@fusionkit/cli 0.1.4 → 0.1.6

package/dist/test/cli.test.js

@@ -6,16 +6,19 @@ import { existsSync, mkdtempSync, readFileSync, rmSync, writeFileSync, mkdirSync
 import { tmpdir } from "node:os";
 import { join } from "node:path";
 import { fileURLToPath } from "node:url";
-import { after, before, test } from "node:test";
+import { test } from "node:test";
 import { MODEL_FUSION_SCHEMA_BUNDLE_HASH } from "@fusionkit/protocol";
-import { makeRepo as makeStackRepo, mockRunRequest, startStack, uploadWorkspace } from "@fusionkit/testkit";
 const CLI = fileURLToPath(new URL("../index.js", import.meta.url));
 const SMOKE_ENV_KEYS = [
+    "FUSIONKIT_CLAUDE_SMOKE",
+    "FUSIONKIT_CODEX_SMOKE",
+    "FUSIONKIT_CURSOR_SMOKE",
+    "FUSIONKIT_ENSEMBLE_LIVE_SMOKE",
     "WARRANT_CLAUDE_SMOKE",
     "WARRANT_CODEX_SMOKE",
+    "WARRANT_CURSOR_SMOKE",
     "WARRANT_ENSEMBLE_LIVE_SMOKE"
 ];
-let home;
 async function readBody(req) {
     const chunks = [];
     for await (const chunk of req)
@@ -100,7 +103,7 @@ function warrant(args, options = {}) {
         else
             env[key] = value;
     }
-    const result = spawnSync(process.execPath, [CLI, "--dir", options.dir ?? home, ...args], {
+    const result = spawnSync(process.execPath, [CLI, ...args], {
         encoding: "utf8",
         env,
         input: options.input
@@ -122,7 +125,7 @@ async function warrantAsync(args, options = {}) {
             env[key] = value;
     }
     return await new Promise((resolve) => {
-        const child = spawn(process.execPath, [CLI, "--dir", options.dir ?? home, ...args], {
+        const child = spawn(process.execPath, [CLI, ...args], {
             env,
             stdio: ["pipe", "pipe", "pipe"]
         });
@@ -145,18 +148,11 @@ async function warrantAsync(args, options = {}) {
         }
     });
 }
-before(() => {
-    home = mkdtempSync(join(tmpdir(), "warrant-cli-test-"));
-    rmSync(home, { recursive: true, force: true });
-});
-after(() => {
-    rmSync(home, { recursive: true, force: true });
-});
 test("help prints usage and lists the top-level commands", () => {
     const result = warrant(["help"]);
     assert.equal(result.status, 0);
     assert.match(result.stdout, /real model fusion behind your coding agent/);
-    for (const command of ["run", "continue", "ensemble", "local", "fusion", "ui", "codex", "claude", "cursor", "serve"]) {
+    for (const command of ["init", "ensemble", "local", "fusion", "codex", "claude", "cursor", "serve"]) {
         assert.match(result.stdout, new RegExp(`\\b${command}\\b`));
     }
 });
@@ -186,12 +182,12 @@ test("gateway acp-registry rejects an unknown action", () => {
 test("local without a tool prints usage and fails", () => {
     const result = warrant(["local"]);
     assert.equal(result.status, 1);
-    assert.match(result.stderr, /usage: warrant local </);
+    assert.match(result.stderr, /usage: fusionkit local </);
 });
 test("local rejects an unknown tool", () => {
     const result = warrant(["local", "frobnicate"]);
     assert.equal(result.status, 1);
-    assert.match(result.stderr, /usage: warrant local </);
+    assert.match(result.stderr, /usage: fusionkit local </);
 });
 test("local help documents the flags-before-tool contract", () => {
     const result = warrant(["local", "--help"]);
@@ -203,78 +199,29 @@ test("fusion help documents the flags-before-tool contract", () => {
     assert.equal(result.status, 0);
     assert.match(result.stdout, /must precede the tool name/);
 });
-test("init creates keys, config, and policy; refuses to re-init", () => {
-    const result = warrant(["init"]);
-    assert.equal(result.status, 0, result.stderr);
-    assert.match(result.stdout, /initialized warrant home/);
-    assert.match(result.stdout, /admin token \(for the control panel\)/);
-    assert.ok(existsSync(join(home, "config.json")));
-    assert.ok(existsSync(join(home, "policy.json")));
-    // The org private key is sealed at rest; a master key file is generated.
-    assert.ok(existsSync(join(home, "keys", "plane.key.enc")));
-    assert.ok(existsSync(join(home, "keys", "plane.pub.pem")));
