@agent-vm/mcp-portal 0.0.68 → 0.0.70

package/dist/upstream-mcp-client-runtime-DiBCBsDj.js

@@ -1,1729 +0,0 @@
-import { a as portalToolRecordSchema, l as jsonObjectSchema, n as decodeToolRef, r as encodeToolRef, t as generateTypescriptCatalogArtifact } from "./typescript-artifact-BqU8okQy.js";
-import { t as buildZodValidatorFromJsonSchema } from "./zod-schema-loader-CDDtoRE1.js";
-import { z } from "zod";
-import { createHash, createHmac, randomUUID, timingSafeEqual } from "node:crypto";
-import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
-import { Hono } from "hono";
-import { Server } from "@modelcontextprotocol/sdk/server/index.js";
-import { CallToolRequestSchema, ListToolsRequestSchema, ToolSchema } from "@modelcontextprotocol/sdk/types.js";
-import { mcpPortalCallRequiresApproval, resolveMcpPortalProfile } from "@agent-vm/config-contracts";
-import { Client } from "@modelcontextprotocol/sdk/client/index.js";
-import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
-import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
-import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
-import { normalizeHeaders } from "@modelcontextprotocol/sdk/shared/transport.js";
-//#region src/auth/hmac-env.ts
-const portalHmacKeyEnvPrefix = "PORTAL_HMAC_KEY__";
-const portalHmacKeyHexLength = 64;
-function portalHmacKeyEnvName(agentId) {
-	return `${portalHmacKeyEnvPrefix}${agentId}`;
-}
-function parseHmacKeysFromEnv(env) {
-	const keysByAgent = /* @__PURE__ */ new Map();
-	for (const [name, value] of Object.entries(env)) {
-		if (!name.startsWith(portalHmacKeyEnvPrefix) || value === void 0) continue;
-		const agentId = name.slice(17);
-		if (!/^[0-9a-f]+$/u.test(value) || value.length !== portalHmacKeyHexLength) throw new Error(`Malformed HMAC key in env var "${name}".`);
-		keysByAgent.set(agentId, Buffer.from(value, "hex"));
-	}
-	return keysByAgent;
-}
-//#endregion
-//#region src/auth/hmac-token.ts
-const approvalTokenCallDigestSchema = z.object({
-	argumentsHash: z.string().min(1),
-	namespace: z.string().min(1),
-	toolName: z.string().min(1)
-}).strict();
-const approvalTokenPayloadSchema = z.object({
-	agentId: z.string().min(1),
-	calls: z.array(approvalTokenCallDigestSchema),
-	exp: z.number().int()
-}).strict();
-function base64UrlEncode(value) {
-	return (typeof value === "string" ? Buffer.from(value, "utf8") : value).toString("base64url");
-}
-function canonicalize(value) {
-	if (value === null || typeof value !== "object") return JSON.stringify(value ?? null);
-	if (Array.isArray(value)) return `[${value.map(canonicalize).join(",")}]`;
-	return `{${Object.entries(value).filter((entry) => entry[1] !== void 0).toSorted(([leftKey], [rightKey]) => leftKey.localeCompare(rightKey)).map(([key, entryValue]) => `${JSON.stringify(key)}:${canonicalize(entryValue)}`).join(",")}}`;
-}
-function hashCallArguments(args) {
-	return createHash("sha256").update(canonicalize(args)).digest("base64url");
-}
-function signApprovalToken(props) {
-	const payloadEncoded = base64UrlEncode(canonicalize({
-		agentId: props.agentId,
-		calls: [...props.calls],
-		exp: props.expiresAtMs
-	}));
-	return `${payloadEncoded}.${createHmac("sha256", props.key).update(payloadEncoded).digest("base64url")}`;
-}
-function parseApprovalTokenPayload(payloadEncoded) {
-	try {
-		return approvalTokenPayloadSchema.parse(JSON.parse(Buffer.from(payloadEncoded, "base64url").toString("utf8")));
-	} catch {
-		return null;
-	}
-}
-function isApprovalTokenParts(parts) {
-	return parts.length === 2;
-}
-function callsMatch(leftCalls, rightCalls) {
-	if (leftCalls.length !== rightCalls.length) return false;
-	return leftCalls.every((leftCall, index) => {
-		const rightCall = rightCalls[index];
-		return rightCall !== void 0 && leftCall.argumentsHash === rightCall.argumentsHash && leftCall.namespace === rightCall.namespace && leftCall.toolName === rightCall.toolName;
-	});
-}
-function verifyApprovalToken(props) {
-	const parts = props.token.split(".");
-	if (!isApprovalTokenParts(parts)) return {
-		ok: false,
-		reason: "malformed"
-	};
-	const [payloadEncoded, signatureEncoded] = parts;
-	const expectedSignature = createHmac("sha256", props.key).update(payloadEncoded).digest();
-	const providedSignature = Buffer.from(signatureEncoded, "base64url");
-	if (providedSignature.length !== expectedSignature.length || !timingSafeEqual(providedSignature, expectedSignature)) return {
-		ok: false,
-		reason: "signature-mismatch"
-	};
-	const payload = parseApprovalTokenPayload(payloadEncoded);
-	if (payload === null) return {
-		ok: false,
-		reason: "malformed"
-	};
-	if (payload.exp <= props.nowMs) return {
-		ok: false,
-		reason: "expired"
-	};
-	if (payload.agentId !== props.agentId) return {
-		ok: false,
-		reason: "agent-mismatch"
-	};
-	if (!callsMatch(payload.calls, props.calls)) return {
-		ok: false,
-		reason: "call-mismatch"
-	};
-	return { ok: true };
-}
-//#endregion
-//#region src/mcp-server/portal-call-validation.ts
-function validatePortalToolArguments(tool, argumentsValue) {
-	const validator = buildZodValidatorFromJsonSchema(tool.inputSchema);
-	if (!validator.ok) return {
-		error: {
-			...validator.error,
-			namespace: tool.namespace,
-			toolName: tool.toolName
-		},
-		ok: false
-	};
-	const result = validator.validate(argumentsValue);
-	if (!result.ok) return {
-		error: {
-			...result.error,
-			namespace: tool.namespace,
-			toolName: tool.toolName
-		},
-		ok: false
-	};
-	return result;
-}
-//#endregion
-//#region src/portal-access-policy.ts
-const portalAgentIdentityBrand = Symbol("PortalAgentIdentity");
-function createPortalAgentIdentity(input) {
-	validateIdentitySegment("agentId", input.agentId);
-	validateIdentitySegment("agentScopeId", input.agentScopeId);
-	if (input.sessionId !== void 0) validateIdentitySegment("sessionId", input.sessionId);
-	return {
-		agentId: input.agentId,
-		agentScopeId: input.agentScopeId,
-		...input.sessionId !== void 0 ? { sessionId: input.sessionId } : {},
-		[portalAgentIdentityBrand]: true
-	};
-}
-function validateIdentitySegment(name, value) {
-	if (value.length === 0) throw new Error(`MCP Portal ${name} must not be empty.`);
-	for (let index = 0; index < value.length; index += 1) {
-		const codePoint = value.charCodeAt(index);
-		if (codePoint < 32 || codePoint === 127) throw new Error(`MCP Portal ${name} must not contain control characters.`);
-	}
-}
-function portalAgentScopeKey(identity) {
-	return identity.sessionId ? `${identity.agentScopeId}\n${identity.sessionId}` : identity.agentScopeId;
-}
-function sortToolSelectors(selectors) {
-	return [...selectors].toSorted((left, right) => {
-		const namespaceOrder = left.namespace.localeCompare(right.namespace);
-		return namespaceOrder === 0 ? left.toolName.localeCompare(right.toolName) : namespaceOrder;
-	});
-}
-function resolvePortalAccessPolicy(props) {
-	const agentNamespaces = props.config.enabledNamespacesByAgent[props.identity.agentId];
-	const globalNamespaces = props.config.enabledNamespaces ?? [];
-	const selectedNamespaces = agentNamespaces ?? (globalNamespaces.length > 0 ? globalNamespaces : props.config.defaultPolicy === "allow-all" ? props.upstreamNamespaces : []);
-	const upstreamNamespaceSet = new Set(props.upstreamNamespaces);
-	return {
-		allowedNamespaces: selectedNamespaces.filter((namespace) => upstreamNamespaceSet.has(namespace)).toSorted(),
-		enabledTools: sortToolSelectors(props.config.enabledToolsByAgent?.[props.identity.agentId] ?? []),
-		hiddenTools: sortToolSelectors(props.config.hiddenToolsByAgent[props.identity.agentId] ?? [])
-	};
-}
-//#endregion
-//#region src/tool-summary.ts
-function stringArrayFromValue(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter((entry) => typeof entry === "string").toSorted();
-}
-function objectPropertiesFromSchema$1(schema) {
-	const properties = schema.properties;
-	if (typeof properties !== "object" || properties === null || Array.isArray(properties)) return [];
