@botbotgo/agent-harness 0.0.158 → 0.0.160

package/README.md

@@ -882,7 +882,9 @@ Primary exports:
 - `listArtifacts`
 - `getArtifact`
 - `exportEvaluationBundle`
+- `replayEvaluationBundle`
 - `createAcpServer`
+- `serveAcpStdio`
 - `createToolMcpServer`
 - `serveToolsOverStdio`
 - `stop`

package/README.zh.md

@@ -841,7 +841,9 @@ spec:
 - `listArtifacts`
 - `getArtifact`
 - `exportEvaluationBundle`
+- `replayEvaluationBundle`
 - `createAcpServer`
+- `serveAcpStdio`
 - `createToolMcpServer`
 - `serveToolsOverStdio`
 - `stop`

package/dist/api.d.ts

@@ -1,4 +1,4 @@
-import type { ArtifactListing, CancelOptions, InvocationEnvelope, ListMemoriesInput, ListMemoriesResult, MemoryRecord, MemorizeInput, MemorizeResult, MessageContent, RecallInput, RecallResult, RemoveMemoryInput, RequestRecord, RequestSummary, ResumeOptions, RunDecisionOptions, RunResult, RunStartOptions, RuntimeHealthSnapshot, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, SessionRecord, SessionSummary, UpdateMemoryInput, WorkspaceLoadOptions } from "./contracts/types.js";
+import type { ArtifactListing, CancelOptions, InvocationEnvelope, ListMemoriesInput, ListMemoriesResult, MemoryRecord, MemorizeInput, MemorizeResult, MessageContent, RecallInput, RecallResult, RemoveMemoryInput, RequestRecord, RequestSummary, ResumeOptions, RunDecisionOptions, RunResult, RunStartOptions, RuntimeHealthSnapshot, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, SessionRecord, SessionSummary, UpdateMemoryInput, WorkspaceLoadOptions } from "./contracts/types.js";
 import { AgentHarnessRuntime } from "./runtime/harness.js";
 import type { InventoryAgentRecord, InventorySkillRecord } from "./runtime/harness/system/inventory.js";
 import type { RequirementAssessmentOptions } from "./runtime/harness/system/skill-requirements.js";
@@ -8,7 +8,8 @@ export type { AcpApproval, AcpArtifact, AcpEventNotification, AcpJsonRpcError, A
 export { AgentHarnessRuntime } from "./runtime/harness.js";
 export { buildFlowGraph, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid } from "./flow/index.js";
 export { createUpstreamTimelineReducer } from "./upstream-events.js";
-export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, UpdateMemoryInput, } from "./contracts/types.js";
+export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, UpdateMemoryInput, } from "./contracts/types.js";
+export type { AcpStdioServer, AcpStdioServerOptions } from "./protocol/acp/stdio.js";
 type PublicApprovalRecord = {
     approvalId: string;
     pendingActionId: string;
@@ -86,6 +87,8 @@ export declare function getArtifact(runtime: AgentHarnessRuntime, input: {
 }): Promise<unknown>;
 export declare function getHealth(runtime: AgentHarnessRuntime): Promise<RuntimeHealthSnapshot>;
 export declare function exportEvaluationBundle(runtime: AgentHarnessRuntime, input: RuntimeEvaluationExportInput): Promise<RuntimeEvaluationExport>;
+export declare function replayEvaluationBundle(runtime: AgentHarnessRuntime, input: RuntimeEvaluationReplayInput): Promise<RuntimeEvaluationReplayResult>;
+export declare function serveAcpStdio(runtime: AgentHarnessRuntime, options?: import("./protocol/acp/stdio.js").AcpStdioServerOptions): import("./protocol/acp/stdio.js").AcpStdioServer;
 export declare function listAgentSkills(runtime: AgentHarnessRuntime, agentId: string, options?: RequirementAssessmentOptions): InventorySkillRecord[];
 export declare function getAgent(runtime: AgentHarnessRuntime, agentId: string, options?: RequirementAssessmentOptions): InventoryAgentRecord | null;
 export declare function describeInventory(runtime: AgentHarnessRuntime, options?: RequirementAssessmentOptions): {

