@det-acp/core 0.2.0

package/dist/tools/base.d.ts

@@ -0,0 +1,58 @@
+/**
+ * Tool Adapter Base — the contract that every tool must implement.
+ *
+ * The runtime NEVER calls execute() directly. It always goes through:
+ *   validate → dryRun → (gate check) → execute → verify
+ *
+ * Each step is recorded in the evidence ledger.
+ */
+import { z } from 'zod';
+import type { DryRunResult, ExecutionContext, ExecutionResult, Policy, RollbackResult, ValidationResult } from '../types.js';
+export declare abstract class ToolAdapter {
+    /** Unique tool identifier, e.g. "file:read" */
+    abstract readonly name: string;
+    /** Human-readable description */
+    abstract readonly description: string;
+    /** Zod schema for validating tool-specific input */
+    abstract readonly inputSchema: z.ZodType;
+    /**
+     * Validate the input against the schema and the policy.
+     * Returns allow/deny/gate verdict.
+     */
+    abstract validate(input: unknown, policy: Policy): ValidationResult;
+    /**
+     * Preview what the tool would do without making any changes.
+     * Must be side-effect-free.
+     */
+    abstract dryRun(input: Record<string, unknown>, ctx: ExecutionContext): Promise<DryRunResult>;
+    /**
+     * Execute the action for real.
+     * Must capture artifacts (diffs, checksums, logs) as evidence.
+     * Must store rollback data in ctx.rollbackData if the action is reversible.
+     */
+    abstract execute(input: Record<string, unknown>, ctx: ExecutionContext): Promise<ExecutionResult>;
+    /**
+     * Undo the action. Called during rollback if the action was executed.
+     * Should use ctx.rollbackData stored during execute().
+     */
+    abstract rollback(input: Record<string, unknown>, ctx: ExecutionContext): Promise<RollbackResult>;
+    /**
+     * Generate a deterministic idempotency key for this action + input.
+     * Used to detect duplicate calls.
+     */
+    idempotencyKey(input: Record<string, unknown>): string;
+    /**
+     * Parse and validate the raw input against this tool's schema.
+     * Returns the parsed input or throws.
+     */
+    parseInput(raw: unknown): Record<string, unknown>;
+    /**
+     * Helper to create a successful execution result.
+     */
+    protected success(output: unknown, durationMs: number, artifacts?: ExecutionResult['artifacts']): ExecutionResult;
+    /**
+     * Helper to create a failed execution result.
+     */
+    protected failure(error: string, durationMs: number): ExecutionResult;
+}
+//# sourceMappingURL=base.d.ts.map

package/dist/tools/base.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../src/tools/base.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAEV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,MAAM,EACN,cAAc,EACd,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAErB,8BAAsB,WAAW;IAC/B,+CAA+C;IAC/C,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAE/B,iCAAiC;IACjC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAEtC,oDAAoD;IACpD,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,OAAO,CAAC;IAEzC;;;OAGG;IACH,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAEnE;;;OAGG;IACH,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAE7F;;;;OAIG;IACH,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAEjG;;;OAGG;IACH,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;IAEjG;;;OAGG;IACH,cAAc,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAItD;;;OAGG;IACH,UAAU,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAIjD;;OAEG;IACH,SAAS,CAAC,OAAO,CACf,MAAM,EAAE,OAAO,EACf,UAAU,EAAE,MAAM,EAClB,SAAS,GAAE,eAAe,CAAC,WAAW,CAAM,GAC3C,eAAe;IAUlB;;OAEG;IACH,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,eAAe;CAQtE"}

package/dist/tools/base.js

@@ -0,0 +1,48 @@
+/**
+ * Tool Adapter Base — the contract that every tool must implement.
+ *
+ * The runtime NEVER calls execute() directly. It always goes through:
+ *   validate → dryRun → (gate check) → execute → verify
+ *
+ * Each step is recorded in the evidence ledger.
+ */
+export class ToolAdapter {
+    /**
+     * Generate a deterministic idempotency key for this action + input.
+     * Used to detect duplicate calls.
+     */
+    idempotencyKey(input) {
+        return `${this.name}:${JSON.stringify(input, Object.keys(input).sort())}`;
+    }
+    /**
+     * Parse and validate the raw input against this tool's schema.
+     * Returns the parsed input or throws.
+     */
+    parseInput(raw) {
+        return this.inputSchema.parse(raw);
+    }
+    /**
+     * Helper to create a successful execution result.
+     */
+    success(output, durationMs, artifacts = []) {
+        return {
+            tool: this.name,
+            success: true,
+            output,
+            artifacts,
+            durationMs,
+        };
+    }
+    /**
+     * Helper to create a failed execution result.
+     */
+    failure(error, durationMs) {
+        return {
+            tool: this.name,
+            success: false,
+            error,
+            durationMs,
+        };
+    }
+}
+//# sourceMappingURL=base.js.map

