@agent-assembly/sdk 0.0.1-beta.3 → 0.0.1-beta.5

package/dist/esm/runtime.js.map

@@ -1 +1 @@
-{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../src/runtime.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAqB,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,SAAS,IAAI,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACnE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAExC,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC;AAClC,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,CAAC;AACjC,MAAM,CAAC,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEhD,MAAM,CAAC,MAAM,cAAc,GAAW,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;AACvE,MAAM,CAAC,MAAM,eAAe,GAAG,gBAAgB,CAAC;AAChD,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC;AAExD,8EAA8E;AAC9E,MAAM,CAAC,MAAM,kBAAkB,GAAW,WAAW,QAAQ,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;AAE5E,MAAM,CAAC,MAAM,YAAY,GAAW;IAClC,mCAAmC;IACnC,yCAAyC;IACzC,sDAAsD;IACtD,8DAA8D;CAC/D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAEb;;;;;;;;;GASG;AACH,SAAS,wBAAwB;IAC/B,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,aAAa,CAAC,GAAG,GAAG,EAAE,eAAe,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,mBAAmB,kBAAkB,eAAe,CAAC,CAAC;QAC7F,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc;IAC5B,KAAK,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QACrD,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACzC,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;IAC9C,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5C,MAAM,OAAO,GAAG,wBAAwB,EAAE,CAAC;IAC3C,IAAI,OAAO,KAAK,IAAI,IAAI,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAClD,IAAI,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IACtC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,SAAS,CACvB,OAAe,YAAY,EAC3B,OAAe,oBAAoB;IAEnC,OAAO,IAAI,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACnC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,CAAC,KAAc,EAAQ,EAAE;YACtC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,aAAa,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,UAAkB,EAClB,OAAe,YAAY,EAC3B,SAAiB,GAAG,EAAE;IAEtB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACnD,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE;QACjE,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,CAAC;KAC1B,CAAC,CAAC;IACH,KAAK,CAAC,KAAK,EAAE,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAgB,EAChB,OAAe,YAAY;IAE3B,KAAK,OAAO,CAAC,CAAC,iDAAiD;IAC/D,IAAI,MAAM,SAAS,CAAC,IAAI,CAAC;QAAE,OAAO;IAClC,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;IAChC,CAAC;IACD,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAC7B,CAAC"}
+{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../src/runtime.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAqB,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,SAAS,IAAI,UAAU,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,WAAW,CAAC;AACvG,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAExC,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC;AAClC,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,CAAC;AACjC,MAAM,CAAC,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,eAAe,CAAC;AAE9C,MAAM,CAAC,MAAM,cAAc,GAAW,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;AACvE,MAAM,CAAC,MAAM,eAAe,GAAG,gBAAgB,CAAC;AAChD,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC;AAExD,8EAA8E;AAC9E,MAAM,CAAC,MAAM,kBAAkB,GAAW,WAAW,QAAQ,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;AAE5E,MAAM,CAAC,MAAM,YAAY,GAAW;IAClC,mCAAmC;IACnC,yCAAyC;IACzC,sDAAsD;IACtD,8DAA8D;CAC/D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAEb;;;;;;;;;GASG;AACH,SAAS,wBAAwB;IAC/B,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,aAAa,CAAC,GAAG,GAAG,EAAE,eAAe,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,mBAAmB,kBAAkB,eAAe,CAAC,CAAC;QAC7F,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc;IAC5B,KAAK,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QACrD,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACzC,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;IAC9C,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5C,MAAM,OAAO,GAAG,wBAAwB,EAAE,CAAC;IAC3C,IAAI,OAAO,KAAK,IAAI,IAAI,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAClD,IAAI,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IACtC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,SAAS,CACvB,OAAe,YAAY,EAC3B,OAAe,oBAAoB;IAEnC,OAAO,IAAI,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACnC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,CAAC,KAAc,EAAQ,EAAE;YACtC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YAC5B,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,aAAa,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,wDAAwD;AACxD,SAAS,gBAAgB;IACvB,MAAM,GAAG,GAAG,GAAG,CAAC,cAAc,CAAC,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACtD,OAAO,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,KAAK,CAAC;AACxD,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB;IACzB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;IACvB,OAAO;QACL,gBAAgB;QAChB,UAAU;QACV,mBAAmB;QACnB,cAAc;QACd,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC;QAC3B,sBAAsB;QACtB,eAAe;KAChB,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAAkB;IACrD,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,sDAAsD,UAAU,EAAE,CAAC,CAAC;IACtF,CAAC;IACD,MAAM,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,wBAAwB,EAAE,CAAC;IAC3C,IAAI,OAAO,KAAK,IAAI,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO;IAClE,MAAM,EAAE,GAAG,kBAAkB,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC3F,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,MAAM,IAAI,KAAK,CACb,6DAA6D,QAAQ,IAAI;YACvE,4BAA4B,kBAAkB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACjE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,UAAkB,EAClB,OAAe,YAAY,EAC3B,SAAiB,GAAG,EAAE;IAEtB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACnD,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE;QACjE,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE,EAAE,EAAE,CAAC;KAC1B,CAAC,CAAC;IACH,KAAK,CAAC,KAAK,EAAE,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAiB,EACjB,OAAe,YAAY;IAE3B,IAAI,MAAM,SAAS,CAAC,IAAI,CAAC;QAAE,OAAO;IAClC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,mCAAmC,IAAI,+BAA+B;YACpE,oCAAoC,IAAI,aAAa,cAAc,KAAK;YACxE,oCAAoC,CACvC,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;IAChC,CAAC;IACD,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,oDAAoD,MAAM,EAAE,CAAC,CAAC;IAC3E,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAC7B,CAAC"}

