@cybernetyx1/atlasflow-runtime 0.1.0

package/dist/index.js

@@ -0,0 +1,965 @@
+import {
+  BUILTIN_TOOL_NAMES,
+  EngineError,
+  EventBus,
+  Harness,
+  PiAgentEngine,
+  RuleViolation,
+  Session,
+  ToolApprovalRequiredError,
+  WorkflowDefSchema,
+  addUsage,
+  advanceWorkflow,
+  applyProfile,
+  approveGate,
+  attachToolApprovalPartialTranscript,
+  builtinTools,
+  createAgent,
+  cronMatches,
+  defaultEngine,
+  defineAgent,
+  defineAgentProfile,
+  defineChannel,
+  defineTool,
+  discoverSessionContext,
+  dispatchWorkflow,
+  emptyUsage,
+  envApiKeyFor,
+  genId,
+  getDefaultPersistence,
+  invokeAgent,
+  isChannelDefinition,
+  isCreatedAgent,
+  isRawTool,
+  isToolApprovalRequiredError,
+  isWorkspaceSkill,
+  loadWorkspaceSkill,
+  makeCall,
+  makeRuleGuard,
+  observe,
+  parseSkillMarkdown,
+  parseWorkflowDef,
+  rawTool,
+  recoverRuns,
+  recoverWorkflows,
+  resolveAnyTool,
+  resolveTool,
+  startCronScheduler,
+  startWorkflow,
+  verifyGithubWebhookSignature,
+  verifySlackRequestSignature,
+  waitingGate
+} from "./chunk-RF6W3TKJ.js";
+import {
+  BaseSandboxEnv,
+  bash,
+  bashFactoryToSessionEnv,
+  createCwdSessionEnv,
+  defineSandbox,
+  isSandboxFactory,
+  makeFs,
+  resolveSandboxNetworkPolicy,
+  sandboxCascade,
+  sandboxHeaderFromEnv,
+  virtualSandbox,
+  writeFileCreatingParents
+} from "./chunk-4DU4GJ2X.js";
+import {
+  DurableStreamSubscriptionStoreBase,
+  InMemoryRunStore,
+  InMemorySessionStore,
+  InMemoryStreamStore,
+  InMemorySubscriptionStore,
+  inMemoryAdapter,
+  isJsonStreamContentType,
+  isUnsafeNetworkHost,
+  kvAdapter,
+  normalizeStreamContentType,
+  streamMessageBytes
+} from "./chunk-M4JW76IL.js";
+import {
+  createScopedSessionEnv,
+  defineCommand,
+  mergeCommands,
+  normalizeCommandExecutor
+} from "./chunk-S7RZJMCF.js";
+import {
+  ProviderRegistrationError,
+  getApiProvider,
+  getApiProviders,
+  getRegisteredApiKey,
+  getRegisteredStoreResponses,
+  hasRegisteredProvider,
+  registerApiProvider,
+  registerProvider,
+  resetProvidersForTests,
+  resolveRegisteredModel,
+  unregisterApiProviders
+} from "./chunk-HO6QHSUS.js";
+
+// src/persona.ts
+import * as v from "valibot";
+var ProvenanceSchema = v.optional(v.picklist(["earned", "taught", "ingested", "researched", "inherited"]), "taught");
+var IdentitySchema = v.object({
+  role: v.optional(v.string()),
+  disposition: v.optional(v.string()),
+  voice: v.optional(v.string()),
+  taste: v.optional(v.string()),
+  instructions: v.optional(v.string())
+});
+var SkillSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  description: v.optional(v.string(), ""),
+  /** Alias accepted on import for agentskills.io round-tripping. */
+  when_to_use: v.optional(v.string()),
+  body: v.string(),
+  allowedTools: v.optional(v.array(v.string())),
+  provenance: ProvenanceSchema
+});
+var ContextPackSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  description: v.optional(v.string()),
+  version: v.optional(v.string()),
+  mount: v.optional(v.picklist(["context", "sandbox"])),
+  items: v.array(v.object({ name: v.pipe(v.string(), v.minLength(1)), content: v.string() })),
+  provenance: ProvenanceSchema
+});
+var StandardSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  content: v.string(),
+  provenance: ProvenanceSchema
+});
+var RuleSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  enforce: v.picklist(["before_prompt", "before_tool", "after_tool"]),
+  tools: v.optional(v.array(v.string())),
+  pattern: v.optional(v.string()),
+  action: v.optional(v.picklist(["block", "warn"]), "block"),
+  message: v.string(),
+  provenance: ProvenanceSchema
+});
+var SubPersonaSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  model: v.optional(v.string()),
+  instructions: v.string(),
+  provenance: ProvenanceSchema
+});
+var TriggersSchema = v.object({
+  webhook: v.optional(v.boolean()),
+  cron: v.optional(v.string())
+});
+var SlotSchema = v.object({
+  name: v.pipe(v.string(), v.minLength(1)),
+  type: v.picklist(["credential", "mcp", "tool", "sandbox", "memory"]),
+  /** For credential slots: the env var the workspace must bind. */
+  env: v.optional(v.string()),
+  required: v.optional(v.boolean(), false),
+  description: v.optional(v.string())
+});
+var DefaultsSchema = v.object({
+  thinkingLevel: v.optional(v.picklist(["off", "minimal", "low", "medium", "high", "xhigh"])),
+  headless: v.optional(v.boolean()),
+  builtinTools: v.optional(v.union([v.boolean(), v.array(v.string())])),
+  compaction: v.optional(v.union([v.literal(false), v.object({ threshold: v.optional(v.number()), thresholdTokens: v.optional(v.number()), keepRecent: v.optional(v.number()) })])),
+  durability: v.optional(v.object({ retry: v.optional(v.number()), timeoutMs: v.optional(v.number()) }))
+});
+var PersonaManifestSchema = v.object({
+  /** Optional editor schema reference. Ignored by the runtime. */
+  $schema: v.optional(v.string()),
+  /** Manifest version. v1 is frozen; breaking changes bump it. */
+  atlasflow: v.literal(1),
+  name: v.pipe(v.string(), v.minLength(1)),
+  description: v.optional(v.string()),
+  identity: v.optional(IdentitySchema),
