@proletariat/cli 0.3.69 → 0.3.70

package/dist/lib/execution/runners/prompt-builder.js

@@ -0,0 +1,337 @@
+/**
+ * Prompt Builder
+ *
+ * Functions for building agent prompts including:
+ * - Integration commands for connected services
+ * - Orchestrator prompt (system prompt + user message)
+ * - Ticket prompt (action + ticket content + completion instructions)
+ */
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { resolveToolsForSpawn } from '../../tool-registry/index.js';
+import { getHostPrltVersion } from './docker-management.js';
+const INTEGRATION_COMMANDS = [
+    {
+        provider: 'asana',
+        displayName: 'Asana',
+        commands: [
+            'prlt asana connect — authenticate with Asana',
+            'prlt asana sync --ticket TKT-XXX --create-missing --project <gid> — sync a PMO ticket to Asana',
+            'prlt asana import — import Asana tasks into PMO',
+        ],
+    },
+    {
+        provider: 'linear',
+        displayName: 'Linear',
+        commands: [
+            'prlt linear connect — authenticate with Linear',
+            'prlt linear sync --ticket TKT-XXX --create-missing — sync a PMO ticket to Linear',
+            'prlt linear import — import Linear issues into PMO',
+        ],
+    },
+    {
+        provider: 'jira',
+        displayName: 'Jira',
+        commands: [
+            'prlt jira connect — authenticate with Jira',
+            'prlt jira sync --ticket TKT-XXX --create-missing — sync a PMO ticket to Jira',
+            'prlt jira import — import Jira issues into PMO',
+        ],
+    },
+    {
+        provider: 'shortcut',
+        displayName: 'Shortcut',
+        commands: [
+            'prlt shortcut connect — authenticate with Shortcut',
+            'prlt shortcut sync --ticket TKT-XXX --create-missing — sync a PMO ticket to Shortcut',
+            'prlt shortcut import — import Shortcut stories into PMO',
+        ],
+    },
+    {
+        provider: 'monday',
+        displayName: 'Monday.com',
+        commands: [
+            'prlt monday connect — authenticate with Monday.com',
+            'prlt monday sync --ticket TKT-XXX --create-missing — sync a PMO ticket to Monday.com',
+        ],
+    },
+];
+export function buildIntegrationCommandsSection(connectedIntegrations) {
+    if (!connectedIntegrations || connectedIntegrations.length === 0)
+        return '';
+    const connected = INTEGRATION_COMMANDS.filter(ic => connectedIntegrations.includes(ic.provider));
+    if (connected.length === 0)
+        return '';
+    let section = `## Integration Commands\n\n`;
+    section += `The following external integrations are connected. Use these prlt commands to interact with them.\n\n`;
+    for (const integration of connected) {
+        section += `### ${integration.displayName}\n`;
+        for (const cmd of integration.commands) {
+            section += `- \`${cmd.split(' — ')[0]}\` — ${cmd.split(' — ')[1] || ''}\n`;
+        }
+        section += '\n';
+    }
+    section += `**ANTI-PATTERN:** Never use curl, raw API calls, or shell scripts to interact with external services (Asana, Linear, Jira, Shortcut, Monday.com, etc.). Always use the corresponding \`prlt\` commands.\n\n`;
+    return section;
+}
+const ORCHESTRATOR_COMMAND_REGISTRY = [
+    {
+        title: 'Agent Lifecycle',
+        commands: [
+            { cmd: 'prlt work start <ticket> --ephemeral --skip-permissions --create-pr --display background --action implement --run-on-host --yes', desc: 'Spawn an agent for a ticket', checkPath: 'work/start' },
+            { cmd: 'prlt session list', desc: 'List running sessions', checkPath: 'session/list' },
+            { cmd: 'prlt session inspect <agent>', desc: 'Inspect session details', checkPath: 'session/inspect' },
+            { cmd: 'prlt session poke <agent> \'message\'', desc: 'Send message to agent', checkPath: 'session/poke' },
+            { cmd: 'prlt session peek <agent> --lines 200', desc: 'Read agent output', checkPath: 'session/peek' },
+            { cmd: 'prlt session health', desc: 'Check health of all sessions', checkPath: 'session/health' },
+            { cmd: 'prlt session restart <agent>', desc: 'Restart a stuck agent', checkPath: 'session/restart' },
+            { cmd: 'prlt session exec <agent> -- git status', desc: 'Run command in agent context', checkPath: 'session/exec' },
+            { cmd: 'prlt session prune', desc: 'Clean up dead sessions', checkPath: 'session/prune' },
+        ],
+    },
+    {
+        title: 'Board Management',
+        commands: [
+            { cmd: 'prlt board view', desc: 'View the board', checkPath: 'board/view' },
+            { cmd: 'prlt ticket list', desc: 'List tickets', checkPath: 'ticket/list' },
+            { cmd: 'prlt ticket show <id>', desc: 'Show ticket details', checkPath: 'ticket/show' },
