@nimbus-dev/sdk 1.1.2

package/dist/server.js

@@ -0,0 +1,23 @@
+/**
+ * NimbusExtensionServer — base class for all Nimbus MCP extension servers
+ *
+ * Usage:
+ *   const server = new NimbusExtensionServer({ manifest, onAuth });
+ *   server.registerTool("search", { description, inputSchema, handler });
+ *   server.start();
+ */
+export class NimbusExtensionServer {
+    _options;
+    constructor(options) {
+        this._options = options;
+    }
+    registerTool(_name, _definition) {
+        // Roadmap Q3: register tool with MCP server
+    }
+    start() {
+        if (this._options.manifest.id.length === 0) {
+            throw new Error("NimbusExtensionServer: manifest.id is required");
+        }
+    }
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAeH,MAAM,OAAO,qBAAqB;IACf,QAAQ,CAAkC;IAE3D,YAAY,OAAwC;QAClD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED,YAAY,CAAS,KAAa,EAAE,WAA4C;QAC9E,4CAA4C;IAC9C,CAAC;IAED,KAAK;QACH,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;CACF"}

package/dist/testing/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * `@nimbus-dev/sdk/testing` — utilities for extension authors and the
+ * gateway's own connector tests.
+ *
+ * Exports:
+ *   - `MockGateway` — mock Gateway IPC for unit tests (Phase 4).
+ *   - `runSandboxContractTests(manifestPath)` — fork the probe binary and
+ *     verify the runtime sandbox enforces the manifest's declared
+ *     `permissions.network` + `permissions.filesystem` (Phase 5 T2 PR 1).
+ */
+export { runSandboxContractTests } from "./sandbox-contract";
+export declare class MockGateway {
+    callTool(_toolName: string, _input: Record<string, unknown>): Promise<unknown>;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/testing/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testing/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,qBAAa,WAAW;IAChB,QAAQ,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;CAGrF"}

package/dist/testing/index.js

@@ -0,0 +1,17 @@
+/**
+ * `@nimbus-dev/sdk/testing` — utilities for extension authors and the
+ * gateway's own connector tests.
+ *
+ * Exports:
+ *   - `MockGateway` — mock Gateway IPC for unit tests (Phase 4).
+ *   - `runSandboxContractTests(manifestPath)` — fork the probe binary and
+ *     verify the runtime sandbox enforces the manifest's declared
+ *     `permissions.network` + `permissions.filesystem` (Phase 5 T2 PR 1).
+ */
+export { runSandboxContractTests } from "./sandbox-contract";
+export class MockGateway {
+    async callTool(_toolName, _input) {
+        return {};
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/testing/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/testing/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,QAAQ,CAAC,SAAiB,EAAE,MAA+B;QAC/D,OAAO,EAAE,CAAC;IACZ,CAAC;CACF"}