+  model: v.pipe(v.string(), v.minLength(1)),
+  loadout: v.optional(
+    v.object({
+      skills: v.optional(v.array(SkillSchema)),
+      contextPacks: v.optional(v.array(ContextPackSchema)),
+      standards: v.optional(v.array(StandardSchema)),
+      rules: v.optional(v.array(RuleSchema)),
+      workflows: v.optional(v.array(WorkflowDefSchema)),
+      personas: v.optional(v.array(SubPersonaSchema)),
+      triggers: v.optional(TriggersSchema)
+    })
+  ),
+  slots: v.optional(v.array(SlotSchema)),
+  defaults: v.optional(DefaultsSchema),
+  /** Opaque Brain metadata (lineage, fork base, provenance summary). */
+  provenance: v.optional(v.record(v.string(), v.unknown()))
+});
+function parsePersonaManifest(value) {
+  const r = v.safeParse(PersonaManifestSchema, value);
+  if (!r.success) {
+    const issues = r.issues.map((i) => `${i.path?.map((p) => String(p.key)).join(".") || "(root)"}: ${i.message}`).join("; ");
+    throw new Error(`Invalid persona manifest: ${issues}`);
+  }
+  return r.output;
+}
+function composeIdentity(m) {
+  const id = m.identity ?? {};
+  const sections = [];
+  if (id.role) sections.push(`You are ${id.role}.`);
+  if (id.disposition) sections.push(`Disposition: ${id.disposition}`);
+  if (id.voice) sections.push(`Voice: ${id.voice}`);
+  if (id.taste) sections.push(`Taste: ${id.taste}`);
+  if (id.instructions) sections.push(id.instructions);
+  for (const s of m.loadout?.standards ?? []) {
+    sections.push(`## Standard: ${s.name}
+${s.content}`);
+  }
+  return sections.length ? sections.join("\n\n") : void 0;
+}
+function validateSlots(m, env, bindings, resolvedTools) {
+  const unbound = [];
+  for (const slot of m.slots ?? []) {
+    if (!slot.required) continue;
+    if (slot.type === "credential") {
+      const name = slot.env ?? slot.name;
+      if (typeof env[name] !== "string" || !env[name]) unbound.push(`${slot.name} (credential: set ${name})`);
+    } else if (slot.type === "sandbox") {
+      if (!bindings?.sandbox) unbound.push(`${slot.name} (sandbox: pass bindings.sandbox)`);
+    } else if (slot.type === "mcp" || slot.type === "tool" || slot.type === "memory") {
+      const hasSlotTools = Boolean(resolvedTools?.toolsBySlot[slot.name]?.length);
+      const hasLegacyTools = slot.type !== "memory" && !bindings?.toolSlots && Boolean(resolvedTools?.tools.length);
+      if (!hasSlotTools && !hasLegacyTools) {
+        if (slot.type === "memory") {
+          unbound.push(`${slot.name} (memory: pass a read-only connector in bindings.toolSlots.${slot.name})`);
+        } else {
+          const hint = slot.type === "mcp" ? "mcp/tool" : "tool";
+          unbound.push(`${slot.name} (${hint}: pass bindings.toolSlots.${slot.name}${slot.type === "mcp" ? " or bindings.tools" : ""})`);
+        }
+      }
+    }
+  }
+  if (unbound.length) {
+    throw new Error(`Persona "${m.name}" has unbound required slots: ${unbound.join("; ")}. Credentials are bound by the workspace and never travel with a persona.`);
+  }
+}
+async function resolveOneToolsBinding(source, ctx) {
+  if (!source) return { tools: [] };
+  const resolved = typeof source === "function" ? await source(ctx) : source;
+  if (Array.isArray(resolved)) return { tools: resolved };
+  if (isAnyTool(resolved)) return { tools: [resolved] };
+  if (isToolBindingResult(resolved)) return resolved;
+  const slot = ctx.slot?.name ? ` for slot "${ctx.slot.name}"` : "";
+  throw new Error(`Invalid persona tools binding${slot}: expected a tool, an array of tools, or { tools, cleanup? }.`);
+}
+function isAnyTool(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return false;
+  const tool = value;
+  return typeof tool.name === "string" && typeof tool.description === "string" && "parameters" in tool && typeof tool.execute === "function";
+}
+function isToolBindingResult(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return false;
+  const result = value;
+  if (!Array.isArray(result.tools)) return false;
+  if (!result.tools.every(isAnyTool)) return false;
+  return (result.cleanup === void 0 || typeof result.cleanup === "function") && (result.close === void 0 || typeof result.close === "function");
+}
+async function resolveToolsBinding(m, ctx, bindings) {
+  const tools = [];
+  const toolsBySlot = {};
+  const cleanup = [];
+  const collect = (slotName, resolved) => {
+    tools.push(...resolved.tools);
+    if (slotName) toolsBySlot[slotName] = resolved.tools;
+    const dispose = resolved.cleanup ?? resolved.close;
+    if (dispose) cleanup.push(dispose);
+  };
+  collect(void 0, await resolveOneToolsBinding(bindings?.tools, { ...ctx, manifest: m }));
+  for (const [slotName, source] of Object.entries(bindings?.toolSlots ?? {})) {
+    const slot = (m.slots ?? []).find((s) => s.name === slotName);
+    collect(slotName, await resolveOneToolsBinding(source, { ...ctx, manifest: m, slot }));
+  }
+  return {
+    tools,
+    toolsBySlot,
+    cleanup: cleanup.length === 0 ? void 0 : async () => {
+      for (const dispose of cleanup.toReversed()) await dispose();
+    }
+  };
+}
+function personaAgent(manifest, bindings) {
+  const m = parsePersonaManifest(manifest);
