@botbotgo/agent-harness 0.0.160 → 0.0.162

package/README.md

@@ -881,9 +881,13 @@ Primary exports:
 - `getApproval`
 - `listArtifacts`
 - `getArtifact`
+- `listRunEvents`
+- `exportRunPackage`
+- `exportSessionPackage`
 - `exportEvaluationBundle`
 - `replayEvaluationBundle`
 - `createAcpServer`
+- `serveAcpHttp`
 - `serveAcpStdio`
 - `createToolMcpServer`
 - `serveToolsOverStdio`
@@ -901,3 +905,10 @@ Inspection helpers:
 - `exportFlowGraphToSequenceMermaid(...)` renders the same inspection graph as a Mermaid sequence diagram. By default it emits only user-defined participants and calls, while `view: "debug"` includes runtime participants and lifecycle messages.
 
 These helpers are visualization and inspection utilities. They do not introduce a canonical harness-owned execution protocol.
+
+ACP transport notes:
+
+- `serveAcpStdio(runtime)` exposes newline-delimited JSON-RPC over stdio for local IDE, CLI, or subprocess clients.
+- `serveAcpHttp(runtime)` exposes JSON-RPC over HTTP plus SSE runtime events so remote operator surfaces can connect without importing the runtime in-process.
+- `exportRunPackage(...)` and `exportSessionPackage(...)` package stable runtime records, transcript, approvals, events, and artifacts for operator tooling without reaching into persistence internals.
+- `runtime/default.governance.remoteMcp` can now deny or allow specific MCP servers, raise approval requirements by transport, and stamp transport-based risk tiers into runtime governance bundles.

package/README.zh.md

@@ -840,9 +840,13 @@ spec:
 - `getApproval`
 - `listArtifacts`
 - `getArtifact`
+- `listRunEvents`
+- `exportRunPackage`
+- `exportSessionPackage`
 - `exportEvaluationBundle`
 - `replayEvaluationBundle`
 - `createAcpServer`
+- `serveAcpHttp`
 - `serveAcpStdio`
 - `createToolMcpServer`
 - `serveToolsOverStdio`
@@ -860,3 +864,10 @@ Inspection 辅助工具：
 - `exportFlowGraphToSequenceMermaid(...)` 可把同一份 inspection graph 导出为 Mermaid sequence diagram。默认只输出用户定义的参与者与调用；传 `view: "debug"` 才会包含 runtime participant 与生命周期消息。
 
 这些 helper 只用于可视化与检查，不代表新的 harness 官方执行协议。
+
+ACP transport 说明：
+
+- `serveAcpStdio(runtime)` 提供基于 stdio 的 newline-delimited JSON-RPC，适合本地 IDE、CLI 或子进程客户端。
+- `serveAcpHttp(runtime)` 提供基于 HTTP 的 JSON-RPC 与 SSE runtime events，适合远程 operator surface 或独立控制面接入。
+- `exportRunPackage(...)` 与 `exportSessionPackage(...)` 可把稳定 runtime 记录、transcript、approvals、events 和 artifacts 打包给 operator tooling，而不必直接访问 persistence 内部实现。
+- `runtime/default.governance.remoteMcp` 现在可以按 MCP server 或 transport 做 allow/deny、审批升级，并把 transport 风险等级写进 runtime governance bundles。