+            { cmd: 'prlt ticket create --title \'x\' --description \'y\'', desc: 'Create a ticket', checkPath: 'ticket/create' },
+            { cmd: 'prlt ticket edit <id> --title \'...\' --add-ac \'...\'', desc: 'Edit ticket fields', checkPath: 'ticket/edit' },
+        ],
+    },
+    {
+        title: 'PR Workflow',
+        commands: [
+            { cmd: 'gh pr list', desc: 'List open PRs' },
+            { cmd: 'gh pr view <num>', desc: 'View PR details' },
+            { cmd: 'gh pr checks <num>', desc: 'Check CI status' },
+            { cmd: 'gh pr merge <num> --squash', desc: 'Merge PR (squash only)' },
+        ],
+    },
+];
+const ORCHESTRATOR_ANTI_PATTERNS = [
+    { bad: 'docker exec <container> ...', good: 'prlt session exec', checkPath: 'session/exec' },
+    { bad: 'tmux send-keys ...', good: 'prlt session poke', checkPath: 'session/poke' },
+    { bad: 'tmux capture-pane ...', good: 'prlt session peek', checkPath: 'session/peek' },
+    { bad: 'Direct git operations on agent worktrees', good: 'prlt session exec', checkPath: 'session/exec' },
+];
+let _commandsDir = null;
+function getCommandsDir() {
+    if (_commandsDir === null) {
+        const currentFile = fileURLToPath(import.meta.url);
+        // From dist/lib/execution/runners/prompt-builder.js → dist/commands/
+        _commandsDir = path.resolve(path.dirname(currentFile), '..', '..', '..', 'commands');
+    }
+    return _commandsDir;
+}
+function isCommandAvailable(checkPath) {
+    const dir = getCommandsDir();
+    return fs.existsSync(path.join(dir, `${checkPath}.js`)) || fs.existsSync(path.join(dir, checkPath));
+}
+function buildOrchestratorCommandReference() {
+    let ref = '';
+    for (const category of ORCHESTRATOR_COMMAND_REGISTRY) {
+        const available = category.commands.filter(c => !c.checkPath || isCommandAvailable(c.checkPath));
+        if (available.length === 0)
+            continue;
+        ref += `### ${category.title}\n`;
+        for (const cmd of available) {
+            ref += `- \`${cmd.cmd}\` — ${cmd.desc}\n`;
+        }
+        ref += '\n';
+    }
+    return ref;
+}
+function buildOrchestratorAntiPatterns() {
+    const available = ORCHESTRATOR_ANTI_PATTERNS.filter(ap => !ap.checkPath || isCommandAvailable(ap.checkPath));
+    if (available.length === 0)
+        return '';
+    let section = `## Anti-Patterns — NEVER DO\n\n`;
+    for (const ap of available) {
+        section += `- \`${ap.bad}\` → use \`${ap.good}\` instead\n`;
+    }
+    section += `\n`;
+    return section;
+}
+function buildOrchestratorBody(hqName, context) {
+    let prompt = '';
+    const prltVersion = getHostPrltVersion();
+    prompt += `## Environment\n`;
+    if (prltVersion) {
+        prompt += `- **prlt version**: ${prltVersion}\n`;
+    }
+    prompt += `- **Available executors**: claude-code, codex\n`;
+    prompt += `- **Agent worktrees**: \`agents/temp/<agent-name>/<repo>\` — each agent gets an isolated git worktree\n`;
+    if (context.hqPath) {
+        prompt += `- **HQ path**: \`${context.hqPath}\`\n`;
+    }
+    prompt += `\n`;
+    prompt += `## prlt Is Your Orchestration Runtime\n\n`;
+    prompt += `prlt is your orchestration runtime. NEVER use raw docker exec, tmux send-keys, or direct container access. `;
+    prompt += `All orchestration goes through prlt. Every agent interaction, session management, and board operation `;
+    prompt += `has a dedicated prlt command. Using raw infrastructure commands bypasses session tracking, breaks `;
+    prompt += `health monitoring, and creates orphaned processes.\n\n`;
+    prompt += `## Your Role\n`;
+    prompt += `- Assess the current state of the board, running agents, and open PRs\n`;
+    prompt += `- Plan and prioritize work — decide what to tackle next and in what order\n`;
+    prompt += `- Delegate implementation to agents via \`prlt work start\`\n`;
+    prompt += `- Monitor agent progress via sessions and review completed work\n`;
+    prompt += `- Review and merge completed PRs via \`gh pr merge --squash\`\n`;
+    prompt += `- Coordinate parallel agents — handle rebases after merges\n`;
+    prompt += `- Never write code or make changes to source files yourself\n\n`;
+    prompt += `## Command Reference\n\n`;
+    prompt += buildOrchestratorCommandReference();
+    prompt += `## Spawning Agents\n`;
+    prompt += `\`\`\`\n`;
+    prompt += `script -q /dev/null prlt work start TKT-XXXX --ephemeral --skip-permissions --create-pr --display background --action implement --run-on-host --yes\n`;
+    prompt += `\`\`\`\n`;
+    prompt += `- Review: \`--action review-comment\`\n`;
+    prompt += `- Fix: \`--action review-fix\`\n\n`;
+    prompt += buildOrchestratorAntiPatterns();
+    prompt += buildIntegrationCommandsSection(context.connectedIntegrations);
+    prompt += `## Workflow\n`;
+    prompt += `- Squash merge only: \`gh pr merge --squash\`\n`;
+    prompt += `- After merging: subsequent PRs from parallel agents will need rebase\n`;