package/dist/esm/wrappers/with-assembly.js

@@ -1,6 +1,62 @@
 import { randomUUID } from "node:crypto";
+import { OpTerminatedError } from "../errors/op-terminated-error.js";
 import { PolicyViolationError } from "../errors/policy-violation-error.js";
 const DEFAULT_APPROVAL_TIMEOUT_MS = 30_000;
+/**
+ * Resolve the op id (`"{traceId}:{spanId}"`) for a wrapped tool call.
+ *
+ * Prefers an explicit `opId` on the call's first argument; otherwise composes
+ * it from `traceId` / `spanId` when an adapter threads them through. Returns
+ * `undefined` when no trace identity is present — the call is not part of a
+ * tracked op, so there is nothing for the kill switch to address and op control
+ * is skipped. Mirrors the Python companion's `_extract_op_id`.
+ */
+function extractOpId(args) {
+    const first = args[0];
+    if (typeof first !== "object" || first === null) {
+        return undefined;
+    }
+    const fields = first;
+    const opId = fields.opId;
+    if (typeof opId === "string" && opId.length > 0) {
+        return opId;
+    }
+    const traceId = fields.traceId;
+    if (typeof traceId === "string" && traceId.length > 0) {
+        const spanId = fields.spanId;
+        const span = typeof spanId === "string" ? spanId : "";
+        return `${traceId}:${span}`;
+    }
+    return undefined;
+}
+/**
+ * Consult the live op-control kill switch before the gateway is queried.
+ *
+ * A terminated op throws {@link PolicyViolationError} so the tool is blocked
+ * (and the gateway is never reached — the kill switch short-circuits). A paused
+ * op blocks here in `waitForOp` until the gateway resumes (or terminates) it.
+ * A no-op when no subscriber is wired or the call carries no `opId`.
+ *
+ * @throws {PolicyViolationError} when the op has been terminated by the gateway.
+ */
+async function enforceOpControl(opControl, name, args) {
+    if (!opControl) {
+        return;
+    }
+    const opId = extractOpId(args);
+    if (!opId) {
+        return;
+    }
+    try {
+        await opControl.waitForOp(opId);
+    }
+    catch (error) {
+        if (error instanceof OpTerminatedError) {
+            throw new PolicyViolationError(`Tool '${name}' terminated: ${error.message}`);
+        }
+        throw error;
+    }
+}
 async function waitForApprovalWithTimeout(gateway, toolName, runId, timeoutMs) {
     let timeoutId;
     const timeoutPromise = new Promise((resolve) => {
@@ -24,49 +80,50 @@ function hasExecute(tool) {
 function hasInvoke(tool) {
     return typeof tool.invoke === "function";
 }
+/**
+ * Run the full pre-execution governance chain for one wrapped tool call.
+ *
+ * Order is load-bearing: the live op-control kill switch (AAASM-3491) runs
+ * first so an operator terminate short-circuits *before* the gateway is queried
+ * and a pause blocks here until resume; only then does the pre-exec gateway
+ * check + approval flow run.
+ *
+ * @throws {PolicyViolationError} when the op is terminated, the gateway denies,
+ *   or an approval is rejected / times out.
+ */
+async function enforceGovernance(name, args, gateway, opControl, approvalTimeoutMs) {
+    await enforceOpControl(opControl, name, args);
+    const runId = `run_${randomUUID()}`;
+    const decision = await gateway.check({
+        action: "tool_call",
+        toolName: name,
+        args,
+        runId
+    });
+    if (decision.denied) {
+        throw new PolicyViolationError(`Tool '${name}' blocked: ${decision.reason ?? "Denied"}`);
+    }
+    if (decision.pending) {
+        const finalDecision = await waitForApprovalWithTimeout(gateway, name, runId, approvalTimeoutMs);
+        if (finalDecision.denied) {
+            throw new PolicyViolationError(`Approval rejected for '${name}': ${finalDecision.reason ?? "Rejected"}`);
+        }
+    }
+}
 function wrapSingleTool(name, tool, gateway, options) {
     const approvalTimeoutMs = options.approvalTimeoutMs ?? DEFAULT_APPROVAL_TIMEOUT_MS;
+    const opControl = options.opControl;
     if (hasExecute(tool)) {
         const originalExecute = tool.execute;
         tool.execute = async (...args) => {
-            const runId = `run_${randomUUID()}`;
-            const decision = await gateway.check({
-                action: "tool_call",
-                toolName: name,
-                args,
-                runId
-            });
-            if (decision.denied) {
-                throw new PolicyViolationError(`Tool '${name}' blocked: ${decision.reason ?? "Denied"}`);
-            }
-            if (decision.pending) {
-                const finalDecision = await waitForApprovalWithTimeout(gateway, name, runId, approvalTimeoutMs);
-                if (finalDecision.denied) {
-                    throw new PolicyViolationError(`Approval rejected for '${name}': ${finalDecision.reason ?? "Rejected"}`);
-                }
-            }
+            await enforceGovernance(name, args, gateway, opControl, approvalTimeoutMs);
             return originalExecute(...args);
         };
     }
     else if (hasInvoke(tool)) {
         const originalInvoke = tool.invoke;
         tool.invoke = async (...args) => {
-            const runId = `run_${randomUUID()}`;
-            const decision = await gateway.check({
-                action: "tool_call",
-                toolName: name,
-                args,
-                runId
-            });
-            if (decision.denied) {
-                throw new PolicyViolationError(`Tool '${name}' blocked: ${decision.reason ?? "Denied"}`);
-            }
-            if (decision.pending) {
-                const finalDecision = await waitForApprovalWithTimeout(gateway, name, runId, approvalTimeoutMs);
-                if (finalDecision.denied) {
-                    throw new PolicyViolationError(`Approval rejected for '${name}': ${finalDecision.reason ?? "Rejected"}`);
-                }
-            }
+            await enforceGovernance(name, args, gateway, opControl, approvalTimeoutMs);
             return originalInvoke(...args);
         };
     }

