@holoscript/holoscript-agent 2.0.1 → 2.0.3

package/dist/provision.js

@@ -14,9 +14,14 @@ async function provisionAgent(req, opts = { execute: false }) {
     throw new Error(`handle "${req.handle}" must match ${HANDLE_PATTERN}`);
   }
   if (!req.founderBearer || req.founderBearer.trim().length === 0) {
-    throw new Error("founderBearer is required (HOLOMESH_API_KEY of an agent that can call /register)");
+    throw new Error(
+      "founderBearer is required (HOLOMESH_API_KEY of an agent that can call /register)"
+    );
   }
-  const meshApiBase = (req.meshApiBase ?? "https://mcp.holoscript.net/api/holomesh").replace(/\/$/, "");
+  const meshApiBase = (req.meshApiBase ?? "https://mcp.holoscript.net/api/holomesh").replace(
+    /\/$/,
+    ""
+  );
   const seatsRoot = req.seatsRoot ?? defaultSeatsRoot();
   const surface = req.handle;
   const seatId = makeSeatId(surface);
@@ -31,10 +36,7 @@ async function provisionAgent(req, opts = { execute: false }) {
       seatId,
       seatDir,
       willGenerateWallet: !existsSync(walletPath),
-      willCallEndpoints: [
-        `POST ${meshApiBase}/register/challenge`,
-        `POST ${meshApiBase}/register`
-      ]
+      willCallEndpoints: [`POST ${meshApiBase}/register/challenge`, `POST ${meshApiBase}/register`]
     };
   }
   if (existsSync(walletPath) && !opts.force) {
@@ -77,30 +79,40 @@ async function provisionAgent(req, opts = { execute: false }) {
   if (!challenge.nonce) {
     throw new Error(`/register/challenge returned no nonce: ${JSON.stringify(challenge)}`);
   }
-  const signature = await wallet.signTypedData(EIP712_DOMAIN, EIP712_TYPES, { nonce: challenge.nonce });
-  const registration = await postJson(
-    fetchImpl,
-    `${meshApiBase}/register`,
-    req.founderBearer,
-    {
-      name: req.handle,
-      wallet_address: wallet.address,
-      nonce: challenge.nonce,
-      signature
-    }
-  );
+  const signature = await wallet.signTypedData(EIP712_DOMAIN, EIP712_TYPES, {
+    nonce: challenge.nonce
+  });
+  const registration = await postJson(fetchImpl, `${meshApiBase}/register`, req.founderBearer, {
+    name: req.handle,
+    wallet_address: wallet.address,
+    nonce: challenge.nonce,
+    signature
+  });
   writeFileSync(
     regPath,
-    JSON.stringify({ status: 201, response: registration, registered_at: (/* @__PURE__ */ new Date()).toISOString(), flow: "x402" }, null, 2),
+    JSON.stringify(
+      {
+        status: 201,
+        response: registration,
+        registered_at: (/* @__PURE__ */ new Date()).toISOString(),
+        flow: "x402"
+      },
+      null,
+      2
+    ),
     "utf8"
   );
   const agentId = registration.agent?.id;
   const bearer = registration.agent?.api_key;
   if (!agentId || !bearer) {
-    throw new Error(`/register did not return agent.id + agent.api_key: ${JSON.stringify(registration).slice(0, 400)}`);
+    throw new Error(
+      `/register did not return agent.id + agent.api_key: ${JSON.stringify(registration).slice(0, 400)}`
+    );
   }
   if (registration.wallet?.private_key) {
-    console.warn("[provision] WARN \u2014 server returned private_key despite x402 flow; ignoring (using local key).");
+    console.warn(
+      "[provision] WARN \u2014 server returned private_key despite x402 flow; ignoring (using local key)."
+    );
   }
   let joinedTeam;
   if (req.autoJoinTeamId) {
@@ -160,7 +172,12 @@ function encryptPrivateKey(privKey, masterKey) {
   const iv = randomBytes(12);
   const cipher = createCipheriv("aes-256-gcm", masterKey, iv);
   const ct = Buffer.concat([cipher.update(privKey, "utf8"), cipher.final()]);
-  return { iv: iv.toString("base64"), ct: ct.toString("base64"), tag: cipher.getAuthTag().toString("base64"), alg: "aes-256-gcm" };
+  return {
+    iv: iv.toString("base64"),
+    ct: ct.toString("base64"),
+    tag: cipher.getAuthTag().toString("base64"),
+    alg: "aes-256-gcm"
+  };
 }
 async function postJson(fetchImpl, url, bearer, body) {
   const res = await fetchImpl(url, {

package/dist/provision.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/provision.ts"],"sourcesContent":["import { mkdirSync, readFileSync, writeFileSync, existsSync, chmodSync } from 'node:fs';\nimport { join } from 'node:path';\nimport { homedir, hostname } from 'node:os';\nimport { randomBytes, createCipheriv, createHash } from 'node:crypto';\nimport { Wallet } from 'ethers';\n\nconst HANDLE_PATTERN = /^[a-z0-9_-]{1,64}$/i;\n\nexport interface ProvisionRequest {\n  handle: string;\n  meshApiBase?: string;\n  founderBearer: string;\n  seatsRoot?: string;\n  fetchImpl?: typeof fetch;\n  autoJoinTeamId?: string;\n}\n\nexport interface ProvisionDryRun {\n  status: 'dry-run';\n  handle: string;\n  surface: string;\n  seatId: string;\n  seatDir: string;\n  willGenerateWallet: boolean;\n  willCallEndpoints: string[];\n}\n\nexport interface ProvisionExecuted {\n  status: 'executed' | 'reused';\n  handle: string;\n  surface: string;\n  seatId: string;\n  seatDir: string;\n  walletAddress: string;\n  bearer?: string;\n  agentId?: string;\n  envVarLines: string[];\n  joinedTeam?: { teamId: string; role: string; members: number } | { teamId: string; error: string };\n}\n\nexport type ProvisionResult = ProvisionDryRun | ProvisionExecuted;\n\nconst EIP712_DOMAIN = { name: 'HoloMesh', version: '1' };\nconst EIP712_TYPES: Record<string, Array<{ name: string; type: string }>> = {\n  Registration: [{ name: 'nonce', type: 'string' }],\n};\n\nexport async function provisionAgent(\n  req: ProvisionRequest,\n  opts: { execute: boolean; force?: boolean } = { execute: false }\n): Promise<ProvisionResult> {\n  if (!HANDLE_PATTERN.test(req.handle)) {\n    throw new Error(`handle \"${req.handle}\" must match ${HANDLE_PATTERN}`);\n  }\n  if (!req.founderBearer || req.founderBearer.trim().length === 0) {\n    throw new Error('founderBearer is required (HOLOMESH_API_KEY of an agent that can call /register)');\n  }\n\n  const meshApiBase = (req.meshApiBase ?? 