@corbat-tech/coco 2.36.0 → 2.38.0

package/dist/index.js

@@ -1,12 +1,13 @@
 import { Logger } from 'tslog';
 import * as fs4 from 'fs';
-import fs4__default, { readFileSync, mkdirSync, appendFileSync, writeFileSync, constants } from 'fs';
+import fs4__default, { readFileSync, mkdirSync, appendFileSync, writeFileSync, renameSync, constants } from 'fs';
 import * as path17 from 'path';
 import path17__default, { dirname, join, basename, resolve } from 'path';
 import * as fs16 from 'fs/promises';
-import fs16__default, { access, readFile, readdir, writeFile, mkdir, rm } from 'fs/promises';
+import fs16__default, { access, readFile, readdir, writeFile, mkdir } from 'fs/promises';
 import { randomUUID, randomBytes, createHash } from 'crypto';
 import * as http from 'http';
+import { createServer } from 'http';
 import { fileURLToPath, URL as URL$1 } from 'url';
 import { exec, execFile, execSync, execFileSync, spawn } from 'child_process';
 import { setGlobalDispatcher, EnvHttpProxyAgent } from 'undici';
@@ -10607,16 +10608,16 @@ var QualityEvaluator = class {
    * Find source files in project, adapting to the detected language stack.
    */
   async findSourceFiles() {
-    const { access: access14 } = await import('fs/promises');
-    const { join: join20 } = await import('path');
+    const { access: access13 } = await import('fs/promises');
+    const { join: join19 } = await import('path');
     let isJava = false;
     try {
-      await access14(join20(this.projectPath, "pom.xml"));
+      await access13(join19(this.projectPath, "pom.xml"));
       isJava = true;
     } catch {
       for (const f of ["build.gradle", "build.gradle.kts"]) {
         try {
-          await access14(join20(this.projectPath, f));
+          await access13(join19(this.projectPath, f));
           isJava = true;
           break;
         } catch {
@@ -19437,6 +19438,199 @@ z.string().regex(
 // src/cli/repl/agents/manager.ts
 init_logger();
 
+// src/runtime/multi-agent.ts
+var SharedWorkspaceState = class {
+  facts = /* @__PURE__ */ new Map();
+  decisions = /* @__PURE__ */ new Map();
+  risks = /* @__PURE__ */ new Map();
+  files = /* @__PURE__ */ new Map();
+  testResults = /* @__PURE__ */ new Map();
+  artifacts = [];
+  writeFact(key, value) {
+    this.facts.set(key, value);
+  }
+  recordDecision(key, value) {
+    this.decisions.set(key, value);
+  }
+  recordRisk(key, value) {
+    this.risks.set(key, value);
+  }
+  recordFile(path44, value) {
+    this.files.set(path44, value);
+  }
+  recordTestResult(key, value) {
+    this.testResults.set(key, value);
+  }
+  addArtifact(artifact) {
+    this.artifacts.push(cloneArtifact(artifact));
+  }
+  readForRole(role) {
+    const includeSensitive = role === "security" || role === "integrator" || role === "pm";
+    return {
+      facts: Object.fromEntries(this.facts),
+      decisions: Object.fromEntries(this.decisions),
+      risks: includeSensitive ? Object.fromEntries(this.risks) : {},
+      files: Object.fromEntries(this.files),
+      testResults: Object.fromEntries(this.testResults),
+      artifacts: this.artifacts.filter((artifact) => includeSensitive || artifact.kind !== "riskReport").map(cloneArtifact)
+    };
+  }
+  snapshot() {
+    return {
+      facts: Object.fromEntries(this.facts),
+      decisions: Object.fromEntries(this.decisions),
+      risks: Object.fromEntries(this.risks),
+      files: Object.fromEntries(this.files),
+      testResults: Object.fromEntries(this.testResults),
+      artifacts: this.artifacts.map(cloneArtifact)
+    };
+  }
+};
+function createAgentArtifact(input) {
+  return {
+    ...input,
+    id: input.id ?? `artifact-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 8)}`,
+    createdAt: input.createdAt ?? (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function createSummaryArtifact(output, metadata = {}) {
+  return createAgentArtifact({
+    kind: "summary",
+    content: output,
+    title: metadata.title ?? "Agent summary",
+    agentRunId: metadata.agentRunId,
+    taskId: metadata.taskId
+  });
+}
+function normalizeAgentRunResult(input) {
+  const completedAt = input.completedAt ?? (/* @__PURE__ */ new Date()).toISOString();
+  const startedAt = input.startedAt ?? completedAt;
+  const status = input.status ?? (input.success ? "completed" : "failed");
+  const artifacts = input.artifacts && input.artifacts.length > 0 ? input.artifacts.map(cloneArtifact) : [createSummaryArtifact(input.output, { agentRunId: input.id, taskId: input.taskId })];
+  return {
+    id: input.id,
+    taskId: input.taskId,
+    role: input.role,
+    status,
+    success: input.success,
+    output: input.output,
+    artifacts,
+    toolsUsed: [...input.toolsUsed ?? []],
+    turns: input.turns ?? 0,
+    durationMs: input.durationMs ?? 0,
+    usage: input.usage,
+    error: input.error,
+    startedAt,
+    completedAt,
+    metadata: input.metadata
+  };
+}
+function validateAgentCapabilities(capability, requiredTools = []) {
+  const allowed = new Set(capability.allowedTools);
+  return requiredTools.filter((tool) => !allowed.has(tool)).map((tool) => ({
+    code: "missing-dependency",
+    message: `Tool '${tool}' is not allowed for agent role '${capability.role}'.`
+  }));
+}
+function validateAgentGraph(graph) {
+  const issues = [];
+  const nodeIds = /* @__PURE__ */ new Set();
+  const gateIds = new Set((graph.gates ?? []).map((gate) => gate.id));
+  if (graph.parallelism !== void 0 && graph.parallelism < 1) {
+    issues.push({
+      code: "invalid-parallelism",
+      message: "Graph parallelism must be greater than zero."
+    });
+  }
+  for (const node of graph.nodes) {
+    if (nodeIds.has(node.id)) {
+      issues.push({
+        code: "duplicate-node",
+        message: `Duplicate graph node '${node.id}'.`,
+        nodeId: node.id
+      });
+    }
+    nodeIds.add(node.id);
+    if (node.retryPolicy && node.retryPolicy.maxAttempts < 1) {
+      issues.push({
+        code: "invalid-retry-policy",
+        message: `Node '${node.id}' retry policy must allow at least one attempt.`,
+        nodeId: node.id
+      });
+    }
+    for (const dep of node.dependsOn ?? []) {
+      if (!nodeIds.has(dep) && !graph.nodes.some((candidate) => candidate.id === dep)) {
+        issues.push({
+          code: "missing-dependency",
+          message: `Node '${node.id}' depends on missing node '${dep}'.`,
+          nodeId: node.id
+        });
+      }
+    }
+    for (const gate of node.gates ?? []) {
+      if (!gateIds.has(gate)) {
+        issues.push({
+          code: "missing-gate",
+          message: `Node '${node.id}' references missing gate '${gate}'.`,
+          nodeId: node.id,
+          gateId: gate
+        });
+      }
+    }
+  }
+  for (const edge of graph.edges ?? []) {
+    if (!nodeIds.has(edge.from)) {
+      issues.push({
+        code: "missing-edge-node",
+        message: `Graph edge references missing source node '${edge.from}'.`,
+        nodeId: edge.from
+      });
+    }
+    if (!nodeIds.has(edge.to)) {
+      issues.push({
+        code: "missing-edge-node",
+        message: `Graph edge references missing target node '${edge.to}'.`,
+        nodeId: edge.to
+      });
+    }
+  }
+  const levels = buildExecutionLevels(graph, issues);
+  return { valid: issues.length === 0, issues, levels };
+}
+function buildExecutionLevels(graph, issues) {
+  const dependencies = /* @__PURE__ */ new Map();
+  for (const node of graph.nodes) {
+    dependencies.set(node.id, new Set(node.dependsOn ?? []));
+  }
+  for (const edge of graph.edges ?? []) {
+    if (dependencies.has(edge.to)) {
+      dependencies.get(edge.to).add(edge.from);
+    }
+  }
+  const completed = /* @__PURE__ */ new Set();
+  const levels = [];
+  while (completed.size < dependencies.size) {
+    const level = [...dependencies.entries()].filter(([id, deps]) => !completed.has(id) && [...deps].every((dep) => completed.has(dep))).map(([id]) => id);
+    if (level.length === 0) {
+      const remaining = [...dependencies.keys()].filter((id) => !completed.has(id));
+      issues.push({
+        code: "cycle",
+        message: `Graph contains a cycle involving: ${remaining.join(", ")}.`
+      });
+      return levels;
+    }
+    for (const id of level) completed.add(id);
+    levels.push(level);
+  }
+  return levels;
+}
+function cloneArtifact(artifact) {
+  return {
+    ...artifact,
+    metadata: artifact.metadata ? { ...artifact.metadata } : void 0
+  };
+}
+
 // src/cli/repl/agents/prompts.ts
 var EXPLORE_PROMPT = `You are an exploration agent for Corbat-Coco.
 Your purpose is to search the codebase to answer questions and gather information.
