npm - @f-o-h/cli - Versions diffs - 0.1.41 → 0.1.43 - Mend

@f-o-h/cli 0.1.41 → 0.1.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +3 -0
package/dist/foh.js +495 -188
package/examples/external-agent-metadata.example.json +19 -0
package/examples/external-agent-run.example.json +1 -0
package/examples/improvement-packet.example.json +6 -0
package/package.json +1 -1
package/schemas/external-agent-metadata.schema.json +30 -0
package/schemas/external-agent-run.schema.json +1 -0
package/schemas/improvement-packet.schema.json +30 -8

package/dist/foh.js CHANGED Viewed

@@ -6046,7 +6046,7 @@ var require_compile = __commonJS({
       const schOrFunc = root.refs[ref];
       if (schOrFunc)
         return schOrFunc;
-      let _sch = resolve12.call(this, root, ref);
+      let _sch = resolve13.call(this, root, ref);
       if (_sch === void 0) {
         const schema2 = (_a2 = root.localRefs) === null || _a2 === void 0 ? void 0 : _a2[ref];
         const { schemaId } = this.opts;
@@ -6073,7 +6073,7 @@ var require_compile = __commonJS({
     function sameSchemaEnv(s1, s2) {
       return s1.schema === s2.schema && s1.root === s2.root && s1.baseId === s2.baseId;
     }
-    function resolve12(root, ref) {
+    function resolve13(root, ref) {
       let sch;
       while (typeof (sch = this.refs[ref]) == "string")
         ref = sch;
@@ -6648,55 +6648,55 @@ var require_fast_uri = __commonJS({
       }
       return uri;
     }
-    function resolve12(baseURI, relativeURI, options) {
+    function resolve13(baseURI, relativeURI, options) {
       const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
       const resolved = resolveComponent(parse3(baseURI, schemelessOptions), parse3(relativeURI, schemelessOptions), schemelessOptions, true);
       schemelessOptions.skipEscape = true;
       return serialize(resolved, schemelessOptions);
     }
-    function resolveComponent(base, relative2, options, skipNormalization) {
+    function resolveComponent(base, relative3, options, skipNormalization) {
       const target = {};
       if (!skipNormalization) {
         base = parse3(serialize(base, options), options);
-        relative2 = parse3(serialize(relative2, options), options);
+        relative3 = parse3(serialize(relative3, options), options);
       }
       options = options || {};
-      if (!options.tolerant && relative2.scheme) {
-        target.scheme = relative2.scheme;
-        target.userinfo = relative2.userinfo;
-        target.host = relative2.host;
-        target.port = relative2.port;
-        target.path = removeDotSegments(relative2.path || "");
-        target.query = relative2.query;
+      if (!options.tolerant && relative3.scheme) {
+        target.scheme = relative3.scheme;
+        target.userinfo = relative3.userinfo;
+        target.host = relative3.host;
+        target.port = relative3.port;
+        target.path = removeDotSegments(relative3.path || "");
+        target.query = relative3.query;
       } else {
-        if (relative2.userinfo !== void 0 || relative2.host !== void 0 || relative2.port !== void 0) {
-          target.userinfo = relative2.userinfo;
-          target.host = relative2.host;
-          target.port = relative2.port;
-          target.path = removeDotSegments(relative2.path || "");
-          target.query = relative2.query;
+        if (relative3.userinfo !== void 0 || relative3.host !== void 0 || relative3.port !== void 0) {
+          target.userinfo = relative3.userinfo;
+          target.host = relative3.host;
+          target.port = relative3.port;
+          target.path = removeDotSegments(relative3.path || "");
+          target.query = relative3.query;
         } else {
-          if (!relative2.path) {
+          if (!relative3.path) {
             target.path = base.path;
-            if (relative2.query !== void 0) {
-              target.query = relative2.query;
+            if (relative3.query !== void 0) {
+              target.query = relative3.query;
             } else {
               target.query = base.query;
             }
           } else {
-            if (relative2.path[0] === "/") {
-              target.path = removeDotSegments(relative2.path);
+            if (relative3.path[0] === "/") {
+              target.path = removeDotSegments(relative3.path);
             } else {
               if ((base.userinfo !== void 0 || base.host !== void 0 || base.port !== void 0) && !base.path) {
-                target.path = "/" + relative2.path;
+                target.path = "/" + relative3.path;
               } else if (!base.path) {
-                target.path = relative2.path;
+                target.path = relative3.path;
               } else {
-                target.path = base.path.slice(0, base.path.lastIndexOf("/") + 1) + relative2.path;
+                target.path = base.path.slice(0, base.path.lastIndexOf("/") + 1) + relative3.path;
               }
               target.path = removeDotSegments(target.path);
             }
-            target.query = relative2.query;
+            target.query = relative3.query;
           }
           target.userinfo = base.userinfo;
           target.host = base.host;
@@ -6704,7 +6704,7 @@ var require_fast_uri = __commonJS({
         }
         target.scheme = base.scheme;
       }
-      target.fragment = relative2.fragment;
+      target.fragment = relative3.fragment;
       return target;
     }
     function equal(uriA, uriB, options) {
@@ -6875,7 +6875,7 @@ var require_fast_uri = __commonJS({
     var fastUri = {
       SCHEMES,
       normalize,
-      resolve: resolve12,
+      resolve: resolve13,
       resolveComponent,
       equal,
       serialize,
@@ -7213,8 +7213,8 @@ var require_core = __commonJS({
             return this;
           }
           case "object": {
-            const cacheKey2 = schemaKeyRef;
-            this._cache.delete(cacheKey2);
+            const cacheKey3 = schemaKeyRef;
+            this._cache.delete(cacheKey3);
             let id = schemaKeyRef[this.opts.schemaId];
             if (id) {
               id = (0, resolve_1.normalizeId)(id);
@@ -10158,21 +10158,21 @@ async function promptLine(label, {
   allowEmpty = false,
   defaultValue
 } = {}) {
-  return await new Promise((resolve12) => {
+  return await new Promise((resolve13) => {
     const suffix = defaultValue ? ` [${defaultValue}]` : "";
     const rl = (0, import_readline.createInterface)({ input: process.stdin, output: process.stdout, terminal: true });
     rl.question(`${label}${suffix}: `, (answer) => {
       rl.close();
       const value = String(answer ?? "").trim();
       if (!value && typeof defaultValue === "string") {
-        resolve12(defaultValue);
+        resolve13(defaultValue);
         return;
       }
       if (!value && !allowEmpty) {
-        resolve12("");
+        resolve13("");
         return;
       }
-      resolve12(value);
+      resolve13(value);
     });
   });
 }
@@ -10180,7 +10180,7 @@ async function promptSecret(label) {
   if (!process.stdin.isTTY || !process.stdout.isTTY || typeof process.stdin.setRawMode !== "function") {
     return await promptLine(label);
   }
-  return await new Promise((resolve12) => {
+  return await new Promise((resolve13) => {
     const stdin = process.stdin;
     const stdout = process.stdout;
     const wasRaw = Boolean(stdin.isRaw);
@@ -10194,7 +10194,7 @@ async function promptSecret(label) {
     const finish = () => {
       cleanup();
       stdout.write("\n");
-      resolve12(value);
+      resolve13(value);
     };
     const onData = (chunk) => {
       const text = typeof chunk === "string" ? chunk : chunk.toString("utf8");
@@ -10203,7 +10203,7 @@ async function promptSecret(label) {
           cleanup();
           process.exitCode = 130;
           stdout.write("\n");
-          return resolve12("");
+          return resolve13("");
         }
         if (char === "\r" || char === "\n") {
           finish();
@@ -10472,7 +10472,7 @@ async function storeAuthenticatedSession(params) {
   return output;
 }
 function sleep(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 function hasExplicitTimeoutFlag(argv = process.argv) {
   return argv.some((arg) => arg === "--timeout-seconds" || arg.startsWith("--timeout-seconds="));
@@ -11024,7 +11024,7 @@ async function pollUntil(check2, opts) {
   }
 }
 function sleep2(ms) {
-  return new Promise((resolve12) => setTimeout(resolve12, ms));
+  return new Promise((resolve13) => setTimeout(resolve13, ms));
 }
 // src/commands/compliance.ts
@@ -14119,8 +14119,8 @@ function registerAgentGuardrailCommands(agent) {
     try {
       rule = JSON.parse(opts.rule);
     } catch {
-      const { readFileSync: readFileSync12 } = await import("fs");
-      rule = JSON.parse(readFileSync12(opts.rule, "utf-8"));
+      const { readFileSync: readFileSync14 } = await import("fs");
+      rule = JSON.parse(readFileSync14(opts.rule, "utf-8"));
     }
     const data = await apiFetch(`/v1/console/agents/${opts.agent}/guardrails`, {
       method: "POST",
@@ -14757,9 +14757,9 @@ function registerAgent(program3) {
       process.stdout.write(yaml);
       return;
     }
-    const { writeFileSync: writeFileSync10 } = await import("fs");
+    const { writeFileSync: writeFileSync11 } = await import("fs");
     const outputPath = opts.output ?? "tenant.yaml";
-    writeFileSync10(
+    writeFileSync11(
       outputPath,
       `# tenant.yaml - Front Of House agent manifest
 # Edit this file and run: foh plan tenant.yaml
@@ -16194,11 +16194,11 @@ function registerVoice(program3) {
     }
     const outputPath = String(opts.out || `foh-voice-preview-${provider}-${voiceId}.mp3`).trim();
     const audio = Buffer.from(await res.arrayBuffer());
-    const { mkdirSync: mkdirSync7, writeFileSync: writeFileSync10 } = await import("fs");
-    const { dirname: dirname6, resolve: resolve12 } = await import("path");