package/dist/api.d.ts

@@ -1,4 +1,4 @@
-import type { ArtifactListing, CancelOptions, InvocationEnvelope, ListMemoriesInput, ListMemoriesResult, MemoryRecord, MemorizeInput, MemorizeResult, MessageContent, RecallInput, RecallResult, RemoveMemoryInput, RequestRecord, RequestSummary, ResumeOptions, RunDecisionOptions, RunResult, RunStartOptions, RuntimeHealthSnapshot, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, SessionRecord, SessionSummary, UpdateMemoryInput, WorkspaceLoadOptions } from "./contracts/types.js";
+import type { ArtifactListing, CancelOptions, InvocationEnvelope, ListMemoriesInput, ListMemoriesResult, MemoryRecord, MemorizeInput, MemorizeResult, MessageContent, RecallInput, RecallResult, RemoveMemoryInput, RequestRecord, RequestSummary, ResumeOptions, RunDecisionOptions, RunResult, RunStartOptions, RuntimeHealthSnapshot, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, RuntimeRunPackage, RuntimeRunPackageInput, RuntimeSessionPackage, RuntimeSessionPackageInput, SessionRecord, SessionSummary, UpdateMemoryInput, WorkspaceLoadOptions } from "./contracts/types.js";
 import { AgentHarnessRuntime } from "./runtime/harness.js";
 import type { InventoryAgentRecord, InventorySkillRecord } from "./runtime/harness/system/inventory.js";
 import type { RequirementAssessmentOptions } from "./runtime/harness/system/skill-requirements.js";
@@ -8,7 +8,8 @@ export type { AcpApproval, AcpArtifact, AcpEventNotification, AcpJsonRpcError, A
 export { AgentHarnessRuntime } from "./runtime/harness.js";
 export { buildFlowGraph, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid } from "./flow/index.js";
 export { createUpstreamTimelineReducer } from "./upstream-events.js";
-export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, UpdateMemoryInput, } from "./contracts/types.js";
+export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, RuntimeRunPackage, RuntimeRunPackageInput, RuntimeSessionPackage, RuntimeSessionPackageInput, UpdateMemoryInput, } from "./contracts/types.js";
+export type { AcpHttpServer, AcpHttpServerOptions } from "./protocol/acp/http.js";
 export type { AcpStdioServer, AcpStdioServerOptions } from "./protocol/acp/stdio.js";
 type PublicApprovalRecord = {
     approvalId: string;
@@ -85,10 +86,17 @@ export declare function getArtifact(runtime: AgentHarnessRuntime, input: {
     requestId: string;
     artifactPath: string;
 }): Promise<unknown>;
+export declare function listRunEvents(runtime: AgentHarnessRuntime, input: {
+    sessionId: string;
+    requestId: string;
+}): Promise<import("./contracts/runtime.js").HarnessEvent[]>;
 export declare function getHealth(runtime: AgentHarnessRuntime): Promise<RuntimeHealthSnapshot>;
+export declare function exportRunPackage(runtime: AgentHarnessRuntime, input: RuntimeRunPackageInput): Promise<RuntimeRunPackage>;
+export declare function exportSessionPackage(runtime: AgentHarnessRuntime, input: RuntimeSessionPackageInput): Promise<RuntimeSessionPackage>;
 export declare function exportEvaluationBundle(runtime: AgentHarnessRuntime, input: RuntimeEvaluationExportInput): Promise<RuntimeEvaluationExport>;
 export declare function replayEvaluationBundle(runtime: AgentHarnessRuntime, input: RuntimeEvaluationReplayInput): Promise<RuntimeEvaluationReplayResult>;
 export declare function serveAcpStdio(runtime: AgentHarnessRuntime, options?: import("./protocol/acp/stdio.js").AcpStdioServerOptions): import("./protocol/acp/stdio.js").AcpStdioServer;
+export declare function serveAcpHttp(runtime: AgentHarnessRuntime, options?: import("./protocol/acp/http.js").AcpHttpServerOptions): Promise<import("./protocol/acp/http.js").AcpHttpServer>;
 export declare function listAgentSkills(runtime: AgentHarnessRuntime, agentId: string, options?: RequirementAssessmentOptions): InventorySkillRecord[];
 export declare function getAgent(runtime: AgentHarnessRuntime, agentId: string, options?: RequirementAssessmentOptions): InventoryAgentRecord | null;
 export declare function describeInventory(runtime: AgentHarnessRuntime, options?: RequirementAssessmentOptions): {

package/dist/api.js

@@ -1,4 +1,5 @@
 import { AgentHarnessRuntime } from "./runtime/harness.js";
+import { serveAcpOverHttp } from "./protocol/acp/http.js";
 import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 import { normalizeMessageContent } from "./utils/message-content.js";
 import { loadWorkspace } from "./workspace/compile.js";
@@ -187,9 +188,18 @@ export async function listArtifacts(runtime, input) {
 export async function getArtifact(runtime, input) {
     return runtime.readArtifact(input.sessionId, input.requestId, input.artifactPath);
 }
+export async function listRunEvents(runtime, input) {
+    return runtime.listRunEvents(input.sessionId, input.requestId);
+}
 export async function getHealth(runtime) {
     return runtime.getHealth();
 }
+export async function exportRunPackage(runtime, input) {
+    return runtime.exportRunPackage(input);
+}
+export async function exportSessionPackage(runtime, input) {
+    return runtime.exportSessionPackage(input);
+}
 export async function exportEvaluationBundle(runtime, input) {
     return runtime.exportEvaluationBundle(input);
 }
@@ -199,6 +209,9 @@ export async function replayEvaluationBundle(runtime, input) {
 export function serveAcpStdio(runtime, options) {
     return serveAcpOverStdio(runtime, options);
 }
+export async function serveAcpHttp(runtime, options) {
+    return serveAcpOverHttp(runtime, options);
+}
 export function listAgentSkills(runtime, agentId, options) {
     return runtime.listAgentSkills(agentId, options);
 }

