@holoscript/holoscript-agent 2.0.0

package/dist/supervisor.js

@@ -0,0 +1,1167 @@
+// src/supervisor.ts
+import { homedir } from "os";
+import { join as join2 } from "path";
+
+// src/holomesh-client.ts
+var HolomeshClient = class {
+  constructor(opts) {
+    this.apiBase = opts.apiBase.replace(/\/$/, "");
+    this.bearer = opts.bearer;
+    this.teamId = opts.teamId;
+    this.fetchImpl = opts.fetchImpl ?? fetch;
+  }
+  async heartbeat(payload) {
+    await this.req("POST", `/team/${this.teamId}/presence`, payload);
+  }
+  async getOpenTasks() {
+    const data = await this.req(
+      "GET",
+      `/team/${this.teamId}/board`
+    );
+    return data.tasks ?? data.open ?? [];
+  }
+  async claim(taskId) {
+    return this.req("PATCH", `/team/${this.teamId}/board/${taskId}`, { action: "claim" });
+  }
+  async joinTeam() {
+    return this.req(
+      "POST",
+      `/team/${this.teamId}/join`,
+      {}
+    );
+  }
+  async sendMessageOnTask(taskId, body) {
+    await this.req("POST", `/team/${this.teamId}/message`, {
+      to: "team",
+      subject: `task:${taskId}`,
+      content: body
+    });
+  }
+  async markDone(taskId, summary, commitHash) {
+    await this.req("PATCH", `/team/${this.teamId}/board/${taskId}`, {
+      action: "done",
+      summary,
+      commitHash
+    });
+  }
+  // POST CAEL audit records for this agent. Server validator at
+  // packages/mcp-server/src/holomesh/routes/core-routes.ts:472-533 requires
+  // bearer == handle owner OR founder; the per-surface x402 bearer is the
+  // handle owner so this resolves correctly. Records that fail shape
+  // validation (layer_hashes != 7 elements, missing tick_iso/operation/
+  // fnv1a_chain) are silently dropped server-side, not rejected as a batch.
+  async postAuditRecords(handle, records) {
+    return this.req(
+      "POST",
+      `/agent/${encodeURIComponent(handle)}/audit`,
+      { records }
+    );
+  }
+  async whoAmI() {
+    const raw = await this.req("GET", "/me");
+    return {
+      agentId: raw.agentId,
+      surface: deriveSurface(raw.name),
+      wallet: raw.wallet
+    };
+  }
+  async req(method, path, body) {
+    const url = `${this.apiBase}${path}`;
+    const res = await this.fetchImpl(url, {
+      method,
+      headers: {
+        Authorization: `Bearer ${this.bearer}`,
+        "content-type": "application/json"
+      },
+      body: body ? JSON.stringify(body) : void 0
+    });
+    if (!res.ok) {
+      const txt = await res.text().catch(() => "");
+      throw new Error(`HoloMesh ${method} ${path} ${res.status}: ${txt.slice(0, 300)}`);
+    }
+    if (res.status === 204) return void 0;
+    return await res.json();
+  }
+};
+function deriveSurface(seatName) {
+  if (!seatName) return "unknown";
+  const n = seatName.toLowerCase();
+  if (n.startsWith("claudecode")) return "claude-code";
+  if (n.startsWith("cursor")) return "claude-cursor";
+  if (n.startsWith("claudedesktop")) return "claude-desktop";
+  if (n.startsWith("vscode-claude") || n.startsWith("claude-vscode")) return "claude-vscode";
+  if (n.startsWith("gemini")) return "gemini-antigravity";
+  if (n.startsWith("copilot")) return "copilot-vscode";
+  return "unknown";
+}
+function pickClaimableTask(tasks, brainCapabilityTags) {
+  const wanted = new Set(brainCapabilityTags.map((t) => t.toLowerCase()));
+  const open = tasks.filter((t) => t.status === "open" && !t.claimedBy);
+  const scored = open.map((t) => ({ task: t, score: scoreTask(t, wanted) })).filter((s) => s.score > 0).sort((a, b) => b.score - a.score || priority(a.task) - priority(b.task));
+  return scored[0]?.task;
+}
+function scoreTask(task, wanted) {
+  const tags = (task.tags ?? []).map((t) => t.toLowerCase());
+  const text = `${task.title} ${task.description ?? ""}`.toLowerCase();
+  let score = 0;
+  for (const tag of tags) if (wanted.has(tag)) score += 2;
+  for (const w of wanted) if (text.includes(w)) score += 1;
+  return score;
+}
+function priority(t) {
+  if (typeof t.priority === "number") return t.priority;
+  const map = { critical: 1, high: 2, medium: 4, low: 6 };
+  return map[String(t.priority).toLowerCase()] ?? 5;
+}
+
+// src/cael-builder.ts
+import { createHash } from "crypto";
+function sha(input) {
+  return createHash("sha256").update(input, "utf8").digest("hex");
+}
+function brainClassOf(brain) {
+  const p = String(brain.brainPath ?? "");
+  let m = p.match(/compositions[\\/]([\w-]+)-brain\.hsplus$/);
+  if (m) return m[1];
+  m = p.match(/([\w-]+)-brain\.hsplus$/);
+  if (m) return m[1];
+  m = p.match(/([\w-]+)\.hsplus$/);
+  if (m) return m[1];
+  const domain = String(brain.domain ?? "").trim();
+  if (domain && domain !== "unknown") return domain;
+  return "unknown";
+}
+function buildCaelRecord(input) {
+  const { identity, brain, task, messages, finalText, usage, costUsd, spentUsd, prevChain, runtimeVersion } = input;
+  const l0 = sha(brain.systemPrompt);
+  const l1 = sha(`${task.id}|${task.title}|${task.description ?? ""}`);
+  const l2 = sha(JSON.stringify(messages));
+  const l3 = sha(finalText);
+  const l4 = sha(JSON.stringify(usage));
+  const l5 = sha(`${costUsd.toFixed(6)}|${spentUsd.toFixed(6)}`);
+  const l6 = sha([l0, l1, l2, l3, l4, l5].join("|"));
+  const fnv1a_chain = sha(`${prevChain ?? ""}|${l6}`);
+  return {
+    tick_iso: (/* @__PURE__ */ new Date()).toISOString(),
+    layer_hashes: [l0, l1, l2, l3, l4, l5, l6],
+    operation: `task-executed:${task.id}`,
+    prev_hash: prevChain,
+    fnv1a_chain,
+    version_vector_fingerprint: `agent@${runtimeVersion}|brain@${brainClassOf(brain)}|provider@${identity.llmProvider}|model@${identity.llmModel}`,
+    brain_class: brainClassOf(brain)
+  };
+}
+
+// src/tools.ts
+import { readFile, writeFile, readdir, mkdir, stat } from "fs/promises";
+import { resolve, dirname } from "path";
+import { spawn } from "child_process";
+var ALLOWED_READ_ROOTS = [
+  "/root/msc-paper-22",
+  // Paper 22 mechanization inputs (scp'd by deploy)
+  "/root/holoscript-mesh",
+  // Read-only repo view (clone path on instance)
