@liquiditytech/rapidx-cli 1.0.34 → 1.0.36

package/dist/core/contracts/capabilities.js

@@ -8,6 +8,11 @@ export const CAPABILITIES = [
     { capabilityId: "auth.check", cliCommand: "rapidx auth check", mcpTool: "rapidx/self-check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "AuthInput", outputSchema: "AuthResult", previewRequired: false },
     { capabilityId: "doctor.run", cliCommand: "rapidx doctor --json", mcpTool: "rapidx/self-check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "DoctorInput", outputSchema: "DoctorReport", previewRequired: false },
     { capabilityId: "update.check", cliCommand: "rapidx update check", mcpTool: "rapidx/update/check", operationType: "DIAGNOSTIC", riskLevel: "read", inputSchema: "UpdateCheckInput", outputSchema: "UpdateCheckResult", previewRequired: false },
+    { capabilityId: "automation.start", cliCommand: "rapidx automation start", mcpTool: "rapidx/automation/start", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "AutomationStartInput", outputSchema: "AutomationSession", previewRequired: false },
+    { capabilityId: "automation.list", cliCommand: "rapidx automation list", mcpTool: "rapidx/automation/list", operationType: "READ", riskLevel: "read", inputSchema: "AutomationListInput", outputSchema: "AutomationSessionList", previewRequired: false },
+    { capabilityId: "automation.status", cliCommand: "rapidx automation status", mcpTool: "rapidx/automation/status", operationType: "READ", riskLevel: "read", inputSchema: "AutomationStatusInput", outputSchema: "AutomationSession", previewRequired: false },
+    { capabilityId: "automation.extend", cliCommand: "rapidx automation extend", mcpTool: "rapidx/automation/extend", operationType: "TRADE_WRITE", riskLevel: "critical-trade-write", inputSchema: "AutomationExtendInput", outputSchema: "AutomationSession", previewRequired: false },
+    { capabilityId: "automation.stop", cliCommand: "rapidx automation stop", mcpTool: "rapidx/automation/stop", operationType: "DIAGNOSTIC", riskLevel: "write-config", inputSchema: "AutomationStopInput", outputSchema: "AutomationSession", previewRequired: false },
     { capabilityId: "schema.discover", cliCommand: "rapidx schema --json", mcpTool: "rapidx/tools", operationType: "READ", riskLevel: "read", inputSchema: "SchemaQuery", outputSchema: "SchemaResult", previewRequired: false },
     { capabilityId: "self-check.run", cliCommand: "rapidx self-check --read-only --json", mcpTool: "rapidx/self-check", operationType: "READ", riskLevel: "read", inputSchema: "SelfCheckInput", outputSchema: "SelfCheckReport", previewRequired: false },
     { capabilityId: "market.ticker", cliCommand: "rapidx market get-ticker", mcpTool: "rapidx/market/get-ticker", operationType: "READ", riskLevel: "read", inputSchema: "SymbolInput", outputSchema: "MarketTicker", previewRequired: false },

package/dist/core/contracts/compatibility.js

@@ -1,7 +1,7 @@
 import { SCHEMA_VERSION } from "./types.js";
 import { RAPIDX_VERSION } from "../version.js";
 export const RAPIDX_SKILLS_DISTRIBUTION = "github";
-export const RAPIDX_SKILLS_VERSION = "1.0.9";
+export const RAPIDX_SKILLS_VERSION = "1.0.10";
 export const RAPIDX_SKILLS_SCHEMA_VERSION = "1.0.0";
 export function buildCompatibilityReport(input = {}) {
     const checks = [

