@neuroverseos/governance 0.3.4 → 0.4.0

package/dist/chunk-APU4OZIP.js

@@ -0,0 +1,828 @@
+import {
+  buildEngineOptions,
+  trackPlanProgress
+} from "./chunk-5U2MQO5P.js";
+import {
+  evaluateGuard
+} from "./chunk-ZAF6JH23.js";
+import {
+  loadWorld
+} from "./chunk-BXLTEUS4.js";
+
+// src/worlds/mentraos-intent-taxonomy.ts
+var MENTRA_INTENT_TAXONOMY = [
+  // ── Camera Domain ───────────────────────────────────────────────────────
+  {
+    intent: "camera_photo_capture",
+    description: "Capture a single photo from the glasses camera",
+    sdk_method: "session.camera.requestPhoto()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "camera_stream_start",
+    description: "Start a managed video stream (HLS) from the glasses camera",
+    sdk_method: "session.camera.startManagedStream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "camera_stream_stop",
+    description: "Stop an active camera stream",
+    sdk_method: "session.camera.stopStream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: false
+  },
+  {
+    intent: "camera_restream_start",
+    description: "Restream camera feed to an external RTMP destination (e.g., social media)",
+    sdk_method: "session.camera.startRestream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Microphone Domain ──────────────────────────────────────────────────
+  {
+    intent: "microphone_transcription_start",
+    description: "Start receiving speech-to-text transcription events",
+    sdk_method: "session.events.onTranscription()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["even_realities_g1", "mentra_live"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "microphone_translation_start",
+    description: "Start receiving translation events from spoken audio",
+    sdk_method: "session.events.onTranslation()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["even_realities_g1", "mentra_live"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "microphone_phone_passthrough",
+    description: "Use phone microphone as audio input (glasses without built-in mic)",
+    sdk_method: "session.audio.startPhoneMic()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Display Domain ────────────────────────────────────────────────────
+  {
+    intent: "display_text_wall",
+    description: "Show a single text block on the glasses display",
+    sdk_method: "session.layouts.showTextWall()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_double_text_wall",
+    description: "Show two text blocks (top/bottom) on the glasses display",
+    sdk_method: "session.layouts.showDoubleTextWall()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_reference_card",
+    description: "Show a reference card layout with structured content",
+    sdk_method: "session.layouts.showReferenceCard()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_dashboard_card",
+    description: "Show a dashboard card layout",
+    sdk_method: "session.layouts.showDashboardCard()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_image",
+    description: "Display an image on the glasses",
+    sdk_method: "session.layouts.showImage()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Dashboard Domain ──────────────────────────────────────────────────
+  {
+    intent: "dashboard_update_main",
+    description: "Update the persistent dashboard content (compact mode)",
+    sdk_method: "session.dashboard.content.setMain()",
+    permission: "NONE",
+    domain: "dashboard",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "dashboard_update_expanded",
+    description: "Update the expanded dashboard content (user-opened mode)",
+    sdk_method: "session.dashboard.content.setExpanded()",
+    permission: "NONE",
+    domain: "dashboard",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Location Domain ───────────────────────────────────────────────────
+  {
+    intent: "location_access",
+    description: "Access current location data from the paired phone",
+    sdk_method: "session.location.get()",
+    permission: "LOCATION",
+    domain: "location",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "location_continuous_sharing",
+    description: "Start continuous location updates to the app server",
+    sdk_method: "session.location.startContinuous()",
+    permission: "LOCATION",
+    domain: "location",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Calendar & Notifications ──────────────────────────────────────────
+  {
+    intent: "calendar_read",
+    description: "Read calendar events from the paired phone",
+    sdk_method: "session.calendar.getEvents()",
+    permission: "CALENDAR",
+    domain: "calendar",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "notifications_read",
+    description: "Read phone notifications",
+    sdk_method: "session.notifications.getRecent()",
+    permission: "READ_NOTIFICATIONS",
+    domain: "notifications",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Audio Domain ──────────────────────────────────────────────────────
+  {
+    intent: "audio_play",
+    description: "Play audio through the glasses speaker",
+    sdk_method: "session.audio.play()",
+    permission: "NONE",
+    domain: "audio",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Session Domain ────────────────────────────────────────────────────
+  {
+    intent: "session_data_export",
+    description: "Export session data to external storage or API",
+    sdk_method: "session.export()",
+    permission: "NONE",
+    domain: "session",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  // ── Tool Call Domain ──────────────────────────────────────────────────
+  {
+    intent: "tool_call_execute",
+    description: "Execute a custom tool call defined by the app via handleToolCall",
+    sdk_method: "AppServer.handleToolCall()",
+    permission: "NONE",
+    domain: "tool_call",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "other",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: false
+  },
+  // ── AI Data Flow Domain ─────────────────────────────────────────────────
+  // These intents govern what user data apps send to their AI backends.
