@op0ai/sdk 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +38 -38
- package/dist/guards.d.ts +1 -61
- package/dist/guards.js +1 -88
- package/dist/hash.d.ts +1 -6
- package/dist/hash.js +1 -18
- package/dist/index.d.ts +1 -121
- package/dist/index.js +14 -171
- package/dist/session.d.ts +1 -47
- package/dist/session.js +2 -88
- package/dist/{agent.d.ts → types/agent.d.ts} +1 -2
- package/dist/{agui.d.ts → types/agui.d.ts} +0 -1
- package/dist/{config.d.ts → types/config.d.ts} +0 -1
- package/dist/{contract.d.ts → types/contract.d.ts} +0 -1
- package/dist/{data.d.ts → types/data.d.ts} +0 -1
- package/dist/{define.d.ts → types/define.d.ts} +0 -1
- package/dist/{distill.d.ts → types/distill.d.ts} +0 -1
- package/dist/{events.d.ts → types/events.d.ts} +0 -1
- package/dist/{evlog.d.ts → types/evlog.d.ts} +0 -1
- package/dist/types/guards.d.ts +60 -0
- package/dist/types/hash.d.ts +5 -0
- package/dist/types/index.d.ts +120 -0
- package/dist/{platform.d.ts → types/platform.d.ts} +0 -1
- package/dist/types/session.d.ts +46 -0
- package/dist/{source.d.ts → types/source.d.ts} +0 -1
- package/dist/{tool.d.ts → types/tool.d.ts} +0 -1
- package/dist/{usectx.d.ts → types/usectx.d.ts} +0 -1
- package/dist/types/vault.d.ts +20 -0
- package/dist/vault.d.ts +1 -21
- package/dist/vault.js +1 -25
- package/package.json +4 -3
- package/dist/agent.d.ts.map +0 -1
- package/dist/agent.js +0 -72
- package/dist/agent.js.map +0 -1
- package/dist/agui.d.ts.map +0 -1
- package/dist/agui.js +0 -22
- package/dist/agui.js.map +0 -1
- package/dist/config.d.ts.map +0 -1
- package/dist/config.js +0 -39
- package/dist/config.js.map +0 -1
- package/dist/contract.d.ts.map +0 -1
- package/dist/contract.js +0 -66
- package/dist/contract.js.map +0 -1
- package/dist/data.d.ts.map +0 -1
- package/dist/data.js +0 -211
- package/dist/data.js.map +0 -1
- package/dist/define.d.ts.map +0 -1
- package/dist/define.js +0 -87
- package/dist/define.js.map +0 -1
- package/dist/distill.d.ts.map +0 -1
- package/dist/distill.js +0 -113
- package/dist/distill.js.map +0 -1
- package/dist/events.d.ts.map +0 -1
- package/dist/events.js +0 -25
- package/dist/events.js.map +0 -1
- package/dist/evlog.d.ts.map +0 -1
- package/dist/evlog.js +0 -124
- package/dist/evlog.js.map +0 -1
- package/dist/fleet-names.d.ts +0 -11
- package/dist/fleet-names.d.ts.map +0 -1
- package/dist/fleet-names.js +0 -10
- package/dist/fleet-names.js.map +0 -1
- package/dist/guards.d.ts.map +0 -1
- package/dist/guards.js.map +0 -1
- package/dist/hash.d.ts.map +0 -1
- package/dist/hash.js.map +0 -1
- package/dist/index.d.ts.map +0 -1
- package/dist/index.js.map +0 -1
- package/dist/platform.d.ts.map +0 -1
- package/dist/platform.js +0 -10
- package/dist/platform.js.map +0 -1
- package/dist/session.d.ts.map +0 -1
- package/dist/session.js.map +0 -1
- package/dist/source.d.ts.map +0 -1
- package/dist/source.js +0 -96
- package/dist/source.js.map +0 -1
- package/dist/tool.d.ts.map +0 -1
- package/dist/tool.js +0 -16
- package/dist/tool.js.map +0 -1
- package/dist/usectx.d.ts.map +0 -1
- package/dist/usectx.js +0 -220
- package/dist/usectx.js.map +0 -1
- package/dist/vault.d.ts.map +0 -1
- package/dist/vault.js.map +0 -1
package/LICENSE
CHANGED
|
@@ -1,38 +1,38 @@
|
|
|
1
|
-
op0
|
|
2
|
-
Copyright (c) 2026 op0 (op0.ai)
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
2.
