@liquiditytech/rapidx-cli 1.0.26

package/dist/core/client/rapid-x-client.js

@@ -0,0 +1,156 @@
+import { resolveCredential } from "../config/resolve.js";
+import { CORE_ERRORS, ProductError } from "../errors/product-error.js";
+import { flattenParams, signParams } from "./signing.js";
+export class RapidXClient {
+    baseUrl;
+    credential;
+    fetchFn;
+    nowSeconds;
+    readOnlyRetryAttempts;
+    readOnlyRetryDelayMs;
+    constructor(options = {}) {
+        this.baseUrl = resolveBaseUrl(options.baseUrl);
+        this.credential = options.credential ?? resolveCredential({ ref: options.credentialRef ?? { source: "env" } });
+        this.fetchFn = options.fetchFn ?? fetch;
+        this.nowSeconds = options.nowSeconds ?? (() => Math.floor(Date.now() / 1000));
+        this.readOnlyRetryAttempts = Math.max(1, options.readOnlyRetryAttempts ?? 4);
+        this.readOnlyRetryDelayMs = Math.max(0, options.readOnlyRetryDelayMs ?? 2_000);
+    }
+    async get(path, params = {}) {
+        return this.request("GET", path, params);
+    }
+    async post(path, body, params = {}) {
+        return this.request("POST", path, params, body);
+    }
+    async put(path, body) {
+        return this.request("PUT", path, {}, body);
+    }
+    async delete(path, body, params = {}) {
+        return this.request("DELETE", path, params, body);
+    }
+    buildSignedHeaders(method, params, body) {
+        const nonce = String(this.nowSeconds());
+        const signSource = method === "POST" || method === "PUT" || method === "DELETE"
+            ? flattenParams(body ?? params)
+            : params;
+        return {
+            "Content-Type": "application/json",
+            "X-MBX-APIKEY": this.credential.accessKey,
+            nonce,
+            signature: signParams(signSource, nonce, this.credential.secretKey)
+        };
+    }
+    async request(method, path, params = {}, body) {
+        const url = new URL(path, this.baseUrl);
+        if ((method === "GET" || method === "DELETE") && Object.keys(params).length > 0) {
+            for (const [key, value] of Object.entries(params)) {
+                url.searchParams.set(key, value);
+            }
+        }
+        const maxAttempts = method === "GET" ? this.readOnlyRetryAttempts : 1;
+        for (let attempt = 1; attempt <= maxAttempts; attempt += 1) {
+            const headers = this.buildSignedHeaders(method, params, body);
+            const init = {
+                method,
+                headers,
+                signal: AbortSignal.timeout(30_000)
+            };
+            if (body !== undefined) {
+                init.body = JSON.stringify(body);
+            }
+            const response = await this.fetchFn(url.toString(), init);
+            const text = await response.text();
+            if (!response.ok) {
+                if (method === "GET" && response.status === 429 && attempt < maxAttempts) {
+                    await delay(this.readOnlyRetryDelayMs * (2 ** (attempt - 1)));
+                    continue;
+                }
+                const hint = upstreamHttpErrorHint(path, response.status);
+                throw new ProductError({
+                    code: upstreamHttpErrorCode(response.status),
+                    status: "FAIL",
+                    message: hint ? `RapidX upstream error ${response.status}. ${hint}` : `RapidX upstream error ${response.status}`,
+                    details: { status: response.status, body: text.slice(0, 500), attempts: attempt, ...(hint ? { hint } : {}) }
+                });
+            }
+            if (!text) {
+                return {};
+            }
+            let parsed;
+            try {
+                parsed = JSON.parse(text);
+            }
+            catch {
+                throw new ProductError({
+                    code: CORE_ERRORS.UPSTREAM_REJECTED,
+                    status: "FAIL",
+                    message: "RapidX upstream returned non-JSON response."
+                });
+            }
+            assertRapidXBusinessSuccess(parsed);
+            return parsed;
+        }
+        throw new ProductError({
+            code: CORE_ERRORS.UPSTREAM_RATE_LIMITED,
+            status: "FAIL",
+            message: "RapidX upstream rate limit retry attempts were exhausted."
+        });
+    }
+}
+function resolveBaseUrl(explicitBaseUrl) {
+    const value = firstNonEmpty(explicitBaseUrl, process.env.LTP_API_HOST);
+    if (!value) {
+        throw new ProductError({
+            code: CORE_ERRORS.MISSING_API_HOST,
+            status: "NOT_VERIFIED",
+            message: "LTP_API_HOST is required. Configure the API host provided for your environment."
+        });
+    }
+    return value;
+}
+function firstNonEmpty(...values) {
+    return values.find((value) => value !== undefined && value.length > 0);
+}
+function upstreamHttpErrorHint(path, status) {
+    if (path === "/api/v1/account/balance" && status >= 500) {
+        return "account balance mode=account requires account-level credentials; portfolio keys should use mode=portfolio.";
+    }
+    return undefined;
+}
+function upstreamHttpErrorCode(status) {
+    if (status === 429) {
+        return CORE_ERRORS.UPSTREAM_RATE_LIMITED;
+    }
+    if (status >= 500) {
+        return CORE_ERRORS.UPSTREAM_REJECTED;
+    }
+    return CORE_ERRORS.INVALID_CREDENTIAL;
+}
+function delay(ms) {
+    if (ms <= 0) {
+        return Promise.resolve();
+    }
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function assertRapidXBusinessSuccess(payload) {
+    if (!payload || typeof payload !== "object" || !Object.prototype.hasOwnProperty.call(payload, "code")) {
+        return;
+    }
+    const body = payload;
+    const code = String(body.code ?? "");
+    if (code === "200000") {
+        return;
+    }
+    const upstreamMessage = typeof body.message === "string" && body.message.length > 0
+        ? `: ${body.message}`
+        : "";
+    throw new ProductError({
+        code: CORE_ERRORS.UPSTREAM_REJECTED,
+        status: "FAIL",
+        message: `RapidX upstream business error ${code}${upstreamMessage}`,
+        details: {
+            upstreamCode: code,
+            upstreamMessage: typeof body.message === "string" ? body.message : undefined
+        }
+    });
+}