package/dist/cli.d.ts

@@ -1,5 +1,6 @@
 #!/usr/bin/env node
 import { createAgentHarness } from "./api.js";
+import { serveAcpOverHttp } from "./protocol/acp/http.js";
 import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 type CliIo = {
     cwd?: string;
@@ -8,6 +9,7 @@ type CliIo = {
 };
 type CliDeps = {
     createAgentHarness?: typeof createAgentHarness;
+    serveAcpOverHttp?: typeof serveAcpOverHttp;
     serveAcpOverStdio?: typeof serveAcpOverStdio;
 };
 export declare function runCli(argv: string[], io?: CliIo, deps?: CliDeps): Promise<number>;

package/dist/cli.js

@@ -3,11 +3,12 @@ import path from "node:path";
 import { pathToFileURL } from "node:url";
 import { createAgentHarness } from "./api.js";
 import { initProject } from "./init-project.js";
+import { serveAcpOverHttp } from "./protocol/acp/http.js";
 import { serveAcpOverStdio } from "./protocol/acp/stdio.js";
 function renderUsage() {
     return `Usage:
   agent-harness init <project-name> [--template deep-research|single-agent] [--provider <provider>] [--model <model>] [--with-web-search|--no-web-search]
-  agent-harness acp serve [--workspace <path>] [--transport stdio]
+  agent-harness acp serve [--workspace <path>] [--transport stdio|http] [--host <hostname>] [--port <port>]
 `;
 }
 function isTemplate(value) {
@@ -52,6 +53,8 @@ function parseInitOptions(args) {
 function parseAcpServeOptions(args) {
     let workspaceRoot;
     let transport = "stdio";
+    let hostname;
+    let port;
     for (let index = 0; index < args.length; index += 1) {
         const arg = args[index];
         if (arg === "--workspace") {
@@ -66,18 +69,40 @@ function parseAcpServeOptions(args) {
         if (arg === "--transport") {
             const value = args[index + 1];
             if (!value) {
-                return { transport, error: "Missing value for --transport" };
+                return { transport, hostname, port, error: "Missing value for --transport" };
             }
-            if (value !== "stdio") {
-                return { transport, error: `Unsupported ACP transport: ${value}` };
+            if (value !== "stdio" && value !== "http") {
+                return { transport, hostname, port, error: `Unsupported ACP transport: ${value}` };
             }
-            transport = "stdio";
+            transport = value;
             index += 1;
             continue;
         }
-        return { transport, error: `Unknown option: ${arg}` };
+        if (arg === "--host") {
+            const value = args[index + 1];
+            if (!value) {
+                return { transport, hostname, port, error: "Missing value for --host" };
+            }
+            hostname = value;
+            index += 1;
+            continue;
+        }
+        if (arg === "--port") {
+            const value = args[index + 1];
+            if (!value) {
+                return { transport, hostname, port, error: "Missing value for --port" };
+            }
+            const parsedPort = Number.parseInt(value, 10);
+            if (!Number.isFinite(parsedPort) || parsedPort < 0) {
+                return { transport, hostname, port, error: `Invalid ACP port: ${value}` };
+            }
+            port = parsedPort;
+            index += 1;
+            continue;
+        }
+        return { transport, hostname, port, error: `Unknown option: ${arg}` };
     }
-    return { workspaceRoot, transport };
+    return { workspaceRoot, transport, hostname, port };
 }
 export async function runCli(argv, io = {}, deps = {}) {
     const cwd = io.cwd ?? process.cwd();
@@ -85,6 +110,7 @@ export async function runCli(argv, io = {}, deps = {}) {
     const stderr = io.stderr ?? ((message) => process.stderr.write(message));
     const [command, projectName, ...rest] = argv;
     const createHarness = deps.createAgentHarness ?? createAgentHarness;
+    const serveAcpHttp = deps.serveAcpOverHttp ?? serveAcpOverHttp;
     const serveAcp = deps.serveAcpOverStdio ?? serveAcpOverStdio;
     if (command === "init") {
         if (!projectName?.trim()) {
@@ -130,9 +156,20 @@ export async function runCli(argv, io = {}, deps = {}) {
         }
         try {
             const runtime = await createHarness(path.resolve(cwd, parsed.workspaceRoot ?? "."));
-            stderr(`Serving ACP over ${parsed.transport} from ${path.resolve(cwd, parsed.workspaceRoot ?? ".")}\n`);
-            const server = serveAcp(runtime);
-            await server.completed;
+            const workspacePath = path.resolve(cwd, parsed.workspaceRoot ?? ".");
+            if (parsed.transport === "http") {
+                const server = await serveAcpHttp(runtime, {
+                    hostname: parsed.hostname,
+                    port: parsed.port,
+                });
+                stderr(`Serving ACP over http from ${workspacePath} at ${server.rpcUrl} (events ${server.eventsUrl})\n`);
+                await server.completed;
+            }
+            else {
+                stderr(`Serving ACP over stdio from ${workspacePath}\n`);
+                const server = serveAcp(runtime);
+                await server.completed;
+            }
             await runtime.stop();
             return 0;
         }

