@neuroverseos/governance 0.1.6 → 0.2.2

package/dist/{chunk-O5OMJMIE.js → chunk-7P3S7MAY.js}

@@ -1,13 +1,37 @@
 // src/engine/validate-engine.ts
-function validateWorld(world) {
+function validateWorld(world, mode = "standard") {
   const startTime = performance.now();
   const findings = [];
   checkCompleteness(world, findings);
   checkReferentialIntegrity(world, findings);
   checkGuardCoverage(world, findings);
+  checkSemanticCoverage(world, findings);
   checkContradictions(world, findings);
+  checkGuardShadows(world, findings);
+  checkFailClosedSurfaces(world, findings);
+  checkReachability(world, findings);
+  checkStateCoverage(world, findings);
   checkOrphans(world, findings);
   checkSchemaViolations(world, findings);
+  const governanceCategories = /* @__PURE__ */ new Set([
+    "guard-coverage",
+    "contradiction",
+    "semantic-tension",
+    "orphan"
+  ]);
+  if (mode === "dev") {
+    for (const f of findings) {
+      if (governanceCategories.has(f.category) && f.severity === "warning") {
+        f.severity = "info";
+      }
+    }
+  } else if (mode === "strict") {
+    for (const f of findings) {
+      if (governanceCategories.has(f.category) && f.severity === "info") {
+        f.severity = "warning";
+      }
+    }
+  }
   const severityOrder = { error: 0, warning: 1, info: 2 };
   findings.sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
   const errors = findings.filter((f) => f.severity === "error").length;
@@ -15,6 +39,7 @@ function validateWorld(world) {
   const info = findings.filter((f) => f.severity === "info").length;
   const completenessScore = computeCompletenessScore(world);
   const invariantCoverage = computeInvariantCoverage(world);
+  const governanceHealth = computeGovernanceHealth(world, findings);
   const summary = {
     errors,
     warnings,
@@ -22,7 +47,8 @@ function validateWorld(world) {
     completenessScore,
     invariantCoverage,
     canRun: errors === 0,
-    isHealthy: errors === 0 && warnings === 0
+    isHealthy: errors === 0 && warnings === 0,
+    governanceHealth
   };
   return {
     worldId: world.world.world_id,
@@ -30,6 +56,7 @@ function validateWorld(world) {
     worldVersion: world.world.version,
     validatedAt: Date.now(),
     durationMs: performance.now() - startTime,
+    validationMode: mode,
     summary,
     findings
   };
@@ -212,6 +239,183 @@ function checkGuardCoverage(world, findings) {
     }
   }
 }
+function checkSemanticCoverage(world, findings) {
+  if (!world.invariants || world.invariants.length === 0) return;
+  const hasGuards = (world.guards?.guards?.length ?? 0) > 0;
+  const hasKernel = (world.kernel?.input_boundaries?.forbidden_patterns?.length ?? 0) > 0 || (world.kernel?.output_boundaries?.forbidden_patterns?.length ?? 0) > 0;
+  if (!hasGuards && !hasKernel) return;
+  const guards = world.guards?.guards ?? [];
+  const vocabEntries = world.guards?.intent_vocabulary ?? {};
+  const kernelInput = world.kernel?.input_boundaries?.forbidden_patterns ?? [];
+  const kernelOutput = world.kernel?.output_boundaries?.forbidden_patterns ?? [];
+  const allKernelRules = [...kernelInput, ...kernelOutput];
+  const guardSearchTexts = guards.map((g) => {
+    const parts = [];
+    for (const patternKey of g.intent_patterns) {
+      parts.push(patternKey.toLowerCase());
+      const vocab = vocabEntries[patternKey];
+      if (vocab) {
+        parts.push(vocab.label.toLowerCase());
+        parts.push(vocab.pattern.toLowerCase());
+      }
+    }
+    parts.push(g.description.toLowerCase());
+    return { guard: g, text: parts.join(" ") };
+  });
+  const kernelSearchTexts = allKernelRules.map((k) => ({
+    rule: k,
+    text: `${k.id} ${k.reason} ${k.pattern ?? ""}`.toLowerCase()
+  }));
+  for (const invariant of world.invariants) {
+    if (invariant.enforcement === "prompt") continue;
+    const tokens = extractActionTokens(invariant.id, invariant.label);
+    if (tokens.length === 0) continue;
+    const coveringGuards = guardSearchTexts.filter((gs) => {
+      const enabled = gs.guard.immutable || gs.guard.default_enabled !== false;
+      if (!enabled) return false;
+      return tokens.some((token) => gs.text.includes(token));
+    });
+    const coveringKernel = kernelSearchTexts.filter(
