@paybond/kit 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/completion-presets/catalog.json +1187 -0
- package/completion-presets/catalog.sha256 +1 -0
- package/dev/trace-ui/dashboard.html +617 -0
- package/dist/agent/adapter.d.ts +51 -0
- package/dist/agent/adapter.js +66 -0
- package/dist/agent/attach-bundle.d.ts +37 -0
- package/dist/agent/attach-bundle.js +118 -0
- package/dist/agent/authorization-cache.d.ts +22 -0
- package/dist/agent/authorization-cache.js +36 -0
- package/dist/agent/deferred-tools.d.ts +11 -0
- package/dist/agent/deferred-tools.js +62 -0
- package/dist/agent/discover.d.ts +41 -0
- package/dist/agent/discover.js +147 -0
- package/dist/agent/evidence.d.ts +9 -0
- package/dist/agent/evidence.js +28 -0
- package/dist/agent/facade.d.ts +48 -0
- package/dist/agent/facade.js +112 -0
- package/dist/agent/gateway-trace-reporter.d.ts +28 -0
- package/dist/agent/gateway-trace-reporter.js +49 -0
- package/dist/agent/generic-runner.d.ts +14 -0
- package/dist/agent/generic-runner.js +49 -0
- package/dist/agent/generic-sandbox-demo.d.ts +36 -0
- package/dist/agent/generic-sandbox-demo.js +82 -0
- package/dist/agent/guarded-agent.d.ts +49 -0
- package/dist/agent/guarded-agent.js +100 -0
- package/dist/agent/index.d.ts +13 -0
- package/dist/agent/index.js +13 -0
- package/dist/agent/instrument.d.ts +156 -0
- package/dist/agent/instrument.js +442 -0
- package/dist/agent/interceptor.d.ts +24 -0
- package/dist/agent/interceptor.js +440 -0
- package/dist/agent/lazy-context-tools.d.ts +15 -0
- package/dist/agent/lazy-context-tools.js +81 -0
- package/dist/agent/registry-file.d.ts +39 -0
- package/dist/agent/registry-file.js +219 -0
- package/dist/agent/registry.d.ts +37 -0
- package/dist/agent/registry.js +128 -0
- package/dist/agent/run.d.ts +124 -0
- package/dist/agent/run.js +301 -0
- package/dist/agent/types.d.ts +318 -0
- package/dist/agent/types.js +42 -0
- package/dist/agent-recognition.d.ts +72 -0
- package/dist/agent-recognition.js +165 -0
- package/dist/bincode-wire.d.ts +18 -0
- package/dist/bincode-wire.js +93 -0
- package/dist/claude-agents/config.d.ts +21 -0
- package/dist/claude-agents/config.js +145 -0
- package/dist/claude-agents/index.d.ts +2 -0
- package/dist/claude-agents/index.js +2 -0
- package/dist/claude-agents/sandbox-demo.d.ts +30 -0
- package/dist/claude-agents/sandbox-demo.js +91 -0
- package/dist/cli/agent/env-quote.d.ts +1 -0
- package/dist/cli/agent/env-quote.js +6 -0
- package/dist/cli/agent/env-write.d.ts +8 -0
- package/dist/cli/agent/env-write.js +47 -0
- package/dist/cli/agent/paybond.d.ts +16 -0
- package/dist/cli/agent/paybond.js +55 -0
- package/dist/cli/agent/policy-file.d.ts +29 -0
- package/dist/cli/agent/policy-file.js +61 -0
- package/dist/cli/agent/production-evidence.d.ts +24 -0
- package/dist/cli/agent/production-evidence.js +98 -0
- package/dist/cli/agent/run-store.d.ts +30 -0
- package/dist/cli/agent/run-store.js +42 -0
- package/dist/cli/agent/run-trace-store.d.ts +39 -0
- package/dist/cli/agent/run-trace-store.js +143 -0
- package/dist/cli/agent-run-trace-table.d.ts +9 -0
- package/dist/cli/agent-run-trace-table.js +24 -0
- package/dist/cli/agent-sandbox-smoke-checklist.d.ts +9 -0
- package/dist/cli/agent-sandbox-smoke-checklist.js +50 -0
- package/dist/cli/command-spec.d.ts +1 -0
- package/dist/cli/command-spec.js +286 -5
- package/dist/cli/commands/agent.d.ts +16 -0
- package/dist/cli/commands/agent.js +1135 -0
- package/dist/cli/commands/dev.d.ts +7 -0
- package/dist/cli/commands/dev.js +348 -0
- package/dist/cli/commands/discovery.js +3 -3
- package/dist/cli/commands/policy.d.ts +13 -0
- package/dist/cli/commands/policy.js +769 -0
- package/dist/cli/commands/setup.d.ts +3 -0
- package/dist/cli/commands/setup.js +124 -8
- package/dist/cli/commands/workflows.js +9 -4
- package/dist/cli/config.d.ts +2 -0
- package/dist/cli/config.js +4 -2
- package/dist/cli/context.js +2 -1
- package/dist/cli/credentials.js +2 -2
- package/dist/cli/doctor-agent-middleware.d.ts +5 -0
- package/dist/cli/doctor-agent-middleware.js +49 -0
- package/dist/cli/globals.d.ts +1 -0
- package/dist/cli/globals.js +11 -1
- package/dist/cli/help.d.ts +1 -1
- package/dist/cli/help.js +35 -3
- package/dist/cli/mcp-install.js +2 -2
- package/dist/cli/mcp-policy.d.ts +3 -0
- package/dist/cli/mcp-policy.js +19 -13
- package/dist/cli/mcp-verify-config.js +9 -11
- package/dist/cli/redact.js +29 -8
- package/dist/cli/router.js +105 -2
- package/dist/cli/smoke-deep-links.d.ts +15 -0
- package/dist/cli/smoke-deep-links.js +63 -0
- package/dist/cli/telemetry.d.ts +17 -0
- package/dist/cli/telemetry.js +94 -0
- package/dist/completion-catalog-digest.d.ts +2 -0
- package/dist/completion-catalog-digest.js +2 -0
- package/dist/completion-catalog-integrity.d.ts +2 -0
- package/dist/completion-catalog-integrity.js +17 -0
- package/dist/completion-catalog.d.ts +49 -0
- package/dist/completion-catalog.js +62 -0
- package/dist/completion-contract-digest.d.ts +37 -0
- package/dist/completion-contract-digest.js +73 -0
- package/dist/completion-forbidden-fields.d.ts +5 -0
- package/dist/completion-forbidden-fields.js +26 -0
