npm - @vauban-org/agent-sdk - Versions diffs - 1.0.0 → 1.2.0 - Mend

@vauban-org/agent-sdk 1.0.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (442) hide show

package/CONTRACT.md +6401 -813
package/dist/adapters/llm/anthropic-direct.d.ts +1 -0
package/dist/adapters/llm/anthropic-direct.d.ts.map +1 -1
package/dist/adapters/llm/anthropic-direct.js +43 -0
package/dist/adapters/llm/anthropic-direct.js.map +1 -1
package/dist/adapters/llm/cascade.d.ts.map +1 -1
package/dist/adapters/llm/cascade.js +57 -14
package/dist/adapters/llm/cascade.js.map +1 -1
package/dist/adapters/llm/litellm.d.ts +2 -0
package/dist/adapters/llm/litellm.d.ts.map +1 -1
package/dist/adapters/llm/litellm.js +44 -0
package/dist/adapters/llm/litellm.js.map +1 -1
package/dist/compute/difficulty-estimator.d.ts +53 -0
package/dist/compute/difficulty-estimator.d.ts.map +1 -0
package/dist/compute/difficulty-estimator.js +82 -0
package/dist/compute/difficulty-estimator.js.map +1 -0
package/dist/compute/strategies/mixture-of-agents.d.ts +40 -0
package/dist/compute/strategies/mixture-of-agents.d.ts.map +1 -0
package/dist/compute/strategies/mixture-of-agents.js +110 -0
package/dist/compute/strategies/mixture-of-agents.js.map +1 -0
package/dist/compute/strategies/tree-of-thoughts.d.ts +48 -0
package/dist/compute/strategies/tree-of-thoughts.d.ts.map +1 -0
package/dist/compute/strategies/tree-of-thoughts.js +242 -0
package/dist/compute/strategies/tree-of-thoughts.js.map +1 -0
package/dist/compute/strategies/two-phase-orient.d.ts +72 -0
package/dist/compute/strategies/two-phase-orient.d.ts.map +1 -0
package/dist/compute/strategies/two-phase-orient.js +85 -0
package/dist/compute/strategies/two-phase-orient.js.map +1 -0
package/dist/constitution/types.d.ts +10 -10
package/dist/container/protocol.d.ts +134 -0
package/dist/container/protocol.d.ts.map +1 -0
package/dist/container/protocol.js +157 -0
package/dist/container/protocol.js.map +1 -0
package/dist/container/runtime.d.ts +140 -0
package/dist/container/runtime.d.ts.map +1 -0
package/dist/container/runtime.js +256 -0
package/dist/container/runtime.js.map +1 -0
package/dist/events/catalogue.d.ts +46 -46
package/dist/events/schemas/agent.completed.v1.d.ts +4 -4
package/dist/events/schemas/agent.failed.v1.d.ts +2 -2
package/dist/events/schemas/agent.hitl_resolved.v1.d.ts +2 -2
package/dist/events/schemas/agent.started.v1.d.ts +2 -2
package/dist/events/schemas/brain.skill.extracted.v1.d.ts +4 -4
package/dist/events/schemas/cc.cost.anomaly_detected.v1.d.ts +2 -2
package/dist/events/schemas/cc.cost.recorded.v1.d.ts +4 -4
package/dist/events/schemas/citadel.sprint.analyzed.v1.d.ts +6 -6
package/dist/events/schemas/citadel.sprint.closed.v1.d.ts +2 -2
package/dist/events/schemas/forge.inbox.reply_classified.v1.d.ts +6 -6
package/dist/events/schemas/forge.lead.qualified.v1.d.ts +2 -2
package/dist/events/schemas/forge.outreach.sent.v1.d.ts +4 -4
package/dist/events/schemas/incident.detected.v1.d.ts +2 -2
package/dist/events/schemas/vauban.goal.checked.v1.d.ts +2 -2
package/dist/events/schemas/vauban.rebalancing.checked.v1.d.ts +2 -2
package/dist/events/schemas/vauban.tax.checked.v1.d.ts +2 -2
package/dist/events/schemas/vauban.vault.analyzed.v1.d.ts +6 -6
package/dist/identity/agent-persona.d.ts +73 -0
package/dist/identity/agent-persona.d.ts.map +1 -0