-    const absolutePath = resolve12(outputPath);
-    mkdirSync7(dirname6(absolutePath), { recursive: true });
-    writeFileSync10(absolutePath, audio);
+    const { mkdirSync: mkdirSync8, writeFileSync: writeFileSync11 } = await import("fs");
+    const { dirname: dirname8, resolve: resolve13 } = await import("path");
+    const absolutePath = resolve13(outputPath);
+    mkdirSync8(dirname8(absolutePath), { recursive: true });
+    writeFileSync11(absolutePath, audio);
     format({
       status: "ok",
       provider,
@@ -30679,7 +30679,7 @@ var Protocol = class {
           return;
         }
         const pollInterval = task2.pollInterval ?? this._options?.defaultTaskPollInterval ?? 1e3;
-        await new Promise((resolve12) => setTimeout(resolve12, pollInterval));
+        await new Promise((resolve13) => setTimeout(resolve13, pollInterval));
         options?.signal?.throwIfAborted();
       }
     } catch (error2) {
@@ -30696,7 +30696,7 @@ var Protocol = class {
    */
   request(request, resultSchema, options) {
     const { relatedRequestId, resumptionToken, onresumptiontoken, task, relatedTask } = options ?? {};
-    return new Promise((resolve12, reject) => {
+    return new Promise((resolve13, reject) => {
       const earlyReject = (error2) => {
         reject(error2);
       };
@@ -30774,7 +30774,7 @@ var Protocol = class {
           if (!parseResult.success) {
             reject(parseResult.error);
           } else {
-            resolve12(parseResult.data);
+            resolve13(parseResult.data);
           }
         } catch (error2) {
           reject(error2);
@@ -31035,12 +31035,12 @@ var Protocol = class {
       }
     } catch {
     }
-    return new Promise((resolve12, reject) => {
+    return new Promise((resolve13, reject) => {
       if (signal.aborted) {
         reject(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
         return;
       }
-      const timeoutId = setTimeout(resolve12, interval);
+      const timeoutId = setTimeout(resolve13, interval);
       signal.addEventListener("abort", () => {
         clearTimeout(timeoutId);
         reject(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
@@ -32140,7 +32140,7 @@ var McpServer = class {
     let task = createTaskResult.task;
     const pollInterval = task.pollInterval ?? 5e3;
     while (task.status !== "completed" && task.status !== "failed" && task.status !== "cancelled") {
-      await new Promise((resolve12) => setTimeout(resolve12, pollInterval));
+      await new Promise((resolve13) => setTimeout(resolve13, pollInterval));
       const updatedTask = await extra.taskStore.getTask(taskId);
       if (!updatedTask) {
         throw new McpError(ErrorCode.InternalError, `Task ${taskId} not found during polling`);
@@ -32789,19 +32789,19 @@ var StdioServerTransport = class {
     this.onclose?.();
   }
   send(message) {
-    return new Promise((resolve12) => {
+    return new Promise((resolve13) => {
       const json3 = serializeMessage(message);
       if (this._stdout.write(json3)) {
-        resolve12();
+        resolve13();
       } else {
-        this._stdout.once("drain", resolve12);
+        this._stdout.once("drain", resolve13);
       }
     });
   }
 };
 // src/lib/cli-version.ts
-var CLI_VERSION = "0.1.41";
+var CLI_VERSION = "0.1.42";
 // src/commands/mcp-serve.ts
 var DEFAULT_TIMEOUT_MS = 12e4;
@@ -32986,7 +32986,7 @@ async function runFohCli(params) {
     effectiveArgv.push("--json");
   }
   const command = `foh ${effectiveArgv.join(" ")}`;
-  return await new Promise((resolve12) => {
+  return await new Promise((resolve13) => {
     const child = (0, import_node_child_process.spawn)(process.execPath, [cliEntry, ...effectiveArgv], {
       stdio: ["ignore", "pipe", "pipe"],
       env: {
@@ -33011,7 +33011,7 @@ async function runFohCli(params) {
     });
     child.once("error", (error2) => {
       clearTimeout(timeoutHandle);
-      resolve12({
+      resolve13({
         ok: false,
         command,
         argv: effectiveArgv,
@@ -33027,7 +33027,7 @@ async function runFohCli(params) {
       const stderrText = finalizeBoundedText(stderrBuffer);
       const exitCode = Number.isFinite(code ?? NaN) ? Number(code) : 1;
       const stdoutJson = tryParseJson(stdoutText);
-      resolve12({
+      resolve13({
         ok: !timedOut && exitCode === 0,
         command,
         argv: effectiveArgv,
@@ -34405,6 +34405,12 @@ var SETUP_STEP_ORDER = [
   "publish_agent",
   "emit_summary"
 ];
+function extractGuardrailsList(response) {
+  if (Array.isArray(response)) return response;
+  if (Array.isArray(response.guardrails)) return response.guardrails;
+  if (Array.isArray(response.rules)) return response.rules;
+  return [];
+}
 function resolveResumeIndex(resumeFromRaw) {
   if (!resumeFromRaw) {
     return { resumeFrom: null, resumeIndex: 0 };
@@ -34696,7 +34702,10 @@ function registerSetup(program3) {
         }
         await apiFetch("/v1/console/org/compliance/submit", {
           method: "POST",
-          body: JSON.stringify({ type: "standard" }),
+          body: JSON.stringify({
+            type: "standard",
+            friendlyName: opts.agentName
+          }),
           orgId: opts.org,
           apiUrlOverride: opts.apiUrl
         });
@@ -34842,12 +34851,18 @@ function registerSetup(program3) {
         const existing = await apiFetch(`/v1/console/agents/${resolvedAgentId}/guardrails`, {
           apiUrlOverride: opts.apiUrl
         });
-        if (Array.isArray(existing.rules) && existing.rules.length > 0) {
+        if (extractGuardrailsList(existing).length > 0) {
           return { step: "seed_guardrails", status: "skipped", detail: "guardrails already set" };
         }
         await apiFetch(`/v1/console/agents/${resolvedAgentId}/guardrails`, {
           method: "POST",
-          body: JSON.stringify({ name: "NoSilentDrop", mode: "log", condition: "always" }),
+          body: JSON.stringify({
+            rule_id: "no-silent-drop",
+            type: "focus",
+            name: "NoSilentDrop",
+            mode: "log",
+            topics: ["property", "real estate", "viewing", "valuation", "buyer", "seller", "landlord", "tenant"]
+          }),
           apiUrlOverride: opts.apiUrl
         });
         return { step: "seed_guardrails", status: "done" };
@@ -35011,8 +35026,8 @@ function registerSetup(program3) {
         }
         try {
           const manifest = await agentExport(resolvedAgentId, { apiUrlOverride: opts.apiUrl });
-          const { writeFileSync: writeFileSync10 } = await import("fs");
-          writeFileSync10(
+          const { writeFileSync: writeFileSync11 } = await import("fs");
+          writeFileSync11(
             "tenant.yaml",
             `# tenant.yaml - Front Of House agent manifest
 # Edit this file and run: foh plan tenant.yaml
@@ -35182,8 +35197,8 @@ function registerSim(program3) {
       }
       const cert = response.certificate;
       if (opts.out) {
-        const { writeFileSync: writeFileSync10 } = await import("fs");
-        writeFileSync10(opts.out, JSON.stringify(cert, null, 2) + "\n", "utf-8");
+        const { writeFileSync: writeFileSync11 } = await import("fs");
+        writeFileSync11(opts.out, JSON.stringify(cert, null, 2) + "\n", "utf-8");
         process.stderr.write(`  Certificate written to ${opts.out}
 `);
       }
@@ -35233,8 +35248,8 @@ function registerSim(program3) {
         });
       }
       if (opts.out) {
-        const { writeFileSync: writeFileSync10 } = await import("fs");
-        writeFileSync10(opts.out, JSON.stringify(response.certificate, null, 2) + "\n", "utf-8");
+        const { writeFileSync: writeFileSync11 } = await import("fs");
+        writeFileSync11(opts.out, JSON.stringify(response.certificate, null, 2) + "\n", "utf-8");
         process.stderr.write(`  Final certificate written to ${opts.out}
 `);
       }
@@ -36678,7 +36693,7 @@ function inferReasonCode(artifact) {
 function inferPromotionDecision(sourceType, reasonCode) {
   const reason = String(reasonCode || "").toLowerCase();
   if (sourceType === "external_agent_run") {
-    if (reason.includes("friendlyname") || reason.includes("api") || reason.includes("500")) return "fix_api";
+    if (reason.includes("friendlyname") || reason.includes("guardrail") || reason.includes("rule_id") || reason.includes("api") || reason.includes("http_4") || reason.includes("http_5") || reason.includes("404") || reason.includes("500") || reason.includes("roundtrip")) return "fix_api";
     if (reason.includes("contact_phone") || reason.includes("voice_contact") || reason.includes("voice_not_included") || reason.includes("agent_limit") || reason.includes("org_") || reason.includes("template_apply")) return "fix_config";
     if (reason.includes("exec_policy") || reason.includes("policy_blocked") || reason.includes("auth") || reason.includes("config")) return "fix_config";
     if (reason.includes("cli") || reason.includes("command") || reason.includes("flag")) return "fix_cli";
@@ -36690,6 +36705,24 @@ function inferPromotionDecision(sourceType, reasonCode) {
   if (sourceType === "replay_failure" || sourceType === "runtime_miss") return "add_test";
   return "fix_runtime";
 }
+function inferOwnerSubsystem(sourceType, reasonCode) {
+  const reason = String(reasonCode || "").toLowerCase();
+  if (sourceType === "external_agent_run") {
+    if (reason.includes("simulation") || reason.includes("certification") || reason.includes("scenario")) return "dojo_certification";
+    if (reason.includes("contact_phone") || reason.includes("voice_contact") || reason.includes("voice_not_included") || reason.includes("byon") || reason.includes("provider_capacity")) return "voice_contact";