package/dist/api.js

@@ -1,4 +1,5 @@
 import { AgentHarnessRuntime } from "./runtime/harness.js";
+import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 import { normalizeMessageContent } from "./utils/message-content.js";
 import { loadWorkspace } from "./workspace/compile.js";
 export { AgentHarnessAcpServer, createAcpServer } from "./acp.js";
@@ -192,6 +193,12 @@ export async function getHealth(runtime) {
 export async function exportEvaluationBundle(runtime, input) {
     return runtime.exportEvaluationBundle(input);
 }
+export async function replayEvaluationBundle(runtime, input) {
+    return runtime.replayEvaluationBundle(input);
+}
+export function serveAcpStdio(runtime, options) {
+    return serveAcpOverStdio(runtime, options);
+}
 export function listAgentSkills(runtime, agentId, options) {
     return runtime.listAgentSkills(agentId, options);
 }

package/dist/cli.d.ts

@@ -1,8 +1,14 @@
 #!/usr/bin/env node
+import { createAgentHarness } from "./api.js";
+import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 type CliIo = {
     cwd?: string;
     stdout?: (message: string) => void;
     stderr?: (message: string) => void;
 };
-export declare function runCli(argv: string[], io?: CliIo): Promise<number>;
+type CliDeps = {
+    createAgentHarness?: typeof createAgentHarness;
+    serveAcpOverStdio?: typeof serveAcpOverStdio;
+};
+export declare function runCli(argv: string[], io?: CliIo, deps?: CliDeps): Promise<number>;
 export {};

package/dist/cli.js

@@ -1,10 +1,13 @@
 #!/usr/bin/env node
 import path from "node:path";
 import { pathToFileURL } from "node:url";
+import { createAgentHarness } from "./api.js";
 import { initProject } from "./init-project.js";
+import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 function renderUsage() {
     return `Usage:
   agent-harness init <project-name> [--template deep-research|single-agent] [--provider <provider>] [--model <model>] [--with-web-search|--no-web-search]
+  agent-harness acp serve [--workspace <path>] [--transport stdio]
 `;
 }
 function isTemplate(value) {
@@ -46,11 +49,43 @@ function parseInitOptions(args) {
     }
     return { options };
 }
-export async function runCli(argv, io = {}) {
+function parseAcpServeOptions(args) {
+    let workspaceRoot;
+    let transport = "stdio";
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (arg === "--workspace") {
+            const value = args[index + 1];
+            if (!value) {
+                return { transport, error: "Missing value for --workspace" };
+            }
+            workspaceRoot = value;
+            index += 1;
+            continue;
+        }
+        if (arg === "--transport") {
+            const value = args[index + 1];
+            if (!value) {
+                return { transport, error: "Missing value for --transport" };
+            }
+            if (value !== "stdio") {
+                return { transport, error: `Unsupported ACP transport: ${value}` };
+            }
+            transport = "stdio";
+            index += 1;
+            continue;
+        }
+        return { transport, error: `Unknown option: ${arg}` };
+    }
+    return { workspaceRoot, transport };
+}
+export async function runCli(argv, io = {}, deps = {}) {
     const cwd = io.cwd ?? process.cwd();
     const stdout = io.stdout ?? ((message) => process.stdout.write(message));
     const stderr = io.stderr ?? ((message) => process.stderr.write(message));
     const [command, projectName, ...rest] = argv;
+    const createHarness = deps.createAgentHarness ?? createAgentHarness;
+    const serveAcp = deps.serveAcpOverStdio ?? serveAcpOverStdio;
     if (command === "init") {
         if (!projectName?.trim()) {
             stderr(renderUsage());
@@ -81,6 +116,32 @@ export async function runCli(argv, io = {}) {
             return 1;
         }
     }
+    if (command === "acp") {
+        const [subcommand, ...subcommandArgs] = [projectName, ...rest];
+        if (subcommand !== "serve") {
+            stderr(renderUsage());
+            return 1;
+        }
+        const parsed = parseAcpServeOptions(subcommandArgs);
+        if (parsed.error) {
+            stderr(`${parsed.error}\n`);
+            stderr(renderUsage());
+            return 1;
+        }
+        try {
+            const runtime = await createHarness(path.resolve(cwd, parsed.workspaceRoot ?? "."));
+            stderr(`Serving ACP over ${parsed.transport} from ${path.resolve(cwd, parsed.workspaceRoot ?? ".")}\n`);
+            const server = serveAcp(runtime);
+            await server.completed;
+            await runtime.stop();
+            return 0;
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : String(error);
+            stderr(`${message}\n`);
+            return 1;
+        }
+    }
     stderr(renderUsage());
     return 1;
 }

