@directive-run/ai 0.1.1

package/dist/index.d.ts

@@ -0,0 +1,4663 @@
+import { Requirement, ModuleSchema, Plugin, System } from '@directive-run/core';
+import { CircuitState, ObservabilityInstance, TraceSpan, AggregatedMetric, CircuitBreakerConfig, CircuitBreaker, AlertConfig } from '@directive-run/core/plugins';
+export { AggregatedMetric, AlertConfig, AlertEvent, CircuitBreaker, CircuitBreakerConfig, CircuitBreakerOpenError, CircuitBreakerStats, CircuitState, DashboardData, MetricDataPoint, MetricType, OTLPExporter, OTLPExporterConfig, ObservabilityConfig, ObservabilityInstance, TraceSpan, createAgentMetrics, createCircuitBreaker, createOTLPExporter, createObservability } from '@directive-run/core/plugins';
+import { M as Message$1, g as RunResult, b as AgentLike, d as GuardrailFn, O as OutputGuardrailData, I as InputGuardrailData, S as SchemaValidator, T as ToolCallGuardrailData, f as AdapterHooks, c as AgentRunner, h as ApprovalState, i as AgentState, j as OrchestratorState, k as OrchestratorConstraint, R as RunOptions, N as NamedGuardrail, l as OrchestratorResolver, A as ApprovalRequest, m as AgentRetryConfig, n as OrchestratorLifecycleHooks, o as GuardrailsConfig } from './types-BKCdgKC-.js';
+export { e as GuardrailContext, p as GuardrailError, q as GuardrailErrorCode, G as GuardrailResult, r as GuardrailRetryConfig, s as OrchestratorResolverContext, t as RejectedRequest, u as SchemaValidationResult, v as TokenUsage, a as ToolCall, w as isGuardrailError } from './types-BKCdgKC-.js';
+
+/**
+ * Agent Memory System
+ *
+ * Provides sliding window message management and automatic summarization
+ * for long-running agent conversations.
+ *
+ * @example
+ * ```typescript
+ * import { createAgentMemory, createSlidingWindowStrategy } from '@directive-run/ai';
+ *
+ * const memory = createAgentMemory({
+ *   strategy: createSlidingWindowStrategy({ maxMessages: 50 }),
+ *   summarizer: async (messages) => {
+ *     // Call LLM to summarize older messages
+ *     return await summarizeWithLLM(messages);
+ *   },
+ * });
+ *
+ * // Use with orchestrator
+ * const orchestrator = createAgentOrchestrator({
+ *   memory,
+ *   runner: run,
+ * });
+ * ```
+ */
+/**
+ * Memory-compatible message type.
+ * Extends the standard Message type to include system messages for summaries.
+ */
+interface MemoryMessage {
+    role: "user" | "assistant" | "tool" | "system";
+    content: string;
+    toolCallId?: string;
+}
+type Message = MemoryMessage;
+/** Configuration for memory management strategies */
+interface MemoryStrategyConfig {
+    /** Maximum number of messages to keep in active memory */
+    maxMessages?: number;
+    /** Maximum total tokens to keep in active memory */
+    maxTokens?: number;
+    /** Number of recent messages to always keep (protected from summarization) */
+    preserveRecentCount?: number;
+    /** Whether to include system messages in token count */
+    countSystemMessages?: boolean;
+}
+/** Result of a memory strategy evaluation */
+interface MemoryStrategyResult {
+    /** Messages to keep in active memory */
+    keep: Message[];
+    /** Messages to summarize or discard */
+    toSummarize: Message[];
+    /** Estimated token count of kept messages */
+    estimatedTokens: number;
+}
+/** Memory management strategy function */
+type MemoryStrategy = (messages: Message[], config: MemoryStrategyConfig) => MemoryStrategyResult;
+/** Summarizer function to compress older messages */
+type MessageSummarizer = (messages: Message[]) => Promise<string>;
+/** Agent memory configuration */
+interface AgentMemoryConfig {
+    /** Memory management strategy */
+    strategy: MemoryStrategy;
+    /** Optional summarizer for compressing old messages */
+    summarizer?: MessageSummarizer;
+    /** Strategy configuration */
+    strategyConfig?: MemoryStrategyConfig;
+    /** Whether to auto-manage memory after each interaction */
+    autoManage?: boolean;
+    /** Callback when memory is managed */
+    onMemoryManaged?: (result: MemoryManageResult) => void;
+    /** Callback when auto-manage encounters an error */
+    onManageError?: (error: Error) => void;
+    /** Maximum context window tokens (triggers additional summarization if exceeded) */
+    maxContextTokens?: number;
+}
+/** Result of memory management */
+interface MemoryManageResult {
+    /** Number of messages before management */
+    messagesBefore: number;
+    /** Number of messages after management */
+    messagesAfter: number;
+    /** Number of messages summarized */
+    messagesSummarized: number;
+    /** The summary that was generated (if any) */
+    summary?: string;
+    /** Estimated tokens before */
+    estimatedTokensBefore: number;
+    /** Estimated tokens after */
+    estimatedTokensAfter: number;
+}
+/** Memory state for a conversation */
+interface MemoryState {
+    /** Active messages in memory */
+    messages: Message[];
+    /** Summaries of older messages */
+    summaries: Array<{
+        content: string;
+        messagesCount: number;
+        createdAt: number;
+    }>;
+    /** Total messages ever processed */
+    totalMessagesProcessed: number;
+    /** Estimated current token count */
+    estimatedTokens: number;
+}
+/** Agent memory instance */
+interface AgentMemory {
+    /** Get current memory state */
+    getState(): MemoryState;
+    /** Add a message to memory */
+    addMessage(message: Message): void;
+    /** Check if memory management is currently in progress */
+    isManaging(): boolean;
+    /** Add multiple messages to memory */
+    addMessages(messages: Message[]): void;
+    /** Get messages for context (includes summaries as system messages) */
+    getContextMessages(): Message[];
+    /** Manually trigger memory management */
+    manage(): Promise<MemoryManageResult>;
+    /** Clear all memory */
+    clear(): void;
+    /** Export memory state for persistence */
+    export(): MemoryState;
+    /** Import memory state from persistence */
+    import(state: MemoryState): void;
+}
+/**
+ * Create a sliding window memory strategy.
+ *
+ * Keeps the most recent N messages, moving older ones to summarization.
+ *
+ * @example
+ * ```typescript
+ * const strategy = createSlidingWindowStrategy({
+ *   maxMessages: 50,
+ *   preserveRecentCount: 10,
+ * });
+ * ```
+ */
+declare function createSlidingWindowStrategy(defaultConfig?: MemoryStrategyConfig): MemoryStrategy;
+/**
+ * Create a token-based memory strategy.
+ *
+ * Keeps messages until a token limit is reached, then moves older ones to summarization.
+ *
+ * @example
+ * ```typescript
+ * const strategy = createTokenBasedStrategy({
+ *   maxTokens: 4000,
+ *   preserveRecentCount: 5,
+ * });
+ * ```
+ */
+declare function createTokenBasedStrategy(defaultConfig?: MemoryStrategyConfig): MemoryStrategy;
+/**
+ * Create a hybrid strategy that combines message count and token limits.
+ *
+ * @example
+ * ```typescript
+ * const strategy = createHybridStrategy({
+ *   maxMessages: 50,
+ *   maxTokens: 4000,
+ *   preserveRecentCount: 5,
+ * });
+ * ```
+ */
+declare function createHybridStrategy(defaultConfig?: MemoryStrategyConfig): MemoryStrategy;
+/**
+ * Create an agent memory instance.
+ *
+ * @example
+ * ```typescript
+ * const memory = createAgentMemory({
+ *   strategy: createSlidingWindowStrategy({ maxMessages: 50 }),
+ *   summarizer: async (messages) => {
+ *     const response = await openai.chat.completions.create({
+ *       model: 'gpt-4o-mini',
+ *       messages: [
+ *         { role: 'system', content: 'Summarize the following conversation concisely.' },
+ *         ...messages.map(m => ({ role: m.role, content: m.content })),
+ *       ],
+ *     });
+ *     return response.choices[0].message.content;
+ *   },
+ *   autoManage: true,
+ * });
+ * ```
+ */
+declare function createAgentMemory(config: AgentMemoryConfig): AgentMemory;
+/**
+ * Create a simple truncation "summarizer" that just returns key points.
+ * Useful for testing or when LLM summarization isn't needed.
+ */
+declare function createTruncationSummarizer(maxLength?: number): MessageSummarizer;
+/**
+ * Create a summarizer that extracts only user questions and key assistant answers.
+ */
+declare function createKeyPointsSummarizer(): MessageSummarizer;
+/**
+ * Create a summarizer factory for LLM-based summarization.
+ * You provide the LLM call function, this handles the prompt.
+ *
+ * @example
+ * ```typescript
+ * const summarizer = createLLMSummarizer(async (prompt) => {
+ *   const response = await openai.chat.completions.create({
+ *     model: 'gpt-4o-mini',
+ *     messages: [{ role: 'user', content: prompt }],
+ *   });
+ *   return response.choices[0].message.content ?? '';
+ * });
+ * ```
+ */
+declare function createLLMSummarizer(llmCall: (prompt: string) => Promise<string>, options?: {
+    maxSummaryLength?: number;
+    preserveKeyFacts?: boolean;
+}): MessageSummarizer;
+
+/**
+ * OpenAI Agents Streaming - Token-by-token streaming with backpressure support
+ *
+ * Provides async iterators for streaming agent responses with guardrail evaluation
+ * on partial output and configurable backpressure handling.
+ *
+ * @example
+ * ```typescript
+ * import { createAgentOrchestrator } from '@directive-run/ai';
+ * import { createStreamingRunner } from '@directive-run/ai';
+ *
+ * const { stream, result } = orchestrator.runStream(agent, input);
+ *
+ * for await (const chunk of stream) {
+ *   if (chunk.type === 'token') process.stdout.write(chunk.data);
+ *   if (chunk.type === 'guardrail_triggered') handleGuardrail(chunk);
+ * }
+ *
+ * const finalResult = await result;
+ * ```
+ */
+
+/** Token chunk from streaming response */
+interface TokenChunk {
+    type: "token";
+    data: string;
+    /** Running total of tokens received */
+    tokenCount: number;
+}
+/** Tool execution started */
+interface ToolStartChunk {
+    type: "tool_start";
+    tool: string;
+    toolCallId: string;
+    arguments: string;
+}
+/** Tool execution completed */
+interface ToolEndChunk {
+    type: "tool_end";
+    tool: string;
+    toolCallId: string;
+    result: string;
+}
+/** Message added to conversation */
+interface MessageChunk {
+    type: "message";
+    message: Message$1;
+}
+/** Guardrail was triggered during streaming */
+interface GuardrailTriggeredChunk {
+    type: "guardrail_triggered";
+    guardrailName: string;
+    reason: string;
+    /** Partial output at the time of trigger */
+    partialOutput: string;
+    /** Whether the stream was stopped */
+    stopped: boolean;
+}
+/** Progress update for UI feedback */
+interface ProgressChunk {
+    type: "progress";
+    phase: "starting" | "generating" | "tool_calling" | "finishing";
+    /** Percentage complete (0-100), if known */
+    percent?: number;
+    /** Human-readable status message */
+    message?: string;
+}
+/** Stream completed */
+interface DoneChunk {
+    type: "done";
+    totalTokens: number;
+    duration: number;
+    /** Number of tokens dropped due to backpressure (only with 'drop' strategy) */
+    droppedTokens: number;
+}
+/** Error during streaming */
+interface ErrorChunk {
+    type: "error";
+    error: Error;
+    /** Partial output before error */
+    partialOutput?: string;
+}
+/** Union of all stream chunk types */
+type StreamChunk = TokenChunk | ToolStartChunk | ToolEndChunk | MessageChunk | GuardrailTriggeredChunk | ProgressChunk | DoneChunk | ErrorChunk;
+/** Backpressure strategy when consumer is slow */
+type BackpressureStrategy = 
+/** Drop tokens when buffer is full (lossy, fast) */
+"drop"
+/** Block producer when buffer is full (lossless, may slow response) */
+ | "block"
+/** Buffer all tokens (lossless, uses memory) */
+ | "buffer";
+/** Streaming run options */
+interface StreamRunOptions {
+    /** Maximum turns before stopping */
+    maxTurns?: number;
+    /** Abort signal for cancellation */
+    signal?: AbortSignal;
+    /** Backpressure strategy (default: 'buffer') */
+    backpressure?: BackpressureStrategy;
+    /** Buffer size for 'drop' and 'block' strategies */
+    bufferSize?: number;
+    /** Evaluate guardrails every N tokens (default: 50) */
+    guardrailCheckInterval?: number;
+    /** Stop stream on guardrail trigger (default: true for critical) */
+    stopOnGuardrail?: boolean | ((chunk: GuardrailTriggeredChunk) => boolean);
+}
+/** Stream run function type (mirrors OpenAI Agents streaming API) */
+type StreamRunner = <T = unknown>(agent: AgentLike, input: string, options?: StreamRunOptions) => StreamingRunResult<T>;
+/** Result from a streaming run */
+interface StreamingRunResult<T = unknown> {
+    /** Async iterator for streaming chunks */
+    stream: AsyncIterable<StreamChunk>;
+    /** Promise that resolves to the final result */
+    result: Promise<RunResult<T>>;
+    /** Abort the stream */
+    abort: () => void;
+}
+/** Streaming guardrail that evaluates partial output */
+interface StreamingGuardrail {
+    /** Unique name for this guardrail */
+    name: string;
+    /** Check partial output (called every guardrailCheckInterval tokens) */
+    check: (partialOutput: string, tokenCount: number) => StreamingGuardrailResult | Promise<StreamingGuardrailResult>;
+    /** Whether to stop the stream on failure (default: true) */
+    stopOnFail?: boolean;
+}
+/** Result from a streaming guardrail check */
+interface StreamingGuardrailResult {
+    passed: boolean;
+    reason?: string;
+    /** Severity level for UI display */
+    severity?: "warning" | "error" | "critical";
+    /** Warning message (guardrail passed but wants to emit a warning) */
+    warning?: string;
+}
+/**
+ * Create a streaming runner that wraps a base run function.
+ * This is used internally by the orchestrator but can be used standalone.
+ *
+ * @param baseRunner - The underlying non-streaming runner
+ * @param options - Configuration options
+ */
+declare function createStreamingRunner(baseRunner: (agent: AgentLike, input: string, callbacks: {
+    onToken?: (token: string) => void;
+    onToolStart?: (tool: string, id: string, args: string) => void;
+    onToolEnd?: (tool: string, id: string, result: string) => void;
+    onMessage?: (message: Message$1) => void;
+    signal?: AbortSignal;
+}) => Promise<RunResult<unknown>>, options?: {
+    streamingGuardrails?: StreamingGuardrail[];
+}): StreamRunner;
+/**
+ * Create a streaming guardrail that detects toxic content.
+ *
+ * @example
+ * ```typescript
+ * const toxicityGuardrail = createToxicityStreamingGuardrail({
+ *   threshold: 0.9,
+ *   checkFn: async (text) => myToxicityModel.score(text),
+ * });
+ * ```
+ */
+declare function createToxicityStreamingGuardrail(options: {
+    /** Toxicity scoring function (returns 0-1) */
+    checkFn: (text: string) => number | Promise<number>;
+    /** Threshold above which content is flagged (default: 0.8) */
+    threshold?: number;
+    /** Stop the stream on detection (default: true) */
+    stopOnFail?: boolean;
+}): StreamingGuardrail;
+/**
+ * Create a streaming guardrail that limits output length.
+ *
+ * @example
+ * ```typescript
+ * const lengthGuardrail = createLengthStreamingGuardrail({
+ *   maxTokens: 4000,
+ *   warnAt: 3500,
+ * });
+ * ```
+ */
+declare function createLengthStreamingGuardrail(options: {
+    /** Maximum tokens before stopping */
+    maxTokens: number;
+    /** Warn at this token count (optional) */
+    warnAt?: number;
+    /** Stop the stream on max (default: true) */
+    stopOnFail?: boolean;
+}): StreamingGuardrail;
+/**
+ * Create a streaming guardrail that detects patterns (regex-based).
+ *
+ * @example
+ * ```typescript
+ * const piiGuardrail = createPatternStreamingGuardrail({
+ *   patterns: [
+ *     { regex: /\b\d{3}-\d{2}-\d{4}\b/, name: 'SSN' },
+ *     { regex: /\b\d{16}\b/, name: 'Credit Card' },
+ *   ],
+ *   stopOnFail: true,
+ * });
+ * ```
+ */
+declare function createPatternStreamingGuardrail(options: {
+    patterns: Array<{
+        regex: RegExp;
+        name: string;
+    }>;
+    stopOnFail?: boolean;
+}): StreamingGuardrail;
+/**
+ * Combine multiple streaming guardrails into one.
+ *
+ * @example
+ * ```typescript
+ * const combined = combineStreamingGuardrails([
+ *   createToxicityStreamingGuardrail({ ... }),
+ *   createLengthStreamingGuardrail({ ... }),
+ * ]);
+ * ```
+ */
+declare function combineStreamingGuardrails(guardrails: StreamingGuardrail[], options?: {
+    name?: string;
+    stopOnFirstFail?: boolean;
+}): StreamingGuardrail;
+/**
+ * Convert a regular output guardrail to a streaming guardrail.
+ * Useful for reusing existing guardrails in streaming context.
+ *
+ * @example
+ * ```typescript
+ * const streamingPII = adaptOutputGuardrail(
+ *   "pii-streaming",
+ *   createPIIGuardrail({ redact: false }),
+ *   { checkInterval: 100 }
+ * );
+ * ```
+ */
+declare function adaptOutputGuardrail(name: string, guardrail: GuardrailFn<OutputGuardrailData>, options?: {
+    /** Only run after this many tokens (optimization) */
+    minTokens?: number;
+    stopOnFail?: boolean;
+}): StreamingGuardrail;
+/**
+ * Collect all tokens from a stream into a string.
+ *
+ * @example
+ * ```typescript
+ * const { stream, result } = orchestrator.runStream(agent, input);
+ * const fullOutput = await collectTokens(stream);
+ * ```
+ */
+declare function collectTokens(stream: AsyncIterable<StreamChunk>): Promise<string>;
+/**
+ * Tap into a stream without consuming it.
+ * Useful for logging or side effects.
+ *
+ * @example
+ * ```typescript
+ * const { stream } = orchestrator.runStream(agent, input);
+ * const tapped = tapStream(stream, (chunk) => console.log(chunk));
+ * for await (const chunk of tapped) { ... }
+ * ```
+ */
+declare function tapStream(stream: AsyncIterable<StreamChunk>, fn: (chunk: StreamChunk) => void | Promise<void>): AsyncIterable<StreamChunk>;
+/**
+ * Filter stream chunks by type.
+ *
+ * @example
+ * ```typescript
+ * const tokensOnly = filterStream(stream, ['token']);
+ * ```
+ */
+declare function filterStream<T extends StreamChunk["type"]>(stream: AsyncIterable<StreamChunk>, types: T[]): AsyncIterable<Extract<StreamChunk, {
+    type: T;
+}>>;
+/**
+ * Transform stream chunks.
+ *
+ * @example
+ * ```typescript
+ * const upperTokens = mapStream(stream, (chunk) => {
+ *   if (chunk.type === 'token') return { ...chunk, data: chunk.data.toUpperCase() };
+ *   return chunk;
+ * });
+ * ```
+ */
+declare function mapStream<R>(stream: AsyncIterable<StreamChunk>, fn: (chunk: StreamChunk) => R | Promise<R>): AsyncIterable<R>;
+
+/**
+ * Built-in guardrails for AI adapter — PII, moderation, rate limiting, tool allowlists, schema validation.
+ */
+
+/**
+ * Create a PII detection guardrail.
+ *
+ * @example
+ * ```typescript
+ * const piiGuardrail = createPIIGuardrail({
+ *   patterns: [
+ *     /\b\d{3}-\d{2}-\d{4}\b/, // SSN
+ *     /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/i, // Email
+ *   ],
+ *   redact: true,
+ * });
+ * ```
+ */
+declare function createPIIGuardrail(options: {
+    patterns?: RegExp[];
+    redact?: boolean;
+    redactReplacement?: string;
+}): GuardrailFn<InputGuardrailData>;
+/**
+ * Create a content moderation guardrail.
+ *
+ * @example
+ * ```typescript
+ * const moderationGuardrail = createModerationGuardrail({
+ *   checkFn: async (text) => {
+ *     const result = await openai.moderations.create({ input: text });
+ *     return result.results[0].flagged;
+ *   },
+ * });
+ * ```
+ */
+declare function createModerationGuardrail(options: {
+    checkFn: (text: string) => boolean | Promise<boolean>;
+    message?: string;
+}): GuardrailFn<InputGuardrailData | OutputGuardrailData>;
+/** Rate limiter with reset capability for testing */
+interface RateLimitGuardrail extends GuardrailFn<InputGuardrailData> {
+    reset(): void;
+}
+/**
+ * Create a rate limit guardrail based on token usage.
+ * Returns a guardrail function with an additional `reset()` method for testing.
+ */
+declare function createRateLimitGuardrail(options: {
+    maxTokensPerMinute?: number;
+    maxRequestsPerMinute?: number;
+}): RateLimitGuardrail;
+/**
+ * Create a tool allowlist/denylist guardrail.
+ */
+declare function createToolGuardrail(options: {
+    allowlist?: string[];
+    denylist?: string[];
+    /** @default false */
+    caseSensitive?: boolean;
+}): GuardrailFn<ToolCallGuardrailData>;
+/**
+ * Create an output schema validation guardrail.
+ */
+declare function createOutputSchemaGuardrail<T = unknown>(options: {
+    validate: SchemaValidator<T>;
+    errorPrefix?: string;
+}): GuardrailFn<OutputGuardrailData>;
+/**
+ * Create a simple type check guardrail for common output types.
