@rozek/nanoclaw 0.0.1

package/dist/container-runner.test.js

@@ -0,0 +1,150 @@
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+import { EventEmitter } from 'events';
+import { PassThrough } from 'stream';
+// Sentinel markers must match container-runner.ts
+const OUTPUT_START_MARKER = '---NANOCLAW_OUTPUT_START---';
+const OUTPUT_END_MARKER = '---NANOCLAW_OUTPUT_END---';
+// Mock config
+vi.mock('./config.js', () => ({
+    CONTAINER_IMAGE: 'nanoclaw-agent:latest',
+    CONTAINER_MAX_OUTPUT_SIZE: 10485760,
+    CONTAINER_TIMEOUT: 1800000, // 30min
+    CREDENTIAL_PROXY_PORT: 3001,
+    DATA_DIR: '/tmp/nanoclaw-test-data',
+    GROUPS_DIR: '/tmp/nanoclaw-test-groups',
+    IDLE_TIMEOUT: 1800000, // 30min
+    TIMEZONE: 'America/Los_Angeles',
+}));
+// Mock logger
+vi.mock('./logger.js', () => ({
+    logger: {
+        debug: vi.fn(),
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+    },
+}));
+// Mock fs
+vi.mock('fs', async () => {
+    const actual = await vi.importActual('fs');
+    return {
+        ...actual,
+        default: {
+            ...actual,
+            existsSync: vi.fn(() => false),
+            mkdirSync: vi.fn(),
+            writeFileSync: vi.fn(),
+            readFileSync: vi.fn(() => ''),
+            readdirSync: vi.fn(() => []),
+            statSync: vi.fn(() => ({ isDirectory: () => false })),
+            copyFileSync: vi.fn(),
+        },
+    };
+});
+// Mock mount-security
+vi.mock('./mount-security.js', () => ({
+    validateAdditionalMounts: vi.fn(() => []),
+}));
+// Create a controllable fake ChildProcess
+function createFakeProcess() {
+    const proc = new EventEmitter();
+    proc.stdin = new PassThrough();
+    proc.stdout = new PassThrough();
+    proc.stderr = new PassThrough();
+    proc.kill = vi.fn();
+    proc.pid = 12345;
+    return proc;
+}
+let fakeProc;
+// Mock child_process.spawn
+vi.mock('child_process', async () => {
+    const actual = await vi.importActual('child_process');
+    return {
+        ...actual,
+        spawn: vi.fn(() => fakeProc),
+        exec: vi.fn((_cmd, _opts, cb) => {
+            if (cb)
+                cb(null);
+            return new EventEmitter();
+        }),
+    };
+});
+import { runContainerAgent } from './container-runner.js';
+const testGroup = {
+    name: 'Test Group',
+    folder: 'test-group',
+    trigger: '@Andy',
+    added_at: new Date().toISOString(),
+};
+const testInput = {
+    prompt: 'Hello',
+    groupFolder: 'test-group',
+    chatJid: 'test@g.us',
+    isMain: false,
+};
+function emitOutputMarker(proc, output) {
+    const json = JSON.stringify(output);
+    proc.stdout.push(`${OUTPUT_START_MARKER}\n${json}\n${OUTPUT_END_MARKER}\n`);
+}
+describe('container-runner timeout behavior', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+        fakeProc = createFakeProcess();
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    it('timeout after output resolves as success', async () => {
+        const onOutput = vi.fn(async () => { });
+        const resultPromise = runContainerAgent(testGroup, testInput, () => { }, onOutput);
+        // Emit output with a result
+        emitOutputMarker(fakeProc, {
+            status: 'success',
+            result: 'Here is my response',
+            newSessionId: 'session-123',
+        });
+        // Let output processing settle
+        await vi.advanceTimersByTimeAsync(10);
+        // Fire the hard timeout (IDLE_TIMEOUT + 30s = 1830000ms)
+        await vi.advanceTimersByTimeAsync(1830000);
+        // Emit close event (as if container was stopped by the timeout)
+        fakeProc.emit('close', 137);
+        // Let the promise resolve
+        await vi.advanceTimersByTimeAsync(10);
+        const result = await resultPromise;
+        expect(result.status).toBe('success');
+        expect(result.newSessionId).toBe('session-123');
+        expect(onOutput).toHaveBeenCalledWith(expect.objectContaining({ result: 'Here is my response' }));
+    });
+    it('timeout with no output resolves as error', async () => {
+        const onOutput = vi.fn(async () => { });
+        const resultPromise = runContainerAgent(testGroup, testInput, () => { }, onOutput);
+        // No output emitted — fire the hard timeout
+        await vi.advanceTimersByTimeAsync(1830000);
+        // Emit close event
+        fakeProc.emit('close', 137);
+        await vi.advanceTimersByTimeAsync(10);
+        const result = await resultPromise;
+        expect(result.status).toBe('error');
+        expect(result.error).toContain('timed out');
+        expect(onOutput).not.toHaveBeenCalled();
+    });
+    it('normal exit after output resolves as success', async () => {
+        const onOutput = vi.fn(async () => { });
+        const resultPromise = runContainerAgent(testGroup, testInput, () => { }, onOutput);
+        // Emit output
+        emitOutputMarker(fakeProc, {
+            status: 'success',
+            result: 'Done',
+            newSessionId: 'session-456',
+        });
+        await vi.advanceTimersByTimeAsync(10);
+        // Normal exit (no timeout)
+        fakeProc.emit('close', 0);
+        await vi.advanceTimersByTimeAsync(10);
+        const result = await resultPromise;
+        expect(result.status).toBe('success');
+        expect(result.newSessionId).toBe('session-456');
+    });
+});
+//# sourceMappingURL=container-runner.test.js.map