+    if (reason.includes("exec_policy") || reason.includes("policy_blocked") || reason.includes("sandbox") || reason.includes("runner") || reason.includes("codex")) return "infra_runner";
+    if (reason.includes("friendlyname") || reason.includes("guardrail") || reason.includes("rule_id") || reason.includes("api") || reason.includes("http_4") || reason.includes("http_5") || reason.includes("404") || reason.includes("500") || reason.includes("roundtrip")) return "api_contract";
+    if (reason.includes("cli") || reason.includes("command") || reason.includes("flag")) return "cli";
+    if (reason.includes("docs") || reason.includes("unclear") || reason.includes("not_found")) return "docs";
+    if (reason.includes("runtime") || reason.includes("widget") || reason.includes("proof")) return "runtime";
+    return "product_ux";
+  }
+  if (sourceType === "knowledge_miss") return "docs";
+  if (sourceType === "replay_failure" || sourceType === "runtime_miss") return "runtime";
+  if (sourceType === "proof_failure" || sourceType === "live_proof_failure") return "runtime";
+  if (sourceType === "setup_failure") return "product_ux";
+  return "product_ux";
+}
 function collectIds(artifact, explicit = {}) {
   const source = getPath2(artifact, "source");
   const ids = {
@@ -36729,6 +36762,13 @@ function defaultNextCommands(input) {
   if (input.sourceType === "external_agent_run" && input.sourceArtifactPath) {
     commands.push(`foh bug improve --from external-agent-run --file ${input.sourceArtifactPath} --json`);
   }
+  if (input.ownerSubsystem === "dojo_certification") {
+    commands.push(input.ids.agent_id ? `foh sim certify-loop --agent ${input.ids.agent_id} --json` : "foh sim certify-loop --agent <agent_id> --json");
+  }
+  if (input.ownerSubsystem === "voice_contact") {
+    commands.push("foh provision status --json");
+    commands.push(input.ids.agent_id ? `foh prove --agent ${input.ids.agent_id} --mission voice --contact-path auto --json` : "foh prove --mission voice --contact-path auto --json");
+  }
   if (input.sourceArtifactPath) {
     commands.push(`foh bug report --out test-results/bug-report.from-improvement.json --command "investigate ${input.reasonCode}" --request-url https://front-of-house-api.stldocs.app/api --response-status 500 --next-check "Review ${(0, import_path7.basename)(input.sourceArtifactPath)}" --json`);
   }
@@ -36784,12 +36824,13 @@ function buildImprovementPacket(input) {
     });
   }
   const promotionDecision = parseEnum(input.promotionDecision, IMPROVEMENT_DECISIONS, "--recommendation") ?? inferPromotionDecision(sourceType, reasonCode);
+  const ownerSubsystem = inferOwnerSubsystem(sourceType, reasonCode);
   const evidenceSummary = redactString(
     nonEmpty2(input.evidenceSummary) ?? nonEmpty2(getPath2(artifact, "summary")) ?? `Improvement candidate generated from ${sourceType} with reason ${reasonCode}.`
   );
   const nextCommands = Array.from(new Set([
     ...input.nextCommands ?? [],
-    ...defaultNextCommands({ sourceType, ids, sourceArtifactPath: input.sourceArtifactPath, reasonCode })
+    ...defaultNextCommands({ sourceType, ids, sourceArtifactPath: input.sourceArtifactPath, reasonCode, ownerSubsystem })
   ].map((command) => command.trim()).filter(Boolean)));
   const packet = {
     schema_version: "foh_improvement_packet.v1",
@@ -36797,6 +36838,12 @@ function buildImprovementPacket(input) {
     source_type: sourceType,
     reason_code: reasonCode,
     promotion_decision: promotionDecision,
+    owner_subsystem: ownerSubsystem,
+    routing: {
+      owner_subsystem: ownerSubsystem,
+      promotion_decision: promotionDecision,
+      reason_family: ownerSubsystem
+    },
     ids,
     evidence: {
       summary: evidenceSummary,
@@ -37173,6 +37220,106 @@ function registerBug(program3) {
   });
 }
+// src/lib/proof-cache.ts
+var import_node_crypto2 = require("node:crypto");
+var import_node_fs2 = require("node:fs");
+var import_node_path = require("node:path");
+var DEFAULT_MAX_AGE_MS = 15 * 60 * 1e3;
+var DEFAULT_WAIT_MS = 180 * 1e3;
+var DEFAULT_POLL_MS = 500;
+function sleep3(ms) {
+  return new Promise((resolveSleep) => setTimeout(resolveSleep, ms));
+}
+function stableJson(value) {
+  if (Array.isArray(value)) return `[${value.map(stableJson).join(",")}]`;
+  if (value && typeof value === "object") {
+    return `{${Object.entries(value).sort(([a], [b]) => a.localeCompare(b)).map(([key, entry]) => `${JSON.stringify(key)}:${stableJson(entry)}`).join(",")}}`;
+  }
+  return JSON.stringify(value);
+}
+function cacheKey2(kind, keyParts) {
+  return (0, import_node_crypto2.createHash)("sha256").update(stableJson({ kind, keyParts, schema_version: "foh_proof_cache_key.v1" })).digest("hex").slice(0, 32);
+}
+function publicPath(filePath) {
+  const rel = (0, import_node_path.relative)(process.cwd(), filePath).replaceAll("\\", "/");
+  return rel.startsWith("..") ? filePath.replaceAll("\\", "/") : rel;
+}
+function readFreshCache(filePath, maxAgeMs) {
+  try {
+    const payload = JSON.parse((0, import_node_fs2.readFileSync)(filePath, "utf8"));
+    const createdAt = Date.parse(String(payload.created_at || ""));
+    if (!Number.isFinite(createdAt)) return null;
+    if (Date.now() - createdAt > maxAgeMs) return null;
+    return payload.value ?? null;
+  } catch {
+    return null;
+  }
+}
+function writeCache(filePath, value) {
+  (0, import_node_fs2.mkdirSync)((0, import_node_path.dirname)(filePath), { recursive: true });
+  (0, import_node_fs2.writeFileSync)(filePath, `${JSON.stringify({
+    schema_version: "foh_proof_cache_entry.v1",
+    created_at: (/* @__PURE__ */ new Date()).toISOString(),
+    value
+  }, null, 2)}
+`, "utf8");
+}
+function resolveProofCacheDir(input) {
+  const value = String(input || process.env.FOH_PROOF_CACHE_DIR || "").trim();
+  if (!value) return null;
+  return (0, import_node_path.isAbsolute)(value) ? value : (0, import_node_path.resolve)(process.cwd(), value);
+}
+async function withProofCache(options, run) {
+  const resolvedDir = resolveProofCacheDir(options.cacheDir);
+  if (!resolvedDir) {
+    return {
+      value: await run(),
+      metadata: { hit: false, key: "disabled", cache_path: "", waited_ms: 0 }
+    };
+  }
+  const key = cacheKey2(options.kind, options.keyParts);
+  const cachePath = (0, import_node_path.join)(resolvedDir, `${key}.json`);
+  const lockPath = (0, import_node_path.join)(resolvedDir, `${key}.lock`);
+  const maxAgeMs = options.maxAgeMs ?? DEFAULT_MAX_AGE_MS;
+  const waitMs = options.waitMs ?? Number(process.env.FOH_PROOF_CACHE_WAIT_MS || DEFAULT_WAIT_MS);
+  const pollMs = options.pollMs ?? DEFAULT_POLL_MS;
+  (0, import_node_fs2.mkdirSync)(resolvedDir, { recursive: true });
+  const existing = readFreshCache(cachePath, maxAgeMs);
+  if (existing) {
+    return {
+      value: existing,
+      metadata: { hit: true, key, cache_path: publicPath(cachePath), waited_ms: 0 }
+    };
+  }
+  let lockOwner = false;
+  try {
+    (0, import_node_fs2.mkdirSync)(lockPath);
+    lockOwner = true;
+  } catch {
+    const started = Date.now();
+    while (Date.now() - started < waitMs) {
+      await sleep3(pollMs);
+      const waitedValue = readFreshCache(cachePath, maxAgeMs);
+      if (waitedValue) {
+        return {
+          value: waitedValue,
+          metadata: { hit: true, key, cache_path: publicPath(cachePath), waited_ms: Date.now() - started }
+        };
+      }
+    }
+  }
+  try {
+    const value = await run();
+    writeCache(cachePath, value);
+    return {
+      value,
+      metadata: { hit: false, key, cache_path: publicPath(cachePath), waited_ms: 0 }
+    };
+  } finally {
+    if (lockOwner) (0, import_node_fs2.rmSync)(lockPath, { recursive: true, force: true });
+  }
+}
 // src/commands/prove.ts
 function categoryForCheck(name) {
   if (name === "auth") return "auth";
@@ -37268,11 +37415,12 @@ function isProviderCapacityBlocked(onboarding) {
   return /maximum number of subaccounts|subaccount limit|reserve[- ]number pool|reserve pool exhausted|global safety limit/.test(message);
 }
 function registerProve(program3) {
-  program3.command("prove").description("Produce one setup/runtime proof bundle for an agent").option("--agent <id>", "Agent ID to prove").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--cert-mode <m>", "Simulation cert mode: quick, full, stress", "quick").option("--cert-adaptive-runs <n>", "Adaptive runs for full/stress certification", "30").option("--cert-max-improvement-rounds <n>", "Max prompt improvement rounds in cert loop (0-5)", "1").option("--mission <mission>", "Proof mission: setup, widget, voice, publish", "setup").option("--contact-path <mode>", "Voice contact path: auto, managed, or byon", "auto").option("--mutation-mode <mode>", "Proof mutation mode: read-only or ensure", "read-only").option("--repair", "Alias for --mutation-mode ensure").option("--require-phone", "Hold proof if no phone/contact number is provisioned").option("--skip-cert", "Skip simulation certification check").option("--skip-smoke", "Skip widget runtime smoke check").option("--skip-voice-health", "Skip realtime voice provider health check").option("--out <path>", "Write signed proof report JSON to this path").option("--strict", "Exit non-zero unless all non-skipped checks pass").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+  program3.command("prove").description("Produce one setup/runtime proof bundle for an agent").option("--agent <id>", "Agent ID to prove").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--cert-mode <m>", "Simulation cert mode: quick, full, stress", "quick").option("--cert-adaptive-runs <n>", "Adaptive runs for full/stress certification", "30").option("--cert-max-improvement-rounds <n>", "Max prompt improvement rounds in cert loop (0-5)", "1").option("--mission <mission>", "Proof mission: setup, widget, voice, publish", "setup").option("--contact-path <mode>", "Voice contact path: auto, managed, or byon", "auto").option("--mutation-mode <mode>", "Proof mutation mode: read-only or ensure", "read-only").option("--repair", "Alias for --mutation-mode ensure").option("--require-phone", "Hold proof if no phone/contact number is provisioned").option("--skip-cert", "Skip simulation certification check").option("--skip-smoke", "Skip widget runtime smoke check").option("--skip-voice-health", "Skip realtime voice provider health check").option("--proof-cache-dir <path>", "Optional local proof cache directory for shared certification results").option("--out <path>", "Write signed proof report JSON to this path").option("--strict", "Exit non-zero unless all non-skipped checks pass").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const checks = [];