+  return createAgent(async (ctx) => {
+    const env = ctx.env;
+    const toolBinding = await resolveToolsBinding(m, { id: ctx.id, env }, bindings);
+    validateSlots(m, env, bindings, toolBinding);
+    const sandbox = typeof bindings?.sandbox === "function" ? bindings.sandbox({ id: ctx.id, env }) : bindings?.sandbox;
+    const config = {
+      name: m.name,
+      description: m.description,
+      model: m.model,
+      instructions: composeIdentity(m),
+      tools: toolBinding.tools,
+      skillLoading: bindings?.skillLoading,
+      skills: (m.loadout?.skills ?? []).map((s) => ({
+        name: s.name,
+        description: s.when_to_use ?? s.description,
+        body: s.body,
+        allowedTools: s.allowedTools
+      })),
+      contextPacks: m.loadout?.contextPacks,
+      contextLoading: bindings?.contextLoading,
+      rules: m.loadout?.rules,
+      personas: m.loadout?.personas?.map((p) => ({ name: p.name, model: p.model, instructions: p.instructions })),
+      sandbox,
+      thinkingLevel: m.defaults?.thinkingLevel,
+      headless: m.defaults?.headless,
+      builtinTools: m.defaults?.builtinTools,
+      compaction: m.defaults?.compaction,
+      durability: m.defaults?.durability,
+      cleanup: toolBinding.cleanup
+    };
+    return config;
+  });
+}
+function personaWorkflows(manifest) {
+  const m = parsePersonaManifest(manifest);
+  return Object.fromEntries((m.loadout?.workflows ?? []).map((w) => [w.name, w]));
+}
+function personaWorkflowMounts(manifest) {
+  const m = parsePersonaManifest(manifest);
+  const skills = (m.loadout?.skills ?? []).map((s) => ({ name: s.name, description: s.when_to_use ?? s.description, body: s.body }));
+  const profiles = (m.loadout?.personas ?? []).map((p) => ({ name: p.name, model: p.model, instructions: p.instructions }));
+  return Object.fromEntries(
+    // defaultPersona = the owner: a persona's workflow steps run AS the persona.
+    (m.loadout?.workflows ?? []).map((w) => [w.name, { def: w, skills, defaultModel: m.model, defaultPersona: m.name, profiles }])
+  );
+}
+function personaTriggers(manifest) {
+  const m = parsePersonaManifest(manifest);
+  return m.loadout?.triggers ?? { webhook: true };
+}
+
+// src/memory.ts
+import * as v2 from "valibot";
+var MemorySearchParametersSchema = v2.object({
+  query: v2.pipe(v2.string(), v2.minLength(1)),
+  limit: v2.optional(v2.number()),
+  scope: v2.optional(v2.string())
+});
+function defineMemoryConnector(options) {
+  return defineTool({
+    name: options.name ?? "memory_search",
+    description: options.description ?? "Search workspace-bound read-only memory for relevant facts.",
+    parameters: MemorySearchParametersSchema,
+    execute: async (args, signal) => {
+      const results = await options.search(args, signal);
+      return JSON.stringify({ results });
+    }
+  });
+}
+
+// src/connection.ts
+var CallParameters = {
+  type: "object",
+  properties: {
+    operation: { type: "string", description: "Operation name returned by the search tool." },
+    arguments: { type: "object", additionalProperties: true, description: "Arguments for the selected operation." }
+  },
+  required: ["operation"],
+  additionalProperties: false
+};
+var SearchParameters = {
+  type: "object",
+  properties: {
+    query: { type: "string", description: "Search text for operation names and descriptions." },
+    limit: { type: "number", description: "Maximum operations to return." }
+  },
+  required: ["query"],
+  additionalProperties: false
+};
+function defineHttpConnection(options) {
+  const operations = normalizeOperations(options.operations);
+  const expose = options.expose ?? "lazy";
+  return async (ctx) => {
+    const baseUrl = resolveBaseUrl(options, ctx);
+    const sharedHeaders = await resolveHeaders(options.headers, ctx);
+    const fetchImpl = options.fetch ?? fetch;
+    const tools = [];
+    if (expose === "lazy" || expose === "both") {
+      tools.push(
+        connectionSearchTool(options.name, operations),
+        connectionCallTool(options.name, operations, baseUrl, sharedHeaders, fetchImpl, ctx, options.allowInsecureHttp === true, options.allowPrivateNetwork === true)
+      );
+    }
+    if (expose === "direct" || expose === "both") {
+      for (const operation of operations) {
+        tools.push(operationTool(options.name, operation, baseUrl, sharedHeaders, fetchImpl, ctx, options.allowInsecureHttp === true, options.allowPrivateNetwork === true));
+      }
+    }
+    return { tools };
+  };
+}
+function connectionSearchTool(name, operations) {
+  return rawTool({
+    name: `${toolPart(name)}__search`,
+    description: `Search operations available on the "${name}" connection.`,
+    parameters: SearchParameters,
+    execute: async (args) => {
+      const query = String(args.query ?? "").trim().toLowerCase();
+      const limit = finitePositiveNumber(args.limit) ?? 10;
+      const scored = operations.map((operation) => ({ operation, score: scoreOperation(operation, query) })).filter((item) => item.score > 0 || !query).sort((a, b) => b.score - a.score || a.operation.name.localeCompare(b.operation.name)).slice(0, limit).map(({ operation }) => describeOperation(operation));