package/dist/core/contracts/input-schema.js

@@ -68,6 +68,10 @@ const automationScopeSchema = {
     type: "string",
     description: "Optional automation scope label, for example single-preview, strategy-session, or the user's exact scope phrase."
 };
+const automationSessionIdSchema = {
+    type: "string",
+    description: "Automation session id returned by rapidx automation start. Preview binds to this session and submit re-checks the session before writing."
+};
 const previewIdSchema = {
     type: "string",
     description: "Preview id returned by the matching preview tool or command.",
@@ -118,6 +122,9 @@ const closePositionReduceOnlySchema = {
 };
 const algoConditionTypeSchema = { type: "string", enum: ["CONDITIONAL", "OCO", "ENTIRE_CLOSE_POSITION", "PARTIAL_CLOSE_POSITION"] };
 const triggerTypeSchema = { type: "string", enum: ["LAST_PRICE", "MARK_PRICE"] };
+const symbolsArraySchema = { type: "array", items: symbolSchema, description: "RapidX symbols authorized for this automation session." };
+const stringArraySchema = { type: "array", items: stringSchema };
+const expiresInSecondsSchema = { type: "number", description: "Automation session duration in seconds. Default is 86400; maximum is 2592000." };
 export function inputSchemaForName(name) {
     switch (name) {
         case "EmptyInput":
@@ -312,6 +319,30 @@ export function inputSchemaForName(name) {
             return objectSchema({ commandLine: stringSchema, preflightError: stringSchema });
         case "UpdateCheckInput":
             return objectSchema({ force: booleanSchema, manifestUrl: stringSchema, maxCacheAgeSeconds: numberSchema, installedSkillsVersion: stringSchema });
+        case "AutomationStartInput":
+            return objectSchema({
+                symbols: symbolsArraySchema,
+                maxNotionalPerOrder: maxNotionalSchema,
+                maxTotalNotional: maxNotionalSchema,
+                expiresInSeconds: expiresInSecondsSchema,
+                allowedActions: stringArraySchema,
+                allowedOrderTypes: stringArraySchema,
+                name: stringSchema,
+                explicitUserConsent: explicitUserConsentSchema,
+                acceptedRiskText: acceptedRiskTextSchema
+            }, ["symbols", "maxNotionalPerOrder", "maxTotalNotional", "explicitUserConsent", "acceptedRiskText"]);
+        case "AutomationListInput":
+            return objectSchema({});
+        case "AutomationStatusInput":
+        case "AutomationStopInput":
+            return objectSchema({ automationSessionId: automationSessionIdSchema }, ["automationSessionId"]);
+        case "AutomationExtendInput":
+            return objectSchema({
+                automationSessionId: automationSessionIdSchema,
+                expiresInSeconds: expiresInSecondsSchema,
+                explicitUserConsent: explicitUserConsentSchema,
+                acceptedRiskText: acceptedRiskTextSchema
+            }, ["automationSessionId", "expiresInSeconds", "explicitUserConsent", "acceptedRiskText"]);
         case "SchemaQuery":
             return objectSchema({ consumer: stringSchema, consumerVersion: stringSchema, includeExamples: booleanSchema });
         case "SelfCheckInput":
@@ -432,6 +463,7 @@ function tradeCreateProperties() {
 }
 function automationProperties() {
     return {
+        automationSessionId: automationSessionIdSchema,
         automationMode: automationModeSchema,
         automationConsentText: automationConsentTextSchema,
         automationScope: automationScopeSchema
@@ -451,6 +483,9 @@ function matchesType(value, schema) {
     if (!schema.type) {
         return true;
     }
+    if (schema.type === "array") {
+        return Array.isArray(value);
+    }
     return typeof value === schema.type;
 }
 function hasValue(value) {

package/dist/core/index.js

@@ -16,6 +16,7 @@ export * from "./client/order-id.js";
 export * from "./client/symbol.js";
 export * from "./safety/policy.js";
 export * from "./safety/raw-api.js";
+export * from "./automation/session.js";
 export * from "./trading/preview.js";
 export * from "./trading/preview-preflight.js";
 export * from "./update/check-update.js";

package/dist/core/safety/policy.js

@@ -92,7 +92,7 @@ export function evaluateSafety(capability, input, policy, state = makeSafetyStat
         }
     }
     const clientOrderId = typeof input.clientOrderId === "string" ? input.clientOrderId : undefined;
-    if (clientOrderId) {
+    if (clientOrderId && tracksDuplicateClientOrderId(capability)) {
         const now = state.nowMs();
         const seenAt = state.recentClientOrderIds.get(clientOrderId);
         if (seenAt && now - seenAt < policy.duplicateWindowMs) {
@@ -168,6 +168,11 @@ function requiresNotionalLimit(capability) {
         || capability.capabilityId === "algo.place"
         || capability.capabilityId === "position.close";
 }
+function tracksDuplicateClientOrderId(capability) {
+    return capability.capabilityId === "order.place-preview"
+        || capability.capabilityId === "order.place"
+        || capability.capabilityId === "algo.place";
+}
 function estimateDirectNotional(input) {
     const symbol = typeof input.symbol === "string" ? input.symbol : "";
     if (!symbol.startsWith("BINANCE_")) {

package/dist/core/trading/preview-preflight.js

@@ -170,7 +170,11 @@ function validateQuantity(input, rules) {
     const quantityText = String(quantityValue);
     const quantity = positiveNumber(quantityText);
     if (quantity === undefined) {
-        return;
+        throw new ProductError({
+            code: "RCORE24006",
+            status: "BLOCKED",
+            message: `INVALID_QUANTITY: quantity ${quantityText} must be a positive finite number.`
+        });
     }
     const minSize = positiveNumber(rules.minSize);
     if (minSize !== undefined && quantity < minSize - 1e-12) {
@@ -204,7 +208,11 @@ function validatePrice(input, rules) {
     const priceText = String(input.price);
     const price = positiveNumber(priceText);
     if (price === undefined) {
-        return;
+        throw new ProductError({
+            code: "RCORE24007",
+            status: "BLOCKED",
+            message: `INVALID_PRICE: price ${priceText} must be a positive finite number.`
+        });
     }
     const tickSize = positiveNumber(rules.tickSize);
     if (tickSize !== undefined && !isAlignedToStep(price, tickSize)) {

