@bookedsolid/reagent 0.7.1 → 0.10.0

package/dist/gateway/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/gateway/rate-limiter.ts"],"names":[],"mappings":"AAmBA,MAAM,SAAS,GAAG,MAAM,CAAC;AAEzB;;;;;;;;;;GAUG;AACH,MAAM,OAAO,WAAW;IACd,KAAK,GAAG,IAAI,GAAG,EAAuB,CAAC;IAE/C,YAAY,aAA6B;QACvC,IAAI,CAAC,aAAa;YAAE,OAAO;QAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;YACtE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;gBACnB,WAAW,EAAE,CAAC;gBACd,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,SAAS,CAAC,oBAAoB,IAAI,CAAC;gBAClD,cAAc,EAAE,SAAS,CAAC,gBAAgB,IAAI,CAAC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,UAAU,CAAC,UAAkB;QAC3B,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACnC,IAAI,CAAC,CAAC,EAAE,CAAC;YACP,8DAA8D;YAC9D,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE;gBACzB,WAAW,EAAE,CAAC;gBACd,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,CAAC;gBAChB,cAAc,EAAE,CAAC;aAClB,CAAC,CAAC;YACH,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC;QAClC,CAAC;QAED,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,CAAC,CAAC,cAAc,GAAG,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;QAEvE,mBAAmB;QACnB,IAAI,CAAC,CAAC,cAAc,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC,cAAc,EAAE,CAAC;YACxE,OAAO;gBACL,IAAI,EAAE,MAAM;gBACZ,UAAU;gBACV,OAAO,EAAE,CAAC,CAAC,cAAc,CAAC,MAAM;gBAChC,KAAK,EAAE,CAAC,CAAC,cAAc;gBACvB,OAAO,EAAE,mCAAmC,UAAU,MAAM,CAAC,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC,cAAc,wBAAwB;aAChI,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,CAAC,aAAa,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;YAC5D,OAAO;gBACL,IAAI,EAAE,aAAa;gBACnB,UAAU;gBACV,OAAO,EAAE,CAAC,CAAC,WAAW;gBACtB,KAAK,EAAE,CAAC,CAAC,aAAa;gBACtB,OAAO,EAAE,0CAA0C,UAAU,MAAM,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,aAAa,eAAe;aACnH,CAAC;QACJ,CAAC;QAED,UAAU;QACV,CAAC,CAAC,WAAW,EAAE,CAAC;QAChB,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,UAAkB;QACxB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACrC,IAAI,CAAC,CAAC;YAAE,OAAO;QACf,IAAI,CAAC,CAAC,WAAW,GAAG,CAAC;YAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACzC,CAAC;IAED,+BAA+B;IAC/B,QAAQ,CAAC,UAAkB;QACzB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;CACF"}

package/dist/gateway/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAiBA,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAkFvE"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAwBA,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA2GvE"}

package/dist/gateway/server.js

@@ -10,9 +10,16 @@ import { createKillSwitchMiddleware } from './middleware/kill-switch.js';
 import { createTierMiddleware } from './middleware/tier.js';
 import { createPolicyMiddleware } from './middleware/policy.js';
 import { redactMiddleware } from './middleware/redact.js';
+import { createInjectionMiddleware } from './middleware/injection.js';
 import { createAuditMiddleware } from './middleware/audit.js';
 import { createBlockedPathsMiddleware } from './middleware/blocked-paths.js';
+import { createResultSizeCapMiddleware } from './middleware/result-size-cap.js';
+import { createRateLimitMiddleware } from './middleware/rate-limit.js';
+import { createCircuitBreakerMiddleware } from './middleware/circuit-breaker.js';
+import { RateLimiter } from './rate-limiter.js';
+import { CircuitBreaker } from './circuit-breaker.js';
 import { registerNativeTools } from './native-tools.js';
+import { detectToolCollisions } from './collision-detector.js';
 /**
  * Starts the MCP gateway server.
  *
@@ -33,7 +40,17 @@ export async function startGateway(options) {
     // Build middleware chain
     // SECURITY: Audit is outermost so it records ALL invocations, including kill-switch denials.
     // SECURITY: blocked-paths runs before tool execution to prevent writes to protected paths.
-    // Order (onion): audit → session → kill-switch → tier → policy → blocked-paths → redact → [execute]
+    // SECURITY: injection runs PostToolUse (after redact) to scan downstream results for prompt injection.
+    // SECURITY: result-size-cap runs PostToolUse after injection so it caps already-scanned output.
+    // SECURITY: rate-limit runs after policy (so denied calls don't burn rate budget) but before execution.
+    // SECURITY: circuit-breaker wraps the execute step so it can observe Error status and track failures.
+    //   Placed after rate-limit so a rate-limited call doesn't count as a downstream failure.
+    // Order (onion): audit → session → kill-switch → tier → policy → blocked-paths → rate-limit → circuit-breaker → redact → injection → result-size-cap → [execute]
+    const injectionAction = policy.injection_detection === 'warn'
+        ? 'warn'
+        : 'block';
+    const rateLimiter = new RateLimiter(gatewayConfig);
+    const circuitBreaker = new CircuitBreaker();
     const middlewares = [
         createAuditMiddleware(baseDir, policy),
         createSessionMiddleware(),
@@ -41,13 +58,22 @@ export async function startGateway(options) {
         createTierMiddleware(gatewayConfig),
         createPolicyMiddleware(policy, gatewayConfig, baseDir),
         createBlockedPathsMiddleware(policy, baseDir),
+        createRateLimitMiddleware(rateLimiter),
+        createCircuitBreakerMiddleware(circuitBreaker),
         redactMiddleware,
+        createInjectionMiddleware(injectionAction),
+        createResultSizeCapMiddleware(gatewayConfig),
     ];
     // Create gateway MCP server
     const gateway = new McpServer({ name: 'reagent', version: getPkgVersion() }, { capabilities: { tools: {} } });
     // Connect to downstream servers
     const clientManager = new ClientManager();
     await clientManager.connectAll(gatewayConfig);
+    // Detect tool name collisions before accepting connections (GHSA-4j9r)
+    const { collisions } = await detectToolCollisions(clientManager);
+    if (collisions.length > 0) {
+        console.error(`[reagent] ${collisions.length} tool name collision(s) detected — shadowed tools will be registered with server-prefixed names`);
+    }
     // Register native (first-party) tools
     const nativeCount = registerNativeTools(gateway, baseDir, middlewares);
     // Discover and register proxied tools