+  // They operate at the app server layer (not the glasses hardware layer),
+  // so they work on all glasses models and require no hardware permission.
+  {
+    intent: "ai_send_transcription",
+    description: "Send user speech transcription to an external AI API for processing",
+    sdk_method: "app_server.ai.sendTranscription()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_image",
+    description: "Send a camera-captured image to an external AI API for vision analysis",
+    sdk_method: "app_server.ai.sendImage()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_location",
+    description: "Send user location data to an external AI API for context-aware processing",
+    sdk_method: "app_server.ai.sendLocation()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_calendar",
+    description: "Send user calendar data to an external AI API for scheduling assistance",
+    sdk_method: "app_server.ai.sendCalendar()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_notifications",
+    description: "Send user notification data to an external AI API for summarization or triage",
+    sdk_method: "app_server.ai.sendNotifications()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  // ── AI Action Domain ──────────────────────────────────────────────────
+  // These intents govern actions AI takes on behalf of the user.
+  // Every action here must be shown on the glasses display before execution.
+  {
+    intent: "ai_auto_respond_message",
+    description: "AI generates and sends a message (email, SMS, chat) on the user's behalf",
+    sdk_method: "app_server.ai.sendMessage()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_auto_purchase",
+    description: "AI initiates a financial transaction (purchase, subscription, tip) on the user's behalf",
+    sdk_method: "app_server.ai.purchase()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_auto_schedule",
+    description: "AI creates, modifies, or cancels a calendar event on the user's behalf",
+    sdk_method: "app_server.ai.schedule()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "ai_auto_setting_change",
+    description: "AI changes a user setting or app configuration on the user's behalf",
+    sdk_method: "app_server.ai.changeSetting()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "ai_retain_session_data",
+    description: "AI or app retains user session data (transcriptions, images, conversation) beyond session end",
+    sdk_method: "app_server.ai.retainData()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_share_with_third_party",
+    description: "AI or app shares user data with a third-party service beyond the declared AI provider",
+    sdk_method: "app_server.ai.shareExternal()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: false
+  }
+];
+var MENTRA_KNOWN_INTENTS = MENTRA_INTENT_TAXONOMY.map((d) => d.intent);
+var MENTRA_INTENT_MAP = new Map(MENTRA_INTENT_TAXONOMY.map((d) => [d.intent, d]));
+function getMentraIntent(intent) {
+  return MENTRA_INTENT_MAP.get(intent);
+}
+function getIntentsByPermission(permission) {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.permission === permission);
+}
+function getIntentsByGlasses(model) {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.supported_glasses.includes(model));
+}
+function isIntentSupported(intent, model) {
+  const def = MENTRA_INTENT_MAP.get(intent);
+  return def ? def.supported_glasses.includes(model) : false;
+}
+function getHighRiskIntents() {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.base_risk === "high" || d.base_risk === "critical");
+}
+function getExfiltrationIntents() {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.exfiltration_risk);
+}
+function getAIDataIntents() {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.domain === "ai_data");
+}
+function getAIActionIntents() {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.domain === "ai_action");
+}
+function getAIIntents() {
+  return MENTRA_INTENT_TAXONOMY.filter((d) => d.domain === "ai_data" || d.domain === "ai_action");
+}
+function isAIIntent(intent) {
+  const def = MENTRA_INTENT_MAP.get(intent);
+  return def ? def.domain === "ai_data" || def.domain === "ai_action" : false;
