npm - @bookedsolid/reagent - Versions diffs - 0.1.0 → 0.2.0 - Mend

@bookedsolid/reagent 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

package/README.md +322 -50
package/dist/cli/commands/check.d.ts +2 -0
package/dist/cli/commands/check.d.ts.map +1 -0
package/dist/cli/commands/check.js +87 -0
package/dist/cli/commands/check.js.map +1 -0
package/dist/cli/commands/freeze.d.ts +2 -0
package/dist/cli/commands/freeze.d.ts.map +1 -0
package/dist/cli/commands/freeze.js +24 -0
package/dist/cli/commands/freeze.js.map +1 -0
package/dist/cli/commands/init.d.ts +2 -0
package/dist/cli/commands/init.d.ts.map +1 -0
package/dist/cli/commands/init.js +487 -0
package/dist/cli/commands/init.js.map +1 -0
package/dist/cli/commands/serve.d.ts +2 -0
package/dist/cli/commands/serve.d.ts.map +1 -0
package/dist/cli/commands/serve.js +12 -0
package/dist/cli/commands/serve.js.map +1 -0
package/dist/cli/commands/unfreeze.d.ts +2 -0
package/dist/cli/commands/unfreeze.d.ts.map +1 -0
package/dist/cli/commands/unfreeze.js +14 -0
package/dist/cli/commands/unfreeze.js.map +1 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +71 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/utils.d.ts +5 -0
package/dist/cli/utils.d.ts.map +1 -0
package/dist/cli/utils.js +34 -0
package/dist/cli/utils.js.map +1 -0
package/dist/config/gateway-config.d.ts +3 -0
package/dist/config/gateway-config.d.ts.map +1 -0
package/dist/config/gateway-config.js +60 -0
package/dist/config/gateway-config.js.map +1 -0
package/dist/config/policy-loader.d.ts +3 -0
package/dist/config/policy-loader.d.ts.map +1 -0
package/dist/config/policy-loader.js +38 -0
package/dist/config/policy-loader.js.map +1 -0
package/dist/config/tier-map.d.ts +12 -0
package/dist/config/tier-map.d.ts.map +1 -0
package/dist/config/tier-map.js +76 -0
package/dist/config/tier-map.js.map +1 -0
package/dist/gateway/client-manager.d.ts +26 -0
package/dist/gateway/client-manager.d.ts.map +1 -0
package/dist/gateway/client-manager.js +75 -0
package/dist/gateway/client-manager.js.map +1 -0
package/dist/gateway/middleware/audit.d.ts +12 -0
package/dist/gateway/middleware/audit.d.ts.map +1 -0
package/dist/gateway/middleware/audit.js +88 -0
package/dist/gateway/middleware/audit.js.map +1 -0
package/dist/gateway/middleware/chain.d.ts +27 -0
package/dist/gateway/middleware/chain.d.ts.map +1 -0
package/dist/gateway/middleware/chain.js +37 -0
package/dist/gateway/middleware/chain.js.map +1 -0
package/dist/gateway/middleware/kill-switch.d.ts +10 -0
package/dist/gateway/middleware/kill-switch.d.ts.map +1 -0
package/dist/gateway/middleware/kill-switch.js +61 -0
package/dist/gateway/middleware/kill-switch.js.map +1 -0
package/dist/gateway/middleware/policy.d.ts +10 -0
package/dist/gateway/middleware/policy.d.ts.map +1 -0
package/dist/gateway/middleware/policy.js +52 -0
package/dist/gateway/middleware/policy.js.map +1 -0
package/dist/gateway/middleware/redact.d.ts +17 -0
package/dist/gateway/middleware/redact.d.ts.map +1 -0
package/dist/gateway/middleware/redact.js +109 -0
package/dist/gateway/middleware/redact.js.map +1 -0
package/dist/gateway/middleware/session.d.ts +11 -0