@@ -20017,11 +20211,15 @@ var AgentManager = class extends EventEmitter {
       failedAgent.status = "failed";
       failedAgent.error = error;
       failedAgent.completedAt = /* @__PURE__ */ new Date();
-      return {
+      return this.buildResult({
         agent: failedAgent,
         success: false,
-        output: error
-      };
+        output: error,
+        turns: 0,
+        toolsUsed: [],
+        startedAt: failedAgent.createdAt.toISOString(),
+        usage: { inputTokens: 0, outputTokens: 0 }
+      });
     }
     const agent = this.createAgent(type, task);
     this.activeAgents.set(agent.id, agent);
@@ -20073,11 +20271,15 @@ var AgentManager = class extends EventEmitter {
       options.onStatusChange?.(agent);
       this.logger.error(`Agent ${agent.id} failed unexpectedly`, { error: errorMessage });
       this.emitEvent("fail", agent);
-      return {
+      return this.buildResult({
         agent,
         success: false,
-        output: errorMessage
-      };
+        output: errorMessage,
+        turns: 0,
+        toolsUsed: [],
+        startedAt: agent.createdAt.toISOString(),
+        usage: { inputTokens: 0, outputTokens: 0 }
+      });
     }
   }
   /**
@@ -20198,6 +20400,8 @@ var AgentManager = class extends EventEmitter {
     let finalOutput = "";
     let iteration = 0;
     const maxTurns = config.maxTurns ?? 10;
+    const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const toolsUsed = /* @__PURE__ */ new Set();
     while (iteration < maxTurns) {
       iteration++;
       if (options.signal?.aborted) {
@@ -20206,12 +20410,15 @@ var AgentManager = class extends EventEmitter {
         agent.completedAt = /* @__PURE__ */ new Date();
         this.moveToCompleted(agent.id);
         options.onStatusChange?.(agent);
-        return {
+        return this.buildResult({
           agent,
           success: false,
           output: "Agent execution was aborted",
+          turns: iteration,
+          toolsUsed: Array.from(toolsUsed),
+          startedAt,
           usage: { inputTokens: totalInputTokens, outputTokens: totalOutputTokens }
-        };
+        });
       }
       const response = await this.provider.chatWithTools(messages, {
         system: config.systemPrompt,
@@ -20228,7 +20435,7 @@ var AgentManager = class extends EventEmitter {
         messages.push({ role: "assistant", content: response.content });
         break;
       }
-      const toolResults = await this.executeToolCalls(response.toolCalls, config);
+      const toolResults = await this.executeToolCalls(response.toolCalls, config, toolsUsed);
       const toolUses = response.toolCalls.map((tc) => ({
         type: "tool_use",
         id: tc.id,
@@ -20252,12 +20459,15 @@ var AgentManager = class extends EventEmitter {
       iterations: iteration,
       outputLength: finalOutput.length
     });
-    return {
+    return this.buildResult({
       agent,
       success: true,
       output: finalOutput,
+      turns: iteration,
+      toolsUsed: Array.from(toolsUsed),
+      startedAt,
       usage: { inputTokens: totalInputTokens, outputTokens: totalOutputTokens }
-    };
+    });
   }
   /**
    * Get tool definitions filtered for the agent's allowed tools
@@ -20270,10 +20480,11 @@ var AgentManager = class extends EventEmitter {
   /**
    * Execute tool calls and return results
    */
-  async executeToolCalls(toolCalls, config) {
+  async executeToolCalls(toolCalls, config, toolsUsed) {
     const results = [];
     const allowedTools = new Set(config.tools);
     for (const toolCall of toolCalls) {
+      toolsUsed.add(toolCall.name);
       if (!allowedTools.has(toolCall.name)) {
         results.push({
           type: "tool_result",
@@ -20314,6 +20525,33 @@ var AgentManager = class extends EventEmitter {
       this.abortControllers.delete(agentId);
     }
   }
+  buildResult(input) {
+    const structuredResult = normalizeAgentRunResult({
+      id: `${input.agent.id}-run`,
+      taskId: input.agent.id,
+      role: agentTypeToRuntimeRole(input.agent.type),
+      success: input.success,
+      output: input.output,
+      turns: input.turns,
+      toolsUsed: input.toolsUsed,
+      usage: input.usage,
+      startedAt: input.startedAt,
+      durationMs: input.agent.completedAt ? input.agent.completedAt.getTime() - input.agent.createdAt.getTime() : 0,
+      status: input.success ? "completed" : "failed",
+      error: input.success ? void 0 : input.agent.error,
+      metadata: { agentType: input.agent.type }
+    });
+    return {
+      agent: input.agent,
+      success: input.success,
+      output: input.output,
+      artifacts: structuredResult.artifacts,
+      structuredResult,
+      toolsUsed: input.toolsUsed,
+      turns: input.turns,
+      usage: input.usage
+    };
+  }
   /**
    * Emit an agent event
    */
@@ -20323,6 +20561,31 @@ var AgentManager = class extends EventEmitter {
     this.emit("agent", event);
   }
 };
+function agentTypeToRuntimeRole(type) {
+  switch (type) {
+    case "explore":
+      return "researcher";
+    case "plan":
+      return "planner";
+    case "test":
+    case "e2e":
+    case "tdd":
+      return "tester";
+    case "debug":
+    case "refactor":
+      return "coder";
+    case "review":
+      return "reviewer";
+    case "architect":
+      return "architect";
+    case "security":
+      return "security";
+    case "docs":
+      return "docs";
+    case "database":
+      return "database";
+  }
+}
 
 // src/agents/provider-bridge.ts
 var agentProvider = null;
@@ -20352,302 +20615,142 @@ function getAgentManager() {
   return agentManagerInstance;
 }
 
-// src/cli/repl/modes.ts
-var AGENT_MODES = {
-  ask: {
-    id: "ask",
-    label: "Ask",
-    description: "Answer questions and explain code without modifying files.",
-    readOnly: true,
-    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_definition"],
-    requiresVerification: false
-  },
-  plan: {
-    id: "plan",
-    label: "Plan",
-    description: "Explore and produce an implementation plan with read-only tools.",
-    readOnly: true,
-    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_workspace_symbols"],
-    requiresVerification: false
-  },
-  build: {
-    id: "build",
-    label: "Build",
-    description: "Implement code changes and verify them.",
-    readOnly: false,
-    preferredTools: ["read_file", "edit_file", "write_file", "bash_exec", "run_tests"],
-    requiresVerification: true
-  },
-  debug: {
-    id: "debug",
-    label: "Debug",
-    description: "Reproduce failures, trace root cause, patch, and verify.",
-    readOnly: false,
-    preferredTools: ["bash_exec", "read_file", "grep", "lsp_references", "edit_file"],
-    requiresVerification: true
-  },
-  review: {
-    id: "review",
-    label: "Review",
-    description: "Inspect code quality, security, behavior changes, and test gaps.",
-    readOnly: true,
-    preferredTools: ["git_diff", "read_file", "grep", "review_code", "calculate_quality"],
-    requiresVerification: false
-  },
-  architect: {
-    id: "architect",
-    label: "Architect",
-    description: "Design architecture and split work for architect/editor execution.",
-    readOnly: true,
-    preferredTools: ["codebase_map", "lsp_workspace_symbols", "grep", "create_agent_plan"],
-    requiresVerification: false
-  }
-};
-function getAgentMode(mode) {
-  return AGENT_MODES[mode];
+// src/runtime/agent-runtime.ts
+init_env();
+var PUBLIC_WEB_TOOLS = /* @__PURE__ */ new Set(["search_public_docs", "list_public_services"]);
+var CUSTOMER_SUPPORT_TOOLS = /* @__PURE__ */ new Set([
+  "search_public_docs",
+  "knowledge_search",
+  "create_support_draft",
+  "request_human_escalation"
+]);
+function createNoToolRegistry() {
+  return new ToolRegistry();
 }
-function listAgentModes() {
-  return Object.values(AGENT_MODES);
+function createCodingToolRegistry() {
+  return createFullToolRegistry();
 }
-
-// src/cli/repl/sessions/storage.ts
-init_paths();
-var DEFAULT_CONFIG2 = {
-  storageDir: CONFIG_PATHS.sessions,
-  autoSaveInterval: 3e4,
-  maxSessionsPerProject: 20,
-  compressOldSessions: false
-};
-var SessionStore = class {
-  config;
-  initialized = false;
-  constructor(config = {}) {
-    this.config = { ...DEFAULT_CONFIG2, ...config };
-  }
-  async ensureInitialized() {
-    if (this.initialized) return;
-    await mkdir(this.config.storageDir, { recursive: true });
-    this.initialized = true;
-  }
-  getSessionFiles(sessionId) {
-    const sessionDir = this.getSessionDir(sessionId);
-    return {
-      metadata: join(sessionDir, "metadata.json"),
-      conversation: join(sessionDir, "conversation.jsonl"),
-      context: join(sessionDir, "context.json")
-    };
-  }
-  getSessionDir(sessionId) {
-    return join(this.config.storageDir, sessionId);
-  }
-  async exists(sessionId) {
-    try {
-      const files = this.getSessionFiles(sessionId);
-      await access(files.metadata);
-      return true;
-    } catch {
-      return false;
-    }
-  }
-  async save(session) {
-    await this.ensureInitialized();
-    const files = this.getSessionFiles(session.id);
-    const sessionDir = this.getSessionDir(session.id);
-    await mkdir(sessionDir, { recursive: true });
-    const metadata = {
-      id: session.id,
-      projectPath: session.projectPath,
-      startedAt: session.startedAt,
-      lastSavedAt: /* @__PURE__ */ new Date(),
-      config: session.config,
-      messageCount: session.messages.length,
-      totalTokens: this.calculateTokens(session),
-      title: this.generateTitle(session),
-      status: "active"
-    };
-    await writeFile(files.metadata, JSON.stringify(metadata, null, 2), "utf-8");
-    const conversationLines = session.messages.map((msg) => {
-      const serialized = {
-        role: msg.role,
-        content: msg.content,
-        timestamp: (/* @__PURE__ */ new Date()).toISOString()
-      };
-      return JSON.stringify(serialized);
-    });
-    await writeFile(files.conversation, conversationLines.join("\n"), "utf-8");
-    const context = {
-      tokenUsage: this.calculateTokens(session)
-    };
-    await writeFile(files.context, JSON.stringify(context, null, 2), "utf-8");
-  }
-  async load(sessionId) {
-    await this.ensureInitialized();
-    const files = this.getSessionFiles(sessionId);
-    try {
-      const metadataContent = await readFile(files.metadata, "utf-8");
-      const metadata = JSON.parse(metadataContent);
-      const conversationContent = await readFile(files.conversation, "utf-8");
-      const messages = conversationContent.split("\n").filter((line) => line.trim()).map((line) => {
-        const parsed = JSON.parse(line);
-        return {
-          role: parsed.role,
-          content: parsed.content
-        };
-      });
-      const session = {
-        id: metadata.id,
-        startedAt: new Date(metadata.startedAt),
-        messages,
-        projectPath: metadata.projectPath,
-        config: metadata.config,
-        trustedTools: /* @__PURE__ */ new Set()
-      };
-      return session;
-    } catch {
-      return null;
-    }
-  }
-  async listSessions(projectPath) {
-    await this.ensureInitialized();
-    const sessions = [];
-    try {
-      const entries = await readdir(this.config.storageDir, {
-        withFileTypes: true
-      });
-      for (const entry of entries) {
-        if (!entry.isDirectory()) continue;
-        const metadataPath = join(this.config.storageDir, entry.name, "metadata.json");
-        try {
-          const content = await readFile(metadataPath, "utf-8");
-          const metadata = JSON.parse(content);
-          metadata.startedAt = new Date(metadata.startedAt);
-          metadata.lastSavedAt = new Date(metadata.lastSavedAt);
-          if (!projectPath || metadata.projectPath === projectPath) {
-            sessions.push(metadata);
-          }
-        } catch {
-          continue;
-        }
-      }
-    } catch {
-      return [];
-    }
-    sessions.sort((a, b) => new Date(b.lastSavedAt).getTime() - new Date(a.lastSavedAt).getTime());
-    return sessions;
-  }
-  async delete(sessionId) {
-    await this.ensureInitialized();
-    const sessionDir = this.getSessionDir(sessionId);