package/dist/esm/wrappers/with-assembly.js.map

@@ -1 +1 @@
-{"version":3,"file":"with-assembly.js","sourceRoot":"","sources":["../../../src/wrappers/with-assembly.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAU3E,MAAM,2BAA2B,GAAG,MAAM,CAAC;AAE3C,KAAK,UAAU,0BAA0B,CACvC,OAAsB,EACtB,QAAgB,EAChB,KAAa,EACb,SAAiB;IAEjB,IAAI,SAAoD,CAAC;IAEzD,MAAM,cAAc,GAAG,IAAI,OAAO,CAAmC,CAAC,OAAO,EAAE,EAAE;QAC/E,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;YAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,SAAS,IAAI,EAAE,CAAC,CAAC;QAC7E,CAAC,EAAE,SAAS,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;QAC5E,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/D,CAAC;YAAS,CAAC;QACT,IAAI,SAAS,EAAE,CAAC;YACd,YAAY,CAAC,SAAS,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CACjB,IAA6B;IAE7B,OAAO,OAAO,IAAI,CAAC,OAAO,KAAK,UAAU,CAAC;AAC5C,CAAC;AAED,SAAS,SAAS,CAChB,IAA6B;IAE7B,OAAO,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU,CAAC;AAC3C,CAAC;AAED,SAAS,cAAc,CACrB,IAAY,EACZ,IAA6B,EAC7B,OAAsB,EACtB,OAA4B;IAE5B,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,2BAA2B,CAAC;IAEnF,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACrB,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;YAC1C,MAAM,KAAK,GAAG,OAAO,UAAU,EAAE,EAAE,CAAC;YACpC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;gBACnC,MAAM,EAAE,WAAW;gBACnB,QAAQ,EAAE,IAAI;gBACd,IAAI;gBACJ,KAAK;aACN,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,oBAAoB,CAC5B,SAAS,IAAI,cAAc,QAAQ,CAAC,MAAM,IAAI,QAAQ,EAAE,CACzD,CAAC;YACJ,CAAC;YAED,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrB,MAAM,aAAa,GAAG,MAAM,0BAA0B,CACpD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,iBAAiB,CACxC,CAAC;gBACF,IAAI,aAAa,CAAC,MAAM,EAAE,CAAC;oBACzB,MAAM,IAAI,oBAAoB,CAC5B,0BAA0B,IAAI,MAAM,aAAa,CAAC,MAAM,IAAI,UAAU,EAAE,CACzE,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC;IACJ,CAAC;SAAM,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;YACzC,MAAM,KAAK,GAAG,OAAO,UAAU,EAAE,EAAE,CAAC;YACpC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;gBACnC,MAAM,EAAE,WAAW;gBACnB,QAAQ,EAAE,IAAI;gBACd,IAAI;gBACJ,KAAK;aACN,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,oBAAoB,CAC5B,SAAS,IAAI,cAAc,QAAQ,CAAC,MAAM,IAAI,QAAQ,EAAE,CACzD,CAAC;YACJ,CAAC;YAED,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrB,MAAM,aAAa,GAAG,MAAM,0BAA0B,CACpD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,iBAAiB,CACxC,CAAC;gBACF,IAAI,aAAa,CAAC,MAAM,EAAE,CAAC;oBACzB,MAAM,IAAI,oBAAoB,CAC5B,0BAA0B,IAAI,MAAM,aAAa,CAAC,MAAM,IAAI,UAAU,EAAE,CACzE,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC;QACjC,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAC1B,KAAa,EACb,OAA4B;IAE5B,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjD,cAAc,CAAC,IAAI,EAAE,IAA+B,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IACxF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
+{"version":3,"file":"with-assembly.js","sourceRoot":"","sources":["../../../src/wrappers/with-assembly.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAkC3E,MAAM,2BAA2B,GAAG,MAAM,CAAC;AAE3C;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,IAAe;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,MAAM,GAAG,KAAgC,CAAC;IAChD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;IACzB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;IAC/B,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,MAAM,IAAI,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QACtD,OAAO,GAAG,OAAO,IAAI,IAAI,EAAE,CAAC;IAC9B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;;;GASG;AACH,KAAK,UAAU,gBAAgB,CAC7B,SAAgC,EAChC,IAAY,EACZ,IAAe;IAEf,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO;IACT,CAAC;IACD,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAC/B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IACD,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,iBAAiB,EAAE,CAAC;YACvC,MAAM,IAAI,oBAAoB,CAAC,SAAS,IAAI,iBAAiB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAChF,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,0BAA0B,CACvC,OAAsB,EACtB,QAAgB,EAChB,KAAa,EACb,SAAiB;IAEjB,IAAI,SAAoD,CAAC;IAEzD,MAAM,cAAc,GAAG,IAAI,OAAO,CAAmC,CAAC,OAAO,EAAE,EAAE;QAC/E,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;YAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,SAAS,IAAI,EAAE,CAAC,CAAC;QAC7E,CAAC,EAAE,SAAS,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;QAC5E,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/D,CAAC;YAAS,CAAC;QACT,IAAI,SAAS,EAAE,CAAC;YACd,YAAY,CAAC,SAAS,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CACjB,IAA6B;IAE7B,OAAO,OAAO,IAAI,CAAC,OAAO,KAAK,UAAU,CAAC;AAC5C,CAAC;AAED,SAAS,SAAS,CAChB,IAA6B;IAE7B,OAAO,OAAO,IAAI,CAAC,MAAM,KAAK,UAAU,CAAC;AAC3C,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,UAAU,iBAAiB,CAC9B,IAAY,EACZ,IAAe,EACf,OAAsB,EACtB,SAAgC,EAChC,iBAAyB;IAEzB,MAAM,gBAAgB,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAE9C,MAAM,KAAK,GAAG,OAAO,UAAU,EAAE,EAAE,CAAC;IACpC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;QACnC,MAAM,EAAE,WAAW;QACnB,QAAQ,EAAE,IAAI;QACd,IAAI;QACJ,KAAK;KACN,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,IAAI,oBAAoB,CAAC,SAAS,IAAI,cAAc,QAAQ,CAAC,MAAM,IAAI,QAAQ,EAAE,CAAC,CAAC;IAC3F,CAAC;IAED,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,aAAa,GAAG,MAAM,0BAA0B,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,iBAAiB,CAAC,CAAC;QAChG,IAAI,aAAa,CAAC,MAAM,EAAE,CAAC;YACzB,MAAM,IAAI,oBAAoB,CAC5B,0BAA0B,IAAI,MAAM,aAAa,CAAC,MAAM,IAAI,UAAU,EAAE,CACzE,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CACrB,IAAY,EACZ,IAA6B,EAC7B,OAAsB,EACtB,OAA4B;IAE5B,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,2BAA2B,CAAC;IACnF,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;IAEpC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACrB,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;YAC1C,MAAM,iBAAiB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;YAC3E,OAAO,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC;IACJ,CAAC;SAAM,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;YACzC,MAAM,iBAAiB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;YAC3E,OAAO,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC;QACjC,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAC1B,KAAa,EACb,OAA4B;IAE5B,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjD,cAAc,CAAC,IAAI,EAAE,IAA+B,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IACxF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/types/core/gateway-resolver.d.ts

@@ -14,7 +14,9 @@
  *      as deprecated aliases (a one-time warning is logged when a legacy name
  *      supplies the value)
  *   3. Config file (~/.aasm/config.yaml, optional js-yaml soft dep)
- *   4. Local default: probe http://localhost:7391, auto-start if absent
+ *   4. Local default: probe http://localhost:7391; when absent, auto-start the
+ *      local `aasm` gateway ONLY if `AA_AUTO_START` is opted in and the binary
+ *      resolves to an allow-listed install dir — otherwise raise an error.
  */
 export declare const DEFAULT_GATEWAY_URL = "http://localhost:7391";
 export declare const DEFAULT_HEALTHZ_PATH = "/healthz";
@@ -23,6 +25,21 @@ export declare const DEFAULT_AUTO_START_TIMEOUT_MS = 5000;
 export declare const DEFAULT_CONFIG_FILE_PATH = "~/.aasm/config.yaml";
 export declare const ENV_GATEWAY_URL = "AA_GATEWAY_URL";
 export declare const ENV_API_KEY = "AA_API_KEY";
+/**
+ * Opt-in gate for auto-starting a local gateway. Auto-start spawns the `aasm`
+ * binary resolved from `$PATH`, so it is gated behind an explicit opt-in rather
+ * than running silently: a `$PATH` entry an attacker can write to would
+ * otherwise be executed by any process that calls `initAssembly()`. Set to
+ * `1`/`true`/`yes` to permit auto-start.
+ */
+export declare const ENV_AUTO_START = "AA_AUTO_START";
+/**
+ * Throw {@link ConfigurationError} unless `aasmPath` is an absolute path inside
+ * an allow-listed install directory (see {@link allowedInstallDirs}). This is
+ * the integrity gate for the auto-start subprocess — without it the SDK would
+ * execute whatever `aasm` happened to be first on `$PATH`.
+ */
+export declare function assertAllowedAasmPath(aasmPath: string): void;
 /**
  * Deprecated environment-variable names, kept as backwards-compatible aliases.
  *