package/dist/core/client/signing.js

@@ -0,0 +1,24 @@
+import { createHmac } from "node:crypto";
+export function flattenParams(input) {
+    if (!input || typeof input !== "object") {
+        return {};
+    }
+    const result = {};
+    for (const [key, value] of Object.entries(input)) {
+        if (value !== undefined && value !== null) {
+            result[key] = String(value);
+        }
+    }
+    return result;
+}
+export function canonicalizeParams(params) {
+    return Object.keys(params)
+        .sort()
+        .map((key) => `${key}=${params[key] ?? ""}`)
+        .join("&");
+}
+export function signParams(params, nonce, secretKey) {
+    const serialized = canonicalizeParams(params);
+    const message = `${serialized}&${nonce}`;
+    return createHmac("sha256", secretKey).update(message).digest("hex");
+}

package/dist/core/client/symbol.js

@@ -0,0 +1,36 @@
+import { ProductError } from "../errors/product-error.js";
+export function parseRapidXSymbol(symbol) {
+    const parts = symbol.split("_");
+    const [exchangeRaw, typeRaw, baseRaw, quoteRaw] = parts;
+    if (parts.length !== 4 || !exchangeRaw || !typeRaw || !baseRaw || !quoteRaw) {
+        throw new ProductError({
+            code: "RCORE12001",
+            status: "FAIL",
+            message: `Invalid RapidX symbol: ${symbol}`
+        });
+    }
+    const exchange = exchangeRaw.toUpperCase();
+    const type = typeRaw.toUpperCase();
+    if (type !== "PERP" && type !== "SPOT") {
+        throw new ProductError({
+            code: "RCORE12001",
+            status: "FAIL",
+            message: `Unsupported RapidX symbol type: ${typeRaw}`
+        });
+    }
+    const base = baseRaw.toUpperCase();
+    const quote = quoteRaw.toUpperCase();
+    const isPerp = type === "PERP";
+    const parsed = {
+        exchange,
+        base,
+        quote,
+        type,
+        binanceSymbol: `${base}${quote}`,
+        isPerp
+    };
+    if (exchange === "OKX") {
+        parsed.okxInstId = isPerp ? `${base}-${quote}-SWAP` : `${base}-${quote}`;
+    }
+    return parsed;
+}