-    try {
-      await rm(sessionDir, { recursive: true, force: true });
-      return true;
-    } catch {
-      return false;
-    }
-  }
-  async getMostRecent(projectPath) {
-    const sessions = await this.listSessions(projectPath);
-    return sessions[0] ?? null;
+function createPublicWebToolRegistry(source) {
+  return copyAllowedTools(PUBLIC_WEB_TOOLS, source);
+}
+function createCustomerSupportToolRegistry(source) {
+  return copyAllowedTools(CUSTOMER_SUPPORT_TOOLS, source);
+}
+function createSupportRagToolRegistry(options = {}) {
+  const registry = createRagToolRegistry(options.retriever);
+  if (options.supportDraft) {
+    registry.register(
+      defineTool({
+        name: "create_support_draft",
+        description: "Create a support response draft from the customer message and approved retrieved sources.",
+        category: "document",
+        parameters: z.object({
+          conversationId: z.string(),
+          customerMessage: z.string(),
+          retrievedSources: z.array(
+            z.object({
+              id: z.string(),
+              title: z.string(),
+              content: z.string(),
+              url: z.string().optional(),
+              score: z.number(),
+              metadata: z.record(z.string(), z.unknown()).optional()
+            })
+          ).optional()
+        }),
+        execute: options.supportDraft
+      })
+    );
   }
-  /**
-   * Append messages to an existing session's conversation file
-   * Creates the file if it doesn't exist
-   * @param sessionId - The session ID
-   * @param messages - Messages to append
-   */
-  async appendMessages(sessionId, messages) {
-    await this.ensureInitialized();
-    const files = this.getSessionFiles(sessionId);
-    const sessionDir = this.getSessionDir(sessionId);
-    await mkdir(sessionDir, { recursive: true });
-    const newLines = messages.map((msg) => {
-      const serialized = {
-        role: msg.role,
-        content: msg.content,
-        timestamp: (/* @__PURE__ */ new Date()).toISOString()
-      };
-      return JSON.stringify(serialized);
-    });
-    let existingContent = "";
-    try {
-      existingContent = await readFile(files.conversation, "utf-8");
-      if (existingContent && !existingContent.endsWith("\n")) {
-        existingContent += "\n";
-      }
-    } catch {
-    }
-    await writeFile(files.conversation, existingContent + newLines.join("\n"), "utf-8");
+  if (options.humanEscalation) {
+    registry.register(
+      defineTool({
+        name: "request_human_escalation",
+        description: "Prepare a human escalation request. Runtime consumers must confirmation-gate this external action.",
+        category: "config",
+        parameters: z.object({
+          conversationId: z.string(),
+          summary: z.string(),
+          priority: z.enum(["low", "normal", "high", "urgent"]),
+          reason: z.string()
+        }),
+        execute: options.humanEscalation
+      })
+    );
   }
-  /**
-   * Prune old sessions to keep storage manageable
-   * Keeps the most recent maxSessionsPerProject sessions per project
-   * @param projectPath - Optional project path to prune (prunes all if not specified)
-   * @returns Number of sessions deleted
-   */
-  async pruneOldSessions(projectPath) {
-    await this.ensureInitialized();
-    const allSessions = await this.listSessions();
-    const sessionsByProject = /* @__PURE__ */ new Map();
-    for (const session of allSessions) {
-      if (projectPath && session.projectPath !== projectPath) {
-        continue;
-      }
-      const existing = sessionsByProject.get(session.projectPath) ?? [];
-      existing.push(session);
-      sessionsByProject.set(session.projectPath, existing);
-    }
-    let deletedCount = 0;
-    for (const [, sessions] of sessionsByProject) {
-      const sessionsToDelete = sessions.slice(this.config.maxSessionsPerProject);
-      for (const session of sessionsToDelete) {
-        const deleted = await this.delete(session.id);
-        if (deleted) {
-          deletedCount++;
-        }
-      }
-    }
-    return deletedCount;
+  return registry;
+}
+function createSalesIntakeToolRegistry(options = {}) {
+  const registry = new ToolRegistry();
+  if (options.leadSummary) {
+    registry.register(
+      defineTool({
+        name: "create_sales_lead_summary",
+        description: "Create a structured lead intake summary and recommended commercial next step.",
+        category: "document",
+        parameters: z.object({
+          conversationId: z.string(),
+          company: z.string().optional(),
+          contact: z.string().optional(),
+          problem: z.string(),
+          desiredOutcome: z.string().optional(),
+          urgency: z.enum(["low", "normal", "high"]).optional(),
+          budgetRange: z.string().optional(),
+          currentStack: z.string().optional()
+        }),
+        execute: options.leadSummary
+      })
+    );
   }
-  calculateTokens(session) {
-    if (session.contextManager) {
-      const stats = session.contextManager.getUsageStats();
-      return {
-        input: stats.used,
-        output: 0
-      };
-    }
-    let input = 0;
-    let output = 0;
-    for (const msg of session.messages) {
-      const content = typeof msg.content === "string" ? msg.content : JSON.stringify(msg.content);
-      const tokens = Math.ceil(content.length / 4);
-      if (msg.role === "user") {
-        input += tokens;
-      } else {
-        output += tokens;
-      }
-    }
-    return { input, output };
+  return registry;
+}
+function createInternalOpsToolRegistry(options = {}) {
+  const registry = new ToolRegistry();
+  if (options.opsDraft) {
+    registry.register(
+      defineTool({
+        name: "create_internal_ops_draft",
+        description: "Prepare an internal operations action draft. This does not execute the operation.",
+        category: "document",
+        parameters: z.object({
+          requestId: z.string(),
+          requester: z.string().optional(),
+          workflow: z.string(),
+          requestedAction: z.string(),
+          context: z.string().optional()
+        }),
+        execute: options.opsDraft
+      })
+    );
   }
-  generateTitle(session) {
-    for (const msg of session.messages) {
-      if (msg.role === "user" && typeof msg.content === "string") {
-        const content = msg.content.trim();
-        if (content.length > 10) {
-          const firstLine = content.split("\n")[0] ?? content;
-          return firstLine.length > 50 ? firstLine.slice(0, 47) + "..." : firstLine;
-        }
-      }
-    }
-    return "Untitled session";
+  return registry;
+}
+function createRagToolRegistry(retriever) {
+  const registry = new ToolRegistry();
+  if (!retriever) return registry;
+  registry.register(
+    defineTool({
+      name: "knowledge_search",
+      description: "Search the configured knowledge base and return ranked sources.",
+      category: "search",
+      parameters: z.object({
+        query: z.string(),
+        limit: z.number().optional()
+      }),
+      execute: async ({ query, limit }) => retriever.search(query, { limit })
+    })
+  );
+  return registry;
+}
+function copyAllowedTools(allowed, source) {
+  const registry = new ToolRegistry();
+  if (!source) return registry;
+  for (const name of allowed) {
+    const tool = source.get(name);
+    if (tool) registry.register(tool);
   }
-};
-function createSessionStore(config) {
-  return new SessionStore(config);
+  return registry;
 }
-
-// src/runtime/agent-runtime.ts
-init_env();
 init_errors();
 init_allowed_paths();
 function levenshtein(a, b) {
@@ -31415,7 +31518,7 @@ var HTTPTransport = class {
 
 // src/mcp/transport/sse.ts
 init_errors2();
-var DEFAULT_CONFIG3 = {
+var DEFAULT_CONFIG2 = {
   initialReconnectDelay: 1e3,
   maxReconnectDelay: 3e4,
   maxReconnectAttempts: 10
@@ -31431,7 +31534,7 @@ var SSETransport = class {
   errorHandler = null;
   closeHandler = null;
   constructor(config) {
-    this.config = { ...DEFAULT_CONFIG3, ...config };
+    this.config = { ...DEFAULT_CONFIG2, ...config };
   }
   /**
    * Connect to the SSE endpoint
@@ -32397,6 +32500,100 @@ function createFullToolRegistry() {
   registerAllTools(registry);
   return registry;
 }
+
+// src/runtime/agent-modes.ts
+var AGENT_MODES = {
+  ask: {
+    id: "ask",
+    label: "Ask",
+    description: "Answer questions and explain code without modifying files.",
+    readOnly: true,
+    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_definition"],
+    requiresVerification: false
+  },
+  plan: {
+    id: "plan",
+    label: "Plan",
+    description: "Explore and produce an implementation plan with read-only tools.",
+    readOnly: true,
+    preferredTools: ["read_file", "grep", "glob", "codebase_map", "lsp_workspace_symbols"],
+    requiresVerification: false
+  },
+  build: {
+    id: "build",
+    label: "Build",
+    description: "Implement code changes and verify them.",
+    readOnly: false,
+    preferredTools: ["read_file", "edit_file", "write_file", "bash_exec", "run_tests"],
+    requiresVerification: true
+  },
+  debug: {
+    id: "debug",
+    label: "Debug",
+    description: "Reproduce failures, trace root cause, patch, and verify.",
+    readOnly: false,
+    preferredTools: ["bash_exec", "read_file", "grep", "lsp_references", "edit_file"],
+    requiresVerification: true
+  },
+  review: {
+    id: "review",
+    label: "Review",
+    description: "Inspect code quality, security, behavior changes, and test gaps.",
+    readOnly: true,
+    preferredTools: ["git_diff", "read_file", "grep", "review_code", "calculate_quality"],
+    requiresVerification: false
+  },
+  architect: {
+    id: "architect",
+    label: "Architect",
+    description: "Design architecture and split work for architect/editor execution.",
+    readOnly: true,
+    preferredTools: ["codebase_map", "lsp_workspace_symbols", "grep", "create_agent_plan"],
+    requiresVerification: false
+  }
+};
+function getAgentMode(mode) {
+  return AGENT_MODES[mode];
+}
+function listAgentModes() {
+  return Object.values(AGENT_MODES);
+}
+function isAgentMode(value) {
+  return value in AGENT_MODES;
+}
+
+// src/runtime/default-turn-runner.ts
+var DefaultRuntimeTurnRunner = class {
+  async run(input, context) {
+    const messages = [
+      ...context.session.messages,
+      {
+        role: "user",
+        content: input.content
+      }
+    ];
+    const response = await context.provider.chat(messages, {
+      model: input.options?.model,
+      maxTokens: input.options?.maxTokens,
+      temperature: input.options?.temperature,
+      stopSequences: input.options?.stopSequences,
+      system: context.session.instructions ?? input.options?.system,
+      timeout: input.options?.timeout,
+      signal: input.options?.signal,
+      thinking: input.options?.thinking
+    });
+    return {
+      sessionId: context.session.id,
+      content: response.content,
+      usage: response.usage,
+      model: response.model,
+      mode: context.session.mode
+    };
+  }
+};
+function createDefaultRuntimeTurnRunner() {
+  return new DefaultRuntimeTurnRunner();
+}
 var InMemoryEventLog = class {
   events = [];
   record(type, data = {}) {
@@ -32515,7 +32712,8 @@ var DESTRUCTIVE_TOOL_NAMES = /* @__PURE__ */ new Set([
   "delete_file",
   "restore_checkpoint",
   "git_commit",
-  "git_push"
+  "git_push",
+  "request_human_escalation"
 ]);
 function riskForTool(tool) {
   if (READ_ONLY_TOOL_NAMES.has(tool.name)) return "read-only";
@@ -32548,6 +32746,22 @@ var DefaultPermissionPolicy = class {
     }
     return { allowed: true, risk };
   }
+  canExecuteToolInput(mode, tool, input) {
+    if (tool.name !== "run_linter") {
+      return this.canExecuteTool(mode, tool);
+    }
+    const definition = getAgentMode(mode);
+    const fixEnabled = input["fix"] === true;
+    const decision = fixEnabled ? { allowed: true, risk: "write" } : { allowed: true, risk: "read-only" };
+    if (definition.readOnly && fixEnabled) {
+      return {
+        allowed: false,
+        reason: `${definition.label} mode is read-only; run_linter with fix=true can modify files.`,
+        risk: "write"