package/dist/identity/agent-persona.js +165 -0
package/dist/identity/agent-persona.js.map +1 -0
package/dist/identity/persona-prompt.d.ts +25 -0
package/dist/identity/persona-prompt.d.ts.map +1 -0
package/dist/identity/persona-prompt.js +71 -0
package/dist/identity/persona-prompt.js.map +1 -0
package/dist/identity/persona-schema.d.ts +120 -0
package/dist/identity/persona-schema.d.ts.map +1 -0
package/dist/identity/persona-schema.js +103 -0
package/dist/identity/persona-schema.js.map +1 -0
package/dist/index.d.ts +37 -2
package/dist/index.d.ts.map +1 -1
package/dist/index.js +29 -1
package/dist/index.js.map +1 -1
package/dist/loop/minimal-loop.js +293 -287
package/dist/memory/episodic-rrf.d.ts +114 -0
package/dist/memory/episodic-rrf.d.ts.map +1 -0
package/dist/memory/episodic-rrf.js +148 -0
package/dist/memory/episodic-rrf.js.map +1 -0
package/dist/mesh/attenuation.d.ts +78 -0
package/dist/mesh/attenuation.d.ts.map +1 -0
package/dist/mesh/attenuation.js +141 -0
package/dist/mesh/attenuation.js.map +1 -0
package/dist/mesh/delegate.d.ts +96 -0
package/dist/mesh/delegate.d.ts.map +1 -0
package/dist/mesh/delegate.js +172 -0
package/dist/mesh/delegate.js.map +1 -0
package/dist/mesh/dispatcher.d.ts +119 -0
package/dist/mesh/dispatcher.d.ts.map +1 -0
package/dist/mesh/dispatcher.js +207 -0
package/dist/mesh/dispatcher.js.map +1 -0
package/dist/mesh/index.d.ts +12 -0
package/dist/mesh/index.d.ts.map +1 -0
package/dist/mesh/index.js +11 -0
package/dist/mesh/index.js.map +1 -0
package/dist/mesh/types.d.ts +30 -0
package/dist/mesh/types.d.ts.map +1 -0
package/dist/mesh/types.js +11 -0
package/dist/mesh/types.js.map +1 -0
package/dist/orchestration/ooda/skills.d.ts +104 -0
package/dist/orchestration/ooda/skills.d.ts.map +1 -1
package/dist/orchestration/ooda/skills.js +106 -0
package/dist/orchestration/ooda/skills.js.map +1 -1
package/dist/ports/bastion-action.contract.test.d.ts +11 -0
package/dist/ports/bastion-action.contract.test.d.ts.map +1 -0
package/dist/ports/bastion-action.contract.test.js +238 -0
package/dist/ports/bastion-action.contract.test.js.map +1 -0
package/dist/ports/bastion-action.d.ts +133 -0
package/dist/ports/bastion-action.d.ts.map +1 -0
package/dist/ports/bastion-action.js +73 -0
package/dist/ports/bastion-action.js.map +1 -0
package/dist/ports/brain.d.ts +31 -0
package/dist/ports/brain.d.ts.map +1 -1
package/dist/ports/brain.js +115 -1
package/dist/ports/brain.js.map +1 -1
package/dist/ports/citadel-action.contract.test.d.ts +11 -0
package/dist/ports/citadel-action.contract.test.d.ts.map +1 -0
package/dist/ports/citadel-action.contract.test.js +317 -0
package/dist/ports/citadel-action.contract.test.js.map +1 -0
package/dist/ports/citadel-action.d.ts +111 -0
package/dist/ports/citadel-action.d.ts.map +1 -0
package/dist/ports/citadel-action.js +62 -0
package/dist/ports/citadel-action.js.map +1 -0
package/dist/ports/compliance-contract.d.ts +123 -0
package/dist/ports/compliance-contract.d.ts.map +1 -0
package/dist/ports/compliance-contract.js +35 -0
package/dist/ports/compliance-contract.js.map +1 -0
package/dist/ports/db.d.ts +38 -0
package/dist/ports/db.d.ts.map +1 -1
package/dist/ports/db.js +88 -1
package/dist/ports/db.js.map +1 -1
package/dist/ports/delegation.contract.test.d.ts +9 -0