package/dist/gateway/middleware/session.d.ts.map +1 -0
package/dist/gateway/middleware/session.js +19 -0
package/dist/gateway/middleware/session.js.map +1 -0
package/dist/gateway/middleware/tier.d.ts +7 -0
package/dist/gateway/middleware/tier.d.ts.map +1 -0
package/dist/gateway/middleware/tier.js +11 -0
package/dist/gateway/middleware/tier.js.map +1 -0
package/dist/gateway/server.d.ts +14 -0
package/dist/gateway/server.d.ts.map +1 -0
package/dist/gateway/server.js +79 -0
package/dist/gateway/server.js.map +1 -0
package/dist/gateway/tool-proxy.d.ts +21 -0
package/dist/gateway/tool-proxy.d.ts.map +1 -0
package/dist/gateway/tool-proxy.js +134 -0
package/dist/gateway/tool-proxy.js.map +1 -0
package/dist/types/audit.d.ts +16 -0
package/dist/types/audit.d.ts.map +1 -0
package/dist/types/audit.js +2 -0
package/dist/types/audit.js.map +1 -0
package/dist/types/enums.d.ts +21 -0
package/dist/types/enums.d.ts.map +1 -0
package/dist/types/enums.js +25 -0
package/dist/types/enums.js.map +1 -0
package/dist/types/gateway.d.ts +16 -0
package/dist/types/gateway.d.ts.map +1 -0
package/dist/types/gateway.js +2 -0
package/dist/types/gateway.js.map +1 -0
package/dist/types/index.d.ts +5 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +2 -0
package/dist/types/index.js.map +1 -0
package/dist/types/policy.d.ts +14 -0
package/dist/types/policy.d.ts.map +1 -0
package/dist/types/policy.js +2 -0
package/dist/types/policy.js.map +1 -0
package/hooks/attribution-advisory.sh +78 -26
package/husky/commit-msg.sh +102 -22
package/package.json +24 -12
package/profiles/bst-internal.json +2 -1
package/profiles/client-engagement.json +2 -1
package/bin/init.js +0 -818

package/README.md CHANGED Viewed

@@ -1,97 +1,336 @@
 # @bookedsolid/reagent
-Zero-trust agentic infrastructure for AI-assisted development.
+Zero-trust MCP gateway and agentic infrastructure for AI-assisted development.
-Reagent installs safety hooks, behavioral policies, and developer tooling into any project — enforcing zero-trust principles across AI agent operations.
+Reagent is two things:
-## What It Does
+1. **MCP Gateway** (`reagent serve`) — a proxy server that sits between your AI assistant (Claude Code, Cursor, etc.) and downstream MCP tool servers. Every tool call flows through a zero-trust middleware chain: policy enforcement, tier classification, secret redaction, and hash-chained audit logging.
-`reagent init` configures your repository with:
+2. **Config Scaffolder** (`reagent init`) — installs safety hooks, behavioral policies, and developer tooling into any project.
-- **Git hooks** — commit-msg validation (Co-Authored-By attribution, secret detection) and pre-push quality gates
-- **Cursor rules** — AI behavioral constraints for Cursor IDE
-- **Claude hooks** — dangerous command interception, env file protection, secret scanning
-- **Claude settings** — permission boundaries for Claude Code
-- **Policy file** — `.reagent/policy.yaml` with graduated autonomy levels (L0-L3)
-- **CLAUDE.md** — project-level AI agent instructions
-- **Commands** — `/restart` (session handoff) and `/rea` (AI team orchestration)
+## Why Reagent?