package/dist/contracts/runtime.d.ts

@@ -102,6 +102,8 @@ export type RuntimeGovernanceToolPolicy = {
     toolId: string;
     toolType: string;
     category: "local" | "backend" | "mcp" | "provider-native";
+    mcpServerRef?: string;
+    mcpTransport?: string;
     risk: RuntimeGovernanceRiskLevel;
     requiresApproval: boolean;
     approvalPolicy: "explicit-hitl" | "runtime-default" | "none";
@@ -626,6 +628,36 @@ export type RuntimeEvaluationReplayResult = {
         expectedOutputMatched?: boolean;
     };
 };
+export type RuntimeRunPackageInput = {
+    sessionId: string;
+    requestId: string;
+    includeArtifacts?: boolean;
+    includeArtifactContents?: boolean;
+    includeRuntimeHealth?: boolean;
+};
+export type RuntimeRunPackage = {
+    session: SessionRecord | null;
+    request: RequestRecord | null;
+    approvals: ApprovalRecord[];
+    transcript: TranscriptMessage[];
+    events: HarnessEvent[];
+    artifacts: RuntimeEvaluationArtifact[];
+    runtimeHealth?: RuntimeHealthSnapshot;
+};
+export type RuntimeSessionPackageInput = {
+    sessionId: string;
+    includeArtifacts?: boolean;
+    includeArtifactContents?: boolean;
+    includeRuntimeHealth?: boolean;
+};
+export type RuntimeSessionPackage = {
+    session: SessionRecord | null;
+    requests: RequestRecord[];
+    approvals: ApprovalRecord[];
+    transcript: TranscriptMessage[];
+    runs: RuntimeRunPackage[];
+    runtimeHealth?: RuntimeHealthSnapshot;
+};
 export type RuntimeInventoryContext = {
     workspace: WorkspaceBundle;
 };

package/dist/index.d.ts

@@ -1,8 +1,8 @@
-export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
+export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, exportRunPackage, exportSessionPackage, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, listRunEvents, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpHttp, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
 export type { AcpApproval, AcpArtifact, AcpEventNotification, AcpJsonRpcError, AcpJsonRpcRequest, AcpJsonRpcResponse, AcpJsonRpcSuccess, AcpRequestRecord, AcpRunRequestParams, AcpServerCapabilities, AcpSessionRecord, } from "./acp.js";
-export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, NormalizeUserChatInputOptions, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, UpdateMemoryInput, UserChatInput, UserChatMessage, } from "./api.js";
+export type { ListMemoriesInput, ListMemoriesResult, MemoryDecision, MemoryKind, MemoryRecord, MemoryScope, MemorizeInput, MemorizeResult, NormalizeUserChatInputOptions, RecallInput, RecallResult, RemoveMemoryInput, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, RuntimeRunPackage, RuntimeRunPackageInput, RuntimeSessionPackage, RuntimeSessionPackageInput, UpdateMemoryInput, UserChatInput, UserChatMessage, } from "./api.js";
 export type { BuildFlowGraphInput, FlowEdge, FlowEdgeKind, FlowGraph, FlowGraphMermaidOptions, FlowGraphSequenceMermaidOptions, FlowGroup, FlowGroupKind, FlowNode, FlowNodeKind, FlowNodeLayer, FlowNodeStatus, } from "./flow/index.js";
-export type { AcpStdioServer, AcpStdioServerOptions } from "./api.js";
+export type { AcpHttpServer, AcpHttpServerOptions, AcpStdioServer, AcpStdioServerOptions } from "./api.js";
 export type { ToolMcpServerOptions } from "./mcp.js";
 export { tool } from "./tools.js";
 export type { UpstreamTimelineProjection, UpstreamTimelineReducer } from "./upstream-events.js";

package/dist/index.js

@@ -1,2 +1,2 @@
-export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
+export { AgentHarnessAcpServer, AgentHarnessRuntime, buildFlowGraph, cancelRun, createAgentHarness, createAcpServer, createUpstreamTimelineReducer, createToolMcpServer, deleteSession, describeInventory, exportEvaluationBundle, exportRunPackage, exportSessionPackage, replayEvaluationBundle, getArtifact, getAgent, getApproval, getRequest, getHealth, listMemories, listRunEvents, getSession, listAgentSkills, listArtifacts, listApprovals, listRequests, listSessions, memorize, normalizeUserChatInput, recall, removeMemory, resolveApproval, run, serveAcpHttp, serveAcpStdio, serveToolsOverStdio, subscribe, stop, updateMemory, exportFlowGraphToMermaid, exportFlowGraphToSequenceMermaid, } from "./api.js";
 export { tool } from "./tools.js";

package/dist/package-version.d.ts

@@ -1 +1 @@
-export declare const AGENT_HARNESS_VERSION = "0.0.159";
+export declare const AGENT_HARNESS_VERSION = "0.0.161";