+ */
+declare function createOutputTypeGuardrail(options: {
+    type: "string" | "number" | "boolean" | "object" | "array";
+    requiredFields?: string[];
+    minLength?: number;
+    maxLength?: number;
+    minStringLength?: number;
+    maxStringLength?: number;
+}): GuardrailFn<OutputGuardrailData>;
+/**
+ * Create a length guardrail that limits output size.
+ *
+ * @example
+ * ```typescript
+ * const lengthGuardrail = createLengthGuardrail({
+ *   maxCharacters: 5000,
+ * });
+ * ```
+ */
+declare function createLengthGuardrail(options: {
+    /** Maximum characters in output */
+    maxCharacters?: number;
+    /** Maximum estimated tokens in output */
+    maxTokens?: number;
+    /** Custom token estimator (default: chars / 4) */
+    estimateTokens?: (text: string) => number;
+}): GuardrailFn<OutputGuardrailData>;
+/**
+ * Create a content filter guardrail that blocks output matching specific patterns.
+ *
+ * @example
+ * ```typescript
+ * const contentFilter = createContentFilterGuardrail({
+ *   blockedPatterns: [
+ *     /\bpassword\b/i,
+ *     /\bsecret\b/i,
+ *     'internal-only',
+ *   ],
+ * });
+ * ```
+ */
+declare function createContentFilterGuardrail(options: {
+    /** Patterns to block — strings or RegExp */
+    blockedPatterns: Array<string | RegExp>;
+    /** Case-sensitive matching for string patterns (default: false) */
+    caseSensitive?: boolean;
+}): GuardrailFn<OutputGuardrailData>;
+
+/**
+ * Helper functions for AI adapter — createRunner, estimateCost, state queries, validation.
+ */
+
+/** Check if agent is currently running. */
+declare function isAgentRunning(state: AgentState): boolean;
+/** Check if there are pending approvals. */
+declare function hasPendingApprovals(state: ApprovalState): boolean;
+/**
+ * Get total cost estimate based on token usage.
+ *
+ * @param tokenUsage - Total token count
+ * @param ratePerMillionTokens - Cost per million tokens (required, no default to avoid stale pricing)
+ * @returns Estimated cost in dollars
+ */
+declare function estimateCost(tokenUsage: number, ratePerMillionTokens: number): number;
+/**
+ * Validate that a baseURL uses http or https.
+ * Throws immediately at adapter creation time (not at call time) to catch config errors early.
+ */
+declare function validateBaseURL(baseURL: string): void;
+/** Parsed response from an LLM provider */
+interface ParsedResponse {
+    text: string;
+    totalTokens: number;
+    /** Input token count, when available from the provider */
+    inputTokens?: number;
+    /** Output token count, when available from the provider */
+    outputTokens?: number;
+}
+/** Options for creating an AgentRunner from buildRequest/parseResponse */
+interface CreateRunnerOptions {
+    fetch?: typeof globalThis.fetch;
+    buildRequest: (agent: AgentLike, input: string, messages: Message$1[]) => {
+        url: string;
+        init: RequestInit;
+    };
+    parseResponse: (response: Response, messages: Message$1[]) => Promise<ParsedResponse>;
+    parseOutput?: <T>(text: string) => T;
+    /** Lifecycle hooks for tracing, logging, and metrics */
+    hooks?: AdapterHooks;
+}
+/**
+ * Create an AgentRunner from buildRequest/parseResponse helpers.
+ * Reduces ~50 lines of fetch boilerplate to ~20 lines of configuration.
+ *
+ * Supports lifecycle hooks for observability:
+ * - `onBeforeCall` fires before each API request
+ * - `onAfterCall` fires after a successful response (includes token breakdown)
+ * - `onError` fires when the request fails
+ *
+ * @example
+ * ```typescript
+ * const runClaude = createRunner({
+ *   buildRequest: (agent, input) => ({
+ *     url: "/api/claude",
+ *     init: {
+ *       method: "POST",
+ *       headers: { "Content-Type": "application/json" },
+ *       body: JSON.stringify({
+ *         model: agent.model ?? "claude-haiku-4-5-20251001",
+ *         system: agent.instructions ?? "",
+ *         messages: [{ role: "user", content: input }],
+ *       }),
+ *     },
+ *   }),
+ *   parseResponse: async (res) => {
+ *     const data = await res.json();
+ *     const inputTokens = data.usage?.input_tokens ?? 0;
+ *     const outputTokens = data.usage?.output_tokens ?? 0;
+ *     return {
+ *       text: data.content?.[0]?.text ?? "",
+ *       totalTokens: inputTokens + outputTokens,
+ *       inputTokens,
+ *       outputTokens,
+ *     };
+ *   },
+ *   hooks: {
+ *     onAfterCall: ({ durationMs, tokenUsage }) => {
+ *       console.log(`LLM call: ${durationMs}ms, ${tokenUsage.inputTokens}in/${tokenUsage.outputTokens}out`);
+ *     },
+ *   },
+ * });
+ * ```
+ */
+declare function createRunner(options: CreateRunnerOptions): AgentRunner;
+
+/**
+ * Constraint Helper Functions — Ergonomic builders for OrchestratorConstraint
+ *
+ * @example
+ * ```typescript
+ * import { constraint, when } from '@directive-run/ai';
+ *
+ * constraints: {
+ *   // Builder pattern
+ *   escalate: constraint<MyFacts>()
+ *     .when(f => f.confidence < 0.7)
+ *     .require({ type: 'ESCALATE' })
+ *     .priority(50)
+ *     .build(),
+ *
+ *   // Quick shorthand
+ *   pause: when<MyFacts>(f => f.errors > 3)
+ *     .require({ type: 'PAUSE' }),
+ * }
+ * ```
+ */
+
+interface ConstraintBuilderWithWhen<F extends Record<string, unknown>> {
+    require(req: Requirement | ((facts: F & OrchestratorState) => Requirement)): ConstraintBuilderWithRequire<F>;
+}
+interface ConstraintBuilderWithRequire<F extends Record<string, unknown>> {
+    priority(p: number): ConstraintBuilderWithRequire<F>;
+    build(): OrchestratorConstraint<F>;
+}
+interface ConstraintBuilder<F extends Record<string, unknown>> {
+    when(condition: (facts: F & OrchestratorState) => boolean | Promise<boolean>): ConstraintBuilderWithWhen<F>;
+}
+/**
+ * Fluent builder for creating orchestrator constraints.
+ *
+ * @example
+ * ```typescript
+ * const myConstraint = constraint<MyFacts>()
+ *   .when(f => f.confidence < 0.7)
+ *   .require({ type: 'ESCALATE' })
+ *   .priority(50)
+ *   .build();
+ * ```
+ */
+declare function constraint<F extends Record<string, unknown> = Record<string, never>>(): ConstraintBuilder<F>;
+interface WhenResult<F extends Record<string, unknown>> {
+    require(req: Requirement | ((facts: F & OrchestratorState) => Requirement)): WhenWithRequire<F>;
+}
+/**
+ * Result of `when().require()` — a valid `OrchestratorConstraint<F>` directly,
+ * or chain `.withPriority(n)` to get a constraint with priority set.
+ */
+interface WhenWithRequire<F extends Record<string, unknown>> extends OrchestratorConstraint<F> {
+    /** Return a new constraint with the given priority */
+    withPriority(p: number): OrchestratorConstraint<F>;
+}
+/**
+ * Quick shorthand for creating simple constraints.
+ * The returned object is a valid `OrchestratorConstraint<F>` — use directly
+ * or chain `.withPriority(n)` to set priority.
+ *
+ * @example
+ * ```typescript
+ * const myConstraint = when<MyFacts>(f => f.errors > 3)
+ *   .require({ type: 'PAUSE' });
+ *
+ * // With priority
+ * const urgent = when<MyFacts>(f => f.critical)
+ *   .require({ type: 'HALT' })
+ *   .withPriority(100);
+ * ```
+ */
+declare function when<F extends Record<string, unknown> = Record<string, never>>(condition: (facts: F & OrchestratorState) => boolean | Promise<boolean>): WhenResult<F>;
+
+/**
+ * Multi-Agent Orchestration Patterns
+ *
+ * Provides patterns for coordinating multiple AI agents:
+ * - Parallel execution with result merging
+ * - Sequential pipelines
+ * - Supervisor patterns with worker delegation
+ * - Constraint-driven agent selection
+ *
+ * @example
+ * ```typescript
+ * import { createMultiAgentOrchestrator } from '@directive-run/ai';
+ *
+ * const orchestrator = createMultiAgentOrchestrator({
+ *   agents: {
+ *     researcher: { agent: researchAgent, maxConcurrent: 3 },
+ *     writer: { agent: writerAgent, maxConcurrent: 1 },
+ *     reviewer: { agent: reviewerAgent, maxConcurrent: 1 },
+ *   },
+ *   patterns: {
+ *     parallelResearch: {
+ *       type: 'parallel',
+ *       agents: ['researcher', 'researcher', 'researcher'],
+ *       merge: (results) => combineResearch(results),
+ *     },
+ *   },
+ * });
+ * ```
+ */
+
+/**
+ * Async semaphore for controlling concurrent access.
+ * Uses a queue-based approach instead of polling for efficiency.
+ *
+ * @example
+ * ```typescript
+ * import { Semaphore } from '@directive-run/ai';
+ *
+ * const sem = new Semaphore(3); // Allow 3 concurrent operations
+ *
+ * async function doWork() {
+ *   const release = await sem.acquire();
+ *   try {
+ *     await performWork();
+ *   } finally {
+ *     release();
+ *   }
+ * }
+ * ```
+ */
+declare class Semaphore {
+    private count;
+    private readonly maxPermits;
+    private readonly queue;
+    constructor(max: number);
+    acquire(): Promise<() => void>;
+    private release;
+    /** Get current available permits */
+    get available(): number;
+    /** Get number of waiters in queue */
+    get waiting(): number;
+    /** Get maximum permits */
+    get max(): number;
+    /** Reject all pending waiters with an error and reset permits */
+    drain(): void;
+}
+/** Configuration for a registered agent */
+interface AgentRegistration {
+    /** The agent instance */
+    agent: AgentLike;
+    /** Maximum concurrent runs for this agent (default: 1) */
+    maxConcurrent?: number;
+    /** Timeout for agent runs (ms) */
+    timeout?: number;
+    /** Custom run options */
+    runOptions?: Omit<RunOptions, "signal">;
+    /** Description for constraint-based selection */
+    description?: string;
+    /** Capabilities this agent has */
+    capabilities?: string[];
+    /** Per-agent output guardrails (applied in addition to stack-level guardrails) */
+    guardrails?: {
+        output?: Array<GuardrailFn<OutputGuardrailData> | NamedGuardrail<OutputGuardrailData>>;
+    };
+}
+/** Agent registry configuration */
+interface AgentRegistry {
+    [agentId: string]: AgentRegistration;
+}
+/** State of a running agent */
+interface AgentRunState {
+    agentId: string;
+    runId: string;
+    status: "pending" | "running" | "completed" | "error" | "cancelled";
+    input: string;
+    output?: unknown;
+    error?: Error;
+    startedAt?: number;
+    completedAt?: number;
+    tokens: number;
+}
+/** Parallel execution pattern - run agents concurrently and merge results */
+interface ParallelPattern<T = unknown> {
+    type: "parallel";
+    /** Agent IDs to run in parallel (can repeat for multiple instances) */
+    agents: string[];
+    /** Function to merge results from all agents */
+    merge: (results: RunResult<unknown>[]) => T | Promise<T>;
+    /** Minimum successful results required (default: all) */
+    minSuccess?: number;
+    /** Overall timeout (ms) */
+    timeout?: number;
+}
+/** Sequential execution pattern - pipeline of agents */
+interface SequentialPattern<T = unknown> {
+    type: "sequential";
+    /** Agent IDs in execution order */
+    agents: string[];
+    /** Transform output to next input (default: stringify) */
+    transform?: (output: unknown, agentId: string, index: number) => string;
+    /** Final result extractor */
+    extract?: (output: unknown) => T;
+    /** Continue on error (default: false) */
+    continueOnError?: boolean;
+}
+/** Supervisor pattern - one agent directs others */
+interface SupervisorPattern<T = unknown> {
+    type: "supervisor";
+    /** Supervisor agent ID */
+    supervisor: string;
+    /** Worker agent IDs */
+    workers: string[];
+    /** Maximum delegation rounds */
+    maxRounds?: number;
+    /** Extract final result */
+    extract?: (supervisorOutput: unknown, workerResults: RunResult<unknown>[]) => T;
+}
+/** Union of all patterns */
+type ExecutionPattern<T = unknown> = ParallelPattern<T> | SequentialPattern<T> | SupervisorPattern<T>;
+/** Handoff request between agents */
+interface HandoffRequest {
+    id: string;
+    fromAgent: string;
+    toAgent: string;
+    input: string;
+    context?: Record<string, unknown>;
+    requestedAt: number;
+}
+/** Handoff result */
+interface HandoffResult {
+    request: HandoffRequest;
+    result: RunResult<unknown>;
+    completedAt: number;
+}
+/** Constraint for agent selection */
+interface AgentSelectionConstraint {
+    when: (facts: Record<string, unknown>) => boolean | Promise<boolean>;
+    select: string | ((facts: Record<string, unknown>) => string);
+    input: string | ((facts: Record<string, unknown>) => string);
+    priority?: number;
+}
+/** Run agent requirement */
+interface RunAgentRequirement extends Requirement {
+    type: "RUN_AGENT";
+    agent: string;
+    input: string;
+    context?: Record<string, unknown>;
+}
+/** Multi-agent orchestrator options */
+interface MultiAgentOrchestratorOptions {
+    /** Base run function */
+    runner: AgentRunner;
+    /** Registered agents */
+    agents: AgentRegistry;
+    /** Execution patterns */
+    patterns?: Record<string, ExecutionPattern>;
+    /** Handoff callbacks */
+    onHandoff?: (request: HandoffRequest) => void;
+    /** Handoff completion callbacks */
+    onHandoffComplete?: (result: HandoffResult) => void;
+    /** Maximum number of handoff results to retain (default: 1000) */
+    maxHandoffHistory?: number;
+    /** Debug mode */
+    debug?: boolean;
+}
+/** Multi-agent state in facts */
+interface MultiAgentState {
+    /** Namespace for each agent's state */
+    __agents: Record<string, {
+        status: "idle" | "running" | "completed" | "error";
+        lastInput?: string;
+        lastOutput?: unknown;
+        lastError?: string;
+        runCount: number;
+        totalTokens: number;
+    }>;
+    /** Pending handoffs */
+    __handoffs: HandoffRequest[];
+    /** Completed handoffs */
+    __handoffResults: HandoffResult[];
+}
+/** Multi-agent orchestrator instance */
+interface MultiAgentOrchestrator {
+    /** Run a single agent */
+    runAgent<T>(agentId: string, input: string, options?: RunOptions): Promise<RunResult<T>>;
+    /** Run an execution pattern */
+    runPattern<T>(patternId: string, input: string): Promise<T>;
+    /** Run agents in parallel */
+    runParallel<T>(agentIds: string[], inputs: string | string[], merge: (results: RunResult<unknown>[]) => T | Promise<T>): Promise<T>;
+    /** Run agents sequentially */
+    runSequential<T>(agentIds: string[], initialInput: string, options?: {
+        transform?: (output: unknown, agentId: string, index: number) => string;
+    }): Promise<RunResult<T>[]>;
+    /** Request a handoff between agents */
+    handoff(fromAgent: string, toAgent: string, input: string, context?: Record<string, unknown>): Promise<RunResult<unknown>>;
+    /** Get agent state */
+    getAgentState(agentId: string): MultiAgentState["__agents"][string] | undefined;
+    /** Get all agent states */
+    getAllAgentStates(): Record<string, MultiAgentState["__agents"][string]>;
+    /** Get pending handoffs */
+    getPendingHandoffs(): HandoffRequest[];
+    /** Reset all agent states */
+    reset(): void;
+    /** Dispose of the orchestrator, resetting all state */
+    dispose(): void;
+}
+/**
+ * Create a multi-agent orchestrator.
+ *
+ * @example
+ * ```typescript
+ * const orchestrator = createMultiAgentOrchestrator({
+ *   runner,
+ *   agents: {
+ *     researcher: { agent: researchAgent, maxConcurrent: 3 },
+ *     writer: { agent: writerAgent },
+ *     reviewer: { agent: reviewerAgent },
+ *   },
+ *   patterns: {
+ *     research: {
+ *       type: 'parallel',
+ *       agents: ['researcher', 'researcher'],
+ *       merge: (results) => results.map(r => r.output).join('\n\n'),
+ *     },
+ *     write: {
+ *       type: 'sequential',
+ *       agents: ['writer', 'reviewer'],
+ *     },
+ *   },
+ * });
+ *
+ * // Run pattern
+ * const research = await orchestrator.runPattern('research', 'What is AI?');
+ *
+ * // Run parallel
+ * const results = await orchestrator.runParallel(
+ *   ['researcher', 'researcher'],
+ *   ['Question 1', 'Question 2'],
+ *   (results) => results.map(r => r.output)
+ * );
+ *
+ * // Handoff
+ * const reviewed = await orchestrator.handoff('writer', 'reviewer', draft);
+ * ```
+ *
+ * @throws {Error} If a pattern references an agent that is not in the registry
+ */
+declare function createMultiAgentOrchestrator(options: MultiAgentOrchestratorOptions): MultiAgentOrchestrator;
+/**
+ * Create a parallel pattern configuration.
+ *
+ * @example
+ * ```typescript
+ * const researchPattern = parallel(
+ *   ['researcher', 'researcher', 'researcher'],
+ *   (results) => results.map(r => r.output).join('\n')
+ * );
+ * ```
+ */
+declare function parallel<T>(agents: string[], merge: (results: RunResult<unknown>[]) => T | Promise<T>, options?: {
+    minSuccess?: number;
+    timeout?: number;
+}): ParallelPattern<T>;
+/**
+ * Create a sequential pattern configuration.
+ *
+ * @example
+ * ```typescript
+ * const writeReviewPattern = sequential(
+ *   ['writer', 'reviewer'],
+ *   { transform: (output) => `Review this: ${output}` }
+ * );
+ * ```
+ */
+declare function sequential<T>(agents: string[], options?: {
+    transform?: (output: unknown, agentId: string, index: number) => string;
+    extract?: (output: unknown) => T;
+    continueOnError?: boolean;
+}): SequentialPattern<T>;
+/**
+ * Create a supervisor pattern configuration.
+ *
+ * @example
+ * ```typescript
+ * const managedPattern = supervisor(
+ *   'manager',
+ *   ['worker1', 'worker2'],
+ *   { maxRounds: 3 }
+ * );
+ * ```
+ */
+declare function supervisor<T>(supervisorAgent: string, workers: string[], options?: {
+    maxRounds?: number;
+    extract?: (supervisorOutput: unknown, workerResults: RunResult<unknown>[]) => T;
+}): SupervisorPattern<T>;
+/**
+ * Create an agent selection constraint.
+ *
+ * @example
+ * ```typescript
+ * const constraints = {
+ *   routeToExpert: selectAgent(
+ *     (facts) => facts.complexity > 0.8,
+ *     'expert',
+ *     (facts) => facts.query
+ *   ),
+ * };
+ * ```
+ */
+declare function selectAgent(when: (facts: Record<string, unknown>) => boolean | Promise<boolean>, agent: string | ((facts: Record<string, unknown>) => string), input: string | ((facts: Record<string, unknown>) => string), priority?: number): AgentSelectionConstraint;
+/**
+ * Create a RUN_AGENT requirement.
+ *
+ * @example
+ * ```typescript
+ * constraints: {
+ *   needsResearch: {
+ *     when: (facts) => facts.hasUnknowns,
+ *     require: runAgentRequirement('researcher', facts.query),
+ *   },
+ * }
+ * ```
+ */
+declare function runAgentRequirement(agent: string, input: string, context?: Record<string, unknown>): RunAgentRequirement;
+/**
+ * Merge results by concatenating outputs.
+ */
+declare function concatResults(results: RunResult<unknown>[], separator?: string): string;
+/**
+ * Merge results by picking the best one based on a scoring function.
+ */
+declare function pickBestResult<T>(results: RunResult<T>[], score: (result: RunResult<T>) => number): RunResult<T>;
+/**
+ * Merge results into an array of outputs.
+ */
+declare function collectOutputs<T>(results: RunResult<T>[]): T[];
+/**
+ * Aggregate token counts from results.
+ */
+declare function aggregateTokens(results: RunResult<unknown>[]): number;
+
+/**
+ * Agent-to-Agent Communication Protocol
+ *
+ * Provides structured communication channels between agents for coordination,
+ * delegation, and knowledge sharing without central orchestration.
