@corbat-tech/coco 2.35.0 → 2.37.0

package/dist/index.js

@@ -1,12 +1,13 @@
 import { Logger } from 'tslog';
 import * as fs4 from 'fs';
-import fs4__default, { readFileSync, constants } from 'fs';
+import fs4__default, { readFileSync, mkdirSync, appendFileSync, writeFileSync, renameSync, constants } from 'fs';
 import * as path17 from 'path';
 import path17__default, { dirname, join, basename, resolve } from 'path';
 import * as fs16 from 'fs/promises';
 import fs16__default, { access, readFile, readdir, writeFile, mkdir } from 'fs/promises';
 import { randomUUID, randomBytes, createHash } from 'crypto';
 import * as http from 'http';
+import { createServer } from 'http';
 import { fileURLToPath, URL as URL$1 } from 'url';
 import { exec, execFile, execSync, execFileSync, spawn } from 'child_process';
 import { setGlobalDispatcher, EnvHttpProxyAgent } from 'undici';
@@ -23,7 +24,7 @@ import Anthropic from '@anthropic-ai/sdk';
 import { jsonrepair } from 'jsonrepair';
 import OpenAI from 'openai';
 import { GoogleGenAI, FunctionCallingConfigMode } from '@google/genai';
-import 'events';
+import { EventEmitter } from 'events';
 import 'minimatch';
 import { simpleGit } from 'simple-git';
 import { diffWords } from 'diff';
@@ -275,6 +276,10 @@ function getCatalogDefaultModel(provider) {
 function getCatalogModel(provider, modelId) {
   return getProviderCatalogEntry(provider).models.find((modelEntry) => modelEntry.id === modelId);
 }
+function getCatalogRecommendedModel(provider) {
+  const entry = getProviderCatalogEntry(provider);
+  return entry.models.find((modelEntry) => modelEntry.recommended) ?? entry.models[0];
+}
 function getCatalogContextWindow(provider, modelId, fallback) {
   if (!modelId) return fallback;
   const exact = getCatalogModel(provider, modelId);
@@ -18747,6 +18752,89 @@ function createResilientProvider(provider, config) {
 
 // src/providers/runtime-capabilities.ts
 init_catalog();
+function hasCapability(model2, capability) {
+  return model2?.capabilities.includes(capability) ?? false;
+}
+function selectEndpoint(provider, model2) {
+  if (hasCapability(model2, "anthropic-messages")) return "anthropic-messages";
+  if (hasCapability(model2, "gemini-generate-content")) return "gemini-generate-content";
+  if (provider === "openai" || provider === "codex") {
+    if (hasCapability(model2, "openai-responses")) return "openai-responses";
+  }
+  return "openai-chat";
+}
+function buildRestrictions(provider, model2, endpoint, supportsReasoning, supportsToolUse) {
+  const restrictions = [];
+  if (provider === "copilot" && endpoint === "openai-chat" && supportsToolUse) {
+    restrictions.push(
+      "Copilot uses an OpenAI-compatible Chat Completions route; Coco omits reasoning_effort on tool calls to avoid upstream 400 errors."
+    );
+  }
+  if (provider !== "openai" && provider !== "codex" && endpoint === "openai-chat" && supportsReasoning) {
+    restrictions.push(
+      "OpenAI-compatible providers only receive reasoning fields when the provider is explicitly verified."
+    );
+  }
+  if (!supportsToolUse) {
+    restrictions.push("Function tools are not advertised for this model.");
+  }
+  if (model2.toLowerCase().includes("deprecated")) {
+    restrictions.push(
+      "Model name suggests deprecation; prefer a catalog current/recommended model."
+    );
+  }
+  return restrictions;
+}
+function getProviderRuntimeCapability(provider, modelId) {
+  const providerCatalog = getProviderCatalogEntry(provider);
+  const model2 = modelId ?? providerCatalog.defaultModel;
+  const catalogModel = getCatalogModel(provider, model2);
+  const thinking = getThinkingCapability(provider, model2);
+  const endpoint = selectEndpoint(provider, catalogModel);
+  const supportsToolUse = hasCapability(catalogModel, "tool-use");
+  const supportsReasoning = thinking.supported;
+  return {
+    provider,
+    model: model2,
+    catalogModel,
+    status: catalogModel?.status ?? "unverified",
+    endpoint,
+    supportsStreaming: hasCapability(catalogModel, "streaming"),
+    supportsToolUse,
+    supportsVision: hasCapability(catalogModel, "vision"),
+    supportsReasoning,
+    reasoningKinds: thinking.kinds,
+    defaultReasoning: thinking.defaultMode,
+    contextWindow: catalogModel?.contextWindow ?? 0,
+    maxOutputTokens: catalogModel?.maxOutputTokens,
+    sourceUrl: catalogModel?.source.url,
+    restrictions: buildRestrictions(provider, model2, endpoint, supportsReasoning, supportsToolUse)
+  };
+}
+async function probeProviderRuntimeCapability(provider, modelId, checkAvailability) {
+  const capability = getProviderRuntimeCapability(provider, modelId);
+  if (!checkAvailability) {
+    return {
+      ...capability,
+      available: "not-checked",
+      checkedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+  }
+  try {
+    return {
+      ...capability,
+      available: await checkAvailability(),
+      checkedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+  } catch (error) {
+    return {
+      ...capability,
+      available: false,
+      checkedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
 
 // src/providers/index.ts
 init_copilot();
@@ -19346,6 +19434,927 @@ z.string().regex(
   /^\d+\.\d+\.\d+$/,
   "Version must be in semver format (e.g., 1.0.0)"
 );
+
+// src/cli/repl/agents/manager.ts
+init_logger();
+
+// src/cli/repl/agents/prompts.ts
+var EXPLORE_PROMPT = `You are an exploration agent for Corbat-Coco.
+Your purpose is to search the codebase to answer questions and gather information.
+
+Your capabilities:
+- Search for files using glob patterns
+- Read file contents to understand code structure
+- Search for text patterns across the codebase
+- List directory contents to understand project structure
+
+When exploring:
+1. Start broad, then narrow down based on findings
+2. Look for patterns in naming conventions and file organization
+3. Read relevant files to understand implementations
+4. Summarize your findings clearly and concisely
+
+Focus on gathering accurate information. Do not make changes to files.
+Report what you find with specific file paths and code references.`;
+var PLAN_PROMPT = `You are a planning agent for Corbat-Coco.
+Your purpose is to design implementation approaches and create detailed plans.
+
+Your capabilities:
+- Read existing code to understand architecture
+- Search for related implementations and patterns
+- Analyze dependencies and relationships
+- Review documentation and comments
+
+When planning:
+1. Understand the current state of the codebase
+2. Identify affected areas and dependencies
+3. Break down tasks into concrete steps
+4. Consider edge cases and potential issues
+5. Propose a clear implementation strategy
+
+Output a structured plan with:
+- Overview of the approach
+- Step-by-step implementation tasks
+- Potential risks or considerations
+- Estimated complexity
+
+Do not implement changes - only create the plan.`;
+var TEST_PROMPT = `You are a testing agent for Corbat-Coco.
+Your purpose is to write and run tests to ensure code quality.
+
+Your capabilities:
+- Read source files to understand what needs testing
+- Write test files with comprehensive test cases
+- Run tests and analyze results
+- Check code coverage
+- Identify untested code paths
+
+When testing:
+1. Understand the code being tested
+2. Identify test scenarios (happy path, edge cases, errors)
+3. Write clear, maintainable tests
+4. Run tests and verify they pass
+5. Check coverage and add tests for uncovered areas
+
+Follow these testing principles:
+- One assertion per test when possible
+- Clear test names that describe the scenario
+- Proper setup and teardown
+- Mock external dependencies appropriately
+- Test behavior, not implementation details
+
+Report test results clearly with pass/fail status and coverage metrics.`;
+var DEBUG_PROMPT = `You are a debugging agent for Corbat-Coco.
+Your purpose is to analyze errors, identify root causes, and fix issues.
+
+Your capabilities:
+- Read error messages and stack traces
+- Search for related code and error handlers
+- Execute code to reproduce issues
+- Analyze logs and outputs
+- Make targeted fixes to resolve issues
+
+When debugging:
+1. Understand the error symptoms completely
+2. Reproduce the issue if possible
+3. Trace the error to its source
+4. Identify the root cause (not just symptoms)
+5. Propose and implement a fix
+6. Verify the fix resolves the issue
+
+Focus on:
+- Understanding the actual vs expected behavior
+- Checking input validation and edge cases
+- Looking for off-by-one errors, null references, type mismatches
+- Considering race conditions or async issues
+- Reviewing recent changes that might have introduced the bug
+
+Provide a clear explanation of what caused the issue and how you fixed it.`;
+var REVIEW_PROMPT = `You are a code review agent for Corbat-Coco.
+Your purpose is to review code for quality, maintainability, and best practices.
+
+Your capabilities:
+- Read source files and understand implementations
+- Search for coding patterns and conventions
+- Analyze code complexity and structure
+- Check for security issues and anti-patterns
+
+When reviewing:
+1. Read the code thoroughly
+2. Check for correctness and logic errors
+3. Evaluate code style and consistency
+4. Identify potential bugs or edge cases
+5. Assess maintainability and readability
+6. Look for security vulnerabilities
+
+Review criteria:
+- **Correctness**: Does the code do what it's supposed to?
+- **Clarity**: Is the code easy to understand?
+- **Efficiency**: Are there unnecessary computations or memory usage?
+- **Security**: Are there potential vulnerabilities?
+- **Testing**: Is the code testable? Are there tests?
+- **Documentation**: Are complex parts documented?
+
+Provide specific, actionable feedback with code references.
+Prioritize issues by severity: critical > major > minor > suggestion.`;
+var ARCHITECT_PROMPT = `You are an architecture agent for Corbat-Coco.
+Your purpose is to design system architecture and evaluate architectural decisions.
+
+Your capabilities:
+- Read source files to understand current architecture
+- Search for design patterns and structural boundaries
+- Review module dependencies and coupling
+- Analyze layer separation and interface design
+
+When designing architecture:
+1. Understand the existing architecture and constraints
+2. Identify architectural concerns and trade-offs
+3. Propose designs aligned with corbat-coco patterns:
+   - Tool Registry Pattern: register tools centrally, discover by name
+   - Zod Config Pattern: all config validated with Zod schemas
+   - Provider-Agnostic Pattern: abstract LLM providers behind interfaces
+   - REPL Skill Pattern: skills as self-contained SKILL.md + handler
+   - Phase Context Pattern: pass context through COCO phases immutably
+4. Document decisions as Architecture Decision Records (ADRs)
+
+ADR format:
+- Title: short noun phrase
+- Status: proposed | accepted | deprecated | superseded
+- Context: forces at play
+- Decision: the chosen solution
+- Consequences: trade-offs accepted
+
+Constraints for corbat-coco:
+- TypeScript ESM only \u2014 no CommonJS
+- Node.js 22+ runtime
+- Prefer functional patterns over classes
+- Files must stay under 500 LOC
+- All public APIs need JSDoc
+
+Output a structured architectural analysis or ADR. Do not write implementation code.`;
+var SECURITY_PROMPT = `You are a security audit agent for Corbat-Coco.