package/dist/tools/base.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.js","sourceRoot":"","sources":["../../src/tools/base.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAaH,MAAM,OAAgB,WAAW;IAmC/B;;;OAGG;IACH,cAAc,CAAC,KAA8B;QAC3C,OAAO,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;IAC5E,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,GAAY;QACrB,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAA4B,CAAC;IAChE,CAAC;IAED;;OAEG;IACO,OAAO,CACf,MAAe,EACf,UAAkB,EAClB,YAA0C,EAAE;QAE5C,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI;YACb,MAAM;YACN,SAAS;YACT,UAAU;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACO,OAAO,CAAC,KAAa,EAAE,UAAkB;QACjD,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,KAAK;YACd,KAAK;YACL,UAAU;SACX,CAAC;IACJ,CAAC;CACF"}

package/dist/tools/command-run.d.ts

@@ -0,0 +1,30 @@
+/**
+ * command:run — Allow-listed command execution tool adapter.
+ *
+ * Runs shell commands with strict binary allow-listing, timeout, and output capture.
+ */
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import type { DryRunResult, ExecutionContext, ExecutionResult, Policy, RollbackResult, ValidationResult } from '../types.js';
+export declare const CommandRunInputSchema: z.ZodObject<{
+    command: z.ZodString;
+    cwd: z.ZodOptional<z.ZodString>;
+    timeout: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+}, z.core.$strip>;
+export type CommandRunInput = z.infer<typeof CommandRunInputSchema>;
+export declare class CommandRunAdapter extends ToolAdapter {
+    readonly name = "command:run";
+    readonly description = "Run a shell command from the allow-listed binaries";
+    readonly inputSchema: z.ZodObject<{
+        command: z.ZodString;
+        cwd: z.ZodOptional<z.ZodString>;
+        timeout: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+        env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    }, z.core.$strip>;
+    validate(input: unknown, policy: Policy): ValidationResult;
+    dryRun(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<DryRunResult>;
+    execute(input: Record<string, unknown>, ctx: ExecutionContext): Promise<ExecutionResult>;
+    rollback(_input: Record<string, unknown>, _ctx: ExecutionContext): Promise<RollbackResult>;
+}
+//# sourceMappingURL=command-run.d.ts.map

package/dist/tools/command-run.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"command-run.d.ts","sourceRoot":"","sources":["../../src/tools/command-run.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,OAAO,KAAK,EACV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,MAAM,EACN,cAAc,EACd,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,qBAAqB;;;;;iBAKhC,CAAC;AAEH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE,qBAAa,iBAAkB,SAAQ,WAAW;IAChD,QAAQ,CAAC,IAAI,iBAAiB;IAC9B,QAAQ,CAAC,WAAW,wDAAwD;IAC5E,QAAQ,CAAC,WAAW;;;;;sBAAyB;IAE7C,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAkBpD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAYrF,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAwCxF,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;CAUjG"}