+ *
+ * @example
+ * ```typescript
+ * import { createAgentNetwork, createMessageBus } from '@directive-run/ai';
+ *
+ * const messageBus = createMessageBus();
+ *
+ * const network = createAgentNetwork({
+ *   bus: messageBus,
+ *   agents: {
+ *     researcher: { capabilities: ['search', 'analyze'] },
+ *     writer: { capabilities: ['draft', 'edit'] },
+ *     reviewer: { capabilities: ['review', 'approve'] },
+ *   },
+ * });
+ *
+ * // Agents can send messages to each other
+ * await network.send('researcher', 'writer', {
+ *   type: 'DELEGATION',
+ *   task: 'Draft an article based on this research',
+ *   context: { findings: [...] },
+ * });
+ * ```
+ */
+/** Base message structure */
+interface AgentMessage {
+    id: string;
+    type: AgentMessageType;
+    from: string;
+    to: string | string[] | "*";
+    timestamp: number;
+    correlationId?: string;
+    replyTo?: string;
+    priority?: "low" | "normal" | "high" | "urgent";
+    ttlMs?: number;
+    metadata?: Record<string, unknown>;
+}
+/** Message types for agent communication */
+type AgentMessageType = "REQUEST" | "RESPONSE" | "DELEGATION" | "DELEGATION_RESULT" | "QUERY" | "INFORM" | "SUBSCRIBE" | "UNSUBSCRIBE" | "UPDATE" | "ACK" | "NACK" | "PING" | "PONG" | "CUSTOM";
+/** Request message */
+interface RequestMessage extends AgentMessage {
+    type: "REQUEST";
+    action: string;
+    payload: Record<string, unknown>;
+    timeout?: number;
+}
+/** Response message */
+interface ResponseMessage extends AgentMessage {
+    type: "RESPONSE";
+    success: boolean;
+    result?: unknown;
+    error?: string;
+}
+/** Delegation message */
+interface DelegationMessage extends AgentMessage {
+    type: "DELEGATION";
+    task: string;
+    context: Record<string, unknown>;
+    constraints?: {
+        deadline?: number;
+        maxCost?: number;
+        requiredCapabilities?: string[];
+    };
+}
+/** Delegation result message */
+interface DelegationResultMessage extends AgentMessage {
+    type: "DELEGATION_RESULT";
+    success: boolean;
+    result?: unknown;
+    error?: string;
+    metrics?: {
+        durationMs: number;
+        tokensUsed?: number;
+        cost?: number;
+    };
+}
+/** Query message */
+interface QueryMessage extends AgentMessage {
+    type: "QUERY";
+    question: string;
+    context?: Record<string, unknown>;
+}
+/** Inform message */
+interface InformMessage extends AgentMessage {
+    type: "INFORM";
+    topic: string;
+    content: unknown;
+}
+/** Subscribe message */
+interface SubscribeMessage extends AgentMessage {
+    type: "SUBSCRIBE";
+    topics: string[];
+}
+/** Update message */
+interface UpdateMessage extends AgentMessage {
+    type: "UPDATE";
+    topic: string;
+    content: unknown;
+}
+/** Union of all message types */
+type TypedAgentMessage = RequestMessage | ResponseMessage | DelegationMessage | DelegationResultMessage | QueryMessage | InformMessage | SubscribeMessage | UpdateMessage | (AgentMessage & {
+    type: "UNSUBSCRIBE" | "ACK" | "NACK" | "PING" | "PONG" | "CUSTOM";
+});
+/** Message handler function */
+type MessageHandler = (message: TypedAgentMessage) => void | Promise<void>;
+/** Subscription to messages */
+interface Subscription {
+    id: string;
+    agentId: string;
+    handler: MessageHandler;
+    filter?: MessageFilter;
+    unsubscribe: () => void;
+}
+/** Message filter criteria */
+interface MessageFilter {
+    types?: AgentMessageType[];
+    from?: string | string[];
+    topics?: string[];
+    priority?: ("low" | "normal" | "high" | "urgent")[];
+    custom?: (message: TypedAgentMessage) => boolean;
+}
+/** Message bus configuration */
+interface MessageBusConfig {
+    /** Maximum messages to retain in history */
+    maxHistory?: number;
+    /** Default TTL for messages */
+    defaultTtlMs?: number;
+    /** Maximum pending messages per offline agent (prevents unbounded queue growth) */
+    maxPendingPerAgent?: number;
+    /** Enable message persistence */
+    persistence?: MessagePersistence;
+    /** Callback when message is delivered */
+    onDelivery?: (message: TypedAgentMessage, recipients: string[]) => void;
+    /** Callback when message delivery fails */
+    onDeliveryError?: (message: TypedAgentMessage, error: Error) => void;
+}
+/** Message persistence interface */
+interface MessagePersistence {
+    save(message: TypedAgentMessage): Promise<void>;
+    load(agentId: string, since?: number): Promise<TypedAgentMessage[]>;
+    delete(messageId: string): Promise<void>;
+    clear(agentId?: string): Promise<void>;
+}
+/** Message bus instance */
+interface MessageBus {
+    /** Publish a message */
+    publish(message: Omit<TypedAgentMessage, "id" | "timestamp">): string;
+    /** Subscribe to messages */
+    subscribe(agentId: string, handler: MessageHandler, filter?: MessageFilter): Subscription;
+    /** Get message history */
+    getHistory(filter?: MessageFilter, limit?: number): TypedAgentMessage[];
+    /** Get a specific message by ID */
+    getMessage(id: string): TypedAgentMessage | undefined;
+    /** Get pending messages for an agent */
+    getPending(agentId: string): TypedAgentMessage[];
+    /** Clear all messages and data */
+    clear(): void;
+    /** Dispose of the message bus, clearing all data and subscriptions */
+    dispose(): void;
+}
+/**
+ * Create a message bus for agent communication.
+ *
+ * @example
+ * ```typescript
+ * const bus = createMessageBus({ maxHistory: 1000 });
+ *
+ * // Subscribe to messages
+ * bus.subscribe('writer', (msg) => {
+ *   console.log(`Writer received: ${msg.type}`);
+ * });
+ *
+ * // Publish a message
+ * bus.publish({
+ *   type: 'DELEGATION',
+ *   from: 'researcher',
+ *   to: 'writer',
+ *   task: 'Write summary',
+ *   context: { data: '...' },
+ * });
+ * ```
+ */
+/**
+ * Note: `publish()` is fire-and-forget -- it returns the message ID synchronously
+ * before delivery completes. Use `onDelivery` / `onDeliveryError` callbacks in
+ * config to track delivery status if needed.
+ */
+declare function createMessageBus(config?: MessageBusConfig): MessageBus;
+/** Agent registration info */
+interface AgentInfo {
+    id: string;
+    capabilities: string[];
+    status: "online" | "offline" | "busy";
+    lastSeen: number;
+    metadata?: Record<string, unknown>;
+}
+/** Agent network configuration */
+interface AgentNetworkConfig {
+    /** Message bus to use */
+    bus: MessageBus;
+    /** Registered agents */
+    agents?: Record<string, Omit<AgentInfo, "id" | "lastSeen" | "status">>;
+    /** Timeout for request-response patterns */
+    defaultTimeout?: number;
+    /** Callback when agent comes online */
+    onAgentOnline?: (agentId: string) => void;
+    /** Callback when agent goes offline */
+    onAgentOffline?: (agentId: string) => void;
+}
+/** Agent network instance */
+interface AgentNetwork {
+    /** Register an agent */
+    register(id: string, info: Omit<AgentInfo, "id" | "lastSeen" | "status">): void;
+    /** Unregister an agent */
+    unregister(id: string): void;
+    /** Get agent info */
+    getAgent(id: string): AgentInfo | undefined;
+    /** Get all agents */
+    getAgents(): AgentInfo[];
+    /** Find agents by capability */
+    findByCapability(capability: string): AgentInfo[];
+    /** Send a message */
+    send(from: string, to: string | string[], message: Partial<TypedAgentMessage>): string;
+    /** Send a request and wait for response */
+    request(from: string, to: string, action: string, payload: Record<string, unknown>, timeout?: number): Promise<ResponseMessage>;
+    /** Delegate a task */
+    delegate(from: string, to: string, task: string, context: Record<string, unknown>): Promise<DelegationResultMessage>;
+    /** Query an agent */
+    query(from: string, to: string, question: string, context?: Record<string, unknown>): Promise<ResponseMessage>;
+    /** Broadcast to all agents */
+    broadcast(from: string, message: Partial<TypedAgentMessage>): string;
+    /** Subscribe an agent to messages */
+    listen(agentId: string, handler: MessageHandler, filter?: MessageFilter): Subscription;
+    /** Get the message bus */
+    getBus(): MessageBus;
+    /** Dispose of the network, clearing pending waiters and timers */
+    dispose(): void;
+}
+/**
+ * Create an agent network for coordinated communication.
+ *
+ * @example
+ * ```typescript
+ * const network = createAgentNetwork({
+ *   bus: createMessageBus(),
+ *   agents: {
+ *     researcher: { capabilities: ['search', 'summarize'] },
+ *     writer: { capabilities: ['draft', 'edit'] },
+ *     reviewer: { capabilities: ['review', 'approve'] },
+ *   },
+ * });
+ *
+ * // Delegate a task
+ * const result = await network.delegate(
+ *   'researcher',
+ *   'writer',
+ *   'Write an article about AI safety',
+ *   { research: findingsData }
+ * );
+ *
+ * // Query for information
+ * const answer = await network.query(
+ *   'writer',
+ *   'reviewer',
+ *   'Is this paragraph technically accurate?',
+ *   { text: '...' }
+ * );
+ * ```
+ */
+declare function createAgentNetwork(config: AgentNetworkConfig): AgentNetwork;
+/**
+ * Create a request-response helper for handling incoming requests.
+ *
+ * @example
+ * ```typescript
+ * const responder = createResponder(network, 'writer');
+ *
+ * responder.onRequest('draft', async (payload) => {
+ *   const draft = await generateDraft(payload.topic);
+ *   return { success: true, result: draft };
+ * });
+ * ```
+ */
+declare function createResponder(network: AgentNetwork, agentId: string): {
+    onRequest(action: string, handler: (payload: Record<string, unknown>) => Promise<{
+        success: boolean;
+        result?: unknown;
+        error?: string;
+    }>): void;
+    /** Remove a request handler */
+    offRequest(action: string): void;
+    /** Dispose of this responder, unsubscribing from network */
+    dispose(): void;
+};
+/**
+ * Create a task delegator for handling incoming delegations.
+ *
+ * @example
+ * ```typescript
+ * const delegator = createDelegator(network, 'writer');
+ *
+ * delegator.onDelegation(async (task, context) => {
+ *   const result = await executeTask(task, context);
+ *   return {
+ *     success: true,
+ *     result,
+ *     metrics: { durationMs: 1500, tokensUsed: 500 },
+ *   };
+ * });
+ * ```
+ */
+declare function createDelegator(network: AgentNetwork, agentId: string): {
+    onDelegation(handler: (task: string, context: Record<string, unknown>) => Promise<{
+        success: boolean;
+        result?: unknown;
+        error?: string;
+        metrics?: {
+            durationMs: number;
+            tokensUsed?: number;
+            cost?: number;
+        };
+    }>): void;
+    /** Remove the delegation handler */
+    offDelegation(): void;
+    /** Dispose of this delegator, unsubscribing from network */
+    dispose(): void;
+};
+/**
+ * Create a pub/sub helper for topic-based communication.
+ *
+ * @example
+ * ```typescript
+ * const pubsub = createPubSub(network, 'analyst');
+ *
+ * // Subscribe to topics
+ * pubsub.subscribe(['market-updates', 'alerts'], (topic, content) => {
+ *   console.log(`Received ${topic}:`, content);
+ * });
+ *
+ * // Publish to topics
+ * pubsub.publish('market-updates', { price: 100, change: 5 });
+ * ```
+ */
+declare function createPubSub(network: AgentNetwork, agentId: string): {
+    subscribe(topics: string[], handler: (topic: string, content: unknown) => void): () => void;
+    publish(topic: string, content: unknown): void;
+    /** Dispose of this pub/sub, unsubscribing from network and clearing handlers */
+    dispose(): void;
+};
+
+/**
+ * Enhanced PII Detection Guardrail
+ *
+ * Provides comprehensive PII detection beyond basic regex patterns:
+ * - Multiple PII types (SSN, credit cards, emails, phones, addresses, names)
+ * - Pluggable detection backends (regex, custom, or external services)
+ * - Context-aware detection (reduces false positives)
+ * - Redaction with reversible or irreversible options
+ *
+ * @example
+ * ```typescript
+ * import { createEnhancedPIIGuardrail } from '@directive-run/ai';
+ *
+ * const guardrail = createEnhancedPIIGuardrail({
+ *   types: ['ssn', 'credit_card', 'email'],
+ *   redact: true,
+ *   detector: 'regex', // or 'custom' with custom detector
+ * });
+ * ```
+ */
+
+/** Supported PII types */
+type PIIType = "ssn" | "credit_card" | "email" | "phone" | "address" | "name" | "date_of_birth" | "passport" | "driver_license" | "ip_address" | "bank_account" | "medical_id" | "national_id";
+/** Detected PII instance */
+interface DetectedPII {
+    type: PIIType;
+    value: string;
+    position: {
+        start: number;
+        end: number;
+    };
+    confidence: number;
+    context?: string;
+}
+/** PII detection result */
+interface PIIDetectionResult {
+    detected: boolean;
+    items: DetectedPII[];
+    typeCounts: Partial<Record<PIIType, number>>;
+    /** Text with PII redacted (if requested) */
+    redactedText?: string;
+}
+/** Custom PII detector interface */
+interface PIIDetector {
+    detect(text: string, types: PIIType[]): Promise<DetectedPII[]>;
+    name: string;
+}
+/** Redaction style */
+type RedactionStyle = 
+/** Replace with [REDACTED] */
+"placeholder"
+/** Replace with type-specific placeholder like [EMAIL] */
+ | "typed"
+/** Replace with asterisks preserving length */
+ | "masked"
+/** Replace with hash for reversible redaction */
+ | "hashed";
+/** Redact detected PII from text */
+declare function redactPII(text: string, items: DetectedPII[], style?: RedactionStyle): string;
+/** Options for enhanced PII guardrail */
+interface EnhancedPIIGuardrailOptions {
+    /** PII types to detect (default: all) */
+    types?: PIIType[];
+    /** Detection backend (default: 'regex') */
+    detector?: "regex" | PIIDetector;
+    /** Redact instead of blocking */
+    redact?: boolean;
+    /** Redaction style (default: 'typed') */
+    redactionStyle?: RedactionStyle;
+    /** Minimum confidence to flag (0-1, default: 0.7) */
+    minConfidence?: number;
+    /** Callback when PII is detected */
+    onDetected?: (items: DetectedPII[]) => void;
+    /** Allow specific values (whitelist) */
+    allowlist?: string[];
+    /** Block only if count exceeds threshold */
+    minItemsToBlock?: number;
+    /** Timeout for custom detector in milliseconds (default: 5000) */
+    detectorTimeout?: number;
+}
+/**
+ * Create an enhanced PII detection guardrail.
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * const guardrail = createEnhancedPIIGuardrail();
+ *
+ * // Redact instead of blocking
+ * const redactGuardrail = createEnhancedPIIGuardrail({
+ *   redact: true,
+ *   redactionStyle: 'masked',
+ * });
+ *
+ * // Custom detection with external service
+ * const customGuardrail = createEnhancedPIIGuardrail({
+ *   detector: myPresidioDetector,
+ *   types: ['ssn', 'credit_card', 'medical_id'],
+ * });
+ * ```
+ */
+declare function createEnhancedPIIGuardrail(options?: EnhancedPIIGuardrailOptions): GuardrailFn<InputGuardrailData>;
+/**
+ * Create an output PII guardrail (for checking agent responses).
+ *
+ * @example
+ * ```typescript
+ * const outputGuardrail = createOutputPIIGuardrail({
+ *   types: ['ssn', 'credit_card'],
+ *   redact: true,
+ * });
+ * ```
+ */
+declare function createOutputPIIGuardrail(options?: EnhancedPIIGuardrailOptions): GuardrailFn<OutputGuardrailData>;
+/**
+ * Detect PII in text without using as a guardrail.
+ * Useful for analysis and logging.
+ *
+ * @example
+ * ```typescript
+ * const result = await detectPII('My SSN is 123-45-6789');
+ * console.log(result.items); // [{ type: 'ssn', value: '123-45-6789', ... }]
+ *
+ * // With custom detector and timeout
+ * const result = await detectPII(text, {
+ *   detector: myPresidioDetector,
+ *   timeout: 10000, // 10 seconds
+ * });
+ * ```
+ */
+declare function detectPII(text: string, options?: {
+    types?: PIIType[];
+    detector?: "regex" | PIIDetector;
+    minConfidence?: number;
+    /** Timeout for custom detectors in milliseconds (default: 5000) */
+    timeout?: number;
+}): Promise<PIIDetectionResult>;
+
+/**
+ * Audit Plugin - Immutable Audit Trail with Hash Chain
+ *
+ * Provides enterprise-grade audit logging with:
+ * - Cryptographic hash chain for tamper detection
+ * - Bounded storage with FIFO eviction
+ * - PII masking with configurable redaction
+ * - Optional signing for non-repudiation
+ * - Async export to external systems
+ *
+ * @example
+ * ```typescript
+ * import { createAuditTrail } from '@directive-run/ai';
+ *
+ * const audit = createAuditTrail({
+ *   maxEntries: 10000,
+ *   retentionMs: 7 * 24 * 60 * 60 * 1000, // 7 days
+ *   piiMasking: {
+ *     enabled: true,
+ *     types: ['ssn', 'credit_card', 'email'],
+ *     redactionStyle: 'typed',
+ *   },
+ *   exporter: async (entries) => {
+ *     await sendToSIEM(entries);
+ *   },
+ * });
+ *
+ * const system = createSystem({
+ *   module: myModule,
+ *   plugins: [audit.createPlugin()],
+ * });
+ * ```
+ */
+
+/** Audit event types - 17 total covering all system operations */
+type AuditEventType = "agent.run.start" | "agent.run.complete" | "agent.run.error" | "tool.call.start" | "tool.call.complete" | "tool.call.error" | "approval.requested" | "approval.granted" | "approval.denied" | "requirement.created" | "requirement.met" | "resolver.start" | "resolver.complete" | "resolver.error" | "fact.set" | "fact.batch" | "error.occurred" | "error.recovery";
+/** Single audit entry with hash chain linking */
+interface AuditEntry {
+    /** Unique identifier for this entry */
+    id: string;
+    /** Unix timestamp in milliseconds */
+    timestamp: number;
+    /** Type of event */
+    eventType: AuditEventType;
+    /** SHA-256 hash of previous entry (empty string for genesis) */
+    previousHash: string;
+    /** SHA-256 hash of this entry's content */
+    hash: string;
+    /** Event payload data */
+    payload: Record<string, unknown>;
+    /** PII-redacted version of payload (if masking enabled) */
+    maskedPayload?: Record<string, unknown>;
+    /** Actor identifier (user, agent, or system) */
+    actorId?: string;
+    /** Session identifier for correlation */
+    sessionId?: string;
+    /** Cryptographic signature (if signing enabled) */
+    signature?: string;
+}
+/** Filter options for querying audit entries */
+interface AuditEntryFilter {
+    /** Filter by event types */
+    eventTypes?: AuditEventType[];
+    /** Filter by actor ID */
+    actorId?: string;
+    /** Filter by session ID */
+    sessionId?: string;
+    /** Start of time range */
+    since?: number;
+    /** End of time range */
+    until?: number;
+    /** Maximum entries to return */
+    limit?: number;
+    /** Offset for pagination */
+    offset?: number;
+}
+/** Result of chain verification */
+interface AuditVerificationResult {
+    /** Whether the chain is valid */
+    valid: boolean;
+    /** Number of entries verified */
+    entriesVerified: number;
+    /** First broken link (if any) */
+    brokenAt?: {
+        index: number;
+        entryId: string;
+        expectedHash: string;
+        actualHash: string;
+    };
+    /** Verification timestamp */
+    verifiedAt: number;
+}
+/** Audit statistics */
+interface AuditStats {
+    /** Total entries in trail */
+    totalEntries: number;
+    /** Entries by event type */
+    byEventType: Partial<Record<AuditEventType, number>>;
+    /** Oldest entry timestamp */
+    oldestEntry?: number;
+    /** Newest entry timestamp */
+    newestEntry?: number;
+    /** Number of entries pruned */
+    entriesPruned: number;
+    /** Number of entries exported */
+    entriesExported: number;
+    /** Chain integrity (true if verified valid) */
+    chainIntegrity: boolean;
+}
+/** PII masking configuration */
+interface PIIMaskingConfig {
+    /** Enable PII masking */
+    enabled: boolean;
+    /** PII types to detect and mask */
+    types: PIIType[];
+    /** Redaction style */
+    redactionStyle: RedactionStyle;
+    /** Custom allowlist (values to skip) */
+    allowlist?: string[];
+    /** Minimum confidence threshold */
+    minConfidence?: number;
+}
+/** Signing configuration for non-repudiation */
+interface SigningConfig {
+    /** Function to sign a hash value */
+    signFn: (hash: string) => Promise<string>;
+    /** Function to verify a signature */
+    verifyFn?: (hash: string, signature: string) => Promise<boolean>;
+}
+/** Audit plugin configuration */
+interface AuditPluginConfig {
+    /** Maximum entries to retain (default: 10000) */
+    maxEntries?: number;
+    /** Retention period in milliseconds (default: 7 days) */
+    retentionMs?: number;
+    /** Export interval in milliseconds (default: 60000) */
+    exportInterval?: number;
+    /** Async exporter function */
+    exporter?: (entries: AuditEntry[]) => Promise<void>;
+    /** PII masking configuration */
+    piiMasking?: PIIMaskingConfig;
+    /** Signing configuration for non-repudiation */
+    signing?: SigningConfig;
+    /** Session ID for all entries */
+    sessionId?: string;
+    /** Actor ID for all entries */
+    actorId?: string;
+    /** Event callbacks */
+    events?: {
+        onEntryAdded?: (entry: AuditEntry) => void;
+        onChainBroken?: (result: AuditVerificationResult) => void;
+        onExportError?: (error: Error, entries: AuditEntry[]) => void;
+    };
+}
+/** Audit trail instance */
+interface AuditInstance {
+    /** Get entries with optional filtering */
+    getEntries(filter?: AuditEntryFilter): AuditEntry[];
+    /** Verify the integrity of the hash chain */
+    verifyChain(): Promise<AuditVerificationResult>;
+    /** Export entries since timestamp */
+    export(since?: number): Promise<AuditEntry[]>;
+    /** Prune old entries based on retention policy */
+    prune(): number;
+    /** Get audit statistics */
+    getStats(): AuditStats;
+    /** Dispose of the instance (clears timers, flushes exports) */
+    dispose(): Promise<void>;
+    /** Create a plugin for a directive system */
+    createPlugin<M extends ModuleSchema>(): Plugin<M>;
+    /** Add a custom audit entry */
+    addEntry(eventType: AuditEventType, payload: Record<string, unknown>): Promise<AuditEntry>;
+}
+/**
+ * Create an audit trail instance for enterprise-grade audit logging.
