@neuroverseos/governance 0.5.0 → 0.6.0

package/dist/admin/index.cjs

@@ -0,0 +1,2214 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/admin/index.ts
+var admin_exports = {};
+__export(admin_exports, {
+  GovernanceAdmin: () => GovernanceAdmin,
+  GovernanceAdminError: () => GovernanceAdminError,
+  InMemoryStorage: () => InMemoryStorage,
+  simulateFullMatrix: () => simulateFullMatrix,
+  simulatePolicy: () => simulatePolicy
+});
+module.exports = __toCommonJS(admin_exports);
+
+// src/engine/text-utils.ts
+function normalizeEventText(event) {
+  return [
+    event.intent,
+    event.tool ?? "",
+    event.scope ?? ""
+  ].join(" ").toLowerCase();
+}
+function extractKeywords(text, minLength = 3) {
+  return text.toLowerCase().split(/\s+/).filter((w) => w.length > minLength);
+}
+function matchesAllKeywords(eventText, ruleText) {
+  const keywords = extractKeywords(ruleText);
+  if (keywords.length === 0) return false;
+  return keywords.every((kw) => eventText.includes(kw));
+}
+function matchesKeywordThreshold(eventText, ruleText, threshold = 0.5) {
+  const keywords = extractKeywords(ruleText);
+  if (keywords.length === 0) return false;
+  const matched = keywords.filter((kw) => eventText.includes(kw));
+  return matched.length >= Math.ceil(keywords.length * threshold);
+}
+function tokenSimilarity(a, b) {
+  const tokensA = new Set(a.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  const tokensB = new Set(b.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  if (tokensA.size === 0 || tokensB.size === 0) return 0;
+  let intersection = 0;
+  for (const t of tokensA) {
+    if (tokensB.has(t)) intersection++;
+  }
+  const union = (/* @__PURE__ */ new Set([...tokensA, ...tokensB])).size;
+  return union > 0 ? intersection / union : 0;
+}
+
+// src/engine/plan-engine.ts
+function keywordMatch(eventText, step) {
+  const stepText = [
+    step.label,
+    step.description ?? "",
+    ...step.tags ?? []
+  ].join(" ");
+  return matchesKeywordThreshold(eventText, stepText, 0.5);
+}
+function tokenSimilarity2(a, b) {
+  return tokenSimilarity(a, b);
+}
+function findMatchingStep(eventText, event, steps) {
+  const pendingOrActive = steps.filter((s) => s.status === "pending" || s.status === "active");
+  if (pendingOrActive.length === 0) {
+    return { matched: null, closest: null, closestScore: 0 };
+  }
+  for (const step of pendingOrActive) {
+    if (keywordMatch(eventText, step)) {
+      if (step.tools && event.tool && !step.tools.includes(event.tool)) {
+        continue;
+      }
+      return { matched: step, closest: step, closestScore: 1 };
+    }
+  }
+  const intentText = [event.intent, event.tool ?? "", event.scope ?? ""].join(" ");
+  let bestStep = null;
+  let bestScore = 0;
+  for (const step of pendingOrActive) {
+    const stepText = [step.label, step.description ?? "", ...step.tags ?? []].join(" ");
+    const score = tokenSimilarity2(intentText, stepText);
+    if (score > bestScore) {
+      bestScore = score;
+      bestStep = step;
+    }
+  }
+  const SIMILARITY_THRESHOLD = 0.35;
+  if (bestScore >= SIMILARITY_THRESHOLD && bestStep) {
+    if (bestStep.tools && event.tool && !bestStep.tools.includes(event.tool)) {
+      return { matched: null, closest: bestStep, closestScore: bestScore };
+    }
+    return { matched: bestStep, closest: bestStep, closestScore: bestScore };
+  }
+  return { matched: null, closest: bestStep, closestScore: bestScore };
+}
+function isSequenceValid(step, plan) {
+  if (!plan.sequential) return true;
+  if (!step.requires || step.requires.length === 0) return true;
+  return step.requires.every((reqId) => {
+    const reqStep = plan.steps.find((s) => s.id === reqId);
+    return reqStep?.status === "completed";
+  });
+}
+function checkConstraints(event, eventText, constraints) {
+  const checks = [];
+  for (const constraint of constraints) {
+    if (constraint.type === "approval") {
+      if (constraint.trigger && eventText.includes(constraint.trigger.substring(0, 10).toLowerCase())) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      const keywords = constraint.description.toLowerCase().split(/\s+/).filter((w) => w.length > 3);
+      const relevant = keywords.some((kw) => eventText.includes(kw));
+      if (relevant) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      checks.push({ constraintId: constraint.id, passed: true });
+      continue;
+    }
+    if (constraint.type === "scope" && constraint.trigger) {
+      const keywords = extractKeywords(constraint.trigger);
+      const violated = keywords.length > 0 && keywords.every((kw) => eventText.includes(kw));
+      checks.push({
+        constraintId: constraint.id,
+        passed: !violated,
+        reason: violated ? constraint.description : void 0
+      });
+      if (violated) {
+        return { violated: constraint, checks };
+      }
+      continue;
+    }
+    checks.push({ constraintId: constraint.id, passed: true });
+  }
+  return { violated: null, checks };
+}
+function getPlanProgress(plan) {
+  const completed = plan.steps.filter((s) => s.status === "completed").length;
+  const total = plan.steps.length;
+  return {
+    completed,
+    total,
+    percentage: total > 0 ? Math.round(completed / total * 100) : 0
+  };
+}
+function evaluatePlan(event, plan) {
+  const progress = getPlanProgress(plan);
+  if (plan.expires_at) {
+    const expiresAt = new Date(plan.expires_at).getTime();
+    if (Date.now() > expiresAt) {
+      return {
+        allowed: true,
+        status: "PLAN_COMPLETE",
+        reason: "Plan has expired.",
+        progress
+      };
+    }
+  }
+  if (progress.completed === progress.total) {
+    return {
+      allowed: true,
+      status: "PLAN_COMPLETE",
+      reason: "All plan steps are completed.",
+      progress
+    };
+  }
+  const eventText = normalizeEventText(event);
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  if (!matched) {
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: "Action does not match any plan step.",
+      closestStep: closest?.label,
+      similarityScore: closestScore,
+      progress
+    };
+  }
+  if (!isSequenceValid(matched, plan)) {
+    const pendingDeps = (matched.requires ?? []).filter((reqId) => plan.steps.find((s) => s.id === reqId)?.status !== "completed").join(", ");
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: `Step "${matched.label}" requires completion of: ${pendingDeps}`,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  const { violated } = checkConstraints(event, eventText, plan.constraints);
+  if (violated) {
+    return {
+      allowed: false,
+      status: "CONSTRAINT_VIOLATED",
+      reason: violated.description,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  return {
+    allowed: true,
+    status: "ON_PLAN",
+    reason: `Matches step: ${matched.label}`,
+    matchedStep: matched.id,
+    progress
+  };
+}
+function buildPlanCheck(event, plan, verdict) {
+  const eventText = normalizeEventText(event);
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  const { checks: constraintChecks } = checkConstraints(event, eventText, plan.constraints);
+  const progress = getPlanProgress(plan);
+  return {
+    planId: plan.plan_id,
+    matched: !!matched,
+    matchedStepId: matched?.id,
+    matchedStepLabel: matched?.label,
+    closestStepId: !matched ? closest?.id : void 0,
+    closestStepLabel: !matched ? closest?.label : void 0,
+    similarityScore: !matched ? closestScore : void 0,
+    sequenceValid: matched ? isSequenceValid(matched, plan) : void 0,
+    constraintsChecked: constraintChecks,
+    progress: { completed: progress.completed, total: progress.total }
+  };
+}
+
+// src/engine/guard-engine.ts
+var PROMPT_INJECTION_PATTERNS = [
+  // Instruction override
+  { pattern: /ignore\s+(previous|all|prior|above)\s+(instructions?|rules?)/i, label: "ignore-instructions" },
+  { pattern: /disregard\s+(your|the)\s+(rules|constraints)/i, label: "disregard-rules" },
+  { pattern: /new\s+instructions?:/i, label: "new-instructions" },
+  // Identity manipulation
+  { pattern: /you\s+are\s+now/i, label: "identity-override" },
+  { pattern: /new\s+persona/i, label: "new-persona" },
+  { pattern: /act\s+as\s+if/i, label: "act-as-if" },
+  { pattern: /pretend\s+(you|to\s+be|you\s+are\s+unrestricted)/i, label: "pretend-to-be" },
+  // Context reset
+  { pattern: /forget\s+(everything|all|your)/i, label: "forget-context" },
+  { pattern: /system\s*:\s*override/i, label: "system-override" },
