@corbat-tech/coco 2.38.0 → 2.39.0

package/dist/index.js

@@ -1,6 +1,6 @@
 import { Logger } from 'tslog';
 import * as fs4 from 'fs';
-import fs4__default, { readFileSync, mkdirSync, appendFileSync, writeFileSync, renameSync, constants } from 'fs';
+import fs4__default, { readFileSync, mkdirSync, writeFileSync, appendFileSync, renameSync, constants } from 'fs';
 import * as path17 from 'path';
 import path17__default, { dirname, join, basename, resolve } from 'path';
 import * as fs16 from 'fs/promises';
@@ -7350,25 +7350,25 @@ var DuplicationAnalyzer = class {
         const lines = content.split("\n");
         totalLines += lines.length;
         for (let i = 0; i <= lines.length - this.minLines; i++) {
-          const chunk = lines.slice(i, i + this.minLines).join("\n").trim();
-          if (chunk.length < 20) continue;
-          if (!chunks.has(chunk)) {
-            chunks.set(chunk, []);
+          const chunk2 = lines.slice(i, i + this.minLines).join("\n").trim();
+          if (chunk2.length < 20) continue;
+          if (!chunks.has(chunk2)) {
+            chunks.set(chunk2, []);
           }
-          chunks.get(chunk).push({ file, line: i + 1 });
+          chunks.get(chunk2).push({ file, line: i + 1 });
         }
       } catch {
       }
     }
     const duplicates = [];
     let duplicateLines = 0;
-    for (const [chunk, locations] of chunks.entries()) {
+    for (const [chunk2, locations] of chunks.entries()) {
       if (locations.length > 1) {
         duplicates.push({
-          lines: chunk.split("\n"),
+          lines: chunk2.split("\n"),
           files: locations
         });
-        duplicateLines += chunk.split("\n").length * (locations.length - 1);
+        duplicateLines += chunk2.split("\n").length * (locations.length - 1);
       }
     }
     const percentage = totalLines > 0 ? duplicateLines / totalLines * 100 : 0;
@@ -15845,12 +15845,12 @@ var OpenAIProvider = class {
         ...reasoningEffort && { reasoning_effort: reasoningEffort }
       });
       let streamStopReason;
-      for await (const chunk of stream) {
-        const delta = chunk.choices[0]?.delta;
+      for await (const chunk2 of stream) {
+        const delta = chunk2.choices[0]?.delta;
         if (delta?.content) {
           yield { type: "text", text: delta.content };
         }
-        const finishReason = chunk.choices[0]?.finish_reason;
+        const finishReason = chunk2.choices[0]?.finish_reason;
         if (finishReason) {
           streamStopReason = this.mapFinishReason(finishReason);
         }
@@ -15919,8 +15919,8 @@ var OpenAIProvider = class {
       });
       try {
         let streamStopReason;
-        for await (const chunk of stream) {
-          const delta = chunk.choices[0]?.delta;
+        for await (const chunk2 of stream) {
+          const delta = chunk2.choices[0]?.delta;
           if (delta?.content || delta?.tool_calls) {
             lastActivityTime = Date.now();
           }
@@ -15958,7 +15958,7 @@ var OpenAIProvider = class {
               }
             }
           }
-          const finishReason = chunk.choices[0]?.finish_reason;
+          const finishReason = chunk2.choices[0]?.finish_reason;
           if (finishReason) {
             streamStopReason = this.mapFinishReason(finishReason);
           }
@@ -17674,12 +17674,12 @@ var GeminiProvider = class {
         config: this.buildConfig(messages, options)
       });
       let streamStopReason = "end_turn";
-      for await (const chunk of stream) {
-        const text2 = chunk.text;
+      for await (const chunk2 of stream) {
+        const text2 = chunk2.text;
         if (text2) {
           yield { type: "text", text: text2 };
         }
-        const finishReason = chunk.candidates?.[0]?.finishReason;
+        const finishReason = chunk2.candidates?.[0]?.finishReason;
         if (finishReason) {
           streamStopReason = this.mapFinishReason(finishReason);
         }
@@ -17700,12 +17700,12 @@ var GeminiProvider = class {
       let streamStopReason = "end_turn";
       let fallbackToolCounter = 0;
       const emittedToolIds = /* @__PURE__ */ new Set();
-      for await (const chunk of stream) {
-        const text2 = chunk.text;
+      for await (const chunk2 of stream) {
+        const text2 = chunk2.text;
         if (text2) {
           yield { type: "text", text: text2 };
         }
-        const toolCalls = this.extractToolCalls(chunk, { includeLegacyFunctionCalls: true });
+        const toolCalls = this.extractToolCalls(chunk2, { includeLegacyFunctionCalls: true });
         for (const toolCall of toolCalls) {
           const toolCallId = toolCall.id ?? `gemini_call_${++fallbackToolCounter}`;
           if (emittedToolIds.has(toolCallId)) continue;
@@ -17726,7 +17726,7 @@ var GeminiProvider = class {
             toolCall: normalizedToolCall
           };
         }
-        const finishReason = chunk.candidates?.[0]?.finishReason;
+        const finishReason = chunk2.candidates?.[0]?.finishReason;
         if (toolCalls.length > 0) {
           streamStopReason = "tool_use";
         } else if (finishReason) {
@@ -18069,8 +18069,8 @@ var VertexProvider = class {
     this.ensureInitialized();
     const stream = await this.streamGenerateContent(messages, options);
     let stopReason = "end_turn";
-    for await (const chunk of stream) {
-      const candidate = chunk.candidates?.[0];
+    for await (const chunk2 of stream) {
+      const candidate = chunk2.candidates?.[0];
       const parts = candidate?.content?.parts ?? [];
       for (const part of parts) {
         if (part.text) {
@@ -18092,8 +18092,8 @@ var VertexProvider = class {
     let stopReason = "end_turn";
     let streamToolCallCounter = 0;
     const emittedToolFingerprints = /* @__PURE__ */ new Set();
-    for await (const chunk of stream) {
-      const candidate = chunk.candidates?.[0];