+Your purpose is to identify security vulnerabilities and recommend fixes.
+
+Your capabilities:
+- Read source files to analyze security posture
+- Search for dangerous patterns across the codebase
+- Run dependency vulnerability checks
+- Audit configuration for secrets exposure
+
+Security checklist (OWASP Top 10 + corbat-coco specifics):
+
+1. **Secrets exposure**: No API keys/tokens hardcoded or logged
+2. **Command injection**: Shell commands must use array args via execa, never template strings
+3. **Path traversal**: File paths must be validated and confined to safe directories
+4. **Injection (SQL/NoSQL)**: Parameterized queries only, never string concatenation
+5. **Input validation**: All external inputs validated with Zod schemas at boundaries
+6. **LLM output safety**: Treat LLM output as untrusted \u2014 sanitize before eval/exec
+7. **Dependency vulnerabilities**: Check for known CVEs with \`pnpm audit\`
+8. **Insecure deserialization**: Safe JSON parsing with error handling, no eval
+9. **Sensitive data logging**: No PII, tokens, or credentials in log output
+10. **Type safety**: No \`any\` that bypasses security-relevant checks
+
+When auditing:
+1. Search for common dangerous patterns (exec, eval, dangerouslySet, etc.)
+2. Check all environment variable usage for proper validation
+3. Verify tool implementations for path/command safety
+4. Review LLM provider integrations for key exposure
+
+Severity levels:
+- CRITICAL: Exploitable with immediate impact (must block release)
+- HIGH: Likely exploitable under realistic conditions
+- MEDIUM: Exploitable in specific scenarios
+- LOW: Defense-in-depth improvement
+
+Output a structured security report. Do not make code changes \u2014 report findings only.`;
+var TDD_PROMPT = `You are a TDD (Test-Driven Development) agent for Corbat-Coco.
+Your purpose is to enforce test-first methodology with RED-GREEN-REFACTOR discipline.
+
+Your capabilities:
+- Read source files to understand interfaces
+- Write failing tests BEFORE implementation
+- Run tests to confirm RED state
+- Write minimal code to make tests GREEN
+- Refactor while keeping tests passing
+- Check coverage with Vitest
+
+TDD workflow:
+1. **Interface first**: Define types and function signatures (no implementation)
+2. **RED**: Write failing tests that describe the desired behavior
+   - Run \`pnpm test\` \u2014 tests must FAIL at this point
+   - If tests pass without implementation, the test is wrong
+3. **GREEN**: Write the minimum code to make tests pass
+   - Run \`pnpm test\` \u2014 all tests must pass
+4. **REFACTOR**: Clean up code while keeping tests green
+   - Run \`pnpm test\` after each refactor step
+
+Testing stack (corbat-coco):
+- Framework: Vitest
+- Assertions: expect() from vitest
+- Mocking: vi.mock(), vi.fn(), vi.spyOn()
+- Run: \`pnpm test\`
+- Coverage: \`pnpm test -- --coverage\` (target: 80%+)
+
+Test structure:
+\`\`\`typescript
+import { describe, it, expect, vi, beforeEach } from "vitest";
+
+describe("ModuleName", () => {
+  describe("functionName", () => {
+    it("should [expected behavior] when [condition]", async () => {
+      // Arrange
+      // Act
+      // Assert
+    });
+  });
+});
+\`\`\`
+
+Rules:
+- NEVER write implementation before tests
+- One assertion per test when possible
+- Test behavior, not implementation details
+- Mock all external dependencies (LLM providers, filesystem, execa)`;
+var REFACTOR_PROMPT = `You are a refactoring agent for Corbat-Coco.
+Your purpose is to improve code structure, readability, and maintainability without changing behavior.
+
+Your capabilities:
+- Read and analyze existing code for improvement opportunities
+- Edit files to improve structure
+- Run tests to verify behavior is preserved
+- Run linting and type checking
+
+Refactoring techniques (apply in order of safety):
+1. **Extract function**: Break large functions into focused helpers (\u226450 lines each)
+2. **Rename for clarity**: Improve variable/function names to reveal intent
+3. **Remove duplication**: Extract shared logic to reusable functions/modules
+4. **Simplify conditionals**: Replace complex boolean logic with named predicates
+5. **Eliminate magic numbers**: Replace literals with named constants
+6. **Flatten nesting**: Reduce arrow anti-pattern via early returns
+7. **Split large files**: Files over 500 LOC should be split by cohesion
+
+Safety rules:
+- Run \`pnpm test\` BEFORE starting \u2014 all tests must be green
+- Make one refactoring at a time
+- Run \`pnpm test\` after EVERY change \u2014 stop if tests break
+- Run \`pnpm typecheck\` to catch type regressions
+- Never change behavior \u2014 refactoring is structural only
+- If tests don't cover the code being refactored, write tests first
+
+corbat-coco specific patterns to introduce:
+- Use Zod schemas for all config/input types
+- Apply Provider-Agnostic Pattern for LLM calls
+- Apply Tool Registry Pattern for tool management
+- Replace class-heavy code with factory functions where simpler
+
+Output: describe each refactoring applied and run test/typecheck results.`;
+var E2E_PROMPT = `You are an end-to-end testing agent for Corbat-Coco.
+Your purpose is to write and run integration tests that cover complete user workflows.
+
+Your capabilities:
+- Read source files to understand end-to-end flows
+- Write integration tests that exercise full workflows
+- Run tests and analyze failures
+- Check coverage across integration paths
+
+E2E testing principles:
+1. Test complete workflows from entry point to output
+2. Use realistic inputs (not just happy paths)
+3. Test COCO phase transitions: Converge \u2192 Orchestrate \u2192 Complete \u2192 Output
+4. Test CLI commands end-to-end with subprocess spawning
+5. Test error propagation across phase boundaries
+6. Test provider fallback behavior
+7. Test tool execution chains
+
+For corbat-coco, focus on:
+- Full COCO run: specification \u2192 backlog \u2192 task execution \u2192 output generation
+- CLI command integration: \`coco run\`, \`coco repl\`, \`coco init\`
+- LLM provider switching and error recovery
+- Tool registry tool execution chains
+- Quality scoring over multiple iterations
+- Checkpoint save/restore across phase boundaries
+
+Test setup:
+\`\`\`typescript
+// Use mock LLM provider to avoid real API calls in tests
+import { createMockProvider } from "../mocks/provider.js";
+
+// Test full COCO orchestration
+it("should complete a full run from spec to output", async () => {
+  const provider = createMockProvider([
+    { content: "specification output" },
+    { content: "backlog output" },
+  ]);
+  // ...
+});
+\`\`\`
+
+Report coverage of integration paths and any workflow gaps found.`;
+var DOCS_PROMPT = `You are a documentation agent for Corbat-Coco.
+Your purpose is to generate and maintain clear, accurate documentation.
+
+Your capabilities:
+- Read source files to understand what needs documenting
+- Write JSDoc for public APIs
+- Create or update README files
+- Generate architecture documentation
+- Update changelogs
+
+Documentation types:
+1. **JSDoc**: All exported functions, types, and classes
+   \`\`\`typescript
+   /**
+    * Brief description.
+    *
+    * @param paramName - What it is and valid values
+    * @returns What is returned and when
+    * @throws What errors can be thrown and why
+    * @example
+    * \`\`\`typescript
+    * const result = myFunction(input);
+    * \`\`\`
+    */
+   \`\`\`
+2. **README**: Project overview, installation, usage, examples, API reference
+3. **ADR**: Architecture Decision Records (see architect agent format)
+4. **CHANGELOG**: Conventional commit-based changelog entries
+5. **CODING_STANDARDS.md**: Language-specific standards for user projects
+
+corbat-coco documentation conventions:
+- Public APIs must have JSDoc with @param, @returns, @example
+- Complex logic must have inline comments explaining WHY, not WHAT
+- COCO phases must be documented with input/output contracts
+- Tool implementations must document their parameters and return format
+- Provider implementations must document their configuration requirements
+
+Output well-structured documentation. Prefer accuracy over completeness.`;
+var DATABASE_PROMPT = `You are a database engineering agent for Corbat-Coco.
+Your purpose is to design database schemas, write migrations, and optimize queries.
