@neuroverseos/governance 0.2.3 → 0.3.1

package/dist/adapters/index.cjs

@@ -1,2038 +0,0 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
-// src/adapters/index.ts
-var adapters_exports = {};
-__export(adapters_exports, {
-  AutoresearchGovernor: () => AutoresearchGovernor,
-  DeepAgentsGovernanceBlockedError: () => GovernanceBlockedError5,
-  DeepAgentsGuard: () => DeepAgentsGuard,
-  GovernanceBlockedError: () => GovernanceBlockedError,
-  GovernedToolExecutor: () => GovernedToolExecutor,
-  LangChainGovernanceBlockedError: () => GovernanceBlockedError2,
-  NeuroVerseCallbackHandler: () => NeuroVerseCallbackHandler,
-  NeuroVersePlugin: () => NeuroVersePlugin,
-  OpenAIGovernanceBlockedError: () => GovernanceBlockedError3,
-  OpenClawGovernanceBlockedError: () => GovernanceBlockedError4,
-  buildEngineOptions: () => buildEngineOptions,
-  createDeepAgentsGuard: () => createDeepAgentsGuard,
-  createDeepAgentsGuardFromWorld: () => createDeepAgentsGuardFromWorld,
-  createGovernanceMiddleware: () => createGovernanceMiddleware,
-  createGovernanceMiddlewareFromWorld: () => createGovernanceMiddlewareFromWorld,
-  createGovernedToolExecutor: () => createGovernedToolExecutor,
-  createGovernedToolExecutorFromWorld: () => createGovernedToolExecutorFromWorld,
-  createNeuroVerseCallbackHandler: () => createNeuroVerseCallbackHandler,
-  createNeuroVerseCallbackHandlerFromWorld: () => createNeuroVerseCallbackHandlerFromWorld,
-  createNeuroVersePlugin: () => createNeuroVersePlugin,
-  createNeuroVersePluginFromWorld: () => createNeuroVersePluginFromWorld,
-  defaultBlockMessage: () => defaultBlockMessage,
-  extractScope: () => extractScope,
-  trackPlanProgress: () => trackPlanProgress
-});
-module.exports = __toCommonJS(adapters_exports);
-
-// src/engine/text-utils.ts
-function normalizeEventText(event) {
-  return [
-    event.intent,
-    event.tool ?? "",
-    event.scope ?? ""
-  ].join(" ").toLowerCase();
-}
-function extractKeywords(text, minLength = 3) {
-  return text.toLowerCase().split(/\s+/).filter((w) => w.length > minLength);
-}
-function matchesAllKeywords(eventText, ruleText) {
-  const keywords = extractKeywords(ruleText);
-  if (keywords.length === 0) return false;
-  return keywords.every((kw) => eventText.includes(kw));
-}
-function matchesKeywordThreshold(eventText, ruleText, threshold = 0.5) {
-  const keywords = extractKeywords(ruleText);
-  if (keywords.length === 0) return false;
-  const matched = keywords.filter((kw) => eventText.includes(kw));
-  return matched.length >= Math.ceil(keywords.length * threshold);
-}
-function tokenSimilarity(a, b) {
-  const tokensA = new Set(a.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
-  const tokensB = new Set(b.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
-  if (tokensA.size === 0 || tokensB.size === 0) return 0;
-  let intersection = 0;
-  for (const t of tokensA) {
-    if (tokensB.has(t)) intersection++;
-  }
-  const union = (/* @__PURE__ */ new Set([...tokensA, ...tokensB])).size;
-  return union > 0 ? intersection / union : 0;
-}
-
-// src/engine/plan-engine.ts
-function keywordMatch(eventText, step) {
-  const stepText = [
-    step.label,
-    step.description ?? "",
-    ...step.tags ?? []
-  ].join(" ");
-  return matchesKeywordThreshold(eventText, stepText, 0.5);
-}
-function tokenSimilarity2(a, b) {
-  return tokenSimilarity(a, b);
-}
-function findMatchingStep(eventText, event, steps) {
-  const pendingOrActive = steps.filter((s) => s.status === "pending" || s.status === "active");
-  if (pendingOrActive.length === 0) {
-    return { matched: null, closest: null, closestScore: 0 };
-  }
-  for (const step of pendingOrActive) {
-    if (keywordMatch(eventText, step)) {
-      if (step.tools && event.tool && !step.tools.includes(event.tool)) {
-        continue;
-      }
-      return { matched: step, closest: step, closestScore: 1 };
-    }
-  }
-  const intentText = [event.intent, event.tool ?? "", event.scope ?? ""].join(" ");
-  let bestStep = null;
-  let bestScore = 0;
-  for (const step of pendingOrActive) {
-    const stepText = [step.label, step.description ?? "", ...step.tags ?? []].join(" ");
-    const score = tokenSimilarity2(intentText, stepText);
-    if (score > bestScore) {
-      bestScore = score;
-      bestStep = step;
-    }
-  }
-  const SIMILARITY_THRESHOLD = 0.35;
-  if (bestScore >= SIMILARITY_THRESHOLD && bestStep) {
-    if (bestStep.tools && event.tool && !bestStep.tools.includes(event.tool)) {
-      return { matched: null, closest: bestStep, closestScore: bestScore };
-    }
-    return { matched: bestStep, closest: bestStep, closestScore: bestScore };
-  }
-  return { matched: null, closest: bestStep, closestScore: bestScore };
-}
-function isSequenceValid(step, plan) {
-  if (!plan.sequential) return true;
-  if (!step.requires || step.requires.length === 0) return true;
-  return step.requires.every((reqId) => {
-    const reqStep = plan.steps.find((s) => s.id === reqId);
-    return reqStep?.status === "completed";
-  });
-}
-function checkConstraints(event, eventText, constraints) {
-  const checks = [];
-  for (const constraint of constraints) {
-    if (constraint.type === "approval") {
-      if (constraint.trigger && eventText.includes(constraint.trigger.substring(0, 10).toLowerCase())) {
-        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
-        return { violated: constraint, checks };
-      }
-      const keywords = constraint.description.toLowerCase().split(/\s+/).filter((w) => w.length > 3);
-      const relevant = keywords.some((kw) => eventText.includes(kw));
-      if (relevant) {
-        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
-        return { violated: constraint, checks };
-      }
-      checks.push({ constraintId: constraint.id, passed: true });
-      continue;
-    }
-    if (constraint.type === "scope" && constraint.trigger) {
-      const keywords = extractKeywords(constraint.trigger);
-      const violated = keywords.length > 0 && keywords.every((kw) => eventText.includes(kw));
-      checks.push({
-        constraintId: constraint.id,
-        passed: !violated,
-        reason: violated ? constraint.description : void 0
-      });
-      if (violated) {
-        return { violated: constraint, checks };
-      }
-      continue;
-    }
-    checks.push({ constraintId: constraint.id, passed: true });
-  }
-  return { violated: null, checks };
-}
-function getPlanProgress(plan) {
-  const completed = plan.steps.filter((s) => s.status === "completed").length;
-  const total = plan.steps.length;
-  return {
-    completed,
-    total,
-    percentage: total > 0 ? Math.round(completed / total * 100) : 0
-  };
-}
-function advancePlan(plan, stepId, evidence) {
-  const step = plan.steps.find((s) => s.id === stepId);
-  if (!step) {
-    return { success: false, reason: `Step "${stepId}" not found in plan.` };
-  }
-  if (step.status === "completed") {
-    return { success: false, reason: `Step "${stepId}" is already completed.` };
-  }
-  const mode = plan.completion ?? "trust";
-  if (mode === "verified" && step.verify) {
-    if (!evidence) {
-      return {
-        success: false,
-        reason: `Step "${step.label}" requires evidence (verify: ${step.verify}). Provide evidence to advance.`
-      };
-    }
-    if (evidence.type !== step.verify) {
-      return {
-        success: false,
-        reason: `Evidence type "${evidence.type}" does not match required verification "${step.verify}".`
-      };
-    }
-  }
-  const updatedPlan = {
-    ...plan,
-    steps: plan.steps.map(
-      (s) => s.id === stepId ? { ...s, status: "completed" } : s
-    )
-  };
-  return {
-    success: true,
-    plan: updatedPlan,
-    evidence: evidence ?? void 0
-  };
-}
-function evaluatePlan(event, plan) {
-  const progress = getPlanProgress(plan);
-  if (plan.expires_at) {
-    const expiresAt = new Date(plan.expires_at).getTime();
-    if (Date.now() > expiresAt) {