package/dist/gateway/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,4BAA4B,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAOxD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAqB;IACtD,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAE5B,qBAAqB;IACrB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEjD,OAAO,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,cAAc,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChG,OAAO,CAAC,KAAK,CACX,sBAAsB,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,uBAAuB,CACvF,CAAC;IAEF,yBAAyB;IACzB,6FAA6F;IAC7F,2FAA2F;IAC3F,oGAAoG;IACpG,MAAM,WAAW,GAAiB;QAChC,qBAAqB,CAAC,OAAO,EAAE,MAAM,CAAC;QACtC,uBAAuB,EAAE;QACzB,0BAA0B,CAAC,OAAO,CAAC;QACnC,oBAAoB,CAAC,aAAa,CAAC;QACnC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,4BAA4B,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7C,gBAAgB;KACjB,CAAC;IAEF,4BAA4B;IAC5B,MAAM,OAAO,GAAG,IAAI,SAAS,CAC3B,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAC7C,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;IAEF,gCAAgC;IAChC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;IAC1C,MAAM,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAE9C,sCAAsC;IACtC,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IAEvE,sCAAsC;IACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,mBAAmB,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAC5F,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,CAAC;IAE3C,OAAO,CAAC,KAAK,CACX,4BAA4B,SAAS,sBAAsB,WAAW,YAAY,UAAU,WAAW,CACxG,CAAC;IAEF,kBAAkB;IAClB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEjC,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAEjD,sDAAsD;IACtD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,IAAI,YAAY;YAAE,OAAO;QACzB,YAAY,GAAG,IAAI,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,aAAa,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,2CAA2C,EAC3C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,uCAAuC,EACvC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/gateway/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,4BAA4B,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAC;AAChF,OAAO,EAAE,yBAAyB,EAAE,MAAM,4BAA4B,CAAC;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,iCAAiC,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAO/D;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAqB;IACtD,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAE5B,qBAAqB;IACrB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEjD,OAAO,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,cAAc,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAChG,OAAO,CAAC,KAAK,CACX,sBAAsB,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,uBAAuB,CACvF,CAAC;IAEF,yBAAyB;IACzB,6FAA6F;IAC7F,2FAA2F;IAC3F,uGAAuG;IACvG,gGAAgG;IAChG,wGAAwG;IACxG,sGAAsG;IACtG,0FAA0F;IAC1F,iKAAiK;IACjK,MAAM,eAAe,GAClB,MAA6C,CAAC,mBAAmB,KAAK,MAAM;QAC3E,CAAC,CAAE,MAAgB;QACnB,CAAC,CAAE,OAAiB,CAAC;IAEzB,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,aAAa,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;IAE5C,MAAM,WAAW,GAAiB;QAChC,qBAAqB,CAAC,OAAO,EAAE,MAAM,CAAC;QACtC,uBAAuB,EAAE;QACzB,0BAA0B,CAAC,OAAO,CAAC;QACnC,oBAAoB,CAAC,aAAa,CAAC;QACnC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,4BAA4B,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7C,yBAAyB,CAAC,WAAW,CAAC;QACtC,8BAA8B,CAAC,cAAc,CAAC;QAC9C,gBAAgB;QAChB,yBAAyB,CAAC,eAAe,CAAC;QAC1C,6BAA6B,CAAC,aAAa,CAAC;KAC7C,CAAC;IAEF,4BAA4B;IAC5B,MAAM,OAAO,GAAG,IAAI,SAAS,CAC3B,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAC7C,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;IAEF,gCAAgC;IAChC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;IAC1C,MAAM,aAAa,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAE9C,uEAAuE;IACvE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,oBAAoB,CAAC,aAAa,CAAC,CAAC;IACjE,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CACX,aAAa,UAAU,CAAC,MAAM,iGAAiG,CAChI,CAAC;IACJ,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IAEvE,sCAAsC;IACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,mBAAmB,CAAC,OAAO,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IAC5F,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,CAAC;IAE3C,OAAO,CAAC,KAAK,CACX,4BAA4B,SAAS,sBAAsB,WAAW,YAAY,UAAU,WAAW,CACxG,CAAC;IAEF,kBAAkB;IAClB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEjC,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAEjD,sDAAsD;IACtD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,IAAI,YAAY;YAAE,OAAO;QACzB,YAAY,GAAG,IAAI,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,aAAa,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,2CAA2C,EAC3C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,uCAAuC,EACvC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAClC,CAAC"}

package/dist/gateway/tool-proxy.js

@@ -53,7 +53,7 @@ export class ToolProxy {
                             tool_name: tool.name,
                             server_name: serverName,
                             arguments: args,
-                            session_id: '',
+                            session_id: crypto.randomUUID(),
                             status: InvocationStatus.Allowed,
                             start_time: Date.now(),
                             metadata: {},