package/dist/contracts/runtime.d.ts

@@ -593,6 +593,11 @@ export type RuntimeEvaluationArtifact = ArtifactRecord & {
 export type RuntimeEvaluationExport = {
     session: SessionRecord | null;
     request: RequestRecord | null;
+    runRequest: {
+        input: MessageContent;
+        invocation?: InvocationEnvelope;
+        priority?: number;
+    } | null;
     approvals: ApprovalRecord[];
     transcript: TranscriptMessage[];
     events: HarnessEvent[];
@@ -603,6 +608,24 @@ export type RuntimeEvaluationExport = {
     tags: string[];
     metadata?: Record<string, unknown>;
 };
+export type RuntimeEvaluationReplayInput = {
+    bundle: RuntimeEvaluationExport;
+    agentId?: string;
+    sessionId?: string;
+    invocation?: InvocationEnvelope;
+};
+export type RuntimeEvaluationReplayResult = {
+    request: {
+        agentId: string;
+        input: MessageContent;
+        invocation?: InvocationEnvelope;
+        sessionId?: string;
+    };
+    result: RunResult;
+    assertions: {
+        expectedOutputMatched?: boolean;
+    };
+};
 export type RuntimeInventoryContext = {
     workspace: WorkspaceBundle;
 };

package/dist/contracts/workspace.d.ts

@@ -234,6 +234,7 @@ export type CompiledAgentBinding = {
         workspaceRoot?: string;
         capabilities?: RuntimeCapabilities;
         resilience?: Record<string, unknown>;
+        governance?: Record<string, unknown>;
         deepagent?: {
             description?: string;
             passthrough?: Record<string, unknown>;

package/dist/index.d.ts

@@ -1,7 +1,8 @@
-export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
+export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
 export type { AcpApproval, AcpArtifact, AcpEventNotification, AcpJsonRpcError, AcpJsonRpcRequest, AcpJsonRpcResponse, AcpJsonRpcSuccess, AcpRequestRecord, AcpRunRequestParams, AcpServerCapabilities, AcpSessionRecord, } from "./acp.js";
-export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, NormalizeUserChatInputOptions, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, UpdateMemoryInput, UserChatInput, UserChatMessage, } from "./api.js";
+export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, NormalizeUserChatInputOptions, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, UpdateMemoryInput, UserChatInput, UserChatMessage, } from "./api.js";
 export type { BuildFlowGraphInput, FlowEdge, FlowEdgeKind, FlowGraph, FlowGraphMermaidOptions, FlowGraphSequenceMermaidOptions, FlowGroup, FlowGroupKind, FlowNode, FlowNodeKind, FlowNodeLayer, FlowNodeStatus, } from "./flow/index.js";
+export type { AcpStdioServer, AcpStdioServerOptions } from "./api.js";
 export type { ToolMcpServerOptions } from "./mcp.js";
 export { tool } from "./tools.js";
 export type { UpstreamTimelineProjection, UpstreamTimelineReducer } from "./upstream-events.js";

package/dist/index.js

@@ -1,2 +1,2 @@
-export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
+export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
 export { tool } from "./tools.js";

package/dist/package-version.d.ts

@@ -1 +1 @@
-export declare const AGENT_HARNESS_VERSION = "0.0.157";
+export declare const AGENT_HARNESS_VERSION = "0.0.159";

package/dist/package-version.js

@@ -1 +1 @@
-export const AGENT_HARNESS_VERSION = "0.0.157";
+export const AGENT_HARNESS_VERSION = "0.0.159";

package/dist/protocol/acp/stdio.d.ts

@@ -0,0 +1,11 @@
+import type { Readable, Writable } from "node:stream";
+import type { AgentHarnessRuntime } from "../../runtime/harness.js";
+export type AcpStdioServerOptions = {
+    input?: Readable;
+    output?: Writable;
+};
+export type AcpStdioServer = {
+    completed: Promise<void>;
+    close: () => Promise<void>;
+};
+export declare function serveAcpOverStdio(runtime: AgentHarnessRuntime, options?: AcpStdioServerOptions): AcpStdioServer;