package/dist/testing/sandbox-contract.d.ts

@@ -0,0 +1,83 @@
+/**
+ * `runSandboxContractTests` — verifies the declared sandbox permissions in a
+ * manifest match the runtime enforcement seen by a forked probe.
+ *
+ * Phase 5 T2 PR 1.
+ *
+ * Three probes run sequentially:
+ *
+ *   1. **network-listed** — for the first declared host in
+ *      `permissions.network`, a HEAD fetch must succeed (2xx–4xx).
+ *      Skipped if no hosts are declared.
+ *
+ *   2. **network-unlisted** — a fetch to `192.0.2.1` (TEST-NET-1, never
+ *      routable) must fail with ECONNREFUSED / EPERM / EHOSTUNREACH /
+ *      ENETUNREACH. Skipped on Windows because AppContainer network
+ *      filtering is host-allow + deny-by-default at a different layer — the
+ *      probe sees a generic socket failure that is indistinguishable from
+ *      the unsandboxed case. See `docs/sandbox.md#platform-asymmetry`.
+ *      Skipped on every platform if no hosts are declared (the
+ *      sandbox-runner would deny network entirely in that case, and the
+ *      probe's expectation collapses to "no network at all", which the
+ *      first probe doesn't exercise).
+ *
+ *   3. **fs-denied** — a read of a known-protected path
+ *      (`/etc/passwd` POSIX, `C:\Windows\System32\config\SAM` Windows)
+ *      must fail with EACCES / EPERM. This probe always runs.
+ *
+ * Each probe is invoked via `child_process.spawnSync(process.execPath, …)`
+ * directly. **The probe is *not* sandbox-wrapped by the SDK harness alone.**
+ * For the SDK to assert real enforcement, a wrapping helper (typically
+ * `packages/gateway/test/helpers/sandbox-harness.ts`) needs to fork
+ * `runSandboxContractTests` inside a process that is itself sandbox-wrapped,
+ * or substitute a sandboxed `execPath`.
+ *
+ * Used by:
+ *   - First-party connector contract tests via the gateway test harness.
+ *   - Third-party extension authors invoking
+ *     `import { runSandboxContractTests } from "@nimbus-dev/sdk/testing"`.
+ *
+ * When invoked **outside** a sandboxed harness on Linux/macOS, probes 2 and
+ * 3 will either succeed (return exit 2) — which the harness reports as a
+ * test failure — or fail with codes other than 10/11. Either way the harness
+ * throws. That's the third-party UX: "your contract test failed because the
+ * sandbox isn't enforcing the manifest", which is the correct signal even
+ * though the UX could be friendlier.
+ */
+export interface ProbeResult {
+    status: number;
+    stderr: string;
+    stdout: string;
+}
+/** Probe-runner shape — exposed for testability (see `__defaultRunProbe`). */
+export type ProbeRunner = (probe: string, arg: string) => ProbeResult;
+export interface RunSandboxContractTestsOptions {
+    /**
+     * Override the probe runner. Default is `__defaultRunProbe` (a
+     * `child_process.spawnSync` wrapper around the bundled probe binary).
+     * Tests inject a stub here; production callers leave this undefined.
+     */
+    runProbe?: ProbeRunner;
+    /**
+     * Override `process.platform` for testability of the Windows skip
+     * branch. Default is the live `process.platform`.
+     */
+    platform?: NodeJS.Platform;
+}
+/**
+ * Read the manifest at `manifestPath`, fork the probe binary for each
+ * declared capability + the FS-denied negative case, and throw if the
+ * observed enforcement does not match.
+ *
+ * Throws on first failure with a message that names the probe, the
+ * observed exit code, and the probe's stderr.
+ */
+export declare function runSandboxContractTests(manifestPath: string, opts?: RunSandboxContractTestsOptions): Promise<void>;
+/**
+ * Default probe runner — forks the bundled probe binary via
+ * `child_process.spawnSync`. Exported for direct use in test scaffolding
+ * that wants to assert the production wiring without re-implementing the
+ * `spawnSync` envelope.
+ */
+export declare function __defaultRunProbe(probe: string, arg: string): ProbeResult;
+//# sourceMappingURL=sandbox-contract.d.ts.map

package/dist/testing/sandbox-contract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox-contract.d.ts","sourceRoot":"","sources":["../../src/testing/sandbox-contract.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AAmBH,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,8EAA8E;AAC9E,MAAM,MAAM,WAAW,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,WAAW,CAAC;AAEtE,MAAM,WAAW,8BAA8B;IAC7C;;;;OAIG;IACH,QAAQ,CAAC,EAAE,WAAW,CAAC;IACvB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC;CAC5B;AAED;;;;;;;GAOG;AACH,wBAAsB,uBAAuB,CAC3C,YAAY,EAAE,MAAM,EACpB,IAAI,GAAE,8BAAmC,GACxC,OAAO,CAAC,IAAI,CAAC,CAuCf;AAED;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,WAAW,CASzE"}

