@inkeep/agents-core 0.41.2 → 0.43.0

package/dist/types/index.d.ts

@@ -1,6 +1,6 @@
 import { A2AError, A2ARequest, A2AResponse, APIKeySecurityScheme, AgentCapabilities, AgentCard, AgentProvider, AgentSkill, Artifact, AuthorizationCodeOAuthFlow, CancelTaskRequest, CancelTaskResponse, CancelTaskSuccessResponse, ClientCredentialsOAuthFlow, ContentTypeNotSupportedError, DataPart, FileBase, FilePart, FileWithBytes, FileWithUri, GetTaskPushNotificationConfigRequest, GetTaskPushNotificationConfigResponse, GetTaskPushNotificationConfigSuccessResponse, GetTaskRequest, GetTaskResponse, GetTaskSuccessResponse, HTTPAuthSecurityScheme, ImplicitOAuthFlow, InternalError, InvalidAgentResponseError, InvalidParamsError, InvalidRequestError, JSONParseError, JSONRPCError, JSONRPCErrorResponse, JSONRPCMessage, JSONRPCRequest, JSONRPCResult, Message, MessagePart, MessageSendConfiguration, MessageSendParams, MethodNotFoundError, OAuth2SecurityScheme, OAuthFlows, OpenIdConnectSecurityScheme, Part, PartBase, PasswordOAuthFlow, PushNotificationAuthenticationInfo, PushNotificationConfig, PushNotificationNotSupportedError, SecurityScheme, SecuritySchemeBase, SendMessageRequest, SendMessageResponse, SendMessageSuccessResponse, SendStreamingMessageRequest, SendStreamingMessageResponse, SendStreamingMessageSuccessResponse, SetTaskPushNotificationConfigRequest, SetTaskPushNotificationConfigResponse, SetTaskPushNotificationConfigSuccessResponse, Task, TaskArtifact, TaskArtifactUpdateEvent, TaskIdParams, TaskNotCancelableError, TaskNotFoundError, TaskPushNotificationConfig, TaskQueryParams, TaskResubscriptionRequest, TaskState, TaskStatus, TaskStatusUpdateEvent, TextPart, UnsupportedOperationError } from "./a2a.js";
-import { AgentApiInsert, AgentApiSelect, AgentApiUpdate, AgentInsert, AgentSelect, AgentUpdate, AllAgentSelect, ApiKeyApiCreationResponse, ApiKeyApiInsert, ApiKeyApiSelect, ApiKeyApiUpdate, ApiKeyInsert, ApiKeySelect, ApiKeyUpdate, ArtifactComponentApiInsert, ArtifactComponentApiSelect, ArtifactComponentApiUpdate, ArtifactComponentInsert, ArtifactComponentSelect, ArtifactComponentUpdate, CanDelegateToExternalAgent, CanUseItem, ContextCacheApiInsert, ContextCacheApiSelect, ContextCacheApiUpdate, ContextCacheInsert, ContextCacheSelect, ContextCacheUpdate, ContextConfigApiInsert, ContextConfigApiSelect, ContextConfigApiUpdate, ContextConfigInsert, ContextConfigSelect, ContextConfigUpdate, ConversationApiInsert, ConversationApiSelect, ConversationApiUpdate, ConversationInsert, ConversationSelect, ConversationUpdate, CredentialReferenceApiInsert, CredentialReferenceApiSelect, CredentialReferenceApiUpdate, CredentialReferenceInsert, CredentialReferenceSelect, CredentialReferenceUpdate, DataComponentApiInsert, DataComponentApiSelect, DataComponentApiUpdate, DataComponentInsert, DataComponentSelect, DataComponentUpdate, ExternalAgentApiInsert, ExternalAgentApiSelect, ExternalAgentApiUpdate, ExternalAgentInsert, ExternalAgentSelect, ExternalAgentUpdate, ExternalSubAgentRelationApiInsert, ExternalSubAgentRelationInsert, FetchConfig, FetchDefinition, FullAgentAgentInsert, FullAgentDefinition, FullProjectDefinition, FunctionApiInsert, FunctionApiSelect, FunctionApiUpdate, FunctionInsert, FunctionSelect, FunctionToolApiInsert, FunctionToolApiSelect, FunctionToolApiUpdate, FunctionUpdate, LedgerArtifactApiInsert, LedgerArtifactApiSelect, LedgerArtifactApiUpdate, LedgerArtifactInsert, LedgerArtifactSelect, LedgerArtifactUpdate, MCPToolConfig, McpTool, MessageApiInsert, MessageApiSelect, MessageApiUpdate, MessageInsert, MessageSelect, MessageUpdate, Pagination, ProjectApiInsert, ProjectApiSelect, ProjectApiUpdate, ProjectInsert, ProjectSelect, ProjectUpdate, SubAgentApiInsert, SubAgentApiSelect, SubAgentApiUpdate, SubAgentArtifactComponentApiInsert, SubAgentArtifactComponentApiSelect, SubAgentArtifactComponentApiUpdate, SubAgentArtifactComponentInsert, SubAgentArtifactComponentSelect, SubAgentArtifactComponentUpdate, SubAgentDataComponentApiInsert, SubAgentDataComponentApiSelect, SubAgentDataComponentApiUpdate, SubAgentDataComponentInsert, SubAgentDataComponentSelect, SubAgentDataComponentUpdate, SubAgentDefinition, SubAgentExternalAgentRelationApiInsert, SubAgentExternalAgentRelationApiSelect, SubAgentExternalAgentRelationApiUpdate, SubAgentExternalAgentRelationInsert, SubAgentExternalAgentRelationSelect, SubAgentExternalAgentRelationUpdate, SubAgentInsert, SubAgentRelationApiInsert, SubAgentRelationApiSelect, SubAgentRelationApiUpdate, SubAgentRelationInsert, SubAgentRelationQuery, SubAgentRelationSelect, SubAgentRelationUpdate, SubAgentSelect, SubAgentTeamAgentRelationApiInsert, SubAgentTeamAgentRelationApiSelect, SubAgentTeamAgentRelationApiUpdate, SubAgentTeamAgentRelationInsert, SubAgentTeamAgentRelationSelect, SubAgentTeamAgentRelationUpdate, SubAgentToolRelationApiInsert, SubAgentToolRelationApiSelect, SubAgentToolRelationApiUpdate, SubAgentToolRelationInsert, SubAgentToolRelationSelect, SubAgentToolRelationUpdate, SubAgentUpdate, SummaryEvent, TaskApiInsert, TaskApiSelect, TaskApiUpdate, TaskInsert, TaskRelationApiInsert, TaskRelationApiSelect, TaskRelationApiUpdate, TaskRelationInsert, TaskRelationSelect, TaskRelationUpdate, TaskSelect, TaskUpdate, ToolApiInsert, ToolApiSelect, ToolApiUpdate, ToolDefinition, ToolInsert, ToolSelect, ToolUpdate } from "./entities.js";
+import { AgentConversationHistoryConfig, AgentScopeConfig, ApiKeyCreateResult, BaseExecutionContext, ContextCacheEntry, ContextFetchDefinition, ConversationHistoryConfig, ConversationMetadata, ConversationScopeOptions, CreateApiKeyParams, CredentialStoreType, DatasetItemExpectedOutput, DatasetItemInput, EvaluationJobFilterCriteria, EvaluationSuiteFilterCriteria, Filter, FullExecutionContext, MCPServerType, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpToolDefinition, McpTransportConfig, MessageContent, MessageMetadata, MessageMode, MessageRole, MessageType, MessageVisibility, Models, PaginationConfig, PaginationResult, PassCriteria, PassCriteriaCondition, PassCriteriaOperator, ProjectInfo, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, StatusComponent, StatusUpdateSettings, SubAgentScopeConfig, TOOL_STATUS_VALUES, TaskMetadataConfig, ToolMcpConfig, ToolServerCapabilities, ToolSimplifyConfig, VALID_RELATION_TYPES } from "./utility.js";
 import { CorsConfig, CredentialStore, ServerConfig, ServerOptions } from "./server.js";
 import { AgentMcpConfig, AgentMcpConfigInput, McpToolSelection, ToolPolicy, normalizeToolSelections } from "./tool-policies.js";
-import { AgentConversationHistoryConfig, AgentScopeConfig, ApiKeyCreateResult, ContextCacheEntry, ContextFetchDefinition, ConversationHistoryConfig, ConversationMetadata, ConversationScopeOptions, CreateApiKeyParams, CredentialStoreType, ExecutionContext, Filter, MCPServerType, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpToolDefinition, McpTransportConfig, MessageContent, MessageMetadata, MessageMode, MessageRole, MessageType, MessageVisibility, Models, PaginationConfig, PaginationResult, ProjectInfo, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, StatusComponent, StatusUpdateSettings, SubAgentScopeConfig, TOOL_STATUS_VALUES, TaskMetadataConfig, ToolMcpConfig, ToolServerCapabilities, VALID_RELATION_TYPES } from "./utility.js";
