/** * Per-tool field scoping and per-agent category exemptions for obfuscation. * * Reduces false positives by only scanning relevant fields per tool and * exempting entity categories that the agent's contract allows. */ import type { FieldScopingConfig, ScopeDecision } from "./types.js"; export declare class FieldScopeResolver { private readonly toolPatterns; private readonly neverScanFields; private readonly defaultScanFields; private readonly useContractExemptions; private readonly enabled; constructor(config?: FieldScopingConfig); /** Resolve which fields to scan for a given tool name. */ resolveToolScope(toolName: string): ScopeDecision; /** * Resolve which entity categories are exempt from obfuscation for an agent. * Uses the agent contract's allowedDataClasses — those categories are data * the agent is trusted to handle, so obfuscating them is counterproductive. */ resolveAgentExemptions(agentLabel: string, role: string): Set; /** Check if a field should be scanned given the resolved scope. */ shouldScanField(fieldName: string, scope: ScopeDecision): boolean; }