-	return Object.keys(properties).toSorted();
-}
-function summarizeJsonSchema(schema) {
-	const properties = objectPropertiesFromSchema$1(schema);
-	const required = stringArrayFromValue(schema.required);
-	const requiredSet = new Set(required);
-	return {
-		optional: properties.filter((propertyName) => !requiredSet.has(propertyName)),
-		propertyCount: properties.length,
-		required,
-		type: typeof schema.type === "string" ? schema.type : "unknown"
-	};
-}
-function createToolSummary(tool) {
-	const parsed = portalToolRecordSchema.parse(tool);
-	const safety = {
-		...parsed.annotations?.destructiveHint !== void 0 ? { destructiveHint: parsed.annotations.destructiveHint } : {},
-		...parsed.annotations?.readOnlyHint !== void 0 ? { readOnlyHint: parsed.annotations.readOnlyHint } : {}
-	};
-	return {
-		...parsed.description !== void 0 ? { description: parsed.description } : {},
-		input: summarizeJsonSchema(parsed.inputSchema),
-		namespace: parsed.namespace,
-		...parsed.outputSchema ? { output: summarizeJsonSchema(parsed.outputSchema) } : {},
-		safety,
-		...parsed.title !== void 0 ? { title: parsed.title } : {},
-		toolName: parsed.toolName,
-		toolRef: encodeToolRef({
-			namespace: parsed.namespace,
-			toolName: parsed.toolName
-		})
-	};
-}
-//#endregion
-//#region src/mcp-server/portal-tools.ts
-const requestIdSchema = z.string().min(1);
-const reservedRequestIds = new Set([
-	"__proto__",
-	"constructor",
-	"prototype"
-]);
-const safeRequestIdSchema = requestIdSchema.refine((id) => !reservedRequestIds.has(id), { message: "Portal request id uses a reserved object property name." });
-const namespaceToolSelectorSchema = z.object({
-	namespace: z.string().min(1),
-	toolName: z.string().min(1)
-}).strict();
-const listRequestSchema = z.object({
-	cursor: z.string().regex(/^\d+$/u).optional(),
-	id: safeRequestIdSchema,
-	limit: z.number().int().positive().max(100).default(20),
-	namespaces: z.array(z.string()).optional(),
-	refs: z.array(z.string()).optional(),
-	tools: z.array(namespaceToolSelectorSchema).optional()
-}).strict();
-const searchRequestSchema = z.object({
-	id: safeRequestIdSchema,
-	limit: z.number().int().positive().max(50).default(10),
-	namespaces: z.array(z.string()).optional(),
-	query: z.string().optional(),
-	schemaDetail: z.enum([
-		"none",
-		"summary",
-		"full"
-	]).default("summary")
-}).strict();
-const describeRequestSchema = z.object({
-	id: safeRequestIdSchema,
-	includeJsonSchema: z.boolean().default(true),
-	includeRelated: z.boolean().default(true),
-	includeTypescriptHelper: z.boolean().default(false),
-	includeZod: z.boolean().default(false),
-	refs: z.array(z.string()).optional(),
-	tools: z.array(namespaceToolSelectorSchema).optional()
-}).strict();
-const callRequestSchema = z.object({
-	arguments: jsonObjectSchema,
-	id: safeRequestIdSchema,
-	namespace: z.string().min(1),
-	toolName: z.string().min(1)
-}).strict();
-const listInputSchema = z.object({ requests: z.array(listRequestSchema).min(1) }).strict();
-const searchInputSchema = z.object({ requests: z.array(searchRequestSchema).min(1) }).strict();
-const describeInputSchema = z.object({ requests: z.array(describeRequestSchema).min(1) }).strict();
-const callInputSchema = z.object({ calls: z.array(callRequestSchema).min(1) }).strict();
-const callExecutionInputSchema = z.object({
-	calls: z.array(callRequestSchema).min(1),
-	portalApprovalToken: z.string().min(1).optional()
-}).strict();
-function isToolSchemaProperties(value) {
-	return typeof value === "object" && value !== null && !Array.isArray(value) && Object.values(value).every((entry) => typeof entry === "object" && entry !== null && !Array.isArray(entry));
-}
-function isStringArray(value) {
-	return Array.isArray(value) && value.every((entry) => typeof entry === "string");
-}
-function toPortalInputJsonSchema(schema) {
-	const jsonSchema = jsonObjectSchema.parse(z.toJSONSchema(schema, { io: "input" }));
-	if (jsonSchema.type !== "object") throw new Error("MCP Portal tool input schemas must be JSON Schema objects.");
-	const properties = isToolSchemaProperties(jsonSchema.properties) ? jsonSchema.properties : void 0;
-	const required = isStringArray(jsonSchema.required) ? jsonSchema.required : void 0;
-	return {
-		...jsonSchema,
-		...properties !== void 0 ? { properties } : {},
-		...required !== void 0 ? { required } : {},
-		type: "object"
-	};
-}
-const portalToolInputSchemas = {
-	mcp_portal_call: toPortalInputJsonSchema(callInputSchema),
-	mcp_portal_describe: toPortalInputJsonSchema(describeInputSchema),
-	mcp_portal_list: toPortalInputJsonSchema(listInputSchema),
-	mcp_portal_search: toPortalInputJsonSchema(searchInputSchema)
-};
-function messageFromError$1(error) {
-	return error instanceof Error ? error.message : String(error);
-}
-function invalidPortalInput(error) {
-	return {
-		diagnostics: [],
-		errors: [{
-			kind: "invalid_portal_input",
-			message: messageFromError$1(error)
-		}],
-		ok: false,
-		results: {}
-	};
-}
-function itemError(props) {
-	return {
-		error: props.error,
-		input: props.input,
-		ok: false
-	};
-}
-function itemOutput(props) {
-	return {
-		input: props.input,
-		ok: true,
-		output: props.output
-	};
-}
-function discoveryDiagnostics(session) {
-	return session.catalog.discoveryFailures.map((failure) => ({
-		kind: "upstream_discovery_failed",
-		message: failure.message,
-		namespace: failure.namespace
-	}));
-}
-function portalBatchResult(results, diagnostics = []) {
-	return {
-		diagnostics,
-		errors: [],
-		ok: Object.values(results).every((result) => result.ok),
-		results
-	};
-}
-function duplicateIdErrors(items) {
-	const seenIds = /* @__PURE__ */ new Set();
-	const duplicateIds = /* @__PURE__ */ new Set();
-	for (const item of items) {
-		if (seenIds.has(item.id)) duplicateIds.add(item.id);
-		seenIds.add(item.id);
-	}
-	return [...duplicateIds].toSorted().map((id) => ({
-		id,
-		kind: "duplicate_id",
-		message: `Duplicate portal request id "${id}". Each request id must be unique.`
-	}));
-}
-function duplicateIdResult(items) {
-	const errors = duplicateIdErrors(items);
-	return errors.length > 0 ? {
-		diagnostics: [],
-		errors,
-		ok: false,
-		results: {}
-	} : null;
-}
-function findTool(session, selector) {
-	return session.catalog.tools.find((tool) => tool.namespace === selector.namespace && tool.toolName === selector.toolName) ?? null;
-}
-function selectorsFromInput(tools, refs) {
-	const selectors = [...tools ?? []];
-	for (const toolRef of refs ?? []) try {
-		selectors.push(decodeToolRef(toolRef));
-	} catch (error) {
-		return {
-			error: {
-				kind: "invalid_portal_input",
-				message: messageFromError$1(error)
-			},
-			ok: false
-		};
-	}
-	return {
-		ok: true,
-		selectors
-	};
-}
-function applyExactFilters(tools, filters) {
-	const namespaceFilter = new Set(filters.namespaces ?? []);
-	const selectorResult = selectorsFromInput(filters.tools, filters.refs);
-	if (!selectorResult.ok) return selectorResult;
-	const exactSelectors = selectorResult.selectors;
-	if (exactSelectors.length === 0) return {
-		ok: true,
-		tools: tools.filter((tool) => namespaceFilter.size === 0 || namespaceFilter.has(tool.namespace))
-	};
-	return {
-		ok: true,
-		tools: tools.filter((tool) => (namespaceFilter.size === 0 || namespaceFilter.has(tool.namespace)) && exactSelectors.some((selector) => selector.namespace === tool.namespace && selector.toolName === tool.toolName))
-	};
-}
-function selectorKey(selector) {
-	return `${selector.namespace}\n${selector.toolName}`;
-}
-function missingSelectorError(requestedSelectors, selectedTools) {
-	const foundKeys = new Set(selectedTools.map((tool) => selectorKey({
-		namespace: tool.namespace,
-		toolName: tool.toolName
-	})));
-	if (requestedSelectors.filter((selector) => !foundKeys.has(selectorKey(selector))).length === 0) return null;
-	return {
-		kind: "unknown_or_denied_tool",
-		message: "One or more requested tools are unknown or denied for this portal agent scope."