package/dist/gateway/tool-proxy.js.map

@@ -1 +1 @@
-{"version":3,"file":"tool-proxy.js","sourceRoot":"","sources":["../../src/gateway/tool-proxy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAUrD;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,WAAoC;IACjE,MAAM,SAAS,GAA8B,EAAE,CAAC;IAChD,MAAM,UAAU,GAAG,WAAW,CAAC,UAAiD,CAAC;IACjF,MAAM,QAAQ,GAAI,WAAW,CAAC,QAAqB,IAAI,EAAE,CAAC;IAE1D,IAAI,UAAU,EAAE,CAAC;QACf,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1C,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC;IAClD,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,MAAM,OAAO,SAAS;IACZ,KAAK,GAAqB,EAAE,CAAC;IAErC,KAAK,CAAC,mBAAmB,CACvB,OAAkB,EAClB,aAA4B,EAC5B,WAAyB;QAEzB,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,EAAE,CAAC;QAE9C,KAAK,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,OAAO,EAAE,CAAC;YAC5C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAChD,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBAChC,MAAM,cAAc,GAAG,GAAG,UAAU,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC;oBAErD,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;wBACd,IAAI,EAAE,cAAc;wBACpB,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;wBACnC,WAAW,EAAE,IAAI,CAAC,WAAsC;wBACxD,UAAU;wBACV,MAAM,EAAE,OAAO;qBAChB,CAAC,CAAC;oBAEH,sDAAsD;oBACtD,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,WAAsC,CAAC,CAAC;oBAErF,sDAAsD;oBACtD,OAAO,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE;wBAC/E,yEAAyE;wBACzE,MAAM,IAAI,GAAG,EAAE,GAAG,MAAM,EAA6B,CAAC;wBACtD,0CAA0C;wBAC1C,OAAO,IAAI,CAAC,YAAY,CAAC;wBAEzB,MAAM,GAAG,GAAsB;4BAC7B,SAAS,EAAE,IAAI,CAAC,IAAI;4BACpB,WAAW,EAAE,UAAU;4BACvB,SAAS,EAAE,IAAI;4BACf,UAAU,EAAE,EAAE;4BACd,MAAM,EAAE,gBAAgB,CAAC,OAAO;4BAChC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;4BACtB,QAAQ,EAAE,EAAE;yBACb,CAAC;wBAEF,wEAAwE;wBACxE,MAAM,SAAS,GAAiB;4BAC9B,GAAG,WAAW;4BACd,KAAK,EAAE,QAAQ,EAAE,EAAE;gCACjB,qCAAqC;gCACrC,IAAI,QAAQ,CAAC,MAAM,KAAK,gBAAgB,CAAC,OAAO,EAAE,CAAC;oCACjD,OAAO,CAAC,wCAAwC;gCAClD,CAAC;gCAED,IAAI,CAAC;oCACH,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;wCAC1C,IAAI,EAAE,IAAI,CAAC,IAAI;wCACf,SAAS,EAAE,QAAQ,CAAC,SAAS;qCAC9B,CAAC,CAAC;oCAEH,yEAAyE;oCACzE,MAAM,SAAS,GAAG,MAAM,CAAC;oCACzB,IAAI,KAAoC,CAAC;oCACzC,MAAM,cAAc,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;wCACtD,KAAK,GAAG,UAAU,CAChB,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,IAAI,CAAC,IAAI,qBAAqB,SAAS,IAAI,CAAC,CAAC,EAC7E,SAAS,CACV,CAAC;oCACJ,CAAC,CAAC,CAAC;oCAEH,IAAI,CAAC;wCACH,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;wCACrE,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC;wCAC7B,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC;oCAC7C,CAAC;4CAAS,CAAC;wCACT,YAAY,CAAC,KAAM,CAAC,CAAC;oCACvB,CAAC;gCACH,CAAC;gCAAC,OAAO,GAAG,EAAE,CAAC;oCACb,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC;oCACzC,QAAQ,CAAC,KAAK,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gCACpE,CAAC;4BACH,CAAC;yBACF,CAAC;wBAEF,MAAM,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;wBAEnC,2CAA2C;wBAC3C,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM,EAAE,CAAC;4BAC3C,OAAO;gCACL,OAAO,EAAE;oCACP;wCACE,IAAI,EAAE,MAAe;wCACrB,IAAI,EAAE,YAAY,GAAG,CAAC,KAAK,EAAE;qCAC9B;iCACF;gCACD,OAAO,EAAE,IAAI;6BACd,CAAC;wBACJ,CAAC;wBAED,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,KAAK,EAAE,CAAC;4BAC1C,OAAO;gCACL,OAAO,EAAE;oCACP;wCACE,IAAI,EAAE,MAAe;wCACrB,IAAI,EAAE,WAAW,GAAG,CAAC,KAAK,EAAE;qCAC7B;iCACF;gCACD,OAAO,EAAE,IAAI;6BACd,CAAC;wBACJ,CAAC;wBAED,qCAAqC;wBACrC,MAAM,UAAU,GAAG,GAAG,CAAC,MAA6C,CAAC;wBACrE,IAAI,UAAU,EAAE,OAAO,EAAE,CAAC;4BACxB,OAAO,UAAgE,CAAC;wBAC1E,CAAC;wBAED,OAAO;4BACL,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,MAAe;oCACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;iCACjC;6BACF;yBACF,CAAC;oBACJ,CAAC,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,CAAC,KAAK,CAAC,wBAAwB,MAAM,CAAC,KAAK,CAAC,MAAM,gBAAgB,UAAU,GAAG,CAAC,CAAC;YAC1F,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CACX,4CAA4C,UAAU,IAAI,EAC1D,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}
+{"version":3,"file":"tool-proxy.js","sourceRoot":"","sources":["../../src/gateway/tool-proxy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAUrD;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,WAAoC;IACjE,MAAM,SAAS,GAA8B,EAAE,CAAC;IAChD,MAAM,UAAU,GAAG,WAAW,CAAC,UAAiD,CAAC;IACjF,MAAM,QAAQ,GAAI,WAAW,CAAC,QAAqB,IAAI,EAAE,CAAC;IAE1D,IAAI,UAAU,EAAE,CAAC;QACf,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1C,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC;IAClD,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,MAAM,OAAO,SAAS;IACZ,KAAK,GAAqB,EAAE,CAAC;IAErC,KAAK,CAAC,mBAAmB,CACvB,OAAkB,EAClB,aAA4B,EAC5B,WAAyB;QAEzB,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,EAAE,CAAC;QAE9C,KAAK,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,OAAO,EAAE,CAAC;YAC5C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBAChD,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBAChC,MAAM,cAAc,GAAG,GAAG,UAAU,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC;oBAErD,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;wBACd,IAAI,EAAE,cAAc;wBACpB,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;wBACnC,WAAW,EAAE,IAAI,CAAC,WAAsC;wBACxD,UAAU;wBACV,MAAM,EAAE,OAAO;qBAChB,CAAC,CAAC;oBAEH,sDAAsD;oBACtD,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,WAAsC,CAAC,CAAC;oBAErF,sDAAsD;oBACtD,OAAO,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE;wBAC/E,yEAAyE;wBACzE,MAAM,IAAI,GAAG,EAAE,GAAG,MAAM,EAA6B,CAAC;wBACtD,0CAA0C;wBAC1C,OAAO,IAAI,CAAC,YAAY,CAAC;wBAEzB,MAAM,GAAG,GAAsB;4BAC7B,SAAS,EAAE,IAAI,CAAC,IAAI;4BACpB,WAAW,EAAE,UAAU;4BACvB,SAAS,EAAE,IAAI;4BACf,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE;4BAC/B,MAAM,EAAE,gBAAgB,CAAC,OAAO;4BAChC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;4BACtB,QAAQ,EAAE,EAAE;yBACb,CAAC;wBAEF,wEAAwE;wBACxE,MAAM,SAAS,GAAiB;4BAC9B,GAAG,WAAW;4BACd,KAAK,EAAE,QAAQ,EAAE,EAAE;gCACjB,qCAAqC;gCACrC,IAAI,QAAQ,CAAC,MAAM,KAAK,gBAAgB,CAAC,OAAO,EAAE,CAAC;oCACjD,OAAO,CAAC,wCAAwC;gCAClD,CAAC;gCAED,IAAI,CAAC;oCACH,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;wCAC1C,IAAI,EAAE,IAAI,CAAC,IAAI;wCACf,SAAS,EAAE,QAAQ,CAAC,SAAS;qCAC9B,CAAC,CAAC;oCAEH,yEAAyE;oCACzE,MAAM,SAAS,GAAG,MAAM,CAAC;oCACzB,IAAI,KAAoC,CAAC;oCACzC,MAAM,cAAc,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;wCACtD,KAAK,GAAG,UAAU,CAChB,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,IAAI,CAAC,IAAI,qBAAqB,SAAS,IAAI,CAAC,CAAC,EAC7E,SAAS,CACV,CAAC;oCACJ,CAAC,CAAC,CAAC;oCAEH,IAAI,CAAC;wCACH,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;wCACrE,QAAQ,CAAC,MAAM,GAAG,UAAU,CAAC;wCAC7B,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC;oCAC7C,CAAC;4CAAS,CAAC;wCACT,YAAY,CAAC,KAAM,CAAC,CAAC;oCACvB,CAAC;gCACH,CAAC;gCAAC,OAAO,GAAG,EAAE,CAAC;oCACb,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC;oCACzC,QAAQ,CAAC,KAAK,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gCACpE,CAAC;4BACH,CAAC;yBACF,CAAC;wBAEF,MAAM,YAAY,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;wBAEnC,2CAA2C;wBAC3C,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM,EAAE,CAAC;4BAC3C,OAAO;gCACL,OAAO,EAAE;oCACP;wCACE,IAAI,EAAE,MAAe;wCACrB,IAAI,EAAE,YAAY,GAAG,CAAC,KAAK,EAAE;qCAC9B;iCACF;gCACD,OAAO,EAAE,IAAI;6BACd,CAAC;wBACJ,CAAC;wBAED,IAAI,GAAG,CAAC,MAAM,KAAK,gBAAgB,CAAC,KAAK,EAAE,CAAC;4BAC1C,OAAO;gCACL,OAAO,EAAE;oCACP;wCACE,IAAI,EAAE,MAAe;wCACrB,IAAI,EAAE,WAAW,GAAG,CAAC,KAAK,EAAE;qCAC7B;iCACF;gCACD,OAAO,EAAE,IAAI;6BACd,CAAC;wBACJ,CAAC;wBAED,qCAAqC;wBACrC,MAAM,UAAU,GAAG,GAAG,CAAC,MAA6C,CAAC;wBACrE,IAAI,UAAU,EAAE,OAAO,EAAE,CAAC;4BACxB,OAAO,UAAgE,CAAC;wBAC1E,CAAC;wBAED,OAAO;4BACL,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,MAAe;oCACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;iCACjC;6BACF;yBACF,CAAC;oBACJ,CAAC,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,CAAC,KAAK,CAAC,wBAAwB,MAAM,CAAC,KAAK,CAAC,MAAM,gBAAgB,UAAU,GAAG,CAAC,CAAC;YAC1F,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CACX,4CAA4C,UAAU,IAAI,EAC1D,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}

