@tpsdev-ai/cli 0.1.0 → 0.3.0

package/README.md

@@ -1,79 +1,65 @@
-# TPS (Team Provisioning System)
+# @tpsdev-ai/cli
 
-> "Yeah... I'm gonna need you to go ahead and come in on Saturday. We lost some people this week and we need to sort of play catch-up."
+> TPS (Team Provisioning System) — an Agent OS CLI for managing isolated AI agents.
 
-**TPS is an Agent OS CLI for managing isolated AI agents in remote branch offices.** It provides the secure primitives for agents to exist, discover each other, communicate asynchronously, and run in isolated environments (Docker sandboxes or remote VMs).
+Hire agents, provision secure branch offices, manage identity and encrypted comms, track operational health — all from the command line.
 
-If you want your AI agents to stop stepping on each other's toes and actually get some work done, you're going to need them to file their TPS reports.
-
-![Lumbergh Agent](docs/media/lumbergh-agent.png)
-
-## Why TPS?
-
-Most agent frameworks assume all agents run in the same memory space. TPS assumes agents are employees: they work in different offices, they have different security clearances, and they communicate via mail.
-
-- **The Branch Office**: Agents run in secure, remote sandboxes (VMs or Docker). Host keys never leave the host.
-- **The Mailroom**: Async, persistent, cross-boundary messaging.
-- **Wire Security**: All traffic over `wss://` is E2E encrypted and mutually authenticated using the **Noise_IK** protocol.
-- **The TPS Report**: One `tps.yaml` file defines an agent's identity, capabilities, and mail handlers.
-
-> "I have eight different bosses right now. So that means that when I make a mistake, I have eight different people coming by to tell me about it." — Make your agents communicate through a single, auditable mail interface instead.
-
-## Quickstart
+## Install
 
 ```bash
-# 1. Install
-npm install -g @tpsdev-ai/cli
-
-# 2. Init your host identity
-tps identity init
-
-# 3. Create a branch office on a remote VM
-# (On the VM)
 npm install -g @tpsdev-ai/cli
-tps branch init --listen 6458 --host my-vm.example.com
-
-# 4. Join the branch office
-# (On your host)
-tps office join my-vm "tps://join?host=my-vm.example.com..."
-
-# 5. Connect the persistent relay
-tps office connect my-vm &
+```
 
-# 6. Send a memo
-tps mail send my-vm "Did you get the memo about the TPS reports?"
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `tps hire <report>` | Onboard a new agent from a TPS report |
+| `tps roster` | List all agents and their status |
+| `tps bootstrap <agent>` | Run first-boot health checks and workspace scaffolding |
+| `tps office setup` | Configure sandbox environment from workspace manifest |
+| `tps backup <agent>` | Create encrypted, checksummed workspace backup |
+| `tps restore <agent> <archive>` | Restore agent workspace with transactional rollback |
+| `tps status` | Operational dashboard — health, uptime, cost tracking |
+| `tps heartbeat <agent>` | Agent self-reports health (workspace, gateway, provider) |
+| `tps identity init` | Generate Ed25519 host keypair |
+| `tps branch init` | Initialize a remote branch office |
+| `tps office join` | Join a branch to the head office via Noise_IK handshake |
+| `tps office connect` | Establish persistent encrypted relay channel |
+| `tps mail send` | Send async mail to a branch agent |
+| `tps mail check` | Check for incoming mail |
+| `tps secrets set/get` | Encrypted vault for API keys and credentials |
 
-# 7. Check the branch status
-tps mail send my-vm "status"
-tps mail check
-```
+## Architecture
 
-## The Three-Channel Model
+TPS treats AI agents like employees in an organization:
 
-Agents shouldn't do everything over a single chat thread. TPS enforces:
-1. **Mail** for messages (commands, status, notifications).
-2. **Git** for artifacts (code, specs, docs).
-3. **APIs** for external data.
