@nkmc/gateway 0.1.0

package/dist/chunk-CZJ75YTV.js

@@ -0,0 +1,969 @@
+// src/registry/skill-to-config.ts
+function skillToHttpConfig(record) {
+  let baseUrl = `https://${record.domain}`;
+  if (record.source?.basePath) {
+    baseUrl += record.source.basePath;
+  }
+  const resources = extractResources(record.skillMd);
+  const endpoints = extractHttpEndpoints(record.skillMd);
+  return {
+    baseUrl,
+    resources,
+    endpoints
+  };
+}
+function extractResources(skillMd) {
+  const resources = [];
+  const lines = skillMd.split("\n");
+  let inSchema = false;
+  let current = null;
+  for (const line of lines) {
+    if (line.startsWith("## Schema")) {
+      inSchema = true;
+      continue;
+    }
+    if (inSchema && line.startsWith("## ") && !line.startsWith("## Schema")) {
+      break;
+    }
+    if (!inSchema) continue;
+    const tableMatch = line.match(/^### (\w+)\s/);
+    if (tableMatch) {
+      if (current) resources.push(toHttpResource(current));
+      current = { name: tableMatch[1], fields: [] };
+      continue;
+    }
+    if (current && line.startsWith("|") && !line.startsWith("|--") && !line.startsWith("| field")) {
+      const cells = line.split("|").map((c) => c.trim()).filter(Boolean);
+      if (cells.length >= 3) {
+        current.fields.push({
+          name: cells[0],
+          type: cells[1],
+          description: cells[2]
+        });
+      }
+    }
+  }
+  if (current) resources.push(toHttpResource(current));
+  return resources;
+}
+function toHttpResource(parsed) {
+  return {
+    name: parsed.name,
+    apiPath: `/${parsed.name}`,
+    fields: parsed.fields
+  };
+}
+function extractHttpEndpoints(skillMd) {
+  const endpoints = [];
+  const lines = skillMd.split("\n");
+  let inApi = false;
+  let currentHeading = null;
+  for (const line of lines) {
+    if (line.startsWith("## API")) {
+      inApi = true;
+      continue;
+    }
+    if (inApi && line.startsWith("## ") && !line.startsWith("## API")) {
+      break;
+    }
+    if (!inApi) continue;
+    if (line.startsWith("### ")) {
+      currentHeading = line.slice(4).trim();
+      continue;
+    }
+    const match = line.match(/^`(GET|POST|PUT|PATCH|DELETE)\s+(\S+)`/);
+    if (match && currentHeading) {
+      const slug = currentHeading.toLowerCase().replace(/\s+/g, "-");
+      endpoints.push({
+        name: slug,
+        method: match[1],
+        apiPath: match[2],
+        description: currentHeading
+      });
+      currentHeading = null;
+    }
+  }
+  return endpoints;
+}
+function skillToRpcConfig(meta) {
+  const resources = meta.resources.map((r) => {
+    const methods = {};
+    const builder = getParamsBuilder(meta.convention);
+    for (const [fsOp, rpcMethod] of Object.entries(r.methods)) {
+      const key = fsOp;
+      methods[key] = {
+        method: rpcMethod,
+        params: builder(key)
+      };
+    }
+    const resource = {
+      name: r.name,
+      ...r.idField ? { idField: r.idField } : {},
+      methods
+    };
+    if (meta.convention === "evm") {
+      resource.transform = buildEvmTransforms(r.name);
+    }
+    return resource;
+  });
+  return { resources };
+}
+function getParamsBuilder(convention) {
+  switch (convention) {
+    case "crud":
+      return crudParamsBuilder;
+    case "evm":
+      return evmParamsBuilder;
+    case "raw":
+    default:
+      return rawParamsBuilder;
+  }
+}
+function rawParamsBuilder(_fsOp) {
+  return (ctx) => {
+    if (ctx.data !== void 0) return [ctx.data];
+    if (ctx.id !== void 0) return [ctx.id];
+    return [];
+  };
+}
+function crudParamsBuilder(fsOp) {
+  switch (fsOp) {
+    case "list":
+      return () => [];
+    case "read":
+      return (ctx) => [ctx.id];
+    case "write":
+      return (ctx) => [ctx.id, ctx.data];
+    case "create":
+      return (ctx) => [ctx.data];
+    case "remove":
+      return (ctx) => [ctx.id];
