@tangle-network/agent-runtime 0.50.0 → 0.52.0

package/dist/platform.d.ts

@@ -68,15 +68,17 @@ declare class PlatformAuthClient {
 }
 
 /**
- * Server-side client for the Tangle platform's integrations hub
- * (`/v1/integrations/*`). Consumer apps use this instead of rolling
- * their own OAuth + connection tables.
+ * Server-side client for the Tangle platform's integration hub
+ * (`/v1/hub/*`). Consumer apps use this instead of rolling their own
+ * OAuth + connection tables.
  *
  * Auth: the caller supplies a bearer (either the user's API key from
  * cross-site exchange, or a platform service token) on construction.
- * Per-request override via `headers` is supported.
  *
- * Endpoint contract: `products/platform/api/src/routes/integrations.ts`.
+ * Endpoint contract (authoritative): the platform's `src/lib/hub-contract.ts`
+ * + `src/routes/hub.ts`. The platform wraps every response in
+ * `{ success, data }`; non-2xx or `success:false` surfaces as `PlatformHubError`
+ * carrying the real upstream status.
  */
 interface PlatformHubClientOptions {
     /** Platform base URL, e.g. `https://id.tangle.tools`. */
@@ -86,72 +88,112 @@ interface PlatformHubClientOptions {
     /** Override fetch (tests + edge runtimes). */
     fetchImpl?: typeof fetch;
 }
+/** A live integration connection, as returned by `/v1/hub/connections`. */
 interface PlatformConnection {
     id: string;
     providerId: string;
-    connectorId: string;
-    status: 'connected' | 'pending' | 'revoked' | 'expired' | string;
-    grantedScopes?: string[];
-    account?: {
-        identity?: string;
-        displayName?: string;
-    } & Record<string, unknown>;
-    metadata?: Record<string, unknown>;
-    expiresAt?: string | null;
-    createdAt?: string;
-    updatedAt?: string;
-}
+    displayName: string;
+    accountDisplay: string | null;
+    scopes: string[];
+    status: 'active' | 'revoked' | 'unhealthy' | 'reconnect_required' | (string & {});
+    health: 'unknown' | 'healthy' | 'unhealthy' | 'rate_limited' | (string & {});
+    createdAt: string;
+    updatedAt: string;
+    lastUsedAt: string | null;
+}
+/** A connectable provider in the catalog (`/v1/hub/providers`). */
 interface PlatformCatalogProvider {
     providerId: string;
-    displayName?: string;
-    description?: string;
-    authMode?: string;
-    connectors?: PlatformCatalogConnector[];
+    title?: string;
+    authKind?: string;
+    category?: string;
+    scopes?: string[];
+    capabilityCount?: number;
+    native?: boolean;
+    /** Whether the OAuth app's credentials are wired — the UI offers Connect
+     *  only when true. */
+    configured?: boolean;
     [k: string]: unknown;
 }
-interface PlatformCatalogConnector {
-    connectorId: string;
-    displayName?: string;
-    description?: string;
-    scopes?: string[];
+interface CatalogResult {
+    providers: PlatformCatalogProvider[];
+    /** Count of substrate-bundled connectors behind the catalog. */
+    substrateBundled?: number;
     [k: string]: unknown;
 }
 interface StartAuthInput {
+    /** The provider to connect (goes in the URL path). */
     providerId: string;
-    connectorId: string;
+    /** Accepted for interface compatibility; the platform's start endpoint is
+     *  provider-level and does not consume a connector id. */
+    connectorId?: string;
     /** Where the platform redirects the user back to after OAuth. */
     returnUrl: string;
+    /** Accepted for interface compatibility; not consumed by the start endpoint. */
     requestedScopes?: string[];
-    state?: string;
-    metadata?: Record<string, unknown>;
-    /** Required when the bearer is a service token impersonating a user. */
-    ownerUserId?: string;
+    /** CLI flow flag — affects the platform's post-auth redirect handling. */
+    cli?: boolean;
 }
 interface StartAuthResult {
+    /** The URL to send the user to. Normalized across the platform's two start
+     *  branches: github returns `authorizationUrl`, substrate returns
+     *  `redirectUrl`. */
     authorizationUrl: string;
     state: string;
+    expiresAt?: string;
+    scopes?: string[];
 }
-interface BundleCapabilityInput {
-    manifestId?: string;
-    grantIds?: string[];
-    subject: {
-        type: 'user' | 'team' | 'app';
-        id: string;
+interface ConnectionHealth {
+    status: 'unknown' | 'healthy' | 'unhealthy' | 'rate_limited' | (string & {});
+    checkedAt: string;
+    error?: {
+        code: string;
+        message: string;
     };
-    ttlMs: number;
 }
-interface BundleCapabilityResult {
-    bundle: Record<string, unknown>;
-    env: Record<string, string>;
+interface ConnectionHealthResult {
+    connection: PlatformConnection;
+    health: ConnectionHealth;
 }
+/** Last-known health for a connection, derived from the connection row. */
 interface HealthCheck {
     connectionId: string;
     providerId: string;
-    connectorId: string;
-    status: 'ok' | 'degraded' | 'failing' | 'unknown' | string;
-    checks?: Record<string, unknown>;
+    /** Mirrors `PlatformConnection.health`. */
+    status: ConnectionHealth['status'];
     checkedAt?: string;
 }
+interface MintTokenInput {
+    /** The hub action the token authorizes (e.g. `slack.chat.postMessage`). */
+    actionPath: string;
+    /** Bind to a specific connection, or … */
+    connectionId?: string;
+    /** … resolve the connection by provider for the calling user. */
+    provider?: string;
+}
+interface MintTokenResult {
+    tokenId: string;
+    token: string;
+    expiresAt: string;
+}
+interface ExecInput {
+    /** The hub action path to execute. */
+    path: string;
+    input?: unknown;
+    connectionId?: string;
+}
+interface PlatformHubStatus {
+    contract?: unknown;
+    principal: {
+        kind: string;
+        userId: string;
+        [k: string]: unknown;
+    };
+    connections: {
+        connectedProviderCount: number;
+        unhealthyProviderCount: number;
+    };
+}
 declare class PlatformHubError extends Error {
     readonly status: number;
     readonly code: string | undefined;
@@ -163,35 +205,51 @@ declare class PlatformHubClient {
     private readonly bearer;
     private readonly fetchImpl;
     constructor(options: PlatformHubClientOptions);
-    /** List the integration catalog (providers + connectors). */
-    catalog(): Promise<{
-        providers: PlatformCatalogProvider[];
-    } & Record<string, unknown>>;
-    /** List the calling user's integration connections. */
+    /** GET /v1/hub/providers — the connectable provider catalog. */
+    catalog(): Promise<CatalogResult>;
+    /** GET /v1/hub/connections — the calling user's live connections. */
     listConnections(): Promise<PlatformConnection[]>;
-    /** Revoke (and disable) a connection by id. */
+    /** DELETE /v1/hub/connections/:connectionId — revoke + disable a connection. */
     revokeConnection(connectionId: string): Promise<{
         connection: PlatformConnection;
-        revokedGrants: unknown[];
-        providerRevocation: {
-            ok: boolean;
-        };
     }>;
-    /** Begin OAuth — returns the URL to send the user to. */
+    /**
+     * POST /v1/hub/connections/:provider/start — begin OAuth/grant. The provider
+     * is taken from the URL; the body carries `returnUrl` (+ `cli`). The platform's
+     * two start branches name the URL field differently (github → `authorizationUrl`,
+     * substrate → `redirectUrl`); this normalizes to `authorizationUrl`.
+     */
     startAuth(input: StartAuthInput): Promise<StartAuthResult>;
-    /** List connection healthchecks (last known state). */
+    /**
+     * Last-known health for every connection. The platform has no global
+     * healthcheck listing — health rides on each connection row — so this derives
+     * the list from `listConnections()` (one request, no extra round-trips).
+     */
     listHealthchecks(): Promise<HealthCheck[]>;
-    /** Trigger a fresh healthcheck pass. */
+    /**
+     * POST /v1/hub/connections/:connectionId/health — trigger a fresh health
+     * probe for one connection and return its updated state.
+     */
+    checkConnectionHealth(connectionId: string): Promise<ConnectionHealthResult>;
+    /**
+     * Trigger a fresh health probe across all of the user's connections. The
+     * platform exposes health per-connection only, so this fans out over
+     * `listConnections()`. `scheduled` is the number of probes dispatched.
+     */
     runHealthchecks(): Promise<{
         scheduled: number;
     }>;
+    /** GET /v1/hub/status — principal + aggregate connection counts. */
+    status(): Promise<PlatformHubStatus>;
     /**
-     * Mint a sandbox-injectable capability bundle (env vars + scoped
-     * capability tokens) so a sandbox can invoke integrations on the
-     * user's behalf without seeing the underlying provider tokens.
+     * POST /v1/hub/tokens — mint a short-lived, action-scoped capability token a
+     * sandbox can use to invoke one hub action on the user's behalf without
+     * seeing the underlying provider credential.
      */
-    bundleCapabilities(input: BundleCapabilityInput): Promise<BundleCapabilityResult>;
+    mintToken(input: MintTokenInput): Promise<MintTokenResult>;
+    /** POST /v1/hub/exec — execute a hub action and return its result. */
+    exec(input: ExecInput): Promise<unknown>;
     private request;
 }
 