+
+Your capabilities:
+- Read source files to understand data models
+- Write SQL migrations and ORM schema definitions
+- Design schema changes for zero-downtime deployment
+- Review queries for N+1 problems and missing indexes
+
+Migration safety rules:
+1. **Never destructive in one step**: Split DROP/rename into multiple deployments
+2. **Backward compatible first**: New columns must be nullable or have defaults
+3. **Zero-downtime patterns**:
+   - Add column \u2192 deploy app \u2192 backfill \u2192 add constraint \u2192 drop old column
+   - Never rename columns directly \u2014 add new, migrate data, drop old
+4. **Always reversible**: Every migration needs a rollback script
+5. **Test migrations**: Run on a copy of production data before applying
+
+ORM support:
+- **Prisma** (Node.js): \`schema.prisma\` + \`prisma migrate dev\`
+- **TypeORM** (TypeScript): entity classes + \`migration:generate\`
+- **Alembic** (Python): \`alembic revision --autogenerate\`
+- **Flyway** (Java): versioned SQL files in \`db/migration/\`
+- **golang-migrate** (Go): numbered SQL files
+
+Index design:
+- Index all foreign keys
+- Composite indexes: most selective column first
+- Partial indexes for filtered queries
+- Avoid over-indexing (slows writes)
+
+Query patterns:
+- Use pagination (LIMIT/OFFSET or cursor-based)
+- Avoid N+1: use JOIN or batch loading
+- Use query analysis tools (EXPLAIN ANALYZE)
+- Keep transactions short and focused
+
+Output migration files with up/down scripts and a schema change summary.`;
+var AGENT_PROMPTS = {
+  explore: EXPLORE_PROMPT,
+  plan: PLAN_PROMPT,
+  test: TEST_PROMPT,
+  debug: DEBUG_PROMPT,
+  review: REVIEW_PROMPT,
+  architect: ARCHITECT_PROMPT,
+  security: SECURITY_PROMPT,
+  tdd: TDD_PROMPT,
+  refactor: REFACTOR_PROMPT,
+  e2e: E2E_PROMPT,
+  docs: DOCS_PROMPT,
+  database: DATABASE_PROMPT
+};
+var AGENT_TOOLS = {
+  explore: [
+    "glob",
+    "read_file",
+    "list_dir",
+    "bash_exec",
+    "git_status",
+    "git_diff",
+    "git_log",
+    "git_branch"
+  ],
+  plan: ["glob", "read_file", "list_dir", "git_status", "git_diff", "git_log", "git_branch"],
+  test: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "run_tests",
+    "bash_exec",
+    "git_status",
+    "git_diff"
+  ],
+  debug: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "bash_exec",
+    "run_tests",
+    "git_status",
+    "git_diff",
+    "git_log"
+  ],
+  review: ["glob", "read_file", "list_dir", "git_status", "git_diff", "git_log", "git_branch"],
+  architect: ["glob", "read_file", "list_dir", "git_log", "git_branch"],
+  security: ["glob", "read_file", "list_dir", "bash_exec", "git_diff", "git_log"],
+  tdd: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "run_tests",
+    "bash_exec",
+    "git_status",
+    "git_diff"
+  ],
+  refactor: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "run_tests",
+    "bash_exec",
+    "git_status",
+    "git_diff"
+  ],
+  e2e: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "run_tests",
+    "bash_exec",
+    "git_status",
+    "git_diff"
+  ],
+  docs: ["glob", "read_file", "write_file", "edit_file", "list_dir", "git_log"],
+  database: [
+    "glob",
+    "read_file",
+    "write_file",
+    "edit_file",
+    "bash_exec",
+    "git_status",
+    "sql_query",
+    "inspect_schema"
+  ]
+};
+var AGENT_MAX_TURNS = {
+  explore: 10,
+  plan: 8,
+  test: 15,
+  debug: 12,
+  review: 6,
+  architect: 12,
+  security: 10,
+  tdd: 20,
+  refactor: 15,
+  e2e: 15,
+  docs: 12,
+  database: 12
+};
+function getAgentConfig(type) {
+  return {
+    type,
+    systemPrompt: AGENT_PROMPTS[type],
+    tools: AGENT_TOOLS[type],
+    maxTurns: AGENT_MAX_TURNS[type]
+  };
+}
+var AGENT_NAMES = {
+  explore: "Explorer",
+  plan: "Planner",
+  test: "Tester",
+  debug: "Debugger",
+  review: "Reviewer",
+  architect: "Architect",
+  security: "Security Auditor",
+  tdd: "TDD Guide",
+  refactor: "Refactorer",
+  e2e: "E2E Tester",
+  docs: "Docs Writer",
+  database: "Database Engineer"
+};
+var AGENT_DESCRIPTIONS = {
+  explore: "Search the codebase to answer questions and gather information",
+  plan: "Design implementation approaches and create detailed plans",
+  test: "Write and run tests to ensure code quality",
+  debug: "Analyze errors and fix issues",
+  review: "Review code for quality and best practices",
+  architect: "Design system architecture and create architectural decision records",
+  security: "Audit code for security vulnerabilities using OWASP Top 10",
+  tdd: "Drive development with test-first methodology and RED-GREEN-REFACTOR cycle",
+  refactor: "Improve code structure and quality without changing behavior",
+  e2e: "Write and run end-to-end tests covering full user workflows",
+  docs: "Generate and maintain documentation for code, APIs, and architecture",
+  database: "Design database schemas, write migrations, and optimize queries"
+};
+
+// src/cli/repl/agents/manager.ts
+var MAX_CONCURRENT_AGENTS = 3;
+var DEFAULT_TIMEOUT_MS = 5 * 60 * 1e3;
+var AgentManager = class extends EventEmitter {
+  activeAgents = /* @__PURE__ */ new Map();
+  completedAgents = /* @__PURE__ */ new Map();
+  abortControllers = /* @__PURE__ */ new Map();
+  provider;
+  toolRegistry;
+  logger = getLogger();
+  /**
+   * Create a new AgentManager
+   * @param provider - LLM provider for agent execution
+   * @param toolRegistry - Tool registry for agent tool access
+   */
+  constructor(provider, toolRegistry) {
+    super();
+    this.provider = provider;
+    this.toolRegistry = toolRegistry;
+  }
+  /**
+   * Spawn a new subagent for a specific task
+   *
+   * @description Creates and executes a specialized subagent for the given task.
+   * The agent will run autonomously, making LLM calls and executing tools until
+   * it completes the task or reaches the maximum turn limit.
+   *
+   * @param type - Type of agent to spawn (explore, plan, test, debug, review, architect, security, tdd, refactor, e2e, docs, database)
+   * @param task - Task description for the agent to execute
+   * @param options - Optional spawn configuration including callbacks, abort signal, and timeout
+   * @returns Promise resolving to the agent result with output and usage stats
+   *
+   * @example
+   * ```typescript
+   * const result = await manager.spawn('test', 'Write tests for UserService', {
+   *   onStatusChange: (agent) => console.log(`Status: ${agent.status}`),
+   *   onOutput: (agent, text) => console.log(text),
+   *   timeout: 60000, // 1 minute timeout
+   * });
+   * ```
+   */
+  async spawn(type, task, options = {}) {
+    if (this.activeAgents.size >= MAX_CONCURRENT_AGENTS) {
+      const error = `Cannot spawn agent: maximum concurrent agents (${MAX_CONCURRENT_AGENTS}) reached`;
+      this.logger.warn(error);
+      const failedAgent = this.createAgent(type, task);
+      failedAgent.status = "failed";
+      failedAgent.error = error;
+      failedAgent.completedAt = /* @__PURE__ */ new Date();
+      return {
+        agent: failedAgent,
+        success: false,
+        output: error
+      };
+    }
+    const agent = this.createAgent(type, task);
+    this.activeAgents.set(agent.id, agent);
+    options.onStatusChange?.(agent);
+    const internalAbortController = new AbortController();
+    this.abortControllers.set(agent.id, internalAbortController);
+    if (options.signal) {
+      if (options.signal.aborted) {
+        internalAbortController.abort();
+      } else {
+        options.signal.addEventListener("abort", () => {
+          internalAbortController.abort();
+        });
+      }
+    }
+    const timeout = options.timeout ?? DEFAULT_TIMEOUT_MS;
+    const timeoutId = setTimeout(() => {
+      if (this.activeAgents.has(agent.id)) {
+        this.logger.warn(`Agent ${agent.id} timed out after ${timeout}ms`);
+        internalAbortController.abort();
+        agent.error = `Agent timed out after ${timeout}ms`;
+        this.emitEvent("timeout", agent);
+      }
+    }, timeout);
+    this.logger.info(`Spawned ${type} agent: ${agent.id}`, { task, timeout });
+    this.emitEvent("spawn", agent);
+    try {
+      const result = await this.executeAgent(agent, {
+        ...options,
+        signal: internalAbortController.signal
+      });
+      clearTimeout(timeoutId);
+      if (result.success) {
+        this.emitEvent("complete", agent, result);
+      } else if (agent.error?.includes("Aborted")) {
+        this.emitEvent("cancel", agent, result);
+      } else {
+        this.emitEvent("fail", agent, result);
+      }
+      return result;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      agent.status = "failed";
+      agent.error = errorMessage;
+      agent.completedAt = /* @__PURE__ */ new Date();
+      this.moveToCompleted(agent.id);
+      this.abortControllers.delete(agent.id);
+      options.onStatusChange?.(agent);
+      this.logger.error(`Agent ${agent.id} failed unexpectedly`, { error: errorMessage });
+      this.emitEvent("fail", agent);
+      return {
+        agent,
+        success: false,
+        output: errorMessage
+      };
+    }
+  }
+  /**
+   * Cancel a running agent
+   *
+   * @description Cancels an active agent by triggering its abort signal.
+   * The agent will stop at the next safe point (beginning of next iteration).
+   *
+   * @param agentId - ID of the agent to cancel
+   * @returns True if the agent was cancelled, false if not found or already completed
+   */
+  cancel(agentId) {
+    const controller = this.abortControllers.get(agentId);
+    if (!controller) {
+      this.logger.warn(`Cannot cancel agent ${agentId}: not found or already completed`);
+      return false;
+    }
+    this.logger.info(`Cancelling agent ${agentId}`);
+    controller.abort();
+    return true;
+  }
+  /**
+   * Get the status of a specific agent
+   *
+   * @description Returns the current status of an agent.
+   *
+   * @param agentId - ID of the agent
+   * @returns The agent's status or undefined if not found
+   */
+  getStatus(agentId) {
+    return this.getAgent(agentId)?.status;
+  }
+  /**
+   * Get the current status of an agent
+   *
+   * @description Retrieves an agent by ID from either active or completed agents.
+   *
+   * @param agentId - Unique agent identifier (UUID)
+   * @returns The agent if found, undefined otherwise
+   */
+  getAgent(agentId) {
+    return this.activeAgents.get(agentId) ?? this.completedAgents.get(agentId);
+  }
+  /**
+   * Get all active agents
+   * @returns Array of currently running agents
+   */
+  getActiveAgents() {
+    return Array.from(this.activeAgents.values());
+  }
+  /**
+   * Get all completed agents
+   * @returns Array of completed agents (succeeded or failed)
+   */
+  getCompletedAgents() {
+    return Array.from(this.completedAgents.values());
+  }
+  /**
+   * Get the number of active agents
+   * @returns Count of running agents
+   */
+  getActiveCount() {
+    return this.activeAgents.size;
+  }
+  /**
+   * Check if more agents can be spawned
+   * @returns True if under the concurrent limit
+   */
+  canSpawn() {
+    return this.activeAgents.size < MAX_CONCURRENT_AGENTS;
+  }
+  /**
+   * Clear completed agents from history
+   */
+  clearCompleted() {
+    this.completedAgents.clear();
+    this.logger.debug("Cleared completed agents history");
+  }
+  /**
+   * Get available agent types with their descriptions
+   *
+   * @description Returns all supported agent types with their names, descriptions,
+   * and configurations. Useful for building UI or help text.