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
1
|
+
op0 Use License (use-with-op0), v1.0
|
|
2
|
+
Copyright (c) 2026-present op0 (op0.ai)
|
|
3
|
+
|
|
4
|
+
Permission is hereby granted, free of charge, to any person or organization
|
|
5
|
+
obtaining a copy of this software (the "Software") to use, copy, and modify
|
|
6
|
+
the Software SOLELY for the purpose of building, testing, deploying, and
|
|
7
|
+
operating agents and fleets on the op0 platform (the op0 runtime and the
|
|
8
|
+
op0 managed cloud, op0.ai / op0.dev), subject to the following conditions:
|
|
9
|
+
|
|
10
|
+
1. Use with op0. The Software may be used only in connection with the op0
|
|
11
|
+
platform. Transient local development and testing of software intended
|
|
12
|
+
to run on op0 is use in connection with op0.
|
|
13
|
+
|
|
14
|
+
2. No redistribution. The Software, modified or unmodified, may not be
|
|
15
|
+
published, sublicensed, sold, or otherwise redistributed outside your
|
|
16
|
+
organization. Installing the Software from the official npm packages is
|
|
17
|
+
not redistribution.
|
|
18
|
+
|
|
19
|
+
3. No competing service. The Software may not be used to build, operate, or
|
|
20
|
+
assist a runtime, platform, or hosted service that competes with op0.
|
|
21
|
+
|
|
22
|
+
4. Your work is yours. Agent functions, configurations, and scaffold output
|
|
23
|
+
you author with the Software are yours, under whatever terms you choose.
|
|
24
|
+
This license covers the Software itself, not what you build with it.
|
|
25
|
+
|
|
26
|
+
5. Notices. This notice shall be included in all copies of the Software.
|
|
27
|
+
|
|
28
|
+
Self-hosting the op0 runtime and any use outside these terms require a
|
|
29
|
+
separate commercial license: arth@op0.ai. See LICENSING.md for the full
|
|
30
|
+
licensing map (what teaches op0 is open; what runs op0 is licensed).
|
|
31
|
+
|
|
32
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
33
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
34
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
35
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
36
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
37
|
+
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
|
38
|
+
DEALINGS IN THE SOFTWARE. This license terminates automatically upon breach.
|
package/dist/guards.d.ts
CHANGED
|
@@ -1,61 +1 @@
|
|
|
1
|
-
export
|
|
2
|
-
cord: string;
|
|
3
|
-
tool?: string;
|
|
4
|
-
scope?: string;
|
|
5
|
-
input: unknown;
|
|
6
|
-
};
|
|
7
|
-
export type WideEvent = {
|
|
8
|
-
ts: string;
|
|
9
|
-
runId: string;
|
|
10
|
-
tenantId: string;
|
|
11
|
-
cordId: string;
|
|
12
|
-
kind: "turn" | "step" | "model" | "tool" | "eval";
|
|
13
|
-
name: string;
|
|
14
|
-
durationMs: number;
|
|
15
|
-
ok: boolean;
|
|
16
|
-
scope?: string;
|
|
17
|
-
error?: {
|
|
18
|
-
code: string;
|
|
19
|
-
why: string;
|
|
20
|
-
};
|
|
21
|
-
attrs?: Record<string, unknown>;
|
|
22
|
-
};
|
|
23
|
-
export type AuditEntry = {
|
|
24
|
-
seq: number;
|
|
25
|
-
ts: string;
|
|
26
|
-
actor: string;
|
|
27
|
-
action: string;
|
|
28
|
-
scopeId: string;
|
|
29
|
-
payloadHash: string;
|
|
30
|
-
prevHash: string;
|
|
31
|
-
hash: string;
|
|
32
|
-
};
|
|
33
|
-
export type Guard = {
|
|
34
|
-
name: string;
|
|
35
|
-
/** Gate hook: deny by throwing (deepsec scope check), or instrument by side-effect. */
|
|
36
|
-
onCall?: (ev: GuardEvent) => void | Promise<void>;
|
|
37
|
-
/** Output transform applied before persist/export (deepsec redaction). */
|
|
38
|
-