package/dist/core/trading/preview.js

@@ -5,6 +5,7 @@ import { assertInputMatchesSchema } from "../contracts/input-schema.js";
 import { evaluateSafety, stableParamsHash } from "../safety/policy.js";
 import { ProductError } from "../errors/product-error.js";
 import { parseRapidXSymbol } from "../client/symbol.js";
+import { automationPreviewDetails } from "../automation/session.js";
 export function makePreviewStore() {
     return { records: new Map() };
 }
@@ -37,13 +38,14 @@ export function savePreviewStoreToFile(filePath, store) {
     const records = [...store.records.values()];
     writeFileSync(filePath, `${JSON.stringify(records, null, 2)}\n`, { mode: 0o600 });
 }
-export function createTradePreview(capability, input, policy, state, store, ttlSeconds = 300) {
+export function createTradePreview(capability, input, policy, state, store, ttlSeconds = 300, options = {}) {
     assertInputMatchesSchema(capability.inputSchema, input, {
-        allowedExtraFields: ["explicitUserConsent", "acceptedRiskText", "automationMode", "automationConsentText", "automationScope"]
+        allowedExtraFields: ["explicitUserConsent", "acceptedRiskText", "automationMode", "automationConsentText", "automationScope", "automationSessionId"]
     });
     const tradeParams = normalizeTradeParams(input);
     const automation = makeAutomationDetails(input, tradeParams);
-    const previewDetails = makePreviewDetails(capability, tradeParams, automation);
+    const automationSession = options.automationSession ? automationPreviewDetails(options.automationSession) : undefined;
+    const previewDetails = makePreviewDetails(capability, tradeParams, automation, automationSession);
     const decision = evaluateSafety(capability, input, policy, state);
     if (!decision.allowed) {
         throw new ProductError({
@@ -61,13 +63,44 @@ export function createTradePreview(capability, input, policy, state, store, ttlS
         expiresAt: new Date(Date.now() + ttlSeconds * 1000).toISOString(),
         submitted: false,
         status: "PASS",
-        confirmation: makeSubmitConfirmation(previewId, automation),
-        ...(automation ? { automation } : {})
+        confirmation: makeSubmitConfirmation(previewId, automation, automationSession),
+        ...(automation ? { automation } : {}),
+        ...(automationSession ? { automationSession } : {})
     };
     store.records.set(previewId, record);
     return record;
 }
-export function createTargetedTradePreview(targetCapability, input, policy, state, store, ttlSeconds = 300) {
+export function createTargetedTradePreview(targetCapability, input, policy, state, store, ttlSeconds = 300, options = {}) {
+    assertTargetedTradePreviewInput(targetCapability, input);
+    const tradeParams = normalizeTradeParams(input);
+    const automation = makeAutomationDetails(input, tradeParams);
+    const automationSession = options.automationSession ? automationPreviewDetails(options.automationSession) : undefined;
+    const previewDetails = makePreviewDetails(targetCapability, tradeParams, automation, automationSession);
+    const decision = evaluateSafety(targetCapability, input, policy, state);
+    if (!decision.allowed) {
+        throw new ProductError({
+            code: decision.code ?? "RCORE20002",
+            status: "BLOCKED",
+            message: decision.reason ?? "Preview blocked by safety policy."
+        });
+    }
+    const previewId = `rpv_${randomUUID()}`;
+    const record = {
+        previewId,
+        capabilityId: targetCapability.capabilityId,
+        paramsHash: stableParamsHash(tradeParams),
+        ...previewDetails,
+        expiresAt: new Date(Date.now() + ttlSeconds * 1000).toISOString(),
+        submitted: false,
+        status: "PASS",
+        confirmation: makeSubmitConfirmation(previewId, automation, automationSession),
+        ...(automation ? { automation } : {}),
+        ...(automationSession ? { automationSession } : {})
+    };
+    store.records.set(previewId, record);
+    return record;
+}
+export function assertTargetedTradePreviewInput(targetCapability, input) {
     assertInputMatchesSchema(targetCapability.inputSchema, input, {
         allowedExtraFields: [
             "targetCapabilityId",
@@ -79,7 +112,8 @@ export function createTargetedTradePreview(targetCapability, input, policy, stat
             "skillsSchemaVersion",
             "automationMode",
             "automationConsentText",
-            "automationScope"
+            "automationScope",
+            "automationSessionId"
         ],
         ignoredRequiredFields: ["previewId", "continueConsentId"]
     });
@@ -97,39 +131,16 @@ export function createTargetedTradePreview(targetCapability, input, policy, stat
             message: "trade preview target cannot be another preview capability."
         });
     }
-    const tradeParams = normalizeTradeParams(input);