package/dist/package-version.js

@@ -1 +1 @@
-export const AGENT_HARNESS_VERSION = "0.0.159";
+export const AGENT_HARNESS_VERSION = "0.0.161";

package/dist/protocol/acp/http.d.ts

@@ -0,0 +1,20 @@
+import { type Server } from "node:http";
+import type { AgentHarnessRuntime } from "../../runtime/harness.js";
+export type AcpHttpServerOptions = {
+    hostname?: string;
+    port?: number;
+    rpcPath?: string;
+    eventsPath?: string;
+};
+export type AcpHttpServer = {
+    hostname: string;
+    port: number;
+    rpcPath: string;
+    eventsPath: string;
+    rpcUrl: string;
+    eventsUrl: string;
+    completed: Promise<void>;
+    close: () => Promise<void>;
+};
+export declare function serveAcpOverHttp(runtime: AgentHarnessRuntime, options?: AcpHttpServerOptions): Promise<AcpHttpServer>;
+export type { Server as AcpHttpNodeServer };

package/dist/protocol/acp/http.js

@@ -0,0 +1,130 @@
+import { createServer } from "node:http";
+import { createAcpServer } from "../../acp.js";
+function normalizePath(value, fallback) {
+    const source = typeof value === "string" && value.trim().length > 0 ? value.trim() : fallback;
+    return source.startsWith("/") ? source : `/${source}`;
+}
+function writeJson(response, statusCode, payload) {
+    response.statusCode = statusCode;
+    response.setHeader("content-type", "application/json; charset=utf-8");
+    response.end(JSON.stringify(payload));
+}
+function readRequestBody(request) {
+    return new Promise((resolve, reject) => {
+        const chunks = [];
+        request.on("data", (chunk) => {
+            chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+        });
+        request.on("end", () => {
+            resolve(Buffer.concat(chunks).toString("utf8"));
+        });
+        request.on("error", reject);
+    });
+}
+export async function serveAcpOverHttp(runtime, options = {}) {
+    const hostname = options.hostname?.trim() || "127.0.0.1";
+    const port = typeof options.port === "number" && Number.isFinite(options.port) ? options.port : 0;
+    const rpcPath = normalizePath(options.rpcPath, "/rpc");
+    const eventsPath = normalizePath(options.eventsPath, "/events");
+    const server = createAcpServer(runtime);
+    const eventSubscribers = new Set();
+    const unsubscribe = server.subscribe((notification) => {
+        const payload = `data: ${JSON.stringify(notification)}\n\n`;
+        for (const response of Array.from(eventSubscribers)) {
+            if (response.writableEnded || response.destroyed) {
+                eventSubscribers.delete(response);
+                continue;
+            }
+            response.write(payload);
+        }
+    });
+    const httpServer = createServer(async (request, response) => {
+        try {
+            const requestUrl = new URL(request.url ?? "/", `http://${hostname}`);
+            if (request.method === "GET" && requestUrl.pathname === eventsPath) {
+                response.statusCode = 200;
+                response.setHeader("content-type", "text/event-stream; charset=utf-8");
+                response.setHeader("cache-control", "no-cache, no-transform");
+                response.setHeader("connection", "keep-alive");
+                response.write(": connected\n\n");
+                eventSubscribers.add(response);
+                request.on("close", () => {
+                    eventSubscribers.delete(response);
+                    response.end();
+                });
+                return;
+            }
+            if (request.method === "POST" && requestUrl.pathname === rpcPath) {
+                const body = await readRequestBody(request);
+                let payload;
+                try {
+                    payload = JSON.parse(body);
+                }
+                catch {
+                    writeJson(response, 400, {
+                        jsonrpc: "2.0",
+                        id: null,
+                        error: {
+                            code: -32700,
+                            message: "Invalid JSON payload.",
+                        },
+                    });
+                    return;
+                }
+                const rpcResponse = await server.handle(payload);
+                if (!rpcResponse) {
+                    response.statusCode = 204;
+                    response.end();
+                    return;
+                }
+                writeJson(response, 200, rpcResponse);
+                return;
+            }
+            writeJson(response, 404, {
+                error: "Not Found",
+                rpcPath,
+                eventsPath,
+            });
+        }
+        catch (error) {
+            writeJson(response, 500, {
+                error: error instanceof Error ? error.message : "ACP HTTP transport failed.",
+            });
+        }
+    });
+    const completed = new Promise((resolve, reject) => {
+        httpServer.once("close", resolve);
+        httpServer.once("error", reject);
+    });
+    await new Promise((resolve, reject) => {
+        httpServer.listen(port, hostname, () => resolve());
+        httpServer.once("error", reject);
+    });
+    const address = httpServer.address();
+    const resolvedPort = typeof address === "object" && address ? address.port : port;
+    return {
+        hostname,
+        port: resolvedPort,
+        rpcPath,
+        eventsPath,
+        rpcUrl: `http://${hostname}:${resolvedPort}${rpcPath}`,
+        eventsUrl: `http://${hostname}:${resolvedPort}${eventsPath}`,
+        completed,
+        close: async () => {
+            unsubscribe();
+            for (const response of Array.from(eventSubscribers)) {
+                response.end();
+            }
+            eventSubscribers.clear();
+            await new Promise((resolve, reject) => {
+                httpServer.close((error) => {
+                    if (error) {
+                        reject(error);
+                        return;
+                    }
+                    resolve();
+                });
+            });
+        },
+    };
+}