+    case "search":
+      return (ctx) => [ctx.pattern];
+    default:
+      return () => [];
+  }
+}
+function evmParamsBuilder(fsOp) {
+  switch (fsOp) {
+    case "list":
+      return () => [];
+    case "read":
+      return (ctx) => {
+        const id = ctx.id;
+        const hexId = /^\d+$/.test(id) ? "0x" + Number(id).toString(16) : id;
+        return [hexId, "latest"];
+      };
+    default:
+      return rawParamsBuilder(fsOp);
+  }
+}
+function buildEvmTransforms(resourceName) {
+  const transform = {};
+  if (resourceName === "blocks") {
+    transform.list = (data) => {
+      const hex = String(data);
+      const latest = parseInt(hex, 16);
+      if (isNaN(latest)) return [];
+      return Array.from({ length: 10 }, (_, i) => `${latest - i}.json`);
+    };
+  }
+  if (resourceName === "balances") {
+    transform.read = (data) => {
+      const hex = String(data);
+      return { wei: hex, raw: hex };
+    };
+  }
+  return Object.keys(transform).length > 0 ? transform : void 0;
+}
+
+// src/registry/virtual-files.ts
+var VIRTUAL_FILES = ["_pricing.json", "_versions.json", "skill.md"];
+var VirtualFileBackend = class {
+  inner;
+  domain;
+  store;
+  constructor(options) {
+    this.inner = options.inner;
+    this.domain = options.domain;
+    this.store = options.store;
+  }
+  async list(path) {
+    const entries = await this.inner.list(path);
+    if (path === "/" || path === "" || path === ".") {
+      return [...entries, ...VIRTUAL_FILES];
+    }
+    return entries;
+  }
+  async read(path) {
+    const cleaned = path.replace(/^\/+/, "").replace(/\/+$/, "");
+    if (cleaned === "_pricing.json") {
+      const record = await this.store.get(this.domain);
+      if (!record) return { endpoints: [] };
+      return {
+        domain: this.domain,
+        endpoints: record.endpoints.filter((ep) => ep.pricing).map((ep) => ({
+          method: ep.method,
+          path: ep.path,
+          description: ep.description,
+          pricing: ep.pricing
+        }))
+      };
+    }
+    if (cleaned === "_versions.json") {
+      const versions = await this.store.listVersions(this.domain);
+      return { domain: this.domain, versions };
+    }
+    if (cleaned === "skill.md") {
+      const record = await this.store.get(this.domain);
+      if (!record) return "# Not found\n";
+      return record.skillMd;
+    }
+    return this.inner.read(path);
+  }
+  async write(path, data) {
+    return this.inner.write(path, data);
+  }
+  async remove(path) {
+    return this.inner.remove(path);
+  }
+  async search(path, pattern) {
+    return this.inner.search(path, pattern);
+  }
+};
+
+// src/registry/resolver.ts
+import { HttpBackend, RpcBackend, JsonRpcTransport } from "@nkmc/agent-fs";
+import { signJwt } from "@nkmc/core";
+
+// src/federation/peer-backend.ts
+var PeerBackend = class {
+  constructor(client, peer, agentId) {
+    this.client = client;
+    this.peer = peer;
+    this.agentId = agentId;
+  }
+  async list(path) {
+    const result = await this.execOnPeer(`ls ${path}`);
+    return result.data ?? [];
+  }
+  async read(path) {
+    const result = await this.execOnPeer(`cat ${path}`);
+    return result.data;
+  }
+  async write(path, data) {
+    const result = await this.execOnPeer(
+      `write ${path} ${JSON.stringify(data)}`
+    );
+    return result.data ?? { id: "" };
+  }
+  async remove(path) {
+    await this.execOnPeer(`rm ${path}`);
+  }
+  async search(path, pattern) {
+    const result = await this.execOnPeer(`grep ${pattern} ${path}`);
+    return result.data ?? [];
+  }
+  async execOnPeer(command) {
+    const result = await this.client.exec(this.peer, {
+      command,
+      agentId: this.agentId
+    });
+    if (!result.ok) {
+      if (result.paymentRequired) {
+        throw new Error(
+          `Payment required: ${result.paymentRequired.price} ${result.paymentRequired.currency}`