- package/dist/completion-init.d.ts +8 -0
- package/dist/completion-init.js +334 -0
- package/dist/completion-resolve.d.ts +21 -0
- package/dist/completion-resolve.js +86 -0
- package/dist/completion-validate-evidence.d.ts +24 -0
- package/dist/completion-validate-evidence.js +145 -0
- package/dist/dev/offline-gateway.d.ts +24 -0
- package/dist/dev/offline-gateway.js +102 -0
- package/dist/dev/trace-buffer.d.ts +61 -0
- package/dist/dev/trace-buffer.js +330 -0
- package/dist/dev/trace-security-headers.d.ts +11 -0
- package/dist/dev/trace-security-headers.js +16 -0
- package/dist/dev/trace-server.d.ts +8 -0
- package/dist/dev/trace-server.js +38 -0
- package/dist/dev/trace-ui.d.ts +4 -0
- package/dist/dev/trace-ui.js +25 -0
- package/dist/dev/wiremock-up.d.ts +15 -0
- package/dist/dev/wiremock-up.js +118 -0
- package/dist/doctor-completion.d.ts +17 -0
- package/dist/doctor-completion.js +428 -0
- package/dist/gateway-url.d.ts +7 -0
- package/dist/gateway-url.js +69 -0
- package/dist/index.d.ts +119 -2
- package/dist/index.js +267 -6
- package/dist/init.js +374 -57
- package/dist/langgraph/awrap-tool-call.d.ts +25 -0
- package/dist/langgraph/awrap-tool-call.js +81 -0
- package/dist/langgraph/config.d.ts +13 -0
- package/dist/langgraph/config.js +11 -0
- package/dist/langgraph/index.d.ts +4 -0
- package/dist/langgraph/index.js +4 -0
- package/dist/langgraph/sandbox-demo.d.ts +40 -0
- package/dist/langgraph/sandbox-demo.js +96 -0
- package/dist/langgraph/tool-node.d.ts +10 -0
- package/dist/langgraph/tool-node.js +38 -0
- package/dist/login.js +7 -0
- package/dist/mcp/index.d.ts +1 -0
- package/dist/mcp/index.js +1 -0
- package/dist/mcp/tool-surface.d.ts +25 -0
- package/dist/mcp/tool-surface.js +17 -0
- package/dist/mcp-capability-token-cache.d.ts +24 -0
- package/dist/mcp-capability-token-cache.js +101 -0
- package/dist/mcp-evidence-policy.d.ts +48 -0
- package/dist/mcp-evidence-policy.js +117 -0
- package/dist/mcp-policy-reload.d.ts +79 -0
- package/dist/mcp-policy-reload.js +200 -0
- package/dist/mcp-sep2828-evidence.d.ts +36 -0
- package/dist/mcp-sep2828-evidence.js +65 -0
- package/dist/mcp-server.d.ts +6 -0
- package/dist/mcp-server.js +224 -44
- package/dist/openai-agents/index.d.ts +40 -0
- package/dist/openai-agents/index.js +151 -0
- package/dist/openai-agents/sandbox-demo.d.ts +34 -0
- package/dist/openai-agents/sandbox-demo.js +118 -0
- package/dist/payee-evidence.js +2 -29
- package/dist/policy/catalog.d.ts +31 -0
- package/dist/policy/catalog.js +48 -0
- package/dist/policy/compose-utils.d.ts +3 -0
- package/dist/policy/compose-utils.js +4 -0
- package/dist/policy/compose.d.ts +20 -0
- package/dist/policy/compose.js +240 -0
- package/dist/policy/digest.d.ts +7 -0
- package/dist/policy/digest.js +75 -0
- package/dist/policy/domain.d.ts +15 -0
- package/dist/policy/domain.js +28 -0
- package/dist/policy/guardrail-spec.d.ts +17 -0
- package/dist/policy/guardrail-spec.js +140 -0
- package/dist/policy/guardrails.d.ts +48 -0
- package/dist/policy/guardrails.js +72 -0
- package/dist/policy/index.d.ts +21 -0
- package/dist/policy/index.js +21 -0
- package/dist/policy/init.d.ts +102 -0
- package/dist/policy/init.js +351 -0
- package/dist/policy/intent-spec.d.ts +52 -0
- package/dist/policy/intent-spec.js +176 -0
- package/dist/policy/json-path.d.ts +4 -0
- package/dist/policy/json-path.js +23 -0
- package/dist/policy/layers-io.d.ts +7 -0
- package/dist/policy/layers-io.js +28 -0
- package/dist/policy/load-effective.d.ts +22 -0
- package/dist/policy/load-effective.js +77 -0
- package/dist/policy/load.d.ts +85 -0
- package/dist/policy/load.js +164 -0
- package/dist/policy/merge.d.ts +29 -0
- package/dist/policy/merge.js +297 -0
- package/dist/policy/parse-text.d.ts +2 -0
- package/dist/policy/parse-text.js +126 -0
- package/dist/policy/policy-api.d.ts +45 -0
- package/dist/policy/policy-api.js +61 -0
- package/dist/policy/presets.d.ts +19 -0
- package/dist/policy/presets.js +66 -0
- package/dist/policy/registry.d.ts +7 -0
- package/dist/policy/registry.js +33 -0
- package/dist/policy/reload.d.ts +86 -0
- package/dist/policy/reload.js +233 -0
- package/dist/policy/render-yaml.d.ts +3 -0
- package/dist/policy/render-yaml.js +69 -0
- package/dist/policy/sandbox-bootstrap.d.ts +19 -0
- package/dist/policy/sandbox-bootstrap.js +66 -0
- package/dist/policy/schema.d.ts +204 -0
- package/dist/policy/schema.js +255 -0
- package/dist/policy/snapshot.d.ts +33 -0
- package/dist/policy/snapshot.js +23 -0
- package/dist/policy/validate-remote.d.ts +43 -0
- package/dist/policy/validate-remote.js +104 -0
- package/dist/policy/validate.d.ts +36 -0
- package/dist/policy/validate.js +150 -0
- package/dist/policy/watcher.d.ts +29 -0
- package/dist/policy/watcher.js +112 -0
- package/dist/principal-intent.d.ts +52 -0
- package/dist/principal-intent.js +193 -37
- package/dist/project-init.d.ts +34 -0
- package/dist/project-init.js +898 -0
- package/dist/sep2828-signature.d.ts +10 -0
- package/dist/sep2828-signature.js +134 -0
- package/dist/solutions/api.d.ts +22 -0
- package/dist/solutions/api.js +40 -0
- package/dist/solutions/catalog.d.ts +34 -0
