@agentlensai/server 0.8.0 → 0.10.0

package/dist/routes/delegation.js

@@ -0,0 +1,108 @@
+/**
+ * Delegation REST API (Stories 6.1 + 6.2)
+ *
+ * POST /api/agents/delegate                          — send a delegation request (outbound)
+ * GET  /api/agents/:id/delegations/inbox             — poll for pending requests (inbound)
+ * POST /api/agents/:id/delegations/:requestId/accept — accept a delegation
+ * POST /api/agents/:id/delegations/:requestId/reject — reject a delegation
+ * POST /api/agents/:id/delegations/:requestId/complete — complete with result
+ */
+import { Hono } from 'hono';
+import { DelegationService } from '../services/delegation-service.js';
+import { TASK_TYPES } from '@agentlensai/core';
+const VALID_TASK_TYPES = new Set(TASK_TYPES);
+export function delegationRoutes(db, transport) {
+    const app = new Hono();
+    const service = new DelegationService(db, transport);
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // POST /delegate — send a delegation request (outbound)
+    app.post('/delegate', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const agentId = body.agentId;
+        if (!agentId) {
+            return c.json({ error: 'agentId is required', status: 400 }, 400);
+        }
+        const targetAnonymousId = body.targetAnonymousId;
+        if (!targetAnonymousId) {
+            return c.json({ error: 'targetAnonymousId is required', status: 400 }, 400);
+        }
+        const taskType = body.taskType;
+        if (!taskType || !VALID_TASK_TYPES.has(taskType)) {
+            return c.json({ error: 'taskType is required and must be valid', status: 400 }, 400);
+        }
+        const result = await service.delegate(tenantId, agentId, {
+            targetAnonymousId,
+            taskType: taskType,
+            input: body.input,
+            timeoutMs: body.timeoutMs ?? 30000,
+            fallbackEnabled: body.fallbackEnabled,
+            maxRetries: body.maxRetries,
+        });
+        return c.json({ result });
+    });
+    // GET /:id/delegations/inbox — poll for pending requests
+    app.get('/:id/delegations/inbox', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const inbox = await service.getInbox(tenantId, agentId);
+        return c.json({ requests: inbox, total: inbox.length });
+    });
+    // POST /:id/delegations/:requestId/accept
+    app.post('/:id/delegations/:requestId/accept', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const requestId = c.req.param('requestId');
+        const result = await service.acceptDelegation(tenantId, agentId, requestId);
+        if (!result.ok) {
+            return c.json({ error: result.error, status: 400 }, 400);
+        }
+        return c.json({ accepted: true });
+    });
+    // POST /:id/delegations/:requestId/reject
+    app.post('/:id/delegations/:requestId/reject', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const requestId = c.req.param('requestId');
+        let body = {};
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            // Body is optional for reject
+        }
+        const result = await service.rejectDelegation(tenantId, agentId, requestId, body.reason);
+        if (!result.ok) {
+            return c.json({ error: result.error, status: 400 }, 400);
+        }
+        return c.json({ rejected: true });
+    });
+    // POST /:id/delegations/:requestId/complete
+    app.post('/:id/delegations/:requestId/complete', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const requestId = c.req.param('requestId');
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const result = await service.completeDelegation(tenantId, agentId, requestId, body.output);
+        if (!result.ok) {
+            return c.json({ error: result.error, status: 400 }, 400);
+        }
+        return c.json({ completed: true });
+    });
+    return { app, service };
+}
+//# sourceMappingURL=delegation.js.map

package/dist/routes/delegation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegation.js","sourceRoot":"","sources":["../../src/routes/delegation.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,iBAAiB,EAAsB,MAAM,mCAAmC,CAAC;AAC1F,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAS,UAAU,CAAC,CAAC;AAErD,MAAM,UAAU,gBAAgB,CAAC,EAAY,EAAE,SAAwB;IACrE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,OAAO,GAAG,IAAI,iBAAiB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAErD,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,wDAAwD;IACxD,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAChC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAEhC,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,OAAiB,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,iBAA2B,CAAC;QAC3D,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAkB,CAAC;QACzC,IAAI,CAAC,QAAQ,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wCAAwC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,EAAE;YACvD,iBAAiB;YACjB,QAAQ,EAAE,QAAe;YACzB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,KAAK;YAC9C,eAAe,EAAE,IAAI,CAAC,eAAsC;YAC5D,UAAU,EAAE,IAAI,CAAC,UAAgC;SAClD,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,yDAAyD;IACzD,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5C,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,0CAA0C;IAC1C,GAAG,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACzD,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC5E,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,0CAA0C;IAC1C,GAAG,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACzD,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE3C,IAAI,IAAI,GAA4B,EAAE,CAAC;QACvC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,8BAA8B;QAChC,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,MAAgB,CAAC,CAAC;QACnG,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,4CAA4C;IAC5C,GAAG,CAAC,IAAI,CAAC,sCAAsC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC3D,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE3C,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3F,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AAC1B,CAAC"}