package/dist/protocol/acp/stdio.js

@@ -0,0 +1,69 @@
+import { createInterface } from "node:readline";
+import { createAcpServer } from "../../acp.js";
+function writeJsonLine(output, payload) {
+    return new Promise((resolve, reject) => {
+        output.write(`${JSON.stringify(payload)}\n`, (error) => {
+            if (error) {
+                reject(error);
+                return;
+            }
+            resolve();
+        });
+    });
+}
+export function serveAcpOverStdio(runtime, options = {}) {
+    const input = options.input ?? process.stdin;
+    const output = options.output ?? process.stdout;
+    const server = createAcpServer(runtime);
+    const unsubscribe = server.subscribe((notification) => {
+        void writeJsonLine(output, notification);
+    });
+    const lineReader = createInterface({
+        input,
+        crlfDelay: Infinity,
+    });
+    const completed = (async () => {
+        try {
+            for await (const line of lineReader) {
+                const trimmed = line.trim();
+                if (trimmed.length === 0) {
+                    continue;
+                }
+                let request;
+                try {
+                    request = JSON.parse(trimmed);
+                }
+                catch {
+                    await writeJsonLine(output, {
+                        jsonrpc: "2.0",
+                        id: null,
+                        error: {
+                            code: -32700,
+                            message: "Invalid JSON payload.",
+                        },
+                    });
+                    continue;
+                }
+                const response = await server.handle(request);
+                if (response) {
+                    await writeJsonLine(output, response);
+                }
+            }
+        }
+        finally {
+            unsubscribe();
+            lineReader.close();
+        }
+    })();
+    return {
+        completed,
+        close: async () => {
+            unsubscribe();
+            lineReader.close();
+            if (typeof input.destroy === "function") {
+                input.destroy();
+            }
+            await completed.catch(() => undefined);
+        },
+    };
+}

package/dist/runtime/harness/run/governance.js

@@ -43,8 +43,67 @@ function toCategory(toolType) {
     }
     return "local";
 }
+function asObject(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value) ? value : null;
+}
+function readStringArray(value) {
+    return Array.isArray(value)
+        ? value.filter((item) => typeof item === "string" && item.trim().length > 0).map((item) => item.trim())
+        : [];
+}
+function readRisk(value) {
+    return value === "low" || value === "medium" || value === "high" ? value : undefined;
+}
+function readApprovalPolicy(value) {
+    return value === "explicit-hitl" || value === "runtime-default" || value === "none" ? value : undefined;
+}
+function matchesToolPolicy(rule, policy) {
+    const match = asObject(rule.match) ?? rule;
+    const toolName = typeof match.toolName === "string" ? match.toolName.trim() : undefined;
+    const category = typeof match.category === "string" ? match.category.trim() : undefined;
+    const toolType = typeof match.toolType === "string" ? match.toolType.trim() : undefined;
+    return (!toolName || toolName === policy.toolName)
+        && (!category || category === policy.category)
+        && (!toolType || toolType === policy.toolType);
+}
+function applyGovernanceOverrides(binding, policies) {
+    const governance = asObject(binding.harnessRuntime.governance);
+    const overrides = Array.isArray(governance?.toolPolicies) ? governance.toolPolicies : [];
+    if (overrides.length === 0) {
+        return policies;
+    }
+    return policies.map((policy) => {
+        const merged = { ...policy };
+        for (const rule of overrides) {
+            const typedRule = asObject(rule);
+            if (!typedRule || !matchesToolPolicy(typedRule, merged)) {
+                continue;
+            }
+            const overrideRisk = readRisk(typedRule.risk);
+            const overrideApprovalPolicy = readApprovalPolicy(typedRule.approvalPolicy);
+            const overrideRequiresApproval = typeof typedRule.requiresApproval === "boolean" ? typedRule.requiresApproval : undefined;
+            if (overrideRisk) {
+                merged.risk = overrideRisk;
+            }
+            if (overrideRequiresApproval !== undefined) {
+                merged.requiresApproval = overrideRequiresApproval;
+            }
+            if (overrideApprovalPolicy) {
+                merged.approvalPolicy = overrideApprovalPolicy;
+            }
+            else if (overrideRequiresApproval === true && merged.approvalPolicy === "none") {
+                merged.approvalPolicy = "runtime-default";
+            }
+            const extraHints = readStringArray(typedRule.inputRiskHints);
+            if (extraHints.length > 0) {
+                merged.inputRiskHints = Array.from(new Set([...merged.inputRiskHints, ...extraHints]));
+            }
+        }
+        return merged;
+    });
+}
 export function buildRuntimeGovernanceBundles(binding) {
-    const toolPolicies = getBindingPrimaryTools(binding).map((tool) => {
+    const toolPolicies = applyGovernanceOverrides(binding, getBindingPrimaryTools(binding).map((tool) => {
         const requiresApproval = toolRequiresRuntimeApproval(tool);
         return {
             toolName: tool.name,
@@ -63,7 +122,7 @@ export function buildRuntimeGovernanceBundles(binding) {
             hasInputSchema: typeof tool.inputSchemaRef === "string" && tool.inputSchemaRef.trim().length > 0,
             inputRiskHints: inputHints(binding, tool),
         };
-    });
+    }));
     if (toolPolicies.length === 0) {
         return [];
     }