+  // Constraint bypass
+  { pattern: /override\s+(your|the)\s+(programming|constraints)/i, label: "override-constraints" },
+  { pattern: /bypass\s+(your|the)\s+(filters|constraints|rules)/i, label: "bypass-filters" },
+  // Prompt extraction
+  { pattern: /system\s+prompt/i, label: "system-prompt-probe" },
+  { pattern: /reveal\s+your\s+(instructions?|prompt|rules)/i, label: "reveal-instructions" },
+  // Known jailbreak terms
+  { pattern: /jailbreak/i, label: "jailbreak" },
+  { pattern: /DAN\s+mode/i, label: "dan-mode" },
+  { pattern: /developer\s+mode/i, label: "developer-mode" }
+];
+var EXECUTION_CLAIM_PATTERNS = [
+  { pattern: /I have (executed|completed|performed|done|made|created|sent|deleted|modified|updated)/i, label: "claim-i-have" },
+  { pattern: /Successfully (created|deleted|modified|updated|sent|executed|performed)/i, label: "claim-successfully" },
+  { pattern: /The file has been/i, label: "claim-file-modified" },
+  { pattern: /I've made the changes/i, label: "claim-made-changes" },
+  { pattern: /I('ve| have) (sent|posted|submitted|uploaded|downloaded)/i, label: "claim-sent" },
+  { pattern: /Your (email|message|file|request) has been (sent|submitted)/i, label: "claim-your-sent" },
+  { pattern: /Transaction complete/i, label: "claim-transaction" },
+  { pattern: /Order placed/i, label: "claim-order" },
+  { pattern: /Payment processed/i, label: "claim-payment" }
+];
+var EXECUTION_INTENT_PATTERNS = [
+  { pattern: /^(execute|run|perform|do this)/i, label: "intent-execute" },
+  { pattern: /^(create|write|delete|modify) (a |the )?(file|folder|document)/i, label: "intent-file-ops" },
+  { pattern: /^(send|post|submit) (a |an |the )?(email|message|tweet|post)/i, label: "intent-send" },
+  { pattern: /^(search|look up|browse) (the )?web/i, label: "intent-web-search" },
+  { pattern: /^(make|call|invoke) (a |an )?(api|http|rest) (call|request)/i, label: "intent-api-call" },
+  { pattern: /^(buy|purchase|order|pay|transfer|send money)/i, label: "intent-financial" },
+  { pattern: /^(book|schedule|reserve)/i, label: "intent-booking" },
+  { pattern: /^(download|upload|save to|export to)/i, label: "intent-transfer" }
+];
+var SCOPE_ESCAPE_PATTERNS = [
+  { pattern: /\.\.\//, label: "parent-traversal" },
+  { pattern: /^\/(?!home|project|workspace)/i, label: "absolute-path-outside-safe" },
+  { pattern: /~\//, label: "home-directory" },
+  { pattern: /\/etc\//i, label: "system-config" },
+  { pattern: /\/usr\//i, label: "system-binaries" },
+  { pattern: /\/var\//i, label: "system-variable-data" }
+];
+var NEUTRAL_MESSAGES = {
+  "prompt-injection": "This input contains patterns that could alter agent behavior.",
+  "scope-escape": "This action would affect resources outside the declared scope.",
+  "execution-claim": "This response claims to have performed an action.",
+  "execution-intent": "This input requests execution in a thinking-only environment.",
+  "delete": "This action would remove files. Confirmation needed.",
+  "write-external": "This action would write outside the project folder.",
+  "network-mutate": "This action would send data to an external service.",
+  "credential-access": "This action would access stored credentials."
+};
+function levelRequiresConfirmation(level, actionType) {
+  if (level === "strict") return true;
+  if (level === "standard") {
+    return actionType === "delete" || actionType === "credential-access";
+  }
+  return false;
+}
+function isExternalScope(scope) {
+  const internalPatterns = [
+    /^\.?\/?src\//i,
+    /^\.?\/?lib\//i,
+    /^\.?\/?app\//i,
+    /^\.?\/?components\//i,
+    /^\.?\/?pages\//i,
+    /^\.?\/?public\//i,
+    /^\.?\/?assets\//i,
+    /^\.\//
+  ];
+  return !internalPatterns.some((p) => p.test(scope));
+}
+var MAX_INPUT_LENGTH = 1e5;
+function evaluateGuard(event, world, options = {}) {
+  const startTime = performance.now();
+  const level = options.level ?? "standard";
+  const includeTrace = options.trace ?? false;
+  if (!event.intent || typeof event.intent !== "string") {
+    return {
+      status: "BLOCK",
+      reason: "GuardEvent.intent is required and must be a string",
+      ruleId: "safety-input-validation",
+      evidence: {
+        worldId: world.world?.world_id ?? "",
+        worldName: world.world?.name ?? "",
+        worldVersion: world.world?.version ?? "",
+        evaluatedAt: Date.now(),
+        invariantsSatisfied: 0,
+        invariantsTotal: 0,
+        guardsMatched: [],
+        rulesMatched: [],
+        enforcementLevel: level
+      }
+    };
+  }
+  const inputLength = event.intent.length + (event.tool?.length ?? 0) + (event.scope?.length ?? 0) + (event.payload ? JSON.stringify(event.payload).length : 0);
+  if (inputLength > MAX_INPUT_LENGTH) {
+    return {
+      status: "BLOCK",
+      reason: `Input exceeds maximum allowed length (${MAX_INPUT_LENGTH} characters)`,
+      ruleId: "safety-input-length",
+      evidence: {
+        worldId: world.world?.world_id ?? "",
+        worldName: world.world?.name ?? "",
+        worldVersion: world.world?.version ?? "",
+        evaluatedAt: Date.now(),
+        invariantsSatisfied: 0,
+        invariantsTotal: 0,
+        guardsMatched: [],
+        rulesMatched: [],
+        enforcementLevel: level
+      }
+    };
+  }
+  const eventText = normalizeEventText(event);
+  const invariantChecks = [];
+  const safetyChecks = [];
+  let planCheckResult;
+  const roleChecks = [];
+  const guardChecks = [];
+  const kernelRuleChecks = [];
+  const levelChecks = [];
+  let decidingLayer = "default-allow";
+  let decidingId;
+  const guardsMatched = [];
+  const rulesMatched = [];
+  if (options.emergencyOverride) {
+    checkInvariantCoverage(world, invariantChecks);
+    return buildVerdict(
+      "ALLOW",
+      void 0,
+      "emergency-override",
+      "Emergency override active \u2014 all governance rules suspended. Platform constraints still apply.",
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        "session-allowlist",
+        "emergency-override",
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  checkInvariantCoverage(world, invariantChecks);
+  if (event.roleId && options.agentStates) {
+    const agentState = options.agentStates.get(event.roleId);
+    if (agentState && agentState.cooldownRemaining > 0) {
+      decidingLayer = "safety";
+      decidingId = `penalize-cooldown-${event.roleId}`;
+      const verdict = buildVerdict(
+        "PENALIZE",
+        `Agent "${event.roleId}" is frozen for ${agentState.cooldownRemaining} more round(s) due to prior penalty.`,
+        `penalize-cooldown-${event.roleId}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0
+      );
+      verdict.intentRecord = {
+        originalIntent: event.intent,
+        finalAction: "blocked (agent frozen)",
+        enforcement: "PENALIZE",
+        consequence: { type: "freeze", rounds: agentState.cooldownRemaining, description: "Agent still in cooldown from prior penalty" }
+      };
+      return verdict;
+    }
+  }
+  if (options.sessionAllowlist) {
+    const key = eventToAllowlistKey(event);
+    if (options.sessionAllowlist.has(key)) {
+      decidingLayer = "session-allowlist";
+      decidingId = `allowlist:${key}`;
+      return buildVerdict(
+        "ALLOW",
+        void 0,
+        `allowlist:${key}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+    }
+  }
+  const safetyVerdict = checkSafety(event, eventText, safetyChecks);
+  if (safetyVerdict) {
+    decidingLayer = "safety";
+    decidingId = safetyVerdict.ruleId;
+    return buildVerdict(
+      safetyVerdict.status,
+      safetyVerdict.reason,
+      safetyVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  if (options.plan) {
+    const planVerdict = evaluatePlan(event, options.plan);
+    planCheckResult = buildPlanCheck(event, options.plan, planVerdict);
+    if (!planVerdict.allowed && planVerdict.status !== "PLAN_COMPLETE") {
+      decidingLayer = "plan-enforcement";
+      decidingId = `plan-${options.plan.plan_id}`;
+      const planStatus = planVerdict.status === "CONSTRAINT_VIOLATED" ? "PAUSE" : "BLOCK";
+      let reason = planVerdict.reason ?? "Action blocked by plan.";
+      if (planVerdict.status === "OFF_PLAN" && planVerdict.closestStep) {
+        reason += ` Closest step: "${planVerdict.closestStep}" (similarity: ${(planVerdict.similarityScore ?? 0).toFixed(2)})`;
+      }
+      return buildVerdict(
+        planStatus,
+        reason,
