@poncho-ai/harness 0.35.0 → 0.36.1

package/dist/isolate-TCWTUVG4.js

@@ -0,0 +1,1532 @@
+// src/isolate/run-code-tool.ts
+import { defineTool } from "@poncho-ai/sdk";
+
+// src/isolate/runtime.ts
+var ivmModule;
+async function loadIvm() {
+  if (ivmModule) return ivmModule;
+  try {
+    const mod = await import("isolated-vm");
+    ivmModule = mod.default ?? mod;
+    return ivmModule;
+  } catch {
+    throw new Error(
+      "Code execution requires isolated-vm. Run: pnpm add isolated-vm"
+    );
+  }
+}
+function buildRuntimePreamble() {
+  return `
+// --- console capture ---
+const __stdout = [];
+const __stderr = [];
+let __outputBytes = 0;
+const __outputLimit = typeof __OUTPUT_LIMIT === "number" ? __OUTPUT_LIMIT : 65536;
+
+function __serialize(v) {
+  if (typeof v === "string") return v;
+  try {
+    const seen = new WeakSet();
+    return JSON.stringify(v, function(_k, val) {
+      if (typeof val === "object" && val !== null) {
+        if (seen.has(val)) return "[Circular]";
+        seen.add(val);
+      }
+      return val;
+    }, 2);
+  } catch { return String(v); }
+}
+
+function __capture(arr, args) {
+  const line = Array.from(args).map(__serialize).join(" ");
+  const bytes = line.length;
+  if (__outputBytes + bytes > __outputLimit) {
+    arr.push("[output truncated at " + __outputLimit + " bytes]");
+    __outputBytes = __outputLimit;
+    return;
+  }
+  __outputBytes += bytes;
+  arr.push(line);
+}
+
+const console = {
+  log:   function() { __capture(__stdout, arguments); },
+  info:  function() { __capture(__stdout, arguments); },
+  warn:  function() { __capture(__stderr, arguments); },
+  error: function() { __capture(__stderr, arguments); },
+  debug: function() { __capture(__stdout, arguments); },
+};
+`;
+}
+function createIsolateRuntime(config) {
+  return {
+    async execute(code, bindings, preamble, signal, polyfillPreamble) {
+      const ivm = await loadIvm();
+      const isolate = new ivm.Isolate({
+        memoryLimit: config.memoryLimit
+      });
+      let abortHandler;
+      let aborted = false;
+      if (signal) {
+        if (signal.aborted) {
+          isolate.dispose();
+          return {
+            stdout: "",
+            stderr: "",
+            error: { message: "Execution cancelled", name: "AbortError" },
+            executionTimeMs: 0
+          };
+        }
+        abortHandler = () => {
+          aborted = true;
+          isolate.dispose();
+        };
+        signal.addEventListener("abort", abortHandler, { once: true });
+      }
+      const t0 = performance.now();
+      let context;
+      try {
+        context = await isolate.createContext();
+        const jail = context.global;
+        jail.setSync("__OUTPUT_LIMIT", config.outputLimit);
+        const bindingNames = Object.keys(bindings);
+        const wrapperDecls = [];
+        for (const name of bindingNames) {
+          const binding = bindings[name];
+          const ref = new ivm.Reference(async (inputJson) => {
+            const input = JSON.parse(inputJson);
+            const result2 = await binding.handler(input);
+            return JSON.stringify(result2 ?? null);
+          });
+          jail.setSync(`__binding_${name}`, ref);
+          wrapperDecls.push(
+            `async function ${name}(input) {
+  const raw = await __binding_${name}.apply(undefined, [JSON.stringify(input)], { result: { promise: true, copy: true } });
+  return JSON.parse(raw);
+}`
+          );
+        }
+        const runtimePreamble = buildRuntimePreamble() + "\n" + wrapperDecls.join("\n");
+        await context.eval(runtimePreamble, { filename: "<runtime>" });
+        if (polyfillPreamble) {
+          await context.eval(polyfillPreamble, { filename: "<polyfills>" });
+        }
+        if (preamble) {
+          await context.eval(preamble, { filename: "<libraries>" });
+        }
+        const wrapped = `(async () => {
+${code}
+})()`;
+        const rawResult = await context.eval(wrapped, {
+          filename: "<user-code>",
+          promise: true,
+          copy: true,
+          timeout: config.timeout
+        });
+        const stdout = await context.eval("__stdout.join('\\n')", { copy: true });
+        const stderr = await context.eval("__stderr.join('\\n')", { copy: true });
+        let result;
+        try {
+          result = rawResult === void 0 || rawResult === null ? rawResult : JSON.parse(JSON.stringify(rawResult));
+        } catch {
+          result = void 0;
+        }
+        return {
+          result,
+          stdout,
+          stderr,
+          executionTimeMs: performance.now() - t0
+        };
+      } catch (err) {
+        const elapsed = performance.now() - t0;
+        if (aborted) {
+          return {
+            stdout: "",
+            stderr: "",
+            error: { message: "Execution cancelled", name: "AbortError" },
+            executionTimeMs: elapsed
+          };
+        }
+        let stdout = "";
+        let stderr = "";
+        if (context) {
+          try {
+            stdout = await context.eval("__stdout.join('\\n')", { copy: true });
+            stderr = await context.eval("__stderr.join('\\n')", { copy: true });
+          } catch {
+          }
+        }
+        const error = err instanceof Error ? err : new Error(String(err));
+        const parsed = parseV8Error(error);
+        return {
+          stdout,
+          stderr,
+          error: parsed,
+          executionTimeMs: elapsed
+        };
+      } finally {
+        if (abortHandler && signal) {
+          signal.removeEventListener("abort", abortHandler);
+        }
+        try {
+          isolate.dispose();
+        } catch {
+        }
+      }
+    }
+  };
+}
+function parseV8Error(error) {
+  const result = {
+    message: error.message,
+    name: error.name
+  };
+  const match = error.stack?.match(/<user-code>:(\d+):(\d+)/);
+  if (match) {
+    const rawLine = parseInt(match[1], 10);
+    result.line = Math.max(1, rawLine - 1);
+    result.column = parseInt(match[2], 10);
+  }
+  return result;
+}