package/dist/types/core/gateway-resolver.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"gateway-resolver.d.ts","sourceRoot":"","sources":["../../../src/core/gateway-resolver.ts"],"names":[],"mappings":"AAOA;;;;;;;;;;;;;;;;;GAiBG;AAEH,eAAO,MAAM,mBAAmB,0BAA0B,CAAC;AAC3D,eAAO,MAAM,oBAAoB,aAAa,CAAC;AAC/C,eAAO,MAAM,wBAAwB,MAAM,CAAC;AAC5C,eAAO,MAAM,6BAA6B,OAAO,CAAC;AAClD,eAAO,MAAM,wBAAwB,wBAAwB,CAAC;AAE9D,eAAO,MAAM,eAAe,mBAAmB,CAAC;AAChD,eAAO,MAAM,WAAW,eAAe,CAAC;AAExC;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,sBAAsB,CAAC;AAC1D,eAAO,MAAM,kBAAkB,kBAAkB,CAAC;AAoClD,eAAO,MAAM,oBAAoB,uDAAwD,CAAC;AAE1F;;;;;;;GAOG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAiC,GAC3C,OAAO,CAAC,OAAO,CAAC,CAgBlB;AAED;;;;;;;GAOG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAsC,EACjD,cAAc,GAAE,MAAY,GAC3B,OAAO,CAAC,OAAO,CAAC,CASlB;AAMD;;;;;;;GAOG;AACH,wBAAsB,cAAc,CAClC,UAAU,GAAE,MAAiC,GAC5C,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAwBlC;AAED,iBAAS,qBAAqB,IAAI,MAAM,GAAG,IAAI,CAY9C;AAED,iBAAS,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMhD;AAeD,eAAO,MAAM,SAAS;;;;;;;;kCAEQ,IAAI;CAGjC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,GAAE,MAA4B,EACrC,SAAS,GAAE,MAAsC,GAChD,OAAO,CAAC,IAAI,CAAC,CAiBf;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAmB1E;AAED;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CActE"}
+{"version":3,"file":"gateway-resolver.d.ts","sourceRoot":"","sources":["../../../src/core/gateway-resolver.ts"],"names":[],"mappings":"AAOA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,eAAO,MAAM,mBAAmB,0BAA0B,CAAC;AAC3D,eAAO,MAAM,oBAAoB,aAAa,CAAC;AAC/C,eAAO,MAAM,wBAAwB,MAAM,CAAC;AAC5C,eAAO,MAAM,6BAA6B,OAAO,CAAC;AAClD,eAAO,MAAM,wBAAwB,wBAAwB,CAAC;AAE9D,eAAO,MAAM,eAAe,mBAAmB,CAAC;AAChD,eAAO,MAAM,WAAW,eAAe,CAAC;AAExC;;;;;;GAMG;AACH,eAAO,MAAM,cAAc,kBAAkB,CAAC;AA2B9C;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAgB5D;AAED;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,sBAAsB,CAAC;AAC1D,eAAO,MAAM,kBAAkB,kBAAkB,CAAC;AAoClD,eAAO,MAAM,oBAAoB,uDAAwD,CAAC;AAE1F;;;;;;;GAOG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAiC,GAC3C,OAAO,CAAC,OAAO,CAAC,CAgBlB;AAED;;;;;;;GAOG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAsC,EACjD,cAAc,GAAE,MAAY,GAC3B,OAAO,CAAC,OAAO,CAAC,CASlB;AAUD;;;;;;;GAOG;AACH,wBAAsB,cAAc,CAClC,UAAU,GAAE,MAAiC,GAC5C,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAwBlC;AAED,iBAAS,qBAAqB,IAAI,MAAM,GAAG,IAAI,CAY9C;AAED,iBAAS,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMhD;AAeD,eAAO,MAAM,SAAS;;;;;;;;kCAEQ,IAAI;CAGjC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,GAAE,MAA4B,EACrC,SAAS,GAAE,MAAsC,GAChD,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA8B1E;AAED;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CActE"}

package/dist/types/core/init-assembly.d.ts

@@ -1,12 +1,13 @@
 import type { Adapter } from "../adapters/adapter.js";
 import { type GatewayClient } from "../gateway/client.js";
+import { type NativeClient } from "../native/client.js";
 import type { AssemblyConfig } from "../types/assembly-config.js";
 import type { AssemblyContext } from "../types/assembly-context.js";
 /** Env-var fallback for ``gatewayUrl`` read at ``initAssembly`` entry. */
 export declare const ENV_GATEWAY_URL = "AA_GATEWAY_URL";
 /** Env-var fallback for ``controlPlaneUrl`` read at ``initAssembly`` entry. */
 export declare const ENV_CONTROL_PLANE_URL = "AA_CONTROL_PLANE_URL";
-export declare function createClient(config: AssemblyConfig): GatewayClient;
+export declare function createClient(config: AssemblyConfig, nativeClientOverride?: NativeClient): GatewayClient;
 export declare function detectFrameworks(): string[];
 export declare function registerAdapters(frameworks: readonly string[]): Promise<Adapter[]>;
 export declare function startNetworkLayerIfNeeded(client: GatewayClient, config: AssemblyConfig): Promise<void>;

package/dist/types/core/init-assembly.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"init-assembly.d.ts","sourceRoot":"","sources":["../../../src/core/init-assembly.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAKtD,OAAO,EAA2B,KAAK,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAEnF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAmBpE,0EAA0E;AAC1E,eAAO,MAAM,eAAe,mBAAmB,CAAC;AAChD,+EAA+E;AAC/E,eAAO,MAAM,qBAAqB,yBAAyB,CAAC;AAgB5D,wBAAgB,YAAY,CAAC,MAAM,EAAE,cAAc,GAAG,aAAa,CAUlE;AAWD,wBAAgB,gBAAgB,IAAI,MAAM,EAAE,CAoB3C;AASD,wBAAsB,gBAAgB,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAMxF;AAED,wBAAsB,yBAAyB,CAC7C,MAAM,EAAE,aAAa,EACrB,MAAM,EAAE,cAAc,GACrB,OAAO,CAAC,IAAI,CAAC,CAMf;AA0GD,wBAAsB,YAAY,CAAC,MAAM,GAAE,cAAmB,GAAG,OAAO,CAAC,eAAe,CAAC,CA+ExF"}
+{"version":3,"file":"init-assembly.d.ts","sourceRoot":"","sources":["../../../src/core/init-assembly.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAKtD,OAAO,EAGL,KAAK,aAAa,EACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAEL,KAAK,YAAY,EAElB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAqBpE,0EAA0E;AAC1E,eAAO,MAAM,eAAe,mBAAmB,CAAC;AAChD,+EAA+E;AAC/E,eAAO,MAAM,qBAAqB,yBAAyB,CAAC;AAiD5D,wBAAgB,YAAY,CAC1B,MAAM,EAAE,cAAc,EACtB,oBAAoB,CAAC,EAAE,YAAY,GAClC,aAAa,CA+Cf;AAWD,wBAAgB,gBAAgB,IAAI,MAAM,EAAE,CAoB3C;AASD,wBAAsB,gBAAgB,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAMxF;AAED,wBAAsB,yBAAyB,CAC7C,MAAM,EAAE,aAAa,EACrB,MAAM,EAAE,cAAc,GACrB,OAAO,CAAC,IAAI,CAAC,CAMf;AAsLD,wBAAsB,YAAY,CAAC,MAAM,GAAE,cAAmB,GAAG,OAAO,CAAC,eAAe,CAAC,CAqFxF"}