+ *
+ * Features:
+ * - Immutable hash chain for tamper detection
+ * - Bounded storage with automatic FIFO eviction
+ * - PII masking with configurable redaction styles
+ * - Optional cryptographic signing for non-repudiation
+ * - Async export to external SIEM/logging systems
+ *
+ * @example
+ * ```typescript
+ * const audit = createAuditTrail({
+ *   maxEntries: 10000,
+ *   piiMasking: {
+ *     enabled: true,
+ *     types: ['ssn', 'credit_card'],
+ *     redactionStyle: 'typed',
+ *   },
+ *   exporter: async (entries) => {
+ *     await fetch('/api/audit', {
+ *       method: 'POST',
+ *       body: JSON.stringify(entries),
+ *     });
+ *   },
+ * });
+ *
+ * // Use with directive system
+ * const system = createSystem({
+ *   module: myModule,
+ *   plugins: [audit.createPlugin()],
+ * });
+ *
+ * // Query audit entries
+ * const recentErrors = audit.getEntries({
+ *   eventTypes: ['error.occurred', 'error.recovery'],
+ *   since: Date.now() - 3600000, // Last hour
+ * });
+ *
+ * // Verify chain integrity
+ * const verification = await audit.verifyChain();
+ * if (!verification.valid) {
+ *   console.error('Audit chain tampered!', verification.brokenAt);
+ * }
+ * ```
+ */
+declare function createAuditTrail(config?: AuditPluginConfig): AuditInstance;
+/**
+ * Create audit event handlers for agent orchestrator integration.
+ * Use this to audit agent operations when using the agent orchestrator.
+ *
+ * @example
+ * ```typescript
+ * const audit = createAuditTrail({ ... });
+ * const handlers = createAgentAuditHandlers(audit);
+ *
+ * // Use in orchestrator callbacks
+ * orchestrator.run(agent, input, {
+ *   onStart: handlers.onAgentStart,
+ *   onComplete: handlers.onAgentComplete,
+ *   // ...
+ * });
+ * ```
+ */
+declare function createAgentAuditHandlers(audit: AuditInstance): {
+    onAgentStart: (agentName: string, input: string) => void;
+    onAgentComplete: (agentName: string, output: unknown, tokens: number, cost: number) => void;
+    onAgentError: (agentName: string, error: Error) => void;
+    onToolStart: (toolName: string, toolCallId: string, args: unknown) => void;
+    onToolComplete: (toolName: string, toolCallId: string, result: unknown) => void;
+    onToolError: (toolName: string, toolCallId: string, error: Error) => void;
+    onApprovalRequested: (toolName: string, toolCallId: string, args: unknown) => void;
+    onApprovalGranted: (toolName: string, toolCallId: string) => void;
+    onApprovalDenied: (toolName: string, toolCallId: string, reason?: string) => void;
+};
+
+/**
+ * Prompt Injection Detection Guardrail
+ *
+ * Detects and blocks prompt injection attacks including:
+ * - Direct injection attempts ("ignore previous instructions")
+ * - Jailbreak patterns ("DAN mode", "pretend you can")
+ * - Indirect injection via external content
+ * - Encoding-based evasion attempts
+ *
+ * @example
+ * ```typescript
+ * import { createPromptInjectionGuardrail } from '@directive-run/ai';
+ *
+ * const guardrail = createPromptInjectionGuardrail({
+ *   strictMode: true,
+ *   onBlocked: (input, patterns) => logSecurityEvent(input, patterns),
+ * });
+ * ```
+ */
+
+/** Pattern with metadata for better debugging */
+interface InjectionPattern {
+    pattern: RegExp;
+    name: string;
+    severity: "low" | "medium" | "high" | "critical";
+    category: InjectionCategory;
+}
+/** Categories of injection attacks */
+type InjectionCategory = "instruction_override" | "jailbreak" | "role_manipulation" | "encoding_evasion" | "delimiter_injection" | "context_manipulation" | "indirect_injection";
+/** Default injection patterns - well-tested and low false-positive rate */
+declare const DEFAULT_INJECTION_PATTERNS: InjectionPattern[];
+/** Strict patterns - more aggressive, may have higher false positives */
+declare const STRICT_INJECTION_PATTERNS: InjectionPattern[];
+/** Detailed detection result */
+interface InjectionDetectionResult {
+    detected: boolean;
+    patterns: Array<{
+        name: string;
+        category: InjectionCategory;
+        severity: InjectionPattern["severity"];
+        match: string;
+        position: number;
+    }>;
+    riskScore: number;
+    sanitizedInput?: string;
+}
+/**
+ * Detect prompt injection patterns in text.
+ * Returns detailed results about what was detected.
+ *
+ * @throws Error if input exceeds MAX_INJECTION_INPUT_LENGTH (100KB)
+ */
+declare function detectPromptInjection(text: string, patterns?: InjectionPattern[]): InjectionDetectionResult;
+/**
+ * Sanitize text by removing detected injection patterns.
+ * Warning: This is a best-effort sanitization, not a security guarantee.
+ *
+ * Uses a single-pass approach to prevent infinite loops where a replacement
+ * could create a new pattern match.
+ */
+declare function sanitizeInjection(text: string, patterns?: InjectionPattern[]): string;
+/** Options for prompt injection guardrail */
+interface PromptInjectionGuardrailOptions {
+    /** Additional patterns to check (added to defaults) */
+    additionalPatterns?: InjectionPattern[];
+    /** Replace default patterns entirely */
+    replacePatterns?: InjectionPattern[];
+    /** Use strict mode with more aggressive detection */
+    strictMode?: boolean;
+    /** Minimum risk score to block (0-100, default: 50) */
+    blockThreshold?: number;
+    /** Attempt to sanitize instead of blocking */
+    sanitize?: boolean;
+    /** Callback when injection is detected */
+    onBlocked?: (input: string, result: InjectionDetectionResult) => void;
+    /** Categories to ignore (e.g., allow 'role_manipulation' for roleplay apps) */
+    ignoreCategories?: InjectionCategory[];
+}
+/**
+ * Create a prompt injection detection guardrail.
+ *
+ * @example
+ * ```typescript
+ * // Basic usage
+ * const guardrail = createPromptInjectionGuardrail();
+ *
+ * // Strict mode for high-security applications
+ * const strictGuardrail = createPromptInjectionGuardrail({
+ *   strictMode: true,
+ *   blockThreshold: 25,
+ * });
+ *
+ * // Allow role manipulation for roleplay apps
+ * const roleplayGuardrail = createPromptInjectionGuardrail({
+ *   ignoreCategories: ['role_manipulation'],
+ * });
+ * ```
+ */
+declare function createPromptInjectionGuardrail(options?: PromptInjectionGuardrailOptions): GuardrailFn<InputGuardrailData>;
+/**
+ * Mark content as potentially untrusted (from external sources).
+ * This wraps the content with markers that injection detection will scrutinize more closely.
+ *
+ * @example
+ * ```typescript
+ * const userUpload = await readFile(path);
+ * const markedContent = markUntrustedContent(userUpload, 'user-upload');
+ * const prompt = `Summarize this document: ${markedContent}`;
+ * ```
+ */
+declare function markUntrustedContent(content: string, source: string): string;
+/**
+ * Create a guardrail that applies stricter checks to marked untrusted content.
+ *
+ * @example
+ * ```typescript
+ * const guardrail = createUntrustedContentGuardrail({
+ *   baseGuardrail: createPromptInjectionGuardrail({ strictMode: true }),
+ * });
+ * ```
+ */
+declare function createUntrustedContentGuardrail(options: {
+    /** Guardrail to apply to untrusted sections */
+    baseGuardrail?: GuardrailFn<InputGuardrailData>;
+    /** Block if untrusted content contains these patterns */
+    additionalPatterns?: InjectionPattern[];
+}): GuardrailFn<InputGuardrailData>;
+
+/**
+ * Compliance Plugin - GDPR/CCPA Data Subject Rights
+ *
+ * Provides enterprise-grade compliance features:
+ * - Data Export (DSR) - Export all data for a subject
+ * - Data Deletion - Soft/hard delete with certificates
+ * - Consent Tracking - Track and enforce consent
+ * - Retention Policies - Automatic data retention enforcement
+ *
+ * @example
+ * ```typescript
+ * import { createCompliance } from '@directive-run/ai';
+ *
+ * const compliance = createCompliance({
+ *   storage: myStorageAdapter,
+ *   retention: {
+ *     defaultRetentionMs: 365 * 24 * 60 * 60 * 1000, // 1 year
+ *     categoryRetention: {
+ *       audit: 7 * 365 * 24 * 60 * 60 * 1000, // 7 years for audit
+ *       sessions: 30 * 24 * 60 * 60 * 1000, // 30 days for sessions
+ *     },
+ *   },
+ * });
+ *
+ * // Handle data subject request
+ * const exportResult = await compliance.exportData({
+ *   subjectId: 'user-123',
+ *   format: 'json',
+ *   includeAudit: true,
+ * });
+ *
+ * // Delete user data
+ * const deleteResult = await compliance.deleteData({
+ *   subjectId: 'user-123',
+ *   scope: 'all',
+ * });
+ * ```
+ */
+
+/** Data export request (GDPR Article 20) */
+interface DataExportRequest {
+    /** Subject identifier (user ID) */
+    subjectId: string;
+    /** Export format */
+    format: "json" | "csv";
+    /** Include audit trail entries */
+    includeAudit?: boolean;
+    /** Include derived data */
+    includeDerived?: boolean;
+    /** Specific data categories to export */
+    categories?: string[];
+    /** Request metadata */
+    metadata?: Record<string, unknown>;
+}
+/** Result of data export */
+interface DataExportResult {
+    /** Whether export was successful */
+    success: boolean;
+    /** Subject identifier */
+    subjectId: string;
+    /** Export format used */
+    format: "json" | "csv";
+    /** Exported data */
+    data: string;
+    /** Data categories included */
+    categories: string[];
+    /** Number of records exported */
+    recordCount: number;
+    /** SHA-256 checksum of exported data */
+    checksum: string;
+    /** Export timestamp */
+    exportedAt: number;
+    /** Expiration timestamp for download link (if applicable) */
+    expiresAt?: number;
+    /** Error message if failed */
+    error?: string;
+}
+/** Data deletion scope */
+type DeletionScope = "all" | "facts" | "audit" | "specific";
+/** Data deletion request (GDPR Article 17) */
+interface DataDeletionRequest {
+    /** Subject identifier (user ID) */
+    subjectId: string;
+    /** Scope of deletion */
+    scope: DeletionScope;
+    /** Anonymize instead of delete (retain structure, remove PII) */
+    anonymize?: boolean;
+    /** Specific data categories to delete (when scope is 'specific') */
+    categories?: string[];
+    /** Reason for deletion */
+    reason?: string;
+    /** Request metadata */
+    metadata?: Record<string, unknown>;
+}
+/** Result of data deletion */
+interface DataDeletionResult {
+    /** Whether deletion was successful */
+    success: boolean;
+    /** Subject identifier */
+    subjectId: string;
+    /** Scope of deletion performed */
+    scope: DeletionScope;
+    /** Whether data was anonymized vs deleted */
+    anonymized: boolean;
+    /** Number of records deleted/anonymized */
+    recordsAffected: number;
+    /** Data categories affected */
+    categoriesAffected: string[];
+    /** Deletion certificate (for compliance records) */
+    certificate: DeletionCertificate;
+    /** Deletion timestamp */
+    deletedAt: number;
+    /** Error message if failed */
+    error?: string;
+}
+/** Deletion certificate for compliance records */
+interface DeletionCertificate {
+    /** Certificate ID */
+    id: string;
+    /** Subject identifier */
+    subjectId: string;
+    /** Type of deletion */
+    type: "soft" | "hard" | "anonymization";
+    /** Scope of deletion */
+    scope: DeletionScope;
+    /** Categories deleted */
+    categories: string[];
+    /** Record count */
+    recordCount: number;
+    /** Deletion timestamp */
+    deletedAt: number;
+    /** Reason for deletion */
+    reason?: string;
+    /** SHA-256 hash of certificate content */
+    hash: string;
+}
+/** Consent record for a subject */
+interface ConsentRecord {
+    /** Subject identifier */
+    subjectId: string;
+    /** Consent purpose (e.g., 'marketing', 'analytics', 'personalization') */
+    purpose: string;
+    /** Whether consent is granted */
+    granted: boolean;
+    /** When consent was granted (if granted) */
+    grantedAt?: number;
+    /** When consent expires (if applicable) */
+    expiresAt?: number;
+    /** When consent was revoked (if revoked) */
+    revokedAt?: number;
+    /** Source of consent (e.g., 'signup_form', 'settings_page') */
+    source?: string;
+    /** Consent version/hash (for tracking which T&C version was accepted) */
+    version?: string;
+}
+/** Consent tracker interface */
+interface ConsentTracker {
+    /** Record consent grant */
+    grant(subjectId: string, purpose: string, options?: {
+        expiresAt?: number;
+        source?: string;
+        version?: string;
+    }): Promise<ConsentRecord>;
+    /** Revoke consent */
+    revoke(subjectId: string, purpose: string): Promise<ConsentRecord | null>;
+    /** Check if consent is granted */
+    check(subjectId: string, purpose: string): Promise<boolean>;
+    /** Get all consents for a subject */
+    getForSubject(subjectId: string): Promise<ConsentRecord[]>;
+    /** Get all subjects with consent for a purpose */
+    getForPurpose(purpose: string): Promise<ConsentRecord[]>;
+}
+/** Retention policy */
+interface RetentionPolicy {
+    /** Policy name */
+    name: string;
+    /** Default retention period in milliseconds */
+    defaultRetentionMs: number;
+    /** Category-specific retention periods */
+    categoryRetention?: Record<string, number>;
+    /** Callback before data is deleted */
+    onBeforeDelete?: (data: {
+        category: string;
+        count: number;
+    }) => Promise<void>;
+    /** Callback after data is deleted */
+    onAfterDelete?: (data: {
+        category: string;
+        count: number;
+    }) => void;
+}
+/** Storage adapter for compliance data */
+interface ComplianceStorage {
+    /** Get all data for a subject */
+    getSubjectData(subjectId: string, categories?: string[]): Promise<{
+        category: string;
+        records: Array<{
+            id: string;
+            data: Record<string, unknown>;
+            createdAt: number;
+        }>;
+    }[]>;
+    /** Delete data for a subject */
+    deleteSubjectData(subjectId: string, categories?: string[]): Promise<number>;
+    /** Anonymize data for a subject */
+    anonymizeSubjectData(subjectId: string, categories?: string[]): Promise<number>;
+    /** Get audit entries for a subject */
+    getAuditEntries?(subjectId: string): Promise<Array<{
+        id: string;
+        timestamp: number;
+        eventType: string;
+        payload: Record<string, unknown>;
+    }>>;
+    /** Get data older than timestamp by category */
+    getExpiredData(category: string, olderThan: number): Promise<Array<{
+        id: string;
+        createdAt: number;
+    }>>;
+    /** Delete records by IDs */
+    deleteByIds(ids: string[]): Promise<number>;
+    /** Store consent record */
+    storeConsent(record: ConsentRecord): Promise<void>;
+    /** Get consent record */
+    getConsent(subjectId: string, purpose: string): Promise<ConsentRecord | null>;
+    /** Get consents by subject */
+    getConsentsBySubject(subjectId: string): Promise<ConsentRecord[]>;
+    /** Get consents by purpose */
+    getConsentsByPurpose(purpose: string): Promise<ConsentRecord[]>;
+    /** Store deletion certificate */
+    storeDeletionCertificate(certificate: DeletionCertificate): Promise<void>;
+}
+/** Compliance configuration */
+interface ComplianceConfig {
+    /** Storage adapter */
+    storage: ComplianceStorage;
+    /** Retention policy */
+    retention?: RetentionPolicy;
+    /** Consent purposes to track */
+    consentPurposes?: string[];
+    /** Export link expiration (default: 24 hours) */
+    exportExpirationMs?: number;
+    /** Audit all compliance operations */
+    auditOperations?: boolean;
+    /** Event callbacks */
+    events?: {
+        onExport?: (result: DataExportResult) => void;
+        onDelete?: (result: DataDeletionResult) => void;
+        onConsentChange?: (record: ConsentRecord) => void;
+        onRetentionEnforced?: (category: string, count: number) => void;
+    };
+}
+/** Compliance instance */
+interface ComplianceInstance {
+    /** Export data for a subject (GDPR Article 20) */
+    exportData(request: DataExportRequest): Promise<DataExportResult>;
+    /** Delete data for a subject (GDPR Article 17) */
+    deleteData(request: DataDeletionRequest): Promise<DataDeletionResult>;
+    /** Consent tracker */
+    consent: ConsentTracker;
+    /** Enforce retention policy */
+    enforceRetention(): Promise<number>;
+    /** Create a guardrail that checks consent before processing */
+    createConsentGuardrail(purpose: string): GuardrailFn<InputGuardrailData>;
+    /** Get deletion certificate by ID */
+    getDeletionCertificate(subjectId: string): Promise<DeletionCertificate | null>;
+}
+/** Create an in-memory compliance storage adapter */
+declare function createInMemoryComplianceStorage(): ComplianceStorage;
+/**
+ * Create a compliance instance for GDPR/CCPA data subject rights.
+ *
+ * Features:
+ * - Data Export (GDPR Article 20) - Portable data export
+ * - Data Deletion (GDPR Article 17) - Right to erasure
+ * - Consent Tracking - Track and verify consent
+ * - Retention Policies - Automatic data retention
+ *
+ * @example
+ * ```typescript
+ * const compliance = createCompliance({
+ *   storage: myStorageAdapter,
+ *   retention: {
+ *     name: 'default',
+ *     defaultRetentionMs: 365 * 24 * 60 * 60 * 1000, // 1 year
+ *     categoryRetention: {
+ *       audit: 7 * 365 * 24 * 60 * 60 * 1000, // 7 years
+ *     },
+ *   },
+ *   consentPurposes: ['marketing', 'analytics', 'personalization'],
+ * });
+ *
+ * // Export user data
+ * const exportResult = await compliance.exportData({
+ *   subjectId: 'user-123',
+ *   format: 'json',
+ * });
+ *
+ * // Check consent
+ * const hasConsent = await compliance.consent.check('user-123', 'marketing');
+ * ```
+ */
+declare function createCompliance(config: ComplianceConfig): ComplianceInstance;
+
+/**
+ * Semantic Caching Guardrail
+ *
+ * Caches agent responses based on semantic similarity to reduce redundant LLM calls.
+ * Uses vector embeddings to find semantically similar previous queries.
+ *
+ * @example
+ * ```typescript
+ * import { createSemanticCacheGuardrail } from '@directive-run/ai';
+ *
+ * const cacheGuardrail = createSemanticCacheGuardrail({
+ *   embedder: async (text) => {
+ *     // Use your embedding model (OpenAI, local model, etc.)
+ *     return await getEmbedding(text);
+ *   },
+ *   similarityThreshold: 0.95,
+ *   maxCacheSize: 1000,
+ *   ttlMs: 3600000, // 1 hour
+ * });
+ *
+ * const orchestrator = createAgentOrchestrator({
+ *   guardrails: {
+ *     input: [cacheGuardrail],
+ *   },
+ *   runner: run,
+ * });
+ * ```
+ */
+/** Vector embedding (array of numbers) */
+type Embedding = number[];
+/** Function to generate embeddings for text */
+type EmbedderFn = (text: string) => Promise<Embedding>;
+/** Cached response entry */
+interface CacheEntry {
+    id: string;
+    query: string;
+    queryEmbedding: Embedding;
+    response: string;
+    metadata: Record<string, unknown>;
+    createdAt: number;
+    accessedAt: number;
+    accessCount: number;
+    agentName?: string;
+}
+/** Cache lookup result */
+interface CacheLookupResult {
+    hit: boolean;
+    entry?: CacheEntry;
+    similarity?: number;
+    latencyMs: number;
+}
+/** Semantic cache configuration */
+interface SemanticCacheConfig {
+    /** Function to generate embeddings */
+    embedder: EmbedderFn;
+    /** Similarity threshold (0.0 to 1.0) for cache hits */
+    similarityThreshold?: number;
+    /** Maximum number of entries to cache */
+    maxCacheSize?: number;
+    /** Time-to-live in milliseconds for cache entries */
+    ttlMs?: number;
+    /** Cache namespace for multi-tenant scenarios */
+    namespace?: string;
+    /** Custom storage backend (defaults to in-memory) */
+    storage?: SemanticCacheStorage;
+    /** Callback when cache hit occurs */
+    onHit?: (entry: CacheEntry, similarity: number) => void;
+    /** Callback when cache miss occurs */
+    onMiss?: (query: string) => void;
+    /** Callback when cache lookup encounters an error */
+    onError?: (error: Error) => void;
+    /** Whether to include agent name in cache key */
+    perAgent?: boolean;
+}
+/** Storage interface for cache backends */
+interface SemanticCacheStorage {
+    /** Get all entries for a namespace */
+    getEntries(namespace: string): Promise<CacheEntry[]>;
+    /** Add an entry to the cache */
+    addEntry(namespace: string, entry: CacheEntry): Promise<void>;
+    /** Update an entry (e.g., access count) */
+    updateEntry(namespace: string, id: string, updates: Partial<CacheEntry>): Promise<void>;
+    /** Remove an entry */
+    removeEntry(namespace: string, id: string): Promise<void>;
+    /** Clear all entries in a namespace */
+    clear(namespace: string): Promise<void>;
+}
+/** Semantic cache instance */
+interface SemanticCache {
+    /** Look up a query in the cache */
+    lookup(query: string, agentName?: string): Promise<CacheLookupResult>;
+    /** Store a response in the cache */
+    store(query: string, response: string, agentName?: string, metadata?: Record<string, unknown>): Promise<void>;
+    /** Invalidate cache entries matching a predicate */
+    invalidate(predicate: (entry: CacheEntry) => boolean): Promise<number>;
+    /** Clear all cache entries */
+    clear(): Promise<void>;
+    /** Get cache statistics */
+    getStats(): CacheStats;
+    /** Export cache entries (for persistence) */
+    export(): Promise<CacheEntry[]>;
+    /** Import cache entries (from persistence) */
+    import(entries: CacheEntry[]): Promise<void>;
+}
+/** Cache statistics */
+interface CacheStats {
+    totalEntries: number;
+    totalHits: number;
+    totalMisses: number;
+    hitRate: number;
+    avgSimilarityOnHit: number;
+    oldestEntry: number | null;
+    newestEntry: number | null;
+}
+/**
+ * Create an in-memory cache storage backend.
