@synapsor/runner 0.1.0-alpha.1 → 0.1.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/README.md +15 -13
  2. package/TRADEMARKS.md +23 -0
  3. package/dist/cli.js +15 -8723
  4. package/dist/runner.mjs +8767 -0
  5. package/docs/MCP_RUNNER_IMPLEMENTATION_PLAN.md +187 -0
  6. package/docs/README.md +56 -0
  7. package/docs/architecture.md +65 -0
  8. package/docs/capability-config.md +180 -0
  9. package/docs/cloud-mode.md +140 -0
  10. package/docs/config-migrations.md +67 -0
  11. package/docs/demo-transcript.md +73 -0
  12. package/docs/dependency-license-inventory.md +35 -0
  13. package/docs/first-10-minutes.md +147 -0
  14. package/docs/getting-started-own-database.md +367 -0
  15. package/docs/licensing.md +38 -0
  16. package/docs/limitations.md +75 -0
  17. package/docs/local-mode.md +246 -0
  18. package/docs/local-ui.md +163 -0
  19. package/docs/mcp-audit.md +135 -0
  20. package/docs/mcp-client-setup.md +155 -0
  21. package/docs/mcp-efficiency-benchmark.md +84 -0
  22. package/docs/operations.md +38 -0
  23. package/docs/own-db-20-minutes.md +185 -0
  24. package/docs/production-readiness.md +39 -0
  25. package/docs/protocol.md +90 -0
  26. package/docs/recipes.md +61 -0
  27. package/docs/roadmap.md +13 -0
  28. package/docs/schema-inspection.md +88 -0
  29. package/docs/security-boundary.md +70 -0
  30. package/docs/shadow-mode.md +67 -0
  31. package/docs/telemetry.md +28 -0
  32. package/docs/threat-model.md +25 -0
  33. package/docs/troubleshooting-first-run.md +248 -0
  34. package/docs/trusted-context.md +70 -0
  35. package/docs/writeback-executors.md +128 -0
  36. package/examples/dangerous-mcp-tools.json +88 -0
  37. package/examples/reference-support-billing-app/README.md +86 -0
  38. package/examples/reference-support-billing-app/docker-compose.yml +13 -0
  39. package/examples/reference-support-billing-app/mcp-client.generic.json +11 -0
  40. package/examples/reference-support-billing-app/schema.sql +55 -0
  41. package/examples/reference-support-billing-app/scripts/run-demo.sh +7 -0
  42. package/examples/reference-support-billing-app/seed.sql +26 -0
  43. package/examples/reference-support-billing-app/synapsor.runner.json +136 -0
  44. package/package.json +10 -4
  45. package/recipes/accounts.trial_extension.json +42 -0
  46. package/recipes/billing.late_fee_waiver.json +46 -0
  47. package/recipes/credits.account_credit.json +45 -0
  48. package/recipes/orders.refund_review.json +57 -0
  49. package/recipes/support.ticket_resolution.json +51 -0
  50. package/dist/bin.cjs +0 -13
@@ -0,0 +1,155 @@
1
+ # MCP Client Setup
2
+
3
+ The primary local proof path is still the one-command Docker demo:
4
+
5
+ ```bash
6
+ ./scripts/demo-docker.sh
7
+ ```
8
+
9
+ Use this page after that demo passes and you want to attach a local MCP client. The tested integration contract here is stdio. Client-specific UIs change, so the checked-in examples verify config shape and `tools/list`, not every client screen.
10
+
11
+ Command examples use the published alpha package through `npx`. From a source
12
+ checkout, use `./bin/synapsor ...` only when you intentionally want the local
13
+ source wrapper.