+- **Branch Offices** — isolated sandboxes (Docker, VMs, or `nono` process isolation)
+- **The Mailroom** — async, persistent, cross-boundary messaging via Maildir
+- **Wire Security** — Noise_IK protocol over WebSocket for E2E encrypted transport
+- **Identity** — Ed25519 keypairs with signed join tokens
 
-![The Mailroom](docs/media/mailroom.png)
+Agents communicate through three channels:
+1. **Mail** for messages (tasks, status, coordination)
+2. **Git** for artifacts (code, reports, generated files)
+3. **APIs** for external data
 
-## Plugins & Handlers
+## Security
 
-Agents can declare `mailHandlers` in their `tps.yaml` manifest. The TPS branch daemon will automatically route incoming mail to the right handler based on regex patterns or sender allowlists.
+- All inter-office traffic is E2E encrypted (Noise_IK + MessagePack)
+- Sandbox profiles enforce filesystem, network, and exec boundaries
+- Encrypted secrets vault (Argon2id key derivation)
+- Audit trail with append-only logging and search
+- Path traversal protection on all user-supplied identifiers
 
-```yaml
-name: deploy-bot
-capabilities:
-  mail_handler:
-    exec: ./handler.sh
-    match:
-      bodyPattern: "^(deploy|status)"
-```
+See [SECURITY.md](https://github.com/tpsdev-ai/cli/blob/main/SECURITY.md) for responsible disclosure.
 
-## Architecture
+## Links
 
-Read [ARCHITECTURE.md](ARCHITECTURE.md) for details on the Noise_IK implementation, hub-and-spoke topology, and security boundaries.
+- [GitHub](https://github.com/tpsdev-ai/cli)
+- [Runtime Library](https://www.npmjs.com/package/@tpsdev-ai/agent)
+- [Contributing](https://github.com/tpsdev-ai/cli/blob/main/CONTRIBUTING.md)
 
 ## License
 
-Apache 2.0
+Apache-2.0

package/bin/tps.cjs

@@ -0,0 +1,22 @@
+#!/usr/bin/env node
+
+const { execFileSync } = require('child_process');
+
+const platform = process.platform;
+const arch = process.arch;
+const pkg = `@tpsdev-ai/cli-${platform}-${arch}`;
+
+function runBinary() {
+  try {
+    const binPath = require.resolve(`${pkg}/tps`);
+    execFileSync(binPath, process.argv.slice(2), { stdio: 'inherit' });
+    return;
+  } catch (err) {
+    console.error(`TPS: no binary package available for ${platform}-${arch}.`);
+    console.error(`Run npm install -g ${pkg} to install the platform binary package.`);
+    console.error('Or run from source inside the repository via `bun run tps` in packages/cli.');
+    process.exitCode = 1;
+  }
+}
+
+runBinary();

package/bin/tps.ts

@@ -0,0 +1,435 @@
+#!/usr/bin/env node
+import meow from "meow";
+
+const cli = meow(
+  `
+  Usage
+    $ tps <command> [options]
+
+  Commands
+    hire <report>     Onboard a new agent from a .tps report or persona
+    roster <action>   Agent directory (list/show/find)
+    review <name>     Performance review for a specific agent
+    office <action>   Branch office sandbox lifecycle (start/stop/list/status/kill)
+    bootstrap <agent-id>  Bring a hired agent to operational state
+    backup <agent-id> [--schedule daily|off] [--keep n] [--sanitize]  Backup agent workspace
+    restore <agent-id> <archive> [--clone] [--overwrite] [--from <archive>] Restore agent workspace from a backup
+    status [agent-id] [--auto-prune] [--prune] [--json] [--cost] [--shared]
+    heartbeat <agent-id> [--nonono] Send a heartbeat/ping for an agent
+    context <action>  Workstream context memory (read/update/list)
+    mail <action>     Mailroom operations (send/check/list/search)
+    identity <action> Key management (init/show/register/list/revoke/verify)
+    secrets <action>  Secret management (set/list/remove)
+    git <action>      Git utilities (worktree)
+    branch <action>   Branch office node (init/start/stop/status/log)
+
+  Options
+    --help            Show this help text
+    --version         Show version number
+    --config <path>   Path to openclaw.json (default: auto-discover)
+
+  Examples
+    $ tps hire developer --name Fred
+    $ tps hire ./reports/strategy-lead.tps --dry-run
+    $ tps hire developer --name Scout --runtime claude-code
+    $ tps hire ops --name Monitor --runtime ollama --base-model llama3.1:8b
+    $ tps hire developer --name Coder --runtime codex
+    $ tps roster list