+   *
+   * @returns Array of agent registry entries with type, name, description, and config
+   */
+  getAvailableAgentTypes() {
+    return Object.keys(AGENT_NAMES).map((type) => ({
+      type,
+      name: AGENT_NAMES[type],
+      description: AGENT_DESCRIPTIONS[type],
+      config: getAgentConfig(type)
+    }));
+  }
+  /**
+   * Create a new agent instance
+   */
+  createAgent(type, task) {
+    return {
+      id: randomUUID(),
+      type,
+      status: "idle",
+      task,
+      createdAt: /* @__PURE__ */ new Date()
+    };
+  }
+  /**
+   * Execute an agent's task
+   */
+  async executeAgent(agent, options) {
+    const config = getAgentConfig(agent.type);
+    agent.status = "running";
+    options.onStatusChange?.(agent);
+    const tools = this.getToolsForAgent(config);
+    const messages = [{ role: "user", content: agent.task }];
+    let totalInputTokens = 0;
+    let totalOutputTokens = 0;
+    let finalOutput = "";
+    let iteration = 0;
+    const maxTurns = config.maxTurns ?? 10;
+    while (iteration < maxTurns) {
+      iteration++;
+      if (options.signal?.aborted) {
+        agent.status = "failed";
+        agent.error = "Aborted by user";
+        agent.completedAt = /* @__PURE__ */ new Date();
+        this.moveToCompleted(agent.id);
+        options.onStatusChange?.(agent);
+        return {
+          agent,
+          success: false,
+          output: "Agent execution was aborted",
+          usage: { inputTokens: totalInputTokens, outputTokens: totalOutputTokens }
+        };
+      }
+      const response = await this.provider.chatWithTools(messages, {
+        system: config.systemPrompt,
+        tools,
+        maxTokens: 4096
+      });
+      totalInputTokens += response.usage.inputTokens;
+      totalOutputTokens += response.usage.outputTokens;
+      if (response.content) {
+        finalOutput += response.content;
+        options.onOutput?.(agent, response.content);
+      }
+      if (!response.toolCalls || response.toolCalls.length === 0) {
+        messages.push({ role: "assistant", content: response.content });
+        break;
+      }
+      const toolResults = await this.executeToolCalls(response.toolCalls, config);
+      const toolUses = response.toolCalls.map((tc) => ({
+        type: "tool_use",
+        id: tc.id,
+        name: tc.name,
+        input: tc.input,
+        geminiThoughtSignature: tc.geminiThoughtSignature
+      }));
+      const assistantContent = response.content ? [{ type: "text", text: response.content }, ...toolUses] : toolUses;
+      messages.push({ role: "assistant", content: assistantContent });
+      messages.push({ role: "user", content: toolResults });
+      this.logger.debug(`Agent ${agent.id} completed iteration ${iteration}`, {
+        toolCalls: response.toolCalls.length
+      });
+    }
+    agent.status = "completed";
+    agent.result = finalOutput;
+    agent.completedAt = /* @__PURE__ */ new Date();
+    this.moveToCompleted(agent.id);
+    options.onStatusChange?.(agent);
+    this.logger.info(`Agent ${agent.id} completed`, {
+      iterations: iteration,
+      outputLength: finalOutput.length
+    });
+    return {
+      agent,
+      success: true,
+      output: finalOutput,
+      usage: { inputTokens: totalInputTokens, outputTokens: totalOutputTokens }
+    };
+  }
+  /**
+   * Get tool definitions filtered for the agent's allowed tools
+   */
+  getToolsForAgent(config) {
+    const allTools = this.toolRegistry.getToolDefinitionsForLLM();
+    const allowedSet = new Set(config.tools);
+    return allTools.filter((tool) => allowedSet.has(tool.name));
+  }
+  /**
+   * Execute tool calls and return results
+   */
+  async executeToolCalls(toolCalls, config) {
+    const results = [];
+    const allowedTools = new Set(config.tools);
+    for (const toolCall of toolCalls) {
+      if (!allowedTools.has(toolCall.name)) {
+        results.push({
+          type: "tool_result",
+          tool_use_id: toolCall.id,
+          content: `Tool '${toolCall.name}' is not available to this agent type`,
+          is_error: true
+        });
+        continue;
+      }
+      try {
+        const result = await this.toolRegistry.execute(toolCall.name, toolCall.input);
+        results.push({
+          type: "tool_result",
+          tool_use_id: toolCall.id,
+          content: result.success ? String(result.data ?? "Success") : `Error: ${result.error}`,
+          is_error: !result.success
+        });
+      } catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        results.push({
+          type: "tool_result",
+          tool_use_id: toolCall.id,
+          content: `Tool execution failed: ${errorMessage}`,
+          is_error: true
+        });
+      }
+    }
+    return results;
+  }
+  /**
+   * Move an agent from active to completed
+   */
+  moveToCompleted(agentId) {
+    const agent = this.activeAgents.get(agentId);
+    if (agent) {
+      this.activeAgents.delete(agentId);
+      this.completedAgents.set(agentId, agent);
+      this.abortControllers.delete(agentId);
+    }
+  }
+  /**
+   * Emit an agent event
+   */
+  emitEvent(type, agent, result) {
+    const event = { type, agent, result };
+    this.emit(type, event);
+    this.emit("agent", event);
+  }
+};
+
+// src/agents/provider-bridge.ts
+var agentProvider = null;
+var agentToolRegistry = null;
+var agentManagerInstance = null;
+function setAgentProvider(provider) {
+  agentProvider = provider;
+  agentManagerInstance = null;
+}
+function getAgentProvider() {
+  return agentProvider;
+}
+function setAgentToolRegistry(registry) {
+  agentToolRegistry = registry;
+  agentManagerInstance = null;
+}
+function getAgentToolRegistry() {
+  return agentToolRegistry;
+}
+function getAgentManager() {
+  if (!agentProvider || !agentToolRegistry) {
+    return null;
+  }
+  if (!agentManagerInstance) {
+    agentManagerInstance = new AgentManager(agentProvider, agentToolRegistry);
+  }
+  return agentManagerInstance;
+}
+
+// src/runtime/agent-runtime.ts
+init_env();
 init_errors();
 init_allowed_paths();
 function levenshtein(a, b) {
@@ -20290,7 +21299,7 @@ function escapeRegex(str) {
   return str.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
 }
 init_errors();
-var DEFAULT_TIMEOUT_MS = 12e4;
+var DEFAULT_TIMEOUT_MS2 = 12e4;
 var MAX_OUTPUT_SIZE = 1024 * 1024;
 var DANGEROUS_PATTERNS_FULL = [
   { pattern: /\brm\s+-rf\s+\/(?!\w)/, rule: "rm -rf on root filesystem" },
@@ -20412,7 +21421,7 @@ Examples:
       }
     }
     const startTime = performance.now();
-    const timeoutMs = timeout ?? DEFAULT_TIMEOUT_MS;
+    const timeoutMs = timeout ?? DEFAULT_TIMEOUT_MS2;
     const { CommandHeartbeat: CommandHeartbeat2 } = await Promise.resolve().then(() => (init_heartbeat(), heartbeat_exports));
     const heartbeat = new CommandHeartbeat2({
       onUpdate: (stats) => {
@@ -21110,54 +22119,6 @@ var simpleAutoCommitTool = defineTool({
   }
 });
 var gitSimpleTools = [checkProtectedBranchTool, simpleAutoCommitTool];
-
-// src/cli/repl/agents/manager.ts
-init_logger();
-var AGENT_NAMES = {
-  explore: "Explorer",
-  plan: "Planner",
-  test: "Tester",
-  debug: "Debugger",
-  review: "Reviewer",
-  architect: "Architect",
-  security: "Security Auditor",
-  tdd: "TDD Guide",
-  refactor: "Refactorer",
-  e2e: "E2E Tester",
-  docs: "Docs Writer",
-  database: "Database Engineer"
-};
-var AGENT_DESCRIPTIONS = {
-  explore: "Search the codebase to answer questions and gather information",
-  plan: "Design implementation approaches and create detailed plans",
-  test: "Write and run tests to ensure code quality",
-  debug: "Analyze errors and fix issues",
-  review: "Review code for quality and best practices",
-  architect: "Design system architecture and create architectural decision records",
-  security: "Audit code for security vulnerabilities using OWASP Top 10",
-  tdd: "Drive development with test-first methodology and RED-GREEN-REFACTOR cycle",
-  refactor: "Improve code structure and quality without changing behavior",
-  e2e: "Write and run end-to-end tests covering full user workflows",
-  docs: "Generate and maintain documentation for code, APIs, and architecture",
-  database: "Design database schemas, write migrations, and optimize queries"
-};
-
-// src/agents/provider-bridge.ts
-var agentProvider = null;
-var agentToolRegistry = null;
-function getAgentProvider() {
-  return agentProvider;
-}
-function getAgentToolRegistry() {
-  return agentToolRegistry;
-}
-function getAgentManager() {
-  {
-    return null;
-  }
-}
-
-// src/tools/simple-agent.ts
 var AGENT_TYPES = [
   "explore",
   "plan",
@@ -21270,7 +22231,7 @@ var checkAgentCapabilityTool = defineTool({
   async execute() {
     const provider = getAgentProvider();
     const toolRegistry = getAgentToolRegistry();
-    const isReady = provider !== null;
+    const isReady = provider !== null && toolRegistry !== null;
     const agentTypes = Object.entries(AGENT_DESCRIPTIONS).map(([type, description]) => ({
       type,
       name: AGENT_NAMES[type],
@@ -21284,12 +22245,12 @@ var checkAgentCapabilityTool = defineTool({
         ready: isReady,
         availableTypes: agentTypes,
         features: {
-          taskDelegation: "requires provider initialization",
-          parallelSpawn: "requires provider initialization",
-          multiTurnToolUse: "requires provider initialization",
-          specializedAgents: "requires provider initialization"
+          taskDelegation: isReady ? "ready" : "requires provider initialization",
+          parallelSpawn: isReady ? "ready" : "requires provider initialization",
+          multiTurnToolUse: isReady ? "ready" : "requires provider initialization",
+          specializedAgents: isReady ? "ready" : "requires provider initialization"
         },
-        status: "Provider not initialized. Call setAgentProvider() during startup."
+        status: isReady ? "Multi-agent system is ready with 12 specialized agent types." : "Provider not initialized. Call setAgentProvider() during startup."