package/dist/tools/command-run.js

@@ -0,0 +1,87 @@
+/**
+ * command:run — Allow-listed command execution tool adapter.
+ *
+ * Runs shell commands with strict binary allow-listing, timeout, and output capture.
+ */
+import { execSync } from 'node:child_process';
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import { evaluateAction } from '../policy/evaluator.js';
+export const CommandRunInputSchema = z.object({
+    command: z.string().min(1, 'Command is required'),
+    cwd: z.string().optional(),
+    timeout: z.number().positive().optional().default(30000),
+    env: z.record(z.string(), z.string()).optional(),
+});
+export class CommandRunAdapter extends ToolAdapter {
+    name = 'command:run';
+    description = 'Run a shell command from the allow-listed binaries';
+    inputSchema = CommandRunInputSchema;
+    validate(input, policy) {
+        const parsed = CommandRunInputSchema.safeParse(input);
+        if (!parsed.success) {
+            return {
+                verdict: 'deny',
+                tool: this.name,
+                reasons: parsed.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`),
+            };
+        }
+        // The evaluator checks the binary against the scope.binaries allow-list
+        // We pass input.command as input.binary for the evaluator's scope check
+        return evaluateAction({ tool: this.name, input: { ...parsed.data, binary: parsed.data.command } }, policy);
+    }
+    async dryRun(input, _ctx) {
+        const { command, cwd, timeout } = input;
+        const binary = command.split(/\s+/)[0];
+        return {
+            tool: this.name,
+            wouldDo: `Run command: "${command}" (binary: ${binary}, timeout: ${timeout}ms)`,
+            estimatedChanges: [],
+            warnings: cwd ? [] : ['No working directory specified, using process cwd'],
+        };
+    }
+    async execute(input, ctx) {
+        const start = Date.now();
+        const { command, cwd, timeout, env } = input;
+        try {
+            const stdout = execSync(command, {
+                cwd: cwd ?? process.cwd(),
+                timeout,
+                env: env ? { ...process.env, ...env } : process.env,
+                encoding: 'utf-8',
+                maxBuffer: 10 * 1024 * 1024, // 10MB
+                stdio: ['pipe', 'pipe', 'pipe'],
+            });
+            return this.success({ stdout: stdout.toString(), command }, Date.now() - start, [
+                { type: 'exit_code', value: '0', description: `Command: ${command}` },
+                { type: 'log', value: stdout.toString().slice(0, 4096), description: 'stdout (truncated)' },
+            ]);
+        }
+        catch (err) {
+            const execErr = err;
+            const exitCode = execErr.status ?? 1;
+            const stderr = execErr.stderr ?? execErr.message;
+            return {
+                tool: this.name,
+                success: false,
+                output: { stdout: execErr.stdout ?? '', stderr, exitCode },
+                error: `Command failed with exit code ${exitCode}: ${stderr}`,
+                artifacts: [
+                    { type: 'exit_code', value: String(exitCode), description: `Command: ${command}` },
+                ],
+                durationMs: Date.now() - start,
+            };
+        }
+    }
+    async rollback(_input, _ctx) {
+        // Command execution is generally not reversible.
+        // Specific rollback logic would need to be defined at a higher level
+        // (e.g., compensation actions in the job definition).
+        return {
+            tool: this.name,
+            success: false,
+            description: 'Command execution cannot be automatically rolled back. Define compensation actions at the job level.',
+        };
+    }
+}
+//# sourceMappingURL=command-run.js.map

package/dist/tools/command-run.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"command-run.js","sourceRoot":"","sources":["../../src/tools/command-run.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAUxD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,qBAAqB,CAAC;IACjD,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACxD,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACjD,CAAC,CAAC;AAIH,MAAM,OAAO,iBAAkB,SAAQ,WAAW;IACvC,IAAI,GAAG,aAAa,CAAC;IACrB,WAAW,GAAG,oDAAoD,CAAC;IACnE,WAAW,GAAG,qBAAqB,CAAC;IAE7C,QAAQ,CAAC,KAAc,EAAE,MAAc;QACrC,MAAM,MAAM,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,MAAM;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aAC7E,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,wEAAwE;QACxE,OAAO,cAAc,CACnB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,EAC3E,MAAM,CACP,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAA8B,EAAE,IAAsB;QACjE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAwB,CAAC;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAEvC,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,iBAAiB,OAAO,cAAc,MAAM,cAAc,OAAO,KAAK;YAC/E,gBAAgB,EAAE,EAAE;YACpB,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,mDAAmD,CAAC;SAC3E,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAA8B,EAAE,GAAqB;QACjE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,KAAwB,CAAC;QAEhE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE;gBAC/B,GAAG,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;gBACzB,OAAO;gBACP,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,EAAuB,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG;gBACxE,QAAQ,EAAE,OAAO;gBACjB,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;gBACpC,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,OAAO,CACjB,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,EACtC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAClB;gBACE,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,YAAY,OAAO,EAAE,EAAE;gBACrE,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE;aAC5F,CACF,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAA6E,CAAC;YAC9F,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,CAAC;YACrC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;YAEjD,OAAO;gBACL,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC1D,KAAK,EAAE,iCAAiC,QAAQ,KAAK,MAAM,EAAE;gBAC7D,SAAS,EAAE;oBACT,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,YAAY,OAAO,EAAE,EAAE;iBACnF;gBACD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;aAC/B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAA+B,EAAE,IAAsB;QACpE,iDAAiD;QACjD,qEAAqE;QACrE,sDAAsD;QACtD,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,sGAAsG;SACpH,CAAC;IACJ,CAAC;CACF"}