package/dist/types/core/redact.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Secret-redaction helpers for diagnostic / log output (AAASM-3645).
+ *
+ * The resolved `apiKey` and the proto `credentialToken` must never reach
+ * `console.*` or an accidental `JSON.stringify` dump. These helpers give the
+ * SDK a single, audited way to render config/diagnostics for logging with the
+ * credential fields stripped.
+ *
+ * NOTE: the generated `CheckActionRequest.toJSON()` (src/proto/generated) is
+ * wire-only — it serializes `credentialToken` for transport and must never be
+ * passed to a logger. Use {@link redactSecrets} on any object you intend to log.
+ */
+/** Placeholder substituted for any redacted credential value. */
+export declare const REDACTED = "<redacted>";
+/**
+ * Return a deep copy of `value` with every credential-bearing field replaced by
+ * {@link REDACTED}, safe to pass to `console.*` / `JSON.stringify`. Matching is
+ * case-insensitive on the key name. Non-object inputs are returned unchanged.
+ */
+export declare function redactSecrets(value: unknown): unknown;
+/**
+ * Render an unknown error for a log message with any `Bearer <token>` / API-key
+ * substring scrubbed. Defends the registration-failure warning path: a wrapped
+ * transport error could in principle carry an auth header in its message, so we
+ * strip the bearer credential before it reaches `console.*` (AAASM-3645).
+ */
+export declare function redactErrorMessage(error: unknown): string;
+//# sourceMappingURL=redact.d.ts.map

package/dist/types/core/redact.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redact.d.ts","sourceRoot":"","sources":["../../../src/core/redact.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAgBH,iEAAiE;AACjE,eAAO,MAAM,QAAQ,eAAe,CAAC;AAErC;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAYrD;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMzD"}

package/dist/types/gateway/client.d.ts

@@ -1,5 +1,6 @@
 import type { GatewayApprovalResult, GatewayCheckRequest, GatewayDecision, GatewayPromptScan, GatewayRecordEvent, GatewayResultRecord } from "../types/gateway-governance.js";
 import type { AssemblyMode } from "../types/assembly-mode.js";
+import type { NativeClient } from "../native/client.js";
 export interface GatewayClient {
     readonly mode: AssemblyMode;
     /**
@@ -17,4 +18,20 @@ export interface GatewayClient {
     scanPrompts: (scan: GatewayPromptScan) => Promise<void>;
 }
 export declare function createNoopGatewayClient(mode: AssemblyMode, httpBaseUrl?: string): GatewayClient;
+/**
+ * Gateway client backed by the in-process native runtime (AAASM-3050).
+ *
+ * `check()` asks a reachable `aa-runtime` for an authoritative verdict via the
+ * native `queryPolicy` primitive and maps it onto a `GatewayDecision`:
+ *   - `deny`    → `{ denied: true }`  (the wrapper throws `PolicyViolationError`)
+ *   - `pending` → `{ pending: true }` (routes to the approval path)
+ *   - allow / redact / unspecified → `{ denied: false }`
+ *
+ * **Fail-open (security-critical):** the SDK is advisory, not a security
+ * boundary. The native primitive already returns `allow` when the runtime is
+ * unreachable or too slow; on top of that, any local fault while querying is
+ * swallowed here and resolves neutral, so a missing or degraded runtime never
+ * blocks the agent. The proxy / eBPF layers remain authoritative.
+ */
+export declare function createNativeGatewayClient(mode: AssemblyMode, nativeClient: NativeClient, agentId?: string, httpBaseUrl?: string): GatewayClient;
 //# sourceMappingURL=client.d.ts.map

package/dist/types/gateway/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/gateway/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,qBAAqB,EACrB,mBAAmB,EACnB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACpB,MAAM,gCAAgC,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAE9D,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,KAAK,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;IAClE,eAAe,EAAE,CACf,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,KACd,OAAO,CAAC,qBAAqB,CAAC,CAAC;IACpC,MAAM,EAAE,CAAC,KAAK,EAAE,kBAAkB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,YAAY,EAAE,CAAC,MAAM,EAAE,mBAAmB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7D,WAAW,EAAE,CAAC,IAAI,EAAE,iBAAiB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACzD;AAED,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,YAAY,EAClB,WAAW,CAAC,EAAE,MAAM,GACnB,aAAa,CAYf"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/gateway/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,qBAAqB,EACrB,mBAAmB,EACnB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACpB,MAAM,gCAAgC,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,KAAK,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;IAClE,eAAe,EAAE,CACf,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,KACd,OAAO,CAAC,qBAAqB,CAAC,CAAC;IACpC,MAAM,EAAE,CAAC,KAAK,EAAE,kBAAkB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACrD,YAAY,EAAE,CAAC,MAAM,EAAE,mBAAmB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7D,WAAW,EAAE,CAAC,IAAI,EAAE,iBAAiB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACzD;AAED,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,YAAY,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,aAAa,CAY/F;AAwBD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,YAAY,EAClB,YAAY,EAAE,YAAY,EAC1B,OAAO,CAAC,EAAE,MAAM,EAChB,WAAW,CAAC,EAAE,MAAM,GACnB,aAAa,CA0Bf"}

package/dist/types/gateway/index.d.ts

@@ -1,3 +1,3 @@
-export { createNoopGatewayClient } from "./client.js";
+export { createNativeGatewayClient, createNoopGatewayClient } from "./client.js";
 export type { GatewayClient } from "./client.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/types/gateway/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/gateway/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/gateway/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,yBAAyB,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AACjF,YAAY,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC"}

package/dist/types/hooks/ai-sdk.d.ts

@@ -6,7 +6,20 @@ export interface VercelAiSdkModule {
 export interface VercelAiSdkPatchState {
     isPatched: boolean;
     originalToolFactory: VercelAiToolFactory | undefined;
+    /**
+     * The module object whose `tool` factory is governed. When the loaded `ai`
+     * package is a real ES module its namespace is frozen (assignment to a named
+     * export throws), so this is a mutable **shim copy** (`{ ...module, tool:
+     * governed }`) rather than the frozen original — see `applyGovernedToolFactory`.
+     */
     patchedModule: VercelAiSdkModule | undefined;
+    /**
+     * True only when `tool` was assigned back onto the loaded module object (a
+     * writable plain object); false when a frozen ESM namespace forced a shim copy.
+     * Governs whether `unpatchVercelAiSdk` writes the original factory back —
+     * there is nothing to restore on the frozen original in the shim case.
+     */
+    mutatedOriginal: boolean;
 }
 export declare const vercelAiSdkPatchState: VercelAiSdkPatchState;
 export declare function captureOriginalToolFactory(module: VercelAiSdkModule): VercelAiToolFactory | undefined;

