@h-rig/cli-surface-plugin 0.0.6-alpha.157 → 0.0.6-alpha.159

package/dist/src/commands/remote.js

@@ -1,17 +1,656 @@
 // @bun
 // packages/cli-surface-plugin/src/runner.ts
-import { EventBus } from "@rig/runtime/control-plane/runtime/events";
-import { CliError as RuntimeCliError } from "@rig/runtime/control-plane/errors";
-import { evaluate, loadPolicy, resolveAction } from "@rig/runtime/control-plane/runtime/guard";
-import { buildBinary } from "@rig/runtime/control-plane/runtime/isolation";
+import { EventBus } from "@rig/core/runtime-events";
+import { CliError as RuntimeCliError } from "@rig/contracts";
 
+// packages/cli-surface-plugin/src/control-plane/guard.ts
+import { optimizeNextInvocation } from "bun:jsc";
+import { existsSync, readFileSync, statSync } from "fs";
+import { resolve } from "path";
+
+// packages/cli-surface-plugin/src/control-plane/scope.ts
+import { getScopeRules } from "@rig/core/scope-rules";
+var scopeRegexCache = new Map;
+function unique(values) {
+  return [...new Set(values)];
+}
+function normalizeRelativeScopePath(inputPath) {
+  let normalized = inputPath.replace(/^\.\//, "");
+  const rules = getScopeRules();
+  if (rules?.stripPrefixes) {
+    for (const prefix of rules.stripPrefixes) {
+      if (normalized.startsWith(prefix)) {
+        normalized = normalized.slice(prefix.length);
+      }
+    }
+  }
+  return normalized;
+}
+function normalizePathToScope(projectRoot, monorepoRoot, inputPath) {
+  let normalized = inputPath.replace(/^\.\//, "");
+  if (normalized.startsWith(projectRoot + "/")) {
+    normalized = normalized.slice(projectRoot.length + 1);
+  }
+  if (normalized.startsWith(monorepoRoot + "/")) {
+    normalized = normalized.slice(monorepoRoot.length + 1);
+  }
+  return normalizeRelativeScopePath(normalized);
+}
+function scopeGlobToRegex(glob) {
+  const cached = scopeRegexCache.get(glob);
+  if (cached) {
+    return cached;
+  }
+  const escaped = glob.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*\*/g, "__GLOBSTAR__").replace(/\*/g, "[^/]*").replace(/__GLOBSTAR__/g, ".*");
+  const compiled = new RegExp(`^${escaped}$`);
+  scopeRegexCache.set(glob, compiled);
+  return compiled;
+}
+function scopeMatches(path, scopes) {
+  const pathVariants = unique([path, normalizeRelativeScopePath(path)]);
+  for (const scope of scopes) {
+    const scopeVariants = unique([scope, normalizeRelativeScopePath(scope)]);
+    for (const candidatePath of pathVariants) {
+      for (const candidateScope of scopeVariants) {
+        if (candidatePath === candidateScope || scopeGlobToRegex(candidateScope).test(candidatePath)) {
+          return true;
+        }
+      }
+    }
+  }
+  return false;
+}
+
+// packages/cli-surface-plugin/src/control-plane/guard.ts
+import {
+  POLICY_VERSION
+} from "@rig/contracts";
+var DEFAULT_SCOPE = {
+  fail_closed: true,
+  harness_paths_exempt: true,
+  runtime_paths_exempt: true
+};
+var DEFAULT_SANDBOX = {
+  mode: "enforce",
+  network: true,
+  read_deny: [],
+  write_allow_from_runtime: true
+};
+var DEFAULT_ISOLATION = {
+  default_mode: "worktree",
+  repo_symlink_fallback: false,
+  strict_provisioning: true,
+  fail_closed_on_provision_error: true
+};
+var DEFAULT_COMPLETION = {
+  derive_checks_from_scope: true,
+  checks: [],
+  typescript_config_probe: ["tsconfig.json"],
+  eslint_config_probe: [".eslintrc.js", ".eslintrc.json", "eslint.config.js"]
+};
+var DEFAULT_RUNTIME_IMAGE = {
+  deps: {
+    monorepo_install: false,
+    hp_next_install: false
+  },
+  plugins_require_binaries: true
+};
+var DEFAULT_RUNTIME_SNAPSHOT = {
+  enabled: true
+};
+function defaultPolicy() {
+  return {
+    version: POLICY_VERSION,
+    mode: "enforce",
+    scope: { ...DEFAULT_SCOPE },
+    rules: [],
+    sandbox: { ...DEFAULT_SANDBOX },
+    isolation: { ...DEFAULT_ISOLATION },
+    completion: { ...DEFAULT_COMPLETION },
+    runtime_image: {
+      deps: { ...DEFAULT_RUNTIME_IMAGE.deps },
+      plugins_require_binaries: DEFAULT_RUNTIME_IMAGE.plugins_require_binaries
+    },
+    runtime_snapshot: { ...DEFAULT_RUNTIME_SNAPSHOT }
+  };
+}
+var policyCache = null;
+var policyCachePath = null;
+var seededPolicyConfig = null;
+var compiledRegexCache = new Map;
+function loadPolicy(projectRoot) {
+  if (seededPolicyConfig) {
+    return seededPolicyConfig;
+  }
+  const configPath = resolve(projectRoot, "rig/policy/policy.json");
+  if (!existsSync(configPath)) {
+    return defaultPolicy();
+  }
+  let mtimeMs;
+  try {
+    mtimeMs = statSync(configPath).mtimeMs;
+  } catch {
+    return defaultPolicy();
+  }
+  if (policyCache && policyCachePath === configPath && policyCache.mtimeMs === mtimeMs) {
+    return policyCache.config;
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(readFileSync(configPath, "utf-8"));
+  } catch {
+    return defaultPolicy();
+  }
+  const config = mergeWithDefaults(parsed);
+  policyCache = { mtimeMs, config };
+  policyCachePath = configPath;
+  return config;
+}
+function mergeWithDefaults(parsed) {
+  const base = defaultPolicy();
+  if (typeof parsed.mode === "string" && isValidMode(parsed.mode)) {
+    base.mode = parsed.mode;
+  }
+  if (parsed.scope && typeof parsed.scope === "object" && !Array.isArray(parsed.scope)) {
+    const s = parsed.scope;
+    if (typeof s.fail_closed === "boolean")
+      base.scope.fail_closed = s.fail_closed;
+    if (typeof s.harness_paths_exempt === "boolean")
+      base.scope.harness_paths_exempt = s.harness_paths_exempt;
+    if (typeof s.runtime_paths_exempt === "boolean")
+      base.scope.runtime_paths_exempt = s.runtime_paths_exempt;
+  }
+  if (Array.isArray(parsed.rules)) {
+    base.rules = precompilePolicyRuleRegexes(parsed.rules.filter(isValidRule));
+  }
+  if (Array.isArray(parsed.deny) && base.rules.length === 0) {