+    $ tps roster show flint --json
+    $ tps roster find --channel discord
+    $ tps roster list --config ~/custom/openclaw.json
+    $ tps mail send kern "hi"
+    $ tps mail check kern
+    $ tps mail log --limit 10
+    $ tps mail log flint --since 2026-02-20
+    $ tps office start branch-a
+    $ tps office status branch-a
+    $ tps bootstrap flint
+    $ tps backup flint --schedule daily
+    $ tps restore flint ~/.tps/backups/flint/old.tps-backup.tar.gz
+    $ tps status
+    $ tps status flint --cost
+    $ tps heartbeat flint
+    $ tps review flint
+
+  Built-in personas: developer, designer, support, ea, ops, strategy, security
+
+  If you could just go ahead and use the correct command, that'd be great.
+`,
+  {
+    importMeta: import.meta,
+    flags: {
+      reason: { type: "string" },
+      expiresIn: { type: "string" },
+      trust: { type: "string" },
+      pubkey: { type: "string" },
+      encPubkey: { type: "string" },
+      name: { type: "string" },
+      workspace: { type: "string" },
+      dryRun: { type: "boolean", default: false },
+      json: { type: "boolean", default: false },
+      config: { type: "string" },
+      deep: { type: "boolean", default: false },
+      summary: { type: "string" },
+      channel: { type: "string" },
+      branch: { type: "boolean", default: false },
+      manifest: { type: "string" },
+      soundstage: { type: "boolean", default: false },
+      nonono: { type: "boolean", default: false },
+      inject: { type: "boolean", default: true },
+      runtime: { type: "string", default: "openclaw" },
+      baseModel: { type: "string" },
+      since: { type: "string" },
+      limit: { type: "number" },
+      from: { type: "string" },
+      clone: { type: "boolean", default: false },
+      overwrite: { type: "boolean", default: false },
+      schedule: { type: "string" },
+      keep: { type: "number" },
+      sanitize: { type: "boolean", default: true },
+      listen: { type: "number" },
+      host: { type: "string" },
+      force: { type: "boolean", default: false },
+      follow: { type: "boolean", default: false },
+      lines: { type: "number" },
+      transport: { type: "string" },
+      autoPrune: { type: "boolean", default: false },
+      prune: { type: "boolean", default: false },
+      staleMinutes: { type: "number" },
+      offlineHours: { type: "number" },
+      shared: { type: "boolean", default: false },
+      cost: { type: "boolean", default: false },
+      statusOverride: { type: "string" },
+    },
+  }
+);
+
+const [command, ...rest] = cli.input;
+
+// nono availability check (skip for --no-nono or office/mail relay commands)
+async function checkNono() {
+  if (cli.flags.nonono) return;
+  if (command === "office" && rest[0] === "relay") return; // relay runs in background
+  const { findNono } = await import("../src/utils/nono.js");
+  if (!findNono()) {
+    console.warn(
+      "⚠️  nono not found. Host agents will run without process isolation.\n" +
+      "   Install nono for syscall filtering + filesystem boundaries.\n" +
+      "   Use --nonono to run anyway (not recommended).\n"
+    );
+  }
+}
+
+async function main() {
+  await checkNono();
+  switch (command) {
+    case "hire": {
+      const reportPath = rest[0];
+      if (!reportPath) {
+        console.error(
+          "I'm gonna need you to specify a TPS report file or persona.\n\n  tps hire <report.tps | persona> [--name Name]\n\nBuilt-in personas: developer, designer, support, ea, ops, strategy"
+        );
+        process.exit(1);
+      }
+      const { runHire } = await import("../src/cli/hire.js");
+      runHire({
+        reportPath,
+        name: cli.flags.name,
+        workspace: cli.flags.workspace,
+        dryRun: cli.flags.dryRun,
+        jsonOutput: cli.flags.json,
+        configPath: cli.flags.config,
+        branch: cli.flags.branch,
+        inject: cli.flags.inject,
+        runtime: cli.flags.runtime as any,
+        baseModel: cli.flags.baseModel,
+      });
+      break;
+    }
+    case "roster": {
+      // Backward-compatible path (keeps nono re-exec behavior used by existing tests):
+      // `tps roster` with no subcommand routes to the legacy CLI implementation.