+AI coding assistants are powerful but unconstrained. Reagent adds the missing governance layer:
+- **Policy enforcement** — graduated autonomy levels (L0 read-only → L3 full access) control which tiers of tools an agent can invoke
+- **Kill switch** — `reagent freeze` immediately blocks all tool calls across every connected MCP server
+- **Secret redaction** — tool outputs are scanned for AWS keys, GitHub tokens, API keys, PEM private keys, Discord tokens, and more — redacted before they reach the AI
+- **Audit trail** — every tool invocation is logged as hash-chained JSONL, providing tamper-evident compliance records
+- **Tool blocking** — individual tools can be permanently blocked regardless of autonomy level
 ## Quick Start
+### As an MCP Gateway
 ```bash
-npx @bookedsolid/reagent init
+npm install -g @bookedsolid/reagent
+# Initialize a project with policy and gateway config
+reagent init --profile bst-internal
+# Configure your downstream MCP servers in .reagent/gateway.yaml
+# Then start the gateway
+reagent serve
+```
+Point your AI assistant's MCP configuration at the gateway:
+```json
+{
+  "mcpServers": {
+    "reagent": {
+      "command": "reagent",
+      "args": ["serve"]
+    }
+  }
+}
 ```
-### With a profile
+All downstream tool calls now flow through Reagent's middleware chain.
+### As a Config Scaffolder
 ```bash
-# For BST internal projects
-npx @bookedsolid/reagent init --profile bst-internal
+npx @bookedsolid/reagent init
-# For client engagements
+# With a profile
+npx @bookedsolid/reagent init --profile bst-internal
 npx @bookedsolid/reagent init --profile client-engagement
+# Preview without changes
+npx @bookedsolid/reagent init --dry-run
 ```
-### Verify installation
+## Commands
-```bash
-npx @bookedsolid/reagent check
+| Command                         | Description                                       |
+| ------------------------------- | ------------------------------------------------- |
+| `reagent serve`                 | Start the MCP gateway server (stdio transport)    |
+| `reagent init`                  | Install reagent config into the current directory |
+| `reagent check`                 | Verify what reagent components are installed      |
+| `reagent freeze --reason "..."` | Create `.reagent/HALT` — suspends all tool calls  |
+| `reagent unfreeze`              | Remove `.reagent/HALT` — resumes tool calls       |
+| `reagent help`                  | Show usage help                                   |
+## MCP Gateway
+### How It Works
+```
+AI Assistant (Claude Code, Cursor, etc.)
+    │
+    │  stdio (MCP protocol)
+    ▼
+┌─────────────────────────────┐
+│       Reagent Gateway       │
+│                             │
+│  ┌───────────────────────┐  │
+│  │   Middleware Chain     │  │
+│  │                       │  │
+│  │  1. Audit (outermost) │  │
+│  │  2. Session context   │  │
+│  │  3. Kill switch       │  │
+│  │  4. Tier classify     │  │
+│  │  5. Policy enforce    │  │
+│  │  6. Secret redaction  │  │
+│  │  7. [Execute]         │  │
+│  └───────────────────────┘  │
+│                             │
+└──────────┬──────────────────┘
+           │  stdio (MCP protocol)
+           ▼
+    Downstream MCP Servers
+    (discord-ops, filesystem, etc.)
 ```
-### Dry run (preview without changes)
+The gateway:
+1. Connects to all downstream MCP servers defined in `.reagent/gateway.yaml`
+2. Discovers their tools via MCP `tools/list`
+3. Re-registers each tool on the gateway with namespace prefixes (`servername__toolname`)
+4. Wraps every tool call in the middleware chain
+5. Listens on stdio for incoming MCP requests from the AI assistant
+### Gateway Configuration
+Create `.reagent/gateway.yaml`:
+```yaml
+version: '1'
+servers:
+  discord-ops:
+    command: node
+    args:
+      - /path/to/discord-ops/dist/index.js
+    env:
+      DISCORD_BOT_TOKEN: '${DISCORD_BOT_TOKEN}'
+    tool_overrides:
+      get_messages:
+        tier: read
+      send_message:
+        tier: write
+      purge_messages:
+        tier: destructive
+      delete_channel:
+        tier: destructive
+        blocked: true
+```
-```bash
-npx @bookedsolid/reagent init --dry-run
+**Environment variable resolution:** Use `${VAR_NAME}` syntax in env values — Reagent resolves them from `process.env` at startup.