+    prompt += `- Kill stale sessions after their PRs are merged\n\n`;
+    if (context.hqPath) {
+        const toolsResult = resolveToolsForSpawn(context.hqPath, context.toolPolicy, path.join(context.hqPath, '.proletariat', 'scripts'));
+        if (toolsResult.promptSection) {
+            prompt += toolsResult.promptSection;
+        }
+    }
+    if (context.hqPath) {
+        const contextFilePath = path.join(context.hqPath, '.orchestrator-context.md');
+        if (fs.existsSync(contextFilePath)) {
+            try {
+                const contextContent = fs.readFileSync(contextFilePath, 'utf-8').trim();
+                if (contextContent) {
+                    prompt += `## Workspace Context\n\n${contextContent}\n\n`;
+                }
+            }
+            catch {
+                // Ignore read errors
+            }
+        }
+    }
+    return prompt;
+}
+export function buildOrchestratorSystemPrompt(context) {
+    const hqName = context.hqName || 'workspace';
+    let prompt = `# Orchestrator: ${hqName}\n\n`;
+    prompt += `You are the orchestrator for the **${hqName}** headquarters — a technical project manager driving software delivery through delegated AI agents.\n\n`;
+    prompt += `**prlt** is an AI agent orchestration CLI. It manages software development by coordinating autonomous coding agents that work in isolated git worktrees. `;
+    prompt += `Your workspace (HQ) contains a PMO board for tracking tickets, agent worktrees under \`agents/temp/\`, and repo connections. `;
+    prompt += `Agents are spawned to implement, review, and fix code — you never write code yourself. `;
+    prompt += `Your job is to assess the state of the project, plan and prioritize work, delegate to agents, monitor their progress, review results, and merge completed PRs.\n\n`;
+    prompt += buildOrchestratorBody(hqName, context);
+    return prompt;
+}
+function buildOrchestratorPrompt(context) {
+    const hqName = context.hqName || 'workspace';
+    let prompt = `# Orchestrator: ${hqName}\n\n`;
+    prompt += `You are the orchestrator for the **${hqName}** headquarters — a technical project manager driving software delivery through delegated AI agents.\n\n`;
+    prompt += `**prlt** is an AI agent orchestration CLI. It manages software development by coordinating autonomous coding agents that work in isolated git worktrees. `;
+    prompt += `Your workspace (HQ) contains a PMO board for tracking tickets, agent worktrees under \`agents/temp/\`, and repo connections. `;
+    prompt += `Agents are spawned to implement, review, and fix code — you never write code yourself.\n\n`;
+    prompt += buildOrchestratorBody(hqName, context);
+    if (context.actionPrompt) {
+        prompt += `## Instructions\n\n${context.actionPrompt}\n`;
+    }
+    return prompt;
+}
+export function buildPrompt(context) {
+    if (context.isOrchestrator) {
+        return buildOrchestratorPrompt(context);
+    }
+    let prompt = '';
+    if (context.isRevision && context.prFeedback) {
+        prompt += `# Revision: Address PR Feedback\n\n`;
+        prompt += context.prFeedback;
+        prompt += `\n\n---\n\n`;
+        prompt += `## Original Ticket Context\n\n`;
+    }
+    if (context.actionPrompt) {
+        prompt += `# Action: ${context.actionName || 'Work'}\n\n`;
+        prompt += context.actionPrompt;
+        prompt += `\n\n---\n\n`;
+    }
+    prompt += `# Ticket: ${context.ticketId}\n\n`;
+    prompt += `**Title:** ${context.ticketTitle}\n\n`;
+    if (context.ticketPriority) {
+        prompt += `**Priority:** ${context.ticketPriority}\n`;
+    }
+    if (context.ticketCategory) {
+        prompt += `**Category:** ${context.ticketCategory}\n`;
+    }
+    if (context.epicTitle) {
+        prompt += `**Epic:** ${context.epicTitle}\n`;
+    }
+    if (context.ticketDescription) {
+        prompt += `\n## Description\n\n${context.ticketDescription}\n`;
+    }
+    if (context.ticketSubtasks && context.ticketSubtasks.length > 0) {
+        prompt += `\n## Subtasks\n\n`;
+        for (const subtask of context.ticketSubtasks) {
+            const checkbox = subtask.done ? '[x]' : '[ ]';
+            prompt += `- ${checkbox} ${subtask.title}\n`;
+        }
+    }
+    const integrationSection = buildIntegrationCommandsSection(context.connectedIntegrations);
+    if (integrationSection) {
+        prompt += `\n${integrationSection}`;
+    }
+    if (context.customMessage) {
+        prompt += `\n## Additional Instructions\n\n${context.customMessage}\n`;
+    }
+    if (context.hqPath) {
+        const toolsResult = resolveToolsForSpawn(context.hqPath, context.toolPolicy, path.join(context.hqPath, '.proletariat', 'scripts'));
+        if (toolsResult.promptSection) {
+            prompt += `\n${toolsResult.promptSection}`;
+        }
+    }
+    prompt += `\n---\n\n## When Complete\n\n`;