package/dist/runtime/harness/run/governance.js

@@ -57,6 +57,25 @@ function readRisk(value) {
 function readApprovalPolicy(value) {
     return value === "explicit-hitl" || value === "runtime-default" || value === "none" ? value : undefined;
 }
+function normalizeServerRef(value) {
+    if (typeof value !== "string" || value.trim().length === 0) {
+        return undefined;
+    }
+    const trimmed = value.trim();
+    return trimmed.startsWith("mcp/") ? trimmed : `mcp/${trimmed}`;
+}
+function readRemoteMcpMetadata(tool) {
+    const config = asObject(tool.config);
+    const mcpReference = asObject(config?.mcp);
+    const inlineServer = asObject(config?.mcpServer);
+    const transport = typeof inlineServer?.transport === "string" && inlineServer.transport.trim().length > 0
+        ? inlineServer.transport.trim()
+        : undefined;
+    return {
+        ...(normalizeServerRef(mcpReference?.serverRef) ? { serverRef: normalizeServerRef(mcpReference?.serverRef) } : {}),
+        ...(transport ? { transport } : {}),
+    };
+}
 function matchesToolPolicy(rule, policy) {
     const match = asObject(rule.match) ?? rule;
     const toolName = typeof match.toolName === "string" ? match.toolName.trim() : undefined;
@@ -102,14 +121,49 @@ function applyGovernanceOverrides(binding, policies) {
         return merged;
     });
 }
+function applyRemoteMcpGovernance(binding, policies) {
+    const governance = asObject(binding.harnessRuntime.governance);
+    const remoteMcp = asObject(governance?.remoteMcp);
+    if (!remoteMcp) {
+        return policies;
+    }
+    const requireApprovalTransports = new Set(readStringArray(remoteMcp.requireApprovalTransports));
+    const riskByTransport = asObject(remoteMcp.riskByTransport);
+    const inputRiskHintsByTransport = asObject(remoteMcp.inputRiskHintsByTransport);
+    return policies.map((policy) => {
+        if (policy.category !== "mcp") {
+            return policy;
+        }
+        const merged = { ...policy };
+        const transport = merged.mcpTransport;
+        if (transport && requireApprovalTransports.has(transport)) {
+            merged.requiresApproval = true;
+            if (merged.approvalPolicy === "none") {
+                merged.approvalPolicy = "runtime-default";
+            }
+        }
+        const transportRisk = transport ? readRisk(riskByTransport?.[transport]) : undefined;
+        if (transportRisk) {
+            merged.risk = transportRisk;
+        }
+        const transportHints = transport ? readStringArray(inputRiskHintsByTransport?.[transport]) : [];
+        if (transportHints.length > 0) {
+            merged.inputRiskHints = Array.from(new Set([...merged.inputRiskHints, ...transportHints]));
+        }
+        return merged;
+    });
+}
 export function buildRuntimeGovernanceBundles(binding) {
-    const toolPolicies = applyGovernanceOverrides(binding, getBindingPrimaryTools(binding).map((tool) => {
+    const toolPolicies = applyGovernanceOverrides(binding, applyRemoteMcpGovernance(binding, getBindingPrimaryTools(binding).map((tool) => {
         const requiresApproval = toolRequiresRuntimeApproval(tool);
+        const remoteMcp = readRemoteMcpMetadata(tool);
         return {
             toolName: tool.name,
             toolId: tool.id,
             toolType: tool.type,
             category: toCategory(tool.type),
+            ...(remoteMcp.serverRef ? { mcpServerRef: remoteMcp.serverRef } : {}),
+            ...(remoteMcp.transport ? { mcpTransport: remoteMcp.transport } : {}),
             risk: classifyRisk({
                 toolType: tool.type,
                 requiresApproval,
@@ -122,7 +176,7 @@ export function buildRuntimeGovernanceBundles(binding) {
             hasInputSchema: typeof tool.inputSchemaRef === "string" && tool.inputSchemaRef.trim().length > 0,
             inputRiskHints: inputHints(binding, tool),
         };
-    }));
+    })));
     if (toolPolicies.length === 0) {
         return [];
     }