-      return {
-        allowed: true,
-        status: "PLAN_COMPLETE",
-        reason: "Plan has expired.",
-        progress
-      };
-    }
-  }
-  if (progress.completed === progress.total) {
-    return {
-      allowed: true,
-      status: "PLAN_COMPLETE",
-      reason: "All plan steps are completed.",
-      progress
-    };
-  }
-  const eventText = normalizeEventText(event);
-  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
-  if (!matched) {
-    return {
-      allowed: false,
-      status: "OFF_PLAN",
-      reason: "Action does not match any plan step.",
-      closestStep: closest?.label,
-      similarityScore: closestScore,
-      progress
-    };
-  }
-  if (!isSequenceValid(matched, plan)) {
-    const pendingDeps = (matched.requires ?? []).filter((reqId) => plan.steps.find((s) => s.id === reqId)?.status !== "completed").join(", ");
-    return {
-      allowed: false,
-      status: "OFF_PLAN",
-      reason: `Step "${matched.label}" requires completion of: ${pendingDeps}`,
-      matchedStep: matched.id,
-      progress
-    };
-  }
-  const { violated } = checkConstraints(event, eventText, plan.constraints);
-  if (violated) {
-    return {
-      allowed: false,
-      status: "CONSTRAINT_VIOLATED",
-      reason: violated.description,
-      matchedStep: matched.id,
-      progress
-    };
-  }
-  return {
-    allowed: true,
-    status: "ON_PLAN",
-    reason: `Matches step: ${matched.label}`,
-    matchedStep: matched.id,
-    progress
-  };
-}
-function buildPlanCheck(event, plan, verdict) {
-  const eventText = normalizeEventText(event);
-  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
-  const { checks: constraintChecks } = checkConstraints(event, eventText, plan.constraints);
-  const progress = getPlanProgress(plan);
-  return {
-    planId: plan.plan_id,
-    matched: !!matched,
-    matchedStepId: matched?.id,
-    matchedStepLabel: matched?.label,
-    closestStepId: !matched ? closest?.id : void 0,
-    closestStepLabel: !matched ? closest?.label : void 0,
-    similarityScore: !matched ? closestScore : void 0,
-    sequenceValid: matched ? isSequenceValid(matched, plan) : void 0,
-    constraintsChecked: constraintChecks,
-    progress: { completed: progress.completed, total: progress.total }
-  };
-}
-
-// src/adapters/shared.ts
-var GovernanceBlockedError = class extends Error {
-  verdict;
-  constructor(verdict, message) {
-    super(message ?? `[NeuroVerse] BLOCKED: ${verdict.reason ?? verdict.ruleId ?? "governance rule"}`);
-    this.name = "GovernanceBlockedError";
-    this.verdict = verdict;
-  }
-};
-function trackPlanProgress(event, state, callbacks) {
-  if (!state.activePlan) return;
-  const planVerdict = evaluatePlan(event, state.activePlan);
-  if (planVerdict.matchedStep) {
-    const advResult = advancePlan(state.activePlan, planVerdict.matchedStep);
-    if (advResult.success && advResult.plan) {
-      state.activePlan = advResult.plan;
-      state.engineOptions.plan = state.activePlan;
-    }
-    const progress = getPlanProgress(state.activePlan);
-    callbacks.onPlanProgress?.(progress);
-    if (progress.completed === progress.total) {
-      callbacks.onPlanComplete?.();
-    }
-  }
-}
-function extractScope(args) {
-  if (typeof args.path === "string") return args.path;
-  if (typeof args.file_path === "string") return args.file_path;
-  if (typeof args.filename === "string") return args.filename;
-  if (typeof args.url === "string") return args.url;
-  if (typeof args.command === "string") return args.command;
-  return void 0;
-}
-function buildEngineOptions(options, plan) {
-  return {
-    trace: options.trace ?? false,
-    level: options.level,
-    plan: plan ?? options.plan
-  };
-}
-function defaultBlockMessage(verdict) {
-  return `Action blocked by governance policy: ${verdict.reason ?? "rule violation"}. Rule: ${verdict.ruleId ?? "unknown"}.`;
-}
-
-// src/engine/guard-engine.ts
-var PROMPT_INJECTION_PATTERNS = [
-  // Instruction override
-  { pattern: /ignore\s+(previous|all|prior|above)\s+(instructions?|rules?)/i, label: "ignore-instructions" },
-  { pattern: /disregard\s+(your|the)\s+(rules|constraints)/i, label: "disregard-rules" },
-  { pattern: /new\s+instructions?:/i, label: "new-instructions" },
-  // Identity manipulation
-  { pattern: /you\s+are\s+now/i, label: "identity-override" },
-  { pattern: /new\s+persona/i, label: "new-persona" },
-  { pattern: /act\s+as\s+if/i, label: "act-as-if" },
-  { pattern: /pretend\s+(you|to\s+be|you\s+are\s+unrestricted)/i, label: "pretend-to-be" },
-  // Context reset
-  { pattern: /forget\s+(everything|all|your)/i, label: "forget-context" },
-  { pattern: /system\s*:\s*override/i, label: "system-override" },
-  // Constraint bypass
-  { pattern: /override\s+(your|the)\s+(programming|constraints)/i, label: "override-constraints" },
-  { pattern: /bypass\s+(your|the)\s+(filters|constraints|rules)/i, label: "bypass-filters" },
-  // Prompt extraction
-  { pattern: /system\s+prompt/i, label: "system-prompt-probe" },
-  { pattern: /reveal\s+your\s+(instructions?|prompt|rules)/i, label: "reveal-instructions" },
-  // Known jailbreak terms
-  { pattern: /jailbreak/i, label: "jailbreak" },
-  { pattern: /DAN\s+mode/i, label: "dan-mode" },
-  { pattern: /developer\s+mode/i, label: "developer-mode" }
-];
-var EXECUTION_CLAIM_PATTERNS = [
-  { pattern: /I have (executed|completed|performed|done|made|created|sent|deleted|modified|updated)/i, label: "claim-i-have" },
-  { pattern: /Successfully (created|deleted|modified|updated|sent|executed|performed)/i, label: "claim-successfully" },
-  { pattern: /The file has been/i, label: "claim-file-modified" },
-  { pattern: /I've made the changes/i, label: "claim-made-changes" },
-  { pattern: /I('ve| have) (sent|posted|submitted|uploaded|downloaded)/i, label: "claim-sent" },
-  { pattern: /Your (email|message|file|request) has been (sent|submitted)/i, label: "claim-your-sent" },
-  { pattern: /Transaction complete/i, label: "claim-transaction" },
-  { pattern: /Order placed/i, label: "claim-order" },
-  { pattern: /Payment processed/i, label: "claim-payment" }
-];
-var EXECUTION_INTENT_PATTERNS = [
-  { pattern: /^(execute|run|perform|do this)/i, label: "intent-execute" },
-  { pattern: /^(create|write|delete|modify) (a |the )?(file|folder|document)/i, label: "intent-file-ops" },
-  { pattern: /^(send|post|submit) (a |an |the )?(email|message|tweet|post)/i, label: "intent-send" },
-  { pattern: /^(search|look up|browse) (the )?web/i, label: "intent-web-search" },
-  { pattern: /^(make|call|invoke) (a |an )?(api|http|rest) (call|request)/i, label: "intent-api-call" },
-  { pattern: /^(buy|purchase|order|pay|transfer|send money)/i, label: "intent-financial" },
-  { pattern: /^(book|schedule|reserve)/i, label: "intent-booking" },
-  { pattern: /^(download|upload|save to|export to)/i, label: "intent-transfer" }
-];
-var SCOPE_ESCAPE_PATTERNS = [
-  { pattern: /\.\.\//, label: "parent-traversal" },
-  { pattern: /^\/(?!home|project|workspace)/i, label: "absolute-path-outside-safe" },
-  { pattern: /~\//, label: "home-directory" },
-  { pattern: /\/etc\//i, label: "system-config" },
-  { pattern: /\/usr\//i, label: "system-binaries" },
-  { pattern: /\/var\//i, label: "system-variable-data" }
-];
-var NEUTRAL_MESSAGES = {
-  "prompt-injection": "This input contains patterns that could alter agent behavior.",
-  "scope-escape": "This action would affect resources outside the declared scope.",
-  "execution-claim": "This response claims to have performed an action.",
-  "execution-intent": "This input requests execution in a thinking-only environment.",
-  "delete": "This action would remove files. Confirmation needed.",
-  "write-external": "This action would write outside the project folder.",
-  "network-mutate": "This action would send data to an external service.",
-  "credential-access": "This action would access stored credentials."