+}
+
+// src/adapters/mentraos.ts
+var DEFAULT_USER_RULES = {
+  aiDataPolicy: "declared_only",
+  aiActionPolicy: "confirm_all",
+  aiPurchasePolicy: "confirm_each",
+  aiMessagingPolicy: "confirm_each",
+  dataRetentionPolicy: "app_declared",
+  maxAIProviders: 5
+};
+function evaluateUserRules(intent, rules, appContext) {
+  const def = getMentraIntent(intent);
+  if (!def) return null;
+  if (def.domain === "ai_data" && intent !== "ai_retain_session_data") {
+    if (rules.aiDataPolicy === "block_all") {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-ai-data-block",
+          reason: `User rules block all AI data sends. Intent: ${intent}`,
+          evidence: makeEvidence("user-rule-ai-data-block")
+        },
+        reason: "User has blocked all AI data sends"
+      };
+    }
+    if (rules.aiDataPolicy === "confirm_each") {
+      return {
+        verdict: {
+          status: "PAUSE",
+          ruleId: "user-rule-ai-data-confirm",
+          reason: `User rules require confirmation for every AI data send. Intent: ${intent}`,
+          evidence: makeEvidence("user-rule-ai-data-confirm")
+        },
+        reason: "User requires confirmation for each AI data send"
+      };
+    }
+    if (!appContext.aiProviderDeclared) {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-undeclared-provider",
+          reason: `App "${appContext.appId}" has not declared its AI provider. User rules require declared providers only.`,
+          evidence: makeEvidence("user-rule-undeclared-provider")
+        },
+        reason: "App has not declared its AI provider"
+      };
+    }
+  }
+  if (intent === "ai_retain_session_data") {
+    if (rules.dataRetentionPolicy === "never") {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-no-retention",
+          reason: `User rules block all data retention. App "${appContext.appId}" cannot retain session data.`,
+          evidence: makeEvidence("user-rule-no-retention")
+        },
+        reason: "User has blocked all data retention"
+      };
+    }
+    if (!appContext.dataRetentionOptedIn) {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-retention-no-optin",
+          reason: `User has not opted in to data retention for app "${appContext.appId}".`,
+          evidence: makeEvidence("user-rule-retention-no-optin")
+        },
+        reason: "User has not opted in to data retention for this app"
+      };
+    }
+  }
+  if (intent === "ai_auto_purchase") {
+    if (rules.aiPurchasePolicy === "block_all") {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-no-purchases",
+          reason: "User rules block all AI-initiated purchases.",
+          evidence: makeEvidence("user-rule-no-purchases")
+        },
+        reason: "User has blocked all AI purchases"
+      };
+    }
+    return {
+      verdict: {
+        status: "PAUSE",
+        ruleId: "user-rule-purchase-confirm",
+        reason: `AI wants to make a purchase. User rules require per-transaction confirmation.`,
+        evidence: makeEvidence("user-rule-purchase-confirm")
+      },
+      reason: "User requires per-transaction confirmation for AI purchases"
+    };
+  }
+  if (intent === "ai_auto_respond_message") {
+    if (rules.aiMessagingPolicy === "block_all") {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-no-messaging",
+          reason: "User rules block all AI-initiated messaging.",
+          evidence: makeEvidence("user-rule-no-messaging")
+        },
+        reason: "User has blocked all AI messaging"
+      };
+    }
+    return {
+      verdict: {
+        status: "PAUSE",
+        ruleId: "user-rule-message-confirm",
+        reason: `AI wants to send a message on your behalf. User rules require per-message confirmation.`,
+        evidence: makeEvidence("user-rule-message-confirm")
+      },
+      reason: "User requires per-message confirmation for AI messaging"
+    };
+  }
+  if (def.domain === "ai_action" && intent !== "ai_auto_purchase" && intent !== "ai_auto_respond_message") {
+    if (rules.aiActionPolicy === "block_all") {
+      return {
+        verdict: {
+          status: "BLOCK",
+          ruleId: "user-rule-no-ai-actions",