+**Tool overrides:** Each downstream tool can be assigned a tier (`read`, `write`, `destructive`) and optionally blocked entirely.
+### Tool Namespacing
+Downstream tools are namespaced as `servername__toolname` to prevent collisions:
+```
+discord-ops__send_message
+discord-ops__get_messages
+filesystem__read_file
+filesystem__write_file
 ```
-## Commands
+### Multiple Downstream Servers
+```yaml
+version: '1'
+servers:
+  discord-ops:
+    command: node
+    args: [/path/to/discord-ops/dist/index.js]
+  filesystem:
+    command: npx
+    args: [-y, '@modelcontextprotocol/server-filesystem', '/allowed/path']
+  github:
+    command: npx
+    args: [-y, '@modelcontextprotocol/server-github']
+    env:
+      GITHUB_PERSONAL_ACCESS_TOKEN: '${GITHUB_TOKEN}'
+```
+All tools from all servers are aggregated into a single gateway.
-| Command                         | Description                                            |
-| ------------------------------- | ------------------------------------------------------ |
-| `reagent init`                  | Install reagent config into the current directory      |
-| `reagent check`                 | Verify what reagent components are installed           |
-| `reagent freeze --reason "..."` | Create `.reagent/HALT` — suspends all agent operations |
-| `reagent unfreeze`              | Remove `.reagent/HALT` — resumes agent operations      |
-| `reagent help`                  | Show usage help                                        |
+## Middleware Chain
+Every tool call passes through the middleware chain in onion (Koa-style) order. The chain is designed with security invariants:
+### 1. Audit (outermost)
+Records every invocation — including denials — as a hash-chained JSONL entry. Written to `.reagent/audit/YYYY-MM-DD.jsonl`. Each record contains:
+```json
+{
+  "timestamp": "2026-04-09T12:00:00.000Z",
+  "session_id": "a1b2c3d4-...",
+  "tool_name": "send_message",
+  "server_name": "discord-ops",
+  "tier": "write",
+  "status": "allowed",
+  "autonomy_level": "L1",
+  "duration_ms": 42,
+  "prev_hash": "0000...0000",
+  "hash": "abc123..."
+}
+```
-### Kill switch
+The `prev_hash` field chains records together — tamper with one record and every subsequent hash becomes invalid.
-Freeze halts all Claude Code hooks immediately. Every hook checks for `.reagent/HALT` before executing — when present, all tool calls are blocked.
+### 2. Session Context
+Attaches a unique session ID (UUID) to every invocation. Each gateway instance generates one session ID at startup.
+### 3. Kill Switch
+Checks for `.reagent/HALT` file. If present, the invocation is immediately denied. The HALT file contents become the denial reason.
 ```bash
-# Emergency stop
-npx @bookedsolid/reagent freeze --reason "security incident"
+# Emergency stop — all tool calls blocked immediately
+reagent freeze --reason "security incident at 2026-04-09T12:00:00Z"
 # Resume
-npx @bookedsolid/reagent unfreeze
+reagent unfreeze
+```
+### 4. Tier Classification
+Classifies the tool into one of three tiers:
+| Tier          | Description                     | Examples                                         |
+| ------------- | ------------------------------- | ------------------------------------------------ |
+| `read`        | Observes state, no side effects | `get_messages`, `list_channels`, `health_check`  |
+| `write`       | Modifies state                  | `send_message`, `create_channel`, `edit_message` |
+| `destructive` | Irreversible state changes      | `delete_channel`, `purge_messages`, `ban_member` |
+Tiers are assigned via `tool_overrides` in gateway config. Unknown tools default to `write`.