package/dist/routes/delegations-top.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Top-level Delegation Log Routes (dashboard-facing)
+ *
+ * GET /api/delegations — list all delegation log entries with filters
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+export declare function delegationTopRoutes(db: SqliteDb): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=delegations-top.d.ts.map

package/dist/routes/delegations-top.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegations-top.d.ts","sourceRoot":"","sources":["../../src/routes/delegations-top.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG/C,wBAAgB,mBAAmB,CAAC,EAAE,EAAE,QAAQ;eACZ,aAAa;0CAmChD"}

package/dist/routes/delegations-top.js

@@ -0,0 +1,43 @@
+/**
+ * Top-level Delegation Log Routes (dashboard-facing)
+ *
+ * GET /api/delegations — list all delegation log entries with filters
+ */
+import { Hono } from 'hono';
+import { eq } from 'drizzle-orm';
+import * as schema from '../db/schema.sqlite.js';
+export function delegationTopRoutes(db) {
+    const app = new Hono();
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // GET / — list delegation log entries
+    app.get('/', async (c) => {
+        const tenantId = getTenantId(c);
+        const direction = c.req.query('direction') || undefined;
+        const status = c.req.query('status') || undefined;
+        const from = c.req.query('from') || undefined;
+        const to = c.req.query('to') || undefined;
+        const limitStr = c.req.query('limit');
+        const limit = limitStr ? Math.min(Math.max(1, parseInt(limitStr, 10) || 100), 500) : 100;
+        let rows = db
+            .select()
+            .from(schema.delegationLog)
+            .where(eq(schema.delegationLog.tenantId, tenantId))
+            .all();
+        if (direction)
+            rows = rows.filter((r) => r.direction === direction);
+        if (status)
+            rows = rows.filter((r) => r.status === status);
+        if (from)
+            rows = rows.filter((r) => r.createdAt >= from);
+        if (to)
+            rows = rows.filter((r) => r.createdAt <= to);
+        rows.sort((a, b) => b.createdAt.localeCompare(a.createdAt));
+        const total = rows.length;
+        const paged = rows.slice(0, limit);
+        return c.json({ delegations: paged, total });
+    });
+    return app;
+}
+//# sourceMappingURL=delegations-top.js.map

package/dist/routes/delegations-top.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegations-top.js","sourceRoot":"","sources":["../../src/routes/delegations-top.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAGjC,OAAO,KAAK,MAAM,MAAM,wBAAwB,CAAC;AAEjD,MAAM,UAAU,mBAAmB,CAAC,EAAY;IAC9C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,sCAAsC;IACtC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC;QACxD,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;QAClD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;QAC9C,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC;QAC1C,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAEzF,IAAI,IAAI,GAAG,EAAE;aACV,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;aAC1B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAClD,GAAG,EAAE,CAAC;QAET,IAAI,SAAS;YAAE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;QACpE,IAAI,MAAM;YAAE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QAC3D,IAAI,IAAI;YAAE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;QACzD,IAAI,EAAE;YAAE,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;QAErD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAEnC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/discovery.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Discovery REST API (Story 5.3 + 5.4)
+ *
+ * GET  /api/agents/discover — discover capabilities
+ * PUT  /api/agents/discovery/config — update tenant discovery config
+ * GET  /api/agents/discovery/config — get tenant discovery config
+ * PUT  /api/agents/capabilities/:capabilityId/permissions — update per-agent permissions
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+import { DiscoveryService } from '../services/discovery-service.js';
+export declare function discoveryRoutes(db: SqliteDb): {
+    app: Hono<{
+        Variables: AuthVariables;
+    }, import("hono/types").BlankSchema, "/">;
+    service: DiscoveryService;
+};
+//# sourceMappingURL=discovery.d.ts.map

package/dist/routes/discovery.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"discovery.d.ts","sourceRoot":"","sources":["../../src/routes/discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAKpE,wBAAgB,eAAe,CAAC,EAAE,EAAE,QAAQ;;mBACR,aAAa;;;EA0FhD"}