package/dist/runtime/harness/system/policy-engine.js

@@ -9,6 +9,35 @@ export class PolicyEngine {
         const reasons = [];
         const bundles = [];
         let allowed = true;
+        const governance = typeof binding.harnessRuntime.governance === "object" && binding.harnessRuntime.governance
+            ? binding.harnessRuntime.governance
+            : undefined;
+        const denyConfig = typeof governance?.deny === "object" && governance.deny
+            ? governance.deny
+            : undefined;
+        if (denyConfig) {
+            const deniedNames = new Set(Array.isArray(denyConfig.toolNames)
+                ? denyConfig.toolNames.filter((item) => typeof item === "string" && item.trim().length > 0).map((item) => item.trim())
+                : []);
+            const deniedCategories = new Set(Array.isArray(denyConfig.categories)
+                ? denyConfig.categories.filter((item) => typeof item === "string" && item.trim().length > 0).map((item) => item.trim())
+                : []);
+            const tools = binding.execution?.params?.tools ?? binding.langchainAgentParams?.tools ?? binding.deepAgentParams?.tools ?? [];
+            const blocked = tools.filter((tool) => {
+                const category = tool.type === "mcp"
+                    ? "mcp"
+                    : tool.type === "backend"
+                        ? "backend"
+                        : tool.type === "provider"
+                            ? "provider-native"
+                            : "local";
+                return deniedNames.has(tool.name) || deniedCategories.has(category);
+            });
+            if (blocked.length > 0) {
+                allowed = false;
+                reasons.push(`runtime governance denied tool access: ${blocked.map((tool) => tool.name).join(", ")}`);
+            }
+        }
         for (const evaluator of getPolicyEvaluators()) {
             const decision = evaluator.evaluate(binding);
             if (!decision) {

package/dist/runtime/harness.d.ts

@@ -1,4 +1,4 @@
-import type { ApprovalRecord, ArtifactListing, CancelOptions, HarnessEvent, HarnessStreamItem, RuntimeHealthSnapshot, ListMemoriesInput, ListMemoriesResult, MessageContent, RemoveMemoryInput, RunRecord, RunStartOptions, RestartConversationOptions, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, ResumeOptions, RunOptions, RunResult, RunSummary, MemoryRecord, MemorizeInput, MemorizeResult, RecallInput, RecallResult, UpdateMemoryInput, ThreadSummary, ThreadRecord, WorkspaceBundle } from "../contracts/types.js";
+import type { ApprovalRecord, ArtifactListing, CancelOptions, HarnessEvent, HarnessStreamItem, RuntimeHealthSnapshot, ListMemoriesInput, ListMemoriesResult, MessageContent, RemoveMemoryInput, RunRecord, RunStartOptions, RestartConversationOptions, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, ResumeOptions, RunOptions, RunResult, RunSummary, MemoryRecord, MemorizeInput, MemorizeResult, RecallInput, RecallResult, UpdateMemoryInput, ThreadSummary, ThreadRecord, WorkspaceBundle } from "../contracts/types.js";
 import { type ToolMcpServerOptions } from "../mcp.js";
 import { type InventoryAgentRecord, type InventorySkillRecord } from "./harness/system/inventory.js";
 import type { RequirementAssessmentOptions } from "./harness/system/skill-requirements.js";
@@ -86,6 +86,7 @@ export declare class AgentHarnessRuntime {
     readArtifact(threadId: string, runId: string, artifactPath: string): Promise<unknown>;
     listRunEvents(threadId: string, runId: string): Promise<HarnessEvent[]>;
     exportEvaluationBundle(input: RuntimeEvaluationExportInput): Promise<RuntimeEvaluationExport>;
+    replayEvaluationBundle(input: RuntimeEvaluationReplayInput): Promise<RuntimeEvaluationReplayResult>;
     listAgentSkills(agentId: string, options?: RequirementAssessmentOptions): InventorySkillRecord[];
     getAgent(agentId: string, options?: RequirementAssessmentOptions): InventoryAgentRecord | null;
     describeWorkspaceInventory(options?: RequirementAssessmentOptions): {

