@neus/sdk 1.1.7 → 1.2.0

package/cjs/index.cjs

@@ -430,9 +430,9 @@ function deriveDid(address, chainIdOrChain) {
 async function resolveDID(params, options = {}) {
   const endpointPath = options.endpoint || "/api/v1/profile/did/resolve";
   const apiUrl = typeof options.apiUrl === "string" ? options.apiUrl.trim() : "";
-  const resolveEndpoint = (path) => {
-    if (!path || typeof path !== "string") return null;
-    const trimmedPath = path.trim();
+  const resolveEndpoint = (path2) => {
+    if (!path2 || typeof path2 !== "string") return null;
+    const trimmedPath = path2.trim();
     if (!trimmedPath) return null;
     if (/^https?:\/\//i.test(trimmedPath)) return trimmedPath;
     if (trimmedPath.startsWith("/")) {
@@ -491,9 +491,9 @@ async function resolveDID(params, options = {}) {
 async function standardizeVerificationRequest(params, options = {}) {
   const endpointPath = options.endpoint || "/api/v1/verification/standardize";
   const apiUrl = typeof options.apiUrl === "string" ? options.apiUrl.trim() : "";
-  const resolveEndpoint = (path) => {
-    if (!path || typeof path !== "string") return null;
-    const trimmedPath = path.trim();
+  const resolveEndpoint = (path2) => {
+    if (!path2 || typeof path2 !== "string") return null;
+    const trimmedPath = path2.trim();
     if (!trimmedPath) return null;
     if (/^https?:\/\//i.test(trimmedPath)) return trimmedPath;
     if (trimmedPath.startsWith("/")) {
@@ -2999,18 +2999,55 @@ __export(index_exports, {
   GATE_TOKEN_HOLDER: () => GATE_TOKEN_HOLDER,
   GATE_WALLET_RISK: () => GATE_WALLET_RISK,
   HOUR: () => HOUR,
+  IDE_HOST_BRAND_LOGOS: () => IDE_HOST_BRAND_LOGOS,
+  IDE_HOST_LABELS: () => IDE_HOST_LABELS,
+  MCP_INSTALL_CLIENTS: () => MCP_INSTALL_CLIENTS,
+  MCP_INSTALL_HOSTS: () => MCP_INSTALL_HOSTS,
   MONTH: () => MONTH,
+  MOUNT_MANIFEST_RELATIVE: () => MOUNT_MANIFEST_RELATIVE,
+  NEUS_AUTH_CLI: () => NEUS_AUTH_CLI,
+  NEUS_AUTH_NPX: () => NEUS_AUTH_NPX,
+  NEUS_CHECK_CLI: () => NEUS_CHECK_CLI,
+  NEUS_CHECK_NPX: () => NEUS_CHECK_NPX,
   NEUS_CONSTANTS: () => NEUS_CONSTANTS,
+  NEUS_DOCTOR_CLI: () => NEUS_DOCTOR_CLI,
+  NEUS_DOCTOR_NPX: () => NEUS_DOCTOR_NPX,
+  NEUS_EXAMPLES_CLI: () => NEUS_EXAMPLES_CLI,
+  NEUS_EXAMPLES_NPX: () => NEUS_EXAMPLES_NPX,
+  NEUS_INSTALL_CLI: () => NEUS_INSTALL_CLI,
+  NEUS_MCP_SERVER_NAME: () => NEUS_MCP_SERVER_NAME,
+  NEUS_MCP_SETUP_DOCS_URL: () => NEUS_MCP_SETUP_DOCS_URL,
+  NEUS_MCP_URL: () => NEUS_MCP_URL,
+  NEUS_MOUNT_WORKFLOW: () => NEUS_MOUNT_WORKFLOW,
+  NEUS_NPX: () => NEUS_NPX,
+  NEUS_PKG: () => NEUS_PKG,
+  NEUS_QUICKSTART_INSTALLED: () => NEUS_QUICKSTART_INSTALLED,
+  NEUS_QUICKSTART_NPX: () => NEUS_QUICKSTART_NPX,
+  NEUS_SETUP_CLI: () => NEUS_SETUP_CLI,
+  NEUS_SETUP_NPX: () => NEUS_SETUP_NPX,
   NetworkError: () => NetworkError,
   NeusClient: () => NeusClient,
   PORTABLE_PROOF_SIGNER_HEADER: () => PORTABLE_PROOF_SIGNER_HEADER,
+  RUNTIME_MOUNT_SCHEMA: () => RUNTIME_MOUNT_SCHEMA,
   SDKError: () => SDKError,
   StatusPoller: () => StatusPoller,
   ValidationError: () => ValidationError,
   VerificationError: () => VerificationError,
   WEEK: () => WEEK,
   YEAR: () => YEAR,
+  applyRuntimeBundle: () => applyRuntimeBundle,
+  buildAuthCommandForClient: () => buildAuthCommandForClient,
+  buildCursorMcpInstallUrl: () => buildCursorMcpInstallUrl,
+  buildNeusMcpHttpConfig: () => buildNeusMcpHttpConfig,
+  buildRuntimeBundle: () => buildRuntimeBundle,
+  buildSetupCommandForClient: () => buildSetupCommandForClient,
+  buildSetupCommandForHost: () => buildSetupCommandForHost,
+  buildSetupNpxOneLiner: () => buildSetupNpxOneLiner,
   buildVerificationRequest: () => buildVerificationRequest,
+  buildVsCodeMcpInstallUrl: () => buildVsCodeMcpInstallUrl,
+  bundleToClaudeMd: () => bundleToClaudeMd,
+  bundleToCodexJson: () => bundleToCodexJson,
+  bundleToCursorRules: () => bundleToCursorRules,
   combineGates: () => combineGates,
   computeContentHash: () => computeContentHash,
   constructVerificationMessage: () => constructVerificationMessage,
@@ -3019,19 +3056,36 @@ __export(index_exports, {
   default: () => index_default,
   delay: () => delay,
   deriveDid: () => deriveDid,
+  evaluateMountFileHealth: () => evaluateMountFileHealth,
+  extractAgentContextFromProofs: () => extractAgentContextFromProofs,
   fetchSponsorGrant: () => fetchSponsorGrant,
   formatTimestamp: () => formatTimestamp,
   formatVerificationStatus: () => formatVerificationStatus,
   getHostedCheckoutUrl: () => getHostedCheckoutUrl,
+  isDelegationExpired: () => isDelegationExpired,
   isFailureStatus: () => isFailureStatus,
+  isRuntimeBundle: () => isRuntimeBundle,
   isSuccessStatus: () => isSuccessStatus,
   isSupportedChain: () => isSupportedChain,
   isTerminalStatus: () => isTerminalStatus,
+  neusCmd: () => neusCmd,
+  neusMountApply: () => neusMountApply,
+  neusMountApplyNpx: () => neusMountApplyNpx,
+  neusNpx: () => neusNpx,