package/dist/testing/sandbox-contract.js

@@ -0,0 +1,105 @@
+/**
+ * `runSandboxContractTests` — verifies the declared sandbox permissions in a
+ * manifest match the runtime enforcement seen by a forked probe.
+ *
+ * Phase 5 T2 PR 1.
+ *
+ * Three probes run sequentially:
+ *
+ *   1. **network-listed** — for the first declared host in
+ *      `permissions.network`, a HEAD fetch must succeed (2xx–4xx).
+ *      Skipped if no hosts are declared.
+ *
+ *   2. **network-unlisted** — a fetch to `192.0.2.1` (TEST-NET-1, never
+ *      routable) must fail with ECONNREFUSED / EPERM / EHOSTUNREACH /
+ *      ENETUNREACH. Skipped on Windows because AppContainer network
+ *      filtering is host-allow + deny-by-default at a different layer — the
+ *      probe sees a generic socket failure that is indistinguishable from
+ *      the unsandboxed case. See `docs/sandbox.md#platform-asymmetry`.
+ *      Skipped on every platform if no hosts are declared (the
+ *      sandbox-runner would deny network entirely in that case, and the
+ *      probe's expectation collapses to "no network at all", which the
+ *      first probe doesn't exercise).
+ *
+ *   3. **fs-denied** — a read of a known-protected path
+ *      (`/etc/passwd` POSIX, `C:\Windows\System32\config\SAM` Windows)
+ *      must fail with EACCES / EPERM. This probe always runs.
+ *
+ * Each probe is invoked via `child_process.spawnSync(process.execPath, …)`
+ * directly. **The probe is *not* sandbox-wrapped by the SDK harness alone.**
+ * For the SDK to assert real enforcement, a wrapping helper (typically
+ * `packages/gateway/test/helpers/sandbox-harness.ts`) needs to fork
+ * `runSandboxContractTests` inside a process that is itself sandbox-wrapped,
+ * or substitute a sandboxed `execPath`.
+ *
+ * Used by:
+ *   - First-party connector contract tests via the gateway test harness.
+ *   - Third-party extension authors invoking
+ *     `import { runSandboxContractTests } from "@nimbus-dev/sdk/testing"`.
+ *
+ * When invoked **outside** a sandboxed harness on Linux/macOS, probes 2 and
+ * 3 will either succeed (return exit 2) — which the harness reports as a
+ * test failure — or fail with codes other than 10/11. Either way the harness
+ * throws. That's the third-party UX: "your contract test failed because the
+ * sandbox isn't enforcing the manifest", which is the correct signal even
+ * though the UX could be friendlier.
+ */
+import { spawnSync } from "node:child_process";
+import { readFile } from "node:fs/promises";
+import { dirname, resolve } from "node:path";
+import { fileURLToPath } from "node:url";
+const PROBE_PATH = resolve(dirname(fileURLToPath(import.meta.url)), "sandbox-probe.ts");
+/**
+ * Read the manifest at `manifestPath`, fork the probe binary for each
+ * declared capability + the FS-denied negative case, and throw if the
+ * observed enforcement does not match.
+ *
+ * Throws on first failure with a message that names the probe, the
+ * observed exit code, and the probe's stderr.
+ */
+export async function runSandboxContractTests(manifestPath, opts = {}) {
+    const runProbe = opts.runProbe ?? __defaultRunProbe;
+    const platform = opts.platform ?? process.platform;
+    const raw = await readFile(manifestPath, "utf8");
+    const manifest = JSON.parse(raw);
+    const perms = manifest.permissions;
+    const objectForm = perms && typeof perms === "object" && !Array.isArray(perms) ? perms : null;
+    const hosts = objectForm?.network ?? [];
+    const firstHost = hosts[0];
+    if (firstHost !== undefined) {
+        const r = runProbe("network-listed", firstHost);
+        if (r.status !== 0) {
+            throw new Error(`network-listed probe failed for ${firstHost}: exit ${r.status}; stderr: ${r.stderr.trim()}`);
+        }
+    }
+    if (platform !== "win32" && hosts.length > 0) {
+        const r = runProbe("network-unlisted", "");
+        if (r.status !== 11) {
+            throw new Error(`network-unlisted probe should have failed with ECONNREFUSED/EPERM/EHOSTUNREACH/ENETUNREACH; ` +
+                `got exit ${r.status}; stderr: ${r.stderr.trim()}. ` +
+                `See docs/sandbox.md#platform-asymmetry.`);
+        }
+    }
+    const r3 = runProbe("fs-denied", "");
+    if (r3.status !== 10) {
+        throw new Error(`fs-denied probe should have returned EACCES (exit 10); got exit ${r3.status}; ` +
+            `stderr: ${r3.stderr.trim()}.`);
+    }
+}
+/**
+ * Default probe runner — forks the bundled probe binary via
+ * `child_process.spawnSync`. Exported for direct use in test scaffolding
+ * that wants to assert the production wiring without re-implementing the
+ * `spawnSync` envelope.
+ */
+export function __defaultRunProbe(probe, arg) {
+    const result = spawnSync(process.execPath, [PROBE_PATH, `--probe=${probe}`, `--arg=${arg}`], {
+        encoding: "utf8",
+    });
+    return {
+        status: result.status ?? -1,
+        stderr: result.stderr ?? "",
+        stdout: result.stdout ?? "",
+    };
+}
+//# sourceMappingURL=sandbox-contract.js.map