-export { type AuthorizeUrlOptions, type BundleCapabilityInput, type BundleCapabilityResult, type ExchangeCodeResult, type HealthCheck, PlatformAuthClient, type PlatformAuthClientOptions, PlatformAuthError, type PlatformCatalogConnector, type PlatformCatalogProvider, type PlatformConnection, PlatformHubClient, type PlatformHubClientOptions, PlatformHubError, type StartAuthInput, type StartAuthResult };
+export { type AuthorizeUrlOptions, type CatalogResult, type ConnectionHealth, type ConnectionHealthResult, type ExchangeCodeResult, type ExecInput, type HealthCheck, type MintTokenInput, type MintTokenResult, PlatformAuthClient, type PlatformAuthClientOptions, PlatformAuthError, type PlatformCatalogProvider, type PlatformConnection, PlatformHubClient, type PlatformHubClientOptions, PlatformHubError, type PlatformHubStatus, type StartAuthInput, type StartAuthResult };

package/dist/platform.js

@@ -92,48 +92,90 @@ var PlatformHubClient = class {
     this.bearer = options.bearer;
     this.fetchImpl = options.fetchImpl ?? ((url, init) => fetch(url, init));
   }
-  /** List the integration catalog (providers + connectors). */
+  /** GET /v1/hub/providers — the connectable provider catalog. */
   catalog() {
-    return this.request("GET", "/v1/integrations/catalog");
+    return this.request("GET", "/v1/hub/providers");
   }
-  /** List the calling user's integration connections. */
+  /** GET /v1/hub/connections — the calling user's live connections. */
   async listConnections() {
     const data = await this.request(
       "GET",
-      "/v1/integrations/connections"
+      "/v1/hub/connections"
     );
     return data.connections;
   }
-  /** Revoke (and disable) a connection by id. */
+  /** DELETE /v1/hub/connections/:connectionId — revoke + disable a connection. */
   revokeConnection(connectionId) {
-    return this.request(
-      "DELETE",
-      `/v1/integrations/connections/${encodeURIComponent(connectionId)}`
-    );
+    return this.request("DELETE", `/v1/hub/connections/${encodeURIComponent(connectionId)}`);
   }
-  /** Begin OAuth — returns the URL to send the user to. */
-  startAuth(input) {
-    return this.request("POST", "/v1/integrations/auth/start", input);
+  /**
+   * POST /v1/hub/connections/:provider/start — begin OAuth/grant. The provider
+   * is taken from the URL; the body carries `returnUrl` (+ `cli`). The platform's
+   * two start branches name the URL field differently (github → `authorizationUrl`,
+   * substrate → `redirectUrl`); this normalizes to `authorizationUrl`.
+   */
+  async startAuth(input) {
+    const body = { returnUrl: input.returnUrl };
+    if (input.cli !== void 0) body.cli = input.cli;
+    const data = await this.request("POST", `/v1/hub/connections/${encodeURIComponent(input.providerId)}/start`, body);
+    const authorizationUrl = data.authorizationUrl ?? data.redirectUrl;
+    if (!authorizationUrl) {
+      throw new PlatformHubError(
+        "Platform hub start response missing an authorization URL",
+        502,
+        "HUB_INVALID_START_RESPONSE",
+        data
+      );
+    }
+    return { authorizationUrl, state: data.state, expiresAt: data.expiresAt, scopes: data.scopes };
   }
-  /** List connection healthchecks (last known state). */
+  /**
+   * Last-known health for every connection. The platform has no global
+   * healthcheck listing — health rides on each connection row — so this derives
+   * the list from `listConnections()` (one request, no extra round-trips).
+   */
   async listHealthchecks() {
-    const data = await this.request(
-      "GET",
-      "/v1/integrations/healthchecks"
-    );
-    return data.healthchecks;
+    const connections = await this.listConnections();
+    return connections.map((c) => ({
+      connectionId: c.id,
+      providerId: c.providerId,
+      status: c.health,
+      checkedAt: c.updatedAt
+    }));
   }
-  /** Trigger a fresh healthcheck pass. */
-  runHealthchecks() {
-    return this.request("POST", "/v1/integrations/healthchecks/run", {});
+  /**
+   * POST /v1/hub/connections/:connectionId/health — trigger a fresh health
+   * probe for one connection and return its updated state.
+   */
+  checkConnectionHealth(connectionId) {
+    return this.request("POST", `/v1/hub/connections/${encodeURIComponent(connectionId)}/health`);
   }
   /**
-   * Mint a sandbox-injectable capability bundle (env vars + scoped
-   * capability tokens) so a sandbox can invoke integrations on the
-   * user's behalf without seeing the underlying provider tokens.
+   * Trigger a fresh health probe across all of the user's connections. The
+   * platform exposes health per-connection only, so this fans out over
+   * `listConnections()`. `scheduled` is the number of probes dispatched.
    */
-  bundleCapabilities(input) {
-    return this.request("POST", "/v1/integrations/capabilities/bundle", input);
+  async runHealthchecks() {
+    const connections = await this.listConnections();
+    await Promise.allSettled(connections.map((c) => this.checkConnectionHealth(c.id)));
+    return { scheduled: connections.length };
+  }
+  /** GET /v1/hub/status — principal + aggregate connection counts. */
+  status() {
+    return this.request("GET", "/v1/hub/status");
+  }
+  /**
+   * POST /v1/hub/tokens — mint a short-lived, action-scoped capability token a
+   * sandbox can use to invoke one hub action on the user's behalf without
+   * seeing the underlying provider credential.
+   */
+  mintToken(input) {
+    return this.request("POST", "/v1/hub/tokens", input);
+  }
+  /** POST /v1/hub/exec — execute a hub action and return its result. */
+  async exec(input) {
+    const data = await this.request("POST", "/v1/hub/exec", input);
+    return data.result;
   }
   async request(method, path, body) {
     const headers = {