package/dist/types/daemon.d.ts

@@ -0,0 +1,45 @@
+/**
+ * DaemonConfig — global daemon settings loaded from ~/.reagent/daemon.yaml.
+ *
+ * This file is the source of truth for daemon configuration shape on the
+ * TypeScript side. The Rust daemon reads the same YAML file; keep field names
+ * in sync with daemon/src/config.rs.
+ */
+export interface DaemonConfig {
+    /** TCP port the daemon listens on. Default: 7777 */
+    port: number;
+    /** Bind address. Default: '127.0.0.1' */
+    bind: string;
+    /** Idle session TTL in minutes. Default: 30 */
+    session_ttl_minutes: number;
+    /** Log verbosity passed to the Rust daemon via RUST_LOG. Default: 'info' */
+    log_level: 'debug' | 'info' | 'warn' | 'error';
+    /** Optional API key authentication for the daemon HTTP surface. */
+    auth?: DaemonAuth;
+}
+export interface DaemonAuth {
+    /** List of accepted bearer tokens. If empty or absent, auth is disabled. */
+    api_keys?: readonly string[];
+}
+/** Represents a single active session as returned by GET /sessions.
+ *
+ * Field names match the Rust SessionSummary struct in daemon/src/session.rs.
+ */
+export interface DaemonSession {
+    session_id: string;
+    project_root: string;
+    /** Seconds elapsed since last MCP activity on this session. */
+    last_activity_elapsed_secs: number;
+}
+/** Shape of GET /health response body. */
+export interface DaemonHealthResponse {
+    status: 'ok';
+    version: string;
+    sessions: number;
+    uptime_seconds: number;
+}
+/** Shape of GET /sessions response body. */
+export interface DaemonSessionsResponse {
+    sessions: readonly DaemonSession[];
+}
+//# sourceMappingURL=daemon.d.ts.map