package/dist/tools/file-read.d.ts

@@ -0,0 +1,34 @@
+/**
+ * file:read — Scoped file read tool adapter.
+ *
+ * Reads file contents, enforcing path scope from the policy.
+ */
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import type { DryRunResult, ExecutionContext, ExecutionResult, Policy, RollbackResult, ValidationResult } from '../types.js';
+export declare const FileReadInputSchema: z.ZodObject<{
+    path: z.ZodString;
+    encoding: z.ZodDefault<z.ZodEnum<{
+        "utf-8": "utf-8";
+        base64: "base64";
+        hex: "hex";
+    }>>;
+}, z.core.$strip>;
+export type FileReadInput = z.infer<typeof FileReadInputSchema>;
+export declare class FileReadAdapter extends ToolAdapter {
+    readonly name = "file:read";
+    readonly description = "Read the contents of a file within allowed path scopes";
+    readonly inputSchema: z.ZodObject<{
+        path: z.ZodString;
+        encoding: z.ZodDefault<z.ZodEnum<{
+            "utf-8": "utf-8";
+            base64: "base64";
+            hex: "hex";
+        }>>;
+    }, z.core.$strip>;
+    validate(input: unknown, policy: Policy): ValidationResult;
+    dryRun(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<DryRunResult>;
+    execute(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<ExecutionResult>;
+    rollback(_input: Record<string, unknown>, _ctx: ExecutionContext): Promise<RollbackResult>;
+}
+//# sourceMappingURL=file-read.d.ts.map

package/dist/tools/file-read.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-read.d.ts","sourceRoot":"","sources":["../../src/tools/file-read.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,OAAO,KAAK,EACV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,MAAM,EACN,cAAc,EACd,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,mBAAmB;;;;;;;iBAG9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,qBAAa,eAAgB,SAAQ,WAAW;IAC9C,QAAQ,CAAC,IAAI,eAAe;IAC5B,QAAQ,CAAC,WAAW,4DAA4D;IAChF,QAAQ,CAAC,WAAW;;;;;;;sBAAuB;IAE3C,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAiBpD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAarF,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAqBzF,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;CAQjG"}

package/dist/tools/file-read.js

@@ -0,0 +1,67 @@
+/**
+ * file:read — Scoped file read tool adapter.
+ *
+ * Reads file contents, enforcing path scope from the policy.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+import crypto from 'node:crypto';
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import { evaluateAction } from '../policy/evaluator.js';
+export const FileReadInputSchema = z.object({
+    path: z.string().min(1, 'File path is required'),
+    encoding: z.enum(['utf-8', 'base64', 'hex']).default('utf-8'),
+});
+export class FileReadAdapter extends ToolAdapter {
+    name = 'file:read';
+    description = 'Read the contents of a file within allowed path scopes';
+    inputSchema = FileReadInputSchema;
+    validate(input, policy) {
+        // Schema validation
+        const parsed = FileReadInputSchema.safeParse(input);
+        if (!parsed.success) {
+            return {
+                verdict: 'deny',
+                tool: this.name,
+                reasons: parsed.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`),
+            };
+        }
+        return evaluateAction({ tool: this.name, input: parsed.data }, policy);
+    }
+    async dryRun(input, _ctx) {
+        const { path: filePath } = input;
+        const absPath = path.resolve(filePath);
+        const exists = fs.existsSync(absPath);
+        return {
+            tool: this.name,
+            wouldDo: `Read file: ${absPath}`,
+            estimatedChanges: [],
+            warnings: exists ? [] : [`File does not exist: ${absPath}`],
+        };
+    }
+    async execute(input, _ctx) {
+        const start = Date.now();
+        const { path: filePath, encoding } = input;
+        const absPath = path.resolve(filePath);
+        try {
+            const content = fs.readFileSync(absPath, encoding);
+            const checksum = crypto.createHash('sha256').update(content).digest('hex');
+            return this.success({ content, size: Buffer.byteLength(content), path: absPath }, Date.now() - start, [
+                { type: 'checksum', value: `sha256:${checksum}`, description: `Checksum of ${absPath}` },
+            ]);
+        }
+        catch (err) {
+            return this.failure(err.message, Date.now() - start);
+        }
+    }
+    async rollback(_input, _ctx) {
+        // file:read is side-effect-free — nothing to rollback
+        return {
+            tool: this.name,
+            success: true,
+            description: 'No rollback needed for read-only operation',
+        };
+    }
+}
+//# sourceMappingURL=file-read.js.map