package/dist/platform.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/platform/auth.ts","../src/platform/integrations.ts"],"sourcesContent":["/**\n * Server-side client for the Tangle platform's cross-site SSO bridge.\n *\n * Consumer apps (gtm-agent, tax-agent, legal-agent, creative-agent, …)\n * use this to:\n *   1. Build an /authorize URL that lands the user on id.tangle.tools\n *      and brings them back with a single-use code.\n *   2. Exchange that code for an API key + the user's identity.\n *\n * The platform endpoint contract is documented in\n * `products/platform/api/src/routes/cross-site.ts`. This client only\n * speaks HTTP — no SDK weight, no transitive deps.\n */\n\nexport interface PlatformAuthClientOptions {\n  /** Platform base URL, e.g. `https://id.tangle.tools`. */\n  baseUrl: string\n  /** App id as registered in the platform's TRUSTED_APPS registry. */\n  appId: string\n  /** Override the global fetch (useful for tests + edge runtimes). */\n  fetchImpl?: typeof fetch\n}\n\nexport interface AuthorizeUrlOptions {\n  /** Required CSRF token; the consumer verifies it on the callback. */\n  state: string\n  /**\n   * Final redirect URI. Must be one of the URIs registered for `appId`\n   * on the platform. Omit to use the first registered URI.\n   */\n  redirectUri?: string\n  /** Force the login screen even if a session is already active. */\n  prompt?: 'login'\n  /** Pre-fill the email field on the login screen. */\n  email?: string\n}\n\nexport interface ExchangeCodeResult {\n  apiKey: string\n  user: {\n    id: string\n    email: string\n    name?: string\n  }\n  plan: {\n    tier: string\n  }\n}\n\nexport class PlatformAuthError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number,\n    public readonly body: unknown,\n  ) {\n    super(message)\n    this.name = 'PlatformAuthError'\n  }\n}\n\nexport class PlatformAuthClient {\n  private readonly baseUrl: string\n  private readonly appId: string\n  private readonly fetchImpl: typeof fetch\n\n  constructor(options: PlatformAuthClientOptions) {\n    if (!options.baseUrl) throw new Error('PlatformAuthClient: baseUrl is required')\n    if (!options.appId) throw new Error('PlatformAuthClient: appId is required')\n    this.baseUrl = options.baseUrl.replace(/\\/+$/, '')\n    this.appId = options.appId\n    this.fetchImpl =\n      options.fetchImpl ??\n      ((url: Parameters<typeof fetch>[0], init?: Parameters<typeof fetch>[1]) => fetch(url, init))\n  }\n\n  /**\n   * Build the URL the user is redirected to in order to start SSO.\n   * The platform redirects back to one of `appId`'s registered\n   * `redirectUris` with `?code=...&app=...&state=...`.\n   */\n  authorizeUrl(options: AuthorizeUrlOptions): string {\n    if (!options.state) {\n      throw new Error('PlatformAuthClient.authorizeUrl: state is required for CSRF')\n    }\n    const url = new URL('/cross-site/authorize', this.baseUrl)\n    url.searchParams.set('app', this.appId)\n    url.searchParams.set('state', options.state)\n    if (options.redirectUri) url.searchParams.set('redirect', options.redirectUri)\n    if (options.prompt) url.searchParams.set('prompt', options.prompt)\n    if (options.email) url.searchParams.set('email', options.email)\n    return url.toString()\n  }\n\n  /**\n   * Exchange a single-use auth code (delivered to the consumer's\n   * callback by the platform) for an API key + the user's identity.\n   * Codes are single-use and expire ~5 minutes after issue.\n   */\n  async exchange(code: string): Promise<ExchangeCodeResult> {\n    if (!code) throw new Error('PlatformAuthClient.exchange: code is required')\n    const res = await this.fetchImpl(`${this.baseUrl}/cross-site/exchange`, {\n      method: 'POST',\n      headers: { 'content-type': 'application/json' },\n      body: JSON.stringify({ code, app: this.appId }),\n    })\n    const body = await res.json().catch(() => null)\n    if (!res.ok) {\n      const message =\n        body && typeof body === 'object' && 'error' in body && typeof body.error === 'string'\n          ? body.error\n          : `Platform exchange failed (${res.status})`\n      throw new PlatformAuthError(message, res.status, body)\n    }\n    const result = body as Partial<ExchangeCodeResult>\n    if (!result.apiKey || !result.user?.id) {\n      throw new PlatformAuthError(\n        'Platform exchange response is missing apiKey or user',\n        res.status,\n        body,\n      )\n    }\n    return result as ExchangeCodeResult\n  }\n}\n","/**\n * Server-side client for the Tangle platform's integrations hub\n * (`/v1/integrations/*`). Consumer apps use this instead of rolling\n * their own OAuth + connection tables.\n *\n * Auth: the caller supplies a bearer (either the user's API key from\n * cross-site exchange, or a platform service token) on construction.\n * Per-request override via `headers` is supported.\n *\n * Endpoint contract: `products/platform/api/src/routes/integrations.ts`.\n */\n\nexport interface PlatformHubClientOptions {\n  /** Platform base URL, e.g. `https://id.tangle.tools`. */\n  baseUrl: string\n  /** Bearer credential — user API key or service token. */\n  bearer: string\n  /** Override fetch (tests + edge runtimes). */\n  fetchImpl?: typeof fetch\n}\n\nexport interface PlatformConnection {\n  id: string\n  providerId: string\n  connectorId: string\n  status: 'connected' | 'pending' | 'revoked' | 'expired' | string\n  grantedScopes?: string[]\n  account?: { identity?: string; displayName?: string } & Record<string, unknown>\n  metadata?: Record<string, unknown>\n  expiresAt?: string | null\n  createdAt?: string\n  updatedAt?: string\n}\n\nexport interface PlatformCatalogProvider {\n  providerId: string\n  displayName?: string\n  description?: string\n  authMode?: string\n  connectors?: PlatformCatalogConnector[]\n  [k: string]: unknown\n}\n\nexport interface PlatformCatalogConnector {\n  connectorId: string\n  displayName?: string\n  description?: string\n  scopes?: string[]\n  [k: string]: unknown\n}\n\nexport interface StartAuthInput {\n  providerId: string\n  connectorId: string\n  /** Where the platform redirects the user back to after OAuth. */\n  returnUrl: string\n  requestedScopes?: string[]\n  state?: string\n  metadata?: Record<string, unknown>\n  /** Required when the bearer is a service token impersonating a user. */\n  ownerUserId?: string\n}\n\nexport interface StartAuthResult {\n  authorizationUrl: string\n  state: string\n}\n\nexport interface BundleCapabilityInput {\n  manifestId?: string\n  grantIds?: string[]\n  subject: { type: 'user' | 'team' | 'app'; id: string }\n  ttlMs: number\n}\n\nexport interface BundleCapabilityResult {\n  bundle: Record<string, unknown>\n  env: Record<string, string>\n}\n\nexport interface HealthCheck {\n  connectionId: string\n  providerId: string\n  connectorId: string\n  status: 'ok' | 'degraded' | 'failing' | 'unknown' | string\n  checks?: Record<string, unknown>\n  checkedAt?: string\n}\n\nexport class PlatformHubError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number,\n    public readonly code: string | undefined,\n    public readonly body: unknown,\n  ) {\n    super(message)\n    this.name = 'PlatformHubError'\n  }\n}\n\ninterface PlatformEnvelope<T> {\n  success: boolean\n  data?: T\n  error?: { code?: string; message?: string } | string\n}\n\nexport class PlatformHubClient {\n  private readonly baseUrl: string\n  private readonly bearer: string\n  private readonly fetchImpl: typeof fetch\n\n  constructor(options: PlatformHubClientOptions) {\n    if (!options.baseUrl) throw new Error('PlatformHubClient: baseUrl is required')\n    if (!options.bearer) throw new Error('PlatformHubClient: bearer is required')\n    this.baseUrl = options.baseUrl.replace(/\\/+$/, '')\n    this.bearer = options.bearer\n    this.fetchImpl =\n      options.fetchImpl ??\n      ((url: Parameters<typeof fetch>[0], init?: Parameters<typeof fetch>[1]) => fetch(url, init))\n  }\n\n  /** List the integration catalog (providers + connectors). */\n  catalog(): Promise<{ providers: PlatformCatalogProvider[] } & Record<string, unknown>> {\n    return this.request('GET', '/v1/integrations/catalog')\n  }\n\n  /** List the calling user's integration connections. */\n  async listConnections(): Promise<PlatformConnection[]> {\n    const data = await this.request<{ connections: PlatformConnection[] }>(\n      'GET',\n      '/v1/integrations/connections',\n    )\n    return data.connections\n  }\n\n  /** Revoke (and disable) a connection by id. */\n  revokeConnection(connectionId: string): Promise<{\n    connection: PlatformConnection\n    revokedGrants: unknown[]\n    providerRevocation: { ok: boolean }\n  }> {\n    return this.request(\n      'DELETE',\n      `/v1/integrations/connections/${encodeURIComponent(connectionId)}`,\n    )\n  }\n\n  /** Begin OAuth — returns the URL to send the user to. */\n  startAuth(input: StartAuthInput): Promise<StartAuthResult> {\n    return this.request('POST', '/v1/integrations/auth/start', input)\n  }\n\n  /** List connection healthchecks (last known state). */\n  async listHealthchecks(): Promise<HealthCheck[]> {\n    const data = await this.request<{ healthchecks: HealthCheck[] }>(\n      'GET',\n      '/v1/integrations/healthchecks',\n    )\n    return data.healthchecks\n  }\n\n  /** Trigger a fresh healthcheck pass. */\n  runHealthchecks(): Promise<{ scheduled: number }> {\n    return this.request('POST', '/v1/integrations/healthchecks/run', {})\n  }\n\n  /**\n   * Mint a sandbox-injectable capability bundle (env vars + scoped\n   * capability tokens) so a sandbox can invoke integrations on the\n   * user's behalf without seeing the underlying provider tokens.\n   */\n  bundleCapabilities(input: BundleCapabilityInput): Promise<BundleCapabilityResult> {\n    return this.request('POST', '/v1/integrations/capabilities/bundle', input)\n  }\n\n  private async request<T>(\n    method: 'GET' | 'POST' | 'DELETE' | 'PUT',\n    path: string,\n    body?: unknown,\n  ): Promise<T> {\n    const headers: Record<string, string> = {\n      authorization: `Bearer ${this.bearer}`,\n      accept: 'application/json',\n    }\n    if (body !== undefined) headers['content-type'] = 'application/json'\n\n    const res = await this.fetchImpl(`${this.baseUrl}${path}`, {\n      method,\n      headers,\n      body: body !