@kognai/orchestrator-core 0.2.1 → 0.2.3

package/dist/lib/engine-agents.d.ts

@@ -1,4 +1,4 @@
-import { type CitizenOwner } from './citizenship';
+import { type CitizenOwner, type CitizenRecord } from './citizenship';
 import type { AgentTask, ReviewResult, CTOProposal, CTOReport } from './orchestrate-engine';
 export declare class SupervisorAgent {
     private systemPrompt;
@@ -69,6 +69,13 @@ export interface SpawnGateResult {
      *  Voxight swarm's a Voxight citizen, etc. The running company is carried by
      *  the template-injected gate's requester_did, not hardcoded in the engine. */
     owner?: CitizenOwner;
+    /** TICKET-334b: the citizen the gate already minted through the template's
+     *  canonical issuer (Kognai → SAF.spawnCitizen — governance + owner-lineage +
+     *  ACP-at-birth). When present the engine adopts it verbatim and SKIPS its own
+     *  bare mintCitizen, so the engine path no longer loses the ACP seeding. When
+     *  absent (gate-less templates, or a gate that only governs) the engine falls
+     *  back to minting itself with the resolved owner. */
+    citizen?: CitizenRecord;
 }
 export type SpawnGate = (spec: AgentSpawnSpec) => SpawnGateResult;
 export declare class AgentCreator {

package/dist/lib/engine-agents.js

@@ -736,6 +736,7 @@ class AgentCreator {
         // anything on disk. Approval/rejection only; the citizenship logic below is
         // unchanged (its extraction is tracked separately as TICKET-226).
         let spawnOwner;
+        let gateCitizen;
         if (this.spawnGate) {
             const decision = this.spawnGate(spec);
             if (!decision.approved) {
@@ -753,6 +754,10 @@ class AgentCreator {
             // The gate (SAF) resolves the lineage from its requester_did — this is the
             // running company's context, plumbed in rather than hardcoded here.
             spawnOwner = decision.owner;
+            // TICKET-334b: when the gate minted through the canonical issuer
+            // (SAF.spawnCitizen — owner-lineage + ACP-at-birth), adopt that citizen
+            // and skip the bare mint below (which would skip ACP seeding).
+            gateCitizen = decision.citizen;
         }
         const agentDir = `./agents/${spec.name}`;
         (0, fs_1.mkdirSync)(agentDir, { recursive: true });
@@ -760,9 +765,11 @@ class AgentCreator {
         // citizen — not a bare agent. Mint citizenship (citizen_id + roll
         // number + Kōpus avatar + ACP baseline) BEFORE writing the agent
         // files so the citizen record can be referenced in the prompt.
-        // Owner-scoped when the gate supplied a lineage (e.g. invoica/voxight);
-        // legacy kognai-internal path otherwise (back-compat for gate-less templates).
-        const citizen = (0, citizenship_1.mintCitizen)(spec.name, {
+        // Prefer the citizen the gate already minted through the canonical issuer
+        // (carries ACP-at-birth); else mint here owner-scoped when the gate supplied
+        // a lineage (e.g. invoica/voxight), or via the legacy kognai-internal path
+        // for gate-less templates.
+        const citizen = gateCitizen ?? (0, citizenship_1.mintCitizen)(spec.name, {
             founding_agent: 'ceo',
             proposing_agent: 'cto',
             citizen_type: 'spawned',

package/dist/lib/sovereign-agent-factory.d.ts

@@ -119,16 +119,44 @@ export declare function deriveOwner(requester_did: string): CitizenOwner;
  *
  * Returns the governance decision plus the minted citizen (when approved). The
  * caller still writes citizen.yaml via renderCitizenYaml(citizen). The initial
- * ACP (`decision.initial_acp_score`) should be persisted to the score registry
- * by the caller/wiring step (see TICKET-335).
+ * ACP is seeded here at birth (writeInitialAcp) so the citizen has a routing
+ * profile from the moment it exists — this is the property the engine seam lost
+ * when it minted via bare mintCitizen (TICKET-334b).
+ *
+ * `founding_agent` / `proposing_agent` let a caller preserve its own attribution
+ * (e.g. the engine's CEO-founds / CTO-proposes lineage). When omitted, the
+ * proposing agent defaults to the requester DID.
  */
 export declare function spawnCitizen(req: SpawnRequest, opts?: {
     agent_name?: string;
     now?: Date;
+    founding_agent?: string;
+    proposing_agent?: string;
 }): {
     decision: SpawnDecision;
     citizen?: CitizenRecord;
 };
+/**
+ * TICKET-334e — backfill an initial ACP for every citizen in the registry that
+ * has no entry in acp/trust-scores.json yet. These are pre-SAF citizens that were
+ * born scoreless (minted via bare mintCitizen before the canonical issuer seeded
+ * ACP at birth — see TICKET-334b). The router PASS-THROUGHs unscored agents, so
+ * this gives them a real routing profile instead of an implicit bypass.
+ *
+ * Classification reuses the SAF path (classifyRequest → initialAcp) keyed on the
+ * citizen's owner lineage + agent_name, so a backfilled score is identical to the
+ * one the same agent would receive if spawned today. Idempotent: writeInitialAcp
+ * skips any agent_name that already has a score, so re-running only fills gaps.
+ */
+export declare function backfillAcpForRegistry(): {
+    scanned: number;
+    seeded: {
+        agent_name: string;
+        classification: SpawnClass;
+        score: number;
+    }[];
+    skipped: number;
+};
 /**
  * Emergency bypass — Founder only. Overrides all gates including health and
  * constitutional conditional findings. Logs prominently to KSL.