package/dist/tools/file-read.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-read.js","sourceRoot":"","sources":["../../src/tools/file-read.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAUxD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;IAChD,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;CAC9D,CAAC,CAAC;AAIH,MAAM,OAAO,eAAgB,SAAQ,WAAW;IACrC,IAAI,GAAG,WAAW,CAAC;IACnB,WAAW,GAAG,wDAAwD,CAAC;IACvE,WAAW,GAAG,mBAAmB,CAAC;IAE3C,QAAQ,CAAC,KAAc,EAAE,MAAc;QACrC,oBAAoB;QACpB,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,MAAM;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aAC7E,CAAC;QACJ,CAAC;QAED,OAAO,cAAc,CACnB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE,EACvC,MAAM,CACP,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAA8B,EAAE,IAAsB;QACjE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,KAAsB,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAEtC,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,cAAc,OAAO,EAAE;YAChC,gBAAgB,EAAE,EAAE;YACpB,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB,OAAO,EAAE,CAAC;SAC5D,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAA8B,EAAE,IAAsB;QAClE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,KAAsB,CAAC;QAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEvC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,QAA0B,CAAC,CAAC;YACrE,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAE3E,OAAO,IAAI,CAAC,OAAO,CACjB,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAC5D,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAClB;gBACE,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,QAAQ,EAAE,EAAE,WAAW,EAAE,eAAe,OAAO,EAAE,EAAE;aACzF,CACF,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,OAAO,CAAE,GAAa,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAA+B,EAAE,IAAsB;QACpE,sDAAsD;QACtD,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,4CAA4C;SAC1D,CAAC;IACJ,CAAC;CACF"}

package/dist/tools/file-write.d.ts

@@ -0,0 +1,39 @@
+/**
+ * file:write — Scoped file write tool adapter.
+ *
+ * Writes file contents, enforcing path scope from the policy.
+ * Creates a backup before writing for rollback support.
+ */
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import type { DryRunResult, ExecutionContext, ExecutionResult, Policy, RollbackResult, ValidationResult } from '../types.js';
+export declare const FileWriteInputSchema: z.ZodObject<{
+    path: z.ZodString;
+    content: z.ZodString;
+    encoding: z.ZodDefault<z.ZodEnum<{
+        "utf-8": "utf-8";
+        base64: "base64";
+        hex: "hex";
+    }>>;
+    createDirs: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+export type FileWriteInput = z.infer<typeof FileWriteInputSchema>;
+export declare class FileWriteAdapter extends ToolAdapter {
+    readonly name = "file:write";
+    readonly description = "Write contents to a file within allowed path scopes";
+    readonly inputSchema: z.ZodObject<{
+        path: z.ZodString;
+        content: z.ZodString;
+        encoding: z.ZodDefault<z.ZodEnum<{
+            "utf-8": "utf-8";
+            base64: "base64";
+            hex: "hex";
+        }>>;
+        createDirs: z.ZodDefault<z.ZodBoolean>;
+    }, z.core.$strip>;
+    validate(input: unknown, policy: Policy): ValidationResult;
+    dryRun(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<DryRunResult>;
+    execute(input: Record<string, unknown>, ctx: ExecutionContext): Promise<ExecutionResult>;
+    rollback(input: Record<string, unknown>, ctx: ExecutionContext): Promise<RollbackResult>;
+}
+//# sourceMappingURL=file-write.d.ts.map

package/dist/tools/file-write.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-write.d.ts","sourceRoot":"","sources":["../../src/tools/file-write.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,OAAO,KAAK,EACV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EAEf,MAAM,EACN,cAAc,EACd,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,oBAAoB;;;;;;;;;iBAK/B,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAElE,qBAAa,gBAAiB,SAAQ,WAAW;IAC/C,QAAQ,CAAC,IAAI,gBAAgB;IAC7B,QAAQ,CAAC,WAAW,yDAAyD;IAC7E,QAAQ,CAAC,WAAW;;;;;;;;;sBAAwB;IAE5C,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAgBpD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAuBrF,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAkExF,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;CAsD/F"}