   normalizeAddress: () => normalizeAddress,
+  normalizeWallet: () => normalizeWallet,
+  pickActiveDelegation: () => pickActiveDelegation,
+  pickIdentity: () => pickIdentity,
+  profileAgentToIdentitySeed: () => profileAgentToIdentitySeed,
+  readMountManifest: () => readMountManifest,
   resolveDID: () => resolveDID,
+  resolveEffectiveRuntime: () => resolveEffectiveRuntime,
+  resolveRuntimeBundleFromMcp: () => resolveRuntimeBundleFromMcp,
   resolveZkPassportConfig: () => resolveZkPassportConfig,
+  sanitizeAgentIdForFilename: () => sanitizeAgentIdForFilename,
   signMessage: () => signMessage,
   standardizeVerificationRequest: () => standardizeVerificationRequest,
+  supportsMcpInstallDeeplink: () => supportsMcpInstallDeeplink,
   toAgentDelegationMaxSpend: () => toAgentDelegationMaxSpend,
   toHexUtf8: () => toHexUtf8,
   validateQHash: () => validateQHash,
@@ -3040,7 +3094,8 @@ __export(index_exports, {
   validateUniversalAddress: () => validateUniversalAddress,
   validateVerifierPayload: () => validateVerifierPayload,
   validateWalletAddress: () => validateWalletAddress,
-  withRetry: () => withRetry
+  withRetry: () => withRetry,
+  writeMountManifest: () => writeMountManifest
 });
 module.exports = __toCommonJS(index_exports);
 init_client();
@@ -3087,7 +3142,687 @@ function combineGates(...gates) {
 
 // index.js
 init_sponsor();
+
+// runtime-mount.js
+var RUNTIME_MOUNT_SCHEMA = "neus.runtime-mount.v1";
+var PROOF_URL_BASE = "https://neus.network/proof/";
+function normalizeWallet(value) {
+  const wallet = String(value || "").trim().toLowerCase();
+  return /^0x[a-f0-9]{40}$/.test(wallet) ? wallet : "";
+}
+function asString(value) {
+  const trimmed = String(value ?? "").trim();
+  return trimmed.length > 0 ? trimmed : "";
+}
+function asStringArray(value) {
+  if (!Array.isArray(value)) return [];
+  return value.map((item) => String(item || "").trim()).filter(Boolean);
+}
+function capabilitiesToArray(caps) {
+  if (Array.isArray(caps)) return asStringArray(caps);
+  if (!caps || typeof caps !== "object") return [];
+  return Object.entries(caps).filter(([, enabled]) => enabled === true).map(([key]) => String(key).trim()).filter(Boolean);
+}
+function isDelegationExpired(expiresAt) {
+  if (expiresAt === null || expiresAt === void 0 || expiresAt === 0) return false;
+  const ms = Number(expiresAt);
+  return Number.isFinite(ms) && ms > 0 && ms <= Date.now();
+}
+function pickIdentity(identities, selector) {
+  const list = Array.isArray(identities) ? identities : [];
+  const qHash = asString(selector.identityQHash).toLowerCase();
+  if (qHash) {
+    return list.find((row) => asString(row.qHash).toLowerCase() === qHash) || null;
+  }
+  const agentId = asString(selector.agentId).toLowerCase();
+  const agentWallet = normalizeWallet(selector.agentWallet);
+  if (agentId) {
+    const byId = list.filter((row) => asString(row.agentId).toLowerCase() === agentId);
+    if (agentWallet) {
+      return byId.find((row) => normalizeWallet(row.agentWallet) === agentWallet) || byId[0] || null;
+    }
+    return byId[0] || null;
+  }
+  if (agentWallet) {
+    return list.find((row) => normalizeWallet(row.agentWallet) === agentWallet) || null;
+  }
+  return null;
+}
+function pickActiveDelegation(delegations, controllerWallet, agentWallet, agentId) {
+  const list = Array.isArray(delegations) ? delegations : [];
+  const controller = normalizeWallet(controllerWallet);
+  const agent = normalizeWallet(agentWallet);
+  const id = asString(agentId).toLowerCase();
+  const candidates = list.filter((row) => {
+    if (isDelegationExpired(row.expiresAt)) return false;
+    const rowAgent = normalizeWallet(row.agentWallet);
+    const rowController = normalizeWallet(row.controllerWallet);
+    if (agent && rowAgent && rowAgent !== agent) return false;
+    if (controller && rowController && rowController !== controller) return false;
+    if (id && row.agentId && asString(row.agentId).toLowerCase() !== id) return false;
+    return true;
+  });
+  return candidates[0] || null;
+}
+function resolveEffectiveRuntime(identity, delegation) {
+  const delProvider = asString(delegation?.provider);
+  const delModel = asString(delegation?.model);
+  if (delProvider || delModel) {
+    return {
+      provider: delProvider || "openai",
+      model: delModel || ""
+    };
+  }
+  const defaultRuntime = identity?.defaultRuntime && typeof identity.defaultRuntime === "object" ? identity.defaultRuntime : null;
+  const idProvider = asString(defaultRuntime?.provider);
+  const idModel = asString(defaultRuntime?.model);
+  if (idProvider || idModel) {
+    return {
+      provider: idProvider || "openai",
+      model: idModel || ""
+    };
+  }
+  return null;
+}
+function extractAgentContextFromProofs(proofs) {
+  const identities = [];
+  const delegations = [];
+  const list = Array.isArray(proofs) ? proofs : [];