-    assert.ok(existsSync(join(home, "master.key")));
-    const config = JSON.parse(readFileSync(join(home, "config.json"), "utf8"));
-    assert.equal(config.version, "warrant.config.v2");
-    assert.equal(config.host, "127.0.0.1");
-    // No key material lives in config.json anymore.
-    assert.equal(config.secretsKeyHex, undefined);
-    const again = warrant(["init"]);
-    assert.equal(again.status, 1);
-    assert.match(again.stderr, /already initialized/);
-});
-test("secrets are stored encrypted and listed by name only", () => {
-    const set = warrant(["secrets", "set", "NPM_TOKEN", "super-secret-value"]);
-    assert.equal(set.status, 0, set.stderr);
-    assert.match(set.stdout, /encrypted at rest/);
-    const list = warrant(["secrets", "list"]);
-    assert.equal(list.status, 0);
-    assert.equal(list.stdout.trim(), "NPM_TOKEN");
-    const stored = readFileSync(join(home, "secrets.enc"), "utf8");
-    assert.ok(!stored.includes("super-secret-value"), "value must be encrypted");
-});
-test("ui prints the control panel address and login token", () => {
-    const result = warrant(["ui"]);
-    assert.equal(result.status, 0);
-    assert.match(result.stdout, /control panel: http:\/\/127\.0\.0\.1:7172\/ui\//);
-    assert.match(result.stdout, /login token: {3}\S+/);
+test("init scaffolds a fusionkit.json and refuses to clobber without --force", () => {
+    const fixture = makeRepo();
+    try {
+        const result = warrant(["init", "--repo", fixture.repo]);
+        assert.equal(result.status, 0, result.stderr);
+        const configPath = join(fixture.repo, "fusionkit.json");
+        assert.ok(existsSync(configPath));
+        const config = JSON.parse(readFileSync(configPath, "utf8"));
+        assert.equal(config.version, "fusionkit.fusion.v1");
+        const again = warrant(["init", "--repo", fixture.repo]);
+        assert.equal(again.status, 1);
+        assert.match(again.stderr, /already exists/);
+        const forced = warrant(["init", "--repo", fixture.repo, "--force"]);
+        assert.equal(forced.status, 0, forced.stderr);
+    }
+    finally {
+        fixture.cleanup();
+    }
 });
-test("unknown commands and missing arguments fail with guidance", () => {
+test("unknown commands fail with guidance", () => {
     const unknown = warrant(["frobnicate"]);
     assert.equal(unknown.status, 1);
     assert.match(unknown.stderr, /unknown command/);
-    const missingAgent = warrant(["run", "do things"]);
-    assert.equal(missingAgent.status, 1);
-    assert.match(missingAgent.stderr, /--agent is required/);
-    const missingTask = warrant(["continue", "--agent", "mock"]);
-    assert.equal(missingTask.status, 1);
-    assert.match(missingTask.stderr, /task prompt is required/);
-    const badAgent = warrant(["continue", "--agent", "nonsense", "task"]);
-    assert.equal(badAgent.status, 1);
-    assert.match(badAgent.stderr, /unknown agent kind/);
-});
-test("verify fails closed on a tampered bundle file", () => {
-    const path = join(home, "garbage.bundle.json");
-    const fake = {
-        version: "warrant.bundle.v1",
-        contract: { signatures: [], workspace: { baseRef: "x" } },
-        receipt: {
-            contractHash: "0".repeat(64),
-            signatures: [],
-            status: "completed",
-            workspaceIn: { baseRef: "y", manifestHash: "z" },
-            workspaceOut: { diffHash: "", artifactHashes: [] },
-            secretsReleased: [],
-            eventsHead: "",
-            eventCount: 0
-        },
-        events: [],
-        keys: { planePublicKeyPem: "", runnerPublicKeyPem: "" }
-    };
-    writeFileSync(path, JSON.stringify(fake));
-    const result = warrant(["verify", path]);
-    assert.equal(result.status, 1);
-    assert.match(result.stderr, /VERIFICATION FAILED/);
 });
 function makeRepo() {
     const root = mkdtempSync(join(tmpdir(), "warrant-ensemble-cli-"));
@@ -630,7 +577,7 @@ test("ensemble dashboard writes markdown and run-result records", () => {
         assert.match(result.stdout, /records: 6/);
         assert.ok(existsSync(join(fixture.output, "dashboard.md")));