+  "/root/agent-output"
+  // Read back what we wrote
+];
+var ALLOWED_WRITE_ROOTS = [
+  "/root/agent-output"
+  // Single write sink — keeps deliverables in one place
+];
+var BASH_WHITELIST = [
+  "lake build",
+  "lake env",
+  "lake clean",
+  "lean ",
+  "ls ",
+  "ls\n",
+  "ls$",
+  "cat ",
+  "grep ",
+  "rg ",
+  "find ",
+  "wc ",
+  "head ",
+  "tail ",
+  "git status",
+  "git log",
+  "git diff",
+  "git show",
+  "pnpm --filter",
+  "pnpm vitest",
+  "vitest run",
+  "pwd",
+  "echo "
+];
+var MESH_TOOLS = [
+  {
+    name: "read_file",
+    description: "Read a file from the agent sandbox. Allowed roots: /root/msc-paper-22, /root/holoscript-mesh, /root/agent-output. Returns the file content as text. Use this to inspect inputs scp'd to the instance (e.g. MSC/Invariants.lean).",
+    input_schema: {
+      type: "object",
+      properties: {
+        path: { type: "string", description: "Absolute path under an allowed read root" }
+      },
+      required: ["path"]
+    }
+  },
+  {
+    name: "list_dir",
+    description: "List entries in a directory under the agent sandbox. Same root restrictions as read_file. Returns a newline-separated list of entries.",
+    input_schema: {
+      type: "object",
+      properties: {
+        path: { type: "string", description: "Absolute path under an allowed read root" }
+      },
+      required: ["path"]
+    }
+  },
+  {
+    name: "write_file",
+    description: "Write a file to /root/agent-output/. This is the deliverable sink \u2014 anything you want to emit as task output (a Lean proof, a markdown report, a JSON dataset) goes here. Creates parent directories. Will refuse paths outside the write root.",
+    input_schema: {
+      type: "object",
+      properties: {
+        path: { type: "string", description: "Absolute path under /root/agent-output/" },
+        content: { type: "string", description: "File content to write (UTF-8)" }
+      },
+      required: ["path", "content"]
+    }
+  },
+  {
+    name: "bash",
+    description: "Run a shell command. Whitelisted prefixes only: lake build, lean, ls, cat, grep, find, wc, head, tail, git status/log/diff/show, pnpm --filter, vitest run, pwd, echo. Hard 60s wall timeout, 1MB stdout cap. Use for lake build / lean kernel-checks, git inspection, repo greps. Refuses rm, curl, ssh, sudo, eval.",
+    input_schema: {
+      type: "object",
+      properties: {
+        cmd: { type: "string", description: "Whitelisted shell command" },
+        cwd: { type: "string", description: "Optional working directory (defaults to /root)" }
+      },
+      required: ["cmd"]
+    }
+  }
+];
+function isUnderRoot(absPath, root) {
+  const resolved = resolve(absPath);
+  const rootResolved = resolve(root);
+  return resolved === rootResolved || resolved.startsWith(rootResolved + "/");
+}
+function checkReadAllowed(path) {
+  if (!path.startsWith("/")) return `path must be absolute, got "${path}"`;
+  for (const root of ALLOWED_READ_ROOTS) {
+    if (isUnderRoot(path, root)) return null;
+  }
+  return `read denied \u2014 path "${path}" not under allowed roots: ${ALLOWED_READ_ROOTS.join(", ")}`;
+}
+function checkWriteAllowed(path) {
+  if (!path.startsWith("/")) return `path must be absolute, got "${path}"`;
+  for (const root of ALLOWED_WRITE_ROOTS) {
+    if (isUnderRoot(path, root)) return null;
+  }
+  return `write denied \u2014 path "${path}" not under allowed roots: ${ALLOWED_WRITE_ROOTS.join(", ")}`;
+}
+function checkBashAllowed(cmd) {
+  const trimmed = cmd.trim();
+  if (trimmed.length === 0) return "empty command";
+  if (/[;&|`$<>]|>>|\|\||&&/.test(trimmed)) {
+    return `command contains shell metachars (; & | \` $ < > >> || &&) \u2014 not allowed for safety`;
+  }
+  for (const prefix of BASH_WHITELIST) {
+    if (trimmed.startsWith(prefix.trim())) return null;
+  }
+  return `command not on whitelist. Allowed prefixes: ${BASH_WHITELIST.join(" / ")}`;
+}
+async function runTool(use) {
+  try {
+    if (use.name === "read_file") {
+      const path = use.input.path;
+      const denied = checkReadAllowed(path);
+      if (denied) return errResult(use.id, denied);
+      const text = await readFile(path, "utf8");
+      const truncated = text.length > 2e5 ? text.slice(0, 2e5) + `
+\u2026[truncated, full file is ${text.length} bytes]` : text;
+      return okResult(use.id, truncated);
+    }
+    if (use.name === "list_dir") {
+      const path = use.input.path;
+      const denied = checkReadAllowed(path);
+      if (denied) return errResult(use.id, denied);
+      const entries = await readdir(path, { withFileTypes: true });
+      const lines = entries.map((e) => `${e.isDirectory() ? "d" : "-"} ${e.name}`);
+      return okResult(use.id, lines.join("\n"));
+    }
+    if (use.name === "write_file") {
+      const path = use.input.path;
+      const content = use.input.content;
+      const denied = checkWriteAllowed(path);
+      if (denied) return errResult(use.id, denied);
+      await mkdir(dirname(path), { recursive: true });
+      await writeFile(path, content, "utf8");
+      const s = await stat(path);
+      return okResult(use.id, `wrote ${s.size} bytes to ${path}`);
+    }
+    if (use.name === "bash") {
+      const cmd = use.input.cmd;
+      const cwd = use.input.cwd ?? "/root";
+      const denied = checkBashAllowed(cmd);
+      if (denied) return errResult(use.id, denied);
+      const result = await runBash(cmd, cwd);
+      return result.code === 0 ? okResult(use.id, result.stdout) : errResult(use.id, `exit=${result.code}
+${result.stderr || result.stdout}`);
+    }
+    return errResult(use.id, `unknown tool: ${use.name}`);
+  } catch (err) {
+    return errResult(use.id, err instanceof Error ? err.message : String(err));
+  }
+}
+function runBash(cmd, cwd) {
+  return new Promise((resolveProm) => {
+    const child = spawn("bash", ["-c", cmd], { cwd, env: process.env });
+    let stdout = "";
+    let stderr = "";
+    let killed = false;
+    const STDOUT_CAP = 1e6;
+    const TIMEOUT_MS = 6e4;