package/dist/types/daemon.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"daemon.d.ts","sourceRoot":"","sources":["../../src/types/daemon.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,WAAW,YAAY;IAC3B,oDAAoD;IACpD,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,+CAA+C;IAC/C,mBAAmB,EAAE,MAAM,CAAC;IAC5B,4EAA4E;IAC5E,SAAS,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC/C,mEAAmE;IACnE,IAAI,CAAC,EAAE,UAAU,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,4EAA4E;IAC5E,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAC9B;AAED;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,+DAA+D;IAC/D,0BAA0B,EAAE,MAAM,CAAC;CACpC;AAED,0CAA0C;AAC1C,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,IAAI,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,4CAA4C;AAC5C,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,SAAS,aAAa,EAAE,CAAC;CACpC"}

package/dist/types/daemon.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=daemon.js.map

package/dist/types/daemon.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"daemon.js","sourceRoot":"","sources":["../../src/types/daemon.ts"],"names":[],"mappings":""}

package/dist/types/gateway.d.ts

@@ -8,9 +8,18 @@ export interface DownstreamServer {
     args: string[];
     env?: Record<string, string>;
     tool_overrides?: Record<string, ToolOverride>;
+    /** Max concurrent in-flight calls to this server (0 = unlimited) */
+    max_concurrent_calls?: number;
+    /** Max calls per minute to this server (0 = unlimited) */
+    calls_per_minute?: number;
+}
+export interface GatewayOptions {
+    /** Cap on tool result size in KB. Results exceeding this are truncated. Default: 512 */
+    max_result_size_kb?: number;
 }
 export interface GatewayConfig {
     version: string;
     servers: Record<string, DownstreamServer>;
+    gateway?: GatewayOptions;
 }
 //# sourceMappingURL=gateway.d.ts.map

package/dist/types/gateway.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"gateway.d.ts","sourceRoot":"","sources":["../../src/types/gateway.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAElC,MAAM,WAAW,YAAY;IAC3B,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;CAC/C;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;CAC3C"}
+{"version":3,"file":"gateway.d.ts","sourceRoot":"","sources":["../../src/types/gateway.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAElC,MAAM,WAAW,YAAY;IAC3B,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAC9C,oEAAoE;IACpE,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,0DAA0D;IAC1D,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,wFAAwF;IACxF,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAC1C,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B"}

package/dist/types/policy.d.ts

@@ -10,5 +10,6 @@ export interface Policy {
     block_ai_attribution: boolean;
     blocked_paths: string[];
     notification_channel: string;
+    injection_detection?: 'block' | 'warn';
 }
 //# sourceMappingURL=policy.d.ts.map

package/dist/types/policy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/types/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,aAAa,CAAC;IAC9B,kBAAkB,EAAE,aAAa,CAAC;IAClC,iCAAiC,EAAE,OAAO,CAAC;IAC3C,oBAAoB,EAAE,OAAO,CAAC;IAC9B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,oBAAoB,EAAE,MAAM,CAAC;CAC9B"}
+{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/types/policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,aAAa,CAAC;IAC9B,kBAAkB,EAAE,aAAa,CAAC;IAClC,iCAAiC,EAAE,OAAO,CAAC;IAC3C,oBAAoB,EAAE,OAAO,CAAC;IAC9B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,oBAAoB,EAAE,MAAM,CAAC;IAE7B,mBAAmB,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CACxC"}

package/hooks/_lib/discord.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+# hooks/_lib/discord.sh — Discord notification helpers for local git hooks
+# Source this file; do not execute it directly.
+#
+# Requires: curl (for webhook delivery), gateway.yaml (for channel config)
+# Design: always silently no-ops when Discord isn't configured — hooks must
+# never block or add perceptible latency because of a missing notification setup.
+
+# Post an embed message to a Discord webhook.
+# Usage: discord_notify <channel_type> <message> [<color>]
+#   channel_type: dev | alert | release | task
+#   color:        green | red | yellow | blue  (default: blue)
+#
+# Webhook resolution order:
+#   1. REAGENT_DISCORD_WEBHOOK env var (overrides everything)
+#   2. Per-channel env vars: REAGENT_DISCORD_WEBHOOK_DEV, _ALERT, _RELEASE, _TASK
+#   3. gateway.yaml channel webhook entries (parsed with grep/awk, no jq needed)
+#
+# The curl call runs in the background so it never stalls the hook.
+discord_notify() {
+  local channel_type="$1"
+  local message="$2"
+  local color="${3:-blue}"
+
+  # Bail immediately if curl isn't present — no point continuing
+  if ! command -v curl >/dev/null 2>&1; then
+    return 0
+  fi
+
+  local repo_root
+  repo_root="$(git rev-parse --show-toplevel 2>/dev/null)" || return 0
+
+  local gateway_yaml="${repo_root}/.reagent/gateway.yaml"
+
+  # Resolve webhook: env override first, then per-channel env, then gateway.yaml
+  local webhook="${REAGENT_DISCORD_WEBHOOK:-}"
+
+  if [ -z "$webhook" ]; then
+    local upper_type
+    upper_type="$(printf '%s' "$channel_type" | tr '[:lower:]' '[:upper:]')"
+    local env_var="REAGENT_DISCORD_WEBHOOK_${upper_type}"
+    webhook="${!env_var:-}"
+  fi
+
+  if [ -z "$webhook" ] && [ -f "$gateway_yaml" ]; then
+    # Expect a block like:
+    #   dev_channel:
+    #     webhook: "https://discord.com/api/webhooks/..."
+    webhook=$(grep -A2 "${channel_type}_channel:" "$gateway_yaml" 2>/dev/null \
+      | grep "webhook:" \
+      | awk '{print $2}' \
+      | tr -d '"'"'" 2>/dev/null || true)
+  fi
+
+  # Nothing configured for this channel — silent no-op
+  [ -z "$webhook" ] && return 0
+
+  local color_int
+  case "$color" in
+    green)  color_int=3066993  ;;
+    red)    color_int=15158332 ;;
+    yellow) color_int=16776960 ;;
+    *)      color_int=3447003  ;;   # blue
+  esac
+
+  # Escape the message for JSON: backslashes, double-quotes, and control chars
+  local escaped_message
+  escaped_message="$(printf '%s' "$message" | sed 's/\\/\\\\/g; s/"/\\"/g' 2>/dev/null || printf '%s' "$message")"
+
+  # Fire-and-forget: run in the background so the hook returns immediately
+  curl -s -X POST "$webhook" \
+    -H "Content-Type: application/json" \
+    -d "{\"embeds\":[{\"description\":\"${escaped_message}\",\"color\":${color_int}}]}" \
+    >/dev/null 2>&1 &
+}