package/dist/container-runner.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"container-runner.test.js","sourceRoot":"","sources":["../src/container-runner.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AAErC,kDAAkD;AAClD,MAAM,mBAAmB,GAAG,6BAA6B,CAAC;AAC1D,MAAM,iBAAiB,GAAG,2BAA2B,CAAC;AAEtD,cAAc;AACd,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,eAAe,EAAE,uBAAuB;IACxC,yBAAyB,EAAE,QAAQ;IACnC,iBAAiB,EAAE,OAAO,EAAE,QAAQ;IACpC,qBAAqB,EAAE,IAAI;IAC3B,QAAQ,EAAE,yBAAyB;IACnC,UAAU,EAAE,2BAA2B;IACvC,YAAY,EAAE,OAAO,EAAE,QAAQ;IAC/B,QAAQ,EAAE,qBAAqB;CAChC,CAAC,CAAC,CAAC;AAEJ,cAAc;AACd,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,MAAM,EAAE;QACN,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;QACd,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE;QACb,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE;QACb,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;KACf;CACF,CAAC,CAAC,CAAC;AAEJ,UAAU;AACV,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE;IACvB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAsB,IAAI,CAAC,CAAC;IAChE,OAAO;QACL,GAAG,MAAM;QACT,OAAO,EAAE;YACP,GAAG,MAAM;YACT,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;YAC9B,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;YAClB,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE;YACtB,YAAY,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC;YAC7B,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC;YAC5B,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC;YACrD,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;SACtB;KACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,sBAAsB;AACtB,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC;IACpC,wBAAwB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC;CAC1C,CAAC,CAAC,CAAC;AAEJ,0CAA0C;AAC1C,SAAS,iBAAiB;IACxB,MAAM,IAAI,GAAG,IAAI,YAAY,EAM5B,CAAC;IACF,IAAI,CAAC,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;IAChC,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;IAChC,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;IACpB,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC;IACjB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,IAAI,QAA8C,CAAC;AAEnD,2BAA2B;AAC3B,EAAE,CAAC,IAAI,CAAC,eAAe,EAAE,KAAK,IAAI,EAAE;IAClC,MAAM,MAAM,GACV,MAAM,EAAE,CAAC,YAAY,CAAiC,eAAe,CAAC,CAAC;IACzE,OAAO;QACL,GAAG,MAAM;QACT,KAAK,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC;QAC5B,IAAI,EAAE,EAAE,CAAC,EAAE,CACT,CAAC,IAAY,EAAE,KAAc,EAAE,EAAgC,EAAE,EAAE;YACjE,IAAI,EAAE;gBAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACjB,OAAO,IAAI,YAAY,EAAE,CAAC;QAC5B,CAAC,CACF;KACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,OAAO,EAAE,iBAAiB,EAAmB,MAAM,uBAAuB,CAAC;AAG3E,MAAM,SAAS,GAAoB;IACjC,IAAI,EAAE,YAAY;IAClB,MAAM,EAAE,YAAY;IACpB,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;CACnC,CAAC;AAEF,MAAM,SAAS,GAAG;IAChB,MAAM,EAAE,OAAO;IACf,WAAW,EAAE,YAAY;IACzB,OAAO,EAAE,WAAW;IACpB,MAAM,EAAE,KAAK;CACd,CAAC;AAEF,SAAS,gBAAgB,CACvB,IAA0C,EAC1C,MAAuB;IAEvB,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,mBAAmB,KAAK,IAAI,KAAK,iBAAiB,IAAI,CAAC,CAAC;AAC9E,CAAC;AAED,QAAQ,CAAC,mCAAmC,EAAE,GAAG,EAAE;IACjD,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,QAAQ,GAAG,iBAAiB,EAAE,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,MAAM,QAAQ,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC,CAAC;QACvC,MAAM,aAAa,GAAG,iBAAiB,CACrC,SAAS,EACT,SAAS,EACT,GAAG,EAAE,GAAE,CAAC,EACR,QAAQ,CACT,CAAC;QAEF,4BAA4B;QAC5B,gBAAgB,CAAC,QAAQ,EAAE;YACzB,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,qBAAqB;YAC7B,YAAY,EAAE,aAAa;SAC5B,CAAC,CAAC;QAEH,+BAA+B;QAC/B,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;QAEtC,yDAAyD;QACzD,MAAM,EAAE,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAE3C,gEAAgE;QAChE,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAChD,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CACnC,MAAM,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC,CAC3D,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,MAAM,QAAQ,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC,CAAC;QACvC,MAAM,aAAa,GAAG,iBAAiB,CACrC,SAAS,EACT,SAAS,EACT,GAAG,EAAE,GAAE,CAAC,EACR,QAAQ,CACT,CAAC;QAEF,4CAA4C;QAC5C,MAAM,EAAE,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAE3C,mBAAmB;QACnB,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAE5B,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC5C,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;QAC5D,MAAM,QAAQ,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC,CAAC;QACvC,MAAM,aAAa,GAAG,iBAAiB,CACrC,SAAS,EACT,SAAS,EACT,GAAG,EAAE,GAAE,CAAC,EACR,QAAQ,CACT,CAAC;QAEF,cAAc;QACd,gBAAgB,CAAC,QAAQ,EAAE;YACzB,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,MAAM;YACd,YAAY,EAAE,aAAa;SAC5B,CAAC,CAAC;QAEH,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;QAEtC,2BAA2B;QAC3B,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QAE1B,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/container-runtime.d.ts

