@codemation/core-nodes 0.12.0 → 0.14.0

package/dist/index.d.ts

@@ -5,82 +5,27 @@ import { DependencyContainer as Container, InjectionToken as TypeToken } from "t
 import { ReadableStream } from "node:stream/web";
 
 //#region src/canvasIconName.d.ts
-/**
- * Canvas / agent presentation:
- * - Lucide: `lucide:<kebab-name>` or legacy kebab name
- * - Built-in brand SVGs: `builtin:<id>` (host resolves to shipped SVG assets under `public/canvas-icons/builtin/`)
- * - Simple Icons: `si:<slug>` (host cherry-picks from `simple-icons`) or builtin asset when slug matches
- * - Image URLs: `http(s):`, `data:`, `/…`
- */
 type CanvasIconName = string;
 //#endregion
 //#region ../core/src/contracts/testTriggerTypes.d.ts
-/**
- * Identifier minted by the host (or in-memory test runner) for one execution of a test suite.
- * One TestSuiteRun produces N child workflow runs, one per item yielded by `generateItems`.
- */
 type TestSuiteRunId = string;
-/**
- * Setup context passed to a {@link TestTriggerNodeConfig.generateItems} callback. Distinct from
- * {@link import("./runtimeTypes").TriggerSetupContext} on purpose: test triggers are not
- * activated by the live trigger lifecycle (webhooks, cron, polling) and never call `emit` —
- * the orchestrator pulls from the iterable they return and dispatches one run per item.
- */
 interface TestTriggerSetupContext<TConfig extends TestTriggerNodeConfig<unknown> = TestTriggerNodeConfig<unknown>> {
   readonly workflowId: WorkflowId;
   readonly nodeId: NodeId;
   readonly config: TConfig;
   readonly testSuiteRunId: TestSuiteRunId;
-  /**
-   * Resolves a credential session for a slot declared on this trigger's
-   * {@link import("./workflowTypes").NodeConfigBase.getCredentialRequirements}. Same contract as
-   * {@link import("./runtimeTypes").ExecutionContext.getCredential}.
-   */
   getCredential<TSession = unknown>(slotKey: string): Promise<TSession>;
-  /** AbortSignal raised when the suite is cancelled — long-running pulls should bail out. */
   readonly signal: AbortSignal;
 }
-/**
- * A trigger config that emits **test cases**. Each item yielded by {@link generateItems}
- * becomes one workflow run (with `executionOptions.testContext` set), so 10 yielded items
- * → 10 runs marked under the same TestSuiteRun.
- *
- * The trigger is otherwise a normal {@link TriggerNodeConfig} (so the canvas treats it like
- * any other trigger), but its `triggerKind` is `"test"` so the live activation policy skips it.
- */
 interface TestTriggerNodeConfig<TOutputJson$1 = unknown> extends TriggerNodeConfig<TOutputJson$1, undefined> {
   readonly triggerKind: "test";
-  /**
-   * Author-supplied async iterable of items, evaluated lazily. Implementations may fetch from
-   * credentialed APIs, read fixture files, or yield hard-coded items. The orchestrator iterates
-   * and dispatches one run per item, with concurrency capped by {@link concurrency} (default 4).
-   */
   generateItems(ctx: TestTriggerSetupContext<TestTriggerNodeConfig<TOutputJson$1>>): AsyncIterable<Item<TOutputJson$1>>;
-  /** Per-suite-run cap on simultaneously-executing test cases. Default: 4. */
   readonly concurrency?: number;
-  /**
-   * Free-form description of where the test cases come from — surfaced in the node properties
-   * panel and the suite-detail header so authors revisiting the workflow six months later
-   * remember which mailbox / folder / fixture file the cases originate from.
-   *
-   * Example: `"All emails in the Gmail label \"test/triage-fixtures\" — 14 messages as of 2026-05-03."`
-   */
   readonly description?: string;
-  /**
-   * Resolves a human-readable label for one yielded test case (e.g. email subject). The
-   * orchestrator calls this once per yielded item, persists the result on the run, and the
-   * Tests-tab UI uses it to render the case row instead of the opaque runId. Return
-   * `undefined` to fall back to "Case #N".
-   */
   caseLabel?(item: Item<TOutputJson$1>): string | undefined;
 }
 //#endregion
 //#region ../core/src/contracts/baseTypes.d.ts
-/**
- * Minimal base types that have no dependencies on other contracts.
- * Used by credentialTypes, workflowTypes, and other contract layers
- * to avoid circular dependencies.
- */
 type WorkflowId = string;
 type NodeId = string;
 type OutputPortKey = string;
@@ -166,13 +111,6 @@ interface TelemetrySpanScope extends TelemetryScope {
   readonly traceId: string;
   readonly spanId: string;
   end(args?: TelemetrySpanEnd): Promise<void> | void;
-  /**
-   * Lift this span into a {@link NodeExecutionTelemetry} scoped to a different (nodeId, activationId).
-   * Children created via the returned telemetry's `startChildSpan` get this span as their parent.
-   *
-   * Used at the sub-agent boundary so that nested runtime telemetry parents under the agent.tool.call
-   * span instead of the orchestrator's node-level span.
-   */
   asNodeTelemetry(args: Readonly<{
     nodeId: NodeId;
     activationId: NodeActivationId;
@@ -191,32 +129,8 @@ interface ExecutionTelemetry extends TelemetryScope {
 }
 //#endregion
 //#region ../core/src/contracts/agentMcpTypes.d.ts
-/**
- * An opaque MCP tool map: keyed by serverId → (toolName → tool definition).
- * Typed as unknown so core does not depend on the AI SDK's ToolSet type.
- * AIAgentNode (in core-nodes, which does depend on ai) casts this to
- * ReadonlyMap<string, ToolSet> before passing to DeferredMetaToolStrategyFactory.
- */
 type AgentMcpToolMap = ReadonlyMap<string, Readonly<Record<string, unknown>>>;
-/**
- * Contract implemented by the host. Resolves MCP server bindings for an agent run
- * via the standard credential-binding table (one slot per declared server, keyed
- * by `(workflowId, mcpConnectionNodeId, "credential")`), and returns a ready-to-use
- * tool map with wrapped execute callbacks for telemetry and 403 detection.
- * Core-nodes imports this interface so AIAgentNode can inject it without
- * depending on the host.
- */
 interface AgentMcpIntegration {
-  /**
-   * Look up the credential binding per server, validate scopes, open pool
-   * connections, and return a tool map keyed by serverId. Each tool's
-   * execute callback includes:
-   * - Telemetry child span (mcp.server_id, mcp.tool_name attributes)
-   * - 403/permission error detection → emits a NeedsReconsentEvent span event
-   *
-   * Throws `AgentBindError` on validation failures (missing server, unbound
-   * credential slot, missing credential instance, insufficient scopes).
-   */
   prepareMcpTools(args: {
     readonly workflowId: WorkflowId;
     readonly agentNodeId: NodeId;
@@ -232,44 +146,23 @@ interface AgentMcpIntegration {
         statusMessage?: string;
       }) => void;
     };
-    /** Per-MCP-tool-call invocation appender. Optional; when omitted the wrapper emits only telemetry spans. */
     readonly appendMcpInvocation?: (args: ConnectionInvocationAppendArgs) => Promise<void>;
-    /** Agent activation id to attach to each invocation record (used by canvas + inspector grouping). */
     readonly parentAgentActivationId?: NodeActivationId;
-    /** Per-item iteration id when the agent runs inside a per-item loop. */
     readonly iterationId?: NodeIterationId;
-    /** Item index (0-based) of the iteration that owns these tool calls. */
     readonly itemIndex?: number;
-    /** Parent invocation id when this agent is itself executing as a sub-agent. */
     readonly parentInvocationId?: ConnectionInvocationId;
   }): Promise<AgentMcpToolMap>;
 }
 //#endregion
 //#region ../core/src/contracts/assertionTypes.d.ts
-/**
- * One assertion emitted by an assertion-emitting node (a node whose config sets
- * `emitsAssertions: true`). Each emitted item on `main` carries one of these as `item.json`.
- *
- * Pass/fail is derived from `score >= (passThreshold ?? 0.5)` — see {@link deriveAssertionPassed}.
- * The `errored` marker is for cases where the assertion code itself threw (distinct from
- * "the assertion was evaluated and the score was low") and is treated as a hard fail in rollups
- * regardless of `score`.
- */
 interface AssertionResult {
   readonly name: string;
-  /** 0..1 score. Source of truth for pass/fail (compared against `passThreshold`). */
   readonly score: number;
-  /** 0..1 threshold for "passed". When omitted, consumers default to 0.5. */
   readonly passThreshold?: number;
-  /** True when evaluating the assertion threw — treated as fail regardless of `score`. */
   readonly errored?: true;
-  /** What the assertion expected. Free-form JSON; UIs render with a JSON viewer. */
   readonly expected?: JsonValue;
-  /** What the workflow actually produced. */
   readonly actual?: JsonValue;
-  /** Short human-readable explanation, especially for fails / errors. */
   readonly message?: string;
-  /** Bag of supplemental fields (e.g. judge prompt, judge raw response, comparison method). */
   readonly details?: Readonly<Record<string, JsonValue>>;
 }
 //#endregion
@@ -281,9 +174,6 @@ type ItemExprResolvedContext = Readonly<{
   activationId: NodeActivationId;
   data: RunDataSnapshot;
 }>;
-/**
- * Context aligned with former {@link ItemInputMapperContext} — use **`data`** to read any completed upstream node.
- */
 type ItemExprContext = ItemExprResolvedContext;
 type ItemExprArgs<TItemJson = unknown> = Readonly<{
   item: Item<TItemJson>;
@@ -302,30 +192,21 @@ type Expr<T, TItemJson = unknown> = ItemExpr<T, TItemJson>;
 type ParamDeep<T, TItemJson = unknown> = Expr<T, TItemJson> | (T extends readonly (infer U)[] ? ReadonlyArray<ParamDeep<U, TItemJson>> : never) | (T extends object ? { [K in keyof T]: ParamDeep<T[K], TItemJson> } : T);
 //#endregion
 //#region ../core/src/contracts/retryPolicySpec.types.d.ts
-/**
- * In-process retry policy for runnable nodes. Serialized configs use the same
- * `kind` discriminator (`JSON.stringify` / persisted workflows).
- *
- * `maxAttempts` is the total number of tries including the first (e.g. 3 means up to 2 delays after failures).
- */
 type RetryPolicySpec = NoneRetryPolicySpec | FixedRetryPolicySpec | ExponentialRetryPolicySpec;
 interface NoneRetryPolicySpec {
   readonly kind: "none";
 }
 interface FixedRetryPolicySpec {
   readonly kind: "fixed";
-  /** Total attempts including the first execution. Must be >= 1. */
   readonly maxAttempts: number;
   readonly delayMs: number;
 }
 interface ExponentialRetryPolicySpec {
   readonly kind: "exponential";
-  /** Total attempts including the first execution. Must be >= 1. */
   readonly maxAttempts: number;
   readonly initialDelayMs: number;
   readonly multiplier: number;
   readonly maxDelayMs?: number;
-  /** When true, each delay is multiplied by a random factor in [1, 1.2). */
   readonly jitter?: boolean;
 }
 //#endregion
@@ -354,22 +235,11 @@ type CredentialFieldSchema = Readonly<{
   type: "string" | "password" | "textarea" | "json" | "boolean";
   required?: true;
   order?: number;
-  /**
-   * Where this field appears in the credential dialog. Use `"advanced"` for optional or
-   * power-user fields; they render inside a collapsible section (see `CredentialTypeDefinition.advancedSection`).
-   * Defaults to `"default"` when omitted.
-   */
   visibility?: "default" | "advanced";
   placeholder?: string;
   helpText?: string;
-  /** When set, host resolves this field from process.env at runtime; env wins over stored values. */
   envVarName?: string;
-  /**
-   * When set, the dialog shows a copy action for this exact string (e.g. a static OAuth redirect URI
-   * pattern or documentation URL). Do not use for secret values.
-   */
   copyValue?: string;
-  /** Accessible label for the copy control (default: Copy). */
   copyButtonLabel?: string;
 }>;
 type CredentialRequirement = Readonly<{
@@ -414,20 +284,9 @@ type CredentialOAuth2AuthDefinition = Readonly<{
   clientSecretFieldKey?: string;
 } | {
   kind: "oauth2";
-  /**
-   * Free-form provider identifier for telemetry, DB rows, and Better Auth provider naming.
-   * Not used for any registry lookup — URLs come from {@link authorizeUrl} / {@link tokenUrl}.
-   */
   providerId: string;
-  /**
-   * Authorization endpoint. May contain `{publicFieldKey}` placeholders that the runtime
-   * substitutes from the credential's resolved public config (URL-encoded).
-   * Example: `https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize`
-   */
   authorizeUrl: string;
-  /** Token endpoint. Same templating rules as {@link authorizeUrl}. */
   tokenUrl: string;
-  /** Optional userinfo endpoint. Same templating rules as {@link authorizeUrl}. */
   userInfoUrl?: string;
   scopes: ReadonlyArray<string>;
   scopesFromPublicConfig?: CredentialOAuth2ScopesFromPublicConfig;
@@ -436,11 +295,8 @@ type CredentialOAuth2AuthDefinition = Readonly<{
 }>;
 type CredentialAuthDefinition = CredentialOAuth2AuthDefinition;
 type CredentialAdvancedSectionPresentation = Readonly<{
-  /** Collapsible section title (default: "Advanced"). */
   title?: string;
-  /** Optional short helper text shown inside the section (above the fields). */
   description?: string;
-  /** When true, the advanced section starts expanded. Default: false (collapsed). */
   defaultOpen?: boolean;
 }>;
 type CredentialTypeDefinition = Readonly<{
@@ -449,23 +305,11 @@ type CredentialTypeDefinition = Readonly<{
   description?: string;
   publicFields?: ReadonlyArray<CredentialFieldSchema>;
   secretFields?: ReadonlyArray<CredentialFieldSchema>;
-  /**
-   * Optional labels for the collapsible block that contains every field with `visibility: "advanced"`.
-   * If omitted, the UI still shows that block with defaults (title "Advanced", collapsed).
-   */
   advancedSection?: CredentialAdvancedSectionPresentation;
   supportedSourceKinds?: ReadonlyArray<CredentialMaterialSourceKind>;
   auth?: CredentialAuthDefinition;
 }>;
-/**
- * JSON-shaped credential field bag (public config, resolved secret material, etc.).
- */
 type CredentialJsonRecord = Readonly<Record<string, unknown>>;
-/**
- * Persisted credential instance with typed `publicConfig`.
- * Hosts may specialize `secretRef` with a stricter union while remaining
- * assignable here for session/test callbacks.
- */
 type CredentialInstanceRecord<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord> = Readonly<{
   instanceId: CredentialInstanceId;
   typeId: CredentialTypeId;
@@ -477,46 +321,30 @@ type CredentialInstanceRecord<TPublicConfig extends CredentialJsonRecord = Crede
   setupStatus: CredentialSetupStatus;
   createdAt: string;
   updatedAt: string;
-  /**
-   * Pointer to where the credential material bytes live. For OSS / standalone
-   * rows this is `{source: "local", ref: instanceId}` and the bytes co-locate
-   * with the row in the workspace DB. For managed-mode rows this is
-   * `{source: "control-plane", ref: <cp_id>}` and the bytes live at CP.
-   *
-   * The seam is read through `CredentialMaterialProvider`. See
-   * `docs/design/credentials-oauth-unification.md` ("Material provider seam").
-   */
   material: Readonly<{
     source: "local" | "control-plane";
     ref: string;
   }>;
 }>;
-/**
- * Arguments passed to `CredentialType.createSession` and `CredentialType.test`.
- * Declare `TPublicConfig` / `TMaterial` on `CredentialType` so implementations are checked
- * against your credential shapes (similar to `NodeExecutionContext.config` for nodes).
- */
 type CredentialSessionFactoryArgs<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord, TMaterial extends CredentialJsonRecord = CredentialJsonRecord> = Readonly<{
   instance: CredentialInstanceRecord<TPublicConfig>;
   material: TMaterial;
   publicConfig: TPublicConfig;
 }>;
 type CredentialSessionFactory<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord, TMaterial extends CredentialJsonRecord = CredentialJsonRecord, TSession = unknown> = (args: CredentialSessionFactoryArgs<TPublicConfig, TMaterial>) => Promise<TSession>;
+type CredentialAccessTokenSessionArgs<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord> = Readonly<{
+  accessToken: string;
+  grantedScopes: ReadonlyArray<string>;
+  publicConfig: TPublicConfig;
+}>;
+type CredentialAccessTokenSessionFactory<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord, TSession = unknown> = (args: CredentialAccessTokenSessionArgs<TPublicConfig>) => Promise<TSession>;
 type CredentialHealthTester<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord, TMaterial extends CredentialJsonRecord = CredentialJsonRecord> = (args: CredentialSessionFactoryArgs<TPublicConfig, TMaterial>) => Promise<CredentialHealth>;
-/**
- * Full credential type implementation: `definition` (UI/schema), `createSession`, and `test`.
- * Use this at registration and config boundaries; `CredentialTypeDefinition` is only the schema slice.