+      };
+    }
+    return decision;
+  }
 };
 function createPermissionPolicy() {
   return new DefaultPermissionPolicy();
@@ -32587,108 +32801,135 @@ var ProviderRegistry = class {
 function createProviderRegistry() {
   return new ProviderRegistry();
 }
-
-// src/runtime/agent-runtime.ts
-var AgentRuntime = class {
-  constructor(options) {
-    this.options = options;
-    this.providerRegistry = createProviderRegistry();
-    this.toolRegistry = options.toolRegistry ?? createFullToolRegistry();
-    this.sessionStore = options.sessionStore ?? createSessionStore({});
-    this.permissionPolicy = options.permissionPolicy ?? createPermissionPolicy();
-    this.eventLog = options.eventLog ?? (options.eventLogPath ? createFileEventLog(options.eventLogPath) : createEventLog());
-    this.providerType = options.providerType;
-    this.model = options.model ?? options.providerConfig?.model ?? getDefaultModel(options.providerType);
+function createSessionId() {
+  return `rt_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 10)}`;
+}
+function cloneSession(session) {
+  return structuredClone(session);
+}
+var InMemoryRuntimeSessionStore = class {
+  sessions = /* @__PURE__ */ new Map();
+  create(options = {}) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const session = {
+      id: options.id ?? createSessionId(),
+      createdAt: now,
+      updatedAt: now,
+      mode: options.mode ?? "ask",
+      messages: options.messages ? options.messages.map((message) => ({ ...message })) : [],
+      instructions: options.instructions,
+      metadata: { ...options.metadata }
+    };
+    this.sessions.set(session.id, cloneSession(session));
+    return cloneSession(session);
   }
-  options;
-  providerRegistry;
-  toolRegistry;
-  sessionStore;
-  permissionPolicy;
-  eventLog;
-  providerType;
-  model;
-  async initialize() {
-    const providerInjected = Boolean(this.options.provider);
-    const provider = this.options.provider ?? await this.providerRegistry.createProvider(this.providerType, {
-      ...this.options.providerConfig,
-      model: this.getModel()
-    });
-    this.publishToGlobalBridge(provider);
-    this.eventLog.record(providerInjected ? "provider.attached" : "provider.created", {
-      provider: this.providerType,
-      model: this.getModel(),
-      createdByRuntime: !providerInjected
-    });
-    this.eventLog.record("runtime.initialized", { snapshot: this.snapshot() });
+  get(id) {
+    const session = this.sessions.get(id);
+    return session ? cloneSession(session) : void 0;
+  }
+  update(session) {
+    const updated = {
+      ...session,
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      messages: session.messages.map((message) => ({ ...message })),
+      metadata: { ...session.metadata }
+    };
+    this.sessions.set(updated.id, cloneSession(updated));
+    return cloneSession(updated);
   }
-  getModel() {
-    return this.model;
+  list() {
+    return [...this.sessions.values()].map(cloneSession);
   }
-  updateProvider(providerType, model2, provider) {
-    this.providerType = providerType;
-    this.model = model2 ?? getDefaultModel(providerType);
-    this.publishToGlobalBridge(provider);
-    this.eventLog.record("provider.updated", {
-      provider: this.providerType,
-      model: this.model
-    });
+  delete(id) {
+    return this.sessions.delete(id);
   }
-  publishToGlobalBridge(provider) {
-    if (this.options.publishToGlobalBridge !== true) return;
-    setAgentProvider(provider);
-    setAgentToolRegistry(this.toolRegistry);
+};
+var FileRuntimeSessionStore = class {
+  constructor(filePath) {
+    this.filePath = filePath;
+    mkdirSync(dirname(filePath), { recursive: true });
+    this.sessions = this.readSessionsFromDisk();
   }
-  snapshot() {
-    const capability = this.providerRegistry.getCapability(this.providerType, this.getModel());
-    const toolNames = this.toolRegistry.getAll().map((tool) => tool.name).sort();
-    return {
-      provider: {
-        type: this.providerType,
-        model: this.getModel(),
-        capability
-      },
-      tools: {
-        count: toolNames.length,
-        names: toolNames
-      },
-      modes: listAgentModes()
+  filePath;
+  sessions = /* @__PURE__ */ new Map();
+  create(options = {}) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const session = {
+      id: options.id ?? createSessionId(),
+      createdAt: now,
+      updatedAt: now,
+      mode: options.mode ?? "ask",
+      messages: options.messages ? options.messages.map((message) => ({ ...message })) : [],
+      instructions: options.instructions,
+      metadata: { ...options.metadata }
     };
+    const sessions = this.readSessionsFromDisk();
+    sessions.set(session.id, cloneSession(session));
+    this.sessions = sessions;
+    this.persist(sessions);
+    return cloneSession(session);
   }
-  assertToolAllowed(mode, toolName) {
-    const tool = this.toolRegistry.get(toolName);
-    if (!tool) {
-      this.eventLog.record("tool.blocked", {
-        mode,
-        tool: toolName,
-        reason: "Tool not registered."
-      });
-      return false;
+  get(id) {
+    this.sessions = this.readSessionsFromDisk();
+    const session = this.sessions.get(id);
+    return session ? cloneSession(session) : void 0;
+  }
+  update(session) {
+    const updated = {
+      ...session,
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      messages: session.messages.map((message) => ({ ...message })),
+      metadata: { ...session.metadata }
+    };
+    const sessions = this.readSessionsFromDisk();
+    sessions.set(updated.id, cloneSession(updated));
+    this.sessions = sessions;
+    this.persist(sessions);
+    return cloneSession(updated);
+  }
+  list() {
+    this.sessions = this.readSessionsFromDisk();
+    return [...this.sessions.values()].map(cloneSession);
+  }
+  delete(id) {
+    const sessions = this.readSessionsFromDisk();
+    const deleted = sessions.delete(id);
+    this.sessions = sessions;
+    if (deleted) this.persist(sessions);
+    return deleted;
+  }
+  readSessionsFromDisk() {
+    let raw;
+    try {
+      raw = readFileSync(this.filePath, "utf-8");
+    } catch (error) {
+      if (error && typeof error === "object" && "code" in error && error.code === "ENOENT") {
+        return /* @__PURE__ */ new Map();
+      }
+      throw error;
     }
-    const decision = this.permissionPolicy.canExecuteTool(mode, tool);
-    this.eventLog.record(decision.allowed ? "tool.allowed" : "tool.blocked", {
-      mode,
-      tool: toolName,
-      ...decision
-    });
-    return decision.allowed;
+    if (!raw.trim()) return /* @__PURE__ */ new Map();
+    const parsed = JSON.parse(raw);
+    if (parsed.version !== 1 || !Array.isArray(parsed.sessions)) {
+      throw new Error(`Unsupported runtime session store format: ${this.filePath}`);
+    }
+    return new Map(parsed.sessions.map((session) => [session.id, cloneSession(session)]));
+  }
+  persist(sessions) {
+    const payload = {
+      version: 1,
+      sessions: [...sessions.values()].map(cloneSession)
+    };
+    const tempPath = `${this.filePath}.${randomUUID()}.tmp`;
+    writeFileSync(tempPath, JSON.stringify(payload, null, 2) + "\n", "utf-8");
+    renameSync(tempPath, this.filePath);
   }
 };
-async function createAgentRuntime(options) {
-  const runtime = new AgentRuntime(options);
-  await runtime.initialize();
-  return runtime;
+function createRuntimeSessionStore() {
+  return new InMemoryRuntimeSessionStore();
 }
-
-// src/runtime/extension-manifests.ts
-function createMcpToolPolicy(server, tool, risk, allowedModes = ["ask", "plan", "build", "debug", "review", "architect"]) {
-  return {
-    server,
-    tool,
-    risk,
-    requiresConfirmation: risk === "destructive" || risk === "secrets-sensitive",
-    allowedModes
-  };
+function createFileRuntimeSessionStore(filePath) {
+  return new FileRuntimeSessionStore(filePath);
 }
 
 // src/runtime/workflow-registry.ts
@@ -32699,7 +32940,32 @@ function cloneWorkflow(workflow) {
     steps: workflow.steps.map((step) => ({
       ...step,
       requiredTools: [...step.requiredTools]
-    }))
+    })),
+    nodes: workflow.nodes?.map((node) => ({
+      ...node,
+      dependsOn: node.dependsOn ? [...node.dependsOn] : void 0,
+      requiredTools: node.requiredTools ? [...node.requiredTools] : void 0,
+      gates: node.gates ? [...node.gates] : void 0,
+      retryPolicy: node.retryPolicy ? { ...node.retryPolicy } : void 0
+    })),
+    edges: workflow.edges?.map((edge) => ({ ...edge })),
+    gates: workflow.gates?.map((gate) => ({ ...gate })),
+    retryPolicy: workflow.retryPolicy ? { ...workflow.retryPolicy } : void 0
+  };
+}
+function workflowToAgentGraph(workflow) {
+  const nodes = workflow.nodes ?? workflow.steps.map((step, index) => ({
+    id: step.id,
+    description: step.description,
+    requiredTools: [...step.requiredTools],
+    risk: step.risk,
+    dependsOn: index > 0 ? [workflow.steps[index - 1].id] : []
+  }));
+  return {
+    nodes,
+    edges: workflow.edges,
+    gates: workflow.gates,
+    parallelism: workflow.parallelism
   };
 }
 var WorkflowCatalog = class {
@@ -32710,6 +32976,12 @@ var WorkflowCatalog = class {
     }
   }
   register(workflow) {
+    const validation = validateAgentGraph(workflowToAgentGraph(workflow));
+    if (!validation.valid) {
+      throw new Error(
+        `Invalid workflow graph for '${workflow.id}': ${validation.issues.map((issue) => issue.message).join("; ")}`
+      );
+    }
     this.workflows.set(workflow.id, cloneWorkflow(workflow));
   }
   get(id) {
@@ -32735,7 +33007,8 @@ var WorkflowCatalog = class {
       workflowId,
       planId: plan.id,
       replayable: workflow.replayable,
-      checks: workflow.checks
+      checks: workflow.checks,
+      graphLevels: validateAgentGraph(workflowToAgentGraph(workflow)).levels
     });
     return plan;
   }
@@ -32883,11 +33156,1213 @@ function createWorkflowRegistry(workflows) {
   return createWorkflowCatalog(workflows);
 }
 
+// src/runtime/workflow-engine.ts
+var WorkflowEngine = class {
+  constructor(catalog = createWorkflowCatalog(), eventLog = createEventLog()) {
+    this.catalog = catalog;
+    this.eventLog = eventLog;
+  }
+  catalog;
+  eventLog;
+  handlers = /* @__PURE__ */ new Map();
+  registerHandler(workflowId, handler) {
+    if (!this.catalog.get(workflowId)) {
+      throw new Error(`Unknown workflow: ${workflowId}`);
+    }
+    this.handlers.set(workflowId, handler);
+  }
+  createPlan(workflowId, input) {
+    return this.catalog.createPlan(workflowId, input, this.eventLog);
+  }
+  async run(request) {
+    const workflow = this.catalog.get(request.workflowId);
+    if (!workflow) {
+      throw new Error(`Unknown workflow: ${request.workflowId}`);
+    }
+    const handler = this.handlers.get(request.workflowId);
+    if (!handler) {
+      throw new Error(`No handler registered for workflow: ${request.workflowId}`);
+    }
+    const plan = request.plan ?? this.createPlan(request.workflowId, request.input);
+    const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const runId = `${request.workflowId}-run-${Date.now().toString(36)}`;
+    this.eventLog.record("workflow.started", {
+      workflowId: request.workflowId,
+      planId: plan.id,
+      runId
+    });
+    try {
+      const output = await handler(request.input, {
+        workflow,
+        plan,
+        eventLog: this.eventLog
+      });
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const result = {
+        id: runId,
+        workflowId: request.workflowId,
+        status: "completed",
+        output,
+        startedAt,
+        completedAt
+      };
+      this.eventLog.record("workflow.completed", {
+        workflowId: request.workflowId,
+        planId: plan.id,
+        runId
+      });
+      return result;
+    } catch (error) {
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const message = error instanceof Error ? error.message : String(error);
+      this.eventLog.record("workflow.failed", {
+        workflowId: request.workflowId,
+        planId: plan.id,
+        runId,
+        error: message
+      });
+      return {
+        id: runId,