+  for (const proof of list) {
+    const qHash = asString(proof?.qHash);
+    const verifiedVerifiers = Array.isArray(proof?.verifiedVerifiers) ? proof.verifiedVerifiers : [];
+    for (const vv of verifiedVerifiers) {
+      const verifierId = asString(vv?.verifierId);
+      const vvData = vv?.data && typeof vv.data === "object" ? vv.data : {};
+      if (verifierId === "agent-identity") {
+        identities.push({
+          qHash,
+          agentId: vvData.agentId || null,
+          agentWallet: vvData.agentWallet || null,
+          agentLabel: vvData.agentLabel || vvData.agentId || "Agent",
+          agentType: vvData.agentType || "agent",
+          description: vvData.description || null,
+          capabilities: capabilitiesToArray(vvData.capabilities),
+          skills: Array.isArray(vvData.skills) ? vvData.skills : [],
+          instructions: vvData.instructions || null,
+          services: Array.isArray(vvData.services) ? vvData.services : [],
+          defaultRuntime: vvData.defaultRuntime && typeof vvData.defaultRuntime === "object" ? vvData.defaultRuntime : void 0
+        });
+      }
+      if (verifierId === "agent-delegation") {
+        delegations.push({
+          qHash,
+          controllerWallet: vvData.controllerWallet || null,
+          agentWallet: vvData.agentWallet || null,
+          agentId: vvData.agentId || null,
+          scope: vvData.scope || "global",
+          allowedActions: asStringArray(vvData.allowedActions),
+          deniedActions: asStringArray(vvData.deniedActions),
+          runtimePolicy: vvData.runtimePolicy && typeof vvData.runtimePolicy === "object" ? vvData.runtimePolicy : void 0,
+          expiresAt: vvData.expiresAt ?? null,
+          isExpired: isDelegationExpired(vvData.expiresAt),
+          maxSpend: vvData.maxSpend !== null && vvData.maxSpend !== void 0 ? String(vvData.maxSpend) : void 0,
+          instructions: vvData.instructions || null,
+          skills: Array.isArray(vvData.skills) ? vvData.skills : [],
+          provider: vvData.provider || vvData.modelProvider || null,
+          model: vvData.model || null
+        });
+      }
+    }
+  }
+  return { identities, delegations };
+}
+function buildRuntimeBundle(input) {
+  const identity = input.identity || {};
+  const delegation = input.delegation || null;
+  const identityQHash = asString(input.identityQHash || identity.qHash);
+  const delegationQHash = delegation ? asString(input.delegationQHash || delegation.qHash) : null;
+  const agentId = asString(identity.agentId);
+  const agentWallet = normalizeWallet(identity.agentWallet);
+  if (!identityQHash || !agentId || !agentWallet) {
+    throw new Error("Runtime mount requires verified agent identity (agentId, agentWallet, identityQHash).");
+  }
+  const effectiveRuntime = resolveEffectiveRuntime(identity, delegation);
+  const deniedActions = delegation ? asStringArray(delegation.deniedActions) : [];
+  const allowedActions = delegation ? asStringArray(delegation.allowedActions) : void 0;
+  const requiresHumanApproval = delegation?.runtimePolicy && typeof delegation.runtimePolicy === "object" && delegation.runtimePolicy.requiresHumanApproval === true;
+  const capabilities = asStringArray(identity.capabilities);
+  const skills = Array.isArray(identity.skills) ? identity.skills : [];
+  const skillIds = skills.map(
+    (skill) => typeof skill === "string" ? skill : asString(skill?.id || skill?.label)
+  ).filter(Boolean);
+  const delegations = delegation ? [delegation] : [];
+  const activeDelegations = delegations.filter((row) => !row.isExpired).length;
+  return {
+    schema: RUNTIME_MOUNT_SCHEMA,
+    mountedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    trust: {
+      identityQHash,
+      delegationQHash: delegationQHash || null,
+      identityProofUrl: `${PROOF_URL_BASE}${identityQHash}`,
+      delegationProofUrl: delegationQHash ? `${PROOF_URL_BASE}${delegationQHash}` : null
+    },
+    identity: {
+      agentId,
+      agentWallet,
+      agentLabel: asString(identity.agentLabel) || agentId,
+      agentType: asString(identity.agentType) || "agent",
+      description: asString(identity.description) || void 0,
+      instructions: asString(identity.instructions) || void 0,
+      capabilities,
+      skills,
+      services: Array.isArray(identity.services) ? identity.services : void 0,
+      defaultRuntime: identity.defaultRuntime && typeof identity.defaultRuntime === "object" ? identity.defaultRuntime : void 0
+    },
+    delegation: delegation ? {
+      controllerWallet: normalizeWallet(delegation.controllerWallet) || asString(delegation.controllerWallet),
+      scope: asString(delegation.scope) || void 0,
+      allowedActions,
+      deniedActions,
+      runtimePolicy: delegation.runtimePolicy,
+      expiresAt: delegation.expiresAt ?? null,
+      isExpired: Boolean(delegation.isExpired),