-	};
-}
-function paginate(items, limit, cursor) {
-	const offset = cursor ? Number.parseInt(cursor, 10) : 0;
-	const safeOffset = Number.isFinite(offset) && offset > 0 ? offset : 0;
-	const page = items.slice(safeOffset, safeOffset + limit);
-	const nextOffset = safeOffset + page.length;
-	return {
-		items: page,
-		...nextOffset < items.length ? { nextCursor: String(nextOffset) } : {}
-	};
-}
-function describeToolOutput(props) {
-	const toolSummary = createToolSummary(props.tool);
-	const result = {
-		annotations: props.tool.annotations ?? {},
-		namespace: props.tool.namespace,
-		related: props.includeRelated ? props.session.graph.relationships.filter((relationship) => relationship.from.toolRef === toolSummary.toolRef || relationship.to.toolRef === toolSummary.toolRef) : [],
-		toolName: props.tool.toolName,
-		toolRef: toolSummary.toolRef
-	};
-	if (props.includeJsonSchema) {
-		result.inputSchema = props.tool.inputSchema;
-		result.outputSchema = props.tool.outputSchema;
-	}
-	if (props.includeZod) result.zod = {
-		experimental: true,
-		source: "z.fromJSONSchema(inputSchema)"
-	};
-	if (props.includeTypescriptHelper) result.typescriptHelper = generateTypescriptCatalogArtifact({ tools: [props.tool] });
-	return result;
-}
-function searchOutputWithFullSchema(session, summary) {
-	const tool = findTool(session, summary);
-	const result = {
-		input: summary.input,
-		namespace: summary.namespace,
-		safety: summary.safety,
-		toolName: summary.toolName,
-		toolRef: summary.toolRef
-	};
-	if (summary.description !== void 0) result.description = summary.description;
-	if (summary.output !== void 0) result.output = summary.output;
-	if (summary.relationshipHints !== void 0) result.relationshipHints = summary.relationshipHints;
-	if (summary.schemaFieldMatches !== void 0) result.schemaFieldMatches = summary.schemaFieldMatches;
-	if (summary.title !== void 0) result.title = summary.title;
-	if (tool) {
-		result.inputSchema = tool.inputSchema;
-		result.outputSchema = tool.outputSchema;
-	}
-	return result;
-}
-function listRequestResult(session, request) {
-	const filteredTools = applyExactFilters(session.catalog.tools, {
-		...request.namespaces !== void 0 ? { namespaces: request.namespaces } : {},
-		...request.refs !== void 0 ? { refs: request.refs } : {},
-		...request.tools !== void 0 ? { tools: request.tools } : {}
-	});
-	if (!filteredTools.ok) return itemError({
-		error: filteredTools.error,
-		input: request
-	});
-	const page = paginate(filteredTools.tools.map((tool) => createToolSummary(tool)), request.limit, request.cursor);
-	return itemOutput({
-		input: request,
-		output: {
-			namespaces: [...new Set(filteredTools.tools.map((tool) => tool.namespace))].toSorted(),
-			...page.nextCursor !== void 0 ? { nextCursor: page.nextCursor } : {},
-			tools: page.items
-		}
-	});
-}
-function searchRequestResult(session, request) {
-	const result = session.searchIndex.search({
-		limit: request.limit,
-		...request.namespaces ? { namespaces: request.namespaces } : {},
-		...request.query !== void 0 ? { query: request.query } : {}
-	});
-	return itemOutput({
-		input: request,
-		output: { tools: request.schemaDetail === "full" ? result.results.map((summary) => searchOutputWithFullSchema(session, summary)) : result.results }
-	});
-}
-function describeRequestResult(session, request) {
-	const selectorResult = selectorsFromInput(request.tools, request.refs);
-	if (!selectorResult.ok) return itemError({
-		error: selectorResult.error,
-		input: request
-	});
-	const selectors = selectorResult.selectors;
-	const selectedTools = selectors.map((selector) => findTool(session, selector)).filter((tool) => tool !== null);
-	const missingError = missingSelectorError(selectors, selectedTools);
-	if (missingError) return itemError({
-		error: {
-			...missingError,
-			tools: selectors.filter((selector) => findTool(session, selector) === null)
-		},
-		input: request
-	});
-	return itemOutput({
-		input: request,
-		output: { tools: selectedTools.map((tool) => describeToolOutput({
-			includeJsonSchema: request.includeJsonSchema,
-			includeRelated: request.includeRelated,
-			includeTypescriptHelper: request.includeTypescriptHelper,
-			includeZod: request.includeZod,
-			session,
-			tool
-		})) }
-	});
-}
-function preparePortalCall(session, request) {
-	const tool = findTool(session, request);
-	if (!tool) return itemError({
-		error: {
-			kind: "unknown_or_denied_tool",
-			message: "The requested tool is unknown or denied for this portal agent scope.",
-			namespace: request.namespace,
-			toolName: request.toolName
-		},
-		input: request
-	});
-	const validation = validatePortalToolArguments(tool, request.arguments);
-	if (!validation.ok) return itemError({
-		error: validation.error,
-		input: request
-	});
-	const validatedArgumentsResult = jsonObjectSchema.safeParse(validation.value);
-	if (!validatedArgumentsResult.success) return itemError({
-		error: {
-			kind: "invalid_portal_input",
-			message: validatedArgumentsResult.error.message
-		},
-		input: request
-	});
-	return {
-		input: request,
-		tool,
-		validatedArguments: validatedArgumentsResult.data
-	};
-}
-async function executePreparedPortalCall(call, identity, runtime) {
-	const input = {
-		...call.input,
-		arguments: call.validatedArguments
-	};
-	try {
-		return itemOutput({
-			input,
-			output: {
-				namespace: call.tool.namespace,
-				result: await runtime.callUpstreamTool({
-					arguments: call.validatedArguments,
-					agentScopeId: portalAgentScopeKey(identity),
-					namespace: call.tool.namespace,
-					toolName: call.tool.toolName
-				}),
-				toolName: call.tool.toolName
-			}
-		});
-	} catch (error) {
-		return itemError({
-			error: {
-				kind: "upstream_call_failed",
-				message: messageFromError$1(error),
-				namespace: call.tool.namespace,
-				toolName: call.tool.toolName
-			},
-			input
-		});
-	}
-}
-function isPreparedPortalCall(value) {
-	return "validatedArguments" in value;
-}
-async function addExecutableCallResults(props) {
-	await Promise.all(props.preparedCalls.map(async (preparedCall) => {
-		props.results[preparedCall.input.id] = await executePreparedPortalCall(preparedCall, props.identity, props.runtime);
-	}));
-}
-function createPortalToolHandlers(runtime) {
-	return {
-		async call(call) {
-			const parsedInput = callExecutionInputSchema.safeParse(call.input);
-			if (!parsedInput.success) return invalidPortalInput(parsedInput.error);
-			const duplicateResult = duplicateIdResult(parsedInput.data.calls);
-			if (duplicateResult) return duplicateResult;
-			const session = await runtime.getSession(call.identity);
-			const preparedResults = parsedInput.data.calls.map((request) => preparePortalCall(session, request));
-			const approvalCalls = preparedResults.filter(isPreparedPortalCall).map((executableCall) => ({
-				arguments: executableCall.validatedArguments,
-				id: executableCall.input.id,
-				namespace: executableCall.tool.namespace,
-				tool: executableCall.tool,
-				toolName: executableCall.tool.toolName
-			}));
-			const allowDecision = { kind: "allow" };
-			const approval = approvalCalls.length === 0 ? allowDecision : runtime.approval?.(approvalCalls, call.identity, parsedInput.data.portalApprovalToken) ?? allowDecision;
-			const results = {};
-			const callsToExecute = [];
-			for (const preparedResult of preparedResults) {
-				if (!isPreparedPortalCall(preparedResult)) {
-					const input = preparedResult.input;
-					if (typeof input === "object" && input !== null && "id" in input) {
-						const id = input.id;
-						if (typeof id === "string") results[id] = preparedResult;
-					}
-					continue;
-				}
-				if (approval.kind === "approval_required") {
-					results[preparedResult.input.id] = itemError({
-						error: {
-							kind: "approval_required",
-							level: approval.level,
-							message: "Operator approval is required before this batch can run.",
-							namespace: preparedResult.tool.namespace,
-							toolName: preparedResult.tool.toolName
-						},
-						input: {
-							...preparedResult.input,
-							arguments: preparedResult.validatedArguments
-						}
-					});
-					continue;
-				}
-				if (approval.kind === "approval_token_missing") {
-					results[preparedResult.input.id] = itemError({
-						error: {
-							kind: "approval_token_missing",
-							message: "An MCP Portal approval token is required before this batch can run.",
-							namespace: preparedResult.tool.namespace,
-							toolName: preparedResult.tool.toolName
-						},
-						input: {
-							...preparedResult.input,
-							arguments: preparedResult.validatedArguments
-						}
-					});
-					continue;
