UNPKG

alfred-logger-sdk

Version:

Production-ready data collection SDK for feeding structured events to LLM Data Agents with auto-capture capabilities

github.com/prerit-skeps/alfred-logger-sdk

prerit-skeps/alfred-logger-sdk

62 lines (46 loc) 1.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# Security Guidelines ## Data Sanitization The Alfred Logger SDK implements several security measures to protect sensitive data: ### Automatic Data Sanitization By default, the SDK automatically sanitizes sensitive fields containing keywords like: - `password` - `token` - `key` - `secret` - `auth` - `credential` These fields are replaced with `[REDACTED]` in logged events. ### Configuration ```javascript const logger = new Logger({ endpoint: 'https://your-api.com/events', sanitizePayloads: true, // Enable data sanitization (default: true) // ... other config }); ``` ## Security Features ### Input Validation - All configuration parameters are validated - Event data size limits prevent DoS attacks - Buffer size limits prevent memory exhaustion - URL validation prevents malicious endpoints ### Rate Limiting - Built-in request rate limiting - Configurable delay between requests - Prevents API abuse ### Error Handling - Sensitive information not logged in errors - Failed requests handled gracefully - No exposure of internal state ### Memory Management - Automatic buffer overflow protection - Event size limits - Proper cleanup on shutdown ## Best Practices 1. **Use HTTPS endpoints only** 2. **Rotate API keys regularly** 3. **Monitor for unusual activity** 4. **Keep payload sanitization enabled** 5. **Set appropriate buffer and size limits** ## Reporting Security Issues Please report security vulnerabilities responsibly by contacting the maintainers directly rather than opening public issues.