+
+// src/isolate/bindings.ts
+function createVfsBindings(adapter) {
+  return {
+    __poncho_fs_read: {
+      description: "Read a text file from the VFS",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        return await adapter.readFile(input.path);
+      }
+    },
+    __poncho_fs_write: {
+      description: "Write a text file to the VFS",
+      inputSchema: {
+        type: "object",
+        properties: {
+          path: { type: "string" },
+          content: { type: "string" }
+        },
+        required: ["path", "content"]
+      },
+      handler: async (input) => {
+        await adapter.writeFile(input.path, input.content);
+      }
+    },
+    __poncho_fs_read_binary: {
+      description: "Read a binary file (returns base64)",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        const buf = await adapter.readFileBuffer(input.path);
+        return Buffer.from(buf).toString("base64");
+      }
+    },
+    __poncho_fs_write_binary: {
+      description: "Write a binary file (content is base64)",
+      inputSchema: {
+        type: "object",
+        properties: {
+          path: { type: "string" },
+          content: { type: "string" }
+        },
+        required: ["path", "content"]
+      },
+      handler: async (input) => {
+        const buf = Buffer.from(input.content, "base64");
+        await adapter.writeFile(input.path, buf);
+      }
+    },
+    __poncho_fs_list: {
+      description: "List directory entries",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        return await adapter.readdir(input.path);
+      }
+    },
+    __poncho_fs_exists: {
+      description: "Check if path exists",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        return await adapter.exists(input.path);
+      }
+    },
+    __poncho_fs_delete: {
+      description: "Delete a file or directory",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        await adapter.rm(input.path, { force: true });
+      }
+    },
+    __poncho_fs_mkdir: {
+      description: "Create a directory (recursive)",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        await adapter.mkdir(input.path, { recursive: true });
+      }
+    },
+    __poncho_fs_stat: {
+      description: "Get file metadata",
+      inputSchema: {
+        type: "object",
+        properties: { path: { type: "string" } },
+        required: ["path"]
+      },
+      handler: async (input) => {
+        const stat = await adapter.stat(input.path);
+        return {
+          isFile: stat.isFile,
+          isDirectory: stat.isDirectory,
+          size: stat.size,
+          mtime: stat.mtime.toISOString()
+        };
+      }
+    }
+  };
+}
+function createFetchBinding(allowedDomains, network) {
+  const allowAll = network?.dangerouslyAllowAll === true;
+  const domainSet = new Set(allowedDomains.map((d) => d.toLowerCase()));
+  return {
+    description: "Internal fetch binding",
+    inputSchema: {
+      type: "object",
+      properties: {
+        url: { type: "string" },
+        method: { type: "string" },
+        headers: { type: "object", additionalProperties: { type: "string" } },
+        body: { type: "string" },
+        binary: { type: "boolean" }
+      },
+      required: ["url"]
+    },
+    handler: async (input) => {
+      const url = new URL(input.url);
+      if (!allowAll && !domainSet.has(url.hostname.toLowerCase())) {
+        throw new Error(
+          `Fetch blocked: domain "${url.hostname}" is not in the allowed list [${allowedDomains.join(", ")}]`
+        );
+      }
+      const resp = await fetch(input.url, {
+        method: input.method ?? "GET",
+        headers: input.headers ?? void 0,
+        body: input.body ?? void 0,
+        redirect: "follow"
+      });
+      const headers = {};
+      resp.headers.forEach((v, k) => {
+        headers[k] = v;
+      });
+      if (input.binary) {
+        const buf = await resp.arrayBuffer();
+        const base64 = Buffer.from(buf).toString("base64");
+        return { status: resp.status, statusText: resp.statusText, headers, body: base64, encoding: "base64" };
+      }
+      const body = await resp.text();
+      return { status: resp.status, statusText: resp.statusText, headers, body };
+    }
+  };
+}
+function mergeBuilderBindings(configBindings) {
+  return { ...configBindings };
+}
+
+// src/isolate/polyfills.ts
+function buildPolyfillPreamble(hasNetwork) {
+  return [
+    POLYFILL_TEXT_ENCODING,
+    POLYFILL_ATOB_BTOA,
+    POLYFILL_BUFFER,
+    POLYFILL_PATH,
+    POLYFILL_FS,
+    hasNetwork ? POLYFILL_FETCH : POLYFILL_FETCH_STUB,
+    POLYFILL_TIMERS,
+    POLYFILL_CRYPTO,
+    POLYFILL_CONSOLE_EXTRAS,
+    POLYFILL_BLOB,
+    POLYFILL_STRUCTUREDCLONE
+  ].join("\n\n");
+}
+var POLYFILL_TEXT_ENCODING = `
+// --- TextEncoder / TextDecoder polyfill ---
+(function() {
+  if (typeof globalThis.TextEncoder === "undefined") {
+    globalThis.TextEncoder = class TextEncoder {
+      encode(str) {
+        str = String(str);
+        const buf = [];
+        for (let i = 0; i < str.length; i++) {
+          let code = str.charCodeAt(i);
+          if (code < 0x80) {
+            buf.push(code);
+          } else if (code < 0x800) {
+            buf.push(0xC0 | (code >> 6), 0x80 | (code & 0x3F));
+          } else if (code >= 0xD800 && code <= 0xDBFF && i + 1 < str.length) {
+            const next = str.charCodeAt(i + 1);
+            if (next >= 0xDC00 && next <= 0xDFFF) {
+              code = ((code - 0xD800) << 10) + (next - 0xDC00) + 0x10000;
+              i++;
+              buf.push(0xF0 | (code >> 18), 0x80 | ((code >> 12) & 0x3F), 0x80 | ((code >> 6) & 0x3F), 0x80 | (code & 0x3F));
+            }
+          } else {
+            buf.push(0xE0 | (code >> 12), 0x80 | ((code >> 6) & 0x3F), 0x80 | (code & 0x3F));
+          }
+        }
+        return new Uint8Array(buf);
+      }
+    };
+  }
+
+  if (typeof globalThis.TextDecoder === "undefined") {
+    globalThis.TextDecoder = class TextDecoder {
+      decode(input) {
+        if (!input || input.length === 0) return "";
