/**
 * Security Monitor for DollhouseMCP
 *
 * Centralized security event logging and monitoring system
 * for tracking and alerting on security-related events.
 */
export interface SecurityEvent {
    type: 'CONTENT_INJECTION_ATTEMPT' | 'YAML_INJECTION_ATTEMPT' | 'PATH_TRAVERSAL_ATTEMPT' | 'TOKEN_VALIDATION_FAILURE' | 'UPDATE_SECURITY_VIOLATION' | 'RATE_LIMIT_EXCEEDED' | 'YAML_PARSING_WARNING' | 'YAML_PARSE_SUCCESS' | 'TOKEN_VALIDATION_SUCCESS' | 'PATH_VALIDATION_SUCCESS' | 'RATE_LIMIT_WARNING' | 'TOKEN_CACHE_CLEARED' | 'YAML_UNICODE_ATTACK' | 'UNICODE_DIRECTION_OVERRIDE' | 'UNICODE_MIXED_SCRIPT' | 'UNICODE_VALIDATION_ERROR' | 'CONTENT_SIZE_EXCEEDED' | 'INCLUDE_DEPTH_EXCEEDED' | 'TEMPLATE_RENDERED' | 'TEMPLATE_INCLUDE' | 'TEMPLATE_LOADED' | 'TEMPLATE_SAVED' | 'TEMPLATE_DELETED' | 'MEMORY_CREATED' | 'MEMORY_ADDED' | 'MEMORY_SEARCHED' | 'SENSITIVE_MEMORY_DELETED' | 'RETENTION_POLICY_ENFORCED' | 'MEMORY_CLEARED' | 'MEMORY_LOADED' | 'MEMORY_SAVED' | 'MEMORY_DELETED' | 'MEMORY_LOAD_FAILED' | 'MEMORY_SAVE_FAILED' | 'MEMORY_LIST_ITEM_FAILED' | 'MEMORY_IMPORT_FAILED' | 'MEMORY_DESERIALIZE_FAILED' | 'MEMORY_INTEGRITY_VIOLATION' | 'MEMORY_UNICODE_VALIDATION_FAILED' | 'MEMORY_DUPLICATE_DETECTED' | 'SEED_MEMORY_INSTALLED' | 'SEED_MEMORY_INSTALLATION_FAILED' | 'ELEMENT_CREATED' | 'ELEMENT_LOADED' | 'ELEMENT_EDITED' | 'ELEMENT_ACTIVATED' | 'ELEMENT_DEACTIVATED' | 'ELEMENT_VALIDATED' | 'ELEMENT_DELETED' | 'AGENT_ACTIVATED' | 'AGENT_ACTIVATION_FAILED' | 'AGENT_ACTIVATION_ROLLBACK' | 'AGENT_DEACTIVATED' | 'AGENT_EXECUTED' | 'CONFIG_UPDATED' | 'IDENTITY_CHANGED' | 'OPERATION_COMPLETED' | 'OPERATION_FAILED' | 'BATCH_COMPLETED' | 'BATCH_REJECTED' | 'CONFIRMATION_RECORDED' | 'GATEKEEPER_DECISION' | 'AUTH_FLOW_INITIATED' | 'AGENT_DECISION' | 'RULE_ENGINE_CONFIG_UPDATE' | 'RULE_ENGINE_CONFIG_VALIDATION_ERROR' | 'GOAL_TEMPLATE_APPLIED' | 'GOAL_TEMPLATE_VALIDATION' | 'ENSEMBLE_CIRCULAR_DEPENDENCY' | 'ENSEMBLE_RESOURCE_LIMIT_EXCEEDED' | 'ENSEMBLE_ACTIVATION_TIMEOUT' | 'ENSEMBLE_ACTIVATION_FAILED' | 'ENSEMBLE_SUSPICIOUS_CONDITION' | 'ENSEMBLE_CONDITION_EVALUATION_FAILED' | 'ENSEMBLE_NESTED_DEPTH_EXCEEDED' | 'ENSEMBLE_CONTEXT_SIZE_EXCEEDED' | 'ENSEMBLE_CONTEXT_VALUE_TOO_LARGE' | 'ENSEMBLE_SAVED' | 'ENSEMBLE_IMPORTED' | 'ENSEMBLE_DELETED' | 'PORTFOLIO_INITIALIZATION' | 'PORTFOLIO_POPULATED' | 'FILE_COPIED' | 'DIRECTORY_MIGRATION' | 'PORTFOLIO_CACHE_INVALIDATION' | 'PORTFOLIO_FETCH_SUCCESS' | 'TEST_DATA_BLOCKED' | 'TEST_PATH_SECURITY_RISK' | 'TEST_PRODUCTION_ACCESS_BLOCKED' | 'TEST_PATH_INVALID' | 'TEST_ENVIRONMENT_PRODUCTION_PATH' | 