@@ -0,0 +1,22 @@
+/** The container runtime binary name. */
+export declare const CONTAINER_RUNTIME_BIN = "docker";
+/** Hostname containers use to reach the host machine. */
+export declare const CONTAINER_HOST_GATEWAY = "host.docker.internal";
+/**
+ * Address the credential proxy binds to.
+ * Docker Desktop (macOS): 127.0.0.1 — the VM routes host.docker.internal to loopback.
+ * Docker (Linux): bind to the docker0 bridge IP so only containers can reach it,
+ *   falling back to 0.0.0.0 if the interface isn't found.
+ */
+export declare const PROXY_BIND_HOST: string;
+/** CLI args needed for the container to resolve the host gateway. */
+export declare function hostGatewayArgs(): string[];
+/** Returns CLI args for a readonly bind mount. */
+export declare function readonlyMountArgs(hostPath: string, containerPath: string): string[];
+/** Returns the shell command to stop a container by name. */
+export declare function stopContainer(name: string): string;
+/** Ensure the container runtime is running, starting it if needed. */
+export declare function ensureContainerRuntimeRunning(): void;
+/** Kill orphaned NanoClaw containers from previous runs. */
+export declare function cleanupOrphans(): void;
+//# sourceMappingURL=container-runtime.d.ts.map

package/dist/container-runtime.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"container-runtime.d.ts","sourceRoot":"","sources":["../src/container-runtime.ts"],"names":[],"mappings":"AAUA,yCAAyC;AACzC,eAAO,MAAM,qBAAqB,WAAW,CAAC;AAE9C,yDAAyD;AACzD,eAAO,MAAM,sBAAsB,yBAAyB,CAAC;AAE7D;;;;;GAKG;AACH,eAAO,MAAM,eAAe,QACgC,CAAC;AAmB7D,qEAAqE;AACrE,wBAAgB,eAAe,IAAI,MAAM,EAAE,CAM1C;AAED,kDAAkD;AAClD,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACpB,MAAM,EAAE,CAEV;AAED,6DAA6D;AAC7D,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAElD;AAED,sEAAsE;AACtE,wBAAgB,6BAA6B,IAAI,IAAI,CAmCpD;AAED,4DAA4D;AAC5D,wBAAgB,cAAc,IAAI,IAAI,CAuBrC"}