     const mission = normalizeMission(opts.mission);
     const contactPath = normalizeContactPath(opts.contactPath);
     const mutationMode = normalizeMutationMode(opts.mutationMode, Boolean(opts.repair));
+    let validationFingerprint = null;
     const ctx = {
       tokenPresent: false,
       traceIds: [],
@@ -37354,6 +37502,7 @@ function registerProve(program3) {
           apiUrlOverride: opts.apiUrl
         });
         const issues = Array.isArray(validation.issues) ? validation.issues : [];
+        validationFingerprint = validation;
         if (validation.ok === false || issues.length > 0) {
           checks.push(hold("agent_validation", "agent_validation_issues", `Agent validation returned ${issues.length} issue(s).`, `foh agent validate --agent ${ctx.agentId} --json`, validation));
         } else {
@@ -37526,21 +37675,42 @@ function registerProve(program3) {
       } else {
         try {
           const certMode = normalizeAgentCertMode(opts.certMode);
-          const loop = await runSetupCertifyLoop(ctx.agentId, {
+          const agentId = ctx.agentId;
+          const adaptiveRuns = Math.max(1, Number(opts.certAdaptiveRuns ?? 30) || 30);
+          const maxImprovementRounds = Math.max(0, Math.min(5, Number(opts.certMaxImprovementRounds ?? 1) || 1));
+          const cached2 = await withProofCache({
+            cacheDir: opts.proofCacheDir,
+            kind: "simulation_certification",
+            keyParts: {
+              agent_id: agentId,
+              org_id: ctx.orgId,
+              api_url: opts.apiUrl || ctx.apiUrl || null,
+              cert_mode: certMode,
+              adaptive_runs: adaptiveRuns,
+              max_improvement_rounds: maxImprovementRounds,
+              validation_fingerprint: validationFingerprint
+            }
+          }, () => runSetupCertifyLoop(agentId, {
             mode: certMode,
-            adaptiveRuns: Math.max(1, Number(opts.certAdaptiveRuns ?? 30) || 30),
-            maxImprovementRounds: Math.max(0, Math.min(5, Number(opts.certMaxImprovementRounds ?? 1) || 1)),
+            adaptiveRuns,
+            maxImprovementRounds,
             orgId: ctx.orgId,
             apiUrlOverride: opts.apiUrl
-          });
+          }));
+          const loop = cached2.value;
+          const loopWithCache = {
+            ...loop,
+            proof_cache: cached2.metadata
+          };
           if (!loop.overall_pass) {
-            checks.push(hold("simulation_certification", "simulation_certification_failed", "Simulation certification did not pass.", `foh sim certify-loop --agent ${ctx.agentId} --${certMode === "quick" ? "full" : certMode} --json`, loop));
+            checks.push(hold("simulation_certification", "simulation_certification_failed", "Simulation certification did not pass.", `foh sim certify-loop --agent ${agentId} --${certMode === "quick" ? "full" : certMode} --json`, loopWithCache));
           } else {
             checks.push(pass("simulation_certification", "Simulation certification passed.", {
               mode: loop.mode,
               attempts: loop.attempts?.length ?? 0,
               improvement_runs: loop.improvement_runs,
-              scenario_summary: loop.certificate?.scenario_summary
+              scenario_summary: loop.certificate?.scenario_summary,
+              proof_cache: cached2.metadata
             }));
           }
         } catch (error2) {
@@ -38034,7 +38204,7 @@ async function runSelf(args, apiUrlOverride) {
   if (apiUrlOverride && !spawnArgs.includes("--api-url")) {
     spawnArgs.push("--api-url", apiUrlOverride);
   }
-  return await new Promise((resolve12, reject) => {
+  return await new Promise((resolve13, reject) => {
     const child = (0, import_child_process2.spawn)(process.execPath, [process.argv[1], ...spawnArgs], {
       stdio: "inherit",
       env: {
@@ -38044,7 +38214,7 @@ async function runSelf(args, apiUrlOverride) {
       }
     });
     child.once("error", reject);
-    child.once("close", (code) => resolve12(typeof code === "number" ? code : 1));
+    child.once("close", (code) => resolve13(typeof code === "number" ? code : 1));
   });
 }
 function shouldUseInteractiveHome(argv) {
@@ -38422,17 +38592,17 @@ function detectUpdateAvailability(currentVersion, cwd = process.cwd()) {
 async function applyRepoUpdate(repoRoot) {
   const scriptPath = (0, import_path9.join)(repoRoot, "scripts", "Install-FohCli.ps1");
   if (process.platform === "win32") {
-    return await new Promise((resolve12, reject) => {
+    return await new Promise((resolve13, reject) => {
       const child = (0, import_child_process3.spawn)(
         "powershell",
         ["-ExecutionPolicy", "Bypass", "-File", scriptPath],
         { stdio: "inherit" }
       );
       child.once("error", reject);
-      child.once("close", (code) => resolve12(typeof code === "number" ? code : 1));
+      child.once("close", (code) => resolve13(typeof code === "number" ? code : 1));
     });
   }
-  return await new Promise((resolve12, reject) => {
+  return await new Promise((resolve13, reject) => {
     const child = (0, import_child_process3.spawn)(
       "corepack",
       ["pnpm", "cli:install:global"],
@@ -38442,7 +38612,7 @@ async function applyRepoUpdate(repoRoot) {
       }
     );
     child.once("error", reject);
-    child.once("close", (code) => resolve12(typeof code === "number" ? code : 1));
+    child.once("close", (code) => resolve13(typeof code === "number" ? code : 1));
   });
 }
 function shouldShowUpdateNotice(argv = process.argv) {
@@ -38578,8 +38748,8 @@ function registerUpdate(program3) {
 }
 // src/commands/eval.ts
-var import_fs15 = require("fs");
-var import_path13 = require("path");
+var import_fs16 = require("fs");
+var import_path14 = require("path");
 var import_child_process5 = require("child_process");
 // src/lib/external-agent-artifact-safety.ts
@@ -38869,6 +39039,8 @@ function completeExternalAgentCliInvocation(capture, input) {
   const completedAt = input.completedAt || (/* @__PURE__ */ new Date()).toISOString();
   const output = redactPath(String(input.output || "").slice(0, 256 * 1024));
   const parsed = parseEnvelope(output);
+  const exitCode = Number.isInteger(input.exitCode) ? Number(input.exitCode) : null;
+  const status = parsed.status ?? (exitCode === 0 ? "pass" : exitCode === null ? null : "fail");
   let artifact = null;
   if (output.trim()) {
     artifact = outputArtifactName(capture.commandId);
@@ -38888,8 +39060,8 @@ function completeExternalAgentCliInvocation(capture, input) {
     started_at: capture.startedAt,
     completed_at: completedAt,
     duration_ms: Math.max(0, Date.parse(completedAt) - Date.parse(capture.startedAt)),
-    exit_code: Number.isInteger(input.exitCode) ? Number(input.exitCode) : null,
-    status: parsed.status,
+    exit_code: exitCode,
+    status,
     reason_code: parsed.reasonCode,
     check_reason_codes: parsed.checkReasonCodes,
     output_artifact: artifact,
@@ -38912,10 +39084,62 @@ function readCommandRecords(runDir) {
 }
 // src/lib/external-agent-executor.ts
-var import_fs14 = require("fs");
+var import_fs15 = require("fs");
 var import_os2 = require("os");
-var import_path12 = require("path");
+var import_path13 = require("path");
 var import_child_process4 = require("child_process");
+// src/lib/external-agent-metadata.ts
+var import_fs14 = require("fs");
+var import_path12 = require("path");
+var EXTERNAL_AGENT_METADATA_FILENAMES = [
+  "external-agent-metadata.json",
+  "agent-metadata.json"
+];
+var PUBLIC_DOC_URL_RE = /^https:\/\/frontofhouse\.okii\.uk(?:\/[A-Za-z0-9._~:/?#[\]@!$&'()*+,;=%-]*)?$/;
+function normalizeDocUrl(value) {
+  const raw = typeof value === "string" ? value : value && typeof value === "object" && typeof value.url === "string" ? String(value.url) : "";
+  const url2 = raw.trim().replace(/[.?!:]+$/g, "");
+  if (!PUBLIC_DOC_URL_RE.test(url2)) return null;
+  return url2;
+}
+function collectDocsFrom(value, docs) {
+  if (Array.isArray(value)) {
+    for (const entry of value) {
+      const url2 = normalizeDocUrl(entry);
+      if (url2) docs.add(url2);
+    }
+  }
+}
+function readExternalAgentMetadata(runDir) {
+  for (const filename of EXTERNAL_AGENT_METADATA_FILENAMES) {
+    const path2 = (0, import_path12.join)(runDir, filename);
+    if (!(0, import_fs14.existsSync)(path2)) continue;
+    try {
+      const parsed = JSON.parse((0, import_fs14.readFileSync)(path2, "utf8"));
+      const docs = /* @__PURE__ */ new Set();
+      collectDocsFrom(parsed.docs_pages_used, docs);
+      collectDocsFrom(parsed.docs_pages_observed, docs);
+      collectDocsFrom(parsed.docs_used, docs);
+      collectDocsFrom(parsed.public_docs_used, docs);
+      return {
+        path: filename,
+        docs_pages_used: Array.from(docs).sort()
+      };
+    } catch {
+      return {
+        path: filename,
+        docs_pages_used: []
+      };
+    }
+  }
+  return {
+    path: null,
+    docs_pages_used: []
+  };
+}
+// src/lib/external-agent-executor.ts
 var CODEX_EXECUTOR_DENIED_ENV_PREFIXES = [
   "SUPABASE_",
   "DATABASE_",