'https://mcp.holoscript.net/api/holomesh').replace(/\\/$/, '');\n  const seatsRoot = req.seatsRoot ?? defaultSeatsRoot();\n  const surface = req.handle;\n  const seatId = makeSeatId(surface);\n  const seatDir = join(seatsRoot, seatId);\n  const walletPath = join(seatDir, 'wallet.enc');\n  const regPath = join(seatDir, 'registration.json');\n\n  if (!opts.execute) {\n    return {\n      status: 'dry-run',\n      handle: req.handle,\n      surface,\n      seatId,\n      seatDir,\n      willGenerateWallet: !existsSync(walletPath),\n      willCallEndpoints: [\n        `POST ${meshApiBase}/register/challenge`,\n        `POST ${meshApiBase}/register`,\n      ],\n    };\n  }\n\n  if (existsSync(walletPath) && !opts.force) {\n    const blob = JSON.parse(readFileSync(walletPath, 'utf8')) as { address: string };\n    const reused: ProvisionExecuted = {\n      status: 'reused',\n      handle: req.handle,\n      surface,\n      seatId,\n      seatDir,\n      walletAddress: blob.address,\n      envVarLines: envVarLinesFor(req.handle, blob.address, undefined),\n    };\n    return reused;\n  }\n\n  const wallet = Wallet.createRandom();\n  mkdirSync(seatDir, { recursive: true });\n\n  const masterKey = ensureMasterKey(seatsRoot);\n  const encryptedBlob = {\n    seat_id: seatId,\n    surface,\n    handle: req.handle,\n    address: wallet.address,\n    encrypted_privkey: encryptPrivateKey(wallet.privateKey, masterKey),\n    created_at: new Date().toISOString(),\n    source: 'holoscript-agent.provision',\n  };\n  writeFileSync(walletPath, JSON.stringify(encryptedBlob, null, 2), 'utf8');\n  try { chmodSync(walletPath, 0o600); } catch {}\n\n  const fetchImpl = req.fetchImpl ?? fetch;\n\n  const challenge = await postJson<{ nonce: string }>(\n    fetchImpl,\n    `${meshApiBase}/register/challenge`,\n    req.founderBearer,\n    { wallet_address: wallet.address }\n  );\n  if (!challenge.nonce) {\n    throw new Error(`/register/challenge returned no nonce: ${JSON.stringify(challenge)}`);\n  }\n\n  const signature = await wallet.signTypedData(EIP712_DOMAIN, EIP712_TYPES, { nonce: challenge.nonce });\n\n  const registration = await postJson<{\n    agent?: { id: string; api_key: string };\n    wallet?: { private_key?: string };\n  }>(\n    fetchImpl,\n    `${meshApiBase}/register`,\n    req.founderBearer,\n    {\n      name: req.handle,\n      wallet_address: wallet.address,\n      nonce: challenge.nonce,\n      signature,\n    }\n  );\n  writeFileSync(\n    regPath,\n    JSON.stringify({ status: 201, response: registration, registered_at: new Date().toISOString(), flow: 'x402' }, null, 2),\n    'utf8'\n  );\n\n  const agentId = registration.agent?.id;\n  const bearer = registration.agent?.api_key;\n  if (!agentId || !bearer) {\n    throw new Error(`/register did not return agent.id + agent.api_key: ${JSON.stringify(registration).slice(0, 400)}`);\n  }\n  if (registration.wallet?.private_key) {\n    console.warn('[provision] WARN — server returned private_key despite x402 flow; ignoring (using local key).');\n  }\n\n  let joinedTeam: ProvisionExecuted['joinedTeam'];\n  if (req.autoJoinTeamId) {\n    try {\n      const joinRes = await postJson<{ success?: boolean; role?: string; members?: number }>(\n        fetchImpl,\n        `${meshApiBase}/team/${req.autoJoinTeamId}/join`,\n        bearer,\n        {}\n      );\n      joinedTeam = {\n        teamId: req.autoJoinTeamId,\n        role: joinRes.role ?? 'member',\n        members: joinRes.members ?? 0,\n      };\n    } catch (err) {\n      joinedTeam = {\n        teamId: req.autoJoinTeamId,\n        error: err instanceof Error ? err.message : String(err),\n      };\n    }\n  }\n\n  return {\n    status: 'executed',\n    handle: req.handle,\n    surface,\n    seatId,\n    seatDir,\n    walletAddress: wallet.address,\n    bearer,\n    agentId,\n    envVarLines: envVarLinesFor(req.handle, wallet.address, bearer),\n    joinedTeam,\n  };\n}\n\nfunction defaultSeatsRoot(): string {\n  return process.env.HOLOSCRIPT_AGENT_SEATS_ROOT\n    ?? join(homedir(), '.holoscript-agent', 'seats');\n}\n\nfunction makeSeatId(surface: string): string {\n  const fp = createHash('sha256').update(hostname() + homedir()).digest('hex').slice(0, 8);\n  return `holoscript-${surface}-${fp}-x402`;\n}\n\nfunction ensureMasterKey(seatsRoot: string): Buffer {\n  const keyPath = join(seatsRoot, '.master-key');\n  if (!existsSync(seatsRoot)) mkdirSync(seatsRoot, { recursive: true });\n  if (!existsSync(keyPath)) {\n    const k = randomBytes(32);\n    writeFileSync(keyPath, k);\n    try { chmodSync(keyPath, 0o600); } catch {}\n  }\n  return readFileSync(keyPath);\n}\n\nfunction encryptPrivateKey(\n  privKey: string,\n  masterKey: Buffer\n): { iv: string; ct: string; tag: string; alg: 'aes-256-gcm' } {\n  const iv = randomBytes(12);\n  const cipher = createCipheriv('aes-256-gcm', masterKey, iv);\n  const ct = Buffer.concat([cipher.update(privKey, 'utf8'), cipher.final()]);\n  return { iv: iv.toString('base64'), ct: ct.toString('base64'), tag: cipher.getAuthTag().toString('base64'), alg: 'aes-256-gcm' };\n}\n\nasync function postJson<T>(\n  fetchImpl: typeof fetch,\n  url: string,\n  bearer: string,\n  body: unknown\n): Promise<T> {\n  const res = await fetchImpl(url, {\n    method: 'POST',\n    headers: {\n      Authorization: `Bearer ${bearer}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify(body),\n  });\n  const text = await res.text();\n  if (!res.ok) {\n    throw new Error(`POST ${url} ${res.status}: ${text.slice(0, 400)}`);\n  }\n  try {\n    return JSON.parse(text) as T;\n  } catch {\n    throw new Error(`POST ${url} returned non-JSON: ${text.slice(0, 200)}`);\n  }\n}\n\nfunction envVarLinesFor(handle: string, walletAddress: string, bearer?: string): string[] {\n  const suffix = handle.toUpperCase().replace(/-/g, '_');\n  const lines = [`HOLOSCRIPT_AGENT_WALLET_${suffix}=${walletAddress}`];\n  if (bearer) {\n    lines.push(`HOLOMESH_API_KEY_${suffix}_X402=${bearer}`);\n  }\n  return