package/dist/runtime/harness.js

@@ -487,6 +487,7 @@ export class AgentHarnessRuntime {
     async exportEvaluationBundle(input) {
         const thread = await this.getThread(input.sessionId);
         const run = await this.getRun(input.requestId);
+        const runRequest = await this.persistence.getRunRequest(input.sessionId, input.requestId);
         const approvals = await this.listApprovals({ threadId: input.sessionId, runId: input.requestId });
         const transcript = await this.persistence.listThreadMessages(input.sessionId, 500);
         const events = await this.persistence.listRunEvents(input.sessionId, input.requestId);
@@ -503,6 +504,13 @@ export class AgentHarnessRuntime {
         return {
             session: thread ? toSessionRecord(thread) : null,
             request: run ? toRequestRecord(run) : null,
+            runRequest: runRequest
+                ? {
+                    input: runRequest.input,
+                    ...(runRequest.invocation ? { invocation: runRequest.invocation } : {}),
+                    ...(typeof runRequest.priority === "number" ? { priority: runRequest.priority } : {}),
+                }
+                : (deriveRunRequestFromTranscript(transcript, input.requestId) ?? null),
             approvals,
             transcript,
             events,
@@ -520,6 +528,36 @@ export class AgentHarnessRuntime {
             ...(input.metadata ? { metadata: { ...input.metadata } } : {}),
         };
     }
+    async replayEvaluationBundle(input) {
+        const replayAgentId = input.agentId ?? input.bundle.request?.agentId ?? input.bundle.session?.entryAgentId;
+        if (!replayAgentId) {
+            throw new Error("Evaluation replay requires an agentId on the replay input or exported bundle.");
+        }
+        const replayRequest = input.bundle.runRequest ?? deriveRunRequestFromTranscript(input.bundle.transcript, input.bundle.request?.requestId);
+        if (!replayRequest) {
+            throw new Error("Evaluation replay requires bundle.runRequest from exportEvaluationBundle.");
+        }
+        const invocation = input.invocation ?? replayRequest.invocation;
+        const result = await this.run({
+            agentId: replayAgentId,
+            input: replayRequest.input,
+            ...(input.sessionId ? { threadId: input.sessionId } : {}),
+            ...(invocation ? { invocation } : {}),
+        });
+        const expected = typeof input.bundle.expectedOutput === "string" ? input.bundle.expectedOutput.trim() : "";
+        return {
+            request: {
+                agentId: replayAgentId,
+                input: replayRequest.input,
+                ...(invocation ? { invocation } : {}),
+                ...(input.sessionId ? { sessionId: input.sessionId } : {}),
+            },
+            result,
+            assertions: {
+                ...(expected.length > 0 ? { expectedOutputMatched: result.output.includes(expected) } : {}),
+            },
+        };
+    }
     listAgentSkills(agentId, options = {}) {
         return listWorkspaceAgentSkills(this.workspace, agentId, {
             assessRequirements: isInventoryEnabled(this.workspace),
@@ -1475,3 +1513,9 @@ function toSessionRecord(record) {
 function toRequestRecord(record) {
     return toRequestSummary(record);
 }
+function deriveRunRequestFromTranscript(transcript, runId) {
+    const candidate = [...transcript]
+        .reverse()
+        .find((message) => message.role === "user" && (!runId || message.runId === runId));
+    return candidate ? { input: candidate.content } : null;
+}

package/dist/workspace/agent-binding-compiler.js

@@ -340,6 +340,7 @@ export function compileBinding(workspaceRoot, agent, agents, referencedSubagentI
     const runtimeFilesystemDefaults = agent.executionMode === "langchain-v1"
         ? asObject(runtimeDefaults?.filesystem)
         : undefined;
+    const runtimeGovernanceDefaults = asObject(runtimeDefaults?.governance);
     const compiledFilesystemConfig = agent.executionMode === "langchain-v1"
         ? mergeConfigObjects(runtimeFilesystemDefaults, getAgentExecutionObject(agent, "filesystem", { executionMode: "langchain-v1" }))
         : undefined;
@@ -355,6 +356,7 @@ export function compileBinding(workspaceRoot, agent, agents, referencedSubagentI
             workspaceRoot,
             capabilities: inferAgentCapabilities(agent),
             resilience,
+            ...(runtimeGovernanceDefaults ? { governance: runtimeGovernanceDefaults } : {}),
             ...(agent.executionMode === "deepagent"
                 ? {
                     deepagent: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@botbotgo/agent-harness",
-  "version": "0.0.158",
+  "version": "0.0.160",
   "description": "Workspace runtime for multi-agent applications",
   "type": "module",
   "packageManager": "npm@10.9.2",