+        const bytes = input instanceof Uint8Array ? input : new Uint8Array(input);
+        let result = "";
+        for (let i = 0; i < bytes.length;) {
+          const b = bytes[i];
+          if (b < 0x80) {
+            result += String.fromCharCode(b);
+            i++;
+          } else if ((b & 0xE0) === 0xC0) {
+            result += String.fromCharCode(((b & 0x1F) << 6) | (bytes[i + 1] & 0x3F));
+            i += 2;
+          } else if ((b & 0xF0) === 0xE0) {
+            result += String.fromCharCode(((b & 0x0F) << 12) | ((bytes[i + 1] & 0x3F) << 6) | (bytes[i + 2] & 0x3F));
+            i += 3;
+          } else if ((b & 0xF8) === 0xF0) {
+            const code = ((b & 0x07) << 18) | ((bytes[i + 1] & 0x3F) << 12) | ((bytes[i + 2] & 0x3F) << 6) | (bytes[i + 3] & 0x3F);
+            const adjusted = code - 0x10000;
+            result += String.fromCharCode(0xD800 + (adjusted >> 10), 0xDC00 + (adjusted & 0x3FF));
+            i += 4;
+          } else {
+            result += "\\uFFFD";
+            i++;
+          }
+        }
+        return result;
+      }
+    };
+  }
+})();
+`;
+var POLYFILL_BUFFER = `
+// --- Buffer polyfill ---
+(function() {
+  if (typeof globalThis.Buffer !== "undefined") return;
+
+  class Buffer extends Uint8Array {
+    static from(input, encodingOrOffset, length) {
+      if (typeof input === "string") {
+        const encoding = (encodingOrOffset || "utf-8").toLowerCase();
+        if (encoding === "base64") {
+          const bin = atob(input);
+          const arr = new Uint8Array(bin.length);
+          for (let i = 0; i < bin.length; i++) arr[i] = bin.charCodeAt(i);
+          return Object.setPrototypeOf(arr, Buffer.prototype);
+        }
+        if (encoding === "hex") {
+          const arr = new Uint8Array(input.length / 2);
+          for (let i = 0; i < input.length; i += 2)
+            arr[i / 2] = parseInt(input.slice(i, i + 2), 16);
+          return Object.setPrototypeOf(arr, Buffer.prototype);
+        }
+        // utf-8 default
+        const encoded = new TextEncoder().encode(input);
+        return Object.setPrototypeOf(encoded, Buffer.prototype);
+      }
+      if (input instanceof ArrayBuffer) {
+        const arr = new Uint8Array(input, encodingOrOffset, length);
+        return Object.setPrototypeOf(arr, Buffer.prototype);
+      }
+      if (ArrayBuffer.isView(input)) {
+        const arr = new Uint8Array(input.buffer, input.byteOffset, input.byteLength);
+        return Object.setPrototypeOf(arr, Buffer.prototype);
+      }
+      if (Array.isArray(input)) {
+        const arr = new Uint8Array(input);
+        return Object.setPrototypeOf(arr, Buffer.prototype);
+      }
+      throw new TypeError("Buffer.from: unsupported input type");
+    }
+
+    static alloc(size, fill) {
+      const arr = new Uint8Array(size);
+      if (fill !== undefined) {
+        const fillByte = typeof fill === "number" ? fill : (typeof fill === "string" ? fill.charCodeAt(0) : 0);
+        arr.fill(fillByte);
+      }
+      return Object.setPrototypeOf(arr, Buffer.prototype);
+    }
+
+    static allocUnsafe(size) { return Buffer.alloc(size); }
+
+    static concat(list, totalLength) {
+      if (!totalLength) totalLength = list.reduce((s, b) => s + b.length, 0);
+      const result = Buffer.alloc(totalLength);
+      let offset = 0;
+      for (const buf of list) {
+        result.set(buf, offset);
+        offset += buf.length;
+      }
+      return result;
+    }
+
+    static isBuffer(obj) { return obj instanceof Buffer || obj instanceof Uint8Array; }
+
+    toString(encoding) {
+      encoding = (encoding || "utf-8").toLowerCase();
+      if (encoding === "base64") {
+        let bin = "";
+        for (let i = 0; i < this.length; i++) bin += String.fromCharCode(this[i]);
+        return btoa(bin);
+      }
+      if (encoding === "hex") {
+        return Array.from(this).map(b => b.toString(16).padStart(2, "0")).join("");
+      }
+      return new TextDecoder().decode(this);
+    }
+
+    toJSON() {
+      return { type: "Buffer", data: Array.from(this) };
+    }
+
+    write(string, offset, length, encoding) {
+      offset = offset || 0;
+      const encoded = Buffer.from(string, encoding || "utf-8");
+      const bytesToCopy = Math.min(encoded.length, length || this.length - offset);
+      this.set(encoded.subarray(0, bytesToCopy), offset);
+      return bytesToCopy;
+    }
+
+    copy(target, targetStart, sourceStart, sourceEnd) {
+      targetStart = targetStart || 0;
+      sourceStart = sourceStart || 0;
+      sourceEnd = sourceEnd || this.length;
+      const slice = this.subarray(sourceStart, sourceEnd);
+      target.set(slice, targetStart);
+      return slice.length;
+    }
+
+    equals(other) {
+      if (this.length !== other.length) return false;
+      for (let i = 0; i < this.length; i++) {
+        if (this[i] !== other[i]) return false;
+      }
+      return true;
+    }
+
+    slice(start, end) {
+      const sliced = Uint8Array.prototype.slice.call(this, start, end);
+      return Object.setPrototypeOf(sliced, Buffer.prototype);
+    }
+  }
+
+  globalThis.Buffer = Buffer;
+})();
+`;
+var POLYFILL_ATOB_BTOA = `
+// --- atob / btoa polyfill ---
+(function() {
+  const B64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+  const B64_LOOKUP = new Uint8Array(128);
+  for (let i = 0; i < B64.length; i++) B64_LOOKUP[B64.charCodeAt(i)] = i;
+
+  if (typeof globalThis.atob === "undefined") {
+    globalThis.atob = function(input) {
+      input = String(input).replace(/[\\s=]+/g, "");
+      let output = "";
+      let bits = 0, collected = 0;
+      for (let i = 0; i < input.length; i++) {
+        bits = (bits << 6) | B64_LOOKUP[input.charCodeAt(i)];
+        collected += 6;
+        if (collected >= 8) {
+          collected -= 8;
+          output += String.fromCharCode((bits >> collected) & 0xFF);
+        }
+      }
+      return output;
+    };
+  }
+
+  if (typeof globalThis.btoa === "undefined") {
+    globalThis.btoa = function(input) {
+      input = String(input);