-    const automation = makeAutomationDetails(input, tradeParams);
-    const previewDetails = makePreviewDetails(targetCapability, tradeParams, automation);
-    const decision = evaluateSafety(targetCapability, input, policy, state);
-    if (!decision.allowed) {
-        throw new ProductError({
-            code: decision.code ?? "RCORE20002",
-            status: "BLOCKED",
-            message: decision.reason ?? "Preview blocked by safety policy."
-        });
-    }
-    const previewId = `rpv_${randomUUID()}`;
-    const record = {
-        previewId,
-        capabilityId: targetCapability.capabilityId,
-        paramsHash: stableParamsHash(tradeParams),
-        ...previewDetails,
-        expiresAt: new Date(Date.now() + ttlSeconds * 1000).toISOString(),
-        submitted: false,
-        status: "PASS",
-        confirmation: makeSubmitConfirmation(previewId, automation),
-        ...(automation ? { automation } : {})
-    };
-    store.records.set(previewId, record);
-    return record;
 }
-function makeSubmitConfirmation(previewId, automation) {
+function makeSubmitConfirmation(previewId, automation, automationSession) {
     return {
         submitToken: `confirm_${previewId}`,
         requiredFields: ["previewId", "continueConsentId"],
-        instruction: automation
-            ? "Automation mode is enabled for this preview. The agent may pass submitToken as continueConsentId without asking for another per-order chat confirmation, within the authorized scope."
-            : "Pass submitToken as continueConsentId only after the user has confirmed this exact preview."
+        instruction: automationSession
+            ? "This preview is authorized by an active automation session. The agent may pass submitToken as continueConsentId without asking for another per-order chat confirmation, within the session scope."
+            : automation
+                ? "Automation mode is enabled for this preview. The agent may pass submitToken as continueConsentId without asking for another per-order chat confirmation, within the authorized scope."
+                : "Pass submitToken as continueConsentId only after the user has confirmed this exact preview."
     };
 }
 export function verifyPreview(store, previewId, capability, input, now = new Date()) {
@@ -175,9 +186,23 @@ export function verifyPreview(store, previewId, capability, input, now = new Dat
 }
 export function consumePreview(store, previewId, capability, input, now = new Date()) {
     const record = verifyPreview(store, previewId, capability, input, now);
+    assertSubmitToken(record, input);
     store.records.delete(record.previewId);
     return record;
 }
+function assertSubmitToken(record, input) {
+    const expected = record.confirmation?.submitToken;
+    if (!expected) {
+        return;
+    }
+    if (input.continueConsentId !== expected) {
+        throw new ProductError({
+            code: "RCORE20002",
+            status: "BLOCKED",
+            message: "continueConsentId must match the preview confirmation.submitToken."
+        });
+    }
+}
 function normalizeTradeParams(input) {
     const normalized = {};
     for (const [key, value] of Object.entries(input)) {
@@ -195,11 +220,11 @@ function canonicalSymbolOrOriginal(value) {
         return value;
     }
 }
-function makePreviewDetails(capability, tradeParams, automation) {
+function makePreviewDetails(capability, tradeParams, automation, automationSession) {
     return {
         businessParams: { ...tradeParams },
         requestSummary: makeRequestSummary(capability.capabilityId, tradeParams),
-        riskNotes: makeRiskNotes(capability.capabilityId, tradeParams, automation)
+        riskNotes: makeRiskNotes(capability.capabilityId, tradeParams, automation, automationSession)
     };
 }
 function makeRequestSummary(capabilityId, params) {
@@ -259,8 +284,11 @@ function makeRequestSummary(capabilityId, params) {
     }
     return compactRecord({ action: capabilityId, ...params });
 }
-function makeRiskNotes(capabilityId, params, automation) {
+function makeRiskNotes(capabilityId, params, automation, automationSession) {
     const notes = [];
+    if (automationSession) {
+        notes.push("Automation session allows the agent to submit this preview with submitToken without asking for another per-order chat confirmation.");
+    }
     if (automation) {
         notes.push("Automation mode allows the agent to submit this preview with submitToken without asking for another per-order chat confirmation.");
     }
@@ -388,7 +416,8 @@ const NON_TRADE_HASH_FIELDS = new Set([
     "skillsSchemaVersion",
     "automationMode",
     "automationConsentText",
-    "automationScope"
+    "automationScope",
+    "automationSessionId"
 ]);
 function isTradePreviewRecord(value) {
     if (!value || typeof value !== "object") {

