Custom Rule
Using Custom Rules
Complete Example
Related
- Overview - Feature overview
- AgentScript Preset - Preset details
- Custom Rules - Writing rules