+      let output = "";
+      for (let i = 0; i < input.length; i += 3) {
+        const a = input.charCodeAt(i);
+        const b = i + 1 < input.length ? input.charCodeAt(i + 1) : 0;
+        const c = i + 2 < input.length ? input.charCodeAt(i + 2) : 0;
+        output += B64[a >> 2];
+        output += B64[((a & 3) << 4) | (b >> 4)];
+        output += i + 1 < input.length ? B64[((b & 15) << 2) | (c >> 6)] : "=";
+        output += i + 2 < input.length ? B64[c & 63] : "=";
+      }
+      return output;
+    };
+  }
+})();
+`;
+var POLYFILL_PATH = `
+// --- path module polyfill ---
+(function() {
+  const path = {
+    sep: "/",
+    join: function() {
+      const parts = Array.from(arguments).filter(Boolean);
+      return path.normalize(parts.join("/"));
+    },
+    resolve: function() {
+      let resolved = "";
+      for (let i = arguments.length - 1; i >= 0; i--) {
+        const part = arguments[i];
+        if (!part) continue;
+        resolved = part + (resolved ? "/" + resolved : "");
+        if (part.startsWith("/")) break;
+      }
+      return path.normalize(resolved.startsWith("/") ? resolved : "/" + resolved);
+    },
+    normalize: function(p) {
+      const parts = p.split("/");
+      const result = [];
+      for (const part of parts) {
+        if (part === "." || part === "") continue;
+        if (part === ".." && result.length > 0 && result[result.length - 1] !== "..") {
+          result.pop();
+        } else {
+          result.push(part);
+        }
+      }
+      return (p.startsWith("/") ? "/" : "") + result.join("/");
+    },
+    basename: function(p, ext) {
+      const base = p.split("/").filter(Boolean).pop() || "";
+      if (ext && base.endsWith(ext)) return base.slice(0, -ext.length);
+      return base;
+    },
+    dirname: function(p) {
+      const parts = p.split("/").filter(Boolean);
+      parts.pop();
+      return (p.startsWith("/") ? "/" : "") + parts.join("/") || ".";
+    },
+    extname: function(p) {
+      const base = path.basename(p);
+      const dot = base.lastIndexOf(".");
+      return dot > 0 ? base.slice(dot) : "";
+    },
+    isAbsolute: function(p) { return p.startsWith("/"); },
+    parse: function(p) {
+      return {
+        root: p.startsWith("/") ? "/" : "",
+        dir: path.dirname(p),
+        base: path.basename(p),
+        ext: path.extname(p),
+        name: path.basename(p, path.extname(p)),
+      };
+    },
+  };
+  globalThis.__modules = globalThis.__modules || {};
+  globalThis.__modules.path = path;
+  globalThis.path = path;
+})();
+`;
+var POLYFILL_FS = `
+// --- fs module polyfill ---
+(function() {
+  function _b64ToUint8(b64) {
+    const bin = atob(b64);
+    const arr = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++) arr[i] = bin.charCodeAt(i);
+    return arr;
+  }
+
+  function _uint8ToB64(u8) {
+    let bin = "";
+    for (let i = 0; i < u8.length; i++) bin += String.fromCharCode(u8[i]);
+    return btoa(bin);
+  }
+
+  function _toBuffer(data, encoding) {
+    if (typeof data === "string") return Buffer.from(data, encoding || "utf-8");
+    if (data instanceof Uint8Array) return data;
+    return Buffer.from(String(data), "utf-8");
+  }
+
+  const fs = {
+    // --- Async API ---
+    readFile: async function(path, options) {
+      const encoding = typeof options === "string" ? options : options?.encoding;
+      if (!encoding || encoding === "buffer") {
+        const b64 = await __poncho_fs_read_binary({ path });
+        return Buffer.from(_b64ToUint8(b64));
+      }
+      return await __poncho_fs_read({ path });
+    },
+
+    writeFile: async function(path, data, options) {
+      const encoding = typeof options === "string" ? options : options?.encoding;
+      if (data instanceof Uint8Array || data instanceof ArrayBuffer) {
+        const u8 = data instanceof ArrayBuffer ? new Uint8Array(data) : data;
+        await __poncho_fs_write_binary({ path, content: _uint8ToB64(u8) });
+        return;
+      }
+      if (encoding === "base64") {
+        await __poncho_fs_write_binary({ path, content: data });
+        return;
+      }
+      await __poncho_fs_write({ path, content: String(data) });
+    },
+
+    readdir: async function(path) {
+      return await __poncho_fs_list({ path: path || "/" });
+    },
+
+    mkdir: async function(path, options) {
+      await __poncho_fs_mkdir({ path });
+    },
+
+    stat: async function(path) {
+      const s = await __poncho_fs_stat({ path });
+      return {
+        isFile: function() { return s.isFile; },
+        isDirectory: function() { return s.isDirectory; },
+        size: s.size,
+        mtime: new Date(s.mtime),
+      };
+    },
+
+    unlink: async function(path) {
+      await __poncho_fs_delete({ path });
+    },
+
+    rm: async function(path) {
+      await __poncho_fs_delete({ path });
+    },
+
+    exists: async function(path) {
+      return await __poncho_fs_exists({ path });
+    },
+
+    // --- Sync-style API (actually async under the hood, but works with await) ---
+    readFileSync: function(path, options) {
+      return fs.readFile(path, options);
+    },
+
+    writeFileSync: function(path, data, options) {
+      return fs.writeFile(path, data, options);
+    },
+
+    readdirSync: function(path) { return fs.readdir(path); },
+    mkdirSync: function(path, options) { return fs.mkdir(path, options); },
+    statSync: function(path) { return fs.stat(path); },
+    unlinkSync: function(path) { return fs.unlink(path); },
+    existsSync: function(path) { return fs.exists(path); },
+    rmSync: function(path) { return fs.rm(path); },
+
+    promises: {},
+  };
+
+  // fs.promises mirrors the async API
+  for (const key of Object.keys(fs)) {
+    if (typeof fs[key] === "function" && key !== "promises") {
+      fs.promises[key] = fs[key];
+    }
+  }
+
+  globalThis.__modules = globalThis.__modules || {};
+  globalThis.__modules.fs = fs;
+  globalThis.__modules["fs/promises"] = fs.promises;
+  globalThis.__modules["node:fs"] = fs;
+  globalThis.__modules["node:fs/promises"] = fs.promises;