+        );
+      }
+      throw new Error(result.error ?? "Peer execution failed");
+    }
+    return result;
+  }
+};
+
+// src/registry/resolver.ts
+function createRegistryResolver(storeOrOptions) {
+  const options = "get" in storeOrOptions && "put" in storeOrOptions ? { store: storeOrOptions } : storeOrOptions;
+  const { store, vault, gatewayPrivateKey } = options;
+  const loaded = /* @__PURE__ */ new Set();
+  async function tryPeerFallback(domain, version, addMount, agent) {
+    if (!options.peerClient || !options.peerStore) return false;
+    const peers = await options.peerStore.listPeers();
+    for (const peer of peers) {
+      if (peer.advertisedDomains.length > 0 && !peer.advertisedDomains.includes(domain)) {
+        continue;
+      }
+      const result = await options.peerClient.query(peer, domain);
+      if (result.available) {
+        const peerBackend = new PeerBackend(options.peerClient, peer, agent?.id ?? "anonymous");
+        const mountPath = version ? `/${domain}@${version}` : `/${domain}`;
+        addMount({ path: mountPath, backend: peerBackend });
+        return true;
+      }
+    }
+    return false;
+  }
+  async function onMiss(path, addMount, agent) {
+    const { domain, version } = extractDomainPath(path);
+    if (!domain) return false;
+    const cacheKey = version ? `${domain}@${version}` : domain;
+    const record = version ? await store.getVersion(domain, version) : await store.get(domain);
+    if (!record) {
+      return tryPeerFallback(domain, version, addMount, agent);
+    }
+    const isNkmcJwt = record.authMode === "nkmc-jwt";
+    if (!isNkmcJwt && loaded.has(cacheKey)) return false;
+    if (record.status === "sunset") return false;
+    let auth;
+    if (isNkmcJwt && gatewayPrivateKey && agent) {
+      const token = await signJwt(gatewayPrivateKey, {
+        sub: agent.id,
+        roles: agent.roles,
+        svc: domain
+      }, { expiresIn: "5m" });
+      auth = { type: "bearer", token };
+    } else if (vault) {
+      const cred = await vault.get(domain, agent?.id);
+      if (cred) {
+        auth = cred.auth;
+      }
+    }
+    if (!auth && !isNkmcJwt) {
+      const peerMounted = await tryPeerFallback(domain, version, addMount, agent);
+      if (peerMounted) return true;
+    }
+    let backend;
+    if (record.source?.type === "jsonrpc" && record.source.rpc) {
+      const { resources } = skillToRpcConfig(record.source.rpc);
+      const headers = {};
+      if (auth) {
+        if (auth.type === "bearer") {
+          headers["Authorization"] = `${auth.prefix ?? "Bearer"} ${auth.token}`;
+        } else if (auth.type === "api-key") {
+          headers[auth.header] = auth.key;
+        }
+      }
+      const transport = new JsonRpcTransport({ url: record.source.rpc.rpcUrl, headers });
+      backend = new RpcBackend({ transport, resources });
+    } else {
+      const config = skillToHttpConfig(record);
+      config.auth = auth;
+      backend = new HttpBackend(config);
+    }
+    let finalBackend = backend;
+    if (options.wrapVirtualFiles !== false) {
+      finalBackend = new VirtualFileBackend({ inner: backend, domain, store: options.store });
+    }
+    const mountPath = version ? `/${domain}@${version}` : `/${domain}`;
+    addMount({ path: mountPath, backend: finalBackend });
+    if (!isNkmcJwt) {
+      loaded.add(cacheKey);
+    }
+    return true;
+  }
+  async function listDomains() {
+    const summaries = await store.list();
+    return summaries.map((s) => s.domain);
+  }
+  async function searchDomains(query) {
+    return store.search(query);
+  }
+  async function searchEndpoints(domain, query) {
+    const record = await store.get(domain);
+    if (!record) return [];
+    const q = query.toLowerCase();
+    return record.endpoints.filter(