@@ -38985,7 +39209,7 @@ function buildCodexExecutorEnv(input) {
       env[childKey] = value;
     }
   }
-  env.npm_config_cache = (0, import_path12.join)((0, import_path12.dirname)(input.runDir), ".npm-cache");
+  env.npm_config_cache = (0, import_path13.join)((0, import_path13.dirname)(input.runDir), ".npm-cache");
   env.npm_config_prefer_online = "true";
   env.npm_config_update_notifier = "false";
   env.npm_config_yes = "true";
@@ -38996,14 +39220,14 @@ function buildCodexExecutorEnv(input) {
   return env;
 }
 function normalizeForCompare(path2) {
-  const resolved = (0, import_path12.resolve)(path2);
+  const resolved = (0, import_path13.resolve)(path2);
   return process.platform === "win32" ? resolved.toLowerCase() : resolved;
 }
 function isPathInside(childPath, parentPath) {
   const child = normalizeForCompare(childPath);
   const parent = normalizeForCompare(parentPath);
-  const rel = (0, import_path12.relative)(parent, child);
-  return rel === "" || !!rel && !rel.startsWith("..") && !(0, import_path12.isAbsolute)(rel);
+  const rel = (0, import_path13.relative)(parent, child);
+  return rel === "" || !!rel && !rel.startsWith("..") && !(0, import_path13.isAbsolute)(rel);
 }
 function requireString(value, field) {
   if (typeof value !== "string" || value.trim() === "") {
@@ -39012,10 +39236,10 @@ function requireString(value, field) {
   return value;
 }
 function readBatch(batchPath) {
-  if (!(0, import_fs14.existsSync)(batchPath)) {
+  if (!(0, import_fs15.existsSync)(batchPath)) {
     throw new ExternalAgentExecutorError("external_agent_batch_not_found", `Batch file not found: ${batchPath}`);
   }
-  const parsed = JSON.parse((0, import_fs14.readFileSync)(batchPath, "utf8"));
+  const parsed = JSON.parse((0, import_fs15.readFileSync)(batchPath, "utf8"));
   if (parsed.schema_version !== "external_agent_batch_plan.v1") {
     throw new ExternalAgentExecutorError("invalid_external_agent_batch", "Batch schema_version must be external_agent_batch_plan.v1.");
   }
@@ -39040,12 +39264,29 @@ function defaultRunnerProbe(command, args) {
 function quotePowerShellArg(value) {
   return `'${value.replace(/'/g, "''")}'`;
 }
+function quoteShellArg(value) {
+  const text = String(value);
+  if (/^[A-Za-z0-9_./:=@-]+$/.test(text)) return text;
+  return `"${text.replace(/(["$`])/g, "\\$1")}"`;
+}
+function externalAgentSummaryCommand(root) {
+  return [
+    "node",
+    "scripts/summarize-external-agent-runs.mjs",
+    "--root",
+    quoteShellArg(root),
+    "--out",
+    quoteShellArg((0, import_path13.join)(root, "latest-summary.json")),
+    "--report",
+    quoteShellArg((0, import_path13.join)(root, "summary.report.json"))
+  ].join(" ");
+}
 function resolveCodexProbeCommand() {
   if (process.platform !== "win32") return "codex";
   const appData = process.env.APPDATA;
   if (appData) {
-    const appDataShim = (0, import_path12.join)(appData, "npm", "codex.cmd");
-    if ((0, import_fs14.existsSync)(appDataShim)) return appDataShim;
+    const appDataShim = (0, import_path13.join)(appData, "npm", "codex.cmd");
+    if ((0, import_fs15.existsSync)(appDataShim)) return appDataShim;
   }
   return "codex.cmd";
 }
@@ -39057,6 +39298,13 @@ function validateCodexRunner(options) {
     return {
       binaryChecked: false,
       requiredFlagsChecked: false,
+      version: null,
+      rootHelpChecked: false,
+      execHelpChecked: false,
+      supportsModernApprovalMode: true,
+      supportsLegacyFullAuto: false,
+      supportsYoloAlias: null,
+      yoloPolicy: "not_checked",
       automationMode: "ask-for-approval-never",
       globalArgs: ["--ask-for-approval", "never"],
       execArgs: []
@@ -39068,6 +39316,8 @@ function validateCodexRunner(options) {
   if (version2.error || version2.status !== 0) {
     throw new ExternalAgentExecutorError("external_agent_runner_binary_missing", "Codex runner probe failed: `codex --version` did not exit 0.");
   }
+  const versionText = `${version2.stdout}
+${version2.stderr}`.trim() || null;
   const help = probe(probeCommand, ["exec", "--help"]);
   if (help.error || help.status !== 0) {
     throw new ExternalAgentExecutorError("external_agent_runner_help_unavailable", "Codex runner probe failed: `codex exec --help` did not exit 0.");
@@ -39077,6 +39327,11 @@ ${help.stderr}`;
   const rootHelp = probe(probeCommand, ["--help"]);
   const rootHelpText = `${rootHelp.stdout}
 ${rootHelp.stderr}`;
+  const yoloHelp = probe(probeCommand, ["--yolo", "--help"]);
+  const yoloHelpText = `${yoloHelp.stdout}
+${yoloHelp.stderr}`;
+  const supportsYoloAlias = yoloHelp.status === 0 && /(?:Usage:\s*codex|Codex CLI)/i.test(yoloHelpText);
+  const yoloPolicy = supportsYoloAlias ? "observed_not_canonical" : "unsupported";
   const commonExecFlags = [
     "--cd",
     "--skip-git-repo-check",
@@ -39102,6 +39357,13 @@ ${rootHelp.stderr}`;
     return {
       binaryChecked: true,
       requiredFlagsChecked: true,
+      version: versionText,
+      rootHelpChecked: rootHelp.status === 0,
+      execHelpChecked: true,
+      supportsModernApprovalMode,
+      supportsLegacyFullAuto,
+      supportsYoloAlias,
+      yoloPolicy,
       automationMode: "ask-for-approval-never",
       globalArgs: ["--ask-for-approval", "never"],
       execArgs: []
@@ -39110,6 +39372,13 @@ ${rootHelp.stderr}`;
   return {
     binaryChecked: true,
     requiredFlagsChecked: true,
+    version: versionText,
+    rootHelpChecked: rootHelp.status === 0,
+    execHelpChecked: true,
+    supportsModernApprovalMode,
+    supportsLegacyFullAuto,
+    supportsYoloAlias,
+    yoloPolicy,
     automationMode: "full-auto",
     globalArgs: [],
     execArgs: ["--full-auto"]
@@ -39123,6 +39392,14 @@ function normalizeCodexSandboxBackend(value) {
     `Unsupported Codex sandbox backend: ${value}. Use default or legacy-landlock.`
   );
 }
+function normalizeCodexSandboxMode(value) {
+  const normalized = (value || "workspace-write").trim().toLowerCase();
+  if (normalized === "workspace-write" || normalized === "danger-full-access") return normalized;
+  throw new ExternalAgentExecutorError(
+    "invalid_codex_sandbox_mode",
+    `Unsupported Codex sandbox mode: ${value}. Use workspace-write or danger-full-access.`
+  );
+}
 function codexConfigArgs(input) {
   const args = [];
   if (input.backend === "legacy-landlock") {
@@ -39142,13 +39419,13 @@ function safeRunId(value) {
   return value.toLowerCase().replace(/[^a-z0-9_.-]+/g, "-").replace(/^-+|-+$/g, "") || "run";
 }
 function resolveWorkspaceRoot(input) {
-  if (input.workspaceRoot) return (0, import_path12.resolve)(input.workspaceRoot);
-  const batchStem = (0, import_path12.basename)((0, import_path12.resolve)(input.batchPath)).replace(/[^a-zA-Z0-9_.-]+/g, "-");
-  const repoStem = (0, import_path12.basename)((0, import_path12.resolve)(input.privateRepoRoot)).replace(/[^a-zA-Z0-9_.-]+/g, "-");
-  return (0, import_path12.resolve)((0, import_os2.tmpdir)(), "foh-external-agent-workspaces", repoStem, batchStem);
+  if (input.workspaceRoot) return (0, import_path13.resolve)(input.workspaceRoot);
+  const batchStem = (0, import_path13.basename)((0, import_path13.resolve)(input.batchPath)).replace(/[^a-zA-Z0-9_.-]+/g, "-");
+  const repoStem = (0, import_path13.basename)((0, import_path13.resolve)(input.privateRepoRoot)).replace(/[^a-zA-Z0-9_.-]+/g, "-");
+  return (0, import_path13.resolve)((0, import_os2.tmpdir)(), "foh-external-agent-workspaces", repoStem, batchStem);
 }
 function promptVersionFromPath(promptPath) {
-  const raw = (0, import_fs14.readFileSync)(promptPath, "utf8");
+  const raw = (0, import_fs15.readFileSync)(promptPath, "utf8");
   if (raw.includes("Do not assume access to the private source repository")) return "blank-setup.v1";
   return "unknown";
 }
@@ -39157,12 +39434,13 @@ function createExternalAgentExecutorPlan(options) {
   if (runner !== "codex") {
     throw new ExternalAgentExecutorError("unsupported_external_agent_runner", `Unsupported runner: ${runner}`);
   }
-  const batchPath = (0, import_path12.resolve)(options.batchPath);
+  const batchPath = (0, import_path13.resolve)(options.batchPath);
   const batch = readBatch(batchPath);
   const runnerProbe = validateCodexRunner(options);
   const codexSandboxBackend = normalizeCodexSandboxBackend(options.codexSandboxBackend);
+  const codexSandboxMode = normalizeCodexSandboxMode(options.codexSandboxMode);
   const codexNetworkAccess = options.codexNetworkAccess === true;
-  const privateRepoRoot = (0, import_path12.resolve)(options.privateRepoRoot || options.cwd || process.cwd());
+  const privateRepoRoot = (0, import_path13.resolve)(options.privateRepoRoot || options.cwd || process.cwd());
   const workspaceRoot = resolveWorkspaceRoot({ batchPath, workspaceRoot: options.workspaceRoot, privateRepoRoot });
   if (isPathInside(workspaceRoot, privateRepoRoot)) {
     throw new ExternalAgentExecutorError(
@@ -39170,17 +39448,17 @@ function createExternalAgentExecutorPlan(options) {
       `Workspace root must be outside the private repository. workspace=${workspaceRoot} repo=${privateRepoRoot}`
     );
   }
-  (0, import_fs14.mkdirSync)(workspaceRoot, { recursive: true });
-  const batchDir = (0, import_path12.resolve)(String(batch.batch_dir || (0, import_path12.resolve)(batchPath, "..")));
+  (0, import_fs15.mkdirSync)(workspaceRoot, { recursive: true });
+  const batchDir = (0, import_path13.resolve)(String(batch.batch_dir || (0, import_path13.resolve)(batchPath, "..")));
   const timeoutMinutes = Number.isFinite(options.timeoutMinutes) && Number(options.timeoutMinutes) > 0 ? Number(options.timeoutMinutes) : 30;
   const runs = batch.runs.map((run) => {
     const runId = safeRunId(requireString(run.run_id, "runs[].run_id"));
-    const runDir = (0, import_path12.resolve)(requireString(run.run_dir, `runs[${runId}].run_dir`));