- package/dist/solutions/catalog.js +129 -0
- package/dist/solutions/index.d.ts +2 -0
- package/dist/solutions/index.js +2 -0
- package/dist/template-init.d.ts +54 -0
- package/dist/template-init.js +203 -0
- package/dist/vercel-ai/config.d.ts +15 -0
- package/dist/vercel-ai/config.js +13 -0
- package/dist/vercel-ai/index.d.ts +4 -0
- package/dist/vercel-ai/index.js +4 -0
- package/dist/vercel-ai/sandbox-demo.d.ts +44 -0
- package/dist/vercel-ai/sandbox-demo.js +153 -0
- package/dist/vercel-ai/tool-approval.d.ts +16 -0
- package/dist/vercel-ai/tool-approval.js +41 -0
- package/dist/vercel-ai/wrap-tools.d.ts +9 -0
- package/dist/vercel-ai/wrap-tools.js +40 -0
- package/dist/x402-receipt-evidence.d.ts +29 -0
- package/dist/x402-receipt-evidence.js +97 -0
- package/dist/x402-receipt-signature.d.ts +12 -0
- package/dist/x402-receipt-signature.js +211 -0
- package/package.json +75 -3
- package/solutions/aws.json +17 -0
- package/solutions/saas.json +17 -0
- package/solutions/shopping.json +17 -0
- package/solutions/travel.json +18 -0
- package/templates/manifest.json +169 -0
- package/templates/openai-shopping-agent/.env.example +3 -0
- package/templates/openai-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/openai-shopping-agent/LICENSE +201 -0
- package/templates/openai-shopping-agent/README.md +29 -0
- package/templates/openai-shopping-agent/package.json +22 -0
- package/templates/openai-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/openai-shopping-agent/src/index.ts +22 -0
- package/templates/openai-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/openai-shopping-agent/tsconfig.json +13 -0
- package/templates/paybond-aws-operator/.env.example +3 -0
- package/templates/paybond-aws-operator/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-aws-operator/LICENSE +201 -0
- package/templates/paybond-aws-operator/README.md +29 -0
- package/templates/paybond-aws-operator/package.json +20 -0
- package/templates/paybond-aws-operator/paybond.policy.yaml +22 -0
- package/templates/paybond-aws-operator/src/index.ts +54 -0
- package/templates/paybond-aws-operator/src/paybond.config.ts +51 -0
- package/templates/paybond-aws-operator/tsconfig.json +13 -0
- package/templates/paybond-claude-agents-demo/.env.example +3 -0
- package/templates/paybond-claude-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-claude-agents-demo/LICENSE +201 -0
- package/templates/paybond-claude-agents-demo/README.md +29 -0
- package/templates/paybond-claude-agents-demo/package.json +22 -0
- package/templates/paybond-claude-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-claude-agents-demo/src/index.ts +22 -0
- package/templates/paybond-claude-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-claude-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-invoice-agent/.env.example +3 -0
- package/templates/paybond-invoice-agent/.github/workflows/smoke.yml +19 -0
- package/templates/paybond-invoice-agent/LICENSE +201 -0
- package/templates/paybond-invoice-agent/README.md +29 -0
- package/templates/paybond-invoice-agent/app.py +27 -0
- package/templates/paybond-invoice-agent/package.json +6 -0
- package/templates/paybond-invoice-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-invoice-agent/paybond_config.py +45 -0
- package/templates/paybond-invoice-agent/requirements.txt +2 -0
- package/templates/paybond-mcp-coding-agent/.env.example +3 -0
- package/templates/paybond-mcp-coding-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-mcp-coding-agent/LICENSE +201 -0
- package/templates/paybond-mcp-coding-agent/README.md +39 -0
- package/templates/paybond-mcp-coding-agent/package.json +20 -0
- package/templates/paybond-mcp-coding-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-mcp-coding-agent/src/index.ts +40 -0
- package/templates/paybond-mcp-coding-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-mcp-coding-agent/tsconfig.json +13 -0
- package/templates/paybond-openai-agents-demo/.env.example +3 -0
- package/templates/paybond-openai-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-openai-agents-demo/LICENSE +201 -0
- package/templates/paybond-openai-agents-demo/README.md +29 -0
- package/templates/paybond-openai-agents-demo/package.json +22 -0
- package/templates/paybond-openai-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-openai-agents-demo/src/index.ts +22 -0
- package/templates/paybond-openai-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-openai-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-procurement-agent/.env.example +3 -0
- package/templates/paybond-procurement-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-procurement-agent/LICENSE +201 -0
- package/templates/paybond-procurement-agent/README.md +29 -0
- package/templates/paybond-procurement-agent/package.json +20 -0
- package/templates/paybond-procurement-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-procurement-agent/src/index.ts +54 -0
- package/templates/paybond-procurement-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-procurement-agent/tsconfig.json +13 -0
- package/templates/paybond-travel-agent/.env.example +3 -0