package/dist/types/hooks/ai-sdk.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ai-sdk.d.ts","sourceRoot":"","sources":["../../../src/hooks/ai-sdk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAEV,4BAA4B,EAC5B,mBAAmB,EACpB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAI1D,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,mBAAmB,CAAC;CAC3B;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,OAAO,CAAC;IACnB,mBAAmB,EAAE,mBAAmB,GAAG,SAAS,CAAC;IACrD,aAAa,EAAE,iBAAiB,GAAG,SAAS,CAAC;CAC9C;AAED,eAAO,MAAM,qBAAqB,EAAE,qBAInC,CAAC;AAEF,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,iBAAiB,GACxB,mBAAmB,GAAG,SAAS,CAWjC;AAED,MAAM,WAAW,2BAA2B;IAC1C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,6GAA6G;IAC7G,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,2BAA2B,CACzC,aAAa,EAAE,aAAa,EAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,OAAO,GACd,IAAI,CAEN;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,EACjD,eAAe,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,4BAA4B,KAAK,OAAO,CAAC,OAAO,CAAC,EACzF,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,2BAA2B,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,gBAAgB,EAAE,4BAA4B,KAAK,OAAO,CAAC,OAAO,CAAC,CAsDnF;AAED,MAAM,WAAW,+BAA+B;IAC9C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,wBAAwB,CACtC,mBAAmB,EAAE,mBAAmB,EACxC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,+BAA+B,GACvC,mBAAmB,CAsBrB;AAED,MAAM,WAAW,uBAAuB;IACtC,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,iBAAiB,GAAG,SAAS,CAAC,CAAC;CAC3D;AAYD,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,uBAAuB,GAC/B,OAAO,CAAC,OAAO,CAAC,CA4BlB;AAED,wBAAgB,kBAAkB,IAAI,OAAO,CAgB5C"}
+{"version":3,"file":"ai-sdk.d.ts","sourceRoot":"","sources":["../../../src/hooks/ai-sdk.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAEV,4BAA4B,EAC5B,mBAAmB,EACpB,MAAM,+BAA+B,CAAC;AACvC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAI1D,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,mBAAmB,CAAC;CAC3B;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,OAAO,CAAC;IACnB,mBAAmB,EAAE,mBAAmB,GAAG,SAAS,CAAC;IACrD;;;;;OAKG;IACH,aAAa,EAAE,iBAAiB,GAAG,SAAS,CAAC;IAC7C;;;;;OAKG;IACH,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,eAAO,MAAM,qBAAqB,EAAE,qBAKnC,CAAC;AAEF,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,iBAAiB,GACxB,mBAAmB,GAAG,SAAS,CASjC;AAED,MAAM,WAAW,2BAA2B;IAC1C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,6GAA6G;IAC7G,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,2BAA2B,CACzC,aAAa,EAAE,aAAa,EAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,OAAO,GACd,IAAI,CAEN;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,EACjD,eAAe,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,4BAA4B,KAAK,OAAO,CAAC,OAAO,CAAC,EACzF,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,2BAA2B,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,gBAAgB,EAAE,4BAA4B,KAAK,OAAO,CAAC,OAAO,CAAC,CAsDnF;AAED,MAAM,WAAW,+BAA+B;IAC9C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,wBAAwB,CACtC,mBAAmB,EAAE,mBAAmB,EACxC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,+BAA+B,GACvC,mBAAmB,CAsBrB;AAED,MAAM,WAAW,uBAAuB;IACtC,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,iBAAiB,GAAG,SAAS,CAAC,CAAC;CAC3D;AA6CD,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,uBAAuB,GAC/B,OAAO,CAAC,OAAO,CAAC,CAmClB;AAED,wBAAgB,kBAAkB,IAAI,OAAO,CAsB5C"}

package/dist/types/hooks/langchain.d.ts

@@ -1,3 +1,14 @@
 import type { NativeClient } from "../native/client.js";
+/**
+ * Intentional no-op stub: native-transport LangChain patching is not
+ * implemented. LangChain enforcement is performed in the SDK's callback layer
+ * (post-execution redaction) and wrapper layer (pre-execution deny) wired by
+ * `initAssembly`, not through this native hook — so there is nothing to patch
+ * here yet. Returns `false` (nothing patched) for every mode.
+ *
+ * The `client` parameter is retained to keep the adapter-registry hook
+ * signature (and the public `patchLangChain` export) uniform with the other
+ * `patch*` hooks; it is deliberately unused until native patching lands.
+ */
 export declare function patchLangChain(client: NativeClient): Promise<boolean>;
 //# sourceMappingURL=langchain.d.ts.map

package/dist/types/hooks/langchain.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"langchain.d.ts","sourceRoot":"","sources":["../../../src/hooks/langchain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExD,wBAAsB,cAAc,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,CAK3E"}
+{"version":3,"file":"langchain.d.ts","sourceRoot":"","sources":["../../../src/hooks/langchain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExD;;;;;;;;;;GAUG;AAEH,wBAAsB,cAAc,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,CAE3E"}

package/dist/types/hooks/mastra.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mastra.d.ts","sourceRoot":"","sources":["../../../src/hooks/mastra.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE;QACT,QAAQ,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KACrD,CAAC;CACH;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE;QACT,OAAO,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KACpD,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,gBAAgB,CAAC;IACxB,QAAQ,CAAC,EAAE,mBAAmB,CAAC;CAChC;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,OAAO,CAAC;IACnB,gBAAgB,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IACzE,eAAe,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IACxE,iBAAiB,EAAE,gBAAgB,GAAG,SAAS,CAAC;IAChD,oBAAoB,EAAE,mBAAmB,GAAG,SAAS,CAAC;CACvD;AAED,eAAO,MAAM,gBAAgB,EAAE,gBAM9B,CAAC;AAEF,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CAAC;CACtD;AAYD,wBAAsB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2D/E;AAED,wBAAgB,aAAa,IAAI,OAAO,CAkBvC"}
+{"version":3,"file":"mastra.d.ts","sourceRoot":"","sources":["../../../src/hooks/mastra.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE;QACT,QAAQ,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KACrD,CAAC;CACH;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE;QACT,OAAO,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KACpD,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,gBAAgB,CAAC;IACxB,QAAQ,CAAC,EAAE,mBAAmB,CAAC;CAChC;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,OAAO,CAAC;IACnB,gBAAgB,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IACzE,eAAe,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IACxE,iBAAiB,EAAE,gBAAgB,GAAG,SAAS,CAAC;IAChD,oBAAoB,EAAE,mBAAmB,GAAG,SAAS,CAAC;CACvD;AAED,eAAO,MAAM,gBAAgB,EAAE,gBAM9B,CAAC;AAEF,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CAAC;CACtD;AAYD,wBAAsB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CA+D/E;AAED,wBAAgB,aAAa,IAAI,OAAO,CAkBvC"}