package/dist/lib/sovereign-agent-factory.js

@@ -24,6 +24,7 @@ exports.issueSpawnDecision = issueSpawnDecision;
 exports.sovereignSpawn = sovereignSpawn;
 exports.deriveOwner = deriveOwner;
 exports.spawnCitizen = spawnCitizen;
+exports.backfillAcpForRegistry = backfillAcpForRegistry;
 exports.founderEmergencySpawn = founderEmergencySpawn;
 exports.getSpawnRegistry = getSpawnRegistry;
 exports.batchSpawn = batchSpawn;
@@ -328,8 +329,13 @@ function deriveOwner(requester_did) {
  *
  * Returns the governance decision plus the minted citizen (when approved). The
  * caller still writes citizen.yaml via renderCitizenYaml(citizen). The initial
- * ACP (`decision.initial_acp_score`) should be persisted to the score registry
- * by the caller/wiring step (see TICKET-335).
+ * ACP is seeded here at birth (writeInitialAcp) so the citizen has a routing
+ * profile from the moment it exists — this is the property the engine seam lost
+ * when it minted via bare mintCitizen (TICKET-334b).
+ *
+ * `founding_agent` / `proposing_agent` let a caller preserve its own attribution
+ * (e.g. the engine's CEO-founds / CTO-proposes lineage). When omitted, the
+ * proposing agent defaults to the requester DID.
  */
 function spawnCitizen(req, opts = {}) {
     const decision = sovereignSpawn(req);
@@ -339,7 +345,8 @@ function spawnCitizen(req, opts = {}) {
     const citizen = (0, citizenship_1.mintCitizen)(opts.agent_name ?? req.requested_role, {
         owner,
         citizen_type: 'spawned',
-        proposing_agent: req.requester_did,
+        founding_agent: opts.founding_agent,
+        proposing_agent: opts.proposing_agent ?? req.requester_did,
         now: opts.now,
     });
     decision.citizen_did = citizen.agent_did;
@@ -347,6 +354,68 @@ function spawnCitizen(req, opts = {}) {
     writeInitialAcp(citizen.agent_name, decision.initial_acp_score);
     return { decision, citizen };
 }
+/**
+ * TICKET-334e — derive the constitutional requester DID for an EXISTING citizen
+ * from its owner lineage, so classifyRequest() sorts it the same way a fresh
+ * spawn from that owner would (external → EXTERNAL sub-floor; everything else by
+ * role). Mirrors the DID shapes deriveOwner() reads.
+ */
+function requesterDidForCitizen(c) {
+    const id = c.owner_id || c.company || 'kognai';
+    switch (c.owner_kind) {
+        case 'external': return `did:external:${id}:${c.agent_name}`;
+        case 'user': return `did:kognai:citizen:${id}`;
+        case 'scs': return `did:kognai:scs:${id}:${c.agent_name}`;
+        default: return `did:kognai:${id}`; // company / legacy
+    }
+}
+/** Read the agent_name keys already present in acp/trust-scores.json. */
+function readAcpScoreKeys() {
+    try {
+        const { readFileSync } = require('fs');
+        const { join } = require('path');
+        const acpPath = join((0, engine_paths_1.resolveEnginePaths)().root, 'acp', 'trust-scores.json');
+        const data = JSON.parse(readFileSync(acpPath, 'utf-8'));
+        return new Set(Object.keys(data?.scores ?? {}));
+    }
+    catch {
+        return new Set();
+    }
+}
+/**
+ * TICKET-334e — backfill an initial ACP for every citizen in the registry that
+ * has no entry in acp/trust-scores.json yet. These are pre-SAF citizens that were
+ * born scoreless (minted via bare mintCitizen before the canonical issuer seeded
+ * ACP at birth — see TICKET-334b). The router PASS-THROUGHs unscored agents, so
+ * this gives them a real routing profile instead of an implicit bypass.
+ *
+ * Classification reuses the SAF path (classifyRequest → initialAcp) keyed on the
+ * citizen's owner lineage + agent_name, so a backfilled score is identical to the
+ * one the same agent would receive if spawned today. Idempotent: writeInitialAcp
+ * skips any agent_name that already has a score, so re-running only fills gaps.
+ */
+function backfillAcpForRegistry() {
+    const reg = (0, citizenship_1.readRegistry)();
+    const alreadyScored = readAcpScoreKeys();
+    const seeded = [];
+    let skipped = 0;
+    for (const c of reg.citizens) {
+        if (!c.agent_name || alreadyScored.has(c.agent_name)) {
+            skipped++;
+            continue;
+        }
+        const classification = classifyRequest({
+            requester_did: requesterDidForCitizen(c),
+            requested_role: c.agent_name,
+            requested_capabilities: [],
+            purpose: `TICKET-334e ACP backfill for pre-SAF citizen ${c.agent_name}`,
+        });
+        const score = initialAcp(classification);
+        writeInitialAcp(c.agent_name, score);
+        seeded.push({ agent_name: c.agent_name, classification, score });
+    }
+    return { scanned: reg.citizens.length, seeded, skipped };
+}
 /**
  * Emergency bypass — Founder only. Overrides all gates including health and
  * constitutional conditional findings. Logs prominently to KSL.