package/dist/ports/delegation.contract.test.d.ts.map +1 -0
package/dist/ports/delegation.contract.test.js +337 -0
package/dist/ports/delegation.contract.test.js.map +1 -0
package/dist/ports/delegation.d.ts +134 -0
package/dist/ports/delegation.d.ts.map +1 -0
package/dist/ports/delegation.js +105 -0
package/dist/ports/delegation.js.map +1 -0
package/dist/ports/event-bus.d.ts +29 -0
package/dist/ports/event-bus.d.ts.map +1 -1
package/dist/ports/event-bus.js +106 -1
package/dist/ports/event-bus.js.map +1 -1
package/dist/ports/federation.contract.test.d.ts +9 -0
package/dist/ports/federation.contract.test.d.ts.map +1 -0
package/dist/ports/federation.contract.test.js +279 -0
package/dist/ports/federation.contract.test.js.map +1 -0
package/dist/ports/federation.d.ts +140 -0
package/dist/ports/federation.d.ts.map +1 -0
package/dist/ports/federation.js +57 -0
package/dist/ports/federation.js.map +1 -0
package/dist/ports/index.d.ts +28 -2
package/dist/ports/index.d.ts.map +1 -1
package/dist/ports/index.js +17 -2
package/dist/ports/index.js.map +1 -1
package/dist/ports/llm-provider.d.ts +37 -0
package/dist/ports/llm-provider.d.ts.map +1 -1
package/dist/ports/llm-provider.js +99 -1
package/dist/ports/llm-provider.js.map +1 -1
package/dist/ports/logger.d.ts +27 -0
package/dist/ports/logger.d.ts.map +1 -1
package/dist/ports/logger.js +87 -0
package/dist/ports/logger.js.map +1 -1
package/dist/ports/manifest-registry.contract.test.d.ts +9 -0
package/dist/ports/manifest-registry.contract.test.d.ts.map +1 -0
package/dist/ports/manifest-registry.contract.test.js +246 -0
package/dist/ports/manifest-registry.contract.test.js.map +1 -0
package/dist/ports/manifest-registry.d.ts +116 -0
package/dist/ports/manifest-registry.d.ts.map +1 -0
package/dist/ports/manifest-registry.js +79 -0
package/dist/ports/manifest-registry.js.map +1 -0
package/dist/ports/observability.contract.test.d.ts +12 -0
package/dist/ports/observability.contract.test.d.ts.map +1 -0
package/dist/ports/observability.contract.test.js +260 -0
package/dist/ports/observability.contract.test.js.map +1 -0
package/dist/ports/observability.d.ts +98 -0
package/dist/ports/observability.d.ts.map +1 -0
package/dist/ports/observability.js +59 -0
package/dist/ports/observability.js.map +1 -0
package/dist/ports/outcome.d.ts +26 -0
package/dist/ports/outcome.d.ts.map +1 -1
package/dist/ports/outcome.js +62 -1
package/dist/ports/outcome.js.map +1 -1
package/dist/ports/privacy.contract.test.d.ts +12 -0
package/dist/ports/privacy.contract.test.d.ts.map +1 -0
package/dist/ports/privacy.contract.test.js +325 -0
package/dist/ports/privacy.contract.test.js.map +1 -0
package/dist/ports/privacy.d.ts +132 -0
package/dist/ports/privacy.d.ts.map +1 -0
package/dist/ports/privacy.js +83 -0
package/dist/ports/privacy.js.map +1 -0
package/dist/ports/tenant-context.contract.test.d.ts +14 -0
package/dist/ports/tenant-context.contract.test.d.ts.map +1 -0
package/dist/ports/tenant-context.contract.test.js +352 -0
package/dist/ports/tenant-context.contract.test.js.map +1 -0
package/dist/ports/tenant-context.d.ts +103 -0
package/dist/ports/tenant-context.d.ts.map +1 -0
package/dist/ports/tenant-context.js +48 -0
package/dist/ports/tenant-context.js.map +1 -0
package/dist/ports/vauban-finance-action.contract.test.d.ts +11 -0