+      return JSON.stringify({ operations: scored });
+    }
+  });
+}
+function connectionCallTool(name, operations, baseUrl, sharedHeaders, fetchImpl, ctx, allowInsecureHttp, allowPrivateNetwork) {
+  return rawTool({
+    name: `${toolPart(name)}__call`,
+    description: `Call one operation on the "${name}" connection. Use ${toolPart(name)}__search first when unsure which operation to call.`,
+    parameters: CallParameters,
+    execute: async (args, signal) => {
+      const operationName = String(args.operation ?? "");
+      const operation = operations.find((item) => item.name === operationName);
+      if (!operation) throw new Error(`Unknown connection operation "${operationName}". Available: ${operations.map((item) => item.name).join(", ")}`);
+      return executeOperation(operation, objectArg(args.arguments), { baseUrl, sharedHeaders, fetchImpl, ctx, signal, allowInsecureHttp, allowPrivateNetwork });
+    }
+  });
+}
+function operationTool(name, operation, baseUrl, sharedHeaders, fetchImpl, ctx, allowInsecureHttp, allowPrivateNetwork) {
+  return rawTool({
+    name: `${toolPart(name)}__${toolPart(operation.name)}`,
+    description: operation.description,
+    parameters: operation.parameters ?? { type: "object", properties: {}, additionalProperties: true },
+    execute: async (args, signal) => executeOperation(operation, objectArg(args), { baseUrl, sharedHeaders, fetchImpl, ctx, signal, allowInsecureHttp, allowPrivateNetwork })
+  });
+}
+async function executeOperation(operation, args, options) {
+  const request = await buildRequest(operation, args, options);
+  const response = await options.fetchImpl(request, { signal: options.signal, redirect: "manual" });
+  const text = await response.text();
+  if (response.status >= 300 && response.status < 400) {
+    throw new Error(`Connection operation "${operation.name}" was redirected (${response.status}); redirects are not followed for credential safety.`);
+  }
+  if (!response.ok) throw new Error(`Connection operation "${operation.name}" failed with HTTP ${response.status}: ${text.slice(0, 1e3)}`);
+  const contentType = response.headers.get("content-type") ?? "";
+  if (contentType.includes("application/json")) {
+    try {
+      return JSON.stringify(JSON.parse(text));
+    } catch {
+      return text;
+    }
+  }
+  return text;
+}
+async function buildRequest(operation, args, options) {
+  const method = operation.method ?? "GET";
+  const consumed = /* @__PURE__ */ new Set();
+  let path = operation.path;
+  for (const key of operation.pathParams ?? templateParams(path)) {
+    const value = args[key];
+    if (value === void 0) throw new Error(`Connection operation "${operation.name}" missing path argument "${key}".`);
+    consumed.add(key);
+    path = path.replaceAll(`{${key}}`, encodeURIComponent(String(value)));
+  }
+  const url = new URL(path.replace(/^\/+/, ""), normalizedBaseUrl(options.baseUrl, { allowInsecureHttp: options.allowInsecureHttp, allowPrivateNetwork: options.allowPrivateNetwork }));
+  assertSafeConnectionUrl(url, options);
+  const queryKeys = operation.queryParams ?? (method === "GET" || method === "HEAD" ? Object.keys(args).filter((key) => !consumed.has(key)) : []);
+  for (const key of queryKeys) {
+    consumed.add(key);
+    appendQuery(url, key, args[key]);
+  }
+  let body;
+  if (method !== "GET" && method !== "HEAD") {
+    const bodyValue = operation.body !== void 0 ? await resolveBody(operation.body, args, options.ctx) : operation.bodyParam ? args[operation.bodyParam] : remainingArgs(args, consumed);
+    if (operation.bodyParam) consumed.add(operation.bodyParam);
+    if (bodyValue !== void 0) body = JSON.stringify(bodyValue);
+  }
+  const operationHeaders = await resolveHeaders(operation.headers, options.ctx);
+  const headers = new Headers({ ...options.sharedHeaders, ...operationHeaders });
+  if (body !== void 0 && !headers.has("content-type")) headers.set("content-type", "application/json");
+  return new Request(url, { method, headers, body });
+}
+function normalizeOperations(operations) {
+  if (!operations.length) throw new Error("defineHttpConnection requires at least one operation.");
+  const names = /* @__PURE__ */ new Set();
+  return operations.map((operation) => {
+    const name = operation.name.trim();
+    if (!name) throw new Error("Connection operation names must be non-empty.");
+    if (names.has(name)) throw new Error(`Duplicate connection operation "${name}".`);
+    names.add(name);
+    return { ...operation, name };
+  });
+}
+function resolveBaseUrl(options, ctx) {
+  const fromEnv = options.baseUrlEnv ? stringValue(ctx.env[options.baseUrlEnv]) ?? nodeEnv(options.baseUrlEnv) : void 0;
+  const baseUrl = fromEnv ?? options.baseUrl;
+  if (!baseUrl) throw new Error(`Connection "${options.name}" requires ${options.baseUrlEnv ? `env ${options.baseUrlEnv}` : "a baseUrl"}.`);
+  return normalizedBaseUrl(baseUrl, { allowInsecureHttp: options.allowInsecureHttp === true, allowPrivateNetwork: options.allowPrivateNetwork === true });
+}
