@aexhq/sdk 0.24.0 → 0.25.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/README.md +36 -125
  2. package/dist/_contracts/index.d.ts +0 -1
  3. package/dist/_contracts/index.js +0 -1
  4. package/dist/_contracts/models.js +1 -2
  5. package/dist/_contracts/operations.d.ts +13 -5
  6. package/dist/_contracts/operations.js +220 -10
  7. package/dist/_contracts/provider-support.d.ts +18 -29
  8. package/dist/_contracts/provider-support.js +3 -22
  9. package/dist/_contracts/proxy-protocol.d.ts +4 -2
  10. package/dist/_contracts/proxy-protocol.js +10 -3
  11. package/dist/_contracts/run-config.d.ts +28 -4
  12. package/dist/_contracts/run-config.js +10 -5
  13. package/dist/_contracts/run-cost.d.ts +3 -11
  14. package/dist/_contracts/run-cost.js +2 -57
  15. package/dist/_contracts/run-custody.d.ts +1 -52
  16. package/dist/_contracts/run-custody.js +3 -87
  17. package/dist/_contracts/run-retention.d.ts +1 -5
  18. package/dist/_contracts/run-retention.js +2 -14
  19. package/dist/_contracts/run-unit.d.ts +2 -2
  20. package/dist/_contracts/run-unit.js +3 -1
  21. package/dist/_contracts/runtime-security-profile.js +1 -1
  22. package/dist/_contracts/runtime-types.d.ts +38 -12
  23. package/dist/_contracts/side-effect-audit.d.ts +4 -5
  24. package/dist/_contracts/side-effect-audit.js +1 -4
  25. package/dist/_contracts/status.d.ts +3 -4
  26. package/dist/_contracts/status.js +3 -8
  27. package/dist/_contracts/submission.d.ts +68 -42
  28. package/dist/_contracts/submission.js +144 -30
  29. package/dist/bundle.d.ts +13 -0
  30. package/dist/bundle.js +51 -0
  31. package/dist/bundle.js.map +1 -1
  32. package/dist/cli.mjs +232 -58
  33. package/dist/cli.mjs.sha256 +1 -1
  34. package/dist/client.d.ts +25 -21
  35. package/dist/client.js +59 -15
  36. package/dist/client.js.map +1 -1
  37. package/dist/index.d.ts +6 -5
  38. package/dist/index.js +4 -3
  39. package/dist/index.js.map +1 -1
  40. package/dist/tool.d.ts +41 -0
  41. package/dist/tool.js +138 -0
  42. package/dist/tool.js.map +1 -0
  43. package/dist/version.d.ts +1 -1
  44. package/dist/version.js +1 -1
  45. package/docs/concepts/agent-tools.md +53 -0
  46. package/docs/concepts/composition.md +43 -0
  47. package/docs/concepts/providers-and-runtimes.md +53 -0
  48. package/docs/concepts/runs.md +40 -0
  49. package/docs/credentials.md +8 -4
  50. package/docs/events.md +12 -0
  51. package/docs/limits.md +53 -0
  52. package/docs/outputs.md +58 -0
  53. package/docs/provider-runtime-capabilities.md +53 -55
  54. package/docs/public-surface.json +81 -0
  55. package/docs/quickstart.md +28 -105
  56. package/docs/release.md +1 -1
  57. package/docs/run-config.md +2 -2
  58. package/docs/secrets.md +123 -0
  59. package/docs/skills.md +3 -3
  60. package/docs/vision-skills.md +14 -19
  61. package/package.json +2 -2
  62. package/dist/_contracts/managed-key.d.ts +0 -101
  63. package/dist/_contracts/managed-key.js +0 -181
  64. package/docs/product-boundaries.md +0 -57
@@ -1,181 +0,0 @@
1
- export const CREDENTIAL_MODES = ["byok", "managed"];
2
- export const DEFAULT_CREDENTIAL_MODE = "byok";
3
- export const MANAGED_KEY_POLICY_SCHEMA_VERSION = 1;
4
- export const MANAGED_KEY_RESERVATION_SCHEMA_VERSION = 1;
5
- export const MANAGED_KEY_LAUNCH_STAGES = ["blocked", "pilot", "ga"];
6
- export const MANAGED_KEY_FEATURE_DECISIONS = ["disabled", "allowed"];
7
- export const MANAGED_KEY_RESERVATION_STATUSES = ["open", "settled", "released"];
8
- export const BLOCKED_MANAGED_KEY_FEATURE_POLICY_V1 = Object.freeze({
9
- files: "disabled",
10
- packages: "disabled",
11
- builtins: "disabled",
12
- mcpServers: "disabled",
13
- proxyEndpoints: "disabled",
14
- openNetworking: "disabled"
15
- });
16
- export const BLOCKED_MANAGED_KEY_POLICY_V1 = Object.freeze({
17
- schemaVersion: MANAGED_KEY_POLICY_SCHEMA_VERSION,