+          reason: `User rules block all AI auto-actions. Intent: ${intent}`,
+          evidence: makeEvidence("user-rule-no-ai-actions")
+        },
+        reason: "User has blocked all AI auto-actions"
+      };
+    }
+    if (rules.aiActionPolicy === "confirm_all") {
+      return {
+        verdict: {
+          status: "PAUSE",
+          ruleId: "user-rule-action-confirm",
+          reason: `AI wants to take action: ${intent}. User rules require confirmation.`,
+          evidence: makeEvidence("user-rule-action-confirm")
+        },
+        reason: "User requires confirmation for all AI actions"
+      };
+    }
+    if (def.base_risk === "high" || def.base_risk === "critical") {
+      return {
+        verdict: {
+          status: "PAUSE",
+          ruleId: "user-rule-high-risk-confirm",
+          reason: `AI wants to take high-risk action: ${intent}. User rules require confirmation for high-risk actions.`,
+          evidence: makeEvidence("user-rule-high-risk-confirm")
+        },
+        reason: "User requires confirmation for high-risk AI actions"
+      };
+    }
+  }
+  if (intent === "ai_share_with_third_party") {
+    return {
+      verdict: {
+        status: "PAUSE",
+        ruleId: "user-rule-third-party-confirm",
+        reason: `App wants to share your data with a third party beyond its declared AI provider. Confirmation required.`,
+        evidence: makeEvidence("user-rule-third-party-confirm")
+      },
+      reason: "Third-party data sharing requires user confirmation"
+    };
+  }
+  return null;
+}
+function makeEvidence(ruleId) {
+  return {
+    worldId: "mentraos-user-rules",
+    worldName: "MentraOS User Rules",
+    worldVersion: "1.0.0",
+    evaluatedAt: Date.now(),
+    invariantsSatisfied: 0,
+    invariantsTotal: 0,
+    guardsMatched: [ruleId],
+    rulesMatched: [],
+    enforcementLevel: "strict"
+  };
+}
+var MentraGovernedExecutor = class {
+  world;
+  engineOptions;
+  options;
+  planState;
+  planCallbacks;
+  _userRules;
+  _emergencyOverride = false;
+  _emergencyActivatedAt = null;
+  constructor(world, options = {}, userRules = DEFAULT_USER_RULES) {
+    this.world = world;
+    this.options = options;
+    this._userRules = userRules;
+    this.engineOptions = buildEngineOptions(options, options.plan);
+    this.planState = { activePlan: options.plan, engineOptions: this.engineOptions };
+    this.planCallbacks = {
+      onPlanProgress: options.onPlanProgress,
+      onPlanComplete: options.onPlanComplete
+    };
+  }
+  /** Get the current user rules */
+  get userRules() {
+    return this._userRules;
+  }
+  /** Update user rules at runtime (e.g., user changes preferences in phone app) */
+  updateUserRules(rules) {
+    this._userRules = { ...this._userRules, ...rules };
+  }
+  /**
+   * Activate emergency override — user is king.
+   *
+   * Bypasses all NeuroVerse governance rules (user rules, platform rules).
+   * Does NOT bypass MentraOS platform constraints (hardware capability,
+   * declared permissions, session isolation). You can't override physics.
+   *
+   * Returns the timestamp of activation for audit trail.
+   */
+  activateEmergencyOverride() {
+    this._emergencyOverride = true;
+    this._emergencyActivatedAt = Date.now();
+    this.engineOptions = { ...this.engineOptions, emergencyOverride: true };
+    return this._emergencyActivatedAt;
+  }
+  /**
+   * Deactivate emergency override — governance resumes.
+   * Returns the duration the override was active (ms).
+   */
+  deactivateEmergencyOverride() {
+    if (!this._emergencyOverride || !this._emergencyActivatedAt) {
+      return 0;
+    }
+    const duration = Date.now() - this._emergencyActivatedAt;
+    this._emergencyOverride = false;
+    this._emergencyActivatedAt = null;
+    this.engineOptions = { ...this.engineOptions, emergencyOverride: false };
+    return duration;
+  }
+  /** Whether emergency override is currently active */
+  get isEmergencyOverrideActive() {
+    return this._emergencyOverride;
+  }
+  /** Timestamp when emergency override was activated, or null */
+  get emergencyActivatedAt() {
+    return this._emergencyActivatedAt;
+  }
+  /**
+   * Evaluate an intent against user rules + platform world.