+    if (context.isRevision) {
+        prompt += `After addressing the feedback:\n`;
+        prompt += `1. Commit your changes using \`prlt commit "your message"\`\n`;
+        prompt += `2. Push your changes: \`git push\`\n`;
+        prompt += `\nThe PR will be updated automatically.`;
+    }
+    else if (context.actionEndPrompt) {
+        let endPrompt = context.actionEndPrompt.replace(/\{\{TICKET_ID\}\}/g, context.ticketId);
+        if (endPrompt.includes('--pr')) {
+            if (!context.createPR) {
+                endPrompt = endPrompt.replace(/--pr/g, '--no-pr');
+            }
+        }
+        prompt += endPrompt;
+    }
+    else {
+        if (context.modifiesCode) {
+            prompt += `1. **Commit your work** in each repository directory you modified:\n`;
+            prompt += `   \`\`\`bash\n`;
+            prompt += `   cd /workspace/<repo-name>\n`;
+            prompt += `   git add -A\n`;
+            prompt += `   prlt commit "describe your change"\n`;
+            prompt += `   git push\n`;
+            prompt += `   \`\`\`\n`;
+            prompt += `   This formats your commit as a conventional commit with the ticket ID.\n`;
+            prompt += `\n2. **Mark work as ready** by running:\n`;
+            const prFlag = context.createPR ? ' --pr' : ' --no-pr';
+            prompt += `   \`\`\`bash\n   prlt work ready ${context.ticketId}${prFlag}\n   \`\`\`\n`;
+            if (context.createPR) {
+                prompt += `   This moves the ticket to review and creates a pull request.\n`;
+            }
+            else {
+                prompt += `   This moves the ticket to review.\n`;
+            }
+            prompt += `\n**IMPORTANT:** Use the global \`prlt\` command (just type \`prlt\`). Do NOT use \`./bin/run.js\` or any local path.`;
+        }
+        else {
+            prompt += `When you have completed the task, provide a summary of what you did.`;
+        }
+    }
+    prompt += `\n\n---\n\n**STOP:** After providing your final summary, your task is complete. Do not take any further actions, do not verify your work again, and do not continue the conversation. Simply output your summary and stop.`;
+    return prompt;
+}
+//# sourceMappingURL=prompt-builder.js.map

package/dist/lib/execution/runners/prompt-builder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-builder.js","sourceRoot":"","sources":["../../../../src/lib/execution/runners/prompt-builder.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAA;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAExC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAY3D,MAAM,oBAAoB,GAA4B;IACpD;QACE,QAAQ,EAAE,OAAO;QACjB,WAAW,EAAE,OAAO;QACpB,QAAQ,EAAE;YACR,8CAA8C;YAC9C,gGAAgG;YAChG,iDAAiD;SAClD;KACF;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,QAAQ;QACrB,QAAQ,EAAE;YACR,gDAAgD;YAChD,kFAAkF;YAClF,oDAAoD;SACrD;KACF;IACD;QACE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,MAAM;QACnB,QAAQ,EAAE;YACR,4CAA4C;YAC5C,8EAA8E;YAC9E,gDAAgD;SACjD;KACF;IACD;QACE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,UAAU;QACvB,QAAQ,EAAE;YACR,oDAAoD;YACpD,sFAAsF;YACtF,yDAAyD;SAC1D;KACF;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,YAAY;QACzB,QAAQ,EAAE;YACR,oDAAoD;YACpD,sFAAsF;SACvF;KACF;CACF,CAAA;AAED,MAAM,UAAU,+BAA+B,CAAC,qBAAgC;IAC9E,IAAI,CAAC,qBAAqB,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAE3E,MAAM,SAAS,GAAG,oBAAoB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CACjD,qBAAqB,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,CAC5C,CAAA;IACD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAErC,IAAI,OAAO,GAAG,6BAA6B,CAAA;IAC3C,OAAO,IAAI,uGAAuG,CAAA;IAElH,KAAK,MAAM,WAAW,IAAI,SAAS,EAAE,CAAC;QACpC,OAAO,IAAI,OAAO,WAAW,CAAC,WAAW,IAAI,CAAA;QAC7C,KAAK,MAAM,GAAG,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;YACvC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAA;QAC5E,CAAC;QACD,OAAO,IAAI,IAAI,CAAA;IACjB,CAAC;IAED,OAAO,IAAI,6MAA6M,CAAA;IAExN,OAAO,OAAO,CAAA;AAChB,CAAC;AAiBD,MAAM,6BAA6B,GAAsB;IACvD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE;YACR,EAAE,GAAG,EAAE,iIAAiI,EAAE,IAAI,EAAE,6BAA6B,EAAE,SAAS,EAAE,YAAY,EAAE;YACxM,EAAE,GAAG,EAAE,mBAAmB,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,cAAc,EAAE;YACtF,EAAE,GAAG,EAAE,8BAA8B,EAAE,IAAI,EAAE,yBAAyB,EAAE,SAAS,EAAE,iBAAiB,EAAE;YACtG,EAAE,GAAG,EAAE,uCAAuC,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,cAAc,EAAE;YAC1G,EAAE,GAAG,EAAE,uCAAuC,EAAE,IAAI,EAAE,mBAAmB,EAAE,SAAS,EAAE,cAAc,EAAE;YACtG,EAAE,GAAG,EAAE,qBAAqB,EAAE,IAAI,EAAE,8BAA8B,EAAE,SAAS,EAAE,gBAAgB,EAAE;YACjG,EAAE,GAAG,EAAE,8BAA8B,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,iBAAiB,EAAE;YACpG,EAAE,GAAG,EAAE,yCAAyC,EAAE,IAAI,EAAE,8BAA8B,EAAE,SAAS,EAAE,cAAc,EAAE;YACnH,EAAE,GAAG,EAAE,oBAAoB,EAAE,IAAI,EAAE,wBAAwB,EAAE,SAAS,EAAE,eAAe,EAAE;SAC1F;KACF;IACD;QACE,KAAK,EAAE,kBAAkB;QACzB,QAAQ,EAAE;YACR,EAAE,GAAG,EAAE,iBAAiB,EAAE,IAAI,EAAE,gBAAgB,EAAE,SAAS,EAAE,YAAY,EAAE;YAC3E,EAAE,GAAG,EAAE,kBAAkB,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,aAAa,EAAE;YAC3E,EAAE,GAAG,EAAE,uBAAuB,EAAE,IAAI,EAAE,qBAAqB,EAAE,SAAS,EAAE,aAAa,EAAE;YACvF,EAAE,GAAG,EAAE,sDAAsD,EAAE,IAAI,EAAE,iBAAiB,EAAE,SAAS,EAAE,eAAe,EAAE;YACpH,EAAE,GAAG,EAAE,wDAAwD,EAAE,IAAI,EAAE,oBAAoB,EAAE,SAAS,EAAE,aAAa,EAAE;SACxH;KACF;IACD;QACE,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE;YACR,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE;YAC5C,EAAE,GAAG,EAAE,kBAAkB,EAAE,IAAI,EAAE,iBAAiB,EAAE;YACpD,EAAE,GAAG,EAAE,oBAAoB,EAAE,IAAI,EAAE,iBAAiB,EAAE;YACtD,EAAE,GAAG,EAAE,4BAA4B,EAAE,IAAI,EAAE,wBAAwB,EAAE;SACtE;KACF;CACF,CAAA;AAQD,MAAM,0BAA0B,GAAqB;IACnD,EAAE,GAAG,EAAE,6BAA6B,EAAE,IAAI,EAAE,mBAAmB,EAAE,SAAS,EAAE,cAAc,EAAE;IAC5F,EAAE,GAAG,EAAE,oBAAoB,EAAE,IAAI,EAAE,mBAAmB,EAAE,SAAS,EAAE,cAAc,EAAE;IACnF,EAAE,GAAG,EAAE,uBAAuB,EAAE,IAAI,EAAE,mBAAmB,EAAE,SAAS,EAAE,cAAc,EAAE;IACtF,EAAE,GAAG,EAAE,0CAA0C,EAAE,IAAI,EAAE,mBAAmB,EAAE,SAAS,EAAE,cAAc,EAAE;CAC1G,CAAA;AAED,IAAI,YAAY,GAAkB,IAAI,CAAA;AAEtC,SAAS,cAAc;IACrB,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QAC1B,MAAM,WAAW,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAClD,qEAAqE;QACrE,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;IACtF,CAAC;IACD,OAAO,YAAY,CAAA;AACrB,CAAC;AAED,SAAS,kBAAkB,CAAC,SAAiB;IAC3C,MAAM,GAAG,GAAG,cAAc,EAAE,CAAA;IAC5B,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;AACrG,CAAC;AAED,SAAS,iCAAiC;IACxC,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,KAAK,MAAM,QAAQ,IAAI,6BAA6B,EAAE,CAAC;QACrD,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;QAChG,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;YAAE,SAAQ;QACpC,GAAG,IAAI,OAAO,QAAQ,CAAC,KAAK,IAAI,CAAA;QAChC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;YAC5B,GAAG,IAAI,OAAO,GAAG,CAAC,GAAG,QAAQ,GAAG,CAAC,IAAI,IAAI,CAAA;QAC3C,CAAC;QACD,GAAG,IAAI,IAAI,CAAA;IACb,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,SAAS,6BAA6B;IACpC,MAAM,SAAS,GAAG,0BAA0B,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,SAAS,IAAI,kBAAkB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;IAC5G,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IACrC,IAAI,OAAO,GAAG,iCAAiC,CAAA;IAC/C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;QAC3B,OAAO,IAAI,OAAO,EAAE,CAAC,GAAG,cAAc,EAAE,CAAC,IAAI,cAAc,CAAA;IAC7D,CAAC;IACD,OAAO,IAAI,IAAI,CAAA;IACf,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAc,EAAE,OAAyB;IACtE,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAA;IACxC,MAAM,IAAI,kBAAkB,CAAA;IAC5B,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,IAAI,uBAAuB,WAAW,IAAI,CAAA;IAClD,CAAC;IACD,MAAM,IAAI,iDAAiD,CAAA;IAC3D,MAAM,IAAI,yGAAyG,CAAA;IACnH,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,IAAI,oBAAoB,OAAO,CAAC,MAAM,MAAM,CAAA;IACpD,CAAC;IACD,MAAM,IAAI,IAAI,CAAA;IACd,MAAM,IAAI,2CAA2C,CAAA;IACrD,MAAM,IAAI,6GAA6G,CAAA;IACvH,MAAM,IAAI,wGAAwG,CAAA;IAClH,MAAM,IAAI,oGAAoG,CAAA;IAC9G,MAAM,IAAI,wDAAwD,CAAA;IAClE,MAAM,IAAI,gBAAgB,CAAA;IAC1B,MAAM,IAAI,yEAAyE,CAAA;IACnF,MAAM,IAAI,6EAA6E,CAAA;IACvF,MAAM,IAAI,+DAA+D,CAAA;IACzE,MAAM,IAAI,mEAAmE,CAAA;IAC7E,MAAM,IAAI,iEAAiE,CAAA;IAC3E,MAAM,IAAI,8DAA8D,CAAA;IACxE,MAAM,IAAI,iEAAiE,CAAA;IAC3E,MAAM,IAAI,0BAA0B,CAAA;IACpC,MAAM,IAAI,iCAAiC,EAAE,CAAA;IAC7C,MAAM,IAAI,sBAAsB,CAAA;IAChC,MAAM,IAAI,UAAU,CAAA;IACpB,MAAM,IAAI,uJAAuJ,CAAA;IACjK,MAAM,IAAI,UAAU,CAAA;IACpB,MAAM,IAAI,yCAAyC,CAAA;IACnD,MAAM,IAAI,oCAAoC,CAAA;IAC9C,MAAM,IAAI,6BAA6B,EAAE,CAAA;IACzC,MAAM,IAAI,+BAA+B,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAA;IACxE,MAAM,IAAI,eAAe,CAAA;IACzB,MAAM,IAAI,iDAAiD,CAAA;IAC3D,MAAM,IAAI,yEAAyE,CAAA;IACnF,MAAM,IAAI,sDAAsD,CAAA;IAEhE,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,oBAAoB,CACtC,OAAO,CAAC,MAAM,EACd,OAAO,CAAC,UAAU,EAClB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,cAAc,EAAE,SAAS,CAAC,CACrD,CAAA;QACD,IAAI,WAAW,CAAC,aAAa,EAAE,CAAC;YAC9B,MAAM,IAAI,WAAW,CAAC,aAAa,CAAA;QACrC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,0BAA0B,CAAC,CAAA;QAC7E,IAAI,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAA;gBACvE,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,IAAI,2BAA2B,cAAc,MAAM,CAAA;gBAC3D,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,qBAAqB;YACvB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,OAAyB;IACrE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,WAAW,CAAA;IAC5C,IAAI,MAAM,GAAG,mBAAmB,MAAM,MAAM,CAAA;IAC5C,MAAM,IAAI,sCAAsC,MAAM,0GAA0G,CAAA;IAChK,MAAM,IAAI,2JAA2J,CAAA;IACrK,MAAM,IAAI,+HAA+H,CAAA;IACzI,MAAM,IAAI,yFAAyF,CAAA;IACnG,MAAM,IAAI,oKAAoK,CAAA;IAC9K,MAAM,IAAI,qBAAqB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAChD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAyB;IACxD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,WAAW,CAAA;IAC5C,IAAI,MAAM,GAAG,mBAAmB,MAAM,MAAM,CAAA;IAC5C,MAAM,IAAI,sCAAsC,MAAM,0GAA0G,CAAA;IAChK,MAAM,IAAI,2JAA2J,CAAA;IACrK,MAAM,IAAI,+HAA+H,CAAA;IACzI,MAAM,IAAI,4FAA4F,CAAA;IACtG,MAAM,IAAI,qBAAqB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAChD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,MAAM,IAAI,sBAAsB,OAAO,CAAC,YAAY,IAAI,CAAA;IAC1D,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAyB;IACnD,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,OAAO,uBAAuB,CAAC,OAAO,CAAC,CAAA;IACzC,CAAC;IAED,IAAI,MAAM,GAAG,EAAE,CAAA;IAEf,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QAC7C,MAAM,IAAI,qCAAqC,CAAA;QAC/C,MAAM,IAAI,OAAO,CAAC,UAAU,CAAA;QAC5B,MAAM,IAAI,aAAa,CAAA;QACvB,MAAM,IAAI,gCAAgC,CAAA;IAC5C,CAAC;IAED,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,MAAM,IAAI,aAAa,OAAO,CAAC,UAAU,IAAI,MAAM,MAAM,CAAA;QACzD,MAAM,IAAI,OAAO,CAAC,YAAY,CAAA;QAC9B,MAAM,IAAI,aAAa,CAAA;IACzB,CAAC;IAED,MAAM,IAAI,aAAa,OAAO,CAAC,QAAQ,MAAM,CAAA;IAC7C,MAAM,IAAI,cAAc,OAAO,CAAC,WAAW,MAAM,CAAA;IACjD,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,MAAM,IAAI,iBAAiB,OAAO,CAAC,cAAc,IAAI,CAAA;IACvD,CAAC;IACD,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,MAAM,IAAI,iBAAiB,OAAO,CAAC,cAAc,IAAI,CAAA;IACvD,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,aAAa,OAAO,CAAC,SAAS,IAAI,CAAA;IAC9C,CAAC;IACD,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;QAC9B,MAAM,IAAI,uBAAuB,OAAO,CAAC,iBAAiB,IAAI,CAAA;IAChE,CAAC;IAED,IAAI,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,mBAAmB,CAAA;QAC7B,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAA;YAC7C,MAAM,IAAI,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,IAAI,CAAA;QAC9C,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAG,+BAA+B,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAA;IACzF,IAAI,kBAAkB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,kBAAkB,EAAE,CAAA;IACrC,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,IAAI,mCAAmC,OAAO,CAAC,aAAa,IAAI,CAAA;IACxE,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,oBAAoB,CACtC,OAAO,CAAC,MAAM,EACd,OAAO,CAAC,UAAU,EAClB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,cAAc,EAAE,SAAS,CAAC,CACrD,CAAA;QACD,IAAI,WAAW,CAAC,aAAa,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,WAAW,CAAC,aAAa,EAAE,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,MAAM,IAAI,+BAA+B,CAAA;IAEzC,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACvB,MAAM,IAAI,kCAAkC,CAAA;QAC5C,MAAM,IAAI,+DAA+D,CAAA;QACzE,MAAM,IAAI,sCAAsC,CAAA;QAChD,MAAM,IAAI,yCAAyC,CAAA;IACrD,CAAC;SAAM,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QACnC,IAAI,SAAS,GAAG,OAAO,CAAC,eAAe,CAAC,OAAO,CAAC,oBAAoB,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAA;QACvF,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACtB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;YACnD,CAAC;QACH,CAAC;QACD,MAAM,IAAI,SAAS,CAAA;IACrB,CAAC;SAAM,CAAC;QACN,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YACzB,MAAM,IAAI,sEAAsE,CAAA;YAChF,MAAM,IAAI,iBAAiB,CAAA;YAC3B,MAAM,IAAI,gCAAgC,CAAA;YAC1C,MAAM,IAAI,iBAAiB,CAAA;YAC3B,MAAM,IAAI,yCAAyC,CAAA;YACnD,MAAM,IAAI,eAAe,CAAA;YACzB,MAAM,IAAI,aAAa,CAAA;YACvB,MAAM,IAAI,4EAA4E,CAAA;YACtF,MAAM,IAAI,2CAA2C,CAAA;YACrD,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAA;YACtD,MAAM,IAAI,qCAAqC,OAAO,CAAC,QAAQ,GAAG,MAAM,eAAe,CAAA;YACvF,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,MAAM,IAAI,kEAAkE,CAAA;YAC9E,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,uCAAuC,CAAA;YACnD,CAAC;YACD,MAAM,IAAI,uHAAuH,CAAA;QACnI,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,sEAAsE,CAAA;QAClF,CAAC;IACH,CAAC;IAED,MAAM,IAAI,4NAA4N,CAAA;IAEtO,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/lib/execution/runners/sandbox.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Sandbox Runner - srt-based sandbox on host
+ *
+ * Runs commands in an srt sandbox for filesystem and network isolation.
+ * Falls back to host runner if srt is not installed.
+ */
+import { DisplayMode, ExecutorType, ExecutionContext, ExecutionConfig } from './shared.js';
+import { RunnerResult } from './shared.js';
+/**
+ * Check if srt (sandbox-runtime) is installed on the host.
+ */
+export declare function isSrtInstalled(): boolean;
+/**
+ * Build the srt command with filesystem and network restrictions.
+ *
+ * Filesystem policy (read-restriction philosophy from claude-code-sandbox):
+ * - Read/write: agent worktree directory
+ * - Read-only: repo source (if different from worktree)
+ * - Read-only: additional configured read paths
+ * - Deny: home directory, system paths, other repos
+ *
+ * Network policy:
+ * - Allow: configured domains (GitHub, Anthropic API, npm registries, etc.)
+ * - Deny: everything else
+ */
+export declare function buildSrtCommand(innerCommand: string, context: ExecutionContext, config: ExecutionConfig): string;
+/**
+ * Run command in an srt sandbox on the host machine.
+ * Uses the same tmux session approach as the host runner, but wraps the
+ * executor command with srt for filesystem and network isolation.
+ *
+ * Falls back to host runner with warning if srt is not installed.