+    for await (const chunk2 of stream) {
+      const candidate = chunk2.candidates?.[0];
       const parts = candidate?.content?.parts ?? [];
       for (const part of parts) {
         if (part.text) {
@@ -18693,9 +18693,9 @@ var ResilientProvider = class {
       }
       let emittedChunk = false;
       try {
-        for await (const chunk of createStream()) {
+        for await (const chunk2 of createStream()) {
           emittedChunk = true;
-          yield chunk;
+          yield chunk2;
         }
         this.breaker.recordSuccess();
         return;
@@ -19437,9 +19437,179 @@ z.string().regex(
 
 // src/cli/repl/agents/manager.ts
 init_logger();
-
-// src/runtime/multi-agent.ts
+var LEGACY_ROLE_MAPPINGS = [
+  { legacy: "explore", role: "researcher", reason: "read-only codebase exploration" },
+  { legacy: "researcher", role: "researcher", reason: "legacy executor role" },
+  { legacy: "plan", role: "planner", reason: "task planning" },
+  { legacy: "planner", role: "planner", reason: "legacy executor role" },
+  { legacy: "architect", role: "architect", reason: "architecture design" },
+  { legacy: "editor", role: "editor", reason: "implementation edits" },
+  { legacy: "debug", role: "coder", reason: "debugging maps to coding capability" },
+  { legacy: "coder", role: "coder", reason: "legacy executor role" },
+  { legacy: "test", role: "tester", reason: "test authoring/execution" },
+  { legacy: "tester", role: "tester", reason: "legacy executor role" },
+  { legacy: "tdd", role: "tester", reason: "test-first implementation" },
+  { legacy: "e2e", role: "tester", reason: "end-to-end testing" },
+  { legacy: "review", role: "reviewer", reason: "code review" },
+  { legacy: "reviewer", role: "reviewer", reason: "legacy executor role" },
+  { legacy: "refactor", role: "optimizer", reason: "structure optimization" },
+  { legacy: "optimizer", role: "optimizer", reason: "legacy executor role" },
+  { legacy: "security", role: "security", reason: "security analysis" },
+  { legacy: "qa", role: "qa", reason: "quality assurance" },
+  { legacy: "integrator", role: "integrator", reason: "integration coordination" },
+  { legacy: "pm", role: "pm", reason: "product/project coordination" },
+  { legacy: "docs", role: "docs", reason: "documentation" },
+  { legacy: "database", role: "database", reason: "database work" }
+];
+var LEGACY_ROLE_MAP = new Map(LEGACY_ROLE_MAPPINGS.map((mapping) => [mapping.legacy, mapping]));
+function mapLegacyAgentRole(legacyRole, fallback = "coder") {
+  return LEGACY_ROLE_MAP.get(legacyRole)?.role ?? fallback;
+}
+function listLegacyAgentRoleMappings() {
+  return LEGACY_ROLE_MAPPINGS.map((mapping) => ({ ...mapping }));
+}
+function assertProvenance(provenance) {
+  if (!provenance.workflowRunId) {
+    throw new Error("Shared workspace writes require workflowRunId provenance.");
+  }
+}
+function snapshotFromRecords(records, role) {
+  const includeSensitive = role === void 0 || role === "security" || role === "integrator" || role === "pm";
+  const facts = /* @__PURE__ */ new Map();
+  const decisions = /* @__PURE__ */ new Map();
+  const risks = /* @__PURE__ */ new Map();
+  const files = /* @__PURE__ */ new Map();
+  const testResults = /* @__PURE__ */ new Map();
+  const artifacts = [];
+  for (const record of records) {
+    if (!includeSensitive && (record.kind === "risk" || record.provenance.risk === "secrets-sensitive")) {
+      continue;
+    }
+    switch (record.kind) {
+      case "fact":
+        facts.set(record.key, record.value);
+        break;
+      case "decision":
+        decisions.set(record.key, record.value);
+        break;
+      case "risk":
+        risks.set(record.key, record.value);
+        break;
+      case "file":
+        files.set(record.key, record.value);
+        break;
+      case "testResult":
+        testResults.set(record.key, record.value);
+        break;
+      case "artifact":
+        if (isAgentArtifact(record.value)) {
+          if (includeSensitive || record.value.kind !== "riskReport") {
+            artifacts.push(cloneArtifact(record.value));
+          }
+        }
+        break;
+    }
+  }
+  return {
+    facts: Object.fromEntries(facts),
+    decisions: Object.fromEntries(decisions),
+    risks: Object.fromEntries(risks),
+    files: Object.fromEntries(files),
+    testResults: Object.fromEntries(testResults),
+    artifacts
+  };
+}
+var InMemorySharedWorkspaceStore = class {
+  records = [];
+  write(input) {
+    assertProvenance(input.provenance);
+    const record = {
+      id: `state-${randomUUID()}`,
+      kind: input.kind,
+      key: input.key,
+      value: cloneUnknown(input.value),
+      provenance: { ...input.provenance },
+      createdAt: input.createdAt ?? (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.records.push(record);
+    return cloneRecord(record);
+  }
+  list() {
+    return this.records.map(cloneRecord);
+  }
+  snapshot() {
+    return snapshotFromRecords(this.records);
+  }
+  readForRole(role) {
+    return snapshotFromRecords(this.records, role);
+  }
+  clear() {
+    this.records = [];
+  }
+};
+var FileSharedWorkspaceStore = class {
+  constructor(filePath) {
+    this.filePath = filePath;
+    try {
+      mkdirSync(dirname(filePath), { recursive: true });
+      for (const record of this.readRecordsFromDisk()) {
+        this.memory.write(record);
+      }
+    } catch {
+      this.writable = false;
+    }
+  }
+  filePath;
+  memory = new InMemorySharedWorkspaceStore();
+  writable = true;
+  write(input) {
+    const record = this.memory.write(input);
+    if (this.writable) {
+      try {
+        writeFileSync(this.filePath, JSON.stringify(this.memory.list(), null, 2), "utf-8");
+      } catch {
+        this.writable = false;
+      }
+    }
+    return record;
+  }
+  list() {
+    return this.memory.list();
+  }
+  snapshot() {
+    return this.memory.snapshot();
+  }