+        `plan-${options.plan.plan_id}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+    }
+  }
+  const roleVerdict = checkRoleRules(event, eventText, world, roleChecks);
+  if (roleVerdict) {
+    decidingLayer = "role";
+    decidingId = roleVerdict.ruleId;
+    return buildVerdict(
+      roleVerdict.status,
+      roleVerdict.reason,
+      roleVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const guardVerdict = checkGuards(event, eventText, world, guardChecks, guardsMatched);
+  if (guardVerdict) {
+    if (guardVerdict.status !== "ALLOW") {
+      decidingLayer = "guard";
+      decidingId = guardVerdict.ruleId;
+      const intentRecord = {
+        originalIntent: event.intent,
+        finalAction: guardVerdict.status === "MODIFY" ? guardVerdict.modifiedTo ?? "modified" : guardVerdict.status === "PENALIZE" ? "blocked + penalized" : guardVerdict.status === "REWARD" ? event.intent : guardVerdict.status === "NEUTRAL" ? event.intent : guardVerdict.status === "BLOCK" ? "blocked" : "paused",
+        ruleApplied: guardVerdict.ruleId,
+        enforcement: guardVerdict.status,
+        modifiedTo: guardVerdict.modifiedTo,
+        consequence: guardVerdict.consequence,
+        reward: guardVerdict.reward
+      };
+      const verdict = buildVerdict(
+        guardVerdict.status,
+        guardVerdict.reason,
+        guardVerdict.ruleId,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0,
+        event.intent
+      );
+      verdict.intentRecord = intentRecord;
+      if (guardVerdict.consequence) verdict.consequence = guardVerdict.consequence;
+      if (guardVerdict.reward) verdict.reward = guardVerdict.reward;
+      return verdict;
+    }
+  }
+  const kernelVerdict = checkKernelRules(eventText, world, kernelRuleChecks, rulesMatched);
+  if (kernelVerdict) {
+    decidingLayer = "kernel-rule";
+    decidingId = kernelVerdict.ruleId;
+    return buildVerdict(
+      kernelVerdict.status,
+      kernelVerdict.reason,
+      kernelVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const levelVerdict = checkLevelConstraints(event, level, levelChecks);
+  if (levelVerdict) {
+    decidingLayer = "level-constraint";
+    decidingId = levelVerdict.ruleId;
+    return buildVerdict(
+      levelVerdict.status,
+      levelVerdict.reason,
+      levelVerdict.ruleId,
+      void 0,
+      world,
+      level,
+      invariantChecks,
+      guardsMatched,
+      rulesMatched,
+      includeTrace ? buildTrace(
+        invariantChecks,
+        safetyChecks,
+        planCheckResult,
+        roleChecks,
+        guardChecks,
+        kernelRuleChecks,
+        levelChecks,
+        decidingLayer,
+        decidingId,
+        startTime
+      ) : void 0,
+      event.intent
+    );
+  }
+  const warning = guardVerdict?.warning;
+  return buildVerdict(
+    "ALLOW",
+    void 0,
+    void 0,
+    warning,
+    world,
+    level,
+    invariantChecks,
+    guardsMatched,
+    rulesMatched,
+    includeTrace ? buildTrace(
+      invariantChecks,
+      safetyChecks,
+      planCheckResult,
+      roleChecks,
+      guardChecks,
+      kernelRuleChecks,
+      levelChecks,
+      decidingLayer,
+      decidingId,
+      startTime
+    ) : void 0,
+    event.intent
+  );
+}
+function checkInvariantCoverage(world, checks) {
+  const invariants = world.invariants ?? [];
+  const guards = world.guards?.guards ?? [];
+  for (const invariant of invariants) {
+    const coveringGuard = guards.find(
+      (g) => g.invariant_ref === invariant.id && g.immutable
+    );
+    checks.push({
+      invariantId: invariant.id,
+      label: invariant.label,
+      hasGuardCoverage: !!coveringGuard,
+      coveringGuardId: coveringGuard?.id
+    });
+  }
+}
+function checkSafety(event, eventText, checks) {
+  const textToCheck = event.intent + (event.payload ? JSON.stringify(event.payload) : "");
+  for (const { pattern, label } of PROMPT_INJECTION_PATTERNS) {
+    const triggered = pattern.test(textToCheck);
+    checks.push({
+      checkType: "prompt-injection",
+      triggered,
+      matchedPattern: triggered ? label : void 0
+    });
+    if (triggered) {
+      for (const remaining of PROMPT_INJECTION_PATTERNS.filter((p) => p.label !== label)) {
+        checks.push({
+          checkType: "prompt-injection",
+          triggered: remaining.pattern.test(textToCheck),
+          matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
+        });
+      }
+      return {
+        status: "PAUSE",
+        reason: NEUTRAL_MESSAGES["prompt-injection"],
+        ruleId: `safety-injection-${label}`
+      };
+    }
+  }
+  const scopeToCheck = event.scope ?? event.intent;
+  for (const { pattern, label } of SCOPE_ESCAPE_PATTERNS) {
+    const triggered = pattern.test(scopeToCheck);
+    checks.push({
+      checkType: "scope-escape",
+      triggered,
+      matchedPattern: triggered ? label : void 0
+    });
+    if (triggered) {
+      for (const remaining of SCOPE_ESCAPE_PATTERNS.filter((p) => p.label !== label)) {
+        checks.push({
+          checkType: "scope-escape",
+          triggered: remaining.pattern.test(scopeToCheck),
+          matchedPattern: remaining.pattern.test(scopeToCheck) ? remaining.label : void 0
+        });
+      }
+      return {
+        status: "PAUSE",
+        reason: NEUTRAL_MESSAGES["scope-escape"],
+        ruleId: `safety-scope-${label}`
+      };
+    }
+  }
+  if (event.direction === "output") {
+    for (const { pattern, label } of EXECUTION_CLAIM_PATTERNS) {
+      const triggered = pattern.test(textToCheck);
+      checks.push({
+        checkType: "execution-claim",
+        triggered,
+        matchedPattern: triggered ? label : void 0
+      });
+      if (triggered) {
+        for (const remaining of EXECUTION_CLAIM_PATTERNS.filter((p) => p.label !== label)) {
+          checks.push({
+            checkType: "execution-claim",
+            triggered: remaining.pattern.test(textToCheck),
+            matchedPattern: remaining.pattern.test(textToCheck) ? remaining.label : void 0
+          });
+        }
+        return {
+          status: "PAUSE",
+          reason: NEUTRAL_MESSAGES["execution-claim"],
+          ruleId: `safety-execution-claim-${label}`
+        };
+      }
+    }
+  }
+  if (event.direction === "input") {
+    const intentTrimmed = event.intent.trim();
+    for (const { pattern, label } of EXECUTION_INTENT_PATTERNS) {
+      const triggered = pattern.test(intentTrimmed);
+      checks.push({
+        checkType: "execution-intent",
+        triggered,
+        matchedPattern: triggered ? label : void 0
+      });
+      if (triggered) {
+        for (const remaining of EXECUTION_INTENT_PATTERNS.filter((p) => p.label !== label)) {
+          checks.push({
+            checkType: "execution-intent",
+            triggered: remaining.pattern.test(intentTrimmed),
+            matchedPattern: remaining.pattern.test(intentTrimmed) ? remaining.label : void 0
+          });
+        }
+        return {
+          status: "PAUSE",
+          reason: NEUTRAL_MESSAGES["execution-intent"],
+          ruleId: `safety-execution-intent-${label}`
+        };
+      }
+    }
+  }
+  return null;
+}
+function checkRoleRules(event, eventText, world, checks) {
+  if (!event.roleId || !world.roles) return null;
+  const role = world.roles.roles.find((r) => r.id === event.roleId);
+  if (!role) return null;
+  if (role.requiresApproval) {
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule: "All actions require approval",
+      ruleType: "requiresApproval",
+      matched: true
+    });
+    return {
+      status: "PAUSE",
+      reason: `Role "${role.name}" requires approval for all actions.`,
+      ruleId: `role-${role.id}-requires-approval`
+    };
+  }
+  for (const rule of role.cannotDo) {
+    const matched = matchesKeywords(eventText, rule);
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule,
+      ruleType: "cannotDo",
+      matched
+    });
+    if (matched) {
+      return {
+        status: "BLOCK",
+        reason: `Role "${role.name}" cannot: ${rule}`,
+        ruleId: `role-${role.id}-cannotdo`
+      };
+    }
+  }
+  for (const rule of role.canDo) {
+    checks.push({
+      roleId: role.id,
+      roleName: role.name,
+      rule,
+      ruleType: "canDo",
+      matched: matchesKeywords(eventText, rule)
+    });
+  }
+  return null;
+}
+function checkGuards(event, eventText, world, checks, guardsMatched) {
+  if (!world.guards) return null;
+  const guardsConfig = world.guards;
+  let warnResult = null;