14
+
15
+ Checked examples live in:
16
+
17
+ ```text
18
+ examples/mcp-client-configs/
19
+ ```
20
+
21
+ Validate them with:
22
+
23
+ ```bash
24
+ corepack pnpm test:mcp-client-configs
25
+ ```
26
+
27
+ ## Generate A Client Snippet
28
+
29
+ Print a snippet without modifying any client files:
30
+
31
+ ```bash
32
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
33
+ --config ./synapsor.runner.json \
34
+ --store ./.synapsor/local.db
35
+ ```
36
+
37
+ Supported client names:
38
+
39
+ ```text
40
+ generic-stdio
41
+ generic
42
+ claude-desktop
43
+ cursor
44
+ vscode
45
+ ```
46
+
47
+ The older form is still supported:
48
+
49
+ ```bash
50
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
51
+ ```
52
+
53
+ Write is opt-in and requires an explicit destination:
54
+
55
+ ```bash
56
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure \
57
+ --client cursor \
58
+ --config ./synapsor.runner.json \
59
+ --store ./.synapsor/local.db \
60
+ --write \
61
+ --destination ./cursor-mcp.json
62
+ ```
63
+
64
+ When the destination already exists, Synapsor Runner creates a timestamped
65
+ backup before writing. Noninteractive scripts must add `--yes`.
66
+
67
+ The command writes only the local stdio MCP command and args. It does not write
68
+ database URLs or passwords into the client config.
69
+
70
+ ## Start Command
71
+
72
+ From the runner repository:
73
+
74
+ ```bash
75
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
76
+ ```
77
+
78
+ For the alpha package, keep the package tag explicit in client configuration.
79
+
80
+ ## Generic stdio Client
81
+
82
+ ```json
83
+ {
84
+ "mcpServers": {
85
+ "synapsor-runner": {
86
+ "command": "npx",
87
+ "args": [
88
+ "-y",
89
+ "-p",
90
+ "@synapsor/runner@alpha",
91
+ "synapsor-runner",
92
+ "mcp",
93
+ "serve",
94
+ "--config",
95
+ "./examples/mcp-postgres-billing/synapsor.runner.json",
96
+ "--store",
97
+ "./.synapsor/local.db"
98
+ ],
99
+ "env": {
100
+ "BILLING_POSTGRES_READ_URL": "postgresql://synapsor_reader:...@localhost:55433/synapsor_runner_mcp_billing",
101
+ "SYNAPSOR_TENANT_ID": "acme",
102
+ "SYNAPSOR_PRINCIPAL": "local_billing_agent"
103
+ }
104
+ }
105
+ }
106
+ }
107
+ ```
108
+
109
+ The MCP server should list semantic tools such as:
110
+
111
+ ```text
112
+ billing.inspect_invoice
113
+ billing.propose_late_fee_waiver
114
+ ```
115
+
116
+ It should not list:
117
+
118
+ ```text
119
+ execute_sql
120
+ run_query
121
+ approve_proposal
122
+ commit_proposal
123
+ ```
124
+
125
+ ## Claude Desktop / Cursor / VS Code
126
+
127
+ Use the matching checked-in example as the starting point:
128
+
129
+ ```text
130
+ examples/mcp-client-configs/claude-desktop.json
131
+ examples/mcp-client-configs/cursor.json
132
+ examples/mcp-client-configs/vscode.json
133
+ ```
134
+
135
+ Each example uses the same stdio command/args/env structure. Replace the placeholder environment variables in your client settings or shell environment.
136
+
137
+ Do not add a write database URL to the MCP server environment unless you are intentionally running a local review/writeback demo. For normal read/proposal tool calls, use the read URL and trusted context values only.
138
+
139
+ Before documenting a client UI as officially tested, verify:
140
+
141
+ 1. the server starts;
142
+ 2. `tools/list` returns semantic tools;
143
+ 3. read tools return evidence handles;
144
+ 4. proposal tools return exact diffs and `source_database_changed: false`;
145
+ 5. no approval or commit tool is model-callable;
146
+ 6. resource reads work for proposal/evidence/replay handles.
147
+
148
+ ## Troubleshooting
149
+
150
+ - Server not listed: check the command path, working directory, and config path.
151
+ - Tool schema mismatch: run `synapsor audit <exported-tools.json>`.
152
+ - Missing trusted context: set `SYNAPSOR_TENANT_ID` and `SYNAPSOR_PRINCIPAL`, or use the environment variables configured in `trusted_context.values`.
153
+ - Database unavailable: verify the read credential and host access.
154
+ - Proposal waiting review: approve outside the model with `synapsor proposals approve`.