package/dist/testing/sandbox-contract.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox-contract.js","sourceRoot":"","sources":["../../src/testing/sandbox-contract.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC;AAmCxF;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,YAAoB,EACpB,OAAuC,EAAE;IAEzC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,iBAAiB,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;IAEnD,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAa,CAAC;IAE7C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,CAAC;IACnC,MAAM,UAAU,GAAG,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9F,MAAM,KAAK,GAAG,UAAU,EAAE,OAAO,IAAI,EAAE,CAAC;IAExC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC3B,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,QAAQ,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,mCAAmC,SAAS,UAAU,CAAC,CAAC,MAAM,aAAa,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAC7F,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,KAAK,OAAO,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,GAAG,QAAQ,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CACb,8FAA8F;gBAC5F,YAAY,CAAC,CAAC,MAAM,aAAa,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI;gBACpD,yCAAyC,CAC5C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,EAAE,GAAG,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,mEAAmE,EAAE,CAAC,MAAM,IAAI;YAC9E,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CACjC,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa,EAAE,GAAW;IAC1D,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,UAAU,EAAE,WAAW,KAAK,EAAE,EAAE,SAAS,GAAG,EAAE,CAAC,EAAE;QAC3F,QAAQ,EAAE,MAAM;KACjB,CAAC,CAAC;IACH,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC;QAC3B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;QAC3B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;KAC5B,CAAC;AACJ,CAAC"}

package/dist/testing/sandbox-probe.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Sandbox probe binary — invoked by `runSandboxContractTests`.
+ *
+ * The probe is a tiny standalone program that the contract harness forks
+ * (typically wrapped by the gateway's sandbox runner) to exercise one
+ * specific capability and report the outcome via process exit code.
+ *
+ * Exit codes:
+ *   0  — expected pass (network reach to a listed host succeeded)
+ *   2  — unexpected outcome (test fails)
+ *   10 — expected EACCES/EPERM on filesystem read (sandbox enforced)
+ *   11 — expected ECONNREFUSED/EPERM/EHOSTUNREACH/ENETUNREACH on network
+ *
+ * Invocation:
+ *   bun sandbox-probe.ts --probe=<name> --arg=<value>
+ *
+ * Probes:
+ *   network-listed   — HEAD-fetch https://<arg>/ ; succeed if 2xx-4xx
+ *   network-unlisted — fetch http://192.0.2.1 (TEST-NET-1); succeed if blocked
+ *   fs-denied        — read a known-protected path; succeed if EACCES
+ */
+export {};
+//# sourceMappingURL=sandbox-probe.d.ts.map

package/dist/testing/sandbox-probe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox-probe.d.ts","sourceRoot":"","sources":["../../src/testing/sandbox-probe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAgEH,OAAO,EAAE,CAAC"}