+  readForRole(role) {
+    return this.memory.readForRole(role);
+  }
+  clear() {
+    this.memory.clear();
+    if (this.writable) {
+      try {
+        writeFileSync(this.filePath, "[]", "utf-8");
+      } catch {
+        this.writable = false;
+      }
+    }
+  }
+  readRecordsFromDisk() {
+    try {
+      const parsed = JSON.parse(readFileSync(this.filePath, "utf-8"));
+      return Array.isArray(parsed) ? parsed.map((record) => ({
+        kind: record.kind,
+        key: record.key,
+        value: record.value,
+        provenance: record.provenance,
+        createdAt: record.createdAt
+      })) : [];
+    } catch {
+      return [];
+    }
+  }
+};
 var SharedWorkspaceState = class {
+  workflowRunId = `legacy-state-${Date.now().toString(36)}`;
+  store = new InMemorySharedWorkspaceStore();
   facts = /* @__PURE__ */ new Map();
   decisions = /* @__PURE__ */ new Map();
   risks = /* @__PURE__ */ new Map();
@@ -19448,21 +19618,61 @@ var SharedWorkspaceState = class {
   artifacts = [];
   writeFact(key, value) {
     this.facts.set(key, value);
+    this.store.write({
+      kind: "fact",
+      key,
+      value,
+      provenance: { workflowRunId: this.workflowRunId }
+    });
   }
   recordDecision(key, value) {
     this.decisions.set(key, value);
+    this.store.write({
+      kind: "decision",
+      key,
+      value,
+      provenance: { workflowRunId: this.workflowRunId }
+    });
   }
   recordRisk(key, value) {
     this.risks.set(key, value);
+    this.store.write({
+      kind: "risk",
+      key,
+      value,
+      provenance: { workflowRunId: this.workflowRunId, risk: "secrets-sensitive" }
+    });
   }
   recordFile(path44, value) {
     this.files.set(path44, value);
+    this.store.write({
+      kind: "file",
+      key: path44,
+      value,
+      provenance: { workflowRunId: this.workflowRunId }
+    });
   }
   recordTestResult(key, value) {
     this.testResults.set(key, value);
+    this.store.write({
+      kind: "testResult",
+      key,
+      value,
+      provenance: { workflowRunId: this.workflowRunId }
+    });
   }
   addArtifact(artifact) {
     this.artifacts.push(cloneArtifact(artifact));
+    this.store.write({
+      kind: "artifact",
+      key: artifact.id,
+      value: artifact,
+      provenance: {
+        workflowRunId: this.workflowRunId,
+        agentRunId: artifact.agentRunId,
+        taskId: artifact.taskId
+      }
+    });
   }
   readForRole(role) {
     const includeSensitive = role === "security" || role === "integrator" || role === "pm";
@@ -19485,7 +19695,263 @@ var SharedWorkspaceState = class {
       artifacts: this.artifacts.map(cloneArtifact)
     };
   }
+  records() {
+    return this.store.list();
+  }
 };
+function evaluateAgentToolPolicy(input) {
+  const manifestEntry = input.manifest?.[input.toolName];
+  const risk = manifestEntry?.risk ?? input.capability.risk;
+  if (!input.capability.allowedTools.includes(input.toolName)) {
+    return {
+      allowed: false,
+      risk,
+      reason: `Tool '${input.toolName}' is not allowed for agent role '${input.capability.role}'.`
+    };
+  }
+  if (manifestEntry?.requiredCapability) {
+    const allowedRoles = Array.isArray(manifestEntry.requiredCapability) ? manifestEntry.requiredCapability : [manifestEntry.requiredCapability];
+    if (!allowedRoles.includes(input.capability.role)) {
+      return {
+        allowed: false,
+        risk,
+        reason: `Tool '${input.toolName}' requires role ${allowedRoles.join(", ")}.`
+      };
+    }
+  }
+  if (riskRank(risk) > riskRank(input.capability.risk)) {
+    return {
+      allowed: false,
+      risk,
+      reason: `Tool '${input.toolName}' risk '${risk}' exceeds agent capability risk '${input.capability.risk}'.`
+    };
+  }
+  return {
+    allowed: true,
+    risk,
+    requiresConsent: manifestEntry?.requiresConsent ?? (risk === "destructive" || risk === "secrets-sensitive")
+  };
+}
+function createAgentTraceContext(input = {}) {
+  return {
+    traceId: input.traceId ?? `trace-${randomUUID()}`,
+    spanId: input.spanId ?? `span-${randomUUID()}`,
+    parentSpanId: input.parentSpanId,
+    workflowRunId: input.workflowRunId,
+    agentRunId: input.agentRunId,
+    taskId: input.taskId,
+    toolCallId: input.toolCallId
+  };
+}
+var AgentGraphEngine = class {
+  eventLog;
+  sharedState;
+  nodeExecutor;
+  gateEvaluator;
+  trace;
+  constructor(options = {}) {
+    this.eventLog = options.eventLog;
+    this.sharedState = options.sharedState ?? new InMemorySharedWorkspaceStore();
+    this.nodeExecutor = options.nodeExecutor ?? defaultAgentGraphNodeExecutor;
+    this.gateEvaluator = options.gateEvaluator ?? defaultAgentGateEvaluator;
+    this.trace = options.trace ?? createAgentTraceContext();
+  }
+  async run(input) {
+    const validation = validateAgentGraph(input.graph);
+    if (!validation.valid) {
+      throw new Error(
+        `Invalid agent graph: ${validation.issues.map((issue) => issue.message).join("; ")}`
+      );
+    }
+    const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const nodeResults = /* @__PURE__ */ new Map();
+    const artifacts = [];
+    const graphTrace = createAgentTraceContext({
+      ...this.trace,
+      workflowRunId: input.workflowRunId
+    });
+    this.eventLog?.record("agent.graph.started", {
+      workflowRunId: input.workflowRunId,
+      trace: graphTrace,
+      levels: validation.levels
+    });
+    try {
+      for (const level of validation.levels) {
+        const batches = chunk(level, input.graph.parallelism ?? level.length);
+        for (const batch of batches) {
+          const levelResults = await Promise.all(
+            batch.map(
+              (nodeId) => this.executeNode({
+                node: input.graph.nodes.find((candidate) => candidate.id === nodeId),
+                graph: input.graph,
+                workflowRunId: input.workflowRunId,