155
+ - Stale-row conflict: inspect replay; the source row changed after the proposal was created, so the guarded worker refused to commit.
@@ -0,0 +1,84 @@
1
+ # MCP Efficiency Benchmark
2
+
3
+ Run:
4
+
5
+ From a source checkout, use `corepack pnpm runner benchmark mcp-efficiency`.
6
+ The global `synapsor` command is only needed after installing or linking the
7
+ CLI.
8
+
9
+ ```bash
10
+ npx -y -p @synapsor/runner@alpha synapsor-runner benchmark mcp-efficiency
11
+ ```
12
+
13
+ For machine-readable output:
14
+
15
+ ```bash
16
+ npx -y -p @synapsor/runner@alpha synapsor-runner benchmark mcp-efficiency --json
17
+ ```
18
+
19
+ The benchmark compares an included fixture, not universal model behavior.
20
+
21
+ Current fixture:
22
+
23
+ ```text
24
+ late-fee-waiver
25
+ ```
26
+
27
+ Checked-in snapshots:
28
+
29
+ ```text
30
+ fixtures/benchmark/mcp-efficiency.txt
31
+ fixtures/benchmark/mcp-efficiency.json
32
+ ```
33
+
34
+ The CLI tests compare both human-readable and machine-readable output against
35
+ those snapshots, so changes to the fixture, tokenizer, measurements, or wording
36
+ are reviewable.
37
+
38
+ Reference path:
39
+
40
+ ```text
41
+ list_tables
42
+ describe_table invoices
43
+ query_database SELECT invoice
44
+ formulate raw UPDATE
45
+ execute_sql UPDATE invoice
46
+ ```
47
+
48
+ Synapsor Runner semantic path:
49
+
50
+ ```text
51
+ billing.inspect_invoice
52
+ billing.propose_late_fee_waiver
53
+ ```
54
+
55
+ It measures:
56
+
57
+ - number of exposed tools;
58
+ - serialized `tools/list` bytes;
59
+ - token count with a pinned deterministic fixture tokenizer;
60
+ - scripted tool-call count;
61
+ - schema/context bytes and tokens exposed;
62
+ - business result bytes and tokens;
63
+ - whether raw SQL is exposed;
64
+ - whether write credentials are exposed;
65
+ - whether approval is separated;
66
+ - whether stale-row conflict is checked.
67
+
68
+ Tokenizer:
69
+
70
+ ```text
71
+ synapsor-fixture-tokenizer-v1
72
+ ```
73
+
74
+ This tokenizer is a deterministic regex tokenizer used only for repeatable
75
+ fixture comparison. It is not a model billing tokenizer.
76
+
77
+ Allowed README phrasing after implementation:
78
+
79
+ > In the included fixture, semantic capabilities replace generic schema
80
+ > exploration and raw SQL with two compact business tools. Run the benchmark to
81
+ > inspect tool definitions, reference tool-call count, and tokenized context
82
+ > size.
83
+
84
+ Do not claim guaranteed percentage savings across workloads.
@@ -0,0 +1,38 @@
1
+ # Operations
2
+
3
+ ## Required configuration
4
+
5
+ - `SYNAPSOR_CONTROL_PLANE_URL`
6
+ - `SYNAPSOR_RUNNER_TOKEN`
7
+ - `SYNAPSOR_RUNNER_ID`
8
+ - `SYNAPSOR_SOURCE_ID`
9
+ - `SYNAPSOR_DATABASE_URL`
10
+ - `SYNAPSOR_ENGINE=postgres|mysql`
11
+
12
+ ## Routine checks
13
+
14
+ ```bash
15
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor
16
+ npx -y -p @synapsor/runner@alpha synapsor-runner validate --job examples/postgres-support/job.approved.json
17
+ npx -y -p @synapsor/runner@alpha synapsor-runner validate --job examples/mysql-orders/job.approved.json
18
+ ```
19
+
20
+ `doctor` validates local configuration, calls Synapsor's runner-token doctor endpoint, confirms the token is authenticated for the configured source, checks database reachability and engine version, creates/verifies `synapsor_writeback_receipts`, and performs a rollback-only receipt insert to prove the configured credential can write runner receipts. It does not mutate business tables.