lines;\n}\n"],"mappings":";AAAA,SAAS,WAAW,cAAc,eAAe,YAAY,iBAAiB;AAC9E,SAAS,YAAY;AACrB,SAAS,SAAS,gBAAgB;AAClC,SAAS,aAAa,gBAAgB,kBAAkB;AACxD,SAAS,cAAc;AAEvB,IAAM,iBAAiB;AAoCvB,IAAM,gBAAgB,EAAE,MAAM,YAAY,SAAS,IAAI;AACvD,IAAM,eAAsE;AAAA,EAC1E,cAAc,CAAC,EAAE,MAAM,SAAS,MAAM,SAAS,CAAC;AAClD;AAEA,eAAsB,eACpB,KACA,OAA8C,EAAE,SAAS,MAAM,GACrC;AAC1B,MAAI,CAAC,eAAe,KAAK,IAAI,MAAM,GAAG;AACpC,UAAM,IAAI,MAAM,WAAW,IAAI,MAAM,gBAAgB,cAAc,EAAE;AAAA,EACvE;AACA,MAAI,CAAC,IAAI,iBAAiB,IAAI,cAAc,KAAK,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,kFAAkF;AAAA,EACpG;AAEA,QAAM,eAAe,IAAI,eAAe,2CAA2C,QAAQ,OAAO,EAAE;AACpG,QAAM,YAAY,IAAI,aAAa,iBAAiB;AACpD,QAAM,UAAU,IAAI;AACpB,QAAM,SAAS,WAAW,OAAO;AACjC,QAAM,UAAU,KAAK,WAAW,MAAM;AACtC,QAAM,aAAa,KAAK,SAAS,YAAY;AAC7C,QAAM,UAAU,KAAK,SAAS,mBAAmB;AAEjD,MAAI,CAAC,KAAK,SAAS;AACjB,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,QAAQ,IAAI;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,MACA,oBAAoB,CAAC,WAAW,UAAU;AAAA,MAC1C,mBAAmB;AAAA,QACjB,QAAQ,WAAW;AAAA,QACnB,QAAQ,WAAW;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,MAAI,WAAW,UAAU,KAAK,CAAC,KAAK,OAAO;AACzC,UAAM,OAAO,KAAK,MAAM,aAAa,YAAY,MAAM,CAAC;AACxD,UAAM,SAA4B;AAAA,MAChC,QAAQ;AAAA,MACR,QAAQ,IAAI;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe,KAAK;AAAA,MACpB,aAAa,eAAe,IAAI,QAAQ,KAAK,SAAS,MAAS;AAAA,IACjE;AACA,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,OAAO,aAAa;AACnC,YAAU,SAAS,EAAE,WAAW,KAAK,CAAC;AAEtC,QAAM,YAAY,gBAAgB,SAAS;AAC3C,QAAM,gBAAgB;AAAA,IACpB,SAAS;AAAA,IACT;AAAA,IACA,QAAQ,IAAI;AAAA,IACZ,SAAS,OAAO;AAAA,IAChB,mBAAmB,kBAAkB,OAAO,YAAY,SAAS;AAAA,IACjE,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,IACnC,QAAQ;AAAA,EACV;AACA,gBAAc,YAAY,KAAK,UAAU,eAAe,MAAM,CAAC,GAAG,MAAM;AACxE,MAAI;AAAE,cAAU,YAAY,GAAK;AAAA,EAAG,QAAQ;AAAA,EAAC;AAE7C,QAAM,YAAY,IAAI,aAAa;AAEnC,QAAM,YAAY,MAAM;AAAA,IACtB;AAAA,IACA,GAAG,WAAW;AAAA,IACd,IAAI;AAAA,IACJ,EAAE,gBAAgB,OAAO,QAAQ;AAAA,EACnC;AACA,MAAI,CAAC,UAAU,OAAO;AACpB,UAAM,IAAI,MAAM,0CAA0C,KAAK,UAAU,SAAS,CAAC,EAAE;AAAA,EACvF;AAEA,QAAM,YAAY,MAAM,OAAO,cAAc,eAAe,cAAc,EAAE,OAAO,UAAU,MAAM,CAAC;AAEpG,QAAM,eAAe,MAAM;AAAA,IAIzB;AAAA,IACA,GAAG,WAAW;AAAA,IACd,IAAI;AAAA,IACJ;AAAA,MACE,MAAM,IAAI;AAAA,MACV,gBAAgB,OAAO;AAAA,MACvB,OAAO,UAAU;AAAA,MACjB;AAAA,IACF;AAAA,EACF;AACA;AAAA,IACE;AAAA,IACA,KAAK,UAAU,EAAE,QAAQ,KAAK,UAAU,cAAc,gBAAe,oBAAI,KAAK,GAAE,YAAY,GAAG,MAAM,OAAO,GAAG,MAAM,CAAC;AAAA,IACtH;AAAA,EACF;AAEA,QAAM,UAAU,aAAa,OAAO;AACpC,QAAM,SAAS,aAAa,OAAO;AACnC,MAAI,CAAC,WAAW,CAAC,QAAQ;AACvB,UAAM,IAAI,MAAM,sDAAsD,KAAK,UAAU,YAAY,EAAE,MAAM,GAAG,GAAG,CAAC,EAAE;AAAA,EACpH;AACA,MAAI,aAAa,QAAQ,aAAa;AACpC,YAAQ,KAAK,oGAA+F;AAAA,EAC9G;AAEA,MAAI;AACJ,MAAI,IAAI,gBAAgB;AACtB,QAAI;AACF,YAAM,UAAU,MAAM;AAAA,QACpB;AAAA,QACA,GAAG,WAAW,SAAS,IAAI,cAAc;AAAA,QACzC;AAAA,QACA,CAAC;AAAA,MACH;AACA,mBAAa;AAAA,QACX,QAAQ,IAAI;AAAA,QACZ,MAAM,QAAQ,QAAQ;AAAA,QACtB,SAAS,QAAQ,WAAW;AAAA,MAC9B;AAAA,IACF,SAAS,KAAK;AACZ,mBAAa;AAAA,QACX,QAAQ,IAAI;AAAA,QACZ,OAAO,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,QAAQ,IAAI;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,OAAO;AAAA,IACtB;AAAA,IACA;AAAA,IACA,aAAa,eAAe,IAAI,QAAQ,OAAO,SAAS,MAAM;AAAA,IAC9D;AAAA,EACF;AACF;AAEA,SAAS,mBAA2B;AAClC,SAAO,QAAQ,IAAI,+BACd,KAAK,QAAQ,GAAG,qBAAqB,OAAO;AACnD;AAEA,SAAS,WAAW,SAAyB;AAC3C,QAAM,KAAK,WAAW,QAAQ,EAAE,OAAO,SAAS,IAAI,QAAQ,CAAC,EAAE,OAAO,KAAK,EAAE,MAAM,GAAG,CAAC;AACvF,SAAO,cAAc,OAAO,IAAI,EAAE;AACpC;AAEA,SAAS,gBAAgB,WAA2B;AAClD,QAAM,UAAU,KAAK,WAAW,aAAa;AAC7C,MAAI,CAAC,WAAW,SAAS,EAAG,WAAU,WAAW,EAAE,WAAW,KAAK,CAAC;AACpE,MAAI,CAAC,WAAW,OAAO,GAAG;AACxB,UAAM,IAAI,YAAY,EAAE;AACxB,kBAAc,SAAS,CAAC;AACxB,QAAI;AAAE,gBAAU,SAAS,GAAK;AAAA,IAAG,QAAQ;AAAA,IAAC;AAAA,EAC5C;AACA,SAAO,aAAa,OAAO;AAC7B;AAEA,SAAS,kBACP,SACA,WAC6D;AAC7D,QAAM,KAAK,YAAY,EAAE;AACzB,QAAM,SAAS,eAAe,eAAe,WAAW,EAAE;AAC1D,QAAM,KAAK,OAAO,OAAO,CAAC,OAAO,OAAO,SAAS,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AACzE,SAAO,EAAE,IAAI,GAAG,SAAS,QAAQ,GAAG,IAAI,GAAG,SAAS,QAAQ,GAAG,KAAK,OAAO,WAAW,EAAE,SAAS,QAAQ,GAAG,KAAK,cAAc;AACjI;AAEA,eAAe,SACb,WACA,KACA,QACA,MACY;AACZ,QAAM,MAAM,MAAM,UAAU,KAAK;AAAA,IAC/B,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,eAAe,UAAU,MAAM;AAAA,MAC/B,gBAAgB;AAAA,IAClB;AAAA,IACA,MAAM,KAAK,UAAU,IAAI;AAAA,EAC3B,CAAC;AACD,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,IAAI,MAAM,QAAQ,GAAG,IAAI,IAAI,MAAM,KAAK,KAAK,MAAM,GAAG,GAAG,CAAC,EAAE;AAAA,EACpE;AACA,MAAI;AACF,WAAO,KAAK,MAAM,IAAI;AAAA,EACxB,QAAQ;AACN,UAAM,IAAI,MAAM,QAAQ,GAAG,uBAAuB,KAAK,MAAM,GAAG,GAAG,CAAC,EAAE;AAAA,EACxE;AACF;AAEA,SAAS,eAAe,QAAgB,eAAuB,QAA2B;AACxF,QAAM,SAAS,OAAO,YAAY,EAAE,QAAQ,MAAM,GAAG;AACrD,QAAM,QAAQ,CAAC,2BAA2B,MAAM,IAAI,aAAa,EAAE;AACnE,MAAI,QAAQ;AACV,UAAM,KAAK,oBAAoB,MAAM,SAAS,MAAM,EAAE;AAAA,EACxD;AACA,SAAO;AACT;","names":[]}
+{"version":3,"sources":["../src/provision.ts"],"sourcesContent":["import { mkdirSync, readFileSync, writeFileSync, existsSync, chmodSync } from 'node:fs';\nimport { join } from 'node:path';\nimport { homedir, hostname } from 'node:os';\nimport { randomBytes, createCipheriv, createHash } from 'node:crypto';\nimport { Wallet } from 'ethers';\n\nconst HANDLE_PATTERN = /^[a-z0-9_-]{1,64}$/i;\n\nexport interface ProvisionRequest {\n  handle: string;\n  meshApiBase?: string;\n  founderBearer: string;\n  seatsRoot?: string;\n  fetchImpl?: typeof fetch;\n  autoJoinTeamId?: string;\n}\n\nexport interface ProvisionDryRun {\n  status: 'dry-run';\n  handle: string;\n  surface: string;\n  seatId: string;\n  seatDir: string;\n  willGenerateWallet: boolean;\n  willCallEndpoints: string[];\n}\n\nexport interface ProvisionExecuted {\n  status: 'executed' | 'reused';\n  handle: string;\n  surface: string;\n  seatId: string;\n  seatDir: string;\n  walletAddress: string;\n  bearer?: string;\n  agentId?: string;\n  envVarLines: string[];\n  joinedTeam?:\n    | { teamId: string; role: string; members: number }\n    | { teamId: string; error: string };\n}\n\nexport type ProvisionResult = ProvisionDryRun | ProvisionExecuted;\n\nconst EIP712_DOMAIN = { name: 'HoloMesh', version: '1' };\nconst EIP712_TYPES: Record<string, Array<{ name: string; type: string }>> = {\n  Registration: [{ name: 'nonce', type: 'string' }],\n};\n\nexport async function provisionAgent(\n  req: ProvisionRequest,\n  opts: { execute: boolean; force?: boolean } = { execute: false }\n): Promise<ProvisionResult> {\n  if (!HANDLE_PATTERN.test(req.handle)) {\n    throw new Error(`handle \"${req.handle}\" must match ${HANDLE_PATTERN}`);\n  }\n  if (!req.founderBearer || req.founderBearer.trim().length === 0) {\n    throw new Error(\n      'founderBearer is required (HOLOMESH_API_KEY of an agent that can call /register)'\n    );\n  }\n\n  const meshApiBase = (req.meshApiBase ?? 