package/dist/tools/file-write.js

@@ -0,0 +1,158 @@
+/**
+ * file:write — Scoped file write tool adapter.
+ *
+ * Writes file contents, enforcing path scope from the policy.
+ * Creates a backup before writing for rollback support.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+import crypto from 'node:crypto';
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import { evaluateAction } from '../policy/evaluator.js';
+export const FileWriteInputSchema = z.object({
+    path: z.string().min(1, 'File path is required'),
+    content: z.string(),
+    encoding: z.enum(['utf-8', 'base64', 'hex']).default('utf-8'),
+    createDirs: z.boolean().default(false),
+});
+export class FileWriteAdapter extends ToolAdapter {
+    name = 'file:write';
+    description = 'Write contents to a file within allowed path scopes';
+    inputSchema = FileWriteInputSchema;
+    validate(input, policy) {
+        const parsed = FileWriteInputSchema.safeParse(input);
+        if (!parsed.success) {
+            return {
+                verdict: 'deny',
+                tool: this.name,
+                reasons: parsed.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`),
+            };
+        }
+        return evaluateAction({ tool: this.name, input: parsed.data }, policy);
+    }
+    async dryRun(input, _ctx) {
+        const { path: filePath, content } = input;
+        const absPath = path.resolve(filePath);
+        const exists = fs.existsSync(absPath);
+        const warnings = [];
+        if (!exists) {
+            const dir = path.dirname(absPath);
+            if (!fs.existsSync(dir)) {
+                warnings.push(`Parent directory does not exist: ${dir}`);
+            }
+        }
+        return {
+            tool: this.name,
+            wouldDo: exists
+                ? `Overwrite file: ${absPath} (${Buffer.byteLength(content)} bytes)`
+                : `Create new file: ${absPath} (${Buffer.byteLength(content)} bytes)`,
+            estimatedChanges: [absPath],
+            warnings,
+        };
+    }
+    async execute(input, ctx) {
+        const start = Date.now();
+        const { path: filePath, content, encoding, createDirs } = input;
+        const absPath = path.resolve(filePath);
+        const artifacts = [];
+        try {
+            // Backup existing file for rollback
+            let previousContent = null;
+            const existed = fs.existsSync(absPath);
+            if (existed) {
+                previousContent = fs.readFileSync(absPath, 'utf-8');
+                const prevChecksum = crypto.createHash('sha256').update(previousContent).digest('hex');
+                artifacts.push({
+                    type: 'checksum',
+                    value: `sha256:${prevChecksum}`,
+                    description: `Previous checksum of ${absPath}`,
+                });
+            }
+            // Store rollback data
+            const rollbackKey = `file:write:${absPath}`;
+            ctx.rollbackData[rollbackKey] = {
+                existed,
+                previousContent,
+                path: absPath,
+            };
+            // Create directories if needed
+            if (createDirs) {
+                fs.mkdirSync(path.dirname(absPath), { recursive: true });
+            }
+            // Write the file
+            fs.writeFileSync(absPath, content, encoding);
+            // Produce evidence
+            const newChecksum = crypto.createHash('sha256').update(content).digest('hex');
+            artifacts.push({
+                type: 'checksum',
+                value: `sha256:${newChecksum}`,
+                description: `New checksum of ${absPath}`,
+            });
+            if (previousContent !== null) {
+                artifacts.push({
+                    type: 'diff',
+                    value: `--- ${absPath}\n+++ ${absPath}\n@@ modified @@\n-${previousContent.length} bytes\n+${content.length} bytes`,
+                    description: 'Size diff',
+                });
+            }
+            // Update budget
+            ctx.budget.filesChanged++;
+            ctx.budget.totalOutputBytes += Buffer.byteLength(content);
+            return this.success({ path: absPath, bytesWritten: Buffer.byteLength(content), created: !existed }, Date.now() - start, artifacts);
+        }
+        catch (err) {
+            return this.failure(err.message, Date.now() - start);
+        }
+    }
+    async rollback(input, ctx) {
+        const { path: filePath } = input;
+        const absPath = path.resolve(filePath);
+        const rollbackKey = `file:write:${absPath}`;
+        const rollbackData = ctx.rollbackData[rollbackKey];
+        if (!rollbackData) {
+            return {
+                tool: this.name,
+                success: false,
+                description: 'No rollback data available',
+                error: 'Rollback data not found — execute() may not have been called',
+            };
+        }
+        try {
+            if (rollbackData.existed && rollbackData.previousContent !== null) {
+                // Restore previous content
+                fs.writeFileSync(rollbackData.path, rollbackData.previousContent, 'utf-8');
+                return {
+                    tool: this.name,
+                    success: true,
+                    description: `Restored previous content of ${rollbackData.path}`,
+                };
+            }
+            else if (!rollbackData.existed) {
+                // File was newly created — delete it
+                if (fs.existsSync(rollbackData.path)) {
+                    fs.unlinkSync(rollbackData.path);
+                }
+                return {
+                    tool: this.name,
+                    success: true,
+                    description: `Deleted newly created file ${rollbackData.path}`,
+                };
+            }
+            return {
+                tool: this.name,
+                success: true,
+                description: 'No rollback action needed',
+            };
+        }
+        catch (err) {
+            return {
+                tool: this.name,
+                success: false,
+                description: `Failed to rollback file write to ${rollbackData.path}`,
+                error: err.message,
+            };
+        }
+    }
+}
+//# sourceMappingURL=file-write.js.map