-    const promptPath = (0, import_path12.resolve)(requireString(run.prompt_path, `runs[${runId}].prompt_path`));
-    const workspaceDir = (0, import_path12.join)(workspaceRoot, runId);
-    (0, import_fs14.mkdirSync)(workspaceDir, { recursive: true });
-    (0, import_fs14.writeFileSync)(
-      (0, import_path12.join)(workspaceDir, "README.md"),
+    const runDir = (0, import_path13.resolve)(requireString(run.run_dir, `runs[${runId}].run_dir`));
+    const promptPath = (0, import_path13.resolve)(requireString(run.prompt_path, `runs[${runId}].prompt_path`));
+    const workspaceDir = (0, import_path13.join)(workspaceRoot, runId);
+    (0, import_fs15.mkdirSync)(workspaceDir, { recursive: true });
+    (0, import_fs15.writeFileSync)(
+      (0, import_path13.join)(workspaceDir, "README.md"),
       [
         "# FOH External-Agent Workspace",
         "",
@@ -39197,11 +39475,11 @@ function createExternalAgentExecutorPlan(options) {
       promptVersion: promptVersionFromPath(promptPath)
     });
     const promptVersion = String(env[EXTERNAL_AGENT_PROMPT_VERSION_ENV] || "unknown");
-    const jsonlPath = (0, import_path12.join)(runDir, "codex-exec.jsonl");
-    const lastMessagePath = (0, import_path12.join)(runDir, "codex-last-message.md");
-    const stderrPath = (0, import_path12.join)(runDir, "codex-stderr.txt");
-    const runPath = (0, import_path12.join)(runDir, "run.json");
-    const artifactSafetyPath = (0, import_path12.join)(runDir, "artifact-safety.json");
+    const jsonlPath = (0, import_path13.join)(runDir, "codex-exec.jsonl");
+    const lastMessagePath = (0, import_path13.join)(runDir, "codex-last-message.md");
+    const stderrPath = (0, import_path13.join)(runDir, "codex-stderr.txt");
+    const runPath = (0, import_path13.join)(runDir, "run.json");
+    const artifactSafetyPath = (0, import_path13.join)(runDir, "artifact-safety.json");
     const args = [
       ...runnerProbe.globalArgs,
       "exec",
@@ -39212,7 +39490,7 @@ function createExternalAgentExecutorPlan(options) {
       "--ephemeral",
       "--ignore-rules",
       "--sandbox",
-      "workspace-write",
+      codexSandboxMode,
       ...runnerProbe.execArgs,
       "--json",
       "--output-last-message",
@@ -39257,9 +39535,19 @@ function createExternalAgentExecutorPlan(options) {
       denied_env_names: [...CODEX_EXECUTOR_DENIED_ENV_NAMES],
       runner_probe: {
         binary_checked: runnerProbe.binaryChecked,
-        required_flags_checked: runnerProbe.requiredFlagsChecked
+        required_flags_checked: runnerProbe.requiredFlagsChecked,
+        version: runnerProbe.version,
+        root_help_checked: runnerProbe.rootHelpChecked,
+        exec_help_checked: runnerProbe.execHelpChecked,
+        supports_modern_approval_mode: runnerProbe.supportsModernApprovalMode,
+        supports_legacy_full_auto: runnerProbe.supportsLegacyFullAuto,
+        supports_yolo_alias: runnerProbe.supportsYoloAlias,
+        selected_automation_mode: runnerProbe.automationMode,
+        canonical_command_policy: "explicit-flags",
+        yolo_policy: runnerProbe.yoloPolicy
       },
       codex_automation_mode: runnerProbe.automationMode,
+      codex_sandbox_mode: codexSandboxMode,
       codex_sandbox_backend: codexSandboxBackend,
       codex_network_access: codexNetworkAccess
     },
@@ -39267,55 +39555,55 @@ function createExternalAgentExecutorPlan(options) {
   };
 }
 function writeExternalAgentExecutorPlan(plan) {
-  const path2 = (0, import_path12.join)(plan.batch_dir, "executor-plan.json");
-  (0, import_fs14.mkdirSync)(plan.batch_dir, { recursive: true });
-  (0, import_fs14.writeFileSync)(path2, `${JSON.stringify(plan, null, 2)}
+  const path2 = (0, import_path13.join)(plan.batch_dir, "executor-plan.json");
+  (0, import_fs15.mkdirSync)(plan.batch_dir, { recursive: true });
+  (0, import_fs15.writeFileSync)(path2, `${JSON.stringify(plan, null, 2)}
 `, "utf8");
   return path2;
 }
 function proofArtifactPasses(runDir) {
-  const proofPath = (0, import_path12.join)(runDir, "proof.json");
-  if (!(0, import_fs14.existsSync)(proofPath)) return false;
+  const proofPath = (0, import_path13.join)(runDir, "proof.json");
+  if (!(0, import_fs15.existsSync)(proofPath)) return false;
   try {
-    const parsed = JSON.parse((0, import_fs14.readFileSync)(proofPath, "utf8"));
+    const parsed = JSON.parse((0, import_fs15.readFileSync)(proofPath, "utf8"));
     return parsed.ok === true || parsed.status === "pass" || parsed.status === "passed";
   } catch {
     return false;
   }
 }
 function readIfExists(path2) {
-  return (0, import_fs14.existsSync)(path2) ? (0, import_fs14.readFileSync)(path2, "utf8") : "";
+  return (0, import_fs15.existsSync)(path2) ? (0, import_fs15.readFileSync)(path2, "utf8") : "";
 }
 function redactArtifactFile(path2, input = {}) {
-  if (!(0, import_fs14.existsSync)(path2)) return;
-  const original = (0, import_fs14.readFileSync)(path2, "utf8");
+  if (!(0, import_fs15.existsSync)(path2)) return;
+  const original = (0, import_fs15.readFileSync)(path2, "utf8");
   const redacted = redactExternalAgentArtifactText(original, input);
-  if (redacted !== original) (0, import_fs14.writeFileSync)(path2, redacted, "utf8");
+  if (redacted !== original) (0, import_fs15.writeFileSync)(path2, redacted, "utf8");
 }
 function redactOutputArtifacts(run, input = {}) {
   redactArtifactFile(run.outputs.jsonl, input);
   redactArtifactFile(run.outputs.last_message, input);
   redactArtifactFile(run.outputs.stderr, input);
-  redactArtifactFile((0, import_path12.join)(run.run_dir, "commands.ndjson"), input);
-  if (!(0, import_fs14.existsSync)(run.run_dir)) return;
-  for (const name of (0, import_fs14.readdirSync)(run.run_dir)) {
+  redactArtifactFile((0, import_path13.join)(run.run_dir, "commands.ndjson"), input);
+  if (!(0, import_fs15.existsSync)(run.run_dir)) return;
+  for (const name of (0, import_fs15.readdirSync)(run.run_dir)) {
     if (name.startsWith("command-output-cmd_") && !name.endsWith(".redacted")) {
-      redactArtifactFile((0, import_path12.join)(run.run_dir, name), input);
+      redactArtifactFile((0, import_path13.join)(run.run_dir, name), input);
     }
   }
 }
 function copyCommandCaptureArtifacts(input) {
-  const commandLog = (0, import_path12.join)(input.captureDir, "commands.ndjson");
-  if (!(0, import_fs14.existsSync)(commandLog)) return;
-  (0, import_fs14.writeFileSync)((0, import_path12.join)(input.runDir, "commands.ndjson"), (0, import_fs14.readFileSync)(commandLog, "utf8"), "utf8");
-  for (const name of (0, import_fs14.readdirSync)(input.captureDir)) {
+  const commandLog = (0, import_path13.join)(input.captureDir, "commands.ndjson");
+  if (!(0, import_fs15.existsSync)(commandLog)) return;
+  (0, import_fs15.writeFileSync)((0, import_path13.join)(input.runDir, "commands.ndjson"), (0, import_fs15.readFileSync)(commandLog, "utf8"), "utf8");
+  for (const name of (0, import_fs15.readdirSync)(input.captureDir)) {
     if (name.startsWith("command-output-cmd_")) {
-      (0, import_fs14.copyFileSync)((0, import_path12.join)(input.captureDir, name), (0, import_path12.join)(input.runDir, name));
+      (0, import_fs15.copyFileSync)((0, import_path13.join)(input.captureDir, name), (0, import_path13.join)(input.runDir, name));
     }
   }
 }
 function relativeArtifactName(path2) {
-  return (0, import_path12.basename)(path2);
+  return (0, import_path13.basename)(path2);
 }
 function classifyRun(input) {
   if (input.timedOut) return { status: "hold", reasonCode: "codex_runner_timeout" };
@@ -39367,7 +39655,7 @@ ${stderr}`;
   if (/(?:blocked|rejected|declined) by policy|EXEC_POLICY_BLOCKED|command execution was rejected|shell commands were rejected/i.test(combined)) {
     return { status: "hold", reasonCode: "codex_exec_policy_blocked" };
   }
-  if (/bwrap:.*(?:RTM_NEWADDR|Operation not permitted)|bubblewrap.*(?:RTM_NEWADDR|Operation not permitted)|Failed RTM_NEWADDR|ENV_SANDBOX_EXEC_BLOCKED/i.test(combined)) {
+  if (/bwrap:.*(?:RTM_NEWADDR|Operation not permitted|setting up uid map: Permission denied)|bubblewrap.*(?:RTM_NEWADDR|Operation not permitted|setting up uid map: Permission denied)|Failed RTM_NEWADDR|ENV_SANDBOX_EXEC_BLOCKED|permission profiles requiring direct runtime enforcement are incompatible with --use-legacy-landlock|legacy[_ -]?landlock.*incompatible/i.test(combined)) {
     return { status: "hold", reasonCode: "codex_sandbox_exec_blocked" };
   }
   if (/ENV_NETWORK_DNS_BLOCK|Could not resolve host|npm ping.*timeout|NO_EXECUTABLE_INSTALL/i.test(combined)) {
@@ -39409,6 +39697,7 @@ ${stderr}`;
 }
 function buildExecutedRunArtifact(input) {
   const commands = readCommandRecords(input.run.run_dir);
+  const agentMetadata = readExternalAgentMetadata(input.run.run_dir);
   return {
     schema_version: "external_agent_run.v1",
     run_id: input.run.run_id,
@@ -39440,7 +39729,7 @@ function buildExecutedRunArtifact(input) {
       "npx --yes @f-o-h/cli@latest"
     ],
     commands_run: commands.map((command) => command.command),
-    docs_pages_used: [],
+    docs_pages_used: agentMetadata.docs_pages_used,
     eval_state: {
       org_reuse_expected: true,
       agent_reuse_expected: true,
@@ -39454,21 +39743,22 @@ function buildExecutedRunArtifact(input) {
     },
     artifacts: {
       terminal_transcript: relativeArtifactName(input.run.outputs.jsonl),
-      command_log: (0, import_fs14.existsSync)((0, import_path12.join)(input.run.run_dir, "commands.ndjson")) ? "commands.ndjson" : null,
-      proof_bundle: (0, import_fs14.existsSync)((0, import_path12.join)(input.run.run_dir, "proof.json")) ? "proof.json" : null,
-      replay_packet: (0, import_fs14.existsSync)((0, import_path12.join)(input.run.run_dir, "replay.json")) ? "replay.json" : null,
-      knowledge_packet: (0, import_fs14.existsSync)((0, import_path12.join)(input.run.run_dir, "knowledge.json")) ? "knowledge.json" : null,