'https://mcp.holoscript.net/api/holomesh').replace(\n    /\\/$/,\n    ''\n  );\n  const seatsRoot = req.seatsRoot ?? defaultSeatsRoot();\n  const surface = req.handle;\n  const seatId = makeSeatId(surface);\n  const seatDir = join(seatsRoot, seatId);\n  const walletPath = join(seatDir, 'wallet.enc');\n  const regPath = join(seatDir, 'registration.json');\n\n  if (!opts.execute) {\n    return {\n      status: 'dry-run',\n      handle: req.handle,\n      surface,\n      seatId,\n      seatDir,\n      willGenerateWallet: !existsSync(walletPath),\n      willCallEndpoints: [`POST ${meshApiBase}/register/challenge`, `POST ${meshApiBase}/register`],\n    };\n  }\n\n  if (existsSync(walletPath) && !opts.force) {\n    const blob = JSON.parse(readFileSync(walletPath, 'utf8')) as { address: string };\n    const reused: ProvisionExecuted = {\n      status: 'reused',\n      handle: req.handle,\n      surface,\n      seatId,\n      seatDir,\n      walletAddress: blob.address,\n      envVarLines: envVarLinesFor(req.handle, blob.address, undefined),\n    };\n    return reused;\n  }\n\n  const wallet = Wallet.createRandom();\n  mkdirSync(seatDir, { recursive: true });\n\n  const masterKey = ensureMasterKey(seatsRoot);\n  const encryptedBlob = {\n    seat_id: seatId,\n    surface,\n    handle: req.handle,\n    address: wallet.address,\n    encrypted_privkey: encryptPrivateKey(wallet.privateKey, masterKey),\n    created_at: new Date().toISOString(),\n    source: 'holoscript-agent.provision',\n  };\n  writeFileSync(walletPath, JSON.stringify(encryptedBlob, null, 2), 'utf8');\n  try {\n    chmodSync(walletPath, 0o600);\n  } catch {}\n\n  const fetchImpl = req.fetchImpl ?? fetch;\n\n  const challenge = await postJson<{ nonce: string }>(\n    fetchImpl,\n    `${meshApiBase}/register/challenge`,\n    req.founderBearer,\n    { wallet_address: wallet.address }\n  );\n  if (!challenge.nonce) {\n    throw new Error(`/register/challenge returned no nonce: ${JSON.stringify(challenge)}`);\n  }\n\n  const signature = await wallet.signTypedData(EIP712_DOMAIN, EIP712_TYPES, {\n    nonce: challenge.nonce,\n  });\n\n  const registration = await postJson<{\n    agent?: { id: string; api_key: string };\n    wallet?: { private_key?: string };\n  }>(fetchImpl, `${meshApiBase}/register`, req.founderBearer, {\n    name: req.handle,\n    wallet_address: wallet.address,\n    nonce: challenge.nonce,\n    signature,\n  });\n  writeFileSync(\n    regPath,\n    JSON.stringify(\n      {\n        status: 201,\n        response: registration,\n        registered_at: new Date().toISOString(),\n        flow: 'x402',\n      },\n      null,\n      2\n    ),\n    'utf8'\n  );\n\n  const agentId = registration.agent?.id;\n  const bearer = registration.agent?.api_key;\n  if (!agentId || !bearer) {\n    throw new Error(\n      `/register did not return agent.id + agent.api_key: ${JSON.stringify(registration).slice(0, 400)}`\n    );\n  }\n  if (registration.wallet?.private_key) {\n    console.warn(\n      '[provision] WARN — server returned private_key despite x402 flow; ignoring (using local key).'\n    );\n  }\n\n  let joinedTeam: ProvisionExecuted['joinedTeam'];\n  if (req.autoJoinTeamId) {\n    try {\n      const joinRes = await postJson<{ success?: boolean; role?: string; members?: number }>(\n        fetchImpl,\n        `${meshApiBase}/team/${req.autoJoinTeamId}/join`,\n        bearer,\n        {}\n      );\n      joinedTeam = {\n        teamId: req.autoJoinTeamId,\n        role: joinRes.role ?? 'member',\n        members: joinRes.members ?? 0,\n      };\n    } catch (err) {\n      joinedTeam = {\n        teamId: req.autoJoinTeamId,\n        error: err instanceof Error ? err.message : String(err),\n      };\n    }\n  }\n\n  return {\n    status: 'executed',\n    handle: req.handle,\n    surface,\n    seatId,\n    seatDir,\n    walletAddress: wallet.address,\n    bearer,\n    agentId,\n    envVarLines: envVarLinesFor(req.handle, wallet.address, bearer),\n    joinedTeam,\n  };\n}\n\nfunction defaultSeatsRoot(): string {\n  return process.env.HOLOSCRIPT_AGENT_SEATS_ROOT ?? join(homedir(), '.holoscript-agent', 'seats');\n}\n\nfunction makeSeatId(surface: string): string {\n  const fp = createHash('sha256')\n    .update(hostname() + homedir())\n    .digest('hex')\n    .slice(0, 8);\n  return `holoscript-${surface}-${fp}-x402`;\n}\n\nfunction ensureMasterKey(seatsRoot: string): Buffer {\n  const keyPath = join(seatsRoot, '.master-key');\n  if (!existsSync(seatsRoot)) mkdirSync(seatsRoot, { recursive: true });\n  if (!existsSync(keyPath)) {\n    const k = randomBytes(32);\n    writeFileSync(keyPath, k);\n    try {\n      chmodSync(keyPath, 0o600);\n    } catch {}\n  }\n  return readFileSync(keyPath);\n}\n\nfunction encryptPrivateKey(\n  privKey: string,\n  masterKey: Buffer\n): { iv: string; ct: string; tag: string; alg: 'aes-256-gcm' } {\n  const iv = randomBytes(12);\n  const cipher = createCipheriv('aes-256-gcm', masterKey, iv);\n  const ct = Buffer.concat([cipher.update(privKey, 'utf8'), cipher.final()]);\n  return {\n    iv: iv.toString('base64'),\n    ct: ct.toString('base64'),\n    tag: cipher.getAuthTag().toString('base64'),\n    alg: 'aes-256-gcm',\n  };\n}\n\nasync function postJson<T>(\n  fetchImpl: typeof fetch,\n  url: string,\n  bearer: string,\n  body: unknown\n): Promise<T> {\n  const res = await fetchImpl(url, {\n    method: 'POST',\n    headers: {\n      Authorization: `Bearer ${bearer}`,\n      'Content-Type': 'application/json',\n    },\n    body: JSON.stringify(body),\n  });\n  const text = await res.text();\n  if (!res.ok) {\n    throw new Error(`POST ${url} ${res.status}: ${text.slice(0, 400)}`);\n  }\n  try {\n    return JSON.parse(text) as T;\n  } catch {\n    throw new Error(`POST ${url} returned non-JSON: ${text.slice(0, 200)}`);\n  }\n}\n\nfunction envVarLinesFor(handle: string, walletAddress: string, bearer?: string): string[] {\n  const suffix = handle.toUpperCase().replace(/-/g, '_');\n  const lines = [`HOLOSCRIPT_AGENT_WALLET_${suffix}=${walletAddress}`];\n  if (bearer) {\n    lines.push(`HOLOMESH_API_KEY_${suffix}_X402=${bearer}`);\n  }\n  return