21
+
22
+ ## Local fixture smoke
23
+
24
+ Run this before cutting a release or changing the adapters:
25
+
26
+ ```bash
27
+ corepack pnpm test:docker
28
+ ```
29
+
30
+ The smoke starts the local Postgres and MySQL fixtures, validates approved jobs, applies one guarded single-row update, retries the same idempotency key, verifies stale-version conflict, verifies tenant mismatch rejection, verifies disallowed-column validation, and tears down the containers with volumes.
31
+
32
+ ## Shutdown
33
+
34
+ The runner handles `SIGINT` and `SIGTERM` by stopping the poll loop. In-flight database transactions complete or roll back through the adapter.
35
+
36
+ ## Logs
37
+
38
+ Default logs include runner id, job id, proposal id, source id, engine, schema/table names, patch column names, status/error code, and durations. Logs must not include database URL/password, runner token, full patch values, full source rows, or customer data.
@@ -0,0 +1,185 @@
1
+ # Own Database In 10 Minutes
2
+
3
+ This path is for a developer who already understands the local demo and wants
4
+ to try one staging Postgres/MySQL table without writing `synapsor.runner.json`
5
+ by hand.
6
+
7
+ Do not start with your most sensitive production database. Start with staging,
8
+ a disposable database, or a least-privilege view.
9
+
10
+ ## 1. Create A Read-Only Credential
11
+
12
+ Use a database user that can inspect metadata and read only the tables/views
13
+ needed for the experiment.
14
+
15
+ Set the connection string in an environment variable:
16
+
17
+ ```bash
18
+ export DATABASE_URL="<postgres-or-mysql-read-url>"
19
+ ```
20
+
21
+ Do not paste database URLs into MCP client configs or committed JSON files.
22
+
23
+ ## 2. Inspect The Database
24
+
25
+ Fast path:
26
+
27
+ ```bash
28
+ ./scripts/use-your-db.sh
29
+ ```
30
+
31
+ That command runs inspection, guided config generation, and tool preview. The
32
+ rest of this page shows the same steps explicitly.
33
+
34
+ ```bash
35
+ npx -y -p @synapsor/runner@alpha synapsor-runner inspect --from-env DATABASE_URL --engine auto
36
+ ```
37
+
38
+ This prints discovered tables/views, primary keys, possible tenant/scope
39
+ columns, possible conflict/version columns, and fields suggested for review.
40
+ Inspection reads metadata and table shape. It does not expose raw SQL tools or
41
+ write credentials to the model.
42
+
43
+ For disposable staging databases, this shorter form also works:
44
+
45
+ ```bash
46
+ npx -y -p @synapsor/runner@alpha synapsor-runner inspect "$DATABASE_URL" --engine auto
47
+ ```
48
+
49
+ Prefer `--from-env` on shared machines so URLs do not land in shell history.
50
+
51
+ ## 3. Run The Guided Wizard
52
+
53
+ ```bash
54
+ npx -y -p @synapsor/runner@alpha synapsor-runner init --from-env DATABASE_URL --mode review --wizard
55
+ ```
56
+
57
+ The wizard asks for:
58
+
59
+ - database engine;
60
+ - read URL environment-variable name;
61
+ - schema/database;
62
+ - table or view;
63
+ - primary key;
64
+ - tenant/scope column;
65
+ - conflict/version column;
66
+ - read-visible fields;
67
+ - mode: `read_only`, `shadow`, or `review`;
68
+ - business object name and namespace;
69
+ - proposal patch mapping if you choose `shadow` or `review`;
70
+ - trusted tenant/principal env vars;
71
+ - approval role;
72
+ - final confirmation before files are written.
73
+
74
+ The default mode for unknown schemas should be treated as a cautious staging
75
+ path. Do not enable real writeback until the read/proposal path is reviewed.
76
+
77
+ You can still run the complete wrapper:
78
+
79
+ ```bash
80
+ ./scripts/use-your-db.sh
81
+ ```
82
+
83
+ It runs inspection, guided init, tool preview, and next-step printing in one
84
+ flow. For the lower-level CLI path, `synapsor onboard db --from-env
85
+ DATABASE_URL` runs the same own-database onboarding from the runner command.