-export { A2AError, A2ARequest, A2AResponse, APIKeySecurityScheme, AgentApiInsert, AgentApiSelect, AgentApiUpdate, AgentCapabilities, AgentCard, AgentConversationHistoryConfig, AgentInsert, AgentMcpConfig, AgentMcpConfigInput, AgentProvider, AgentScopeConfig, AgentSelect, AgentSkill, AgentUpdate, AllAgentSelect, ApiKeyApiCreationResponse, ApiKeyApiInsert, ApiKeyApiSelect, ApiKeyApiUpdate, ApiKeyCreateResult, ApiKeyInsert, ApiKeySelect, ApiKeyUpdate, Artifact, ArtifactComponentApiInsert, ArtifactComponentApiSelect, ArtifactComponentApiUpdate, ArtifactComponentInsert, ArtifactComponentSelect, ArtifactComponentUpdate, AuthorizationCodeOAuthFlow, CanDelegateToExternalAgent, CanUseItem, CancelTaskRequest, CancelTaskResponse, CancelTaskSuccessResponse, ClientCredentialsOAuthFlow, ContentTypeNotSupportedError, ContextCacheApiInsert, ContextCacheApiSelect, ContextCacheApiUpdate, ContextCacheEntry, ContextCacheInsert, ContextCacheSelect, ContextCacheUpdate, ContextConfigApiInsert, ContextConfigApiSelect, ContextConfigApiUpdate, ContextConfigInsert, ContextConfigSelect, ContextConfigUpdate, ContextFetchDefinition, ConversationApiInsert, ConversationApiSelect, ConversationApiUpdate, ConversationHistoryConfig, ConversationInsert, ConversationMetadata, ConversationScopeOptions, ConversationSelect, ConversationUpdate, CorsConfig, CreateApiKeyParams, CredentialReferenceApiInsert, CredentialReferenceApiSelect, CredentialReferenceApiUpdate, CredentialReferenceInsert, CredentialReferenceSelect, CredentialReferenceUpdate, CredentialStore, CredentialStoreType, DataComponentApiInsert, DataComponentApiSelect, DataComponentApiUpdate, DataComponentInsert, DataComponentSelect, DataComponentUpdate, DataPart, ExecutionContext, ExternalAgentApiInsert, ExternalAgentApiSelect, ExternalAgentApiUpdate, ExternalAgentInsert, ExternalAgentSelect, ExternalAgentUpdate, ExternalSubAgentRelationApiInsert, ExternalSubAgentRelationInsert, FetchConfig, FetchDefinition, FileBase, FilePart, FileWithBytes, FileWithUri, Filter, FullAgentAgentInsert, FullAgentDefinition, FullProjectDefinition, FunctionApiInsert, FunctionApiSelect, FunctionApiUpdate, FunctionInsert, FunctionSelect, FunctionToolApiInsert, FunctionToolApiSelect, FunctionToolApiUpdate, FunctionUpdate, GetTaskPushNotificationConfigRequest, GetTaskPushNotificationConfigResponse, GetTaskPushNotificationConfigSuccessResponse, GetTaskRequest, GetTaskResponse, GetTaskSuccessResponse, HTTPAuthSecurityScheme, ImplicitOAuthFlow, InternalError, InvalidAgentResponseError, InvalidParamsError, InvalidRequestError, JSONParseError, JSONRPCError, JSONRPCErrorResponse, JSONRPCMessage, JSONRPCRequest, JSONRPCResult, LedgerArtifactApiInsert, LedgerArtifactApiSelect, LedgerArtifactApiUpdate, LedgerArtifactInsert, LedgerArtifactSelect, LedgerArtifactUpdate, MCPServerType, MCPToolConfig, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpTool, McpToolDefinition, McpToolSelection, McpTransportConfig, Message, MessageApiInsert, MessageApiSelect, MessageApiUpdate, MessageContent, MessageInsert, MessageMetadata, MessageMode, MessagePart, MessageRole, MessageSelect, MessageSendConfiguration, MessageSendParams, MessageType, MessageUpdate, MessageVisibility, MethodNotFoundError, Models, OAuth2SecurityScheme, OAuthFlows, OpenIdConnectSecurityScheme, Pagination, PaginationConfig, PaginationResult, Part, PartBase, PasswordOAuthFlow, ProjectApiInsert, ProjectApiSelect, ProjectApiUpdate, ProjectInfo, ProjectInsert, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, ProjectSelect, ProjectUpdate, PushNotificationAuthenticationInfo, PushNotificationConfig, PushNotificationNotSupportedError, SecurityScheme, SecuritySchemeBase, SendMessageRequest, SendMessageResponse, SendMessageSuccessResponse, SendStreamingMessageRequest, SendStreamingMessageResponse, SendStreamingMessageSuccessResponse, ServerConfig, ServerOptions, SetTaskPushNotificationConfigRequest, SetTaskPushNotificationConfigResponse, SetTaskPushNotificationConfigSuccessResponse, StatusComponent, StatusUpdateSettings, SubAgentApiInsert, SubAgentApiSelect, SubAgentApiUpdate, SubAgentArtifactComponentApiInsert, SubAgentArtifactComponentApiSelect, SubAgentArtifactComponentApiUpdate, SubAgentArtifactComponentInsert, SubAgentArtifactComponentSelect, SubAgentArtifactComponentUpdate, SubAgentDataComponentApiInsert, SubAgentDataComponentApiSelect, SubAgentDataComponentApiUpdate, SubAgentDataComponentInsert, SubAgentDataComponentSelect, SubAgentDataComponentUpdate, SubAgentDefinition, SubAgentExternalAgentRelationApiInsert, SubAgentExternalAgentRelationApiSelect, SubAgentExternalAgentRelationApiUpdate, SubAgentExternalAgentRelationInsert, SubAgentExternalAgentRelationSelect, SubAgentExternalAgentRelationUpdate, SubAgentInsert, SubAgentRelationApiInsert, SubAgentRelationApiSelect, SubAgentRelationApiUpdate, SubAgentRelationInsert, SubAgentRelationQuery, SubAgentRelationSelect, SubAgentRelationUpdate, SubAgentScopeConfig, SubAgentSelect, SubAgentTeamAgentRelationApiInsert, SubAgentTeamAgentRelationApiSelect, SubAgentTeamAgentRelationApiUpdate, SubAgentTeamAgentRelationInsert, SubAgentTeamAgentRelationSelect, SubAgentTeamAgentRelationUpdate, SubAgentToolRelationApiInsert, SubAgentToolRelationApiSelect, SubAgentToolRelationApiUpdate, SubAgentToolRelationInsert, SubAgentToolRelationSelect, SubAgentToolRelationUpdate, SubAgentUpdate, SummaryEvent, TOOL_STATUS_VALUES, Task, TaskApiInsert, TaskApiSelect, TaskApiUpdate, TaskArtifact, TaskArtifactUpdateEvent, TaskIdParams, TaskInsert, TaskMetadataConfig, TaskNotCancelableError, TaskNotFoundError, TaskPushNotificationConfig, TaskQueryParams, TaskRelationApiInsert, TaskRelationApiSelect, TaskRelationApiUpdate, TaskRelationInsert, TaskRelationSelect, TaskRelationUpdate, TaskResubscriptionRequest, TaskSelect, TaskState, TaskStatus, TaskStatusUpdateEvent, TaskUpdate, TextPart, ToolApiInsert, ToolApiSelect, ToolApiUpdate, ToolDefinition, ToolInsert, ToolMcpConfig, ToolPolicy, ToolSelect, ToolServerCapabilities, ToolUpdate, UnsupportedOperationError, VALID_RELATION_TYPES, normalizeToolSelections };