-};
-function levelRequiresConfirmation(level, actionType) {
-  if (level === "strict") return true;
-  if (level === "standard") {
-    return actionType === "delete" || actionType === "credential-access";
-  }
-  return false;
-}
-function isExternalScope(scope) {
-  const internalPatterns = [
-    /^\.?\/?src\//i,
-    /^\.?\/?lib\//i,
-    /^\.?\/?app\//i,
-    /^\.?\/?components\//i,
-    /^\.?\/?pages\//i,
-    /^\.?\/?public\//i,
-    /^\.?\/?assets\//i,
-    /^\.\//
-  ];
-  return !internalPatterns.some((p) => p.test(scope));
-}
-function evaluateGuard(event, world, options = {}) {
-  const startTime = performance.now();
-  const level = options.level ?? "standard";
-  const includeTrace = options.trace ?? false;
-  const eventText = normalizeEventText(event);
-  const invariantChecks = [];
-  const safetyChecks = [];
-  let planCheckResult;
-  const roleChecks = [];
-  const guardChecks = [];
-  const kernelRuleChecks = [];
-  const levelChecks = [];
-  let decidingLayer = "default-allow";
-  let decidingId;
-  const guardsMatched = [];
-  const rulesMatched = [];
-  checkInvariantCoverage(world, invariantChecks);
-  if (event.roleId && options.agentStates) {
-    const agentState = options.agentStates.get(event.roleId);
-    if (agentState && agentState.cooldownRemaining > 0) {
-      decidingLayer = "safety";
-      decidingId = `penalize-cooldown-${event.roleId}`;
-      const verdict = buildVerdict(
-        "PENALIZE",
-        `Agent "${event.roleId}" is frozen for ${agentState.cooldownRemaining} more round(s) due to prior penalty.`,
-        `penalize-cooldown-${event.roleId}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-      verdict.intentRecord = {
-        originalIntent: event.intent,
-        finalAction: "blocked (agent frozen)",
-        enforcement: "PENALIZE",
-        consequence: { type: "freeze", rounds: agentState.cooldownRemaining, description: "Agent still in cooldown from prior penalty" }
-      };
-      return verdict;
-    }
-  }
-  if (options.sessionAllowlist) {
-    const key = eventToAllowlistKey(event);
-    if (options.sessionAllowlist.has(key)) {
-      decidingLayer = "session-allowlist";
-      decidingId = `allowlist:${key}`;
-      return buildVerdict(
-        "ALLOW",
-        void 0,
-        `allowlist:${key}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-    }
-  }
-  const safetyVerdict = checkSafety(event, eventText, safetyChecks);
-  if (safetyVerdict) {
-    decidingLayer = "safety";
-    decidingId = safetyVerdict.ruleId;
-    return buildVerdict(
-      safetyVerdict.status,
-      safetyVerdict.reason,
-      safetyVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  if (options.plan) {
-    const planVerdict = evaluatePlan(event, options.plan);
-    planCheckResult = buildPlanCheck(event, options.plan, planVerdict);
-    if (!planVerdict.allowed && planVerdict.status !== "PLAN_COMPLETE") {
-      decidingLayer = "plan-enforcement";
-      decidingId = `plan-${options.plan.plan_id}`;
-      const planStatus = planVerdict.status === "CONSTRAINT_VIOLATED" ? "PAUSE" : "BLOCK";
-      let reason = planVerdict.reason ?? "Action blocked by plan.";
-      if (planVerdict.status === "OFF_PLAN" && planVerdict.closestStep) {
-        reason += ` Closest step: "${planVerdict.closestStep}" (similarity: ${(planVerdict.similarityScore ?? 0).toFixed(2)})`;
-      }
-      return buildVerdict(
-        planStatus,
-        reason,
-        `plan-${options.plan.plan_id}`,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-    }
-  }
-  const roleVerdict = checkRoleRules(event, eventText, world, roleChecks);
-  if (roleVerdict) {
-    decidingLayer = "role";
-    decidingId = roleVerdict.ruleId;
-    return buildVerdict(
-      roleVerdict.status,
-      roleVerdict.reason,
-      roleVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const guardVerdict = checkGuards(event, eventText, world, guardChecks, guardsMatched);
-  if (guardVerdict) {
-    if (guardVerdict.status !== "ALLOW") {
-      decidingLayer = "guard";
-      decidingId = guardVerdict.ruleId;
-      const intentRecord = {
-        originalIntent: event.intent,
-        finalAction: guardVerdict.status === "MODIFY" ? guardVerdict.modifiedTo ?? "modified" : guardVerdict.status === "PENALIZE" ? "blocked + penalized" : guardVerdict.status === "REWARD" ? event.intent : guardVerdict.status === "NEUTRAL" ? event.intent : guardVerdict.status === "BLOCK" ? "blocked" : "paused",
-        ruleApplied: guardVerdict.ruleId,
-        enforcement: guardVerdict.status,
-        modifiedTo: guardVerdict.modifiedTo,
-        consequence: guardVerdict.consequence,
-        reward: guardVerdict.reward
-      };
-      const verdict = buildVerdict(
-        guardVerdict.status,
-        guardVerdict.reason,
-        guardVerdict.ruleId,
-        void 0,
-        world,
-        level,
-        invariantChecks,
-        guardsMatched,
-        rulesMatched,
-        includeTrace ? buildTrace(
-          invariantChecks,
-          safetyChecks,
-          planCheckResult,
-          roleChecks,
-          guardChecks,
-          kernelRuleChecks,
-          levelChecks,
-          decidingLayer,
-          decidingId,
-          startTime
-        ) : void 0
-      );
-      verdict.intentRecord = intentRecord;
-      if (guardVerdict.consequence) verdict.consequence = guardVerdict.consequence;
-      if (guardVerdict.reward) verdict.reward = guardVerdict.reward;
-      return verdict;
-    }
-  }
-  const kernelVerdict = checkKernelRules(eventText, world, kernelRuleChecks, rulesMatched);
-  if (kernelVerdict) {
-    decidingLayer = "kernel-rule";
-    decidingId = kernelVerdict.ruleId;
-    return buildVerdict(
-      kernelVerdict.status,
-      kernelVerdict.reason,
-      kernelVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const levelVerdict = checkLevelConstraints(event, level, levelChecks);
-  if (levelVerdict) {
-    decidingLayer = "level-constraint";
-    decidingId = levelVerdict.ruleId;
-    return buildVerdict(
-      levelVerdict.status,
-      levelVerdict.reason,
-      levelVerdict.ruleId,
-      void 0,
-      world,
-      level,
-      invariantChecks,
-      guardsMatched,
-      rulesMatched,
-      includeTrace ? buildTrace(
-        invariantChecks,
-        safetyChecks,
-        planCheckResult,
-        roleChecks,
-        guardChecks,
-        kernelRuleChecks,
-        levelChecks,
-        decidingLayer,
-        decidingId,
-        startTime
-      ) : void 0
-    );
-  }
-  const warning = guardVerdict?.warning;
-  return buildVerdict(
-    "ALLOW",
-    void 0,
-    void 0,
-    warning,
-    world,
-    level,
-    invariantChecks,
-    guardsMatched,
-    rulesMatched,
-    includeTrace ? buildTrace(
-      invariantChecks,
-      safetyChecks,
-      planCheckResult,
-      roleChecks,
-      guardChecks,
-      kernelRuleChecks,
-      levelChecks,
-      decidingLayer,
-      decidingId,
-      startTime
-    ) : void 0
-  );
-}
-function checkInvariantCoverage(world, checks) {
-  const invariants = world.invariants ?? [];
-  const guards = world.guards?.guards ?? [];
-  for (const invariant of invariants) {
-    const coveringGuard = guards.find(
-      (g) => g.invariant_ref === invariant.id && g.immutable
-    );
-    checks.push({
-      invariantId: invariant.id,
-      label: invariant.label,
-      hasGuardCoverage: !!coveringGuard,
-      coveringGuardId: coveringGuard?.id
-    });
-  }
-}
-function checkSafety(event, eventText, checks) {
-  const textToCheck = event.intent + (event.payload ? JSON.stringify(event.payload) : "");
-  for (const { pattern, label } of PROMPT_INJECTION_PATTERNS) {
-    const triggered = pattern.test(textToCheck);
-    checks.push({
-      checkType: "prompt-injection",
-      triggered,
-      matchedPattern: triggered ? label : void 0
-    });
-    if (triggered) {
-      for (const remaining of PROMPT_INJECTION_PATTERNS.filter((p) => p.label !== label)) {
-        checks.push({
-          checkType: "prompt-injection",
-          triggered: remaining.pattern.test(textToCheck),
-          matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
-        });
-      }
-      return {
-        status: "PAUSE",
-        reason: NEUTRAL_MESSAGES["prompt-injection"],
-        ruleId: `safety-injection-${label}`
-      };
-    }
-  }
-  const scopeToCheck = event.scope ?? event.intent;
-  for (const { pattern, label } of SCOPE_ESCAPE_PATTERNS) {
-    const triggered = pattern.test(scopeToCheck);
-    checks.push({
-      checkType: "scope-escape",
-      triggered,
-      matchedPattern: triggered ? label : void 0
-    });
-    if (triggered) {
-      for (const remaining of SCOPE_ESCAPE_PATTERNS.filter((p) => p.label !== label)) {
-        checks.push({
-          checkType: "scope-escape",
-          triggered: remaining.pattern.test(scopeToCheck),
-          matchedPattern: remaining.pattern.test(scopeToCheck) ? remaining.label : void 0