redact?: <T>(value: T) => T;
|
|
39
|
-
/** Wide-event sink (deepeval instrumentation). */
|
|
40
|
-
onEvent?: (e: WideEvent) => void;
|
|
41
|
-
};
|
|
42
|
-
export type AuditChain = {
|
|
43
|
-
entries: AuditEntry[];
|
|
44
|
-
append(e: {
|
|
45
|
-
actor: string;
|
|
46
|
-
action: string;
|
|
47
|
-
scopeId: string;
|
|
48
|
-
payload: unknown;
|
|
49
|
-
}): AuditEntry;
|
|
50
|
-
};
|
|
51
|
-
export declare const makeAuditChain: () => AuditChain;
|
|
52
|
-
/** Re-derive every hash; any insert/edit/delete breaks the chain → returns false. (The S7 red test.) */
|
|
53
|
-
export declare const verifyChain: (entries: AuditEntry[]) => boolean;
|
|
54
|
-
/** deepsec — scope gate + redaction (ADR-10). The runtime also drives an audit chain tagged actor="deepsec". */
|
|
55
|
-
export declare const deepsec: (opts?: {
|
|
56
|
-
allow?: string[];
|
|
57
|
-
secrets?: RegExp[];
|
|
58
|
-
}) => Guard;
|
|
59
|
-
/** deepeval — instruments every run (ADR-24). Collects wide-events; prod forwards to evlog (OTLP + PostHog). */
|
|
60
|
-
export declare const deepeval: (sink?: WideEvent[]) => Guard;
|
|
61
|
-
//# sourceMappingURL=guards.d.ts.map
|
|
1
|
+
export * from "./types/guards.js";
|
package/dist/guards.js
CHANGED
|
@@ -1,88 +1 @@
|
|
|
1
|
-
|
|
2
|
-
//
|
|
3
|
-
// • deepsec (ADR-10, the security harness): (1) scope check at the gate — deny a run whose scope is off the
|
|
4
|
-
// allow-list; (2) redaction — scrub secrets/PII from the output BEFORE it is persisted to the vault or
|
|
5
|
-
// exported; (3) a tamper-evident, hash-chained audit (evlog AuditEntry shape, ADR-12).
|
|
6
|
-
// • deepeval (ADR-24, the quality harness): instruments every run — emits evlog wide-events (one fat event
|
|
7
|
-
// per unit of work). In prod the worker forwards these to OTLP + PostHog (companion 23 evlog §3).
|
|
8
|
-
//
|
|
9
|
-
// Both are plain functions returning a Guard the runtime (index.ts) drives. Pure TS; no deps beyond hash.ts.
|
|
10
|
-
import { hashHex } from "./hash.js";
|
|
11
|
-
const entryHash = (e) => hashHex([e.seq, e.ts, e.actor, e.action, e.scopeId, e.payloadHash, e.prevHash].join("|"));
|
|
12
|
-
export const makeAuditChain = () => {
|
|
13
|
-
const entries = [];
|
|
14
|
-
return {
|
|
15
|
-
entries,
|
|
16
|
-
append({ actor, action, scopeId, payload }) {
|
|
17
|
-
const seq = entries.length;
|
|
18
|
-
const ts = new Date().toISOString();
|
|
19
|
-
const prevHash = seq === 0 ? "GENESIS" : entries[seq - 1]?.hash ?? "GENESIS";
|
|
20
|
-
const payloadHash = hashHex(JSON.stringify(payload ?? null));
|
|
21
|
-
const base = { seq, ts, actor, action, scopeId, payloadHash, prevHash };
|
|
22
|
-
const entry = { ...base, hash: entryHash(base) };
|
|
23
|
-
entries.push(entry);
|
|
24
|
-
return entry;
|
|
25
|
-
},
|
|
26
|
-
};
|
|
27
|
-
};
|
|
28
|
-
/** Re-derive every hash; any insert/edit/delete breaks the chain → returns false. (The S7 red test.) */
|
|
29
|
-
export const verifyChain = (entries) => {
|
|
30
|
-
for (let i = 0; i < entries.length; i++) {
|
|
31
|
-
const e = entries[i];
|
|
32
|
-
if (!e)
|
|
33
|
-
return false;
|
|
34
|
-
const prevHash = i === 0 ? "GENESIS" : entries[i - 1]?.hash ?? "GENESIS";
|
|
35
|
-
if (e.prevHash !== prevHash)
|
|
36
|
-
return false;
|
|
37
|
-
const { hash, ...base } = e;
|
|
38
|
-
if (hash !== entryHash(base))
|
|
39
|
-
return false;
|
|
40
|
-
}
|
|
41
|
-
return true;
|
|
42
|
-
};
|
|
43
|
-
// ---- redaction ----
|
|
44
|
-
// Provider token shapes + key material. Loose-but-real; prod (deepsec lane) uses the full secret-scanner set.