package/dist/types/hooks/openai-agents.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"openai-agents.d.ts","sourceRoot":"","sources":["../../../src/hooks/openai-agents.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,sBAAsB,EACtB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC3B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAG1D,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE;QACT,QAAQ,CAAC,EAAE,mBAAmB,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,mBAAmB,GAAG,SAAS,CAAC;IACjD,iBAAiB,EAAE,sBAAsB,GAAG,SAAS,CAAC;CACvD;AAED,eAAO,MAAM,sBAAsB,EAAE,sBAIpC,CAAC;AAEF,wBAAgB,sBAAsB,CACpC,UAAU,EAAE,sBAAsB,GACjC,mBAAmB,GAAG,SAAS,CAWjC;AAED,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,oBAAoB,GAAG,OAAO,CAM9E;AAED,MAAM,WAAW,mCAAmC;IAClD,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;CAC3B;AAED,wBAAgB,8BAA8B,CAC5C,OAAO,EAAE,sBAAsB,GAAG,SAAS,GAC1C,mCAAmC,CAKrC;AAED,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,MAAM,EAAE,MAAM,GACb,0BAA0B,CAG5B;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAYjD;AAED,wBAAgB,2BAA2B,CACzC,aAAa,EAAE,aAAa,EAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,OAAO,GACd,IAAI,CAEN;AAED,MAAM,WAAW,2BAA2B;IAC1C,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAgB,oBAAoB,CAClC,eAAe,EAAE,mBAAmB,EACpC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,2BAA2B,GACnC,mBAAmB,CA2DrB;AAED,MAAM,WAAW,wBAAwB;IACvC,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,OAAO,CAAC,sBAAsB,GAAG,SAAS,CAAC,CAAC;CACpE;AAgBD,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,OAAO,CAAC,CA2BlB;AAED,wBAAgB,mBAAmB,IAAI,OAAO,CAgB7C"}
+{"version":3,"file":"openai-agents.d.ts","sourceRoot":"","sources":["../../../src/hooks/openai-agents.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,sBAAsB,EACtB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC3B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAG1D,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE;QACT,QAAQ,CAAC,EAAE,mBAAmB,CAAC;KAChC,CAAC;CACH;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,mBAAmB,GAAG,SAAS,CAAC;IACjD,iBAAiB,EAAE,sBAAsB,GAAG,SAAS,CAAC;CACvD;AAED,eAAO,MAAM,sBAAsB,EAAE,sBAIpC,CAAC;AAEF,wBAAgB,sBAAsB,CACpC,UAAU,EAAE,sBAAsB,GACjC,mBAAmB,GAAG,SAAS,CASjC;AAED,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,oBAAoB,GAAG,OAAO,CAM9E;AAED,MAAM,WAAW,mCAAmC;IAClD,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;CAC3B;AAED,wBAAgB,8BAA8B,CAC5C,OAAO,EAAE,sBAAsB,GAAG,SAAS,GAC1C,mCAAmC,CAKrC;AAED,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,MAAM,EAAE,MAAM,GACb,0BAA0B,CAG5B;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAYjD;AAED,wBAAgB,2BAA2B,CACzC,aAAa,EAAE,aAAa,EAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,OAAO,GACd,IAAI,CAEN;AAED,MAAM,WAAW,2BAA2B;IAC1C,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAgB,oBAAoB,CAClC,eAAe,EAAE,mBAAmB,EACpC,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,2BAA2B,GACnC,mBAAmB,CA2DrB;AAED,MAAM,WAAW,wBAAwB;IACvC,aAAa,EAAE,aAAa,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,OAAO,CAAC,sBAAsB,GAAG,SAAS,CAAC,CAAC;CACpE;AAgBD,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,OAAO,CAAC,CA2BlB;AAED,wBAAgB,mBAAmB,IAAI,OAAO,CAgB7C"}

package/dist/types/index.d.ts

@@ -1,6 +1,9 @@
 export { initAssembly } from "./core/init-assembly.js";
 export { withAssembly } from "./wrappers/index.js";
-export type { WithAssemblyOptions } from "./wrappers/index.js";
+export type { OpControl, WithAssemblyOptions } from "./wrappers/index.js";
+export { OpControlSubscriber } from "./op-control.js";
+export type { OpControlClient, OpControlSubscriberOptions } from "./op-control.js";
+export { OpTerminatedError } from "./errors/op-terminated-error.js";
 export type { AssemblyConfig, AssemblyContext, AssemblyMode, AuditEvent, CallStackNode, CallStackNodeKind, EnforcementMode, ToolMap } from "./types/index.js";
 export { ENFORCEMENT_MODES } from "./types/index.js";
 export { decodeAuditEvent, decodeCallStackNode, encodeAuditEvent, encodeCallStackNode } from "./audit/index.js";

package/dist/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,YAAY,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,YAAY,EACV,cAAc,EACd,eAAe,EACf,YAAY,EACZ,UAAU,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,OAAO,EACR,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,gBAAgB,EAChB,mBAAmB,EACpB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAMpE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC5D,YAAY,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,YAAY,EACV,qBAAqB,EACrB,mBAAmB,EACnB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACpB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAKzD,cAAc,kBAAkB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,YAAY,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAK1E,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,YAAY,EACV,eAAe,EACf,0BAA0B,EAC3B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,YAAY,EACV,cAAc,EACd,eAAe,EACf,YAAY,EACZ,UAAU,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,OAAO,EACR,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,gBAAgB,EAChB,mBAAmB,EACpB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAMpE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC5D,YAAY,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,YAAY,EACV,qBAAqB,EACrB,mBAAmB,EACnB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACpB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAKzD,cAAc,kBAAkB,CAAC"}

package/dist/types/native/client.d.ts

@@ -4,6 +4,35 @@ export interface PolicyResult {
     pending?: boolean;
     reason?: string;
 }
+/**
+ * Options for the native `register` primitive (AAASM-3400). `agentId` is the
+ * identity the gateway registers; `name` / `framework` are descriptive
+ * metadata; `gatewayEndpoint` overrides the gateway gRPC endpoint.
+ *
+ * `teamId` and `parentAgentId` carry the agent's lineage/team scoping to the
+ * gateway on register (AAASM-3415): `teamId` drives team-budget attribution and
+ * `parentAgentId` the topology graph. Both optional — omit for a team-unscoped
+ * / root agent.
+ */
+export interface RegisterOptions {
+    agentId: string;
+    name: string;
+    framework: string;
+    gatewayEndpoint?: string;
+    teamId?: string;
+    parentAgentId?: string;
+}
+/**
+ * Resolve the installed `@agent-assembly/sdk` package version, or `undefined`.
+ *
+ * Forwarded into the native `connect` so the user-facing npm package version —
+ * not the shared `aa-sdk-client` crate version — is what gets signed into the
+ * runtime handshake, giving accurate downgrade detection (AAASM-3683).
+ * `undefined` lets the native shim fall back to the crate version (no
+ * regression vs AAASM-3666). Uses `createRequire(<cwd>/package.json)`, the same
+ * ESM/CJS-safe pattern as the native-binding and runtime-binary resolvers.
+ */
+export declare function resolveSdkVersion(): string | undefined;
 export declare class NativeConnectError extends Error {
     readonly code = "AA_ERR_CONNECT";
 }
@@ -13,6 +42,9 @@ export declare class NativeSendEventError extends Error {
 export declare class NativeQueryPolicyError extends Error {
     readonly code = "AA_ERR_QUERY_POLICY";
 }
+export declare class NativeRegisterError extends Error {
+    readonly code = "AA_ERR_REGISTER";
+}
 export declare class NativeDisconnectError extends Error {
     readonly code = "AA_ERR_DISCONNECT";
 }
@@ -21,6 +53,18 @@ export interface NativeClient {
     close: () => Promise<void>;
     sendEvent: (event: unknown) => void;
     queryPolicy: (action: unknown) => Promise<PolicyResult>;
+    /**
+     * Register this agent with the governance gateway over the native
+     * SDK→gateway gRPC call (AAASM-3400). The token the gateway issues is stored
+     * on the underlying session and attached to every subsequent
+     * {@link queryPolicy} request, so the gateway does not deny a registered
+     * agent. Returns the assigned policy id.
+     *
+     * **Advisory:** like the rest of the SDK this is not a security boundary. A
+     * failed registration surfaces as a typed error; callers may proceed
+     * unregistered (the proxy / eBPF layers remain authoritative).
+     */
+    register: (options: RegisterOptions) => Promise<string>;
 }
 export declare function createNativeClient(options: InitAssemblyOptions): NativeClient;
 //# sourceMappingURL=client.d.ts.map