+        workflowId: request.workflowId,
+        status: "failed",
+        output: null,
+        startedAt,
+        completedAt,
+        error: message
+      };
+    }
+  }
+};
+function createWorkflowEngine(catalog, eventLog) {
+  return new WorkflowEngine(catalog, eventLog);
+}
+
+// src/runtime/agent-runtime.ts
+var AgentRuntime = class {
+  constructor(options) {
+    this.options = options;
+    this.providerRegistry = createProviderRegistry();
+    this.toolRegistry = options.toolRegistry ?? createFullToolRegistry();
+    this.sessionStore = options.sessionStore;
+    this.runtimeSessionStore = options.runtimeSessionStore ?? createRuntimeSessionStore();
+    this.eventLog = options.eventLog ?? (options.eventLogPath ? createFileEventLog(options.eventLogPath) : createEventLog());
+    this.workflowEngine = options.workflowEngine ?? createWorkflowEngine(void 0, this.eventLog);
+    this.permissionPolicy = options.permissionPolicy ?? createPermissionPolicy();
+    this.turnRunner = options.turnRunner ?? createDefaultRuntimeTurnRunner();
+    this.providerType = options.providerType;
+    this.model = options.model ?? options.providerConfig?.model ?? getDefaultModel(options.providerType);
+  }
+  options;
+  providerRegistry;
+  toolRegistry;
+  sessionStore;
+  runtimeSessionStore;
+  workflowEngine;
+  permissionPolicy;
+  eventLog;
+  turnRunner;
+  providerType;
+  model;
+  provider;
+  async initialize() {
+    const providerInjected = Boolean(this.options.provider);
+    const provider = this.options.provider ?? await this.providerRegistry.createProvider(this.providerType, {
+      ...this.options.providerConfig,
+      model: this.getModel()
+    });
+    this.provider = provider;
+    this.publishToGlobalBridge(provider);
+    this.eventLog.record(providerInjected ? "provider.attached" : "provider.created", {
+      provider: this.providerType,
+      model: this.getModel(),
+      createdByRuntime: !providerInjected
+    });
+    this.eventLog.record("runtime.initialized", { snapshot: this.snapshot() });
+  }
+  getModel() {
+    return this.model;
+  }
+  updateProvider(providerType, model2, provider) {
+    this.providerType = providerType;
+    this.model = model2 ?? getDefaultModel(providerType);
+    this.provider = provider;
+    this.publishToGlobalBridge(provider);
+    this.eventLog.record("provider.updated", {
+      provider: this.providerType,
+      model: this.model
+    });
+  }
+  publishToGlobalBridge(provider) {
+    if (this.options.publishToGlobalBridge !== true) return;
+    setAgentProvider(provider);
+    setAgentToolRegistry(this.toolRegistry);
+  }
+  snapshot() {
+    const capability = this.providerRegistry.getCapability(this.providerType, this.getModel());
+    const toolNames = this.toolRegistry.getAll().map((tool) => tool.name).sort();
+    return {
+      provider: {
+        type: this.providerType,
+        model: this.getModel(),
+        capability
+      },
+      tools: {
+        count: toolNames.length,
+        names: toolNames
+      },
+      modes: listAgentModes()
+    };
+  }
+  createSession(options = {}) {
+    const session = this.runtimeSessionStore.create(options);
+    this.eventLog.record("session.created", {
+      sessionId: session.id,
+      mode: session.mode,
+      metadataKeys: Object.keys(session.metadata).sort()
+    });
+    return session;
+  }
+  getSession(sessionId) {
+    return this.runtimeSessionStore.get(sessionId);
+  }
+  listSessions() {
+    return this.runtimeSessionStore.list();
+  }
+  async runTurn(input) {
+    const provider = this.provider;
+    if (!provider) {
+      throw new Error("Runtime provider is not initialized.");
+    }
+    const session = input.sessionId ? this.runtimeSessionStore.get(input.sessionId) : this.createSession({ mode: input.mode, metadata: input.metadata });
+    if (!session) {
+      throw new Error(`Runtime session not found: ${input.sessionId}`);
+    }
+    const effectiveSession = input.mode && input.mode !== session.mode ? { ...session, mode: input.mode } : session;
+    this.eventLog.record("turn.started", {
+      sessionId: effectiveSession.id,
+      provider: this.providerType,
+      model: this.getModel(),
+      mode: effectiveSession.mode,
+      runtimeApi: true
+    });
+    try {
+      const result = await this.turnRunner.run(input, {
+        runtime: this,
+        session: effectiveSession,
+        provider,
+        toolRegistry: this.toolRegistry,
+        permissionPolicy: this.permissionPolicy,
+        eventLog: this.eventLog
+      });
+      const updatedSession = this.runtimeSessionStore.update({
+        ...effectiveSession,
+        messages: [
+          ...effectiveSession.messages,
+          { role: "user", content: input.content },
+          { role: "assistant", content: result.content }
+        ]
+      });
+      this.eventLog.record("session.updated", {
+        sessionId: updatedSession.id,
+        messages: updatedSession.messages.length
+      });
+      this.eventLog.record("turn.completed", {
+        sessionId: updatedSession.id,
+        inputTokens: result.usage.inputTokens,
+        outputTokens: result.usage.outputTokens,
+        model: result.model,
+        runtimeApi: true
+      });
+      return { ...result, sessionId: updatedSession.id, mode: updatedSession.mode };
+    } catch (error) {
+      this.eventLog.record("turn.failed", {
+        sessionId: effectiveSession.id,
+        error: error instanceof Error ? error.message : String(error),
+        runtimeApi: true
+      });
+      throw error;
+    }
+  }
+  async *streamTurn(input) {
+    const provider = this.provider;
+    if (!provider) {
+      throw new Error("Runtime provider is not initialized.");
+    }
+    const session = input.sessionId ? this.runtimeSessionStore.get(input.sessionId) : this.createSession({ mode: input.mode, metadata: input.metadata });
+    if (!session) {
+      throw new Error(`Runtime session not found: ${input.sessionId}`);
+    }
+    const effectiveSession = input.mode && input.mode !== session.mode ? { ...session, mode: input.mode } : session;
+    const messages = [
+      ...effectiveSession.messages,
+      {
+        role: "user",
+        content: input.content
+      }
+    ];
+    this.eventLog.record("turn.started", {
+      sessionId: effectiveSession.id,
+      provider: this.providerType,
+      model: this.getModel(),
+      mode: effectiveSession.mode,
+      streaming: true,
+      runtimeApi: true
+    });
+    let content = "";
+    let completed = false;
+    let failed = false;
+    try {
+      for await (const chunk of provider.stream(messages, {
+        model: input.options?.model,
+        maxTokens: input.options?.maxTokens,
+        temperature: input.options?.temperature,
+        stopSequences: input.options?.stopSequences,
+        system: effectiveSession.instructions ?? input.options?.system,
+        timeout: input.options?.timeout,
+        signal: input.options?.signal,
+        thinking: input.options?.thinking
+      })) {
+        if (chunk.type === "text" && chunk.text) {
+          content += chunk.text;
+          yield {
+            type: "text",
+            sessionId: effectiveSession.id,
+            text: chunk.text
+          };
+        }
+      }
+      const updatedSession = this.runtimeSessionStore.update({
+        ...effectiveSession,
+        messages: [
+          ...effectiveSession.messages,
+          { role: "user", content: input.content },
+          { role: "assistant", content }
+        ]
+      });
+      const result = {
+        sessionId: updatedSession.id,
+        content,
+        usage: {
+          inputTokens: provider.countTokens(input.content),
+          outputTokens: provider.countTokens(content),
+          estimated: true
+        },
+        model: input.options?.model ?? this.getModel(),
+        mode: updatedSession.mode
+      };
+      this.eventLog.record("session.updated", {
+        sessionId: updatedSession.id,
+        messages: updatedSession.messages.length
+      });
+      this.eventLog.record("turn.completed", {
+        sessionId: updatedSession.id,
+        inputTokens: result.usage.inputTokens,
+        outputTokens: result.usage.outputTokens,
+        model: result.model,
+        streaming: true,
+        runtimeApi: true
+      });
+      completed = true;
+      yield { type: "done", sessionId: updatedSession.id, result };
+    } catch (error) {
+      failed = true;
+      const message = error instanceof Error ? error.message : String(error);
+      this.eventLog.record("turn.failed", {
+        sessionId: effectiveSession.id,
+        error: message,
+        streaming: true,
+        runtimeApi: true
+      });
+      yield {
+        type: "error",
+        sessionId: effectiveSession.id,
+        error: message
+      };
+    } finally {
+      if (!completed && !failed) {
+        this.eventLog.record("turn.cancelled", {
+          sessionId: effectiveSession.id,
+          outputTokens: provider.countTokens(content),
+          streaming: true,
+          runtimeApi: true
+        });
+      }
+    }
+  }
+  async executeTool(input) {
+    const startedAt = performance.now();
+    const session = input.sessionId ? this.getSession(input.sessionId) : void 0;
+    if (input.sessionId && !session) {
+      const decision2 = {
+        allowed: false,
+        reason: `Runtime session not found: ${input.sessionId}`,
+        risk: "read-only"
+      };
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode: input.mode ?? "ask",
+        tool: input.toolName,
+        reason: decision2.reason,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: decision2.reason,
+        duration: performance.now() - startedAt,
+        decision: decision2
+      };
+    }
+    const mode = input.mode ?? session?.mode ?? "ask";
+    const tool = this.toolRegistry.get(input.toolName);
+    if (!tool) {
+      const decision2 = {
+        allowed: false,
+        reason: "Tool not registered.",
+        risk: "read-only"
+      };
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode,
+        tool: input.toolName,
+        reason: decision2.reason,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: decision2.reason,
+        duration: performance.now() - startedAt,
+        decision: decision2
+      };
+    }
+    const decision = this.permissionPolicy.canExecuteToolInput ? this.permissionPolicy.canExecuteToolInput(mode, tool, input.input) : this.permissionPolicy.canExecuteTool(mode, tool);
+    if (!decision.allowed || decision.requiresConfirmation && input.confirmed !== true) {
+      const reason = decision.reason ?? (decision.requiresConfirmation ? "Tool requires explicit runtime confirmation." : "Tool is not allowed.");
+      this.eventLog.record("tool.blocked", {
+        sessionId: input.sessionId,
+        mode,
+        tool: input.toolName,
+        reason,
+        risk: decision.risk,
+        requiresConfirmation: decision.requiresConfirmation,
+        runtimeApi: true
+      });
+      return {
+        toolName: input.toolName,
+        success: false,
+        error: reason,
+        duration: performance.now() - startedAt,
+        decision
+      };
+    }
+    this.eventLog.record("tool.started", {
+      sessionId: input.sessionId,
+      mode,
+      tool: input.toolName,
+      risk: decision.risk,
+      runtimeApi: true,
+      metadataKeys: Object.keys(input.metadata ?? {}).sort()
+    });
+    const result = await this.toolRegistry.execute(input.toolName, input.input);
+    this.eventLog.record("tool.completed", {
+      sessionId: input.sessionId,
+      mode,
+      tool: input.toolName,
+      success: result.success,
+      duration: result.duration,
+      runtimeApi: true
+    });
+    return {
+      toolName: input.toolName,
+      success: result.success,
+      output: result.data,
+      error: result.error,
+      duration: result.duration,
+      decision
+    };
+  }
+  assertToolAllowed(mode, toolName, input) {
+    const tool = this.toolRegistry.get(toolName);
+    if (!tool) {
+      this.eventLog.record("tool.blocked", {
+        mode,
+        tool: toolName,
+        reason: "Tool not registered."