|
|
45
|
-
const DEFAULT_SECRET_RES = [
|
|
46
|
-
/gh[poursa]_[A-Za-z0-9]{20,}/g, // GitHub PAT / oauth / app tokens
|
|
47
|
-
/github_pat_[A-Za-z0-9_]{20,}/g, // fine-grained PAT
|
|
48
|
-
/xox[baprs]-[A-Za-z0-9-]{10,}/g, // Slack
|
|
49
|
-
/AKIA[0-9A-Z]{16}/g, // AWS access key id
|
|
50
|
-
/sk-[A-Za-z0-9]{20,}/g, // OpenAI-style secret keys
|
|
51
|
-
/-----BEGIN (?:[A-Z ]+ )?PRIVATE KEY-----/g, // PEM private keys
|
|
52
|
-
];
|
|
53
|
-
const redactValue = (v, res) => {
|
|
54
|
-
if (typeof v === "string") {
|
|
55
|
-
let s = v;
|
|
56
|
-
for (const re of res)
|
|
57
|
-
s = s.replace(re, "[redacted]");
|
|
58
|
-
return s;
|
|
59
|
-
}
|
|
60
|
-
if (Array.isArray(v))
|
|
61
|
-
return v.map((x) => redactValue(x, res));
|
|
62
|
-
if (v && typeof v === "object") {
|
|
63
|
-
const o = {};
|
|
64
|
-
for (const k of Object.keys(v))
|
|
65
|
-
o[k] = redactValue(v[k], res);
|
|
66
|
-
return o;
|
|
67
|
-
}
|
|
68
|
-
return v;
|
|
69
|
-
};
|
|
70
|
-
/** deepsec — scope gate + redaction (ADR-10). The runtime also drives an audit chain tagged actor="deepsec". */
|
|
71
|
-
export const deepsec = (opts = {}) => {
|
|
72
|
-
const res = opts.secrets ?? DEFAULT_SECRET_RES;
|
|
73
|
-
return {
|
|
74
|
-
name: "deepsec",
|
|
75
|
-
onCall: ({ scope }) => {
|
|
76
|
-
if (opts.allow && scope !== undefined && !opts.allow.includes(scope)) {
|
|
77
|
-
throw new Error(`deepsec: scope "${scope}" not in allow-list [${opts.allow.join(", ")}]`);
|
|
78
|
-
}
|
|
79
|
-
},
|
|
80
|
-
redact: (value) => redactValue(value, res),
|
|
81
|
-
};
|
|
82
|
-
};
|
|
83
|
-
/** deepeval — instruments every run (ADR-24). Collects wide-events; prod forwards to evlog (OTLP + PostHog). */
|
|
84
|
-
export const deepeval = (sink = []) => ({
|
|
85
|
-
name: "deepeval",
|
|
86
|
-
onEvent: (e) => { sink.push(e); },
|
|
87
|
-
});
|
|
88
|
-
//# sourceMappingURL=guards.js.map
|
|
1
|
+