+import { AgentApiInsert, AgentApiSelect, AgentApiUpdate, AgentInsert, AgentSelect, AgentUpdate, AgentWithinContextOfProjectSelect, AgentWithinContextOfProjectSelectWithRelationIds, AllAgentSelect, ApiKeyApiCreationResponse, ApiKeyApiInsert, ApiKeyApiSelect, ApiKeyApiUpdate, ApiKeyInsert, ApiKeySelect, ApiKeyUpdate, ArtifactComponentApiInsert, ArtifactComponentApiSelect, ArtifactComponentApiUpdate, ArtifactComponentInsert, ArtifactComponentSelect, ArtifactComponentUpdate, CanDelegateToExternalAgent, CanDelegateToExternalAgentInsert, CanDelegateToItem, CanDelegateToItemInsert, CanDelegateToTeamAgent, CanDelegateToTeamAgentInsert, CanRelateToInternalSubAgent, CanUseItem, ContextCacheApiInsert, ContextCacheApiSelect, ContextCacheApiUpdate, ContextCacheInsert, ContextCacheSelect, ContextCacheUpdate, ContextConfigApiInsert, ContextConfigApiSelect, ContextConfigApiUpdate, ContextConfigInsert, ContextConfigSelect, ContextConfigUpdate, ConversationApiInsert, ConversationApiSelect, ConversationApiUpdate, ConversationInsert, ConversationSelect, ConversationUpdate, CredentialReferenceApiInsert, CredentialReferenceApiSelect, CredentialReferenceApiUpdate, CredentialReferenceInsert, CredentialReferenceSelect, CredentialReferenceUpdate, DataComponentApiInsert, DataComponentApiSelect, DataComponentApiUpdate, DataComponentInsert, DataComponentSelect, DataComponentUpdate, DatasetInsert, DatasetItemInsert, DatasetItemSelect, DatasetItemUpdate, DatasetRunConfigAgentRelationInsert, DatasetRunConfigAgentRelationSelect, DatasetRunConfigAgentRelationUpdate, DatasetRunConfigInsert, DatasetRunConfigSelect, DatasetRunConfigUpdate, DatasetRunConversationRelationInsert, DatasetRunConversationRelationSelect, DatasetRunConversationRelationUpdate, DatasetRunInsert, DatasetRunItem, DatasetRunSelect, DatasetRunUpdate, DatasetSelect, DatasetUpdate, EvaluationJobConfigEvaluatorRelationInsert, EvaluationJobConfigEvaluatorRelationSelect, EvaluationJobConfigEvaluatorRelationUpdate, EvaluationJobConfigInsert, EvaluationJobConfigSelect, EvaluationJobConfigUpdate, EvaluationResultInsert, EvaluationResultSelect, EvaluationResultUpdate, EvaluationRunConfigEvaluationSuiteConfigRelationInsert, EvaluationRunConfigEvaluationSuiteConfigRelationSelect, EvaluationRunConfigEvaluationSuiteConfigRelationUpdate, EvaluationRunConfigInsert, EvaluationRunConfigSelect, EvaluationRunConfigUpdate, EvaluationRunConfigWithSuiteConfigs, EvaluationRunInsert, EvaluationRunSelect, EvaluationRunUpdate, EvaluationSuiteConfigEvaluatorRelationInsert, EvaluationSuiteConfigEvaluatorRelationSelect, EvaluationSuiteConfigEvaluatorRelationUpdate, EvaluationSuiteConfigInsert, EvaluationSuiteConfigSelect, EvaluationSuiteConfigUpdate, EvaluatorInsert, EvaluatorSelect, EvaluatorUpdate, ExternalAgentApiInsert, ExternalAgentApiSelect, ExternalAgentApiUpdate, ExternalAgentInsert, ExternalAgentSelect, ExternalAgentUpdate, ExternalSubAgentRelationApiInsert, ExternalSubAgentRelationInsert, FetchConfig, FetchDefinition, FullAgentAgentInsert, FullAgentDefinition, FullAgentSelect, FullAgentSelectWithRelationIds, FullAgentSubAgentSelect, FullAgentSubAgentSelectWithRelationIds, FullProjectDefinition, FullProjectSelect, FullProjectSelectWithRelationIds, FunctionApiInsert, FunctionApiSelect, FunctionApiUpdate, FunctionInsert, FunctionSelect, FunctionToolApiInsert, FunctionToolApiSelect, FunctionToolApiUpdate, FunctionUpdate, LedgerArtifactApiInsert, LedgerArtifactApiSelect, LedgerArtifactApiUpdate, LedgerArtifactInsert, LedgerArtifactSelect, LedgerArtifactUpdate, MCPToolConfig, McpTool, MessageApiInsert, MessageApiSelect, MessageApiUpdate, MessageInsert, MessageSelect, MessageUpdate, Pagination, ProjectApiInsert, ProjectApiSelect, ProjectApiUpdate, ProjectInsert, ProjectMetadataInsert, ProjectMetadataSelect, ProjectSelect, ProjectUpdate, SubAgentApiInsert, SubAgentApiSelect, SubAgentApiUpdate, SubAgentArtifactComponentApiInsert, SubAgentArtifactComponentApiSelect, SubAgentArtifactComponentApiUpdate, SubAgentArtifactComponentInsert, SubAgentArtifactComponentSelect, SubAgentArtifactComponentUpdate, SubAgentDataComponentApiInsert, SubAgentDataComponentApiSelect, SubAgentDataComponentApiUpdate, SubAgentDataComponentInsert, SubAgentDataComponentSelect, SubAgentDataComponentUpdate, SubAgentDefinition, SubAgentExternalAgentRelationApiInsert, SubAgentExternalAgentRelationApiSelect, SubAgentExternalAgentRelationApiUpdate, SubAgentExternalAgentRelationInsert, SubAgentExternalAgentRelationSelect, SubAgentExternalAgentRelationUpdate, SubAgentInsert, SubAgentRelationApiInsert, SubAgentRelationApiSelect, SubAgentRelationApiUpdate, SubAgentRelationInsert, SubAgentRelationQuery, SubAgentRelationSelect, SubAgentRelationUpdate, SubAgentSelect, SubAgentTeamAgentRelationApiInsert, SubAgentTeamAgentRelationApiSelect, SubAgentTeamAgentRelationApiUpdate, SubAgentTeamAgentRelationInsert, SubAgentTeamAgentRelationSelect, SubAgentTeamAgentRelationUpdate, SubAgentToolRelationApiInsert, SubAgentToolRelationApiSelect, SubAgentToolRelationApiUpdate, SubAgentToolRelationInsert, SubAgentToolRelationSelect, SubAgentToolRelationUpdate, SubAgentUpdate, SummaryEvent, TaskApiInsert, TaskApiSelect, TaskApiUpdate, TaskInsert, TaskRelationApiInsert, TaskRelationApiSelect, TaskRelationApiUpdate, TaskRelationInsert, TaskRelationSelect, TaskRelationUpdate, TaskSelect, TaskUpdate, ToolApiInsert, ToolApiSelect, ToolApiUpdate, ToolDefinition, ToolInsert, ToolSelect, ToolUpdate, TriggerApiInsert, TriggerApiSelect, TriggerApiUpdate, TriggerBatchConversationEvaluationRequest, TriggerConversationEvaluationRequest, TriggerDatasetRunRequest, TriggerEvaluationJobRequest, TriggerInsert, TriggerInvocationApiInsert, TriggerInvocationApiSelect, TriggerInvocationApiUpdate, TriggerInvocationInsert, TriggerInvocationSelect, TriggerInvocationUpdate, TriggerSelect, TriggerUpdate } from "./entities.js";
+export { A2AError, A2ARequest, A2AResponse, APIKeySecurityScheme, AgentApiInsert, AgentApiSelect, AgentApiUpdate, AgentCapabilities, AgentCard, AgentConversationHistoryConfig, AgentInsert, AgentMcpConfig, AgentMcpConfigInput, AgentProvider, AgentScopeConfig, AgentSelect, AgentSkill, AgentUpdate, AgentWithinContextOfProjectSelect, AgentWithinContextOfProjectSelectWithRelationIds, AllAgentSelect, ApiKeyApiCreationResponse, ApiKeyApiInsert, ApiKeyApiSelect, ApiKeyApiUpdate, ApiKeyCreateResult, ApiKeyInsert, ApiKeySelect, ApiKeyUpdate, Artifact, ArtifactComponentApiInsert, ArtifactComponentApiSelect, ArtifactComponentApiUpdate, ArtifactComponentInsert, ArtifactComponentSelect, ArtifactComponentUpdate, AuthorizationCodeOAuthFlow, BaseExecutionContext, CanDelegateToExternalAgent, CanDelegateToExternalAgentInsert, CanDelegateToItem, CanDelegateToItemInsert, CanDelegateToTeamAgent, CanDelegateToTeamAgentInsert, CanRelateToInternalSubAgent, CanUseItem, CancelTaskRequest, CancelTaskResponse, CancelTaskSuccessResponse, ClientCredentialsOAuthFlow, ContentTypeNotSupportedError, ContextCacheApiInsert, ContextCacheApiSelect, ContextCacheApiUpdate, ContextCacheEntry, ContextCacheInsert, ContextCacheSelect, ContextCacheUpdate, ContextConfigApiInsert, ContextConfigApiSelect, ContextConfigApiUpdate, ContextConfigInsert, ContextConfigSelect, ContextConfigUpdate, ContextFetchDefinition, ConversationApiInsert, ConversationApiSelect, ConversationApiUpdate, ConversationHistoryConfig, ConversationInsert, ConversationMetadata, ConversationScopeOptions, ConversationSelect, ConversationUpdate, CorsConfig, CreateApiKeyParams, CredentialReferenceApiInsert, CredentialReferenceApiSelect, CredentialReferenceApiUpdate, CredentialReferenceInsert, CredentialReferenceSelect, CredentialReferenceUpdate, CredentialStore, CredentialStoreType, DataComponentApiInsert, DataComponentApiSelect, DataComponentApiUpdate, DataComponentInsert, DataComponentSelect, DataComponentUpdate, DataPart, DatasetInsert, DatasetItemExpectedOutput, DatasetItemInput, DatasetItemInsert, DatasetItemSelect, DatasetItemUpdate, DatasetRunConfigAgentRelationInsert, DatasetRunConfigAgentRelationSelect, DatasetRunConfigAgentRelationUpdate, DatasetRunConfigInsert, DatasetRunConfigSelect, DatasetRunConfigUpdate, DatasetRunConversationRelationInsert, DatasetRunConversationRelationSelect, DatasetRunConversationRelationUpdate, DatasetRunInsert, DatasetRunItem, DatasetRunSelect, DatasetRunUpdate, DatasetSelect, DatasetUpdate, EvaluationJobConfigEvaluatorRelationInsert, EvaluationJobConfigEvaluatorRelationSelect, EvaluationJobConfigEvaluatorRelationUpdate, EvaluationJobConfigInsert, EvaluationJobConfigSelect, EvaluationJobConfigUpdate, EvaluationJobFilterCriteria, EvaluationResultInsert, EvaluationResultSelect, EvaluationResultUpdate, EvaluationRunConfigEvaluationSuiteConfigRelationInsert, EvaluationRunConfigEvaluationSuiteConfigRelationSelect, EvaluationRunConfigEvaluationSuiteConfigRelationUpdate, EvaluationRunConfigInsert, EvaluationRunConfigSelect, EvaluationRunConfigUpdate, EvaluationRunConfigWithSuiteConfigs, EvaluationRunInsert, EvaluationRunSelect, EvaluationRunUpdate, EvaluationSuiteConfigEvaluatorRelationInsert, EvaluationSuiteConfigEvaluatorRelationSelect, EvaluationSuiteConfigEvaluatorRelationUpdate, EvaluationSuiteConfigInsert, EvaluationSuiteConfigSelect, EvaluationSuiteConfigUpdate, EvaluationSuiteFilterCriteria, EvaluatorInsert, EvaluatorSelect, EvaluatorUpdate, ExternalAgentApiInsert, ExternalAgentApiSelect, ExternalAgentApiUpdate, ExternalAgentInsert, ExternalAgentSelect, ExternalAgentUpdate, ExternalSubAgentRelationApiInsert, ExternalSubAgentRelationInsert, FetchConfig, FetchDefinition, FileBase, FilePart, FileWithBytes, FileWithUri, Filter, FullAgentAgentInsert, FullAgentDefinition, FullAgentSelect, FullAgentSelectWithRelationIds, FullAgentSubAgentSelect, FullAgentSubAgentSelectWithRelationIds, FullExecutionContext, FullProjectDefinition, FullProjectSelect, FullProjectSelectWithRelationIds, FunctionApiInsert, FunctionApiSelect, FunctionApiUpdate, FunctionInsert, FunctionSelect, FunctionToolApiInsert, FunctionToolApiSelect, FunctionToolApiUpdate, FunctionUpdate, GetTaskPushNotificationConfigRequest, GetTaskPushNotificationConfigResponse, GetTaskPushNotificationConfigSuccessResponse, GetTaskRequest, GetTaskResponse, GetTaskSuccessResponse, HTTPAuthSecurityScheme, ImplicitOAuthFlow, InternalError, InvalidAgentResponseError, InvalidParamsError, InvalidRequestError, JSONParseError, JSONRPCError, JSONRPCErrorResponse, JSONRPCMessage, JSONRPCRequest, JSONRPCResult, LedgerArtifactApiInsert, LedgerArtifactApiSelect, LedgerArtifactApiUpdate, LedgerArtifactInsert, LedgerArtifactSelect, LedgerArtifactUpdate, MCPServerType, MCPToolConfig, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpTool, McpToolDefinition, McpToolSelection, McpTransportConfig, Message, MessageApiInsert, MessageApiSelect, MessageApiUpdate, MessageContent, MessageInsert, MessageMetadata, MessageMode, MessagePart, MessageRole, MessageSelect, MessageSendConfiguration, MessageSendParams, MessageType, MessageUpdate, MessageVisibility, MethodNotFoundError, Models, OAuth2SecurityScheme, OAuthFlows, OpenIdConnectSecurityScheme, Pagination, PaginationConfig, PaginationResult, Part, PartBase, PassCriteria, PassCriteriaCondition, PassCriteriaOperator, PasswordOAuthFlow, ProjectApiInsert, ProjectApiSelect, ProjectApiUpdate, ProjectInfo, ProjectInsert, ProjectMetadataInsert, ProjectMetadataSelect, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, ProjectSelect, ProjectUpdate, PushNotificationAuthenticationInfo, PushNotificationConfig, PushNotificationNotSupportedError, SecurityScheme, SecuritySchemeBase, SendMessageRequest, SendMessageResponse, SendMessageSuccessResponse, SendStreamingMessageRequest, SendStreamingMessageResponse, SendStreamingMessageSuccessResponse, ServerConfig, ServerOptions, SetTaskPushNotificationConfigRequest, SetTaskPushNotificationConfigResponse, SetTaskPushNotificationConfigSuccessResponse, StatusComponent, StatusUpdateSettings, SubAgentApiInsert, SubAgentApiSelect, SubAgentApiUpdate, SubAgentArtifactComponentApiInsert, SubAgentArtifactComponentApiSelect, SubAgentArtifactComponentApiUpdate, SubAgentArtifactComponentInsert, SubAgentArtifactComponentSelect, SubAgentArtifactComponentUpdate, SubAgentDataComponentApiInsert, SubAgentDataComponentApiSelect, SubAgentDataComponentApiUpdate, SubAgentDataComponentInsert, SubAgentDataComponentSelect, SubAgentDataComponentUpdate, SubAgentDefinition, SubAgentExternalAgentRelationApiInsert, SubAgentExternalAgentRelationApiSelect, SubAgentExternalAgentRelationApiUpdate, SubAgentExternalAgentRelationInsert, SubAgentExternalAgentRelationSelect, SubAgentExternalAgentRelationUpdate, SubAgentInsert, SubAgentRelationApiInsert, SubAgentRelationApiSelect, SubAgentRelationApiUpdate, SubAgentRelationInsert, SubAgentRelationQuery, SubAgentRelationSelect, SubAgentRelationUpdate, SubAgentScopeConfig, SubAgentSelect, SubAgentTeamAgentRelationApiInsert, SubAgentTeamAgentRelationApiSelect, SubAgentTeamAgentRelationApiUpdate, SubAgentTeamAgentRelationInsert, SubAgentTeamAgentRelationSelect, SubAgentTeamAgentRelationUpdate, SubAgentToolRelationApiInsert, SubAgentToolRelationApiSelect, SubAgentToolRelationApiUpdate, SubAgentToolRelationInsert, SubAgentToolRelationSelect, SubAgentToolRelationUpdate, SubAgentUpdate, SummaryEvent, TOOL_STATUS_VALUES, Task, TaskApiInsert, TaskApiSelect, TaskApiUpdate, TaskArtifact, TaskArtifactUpdateEvent, TaskIdParams, TaskInsert, TaskMetadataConfig, TaskNotCancelableError, TaskNotFoundError, TaskPushNotificationConfig, TaskQueryParams, TaskRelationApiInsert, TaskRelationApiSelect, TaskRelationApiUpdate, TaskRelationInsert, TaskRelationSelect, TaskRelationUpdate, TaskResubscriptionRequest, TaskSelect, TaskState, TaskStatus, TaskStatusUpdateEvent, TaskUpdate, TextPart, ToolApiInsert, ToolApiSelect, ToolApiUpdate, ToolDefinition, ToolInsert, ToolMcpConfig, ToolPolicy, ToolSelect, ToolServerCapabilities, ToolSimplifyConfig, ToolUpdate, TriggerApiInsert, TriggerApiSelect, TriggerApiUpdate, TriggerBatchConversationEvaluationRequest, TriggerConversationEvaluationRequest, TriggerDatasetRunRequest, TriggerEvaluationJobRequest, TriggerInsert, TriggerInvocationApiInsert, TriggerInvocationApiSelect, TriggerInvocationApiUpdate, TriggerInvocationInsert, TriggerInvocationSelect, TriggerInvocationUpdate, TriggerSelect, TriggerUpdate, UnsupportedOperationError, VALID_RELATION_TYPES, normalizeToolSelections };