+      maxSpend: delegation.maxSpend,
+      instructions: asString(delegation.instructions) || void 0,
+      skills: Array.isArray(delegation.skills) ? delegation.skills : void 0,
+      provider: asString(delegation.provider) || void 0,
+      model: asString(delegation.model) || void 0
+    } : null,
+    effectiveRuntime,
+    tools: Array.isArray(input.tools) ? input.tools : [],
+    secretBindings: Array.isArray(input.secretBindings) ? input.secretBindings : [],
+    memoryRefs: Array.isArray(input.memoryRefs) ? input.memoryRefs : void 0,
+    enforce: {
+      deniedActions,
+      ...allowedActions?.length ? { allowedActions } : {},
+      ...requiresHumanApproval ? { requiresHumanApproval: true } : {}
+    },
+    contextPack: {
+      identityCount: 1,
+      delegationCount: delegations.length,
+      activeDelegations,
+      capabilitiesSummary: capabilities.slice(0, 32),
+      skillsSummary: skillIds.slice(0, 32)
+    }
+  };
+}
+function profileAgentToIdentitySeed(profileAgent) {
+  return {
+    agentId: profileAgent.agentId,
+    agentWallet: profileAgent.agentWallet,
+    agentLabel: profileAgent.agentLabel || profileAgent.name,
+    agentType: profileAgent.agentType || profileAgent.typeLabel,
+    description: profileAgent.description,
+    instructions: profileAgent.instructions,
+    capabilities: capabilitiesToArray(profileAgent.capabilities),
+    skills: Array.isArray(profileAgent.skills) ? profileAgent.skills : [],
+    services: Array.isArray(profileAgent.services) ? profileAgent.services : [],
+    identityQHash: profileAgent.identityQHash || profileAgent.qHash
+  };
+}
+function isRuntimeBundle(value) {
+  return Boolean(value && typeof value === "object" && value.schema === RUNTIME_MOUNT_SCHEMA);
+}
+async function resolveRuntimeBundleFromMcp(input) {
+  const accessKey = asString(input.accessKey);
+  if (!accessKey) {
+    throw new Error("NEUS access key or authenticated MCP session is required for runtime mount.");
+  }
+  const selector = {
+    agentId: input.agentId,
+    agentWallet: input.agentWallet,
+    identityQHash: input.identityQHash
+  };
+  if (!selector.agentId && !selector.agentWallet && !selector.identityQHash) {
+    throw new Error("Provide agentId, agentWallet, or identityQHash.");
+  }
+  let sessionId = "";
+  if (input.initializeMcp) {
+    const init = await input.initializeMcp();
+    sessionId = init.sessionId || "";
+  }
+  const mountArgs = {
+    ...selector.agentId ? { agentId: selector.agentId } : {},
+    ...selector.agentWallet ? { agentWallet: selector.agentWallet } : {},
+    ...selector.identityQHash ? { identityQHash: selector.identityQHash } : {}
+  };
+  const serverMount = await input.callMcpTool({
+    name: "neus_agent_mount",
+    args: mountArgs,
+    accessKey,
+    sessionId,
+    signal: input.signal
+  });
+  if (serverMount.ok) {
+    const payload = serverMount.payload;
+    if (isRuntimeBundle(payload)) {
+      return (
+        /** @type {import('./runtime-mount.js').RuntimeBundle} */
+        payload
+      );
+    }
+    if (payload && typeof payload === "object" && isRuntimeBundle(payload.data)) {
+      return (
+        /** @type {import('./runtime-mount.js').RuntimeBundle} */
+        payload.data
+      );
+    }
+  }
+  const me = await input.callMcpTool({
+    name: "neus_me",
+    args: {},
+    accessKey,
+    sessionId,
+    signal: input.signal
+  });
+  if (!me.ok) {
+    throw new Error(me.error || "Could not load profile context. Run `neus auth` and retry.");
+  }
+  const mePayload = (
+    /** @type {Record<string, unknown>} */
+    me.payload || {}
+  );
+  if (mePayload.status === "auth_required") {
+    throw new Error("Profile authentication required. Run `neus auth` or set NEUS_ACCESS_KEY.");
+  }
+  const principal = (
+    /** @type {Record<string, unknown>} */
+    mePayload.principal || {}
+  );
+  const controllerWallet = normalizeWallet(principal.primaryAccount);
+  const profileAgents = Array.isArray(mePayload.agents) ? mePayload.agents : [];
+  let agentWallet = normalizeWallet(selector.agentWallet);
+  let agentId = asString(selector.agentId);
+  if (!agentWallet && agentId) {
+    const row = profileAgents.find(
+      (row2) => asString(row2.agentId).toLowerCase() === agentId.toLowerCase()
+    );
+    if (row) {
+      agentWallet = normalizeWallet(row.agentWallet);
+    }
+  }
+  if (!agentId && agentWallet) {
+    const row = profileAgents.find((row2) => normalizeWallet(row2.agentWallet) === agentWallet);
+    if (row) agentId = asString(row.agentId);
+  }
+  if (!agentWallet && selector.identityQHash) {
+    const idProof = await input.callMcpTool({
+      name: "neus_proofs_get",
+      args: { qHash: selector.identityQHash, verifierId: "agent-identity" },
+      accessKey,
+      sessionId,
+      signal: input.signal
+    });
+    if (idProof.ok) {
+      const data = (