86
+
87
+ ## 4. What Gets Generated
88
+
89
+ The wizard creates:
90
+
91
+ - `synapsor.runner.json`;
92
+ - `.env.example`;
93
+ - `.synapsor/mcp/generic-stdio.json`;
94
+ - `.synapsor/mcp/claude-desktop.json`;
95
+ - `.synapsor/mcp/cursor.json`;
96
+ - `.synapsor/mcp/vscode.json`.
97
+
98
+ The generated config stores environment-variable names, not database secrets.
99
+
100
+ ## 5. Preview What The Model Sees
101
+
102
+ ```bash
103
+ npx -y -p @synapsor/runner@alpha synapsor-runner config validate --config synapsor.runner.json
104
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
105
+ npx -y -p @synapsor/runner@alpha synapsor-runner tools preview --config synapsor.runner.json --store ./.synapsor/local.db
106
+ ```
107
+
108
+ `doctor` checks config shape, trusted context env vars, source env vars,
109
+ read/write credential separation, source metadata when reachable, handler env
110
+ vars, and the semantic MCP tool boundary.
111
+
112
+ `tools preview` lists what the model would see and confirms:
113
+
114
+ - semantic tools present;
115
+ - `execute_sql` absent;
116
+ - approval tools absent;
117
+ - commit tools absent;
118
+ - database URLs absent;
119
+ - write credentials absent.
120
+
121
+ ## 6. Serve MCP
122
+
123
+ ```bash
124
+ export SYNAPSOR_TENANT_ID="acme"
125
+ export SYNAPSOR_PRINCIPAL="local_operator"
126
+
127
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve \
128
+ --config ./synapsor.runner.json \
129
+ --store ./.synapsor/local.db
130
+ ```
131
+
132
+ The MCP server exposes only the configured semantic tools. It does not expose
133
+ raw SQL, approval tools, commit tools, database URLs, write credentials, or
134
+ model-controlled tenant authority.
135
+
136
+ ## 7. Review Proposals
137
+
138
+ If a proposal is created:
139
+
140
+ ```bash
141
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals list --store ./.synapsor/local.db
142
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals show <proposal_id> --store ./.synapsor/local.db
143
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay show <proposal_id> --store ./.synapsor/local.db
144
+ ```
145
+
146
+ Open the UI:
147
+
148
+ ```bash
149
+ npx -y -p @synapsor/runner@alpha synapsor-runner ui --tour --config ./synapsor.runner.json --store ./.synapsor/local.db
150
+ ```
151
+
152
+ ## 8. Apply Only After Review
153
+
154
+ For direct SQL writeback, set a separate writer credential only when ready:
155
+
156
+ ```bash
157
+ export SYNAPSOR_DATABASE_WRITE_URL="<postgres-or-mysql-writer-url>"
158
+ ```
159
+
160
+ Then:
161
+
162
+ ```bash
163
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals approve <proposal_id> --store ./.synapsor/local.db --actor local_reviewer --yes
164
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals writeback-job <proposal_id> --store ./.synapsor/local.db --output job.json
165
+
166
+ SYNAPSOR_ENGINE=postgres \
167
+ SYNAPSOR_DATABASE_URL="$SYNAPSOR_DATABASE_WRITE_URL" \
168
+ npx -y -p @synapsor/runner@alpha synapsor-runner apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
169
+ ```
170
+
171
+ If your application should own the business write, configure an `http_handler`
172
+ or `command_handler` executor instead of direct SQL writeback. See
173
+ [writeback-executors.md](writeback-executors.md).
174
+
175
+ ## Safety Rules
176
+
177
+ - Never infer write authority silently.
178
+ - Every allowed write column must be explicitly reviewed.
179
+ - Every patch mapping must be explicitly reviewed.
180
+ - If no tenant column exists, use a safe view or explicitly acknowledge
181
+ single-tenant dev mode.
182
+ - If no conflict column exists, stay in `read_only` or `shadow` unless you
183
+ intentionally accept a weak guard for local testing.