+      (e) => e.description.toLowerCase().includes(q) || e.method.toLowerCase().includes(q) || e.path.toLowerCase().includes(q)
+    ).map((e) => ({ method: e.method, path: e.path, description: e.description }));
+  }
+  return { onMiss, listDomains, searchDomains, searchEndpoints };
+}
+function extractDomainPath(path) {
+  const segments = path.split("/").filter(Boolean);
+  if (segments.length === 0) return { domain: null, version: null };
+  const first = segments[0];
+  const atIndex = first.indexOf("@");
+  if (atIndex > 0) {
+    return {
+      domain: first.slice(0, atIndex),
+      version: first.slice(atIndex + 1)
+    };
+  }
+  return { domain: first, version: null };
+}
+
+// src/registry/context7.ts
+var Context7Client = class {
+  apiKey;
+  baseUrl;
+  fetchFn;
+  constructor(options) {
+    this.apiKey = options?.apiKey;
+    this.baseUrl = options?.baseUrl ?? "https://context7.com/api/v2";
+    this.fetchFn = options?.fetchFn ?? globalThis.fetch.bind(globalThis);
+  }
+  /** Search for a library by name. Returns matching library entries. */
+  async searchLibraries(libraryName, query) {
+    const params = new URLSearchParams({ libraryName });
+    if (query) params.set("query", query);
+    const resp = await this.fetchFn(`${this.baseUrl}/libs/search?${params}`, {
+      headers: this.headers()
+    });
+    if (!resp.ok) throw new Error(`Context7 search failed: ${resp.status}`);
+    return resp.json();
+  }
+  /** Query documentation for a specific library. Returns documentation text. */
+  async queryDocs(libraryId, query) {
+    const params = new URLSearchParams({ libraryId, query, type: "txt" });
+    const resp = await this.fetchFn(`${this.baseUrl}/context?${params}`, {
+      headers: this.headers()
+    });
+    if (!resp.ok) throw new Error(`Context7 query failed: ${resp.status}`);
+    return resp.text();
+  }
+  headers() {
+    const h = {};
+    if (this.apiKey) h["Authorization"] = `Bearer ${this.apiKey}`;
+    return h;
+  }
+};
+
+// src/registry/context7-backend.ts
+var Context7Backend = class {
+  client;
+  constructor(options) {
+    this.client = new Context7Client(options);
+  }
+  async list(path) {
+    const cleaned = path.replace(/^\/+/, "").replace(/\/+$/, "");
+    if (!cleaned) {
+      return [
+        'grep "<\u5173\u952E\u8BCD>" /context7/     \u2014 \u641C\u7D22\u5E93',
+        'grep "<\u95EE\u9898>" /context7/{id}   \u2014 \u67E5\u8BE2\u6587\u6863',
+        "cat /context7/{owner}/{repo}   \u2014 \u5E93\u6982\u89C8"
+      ];
+    }
+    return ['grep "<\u95EE\u9898>" /context7/' + cleaned + " \u2014 \u67E5\u8BE2\u6B64\u5E93\u6587\u6863"];
+  }
+  async read(path) {
+    const libraryId = parseLibraryId(path);
+    if (!libraryId) {
+      return { usage: 'grep "<\u5173\u952E\u8BCD>" /context7/ \u2014 \u641C\u7D22\u5E93' };
+    }
+    const name = libraryId.split("/").pop() ?? libraryId;
+    const docs = await this.client.queryDocs(libraryId, `${name} overview getting started`);
+    return { libraryId, docs };
+  }
+  async write(_path, _data) {
+    throw new Error("context7 is read-only");
+  }
+  async remove(_path) {
+    throw new Error("context7 is read-only");
+  }
+  async search(path, pattern) {
+    const cleaned = path.replace(/^\/+/, "").replace(/\/+$/, "");
+    if (!cleaned) {
+      const results = await this.client.searchLibraries(pattern);
+      return results.map(formatSearchResult);
+    }
+    const libraryId = parseLibraryId(path);
+    if (!libraryId) return [];
+    const docs = await this.client.queryDocs(libraryId, pattern);
+    if (!docs) return [];
+    return [{ libraryId, query: pattern, docs }];
+  }
+};
+function parseLibraryId(path) {
+  const cleaned = path.replace(/^\/+/, "").replace(/\/+$/, "");
+  if (!cleaned) return null;
+  const parts = cleaned.split("/");
+  if (parts.length < 2) return null;
+  return "/" + parts.slice(0, 2).join("/");
+}
+function formatSearchResult(r) {