+ */
+export declare function runSandbox(context: ExecutionContext, executor: ExecutorType, config: ExecutionConfig, displayMode?: DisplayMode): Promise<RunnerResult>;

package/dist/lib/execution/runners/sandbox.js

@@ -0,0 +1,108 @@
+/**
+ * Sandbox Runner - srt-based sandbox on host
+ *
+ * Runs commands in an srt sandbox for filesystem and network isolation.
+ * Falls back to host runner if srt is not installed.
+ */
+import { execSync, path, os, } from './shared.js';
+import { runHost } from './host.js';
+// =============================================================================
+// Sandbox Utilities
+// =============================================================================
+/**
+ * Check if srt (sandbox-runtime) is installed on the host.
+ */
+export function isSrtInstalled() {
+    try {
+        execSync('which srt', { stdio: 'pipe' });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Build the srt command with filesystem and network restrictions.
+ *
+ * Filesystem policy (read-restriction philosophy from claude-code-sandbox):
+ * - Read/write: agent worktree directory
+ * - Read-only: repo source (if different from worktree)
+ * - Read-only: additional configured read paths
+ * - Deny: home directory, system paths, other repos
+ *
+ * Network policy:
+ * - Allow: configured domains (GitHub, Anthropic API, npm registries, etc.)
+ * - Deny: everything else
+ */
+export function buildSrtCommand(innerCommand, context, config) {
+    const args = ['srt'];
+    // Filesystem: always allow read/write to agent worktree
+    args.push(`--fs-write=${context.worktreePath}`);
+    // Allow read/write to the agent directory (parent of worktree, contains .devcontainer etc.)
+    if (context.agentDir && context.agentDir !== context.worktreePath) {
+        args.push(`--fs-write=${context.agentDir}`);
+    }
+    // Allow read/write to HQ scripts directory (for temp script files)
+    if (context.hqPath) {
+        const scriptsDir = path.join(context.hqPath, '.proletariat', 'scripts');
+        args.push(`--fs-write=${scriptsDir}`);
+    }
+    // Allow read access to additional configured paths
+    for (const readPath of config.sandbox.allowReadPaths) {
+        args.push(`--fs-read=${readPath}`);
+    }
+    // Allow write access to additional configured paths
+    for (const writePath of config.sandbox.allowWritePaths) {
+        args.push(`--fs-write=${writePath}`);
+    }
+    // Allow read to temp directory (needed for script execution)
+    args.push(`--fs-write=${os.tmpdir()}`);
+    // Network: merge sandbox domains with firewall allowlist
+    const allDomains = new Set([
+        ...config.sandbox.networkDomains,
+        ...config.firewall.allowlistDomains,
+    ]);
+    for (const domain of allDomains) {
+        args.push(`--net-allow=${domain}`);
+    }
+    // The inner command to execute inside the sandbox
+    args.push('--');
+    args.push(innerCommand);
+    return args.join(' ');
+}
+// =============================================================================
+// Sandbox Runner
+// =============================================================================
+/**
+ * Run command in an srt sandbox on the host machine.
+ * Uses the same tmux session approach as the host runner, but wraps the
+ * executor command with srt for filesystem and network isolation.
+ *
+ * Falls back to host runner with warning if srt is not installed.
+ */
+export async function runSandbox(context, executor, config, displayMode = 'terminal') {
+    // Check if srt is installed
+    if (!isSrtInstalled()) {
+        if (config.sandbox.fallbackToHost) {
+            // Log warning via stderr (will be visible in terminal)
+            process.stderr.write('\x1b[33m⚠️  srt (sandbox-runtime) not installed. Falling back to host execution.\n' +
+                '   Install srt for filesystem + network isolation: https://github.com/anthropic-experimental/sandbox-runtime\x1b[0m\n');
+            // Fall back to host runner
+            return runHost(context, executor, config, displayMode);
+        }
+        return {
+            success: false,
+            error: 'srt (sandbox-runtime) is not installed.\n\n' +
+                'Install it from: https://github.com/anthropic-experimental/sandbox-runtime\n' +
+                'Or set sandbox.fallbackToHost to true in execution config to fall back to host.',
+        };
+    }
+    // Delegate to host runner — the sandbox wrapping happens at the script level
+    // We set a flag on context so the host runner knows to wrap with srt
+    const sandboxContext = {
+        ...context,
+        executionEnvironment: 'sandbox',
+    };
+    return runHost(sandboxContext, executor, config, displayMode);
+}
+//# sourceMappingURL=sandbox.js.map

package/dist/lib/execution/runners/sandbox.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox.js","sourceRoot":"","sources":["../../../../src/lib/execution/runners/sandbox.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,QAAQ,EACR,IAAI,EACJ,EAAE,GAKH,MAAM,aAAa,CAAA;AAGpB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAEnC,gFAAgF;AAChF,oBAAoB;AACpB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,CAAC;QACH,QAAQ,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAA;QACxC,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,eAAe,CAC7B,YAAoB,EACpB,OAAyB,EACzB,MAAuB;IAEvB,MAAM,IAAI,GAAa,CAAC,KAAK,CAAC,CAAA;IAE9B,wDAAwD;IACxD,IAAI,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,YAAY,EAAE,CAAC,CAAA;IAE/C,4FAA4F;IAC5F,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,YAAY,EAAE,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,mEAAmE;IACnE,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,cAAc,EAAE,SAAS,CAAC,CAAA;QACvE,IAAI,CAAC,IAAI,CAAC,cAAc,UAAU,EAAE,CAAC,CAAA;IACvC,CAAC;IAED,mDAAmD;IACnD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QACrD,IAAI,CAAC,IAAI,CAAC,aAAa,QAAQ,EAAE,CAAC,CAAA;IACpC,CAAC;IAED,oDAAoD;IACpD,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;QACvD,IAAI,CAAC,IAAI,CAAC,cAAc,SAAS,EAAE,CAAC,CAAA;IACtC,CAAC;IAED,6DAA6D;IAC7D,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEtC,yDAAyD;IACzD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;QACzB,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc;QAChC,GAAG,MAAM,CAAC,QAAQ,CAAC,gBAAgB;KACpC,CAAC,CAAA;IACF,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI,CAAC,eAAe,MAAM,EAAE,CAAC,CAAA;IACpC,CAAC;IAED,kDAAkD;IAClD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACf,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAEvB,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;AACvB,CAAC;AAED,gFAAgF;AAChF,iBAAiB;AACjB,gFAAgF;AAEhF;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,OAAyB,EACzB,QAAsB,EACtB,MAAuB,EACvB,cAA2B,UAAU;IAErC,4BAA4B;IAC5B,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;QACtB,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YAClC,uDAAuD;YACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,oFAAoF;gBACpF,uHAAuH,CACxH,CAAA;YACD,2BAA2B;YAC3B,OAAO,OAAO,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,CAAA;QACxD,CAAC;QACD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,6CAA6C;gBAClD,8EAA8E;gBAC9E,iFAAiF;SACpF,CAAA;IACH,CAAC;IAED,6EAA6E;IAC7E,qEAAqE;IACrE,MAAM,cAAc,GAAqB;QACvC,GAAG,OAAO;QACV,oBAAoB,EAAE,SAAS;KAChC,CAAA;IAED,OAAO,OAAO,CAAC,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,CAAA;AAC/D,CAAC"}

package/dist/lib/execution/runners/shared.d.ts

@@ -0,0 +1,62 @@
+/**
+ * Shared Runner Utilities — Barrel Re-export
+ *
+ * This module re-exports all shared utilities from sub-modules.