+ */
+declare function createInMemoryStorage(): SemanticCacheStorage;
+/**
+ * Create a semantic cache instance.
+ *
+ * @example
+ * ```typescript
+ * const cache = createSemanticCache({
+ *   embedder: async (text) => {
+ *     const response = await openai.embeddings.create({
+ *       model: 'text-embedding-3-small',
+ *       input: text,
+ *     });
+ *     return response.data[0].embedding;
+ *   },
+ *   similarityThreshold: 0.92,
+ *   maxCacheSize: 500,
+ *   ttlMs: 3600000, // 1 hour
+ * });
+ *
+ * // Check cache before calling agent
+ * const result = await cache.lookup(userQuery);
+ * if (result.hit) {
+ *   return result.entry!.response;
+ * }
+ *
+ * // Call agent and cache response
+ * const response = await runAgent(userQuery);
+ * await cache.store(userQuery, response);
+ * ```
+ */
+declare function createSemanticCache(config: SemanticCacheConfig): SemanticCache;
+/** Input guardrail data for semantic cache */
+interface SemanticCacheGuardrailData {
+    input: string;
+    agentName?: string;
+}
+/**
+ * Result of semantic cache guardrail.
+ *
+ * **Important semantics:**
+ * - `passed: false` + `cacheHit: true` = Short-circuit with cached response (not an error!)
+ * - `passed: true` + `cacheHit: false` = No cache hit, proceed with agent call
+ *
+ * The `passed: false` follows guardrail convention where "not passing" stops the flow,
+ * but in this case stopping is desirable (returning cached data is good).
+ */
+interface SemanticCacheGuardrailResult {
+    /**
+     * Whether to proceed with the agent call.
+     * `false` means short-circuit with cached response (this is good, not an error).
+     * `true` means no cache hit, proceed with agent.
+     */
+    passed: boolean;
+    /** Indicates whether this was a cache hit */
+    cacheHit: boolean;
+    /** Reason for the result */
+    reason?: string;
+    /** The cached response (only present on cache hit) */
+    cachedResponse?: string;
+    /** Similarity score (0-1) of the cache hit */
+    similarity?: number;
+}
+/**
+ * Create a semantic caching input guardrail.
+ *
+ * **How it works:**
+ * - On cache HIT: Returns `{ passed: false, cacheHit: true, cachedResponse: "..." }`
+ *   The orchestrator should detect `cacheHit: true` and return the cached response.
+ * - On cache MISS: Returns `{ passed: true, cacheHit: false }`
+ *   Proceed with normal agent execution.
+ *
+ * **Important:** `passed: false` with `cacheHit: true` is SUCCESS, not failure.
+ * The guardrail "short-circuits" the flow to return cached data efficiently.
+ *
+ * @example
+ * ```typescript
+ * const cacheGuardrail = createSemanticCacheGuardrail({
+ *   cache: mySemanticCache,
+ * });
+ *
+ * const orchestrator = createAgentOrchestrator({
+ *   guardrails: {
+ *     input: [
+ *       {
+ *         name: 'semantic-cache',
+ *         fn: cacheGuardrail,
+ *       },
+ *     ],
+ *   },
+ *   runner: run,
+ * });
+ *
+ * // In your orchestrator wrapper, check for cache hits:
+ * const guardrailResult = await cacheGuardrail({ input: userQuery });
+ * if (guardrailResult.cacheHit) {
+ *   return guardrailResult.cachedResponse; // Fast path!
+ * }
+ * // Otherwise proceed with agent call...
+ * ```
+ */
+declare function createSemanticCacheGuardrail(config: {
+    cache: SemanticCache;
+}): (data: SemanticCacheGuardrailData) => Promise<SemanticCacheGuardrailResult>;
+/**
+ * Create a simple hash-based "embedder" for testing.
+ * NOT suitable for production - use a real embedding model.
+ */
+declare function createTestEmbedder(dimensions?: number): EmbedderFn;
+/** Batched embedder instance with dispose capability */
+interface BatchedEmbedder {
+    /** Embed a single text (batched internally) */
+    embed: EmbedderFn;
+    /** Flush any pending batch immediately */
+    flush(): Promise<void>;
+    /** Dispose of the embedder, clearing timers and rejecting pending requests */
+    dispose(): void;
+}
+/**
+ * Create a batched embedder that groups multiple texts into single API calls.
+ *
+ * **BREAKING CHANGE:** Previously returned `EmbedderFn` directly. Now returns
+ * a `BatchedEmbedder` object with `embed`, `flush`, and `dispose` methods.
+ *
+ * To migrate: `const embed = createBatchedEmbedder(...)` becomes
+ * `const { embed } = createBatchedEmbedder(...)`.
+ *
+ * @example
+ * ```typescript
+ * const batchedEmbedder = createBatchedEmbedder({
+ *   batchSize: 20,
+ *   embedBatch: async (texts) => {
+ *     const response = await openai.embeddings.create({
+ *       model: 'text-embedding-3-small',
+ *       input: texts,
+ *     });
+ *     return response.data.map(d => d.embedding);
+ *   },
+ *   maxWaitMs: 50,
+ * });
+ *
+ * // Use the embedder
+ * const embedding = await batchedEmbedder.embed("Hello world");
+ *
+ * // Clean up when done
+ * batchedEmbedder.dispose();
+ * ```
+ */
+declare function createBatchedEmbedder(config: {
+    batchSize?: number;
+    embedBatch: (texts: string[]) => Promise<Embedding[]>;
+    maxWaitMs?: number;
+}): BatchedEmbedder;
+
+/**
+ * Approximate Nearest Neighbor (ANN) Index for Semantic Cache
+ *
+ * Provides pluggable vector search backends for efficient similarity lookups.
+ * Includes a brute-force exact search and a VP-tree (Vantage Point Tree) for
+ * fast approximate nearest neighbor queries.
+ *
+ * @example
+ * ```typescript
+ * import { createSemanticCache } from '@directive-run/ai';
+ * import { createVPTreeIndex } from '@directive-run/ai';
+ *
+ * const index = createVPTreeIndex();
+ *
+ * const cache = createSemanticCache({
+ *   embedder: myEmbedder,
+ *   annIndex: index,
+ * });
+ * ```
+ */
+
+/** Search result from an ANN index */
+interface ANNSearchResult {
+    /** ID of the matched item */
+    id: number;
+    /** Similarity score (0-1, higher is more similar) */
+    similarity: number;
+}
+/** ANN Index interface - pluggable vector search backend */
+interface ANNIndex {
+    /** Add a vector to the index */
+    add(id: number, embedding: Embedding): void;
+    /** Remove a vector from the index */
+    remove(id: number): void;
+    /** Search for the k nearest neighbors */
+    search(query: Embedding, k: number, threshold?: number): ANNSearchResult[];
+    /** Rebuild the index (call after batch additions) */
+    rebuild(): void;
+    /** Get the number of indexed vectors */
+    size(): number;
+    /** Clear the index */
+    clear(): void;
+    /** Check if the index needs to be rebuilt (e.g., after additions/removals) */
+    needsRebuild(): boolean;
+}
+/**
+ * Create a brute-force exact search index.
+ *
+ * O(n) search, O(1) add/remove. Best for small collections (< 10,000 vectors).
+ *
+ * @example
+ * ```typescript
+ * const index = createBruteForceIndex();
+ * index.add(0, [0.1, 0.2, 0.3]);
+ * index.add(1, [0.4, 0.5, 0.6]);
+ *
+ * const results = index.search([0.1, 0.2, 0.3], 1);
+ * // [{ id: 0, similarity: 1.0 }]
+ * ```
+ */
+declare function createBruteForceIndex(): ANNIndex;
+/** VP-Tree index configuration */
+interface VPTreeIndexConfig {
+    /** Optional random number generator for deterministic builds. Returns a number in [0, 1). */
+    random?: () => number;
+}
+/**
+ * Create a VP-Tree (Vantage Point Tree) index for efficient approximate nearest neighbor search.
+ *
+ * O(log n) search on average, requires rebuild after batch additions.
+ * Best for medium collections (1,000 - 100,000 vectors).
+ *
+ * @example
+ * ```typescript
+ * const index = createVPTreeIndex();
+ *
+ * // Add vectors
+ * for (let i = 0; i < embeddings.length; i++) {
+ *   index.add(i, embeddings[i]);
+ * }
+ *
+ * // Build the tree
+ * index.rebuild();
+ *
+ * // Search
+ * const results = index.search(queryEmbedding, 5, 0.9);
+ * ```
+ */
+declare function createVPTreeIndex(vpConfig?: VPTreeIndexConfig): ANNIndex;
+
+/**
+ * Streaming Channel for Agent-to-Agent Communication
+ *
+ * Provides AsyncIterable-based streaming for large data transfers between agents.
+ * Supports backpressure, buffering, and graceful termination.
+ *
+ * @example
+ * ```typescript
+ * import { createStreamChannel } from '@directive-run/ai';
+ *
+ * // Producer side
+ * const channel = createStreamChannel<string>({ bufferSize: 100 });
+ *
+ * // Send data
+ * await channel.send('chunk 1');
+ * await channel.send('chunk 2');
+ * channel.end(); // Signal completion
+ *
+ * // Consumer side (async iteration)
+ * for await (const chunk of channel) {
+ *   console.log(chunk);
+ * }
+ * ```
+ */
+/** Stream channel configuration */
+interface StreamChannelConfig {
+    /** Maximum buffer size before backpressure is applied (default: 100) */
+    bufferSize?: number;
+    /** Channel name for debugging */
+    name?: string;
+}
+/** Stream channel state */
+type StreamChannelState = "open" | "closed" | "error";
+/** Stream channel instance */
+interface StreamChannel<T> extends AsyncIterable<T> {
+    /** Send a value to the channel. Resolves when consumed or buffered. */
+    send(value: T): Promise<void>;
+    /** Signal that no more values will be sent */
+    end(): void;
+    /** Signal an error and terminate the stream */
+    error(err: Error): void;
+    /** Get the current state */
+    getState(): StreamChannelState;
+    /** Get the number of buffered items */
+    bufferedCount(): number;
+}
+/** Bidirectional stream between two agents */
+interface BidirectionalStream<TSend, TReceive> {
+    /** Send a value to the remote end */
+    send(value: TSend): Promise<void>;
+    /** Iterate over received values */
+    receive: AsyncIterable<TReceive>;
+    /** Close both directions */
+    close(): void;
+}
+/**
+ * Create a stream channel for async data transfer.
+ *
+ * Implements proper backpressure: `send()` will pause when the buffer is full
+ * and resume when the consumer catches up.
+ *
+ * @example
+ * ```typescript
+ * const channel = createStreamChannel<{ token: string }>();
+ *
+ * // Producer (e.g., LLM streaming response)
+ * (async () => {
+ *   for (const token of tokens) {
+ *     await channel.send({ token });
+ *   }
+ *   channel.end();
+ * })();
+ *
+ * // Consumer (e.g., downstream agent)
+ * for await (const chunk of channel) {
+ *   process.stdout.write(chunk.token);
+ * }
+ * ```
+ */
+declare function createStreamChannel<T>(config?: StreamChannelConfig): StreamChannel<T>;
+/**
+ * Create a bidirectional stream channel for two-way communication between agents.
+ *
+ * @example
+ * ```typescript
+ * const { sideA, sideB } = createBidirectionalStream<string, string>();
+ *
+ * // Agent A sends and receives
+ * await sideA.send('question?');
+ * for await (const reply of sideA.receive) {
+ *   console.log('A got:', reply);
+ * }
+ *
+ * // Agent B receives and responds
+ * for await (const msg of sideB.receive) {
+ *   await sideB.send(`reply to: ${msg}`);
+ * }
+ * ```
+ */
+declare function createBidirectionalStream<TA, TB>(config?: StreamChannelConfig): {
+    sideA: BidirectionalStream<TA, TB>;
+    sideB: BidirectionalStream<TB, TA>;
+};
+/**
+ * Pipe one stream channel through a transform function into another.
+ *
+ * @example
+ * ```typescript
+ * const input = createStreamChannel<string>();
+ * const output = createStreamChannel<number>();
+ *
+ * pipeThrough(input, output, (chunk) => chunk.length);
+ * ```
+ */
+declare function pipeThrough<TIn, TOut>(source: AsyncIterable<TIn>, destination: StreamChannel<TOut>, transform: (value: TIn) => TOut | Promise<TOut>): Promise<void>;
+/**
+ * Merge multiple async iterables into a single stream.
+ * Values are emitted as soon as they arrive from any source.
+ *
+ * Note: The internal buffer is capped at 10,000 items. Values exceeding this
+ * limit are dropped. For high-throughput scenarios, ensure the consumer keeps up
+ * or use bounded `StreamChannel` sources.
+ *
+ * @example
+ * ```typescript
+ * const merged = mergeStreams(channel1, channel2, channel3);
+ * for await (const value of merged) {
+ *   console.log(value);
+ * }
+ * ```
+ */
+declare function mergeStreams<T>(...sources: AsyncIterable<T>[]): AsyncIterable<T>;
+
+/**
+ * P2: Intelligent Retry — HTTP-status-aware retry wrapper for AgentRunner.
+ *
+ * Respects 429 Retry-After headers, uses exponential backoff with jitter for 503,
+ * and never retries client errors (400/401/403/404/422).
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { withRetry, RetryExhaustedError } from '@directive-run/ai';
+ *
+ * const runner = withRetry(baseRunner, {
+ *   maxRetries: 3,
+ *   baseDelayMs: 1000,
+ *   maxDelayMs: 30000,
+ *   onRetry: (attempt, error, delayMs) => {
+ *     console.log(`Retry ${attempt} in ${delayMs}ms: ${error.message}`);
+ *   },
+ * });
+ *
+ * try {
+ *   const result = await runner(agent, input);
+ * } catch (err) {
+ *   if (err instanceof RetryExhaustedError) {
+ *     console.error(`All ${err.retryCount} retries failed:`, err.lastError);
+ *   }
+ * }
+ * ```
+ */
+
+/**
+ * Configuration for the intelligent retry wrapper.
+ *
+ * @example
+ * ```typescript
+ * const config: RetryConfig = {
+ *   maxRetries: 3,
+ *   baseDelayMs: 1000,
+ *   maxDelayMs: 30000,
+ *   isRetryable: (error) => !error.message.includes("invalid API key"),
+ *   onRetry: (attempt, error, delayMs) => {
+ *     console.log(`Retry ${attempt} after ${delayMs}ms: ${error.message}`);
+ *   },
+ * };
+ * ```
+ */
+interface RetryConfig {
+    /** Maximum number of retry attempts (not counting the initial call). @default 3 */
+    maxRetries?: number;
+    /** Base delay in ms for exponential backoff. @default 1000 */
+    baseDelayMs?: number;
+    /** Maximum delay in ms (caps exponential growth). @default 30000 */
+    maxDelayMs?: number;
+    /** Custom predicate — return `false` to skip retry for specific errors. Called after the built-in HTTP status check. */
+    isRetryable?: (error: Error) => boolean;
+    /** Called before each retry wait. Useful for logging or metrics. */
+    onRetry?: (attempt: number, error: Error, delayMs: number) => void;
+}
+/** Error enriched with retry metadata, thrown when all retries are exhausted. */
+declare class RetryExhaustedError extends Error {
+    readonly retryCount: number;
+    readonly lastError: Error;
+    constructor(retryCount: number, lastError: Error);
+}
+/**
+ * Extract HTTP status code from error message or error properties.
+ *
+ * Checks `error.status` / `error.statusCode` properties first, then falls back
+ * to matching common error message patterns like "request failed: 429" or "HTTP 503".
+ */
+declare function parseHttpStatus(error: Error): number | null;
+/**
+ * Extract Retry-After value (in ms) from error message.
+ *
+ * Per HTTP spec, `Retry-After` numeric values are always in seconds.
+ * Returns the value converted to milliseconds.
+ */
+declare function parseRetryAfter(error: Error): number | null;
+/**
+ * Wrap an AgentRunner with intelligent retry logic.
+ *
+ * @example
+ * ```typescript
+ * const runner = withRetry(baseRunner, {
+ *   maxRetries: 3,
+ *   baseDelayMs: 1000,
+ *   onRetry: (attempt, error, delayMs) => {
+ *     console.log(`Retry ${attempt} after ${delayMs}ms: ${error.message}`);
+ *   },
+ * });
+ * ```
+ */
+declare function withRetry(runner: AgentRunner, config?: RetryConfig): AgentRunner;
+
+/**
+ * P0: Provider Fallback Chains — Automatic failover across multiple AgentRunners.
+ *
+ * Tries runners in order, moving to the next on failure.
+ * Composes naturally with {@link withRetry} (each runner can have its own retry policy).
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { withFallback, withRetry, AllProvidersFailedError } from '@directive-run/ai';
+ *
+ * const runner = withFallback([
+ *   withRetry(openaiRunner, { maxRetries: 2 }),
+ *   withRetry(anthropicRunner, { maxRetries: 2 }),
+ *   ollamaRunner,
+ * ], {
+ *   onFallback: (from, to, error) => {
+ *     console.log(`Provider ${from} failed, trying ${to}: ${error.message}`);
+ *   },
+ * });
+ *
+ * try {
+ *   const result = await runner(agent, input);
+ * } catch (err) {
+ *   if (err instanceof AllProvidersFailedError) {
+ *     console.error(`All ${err.errors.length} providers failed`);
+ *   }
+ * }
+ * ```
+ */
+
+interface FallbackConfig {
+    /** Custom predicate to decide whether to fall back on a given error. Default: always fall back. */
+    shouldFallback?: (error: Error) => boolean;
+    /** Called when falling back from one provider to the next. */
+    onFallback?: (fromIndex: number, toIndex: number, error: Error) => void;
+}
+/** Error thrown when all providers in the fallback chain have failed. */
+declare class AllProvidersFailedError extends Error {
+    readonly errors: Error[];
+    constructor(errors: Error[]);
+}
+/**
+ * Wrap multiple AgentRunners into a fallback chain.
+ *
+ * @example
+ * ```typescript
+ * const runner = withFallback([
+ *   withRetry(openaiRunner, { maxRetries: 2 }),
+ *   withRetry(anthropicRunner, { maxRetries: 2 }),
+ *   ollamaRunner,
+ * ], {
+ *   onFallback: (from, to, error) => {
+ *     console.log(`Falling back from provider ${from} to ${to}: ${error.message}`);
+ *   },
+ * });
+ * ```
+ */
+declare function withFallback(runners: AgentRunner[], config?: FallbackConfig): AgentRunner;
+
+/**
+ * P1: Cost Budget Guards — Pre-call estimation + rolling budget windows.
+ *
+ * Prevents runaway LLM costs by estimating costs before each call
+ * and tracking actual costs after each call. Supports per-call limits
+ * and rolling time-window budgets (hourly, daily).
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { withBudget, BudgetExceededError } from '@directive-run/ai';
+ * import type { BudgetRunner } from '@directive-run/ai';
+ *
+ * const pricing = { inputPerMillion: 3, outputPerMillion: 15 };
+ *
+ * const runner = withBudget(baseRunner, {
+ *   maxCostPerCall: 0.10,
+ *   pricing,
+ *   budgets: [
+ *     { window: "hour", maxCost: 5.00, pricing },
+ *     { window: "day", maxCost: 50.00, pricing },
+ *   ],
+ * });
+ *
+ * // Check spending via escape hatch
+ * const spent = (runner as BudgetRunner).getSpent("hour");
+ * if (spent > 4.00) {
+ *   console.warn("Approaching hourly budget limit!");
+ * }
+ * ```
+ */
+
+/**
+ * Token pricing for a specific model or provider.
+ *
+ * @example
+ * ```typescript
+ * // GPT-4o pricing (as of 2024)
+ * const gpt4oPricing: TokenPricing = {
+ *   inputPerMillion: 5,
+ *   outputPerMillion: 15,
+ * };
+ * ```
+ */
+interface TokenPricing {
+    /** Cost per million input tokens (in dollars). */
+    inputPerMillion: number;
+    /** Cost per million output tokens (in dollars). */
+    outputPerMillion: number;
+}
+/**
+ * Rolling budget window configuration.
+ *
+ * Each window tracks cost independently, preventing double-counting
+ * when multiple windows are configured.
