@archal/cli 0.9.0 → 0.9.1

package/README.md

@@ -13,16 +13,16 @@ npm install -g @archal/cli
 ## Quick Start
 
 ```bash
-# Initialize a project in the current directory
-archal init
-
-# Run a scenario (cloud-only transport)
-archal run scenario.md \
-  --engine-endpoint "https://gateway.openclaw.ai/v1/responses" \
-  --engine-token "$OPENCLAW_GATEWAY_TOKEN" \
-  --agent-model "openclaw:main"
+# Authenticate with Archal
+archal login
+# or: export ARCHAL_TOKEN=archal_...
+
+# Run a security-suite scenario with OpenClaw
+archal openclaw run scenarios/security-suite/exec-impersonation.md
 ```
 
+This is the recommended first run for safety testing. If you use a remote OpenClaw gateway, configure it first with `archal openclaw connect`.
+
 ## Commands
 
 | Command | Description |

package/dist/harnesses/_lib/harness-runner.mjs

@@ -53,7 +53,26 @@ import { createAgentTrace } from './agent-trace.mjs';
  * @returns {Promise<HarnessContext>}
  */
 export async function createHarnessContext(harnessName) {
-  const task = (process.env['ARCHAL_ENGINE_TASK'] || '').trim();
+  let task = (process.env['ARCHAL_ENGINE_TASK'] || '').trim();
+  // If the task value is a file path inside the mounted config dir,
+  // read the actual task content from the file. This happens when the
+  // Docker harness writes multi-line task text to a file to avoid
+  // exposing it via docker -e flags (security: prevents secret leakage
+  // in docker ps / /proc/<pid>/cmdline).
+  if (task.startsWith('/archal-out/') || task.startsWith(process.env['ARCHAL_ENGINE_TASK_FILE'] ? '/' : '\0')) {
+    try {
+      const { readFileSync } = await import('node:fs');
+      task = readFileSync(task, 'utf-8').trim();
+    } catch { /* fall through to original value */ }
+  }
+  // Also check the _FILE convention: if ARCHAL_ENGINE_TASK is empty but
+  // ARCHAL_ENGINE_TASK_FILE points to a file, read from there.
+  if (!task && process.env['ARCHAL_ENGINE_TASK_FILE']) {
+    try {
+      const { readFileSync } = await import('node:fs');
+      task = readFileSync(process.env['ARCHAL_ENGINE_TASK_FILE'], 'utf-8').trim();
+    } catch { /* fall through */ }
+  }
   const model = process.env['ARCHAL_ENGINE_MODEL'];
 
   if (!task) { console.error('ARCHAL_ENGINE_TASK not set or empty'); process.exit(1); }

package/dist/harnesses/_lib/llm-response.mjs

@@ -58,26 +58,33 @@ export function extractTokenUsage(provider, body) {
 // ── Tool formatting ─────────────────────────────────────────────────
 
 /**
- * Recursively strip JSON Schema keywords that the Gemini API rejects.
- * Gemini does not support: additionalProperties, $schema, anyOf, oneOf, allOf.
+ * Recursively strip JSON Schema keywords that LLM function-calling APIs reject.
+ * Applied to all providers (Gemini, OpenAI, Anthropic) for consistency.
+ * Strips: additionalProperties, $schema, propertyNames, patternProperties,
+ * if/then/else, not, const, contentEncoding, contentMediaType, anyOf, oneOf, allOf.
  */
-function sanitizeSchemaForGemini(schema) {
+const GEMINI_UNSUPPORTED_KEYWORDS = new Set([
+  'additionalProperties', '$schema', 'propertyNames', 'patternProperties',
+  'if', 'then', 'else', 'not', 'const', 'contentEncoding', 'contentMediaType',
+]);
+
+function sanitizeSchemaForLLM(schema) {
   if (!schema || typeof schema !== 'object') return schema;
-  if (Array.isArray(schema)) return schema.map(sanitizeSchemaForGemini);
+  if (Array.isArray(schema)) return schema.map(sanitizeSchemaForLLM);
 