lines;\n}\n"],"mappings":";AAAA,SAAS,WAAW,cAAc,eAAe,YAAY,iBAAiB;AAC9E,SAAS,YAAY;AACrB,SAAS,SAAS,gBAAgB;AAClC,SAAS,aAAa,gBAAgB,kBAAkB;AACxD,SAAS,cAAc;AAEvB,IAAM,iBAAiB;AAsCvB,IAAM,gBAAgB,EAAE,MAAM,YAAY,SAAS,IAAI;AACvD,IAAM,eAAsE;AAAA,EAC1E,cAAc,CAAC,EAAE,MAAM,SAAS,MAAM,SAAS,CAAC;AAClD;AAEA,eAAsB,eACpB,KACA,OAA8C,EAAE,SAAS,MAAM,GACrC;AAC1B,MAAI,CAAC,eAAe,KAAK,IAAI,MAAM,GAAG;AACpC,UAAM,IAAI,MAAM,WAAW,IAAI,MAAM,gBAAgB,cAAc,EAAE;AAAA,EACvE;AACA,MAAI,CAAC,IAAI,iBAAiB,IAAI,cAAc,KAAK,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAEA,QAAM,eAAe,IAAI,eAAe,2CAA2C;AAAA,IACjF;AAAA,IACA;AAAA,EACF;AACA,QAAM,YAAY,IAAI,aAAa,iBAAiB;AACpD,QAAM,UAAU,IAAI;AACpB,QAAM,SAAS,WAAW,OAAO;AACjC,QAAM,UAAU,KAAK,WAAW,MAAM;AACtC,QAAM,aAAa,KAAK,SAAS,YAAY;AAC7C,QAAM,UAAU,KAAK,SAAS,mBAAmB;AAEjD,MAAI,CAAC,KAAK,SAAS;AACjB,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,QAAQ,IAAI;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,MACA,oBAAoB,CAAC,WAAW,UAAU;AAAA,MAC1C,mBAAmB,CAAC,QAAQ,WAAW,uBAAuB,QAAQ,WAAW,WAAW;AAAA,IAC9F;AAAA,EACF;AAEA,MAAI,WAAW,UAAU,KAAK,CAAC,KAAK,OAAO;AACzC,UAAM,OAAO,KAAK,MAAM,aAAa,YAAY,MAAM,CAAC;AACxD,UAAM,SAA4B;AAAA,MAChC,QAAQ;AAAA,MACR,QAAQ,IAAI;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe,KAAK;AAAA,MACpB,aAAa,eAAe,IAAI,QAAQ,KAAK,SAAS,MAAS;AAAA,IACjE;AACA,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,OAAO,aAAa;AACnC,YAAU,SAAS,EAAE,WAAW,KAAK,CAAC;AAEtC,QAAM,YAAY,gBAAgB,SAAS;AAC3C,QAAM,gBAAgB;AAAA,IACpB,SAAS;AAAA,IACT;AAAA,IACA,QAAQ,IAAI;AAAA,IACZ,SAAS,OAAO;AAAA,IAChB,mBAAmB,kBAAkB,OAAO,YAAY,SAAS;AAAA,IACjE,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,IACnC,QAAQ;AAAA,EACV;AACA,gBAAc,YAAY,KAAK,UAAU,eAAe,MAAM,CAAC,GAAG,MAAM;AACxE,MAAI;AACF,cAAU,YAAY,GAAK;AAAA,EAC7B,QAAQ;AAAA,EAAC;AAET,QAAM,YAAY,IAAI,aAAa;AAEnC,QAAM,YAAY,MAAM;AAAA,IACtB;AAAA,IACA,GAAG,WAAW;AAAA,IACd,IAAI;AAAA,IACJ,EAAE,gBAAgB,OAAO,QAAQ;AAAA,EACnC;AACA,MAAI,CAAC,UAAU,OAAO;AACpB,UAAM,IAAI,MAAM,0CAA0C,KAAK,UAAU,SAAS,CAAC,EAAE;AAAA,EACvF;AAEA,QAAM,YAAY,MAAM,OAAO,cAAc,eAAe,cAAc;AAAA,IACxE,OAAO,UAAU;AAAA,EACnB,CAAC;AAED,QAAM,eAAe,MAAM,SAGxB,WAAW,GAAG,WAAW,aAAa,IAAI,eAAe;AAAA,IAC1D,MAAM,IAAI;AAAA,IACV,gBAAgB,OAAO;AAAA,IACvB,OAAO,UAAU;AAAA,IACjB;AAAA,EACF,CAAC;AACD;AAAA,IACE;AAAA,IACA,KAAK;AAAA,MACH;AAAA,QACE,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,gBAAe,oBAAI,KAAK,GAAE,YAAY;AAAA,QACtC,MAAM;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,IACA;AAAA,EACF;AAEA,QAAM,UAAU,aAAa,OAAO;AACpC,QAAM,SAAS,aAAa,OAAO;AACnC,MAAI,CAAC,WAAW,CAAC,QAAQ;AACvB,UAAM,IAAI;AAAA,MACR,sDAAsD,KAAK,UAAU,YAAY,EAAE,MAAM,GAAG,GAAG,CAAC;AAAA,IAClG;AAAA,EACF;AACA,MAAI,aAAa,QAAQ,aAAa;AACpC,YAAQ;AAAA,MACN;AAAA,IACF;AAAA,EACF;AAEA,MAAI;AACJ,MAAI,IAAI,gBAAgB;AACtB,QAAI;AACF,YAAM,UAAU,MAAM;AAAA,QACpB;AAAA,QACA,GAAG,WAAW,SAAS,IAAI,cAAc;AAAA,QACzC;AAAA,QACA,CAAC;AAAA,MACH;AACA,mBAAa;AAAA,QACX,QAAQ,IAAI;AAAA,QACZ,MAAM,QAAQ,QAAQ;AAAA,QACtB,SAAS,QAAQ,WAAW;AAAA,MAC9B;AAAA,IACF,SAAS,KAAK;AACZ,mBAAa;AAAA,QACX,QAAQ,IAAI;AAAA,QACZ,OAAO,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACxD;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,QAAQ,IAAI;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,OAAO;AAAA,IACtB;AAAA,IACA;AAAA,IACA,aAAa,eAAe,IAAI,QAAQ,OAAO,SAAS,MAAM;AAAA,IAC9D;AAAA,EACF;AACF;AAEA,SAAS,mBAA2B;AAClC,SAAO,QAAQ,IAAI,+BAA+B,KAAK,QAAQ,GAAG,qBAAqB,OAAO;AAChG;AAEA,SAAS,WAAW,SAAyB;AAC3C,QAAM,KAAK,WAAW,QAAQ,EAC3B,OAAO,SAAS,IAAI,QAAQ,CAAC,EAC7B,OAAO,KAAK,EACZ,MAAM,GAAG,CAAC;AACb,SAAO,cAAc,OAAO,IAAI,EAAE;AACpC;AAEA,SAAS,gBAAgB,WAA2B;AAClD,QAAM,UAAU,KAAK,WAAW,aAAa;AAC7C,MAAI,CAAC,WAAW,SAAS,EAAG,WAAU,WAAW,EAAE,WAAW,KAAK,CAAC;AACpE,MAAI,CAAC,WAAW,OAAO,GAAG;AACxB,UAAM,IAAI,YAAY,EAAE;AACxB,kBAAc,SAAS,CAAC;AACxB,QAAI;AACF,gBAAU,SAAS,GAAK;AAAA,IAC1B,QAAQ;AAAA,IAAC;AAAA,EACX;AACA,SAAO,aAAa,OAAO;AAC7B;AAEA,SAAS,kBACP,SACA,WAC6D;AAC7D,QAAM,KAAK,YAAY,EAAE;AACzB,QAAM,SAAS,eAAe,eAAe,WAAW,EAAE;AAC1D,QAAM,KAAK,OAAO,OAAO,CAAC,OAAO,OAAO,SAAS,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AACzE,SAAO;AAAA,IACL,IAAI,GAAG,SAAS,QAAQ;AAAA,IACxB,IAAI,GAAG,SAAS,QAAQ;AAAA,IACxB,KAAK,OAAO,WAAW,EAAE,SAAS,QAAQ;AAAA,IAC1C,KAAK;AAAA,EACP;AACF;AAEA,eAAe,SACb,WACA,KACA,QACA,MACY;AACZ,QAAM,MAAM,MAAM,UAAU,KAAK;AAAA,IAC/B,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,eAAe,UAAU,MAAM;AAAA,MAC/B,gBAAgB;AAAA,IAClB;AAAA,IACA,MAAM,KAAK,UAAU,IAAI;AAAA,EAC3B,CAAC;AACD,QAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,IAAI,MAAM,QAAQ,GAAG,IAAI,IAAI,MAAM,KAAK,KAAK,MAAM,GAAG,GAAG,CAAC,EAAE;AAAA,EACpE;AACA,MAAI;AACF,WAAO,KAAK,MAAM,IAAI;AAAA,EACxB,QAAQ;AACN,UAAM,IAAI,MAAM,QAAQ,GAAG,uBAAuB,KAAK,MAAM,GAAG,GAAG,CAAC,EAAE;AAAA,EACxE;AACF;AAEA,SAAS,eAAe,QAAgB,eAAuB,QAA2B;AACxF,QAAM,SAAS,OAAO,YAAY,EAAE,QAAQ,MAAM,GAAG;AACrD,QAAM,QAAQ,CAAC,2BAA2B,MAAM,IAAI,aAAa,EAAE;AACnE,MAAI,QAAQ;AACV,UAAM,KAAK,oBAAoB,MAAM,SAAS,MAAM,EAAE;AAAA,EACxD;AACA,SAAO;AACT;","names":[]}

package/dist/runner.js

@@ -37,7 +37,18 @@ function brainClassOf(brain) {
   return "unknown";
 }
 function buildCaelRecord(input) {
-  const { identity, brain, task, messages, finalText, usage, costUsd, spentUsd, prevChain, runtimeVersion } = input;
+  const {
+    identity,
+    brain,
+    task,
+    messages,
+    finalText,
+    usage,
+    costUsd,
+    spentUsd,
+    prevChain,
+    runtimeVersion
+  } = input;
   const l0 = sha(brain.systemPrompt);
   const l1 = sha(`${task.id}|${task.title}|${task.description ?? ""}`);
   const l2 = sha(JSON.stringify(messages));
@@ -60,9 +71,9 @@ function buildCaelRecord(input) {
 
 // src/tools.ts
 import { readFile, writeFile, readdir, mkdir, stat } from "fs/promises";
-import { resolve, dirname } from "path";
+import { resolve, dirname, delimiter, isAbsolute, sep } from "path";
 import { spawn } from "child_process";
-var ALLOWED_READ_ROOTS = [
+var FLEET_READ_ROOTS = [
   "/root/msc-paper-22",
   // Paper 22 mechanization inputs (scp'd by deploy)
   "/root/holoscript-mesh",
@@ -70,10 +81,23 @@ var ALLOWED_READ_ROOTS = [
   "/root/agent-output"
   // Read back what we wrote
 ];
-var ALLOWED_WRITE_ROOTS = [
+var FLEET_WRITE_ROOTS = [
   "/root/agent-output"
   // Single write sink — keeps deliverables in one place
 ];
+function parseRootsEnv(raw, fallback) {
+  if (!raw) return fallback;
+  const roots = raw.split(delimiter).map((r) => r.trim()).filter((r) => r.length > 0 && isAbsolute(r));
+  return roots.length > 0 ? roots : fallback;
+}
+var ALLOWED_READ_ROOTS = parseRootsEnv(
+  process.env.HOLOSCRIPT_AGENT_READ_ROOTS,
+  FLEET_READ_ROOTS
+);
+var ALLOWED_WRITE_ROOTS = parseRootsEnv(
+  process.env.HOLOSCRIPT_AGENT_WRITE_ROOTS,
+  FLEET_WRITE_ROOTS
+);
 var BASH_READ_ONLY_PREFIXES = [
   "ls ",
   "ls\n",
@@ -99,7 +123,15 @@ var BASH_PRODUCTIVE_PREFIXES = [
   "lean ",
   "pnpm --filter",
   "pnpm vitest",
-  "vitest run"
+  "vitest run",
+  // Robotics / edge-node (Jetson) productive commands — without these, every