var a=t=>{let r=2166136261;for(let n=0;n<t.length;n++)r^=t.charCodeAt(n),r=Math.imul(r,16777619);return(r>>>0).toString(16).padStart(8,"0")};var g=t=>a([t.seq,t.ts,t.actor,t.action,t.scopeId,t.payloadHash,t.prevHash].join("|")),A=()=>{let t=[];return{entries:t,append({actor:r,action:n,scopeId:e,payload:o}){let s=t.length,p=new Date().toISOString(),u=s===0?"GENESIS":t[s-1]?.hash??"GENESIS",l=a(JSON.stringify(o??null)),c={seq:s,ts:p,actor:r,action:n,scopeId:e,payloadHash:l,prevHash:u},d={...c,hash:g(c)};return t.push(d),d}}},f=t=>{for(let r=0;r<t.length;r++){let n=t[r];if(!n)return!1;let e=r===0?"GENESIS":t[r-1]?.hash??"GENESIS";if(n.prevHash!==e)return!1;let{hash:o,...s}=n;if(o!==g(s))return!1}return!0},h=[/gh[poursa]_[A-Za-z0-9]{20,}/g,/github_pat_[A-Za-z0-9_]{20,}/g,/xox[baprs]-[A-Za-z0-9-]{10,}/g,/AKIA[0-9A-Z]{16}/g,/sk-[A-Za-z0-9]{20,}/g,/-----BEGIN (?:[A-Z ]+ )?PRIVATE KEY-----/g],i=(t,r)=>{if(typeof t=="string"){let n=t;for(let e of r)n=n.replace(e,"[redacted]");return n}if(Array.isArray(t))return t.map(n=>i(n,r));if(t&&typeof t=="object"){let n={};for(let e of Object.keys(t))n[e]=i(t[e],r);return n}return t},w=(t={})=>{let r=t.secrets??h;return{name:"deepsec",onCall:({scope:n})=>{if(t.allow&&n!==void 0&&!t.allow.includes(n))throw new Error(`deepsec: scope "${n}" not in allow-list [${t.allow.join(", ")}]`)},redact:n=>i(n,r)}},x=(t=[])=>({name:"deepeval",onEvent:r=>{t.push(r)}});export{x as deepeval,w as deepsec,A as makeAuditChain,f as verifyChain};
|
package/dist/hash.d.ts
CHANGED
|
@@ -1,6 +1 @@
|
|
|
1
|
-
export
|
|
2
|
-
/** A url-safe slug for vault keys (target → reports/<slug>/<runId>.json). */
|
|
3
|
-
export declare const slug: (s: string) => string;
|
|
4
|
-
/** A short, sortable-ish run id (timestamp + entropy). No node: deps. */
|
|
5
|
-
export declare const newId: () => string;
|
|
6
|
-
//# sourceMappingURL=hash.d.ts.map
|
|
1
|
+
export * from "./types/hash.js";
|
package/dist/hash.js
CHANGED
|
@@ -1,18 +1 @@
|
|
|
1
|
-
|
|
2
|
-
// chain). It is NOT cryptographic: production swaps in SHA-256 via Web Crypto (`crypto.subtle.digest`,
|
|
3
|
-
// available in both Workers and Node ≥18) — that's async, so the chain/manifest become async there. For the
|
|
4
|
-
// pure-Node verify path we want a sync, zero-dep hash so the whole runtime stays portable (Node AND a
|
|
5
|
-
// Worker, no imports). FNV-1a (32-bit) is enough to make tamper-evidence + content-addressing demonstrable.