-        });
-      }
-      return {
-        status: "PAUSE",
-        reason: NEUTRAL_MESSAGES["scope-escape"],
-        ruleId: `safety-scope-${label}`
-      };
-    }
-  }
-  if (event.direction === "output") {
-    for (const { pattern, label } of EXECUTION_CLAIM_PATTERNS) {
-      const triggered = pattern.test(textToCheck);
-      checks.push({
-        checkType: "execution-claim",
-        triggered,
-        matchedPattern: triggered ? label : void 0
-      });
-      if (triggered) {
-        for (const remaining of EXECUTION_CLAIM_PATTERNS.filter((p) => p.label !== label)) {
-          checks.push({
-            checkType: "execution-claim",
-            triggered: remaining.pattern.test(textToCheck),
-            matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
-          });
-        }
-        return {
-          status: "PAUSE",
-          reason: NEUTRAL_MESSAGES["execution-claim"],
-          ruleId: `safety-execution-claim-${label}`
-        };
-      }
-    }
-  }
-  if (event.direction === "input") {
-    const intentTrimmed = event.intent.trim();
-    for (const { pattern, label } of EXECUTION_INTENT_PATTERNS) {
-      const triggered = pattern.test(intentTrimmed);
-      checks.push({
-        checkType: "execution-intent",
-        triggered,
-        matchedPattern: triggered ? label : void 0
-      });
-      if (triggered) {
-        for (const remaining of EXECUTION_INTENT_PATTERNS.filter((p) => p.label !== label)) {
-          checks.push({
-            checkType: "execution-intent",
-            triggered: remaining.pattern.test(intentTrimmed),
-            matchedPattern: remaining.pattern.test(intentTrimmed) ? remaining.label : void 0
-          });
-        }
-        return {
-          status: "PAUSE",
-          reason: NEUTRAL_MESSAGES["execution-intent"],
-          ruleId: `safety-execution-intent-${label}`
-        };
-      }
-    }
-  }
-  return null;
-}
-function checkRoleRules(event, eventText, world, checks) {
-  if (!event.roleId || !world.roles) return null;
-  const role = world.roles.roles.find((r) => r.id === event.roleId);
-  if (!role) return null;
-  if (role.requiresApproval) {
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule: "All actions require approval",
-      ruleType: "requiresApproval",
-      matched: true
-    });
-    return {
-      status: "PAUSE",
-      reason: `Role "${role.name}" requires approval for all actions.`,
-      ruleId: `role-${role.id}-requires-approval`
-    };
-  }
-  for (const rule of role.cannotDo) {
-    const matched = matchesKeywords(eventText, rule);
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule,
-      ruleType: "cannotDo",
-      matched
-    });
-    if (matched) {
-      return {
-        status: "BLOCK",
-        reason: `Role "${role.name}" cannot: ${rule}`,
-        ruleId: `role-${role.id}-cannotdo`
-      };
-    }
-  }
-  for (const rule of role.canDo) {
-    checks.push({
-      roleId: role.id,
-      roleName: role.name,
-      rule,
-      ruleType: "canDo",
-      matched: matchesKeywords(eventText, rule)
-    });
-  }
-  return null;
-}
-function checkGuards(event, eventText, world, checks, guardsMatched) {
-  if (!world.guards) return null;
-  const guardsConfig = world.guards;
-  let warnResult = null;
-  const compiledPatterns = /* @__PURE__ */ new Map();
-  for (const [key, def] of Object.entries(guardsConfig.intent_vocabulary)) {
-    try {
-      compiledPatterns.set(key, new RegExp(def.pattern, "i"));
-    } catch {
-    }
-  }
-  const eventTool = (event.tool ?? "").toLowerCase();
-  for (const guard of guardsConfig.guards) {
-    if (guard.appliesTo && guard.appliesTo.length > 0) {
-      const normalizedAppliesTo = guard.appliesTo.map((t) => t.toLowerCase());
-      if (!normalizedAppliesTo.includes(eventTool)) {
-        continue;
-      }
-    }
-    const enabled = guard.immutable || guard.default_enabled !== false;
-    const matchedPatterns = [];
-    for (const patternKey of guard.intent_patterns) {
-      const regex = compiledPatterns.get(patternKey);
-      if (regex?.test(eventText)) {
-        matchedPatterns.push(patternKey);
-      }
-    }
-    const matched = matchedPatterns.length > 0 && enabled;
-    let roleGated = false;
-    if (matched && guard.required_roles && guard.required_roles.length > 0 && event.roleId && guard.required_roles.includes(event.roleId)) {
-      roleGated = true;
-    }
-    checks.push({
-      guardId: guard.id,
-      label: guard.label,
-      category: guard.category,
-      enabled,
-      matched: matched && !roleGated,
-      enforcement: guard.enforcement,
-      matchedPatterns,
-      roleGated
-    });
-    if (!matched || roleGated) continue;
-    guardsMatched.push(guard.id);
-    const actionMode = guard.player_modes?.action ?? guard.enforcement;
-    const reason = guard.redirect ? `${guard.description} \u2014 ${guard.redirect}` : guard.description;
-    if (actionMode === "block") {
-      return { status: "BLOCK", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "pause") {
-      return { status: "PAUSE", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "penalize") {
-      const consequence = guard.consequence ? { ...guard.consequence } : { type: "freeze", rounds: 1, description: `Penalized for violating: ${guard.label}` };
-      return { status: "PENALIZE", reason, ruleId: `guard-${guard.id}`, consequence };
-    }
-    if (actionMode === "reward") {
-      const reward = guard.reward ? { ...guard.reward } : { type: "boost_influence", magnitude: 0.1, description: `Rewarded for: ${guard.label}` };
-      return { status: "REWARD", reason, ruleId: `guard-${guard.id}`, reward };
-    }
-    if (actionMode === "modify") {
-      const modifiedTo = guard.modify_to ?? guard.redirect ?? "hold";
-      return { status: "MODIFY", reason: `${reason} \u2192 Modified to: ${modifiedTo}`, ruleId: `guard-${guard.id}`, modifiedTo };
-    }
-    if (actionMode === "neutral") {
-      return { status: "NEUTRAL", reason, ruleId: `guard-${guard.id}` };
-    }
-    if (actionMode === "warn" && !warnResult) {
-      warnResult = { status: "ALLOW", warning: reason, ruleId: `guard-${guard.id}` };
-    }
-  }
-  return warnResult;
-}
-function checkKernelRules(eventText, world, checks, rulesMatched) {
-  if (!world.kernel) return null;
-  const forbidden = world.kernel.input_boundaries?.forbidden_patterns ?? [];
-  const output = world.kernel.output_boundaries?.forbidden_patterns ?? [];
-  for (const rule of forbidden) {
-    let matched = false;
-    let matchMethod = "none";
-    if (rule.pattern) {
-      try {
-        matched = new RegExp(rule.pattern, "i").test(eventText);
-        matchMethod = "pattern";
-      } catch {
-      }
-    }
-    if (!matched && rule.reason) {
-      matched = matchesKeywords(eventText, rule.reason);
-      if (matched) matchMethod = "keyword";
-    }
-    checks.push({
-      ruleId: rule.id,
-      text: rule.reason,
-      category: "forbidden",
-      matched,
-      matchMethod
-    });
-    if (matched) {
-      rulesMatched.push(rule.id);
-      if (rule.action === "BLOCK") {
-        return {
-          status: "BLOCK",
-          reason: rule.reason,
-          ruleId: `kernel-${rule.id}`
-        };
-      }
-    }
-  }
-  return null;
-}
-function checkLevelConstraints(event, level, checks) {
-  if (level === "basic") return null;
-  const intent = event.intent.toLowerCase();
-  const tool = (event.tool ?? "").toLowerCase();
-  const isDelete = intent.includes("delete") || intent.includes("remove") || intent.includes("rm ") || tool === "delete";
-  const deleteTriggered = isDelete && levelRequiresConfirmation(level, "delete");
-  checks.push({
-    checkType: "delete",
-    level,
-    triggered: deleteTriggered,
-    reason: deleteTriggered ? NEUTRAL_MESSAGES["delete"] : void 0
-  });
-  if (deleteTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["delete"], ruleId: "level-delete-check" };
-  }
-  const isExternal = event.scope ? isExternalScope(event.scope) : false;
-  const externalTriggered = isExternal && levelRequiresConfirmation(level, "write-external");
-  checks.push({
-    checkType: "write-external",
-    level,
-    triggered: externalTriggered,
-    reason: externalTriggered ? NEUTRAL_MESSAGES["write-external"] : void 0
-  });
-  if (externalTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["write-external"], ruleId: "level-external-write-check" };
-  }
-  const isNetwork = tool === "http" || tool === "fetch" || tool === "request" || intent.includes("post ") || intent.includes("sending");
-  const networkTriggered = isNetwork && levelRequiresConfirmation(level, "network-mutate");
-  checks.push({
-    checkType: "network-mutate",
-    level,
-    triggered: networkTriggered,
-    reason: networkTriggered ? NEUTRAL_MESSAGES["network-mutate"] : void 0
-  });
-  if (networkTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["network-mutate"], ruleId: "level-network-mutate-check" };