package/dist/testing/sandbox-probe.js

@@ -0,0 +1,78 @@
+/**
+ * Sandbox probe binary — invoked by `runSandboxContractTests`.
+ *
+ * The probe is a tiny standalone program that the contract harness forks
+ * (typically wrapped by the gateway's sandbox runner) to exercise one
+ * specific capability and report the outcome via process exit code.
+ *
+ * Exit codes:
+ *   0  — expected pass (network reach to a listed host succeeded)
+ *   2  — unexpected outcome (test fails)
+ *   10 — expected EACCES/EPERM on filesystem read (sandbox enforced)
+ *   11 — expected ECONNREFUSED/EPERM/EHOSTUNREACH/ENETUNREACH on network
+ *
+ * Invocation:
+ *   bun sandbox-probe.ts --probe=<name> --arg=<value>
+ *
+ * Probes:
+ *   network-listed   — HEAD-fetch https://<arg>/ ; succeed if 2xx-4xx
+ *   network-unlisted — fetch http://192.0.2.1 (TEST-NET-1); succeed if blocked
+ *   fs-denied        — read a known-protected path; succeed if EACCES
+ */
+const probe = process.argv.find((a) => a.startsWith("--probe="))?.slice(8);
+const arg = process.argv.find((a) => a.startsWith("--arg="))?.slice(6);
+function errorCode(e) {
+    return (e.code ??
+        e.cause?.code);
+}
+async function probeNetworkListed() {
+    const url = `https://${arg ?? ""}/`;
+    try {
+        const res = await fetch(url, { method: "HEAD" });
+        return res.status >= 200 && res.status < 500 ? 0 : 2;
+    }
+    catch {
+        return 2;
+    }
+}
+async function probeNetworkUnlisted() {
+    try {
+        await fetch("http://192.0.2.1");
+        return 2;
+    }
+    catch (e) {
+        const code = errorCode(e);
+        if (code === "ECONNREFUSED" ||
+            code === "EPERM" ||
+            code === "EHOSTUNREACH" ||
+            code === "ENETUNREACH") {
+            return 11;
+        }
+        return 2;
+    }
+}
+async function probeFsDenied() {
+    const path = process.platform === "win32" ? String.raw `C:\Windows\System32\config\SAM` : "/etc/passwd";
+    try {
+        await Bun.file(path).text();
+        return 2;
+    }
+    catch (e) {
+        const code = e.code;
+        if (code === "EACCES" || code === "EPERM" || code === "EBUSY")
+            return 10;
+        return 2;
+    }
+}
+async function main() {
+    if (probe === "network-listed")
+        process.exit(await probeNetworkListed());
+    if (probe === "network-unlisted")
+        process.exit(await probeNetworkUnlisted());
+    if (probe === "fs-denied")
+        process.exit(await probeFsDenied());
+    process.exit(2);
+}
+await main();
+export {};
+//# sourceMappingURL=sandbox-probe.js.map

package/dist/testing/sandbox-probe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox-probe.js","sourceRoot":"","sources":["../../src/testing/sandbox-probe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;AAC3E,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;AAEvE,SAAS,SAAS,CAAC,CAAU;IAC3B,OAAO,CACJ,CAAkD,CAAC,IAAI;QACvD,CAAmC,CAAC,KAAK,EAAE,IAAI,CACjD,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,kBAAkB;IAC/B,MAAM,GAAG,GAAG,WAAW,GAAG,IAAI,EAAE,GAAG,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACjD,OAAO,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAChC,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC1B,IACE,IAAI,KAAK,cAAc;YACvB,IAAI,KAAK,OAAO;YAChB,IAAI,KAAK,cAAc;YACvB,IAAI,KAAK,aAAa,EACtB,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,IAAI,GACR,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAA,gCAAgC,CAAC,CAAC,CAAC,aAAa,CAAC;IAC5F,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,MAAM,IAAI,GAAI,CAAuB,CAAC,IAAI,CAAC;QAC3C,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,OAAO;YAAE,OAAO,EAAE,CAAC;QACzE,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,IAAI,KAAK,KAAK,gBAAgB;QAAE,OAAO,CAAC,IAAI,CAAC,MAAM,kBAAkB,EAAE,CAAC,CAAC;IACzE,IAAI,KAAK,KAAK,kBAAkB;QAAE,OAAO,CAAC,IAAI,CAAC,MAAM,oBAAoB,EAAE,CAAC,CAAC;IAC7E,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,CAAC,IAAI,CAAC,MAAM,aAAa,EAAE,CAAC,CAAC;IAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAQD,MAAM,IAAI,EAAE,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Shared types for Nimbus extensions
+ */
+export interface NimbusItem {
+    id: string;
+    service: string;
+    itemType: "file" | "folder" | "email" | "event" | "photo" | "task";
+    name: string;
+    mimeType?: string;
+    sizeBytes?: number;
+    createdAt?: number;
+    modifiedAt?: number;
+    url?: string;
+    parentId?: string;
+    rawMeta?: Record<string, unknown>;
+}
+export interface ExtensionManifest {
+    $schema?: string;
+    id: string;
+    displayName: string;
+    version: string;
+    description: string;
+    author: string;
+    homepage?: string;
+    icon?: string;
+    entrypoint: string;
+    runtime: "bun" | "node";
+    permissions: Array<"read" | "write" | "delete">;
+    hitlRequired: Array<"write" | "delete">;
+    oauth?: {
+        provider: string;
+        scopes: string[];
+        authUrl: string;
+        tokenUrl: string;
+        pkce: boolean;
+    };
+    syncInterval?: number;
+    tags?: string[];
+    minNimbusVersion: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IACnE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,KAAK,GAAG,MAAM,CAAC;IACxB,WAAW,EAAE,KAAK,CAAC,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC,CAAC;IAChD,YAAY,EAAE,KAAK,CAAC,OAAO,GAAG,QAAQ,CAAC,CAAC;IACxC,KAAK,CAAC,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,OAAO,CAAC;KACf,CAAC;IACF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,gBAAgB,EAAE,MAAM,CAAC;CAC1B"}