package/dist/container-runtime.js

@@ -0,0 +1,96 @@
+/**
+ * Container runtime abstraction for NanoClaw.
+ * All runtime-specific logic lives here so swapping runtimes means changing one file.
+ */
+import { execSync } from 'child_process';
+import fs from 'fs';
+import os from 'os';
+import { logger } from './logger.js';
+/** The container runtime binary name. */
+export const CONTAINER_RUNTIME_BIN = 'docker';
+/** Hostname containers use to reach the host machine. */
+export const CONTAINER_HOST_GATEWAY = 'host.docker.internal';
+/**
+ * Address the credential proxy binds to.
+ * Docker Desktop (macOS): 127.0.0.1 — the VM routes host.docker.internal to loopback.
+ * Docker (Linux): bind to the docker0 bridge IP so only containers can reach it,
+ *   falling back to 0.0.0.0 if the interface isn't found.
+ */
+export const PROXY_BIND_HOST = process.env.CREDENTIAL_PROXY_HOST || detectProxyBindHost();
+function detectProxyBindHost() {
+    if (os.platform() === 'darwin')
+        return '127.0.0.1';
+    // WSL uses Docker Desktop (same VM routing as macOS) — loopback is correct.
+    // Check /proc filesystem, not env vars — WSL_DISTRO_NAME isn't set under systemd.
+    if (fs.existsSync('/proc/sys/fs/binfmt_misc/WSLInterop'))
+        return '127.0.0.1';
+    // Bare-metal Linux: bind to the docker0 bridge IP instead of 0.0.0.0
+    const ifaces = os.networkInterfaces();
+    const docker0 = ifaces['docker0'];
+    if (docker0) {
+        const ipv4 = docker0.find((a) => a.family === 'IPv4');
+        if (ipv4)
+            return ipv4.address;
+    }
+    return '0.0.0.0';
+}
+/** CLI args needed for the container to resolve the host gateway. */
+export function hostGatewayArgs() {
+    // On Linux, host.docker.internal isn't built-in — add it explicitly
+    if (os.platform() === 'linux') {
+        return ['--add-host=host.docker.internal:host-gateway'];
+    }
+    return [];
+}
+/** Returns CLI args for a readonly bind mount. */
+export function readonlyMountArgs(hostPath, containerPath) {
+    return ['-v', `${hostPath}:${containerPath}:ro`];
+}
+/** Returns the shell command to stop a container by name. */
+export function stopContainer(name) {
+    return `${CONTAINER_RUNTIME_BIN} stop ${name}`;
+}
+/** Ensure the container runtime is running, starting it if needed. */
+export function ensureContainerRuntimeRunning() {
+    try {
+        execSync(`${CONTAINER_RUNTIME_BIN} info`, {
+            stdio: 'pipe',
+            timeout: 10000,
+        });
+        logger.debug('Container runtime already running');
+    }
+    catch (err) {
+        logger.error({ err }, 'Failed to reach container runtime');
+        console.error('\n╔════════════════════════════════════════════════════════════════╗');
+        console.error('║  FATAL: Container runtime failed to start                      ║');
+        console.error('║                                                                ║');
+        console.error('║  Agents cannot run without a container runtime. To fix:        ║');
+        console.error('║  1. Ensure Docker is installed and running                     ║');
+        console.error('║  2. Run: docker info                                           ║');
+        console.error('║  3. Restart NanoClaw                                           ║');
+        console.error('╚════════════════════════════════════════════════════════════════╝\n');
+        throw new Error('Container runtime is required but failed to start');
+    }
+}
+/** Kill orphaned NanoClaw containers from previous runs. */
+export function cleanupOrphans() {
+    try {
+        const output = execSync(`${CONTAINER_RUNTIME_BIN} ps --filter name=nanoclaw- --format '{{.Names}}'`, { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf-8' });
+        const orphans = output.trim().split('\n').filter(Boolean);
+        for (const name of orphans) {
+            try {
+                execSync(stopContainer(name), { stdio: 'pipe' });
+            }
+            catch {
+                /* already stopped */
+            }
+        }
+        if (orphans.length > 0) {
+            logger.info({ count: orphans.length, names: orphans }, 'Stopped orphaned containers');
+        }
+    }
+    catch (err) {
+        logger.warn({ err }, 'Failed to clean up orphaned containers');
+    }
+}
+//# sourceMappingURL=container-runtime.js.map