-  }
-  const isCredential = intent.includes("credential") || intent.includes("password") || intent.includes("secret") || intent.includes("api key") || intent.includes("token");
-  const credentialTriggered = isCredential && levelRequiresConfirmation(level, "credential-access");
-  checks.push({
-    checkType: "credential-access",
-    level,
-    triggered: credentialTriggered,
-    reason: credentialTriggered ? NEUTRAL_MESSAGES["credential-access"] : void 0
-  });
-  if (credentialTriggered) {
-    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["credential-access"], ruleId: "level-credential-check" };
-  }
-  const irreversibleTriggered = !!event.irreversible && level !== "basic";
-  checks.push({
-    checkType: "irreversible",
-    level,
-    triggered: irreversibleTriggered,
-    reason: irreversibleTriggered ? "This action is marked as irreversible." : void 0
-  });
-  if (irreversibleTriggered) {
-    return {
-      status: "PAUSE",
-      reason: "This action is marked as irreversible.",
-      ruleId: "level-irreversible-check"
-    };
-  }
-  return null;
-}
-function matchesKeywords(eventText, ruleText) {
-  return matchesAllKeywords(eventText, ruleText);
-}
-function eventToAllowlistKey(event) {
-  return `${(event.tool ?? "*").toLowerCase()}::${event.intent.toLowerCase().trim()}`;
-}
-function buildTrace(invariantChecks, safetyChecks, planCheck, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
-  const trace = {
-    invariantChecks,
-    safetyChecks,
-    roleChecks,
-    guardChecks,
-    kernelRuleChecks,
-    levelChecks,
-    precedenceResolution: {
-      decidingLayer,
-      decidingId,
-      strategy: "first-match-wins",
-      chainOrder: [
-        "invariant-coverage",
-        "session-allowlist",
-        "safety-injection",
-        "safety-scope-escape",
-        "safety-execution-claim",
-        "safety-execution-intent",
-        "plan-enforcement",
-        "role-rules",
-        "declarative-guards",
-        "kernel-rules",
-        "level-constraints",
-        "default-allow"
-      ]
-    },
-    durationMs: performance.now() - startTime
-  };
-  if (planCheck) {
-    trace.planCheck = planCheck;
-  }
-  return trace;
-}
-function buildVerdict(status, reason, ruleId, warning, world, level, invariantChecks, guardsMatched, rulesMatched, trace) {
-  const evidence = {
-    worldId: world.world.world_id,
-    worldName: world.world.name,
-    worldVersion: world.world.version,
-    evaluatedAt: Date.now(),
-    invariantsSatisfied: invariantChecks.filter((c) => c.hasGuardCoverage).length,
-    invariantsTotal: invariantChecks.length,
-    guardsMatched,
-    rulesMatched,
-    enforcementLevel: level
-  };
-  const verdict = {
-    status,
-    evidence
-  };
-  if (reason) verdict.reason = reason;
-  if (ruleId) verdict.ruleId = ruleId;
-  if (warning) verdict.warning = warning;
-  if (trace) verdict.trace = trace;
-  return verdict;
-}
-
-// src/loader/world-loader.ts
-async function loadWorldFromDirectory(dirPath) {
-  const { readFile } = await import("fs/promises");
-  const { join } = await import("path");
-  const { readdirSync } = await import("fs");
-  async function readJson(filename) {
-    try {
-      const content = await readFile(join(dirPath, filename), "utf-8");
-      return JSON.parse(content);
-    } catch {
-      return void 0;
-    }
-  }
-  const worldJson = await readJson("world.json");
-  if (!worldJson) {
-    throw new Error(`Cannot read world.json in ${dirPath}`);
-  }
-  const invariantsJson = await readJson("invariants.json");
-  const assumptionsJson = await readJson("assumptions.json");
-  const stateSchemaJson = await readJson("state-schema.json");
-  const gatesJson = await readJson("gates.json");
-  const outcomesJson = await readJson("outcomes.json");
-  const guardsJson = await readJson("guards.json");
-  const rolesJson = await readJson("roles.json");
-  const kernelJson = await readJson("kernel.json");
-  const metadataJson = await readJson("metadata.json");
-  const rules = [];
-  try {
-    const rulesDir = join(dirPath, "rules");
-    const ruleFiles = readdirSync(rulesDir).filter((f) => f.endsWith(".json")).sort();
-    for (const file of ruleFiles) {
-      const content = await readFile(join(rulesDir, file), "utf-8");
-      rules.push(JSON.parse(content));
-    }
-  } catch {
-  }
-  return {
-    world: worldJson,
-    invariants: invariantsJson?.invariants ?? [],
-    assumptions: assumptionsJson ?? { profiles: {}, parameter_definitions: {} },
-    stateSchema: stateSchemaJson ?? { variables: {}, presets: {} },
-    rules,
-    gates: gatesJson ?? {
-      viability_classification: [],
-      structural_override: { description: "", enforcement: "mandatory" },
-      sustainability_threshold: 0,
-      collapse_visual: { background: "", text: "", border: "", label: "" }
-    },
-    outcomes: outcomesJson ?? {
-      computed_outcomes: [],
-      comparison_layout: { primary_card: "", status_badge: "", structural_indicators: [] }
-    },
-    guards: guardsJson,
-    roles: rolesJson,
-    kernel: kernelJson,
-    metadata: metadataJson ?? {
-      format_version: "1.0.0",
-      created_at: "",
-      last_modified: "",
-      authoring_method: "manual-authoring"
-    }
-  };
-}
-async function loadWorld(worldPath) {
-  const { stat } = await import("fs/promises");
-  const info = await stat(worldPath);
-  if (info.isDirectory()) {
-    return loadWorldFromDirectory(worldPath);
-  }
-  if (worldPath.endsWith(".nv-world.zip")) {
-    throw new Error(".nv-world.zip loading not yet implemented \u2014 use a world directory");
-  }
-  throw new Error(`Cannot load world from: ${worldPath} \u2014 expected a directory or .nv-world.zip`);
-}
-
-// src/adapters/langchain.ts
-var GovernanceBlockedError2 = class extends GovernanceBlockedError {
-  event;
-  constructor(verdict, event) {
-    super(verdict);
-    this.event = event;
-  }
-};
-function defaultMapToolCall(toolName, toolInput) {
-  return {
-    intent: toolName,
-    tool: toolName,
-    scope: extractScope(toolInput),
-    args: toolInput,
-    direction: "input"
-  };
-}
-var NeuroVerseCallbackHandler = class {
-  name = "NeuroVerseGovernance";
-  world;
-  options;
-  engineOptions;
-  mapToolCall;
-  activePlan;
-  constructor(world, options = {}) {
-    this.world = world;
-    this.options = options;
-    this.activePlan = options.plan;
-    this.engineOptions = buildEngineOptions(options, this.activePlan);
-    this.mapToolCall = options.mapToolCall ?? defaultMapToolCall;
-  }
-  /**
-   * Called before a tool is executed.
-   * Evaluates the tool call against the governance world.
-   *
-   * @throws GovernanceBlockedError if the action is BLOCKED
-   * @throws GovernanceBlockedError if the action is PAUSED and onPause returns false
-   */
-  async handleToolStart(tool, input) {
-    let parsedInput;
-    try {
-      parsedInput = typeof input === "string" ? JSON.parse(input) : input;
-    } catch {
-      parsedInput = { raw: input };
-    }
-    const event = this.mapToolCall(tool.name, parsedInput);
-    this.engineOptions.plan = this.activePlan;
-    const verdict = evaluateGuard(event, this.world, this.engineOptions);
-    this.options.onEvaluate?.(verdict, event);
-    if (verdict.status === "BLOCK") {
-      this.options.onBlock?.(verdict, event);
-      throw new GovernanceBlockedError2(verdict, event);
-    }
-    if (verdict.status === "PAUSE") {
-      const approved = await this.options.onPause?.(verdict, event);
-      if (!approved) {
-        throw new GovernanceBlockedError2(verdict, event);
-      }
-    }
-    if (verdict.status === "ALLOW") {
-      trackPlanProgress(event, this, this.options);
-    }
-  }
-};
-async function createNeuroVerseCallbackHandler(worldPath, options) {
-  const world = await loadWorld(worldPath);
-  return new NeuroVerseCallbackHandler(world, options);
-}
-function createNeuroVerseCallbackHandlerFromWorld(world, options) {
-  return new NeuroVerseCallbackHandler(world, options);
-}
-
-// src/adapters/openai.ts
-var GovernanceBlockedError3 = class extends GovernanceBlockedError {
-  toolCallId;
-  constructor(verdict, toolCallId) {
-    super(verdict);
-    this.toolCallId = toolCallId;
-  }
-};
-function defaultMapFunctionCall(name, args) {
-  return {
-    intent: name,
-    tool: name,
-    scope: extractScope(args),
-    args,
-    direction: "input"
-  };
-}
-var GovernedToolExecutor = class {
-  world;
-  options;
-  engineOptions;
-  mapFn;
-  blockMsg;
-  activePlan;
-  constructor(world, options = {}) {
-    this.world = world;
-    this.options = options;
-    this.activePlan = options.plan;
-    this.engineOptions = buildEngineOptions(options, this.activePlan);
-    this.mapFn = options.mapFunctionCall ?? defaultMapFunctionCall;
-    this.blockMsg = options.blockMessage ?? defaultBlockMessage;
-  }
-  /**
-   * Evaluate a single tool call against governance rules.