- */
 type CredentialType<TPublicConfig extends CredentialJsonRecord = CredentialJsonRecord, TMaterial extends CredentialJsonRecord = CredentialJsonRecord, TSession = unknown> = Readonly<{
   definition: CredentialTypeDefinition;
   createSession: CredentialSessionFactory<TPublicConfig, TMaterial, TSession>;
+  createSessionFromAccessToken?: CredentialAccessTokenSessionFactory<TPublicConfig, TSession>;
   test: CredentialHealthTester<TPublicConfig, TMaterial>;
 }>;
-/**
- * Credential type with unspecified generics — used for `CodemationConfig.credentialTypes`, the host registry,
- * and anywhere a concrete `CredentialType<YourPublic, YourMaterial, YourSession>` is placed in a heterogeneous list.
- * Using `any` here avoids unsafe `as` casts while keeping typed `satisfies CredentialType<…>` definitions.
- */
 type AnyCredentialType = CredentialType<any, any, unknown>;
 interface CredentialSessionService {
   getSession<TSession = unknown>(args: Readonly<{
@@ -529,65 +357,34 @@ interface CredentialSessionService {
 //#region ../core/src/contracts/mcpTypes.d.ts
 type McpServerTransport = "http";
 interface McpServerDeclaration {
-  /** Globally unique slug, e.g. "gmail". Workflow authors reference this. */
   id: string;
   displayName: string;
   description: string;
   transport: McpServerTransport;
   url: string;
-  /**
-   * Credential types accepted by this MCP server, matching CredentialRequirement.acceptedTypes.
-   * Absent or empty means no credential is required.
-   */
   acceptedCredentialTypes?: ReadonlyArray<string>;
-  /**
-   * Documentation only in MVP. The bind-time validator checks
-   * requiredScopes ⊆ CredentialInstance.scopesGranted.
-   */
   requiredScopes?: string[];
-  /** Non-secret static headers merged onto every MCP request. */
   staticHeaders?: Record<string, string>;
-  /**
-   * Overrides for tool descriptions advertised by the MCP server.
-   * Applied by the connection pool after tools/list.
-   * Key: exact tool name as returned by the server.
-   */
   toolDescriptionOverrides?: Record<string, string>;
 }
 //#endregion
 //#region ../core/src/contracts/collectionTypes.d.ts
-/**
- * Represents a typed store for a single collection.
- * All rows include auto-managed id, created_at, and updated_at fields.
- */
 interface CollectionStore<TRow extends Record<string, unknown> = Record<string, unknown>> {
-  /**
-   * Insert a new row. id, created_at, and updated_at are auto-populated.
-   */
   insert(row: TRow): Promise<TRow & {
     id: string;
     created_at: Date;
     updated_at: Date;
   }>;
-  /**
-   * Get a single row by id.
-   */
   get(id: string): Promise<(TRow & {
     id: string;
     created_at: Date;
     updated_at: Date;
   }) | null>;
-  /**
-   * Find a single row matching the provided filter.
-   */
   findOne(filter: Partial<TRow>): Promise<(TRow & {
     id: string;
     created_at: Date;
     updated_at: Date;
   }) | null>;
-  /**
-   * List rows with optional pagination and filtering.
-   */
   list(opts?: {
     limit?: number;
     offset?: number;
@@ -600,24 +397,15 @@ interface CollectionStore<TRow extends Record<string, unknown> = Record<string,
     }>;
     total: number;
   }>;
-  /**
-   * Update a row by id with partial data.
-   */
   update(id: string, patch: Partial<TRow>): Promise<TRow & {
     id: string;
     created_at: Date;
     updated_at: Date;
   }>;
-  /**
-   * Delete a row by id. Hard delete only (no soft delete).
-   */
   delete(id: string): Promise<{
     deleted: boolean;
   }>;
 }
-/**
- * Runtime collections context: keyed by collection name.
- */
 type CollectionsContext = Readonly<Record<string, CollectionStore>>;
 //#endregion
 //#region ../core/src/contracts/emitPorts.d.ts
@@ -628,20 +416,6 @@ type PortsEmission = Readonly<{
 }>;
 //#endregion
 //#region ../core/src/authoring/nodeBaseOptions.types.d.ts
-/**
- * Core-local copy of the per-instance authoring options every `define*` factory's `create(...)`
- * accepts in its trailing argument: a stable `id` plus a plain-language `description` (the
- * non-technical "what does this step do" line surfaced in the node sidebar).
- *
- * `description` is a first-class option — passed inline exactly like `id` — and is threaded onto
- * the config instance as an OWN ENUMERABLE field so it flows into the persisted workflow snapshot
- * (`WorkflowSnapshotCodec` serializes via `JSON.parse(JSON.stringify(config))`, which only captures
- * own enumerable properties — never a getter).
- *
- * `@codemation/core-nodes` declares an identical `NodeBaseOptions` for its bare-id built-in nodes;
- * core keeps its own copy because core must not depend on `@codemation/core-nodes` (dependency
- * direction). The two types are structurally identical by design.
- */
 interface NodeBaseOptions$1 {
   readonly id?: string;
   readonly description?: string;
@@ -649,6 +423,7 @@ interface NodeBaseOptions$1 {
 //#endregion
 //#region ../core/src/authoring/defineNode.types.d.ts
 type ResolvableCredentialType = AnyCredentialType | CredentialTypeId;
+type SessionForCredentialType<TCredential extends ResolvableCredentialType> = TCredential extends AnyCredentialType ? Awaited<ReturnType<TCredential["createSession"]>> : unknown;
 type DefinedNodeCredentialBinding = ResolvableCredentialType | Readonly<{
   readonly type: ResolvableCredentialType | ReadonlyArray<ResolvableCredentialType>;
   readonly label?: string;
@@ -657,6 +432,10 @@ type DefinedNodeCredentialBinding = ResolvableCredentialType | Readonly<{
   readonly helpUrl?: string;
 }>;
 type DefinedNodeCredentialBindings = Readonly<Record<string, DefinedNodeCredentialBinding>>;
+type SessionForBinding<TBinding extends DefinedNodeCredentialBinding> = TBinding extends Readonly<{
+  type: infer TType;
+}> ? TType extends ReadonlyArray<infer TEntry> ? SessionForCredentialType<TEntry & ResolvableCredentialType> : SessionForCredentialType<TType & ResolvableCredentialType> : SessionForCredentialType<TBinding & ResolvableCredentialType>;
+type DefinedNodeCredentialAccessors<TBindings extends DefinedNodeCredentialBindings | undefined> = TBindings extends DefinedNodeCredentialBindings ? Readonly<{ [TKey in keyof TBindings]: () => Promise<SessionForBinding<TBindings[TKey]>> }> : Readonly<Record<string, never>>;
 type DefinedNodeConfigInput<TConfigResolved extends CredentialJsonRecord, TItemJson> = ParamDeep<TConfigResolved, TItemJson>;
 interface DefinedNode<TKey$1 extends string, TConfig extends CredentialJsonRecord, TInputJson$1, TOutputJson$1, _TBindings extends DefinedNodeCredentialBindings | undefined = undefined> {
   readonly kind: "defined-node";
@@ -670,47 +449,17 @@ interface DefinedNode<TKey$1 extends string, TConfig extends CredentialJsonRecor
 }
 //#endregion
 //#region ../core/src/authoring/defineHumanApprovalNode.types.d.ts
-/**
- * Decision shape merged into `item.json` after a HITL approval task resolves.
- *
- * - `"approved"` / `"rejected"` — from a human decision (uses `approvedPredicate`).
- * - `"timed-out"` — timeout fired with `onTimeout: "halt"`.
- * - `"auto-accepted"` — timeout fired with `onTimeout: "auto-accept"`.
- */
 interface HumanApprovalDecisionResult {
   readonly status: "approved" | "rejected" | "timed-out" | "auto-accepted";
-  /** Identity of the person who decided; absent for automated outcomes. */
   readonly actor?: HumanTaskActor;
-  /** ISO 8601 timestamp of the decision. */
   readonly decidedAt?: Date;
-  /** Optional free-text note from the reviewer. */
   readonly note?: string;
-  /**
-   * Full raw decision payload (only present for `"approved"` / `"rejected"`).
-   * Shape is determined by the channel's `decisionSchema`.
-   */
   readonly payload?: Record<string, unknown>;
 }
-/**
- * Output item shape emitted by a `defineHumanApprovalNode`-based node.
- * Original `item.json` fields are preserved and `decision` is merged in.
- * If the input `item.json` already contained a `decision` key it is **overwritten**.
- */
 type HumanApprovalOutputJson<TInputJson$1 extends Record<string, unknown>> = TInputJson$1 & {
   readonly decision: HumanApprovalDecisionResult;
 };
-/**
- * Extends {@link DefinedNode} with the `humanApprovalToolBehavior` metadata marker.
- * Story 10 reads this field when attaching the node as an agent tool.
- */
 interface DefinedHumanApprovalNode<TKey$1 extends string, TConfig extends CredentialJsonRecord, TInputJson$1 extends Record<string, unknown>, TBindings extends DefinedNodeCredentialBindings | undefined = undefined> extends DefinedNode<TKey$1, TConfig, TInputJson$1, HumanApprovalOutputJson<TInputJson$1>, TBindings> {
-  /**
-   * Behavior hint consumed by the agent runtime (story 10) when this node is attached as a tool.
-   * `"return"` (default) — return the rejection to the agent as a tool result.
-   * `"halt"` — halt the agent run on rejection.
-   *
-   * Standalone DSL usage ignores this field.
-   */
   readonly humanApprovalToolBehavior: {
     onRejected: "return" | "halt";
   };
@@ -731,7 +480,6 @@ type BooleanWhenOverloads<TCurrentJson, TReturn> = {
 };
 //#endregion
 //#region ../core/src/workflow/dsl/WhenBuilder.d.ts
-/** Structurally identical to ChainCursorResolver's (unexported) ChainCursorEndpoint. */
 type WhenEndpoint = Readonly<{
   node: NodeRef;
   output: OutputPortKey;
@@ -741,32 +489,17 @@ declare class WhenBuilder<TCurrentJson> {
   private readonly wf;
   private readonly from;
   private readonly branchPort;
-  /** Tails of arms added by earlier `.when(...)` calls in this chain. */
   private readonly priorEndpoints;
-  /** Tail endpoint of the arm this builder added (set by addBranch). */
   private armEndpoint;
-  constructor(wf: WorkflowBuilder, from: NodeRef, branchPort: OutputPortKey, /** Tails of arms added by earlier `.when(...)` calls in this chain. */
-  priorEndpoints?: ReadonlyArray<WhenEndpoint>);
+  constructor(wf: WorkflowBuilder, from: NodeRef, branchPort: OutputPortKey, priorEndpoints?: ReadonlyArray<WhenEndpoint>);
   addBranch<TSteps extends ReadonlyArray<AnyRunnableNodeConfig>>(steps: TSteps & ValidStepSequence<TCurrentJson, TSteps>): this;
   readonly when: BooleanWhenOverloads<TCurrentJson, WhenBuilder<TCurrentJson>>;
-  /**
-   * Continue the trunk after a boolean `.when(...)` branch chain, auto-merging EVERY branch
-   * tail accumulated across the chain into the next node — the same fan-in the object form
-   * produces. Typed as `ChainCursor<TCurrentJson>` (the pre-branch item type): boolean arms
-   * carry no output guard so the merged item type is underdetermined — use the object form
-   * `.when({ true: [...], false: [...] })` when you need a precise merged type inline.
-   */
   then<TOutputJson$1, TConfig extends RunnableNodeConfig<TCurrentJson, TOutputJson$1>>(config: TConfig): ChainCursor<RunnableNodeOutputJson<TConfig>>;
-  /**
-   * Chainable human-approval step after a boolean `.when(...)` branch chain — merges every
-   * branch tail into the approval node. Mirrors `ChainCursor.humanApproval`.
-   */
   humanApproval<TKey$1 extends string, TConfig extends Record<string, unknown>, TBindings extends DefinedNodeCredentialBindings | undefined = undefined>(node: DefinedHumanApprovalNode<TKey$1, TConfig, TCurrentJson & Record<string, unknown>, TBindings>, config: TConfig, metadata?: {
     name?: string;
     nodeId?: string;
   }): ChainCursor<HumanApprovalOutputJson<TCurrentJson & Record<string, unknown>>>;
   build(): WorkflowDefinition;
-  /** Endpoints of every arm added so far in this chain (prior arms + this one). */
   private get accumulatedEndpoints();
   private toCursor;
 }
@@ -788,30 +521,10 @@ declare class ChainCursor<TCurrentJson> {
   private readonly endpoints;
   constructor(wf: WorkflowBuilder, endpoints: ReadonlyArray<ChainCursorEndpoint>);
   then<TOutputJson$1, TConfig extends RunnableNodeConfig<TCurrentJson, TOutputJson$1>>(config: TConfig): ChainCursor<RunnableNodeOutputJson<TConfig>>;
-  /**
-   * Append a step whose output is MERGED onto `item.json` (shallow, output-wins) instead of
-   * replacing it — so earlier fields (e.g. trigger metadata) survive a transform/OCR/extraction
-   * node. Use for any node in a pipeline where you need data from before it.
-   */
   thenMerge<TOutputJson$1, TConfig extends RunnableNodeConfig<TCurrentJson, TOutputJson$1>>(config: TConfig): ChainCursor<TCurrentJson & RunnableNodeOutputJson<TConfig>>;
   thenIntoInputHints<TOutputJson$1, TConfig extends RunnableNodeConfig<any, TOutputJson$1>>(config: TConfig): ChainCursor<RunnableNodeOutputJson<TConfig>>;
   readonly when: ChainCursorWhenOverloads<TCurrentJson>;
   route<TNextJson$1>(branches: Readonly<Record<OutputPortKey, (branch: ChainCursor<TCurrentJson>) => ChainCursor<TNextJson$1> | undefined>>): ChainCursor<TNextJson$1>;
-  /**
-   * Chainable shorthand for `.then(node.create(config, metadata?.name, metadata?.nodeId))`.
-   *
-   * Signals to readers that this step suspends the run and waits for a human decision.
-   * Throws at workflow-build time if `node` was not created via `defineHumanApprovalNode`.
-   *
-   * @example
-   * ```ts
-   * workflow
-   *   .trigger(...)
-   *   .humanApproval(inboxApproval, { title: "Approve?", body: "...", priority: "normal" })
-   *   .then(nextStep.create(...))
-   *   .build();
-   * ```
-   */
   humanApproval<TKey$1 extends string, TConfig extends Record<string, unknown>, TBindings extends DefinedNodeCredentialBindings | undefined = undefined>(node: DefinedHumanApprovalNode<TKey$1, TConfig, TCurrentJson & Record<string, unknown>, TBindings>, config: TConfig, metadata?: {
     name?: string;
     nodeId?: string;
@@ -839,20 +552,9 @@ declare class WorkflowBuilder {
 }
 //#endregion
 //#region ../core/src/contracts/runTypes.d.ts
-/**
- * Test-suite linkage for a run. When set, this run was started by a TestSuiteOrchestrator
- * as one test case inside a TestSuiteRun. The `IsTestRun` node and host-side persisters key
- * off the presence of this field. Subworkflow runs inherit it from their parent run.
- */
 interface RunTestContext {
   readonly testSuiteRunId: string;
   readonly testCaseIndex: number;
-  /**
-   * Optional human-friendly label for this test case (e.g. an email subject when fixtures
-   * are loaded from a mailbox). Resolved per item by `TestTrigger.caseLabel(item)` if set,
-   * persisted on `Run.test_case_label` so the Tests-tab tree-table can show "RFQ for batch 14"
-   * instead of "run_1777755971399_bbb86beac1396".
-   */
   readonly testCaseLabel?: string;
 }
 type NodeInputsByPort = Readonly<Record<InputPortKey, Items>>;
@@ -863,9 +565,7 @@ interface NodeExecutionError {
   stack?: string;
   details?: JsonValue;
 }
-/** Stable id for a single connection invocation row in {@link ConnectionInvocationRecord}. */
 type ConnectionInvocationId = string;
-/** Arguments for appending a {@link ConnectionInvocationRecord} (engine fills run/workflow ids and timestamps). */
 type ConnectionInvocationAppendArgs = Readonly<{
   invocationId: ConnectionInvocationId;
   connectionNodeId: NodeId;
@@ -884,7 +584,6 @@ type ConnectionInvocationAppendArgs = Readonly<{
   itemIndex?: number;
   parentInvocationId?: ConnectionInvocationId;
 }>;
-/** Reason a run transitioned to {@link RunStatus} `"halted"`. */
 type RunHaltReason = "hitl-rejected" | "hitl-timeout" | "hitl-cancelled";
 interface PendingNodeExecution {
   runId: RunId;
@@ -937,7 +636,6 @@ interface JsonObject {
 }
 type JsonValue = JsonPrimitive | JsonObject | JsonArray;
 type JsonArray = ReadonlyArray<JsonValue>;
-/** JSON value that is not a top-level array (nested arrays inside objects are allowed). */
 type JsonNonArray = JsonPrimitive | JsonObject;
 interface Edge {
   from: {
@@ -949,11 +647,6 @@ interface Edge {
     input: InputPortKey;
   };
 }
-/**
- * Named connection from a parent node to child nodes that exist in {@link WorkflowDefinition.nodes}
- * but are not traversed by the main execution graph. Parents are commonly executable nodes, but may
- * also be connection-owned nodes for recursive agent attachments.
- */
 interface WorkflowNodeConnection {
   readonly parentNodeId: NodeId;
   readonly connectionName: NodeConnectionName;
@@ -964,18 +657,10 @@ interface WorkflowDefinition {
   name: string;
   nodes: NodeDefinition[];
   edges: Edge[];
-  /**
-   * Optional metadata: which nodes are connection-owned children (e.g. AI agent `llm` / `tools` slots).