- package/templates/paybond-travel-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-travel-agent/LICENSE +201 -0
- package/templates/paybond-travel-agent/README.md +29 -0
- package/templates/paybond-travel-agent/package.json +23 -0
- package/templates/paybond-travel-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-travel-agent/src/index.ts +22 -0
- package/templates/paybond-travel-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-travel-agent/tsconfig.json +13 -0
- package/templates/paybond-vercel-shopping-agent/.env.example +3 -0
- package/templates/paybond-vercel-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-vercel-shopping-agent/LICENSE +201 -0
- package/templates/paybond-vercel-shopping-agent/README.md +29 -0
- package/templates/paybond-vercel-shopping-agent/package.json +22 -0
- package/templates/paybond-vercel-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-vercel-shopping-agent/src/index.ts +22 -0
- package/templates/paybond-vercel-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-vercel-shopping-agent/tsconfig.json +13 -0
|
@@ -0,0 +1,219 @@
|
|
|
1
|
+
import { readFile } from "node:fs/promises";
|
|
2
|
+
import { extname } from "node:path";
|
|
3
|
+
import { getCompletionPreset, listCompletionPresetIds } from "../completion-catalog.js";
|
|
4
|
+
import { createPaybondToolRegistry } from "./registry.js";
|
|
5
|
+
import { PaybondToolRegistryValidationError, } from "./types.js";
|
|
6
|
+
function isSideEffecting(entry) {
|
|
7
|
+
const raw = entry.side_effecting ?? entry.sideEffecting;
|
|
8
|
+
return raw !== false;
|
|
9
|
+
}
|
|
10
|
+
function evidencePreset(entry) {
|
|
11
|
+
const raw = entry.evidence_preset ?? entry.evidencePreset;
|
|
12
|
+
return typeof raw === "string" && raw.trim() ? raw.trim() : undefined;
|
|
13
|
+
}
|
|
14
|
+
function normalizeDocument(raw) {
|
|
15
|
+
if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
|
|
16
|
+
throw new PaybondToolRegistryValidationError("registry file must be a JSON or YAML object");
|
|
17
|
+
}
|
|
18
|
+
return raw;
|
|
19
|
+
}
|
|
20
|
+
/** Parse registry file text (JSON or YAML). */
|
|
21
|
+
export function parseAgentRegistryText(text, sourceLabel = "registry file") {
|
|
22
|
+
const trimmed = text.trim();
|
|
23
|
+
if (!trimmed) {
|
|
24
|
+
throw new PaybondToolRegistryValidationError(`${sourceLabel} is empty`);
|
|
25
|
+
}
|
|
26
|
+
try {
|
|
27
|
+
return normalizeDocument(JSON.parse(trimmed));
|
|
28
|
+
}
|
|
29
|
+
catch {
|
|
30
|
+
return normalizeDocument(parseSimpleYamlRegistry(trimmed, sourceLabel));
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
/** Load and parse a registry file from disk. */
|
|
34
|
+
export async function loadAgentRegistryFile(path) {
|
|
35
|
+
const text = await readFile(path, "utf8");
|
|
36
|
+
return parseAgentRegistryText(text, path);
|
|
37
|
+
}
|
|
38
|
+
function parseSimpleYamlRegistry(text, sourceLabel) {
|
|
39
|
+
const ext = extname(sourceLabel).toLowerCase();
|
|
40
|
+
if (ext !== ".yaml" && ext !== ".yml" && !text.includes("\n") && !text.includes(":")) {
|
|
41
|
+
throw new PaybondToolRegistryValidationError(`${sourceLabel} is not valid JSON`);
|
|
42
|
+
}
|
|
43
|
+
const root = {};
|
|
44
|
+
let section = "root";
|
|
45
|
+
let currentTool = null;
|
|
46
|
+
const tools = {};
|
|
47
|
+
for (const rawLine of text.split(/\r?\n/)) {
|
|
48
|
+
const line = rawLine.trim();
|
|
49
|
+
if (!line || line.startsWith("#")) {
|
|
50
|
+
continue;
|
|
51
|
+
}
|
|
52
|
+
const match = /^(\S+?):\s*(.*)$/.exec(line);
|
|
53
|
+
if (!match) {
|
|
54
|
+
throw new PaybondToolRegistryValidationError(`${sourceLabel} has invalid YAML line: ${rawLine}`);
|
|
55
|
+
}
|
|
56
|
+
const [, key, rawValue] = match;
|
|
57
|
+
const value = rawValue.trim();
|
|
58
|
+
if (section === "root" && key === "tools" && !value) {
|
|
59
|
+
section = "tools";
|
|
60
|
+
continue;
|
|
61
|
+
}
|
|
62
|
+
if (section === "tools" && !value) {
|
|
63
|
+
currentTool = key;
|
|
64
|
+
tools[currentTool] = {};
|
|
65
|
+
continue;
|
|
66
|
+
}
|
|
67
|
+
const parsedValue = parseYamlScalar(value);
|
|
68
|
+
if (section === "tools" && currentTool) {
|
|
69
|
+
tools[currentTool][key] = parsedValue;
|
|
70
|
+
continue;
|
|
71
|
+
}
|
|
72
|
+
root[key] = parsedValue;
|
|
73
|
+
}
|
|
74
|
+
if (Object.keys(tools).length > 0) {
|
|
75
|
+
root.tools = tools;
|
|
76
|
+
}
|
|
77
|
+
return root;
|
|
78
|
+
}
|
|
79
|
+
function parseYamlScalar(value) {
|
|
80
|
+
if (!value) {
|
|
81
|
+
return "";
|
|
82
|
+
}
|
|
83
|
+
if (value === "true") {
|
|
84
|
+
return true;
|
|
85
|
+
}
|
|
86
|
+
if (value === "false") {
|
|
87
|
+
return false;
|
|
88
|
+
}
|
|
89
|
+
if (/^-?\d+$/.test(value)) {
|
|
90
|
+
return Number.parseInt(value, 10);
|
|
91
|
+
}
|
|
92
|
+
if ((value.startsWith('"') && value.endsWith('"')) ||
|
|
93
|
+
(value.startsWith("'") && value.endsWith("'"))) {
|
|
94
|
+
return value.slice(1, -1);
|
|
95
|
+
}
|
|
96
|
+
return value;
|
|
97
|
+
}
|
|
98
|
+
/** Convert a registry file document into middleware registry config. */
|
|
99
|
+