== undefined ? JSON.stringify(body) : undefined,\n    })\n    const text = await res.text()\n    let parsed: PlatformEnvelope<T> | null = null\n    if (text) {\n      try {\n        parsed = JSON.parse(text)\n      } catch {\n        // fall through to error handling below\n      }\n    }\n    if (!res.ok || (parsed && parsed.success === false)) {\n      const code = parsed?.error && typeof parsed.error === 'object' ? parsed.error.code : undefined\n      const message =\n        (parsed?.error && typeof parsed.error === 'object' && parsed.error.message) ||\n        (typeof parsed?.error === 'string' ? parsed.error : `Platform hub error (${res.status})`)\n      throw new PlatformHubError(message, res.status, code, parsed ?? text)\n    }\n    if (!parsed) {\n      throw new PlatformHubError(\n        `Platform hub returned non-JSON success (${res.status})`,\n        res.status,\n        undefined,\n        text,\n      )\n    }\n    if (parsed.data === undefined) {\n      throw new PlatformHubError(\n        'Platform hub envelope missing `data`',\n        res.status,\n        undefined,\n        parsed,\n      )\n    }\n    return parsed.data\n  }\n}\n"],"mappings":";;;AAiDO,IAAM,oBAAN,cAAgC,MAAM;AAAA,EAC3C,YACE,SACgB,QACA,MAChB;AACA,UAAM,OAAO;AAHG;AACA;AAGhB,SAAK,OAAO;AAAA,EACd;AAAA,EALkB;AAAA,EACA;AAKpB;AAEO,IAAM,qBAAN,MAAyB;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAoC;AAC9C,QAAI,CAAC,QAAQ,QAAS,OAAM,IAAI,MAAM,yCAAyC;AAC/E,QAAI,CAAC,QAAQ,MAAO,OAAM,IAAI,MAAM,uCAAuC;AAC3E,SAAK,UAAU,QAAQ,QAAQ,QAAQ,QAAQ,EAAE;AACjD,SAAK,QAAQ,QAAQ;AACrB,SAAK,YACH,QAAQ,cACP,CAAC,KAAkC,SAAuC,MAAM,KAAK,IAAI;AAAA,EAC9F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAa,SAAsC;AACjD,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,6DAA6D;AAAA,IAC/E;AACA,UAAM,MAAM,IAAI,IAAI,yBAAyB,KAAK,OAAO;AACzD,QAAI,aAAa,IAAI,OAAO,KAAK,KAAK;AACtC,QAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC3C,QAAI,QAAQ,YAAa,KAAI,aAAa,IAAI,YAAY,QAAQ,WAAW;AAC7E,QAAI,QAAQ,OAAQ,KAAI,aAAa,IAAI,UAAU,QAAQ,MAAM;AACjE,QAAI,QAAQ,MAAO,KAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC9D,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,SAAS,MAA2C;AACxD,QAAI,CAAC,KAAM,OAAM,IAAI,MAAM,+CAA+C;AAC1E,UAAM,MAAM,MAAM,KAAK,UAAU,GAAG,KAAK,OAAO,wBAAwB;AAAA,MACtE,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,MAAM,KAAK,KAAK,MAAM,CAAC;AAAA,IAChD,CAAC;AACD,UAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI;AAC9C,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,UACJ,QAAQ,OAAO,SAAS,YAAY,WAAW,QAAQ,OAAO,KAAK,UAAU,WACzE,KAAK,QACL,6BAA6B,IAAI,MAAM;AAC7C,YAAM,IAAI,kBAAkB,SAAS,IAAI,QAAQ,IAAI;AAAA,IACvD;AACA,UAAM,SAAS;AACf,QAAI,CAAC,OAAO,UAAU,CAAC,OAAO,MAAM,IAAI;AACtC,YAAM,IAAI;AAAA,QACR;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;;;AClCO,IAAM,mBAAN,cAA+B,MAAM;AAAA,EAC1C,YACE,SACgB,QACA,MACA,MAChB;AACA,UAAM,OAAO;AAJG;AACA;AACA;AAGhB,SAAK,OAAO;AAAA,EACd;AAAA,EANkB;AAAA,EACA;AAAA,EACA;AAKpB;AAQO,IAAM,oBAAN,MAAwB;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAmC;AAC7C,QAAI,CAAC,QAAQ,QAAS,OAAM,IAAI,MAAM,wCAAwC;AAC9E,QAAI,CAAC,QAAQ,OAAQ,OAAM,IAAI,MAAM,uCAAuC;AAC5E,SAAK,UAAU,QAAQ,QAAQ,QAAQ,QAAQ,EAAE;AACjD,SAAK,SAAS,QAAQ;AACtB,SAAK,YACH,QAAQ,cACP,CAAC,KAAkC,SAAuC,MAAM,KAAK,IAAI;AAAA,EAC9F;AAAA;AAAA,EAGA,UAAuF;AACrF,WAAO,KAAK,QAAQ,OAAO,0BAA0B;AAAA,EACvD;AAAA;AAAA,EAGA,MAAM,kBAAiD;AACrD,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,iBAAiB,cAId;AACD,WAAO,KAAK;AAAA,MACV;AAAA,MACA,gCAAgC,mBAAmB,YAAY,CAAC;AAAA,IAClE;AAAA,EACF;AAAA;AAAA,EAGA,UAAU,OAAiD;AACzD,WAAO,KAAK,QAAQ,QAAQ,+BAA+B,KAAK;AAAA,EAClE;AAAA;AAAA,EAGA,MAAM,mBAA2C;AAC/C,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,kBAAkD;AAChD,WAAO,KAAK,QAAQ,QAAQ,qCAAqC,CAAC,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,mBAAmB,OAA+D;AAChF,WAAO,KAAK,QAAQ,QAAQ,wCAAwC,KAAK;AAAA,EAC3E;AAAA,EAEA,MAAc,QACZ,QACA,MACA,MACY;AACZ,UAAM,UAAkC;AAAA,MACtC,eAAe,UAAU,KAAK,MAAM;AAAA,MACpC,QAAQ;AAAA,IACV;AACA,QAAI,SAAS,OAAW,SAAQ,cAAc,IAAI;AAElD,UAAM,MAAM,MAAM,KAAK,UAAU,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,MACzD;AAAA,MACA;AAAA,MACA,MAAM,SAAS,SAAY,KAAK,UAAU,IAAI,IAAI;AAAA,IACpD,CAAC;AACD,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAI,SAAqC;AACzC,QAAI,MAAM;AACR,UAAI;AACF,iBAAS,KAAK,MAAM,IAAI;AAAA,MAC1B,QAAQ;AAAA,MAER;AAAA,IACF;AACA,QAAI,CAAC,IAAI,MAAO,UAAU,OAAO,YAAY,OAAQ;AACnD,YAAM,OAAO,QAAQ,SAAS,OAAO,OAAO,UAAU,WAAW,OAAO,MAAM,OAAO;AACrF,YAAM,UACH,QAAQ,SAAS,OAAO,OAAO,UAAU,YAAY,OAAO,MAAM,YAClE,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ,uBAAuB,IAAI,MAAM;AACvF,YAAM,IAAI,iBAAiB,SAAS,IAAI,QAAQ,MAAM,UAAU,IAAI;AAAA,IACtE;AACA,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI;AAAA,QACR,2CAA2C,IAAI,MAAM;AAAA,QACrD,IAAI;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,QAAI,OAAO,SAAS,QAAW;AAC7B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,WAAO,OAAO;AAAA,EAChB;AACF;","names":[]}
+{"version":3,"sources":["../src/platform/auth.ts","../src/platform/integrations.ts"],"sourcesContent":["/**\n * Server-side client for the Tangle platform's cross-site SSO bridge.\n *\n * Consumer apps (gtm-agent, tax-agent, legal-agent, creative-agent, …)\n * use this to:\n *   1. Build an /authorize URL that lands the user on id.tangle.tools\n *      and brings them back with a single-use code.\n *   2. Exchange that code for an API key + the user's identity.\n *\n * The platform endpoint contract is documented in\n * `products/platform/api/src/routes/cross-site.ts`. This client only\n * speaks HTTP — no SDK weight, no transitive deps.\n */\n\nexport interface PlatformAuthClientOptions {\n  /** Platform base URL, e.g. `https://id.tangle.tools`. */\n  baseUrl: string\n  /** App id as registered in the platform's TRUSTED_APPS registry. */\n  appId: string\n  /** Override the global fetch (useful for tests + edge runtimes). */\n  fetchImpl?: typeof fetch\n}\n\nexport interface AuthorizeUrlOptions {\n  /** Required CSRF token; the consumer verifies it on the callback. */\n  state: string\n  /**\n   * Final redirect URI. Must be one of the URIs registered for `appId`\n   * on the platform. Omit to use the first registered URI.\n   */\n  redirectUri?: string\n  /** Force the login screen even if a session is already active. */\n  prompt?: 'login'\n  /** Pre-fill the email field on the login screen. */\n  email?: string\n}\n\nexport interface ExchangeCodeResult {\n  apiKey: string\n  user: {\n    id: string\n    email: string\n    name?: string\n  }\n  plan: {\n    tier: string\n  }\n}\n\nexport class PlatformAuthError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number,\n    public readonly body: unknown,\n  ) {\n    super(message)\n    this.name = 'PlatformAuthError'\n  }\n}\n\nexport class PlatformAuthClient {\n  private readonly baseUrl: string\n  private readonly appId: string\n  private readonly fetchImpl: typeof fetch\n\n  constructor(options: PlatformAuthClientOptions) {\n    if (!options.baseUrl) throw new Error('PlatformAuthClient: baseUrl is required')\n    if (!options.appId) throw new Error('PlatformAuthClient: appId is required')\n    this.baseUrl = options.baseUrl.replace(/\\/+$/, '')\n    this.appId = options.appId\n    this.fetchImpl =\n      options.fetchImpl ??\n      ((url: Parameters<typeof fetch>[0], init?: Parameters<typeof fetch>[1]) => fetch(url, init))\n  }\n\n  /**\n   * Build the URL the user is redirected to in order to start SSO.\n   * The platform redirects back to one of `appId`'s registered\n   * `redirectUris` with `?code=...&app=...&state=...`.\n   */\n  authorizeUrl(options: AuthorizeUrlOptions): string {\n    if (!options.state) {\n      throw new Error('PlatformAuthClient.authorizeUrl: state is required for CSRF')\n    }\n    const url = new URL('/cross-site/authorize', this.baseUrl)\n    url.searchParams.set('app', this.appId)\n    url.searchParams.set('state', options.state)\n    if (options.redirectUri) url.searchParams.set('redirect', options.redirectUri)\n    if (options.prompt) url.searchParams.set('prompt', options.prompt)\n    if (options.email) url.searchParams.set('email', options.email)\n    return url.toString()\n  }\n\n  /**\n   * Exchange a single-use auth code (delivered to the consumer's\n   * callback by the platform) for an API key + the user's identity.\n   * Codes are single-use and expire ~5 minutes after issue.\n   */\n  async exchange(code: string): Promise<ExchangeCodeResult> {\n    if (!code) throw new Error('PlatformAuthClient.exchange: code is required')\n    const res = await this.fetchImpl(`${this.baseUrl}/cross-site/exchange`, {\n      method: 'POST',\n      headers: { 'content-type': 'application/json' },\n      body: JSON.stringify({ code, app: this.appId }),\n    })\n    const body = await res.json().catch(() => null)\n    if (!res.ok) {\n      const message =\n        body && typeof body === 'object' && 'error' in body && typeof body.error === 'string'\n          ? body.error\n          : `Platform exchange failed (${res.status})`\n      throw new PlatformAuthError(message, res.status, body)\n    }\n    const result = body as Partial<ExchangeCodeResult>\n    if (!result.apiKey || !result.user?.id) {\n      throw new PlatformAuthError(\n        'Platform exchange response is missing apiKey or user',\n        res.status,\n        body,\n      )\n    }\n    return result as ExchangeCodeResult\n  }\n}\n","/**\n * Server-side client for the Tangle platform's integration hub\n * (`/v1/hub/*`). Consumer apps use this instead of rolling their own\n * OAuth + connection tables.\n *\n * Auth: the caller supplies a bearer (either the user's API key from\n * cross-site exchange, or a platform service token) on construction.\n *\n * Endpoint contract (authoritative): the platform's `src/lib/hub-contract.ts`\n * + `src/routes/hub.ts`. The platform wraps every response in\n * `{ success, data }`; non-2xx or `success:false` surfaces as `PlatformHubError`\n * carrying the real upstream status.\n */\n\nexport interface PlatformHubClientOptions {\n  /** Platform base URL, e.g. `https://id.tangle.tools`. */\n  baseUrl: string\n  /** Bearer credential — user API key or service token. */\n  bearer: string\n  /** Override fetch (tests + edge runtimes). */\n  fetchImpl?: typeof fetch\n}\n\n/** A live integration connection, as returned by `/v1/hub/connections`. */\nexport interface PlatformConnection {\n  id: string\n  providerId: string\n  displayName: string\n  accountDisplay: string | null\n  scopes: string[]\n  status: 'active' | 'revoked' | 'unhealthy' | 'reconnect_required' | (string & {})\n  health: 'unknown' | 'healthy' | 'unhealthy' | 'rate_limited' | (string & {})\n  createdAt: string\n  updatedAt: string\n  lastUsedAt: string | null\n}\n\n/** A connectable provider in the catalog (`/v1/hub/providers`). */\nexport interface PlatformCatalogProvider {\n  providerId: string\n  title?: string\n  authKind?: string\n  category?: string\n  scopes?: string[]\n  capabilityCount?: number\n  native?: boolean\n  /** Whether the OAuth app's credentials are wired — the UI offers Connect\n   *  only when true. */\n  configured?: boolean\n  [k: string]: unknown\n}\n\nexport interface CatalogResult {\n  providers: PlatformCatalogProvider[]\n  /** Count of substrate-bundled connectors behind the catalog. */\n  substrateBundled?: number\n  [k: string]: unknown\n}\n\nexport interface StartAuthInput {\n  /** The provider to connect (goes in the URL path). */\n  providerId: string\n  /** Accepted for interface compatibility; the platform's start endpoint is\n   *  provider-level and does not consume a connector id. */\n  connectorId?: string\n  /** Where the platform redirects the user back to after OAuth. */\n  returnUrl: string\n  /** Accepted for interface compatibility; not consumed by the start endpoint. */\n  requestedScopes?: string[]\n  /** CLI flow flag — affects the platform's post-auth redirect handling. */\n  cli?: boolean\n}\n\nexport interface StartAuthResult {\n  /** The URL to send the user to. Normalized across the platform's two start\n   *  branches: github returns `authorizationUrl`, substrate returns\n   *  `redirectUrl`. */\n  authorizationUrl: string\n  state: string\n  expiresAt?: string\n  scopes?: string[]\n}\n\nexport interface ConnectionHealth {\n  status: 'unknown' | 'healthy' | 'unhealthy' | 'rate_limited' | (string & {})\n  checkedAt: string\n  error?: { code: string; message: string }\n}\n\nexport interface ConnectionHealthResult {\n  connection: PlatformConnection\n  health: ConnectionHealth\n}\n\n/** Last-known health for a connection, derived from the connection row. */\nexport interface HealthCheck {\n  connectionId: string\n  providerId: string\n  /** Mirrors `PlatformConnection.health`. */\n  status: ConnectionHealth['status']\n  checkedAt?: string\n}\n\nexport interface MintTokenInput {\n  /** The hub action the token authorizes (e.g. `slack.chat.postMessage`). */\n  actionPath: string\n  /** Bind to a specific connection, or … */\n  connectionId?: string\n  /** … resolve the connection by provider for the calling user. */\n  provider?: string\n}\n\nexport interface MintTokenResult {\n  tokenId: string\n  token: string\n  expiresAt: string\n}\n\nexport interface ExecInput {\n  /** The hub action path to execute. */\n  path: string\n  input?: unknown\n  connectionId?: string\n}\n\nexport interface PlatformHubStatus {\n  contract?: unknown\n  principal: { kind: string; userId: string; [k: string]: unknown }\n  connections: { connectedProviderCount: number; unhealthyProviderCount: number }\n}\n\nexport class PlatformHubError extends Error {\n  constructor(\n    message: string,\n    public readonly status: number,\n    public readonly code: string | undefined,\n    public readonly body: unknown,\n  ) {\n    super(message)\n    this.name = 'PlatformHubError'\n  }\n}\n\ninterface PlatformEnvelope<T> {\n  success: boolean\n  data?: T\n  error?: { code?: string; message?: string } | string\n}\n\nexport class PlatformHubClient {\n  private readonly baseUrl: string\n  private readonly bearer: string\n  private readonly fetchImpl: typeof fetch\n\n  constructor(options: PlatformHubClientOptions) {\n    if (!options.baseUrl) throw new Error('PlatformHubClient: baseUrl is required')\n    if (!options.bearer) throw new Error('PlatformHubClient: bearer is required')\n    this.baseUrl = options.baseUrl.replace(/\\/+$/, '')\n    this.bearer = options.bearer\n    this.fetchImpl =\n      options.fetchImpl ??