+    base.rules = precompilePolicyRuleRegexes(migrateLegacyDeny(parsed.deny));
+  }
+  if (parsed.sandbox && typeof parsed.sandbox === "object" && !Array.isArray(parsed.sandbox)) {
+    const sb = parsed.sandbox;
+    if (typeof sb.mode === "string" && isValidMode(sb.mode))
+      base.sandbox.mode = sb.mode;
+    if (typeof sb.network === "boolean")
+      base.sandbox.network = sb.network;
+    if (Array.isArray(sb.read_deny))
+      base.sandbox.read_deny = sb.read_deny.filter((v) => typeof v === "string");
+    if (typeof sb.write_allow_from_runtime === "boolean")
+      base.sandbox.write_allow_from_runtime = sb.write_allow_from_runtime;
+  }
+  if (parsed.isolation && typeof parsed.isolation === "object" && !Array.isArray(parsed.isolation)) {
+    const iso = parsed.isolation;
+    if (iso.default_mode === "worktree")
+      base.isolation.default_mode = iso.default_mode;
+    if (typeof iso.repo_symlink_fallback === "boolean")
+      base.isolation.repo_symlink_fallback = iso.repo_symlink_fallback;
+    if (typeof iso.strict_provisioning === "boolean")
+      base.isolation.strict_provisioning = iso.strict_provisioning;
+    if (typeof iso.fail_closed_on_provision_error === "boolean")
+      base.isolation.fail_closed_on_provision_error = iso.fail_closed_on_provision_error;
+  }
+  if (parsed.completion && typeof parsed.completion === "object" && !Array.isArray(parsed.completion)) {
+    const comp = parsed.completion;
+    if (typeof comp.derive_checks_from_scope === "boolean")
+      base.completion.derive_checks_from_scope = comp.derive_checks_from_scope;
+    if (Array.isArray(comp.checks))
+      base.completion.checks = comp.checks.filter((v) => typeof v === "string");
+    if (Array.isArray(comp.typescript_config_probe))
+      base.completion.typescript_config_probe = comp.typescript_config_probe.filter((v) => typeof v === "string");
+    if (Array.isArray(comp.eslint_config_probe))
+      base.completion.eslint_config_probe = comp.eslint_config_probe.filter((v) => typeof v === "string");
+  }
+  if (parsed.runtime_image && typeof parsed.runtime_image === "object" && !Array.isArray(parsed.runtime_image)) {
+    const runtimeImage = parsed.runtime_image;
+    if (runtimeImage.deps && typeof runtimeImage.deps === "object" && !Array.isArray(runtimeImage.deps)) {
+      const deps = runtimeImage.deps;
+      if (typeof deps.monorepo_install === "boolean") {
+        base.runtime_image.deps.monorepo_install = deps.monorepo_install;
+      }
+      if (typeof deps.hp_next_install === "boolean") {
+        base.runtime_image.deps.hp_next_install = deps.hp_next_install;
+      }
+    }
+    if (typeof runtimeImage.plugins_require_binaries === "boolean") {
+      base.runtime_image.plugins_require_binaries = runtimeImage.plugins_require_binaries;
+    }
+  }
+  if (parsed.runtime_snapshot && typeof parsed.runtime_snapshot === "object" && !Array.isArray(parsed.runtime_snapshot)) {
+    const runtimeSnapshot = parsed.runtime_snapshot;
+    if (typeof runtimeSnapshot.enabled === "boolean") {
+      base.runtime_snapshot.enabled = runtimeSnapshot.enabled;
+    }
+  }
+  return base;
+}
+function isValidMode(value) {
+  return value === "off" || value === "observe" || value === "enforce";
+}
+function isValidRule(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value))
+    return false;
+  const r = value;
+  return typeof r.id === "string" && typeof r.category === "string" && r.match != null && typeof r.match === "object";
+}
+function migrateLegacyDeny(deny) {
+  const rules = [];
+  for (const entry of deny) {
+    if (typeof entry.id !== "string")
+      continue;
+    const match = {};
+    if (typeof entry.pattern === "string")
+      match.pattern = entry.pattern;
+    if (typeof entry.regex === "string")
+      match.regex = entry.regex;
+    if (!match.pattern && !match.regex)
+      continue;
+    rules.push({
+      id: entry.id,
+      category: "command",
+      match,
+      action: "block",
+      ...typeof entry.description === "string" ? { description: entry.description } : {}
+    });
+  }
+  return rules;
+}
+function precompilePolicyRuleRegexes(rules) {
+  return rules.map((rule) => {
+    const compiledRegex = rule.match.regex ? compileSafeRegex(rule.match.regex, `rules.${rule.id}.match.regex`, true) : undefined;
+    const compiledUnlessRegex = rule.unless?.regex ? compileSafeRegex(rule.unless.regex, `rules.${rule.id}.unless.regex`, true) : undefined;
+    return {
+      ...rule,
+      ...compiledRegex ? { compiledRegex } : {},
+      ...compiledUnlessRegex ? { compiledUnlessRegex } : {}
+    };
+  });
+}
+function getRegexUnsafeReason(pattern) {
+  if (pattern.length > 512) {
+    return "pattern exceeds max safe length (512 chars)";
+  }
+  if (/\\[1-9]/.test(pattern)) {
+    return "pattern uses backreferences";
+  }
+  if (/\((?:[^()\\]|\\.)*[+*](?:[^()\\]|\\.)*\)\s*[*+{]/.test(pattern)) {
+    return "pattern contains nested quantifiers";
+  }
+  if (/\((?:[^()\\]|\\.)*\.\\?[+*](?:[^()\\]|\\.)*\)\s*[*+{]/.test(pattern)) {
+    return "pattern contains nested broad quantifiers";
+  }
+  return null;
+}
+function compileSafeRegex(pattern, sourceLabel, logOnFailure) {
+  const cached = compiledRegexCache.get(pattern);
+  if (cached !== undefined) {
+    return cached ?? undefined;
+  }
+  const unsafeReason = getRegexUnsafeReason(pattern);
+  if (unsafeReason) {
+    if (logOnFailure) {
+      console.warn(`[policy] Skipping unsafe regex in ${sourceLabel}: ${unsafeReason}`);
+    }
+    compiledRegexCache.set(pattern, null);
+    return;
+  }
+  try {
+    const compiled = new RegExp(pattern);
+    compiledRegexCache.set(pattern, compiled);
+    return compiled;
+  } catch (error) {
+    if (logOnFailure) {
+      const message = error instanceof Error ? error.message : String(error);