+  return {
+    id: r.id,
+    name: r.name,
+    description: r.description ?? "",
+    snippets: r.totalSnippets ?? 0
+  };
+}
+
+// src/registry/skill-parser.ts
+import { parse as parseYaml } from "yaml";
+function parseSkillMd(domain, raw, options) {
+  const { frontmatter, body } = extractFrontmatter(raw);
+  const parsed = parseYaml(frontmatter) ?? {};
+  const description = extractDescription(body);
+  const endpoints = extractEndpoints(body);
+  const now = Date.now();
+  return {
+    domain,
+    name: parsed.name ?? domain,
+    description,
+    version: parsed.version ?? "0.0",
+    roles: parsed.roles ?? ["agent"],
+    skillMd: raw,
+    endpoints,
+    isFirstParty: options?.isFirstParty ?? false,
+    createdAt: now,
+    updatedAt: now,
+    status: "active",
+    isDefault: true
+  };
+}
+function parsePricingAnnotation(text) {
+  const match = text.match(
+    /(\d+(?:\.\d+)?)\s+(\w+)\s*\/\s*(call|byte|minute|次)/i
+  );
+  if (!match) return void 0;
+  return {
+    cost: parseFloat(match[1]),
+    currency: match[2].toUpperCase(),
+    per: match[3] === "\u6B21" ? "call" : match[3].toLowerCase()
+  };
+}
+function extractFrontmatter(raw) {
+  const match = raw.match(/^---\n([\s\S]*?)\n---\n([\s\S]*)$/);
+  if (!match) return { frontmatter: "", body: raw };
+  return { frontmatter: match[1], body: match[2] };
+}
+function extractDescription(body) {
+  const lines = body.split("\n");
+  let foundTitle = false;
+  const descLines = [];
+  for (const line of lines) {
+    if (!foundTitle) {
+      if (line.startsWith("# ")) foundTitle = true;
+      continue;
+    }
+    if (line.startsWith("## ")) break;
+    const trimmed = line.trim();
+    if (trimmed === "" && descLines.length > 0) break;
+    if (trimmed !== "") descLines.push(trimmed);
+  }
+  return descLines.join(" ");
+}
+function extractEndpoints(body) {
+  const endpoints = [];
+  const lines = body.split("\n");
+  let inApiSection = false;
+  let currentHeading = null;
+  for (const line of lines) {
+    if (line.startsWith("## API")) {
+      inApiSection = true;
+      continue;
+    }
+    if (inApiSection && line.startsWith("## ") && !line.startsWith("## API")) {
+      break;
+    }
+    if (!inApiSection) continue;
+    if (line.startsWith("### ")) {
+      currentHeading = line.slice(4).trim();
+      continue;
+    }
+    const endpointMatch = line.match(/^`(GET|POST|PUT|PATCH|DELETE)\s+(\S+)`/);
+    if (endpointMatch && currentHeading) {
+      const afterBacktick = line.slice(line.indexOf("`", 1) + 1).trim();
+      const pricing = afterBacktick.startsWith("\u2014") ? parsePricingAnnotation(afterBacktick.slice(1).trim()) : void 0;
+      endpoints.push({
+        method: endpointMatch[1],
+        path: endpointMatch[2],
+        description: currentHeading,
+        ...pricing ? { pricing } : {}
+      });
+      currentHeading = null;
+    }
+  }
+  return endpoints;
+}
+
+// src/http/lib/dns.ts
+async function queryDnsTxt(domain) {
+  const url = new URL("https://cloudflare-dns.com/dns-query");
+  url.searchParams.set("name", domain);
+  url.searchParams.set("type", "TXT");
+  const res = await fetch(url.toString(), {
+    headers: { Accept: "application/dns-json" }
+  });
+  if (!res.ok) {
+    throw new Error(`DNS query failed: ${res.status}`);
+  }
+  const data = await res.json();
+  return (data.Answer ?? []).filter((a) => a.type === 16).map((a) => a.data.replace(/^"|"$/g, ""));
+}
+
+// src/http/routes/credentials.ts
+import { Hono } from "hono";
+function credentialRoutes(options) {
+  const { vault } = options;
+  const app = new Hono();
+  app.put("/:domain", async (c) => {
+    const domain = c.req.param("domain");
+    const body = await c.req.json();
+    if (!body.auth?.type) {
+      return c.json({ error: "Missing auth.type" }, 400);
+    }
+    await vault.putPool(domain, body.auth);
+    return c.json({ ok: true, domain });