+### 5. Policy Enforcement
+Checks the tool's tier against the project's autonomy level:
+| Autonomy Level     | Allowed Tiers                    |
+| ------------------ | -------------------------------- |
+| `L0` (read-only)   | `read` only                      |
+| `L1` (standard)    | `read` + `write`                 |
+| `L2` (elevated)    | `read` + `write` + `destructive` |
+| `L3` (full access) | All tiers                        |
+Also checks for explicitly blocked tools — a tool marked `blocked: true` in gateway config is denied regardless of autonomy level.
+### 6. Secret Redaction
+Post-execution: scans tool output for sensitive patterns and replaces them with `[REDACTED]`:
+- AWS Access Keys (`AKIA...`)
+- AWS Secret Keys
+- GitHub Tokens (`ghp_...`, `gho_...`, `ghs_...`, `ghu_...`, `ghr_...`)
+- Generic API Keys
+- Bearer Tokens
+- PEM Private Keys
+- Discord Bot Tokens
+- Base64-encoded AWS Keys
+Redaction operates on individual string values within structured results — it never corrupts JSON structure.
+### Security Invariants
+- **Denial is permanent** — once any middleware denies an invocation, no subsequent middleware can revert it
+- **Audit records everything** — audit is outermost, so even kill-switch denials are recorded
+- **Policy re-derives tier** — never trusts mutable context; always re-classifies from tool name
+- **Fail-closed** — errors in kill-switch or policy checks result in denial, not passthrough
+- **All logging to stderr** — stdout is reserved for the MCP stdio transport
+## Policy File
+`.reagent/policy.yaml` controls agent behavior:
+```yaml
+version: '1'
+profile: bst-internal
+installed_by: 'reagent init'
+installed_at: '2026-04-09T00:00:00.000Z'
+autonomy_level: L1
+max_autonomy_level: L3
+promotion_requires_human_approval: true
+blocked_paths:
+  - .github/workflows/
+  - .env
+notification_channel: '#reagent-alerts'
 ```
-## Profiles
+| Field                               | Description                                                   |
+| ----------------------------------- | ------------------------------------------------------------- |
+| `autonomy_level`                    | Current level (L0-L3) — controls which tool tiers are allowed |
+| `max_autonomy_level`                | Ceiling — agents cannot request escalation beyond this        |
+| `promotion_requires_human_approval` | Whether level changes need human sign-off                     |
+| `blocked_paths`                     | Directories the agent must never modify                       |
+## Config Scaffolder
+`reagent init` configures your repository with:
+- **Git hooks** — commit-msg validation (Co-Authored-By attribution, secret detection) and pre-push quality gates
+- **Cursor rules** — AI behavioral constraints for Cursor IDE
+- **Claude hooks** — dangerous command interception, env file protection, secret scanning
+- **Claude settings** — permission boundaries for Claude Code
+- **Policy file** — `.reagent/policy.yaml` with graduated autonomy levels
+- **CLAUDE.md** — project-level AI agent instructions
+- **Commands** — `/restart` (session handoff) and `/rea` (AI team orchestration)
+### What Gets Installed
+| Path                    | Committed       | Purpose                              |
+| ----------------------- | --------------- | ------------------------------------ |
+| `.reagent/policy.yaml`  | Yes             | Autonomy levels and agent policy     |
+| `.reagent/gateway.yaml` | Yes             | MCP gateway downstream server config |
+| `.reagent/audit/`       | No (gitignored) | Hash-chained JSONL audit logs        |
+| `.cursor/rules/`        | Yes             | Cursor IDE behavioral rules          |
+| `.husky/commit-msg`     | Yes             | Git commit message validation        |
+| `.claude/hooks/`        | No (gitignored) | Claude Code safety hooks             |
+| `.claude/settings.json` | No (gitignored) | Claude Code permissions              |
+| `.claude/commands/`     | Yes             | Slash commands (restart, rea)        |
+| `CLAUDE.md`             | Yes             | AI agent project instructions        |
+### Profiles
 | Profile             | Use Case                   | Hooks                             |
 | ------------------- | -------------------------- | --------------------------------- |
 | `bst-internal`      | BST's own repositories     | Full hook suite + Claude commands |
 | `client-engagement` | Client consulting projects | Full hook suite + Claude commands |
-## Idempotent
+### Idempotent
 Run `reagent init` as many times as you want. It skips files that are already up-to-date and only updates what has changed.