+      command_log: (0, import_fs15.existsSync)((0, import_path13.join)(input.run.run_dir, "commands.ndjson")) ? "commands.ndjson" : null,
+      proof_bundle: (0, import_fs15.existsSync)((0, import_path13.join)(input.run.run_dir, "proof.json")) ? "proof.json" : null,
+      replay_packet: (0, import_fs15.existsSync)((0, import_path13.join)(input.run.run_dir, "replay.json")) ? "replay.json" : null,
+      knowledge_packet: (0, import_fs15.existsSync)((0, import_path13.join)(input.run.run_dir, "knowledge.json")) ? "knowledge.json" : null,
       improvement_packet: input.status === "pass" ? null : "improvement-packet.json",
-      notes: (0, import_fs14.existsSync)((0, import_path12.join)(input.run.run_dir, "notes.md")) ? "notes.md" : null,
+      agent_metadata: agentMetadata.path,
+      notes: (0, import_fs15.existsSync)((0, import_path13.join)(input.run.run_dir, "notes.md")) ? "notes.md" : null,
       codex_last_message: relativeArtifactName(input.run.outputs.last_message),
       codex_stderr: relativeArtifactName(input.run.outputs.stderr),
       artifact_safety: relativeArtifactName(input.run.outputs.artifact_safety)
     },
     summary: input.status === "pass" ? "Controlled Codex external-agent run produced passing proof evidence." : `Controlled Codex external-agent run ended as ${input.status} with reason ${input.reasonCode}.`,
-    next_commands: input.status === "pass" ? ["corepack pnpm eval:external-agent:runs:summary"] : [
+    next_commands: input.status === "pass" ? [externalAgentSummaryCommand((0, import_path13.dirname)(input.run.run_dir))] : [
       "foh eval external-agent scan-artifacts --run-dir <run_dir> --private-repo-root <private_repo_root> --write-redacted --json",
       "foh bug improve --from external-agent-run --file <run_dir>/run.json --out <run_dir>/improvement-packet.json --json",
-      "corepack pnpm eval:external-agent:runs:summary"
+      externalAgentSummaryCommand((0, import_path13.dirname)(input.run.run_dir))
     ]
   };
 }
@@ -39483,8 +39773,8 @@ function spawnCodex(input) {
       stdio: ["pipe", "pipe", "pipe"],
       windowsHide: true
     });
-    const stdout = (0, import_fs14.createWriteStream)(input.stdoutPath, { flags: "w" });
-    const stderr = (0, import_fs14.createWriteStream)(input.stderrPath, { flags: "w" });
+    const stdout = (0, import_fs15.createWriteStream)(input.stdoutPath, { flags: "w" });
+    const stderr = (0, import_fs15.createWriteStream)(input.stderrPath, { flags: "w" });
     child.stdout.pipe(stdout);
     child.stderr.pipe(stderr);
     child.stdin.end(input.prompt);
@@ -39521,8 +39811,8 @@ function spawnCodex(input) {
 }
 function buildCommandInvocation(command, args) {
   if (process.platform === "win32" && command.toLowerCase().endsWith(".cmd")) {
-    const codexEntrypoint = (0, import_path12.join)((0, import_path12.dirname)(command), "node_modules", "@openai", "codex", "bin", "codex.js");
-    if ((0, import_fs14.existsSync)(codexEntrypoint)) return { command: process.execPath, args: [codexEntrypoint, ...args] };
+    const codexEntrypoint = (0, import_path13.join)((0, import_path13.dirname)(command), "node_modules", "@openai", "codex", "bin", "codex.js");
+    if ((0, import_fs15.existsSync)(codexEntrypoint)) return { command: process.execPath, args: [codexEntrypoint, ...args] };
   }
   return { command, args };
 }
@@ -39532,8 +39822,8 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
   const runnerCommand = options.runnerCommand || resolveCodexExecutionCommand();
   for (const run of plan.runs) {
     const runStartedAt = (/* @__PURE__ */ new Date()).toISOString();
-    const commandCaptureDir = (0, import_path12.join)(run.workspace_dir, ".foh-capture");
-    (0, import_fs14.mkdirSync)(commandCaptureDir, { recursive: true });
+    const commandCaptureDir = (0, import_path13.join)(run.workspace_dir, ".foh-capture");
+    (0, import_fs15.mkdirSync)(commandCaptureDir, { recursive: true });
     const env = buildCodexExecutorEnv({
       sourceEnv: options.env,
       runDir: commandCaptureDir,
@@ -39544,7 +39834,7 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
       args: run.args,
       cwd: run.workspace_dir,
       env,
-      prompt: (0, import_fs14.readFileSync)(run.prompt_path, "utf8"),
+      prompt: (0, import_fs15.readFileSync)(run.prompt_path, "utf8"),
       stdoutPath: run.outputs.jsonl,
       stderrPath: run.outputs.stderr,
       timeoutMs: plan.timeout_minutes * 60 * 1e3
@@ -39557,7 +39847,7 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
       privateRepoRoot,
       writeRedacted: true
     });
-    (0, import_fs14.writeFileSync)(run.outputs.artifact_safety, `${JSON.stringify(artifactSafety, null, 2)}
+    (0, import_fs15.writeFileSync)(run.outputs.artifact_safety, `${JSON.stringify(artifactSafety, null, 2)}
 `, "utf8");
     const runEndedAt = (/* @__PURE__ */ new Date()).toISOString();
     const classification = classifyRun({
@@ -39576,7 +39866,7 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
       timedOut: spawned.timedOut,
       durationMs: spawned.durationMs
     });
-    (0, import_fs14.writeFileSync)(run.outputs.run, `${JSON.stringify(runArtifact, null, 2)}
+    (0, import_fs15.writeFileSync)(run.outputs.run, `${JSON.stringify(runArtifact, null, 2)}
 `, "utf8");
     results.push({
       run_id: run.run_id,
@@ -39609,7 +39899,7 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
 var DEFAULT_PROMPT_VERSION = "blank-setup.v1";
 var DEFAULT_BATCH_MODELS = "openai/codex,anthropic/claude,cursor/agent";
 var PROMPTS = {
-  "blank-setup.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`, because cached older packages can produce invalid evidence. Install or verify the FOH CLI, authenticate or reach a deterministic auth blocker, then create or configure a Front Of House voice agent and website widget. Prefer the certification-oriented buyer templates: run `npx --yes @f-o-h/cli@latest templates list --category buyer --json` and use `UK Buyer Qualification` or `Viewing Booking` when available; do not use a greeting-only template for proof/certification. Prefer `npx --yes @f-o-h/cli@latest setup --phone-mode observe` for the free scaffold path: agent, widget, voice config, smoke test, certification, and publish readiness together. Treat phone-number purchasing as an explicit paid/scarce contact-path step, not part of high-volume eval setup. If `FOH_CLI_SPEND_POLICY=no_spend` is active and a command returns `paid_resource_blocked_by_spend_policy`, do not try to bypass it; continue widget/setup proof and report that exact reason code for the phone path. Run proof/smoke/certification where available, including widget proof and voice proof. If voice proof returns `contact_phone_missing` or `voice_contact_expected_no_spend_hold`, report that exact reason code unless a BYON/customer-approved phone path already exists. Produce a final evidence summary with commands run, docs used, artifacts created, and any blocker reason codes. Do not assume access to the private source repository.",
+  "blank-setup.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`, because cached older packages can produce invalid evidence. Install or verify the FOH CLI, authenticate or reach a deterministic auth blocker, then create or configure a Front Of House voice agent and website widget. Prefer the certification-oriented buyer templates: run `npx --yes @f-o-h/cli@latest templates list --category buyer --json` and use `UK Buyer Qualification` or `Viewing Booking` when available; do not use a greeting-only template for proof/certification. Prefer `npx --yes @f-o-h/cli@latest setup --phone-mode observe` for the free scaffold path: agent, widget, voice config, smoke test, certification, and publish readiness together. Treat phone-number purchasing as an explicit paid/scarce contact-path step, not part of high-volume eval setup. If `FOH_CLI_SPEND_POLICY=no_spend` is active and a command returns `paid_resource_blocked_by_spend_policy`, do not try to bypass it; continue widget/setup proof and report that exact reason code for the phone path. Run proof/smoke/certification where available, including widget proof and voice proof. When running more than one `foh prove` mission for the same agent, pass `--proof-cache-dir .foh/proof-cache` so simulation certification can be shared instead of recomputed. If voice proof returns `contact_phone_missing` or `voice_contact_expected_no_spend_hold`, report that exact reason code unless a BYON/customer-approved phone path already exists. If `FOH_EXTERNAL_AGENT_RUN_DIR` is set, write `${FOH_EXTERNAL_AGENT_RUN_DIR}/external-agent-metadata.json` with `schema_version`, `docs_pages_used`, key decisions, and blocker reason codes before finishing. Produce a final evidence summary with commands run, docs used, artifacts created, and any blocker reason codes. Do not assume access to the private source repository.",
   "debug-proof-failure.v1": "You are given a FOH proof or debug artifact. Use public docs and FOH CLI/API behavior to classify whether the blocker is docs, auth, org setup, agent config, widget, channel, runtime, or product bug. Produce a redacted improvement packet or the exact command needed to produce one. Do not ask the human to interpret logs manually unless no machine-readable artifact exists.",
   "knowledge-miss.v1": "A FOH agent failed to answer a business question. Use CLI/API/docs to determine whether this is a knowledge-ingestion issue, retrieval issue, config issue, prompt/behavior issue, or runtime issue. Prefer foh knowledge query, transcript export, replay, and foh bug improve artifacts over screenshots.",
   "replay-failure.v1": "You are given a FOH transcript or replay artifact. Use CLI/API/docs to replay or inspect the failed interaction, identify expected vs actual behavior, and produce a scenario-test or improvement-packet candidate."