package/dist/tools/file-write.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-write.js","sourceRoot":"","sources":["../../src/tools/file-write.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAWxD,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;IAChD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;IAC7D,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACvC,CAAC,CAAC;AAIH,MAAM,OAAO,gBAAiB,SAAQ,WAAW;IACtC,IAAI,GAAG,YAAY,CAAC;IACpB,WAAW,GAAG,qDAAqD,CAAC;IACpE,WAAW,GAAG,oBAAoB,CAAC;IAE5C,QAAQ,CAAC,KAAc,EAAE,MAAc;QACrC,MAAM,MAAM,GAAG,oBAAoB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,MAAM;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aAC7E,CAAC;QACJ,CAAC;QAED,OAAO,cAAc,CACnB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE,EACvC,MAAM,CACP,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAA8B,EAAE,IAAsB;QACjE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,KAAuB,CAAC;QAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC,oCAAoC,GAAG,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,MAAM;gBACb,CAAC,CAAC,mBAAmB,OAAO,KAAK,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS;gBACpE,CAAC,CAAC,oBAAoB,OAAO,KAAK,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS;YACvE,gBAAgB,EAAE,CAAC,OAAO,CAAC;YAC3B,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAA8B,EAAE,GAAqB;QACjE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,KAAuB,CAAC;QAClF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,SAAS,GAAwB,EAAE,CAAC;QAE1C,IAAI,CAAC;YACH,oCAAoC;YACpC,IAAI,eAAe,GAAkB,IAAI,CAAC;YAC1C,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACvC,IAAI,OAAO,EAAE,CAAC;gBACZ,eAAe,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACpD,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACvF,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,UAAU;oBAChB,KAAK,EAAE,UAAU,YAAY,EAAE;oBAC/B,WAAW,EAAE,wBAAwB,OAAO,EAAE;iBAC/C,CAAC,CAAC;YACL,CAAC;YAED,sBAAsB;YACtB,MAAM,WAAW,GAAG,cAAc,OAAO,EAAE,CAAC;YAC5C,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG;gBAC9B,OAAO;gBACP,eAAe;gBACf,IAAI,EAAE,OAAO;aACd,CAAC;YAEF,+BAA+B;YAC/B,IAAI,UAAU,EAAE,CAAC;gBACf,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC3D,CAAC;YAED,iBAAiB;YACjB,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,QAA0B,CAAC,CAAC;YAE/D,mBAAmB;YACnB,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC9E,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,UAAU;gBAChB,KAAK,EAAE,UAAU,WAAW,EAAE;gBAC9B,WAAW,EAAE,mBAAmB,OAAO,EAAE;aAC1C,CAAC,CAAC;YAEH,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;gBAC7B,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,MAAM;oBACZ,KAAK,EAAE,OAAO,OAAO,SAAS,OAAO,sBAAsB,eAAe,CAAC,MAAM,YAAY,OAAO,CAAC,MAAM,QAAQ;oBACnH,WAAW,EAAE,WAAW;iBACzB,CAAC,CAAC;YACL,CAAC;YAED,gBAAgB;YAChB,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,gBAAgB,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAE1D,OAAO,IAAI,CAAC,OAAO,CACjB,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,OAAO,EAAE,EAC9E,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAClB,SAAS,CACV,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,OAAO,CAAE,GAAa,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,KAA8B,EAAE,GAAqB;QAClE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,KAAuB,CAAC;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,WAAW,GAAG,cAAc,OAAO,EAAE,CAAC;QAC5C,MAAM,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC,WAAW,CAIpC,CAAC;QAEd,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO;gBACL,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,KAAK;gBACd,WAAW,EAAE,4BAA4B;gBACzC,KAAK,EAAE,8DAA8D;aACtE,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,IAAI,YAAY,CAAC,OAAO,IAAI,YAAY,CAAC,eAAe,KAAK,IAAI,EAAE,CAAC;gBAClE,2BAA2B;gBAC3B,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;gBAC3E,OAAO;oBACL,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,OAAO,EAAE,IAAI;oBACb,WAAW,EAAE,gCAAgC,YAAY,CAAC,IAAI,EAAE;iBACjE,CAAC;YACJ,CAAC;iBAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;gBACjC,qCAAqC;gBACrC,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;gBACnC,CAAC;gBACD,OAAO;oBACL,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,OAAO,EAAE,IAAI;oBACb,WAAW,EAAE,8BAA8B,YAAY,CAAC,IAAI,EAAE;iBAC/D,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,IAAI;gBACb,WAAW,EAAE,2BAA2B;aACzC,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,KAAK;gBACd,WAAW,EAAE,oCAAoC,YAAY,CAAC,IAAI,EAAE;gBACpE,KAAK,EAAG,GAAa,CAAC,OAAO;aAC9B,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}