-   * When omitted, all nodes in {@link nodes} are treated as executable for topology.
-   */
   readonly connections?: ReadonlyArray<WorkflowNodeConnection>;
-  /** Directory + file-stem path under a workflow discovery root (for UI grouping only). */
   discoveryPathSegments?: readonly string[];
-  /** Retention for run JSON and binaries (seconds). Host/env may supply defaults when omitted. */
   readonly prunePolicy?: WorkflowPrunePolicySpec;
-  /** Whether to keep run data after completion. Host/env may supply defaults when omitted. */
   readonly storagePolicy?: WorkflowStoragePolicySpec;
-  /** Invoked after a node fails permanently (retries exhausted) and node error handler did not recover. */
   readonly workflowErrorHandler?: WorkflowErrorHandlerSpec;
 }
 interface NodeConfigBase {
@@ -984,59 +669,26 @@ interface NodeConfigBase {
   readonly name?: string;
   readonly id?: NodeId;
   readonly icon?: string;
-  /**
-   * Plain-language, non-technical explanation of what this node does, surfaced in the workflow
-   * inspector / node properties sidebar. A first-class config option every authorable node accepts
-   * directly (alongside `id`), so it flows into the persisted config the mappers read. Distinct from
-   * {@link inspectorSummary} (config-derived label/value rows).
-   */
   readonly description?: string;
   readonly execution?: Readonly<{
     hint?: "local" | "worker";
     queue?: string;
   }>;
-  /** In-process execute retries (runnable nodes). Triggers typically omit this. */
   readonly retryPolicy?: RetryPolicySpec;
-  /** Recover from execute failures; return outputs to continue, or rethrow to fail the node. */
   readonly nodeErrorHandler?: NodeErrorHandlerSpec;
-  /**
-   * When true, edges carrying zero items on an output port still schedule single-input downstream nodes.
-   * Decided from the **source** node that produced the (empty) output. Default (false/undefined): empty
-   * main batches skip downstream execution and propagate the empty path.
-   */
   readonly continueWhenEmptyOutput?: boolean;
-  /**
-   * Declared I/O port names for canvas authoring (unioned with ports inferred from edges).
-   * Use for dynamic routers (Switch) and future error ports.
-   */
   readonly declaredOutputPorts?: ReadonlyArray<OutputPortKey>;
   readonly declaredInputPorts?: ReadonlyArray<InputPortKey>;
   getCredentialRequirements?(): ReadonlyArray<CredentialRequirement>;
-  /**
-   * Marker: this node emits {@link import("./assertionTypes").AssertionResult}-shaped items on its
-   * `main` port. The TestSuiteOrchestrator (and host-side TestAssertionPersister) listen for
-   * `nodeCompleted` events from nodes with this flag set, and persist their output items as
-   * TestAssertion records (only when the run carries a `testContext`). Set on assertion node
-   * configs (e.g. `AssertionNodeConfig`, `StringEqualsAssertionNodeConfig`).
-   */
   readonly emitsAssertions?: true;
-  /**
-   * Static configuration summary surfaced in the workflow inspector — the design-time
-   * "what does this node do" panel that renders before any run telemetry exists.
-   *
-   * Return 2–6 short label/value pairs derived from this config (method + url for an HTTP
-   * call, model + tool list for an agent, schedule + timezone for a cron trigger, etc.).
-   * Values are truncated by the UI; aim for one line each. Return `undefined` to opt out
-   * — the inspector hides the section when no rows are produced.
-   *
-   * Implement on the config class instance so the function can read sibling config fields.
-   * `defineNode({ inspectorSummary })` plumbs through to this.
-   */
   inspectorSummary?(): ReadonlyArray<NodeInspectorSummaryRow> | undefined;
 }
-/**
- * One row of a node's static configuration summary. See {@link NodeConfigBase.inspectorSummary}.
- */
+interface PollingTriggerConfig {
+  getTriggerPollConfig(): Readonly<{
+    config: JsonObject;
+    pollIntervalMs?: number;
+  }>;
+}
 interface NodeInspectorSummaryRow {
   readonly label: string;
   readonly value: string;
@@ -1044,24 +696,11 @@ interface NodeInspectorSummaryRow {
 declare const runnableNodeInputType: unique symbol;
 declare const runnableNodeOutputType: unique symbol;
 declare const triggerNodeOutputType: unique symbol;
-/**
- * Runnable node: **`TInputJson`** is what **`inputSchema`** validates on **`item.json`** (the wire payload).
- * **`TOutputJson`** is emitted `item.json` on outputs.
- */
 interface RunnableNodeConfig<TInputJson$1 = unknown, TOutputJson$1 = unknown> extends NodeConfigBase {
   readonly kind: "node";
   readonly [runnableNodeInputType]?: TInputJson$1;
   readonly [runnableNodeOutputType]?: TOutputJson$1;
-  /**
-   * Optional Zod input contract for {@link RunnableNode} when not set on the node class.
-   * Resolution order: node instance `inputSchema`, then config `inputSchema`, then `z.unknown()`.
-   */
   readonly inputSchema?: ZodType<TInputJson$1>;
-  /**
-   * When an activation receives **zero** input items, the engine normally runs `execute` zero times.
-   * Set to **`runOnce`** to run `execute` once with an empty `items` batch (and a synthetic wire item for schema parsing).
-   * Used by batch-style callback nodes (built-in `Callback`) so `callback([], ctx)` still runs.
-   */
   readonly emptyBatchExecution?: "skip" | "runOnce";
 }
 declare const triggerNodeSetupStateType: unique symbol;
@@ -1069,11 +708,6 @@ interface TriggerNodeConfig<TOutputJson$1 = unknown, TSetupState$1 extends JsonV
   readonly kind: "trigger";
   readonly [triggerNodeOutputType]?: TOutputJson$1;
   readonly [triggerNodeSetupStateType]?: TSetupState$1;
-  /**
-   * Distinguishes triggers driven by the live activation policy (webhooks, cron, polling) from
-   * triggers driven only by the {@link TestSuiteOrchestrator}. `WorkflowActivation` skips
-   * `"test"` triggers; the orchestrator skips `"live"` triggers. Defaults to `"live"` when omitted.
-   */
   readonly triggerKind?: "live" | "test";
 }
 type RunnableNodeInputJson<TConfig extends RunnableNodeConfig<any, any>> = TConfig extends RunnableNodeConfig<infer TInputJson, any> ? TInputJson : never;
@@ -1124,27 +758,14 @@ type Items<TJson = unknown> = ReadonlyArray<Item<TJson>>;
 type NodeOutputs = Partial<Record<OutputPortKey, Items>>;
 type RunId = string;
 type NodeActivationId = string;
-/**
- * One per-item iteration of a runnable node's execute loop. Refines `NodeActivationId` for
- * per-item connection invocations and telemetry. Undefined when the executing node is a batch
- * node or trigger that does not iterate items.
- */
 type NodeIterationId = string;
 interface ParentExecutionRef {
   runId: RunId;
   workflowId: WorkflowId;
   nodeId: NodeId;
-  /** Subworkflow depth of the **spawning** run (0 = root). Passed when starting a child run. */
   subworkflowDepth?: number;
-  /** Effective max node activations from the parent run (propagated to child policy merge). */
   engineMaxNodeActivations?: number;
-  /** Effective max subworkflow depth from the parent run (propagated to child policy merge). */
   engineMaxSubworkflowDepth?: number;
-  /**
-   * Test-suite linkage inherited by the child subworkflow run. Set by whichever node
-   * spawns the subworkflow when its own `ctx.testContext` is present, so assertions
-   * emitted inside a subworkflow land under the correct parent test case.
-   */
   testContext?: RunTestContext;
 }
 interface RunDataSnapshot {
@@ -1156,7 +777,6 @@ interface ActivationIdFactory {
   makeActivationId(): NodeActivationId;
 }
 type UpstreamRefPlaceholder = `$${number}`;
-/** Whether to persist run execution data after the workflow finishes. */
 type WorkflowStoragePolicyMode = "ALL" | "SUCCESS" | "ERROR" | "NEVER";
 type WorkflowStoragePolicySpec = WorkflowStoragePolicyMode | TypeToken<WorkflowStoragePolicyResolver>;
 interface WorkflowStoragePolicyResolver {
@@ -1203,46 +823,25 @@ interface NodeErrorHandler {
 type NodeErrorHandlerSpec = TypeToken<NodeErrorHandler> | NodeErrorHandler;
 //#endregion
 //#region ../core/src/triggers/polling/PollingTriggerDedupWindow.d.ts
-/**
- * Merges processed-ID windows for polling triggers, capping the total to avoid unbounded growth.
- * Plugin code receives an instance of this class via {@link PollingTriggerHandle.dedup}.
- */
 declare class PollingTriggerDedupWindow {
   static readonly defaultCapN = 2000;
   merge(previous: ReadonlyArray<string>, incoming: ReadonlyArray<string>, capN?: number): ReadonlyArray<string>;
 }
 //#endregion
 //#region ../core/src/contracts/runtimeTypes.d.ts
-/** Opaque unique identifier for a single HumanTask instance. */
 type HumanTaskId = string;
-/**
- * Minimal handle handed to the `deliver` callback so it can route to the correct
- * inbox channel.
- */
 interface HumanTaskHandle {
   readonly taskId: HumanTaskId;
   readonly runId: string;
   readonly nodeId: string;
   readonly expiresAt: Date;
-  /** TODO: real signed URL; placeholder empty string for now. */
   readonly resumeUrl: string;
-  /**
-   * Arbitrary JSON metadata copied from `SuspensionRequest.request.metadata` at suspension time.
-   * Used by the agent runtime to round-trip the `agentCheckpoint` back to the
-   * resumed node via `ctx.resumeContext.task.metadata`.
-   */
   readonly metadata?: Readonly<Record<string, JsonValue>>;
 }
-/** Identity of the person who made a decision on the task. */
 interface HumanTaskActor {
   readonly actorId: string;
   readonly displayName?: string;
 }
-/**
- * Resume context injected into `NodeExecutionContext` when the engine re-activates
- * a previously suspended node. `defineHumanApprovalNode` wraps this with parsed
- * `TDecision`; at the engine layer `decision.value` is `unknown`.
- */
 interface ResumeContext {
   readonly decision: Readonly<{
     kind: "decided";
@@ -1294,11 +893,6 @@ interface NodeExecutionStatePublisher {
     error: Error;
   }): Promise<void>;
   appendConnectionInvocation(args: ConnectionInvocationAppendArgs): Promise<void>;
-  /**
-   * Annotates the current snapshot for `nodeId` with the id of the child run spawned by a
-   * SubWorkflow invocation. Called from `SubWorkflowNode.execute` after `runById` resolves.
-   * The engine's subsequent `markCompleted` call preserves the value via `previous.childRunId`.
-   */
   setChildRunId?(args: {
     nodeId: NodeId;
     childRunId: RunId;
@@ -1326,32 +920,16 @@ interface ExecutionBinaryService {
     activationId: NodeActivationId;
   }): NodeBinaryAttachmentService;
   openReadStream(attachment: BinaryAttachment): Promise<BinaryStorageReadResult | undefined>;
-  /**
-   * Reads all bytes from the attachment into a contiguous `Uint8Array`.
-   * Checks `attachment.size` against `maxBytes` *before* any allocation; throws a bounded-read
-   * error when exceeded (no OOM). Throws if the stream is unavailable or the byte count mismatches.
-   */
   getBytes(attachment: BinaryAttachment, maxBytes?: number): Promise<Uint8Array>;
-  /**
-   * Reads the attachment and decodes the bytes as UTF-8 text.
-   * Subject to the same bounded-read safety as `getBytes`.
-   */
   getText(attachment: BinaryAttachment, maxBytes?: number): Promise<string>;
-  /**
-   * Reads the attachment, decodes as UTF-8 text, and parses as JSON.
-   * Throws a clear error on invalid JSON. Subject to the same bounded-read safety.
-   */
   getJson<T = unknown>(attachment: BinaryAttachment, maxBytes?: number): Promise<T>;
 }
 interface ExecutionContext {
   runId: RunId;
   workflowId: WorkflowId;
   parent?: ParentExecutionRef;
-  /** This run's subworkflow depth (0 = root). */
   subworkflowDepth: number;
-  /** Effective activation budget cap for this run (after policy merge). */
   engineMaxNodeActivations: number;
-  /** Effective subworkflow nesting cap for this run (after policy merge). */
   engineMaxSubworkflowDepth: number;
   now: () => Date;
   data: RunDataSnapshot;
@@ -1359,28 +937,11 @@ interface ExecutionContext {
   telemetry: ExecutionTelemetry;
   binary: ExecutionBinaryService;
   getCredential<TSession = unknown>(slotKey: string): Promise<TSession>;
-  /** Per-item iteration id, set by {@link NodeExecutor} on the ctx passed into runnable `execute`. */
   iterationId?: NodeIterationId;
-  /** Item index (0-based) within the current activation's batch; set alongside {@link iterationId}. */
   itemIndex?: number;
-  /** When set, this ctx is executing inside a sub-agent triggered by the named parent invocation. */
   parentInvocationId?: ConnectionInvocationId;
-  /**
-   * Present iff the run was started by a TestSuiteOrchestrator. The {@link IsTestRunNode}
-   * branches on this; assertion-emitting nodes use it to decide whether to record results.
-   */
   testContext?: RunTestContext;
-  /**
-   * Collections registered in the codemation config, keyed by collection name.
-   */
   readonly collections?: CollectionsContext;
-  /**
-   * Resolve a DI token from the host container.
-   * Allows nodes to reach host-side services (e.g. `InboxChannelResolverToken`)
-   * without importing host code. Wired by `DefaultExecutionContextFactory`; throws
-   * a clear error when no resolver is configured (e.g. in unit tests that don't
-   * set up the full container).
-   */
   resolve<T>(token: TypeToken<T>): T;
 }
 interface NodeExecutionContext<TConfig extends NodeConfigBase = NodeConfigBase> extends ExecutionContext {
@@ -1389,18 +950,9 @@ interface NodeExecutionContext<TConfig extends NodeConfigBase = NodeConfigBase>
   config: TConfig;
   telemetry: NodeExecutionTelemetry;
   binary: NodeBinaryAttachmentService;
-  /**
-   * Present when this node activation is a HITL resume.
-   * The node checks `ctx.resumeContext !== undefined` and takes the resume branch.
-   */
   resumeContext?: ResumeContext;
 }
-interface PollingTriggerHandle {
-  /**
-   * Start the polling loop. The runtime registers its own cleanup handle so callers do not need to
-   * call {@link TriggerSetupContext.registerCleanup} for the loop.
-   * @returns The state returned by the first cycle (or `undefined` when the overlap guard fired).
-   */
+interface TriggerPollingPort {
   start<TState, TItem>(args: {
     intervalMs: number;
     seedState?: TState;
@@ -1412,7 +964,8 @@ interface PollingTriggerHandle {
       nextState: TState;
     }>;
   }): Promise<TState | undefined>;
-  /** Convenience dedup-window helper. */
+}
+interface PollingTriggerHandle extends TriggerPollingPort {
   readonly dedup: PollingTriggerDedupWindow;
 }
 interface TriggerSetupContext<TConfig extends TriggerNodeConfig<any, any> = TriggerNodeConfig<any, any>, TSetupState$1 extends JsonValue | undefined = TriggerNodeSetupState<TConfig>> extends ExecutionContext {
@@ -1421,7 +974,6 @@ interface TriggerSetupContext<TConfig extends TriggerNodeConfig<any, any> = Trig
   previousState: TSetupState$1;
   registerCleanup(cleanup: TriggerCleanupHandle): void;
   emit(items: Items): Promise<void>;
-  /** Generic polling-trigger surface. Pre-binds trigger id, emit, and registerCleanup. */
   readonly polling: PollingTriggerHandle;
 }
 interface TriggerTestItemsContext<TConfig extends TriggerNodeConfig<any, any> = TriggerNodeConfig<any, any>, TSetupState$1 extends JsonValue | undefined = TriggerNodeSetupState<TConfig>> extends ExecutionContext {
@@ -1433,12 +985,6 @@ interface TriggerTestItemsContext<TConfig extends TriggerNodeConfig<any, any> =
 interface TriggerCleanupHandle {
   stop(): Promise<void> | void;
 }
-/**
- * Per-item runnable node: return JSON, an array to fan-out on `main`, an explicit `Item`, or {@link emitPorts}
- * for multi-port emission. Engine applies `inputSchema.parse(item.json)` and passes the result as `args.input`
- * (wire `item.json` is unchanged). Transform helpers may opt into binary preservation, while routers and
- * pass-through nodes should return explicit items when they need to preserve full item state.
- */
 interface RunnableNodeExecuteArgs<TConfig extends RunnableNodeConfig<any, any> = RunnableNodeConfig<any, any>, TInputJson$1 = unknown> {
   readonly input: TInputJson$1;
   readonly item: Item;
@@ -1448,25 +994,12 @@ interface RunnableNodeExecuteArgs<TConfig extends RunnableNodeConfig<any, any> =
 }
 interface RunnableNode<TConfig extends RunnableNodeConfig<any, any> = RunnableNodeConfig<any, any>, TInputJson$1 = unknown, _TOutputJson = unknown> {
   readonly kind: "node";
-  /**
-   * Declared output ports (e.g. `["main"]`).
-   *
-   * Prefer describing dynamic router ports (Switch) and fixed multi-ports (If true/false)
-   * via {@link NodeConfigBase.declaredOutputPorts}. Engine defaults to `["main"]` when omitted.