         assert.ok(existsSync(join(fixture.output, "harness-run-results", "mock-success.json")));
-        assert.ok(existsSync(join(fixture.output, "harness-run-results", "cursor-missing.json")));
+        assert.ok(existsSync(join(fixture.output, "harness-run-results", "cursor-skipped.json")));
         const dashboard = readFileSync(join(fixture.output, "dashboard.md"), "utf8");
         assert.match(dashboard, /Capability Matrix/);
         assert.match(dashboard, /command-failure/);
@@ -678,7 +625,7 @@ test("ensemble dashboard rejects unknown live-smoke targets", () => {
             "--out",
             fixture.output,
             "--live-smoke",
-            "cursor"
+            "bogus"
         ]);
         assert.equal(result.status, 1);
         assert.match(result.stderr, /--live-smoke must be/);
@@ -808,60 +755,3 @@ test("ensemble gateway test runs the unified front-door acceptance suite", async
         fixture.cleanup();
     }
 });
-test("lifecycle commands read a real run from a live plane", async () => {
-    const stack = await startStack({
-        policy: (policy) => {
-            policy.agents.allow = ["mock"];
-        }
-    });
-    const repo = makeStackRepo({ files: { "README.md": "# cli lifecycle\n" } });
-    const liveHome = mkdtempSync(join(tmpdir(), "warrant-cli-live-"));
-    rmSync(liveHome, { recursive: true, force: true });
-    try {
-        // The plane runs in this test process, so every CLI call must use the async
-        // spawner: a synchronous spawn would block the event loop and deadlock the
-        // in-process plane.
-        const init = await warrantAsync(["init"], { dir: liveHome });
-        assert.equal(init.status, 0, init.stderr);
-        // Point the freshly initialized home at the in-process test stack.
-        const configPath = join(liveHome, "config.json");
-        const config = JSON.parse(readFileSync(configPath, "utf8"));
-        config.planeUrl = stack.planeUrl;
-        config.adminToken = stack.adminToken;
-        writeFileSync(configPath, JSON.stringify(config, null, 2));
-        // Create one completed run through the SDK so the CLI has something to read.
-        const captured = await uploadWorkspace(stack.client, repo);
-        const created = await stack.client.requestRun(mockRunRequest({ prompt: "lifecycle probe", pool: stack.pool, workspace: captured.manifest }));
-        if (created.status === "awaiting_approval") {
-            await stack.client.approve(created.runId, { kind: "human", id: "cli-tester" });
-        }
-        assert.ok(await stack.runOnce());
-        const runs = await warrantAsync(["runs"], { dir: liveHome });
-        assert.equal(runs.status, 0, runs.stderr);
-        assert.match(runs.stdout, new RegExp(created.runId));
-        const receipt = await warrantAsync(["receipt", created.runId], { dir: liveHome });
-        assert.equal(receipt.status, 0, receipt.stderr);
-        const bundlePath = join(liveHome, "out.bundle.json");
-        const bundle = await warrantAsync(["bundle", created.runId, "--out", bundlePath], {
-            dir: liveHome
-        });
-        assert.equal(bundle.status, 0, bundle.stderr);
-        assert.match(bundle.stdout, /bundle written to/);
-        assert.ok(existsSync(bundlePath));
-        // The CLI round-trips its own bundle through offline verification.
-        const verify = await warrantAsync(["verify", bundlePath], { dir: liveHome });
-        assert.equal(verify.status, 0, verify.stderr);
-        assert.match(verify.stdout, /VERIFIED/);
-        const exported = await warrantAsync(["export"], { dir: liveHome });
-        assert.equal(exported.status, 0, exported.stderr);
-        assert.match(exported.stdout, new RegExp(created.runId));
-        const pull = await warrantAsync(["pull", created.runId, "--repo", repo], { dir: liveHome });
-        assert.equal(pull.status, 0, pull.stderr);
-        assert.match(pull.stdout, /applied|nothing to pull|branch/);
-    }
-    finally {
-        await stack.stop();
-        rmSync(repo, { recursive: true, force: true });
-        rmSync(liveHome, { recursive: true, force: true });
-    }
-});