-## What Gets Installed
+### Verify Installation
-| Path                    | Committed       | Purpose                          |
-| ----------------------- | --------------- | -------------------------------- |
-| `.cursor/rules/`        | Yes             | Cursor IDE behavioral rules      |
-| `.husky/commit-msg`     | Yes             | Git commit message validation    |
-| `.claude/hooks/`        | No (gitignored) | Claude Code safety hooks         |
-| `.claude/settings.json` | No (gitignored) | Claude Code permissions          |
-| `.claude/commands/`     | Yes             | Slash commands (restart, rea)    |
-| `.reagent/policy.yaml`  | Yes             | Autonomy levels and agent policy |
-| `CLAUDE.md`             | Yes             | AI agent project instructions    |
+```bash
+reagent check
+```
 ## Removing Reagent
-To remove reagent from a project, delete the installed files:
+To remove reagent from a project:
 ```bash
 # Remove reagent-managed files
@@ -104,15 +343,48 @@ rm -rf .reagent/
 rm -f .husky/commit-msg .husky/pre-commit .husky/pre-push
 ```
-## Scope
+## Architecture
-Reagent is a **local CLI tool**. It configures files in your repository and runs entirely on your machine. It does not collect data, phone home, or operate as a hosted service.
+```
+@bookedsolid/reagent
+├── src/
+│   ├── cli/                    # CLI entry point and commands
+│   │   ├── index.ts            # ESM entry point, routes to commands
+│   │   ├── commands/           # init, check, freeze, unfreeze, serve
+│   │   └── utils.ts            # Shared CLI utilities
+│   ├── config/                 # Configuration loaders
+│   │   ├── policy-loader.ts    # Zod-validated policy.yaml parser
+│   │   ├── gateway-config.ts   # Zod-validated gateway.yaml parser
+│   │   └── tier-map.ts         # Tool tier classification
+│   ├── gateway/                # MCP gateway core
+│   │   ├── server.ts           # Gateway orchestrator (startup, shutdown)
+│   │   ├── client-manager.ts   # Downstream MCP server connections
+│   │   ├── tool-proxy.ts       # Tool discovery, namespacing, registration
+│   │   └── middleware/         # Middleware chain
+│   │       ├── chain.ts        # Onion-style middleware executor
+│   │       ├── session.ts      # Session ID attachment
+│   │       ├── kill-switch.ts  # HALT file check
+│   │       ├── tier.ts         # Tier classification
+│   │       ├── policy.ts       # Autonomy level enforcement
+│   │       ├── redact.ts       # Secret pattern redaction
+│   │       └── audit.ts        # Hash-chained JSONL logging
+│   └── types/                  # TypeScript type definitions
+├── profiles/                   # Init profiles (bst-internal, client-engagement)
+├── templates/                  # Template files for scaffolding
+├── hooks/                      # Git hook scripts
+├── cursor/                     # Cursor IDE rules
+└── agents/                     # Agent definitions
+```
 ## Requirements
 - Node.js >= 22
 - Git repository
+## Scope
+Reagent is a **local CLI tool** and **MCP gateway server**. It configures files in your repository and proxies MCP tool calls on your machine. It does not collect data, phone home, or operate as a hosted service.