+                input: input.input,
+                graphTrace,
+                nodeResults
+              })
+            )
+          );
+          for (const result2 of levelResults) {
+            nodeResults.set(result2.taskId, result2);
+            artifacts.push(...result2.artifacts.map(cloneArtifact));
+          }
+        }
+      }
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const result = {
+        id: input.workflowRunId,
+        status: "completed",
+        nodeResults: Object.fromEntries(nodeResults),
+        artifacts,
+        stateSnapshot: this.sharedState.snapshot(),
+        trace: graphTrace,
+        startedAt,
+        completedAt
+      };
+      this.eventLog?.record("agent.graph.completed", {
+        workflowRunId: input.workflowRunId,
+        trace: graphTrace,
+        nodeCount: nodeResults.size
+      });
+      return result;
+    } catch (error) {
+      const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const message = error instanceof Error ? error.message : String(error);
+      this.eventLog?.record("agent.graph.failed", {
+        workflowRunId: input.workflowRunId,
+        trace: graphTrace,
+        error: message
+      });
+      return {
+        id: input.workflowRunId,
+        status: "failed",
+        nodeResults: Object.fromEntries(nodeResults),
+        artifacts,
+        stateSnapshot: this.sharedState.snapshot(),
+        trace: graphTrace,
+        startedAt,
+        completedAt,
+        error: message
+      };
+    }
+  }
+  async executeNode(input) {
+    const attempts = input.node.retryPolicy?.maxAttempts ?? 1;
+    let lastResult;
+    for (let attempt = 1; attempt <= attempts; attempt++) {
+      const task = graphNodeToTask(input.node, input.input);
+      const trace = createAgentTraceContext({
+        traceId: input.graphTrace.traceId,
+        parentSpanId: input.graphTrace.spanId,
+        workflowRunId: input.workflowRunId,
+        taskId: task.id
+      });
+      this.eventLog?.record("agent.started", {
+        workflowRunId: input.workflowRunId,
+        nodeId: input.node.id,
+        taskId: task.id,
+        role: task.role,
+        attempt,
+        trace
+      });
+      const result = await this.nodeExecutor({
+        node: input.node,
+        task,
+        attempt,
+        workflowRunId: input.workflowRunId,
+        trace,
+        dependencyResults: input.nodeResults,
+        sharedState: this.sharedState,
+        eventLog: this.eventLog ?? NULL_EVENT_LOG
+      });
+      lastResult = result;
+      for (const artifact of result.artifacts) {
+        this.sharedState.write({
+          kind: "artifact",
+          key: artifact.id,
+          value: artifact,
+          provenance: {
+            workflowRunId: input.workflowRunId,
+            agentRunId: result.id,
+            nodeId: input.node.id,
+            taskId: task.id,
+            risk: input.node.risk
+          }
+        });
+        this.eventLog?.record("agent.artifact.created", {
+          workflowRunId: input.workflowRunId,
+          nodeId: input.node.id,
+          agentRunId: result.id,
+          artifactId: artifact.id,
+          kind: artifact.kind,
+          trace
+        });
+      }
+      if (result.success) {
+        await this.evaluateNodeGates(input.graph, input.node, result, input.workflowRunId, trace);
+        this.eventLog?.record("agent.completed", {
+          workflowRunId: input.workflowRunId,
+          nodeId: input.node.id,
+          agentRunId: result.id,
+          taskId: task.id,
+          role: result.role,
+          attempt,
+          trace
+        });
+        return result;
+      }
+      this.eventLog?.record("agent.failed", {
+        workflowRunId: input.workflowRunId,
+        nodeId: input.node.id,
+        agentRunId: result.id,
+        taskId: task.id,
+        role: result.role,
+        attempt,
+        error: result.error,
+        trace
+      });
+      if (attempt < attempts && input.node.retryPolicy?.backoffMs) {
+        await new Promise((resolve3) => setTimeout(resolve3, input.node.retryPolicy.backoffMs));
+      }
+    }
+    throw new Error(
+      `Node '${input.node.id}' failed after ${attempts} attempt(s): ${lastResult?.error ?? "unknown error"}`
+    );
+  }
+  async evaluateNodeGates(graph, node, result, workflowRunId, trace) {
+    for (const gateId of node.gates ?? []) {
+      const gate = graph.gates?.find((candidate) => candidate.id === gateId);
+      if (!gate) continue;
+      const evaluation = await this.gateEvaluator({
+        gate,
+        node,
+        result,
+        workflowRunId,
+        trace,
+        sharedState: this.sharedState,
+        eventLog: this.eventLog ?? NULL_EVENT_LOG
+      });
+      const eventType = evaluation.passed ? "workflow.gate.passed" : "workflow.gate.failed";
+      this.eventLog?.record(eventType, {
+        workflowRunId,
+        nodeId: node.id,
+        gateId: gate.id,
+        kind: gate.kind,
+        required: gate.required,
+        reason: evaluation.reason,
+        trace
+      });
+      if (!evaluation.passed && gate.required) {
+        throw new Error(
+          `Required gate '${gate.id}' failed for node '${node.id}': ${evaluation.reason ?? "no reason"}`
+        );
+      }
+    }
+  }
+};
+function createAgentGraphEngine(options) {
+  return new AgentGraphEngine(options);
+}
 function createAgentArtifact(input) {
   return {
     ...input,
@@ -19624,6 +20090,115 @@ function buildExecutionLevels(graph, issues) {
   }
   return levels;
 }
+var NULL_EVENT_LOG = {
+  record(type, data = {}) {
+    return {
+      id: `event-${randomUUID()}`,
+      type,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data
+    };
+  },
+  list() {
+    return [];
+  },
+  count() {
+    return 0;
+  },
+  clear() {
+  }
+};
+function graphNodeToTask(node, workflowInput) {
+  return {
+    id: node.id,