+      if (!rest[0]) {
+        const { runRoster } = await import("../src/cli/roster.js");
+        runRoster({ configPath: cli.flags.config });
+        break;
+      }
+
+      const action = rest[0] as "list" | "show" | "find";
+      if (!["list", "show", "find"].includes(action)) {
+        console.error(
+          "Usage:\n  tps roster\n  tps roster list\n  tps roster show <agent> [--json]\n  tps roster find --channel <channel> [--json]"
+        );
+        process.exit(1);
+      }
+      const { runRoster } = await import("../src/commands/roster.js");
+      runRoster({
+        action,
+        agent: rest[1],
+        channel: cli.flags.channel || undefined,
+        json: cli.flags.json,
+        configPath: cli.flags.config,
+      });
+      break;
+    }
+    case "review": {
+      const agentName = rest[0];
+      if (!agentName) {
+        console.error(
+          "Review who? I'm gonna need a name.\n\n  tps review <agent-name>"
+        );
+        process.exit(1);
+      }
+      const { runReview } = await import("../src/cli/review.js");
+      runReview({ agentName, configPath: cli.flags.config, deep: cli.flags.deep });
+      break;
+    }
+    case "bootstrap": {
+      const agentId = rest[0];
+      if (!agentId) {
+        console.error("Usage: tps bootstrap <agent-id>");
+        process.exit(1);
+      }
+
+      const { runBootstrap } = await import("../src/commands/bootstrap.js");
+      await runBootstrap({
+        agentId,
+        configPath: cli.flags.config,
+        channel: cli.flags.channel,
+      });
+      break;
+    }
+
+    case "office": {
+      const action = rest[0] as "start" | "stop" | "list" | "status" | "relay" | "exec" | "join" | "revoke" | "sync" | "connect" | "kill" | "setup" | undefined;
+      const validActions = ["start", "stop", "list", "status", "relay", "exec", "join", "revoke", "sync", "connect", "kill", "setup"];
+      // Backward compatibility: `tps office <agent>` maps to `start <agent>`.