+  });
+  app.get("/", async (c) => {
+    const domains = await vault.listDomains();
+    return c.json({ domains });
+  });
+  app.delete("/:domain", async (c) => {
+    const domain = c.req.param("domain");
+    await vault.delete(domain);
+    return c.json({ ok: true, domain });
+  });
+  return app;
+}
+
+// src/http/routes/tunnels.ts
+import { Hono as Hono2 } from "hono";
+import { nanoid } from "nanoid";
+function tunnelRoutes(options) {
+  const { tunnelStore, tunnelProvider, tunnelDomain } = options;
+  const app = new Hono2();
+  app.post("/create", async (c) => {
+    const agent = c.get("agent");
+    const body = await c.req.json().catch(() => ({}));
+    const existing = await tunnelStore.getByAgent(agent.id);
+    if (existing && existing.status === "active") {
+      return c.json({
+        tunnelId: existing.id,
+        publicUrl: existing.publicUrl,
+        message: "Tunnel already exists"
+      });
+    }
+    const id = nanoid(12);
+    const hostname = `${id}.${tunnelDomain}`;
+    const publicUrl = `https://${hostname}`;
+    const { tunnelId, tunnelToken } = await tunnelProvider.create(
+      `nkmc-${agent.id}-${id}`,
+      hostname
+    );
+    const now = Date.now();
+    await tunnelStore.put({
+      id,
+      agentId: agent.id,
+      tunnelId,
+      publicUrl,
+      status: "active",
+      createdAt: now,
+      advertisedDomains: body.advertisedDomains ?? [],
+      gatewayName: body.gatewayName,
+      lastSeen: now
+    });
+    return c.json({ tunnelId: id, tunnelToken, publicUrl }, 201);
+  });
+  app.delete("/:id", async (c) => {
+    const id = c.req.param("id");
+    const agent = c.get("agent");
+    const record = await tunnelStore.get(id);
+    if (!record) return c.json({ error: "Tunnel not found" }, 404);
+    if (record.agentId !== agent.id)
+      return c.json({ error: "Not your tunnel" }, 403);
+    await tunnelProvider.delete(record.tunnelId);
+    await tunnelStore.delete(id);
+    return c.json({ ok: true });
+  });
+  app.get("/", async (c) => {
+    const agent = c.get("agent");
+    const all = await tunnelStore.list();
+    const mine = all.filter((t) => t.agentId === agent.id);
+    return c.json({ tunnels: mine });
+  });
+  app.get("/discover", async (c) => {
+    const domain = c.req.query("domain");
+    const all = await tunnelStore.list();
+    let results = all.filter((t) => t.status === "active");
+    if (domain) {
+      results = results.filter((t) => t.advertisedDomains.includes(domain));
+    }
+    return c.json({
+      gateways: results.map((t) => ({
+        id: t.id,
+        name: t.gatewayName ?? `gateway-${t.id}`,
+        publicUrl: t.publicUrl,
+        advertisedDomains: t.advertisedDomains
+      }))
+    });
+  });
+  app.post("/heartbeat", async (c) => {
+    const agent = c.get("agent");
+    const body = await c.req.json();
+    const record = await tunnelStore.getByAgent(agent.id);
+    if (!record) return c.json({ error: "No active tunnel" }, 404);
+    record.advertisedDomains = body.advertisedDomains ?? record.advertisedDomains;
+    record.lastSeen = Date.now();
+    await tunnelStore.put(record);
+    return c.json({ ok: true });
+  });
+  return app;
+}
+
+// src/registry/openapi-compiler.ts
+import YAML from "yaml";
+function extractBasePath(spec) {
+  const servers = spec.servers;
+  if (!Array.isArray(servers) || servers.length === 0) return "";
+  const serverUrl = servers[0]?.url;
+  if (!serverUrl || typeof serverUrl !== "string") return "";
+  try {
+    if (serverUrl.startsWith("/")) {
+      return serverUrl.replace(/\/+$/, "");
+    }
+    const parsed = new URL(serverUrl);
+    const pathname = parsed.pathname.replace(/\/+$/, "");
+    return pathname || "";
+  } catch {
+    return "";
+  }
+}
+function resolveRef(spec, ref) {
+  if (!ref.startsWith("#/")) return void 0;
+  const parts = ref.slice(2).split("/");