package/dist/core/config/credential.js

@@ -0,0 +1,42 @@
+import { createHash } from "node:crypto";
+import { CORE_ERRORS, ProductError } from "../errors/product-error.js";
+export function maskSecret(value) {
+    if (!value) {
+        return "";
+    }
+    if (value.length <= 8) {
+        return `${value.slice(0, 2)}***${value.slice(-2)}`;
+    }
+    return `${value.slice(0, 4)}***${value.slice(-4)}`;
+}
+export function credentialFingerprint(value) {
+    return createHash("sha256").update(value).digest("hex").slice(0, 12);
+}
+export function makeCredentialRef(source, material = {}) {
+    const ref = { source };
+    if (material.accessKey) {
+        ref.maskedAccessKey = maskSecret(material.accessKey);
+    }
+    return ref;
+}
+export function makeResolvedCredential(accessKey, secretKey) {
+    if (!accessKey || !secretKey) {
+        throw new ProductError({
+            code: CORE_ERRORS.MISSING_CREDENTIAL,
+            status: "NOT_VERIFIED",
+            message: "Portfolio credential is not configured."
+        });
+    }
+    return {
+        accessKey,
+        secretKey,
+        maskedAccessKey: maskSecret(accessKey),
+        toJSON() {
+            throw new ProductError({
+                code: CORE_ERRORS.SECRET_REDACTION_RISK,
+                status: "FAIL",
+                message: "Resolved credentials cannot be serialized."
+            });
+        }
+    };
+}

package/dist/core/config/resolve.js

@@ -0,0 +1,24 @@
+import { makeResolvedCredential } from "./credential.js";
+import { CORE_ERRORS, ProductError } from "../errors/product-error.js";
+export function resolveCredential(options) {
+    const env = options.env ?? process.env;
+    const material = options.material ?? {};
+    if (options.ref.source === "env") {
+        const accessKeyRef = options.ref.accessKeyRef ?? "LTP_ACCESS_KEY";
+        const secretKeyRef = options.ref.secretKeyRef ?? "LTP_SECRET_KEY";
+        const accessKey = firstNonEmpty(env[accessKeyRef]);
+        const secretKey = firstNonEmpty(env[secretKeyRef]);
+        return makeResolvedCredential(accessKey ?? "", secretKey ?? "");
+    }
+    if (options.ref.source === "chat-secret" || options.ref.source === "mcp-config" || options.ref.source === "local-file" || options.ref.source === "secret-manager") {
+        return makeResolvedCredential(material.accessKey ?? "", material.secretKey ?? "");
+    }
+    throw new ProductError({
+        code: CORE_ERRORS.MISSING_CREDENTIAL,
+        status: "NOT_VERIFIED",
+        message: `Unsupported credential source: ${String(options.ref.source)}`
+    });
+}
+function firstNonEmpty(...values) {
+    return values.find((value) => value !== undefined && value.length > 0);
+}