-				}
-				if (approval.kind === "approval_token_invalid") {
-					results[preparedResult.input.id] = itemError({
-						error: {
-							kind: "approval_token_invalid",
-							message: `MCP Portal approval token is invalid: ${approval.reason}.`,
-							namespace: preparedResult.tool.namespace,
-							reason: approval.reason,
-							toolName: preparedResult.tool.toolName
-						},
-						input: {
-							...preparedResult.input,
-							arguments: preparedResult.validatedArguments
-						}
-					});
-					continue;
-				}
-				callsToExecute.push(preparedResult);
-			}
-			await addExecutableCallResults({
-				identity: call.identity,
-				preparedCalls: callsToExecute,
-				results,
-				runtime
-			});
-			return portalBatchResult(results, discoveryDiagnostics(session));
-		},
-		async describe(call) {
-			const parsedInput = describeInputSchema.safeParse(call.input);
-			if (!parsedInput.success) return invalidPortalInput(parsedInput.error);
-			const duplicateResult = duplicateIdResult(parsedInput.data.requests);
-			if (duplicateResult) return duplicateResult;
-			const session = await runtime.getSession(call.identity);
-			return portalBatchResult(Object.fromEntries(parsedInput.data.requests.map((request) => [request.id, describeRequestResult(session, request)])), discoveryDiagnostics(session));
-		},
-		async list(call) {
-			const parsedInput = listInputSchema.safeParse(call.input);
-			if (!parsedInput.success) return invalidPortalInput(parsedInput.error);
-			const duplicateResult = duplicateIdResult(parsedInput.data.requests);
-			if (duplicateResult) return duplicateResult;
-			const session = await runtime.getSession(call.identity);
-			return portalBatchResult(Object.fromEntries(parsedInput.data.requests.map((request) => [request.id, listRequestResult(session, request)])), discoveryDiagnostics(session));
-		},
-		async search(call) {
-			const parsedInput = searchInputSchema.safeParse(call.input);
-			if (!parsedInput.success) return invalidPortalInput(parsedInput.error);
-			const duplicateResult = duplicateIdResult(parsedInput.data.requests);
-			if (duplicateResult) return duplicateResult;
-			const session = await runtime.getSession(call.identity);
-			return portalBatchResult(Object.fromEntries(parsedInput.data.requests.map((request) => [request.id, searchRequestResult(session, request)])), discoveryDiagnostics(session));
-		}
-	};
-}
-//#endregion
-//#region src/mcp-server/portal-mcp-server.ts
-const portalMcpToolNames = [
-	"mcp_portal_list",
-	"mcp_portal_search",
-	"mcp_portal_describe",
-	"mcp_portal_call"
-];
-function listPortalMcpTools() {
-	return [
-		{
-			description: "List authorized MCP namespaces and compact tool summaries.",
-			inputSchema: portalToolInputSchemas.mcp_portal_list,
-			name: "mcp_portal_list"
-		},
-		{
-			description: "Search the caller scoped MCP Portal index.",
-			inputSchema: portalToolInputSchemas.mcp_portal_search,
-			name: "mcp_portal_search"
-		},
-		{
-			description: "Describe exact MCP tool schemas and optional TypeScript/Zod helpers.",
-			inputSchema: portalToolInputSchemas.mcp_portal_describe,
-			name: "mcp_portal_describe"
-		},
-		{
-			description: "Validate and call an authorized upstream MCP tool by namespace and toolName.",
-			inputSchema: portalToolInputSchemas.mcp_portal_call,
-			name: "mcp_portal_call"
-		}
-	];
-}
-function jsonToolResult(value) {
-	return {
-		content: [{
-			text: JSON.stringify(value),
-			type: "text"
-		}],
-		...value.ok ? {} : { isError: true }
-	};
-}
-function createPortalMcpServer(props) {
-	const handlers = createPortalToolHandlers(props.runtime);
-	const server = new Server({
-		name: "mcp-portal",
-		version: "1.0.0"
-	}, { capabilities: { tools: { listChanged: false } } });
-	server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: listPortalMcpTools() }));
-	server.setRequestHandler(CallToolRequestSchema, async (request) => {
-		switch (request.params.name) {
-			case "mcp_portal_list": return jsonToolResult(await handlers.list({
-				identity: props.identity,
-				input: request.params.arguments ?? {}
-			}));
-			case "mcp_portal_search": return jsonToolResult(await handlers.search({
-				identity: props.identity,
-				input: request.params.arguments ?? {}
-			}));
-			case "mcp_portal_describe": return jsonToolResult(await handlers.describe({
-				identity: props.identity,
-				input: request.params.arguments ?? {}
-			}));
-			case "mcp_portal_call": return jsonToolResult(await handlers.call({
-				identity: props.identity,
-				input: request.params.arguments ?? {}
-			}));
-			default: return {
-				content: [{
-					text: `Unknown MCP Portal tool: ${request.params.name}`,
-					type: "text"
-				}],
-				isError: true
-			};
-		}
-	});
-	return server;
-}
-//#endregion
-//#region src/mcp-server/portal-http-server.ts
-const mcpSessionIdHeader = "mcp-session-id";
-function timingSafeEqualString(left, right) {
-	const leftBuffer = Buffer.from(left);
-	const rightBuffer = Buffer.from(right);
-	return leftBuffer.length === rightBuffer.length && timingSafeEqual(leftBuffer, rightBuffer);
-}
-function activeSessionKey(scopeId, sessionId) {
-	return `${scopeId}\n${sessionId}`;
-}
-function createPortalHttpApp(options) {
-	const app = new Hono();
-	const activeSessions = /* @__PURE__ */ new Map();
-	async function closeActiveSession(sessionKey, closeOptions) {
-		const activeSession = activeSessions.get(sessionKey);
-		if (!activeSession) return;
-		activeSessions.delete(sessionKey);
-		try {
-			if (closeOptions.closeTransport) await activeSession.transport.close();
-		} finally {
-			await options.onSessionClosed?.(activeSession.identity);
-		}
-	}
-	async function createActiveSession(identityBase) {
-		const sessionId = randomUUID();
-		const sessionKey = activeSessionKey(identityBase.agentScopeId, sessionId);
-		let server = null;
-		const identity = createPortalAgentIdentity({
-			agentId: identityBase.agentId,
-			agentScopeId: identityBase.agentScopeId,
-			sessionId
-		});
-		const transport = new WebStandardStreamableHTTPServerTransport({
-			onsessionclosed: () => {
-				closeActiveSession(sessionKey, { closeTransport: false });
-			},
-			onsessioninitialized: (initializedSessionId) => {
-				if (!server) throw new Error("MCP Portal session initialized before server connection.");
-				activeSessions.set(activeSessionKey(identityBase.agentScopeId, initializedSessionId), {
-					identity,
-					server,
-					transport
-				});
-			},
-			sessionIdGenerator: () => sessionId
-		});
-		server = createPortalMcpServer({
-			identity,
-			runtime: options.toolRuntime
-		});
-		await server.connect(transport);
-		return {
-			identity,
-			server,
-			transport
-		};
-	}
-	async function closePortalSessions() {
-		await Promise.all([...activeSessions.keys()].map((sessionKey) => closeActiveSession(sessionKey, { closeTransport: true })));
-	}
-	app.get("/health", (context) => context.json({
-		agents: [...options.registeredAgentIds ?? []].toSorted(),
-		ok: true
-	}));
-	app.all("/agents/:agentId/mcp", async (context) => {
-		const serverAccess = options.serverAccess;
-		if (serverAccess !== void 0) {
-			const providedSecret = context.req.header(serverAccess.headerName);
-			if (providedSecret === void 0 || !timingSafeEqualString(providedSecret, serverAccess.expectedValue)) return context.json({
-				error: { kind: "unauthorized" },
-				ok: false
-			}, 401);
-		}
-		const agentId = context.req.param("agentId");
-		const agentIdentity = options.resolveAgentIdentity?.(agentId) ?? null;
-		if (agentIdentity === null) return context.json({
-			error: { kind: "unknown_agent" },
-			ok: false
-		}, 404);
-		const mcpSessionId = context.req.header(mcpSessionIdHeader);
-		if (mcpSessionId) {
-			const activeSession = activeSessions.get(activeSessionKey(agentIdentity.agentScopeId, mcpSessionId));
-			if (!activeSession) return new Response("Unknown MCP portal session", { status: 404 });
-			return await activeSession.transport.handleRequest(context.req.raw);
-		}
-		return await (await createActiveSession(agentIdentity)).transport.handleRequest(context.req.raw);
-	});
-	return Object.assign(app, { closePortalSessions });
-}
-//#endregion
-//#region src/mcp-server/resolve-agent-identity.ts
-async function resolveAgentHmacKeyEntry(props) {
-	const envKey = props.envKeys.get(props.agentId);
-	if (envKey !== void 0) return [props.agentId, envKey];
-	if (props.agent.hmacKey === void 0) throw new Error(`Missing HMAC key for MCP Portal agent "${props.agentId}".`);
-	const secretValue = await props.resolveSecret(props.agent.hmacKey);
-	if (!/^[0-9a-f]+$/u.test(secretValue) || secretValue.length !== 64) throw new Error(`MCP Portal agent "${props.agentId}" HMAC key must be 64 hex characters.`);