+  const compiledPatterns = /* @__PURE__ */ new Map();
+  for (const [key, def] of Object.entries(guardsConfig.intent_vocabulary)) {
+    try {
+      compiledPatterns.set(key, new RegExp(def.pattern, "i"));
+    } catch {
+    }
+  }
+  const eventTool = (event.tool ?? "").toLowerCase();
+  for (const guard of guardsConfig.guards) {
+    if (guard.appliesTo && guard.appliesTo.length > 0) {
+      const normalizedAppliesTo = guard.appliesTo.map((t) => t.toLowerCase());
+      if (!normalizedAppliesTo.includes(eventTool)) {
+        continue;
+      }
+    }
+    const enabled = guard.immutable || guard.default_enabled !== false;
+    const matchedPatterns = [];
+    for (const patternKey of guard.intent_patterns) {
+      const regex = compiledPatterns.get(patternKey);
+      if (regex?.test(eventText)) {
+        matchedPatterns.push(patternKey);
+      }
+    }
+    const matched = matchedPatterns.length > 0 && enabled;
+    let roleGated = false;
+    if (matched && guard.required_roles && guard.required_roles.length > 0 && event.roleId && guard.required_roles.includes(event.roleId)) {
+      roleGated = true;
+    }
+    checks.push({
+      guardId: guard.id,
+      label: guard.label,
+      category: guard.category,
+      enabled,
+      matched: matched && !roleGated,
+      enforcement: guard.enforcement,
+      matchedPatterns,
+      roleGated
+    });
+    if (!matched || roleGated) continue;
+    guardsMatched.push(guard.id);
+    const actionMode = guard.player_modes?.action ?? guard.enforcement;
+    const reason = guard.redirect ? `${guard.description} \u2014 ${guard.redirect}` : guard.description;
+    if (actionMode === "block") {
+      return { status: "BLOCK", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "pause") {
+      return { status: "PAUSE", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "penalize") {
+      const consequence = guard.consequence ? { ...guard.consequence } : { type: "freeze", rounds: 1, description: `Penalized for violating: ${guard.label}` };
+      return { status: "PENALIZE", reason, ruleId: `guard-${guard.id}`, consequence };
+    }
+    if (actionMode === "reward") {
+      const reward = guard.reward ? { ...guard.reward } : { type: "boost_influence", magnitude: 0.1, description: `Rewarded for: ${guard.label}` };
+      return { status: "REWARD", reason, ruleId: `guard-${guard.id}`, reward };
+    }
+    if (actionMode === "modify") {
+      const modifiedTo = guard.modify_to ?? guard.redirect ?? "hold";
+      return { status: "MODIFY", reason: `${reason} \u2192 Modified to: ${modifiedTo}`, ruleId: `guard-${guard.id}`, modifiedTo };
+    }
+    if (actionMode === "neutral") {
+      return { status: "NEUTRAL", reason, ruleId: `guard-${guard.id}` };
+    }
+    if (actionMode === "warn" && !warnResult) {
+      warnResult = { status: "ALLOW", warning: reason, ruleId: `guard-${guard.id}` };
+    }
+  }
+  return warnResult;
+}
+function checkKernelRules(eventText, world, checks, rulesMatched) {
+  if (!world.kernel) return null;
+  const forbidden = world.kernel.input_boundaries?.forbidden_patterns ?? [];
+  const output = world.kernel.output_boundaries?.forbidden_patterns ?? [];
+  for (const rule of forbidden) {
+    let matched = false;
+    let matchMethod = "none";
+    if (rule.pattern) {
+      try {
+        matched = new RegExp(rule.pattern, "i").test(eventText);
+        matchMethod = "pattern";
+      } catch {
+      }
+    }
+    if (!matched && rule.reason) {
+      matched = matchesKeywords(eventText, rule.reason);
+      if (matched) matchMethod = "keyword";
+    }
+    checks.push({
+      ruleId: rule.id,
+      text: rule.reason,
+      category: "forbidden",
+      matched,
+      matchMethod
+    });
+    if (matched) {
+      rulesMatched.push(rule.id);
+      if (rule.action === "BLOCK") {
+        return {
+          status: "BLOCK",
+          reason: rule.reason,
+          ruleId: `kernel-${rule.id}`
+        };
+      }
+    }
+  }
+  return null;
+}
+function checkLevelConstraints(event, level, checks) {
+  if (level === "basic") return null;
+  const intent = event.intent.toLowerCase();
+  const tool = (event.tool ?? "").toLowerCase();
+  const isDelete = intent.includes("delete") || intent.includes("remove") || intent.includes("rm ") || tool === "delete";
+  const deleteTriggered = isDelete && levelRequiresConfirmation(level, "delete");
+  checks.push({
+    checkType: "delete",
+    level,
+    triggered: deleteTriggered,
+    reason: deleteTriggered ? NEUTRAL_MESSAGES["delete"] : void 0
+  });
+  if (deleteTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["delete"], ruleId: "level-delete-check" };
+  }
+  const isExternal = event.scope ? isExternalScope(event.scope) : false;
+  const externalTriggered = isExternal && levelRequiresConfirmation(level, "write-external");
+  checks.push({
+    checkType: "write-external",
+    level,
+    triggered: externalTriggered,
+    reason: externalTriggered ? NEUTRAL_MESSAGES["write-external"] : void 0
+  });
+  if (externalTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["write-external"], ruleId: "level-external-write-check" };
+  }
+  const isNetwork = tool === "http" || tool === "fetch" || tool === "request" || intent.includes("post ") || intent.includes("sending");
+  const networkTriggered = isNetwork && levelRequiresConfirmation(level, "network-mutate");
+  checks.push({
+    checkType: "network-mutate",
+    level,
+    triggered: networkTriggered,
+    reason: networkTriggered ? NEUTRAL_MESSAGES["network-mutate"] : void 0
+  });
+  if (networkTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["network-mutate"], ruleId: "level-network-mutate-check" };
+  }
+  const isCredential = intent.includes("credential") || intent.includes("password") || intent.includes("secret") || intent.includes("api key") || intent.includes("token");
+  const credentialTriggered = isCredential && levelRequiresConfirmation(level, "credential-access");
+  checks.push({
+    checkType: "credential-access",
+    level,
+    triggered: credentialTriggered,
+    reason: credentialTriggered ? NEUTRAL_MESSAGES["credential-access"] : void 0
+  });
+  if (credentialTriggered) {
+    return { status: "PAUSE", reason: NEUTRAL_MESSAGES["credential-access"], ruleId: "level-credential-check" };
+  }
+  const irreversibleTriggered = !!event.irreversible && level !== "basic";
+  checks.push({
+    checkType: "irreversible",
+    level,
+    triggered: irreversibleTriggered,
+    reason: irreversibleTriggered ? "This action is marked as irreversible." : void 0
+  });
+  if (irreversibleTriggered) {
+    return {
+      status: "PAUSE",
+      reason: "This action is marked as irreversible.",
+      ruleId: "level-irreversible-check"
+    };
+  }
+  return null;
+}
+function matchesKeywords(eventText, ruleText) {
+  return matchesAllKeywords(eventText, ruleText);
+}
+function eventToAllowlistKey(event) {
+  return `${(event.tool ?? "*").toLowerCase()}::${event.intent.toLowerCase().trim()}`;
+}
+function buildTrace(invariantChecks, safetyChecks, planCheck, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
+  const trace = {
+    invariantChecks,
+    safetyChecks,
+    roleChecks,
+    guardChecks,
+    kernelRuleChecks,
+    levelChecks,
+    precedenceResolution: {
+      decidingLayer,
+      decidingId,
+      strategy: "first-match-wins",
+      chainOrder: [
+        "invariant-coverage",
+        "session-allowlist",
+        "safety-injection",
+        "safety-scope-escape",
+        "safety-execution-claim",
+        "safety-execution-intent",
+        "plan-enforcement",
+        "role-rules",
+        "declarative-guards",
+        "kernel-rules",
+        "level-constraints",
+        "default-allow"
+      ]
+    },
+    durationMs: performance.now() - startTime
+  };
+  if (planCheck) {
+    trace.planCheck = planCheck;
+  }
+  return trace;
+}
+function buildVerdict(status, reason, ruleId, warning, world, level, invariantChecks, guardsMatched, rulesMatched, trace, eventIntent) {
+  const evidence = {
+    worldId: world.world.world_id,
+    worldName: world.world.name,
+    worldVersion: world.world.version,
+    evaluatedAt: Date.now(),
+    invariantsSatisfied: invariantChecks.filter((c) => c.hasGuardCoverage).length,
+    invariantsTotal: invariantChecks.length,
+    guardsMatched,
+    rulesMatched,
+    enforcementLevel: level
+  };
+  const verdict = {
+    status,
+    evidence
+  };
+  if (reason) verdict.reason = reason;