package/hooks/blocked-paths-enforcer.sh

@@ -138,7 +138,6 @@ for blocked in "${BLOCKED_PATHS[@]}"; do
   # Glob pattern match (contains *)
   if [[ "$blocked" == *'*'* ]]; then
     # Convert glob to regex: . → \., * → .*
-    local regex
     regex=$(printf '%s' "$LOWER_BLOCKED" | sed 's/\./\\./g; s/\*/.*/g')
     if printf '%s' "$LOWER_NORM" | grep -qE "^${regex}$"; then
       {

package/hooks/changeset-security-gate.sh

@@ -0,0 +1,143 @@
+#!/usr/bin/env bash
+# changeset-security-gate.sh — PreToolUse: Write|Edit
+#
+# Guards .changeset/*.md files against two failure modes:
+#
+# 1. SECURITY DISCLOSURE LEAK — GHSA IDs or CVE numbers written to a changeset
+#    file before the advisory is published. Changeset files are committed to git
+#    and appear verbatim in CHANGELOG.md — referencing a GHSA ID pre-publish
+#    creates public pre-disclosure in git history.
+#
+# 2. MISSING OR MALFORMED FRONTMATTER — changeset files without proper frontmatter
+#    are silently ignored by the changesets tool, wasting the release entry.
+#
+# Triggered by: PreToolUse — Write and Edit tools
+
+set -euo pipefail
+
+# shellcheck source=_lib/common.sh
+source "$(dirname "$0")/_lib/common.sh"
+
+check_halt
+
+INPUT="$(cat)"
+TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
+
+# Only handle Write and Edit
+if [[ "$TOOL_NAME" != "Write" && "$TOOL_NAME" != "Edit" ]]; then
+  exit 0
+fi
+
+FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // ""')
+
+# Only care about .changeset/*.md files — exclude README.md (changeset tool metadata)
+if ! echo "$FILE_PATH" | grep -qE '\.changeset/[^/]+\.md$' || echo "$FILE_PATH" | grep -qE '\.changeset/README\.md$'; then
+  exit 0
+fi
+
+require_jq
+
+# Extract the content being written
+if [[ "$TOOL_NAME" == "Write" ]]; then
+  CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // ""')
+else
+  # For Edit: check the new_string being inserted
+  CONTENT=$(echo "$INPUT" | jq -r '.tool_input.new_string // ""')
+fi
+
+# ─── 1. SECURITY DISCLOSURE CHECK ───────────────────────────────────────────
+#
+# These patterns in a changeset mean security details are about to be committed
+# to git history BEFORE the advisory is published — creating pre-disclosure.
+# GHSA IDs and CVE numbers must NEVER appear in changeset files.
+
+DISCLOSURE_PATTERNS=(
+  'GHSA-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}'
+  'CVE-[0-9]{4}-[0-9]+'
+)
+
+MATCHED_PATTERN=""
+for PATTERN in "${DISCLOSURE_PATTERNS[@]}"; do
+  if echo "$CONTENT" | grep -qE "$PATTERN"; then
+    MATCHED_PATTERN="$PATTERN"
+    break
+  fi
+done
+
+if [[ -n "$MATCHED_PATTERN" ]]; then
+  json_output "block" \
+    "CHANGESET SECURITY GATE: This changeset contains a security advisory identifier (matched: '${MATCHED_PATTERN}').
+
+Do NOT reference GHSA IDs or CVE numbers in changeset files before the advisory is published.
+Changeset files are committed to git — this creates pre-disclosure in public history and CHANGELOG.
+
+CORRECT approach for security fix changesets:
+  Use vague language only — no identifiers, no vulnerability details.
+
+  WRONG:  'fix(hooks): patch GHSA-3w3m-7gg4-f82g — symlink-guard now covers Edit tool'
+  RIGHT:  'security: extend symlink protection to cover all write-capable tools'
+
+  WRONG:  'security: fix CVE-2026-1234 prompt injection via tool descriptions'
+  RIGHT:  'security: harden middleware chain against indirect instruction attacks'
+
+After the release ships:
+  1. Publish the GitHub Security Advisory (Security tab → Advisories → Publish)
+  2. The GHSA becomes the detailed public disclosure document
+  3. Optionally update CHANGELOG.md post-publish to add the GHSA reference"
+fi
+
+# ─── 2. FRONTMATTER VALIDATION ───────────────────────────────────────────────
+#
+# A changeset without valid frontmatter is silently ignored by the changesets
+# tool — the package bump and CHANGELOG entry never appear in the release.
+
+# Must start with ---
+if ! echo "$CONTENT" | head -1 | grep -qE '^---'; then
+  json_output "block" \
+    "CHANGESET FORMAT GATE: Missing frontmatter block.
+
+Every changeset must start with a frontmatter block specifying which package to bump:
+
+---
+'@bookedsolid/reagent': patch
+---
+
+Brief description of what changed and why (close #N if applicable).
+
+Bump types: patch (bug fix/security), minor (new feature), major (breaking change)"
+fi
+
+# Must have at least one package bump entry and a closing ---
+FRONTMATTER=$(echo "$CONTENT" | awk '/^---/{count++; if(count==2){exit} next} count==1{print}')
+if ! echo "$FRONTMATTER" | grep -qE "^'.+': (patch|minor|major)"; then
+  json_output "block" \
+    "CHANGESET FORMAT GATE: Frontmatter does not contain a valid package bump entry.
+
+The frontmatter must include at least one package/bump pair:
+
+---
+'@bookedsolid/reagent': patch
+---
+
+Valid bump types: patch | minor | major"
+fi
+
+# Must have a non-empty description after the closing ---
+DESCRIPTION=$(echo "$CONTENT" | awk 'BEGIN{count=0} /^---/{count++; next} count>=2{print}' | grep -v '^[[:space:]]*$' | head -1 || true)
+if [[ -z "$DESCRIPTION" ]]; then
+  json_output "block" \
+    "CHANGESET FORMAT GATE: Missing description after frontmatter.
+
+Add a meaningful description explaining what changed and why:
+
+---
+'@bookedsolid/reagent': patch
+---
+
+fix(gateway): policy-loader now uses async I/O with 500ms TTL cache
+
+Previously, loadPolicy used fs.readFileSync on every tool invocation, blocking
+the event loop under concurrency. Closes #34."
+fi
+
+exit 0