   const cleaned = {};
   for (const [key, value] of Object.entries(schema)) {
-    if (key === 'additionalProperties' || key === '$schema') continue;
+    if (GEMINI_UNSUPPORTED_KEYWORDS.has(key)) continue;
     // Gemini doesn't support anyOf/oneOf/allOf — flatten single-element unions,
     // otherwise drop the keyword entirely (Gemini treats it as unknown).
     if (key === 'anyOf' || key === 'oneOf' || key === 'allOf') {
       if (Array.isArray(value) && value.length === 1) {
-        Object.assign(cleaned, sanitizeSchemaForGemini(value[0]));
+        Object.assign(cleaned, sanitizeSchemaForLLM(value[0]));
       }
       // Multi-element unions are unsupported; skip the keyword
       continue;
     }
-    cleaned[key] = sanitizeSchemaForGemini(value);
+    cleaned[key] = sanitizeSchemaForLLM(value);
   }
   return cleaned;
 }
@@ -92,7 +99,7 @@ export function formatToolsForProvider(provider, mcpTools) {
         functionDeclarations: mcpTools.map((t) => ({
           name: t.name,
           description: t.description,
-          parameters: sanitizeSchemaForGemini(t.inputSchema),
+          parameters: sanitizeSchemaForLLM(t.inputSchema),
         })),
       }];
     case 'openai':
@@ -100,13 +107,13 @@ export function formatToolsForProvider(provider, mcpTools) {
         type: 'function',
         name: t.name,
         description: t.description,
-        parameters: t.inputSchema,
+        parameters: sanitizeSchemaForLLM(t.inputSchema),
       }));
     case 'anthropic':
       return mcpTools.map((t) => ({
         name: t.name,
         description: t.description,
-        input_schema: t.inputSchema,
+        input_schema: sanitizeSchemaForLLM(t.inputSchema),
       }));
     default:
       return mcpTools;

package/dist/harnesses/_lib/mcp-client.mjs

@@ -31,9 +31,14 @@ export async function connectMcp(configPath) {
 
   const client = new Client({ name: 'archal-harness-agent', version: '1.0.0' });
 
+  // Build requestInit with auth headers from config (required for cloud-hosted twins).
+  const requestInit = serverConfig.headers && Object.keys(serverConfig.headers).length > 0
+    ? { headers: serverConfig.headers }
+    : undefined;
+
   // Try StreamableHTTP first (modern MCP transport)
   try {
-    const transport = new StreamableHTTPClientTransport(new URL(mcpUrl));
+    const transport = new StreamableHTTPClientTransport(new URL(mcpUrl), { requestInit });
     await client.connect(transport);
     return { client, serverName };
   } catch {
@@ -42,7 +47,7 @@ export async function connectMcp(configPath) {
 
   // Fall back to SSE transport
   try {
-    const transport = new SSEClientTransport(new URL(mcpUrl));
+    const transport = new SSEClientTransport(new URL(mcpUrl), { requestInit });
     await client.connect(transport);
     return { client, serverName };
   } catch (err) {

package/dist/harnesses/_lib/rest-client.mjs

@@ -125,7 +125,26 @@ export async function callToolRest(toolToTwin, namespacedName, args) {
   });
   const body = await res.text();
   if (!res.ok) {
-    throw new Error(`Tool call ${mapping.originalName} failed (HTTP ${res.status}): ${body}`);
+    let capabilityMiss;
+    let message = `Tool call ${mapping.originalName} failed (HTTP ${res.status}): ${body}`;
+
+    try {
+      const parsed = JSON.parse(body);
+      if (parsed && typeof parsed === 'object' && parsed['capabilityMiss']) {
+        capabilityMiss = parsed['capabilityMiss'];
+      }
+      if (parsed && typeof parsed === 'object' && typeof parsed['message'] === 'string') {
+        message = `Tool call ${mapping.originalName} failed (HTTP ${res.status}): ${parsed['message']}`;
+      }
+    } catch {
+      // Non-JSON error body; keep the raw message.
+    }
+
+    const error = new Error(message);
+    if (capabilityMiss) {
+      error.capabilityMiss = capabilityMiss;
+    }
+    throw error;
   }
   return body;
 }

package/dist/harnesses/_lib/tool-executor.mjs

@@ -5,6 +5,10 @@
  */
 import { callToolRest } from './rest-client.mjs';
 
+function shouldBailForCapabilityMiss(capabilityMiss) {
+  return capabilityMiss?.miss?.severity === 'high';
+}
+
 /**
  * Execute an array of tool calls via REST, tracking errors and logging.
  *
@@ -53,6 +57,14 @@ export async function executeToolCalls(toolCalls, opts) {
       log.toolError(step, tc.name, err.message);
       process.stderr.write(`[${harnessName}] Tool error (${counters.consecutiveErrors}): ${err.message}\n`);
 
+      if (shouldBailForCapabilityMiss(err.capabilityMiss)) {
+        process.stderr.write(
+          `[${harnessName}] Capability miss requires immediate stop: ${err.capabilityMiss.miss?.subkind ?? 'unknown'}\n`,
+        );
+        bailout = true;
+        break;
+      }
+
       if (maxConsecutiveErrors > 0 && counters.consecutiveErrors >= maxConsecutiveErrors) {
         process.stderr.write(`[${harnessName}] Too many consecutive tool errors — stopping.\n`);
         bailout = true;

package/dist/harnesses/hardened/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "@archal/harness-hardened",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "start": "node agent.mjs"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1"
+  }
+}

package/dist/harnesses/naive/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "@archal/harness-naive",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "start": "node agent.mjs"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1"
+  }
+}

package/dist/harnesses/react/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "@archal/harness-react",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "start": "node agent.mjs"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1"
+  }
+}

package/dist/harnesses/zero-shot/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "@archal/harness-zero-shot",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "start": "node agent.mjs"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1"
+  }
+}