/**
 * Policy enforcement layer.
 *
 * Bridges the injection scanner with the policy store — only runs the
 * scanner when the `prompt-injection-defense` policy is active.
 */
import type { OrgPolicy } from "./store.js";
import { type InjectionMatch, type ScanResult } from "./injection.js";
export type EnforcementResult = {
    allowed: boolean;
    ruleId: string;
    scan: ScanResult;
    sanitized?: string;
};
/**
 * Check whether the prompt-injection-defense policy is active.
 */
export declare function isInjectionDefenseActive(policies: OrgPolicy[]): boolean;
/**
 * Enforce the prompt-injection-defense policy against a piece of text.
 *
 * If the policy is not active the text is always allowed.
 *
 * @param text     The text to check
 * @param policies The current merged policy list
 * @param options  Optional: pass `sanitize: true` to get a sanitised version of the text
 * @returns        EnforcementResult
 */
export declare function enforceInjectionPolicy(text: string, policies: OrgPolicy[], options?: {
    sanitize?: boolean;
}): EnforcementResult;
/**
 * Build a violation payload compatible with the cortex-web
 * `POST /api/v1/violations/push` endpoint.
 */
export declare function buildViolationPayload(matches: InjectionMatch[], context: {
    filePath?: string;
    query?: string;
}): {
    rule_id: string;
    severity: "error" | "warning" | "info";
    message: string;
    file_path?: string;
    metadata?: string;
    occurred_at: string;
};
//# sourceMappingURL=enforce.d.ts.map