+  globalThis.fs = fs;
+})();
+`;
+var POLYFILL_FETCH = `
+// --- fetch polyfill ---
+(function() {
+  class Headers {
+    constructor(init) {
+      this._map = {};
+      if (init) {
+        const entries = typeof init.entries === "function"
+          ? Array.from(init.entries())
+          : Object.entries(init);
+        for (const [k, v] of entries) this._map[k.toLowerCase()] = String(v);
+      }
+    }
+    get(name) { return this._map[name.toLowerCase()] ?? null; }
+    set(name, value) { this._map[name.toLowerCase()] = String(value); }
+    has(name) { return name.toLowerCase() in this._map; }
+    delete(name) { delete this._map[name.toLowerCase()]; }
+    forEach(cb) { for (const [k, v] of Object.entries(this._map)) cb(v, k, this); }
+    entries() { return Object.entries(this._map)[Symbol.iterator](); }
+    keys() { return Object.keys(this._map)[Symbol.iterator](); }
+    values() { return Object.values(this._map)[Symbol.iterator](); }
+  }
+
+  class Response {
+    constructor(result, binary) {
+      this.status = result.status;
+      this.statusText = result.statusText || "";
+      this.ok = result.status >= 200 && result.status < 300;
+      this.headers = new Headers(result.headers);
+      this._body = result.body;
+      this._binary = binary;
+      this._consumed = false;
+    }
+
+    _checkConsumed() {
+      if (this._consumed) throw new TypeError("Body already consumed");
+      this._consumed = true;
+    }
+
+    async text() {
+      this._checkConsumed();
+      if (this._binary) {
+        // Decode base64 \u2192 binary string \u2192 UTF-8
+        const bytes = _fetchB64ToUint8(this._body);
+        return new TextDecoder().decode(bytes);
+      }
+      return this._body;
+    }
+
+    async json() {
+      const text = await this.text();
+      return JSON.parse(text);
+    }
+
+    async arrayBuffer() {
+      this._checkConsumed();
+      if (this._binary) {
+        const bytes = _fetchB64ToUint8(this._body);
+        return bytes.buffer;
+      }
+      return new TextEncoder().encode(this._body).buffer;
+    }
+
+    async blob() {
+      const ab = await this.arrayBuffer();
+      const type = this.headers.get("content-type") || "";
+      return new Blob([ab], { type });
+    }
+  }
+
+  function _fetchB64ToUint8(b64) {
+    const bin = atob(b64);
+    const arr = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++) arr[i] = bin.charCodeAt(i);
+    return arr;
+  }
+
+  globalThis.fetch = async function(input, init) {
+    const url = typeof input === "string" ? input : (input?.url || String(input));
+    const method = init?.method || "GET";
+    const headers = {};
+    if (init?.headers) {
+      const entries = typeof init.headers.entries === "function"
+        ? Array.from(init.headers.entries())
+        : Object.entries(init.headers);
+      for (const [k, v] of entries) headers[k] = String(v);
+    }
+    const body = init?.body ? String(init.body) : undefined;
+
+    // Always fetch as binary to preserve data integrity
+    const result = await __poncho_fetch({ url, method, headers, body, binary: true });
+    return new Response(result, true);
+  };
+
+  globalThis.Headers = Headers;
+  globalThis.Response = Response;
+})();
+`;
+var POLYFILL_FETCH_STUB = `
+// --- fetch stub (network not configured) ---
+(function() {
+  globalThis.fetch = async function() {
+    throw new Error(
+      "fetch() is not available. Enable network access in poncho.config.js:\\n" +
+      "  network: { allowedUrls: [\\"https://...\\"]}\\n" +
+      "  // or: network: { dangerouslyAllowAll: true }"
+    );
+  };
+})();
+`;
+var POLYFILL_TIMERS = `
+// --- Timers polyfill ---
+(function() {
+  let __timerId = 0;
+  const __timers = new Map();
+
+  globalThis.setTimeout = function(fn, delay) {
+    const id = ++__timerId;
+    const ms = Math.max(0, Number(delay) || 0);
+    const start = Date.now();
+    __timers.set(id, { fn, ms, start, type: "timeout" });
+    // In the isolate, setTimeout returns the id but the callback is
+    // executed via a polling mechanism in the async wrapper.
+    // For simple cases (delay=0), we can use a microtask.
+    if (ms === 0) {
+      Promise.resolve().then(() => {
+        if (__timers.has(id)) {
+          __timers.delete(id);
+          fn();
+        }
+      });
+    }
+    return id;
+  };
+
+  globalThis.clearTimeout = function(id) {
+    __timers.delete(id);
+  };
+
+  globalThis.setInterval = function(fn, delay) {
+    const id = ++__timerId;
+    const ms = Math.max(1, Number(delay) || 1);
+    const wrapper = () => {
+      if (!__timers.has(id)) return;
+      fn();
+      if (__timers.has(id)) {
+        globalThis.setTimeout(wrapper, ms);
+      }
+    };
+    __timers.set(id, { fn: wrapper, ms, type: "interval" });
+    globalThis.setTimeout(wrapper, ms);
+    return id;
+  };
+
+  globalThis.clearInterval = function(id) {
+    __timers.delete(id);
+  };
+
+  // queueMicrotask if not available
+  if (typeof globalThis.queueMicrotask === "undefined") {
+    globalThis.queueMicrotask = function(fn) { Promise.resolve().then(fn); };
+  }
+})();
+`;
+var POLYFILL_CRYPTO = `
+// --- crypto polyfill ---
+(function() {
+  if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.getRandomValues) return;
+
+  function getRandomValues(arr) {
+    for (let i = 0; i < arr.length; i++) {
+      arr[i] = Math.floor(Math.random() * 256);
+    }
+    return arr;
+  }
+
+  function randomUUID() {
+    const bytes = new Uint8Array(16);
+    getRandomValues(bytes);
+    bytes[6] = (bytes[6] & 0x0f) | 0x40;
+    bytes[8] = (bytes[8] & 0x3f) | 0x80;
+    const hex = Array.from(bytes).map(b => b.toString(16).padStart(2, "0")).join("");
+    return hex.slice(0, 8) + "-" + hex.slice(8, 12) + "-" + hex.slice(12, 16) + "-" + hex.slice(16, 20) + "-" + hex.slice(20);
+  }
+
+  globalThis.crypto = {
+    getRandomValues,
+    randomUUID,
+    subtle: {
+      async digest(algorithm, data) {
+        // Simple SHA-256 not feasible in pure JS without a library.
+        // Provide a helpful error for now.