+      (ks) => tokens.some((token) => ks.text.includes(token))
+    );
+    const hasStructuralGuard = guards.some(
+      (g) => g.invariant_ref === invariant.id && g.immutable
+    );
+    if (coveringGuards.length === 0 && coveringKernel.length === 0) {
+      if (hasStructuralGuard) {
+        findings.push(finding(
+          `weak-coverage-${invariant.id}`,
+          `Invariant "${invariant.id}" has a structural guard but no guard's intent patterns match its action class [${tokens.join(", ")}] \u2014 the guard may not intercept violations`,
+          "warning",
+          "guard-coverage",
+          ["invariants.json", "guards.json"],
+          invariant.id,
+          `Ensure the backing guard's intent_patterns include patterns that can detect "${invariant.label}"`
+        ));
+      } else {
+        findings.push(finding(
+          `unenforced-invariant-${invariant.id}`,
+          `Invariant "${invariant.id}" has no guard or kernel rule capable of enforcing it \u2014 no interceptor matches action class [${tokens.join(", ")}]`,
+          "warning",
+          "guard-coverage",
+          ["invariants.json", "guards.json"],
+          invariant.id,
+          `Add a guard with intent_patterns that can intercept "${invariant.label}", or add a kernel forbidden_pattern`
+        ));
+      }
+    }
+  }
+}
+function extractActionTokens(id, label) {
+  const stopWords = /* @__PURE__ */ new Set([
+    "a",
+    "an",
+    "the",
+    "is",
+    "are",
+    "was",
+    "were",
+    "be",
+    "been",
+    "being",
+    "have",
+    "has",
+    "had",
+    "do",
+    "does",
+    "did",
+    "will",
+    "would",
+    "could",
+    "should",
+    "may",
+    "might",
+    "must",
+    "shall",
+    "can",
+    "need",
+    "dare",
+    "to",
+    "of",
+    "in",
+    "for",
+    "on",
+    "with",
+    "at",
+    "by",
+    "from",
+    "as",
+    "into",
+    "through",
+    "during",
+    "before",
+    "after",
+    "above",
+    "below",
+    "between",
+    "out",
+    "off",
+    "over",
+    "under",
+    "again",
+    "further",
+    "then",
+    "once",
+    "that",
+    "than",
+    "too",
+    "very",
+    "just",
+    "only",
+    "not",
+    "no",
+    "all",
+    "any",
+    "both",
+    "each",
+    "every",
+    "few",
+    "more",
+    "most",
+    "other",
+    "some",
+    "such",
+    "and",
+    "but",
+    "or",
+    "nor",
+    "so",
+    "yet",
+    "if",
+    "it",
+    "its",
+    "they",
+    "them",
+    "their",
+    "this",
+    "these",
+    "those",
+    "which",
+    "who",
+    "whom",
+    "what",
+    "where",
+    "when",
+    "how",
+    "why"
+  ]);
+  const idTokens = id.toLowerCase().split(/[_\-]+/);
+  const labelTokens = label.toLowerCase().split(/[\s\-—:,;.!?()[\]{}]+/);
+  const allTokens = [...idTokens, ...labelTokens];
+  const unique = /* @__PURE__ */ new Set();
+  for (const token of allTokens) {
+    const clean = token.replace(/[^a-z0-9]/g, "");
+    if (clean.length >= 3 && !stopWords.has(clean)) {
+      unique.add(clean);
+    }
+  }
+  return [...unique];
+}
 function checkContradictions(world, findings) {
   if (!world.rules || world.rules.length < 2) return;
   checkCircularExclusiveWith(world.rules, findings);
@@ -417,6 +621,251 @@ function describeEffect(effect) {
       return `${effect.operation} ${effect.value}`;
   }
 }
+function checkGuardShadows(world, findings) {
+  if (!world.guards?.guards || world.guards.guards.length < 2) return;
+  const guards = world.guards.guards;
+  for (let i = 0; i < guards.length; i++) {
+    const guardA = guards[i];
+    const enabledA = guardA.immutable || guardA.default_enabled !== false;
+    if (!enabledA) continue;
+    if (guardA.enforcement !== "block" && guardA.enforcement !== "pause") continue;
+    for (let j = i + 1; j < guards.length; j++) {
+      const guardB = guards[j];
+      const enabledB = guardB.immutable || guardB.default_enabled !== false;
+      if (!enabledB) continue;
+      const overlap = guardA.intent_patterns.filter(
+        (p) => guardB.intent_patterns.includes(p)
+      );
+      if (overlap.length === 0) continue;
+      if (guardA.appliesTo?.length && guardB.appliesTo?.length) {
+        const toolsA = new Set(guardA.appliesTo.map((t) => t.toLowerCase()));