+ *
+ * @example
+ * ```typescript
+ * const hourlyBudget: BudgetWindow = {
+ *   window: "hour",
+ *   maxCost: 5.00,
+ *   pricing: { inputPerMillion: 3, outputPerMillion: 15 },
+ * };
+ * ```
+ */
+interface BudgetWindow {
+    /** Time window for the budget. */
+    window: "hour" | "day";
+    /** Maximum cost in dollars for this window. */
+    maxCost: number;
+    /** Token pricing for cost calculation within this window. */
+    pricing: TokenPricing;
+}
+interface BudgetConfig {
+    /** Maximum estimated cost per individual call. */
+    maxCostPerCall?: number;
+    /** Rolling budget windows. */
+    budgets?: BudgetWindow[];
+    /** Pricing used for per-call estimation (when maxCostPerCall is set). */
+    pricing?: TokenPricing;
+    /** Approximate characters per token for input estimation. @default 4 */
+    charsPerToken?: number;
+    /**
+     * Multiplier for estimated output tokens relative to input tokens.
+     * For summarization tasks, use a value less than 1 (e.g., 0.3).
+     * For generation tasks, use a value greater than 1 (e.g., 3.0).
+     * @default 1.0
+     */
+    estimatedOutputMultiplier?: number;
+    /** Called when a budget check fails (before throwing). */
+    onBudgetExceeded?: (details: BudgetExceededDetails) => void;
+}
+interface BudgetExceededDetails {
+    estimated: number;
+    remaining: number;
+    window: "per-call" | "hour" | "day";
+}
+/** Error thrown when a budget limit is exceeded. */
+declare class BudgetExceededError extends Error {
+    readonly estimated: number;
+    readonly remaining: number;
+    readonly window: "per-call" | "hour" | "day";
+    constructor(details: BudgetExceededDetails);
+}
+/**
+ * Wrap an AgentRunner with cost budget guards.
+ *
+ * @example
+ * ```typescript
+ * const runner = withBudget(baseRunner, {
+ *   maxCostPerCall: 0.10,
+ *   pricing: { inputPerMillion: 3, outputPerMillion: 15 },
+ *   budgets: [
+ *     { window: "hour", maxCost: 5.00, pricing: { inputPerMillion: 3, outputPerMillion: 15 } },
+ *     { window: "day", maxCost: 50.00, pricing: { inputPerMillion: 3, outputPerMillion: 15 } },
+ *   ],
+ * });
+ * ```
+ */
+declare function withBudget(runner: AgentRunner, config: BudgetConfig): BudgetRunner;
+/** Helper type for accessing budget runner's getSpent method. */
+type BudgetRunner = AgentRunner & {
+    /** Get cost spent within a rolling window. */
+    getSpent(window: "hour" | "day"): number;
+};
+
+/**
+ * P3: Smart Model Selection — Rule-based model routing for AgentRunner.
+ *
+ * Route simple tasks to cheaper models and complex tasks to expensive ones,
+ * reducing cost without sacrificing quality where it matters.
+ *
+ * Rules are evaluated in order; the first match wins. If no rule matches,
+ * the agent's original model is used unchanged.
+ *
+ * Accepts either a {@link ModelSelectionConfig} object (recommended) or
+ * a bare `ModelRule[]` array for convenience.
+ *
+ * @module
+ *
+ * @example Config object (recommended)
+ * ```typescript
+ * import { withModelSelection, byInputLength, byAgentName, byPattern } from '@directive-run/ai';
+ *
+ * const runner = withModelSelection(baseRunner, {
+ *   rules: [
+ *     byInputLength(200, "gpt-4o-mini"),
+ *     byAgentName("summarizer", "gpt-4o-mini"),
+ *     byPattern(/classify|categorize/i, "gpt-4o-mini"),
+ *   ],
+ *   onModelSelected: (original, selected) => {
+ *     if (original !== selected) console.log(`Routed ${original} → ${selected}`);
+ *   },
+ * });
+ * ```
+ *
+ * @example Shorthand (rules array)
+ * ```typescript
+ * const runner = withModelSelection(baseRunner, [
+ *   byInputLength(200, "gpt-4o-mini"),
+ * ]);
+ * ```
+ */
+
+/** A single model selection rule. First match wins. */
+interface ModelRule {
+    /** Predicate that determines if this rule applies. */
+    match: (agent: AgentLike, input: string) => boolean;
+    /** The model to use when this rule matches. */
+    model: string;
+}
+/** Configuration for model selection. */
+interface ModelSelectionConfig {
+    /** Rules evaluated in order. First match wins. */
+    rules: ModelRule[];
+    /** Called when a model is selected (even if it matches the original). */
+    onModelSelected?: (originalModel: string | undefined, selectedModel: string | undefined) => void;
+}
+/**
+ * Match when input character length is at most `maxLength`.
+ *
+ * @example
+ * ```typescript
+ * byInputLength(500, "gpt-4o-mini") // inputs up to 500 chars use mini
+ * ```
+ */
+declare function byInputLength(maxLength: number, model: string): ModelRule;
+/**
+ * Match by agent name (exact string match).
+ *
+ * @example
+ * ```typescript
+ * byAgentName("classifier", "gpt-4o-mini")
+ * ```
+ */
+declare function byAgentName(name: string, model: string): ModelRule;
+/**
+ * Match by regex pattern on the input text.
+ *
+ * @example
+ * ```typescript
+ * byPattern(/classify|categorize/i, "gpt-4o-mini") // classification prompts use mini
+ * ```
+ */
+declare function byPattern(pattern: RegExp, model: string): ModelRule;
+/**
+ * Wrap an AgentRunner with rule-based model selection.
+ *
+ * Rules are evaluated in order. The first match wins and overrides `agent.model`.
+ * If no rule matches, the agent's original model is used.
+ *
+ * Accepts either a config object or a bare `ModelRule[]` for convenience.
+ *
+ * @example
+ * ```typescript
+ * // Config object (recommended)
+ * const runner = withModelSelection(baseRunner, {
+ *   rules: [
+ *     byInputLength(200, "gpt-4o-mini"),
+ *     byAgentName("summarizer", "gpt-4o-mini"),
+ *     byPattern(/classify|categorize/i, "gpt-4o-mini"),
+ *   ],
+ *   onModelSelected: (original, selected) => {
+ *     console.log(`Model: ${original} → ${selected}`);
+ *   },
+ * });
+ *
+ * // Shorthand (rules array)
+ * const runner = withModelSelection(baseRunner, [
+ *   byInputLength(200, "gpt-4o-mini"),
+ * ]);
+ * ```
+ */
+declare function withModelSelection(runner: AgentRunner, configOrRules: ModelSelectionConfig | ModelRule[]): AgentRunner;
+
+/**
+ * P6: Structured Outputs — Schema validation with auto-retry for LLM responses.
+ *
+ * Turns unreliable text output into typed, validated data. Appends JSON schema
+ * instructions to the system prompt and retries with error feedback on parse failure.
+ *
+ * Works with any Zod-compatible schema (any object with a `safeParse` method).
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { z } from "zod";
+ * import { withStructuredOutput, StructuredOutputError } from '@directive-run/ai';
+ *
+ * const SentimentSchema = z.object({
+ *   sentiment: z.enum(["positive", "negative", "neutral"]),
+ *   confidence: z.number().min(0).max(1),
+ * });
+ *
+ * const runner = withStructuredOutput(baseRunner, {
+ *   schema: SentimentSchema,
+ *   maxRetries: 2,
+ * });
+ *
+ * const result = await runner(agent, "Analyze: I love this product!");
+ * // result.output is typed as { sentiment: string; confidence: number }
+ * ```
+ */
+
+/**
+ * Zod-compatible schema duck type — any object with a `safeParse` method.
+ *
+ * This interface allows structured outputs to work with Zod, Valibot,
+ * or any validation library that implements this pattern.
+ *
+ * @example
+ * ```typescript
+ * import { z } from "zod";
+ *
+ * // Zod schemas implement SafeParseable automatically
+ * const schema = z.object({ name: z.string() });
+ *
+ * // Custom schema
+ * const custom: SafeParseable<{ name: string }> = {
+ *   safeParse(value) {
+ *     if (typeof value === "object" && value && "name" in value) {
+ *       return { success: true, data: value as { name: string } };
+ *     }
+ *     return { success: false, error: { message: "Missing name field" } };
+ *   },
+ * };
+ * ```
+ */
+interface SafeParseable<T = unknown> {
+    safeParse(value: unknown): SafeParseResult<T>;
+    /** Optional: schema description injected into the system prompt. */
+    description?: string;
+}
+interface SafeParseResult<T> {
+    success: boolean;
+    data?: T;
+    error?: {
+        message?: string;
+        issues?: Array<{
+            message: string;
+        }>;
+    };
+}
+interface StructuredOutputConfig<T = unknown> {
+    /** Zod-compatible schema with safeParse. */
+    schema: SafeParseable<T>;
+    /** Max retries on parse/validation failure. @default 2 */
+    maxRetries?: number;
+    /** Custom JSON extractor. Default: finds first `{...}` or `[...]` in output. */
+    extractJson?: (output: string) => unknown;
+    /** Schema description to inject into system prompt. Auto-derived from schema.description if available. */
+    schemaDescription?: string;
+}
+/** Default JSON extractor — finds the first `{...}` or `[...]` in output. */
+declare function extractJsonFromOutput(output: string): unknown;
+/**
+ * Wrap an AgentRunner with structured output parsing and validation.
+ *
+ * @example
+ * ```typescript
+ * import { z } from "zod";
+ *
+ * const SentimentSchema = z.object({
+ *   sentiment: z.enum(["positive", "negative", "neutral"]),
+ *   confidence: z.number().min(0).max(1),
+ * });
+ *
+ * const runner = withStructuredOutput(baseRunner, {
+ *   schema: SentimentSchema,
+ *   maxRetries: 2,
+ * });
+ *
+ * const result = await runner(agent, "Analyze: I love this product!");
+ * // result.output is typed as { sentiment: string; confidence: number }
+ * ```
+ */
+declare function withStructuredOutput<T = unknown>(runner: AgentRunner, config: StructuredOutputConfig<T>): AgentRunner;
+/** Error thrown when structured output parsing fails after all retries. */
+declare class StructuredOutputError extends Error {
+    readonly lastResult: RunResult<unknown> | undefined;
+    constructor(message: string, lastResult?: RunResult<unknown>);
+}
+
+/**
+ * Agent Stack — Composition API for AI Adapters
+ *
+ * One factory that wires orchestrator, memory, circuit breaker, rate limiter,
+ * streaming, multi-agent patterns, semantic cache, observability, OTLP export,
+ * and communication bus with sensible defaults.
+ *
+ * @example Basic usage
+ * ```typescript
+ * import { createAgentStack, parallel } from '@directive-run/ai';
+ *
+ * const stack = createAgentStack({
+ *   runner: myAgentRunner,
+ *   agents: { move: { agent: moveAgent, capabilities: ["move"] } },
+ *   memory: { maxMessages: 30 },
+ *   circuitBreaker: { failureThreshold: 3 },
+ *   cache: { threshold: 0.98, maxSize: 200, ttlMs: 600_000 },
+ *   observability: { serviceName: "my-app" },
+ * });
+ *
+ * const result = await stack.run("move", input);
+ * ```
+ *
+ * @example Streaming
+ * ```typescript
+ * const stack = createAgentStack({
+ *   runner: myAgentRunner,
+ *   streaming: { runner: myStreamingAgentRunner },
+ *   agents: { chat: { agent: chatAgent, capabilities: ["chat"] } },
+ * });
+ *
+ * const tokenStream = stack.stream("chat", "Hello!");
+ * for await (const token of tokenStream) { process.stdout.write(token); }
+ * const finalResult = await tokenStream.result;
+ * ```
+ */
+
+/** Callback-based streaming run function (e.g. for SSE-based LLM APIs) */
+type StreamingCallbackRunner = (agent: AgentLike, input: string, callbacks: {
+    onToken?: (token: string) => void;
+    onToolStart?: (tool: string, id: string, args: string) => void;
+    onToolEnd?: (tool: string, id: string, result: string) => void;
+    onMessage?: (message: Message$1) => void;
+    signal?: AbortSignal;
+}) => Promise<RunResult<unknown>>;
+interface AgentStackConfig {
+    /** Required: base runner for agent execution */
+    runner: AgentRunner;
+    /** Enables stack.stream() when provided */
+    streaming?: {
+        runner: StreamingCallbackRunner;
+    };
+    /** Agent registry — required for multi-agent patterns */
+    agents?: AgentRegistry;
+    /** Named execution patterns (parallel, sequential, supervisor) */
+    patterns?: Record<string, ExecutionPattern>;
+    memory?: {
+        maxMessages?: number;
+        preserveRecentCount?: number;
+    } | AgentMemory;
+    circuitBreaker?: CircuitBreakerConfig | CircuitBreaker;
+    rateLimit?: {
+        maxPerMinute: number;
+    };
+    cache?: {
+        threshold?: number;
+        maxSize?: number;
+        ttlMs?: number;
+        embedder?: EmbedderFn;
+    } | SemanticCache;
+    observability?: {
+        serviceName: string;
+        alerts?: AlertConfig[];
+    } | ObservabilityInstance;
+    otlp?: {
+        endpoint: string;
+        intervalMs?: number;
+        onError?: (err: Error, type: "metrics" | "traces") => void;
+    };
+    /** @deprecated Use `messageBus` instead */
+    bus?: {
+        maxHistory?: number;
+    } | MessageBus;
+    /** Message bus for agent communication */
+    messageBus?: {
+        maxHistory?: number;
+    } | MessageBus;
+    guardrails?: {
+        input?: Array<GuardrailFn<InputGuardrailData> | NamedGuardrail<InputGuardrailData>>;
+        output?: Array<GuardrailFn<OutputGuardrailData> | NamedGuardrail<OutputGuardrailData>>;
+        streaming?: StreamingGuardrail[];
+    };
+    maxTokenBudget?: number;
+    /** Cost per million tokens for cost estimation */
+    costPerMillionTokens?: number;
+    /** @deprecated Use `costPerMillionTokens` */
+    costRatePerMillion?: number;
+    debug?: boolean;
+    constraints?: Record<string, OrchestratorConstraint<Record<string, unknown>>>;
+    resolvers?: Record<string, OrchestratorResolver<Record<string, unknown>, Requirement>>;
+    approvals?: {
+        /** @default true */
+        autoApproveToolCalls?: boolean;
+        onRequest?: (request: ApprovalRequest) => void;
+        /** @default 300_000 */
+        timeoutMs?: number;
+    };
+    retry?: AgentRetryConfig;
+    hooks?: OrchestratorLifecycleHooks;
+    /** P2: Intelligent retry config for the base runner. */
+    intelligentRetry?: RetryConfig;
+    /** P0: Fallback runners (tried in order on failure). */
+    fallback?: {
+        runners: AgentRunner[];
+        config?: FallbackConfig;
+    };
+    /** P1: Cost budget guards. */
+    budget?: BudgetConfig;
+    /** P3: Model selection rules (first match wins). */
+    modelSelection?: ModelRule[];
+    /** P6: Structured output config (applied per-agent via agents map, or globally here). */
+    structuredOutput?: StructuredOutputConfig;
+}
+interface StackRunOptions {
+    /** Override output guardrails for this call */
+    guardrails?: {
+        output?: Array<GuardrailFn<OutputGuardrailData> | NamedGuardrail<OutputGuardrailData>>;
+    };
+    /** Set to false to skip cache for this call */
+    cache?: false;
+    /** AbortSignal for cancellation */
+    signal?: AbortSignal;
+}
+interface StackStreamOptions {
+    signal?: AbortSignal;
+}
+interface TokenStream<T = string> extends AsyncIterable<string> {
+    /** Resolves to the final run result after the stream completes */
+    result: Promise<RunResult<T>>;
+    /** Abort the stream */
+    abort: () => void;
+}
+interface AgentStackState {
+    totalTokens: number;
+    estimatedCost: number;
+    circuitState: CircuitState;
+    cacheStats: CacheStats;
+    memoryMessageCount: number;
+    busMessageCount: number;
+    rateLimitRemaining: number | null;
+}
+/** Options for runStructured() */
+interface StructuredRunOptions<_T = unknown> extends StackRunOptions {
+    /** Validate the output. Return `true` or `{ valid: true }` on success. */
+    validate: (value: unknown) => boolean | {
+        valid: boolean;
+        errors?: string[];
+    };
+    /** Number of retry attempts on validation failure @default 1 */
+    retries?: number;
+}
+interface AgentStack {
+    /** Run a single registered agent by ID */
+    run<T = unknown>(agentId: string, input: string, options?: StackRunOptions): Promise<RunResult<T>>;
+    /** Run and validate output against a schema, retrying on failure */
+    runStructured<T>(agentId: string, input: string, options: StructuredRunOptions<T>): Promise<RunResult<T>>;
+    /** Run a named execution pattern */
+    runPattern<T = unknown>(patternId: string, input: string, options?: StackRunOptions): Promise<T>;
+    /** Stream tokens from a single agent */
+    stream<T = string>(agentId: string, input: string, options?: StackStreamOptions): TokenStream<T>;
+    /** Stream full rich chunks (token, tool_start, tool_end, etc.) from a single agent */
+    streamChunks<T = unknown>(agentId: string, input: string, options?: StackStreamOptions): StreamingRunResult<T>;
+    /** Approve a pending approval request */
+    approve(requestId: string): void;
+    /** Reject a pending approval request */
+    reject(requestId: string, reason?: string): void;
+    /** Aggregate state across all features */
+    getState(): AgentStackState;
+    /** Reset all feature state */
+    reset(): void;
+    /** Dispose all resources */
+    dispose(): Promise<void>;
+    readonly orchestrator: AgentOrchestrator<Record<string, unknown>>;
+    readonly observability: ObservabilityInstance | null;
+    readonly messageBus: MessageBus | null;
+    readonly coordinator: MultiAgentOrchestrator | null;
+    readonly cache: SemanticCache | null;
+    readonly memory: AgentMemory | null;
+    /** Get observability timeline (spans + metrics) for debugging */
+    getTimeline(limit?: number): {
+        spans: readonly TraceSpan[];
+        metrics: Record<string, AggregatedMetric>;
+    };
+    /** @deprecated Use `observability` */
+    readonly obs: ObservabilityInstance | null;
+    /** @deprecated Use `messageBus` */
+    readonly bus: MessageBus | null;
+    /** @deprecated Use `coordinator` */
+    readonly multi: MultiAgentOrchestrator | null;
+}
+/**
+ * Create an agent stack that composes all AI adapter features.
+ *
+ * Only `runner` is required. Every other feature activates when its config key
+ * is present. Pass a pre-built instance to reuse existing objects, or pass
+ * shorthand config to let the stack create them.
+ */
+declare function createAgentStack(config: AgentStackConfig): AgentStack;
+
+/**
+ * AI Bridge — Syncs AI adapter state into a Directive system.
+ *
+ * Eliminates manual state sync boilerplate when using createAgentStack()
+ * alongside createSystem().
+ *
+ * @example Using with AgentStack directly
+ * ```typescript
+ * const syncAI = createAISyncer(stack, (state) => {
+ *   system.events.chat.updateAIState({
+ *     totalTokens: state.totalTokens,
+ *     estimatedCost: state.estimatedCost,
+ *     circuitState: state.circuitState,
+ *   });
+ * });
+ * syncAI();
+ * ```
+ *
+ * @example Using with a wrapper that has getState()
+ * ```typescript
+ * const syncAI = createAISyncer(myAIWrapper, (state) => {
+ *   system.events.chat.updateAIState({ ... });
+ * });
+ * syncAI();
+ * ```
+ */
+/**
+ * Any object with a getState() method.
+ * Works with AgentStack, or any wrapper that exposes getState().
+ */
+interface Syncable<S> {
+    getState(): S;
+}
+/**
+ * Create a sync function that reads the latest state from a source and
+ * passes it to a callback (typically dispatching events into a Directive system).
+ *
+ * Call the returned function after any AI operation to push state updates.
+ */
+declare function createAISyncer<S>(source: Syncable<S>, syncFn: (state: S) => void): () => void;
+
+/**
+ * RAG Enricher — Composable retrieval-augmented generation pipeline.
+ *
+ * Embeds a query, searches a chunk store by cosine similarity, and assembles
+ * an enriched input string (context + history + query) for any agent.
+ *
+ * @example
+ * ```typescript
+ * import {
+ *   createRAGEnricher,
+ *   createJSONFileStore,
+ * } from '@directive-run/ai';
+ *
+ * const enricher = createRAGEnricher({
+ *   embedder: myEmbedder, // Provide your own EmbedderFn
+ *   storage: createJSONFileStore({ filePath: './embeddings.json' }),
+ * });
+ *
+ * const enrichedInput = await enricher.enrich('How do constraints work?', {
+ *   prefix: 'User is viewing: /docs/constraints',
+ *   history: [{ role: 'user', content: 'Hello' }],
+ * });
+ * ```
+ */
+
+/** A document chunk with embedding and metadata */
+interface RAGChunk {
+    id: string;
+    content: string;
+    embedding: Embedding;
+    metadata: Record<string, unknown>;
+}
+/** Pluggable storage backend */
+interface RAGStorage {
+    getChunks(): Promise<RAGChunk[]>;
+    size(): Promise<number>;
+    /** Optional: optimized vector search (bypasses full getChunks scan) */
+    search?(query: Embedding, topK: number, minSimilarity: number): Promise<Array<RAGChunk & {
+        similarity: number;
+    }>>;
+    /** Reload storage (clear cache, re-read from source) */
+    reload?(): Promise<void>;
+    /** Dispose of resources */
+    dispose?(): void;
+}
+interface RAGEnricherConfig {
+    /** Function to generate query embeddings */
+    embedder: EmbedderFn;
+    /** Storage backend for document chunks */
+    storage: RAGStorage;
+    /** Number of top results to return (default: 5) */
+    topK?: number;
+    /** Minimum similarity score to include, clamped to [0, 1] (default: 0.3) */
+    minSimilarity?: number;
+    /** Custom chunk formatter */
+    formatChunk?: (chunk: RAGChunk, similarity: number) => string;
+    /** Custom context block formatter */
+    formatContext?: (formattedChunks: string[], query: string) => string;
+    /** Error callback — embedder/storage errors are non-fatal by default */
+    onError?: (error: Error) => void;
+}
+interface RAGEnrichOptions {
+    /** Prefix line (e.g. "User is viewing: /docs/constraints") */
+    prefix?: string;
+    /** Conversation history */
+    history?: Array<{
+        role: string;
+        content: string;
+    }>;
+    /** Per-call topK override */
+    topK?: number;
+    /** Filter chunks before ranking (e.g. by metadata tag or section) */
+    filter?: (chunk: RAGChunk) => boolean;
+}
+interface RAGEnricher {
+    /** Retrieve relevant chunks for a query */
+    retrieve(query: string, topK?: number): Promise<Array<RAGChunk & {
+        similarity: number;
+    }>>;
+    /** Retrieve + format into an enriched input string */
+    enrich(input: string, options?: RAGEnrichOptions): Promise<string>;
+}
+/**
+ * Create a RAG enricher that retrieves relevant document chunks and
+ * assembles enriched input for an agent.