package/dist/types/utility.d.ts

@@ -1,6 +1,7 @@
-import { McpTransportConfigSchema, ModelSchema, ProjectModelSchema, StatusComponentSchema, StatusUpdateSchema } from "../validation/schemas.js";
-import { ApiKeySelect } from "./entities.js";
+import { ResolvedRef } from "../validation/dolt-schemas.js";
 import "../index.js";
+import { EvaluationJobFilterCriteriaSchema, McpTransportConfigSchema, ModelSchema, ProjectModelSchema, StatusComponentSchema, StatusUpdateSchema } from "../validation/schemas.js";
+import { ApiKeySelect, FullProjectSelectWithRelationIds } from "./entities.js";
 import { z } from "@hono/zod-openapi";
 
 //#region src/types/utility.d.ts
@@ -142,6 +143,12 @@ type McpToolDefinition = {
   description?: string;
   inputSchema?: Record<string, unknown>;
 };
+type ToolSimplifyConfig = {
+  displayName?: string;
+  description?: string;
+  schema?: any;
+  transformation?: Record<string, string> | string;
+};
 type ToolMcpConfig = {
   server: {
     url: string;
@@ -150,6 +157,8 @@ type ToolMcpConfig = {
   };
   transport?: McpTransportConfig;
   activeTools?: string[];
+  toolOverrides?: Record<string, ToolSimplifyConfig>;
+  prompt?: string;
 };
 type ToolServerCapabilities = {
   tools?: boolean;
@@ -179,7 +188,7 @@ interface ProjectResourceCounts {
   contextConfigs: number;
   externalAgents: number;
 }
-declare const TOOL_STATUS_VALUES: readonly ["healthy", "unhealthy", "unknown", "needs_auth"];
+declare const TOOL_STATUS_VALUES: readonly ["healthy", "unhealthy", "unknown", "needs_auth", "unavailable"];
 declare const VALID_RELATION_TYPES: readonly ["transfer", "delegate"];
 declare const MCPTransportType: {
   readonly streamableHttp: "streamable_http";
@@ -209,7 +218,7 @@ interface ApiKeyCreateResult {
  * Execution context that gets propagated through agent calls
  * Contains authentication and routing information for internal API calls
  */
-interface ExecutionContext {
+interface BaseExecutionContext {
   /** The original API key from the client request */
   apiKey: string;
   /** Tenant ID extracted from API key */
@@ -222,6 +231,8 @@ interface ExecutionContext {
   baseUrl: string;
   /** API key ID for tracking */
   apiKeyId: string;
+  /** Ref extracted from query params */
+  ref?: string;
   /** Sub Agent ID extracted from request headers (only for internal A2A calls) */
   subAgentId?: string;
   /** Metadata for the execution context */
@@ -234,6 +245,10 @@ interface ExecutionContext {
     };
   };
 }
+interface FullExecutionContext extends BaseExecutionContext {
+  resolvedRef: ResolvedRef;
+  project: FullProjectSelectWithRelationIds;
+}
 /**
  * Reusable filter type that supports and/or operations
  *
@@ -285,5 +300,31 @@ type Filter<T extends Record<string, unknown>> = T | {
 } | {
   or: Array<Filter<T>>;
 };
+type PassCriteriaOperator = '>' | '<' | '>=' | '<=' | '=' | '!=';
+type PassCriteriaCondition = {
+  field: string;
+  operator: PassCriteriaOperator;
+  value: number;
+};
+type PassCriteria = {
+  operator: 'and' | 'or';
+  conditions: PassCriteriaCondition[];
+};
+type EvaluationJobFilterCriteria = z.infer<typeof EvaluationJobFilterCriteriaSchema>;
+type EvaluationSuiteFilterCriteria = {
+  agentIds?: string[];
+  [key: string]: unknown;
+};
+type DatasetItemInput = {
+  messages: Array<{
+    role: string;
+    content: MessageContent;
+  }>;
+  headers?: Record<string, string>;
+};
+type DatasetItemExpectedOutput = Array<{
+  role: string;
+  content: MessageContent;
+}>;
 //#endregion
-export { AgentConversationHistoryConfig, AgentScopeConfig, ApiKeyCreateResult, ContextCacheEntry, ContextFetchDefinition, ConversationHistoryConfig, ConversationMetadata, ConversationScopeOptions, CreateApiKeyParams, CredentialStoreType, ExecutionContext, Filter, MCPServerType, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpToolDefinition, McpTransportConfig, MessageContent, MessageMetadata, MessageMode, MessageRole, MessageType, MessageVisibility, Models, PaginationConfig, PaginationResult, ProjectInfo, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, StatusComponent, StatusUpdateSettings, SubAgentScopeConfig, TOOL_STATUS_VALUES, TaskMetadataConfig, ToolMcpConfig, ToolServerCapabilities, VALID_RELATION_TYPES };
+export { AgentConversationHistoryConfig, AgentScopeConfig, ApiKeyCreateResult, BaseExecutionContext, ContextCacheEntry, ContextFetchDefinition, ConversationHistoryConfig, ConversationMetadata, ConversationScopeOptions, CreateApiKeyParams, CredentialStoreType, DatasetItemExpectedOutput, DatasetItemInput, EvaluationJobFilterCriteria, EvaluationSuiteFilterCriteria, Filter, FullExecutionContext, MCPServerType, MCPTransportType, McpAuthType, McpServerAuth, McpServerCapabilities, McpToolDefinition, McpTransportConfig, MessageContent, MessageMetadata, MessageMode, MessageRole, MessageType, MessageVisibility, Models, PaginationConfig, PaginationResult, PassCriteria, PassCriteriaCondition, PassCriteriaOperator, ProjectInfo, ProjectModels, ProjectResourceCounts, ProjectScopeConfig, StatusComponent, StatusUpdateSettings, SubAgentScopeConfig, TOOL_STATUS_VALUES, TaskMetadataConfig, ToolMcpConfig, ToolServerCapabilities, ToolSimplifyConfig, VALID_RELATION_TYPES };

package/dist/types/utility.js

@@ -3,7 +3,8 @@ const TOOL_STATUS_VALUES = [
 	"healthy",
 	"unhealthy",
 	"unknown",
-	"needs_auth"
+	"needs_auth",
+	"unavailable"
 ];
 const VALID_RELATION_TYPES = ["transfer", "delegate"];
 const MCPTransportType = {

package/dist/utils/JsonTransformer.d.ts

@@ -0,0 +1,42 @@
+//#region src/utils/JsonTransformer.d.ts
+interface TransformOptions {
+  timeout?: number;
+  maxDepth?: number;
+  allowedFunctions?: string[];
+}
+declare class JsonTransformer {
+  private static readonly DEFAULT_TIMEOUT;
+  /**
+   * Validate JMESPath expression for security and correctness
+   */
+  private static validateExpression;
+  /**
+   * Execute JMESPath with timeout protection
+   */
+  private static executeWithTimeout;
+  /**
+   * Transform input data using JMESPath expression with security validation
+   */
+  static transform(input: any, jmesPathExpression: string, options?: TransformOptions): Promise<any>;
+  /**
+   * Convert simple object transformation to JMESPath expression
+   * For SDK convenience - converts { key: 'path' } to JMESPath
+   */
+  static objectToJMESPath(objectTransformation: Record<string, string>): string;
+  /**
+   * Transform using either direct JMESPath string or object transformation
+   * Supports both SDK patterns
+   */
+  static transformWithConfig(input: any, config: {
+    jmespath?: string;
+    objectTransformation?: Record<string, string>;
+  }, options?: TransformOptions): Promise<any>;
+  /**
+   * Synchronous transform method for backward compatibility
+   * WARNING: This bypasses security validation - use async transform() instead
+   * @deprecated Use async transform() method instead
+   */
+  static transformSync(input: any, jmesPathExpression: string): any;
+}
+//#endregion
+export { JsonTransformer };