+      console.warn(`[policy] Skipping invalid regex in ${sourceLabel}: ${message}`);
+    }
+    compiledRegexCache.set(pattern, null);
+    return;
+  }
+}
+function matchRule(rule, input) {
+  const { match } = rule;
+  if (match.pattern && input.includes(match.pattern)) {
+    return true;
+  }
+  if (match.regex) {
+    const compiled = rule.compiledRegex || compileSafeRegex(match.regex, `rules.${rule.id}.match.regex`, false);
+    if (!compiled) {
+      return false;
+    }
+    try {
+      return compiled.test(input);
+    } catch {
+      return false;
+    }
+  }
+  return false;
+}
+function matchRuleUnless(rule, command, taskId) {
+  if (!rule.unless)
+    return false;
+  if (rule.unless.regex) {
+    const compiled = rule.compiledUnlessRegex || compileSafeRegex(rule.unless.regex, `rules.${rule.id}.unless.regex`, false);
+    if (!compiled) {
+      return false;
+    }
+    try {
+      if (compiled.test(command))
+        return true;
+    } catch {}
+  }
+  if (rule.unless.task_in && taskId) {
+    if (rule.unless.task_in.includes(taskId))
+      return true;
+  }
+  return false;
+}
+function resolveAction(mode, matched) {
+  if (matched.length === 0)
+    return "allow";
+  if (mode === "off")
+    return "allow";
+  if (mode === "observe")
+    return "warn";
+  return "block";
+}
+function resolveAbsolutePath(projectRoot, rawPath) {
+  if (rawPath.startsWith("/"))
+    return resolve(rawPath);
+  return resolve(projectRoot, rawPath);
+}
+function isHarnessPath(projectRoot, rawPath) {
+  const absPath = resolveAbsolutePath(projectRoot, rawPath);
+  const managedRoots = [
+    resolve(projectRoot, "rig"),
+    resolve(projectRoot, ".rig"),
+    resolve(projectRoot, "artifacts")
+  ];
+  return managedRoots.some((root) => absPath === root || absPath.startsWith(root + "/"));
+}
+function isRuntimePath(projectRoot, rawPath, taskWorkspace) {
+  const absPath = resolveAbsolutePath(projectRoot, rawPath);
+  if (taskWorkspace) {
+    const workspaceRigRoot = resolve(taskWorkspace, ".rig");
+    const workspaceArtifactsRoot = resolve(taskWorkspace, "artifacts");
+    if (absPath === workspaceRigRoot || absPath.startsWith(workspaceRigRoot + "/") || absPath === workspaceArtifactsRoot || absPath.startsWith(workspaceArtifactsRoot + "/")) {
+      return true;
+    }
+  }
+  const runtimeRoot = resolve(projectRoot, ".rig/runtime/agents");
+  return absPath === runtimeRoot || absPath.startsWith(runtimeRoot + "/");
+}
+function isTestFile(path) {
+  return /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(path) || /\/(__tests__|tests|test)\//.test(path);
+}
+function evaluate(context) {
+  const policy = loadPolicy(context.projectRoot);
+  switch (context.evaluation.type) {
+    case "tool-call":
+      return evaluateToolCall(policy, context);
+    case "command":
+      return evaluateCommand(policy, context);
+    case "content-write":
+      return evaluateContent(policy, context);
+    case "file-access":
+      return evaluateScope(policy, context, context.evaluation.file_path, context.evaluation.access);
+  }
+}
+function evaluateScope(policy, context, filePath, access) {
+  const allowed = () => ({
+    allowed: true,
+    matchedRules: [],
+    action: "allow",
+    failClosed: false
+  });
+  if (policy.scope.harness_paths_exempt && isHarnessPath(context.projectRoot, filePath)) {
+    return allowed();
+  }
+  if (policy.scope.runtime_paths_exempt && isRuntimePath(context.projectRoot, filePath, context.taskWorkspace)) {
+    return allowed();
+  }
+  if (!context.taskId) {
+    if (access === "write" && policy.scope.fail_closed) {
+      return {
+        allowed: false,
+        matchedRules: [],
+        action: resolveAction(policy.mode, [{ id: "scope:no-task", category: "command", reason: "No active task; fail-closed for write operations" }]),
+        failClosed: true
+      };
+    }
+    return allowed();
+  }
+  const scopes = context.taskScopes || [];
+  if (scopes.length === 0) {
+    return allowed();
+  }
+  if (context.taskWorkspace && context.taskWorkspace !== context.projectRoot && filePath.startsWith("/")) {
+    const absPath = resolve(filePath);
+    if (!absPath.startsWith(context.taskWorkspace + "/") && !isHarnessPath(context.projectRoot, filePath)) {
+      const reason2 = `Absolute path '${filePath}' is outside task runtime boundary. Allowed root: ${context.taskWorkspace}`;
+      const matched2 = [{ id: "scope:workspace-boundary", category: "command", reason: reason2 }];
+      return {
+        allowed: policy.mode !== "enforce",
+        matchedRules: matched2,
+        action: resolveAction(policy.mode, matched2),
+        failClosed: false
+      };
+    }
+  }
+  const monorepoRoot = context.monorepoRoot || process.env.MONOREPO_ROOT?.trim() || context.taskWorkspace || context.projectRoot;
+  let normalizedPath = filePath;
+  if (context.taskWorkspace && context.taskWorkspace !== context.projectRoot && filePath.startsWith(context.taskWorkspace + "/")) {
+    normalizedPath = filePath.slice(context.taskWorkspace.length + 1);
+  }
+  normalizedPath = normalizePathToScope(context.projectRoot, monorepoRoot, normalizedPath);
+  if (scopeMatches(filePath, scopes) || scopeMatches(normalizedPath, scopes)) {
+    return allowed();
+  }
+  const reason = `File '${filePath}' (normalized: '${normalizedPath}') is outside scope of task ${context.taskId}`;
+  const matched = [{ id: "scope:out-of-scope", category: "command", reason }];
+  return {
+    allowed: policy.mode !== "enforce",
+    matchedRules: matched,
+    action: resolveAction(policy.mode, matched),
+    failClosed: false
+  };
+}
+function evaluateCommand(policy, context) {
+  const evaluation = context.evaluation;
+  if (evaluation.type !== "command") {