package/dist/core/contracts/capabilities.js

@@ -0,0 +1,77 @@
+import { SCHEMA_VERSION } from "./types.js";
+export const CAPABILITIES = [
+    { capabilityId: "config.get", cliCommand: "rapidx config get", operationType: "READ", riskLevel: "read", inputSchema: "ConfigGetInput", outputSchema: "ConfigResult", previewRequired: false },
+    { capabilityId: "config.set", cliCommand: "rapidx config set", operationType: "DIAGNOSTIC", riskLevel: "write-config", inputSchema: "ConfigSetInput", outputSchema: "ConfigResult", previewRequired: false },
+    { capabilityId: "config.unset", cliCommand: "rapidx config unset", operationType: "DIAGNOSTIC", riskLevel: "write-config", inputSchema: "ConfigUnsetInput", outputSchema: "ConfigResult", previewRequired: false },
+    { capabilityId: "config.list", cliCommand: "rapidx config list", operationType: "READ", riskLevel: "read", inputSchema: "EmptyInput", outputSchema: "ConfigResult", previewRequired: false },
+    { capabilityId: "auth.check", cliCommand: "rapidx auth check", mcpTool: "rapidx/self-check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "AuthInput", outputSchema: "AuthResult", previewRequired: false },
+    { capabilityId: "doctor.run", cliCommand: "rapidx doctor --json", mcpTool: "rapidx/self-check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "DoctorInput", outputSchema: "DoctorReport", previewRequired: false },
+    { capabilityId: "update.check", cliCommand: "rapidx update check", mcpTool: "rapidx/update/check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "UpdateCheckInput", outputSchema: "UpdateCheckResult", previewRequired: false },
+    { capabilityId: "schema.discover", cliCommand: "rapidx schema --json", mcpTool: "rapidx/tools", operationType: "READ", riskLevel: "read", inputSchema: "SchemaQuery", outputSchema: "SchemaResult", previewRequired: false },
+    { capabilityId: "self-check.run", cliCommand: "rapidx self-check --read-only --json", mcpTool: "rapidx/self-check", operationType: "READ", riskLevel: "read", inputSchema: "SelfCheckInput", outputSchema: "SelfCheckReport", previewRequired: false },
+    { capabilityId: "market.ticker", cliCommand: "rapidx market get-ticker", mcpTool: "rapidx/market/get-ticker", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "MarketTicker", previewRequired: false },
+    { capabilityId: "market.orderbook", cliCommand: "rapidx market get-orderbook", mcpTool: "rapidx/market/get-orderbook", operationType: "READ", riskLevel: "read", inputSchema: "OrderbookInput", outputSchema: "Orderbook", previewRequired: false },
+    { capabilityId: "market.klines", cliCommand: "rapidx market get-klines", mcpTool: "rapidx/market/get-klines", operationType: "READ", riskLevel: "read", inputSchema: "KlinesInput", outputSchema: "Klines", previewRequired: false },
+    { capabilityId: "market.funding-rate", cliCommand: "rapidx market get-funding-rate", mcpTool: "rapidx/market/get-funding-rate", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "FundingRate", previewRequired: false },
+    { capabilityId: "market.mark-price", cliCommand: "rapidx market get-mark-price", mcpTool: "rapidx/market/get-mark-price", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "MarkPrice", previewRequired: false },
+    { capabilityId: "market.symbol-info", cliCommand: "rapidx market get-symbol-info", mcpTool: "rapidx/market/get-symbol-info", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "SymbolInfo", previewRequired: false },
+    { capabilityId: "market.open-interest", cliCommand: "rapidx market get-open-interest", mcpTool: "rapidx/market/get-open-interest", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "OpenInterest", previewRequired: false },
+    { capabilityId: "account.overview", cliCommand: "rapidx account overview", mcpTool: "rapidx/account/overview", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "EmptyInput", outputSchema: "AccountOverview", previewRequired: false },
+    { capabilityId: "account.balance", cliCommand: "rapidx account balance", mcpTool: "rapidx/account/balance", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "AccountBalanceInput", outputSchema: "AccountBalance", previewRequired: false },
+    { capabilityId: "account.set-position-mode", cliCommand: "rapidx account set-position-mode", mcpTool: "rapidx/account/set-position-mode", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "SetPositionModeInput", outputSchema: "SetPositionModeResult", previewRequired: true },
+    { capabilityId: "trade.preview", cliCommand: "rapidx trade preview", mcpTool: "rapidx/trade/preview", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "TradePreviewInput", outputSchema: "TradePreviewResult", previewRequired: false },
+    { capabilityId: "order.preview", cliCommand: "rapidx order preview", mcpTool: "rapidx/order/preview", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "PreviewOrderInput", outputSchema: "PreviewOrderResult", previewRequired: false },
+    { capabilityId: "order.place-preview", cliCommand: "rapidx order place-preview", mcpTool: "rapidx/order/place-preview", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "PreviewOrderInput", outputSchema: "PreviewOrderResult", previewRequired: false },
+    { capabilityId: "order.amend-preview", cliCommand: "rapidx order amend-preview", mcpTool: "rapidx/order/amend-preview", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "AmendOrderPreviewInput", outputSchema: "TradePreviewResult", previewRequired: false },