package/dist/core/version.js

@@ -1 +1 @@
-export const RAPIDX_VERSION = "1.0.34";
+export const RAPIDX_VERSION = "1.0.36";

package/dist/mcp/tool-registry.js

@@ -29,6 +29,11 @@ const TOOL_DESCRIPTIONS = {
     "schema.discover": `Discover the RapidX MCP tool surface, capability metadata, and concrete JSON input schemas. Use this before constructing tool inputs. Schema version: ${SCHEMA_VERSION}.`,
     "self-check.run": "Run a read-only RapidX integration self-check. Verifies tool discovery, schema, credential configuration, and optional live read probes without submitting trade writes.",
     "update.check": "Check the RapidX release manifest for CLI, MCP schema, and skills versions. Use during setup, review, or session startup; do not run before every trade submit.",
+    "automation.start": "Create a bounded local RapidX automation session for agent trading. The user must authorize symbols, per-order notional, total notional, duration, allowed actions, and allowed order types before this tool is called. Use order.place/order.replace/order.cancel for normal order lifecycle automation.",
+    "automation.list": "List local RapidX automation sessions in the current workspace, including active, stopped, and expired sessions.",
+    "automation.status": "Read one RapidX automation session by automationSessionId, including remaining scope, usedNotional, and expiration.",
+    "automation.extend": "Extend an active RapidX automation session after the user authorizes a new duration. This cannot expand symbols, actions, order types, or notional limits.",
+    "automation.stop": "Stop a RapidX automation session. Stopping blocks future automation previews and submits for that session; it does not cancel existing orders.",
     "market.ticker": "Read the latest ticker for a RapidX symbol. Public market adapter may query Binance or OKX venue APIs and returns canonical RapidX symbol plus original venue symbol when they differ.",
     "market.orderbook": "Read the order book for a RapidX symbol. Public market adapter may query Binance or OKX venue depth/books endpoints and returns canonical RapidX symbol plus venue data.",
     "market.klines": "Read historical candlesticks for a RapidX symbol. Requires symbol and interval, with optional limit. Public market adapter currently supports Binance-style kline data.",
@@ -43,9 +48,9 @@ const TOOL_DESCRIPTIONS = {
     "portfolio.position-bracket": "Read RapidX position tier/bracket information for a symbol from GET /api/v1/trading/positionBracket.",
     "portfolio.set-position-mode": "Preview-required write: change RapidX account position mode through POST /api/v1/trading/account. Use only when the user explicitly asks to change account position mode.",
     "trade.preview": "Create a generic preview token by targetCapabilityId for write operations without a dedicated order preview command, including portfolio writes, position writes, and algo writes before submitting the target tool.",
-    "order.place-preview": "Preview an order placement before submitting a real order. Validates input schema, local safety rules, symbol trading rules from GET /api/v1/trading/sym/info, maxNotional, and returns previewId plus confirmation.submitToken.",
-    "order.replace-preview": "Preview an order replacement before submitting a real replace. Performs order readback through GET /api/v1/trading/order to verify the order exists and is replaceable, then returns previewId plus confirmation.submitToken.",
-    "order.cancel-preview": "Preview an order cancellation before submitting a real cancel. Performs order readback through GET /api/v1/trading/order to verify the order exists and is cancelable, then returns previewId plus confirmation.submitToken.",
+    "order.place-preview": "Preview an order placement before submitting a real order. Validates input schema, local safety rules, optional automationSessionId scope, symbol trading rules from GET /api/v1/trading/sym/info, maxNotional, and returns previewId plus confirmation.submitToken.",
+    "order.replace-preview": "Preview an order replacement before submitting a real replace. Performs order readback through GET /api/v1/trading/order to verify the order exists and is replaceable, checks optional automationSessionId scope, then returns previewId plus confirmation.submitToken. Automated replace consumes replacement order notional.",
+    "order.cancel-preview": "Preview an order cancellation before submitting a real cancel. Performs order readback through GET /api/v1/trading/order to verify the order exists and is cancelable, checks optional automationSessionId scope, then returns previewId plus confirmation.submitToken. Automated cancel consumes no notional.",
     "order.place": "Preview-required write: submit a real order to POST /api/v1/trading/order. Must use unchanged business parameters from order.place-preview and continueConsentId=confirmation.submitToken.",
     "order.replace": "Preview-required write: replace a real order through PUT /api/v1/trading/order. Must use unchanged business parameters from order.replace-preview or a matching trade preview.",
     "order.cancel": "Preview-required write: cancel a real order through DELETE /api/v1/trading/order. Cancel can be asynchronous; inspect cancelAccepted, terminalStateConfirmed, and poll order.query when needed.",