+    return { allowed: true, matchedRules: [], action: "allow", failClosed: false };
+  }
+  const command = evaluation.command;
+  const matchedRules = [];
+  for (const rule of policy.rules) {
+    if (rule.category !== "command")
+      continue;
+    if (!matchRule(rule, command))
+      continue;
+    if (matchRuleUnless(rule, command, context.taskId))
+      continue;
+    matchedRules.push({
+      id: rule.id,
+      category: rule.category,
+      ...rule.description !== undefined ? { description: rule.description } : {},
+      reason: rule.description || `Matched rule ${rule.id}`
+    });
+  }
+  const writeTarget = extractWriteTarget(command);
+  if (writeTarget && !/^\/dev\//.test(writeTarget) && !/^\/proc\//.test(writeTarget)) {
+    const scopeResult = evaluateScope(policy, context, writeTarget, "write");
+    if (!scopeResult.allowed || scopeResult.matchedRules.length > 0) {
+      matchedRules.push(...scopeResult.matchedRules);
+    }
+  }
+  const action = resolveAction(policy.mode, matchedRules);
+  return {
+    allowed: action !== "block",
+    matchedRules,
+    action,
+    failClosed: false
+  };
+}
+function extractWriteTarget(command) {
+  const redirect = command.match(/>>?\s+([^\s;|&]+)/);
+  if (redirect?.[1])
+    return redirect[1];
+  const tee = command.match(/tee\s+(-a\s+)?([^\s;|&]+)/);
+  if (tee?.[2])
+    return tee[2];
+  return "";
+}
+function evaluateContent(policy, context) {
+  const evaluation = context.evaluation;
+  if (evaluation.type !== "content-write") {
+    return { allowed: true, matchedRules: [], action: "allow", failClosed: false };
+  }
+  const { content, file_path } = evaluation;
+  const matchedRules = [];
+  const scopeResult = evaluateScope(policy, context, file_path, "write");
+  if (scopeResult.matchedRules.length > 0) {
+    matchedRules.push(...scopeResult.matchedRules);
+  }
+  for (const rule of policy.rules) {
+    if (rule.category !== "content" && rule.category !== "import" && rule.category !== "test-integrity")
+      continue;
+    if (rule.applies_to === "test-files" && !isTestFile(file_path))
+      continue;
+    if (!matchRule(rule, content))
+      continue;
+    if (matchRuleUnless(rule, content, context.taskId))
+      continue;
+    matchedRules.push({
+      id: rule.id,
+      category: rule.category,
+      ...rule.description !== undefined ? { description: rule.description } : {},
+      reason: rule.description || `Matched rule ${rule.id}`
+    });
+  }
+  const action = resolveAction(policy.mode, matchedRules);
+  return {
+    allowed: action !== "block",
+    matchedRules,
+    action,
+    failClosed: false
+  };
+}
+function evaluateToolCall(policy, context) {
+  const evaluation = context.evaluation;
+  if (evaluation.type !== "tool-call") {
+    return { allowed: true, matchedRules: [], action: "allow", failClosed: false };
+  }
+  const { tool_name, tool_input } = evaluation;
+  const allMatched = [];
+  const filePaths = extractFilePathsFromToolInput(tool_name, tool_input);
+  for (const fp of filePaths) {
+    const access = isWriteTool(tool_name) ? "write" : "read";
+    const scopeResult = evaluateScope(policy, context, fp, access);
+    if (scopeResult.matchedRules.length > 0) {
+      allMatched.push(...scopeResult.matchedRules);
+    }
+  }
+  const content = extractContentFromToolInput(tool_input);
+  if (content) {
+    const filePath = filePaths[0] || "";
+    const contentContext = {
+      ...context,
+      evaluation: { type: "content-write", file_path: filePath, content }
+    };
+    const contentPolicy = loadPolicy(context.projectRoot);
+    for (const rule of contentPolicy.rules) {
+      if (rule.category !== "content" && rule.category !== "import" && rule.category !== "test-integrity")
+        continue;
+      if (rule.applies_to === "test-files" && !isTestFile(filePath))
+        continue;
+      if (!matchRule(rule, content))
+        continue;
+      if (matchRuleUnless(rule, content, context.taskId))
+        continue;
+      allMatched.push({
+        id: rule.id,
+        category: rule.category,
+        ...rule.description !== undefined ? { description: rule.description } : {},
+        reason: rule.description || `Matched rule ${rule.id}`
+      });
+    }
+  }
+  if (tool_name === "Bash") {
+    const command = String(tool_input.command || tool_input.cmd || "");
+    if (command) {
+      const cmdContext = {
+        ...context,
+        evaluation: { type: "command", command }
+      };
+      const cmdResult = evaluateCommand(policy, cmdContext);
+      if (cmdResult.matchedRules.length > 0) {
+        allMatched.push(...cmdResult.matchedRules);
+      }
+    }
+  }
+  const seen = new Set;
+  const deduplicated = [];
+  for (const rule of allMatched) {
+    if (!seen.has(rule.id)) {
+      seen.add(rule.id);
+      deduplicated.push(rule);
+    }
+  }
+  const action = resolveAction(policy.mode, deduplicated);
+  return {
+    allowed: action !== "block",
+    matchedRules: deduplicated,
+    action,
+    failClosed: false
+  };
+}
+function isWriteTool(toolName) {
+  return toolName === "Write" || toolName === "Edit" || toolName === "MultiEdit";
+}
+function extractFilePathsFromToolInput(toolName, input) {
+  const paths = [];
+  const add = (value) => {
+    if (typeof value === "string" && value.trim()) {
+      paths.push(value.trim());
+    }
+  };
+  if (toolName === "Read" || toolName === "Write" || toolName === "Edit" || toolName === "MultiEdit") {
+    add(input.file_path);
+    add(input.path);
+  } else if (toolName === "Glob") {
+    add(input.path);
+  } else if (toolName === "Grep") {
+    add(input.path);
+  } else {
+    add(input.file_path);
+    add(input.path);
+  }
+  return paths;
+}
+function extractContentFromToolInput(input) {
+  if (typeof input.content === "string")
+    return input.content;