+    role: node.agentRole ?? "coder",
+    objective: node.description,
+    context: {
+      workflowInput,
+      condition: node.condition
+    },
+    dependencies: node.dependsOn,
+    constraints: node.requiredTools?.map((tool) => `Requires tool: ${tool}`)
+  };
+}
+async function defaultAgentGraphNodeExecutor(execution) {
+  const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const dependencyOutputs = Object.fromEntries(
+    [...execution.dependencyResults.entries()].map(([id, result]) => [
+      id,
+      { success: result.success, output: result.output }
+    ])
+  );
+  const output = [
+    `Node '${execution.node.id}' executed by ${execution.task.role}.`,
+    `Objective: ${execution.task.objective}`,
+    Object.keys(dependencyOutputs).length > 0 ? `Dependencies: ${JSON.stringify(dependencyOutputs)}` : "Dependencies: none"
+  ].join("\n");
+  return normalizeAgentRunResult({
+    id: `${execution.workflowRunId}-${execution.node.id}-attempt-${execution.attempt}`,
+    taskId: execution.task.id,
+    role: execution.task.role,
+    success: true,
+    output,
+    startedAt,
+    completedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    turns: 0,
+    toolsUsed: [],
+    durationMs: 0,
+    metadata: {
+      workflowRunId: execution.workflowRunId,
+      nodeId: execution.node.id,
+      trace: execution.trace,
+      simulated: true
+    }
+  });
+}
+async function defaultAgentGateEvaluator(input) {
+  if (!input.result.success) {
+    return { passed: false, reason: "Agent result was not successful." };
+  }
+  return { passed: true };
+}
+function chunk(items, size) {
+  const safeSize = Math.max(1, size);
+  const result = [];
+  for (let index = 0; index < items.length; index += safeSize) {
+    result.push(items.slice(index, index + safeSize));
+  }
+  return result;
+}
+function riskRank(risk) {
+  switch (risk) {
+    case "read-only":
+      return 0;
+    case "network":
+      return 1;
+    case "write":
+      return 2;
+    case "destructive":
+      return 3;
+    case "secrets-sensitive":
+      return 4;
+  }
+}
+function cloneUnknown(value) {
+  if (value === void 0 || value === null) return value;
+  try {
+    return JSON.parse(JSON.stringify(value));
+  } catch {
+    return value;
+  }
+}
+function cloneRecord(record) {
+  return {
+    ...record,
+    value: cloneUnknown(record.value),
+    provenance: { ...record.provenance }
+  };
+}
+function isAgentArtifact(value) {
+  return typeof value === "object" && value !== null && "id" in value && "kind" in value && "content" in value && "createdAt" in value;
+}
 function cloneArtifact(artifact) {
   return {
     ...artifact,
@@ -20562,29 +21137,7 @@ var AgentManager = class extends EventEmitter {
   }
 };
 function agentTypeToRuntimeRole(type) {
-  switch (type) {
-    case "explore":
-      return "researcher";
-    case "plan":
-      return "planner";
-    case "test":
-    case "e2e":
-    case "tdd":
-      return "tester";
-    case "debug":
-    case "refactor":
-      return "coder";
-    case "review":
-      return "reviewer";
-    case "architect":
-      return "architect";
-    case "security":
-      return "security";
-    case "docs":
-      return "docs";
-    case "database":
-      return "database";
-  }
+  return mapLegacyAgentRole(type);
 }
 
 // src/agents/provider-bridge.ts
@@ -21846,14 +22399,14 @@ ${message}
       const subprocess = execa(command, options);
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -22529,7 +23082,7 @@ var AGENT_TYPES = [
   "docs",
   "database"
 ];
-var LEGACY_ROLE_MAP = {
+var LEGACY_ROLE_MAP2 = {
   researcher: "explore",
   coder: "debug",
   // "debug" has write + bash + read — closest to general coding
@@ -22549,7 +23102,7 @@ var SpawnSimpleAgentSchema = z.object({
 });
 function resolveAgentType(input) {
   if (input.type) return input.type;
-  if (input.role && input.role in LEGACY_ROLE_MAP) return LEGACY_ROLE_MAP[input.role];
+  if (input.role && input.role in LEGACY_ROLE_MAP2) return LEGACY_ROLE_MAP2[input.role];
   return "explore";
 }
 var spawnSimpleAgentTool = defineTool({
@@ -23827,14 +24380,14 @@ ${message}
       const subprocess = execa(pm, cmdArgs, options);
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -23952,14 +24505,14 @@ ${message}
       const subprocess = execa(pm, cmdArgs, options);
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -24054,14 +24607,14 @@ ${message}
       const subprocess = execa("make", cmdArgs, options);
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -24157,14 +24710,14 @@ ${message}
       const subprocess = execa("npx", ["tsc", ...cmdArgs], options);
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -24261,14 +24814,14 @@ ${message}
       });
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -24348,14 +24901,14 @@ ${message}
       });
       let stdoutBuffer = "";
       let stderrBuffer = "";
-      subprocess.stdout?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stdout?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stdoutBuffer += text2;
         process.stdout.write(text2);
         heartbeat.activity();
       });
-      subprocess.stderr?.on("data", (chunk) => {
-        const text2 = chunk.toString();
+      subprocess.stderr?.on("data", (chunk2) => {
+        const text2 = chunk2.toString();
         stderrBuffer += text2;
         process.stderr.write(text2);
         heartbeat.activity();
@@ -27563,13 +28116,13 @@ Examples:
           const content = await fs28.readFile(fullPath, "utf-8");
           if (content.length > 1e5) continue;
           const fileChunks = chunkContent(content, DEFAULT_CHUNK_SIZE);
-          for (const chunk of fileChunks) {
-            const vector = await getEmbedding(chunk.text);
+          for (const chunk2 of fileChunks) {
+            const vector = await getEmbedding(chunk2.text);
             chunks.push({
               file,