package/dist/mcp/tool-runner.js

@@ -1,4 +1,4 @@
-import { consumePreview, createTargetedTradePreview, createTradePreview, defaultSafetyPolicy, executeRapidXCapability, findCapabilityById, getSchemaResult, makeEvidence, makePreviewStore, makeSafetyState, normalizeUnknownError, publicErrorDetails, runSelfCheck, runPreviewPreflight, runTradingVerification, verifyPreview, buildLiveReadOnlySelfCheck, buildLiveTradingVerificationProbes, checkForUpdate, } from "../core/index.js";
+import { consumePreview, createTargetedTradePreview, createTradePreview, defaultSafetyPolicy, executeRapidXCapability, findCapabilityById, assertAutomationSessionStillAllowsSubmit, assertTargetedTradePreviewInput, extendAutomationSession, getAutomationSession, getSchemaResult, listAutomationSessions, loadAutomationSessionStoreFromFile, makeEvidence, makePreviewStore, makeSafetyState, normalizeUnknownError, ProductError, publicErrorDetails, recordAutomationSessionSubmit, resolveAutomationSessionForPreview, resolveAutomationSessionStoreFile, runSelfCheck, runPreviewPreflight, runTradingVerification, verifyPreview, saveAutomationSessionStoreToFile, startAutomationSession, stopAutomationSession, withAutomationSessionStoreLock, buildLiveReadOnlySelfCheck, buildLiveTradingVerificationProbes, checkForUpdate, } from "../core/index.js";
 import { capabilityForTool, getMcpToolDefinitions } from "./tool-registry.js";
 import { writeMcpAudit } from "./audit.js";
 const previewStore = makePreviewStore();
@@ -48,6 +48,9 @@ export async function runMcpTool(toolName, input = {}) {
             const auditId = writeMcpAudit("update-check", status, { toolName, updateStatus: update.status });
             return { ok: status === "PASS", status, data: update, auditId, evidence: [makeEvidence(toolName)] };
         }
+        if (toolName.startsWith("rapidx/automation/")) {
+            return runAutomationTool(toolName, input);
+        }
         if (toolName === "rapidx/trading-verification" || toolName === "rapidx/trade/verify-live") {
             const report = await runTradingVerification(input, buildLiveTradingVerificationProbes(input));
             const auditId = writeMcpAudit("trading-verification", report.status, { toolName, status: report.status });
@@ -59,7 +62,9 @@ export async function runMcpTool(toolName, input = {}) {
             if (!previewCapability) {
                 throw new Error("order.place-preview capability missing");
             }
-            const preview = createTradePreview(previewCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore);
+            const automationStore = loadAutomationSessionStoreFromFile(resolveAutomationSessionStoreFile());
+            const automation = optionalAutomationSession(automationStore, "order.place", input);
+            const preview = createTradePreview(previewCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore, 300, automation ? { automationSession: automation.session } : {});
             try {
                 Object.assign(preview, await runPreviewPreflight("order.place", input));
             }
@@ -76,9 +81,13 @@ export async function runMcpTool(toolName, input = {}) {
             if (!targetCapability) {
                 throw new Error(`${concretePreviewTarget} capability missing`);
             }
-            const preview = createTargetedTradePreview(targetCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore);
+            assertTargetedTradePreviewInput(targetCapability, input);
+            const preflight = await runPreviewPreflight(concretePreviewTarget, input);
+            const automationStore = loadAutomationSessionStoreFromFile(resolveAutomationSessionStoreFile());
+            const automation = optionalAutomationSession(automationStore, concretePreviewTarget, { ...input, ...preflight });
+            const preview = createTargetedTradePreview(targetCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore, 300, automation ? { automationSession: automation.session } : {});
             try {
-                Object.assign(preview, await runPreviewPreflight(concretePreviewTarget, input));
+                Object.assign(preview, preflight);
             }
             catch (error) {
                 previewStore.records.delete(preview.previewId);
@@ -96,9 +105,13 @@ export async function runMcpTool(toolName, input = {}) {
             if (targetCapability.operationType !== "TRADE_WRITE" || isPreviewCapability(targetCapability.capabilityId)) {
                 throw new Error("trade preview target must be a non-preview trade write capability.");
             }
-            const preview = createTargetedTradePreview(targetCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore);
+            assertTargetedTradePreviewInput(targetCapability, input);
+            const preflight = await runPreviewPreflight(targetCapability.capabilityId, input);
+            const automationStore = loadAutomationSessionStoreFromFile(resolveAutomationSessionStoreFile());
+            const automation = optionalAutomationSession(automationStore, targetCapability.capabilityId, { ...input, ...preflight });
+            const preview = createTargetedTradePreview(targetCapability, input, { ...defaultSafetyPolicy(), tradingEnabled: true, readOnly: false }, safetyState, previewStore, 300, automation ? { automationSession: automation.session } : {});
             try {
-                Object.assign(preview, await runPreviewPreflight(targetCapability.capabilityId, input));
+                Object.assign(preview, preflight);
             }
             catch (error) {
                 previewStore.records.delete(preview.previewId);
@@ -107,15 +120,45 @@ export async function runMcpTool(toolName, input = {}) {
             const auditId = writeMcpAudit("trade-preview", "PASS", { toolName, capabilityId: targetCapability.capabilityId, previewId: preview.previewId });