+      const isLegacy = action && !validActions.includes(action);
+      if ((!action && !isLegacy) || (!isLegacy && !validActions.includes(action!))) {
+        console.error(
+          "Usage:\n  tps office start <agent>\n  tps office stop <agent>\n  tps office list\n  tps office status [agent]\n  tps office exec <agent> -- <command...>\n  tps office join <name> <join-token>\n  tps office revoke <name>\n  tps office sync <name>\n  tps office connect <name>\n  tps office setup <agent> [--dry-run]\n  tps office kill"
+        );
+        process.exit(1);
+      }
+
+      const { runOffice } = await import("../src/commands/office.js");
+      if (isLegacy) {
+        await runOffice({ action: "start", agent: rest[0] });
+      } else if (action === "exec") {
+        // Everything after "--" is the command
+        const dashIdx = process.argv.indexOf("--");
+        const execCmd = dashIdx >= 0 ? process.argv.slice(dashIdx + 1) : rest.slice(2);
+        await runOffice({ action: "exec", agent: rest[1], command: execCmd });
+      } else if (action === "join") {
+        const joinToken = rest[2];
+        if (!rest[1] || !joinToken) {
+          console.error("Usage: tps office join <name> <join-token-url>");
+          process.exit(1);
+        }
+        await runOffice({ action: "join", agent: rest[1], joinToken });
+      } else if (action === "revoke") {
+        if (!rest[1]) {
+          console.error("Usage: tps office revoke <name>");
+          process.exit(1);
+        }
+        await runOffice({ action: "revoke", agent: rest[1] });
+      } else if (action === "setup") {
+        const dryRun = process.argv.includes("--dry-run") || process.argv.includes("--dry");
+        await runOffice({ action: "setup", agent: rest[1], dryRun });
+      } else {
+        const soundstageIdx = process.argv.indexOf("--soundstage");
+        const isSoundstage = soundstageIdx >= 0 || cli.flags.soundstage;
+        if (soundstageIdx >= 0) process.argv.splice(soundstageIdx, 1);
+
+        await runOffice({ action: action!, agent: rest[1], manifest: cli.flags.manifest, soundstage: isSoundstage });
+      }
+      break;
+    }
+    case "context": {
+      const action = rest[0] as "read" | "update" | "list" | undefined;
+      const workstream = rest[1];
+      if (!action || !["read", "update", "list"].includes(action)) {
+        console.error(
+          "Usage:\n  tps context read <workstream>\n  tps context update <workstream> --summary \"...\"\n  tps context list"
+        );
+        process.exit(1);
+      }
+      const { runContext } = await import("../src/commands/context.js");
+      runContext({
+        action,
+        workstream,
+        summary: cli.flags.summary,
+        json: cli.flags.json,
+      });
+      break;
+    }
+    case "mail": {
+      const action = rest[0] as "send" | "check" | "list" | "log" | "read" | "watch" | "search" | undefined;
+      if (cli.flags.help || !action || !["send", "check", "list", "log", "read", "watch", "search"].includes(action)) {
+        console.log(
+          "Usage:\n  tps mail send <agent> <message>   Send mail to a local or remote agent\n  tps mail check [agent]             Read new messages (marks as read)\n  tps mail watch [agent]             Watch inbox for new messages\n  tps mail list [agent]              List all messages (read + unread)\n  tps mail read <agent> <id>         Show a specific message by ID (prefix ok)\n  tps mail search <query>            Search mail history using full-text search\n  tps mail log [agent]               Show audit log [--since YYYY-MM-DD] [--limit N]"
+        );
+        process.exit(cli.flags.help ? 0 : 1);
+      }
+      const { runMail } = await import("../src/commands/mail.js");
+      await runMail({
+        action,
+        agent: rest[1],
+        message: action === "send" ? rest.slice(2).join(" ") : undefined,
+        messageId: action === "read" ? rest[2] : undefined,
+        json: cli.flags.json,
+        since: cli.flags.since,