+        const toolsB = new Set(guardB.appliesTo.map((t) => t.toLowerCase()));
+        const toolOverlap = [...toolsA].some((t) => toolsB.has(t));
+        if (!toolOverlap) continue;
+      }
+      if (guardA.required_roles?.length && guardB.required_roles?.length) {
+        const rolesA = new Set(guardA.required_roles);
+        const rolesB = new Set(guardB.required_roles);
+        const roleOverlap = [...rolesA].some((r) => rolesB.has(r));
+        if (!roleOverlap) continue;
+      }
+      const patternsStr = overlap.join(", ");
+      if (guardB.enforcement === guardA.enforcement) {
+        findings.push(finding(
+          `guard-shadow-${guardA.id}-${guardB.id}`,
+          `Guard "${guardB.label}" (${guardB.id}) is shadowed by "${guardA.label}" (${guardA.id}) \u2014 both ${guardA.enforcement.toUpperCase()} on patterns [${patternsStr}] but "${guardA.label}" appears first and will always win`,
+          "warning",
+          "contradiction",
+          ["guards/"],
+          `${guardA.id}, ${guardB.id}`,
+          `Remove "${guardB.label}", merge its patterns into "${guardA.label}", or reorder guards`
+        ));
+      } else {
+        findings.push(finding(
+          `guard-conflict-${guardA.id}-${guardB.id}`,
+          `Guards "${guardA.label}" (${guardA.enforcement.toUpperCase()}) and "${guardB.label}" (${guardB.enforcement.toUpperCase()}) share patterns [${patternsStr}] \u2014 "${guardA.label}" always wins because it appears first`,
+          "warning",
+          "contradiction",
+          ["guards/"],
+          `${guardA.id}, ${guardB.id}`,
+          `If "${guardB.label}" should take precedence, move it before "${guardA.label}" in guards.json`
+        ));
+      }
+    }
+  }
+}
+function checkFailClosedSurfaces(world, findings) {
+  const declaredSurfaces = world.guards?.tool_surfaces;
+  if (!declaredSurfaces || declaredSurfaces.length === 0) return;
+  const guards = world.guards?.guards ?? [];
+  const guardedSurfaces = /* @__PURE__ */ new Set();
+  let hasCatchAllGuard = false;
+  for (const guard of guards) {
+    const enabled = guard.immutable || guard.default_enabled !== false;
+    if (!enabled) continue;
+    if (!guard.appliesTo || guard.appliesTo.length === 0) {
+      hasCatchAllGuard = true;
+    } else {
+      for (const tool of guard.appliesTo) {
+        guardedSurfaces.add(tool.toLowerCase());
+      }
+    }
+  }
+  if (hasCatchAllGuard) return;
+  for (const surface of declaredSurfaces) {
+    if (!guardedSurfaces.has(surface.toLowerCase())) {
+      findings.push(finding(
+        `fail-open-surface-${surface.toLowerCase()}`,
+        `Action surface "${surface}" has no governing guard \u2014 actions on this surface bypass governance entirely`,
+        "warning",
+        "guard-coverage",
+        ["guards.json"],
+        void 0,
+        `Add a guard with appliesTo including "${surface}", or add a catch-all guard (no appliesTo) to cover all surfaces`
+      ));
+    }
+  }
+}
+function checkReachability(world, findings) {
+  if (!world.stateSchema?.variables) return;
+  const vars = world.stateSchema.variables;
+  for (const rule of world.rules ?? []) {
+    for (const trigger of rule.triggers) {
+      if (trigger.source !== "state") continue;
+      const unreachable = isTriggerUnreachable(trigger, vars);
+      if (unreachable) {
+        findings.push(finding(
+          `unreachable-rule-${rule.id}-${trigger.field}`,
+          `Rule "${rule.id}" has unreachable trigger: ${trigger.field} ${trigger.operator} ${JSON.stringify(trigger.value)} \u2014 ${unreachable}`,
+          "warning",
+          "contradiction",
+          ["rules/", "state-schema.json"],
+          rule.id,
+          `Remove this rule or adjust the trigger condition to match the schema constraints for "${trigger.field}"`
+        ));
+      }
+    }
+    if (rule.collapse_check) {
+      const cc = rule.collapse_check;
+      const unreachable = isTriggerUnreachable(
+        { field: cc.field, operator: cc.operator, value: cc.value },
+        vars
+      );
+      if (unreachable) {
+        findings.push(finding(
+          `unreachable-collapse-${rule.id}`,
+          `Rule "${rule.id}" has unreachable collapse_check: ${cc.field} ${cc.operator} ${cc.value} \u2014 ${unreachable}`,