-              startLine: chunk.startLine,
-              endLine: chunk.endLine,
-              text: chunk.text,
+              startLine: chunk2.startLine,
+              endLine: chunk2.endLine,
+              text: chunk2.text,
               vector,
               mtime: stat2.mtimeMs
             });
@@ -27603,9 +28156,9 @@ Examples:
       }
     }
     const queryVector = await getEmbedding(query);
-    const scored = index.chunks.map((chunk) => ({
-      chunk,
-      score: cosineSimilarity(queryVector, chunk.vector)
+    const scored = index.chunks.map((chunk2) => ({
+      chunk: chunk2,
+      score: cosineSimilarity(queryVector, chunk2.vector)
     }));
     const filtered = scored.filter((s) => s.score >= effectiveThreshold).sort((a, b) => b.score - a.score).slice(0, effectiveMaxResults);
     const results = filtered.map((s) => {
@@ -32701,7 +33254,6 @@ var READ_ONLY_TOOL_NAMES = /* @__PURE__ */ new Set([
   "recall_memory",
   "list_memories",
   "list_checkpoints",
-  "spawnSimpleAgent",
   "checkAgentCapability"
 ]);
 var WRITE_CAPABLE_TOOL_NAMES = /* @__PURE__ */ new Set(["run_linter"]);
@@ -32747,6 +33299,22 @@ var DefaultPermissionPolicy = class {
     return { allowed: true, risk };
   }
   canExecuteToolInput(mode, tool, input) {
+    if (tool.name === "spawnSimpleAgent") {
+      const risk = riskForSpawnedAgent(input);
+      const definition2 = getAgentMode(mode);
+      if (definition2.readOnly && risk !== "read-only" && risk !== "network") {
+        return {
+          allowed: false,
+          reason: `${definition2.label} mode is read-only; spawnSimpleAgent with this role can perform ${risk} work.`,
+          risk
+        };
+      }
+      return {
+        allowed: true,
+        requiresConfirmation: risk === "destructive" || risk === "secrets-sensitive",
+        risk
+      };
+    }
     if (tool.name !== "run_linter") {
       return this.canExecuteTool(mode, tool);
     }
@@ -32766,6 +33334,37 @@ var DefaultPermissionPolicy = class {
 function createPermissionPolicy() {
   return new DefaultPermissionPolicy();
 }
+function riskForSpawnedAgent(input) {
+  const type = typeof input["type"] === "string" ? input["type"] : void 0;
+  const role = typeof input["role"] === "string" ? input["role"] : void 0;
+  const resolved = type ?? role;
+  switch (resolved) {
+    case "explore":
+    case "plan":
+    case "review":
+    case "architect":
+    case "security":
+    case "docs":
+    case "researcher":
+    case "reviewer":
+    case "planner":
+      return "read-only";
+    case "database":
+      return "secrets-sensitive";
+    case "test":
+    case "tdd":
+    case "e2e":
+    case "tester":
+      return "destructive";
+    case "debug":
+    case "refactor":
+    case "coder":
+    case "optimizer":
+      return "write";
+    default:
+      return "read-only";
+  }
+}
 
 // src/runtime/provider-registry.ts
 init_catalog();
@@ -33158,19 +33757,26 @@ function createWorkflowRegistry(workflows) {
 
 // src/runtime/workflow-engine.ts
 var WorkflowEngine = class {
-  constructor(catalog = createWorkflowCatalog(), eventLog = createEventLog()) {
+  constructor(catalog = createWorkflowCatalog(), eventLog = createEventLog(), options = {}) {
     this.catalog = catalog;
     this.eventLog = eventLog;
+    this.sharedState = options.sharedState ?? new InMemorySharedWorkspaceStore();
+    this.nodeExecutor = options.nodeExecutor;
   }
   catalog;
   eventLog;
   handlers = /* @__PURE__ */ new Map();
+  sharedState;
+  nodeExecutor;
   registerHandler(workflowId, handler) {
     if (!this.catalog.get(workflowId)) {
       throw new Error(`Unknown workflow: ${workflowId}`);
     }
     this.handlers.set(workflowId, handler);
   }
+  registerNodeExecutor(executor) {
+    this.nodeExecutor = executor;
+  }
   createPlan(workflowId, input) {
     return this.catalog.createPlan(workflowId, input, this.eventLog);
   }
@@ -33180,23 +33786,35 @@ var WorkflowEngine = class {
       throw new Error(`Unknown workflow: ${request.workflowId}`);
     }
     const handler = this.handlers.get(request.workflowId);
-    if (!handler) {
-      throw new Error(`No handler registered for workflow: ${request.workflowId}`);
-    }
     const plan = request.plan ?? this.createPlan(request.workflowId, request.input);
     const startedAt = (/* @__PURE__ */ new Date()).toISOString();
     const runId = `${request.workflowId}-run-${Date.now().toString(36)}`;
+    const trace = createAgentTraceContext({ workflowRunId: runId });
     this.eventLog.record("workflow.started", {
       workflowId: request.workflowId,
       planId: plan.id,
-      runId
+      runId,
+      trace
     });
     try {
-      const output = await handler(request.input, {
+      const graphResult = handler ? void 0 : await new AgentGraphEngine({
+        eventLog: this.eventLog,
+        sharedState: this.sharedState,
+        nodeExecutor: this.nodeExecutor,
+        trace
+      }).run({
+        workflowRunId: runId,
+        graph: workflowToAgentGraph(workflow),
+        input: request.input
+      });
+      const output = graphResult ?? await handler(request.input, {
         workflow,
         plan,
         eventLog: this.eventLog
       });
+      if (graphResult?.status === "failed") {
+        throw new Error(graphResult.error ?? "Workflow graph failed");
+      }
       const completedAt = (/* @__PURE__ */ new Date()).toISOString();
       const result = {
         id: runId,
@@ -33204,12 +33822,15 @@ var WorkflowEngine = class {
         status: "completed",
         output,
         startedAt,
-        completedAt
+        completedAt,
+        graphResult,
+        trace
       };
       this.eventLog.record("workflow.completed", {
         workflowId: request.workflowId,
         planId: plan.id,
-        runId
+        runId,
+        trace
       });
       return result;
     } catch (error) {