+        /** @type {Record<string, unknown>} */
+        idProof.payload?.data || idProof.payload || {}
+      );
+      const proofs = Array.isArray(data.proofs) ? data.proofs : [];
+      const extracted = extractAgentContextFromProofs(proofs);
+      const identity2 = pickIdentity(extracted.identities, selector);
+      if (identity2) {
+        agentWallet = normalizeWallet(identity2.agentWallet);
+        agentId = asString(identity2.agentId);
+      }
+    }
+  }
+  if (!agentWallet) {
+    throw new Error("Could not resolve agent wallet. Check agentId or link the agent on your profile.");
+  }
+  const [identityPage, delegationPage] = await Promise.all([
+    input.callMcpTool({
+      name: "neus_proofs_get",
+      args: { identifier: agentWallet, verifierId: "agent-identity", limit: 25 },
+      accessKey,
+      sessionId,
+      signal: input.signal
+    }),
+    controllerWallet ? input.callMcpTool({
+      name: "neus_proofs_get",
+      args: { identifier: controllerWallet, verifierId: "agent-delegation", limit: 50 },
+      accessKey,
+      sessionId,
+      signal: input.signal
+    }) : Promise.resolve({ ok: false })
+  ]);
+  const identityProofs = identityPage.ok ? (
+    /** @type {unknown[]} */
+    identityPage.payload?.data?.proofs || identityPage.payload?.proofs || []
+  ) : [];
+  const delegationProofs = delegationPage.ok ? (
+    /** @type {unknown[]} */
+    delegationPage.payload?.data?.proofs || delegationPage.payload?.proofs || []
+  ) : [];
+  const idCtx = extractAgentContextFromProofs(identityProofs);
+  const delCtx = extractAgentContextFromProofs(delegationProofs);
+  let identity = pickIdentity(idCtx.identities, { ...selector, agentId, agentWallet });
+  if (!identity && profileAgents.length > 0) {
+    const row = profileAgents.find(
+      (a) => asString(a.agentId).toLowerCase() === agentId.toLowerCase() || normalizeWallet(a.agentWallet) === agentWallet
+    );
+    if (row) {
+      identity = { ...profileAgentToIdentitySeed(row), agentWallet, agentId: agentId || asString(row.agentId) };
+    }
+  }
+  if (!identity) {
+    throw new Error("Agent identity proof not found. Complete agent setup on neus.network first.");
+  }
+  const delegation = pickActiveDelegation(
+    delCtx.delegations,
+    controllerWallet,
+    agentWallet,
+    agentId || asString(identity.agentId)
+  );
+  return buildRuntimeBundle({
+    identity,
+    delegation,
+    identityQHash: asString(identity.qHash || selector.identityQHash),
+    delegationQHash: delegation ? asString(delegation.qHash) : null,
+    tools: [],
+    secretBindings: []
+  });
+}
+function evaluateMountFileHealth(manifest) {
+  if (!manifest || manifest.schema !== RUNTIME_MOUNT_SCHEMA) {
+    return {
+      mountFileValid: false,
+      missingDelegation: true,
+      delegationExpired: false,
+      needsRefresh: true,
+      reason: "missing_or_invalid"
+    };
+  }
+  const delegationQHash = asString(manifest.trust?.delegationQHash);
+  const missingDelegation = !delegationQHash;
+  const expiresAt = manifest.delegation?.expiresAt;
+  const delegationExpired = Boolean(manifest.delegation?.isExpired) || isDelegationExpired(expiresAt);
+  return {
+    mountFileValid: true,
+    missingDelegation,
+    delegationExpired,
+    needsRefresh: missingDelegation || delegationExpired,
+    reason: delegationExpired ? "delegation_expired" : missingDelegation ? "delegation_missing" : null
+  };
+}
+
+// runtime-adapters.js
+var import_node_fs = __toESM(require("node:fs"), 1);
+var import_node_path = __toESM(require("node:path"), 1);
+var MOUNT_MANIFEST_RELATIVE = import_node_path.default.join(".neus", "mount.json");
+function sanitizeAgentIdForFilename(agentId) {
+  return String(agentId || "agent").trim().toLowerCase().replace(/[^a-z0-9_-]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 64) || "agent";
+}
+function bundleToCursorRules(bundle) {
+  const id = bundle.identity.agentId;
+  const label = bundle.identity.agentLabel || id;
+  const skillsBlock = (bundle.identity.skills || []).map((skill) => {
+    if (typeof skill === "string") return `- ${skill}`;
+    const labelText = skill.label || skill.id || "skill";
+    const kind = skill.kind || "skill";
+    const provider = skill.provider ? ` / ${skill.provider}` : "";
+    return `- ${labelText} (${kind}${provider})`;
+  }).join("\n");
+  const denied = (bundle.enforce.deniedActions || []).map((action) => `- ${action}`).join("\n");
+  const capabilities = (bundle.identity.capabilities || []).map((cap) => `- ${cap}`).join("\n");
+  const services = (bundle.identity.services || []).map((svc) => `- ${svc.name}: ${svc.endpoint}${svc.version ? ` (v${svc.version})` : ""}`).join("\n");
+  return `---
+description: NEUS proof-backed agent \u2014 ${label}
+globs:
+alwaysApply: true
+---
+
+# NEUS Agent \u2014 ${label}
+
+You are **${label}** (\`${id}\`). This project mounted trust context from NEUS.