package/dist/test/dashboard.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/dashboard.test.js

@@ -0,0 +1,214 @@
+import assert from "node:assert/strict";
+import { existsSync, mkdirSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { test } from "node:test";
+import { assertHarnessRunResultV1 } from "@fusionkit/protocol";
+import { gitText } from "@fusionkit/workspace";
+import { createMockHarness } from "@fusionkit/ensemble";
+import { createHarnessCapabilityMatrix, runHarnessSmokeDashboard } from "../dashboard.js";
+function makeRepo() {
+    const root = mkdtempSync(join(tmpdir(), "ensemble-dashboard-"));
+    const repo = join(root, "repo");
+    mkdirSync(repo);
+    gitText(repo, ["init", "--quiet", "--initial-branch=main"]);
+    gitText(repo, ["config", "user.email", "dashboard@warrant.local"]);
+    gitText(repo, ["config", "user.name", "dashboard"]);
+    writeFileSync(join(repo, "README.md"), "# dashboard\n");
+    gitText(repo, ["add", "-A"]);
+    gitText(repo, ["commit", "--quiet", "-m", "init"]);
+    return {
+        repo,
+        outputRoot: join(root, "dashboard-out"),
+        cleanup: () => rmSync(root, { recursive: true, force: true })
+    };
+}
+test("capability matrix covers Cursor, Claude Code, Codex, command, and mock", () => {
+    const matrix = createHarnessCapabilityMatrix({ env: {} });
+    const harnessIds = matrix.rows.map((row) => row.harnessId);
+    assert.deepEqual(harnessIds, ["codex", "claude-code", "cursor", "command", "mock"]);
+    assert.ok(matrix.capabilities.includes("model_override"));
+    assert.ok(matrix.capabilities.includes("transcript_capture"));
+    assert.ok(matrix.capabilities.includes("diff_capture"));
+    assert.ok(matrix.capabilities.includes("tool_loop_capture"));
+    assert.ok(matrix.capabilities.includes("patch_apply_visibility"));
+    assert.ok(matrix.capabilities.includes("route_model_observation"));
+    assert.ok(matrix.capabilities.includes("verification_hint"));
+    assert.ok(matrix.capabilities.includes("replay_support"));
+    assert.ok(matrix.capabilities.includes("workspace_read"));
+    assert.ok(matrix.capabilities.includes("verification"));
+    assert.equal(matrix.rows.find((row) => row.harnessId === "cursor")?.availability, "credential_gated");
+    assert.equal(matrix.rows.find((row) => row.harnessId === "claude-code")?.harnessKind, "claude_code");
+    assert.equal(matrix.rows.find((row) => row.harnessId === "codex")?.harnessKind, "codex");
+});
+test("smoke dashboard writes schema-valid success, failure, skipped, and missing records", async () => {
+    const fixture = makeRepo();
+    try {
+        const dashboard = await runHarnessSmokeDashboard({
+            repo: fixture.repo,
+            outputRoot: fixture.outputRoot,
+            timeoutMs: 1_000,
+            createdAt: "2026-06-16T00:00:00.000Z"
+        });
+        assert.equal(dashboard.records.length, 6);
+        assert.equal(existsSync(dashboard.dashboardPath), true);
+        for (const record of dashboard.records) {
+            assertHarnessRunResultV1(record.result);
+            assert.equal(existsSync(record.resultPath), true);
+            const written = JSON.parse(readFileSync(record.resultPath, "utf8"));
+            assertHarnessRunResultV1(written);
+        }
+        const statuses = dashboard.records.map((record) => record.result.status).sort();
+        assert.deepEqual(statuses, [
+            "failed",