@@ -33219,7 +33840,8 @@ var WorkflowEngine = class {
         workflowId: request.workflowId,
         planId: plan.id,
         runId,
-        error: message
+        error: message,
+        trace
       });
       return {
         id: runId,
@@ -33228,13 +33850,14 @@ var WorkflowEngine = class {
         output: null,
         startedAt,
         completedAt,
-        error: message
+        error: message,
+        trace
       };
     }
   }
 };
-function createWorkflowEngine(catalog, eventLog) {
-  return new WorkflowEngine(catalog, eventLog);
+function createWorkflowEngine(catalog, eventLog, options) {
+  return new WorkflowEngine(catalog, eventLog, options);
 }
 
 // src/runtime/agent-runtime.ts
@@ -33412,7 +34035,7 @@ var AgentRuntime = class {
     let completed = false;
     let failed = false;
     try {
-      for await (const chunk of provider.stream(messages, {
+      for await (const chunk2 of provider.stream(messages, {
         model: input.options?.model,
         maxTokens: input.options?.maxTokens,
         temperature: input.options?.temperature,
@@ -33422,12 +34045,12 @@ var AgentRuntime = class {
         signal: input.options?.signal,
         thinking: input.options?.thinking
       })) {
-        if (chunk.type === "text" && chunk.text) {
-          content += chunk.text;
+        if (chunk2.type === "text" && chunk2.text) {
+          content += chunk2.text;
           yield {
             type: "text",
             sessionId: effectiveSession.id,
-            text: chunk.text
+            text: chunk2.text
           };
         }
       }
@@ -33607,6 +34230,104 @@ async function createAgentRuntime(options) {
   return runtime;
 }
 
+// src/runtime/agent-runner.ts
+var AgentRunner = class {
+  constructor(options = {}) {
+    this.options = options;
+  }
+  options;
+  async run(input) {
+    const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const trace = input.trace ?? createAgentTraceContext({ taskId: input.task.id });
+    this.options.eventLog?.record("agent.started", {
+      taskId: input.task.id,
+      role: input.task.role,
+      trace
+    });
+    try {
+      const raw = await (this.options.executor ?? defaultExecutor)({
+        task: input.task,
+        capability: input.capability,
+        trace,
+        assertToolAllowed: (toolName) => {
+          const decision = evaluateAgentToolPolicy({
+            capability: input.capability,
+            toolName,
+            manifest: input.toolRiskManifest
+          });
+          this.options.eventLog?.record("agent.tool.called", {
+            taskId: input.task.id,
+            role: input.task.role,
+            toolName,
+            decision,
+            trace
+          });
+          if (!decision.allowed) {
+            throw new Error(decision.reason ?? `Tool '${toolName}' is not allowed.`);
+          }
+        }
+      });
+      const result = normalizeAgentRunResult({
+        id: `${input.task.id}-run-${Date.now().toString(36)}`,
+        taskId: input.task.id,
+        role: input.task.role,
+        success: raw.success ?? true,
+        output: raw.output,
+        turns: raw.turns,
+        toolsUsed: raw.toolsUsed,
+        usage: {
+          inputTokens: raw.inputTokens ?? 0,
+          outputTokens: raw.outputTokens ?? 0,
+          estimated: raw.inputTokens === void 0 || raw.outputTokens === void 0
+        },
+        startedAt,
+        completedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        durationMs: Date.now() - Date.parse(startedAt),
+        error: raw.error,
+        metadata: { ...raw.metadata, trace }
+      });
+      this.options.eventLog?.record(result.success ? "agent.completed" : "agent.failed", {
+        taskId: input.task.id,
+        role: input.task.role,
+        agentRunId: result.id,
+        trace,
+        error: result.error
+      });
+      return result;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      const result = normalizeAgentRunResult({
+        id: `${input.task.id}-run-${Date.now().toString(36)}`,
+        taskId: input.task.id,
+        role: input.task.role,
+        success: false,
+        output: message,
+        startedAt,
+        completedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        durationMs: Date.now() - Date.parse(startedAt),
+        error: message,
+        metadata: { trace }
+      });
+      this.options.eventLog?.record("agent.failed", {
+        taskId: input.task.id,
+        role: input.task.role,
+        agentRunId: result.id,
+        trace,
+        error: message
+      });
+      return result;
+    }
+  }
+};
+function createAgentRunner(options) {
+  return new AgentRunner(options);
+}
+async function defaultExecutor(context) {
+  return {
+    output: `Agent ${context.capability.role} accepted task '${context.task.objective}'.`
+  };
+}
+
 // src/runtime/tool-calling-turn-runner.ts
 function runtimeWithTools(runtime) {
   if (runtime && typeof runtime === "object" && "executeTool" in runtime && typeof runtime.executeTool === "function") {
@@ -33725,8 +34446,8 @@ var HttpRequestError = class extends Error {
 async function readJsonBody(request, maxBodyBytes) {
   const chunks = [];
   let size = 0;
-  for await (const chunk of request) {
-    const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+  for await (const chunk2 of request) {
+    const buffer = Buffer.isBuffer(chunk2) ? chunk2 : Buffer.from(chunk2);
     size += buffer.length;
     if (size > maxBodyBytes) {
       throw new HttpRequestError(`Request body exceeds ${maxBodyBytes} bytes.`, 413);
@@ -33841,7 +34562,7 @@ var SECRET_PATTERNS = [
 var PROMPT_INJECTION_PATTERNS = [
   {
     id: "ignore-instructions",
-    pattern: /\b(ignore|forget|override)\b.{0,40}\b(instructions|system|developer)\b/i
+    pattern: /\b(ignore|forget|override|bypass)\b.{0,60}\b(instructions|system|developer|policy|guardrail)\b/i
   },
   {