-   */
   readonly outputPorts?: ReadonlyArray<OutputPortKey>;
-  /** When omitted, engine uses {@link RunnableNodeConfig.inputSchema} or `z.unknown()`. */
   readonly inputSchema?: ZodType<TInputJson$1>;
   execute(args: RunnableNodeExecuteArgs<TConfig, TInputJson$1>): Promise<unknown> | unknown;
 }
 interface MultiInputNode<TConfig extends NodeConfigBase = NodeConfigBase> {
   kind: "node";
-  /**
-   * Declared output ports (typically `["main"]`).
-   *
-   * Prefer describing ports for authoring/canvas via {@link NodeConfigBase.declaredOutputPorts}.
-   * Engine defaults to `["main"]` when omitted.
-   */
   outputPorts?: ReadonlyArray<OutputPortKey>;
   executeMulti(inputsByPort: NodeInputsByPort, ctx: NodeExecutionContext<TConfig>): Promise<NodeOutputs>;
 }
@@ -1525,11 +1058,6 @@ type ToolExecuteArgs<TConfig extends ToolConfig = ToolConfig, TInput = unknown>
   item: Item;
   itemIndex: number;
   items: Items;
-  /**
-   * Optional sub-agent boundary hooks: when present, the live `agent.tool.call` span and the
-   * planned tool-call invocationId are forwarded so node-backed runtimes can re-root their child
-   * execution scope. Plain function tools may safely ignore these hooks.
-   */
   hooks?: Readonly<{
     parentSpan?: TelemetrySpanScope;
     parentInvocationId?: ConnectionInvocationId;
@@ -1551,12 +1079,7 @@ interface AgentMessageTemplate<TInputJson$1 = unknown> {
   readonly role: AgentMessageRole;
   readonly content: AgentMessageTemplateContent<TInputJson$1>;
 }
-/** A single prompt line: fixed DTO or template with optional function `content`. */
 type AgentMessageLine<TInputJson$1 = unknown> = AgentMessageDto | AgentMessageTemplate<TInputJson$1>;
-/**
- * Message list for an agent. Prefer a **plain array** of `{ role, content }` (optionally with function `content` for templates).
- * Use the object form only when you need `buildMessages` to append messages after optional `prompt` lines.
- */
 type AgentMessageConfig<TInputJson$1 = unknown> = Expr<ReadonlyArray<AgentMessageLine<TInputJson$1>>, TInputJson$1> | ReadonlyArray<AgentMessageLine<TInputJson$1>> | {
   readonly prompt?: ReadonlyArray<AgentMessageLine<TInputJson$1>>;
   readonly buildMessages?: (args: AgentMessageBuildArgs<TInputJson$1>) => ReadonlyArray<AgentMessageDto>;
@@ -1584,25 +1107,10 @@ interface ChatModelConfig {
   readonly presentation?: AgentCanvasPresentation;
   getCredentialRequirements?(): ReadonlyArray<CredentialRequirement>;
 }
-/**
- * Provider-neutral chat language model wrapper returned by a {@link ChatModelFactory}.
- *
- * Thin adapter around an AI SDK `LanguageModelV2` (from `@ai-sdk/provider`) plus the call-site
- * defaults Codemation needs at every generate/stream: the provider label, the model name used for
- * pricing / telemetry, and the default invocation options (max output tokens, temperature,
- * provider-specific overrides).
- *
- * The consumer (AIAgentNode / AgentStructuredOutputRunner) passes `languageModel` directly into
- * `generateText({ model, ... })` from the `ai` package.
- */
 interface ChatLanguageModel {
-  /** AI SDK `LanguageModelV2` instance (kept `unknown` to avoid leaking the SDK type into `@codemation/core`). */
   readonly languageModel: unknown;
-  /** Stable pricing/telemetry key — e.g. `"gpt-4.1-nano"`. */
   readonly modelName: string;
-  /** Provider label — e.g. `"openai"`. Used for cost tracking. */
   readonly provider?: string;
-  /** Defaults merged into every call. Consumers may override per-invocation. */
   readonly defaultCallOptions?: ChatLanguageModelCallOptions;
 }
 interface ChatLanguageModelCallOptions {
@@ -1610,14 +1118,8 @@ interface ChatLanguageModelCallOptions {
   readonly temperature?: number;
   readonly providerOptions?: Readonly<Record<string, Readonly<Record<string, JsonValue>>>>;
 }
-/**
- * Options for a structured-output generate call. Mirrors
- * `generateText({ output: Output.object(...) })` from the `ai` package.
- */
 interface StructuredOutputOptions {
-  /** Optional schema name — used by some providers as the JSON schema name attribute. */
   readonly schemaName?: string;
-  /** When `true`, the consumer should pass a strict-mode-compatible JSON Schema record. */
   readonly strict?: boolean;
 }
 interface ChatModelFactory<TConfig extends ChatModelConfig = ChatModelConfig> {
@@ -1652,12 +1154,6 @@ type NodeBackedToolConfigOptions<TNodeConfig extends RunnableNodeConfig<any, any
   outputSchema: TOutputSchema;
   mapInput?: NodeBackedToolInputMapper<TNodeConfig, input<TInputSchema>>;
   mapOutput?: NodeBackedToolOutputMapper<TNodeConfig, input<TInputSchema>, output<TOutputSchema>>;
-  /**
-   * Marks THIS tool binding as human-in-the-loop and sets the behavior when a human rejects the
-   * approval: `"return"` feeds the rejection back to the agent as a tool result, `"halt"` stops the
-   * run. Set per binding, so two tools backed by the same node can reject differently. When set, it
-   * takes precedence over any `humanApprovalToolBehavior` marker carried by the backing node.
-   */
   onRejected?: "halt" | "return";
 }>;
 interface AgentNodeConfig<TInputJson$1 = unknown, TOutputJson$1 = unknown> extends RunnableNodeConfig<TInputJson$1, TOutputJson$1> {
@@ -1668,23 +1164,59 @@ interface AgentNodeConfig<TInputJson$1 = unknown, TOutputJson$1 = unknown> exten
   readonly outputSchema?: ZodType<TOutputJson$1>;
 }
 //#endregion
+//#region ../core/src/authoring/definePollingTrigger.types.d.ts
+type MaybePromise$1<TValue> = TValue | Promise<TValue>;
+interface DefinePollingTriggerPollContext<TConfig extends CredentialJsonRecord, TState extends JsonValue | undefined, TBindings extends DefinedNodeCredentialBindings | undefined> {
+  readonly config: TConfig;
+  readonly state: TState;
+  readonly credentials: DefinedNodeCredentialAccessors<TBindings>;
+}
+interface DefinePollingTriggerPollResult<TItemJson, TState extends JsonValue | undefined> {
+  readonly items: ReadonlyArray<{
+    json: TItemJson;
+    dedupKey?: string;
+  }>;
+  readonly nextState: TState;
+}
+interface DefinedPollingTrigger<TKey$1 extends string, TConfig extends CredentialJsonRecord, TItemJson, TState extends JsonValue | undefined, TBindings extends DefinedNodeCredentialBindings | undefined = undefined> {
+  readonly kind: "defined-polling-trigger";
+  readonly key: TKey$1;
+  readonly title: string;
+  readonly description?: string;
+  create(cfg: TConfig, name?: string, idOrOptions?: string | NodeBaseOptions$1): DefinedPollingTriggerConfig<TConfig, TItemJson>;
+  poll(pollCtx: Omit<DefinePollingTriggerPollContext<TConfig, TState, TBindings>, "credentials"> & {
+    credentials?: DefinedNodeCredentialAccessors<TBindings>;
+  }): MaybePromise$1<DefinePollingTriggerPollResult<TItemJson, TState>>;
+  register(context: {
+    registerNode<TValue>(token: TypeToken<TValue>, implementation?: TypeToken<TValue>): void;
+  }): void;
+}
+declare class DefinedPollingTriggerConfig<TConfig extends CredentialJsonRecord, TItemJson> implements TriggerNodeConfig<TItemJson, JsonValue | undefined>, PollingTriggerConfig {
+  readonly name: string;
+  readonly cfg: TConfig;
+  private readonly credentialRequirements;
+  private readonly inspectorSummaryFn?;
+  private readonly defaultPollIntervalMs?;
+  readonly kind: "trigger";
+  readonly type: TypeToken<unknown>;
+  readonly icon: string | undefined;
+  readonly id?: string;
+  readonly description?: string;
+  constructor(name: string, cfg: TConfig, typeToken: TypeToken<unknown>, icon: string | undefined, credentialRequirements: ReadonlyArray<CredentialRequirement>, idOrOptions?: string | NodeBaseOptions$1, inspectorSummaryFn?: ((args: Readonly<{
+    config: TConfig;
+  }>) => ReadonlyArray<NodeInspectorSummaryRow> | undefined) | undefined, defaultPollIntervalMs?: number | undefined);
+  getCredentialRequirements(): ReadonlyArray<CredentialRequirement>;
+  getTriggerPollConfig(): Readonly<{
+    config: JsonObject;
+    pollIntervalMs?: number;
+  }>;
+  inspectorSummary(): ReadonlyArray<NodeInspectorSummaryRow> | undefined;
+}
+//#endregion
 //#region ../core/src/ai/AgentConnectionNodeCollector.d.ts
 type McpServerResolver = (id: string) => McpServerDeclaration | undefined;
 //#endregion
 //#region ../core/src/execution/ChildExecutionScopeFactory.d.ts
-/**
- * Builds a re-rooted child execution context for sub-agent (and other deeply-nested) invocations.
- *
- * At the orchestrator's `agent.tool.call` boundary the inner runtime needs a ctx whose:
- * - `nodeId` is the tool's connection node id (so inner LLM/tool connection ids derive correctly),
- * - `activationId` is fresh (so its connection-invocation rows are uniquely identifiable),
- * - `telemetry` parents children under the tool-call span (not the orchestrator's node span),
- * - `binary` is scoped to the new (nodeId, activationId),
- * - `parentInvocationId` points back to the tool-call invocation for downstream lineage.
- *
- * Registered via factory in {@link EngineRuntimeRegistrar} so constructors stay free of parameter
- * decorators (Next/SWC and coverage tooling cannot parse them on in-repo sources).
- */
 declare class ChildExecutionScopeFactory {
   private readonly activationIdFactory;
   constructor(activationIdFactory: ActivationIdFactory);
@@ -1698,9 +1230,6 @@ declare class ChildExecutionScopeFactory {
 }
 //#endregion
 //#region ../core/src/execution/ItemExprResolver.d.ts
-/**
- * Resolves {@link import("../contracts/itemExpr").ItemExpr} leaves on runnable config before {@link RunnableNode.execute}.
- */
 declare class ItemExprResolver {
   resolveConfigForItem<TConfig extends RunnableNodeConfig<any, any>>(ctx: NodeExecutionContext<TConfig>, item: Item, itemIndex: number, items: ReadonlyArray<Item>): Promise<NodeExecutionContext<TConfig>>;
 }
@@ -1732,23 +1261,11 @@ declare class NodeOutputNormalizer {
 }
 //#endregion
 //#region src/http/httpRequest.types.d.ts
-/**
- * Binary reference key into `item.binary`.
- */
 type BinaryRef = string;
-/**
- * Discriminated union for the HTTP request body.
- */
 type HttpBodySpec = Readonly<{
   kind: "none";
 }> | Readonly<{
   kind: "json";
-  /**
-   * Serializable object/array to encode as the JSON body. Encoded exactly once via
-   * `JSON.stringify`, so pass the value directly (e.g. `{ a: 1 }`) — never a
-   * pre-stringified string (`JSON.stringify(...)`), which would double-encode it.
-   * Typed as `object` so a bare string/primitive is a compile-time error.
-   */
   data: object;
 }> | Readonly<{
   kind: "form";
@@ -1758,34 +1275,16 @@ type HttpBodySpec = Readonly<{
   fields: Readonly<Record<string, string>>;
   binaries?: Readonly<Record<string, BinaryRef>>;
 }> | Readonly<{
-  /**
-   * Send raw bytes from a binary slot as the request body.
-   * The binary attachment's `mimeType` is used as `Content-Type` unless
-   * the request `headers` map already contains `content-type`.
-   */
   kind: "binary";
-  /** Key into `item.binary` to read the request body bytes from. */
   slot: string;
 }>;
-/**
- * Session interface that credential types implement.
- * Returns header/query deltas so the executor can merge them without
- * mutating the immutable HttpRequestSpec.
- */
 interface CredentialSession {
   applyToRequest(spec: HttpRequestSpec): HttpCredentialDelta;
 }
-/**
- * Mutations the credential session wants to apply to the outgoing request.
- */
 type HttpCredentialDelta = Readonly<{
   headers?: Readonly<Record<string, string>>;
   query?: Readonly<Record<string, string>>;
 }>;
-/**
- * Full specification of one HTTP request. All URLs are fully resolved before
- * being passed here (template substitution already applied by the caller).
- */
 type HttpRequestSpec = Readonly<{
   url: string;
   method: string;
@@ -1797,27 +1296,12 @@ type HttpRequestSpec = Readonly<{
     mode: "auto" | "always" | "never";
     binaryName: string;
   }>;
-  /**
-   * When set to `"binary"`, the response body is written to a binary slot
-   * instead of being parsed as JSON/text. Overrides `download` mode.
-   */
   responseFormat?: "json" | "text" | "binary";
-  /** Binary slot name for the response body when `responseFormat === "binary"`. Defaults to `"response"`. */
   responseBinarySlot?: string;
-  /** Maximum allowed response size in bytes (checked against Content-Length before allocating). Defaults to 100 MiB. */
   responseSizeCapBytes?: number;
-  /**
-   * When `false` (default), requests whose target host resolves to an RFC-1918,
-   * link-local (169.254/16), or loopback address are blocked to prevent SSRF attacks.
-   * Set to `true` only for workflows that intentionally reach private infrastructure.
-   */
   allowPrivateNetworkTargets?: boolean;
-  /** Execution context — needed for binary attach. */
   ctx: NodeExecutionContext<RunnableNodeConfig<unknown, unknown>>;
 }>;
-/**
- * Result of executing an HTTP request.
- */
 type HttpRequestResult = Readonly<{
   url: string;
   method: string;
@@ -1829,20 +1313,13 @@ type HttpRequestResult = Readonly<{
   json?: unknown;
   text?: string;
   bodyBinaryName?: string;
-  /** Set when `responseFormat === "binary"`. Name of the binary slot the response body was written to. */
   binarySlot?: string;
-  /** Set when `responseFormat === "binary"`. The MIME type of the stored response. */
   contentType?: string;
-  /** Set when `responseFormat === "binary"`. Size in bytes of the stored response. */
   size?: number;
-  /** Set when `responseFormat === "binary"`. Filename inferred from URL or Content-Disposition. */
   filename?: string;
 }>;
 //#endregion
 //#region src/credentials/ApiKeyCredentialType.d.ts
-/**
- * API key credential that injects a key either as an HTTP header or a query parameter.
- */
 declare const apiKeyCredentialType: Readonly<{
   definition: Readonly<{
     typeId: CredentialTypeId;
@@ -1860,6 +1337,10 @@ declare const apiKeyCredentialType: Readonly<{
   }, {
     apiKey: unknown;
   }, CredentialSession>;
+  createSessionFromAccessToken?: CredentialAccessTokenSessionFactory<{
+    placement: unknown;
+    name: unknown;
+  }, CredentialSession> | undefined;
   test: CredentialHealthTester<{
     placement: unknown;
     name: unknown;
@@ -1871,10 +1352,6 @@ declare const apiKeyCredentialType: Readonly<{
 };
 //#endregion
 //#region src/credentials/BasicAuthCredentialType.d.ts
-/**
- * HTTP Basic authentication credential.
- * Session sets `Authorization: Basic <base64(username:password)>`.
- */
 declare const basicAuthCredentialType: Readonly<{
   definition: Readonly<{
     typeId: CredentialTypeId;
@@ -1891,6 +1368,9 @@ declare const basicAuthCredentialType: Readonly<{
   }, {
     password: unknown;
   }, CredentialSession>;
+  createSessionFromAccessToken?: CredentialAccessTokenSessionFactory<{
+    username: unknown;
+  }, CredentialSession> | undefined;
   test: CredentialHealthTester<{
     username: unknown;
   }, {
@@ -1901,10 +1381,6 @@ declare const basicAuthCredentialType: Readonly<{
 };
 //#endregion
 //#region src/credentials/BearerTokenCredentialType.d.ts
-/**
- * Simple Bearer token credential.
- * Session sets `Authorization: Bearer <token>` on every request.
- */
 declare const bearerTokenCredentialType: Readonly<{
   definition: Readonly<{
     typeId: CredentialTypeId;
@@ -1919,6 +1395,7 @@ declare const bearerTokenCredentialType: Readonly<{
   createSession: CredentialSessionFactory<Readonly<Record<string, unknown>>, {
     token: unknown;
   }, CredentialSession>;
+  createSessionFromAccessToken?: CredentialAccessTokenSessionFactory<Readonly<Record<string, unknown>>, CredentialSession> | undefined;
   test: CredentialHealthTester<Readonly<Record<string, unknown>>, {
     token: unknown;
   }>;
@@ -1927,24 +1404,6 @@ declare const bearerTokenCredentialType: Readonly<{
 };
 //#endregion
 //#region src/credentials/OAuth2ClientCredentialsTypeFactory.d.ts
-/**
- * OAuth2 client-credentials flow credential.