+   *
+   * Three-layer evaluation:
+   *   0. Emergency override — if active, skip governance (layers 1 + 3),
+   *      but STILL enforce platform constraints (layer 2)
+   *   1. User rules check — personal governance override, can BLOCK or PAUSE
+   *   2. Hardware capability check — validates glasses support
+   *      ↑ THIS IS A PLATFORM CONSTRAINT — never overridden
+   *   3. Platform guard engine — full world rule evaluation
+   */
+  evaluate(intent, appContext) {
+    const intentDef = getMentraIntent(intent);
+    const glassesModel = appContext.glassesModel;
+    if (!this._emergencyOverride) {
+      const userRulesResult = evaluateUserRules(intent, this._userRules, appContext);
+      if (userRulesResult) {
+        const allowed2 = false;
+        const requiresConfirmation2 = userRulesResult.verdict.status === "PAUSE";
+        const result2 = {
+          allowed: requiresConfirmation2 ? false : false,
+          requiresConfirmation: requiresConfirmation2,
+          verdict: userRulesResult.verdict,
+          intentDef,
+          userRulesResult: { reason: userRulesResult.reason },
+          appContext,
+          decidingLayer: "user_rules"
+        };
+        if (requiresConfirmation2) {
+          this.options.onPause?.(result2);
+        } else {
+          this.options.onBlock?.(result2);
+        }
+        this.options.onEvaluate?.(result2);
+        return result2;
+      }
+    }
+    if (intentDef && glassesModel && !intentDef.supported_glasses.includes(glassesModel)) {
+      const verdict2 = {
+        status: "BLOCK",
+        ruleId: "hardware-capability",
+        reason: `${intent} not supported on ${glassesModel} \u2014 requires: ${intentDef.supported_glasses.join(", ")}`,
+        evidence: {
+          worldId: this.world.world?.world_id ?? "unknown",
+          worldName: this.world.world?.name ?? "unknown",
+          worldVersion: this.world.world?.version ?? "unknown",
+          evaluatedAt: Date.now(),
+          invariantsSatisfied: 0,
+          invariantsTotal: 0,
+          guardsMatched: ["hardware-capability"],
+          rulesMatched: [],
+          enforcementLevel: "strict"
+        }
+      };
+      const result2 = {
+        allowed: false,
+        requiresConfirmation: false,
+        verdict: verdict2,
+        intentDef,
+        appContext,
+        decidingLayer: "hardware"
+      };
+      this.options.onBlock?.(result2);
+      this.options.onEvaluate?.(result2);
+      return result2;
+    }
+    const event = {
+      intent,
+      tool: intentDef?.sdk_method ?? intent,
+      scope: intentDef?.domain ?? "unknown",
+      actionCategory: intentDef?.action_category,
+      riskLevel: intentDef?.base_risk ?? "medium",
+      irreversible: intentDef ? !intentDef.reversible : false,
+      args: {
+        app_id: appContext.appId,
+        ai_provider_declared: appContext.aiProviderDeclared ? 1 : 0,
+        ai_data_types_sent: appContext.aiDataTypesSent,
+        ai_retention_opted_in: appContext.dataRetentionOptedIn ? 1 : 0,
+        glasses_model: glassesModel ?? "unknown",
+        is_ai_intent: isAIIntent(intent) ? 1 : 0
+      }
+    };
+    const verdict = evaluateGuard(event, this.world, this.engineOptions);
+    const allowed = verdict.status === "ALLOW" || verdict.status === "REWARD";
+    const requiresConfirmation = verdict.status === "PAUSE";
+    if (allowed) {
+      trackPlanProgress(event, this.planState, this.planCallbacks);
+    }
+    const result = {
+      allowed,
+      requiresConfirmation,
+      verdict,
+      intentDef,
+      appContext,
+      decidingLayer: this._emergencyOverride ? "emergency_override" : "platform"
+    };
+    if (!allowed && !requiresConfirmation) {
+      this.options.onBlock?.(result);
+    }
+    if (requiresConfirmation) {
+      this.options.onPause?.(result);
+    }
+    this.options.onEvaluate?.(result);
+    return result;
+  }
+  /** Get all known intents for this adapter */
+  get knownIntents() {
+    return MENTRA_KNOWN_INTENTS;
+  }
+};
+async function createMentraGovernedExecutor(worldPath, options = {}, userRules = DEFAULT_USER_RULES) {
+  const world = await loadWorld(worldPath);
+  return new MentraGovernedExecutor(world, options, userRules);
+}
+function createMentraGovernedExecutorFromWorld(world, options = {}, userRules = DEFAULT_USER_RULES) {
+  return new MentraGovernedExecutor(world, options, userRules);
+}
+
+export {
+  MENTRA_INTENT_TAXONOMY,
+  MENTRA_KNOWN_INTENTS,
+  MENTRA_INTENT_MAP,
+  getMentraIntent,
+  getIntentsByPermission,
+  getIntentsByGlasses,
+  isIntentSupported,
+  getHighRiskIntents,
+  getExfiltrationIntents,
+  getAIDataIntents,
+  getAIActionIntents,
+  getAIIntents,
+  isAIIntent,
+  DEFAULT_USER_RULES,
+  evaluateUserRules,
+  MentraGovernedExecutor,
+  createMentraGovernedExecutor,
+  createMentraGovernedExecutorFromWorld
+};