package/dist/container-runtime.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"container-runtime.js","sourceRoot":"","sources":["../src/container-runtime.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,yCAAyC;AACzC,MAAM,CAAC,MAAM,qBAAqB,GAAG,QAAQ,CAAC;AAE9C,yDAAyD;AACzD,MAAM,CAAC,MAAM,sBAAsB,GAAG,sBAAsB,CAAC;AAE7D;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAC1B,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,mBAAmB,EAAE,CAAC;AAE7D,SAAS,mBAAmB;IAC1B,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ;QAAE,OAAO,WAAW,CAAC;IAEnD,4EAA4E;IAC5E,kFAAkF;IAClF,IAAI,EAAE,CAAC,UAAU,CAAC,qCAAqC,CAAC;QAAE,OAAO,WAAW,CAAC;IAE7E,qEAAqE;IACrE,MAAM,MAAM,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC;IACtC,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IAClC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QACtD,IAAI,IAAI;YAAE,OAAO,IAAI,CAAC,OAAO,CAAC;IAChC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,eAAe;IAC7B,oEAAoE;IACpE,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,EAAE,CAAC;QAC9B,OAAO,CAAC,8CAA8C,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,kDAAkD;AAClD,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,aAAqB;IAErB,OAAO,CAAC,IAAI,EAAE,GAAG,QAAQ,IAAI,aAAa,KAAK,CAAC,CAAC;AACnD,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,OAAO,GAAG,qBAAqB,SAAS,IAAI,EAAE,CAAC;AACjD,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,6BAA6B;IAC3C,IAAI,CAAC;QACH,QAAQ,CAAC,GAAG,qBAAqB,OAAO,EAAE;YACxC,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,MAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,mCAAmC,CAAC,CAAC;QAC3D,OAAO,CAAC,KAAK,CACX,sEAAsE,CACvE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,oEAAoE,CACrE,CAAC;QACF,OAAO,CAAC,KAAK,CACX,sEAAsE,CACvE,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CACrB,GAAG,qBAAqB,mDAAmD,EAC3E,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,CACvD,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC1D,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,IAAI,CAAC;gBACH,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;YACnD,CAAC;YAAC,MAAM,CAAC;gBACP,qBAAqB;YACvB,CAAC;QACH,CAAC;QACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,IAAI,CACT,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,EACzC,6BAA6B,CAC9B,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,wCAAwC,CAAC,CAAC;IACjE,CAAC;AACH,CAAC"}

package/dist/container-runtime.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=container-runtime.test.d.ts.map

package/dist/container-runtime.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"container-runtime.test.d.ts","sourceRoot":"","sources":["../src/container-runtime.test.ts"],"names":[],"mappings":""}

package/dist/container-runtime.test.js

@@ -0,0 +1,93 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+// Mock logger
+vi.mock('./logger.js', () => ({
+    logger: {
+        debug: vi.fn(),
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+    },
+}));
+// Mock child_process — store the mock fn so tests can configure it
+const mockExecSync = vi.fn();
+vi.mock('child_process', () => ({
+    execSync: (...args) => mockExecSync(...args),
+}));
+import { CONTAINER_RUNTIME_BIN, readonlyMountArgs, stopContainer, ensureContainerRuntimeRunning, cleanupOrphans, } from './container-runtime.js';
+import { logger } from './logger.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+});
+// --- Pure functions ---
+describe('readonlyMountArgs', () => {
+    it('returns -v flag with :ro suffix', () => {
+        const args = readonlyMountArgs('/host/path', '/container/path');
+        expect(args).toEqual(['-v', '/host/path:/container/path:ro']);
+    });
+});
+describe('stopContainer', () => {
+    it('returns stop command using CONTAINER_RUNTIME_BIN', () => {
+        expect(stopContainer('nanoclaw-test-123')).toBe(`${CONTAINER_RUNTIME_BIN} stop nanoclaw-test-123`);
+    });
+});
+// --- ensureContainerRuntimeRunning ---
+describe('ensureContainerRuntimeRunning', () => {
+    it('does nothing when runtime is already running', () => {
+        mockExecSync.mockReturnValueOnce('');
+        ensureContainerRuntimeRunning();
+        expect(mockExecSync).toHaveBeenCalledTimes(1);
+        expect(mockExecSync).toHaveBeenCalledWith(`${CONTAINER_RUNTIME_BIN} info`, {
+            stdio: 'pipe',
+            timeout: 10000,
+        });
+        expect(logger.debug).toHaveBeenCalledWith('Container runtime already running');
+    });
+    it('throws when docker info fails', () => {
+        mockExecSync.mockImplementationOnce(() => {
+            throw new Error('Cannot connect to the Docker daemon');
+        });
+        expect(() => ensureContainerRuntimeRunning()).toThrow('Container runtime is required but failed to start');
+        expect(logger.error).toHaveBeenCalled();
+    });
+});
+// --- cleanupOrphans ---
+describe('cleanupOrphans', () => {
+    it('stops orphaned nanoclaw containers', () => {
+        // docker ps returns container names, one per line
+        mockExecSync.mockReturnValueOnce('nanoclaw-group1-111\nnanoclaw-group2-222\n');
+        // stop calls succeed
+        mockExecSync.mockReturnValue('');
+        cleanupOrphans();
+        // ps + 2 stop calls
+        expect(mockExecSync).toHaveBeenCalledTimes(3);
+        expect(mockExecSync).toHaveBeenNthCalledWith(2, `${CONTAINER_RUNTIME_BIN} stop nanoclaw-group1-111`, { stdio: 'pipe' });
+        expect(mockExecSync).toHaveBeenNthCalledWith(3, `${CONTAINER_RUNTIME_BIN} stop nanoclaw-group2-222`, { stdio: 'pipe' });
+        expect(logger.info).toHaveBeenCalledWith({ count: 2, names: ['nanoclaw-group1-111', 'nanoclaw-group2-222'] }, 'Stopped orphaned containers');
+    });
+    it('does nothing when no orphans exist', () => {
+        mockExecSync.mockReturnValueOnce('');
+        cleanupOrphans();
+        expect(mockExecSync).toHaveBeenCalledTimes(1);
+        expect(logger.info).not.toHaveBeenCalled();
+    });
+    it('warns and continues when ps fails', () => {
+        mockExecSync.mockImplementationOnce(() => {
+            throw new Error('docker not available');
+        });
+        cleanupOrphans(); // should not throw
+        expect(logger.warn).toHaveBeenCalledWith(expect.objectContaining({ err: expect.any(Error) }), 'Failed to clean up orphaned containers');
+    });
+    it('continues stopping remaining containers when one stop fails', () => {
+        mockExecSync.mockReturnValueOnce('nanoclaw-a-1\nnanoclaw-b-2\n');
+        // First stop fails
+        mockExecSync.mockImplementationOnce(() => {
+            throw new Error('already stopped');
+        });
+        // Second stop succeeds
+        mockExecSync.mockReturnValueOnce('');
+        cleanupOrphans(); // should not throw
+        expect(mockExecSync).toHaveBeenCalledTimes(3);
+        expect(logger.info).toHaveBeenCalledWith({ count: 2, names: ['nanoclaw-a-1', 'nanoclaw-b-2'] }, 'Stopped orphaned containers');
+    });
+});
+//# sourceMappingURL=container-runtime.test.js.map