export function agentRegistryDocumentToConfig(doc) {
|
|
100
|
+
const defaultDeny = Boolean(doc.default_deny ?? doc.defaultDeny ?? false);
|
|
101
|
+
const sideEffecting = {};
|
|
102
|
+
for (const [toolName, entry] of Object.entries(doc.tools ?? {})) {
|
|
103
|
+
if (!entry || typeof entry !== "object") {
|
|
104
|
+
continue;
|
|
105
|
+
}
|
|
106
|
+
if (!isSideEffecting(entry)) {
|
|
107
|
+
continue;
|
|
108
|
+
}
|
|
109
|
+
const preset = evidencePreset(entry);
|
|
110
|
+
if (!preset) {
|
|
111
|
+
throw new PaybondToolRegistryValidationError(`side-effecting tool "${toolName}" must declare evidence_preset`);
|
|
112
|
+
}
|
|
113
|
+
const policy = {
|
|
114
|
+
evidencePreset: preset,
|
|
115
|
+
};
|
|
116
|
+
if (entry.operation?.trim()) {
|
|
117
|
+
policy.operation = entry.operation.trim();
|
|
118
|
+
}
|
|
119
|
+
sideEffecting[toolName] = policy;
|
|
120
|
+
}
|
|
121
|
+
return { defaultDeny, sideEffecting };
|
|
122
|
+
}
|
|
123
|
+
/** Validate registry document semantics before bind or smoke tests. */
|
|
124
|
+
export function validateAgentRegistryDocument(doc) {
|
|
125
|
+
const issues = [];
|
|
126
|
+
const version = typeof doc.version === "number" ? doc.version : null;
|
|
127
|
+
if (version !== null && version !== 1) {
|
|
128
|
+
issues.push({
|
|
129
|
+
code: "registry.unsupported_version",
|
|
130
|
+
message: `unsupported registry version ${version}; expected 1`,
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
const defaultDeny = Boolean(doc.default_deny ?? doc.defaultDeny ?? false);
|
|
134
|
+
if (defaultDeny) {
|
|
135
|
+
issues.push({
|
|
136
|
+
code: "registry.default_deny_documented",
|
|
137
|
+
message: "default_deny is enabled: every intent allowed operation must be registered as side-effecting",
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
const tools = doc.tools ?? {};
|
|
141
|
+
const operations = new Map();
|
|
142
|
+
let sideEffectingCount = 0;
|
|
143
|
+
for (const [toolName, entry] of Object.entries(tools)) {
|
|
144
|
+
if (!entry || typeof entry !== "object") {
|
|
145
|
+
issues.push({
|
|
146
|
+
code: "registry.invalid_tool_entry",
|
|
147
|
+
message: `tool "${toolName}" must be an object`,
|
|
148
|
+
tool: toolName,
|
|
149
|
+
});
|
|
150
|
+
continue;
|
|
151
|
+
}
|
|
152
|
+
if (!isSideEffecting(entry)) {
|
|
153
|
+
continue;
|
|
154
|
+
}
|
|
155
|
+
sideEffectingCount += 1;
|
|
156
|
+
const preset = evidencePreset(entry);
|
|
157
|
+
if (!preset) {
|
|
158
|
+
issues.push({
|
|
159
|
+
code: "registry.missing_evidence_preset",
|
|
160
|
+
message: `side-effecting tool "${toolName}" must declare evidence_preset`,
|
|
161
|
+
tool: toolName,
|
|
162
|
+
});
|
|
163
|
+
continue;
|
|
164
|
+
}
|
|
165
|
+
try {
|
|
166
|
+
getCompletionPreset(preset);
|
|
167
|
+
}
|
|
168
|
+
catch {
|
|
169
|
+
issues.push({
|
|
170
|
+
code: "registry.unknown_evidence_preset",
|
|
171
|
+
message: `tool "${toolName}" references unknown evidence_preset "${preset}" (catalog: ${listCompletionPresetIds().join(", ")})`,
|
|
172
|
+
tool: toolName,
|
|
173
|
+
});
|
|
174
|
+
}
|
|
175
|
+
const operation = (entry.operation?.trim() || toolName).trim();
|
|
176
|
+
const previous = operations.get(operation);
|
|
177
|
+
if (previous !== undefined && previous !== toolName) {
|
|
178
|
+
issues.push({
|
|
179
|
+
code: "registry.duplicate_operation",
|
|
180
|
+
message: `duplicate operation "${operation}" for tools "${previous}" and "${toolName}"`,
|
|
181
|
+
tool: toolName,
|
|
182
|
+
});
|
|
183
|
+
}
|
|
184
|
+
else {
|
|
185
|
+
operations.set(operation, toolName);
|
|
186
|
+
}
|
|
187
|
+
}
|
|
188
|
+
let registry;
|
|
189
|
+
if (issues.every((issue) => issue.code === "registry.default_deny_documented")) {
|
|
190
|
+
try {
|
|
191
|
+
registry = createPaybondToolRegistry(agentRegistryDocumentToConfig(doc));
|
|
192
|
+
}
|
|
193
|
+
catch (err) {
|
|
194
|
+
issues.push({
|
|
195
|
+
code: "registry.invalid_config",
|
|
196
|
+
message: err instanceof Error ? err.message : String(err),
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
}
|
|
200
|
+
const blocking = issues.filter((issue) => issue.code !== "registry.default_deny_documented");
|
|
201
|
+
return {
|
|
202
|
+
ok: blocking.length === 0,
|
|
203
|
+
version,
|
|
204
|
+
default_deny: defaultDeny,
|
|
205
|
+
tool_count: Object.keys(tools).length,
|
|
206
|
+
side_effecting_count: sideEffectingCount,
|
|
207
|
+
issues,
|
|
208
|
+
registry,
|
|
209
|
+
};
|
|
210
|
+
}
|
|
211
|
+
/** Build a single-tool registry for sandbox smoke when no registry file is supplied. */
|
|
212
|
+
export function buildSmokeRegistry(operation, evidencePresetId) {
|
|
213
|
+
return createPaybondToolRegistry({
|
|
214
|
+
defaultDeny: true,
|
|
215
|
+
sideEffecting: {
|
|
216
|
+
[operation]: { evidencePreset: evidencePresetId, operation },
|
|
217
|
+
},
|
|
218
|
+
});
|
|
219
|
+
}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { PaybondSideEffectingToolEntry, PaybondToolRegistryConfig, PaybondToolResolution } from "./types.js";
|
|
2
|
+
/**
|
|
3
|
+
* Registry of side-effecting tools for agent middleware.