package/dist/utils/JsonTransformer.js

@@ -0,0 +1,103 @@
+import { DANGEROUS_PATTERNS, MAX_EXPRESSION_LENGTH, compileJMESPath, validateJMESPathSecure } from "./jmespath-utils.js";
+import { getLogger } from "./logger.js";
+import * as jmespath from "jmespath";
+
+//#region src/utils/JsonTransformer.ts
+const logger = getLogger("JsonTransformer");
+var JsonTransformer = class JsonTransformer {
+	static DEFAULT_TIMEOUT = 5e3;
+	/**
+	* Validate JMESPath expression for security and correctness
+	*/
+	static validateExpression(expression, _allowedFunctions) {
+		if (!expression || typeof expression !== "string") throw new Error("JMESPath expression must be a non-empty string");
+		if (expression.length > MAX_EXPRESSION_LENGTH) throw new Error(`JMESPath expression too long (max ${MAX_EXPRESSION_LENGTH} characters)`);
+		for (const pattern of DANGEROUS_PATTERNS) if (pattern.test(expression)) throw new Error(`JMESPath expression contains dangerous pattern: ${pattern.source}`);
+		const result = validateJMESPathSecure(expression, {
+			maxLength: MAX_EXPRESSION_LENGTH + 1,
+			dangerousPatterns: []
+		});
+		if (!result.valid) throw new Error(`Invalid JMESPath syntax: ${result.error}`);
+		logger.debug("JMESPath expression validated", `${expression.substring(0, 100)}...`);
+	}
+	/**
+	* Execute JMESPath with timeout protection
+	*/
+	static executeWithTimeout(input, expression, timeoutMs) {
+		return new Promise((resolve, reject) => {
+			const timeout = setTimeout(() => {
+				reject(/* @__PURE__ */ new Error(`JMESPath transformation timed out after ${timeoutMs}ms`));
+			}, timeoutMs);
+			try {
+				const result = jmespath.search(input, expression);
+				clearTimeout(timeout);
+				resolve(result);
+			} catch (error) {
+				clearTimeout(timeout);
+				reject(error);
+			}
+		});
+	}
+	/**
+	* Transform input data using JMESPath expression with security validation
+	*/
+	static async transform(input, jmesPathExpression, options = {}) {
+		const { timeout = JsonTransformer.DEFAULT_TIMEOUT, allowedFunctions } = options;
+		JsonTransformer.validateExpression(jmesPathExpression, allowedFunctions);
+		try {
+			logger.debug("Executing JMESPath transformation", `inputType: ${typeof input}, expression: ${jmesPathExpression.substring(0, 100)}..., timeout: ${timeout}`);
+			const result = await JsonTransformer.executeWithTimeout(input, jmesPathExpression, timeout);
+			logger.debug("JMESPath transformation completed successfully", "");
+			return result;
+		} catch (error) {
+			const message = error instanceof Error ? error.message : String(error);
+			logger.error("JMESPath transformation failed", `expression: ${jmesPathExpression.substring(0, 100)}..., error: ${message}`);
+			throw new Error(`JMESPath transformation failed for expression "${jmesPathExpression}": ${message}`);
+		}
+	}
+	/**
+	* Convert simple object transformation to JMESPath expression
+	* For SDK convenience - converts { key: 'path' } to JMESPath
+	*/
+	static objectToJMESPath(objectTransformation) {
+		if (!objectTransformation || typeof objectTransformation !== "object") throw new Error("Object transformation must be a non-null object");
+		return `{ ${Object.entries(objectTransformation).map(([key, path]) => {
+			if (!key || typeof key !== "string") throw new Error("Object transformation keys must be non-empty strings");
+			if (!path || typeof path !== "string") throw new Error("Object transformation values must be non-empty strings");
+			try {
+				compileJMESPath(path);
+			} catch (error) {
+				throw new Error(`Invalid JMESPath in object transformation value "${path}": ${error instanceof Error ? error.message : String(error)}`);
+			}
+			return `${key}: ${path}`;
+		}).join(", ")} }`;
+	}
+	/**
+	* Transform using either direct JMESPath string or object transformation
+	* Supports both SDK patterns
+	*/
+	static async transformWithConfig(input, config, options = {}) {
+		if (config.jmespath) return JsonTransformer.transform(input, config.jmespath, options);
+		if (config.objectTransformation) {
+			const jmesPath = JsonTransformer.objectToJMESPath(config.objectTransformation);
+			return JsonTransformer.transform(input, jmesPath, options);
+		}
+		throw new Error("Either jmespath or objectTransformation must be provided");
+	}
+	/**
+	* Synchronous transform method for backward compatibility
+	* WARNING: This bypasses security validation - use async transform() instead
+	* @deprecated Use async transform() method instead
+	*/
+	static transformSync(input, jmesPathExpression) {
+		logger.warn("Using deprecated synchronous transform method - security validation bypassed", "");
+		try {
+			return jmespath.search(input, jmesPathExpression);
+		} catch (error) {
+			throw new Error(`JMESPath transformation failed: ${error instanceof Error ? error.message : String(error)}`);
+		}
+	}
+};
+
+//#endregion
+export { JsonTransformer };

package/dist/utils/apiKeys.d.ts

@@ -10,6 +10,10 @@ type ApiKeyGenerationResult = {
  * Generate a new API key with secure random bytes
  */
 declare function generateApiKey(): Promise<ApiKeyGenerationResult>;
+declare const getMetadataFromApiKey: (key: string) => {
+  tenantId: string;
+  projectId: string;
+} | null;
 /**
  * Hash an API key using scrypt
  */
@@ -31,4 +35,4 @@ declare function extractPublicId(key: string): string | null;
  */
 declare function maskApiKey(keyPrefix: string): string;
 //#endregion
-export { ApiKeyGenerationResult, extractPublicId, generateApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey };
+export { ApiKeyGenerationResult, extractPublicId, generateApiKey, getMetadataFromApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey };

package/dist/utils/apiKeys.js

@@ -27,6 +27,16 @@ async function generateApiKey() {
 		keyPrefix
 	};
 }
+const getMetadataFromApiKey = (key) => {
+	const parts = key.split(".");
+	if (parts.length !== 2) return null;
+	const segments = parts[0].split("_");
+	if (segments.length < 3) return null;
+	return {
+		tenantId: segments[1],
+		projectId: segments[2]
+	};
+};
 /**
 * Hash an API key using scrypt
 */
@@ -80,4 +90,4 @@ function maskApiKey(keyPrefix) {
 }
 
 //#endregion
-export { extractPublicId, generateApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey };
+export { extractPublicId, generateApiKey, getMetadataFromApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey };

package/dist/utils/colors.d.ts

@@ -0,0 +1,34 @@
+//#region src/utils/colors.d.ts
+/**
+ * Color generation utilities using iwanthue library.
+ */
+interface ColorOptions {
+  /** Seed for deterministic color generation */
+  seed?: string;
+  /** Quality of clustering (higher = better but slower). Default: 50 */
+  quality?: number;
+}
+/**
+ * Generates N visually distinct colors using iwanthue.
+ *
+ * @param count - Number of colors to generate
+ * @param options - Optional generation settings
+ * @returns Array of hex color strings
+ *
+ * @example
+ * ```ts
+ * const colors = generateDistinctColors(5);
+ * // ['#4a8fd9', '#d94a7a', '#5ad94a', '#d9a14a', '#9a4ad9']
+ * ```
+ */
+declare function generateDistinctColors(count: number, options?: ColorOptions): string[];
+/**
+ * Creates a color map from an array of keys.
+ *
+ * @param keys - Array of unique string keys
+ * @param options - Optional generation settings
+ * @returns Map of key to hex color
+ */
+declare function createColorMap(keys: string[], options?: ColorOptions): Record<string, string>;
+//#endregion
+export { ColorOptions, createColorMap, generateDistinctColors };

package/dist/utils/colors.js

@@ -0,0 +1,49 @@
+import iwanthue from "iwanthue";
+
+//#region src/utils/colors.ts
+/**
+* Color generation utilities using iwanthue library.
+*/
+const DEFAULT_OPTIONS = {
+	seed: "inkeep-context-breakdown",
+	quality: 50
+};
+/**
+* Generates N visually distinct colors using iwanthue.
+*
+* @param count - Number of colors to generate
+* @param options - Optional generation settings
+* @returns Array of hex color strings
+*
+* @example
+* ```ts
+* const colors = generateDistinctColors(5);
+* // ['#4a8fd9', '#d94a7a', '#5ad94a', '#d9a14a', '#9a4ad9']
+* ```
+*/
+function generateDistinctColors(count, options) {
+	const opts = {
+		...DEFAULT_OPTIONS,
+		...options
+	};
+	return iwanthue(count, {
+		seed: opts.seed,
+		quality: opts.quality
+	});
+}
+/**
+* Creates a color map from an array of keys.
+*
+* @param keys - Array of unique string keys
+* @param options - Optional generation settings
+* @returns Map of key to hex color
+*/
+function createColorMap(keys, options) {
+	const colors = generateDistinctColors(keys.length, options);
+	const colorMap = {};
+	for (let i = 0; i < keys.length; i++) colorMap[keys[i]] = colors[i];
+	return colorMap;
+}
+
+//#endregion
+export { createColorMap, generateDistinctColors };

package/dist/utils/credential-store-utils.d.ts

@@ -1,5 +1,5 @@
-import "../types/index.js";
 import { CredentialStoreType } from "../types/utility.js";
+import "../types/index.js";
 