package/dist/container-runtime.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"container-runtime.test.js","sourceRoot":"","sources":["../src/container-runtime.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAE9D,cAAc;AACd,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,MAAM,EAAE;QACN,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;QACd,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE;QACb,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE;QACb,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;KACf;CACF,CAAC,CAAC,CAAC;AAEJ,mEAAmE;AACnE,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC7B,EAAE,CAAC,IAAI,CAAC,eAAe,EAAE,GAAG,EAAE,CAAC,CAAC;IAC9B,QAAQ,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC;CACxD,CAAC,CAAC,CAAC;AAEJ,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,6BAA6B,EAC7B,cAAc,GACf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,UAAU,CAAC,GAAG,EAAE;IACd,EAAE,CAAC,aAAa,EAAE,CAAC;AACrB,CAAC,CAAC,CAAC;AAEH,yBAAyB;AAEzB,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,IAAI,GAAG,iBAAiB,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;QAChE,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,+BAA+B,CAAC,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAC7C,GAAG,qBAAqB,yBAAyB,CAClD,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,wCAAwC;AAExC,QAAQ,CAAC,+BAA+B,EAAE,GAAG,EAAE;IAC7C,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAErC,6BAA6B,EAAE,CAAC;QAEhC,MAAM,CAAC,YAAY,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,CAAC,YAAY,CAAC,CAAC,oBAAoB,CAAC,GAAG,qBAAqB,OAAO,EAAE;YACzE,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,oBAAoB,CACvC,mCAAmC,CACpC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,YAAY,CAAC,sBAAsB,CAAC,GAAG,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,GAAG,EAAE,CAAC,6BAA6B,EAAE,CAAC,CAAC,OAAO,CACnD,mDAAmD,CACpD,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,yBAAyB;AAEzB,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,kDAAkD;QAClD,YAAY,CAAC,mBAAmB,CAC9B,4CAA4C,CAC7C,CAAC;QACF,qBAAqB;QACrB,YAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QAEjC,cAAc,EAAE,CAAC;QAEjB,oBAAoB;QACpB,MAAM,CAAC,YAAY,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,CAAC,YAAY,CAAC,CAAC,uBAAuB,CAC1C,CAAC,EACD,GAAG,qBAAqB,2BAA2B,EACnD,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;QACF,MAAM,CAAC,YAAY,CAAC,CAAC,uBAAuB,CAC1C,CAAC,EACD,GAAG,qBAAqB,2BAA2B,EACnD,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,oBAAoB,CACtC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,qBAAqB,EAAE,qBAAqB,CAAC,EAAE,EACnE,6BAA6B,CAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAErC,cAAc,EAAE,CAAC;QAEjB,MAAM,CAAC,YAAY,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,YAAY,CAAC,sBAAsB,CAAC,GAAG,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,cAAc,EAAE,CAAC,CAAC,mBAAmB;QAErC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,oBAAoB,CACtC,MAAM,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EACnD,wCAAwC,CACzC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6DAA6D,EAAE,GAAG,EAAE;QACrE,YAAY,CAAC,mBAAmB,CAAC,8BAA8B,CAAC,CAAC;QACjE,mBAAmB;QACnB,YAAY,CAAC,sBAAsB,CAAC,GAAG,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QACH,uBAAuB;QACvB,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAErC,cAAc,EAAE,CAAC,CAAC,mBAAmB;QAErC,MAAM,CAAC,YAAY,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,oBAAoB,CACtC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,cAAc,EAAE,cAAc,CAAC,EAAE,EACrD,6BAA6B,CAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/credential-proxy.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Credential proxy for container isolation.
+ * Containers connect here instead of directly to the Anthropic API.
+ * The proxy injects real credentials so containers never see them.
+ *
+ * Two auth modes:
+ *   API key:  Proxy injects x-api-key on every request.
+ *   OAuth:    Container CLI exchanges its placeholder token for a temp
+ *             API key via /api/oauth/claude_cli/create_api_key.
+ *             Proxy injects real OAuth token on that exchange request;
+ *             subsequent requests carry the temp key which is valid as-is.
+ */
+import { Server } from 'http';
+export type AuthMode = 'api-key' | 'oauth';
+export interface ProxyConfig {
+    authMode: AuthMode;
+}
+export declare function startCredentialProxy(port: number, host?: string): Promise<Server>;
+/** Detect which auth mode the host is configured for. */
+export declare function detectAuthMode(): AuthMode;
+//# sourceMappingURL=credential-proxy.d.ts.map