|
|
4
|
+
* Read-only tools pass through without Harbor verify or evidence submission.
|
|
5
|
+
*/
|
|
6
|
+
export declare class PaybondToolRegistry {
|
|
7
|
+
readonly defaultDeny: boolean;
|
|
8
|
+
private readonly sideEffecting;
|
|
9
|
+
private readonly operations;
|
|
10
|
+
constructor(config: PaybondToolRegistryConfig);
|
|
11
|
+
/** Whether the tool is explicitly registered as side-effecting. */
|
|
12
|
+
isSideEffecting(toolName: string): boolean;
|
|
13
|
+
/** Resolve Harbor operation for a tool name (defaults to tool name). */
|
|
14
|
+
resolveOperation(toolName: string): string;
|
|
15
|
+
/** Resolve requested spend cents for a registered side-effecting tool. */
|
|
16
|
+
resolveSpendCents(toolName: string, args: unknown): number | undefined;
|
|
17
|
+
/** Lookup side-effecting entry by tool name. */
|
|
18
|
+
getSideEffectingEntry(toolName: string): PaybondSideEffectingToolEntry | undefined;
|
|
19
|
+
/** Registered side-effecting tool names. */
|
|
20
|
+
sideEffectingToolNames(): string[];
|
|
21
|
+
/** Registered Harbor operations for side-effecting tools. */
|
|
22
|
+
sideEffectingOperations(): string[];
|
|
23
|
+
/**
|
|
24
|
+
* Classify a tool call for interceptor routing.
|
|
25
|
+
* When `defaultDeny` is true, unregistered tools whose operation is in `allowedTools` are denied.
|
|
26
|
+
*/
|
|
27
|
+
resolveTool(toolName: string, options?: {
|
|
28
|
+
allowedTools?: readonly string[];
|
|
29
|
+
}): PaybondToolResolution;
|
|
30
|
+
/**
|
|
31
|
+
* Bind-time validation: when `defaultDeny` is enabled, every intent allowed operation
|
|
32
|
+
* must have a registered side-effecting tool entry.
|
|
33
|
+
*/
|
|
34
|
+
validateForBind(allowedTools: readonly string[]): void;
|
|
35
|
+
}
|
|
36
|
+
/** Create a validated tool registry for agent middleware. */
|
|
37
|
+
export declare function createPaybondToolRegistry(config: PaybondToolRegistryConfig): PaybondToolRegistry;
|
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
import { getCompletionPreset } from "../completion-catalog.js";
|
|
2
|
+
import { PaybondToolRegistryValidationError, } from "./types.js";
|
|
3
|
+
function normalizeSideEffecting(sideEffecting) {
|
|
4
|
+
const entries = new Map();
|
|
5
|
+
const operations = new Map();
|
|
6
|
+
for (const [toolName, policy] of Object.entries(sideEffecting)) {
|
|
7
|
+
if (!toolName.trim()) {
|
|
8
|
+
throw new PaybondToolRegistryValidationError("side-effecting tool name must be non-empty");
|
|
9
|
+
}
|
|
10
|
+
const evidencePreset = policy.evidencePreset?.trim();
|
|
11
|
+
if (!evidencePreset) {
|
|
12
|
+
throw new PaybondToolRegistryValidationError(`side-effecting tool "${toolName}" must declare evidencePreset`);
|
|
13
|
+
}
|
|
14
|
+
try {
|
|
15
|
+
getCompletionPreset(evidencePreset);
|
|
16
|
+
}
|
|
17
|
+
catch {
|
|
18
|
+
throw new PaybondToolRegistryValidationError(`side-effecting tool "${toolName}" references unknown evidencePreset "${evidencePreset}"`);
|
|
19
|
+
}
|
|
20
|
+
const operation = (policy.operation?.trim() || toolName).trim();
|
|
21
|
+
if (!operation) {
|
|
22
|
+
throw new PaybondToolRegistryValidationError(`side-effecting tool "${toolName}" must resolve to a non-empty operation`);
|
|
23
|
+
}
|
|
24
|
+
const previousTool = operations.get(operation);
|
|
25
|
+
if (previousTool !== undefined && previousTool !== toolName) {
|
|
26
|
+
throw new PaybondToolRegistryValidationError(`duplicate side-effecting operation "${operation}" for tools "${previousTool}" and "${toolName}"`);
|
|
27
|
+
}
|
|
28
|
+
operations.set(operation, toolName);
|
|
29
|
+
entries.set(toolName, {
|
|
30
|
+
toolName,
|
|
31
|
+
operation,
|
|
32
|
+
spendCents: policy.spendCents,
|
|
33
|
+
evidencePreset,
|
|
34
|
+
evidenceMapper: policy.evidenceMapper,
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
return entries;
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Registry of side-effecting tools for agent middleware.
|
|
41
|
+
* Read-only tools pass through without Harbor verify or evidence submission.