+  if (typeof input.new_string === "string")
+    return input.new_string;
+  return "";
+}
+var guardHotPathPrimed = false;
+function primeGuardHotPaths() {
+  if (guardHotPathPrimed) {
+    return;
+  }
+  guardHotPathPrimed = true;
+  try {
+    optimizeNextInvocation(matchRule);
+    optimizeNextInvocation(evaluate);
+  } catch {}
+}
+primeGuardHotPaths();
+
+// packages/cli-surface-plugin/src/control-plane/agent-binary-build.ts
+import { runtimeProvisioningEnv } from "@rig/core/runtime-provisioning-env";
+
+// packages/cli-surface-plugin/src/runner.ts
 class CliError extends RuntimeCliError {
-  hint;
   constructor(message, exitCode = 1, options = {}) {
-    super(message, exitCode);
-    if (options.hint?.trim()) {
-      this.hint = options.hint.trim();
-    }
+    super(message, exitCode, options);
   }
 }
 function takeFlag(args, flag) {
@@ -64,18 +703,446 @@ Usage: ${usage}`);
 import {
   doctorAuthorityRemoteEndpoints as doctorManagedRemoteEndpoints,
   importLegacyRemoteEndpoints as migrateManagedRemoteEndpoints,
-  listManagedRemoteEndpoints,
+  listManagedRemoteEndpoints as listManagedRemoteEndpoints2,
+  RemoteCliError as RemoteCliError3,
+  removeManagedRemoteEndpoint as removeManagedRemoteEndpoint2,
+  updateAuthorityRemoteEndpoint as updateManagedRemoteEndpointInAuthority,
+  upsertManagedRemoteEndpoint as upsertManagedRemoteEndpoint2
+} from "@rig/core/remote-config";
+
+// packages/cli-surface-plugin/src/commands/remote-client.ts
+import { dirname } from "path";
+import { resolveAuthorityPaths } from "@rig/core/server-paths";
+import {
+  DEFAULT_REMOTE_PORT,
+  REMOTES_CONFIG_PATH,
+  doctorAuthorityRemoteEndpoints,
+  importLegacyRemoteEndpoints,
+  listAuthorityRemoteEndpoints,
+  loadRemotesConfig,
+  markAuthorityRemoteEndpointConnected,
+  normalizeString,
   RemoteCliError,
+  updateAuthorityRemoteEndpoint
+} from "@rig/core/remote-config";
+import {
+  DEFAULT_REMOTE_PORT as DEFAULT_REMOTE_PORT2,
+  REMOTES_CONFIG_PATH as REMOTES_CONFIG_PATH2,
+  listManagedRemoteEndpoints,
+  loadRemotesConfig as loadRemotesConfig2,
+  RemoteCliError as RemoteCliError2,
   removeManagedRemoteEndpoint,
-  updateAuthorityRemoteEndpoint as updateManagedRemoteEndpointInAuthority,
+  resolveOwnerNamespaceKey,
+  resolveRegistryBaseUrl as resolveRegistryBaseUrl2,
+  resolveRelayUrl as resolveRelayUrl2,
+  resolveSelectedRemote,
+  resolveSshTarget,
   upsertManagedRemoteEndpoint
-} from "@rig/runtime/control-plane/remote-config";
-import {
-  matchesEventFilter,
-  RemoteWsClient,
-  resolveRemoteEndpoint,
-  summarizeMessage
-} from "@rig/runtime/control-plane/remote";
+} from "@rig/core/remote-config";
+var DEFAULT_TIMEOUTS = {
+  connectMs: 5000,
+  authMs: 5000,
+  requestMs: 30000,
+  subscriptionMs: 1e4
+};
+function resolveRemoteEndpoint(options) {
+  const env = options.env ?? process.env;
+  const envHost = normalizeString(env.RIG_REMOTE_HOST);
+  const envToken = normalizeString(env.RIG_REMOTE_TOKEN);
+  const envPort = parsePort(normalizeString(env.RIG_REMOTE_PORT), "RIG_REMOTE_PORT");
+  const envAlias = normalizeString(env.RIG_REMOTE_ALIAS);
+  const explicitHost = normalizeString(options.host);
+  const explicitToken = normalizeString(options.token);
+  const explicitPort = parsePort(normalizeString(options.port), "--port");
+  const explicitProvided = Boolean(explicitHost || explicitToken || explicitPort !== null);
+  const requestedAlias = normalizeString(options.remoteAlias) || envAlias;
+  let endpoint = {
+    source: "env",
+    host: envHost || "",
+    port: envPort ?? DEFAULT_REMOTE_PORT,
+    token: envToken || "",
+    configPath: REMOTES_CONFIG_PATH
+  };
+  if (requestedAlias) {
+    if (options.projectRoot) {
+      const remote = listAuthorityRemoteEndpoints(options.projectRoot).find((entry) => entry.alias === requestedAlias);
+      if (!remote) {
+        const configPath = resolveAuthorityPaths(options.projectRoot).remoteEndpointsPath;
+        throw new RemoteCliError("RIG_REMOTE_ALIAS_NOT_FOUND", `Remote alias '${requestedAlias}' was not found in ${configPath}.`, 2, { alias: requestedAlias, configPath });
+      }
+      endpoint = {
+        source: "alias",
+        alias: requestedAlias,
+        host: remote.host,
+        port: remote.port,
+        token: remote.token,
+        configPath: resolveAuthorityPaths(options.projectRoot).remoteEndpointsPath
+      };
+    } else {
+      const config = loadRemotesConfig();
+      const remote = config.remotes?.[requestedAlias];
+      if (!remote) {
+        throw new RemoteCliError("RIG_REMOTE_ALIAS_NOT_FOUND", `Remote alias '${requestedAlias}' was not found in ${REMOTES_CONFIG_PATH}.`, 2, { alias: requestedAlias, configPath: REMOTES_CONFIG_PATH });
+      }
+      endpoint = {
+        source: "alias",
+        alias: requestedAlias,
+        host: normalizeString(remote.host) || "",
+        port: Number.isFinite(remote.port) ? Number(remote.port) : DEFAULT_REMOTE_PORT,
+        token: normalizeString(remote.token) || "",
+        configPath: REMOTES_CONFIG_PATH
+      };
+    }
+  }
+  if (explicitProvided) {
+    endpoint = {
+      ...endpoint,
+      source: "flags",
+      host: explicitHost || endpoint.host,
+      port: explicitPort ?? endpoint.port,
+      token: explicitToken || endpoint.token
+    };
+  }
+  if (!endpoint.host) {
+    throw new RemoteCliError("RIG_REMOTE_HOST_REQUIRED", "Remote host is required. Pass --host, --remote <alias>, or set RIG_REMOTE_HOST.", 2);
+  }
+  if (!Number.isFinite(endpoint.port) || endpoint.port <= 0 || endpoint.port > 65535) {
+    throw new RemoteCliError("RIG_REMOTE_INVALID_PORT", `Invalid remote port: ${endpoint.port}.`, 2);
+  }
+  return endpoint;
+}
+
+class RemoteWsClient {
+  endpoint;
+  ws = null;
+  connected = false;
+  pending = new Map;