- *
- * This is a machine-to-machine flow: no user redirect occurs. The session
- * POSTs to the configured `tokenUrl` with `client_credentials` grant, caches
- * the resulting access token for the duration of the session, and injects it
- * as `Authorization: Bearer <token>` on each request.
- *
- * Token caching is per-session only (one createSession call = one token fetch
- * at most). Cross-session caching would require host-level state and is out of
- * scope here. Because the engine creates a fresh session per execution, a new
- * token is fetched once per node activation.
- *
- * NOTE: `auth` is intentionally omitted from the definition. The OAuth2
- * `auth: { kind: "oauth2" }` shape signals an authorization-code / user-redirect
- * flow; using it here would cause the host UI to render an OAuth consent button
- * that goes nowhere. Client-credentials is a purely server-side flow.
- */
 declare const oauth2ClientCredentialsType: Readonly<{
   definition: Readonly<{
     typeId: CredentialTypeId;
@@ -1964,6 +1423,11 @@ declare const oauth2ClientCredentialsType: Readonly<{
     clientId: unknown;
     clientSecret: unknown;
   }, CredentialSession>;
+  createSessionFromAccessToken?: CredentialAccessTokenSessionFactory<{
+    tokenUrl: unknown;
+    scopes: unknown;
+    audience: unknown;
+  }, CredentialSession> | undefined;
   test: CredentialHealthTester<{
     tokenUrl: unknown;
     scopes: unknown;
@@ -1977,51 +1441,16 @@ declare const oauth2ClientCredentialsType: Readonly<{
 };
 //#endregion
 //#region src/http/SSRFBlockedError.d.ts
-/**
- * Thrown when an HTTP request target resolves to a private, link-local, or
- * loopback address and `allowPrivateNetworkTargets` is not set.
- */
 declare class SSRFBlockedError extends Error {
   readonly resolvedIp: string;
   constructor(host: string, resolvedIp: string);
 }
 //#endregion
 //#region src/http/SsrfGuard.d.ts
-/**
- * Guards HTTP requests against Server-Side Request Forgery (SSRF) by
- * DNS-resolving the target host and rejecting private/link-local/loopback
- * addresses.
- *
- * Blocked ranges:
- * - RFC-1918: 10/8, 172.16/12, 192.168/16
- * - Link-local: 169.254/16
- * - Loopback: 127/8, ::1
- *
- * When `allowedOutboundHosts` is set, every resolved DNS target must match
- * at least one entry in the list (exact hostname or `*.example.com` wildcard).
- * When unset, existing behaviour applies: private ranges blocked, public allowed.
- *
- * Call {@link check} before making any outbound HTTP request.
- * Pass `allowPrivate: true` to bypass the private-network guard for trusted workflows
- * (allowedOutboundHosts allowlist is still applied when set).
- */
 declare class SsrfGuard {
   private readonly allowedOutboundHosts?;
   constructor(allowedOutboundHosts?: ReadonlyArray<string> | undefined);
-  /**
-   * Resolves the host of `url` via DNS and throws {@link SSRFBlockedError}
-   * if any resolved address falls in a blocked range, or if the host does not
-   * match the operator-configured allowlist (when set).
-   *
-   * @param url - Fully-qualified URL of the intended request target.
-   * @param allowPrivate - When `true`, the private-network check is skipped.
-   *   The allowedOutboundHosts check is still applied when set.
-   */
   check(url: string, allowPrivate: boolean): Promise<void>;
-  /**
-   * Returns true when `host` matches at least one entry in `allowedOutboundHosts`.
-   * Supports exact hostnames (`api.example.com`) and wildcard prefixes (`*.example.com`).
-   */
   private isHostAllowed;
   private isPrivateAddress;
   private isPrivateIPv4;
@@ -2030,26 +1459,11 @@ declare class SsrfGuard {
 //#endregion
 //#region src/authoring/defineRestNode.types.d.ts
 type MaybePromise<T> = T | Promise<T>;
-/**
- * API endpoint descriptor.
- */
 type RestNodeApi = Readonly<{
-  /**
-   * Base URL, e.g. `"https://api.slack.com"`.
-   */
   baseUrl: string;
-  /**
-   * Path relative to `baseUrl`. May contain `{paramName}` placeholders that
-   * are substituted from `input` keys before the request is made.
-   * Example: `"/users/{userId}/profile"`
-   */
   path: string;
-  /** HTTP method (default: GET). */
   method?: string;
 }>;
-/**
- * The HTTP result shape passed into the `response` mapper.
- */
 type RestNodeResponseContext = Readonly<{
   status: number;
   ok: boolean;
@@ -2059,24 +1473,12 @@ type RestNodeResponseContext = Readonly<{
   json?: unknown;
   text?: string;
 }>;
-/**
- * What the `request` callback may return to customise the request.
- */
 type RestNodeRequestShape = Readonly<{
-  /** Additional path parameters to substitute (merged with `input`). */
   pathParams?: Readonly<Record<string, string>>;
-  /** Extra query params. */
   query?: Readonly<Record<string, string>>;
-  /** Extra headers. */
   headers?: Readonly<Record<string, string>>;
-  /** Request body. */
   body?: HttpBodySpec;
 }>;
-/**
- * Error handling policy for non-2xx responses.
- *  - `"throw"` (default) — throws an `Error` for non-2xx responses.
- *  - `"passthrough"` — returns the result regardless of status.
- */
 type RestNodeErrorPolicy = "throw" | "passthrough";
 interface DefineRestNodeOptions<TKey$1 extends string, TCredentials extends DefinedNodeCredentialBindings | undefined, TInputJson$1, TOutputJson$1> {
   readonly key: TKey$1;
@@ -2084,68 +1486,19 @@ interface DefineRestNodeOptions<TKey$1 extends string, TCredentials extends Defi
   readonly description?: string;
   readonly icon?: string;
   readonly api: RestNodeApi;
-  /**
-   * Credential bindings keyed by slot. Use the built-in credential types from
-   * `@codemation/core-nodes` (e.g. `bearerTokenCredentialType`) or any custom one.
-   * The slot key must match what the `request` callback's context uses.
-   */
   readonly credentials?: TCredentials;
-  /**
-   * Zod schema for per-item input. Validated before `execute`.
-   */
   readonly inputSchema?: ZodType<TInputJson$1>;
-  /**
-   * Builds the per-request customisations from the item input.
-   * Return `body`, `query`, `headers`, and/or `pathParams`.
-   */
   request?(context: Readonly<{
     input: TInputJson$1;
   }>): MaybePromise<RestNodeRequestShape>;
-  /**
-   * Maps the HTTP response to the node's output JSON.
-   * When omitted, the output is `{ status, ok, statusText, mimeType, headers, json, text }`.
-   */
   response?(context: RestNodeResponseContext & Readonly<{
     input: TInputJson$1;
   }>): MaybePromise<TOutputJson$1>;
-  /**
-   * How to handle non-2xx responses.
-   * @default "throw"
-   */
   readonly errorPolicy?: RestNodeErrorPolicy;
-  /**
-   * Static configuration summary surfaced in the workflow inspector.
-   * Receives the static config (empty record for defineRestNode — config lives on item input).
-   * Most callers return rows based on the static `api` descriptor instead.
-   */
   readonly inspectorSummary?: (args: Readonly<{
     config: Record<string, never>;
   }>) => ReadonlyArray<NodeInspectorSummaryRow> | undefined;
 }
-/**
- * Declarative helper for creating thin API-wrapper nodes.
- *
- * Usage:
- * ```ts
- * export const postMessage = defineRestNode({
- *   key: "slack.post-message",
- *   title: "Send Slack message",
- *   icon: "si:slack",
- *   api: { baseUrl: "https://slack.com/api", path: "/chat.postMessage", method: "POST" },
- *   credentials: { auth: bearerTokenCredentialType },
- *   inputSchema: z.object({ channel: z.string(), text: z.string() }),
- *   request: ({ input }) => ({
- *     body: { kind: "json", data: { channel: input.channel, text: input.text } },
- *   }),
- *   response: ({ json }) => ({ messageTs: (json as any).ts }),
- * });
- * ```
- *
- * - `defineRestNode` is a thin wrapper over `defineNode`; it does not introduce a new runtime kind.
- * - Credential sessions are resolved via the `credentials` binding map (same as `defineNode`).
- * - Path `{placeholder}` substitution is applied from `input` keys before the request is made.
- * - Non-2xx responses throw an `Error` by default (`errorPolicy: "throw"`).
- */
 declare function defineRestNode<TKey$1 extends string, TCredentials extends DefinedNodeCredentialBindings | undefined, TInputJson$1, TOutputJson$1 = RestNodeResponseContext>(options: DefineRestNodeOptions<TKey$1, TCredentials, TInputJson$1, TOutputJson$1>): DefinedNode<TKey$1, Record<string, never>, TInputJson$1, TOutputJson$1, TCredentials>;
 //#endregion
 //#region src/chatModels/openAiChatModelConfig.d.ts
@@ -2177,11 +1530,6 @@ declare class OpenAIChatModelFactory implements ChatModelFactory<OpenAIChatModel
 }
 //#endregion
 //#region src/nodes/ConnectionCredentialExecutionContextFactory.d.ts
-/**
- * Builds a {@link NodeExecutionContext} whose identity for credential binding and `getCredential`
- * is a **connection-owned** workflow node id (`ConnectionNodeIdFactory` in `@codemation/core`),
- * not the executing parent node. Use for LLM slots, tool slots, or any connection-scoped owner.
- */
 declare class ConnectionCredentialExecutionContextFactory {
   private readonly credentialResolverFactory;
   constructor(credentialSessions: CredentialSessionService);
@@ -2192,65 +1540,17 @@ declare class ConnectionCredentialExecutionContextFactory {
 }
 //#endregion
 //#region src/nodes/AIAgentExecutionHelpersFactory.d.ts
-/**
- * Helper utilities shared by {@link AIAgentNode} and supporting runners.
- *
- * Responsibilities:
- * - {@link #createConnectionCredentialExecutionContextFactory} centralizes credential-context wiring.
- * - {@link #createJsonSchemaRecord} is a pure Zod → draft-07 converter used by both
- *   `OpenAiStrictJsonSchemaFactory` (to feed OpenAI-strict structured output) and the
- *   `AgentStructuredOutputRepairPromptFactory` (to show a required-schema reminder).
- */
 declare class AIAgentExecutionHelpersFactory {
   createConnectionCredentialExecutionContextFactory(credentialSessions: CredentialSessionService): ConnectionCredentialExecutionContextFactory;
-  /**
-   * Produces a plain JSON Schema object (`draft-07`) from a Zod schema, as needed by
-   * OpenAI tool-parameter schemas and the structured-output repair prompt.
-   * - Prefers the schema's **instance** `toJSONSchema(...)` method so we stay inside the Zod
-   *   instance that created the schema (works across consumer/framework tsx namespaces — see
-   *   {@link ZodInstanceToJsonSchema}). Falls back to the framework-imported module function.
-   * - Strips root `$schema` (OpenAI ignores it).
-   * - Sanitizes `required` for cfworker json-schema compatibility (must be a string array or absent).
-   */
   createJsonSchemaRecord(inputSchema: ZodSchemaAny, options: Readonly<{
     schemaName: string;
     requireObjectRoot: boolean;
   }>): Record<string, unknown>;
-  /**
-   * Runs Zod's `toJSONSchema` via the schema's own instance method when available, so consumer
-   * schemas loaded under a different tsx namespace still convert correctly. If the caller handed us
-   * a payload that lacks that method (e.g. a plain JSON Schema record or a Zod instance whose
-   * prototype was stripped), we fall back to the framework-bundled module function.
-   */
   private convertZodSchemaToJsonSchema;
-  /**
-   * `@cfworker/json-schema` iterates `schema.required` with `for...of`; it must be a string array or absent.
-   */
   private sanitizeJsonSchemaRequiredKeywordsForCfworker;
 }
 //#endregion
 //#region src/chatModels/OpenAiStrictJsonSchemaFactory.d.ts
-/**
- * Produces an OpenAI **strict mode**–compliant JSON Schema for an AIAgent `outputSchema`.
- *
- * Why this exists: AI SDK's default Zod → JSON Schema conversion (Zod v4's `toJSONSchema`) can
- * emit `unevaluatedProperties: false` or skip `additionalProperties: false` on object branches.
- * OpenAI's strict-mode validator rejects anything missing `additionalProperties: false` at
- * `context=()` (the root) and requires **all properties** in `required`. We convert here so all
- * legal Zod root shapes work (object, union, discriminated union, nullable-object wrapper, array,
- * intersection, …) and hand AI SDK a pre-tagged `jsonSchema(...)` record that passes straight
- * through to the provider.
- *
- * Rules enforced on the produced JSON Schema record:
- * - Every `type: "object"` node (root and nested under `allOf`/`anyOf`/`oneOf`/`items`/`prefixItems`/`$defs`):
- *   - `additionalProperties: false`
- *   - `required` lists **every** key in `properties` (OpenAI strict requires all properties required;
- *     express optionality via `.nullable()` / `z.union([..., z.null()])`).
- *   - `properties` is always an object (empty object allowed).
- * - `$schema`, `unevaluatedProperties`, and `default` are stripped (OpenAI rejects / ignores them).
- * - `sanitizeJsonSchemaRequiredKeywordsForCfworker` invariants from
- *   {@link AIAgentExecutionHelpersFactory.createJsonSchemaRecord} are preserved as a starting point.
- */
 declare class OpenAiStrictJsonSchemaFactory {
   private readonly executionHelpers;
   constructor(executionHelpers: AIAgentExecutionHelpersFactory);
@@ -2266,18 +1566,12 @@ declare class OpenAiStrictJsonSchemaFactory {
 }
 //#endregion
 //#region src/chatModels/OpenAiCredentialSession.d.ts
-/** Resolved credential session for OpenAI-compatible chat models (API key + optional custom base URL). */
 type OpenAiCredentialSession = Readonly<{
   apiKey: string;
   baseUrl?: string;
 }>;
 //#endregion
 //#region src/chatModels/OpenAiChatModelPresetsFactory.d.ts
-/**
- * Default OpenAI chat model configs for scaffolds and demos (icon + label match {@link OpenAIChatModelConfig} defaults).
- * Prefer importing {@link openAiChatModelPresets} from here or from the consumer template re-export
- * instead of repeating {@link OpenAIChatModelConfig} construction in app workflows.
- */
 declare class OpenAiChatModelPresets {
   readonly demoGpt4oMini: OpenAIChatModelConfig;
   readonly demoGpt41: OpenAIChatModelConfig;
@@ -2285,14 +1579,6 @@ declare class OpenAiChatModelPresets {
 declare const openAiChatModelPresets: OpenAiChatModelPresets;
 //#endregion
 //#region src/chatModels/CodemationChatModelConfig.d.ts
-/**
- * Complexity token sent to the managed LLM broker.
- * The broker maps this to a concrete provider model and thinking effort.
- * low    = cheapest/fastest (short classification, simple extraction)
- * medium = default for most extraction/agent work
- * high   = complex multi-step reasoning
- * xhigh  = hardest problems, most capable model
- */
 type ManagedComplexity = "low" | "medium" | "high" | "xhigh";
 declare class CodemationChatModelConfig implements ChatModelConfig {
   readonly name: string;
@@ -2329,31 +1615,16 @@ type ResolvedTool = Readonly<{
     execute(args: ToolExecuteArgs<ToolConfig, unknown>): Promise<unknown>;
   }>;
 }>;
-/**
- * Per-item binding of a tool: the user config plus the resolved runtime and a snapshot of the
- * original Zod `inputSchema`.
- *
- * `execute` accepts optional `hooks` so the agent coordinator can pass the live `agent.tool.call`
- * span and the planned tool-call's `invocationId`. Node-backed sub-agent tools use these hooks
- * via {@link ChildExecutionScopeFactory} to re-root their runtime ctx under the tool-call boundary
- * (fresh activationId, telemetry parented at the tool-call span, `parentInvocationId` set).
- *
- * `humanApproval` is present only when the tool was created via `defineHumanApprovalNode`
- * (via its marker) — detected during `resolveTools` in `AIAgentNode`.
- */
 type ItemScopedToolBinding = Readonly<{
   config: ToolConfig;
   inputSchema: ZodSchemaAny;
   execute(input: unknown, hooks?: ItemScopedToolCallHooks): Promise<unknown>;
-  /** Present when this binding is backed by a HITL-approval node (story 10). */
   humanApproval?: Readonly<{
     onRejected: "halt" | "return";
   }>;
 }>;
 type ItemScopedToolCallHooks = Readonly<{
-  /** Live agent.tool.call span (used to parent sub-agent telemetry). */
   parentSpan?: TelemetrySpanScope;
-  /** invocationId of the parent tool call (used to thread `parentInvocationId` through ctx). */
   parentInvocationId?: ConnectionInvocationId;
 }>;
 type PlannedToolCall = Readonly<{
@@ -2361,7 +1632,6 @@ type PlannedToolCall = Readonly<{
   toolCall: AgentToolCall;
   invocationIndex: number;
   nodeId: string;
-  /** Stable id reused across queued / running / completed connection invocation rows for this tool call. */
   invocationId: string;
 }>;
 type ExecutedToolCall = Readonly<{
@@ -2372,23 +1642,11 @@ type ExecutedToolCall = Readonly<{
 }>;
 //#endregion
 //#region src/nodes/AgentMessageFactory.d.ts
-/**
- * AI-SDK-shaped message construction for the AIAgent stack. Emits plain `ModelMessage[]`
- * ( `{ role: 'system' | 'user' | 'assistant' | 'tool', content: ... }` ) as consumed by
- * `generateText({ messages })` from the `ai` package.