|
|
6
|
-
export const hashHex = (s) => {
|
|
7
|
-
let h = 0x811c9dc5;
|
|
8
|
-
for (let i = 0; i < s.length; i++) {
|
|
9
|
-
h ^= s.charCodeAt(i);
|
|
10
|
-
h = Math.imul(h, 0x01000193);
|
|
11
|
-
}
|
|
12
|
-
return (h >>> 0).toString(16).padStart(8, "0");
|
|
13
|
-
};
|
|
14
|
-
/** A url-safe slug for vault keys (target → reports/<slug>/<runId>.json). */
|
|
15
|
-
export const slug = (s) => s.trim().toLowerCase().replace(/^https?:\/\//, "").replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 80) || "target";
|
|
16
|
-
/** A short, sortable-ish run id (timestamp + entropy). No node: deps. */
|
|
17
|
-
export const newId = () => Date.now().toString(36) + "-" + Math.random().toString(36).slice(2, 8);
|
|
18
|
-
//# sourceMappingURL=hash.js.map
|
|
1
|
+
var n=t=>{let r=2166136261;for(let e=0;e<t.length;e++)r^=t.charCodeAt(e),r=Math.imul(r,16777619);return(r>>>0).toString(16).padStart(8,"0")},o=t=>t.trim().toLowerCase().replace(/^https?:\/\//,"").replace(/[^a-z0-9]+/g,"-").replace(/^-+|-+$/g,"").slice(0,80)||"target",a=()=>Date.now().toString(36)+"-"+Math.random().toString(36).slice(2,8);export{n as hashHex,a as newId,o as slug};
|
package/dist/index.d.ts
CHANGED
|
@@ -1,121 +1 @@
|
|
|
1
|
-
export * from "./
|
|
2
|
-
export * from "./vault.ts";
|
|
3
|
-
export * from "./guards.ts";
|
|
4
|
-
export * from "./platform.ts";
|
|
5
|
-
export * from "./agent.ts";
|
|
6
|
-
export * from "./source.ts";
|
|
7
|
-
export * from "./agui.ts";
|
|
8
|
-
export * from "./tool.ts";
|
|
9
|
-
export * from "./config.ts";
|
|
10
|
-
export * from "./define.ts";
|
|
11
|
-
export * from "./contract.ts";
|
|
12
|
-
export * from "./evlog.ts";
|
|
13
|
-
export * from "./events.ts";
|
|
14
|
-
export * from "./usectx.ts";
|
|
15
|
-
export * from "./distill.ts";
|
|
16
|
-
export * from "./data.ts";
|
|
17
|
-
import type { Vault } from "./vault.ts";
|
|
18
|
-
import type { Resources, ResourceNeed } from "./platform.ts";
|
|
19
|
-
import { type Guard, type WideEvent, type AuditEntry } from "./guards.ts";
|
|
20
|
-
/** A sub-cord: an encapsulated unit composed into a parent. `any` generics (not `unknown`) so a typed
|
|
21
|
-
* `subcords` record — { scan: Subagent<string,Facts>, score: Subagent<Facts,EvalResult>, ... } — is assignable
|
|
22
|
-
* to Record<string, Subagent> (Subagent<X,Y> is NOT assignable to Subagent<unknown,unknown> — invariant `run`
|
|
23
|
-
* param — but IS assignable to Subagent<any,any>). Same heterogeneous-registry seam as data.ts's AnyFn. */
|
|
24
|
-
export type Subagent<I = any, O = any> = {
|
|
25
|
-
id: string;
|
|
26
|
-
mount: "local" | "registry";
|
|
27
|
-
run: (input: I) => Promise<O>;
|
|
28
|
-
};
|
|
29
|
-
/** Mount an OWNED sub-cord in-process (deterministic trunk). */
|
|
30
|
-
export declare function use<I, O>(sc: {
|
|
31
|
-
id: string;
|
|
32
|
-
run: (input: I) => Promise<O>;
|
|
33
|
-
}): Subagent<I, O>;
|
|
34
|
-
/** Mount a THIRD-PARTY/registry cord over MCP (the trust boundary; an executor toolkit). */
|
|
35
|
-
export declare function useRemote<I, O>(sc: {
|
|
36
|
-
id: string;
|
|
37
|
-
call: (input: I) => Promise<O>;
|
|
38
|
-
}): Subagent<I, O>;
|
|
39
|
-
export type Expose = {
|
|
40
|