|
|
42
|
+
*/
|
|
43
|
+
export class PaybondToolRegistry {
|
|
44
|
+
defaultDeny;
|
|
45
|
+
sideEffecting;
|
|
46
|
+
operations;
|
|
47
|
+
constructor(config) {
|
|
48
|
+
this.defaultDeny = config.defaultDeny ?? false;
|
|
49
|
+
this.sideEffecting = normalizeSideEffecting(config.sideEffecting ?? {});
|
|
50
|
+
this.operations = new Set([...this.sideEffecting.values()].map((entry) => entry.operation));
|
|
51
|
+
}
|
|
52
|
+
/** Whether the tool is explicitly registered as side-effecting. */
|
|
53
|
+
isSideEffecting(toolName) {
|
|
54
|
+
return this.sideEffecting.has(toolName);
|
|
55
|
+
}
|
|
56
|
+
/** Resolve Harbor operation for a tool name (defaults to tool name). */
|
|
57
|
+
resolveOperation(toolName) {
|
|
58
|
+
return this.sideEffecting.get(toolName)?.operation ?? toolName;
|
|
59
|
+
}
|
|
60
|
+
/** Resolve requested spend cents for a registered side-effecting tool. */
|
|
61
|
+
resolveSpendCents(toolName, args) {
|
|
62
|
+
const entry = this.sideEffecting.get(toolName);
|
|
63
|
+
if (!entry?.spendCents) {
|
|
64
|
+
return undefined;
|
|
65
|
+
}
|
|
66
|
+
if (typeof entry.spendCents === "number") {
|
|
67
|
+
return entry.spendCents;
|
|
68
|
+
}
|
|
69
|
+
return entry.spendCents(args);
|
|
70
|
+
}
|
|
71
|
+
/** Lookup side-effecting entry by tool name. */
|
|
72
|
+
getSideEffectingEntry(toolName) {
|
|
73
|
+
return this.sideEffecting.get(toolName);
|
|
74
|
+
}
|
|
75
|
+
/** Registered side-effecting tool names. */
|
|
76
|
+
sideEffectingToolNames() {
|
|
77
|
+
return [...this.sideEffecting.keys()];
|
|
78
|
+
}
|
|
79
|
+
/** Registered Harbor operations for side-effecting tools. */
|
|
80
|
+
sideEffectingOperations() {
|
|
81
|
+
return [...this.operations];
|
|
82
|
+
}
|
|
83
|
+
/**
|
|
84
|
+
* Classify a tool call for interceptor routing.
|
|
85
|
+
* When `defaultDeny` is true, unregistered tools whose operation is in `allowedTools` are denied.
|
|
86
|
+
*/
|
|
87
|
+
resolveTool(toolName, options) {
|
|
88
|
+
const entry = this.sideEffecting.get(toolName);
|
|
89
|
+
if (entry) {
|
|
90
|
+
return {
|
|
91
|
+
kind: "side_effecting",
|
|
92
|
+
toolName,
|
|
93
|
+
operation: entry.operation,
|
|
94
|
+
entry,
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
const operation = this.resolveOperation(toolName);
|
|
98
|
+
if (this.defaultDeny &&
|
|
99
|
+
options?.allowedTools !== undefined &&
|
|
100
|
+
options.allowedTools.includes(operation)) {
|
|
101
|
+
return {
|
|
102
|
+
kind: "denied",
|
|
103
|
+
toolName,
|
|
104
|
+
operation,
|
|
105
|
+
reason: "unregistered_side_effecting",
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
return { kind: "passthrough", toolName };
|
|
109
|
+
}
|
|
110
|
+
/**
|
|
111
|
+
* Bind-time validation: when `defaultDeny` is enabled, every intent allowed operation
|
|
112
|
+
* must have a registered side-effecting tool entry.
|
|
113
|
+
*/
|
|
114
|
+
validateForBind(allowedTools) {
|
|
115
|
+
if (!this.defaultDeny) {
|
|
116
|
+
return;
|
|
117
|
+
}
|
|
118
|
+
for (const operation of allowedTools) {
|
|
119
|
+
if (!this.operations.has(operation)) {
|
|
120
|
+
throw new PaybondToolRegistryValidationError(`defaultDeny: operation "${operation}" is in intent allowedTools but not registered as side-effecting`);
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
/** Create a validated tool registry for agent middleware. */
|
|
126
|
+
export function createPaybondToolRegistry(config) {
|
|
127
|
+
return new PaybondToolRegistry(config);
|
|
128
|
+
}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
import { PaybondToolInterceptor } from "./interceptor.js";
|
|
2
|
+
import { PaybondToolRegistry } from "./registry.js";
|
|
3
|
+
import { PaybondRunBinding, PaybondAgentRunBindInput, PaybondRunGuard } from "./types.js";
|
|
4
|
+
import type { PaybondPolicySnapshot } from "../policy/snapshot.js";
|
|
5
|
+
import { type PaybondPolicyReloadFailedEvent, type PaybondPolicyReloadOptions, type PaybondPolicyReloadedEvent, type PaybondPolicyReloadResult } from "../policy/reload.js";
|
|
6
|
+
type SandboxBootstrapResult = {
|
|
7
|
+
tenant_id: string;
|
|
8
|
+
intent_id: string;
|
|
9
|
+
capability_token: string;
|
|
10
|
+
operation: string;
|
|
11
|
+
requested_spend_cents: number;
|
|
12
|
+
sandbox_lifecycle_status: string;
|
|
13
|
+
};
|
|
14
|
+
type SandboxGuardrailEvidenceResult = {
|
|
15
|
+
tenant_id: string;
|
|
16
|
+
intent_id: string;
|
|
17
|
+
sandbox_lifecycle_status: string;
|
|
18
|
+
predicate_passed?: boolean | null;
|
|
19
|
+
};
|
|
20
|
+
export type PaybondSubmitProductionEvidenceInput = {
|
|
21
|
+
intentId: string;
|
|
22
|
+
payload: Record<string, unknown>;
|
|
23
|
+
vendorPayload?: Record<string, unknown>;
|
|
24
|
+
operation: string;
|
|
25
|
+
requestedSpendCents: number;
|
|
26
|
+
idempotencyKey: string;
|
|
27
|
+
};
|
|
28
|
+
type AgentRunHarbor = {
|
|
29
|
+
tenantId: string;
|
|
30
|
+
getIntent(intentId: string): Promise<Record<string, unknown>>;
|
|
31
|
+
submitEvidence(intentId: string, evidenceBody: Record<string, unknown>, options: {