+async function resolveHeaders(input, ctx) {
+  if (!input) return {};
+  return typeof input === "function" ? input(ctx) : input;
+}
+async function resolveBody(input, args, ctx) {
+  return typeof input === "function" ? input(args, ctx) : input;
+}
+function normalizedBaseUrl(value, options) {
+  const url = new URL(value.endsWith("/") ? value : `${value}/`);
+  assertSafeConnectionUrl(url, options);
+  return url.toString();
+}
+function assertSafeConnectionUrl(url, options) {
+  if (url.protocol !== "https:" && !(options.allowInsecureHttp && url.protocol === "http:")) {
+    throw new Error("Connection URL must use https: unless allowInsecureHttp is set.");
+  }
+  if (!options.allowPrivateNetwork && isUnsafeNetworkHost(url.hostname)) {
+    throw new Error("Connection URL must not target localhost, private, loopback, link-local, or unspecified hosts unless allowPrivateNetwork is set.");
+  }
+}
+function appendQuery(url, key, value) {
+  if (value === void 0 || value === null) return;
+  if (Array.isArray(value)) {
+    for (const item of value) appendQuery(url, key, item);
+    return;
+  }
+  url.searchParams.append(key, typeof value === "object" ? JSON.stringify(value) : String(value));
+}
+function remainingArgs(args, consumed) {
+  const entries = Object.entries(args).filter(([key, value]) => !consumed.has(key) && value !== void 0);
+  return entries.length ? Object.fromEntries(entries) : void 0;
+}
+function templateParams(path) {
+  return [...path.matchAll(/\{([^}]+)\}/g)].map((match) => match[1]).filter(Boolean);
+}
+function describeOperation(operation) {
+  return {
+    name: operation.name,
+    description: operation.description,
+    method: operation.method ?? "GET",
+    path: operation.path,
+    parameters: operation.parameters ?? { type: "object", properties: {}, additionalProperties: true }
+  };
+}
+function scoreOperation(operation, query) {
+  if (!query) return 1;
+  const haystack = `${operation.name} ${operation.description} ${operation.path}`.toLowerCase();
+  if (operation.name.toLowerCase() === query) return 100;
+  if (operation.name.toLowerCase().includes(query)) return 50;
+  return query.split(/\s+/).filter((term) => term && haystack.includes(term)).length;
+}
+function finitePositiveNumber(value) {
+  return typeof value === "number" && Number.isFinite(value) && value > 0 ? Math.floor(value) : void 0;
+}
+function objectArg(value) {
+  return value && typeof value === "object" && !Array.isArray(value) ? value : {};
+}
+function stringValue(value) {
+  return typeof value === "string" && value ? value : void 0;
+}
+function nodeEnv(key) {
+  return typeof process !== "undefined" ? process.env[key] : void 0;
+}
+function toolPart(value) {
+  return value.replace(/[^A-Za-z0-9_-]/g, "_").replace(/^_+|_+$/g, "") || "connection";
+}
+
+// src/mcp.ts
+import { Client } from "@modelcontextprotocol/sdk/client/index.js";
+import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
+import { ErrorCode, McpError } from "@modelcontextprotocol/sdk/types.js";
+import { AjvJsonSchemaValidator } from "@modelcontextprotocol/sdk/validation/ajv";
+async function connectMcpServer(options) {
+  const client = new Client({ name: options.name ?? "atlasflow", version: "0.0.0" });
+  const serverName = options.prefix ?? options.name ?? "server";
+  const transport = await makeTransport(options);
+  return connectMcpServerWithClient(serverName, client, transport, {
+    timeout: options.timeoutMs,
+    resetTimeoutOnProgress: options.resetTimeoutOnProgress
+  }, options.namespace !== false, describeMcpServer(options));
+}
+async function connectMcpServerWithClient(name, client, transport, requestOptions = {}, namespace = true, description) {
+  try {
+    await client.connect(transport);
+    let page = await client.listTools(void 0, requestOptions);
+    const tools = [...page.tools];
+    const seenCursors = /* @__PURE__ */ new Set();
+    while (page.nextCursor !== void 0) {
+      if (seenCursors.has(page.nextCursor)) {
+        throw new Error(`MCP server "${name}" repeated tools/list cursor ${JSON.stringify(page.nextCursor)} during tool discovery.`);
+      }
+      seenCursors.add(page.nextCursor);
+      page = await client.listTools({ cursor: page.nextCursor }, requestOptions);
+      tools.push(...page.tools);
+    }
+    return { name, tools: createMcpTools(name, client, tools, requestOptions, namespace), close: () => client.close() };
+  } catch (err) {
+    await client.close().catch(() => void 0);
+    if (!description) throw err;
+    const reason = err instanceof Error ? err.message : String(err);
+    throw new Error(`Could not connect to MCP server "${name}" (${description}): ${reason}`);
+  }
+}
+async function makeTransport(options) {
+  const kind = options.transport ?? (options.url ? "http" : "stdio");
+  if (kind === "stdio") {
+    if (!options.command) throw new Error("connectMcpServer: `command` is required for the stdio transport");
+    return new StdioClientTransport({ command: options.command, args: options.args ?? [], env: options.env, cwd: options.cwd });
+  }
+  if (!options.url) throw new Error(`connectMcpServer: \`url\` is required for the ${kind} transport`);