 ## License
 MIT

package/dist/cli/commands/check.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare function runCheck(_args: string[]): void;
2	+ //# sourceMappingURL=check.d.ts.map

package/dist/cli/commands/check.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/check.ts"],"names":[],"mappings":"AAIA,wBAAgB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,CAsF9C"}

package/dist/cli/commands/check.js ADDED Viewed

@@ -0,0 +1,87 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { getPkgVersion, gitignoreHasEntry } from '../utils.js';
+export function runCheck(_args) {
+    const targetDir = process.cwd();
+    const PKG_VERSION = getPkgVersion();
+    console.log(`\n@bookedsolid/reagent v${PKG_VERSION} check`);
+    console.log(`  Target: ${targetDir}\n`);
+    const checks = [
+        {
+            label: '.cursor/rules/ installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.cursor', 'rules', '001-no-hallucination.mdc')),
+        },
+        {
+            label: '.husky/commit-msg installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.husky', 'commit-msg')),
+        },
+        {
+            label: '.husky/pre-commit installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.husky', 'pre-commit')),
+        },
+        {
+            label: '.husky/pre-push installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.husky', 'pre-push')),
+        },
+        {
+            label: '.git/hooks/commit-msg installed (fallback)',
+            pass: () => fs.existsSync(path.join(targetDir, '.git', 'hooks', 'commit-msg')),
+        },
+        {
+            label: '.claude/hooks/ installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.claude', 'hooks', 'dangerous-bash-interceptor.sh')),
+        },
+        {
+            label: '.claude/settings.json installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.claude', 'settings.json')),
+        },
+        {
+            label: 'CLAUDE.md has reagent block',
+            pass: () => {
+                const p = path.join(targetDir, 'CLAUDE.md');
+                if (!fs.existsSync(p))
+                    return false;
+                return fs.readFileSync(p, 'utf8').includes('<!-- reagent-managed:start -->');
+            },
+        },
+        {
+            label: '.reagent/policy.yaml installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.reagent', 'policy.yaml')),
+        },
+        {
+            label: '.gitignore has .claude/agents/',
+            pass: () => gitignoreHasEntry(targetDir, '.claude/agents/'),
+        },
+        {
+            label: '.claude/commands/restart.md installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.claude', 'commands', 'restart.md')),
+        },
+        {
+            label: '.claude/commands/rea.md installed',
+            pass: () => fs.existsSync(path.join(targetDir, '.claude', 'commands', 'rea.md')),
+        },
+    ];
+    let allPass = true;
+    checks.forEach(({ label, pass }) => {
+        const ok = pass();
+        console.log(`  ${ok ? '✓' : '✗'} ${label}`);
+        if (!ok)
+            allPass = false;
+    });
+    // Check HALT status
+    const haltFile = path.join(targetDir, '.reagent', 'HALT');
+    if (fs.existsSync(haltFile)) {
+        const reason = fs.readFileSync(haltFile, 'utf8').trim();
+        console.log(`\n  ⚠ HALT ACTIVE: ${reason}`);
+        console.log(`  Run 'reagent unfreeze' to resume agent operations.`);
+    }
+    console.log('');
+    if (allPass) {
+        console.log('All checks passed.');
+    }
+    else {
+        console.log('Some checks failed. Run: npx @bookedsolid/reagent init');
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=check.js.map

package/dist/cli/commands/check.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"check.js","sourceRoot":"","sources":["../../../src/cli/commands/check.