-	return [props.agentId, Buffer.from(secretValue, "hex")];
-}
-async function resolveAgentHmacKeys(props) {
-	return new Map(await Promise.all(Object.entries(props.agents).map(([agentId, agent]) => resolveAgentHmacKeyEntry({
-		agent,
-		agentId,
-		envKeys: props.envKeys,
-		resolveSecret: props.resolveSecret
-	}))));
-}
-function createPortalAgentRuntimeRecords(props) {
-	const records = /* @__PURE__ */ new Map();
-	for (const [agentId, agent] of Object.entries(props.portalConfig.agents)) {
-		const hmacKey = props.hmacKeys.get(agentId);
-		if (hmacKey === void 0) throw new Error(`Missing HMAC key for MCP Portal agent "${agentId}".`);
-		records.set(agentId, {
-			agentId,
-			hmacKey,
-			profile: resolveMcpPortalProfile(props.portalConfig, agent.profile),
-			profileName: agent.profile
-		});
-	}
-	return records;
-}
-function createPortalHttpAgentResolver(records) {
-	return (agentId) => {
-		if (records.get(agentId) === void 0) return null;
-		return createPortalAgentIdentity({
-			agentId,
-			agentScopeId: agentId
-		});
-	};
-}
-function approvalRequiredByProfile(profile, call) {
-	const annotations = call.tool.annotations;
-	return mcpPortalCallRequiresApproval(profile, {
-		...annotations === void 0 ? {} : { annotations },
-		namespace: call.namespace,
-		toolName: call.toolName
-	});
-}
-function conservativeApprovalRequiredByProfile(profile, call) {
-	return mcpPortalCallRequiresApproval(profile, {
-		namespace: call.namespace,
-		toolName: call.toolName
-	});
-}
-function approvalTokenCallDigests(calls) {
-	return calls.map((call) => ({
-		argumentsHash: hashCallArguments(call.arguments),
-		namespace: call.namespace,
-		toolName: call.toolName
-	}));
-}
-function createPortalApprovalVerifier(props) {
-	return (calls, agentId, token) => {
-		const record = props.records.get(agentId);
-		if (record === void 0) return {
-			kind: "approval_token_invalid",
-			reason: "unknown-agent"
-		};
-		const callsRequiringApproval = calls.filter((call) => approvalRequiredByProfile(record.profile, call));
-		if (callsRequiringApproval.length === 0) return { kind: "allow" };
-		if (token === void 0) return { kind: "approval_token_missing" };
-		const verificationProps = {
-			agentId,
-			calls: approvalTokenCallDigests(callsRequiringApproval),
-			key: record.hmacKey,
-			nowMs: Date.now(),
-			token
-		};
-		const verification = verifyApprovalToken(verificationProps);
-		if (verification.ok) return { kind: "allow" };
-		const conservativeCallsRequiringApproval = calls.filter((call) => conservativeApprovalRequiredByProfile(record.profile, call));
-		if (conservativeCallsRequiringApproval.length !== callsRequiringApproval.length) {
-			if (verifyApprovalToken({
-				...verificationProps,
-				calls: approvalTokenCallDigests(conservativeCallsRequiringApproval)
-			}).ok) {
-				props.onConservativeApprovalFallback?.({
-					agentId,
-					conservativeCallCount: conservativeCallsRequiringApproval.length,
-					primaryReason: verification.reason,
-					strictCallCount: callsRequiringApproval.length,
-					toolRefs: conservativeCallsRequiringApproval.map((call) => `${call.namespace}/${call.toolName}`)
-				});
-				return { kind: "allow" };
-			}
-		}
-		return {
-			kind: "approval_token_invalid",
-			reason: verification.reason
-		};
-	};
-}
-//#endregion
-//#region src/search-index.ts
-function collectSchemaText(value, parts) {
-	if (Array.isArray(value)) {
-		for (const item of value) collectSchemaText(item, parts);
-		return;
-	}
-	if (typeof value !== "object" || value === null) {
-		if (typeof value === "string") parts.push(value);
-		return;
-	}
-	for (const [key, childValue] of Object.entries(value)) {
-		parts.push(key);
-		collectSchemaText(childValue, parts);
-	}
-}
-function normalizeSearchText(text) {
-	return text.toLowerCase().replace(/[_-]/g, " ");
-}
-function buildSearchText(tool) {
-	const parts = [
-		tool.namespace,
-		tool.toolName,
-		tool.title ?? "",
-		tool.description ?? ""
-	];
-	collectSchemaText(tool.inputSchema, parts);
-	if (tool.outputSchema) collectSchemaText(tool.outputSchema, parts);
-	return normalizeSearchText(parts.join(" "));
-}
-function propertiesFromSchema(schema) {
-	const properties = schema.properties;
-	if (typeof properties !== "object" || properties === null || Array.isArray(properties)) return [];
-	return Object.keys(properties).toSorted();
-}
-function createRelationshipHints(tool, relationships) {
-	const targetToolRef = createToolSummary(tool).toolRef;
-	return relationships.filter((relationship) => relationship.to.toolRef === targetToolRef).map((relationship) => relationship.field === void 0 ? {
-		reason: relationship.reason,
-		sourceToolRef: relationship.from.toolRef,
-		type: relationship.type
-	} : {
-		field: relationship.field,
-		reason: relationship.reason,
-		sourceToolRef: relationship.from.toolRef,
-		type: relationship.type
-	}).toSorted((left, right) => {
-		const typeOrder = left.type.localeCompare(right.type);
-		if (typeOrder !== 0) return typeOrder;
-		return left.sourceToolRef.localeCompare(right.sourceToolRef);
-	});
-}
-function scopedSkillText(toolRef, graph) {
-	if (!graph) return "";
-	return graph.skills.filter((skill) => skill.toolRefs.includes(toolRef)).map((skill) => [
-		skill.title,
-		skill.description ?? "",
-		...skill.tags
-	].join(" ")).join(" ");
-}
-function scoreEntry(entry, terms) {
-	let score = 0;
-	for (const term of terms) if (entry.searchText.includes(term)) score += 1;
-	return score;
-}
-function compareSummaries(left, right) {
-	const namespaceOrder = left.namespace.localeCompare(right.namespace);
-	if (namespaceOrder !== 0) return namespaceOrder;
-	return left.toolName.localeCompare(right.toolName);
-}
-function withRelationshipHints(summary, relationshipHints) {
-	if (relationshipHints.length === 0) return summary;
-	return {
-		...summary.description !== void 0 ? { description: summary.description } : {},
-		input: summary.input,
-		namespace: summary.namespace,
-		...summary.output !== void 0 ? { output: summary.output } : {},
-		relationshipHints,
-		safety: summary.safety,
-		...summary.title !== void 0 ? { title: summary.title } : {},
-		toolName: summary.toolName,
-		toolRef: summary.toolRef
-	};
-}
-function withSchemaFieldMatches(summary, schemaFieldMatches) {
-	if (schemaFieldMatches.length === 0) return summary;
-	return {
-		...summary.description !== void 0 ? { description: summary.description } : {},
-		input: summary.input,
-		namespace: summary.namespace,
-		...summary.output !== void 0 ? { output: summary.output } : {},
-		...summary.relationshipHints !== void 0 ? { relationshipHints: summary.relationshipHints } : {},
-		safety: summary.safety,
-		schemaFieldMatches,
-		...summary.title !== void 0 ? { title: summary.title } : {},
-		toolName: summary.toolName,
-		toolRef: summary.toolRef
-	};
-}
-function createSearchIndex(tools, graph) {
-	const entries = tools.map((tool) => portalToolRecordSchema.parse(tool)).map((tool) => {
-		const summary = createToolSummary(tool);
-		const relationshipHints = createRelationshipHints(tool, graph?.relationships ?? []);
-		const inputFields = propertiesFromSchema(tool.inputSchema);
-		const relationText = relationshipHints.map((hint) => [
-			hint.field ?? "",
-			hint.reason,
-			hint.sourceToolRef,
-			hint.type
-		].join(" ")).join(" ");
-		const skillText = scopedSkillText(summary.toolRef, graph);
-		return {
-			inputFields,
-			relationshipHints,
-			searchText: normalizeSearchText([
-				buildSearchText(tool),
-				relationText,
-				skillText
-			].join(" ")),
-			summary: withRelationshipHints(summary, relationshipHints)
-		};
-	}).toSorted((left, right) => compareSummaries(left.summary, right.summary));
-	return { search(query) {
-		const limit = Math.max(0, Math.floor(query.limit));
-		const namespaceFilter = new Set(query.namespaces ?? []);
-		const terms = normalizeSearchText(query.query ?? "").split(/\s+/).map((term) => term.trim()).filter(Boolean);
-		return { results: entries.filter((entry) => namespaceFilter.size === 0 || namespaceFilter.has(entry.summary.namespace)).map((entry) => ({
-			entry,
-			score: terms.length === 0 ? 1 : scoreEntry(entry, terms)
-		})).filter(({ score }) => score > 0).toSorted((left, right) => {
-			if (right.score !== left.score) return right.score - left.score;
-			return compareSummaries(left.entry.summary, right.entry.summary);
-		}).slice(0, limit).map(({ entry }) => {
-			const schemaFieldMatches = entry.inputFields.filter((fieldName) => terms.some((term) => normalizeSearchText(fieldName).includes(term))).toSorted();
-			return withSchemaFieldMatches(entry.summary, schemaFieldMatches);