+  if (ruleId) verdict.ruleId = ruleId;
+  if (warning) verdict.warning = warning;
+  if (trace) verdict.trace = trace;
+  verdict.event = verdictToEvent(status, eventIntent);
+  return verdict;
+}
+function verdictToEvent(status, intent) {
+  const statusEventMap = {
+    ALLOW: "action_allowed",
+    BLOCK: "action_blocked",
+    PAUSE: "action_paused",
+    MODIFY: "action_modified",
+    PENALIZE: "action_penalized",
+    REWARD: "action_rewarded",
+    NEUTRAL: "action_neutral"
+  };
+  return {
+    type: intent || statusEventMap[status] || "unknown_action",
+    actor: "agent",
+    source: "guard",
+    timestamp: Date.now(),
+    guardStatus: status
+  };
+}
+
+// src/worlds/mentraos-intent-taxonomy.ts
+var MENTRA_INTENT_TAXONOMY = [
+  // ── Camera Domain ───────────────────────────────────────────────────────
+  {
+    intent: "camera_photo_capture",
+    description: "Capture a single photo from the glasses camera",
+    sdk_method: "session.camera.requestPhoto()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "camera_stream_start",
+    description: "Start a managed video stream (HLS) from the glasses camera",
+    sdk_method: "session.camera.startManagedStream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "camera_stream_stop",
+    description: "Stop an active camera stream",
+    sdk_method: "session.camera.stopStream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: false
+  },
+  {
+    intent: "camera_restream_start",
+    description: "Restream camera feed to an external RTMP destination (e.g., social media)",
+    sdk_method: "session.camera.startRestream()",
+    permission: "CAMERA",
+    domain: "camera",
+    supported_glasses: ["mentra_live"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Microphone Domain ──────────────────────────────────────────────────
+  {
+    intent: "microphone_transcription_start",
+    description: "Start receiving speech-to-text transcription events",
+    sdk_method: "session.events.onTranscription()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["even_realities_g1", "mentra_live"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "microphone_translation_start",
+    description: "Start receiving translation events from spoken audio",
+    sdk_method: "session.events.onTranslation()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["even_realities_g1", "mentra_live"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  {
+    intent: "microphone_phone_passthrough",
+    description: "Use phone microphone as audio input (glasses without built-in mic)",
+    sdk_method: "session.audio.startPhoneMic()",
+    permission: "MICROPHONE",
+    domain: "microphone",
+    supported_glasses: ["mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Display Domain ────────────────────────────────────────────────────
+  {
+    intent: "display_text_wall",
+    description: "Show a single text block on the glasses display",
+    sdk_method: "session.layouts.showTextWall()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_double_text_wall",
+    description: "Show two text blocks (top/bottom) on the glasses display",
+    sdk_method: "session.layouts.showDoubleTextWall()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_reference_card",
+    description: "Show a reference card layout with structured content",
+    sdk_method: "session.layouts.showReferenceCard()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_dashboard_card",
+    description: "Show a dashboard card layout",
+    sdk_method: "session.layouts.showDashboardCard()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "display_image",
+    description: "Display an image on the glasses",
+    sdk_method: "session.layouts.showImage()",
+    permission: "NONE",
+    domain: "display",
+    supported_glasses: ["even_realities_g1"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Dashboard Domain ──────────────────────────────────────────────────
+  {
+    intent: "dashboard_update_main",
+    description: "Update the persistent dashboard content (compact mode)",
+    sdk_method: "session.dashboard.content.setMain()",
+    permission: "NONE",
+    domain: "dashboard",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "dashboard_update_expanded",
+    description: "Update the expanded dashboard content (user-opened mode)",
+    sdk_method: "session.dashboard.content.setExpanded()",
+    permission: "NONE",
+    domain: "dashboard",
+    supported_glasses: ["even_realities_g1", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Location Domain ───────────────────────────────────────────────────
+  {
+    intent: "location_access",
+    description: "Access current location data from the paired phone",
+    sdk_method: "session.location.get()",
+    permission: "LOCATION",
+    domain: "location",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "location_continuous_sharing",
+    description: "Start continuous location updates to the app server",
+    sdk_method: "session.location.startContinuous()",
+    permission: "LOCATION",
+    domain: "location",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: true
+  },
+  // ── Calendar & Notifications ──────────────────────────────────────────
+  {
+    intent: "calendar_read",
+    description: "Read calendar events from the paired phone",
+    sdk_method: "session.calendar.getEvents()",
+    permission: "CALENDAR",
+    domain: "calendar",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "notifications_read",
+    description: "Read phone notifications",
+    sdk_method: "session.notifications.getRecent()",
+    permission: "READ_NOTIFICATIONS",
+    domain: "notifications",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "read",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Audio Domain ──────────────────────────────────────────────────────
+  {
+    intent: "audio_play",
+    description: "Play audio through the glasses speaker",
+    sdk_method: "session.audio.play()",
+    permission: "NONE",
+    domain: "audio",
+    supported_glasses: ["mentra_live"],
+    action_category: "write",
+    base_risk: "low",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  // ── Session Domain ────────────────────────────────────────────────────
+  {
+    intent: "session_data_export",
+    description: "Export session data to external storage or API",
+    sdk_method: "session.export()",
+    permission: "NONE",
+    domain: "session",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  // ── Tool Call Domain ──────────────────────────────────────────────────
+  {
+    intent: "tool_call_execute",
+    description: "Execute a custom tool call defined by the app via handleToolCall",
+    sdk_method: "AppServer.handleToolCall()",
+    permission: "NONE",
+    domain: "tool_call",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "other",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: false
+  },
+  // ── AI Data Flow Domain ─────────────────────────────────────────────────
+  // These intents govern what user data apps send to their AI backends.
+  // They operate at the app server layer (not the glasses hardware layer),
+  // so they work on all glasses models and require no hardware permission.
+  {
+    intent: "ai_send_transcription",
+    description: "Send user speech transcription to an external AI API for processing",
+    sdk_method: "app_server.ai.sendTranscription()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_image",
+    description: "Send a camera-captured image to an external AI API for vision analysis",
+    sdk_method: "app_server.ai.sendImage()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_location",
+    description: "Send user location data to an external AI API for context-aware processing",
+    sdk_method: "app_server.ai.sendLocation()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_calendar",
+    description: "Send user calendar data to an external AI API for scheduling assistance",
+    sdk_method: "app_server.ai.sendCalendar()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_send_notifications",
+    description: "Send user notification data to an external AI API for summarization or triage",
+    sdk_method: "app_server.ai.sendNotifications()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "medium",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  // ── AI Action Domain ──────────────────────────────────────────────────
+  // These intents govern actions AI takes on behalf of the user.