- */
 declare class AgentMessageFactory {
   static createPromptMessages(messages: ReadonlyArray<AgentMessageDto>): ReadonlyArray<ModelMessage>;
-  /**
-   * Builds the assistant message that contains optional text plus one or more tool-call parts,
-   * matching the shape AI SDK emits between steps.
-   */
   static createAssistantWithToolCalls(text: string | undefined, toolCalls: ReadonlyArray<AgentToolCall>): AssistantModelMessage;
-  /**
-   * Builds the `{ role: "tool", content: [{ type: "tool-result", ... }, ...] }` message returned
-   * to the model after each tool round.
-   */
-  static createToolResultsMessage(executedToolCalls: ReadonlyArray<ExecutedToolCall>): ToolModelMessage;
+  static createToolResultsMessage(executedToolCalls: ReadonlyArray<ExecutedToolCall>, passToolBinariesToModel?: boolean): ToolModelMessage;
+  private static toToolResultOutput;
   private static toToolResultJson;
   private static createPromptMessage;
 }
@@ -2417,19 +1675,6 @@ declare class AgentStructuredOutputRepairPromptFactory {
 //#endregion
 //#region src/nodes/AgentStructuredOutputRunner.d.ts
 type StructuredOutputSchemaForModel = ZodSchemaAny | Readonly<Record<string, unknown>>;
-/**
- * Orchestrates a 2-attempt repair loop on top of `generateText({ output: Output.object(...) })`.
- *
- * Strategy:
- * 1. If the caller already has a raw final text (from a prior tool-calling turn), try parsing it
- *    directly against the schema — fast path for models that already emit strict JSON.
- * 2. Otherwise, run a native structured-output call via {@link invokeStructuredModel}. For the
- *    OpenAI-strict path, a {@link OpenAiStrictJsonSchemaFactory}-built JSON Schema record is
- *    handed to AI SDK's `jsonSchema(...)` wrapper (preserves `additionalProperties: false` at
- *    every object depth).
- * 3. If the structured call fails (AI_NoObjectGeneratedError / ZodError / schema reject), run a
- *    text-mode repair prompt with the validation error appended, up to 2 attempts.
- */
 declare class AgentStructuredOutputRunner {
   private readonly repairPromptFactory;
   private readonly openAiStrictJsonSchemaFactory;
@@ -2450,10 +1695,6 @@ declare class AgentStructuredOutputRunner {
     invokeStructuredModel: (schema: StructuredOutputSchemaForModel, messages: ReadonlyArray<ModelMessage>, options: StructuredOutputOptions | undefined) => Promise<unknown>;
   }>): Promise<TOutput>;
   private retryWithRepairPrompt;
-  /**
-   * Chooses strict mode for OpenAI chat-model configs, off otherwise.  Extendable in future for
-   * other providers that adopt the same "supply a JSON Schema record directly" contract.
-   */
   private resolveStructuredOutputOptions;
   private resolveOutputSchemaForModel;
   private tryParseAndValidate;
@@ -2514,53 +1755,15 @@ interface AIAgentOptions<TInputJson$1 = unknown, _TOutputJson = unknown> {
   readonly description?: string;
   readonly retryPolicy?: RetryPolicySpec;
   readonly guardrails?: AgentGuardrailConfig;
-  /** Engine applies with {@link RunnableNodeConfig.inputSchema} before {@link AIAgentNode.execute}. */
   readonly inputSchema?: ZodType<TInputJson$1>;
   readonly outputSchema?: ZodType<_TOutputJson>;
-  /**
-   * MCP servers to connect for this agent run. Each entry is the server id from
-   * the MCP catalog (e.g. `"gmail"`). Credential instances are bound via the
-   * standard credential-binding flow — each server materializes an MCP connection
-   * node and the slot lives on that node, keyed by
-   * `(workflowId, mcpConnectionNodeId, "credential")` (same shape as ChatModel and
-   * Tool connection nodes). There is no inline credential field; bind through the
-   * canvas credential dropdown before activation.
-   */
   readonly mcpServers?: ReadonlyArray<string>;
-  /**
-   * Tool ids to always include without going through `find_tools`.
-   * Format: `"serverId:toolName"` (e.g. `"gmail:send_message"`). Max 16.
-   */
   readonly pinnedMcpTools?: readonly string[];
-  /**
-   * Source identifiers that should be treated as untrusted external content.
-   * When an incoming `Item.json.__source` matches one of these values, every
-   * user-role message is wrapped with an untrusted-source preamble so the LLM
-   * treats the content as data rather than instructions (prompt-injection defense).
-   *
-   * Defaults to `["gmail", "ocr", "webhook"]` when unset.
-   */
   readonly untrustedSources?: ReadonlyArray<string>;
-  /**
-   * Whether file binaries are automatically passed to the chat model as native inline
-   * multimodal blocks. Defaults to `true`. Set to `false` to skip the binary-passdown step
-   * entirely (the node then behaves as if no binaries were present).
-   */
   readonly passBinariesToModel?: boolean;
-  /**
-   * Explicit binaries to pass to the chat model, instead of the ones on the current item.
-   * Either a static array or a function resolved per item (so an author can forward binaries
-   * produced by an earlier node further back in the workflow). When provided, these replace
-   * `item.binary` as the passdown source. Ignored when {@link passBinariesToModel} is `false`.
-   * Every binary is passed (images as image blocks, all other types as file blocks); the
-   * provider surfaces an error at runtime if it doesn't support a given file type.
-   */
+  readonly passToolBinariesToModel?: boolean;
   readonly binaries?: ReadonlyArray<BinaryAttachment> | ((args: AgentMessageBuildArgs<TInputJson$1>) => ReadonlyArray<BinaryAttachment>);
 }
-/**
- * AI agent: credential bindings are keyed to connection-owned LLM/tool node ids (ConnectionNodeIdFactory),
- * not to the agent workflow node id.
- */
 declare class AIAgent<TInputJson$1 = unknown, TOutputJson$1 = unknown> implements RunnableNodeConfig<TInputJson$1, TOutputJson$1>, AgentNodeConfig<TInputJson$1, TOutputJson$1> {
   readonly kind: "node";
   readonly type: TypeToken<unknown>;
@@ -2582,6 +1785,7 @@ declare class AIAgent<TInputJson$1 = unknown, TOutputJson$1 = unknown> implement
   readonly pinnedMcpTools?: readonly string[];
   readonly untrustedSources?: ReadonlyArray<string>;
   readonly passBinariesToModel?: boolean;
+  readonly passToolBinariesToModel?: boolean;
   readonly binaries?: ReadonlyArray<BinaryAttachment> | ((args: AgentMessageBuildArgs<TInputJson$1>) => ReadonlyArray<BinaryAttachment>);
   constructor(options: AIAgentOptions<TInputJson$1, TOutputJson$1>);
   inspectorSummary(): ReadonlyArray<NodeInspectorSummaryRow>;
@@ -2603,13 +1807,9 @@ declare class AgentToolExecutionCoordinator {
     ctx: NodeExecutionContext<AIAgent<any, any>>;
     agentName: string;
     repairAttemptsByToolName: Map<string, number>;
-    /** Conversation including the assistant message that emitted these tool_use blocks. Stored in checkpoint on HITL suspension. */
     conversationSnapshot?: ReadonlyArray<ModelMessage>;
-    /** Turn count at the moment of this coordinator invocation. */
     turnCount?: number;
-    /** Cumulative tool-call count up to and including this batch. */
     toolCallCount?: number;
-    /** Model id for checkpoint migration safety. */
     modelId?: string;
   }>): Promise<ReadonlyArray<ExecutedToolCall>>;
   private executePlannedToolCall;
@@ -2619,10 +1819,6 @@ declare class AgentToolExecutionCoordinator {
   private createValidationMessage;
   private toJsonValue;
   private extractErrorDetails;
-  /**
-   * Extracts the text content from the last assistant message in the conversation snapshot.
-   * Used to populate `agentReasoning` in the HITL suspension metadata.
-   */
   private extractLastAssistantText;
   private serializeIssue;
 }
@@ -2650,20 +1846,6 @@ declare class NodeBackedToolRuntime {
   private readonly childExecutionScopeFactory;
   constructor(nodeResolver: NodeResolver, itemExprResolver: ItemExprResolver, outputNormalizer: NodeOutputNormalizer, outputBehaviorResolver: RunnableOutputBehaviorResolver, childExecutionScopeFactory: ChildExecutionScopeFactory);
   execute(config: NodeBackedToolConfig<any, ZodSchemaAny, ZodSchemaAny>, args: ToolExecuteArgs): Promise<unknown>;
-  /**
-   * Returns a re-rooted child ctx for nested-agent tools (so their LLM/tool connection ids derive
-   * from the tool connection node, telemetry parents under the tool-call span, and connection
-   * invocations carry `parentInvocationId`). Plain runnable tools (non-agent) keep the orchestrator
-   * ctx with only `config` swapped — no nesting concern.
-   *
-   * The caller (`AIAgentNode.createItemScopedTools`) already wraps the orchestrator ctx via
-   * `ConnectionCredentialExecutionContextFactory.forConnectionNode`, so `args.ctx.nodeId` is the
-   * tool's own connection node id (e.g. `AIAgentNode:2__conn__tool__searchInMail`). We pass that
-   * through as the sub-agent's `nodeId`; deriving another `toolConnectionNodeId(args.ctx.nodeId,
-   * config.name)` here would prepend a duplicate `__conn__tool__<name>` segment and exponentially
-   * deepen ids on each invocation, which also breaks credential resolution because user-provided
-   * bindings sit on the single-level connection node id.
-   */
   private resolveNodeCtx;
   private executeResolvedNode;
   private isRunnableNode;
@@ -2696,11 +1878,6 @@ interface ToolLoadingStrategy {
 }
 //#endregion
 //#region src/nodes/DeferredMetaToolStrategyFactory.d.ts
-/**
- * Factory for creating and initializing a DeferredMetaToolStrategy per agent execution.
- * Injected into AIAgentNode; each agent call creates its own initialized strategy instance.
- * BM25Index is constructed here (this file is a composition root via the Factory suffix).
- */
 declare class DeferredMetaToolStrategyFactory {
   create(input: ToolLoadingStrategyInitInput): Promise<ToolLoadingStrategy>;
 }
@@ -2719,42 +1896,17 @@ declare class AIAgentNode implements RunnableNode<AIAgent<any, any>> {
   readonly inputSchema: z.ZodUnknown;
   private readonly connectionCredentialExecutionContextFactory;
   private readonly preparedByExecutionContext;
-  /**
-   * The `ai` SDK, loaded lazily in {@link execute} so the SDK (~28MB RSS) stays
-   * off the boot path — non-AI workflows never load it. Every path runs through
-   * `execute` → `ensureAiSdk` before any sync helper touches `this.aiSdk`.
-   */
   private aiSdk;
   private aiSdkPromise;
   constructor(nodeResolver: NodeResolver, credentialSessions: CredentialSessionService, nodeBackedToolRuntime: NodeBackedToolRuntime, executionHelpers: AIAgentExecutionHelpersFactory, structuredOutputRunner: AgentStructuredOutputRunner, toolExecutionCoordinator: AgentToolExecutionCoordinator, toolLoadingStrategyFactory: DeferredMetaToolStrategyFactory, agentMcpIntegration: AgentMcpIntegration);
   execute(args: RunnableNodeExecuteArgs<AIAgent<any, any>>): Promise<unknown>;
-  /** Load the `ai` SDK once per node instance (cached promise guards concurrent items). */
   private ensureAiSdk;
-  /**
-   * Resume path: re-enters the agent loop after a HITL suspension.
-   * Reconstructs the conversation from the checkpoint, injects the human decision
-   * as a tool_result, and continues the loop from where it suspended.
-   */
   private executeResumed;
-  /**
-   * Normalizes a {@link ResumeContext} decision into a flat JSON-serializable shape
-   * suitable for injection as a tool_result content.
-   */
   private normalizeDecision;
   private getOrPrepareExecution;
   private prepareExecution;
   private prepareMcpToolsByServer;
   private runAgentForItem;
-  /**
-   * Multi-turn loop:
-   * - Each turn is a single `generateText` call with tools exposed but **not auto-executed**
-   *   (we control tool dispatch so that {@link AgentToolExecutionCoordinator} drives repair /
-   *   connection-invocation recording / transient-error handling exactly like before).
-   * - When the model returns no tool calls the loop ends with the model's text as the final answer.
-   * - Respects `guardrails.maxTurns` and `guardrails.onTurnLimitReached`.
-   * - Strategy-owned tool calls (e.g. `find_tools`) are dispatched via the strategy, not the
-   *   coordinator; their results are tracked so subsequent turns receive the discovered tools.
-   */
   private runTurnLoopUntilFinalAnswer;
   private cannotExecuteAnotherToolRound;
   private finishOrThrowWhenTurnCapHitWithToolCalls;
@@ -2763,66 +1915,15 @@ declare class AIAgentNode implements RunnableNode<AIAgent<any, any>> {
   private buildOutputItem;
   private resolveTools;
   private createItemScopedTools;
-  /**
-   * Resolves the HITL behavior for a tool binding, or `undefined` when it is not a HITL tool.
-   * A binding is HITL if either the backing node carries a `defineHumanApprovalNode` marker or the
-   * binding sets a per-binding `onRejected` via `asTool(..., { onRejected })`. The per-binding value
-   * wins over the node marker, so two tools backed by the same node can reject differently.
-   */
   private resolveHumanApprovalBehavior;
-  /**
-   * Invoke a text turn using the merged tool set from item-scoped tools (coordinator-managed)
-   * and strategy tools (find_tools + discovered MCP tools).
-   * Strategy tools take precedence for names that overlap.
-   */
   private invokeTextTurnWithStrategyTools;
-  /**
-   * Removes `execute` properties from ToolSet entries so the AI SDK does not
-   * auto-execute them within `generateText`. Codemation owns all tool dispatch.
-   */
   private stripExecuteCallbacks;
-  /**
-   * Builds a ToolSet from resolved tools for strategy initialization.
-   * The strategy uses this for its "always-included" node-backed tool descriptions.
-   * HITL tools (detected via the `humanApprovalToolBehavior` field set by `defineHumanApprovalNode`) get the solo-constraint sentence
-   * appended to their description.
-   */
   private buildToolSetFromResolved;
-  /**
-   * Builds an AI SDK {@link ToolSet} where every tool ships a pre-converted JSON Schema (via
-   * {@link jsonSchema}) — not the raw Zod schema — and carries **no** `execute`. Two reasons:
-   *
-   * 1. Codemation owns tool dispatch + the per-tool repair loop (see {@link AgentToolExecutionCoordinator}),
-   *    so the AI SDK must surface tool calls back to us instead of auto-running them.
-   * 2. The AI SDK's `asSchema` helper discriminates between Zod v3 / Zod v4 / Standard Schema via
-   *    runtime feature-detection (`~standard`, `_zod`, etc.). Handing it a pre-built
-   *    {@link jsonSchema} record — which is tagged with `Symbol.for('vercel.ai.schema')` — skips all
-   *    of that detection and guarantees the provider receives a draft-07 JSON Schema with
-   *    `additionalProperties: false` at every object depth (see {@link OpenAiStrictJsonSchemaFactory}
-   *    for the same logic applied to structured-output schemas). Codemation still runs its own Zod
-   *    validation on tool inputs before execute — the schema handed to the model is advisory.
-   */
   private buildToolSet;
-  /**
-   * One `generateText` turn (no auto tool execution) with Codemation-owned child-span telemetry
-   * and connection-invocation state recording. Accepts a pre-built ToolSet.
-   */
   private invokeTextTurnWithToolSet;
-  /**
-   * Structured-output turn: runs `generateText({ output: Output.object({ schema }) })` via the
-   * structured-output runner.  We keep this as a separate helper because the runner needs the raw
-   * validated value (not just text) back, and must be able to retry on Zod failures.
-   */
   private invokeStructuredTurn;
   private isZodSchema;
   private resolveCallOptions;
-  /**
-   * Build a no-code-friendly output payload for an LLM round.
-   *
-   * Always includes `content` (matching the canvas snapshot shape used elsewhere) and adds a
-   * `toolCalls` array when the round produced tool calls so the execution inspector surfaces the
-   * planned calls instead of just an empty `""` for tool-only rounds.
-   */
   private summarizeTurnOutput;
   private extractTurnResult;
   private extractAssistantMessage;
@@ -2838,28 +1939,8 @@ declare class AIAgentNode implements RunnableNode<AIAgent<any, any>> {
   private summarizeLlmMessages;
   private resultToJsonValue;
   private createPromptMessages;
-  /**
-   * Picks which attachments feed the passdown. When the author supplies `config.binaries`
-   * (a static array or a per-item function — e.g. to forward binaries from an earlier node),
-   * those replace the current item's attachments; otherwise the current item's `item.binary`
-   * is used.
-   */
   private selectBinaryAttachments;
-  /**
-   * Reads every attachment through `ctx.binary` (storage-backed, by reference — never base64 on
-   * `item.json`) and resolves it to inline base64 so the agent can pass it to the chat model as a
-   * native multimodal block. Images become image blocks; every other type (PDF, office docs, CSV,
-   * JSON, …) becomes a file block — we don't filter by media type, so any binary can be fed to the
-   * model. If the provider rejects an unsupported type the error surfaces at runtime, and the
-   * workflow can filter the binary upstream.