-		}) };
-	} };
-}
-//#endregion
-//#region src/tool-graph.ts
-const genericLinkFields = new Set([
-	"id",
-	"name",
-	"title",
-	"url",
-	"uri"
-]);
-function compareCodePoint(left, right) {
-	if (left < right) return -1;
-	if (left > right) return 1;
-	return 0;
-}
-function objectPropertiesFromSchema(schema) {
-	if (!schema) return [];
-	const properties = schema.properties;
-	if (typeof properties !== "object" || properties === null || Array.isArray(properties)) return [];
-	return Object.keys(properties).toSorted();
-}
-function collectEntityNames(schema) {
-	if (!schema) return [];
-	const names = [];
-	const schemaId = schema.$id;
-	const title = schema.title;
-	const entityName = schema.entityName;
-	if (typeof schemaId === "string" && schemaId.length > 0) names.push(schemaId);
-	if (typeof title === "string" && title.length > 0) names.push(title);
-	if (typeof entityName === "string" && entityName.length > 0) names.push(entityName);
-	return names.map((name) => name.toLowerCase()).toSorted();
-}
-function createGraphTool(tool) {
-	const record = portalToolRecordSchema.parse(tool);
-	const toolRef = encodeToolRef({
-		namespace: record.namespace,
-		toolName: record.toolName
-	});
-	return {
-		entityNames: [...collectEntityNames(record.inputSchema), ...collectEntityNames(record.outputSchema)].toSorted(),
-		inputFields: objectPropertiesFromSchema(record.inputSchema),
-		outputFields: objectPropertiesFromSchema(record.outputSchema),
-		record,
-		ref: {
-			namespace: record.namespace,
-			toolName: record.toolName,
-			toolRef
-		}
-	};
-}
-function sharesEntity(left, right) {
-	const rightEntities = new Set(right.entityNames);
-	return left.entityNames.some((entityName) => rightEntities.has(entityName));
-}
-function shouldLinkField(field, fromTool, toTool) {
-	if (!genericLinkFields.has(field.toLowerCase())) return true;
-	return fromTool.record.namespace === toTool.record.namespace && sharesEntity(fromTool, toTool);
-}
-function createSchemaRelationships(tools) {
-	const relationships = [];
-	for (const fromTool of tools) for (const toTool of tools) {
-		if (fromTool.ref.toolRef === toTool.ref.toolRef) continue;
-		const inputFields = new Set(toTool.inputFields);
-		for (const field of fromTool.outputFields) {
-			if (!inputFields.has(field) || !shouldLinkField(field, fromTool, toTool)) continue;
-			relationships.push({
-				field,
-				from: fromTool.ref,
-				reason: `Output field "${field}" matches input field "${field}".`,
-				to: toTool.ref,
-				type: "schema-field"
-			});
-		}
-	}
-	return relationships;
-}
-function createEntityRelationships(tools) {
-	const relationships = [];
-	for (const fromTool of tools) for (const toTool of tools) {
-		if (fromTool.ref.toolRef === toTool.ref.toolRef || !sharesEntity(fromTool, toTool)) continue;
-		relationships.push({
-			from: fromTool.ref,
-			reason: "Tools declare a shared schema entity through title, $id, or entityName.",
-			to: toTool.ref,
-			type: "entity"
-		});
-	}
-	return relationships;
-}
-function createSkillEntries(skills, allowedToolRefs) {
-	const entries = [];
-	for (const skill of skills) {
-		const scopedToolRefs = skill.toolRefs.filter((toolRef) => allowedToolRefs.has(toolRef)).toSorted();
-		if (scopedToolRefs.length === 0) continue;
-		entries.push({
-			...skill.description !== void 0 ? { description: skill.description } : {},
-			tags: [...skill.tags ?? []].toSorted(),
-			title: skill.title,
-			toolRefs: scopedToolRefs
-		});
-	}
-	return entries.toSorted((left, right) => left.title.localeCompare(right.title));
-}
-function createSkillRelationships(skills, toolsByRef) {
-	const relationships = [];
-	for (const skill of skills) for (const fromToolRef of skill.toolRefs) for (const toToolRef of skill.toolRefs) {
-		if (fromToolRef === toToolRef) continue;
-		const fromTool = toolsByRef.get(fromToolRef);
-		const toTool = toolsByRef.get(toToolRef);
-		if (!fromTool || !toTool) continue;
-		relationships.push({
-			from: fromTool.ref,
-			reason: `Both tools are referenced by skill "${skill.title}".`,
-			to: toTool.ref,
-			type: "skill"
-		});
-	}
-	return relationships;
-}
-function compareRelationships(left, right) {
-	const typeOrder = compareCodePoint(left.type, right.type);
-	if (typeOrder !== 0) return typeOrder;
-	const targetOrder = compareCodePoint(left.to.toolRef, right.to.toolRef);
-	if (targetOrder !== 0) return targetOrder;
-	return compareCodePoint(left.from.toolRef, right.from.toolRef);
-}
-function buildToolGraph(input) {
-	const tools = input.tools.map((tool) => createGraphTool(tool)).toSorted((left, right) => compareCodePoint(left.ref.toolRef, right.ref.toolRef));
-	const allowedToolRefs = new Set(tools.map((tool) => tool.ref.toolRef));
-	const skills = createSkillEntries(input.skills ?? [], allowedToolRefs);
-	const toolsByRef = new Map(tools.map((tool) => [tool.ref.toolRef, tool]));
-	return {
-		relationships: [
-			...createEntityRelationships(tools),
-			...createSchemaRelationships(tools),
-			...createSkillRelationships(skills, toolsByRef)
-		].toSorted(compareRelationships),
-		skills
-	};
-}
-//#endregion
-//#region src/portal-session.ts
-function isHiddenTool(tool, hiddenTools) {
-	return hiddenTools.some((hiddenTool) => hiddenTool.namespace === tool.namespace && hiddenTool.toolName === tool.toolName);
-}
-function isEnabledTool(tool, enabledTools) {
-	if (enabledTools.length === 0) return true;
-	return enabledTools.some((enabledTool) => enabledTool.namespace === tool.namespace && enabledTool.toolName === tool.toolName);
-}
-function portalToolFromMcpTool(namespace, tool) {
-	return portalToolRecordSchema.parse({
-		...tool.annotations !== void 0 ? { annotations: tool.annotations } : {},
-		...tool.description !== void 0 ? { description: tool.description } : {},
-		inputSchema: tool.inputSchema,
-		namespace,
-		...tool.outputSchema !== void 0 ? { outputSchema: tool.outputSchema } : {},
-		...tool.title !== void 0 ? { title: tool.title } : {},
-		toolName: tool.name
-	});
-}
-function createSourceHash(tools) {
-	return createHash("sha256").update(JSON.stringify(tools)).digest("hex");
-}
-function messageFromError(error) {
-	return error instanceof Error ? error.message : String(error);
-}
-function createPortalSessionManager(options) {
-	const sessions = /* @__PURE__ */ new Map();
-	const agentScopeGenerations = /* @__PURE__ */ new Map();
-	const getNow = options.now ?? (() => Date.now());
-	function generationForAgentScope(agentScopeId) {
-		return agentScopeGenerations.get(agentScopeId) ?? 0;
-	}
-	function incrementAgentScopeGeneration(agentScopeId) {
-		agentScopeGenerations.set(agentScopeId, generationForAgentScope(agentScopeId) + 1);
-	}
-	function generationForScope(scopeKey) {
-		const agentScopeId = scopeKey.split("\n", 1)[0] ?? scopeKey;
-		return (agentScopeGenerations.get(scopeKey) ?? 0) + generationForAgentScope(agentScopeId);
-	}
-	function incrementScopeGeneration(scopeKey) {
-		agentScopeGenerations.set(scopeKey, generationForScope(scopeKey) + 1);
-	}
-	async function buildSession(identity) {
-		const policy = resolvePortalAccessPolicy({
-			config: options.accessPolicy,
-			identity,
-			upstreamNamespaces: options.upstreamNamespaces
-		});
-		const tools = [];
-		const discoveryFailures = [...options.discoveryFailures ?? []];
-		const allowedNamespaces = policy.allowedNamespaces;
-		const namespaceToolGroups = await Promise.allSettled(allowedNamespaces.map(async (namespace) => ({
-			mcpTools: await options.runtime.listTools({
-				agentScopeId: portalAgentScopeKey(identity),
-				namespace
-			}),
-			namespace
-		})));
-		for (const [index, namespaceToolGroup] of namespaceToolGroups.entries()) {
-			if (namespaceToolGroup.status === "rejected") {
-				const namespace = allowedNamespaces[index] ?? "unknown";
-				discoveryFailures.push({
-					message: messageFromError(namespaceToolGroup.reason),
-					namespace
-				});
-				continue;
-			}
-			const { mcpTools, namespace } = namespaceToolGroup.value;
-			for (const mcpTool of mcpTools) {
-				const portalTool = portalToolFromMcpTool(namespace, mcpTool);
-				if (isEnabledTool(portalTool, policy.enabledTools) && !isHiddenTool(portalTool, policy.hiddenTools)) tools.push(portalTool);
-			}
-		}
-		const sortedTools = tools.toSorted((left, right) => {
-			const namespaceOrder = left.namespace.localeCompare(right.namespace);
-			return namespaceOrder === 0 ? left.toolName.localeCompare(right.toolName) : namespaceOrder;
-		});
-		const graph = buildToolGraph({
-			skills: options.skills ?? [],
-			tools: sortedTools
-		});
-		return {
-			catalog: {
-				agentScopeId: identity.agentScopeId,
-				discoveryFailures,