 //#region src/utils/credential-store-utils.d.ts
 

package/dist/utils/format-messages.d.ts

@@ -1,5 +1,5 @@
-import { MessageSelect } from "../types/entities.js";
 import "../index.js";
+import { MessageSelect } from "../types/entities.js";
 
 //#region src/utils/format-messages.d.ts
 interface LLMMessage {

package/dist/utils/index.d.ts

@@ -1,20 +1,24 @@
+import { JwtVerifyResult, SignJwtOptions, VerifyJwtOptions, decodeJwtPayload, extractBearerToken, getJwtSecret, hasIssuer, signJwt, verifyJwt } from "./jwt-helpers.js";
+import { GenerateInternalServiceTokenParams, InternalServiceId, InternalServiceTokenPayload, InternalServices, VerifyInternalServiceTokenResult, generateInternalServiceToken, isInternalServiceToken, validateInternalServiceProjectAccess, validateInternalServiceTenantAccess, verifyInternalServiceAuthHeader, verifyInternalServiceToken } from "./internal-service-auth.js";
 import { LoggerFactoryConfig, PinoLogger, PinoLoggerConfig, getLogger, loggerFactory } from "./logger.js";
 import { McpClient, McpClientOptions, McpSSEConfig, McpServerConfig, McpStreamableHttpConfig } from "./mcp-client.js";
-import { ApiKeyGenerationResult, extractPublicId, generateApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey } from "./apiKeys.js";
+import { ApiKeyGenerationResult, extractPublicId, generateApiKey, getMetadataFromApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey } from "./apiKeys.js";
 import { McpOAuthFlowResult, McpTokenExchangeResult, OAuthConfig, detectAuthenticationRequired, exchangeMcpAuthorizationCode, initiateMcpOAuthFlow } from "./auth-detection.js";
 import { generateId, getConversationId } from "./conversations.js";
 import { getCredentialStoreLookupKeyFromRetrievalParams } from "./credential-store-utils.js";
 import { normalizeDateString, toISODateString } from "./date.js";
 import { CommonCreateErrorResponses, CommonDeleteErrorResponses, CommonGetErrorResponses, CommonUpdateErrorResponses, ERROR_DOCS_BASE_URL, ErrorCode, ErrorCodes, ErrorResponse, ProblemDetails, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, createApiError, errorResponseSchema, errorSchemaFactory, handleApiError, problemDetailsSchema } from "./error.js";
-import { createExecutionContext, getRequestExecutionContext } from "./execution.js";
 import { LLMMessage, formatMessagesForLLM, formatMessagesForLLMContext } from "./format-messages.js";
+import { JsonTransformer } from "./JsonTransformer.js";
 import { parseEmbeddedJson } from "./json-parser.js";
 import { ModelFactory } from "./model-factory.js";
 import { convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, extractPreviewFields, isZodSchema, jsonSchemaToZod, preview } from "./schema-conversion.js";
 import { GenerateServiceTokenParams, ServiceTokenPayload, VerifyServiceTokenResult, generateServiceToken, validateTargetAgent, validateTenantId, verifyAuthorizationHeader, verifyServiceToken } from "./service-token-auth.js";
 import { SignedTempToken, TempTokenPayload, signTempToken, verifyTempToken } from "./temp-jwt.js";
-import { CredentialScope, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./third-party-mcp-servers/composio-client.js";
+import { interpolateTemplate } from "./template-interpolation.js";
+import { CredentialScope, buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./third-party-mcp-servers/composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-mcp-servers/third-party-check.js";
 import "./third-party-mcp-servers/index.js";
 import { getTracer, setSpanWithError } from "./tracer-factory.js";
-export { ApiKeyGenerationResult, CommonCreateErrorResponses, CommonDeleteErrorResponses, CommonGetErrorResponses, CommonUpdateErrorResponses, CredentialScope, ERROR_DOCS_BASE_URL, ErrorCode, ErrorCodes, ErrorResponse, GenerateServiceTokenParams, LLMMessage, LoggerFactoryConfig, McpClient, McpClientOptions, McpOAuthFlowResult, McpSSEConfig, McpServerConfig, McpStreamableHttpConfig, McpTokenExchangeResult, ModelFactory, OAuthConfig, PinoLogger, PinoLoggerConfig, ProblemDetails, ServiceTokenPayload, SignedTempToken, TempTokenPayload, VerifyServiceTokenResult, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, createApiError, createExecutionContext, detectAuthenticationRequired, errorResponseSchema, errorSchemaFactory, exchangeMcpAuthorizationCode, extractComposioServerId, extractPreviewFields, extractPublicId, fetchComposioServers, fetchSingleComposioServer, formatMessagesForLLM, formatMessagesForLLMContext, generateApiKey, generateId, generateServiceToken, getComposioOAuthRedirectUrl, getComposioUserId, getConversationId, getCredentialStoreLookupKeyFromRetrievalParams, getLogger, getRequestExecutionContext, getTracer, handleApiError, hashApiKey, initiateMcpOAuthFlow, isApiKeyExpired, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated, isZodSchema, jsonSchemaToZod, loggerFactory, maskApiKey, normalizeDateString, parseEmbeddedJson, preview, problemDetailsSchema, setSpanWithError, signTempToken, toISODateString, validateApiKey, validateTargetAgent, validateTenantId, verifyAuthorizationHeader, verifyServiceToken, verifyTempToken };
+import { HashedHeaderValue, SignatureVerificationErrorCode, SignatureVerificationResult, TriggerAuthResult, hashAuthenticationHeaders, hashTriggerHeaderValue, validateTriggerHeaderValue, verifySignatureWithConfig, verifyTriggerAuth } from "./trigger-auth.js";
+export { ApiKeyGenerationResult, CommonCreateErrorResponses, CommonDeleteErrorResponses, CommonGetErrorResponses, CommonUpdateErrorResponses, CredentialScope, ERROR_DOCS_BASE_URL, ErrorCode, ErrorCodes, ErrorResponse, GenerateInternalServiceTokenParams, GenerateServiceTokenParams, HashedHeaderValue, InternalServiceId, InternalServiceTokenPayload, InternalServices, JsonTransformer, JwtVerifyResult, LLMMessage, LoggerFactoryConfig, McpClient, McpClientOptions, McpOAuthFlowResult, McpSSEConfig, McpServerConfig, McpStreamableHttpConfig, McpTokenExchangeResult, ModelFactory, OAuthConfig, PinoLogger, PinoLoggerConfig, ProblemDetails, ServiceTokenPayload, SignJwtOptions, SignatureVerificationErrorCode, SignatureVerificationResult, SignedTempToken, TempTokenPayload, TriggerAuthResult, VerifyInternalServiceTokenResult, VerifyJwtOptions, VerifyServiceTokenResult, buildComposioMCPUrl, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, createApiError, decodeJwtPayload, detectAuthenticationRequired, errorResponseSchema, errorSchemaFactory, exchangeMcpAuthorizationCode, extractBearerToken, extractComposioServerId, extractPreviewFields, extractPublicId, fetchComposioServers, fetchSingleComposioServer, formatMessagesForLLM, formatMessagesForLLMContext, generateApiKey, generateId, generateInternalServiceToken, generateServiceToken, getComposioOAuthRedirectUrl, getComposioUserId, getConversationId, getCredentialStoreLookupKeyFromRetrievalParams, getJwtSecret, getLogger, getMetadataFromApiKey, getTracer, handleApiError, hasIssuer, hashApiKey, hashAuthenticationHeaders, hashTriggerHeaderValue, initiateMcpOAuthFlow, interpolateTemplate, isApiKeyExpired, isComposioMCPServerAuthenticated, isInternalServiceToken, isThirdPartyMCPServerAuthenticated, isZodSchema, jsonSchemaToZod, loggerFactory, maskApiKey, normalizeDateString, parseEmbeddedJson, preview, problemDetailsSchema, setSpanWithError, signJwt, signTempToken, toISODateString, validateApiKey, validateInternalServiceProjectAccess, validateInternalServiceTenantAccess, validateTargetAgent, validateTenantId, validateTriggerHeaderValue, verifyAuthorizationHeader, verifyInternalServiceAuthHeader, verifyInternalServiceToken, verifyJwt, verifyServiceToken, verifySignatureWithConfig, verifyTempToken, verifyTriggerAuth };