+  let current = spec;
+  for (const part of parts) {
+    if (current == null || typeof current !== "object") return void 0;
+    current = current[part];
+  }
+  return current;
+}
+function resolveSchema(spec, schema) {
+  if (!schema) return void 0;
+  if (schema.$ref) return resolveRef(spec, schema.$ref);
+  return schema;
+}
+function extractProperties(spec, schema) {
+  const resolved = resolveSchema(spec, schema);
+  if (!resolved || resolved.type !== "object" || !resolved.properties) return [];
+  const requiredSet = new Set(resolved.required ?? []);
+  const props = [];
+  for (const [name, prop] of Object.entries(resolved.properties)) {
+    const p = resolveSchema(spec, prop) ?? prop;
+    props.push({
+      name,
+      type: p.type ?? (p.enum ? "enum" : "unknown"),
+      required: requiredSet.has(name),
+      ...p.description ? { description: p.description } : {}
+    });
+  }
+  return props;
+}
+function extractParams(spec, operation) {
+  const params = operation.parameters;
+  if (!Array.isArray(params) || params.length === 0) return void 0;
+  const result = [];
+  for (const raw of params) {
+    const p = resolveSchema(spec, raw) ?? raw;
+    if (!p.name || !p.in) continue;
+    if (!["path", "query", "header"].includes(p.in)) continue;
+    const schema = resolveSchema(spec, p.schema) ?? p.schema;
+    result.push({
+      name: p.name,
+      in: p.in,
+      required: !!p.required,
+      type: schema?.type ?? "string",
+      ...p.description ? { description: p.description } : {}
+    });
+  }
+  return result.length > 0 ? result : void 0;
+}
+function extractRequestBody(spec, operation) {
+  const body = resolveSchema(spec, operation.requestBody);
+  if (!body?.content) return void 0;
+  const jsonContent = body.content["application/json"];
+  if (!jsonContent?.schema) return void 0;
+  const properties = extractProperties(spec, jsonContent.schema);
+  if (properties.length === 0) return void 0;
+  return {
+    contentType: "application/json",
+    required: !!body.required,
+    properties
+  };
+}
+function extractResponses(spec, operation) {
+  const responses = operation.responses;
+  if (!responses || typeof responses !== "object") return void 0;
+  const result = [];
+  for (const [code, raw] of Object.entries(responses)) {
+    const status = parseInt(code, 10);
+    if (isNaN(status) || status < 200 || status >= 300) continue;
+    const resp = resolveSchema(spec, raw) ?? raw;
+    const jsonContent = resp?.content?.["application/json"];
+    const properties = jsonContent?.schema ? extractProperties(spec, jsonContent.schema) : void 0;
+    result.push({
+      status,
+      description: resp?.description ?? "",
+      ...properties && properties.length > 0 ? { properties } : {}
+    });
+  }
+  return result.length > 0 ? result : void 0;
+}
+function compileOpenApiSpec(spec, options) {
+  const info = spec.info ?? {};
+  const name = info.title ?? options.domain;
+  const description = info.description ?? "";
+  const version = options.version ?? info.version ?? "1.0";
+  const basePath = extractBasePath(spec);
+  const endpoints = [];
+  const resources = [];
+  const resourcePaths = /* @__PURE__ */ new Map();
+  const paths = spec.paths ?? {};
+  for (const [path, methods] of Object.entries(paths)) {
+    if (typeof methods !== "object" || methods === null) continue;
+    for (const [method, op] of Object.entries(methods)) {
+      if (!["get", "post", "put", "patch", "delete"].includes(method)) continue;
+      const operation = op;
+      const parameters = extractParams(spec, operation);
+      const requestBody = extractRequestBody(spec, operation);
+      const responses = extractResponses(spec, operation);
+      endpoints.push({
+        method: method.toUpperCase(),
+        path,
+        description: operation.summary ?? operation.operationId ?? `${method.toUpperCase()} ${path}`,