-				generatedAt: new Date(getNow()).toISOString(),
-				sourceHash: createSourceHash(sortedTools),
-				tools: sortedTools
-			},
-			graph,
-			identity,
-			searchIndex: createSearchIndex(sortedTools, graph)
-		};
-	}
-	return {
-		async getSession(identity) {
-			const key = portalAgentScopeKey(identity);
-			const now = getNow();
-			const cached = sessions.get(key);
-			if (cached && cached.expiresAt > now) return cached.session;
-			const generation = generationForScope(key);
-			const session = await buildSession(identity);
-			if (generationForScope(key) === generation && session.catalog.discoveryFailures.length === 0) sessions.set(key, {
-				expiresAt: now + options.catalogTtlMs,
-				session
-			});
-			return session;
-		},
-		async invalidateAgentScope(agentScopeId) {
-			incrementAgentScopeGeneration(agentScopeId);
-			for (const key of sessions.keys()) if (key === agentScopeId || key.startsWith(`${agentScopeId}\n`)) sessions.delete(key);
-			await options.runtime.closeAgentScope(agentScopeId);
-		},
-		async invalidateSession(identity) {
-			const scopeKey = portalAgentScopeKey(identity);
-			incrementScopeGeneration(scopeKey);
-			sessions.delete(scopeKey);
-			if (options.runtime.closeSession) {
-				await options.runtime.closeSession(scopeKey);
-				return;
-			}
-			await options.runtime.closeAgentScope(scopeKey);
-		}
-	};
-}
-//#endregion
-//#region src/upstream-response-middleware.ts
-const credentialPatterns = [
-	/\bBearer\s+[A-Za-z0-9._~+/=-]+/gi,
-	/\bBasic\s+[A-Za-z0-9._~+/=-]+/gi,
-	/\b(api[_-]?key|token|password|secret)=([^&\s]+)/gi
-];
-function isCredentialConfigKey(key) {
-	const normalizedKey = key.toLowerCase().replace(/[^a-z0-9]/g, "");
-	return normalizedKey === "auth" || normalizedKey === "authorization" || normalizedKey === "apikey" || normalizedKey.endsWith("apikey") || normalizedKey.endsWith("token") || normalizedKey.endsWith("password") || normalizedKey.endsWith("secret");
-}
-function redactExactValues(text, exactValues) {
-	return exactValues.filter((value) => value.length > 0).reduce((currentText, value) => currentText.split(value).join("[REDACTED]"), text);
-}
-function redactExactCredentialText(text, options = {}) {
-	return redactExactValues(text, options.exactValues ?? []);
-}
-function redactCredentialText(text, options = {}) {
-	return redactExactValues(credentialPatterns.reduce((current, pattern) => current.replace(pattern, "[REDACTED]"), text), options.exactValues ?? []);
-}
-function redactJsonValue(value, options, keyHint) {
-	if (typeof value === "string") return keyHint && isCredentialConfigKey(keyHint) ? "[REDACTED]" : redactCredentialText(value, options);
-	if (Array.isArray(value)) return value.map((entry) => redactJsonValue(entry, options));
-	if (typeof value !== "object" || value === null) return value;
-	return Object.fromEntries(Object.entries(value).map(([key, childValue]) => [key, redactJsonValue(childValue, options, key)]));
-}
-function redactExactJsonValue(value, options) {
-	if (typeof value === "string") return redactExactCredentialText(value, options);
-	if (Array.isArray(value)) return value.map((entry) => redactExactJsonValue(entry, options));
-	if (typeof value !== "object" || value === null) return value;
-	return Object.fromEntries(Object.entries(value).map(([key, childValue]) => [key, redactExactJsonValue(childValue, options)]));
-}
-function isJsonValue(value) {
-	if (value === null || typeof value === "string" || typeof value === "number" || typeof value === "boolean") return true;
-	if (Array.isArray(value)) return value.every(isJsonValue);
-	if (typeof value !== "object") return false;
-	return Object.values(value).every(isJsonValue);
-}
-function redactUpstreamResponse(response, options = {}) {
-	return redactJsonValue(response, options);
-}
-function redactUpstreamCatalogValue(response, options = {}) {
-	return redactExactJsonValue(response, options);
-}
-function copyRedactedErrorField(props) {
-	const descriptor = Object.getOwnPropertyDescriptor(props.source, props.fieldName);
-	if (!descriptor || !("value" in descriptor)) return;
-	Object.defineProperty(props.target, props.fieldName, {
-		...descriptor,
-		value: redactJsonValue(descriptor.value, props.options)
-	});
-}
-function redactThrownError(error, options = {}) {
-	const message = error instanceof Error ? error.message : String(error);
-	if (!(error instanceof Error)) return new Error(redactCredentialText(message, options));
-	const redactedError = new Error(redactCredentialText(message, options), { cause: error });
-	redactedError.name = error.name;
-	if (error.stack) redactedError.stack = redactCredentialText(error.stack, options);
-	copyRedactedErrorField({
-		fieldName: "code",
-		options,
-		source: error,
-		target: redactedError
-	});
-	copyRedactedErrorField({
-		fieldName: "data",
-		options,
-		source: error,
-		target: redactedError
-	});
-	return redactedError;
-}
-function toRedactedJsonValue(value, options = {}) {
-	const redacted = redactJsonValue(value, options);
-	if (isJsonValue(redacted)) return redacted;
-	return null;
-}
-//#endregion
-//#region src/upstream-mcp-client-runtime.ts
-const defaultConnectionTimeoutMs = 3e4;
-function isObjectRecord(value) {
-	return typeof value === "object" && value !== null && !Array.isArray(value);
-}
-function isTransport(value) {
-	return isObjectRecord(value) && typeof value.start === "function" && typeof value.send === "function" && typeof value.close === "function";
-}
-function createSdkClient() {
-	const client = new Client({
-		name: "agent-vm-mcp-portal",
-		version: "1.0.0"
-	});
-	return {
-		callTool: async (params) => await client.callTool(params),
-		close: async () => {
-			await client.close();
-		},
-		connect: async (transport) => {
-			if (!isTransport(transport)) throw new Error("SDK MCP client requires a valid MCP transport.");
-			await client.connect(transport);
-		},
-		listTools: async (params) => {
-			const result = await client.listTools(params);
-			return {
-				...result.nextCursor !== void 0 ? { nextCursor: result.nextCursor } : {},
-				tools: result.tools
-			};
-		}
-	};
-}
-function withRemoteHeaders(server) {
-	if (!server.headers) return server;
-	return {
-		...server,
-		requestInit: {
-			...server.requestInit,
-			headers: {
-				...normalizeHeaders(server.requestInit?.headers),
-				...server.headers
-			}
-		}
-	};
-}
-function createSdkTransport(server, transport) {
-	if (transport === "stdio") {
-		if (server.transport !== "stdio") throw new Error("Stdio transport requires stdio server config.");
-		return new StdioClientTransport({
-			...server.args ? { args: [...server.args] } : {},
-			command: server.command,
-			...server.cwd !== void 0 ? { cwd: server.cwd } : {},
-			...server.env ? { env: { ...server.env } } : {}
-		});
-	}
-	if (server.transport === "stdio") throw new Error("Remote transport requires remote server config.");
-	const remoteServer = withRemoteHeaders(server);
-	if (transport === "sse") {
-		const options = {};
-		if (remoteServer.eventSourceInit !== void 0) options.eventSourceInit = remoteServer.eventSourceInit;
-		if (remoteServer.requestInit !== void 0) options.requestInit = remoteServer.requestInit;
-		return new SSEClientTransport(new URL(remoteServer.url), options);
-	}
-	const options = {};
-	if (remoteServer.requestInit !== void 0) options.requestInit = remoteServer.requestInit;
-	return new StreamableHTTPClientTransport(new URL(remoteServer.url), options);
-}
-function cacheKey(agentScopeId, namespace) {
-	return `${agentScopeId}\n${namespace}`;
-}
-function rootAgentScopeId(agentScopeId) {
-	return agentScopeId.split("\n", 1)[0] ?? agentScopeId;
-}
-function transportAttempts(server) {
-	if (server.transport === "auto-http") return ["streamable-http", "sse"];
-	return [server.transport];
-}
-function redactionValuesFromServer(server) {
-	if (server.transport === "stdio") return Object.entries(server.env ?? {}).filter(([key, value]) => isCredentialConfigKey(key) && value.length > 0).map(([, value]) => value);
-	return Object.entries(server.headers ?? {}).filter(([key, value]) => isCredentialConfigKey(key) && value.length > 0).map(([, value]) => value);
-}
-function timeoutMsForServer(server) {
-	return server.connectionTimeoutMs ?? defaultConnectionTimeoutMs;
-}
-async function withTimeout(promise, props) {
-	let timeout;
-	try {
-		return await Promise.race([promise, new Promise((_resolve, reject) => {
-			timeout = setTimeout(() => {
-				reject(/* @__PURE__ */ new Error(`${props.operation} timed out after ${props.timeoutMs}ms.`));
-			}, props.timeoutMs);
-		})]);
-	} finally {
-		if (timeout) clearTimeout(timeout);
-	}
-}
-async function listAllTools(client, cursor, collectedTools, timeoutMs) {