+        limit: cli.flags.limit ? Number(cli.flags.limit) : undefined,
+      });
+      break;
+    }
+    case "identity": {
+      const action = rest[0] as "init" | "show" | "register" | "list" | "revoke" | "verify" | undefined;
+      if (!action || !["init", "show", "register", "list", "revoke", "verify"].includes(action)) {
+        console.error(
+          "Usage:\n  tps identity init [--expires-in 90d]\n  tps identity show\n  tps identity register <branch> [--expires-in 90d] [--trust standard]\n  tps identity list\n  tps identity revoke <branch> --reason \"...\"\n  tps identity verify <branch>"
+        );
+        process.exit(1);
+      }
+      const { runIdentity } = await import("../src/commands/identity.js");
+      await runIdentity({
+        action,
+        branch: rest[1],
+        reason: cli.flags.reason,
+        json: cli.flags.json,
+        expiresIn: cli.flags.expiresIn,
+        trust: cli.flags.trust as any,
+        pubkey: cli.flags.pubkey,
+        encPubkey: cli.flags.encPubkey,
+      });
+      break;
+    }
+    case "secrets": {
+      const action = rest[0] as "set" | "list" | "remove" | undefined;
+      if (!action || !["set", "list", "remove"].includes(action)) {
+        console.error("Usage:\n  tps secrets set <KEY>=<VALUE>\n  tps secrets list\n  tps secrets remove <KEY>");
+        process.exit(1);
+      }
+      const { runSecrets } = await import("../src/commands/secrets.js");
+      let key: string | undefined;
+      let value: string | undefined;
+      if (action === "set") {
+        const parts = rest[1]?.split("=");
+        key = parts?.[0];
+        value = parts?.slice(1).join("=");
+      } else {
+        key = rest[1];
+      }
+      await runSecrets({ action, key, value, json: cli.flags.json });
+      break;
+    }
+    case "backup": {
+      const agentId = rest[0];
+      if (!agentId) {
+        console.error("Usage: tps backup <agent-id> [--schedule daily|off] [--keep n]");
+        process.exit(1);
+      }
+      const { runBackup } = await import("../src/commands/backup.js");
+      await runBackup({
+        agentId,
+        keep: typeof cli.flags.keep === "number" ? Number(cli.flags.keep) : undefined,
+        schedule: cli.flags.schedule,
+        sanitize: cli.flags.sanitize,
+        configPath: cli.flags.config,
+      });
+      break;
+    }
+    case "restore": {
+      const agentId = rest[0];
+      const archivePath = cli.flags.from || rest[1];
+      if (!agentId || !archivePath) {
+        console.error("Usage: tps restore <agent-id> <archive> [--from <archive>] [--clone] [--overwrite] [--force]");
+        process.exit(1);
+      }
+      const { runRestore } = await import("../src/commands/backup.js");
+      await runRestore({
+        agentId,
+        archivePath,
+        force: !!cli.flags.force,
+        overwrite: !!cli.flags.overwrite,
+        clone: !!cli.flags.clone,
+        configPath: cli.flags.config,
+      });
+      break;
+    }
+    case "heartbeat": {
+      const agentId = rest[0];
+      if (!agentId) {
+        console.error("Usage: tps heartbeat <agent-id>");
+        process.exit(1);
+      }
+      const { runHeartbeat } = await import("../src/commands/status.js");
+      await runHeartbeat({
+        agentId,
+        status: (cli.flags.statusOverride as any) || undefined,
+        nonono: !!cli.flags.nonono,
+        profile: "tps-status",
+      });
+      break;
+    }
+    case "status": {
+      const agentId = rest[0];
+      const { runStatus } = await import("../src/commands/status.js");
+      await runStatus({
+        agentId,
+        autoPrune: !!cli.flags.autoPrune,
+        prune: !!cli.flags.prune,
+        json: !!cli.flags.json,
+        staleMinutes: cli.flags.staleMinutes ? Number(cli.flags.staleMinutes) : undefined,
+        offlineHours: cli.flags.offlineHours ? Number(cli.flags.offlineHours) : undefined,
+        cost: !!cli.flags.cost,
+        shared: !!cli.flags.shared,