+  onEvent;
+  requestTimeoutMs;
+  connectTimeoutMs;
+  authTimeoutMs;
+  subscriptionTimeoutMs;
+  connectionToken = null;
+  connectionTokenExpiresAt = null;
+  tokenRefreshTimer = null;
+  constructor(endpoint, options = {}) {
+    this.endpoint = endpoint;
+    this.onEvent = options.onEvent;
+    this.connectTimeoutMs = options.connectTimeoutMs ?? DEFAULT_TIMEOUTS.connectMs;
+    this.authTimeoutMs = options.authTimeoutMs ?? DEFAULT_TIMEOUTS.authMs;
+    this.requestTimeoutMs = options.requestTimeoutMs ?? DEFAULT_TIMEOUTS.requestMs;
+    this.subscriptionTimeoutMs = options.subscriptionTimeoutMs ?? DEFAULT_TIMEOUTS.subscriptionMs;
+  }
+  setEventHandler(handler) {
+    this.onEvent = handler;
+  }
+  async connect() {
+    if (this.connected) {
+      return;
+    }
+    const url = `ws://${this.endpoint.host}:${this.endpoint.port}`;
+    await new Promise((resolve2, reject) => {
+      let authResolved = false;
+      let connectTimer = setTimeout(() => {
+        connectTimer = null;
+        reject(new RemoteCliError("RIG_REMOTE_CONNECT_TIMEOUT", `Timed out connecting to ${url} after ${this.connectTimeoutMs}ms.`, 3, { host: this.endpoint.host, port: this.endpoint.port, timeoutMs: this.connectTimeoutMs }));
+      }, this.connectTimeoutMs);
+      const ws = new WebSocket(url);
+      this.ws = ws;
+      ws.onopen = () => {
+        const authMessage = {
+          type: "auth",
+          id: crypto.randomUUID(),
+          timestamp: new Date().toISOString(),
+          token: this.connectionToken || this.endpoint.token,
+          tokenType: this.connectionToken ? "connection" : "server"
+        };
+        let authTimer = setTimeout(() => {
+          authTimer = null;
+          reject(new RemoteCliError("RIG_REMOTE_AUTH_TIMEOUT", `Timed out waiting for auth response from ${url} after ${this.authTimeoutMs}ms.`, 3, { host: this.endpoint.host, port: this.endpoint.port, timeoutMs: this.authTimeoutMs }));
+        }, this.authTimeoutMs);
+        ws.send(JSON.stringify(authMessage));
+        const originalOnMessage = ws.onmessage;
+        ws.onmessage = (event) => {
+          const message = parseIncomingMessage(event.data);
+          if (!message) {
+            return;
+          }
+          if (message.type === "auth_response" && !authResolved) {
+            authResolved = true;
+            if (connectTimer) {
+              clearTimeout(connectTimer);
+              connectTimer = null;
+            }
+            if (authTimer) {
+              clearTimeout(authTimer);
+              authTimer = null;
+            }
+            const auth = message;
+            if (!auth.success) {
+              reject(new RemoteCliError("RIG_REMOTE_AUTH_FAILED", auth.error || "Remote authentication failed.", 3, { host: this.endpoint.host, port: this.endpoint.port }));
+              return;
+            }
+            if (auth.connectionToken && auth.connectionTokenExpiresAt) {
+              this.connectionToken = auth.connectionToken;
+              this.connectionTokenExpiresAt = auth.connectionTokenExpiresAt;
+              this.scheduleTokenRefresh();
+            }
+            if (this.endpoint.configPath.endsWith("endpoints.toml")) {
+              const projectRoot = dirname(dirname(dirname(this.endpoint.configPath)));
+              try {
+                markAuthorityRemoteEndpointConnected(projectRoot, this.endpoint.alias ? listAuthorityRemoteEndpoints(projectRoot).find((entry) => entry.alias === this.endpoint.alias)?.id ?? "" : "");
+              } catch {}
+            }
+            this.connected = true;
+            ws.onmessage = (event2) => {
+              const next = parseIncomingMessage(event2.data);
+              if (!next) {
+                return;
+              }
+              this.routeMessage(next);
+            };
+            resolve2();
+            return;
+          }
+          if (typeof originalOnMessage === "function") {
+            originalOnMessage.call(ws, event);
+          }
+        };
+      };
+      ws.onerror = () => {
+        if (connectTimer) {
+          clearTimeout(connectTimer);
+          connectTimer = null;
+        }
+        if (!authResolved) {
+          reject(new RemoteCliError("RIG_REMOTE_CONNECT_FAILED", `Failed to connect to ${url}.`, 3, { host: this.endpoint.host, port: this.endpoint.port }));
+        }
+      };
+      ws.onclose = () => {
+        this.connected = false;
+        this.clearPending("Connection closed");
+      };
+    });
+  }
+  disconnect() {
+    this.connected = false;
+    this.clearTokenRefreshTimer();
+    this.clearPending("Connection closed");
+    if (this.ws) {
+      try {
+        this.ws.close();
+      } catch {}
+      this.ws = null;
+    }
+  }
+  async subscribe(eventTypes = []) {
+    const message = { type: "subscribe" };
+    if (eventTypes.length > 0) {
+      message.eventTypes = eventTypes;
+    }
+    const response = await this.request(message, this.subscriptionTimeoutMs);
+    return expectType(response, "operation_result");
+  }
+  async unsubscribe() {
+    return expectType(await this.request({ type: "unsubscribe" }), "operation_result");
+  }
+  async getState() {
+    return expectType(await this.request({ type: "get_state" }), "state_response");
+  }
+  async getTasks() {
+    return expectType(await this.request({ type: "get_tasks" }), "tasks_response");
+  }
+  async pause() {
+    return expectType(await this.request({ type: "pause" }), "operation_result");
+  }
+  async resume() {
+    return expectType(await this.request({ type: "resume" }), "operation_result");
+  }
+  async interrupt() {
+    return expectType(await this.request({ type: "interrupt" }), "operation_result");
+  }
+  async continueExecution() {
+    return expectType(await this.request({ type: "continue" }), "operation_result");