+        throw new Error("crypto.subtle.digest is not available in the sandbox. Use a bundled library instead.");
+      },
+    },
+  };
+})();
+`;
+var POLYFILL_CONSOLE_EXTRAS = `
+// --- console extras ---
+(function() {
+  const __timeLabels = new Map();
+
+  console.table = function(data) {
+    try {
+      if (Array.isArray(data)) {
+        const keys = data.length > 0 && typeof data[0] === "object" ? Object.keys(data[0]) : null;
+        if (keys) {
+          const header = ["(index)", ...keys].join("\\t");
+          const rows = data.map((row, i) => [i, ...keys.map(k => row[k] ?? "")].join("\\t"));
+          console.log(header + "\\n" + rows.join("\\n"));
+          return;
+        }
+      }
+      console.log(JSON.stringify(data, null, 2));
+    } catch { console.log(String(data)); }
+  };
+
+  console.time = function(label) {
+    __timeLabels.set(label || "default", Date.now());
+  };
+
+  console.timeEnd = function(label) {
+    label = label || "default";
+    const start = __timeLabels.get(label);
+    if (start !== undefined) {
+      __timeLabels.delete(label);
+      console.log(label + ": " + (Date.now() - start) + "ms");
+    }
+  };
+
+  console.timeLog = function(label) {
+    label = label || "default";
+    const start = __timeLabels.get(label);
+    if (start !== undefined) {
+      console.log(label + ": " + (Date.now() - start) + "ms");
+    }
+  };
+
+  console.assert = function(condition) {
+    if (!condition) {
+      const args = Array.from(arguments).slice(1);
+      console.error("Assertion failed:", ...args);
+    }
+  };
+
+  console.dir = function(obj) { console.log(obj); };
+  console.count = (function() {
+    const counts = {};
+    return function(label) {
+      label = label || "default";
+      counts[label] = (counts[label] || 0) + 1;
+      console.log(label + ": " + counts[label]);
+    };
+  })();
+})();
+`;
+var POLYFILL_BLOB = `
+// --- Blob polyfill ---
+(function() {
+  if (typeof globalThis.Blob !== "undefined") return;
+
+  class Blob {
+    constructor(parts, options) {
+      this.type = (options && options.type) || "";
+      const chunks = [];
+      if (parts) {
+        for (const part of parts) {
+          if (typeof part === "string") {
+            chunks.push(new TextEncoder().encode(part));
+          } else if (part instanceof ArrayBuffer) {
+            chunks.push(new Uint8Array(part));
+          } else if (ArrayBuffer.isView(part)) {
+            chunks.push(new Uint8Array(part.buffer, part.byteOffset, part.byteLength));
+          } else if (part instanceof Blob) {
+            chunks.push(part._data);
+          }
+        }
+      }
+      let totalLen = 0;
+      for (const c of chunks) totalLen += c.length;
+      this._data = new Uint8Array(totalLen);
+      let offset = 0;
+      for (const c of chunks) {
+        this._data.set(c, offset);
+        offset += c.length;
+      }
+      this.size = this._data.length;
+    }
+
+    async arrayBuffer() { return this._data.buffer.slice(this._data.byteOffset, this._data.byteOffset + this._data.byteLength); }
+    async text() { return new TextDecoder().decode(this._data); }
+    slice(start, end, type) {
+      const sliced = this._data.slice(start || 0, end || this._data.length);
+      const blob = new Blob([], { type: type || this.type });
+      blob._data = sliced;
+      blob.size = sliced.length;
+      return blob;
+    }
+  }
+
+  globalThis.Blob = Blob;
+})();
+`;
+var POLYFILL_STRUCTUREDCLONE = `
+// --- structuredClone polyfill ---
+(function() {
+  if (typeof globalThis.structuredClone !== "undefined") return;
+  globalThis.structuredClone = function(value) {
+    return JSON.parse(JSON.stringify(value));
+  };
+})();
+`;
+
+// src/isolate/run-code-tool.ts
+var esbuildTransform;
+async function loadEsbuild() {
+  if (esbuildTransform) return esbuildTransform;
+  try {
+    const mod = await import("esbuild");
+    esbuildTransform = mod.transform;
+    return esbuildTransform;
+  } catch {
+    throw new Error(
+      "Code execution requires esbuild for TypeScript stripping. Run: pnpm add esbuild"
+    );
+  }
+}
+async function stripTypeScript(code) {
+  const transform = await loadEsbuild();
+  const wrapped = "async function __poncho_wrapper__() {\n" + code + "\n}";
+  const result = await transform(wrapped, { loader: "ts" });
+  const stripped = result.code.replace(/^async function __poncho_wrapper__\(\)\s*\{\n?/, "").replace(/\n?\}\s*$/, "");
+  return stripped;
+}
+var ALLOWED_EXTENSIONS = /* @__PURE__ */ new Set([".js", ".ts", ".mjs", ".mts"]);
+function hasAllowedExtension(path) {
+  const dot = path.lastIndexOf(".");
+  if (dot === -1) return false;
+  return ALLOWED_EXTENSIONS.has(path.slice(dot).toLowerCase());
+}
+function createRunCodeTool(opts) {
+  const { config, bashManager, libraryPreamble, description } = opts;
+  const memoryLimit = config.memoryLimit ?? 128;
+  const timeout = config.timeLimit ?? 1e4;
+  const outputLimit = config.outputLimit ?? 65536;
+  const codeLimit = config.codeLimit ?? 102400;
+  const runtime = createIsolateRuntime({
+    memoryLimit,
+    timeout,
+    outputLimit
+  });
+  const staticBindings = {};
+  if (config.apis?.fetch) {
+    staticBindings.__poncho_fetch = createFetchBinding(config.apis.fetch.allowedDomains);
+  } else if (opts.network) {
+    const net = opts.network;
+    if (net.dangerouslyAllowAll) {
+      staticBindings.__poncho_fetch = createFetchBinding([], net);
+    } else if (net.allowedUrls?.length) {
+      const domains = [];
+      for (const entry of net.allowedUrls) {
+        const urlStr = typeof entry === "string" ? entry : entry.url;
+        try {
+          domains.push(new URL(urlStr).hostname);
+        } catch {
+        }
+      }
+      if (domains.length > 0) {
+        staticBindings.__poncho_fetch = createFetchBinding(domains, net);
+      }
+    }
+  }
+  if (config.bindings) {
+    Object.assign(staticBindings, mergeBuilderBindings(config.bindings));
+  }
+  const hasNetwork = "__poncho_fetch" in staticBindings;
+  const polyfillPreamble = buildPolyfillPreamble(hasNetwork);
+  return defineTool({
+    name: "run_code",
+    description,
+    inputSchema: {
+      type: "object",
+      properties: {
+        code: {
+          type: "string",