-   * Returns the verdict without executing the tool.
-   */
-  evaluate(toolCall) {
-    let args;
-    try {
-      args = JSON.parse(toolCall.function.arguments);
-    } catch {
-      args = { raw: toolCall.function.arguments };
-    }
-    const event = this.mapFn(toolCall.function.name, args);
-    this.engineOptions.plan = this.activePlan;
-    const verdict = evaluateGuard(event, this.world, this.engineOptions);
-    this.options.onEvaluate?.(verdict, event);
-    if (verdict.status === "ALLOW") {
-      trackPlanProgress(event, this, this.options);
-    }
-    return verdict;
-  }
-  /**
-   * Execute a tool call with governance enforcement.
-   *
-   * If ALLOW: runs the tool and returns the result.
-   * If BLOCK: returns a blocked message (no execution).
-   * If PAUSE: throws — caller must handle approval flow.
-   *
-   * @param toolCall - The OpenAI tool call to evaluate
-   * @param runner - The actual tool execution function
-   * @returns A tool result message ready for the OpenAI API
-   */
-  async execute(toolCall, runner) {
-    const verdict = this.evaluate(toolCall);
-    if (verdict.status === "BLOCK") {
-      return {
-        tool_call_id: toolCall.id,
-        role: "tool",
-        content: this.blockMsg(verdict),
-        _verdict: verdict
-      };
-    }
-    if (verdict.status === "PAUSE") {
-      throw new GovernanceBlockedError3(verdict, toolCall.id);
-    }
-    let args;
-    try {
-      args = JSON.parse(toolCall.function.arguments);
-    } catch {
-      args = { raw: toolCall.function.arguments };
-    }
-    const content = await runner(toolCall.function.name, args);
-    return {
-      tool_call_id: toolCall.id,
-      role: "tool",
-      content,
-      _verdict: verdict
-    };
-  }
-};
-async function createGovernedToolExecutor(worldPath, options) {
-  const world = await loadWorld(worldPath);
-  return new GovernedToolExecutor(world, options);
-}
-function createGovernedToolExecutorFromWorld(world, options) {
-  return new GovernedToolExecutor(world, options);
-}
-
-// src/adapters/openclaw.ts
-var GovernanceBlockedError4 = class extends GovernanceBlockedError {
-  action;
-  constructor(verdict, action) {
-    super(verdict);
-    this.action = action;
-  }
-};
-function defaultMapAction(action, direction) {
-  return {
-    intent: action.type,
-    tool: action.tool ?? action.type,
-    args: action.input,
-    direction,
-    scope: action.input ? extractScope(action.input) : void 0
-  };
-}
-var NeuroVersePlugin = class {
-  name = "neuroverse-governance";
-  world;
-  options;
-  engineOptions;
-  mapAction;
-  activePlan;
-  constructor(world, options = {}) {
-    this.world = world;
-    this.options = options;
-    this.activePlan = options.plan;
-    this.engineOptions = buildEngineOptions(options, this.activePlan);
-    this.mapAction = options.mapAction ?? defaultMapAction;
-  }
-  /**
-   * Evaluate an action before execution.
-   *
-   * @throws GovernanceBlockedError if BLOCKED
-   * @returns HookResult with verdict details
-   */
-  beforeAction(action) {
-    const event = this.mapAction(action, "input");
-    this.engineOptions.plan = this.activePlan;
-    const verdict = evaluateGuard(event, this.world, this.engineOptions);
-    const result = {
-      allowed: verdict.status === "ALLOW",
-      verdict,
-      action
-    };
-    this.options.onEvaluate?.(result);
-    if (verdict.status === "BLOCK") {
-      throw new GovernanceBlockedError4(verdict, action);
-    }
-    if (verdict.status === "ALLOW") {
-      trackPlanProgress(event, this, this.options);
-    }
-    return result;
-  }
-  /**
-   * Evaluate an action's output (post-execution governance).
-   * Only runs if evaluateOutputs is enabled.
-   *
-   * @returns HookResult or null if output evaluation is disabled
-   */
-  afterAction(action, _output) {
-    if (!this.options.evaluateOutputs) return null;
-    const event = this.mapAction(action, "output");
-    const verdict = evaluateGuard(event, this.world, this.engineOptions);
-    const result = {
-      allowed: verdict.status === "ALLOW",
-      verdict,
-      action
-    };
-    this.options.onEvaluate?.(result);
-    if (verdict.status === "BLOCK") {
-      throw new GovernanceBlockedError4(verdict, action);
-    }
-    return result;
-  }
-  /**
-   * Get the plugin hooks object for agent.use().
-   */
-  hooks() {
-    return {
-      beforeAction: (action) => this.beforeAction(action),
-      afterAction: (action, output) => this.afterAction(action, output)
-    };
-  }
-};
-async function createNeuroVersePlugin(worldPath, options) {
-  const world = await loadWorld(worldPath);
-  return new NeuroVersePlugin(world, options);
-}
-function createNeuroVersePluginFromWorld(world, options) {
-  return new NeuroVersePlugin(world, options);
-}
-
-// src/adapters/express.ts
-function methodToCategory(method) {
-  switch (method.toUpperCase()) {
-    case "GET":
-    case "HEAD":
-    case "OPTIONS":
-      return "read";
-    case "POST":
-    case "PUT":
-    case "PATCH":
-      return "write";
-    case "DELETE":
-      return "delete";
-    default:
-      return "other";
-  }
-}
-function defaultMapRequest(req) {
-  const method = (req.method ?? "GET").toUpperCase();
-  const path = req.path ?? req.url ?? "/";
-  return {
-    intent: `${method} ${path}`,
-    tool: "http",
-    scope: path,
-    actionCategory: methodToCategory(method),
-    direction: "input",
-    args: {
-      method,
-      path,
-      ...req.params ?? {},
-      ...req.query ?? {}
-    }
-  };
-}
-function defaultOnBlock(verdict, _req, res, statusCode) {
-  const body = {
-    error: "Governance policy violation",
-    reason: verdict.reason ?? "Action not permitted",
-    ruleId: verdict.ruleId,
-    status: verdict.status
-  };
-  if (res.status && res.json) {
-    res.status(statusCode).json(body);
-  } else if (res.send) {
-    res.statusCode = statusCode;
-    res.send(JSON.stringify(body));
-  } else if (res.end) {
-    res.statusCode = statusCode;
-    res.end();
-  }
-}
-async function createGovernanceMiddleware(worldPath, options) {
-  const world = await loadWorld(worldPath);
-  return createGovernanceMiddlewareFromWorld(world, options);
-}
-function createGovernanceMiddlewareFromWorld(world, options = {}) {
-  const engineOptions = {
-    trace: options.trace ?? false,
-    level: options.level
-  };
-  const mapRequest = options.mapRequest ?? defaultMapRequest;
-  const blockStatusCode = options.blockStatusCode ?? 403;
-  return async function neuroVerseGovernance(req, res, next) {
-    try {
-      const event = mapRequest(req);
-      const verdict = evaluateGuard(event, world, engineOptions);
-      options.onEvaluate?.(verdict, event, req);
-      if (verdict.status === "ALLOW") {
-        next();
-        return;
-      }
-      if (verdict.status === "PAUSE") {
-        const approved = await options.onPause?.(verdict, req);
-        if (approved) {
-          next();
-          return;
-        }
-      }
-      if (options.onBlock) {
-        options.onBlock(verdict, req, res);
-      } else {
-        defaultOnBlock(verdict, req, res, blockStatusCode);
-      }
-    } catch (err) {
-      next(err);
-    }
-  };
-}
-
-// src/adapters/autoresearch.ts
-var AutoresearchGovernor = class {
-  config;
-  state;
-  constructor(config) {
-    this.config = config;
-    this.state = {
-      experiments_run: 0,
-      best_result: null,
-      architectures_tested: [],
-      experiment_log: [],
-      total_compute_minutes: 0,
-      keep_count: 0
-    };
-  }
-  /**
-   * Convert an experiment proposal into a GuardEvent for governance evaluation.