+  }
+  async refreshTasks() {
+    return expectType(await this.request({ type: "refresh_tasks" }), "operation_result");
+  }
+  async addIterations(count) {
+    return expectType(await this.request({ type: "add_iterations", count }), "operation_result");
+  }
+  async removeIterations(count) {
+    return expectType(await this.request({ type: "remove_iterations", count }), "operation_result");
+  }
+  async getPromptPreview(taskId) {
+    return expectType(await this.request({ type: "get_prompt_preview", taskId }), "prompt_preview_response");
+  }
+  async getIterationOutput(taskId) {
+    return expectType(await this.request({ type: "get_iteration_output", taskId }), "iteration_output_response");
+  }
+  async startOrchestration(options) {
+    return expectType(await this.request({
+      type: "orchestrate:start",
+      maxWorkers: options.maxWorkers,
+      maxIterations: options.maxIterations,
+      directMerge: options.directMerge
+    }), "orchestrate:start_response");
+  }
+  async pauseOrchestration(orchestrationId) {
+    return expectType(await this.request({ type: "orchestrate:pause", orchestrationId }), "operation_result");
+  }
+  async resumeOrchestration(orchestrationId) {
+    return expectType(await this.request({ type: "orchestrate:resume", orchestrationId }), "operation_result");
+  }
+  async stopOrchestration(orchestrationId) {
+    return expectType(await this.request({ type: "orchestrate:stop", orchestrationId }), "operation_result");
+  }
+  async getOrchestrationState(orchestrationId) {
+    return expectType(await this.request({ type: "orchestrate:get_state", orchestrationId }), "orchestrate:state_response");
+  }
+  async ping() {
+    return this.request({ type: "ping" });
+  }
+  async request(payload, timeoutMs = this.requestTimeoutMs) {
+    if (!this.connected || !this.ws) {
+      throw new RemoteCliError("RIG_REMOTE_NOT_CONNECTED", "Remote client is not connected.", 3);
+    }
+    const id = crypto.randomUUID();
+    const message = {
+      ...payload,
+      id,
+      timestamp: new Date().toISOString()
+    };
+    return await new Promise((resolve2, reject) => {
+      const timeout = setTimeout(() => {
+        this.pending.delete(id);
+        reject(new RemoteCliError("RIG_REMOTE_REQUEST_TIMEOUT", `Timed out waiting for response to '${String(payload.type)}' after ${timeoutMs}ms.`, 3, { requestType: payload.type, requestId: id, timeoutMs }));
+      }, timeoutMs);
+      this.pending.set(id, { resolve: resolve2, reject, timeout });
+      this.ws?.send(JSON.stringify(message));
+    });
+  }
+  routeMessage(message) {
+    if (message.id && this.pending.has(message.id)) {
+      const pending = this.pending.get(message.id);
+      if (pending) {
+        clearTimeout(pending.timeout);
+        this.pending.delete(message.id);
+        pending.resolve(message);
+      }
+      return;
+    }
+    if (message.type === "token_refresh_response") {
+      const token = normalizeString(message.connectionToken);
+      const expiresAt = normalizeString(message.connectionTokenExpiresAt);
+      if (token && expiresAt) {
+        this.connectionToken = token;
+        this.connectionTokenExpiresAt = expiresAt;
+        this.scheduleTokenRefresh();
+      }
+    }
+    this.onEvent?.({ receivedAt: new Date().toISOString(), message });
+  }
+  scheduleTokenRefresh() {
+    this.clearTokenRefreshTimer();
+    if (!this.connectionToken || !this.connectionTokenExpiresAt || !this.ws || !this.connected) {
+      return;
+    }
+    const expiresAt = new Date(this.connectionTokenExpiresAt).getTime();
+    if (!Number.isFinite(expiresAt)) {
+      return;
+    }
+    const refreshAt = expiresAt - 60 * 60 * 1000;
+    const delay = Math.max(0, refreshAt - Date.now());
+    this.tokenRefreshTimer = setTimeout(() => {
+      if (!this.connected || !this.ws || !this.connectionToken) {
+        return;
+      }
+      const refreshMessage = {
+        type: "token_refresh",
+        id: crypto.randomUUID(),
+        timestamp: new Date().toISOString(),
+        connectionToken: this.connectionToken
+      };
+      this.ws.send(JSON.stringify(refreshMessage));
+    }, delay);
+  }
+  clearTokenRefreshTimer() {
+    if (this.tokenRefreshTimer) {
+      clearTimeout(this.tokenRefreshTimer);
+      this.tokenRefreshTimer = null;
+    }
+  }
+  clearPending(reason) {
+    for (const [requestId, pending] of this.pending.entries()) {
+      clearTimeout(pending.timeout);
+      pending.reject(new RemoteCliError("RIG_REMOTE_REQUEST_CANCELLED", `${reason} (request ${requestId}).`, 3, { requestId }));
+      this.pending.delete(requestId);
+    }
+  }
+}
+function matchesEventFilter(message, expectedType) {
+  if (!expectedType) {
+    return true;
+  }
+  if (message.type === expectedType) {
+    return true;
+  }
+  if (message.type === "engine_event") {
+    const eventType = normalizeString(message.event?.type);
+    return eventType === expectedType;
+  }
+  if (message.type === "parallel_event") {
+    const eventType = normalizeString(message.event?.type);
+    return eventType === expectedType;
+  }
+  return false;
+}
+function summarizeMessage(message) {
+  if (message.type === "pong") {
+    return "pong";
+  }
+  if (message.type === "engine_event") {
+    const eventType = normalizeString(message.event?.type);
+    return eventType ? `engine_event:${eventType}` : "engine_event";
+  }
+  if (message.type === "parallel_event") {
+    const eventType = normalizeString(message.event?.type);
+    const orchestrationId = normalizeString(message.orchestrationId);
+    return orchestrationId ? `parallel_event:${eventType || "unknown"}:${orchestrationId}` : `parallel_event:${eventType || "unknown"}`;
+  }
+  return message.type;
+}