package/dist/routes/discovery.js

@@ -0,0 +1,96 @@
+/**
+ * Discovery REST API (Story 5.3 + 5.4)
+ *
+ * GET  /api/agents/discover — discover capabilities
+ * PUT  /api/agents/discovery/config — update tenant discovery config
+ * GET  /api/agents/discovery/config — get tenant discovery config
+ * PUT  /api/agents/capabilities/:capabilityId/permissions — update per-agent permissions
+ */
+import { Hono } from 'hono';
+import { DiscoveryService } from '../services/discovery-service.js';
+import { TASK_TYPES } from '@agentlensai/core';
+const VALID_TASK_TYPES = new Set(TASK_TYPES);
+export function discoveryRoutes(db) {
+    const app = new Hono();
+    const service = new DiscoveryService(db);
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // GET /discover — discover capabilities
+    app.get('/discover', async (c) => {
+        const tenantId = getTenantId(c);
+        const taskType = c.req.query('taskType');
+        if (!taskType || !VALID_TASK_TYPES.has(taskType)) {
+            return c.json({ error: 'taskType is required and must be a valid TaskType', status: 400 }, 400);
+        }
+        const query = {
+            taskType: taskType,
+            customType: c.req.query('customType') || undefined,
+            minTrustScore: c.req.query('minTrust') ? Number(c.req.query('minTrust')) : undefined,
+            maxCostUsd: c.req.query('maxCost') ? Number(c.req.query('maxCost')) : undefined,
+            maxLatencyMs: c.req.query('maxLatency') ? Number(c.req.query('maxLatency')) : undefined,
+            scope: 'internal', // Only internal for now (B3)
+            limit: c.req.query('limit') ? Math.min(Number(c.req.query('limit')), 20) : 20,
+        };
+        const results = service.discover(tenantId, query);
+        return c.json({ results, total: results.length });
+    });
+    // GET /discovery/config — get tenant discovery config
+    app.get('/discovery/config', async (c) => {
+        const tenantId = getTenantId(c);
+        const config = service.getDiscoveryConfig(tenantId);
+        return c.json({ config });
+    });
+    // PUT /discovery/config — update tenant discovery config
+    app.put('/discovery/config', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const updates = {};
+        if (body.minTrustThreshold !== undefined) {
+            const val = Number(body.minTrustThreshold);
+            if (isNaN(val) || val < 0 || val > 100) {
+                return c.json({ error: 'minTrustThreshold must be 0-100', status: 400 }, 400);
+            }
+            updates.minTrustThreshold = val;
+        }
+        if (body.delegationEnabled !== undefined) {
+            updates.delegationEnabled = Boolean(body.delegationEnabled);
+        }
+        const config = service.updateDiscoveryConfig(tenantId, updates);
+        return c.json({ config });
+    });
+    // PUT /capabilities/:capabilityId/permissions — update per-agent permissions
+    app.put('/capabilities/:capabilityId/permissions', async (c) => {
+        const tenantId = getTenantId(c);
+        const capabilityId = c.req.param('capabilityId');
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        const updates = {};
+        if (body.enabled !== undefined)
+            updates.enabled = Boolean(body.enabled);
+        if (body.acceptDelegations !== undefined)
+            updates.acceptDelegations = Boolean(body.acceptDelegations);
+        if (body.inboundRateLimit !== undefined)
+            updates.inboundRateLimit = Number(body.inboundRateLimit);
+        if (body.outboundRateLimit !== undefined)
+            updates.outboundRateLimit = Number(body.outboundRateLimit);
+        const ok = service.updateAgentPermissions(tenantId, capabilityId, updates);
+        if (!ok) {
+            return c.json({ error: 'Capability not found', status: 404 }, 404);
+        }
+        return c.json({ updated: true });
+    });
+    return { app, service };
+}
+//# sourceMappingURL=discovery.js.map

package/dist/routes/discovery.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"discovery.js","sourceRoot":"","sources":["../../src/routes/discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,UAAU,EAAsC,MAAM,mBAAmB,CAAC;AAEnF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAS,UAAU,CAAC,CAAC;AAErD,MAAM,UAAU,eAAe,CAAC,EAAY;IAC1C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAEzC,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,wCAAwC;IACxC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAEhC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,IAAI,CAAC,QAAQ,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mDAAmD,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClG,CAAC;QAED,MAAM,KAAK,GAAmB;YAC5B,QAAQ,EAAE,QAAoB;YAC9B,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,SAAS;YAClD,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YACpF,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YAC/E,YAAY,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YACvF,KAAK,EAAE,UAAU,EAAE,6BAA6B;YAChD,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;SAC9E,CAAC;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,sDAAsD;IACtD,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,yDAAyD;IACzD,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACzC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC3C,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;gBACvC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,CAAC,iBAAiB,GAAG,GAAG,CAAC;QAClC,CAAC;QACD,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACzC,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAChE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,6EAA6E;IAC7E,GAAG,CAAC,GAAG,CAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7D,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;YAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxE,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS;YAAE,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACtG,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS;YAAE,OAAO,CAAC,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAClG,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS;YAAE,OAAO,CAAC,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAErG,MAAM,EAAE,GAAG,OAAO,CAAC,sBAAsB,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAC3E,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AAC1B,CAAC"}