package/dist/credential-proxy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-proxy.d.ts","sourceRoot":"","sources":["../src/credential-proxy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,OAAO,EAAgB,MAAM,EAAE,MAAM,MAAM,CAAC;AAO5C,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,OAAO,CAAC;AAE3C,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,QAAQ,CAAC;CACpB;AAED,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,MAAM,EACZ,IAAI,SAAc,GACjB,OAAO,CAAC,MAAM,CAAC,CA0FjB;AAED,yDAAyD;AACzD,wBAAgB,cAAc,IAAI,QAAQ,CAGzC"}

package/dist/credential-proxy.js

@@ -0,0 +1,95 @@
+/**
+ * Credential proxy for container isolation.
+ * Containers connect here instead of directly to the Anthropic API.
+ * The proxy injects real credentials so containers never see them.
+ *
+ * Two auth modes:
+ *   API key:  Proxy injects x-api-key on every request.
+ *   OAuth:    Container CLI exchanges its placeholder token for a temp
+ *             API key via /api/oauth/claude_cli/create_api_key.
+ *             Proxy injects real OAuth token on that exchange request;
+ *             subsequent requests carry the temp key which is valid as-is.
+ */
+import { createServer } from 'http';
+import { request as httpsRequest } from 'https';
+import { request as httpRequest } from 'http';
+import { readEnvFile } from './env.js';
+import { logger } from './logger.js';
+export function startCredentialProxy(port, host = '127.0.0.1') {
+    const secrets = readEnvFile([
+        'ANTHROPIC_API_KEY',
+        'CLAUDE_CODE_OAUTH_TOKEN',
+        'ANTHROPIC_AUTH_TOKEN',
+        'ANTHROPIC_BASE_URL',
+    ]);
+    const authMode = secrets.ANTHROPIC_API_KEY ? 'api-key' : 'oauth';
+    const oauthToken = secrets.CLAUDE_CODE_OAUTH_TOKEN || secrets.ANTHROPIC_AUTH_TOKEN;
+    const upstreamUrl = new URL(secrets.ANTHROPIC_BASE_URL || 'https://api.anthropic.com');
+    const isHttps = upstreamUrl.protocol === 'https:';
+    const makeRequest = isHttps ? httpsRequest : httpRequest;
+    return new Promise((resolve, reject) => {
+        const server = createServer((req, res) => {
+            const chunks = [];
+            req.on('data', (c) => chunks.push(c));
+            req.on('end', () => {
+                const body = Buffer.concat(chunks);
+                const headers = {
+                    ...req.headers,
+                    host: upstreamUrl.host,
+                    'content-length': body.length,
+                };
+                // Strip hop-by-hop headers that must not be forwarded by proxies
+                delete headers['connection'];
+                delete headers['keep-alive'];
+                delete headers['transfer-encoding'];
+                if (authMode === 'api-key') {
+                    // API key mode: inject x-api-key on every request
+                    delete headers['x-api-key'];
+                    headers['x-api-key'] = secrets.ANTHROPIC_API_KEY;
+                }
+                else {
+                    // OAuth mode: replace placeholder Bearer token with the real one
+                    // only when the container actually sends an Authorization header
+                    // (exchange request + auth probes). Post-exchange requests use
+                    // x-api-key only, so they pass through without token injection.
+                    if (headers['authorization']) {
+                        delete headers['authorization'];
+                        if (oauthToken) {
+                            headers['authorization'] = `Bearer ${oauthToken}`;
+                        }
+                    }
+                }
+                const upstream = makeRequest({
+                    hostname: upstreamUrl.hostname,
+                    port: upstreamUrl.port || (isHttps ? 443 : 80),
+                    path: req.url,
+                    method: req.method,
+                    headers,
+                }, (upRes) => {
+                    res.writeHead(upRes.statusCode, upRes.headers);
+                    upRes.pipe(res);
+                });
+                upstream.on('error', (err) => {
+                    logger.error({ err, url: req.url }, 'Credential proxy upstream error');
+                    if (!res.headersSent) {
+                        res.writeHead(502);
+                        res.end('Bad Gateway');
+                    }
+                });
+                upstream.write(body);
+                upstream.end();
+            });
+        });
+        server.listen(port, host, () => {
+            logger.info({ port, host, authMode }, 'Credential proxy started');
+            resolve(server);
+        });
+        server.on('error', reject);
+    });
+}
+/** Detect which auth mode the host is configured for. */
+export function detectAuthMode() {
+    const secrets = readEnvFile(['ANTHROPIC_API_KEY']);
+    return secrets.ANTHROPIC_API_KEY ? 'api-key' : 'oauth';
+}
+//# sourceMappingURL=credential-proxy.js.map