+ */
+declare function createRAGEnricher(config: RAGEnricherConfig): RAGEnricher;
+interface JSONFileStoreOptions {
+    /** Absolute or relative path to the JSON embeddings file */
+    filePath: string;
+    /** Optional transform from raw JSON entries to RAGChunk */
+    mapEntry?: (entry: Record<string, unknown>) => RAGChunk;
+    /** Cache TTL in ms. 0 = cache forever (default) */
+    ttlMs?: number;
+}
+/**
+ * Create a RAGStorage backed by a JSON file (lazy-loaded, cached in memory).
+ * Uses dynamic `import('node:fs')` for isomorphic safety.
+ */
+declare function createJSONFileStore(options: JSONFileStoreOptions): RAGStorage;
+
+/**
+ * SSE Transport — Wrap a Directive AgentStack token stream into an HTTP
+ * Server-Sent Events response.
+ *
+ * Framework-agnostic: uses the WinterCG `Response` constructor (Node 18+,
+ * Deno, Bun, Cloudflare Workers, Next.js).
+ *
+ * @example
+ * ```typescript
+ * import { createSSETransport, createAgentStack } from '@directive-run/ai';
+ *
+ * const transport = createSSETransport({
+ *   maxResponseChars: 10_000,
+ *   errorMessages: {
+ *     INPUT_GUARDRAIL_FAILED: 'Your message was flagged by our safety filter.',
+ *   },
+ * });
+ *
+ * // Next.js route handler
+ * export async function POST(req: Request) {
+ *   const { message } = await req.json();
+ *   return transport.toResponse(stack, 'docs-qa', message);
+ * }
+ * ```
+ */
+
+type SSEEvent = {
+    type: "text";
+    text: string;
+} | {
+    type: "truncated";
+    text: string;
+} | {
+    type: "done";
+} | {
+    type: "error";
+    message: string;
+} | {
+    type: "heartbeat";
+    timestamp: number;
+};
+interface SSETransportConfig {
+    /** Truncate response after this many characters (default: Infinity) */
+    maxResponseChars?: number;
+    /** Message shown when response is truncated */
+    truncationMessage?: string;
+    /** Heartbeat interval in ms (default: 0 = disabled) */
+    heartbeatIntervalMs?: number;
+    /** Map error codes/types to user-facing messages */
+    errorMessages?: Record<string, string> | ((error: unknown) => string);
+    /** Extra headers merged into the SSE response */
+    headers?: Record<string, string>;
+}
+interface SSETransport {
+    /** Create a full HTTP Response with SSE headers */
+    toResponse(stack: AgentStack, agentId: string, input: string, opts?: {
+        signal?: AbortSignal;
+    }): Response;
+    /** Return just the ReadableStream (for Express/Koa `res.write()`) */
+    toStream(stack: AgentStack, agentId: string, input: string, opts?: {
+        signal?: AbortSignal;
+    }): ReadableStream<Uint8Array>;
+}
+/**
+ * Create an SSE transport that converts a Directive AgentStack token stream
+ * into Server-Sent Events.
+ */
+declare function createSSETransport(config?: SSETransportConfig): SSETransport;
+
+/**
+ * P5: Batch Queue — Application-level batching for agent calls.
+ *
+ * Accumulates calls and flushes them in batches to reduce overhead.
+ * Each `submit()` returns a promise that resolves when its individual call completes.
+ * Batches execute calls in parallel up to a configurable concurrency limit.
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { createBatchQueue } from '@directive-run/ai';
+ *
+ * const queue = createBatchQueue(runner, {
+ *   maxBatchSize: 20,
+ *   maxWaitMs: 5000,
+ *   concurrency: 5,
+ * });
+ *
+ * // Submit calls — they batch automatically
+ * const [r1, r2, r3] = await Promise.all([
+ *   queue.submit(agent, "input 1"),
+ *   queue.submit(agent, "input 2"),
+ *   queue.submit(agent, "input 3"),
+ * ]);
+ *
+ * // Force immediate flush
+ * await queue.flush();
+ *
+ * // Clean up (flushes remaining calls)
+ * await queue.dispose();
+ * ```
+ */
+
+interface BatchQueueConfig {
+    /** Maximum number of calls per batch. @default 20 */
+    maxBatchSize?: number;
+    /** Maximum time to wait before flushing (ms). @default 5000 */
+    maxWaitMs?: number;
+    /** Number of calls to run in parallel within a batch. @default 5 */
+    concurrency?: number;
+}
+interface BatchQueue {
+    /** Submit a call to the queue. Returns a promise that resolves when the call completes. */
+    submit<T = unknown>(agent: AgentLike, input: string, options?: RunOptions): Promise<RunResult<T>>;
+    /** Flush all pending calls immediately. */
+    flush(): Promise<void>;
+    /** Get the number of pending calls. */
+    readonly pending: number;
+    /** Dispose the queue, flushing remaining calls. */
+    dispose(): Promise<void>;
+}
+/**
+ * Create a batch queue for grouping agent calls.
+ *
+ * @example
+ * ```typescript
+ * const queue = createBatchQueue(runner, {
+ *   maxBatchSize: 20,
+ *   maxWaitMs: 5000,
+ *   concurrency: 5,
+ * });
+ *
+ * // Submit multiple calls — they batch automatically
+ * const [result1, result2, result3] = await Promise.all([
+ *   queue.submit(agent, "input 1"),
+ *   queue.submit(agent, "input 2"),
+ *   queue.submit(agent, "input 3"),
+ * ]);
+ *
+ * // Clean up
+ * await queue.dispose();
+ * ```
+ */
+declare function createBatchQueue(runner: AgentRunner, config?: BatchQueueConfig): BatchQueue;
+
+/**
+ * P4: Constraint-Driven Provider Routing — Directive's unique differentiator.
+ *
+ * Uses user-supplied constraints to select providers based on runtime state:
+ * cost, latency, error rates, and compliance regions.
+ *
+ * Tracks per-provider stats (call count, error count, cost, latency) and
+ * exposes them as {@link RoutingFacts} for constraint evaluation.
+ *
+ * @module
+ *
+ * @example
+ * ```typescript
+ * import { createConstraintRouter } from '@directive-run/ai';
+ * import type { ConstraintRouterRunner } from '@directive-run/ai';
+ *
+ * const router = createConstraintRouter({
+ *   providers: [
+ *     { name: "openai", runner: openaiRunner, pricing: { inputPerMillion: 5, outputPerMillion: 15 } },
+ *     { name: "anthropic", runner: anthropicRunner, pricing: { inputPerMillion: 3, outputPerMillion: 15 } },
+ *     { name: "ollama", runner: ollamaRunner },
+ *   ],
+ *   defaultProvider: "openai",
+ *   constraints: [
+ *     { when: (facts) => facts.totalCost > 100, provider: "ollama", priority: 10 },
+ *     { when: (facts) => facts.providers["openai"]?.errorCount > 5, provider: "anthropic" },
+ *   ],
+ *   preferCheapest: true, // opt-in to cheapest-provider heuristic
+ *   onProviderSelected: (name, reason) => console.log(`Using ${name} (${reason})`),
+ * });
+ *
+ * // Access runtime stats
+ * console.log(router.facts.totalCost, router.facts.callCount);
+ * ```
+ */
+
+/**
+ * Provider definition for the constraint router.
+ *
+ * Each provider has its own runner, optional pricing (for cost tracking
+ * and cheapest-provider heuristic), and optional region tag.
+ */
+interface RoutingProvider {
+    /** Unique name for this provider. */
+    name: string;
+    /** The runner to use for this provider. */
+    runner: AgentRunner;
+    /** Token pricing (cost per million tokens). */
+    pricing?: {
+        inputPerMillion: number;
+        outputPerMillion: number;
+    };
+    /** Geographic region (for compliance routing). */
+    region?: string;
+}
+/**
+ * Runtime facts tracked by the router — exposed for user constraints.
+ *
+ * Access via the `facts` property on the returned {@link ConstraintRouterRunner}.
+ */
+interface RoutingFacts {
+    totalCost: number;
+    callCount: number;
+    errorCount: number;
+    lastProvider: string | null;
+    avgLatencyMs: number;
+    /** Per-provider stats. */
+    providers: Record<string, ProviderStats>;
+}
+interface ProviderStats {
+    callCount: number;
+    errorCount: number;
+    totalCost: number;
+    avgLatencyMs: number;
+    lastErrorAt: number | null;
+}
+/** User-supplied routing constraint. */
+interface RoutingConstraint {
+    /** When this constraint is active. */
+    when: (facts: RoutingFacts) => boolean;
+    /** The provider to route to. */
+    provider: string;
+    /** Priority — higher wins when multiple constraints match. @default 0 */
+    priority?: number;
+}
+interface ConstraintRouterConfig {
+    /** Available providers. */
+    providers: RoutingProvider[];
+    /** Default provider name. */
+    defaultProvider: string;
+    /** User-supplied routing constraints. */
+    constraints?: RoutingConstraint[];
+    /** Called when a provider is selected. */
+    onProviderSelected?: (providerName: string, reason: "constraint" | "cheapest" | "default") => void;
+    /** Error cooldown — skip a provider for this many ms after an error. @default 30000 */
+    errorCooldownMs?: number;
+    /**
+     * When true, automatically prefer the cheapest available provider
+     * (based on pricing) when no user constraint matches.
+     * When false, the default provider is used unless a constraint overrides it.
+     * @default false
+     */
+    preferCheapest?: boolean;
+}
+/**
+ * Create a constraint-driven provider router.
+ *
+ * @example
+ * ```typescript
+ * const runner = createConstraintRouter({
+ *   providers: [
+ *     { name: "openai", runner: openaiRunner, pricing: { inputPerMillion: 5, outputPerMillion: 15 } },
+ *     { name: "anthropic", runner: anthropicRunner, pricing: { inputPerMillion: 3, outputPerMillion: 15 } },
+ *     { name: "ollama", runner: ollamaRunner },
+ *   ],
+ *   defaultProvider: "openai",
+ *   constraints: [
+ *     { when: (facts) => facts.totalCost > 100, provider: "ollama", priority: 10 },
+ *     { when: (facts) => facts.providers["openai"]?.errorCount > 5, provider: "anthropic" },
+ *   ],
+ * });
+ * ```
+ */
+declare function createConstraintRouter(config: ConstraintRouterConfig): ConstraintRouterRunner;
+/** Helper type for accessing router facts. */
+type ConstraintRouterRunner = AgentRunner & {
+    readonly facts: RoutingFacts;
+};
+
+/**
+ * MCP Type Definitions
+ *
+ * Model Context Protocol types for Directive integration.
+ * These types are compatible with the MCP specification but don't require
+ * the MCP SDK as a dependency.
+ *
+ * @see https://modelcontextprotocol.io/
+ */
+/** MCP Transport type */
+type MCPTransport = "stdio" | "sse" | "websocket";
+/** MCP Server connection configuration */
+interface MCPServerConfig {
+    /** Unique name for this server */
+    name: string;
+    /** Transport protocol */
+    transport: MCPTransport;
+    /** For stdio: command to run */
+    command?: string;
+    /** For stdio: command arguments */
+    args?: string[];
+    /** For stdio: environment variables */
+    env?: Record<string, string>;
+    /** For sse/websocket: URL to connect to */
+    url?: string;
+    /** Optional authentication */
+    auth?: {
+        type: "bearer" | "api-key" | "oauth";
+        token?: string;
+        apiKey?: string;
+    };
+    /** Connection timeout (ms) */
+    timeout?: number;
+    /** Retry configuration */
+    retry?: {
+        maxAttempts?: number;
+        backoffMs?: number;
+    };
+}
+/** MCP Tool definition */
+interface MCPTool {
+    /** Tool name (must be unique within server) */
+    name: string;
+    /** Human-readable description */
+    description?: string;
+    /** JSON Schema for tool input */
+    inputSchema: MCPJsonSchema;
+}
+/** MCP Resource definition */
+interface MCPResource {
+    /** Resource URI */
+    uri: string;
+    /** Human-readable name */
+    name: string;
+    /** Resource description */
+    description?: string;
+    /** MIME type */
+    mimeType?: string;
+}
+/** MCP Prompt definition */
+interface MCPPrompt {
+    /** Prompt name */
+    name: string;
+    /** Prompt description */
+    description?: string;
+    /** Arguments the prompt accepts */
+    arguments?: MCPPromptArgument[];
+}
+/** MCP Prompt argument */
+interface MCPPromptArgument {
+    name: string;
+    description?: string;
+    required?: boolean;
+}
+/** JSON Schema type (subset used by MCP) */
+interface MCPJsonSchema {
+    type?: string;
+    description?: string;
+    properties?: Record<string, MCPJsonSchema>;
+    required?: string[];
+    items?: MCPJsonSchema;
+    enum?: unknown[];
+    default?: unknown;
+    [key: string]: unknown;
+}
+/** Result from calling an MCP tool */
+interface MCPToolResult {
+    /** Tool output content */
+    content: MCPContent[];
+    /** Whether the tool call failed */
+    isError?: boolean;
+}
+/** MCP Content types */
+type MCPContent = MCPTextContent | MCPImageContent | MCPResourceContent;
+/** Text content */
+interface MCPTextContent {
+    type: "text";
+    text: string;
+}
+/** Image content */
+interface MCPImageContent {
+    type: "image";
+    data: string;
+    mimeType: string;
+}
+/** Resource reference content */
+interface MCPResourceContent {
+    type: "resource";
+    resource: {
+        uri: string;
+        mimeType?: string;
+        text?: string;
+        blob?: string;
+    };
+}
+/** Result from reading an MCP resource */
+interface MCPResourceResult {
+    contents: Array<{
+        uri: string;
+        mimeType?: string;
+        text?: string;
+        blob?: string;
+    }>;
+}
+/** Result from getting an MCP prompt */
+interface MCPPromptResult {
+    description?: string;
+    messages: Array<{
+        role: "user" | "assistant";
+        content: MCPContent;
+    }>;
+}
+/** MCP Client capabilities */
+interface MCPCapabilities {
+    tools?: boolean;
+    resources?: boolean;
+    prompts?: boolean;
+    sampling?: boolean;
+    logging?: boolean;
+}
+/** MCP Client interface (for custom implementations) */
+interface MCPClient {
+    /** Connect to the server */
+    connect(): Promise<void>;
+    /** Disconnect from the server */
+    disconnect(): Promise<void>;
+    /** Check if connected */
+    isConnected(): boolean;
+    /** Get server capabilities */
+    getCapabilities(): MCPCapabilities;
+    /** List available tools */
+    listTools(): Promise<MCPTool[]>;
+    /** Call a tool */
+    callTool(name: string, args: Record<string, unknown>): Promise<MCPToolResult>;
+    /** List available resources */
+    listResources(): Promise<MCPResource[]>;
+    /** Read a resource */
+    readResource(uri: string): Promise<MCPResourceResult>;
+    /** Subscribe to resource changes */
+    subscribeResource?(uri: string, callback: (resource: MCPResource) => void): () => void;
+    /** List available prompts */
+    listPrompts(): Promise<MCPPrompt[]>;
+    /** Get a prompt with arguments */
+    getPrompt(name: string, args?: Record<string, string>): Promise<MCPPromptResult>;
+}
+/** Constraint configuration for an MCP tool */
+interface MCPToolConstraint {
+    /** Require human approval before calling */
+    requireApproval?: boolean;
+    /** Maximum argument size (bytes) */
+    maxArgSize?: number;
+    /** Constraint that must be true to allow the tool */
+    when?: (facts: Record<string, unknown>, args: Record<string, unknown>) => boolean | Promise<boolean>;
+    /** Requirement to emit when constraint is violated */
+    require?: {
+        type: string;
+        [key: string]: unknown;
+    };
+    /** Rate limit (calls per minute) */
+    rateLimit?: number;
+    /** Timeout for tool execution (ms) */
+    timeout?: number;
+}
+/** Mapping of MCP resources to Directive facts */
+interface MCPResourceMapping {
+    /** Resource URI pattern (glob or regex) */
+    pattern: string | RegExp;
+    /** Fact key to sync to */
+    factKey: string;
+    /** Transform resource content before setting fact */
+    transform?: (content: string) => unknown;
+    /** Sync mode */
+    mode: "poll" | "subscribe" | "manual";
+    /** Poll interval (ms) for 'poll' mode */
+    pollInterval?: number;
+}
+/** MCP Approval request */
+interface MCPApprovalRequest {
+    id: string;
+    server: string;
+    tool: string;
+    args: Record<string, unknown>;
+    requestedAt: number;
+}
+/** MCP Adapter events */
+interface MCPAdapterEvents {
+    /** Server connected */
+    onConnect?: (server: string) => void;
+    /** Server disconnected */
+    onDisconnect?: (server: string, reason?: string) => void;
+    /** Tool called */
+    onToolCall?: (server: string, tool: string, args: Record<string, unknown>) => void;
+    /** Tool result received */
+    onToolResult?: (server: string, tool: string, result: MCPToolResult) => void;
+    /** Resource updated */
+    onResourceUpdate?: (server: string, uri: string, content: MCPResourceResult) => void;
+    /** Error occurred */
+    onError?: (server: string, error: Error) => void;
+    /** Approval required for tool call */
+    onApprovalRequest?: (request: MCPApprovalRequest) => void;
+    /** Approval resolved */
+    onApprovalResolved?: (requestId: string, approved: boolean) => void;
+}
+/** MCP Adapter configuration */
+interface MCPAdapterConfig {
+    /** MCP servers to connect to */
+    servers: MCPServerConfig[];
+    /** Tool-specific constraints */
+    toolConstraints?: Record<string, MCPToolConstraint>;
+    /** Resource to fact mappings */
+    resourceMappings?: MCPResourceMapping[];
+    /** Event handlers */
+    events?: MCPAdapterEvents;
+    /** Auto-connect on adapter creation */
+    autoConnect?: boolean;
+    /** Reconnect on disconnect */
+    autoReconnect?: boolean;
+    /** Custom MCP client factory (for testing or custom implementations) */
+    clientFactory?: (config: MCPServerConfig) => MCPClient;
+    /** Enable debug logging for stub client (default: false) */
+    debug?: boolean;
+    /** Approval timeout in milliseconds (default: 300000 = 5 minutes) */
+    approvalTimeoutMs?: number;
+}
+/** Requirement to call an MCP tool */
+interface MCPCallToolRequirement {
+    type: "MCP_CALL_TOOL";
+    server: string;
+    tool: string;
+    args: Record<string, unknown>;
+    [key: string]: unknown;
+}
+/** Requirement to read an MCP resource */
+interface MCPReadResourceRequirement {
+    type: "MCP_READ_RESOURCE";
+    server: string;
+    uri: string;
+    [key: string]: unknown;
+}
+/** Requirement to get an MCP prompt */
+interface MCPGetPromptRequirement {
+    type: "MCP_GET_PROMPT";
+    server: string;
+    prompt: string;
+    args?: Record<string, string>;
+    [key: string]: unknown;
+}
+/** Requirement to sync MCP resources */
+interface MCPSyncResourcesRequirement {
+    type: "MCP_SYNC_RESOURCES";
+    server?: string;
+    pattern?: string | RegExp;
+    [key: string]: unknown;
+}
+/** Union of all MCP requirements */
+type MCPRequirement = MCPCallToolRequirement | MCPReadResourceRequirement | MCPGetPromptRequirement | MCPSyncResourcesRequirement;
+
+/**
+ * MCP Adapter - Model Context Protocol Integration for Directive
+ *
+ * Provides seamless integration between Directive's constraint system and MCP servers:
+ * - MCP tools become Directive resolvers with constraint-driven access control
+ * - MCP resources sync to Directive facts
+ * - MCP prompts available through requirements
+ *
+ * @example
+ * ```typescript
+ * import { createMCPAdapter } from '@directive-run/ai';
+ *
+ * const mcpAdapter = createMCPAdapter({
+ *   servers: [
+ *     { name: 'filesystem', transport: 'stdio', command: 'mcp-server-filesystem' },
+ *     { name: 'github', transport: 'sse', url: 'https://mcp.github.com' }
+ *   ],
+ *   toolConstraints: {
+ *     'filesystem.write': { requireApproval: true },
+ *     'github.create_pr': { when: (facts) => facts.reviewComplete }
+ *   }
+ * });
+ *
+ * const system = createSystem({
+ *   module: myModule,
+ *   plugins: [mcpAdapter.plugin]
+ * });
+ * ```
+ */
+
+/** State of an MCP server connection */
+interface MCPServerState {
+    config: MCPServerConfig;
+    client: MCPClient | null;
+    tools: MCPTool[];
+    resources: MCPResource[];
+    status: "disconnected" | "connecting" | "connected" | "error";
+    error?: Error;
+    lastSync?: number;
+}
+/** MCP Adapter instance */
+interface MCPAdapter {
+    /** Plugin to add to Directive system */
+    plugin: Plugin;
+    /** Connect to all configured servers */
+    connect(): Promise<void>;
+    /** Connect to a specific server */
+    connectServer(name: string): Promise<void>;
+    /** Disconnect from all servers */
+    disconnect(): Promise<void>;
+    /** Disconnect from a specific server */
+    disconnectServer(name: string): Promise<void>;
+    /** Get all available tools across all servers */
+    getTools(): Map<string, MCPTool[]>;
+    /** Get all available resources across all servers */
+    getResources(): Map<string, MCPResource[]>;
+    /**
+     * Call a tool with constraint checking (recommended).