       }),
       stderr: "",
       exitCode: 0,
@@ -30646,6 +31607,235 @@ function getMCPServerManager() {
 
 // src/mcp/tools.ts
 init_errors2();
+var DEFAULT_OPTIONS = {
+  namePrefix: "mcp",
+  category: "deploy",
+  requestTimeout: 6e4
+};
+function buildMcpToolDescription(serverName, tool) {
+  const base = tool.description || `Tool '${tool.name}' exposed by MCP server '${serverName}'`;
+  const lowerServer = serverName.toLowerCase();
+  if (lowerServer.includes("atlassian") || lowerServer.includes("jira") || lowerServer.includes("confluence")) {
+    return `${base}. Use this MCP tool for Atlassian/Jira/Confluence data. Prefer it over direct web_fetch or http_fetch for Atlassian content.`;
+  }
+  return `${base}. Exposed by MCP server '${serverName}'. Prefer this MCP tool over generic web/http fetch when accessing data from that connected service.`;
+}
+function jsonSchemaToZod(schema) {
+  if (schema.enum && Array.isArray(schema.enum)) {
+    const values = schema.enum;
+    if (values.length > 0 && values.every((v) => typeof v === "string")) {
+      return z.enum(values);
+    }
+    const literals = values.map((v) => z.literal(v));
+    if (literals.length < 2) {
+      return literals[0] ?? z.any();
+    }
+    return z.union(literals);
+  }
+  if (schema.const !== void 0) {
+    return z.literal(schema.const);
+  }
+  if (schema.oneOf && Array.isArray(schema.oneOf)) {
+    const schemas = schema.oneOf.map(jsonSchemaToZod);
+    if (schemas.length >= 2) {
+      return z.union(schemas);
+    }
+    return schemas[0] ?? z.unknown();
+  }
+  if (schema.anyOf && Array.isArray(schema.anyOf)) {
+    const schemas = schema.anyOf.map(jsonSchemaToZod);
+    if (schemas.length >= 2) {
+      return z.union(schemas);
+    }
+    return schemas[0] ?? z.unknown();
+  }
+  if (schema.allOf && Array.isArray(schema.allOf)) {
+    const schemas = schema.allOf.map(jsonSchemaToZod);
+    return schemas.reduce((acc, s) => z.intersection(acc, s));
+  }
+  const type = schema.type;
+  const makeNullable = (s) => {
+    if (schema.nullable === true) return s.nullable();
+    return s;
+  };
+  switch (type) {
+    case "string": {
+      let s = z.string();
+      if (schema.format) {
+        switch (schema.format) {
+          case "uri":
+          case "url":
+            s = z.string().url();
+            break;
+          case "email":
+            s = z.string().email();
+            break;
+          case "date-time":
+          case "datetime":
+            s = z.string().datetime();
+            break;
+        }
+      }
+      if (typeof schema.minLength === "number") s = s.min(schema.minLength);
+      if (typeof schema.maxLength === "number") s = s.max(schema.maxLength);
+      return makeNullable(s);
+    }
+    case "number": {
+      let n = z.number();
+      if (typeof schema.minimum === "number") n = n.min(schema.minimum);
+      if (typeof schema.maximum === "number") n = n.max(schema.maximum);
+      if (typeof schema.exclusiveMinimum === "number") n = n.gt(schema.exclusiveMinimum);
+      if (typeof schema.exclusiveMaximum === "number") n = n.lt(schema.exclusiveMaximum);
+      return makeNullable(n);
+    }
+    case "integer": {
+      let n = z.number().int();
+      if (typeof schema.minimum === "number") n = n.min(schema.minimum);
+      if (typeof schema.maximum === "number") n = n.max(schema.maximum);
+      return makeNullable(n);
+    }
+    case "boolean":
+      return makeNullable(z.boolean());
+    case "null":
+      return z.null();
+    case "array":
+      if (schema.items) {
+        const itemSchema = jsonSchemaToZod(schema.items);
+        let arr = z.array(itemSchema);
+        if (typeof schema.minItems === "number") arr = arr.min(schema.minItems);
+        if (typeof schema.maxItems === "number") arr = arr.max(schema.maxItems);
+        return makeNullable(arr);
+      }
+      return makeNullable(z.array(z.unknown()));
+    case "object": {
+      const properties = schema.properties;
+      const required = schema.required;
+      if (!properties) {
+        return makeNullable(z.record(z.string(), z.unknown()));
+      }
+      const shape = {};
+      for (const [key, propSchema] of Object.entries(properties)) {
+        let fieldSchema = jsonSchemaToZod(propSchema);
+        if (!required?.includes(key)) {
+          fieldSchema = fieldSchema.optional();
+        }
+        if (propSchema.description && typeof propSchema.description === "string") {
+          fieldSchema = fieldSchema.describe(propSchema.description);
+        }
+        shape[key] = fieldSchema;
+      }
+      return makeNullable(z.object(shape));
+    }
+    default:
+      if (Array.isArray(schema.type)) {
+        const types = schema.type;
+        if (types.includes("null")) {
+          const nonNullType = types.find((t) => t !== "null");
+          if (nonNullType) {
+            return jsonSchemaToZod({ ...schema, type: nonNullType }).nullable();
+          }
+        }
+      }
+      return z.unknown();
+  }
+}
+function createToolParametersSchema(tool) {
+  const schema = tool.inputSchema;
+  if (!schema || schema.type !== "object") {
+    return z.object({});
+  }
+  return jsonSchemaToZod(schema);
+}
+function formatToolResult(result) {
+  if (result.isError) {
+    throw new Error(result.content.map((c) => c.text || "").join("\n"));
+  }
+  return result.content.map((item) => {
+    switch (item.type) {
+      case "text":
+        return item.text || "";
+      case "image":
+        return `[Image: ${item.mimeType || "unknown"}]`;
+      case "resource":
+        return `[Resource: ${item.resource?.uri || "unknown"}]`;
+      default:
+        return "";
+    }
+  }).filter(Boolean).join("\n");
+}
+function createToolName(serverName, toolName, prefix) {
+  return `${prefix}_${serverName}_${toolName}`.replace(/[^a-zA-Z0-9_]/g, "_");
+}
+function wrapMCPTool(tool, serverName, client, options = {}) {
+  const opts = { ...DEFAULT_OPTIONS, ...options };
+  const wrappedName = createToolName(serverName, tool.name, opts.namePrefix);
+  const parametersSchema = createToolParametersSchema(tool);
+  const cocoTool = {
+    name: wrappedName,
+    description: buildMcpToolDescription(serverName, tool),
+    category: opts.category,
+    parameters: parametersSchema,
+    execute: async (params) => {
+      const timeout = opts.requestTimeout;
+      try {
+        const result = await Promise.race([
+          client.callTool({
+            name: tool.name,
+            arguments: params
+          }),
+          new Promise((_, reject) => {
+            setTimeout(() => {
+              reject(new MCPTimeoutError(`Tool '${tool.name}' timed out after ${timeout}ms`));
+            }, timeout);
+          })
+        ]);
+        return formatToolResult(result);
+      } catch (error) {
+        if (error instanceof MCPError) {
+          throw error;
+        }
+        throw new MCPError(
+          -32603,
+          `Tool execution failed: ${error instanceof Error ? error.message : "Unknown error"}`
+        );
+      }
+    }
+  };
+  const wrapped = {
+    originalTool: tool,
+    serverName,
+    wrappedName
+  };
+  return { tool: cocoTool, wrapped };
+}
+function wrapMCPTools(tools, serverName, client, options = {}) {
+  const cocoTools = [];
+  const wrappedTools = [];
+  for (const tool of tools) {
+    const { tool: cocoTool, wrapped } = wrapMCPTool(tool, serverName, client, options);
+    cocoTools.push(cocoTool);
+    wrappedTools.push(wrapped);
+  }
+  return { tools: cocoTools, wrapped: wrappedTools };
+}
+async function createToolsFromMCPServer(serverName, client, options = {}) {
+  if (!client.isConnected()) {
+    await client.initialize({
+      protocolVersion: "2024-11-05",
+      capabilities: {},
+      clientInfo: { name: "coco-mcp-client", version: "0.2.0" }
+    });
+  }
+  const { tools } = await client.listTools();
+  return wrapMCPTools(tools, serverName, client, options);
+}
+async function registerMCPTools(registry, serverName, client, options = {}) {
+  const { tools, wrapped } = await createToolsFromMCPServer(serverName, client, options);
+  for (const tool of tools) {
+    registry.register(tool);
+  }
+  return wrapped;
+}
 
 // src/tools/mcp.ts
 async function loadConfiguredServers(projectPath) {
@@ -30742,6 +31932,10 @@ built-in MCP OAuth browser login flow. Do not ask the user for raw tokens when t
       await manager.stopServer(target.name);
     }
     const connection = await manager.startServer(target);
+    const toolRegistry = getAgentToolRegistry();
+    if (toolRegistry) {
+      await registerMCPTools(toolRegistry, connection.name, connection.client);
+    }
     let tools;
     if (includeTools) {
       try {
@@ -30911,11 +32105,1194 @@ function createFullToolRegistry() {
   return registry;
 }
 
+// src/runtime/agent-modes.ts
+var AGENT_MODES = {
+  ask: {
+    id: "ask",
+    label: "Ask",
+    description: "Answer questions and explain code without modifying files.",
+    readOnly: true,
+    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_definition"],
+    requiresVerification: false
+  },
+  plan: {
+    id: "plan",
+    label: "Plan",
+    description: "Explore and produce an implementation plan with read-only tools.",
+    readOnly: true,
+    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_workspace_symbols"],
+    requiresVerification: false
+  },
+  build: {
+    id: "build",
+    label: "Build",
+    description: "Implement code changes and verify them.",
+    readOnly: false,
+    preferredTools: ["read_file", "edit_file", "write_file", "bash_exec", "run_tests"],
+    requiresVerification: true
+  },
+  debug: {
+    id: "debug",
+    label: "Debug",
+    description: "Reproduce failures, trace root cause, patch, and verify.",
+    readOnly: false,
+    preferredTools: ["bash_exec", "read_file", "grep", "lsp_references", "edit_file"],
+    requiresVerification: true
+  },
+  review: {
+    id: "review",
+    label: "Review",
+    description: "Inspect code quality, security, behavior changes, and test gaps.",
+    readOnly: true,
+    preferredTools: ["git_diff", "read_file", "grep", "review_code", "calculate_quality"],
+    requiresVerification: false
+  },
+  architect: {
+    id: "architect",
+    label: "Architect",
+    description: "Design architecture and split work for architect/editor execution.",
+    readOnly: true,
+    preferredTools: ["codebase_map", "lsp_workspace_symbols", "grep", "create_agent_plan"],
+    requiresVerification: false
+  }
+};
+function getAgentMode(mode) {
+  return AGENT_MODES[mode];
+}
+function listAgentModes() {
+  return Object.values(AGENT_MODES);
+}
+function isAgentMode(value) {
+  return value in AGENT_MODES;
+}
+
+// src/runtime/default-turn-runner.ts
+var DefaultRuntimeTurnRunner = class {
+  async run(input, context) {
+    const messages = [
+      ...context.session.messages,
+      {
+        role: "user",
+        content: input.content
+      }
+    ];
+    const response = await context.provider.chat(messages, {
+      model: input.options?.model,
+      maxTokens: input.options?.maxTokens,
+      temperature: input.options?.temperature,
+      stopSequences: input.options?.stopSequences,
+      system: context.session.instructions ?? input.options?.system,
+      timeout: input.options?.timeout,
+      signal: input.options?.signal,
+      thinking: input.options?.thinking
+    });
+    return {
+      sessionId: context.session.id,
+      content: response.content,
+      usage: response.usage,
+      model: response.model,
+      mode: context.session.mode
+    };
+  }
+};
+function createDefaultRuntimeTurnRunner() {
+  return new DefaultRuntimeTurnRunner();
+}
+var InMemoryEventLog = class {
+  events = [];
+  record(type, data = {}) {
+    const event = {
+      id: randomUUID(),
+      type,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data
+    };
+    this.events.push(event);
+    return event;
+  }
+  list() {
+    return [...this.events];
+  }
+  count() {
+    return this.events.length;
+  }
+  clear() {
+    this.events = [];
+  }
+};
+var FileEventLog = class {