package/dist/routes/redaction-test.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Redaction Test Endpoint (Story 2.4)
+ *
+ * POST /api/community/redaction/test
+ * Accepts raw content, runs it through the redaction pipeline,
+ * and returns the redacted output WITHOUT sharing.
+ * For testing/debugging purposes only.
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+export declare function redactionTestRoutes(): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=redaction-test.d.ts.map

package/dist/routes/redaction-test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redaction-test.d.ts","sourceRoot":"","sources":["../../src/routes/redaction-test.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAK3D,wBAAgB,mBAAmB;eACC,aAAa;0CAsChD"}

package/dist/routes/redaction-test.js

@@ -0,0 +1,33 @@
+/**
+ * Redaction Test Endpoint (Story 2.4)
+ *
+ * POST /api/community/redaction/test
+ * Accepts raw content, runs it through the redaction pipeline,
+ * and returns the redacted output WITHOUT sharing.
+ * For testing/debugging purposes only.
+ */
+import { Hono } from 'hono';
+import { RedactionPipeline } from '../lib/redaction/pipeline.js';
+import { createRawLessonContent } from '@agentlensai/core';
+export function redactionTestRoutes() {
+    const app = new Hono();
+    const pipeline = new RedactionPipeline();
+    app.post('/test', async (c) => {
+        const body = await c.req.json();
+        if (!body.content) {
+            return c.json({ error: 'content is required' }, 400);
+        }
+        const raw = createRawLessonContent(body.title ?? 'Test', body.content, body.context ?? {});
+        const redactionCtx = {
+            tenantId: body.tenantId ?? 'test',
+            agentId: body.agentId,
+            category: 'general',
+            denyListPatterns: body.denyListPatterns ?? [],
+            knownTenantTerms: body.knownTenantTerms ?? [],
+        };
+        const result = await pipeline.process(raw, redactionCtx);
+        return c.json(result);
+    });
+    return app;
+}
+//# sourceMappingURL=redaction-test.js.map

package/dist/routes/redaction-test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redaction-test.js","sourceRoot":"","sources":["../../src/routes/redaction-test.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAG3D,MAAM,UAAU,mBAAmB;IACjC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,iBAAiB,EAAE,CAAC;IAEzC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAQzB,CAAC;QAEL,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,GAAG,GAAG,sBAAsB,CAChC,IAAI,CAAC,KAAK,IAAI,MAAM,EACpB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,IAAI,EAAE,CACnB,CAAC;QAEF,MAAM,YAAY,GAAqB;YACrC,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,MAAM;YACjC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,QAAQ,EAAE,SAAS;YACnB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,IAAI,EAAE;YAC7C,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,IAAI,EAAE;SAC9C,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAEzD,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/trust.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Trust REST API (Story 6.3)
+ *
+ * GET /api/agents/:id/trust — get trust score for an agent
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+import { TrustService } from '../services/trust-service.js';
+export declare function trustRoutes(db: SqliteDb): {
+    app: Hono<{
+        Variables: AuthVariables;
+    }, import("hono/types").BlankSchema, "/">;
+    service: TrustService;
+};
+//# sourceMappingURL=trust.d.ts.map

package/dist/routes/trust.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust.d.ts","sourceRoot":"","sources":["../../src/routes/trust.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAE5D,wBAAgB,WAAW,CAAC,EAAE,EAAE,QAAQ;;mBACJ,aAAa;;;EAiBhD"}

package/dist/routes/trust.js

@@ -0,0 +1,23 @@
+/**
+ * Trust REST API (Story 6.3)
+ *
+ * GET /api/agents/:id/trust — get trust score for an agent
+ */
+import { Hono } from 'hono';
+import { TrustService } from '../services/trust-service.js';
+export function trustRoutes(db) {
+    const app = new Hono();
+    const service = new TrustService(db);
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // GET /:id/trust — get trust score
+    app.get('/:id/trust', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const score = service.getTrustScore(tenantId, agentId);
+        return c.json({ trust: score });
+    });
+    return { app, service };
+}
+//# sourceMappingURL=trust.js.map

package/dist/routes/trust.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust.js","sourceRoot":"","sources":["../../src/routes/trust.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAE5D,MAAM,UAAU,WAAW,CAAC,EAAY;IACtC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,OAAO,GAAG,IAAI,YAAY,CAAC,EAAE,CAAC,CAAC;IAErC,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAChC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACvD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;AAC1B,CAAC"}