\n      ((url: Parameters<typeof fetch>[0], init?: Parameters<typeof fetch>[1]) => fetch(url, init))\n  }\n\n  /** GET /v1/hub/providers — the connectable provider catalog. */\n  catalog(): Promise<CatalogResult> {\n    return this.request('GET', '/v1/hub/providers')\n  }\n\n  /** GET /v1/hub/connections — the calling user's live connections. */\n  async listConnections(): Promise<PlatformConnection[]> {\n    const data = await this.request<{ connections: PlatformConnection[] }>(\n      'GET',\n      '/v1/hub/connections',\n    )\n    return data.connections\n  }\n\n  /** DELETE /v1/hub/connections/:connectionId — revoke + disable a connection. */\n  revokeConnection(connectionId: string): Promise<{ connection: PlatformConnection }> {\n    return this.request('DELETE', `/v1/hub/connections/${encodeURIComponent(connectionId)}`)\n  }\n\n  /**\n   * POST /v1/hub/connections/:provider/start — begin OAuth/grant. The provider\n   * is taken from the URL; the body carries `returnUrl` (+ `cli`). The platform's\n   * two start branches name the URL field differently (github → `authorizationUrl`,\n   * substrate → `redirectUrl`); this normalizes to `authorizationUrl`.\n   */\n  async startAuth(input: StartAuthInput): Promise<StartAuthResult> {\n    const body: { returnUrl: string; cli?: boolean } = { returnUrl: input.returnUrl }\n    if (input.cli !== undefined) body.cli = input.cli\n    const data = await this.request<{\n      authorizationUrl?: string\n      redirectUrl?: string\n      state: string\n      expiresAt?: string\n      scopes?: string[]\n    }>('POST', `/v1/hub/connections/${encodeURIComponent(input.providerId)}/start`, body)\n    const authorizationUrl = data.authorizationUrl ?? data.redirectUrl\n    if (!authorizationUrl) {\n      throw new PlatformHubError(\n        'Platform hub start response missing an authorization URL',\n        502,\n        'HUB_INVALID_START_RESPONSE',\n        data,\n      )\n    }\n    return { authorizationUrl, state: data.state, expiresAt: data.expiresAt, scopes: data.scopes }\n  }\n\n  /**\n   * Last-known health for every connection. The platform has no global\n   * healthcheck listing — health rides on each connection row — so this derives\n   * the list from `listConnections()` (one request, no extra round-trips).\n   */\n  async listHealthchecks(): Promise<HealthCheck[]> {\n    const connections = await this.listConnections()\n    return connections.map((c) => ({\n      connectionId: c.id,\n      providerId: c.providerId,\n      status: c.health,\n      checkedAt: c.updatedAt,\n    }))\n  }\n\n  /**\n   * POST /v1/hub/connections/:connectionId/health — trigger a fresh health\n   * probe for one connection and return its updated state.\n   */\n  checkConnectionHealth(connectionId: string): Promise<ConnectionHealthResult> {\n    return this.request('POST', `/v1/hub/connections/${encodeURIComponent(connectionId)}/health`)\n  }\n\n  /**\n   * Trigger a fresh health probe across all of the user's connections. The\n   * platform exposes health per-connection only, so this fans out over\n   * `listConnections()`. `scheduled` is the number of probes dispatched.\n   */\n  async runHealthchecks(): Promise<{ scheduled: number }> {\n    const connections = await this.listConnections()\n    await Promise.allSettled(connections.map((c) => this.checkConnectionHealth(c.id)))\n    return { scheduled: connections.length }\n  }\n\n  /** GET /v1/hub/status — principal + aggregate connection counts. */\n  status(): Promise<PlatformHubStatus> {\n    return this.request('GET', '/v1/hub/status')\n  }\n\n  /**\n   * POST /v1/hub/tokens — mint a short-lived, action-scoped capability token a\n   * sandbox can use to invoke one hub action on the user's behalf without\n   * seeing the underlying provider credential.\n   */\n  mintToken(input: MintTokenInput): Promise<MintTokenResult> {\n    return this.request('POST', '/v1/hub/tokens', input)\n  }\n\n  /** POST /v1/hub/exec — execute a hub action and return its result. */\n  async exec(input: ExecInput): Promise<unknown> {\n    const data = await this.request<{ result: unknown }>('POST', '/v1/hub/exec', input)\n    return data.result\n  }\n\n  private async request<T>(\n    method: 'GET' | 'POST' | 'DELETE' | 'PUT',\n    path: string,\n    body?: unknown,\n  ): Promise<T> {\n    const headers: Record<string, string> = {\n      authorization: `Bearer ${this.bearer}`,\n      accept: 'application/json',\n    }\n    if (body !== undefined) headers['content-type'] = 'application/json'\n\n    const res = await this.fetchImpl(`${this.baseUrl}${path}`, {\n      method,\n      headers,\n      body: body !== undefined ? JSON.stringify(body) : undefined,\n    })\n    const text = await res.text()\n    let parsed: PlatformEnvelope<T> | null = null\n    if (text) {\n      try {\n        parsed = JSON.parse(text)\n      } catch {\n        // fall through to error handling below\n      }\n    }\n    if (!res.ok || (parsed && parsed.success === false)) {\n      const code = parsed?.error && typeof parsed.error === 'object' ? parsed.error.code : undefined\n      const message =\n        (parsed?.error && typeof parsed.error === 'object' && parsed.error.message) ||\n        (typeof parsed?.error === 'string' ? parsed.error : `Platform hub error (${res.status})`)\n      throw new PlatformHubError(message, res.status, code, parsed ?? text)\n    }\n    if (!parsed) {\n      throw new PlatformHubError(\n        `Platform hub returned non-JSON success (${res.status})`,\n        res.status,\n        undefined,\n        text,\n      )\n    }\n    if (parsed.data === undefined) {\n      throw new PlatformHubError(\n        'Platform hub envelope missing `data`',\n        res.status,\n        undefined,\n        parsed,\n      )\n    }\n    return parsed.data\n  }\n}\n"],"mappings":";;;AAiDO,IAAM,oBAAN,cAAgC,MAAM;AAAA,EAC3C,YACE,SACgB,QACA,MAChB;AACA,UAAM,OAAO;AAHG;AACA;AAGhB,SAAK,OAAO;AAAA,EACd;AAAA,EALkB;AAAA,EACA;AAKpB;AAEO,IAAM,qBAAN,MAAyB;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAoC;AAC9C,QAAI,CAAC,QAAQ,QAAS,OAAM,IAAI,MAAM,yCAAyC;AAC/E,QAAI,CAAC,QAAQ,MAAO,OAAM,IAAI,MAAM,uCAAuC;AAC3E,SAAK,UAAU,QAAQ,QAAQ,QAAQ,QAAQ,EAAE;AACjD,SAAK,QAAQ,QAAQ;AACrB,SAAK,YACH,QAAQ,cACP,CAAC,KAAkC,SAAuC,MAAM,KAAK,IAAI;AAAA,EAC9F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAa,SAAsC;AACjD,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,6DAA6D;AAAA,IAC/E;AACA,UAAM,MAAM,IAAI,IAAI,yBAAyB,KAAK,OAAO;AACzD,QAAI,aAAa,IAAI,OAAO,KAAK,KAAK;AACtC,QAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC3C,QAAI,QAAQ,YAAa,KAAI,aAAa,IAAI,YAAY,QAAQ,WAAW;AAC7E,QAAI,QAAQ,OAAQ,KAAI,aAAa,IAAI,UAAU,QAAQ,MAAM;AACjE,QAAI,QAAQ,MAAO,KAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC9D,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,SAAS,MAA2C;AACxD,QAAI,CAAC,KAAM,OAAM,IAAI,MAAM,+CAA+C;AAC1E,UAAM,MAAM,MAAM,KAAK,UAAU,GAAG,KAAK,OAAO,wBAAwB;AAAA,MACtE,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,MAAM,KAAK,KAAK,MAAM,CAAC;AAAA,IAChD,CAAC;AACD,UAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI;AAC9C,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,UACJ,QAAQ,OAAO,SAAS,YAAY,WAAW,QAAQ,OAAO,KAAK,UAAU,WACzE,KAAK,QACL,6BAA6B,IAAI,MAAM;AAC7C,YAAM,IAAI,kBAAkB,SAAS,IAAI,QAAQ,IAAI;AAAA,IACvD;AACA,UAAM,SAAS;AACf,QAAI,CAAC,OAAO,UAAU,CAAC,OAAO,MAAM,IAAI;AACtC,YAAM,IAAI;AAAA,QACR;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;;;ACQO,IAAM,mBAAN,cAA+B,MAAM;AAAA,EAC1C,YACE,SACgB,QACA,MACA,MAChB;AACA,UAAM,OAAO;AAJG;AACA;AACA;AAGhB,SAAK,OAAO;AAAA,EACd;AAAA,EANkB;AAAA,EACA;AAAA,EACA;AAKpB;AAQO,IAAM,oBAAN,MAAwB;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAmC;AAC7C,QAAI,CAAC,QAAQ,QAAS,OAAM,IAAI,MAAM,wCAAwC;AAC9E,QAAI,CAAC,QAAQ,OAAQ,OAAM,IAAI,MAAM,uCAAuC;AAC5E,SAAK,UAAU,QAAQ,QAAQ,QAAQ,QAAQ,EAAE;AACjD,SAAK,SAAS,QAAQ;AACtB,SAAK,YACH,QAAQ,cACP,CAAC,KAAkC,SAAuC,MAAM,KAAK,IAAI;AAAA,EAC9F;AAAA;AAAA,EAGA,UAAkC;AAChC,WAAO,KAAK,QAAQ,OAAO,mBAAmB;AAAA,EAChD;AAAA;AAAA,EAGA,MAAM,kBAAiD;AACrD,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,iBAAiB,cAAmE;AAClF,WAAO,KAAK,QAAQ,UAAU,uBAAuB,mBAAmB,YAAY,CAAC,EAAE;AAAA,EACzF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,UAAU,OAAiD;AAC/D,UAAM,OAA6C,EAAE,WAAW,MAAM,UAAU;AAChF,QAAI,MAAM,QAAQ,OAAW,MAAK,MAAM,MAAM;AAC9C,UAAM,OAAO,MAAM,KAAK,QAMrB,QAAQ,uBAAuB,mBAAmB,MAAM,UAAU,CAAC,UAAU,IAAI;AACpF,UAAM,mBAAmB,KAAK,oBAAoB,KAAK;AACvD,QAAI,CAAC,kBAAkB;AACrB,YAAM,IAAI;AAAA,QACR;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,WAAO,EAAE,kBAAkB,OAAO,KAAK,OAAO,WAAW,KAAK,WAAW,QAAQ,KAAK,OAAO;AAAA,EAC/F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,mBAA2C;AAC/C,UAAM,cAAc,MAAM,KAAK,gBAAgB;AAC/C,WAAO,YAAY,IAAI,CAAC,OAAO;AAAA,MAC7B,cAAc,EAAE;AAAA,MAChB,YAAY,EAAE;AAAA,MACd,QAAQ,EAAE;AAAA,MACV,WAAW,EAAE;AAAA,IACf,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,sBAAsB,cAAuD;AAC3E,WAAO,KAAK,QAAQ,QAAQ,uBAAuB,mBAAmB,YAAY,CAAC,SAAS;AAAA,EAC9F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,kBAAkD;AACtD,UAAM,cAAc,MAAM,KAAK,gBAAgB;AAC/C,UAAM,QAAQ,WAAW,YAAY,IAAI,CAAC,MAAM,KAAK,sBAAsB,EAAE,EAAE,CAAC,CAAC;AACjF,WAAO,EAAE,WAAW,YAAY,OAAO;AAAA,EACzC;AAAA;AAAA,EAGA,SAAqC;AACnC,WAAO,KAAK,QAAQ,OAAO,gBAAgB;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,UAAU,OAAiD;AACzD,WAAO,KAAK,QAAQ,QAAQ,kBAAkB,KAAK;AAAA,EACrD;AAAA;AAAA,EAGA,MAAM,KAAK,OAAoC;AAC7C,UAAM,OAAO,MAAM,KAAK,QAA6B,QAAQ,gBAAgB,KAAK;AAClF,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAc,QACZ,QACA,MACA,MACY;AACZ,UAAM,UAAkC;AAAA,MACtC,eAAe,UAAU,KAAK,MAAM;AAAA,MACpC,QAAQ;AAAA,IACV;AACA,QAAI,SAAS,OAAW,SAAQ,cAAc,IAAI;AAElD,UAAM,MAAM,MAAM,KAAK,UAAU,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,MACzD;AAAA,MACA;AAAA,MACA,MAAM,SAAS,SAAY,KAAK,UAAU,IAAI,IAAI;AAAA,IACpD,CAAC;AACD,UAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,QAAI,SAAqC;AACzC,QAAI,MAAM;AACR,UAAI;AACF,iBAAS,KAAK,MAAM,IAAI;AAAA,MAC1B,QAAQ;AAAA,MAER;AAAA,IACF;AACA,QAAI,CAAC,IAAI,MAAO,UAAU,OAAO,YAAY,OAAQ;AACnD,YAAM,OAAO,QAAQ,SAAS,OAAO,OAAO,UAAU,WAAW,OAAO,MAAM,OAAO;AACrF,YAAM,UACH,QAAQ,SAAS,OAAO,OAAO,UAAU,YAAY,OAAO,MAAM,YAClE,OAAO,QAAQ,UAAU,WAAW,OAAO,QAAQ,uBAAuB,IAAI,MAAM;AACvF,YAAM,IAAI,iBAAiB,SAAS,IAAI,QAAQ,MAAM,UAAU,IAAI;AAAA,IACtE;AACA,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI;AAAA,QACR,2CAA2C,IAAI,MAAM;AAAA,QACrD,IAAI;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,QAAI,OAAO,SAAS,QAAW;AAC7B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,IAAI;AAAA,QACJ;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,WAAO,OAAO;AAAA,EAChB;AACF;","names":[]}