+      });
+      return false;
+    }
+    const decision = input && this.permissionPolicy.canExecuteToolInput ? this.permissionPolicy.canExecuteToolInput(mode, tool, input) : this.permissionPolicy.canExecuteTool(mode, tool);
+    this.eventLog.record(decision.allowed ? "tool.allowed" : "tool.blocked", {
+      mode,
+      tool: toolName,
+      ...decision
+    });
+    return decision.allowed;
+  }
+};
+async function createAgentRuntime(options) {
+  const runtime = new AgentRuntime(options);
+  await runtime.initialize();
+  return runtime;
+}
+
+// src/runtime/tool-calling-turn-runner.ts
+function runtimeWithTools(runtime) {
+  if (runtime && typeof runtime === "object" && "executeTool" in runtime && typeof runtime.executeTool === "function") {
+    return runtime;
+  }
+  throw new Error("ToolCallingRuntimeTurnRunner requires a runtime with executeTool().");
+}
+function toolResultToContent(result) {
+  if (!result.success) {
+    return `Error: ${result.error ?? "Tool failed."}`;
+  }
+  if (typeof result.output === "string") return result.output;
+  return JSON.stringify(result.output ?? null);
+}
+var ToolCallingRuntimeTurnRunner = class {
+  maxToolIterations;
+  constructor(options = {}) {
+    this.maxToolIterations = options.maxToolIterations ?? 10;
+  }
+  async run(input, context) {
+    const runtime = runtimeWithTools(context.runtime);
+    const messages = [
+      ...context.session.messages,
+      {
+        role: "user",
+        content: input.content
+      }
+    ];
+    const tools = context.toolRegistry.getToolDefinitionsForLLM();
+    const confirmedTools = new Set(input.confirmedTools ?? []);
+    let inputTokens = 0;
+    let outputTokens = 0;
+    let lastModel = input.options?.model ?? context.provider.id;
+    for (let iteration = 0; iteration < this.maxToolIterations; iteration++) {
+      const response = await context.provider.chatWithTools(messages, {
+        tools,
+        model: input.options?.model,
+        maxTokens: input.options?.maxTokens,
+        temperature: input.options?.temperature,
+        stopSequences: input.options?.stopSequences,
+        system: context.session.instructions ?? input.options?.system,
+        timeout: input.options?.timeout,
+        signal: input.options?.signal,
+        thinking: input.options?.thinking
+      });
+      inputTokens += response.usage.inputTokens;
+      outputTokens += response.usage.outputTokens;
+      lastModel = response.model;
+      if (response.stopReason !== "tool_use" || response.toolCalls.length === 0) {
+        return {
+          sessionId: context.session.id,
+          content: response.content,
+          usage: { inputTokens, outputTokens },
+          model: response.model,
+          mode: context.session.mode
+        };
+      }
+      const assistantContent = [];
+      if (response.content.trim().length > 0) {
+        assistantContent.push({ type: "text", text: response.content });
+      }
+      for (const toolCall of response.toolCalls) {
+        assistantContent.push({
+          type: "tool_use",
+          id: toolCall.id,
+          name: toolCall.name,
+          input: toolCall.input,
+          geminiThoughtSignature: toolCall.geminiThoughtSignature
+        });
+      }
+      messages.push({
+        role: "assistant",
+        content: assistantContent
+      });
+      const toolResults = [];
+      for (const toolCall of response.toolCalls) {
+        const result = await runtime.executeTool({
+          sessionId: context.session.id,
+          mode: context.session.mode,
+          toolName: toolCall.name,
+          input: toolCall.input,
+          confirmed: confirmedTools.has(toolCall.name),
+          metadata: input.metadata
+        });
+        toolResults.push({
+          type: "tool_result",
+          tool_use_id: toolCall.id,
+          content: toolResultToContent(result),
+          is_error: !result.success
+        });
+      }
+      messages.push({
+        role: "user",
+        content: toolResults
+      });
+    }
+    return {
+      sessionId: context.session.id,
+      content: "The tool-calling runtime reached its maximum tool iteration budget.",
+      usage: { inputTokens, outputTokens },
+      model: lastModel,
+      mode: context.session.mode
+    };
+  }
+};
+function createToolCallingRuntimeTurnRunner(options) {
+  return new ToolCallingRuntimeTurnRunner(options);
+}
+var HttpRequestError = class extends Error {
+  constructor(message, status) {
+    super(message);
+    this.status = status;
+  }
+  status;
+};
+async function readJsonBody(request, maxBodyBytes) {
+  const chunks = [];
+  let size = 0;
+  for await (const chunk of request) {
+    const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+    size += buffer.length;
+    if (size > maxBodyBytes) {
+      throw new HttpRequestError(`Request body exceeds ${maxBodyBytes} bytes.`, 413);
+    }
+    chunks.push(buffer);
+  }
+  const raw = Buffer.concat(chunks).toString("utf-8").trim();
+  try {
+    return raw ? JSON.parse(raw) : {};
+  } catch {
+    throw new HttpRequestError("Invalid JSON request body.", 400);
+  }
+}
+function sendJson(response, status, body) {
+  response.statusCode = status;
+  response.setHeader("content-type", "application/json; charset=utf-8");
+  response.end(JSON.stringify(body, null, 2));
+}
+function notFound(response) {
+  sendJson(response, 404, { error: "Not found" });
+}
+function assertValidMode(mode) {
+  if (mode === void 0) return void 0;
+  if (typeof mode === "string" && isAgentMode(mode)) return mode;
+  throw new HttpRequestError("Invalid runtime mode.", 400);
+}
+function createRuntimeHttpServer(runtime, options = {}) {
+  const maxBodyBytes = options.maxBodyBytes ?? 1024 * 1024;
+  return createServer(async (request, response) => {
+    try {
+      const url = new URL(request.url ?? "/", "http://localhost");
+      const parts = url.pathname.split("/").filter(Boolean);
+      if (request.method === "POST" && url.pathname === "/sessions") {
+        const body = await readJsonBody(request, maxBodyBytes);
+        const session = runtime.createSession({
+          mode: assertValidMode(body.mode),
+          instructions: body.instructions,
+          metadata: body.metadata
+        });
+        sendJson(response, 201, session);
+        return;
+      }
+      if (request.method === "GET" && parts[0] === "sessions" && parts[1] && parts.length === 2) {
+        const session = runtime.getSession(parts[1]);
+        if (!session) {
+          notFound(response);
+          return;
+        }
+        sendJson(response, 200, session);
+        return;
+      }
+      if (request.method === "POST" && parts[0] === "sessions" && parts[1] && parts[2] === "messages") {
+        const body = await readJsonBody(request, maxBodyBytes);
+        if (!body.content || typeof body.content !== "string") {
+          sendJson(response, 400, { error: "content is required" });
+          return;
+        }
+        if (!runtime.getSession(parts[1])) {
+          notFound(response);
+          return;
+        }
+        const result = await runtime.runTurn({
+          ...body,
+          mode: assertValidMode(body.mode),
+          sessionId: parts[1]
+        });
+        sendJson(response, 200, result);
+        return;
+      }
+      if (request.method === "GET" && parts[0] === "sessions" && parts[1] && parts[2] === "events") {
+        const events = runtime.eventLog.list().filter((event) => event.data["sessionId"] === parts[1]);
+        sendJson(response, 200, { events });
+        return;
+      }
+      if (request.method === "GET" && url.pathname === "/state") {
+        sendJson(response, 200, runtime.snapshot());
+        return;
+      }
+      notFound(response);
+    } catch (error) {
+      const status = error instanceof HttpRequestError ? error.status : 500;
+      sendJson(response, status, {
+        error: error instanceof Error ? error.message : String(error)
+      });
+    }
+  });
+}
+
+// src/runtime/extension-manifests.ts
+function createMcpToolPolicy(server, tool, risk, allowedModes = ["ask", "plan", "build", "debug", "review", "architect"]) {
+  return {
+    server,
+    tool,
+    risk,
+    requiresConfirmation: risk === "destructive" || risk === "secrets-sensitive",
+    allowedModes
+  };
+}
+
+// src/runtime/guardrails.ts
+var DEFAULT_REDACTION = "[REDACTED]";
+var SECRET_PATTERNS = [
+  { id: "openai-api-key", pattern: /\bsk-[A-Za-z0-9_-]{20,}\b/g },
+  { id: "anthropic-api-key", pattern: /\bsk-ant-[A-Za-z0-9_-]{20,}\b/g },
+  { id: "github-token", pattern: /\bgh[pousr]_[A-Za-z0-9_]{20,}\b/g },
+  { id: "generic-bearer-token", pattern: /\bBearer\s+[A-Za-z0-9._~+/=-]{20,}\b/gi },
+  {
+    id: "private-key",
+    pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g
+  }
+];
+var PROMPT_INJECTION_PATTERNS = [
+  {
+    id: "ignore-instructions",
+    pattern: /\b(ignore|forget|override)\b.{0,40}\b(instructions|system|developer)\b/i
+  },
+  {
+    id: "reveal-prompt",
+    pattern: /\b(reveal|print|show|dump)\b.{0,40}\b(system prompt|instructions|developer message)\b/i
+  },
+  {
+    id: "tool-exfiltration",
+    pattern: /\b(use|call|run)\b.{0,40}\b(tool|shell|filesystem|git)\b.{0,40}\b(secret|token|key)\b/i
+  }
+];
+var defaultPublicGuardrails = {
+  maxInputChars: 4e3,
+  maxOutputChars: 6e3,
+  secretRedaction: { enabled: true },
+  promptInjectionDetection: true
+};
+function redactSecrets(content, config = { enabled: true }) {
+  if (!config.enabled) return { content, findings: [] };
+  let redacted = content;
+  const findings = [];
+  const replacement = config.replacement ?? DEFAULT_REDACTION;
+  for (const { id, pattern } of SECRET_PATTERNS) {
+    const before = redacted;
+    redacted = redacted.replace(pattern, replacement);
+    if (before !== redacted) {
+      findings.push({
+        id,
+        stage: "input",
+        severity: "warning",
+        message: `Potential secret redacted: ${id}`,
+        redacted: true
+      });
+    }
+  }
+  return { content: redacted, findings };
+}
+function runGuardrails(stage, content, config = {}) {
+  const findings = [];
+  const maxChars = stage === "input" ? config.maxInputChars : config.maxOutputChars;
+  let checked = content;
+  if (typeof maxChars === "number" && checked.length > maxChars) {
+    findings.push({
+      id: `${stage}-too-long`,
+      stage,
+      severity: "blocked",
+      message: `${stage} exceeds ${maxChars} characters.`
+    });
+  }
+  const redaction = redactSecrets(checked, config.secretRedaction);