184
+ - Never write during onboarding.
185
+ - Never put secrets in generated config.
@@ -0,0 +1,39 @@
1
+ # Production Readiness
2
+
3
+ Synapsor Runner is a local, open-source MCP data-plane/runtime for reviewed
4
+ Postgres/MySQL business actions. It is not Synapsor Cloud and it is not the
5
+ Synapsor C++ DBMS.
6
+
7
+ Use a staging or disposable database first.
8
+
9
+ Allowed current claims:
10
+
11
+ - semantic MCP tools instead of raw SQL;
12
+ - source database remains unchanged during proposal creation;
13
+ - separate read and write credentials;
14
+ - exact row diff;
15
+ - local approval outside MCP;
16
+ - tenant, column, version, affected-row, and idempotency checks;
17
+ - approved app/API handler writeback with handler secrets kept in environment
18
+ variables;
19
+ - shadow-mode comparison between agent proposals and human actions;
20
+ - stale-row conflict detection in included fixtures;
21
+ - local replay for proposal/evidence/approval/writeback receipts.
22
+
23
+ Do not claim from this repository alone:
24
+
25
+ - high availability;
26
+ - compliance certification;
27
+ - mission-critical SLA;
28
+ - exactly-once across networks;
29
+ - general MCP security;
30
+ - prompt-injection immunity;
31
+ - physical branches for Postgres/MySQL;
32
+ - arbitrary business invariants are automatically understood.
33
+
34
+ Synapsor Cloud is the production/team control plane for shared approvals, RBAC,
35
+ hosted evidence/replay search, runner fleet status, leases, retention, audit
36
+ visibility, and support.
37
+
38
+ Before a public production-data claim, complete the release checklist, counsel
39
+ review, security review, and operational validation.
@@ -0,0 +1,90 @@
1
+ # Protocol
2
+
3
+ The public protocol has four versioned identifiers:
4
+
5
+ ```text
6
+ synapsor.change-set.v1
7
+ synapsor.writeback-job.v1
8
+ synapsor.execution-receipt.v1
9
+ synapsor.runner-registration.v1
10
+ ```
11
+
12
+ The schemas live in `schemas/`. Golden fixtures live in `fixtures/protocol/` and are copied into the main Synapsor repository so Cloud/C++/SDK work can validate the same contract.
13
+
14
+ `fixtures/protocol/MANIFEST.json` is the shared checksum note for the public protocol set. The same logical manifest is copied to the main Synapsor repository as `protocol/MANIFEST.json`. Tests in both repositories verify the SHA-256 digest for every schema and fixture.
15
+
16
+ The current alpha write path supports one operation:
17
+
18
+ ```text
19
+ single_row_update
20
+ ```
21
+
22
+ It does not support arbitrary SQL, DDL, INSERT, DELETE, UPSERT, stored procedures, dynamic table/column names from model input, or multi-row writes.
23
+ Schema, table, primary-key, tenant, conflict-guard, allowed-column, and patch
24
+ column identifiers must be fixed safe identifiers. Path-traversal strings and
25
+ SQL-fragment-like identifiers are rejected by protocol validation before the
26
+ Postgres/MySQL adapter can run.
27
+
28
+ ## Change set
29
+
30
+ `synapsor.change-set.v1` describes the proposal created after a semantic capability reads the current row and derives an exact diff. It includes:
31
+
32
+ - proposal id and version;
33
+ - action name;
34
+ - trusted principal provenance;
35
+ - tenant/business-object scope;
36
+ - source table and primary key;
37
+ - before/patch/after maps;
38
+ - allowed columns;
39
+ - expected version guard;
40
+ - evidence bundle/query fingerprint;
41
+ - approval state;
42
+ - writeback state;
43
+ - `source_database_mutated: false`;
44
+ - proposal hash.