+  constructor(filePath) {
+    this.filePath = filePath;
+    try {
+      mkdirSync(dirname(filePath), { recursive: true });
+    } catch {
+      this.writable = false;
+    }
+  }
+  filePath;
+  memory = new InMemoryEventLog();
+  writable = true;
+  record(type, data = {}) {
+    const event = this.memory.record(type, data);
+    if (this.writable) {
+      try {
+        appendFileSync(this.filePath, JSON.stringify(event) + "\n", "utf-8");
+      } catch {
+        this.writable = false;
+      }
+    }
+    return event;
+  }
+  list() {
+    if (!this.writable) return this.memory.list();
+    try {
+      const raw = readFileSync(this.filePath, "utf-8");
+      return raw.split("\n").filter(Boolean).flatMap((line) => {
+        try {
+          return [JSON.parse(line)];
+        } catch {
+          return [];
+        }
+      });
+    } catch {
+      return this.memory.list();
+    }
+  }
+  count() {
+    return this.list().length;
+  }
+  clear() {
+    this.memory.clear();
+    if (this.writable) {
+      try {
+        writeFileSync(this.filePath, "", "utf-8");
+      } catch {
+        this.writable = false;
+      }
+    }
+  }
+};
+function createEventLog() {
+  return new InMemoryEventLog();
+}
+function createFileEventLog(filePath) {
+  return new FileEventLog(filePath);
+}
+
+// src/runtime/permission-policy.ts
+var READ_ONLY_CATEGORIES = /* @__PURE__ */ new Set(["search", "web", "document"]);
+var WRITE_CATEGORIES = /* @__PURE__ */ new Set(["file", "git", "test", "build", "memory"]);
+var READ_ONLY_TOOL_NAMES = /* @__PURE__ */ new Set([
+  "glob",
+  "read_file",
+  "list_dir",
+  "tree",
+  "grep",
+  "find_in_file",
+  "semantic_search",
+  "codebase_map",
+  "repo_context",
+  "lsp_status",
+  "lsp_document_symbols",
+  "lsp_workspace_symbols",
+  "lsp_definition",
+  "lsp_references",
+  "git_status",
+  "git_log",
+  "git_diff",
+  "git_show",
+  "git_branch",
+  "recall_memory",
+  "list_memories",
+  "list_checkpoints",
+  "spawnSimpleAgent",
+  "checkAgentCapability"
+]);
+var WRITE_CAPABLE_TOOL_NAMES = /* @__PURE__ */ new Set(["run_linter"]);
+var DESTRUCTIVE_TOOL_NAMES = /* @__PURE__ */ new Set([
+  "bash_exec",
+  "write_file",
+  "edit_file",
+  "delete_file",
+  "restore_checkpoint",
+  "git_commit",
+  "git_push"
+]);
+function riskForTool(tool) {
+  if (READ_ONLY_TOOL_NAMES.has(tool.name)) return "read-only";
+  if (DESTRUCTIVE_TOOL_NAMES.has(tool.name)) return "destructive";
+  if (WRITE_CAPABLE_TOOL_NAMES.has(tool.name)) return "write";
+  if (tool.category === "web") return "network";
+  if (WRITE_CATEGORIES.has(tool.category)) return "write";
+  if (tool.category === "quality") return "write";
+  return "read-only";
+}
+var DefaultPermissionPolicy = class {
+  canExecuteTool(mode, tool) {
+    const definition = getAgentMode(mode);
+    const risk = riskForTool(tool);
+    const readOnlyTool = READ_ONLY_TOOL_NAMES.has(tool.name) || READ_ONLY_CATEGORIES.has(tool.category);
+    if (definition.readOnly && !readOnlyTool) {
+      return {
+        allowed: false,
+        reason: `${definition.label} mode is read-only; ${tool.name} is a ${tool.category} tool.`,
+        risk
+      };
+    }
+    if (risk === "destructive") {
+      return {
+        allowed: true,
+        requiresConfirmation: true,
+        reason: `${tool.name} can change repository state and should be confirmed.`,
+        risk
+      };
+    }
+    return { allowed: true, risk };
+  }
+  canExecuteToolInput(mode, tool, input) {
+    if (tool.name !== "run_linter") {
+      return this.canExecuteTool(mode, tool);
+    }
+    const definition = getAgentMode(mode);
+    const fixEnabled = input["fix"] === true;
+    const decision = fixEnabled ? { allowed: true, risk: "write" } : { allowed: true, risk: "read-only" };
+    if (definition.readOnly && fixEnabled) {
+      return {
+        allowed: false,
+        reason: `${definition.label} mode is read-only; run_linter with fix=true can modify files.`,
+        risk: "write"
+      };
+    }
+    return decision;
+  }
+};
+function createPermissionPolicy() {
+  return new DefaultPermissionPolicy();
+}
+
+// src/runtime/provider-registry.ts
+init_catalog();
+var ProviderRegistry = class {
+  listProviders() {
+    return Object.values(PROVIDER_CATALOG);
+  }
+  getProvider(provider) {
+    return getProviderCatalogEntry(provider);
+  }
+  listModels(provider) {
+    return this.getProvider(provider).models;
+  }
+  getModel(provider, model2) {
+    return getCatalogModel(provider, model2);
+  }
+  getDefaultModel(provider) {
+    return getCatalogDefaultModel(provider);
+  }
+  getRecommendedModel(provider) {
+    return getCatalogRecommendedModel(provider);
+  }
+  getCapability(provider, model2) {
+    return getProviderRuntimeCapability(provider, model2);
+  }
+  async createProvider(provider, config = {}) {
+    return createProvider(provider, config);
+  }
+  async probe(provider, model2, checkAvailability) {
+    return probeProviderRuntimeCapability(provider, model2, checkAvailability);
+  }
+};
+function createProviderRegistry() {
+  return new ProviderRegistry();
+}
+function createSessionId() {
+  return `rt_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 10)}`;
+}
+function cloneSession(session) {
+  return structuredClone(session);
+}
+var InMemoryRuntimeSessionStore = class {
+  sessions = /* @__PURE__ */ new Map();
+  create(options = {}) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const session = {
+      id: options.id ?? createSessionId(),
+      createdAt: now,
+      updatedAt: now,
+      mode: options.mode ?? "ask",
+      messages: options.messages ? options.messages.map((message) => ({ ...message })) : [],
+      instructions: options.instructions,
+      metadata: { ...options.metadata }
+    };
+    this.sessions.set(session.id, cloneSession(session));
+    return cloneSession(session);
+  }
+  get(id) {
+    const session = this.sessions.get(id);
+    return session ? cloneSession(session) : void 0;
+  }
+  update(session) {
+    const updated = {
+      ...session,
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      messages: session.messages.map((message) => ({ ...message })),
+      metadata: { ...session.metadata }
+    };
+    this.sessions.set(updated.id, cloneSession(updated));
+    return cloneSession(updated);
+  }
+  list() {
+    return [...this.sessions.values()].map(cloneSession);
+  }
+  delete(id) {
+    return this.sessions.delete(id);
+  }
+};
+var FileRuntimeSessionStore = class {
+  constructor(filePath) {
+    this.filePath = filePath;
+    mkdirSync(dirname(filePath), { recursive: true });
+    this.sessions = this.readSessionsFromDisk();
+  }
+  filePath;
+  sessions = /* @__PURE__ */ new Map();
+  create(options = {}) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const session = {
+      id: options.id ?? createSessionId(),
+      createdAt: now,
+      updatedAt: now,
+      mode: options.mode ?? "ask",
+      messages: options.messages ? options.messages.map((message) => ({ ...message })) : [],
+      instructions: options.instructions,
+      metadata: { ...options.metadata }
+    };
+    const sessions = this.readSessionsFromDisk();
+    sessions.set(session.id, cloneSession(session));
+    this.sessions = sessions;
+    this.persist(sessions);
+    return cloneSession(session);
+  }
+  get(id) {
+    this.sessions = this.readSessionsFromDisk();
+    const session = this.sessions.get(id);
+    return session ? cloneSession(session) : void 0;
+  }
+  update(session) {
+    const updated = {
+      ...session,
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      messages: session.messages.map((message) => ({ ...message })),
+      metadata: { ...session.metadata }
+    };
+    const sessions = this.readSessionsFromDisk();
+    sessions.set(updated.id, cloneSession(updated));
+    this.sessions = sessions;
+    this.persist(sessions);
+    return cloneSession(updated);
+  }
+  list() {
+    this.sessions = this.readSessionsFromDisk();
+    return [...this.sessions.values()].map(cloneSession);
+  }
+  delete(id) {
+    const sessions = this.readSessionsFromDisk();
+    const deleted = sessions.delete(id);
+    this.sessions = sessions;
+    if (deleted) this.persist(sessions);
+    return deleted;
+  }
+  readSessionsFromDisk() {
+    let raw;
+    try {
+      raw = readFileSync(this.filePath, "utf-8");
+    } catch (error) {
+      if (error && typeof error === "object" && "code" in error && error.code === "ENOENT") {
+        return /* @__PURE__ */ new Map();
+      }
+      throw error;
+    }
+    if (!raw.trim()) return /* @__PURE__ */ new Map();
+    const parsed = JSON.parse(raw);
+    if (parsed.version !== 1 || !Array.isArray(parsed.sessions)) {
+      throw new Error(`Unsupported runtime session store format: ${this.filePath}`);
+    }
+    return new Map(parsed.sessions.map((session) => [session.id, cloneSession(session)]));
+  }
+  persist(sessions) {
+    const payload = {
+      version: 1,
+      sessions: [...sessions.values()].map(cloneSession)
+    };
+    const tempPath = `${this.filePath}.${randomUUID()}.tmp`;
+    writeFileSync(tempPath, JSON.stringify(payload, null, 2) + "\n", "utf-8");
+    renameSync(tempPath, this.filePath);
+  }
+};
+function createRuntimeSessionStore() {
+  return new InMemoryRuntimeSessionStore();
+}
+function createFileRuntimeSessionStore(filePath) {
+  return new FileRuntimeSessionStore(filePath);
+}
+
+// src/runtime/workflow-registry.ts
+function cloneWorkflow(workflow) {
+  return {
+    ...workflow,
+    checks: [...workflow.checks],
+    steps: workflow.steps.map((step) => ({
+      ...step,
+      requiredTools: [...step.requiredTools]
+    }))
+  };
+}
+var WorkflowCatalog = class {
+  workflows = /* @__PURE__ */ new Map();
+  constructor(workflows = DEFAULT_WORKFLOWS) {
+    for (const workflow of workflows) {
+      this.register(workflow);
+    }
+  }
+  register(workflow) {
+    this.workflows.set(workflow.id, cloneWorkflow(workflow));
+  }
+  get(id) {
+    const workflow = this.workflows.get(id);
+    return workflow ? cloneWorkflow(workflow) : void 0;
+  }
+  list() {
+    return [...this.workflows.values()].map(cloneWorkflow).sort((a, b) => a.id.localeCompare(b.id));
+  }
+  createPlan(workflowId, input, eventLog) {
+    const workflow = this.get(workflowId);
+    if (!workflow) {
+      throw new Error(`Unknown workflow: ${workflowId}`);
+    }
+    const plan = {
+      id: `${workflowId}-${Date.now().toString(36)}`,
+      workflowId,
+      input,
+      status: "planned",
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    eventLog?.record("workflow.planned", {
+      workflowId,
+      planId: plan.id,
+      replayable: workflow.replayable,
+      checks: workflow.checks
+    });
+    return plan;
+  }
+};
+var DEFAULT_WORKFLOWS = [
+  {
+    id: "architect-editor-verifier",
+    name: "Architect / Editor / Verifier",
+    description: "Plan read-only, apply approved changes, then verify and summarize risks.",
+    inputSchema: "task: string; approvedPlan?: string",
+    outputKind: "patch",
+    replayable: true,
+    checks: ["pnpm check", "diff summary", "review risks"],
+    steps: [
+      {
+        id: "architect",
+        description: "Inspect context and produce a read-only implementation plan.",
+        requiredTools: ["repo_context", "read_file", "git_diff"],
+        risk: "read-only"
+      },
+      {
+        id: "editor",
+        description: "Apply the approved plan without reinterpreting the objective.",
+        requiredTools: ["read_file", "edit_file", "write_file"],
+        risk: "write"
+      },
+      {
+        id: "verifier",
+        description: "Run checks, review diff, and report residual risk.",
+        requiredTools: ["bash_exec", "git_diff", "review_code"],
+        risk: "destructive"
+      }
+    ]
+  },
+  {
+    id: "provider-diagnosis",
+    name: "Provider Diagnosis",
+    description: "Probe provider/model capabilities, endpoint strategy, credentials, and fallbacks.",
+    inputSchema: "provider?: string; model?: string; live?: boolean",
+    outputKind: "json",
+    replayable: true,