             return { ok: true, status: "PASS", data: preview, auditId, evidence: [makeEvidence(toolName)] };
         }
+        let consumedPreview;
         if (capability.previewRequired) {
-            verifyPreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
+            const automationStore = loadAutomationSessionStoreFromFile(resolveAutomationSessionStoreFile());
+            const previewRecord = verifyPreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
+            assertAutomationSessionStillAllowsSubmit(automationStore, previewRecord, capability.capabilityId);
             const consentId = input.continueConsentId;
             if (typeof consentId !== "string" || consentId.length === 0) {
                 return { ok: false, status: "BLOCKED", code: "RMCP20001", message: "continueConsentId is required for trade writes.", evidence: [makeEvidence(toolName)] };
             }
-            consumePreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
+            if (previewRecord.automationSession) {
+                const automationStoreFile = resolveAutomationSessionStoreFile();
+                const data = await withAutomationSessionStoreLock(automationStoreFile, async () => {
+                    const lockedAutomationStore = loadAutomationSessionStoreFromFile(automationStoreFile);
+                    const lockedPreviewRecord = verifyPreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
+                    assertAutomationSessionStillAllowsSubmit(lockedAutomationStore, lockedPreviewRecord, capability.capabilityId);
+                    const lockedConsumedPreview = consumePreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
+                    const result = await executeRapidXCapability(capability.capabilityId, input);
+                    recordAutomationSessionSubmit(lockedAutomationStore, lockedConsumedPreview, new Date(), capability.capabilityId);
+                    saveAutomationSessionStoreToFile(automationStoreFile, lockedAutomationStore);
+                    return result;
+                });
+                const auditId = writeMcpAudit("tool-call", "PASS", { toolName, capabilityId: capability.capabilityId });
+                return {
+                    ok: true,
+                    status: "PASS",
+                    data,
+                    auditId,
+                    evidence: [makeEvidence(toolName, "real_tool_call")]
+                };
+            }
+            consumedPreview = consumePreview(previewStore, typeof input.previewId === "string" ? input.previewId : undefined, capability, input);
         }
         const data = await executeRapidXCapability(capability.capabilityId, input);
+        if (consumedPreview?.automationSession) {
+            const automationStoreFile = resolveAutomationSessionStoreFile();
+            const automationStore = loadAutomationSessionStoreFromFile(automationStoreFile);
+            recordAutomationSessionSubmit(automationStore, consumedPreview, new Date(), capability.capabilityId);
+            saveAutomationSessionStoreToFile(automationStoreFile, automationStore);
+        }
         const auditId = writeMcpAudit("tool-call", "PASS", { toolName, capabilityId: capability.capabilityId });
         return {
             ok: true,
@@ -147,6 +190,46 @@ function concretePreviewTargetForTool(toolName) {
     }
     return undefined;
 }
+function runAutomationTool(toolName, input) {
+    const action = toolName.split("/").at(-1) ?? "";
+    const filePath = resolveAutomationSessionStoreFile();
+    return withAutomationSessionStoreLock(filePath, () => {
+        const store = loadAutomationSessionStoreFromFile(filePath);
+        if (action === "start") {
+            const session = startAutomationSession(store, input);
+            saveAutomationSessionStoreToFile(filePath, store);
+            return { ok: true, status: "PASS", data: session, evidence: [makeEvidence(toolName)] };
+        }
+        if (action === "list") {
+            return { ok: true, status: "PASS", data: { sessions: listAutomationSessions(store) }, evidence: [makeEvidence(toolName)] };
+        }
+        if (action === "status") {
+            return { ok: true, status: "PASS", data: getAutomationSession(store, input), evidence: [makeEvidence(toolName)] };
+        }
+        if (action === "extend") {
+            const session = extendAutomationSession(store, input);
+            saveAutomationSessionStoreToFile(filePath, store);
+            return { ok: true, status: "PASS", data: session, evidence: [makeEvidence(toolName)] };
+        }
+        if (action === "stop") {
+            const session = stopAutomationSession(store, input);
+            saveAutomationSessionStoreToFile(filePath, store);
+            return { ok: true, status: "PASS", data: session, evidence: [makeEvidence(toolName)] };
+        }
+        throw new Error(`Unknown automation tool: ${toolName}`);
+    });
+}
+function optionalAutomationSession(store, targetCapabilityId, input) {
+    try {
+        return resolveAutomationSessionForPreview(store, targetCapabilityId, input);
+    }
+    catch (error) {
+        if (error instanceof ProductError && error.code === "RCORE26001") {
+            return undefined;
+        }
+        throw error;
+    }
+}
 function tradingVerificationEnvelope(toolName, report, auditId) {
     if (report.status === "PASS") {
         return { ok: true, status: "PASS", data: report, auditId, evidence: [makeEvidence(toolName)] };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@liquiditytech/rapidx-cli",
-  "version": "1.0.34",
+  "version": "1.0.36",
   "description": "RapidX CLI, MCP server mode, registry, and release assets.",
   "type": "module",
   "private": false,