45
+
46
+ ## Writeback job
47
+
48
+ `synapsor.writeback-job.v1` is the only object a runner may use to mutate the external database. Required fields include:
49
+
50
+ - `writeback_job_id`;
51
+ - `proposal_id`;
52
+ - `proposal_version`;
53
+ - `proposal_hash`;
54
+ - `runner_scope.project_id`;
55
+ - `runner_scope.source_id`;
56
+ - `engine`;
57
+ - `operation: single_row_update`;
58
+ - `target.schema`;
59
+ - `target.table`;
60
+ - `target.primary_key`;
61
+ - `tenant_guard`;
62
+ - `allowed_columns`;
63
+ - `patch`;
64
+ - `conflict_guard`;
65
+ - `idempotency_key`;
66
+ - `lease`.
67
+
68
+ The protocol package normalizes this public shape into the existing internal `protocol_version: "1.0"` worker shape so current Postgres/MySQL adapters remain stable while the public contract evolves.
69
+
70
+ ## Execution receipt
71
+
72
+ `synapsor.execution-receipt.v1` records the terminal result:
73
+
74
+ ```text
75
+ applied
76
+ conflict
77
+ failed
78
+ canceled
79
+ already_applied
80
+ ```
81
+
82
+ Receipts include the writeback job id, proposal id, runner id, rows affected, idempotency key, version fields when available, source mutation state, safe error code, execution timestamp, and receipt hash.
83
+
84
+ ## Runner registration
85
+
86
+ `synapsor.runner-registration.v1` describes a runner's id, version, supported engines, capabilities, project/source scope, and registration timestamp.
87
+
88
+ ## Compatibility
89
+
90
+ Existing Cloud endpoints may still return the legacy `protocol_version: "1.0"` job/result envelope during migration. The runner validates both formats. New public examples and MCP work should use the `synapsor.*.v1` schema ids.
@@ -0,0 +1,61 @@
1
+ # Capability Recipes
2
+
3
+ Recipes are reviewed starter contracts for common database-backed agent actions.
4
+
5
+ They do not introspect and silently guess write authority. They generate a
6
+ starter config that you must map to your actual staging table names, columns,
7
+ tenant key, conflict column, and business limits.
8
+
9
+ List recipes:
10
+
11
+ ```bash
12
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes list
13
+ ```
14
+
15
+ Inspect one:
16
+
17
+ ```bash
18
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes show billing.late_fee_waiver
19
+ ```
20
+
21
+ Initialize a starter config:
22
+
23
+ ```bash
24
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes init billing.late_fee_waiver --output synapsor.runner.json
25
+ npx -y -p @synapsor/runner@alpha synapsor-runner config validate --config synapsor.runner.json
26
+ ```
27
+
28
+ Built-in recipes are JSON files under `recipes/`. They are starter data, not
29
+ runtime hardcoding. You can copy one, edit table/column/tool names for your
30
+ domain, and initialize from your file:
31
+
32
+ ```bash
33
+ cp recipes/billing.late_fee_waiver.json my-recipe.json
34
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes show ./my-recipe.json
35
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes init ./my-recipe.json --output synapsor.runner.json
36
+ ```
37
+
38
+ Available recipes:
39
+
40
+ - `billing.late_fee_waiver`
41
+ - `support.ticket_resolution`
42
+ - `orders.refund_review`
43
+ - `accounts.trial_extension`
44
+ - `credits.account_credit`
45
+
46
+ Each recipe includes:
47
+
48
+ - expected table type;
49
+ - required columns;
50
+ - recommended primary key;
51
+ - recommended tenant key;
52
+ - recommended conflict/version column;
53
+ - visible columns;
54
+ - allowed write columns;
55
+ - patch mapping;
56
+ - numeric/status bounds where relevant;
57
+ - semantic MCP tool names;
58
+ - staging-first notes.
59
+
60
+ Start with staging or a disposable database. Keep production write credentials
61
+ out of the MCP client.
@@ -0,0 +1,13 @@
1
+ # Roadmap
2
+
3
+ Future packages can live in this same monorepo:
4
+
5
+ - MCP adapter
6
+ - LangGraph adapter
7
+ - OpenAI Agents SDK adapter
8
+ - CrewAI adapter
9
+ - ORM helpers for Prisma, Drizzle, Django, Rails, and SQLAlchemy
10
+ - Local read runner when product requirements and security review are complete
11
+
12
+ Do not add package stubs until the implementation is ready.
13
+