+    checks: ["provider capability matrix", "optional live probe"],
+    steps: [
+      {
+        id: "capability",
+        description: "Resolve catalog metadata and runtime endpoint strategy.",
+        requiredTools: [],
+        risk: "read-only"
+      },
+      {
+        id: "fallbacks",
+        description: "Suggest fallback provider/model choices when unsupported.",
+        requiredTools: [],
+        risk: "read-only"
+      }
+    ]
+  },
+  {
+    id: "review-pr",
+    name: "Review PR",
+    description: "Review a branch or PR read-only and emit severity-ranked findings.",
+    inputSchema: "target: string",
+    outputKind: "markdown",
+    replayable: true,
+    checks: ["git diff", "tests gap review", "security review"],
+    steps: [
+      {
+        id: "collect-diff",
+        description: "Collect PR diff and related context.",
+        requiredTools: ["git_diff", "repo_context"],
+        risk: "read-only"
+      },
+      {
+        id: "findings",
+        description: "Produce prioritized findings with file and line references.",
+        requiredTools: ["read_file", "review_code"],
+        risk: "read-only"
+      }
+    ]
+  },
+  {
+    id: "best-of-n",
+    name: "Best Of N",
+    description: "Run multiple isolated attempts, score them, and select a winning patch.",
+    inputSchema: "task: string; attempts: number",
+    outputKind: "patch",
+    replayable: true,
+    checks: ["worktree isolation", "checks pass", "diff risk score"],
+    steps: [
+      {
+        id: "fanout",
+        description: "Create isolated attempts in temporary worktrees.",
+        requiredTools: ["git_status", "bash_exec"],
+        risk: "destructive"
+      },
+      {
+        id: "score",
+        description: "Run checks and compare quality, cost, latency, and diff risk.",
+        requiredTools: ["bash_exec", "git_diff"],
+        risk: "destructive"
+      },
+      {
+        id: "apply-winner",
+        description: "Apply the winning patch only if conservative checks pass.",
+        requiredTools: ["git_diff", "edit_file"],
+        risk: "write"
+      }
+    ]
+  },
+  {
+    id: "release",
+    name: "Release",
+    description: "Follow the project release skill: changelog, version bump, PR, merge, tag, publish verify.",
+    inputSchema: "bump?: patch|minor|major",
+    outputKind: "release",
+    replayable: true,
+    checks: ["pnpm check", "PR checks", "release.yml", "npm view"],
+    steps: [
+      {
+        id: "preflight",
+        description: "Verify branch, clean tree, GitHub auth, and remote state.",
+        requiredTools: ["git_status", "bash_exec"],
+        risk: "destructive"
+      },
+      {
+        id: "version",
+        description: "Update changelog and package versions using the release skill.",
+        requiredTools: ["read_file", "edit_file", "bash_exec"],
+        risk: "destructive"
+      },
+      {
+        id: "publish",
+        description: "Merge release PR, tag main, and verify release workflow outputs.",
+        requiredTools: ["bash_exec"],
+        risk: "destructive"
+      }
+    ]
+  }
+];
+var WorkflowRegistry = WorkflowCatalog;
+function createWorkflowCatalog(workflows) {
+  return new WorkflowCatalog(workflows);
+}
+function createWorkflowRegistry(workflows) {
+  return createWorkflowCatalog(workflows);
+}
+
+// src/runtime/workflow-engine.ts
+var WorkflowEngine = class {
+  constructor(catalog = createWorkflowCatalog(), eventLog = createEventLog()) {
+    this.catalog = catalog;
+    this.eventLog = eventLog;
+  }
+  catalog;
+  eventLog;
+  handlers = /* @__PURE__ */ new Map();
+  registerHandler(workflowId, handler) {
+    if (!this.catalog.get(workflowId)) {
+      throw new Error(`Unknown workflow: ${workflowId}`);
+    }
+    this.handlers.set(workflowId, handler);
+  }
+  createPlan(workflowId, input) {
+    return this.catalog.createPlan(workflowId, input, this.eventLog);
+  }
+  async run(request) {
+    const workflow = this.catalog.get(request.workflowId);
+    if (!workflow) {
+      throw new Error(`Unknown workflow: ${request.workflowId}`);
+    }
+    const handler = this.handlers.get(request.workflowId);
+    if (!handler) {
+      throw new Error(`No handler registered for workflow: ${request.workflowId}`);
+    }
+    const plan = request.plan ?? this.createPlan(request.workflowId, request.input);
+    const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const runId = `${request.workflowId}-run-${Date.now().toString(36)}`;
+    this.eventLog.record("workflow.started", {
+      workflowId: request.workflowId,
+      planId: plan.id,
+      runId
+    });
+    try {
+      const output = await handler(request.input, {
+        workflow,
+        plan,
+        eventLog: this.eventLog
+      });
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const result = {
+        id: runId,
+        workflowId: request.workflowId,
+        status: "completed",
+        output,
+        startedAt,
+        completedAt
+      };
+      this.eventLog.record("workflow.completed", {
+        workflowId: request.workflowId,
+        planId: plan.id,
+        runId
+      });
+      return result;
+    } catch (error) {
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const message = error instanceof Error ? error.message : String(error);
+      this.eventLog.record("workflow.failed", {
+        workflowId: request.workflowId,
+        planId: plan.id,
+        runId,
+        error: message
+      });
+      return {
+        id: runId,
+        workflowId: request.workflowId,
+        status: "failed",
+        output: null,
+        startedAt,
+        completedAt,
+        error: message
+      };
+    }
+  }
+};
+function createWorkflowEngine(catalog, eventLog) {
+  return new WorkflowEngine(catalog, eventLog);
+}
+
+// src/runtime/agent-runtime.ts
+var AgentRuntime = class {
+  constructor(options) {
+    this.options = options;
+    this.providerRegistry = createProviderRegistry();
+    this.toolRegistry = options.toolRegistry ?? createFullToolRegistry();
+    this.sessionStore = options.sessionStore;
+    this.runtimeSessionStore = options.runtimeSessionStore ?? createRuntimeSessionStore();
+    this.eventLog = options.eventLog ?? (options.eventLogPath ? createFileEventLog(options.eventLogPath) : createEventLog());
+    this.workflowEngine = options.workflowEngine ?? createWorkflowEngine(void 0, this.eventLog);
+    this.permissionPolicy = options.permissionPolicy ?? createPermissionPolicy();
+    this.turnRunner = options.turnRunner ?? createDefaultRuntimeTurnRunner();
+    this.providerType = options.providerType;
+    this.model = options.model ?? options.providerConfig?.model ?? getDefaultModel(options.providerType);
+  }
+  options;
+  providerRegistry;
+  toolRegistry;
+  sessionStore;
+  runtimeSessionStore;
+  workflowEngine;
+  permissionPolicy;
+  eventLog;
+  turnRunner;
+  providerType;
+  model;
+  provider;
+  async initialize() {
+    const providerInjected = Boolean(this.options.provider);
+    const provider = this.options.provider ?? await this.providerRegistry.createProvider(this.providerType, {
+      ...this.options.providerConfig,
+      model: this.getModel()
+    });
+    this.provider = provider;
+    this.publishToGlobalBridge(provider);
+    this.eventLog.record(providerInjected ? "provider.attached" : "provider.created", {
+      provider: this.providerType,
+      model: this.getModel(),
+      createdByRuntime: !providerInjected
+    });
+    this.eventLog.record("runtime.initialized", { snapshot: this.snapshot() });
+  }
+  getModel() {
+    return this.model;
+  }
+  updateProvider(providerType, model2, provider) {
+    this.providerType = providerType;
+    this.model = model2 ?? getDefaultModel(providerType);
+    this.provider = provider;
+    this.publishToGlobalBridge(provider);
+    this.eventLog.record("provider.updated", {
+      provider: this.providerType,
+      model: this.model
+    });
+  }
+  publishToGlobalBridge(provider) {
+    if (this.options.publishToGlobalBridge !== true) return;
+    setAgentProvider(provider);
+    setAgentToolRegistry(this.toolRegistry);
+  }
+  snapshot() {
+    const capability = this.providerRegistry.getCapability(this.providerType, this.getModel());
+    const toolNames = this.toolRegistry.getAll().map((tool) => tool.name).sort();
+    return {
+      provider: {
+        type: this.providerType,
+        model: this.getModel(),
+        capability
+      },
+      tools: {
+        count: toolNames.length,
+        names: toolNames
+      },
+      modes: listAgentModes()
+    };
+  }
+  createSession(options = {}) {
+    const session = this.runtimeSessionStore.create(options);
+    this.eventLog.record("session.created", {
+      sessionId: session.id,
+      mode: session.mode,
+      metadataKeys: Object.keys(session.metadata).sort()
+    });
+    return session;
+  }
+  getSession(sessionId) {
+    return this.runtimeSessionStore.get(sessionId);
+  }
+  listSessions() {
+    return this.runtimeSessionStore.list();
+  }
+  async runTurn(input) {
+    const provider = this.provider;
+    if (!provider) {
+      throw new Error("Runtime provider is not initialized.");
+    }
+    const session = input.sessionId ? this.runtimeSessionStore.get(input.sessionId) : this.createSession({ mode: input.mode, metadata: input.metadata });
+    if (!session) {
+      throw new Error(`Runtime session not found: ${input.sessionId}`);
+    }
+    const effectiveSession = input.mode && input.mode !== session.mode ? { ...session, mode: input.mode } : session;
+    this.eventLog.record("turn.started", {
+      sessionId: effectiveSession.id,
+      provider: this.providerType,
+      model: this.getModel(),
+      mode: effectiveSession.mode,
+      runtimeApi: true
+    });
+    try {
+      const result = await this.turnRunner.run(input, {
+        runtime: this,
+        session: effectiveSession,
+        provider,
+        toolRegistry: this.toolRegistry,
+        permissionPolicy: this.permissionPolicy,
+        eventLog: this.eventLog
+      });
+      const updatedSession = this.runtimeSessionStore.update({
+        ...effectiveSession,
+        messages: [
+          ...effectiveSession.messages,
+          { role: "user", content: input.content },
+          { role: "assistant", content: result.content }
+        ]
+      });
+      this.eventLog.record("session.updated", {
+        sessionId: updatedSession.id,
+        messages: updatedSession.messages.length
+      });
+      this.eventLog.record("turn.completed", {
+        sessionId: updatedSession.id,
+        inputTokens: result.usage.inputTokens,
+        outputTokens: result.usage.outputTokens,
+        model: result.model,
+        runtimeApi: true
+      });
+      return { ...result, sessionId: updatedSession.id, mode: updatedSession.mode };
+    } catch (error) {
+      this.eventLog.record("turn.failed", {
+        sessionId: effectiveSession.id,
+        error: error instanceof Error ? error.message : String(error),
+        runtimeApi: true
+      });
+      throw error;
+    }
+  }
+  async *streamTurn(input) {
+    const provider = this.provider;
+    if (!provider) {
+      throw new Error("Runtime provider is not initialized.");
+    }
+    const session = input.sessionId ? this.runtimeSessionStore.get(input.sessionId) : this.createSession({ mode: input.mode, metadata: input.metadata });
+    if (!session) {
+      throw new Error(`Runtime session not found: ${input.sessionId}`);
+    }
+    const effectiveSession = input.mode && input.mode !== session.mode ? { ...session, mode: input.mode } : session;
+    const messages = [
+      ...effectiveSession.messages,
+      {
+        role: "user",
+        content: input.content
+      }
+    ];
+    this.eventLog.record("turn.started", {
+      sessionId: effectiveSession.id,
+      provider: this.providerType,
+      model: this.getModel(),
+      mode: effectiveSession.mode,
+      streaming: true,
+      runtimeApi: true
+    });
+    let content = "";
+    let completed = false;
+    let failed = false;
+    try {