+  const url = new URL(options.url);
+  const init = { requestInit: mergeRequestInit(options.requestInit, options.headers), fetch: options.fetch };
+  if (kind === "sse") return new SSEClientTransport(url, init);
+  return new StreamableHTTPClientTransport(url, init);
+}
+function describeMcpServer(options) {
+  const kind = options.transport ?? (options.url ? "http" : "stdio");
+  if (kind === "stdio") return `stdio ${[options.command, ...options.args ?? []].filter(Boolean).join(" ")}`;
+  return `${kind} ${options.url}`;
+}
+function createMcpTools(serverName, client, tools, requestOptions, namespace) {
+  const names = /* @__PURE__ */ new Set();
+  const validator = new AjvJsonSchemaValidator();
+  const callable = tools.filter((tool) => {
+    const execution = tool;
+    if (execution.execution?.taskSupport !== "required") return true;
+    console.warn(`Skipping MCP tool "${tool.name}" from server "${serverName}": it requires task-based execution, which is not supported.`);
+    return false;
+  });
+  return callable.map((tool) => {
+    const toolName = namespace ? createToolName(serverName, tool.name) : tool.name;
+    if (names.has(toolName)) throw new Error(`MCP tools from server "${serverName}" produced duplicate tool name "${toolName}".`);
+    names.add(toolName);
+    const outputValidator = tool.outputSchema ? validator.getValidator(tool.outputSchema) : void 0;
+    return rawTool({
+      name: toolName,
+      description: createToolDescription(serverName, tool),
+      parameters: normalizeInputSchema(tool.inputSchema),
+      execute: async (args, signal) => {
+        if (signal?.aborted) throw signal.reason ?? new Error("Operation aborted");
+        const result = await client.callTool({ name: tool.name, arguments: args }, void 0, { ...requestOptions, signal });
+        validateMcpResult(tool.name, result, outputValidator);
+        const text = formatMcpResult(result);
+        if (result.isError) throw new Error(text);
+        return text;
+      }
+    });
+  });
+}
+function validateMcpResult(toolName, result, validator) {
+  if (!validator) return;
+  if (result.structuredContent === void 0 && !result.isError) {
+    throw new McpError(ErrorCode.InvalidRequest, `Tool ${toolName} has an output schema but did not return structured content`);
+  }
+  if (result.structuredContent === void 0) return;
+  const validation = validator(result.structuredContent);
+  if (!validation.valid) {
+    throw new McpError(ErrorCode.InvalidParams, `Structured content does not match the tool's output schema: ${validation.errorMessage}`);
+  }
+}
+function mergeRequestInit(requestInit, headers) {
+  if (!headers) return requestInit ?? {};
+  const mergedHeaders = new Headers(requestInit?.headers);
+  for (const [key, value] of Object.entries(headers)) mergedHeaders.set(key, value);
+  return { ...requestInit, headers: mergedHeaders };
+}
+function createToolName(serverName, toolName) {
+  return `mcp__${sanitizeToolNamePart(serverName)}__${sanitizeToolNamePart(toolName)}`;
+}
+function sanitizeToolNamePart(value) {
+  const sanitized = value.replace(/[^A-Za-z0-9_-]/g, "_").replace(/^_+|_+$/g, "");
+  return sanitized || "unnamed";
+}
+function createToolDescription(serverName, tool) {
+  const originalName = tool.name;
+  const title = tool.title ?? tool.annotations?.title;
+  const parts = [`MCP tool "${originalName}" from server "${serverName}".`];
+  if (title && title !== originalName) parts.push(`Title: ${title}.`);
+  if (tool.description) parts.push(tool.description);
+  return parts.join(" ");
+}
+function normalizeInputSchema(schema) {
+  return {
+    ...schema,
+    type: schema.type ?? "object",
+    properties: schema.properties ?? {},
+    required: schema.required
+  };
+}
+function formatMcpResult(result) {
+  const parts = [];
+  if (result.structuredContent !== void 0) parts.push(`Structured content:
+${JSON.stringify(result.structuredContent, null, 2)}`);
+  for (const item of result.content ?? []) {
+    if (item.type === "text") {
+      parts.push(item.text);
+    } else if (item.type === "image") {
+      parts.push(`[Image: ${item.mimeType}, ${item.data.length} base64 chars]`);
+    } else if (item.type === "audio") {
+      parts.push(`[Audio: ${item.mimeType}, ${item.data.length} base64 chars]`);
+    } else if (item.type === "resource") {
+      const resource = item.resource;
+      parts.push("text" in resource ? `[Resource: ${resource.uri}]
+${resource.text}` : `[Resource: ${resource.uri}, ${resource.blob.length} base64 chars]`);
+    } else if (item.type === "resource_link") {
+      const description = item.description ? ` - ${item.description}` : "";
+      parts.push(`[Resource link: ${item.name} (${item.uri})${description}]`);
+    } else {
+      parts.push(JSON.stringify(item));
+    }
+  }
+  return parts.filter(Boolean).join("\n\n") || "(MCP tool returned no content)";
+}
+
+// src/testing.ts
+function defineEval(def) {
+  return def;
+}
+function fakeEngine(responder) {
+  return {
+    async run(input, hooks) {
+      const appended = [];
+      const messages = [...input.messages];