+  // ros2/colcon/tegrastats task fails the W.107 artifact gate and is abandoned
+  // as no-artifact. (jetson-orin-01 lane.)
+  "ros2 launch",
+  "ros2 topic pub",
+  "ros2 service call",
+  "colcon build",
+  "tegrastats"
 ];
 var BASH_WHITELIST = [...BASH_READ_ONLY_PREFIXES, ...BASH_PRODUCTIVE_PREFIXES];
 function isProductiveBashCommand(cmd) {
@@ -110,7 +142,7 @@ function isProductiveBashCommand(cmd) {
 var MESH_TOOLS = [
   {
     name: "read_file",
-    description: "Read a file from the agent sandbox. Allowed roots: /root/msc-paper-22, /root/holoscript-mesh, /root/agent-output. Returns the file content as text. Use this to inspect inputs scp'd to the instance (e.g. MSC/Invariants.lean).",
+    description: `Read a file from the agent sandbox. Allowed roots: ${ALLOWED_READ_ROOTS.join(", ")}. Returns the file content as text. Use this to inspect task inputs and the read-only repo view.`,
     input_schema: {
       type: "object",
       properties: {
@@ -132,11 +164,11 @@ var MESH_TOOLS = [
   },
   {
     name: "write_file",
-    description: "Write a file to /root/agent-output/. This is the deliverable sink \u2014 anything you want to emit as task output (a Lean proof, a markdown report, a JSON dataset) goes here. Creates parent directories. Will refuse paths outside the write root.",
+    description: `Write a file to the deliverable sink (write roots: ${ALLOWED_WRITE_ROOTS.join(", ")}). Anything you want to emit as task output (a Lean proof, a markdown report, a JSON dataset, a .holo scene) goes here. Creates parent directories. Will refuse paths outside the write root(s).`,
     input_schema: {
       type: "object",
       properties: {
-        path: { type: "string", description: "Absolute path under /root/agent-output/" },
+        path: { type: "string", description: `Absolute path under a write root: ${ALLOWED_WRITE_ROOTS.join(", ")}` },
         content: { type: "string", description: "File content to write (UTF-8)" }
       },
       required: ["path", "content"]
@@ -144,7 +176,7 @@ var MESH_TOOLS = [
   },
   {
     name: "bash",
-    description: "Run a shell command. Whitelisted prefixes only: lake build, lean, ls, cat, grep, find, wc, head, tail, git status/log/diff/show, pnpm --filter, vitest run, pwd, echo. Hard 60s wall timeout, 1MB stdout cap. Use for lake build / lean kernel-checks, git inspection, repo greps. Refuses rm, curl, ssh, sudo, eval.",
+    description: "Run a shell command. Whitelisted prefixes only: lake build, lean, ls, cat, grep, find, wc, head, tail, git status/log/diff/show, pnpm --filter, vitest run, pwd, echo, ros2 launch/topic/service, colcon build, tegrastats. Hard 60s wall timeout, 1MB stdout cap. Use for builds, tests, hardware probes. Refuses rm, curl, ssh, sudo, eval.",
     input_schema: {
       type: "object",
       properties: {
@@ -153,22 +185,52 @@ var MESH_TOOLS = [
       },
       required: ["cmd"]
     }
+  },
+  {
+    name: "emit_hardware_receipt",
+    description: "Emit a portable hardware receipt (PortableHardwareReceiptMetadata v1) capturing device identity, runtime, and measured performance. Writes a JSON receipt to the agent output dir. Use after running tegrastats or colcon build to record hardware evidence for the CAEL audit chain. Accepts either pre-parsed measurements or raw tegrastats output (the tool parses it automatically).",
+    input_schema: {
+      type: "object",
+      properties: {
+        device_kind: {
+          type: "string",
+          description: 'Device identifier, e.g. "jetson-orin-nano-super", "raspberry-pi-5"'
+        },
+        accelerator: {
+          description: 'Accelerator string, e.g. "NVIDIA CUDA 8.7", or null for CPU-only'
+        },
+        runtime_name: { type: "string", description: 'Inference runtime, e.g. "Ollama", "llama.cpp"' },
+        runtime_version: { type: "string", description: 'Runtime version, e.g. "0.30.8"' },
+        host_os: { type: "string", description: 'OS + firmware, e.g. "JetPack 6.2.1 / Ubuntu 22.04"' },
+        composition_id: { type: "string", description: 'Brain composition reference, e.g. "jetson-orin-brain"' },
+        measurements: {
+          type: "array",
+          description: "Pre-parsed measurements. Each item: {metric: string, value: number, unit: string}",
+          items: { type: "object" }
+        },
+        tegrastats_output: {
+          type: "string",
+          description: "Raw tegrastats output line(s) \u2014 tool auto-parses GPU%, RAM, temp, power"
+        }
+      },
+      required: ["device_kind", "runtime_name", "runtime_version", "host_os"]
+    }
   }
 ];
 function isUnderRoot(absPath, root) {
   const resolved = resolve(absPath);
   const rootResolved = resolve(root);
-  return resolved === rootResolved || resolved.startsWith(rootResolved + "/");
+  return resolved === rootResolved || resolved.startsWith(rootResolved + sep);
 }
 function checkReadAllowed(path) {
-  if (!path.startsWith("/")) return `path must be absolute, got "${path}"`;
+  if (!isAbsolute(path)) return `path must be absolute, got "${path}"`;
   for (const root of ALLOWED_READ_ROOTS) {
     if (isUnderRoot(path, root)) return null;
   }
   return `read denied \u2014 path "${path}" not under allowed roots: ${ALLOWED_READ_ROOTS.join(", ")}`;
 }
 function checkWriteAllowed(path) {
-  if (!path.startsWith("/")) return `path must be absolute, got "${path}"`;
+  if (!isAbsolute(path)) return `path must be absolute, got "${path}"`;
   for (const root of ALLOWED_WRITE_ROOTS) {
     if (isUnderRoot(path, root)) return null;
   }
@@ -223,11 +285,105 @@ async function runTool(use) {
       return result.code === 0 ? okResult(use.id, result.stdout) : errResult(use.id, `exit=${result.code}
 ${result.stderr || result.stdout}`);
     }
+    if (use.name === "emit_hardware_receipt") {
+      const deviceKind = String(use.input.device_kind ?? "unknown-device");
+      const accelerator = use.input.accelerator === null || use.input.accelerator === "null" ? null : String(use.input.accelerator ?? "").trim() || null;
+      const runtimeName = String(use.input.runtime_name ?? "Ollama");
+      const runtimeVersion = String(use.input.runtime_version ?? "unknown");
+      const hostOs = String(use.input.host_os ?? "unknown");