+          "warning",
+          "contradiction",
+          ["rules/", "state-schema.json"],
+          rule.id
+        ));
+      }
+    }
+  }
+  for (const gate of world.gates?.viability_classification ?? []) {
+    const unreachable = isTriggerUnreachable(
+      { field: gate.field, operator: gate.operator, value: gate.value },
+      vars
+    );
+    if (unreachable) {
+      findings.push(finding(
+        `unreachable-gate-${gate.status}`,
+        `Viability gate "${gate.status}" has unreachable condition: ${gate.field} ${gate.operator} ${gate.value} \u2014 ${unreachable}`,
+        "warning",
+        "contradiction",
+        ["gates.json", "state-schema.json"],
+        `gate-${gate.status}`
+      ));
+    }
+  }
+}
+function isTriggerUnreachable(trigger, vars) {
+  const variable = vars[trigger.field];
+  if (!variable) return null;
+  const { operator, value } = trigger;
+  if (variable.type === "number") {
+    const numVal = typeof value === "number" ? value : Number(value);
+    if (isNaN(numVal)) return null;
+    const min = variable.min;
+    const max = variable.max;
+    if (operator === ">" || operator === ">=") {
+      if (max !== void 0 && numVal >= max && operator === ">") {
+        return `schema declares max=${max}, so ${trigger.field} can never exceed ${max}`;
+      }
+      if (max !== void 0 && numVal > max && operator === ">=") {
+        return `schema declares max=${max}, so ${trigger.field} can never reach ${numVal}`;
+      }
+    }
+    if (operator === "<" || operator === "<=") {
+      if (min !== void 0 && numVal <= min && operator === "<") {
+        return `schema declares min=${min}, so ${trigger.field} can never go below ${min}`;
+      }
+      if (min !== void 0 && numVal < min && operator === "<=") {
+        return `schema declares min=${min}, so ${trigger.field} can never reach ${numVal}`;
+      }
+    }
+    if (operator === "==") {
+      if (min !== void 0 && numVal < min) {
+        return `schema declares min=${min}, so ${trigger.field} can never equal ${numVal}`;
+      }
+      if (max !== void 0 && numVal > max) {
+        return `schema declares max=${max}, so ${trigger.field} can never equal ${numVal}`;
+      }
+    }
+  }
+  if (variable.type === "enum" && variable.options) {
+    if (operator === "==" && typeof value === "string") {
+      if (!variable.options.includes(value)) {
+        return `"${value}" is not in enum options [${variable.options.join(", ")}]`;
+      }
+    }
+    if (operator === "!=" && typeof value === "string") {
+      if (variable.options.length === 1 && variable.options[0] === value) {
+        return `enum has only option "${value}", so != "${value}" can never be true`;
+      }
+    }
+    if (operator === "in" && Array.isArray(value)) {
+      const validValues = value.filter((v) => variable.options.includes(v));
+      if (validValues.length === 0) {
+        return `none of [${value.join(", ")}] are in enum options [${variable.options.join(", ")}]`;
+      }
+    }
+  }
+  if (variable.type === "boolean") {
+    if (operator === "==" && typeof value !== "boolean" && value !== "true" && value !== "false") {
+      return `boolean variable compared to non-boolean value "${value}"`;
+    }
+  }
+  return null;
+}
+function checkStateCoverage(world, findings) {
+  if (!world.stateSchema?.variables) return;
+  const vars = world.stateSchema.variables;
+  for (const [varId, variable] of Object.entries(vars)) {
+    if (variable.type !== "enum" || !variable.options || variable.options.length <= 1) continue;
+    const allOptions = new Set(variable.options);
+    const coveredOptions = /* @__PURE__ */ new Set();
+    for (const rule of world.rules ?? []) {
+      for (const trigger of rule.triggers) {
+        if (trigger.field !== varId || trigger.source !== "state") continue;
+        if (trigger.operator === "==" && typeof trigger.value === "string") {
+          coveredOptions.add(trigger.value);
+        }
+        if (trigger.operator === "in" && Array.isArray(trigger.value)) {
+          for (const v of trigger.value) coveredOptions.add(v);
+        }
+        if (trigger.operator === "!=") {
+          for (const opt of allOptions) {
+            if (opt !== trigger.value) coveredOptions.add(opt);