+          description: "JavaScript or TypeScript code to execute"
+        },
+        file: {
+          type: "string",
+          description: "Path to a .js/.ts file in the VFS to execute instead of inline code"
+        }
+      },
+      additionalProperties: false
+    },
+    handler: async (input, context) => {
+      const code = input.code;
+      const file = input.file;
+      if (code && file) {
+        return { error: "Provide either `code` or `file`, not both." };
+      }
+      if (!code && !file) {
+        return { error: "Provide either `code` (inline) or `file` (VFS path)." };
+      }
+      let source;
+      if (file) {
+        if (!hasAllowedExtension(file)) {
+          return {
+            error: `File must have a .js, .ts, .mjs, or .mts extension. Got: "${file}"`
+          };
+        }
+        const tenantId2 = context.tenantId ?? "__default__";
+        const adapter2 = bashManager.getAdapter(tenantId2);
+        try {
+          source = await adapter2.readFile(file);
+        } catch (err) {
+          return {
+            error: `Failed to read file "${file}": ${err instanceof Error ? err.message : String(err)}`
+          };
+        }
+      } else {
+        source = code;
+      }
+      if (source.length > codeLimit) {
+        return {
+          error: `Code exceeds size limit: ${source.length} bytes > ${codeLimit} byte max.`
+        };
+      }
+      let jsCode;
+      try {
+        jsCode = await stripTypeScript(source);
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return { error: `TypeScript parse error: ${msg}` };
+      }
+      const tenantId = context.tenantId ?? "__default__";
+      const adapter = bashManager.getAdapter(tenantId);
+      const vfsBindings = createVfsBindings(adapter);
+      const allBindings = {
+        ...vfsBindings,
+        ...staticBindings
+      };
+      const result = await runtime.execute(
+        jsCode,
+        allBindings,
+        libraryPreamble,
+        context.abortSignal,
+        polyfillPreamble
+      );
+      if (result.error) {
+        return {
+          error: result.error.message,
+          errorName: result.error.name,
+          line: result.error.line,
+          column: result.error.column,
+          stdout: result.stdout || void 0,
+          stderr: result.stderr || void 0,
+          executionTimeMs: result.executionTimeMs
+        };
+      }
+      return {
+        result: result.result,
+        stdout: result.stdout || void 0,
+        stderr: result.stderr || void 0,
+        executionTimeMs: result.executionTimeMs
+      };
+    }
+  });
+}
+
+// src/isolate/type-stubs.ts
+function generateIsolateTypeStubs(config) {
+  const lines = [];
+  lines.push(
+    "// Standard Web/Node.js APIs available in the sandbox",
+    "",
+    "// --- fetch (standard Web API) ---",
+    "declare function fetch(url: string, init?: { method?: string; headers?: Record<string, string>; body?: string }): Promise<Response>;",
+    "declare class Response {",
+    "  readonly ok: boolean;",
+    "  readonly status: number;",
+    "  readonly statusText: string;",
+    "  readonly headers: Headers;",
+    "  text(): Promise<string>;",
+    "  json(): Promise<any>;",
+    "  arrayBuffer(): Promise<ArrayBuffer>;",
+    "  blob(): Promise<Blob>;",
+    "}",
+    "",
+    "// --- fs (Node.js-compatible) ---",
+    "declare const fs: {",
+    "  readFile(path: string, encoding?: string): Promise<string | Buffer>;",
+    "  writeFile(path: string, data: string | Buffer | Uint8Array): Promise<void>;",
+    "  readdir(path: string): Promise<string[]>;",
+    "  mkdir(path: string): Promise<void>;",
+    "  stat(path: string): Promise<{ isFile(): boolean; isDirectory(): boolean; size: number; mtime: Date }>;",
+    "  exists(path: string): Promise<boolean>;",
+    "  unlink(path: string): Promise<void>;",
+    "  rm(path: string): Promise<void>;",
+    "};",
+    "",
+    "// --- path ---",
+    "declare const path: {",
+    "  join(...parts: string[]): string;",
+    "  resolve(...parts: string[]): string;",
+    "  basename(p: string, ext?: string): string;",
+    "  dirname(p: string): string;",
+    "  extname(p: string): string;",
+    "};",
+    "",
+    "// --- Buffer, encoding, crypto ---",
+    "declare class Buffer extends Uint8Array {",
+    "  static from(input: string | ArrayBuffer | Uint8Array | number[], encoding?: string): Buffer;",
+    "  static alloc(size: number, fill?: number): Buffer;",
+    "  static concat(list: Uint8Array[]): Buffer;",
+    "  toString(encoding?: 'utf-8' | 'base64' | 'hex'): string;",
+    "}",
+    "declare function atob(data: string): string;",
+    "declare function btoa(data: string): string;",
+    "declare function setTimeout(fn: () => void, ms?: number): number;",
+    "declare function clearTimeout(id: number): void;",
+    "declare const crypto: { randomUUID(): string; getRandomValues(arr: Uint8Array): Uint8Array };",
+    "declare function structuredClone<T>(value: T): T;"
+  );
+  lines.push(
+    "",
+    "// Console (output captured and returned in tool result)",
+    "declare const console: {",
+    "  log(...args: unknown[]): void; error(...args: unknown[]): void;",
+    "  warn(...args: unknown[]): void; info(...args: unknown[]): void;",
+    "  table(data: unknown): void; time(label?: string): void; timeEnd(label?: string): void;",
+    "};"
+  );
+  if (config.bindings) {
+    const entries = Object.entries(config.bindings);
+    if (entries.length > 0) {
+      lines.push("", "// Custom bindings");
+      for (const [name, binding] of entries) {
+        lines.push(formatBindingStub(name, binding));
+      }
+    }
+  }
+  if (config.libraries?.length) {
+    lines.push(
+      "",
+      `// Pre-bundled libraries (use require())`,
+      `declare function require(name: ${config.libraries.map((l) => `"${l}"`).join(" | ")}): any;`
+    );
+  }
+  return lines.join("\n");
+}
+function buildRunCodeDescription(config, hasNetwork) {
+  const parts = [
+    "Execute JavaScript/TypeScript code in a sandboxed V8 isolate with standard Node.js/Web APIs.",
+    "",
+    "Input: provide either `code` (inline string) or `file` (path to a .js/.ts file in the VFS).",
+    "",
+    "Available standard APIs:",
