import type { ExtensionAPI, ExtensionContext, ToolCallEvent, ToolCallEventResult, UserBashEvent, UserBashEventResult } from '@earendil-works/pi-coding-agent';
import { type SecurityAuditEvent, type SecurityConfig } from './index.js';
export type PiSecurityExtensionConfig = {
    enabled?: boolean;
    profile?: string;
    security?: SecurityConfig;
    auditLimit?: number;
    approvals?: {
        allowSessionGrants?: boolean;
    };
};
export type PiSecuritySessionGrant = {
    toolName: string;
    reason: string;
};
export type PiSecurityExtensionState = {
    config: ResolvedPiSecurityExtensionConfig;
    auditLog: SecurityAuditEvent[];
    grants: PiSecuritySessionGrant[];
};
export type ResolvedPiSecurityExtensionConfig = {
    enabled: boolean;
    profile: string;
    security?: SecurityConfig;
    auditLimit: number;
    allowSessionGrants: boolean;
};
export default function piSecurityExtension(pi: ExtensionAPI): void;
export declare function authorizePiToolCall(event: ToolCallEvent, ctx: ExtensionContext, state: PiSecurityExtensionState): Promise<ToolCallEventResult | undefined>;
export declare function authorizeUserBash(event: UserBashEvent, ctx: ExtensionContext, state: PiSecurityExtensionState): Promise<UserBashEventResult | undefined>;
export declare function resolvePiSecurityConfig(config?: PiSecurityExtensionConfig): ResolvedPiSecurityExtensionConfig;
//# sourceMappingURL=extension.d.ts.map