-   */
-  proposalToGuardEvent(proposal) {
-    return {
-      intent: `run experiment: ${proposal.description}`,
-      tool: "experiment_runner",
-      scope: "experiment",
-      roleId: "experiment_runner",
-      direction: "output",
-      actionCategory: "shell",
-      args: {
-        experiment_id: String(proposal.experiment_id),
-        architecture: proposal.architecture,
-        estimated_minutes: String(proposal.estimated_minutes || 5)
-      }
-    };
-  }
-  /**
-   * Evaluate an experiment proposal against governance rules.
-   * Returns a simplified verdict without requiring the full guard engine.
-   */
-  evaluateProposal(proposal) {
-    const warnings = [];
-    const estimatedMinutes = proposal.estimated_minutes || 5;
-    if (this.state.total_compute_minutes + estimatedMinutes > this.config.computeBudgetMinutes) {
-      return {
-        allowed: false,
-        reason: `Compute budget exhausted: ${this.state.total_compute_minutes}/${this.config.computeBudgetMinutes} minutes used`,
-        warnings
-      };
-    }
-    if (this.config.constraints) {
-      for (const constraint of this.config.constraints) {
-        const lower = constraint.toLowerCase();
-        const archLower = proposal.architecture.toLowerCase();
-        const descLower = proposal.description.toLowerCase();
-        if (lower.startsWith("no ")) {
-          const forbidden = lower.slice(3).trim();
-          if (archLower.includes(forbidden) || descLower.includes(forbidden)) {
-            return {
-              allowed: false,
-              reason: `Architecture constraint violated: ${constraint}`,
-              warnings
-            };
-          }
-        }
-      }
-    }
-    const failureCount = this.state.experiment_log.filter((e) => !e.success).length;
-    if (failureCount > 5) {
-      warnings.push(`High failure rate: ${failureCount} failed experiments. Consider investigating root cause.`);
-    }
-    const recentArchitectures = this.state.experiment_log.slice(-5).map((e) => e.architecture);
-    const uniqueRecent = new Set(recentArchitectures).size;
-    if (recentArchitectures.length >= 5 && uniqueRecent === 1) {
-      warnings.push("Research may be stuck: last 5 experiments used the same architecture.");
-    }
-    return { allowed: true, reason: "Experiment approved", warnings };
-  }
-  /**
-   * Record an experiment result and update research state.
-   */
-  recordResult(result) {
-    this.state.experiments_run++;
-    this.state.total_compute_minutes += result.wall_clock_minutes;
-    this.state.experiment_log.push(result);
-    if (!this.state.architectures_tested.includes(result.architecture)) {
-      this.state.architectures_tested.push(result.architecture);
-    }
-    if (!result.success) {
-      return { kept: false, improvement: null, state: { ...this.state } };
-    }
-    let kept = false;
-    let improvement = null;
-    if (this.state.best_result === null) {
-      kept = true;
-      this.state.best_result = result;
-      this.state.keep_count++;
-    } else {
-      const prev = this.state.best_result.metric_value;
-      const curr = result.metric_value;
-      if (this.config.optimize === "minimize") {
-        kept = curr < prev;
-        improvement = kept ? prev - curr : null;
-      } else {
-        kept = curr > prev;
-        improvement = kept ? curr - prev : null;
-      }
-      if (kept) {
-        this.state.best_result = result;
-        this.state.keep_count++;
-      }
-    }
-    return { kept, improvement, state: { ...this.state } };
-  }
-  /**
-   * Export current state as a state snapshot compatible with the world file.
-   */
-  toWorldState() {
-    const successfulExperiments = this.state.experiment_log.filter((e) => e.success);
-    const failedCount = this.state.experiment_log.filter((e) => !e.success).length;
-    const keepRate = this.state.experiments_run > 0 ? Math.round(this.state.keep_count / this.state.experiments_run * 100) : 0;
-    let improvementRate = 0;
-    if (successfulExperiments.length >= 2) {
-      const recent = successfulExperiments.slice(-10);
-      let improvements = 0;
-      for (let i = 1; i < recent.length; i++) {
-        const prev = recent[i - 1].metric_value;
-        const curr = recent[i].metric_value;
-        if (this.config.optimize === "minimize" ? curr < prev : curr > prev) {
-          improvements++;
-        }
-      }
-      improvementRate = Math.round(improvements / (recent.length - 1) * 100);
-    }
-    return {
-      experiments_run: this.state.experiments_run,
-      best_metric_value: this.state.best_result?.metric_value ?? (this.config.optimize === "minimize" ? 100 : -1e3),
-      keep_rate: keepRate,
-      compute_used_minutes: Math.round(this.state.total_compute_minutes),
-      compute_budget_minutes: this.config.computeBudgetMinutes,
-      failed_experiments: failedCount,
-      metric_improvement_rate: improvementRate,
-      research_context_drift: 0
-      // would need NLP to compute properly
-    };
-  }
-  /**
-   * Get a summary of the current research state.
-   */
-  getSummary() {
-    return {
-      experiments_run: this.state.experiments_run,
-      best_result: this.state.best_result,
-      keep_rate: this.state.experiments_run > 0 ? Math.round(this.state.keep_count / this.state.experiments_run * 100) : 0,
-      compute_remaining_minutes: this.config.computeBudgetMinutes - this.state.total_compute_minutes,
-      architectures_tested: [...this.state.architectures_tested]
-    };
-  }
-  /**
-   * Load state from a persisted research context file.
-   */
-  loadState(state) {
-    this.state = { ...state };
-  }
-  /**
-   * Export state for persistence.
-   */
-  exportState() {
-    return { ...this.state };
-  }
-};
-
-// src/engine/tool-classifier.ts
-var TOOL_CATEGORY_MAP = {
-  // File operations
-  read_file: "file_read",
-  read: "file_read",
-  glob: "file_read",
-  grep: "file_read",
-  list_files: "file_read",
-  write_file: "file_write",
-  write: "file_write",
-  create_file: "file_write",
-  edit_file: "file_write",
-  edit: "file_write",
-  patch: "file_write",
-  delete_file: "file_delete",
-  remove_file: "file_delete",
-  // Shell
-  shell: "shell",
-  bash: "shell",
-  execute: "shell",
-  run_command: "shell",
-  terminal: "shell",
-  // Git
-  git: "git",
-  git_commit: "git",
-  git_push: "git",
-  git_checkout: "git",
-  // Network
-  http: "network",
-  fetch: "network",
-  curl: "network",
-  web_search: "network",
-  // Sub-agents
-  sub_agent: "sub_agent",
-  spawn_agent: "sub_agent",
-  delegate: "sub_agent",
-  // Context management
-  summarize: "context",
-  compress_context: "context"
-};
-function classifyTool(toolName) {
-  const normalized = toolName.toLowerCase().replace(/[-\s]/g, "_");
-  return TOOL_CATEGORY_MAP[normalized] ?? "unknown";
-}
-var DANGEROUS_SHELL_PATTERNS = [
-  { pattern: /rm\s+(-[a-zA-Z]*f[a-zA-Z]*\s+|.*-rf\s+|.*--force)/, label: "force-delete" },
-  { pattern: /rm\s+-[a-zA-Z]*r/, label: "recursive-delete" },
-  { pattern: />\s*\/dev\/sd/, label: "disk-overwrite" },
-  { pattern: /mkfs\./, label: "format-disk" },
-  { pattern: /dd\s+if=/, label: "disk-dump" },
-  { pattern: /chmod\s+(-R\s+)?777/, label: "world-writable" },
-  { pattern: /curl\s+.*\|\s*(bash|sh|zsh)/, label: "pipe-to-shell" },
-  { pattern: /wget\s+.*\|\s*(bash|sh|zsh)/, label: "pipe-to-shell" },
-  { pattern: /:(){ :\|:& };:/, label: "fork-bomb" },
-  { pattern: />\s*\/etc\//, label: "system-config-overwrite" },
-  { pattern: /shutdown|reboot|halt|poweroff/, label: "system-shutdown" },
-  { pattern: /kill\s+-9\s+1\b/, label: "kill-init" }
-];
-var DANGEROUS_GIT_PATTERNS = [
-  { pattern: /push\s+.*--force/, label: "force-push" },
-  { pattern: /push\s+.*-f\b/, label: "force-push" },
-  { pattern: /push\s+(origin\s+)?main\b/, label: "push-main" },
-  { pattern: /push\s+(origin\s+)?master\b/, label: "push-master" },
-  { pattern: /reset\s+--hard/, label: "hard-reset" },
-  { pattern: /clean\s+-fd/, label: "clean-force" },
-  { pattern: /branch\s+-D/, label: "force-delete-branch" }
-];
-function isDangerousCommand(command) {