|
|
32
|
+
idempotencyKey?: string;
|
|
33
|
+
recognitionProof: Record<string, unknown>;
|
|
34
|
+
}): Promise<Record<string, unknown>>;
|
|
35
|
+
};
|
|
36
|
+
type AgentRunGuardrails = {
|
|
37
|
+
bootstrapSandbox(input: {
|
|
38
|
+
operation: string;
|
|
39
|
+
requestedSpendCents: number;
|
|
40
|
+
currency?: string;
|
|
41
|
+
evidenceSchema?: Record<string, unknown>;
|
|
42
|
+
metadata?: Record<string, unknown>;
|
|
43
|
+
idempotencyKey?: string;
|
|
44
|
+
completionPreset?: string;
|
|
45
|
+
templateId?: string;
|
|
46
|
+
parameters?: Record<string, unknown>;
|
|
47
|
+
}): Promise<SandboxBootstrapResult>;
|
|
48
|
+
submitSandboxEvidence(input: {
|
|
49
|
+
intentId: string;
|
|
50
|
+
payload?: Record<string, unknown>;
|
|
51
|
+
vendorPayload?: Record<string, unknown>;
|
|
52
|
+
operation?: string;
|
|
53
|
+
requestedSpendCents?: number;
|
|
54
|
+
metadata?: Record<string, unknown>;
|
|
55
|
+
idempotencyKey?: string;
|
|
56
|
+
}): Promise<SandboxGuardrailEvidenceResult>;
|
|
57
|
+
};
|
|
58
|
+
/** Minimal Paybond session surface required to bind an agent run. */
|
|
59
|
+
export type PaybondAgentRunHost = {
|
|
60
|
+
harbor: AgentRunHarbor;
|
|
61
|
+
guardrails: AgentRunGuardrails;
|
|
62
|
+
spendGuard(intentId: string, capabilityToken: string): PaybondRunGuard;
|
|
63
|
+
};
|
|
64
|
+
type PolicyReloadEventMap = {
|
|
65
|
+
policyReloaded: PaybondPolicyReloadedEvent;
|
|
66
|
+
policyReloadFailed: PaybondPolicyReloadFailedEvent;
|
|
67
|
+
};
|
|
68
|
+
/**
|
|
69
|
+
* Run-scoped agent middleware context for one agent task.
|
|
70
|
+
* Bind once per run; do not share across concurrent agent tasks.
|
|
71
|
+
*/
|
|
72
|
+
export declare class PaybondAgentRun {
|
|
73
|
+
private _currentSnapshot?;
|
|
74
|
+
readonly binding: PaybondRunBinding;
|
|
75
|
+
readonly interceptor: PaybondToolInterceptor;
|
|
76
|
+
readonly policyFilePath?: string;
|
|
77
|
+
private reloadController?;
|
|
78
|
+
private readonly approvalTokens;
|
|
79
|
+
private readonly listeners;
|
|
80
|
+
private constructor();
|
|
81
|
+
/** Start file watcher and/or Gateway poll reload (called from bind when `reload` is set). */
|
|
82
|
+
startPolicyReload(config: import("../policy/reload.js").PaybondPolicyReloadBindConfig): void;
|
|
83
|
+
/** Active policy snapshot for this run (undefined when bind omitted policy tracking). */
|
|
84
|
+
get currentSnapshot(): PaybondPolicySnapshot | undefined;
|
|
85
|
+
/** `sha256:<hex>` digest of the active policy snapshot, when tracked. */
|
|
86
|
+
get policyDigest(): string | undefined;
|
|
87
|
+
/** `{policy_name}@{digest_short}` version label of the active snapshot. */
|
|
88
|
+
get policyVersion(): string | undefined;
|
|
89
|
+
/** RFC3339 timestamp when the active policy snapshot was loaded. */
|
|
90
|
+
get policyLoadedAt(): string | undefined;
|
|
91
|
+
/** Active in-flight authorize/execute cycles (blocks policy reload until zero). */
|
|
92
|
+
get inFlightCount(): number;
|
|
93
|
+
get runId(): string;
|
|
94
|
+
get tenantId(): string;
|
|
95
|
+
get intentId(): string;
|
|
96
|
+
get capabilityToken(): string;
|
|
97
|
+
get guard(): PaybondRunGuard;
|
|
98
|
+
get registry(): PaybondToolRegistry;
|
|
99
|
+
get allowedTools(): readonly string[];
|
|
100
|
+
/** Subscribe to policy reload lifecycle events. */
|
|
101
|
+
on<K extends keyof PolicyReloadEventMap>(event: K, listener: (payload: PolicyReloadEventMap[K]) => void): void;
|
|
102
|
+
/** Unsubscribe from policy reload lifecycle events. */
|
|
103
|
+
off<K extends keyof PolicyReloadEventMap>(event: K, listener: (payload: PolicyReloadEventMap[K]) => void): void;
|
|
104
|
+
private emit;
|
|
105
|
+
/** Atomically swap registry and snapshot on the run binding (Tier 7 hot-reload). */
|
|
106
|
+
applyPolicySnapshot(snapshot: PaybondPolicySnapshot): void;
|
|
107
|
+
/** Reload policy from disk or Gateway effective resolution without re-binding the run. */
|
|
108
|
+
reloadPolicy(options?: PaybondPolicyReloadOptions): Promise<PaybondPolicyReloadResult>;
|
|
109
|
+
/** Stop background reload watchers started at bind time. */
|
|
110
|
+
stopPolicyReload(): void;
|
|
111
|
+
/** Store an operator approval token for retry after a Harbor approval hold. */
|
|
112
|
+
storeApprovalToken(toolCallId: string, token: string): void;
|
|
113
|
+
/** Read a stored approval token for a tool call retry. */
|
|
114
|
+
getApprovalToken(toolCallId: string): string | undefined;
|
|
115
|
+
/** Bind a run-scoped middleware context via sandbox bootstrap or attach. */
|
|
116
|
+
static bind(paybond: PaybondAgentRunHost, input: PaybondAgentRunBindInput): Promise<PaybondAgentRun>;
|
|
117
|
+
}
|
|
118
|
+
/** Facade exposed as `paybond.agentRun`. */
|
|
119
|
+
export declare class PaybondAgentRunFacade {
|
|
120
|
+
private readonly paybond;
|
|
121
|
+
constructor(paybond: PaybondAgentRunHost);
|
|
122
|
+
bind(input: PaybondAgentRunBindInput): Promise<PaybondAgentRun>;
|
|
123
|
+
}
|
|
124
|
+
export {};
|