+
+## Identity
+${bundle.identity.description || bundle.identity.instructions || "Follow the agent instructions below."}
+
+## Instructions
+${bundle.identity.instructions || "Use NEUS MCP for trust checks before sensitive actions."}
+
+## Capabilities
+${capabilities || "- General purpose"}
+
+## Skills
+${skillsBlock || "- None configured"}
+
+## Services
+${services || "- None configured"}
+
+## Scoped policy
+${denied ? `Denied actions (do not perform without new approval):
+${denied}` : "- Follow delegation on file via NEUS MCP."}
+
+## Trust workflow
+1. Call \`neus_context\` once per session when NEUS MCP is available.
+2. Trust before action: \`neus_proofs_check\` then \`neus_verify_or_guide\`.
+3. Do not invent qHashes, wallets, or receipt fields.
+4. Summarize NEUS outcomes as Trust Result \u2014 never dump raw tool JSON.
+
+## Proof references
+- Identity: ${bundle.trust.identityProofUrl}
+${bundle.trust.delegationProofUrl ? `- Delegation: ${bundle.trust.delegationProofUrl}` : "- Delegation: not on file \u2014 call `neus_agent_link` before acting as this agent."}
+`;
+}
+function bundleToClaudeMd(bundle) {
+  const id = bundle.identity.agentId;
+  const label = bundle.identity.agentLabel || id;
+  return `# NEUS Agent \u2014 ${label}
+
+Mounted from NEUS Runtime Mount (\`${RUNTIME_MOUNT_SCHEMA}\`).
+
+## Identity
+- **Agent ID:** ${id}
+- **Label:** ${label}
+
+## Description
+${bundle.identity.description || "Proof-backed agent on NEUS Network."}
+
+## Instructions
+${bundle.identity.instructions || "Use NEUS MCP before sensitive actions."}
+
+## Trust receipts
+- Identity: \`${bundle.trust.identityQHash}\` \u2014 ${bundle.trust.identityProofUrl}
+${bundle.trust.delegationQHash ? `- Delegation: \`${bundle.trust.delegationQHash}\` \u2014 ${bundle.trust.delegationProofUrl}` : ""}
+
+## Policy
+- Do not invent qHashes or verifier outcomes.
+- Call \`neus_context\` once; use profile context when signed in.
+`;
+}
+function bundleToCodexJson(bundle) {
+  return JSON.stringify(
+    {
+      schema: RUNTIME_MOUNT_SCHEMA,
+      name: bundle.identity.agentLabel,
+      agentId: bundle.identity.agentId,
+      agentWallet: bundle.identity.agentWallet,
+      description: bundle.identity.description,
+      instructions: bundle.identity.instructions,
+      capabilities: bundle.identity.capabilities,
+      skills: bundle.identity.skills,
+      services: bundle.identity.services,
+      effectiveRuntime: bundle.effectiveRuntime,
+      enforce: bundle.enforce,
+      trust: bundle.trust,
+      mountedAt: bundle.mountedAt
+    },
+    null,
+    2
+  );
+}
+function readMountManifest(cwd) {
+  const manifestPath = import_node_path.default.join(cwd, MOUNT_MANIFEST_RELATIVE);
+  if (!import_node_fs.default.existsSync(manifestPath)) return null;
+  try {
+    const parsed = JSON.parse(import_node_fs.default.readFileSync(manifestPath, "utf8"));
+    return parsed?.schema === RUNTIME_MOUNT_SCHEMA ? parsed : null;
+  } catch {
+    return null;
+  }
+}
+function writeMountManifest(bundle, cwd) {
+  const dir = import_node_path.default.join(cwd, ".neus");
+  import_node_fs.default.mkdirSync(dir, { recursive: true });
+  const manifestPath = import_node_path.default.join(dir, "mount.json");
+  import_node_fs.default.writeFileSync(manifestPath, `${JSON.stringify(bundle, null, 2)}
+`, "utf8");
+  return manifestPath;
+}
+function applyRuntimeBundle(flavor, bundle, cwd, options = {}) {
+  const dryRun = Boolean(options.dryRun);
+  const safeId = sanitizeAgentIdForFilename(bundle.identity.agentId);
+  const written = [];
+  const manifestPath = dryRun ? import_node_path.default.join(cwd, MOUNT_MANIFEST_RELATIVE) : writeMountManifest(bundle, cwd);
+  written.push(manifestPath);
+  if (flavor === "cursor") {
+    const rulesDir = import_node_path.default.join(cwd, ".cursor", "rules");