+            "skipped",
+            "skipped",
+            "skipped",
+            "succeeded",
+            "succeeded"
+        ]);
+        assert.equal(dashboard.records.find((record) => record.taskId === "claude-code-skipped")?.result
+            .harness_kind, "claude_code");
+        assert.equal(dashboard.records.find((record) => record.taskId === "codex-skipped")?.result.harness_kind, "codex");
+        assert.equal(dashboard.records.find((record) => record.taskId === "cursor-skipped")?.result.harness_kind, "cursor");
+        assert.equal(dashboard.records.find((record) => record.taskId === "cursor-skipped")?.result.status, "skipped");
+        const markdown = readFileSync(dashboard.dashboardPath, "utf8");
+        assert.match(markdown, /# HandoffKit Harness Smoke Dashboard/);
+        assert.match(markdown, /## Capability Matrix/);
+        assert.match(markdown, /## Adapter Readiness/);
+        assert.match(markdown, /contract\/mock ready/);
+        assert.match(markdown, /credentials missing\/skipped/);
+        assert.match(markdown, /live smoke not requested/);
+        assert.match(markdown, /command-failure/);
+        assert.match(markdown, /cursor-skipped/);
+        assert.match(markdown, /harness-run-results\/mock-success\.json/);
+        assert.equal(dashboard.readiness.length, 5);
+    }
+    finally {
+        fixture.cleanup();
+    }
+});
+test("smoke dashboard only adds live records when explicit smoke env is enabled", async () => {
+    const fixture = makeRepo();
+    try {
+        const dashboard = await runHarnessSmokeDashboard({
+            repo: fixture.repo,
+            outputRoot: fixture.outputRoot,
+            timeoutMs: 1_000,
+            createdAt: "2026-06-16T00:00:00.000Z",
+            env: {},
+            liveSmoke: ["claude-code", "codex"]
+        });
+        assert.equal(dashboard.records.length, 6);
+        assert.equal(dashboard.records.some((record) => record.purpose === "live"), false);
+    }
+    finally {
+        fixture.cleanup();
+    }
+});
+test("explicit live smoke without credentials records a failed preflight", async () => {
+    const fixture = makeRepo();
+    try {
+        const dashboard = await runHarnessSmokeDashboard({
+            repo: fixture.repo,
+            outputRoot: fixture.outputRoot,
+            timeoutMs: 1_000,
+            createdAt: "2026-06-16T00:00:00.000Z",
+            env: { WARRANT_CLAUDE_SMOKE: "1" },
+            liveSmoke: ["claude-code"]
+        });
+        const live = dashboard.records.find((record) => record.taskId === "claude-code-live");
+        assert.equal(live?.purpose, "live");
+        assert.equal(live?.result.status, "failed");
+        assert.match(live?.result.output_summary ?? "", /Explicit live smoke failed before launch/);
+        assert.equal(dashboard.readiness.find((row) => row.harnessId === "claude-code")?.liveSmoke, "live smoke failed");
+    }
+    finally {
+        fixture.cleanup();
+    }
+});
+test("live smoke readiness reports sanitized local evidence refs", async () => {
+    const fixture = makeRepo();
+    const privateTranscript = "raw private transcript should not render";
+    try {
+        const claudeHarness = {
+            ...createMockHarness({
+                id: "claude-code-live-mock",
+                candidates: {
+                    claude: {
+                        transcript: privateTranscript,
+                        artifacts: [