+  checked = redaction.content;
+  findings.push(...redaction.findings.map((finding) => ({ ...finding, stage })));
+  if (config.promptInjectionDetection) {
+    for (const { id, pattern } of PROMPT_INJECTION_PATTERNS) {
+      if (pattern.test(checked)) {
+        findings.push({
+          id,
+          stage,
+          severity: "warning",
+          message: `Potential prompt-injection pattern detected: ${id}`
+        });
+      }
+    }
+  }
+  const blockedTopics = config.topicBoundary?.blockedTopics ?? [];
+  for (const topic of blockedTopics) {
+    if (topic && checked.toLowerCase().includes(topic.toLowerCase())) {
+      findings.push({
+        id: "blocked-topic",
+        stage,
+        severity: "blocked",
+        message: `Content mentions blocked topic: ${topic}`
+      });
+    }
+  }
+  return {
+    allowed: !findings.some((finding) => finding.severity === "blocked"),
+    content: checked,
+    findings
+  };
+}
+function validateStructuredOutput(output, schema) {
+  if (!schema) return [];
+  const result = schema.safeParse(output);
+  if (result.success) return [];
+  return [
+    {
+      id: "invalid-structured-output",
+      stage: "output",
+      severity: "blocked",
+      message: result.error.issues.map((issue) => issue.message).join("; ")
+    }
+  ];
+}
+
+// src/runtime/blueprints.ts
+function mapActionModeToRuntimeMode(mode) {
+  if (mode === "act") return "build";
+  if (mode === "review") return "review";
+  return "ask";
+}
+function createSafeToolRegistry(allowedTools, source) {
+  const safe = new ToolRegistry();
+  if (!source) return safe;
+  for (const toolName of allowedTools) {
+    const tool = source.get(toolName);
+    if (tool) safe.register(tool);
+  }
+  return safe;
+}
+async function createAgentFromBlueprint(blueprint, options) {
+  const runtime = await createAgentRuntime({
+    providerType: options.providerType,
+    model: options.model,
+    providerConfig: options.providerConfig,
+    provider: options.provider,
+    eventLog: options.eventLog,
+    turnRunner: options.turnRunner,
+    toolRegistry: options.toolRegistry ?? createSafeToolRegistry(blueprint.allowedTools.length > 0 ? blueprint.allowedTools : []),
+    publishToGlobalBridge: false
+  });
+  return {
+    blueprint,
+    runtime,
+    createSession(metadata = {}) {
+      return runtime.createSession({
+        mode: mapActionModeToRuntimeMode(blueprint.defaultMode),
+        instructions: blueprint.instructions,
+        metadata: {
+          blueprintId: blueprint.id,
+          surface: blueprint.surface,
+          ...metadata
+        }
+      });
+    },
+    async runTurn(input) {
+      const guardrails = { ...defaultPublicGuardrails, ...blueprint.guardrails };
+      const checkedInput = runGuardrails("input", input.content, guardrails);
+      runtime.eventLog.record("guardrail.input", {
+        blueprintId: blueprint.id,
+        allowed: checkedInput.allowed,
+        findings: checkedInput.findings
+      });
+      if (!checkedInput.allowed) {
+        throw new Error(formatGuardrailBlock(checkedInput.findings));
+      }
+      const result = await runtime.runTurn({
+        ...input,
+        content: checkedInput.content,
+        mode: input.mode ?? mapActionModeToRuntimeMode(blueprint.defaultMode)
+      });
+      const checkedOutput = runGuardrails("output", result.content, guardrails);
+      runtime.eventLog.record("guardrail.output", {
+        blueprintId: blueprint.id,
+        allowed: checkedOutput.allowed,
+        findings: checkedOutput.findings
+      });
+      if (!checkedOutput.allowed) {
+        throw new Error(formatGuardrailBlock(checkedOutput.findings));
+      }
+      return { ...result, content: checkedOutput.content };
+    }
+  };
+}
+function formatGuardrailBlock(findings) {
+  const messages = findings.filter((finding) => finding.severity === "blocked").map((finding) => finding.message);
+  return messages.length > 0 ? messages.join("; ") : "Guardrail blocked the request.";
+}
+function createBaseBlueprint(input) {
+  return {
+    ...input,
+    guardrails: input.guardrails ?? defaultPublicGuardrails,
+    memory: input.memory ?? { enabled: true, retention: "session" },
+    approval: input.approval ?? { requireHumanForExternalActions: true },
+    observability: input.observability ?? { logEvents: true, redactSensitiveData: true }
+  };
+}
+
+// src/runtime/rag.ts
+var InMemoryKnowledgeRetriever = class {
+  constructor(documents) {
+    this.documents = documents;
+  }
+  documents;
+  async search(query, options = {}) {
+    const terms = tokenize(query);
+    const limit = options.limit ?? 5;
+    const minScore = options.minScore ?? 0;
+    return this.documents.map((document) => ({
+      ...document,
+      score: scoreDocument(document, terms)
+    })).filter((source) => source.score >= minScore && source.score > 0).sort((a, b) => b.score - a.score).slice(0, limit);
+  }
+};
+function createInMemoryKnowledgeRetriever(documents) {
+  return new InMemoryKnowledgeRetriever(documents);
+}
+function formatRetrievedSourcesForPrompt(sources) {
+  if (sources.length === 0) return "No retrieved sources.";
+  return sources.map((source, index) => {
+    const url = source.url ? `
+URL: ${source.url}` : "";
+    return `[${index + 1}] ${source.title}${url}
+${source.content}`;
+  }).join("\n\n");
+}
+function tokenize(text2) {
+  return text2.toLowerCase().split(/[^a-z0-9áéíóúüñ]+/i).map((term) => term.trim()).filter((term) => term.length > 2);
+}
+function scoreDocument(document, terms) {
+  const haystack = `${document.title}
+${document.content}`.toLowerCase();
+  if (terms.length === 0) return 0;
+  const matches = terms.filter((term) => haystack.includes(term)).length;
+  return matches / terms.length;
+}
+
+// src/presets/index.ts
+var publicWebsiteAssistantPreset = {
+  id: "public-website-assistant",
+  name: "Public Website Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "public-website-assistant",
+      name: "Public Website Assistant",
+      description: "Safe public assistant for landing pages, FAQs, service explanation, and lead intake.",
+      surface: "web",
+      defaultMode: "ask",
+      maturity: "experimental",
+      instructions: [
+        `You are the public website assistant for ${config.brand}.`,
+        "Help visitors understand services, ask concise qualification questions, and suggest a safe next step.",
+        "Do not claim that you sent messages, changed systems, booked meetings, or created records unless a registered tool result proves it.",
+        "If you are unsure, say so and offer to route the visitor to a human.",
+        config.audience ? `Primary audience: ${config.audience}.` : "",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: []
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(config, publicWebsiteAssistantPreset.createBlueprint(config));
+  }
+};
+var ragKnowledgeAssistantPreset = {
+  id: "rag-knowledge-assistant",
+  name: "RAG Knowledge Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "rag-knowledge-assistant",
+      name: "RAG Knowledge Assistant",
+      description: "Assistant that answers from a configured knowledge base and cites retrieved sources.",
+      surface: "web",
+      defaultMode: "ask",
+      maturity: "experimental",
+      instructions: [
+        `You are a knowledge assistant for ${config.brand}.`,
+        "Answer only from retrieved or approved knowledge.",
+        "Cite source titles when using retrieved content.",
+        "If the answer is not in the available knowledge, say you do not know and suggest escalation.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: config.retriever ? ["knowledge_search"] : []
+    });
+  },
+  async createRuntime(config) {
+    const blueprint = ragKnowledgeAssistantPreset.createBlueprint(config);
+    return createPresetRuntime(config, blueprint, createRagToolRegistry(config.retriever));
+  }
+};
+var supportRagAssistantPreset = {
+  id: "support-rag-assistant",
+  name: "Support RAG Assistant",
+  createBlueprint(config) {
+    const allowedTools = [];
+    if (config.retriever) allowedTools.push("knowledge_search");
+    if (config.supportDraft) allowedTools.push("create_support_draft");
+    if (config.humanEscalation) allowedTools.push("request_human_escalation");
+    return createBaseBlueprint({
+      id: "support-rag-assistant",
+      name: "Support RAG Assistant",
+      description: "Support assistant that answers from approved knowledge, drafts responses, and escalates uncertain cases.",
+      surface: "web",
+      defaultMode: "draft",
+      maturity: "experimental",
+      instructions: [
+        `You are a support assistant for ${config.brand}.`,
+        "Answer only from approved retrieved knowledge.",
+        "Cite source titles when using retrieved content.",
+        "If retrieval is weak or the case is sensitive, say you are unsure and prepare an escalation.",
+        "Never claim a ticket was created, closed, or escalated unless a registered tool result proves it.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools,
+      approval: { requireHumanForExternalActions: true, requireHumanForSensitiveData: true }
+    });
+  },
+  async createRuntime(config) {
+    const blueprint = supportRagAssistantPreset.createBlueprint(config);
+    return createPresetRuntime(
+      config,
+      blueprint,
+      createSupportRagToolRegistry({
+        retriever: config.retriever,
+        supportDraft: config.supportDraft,
+        humanEscalation: config.humanEscalation
+      }),
+      createToolCallingRuntimeTurnRunner()
+    );
+  }
+};
+var salesIntakeAssistantPreset = {
+  id: "sales-intake-assistant",
+  name: "Sales Intake Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "sales-intake-assistant",
+      name: "Sales Intake Assistant",
+      description: "Assistant for lead qualification, project context, urgency, budget, and next step capture.",
+      surface: "web",
+      defaultMode: "ask",
+      maturity: "experimental",
+      instructions: [
+        `You are the sales intake assistant for ${config.brand}.`,
+        "Collect problem, desired outcome, urgency, approximate budget, current stack, decision process, and contact preference.",
+        "Keep the conversation concise and useful. Produce a clear summary and recommended next step when enough context is available.",
+        "Do not promise pricing, timelines, or delivery commitments.",