+  // Every action here must be shown on the glasses display before execution.
+  {
+    intent: "ai_auto_respond_message",
+    description: "AI generates and sends a message (email, SMS, chat) on the user's behalf",
+    sdk_method: "app_server.ai.sendMessage()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_auto_purchase",
+    description: "AI initiates a financial transaction (purchase, subscription, tip) on the user's behalf",
+    sdk_method: "app_server.ai.purchase()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_auto_schedule",
+    description: "AI creates, modifies, or cancels a calendar event on the user's behalf",
+    sdk_method: "app_server.ai.schedule()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "ai_auto_setting_change",
+    description: "AI changes a user setting or app configuration on the user's behalf",
+    sdk_method: "app_server.ai.changeSetting()",
+    permission: "NONE",
+    domain: "ai_action",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "medium",
+    exfiltration_risk: false,
+    reversible: true
+  },
+  {
+    intent: "ai_retain_session_data",
+    description: "AI or app retains user session data (transcriptions, images, conversation) beyond session end",
+    sdk_method: "app_server.ai.retainData()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "write",
+    base_risk: "high",
+    exfiltration_risk: true,
+    reversible: false
+  },
+  {
+    intent: "ai_share_with_third_party",
+    description: "AI or app shares user data with a third-party service beyond the declared AI provider",
+    sdk_method: "app_server.ai.shareExternal()",
+    permission: "NONE",
+    domain: "ai_data",
+    supported_glasses: ["even_realities_g1", "mentra_live", "mentra_mach1", "vuzix_z100"],
+    action_category: "network",
+    base_risk: "critical",
+    exfiltration_risk: true,
+    reversible: false
+  }
+];
+var MENTRA_KNOWN_INTENTS = MENTRA_INTENT_TAXONOMY.map((d) => d.intent);
+var MENTRA_INTENT_MAP = new Map(MENTRA_INTENT_TAXONOMY.map((d) => [d.intent, d]));
+
+// src/admin/simulator.ts
+function zonePolicyToVerdict(policy) {
+  switch (policy) {
+    case "allow":
+      return "allow";
+    case "block":
+      return "block";
+    case "confirm_each":
+      return "pause";
+  }
+}
+function intentMatchesPattern(intent, pattern) {
+  if (pattern.endsWith("*")) {
+    return intent.startsWith(pattern.slice(0, -1));
+  }
+  return intent === pattern;
+}
+function evaluateIntentAgainstZone(intentDef, zone) {
+  const rules = zone.rules;
+  const domain = intentDef.domain;
+  for (const custom of rules.customRules) {
+    if (intentMatchesPattern(intentDef.intent, custom.intentPattern)) {
+      return custom.action === "confirm" ? "pause" : custom.action;
+    }
+  }
+  if (domain === "camera") return zonePolicyToVerdict(rules.camera);
+  if (domain === "microphone") return zonePolicyToVerdict(rules.microphone);
+  if (domain === "ai_data" || domain === "ai_action") {
+    if (intentDef.intent.includes("auto_purchase") || intentDef.intent.includes("auto_respond")) {
+      return zonePolicyToVerdict(rules.aiActions);
+    }
+    if (intentDef.intent.includes("retain") || intentDef.intent.includes("share")) {
+      return zonePolicyToVerdict(rules.dataRetention);
+    }
+    return zonePolicyToVerdict(rules.aiDataSend);
+  }
+  if (domain === "location") return zonePolicyToVerdict(rules.locationSharing);
+  return "allow";
+}
+function evaluateIntentAgainstRole(intentDef, role) {
+  const def = role.definition;
+  for (const pattern of def.cannotDo) {
+    if (intentDef.intent.includes(pattern) || intentDef.description.toLowerCase().includes(pattern.toLowerCase()) || intentDef.domain === pattern) {
+      return "block";
+    }
+  }
+  if (def.requiresApproval) {
+    return "pause";
+  }
+  if (def.canDo.length > 0) {
+    const allowed = def.canDo.some(
+      (pattern) => intentDef.intent.includes(pattern) || intentDef.description.toLowerCase().includes(pattern.toLowerCase()) || intentDef.domain === pattern
+    );
+    if (!allowed) return "block";
+  }
+  return "allow";
+}
+function mergeVerdicts(...verdicts) {
+  if (verdicts.includes("block")) return "block";
+  if (verdicts.includes("pause")) return "pause";
+  if (verdicts.includes("modify")) return "modify";
+  return "allow";
+}
+function simulatePolicy(request, currentRoles, currentZones, platformWorld) {
+  const intentsToTest = request.intents ? MENTRA_INTENT_TAXONOMY.filter((i) => request.intents.includes(i.intent)) : MENTRA_INTENT_TAXONOMY;
+  const verdicts = [];
+  const conflicts = [];
+  for (const intentDef of intentsToTest) {
+    let currentVerdict;
+    if (request.type !== "full_matrix") {
+      const currentVerdictParts = [];
+      if (request.targetZoneId) {
+        const currentZone = currentZones.find((z) => z.id === request.targetZoneId);
+        if (currentZone) {
+          currentVerdictParts.push(evaluateIntentAgainstZone(intentDef, currentZone));
+        }
+      }
+      if (request.targetRoleId) {
+        const currentRole = currentRoles.find((r) => r.id === request.targetRoleId);
+        if (currentRole) {
+          currentVerdictParts.push(evaluateIntentAgainstRole(intentDef, currentRole));
+        }
+      }
+      currentVerdict = currentVerdictParts.length > 0 ? mergeVerdicts(...currentVerdictParts) : "allow";
+    }
+    const proposedParts = [];
+    if (request.proposed?.zone) {
+      proposedParts.push(evaluateIntentAgainstZone(intentDef, request.proposed.zone));
+    } else if (request.targetZoneId) {
+      const existingZone = currentZones.find((z) => z.id === request.targetZoneId);
+      if (existingZone) {
+        proposedParts.push(evaluateIntentAgainstZone(intentDef, existingZone));
+      }
+    }
+    if (request.proposed?.role) {
+      proposedParts.push(evaluateIntentAgainstRole(intentDef, request.proposed.role));
+    } else if (request.targetRoleId) {
+      const existingRole = currentRoles.find((r) => r.id === request.targetRoleId);
+      if (existingRole) {
+        proposedParts.push(evaluateIntentAgainstRole(intentDef, existingRole));
+      }
+    }
+    if (request.type === "full_matrix") {
+      for (const zone of currentZones) {
+        proposedParts.push(evaluateIntentAgainstZone(intentDef, zone));
+      }
+      for (const role of currentRoles) {
+        proposedParts.push(evaluateIntentAgainstRole(intentDef, role));
+      }
+    }
+    if (platformWorld) {
+      try {
+        const event = {
+          intent: intentDef.intent,
+          scope: intentDef.domain,
+          actionCategory: intentDef.action_category
+        };
+        const guardResult = evaluateGuard(event, platformWorld, {});
+        if (guardResult.status !== "ALLOW") {
+          proposedParts.push(
+            guardResult.status === "BLOCK" ? "block" : guardResult.status === "PAUSE" ? "pause" : guardResult.status === "MODIFY" ? "modify" : "allow"
+          );
+        }
+      } catch {
+      }
+    }
+    const proposedVerdict = proposedParts.length > 0 ? mergeVerdicts(...proposedParts) : "allow";
+    const changed = currentVerdict !== void 0 && currentVerdict !== proposedVerdict;
+    verdicts.push({
+      intent: intentDef.intent,
+      description: intentDef.description,
+      currentVerdict,
+      proposedVerdict,
+      changed,
+      reason: buildReason(intentDef, proposedVerdict, request)
+    });
+    if (changed && currentVerdict === "allow" && proposedVerdict === "block") {
+      conflicts.push({
+        description: `"${intentDef.description}" was allowed but would now be blocked`,
+        severity: intentDef.base_risk === "low" ? "warning" : "error",
+        intent: intentDef.intent,
+        suggestion: `Verify that blocking ${intentDef.intent} won't break apps that depend on it`
+      });
+    }
+  }
+  const summary = {
+    total: verdicts.length,
+    allowed: verdicts.filter((v) => v.proposedVerdict === "allow").length,
+    blocked: verdicts.filter((v) => v.proposedVerdict === "block").length,
+    paused: verdicts.filter((v) => v.proposedVerdict === "pause").length,