+                            {
+                                artifact_id: "claude_safe_log",
+                                kind: "log",
+                                hash: `sha256:${"a".repeat(64)}`,
+                                uri: "file:///tmp/private-claude.log",
+                                redaction_status: "synthetic"
+                            },
+                            {
+                                artifact_id: "claude_raw_transcript",
+                                kind: "transcript",
+                                hash: `sha256:${"b".repeat(64)}`,
+                                uri: "file:///tmp/raw-claude.txt",
+                                redaction_status: "raw"
+                            }
+                        ]
+                    }
+                }
+            }),
+            harnessKind: "claude_code"
+        };
+        const codexHarness = {
+            ...createMockHarness({
+                id: "codex-live-mock",
+                candidates: {
+                    codex: {
+                        transcript: "codex private transcript should not render",
+                        artifacts: [
+                            {
+                                artifact_id: "codex_safe_log",
+                                kind: "log",
+                                hash: `sha256:${"c".repeat(64)}`,
+                                uri: "file:///tmp/private-codex.log",
+                                redaction_status: "synthetic"
+                            }
+                        ]
+                    }
+                }
+            }),
+            harnessKind: "codex"
+        };
+        const dashboard = await runHarnessSmokeDashboard({
+            repo: fixture.repo,
+            outputRoot: fixture.outputRoot,
+            timeoutMs: 1_000,
+            createdAt: "2026-06-16T00:00:00.000Z",
+            env: {
+                WARRANT_ENSEMBLE_LIVE_SMOKE: "1",
+                VERCEL_TOKEN: "vercel-test",
+                ANTHROPIC_API_KEY: "anthropic-test",
+                CODEX_API_KEY: "codex-test"
+            },
+            liveSmoke: ["claude-code", "codex"],
+            liveSmokeHarnesses: {
+                "claude-code": claudeHarness,
+                codex: codexHarness
+            }
+        });
+        assert.equal(dashboard.records.length, 8);
+        assert.equal(dashboard.records.find((record) => record.taskId === "claude-code-live")?.result.status, "succeeded");
+        assert.equal(dashboard.records.find((record) => record.taskId === "codex-live")?.result.status, "succeeded");
+        assert.equal(dashboard.readiness.find((row) => row.harnessId === "claude-code")?.liveSmoke, "live smoke passed");
+        assert.equal(dashboard.readiness.find((row) => row.harnessId === "codex")?.liveSmoke, "live smoke passed");
+        const markdown = readFileSync(dashboard.dashboardPath, "utf8");
+        assert.match(markdown, /log:claude_safe_log:sha256/);
+        assert.match(markdown, /log:codex_safe_log:sha256/);
+        assert.match(markdown, /raw artifact ref\(s\) withheld/);
+        assert.equal(markdown.includes(privateTranscript), false);
+        assert.equal(markdown.includes("file:///tmp/private-claude.log"), false);
+        assert.equal(markdown.includes("file:///tmp/private-codex.log"), false);
+    }
+    finally {
+        fixture.cleanup();
+    }
+});