+function parsePort(value, label) {
+  if (!value) {
+    return null;
+  }
+  const parsed = Number.parseInt(value, 10);
+  if (!Number.isFinite(parsed) || parsed <= 0 || parsed > 65535) {
+    throw new RemoteCliError("RIG_REMOTE_INVALID_PORT", `Invalid port for ${label}: ${value}.`, 2, { label, value });
+  }
+  return parsed;
+}
+function parseIncomingMessage(raw) {
+  if (typeof raw !== "string") {
+    return null;
+  }
+  try {
+    const parsed = JSON.parse(raw);
+    if (!parsed || typeof parsed !== "object" || typeof parsed.type !== "string") {
+      return null;
+    }
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+function expectType(message, expectedType) {
+  if (message.type !== expectedType) {
+    throw new RemoteCliError("RIG_REMOTE_UNEXPECTED_RESPONSE", `Unexpected response type: ${message.type}. Expected ${expectedType}.`, 3, { expectedType, actualType: message.type, message });
+  }
+  return message;
+}
 
 // packages/cli-surface-plugin/src/commands/_parsers.ts
 function parseOptionalPositiveInt(value, option) {
@@ -106,7 +1173,7 @@ function assertRemoteOperationSuccess(command, response) {
   }
   if (response.success === false) {
     const error = typeof response.error === "string" && response.error || `${command} failed without explicit error detail from remote server.`;
-    throw new RemoteCliError("RIG_REMOTE_OPERATION_FAILED", error, 3, { command, response: redactSecretFields(response) });
+    throw new RemoteCliError3("RIG_REMOTE_OPERATION_FAILED", error, 3, { command, response: redactSecretFields(response) });
   }
 }
 function redactRemoteEndpoint(endpoint) {
@@ -144,7 +1211,7 @@ async function executeRemote(context, args) {
     switch (subcommand) {
       case "list": {
         requireNoExtraArgs(subRest, "rig remote endpoint list");
-        const endpoints = listManagedRemoteEndpoints(undefined, context.projectRoot);
+        const endpoints = listManagedRemoteEndpoints2(undefined, context.projectRoot);
         const redactedEndpoints = endpoints.map((endpoint2) => redactRemoteEndpoint(endpoint2));
         if (context.outputMode === "text") {
           if (endpoints.length === 0) {
@@ -171,7 +1238,7 @@ async function executeRemote(context, args) {
         if (!alias.value || !host.value || !token.value || !port.value) {
           throw new CliError("remote endpoint add requires --alias, --host, --port, and --token.", 1, { hint: "Re-run as `rig remote endpoint add --alias <a> --host <h> --port <n> --token <t>`." });
         }
-        const created = upsertManagedRemoteEndpoint({
+        const created = upsertManagedRemoteEndpoint2({
           alias: alias.value,
           host: host.value,
           port: parseRequiredPositiveInt(port.value, "--port"),
@@ -221,7 +1288,7 @@ async function executeRemote(context, args) {
         if (!alias.value) {
           throw new CliError("remote endpoint remove requires --alias.", 1, { hint: "Run `rig remote endpoint list` to find the alias, then `rig remote endpoint remove --alias <a>`." });
         }
-        const removed = removeManagedRemoteEndpoint(alias.value, undefined, context.projectRoot);
+        const removed = removeManagedRemoteEndpoint2(alias.value, undefined, context.projectRoot);
         if (!removed) {
           throw new CliError(`Remote endpoint alias not found: ${alias.value}`, 2, { hint: "Run `rig remote endpoint list` to see configured endpoint aliases." });
         }
@@ -378,7 +1445,7 @@ async function executeRemote(context, args) {
             });
             const subscribed = await client.subscribe(eventFilter ? [eventFilter] : []);
             if (!subscribed.success) {
-              throw new RemoteCliError("RIG_REMOTE_SUBSCRIBE_FAILED", subscribed.error || "Failed to subscribe to remote events.", 3);
+              throw new RemoteCliError3("RIG_REMOTE_SUBSCRIBE_FAILED", subscribed.error || "Failed to subscribe to remote events.", 3);
             }
             if (seconds) {
               await Bun.sleep(seconds * 1000);
@@ -464,11 +1531,15 @@ async function executeRemote(context, args) {
         const directMergeResult = takeFlag(orchestrationPending, "--direct-merge");
         orchestrationPending = directMergeResult.rest;
         requireNoExtraArgs(orchestrationPending, "rig remote orchestrate-start [--max-workers <n>] [--max-iterations <n>] [--direct-merge]");
-        const response = await withClient((client) => client.startOrchestration({
-          maxWorkers: parseOptionalPositiveInt(maxWorkersResult.value, "--max-workers"),
-          maxIterations: parseOptionalPositiveInt(maxIterationsResult.value, "--max-iterations"),
-          directMerge: directMergeResult.value
-        }));
+        const response = await withClient((client) => client.startOrchestration((() => {
+          const maxWorkers = parseOptionalPositiveInt(maxWorkersResult.value, "--max-workers");
+          const maxIterations = parseOptionalPositiveInt(maxIterationsResult.value, "--max-iterations");
+          return {
+            ...maxWorkers !== undefined ? { maxWorkers } : {},
+            ...maxIterations !== undefined ? { maxIterations } : {},
+            ...directMergeResult.value !== undefined ? { directMerge: directMergeResult.value } : {}
+          };
+        })()));
         assertRemoteOperationSuccess(command, response);
         return {
           ok: true,
@@ -505,7 +1576,7 @@ async function executeRemote(context, args) {
         throw new CliError(`Unknown remote command: ${command}`, 1, { hint: "Run `rig remote --help` to list remote commands." });
     }
   } catch (error) {
-    if (error instanceof RemoteCliError) {
+    if (error instanceof RemoteCliError3) {
       throw new CliError(`[${error.code}] ${error.message}`, error.exitCode);
     }
     throw error;