+    const rulesPath = import_node_path.default.join(rulesDir, `neus-agent-${safeId}.mdc`);
+    if (!dryRun) {
+      import_node_fs.default.mkdirSync(rulesDir, { recursive: true });
+      import_node_fs.default.writeFileSync(rulesPath, bundleToCursorRules(bundle), "utf8");
+    }
+    written.push(rulesPath);
+    return { flavor, written, primary: rulesPath, manifestPath };
+  }
+  if (flavor === "claude") {
+    const claudePath = import_node_path.default.join(cwd, ".claude", "NEUS_AGENT.md");
+    if (!dryRun) {
+      import_node_fs.default.mkdirSync(import_node_path.default.join(cwd, ".claude"), { recursive: true });
+      import_node_fs.default.writeFileSync(claudePath, bundleToClaudeMd(bundle), "utf8");
+    }
+    written.push(claudePath);
+    return { flavor, written, primary: claudePath, manifestPath };
+  }
+  if (flavor === "codex") {
+    const codexPath = import_node_path.default.join(cwd, ".neus", `codex-agent-${safeId}.json`);
+    if (!dryRun) {
+      import_node_fs.default.mkdirSync(import_node_path.default.join(cwd, ".neus"), { recursive: true });
+      import_node_fs.default.writeFileSync(codexPath, bundleToCodexJson(bundle), "utf8");
+    }
+    written.push(codexPath);
+    return { flavor, written, primary: codexPath, manifestPath };
+  }
+  throw new Error(`Unsupported runtime adapter: ${flavor}`);
+}
+
+// index.js
 init_errors();
+
+// cli-commands.js
+var NEUS_PKG = "@neus/sdk";
+var NEUS_INSTALL_CLI = `npm i -g ${NEUS_PKG}`;
+var NEUS_NPX = `npx ${NEUS_PKG}`;
+var NEUS_SETUP_CLI = "neus setup";
+var NEUS_AUTH_CLI = "neus auth";
+var NEUS_CHECK_CLI = "neus check";
+var NEUS_DOCTOR_CLI = "neus doctor --live";
+var NEUS_EXAMPLES_CLI = "neus examples";
+var NEUS_SETUP_NPX = `${NEUS_NPX} setup`;
+var NEUS_AUTH_NPX = `${NEUS_NPX} auth`;
+var NEUS_CHECK_NPX = `${NEUS_NPX} check`;
+var NEUS_DOCTOR_NPX = `${NEUS_NPX} doctor --live`;
+var NEUS_EXAMPLES_NPX = `${NEUS_NPX} examples`;
+function neusMountApply(agentId, host = "cursor") {
+  const id = String(agentId || "").trim();
+  return `neus mount ${id} --apply ${host}`;
+}
+function neusMountApplyNpx(agentId, host = "cursor") {
+  const id = String(agentId || "").trim();
+  return `${NEUS_NPX} mount ${id} --apply ${host}`;
+}
+var NEUS_QUICKSTART_INSTALLED = `${NEUS_INSTALL_CLI}
+${NEUS_SETUP_CLI}
+${NEUS_AUTH_CLI}`;
+var NEUS_QUICKSTART_NPX = NEUS_SETUP_NPX;
+var NEUS_MOUNT_WORKFLOW = `${NEUS_AUTH_CLI}
+neus mount <agentId> --apply cursor
+${NEUS_DOCTOR_CLI}`;
+function neusCmd(subcommand) {
+  return `neus ${String(subcommand || "").trim()}`;
+}
+function neusNpx(subcommand) {
+  return `${NEUS_NPX} ${String(subcommand || "").trim()}`;
+}
+
+// mcp-hosts.js
+var NEUS_MCP_SERVER_NAME = "neus";
+var NEUS_MCP_URL = "https://mcp.neus.network/mcp";
+var NEUS_MCP_SETUP_DOCS_URL = "https://docs.neus.network/mcp/setup";
+var MCP_INSTALL_CLIENTS = ["claude", "codex", "cursor", "vscode"];
+var MCP_INSTALL_HOSTS = ["cursor", "claude", "codex"];
+var IDE_HOST_LABELS = {
+  cursor: "Cursor",
+  claude: "Claude Code",
+  codex: "Codex"
+};
+var IDE_HOST_BRAND_LOGOS = {
+  cursor: "/images/brandLogos/cursor.svg",
+  claude: "/images/brandLogos/anthropic.svg",
+  codex: "/images/brandLogos/openai.svg"
+};
+function buildNeusMcpHttpConfig(accessKey) {
+  const key = String(accessKey || "").trim();
+  return {
+    type: "http",
+    url: NEUS_MCP_URL,
+    ...key ? { headers: { Authorization: `Bearer ${key}` } } : {}
+  };
+}
+function encodeBase64Json(value) {
+  const json = JSON.stringify(value);
+  if (typeof globalThis.btoa === "function") {
+    return globalThis.btoa(json);
+  }
+  return Buffer.from(json, "utf8").toString("base64");
+}
+function buildCursorMcpInstallUrl(accessKey) {
+  const config = buildNeusMcpHttpConfig(accessKey);
+  const encoded = encodeBase64Json(config);