package/dist/runtime.d.ts

@@ -3,7 +3,7 @@ export { AgentProfile, CreateSandboxOptions, SandboxEvent, SandboxInstance } fro
 import { R as ResultBlobStore, a as SpawnJournal, N as NodeId, b as SpawnEvent, T as TreeView, c as Settled, d as AgentSpec, E as ExecutorRegistry, B as Budget, A as Agent, e as RootHandle, f as SupervisedResult, g as Spend, S as Scope, h as ExecutorFactory, U as UsageEvent, i as Supervisor } from './types-5MGt5KTY.js';
 export { j as Executor, k as ExecutorContext, l as ExecutorResult, H as Handle, m as NodeSnapshot, n as NodeStatus, o as Restart, p as RootSignal, q as Runtime, r as SpawnOpts, s as SupervisorOpts, W as WidenGate } from './types-5MGt5KTY.js';
 import { R as RuntimeHooks } from './runtime-hooks-C7JwKb9E.js';
-import { ChatClient, AnalystFinding, DefaultVerdict, AgentProfile as AgentProfile$1 } from '@tangle-network/agent-eval';
+import { ChatClient, AnalystFinding, DefaultVerdict, AgentProfile as AgentProfile$1, AnalystRunInputs } from '@tangle-network/agent-eval';
 export { DefaultVerdict } from '@tangle-network/agent-eval';
 export { A as AnalyzeInput, a as CompletionAnalyst, b as CompletionEvidence, c as CompletionPolicy, d as CompletionVerdict, C as CreateDriverOptions, D as DriverDecision, P as PlannerContext, e as TopologyMove, T as TopologyPlanner, f as completionAuthorizes, g as createDriver, h as deterministicCompletion, r as renderAnalyses, s as sentinelCompletion, i as stopSentinel } from './driver-DLI1io57.js';
 import { S as SandboxClient, b as LoopResult, d as LoopTokenUsage, R as RuntimeStreamEvent, A as AgentRunSpec, E as ExecCtx, I as Iteration } from './types-BEQsBhOE.js';
@@ -11,6 +11,7 @@ export { D as Driver, F as LoopDecisionPayload, G as LoopEndedPayload, H as Loop
 import { Scenario, ProfileDispatchFn } from '@tangle-network/agent-eval/campaign';
 import { R as RunLoopOptions } from './run-loop-BIineL1T.js';
 export { c as createSandboxForSpec, d as defaultSelectWinner, r as runLoop } from './run-loop-BIineL1T.js';
+import { b as AnalystRegistryLike } from './types-p8dWBIXL.js';
 