+      const compositionId = String(use.input.composition_id ?? "unknown");
+      let measurements = [];
+      if (Array.isArray(use.input.measurements)) {
+        for (const m of use.input.measurements) {
+          const metric = String(m.metric ?? "");
+          const value = Number(m.value ?? 0);
+          const unit = String(m.unit ?? "");
+          if (metric && Number.isFinite(value)) {
+            measurements.push({ metric, value, unit, method: "measured" });
+          }
+        }
+      }
+      if (typeof use.input.tegrastats_output === "string" && use.input.tegrastats_output.length > 0) {
+        measurements = [...measurements, ...parseTegrastats(use.input.tegrastats_output)];
+      }
+      if (measurements.length === 0) {
+        measurements.push({ metric: "agent-tick", value: 1, unit: "count", method: "presence" });
+      }
+      const capturedAt = (/* @__PURE__ */ new Date()).toISOString();
+      const receipt = {
+        schemaVersion: "holoscript.hardware-receipt-metadata.v1",
+        target: {
+          id: `${deviceKind}-${Date.now()}`,
+          kind: deviceKind,
+          architecture: /jetson|orin|nano|agx|xavier/i.test(deviceKind) ? "arm64" : "unknown",
+          artifactKind: "measurement-trace"
+        },
+        device: {
+          vendor: /jetson|orin|nvidia/i.test(deviceKind) ? "nvidia" : "unknown",
+          model: deviceKind,
+          accelerator
+        },
+        runtime: { name: runtimeName, version: runtimeVersion, hostOS: hostOs },
+        compilerVersion: "holoscript-agent-1.0.0",
+        constraints: [],
+        measuredResults: measurements,
+        replayInputs: [
+          { kind: "composition-ref", uri: `compositions/${compositionId}`, sha256: "unknown" }
+        ],
+        provenance: {
+          capturedAt,
+          sourceCompositionHash: compositionId
+        },
+        owner: {
+          agent: process.env.HOLOSCRIPT_AGENT_HANDLE ?? "unknown",
+          ...process.env.HOLOMESH_TEAM_ID ? { team: process.env.HOLOMESH_TEAM_ID } : {}
+        }
+      };
+      const ts = capturedAt.replace(/[:.]/g, "-");
+      const outPath = resolve(ALLOWED_WRITE_ROOTS[0], `hardware-receipt-${ts}.json`);
+      const denied = checkWriteAllowed(outPath);
+      if (denied) return errResult(use.id, `Cannot write receipt: ${denied}`);
+      await mkdir(dirname(outPath), { recursive: true });
+      await writeFile(outPath, JSON.stringify(receipt, null, 2), "utf8");
+      return okResult(
+        use.id,
+        `Hardware receipt written to ${outPath} \u2014 ${measurements.length} measurements, accelerator=${accelerator ?? "none"}`
+      );
+    }
     return errResult(use.id, `unknown tool: ${use.name}`);
   } catch (err) {
     return errResult(use.id, err instanceof Error ? err.message : String(err));
   }
 }
+function parseTegrastats(raw) {
+  const results = [];
+  const m = (pattern, metric, unit, transform) => {
+    const match = raw.match(pattern);
+    if (match?.[1]) {
+      const value = transform ? transform(match[1]) : Number(match[1]);
+      if (Number.isFinite(value)) results.push({ metric, value, unit, method: "tegrastats" });
+    }
+  };
+  const ram = raw.match(/RAM\s+(\d+)\/(\d+)MB/);
+  if (ram) {
+    const used = Number(ram[1]);
+    const total = Number(ram[2]);
+    results.push({ metric: "ram-used", value: used, unit: "MB", method: "tegrastats" });
+    results.push({ metric: "ram-total", value: total, unit: "MB", method: "tegrastats" });
+    if (total > 0)
+      results.push({ metric: "ram-pct", value: Math.round(used / total * 100), unit: "%", method: "tegrastats" });
+  }
+  m(/GR3D_FREQ\s+(\d+)%/, "gpu-util", "%");
+  m(/EMC_FREQ\s+(\d+)%/, "emc-freq-pct", "%");
+  m(/tj@([\d.]+)C/, "temp-tj", "C", parseFloat);
+  m(/cpu@([\d.]+)C/, "temp-cpu", "C", parseFloat);
+  m(/gpu@([\d.]+)C/, "temp-gpu", "C", parseFloat);
+  m(/VDD_SOC\s+(\d+)mW/, "power-soc", "mW");
+  m(/VDD_CPU_CV\s+(\d+)mW/, "power-cpu-cv", "mW");
+  m(/VDD_IN\s+(\d+)mW/, "power-total", "mW");
+  m(/CPU\s+\[(\d+)%/, "cpu-util-core0", "%");
+  return results;
+}
 function runBash(cmd, cwd) {
   if (process.env.VITEST === "true" || process.env.NODE_ENV === "test") {
     return Promise.resolve({
@@ -356,8 +512,28 @@ var AgentRunner = class {
     log({ ev: "claim", taskId: target.id, title: target.title });
     await mesh.claim(target.id);
     const start = Date.now();
+    let systemContent = brain.systemPrompt;
+    if (brain.onTaskActions && brain.onTaskActions.length > 0) {
+      const llmCallAction = brain.onTaskActions.find((a) => a.verb === "llm_call");
+      const deferredVerbs = brain.onTaskActions.filter((a) => a.verb === "recall" || a.verb === "rag_query" || a.verb === "plan").map((a) => a.verb);
+      if (deferredVerbs.length > 0) {
+        log({
+          ev: "on-task-deferred",
+          taskId: target.id,
+          verbs: deferredVerbs,
+          note: "trait-backed dispatch deferred to Phase 2.2 (idea-seeds.md)"
+        });
+      }
+      if (llmCallAction && typeof llmCallAction.config.prompt === "string" && llmCallAction.config.prompt.length > 0) {
+        systemContent = `${brain.systemPrompt}
+
+[Brain on_task directive]
+${llmCallAction.config.prompt}`;
+        log({ ev: "on-task-llm-call", taskId: target.id, promptLen: llmCallAction.config.prompt.length });
+      }
+    }
     const messages = [
-      { role: "system", content: brain.systemPrompt },
+      { role: "system", content: systemContent },
       { role: "user", content: buildTaskPrompt(target) }
     ];
     let aggUsage = { promptTokens: 0, completionTokens: 0, totalTokens: 0 };
@@ -375,12 +551,16 @@ var AgentRunner = class {
         finalText = finalText || `[tool-loop hit ${MAX_TOOL_ITERS}-iter cap before final text]`;
         break;
       }
+      const activeTools = brain.requires.includes("local-llm") ? MESH_TOOLS.filter((t) => t.name === "write_file") : MESH_TOOLS;
       const resp = await provider.complete(
         {
           messages,
-          maxTokens: 4096,
+          // 8192 for local thinking models (qwen3:4b uses ~3800 tokens on thinking
+          // before the tool-call JSON; 4096 cuts off mid-generation). Frontier
+          // models ignore this ceiling and stop naturally earlier.