+          }
+        }
+      }
+    }
+    for (const gate of world.gates?.viability_classification ?? []) {
+      if (gate.field !== varId) continue;
+      if (gate.operator === "==" && typeof gate.value === "string") {
+        coveredOptions.add(gate.value);
+      }
+      if (gate.operator === "in" && Array.isArray(gate.value)) {
+        for (const v of gate.value) coveredOptions.add(v);
+      }
+    }
+    if (coveredOptions.size === 0) continue;
+    const uncovered = [...allOptions].filter((opt) => !coveredOptions.has(opt));
+    if (uncovered.length > 0 && uncovered.length < allOptions.size) {
+      findings.push(finding(
+        `incomplete-state-coverage-${varId}`,
+        `Enum variable "${varId}" has ${uncovered.length} uncovered state${uncovered.length > 1 ? "s" : ""}: [${uncovered.join(", ")}] \u2014 rules/gates handle [${[...coveredOptions].join(", ")}] but not all ${allOptions.size} declared options`,
+        "warning",
+        "guard-coverage",
+        ["state-schema.json", "rules/", "gates.json"],
+        varId,
+        `Add rules or gates that handle ${uncovered.map((u) => `"${u}"`).join(", ")} for variable "${varId}"`
+      ));
+    }
+  }
+}
 function checkOrphans(world, findings) {
   if (!world.stateSchema?.variables || !world.rules) return;
   const referencedVars = /* @__PURE__ */ new Set();
@@ -578,6 +1027,57 @@ function computeInvariantCoverage(world) {
   }
   return Math.round(covered / world.invariants.length * 100);
 }
+function computeGovernanceHealth(world, findings) {
+  const guards = world.guards?.guards ?? [];
+  if (guards.length === 0 && !world.kernel) return void 0;
+  const declaredSurfaces = world.guards?.tool_surfaces ?? [];
+  const guardedSurfaces = /* @__PURE__ */ new Set();
+  let hasCatchAll = false;
+  for (const guard of guards) {
+    const enabled = guard.immutable || guard.default_enabled !== false;
+    if (!enabled) continue;
+    if (!guard.appliesTo || guard.appliesTo.length === 0) {
+      hasCatchAll = true;
+    } else {
+      for (const t of guard.appliesTo) guardedSurfaces.add(t.toLowerCase());
+    }
+  }
+  const allSurfaces = /* @__PURE__ */ new Set();
+  for (const s of declaredSurfaces) allSurfaces.add(s.toLowerCase());
+  for (const s of guardedSurfaces) allSurfaces.add(s);
+  const surfaces = [...allSurfaces].map((name) => ({
+    name,
+    governed: hasCatchAll || guardedSurfaces.has(name)
+  }));
+  const surfacesCovered = hasCatchAll ? allSurfaces.size : guardedSurfaces.size;
+  const structuralInvariants = (world.invariants ?? []).filter((i) => i.enforcement === "structural");
+  let invariantsEnforced = 0;
+  for (const inv of structuralInvariants) {
+    const hasGuard = guards.some((g) => g.invariant_ref === inv.id && g.immutable);
+    if (hasGuard) invariantsEnforced++;
+  }
+  const shadowedGuards = findings.filter((f) => f.id.startsWith("guard-shadow-")).length;
+  const unenforcedInvariants = findings.filter((f) => f.id.startsWith("unenforced-invariant-")).length;
+  const unreachableRules = findings.filter((f) => f.id.startsWith("unreachable-")).length;
+  const incompleteStateCoverage = findings.filter((f) => f.id.startsWith("incomplete-state-coverage-")).length;
+  const failOpenCount = findings.filter((f) => f.id.startsWith("fail-open-surface-")).length;
+  let riskLevel = "low";
+  const totalIssues = unenforcedInvariants + failOpenCount + incompleteStateCoverage;
+  if (totalIssues > 0 || unreachableRules > 0) riskLevel = "moderate";
+  if (totalIssues > 2 || unenforcedInvariants > 0 && failOpenCount > 0 || incompleteStateCoverage > 2) riskLevel = "high";
+  return {
+    surfacesCovered,
+    surfacesTotal: allSurfaces.size,
+    surfaces,
+    invariantsEnforced,
+    invariantsTotal: structuralInvariants.length,
+    shadowedGuards,
+    unenforcedInvariants,
+    unreachableRules,
+    incompleteStateCoverage,
+    riskLevel
+  };
+}
 function finding(id, message, severity, category, affectedBlocks, source, suggestion) {
   const f = { id, message, severity, category, affectedBlocks };
   if (source) f.source = source;

package/dist/chunk-A5W4GNQO.js

@@ -0,0 +1,130 @@
+// src/runtime/model-adapter.ts
+var DEFAULT_SYSTEM_PROMPT = `You are an AI assistant operating under NeuroVerse governance.