package/hooks/commit-review-gate.sh

@@ -97,15 +97,23 @@ if [[ "$SCORE" == "trivial" ]]; then
   exit 0
 fi
 
-# ── 9. Standard → check review cache ─────────────────────────────────────────
-if [[ "$SCORE" == "standard" ]]; then
+# ── 9. Resolve reagent CLI (node_modules/.bin first, dist fallback) ───────────
+REAGENT_CLI_ARGS=()
+if [[ -f "${REAGENT_ROOT}/node_modules/.bin/reagent" ]]; then
+  REAGENT_CLI_ARGS=(node "${REAGENT_ROOT}/node_modules/.bin/reagent")
+elif [[ -f "${REAGENT_ROOT}/dist/cli/index.js" ]]; then
+  REAGENT_CLI_ARGS=(node "${REAGENT_ROOT}/dist/cli/index.js")
+fi
+
+# ── 10. Standard + Significant → check review cache ───────────────────────────
+if [[ "$SCORE" == "standard" ]] || [[ "$SCORE" == "significant" ]]; then
   # Compute SHA of staged content for cache lookup
   STAGED_SHA=$(cd "$REAGENT_ROOT" && git diff --cached | shasum -a 256 | cut -d' ' -f1 2>/dev/null || echo "")
   BRANCH=$(cd "$REAGENT_ROOT" && git branch --show-current 2>/dev/null || echo "")
 
-  if [[ -n "$STAGED_SHA" ]]; then
+  if [[ -n "$STAGED_SHA" ]] && [[ ${#REAGENT_CLI_ARGS[@]} -gt 0 ]]; then
     # Check review cache via reagent CLI
-    CACHE_RESULT=$(node "${REAGENT_ROOT}/node_modules/.bin/reagent" cache check "$STAGED_SHA" --branch "$BRANCH" 2>/dev/null || echo '{"hit":false}')
+    CACHE_RESULT=$("${REAGENT_CLI_ARGS[@]}" cache check "$STAGED_SHA" --branch "$BRANCH" 2>/dev/null || echo '{"hit":false}')
     if printf '%s' "$CACHE_RESULT" | jq -e '.hit == true' >/dev/null 2>&1; then
       exit 0
     fi

package/hooks/import-guard.sh

@@ -83,6 +83,20 @@ if printf '%s' "$CONTENT" | grep -qE "require\([^'\"][^)]*\)"; then
   WARNINGS+=("Dynamic require(variable) — loading modules by variable name can be exploited for path traversal. Prefer static imports.")
 fi
 
+# ESM dynamic import() of dangerous modules: await import('child_process'), import('vm').then(...)
+if printf '%s' "$CONTENT" | grep -qE "import\(['\"]child_process['\"]"; then
+  WARNINGS+=("import('child_process') — ESM dynamic import grants shell execution capability. Use safer alternatives or document the necessity.")
+fi
+
+if printf '%s' "$CONTENT" | grep -qE "import\(['\"]vm['\"]"; then
+  WARNINGS+=("import('vm') — ESM dynamic import of Node.js VM module allows dynamic code execution. Ensure input is fully trusted and sandboxed.")
+fi
+
+# Dynamic import() with a variable or template literal: import(variable), import(\`...\`)
+if printf '%s' "$CONTENT" | grep -qE "import\([^'\"(][^)]*\)"; then
+  WARNINGS+=("Dynamic import(variable) — loading modules by variable name or template literal can be exploited for path traversal. Prefer static imports.")
+fi
+
 if [[ ${#WARNINGS[@]} -eq 0 ]]; then
   exit 0
 fi

package/hooks/network-exfil-guard.sh

@@ -65,7 +65,25 @@ if printf '%s' "$CMD" | grep -qiE '(curl|wget).*-d[[:space:]]+@'; then
   exit 2
 fi
 
-# ── Check 3: Host allowlist ───────────────────────────────────────────────────
+# ── Check 3: Shell variable URL interpolation ─────────────────────────────────
+# Detect curl/wget with variable-interpolated URLs that cannot be inspected at hook time.
+# Patterns: curl $VAR, curl ${VAR}, curl "$VAR/path", curl "${VAR}/api", wget $VAR, etc.
+# Uses two sub-patterns:
+#   1. Bare variable argument (space before $VAR, ends with space or EOL)
+#   2. Quoted variable as URL start (space before "$VAR...")
+if printf '%s' "$CMD" | grep -qiE '(curl|wget)[^|]*[[:space:]][$][{]?[A-Za-z_][A-Za-z0-9_]*[}]?([[:space:]]|$)' || \
+   printf '%s' "$CMD" | grep -qiE '(curl|wget)[^|]*[[:space:]]"[$][{]?[A-Za-z_][A-Za-z0-9_]*[}]?[^"]*"'; then
+  printf 'NETWORK-EXFIL-GUARD: Shell variable URL interpolation detected\n' >&2
+  printf '  Pattern: curl/wget with a shell variable as the URL argument\n' >&2
+  printf '  Command: %s\n' "$(printf '%s' "$CMD" | head -c 200)" >&2
+  printf 'Warning: The destination URL cannot be inspected at hook time because it is stored in a variable.\n' >&2
+  printf 'Please confirm the variable resolves to an allowlisted host before proceeding.\n' >&2
+  printf 'Allowlisted hosts: registry.npmjs.org, github.com, api.github.com, raw.githubusercontent.com\n' >&2
+  printf 'If you are certain the destination is safe, replace the variable with a literal URL.\n' >&2
+  exit 2
+fi
+
+# ── Check 4: Host allowlist ───────────────────────────────────────────────────
 ALLOWLIST=(
   "registry.npmjs.org"
   "github.com"
@@ -80,7 +98,7 @@ ALLOWLIST=(
 URLS=$(printf '%s' "$CMD" | grep -oE 'https?://[^[:space:]"'"'"']+' | head -20)
 