18
- credentialMode: "managed",
19
- launchStage: "blocked",
20
- privateImplementationAvailable: false,
21
- billingRequired: true,
22
- providers: Object.freeze([]),
23
- runtimes: Object.freeze([]),
24
- features: BLOCKED_MANAGED_KEY_FEATURE_POLICY_V1
25
- });
26
- export class ManagedKeyUnavailableError extends Error {
27
- code = "managed_key_unavailable";
28
- constructor(message = "credentialMode: \"managed\" is not available without a private managed-key implementation") {
29
- super(message);
30
- this.name = "ManagedKeyUnavailableError";
31
- }
32
- }
33
- export function parseCredentialMode(input) {
34
- if (input === undefined) {
35
- return DEFAULT_CREDENTIAL_MODE;
36
- }
37
- if (!isCredentialMode(input)) {
38
- throw new Error(`credentialMode must be one of: ${CREDENTIAL_MODES.join(", ")} (got ${JSON.stringify(input)})`);
39
- }
40
- return input;
41
- }
42
- export function credentialModeOrDefault(input) {
43
- return input ?? DEFAULT_CREDENTIAL_MODE;
44
- }
45
- export function isCredentialMode(input) {
46
- return typeof input === "string" && CREDENTIAL_MODES.includes(input);
47
- }
48
- export function buildManagedKeyReservationLifecycle(input) {
49
- const status = normalizeManagedKeyReservationStatus(input.status);
50
- const reservedCreditUnits = nonNegativeFinite(input.reservedCreditUnits, "reservedCreditUnits");
51
- const chargedCreditUnits = nonNegativeFinite(input.chargedCreditUnits, "chargedCreditUnits");
52
- const releasedCreditUnits = nonNegativeFinite(input.releasedCreditUnits, "releasedCreditUnits");
53
- if (input.credentialMode !== undefined && input.credentialMode !== "managed") {
54
- throw new Error("managed-key reservation credentialMode must be managed");
55
- }
56
- if (status === "open") {
57
- if (input.closedAt !== undefined) {
58
- throw new Error("managed-key open reservation must not have closedAt");
59
- }
60
- if (chargedCreditUnits !== 0 || releasedCreditUnits !== 0) {
61
- throw new Error("managed-key open reservation cannot have charged or released credit units");
62
- }
63
- }
64
- if (status === "settled") {
65
- if (!input.closedAt) {
66
- throw new Error("managed-key settled reservation requires closedAt");
67
- }
68
- const expectedReleased = Math.max(0, reservedCreditUnits - chargedCreditUnits);
69
- if (!nearlyEqual(releasedCreditUnits, expectedReleased)) {
70
- throw new Error("managed-key settlement releasedCreditUnits must equal max(reserved - charged, 0)");
71
- }
72
- }
73
- if (status === "released") {
74
- if (!input.closedAt) {
75
- throw new Error("managed-key released reservation requires closedAt");
76
- }
77
- if (chargedCreditUnits !== 0 || !nearlyEqual(releasedCreditUnits, reservedCreditUnits)) {
78
- throw new Error("managed-key released reservation must release all reserved credit units without charge");
79
- }
80
- }
81
- return Object.freeze({
82
- schemaVersion: MANAGED_KEY_RESERVATION_SCHEMA_VERSION,
83
- reservationId: nonEmptyString(input.reservationId, "reservationId"),
84
- workspaceId: nonEmptyString(input.workspaceId, "workspaceId"),
85
- runId: nonEmptyString(input.runId, "runId"),
86
- credentialMode: "managed",
87
- status,
88
- reservedCreditUnits,
89
- chargedCreditUnits,
90
- releasedCreditUnits,
91
- ...(input.createdAt ? { createdAt: input.createdAt } : {}),
92
- ...(input.closedAt ? { closedAt: input.closedAt } : {})
93
- });
94
- }
95
- export function isManagedKeyGenerallyAvailable(policy) {
96
- return policy.launchStage === "ga" && policy.privateImplementationAvailable;
97
- }
98
- export function isManagedKeyAdmissionAllowed(policy) {
99
- return policy.launchStage !== "blocked" && policy.privateImplementationAvailable;
100
- }
101
- export function assertManagedKeyModeAvailable(policy = BLOCKED_MANAGED_KEY_POLICY_V1) {
102