+    "- fs.readFile(path, encoding?) / fs.writeFile(path, data) / fs.readdir(path) / fs.mkdir(path)",
+    "- fs.stat(path) / fs.exists(path) / fs.unlink(path)",
+    "- path.join() / path.resolve() / path.basename() / path.dirname() / path.extname()",
+    "- Buffer.from() / Buffer.alloc() / Buffer.concat() / buf.toString(encoding)",
+    "- atob() / btoa() / setTimeout() / crypto.randomUUID() / structuredClone()",
+    "- console.log() / console.error() / console.table()"
+  ];
+  if (hasNetwork || config.apis?.fetch) {
+    parts.push(
+      "- fetch(url, init?) \u2014 standard Web fetch API with Response.text(), .json(), .arrayBuffer()"
+    );
+  } else {
+    parts.push(
+      "- fetch() \u2014 not available (enable `network` in poncho.config.js)"
+    );
+  }
+  if (config.bindings) {
+    for (const [name, binding] of Object.entries(config.bindings)) {
+      parts.push(`- ${name}({...}) \u2014 ${binding.description}`);
+    }
+  }
+  if (config.libraries?.length) {
+    parts.push(
+      "",
+      `Pre-bundled libraries (use require()):`,
+      `- ${config.libraries.join(", ")}`
+    );
+  }
+  const memoryLimit = config.memoryLimit ?? 128;
+  const timeLimit = config.timeLimit ?? 1e4;
+  const codeLimit = config.codeLimit ?? 102400;
+  parts.push(
+    "",
+    "Notes:",
+    "- Code is wrapped in an async IIFE. Use `return` to return a value.",
+    "- Files written during execution persist even if the code throws an error.",
+    "- TypeScript is supported (type annotations are stripped before execution).",
+    `- Execution timeout: ${timeLimit / 1e3}s. Memory limit: ${memoryLimit}MB. Max code size: ${Math.round(codeLimit / 1024)}KB.`
+  );
+  return parts.join("\n");
+}
+function formatBindingStub(name, binding) {
+  const schema = binding.inputSchema;
+  const props = schema.properties ?? {};
+  const required = new Set(schema.required ?? []);
+  const params = Object.entries(props).map(([k, v]) => {
+    const opt = required.has(k) ? "" : "?";
+    const tsType = jsonSchemaToTsType(v);
+    return `${k}${opt}: ${tsType}`;
+  }).join("; ");
+  return `declare function ${name}(input: { ${params} }): Promise<unknown>; // ${binding.description}`;
+}
+function jsonSchemaToTsType(schema) {
+  switch (schema.type) {
+    case "string":
+      return "string";
+    case "number":
+    case "integer":
+      return "number";
+    case "boolean":
+      return "boolean";
+    case "array":
+      return "unknown[]";
+    case "object":
+      return "Record<string, unknown>";
+    default:
+      return "unknown";
+  }
+}
+
+// src/isolate/bundler.ts
+import { resolve } from "path";
+import { existsSync, readFileSync } from "fs";
+var esbuildBuild;
+async function loadEsbuild2() {
+  if (esbuildBuild) return esbuildBuild;
+  try {
+    const mod = await import("esbuild");
+    esbuildBuild = mod.build;
+    return esbuildBuild;
+  } catch {
+    throw new Error(
+      "Library bundling requires esbuild. Run: pnpm add esbuild"
+    );
+  }
+}
+var BLOCKED_BUILTINS = /* @__PURE__ */ new Set([
+  "fs",
+  "fs/promises",
+  "net",
+  "tls",
+  "child_process",
+  "cluster",
+  "dgram",
+  "dns",
+  "http",
+  "http2",
+  "https",
+  "inspector",
+  "module",
+  "os",
+  "perf_hooks",
+  "readline",
+  "repl",
+  "stream",
+  "tty",
+  "v8",
+  "vm",
+  "worker_threads",
+  "wasi"
+]);
+function blockedBuiltinsPlugin() {
+  return {
+    name: "blocked-builtins",
+    setup(build) {
+      const filter = new RegExp(
+        `^(node:)?(${[...BLOCKED_BUILTINS].join("|")})$`
+      );
+      build.onResolve({ filter }, (args) => ({
+        path: args.path,
+        namespace: "blocked-builtin"
+      }));
+      build.onLoad(
+        { filter: /.*/, namespace: "blocked-builtin" },
+        (args) => {
+          const name = args.path.replace(/^node:/, "");
+          return {
+            contents: `throw new Error("Module '${name}' is not available in the isolate. Use the injected fs_* functions instead.");`,
+            loader: "js"
+          };
+        }
+      );
+    }
+  };
+}
+async function bundleLibraries(libraries, projectDir) {
+  if (libraries.length === 0) return null;
+  const build = await loadEsbuild2();
+  const chunks = [];
+  const moduleEntries = [];
+  for (const lib of libraries) {
+    const pkgPath = resolve(projectDir, "node_modules", lib, "package.json");
+    if (!existsSync(pkgPath)) {
+      throw new Error(
+        `Library '${lib}' is declared in isolate.libraries but not installed. Run: pnpm add ${lib}`
+      );
+    }
+    let version = "unknown";
+    try {
+      const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
+      version = pkg.version ?? "unknown";
+    } catch {
+    }
+    const safeName = lib.replace(/[^a-zA-Z0-9_]/g, "_");
+    const globalName = `__lib_${safeName}`;
+    const result = await build({
+      entryPoints: [lib],
+      bundle: true,
+      write: false,
+      format: "iife",
+      globalName,
+      platform: "neutral",
+      target: "es2022",
+      // Resolve from the project's node_modules
+      nodePaths: [resolve(projectDir, "node_modules")],
+      plugins: [blockedBuiltinsPlugin()],
+      logLevel: "silent",
+      minify: false
+    });
+    if (result.outputFiles?.[0]) {
+      chunks.push(
+        `// --- ${lib}@${version} ---
+${result.outputFiles[0].text}`
+      );
+      moduleEntries.push(`  ${JSON.stringify(lib)}: ${globalName}`);
+    } else {
+      throw new Error(
+        `Failed to bundle library '${lib}': esbuild produced no output.`
+      );
+    }
+  }
+  const requireShim = `
+// --- require() shim ---
+var __modules = {
+${moduleEntries.join(",\n")}
+};
+function require(name) {
+  var mod = __modules[name];
+  if (!mod) throw new Error('Module "' + name + '" is not available. Available: ${libraries.join(", ")}');
+  // Handle both default and namespace exports
+  if (mod && mod.default !== undefined && Object.keys(mod).length === 1) return mod.default;
+  return mod;
+}
+`;
+  return chunks.join("\n\n") + "\n\n" + requireShim;
+}
+export {
+  buildPolyfillPreamble,
+  buildRunCodeDescription,
+  bundleLibraries,
+  createFetchBinding,
+  createIsolateRuntime,
+  createRunCodeTool,
+  createVfsBindings,
+  generateIsolateTypeStubs,
+  mergeBuilderBindings
+};