package/dist/test/gateway-e2e.test.js

@@ -9,6 +9,7 @@ import { PassThrough } from "node:stream";
 import { fileURLToPath } from "node:url";
 import { after, before, test } from "node:test";
 import { FUSION_REPORT_HEADER, FUSION_RUN_ID_HEADER, runAcpAgent, runFrontDoorAcceptance } from "@fusionkit/model-gateway";
+import { resolveCursorkitCli } from "@fusionkit/ensemble";
 import { buildAcpRunner, startConfiguredGateway } from "../gateway.js";
 /**
  * Comprehensive front-door e2e. Exercises the real chain end to end:
@@ -386,7 +387,9 @@ test("unified acceptance suite passes every reachable front door against the rea
     assert.equal(statusOf("cursor-acp"), "blocked");
     assert.ok(backend.judgeCallCount() >= 4, "judge synthesis must hit the model backend per front door");
 });
-const LIVE_CLAUDE = process.env.WARRANT_GATEWAY_LIVE_CLAUDE === "1" ? false : "set WARRANT_GATEWAY_LIVE_CLAUDE=1 with a working claude CLI";
+const LIVE_CLAUDE = (process.env.FUSIONKIT_GATEWAY_LIVE_CLAUDE ?? process.env.WARRANT_GATEWAY_LIVE_CLAUDE) === "1"
+    ? false
+    : "set FUSIONKIT_GATEWAY_LIVE_CLAUDE=1 with a working claude CLI";
 test("live: real Claude Code CLI drives the gateway fusion run and receives the synthesized answer", { skip: LIVE_CLAUDE }, async () => {
     // A dedicated single-model gateway keeps the live run light: each Claude
     // model call triggers one real unified harness run (worktree + command +
@@ -429,7 +432,9 @@ test("live: real Claude Code CLI drives the gateway fusion run and receives the
         await liveGateway.close();
     }
 });
-const LIVE_CODEX = process.env.WARRANT_GATEWAY_LIVE_CODEX === "1" ? false : "set WARRANT_GATEWAY_LIVE_CODEX=1 with a working codex CLI";
+const LIVE_CODEX = (process.env.FUSIONKIT_GATEWAY_LIVE_CODEX ?? process.env.WARRANT_GATEWAY_LIVE_CODEX) === "1"
+    ? false
+    : "set FUSIONKIT_GATEWAY_LIVE_CODEX=1 with a working codex CLI";
 test("live: real Codex CLI drives the gateway fusion run and receives the synthesized answer", { skip: LIVE_CODEX }, async () => {
     // Codex streams `/v1/responses`; the gateway must emit the Responses SSE
     // sequence ending in response.completed for Codex to accept the answer.
@@ -482,15 +487,14 @@ test("live: real Codex CLI drives the gateway fusion run and receives the synthe
         rmSync(codexHome, { recursive: true, force: true });
     }
 });
-// Drives the real cursor-agent CLI in ACP mode through the real Cursorkit
+// Drives the real cursor-agent CLI in ACP mode through the bundled Cursorkit
 // bridge, whose local model backend is pointed at this gateway. Requires a
-// logged-in cursor-agent and a built Cursorkit checkout (WARRANT_CURSORKIT_DIR).
-const CURSORKIT_DIR = process.env.WARRANT_CURSORKIT_DIR;
-const LIVE_CURSOR = process.env.WARRANT_GATEWAY_LIVE_CURSOR === "1" && CURSORKIT_DIR !== undefined
+// logged-in cursor-agent (Cursorkit is bundled as an npm dependency).
+const LIVE_CURSOR = (process.env.FUSIONKIT_GATEWAY_LIVE_CURSOR ?? process.env.WARRANT_GATEWAY_LIVE_CURSOR) === "1"
     ? false
-    : "set WARRANT_GATEWAY_LIVE_CURSOR=1 and WARRANT_CURSORKIT_DIR=<built cursorkit checkout> with a logged-in cursor-agent";
+    : "set FUSIONKIT_GATEWAY_LIVE_CURSOR=1 with a logged-in cursor-agent";
 test("live: real cursor-agent (ACP) drives the Cursorkit bridge into the gateway fusion run", { skip: LIVE_CURSOR }, async () => {
-    const cursorkitDir = CURSORKIT_DIR;
+    const { serveCli } = resolveCursorkitCli();
     const liveGateway = await startConfiguredGateway({
         config: { ...config, models: [{ id: "cursor-panel", model: "fusion-cursor" }] },
         host: "127.0.0.1",
@@ -519,8 +523,7 @@ test("live: real cursor-agent (ACP) drives the Cursorkit bridge into the gateway
         MODEL_PROVIDER_MODEL: "fusion-panel",
         MODEL_CONTEXT_TOKEN_LIMIT: "128000"
     });
-    const bridge = spawn(process.execPath, ["dist/src/cli.js", "serve"], {
-        cwd: cursorkitDir,
+    const bridge = spawn(process.execPath, [serveCli, "serve"], {
         env: bridgeEnv,
         stdio: ["ignore", "pipe", "pipe"]
     });