 if [[ -z "$URLS" ]]; then
-  # No parseable URLs — allow (could be a variable-based URL we can't inspect)
+  # No parseable literal URLs found (variable-based URLs already caught above)
   exit 0
 fi
 

package/hooks/pr-issue-link-gate.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# pr-issue-link-gate.sh — PreToolUse: Bash
+#
+# Ensures every `gh pr create` command references at least one GitHub issue
+# via closes/fixes/resolves #N syntax in the PR body. When the magic keyword
+# is present, GitHub automatically closes the linked issue when the PR merges
+# to the default branch and creates a cross-reference in the issue timeline.
+#
+# This gate is ADVISORY (exit 0) — it warns but does not block. Some PRs
+# legitimately have no linked issue (chores, hotfixes, release PRs). The
+# advisory gives the agent an opportunity to add the link before proceeding.
+#
+# Only active for Bash tool calls containing `gh pr create`.
+# JSONL-only projects (no GitHub) are unaffected — gh is unavailable there.
+#
+# Triggered by: PreToolUse — Bash tool
+
+set -euo pipefail
+
+# shellcheck source=_lib/common.sh
+source "$(dirname "$0")/_lib/common.sh"
+
+check_halt
+
+INPUT="$(cat)"
+TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
+
+if [[ "$TOOL_NAME" != "Bash" ]]; then
+  exit 0
+fi
+
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // ""')
+
+# Only intercept gh pr create
+if ! echo "$COMMAND" | grep -qE 'gh\s+pr\s+create'; then
+  exit 0
+fi
+
+require_jq
+
+# Check for closing keywords followed by an issue number
+# Accepted: closes #N, fixes #N, resolves #N (case-insensitive, any spacing)
+if echo "$COMMAND" | grep -qiE '(closes|fixes|resolves)\s+#[0-9]+'; then
+  exit 0
+fi
+
+# Advisory — warn but do not block.
+# Chore PRs, release PRs, and hotfixes may legitimately have no linked issue.
+printf 'PR ISSUE LINK ADVISORY: This PR does not reference a GitHub issue.\n' >&2
+printf '\n' >&2
+printf 'When a PR body includes a closing reference, GitHub automatically:\n' >&2
+printf '  - Closes the issue when the PR merges to the default branch\n' >&2
+printf '  - Creates a cross-reference in the issue timeline\n' >&2
+printf '  - Links the PR in the CHANGELOG context\n' >&2
+printf '\n' >&2
+printf 'Add to the --body:\n' >&2
+printf '  closes #N    closes one issue\n' >&2
+printf '  fixes #N     same effect\n' >&2
+printf '  resolves #N  same effect\n' >&2
+printf '  closes #N, closes #M   closes multiple issues\n' >&2
+printf '\n' >&2
+printf 'If this is a chore, release, or hotfix PR with no upstream issue, you may proceed.\n' >&2
+
+# Exit 0 — advisory only, does not block the PR creation
+exit 0

package/hooks/push-review-gate.sh

@@ -79,9 +79,24 @@ LINE_COUNT=$(printf '%s' "$DIFF_FULL" | grep -cE '^\+[^+]|^-[^-]' 2>/dev/null ||
 # ── 8. Check review cache ────────────────────────────────────────────────────
 PUSH_SHA=$(printf '%s' "$DIFF_FULL" | shasum -a 256 | cut -d' ' -f1 2>/dev/null || echo "")
 
-if [[ -n "$PUSH_SHA" ]]; then
-  CACHE_RESULT=$(node "${REAGENT_ROOT}/node_modules/.bin/reagent" cache check "$PUSH_SHA" --branch "$CURRENT_BRANCH" --base "$TARGET_BRANCH" 2>/dev/null || echo '{"hit":false}')
+# Resolve reagent CLI (node_modules/.bin first, dist fallback)
+REAGENT_CLI_ARGS=()
+if [[ -f "${REAGENT_ROOT}/node_modules/.bin/reagent" ]]; then
+  REAGENT_CLI_ARGS=(node "${REAGENT_ROOT}/node_modules/.bin/reagent")
+elif [[ -f "${REAGENT_ROOT}/dist/cli/index.js" ]]; then
+  REAGENT_CLI_ARGS=(node "${REAGENT_ROOT}/dist/cli/index.js")
+fi
+
+if [[ -n "$PUSH_SHA" ]] && [[ ${#REAGENT_CLI_ARGS[@]} -gt 0 ]]; then
+  CACHE_RESULT=$("${REAGENT_CLI_ARGS[@]}" cache check "$PUSH_SHA" --branch "$CURRENT_BRANCH" --base "$TARGET_BRANCH" 2>/dev/null || echo '{"hit":false}')
   if printf '%s' "$CACHE_RESULT" | jq -e '.hit == true' >/dev/null 2>&1; then
+    # Review was already approved — notify and allow the push through
+    DISCORD_LIB="${REAGENT_ROOT}/hooks/_lib/discord.sh"
+    if [ -f "$DISCORD_LIB" ]; then
+      # shellcheck source=/dev/null
+      source "$DISCORD_LIB"
+      discord_notify "dev" "Push passed quality gates on \`${CURRENT_BRANCH}\` -- $(cd "$REAGENT_ROOT" && git log -1 --oneline 2>/dev/null)" "green"
+    fi
     exit 0
   fi
 fi