package/dist/types.js

@@ -0,0 +1,5 @@
+/**
+ * Shared types for Nimbus extensions
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@nimbus-dev/sdk",
+  "version": "1.1.2",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nimbus-agent/Nimbus.git",
+    "directory": "packages/sdk"
+  },
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "bun": "./src/index.ts",
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./testing": {
+      "bun": "./src/testing/index.ts",
+      "types": "./dist/testing/index.d.ts",
+      "import": "./dist/testing/index.js",
+      "default": "./dist/testing/index.js"
+    },
+    "./ipc": {
+      "bun": "./src/ipc/index.ts",
+      "types": "./dist/ipc/index.d.ts",
+      "import": "./dist/ipc/index.js",
+      "default": "./dist/ipc/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "dev": "bun run --watch src/index.ts",
+    "build": "tsc --project tsconfig.build.json",
+    "typecheck": "tsc --noEmit",
+    "lint": "biome check src/",
+    "test": "bun test",
+    "clean": "rm -rf dist",
+    "prepublishOnly": "bun run build && bun run typecheck",
+    "test:coverage:sdk": "bun test --coverage src"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "devDependencies": {
+    "@types/bun": "latest",
+    "typescript": "^6.0.3"
+  }
+}

package/src/audit-logger.test.ts

@@ -0,0 +1,33 @@
+import { describe, expect, test } from "bun:test";
+import { createScopedAuditLogger } from "./audit-logger.ts";
+
+describe("createScopedAuditLogger", () => {
+  test("prefixes action with extension ID", async () => {
+    const calls: Array<{ action: string; payload: Record<string, unknown> }> = [];
+    const emit = async (action: string, payload: Record<string, unknown>): Promise<void> => {
+      calls.push({ action, payload });
+    };
+    const logger = createScopedAuditLogger("ext.my-connector", emit);
+    await logger.log("sync.completed", { items: 42 });
+    expect(calls).toHaveLength(1);
+    expect(calls[0]?.action).toBe("ext.my-connector:sync.completed");
+    expect(calls[0]?.payload).toEqual({ items: 42 });
+  });
+
+  test("rejects action IDs that already contain a colon", async () => {
+    const logger = createScopedAuditLogger("ext.foo", async () => {});
+    await expect(logger.log("already:scoped", {})).rejects.toThrow(/colon/);
+  });
+
+  test("rejects empty action ID", async () => {
+    const logger = createScopedAuditLogger("ext.foo", async () => {});
+    await expect(logger.log("", {})).rejects.toThrow(/empty/);
+  });
+
+  test("propagates emit errors unchanged", async () => {
+    const logger = createScopedAuditLogger("ext.foo", async () => {
+      throw new Error("downstream");
+    });
+    await expect(logger.log("x", {})).rejects.toThrow("downstream");
+  });
+});

package/src/audit-logger.ts

@@ -0,0 +1,23 @@
+export type AuditEmit = (action: string, payload: Record<string, unknown>) => Promise<void>;
+
+export interface AuditLogger {
+  log(action: string, payload: Record<string, unknown>): Promise<void>;
+}
+
+export function createScopedAuditLogger(extensionId: string, emit: AuditEmit): AuditLogger {
+  if (!extensionId || extensionId.trim().length === 0) {
+    throw new Error("extensionId must be non-empty");
+  }
+  return {
+    async log(action, payload) {
+      if (!action || action.length === 0) {
+        throw new Error("action must be non-empty");
+      }
+      if (action.includes(":")) {
+        throw new Error("action must not contain a colon (scoping prefix is added automatically)");
+      }
+      const scoped = `${extensionId}:${action}`;
+      await emit(scoped, payload);
+    },
+  };
+}