+      });
+      break;
+    }
+    case "branch": {
+      const action = rest[0] as "init" | "start" | "stop" | "status" | "log" | undefined;
+      const valid = ["init", "start", "stop", "status", "log"];
+      if (!action || !valid.includes(action)) {
+        console.error("Usage:\n  tps branch init [--listen <port>] [--host <hostname>] [--transport ws|tcp]\n  tps branch start\n  tps branch stop\n  tps branch status\n  tps branch log [--lines N] [--follow]");
+        process.exit(1);
+      }
+      const { runBranch } = await import("../src/commands/branch.js");
+      await runBranch({
+        action,
+        port: typeof cli.flags.listen === "number" ? Number(cli.flags.listen) : undefined,
+        host: cli.flags.host,
+        transport: cli.flags.transport === "tcp" ? "tcp" : cli.flags.transport === "ws" ? "ws" : undefined,
+        force: cli.flags.force,
+        lines: typeof cli.flags.lines === "number" ? Number(cli.flags.lines) : undefined,
+        follow: !!cli.flags.follow,
+      });
+      break;
+    }
+    case "git": {
+      const action = rest[0];
+      if (action === "worktree") {
+        const agent = rest[1];
+        const repoPath = rest[2];
+        const branchName = rest[3];
+        if (!agent || !repoPath) {
+          console.error("Usage: tps git worktree <agent> <repo-path> [branch-name]");
+          process.exit(1);
+        }
+        const { runGit } = await import("../src/commands/git.js");
+        await runGit({ action, agent, repoPath, branchName });
+      } else {
+        console.error("Unknown git action. Supported: worktree");
+        process.exit(1);
+      }
+      break;
+    }
+    default:
+      cli.showHelp();
+  }
+}
+
+main().catch((err) => {
+  console.error(err?.message || err);
+  process.exit(1);
+});

package/nono-profiles/tps-backup.toml

@@ -0,0 +1,18 @@
+[meta]
+name = "tps-backup"
+version = "1.0.0"
+description = "Backup agent workspace for portability and recovery."
+
+[workdir]
+access = "readwrite"
+
+[filesystem]
+paths = [
+  { path = "/workspace", access = "readwrite" },
+  { path = "/tmp", access = "readwrite" },
+  { path = "/home", access = "readwrite" }
+]
+
+[network]
+# Backup creation stays local.
+block = true

package/nono-profiles/tps-bootstrap.toml

@@ -0,0 +1,20 @@
+[meta]
+name = "tps-bootstrap"
+version = "1.0.0"
+description = "Bootstrap protocol checks and health verification."
+
+[workdir]
+access = "readwrite"
+
+[filesystem]
+# Workspace write access for generated files and health checks
+paths = [
+  { path = "/workspace", access = "readwrite" },
+  { path = "/tmp", access = "readwrite" },
+]
+
+# Restrict network to local gateway verification only.
+[network]
+block = false
+# NOTE: nono parser expects allowlist entries in policy tests; keep explicit local host scope.
+allow = ["127.0.0.1"]

package/nono-profiles/tps-office-manager.toml

@@ -0,0 +1,21 @@
+[meta]
+name = "tps-office-manager"
+version = "1.0.0"
+description = "tps office manager — installs dependencies and tools."
+
+[workdir]
+access = "readwrite"
+
+[filesystem]
+# Allow read/write to system binary and package directories to install tools
+paths = [
+  { path = "/usr/local/bin", access = "readwrite" },
+  { path = "/usr/bin", access = "readwrite" },
+  { path = "/usr/lib/node_modules", access = "readwrite" },
+  { path = "/var/cache/apk", access = "readwrite" },
+  { path = "/lib/apk", access = "readwrite" },
+  { path = "/etc/apk", access = "readwrite" }
+]
+
+[network]
+block = false # Must allow network to download packages

package/nono-profiles/tps-restore.toml

@@ -0,0 +1,18 @@
+[meta]
+name = "tps-restore"
+version = "1.0.0"
+description = "Restore agent workspace and run post-restore health check."
+
+[workdir]
+access = "readwrite"
+
+[filesystem]
+paths = [
+  { path = "/tmp", access = "readwrite" },
+  { path = "/home", access = "readwrite" }
+]
+
+[network]
+# Health checks may hit local gateway.
+block = false
+allow = ["127.0.0.1", "localhost"]