+    { capabilityId: "order.cancel-preview", cliCommand: "rapidx order cancel-preview", mcpTool: "rapidx/order/cancel-preview", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "CancelOrderPreviewInput", outputSchema: "TradePreviewResult", previewRequired: false },
+    { capabilityId: "order.place", cliCommand: "rapidx order place", mcpTool: "rapidx/order/place", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "PlaceOrderInput", outputSchema: "OrderStatusResult", previewRequired: true },
+    { capabilityId: "order.amend", cliCommand: "rapidx order amend", mcpTool: "rapidx/order/amend", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "AmendOrderInput", outputSchema: "OrderStatusResult", previewRequired: true },
+    { capabilityId: "order.cancel", cliCommand: "rapidx order cancel", mcpTool: "rapidx/order/cancel", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "CancelOrderInput", outputSchema: "OrderStatusResult", previewRequired: true },
+    { capabilityId: "order.get", cliCommand: "rapidx order get", mcpTool: "rapidx/order/get", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "OrderLookupInput", outputSchema: "OrderStatusResult", previewRequired: false },
+    { capabilityId: "order.list", cliCommand: "rapidx order list", mcpTool: "rapidx/order/list", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "OrderListInput", outputSchema: "OrderList", previewRequired: false },
+    { capabilityId: "order.history", cliCommand: "rapidx order history", mcpTool: "rapidx/order/history", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "OrderHistoryInput", outputSchema: "OrderHistory", previewRequired: false },
+    { capabilityId: "position.list", cliCommand: "rapidx position list", mcpTool: "rapidx/position/list", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "PositionListInput", outputSchema: "PositionList", previewRequired: false },
+    { capabilityId: "position.history", cliCommand: "rapidx position history", mcpTool: "rapidx/position/history", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "PositionHistoryInput", outputSchema: "PositionHistory", previewRequired: false },
+    { capabilityId: "position.close", cliCommand: "rapidx position close", mcpTool: "rapidx/position/close", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "ClosePositionInput", outputSchema: "ClosePositionResult", previewRequired: true },
+    { capabilityId: "position.set-leverage", cliCommand: "rapidx position set-leverage", mcpTool: "rapidx/position/set-leverage", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "SetLeverageInput", outputSchema: "SetLeverageResult", previewRequired: true },
+    { capabilityId: "algo.place", cliCommand: "rapidx algo place", mcpTool: "rapidx/algo/place", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "AlgoPlaceInput", outputSchema: "AlgoOrderStatus", previewRequired: true },
+    { capabilityId: "algo.amend", cliCommand: "rapidx algo amend", mcpTool: "rapidx/algo/amend", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "AlgoAmendInput", outputSchema: "AlgoOrderStatus", previewRequired: true },
+    { capabilityId: "algo.cancel", cliCommand: "rapidx algo cancel", mcpTool: "rapidx/algo/cancel", operationType: "TRADE_WRITE", riskLevel: "trade-write", inputSchema: "AlgoCancelInput", outputSchema: "AlgoOrderStatus", previewRequired: true },
+    { capabilityId: "algo.list", cliCommand: "rapidx algo list", mcpTool: "rapidx/algo/list", operationType: "TRADE_READ", riskLevel: "trade-read", inputSchema: "AlgoListInput", outputSchema: "AlgoList", previewRequired: false },
+    { capabilityId: "trading.verify", cliCommand: "rapidx self-check trade-verify", mcpTool: "rapidx/trading-verification", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "TradingVerificationInput", outputSchema: "TradingVerificationReport", previewRequired: false },
+    { capabilityId: "trading.verify-live", cliCommand: "rapidx trade verify-live", mcpTool: "rapidx/trade/verify-live", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "TradingVerificationInput", outputSchema: "TradingVerificationReport", previewRequired: false },
+    { capabilityId: "invocation.check", cliCommand: "rapidx invocation check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "InvocationCheckInput", outputSchema: "InvocationCompliance", previewRequired: false }
+];
+export function getSchemaResult() {
+    return {
+        schemaVersion: SCHEMA_VERSION,
+        capabilities: [...CAPABILITIES]
+    };
+}
+export function listMcpCapabilities() {
+    return CAPABILITIES.filter((capability) => Boolean(capability.mcpTool));
+}
+export function findCapabilityById(capabilityId) {
+    return CAPABILITIES.find((capability) => capability.capabilityId === capabilityId);
+}
+export function findCapabilityByCliCommand(command) {
+    const normalized = command.trim().replace(/\s+/g, " ");
+    return CAPABILITIES.find((capability) => capability.cliCommand === normalized);
+}
+export function findCapabilityByMcpTool(toolName) {
+    return CAPABILITIES.find((capability) => capability.mcpTool === toolName);
+}
+export function assertCanonicalRegistry() {
+    const ids = new Set();
+    const cli = new Set();
+    for (const capability of CAPABILITIES) {
+        if (ids.has(capability.capabilityId)) {
+            throw new Error(`Duplicate capabilityId: ${capability.capabilityId}`);
+        }
+        if (cli.has(capability.cliCommand)) {
+            throw new Error(`Duplicate cliCommand: ${capability.cliCommand}`);
+        }
+        ids.add(capability.capabilityId);
+        cli.add(capability.cliCommand);
+    }
+}