-   */
   private resolveInlineBinaries;
-  /**
-   * When `item.json.__source` matches an entry in `config.untrustedSources`
-   * (default: `["gmail", "ocr", "webhook"]`), wraps every user-role message
-   * content with an untrusted-external-source preamble so the LLM treats the
-   * content as data, not instructions.
-   */
   private wrapUntrustedSourceMessages;
   private resolveToolRuntime;
   private isNodeBackedToolConfig;
@@ -2870,42 +1951,19 @@ declare class AIAgentNode implements RunnableNode<AIAgent<any, any>> {
 }
 //#endregion
 //#region src/nodes/BM25Index.d.ts
-/**
- * Minimal BM25 (Okapi BM25) implementation for indexing MCP tool descriptions.
- *
- * Parameters: k1=1.5, b=0.75 (standard defaults).
- * Tokenisation: lowercase, split on non-alphanumerics, filter empties.
- */
 declare class BM25Index {
   private readonly k1;
   private readonly b;
   private readonly tf;
   private readonly df;
   private avgDocLen;
-  /**
-   * Add all documents at once. After calling this, search is available.
-   * Documents are indexed in insertion order; search returns their indices.
-   */
   add(docs: ReadonlyArray<string>): void;
-  /**
-   * Returns up to `limit` document indices ranked by BM25 score (highest first).
-   * Returns an empty array if the index is empty or the query matches nothing.
-   */
   search(query: string, limit: number): ReadonlyArray<number>;
   tokenize(text: string): string[];
   private docLen;
 }
 //#endregion
 //#region src/nodes/DeferredMetaToolStrategy.d.ts
-/**
- * Default tool-loading strategy: BM25-indexed MCP tool deferral via a `find_tools` meta-tool.
- *
- * - Node-backed tools and pinned MCP tools are always included in every turn.
- * - `find_tools(query, limit?)` is added to the tool set when MCP tools are indexed.
- * - Tools surfaced by `find_tools` are included in subsequent turns.
- *
- * Not DI-managed; instantiated per agent execution by DeferredMetaToolStrategyFactory.
- */
 declare class DeferredMetaToolStrategy implements ToolLoadingStrategy {
   private readonly bm25;
   private readonly warnFn;
@@ -2914,11 +1972,6 @@ declare class DeferredMetaToolStrategy implements ToolLoadingStrategy {
   private mcpEntries;
   private toolsByServerId;
   private foundToolIds;
-  /**
-   * `jsonSchema` from the `ai` SDK, loaded lazily in {@link initialize} so the SDK
-   * (~28MB RSS) stays off the boot path. `initialize` always runs before the sync
-   * `getToolsForTurn` → `buildFindToolsDefinition` path, so this is set before use.
-   */
   private jsonSchema;
   constructor(bm25: BM25Index, warnFn: (message: string) => void);
   initialize(input: ToolLoadingStrategyInitInput): Promise<void>;
@@ -2931,17 +1984,6 @@ declare class DeferredMetaToolStrategy implements ToolLoadingStrategy {
 }
 //#endregion
 //#region src/nodes/AssertionNode.d.ts
-/**
- * Runs the author's `assertions` callback for each input item and emits one workflow `Item` per
- * returned {@link AssertionResult} on `main`. Persistence is handled by a host-side subscriber
- * to `nodeCompleted` events that filters on `config.emitsAssertions === true`; this node does
- * not write to any store on its own.
- *
- * If the author callback throws, we emit a single synthetic AssertionResult with `errored: true`
- * and `score: 0`. Without this catch the whole node would fail and no assertion row would be
- * persisted — making the rollup blind to "the assertion code itself is broken." The synthetic
- * row keeps `failedAssertionsByRunId` consistent and gives the UI something to surface.
- */
 declare class AssertionNode implements RunnableNode<Assertion<any>> {
   kind: "node";
   outputPorts: readonly ["main"];
@@ -2954,18 +1996,8 @@ interface AssertionOptions<TInputJson$1> {
   readonly id?: string;
   readonly icon?: string;
   readonly description?: string;
-  /**
-   * Author callback. Returns one or more {@link AssertionResult}s per input item. Each becomes
-   * one emitted output item — useful for per-row reporting in the Tests tab. Return `[]` to
-   * emit nothing for this case (rare; usually you want at least a "no-op" pass).
-   */
   assertions(item: Item<TInputJson$1>, ctx: NodeExecutionContext<Assertion<TInputJson$1>>): Promise<ReadonlyArray<AssertionResult>> | ReadonlyArray<AssertionResult>;
 }
-/**
- * Generic assertion node — the "callback" form. For declarative shorthands (StringEquals,
- * JudgeByAgent) compose this with helpers added in later phases. Sets `emitsAssertions: true`
- * so host-side persisters know to record its outputs as `TestAssertion` rows.
- */
 declare class Assertion<TInputJson$1 = unknown> implements RunnableNodeConfig<TInputJson$1, AssertionResult> {
   readonly kind: "node";
   readonly type: TypeToken<unknown>;
@@ -2980,14 +2012,6 @@ declare class Assertion<TInputJson$1 = unknown> implements RunnableNodeConfig<TI
 }
 //#endregion
 //#region src/nodes/nodeOptions.types.d.ts
-/**
- * Options shared by every authorable built-in node: a stable `id` and a plain-language
- * `description` (the non-technical "what does this node do" line surfaced in the node sidebar).
- *
- * `description` is a first-class config option — passed inline in the node's options, exactly like
- * `id` — and is threaded onto the config instance so it flows into the persisted workflow snapshot
- * the host / canvas mappers read. Node-specific option types extend this.
- */
 interface NodeBaseOptions {
   readonly id?: string;
   readonly description?: string;
@@ -3052,7 +2076,6 @@ declare class HttpRequestNode implements RunnableNode<HttpRequest<any, any>> {
 //#endregion
 //#region src/nodes/httpRequest.d.ts
 type HttpRequestDownloadMode = "auto" | "always" | "never";
-/** JSON emitted by {@link HttpRequest} — response metadata only (input item fields are not passed through). */
 type HttpRequestOutputJson = Readonly<{
   url: string;
   method: string;
@@ -3064,99 +2087,34 @@ type HttpRequestOutputJson = Readonly<{
   json?: unknown;
   text?: string;
   bodyBinaryName?: string;
-  /** Set when `responseFormat === "binary"`. Name of the binary slot the response was stored in. */
   binarySlot?: string;
-  /** Set when `responseFormat === "binary"`. MIME type of the stored response. */
   contentType?: string;
-  /** Set when `responseFormat === "binary"`. Size in bytes of the stored response. */
   size?: number;
-  /** Set when `responseFormat === "binary"`. Filename inferred from URL or Content-Disposition. */
   filename?: string;
 }>;
-/**
- * The built-in HTTP request credential type IDs accepted by the `HttpRequest` node.
- * These match the four generic credential types shipped with `@codemation/core-nodes`.
- */
 declare const HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES: ReadonlyArray<string>;
 declare class HttpRequest<TInputJson$1 = Readonly<{
   url?: string;
 }>, TOutputJson$1 = HttpRequestOutputJson> implements RunnableNodeConfig<TInputJson$1, TOutputJson$1> {
   readonly name: string;
   readonly args: Readonly<{
-    /** HTTP method (default: GET). */
     method?: string;
-    /**
-     * Legacy: field name on item.json to read the URL from.
-     * Use `url` for a literal/templated URL instead.
-     */
     urlField?: string;
-    /** Literal or templated URL. When present, takes precedence over `urlField`. */
     url?: string;
-    /** Extra headers to add to every request. */
     headers?: Readonly<Record<string, string>>;
-    /** Query parameters to append to the URL. */
     query?: Readonly<Record<string, string>>;
-    /** Request body specification. For `kind:"json"`, pass the object directly in `body.data` — it is JSON-encoded exactly once, so never a pre-stringified string. */
     body?: HttpBodySpec;
-    /**
-     * Credential slot.
-     *
-     * **String shorthand** (existing): `credentialSlot: "auth"` — the slot accepts all four
-     * default HTTP credential types (bearer, API-key, basic, OAuth2).
-     *
-     * **Object form** (new): narrows the accepted types to the caller-supplied list, useful
-     * when only a subset of credential types makes sense for a specific endpoint.
-     * ```ts
-     * credentialSlot: { name: "auth", acceptedTypes: [bearerTokenCredentialType] }
-     * ```
-     * The slot must be declared in `getCredentialRequirements()`, which is wired automatically.
-     */
     credentialSlot?: string | Readonly<{
       name: string;
       acceptedTypes?: ReadonlyArray<AnyCredentialType>;
     }>;
     binaryName?: string;
     downloadMode?: HttpRequestDownloadMode;
-    /**
-     * Controls how the response body is handled.
-     * - `"json"` / `"text"`: existing behaviour (parse + emit on `item.json`).
-     * - `"binary"`: read the response as raw bytes and store via `ctx.binary.attach`.
-     *   The output JSON contains `{ status, headers, binarySlot, contentType, size, filename }`
-     *   but NOT the raw bytes. Use `responseBinarySlot` to name the slot (default `"response"`).
-     *
-     * When omitted, the existing `downloadMode` logic applies (backward-compatible).
-     */
     responseFormat?: "json" | "text" | "binary";
-    /**
-     * Name of the binary slot to write the response body into when `responseFormat === "binary"`.
-     * Defaults to `"response"`.
-     */
     responseBinarySlot?: string;
-    /**
-     * Maximum response size in bytes for binary mode. Checked against the `Content-Length`
-     * response header before allocating memory. Defaults to 100 MiB (104857600).
-     * Requests whose `Content-Length` exceeds this cap are rejected before the body is read.
-     */
     responseSizeCapBytes?: number;
-    /**
-     * Operator-configurable outbound host allowlist.
-     *
-     * When set, every HTTP request target must match an entry in this list before the
-     * request is made — requests to any other host are rejected with {@link SSRFBlockedError}.
-     * Supports exact hostnames (`api.example.com`) and wildcard subdomain patterns
-     * (`*.example.com` matches `sub.example.com` but not `example.com` itself).
-     *
-     * When unset (default), the existing SSRF private-network guard applies:
-     * public hosts are allowed and private/loopback ranges are blocked.
-     *
-     * **Production warning**: when `NODE_ENV === "production"` and this is unset, a one-time
-     * warning is logged at workflow startup.
-     *
-     * Setting this to an empty array `[]` is equivalent to "block everything".
-     */
     allowedOutboundHosts?: ReadonlyArray<string>;
     id?: string;
-    /** Plain-language explanation surfaced in the node sidebar. */
     description?: string;
   }>;
   readonly retryPolicy: RetryPolicySpec;
@@ -3168,80 +2126,23 @@ declare class HttpRequest<TInputJson$1 = Readonly<{
   readonly icon: "lucide:globe";
   readonly description?: string;
   constructor(name: string, args?: Readonly<{
-    /** HTTP method (default: GET). */
     method?: string;
-    /**
-     * Legacy: field name on item.json to read the URL from.
-     * Use `url` for a literal/templated URL instead.
-     */
     urlField?: string;
-    /** Literal or templated URL. When present, takes precedence over `urlField`. */
     url?: string;
-    /** Extra headers to add to every request. */
     headers?: Readonly<Record<string, string>>;
-    /** Query parameters to append to the URL. */
     query?: Readonly<Record<string, string>>;
-    /** Request body specification. For `kind:"json"`, pass the object directly in `body.data` — it is JSON-encoded exactly once, so never a pre-stringified string. */
     body?: HttpBodySpec;
-    /**
-     * Credential slot.
-     *
-     * **String shorthand** (existing): `credentialSlot: "auth"` — the slot accepts all four
-     * default HTTP credential types (bearer, API-key, basic, OAuth2).
-     *
-     * **Object form** (new): narrows the accepted types to the caller-supplied list, useful
-     * when only a subset of credential types makes sense for a specific endpoint.
-     * ```ts
-     * credentialSlot: { name: "auth", acceptedTypes: [bearerTokenCredentialType] }
-     * ```
-     * The slot must be declared in `getCredentialRequirements()`, which is wired automatically.
-     */
     credentialSlot?: string | Readonly<{
       name: string;
       acceptedTypes?: ReadonlyArray<AnyCredentialType>;
     }>;
     binaryName?: string;
     downloadMode?: HttpRequestDownloadMode;
-    /**
-     * Controls how the response body is handled.
-     * - `"json"` / `"text"`: existing behaviour (parse + emit on `item.json`).
-     * - `"binary"`: read the response as raw bytes and store via `ctx.binary.attach`.
-     *   The output JSON contains `{ status, headers, binarySlot, contentType, size, filename }`
-     *   but NOT the raw bytes. Use `responseBinarySlot` to name the slot (default `"response"`).
-     *
-     * When omitted, the existing `downloadMode` logic applies (backward-compatible).
-     */
     responseFormat?: "json" | "text" | "binary";
-    /**
-     * Name of the binary slot to write the response body into when `responseFormat === "binary"`.
-     * Defaults to `"response"`.
-     */
     responseBinarySlot?: string;
-    /**
-     * Maximum response size in bytes for binary mode. Checked against the `Content-Length`
-     * response header before allocating memory. Defaults to 100 MiB (104857600).
-     * Requests whose `Content-Length` exceeds this cap are rejected before the body is read.
-     */
     responseSizeCapBytes?: number;
-    /**
-     * Operator-configurable outbound host allowlist.
-     *
-     * When set, every HTTP request target must match an entry in this list before the
-     * request is made — requests to any other host are rejected with {@link SSRFBlockedError}.
-     * Supports exact hostnames (`api.example.com`) and wildcard subdomain patterns
-     * (`*.example.com` matches `sub.example.com` but not `example.com` itself).
-     *
-     * When unset (default), the existing SSRF private-network guard applies:
-     * public hosts are allowed and private/loopback ranges are blocked.
-     *
-     * **Production warning**: when `NODE_ENV === "production"` and this is unset, a one-time
-     * warning is logged at workflow startup.
-     *
-     * Setting this to an empty array `[]` is equivalent to "block everything".
-     */
     allowedOutboundHosts?: ReadonlyArray<string>;
     id?: string;
-    /** Plain-language explanation surfaced in the node sidebar. */
     description?: string;
   }>, retryPolicy?: RetryPolicySpec);
   get id(): string | undefined;
@@ -3328,24 +2229,12 @@ declare class If<TInputJson$1 = unknown> implements RunnableNodeConfig<TInputJso
 }
 //#endregion
 //#region src/nodes/IsTestRunNode.d.ts
-/**
- * Routes each item to the `true` port if `ctx.testContext` is set (the run was started by the
- * TestSuiteOrchestrator), else to `false`. Lets workflow authors guard real side-effects:
- *
- *   GmailTrigger / TestTrigger → ClassifyAgent → IsTestRun
- *                                                 ├── true → AssertionNode
- *                                                 └── false → SendReply
- */
 declare class IsTestRunNode implements RunnableNode<IsTestRun<unknown>> {
   kind: "node";
   execute(args: RunnableNodeExecuteArgs<IsTestRun<unknown>>): unknown;
 }
 //#endregion
 //#region src/nodes/isTestRun.d.ts
-/**
- * Branches per-item on whether the current run is a test run. Output ports: `true`, `false`.
- * The wire payload is unchanged — this is a router, not a transform.
- */
 declare class IsTestRun<TInputJson$1 = unknown> implements RunnableNodeConfig<TInputJson$1, TInputJson$1> {
   readonly kind: "node";
   readonly type: TypeToken<unknown>;
@@ -3361,9 +2250,6 @@ declare class IsTestRun<TInputJson$1 = unknown> implements RunnableNodeConfig<TI
 }
 //#endregion
 //#region src/nodes/SwitchNode.d.ts
-/**
- * Routes each item to exactly one output port. Port names must match workflow edges (see {@link Switch} config).
- */
 declare class SwitchNode implements RunnableNode<Switch<any>> {
   kind: "node";
   execute(args: RunnableNodeExecuteArgs<Switch<any>>): Promise<unknown>;
@@ -3412,10 +2298,6 @@ declare class Split<TIn = unknown, TElem = unknown> implements RunnableNodeConfi
     readonly hint: "local";
   };
   readonly keepBinaries: true;
-  /**
-   * When splitting yields zero items for a batch, downstream single-input nodes still run once with an empty batch.
-   * Mirrors {@link MapData}'s empty-output behavior.
-   */
   readonly continueWhenEmptyOutput: true;
   readonly icon: "builtin:split-rows";
   readonly id?: string;
@@ -3429,15 +2311,6 @@ type CronTickJson = {
   firedAt: string;
   scheduledFor: string;
 };
-/**
- * Schedules a workflow on a standard cron expression.
- *
- * Each tick emits one item: `{ firedAt: string, scheduledFor: string }` — both ISO-8601 timestamps.
- * `firedAt` is the wall-clock moment the callback ran; `scheduledFor` is the cron-computed
- * firing instant (these differ when the job was delayed).
- *
- * Timezone defaults to UTC when omitted — cron without an explicit TZ is a DST footgun.
- */
 declare class CronTrigger implements TriggerNodeConfig<CronTickJson> {
   readonly name: string;
   private readonly args;
@@ -3466,10 +2339,6 @@ declare class CronTriggerNode implements TestableTriggerNode<CronTrigger> {
 }
 //#endregion
 //#region src/nodes/ManualTriggerNode.d.ts
-/**
- * Setup is intentionally a no-op: the engine host can run workflows manually
- * by calling `engine.runWorkflow(workflow, triggerNodeId, items)`.