- if (!isManagedKeyGenerallyAvailable(policy)) {
103
- throw new ManagedKeyUnavailableError();
104
- }
105
- }
106
- export function assertManagedKeyAdmissionAllowed(policy = BLOCKED_MANAGED_KEY_POLICY_V1) {
107
- if (!isManagedKeyAdmissionAllowed(policy)) {
108
- throw new ManagedKeyUnavailableError();
109
- }
110
- }
111
- export class FakeManagedCredentialResolver {
112
- async resolveManagedCredential(input) {
113
- const denial = resolvePolicyDenial(input);
114
- if (denial) {
115
- return denial;
116
- }
117
- return {
118
- ok: true,
119
- lease: Object.freeze({
120
- credentialMode: "managed",
121
- provider: input.provider,
122
- runtime: input.runtime,
123
- custodyClass: "managed-provider-credential"
124
- })
125
- };
126
- }
127
- }
128
- function resolvePolicyDenial(input) {
129
- if (!isManagedKeyGenerallyAvailable(input.policy)) {
130
- return {
131
- ok: false,
132
- code: "managed_key_unavailable",
133
- message: "managed-key mode is not generally available for this public policy"
134
- };
135
- }
136
- if (!input.policy.providers.includes(input.provider)) {
137
- return {
138
- ok: false,
139
- code: "provider_not_allowed",
140
- message: `provider ${input.provider} is not allowed by managed-key policy`
141
- };
142
- }
143
- if (!input.policy.runtimes.includes(input.runtime)) {
144
- return {
145
- ok: false,
146
- code: "runtime_not_allowed",
147
- message: `runtime ${input.runtime} is not allowed by managed-key policy`
148
- };
149
- }
150
- if (input.policy.models && !input.policy.models.includes(input.model)) {
151
- return {
152
- ok: false,
153
- code: "model_not_allowed",
154
- message: "model is not allowed by managed-key policy"
155
- };
156
- }
157
- return null;
158
- }
159
- function normalizeManagedKeyReservationStatus(input) {
160
- if (typeof input !== "string" ||
161
- !MANAGED_KEY_RESERVATION_STATUSES.includes(input)) {
162
- throw new Error(`managed-key reservation status ${String(input)} is not supported`);
163
- }
164
- return input;
165
- }
166
- function nonEmptyString(value, field) {
167
- if (typeof value !== "string" || value.trim().length === 0) {
168
- throw new Error(`managed-key reservation ${field} must be a non-empty string`);
169
- }
170
- return value;
171
- }
172
- function nonNegativeFinite(value, field) {
173
- if (!Number.isFinite(value) || value < 0) {
174
- throw new Error(`managed-key reservation ${field} must be a non-negative finite number`);
175
- }
176
- return value;
177
- }
178
- function nearlyEqual(left, right) {
179
- return Math.abs(left - right) <= 1e-9;
180
- }
181
- //# sourceMappingURL=managed-key.js.map
@@ -1,57 +0,0 @@
1
- ---
2
- title: Product capabilities and boundaries
3
- ---
4
-
5
- # Product capabilities and boundaries
6
-
7
- aex is the serverless control plane for autonomous agent sessions. It accepts a complete run request, dispatches it to the managed runtime, records typed events, captures outputs, and exposes auth-gated reads and downloads.
8
-
9
- aex is not a custom agent loop, a general-purpose sandbox, an interactive approval system, or a provider compliance layer. True self-host and customer-cloud deployment modes are not supported today.
10
-
11
- Start with the generated [provider/runtime capability matrix](provider-runtime-capabilities.md) for supported providers, runtime routing, and evidence pointers.
12
-
13
- ## Owned by aex today
14
-
15
- - Run submission, idempotency, status, cancellation, reads, downloads, and workspace auth.
16
- - Runtime dispatch through the managed runtime, with unsupported runtime selectors rejected at submission.
17
- - Ordered event capture through the per-run coordinator and durable archive, with platform diagnostics kept on internal/admin surfaces.
18
- - Output capture into the run record, subject to runtime behavior and storage limits.