-  const matched = DANGEROUS_SHELL_PATTERNS.filter((p) => p.pattern.test(command)).map((p) => p.label);
-  return { dangerous: matched.length > 0, labels: matched };
-}
-function isDangerousGitCommand(command) {
-  const matched = DANGEROUS_GIT_PATTERNS.filter((p) => p.pattern.test(command)).map((p) => p.label);
-  return { dangerous: matched.length > 0, labels: matched };
-}
-function assessRiskLevel(category) {
-  if (category === "file_read" || category === "context") return "low";
-  if (category === "file_write" || category === "sub_agent") return "medium";
-  if (category === "shell" || category === "file_delete" || category === "git" || category === "network") return "high";
-  return void 0;
-}
-function categoryToActionCategory(category) {
-  if (category === "file_read" || category === "context") return "read";
-  if (category === "file_write") return "write";
-  if (category === "file_delete") return "delete";
-  if (category === "shell") return "shell";
-  if (category === "network") return "network";
-  return "other";
-}
-
-// src/adapters/deep-agents.ts
-var GovernanceBlockedError5 = class extends GovernanceBlockedError {
-  toolCall;
-  category;
-  constructor(verdict, toolCall, category) {
-    super(verdict);
-    this.toolCall = toolCall;
-    this.category = category;
-  }
-};
-function defaultMapToolCall2(toolCall) {
-  const category = classifyTool(toolCall.tool);
-  const args = toolCall.args;
-  const scope = extractScope(args);
-  let intent = toolCall.tool;
-  if (category === "shell" && typeof args.command === "string") {
-    intent = `shell: ${args.command}`;
-  } else if (category === "git" && typeof args.command === "string") {
-    intent = `git ${args.command}`;
-  } else if (category === "file_write" && scope) {
-    intent = `write ${scope}`;
-  } else if (category === "file_delete" && scope) {
-    intent = `delete ${scope}`;
-  }
-  const riskLevel = assessRiskLevel(category);
-  let irreversible = false;
-  if (category === "shell" && typeof args.command === "string") {
-    irreversible = DANGEROUS_SHELL_PATTERNS.some((p) => p.pattern.test(args.command));
-  } else if (category === "git" && typeof args.command === "string") {
-    irreversible = DANGEROUS_GIT_PATTERNS.some((p) => p.pattern.test(args.command));
-  } else if (category === "file_delete") {
-    irreversible = true;
-  }
-  return {
-    intent,
-    tool: toolCall.tool,
-    scope,
-    args,
-    direction: "input",
-    actionCategory: categoryToActionCategory(category),
-    riskLevel,
-    irreversible
-  };
-}
-var DeepAgentsGuard = class {
-  name = "neuroverse-deep-agents-guard";
-  world;
-  options;
-  engineOptions;
-  mapToolCall;
-  activePlan;
-  constructor(world, options = {}) {
-    this.world = world;
-    this.options = options;
-    this.activePlan = options.plan;
-    this.engineOptions = buildEngineOptions(options, this.activePlan);
-    this.mapToolCall = options.mapToolCall ?? defaultMapToolCall2;
-  }
-  /**
-   * Evaluate a tool call against governance rules.
-   * Returns the result without side effects.
-   */
-  evaluate(toolCall) {
-    const event = this.mapToolCall(toolCall);
-    this.engineOptions.plan = this.activePlan;
-    const verdict = evaluateGuard(event, this.world, this.engineOptions);
-    const category = classifyTool(toolCall.tool);
-    const result = {
-      allowed: verdict.status === "ALLOW",
-      verdict,
-      toolCall,
-      category
-    };
-    this.options.onEvaluate?.(result);
-    if (verdict.status === "ALLOW" && this.activePlan) {
-      this.trackPlanProgressInternal(event);
-    }
-    return result;
-  }
-  /**
-   * Evaluate and enforce governance on a tool call.
-   *
-   * @throws GovernanceBlockedError if BLOCKED
-   * @throws GovernanceBlockedError if PAUSED and onPause returns false
-   * @returns DeepAgentsGuardResult on ALLOW
-   */
-  async enforce(toolCall) {
-    const result = this.evaluate(toolCall);
-    if (result.verdict.status === "BLOCK") {
-      this.options.onBlock?.(result);
-      throw new GovernanceBlockedError5(result.verdict, toolCall, result.category);
-    }
-    if (result.verdict.status === "PAUSE") {
-      const approved = await this.options.onPause?.(result);
-      if (!approved) {
-        throw new GovernanceBlockedError5(result.verdict, toolCall, result.category);
-      }
-    }
-    return result;
-  }
-  /**
-   * Evaluate and execute a tool call with governance enforcement.
-   *
-   * If ALLOW: runs the executor and returns its result.
-   * If BLOCK: returns a governance-blocked message.
-   * If PAUSE: calls onPause; blocks if not approved.
-   *
-   * @param toolCall - The Deep Agents tool call to evaluate
-   * @param executor - The actual tool execution function
-   * @returns The tool execution result or a blocked message
-   */
-  async execute(toolCall, executor) {
-    const guardResult = this.evaluate(toolCall);
-    if (guardResult.verdict.status === "BLOCK") {
-      this.options.onBlock?.(guardResult);
-      return {
-        blocked: true,
-        verdict: guardResult.verdict,
-        reason: guardResult.verdict.reason ?? "Action blocked by governance policy."
-      };
-    }
-    if (guardResult.verdict.status === "PAUSE") {
-      const approved = await this.options.onPause?.(guardResult);
-      if (!approved) {
-        return {
-          blocked: true,
-          verdict: guardResult.verdict,
-          reason: guardResult.verdict.reason ?? "Action requires approval."
-        };
-      }
-    }
-    const result = await executor(toolCall);
-    return { result, verdict: guardResult.verdict };
-  }
-  /**
-   * Returns a middleware function compatible with Deep Agents' tool pipeline.
-   *
-   * The middleware intercepts tool calls before execution:
-   *   agent.use(guard.middleware());
-   */
-  middleware() {
-    return async (toolCall, next) => {
-      await this.enforce(toolCall);
-      return next();
-    };
-  }
-  /**
-   * Returns a callback-handler-style object for LangChain integration.
-   * Compatible with Deep Agents' callback system.
-   */
-  callbacks() {
-    return {
-      handleToolStart: async (tool, input) => {
-        let parsedInput;
-        try {
-          parsedInput = typeof input === "string" ? JSON.parse(input) : input;
-        } catch {
-          parsedInput = { raw: input };
-        }
-        await this.enforce({ tool: tool.name, args: parsedInput });
-      }
-    };
-  }
-  /**
-   * Check if a shell command contains dangerous patterns.
-   * Useful for pre-screening before full governance evaluation.
-   */
-  static isDangerousCommand(command) {
-    return isDangerousCommand(command);
-  }
-  /**
-   * Check if a git command contains dangerous patterns.
-   */
-  static isDangerousGitCommand(command) {
-    return isDangerousGitCommand(command);
-  }
-  /**
-   * Classify a tool name into a category.
-   */
-  static classifyTool(toolName) {
-    return classifyTool(toolName);
-  }
-  // ─── Private ──────────────────────────────────────────────────────────────
-  trackPlanProgressInternal(event) {
-    trackPlanProgress(event, this, this.options);
-  }
-};
-async function createDeepAgentsGuard(worldPath, options) {
-  const world = await loadWorld(worldPath);
-  return new DeepAgentsGuard(world, options);
-}
-function createDeepAgentsGuardFromWorld(world, options) {
-  return new DeepAgentsGuard(world, options);
-}
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  AutoresearchGovernor,
-  DeepAgentsGovernanceBlockedError,
-  DeepAgentsGuard,
-  GovernanceBlockedError,
-  GovernedToolExecutor,
-  LangChainGovernanceBlockedError,
-  NeuroVerseCallbackHandler,
-  NeuroVersePlugin,
-  OpenAIGovernanceBlockedError,
-  OpenClawGovernanceBlockedError,
-  buildEngineOptions,
-  createDeepAgentsGuard,
-  createDeepAgentsGuardFromWorld,
-  createGovernanceMiddleware,
-  createGovernanceMiddlewareFromWorld,
-  createGovernedToolExecutor,
-  createGovernedToolExecutorFromWorld,
-  createNeuroVerseCallbackHandler,
-  createNeuroVerseCallbackHandlerFromWorld,
-  createNeuroVersePlugin,
-  createNeuroVersePluginFromWorld,
-  defaultBlockMessage,
-  extractScope,
-  trackPlanProgress
-});