+  return `cursor://anysphere.cursor-deeplink/mcp/install?name=${encodeURIComponent(NEUS_MCP_SERVER_NAME)}&config=${encodeURIComponent(encoded)}`;
+}
+function buildVsCodeMcpInstallUrl(accessKey) {
+  const payload = {
+    name: NEUS_MCP_SERVER_NAME,
+    ...buildNeusMcpHttpConfig(accessKey)
+  };
+  return `vscode:mcp/install?${encodeURIComponent(JSON.stringify(payload))}`;
+}
+function buildAuthCommandForClient(client) {
+  if (client === "codex") {
+    return neusCmd(`auth --client codex`);
+  }
+  return NEUS_AUTH_CLI;
+}
+function buildSetupCommandForClient(client, accessKey) {
+  const key = String(accessKey || "").trim();
+  const setup = key ? neusCmd(`setup --client ${client} --access-key ${key}`) : neusCmd(`setup --client ${client}`);
+  if (key) {
+    return `${NEUS_INSTALL_CLI}
+${setup}`;
+  }
+  const auth = buildAuthCommandForClient(client);
+  return `${NEUS_INSTALL_CLI}
+${setup}
+${auth}`;
+}
+function buildSetupCommandForHost(host, accessKey) {
+  return buildSetupCommandForClient(host, accessKey);
+}
+function buildSetupNpxOneLiner(client) {
+  if (!client) return NEUS_SETUP_NPX;
+  return `${NEUS_NPX} setup --client ${client}`;
+}
+function supportsMcpInstallDeeplink(host) {
+  if (host !== "cursor") return false;
+  if (typeof navigator === "undefined") return false;
+  const ua = navigator.userAgent || "";
+  return !/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(ua);
+}
+
+// index.js
 var index_default = {
   NeusClient: () => Promise.resolve().then(() => (init_client(), client_exports)).then((m) => m.NeusClient),
   toString: () => "[neus/sdk]"
@@ -3110,18 +3845,55 @@ var index_default = {
   GATE_TOKEN_HOLDER,
   GATE_WALLET_RISK,
   HOUR,
+  IDE_HOST_BRAND_LOGOS,
+  IDE_HOST_LABELS,
+  MCP_INSTALL_CLIENTS,
+  MCP_INSTALL_HOSTS,
   MONTH,
+  MOUNT_MANIFEST_RELATIVE,
+  NEUS_AUTH_CLI,
+  NEUS_AUTH_NPX,
+  NEUS_CHECK_CLI,
+  NEUS_CHECK_NPX,
   NEUS_CONSTANTS,
+  NEUS_DOCTOR_CLI,
+  NEUS_DOCTOR_NPX,
+  NEUS_EXAMPLES_CLI,
+  NEUS_EXAMPLES_NPX,
+  NEUS_INSTALL_CLI,
+  NEUS_MCP_SERVER_NAME,
+  NEUS_MCP_SETUP_DOCS_URL,
+  NEUS_MCP_URL,
+  NEUS_MOUNT_WORKFLOW,
+  NEUS_NPX,
+  NEUS_PKG,
+  NEUS_QUICKSTART_INSTALLED,
+  NEUS_QUICKSTART_NPX,
+  NEUS_SETUP_CLI,
+  NEUS_SETUP_NPX,
   NetworkError,
   NeusClient,
   PORTABLE_PROOF_SIGNER_HEADER,
+  RUNTIME_MOUNT_SCHEMA,
   SDKError,
   StatusPoller,
   ValidationError,
   VerificationError,
   WEEK,
   YEAR,
+  applyRuntimeBundle,
+  buildAuthCommandForClient,
+  buildCursorMcpInstallUrl,
+  buildNeusMcpHttpConfig,
+  buildRuntimeBundle,
+  buildSetupCommandForClient,
+  buildSetupCommandForHost,
+  buildSetupNpxOneLiner,
   buildVerificationRequest,
+  buildVsCodeMcpInstallUrl,
+  bundleToClaudeMd,
+  bundleToCodexJson,
+  bundleToCursorRules,
   combineGates,
   computeContentHash,
   constructVerificationMessage,
@@ -3129,19 +3901,36 @@ var index_default = {
   createVerificationData,
   delay,
   deriveDid,
+  evaluateMountFileHealth,
+  extractAgentContextFromProofs,
   fetchSponsorGrant,
   formatTimestamp,
   formatVerificationStatus,
   getHostedCheckoutUrl,
+  isDelegationExpired,
   isFailureStatus,
+  isRuntimeBundle,
   isSuccessStatus,
   isSupportedChain,
   isTerminalStatus,
+  neusCmd,
+  neusMountApply,
+  neusMountApplyNpx,
+  neusNpx,
   normalizeAddress,
+  normalizeWallet,
+  pickActiveDelegation,
+  pickIdentity,
+  profileAgentToIdentitySeed,
+  readMountManifest,
   resolveDID,
+  resolveEffectiveRuntime,
+  resolveRuntimeBundleFromMcp,
   resolveZkPassportConfig,
+  sanitizeAgentIdForFilename,
   signMessage,
   standardizeVerificationRequest,
+  supportsMcpInstallDeeplink,
   toAgentDelegationMaxSpend,
   toHexUtf8,
   validateQHash,
@@ -3150,5 +3939,6 @@ var index_default = {
   validateUniversalAddress,
   validateVerifierPayload,
   validateWalletAddress,
-  withRetry
+  withRetry,
+  writeMountManifest
 });