+    modified: verdicts.filter((v) => v.proposedVerdict === "modify").length
+  };
+  const diff = request.type !== "full_matrix" ? verdicts.filter((v) => v.changed).map((v) => ({
+    intent: v.intent,
+    from: v.currentVerdict,
+    to: v.proposedVerdict,
+    explanation: `${v.description}: ${v.currentVerdict} \u2192 ${v.proposedVerdict}`
+  })) : void 0;
+  return {
+    request,
+    timestamp: Date.now(),
+    verdicts,
+    summary,
+    conflicts,
+    diff
+  };
+}
+function simulateFullMatrix(roles, zones, platformWorld) {
+  const matrix = /* @__PURE__ */ new Map();
+  for (const role of roles) {
+    const roleResults = /* @__PURE__ */ new Map();
+    for (const zone of zones) {
+      const result = simulatePolicy(
+        {
+          type: "full_matrix",
+          proposed: { role, zone }
+        },
+        [],
+        [],
+        platformWorld
+      );
+      roleResults.set(zone.id, result.verdicts);
+    }
+    matrix.set(role.id, roleResults);
+  }
+  return matrix;
+}
+function buildReason(intentDef, verdict, request) {
+  if (verdict === "block") {
+    if (request.proposed?.zone) {
+      return `Blocked by zone "${request.proposed.zone.name}" policy`;
+    }
+    if (request.proposed?.role) {
+      return `Blocked by role "${request.proposed.role.name}" restrictions`;
+    }
+    return "Blocked by combined policy";
+  }
+  if (verdict === "pause") {
+    return "Requires user confirmation before proceeding";
+  }
+  if (verdict === "modify") {
+    return "Allowed with modifications";
+  }
+  return "Allowed by current policy";
+}
+
+// src/admin/manager.ts
+var AUTHORITY_RANK = {
+  viewer: 0,
+  operator: 1,
+  supervisor: 2,
+  manager: 3,
+  admin: 4
+};
+function hasAuthority(actorLevel, requiredLevel) {
+  return AUTHORITY_RANK[actorLevel] >= AUTHORITY_RANK[requiredLevel];
+}
+var GovernanceAdmin = class {
+  storage;
+  platformWorld;
+  constructor(storage, platformWorld) {
+    this.storage = storage;
+    this.platformWorld = platformWorld;
+  }
+  // ── Authority Check ───────────────────────────────────────────────────
+  async getActorAuthority(actorRoleId) {
+    const chain = await this.storage.getAuthorityChain();
+    const grant = chain.grants.find((g) => g.roleId === actorRoleId);
+    return grant?.authorityLevel ?? "viewer";
+  }
+  async checkAuthority(actorRoleId, requiredLevel, locationId) {
+    const chain = await this.storage.getAuthorityChain();
+    const grant = chain.grants.find((g) => g.roleId === actorRoleId);
+    if (!grant || !hasAuthority(grant.authorityLevel, requiredLevel)) {
+      throw new GovernanceAdminError(
+        `Insufficient authority. Requires ${requiredLevel}, role "${actorRoleId}" has ${grant?.authorityLevel ?? "viewer"}`,
+        "INSUFFICIENT_AUTHORITY"
+      );
+    }
+    if (locationId && grant.locationScope && grant.locationScope.length > 0) {
+      if (!grant.locationScope.includes(locationId)) {
+        throw new GovernanceAdminError(
+          `Role "${actorRoleId}" does not have authority over location "${locationId}"`,
+          "LOCATION_SCOPE_DENIED"
+        );
+      }
+    }
+  }
+  async audit(action, actorId, actorRole, targetType, targetId, summary, changes) {
+    await this.storage.appendAudit({
+      id: `audit_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+      action,
+      actorId,
+      actorRole,
+      timestamp: Date.now(),
+      targetType,
+      targetId,
+      changes,
+      summary
+    });
+  }
+  // ── Roles ─────────────────────────────────────────────────────────────
+  async createRole(role, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "manager");
+    const existing = await this.storage.getRole(role.id);
+    if (existing) {
+      throw new GovernanceAdminError(
+        `Role "${role.id}" already exists`,
+        "ROLE_EXISTS"
+      );
+    }
+    const now = Date.now();
+    const newRole = {
+      ...role,
+      createdBy: actorId,
+      createdAt: now,
+      updatedAt: now,
+      active: true
+    };
+    await this.storage.saveRole(newRole);
+    await this.audit(
+      "role_created",
+      actorId,
+      actorRoleId,
+      "role",
+      role.id,
+      `Created role "${role.name}"`,
+      { after: newRole }
+    );
+    return newRole;
+  }
+  async updateRole(roleId, updates, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "manager");
+    const existing = await this.storage.getRole(roleId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Role "${roleId}" not found`, "ROLE_NOT_FOUND");
+    }
+    const updated = {
+      ...existing,
+      ...updates,
+      id: roleId,
+      // prevent ID mutation
+      updatedAt: Date.now()
+    };
+    await this.storage.saveRole(updated);
+    await this.audit(
+      "role_updated",
+      actorId,
+      actorRoleId,
+      "role",
+      roleId,
+      `Updated role "${roleId}"`,
+      {
+        before: existing,
+        after: updated
+      }
+    );
+    return updated;
+  }
+  async deleteRole(roleId, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "admin");
+    const existing = await this.storage.getRole(roleId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Role "${roleId}" not found`, "ROLE_NOT_FOUND");
+    }
+    const assignments = await this.storage.getAssignmentsByRole(roleId);
+    if (assignments.length > 0) {
+      throw new GovernanceAdminError(
+        `Cannot delete role "${roleId}" \u2014 ${assignments.length} device(s) still assigned. Unassign them first.`,
+        "ROLE_IN_USE"
+      );
+    }
+    await this.storage.deleteRole(roleId);
+    await this.audit(
+      "role_deleted",
+      actorId,
+      actorRoleId,
+      "role",
+      roleId,
+      `Deleted role "${existing.name}"`,
+      { before: existing }
+    );
+  }
+  async listRoles() {
+    return this.storage.getRoles();
+  }
+  async getRole(roleId) {
+    return this.storage.getRole(roleId);
+  }
+  // ── Assignments ───────────────────────────────────────────────────────
+  async assignRole(assignment, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "operator");
+    const role = await this.storage.getRole(assignment.roleId);
+    if (!role) {
+      throw new GovernanceAdminError(
+        `Role "${assignment.roleId}" not found`,
+        "ROLE_NOT_FOUND"
+      );
+    }
+    const full = {
+      ...assignment,
+      id: `assign_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+      assignedAt: Date.now()
+    };
+    await this.storage.saveAssignment(full);
+    await this.audit(
+      "role_assigned",
+      actorId,
+      actorRoleId,
+      "assignment",
+      full.id,
+      `Assigned role "${assignment.roleId}" to device "${assignment.deviceId}"` + (assignment.employeeName ? ` (${assignment.employeeName})` : "")
+    );
+    return full;
+  }
+  async unassignRole(assignmentId, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "operator");
+    await this.storage.deleteAssignment(assignmentId);
+    await this.audit(
+      "role_unassigned",
+      actorId,
+      actorRoleId,
+      "assignment",
+      assignmentId,
+      `Removed role assignment "${assignmentId}"`
+    );
+  }
+  async getDeviceRole(deviceId) {
+    const assignments = await this.storage.getAssignmentsByDevice(deviceId);
+    const now = Date.now();
+    const active = assignments.filter(
+      (a) => !a.expiresAt || a.expiresAt > now
+    );
+    return active.sort((a, b) => b.assignedAt - a.assignedAt)[0] ?? null;
+  }
+  async listAssignments() {
+    return this.storage.getAssignments();
+  }
+  // ── Zones ─────────────────────────────────────────────────────────────
+  async createZone(zone, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "manager", zone.locationId);
+    const existing = await this.storage.getZone(zone.id);
+    if (existing) {
+      throw new GovernanceAdminError(
+        `Zone "${zone.id}" already exists`,
+        "ZONE_EXISTS"
+      );
+    }
+    const now = Date.now();
+    const newZone = {
+      ...zone,
+      createdBy: actorId,
+      createdAt: now,