package/dist/types/native/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/native/client.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE9D,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAqBD,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,QAAQ,CAAC,IAAI,oBAAiB;CAC/B;AAED,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,QAAQ,CAAC,IAAI,uBAAoB;CAClC;AAED,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,QAAQ,CAAC,IAAI,yBAAsB;CACpC;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,QAAQ,CAAC,IAAI,uBAAoB;CAClC;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,IAAI,EAAE,cAAc,GAAG,gBAAgB,CAAC;IACjD,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,IAAI,CAAC;IACpC,WAAW,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;CACzD;AAgED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,mBAAmB,GAAG,YAAY,CAyF7E"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/native/client.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE9D,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAaD;;;;;;;;;GASG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAUD;;;;;;;;;GASG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,GAAG,SAAS,CAQtD;AAcD,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,QAAQ,CAAC,IAAI,oBAAiB;CAC/B;AAED,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,QAAQ,CAAC,IAAI,uBAAoB;CAClC;AAED,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,QAAQ,CAAC,IAAI,yBAAsB;CACpC;AAED,qBAAa,mBAAoB,SAAQ,KAAK;IAC5C,QAAQ,CAAC,IAAI,qBAAkB;CAChC;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,QAAQ,CAAC,IAAI,uBAAoB;CAClC;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,IAAI,EAAE,cAAc,GAAG,gBAAgB,CAAC;IACjD,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,IAAI,CAAC;IACpC,WAAW,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC;IACxD;;;;;;;;;;OAUG;IACH,QAAQ,EAAE,CAAC,OAAO,EAAE,eAAe,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CACzD;AAmFD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,mBAAmB,GAAG,YAAY,CAiH7E"}

package/dist/types/op-control.d.ts

@@ -19,9 +19,9 @@
  *   - Auto-wiring into the existing `GatewayClient` / adapter hooks
  *     (separate sub-task when the adapter surface is stable).
  */
-import { type ChannelCredentials, type ClientReadableStream } from "@grpc/grpc-js";
+import type { ChannelCredentials, ClientReadableStream } from "@grpc/grpc-js";
 import type { AgentId } from "./proto/generated/common.js";
-import { OpControlMessage } from "./proto/generated/policy.js";
+import type { OpControlMessage } from "./proto/generated/policy.js";
 /** Strip of the gRPC stub method the subscriber actually needs. Lets tests
  * mock the gRPC layer without standing up a server.
  */
@@ -36,24 +36,86 @@ export interface OpControlSubscriberOptions {
     orgId: string;
     teamId: string;
     agentId: string;
-    /** Optional credentials override; defaults to insecure (matches PR-D's
-     * dev-mode gateway). Use `grpc.credentials.createSsl(...)` in prod.
+    /** Explicit credentials override. When supplied it is used verbatim and the
+     * loopback / `allowInsecure` defaulting below is bypassed — the caller has
+     * taken full responsibility for the transport (e.g. `createSsl(...)` with a
+     * custom CA, or `createInsecure()` for an in-cluster sidecar).
      */
     credentials?: ChannelCredentials;
+    /**
+     * Permit a plaintext (`createInsecure`) channel to a **non-loopback**
+     * gateway. Off by default: control-plane signals (pause / terminate) and the
+     * agent identity triple travel this stream, so an unencrypted channel to a
+     * remote host is opt-in only. Loopback targets stay plaintext without this
+     * flag (local dev-mode gateway). Ignored when `credentials` is set.
+     */
+    allowInsecure?: boolean;
     /** Test seam — when supplied, skips opening a real gRPC channel and uses
      * this client directly. Used by the vitest tests.
      */
     clientFactory?: () => OpControlClient;
 }
+/**
+ * Extract the bare host from a gRPC target (`host:port`, a bare host, or a
+ * URL-style `scheme://host:port`). Returns the lowercased host with any
+ * surrounding IPv6 brackets preserved so it can be matched against
+ * {@link LOOPBACK_HOSTS}.
+ */
+export declare function gatewayHostOf(gatewayUrl: string): string;
+/**
+ * The slice of `@grpc/grpc-js`'s `credentials` namespace this module needs.
+ * Injected into {@link resolveOpControlCredentials} so that module stays free of
+ * a top-level grpc import — the real namespace is `await import`ed on connect.
+ */
+export interface GrpcCredentialsFactory {
+    createInsecure: () => ChannelCredentials;
+    createSsl: () => ChannelCredentials;
+}
+/**
+ * Pick channel credentials for the op-control stream, secure by default.
+ *
+ * Precedence: an explicit `credentials` override wins; otherwise a loopback
+ * target gets plaintext (local dev gateway), a remote target gets TLS, and a
+ * remote target is only allowed plaintext when the caller sets `allowInsecure`.
+ *
+ * `grpcCredentials` is injected (rather than imported at module scope) so this
+ * module does not eagerly load `@grpc/grpc-js` — see the module header. The
+ * real-connect path passes the lazily-imported `credentials` namespace.
+ *
+ * @throws never — returns the chosen {@link ChannelCredentials}.
+ */
+export declare function resolveOpControlCredentials(gatewayUrl: string, opts: Pick<OpControlSubscriberOptions, "credentials" | "allowInsecure">, grpcCredentials: GrpcCredentialsFactory): ChannelCredentials;
 export declare class OpControlSubscriber {
-    private readonly client;
+    /**
+     * `null` until the channel is opened. On the test-seam (`clientFactory`) path
+     * it is set synchronously in {@link connect}; on the real-connect path it is
+     * set asynchronously once `@grpc/grpc-js` + `PolicyServiceClient` have been
+     * lazily imported (see {@link openRealChannel}).
+     */
+    private client;
     private readonly agent;
     private readonly ops;
     private call;
     private alive;
+    /** Set once {@link close} is called before the async channel finishes opening. */
+    private closed;
     private constructor();
-    /** Open the gRPC channel + subscription stream and start the reader. */
+    /**
+     * Open the gRPC channel + subscription stream and start the reader.
+     *
+     * Returns synchronously. On the real-connect path the channel is opened
+     * asynchronously — `@grpc/grpc-js` and `PolicyServiceClient` are loaded lazily
+     * (`await import`) so that importing this module never eagerly pulls grpc (see
+     * the module header). The test seam (`clientFactory`) opens synchronously and
+     * never touches grpc.
+     */
     static connect(gatewayUrl: string, opts: OpControlSubscriberOptions): OpControlSubscriber;
+    /**
+     * Lazily import grpc + the policy client, build the real client, and start the
+     * reader. Kept off the module's import graph so `import '@agent-assembly/sdk'`
+     * stays grpc-free until a subscriber actually opens a live channel.
+     */
+    private openRealChannel;
     /** Open the stream and wire reader handlers. Public so tests can call
      * directly after constructing with a hand-rolled client.
      */
@@ -79,7 +141,9 @@ export declare class OpControlSubscriber {
     isPaused(opId: string): boolean;
     isTerminated(opId: string): boolean;
     streamAlive(): boolean;
-    /** Cancel the stream and clean up. */
+    /** Cancel the stream and clean up. Safe to call before the async real-channel
+     * open has completed — it flags `closed` so the pending open bails out.
+     */
     close(): void;
 }
 //# sourceMappingURL=op-control.d.ts.map