+          maxTokens: 8192,
           temperature: 0.4,
-          tools: MESH_TOOLS
+          tools: activeTools
         },
         identity.llmModel
       );
@@ -391,7 +571,12 @@ var AgentRunner = class {
         totalTokens: aggUsage.totalTokens + resp.usage.totalTokens
       };
       if (resp.finishReason === "tool_use" && resp.toolUses && resp.toolUses.length > 0) {
-        log({ ev: "tool-call", taskId: target.id, iter: iters, tools: resp.toolUses.map((t) => t.name) });
+        log({
+          ev: "tool-call",
+          taskId: target.id,
+          iter: iters,
+          tools: resp.toolUses.map((t) => t.name)
+        });
         for (const u of resp.toolUses) {
           toolsCalled.add(u.name);
           if (u.name === "write_file") {
@@ -400,6 +585,8 @@ var AgentRunner = class {
           } else if (u.name === "bash") {
             const cmd = String(u.input?.cmd ?? "");
             if (isProductiveBashCommand(cmd)) productiveCallCount++;
+          } else if (u.name === "emit_hardware_receipt") {
+            productiveCallCount++;
           }
         }
         messages.push({
@@ -444,6 +631,58 @@ var AgentRunner = class {
         message: `no productive tool call observed (toolsCalled=[${[...toolsCalled].join(",")}], productiveCallCount=${productiveCallCount}, iters=${iters})`
       };
     }
+    let reflectVerdict;
+    if (brain.reflect) {
+      try {
+        const reflectResp = await provider.complete(
+          {
+            messages: [
+              {
+                role: "system",
+                content: "You are a strict reviewer. Evaluate the work against the criteria; do not rewrite it."
+              },
+              {
+                role: "user",
+                content: `Reflect on the artifact produced for this task. Evaluate it for: ${brain.reflect.criteria}.
+
+--- artifact / final response ---
+${finalText.slice(0, 4e3)}
+--- end ---
+
+Give a one-line reason, then end with exactly "VERDICT: PASS" or "VERDICT: FAIL".`
+              }
+            ],
+            maxTokens: 512,
+            temperature: 0.1
+          },
+          identity.llmModel
+        );
+        aggUsage = {
+          promptTokens: aggUsage.promptTokens + reflectResp.usage.promptTokens,
+          completionTokens: aggUsage.completionTokens + reflectResp.usage.completionTokens,
+          totalTokens: aggUsage.totalTokens + reflectResp.usage.totalTokens
+        };
+        const verdictMatch = /VERDICT:\s*(PASS|FAIL)/i.exec(reflectResp.content);
+        const pass = verdictMatch ? verdictMatch[1].toUpperCase() === "PASS" : true;
+        reflectVerdict = {
+          pass,
+          reason: reflectResp.content.replace(/VERDICT:\s*(PASS|FAIL)/i, "").trim().slice(0, 300)
+        };
+        log({
+          ev: "reflect",
+          taskId: target.id,
+          pass,
+          escalateOnFail: brain.reflect.escalateOnFail,
+          reason: reflectVerdict.reason.slice(0, 120)
+        });
+      } catch (err) {
+        log({
+          ev: "reflect-error",
+          taskId: target.id,
+          message: err instanceof Error ? err.message : String(err)
+        });
+      }
+    }
     const cost = costGuard.recordUsage(identity.llmModel, aggUsage);
     log({
       ev: "executed",
@@ -453,7 +692,11 @@ var AgentRunner = class {
       tokens: aggUsage.totalTokens,
       tool_iters: iters
     });
-    const response = { ...lastResponse ?? { content: finalText, usage: aggUsage }, content: finalText, usage: aggUsage };
+    const response = {
+      ...lastResponse ?? { content: finalText, usage: aggUsage },
+      content: finalText,
+      usage: aggUsage
+    };
     const execResult = {
       taskId: target.id,
       responseText: response.content,
@@ -487,10 +730,32 @@ var AgentRunner = class {
       });
       const posted = await mesh.postAuditRecords(identity.handle, [caelRecord]);
       this.prevCaelChain = caelRecord.fnv1a_chain;
-      log({ ev: "cael-posted", taskId: target.id, appended: posted.appended, rejected: posted.rejected });
+      log({
+        ev: "cael-posted",
+        taskId: target.id,
+        appended: posted.appended,
+        rejected: posted.rejected
+      });
     } catch (err) {
       log({ ev: "cael-post-error", message: err instanceof Error ? err.message : String(err) });
     }
+    if (reflectVerdict && !reflectVerdict.pass && brain.reflect?.escalateOnFail) {
+      try {
+        await mesh.sendMessageOnTask(
+          target.id,
+          `[${identity.handle}] reflect gate FAILED \u2014 escalating to the fleet instead of marking done. Reason: ${reflectVerdict.reason}`
+        );
+      } catch {
+      }
+      log({ ev: "reflect-escalate", taskId: target.id, reason: reflectVerdict.reason.slice(0, 120) });
+      return {
+        action: "reflect-escalate",
+        taskId: target.id,
+        spentUsd: costGuard.getState().spentUsd,
+        remainingUsd: costGuard.getRemainingUsd(),
+        message: `reflect self-evaluation failed; escalated to fleet (reason: ${reflectVerdict.reason.slice(0, 120)})`
+      };
+    }
     if (this.opts.onTaskExecuted) {
       await this.opts.onTaskExecuted(execResult, target);
     } else {
@@ -505,7 +770,11 @@ ${response.content}`
       await mesh.markDone(target.id, finalText.slice(0, 500), lastCommitHash);
       log({ ev: "mark-done", taskId: target.id, commitHash: lastCommitHash });
     } catch (err) {
-      log({ ev: "mark-done-error", taskId: target.id, message: err instanceof Error ? err.message : String(err) });
+      log({
+        ev: "mark-done-error",
+        taskId: target.id,
+        message: err instanceof Error ? err.message : String(err)
+      });
     }
     return {
       action: "executed",
@@ -599,7 +868,7 @@ function buildTaskPrompt(task) {
     "Description:",
     task.description ?? "(no description)",
     "",
-    "Produce the deliverable described in the task. Apply your brain composition rules \u2014 anti-patterns, decision loop, and scope tier all bind. Return the response as plain text suitable for posting to /room as a message on this task."
+    "Produce the deliverable: call write_file (or bash with a build command) to create all required output files FIRST. Apply your brain composition rules \u2014 anti-patterns, decision loop, and scope tier all bind. After calling the tool(s), return a short plain-text summary of what you did for posting to /room."
   ].join("\n");
 }
 function sleep(ms) {