+        ...parameters ? { parameters } : {},
+        ...requestBody ? { requestBody } : {},
+        ...responses ? { responses } : {}
+      });
+    }
+    const segments = path.split("/").filter(Boolean);
+    if (segments.length >= 1) {
+      const resourceName = segments[0];
+      if (!resourcePaths.has(resourceName) && !resourceName.startsWith("{")) {
+        resourcePaths.set(resourceName, {
+          name: resourceName,
+          apiPath: `/${resourceName}`
+        });
+      }
+    }
+  }
+  for (const r of resourcePaths.values()) {
+    resources.push(r);
+  }
+  const skillMd = generateSkillMd(name, version, description, endpoints, resources);
+  const now = Date.now();
+  const record = {
+    domain: options.domain,
+    name,
+    description,
+    version,
+    roles: ["agent"],
+    skillMd,
+    endpoints,
+    isFirstParty: options.isFirstParty ?? false,
+    createdAt: now,
+    updatedAt: now,
+    status: "active",
+    isDefault: true,
+    source: { type: "openapi", ...basePath ? { basePath } : {} }
+  };
+  return { record, resources, skillMd };
+}
+async function fetchAndCompile(specUrl, options, fetchFn = globalThis.fetch.bind(globalThis)) {
+  const resp = await fetchFn(specUrl);
+  if (!resp.ok) throw new Error(`Failed to fetch spec: ${resp.status} ${resp.statusText}`);
+  const text = await resp.text();
+  const spec = parseSpec(specUrl, resp.headers.get("content-type") ?? "", text);
+  const result = compileOpenApiSpec(spec, options);
+  const basePath = result.record.source?.basePath;
+  result.record.source = { type: "openapi", url: specUrl, ...basePath ? { basePath } : {} };
+  return result;
+}
+function parseSpec(url, contentType, text) {
+  const isJson = contentType.includes("json") || url.endsWith(".json") || text.trimStart().startsWith("{");
+  if (isJson) return JSON.parse(text);
+  return YAML.parse(text);
+}
+function propsTable(props) {
+  let t = "| name | type | required |\n|------|------|----------|\n";
+  for (const p of props) {
+    t += `| ${p.name} | ${p.type} | ${p.required ? "*" : ""} |
+`;
+  }
+  return t;
+}
+function generateSkillMd(name, version, description, endpoints, resources) {
+  let md = `---
+name: "${name}"
+gateway: nkmc
+version: "${version}"
+roles: [agent]
+---
+
+`;
+  md += `# ${name}
+
+${description}
+
+`;
+  if (resources.length > 0) {
+    md += `## Schema
+
+`;
+    for (const r of resources) {
+      md += `### ${r.name} (public)
+
+`;
+    }
+  }
+  if (endpoints.length > 0) {
+    md += `## API
+
+`;
+    for (const ep of endpoints) {
+      md += `### ${ep.description}
+
+`;
+      md += `\`${ep.method} ${ep.path}\`
+
+`;
+      if (ep.parameters && ep.parameters.length > 0) {
+        md += "**Parameters:**\n\n";
+        md += "| name | in | type | required |\n|------|-----|------|----------|\n";
+        for (const p of ep.parameters) {
+          md += `| ${p.name} | ${p.in} | ${p.type} | ${p.required ? "*" : ""} |
+`;
+        }
+        md += "\n";
+      }
+      if (ep.requestBody) {
+        const req = ep.requestBody;
+        md += `**Body** (${req.contentType}${req.required ? ", required" : ""}):
+
+`;
+        md += propsTable(req.properties);
+        md += "\n";
+      }
+      if (ep.responses && ep.responses.length > 0) {
+        for (const r of ep.responses) {
+          md += `**Response ${r.status}**${r.description ? `: ${r.description}` : ""}
+
+`;
+          if (r.properties && r.properties.length > 0) {
+            md += propsTable(r.properties);
+            md += "\n";
+          }
+        }
+      }
+    }
+  }
+  return md;
+}
+
+export {
+  skillToHttpConfig,
+  VirtualFileBackend,
+  createRegistryResolver,
+  extractDomainPath,
+  Context7Client,
+  Context7Backend,
+  parseSkillMd,
+  parsePricingAnnotation,
+  fetchAndCompile,
+  queryDnsTxt,
+  credentialRoutes,
+  tunnelRoutes
+};