+All your tool calls are evaluated against governance rules before execution.
+If an action is blocked, you will be told why. Adjust your approach accordingly.
+Do not attempt to bypass governance rules.`;
+var ModelAdapter = class {
+  config;
+  messages;
+  tools;
+  constructor(config, tools = []) {
+    this.config = config;
+    this.tools = tools;
+    this.messages = [];
+    const systemPrompt = config.systemPrompt ?? DEFAULT_SYSTEM_PROMPT;
+    this.messages.push({ role: "system", content: systemPrompt });
+  }
+  /**
+   * Send a user message and get the model's response.
+   */
+  async chat(userMessage) {
+    this.messages.push({ role: "user", content: userMessage });
+    return this.complete();
+  }
+  /**
+   * Send a tool result back to the model and get the next response.
+   */
+  async sendToolResult(toolCallId, result) {
+    this.messages.push({
+      role: "tool",
+      content: result,
+      tool_call_id: toolCallId
+    });
+    return this.complete();
+  }
+  /**
+   * Send a governance block message as a tool result.
+   */
+  async sendBlockedResult(toolCallId, reason) {
+    return this.sendToolResult(
+      toolCallId,
+      `[GOVERNANCE BLOCKED] ${reason}. Please adjust your approach.`
+    );
+  }
+  /**
+   * Call the model API and parse the response.
+   */
+  async complete() {
+    const url = `${this.config.baseUrl}/chat/completions`;
+    const body = {
+      model: this.config.model,
+      messages: this.messages,
+      max_tokens: this.config.maxTokens ?? 4096
+    };
+    if (this.tools.length > 0) {
+      body.tools = this.tools;
+    }
+    const response = await fetch(url, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Authorization": `Bearer ${this.config.apiKey}`
+      },
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      const text = await response.text();
+      throw new Error(`Model API error ${response.status}: ${text}`);
+    }
+    const data = await response.json();
+    const choice = data.choices?.[0];
+    if (!choice) {
+      throw new Error("Model returned no choices");
+    }
+    const message = choice.message;
+    this.messages.push(message);
+    return {
+      content: message.content ?? null,
+      toolCalls: message.tool_calls ?? [],
+      finishReason: choice.finish_reason ?? "stop"
+    };
+  }
+  /** Get current message count (for context tracking). */
+  get messageCount() {
+    return this.messages.length;
+  }
+};
+var PROVIDERS = {
+  openai: {
+    baseUrl: "https://api.openai.com/v1",
+    defaultModel: "gpt-4o",
+    envVar: "OPENAI_API_KEY"
+  },
+  anthropic: {
+    baseUrl: "https://api.anthropic.com/v1",
+    defaultModel: "claude-sonnet-4-20250514",
+    envVar: "ANTHROPIC_API_KEY"
+  },
+  ollama: {
+    baseUrl: "http://localhost:11434/v1",
+    defaultModel: "llama3",
+    envVar: ""
+  }
+};
+function resolveProvider(provider, overrides) {
+  const preset = PROVIDERS[provider];
+  if (!preset) {
+    throw new Error(
+      `Unknown provider: "${provider}". Available: ${Object.keys(PROVIDERS).join(", ")}`
+    );
+  }
+  const apiKey = overrides?.apiKey ?? (preset.envVar ? process.env[preset.envVar] : "") ?? "";
+  if (!apiKey && preset.envVar) {
+    throw new Error(
+      `Missing API key. Set ${preset.envVar} or pass --api-key.`
+    );
+  }
+  return {
+    baseUrl: overrides?.baseUrl ?? preset.baseUrl,
+    apiKey,
+    model: overrides?.model ?? preset.defaultModel,
+    systemPrompt: overrides?.systemPrompt,
+    maxTokens: overrides?.maxTokens
+  };
+}
+
+export {
+  ModelAdapter,
+  PROVIDERS,
+  resolveProvider
+};