package/packages/distribution/docs/cli.md

@@ -48,13 +48,13 @@ rapidx portfolio set-position-mode --input @/absolute/path/set-position-mode.jso
 When checking an existing installation, read the installed RapidX skill `version` from the loaded `SKILL.md` frontmatter and pass it to update check:
 
 ```bash
-rapidx update check --input '{"installedSkillsVersion":"1.0.9"}' --json
+rapidx update check --input '{"installedSkillsVersion":"1.0.10"}' --json
 ```
 
 For upgrade reviews, force a remote manifest refresh:
 
 ```bash
-rapidx update check --input '{"installedSkillsVersion":"1.0.9","force":true}' --json
+rapidx update check --input '{"installedSkillsVersion":"1.0.10","force":true}' --json
 ```
 
 Update output fields:
@@ -84,7 +84,6 @@ When using `orderId`, pass the RapidX 16-digit numeric order id. Invalid `orderI
 
 `rapidx transaction executions` reads transaction executions from `GET /api/v1/trading/executions`.
 
-Automation mode still uses preview. Pass `automationMode=true` and the user's exact `automationConsentText` to preview only when the user has enabled automation in chat for the current scope.
-Valid automation preview returns an `automation` object with `confirmationMode="automation-preview"`; generic or missing automation consent text is blocked before submission.
+Automation session still uses preview. Create a bounded session with `rapidx automation start` only after the user authorizes the scope; the input must include `explicitUserConsent=true` and `acceptedRiskText`. Pass `automationSessionId` to order place/replace/cancel preview, then submit the returned `previewId` and `confirmation.submitToken` without another per-order chat confirmation. Use `rapidx automation extend` only after the user authorizes more time and include a new `acceptedRiskText`; use `rapidx automation stop` when the user stops automation. For order lifecycle automation, include `allowedActions:["order.place","order.replace","order.cancel"]`; place consumes notional by `maxNotional`, replace consumes the replacement order notional, and cancel consumes no notional.
 
 `rapidx position close` is a close-position action. Do not pass `side` or `quantity`; RapidX determines BUY or SELL from the current position and closes the target symbol/positionSide. Use a reduce-only order flow for partial closes. Verify the final exposure with `rapidx position query --json`, and do not rely only on `order query` to interpret the close intent.

package/packages/distribution/docs/mcp.md

@@ -31,8 +31,8 @@ Key trading tools:
 - `rapidx/trade/preview` creates generic preview tokens by `targetCapabilityId` for write operations without a dedicated order preview command, including position, portfolio, and algo writes.
 - Preview ids are local to the running MCP server. Do not submit a CLI-created preview id through MCP, and do not submit an MCP-created preview id through CLI.
 - `rapidx/order/cancel` returns cancel acceptance plus terminal-state guidance. Poll `rapidx/order/query` when `terminalStateConfirmed=false`.
-- Automation mode still uses preview. Set `automationMode=true` and pass the user's exact `automationConsentText` only when the user has enabled automation in chat for the current scope.
-- Valid automation preview returns an `automation` object with `confirmationMode="automation-preview"`; generic or missing automation consent text is blocked before submission.
+- Automation session still uses preview. Create a bounded session with `rapidx/automation/start` only after the user authorizes the scope; the input must include `explicitUserConsent=true` and `acceptedRiskText`. Pass `automationSessionId` to order place/replace/cancel preview, then submit the returned `previewId` and `confirmation.submitToken` without another per-order chat confirmation. Include `allowedActions:["order.place","order.replace","order.cancel"]` when the automation should manage an order lifecycle.
+- Use `rapidx/automation/status`, `rapidx/automation/extend`, and `rapidx/automation/stop` for session lifecycle management. `rapidx/automation/extend` also requires `explicitUserConsent=true` and a new `acceptedRiskText`.
 - `rapidx/position/history` reads historical positions.
 - `rapidx/order/history` and `rapidx/algo/history` accept optional `begin` and `end` time range fields in milliseconds. If omitted, RapidX applies the upstream server default range.
 - `rapidx/transaction/executions` reads transaction executions from `GET /api/v1/trading/executions`.

package/packages/distribution/docs/quickstart.md

@@ -130,7 +130,13 @@ Preview ids are runtime-local. Submit MCP previews through the same MCP server r
 
 `order.cancel` is asynchronous. If the cancel result says `terminalStateConfirmed=false`, poll `order query` until a terminal state before claiming that the order is cancelled.
 
-For automation, keep the preview-first flow. Use `automationMode=true` and the user's exact `automationConsentText` only after the user has enabled RapidX automation mode in chat for the current scope.
+For automation, keep the preview-first flow. Create a bounded automation session first, then pass `automationSessionId` into order place/replace/cancel preview input. If the preview returns `automationSession.confirmationMode="automation-session"` and `confirmation.submitToken`, submit that preview without another per-order chat confirmation.
+
+```bash
+rapidx automation start --input '{"symbols":["BINANCE_PERP_BTC_USDT"],"maxNotionalPerOrder":"100","maxTotalNotional":"1000","expiresInSeconds":3600,"allowedActions":["order.place","order.replace","order.cancel"],"allowedOrderTypes":["MARKET","LIMIT"],"explicitUserConsent":true,"acceptedRiskText":"I authorize RapidX automation for BINANCE_PERP_BTC_USDT with maxNotionalPerOrder 100 and maxTotalNotional 1000."}' --json
+rapidx order place-preview --input '{"automationSessionId":"<automationSessionId>","symbol":"BINANCE_PERP_BTC_USDT","side":"BUY","orderType":"MARKET","amount":"50","maxNotional":"60","clientOrderId":"auto-001"}' --json
+rapidx order place --input '{"symbol":"BINANCE_PERP_BTC_USDT","side":"BUY","orderType":"MARKET","amount":"50","maxNotional":"60","clientOrderId":"auto-001","previewId":"<previewId>","continueConsentId":"<confirmation.submitToken>"}' --json
+```
 
 `maxNotional` is a safety upper bound, not the target order amount. If a requested amount is below the symbol `minNotional`, ask the user to confirm the larger amount before submitting. For `position.close`, do not pass `side` or `quantity`; RapidX determines the close side from the current position and closes the target symbol/positionSide. Use a reduce-only order flow for partial closes, then check final exposure with `position query`.