+     * Applies rate limits, argument size limits, approval workflow, and custom constraints.
+     * @param server - Server name
+     * @param tool - Tool name
+     * @param args - Tool arguments
+     * @param facts - Current facts for constraint evaluation
+     */
+    callTool(server: string, tool: string, args: Record<string, unknown>, facts: Record<string, unknown>): Promise<MCPToolResult>;
+    /**
+     * Call a tool directly, bypassing all constraints (rate limits, approvals, etc.).
+     * Use only for trusted internal calls where constraint checking is not needed.
+     */
+    callToolDirect(server: string, tool: string, args: Record<string, unknown>): Promise<MCPToolResult>;
+    /** Read a resource directly */
+    readResource(server: string, uri: string): Promise<MCPResourceResult>;
+    /** Sync resources to facts */
+    syncResources(facts: Record<string, unknown>): Promise<void>;
+    /** Get server status */
+    getServerStatus(name: string): MCPServerState | undefined;
+    /** Get all server statuses */
+    getAllServerStatuses(): Map<string, MCPServerState>;
+    /** Approve a pending tool call request */
+    approve(requestId: string): void;
+    /** Reject a pending tool call request */
+    reject(requestId: string, reason?: string): void;
+    /** Get pending approval requests */
+    getPendingApprovals(): MCPApprovalRequest[];
+    /** Get the rejection reason for a request (if available) */
+    getRejectionReason(requestId: string): string | undefined;
+}
+/**
+ * Create an MCP adapter for Directive integration.
+ *
+ * @example
+ * ```typescript
+ * const adapter = createMCPAdapter({
+ *   servers: [
+ *     { name: 'fs', transport: 'stdio', command: 'mcp-server-filesystem' },
+ *   ],
+ *   toolConstraints: {
+ *     'fs.write_file': {
+ *       requireApproval: true,
+ *       maxArgSize: 10000,
+ *       timeout: 30000,
+ *     },
+ *   },
+ *   resourceMappings: [
+ *     {
+ *       pattern: 'file://*.json',
+ *       factKey: 'jsonFiles',
+ *       mode: 'poll',
+ *       pollInterval: 5000,
+ *     },
+ *   ],
+ * });
+ *
+ * // Add to system
+ * const system = createSystem({
+ *   module: myModule,
+ *   plugins: [adapter.plugin],
+ * });
+ *
+ * // Connect to servers
+ * await adapter.connect();
+ * ```
+ */
+declare function createMCPAdapter(config: MCPAdapterConfig): MCPAdapter;
+/**
+ * Convert MCP tools to a format suitable for LLM tool calling.
+ *
+ * @example
+ * ```typescript
+ * const adapter = createMCPAdapter({ servers: [...] });
+ * await adapter.connect();
+ *
+ * const tools = adapter.getTools();
+ * const llmTools = convertToolsForLLM(tools);
+ * // Use with OpenAI/Anthropic/etc.
+ * ```
+ */
+declare function convertToolsForLLM(tools: Map<string, MCPTool[]>): Array<{
+    type: "function";
+    function: {
+        name: string;
+        description: string;
+        parameters: Record<string, unknown>;
+    };
+}>;
+/**
+ * Create a requirement to call an MCP tool.
+ *
+ * @example
+ * ```typescript
+ * const req = mcpCallTool('filesystem', 'read_file', { path: '/etc/hosts' });
+ * // { type: 'MCP_CALL_TOOL', server: 'filesystem', tool: 'read_file', args: { path: '/etc/hosts' } }
+ * ```
+ */
+declare function mcpCallTool(server: string, tool: string, args: Record<string, unknown>): MCPCallToolRequirement;
+/**
+ * Create a requirement to read an MCP resource.
+ */
+declare function mcpReadResource(server: string, uri: string): MCPReadResourceRequirement;
+/**
+ * Create a requirement to get an MCP prompt.
+ */
+declare function mcpGetPrompt(server: string, prompt: string, args?: Record<string, string>): MCPGetPromptRequirement;
+/**
+ * Create a requirement to sync MCP resources.
+ */
+declare function mcpSyncResources(server?: string, pattern?: string | RegExp): MCPSyncResourcesRequirement;
+
+/**
+ * AI Adapter – Constraint-driven agent orchestration with guardrails
+ *
+ * Philosophy: "Use Directive WITH any LLM agent framework"
+ * - Your framework handles LLM tool execution
+ * - Directive adds safety guardrails, approval workflows, state persistence
+ *
+ * Also available:
+ * - `@directive-run/ai/testing` – Mock runners, test orchestrators, assertion helpers
+ * - `@directive-run/ai/anthropic` – Anthropic Claude adapter
+ * - `@directive-run/ai/openai` – OpenAI / Azure / Together adapter
+ * - `@directive-run/ai/ollama` – Local Ollama inference adapter
+ *
+ * @example
+ * ```typescript
+ * import { createAgentOrchestrator } from '@directive-run/ai'
+ *
+ * const orchestrator = createAgentOrchestrator({
+ *   runner: myAgentRunner,
+ *   constraints: {
+ *     needsExpertReview: {
+ *       when: (facts) => facts.decision.confidence < 0.7,
+ *       require: { type: 'EXPERT_AGENT', query: facts.userQuery }
+ *     },
+ *     budgetLimit: {
+ *       when: (facts) => facts.tokenUsage > 10000,
+ *       require: { type: 'PAUSE_AGENTS' }
+ *     }
+ *   },
+ *   guardrails: {
+ *     input: [(data) => validatePII(data.input)],
+ *     output: [(data) => checkToxicity(data.output)]
+ *   }
+ * })
+ * ```
+ */
+
+/** Orchestrator options */
+interface OrchestratorOptions<F extends Record<string, unknown>> {
+    /** Function to run an agent */
+    runner: AgentRunner;
+    /** Additional facts schema */
+    factsSchema?: Record<string, {
+        _type: unknown;
+        _validators: [];
+    }>;
+    /** Initialize additional facts */
+    init?: (facts: F & OrchestratorState) => void;
+    /** Constraints for orchestration */
+    constraints?: Record<string, OrchestratorConstraint<F>>;
+    /** Resolvers for orchestration */
+    resolvers?: Record<string, OrchestratorResolver<F, Requirement>>;
+    /** Guardrails */
+    guardrails?: GuardrailsConfig;
+    /** Callback for approval requests */
+    onApprovalRequest?: (request: ApprovalRequest) => void;
+    /**
+     * Auto-approve tool calls
+     * @default true
+     */
+    autoApproveToolCalls?: boolean;
+    /**
+     * Maximum token budget across all agent runs.
+     *
+     * When exceeded, agents are automatically paused with status "paused".
+     * Check `facts.agent.tokenUsage` to see current usage.
+     *
+     * For more sophisticated cost management (per-user budgets, tiered pricing,
+     * cost alerts), see the Cost Management section in the documentation.
+     *
+     * @example
+     * ```typescript
+     * const orchestrator = createAgentOrchestrator({
+     *   maxTokenBudget: 10000, // Pause after 10K tokens
+     * });
+     *
+     * // Check if paused due to budget
+     * if (orchestrator.facts.agent.status === 'paused') {
+     *   console.log('Budget exceeded:', orchestrator.facts.agent.tokenUsage);
+     * }
+     * ```
+     */
+    maxTokenBudget?: number;
+    /** Plugins */
+    plugins?: Plugin[];
+    /**
+     * Enable debugging
+     * @default false
+     */
+    debug?: boolean;
+    /**
+     * Approval timeout in milliseconds
+     * @default 300000 (5 minutes)
+     */
+    approvalTimeoutMs?: number;
+    /** Retry configuration for agent runs (no retries if not specified) */
+    agentRetry?: AgentRetryConfig;
+    /** Lifecycle hooks for observability */
+    hooks?: OrchestratorLifecycleHooks;
+    /**
+     * Optional memory instance. When provided, context messages are auto-injected
+     * into agent instructions before each run, and result messages are auto-stored.
+     */
+    memory?: AgentMemory;
+    /**
+     * Optional circuit breaker. Wraps every run() call.
+     * When OPEN, throws CircuitBreakerOpenError instead of calling the agent.
+     */
+    circuitBreaker?: CircuitBreaker;
+}
+/** Streaming run result from orchestrator */
+interface OrchestratorStreamResult<T = unknown> {
+    /** Async iterator for streaming chunks */
+    stream: AsyncIterable<OrchestratorStreamChunk>;
+    /** Promise that resolves to the final result */
+    result: Promise<RunResult<T>>;
+    /** Abort the stream */
+    abort: () => void;
+}
+/** Stream chunk types for orchestrator — extends StreamChunk with approval events */
+type OrchestratorStreamChunk = StreamChunk | {
+    type: "approval_required";
+    requestId: string;
+    toolName: string;
+} | {
+    type: "approval_resolved";
+    requestId: string;
+    approved: boolean;
+};
+/** Per-call options for run() */
+interface RunCallOptions {
+    /** Override output guardrails for this call only. Set to [] to skip. */
+    outputGuardrails?: Array<GuardrailFn<OutputGuardrailData> | NamedGuardrail<OutputGuardrailData>>;
+    /** Override input guardrails for this call only. Set to [] to skip. */
+    inputGuardrails?: Array<GuardrailFn<InputGuardrailData> | NamedGuardrail<InputGuardrailData>>;
+    /** Signal for abort */
+    signal?: AbortSignal;
+}
+/** Orchestrator instance */
+interface AgentOrchestrator<F extends Record<string, unknown>> {
+    system: System<any>;
+    facts: F & OrchestratorState;
+    /** Run an agent with guardrails. Pass options to override guardrails per-call. */
+    run<T>(agent: AgentLike, input: string, options?: RunCallOptions): Promise<RunResult<T>>;
+    /**
+     * Run an agent with streaming support.
+     * Returns an async iterator for chunks and a promise for the final result.
+     *
+     * @example
+     * ```typescript
+     * const { stream, result, abort } = orchestrator.runStream(agent, input);
+     *
+     * for await (const chunk of stream) {
+     *   if (chunk.type === 'token') process.stdout.write(chunk.data);
+     *   if (chunk.type === 'approval_required') showApprovalDialog(chunk);
+     *   if (chunk.type === 'guardrail_triggered') handleGuardrail(chunk);
+     * }
+     *
+     * const finalResult = await result;
+     * ```
+     */
+    runStream<T>(agent: AgentLike, input: string, options?: {
+        signal?: AbortSignal;
+    }): OrchestratorStreamResult<T>;
+    /** Approve a pending request */
+    approve(requestId: string): void;
+    /** Reject a pending request */
+    reject(requestId: string, reason?: string): void;
+    /** Pause all agents */
+    pause(): void;
+    /** Resume agents */
+    resume(): void;
+    /** Reset conversation state */
+    reset(): void;
+    /** Dispose of the orchestrator */
+    dispose(): void;
+}
+/**
+ * Create an orchestrator for OpenAI agents with Directive constraints.
+ *
+ * @example
+ * ```typescript
+ * import { run as runner } from '@openai/agents'
+ *
+ * const orchestrator = createAgentOrchestrator({
+ *   runner,
+ *   constraints: {
+ *     escalateToExpert: {
+ *       when: (facts) => facts.agent.output?.confidence < 0.7,
+ *       require: (facts) => ({
+ *         type: 'RUN_EXPERT_AGENT',
+ *         query: facts.agent.input,
+ *       }),
+ *     },
+ *     budgetExceeded: {
+ *       when: (facts) => facts.agent.tokenUsage > 10000,
+ *       require: { type: 'PAUSE_AGENTS' },
+ *     },
+ *   },
+ *   guardrails: {
+ *     input: [
+ *       async (data) => {
+ *         const hasPII = await detectPII(data.input);
+ *         return { passed: !hasPII, reason: hasPII ? 'Contains PII' : undefined };
+ *       },
+ *     ],
+ *     output: [
+ *       async (data) => {
+ *         const isToxic = await checkToxicity(data.output);
+ *         return { passed: !isToxic, reason: isToxic ? 'Toxic content' : undefined };
+ *       },
+ *     ],
+ *   },
+ * });
+ *
+ * // Run with guardrails and constraint-driven orchestration
+ * const result = await orchestrator.run(myAgent, 'Hello, can you help me?');
+ * ```
+ *
+ * @throws {Error} If autoApproveToolCalls is false but no onApprovalRequest callback is provided
+ */
+declare function createAgentOrchestrator<F extends Record<string, unknown> = Record<string, never>>(options: OrchestratorOptions<F>): AgentOrchestrator<F>;
+/** Builder for type-safe orchestrator configuration */
+interface OrchestratorBuilder<F extends Record<string, unknown>> {
+    /** Add a constraint */
+    withConstraint<K extends string>(id: K, constraint: OrchestratorConstraint<F>): OrchestratorBuilder<F>;
+    /** Add a resolver */
+    withResolver<R extends Requirement>(id: string, resolver: OrchestratorResolver<F, R>): OrchestratorBuilder<F>;
+    /** Add an input guardrail */
+    withInputGuardrail(nameOrGuardrail: string | NamedGuardrail<InputGuardrailData>, fn?: GuardrailFn<InputGuardrailData>): OrchestratorBuilder<F>;
+    /** Add an output guardrail */
+    withOutputGuardrail(nameOrGuardrail: string | NamedGuardrail<OutputGuardrailData>, fn?: GuardrailFn<OutputGuardrailData>): OrchestratorBuilder<F>;
+    /** Add a tool call guardrail */
+    withToolCallGuardrail(nameOrGuardrail: string | NamedGuardrail<ToolCallGuardrailData>, fn?: GuardrailFn<ToolCallGuardrailData>): OrchestratorBuilder<F>;
+    /** Add a plugin */
+    withPlugin(plugin: Plugin): OrchestratorBuilder<F>;
+    /** Set memory instance for auto context injection and message storage */
+    withMemory(memory: AgentMemory): OrchestratorBuilder<F>;
+    /** Set circuit breaker to wrap all run() calls */
+    withCircuitBreaker(cb: CircuitBreaker): OrchestratorBuilder<F>;
+    /** Set max token budget */
+    withBudget(maxTokens: number): OrchestratorBuilder<F>;
+    /** Enable debug mode */
+    withDebug(enabled?: boolean): OrchestratorBuilder<F>;
+    /** Build the orchestrator */
+    build(options: {
+        runner: AgentRunner;
+        autoApproveToolCalls?: boolean;
+        onApprovalRequest?: (request: ApprovalRequest) => void;
+    }): AgentOrchestrator<F>;
+}
+/**
+ * Create a type-safe orchestrator builder.
+ *
+ * @example
+ * ```typescript
+ * const orchestrator = createOrchestratorBuilder<MyFacts>()
+ *   .withConstraint('budget', {
+ *     when: (facts) => facts.cost > 100,
+ *     require: { type: 'PAUSE' },
+ *   })
+ *   .withInputGuardrail('pii', createPIIGuardrail())
+ *   .withOutputGuardrail('toxicity', createModerationGuardrail({ ... }))
+ *   .withBudget(10000)
+ *   .withDebug()
+ *   .build({ runner });
+ * ```
+ */
+declare function createOrchestratorBuilder<F extends Record<string, unknown> = Record<string, never>>(): OrchestratorBuilder<F>;
+
+export { type ANNIndex, type ANNSearchResult, AdapterHooks, type AgentInfo, AgentLike, type AgentMemory, type AgentMemoryConfig, type AgentMessage, type AgentMessageType, type AgentNetwork, type AgentNetworkConfig, type AgentOrchestrator, type AgentRegistration, type AgentRegistry, AgentRetryConfig, type AgentRunState, AgentRunner, type AgentSelectionConstraint, type AgentStack, type AgentStackConfig, type AgentStackState, AgentState, AllProvidersFailedError, ApprovalRequest, ApprovalState, type AuditInstance, type AuditPluginConfig, type BackpressureStrategy, type BatchQueue, type BatchQueueConfig, type BatchedEmbedder, type BidirectionalStream, type BudgetConfig, type BudgetExceededDetails, BudgetExceededError, type BudgetRunner, type BudgetWindow, type CacheEntry, type CacheLookupResult, type CacheStats, type ComplianceConfig, type ComplianceInstance, type ComplianceStorage, type ConstraintBuilder, type ConstraintRouterConfig, type ConstraintRouterRunner, type CreateRunnerOptions, DEFAULT_INJECTION_PATTERNS, type DelegationMessage, type DelegationResultMessage, type DoneChunk, type EmbedderFn, type Embedding, type EnhancedPIIGuardrailOptions, type ErrorChunk, type ExecutionPattern, type FallbackConfig, GuardrailFn, type GuardrailTriggeredChunk, GuardrailsConfig, type HandoffRequest, type HandoffResult, type InformMessage, InputGuardrailData, type JSONFileStoreOptions, type MCPAdapter, type MCPAdapterConfig, type MCPApprovalRequest, type MCPCallToolRequirement, type MCPGetPromptRequirement, type MCPReadResourceRequirement, type MCPRequirement, type MCPResource, type MCPServerConfig, type MCPSyncResourcesRequirement, type MCPTool, type MCPToolConstraint, type MCPToolResult, type MemoryManageResult, type MemoryState, type MemoryStrategy, type MemoryStrategyConfig, type MemoryStrategyResult, Message$1 as Message, type MessageBus, type MessageBusConfig, type MessageChunk, type MessageFilter, type MessageHandler, type MessageSummarizer, type ModelRule, type ModelSelectionConfig, type MultiAgentOrchestrator, type MultiAgentOrchestratorOptions, type MultiAgentState, NamedGuardrail, type OrchestratorBuilder, OrchestratorConstraint, OrchestratorLifecycleHooks, type OrchestratorOptions, OrchestratorResolver, OrchestratorState, type OrchestratorStreamChunk, type OrchestratorStreamResult, OutputGuardrailData, type ParallelPattern, type ParsedResponse, type ProgressChunk, type PromptInjectionGuardrailOptions, type ProviderStats, type QueryMessage, type RAGChunk, type RAGEnrichOptions, type RAGEnricher, type RAGEnricherConfig, type RAGStorage, type RateLimitGuardrail, type RequestMessage, type ResponseMessage, type RetryConfig, RetryExhaustedError, type RoutingConstraint, type RoutingFacts, type RoutingProvider, type RunAgentRequirement, type RunCallOptions, RunOptions, RunResult, type SSEEvent, type SSETransport, type SSETransportConfig, STRICT_INJECTION_PATTERNS, type SafeParseResult, type SafeParseable, SchemaValidator, type SemanticCache, type SemanticCacheConfig, type SemanticCacheStorage, Semaphore, type SequentialPattern, type StackRunOptions, type StackStreamOptions, type StreamChannel, type StreamChannelConfig, type StreamChannelState, type StreamChunk, type StreamRunOptions, type StreamRunner, type StreamingCallbackRunner, type StreamingGuardrail, type StreamingGuardrailResult, type StreamingRunResult, type StructuredOutputConfig, StructuredOutputError, type StructuredRunOptions, type Subscription, type SupervisorPattern, type TokenChunk, type TokenPricing, type TokenStream, ToolCallGuardrailData, type ToolEndChunk, type ToolStartChunk, type TypedAgentMessage, type UpdateMessage, type VPTreeIndexConfig, type WhenWithRequire, adaptOutputGuardrail, aggregateTokens, byAgentName, byInputLength, byPattern, collectOutputs, collectTokens, combineStreamingGuardrails, concatResults, constraint, convertToolsForLLM, createAISyncer, createAgentAuditHandlers, createAgentMemory, createAgentNetwork, createAgentOrchestrator, createAgentStack, createAuditTrail, createBatchQueue, createBatchedEmbedder, createBidirectionalStream, createBruteForceIndex, createCompliance, createConstraintRouter, createContentFilterGuardrail, createDelegator, createEnhancedPIIGuardrail, createHybridStrategy, createInMemoryComplianceStorage, createInMemoryStorage, createJSONFileStore, createKeyPointsSummarizer, createLLMSummarizer, createLengthGuardrail, createLengthStreamingGuardrail, createMCPAdapter, createMessageBus, createModerationGuardrail, createMultiAgentOrchestrator, createOrchestratorBuilder, createOutputPIIGuardrail, createOutputSchemaGuardrail, createOutputTypeGuardrail, createPIIGuardrail, createPatternStreamingGuardrail, createPromptInjectionGuardrail, createPubSub, createRAGEnricher, createRateLimitGuardrail, createResponder, createRunner, createSSETransport, createSemanticCache, createSemanticCacheGuardrail, createSlidingWindowStrategy, createStreamChannel, createStreamingRunner, createTestEmbedder, createTokenBasedStrategy, createToolGuardrail, createToxicityStreamingGuardrail, createTruncationSummarizer, createUntrustedContentGuardrail, createVPTreeIndex, detectPII, detectPromptInjection, estimateCost, extractJsonFromOutput, filterStream, hasPendingApprovals, isAgentRunning, mapStream, markUntrustedContent, mcpCallTool, mcpGetPrompt, mcpReadResource, mcpSyncResources, mergeStreams, parallel, parseHttpStatus, parseRetryAfter, pickBestResult, pipeThrough, redactPII, runAgentRequirement, sanitizeInjection, selectAgent, sequential, supervisor, tapStream, validateBaseURL, when, withBudget, withFallback, withModelSelection, withRetry, withStructuredOutput };