+      let usage = emptyUsage();
+      const pending = pendingToolCalls(messages);
+      const startTurn = pending.length ? messages.filter((message) => message.role === "assistant").length : 0;
+      await resumePendingFakeToolCalls(pending, messages, input.tools, input.signal, hooks, appended);
+      for (let turn = startTurn; turn < 50; turn++) {
+        const t = responder({ ...input, messages }, turn);
+        hooks.bus.emit({ type: "turn_start", turnId: `t${turn}`, model: input.model, runId: hooks.runId, session: hooks.session });
+        const content = [];
+        if (t.text) content.push({ type: "text", text: t.text });
+        for (const tc of t.toolCalls ?? []) {
+          content.push({ type: "tool_call", id: tc.id ?? `call_${turn}`, name: tc.name, arguments: tc.arguments });
+        }
+        const hasTools = (t.toolCalls?.length ?? 0) > 0;
+        const assistant = { role: "assistant", content, usage: emptyUsage(), stopReason: hasTools ? "tool_use" : "stop" };
+        appended.push(assistant);
+        messages.push(assistant);
+        hooks.bus.emit({ type: "turn_end", turnId: `t${turn}`, usage: emptyUsage(), stopReason: hasTools ? "tool_use" : "stop", runId: hooks.runId, session: hooks.session });
+        if (!hasTools) return { appended, text: t.text ?? "", usage };
+        for (const tc of t.toolCalls ?? []) {
+          const callId = tc.id ?? `call_${turn}`;
+          hooks.bus.emit({ type: "tool_call", tool: tc.name, callId, arguments: tc.arguments, runId: hooks.runId, session: hooks.session });
+          const tool = input.tools.find((x) => x.name === tc.name);
+          let text;
+          let ok = true;
+          try {
+            text = tool ? await tool.execute(tc.arguments, input.signal) : `Error: unknown tool "${tc.name}"`;
+            ok = Boolean(tool);
+          } catch (err) {
+            if (isToolApprovalRequiredError(err)) {
+              attachToolApprovalPartialTranscript(err, { appended: [...appended], usage });
+              throw err;
+            }
+            text = `Error: ${err instanceof Error ? err.message : String(err)}`;
+            ok = false;
+          }
+          const result = { role: "tool_result", toolCallId: callId, toolName: tc.name, content: [{ type: "text", text }], isError: !ok };
+          appended.push(result);
+          messages.push(result);
+          hooks.bus.emit({ type: "tool_result", tool: tc.name, callId, ok, runId: hooks.runId, session: hooks.session });
+        }
+      }
+      return { appended, text: "", usage };
+    }
+  };
+}
+async function resumePendingFakeToolCalls(pending, messages, tools, signal, hooks, appended) {
+  for (const tc of pending) {
+    const tool = tools.find((x) => x.name === tc.name);
+    hooks.bus.emit({ type: "tool_call", tool: tc.name, callId: tc.id, arguments: tc.arguments, runId: hooks.runId, session: hooks.session });
+    let text;
+    let ok = true;
+    try {
+      text = tool ? await tool.execute(tc.arguments, signal) : `Error: unknown tool "${tc.name}"`;
+      ok = Boolean(tool);
+    } catch (err) {
+      if (isToolApprovalRequiredError(err)) {
+        attachToolApprovalPartialTranscript(err, { appended: [...appended], usage: emptyUsage() });
+        throw err;
+      }
+      text = `Error: ${err instanceof Error ? err.message : String(err)}`;
+      ok = false;
+    }
+    const result = { role: "tool_result", toolCallId: tc.id, toolName: tc.name, content: [{ type: "text", text }], isError: !ok };
+    appended.push(result);
+    messages.push(result);
+    hooks.bus.emit({ type: "tool_result", tool: tc.name, callId: tc.id, ok, runId: hooks.runId, session: hooks.session });
+  }
+}
+function pendingToolCalls(messages) {
+  for (let index = messages.length - 1; index >= 0; index--) {
+    const message = messages[index];
+    if (message.role === "tool_result") continue;
+    if (message.role !== "assistant") return [];
+    const calls = message.content.filter((part) => part.type === "tool_call").map((part) => ({ id: part.id, name: part.name, arguments: part.arguments }));
+    if (!calls.length) return [];
+    const resultIds = new Set(
+      messages.slice(index + 1).filter((candidate) => candidate.role === "tool_result").map((candidate) => candidate.toolCallId)
+    );
+    return calls.filter((call) => !resultIds.has(call.id));
+  }
+  return [];
+}
+async function assertSandboxConformance(factory, options = {}) {
+  const env = await factory.createSessionEnv({ id: options.id ?? "conformance" });
+  try {
+    await assertFileApi(env);
+    if (options.shell !== false) await assertShellApi(env, options);
+  } finally {
+    await env.dispose?.().catch(() => {
+    });
+  }
+}
+async function assertFileApi(env) {
+  assert(typeof env.cwd === "string" && env.cwd.length > 0, "env.cwd must be a non-empty string");
+  assert(typeof env.resolvePath("nested/file.txt") === "string", "resolvePath must return a string");
+  await env.mkdir("nested/deeper", { recursive: true });
+  assert(await env.exists("nested"), "exists() should return true for created directories");
+  assert(!await env.exists("missing.txt"), "exists() should return false for missing paths");