- */
 declare class ManualTriggerNode implements TestableTriggerNode<ManualTrigger<any>> {
   kind: "trigger";
   outputPorts: readonly ["main"];
@@ -3490,7 +2359,6 @@ declare class ManualTrigger<TOutputJson$1 = unknown> implements TriggerNodeConfi
   readonly defaultItems?: Items<TOutputJson$1>;
   readonly id?: string;
   readonly description?: string;
-  /** Manual runs often emit an empty batch; still schedule downstream by default. */
   readonly continueWhenEmptyOutput: true;
   constructor(name?: string, idOrOptions?: string | NodeBaseOptions);
   constructor(name: string, defaultItems: ManualTriggerDefaultValue<TOutputJson$1> | undefined, idOrOptions?: string | NodeBaseOptions);
@@ -3519,7 +2387,6 @@ declare class MapData<TInputJson$1 = unknown, TOutputJson$1 = unknown> implement
   readonly execution: {
     readonly hint: "local";
   };
-  /** Zero mapped items should still allow downstream nodes to run. */
   readonly continueWhenEmptyOutput: true;
   readonly icon: "lucide:square-pen";
   readonly keepBinaries: boolean;
@@ -3542,10 +2409,6 @@ declare class Merge<TInputJson$1 = unknown, TOutputJson$1 = TInputJson$1> implem
   readonly name: string;
   readonly cfg: Readonly<{
     mode: MergeMode;
-    /**
-     * Deterministic input precedence order (only used for passThrough/append).
-     * Any inputs not listed are appended in lexicographic order.
-     */
     prefer?: ReadonlyArray<InputPortKey>;
   }>;
   readonly kind: "node";
@@ -3555,10 +2418,6 @@ declare class Merge<TInputJson$1 = unknown, TOutputJson$1 = TInputJson$1> implem
   readonly description?: string;
   constructor(name: string, cfg?: Readonly<{
     mode: MergeMode;
-    /**
-     * Deterministic input precedence order (only used for passThrough/append).
-     * Any inputs not listed are appended in lexicographic order.
-     */
     prefer?: ReadonlyArray<InputPortKey>;
   }>, idOrOptions?: string | NodeBaseOptions);
   inspectorSummary(): ReadonlyArray<NodeInspectorSummaryRow>;
@@ -3614,15 +2473,6 @@ declare class SubWorkflow<TInputJson$1 = unknown, TOutputJson$1 = unknown> imple
 }
 //#endregion
 //#region src/nodes/TestTriggerNode.d.ts
-/**
- * Author-defined test-fixture trigger. Live activation skips this trigger (filtered by
- * `triggerKind === "test"` in `TriggerRuntimeService`); the `TestSuiteOrchestrator` drives its
- * `generateItems` callback during a TestSuiteRun and dispatches one workflow run per yielded item.
- *
- * `setup` is intentionally a no-op for symmetry with other trigger nodes — the real work happens
- * in the orchestrator. `execute` is a passthrough so items provided to `engine.runWorkflow(...)`
- * (one per case) flow downstream unchanged on `main`.
- */
 declare class TestTriggerNode implements TriggerNode<TestTriggerNodeConfig<any>> {
   kind: "trigger";
   outputPorts: readonly ["main"];
@@ -3635,33 +2485,12 @@ interface TestTriggerOptions<TOutputJson$1> {
   readonly name?: string;
   readonly id?: string;
   readonly icon?: string;
-  /** Cap on simultaneous in-flight test cases for one suite run. Default: 4 (orchestrator). */
   readonly concurrency?: number;
   readonly credentialRequirements?: ReadonlyArray<CredentialRequirement>;
-  /**
-   * Free-form description of where the test cases come from. Shown in the node properties
-   * panel and the Tests-tab suite-detail header so authors revisiting the workflow six months
-   * later remember which mailbox / folder / fixture file the cases originate from.
-   */
   readonly description?: string;
-  /**
-   * Author callback that yields one item per test case. Items are dispatched as separate
-   * workflow runs by the TestSuiteOrchestrator, with `executionOptions.testContext` set.
-   * The provided context exposes credential resolution and an AbortSignal for cancellation.
-   */
   generateItems(ctx: TestTriggerSetupContext<TestTrigger<TOutputJson$1>>): AsyncIterable<Item<TOutputJson$1>>;
-  /**
-   * Optional resolver: extract a human-readable label from a yielded item. The orchestrator
-   * persists this on the run, so the Tests-tab tree-table shows e.g. "RFQ for batch 14"
-   * instead of an opaque runId. Typical use: `(item) => item.json.subject` for mailbox tests.
-   */
   caseLabel?(item: Item<TOutputJson$1>): string | undefined;
 }
-/**
- * Trigger config for a test fixture source. Drop one (or more) of these on the canvas alongside
- * a workflow's live triggers; clicking "Run tests" on the Tests tab invokes
- * {@link TestTriggerOptions.generateItems} via the TestSuiteOrchestrator.
- */
 declare class TestTrigger<TOutputJson$1 = unknown> implements TestTriggerNodeConfig<TOutputJson$1> {
   readonly kind: "trigger";
   readonly triggerKind: "test";
@@ -3700,7 +2529,6 @@ declare class Wait<TItemJson = unknown> implements RunnableNodeConfig<TItemJson,
   readonly execution: {
     readonly hint: "local";
   };
-  /** Pass-through empty batches should still advance to downstream nodes. */
   readonly continueWhenEmptyOutput: true;
   readonly icon: "lucide:hourglass";
   readonly id?: string;
@@ -3752,11 +2580,6 @@ declare class WebhookTrigger<TSchema extends WebhookInputSchema | undefined = un
 }
 //#endregion
 //#region src/nodes/webhookTriggerNode.d.ts
-/**
- * HTTP webhooks are not registered in trigger setup. The host exposes a single catch-all route
- * (e.g. `/api/webhooks/:endpointPath`); the engine's catalog-backed webhook matcher resolves the
- * user-defined endpoint path to this workflow + node, then runs the workflow from this trigger.
- */
 declare class WebhookTriggerNode implements ExecutableTriggerNode<WebhookTrigger<any>> {
   readonly kind: "trigger";
   readonly outputPorts: readonly ["main"];
@@ -3764,12 +2587,17 @@ declare class WebhookTriggerNode implements ExecutableTriggerNode<WebhookTrigger
   execute(items: Items, _ctx: NodeExecutionContext<WebhookTrigger<any>>): Promise<NodeOutputs>;
 }
 //#endregion
+//#region src/nodes/schedulePollingTrigger.d.ts
+type ScheduleItem = {
+  firedAt: string;
+  tick: number;
+};
+type ScheduleState = {
+  tick: number;
+};
+declare const schedulePollingTrigger: DefinedPollingTrigger<"schedule.interval", Readonly<Record<string, unknown>>, ScheduleItem, ScheduleState, undefined>;
+//#endregion
 //#region src/register.types.d.ts
-/**
- * Registrar for built-in nodes. In a real project, this would use tsyringe's
- * container.registerSingleton(...). For the skeleton we keep it token-based:
- * the engine resolves node implementations by class token.
- */
 declare function registerCoreNodes(container: Container): void;
 //#endregion
 //#region src/workflowBuilder.types.d.ts
@@ -3884,10 +2712,6 @@ declare class WorkflowAuthoringBuilder {
 declare function workflow(id: string): WorkflowAuthoringBuilder;
 //#endregion
 //#region src/nodes/ConnectionCredentialNode.d.ts
-/**
- * Placeholder runnable node for connection-owned workflow nodes (LLM/tool slots).
- * The engine does not schedule these; they exist for credentials, tokens, and UI identity.
- */
 declare class ConnectionCredentialNode implements RunnableNode<ConnectionCredentialNodeConfig> {
   kind: "node";
   outputPorts: readonly ["main"];
@@ -3914,9 +2738,6 @@ declare class ConnectionCredentialNodeConfigFactory {
 }
 //#endregion
 //#region src/workflows/AIAgentConnectionWorkflowExpander.d.ts
-/**
- * Materializes connection-owned child nodes and {@link WorkflowDefinition.connections} for AI agent nodes.
- */
 declare class AIAgentConnectionWorkflowExpander {
   private readonly connectionCredentialNodeConfigFactory;
   private readonly mcpServerResolver?;
@@ -3991,25 +2812,9 @@ declare const collectionDeleteNode: DefinedNode<"collection-delete", {
 }, undefined>;
 //#endregion
 //#region src/nodes/InboxApprovalNode.types.d.ts
-/**
- * A subject field (title / body) for an inbox approval. Either a static string
- * or a contextual callback that builds the string from the item using ordinary
- * JavaScript template literals — e.g. `({ item }) => `Approve ${item.json.vendor}``.
- * Code-first: no template DSL, just functions.
- */
 type InboxSubjectField = string | ((args: {
   item: Item;
 }) => string);
-/**
- * Auto-detecting inbox approval node.
- *
- * Uses `ctx.resolve(InboxChannelResolverToken)` to pick the right inbox channel
- * at runtime:
- * - In managed mode (PairingConfig present): routes to the control-plane inbox.
- * - Otherwise: routes to the local inbox.
- *
- * Authors use this node directly; no extra wiring needed per deployment mode.
- */
 declare const inboxApproval: DefinedHumanApprovalNode<"inbox.approval", {
   title: InboxSubjectField;
   body: InboxSubjectField;
@@ -4021,28 +2826,19 @@ declare const inboxApproval: DefinedHumanApprovalNode<"inbox.approval", {
 //#region src/nodes/codemationDocumentScannerNode.d.ts
 declare const ANALYZER_TYPES: readonly ["document", "invoice", "image", "auto"];
 type DocScannerAnalyzerType = (typeof ANALYZER_TYPES)[number];
-/** Per-field value/confidence shape as returned by apps/doc-scanner. */
 type DocScannerField = Readonly<{
   value: unknown;
   confidence: number | null;
 }>;
-/** Output shape of CodemationDocumentScanner — identical to the service wire response. */
 type DocScannerOutput = Readonly<{
   markdown: string;
   fields: Readonly<Record<string, DocScannerField>>;
 }>;
 type CodemationDocumentScannerConfig = Readonly<{
-  /** Key on `item.binary` that holds the document. Default: "data". */
   binaryField?: string;
-  /** Analyzer type. Default: "auto" (routes on mime type on the service side). */
   analyzerType?: DocScannerAnalyzerType;
-  /** MIME type override. Falls back to attachment.mimeType. */
   contentType?: string;
-  /** Include per-field confidence scores (0–1). Default: false.
-   *  Enabling this roughly doubles contextualization tokens for document analyzers.
-   *  Image and auto-to-image requests silently ignore this flag (confidence stays null). */
   includeConfidence?: boolean;
-  /** Max bytes checked before any read. Default: 50 MiB (same cap as OCR nodes, LD10). */
   maxBytes?: number;
 }>;
 declare const codemationDocumentScannerNode: DefinedNode<"codemation.document-scanner", {
@@ -4056,5 +2852,5 @@ declare const codemationDocumentScannerNode: DefinedNode<"codemation.document-sc
   fields: Readonly<Record<string, DocScannerField>>;
 }>, undefined>;
 //#endregion
-export { AIAgent, AIAgentConnectionWorkflowExpander, AIAgentExecutionHelpersFactory, AIAgentNode, AgentItemPortMap, AgentMessageFactory, AgentOutputFactory, AgentStructuredOutputRepairPromptFactory, AgentStructuredOutputRunner, AgentToolCallPortMap, AgentToolErrorClassifier, AgentToolExecutionCoordinator, AgentToolRepairExhaustedError, AgentToolRepairPolicy, Aggregate, AggregateNode, Assertion, AssertionNode, AssertionOptions, BM25Index, BinaryRef, Callback, CallbackHandler, CallbackNode, CallbackOptions, CallbackResultNormalizer, CanvasIconName, CodemationChatModelConfig, CodemationChatModelFactory, CodemationDocumentScannerConfig, ConnectionCredentialExecutionContextFactory, ConnectionCredentialNode, ConnectionCredentialNodeConfig, ConnectionCredentialNodeConfigFactory, CredentialSession, CronTickJson, CronTrigger, CronTriggerNode, DeferredMetaToolStrategy, DeferredMetaToolStrategyFactory, DefineRestNodeOptions, DocScannerAnalyzerType, DocScannerField, DocScannerOutput, type ExecutedToolCall, Filter, FilterNode, type FindToolsResult, HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES, HttpBodySpec, HttpCredentialDelta, HttpRequest, HttpRequestDownloadMode, HttpRequestNode, HttpRequestOutputJson, HttpRequestResult, HttpRequestSpec, If, IfNode, IsTestRun, IsTestRunNode, type ItemScopedToolBinding, ManagedComplexity, ManualTrigger, ManualTriggerNode, MapData, MapDataNode, MapDataOptions, Merge, MergeMode, MergeNode, NoOp, NoOpNode, NodeBaseOptions, OpenAIChatModelConfig, OpenAIChatModelFactory, OpenAiChatModelPresets, OpenAiCredentialSession, OpenAiStrictJsonSchemaFactory, type PlannedToolCall, type ResolvedTool, RestNodeApi, RestNodeErrorPolicy, RestNodeRequestShape, RestNodeResponseContext, SSRFBlockedError, Split, SplitNode, SsrfGuard, SubWorkflow, SubWorkflowNode, Switch, SwitchCaseKeyResolver, SwitchNode, TestTrigger, TestTriggerNode, TestTriggerOptions, type ToolLoadingStrategy, type ToolLoadingStrategyInitInput, type ToolLoadingStrategyTurnContext, Wait, WaitDuration, WaitNode, WebhookRespondNowAndContinueError, WebhookRespondNowError, WebhookTrigger, WebhookTriggerNode, type WorkflowAgentMessages, type WorkflowAgentOptions, WorkflowAuthoringBuilder, WorkflowBranchBuilder, WorkflowChain, apiKeyCredentialType, basicAuthCredentialType, bearerTokenCredentialType, codemationDocumentScannerNode, collectionDeleteNode, collectionFindOneNode, collectionGetNode, collectionInsertNode, collectionListNode, collectionUpdateNode, createWorkflowBuilder, defineRestNode, inboxApproval, oauth2ClientCredentialsType, openAiChatModelPresets, registerCoreNodes, workflow };
+export { AIAgent, AIAgentConnectionWorkflowExpander, AIAgentExecutionHelpersFactory, AIAgentNode, AgentItemPortMap, AgentMessageFactory, AgentOutputFactory, AgentStructuredOutputRepairPromptFactory, AgentStructuredOutputRunner, AgentToolCallPortMap, AgentToolErrorClassifier, AgentToolExecutionCoordinator, AgentToolRepairExhaustedError, AgentToolRepairPolicy, Aggregate, AggregateNode, Assertion, AssertionNode, AssertionOptions, BM25Index, BinaryRef, Callback, CallbackHandler, CallbackNode, CallbackOptions, CallbackResultNormalizer, CanvasIconName, CodemationChatModelConfig, CodemationChatModelFactory, CodemationDocumentScannerConfig, ConnectionCredentialExecutionContextFactory, ConnectionCredentialNode, ConnectionCredentialNodeConfig, ConnectionCredentialNodeConfigFactory, CredentialSession, CronTickJson, CronTrigger, CronTriggerNode, DeferredMetaToolStrategy, DeferredMetaToolStrategyFactory, DefineRestNodeOptions, DocScannerAnalyzerType, DocScannerField, DocScannerOutput, type ExecutedToolCall, Filter, FilterNode, type FindToolsResult, HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES, HttpBodySpec, HttpCredentialDelta, HttpRequest, HttpRequestDownloadMode, HttpRequestNode, HttpRequestOutputJson, HttpRequestResult, HttpRequestSpec, If, IfNode, IsTestRun, IsTestRunNode, type ItemScopedToolBinding, ManagedComplexity, ManualTrigger, ManualTriggerNode, MapData, MapDataNode, MapDataOptions, Merge, MergeMode, MergeNode, NoOp, NoOpNode, NodeBaseOptions, OpenAIChatModelConfig, OpenAIChatModelFactory, OpenAiChatModelPresets, OpenAiCredentialSession, OpenAiStrictJsonSchemaFactory, type PlannedToolCall, type ResolvedTool, RestNodeApi, RestNodeErrorPolicy, RestNodeRequestShape, RestNodeResponseContext, SSRFBlockedError, Split, SplitNode, SsrfGuard, SubWorkflow, SubWorkflowNode, Switch, SwitchCaseKeyResolver, SwitchNode, TestTrigger, TestTriggerNode, TestTriggerOptions, type ToolLoadingStrategy, type ToolLoadingStrategyInitInput, type ToolLoadingStrategyTurnContext, Wait, WaitDuration, WaitNode, WebhookRespondNowAndContinueError, WebhookRespondNowError, WebhookTrigger, WebhookTriggerNode, type WorkflowAgentMessages, type WorkflowAgentOptions, WorkflowAuthoringBuilder, WorkflowBranchBuilder, WorkflowChain, apiKeyCredentialType, basicAuthCredentialType, bearerTokenCredentialType, codemationDocumentScannerNode, collectionDeleteNode, collectionFindOneNode, collectionGetNode, collectionInsertNode, collectionListNode, collectionUpdateNode, createWorkflowBuilder, defineRestNode, inboxApproval, oauth2ClientCredentialsType, openAiChatModelPresets, registerCoreNodes, schedulePollingTrigger, workflow };
 //# sourceMappingURL=index.d.ts.map