package/dist/core/contracts/compatibility.js

@@ -0,0 +1,65 @@
+import { SCHEMA_VERSION } from "./types.js";
+import { RAPIDX_VERSION } from "../version.js";
+export const RAPIDX_SKILLS_DISTRIBUTION = "github";
+export const RAPIDX_SKILLS_VERSION = "1.0.1";
+export const RAPIDX_SKILLS_SCHEMA_VERSION = "1.0.0";
+export function buildCompatibilityReport(input = {}) {
+    const checks = [
+        {
+            name: "cli-version",
+            status: "PASS",
+            expected: RAPIDX_VERSION,
+            actual: RAPIDX_VERSION,
+            message: "RapidX CLI version is available."
+        },
+        {
+            name: "mcp-schema-version",
+            status: compareOptionalVersion(input.mcpSchemaVersion, SCHEMA_VERSION),
+            expected: SCHEMA_VERSION,
+            actual: input.mcpSchemaVersion ?? SCHEMA_VERSION,
+            message: input.mcpSchemaVersion === undefined
+                ? "No external MCP schema version was supplied; using bundled schema."
+                : "MCP schema version was checked."
+        },
+        {
+            name: "skills-version",
+            status: compareOptionalVersion(input.skillsVersion, RAPIDX_SKILLS_VERSION, "NOT_VERIFIED"),
+            expected: RAPIDX_SKILLS_VERSION,
+            actual: input.skillsVersion,
+            message: input.skillsVersion === undefined
+                ? "Skills version was not supplied; install or inspect GitHub-distributed skills to verify."
+                : "Skills version was checked."
+        },
+        {
+            name: "skills-schema-version",
+            status: compareOptionalVersion(input.skillsSchemaVersion, RAPIDX_SKILLS_SCHEMA_VERSION, "NOT_VERIFIED"),
+            expected: RAPIDX_SKILLS_SCHEMA_VERSION,
+            actual: input.skillsSchemaVersion,
+            message: input.skillsSchemaVersion === undefined
+                ? "Skills schema version was not supplied; compatibility cannot be fully asserted."
+                : "Skills schema version was checked."
+        }
+    ];
+    const status = checks.some((check) => check.status === "BLOCKED")
+        ? "BLOCKED"
+        : checks.some((check) => check.status === "FAIL")
+            ? "FAIL"
+            : checks.some((check) => check.status === "NOT_VERIFIED")
+                ? "NOT_VERIFIED"
+                : "PASS";
+    return {
+        cliVersion: RAPIDX_VERSION,
+        mcpSchemaVersion: SCHEMA_VERSION,
+        skillsDistribution: RAPIDX_SKILLS_DISTRIBUTION,
+        expectedSkillsVersion: RAPIDX_SKILLS_VERSION,
+        expectedSkillsSchemaVersion: RAPIDX_SKILLS_SCHEMA_VERSION,
+        status,
+        checks
+    };
+}
+function compareOptionalVersion(actual, expected, missingStatus = "PASS") {
+    if (actual === undefined || actual.length === 0) {
+        return missingStatus;
+    }
+    return actual === expected ? "PASS" : "BLOCKED";
+}