package/dist/runtime/harness/system/policy-engine.js

@@ -12,6 +12,9 @@ export class PolicyEngine {
         const governance = typeof binding.harnessRuntime.governance === "object" && binding.harnessRuntime.governance
             ? binding.harnessRuntime.governance
             : undefined;
+        const remoteMcp = typeof governance?.remoteMcp === "object" && governance.remoteMcp
+            ? governance.remoteMcp
+            : undefined;
         const denyConfig = typeof governance?.deny === "object" && governance.deny
             ? governance.deny
             : undefined;
@@ -38,6 +41,72 @@ export class PolicyEngine {
                 reasons.push(`runtime governance denied tool access: ${blocked.map((tool) => tool.name).join(", ")}`);
             }
         }
+        if (remoteMcp) {
+            const normalizeServerRef = (value) => {
+                if (typeof value !== "string" || value.trim().length === 0) {
+                    return undefined;
+                }
+                const trimmed = value.trim();
+                return trimmed.startsWith("mcp/") ? trimmed : `mcp/${trimmed}`;
+            };
+            const allowServerRefs = new Set(Array.isArray(remoteMcp.allowServerRefs)
+                ? remoteMcp.allowServerRefs
+                    .map((item) => normalizeServerRef(item))
+                    .filter((item) => Boolean(item))
+                : []);
+            const denyServerRefs = new Set(Array.isArray(remoteMcp.denyServerRefs)
+                ? remoteMcp.denyServerRefs
+                    .map((item) => normalizeServerRef(item))
+                    .filter((item) => Boolean(item))
+                : []);
+            const denyTransports = new Set(Array.isArray(remoteMcp.denyTransports)
+                ? remoteMcp.denyTransports.filter((item) => typeof item === "string" && item.trim().length > 0).map((item) => item.trim())
+                : []);
+            const tools = binding.execution?.params?.tools ?? binding.langchainAgentParams?.tools ?? binding.deepAgentParams?.tools ?? [];
+            const deniedRemoteTools = tools.flatMap((tool) => {
+                if (tool.type !== "mcp") {
+                    return [];
+                }
+                const config = typeof tool.config === "object" && tool.config && !Array.isArray(tool.config)
+                    ? tool.config
+                    : undefined;
+                const mcpRef = typeof config?.mcp === "object" && config.mcp && !Array.isArray(config.mcp)
+                    ? config.mcp
+                    : undefined;
+                const inlineMcpServer = typeof config?.mcpServer === "object" && config.mcpServer && !Array.isArray(config.mcpServer)
+                    ? config.mcpServer
+                    : undefined;
+                const serverRef = normalizeServerRef(mcpRef?.serverRef);
+                const transport = typeof inlineMcpServer?.transport === "string" && inlineMcpServer.transport.trim().length > 0
+                    ? inlineMcpServer.transport.trim()
+                    : undefined;
+                const serverDenied = serverRef ? denyServerRefs.has(serverRef) || (allowServerRefs.size > 0 && !allowServerRefs.has(serverRef)) : false;
+                const transportDenied = transport ? denyTransports.has(transport) : false;
+                return serverDenied || transportDenied
+                    ? [{
+                            toolName: tool.name,
+                            ...(serverRef ? { serverRef } : {}),
+                            ...(transport ? { transport } : {}),
+                        }]
+                    : [];
+            });
+            if (deniedRemoteTools.length > 0) {
+                allowed = false;
+                const details = deniedRemoteTools.map((tool) => {
+                    if (tool.serverRef && tool.transport) {
+                        return `${tool.toolName} (${tool.serverRef}, ${tool.transport})`;
+                    }
+                    if (tool.serverRef) {
+                        return `${tool.toolName} (${tool.serverRef})`;
+                    }
+                    if (tool.transport) {
+                        return `${tool.toolName} (${tool.transport})`;
+                    }
+                    return tool.toolName;
+                });
+                reasons.push(`runtime governance denied remote MCP access: ${details.join(", ")}`);
+            }
+        }
         for (const evaluator of getPolicyEvaluators()) {
             const decision = evaluator.evaluate(binding);
             if (!decision) {