-	const result = await withTimeout(client.listTools(cursor ? { cursor } : void 0), {
-		operation: "MCP listTools",
-		timeoutMs
-	});
-	const nextTools = [...collectedTools, ...result.tools];
-	return result.nextCursor ? listAllTools(client, result.nextCursor, nextTools, timeoutMs) : nextTools;
-}
-async function closeClientAfterFailure(client) {
-	if (!client) return;
-	try {
-		await client.close();
-	} catch {}
-}
-async function closeClientForTeardown(client, props) {
-	if (!client) return;
-	try {
-		await client.close();
-	} catch (error) {
-		props.onCloseError?.(redactThrownError(error), props.context);
-	}
-}
-function closeErrorContextFromCacheKey(cacheKeyValue) {
-	const keyParts = cacheKeyValue.split("\n");
-	const namespace = keyParts.length > 1 ? keyParts[keyParts.length - 1] : void 0;
-	return {
-		agentScopeId: namespace !== void 0 ? keyParts.slice(0, keyParts.length - 1).join("\n") : cacheKeyValue,
-		...namespace !== void 0 ? { namespace } : {}
-	};
-}
-function redactToolCatalog(tools, options) {
-	return tools.map((tool) => ToolSchema.parse(redactUpstreamCatalogValue(tool, options)));
-}
-function createUpstreamMcpClientRuntime(options) {
-	const serversByNamespace = new Map(options.servers.map((server) => [server.namespace, server]));
-	const clients = /* @__PURE__ */ new Map();
-	const pendingClients = /* @__PURE__ */ new Map();
-	const agentScopeGenerations = /* @__PURE__ */ new Map();
-	const createClient = options.createClient ?? createSdkClient;
-	const createTransport = options.createTransport ?? createSdkTransport;
-	const redactionValues = [...options.additionalRedactionValues ?? [], ...options.servers.flatMap((server) => redactionValuesFromServer(server))];
-	function generationForAgentScope(agentScopeId) {
-		return agentScopeGenerations.get(agentScopeId) ?? agentScopeGenerations.get(rootAgentScopeId(agentScopeId)) ?? 0;
-	}
-	function incrementAgentScopeGeneration(agentScopeId) {
-		const rootAgentScope = rootAgentScopeId(agentScopeId);
-		agentScopeGenerations.set(rootAgentScope, (agentScopeGenerations.get(rootAgentScope) ?? 0) + 1);
-	}
-	function incrementScopeGeneration(scopeKey) {
-		agentScopeGenerations.set(scopeKey, (agentScopeGenerations.get(scopeKey) ?? 0) + 1);
-	}
-	async function createConnectedClient(server) {
-		const attempts = transportAttempts(server);
-		async function tryAttempt(attemptIndex, lastError) {
-			const transportKind = attempts[attemptIndex];
-			if (transportKind === void 0) throw lastError ?? /* @__PURE__ */ new Error(`Could not connect to upstream MCP namespace "${server.namespace}".`);
-			const client = createClient();
-			const transport = createTransport(transportKind === "sse" && server.transport !== "stdio" ? withRemoteHeaders(server) : server, transportKind);
-			try {
-				await withTimeout(client.connect(transport), {
-					operation: `MCP ${transportKind} connect for namespace "${server.namespace}"`,
-					timeoutMs: timeoutMsForServer(server)
-				});
-				return client;
-			} catch (error) {
-				const redactedError = redactThrownError(error, { exactValues: redactionValues });
-				await closeClientAfterFailure(client);
-				return tryAttempt(attemptIndex + 1, redactedError);
-			}
-		}
-		return tryAttempt(0, null);
-	}
-	async function getClient(agentScopeId, namespace) {
-		const key = cacheKey(agentScopeId, namespace);
-		const cachedClient = clients.get(key);
-		if (cachedClient) return cachedClient.client;
-		const pendingClient = pendingClients.get(key);
-		const generation = generationForAgentScope(agentScopeId);
-		if (pendingClient && pendingClient.generation === generation) return pendingClient.promise;
-		if (pendingClient) {
-			pendingClients.delete(key);
-			pendingClient.promise.then(closeClientAfterFailure, () => void 0);
-		}
-		const server = serversByNamespace.get(namespace);
-		if (!server) throw new Error(`Unknown upstream MCP namespace "${namespace}".`);
-		const pending = createConnectedClient(server);
-		const pendingRecord = {
-			generation,
-			promise: pending
-		};
-		pendingClients.set(key, pendingRecord);
-		try {
-			const client = await pending;
-			if (generationForAgentScope(agentScopeId) !== generation) {
-				await closeClientAfterFailure(client);
-				throw new Error(`MCP client for agent scope "${rootAgentScopeId(agentScopeId)}" was invalidated.`);
-			}
-			clients.set(key, { client });
-			return client;
-		} finally {
-			if (pendingClients.get(key) === pendingRecord) pendingClients.delete(key);
-		}
-	}
-	return {
-		async callTool(call) {
-			const key = cacheKey(call.agentScopeId, call.namespace);
-			let client = null;
-			try {
-				client = await getClient(call.agentScopeId, call.namespace);
-				const server = serversByNamespace.get(call.namespace);
-				return redactUpstreamResponse(await withTimeout(client.callTool({
-					arguments: call.arguments,
-					name: call.toolName
-				}), {
-					operation: `MCP callTool ${call.namespace}.${call.toolName}`,
-					timeoutMs: server ? timeoutMsForServer(server) : defaultConnectionTimeoutMs
-				}), { exactValues: redactionValues });
-			} catch (error) {
-				clients.delete(key);
-				await closeClientAfterFailure(client);
-				throw redactThrownError(error, { exactValues: redactionValues });
-			}
-		},
-		async closeAgentScope(agentScopeId) {
-			incrementAgentScopeGeneration(agentScopeId);
-			const closePromises = [];
-			for (const [key, cachedClient] of clients.entries()) {
-				if (key !== agentScopeId && !key.startsWith(`${agentScopeId}\n`)) continue;
-				clients.delete(key);
-				closePromises.push(closeClientForTeardown(cachedClient.client, {
-					context: closeErrorContextFromCacheKey(key),
-					onCloseError: options.onCloseError
-				}));
-			}
-			for (const [key, pendingClient] of pendingClients.entries()) {
-				if (key !== agentScopeId && !key.startsWith(`${agentScopeId}\n`)) continue;
-				pendingClients.delete(key);
-				closePromises.push(pendingClient.promise.then((client) => closeClientForTeardown(client, {
-					context: closeErrorContextFromCacheKey(key),
-					onCloseError: options.onCloseError
-				}), () => void 0));
-			}
-			await Promise.all(closePromises);
-		},
-		async closeSession(scopeKey) {
-			incrementScopeGeneration(scopeKey);
-			const closePromises = [];
-			for (const [key, cachedClient] of clients.entries()) {
-				if (key !== scopeKey && !key.startsWith(`${scopeKey}\n`)) continue;
-				clients.delete(key);
-				closePromises.push(closeClientForTeardown(cachedClient.client, {
-					context: closeErrorContextFromCacheKey(key),
-					onCloseError: options.onCloseError
-				}));
-			}
-			for (const [key, pendingClient] of pendingClients.entries()) {
-				if (key !== scopeKey && !key.startsWith(`${scopeKey}\n`)) continue;
-				pendingClients.delete(key);
-				closePromises.push(pendingClient.promise.then((client) => closeClientForTeardown(client, {
-					context: closeErrorContextFromCacheKey(key),
-					onCloseError: options.onCloseError
-				}), () => void 0));
-			}
-			await Promise.all(closePromises);
-		},
-		async listTools(call) {
-			const key = cacheKey(call.agentScopeId, call.namespace);
-			let client = null;
-			try {
-				client = await getClient(call.agentScopeId, call.namespace);
-				const server = serversByNamespace.get(call.namespace);
-				return redactToolCatalog(await listAllTools(client, void 0, [], server ? timeoutMsForServer(server) : defaultConnectionTimeoutMs), { exactValues: redactionValues });
-			} catch (error) {
-				clients.delete(key);
-				await closeClientAfterFailure(client);
-				throw redactThrownError(error, { exactValues: redactionValues });
-			}
-		}
-	};
-}
-//#endregion
-export { verifyApprovalToken as A, summarizeJsonSchema as C, validatePortalToolArguments as D, resolvePortalAccessPolicy as E, portalHmacKeyEnvName as M, hashCallArguments as O, createToolSummary as S, portalAgentScopeKey as T, createPortalMcpServer as _, redactThrownError as a, createPortalToolHandlers as b, toRedactedJsonValue as c, createSearchIndex as d, createPortalAgentRuntimeRecords as f, createPortalHttpApp as g, resolveAgentHmacKeys as h, redactExactCredentialText as i, parseHmacKeysFromEnv as j, signApprovalToken as k, createPortalSessionManager as l, createPortalHttpAgentResolver as m, isCredentialConfigKey as n, redactUpstreamCatalogValue as o, createPortalApprovalVerifier as p, redactCredentialText as r, redactUpstreamResponse as s, createUpstreamMcpClientRuntime as t, buildToolGraph as u, listPortalMcpTools as v, createPortalAgentIdentity as w, portalToolInputSchemas as x, portalMcpToolNames as y };
-
-//# sourceMappingURL=upstream-mcp-client-runtime-DiBCBsDj.js.map