package/dist/core/contracts/events.js

@@ -0,0 +1,29 @@
+export const EVENT_VERSION = "1.0";
+export const EVENTS = [
+    { eventName: "CoreAuthChecked", channel: "rapidx.auth", producer: "core", consumer: "cli,mcp,audit", requiredPayload: ["credentialSource", "maskedAccessKey", "permissionStatus", "status", "errorCode"] },
+    { eventName: "ToolSchemaUpdated", channel: "rapidx.schema", producer: "core", consumer: "cli,mcp,skills,distribution", requiredPayload: ["schemaVersion", "capabilityIds", "compatibility", "riskChanges"] },
+    { eventName: "SelfCheckCompleted", channel: "rapidx.selfcheck", producer: "cli,mcp/core", consumer: "skills,audit", requiredPayload: ["scope", "status", "checks", "notVerifiedItems", "evidence"] },
+    { eventName: "TradePreviewCompleted", channel: "rapidx.trade.preview", producer: "cli/mcp/core", consumer: "audit", requiredPayload: ["capabilityId", "previewId", "submitted", "paramsHash", "expiresAt", "status"] },
+    { eventName: "TradeWriteSubmitted", channel: "rapidx.trade.write", producer: "cli/mcp/core", consumer: "audit", requiredPayload: ["capabilityId", "clientOrderId", "orderId", "requestId", "confirmationStatus", "status"] },
+    { eventName: "TradingVerificationCompleted", channel: "rapidx.trade.verify", producer: "cli/mcp", consumer: "skills,audit", requiredPayload: ["submittedRealOrder", "steps", "cleanupStatus", "status"] },
+    { eventName: "CoreSafetyDecisionMade", channel: "rapidx.policy", producer: "core", consumer: "cli,mcp,audit", requiredPayload: ["capabilityId", "decision", "blockedAt", "errorCode"] },
+    { eventName: "SafetyPolicyUpdated", channel: "rapidx.policy", producer: "cli/mcp/core", consumer: "audit", requiredPayload: ["readOnly", "tradingEnabled", "maxNotional", "rateLimit", "duplicateWindowMs"] },
+    { eventName: "ReleaseArtifactUpdated", channel: "rapidx.release", producer: "distribution", consumer: "cli,mcp,skills", requiredPayload: ["artifact", "version", "checksum", "compatibility", "status"] },
+    { eventName: "UserTradingConsentReceived", channel: "rapidx.consent", producer: "skills/agent-host", consumer: "cli,mcp", requiredPayload: ["consentId", "scope", "maxNotional", "acceptedRiskText", "timestamp"] }
+];
+export function makeEvent(eventName, payload) {
+    const definition = EVENTS.find((event) => event.eventName === eventName);
+    if (!definition) {
+        throw new Error(`Unknown eventName: ${eventName}`);
+    }
+    return {
+        eventName,
+        eventVersion: EVENT_VERSION,
+        channel: definition.channel,
+        timestamp: new Date().toISOString(),
+        producer: definition.producer,
+        consumer: definition.consumer,
+        idempotencyKey: `${eventName}:${JSON.stringify(payload)}`,
+        payload
+    };
+}

package/dist/core/contracts/evidence.js

@@ -0,0 +1,7 @@
+export function makeEvidence(toolOrCommandEvidence, source = "local_check") {
+    return {
+        source,
+        toolOrCommandEvidence,
+        timestamp: new Date().toISOString()
+    };
+}