@@ -39624,13 +39914,13 @@ function defaultRunDir(modelName, promptVersion) {
   const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").replace("T", "-").slice(0, 23);
   const safeModel = String(modelName || "unknown-model").toLowerCase().replace(/[^a-z0-9_-]+/g, "-");
   const safePrompt = String(promptVersion || DEFAULT_PROMPT_VERSION).toLowerCase().replace(/[^a-z0-9_.-]+/g, "-");
-  return (0, import_path13.resolve)("test-results", "external-agent-runs", date4, `${safeModel}-${safePrompt}-${stamp}`);
+  return (0, import_path14.resolve)("test-results", "external-agent-runs", date4, `${safeModel}-${safePrompt}-${stamp}`);
 }
 function defaultBatchDir(promptVersion) {
   const date4 = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
   const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").replace("T", "-").slice(0, 23);
   const safePrompt = String(promptVersion || DEFAULT_PROMPT_VERSION).toLowerCase().replace(/[^a-z0-9_.-]+/g, "-");
-  return (0, import_path13.resolve)("test-results", "external-agent-runs", date4, `batch-${safePrompt}-${stamp}`);
+  return (0, import_path14.resolve)("test-results", "external-agent-runs", date4, `batch-${safePrompt}-${stamp}`);
 }
 function safeSlug(value) {
   return String(value || "unknown").toLowerCase().replace(/[^a-z0-9_.-]+/g, "-").replace(/^-+|-+$/g, "") || "unknown";
@@ -39640,6 +39930,20 @@ function quoteArg(value) {
   if (/^[A-Za-z0-9_./:=@-]+$/.test(text)) return text;
   return `"${text.replace(/(["$`])/g, "\\$1")}"`;
 }
+function externalAgentSummaryCommand2(root) {
+  const summaryPath = (0, import_path14.join)(root, "latest-summary.json");
+  const reportPath = (0, import_path14.join)(root, "summary.report.json");
+  return [
+    "node",
+    "scripts/summarize-external-agent-runs.mjs",
+    "--root",
+    quoteArg(root),
+    "--out",
+    quoteArg(summaryPath),
+    "--report",
+    quoteArg(reportPath)
+  ].join(" ");
+}
 function parseModelSpec(raw) {
   const [provider, ...nameParts] = String(raw || "").split("/");
   const name = nameParts.join("/");
@@ -39658,14 +39962,14 @@ function inferShell(raw) {
 }
 function writePrompt(runDir, promptVersion) {
   const prompt = PROMPTS[promptVersion] ?? PROMPTS[DEFAULT_PROMPT_VERSION];
-  const path2 = (0, import_path13.join)(runDir, "prompt.txt");
-  (0, import_fs15.writeFileSync)(path2, `${prompt}
+  const path2 = (0, import_path14.join)(runDir, "prompt.txt");
+  (0, import_fs16.writeFileSync)(path2, `${prompt}
 `, "utf8");
   return path2;
 }
 function writeSession(runDir, session) {
-  const path2 = (0, import_path13.join)(runDir, "session.json");
-  (0, import_fs15.writeFileSync)(path2, `${JSON.stringify(session, null, 2)}
+  const path2 = (0, import_path14.join)(runDir, "session.json");
+  (0, import_fs16.writeFileSync)(path2, `${JSON.stringify(session, null, 2)}
 `, "utf8");
   return path2;
 }
@@ -39684,6 +39988,7 @@ function buildDefaultEvalState() {
 }
 function buildRunArtifact(input) {
   const commands = readCommandRecords(input.runDir);
+  const agentMetadata = readExternalAgentMetadata(input.runDir);
   const startedAt = String(input.session.started_at);
   const endedAt = (/* @__PURE__ */ new Date()).toISOString();
   const status = input.status;
@@ -39717,7 +40022,7 @@ function buildRunArtifact(input) {
       "npx --yes @f-o-h/cli@latest"
     ],
     commands_run: commands.map((command) => command.command),
-    docs_pages_used: [],
+    docs_pages_used: agentMetadata.docs_pages_used,
     eval_state: buildDefaultEvalState(),
     artifacts: {
       terminal_transcript: null,
@@ -39726,12 +40031,13 @@ function buildRunArtifact(input) {
       replay_packet: null,
       knowledge_packet: null,
       improvement_packet: status === "pass" ? null : "improvement-packet.json",
+      agent_metadata: agentMetadata.path,
       notes: "notes.md"
     },
     summary: status === "pass" ? "External-agent capture session completed and was marked pass." : `External-agent capture session completed with ${commands.length} captured FOH command(s); classify and improve reason ${reasonCode}.`,
-    next_commands: status === "pass" ? ["corepack pnpm eval:external-agent:runs:summary"] : [
-      `foh bug improve --from external-agent-run --file ${(0, import_path13.join)(input.runDir, "run.json")} --out ${(0, import_path13.join)(input.runDir, "improvement-packet.json")} --json`,
-      "corepack pnpm eval:external-agent:runs:summary"
+    next_commands: status === "pass" ? [externalAgentSummaryCommand2((0, import_path14.dirname)(input.runDir))] : [
+      `foh bug improve --from external-agent-run --file ${(0, import_path14.join)(input.runDir, "run.json")} --out ${(0, import_path14.join)(input.runDir, "improvement-packet.json")} --json`,
+      externalAgentSummaryCommand2((0, import_path14.dirname)(input.runDir))
     ]
   };
 }
@@ -39740,13 +40046,13 @@ function registerEval(program3) {
   const external = evalCommand.command("external-agent").description("Capture clean external coding-agent setup attempts");
   external.command("batch").description("Create a deterministic multi-model external-agent batch plan").option("--models <list>", "Comma-separated provider/model list", DEFAULT_BATCH_MODELS).option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Batch output directory").option("--json", "Output as JSON").action(async (opts) => {
     const promptVersion = String(opts.promptVersion || DEFAULT_PROMPT_VERSION);
-    const batchDir = (0, import_path13.resolve)(String(opts.outDir || defaultBatchDir(promptVersion)));
+    const batchDir = (0, import_path14.resolve)(String(opts.outDir || defaultBatchDir(promptVersion)));
     const models = parseModelList(String(opts.models || DEFAULT_BATCH_MODELS));
-    (0, import_fs15.mkdirSync)(batchDir, { recursive: true });
+    (0, import_fs16.mkdirSync)(batchDir, { recursive: true });
     const runs = models.map((model, index) => {
       const runId = `${String(index + 1).padStart(2, "0")}-${safeSlug(model.provider)}-${safeSlug(model.name)}`;
-      const runDir = (0, import_path13.join)(batchDir, runId);
-      (0, import_fs15.mkdirSync)(runDir, { recursive: true });
+      const runDir = (0, import_path14.join)(batchDir, runId);
+      (0, import_fs16.mkdirSync)(runDir, { recursive: true });
       const promptPath = writePrompt(runDir, promptVersion);
       const commandArgs = [
         "eval",
@@ -39785,10 +40091,10 @@ function registerEval(program3) {
       agent_shell: String(opts.agentShell || "vscode-terminal"),
       run_count: runs.length,
       runs,
-      summary_command: `corepack pnpm eval:external-agent:runs:summary -- --root ${batchDir}`
+      summary_command: externalAgentSummaryCommand2(batchDir)
     };
-    const batchPath = (0, import_path13.join)(batchDir, "batch.json");
-    (0, import_fs15.writeFileSync)(batchPath, `${JSON.stringify(batch, null, 2)}
+    const batchPath = (0, import_path14.join)(batchDir, "batch.json");
+    (0, import_fs16.writeFileSync)(batchPath, `${JSON.stringify(batch, null, 2)}
 `, "utf8");
     format(cliEnvelope({
       schemaVersion: "external_agent_batch_plan_result.v1",
@@ -39808,8 +40114,8 @@ function registerEval(program3) {
   external.command("run").description("Launch an instrumented shell and emit external_agent_run.v1 when it exits").option("--model-provider <name>", "Model provider label", "unknown").option("--model-name <name>", "Model name label", "unknown-model").option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Run output directory").option("--status <status>", "Final status when not interactively classified: pass|hold|fail", "hold").option("--reason-code <code>", "Failure/hold reason code", "external_agent_run_needs_review").option("--shell <command>", "Shell command to launch for capture").option("--no-shell", "Do not launch a shell; create/finalize artifacts immediately").option("--json", "Output as JSON").action(async (opts) => {
     const status = normalizeStatus(opts.status);
     const promptVersion = String(opts.promptVersion || DEFAULT_PROMPT_VERSION);
-    const runDir = (0, import_path13.resolve)(String(opts.outDir || defaultRunDir(opts.modelName, promptVersion)));
-    (0, import_fs15.mkdirSync)(runDir, { recursive: true });
+    const runDir = (0, import_path14.resolve)(String(opts.outDir || defaultRunDir(opts.modelName, promptVersion)));
+    (0, import_fs16.mkdirSync)(runDir, { recursive: true });
     const runId = runDir.split(/[\\/]/).filter(Boolean).slice(-1)[0];
     const promptPath = writePrompt(runDir, promptVersion);
     const shell = inferShell(opts.shell);
@@ -39832,7 +40138,7 @@ function registerEval(program3) {
       }
     };
     writeSession(runDir, session);
-    (0, import_fs15.writeFileSync)((0, import_path13.join)(runDir, "notes.md"), "# External Agent Run Notes\n\n", "utf8");
+    (0, import_fs16.writeFileSync)((0, import_path14.join)(runDir, "notes.md"), "# External Agent Run Notes\n\n", "utf8");
     let shellExitCode = null;
     if (opts.shell !== false) {
       process.stdout.write(`
@@ -39854,8 +40160,8 @@ Exit the shell to finalize run.json.
       shellExitCode = typeof result.status === "number" ? result.status : null;
     }
     const artifact = buildRunArtifact({ runDir, session, status, reasonCode: opts.reasonCode, shellExitCode });
-    const runPath = (0, import_path13.join)(runDir, "run.json");
-    (0, import_fs15.writeFileSync)(runPath, `${JSON.stringify(artifact, null, 2)}
+    const runPath = (0, import_path14.join)(runDir, "run.json");
+    (0, import_fs16.writeFileSync)(runPath, `${JSON.stringify(artifact, null, 2)}
 `, "utf8");
     format(cliEnvelope({
       schemaVersion: "external_agent_capture_result.v1",
@@ -39865,7 +40171,7 @@ Exit the shell to finalize run.json.
       artifacts: {
         run: runPath,
         prompt: promptPath,
-        commands: (0, import_path13.join)(runDir, "commands.ndjson")
+        commands: (0, import_path14.join)(runDir, "commands.ndjson")
       },
       nextCommands: artifact.next_commands,
       extra: { run: artifact }
@@ -39890,7 +40196,7 @@ Exit the shell to finalize run.json.
     }), { json: Boolean(opts.json) });
     if (!report.ok) process.exitCode = 1;
   });
-  external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
+  external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-sandbox-mode <mode>", "Codex sandbox mode: workspace-write|danger-full-access", "workspace-write").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
     try {
       const plan = createExternalAgentExecutorPlan({
         batchPath: String(opts.batch),
@@ -39899,6 +40205,7 @@ Exit the shell to finalize run.json.
         privateRepoRoot: opts.privateRepoRoot ? String(opts.privateRepoRoot) : void 0,
         timeoutMinutes: Number(opts.timeoutMinutes || 30),
         codexSandboxBackend: String(opts.codexSandboxBackend || "default"),
+        codexSandboxMode: String(opts.codexSandboxMode || "workspace-write"),
         codexNetworkAccess: Boolean(opts.codexNetworkAccess),
         skipRunnerProbe: Boolean(opts.skipRunnerProbe),
         cwd: process.cwd()
@@ -39922,8 +40229,8 @@ Exit the shell to finalize run.json.
         const result = await executeExternalAgentExecutorPlan(plan, {
           privateRepoRoot: plan.private_repo_root
         });
-        const resultPath = (0, import_path13.join)(plan.batch_dir, "execution-result.json");
-        (0, import_fs15.writeFileSync)(resultPath, `${JSON.stringify(result, null, 2)}
+        const resultPath = (0, import_path14.join)(plan.batch_dir, "execution-result.json");
+        (0, import_fs16.writeFileSync)(resultPath, `${JSON.stringify(result, null, 2)}
 `, "utf8");
         format(cliEnvelope({
           schemaVersion: "external_agent_execution_result.v1",
@@ -39937,7 +40244,7 @@ Exit the shell to finalize run.json.
           },
           nextCommands: [
             ...result.results.map((run) => `foh eval external-agent scan-artifacts --run-dir ${quoteArg(plan.runs.find((item) => item.run_id === run.run_id)?.run_dir || ".")} --private-repo-root ${quoteArg(plan.private_repo_root)} --write-redacted --json`),
-            "corepack pnpm eval:external-agent:runs:summary"
+            externalAgentSummaryCommand2(plan.batch_dir)
           ],
           extra: { result }
         }), { json: Boolean(opts.json) });