package/dist/tools/git.d.ts

@@ -0,0 +1,48 @@
+/**
+ * git:diff and git:apply — Scoped git tool adapters.
+ *
+ * git:diff — produces a diff of changes in a repo (read-only).
+ * git:apply — applies a patch to a repo (with rollback via git stash).
+ */
+import { z } from 'zod';
+import { ToolAdapter } from './base.js';
+import type { DryRunResult, ExecutionContext, ExecutionResult, Policy, RollbackResult, ValidationResult } from '../types.js';
+export declare const GitDiffInputSchema: z.ZodObject<{
+    repo: z.ZodString;
+    ref: z.ZodDefault<z.ZodString>;
+    paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+export type GitDiffInput = z.infer<typeof GitDiffInputSchema>;
+export declare class GitDiffAdapter extends ToolAdapter {
+    readonly name = "git:diff";
+    readonly description = "Get git diff output for a repository";
+    readonly inputSchema: z.ZodObject<{
+        repo: z.ZodString;
+        ref: z.ZodDefault<z.ZodString>;
+        paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>;
+    validate(input: unknown, policy: Policy): ValidationResult;
+    dryRun(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<DryRunResult>;
+    execute(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<ExecutionResult>;
+    rollback(_input: Record<string, unknown>, _ctx: ExecutionContext): Promise<RollbackResult>;
+}
+export declare const GitApplyInputSchema: z.ZodObject<{
+    repo: z.ZodString;
+    patch: z.ZodString;
+    check: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+export type GitApplyInput = z.infer<typeof GitApplyInputSchema>;
+export declare class GitApplyAdapter extends ToolAdapter {
+    readonly name = "git:apply";
+    readonly description = "Apply a git patch to a repository";
+    readonly inputSchema: z.ZodObject<{
+        repo: z.ZodString;
+        patch: z.ZodString;
+        check: z.ZodDefault<z.ZodBoolean>;
+    }, z.core.$strip>;
+    validate(input: unknown, policy: Policy): ValidationResult;
+    dryRun(input: Record<string, unknown>, _ctx: ExecutionContext): Promise<DryRunResult>;
+    execute(input: Record<string, unknown>, ctx: ExecutionContext): Promise<ExecutionResult>;
+    rollback(input: Record<string, unknown>, ctx: ExecutionContext): Promise<RollbackResult>;
+}
+//# sourceMappingURL=git.d.ts.map

package/dist/tools/git.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"git.d.ts","sourceRoot":"","sources":["../../src/tools/git.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,OAAO,KAAK,EACV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,MAAM,EACN,cAAc,EACd,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAMrB,eAAO,MAAM,kBAAkB;;;;iBAI7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,qBAAa,cAAe,SAAQ,WAAW;IAC7C,QAAQ,CAAC,IAAI,cAAc;IAC3B,QAAQ,CAAC,WAAW,0CAA0C;IAC9D,QAAQ,CAAC,WAAW;;;;sBAAsB;IAE1C,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAgBpD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAUrF,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IA+BzF,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;CAOjG;AAMD,eAAO,MAAM,mBAAmB;;;;iBAI9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,qBAAa,eAAgB,SAAQ,WAAW;IAC9C,QAAQ,CAAC,IAAI,eAAe;IAC5B,QAAQ,CAAC,WAAW,uCAAuC;IAC3D,QAAQ,CAAC,WAAW;;;;sBAAuB;IAE3C,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB;IAgBpD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IAyBrF,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAwCxF,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;CA+C/F"}