 /**
  * @experimental
@@ -464,6 +465,9 @@ interface ShapeContext<D = unknown> {
     /** Derive a child `AgentSpec` from the persona's root spec with an overridden profile —
      *  the seam a shape uses to give a worker a narrower role/prompt than the root persona. */
     childSpec(profile: AgentProfile, harness?: BackendType | null): AgentSpec;
+    /** The scope analyst (selector≠judge firewall) the combinator steers from. Absent ⇒ the
+     *  dormant default (empty findings → gates read deliverables/state only). */
+    readonly analyst?: ScopeAnalyst<D>;
 }
 /**
  * A reusable act-body factory. Given the persona's content + seams (`ShapeContext`), it
@@ -521,6 +525,9 @@ interface RunPersonifiedOptions<Task, D> {
     readonly handle?: RootHandle<Outcome<D>>;
     readonly now?: () => number;
     readonly signal?: AbortSignal;
+    /** Optional scope analyst threaded into the shape's ShapeContext so loopUntil/widen steer
+     *  on trace-derived findings instead of the dormant empty default. */
+    readonly analyst?: ScopeAnalyst<D>;
 }
 /** The composed run signature. */
 type RunPersonified = <Task, D>(options: RunPersonifiedOptions<Task, D>) => Promise<SupervisedResult<Outcome<D>>>;
@@ -1635,6 +1642,32 @@ interface CreateScopeAnalystOptions<D> {
  *  - any finding cites judge-derived metric evidence → `PlannerError` via the firewall
  */
 declare function createScopeAnalyst<D>(scope: Scope<Outcome<D>>, options: CreateScopeAnalystOptions<D>): ScopeAnalyst<D>;
+/**
+ * Project a `ScopeAnalyzeInput` into the `AnalystRegistry.run` arguments. The registry runs over a
+ * `runId` + `AnalystRunInputs` (a trace store / run record / artifact dir), NOT in-memory scope
+ * settlements — so the CALLER owns the projection from the combinator's drained children to the
+ * registry's inputs (e.g. the trace store the run already wrote). This adapter never invents that
+ * bridge; it only runs the projected inputs and firewalls the merged findings.
+ */
+interface RegistryAnalyzeProjection {
+    readonly runId: string;
+    readonly inputs: AnalystRunInputs;
+    /** Optional `run` opts (e.g. `priorFindings`) forwarded verbatim to the registry. */
+    readonly opts?: Parameters<AnalystRegistryLike['run']>[2];
+}
+/**
+ * A `ScopeAnalyst` backed by an `AnalystRegistry` — the panel-of-analysts seam. The registry merges
+ * N analyst KINDS into one `AnalystRunResult.findings`; `analyze` runs it over the caller-projected
+ * `{ runId, inputs }` and pipes the merged findings through the SAME `assertTraceDerivedFindings`
+ * firewall `createScopeAnalyst` uses (single-sourced selector≠judge). Distinct from `panel()`
+ * (judges-vs-one-artifact) — this is analysts-over-a-trace, the diagnosis side of the wire.
+ *
+ * Fail loud: a registry that throws propagates; a judge-derived finding aborts via the firewall.
+ * The projection is the caller's (`buildInputs`) — if the scope settlements do not cleanly map to
+ * the registry's `AnalystRunInputs`, that is a caller-side contract gap, surfaced there, not papered
+ * over with a fabricated input here.
+ */
+declare function registryScopeAnalyst<D>(registry: AnalystRegistryLike, buildInputs: (input: ScopeAnalyzeInput<D>) => RegistryAnalyzeProjection): ScopeAnalyst<D>;
 /**
  * Build the `SteerContext` a combinator reads to steer (its `loopUntil.until`, `widen` gate, any
  * future steer). One place enforces the firewall: `findings` is asserted trace-derived before it is
@@ -1693,9 +1726,10 @@ declare function fanout<Task, Item, D>(items: ReadonlyArray<Item>, opts: FanoutO
  * the deployable stop. The conserved pool IS the loop bound: once `spawn` fails closed the loop
  * stops. A loop that exhausted the pool without `until` ever satisfying is a concrete blocker.
  *
- * Findings are threaded through the `SteerContext` firewall in the analyst seam (`analyst.ts`);
- * absent a wired analyst on this surface the firewall stays dormant and `until` is consulted with
- * an empty findings array — never a fabricated finding (fail-loud honesty over a silent default).
+ * When `ctx.analyst` is set, each round runs it over the children settled so far and steers
+ * `until` on the resulting trace-derived findings (the analyst spawns into THIS scope, so its
+ * compute is conserved-pooled — equal-k holds by construction). Absent an analyst the findings
+ * argument is the empty array — never a fabricated finding (fail-loud honesty over a silent default).
  */
 declare function loopUntil<Task, State, D>(seed: State, spec: LoopUntilSpec<Task, State, D>): CombinatorShape<Task, D>;
 /**
@@ -1721,9 +1755,14 @@ declare function verify<Task, Candidate, D>(spec: VerifySpec<Task, Candidate, D>
  * never a child's raw `verdict` — and the default gate (`flatWidenGate`) never widens, so the R2
  * firewall stays dormant. Terminal selection is `spec.synthesize` over every settled lineage.
  *
- * No analyst is wired on this frozen surface, so `decide` is consulted with an empty findings
- * array; a flat gate ignores it. A non-flat gate that wants findings reads them through the
- * `SteerContext` firewall the analyst seam owns — never fabricated here.
+ * When `ctx.analyst` is set, `decide` is consulted with that round's trace-derived findings;
+ * absent an analyst the findings argument is the empty array a flat gate ignores. The analyst
+ * spawns into THIS scope (conserved-pooled, so equal-k holds). Streaming caveat: a wired analyst
+ * drains its own child off the SHARED cursor by id-match, so on a NON-flat gate (which spawns
+ * widen children that are live concurrently) the analyst can consume a sibling's settlement before
+ * the widen loop sees it. The shipped default (`flatWidenGate`) never widens, so no widen child is
+ * ever live when the analyst runs and the wire is exact; a non-flat gate must drive the analyst on
+ * a scope whose siblings are quiesced, or read findings without the shared-cursor drain.
  */
 declare function widen<Task, Seed, D>(spec: WidenSpec<Seed, D>): CombinatorShape<Task, D>;
 /**
@@ -3184,4 +3223,4 @@ declare function gitWorkspace(opts: GitWorkspaceOptions): Workspace;
  *  requires `jj` on the `Shell`'s host. */
 declare function jjWorkspace(opts: GitWorkspaceOptions): Workspace;
 