'TEST_ENVIRONMENT_DEPRECATED_VAR' | 'TOOL_CACHE_INVALIDATED' | 'FILE_READ' | 'FILE_WRITTEN' | 'FILE_DELETED' | 'DANGER_ZONE_TRIGGERED' | 'DANGER_ZONE_OPERATION' | 'AUTONOMY_DENIED' | 'AUTONOMY_PAUSED' | 'SAFETY_EVALUATION_FAILURE' | 'VERIFICATION_ATTEMPTED' | 'VERIFICATION_SUCCEEDED' | 'VERIFICATION_FAILED' | 'VERIFICATION_EXPIRED' | 'AGENT_AUTO_CONTINUED' | 'AGENT_STEP_RETRIED' | 'AGENT_AUTO_RESTARTED' | 'AGENT_RESILIENCE_LIMIT_REACHED' | 'PERMISSION_PROMPT_DENIED' | 'CLI_APPROVAL_REQUESTED' | 'CLI_APPROVAL_GRANTED' | 'CLI_APPROVAL_CONSUMED' | 'TOTP_ENROLLED' | 'TOTP_DISABLED' | 'TOTP_BACKUP_CODE_CONSUMED' | 'TOTP_VERIFICATION_FAILED' | 'CONSOLE_TOKEN_ROTATED';
    severity: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
    source: string;
    details: string;
    userAgent?: string;
    ip?: string;
    additionalData?: Record<string, any>;
    metadata?: Record<string, any>;
}
export interface SecurityLogEntry extends SecurityEvent {
    timestamp: string;
    id: string;
}
export declare class SecurityMonitor {
    private static eventCount;
    private static events;
    private static logListener?;
    private static readonly dedup;
    static addLogListener(fn: (entry: SecurityLogEntry) => void): () => void;
    /**
     * Logs a security event, suppressing repeated identical events within the dedup window.
     */
    static logSecurityEvent(event: SecurityEvent): void;
    /**
     * Sends security alerts for critical events
     */
    private static sendSecurityAlert;
    /**
     * Gets recent security events for analysis
     */
    static getRecentEvents(count?: number): SecurityLogEntry[];
    /**
     * Gets events by severity
     */
    static getEventsBySeverity(severity: SecurityEvent['severity']): SecurityLogEntry[];
    /**
     * Gets events by type
     */
    static getEventsByType(type: SecurityEvent['type']): SecurityLogEntry[];
    /**
     * Generates a security report
     */
    static generateSecurityReport(): {
        totalEvents: number;
        eventsBySeverity: Record<string, number>;
        eventsByType: Record<string, number>;
        recentCriticalEvents: SecurityLogEntry[];
    };
    /**
     * Clears old events (for memory management)
     */
    static clearOldEvents(daysToKeep?: number): void;
    /**
     * TESTING ONLY: Clears all events and resets counter
     * Should only be called in test cleanup (afterEach/afterAll)
     * to prevent test pollution from accumulated security events
     */
    static clearAllEventsForTesting(): void;
}
//# sourceMappingURL=securityMonitor.d.ts.map