+    const killer = setTimeout(() => {
+      killed = true;
+      child.kill("SIGKILL");
+    }, TIMEOUT_MS);
+    child.stdout.on("data", (d) => {
+      if (stdout.length < STDOUT_CAP) stdout += d.toString("utf8");
+    });
+    child.stderr.on("data", (d) => {
+      if (stderr.length < STDOUT_CAP) stderr += d.toString("utf8");
+    });
+    child.on("error", (err) => {
+      clearTimeout(killer);
+      resolveProm({ code: 1, stdout, stderr: stderr + "\nspawn-error: " + err.message });
+    });
+    child.on("exit", (code) => {
+      clearTimeout(killer);
+      const finalStdout = stdout.length >= STDOUT_CAP ? stdout + `
+\u2026[stdout truncated at ${STDOUT_CAP} bytes]` : stdout;
+      const note = killed ? `
+[bash killed after ${TIMEOUT_MS}ms timeout]` : "";
+      resolveProm({ code: code ?? 1, stdout: finalStdout + note, stderr });
+    });
+  });
+}
+function okResult(id, content) {
+  return { type: "tool_result", tool_use_id: id, content };
+}
+function errResult(id, message) {
+  return { type: "tool_result", tool_use_id: id, content: message, is_error: true };
+}
+
+// src/runner.ts
+var RUNTIME_VERSION = "1.0.0";
+var AgentRunner = class {
+  constructor(opts) {
+    this.opts = opts;
+    this.stopped = false;
+    // CAEL audit hash chain — survives across ticks within a single runner
+    // process. On process restart it resets to null; the first post-restart
+    // record breaks the chain, which is honest (the runner has no memory of
+    // its prior chain state and shouldn't fake continuity). prev_hash=null
+    // is a valid value the audit-store accepts.
+    this.prevCaelChain = null;
+    // Self-recovery flag for the auto-rejoin path (task_1777112258989_eeyp).
+    // When the heartbeat returns 403 "Not a member of this team" — typical of
+    // a fresh Vast.ai worker whose provisioning didn't atomically /join, or of
+    // a worker whose membership was reaped — the runner calls mesh.joinTeam()
+    // ONCE per process and retries the heartbeat. After a successful rejoin
+    // we set this flag so subsequent 403s on the same process don't loop back
+    // into joinTeam (avoiding a retry storm if the team-cap is full or the
+    // join itself is permanently rejected). On process restart the flag
+    // resets, which is the correct semantics: a fresh process gets one fresh
+    // chance to self-rejoin. Discovered 2026-04-25 SSH-probing 5 fleet
+    // workers stuck in indefinite 403→tick-error→sleep→retry loops; without
+    // this, a fresh-deploy of an unjoined agent stays silent forever.
+    this.joinedThisProcess = false;
+  }
+  async tick() {
+    const { identity, brain, mesh, costGuard, provider, logger } = this.opts;
+    const log = logger ?? (() => void 0);
+    await this.heartbeatWithAutoRejoin();
+    if (costGuard.isOverBudget()) {
+      const state = costGuard.getState();
+      log({ ev: "over-budget", spentUsd: state.spentUsd, budget: identity.budgetUsdPerDay });
+      return {
+        action: "over-budget",
+        spentUsd: state.spentUsd,
+        remainingUsd: 0,
+        message: `daily budget $${identity.budgetUsdPerDay} exhausted`
+      };
+    }
+    const tasks = await mesh.getOpenTasks();
+    const target = pickClaimableTask(tasks, brain.capabilityTags);
+    if (!target) {
+      log({ ev: "no-claimable-task", open: tasks.length });
+      return {
+        action: "no-claimable-task",
+        spentUsd: costGuard.getState().spentUsd,
+        remainingUsd: costGuard.getRemainingUsd()
+      };
+    }
+    log({ ev: "claim", taskId: target.id, title: target.title });
+    await mesh.claim(target.id);
+    const start = Date.now();
+    const messages = [
+      { role: "system", content: brain.systemPrompt },
+      { role: "user", content: buildTaskPrompt(target) }
+    ];
+    let aggUsage = { promptTokens: 0, completionTokens: 0, totalTokens: 0 };
+    let finalText = "";
+    let iters = 0;
+    const MAX_TOOL_ITERS = 30;
+    let lastResponse;
+    const toolsCalled = /* @__PURE__ */ new Set();
+    while (true) {
+      iters++;
+      if (iters > MAX_TOOL_ITERS) {
+        log({ ev: "tool-loop-cap", taskId: target.id, iters });
+        finalText = finalText || `[tool-loop hit ${MAX_TOOL_ITERS}-iter cap before final text]`;
+        break;
+      }
+      const resp = await provider.complete(
+        {
+          messages,
+          maxTokens: 4096,
+          temperature: 0.4,
+          tools: MESH_TOOLS
+        },
+        identity.llmModel
+      );
+      lastResponse = resp;
+      aggUsage = {
+        promptTokens: aggUsage.promptTokens + resp.usage.promptTokens,
+        completionTokens: aggUsage.completionTokens + resp.usage.completionTokens,
+        totalTokens: aggUsage.totalTokens + resp.usage.totalTokens
+      };
+      if (resp.finishReason === "tool_use" && resp.toolUses && resp.toolUses.length > 0) {
+        log({ ev: "tool-call", taskId: target.id, iter: iters, tools: resp.toolUses.map((t) => t.name) });
+        for (const u of resp.toolUses) toolsCalled.add(u.name);
+        messages.push({
+          role: "assistant",
+          content: resp.assistantBlocks ?? []
+        });
+        const toolResults = await Promise.all(resp.toolUses.map((u) => runTool(u)));
+        messages.push({
+          role: "user",
+          content: toolResults
+        });
+        continue;
+      }
+      finalText = resp.content;
+      break;
+    }
+    const durationMs = Date.now() - start;
+    const SIDE_EFFECTING_TOOLS = /* @__PURE__ */ new Set(["write_file", "bash"]);
+    const sideEffectingCalled = [...toolsCalled].some((t) => SIDE_EFFECTING_TOOLS.has(t));
+    if (!sideEffectingCalled) {
+      log({
+        ev: "no-artifact",
+        taskId: target.id,
+        tool_iters: iters,
+        toolsCalled: [...toolsCalled],
+        message: "task execution called no side-effecting tool (write_file/bash) \u2014 refusing to mark executed. Likely a pure-text or read-only-inspection response. Task remains open for a grounded attempt."