+  await env.writeFile("nested/deeper/hello.txt", "hello atlas");
+  assertEquals(await env.readFile("nested/deeper/hello.txt"), "hello atlas", "readFile should return text written by writeFile");
+  const bytes = new Uint8Array([0, 1, 2, 65, 255]);
+  await env.writeFile("nested/blob.bin", bytes);
+  assertBytes(await env.readFileBuffer("nested/blob.bin"), bytes, "readFileBuffer should preserve byte content");
+  const fileStat = await env.stat("nested/deeper/hello.txt");
+  assert(fileStat.isFile, "stat(file).isFile should be true");
+  assert(!fileStat.isDirectory, "stat(file).isDirectory should be false");
+  assert(fileStat.size >= "hello atlas".length, "stat(file).size should be populated");
+  const dirStat = await env.stat("nested");
+  assert(dirStat.isDirectory, "stat(directory).isDirectory should be true");
+  const entries = await env.readdir("nested");
+  assert(entries.includes("deeper"), "readdir should include child directories");
+  assert(entries.includes("blob.bin"), "readdir should include child files");
+  await env.rm("nested/blob.bin");
+  assert(!await env.exists("nested/blob.bin"), "rm(file) should remove files");
+  await env.rm("nested", { recursive: true, force: true });
+  assert(!await env.exists("nested"), "rm(recursive, force) should remove directories");
+}
+async function assertShellApi(env, options) {
+  await env.mkdir("shell", { recursive: true });
+  await env.writeFile("shell/input.txt", "shell-canary");
+  const envRes = await env.exec(`printf '%s' "$ATLAS_CONF_CANARY"`, { env: { ATLAS_CONF_CANARY: "env-ok" } });
+  assertEquals(envRes.stdout, "env-ok", "exec should pass environment variables to the command");
+  assertEquals(envRes.exitCode, 0, "exec should return exitCode 0 for successful commands");
+  const cwdRes = await env.exec("cat input.txt", { cwd: env.resolvePath("shell") });
+  assertEquals(cwdRes.stdout, "shell-canary", "exec should honor cwd");
+  assertEquals(cwdRes.exitCode, 0, "exec with cwd should succeed");
+  const failRes = await env.exec("printf 'bad' >&2; exit 7");
+  assert(failRes.stderr.includes("bad"), "exec should capture stderr");
+  assertEquals(failRes.exitCode, 7, "exec should preserve non-zero exit codes");
+  if (options.timeout !== false) {
+    const timed = await env.exec("sleep 5", { timeoutMs: 100 });
+    assert(timed.exitCode !== 0, "exec timeout should not report success");
+  }
+}
+function assert(condition, message) {
+  if (!condition) throw new Error(`Sandbox conformance failed: ${message}`);
+}
+function assertEquals(actual, expected, message) {
+  if (actual !== expected) throw new Error(`Sandbox conformance failed: ${message}; expected ${JSON.stringify(expected)}, got ${JSON.stringify(actual)}`);
+}
+function assertBytes(actual, expected, message) {
+  assert(actual.length === expected.length, `${message}; byte length differs`);
+  for (let i = 0; i < expected.length; i++) {
+    assert(actual[i] === expected[i], `${message}; byte ${i} differs`);
+  }
+}
+export {
+  BUILTIN_TOOL_NAMES,
+  BaseSandboxEnv,
+  DurableStreamSubscriptionStoreBase,
+  EngineError,
+  EventBus,
+  Harness,
+  InMemoryRunStore,
+  InMemorySessionStore,
+  InMemoryStreamStore,
+  InMemorySubscriptionStore,
+  MemorySearchParametersSchema,
+  PersonaManifestSchema,
+  PiAgentEngine,
+  ProviderRegistrationError,
+  RuleViolation,
+  Session,
+  ToolApprovalRequiredError,
+  WorkflowDefSchema,
+  addUsage,
+  advanceWorkflow,
+  applyProfile,
+  approveGate,
+  assertSandboxConformance,
+  bash,
+  bashFactoryToSessionEnv,
+  builtinTools,
+  connectMcpServer,
+  createAgent,
+  createCwdSessionEnv,
+  createScopedSessionEnv,
+  cronMatches,
+  defaultEngine,
+  defineAgent,
+  defineAgentProfile,
+  defineChannel,
+  defineCommand,
+  defineEval,
+  defineHttpConnection,
+  defineMemoryConnector,
+  defineSandbox,
+  defineTool,
+  discoverSessionContext,
+  dispatchWorkflow,
+  emptyUsage,
+  envApiKeyFor,
+  fakeEngine,
+  genId,
+  getApiProvider,
+  getApiProviders,
+  getDefaultPersistence,
+  getRegisteredApiKey,
+  getRegisteredStoreResponses,
+  hasRegisteredProvider,
+  inMemoryAdapter,
+  invokeAgent,
+  isChannelDefinition,
+  isCreatedAgent,
+  isJsonStreamContentType,
+  isRawTool,
+  isSandboxFactory,
+  isToolApprovalRequiredError,
+  isWorkspaceSkill,
+  kvAdapter,
+  loadWorkspaceSkill,
+  makeCall,
+  makeFs,
+  makeRuleGuard,
+  mergeCommands,
+  normalizeCommandExecutor,
+  normalizeStreamContentType,
+  observe,
+  parsePersonaManifest,
+  parseSkillMarkdown,
+  parseWorkflowDef,
+  personaAgent,
+  personaTriggers,
+  personaWorkflowMounts,
+  personaWorkflows,
+  rawTool,
+  recoverRuns,
+  recoverWorkflows,
+  registerApiProvider,
+  registerProvider,
+  resetProvidersForTests,
+  resolveAnyTool,
+  resolveRegisteredModel,
+  resolveSandboxNetworkPolicy,
+  resolveTool,
+  sandboxCascade,
+  sandboxHeaderFromEnv,
+  startCronScheduler,
+  startWorkflow,
+  streamMessageBytes,
+  unregisterApiProviders,
+  validateSlots,
+  verifyGithubWebhookSignature,
+  verifySlackRequestSignature,
+  virtualSandbox,
+  waitingGate,
+  writeFileCreatingParents
+};