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAE/D,MAAM,UAAU,QAAQ,CAAC,KAAe;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAChC,MAAM,WAAW,GAAG,aAAa,EAAE,CAAC;IAEpC,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,QAAQ,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,aAAa,SAAS,IAAI,CAAC,CAAC;IAExC,MAAM,MAAM,GAAG;QACb;YACE,KAAK,EAAE,0BAA0B;YACjC,IAAI,EAAE,GAAG,EAAE,CACT,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,0BAA0B,CAAC,CAAC;SACtF;QACD;YACE,KAAK,EAAE,6BAA6B;YACpC,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;SACxE;QACD;YACE,KAAK,EAAE,6BAA6B;YACpC,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;SACxE;QACD;YACE,KAAK,EAAE,2BAA2B;YAClC,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;SACtE;QACD;YACE,KAAK,EAAE,4CAA4C;YACnD,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;SAC/E;QACD;YACE,KAAK,EAAE,0BAA0B;YACjC,IAAI,EAAE,GAAG,EAAE,CACT,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,+BAA+B,CAAC,CAAC;SAC3F;QACD;YACE,KAAK,EAAE,iCAAiC;YACxC,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;SAC5E;QACD;YACE,KAAK,EAAE,6BAA6B;YACpC,IAAI,EAAE,GAAG,EAAE;gBACT,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;gBAC5C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;oBAAE,OAAO,KAAK,CAAC;gBACpC,OAAO,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,gCAAgC,CAAC,CAAC;YAC/E,CAAC;SACF;QACD;YACE,KAAK,EAAE,gCAAgC;YACvC,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;SAC3E;QACD;YACE,KAAK,EAAE,gCAAgC;YACvC,IAAI,EAAE,GAAG,EAAE,CAAC,iBAAiB,CAAC,SAAS,EAAE,iBAAiB,CAAC;SAC5D;QACD;YACE,KAAK,EAAE,uCAAuC;YAC9C,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,CAAC,CAAC;SACrF;QACD;YACE,KAAK,EAAE,mCAAmC;YAC1C,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;SACjF;KACF,CAAC;IAEF,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;QACjC,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,KAAK,EAAE,CAAC,CAAC;QAC5C,IAAI,CAAC,EAAE;YAAE,OAAO,GAAG,KAAK,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,oBAAoB;IACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;IAC1D,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,EAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACtE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IACpC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/cli/commands/freeze.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare function runFreeze(args: string[]): void;
2	+ //# sourceMappingURL=freeze.d.ts.map

package/dist/cli/commands/freeze.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"freeze.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/freeze.ts"],"names":[],"mappings":"AAIA,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAwB9C"}

package/dist/cli/commands/freeze.js ADDED Viewed

@@ -0,0 +1,24 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { parseFlag } from '../utils.js';
+export function runFreeze(args) {
+    const targetDir = process.cwd();
+    const rawReason = parseFlag(args, '--reason') || args.find((a) => !a.startsWith('--')) || 'Manual freeze';
+    // Strip control characters (terminal escape injection defense)
+    const reason = rawReason.replace(/[\x00-\x1f\x7f]/g, '');
+    const reagentDir = path.join(targetDir, '.reagent');
+    const haltFile = path.join(reagentDir, 'HALT');
+    if (!fs.existsSync(reagentDir)) {
+        fs.mkdirSync(reagentDir, { recursive: true });
+    }
+    const timestamp = new Date().toISOString();
+    const content = `${reason} (frozen at ${timestamp})`;
+    fs.writeFileSync(haltFile, content, 'utf8');
+    console.log(`\nREAGENT FROZEN`);
+    console.log(`  Reason:  ${reason}`);
+    console.log(`  File:    .reagent/HALT`);
+    console.log(`  Effect:  All PreToolUse hooks will exit 2 — agent operations blocked.`);
+    console.log(`\n  To resume: reagent unfreeze`);
+    console.log('');
+}
+//# sourceMappingURL=freeze.js.map

package/dist/cli/commands/freeze.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"freeze.js","sourceRoot":"","sources":["../../../src/cli/commands/freeze.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,UAAU,SAAS,CAAC,IAAc;IACtC,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAChC,MAAM,SAAS,GACb,SAAS,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,eAAe,CAAC;IAC1F,+DAA+D;IAC/D,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAEzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAE/C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,OAAO,GAAG,GAAG,MAAM,eAAe,SAAS,GAAG,CAAC;IACrD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IAE5C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,EAAE,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC;IACvF,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/cli/commands/init.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare function runInit(args: string[]): void;
2	+ //# sourceMappingURL=init.d.ts.map

package/dist/cli/commands/init.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":"AASA,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAuH5C"}