+      });
+      return {
+        action: "no-artifact",
+        taskId: target.id,
+        spentUsd: costGuard.getState().spentUsd,
+        remainingUsd: costGuard.getRemainingUsd(),
+        message: `no side-effecting tool called (toolsCalled=[${[...toolsCalled].join(",")}], iters=${iters})`
+      };
+    }
+    const cost = costGuard.recordUsage(identity.llmModel, aggUsage);
+    log({
+      ev: "executed",
+      taskId: target.id,
+      costUsd: cost.costUsd.toFixed(4),
+      spentUsd: cost.spentUsd.toFixed(4),
+      tokens: aggUsage.totalTokens,
+      tool_iters: iters
+    });
+    const response = { ...lastResponse ?? { content: finalText, usage: aggUsage }, content: finalText, usage: aggUsage };
+    const execResult = {
+      taskId: target.id,
+      responseText: response.content,
+      usage: response.usage,
+      costUsd: cost.costUsd,
+      durationMs
+    };
+    if (this.opts.auditLog) {
+      try {
+        this.opts.auditLog.recordTaskExecuted({
+          identity,
+          task: target,
+          result: execResult
+        });
+      } catch (err) {
+        log({ ev: "audit-log-error", message: err instanceof Error ? err.message : String(err) });
+      }
+    }
+    try {
+      const caelRecord = buildCaelRecord({
+        identity,
+        brain,
+        task: target,
+        messages,
+        finalText,
+        usage: aggUsage,
+        costUsd: cost.costUsd,
+        spentUsd: cost.spentUsd,
+        prevChain: this.prevCaelChain,
+        runtimeVersion: RUNTIME_VERSION
+      });
+      const posted = await mesh.postAuditRecords(identity.handle, [caelRecord]);
+      this.prevCaelChain = caelRecord.fnv1a_chain;
+      log({ ev: "cael-posted", taskId: target.id, appended: posted.appended, rejected: posted.rejected });
+    } catch (err) {
+      log({ ev: "cael-post-error", message: err instanceof Error ? err.message : String(err) });
+    }
+    if (this.opts.onTaskExecuted) {
+      await this.opts.onTaskExecuted(execResult, target);
+    } else {
+      await mesh.sendMessageOnTask(
+        target.id,
+        `[${identity.handle}] response (${response.usage.totalTokens} tok, $${cost.costUsd.toFixed(4)}):
+
+${response.content}`
+      );
+    }
+    return {
+      action: "executed",
+      taskId: target.id,
+      spentUsd: cost.spentUsd,
+      remainingUsd: cost.remainingUsd
+    };
+  }
+  async runForever(opts = {}) {
+    const interval = opts.tickIntervalMs ?? 6e4;
+    while (!this.stopped) {
+      try {
+        await this.tick();
+      } catch (err) {
+        const log = this.opts.logger ?? (() => void 0);
+        log({ ev: "tick-error", message: err instanceof Error ? err.message : String(err) });
+      }
+      await sleep(interval + jitter(interval));
+    }
+  }
+  stop() {
+    this.stopped = true;
+  }
+  /**
+   * Heartbeat with one-shot self-rejoin on 403 "Not a member of this team".
+   *
+   * Pairs with task_1777112258989_eeyp: fresh-deploy fleet workers whose
+   * provisioning didn't atomically call /join (or whose membership was
+   * reaped) hit 403 every tick and never recover. We detect the specific
+   * server error string (see packages/mcp-server/src/holomesh/routes/
+   * team-routes.ts:903 → `{ error: 'Not a member' }` for /presence), call
+   * mesh.joinTeam() ONCE per runner process, and retry the heartbeat.
+   *
+   * Strict scope:
+   *  - Only retries on 403 + "Not a member" body. Any other 403 (insufficient
+   *    permissions, signing failure) re-throws unchanged.
+   *  - Only retries ONCE per process. If we already rejoined this process and
+   *    the heartbeat is *still* 403, the team is rejecting us for a reason
+   *    /join can't fix (e.g. capacity, ban) — surface the error.
+   *  - If joinTeam() itself throws, we DO mark joinedThisProcess=true before
+   *    re-throwing so we don't slam the join endpoint on every subsequent
+   *    tick. The next tick will surface the same heartbeat 403 and the
+   *    runner-level catch in runForever logs tick-error and sleeps. Operator
+   *    inspection (SSH/log) is the recovery path at that point.