package/dist/utils/index.js

@@ -1,21 +1,25 @@
 import { detectAuthenticationRequired, exchangeMcpAuthorizationCode, initiateMcpOAuthFlow } from "./auth-detection.js";
 import { PinoLogger, getLogger, loggerFactory } from "./logger.js";
+import { decodeJwtPayload, extractBearerToken, getJwtSecret, hasIssuer, signJwt, verifyJwt } from "./jwt-helpers.js";
+import { InternalServices, generateInternalServiceToken, isInternalServiceToken, validateInternalServiceProjectAccess, validateInternalServiceTenantAccess, verifyInternalServiceAuthHeader, verifyInternalServiceToken } from "./internal-service-auth.js";
 import { convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, extractPreviewFields, isZodSchema, jsonSchemaToZod, preview } from "./schema-conversion.js";
 import { getCredentialStoreLookupKeyFromRetrievalParams } from "./credential-store-utils.js";
 import { generateId, getConversationId } from "./conversations.js";
-import { extractPublicId, generateApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey } from "./apiKeys.js";
+import { extractPublicId, generateApiKey, getMetadataFromApiKey, hashApiKey, isApiKeyExpired, maskApiKey, validateApiKey } from "./apiKeys.js";
 import { normalizeDateString, toISODateString } from "./date.js";
 import { ERROR_DOCS_BASE_URL, ErrorCode, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, createApiError, errorResponseSchema, errorSchemaFactory, handleApiError, problemDetailsSchema } from "./error.js";
-import { createExecutionContext, getRequestExecutionContext } from "./execution.js";
 import { formatMessagesForLLM, formatMessagesForLLMContext } from "./format-messages.js";
+import { JsonTransformer } from "./JsonTransformer.js";
 import { parseEmbeddedJson } from "./json-parser.js";
 import { McpClient } from "./mcp-client.js";
 import { ModelFactory } from "./model-factory.js";
 import { generateServiceToken, validateTargetAgent, validateTenantId, verifyAuthorizationHeader, verifyServiceToken } from "./service-token-auth.js";
 import { signTempToken, verifyTempToken } from "./temp-jwt.js";
-import { extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./third-party-mcp-servers/composio-client.js";
+import { interpolateTemplate } from "./template-interpolation.js";
+import { buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./third-party-mcp-servers/composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-mcp-servers/third-party-check.js";
 import "./third-party-mcp-servers/index.js";
 import { getTracer, setSpanWithError } from "./tracer-factory.js";
+import { hashAuthenticationHeaders, hashTriggerHeaderValue, validateTriggerHeaderValue, verifySignatureWithConfig, verifyTriggerAuth } from "./trigger-auth.js";
 
-export { ERROR_DOCS_BASE_URL, ErrorCode, McpClient, ModelFactory, PinoLogger, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, createApiError, createExecutionContext, detectAuthenticationRequired, errorResponseSchema, errorSchemaFactory, exchangeMcpAuthorizationCode, extractComposioServerId, extractPreviewFields, extractPublicId, fetchComposioServers, fetchSingleComposioServer, formatMessagesForLLM, formatMessagesForLLMContext, generateApiKey, generateId, generateServiceToken, getComposioOAuthRedirectUrl, getComposioUserId, getConversationId, getCredentialStoreLookupKeyFromRetrievalParams, getLogger, getRequestExecutionContext, getTracer, handleApiError, hashApiKey, initiateMcpOAuthFlow, isApiKeyExpired, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated, isZodSchema, jsonSchemaToZod, loggerFactory, maskApiKey, normalizeDateString, parseEmbeddedJson, preview, problemDetailsSchema, setSpanWithError, signTempToken, toISODateString, validateApiKey, validateTargetAgent, validateTenantId, verifyAuthorizationHeader, verifyServiceToken, verifyTempToken };
+export { ERROR_DOCS_BASE_URL, ErrorCode, InternalServices, JsonTransformer, McpClient, ModelFactory, PinoLogger, buildComposioMCPUrl, commonCreateErrorResponses, commonDeleteErrorResponses, commonGetErrorResponses, commonUpdateErrorResponses, convertZodToJsonSchema, convertZodToJsonSchemaWithPreview, createApiError, decodeJwtPayload, detectAuthenticationRequired, errorResponseSchema, errorSchemaFactory, exchangeMcpAuthorizationCode, extractBearerToken, extractComposioServerId, extractPreviewFields, extractPublicId, fetchComposioServers, fetchSingleComposioServer, formatMessagesForLLM, formatMessagesForLLMContext, generateApiKey, generateId, generateInternalServiceToken, generateServiceToken, getComposioOAuthRedirectUrl, getComposioUserId, getConversationId, getCredentialStoreLookupKeyFromRetrievalParams, getJwtSecret, getLogger, getMetadataFromApiKey, getTracer, handleApiError, hasIssuer, hashApiKey, hashAuthenticationHeaders, hashTriggerHeaderValue, initiateMcpOAuthFlow, interpolateTemplate, isApiKeyExpired, isComposioMCPServerAuthenticated, isInternalServiceToken, isThirdPartyMCPServerAuthenticated, isZodSchema, jsonSchemaToZod, loggerFactory, maskApiKey, normalizeDateString, parseEmbeddedJson, preview, problemDetailsSchema, setSpanWithError, signJwt, signTempToken, toISODateString, validateApiKey, validateInternalServiceProjectAccess, validateInternalServiceTenantAccess, validateTargetAgent, validateTenantId, validateTriggerHeaderValue, verifyAuthorizationHeader, verifyInternalServiceAuthHeader, verifyInternalServiceToken, verifyJwt, verifyServiceToken, verifySignatureWithConfig, verifyTempToken, verifyTriggerAuth };

package/dist/utils/internal-service-auth.d.ts

@@ -0,0 +1,79 @@
+import { JwtVerifyResult } from "./jwt-helpers.js";
+
+//#region src/utils/internal-service-auth.d.ts
+
+/**
+ * Known internal services that can authenticate
+ */
+declare const InternalServices: {
+  readonly INKEEP_AGENTS_RUN_API: "inkeep-agents-run-api";
+  readonly INKEEP_AGENTS_MANAGE_API: "inkeep-agents-manage-api";
+  readonly INKEEP_AGENTS_EVAL_API: "inkeep-agents-eval-api";
+};
+type InternalServiceId = (typeof InternalServices)[keyof typeof InternalServices];
+/**
+ * Internal Service Token JWT Claims (for service-to-service communication)
+ */
+interface InternalServiceTokenPayload {
+  /** Issuer - always 'inkeep-agents-internal' */
+  iss: string;
+  /** Subject - the calling service ID */
+  sub: InternalServiceId;
+  /** Tenant ID scope (optional - for tenant-scoped operations) */
+  tenantId?: string;
+  /** Project ID scope (optional - for project-scoped operations) */
+  projectId?: string;
+  /** User ID scope (optional - indicates the user that originally authenticated the service) */
+  userId?: string;
+  /** Issued at timestamp */
+  iat: number;
+  /** Expiration timestamp */
+  exp: number;
+}
+/**
+ * Parameters for generating an internal service token
+ */
+interface GenerateInternalServiceTokenParams {
+  serviceId: InternalServiceId;
+  /** Optional tenant scope */
+  tenantId?: string;
+  /** Optional project scope */
+  projectId?: string;
+  /** Optional user ID scope - indicates the user that originally authenticated the service */
+  userId?: string;
+  /** Token expiry (default: '5m') */
+  expiresIn?: string;
+}
+/**
+ * Result of verifying an internal service token
+ */
+type VerifyInternalServiceTokenResult = JwtVerifyResult<InternalServiceTokenPayload>;
+/**
+ * Generate an internal service token for service-to-service authentication
+ */
+declare function generateInternalServiceToken(params: GenerateInternalServiceTokenParams): Promise<string>;
+/**
+ * Verify and decode an internal service token
+ */
+declare function verifyInternalServiceToken(token: string): Promise<VerifyInternalServiceTokenResult>;
+/**
+ * Extract and verify an internal service token from Authorization header
+ */
+declare function verifyInternalServiceAuthHeader(authHeader: string | undefined): Promise<VerifyInternalServiceTokenResult>;
+/**
+ * Check if a token is an internal service token (vs user/agent token)
+ * by checking the issuer claim without full verification
+ */
+declare function isInternalServiceToken(token: string): boolean;
+/**
+ * Validate that the token has access to the specified tenant.
+ * If token has no tenantId claim, it has access to all tenants (superuser service).
+ */
+declare function validateInternalServiceTenantAccess(payload: InternalServiceTokenPayload, tenantId: string): boolean;
+/**
+ * Validate that the token has access to the specified project.
+ * If token has no projectId claim, it has access to all projects in the allowed tenant(s).
+ */
+declare function validateInternalServiceProjectAccess(payload: InternalServiceTokenPayload, projectId: string): boolean;
+//#endregion
+export { GenerateInternalServiceTokenParams, InternalServiceId, InternalServiceTokenPayload, InternalServices, VerifyInternalServiceTokenResult, generateInternalServiceToken, isInternalServiceToken, validateInternalServiceProjectAccess, validateInternalServiceTenantAccess, verifyInternalServiceAuthHeader, verifyInternalServiceToken };