/**
 * ATR Semantic Module (Layer 3)
 *
 * AI-driven semantic analysis for detecting threats that bypass
 * regex patterns (Layer 1) and behavioral fingerprinting (Layer 2).
 *
 * Uses LLM-as-judge to evaluate whether an agent event represents
 * a genuine threat, even when the attacker uses:
 * - Semantic paraphrasing to avoid keyword matching
 * - Multi-language injection (non-English payloads)
 * - Context-aware social engineering
 * - Novel attack patterns not yet in the rule set
 *
 * Provider-agnostic: works with any OpenAI-compatible API.
 *
 * @module agent-threat-rules/modules/semantic
 */
import type { AgentEvent } from '../types.js';
import type { ATRModule, ModuleCondition, ModuleResult } from './index.js';
export interface SemanticModuleConfig {
    /** OpenAI-compatible API endpoint */
    apiUrl: string;
    /** API key */
    apiKey: string;
    /** Model to use (default: gpt-4o-mini for cost efficiency) */
    model?: string;
    /** Max tokens for analysis (default: 512) */
    maxTokens?: number;
    /** Temperature (default: 0.1 for consistency) */
    temperature?: number;
    /** Timeout in ms (default: 10000) */
    timeout?: number;
    /** Cache TTL in ms for identical content (default: 300000 = 5min) */
    cacheTtlMs?: number;
    /** Max cache entries (default: 1000) */
    maxCacheSize?: number;
}
/**
 * Semantic detection module using LLM-as-judge.
 *
 * Usage in ATR YAML:
 * ```yaml
 * detection:
 *   conditions:
 *     semantic_check:
 *       module: semantic
 *       function: analyze_threat
 *       args:
 *         field: user_input
 *       operator: gte
 *       threshold: 0.7
 *   condition: "semantic_check"
 * ```
 */
export declare class SemanticModule implements ATRModule {
    readonly name = "semantic";
    readonly description = "AI-driven semantic threat analysis (Layer 3)";
    readonly version = "0.1.0";
    readonly functions: readonly [{
        readonly name: "analyze_threat";
        readonly description: "Analyze text for semantic threat indicators using LLM";
        readonly args: readonly [{
            readonly name: "field";
            readonly type: "string";
            readonly required: false;
            readonly description: "Event field to analyze (default: content)";
        }];
    }, {
        readonly name: "is_injection";
        readonly description: "Binary check: is this a prompt injection attempt?";
        readonly args: readonly [{
            readonly name: "field";
            readonly type: "string";
            readonly required: false;
            readonly description: "Event field to analyze (default: content)";
        }];
    }, {
        readonly name: "classify_attack";
        readonly description: "Classify the type of attack (returns category confidence)";
        readonly args: readonly [{
            readonly name: "field";
            readonly type: "string";
            readonly required: false;
            readonly description: "Event field to analyze (default: content)";
        }, {
            readonly name: "target_category";
            readonly type: "string";
            readonly required: true;
            readonly description: "ATR category to check against";
        }];
    }];
    private readonly config;
    private readonly cache;
    constructor(config: SemanticModuleConfig);
    initialize(): Promise<void>;
    evaluate(event: AgentEvent, condition: ModuleCondition): Promise<ModuleResult>;
    destroy(): Promise<void>;
    private analyzeWithCache;
    private callLLM;
    private callFPCheck;
    private parseAnalysis;
    private resolveEndpoint;
    private hashContent;
    private compareThreshold;
}
//# sourceMappingURL=semantic.d.ts.map