+        "Use create_sales_lead_summary only to prepare an internal summary; do not claim a CRM record was created.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: config.leadSummary ? ["create_sales_lead_summary"] : []
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(
+      config,
+      salesIntakeAssistantPreset.createBlueprint(config),
+      createSalesIntakeToolRegistry({ leadSummary: config.leadSummary }),
+      createToolCallingRuntimeTurnRunner()
+    );
+  }
+};
+var customerSupportAssistantPreset = {
+  id: "customer-support-assistant",
+  name: "Customer Support Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "customer-support-assistant",
+      name: "Customer Support Assistant",
+      description: "Assistant for support triage, answer drafts, and escalation recommendations.",
+      surface: "web",
+      defaultMode: "draft",
+      maturity: "experimental",
+      instructions: [
+        `You are the customer support assistant for ${config.brand}.`,
+        "Classify the issue, suggest a helpful answer, and escalate sensitive or uncertain cases to a human.",
+        "Do not close tickets or make account changes without explicit approval and a registered tool result.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: []
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(
+      config,
+      customerSupportAssistantPreset.createBlueprint(config),
+      createCustomerSupportToolRegistry(config.toolRegistry)
+    );
+  }
+};
+var appointmentBookingAssistantPreset = {
+  id: "appointment-booking-assistant",
+  name: "Appointment Booking Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "appointment-booking-assistant",
+      name: "Appointment Booking Assistant",
+      description: "Assistant for appointment intake, availability discussion, and confirmation-gated booking.",
+      surface: "web",
+      defaultMode: "draft",
+      maturity: "experimental",
+      instructions: [
+        `You are the appointment assistant for ${config.brand}.`,
+        config.businessHours ? `Business hours: ${config.businessHours}.` : "",
+        "Collect preferred time, timezone, purpose, and contact details.",
+        "Never book, cancel, or move an appointment without explicit user confirmation and an approved tool call.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: []
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(config, appointmentBookingAssistantPreset.createBlueprint(config));
+  }
+};
+var internalOpsAssistantPreset = {
+  id: "internal-ops-assistant",
+  name: "Internal Ops Assistant",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "internal-ops-assistant",
+      name: "Internal Ops Assistant",
+      description: "Internal automation assistant for controlled operations workflows.",
+      surface: "internal",
+      defaultMode: "draft",
+      maturity: "experimental",
+      instructions: [
+        `You are an internal operations assistant for ${config.brand}.`,
+        "Prefer drafts and summaries before actions. Ask for confirmation before external side effects.",
+        "Use create_internal_ops_draft for controlled planning only. Do not execute ERP, CRM, billing, or account changes unless a separate allowlisted tool exists.",
+        "Follow the configured tool policy and record decisions for audit.",
+        config.extraInstructions ?? ""
+      ].filter(Boolean).join("\n"),
+      allowedTools: config.opsDraft ? ["create_internal_ops_draft"] : [],
+      approval: { requireHumanForExternalActions: true, requireHumanForSensitiveData: true }
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(
+      config,
+      internalOpsAssistantPreset.createBlueprint(config),
+      createInternalOpsToolRegistry({ opsDraft: config.opsDraft }),
+      createToolCallingRuntimeTurnRunner()
+    );
+  }
+};
+var codingAgentPreset = {
+  id: "coding-agent",
+  name: "Coco Coding Agent",
+  createBlueprint(config) {
+    return createBaseBlueprint({
+      id: "coding-agent",
+      name: "Coco Coding Agent",
+      description: "Coco's full coding-agent surface for trusted developer environments.",
+      surface: "cli",
+      defaultMode: "act",
+      maturity: "beta",
+      instructions: config.extraInstructions ?? "You are Coco, a coding agent for trusted repositories.",
+      allowedTools: [],
+      guardrails: { secretRedaction: { enabled: true }, promptInjectionDetection: true },
+      approval: { requireHumanForExternalActions: true, requireHumanForSensitiveData: true }
+    });
+  },
+  async createRuntime(config) {
+    return createPresetRuntime(
+      config,
+      codingAgentPreset.createBlueprint(config),
+      createCodingToolRegistry()
+    );
+  }
+};
+async function createPresetRuntime(config, blueprint, fallbackToolRegistry = createNoToolRegistry(), fallbackTurnRunner = config.turnRunner) {
+  return createAgentRuntime({
+    providerType: config.providerType,
+    model: config.model,
+    providerConfig: config.providerConfig,
+    provider: config.provider,
+    eventLog: config.eventLog,
+    turnRunner: config.turnRunner ?? fallbackTurnRunner,
+    toolRegistry: blueprint.id === "coding-agent" ? config.toolRegistry ?? fallbackToolRegistry : config.toolRegistry ? createSafeToolRegistry(blueprint.allowedTools, config.toolRegistry) : fallbackToolRegistry,
+    publishToGlobalBridge: false
+  });
+}
+var AGENT_PRESETS = [
+  publicWebsiteAssistantPreset,
+  ragKnowledgeAssistantPreset,
+  supportRagAssistantPreset,
+  salesIntakeAssistantPreset,
+  customerSupportAssistantPreset,
+  appointmentBookingAssistantPreset,
+  internalOpsAssistantPreset,
+  codingAgentPreset
+];
+
+// src/adapters/index.ts
+function createHttpAssistantAdapter(runtime) {
+  return {
+    createSession(metadata = {}) {
+      const session = runtime.createSession({ mode: "ask", metadata });
+      return { sessionId: session.id };
+    },
+    async handleMessage(input) {
+      const sessionId = input.sessionId ?? runtime.createSession({ mode: "ask", metadata: input.metadata }).id;
+      const result = await runtime.runTurn({
+        sessionId,
+        content: input.content,
+        metadata: input.metadata
+      });
+      return { sessionId, content: result.content, metadata: { model: result.model } };
+    }
+  };
+}
+function createStreamingHttpAssistantAdapter(runtime) {
+  const base = createHttpAssistantAdapter(runtime);
+  return {
+    ...base,
+    async *streamMessage(input) {
+      const sessionId = input.sessionId ?? runtime.createSession({ mode: "ask", metadata: input.metadata }).id;
+      yield* runtime.streamTurn({
+        sessionId,
+        content: input.content,
+        metadata: input.metadata
+      });
+    }
+  };
+}
+function createWebhookAssistantAdapter(runtime, options = {}) {
+  return {
+    id: options.id ?? "webhook-assistant",
+    surface: options.surface ?? "api",
+    async handle(input) {
+      const adapter = createHttpAssistantAdapter(runtime);
+      return adapter.handleMessage(input);
+    }
+  };
+}
+
 // src/index.ts
 init_errors();
 init_logger();
 init_proxy();
 
-export { ADRGenerator, AgentRuntime, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DEFAULT_WORKFLOWS, DefaultPermissionPolicy, DiscoveryEngine, DockerGenerator, DocsGenerator, FileEventLog, InMemoryEventLog, OrchestrateExecutor, OutputExecutor, PhaseError, ProviderRegistry, SessionManager, SpecificationGenerator, TaskError, TaskIterator, ToolRegistry, VERSION, WorkflowCatalog, WorkflowRegistry, configExists, createADRGenerator, createAgentRuntime, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCompleteExecutor, createConvergeExecutor, createDefaultConfig, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createEventLog, createFileEventLog, createFullToolRegistry, createLogger, createMcpToolPolicy, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createPermissionPolicy, createProvider, createProviderRegistry, createSessionManager, createSpecificationGenerator, createTaskIterator, createToolRegistry, createWorkflowCatalog, createWorkflowRegistry, installProxyDispatcher, loadConfig, registerAllTools, saveConfig };
+export { ADRGenerator, AGENT_MODES, AGENT_PRESETS, AgentRuntime, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DEFAULT_WORKFLOWS, DefaultPermissionPolicy, DefaultRuntimeTurnRunner, DiscoveryEngine, DockerGenerator, DocsGenerator, FileEventLog, FileRuntimeSessionStore, InMemoryEventLog, InMemoryKnowledgeRetriever, InMemoryRuntimeSessionStore, OrchestrateExecutor, OutputExecutor, PhaseError, ProviderRegistry, SessionManager, SharedWorkspaceState, SpecificationGenerator, TaskError, TaskIterator, ToolCallingRuntimeTurnRunner, ToolRegistry, VERSION, WorkflowCatalog, WorkflowEngine, WorkflowRegistry, appointmentBookingAssistantPreset, codingAgentPreset, configExists, createADRGenerator, createAgentArtifact, createAgentFromBlueprint, createAgentRuntime, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createBaseBlueprint, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCodingToolRegistry, createCompleteExecutor, createConvergeExecutor, createCustomerSupportToolRegistry, createDefaultConfig, createDefaultRuntimeTurnRunner, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createEventLog, createFileEventLog, createFileRuntimeSessionStore, createFullToolRegistry, createHttpAssistantAdapter, createInMemoryKnowledgeRetriever, createLogger, createMcpToolPolicy, createNoToolRegistry, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createPermissionPolicy, createProvider, createProviderRegistry, createPublicWebToolRegistry, createRagToolRegistry, createRuntimeHttpServer, createRuntimeSessionStore, createSafeToolRegistry, createSessionManager, createSpecificationGenerator, createStreamingHttpAssistantAdapter, createSummaryArtifact, createSupportRagToolRegistry, createTaskIterator, createToolCallingRuntimeTurnRunner, createToolRegistry, createWebhookAssistantAdapter, createWorkflowCatalog, createWorkflowEngine, createWorkflowRegistry, customerSupportAssistantPreset, defaultPublicGuardrails, formatRetrievedSourcesForPrompt, getAgentMode, installProxyDispatcher, internalOpsAssistantPreset, isAgentMode, listAgentModes, loadConfig, mapActionModeToRuntimeMode, normalizeAgentRunResult, publicWebsiteAssistantPreset, ragKnowledgeAssistantPreset, redactSecrets, registerAllTools, runGuardrails, salesIntakeAssistantPreset, saveConfig, supportRagAssistantPreset, validateAgentCapabilities, validateAgentGraph, validateStructuredOutput, workflowToAgentGraph };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map