+   */
+  async heartbeatWithAutoRejoin() {
+    const { identity, mesh, logger } = this.opts;
+    const log = logger ?? (() => void 0);
+    try {
+      await mesh.heartbeat({ agentName: identity.handle, surface: identity.surface });
+    } catch (err) {
+      if (!this.isNotAMemberError(err) || this.joinedThisProcess) {
+        throw err;
+      }
+      log({ ev: "auto-rejoin-attempt", reason: "heartbeat-403-not-a-member" });
+      this.joinedThisProcess = true;
+      try {
+        const joinResult = await mesh.joinTeam();
+        log({ ev: "auto-rejoin-success", role: joinResult.role, members: joinResult.members });
+      } catch (joinErr) {
+        log({
+          ev: "auto-rejoin-failed",
+          message: joinErr instanceof Error ? joinErr.message : String(joinErr)
+        });
+        throw joinErr;
+      }
+      await mesh.heartbeat({ agentName: identity.handle, surface: identity.surface });
+      log({ ev: "auto-rejoin-heartbeat-recovered" });
+    }
+  }
+  /**
+   * Detect the server's "Not a member" 403 error from HolomeshClient.req().
+   * The error message format is: `HoloMesh POST /team/<id>/presence 403: <body>`
+   * where body contains `{"error":"Not a member"}` (or "Not a member of this team").
+   * Match conservatively: BOTH a "403" status marker AND the "Not a member"
+   * substring must appear, so unrelated 403s (insufficient permissions,
+   * signing failures) do NOT trigger a rejoin.
+   */
+  isNotAMemberError(err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    return / 403:/.test(msg) && /Not a member/i.test(msg);
+  }
+};
+function buildTaskPrompt(task) {
+  return [
+    `Board task to execute: ${task.id}`,
+    `Title: ${task.title}`,
+    `Priority: ${task.priority}`,
+    `Tags: ${(task.tags ?? []).join(", ")}`,
+    "",
+    "Description:",
+    task.description ?? "(no description)",
+    "",
+    "Produce the deliverable described in the task. Apply your brain composition rules \u2014 anti-patterns, decision loop, and scope tier all bind. Return the response as plain text suitable for posting to /room as a message on this task."
+  ].join("\n");
+}
+function sleep(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
+function jitter(base) {
+  return Math.floor((Math.random() - 0.5) * base * 0.2);
+}
+
+// src/cost-guard.ts
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "fs";
+import { dirname as dirname2 } from "path";
+var ANTHROPIC_PRICING_USD_PER_MTOK = {
+  "claude-opus-4-7": { input: 15, output: 75 },
+  "claude-opus-4-6": { input: 15, output: 75 },
+  "claude-sonnet-4-6": { input: 3, output: 15 },
+  "claude-haiku-4-5-20251001": { input: 1, output: 5 },
+  "claude-haiku-4-5": { input: 1, output: 5 }
+};
+function defaultAnthropicPricer(model, usage) {
+  const price = ANTHROPIC_PRICING_USD_PER_MTOK[model];
+  if (!price) {
+    throw new Error(
+      `No pricing configured for model "${model}" \u2014 add to ANTHROPIC_PRICING_USD_PER_MTOK or pass a custom pricer`
+    );
+  }
+  return (usage.promptTokens * price.input + usage.completionTokens * price.output) / 1e6;
+}
+var CostGuard = class {
+  constructor(opts) {
+    this.statePath = opts.statePath;
+    this.dailyBudgetUsd = opts.dailyBudgetUsd;
+    this.pricer = opts.pricer ?? defaultAnthropicPricer;
+    this.state = this.loadOrInit();
+  }
+  recordUsage(model, usage) {
+    this.rolloverIfNewDay();
+    const costUsd = this.pricer(model, usage);
+    this.state.spentUsd += costUsd;
+    this.state.promptTokens += usage.promptTokens;
+    this.state.completionTokens += usage.completionTokens;
+    this.state.callCount += 1;
+    this.persist();
+    return {
+      costUsd,
+      spentUsd: this.state.spentUsd,
+      remainingUsd: Math.max(0, this.dailyBudgetUsd - this.state.spentUsd)
+    };
+  }
+  isOverBudget() {
+    if (this.dailyBudgetUsd === 0) return false;
+    this.rolloverIfNewDay();
+    return this.state.spentUsd >= this.dailyBudgetUsd;
+  }
+  getRemainingUsd() {
+    if (this.dailyBudgetUsd === 0) return Number.POSITIVE_INFINITY;
+    this.rolloverIfNewDay();
+    return Math.max(0, this.dailyBudgetUsd - this.state.spentUsd);
+  }
+  getState() {
+    this.rolloverIfNewDay();
+    return { ...this.state };
+  }
+  rolloverIfNewDay() {
+    const today = todayUtc();
+    if (this.state.date !== today) {
+      this.state = { date: today, spentUsd: 0, promptTokens: 0, completionTokens: 0, callCount: 0 };
+      this.persist();
+    }
+  }
+  loadOrInit() {
+    if (existsSync(this.statePath)) {
+      const raw = readFileSync(this.statePath, "utf8");
+      const parsed = JSON.parse(raw);
+      if (parsed.date === todayUtc()) return parsed;
+    }
+    return { date: todayUtc(), spentUsd: 0, promptTokens: 0, completionTokens: 0, callCount: 0 };
+  }
+  persist() {
+    mkdirSync(dirname2(this.statePath), { recursive: true });
+    writeFileSync(this.statePath, JSON.stringify(this.state, null, 2), "utf8");
+  }
+};
+function todayUtc() {
+  return (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+}
+
+// src/brain.ts
+import { readFile as readFile2 } from "fs/promises";
+async function loadBrain(brainPath, scopeTier = "warm") {
+  const systemPrompt = await readFile2(brainPath, "utf8");
+  const { domain, capabilityTags } = extractIdentity(systemPrompt);
+  return { brainPath, systemPrompt, capabilityTags, domain, scopeTier };
+}
+function extractIdentity(brain) {
+  const identityBlock = sliceNamedBlock(brain, "identity");
+  if (!identityBlock) return { domain: "unknown", capabilityTags: [] };
+  const domain = scalarField(identityBlock, "domain") ?? "unknown";