-export { Agent, AgentRunSpec, AgentSpec, type AgenticOptions, type AgenticRunResult, type AgenticSurface, type AgenticTask, type AgenticTool, type AnytimeReport, type AnytimeStrategySummary, type AnytimeTaskCurve, type ArtifactHandle, type AssertTraceDerivedFindings, type AuditIntentInput, type AuditIntentOptions, type AuthorStrategyOptions, type AuthoredStrategy, type BenchmarkCell, type BenchmarkConfig, type BenchmarkLift, type BenchmarkReport, type BenchmarkStrategySummary, type BenchmarkTaskRow, type BridgeSeam, Budget, type BudgetPool, type BudgetReadout, type ChampionPick, type ChampionPolicy, type CheckpointCapableBox, type CliSeam, type CombinatorShape, type Corpus, type CorpusFilter, type CorpusRecord, type CreateScopeAnalystOptions, type CriuCapableClient, type DefinePersona, type DefinePersonaInput, type Deliverable, type Environment, type EqualKArm, type EqualKOnCost, type EqualKOnCostOptions, type EqualKVerdict, type EvolutionArchiveNode, type EvolutionAuthor, type EvolutionBandInfo, type EvolutionCandidate, type EvolutionGeneration, type EvolutionReport, ExecCtx, type ExecutorConfig, ExecutorFactory, ExecutorRegistry, type Fanout, type FanoutOptions, type FanoutSynthesis, FileCorpus, FileResultBlobStore, FileSpawnJournal, type FlatWidenGate, type ForkCapableBox, type GitWorkspaceOptions, type HarvestCorpusOptions, type HarvestFailure, type HarvestReport, InMemoryCorpus, InMemoryResultBlobStore, InMemorySpawnJournal, type IntentAudit, Iteration, type LoopDispatchOptions, type LoopOptionsForDispatch, LoopResult, type LoopShape, LoopTokenUsage, type LoopUntil, type LoopUntilSpec, type LoopUntilState, type McpEndpoint, type McpEnvironmentOptions, NodeId, type Observation, type ObserveInput, type ObserveOptions, type OpenSandboxRunOptions, type Outcome, type Panel, type PanelJudge, type PanelSpec, type PanelVerdict, type Persona, type PersonaContext, type PersonaExecutors, type Pipeline, type PipelineStage, type PromotionGateOptions, type PromotionVerdict, type RenderCorpusToInstructions, type RenderCorpusToInstructionsOptions, type ReservationTicket, ResultBlobStore, RootHandle, type RouterChatResult, type RouterChatToolsResult, type RouterConfig, type RouterSeam, type RouterToolCall, type RouterToolLoopResult, type RouterToolsSeam, type RunAgenticOptions, RunLoopOptions, type RunPersonified, type RunPersonifiedOptions, type SandboxCapabilities, SandboxClient, type SandboxLineage, type SandboxLineageHandle, type SandboxRun, type SandboxSeam, Scope, type ScopeAnalyst, type ScopeAnalyzeInput, type ScopeWidenGate, type SessionCapableBox, Settled, type ShapeBudget, type ShapeContext, type ShapeRegistry, type Shell, type ShotPersona, type ShotSpec, SpawnEvent, SpawnJournal, Spend, type SteerContext, type Strategy, type StrategyCtx, type StrategyEvolutionConfig, type StrategyResult, SupervisedResult, Supervisor, type SurfaceScore, type ToolSpec, type TrajectoryNode, type TrajectoryReport, type TrajectoryReportFn, type TrajectoryReportOptions, TreeView, type TurnResult, UsageEvent, type UsageSink, type VerifierEnvironmentOptions, type Verify, type VerifySpec, type WaterfallCollector, type WaterfallReport, type WaterfallSpan, type Widen, type WidenDecision, type WidenLineage, type WidenSpec, type Workspace, type WorkspaceCommit, acquireSandbox, adaptiveRefine, anytimeReport, assertStrategyContract, assertTraceDerivedFindings, auditIntent, authorStrategy, breadthDriver, buildSteerContext, builtinShapes, contentAddress, createBudgetPool, createExecutor, createExecutorRegistry, createMcpEnvironment, createRootHandle, createSandboxLineage, createScope, createScopeAnalyst, createShapeRegistry, createSupervisor, createVerifierEnvironment, createWaterfallCollector, defaultAnalystInstruction, defaultAuditorInstruction, definePersona, defineStrategy, depthDriver, discriminatingMeans, equalKOnCost, extractLlmCallEvent, fanout, flatWidenGate, gitWorkspace, harvestCorpus, inlineSandboxClient, jjWorkspace, localShell, loopDispatch, loopUntil, mapSandboxEvent, materializeTreeView, observe, openSandboxRun, panel, pickChampion, pipeline, printBenchmarkReport, probeSandboxCapabilities, promotionGate, refine, registerShape, renderAnytimeTable, renderCorpusToInstructions, renderReport, replaySpawnTree, reportLoopUsage, routerChatWithTools, routerChatWithUsage, routerToolLoop, runAgentic, runBenchmark, runPersonified, runStrategyEvolution, sample, sampleThenRefine, selectChampion, settledToIteration, spendFromUsageEvents, strategyAuthorContract, trajectoryReport, verify, widen };
+export { Agent, AgentRunSpec, AgentSpec, type AgenticOptions, type AgenticRunResult, type AgenticSurface, type AgenticTask, type AgenticTool, type AnytimeReport, type AnytimeStrategySummary, type AnytimeTaskCurve, type ArtifactHandle, type AssertTraceDerivedFindings, type AuditIntentInput, type AuditIntentOptions, type AuthorStrategyOptions, type AuthoredStrategy, type BenchmarkCell, type BenchmarkConfig, type BenchmarkLift, type BenchmarkReport, type BenchmarkStrategySummary, type BenchmarkTaskRow, type BridgeSeam, Budget, type BudgetPool, type BudgetReadout, type ChampionPick, type ChampionPolicy, type CheckpointCapableBox, type CliSeam, type CombinatorShape, type Corpus, type CorpusFilter, type CorpusRecord, type CreateScopeAnalystOptions, type CriuCapableClient, type DefinePersona, type DefinePersonaInput, type Deliverable, type Environment, type EqualKArm, type EqualKOnCost, type EqualKOnCostOptions, type EqualKVerdict, type EvolutionArchiveNode, type EvolutionAuthor, type EvolutionBandInfo, type EvolutionCandidate, type EvolutionGeneration, type EvolutionReport, ExecCtx, type ExecutorConfig, ExecutorFactory, ExecutorRegistry, type Fanout, type FanoutOptions, type FanoutSynthesis, FileCorpus, FileResultBlobStore, FileSpawnJournal, type FlatWidenGate, type ForkCapableBox, type GitWorkspaceOptions, type HarvestCorpusOptions, type HarvestFailure, type HarvestReport, InMemoryCorpus, InMemoryResultBlobStore, InMemorySpawnJournal, type IntentAudit, Iteration, type LoopDispatchOptions, type LoopOptionsForDispatch, LoopResult, type LoopShape, LoopTokenUsage, type LoopUntil, type LoopUntilSpec, type LoopUntilState, type McpEndpoint, type McpEnvironmentOptions, NodeId, type Observation, type ObserveInput, type ObserveOptions, type OpenSandboxRunOptions, type Outcome, type Panel, type PanelJudge, type PanelSpec, type PanelVerdict, type Persona, type PersonaContext, type PersonaExecutors, type Pipeline, type PipelineStage, type PromotionGateOptions, type PromotionVerdict, type RegistryAnalyzeProjection, type RenderCorpusToInstructions, type RenderCorpusToInstructionsOptions, type ReservationTicket, ResultBlobStore, RootHandle, type RouterChatResult, type RouterChatToolsResult, type RouterConfig, type RouterSeam, type RouterToolCall, type RouterToolLoopResult, type RouterToolsSeam, type RunAgenticOptions, RunLoopOptions, type RunPersonified, type RunPersonifiedOptions, type SandboxCapabilities, SandboxClient, type SandboxLineage, type SandboxLineageHandle, type SandboxRun, type SandboxSeam, Scope, type ScopeAnalyst, type ScopeAnalyzeInput, type ScopeWidenGate, type SessionCapableBox, Settled, type ShapeBudget, type ShapeContext, type ShapeRegistry, type Shell, type ShotPersona, type ShotSpec, SpawnEvent, SpawnJournal, Spend, type SteerContext, type Strategy, type StrategyCtx, type StrategyEvolutionConfig, type StrategyResult, SupervisedResult, Supervisor, type SurfaceScore, type ToolSpec, type TrajectoryNode, type TrajectoryReport, type TrajectoryReportFn, type TrajectoryReportOptions, TreeView, type TurnResult, UsageEvent, type UsageSink, type VerifierEnvironmentOptions, type Verify, type VerifySpec, type WaterfallCollector, type WaterfallReport, type WaterfallSpan, type Widen, type WidenDecision, type WidenLineage, type WidenSpec, type Workspace, type WorkspaceCommit, acquireSandbox, adaptiveRefine, anytimeReport, assertStrategyContract, assertTraceDerivedFindings, auditIntent, authorStrategy, breadthDriver, buildSteerContext, builtinShapes, contentAddress, createBudgetPool, createExecutor, createExecutorRegistry, createMcpEnvironment, createRootHandle, createSandboxLineage, createScope, createScopeAnalyst, createShapeRegistry, createSupervisor, createVerifierEnvironment, createWaterfallCollector, defaultAnalystInstruction, defaultAuditorInstruction, definePersona, defineStrategy, depthDriver, discriminatingMeans, equalKOnCost, extractLlmCallEvent, fanout, flatWidenGate, gitWorkspace, harvestCorpus, inlineSandboxClient, jjWorkspace, localShell, loopDispatch, loopUntil, mapSandboxEvent, materializeTreeView, observe, openSandboxRun, panel, pickChampion, pipeline, printBenchmarkReport, probeSandboxCapabilities, promotionGate, refine, registerShape, registryScopeAnalyst, renderAnytimeTable, renderCorpusToInstructions, renderReport, replaySpawnTree, reportLoopUsage, routerChatWithTools, routerChatWithUsage, routerToolLoop, runAgentic, runBenchmark, runPersonified, runStrategyEvolution, sample, sampleThenRefine, selectChampion, settledToIteration, spendFromUsageEvents, strategyAuthorContract, trajectoryReport, verify, widen };

package/dist/runtime.js

@@ -60,6 +60,7 @@ import {
   promotionGate,
   refine,
   registerShape,
+  registryScopeAnalyst,
   renderAnalyses,
   renderAnytimeTable,
   renderCorpusToInstructions,
@@ -85,7 +86,7 @@ import {
   trajectoryReport,
   verify,
   widen
-} from "./chunk-CM2IK7VS.js";
+} from "./chunk-2OU7ZQPD.js";
 import {
   extractLlmCallEvent,
   mapSandboxEvent
@@ -155,6 +156,7 @@ export {
   promotionGate,
   refine,
   registerShape,
+  registryScopeAnalyst,
   renderAnalyses,
   renderAnytimeTable,
   renderCorpusToInstructions,

package/dist/workflow.js

@@ -2,7 +2,7 @@ import {
   createSandboxForSpec,
   describeSandboxPlacement,
   runLoop
-} from "./chunk-CM2IK7VS.js";
+} from "./chunk-2OU7ZQPD.js";
 import {
   ValidationError,
   extractLlmCallEvent

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tangle-network/agent-runtime",
-  "version": "0.50.0",
+  "version": "0.52.0",
   "description": "Shared task-lifecycle skeleton for agents: a recursive loop kernel for chat turns, one-shot tasks, and multi-attempt loops, with trace capture and eval-gated self-improvement. Domain behavior lives in adapters; scoring and ship-gates in @tangle-network/agent-eval.",
   "homepage": "https://github.com/tangle-network/agent-runtime#readme",
   "repository": {
@@ -39,6 +39,11 @@
       "import": "./dist/agent.js",
       "default": "./dist/agent.js"
     },
+    "./intelligence": {
+      "types": "./dist/intelligence.d.ts",
+      "import": "./dist/intelligence.js",
+      "default": "./dist/intelligence.js"
+    },
     "./runtime": {
       "types": "./dist/runtime.d.ts",
       "import": "./dist/runtime.js",