+ * Runner modules import from this file for convenience.
+ *
+ * Sub-modules:
+ * - docker-credentials.ts — Credential volume + host creds + tmux keychain
+ * - executor.ts — Executor command building + preflight checks
+ * - docker-management.ts — Container lifecycle (create, setup, ensure, etc.)
+ * - prompt-builder.ts — Integration commands + orchestrator/ticket prompts
+ */
+import { spawn, execSync } from 'node:child_process';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+import { fileURLToPath } from 'node:url';
+import { ExecutionEnvironment, DisplayMode, OutputMode, PermissionMode, SessionManager, ExecutorType, ExecutionContext, ExecutionConfig, DEFAULT_EXECUTION_CONFIG, normalizeEnvironment } from '../types.js';
+import type { TerminalApp } from '../types.js';
+import { getSetTitleCommands } from '../../terminal.js';
+import { readDevcontainerJson, generateOrchestratorDockerfile } from '../devcontainer.js';
+import type { OrchestratorDockerOptions } from '../devcontainer.js';
+import { getCodexCommand, resolveCodexExecutionContext, validateCodexMode, CodexModeError } from '../codex-adapter.js';
+import { resolveToolsForSpawn } from '../../tool-registry/index.js';
+export interface RunnerResult {
+    success: boolean;
+    pid?: string;
+    containerId?: string;
+    sessionId?: string;
+    logPath?: string;
+    error?: string;
+}
+export type Runner = (context: ExecutionContext, executor: ExecutorType, config: ExecutionConfig) => Promise<RunnerResult>;
+/**
+ * Build a unified name for tmux sessions, window names, and tab titles.
+ * Format: "{ticketId}-{action}-{agentName}"
+ */
+export declare function buildSessionName(context: ExecutionContext): string;
+export declare function buildWindowTitle(context: ExecutionContext): string;
+export declare function buildTmuxWindowName(context: ExecutionContext): string;
+export declare function shouldUseControlMode(terminalApp: TerminalApp, controlModeEnabled: boolean): boolean;
+export declare function buildTmuxMouseOption(_useControlMode: boolean): string;
+export declare function buildTmuxAttachCommand(useControlMode: boolean, includeUnicodeFlag?: boolean): string;
+export declare function configureITermTmuxPreferences(mode: 'tab' | 'window'): void;
+export declare function configureITermTmuxWindowMode(mode: 'tab' | 'window'): void;
+export declare function getGitHubToken(): string | null;
+export declare function isGitHubTokenAvailable(): boolean;
+export type DockerDaemonStatus = {
+    available: boolean;
+    reason: 'ready' | 'not-installed' | 'daemon-not-ready';
+    message: string;
+};
+export declare function checkDockerDaemon(): DockerDaemonStatus;
+export declare function isDockerRunning(): boolean;
+/** @deprecated No longer required - we use raw Docker commands now */
+export declare function isDevcontainerCliInstalled(): boolean;
+export { CLAUDE_CREDENTIALS_VOLUME, credentialsVolumeExists, dockerCredentialsExist, getDockerCredentialInfo, hostCredentialsExist, ensureTmuxServerHasKeychainAccess, copyClaudeCredentials, } from './docker-credentials.js';
+export { getExecutorCommand, isClaudeExecutor, getExecutorDisplayName, getExecutorPackage, PreflightResult, checkExecutorOnHost, checkExecutorInContainer, runExecutorPreflight, } from './executor.js';
+export { getHostPrltVersion, getAgentContainerName, getContainerName, getImageName, containerExists, isContainerRunning, getContainerId, buildDockerImage, imageExists, createDockerContainer, runContainerSetup, ensureDockerContainer, } from './docker-management.js';
+export { buildIntegrationCommandsSection, buildOrchestratorSystemPrompt, buildPrompt, } from './prompt-builder.js';
+export { spawn, execSync, fs, path, os, fileURLToPath, ExecutionEnvironment, DisplayMode, OutputMode, PermissionMode, SessionManager, ExecutorType, ExecutionContext, ExecutionConfig, DEFAULT_EXECUTION_CONFIG, normalizeEnvironment, getSetTitleCommands, readDevcontainerJson, generateOrchestratorDockerfile, getCodexCommand, resolveCodexExecutionContext, validateCodexMode, CodexModeError, resolveToolsForSpawn, };
+export type { TerminalApp, OrchestratorDockerOptions };