package/dist/runtime/harness.d.ts

@@ -1,4 +1,4 @@
-import type { ApprovalRecord, ArtifactListing, CancelOptions, HarnessEvent, HarnessStreamItem, RuntimeHealthSnapshot, ListMemoriesInput, ListMemoriesResult, MessageContent, RemoveMemoryInput, RunRecord, RunStartOptions, RestartConversationOptions, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, ResumeOptions, RunOptions, RunResult, RunSummary, MemoryRecord, MemorizeInput, MemorizeResult, RecallInput, RecallResult, UpdateMemoryInput, ThreadSummary, ThreadRecord, WorkspaceBundle } from "../contracts/types.js";
+import type { ApprovalRecord, ArtifactListing, CancelOptions, HarnessEvent, HarnessStreamItem, RuntimeHealthSnapshot, ListMemoriesInput, ListMemoriesResult, MessageContent, RemoveMemoryInput, RunRecord, RunStartOptions, RestartConversationOptions, RuntimeAdapterOptions, RuntimeEvaluationExport, RuntimeEvaluationExportInput, RuntimeEvaluationReplayInput, RuntimeEvaluationReplayResult, RuntimeRunPackage, RuntimeRunPackageInput, RuntimeSessionPackage, RuntimeSessionPackageInput, ResumeOptions, RunOptions, RunResult, RunSummary, MemoryRecord, MemorizeInput, MemorizeResult, RecallInput, RecallResult, UpdateMemoryInput, ThreadSummary, ThreadRecord, WorkspaceBundle } from "../contracts/types.js";
 import { type ToolMcpServerOptions } from "../mcp.js";
 import { type InventoryAgentRecord, type InventorySkillRecord } from "./harness/system/inventory.js";
 import type { RequirementAssessmentOptions } from "./harness/system/skill-requirements.js";
@@ -85,6 +85,8 @@ export declare class AgentHarnessRuntime {
     listArtifacts(threadId: string, runId: string): Promise<ArtifactListing>;
     readArtifact(threadId: string, runId: string, artifactPath: string): Promise<unknown>;
     listRunEvents(threadId: string, runId: string): Promise<HarnessEvent[]>;
+    exportRunPackage(input: RuntimeRunPackageInput): Promise<RuntimeRunPackage>;
+    exportSessionPackage(input: RuntimeSessionPackageInput): Promise<RuntimeSessionPackage>;
     exportEvaluationBundle(input: RuntimeEvaluationExportInput): Promise<RuntimeEvaluationExport>;
     replayEvaluationBundle(input: RuntimeEvaluationReplayInput): Promise<RuntimeEvaluationReplayResult>;
     listAgentSkills(agentId: string, options?: RequirementAssessmentOptions): InventorySkillRecord[];

package/dist/runtime/harness.js

@@ -484,6 +484,50 @@ export class AgentHarnessRuntime {
     async listRunEvents(threadId, runId) {
         return this.persistence.listRunEvents(threadId, runId);
     }
+    async exportRunPackage(input) {
+        const thread = await this.getThread(input.sessionId);
+        const run = await this.getRun(input.requestId);
+        const approvals = await this.listApprovals({ threadId: input.sessionId, runId: input.requestId });
+        const transcript = await this.persistence.listThreadMessages(input.sessionId, 500);
+        const events = await this.persistence.listRunEvents(input.sessionId, input.requestId);
+        const artifactsListing = input.includeArtifacts === false
+            ? { items: [] }
+            : await this.persistence.listArtifacts(input.sessionId, input.requestId);
+        const artifacts = await Promise.all(artifactsListing.items.map(async (artifact) => ({
+            ...artifact,
+            ...(input.includeArtifactContents === true
+                ? { content: await this.persistence.readArtifact(input.sessionId, input.requestId, artifact.path) }
+                : {}),
+        })));
+        return {
+            session: thread ? toSessionRecord(thread) : null,
+            request: run ? toRequestRecord(run) : null,
+            approvals,
+            transcript,
+            events,
+            artifacts,
+            ...(input.includeRuntimeHealth === false ? {} : { runtimeHealth: await this.getHealth() }),
+        };
+    }
+    async exportSessionPackage(input) {
+        const thread = await this.getThread(input.sessionId);
+        const runIds = Array.from(new Set((thread?.runs ?? []).map((item) => item.runId)));
+        const runs = await Promise.all(runIds.map((requestId) => this.exportRunPackage({
+            sessionId: input.sessionId,
+            requestId,
+            includeArtifacts: input.includeArtifacts,
+            includeArtifactContents: input.includeArtifactContents,
+            includeRuntimeHealth: false,
+        })));
+        return {
+            session: thread ? toSessionRecord(thread) : null,
+            requests: runs.map((item) => item.request).filter((item) => Boolean(item)),
+            approvals: await this.listApprovals({ threadId: input.sessionId }),
+            transcript: await this.persistence.listThreadMessages(input.sessionId, 500),
+            runs,
+            ...(input.includeRuntimeHealth === false ? {} : { runtimeHealth: await this.getHealth() }),
+        };
+    }
     async exportEvaluationBundle(input) {
         const thread = await this.getThread(input.sessionId);
         const run = await this.getRun(input.requestId);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@botbotgo/agent-harness",
-  "version": "0.0.160",
+  "version": "0.0.162",
   "description": "Workspace runtime for multi-agent applications",
   "type": "module",
   "packageManager": "npm@10.9.2",