+      for await (const chunk of provider.stream(messages, {
+        model: input.options?.model,
+        maxTokens: input.options?.maxTokens,
+        temperature: input.options?.temperature,
+        stopSequences: input.options?.stopSequences,
+        system: effectiveSession.instructions ?? input.options?.system,
+        timeout: input.options?.timeout,
+        signal: input.options?.signal,
+        thinking: input.options?.thinking
+      })) {
+        if (chunk.type === "text" && chunk.text) {
+          content += chunk.text;
+          yield {
+            type: "text",
+            sessionId: effectiveSession.id,
+            text: chunk.text
+          };
+        }
+      }
+      const updatedSession = this.runtimeSessionStore.update({
+        ...effectiveSession,
+        messages: [
+          ...effectiveSession.messages,
+          { role: "user", content: input.content },
+          { role: "assistant", content }
+        ]
+      });
+      const result = {
+        sessionId: updatedSession.id,
+        content,
+        usage: {
+          inputTokens: provider.countTokens(input.content),
+          outputTokens: provider.countTokens(content),
+          estimated: true
+        },
+        model: input.options?.model ?? this.getModel(),
+        mode: updatedSession.mode
+      };
+      this.eventLog.record("session.updated", {
+        sessionId: updatedSession.id,
+        messages: updatedSession.messages.length
+      });
+      this.eventLog.record("turn.completed", {
+        sessionId: updatedSession.id,
+        inputTokens: result.usage.inputTokens,
+        outputTokens: result.usage.outputTokens,
+        model: result.model,
+        streaming: true,
+        runtimeApi: true
+      });
+      completed = true;
+      yield { type: "done", sessionId: updatedSession.id, result };
+    } catch (error) {
+      failed = true;
+      const message = error instanceof Error ? error.message : String(error);
+      this.eventLog.record("turn.failed", {
+        sessionId: effectiveSession.id,
+        error: message,
+        streaming: true,
+        runtimeApi: true
+      });
+      yield {
+        type: "error",
+        sessionId: effectiveSession.id,
+        error: message
+      };
+    } finally {
+      if (!completed && !failed) {
+        this.eventLog.record("turn.cancelled", {
+          sessionId: effectiveSession.id,
+          outputTokens: provider.countTokens(content),
+          streaming: true,
+          runtimeApi: true
+        });
+      }
+    }
+  }
+  async executeTool(input) {
+    const startedAt = performance.now();
+    const session = input.sessionId ? this.getSession(input.sessionId) : void 0;
+    if (input.sessionId && !session) {
+      const decision2 = {
+        allowed: false,
+        reason: `Runtime session not found: ${input.sessionId}`,
+        risk: "read-only"
+      };
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode: input.mode ?? "ask",
+        tool: input.toolName,
+        reason: decision2.reason,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: decision2.reason,
+        duration: performance.now() - startedAt,
+        decision: decision2
+      };
+    }
+    const mode = input.mode ?? session?.mode ?? "ask";
+    const tool = this.toolRegistry.get(input.toolName);
+    if (!tool) {
+      const decision2 = {
+        allowed: false,
+        reason: "Tool not registered.",
+        risk: "read-only"
+      };
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode,
+        tool: input.toolName,
+        reason: decision2.reason,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: decision2.reason,
+        duration: performance.now() - startedAt,
+        decision: decision2
+      };
+    }
+    const decision = this.permissionPolicy.canExecuteToolInput ? this.permissionPolicy.canExecuteToolInput(mode, tool, input.input) : this.permissionPolicy.canExecuteTool(mode, tool);
+    if (!decision.allowed || decision.requiresConfirmation && input.confirmed !== true) {
+      const reason = decision.reason ?? (decision.requiresConfirmation ? "Tool requires explicit runtime confirmation." : "Tool is not allowed.");
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode,
+        tool: input.toolName,
+        reason,
+        risk: decision.risk,
+        requiresConfirmation: decision.requiresConfirmation,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: reason,
+        duration: performance.now() - startedAt,
+        decision
+      };
+    }
+    this.eventLog.record("tool.started", {
+      sessionId: input.sessionId,
+      mode,
+      tool: input.toolName,
+      risk: decision.risk,
+      runtimeApi: true,
+      metadataKeys: Object.keys(input.metadata ?? {}).sort()
+    });
+    const result = await this.toolRegistry.execute(input.toolName, input.input);
+    this.eventLog.record("tool.completed", {
+      sessionId: input.sessionId,
+      mode,
+      tool: input.toolName,
+      success: result.success,
+      duration: result.duration,
+      runtimeApi: true
+    });
+    return {
+      toolName: input.toolName,
+      success: result.success,
+      output: result.data,
+      error: result.error,
+      duration: result.duration,
+      decision
+    };
+  }
+  assertToolAllowed(mode, toolName, input) {
+    const tool = this.toolRegistry.get(toolName);
+    if (!tool) {
+      this.eventLog.record("tool.blocked", {
+        mode,
+        tool: toolName,
+        reason: "Tool not registered."
+      });
+      return false;
+    }
+    const decision = input && this.permissionPolicy.canExecuteToolInput ? this.permissionPolicy.canExecuteToolInput(mode, tool, input) : this.permissionPolicy.canExecuteTool(mode, tool);
+    this.eventLog.record(decision.allowed ? "tool.allowed" : "tool.blocked", {
+      mode,
+      tool: toolName,
+      ...decision
+    });
+    return decision.allowed;
+  }
+};
+async function createAgentRuntime(options) {
+  const runtime = new AgentRuntime(options);
+  await runtime.initialize();
+  return runtime;
+}
+var HttpRequestError = class extends Error {
+  constructor(message, status) {
+    super(message);
+    this.status = status;
+  }
+  status;
+};
+async function readJsonBody(request, maxBodyBytes) {
+  const chunks = [];
+  let size = 0;
+  for await (const chunk of request) {
+    const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+    size += buffer.length;
+    if (size > maxBodyBytes) {
+      throw new HttpRequestError(`Request body exceeds ${maxBodyBytes} bytes.`, 413);
+    }
+    chunks.push(buffer);
+  }
+  const raw = Buffer.concat(chunks).toString("utf-8").trim();
+  try {
+    return raw ? JSON.parse(raw) : {};
+  } catch {
+    throw new HttpRequestError("Invalid JSON request body.", 400);
+  }
+}
+function sendJson(response, status, body) {
+  response.statusCode = status;
+  response.setHeader("content-type", "application/json; charset=utf-8");
+  response.end(JSON.stringify(body, null, 2));
+}
+function notFound(response) {
+  sendJson(response, 404, { error: "Not found" });
+}
+function assertValidMode(mode) {
+  if (mode === void 0) return void 0;
+  if (typeof mode === "string" && isAgentMode(mode)) return mode;
+  throw new HttpRequestError("Invalid runtime mode.", 400);
+}
+function createRuntimeHttpServer(runtime, options = {}) {
+  const maxBodyBytes = options.maxBodyBytes ?? 1024 * 1024;
+  return createServer(async (request, response) => {
+    try {
+      const url = new URL(request.url ?? "/", "http://localhost");
+      const parts = url.pathname.split("/").filter(Boolean);
+      if (request.method === "POST" && url.pathname === "/sessions") {
+        const body = await readJsonBody(request, maxBodyBytes);
+        const session = runtime.createSession({
+          mode: assertValidMode(body.mode),
+          instructions: body.instructions,
+          metadata: body.metadata
+        });
+        sendJson(response, 201, session);
+        return;
+      }
+      if (request.method === "GET" && parts[0] === "sessions" && parts[1] && parts.length === 2) {
+        const session = runtime.getSession(parts[1]);
+        if (!session) {
+          notFound(response);
+          return;
+        }
+        sendJson(response, 200, session);
+        return;
+      }
+      if (request.method === "POST" && parts[0] === "sessions" && parts[1] && parts[2] === "messages") {
+        const body = await readJsonBody(request, maxBodyBytes);
+        if (!body.content || typeof body.content !== "string") {
+          sendJson(response, 400, { error: "content is required" });
+          return;
+        }
+        if (!runtime.getSession(parts[1])) {
+          notFound(response);
+          return;
+        }
+        const result = await runtime.runTurn({
+          ...body,
+          mode: assertValidMode(body.mode),
+          sessionId: parts[1]
+        });
+        sendJson(response, 200, result);
+        return;
+      }
+      if (request.method === "GET" && parts[0] === "sessions" && parts[1] && parts[2] === "events") {
+        const events = runtime.eventLog.list().filter((event) => event.data["sessionId"] === parts[1]);
+        sendJson(response, 200, { events });
+        return;
+      }
+      if (request.method === "GET" && url.pathname === "/state") {
+        sendJson(response, 200, runtime.snapshot());
+        return;
+      }
+      notFound(response);
+    } catch (error) {
+      const status = error instanceof HttpRequestError ? error.status : 500;
+      sendJson(response, status, {
+        error: error instanceof Error ? error.message : String(error)
+      });
+    }
+  });
+}
+
+// src/runtime/extension-manifests.ts
+function createMcpToolPolicy(server, tool, risk, allowedModes = ["ask", "plan", "build", "debug", "review", "architect"]) {
+  return {
+    server,
+    tool,
+    risk,
+    requiresConfirmation: risk === "destructive" || risk === "secrets-sensitive",
+    allowedModes
+  };
+}
+
 // src/index.ts
 init_errors();
 init_logger();
 init_proxy();
 
-export { ADRGenerator, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DiscoveryEngine, DockerGenerator, DocsGenerator, OrchestrateExecutor, OutputExecutor, PhaseError, SessionManager, SpecificationGenerator, TaskError, TaskIterator, ToolRegistry, VERSION, configExists, createADRGenerator, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCompleteExecutor, createConvergeExecutor, createDefaultConfig, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createFullToolRegistry, createLogger, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createProvider, createSessionManager, createSpecificationGenerator, createTaskIterator, createToolRegistry, installProxyDispatcher, loadConfig, registerAllTools, saveConfig };
+export { ADRGenerator, AGENT_MODES, AgentRuntime, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DEFAULT_WORKFLOWS, DefaultPermissionPolicy, DefaultRuntimeTurnRunner, DiscoveryEngine, DockerGenerator, DocsGenerator, FileEventLog, FileRuntimeSessionStore, InMemoryEventLog, InMemoryRuntimeSessionStore, OrchestrateExecutor, OutputExecutor, PhaseError, ProviderRegistry, SessionManager, SpecificationGenerator, TaskError, TaskIterator, ToolRegistry, VERSION, WorkflowCatalog, WorkflowEngine, WorkflowRegistry, configExists, createADRGenerator, createAgentRuntime, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCompleteExecutor, createConvergeExecutor, createDefaultConfig, createDefaultRuntimeTurnRunner, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createEventLog, createFileEventLog, createFileRuntimeSessionStore, createFullToolRegistry, createLogger, createMcpToolPolicy, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createPermissionPolicy, createProvider, createProviderRegistry, createRuntimeHttpServer, createRuntimeSessionStore, createSessionManager, createSpecificationGenerator, createTaskIterator, createToolRegistry, createWorkflowCatalog, createWorkflowEngine, createWorkflowRegistry, getAgentMode, installProxyDispatcher, isAgentMode, listAgentModes, loadConfig, registerAllTools, saveConfig };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map