+      updatedAt: now,
+      active: true
+    };
+    await this.storage.saveZone(newZone);
+    await this.audit(
+      "zone_created",
+      actorId,
+      actorRoleId,
+      "zone",
+      zone.id,
+      `Created zone "${zone.name}" at location "${zone.locationId}"`,
+      { after: newZone }
+    );
+    return newZone;
+  }
+  async updateZone(zoneId, updates, actorId, actorRoleId) {
+    const existing = await this.storage.getZone(zoneId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Zone "${zoneId}" not found`, "ZONE_NOT_FOUND");
+    }
+    await this.checkAuthority(actorRoleId, "manager", existing.locationId);
+    const updated = {
+      ...existing,
+      ...updates,
+      id: zoneId,
+      updatedAt: Date.now()
+    };
+    await this.storage.saveZone(updated);
+    await this.audit(
+      "zone_updated",
+      actorId,
+      actorRoleId,
+      "zone",
+      zoneId,
+      `Updated zone "${zoneId}"`,
+      {
+        before: existing,
+        after: updated
+      }
+    );
+    return updated;
+  }
+  async deleteZone(zoneId, actorId, actorRoleId) {
+    const existing = await this.storage.getZone(zoneId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Zone "${zoneId}" not found`, "ZONE_NOT_FOUND");
+    }
+    await this.checkAuthority(actorRoleId, "admin", existing.locationId);
+    await this.storage.deleteZone(zoneId);
+    await this.audit(
+      "zone_deleted",
+      actorId,
+      actorRoleId,
+      "zone",
+      zoneId,
+      `Deleted zone "${existing.name}"`,
+      { before: existing }
+    );
+  }
+  async listZones(locationId) {
+    if (locationId) {
+      return this.storage.getZonesByLocation(locationId);
+    }
+    return this.storage.getZones();
+  }
+  async getZone(zoneId) {
+    return this.storage.getZone(zoneId);
+  }
+  // ── Authority ─────────────────────────────────────────────────────────
+  async updateAuthority(chain, actorId, actorRoleId) {
+    await this.checkAuthority(actorRoleId, "admin");
+    const previous = await this.storage.getAuthorityChain();
+    const enforced = {
+      ...chain,
+      emergencyOverrideAlwaysAllowed: true
+    };
+    await this.storage.saveAuthorityChain(enforced);
+    await this.audit(
+      "authority_updated",
+      actorId,
+      actorRoleId,
+      "authority",
+      "chain",
+      "Updated authority chain",
+      {
+        before: previous,
+        after: enforced
+      }
+    );
+    return enforced;
+  }
+  async getAuthority() {
+    return this.storage.getAuthorityChain();
+  }
+  // ── Simulation ────────────────────────────────────────────────────────
+  async simulate(request, actorId, actorRoleId) {
+    const roles = await this.storage.getRoles();
+    const zones = await this.storage.getZones();
+    const result = simulatePolicy(
+      request,
+      roles,
+      zones,
+      this.platformWorld
+    );
+    await this.audit(
+      "simulation_run",
+      actorId,
+      actorRoleId,
+      "simulation",
+      request.type,
+      `Ran ${request.type} simulation: ${result.summary.total} intents evaluated, ${result.summary.blocked} blocked, ${result.conflicts.length} conflicts`
+    );
+    return result;
+  }
+  async simulateMatrix(actorId, actorRoleId) {
+    const roles = await this.storage.getRoles();
+    const zones = await this.storage.getZones();
+    const result = simulateFullMatrix(roles, zones, this.platformWorld);
+    await this.audit(
+      "simulation_run",
+      actorId,
+      actorRoleId,
+      "simulation",
+      "full_matrix",
+      `Ran full matrix simulation: ${roles.length} roles \xD7 ${zones.length} zones`
+    );
+    return result;
+  }
+  /**
+   * Simulate a proposed role change and return only what would break.
+   * The "measure twice" before deploying.
+   */
+  async simulateRoleChange(roleId, proposedDefinitionUpdates, actorId, actorRoleId) {
+    const existing = await this.storage.getRole(roleId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Role "${roleId}" not found`, "ROLE_NOT_FOUND");
+    }
+    const proposedRole = {
+      ...existing,
+      definition: { ...existing.definition, ...proposedDefinitionUpdates }
+    };
+    return this.simulate(
+      {
+        type: "role_change",
+        proposed: { role: proposedRole },
+        targetRoleId: roleId
+      },
+      actorId,
+      actorRoleId
+    );
+  }
+  /**
+   * Simulate a proposed zone rule change and return impact.
+   */
+  async simulateZoneChange(zoneId, proposedRuleUpdates, targetRoleId, actorId, actorRoleId) {
+    const existing = await this.storage.getZone(zoneId);
+    if (!existing) {
+      throw new GovernanceAdminError(`Zone "${zoneId}" not found`, "ZONE_NOT_FOUND");
+    }
+    const proposedZone = {
+      ...existing,
+      rules: {
+        ...existing.rules,
+        ...proposedRuleUpdates,
+        customRules: proposedRuleUpdates.customRules ?? existing.rules.customRules
+      }
+    };
+    return this.simulate(
+      {
+        type: "zone_change",
+        proposed: { zone: proposedZone },
+        targetRoleId,
+        targetZoneId: zoneId
+      },
+      actorId,
+      actorRoleId
+    );
+  }
+  // ── Audit Log ─────────────────────────────────────────────────────────
+  async getAuditLog(options) {
+    return this.storage.getAuditLog(options);
+  }
+};
+var GovernanceAdminError = class extends Error {
+  code;
+  constructor(message, code) {
+    super(message);
+    this.name = "GovernanceAdminError";
+    this.code = code;
+  }
+};
+
+// src/admin/storage.ts
+var InMemoryStorage = class {
+  roles = /* @__PURE__ */ new Map();
+  assignments = /* @__PURE__ */ new Map();
+  zones = /* @__PURE__ */ new Map();
+  authority = {
+    grants: [],
+    emergencyOverrideAlwaysAllowed: true
+  };
+  audit = [];
+  // ── Roles ───────────────────────────────────────────────────────────────
+  async getRoles() {
+    return Array.from(this.roles.values());
+  }
+  async getRole(id) {
+    return this.roles.get(id) ?? null;
+  }
+  async saveRole(role) {
+    this.roles.set(role.id, role);
+  }
+  async deleteRole(id) {
+    this.roles.delete(id);
+  }
+  // ── Assignments ─────────────────────────────────────────────────────────
+  async getAssignments() {
+    return Array.from(this.assignments.values());
+  }
+  async getAssignmentsByDevice(deviceId) {
+    return Array.from(this.assignments.values()).filter(
+      (a) => a.deviceId === deviceId
+    );
+  }
+  async getAssignmentsByRole(roleId) {
+    return Array.from(this.assignments.values()).filter(
+      (a) => a.roleId === roleId
+    );
+  }
+  async saveAssignment(assignment) {
+    this.assignments.set(assignment.id, assignment);
+  }
+  async deleteAssignment(id) {
+    this.assignments.delete(id);
+  }
+  // ── Zones ───────────────────────────────────────────────────────────────
+  async getZones() {
+    return Array.from(this.zones.values());
+  }
+  async getZone(id) {
+    return this.zones.get(id) ?? null;
+  }
+  async getZonesByLocation(locationId) {
+    return Array.from(this.zones.values()).filter(
+      (z) => z.locationId === locationId
+    );
+  }
+  async saveZone(zone) {
+    this.zones.set(zone.id, zone);
+  }
+  async deleteZone(id) {
+    this.zones.delete(id);
+  }
+  // ── Authority ───────────────────────────────────────────────────────────
+  async getAuthorityChain() {
+    return this.authority;
+  }
+  async saveAuthorityChain(chain) {
+    this.authority = chain;
+  }
+  // ── Audit ───────────────────────────────────────────────────────────────
+  async getAuditLog(options) {
+    let entries = this.audit;
+    if (options?.action) {
+      entries = entries.filter((e) => e.action === options.action);
+    }
+    const offset = options?.offset ?? 0;
+    const limit = options?.limit ?? 100;
+    return entries.slice(offset, offset + limit);
+  }
+  async appendAudit(entry) {
+    this.audit.push(entry);
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  GovernanceAdmin,
+  GovernanceAdminError,
+  InMemoryStorage,
+  simulateFullMatrix,
+  simulatePolicy
+});