+  const capabilityTags = listField(identityBlock, "capability_tags") ?? [];
+  return { domain, capabilityTags };
+}
+function sliceNamedBlock(src, name) {
+  const re = new RegExp(`\\b${name}\\s*:?\\s*\\{`, "g");
+  const match = re.exec(src);
+  if (!match) return void 0;
+  const headerEnd = match.index + match[0].length;
+  let depth = 1;
+  for (let i = headerEnd; i < src.length; i++) {
+    const ch = src[i];
+    if (ch === "{") depth++;
+    else if (ch === "}") {
+      depth--;
+      if (depth === 0) return src.slice(headerEnd, i);
+    }
+  }
+  return void 0;
+}
+function scalarField(block, key) {
+  const idx = block.indexOf(`${key}:`);
+  if (idx < 0) return void 0;
+  const after = block.slice(idx + key.length + 1).trimStart();
+  if (after.startsWith('"')) {
+    const end = after.indexOf('"', 1);
+    if (end > 0) return after.slice(1, end);
+  }
+  const eol = after.indexOf("\n");
+  return after.slice(0, eol < 0 ? void 0 : eol).trim();
+}
+function listField(block, key) {
+  const idx = block.indexOf(`${key}:`);
+  if (idx < 0) return void 0;
+  const after = block.slice(idx + key.length + 1).trimStart();
+  if (!after.startsWith("[")) return void 0;
+  let depth = 0;
+  let end = -1;
+  for (let i = 0; i < after.length; i++) {
+    if (after[i] === "[") depth++;
+    else if (after[i] === "]") {
+      depth--;
+      if (depth === 0) {
+        end = i;
+        break;
+      }
+    }
+  }
+  if (end < 0) return void 0;
+  const inner = after.slice(1, end);
+  return inner.split(",").map((s) => s.trim().replace(/^["']|["']$/g, "")).filter((s) => s.length > 0);
+}
+
+// src/commit-hook.ts
+import { mkdirSync as mkdirSync2, writeFileSync as writeFileSync2 } from "fs";
+import { dirname as dirname3, join, resolve as resolve2 } from "path";
+import { spawnSync } from "child_process";
+var SAFE_HANDLE = /^[a-z0-9_-]{1,64}$/i;
+function makeCommitHook(opts) {
+  if (!opts.outputDir || opts.outputDir.trim().length === 0) {
+    throw new Error("CommitHookOptions.outputDir is required");
+  }
+  const spawn2 = opts.spawn ?? spawnSync;
+  const cwd = opts.workingDir ?? process.cwd();
+  const outputDir = resolve2(cwd, opts.outputDir);
+  const now = opts.now ?? (() => /* @__PURE__ */ new Date());
+  const scope = opts.scope ?? "agent";
+  return async (result, task, identity) => {
+    if (!SAFE_HANDLE.test(identity.handle)) {
+      throw new Error(`Refusing to commit: handle "${identity.handle}" must match ${SAFE_HANDLE}`);
+    }
+    const date = now().toISOString().slice(0, 10);
+    const safeTaskId = task.id.replace(/[^a-zA-Z0-9_-]/g, "_").slice(0, 80);
+    const fileName = `${date}_${safeTaskId}_${identity.handle}.md`;
+    const filePath = join(outputDir, fileName);
+    mkdirSync2(dirname3(filePath), { recursive: true });
+    writeFileSync2(filePath, renderMemo(result, task, identity, date), "utf8");
+    const relPath = relativeTo(cwd, filePath);
+    const addRes = spawn2("git", ["add", relPath], { cwd, encoding: "utf8" });
+    if (addRes.status !== 0) {
+      throw new Error(`git add failed: ${addRes.stderr || addRes.stdout || `exit ${addRes.status}`}`);
+    }
+    const message = renderCommitMessage({ scope, task, identity, result });
+    const commitArgs = ["commit", "-m", message];
+    if (opts.authorName && opts.authorEmail) {
+      commitArgs.push("--author", `${opts.authorName} <${opts.authorEmail}>`);
+    }
+    const commitRes = spawn2("git", commitArgs, { cwd, encoding: "utf8" });
+    if (commitRes.status !== 0) {
+      throw new Error(`git commit failed: ${commitRes.stderr || commitRes.stdout || `exit ${commitRes.status}`}`);
+    }
+    const hashRes = spawn2("git", ["rev-parse", "HEAD"], { cwd, encoding: "utf8" });
+    const commitHash = hashRes.status === 0 ? hashRes.stdout.trim() : void 0;
+    return { filePath, commitHash, staged: [relPath], message };
+  };
+}
+function renderMemo(result, task, identity, date) {
+  return [
+    "---",
+    `title: "${task.title.replace(/"/g, "'")}"`,
+    `task_id: ${task.id}`,
+    `agent: ${identity.handle}`,
+    `surface: ${identity.surface}`,
+    `provider: ${identity.llmProvider}`,
+    `model: ${identity.llmModel}`,
+    `wallet: ${identity.wallet}`,
+    `date: ${date}`,
+    `tokens: ${result.usage.totalTokens}`,
+    `cost_usd: ${result.costUsd.toFixed(4)}`,
+    `duration_ms: ${result.durationMs}`,
+    `tags: [${(task.tags ?? []).map((t) => JSON.stringify(t)).join(", ")}]`,
+    "---",
+    "",
+    `# ${task.title}`,
+    "",
+    "## Task description",
+    "",
+    task.description ?? "(no description)",
+    "",
+    "## Agent response",
+    "",
+    result.responseText.trim(),
+    ""
+  ].join("\n");
+}
+var SUBJECT_MAX = 72;
+function renderCommitMessage(opts) {
+  const suffix = ` [agent:${opts.identity.handle}]`;
+  const prefix = `${opts.scope}: `;
+  const titleBudget = Math.max(8, SUBJECT_MAX - prefix.length - suffix.length);
+  const subject = `${prefix}${truncate(opts.task.title, titleBudget)}${suffix}`;
+  const body = [
+    "",
+    `task: ${opts.task.id}`,
+    `agent: ${opts.identity.handle} (${opts.identity.llmProvider}/${opts.identity.llmModel})`,
+    `wallet: ${opts.identity.wallet}`,
+    `cost: $${opts.result.costUsd.toFixed(4)} / ${opts.result.usage.totalTokens} tok / ${opts.result.durationMs}ms`
+  ].join("\n");
+  return `${subject}
+${body}
+`;
+}
+function truncate(s, max) {
+  return s.length <= max ? s : `${s.slice(0, max - 1)}\u2026`;
+}
+function relativeTo(base, target) {
+  const b = base.replace(/\\/g, "/");
+  const t = target.replace(/\\/g, "/");