package/dist/credential-proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-proxy.js","sourceRoot":"","sources":["../src/credential-proxy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,OAAO,EAAE,YAAY,EAAU,MAAM,MAAM,CAAC;AAC5C,OAAO,EAAE,OAAO,IAAI,YAAY,EAAE,MAAM,OAAO,CAAC;AAChD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAkB,MAAM,MAAM,CAAC;AAE9D,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAQrC,MAAM,UAAU,oBAAoB,CAClC,IAAY,EACZ,IAAI,GAAG,WAAW;IAElB,MAAM,OAAO,GAAG,WAAW,CAAC;QAC1B,mBAAmB;QACnB,yBAAyB;QACzB,sBAAsB;QACtB,oBAAoB;KACrB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAa,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC;IAC3E,MAAM,UAAU,GACd,OAAO,CAAC,uBAAuB,IAAI,OAAO,CAAC,oBAAoB,CAAC;IAElE,MAAM,WAAW,GAAG,IAAI,GAAG,CACzB,OAAO,CAAC,kBAAkB,IAAI,2BAA2B,CAC1D,CAAC;IACF,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,KAAK,QAAQ,CAAC;IAClD,MAAM,WAAW,GAAG,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC;IAEzD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACvC,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACtC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACjB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBACnC,MAAM,OAAO,GACX;oBACE,GAAI,GAAG,CAAC,OAAkC;oBAC1C,IAAI,EAAE,WAAW,CAAC,IAAI;oBACtB,gBAAgB,EAAE,IAAI,CAAC,MAAM;iBAC9B,CAAC;gBAEJ,iEAAiE;gBACjE,OAAO,OAAO,CAAC,YAAY,CAAC,CAAC;gBAC7B,OAAO,OAAO,CAAC,YAAY,CAAC,CAAC;gBAC7B,OAAO,OAAO,CAAC,mBAAmB,CAAC,CAAC;gBAEpC,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC3B,kDAAkD;oBAClD,OAAO,OAAO,CAAC,WAAW,CAAC,CAAC;oBAC5B,OAAO,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,iBAAiB,CAAC;gBACnD,CAAC;qBAAM,CAAC;oBACN,iEAAiE;oBACjE,iEAAiE;oBACjE,+DAA+D;oBAC/D,gEAAgE;oBAChE,IAAI,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;wBAC7B,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC;wBAChC,IAAI,UAAU,EAAE,CAAC;4BACf,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,UAAU,EAAE,CAAC;wBACpD,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,MAAM,QAAQ,GAAG,WAAW,CAC1B;oBACE,QAAQ,EAAE,WAAW,CAAC,QAAQ;oBAC9B,IAAI,EAAE,WAAW,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC9C,IAAI,EAAE,GAAG,CAAC,GAAG;oBACb,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,OAAO;iBACU,EACnB,CAAC,KAAK,EAAE,EAAE;oBACR,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,UAAW,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;oBAChD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAClB,CAAC,CACF,CAAC;gBAEF,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;oBAC3B,MAAM,CAAC,KAAK,CACV,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EACrB,iCAAiC,CAClC,CAAC;oBACF,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;wBACrB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;wBACnB,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACrB,QAAQ,CAAC,GAAG,EAAE,CAAC;YACjB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YAC7B,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,0BAA0B,CAAC,CAAC;YAClE,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,yDAAyD;AACzD,MAAM,UAAU,cAAc;IAC5B,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACnD,OAAO,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC;AACzD,CAAC"}

package/dist/credential-proxy.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=credential-proxy.test.d.ts.map

package/dist/credential-proxy.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-proxy.test.d.ts","sourceRoot":"","sources":["../src/credential-proxy.test.ts"],"names":[],"mappings":""}