-
codemode?: boolean;
|
|
41
|
-
mcp?: string;
|
|
42
|
-
cli?: boolean;
|
|
43
|
-
openapi?: boolean;
|
|
44
|
-
};
|
|
45
|
-
export type AgentDef<Input, Output> = {
|
|
46
|
-
id: string;
|
|
47
|
-
kind?: "agent-ful" | "agent-less";
|
|
48
|
-
inference?: "managed" | "byo";
|
|
49
|
-
/** The scope this cord's run requests — checked by deepsec against its allow-list (H4). */
|
|
50
|
-
scope?: string;
|
|
51
|
-
expose?: Expose;
|
|
52
|
-
guards?: Guard[];
|
|
53
|
-
subcords?: Record<string, Subagent>;
|
|
54
|
-
/** Durable resources this cord requires; the host MUST bind them or the run fails fast (validated post-gate). */
|
|
55
|
-
needs?: ResourceNeed[];
|
|
56
|
-
/** The deterministic trunk: compose sub-cords (ctx) + use the host-bound resources (res). */
|
|
57
|
-
run: (input: Input, ctx: Record<string, (input: any) => Promise<any>>, res: Resources) => Promise<Output>;
|
|
58
|
-
};
|
|
59
|
-
export type RunBudget = {
|
|
60
|
-
cap: number;
|
|
61
|
-
used: number;
|
|
62
|
-
depth: number;
|
|
63
|
-
maxDepth: number;
|
|
64
|
-
};
|
|
65
|
-
export type RunOpts = {
|
|
66
|
-
tenantId?: string;
|
|
67
|
-
scope?: string;
|
|
68
|
-
vault?: Vault;
|
|
69
|
-
resources?: Resources;
|
|
70
|
-
budget?: Partial<Pick<RunBudget, "cap" | "maxDepth">>;
|
|
71
|
-
onEvent?: (e: WideEvent) => void;
|
|
72
|
-
};
|
|
73
|
-
export type RunResult<O> = {
|
|
74
|
-
output: O;
|
|
75
|
-
runId: string;
|
|
76
|
-
artifact?: {
|
|
77
|
-
key: string;
|
|
78
|
-
version: string;
|
|
79
|
-
hash: string;
|
|
80
|
-
};
|
|
81
|
-
audit: AuditEntry[];
|
|
82
|
-
events: WideEvent[];
|
|
83
|
-
budget: RunBudget;
|
|
84
|
-
};
|
|
85
|
-
export type AgentManifest = {
|
|
86
|
-
id: string;
|
|
87
|
-
version: string;
|
|
88
|
-
kind: "agent-ful" | "agent-less";
|
|
89
|
-
inference: "managed" | "byo";
|
|
90
|
-
scope?: string;
|
|
91
|
-
expose: Expose;
|
|
92
|
-
subcords: string[];
|
|
93
|
-
guards: string[];
|
|
94
|
-
needs: ResourceNeed[];
|
|
95
|
-
};
|
|
96
|
-
export type Agent<Input, Output> = {
|
|
97
|
-
id: string;
|
|
98
|
-
expose: Expose;
|
|
99
|
-
manifest: AgentManifest;
|
|
100
|
-
run: (input: Input, opts?: RunOpts) => Promise<Output>;
|
|
101
|
-
runFull: (input: Input, opts?: RunOpts) => Promise<RunResult<Output>>;
|
|
102
|
-
};
|
|
103
|
-
export declare function defineAgent<Input, Output>(def: AgentDef<Input, Output>): Agent<Input, Output>;
|
|
104
|
-
/** /.well-known/op0.json (ADR-18) generated from the cord's `expose`. Host is filled at deploy. */
|
|
105
|
-
export declare const wellKnown: (m: AgentManifest, host?: string) => {
|
|
106
|
-
auth?: {
|
|
107
|
-
type: string;
|
|
108
|
-
scopes: string[];
|
|
109
|
-
};
|
|
110
|
-
skills: string;
|
|
111
|
-
cli?: string;
|
|
112
|
-
openapi?: string;
|
|
113
|
-
mcp: string[];
|
|
114
|
-
docs: string;
|
|
115
|
-
};
|
|
116
|
-
/** Content-address the manifest for skillkit publish/fork lineage (signed → forkOf{atCommit} later, ADR-22). */
|
|
117
|
-
export declare const signManifest: (m: AgentManifest) => {
|
|
118
|
-
manifest: AgentManifest;
|
|
119
|
-
hash: string;
|
|
120
|
-
};
|
|
121
|
-
//# sourceMappingURL=index.d.ts.map
|
|
1
|
+
export * from "./types/index.js";
|