package/dist/lib/v2-decomposition-gate.types.d.ts

@@ -0,0 +1,80 @@
+/**
+ * Defines the task kind for decomposition gate scoring.
+ * @category DecompositionGate
+ */
+export type TaskKind = 'MODIFY' | 'CREATE';
+/**
+ * Represents an edit point in the task context.
+ * @property kind - The type of edit (e.g., 'import', 'function_body')
+ * @property location - The file path or symbol where the edit occurs
+ * @property description - Optional description of the edit
+ * @category DecompositionGate
+ */
+export interface EditPoint {
+    kind: 'import' | 'guard' | 'function_body' | 'export';
+    location: string;
+    description?: string;
+}
+/**
+ * Complexity score for a task before decomposition.
+ * @property editPointCount - Total number of edit points
+ * @property editPoints - Array of edit points
+ * @property estimatedLines - Estimated number of lines to modify
+ * @property taskKind - The kind of task (MODIFY or CREATE)
+ * @category DecompositionGate
+ */
+export interface ComplexityScore {
+    editPointCount: number;
+    editPoints: EditPoint[];
+    estimatedLines: number;
+    taskKind: TaskKind;
+}
+/**
+ * Decision outcome from the decomposition gate.
+ * @property accepted - Whether the task is accepted for decomposition
+ * @property reason - Reason for acceptance or rejection
+ * @property score - Complexity score of the task
+ * @property redecomposeFeedback - Optional feedback for redecomposing the task (if rejected)
+ * @category DecompositionGate
+ */
+export interface GateDecision {
+    accepted: boolean;
+    reason: string;
+    score: ComplexityScore;
+    redecomposeFeedback?: string;
+}
+/**
+ * Mode of the decomposition gate.
+ * @property shadow - Logs only (no hard rejection)
+ * @property enforce - Hard rejects tasks that exceed complexity limits
+ * @category DecompositionGate
+ */
+export type GateMode = 'shadow' | 'enforce';
+/**
+ * Configuration for the decomposition gate.
+ * @property mode - Operation mode (shadow or enforce)
+ * @property maxEditPointsModify - Maximum edit points for modify tasks (default: 1)
+ * @property maxLinesCreate - Maximum lines for create tasks (default: 200)
+ * @category DecompositionGate
+ */
+export interface GateConfig {
+    mode: GateMode;
+    maxEditPointsModify: number;
+    maxLinesCreate: number;
+}
+/**
+ * Input for the decomposition gate scoring.
+ * @property id - Unique identifier for the task
+ * @property taskKind - The kind of task (MODIFY or CREATE)
+ * @property description - Description of the task
+ * @property targetFiles - List of target files for the task
+ * @property estimatedLines - Estimated number of lines (optional)
+ * @category DecompositionGate
+ */
+export interface TicketInput {
+    id: string;
+    taskKind: TaskKind;
+    description: string;
+    targetFiles: string[];
+    estimatedLines?: number;
+}

package/dist/lib/v2-decomposition-gate.types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/lib/v2-decomposition-gate.types.test.js

@@ -0,0 +1,3 @@
+"use strict";
+// ERROR: Generation failed - ClawRouter timeout (480s)
+// Task: cto_20260605_004_3-A

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kognai/orchestrator-core",
-  "version": "0.2.1",
+  "version": "0.2.3",
   "description": "Kognai sovereign orchestrator — core engine (template-agnostic). Shared by all products (Kognai/coding, Voxight/market-intel, Invoica/fin-compliance); each supplies only its template. Replaces per-repo forks of orchestrate-agents-v2 / sprint-runner / lib.",
   "license": "MIT",
   "author": "SkinGem",