+  if (t.startsWith(b + "/")) return t.slice(b.length + 1);
+  if (t === b) return ".";
+  return t;
+}
+
+// src/audit-log.ts
+import { mkdirSync as mkdirSync3, appendFileSync, readFileSync as readFileSync2, existsSync as existsSync2, statSync, renameSync } from "fs";
+import { dirname as dirname4 } from "path";
+var AuditLog = class {
+  constructor(opts) {
+    this.logPath = opts.logPath;
+    this.maxBytes = opts.maxBytes ?? 50 * 1024 * 1024;
+    mkdirSync3(dirname4(this.logPath), { recursive: true });
+  }
+  record(event) {
+    this.rotateIfFull();
+    appendFileSync(this.logPath, `${JSON.stringify(event)}
+`, "utf8");
+  }
+  recordTaskExecuted(opts) {
+    this.record({
+      ts: (/* @__PURE__ */ new Date()).toISOString(),
+      kind: "task-executed",
+      agent: agentFromIdentity(opts.identity),
+      task: { id: opts.task.id, title: opts.task.title, tags: opts.task.tags ?? [] },
+      execution: {
+        promptTokens: opts.result.usage.promptTokens,
+        completionTokens: opts.result.usage.completionTokens,
+        totalTokens: opts.result.usage.totalTokens,
+        costUsd: opts.result.costUsd,
+        durationMs: opts.result.durationMs
+      },
+      result: {
+        commitHash: opts.commitHash,
+        filePath: opts.filePath
+      }
+    });
+  }
+  recordAblationCell(opts) {
+    this.record({
+      ts: (/* @__PURE__ */ new Date()).toISOString(),
+      kind: "ablation-cell",
+      agent: agentFromIdentity(opts.identity),
+      task: { id: opts.taskId, title: opts.taskTitle, tags: ["ablation"] },
+      execution: {
+        promptTokens: opts.promptTokens,
+        completionTokens: opts.completionTokens,
+        totalTokens: opts.promptTokens + opts.completionTokens,
+        costUsd: opts.costUsd,
+        durationMs: opts.durationMs,
+        finishReason: opts.finishReason,
+        promptHash: opts.promptHash
+      },
+      result: { errorMessage: opts.errorMessage },
+      ablation: { label: opts.label, matrixId: opts.matrixId }
+    });
+  }
+  query(filter = {}) {
+    if (!existsSync2(this.logPath)) return [];
+    const raw = readFileSync2(this.logPath, "utf8");
+    const lines = raw.split("\n").filter((l) => l.length > 0);
+    const events = [];
+    for (const line of lines) {
+      try {
+        events.push(JSON.parse(line));
+      } catch {
+      }
+    }
+    return applyFilter(events, filter);
+  }
+  rollup(filter = {}) {
+    const events = this.query(filter);
+    const byAgent = {};
+    const byProvider = {};
+    let totalCostUsd = 0;
+    let totalTokens = 0;
+    for (const e of events) {
+      const agent = e.agent.handle;
+      const provider = e.agent.provider;
+      const cost = e.execution?.costUsd ?? 0;
+      const tokens = e.execution?.totalTokens ?? 0;
+      byAgent[agent] = byAgent[agent] ?? { events: 0, costUsd: 0, tokens: 0 };
+      byAgent[agent].events += 1;
+      byAgent[agent].costUsd += cost;
+      byAgent[agent].tokens += tokens;
+      byProvider[provider] = byProvider[provider] ?? { events: 0, costUsd: 0, tokens: 0 };
+      byProvider[provider].events += 1;
+      byProvider[provider].costUsd += cost;
+      byProvider[provider].tokens += tokens;
+      totalCostUsd += cost;
+      totalTokens += tokens;
+    }
+    return { totalEvents: events.length, byAgent, byProvider, totalCostUsd, totalTokens };
+  }
+  rotateIfFull() {
+    if (!existsSync2(this.logPath)) return;
+    const size = statSync(this.logPath).size;
+    if (size < this.maxBytes) return;
+    const archived = `${this.logPath}.${(/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-")}.jsonl`;
+    renameSync(this.logPath, archived);
+  }
+};
+function agentFromIdentity(identity) {
+  return {
+    handle: identity.handle,
+    surface: identity.surface,
+    wallet: identity.wallet,
+    walletShort: `${identity.wallet.slice(0, 6)}\u2026${identity.wallet.slice(-4)}`,
+    provider: identity.llmProvider,
+    model: identity.llmModel,
+    brainPath: identity.brainPath
+  };
+}
+function applyFilter(events, filter) {
+  let result = events;
+  if (filter.agent) result = result.filter((e) => e.agent.handle === filter.agent);
+  if (filter.provider) result = result.filter((e) => e.agent.provider === filter.provider);
+  if (filter.task) result = result.filter((e) => e.task?.id === filter.task);
+  if (filter.kind) result = result.filter((e) => e.kind === filter.kind);
+  if (filter.since) result = result.filter((e) => e.ts >= filter.since);
+  if (filter.until) result = result.filter((e) => e.ts <= filter.until);
+  if (filter.limit != null) result = result.slice(-filter.limit);
+  return result;
+}
+
+// src/supervisor.ts
+var Supervisor = class {
+  constructor(opts) {
+    this.agents = /* @__PURE__ */ new Map();
+    this.stopped = false;
+    this.opts = opts;
+    this.globalBudgetUsdPerDay = opts.config.globalBudgetUsdPerDay;
+    this.auditLog = opts.auditLogPath ? new AuditLog({ logPath: opts.auditLogPath }) : void 0;
+  }
+  async start() {
+    const enabledAgents = this.opts.config.agents.filter((a) => a.enabled !== false);
+    for (const spec of enabledAgents) {
+      const managed = await this.bootAgent(spec);
+      this.agents.set(spec.handle, managed);
+    }
+    this.log({ ev: "supervisor-started", count: enabledAgents.length });
+    for (const managed of this.agents.values()) {
+      this.spawnLoop(managed);
+    }
+  }
+  async stop() {
+    this.stopped = true;
+    for (const managed of this.agents.values()) {
+      managed.runner.stop();
+      managed.status.state = "stopped";
+    }