19
- - BYOK provider-key custody for a single run, using the top-level `secrets` carrier and terminal cleanup/revocation attempts for aex-controlled references.
20
- - Named proxy endpoint policy, auth injection, redaction, call budgets, and audit metadata on the aex-owned proxy path.
21
- - Default cleanup attempts for tracked aex runtime resources.
22
-
23
- ## Boundary matrix
24
-
25
- | Area | aex-owned behavior | Inherited or customer-owned behavior |
26
- | --- | --- | --- |
27
- | Provider and model policy | aex validates the selected provider, injects the run-scoped BYOK credential, and records public-safe runtime events. | Provider retention, training exclusion, zero-retention, HIPAA/BAA, data residency, abuse policy, and pricing are properties of the selected provider account, endpoint, and contract. |
28
- | Runtime isolation | Managed runs execute in an isolated managed runtime. aex tracks resources and runs cleanup attempts. | Runtime isolation guarantees belong to the managed runtime provider. |
29
- | Secrets | Provider keys, MCP credentials, and proxy auth values are supplied inline per run, held in run-scoped custody, excluded from idempotency, and targeted for cleanup/revocation at terminal where aex controls the reference. | Customers choose and rotate their provider keys and MCP/proxy credentials. Provider-side credentials, sessions, and data may have their own retention rules. |
30
- | MCP servers | aex accepts remote HTTP/SSE MCP servers, validates their declaration, attaches run-scoped credentials, and records access metadata on the aex-controlled edge. | MCP servers are customer-trusted remote systems. aex does not sandbox their downstream behavior or make an untrusted MCP server safe. |
31
- | Proxy endpoints | The named endpoint proxy enforces declared host/path/method/auth policy and response caps for calls routed through it. | The upstream service's own auth, data handling, side effects, and compliance posture remain with the upstream service and customer. |
32
- | Outputs and run record | Captured outputs, events, and metadata are stored under the public run record and downloaded through auth-gated routes. Internal diagnostics are stored separately under internal/admin access. | Output content is customer content. Storage, deletion, and retention follow the run policy and infrastructure behavior; deletion-proof custody manifests are roadmap work until shipped. |
33
- | Human review | Runs execute full-auto after submission. Cancellation is available as an abort control. | Required input, approval, and planning happen before submission or after inspecting the completed run record. aex does not pause a run for platform-mediated human approval or interactive clarification. |
34
- | Agent identity and memory | The durable product primitive is the run record, addressed by run id. | Persistent agent identity, agent profiles, stateful memory, reusable provider sessions, and saved-definition products are out of scope. |
35
- | Deployment model | The supported product is the hosted aex control plane, plus the SDK and CLI used to submit and inspect runs. | True self-host and customer-cloud deployments are not supported product modes today. Alternate `baseUrl` values are for local, staging, or hosted aex API planes, not a self-host promise. |
36
- | Cost | BYOK provider-token charges accrue to the customer's provider account. aex can expose run/runtime/output metadata that helps operators reason about usage. | Paid managed-key mode, free trials, billing-grade cost telemetry, public rate cards, margins, and reconciliation are not shipped in the public product unless explicitly documented later. |
37
-
38
- ## Provider and infrastructure policy links
39
-
40
- Use these links as starting points for the policy areas aex does not own:
41
-
42
- - Anthropic API data retention policy: <https://platform.claude.com/docs/en/manage-claude/api-and-data-retention>
43
- - OpenAI API data controls: <https://platform.openai.com/docs/guides/your-data>
44
- - Mistral privacy and API data handling: <https://docs.mistral.ai/admin/security-access/privacy>
45
- - Gemini API data handling: <https://ai.google.dev/gemini-api/docs/logs-policy>
46
- These links do not create aex guarantees. They identify the provider whose current terms and product behavior must be reviewed for a given workload.
47
-
48
- ## Non-goals and unsupported claims
49
-
50
- Do not describe aex as providing:
51
-
52
- - true self-host or customer-cloud deployment support;
53
- - aex does not provide zero retention, HIPAA, BAA, or data-residency guarantees across providers;
54
- - aex does not provide a free trial or low-cost managed-key mode;
55
- - a general-purpose sandbox for every runtime and downstream MCP service;
56
- - human-in-the-loop approval checkpoints, ask-the-user loops, or interactive resume;
57
- - persistent agent identity, agent profiles, stateful memory, reusable sessions, or saved agent definitions.