     id: "reveal-prompt",
@@ -33850,6 +34571,14 @@ var PROMPT_INJECTION_PATTERNS = [
   {
     id: "tool-exfiltration",
     pattern: /\b(use|call|run)\b.{0,40}\b(tool|shell|filesystem|git)\b.{0,40}\b(secret|token|key)\b/i
+  },
+  {
+    id: "agent-privilege-escalation",
+    pattern: /\b(spawn|delegate|handoff)\b.{0,50}\b(agent|sub.?agent)\b.{0,50}\b(admin|root|full access|unrestricted|destructive)\b/i
+  },
+  {
+    id: "credential-exfiltration",
+    pattern: /\b(exfiltrate|copy|send|upload)\b.{0,50}\b(secret|token|api key|credential|private key)\b/i
   }
 ];
 var defaultPublicGuardrails = {
@@ -34363,6 +35092,6 @@ init_errors();
 init_logger();
 init_proxy();
 
-export { ADRGenerator, AGENT_MODES, AGENT_PRESETS, AgentRuntime, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DEFAULT_WORKFLOWS, DefaultPermissionPolicy, DefaultRuntimeTurnRunner, DiscoveryEngine, DockerGenerator, DocsGenerator, FileEventLog, FileRuntimeSessionStore, InMemoryEventLog, InMemoryKnowledgeRetriever, InMemoryRuntimeSessionStore, OrchestrateExecutor, OutputExecutor, PhaseError, ProviderRegistry, SessionManager, SharedWorkspaceState, SpecificationGenerator, TaskError, TaskIterator, ToolCallingRuntimeTurnRunner, ToolRegistry, VERSION, WorkflowCatalog, WorkflowEngine, WorkflowRegistry, appointmentBookingAssistantPreset, codingAgentPreset, configExists, createADRGenerator, createAgentArtifact, createAgentFromBlueprint, createAgentRuntime, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createBaseBlueprint, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCodingToolRegistry, createCompleteExecutor, createConvergeExecutor, createCustomerSupportToolRegistry, createDefaultConfig, createDefaultRuntimeTurnRunner, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createEventLog, createFileEventLog, createFileRuntimeSessionStore, createFullToolRegistry, createHttpAssistantAdapter, createInMemoryKnowledgeRetriever, createLogger, createMcpToolPolicy, createNoToolRegistry, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createPermissionPolicy, createProvider, createProviderRegistry, createPublicWebToolRegistry, createRagToolRegistry, createRuntimeHttpServer, createRuntimeSessionStore, createSafeToolRegistry, createSessionManager, createSpecificationGenerator, createStreamingHttpAssistantAdapter, createSummaryArtifact, createSupportRagToolRegistry, createTaskIterator, createToolCallingRuntimeTurnRunner, createToolRegistry, createWebhookAssistantAdapter, createWorkflowCatalog, createWorkflowEngine, createWorkflowRegistry, customerSupportAssistantPreset, defaultPublicGuardrails, formatRetrievedSourcesForPrompt, getAgentMode, installProxyDispatcher, internalOpsAssistantPreset, isAgentMode, listAgentModes, loadConfig, mapActionModeToRuntimeMode, normalizeAgentRunResult, publicWebsiteAssistantPreset, ragKnowledgeAssistantPreset, redactSecrets, registerAllTools, runGuardrails, salesIntakeAssistantPreset, saveConfig, supportRagAssistantPreset, validateAgentCapabilities, validateAgentGraph, validateStructuredOutput, workflowToAgentGraph };
+export { ADRGenerator, AGENT_MODES, AGENT_PRESETS, AgentGraphEngine, AgentRunner, AgentRuntime, AnthropicProvider, ArchitectureGenerator, BacklogGenerator, CICDGenerator, CocoError, CodeGenerator, CodeReviewer, CompleteExecutor, ConfigError, ConvergeExecutor, DEFAULT_WORKFLOWS, DefaultPermissionPolicy, DefaultRuntimeTurnRunner, DiscoveryEngine, DockerGenerator, DocsGenerator, FileEventLog, FileRuntimeSessionStore, FileSharedWorkspaceStore, InMemoryEventLog, InMemoryKnowledgeRetriever, InMemoryRuntimeSessionStore, InMemorySharedWorkspaceStore, OrchestrateExecutor, OutputExecutor, PhaseError, ProviderRegistry, SessionManager, SharedWorkspaceState, SpecificationGenerator, TaskError, TaskIterator, ToolCallingRuntimeTurnRunner, ToolRegistry, VERSION, WorkflowCatalog, WorkflowEngine, WorkflowRegistry, appointmentBookingAssistantPreset, codingAgentPreset, configExists, createADRGenerator, createAgentArtifact, createAgentFromBlueprint, createAgentGraphEngine, createAgentRunner, createAgentRuntime, createAgentTraceContext, createAnthropicProvider, createArchitectureGenerator, createBacklogGenerator, createBaseBlueprint, createCICDGenerator, createCodeGenerator, createCodeReviewer, createCodingToolRegistry, createCompleteExecutor, createConvergeExecutor, createCustomerSupportToolRegistry, createDefaultConfig, createDefaultRuntimeTurnRunner, createDiscoveryEngine, createDockerGenerator, createDocsGenerator, createEventLog, createFileEventLog, createFileRuntimeSessionStore, createFullToolRegistry, createHttpAssistantAdapter, createInMemoryKnowledgeRetriever, createLogger, createMcpToolPolicy, createNoToolRegistry, createOrchestrateExecutor, createOrchestrator, createOutputExecutor, createPermissionPolicy, createProvider, createProviderRegistry, createPublicWebToolRegistry, createRagToolRegistry, createRuntimeHttpServer, createRuntimeSessionStore, createSafeToolRegistry, createSessionManager, createSpecificationGenerator, createStreamingHttpAssistantAdapter, createSummaryArtifact, createSupportRagToolRegistry, createTaskIterator, createToolCallingRuntimeTurnRunner, createToolRegistry, createWebhookAssistantAdapter, createWorkflowCatalog, createWorkflowEngine, createWorkflowRegistry, customerSupportAssistantPreset, defaultPublicGuardrails, evaluateAgentToolPolicy, formatRetrievedSourcesForPrompt, getAgentMode, installProxyDispatcher, internalOpsAssistantPreset, isAgentMode, listAgentModes, listLegacyAgentRoleMappings, loadConfig, mapActionModeToRuntimeMode, mapLegacyAgentRole, normalizeAgentRunResult, publicWebsiteAssistantPreset, ragKnowledgeAssistantPreset, redactSecrets, registerAllTools, runGuardrails, salesIntakeAssistantPreset, saveConfig, supportRagAssistantPreset, validateAgentCapabilities, validateAgentGraph, validateStructuredOutput, workflowToAgentGraph };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map