+    this.log({ ev: "supervisor-stopped", count: this.agents.size });
+  }
+  status() {
+    const agents = [...this.agents.values()].map((m) => ({ ...m.status }));
+    const globalSpentUsd = agents.reduce((s, a) => s + a.spentUsd, 0);
+    const globalBudgetExhausted = this.globalBudgetUsdPerDay != null ? globalSpentUsd >= this.globalBudgetUsdPerDay : false;
+    const globalRemainingUsd = this.globalBudgetUsdPerDay != null ? Math.max(0, this.globalBudgetUsdPerDay - globalSpentUsd) : Infinity;
+    return { globalSpentUsd, globalRemainingUsd, globalBudgetExhausted, agents };
+  }
+  async tickOnce(handle) {
+    const managed = this.agents.get(handle);
+    if (!managed) throw new Error(`No agent: ${handle}`);
+    await this.runOneTick(managed);
+    return { ...managed.status };
+  }
+  async bootAgent(spec) {
+    const identity = this.identityFromSpec(spec);
+    const brain = await loadBrain(spec.brainPath, spec.scopeTier ?? "warm");
+    const provider = await this.opts.providerFactory(spec, identity);
+    const stateDir = this.opts.stateDir ?? join2(homedir(), ".holoscript-agent", "cost-state");
+    const isFree = spec.provider === "mock" || spec.provider === "local-llm" || spec.provider === "bitnet";
+    const costGuard = new CostGuard({
+      statePath: join2(stateDir, `${spec.handle}.json`),
+      dailyBudgetUsd: identity.budgetUsdPerDay,
+      pricer: isFree ? () => 0 : void 0
+    });
+    const mesh = new HolomeshClient({
+      apiBase: identity.meshApiBase,
+      bearer: identity.x402Bearer,
+      teamId: identity.teamId,
+      fetchImpl: this.opts.fetchImpl
+    });
+    const onTaskExecuted = spec.enableCommitHook ? this.buildCommitHook(spec, identity, mesh) : void 0;
+    const runner = new AgentRunner({
+      identity,
+      brain,
+      provider,
+      costGuard,
+      mesh,
+      onTaskExecuted,
+      auditLog: this.auditLog,
+      logger: (ev) => this.log({ agent: spec.handle, ...ev })
+    });
+    const status = {
+      handle: spec.handle,
+      state: "starting",
+      spentUsd: 0,
+      remainingUsd: identity.budgetUsdPerDay,
+      restarts: 0
+    };
+    return { spec, identity, brain, runner, costGuard, status };
+  }
+  buildCommitHook(spec, identity, mesh) {
+    const writer = makeCommitHook({
+      outputDir: spec.outputDir ?? "agent-out",
+      workingDir: spec.workingDir,
+      scope: `agent(${spec.handle})`
+    });
+    return async (result, task) => {
+      const out = await writer(result, task, identity);
+      if (out.commitHash) {
+        await mesh.markDone(task.id, `auto: ${task.title}`, out.commitHash);
+      }
+    };
+  }
+  identityFromSpec(spec) {
+    const bearer = process.env[spec.bearerEnvKey];
+    if (!bearer || bearer.trim().length === 0) {
+      throw new Error(`Missing bearer env var "${spec.bearerEnvKey}" for agent "${spec.handle}"`);
+    }
+    const wallet = process.env[spec.walletEnvKey];
+    if (!wallet || !/^0x[0-9a-fA-F]{40}$/.test(wallet)) {
+      throw new Error(`Missing or malformed wallet env var "${spec.walletEnvKey}" for agent "${spec.handle}"`);
+    }
+    return {
+      handle: spec.handle,
+      surface: spec.handle,
+      wallet,
+      x402Bearer: bearer,
+      llmProvider: spec.provider,
+      llmModel: spec.model,
+      brainPath: spec.brainPath,
+      budgetUsdPerDay: spec.budgetUsdPerDay ?? 5,
+      teamId: this.opts.teamId,
+      meshApiBase: this.opts.meshApiBase ?? "https://mcp.holoscript.net/api/holomesh"
+    };
+  }
+  async spawnLoop(managed) {
+    const interval = managed.spec.tickIntervalMs ?? this.opts.config.defaultTickIntervalMs ?? 6e4;
+    while (!this.stopped) {
+      try {
+        await this.runOneTick(managed);
+      } catch (err) {
+        managed.status.state = "crashed";
+        managed.status.lastError = err instanceof Error ? err.message : String(err);
+        managed.status.restarts += 1;
+        const backoffMs = Math.min(6e4, 2 ** Math.min(managed.status.restarts, 6) * 1e3);
+        this.log({
+          ev: "agent-crashed-restarting",
+          agent: managed.spec.handle,
+          backoffMs,
+          restarts: managed.status.restarts,
+          message: managed.status.lastError
+        });
+        await sleep2(backoffMs);
+        continue;
+      }
+      await sleep2(interval + jitter2(interval));
+    }
+  }
+  async runOneTick(managed) {
+    if (this.globalBudgetUsdPerDay != null) {
+      const totalSpent = [...this.agents.values()].reduce((s, a) => s + a.status.spentUsd, 0);
+      if (totalSpent >= this.globalBudgetUsdPerDay) {
+        managed.status.state = "over-budget";
+        this.log({ ev: "global-budget-exhausted", agent: managed.spec.handle, totalSpent });
+        return;
+      }
+    }
+    const result = await managed.runner.tick();
+    const cs = managed.costGuard.getState();
+    managed.status.spentUsd = cs.spentUsd;
+    managed.status.remainingUsd = managed.costGuard.getRemainingUsd();
+    managed.status.lastTickAt = (this.opts.now ?? (() => /* @__PURE__ */ new Date()))().toISOString();
+    managed.status.state = result.action === "over-budget" ? "over-budget" : "running";
+    if (result.action === "errored") {
+      managed.status.lastError = result.message;
+    }
+  }
+  log(event) {
+    if (this.opts.logger) {
+      this.opts.logger({ ts: (/* @__PURE__ */ new Date()).toISOString(), ...event });
+    }
+  }
+};
+function sleep2(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
+function jitter2(base) {
+  return Math.floor((Math.random() - 0.5) * base * 0.2);
+}
+export {
+  Supervisor
+};
+//# sourceMappingURL=supervisor.js.map