package/dist/test/local.test.js

@@ -13,23 +13,23 @@ test("claudeEnv points Claude Code at the gateway's Anthropic surface", () => {
 });
 test("claudeEnv falls back to a placeholder auth token", () => {
     const env = claudeEnv("http://127.0.0.1:9000");
-    assert.equal(env.ANTHROPIC_AUTH_TOKEN, "warrant-local");
+    assert.equal(env.ANTHROPIC_AUTH_TOKEN, "fusionkit-local");
 });
 test("codexConfigToml declares a Responses provider at the gateway", () => {
     const toml = codexConfigToml("http://127.0.0.1:9000", "local-model");
     assert.ok(toml.includes('model = "local-model"'));
-    assert.ok(toml.includes("[model_providers.warrant-local]"));
+    assert.ok(toml.includes("[model_providers.fusionkit-local]"));
     assert.ok(toml.includes('base_url = "http://127.0.0.1:9000/v1"'));
     assert.ok(toml.includes('wire_api = "responses"'));
     assert.ok(toml.includes("requires_openai_auth = false"));
 });
 test("opencodeConfig registers an OpenAI-compatible provider", () => {
     const config = opencodeConfig("http://127.0.0.1:9000", "local-model");
-    const provider = config.provider["warrant-local"];
+    const provider = config.provider["fusionkit-local"];
     assert.equal(provider?.npm, "@ai-sdk/openai-compatible");
     assert.equal(provider?.options.baseURL, "http://127.0.0.1:9000/v1");
     assert.ok("local-model" in (provider?.models ?? {}));
-    assert.equal(opencodeModelArg("local-model"), "warrant-local/local-model");
+    assert.equal(opencodeModelArg("local-model"), "fusionkit-local/local-model");
 });
 test("cursorInstructions surfaces the public URL and plan-mode caveat", () => {
     const text = cursorInstructions("https://abc.example", "local-model");

package/dist/tools.d.ts

@@ -0,0 +1,2 @@
+import type { ToolRegistry } from "@fusionkit/tools";
+export declare const toolRegistry: ToolRegistry;

package/dist/tools.js

@@ -0,0 +1,25 @@
+/**
+ * The fusionkit tool registry: the single place that knows every tool package.
+ * Importing this module also wires the ensemble harness gateway to resolve
+ * tool-backed adapters (codex / claude-code / cursor) from the registry, so
+ * `@fusionkit/ensemble` itself stays free of any per-tool dependency.
+ *
+ * Adding a new tool is one new `@fusionkit/tool-*` package plus one entry here.
+ */
+import { setToolHarnessProvider } from "@fusionkit/ensemble";
+import { createToolRegistry } from "@fusionkit/tools";
+import { claudeTool } from "@fusionkit/tool-claude";
+import { codexTool } from "@fusionkit/tool-codex";
+import { cursorTool } from "@fusionkit/tool-cursor";
+import { opencodeTool } from "@fusionkit/tool-opencode";
+export const toolRegistry = createToolRegistry([
+    codexTool,
+    claudeTool,
+    cursorTool,
+    opencodeTool
+]);
+setToolHarnessProvider({
+    adapter: (kind, options) => toolRegistry.harnessForKind(kind, options),
+    sideEffects: (kind) => toolRegistry.sideEffectsForKind(kind),
+    responseShape: (kind) => toolRegistry.responseShapeForKind(kind)
+});

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@fusionkit/cli",
   "private": false,
-  "version": "0.1.4",
+  "version": "0.1.6",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/velum-labs/handoffkit.git",
@@ -34,14 +34,19 @@
   },
   "dependencies": {
     "commander": "14.0.3",
-    "@fusionkit/ensemble": "0.1.4",
-    "@fusionkit/handoff": "0.1.4",
-    "@fusionkit/model-gateway": "0.1.4",
-    "@fusionkit/plane": "0.1.4",
-    "@fusionkit/protocol": "0.1.4",
-    "@fusionkit/runner": "0.1.4",
-    "@fusionkit/workspace": "0.1.4",
-    "@fusionkit/sdk": "0.1.4"
+    "@fusionkit/ensemble": "0.1.6",
+    "@fusionkit/handoff": "0.1.6",
+    "@fusionkit/model-gateway": "0.1.6",
+    "@fusionkit/protocol": "0.1.6",
+    "@fusionkit/plane": "0.1.6",
+    "@fusionkit/runner": "0.1.6",
+    "@fusionkit/sdk": "0.1.6",
+    "@fusionkit/tool-cursor": "0.1.6",
+    "@fusionkit/tool-codex": "0.1.6",
+    "@fusionkit/tool-claude": "0.1.6",
+    "@fusionkit/tool-opencode": "0.1.6",
+    "@fusionkit/tools": "0.1.6",
+    "@fusionkit/workspace": "0.1.6"
   },
   "optionalDependencies": {
     "portless": "0.14.0"

package/scope/.next/BUILD_ID

@@ -1 +1 @@
-5tnFLuvnSbNZNtqRgoot8
+x7wPUCpgS31-5ZHJkcKsU