package/dist/ports/vauban-finance-action.contract.test.d.ts.map +1 -0
package/dist/ports/vauban-finance-action.contract.test.js +260 -0
package/dist/ports/vauban-finance-action.contract.test.js.map +1 -0
package/dist/ports/vauban-finance-action.d.ts +106 -0
package/dist/ports/vauban-finance-action.d.ts.map +1 -0
package/dist/ports/vauban-finance-action.js +60 -0
package/dist/ports/vauban-finance-action.js.map +1 -0
package/dist/ports/workflow-runtime.d.ts +204 -0
package/dist/ports/workflow-runtime.d.ts.map +1 -0
package/dist/ports/workflow-runtime.js +72 -0
package/dist/ports/workflow-runtime.js.map +1 -0
package/dist/proof/cert-verify.d.ts +80 -0
package/dist/proof/cert-verify.d.ts.map +1 -0
package/dist/proof/cert-verify.js +178 -0
package/dist/proof/cert-verify.js.map +1 -0
package/dist/replay/replay.d.ts.map +1 -1
package/dist/replay/replay.js +5 -1
package/dist/replay/replay.js.map +1 -1
package/dist/retry/index.d.ts +129 -0
package/dist/retry/index.d.ts.map +1 -0
package/dist/retry/index.js +156 -0
package/dist/retry/index.js.map +1 -0
package/dist/retry/presets.d.ts +39 -0
package/dist/retry/presets.d.ts.map +1 -0
package/dist/retry/presets.js +69 -0
package/dist/retry/presets.js.map +1 -0
package/dist/skill-loop/ab-runner.d.ts +67 -0
package/dist/skill-loop/ab-runner.d.ts.map +1 -0
package/dist/skill-loop/ab-runner.js +160 -0
package/dist/skill-loop/ab-runner.js.map +1 -0
package/dist/skill-loop/adoption.d.ts +67 -0
package/dist/skill-loop/adoption.d.ts.map +1 -0
package/dist/skill-loop/adoption.js +126 -0
package/dist/skill-loop/adoption.js.map +1 -0
package/dist/skill-loop/candidate.d.ts +45 -0
package/dist/skill-loop/candidate.d.ts.map +1 -0
package/dist/skill-loop/candidate.js +43 -0
package/dist/skill-loop/candidate.js.map +1 -0
package/dist/skill-loop/evaluator.d.ts +42 -0
package/dist/skill-loop/evaluator.d.ts.map +1 -0
package/dist/skill-loop/evaluator.js +184 -0
package/dist/skill-loop/evaluator.js.map +1 -0
package/dist/skill-loop/index.d.ts +27 -0
package/dist/skill-loop/index.d.ts.map +1 -0
package/dist/skill-loop/index.js +27 -0
package/dist/skill-loop/index.js.map +1 -0
package/dist/skill-loop/reflexion-replay.d.ts +87 -0
package/dist/skill-loop/reflexion-replay.d.ts.map +1 -0
package/dist/skill-loop/reflexion-replay.js +110 -0
package/dist/skill-loop/reflexion-replay.js.map +1 -0
package/dist/skill-loop/sign-off.d.ts +88 -0
package/dist/skill-loop/sign-off.d.ts.map +1 -0
package/dist/skill-loop/sign-off.js +146 -0
package/dist/skill-loop/sign-off.js.map +1 -0
package/dist/skill-loop/value-metric.d.ts +55 -0
package/dist/skill-loop/value-metric.d.ts.map +1 -0
package/dist/skill-loop/value-metric.js +69 -0
package/dist/skill-loop/value-metric.js.map +1 -0
package/dist/skill-loop/versioning.d.ts +36 -0
package/dist/skill-loop/versioning.d.ts.map +1 -0
package/dist/skill-loop/versioning.js +47 -0
package/dist/skill-loop/versioning.js.map +1 -0
package/dist/skill-manifest/anchor.d.ts +91 -0
package/dist/skill-manifest/anchor.d.ts.map +1 -0
package/dist/skill-manifest/anchor.js +331 -0
package/dist/skill-manifest/anchor.js.map +1 -0
package/dist/skill-manifest/builder.d.ts +47 -0
package/dist/skill-manifest/builder.d.ts.map +1 -0
package/dist/skill-manifest/builder.js +93 -0
package/dist/skill-manifest/builder.js.map +1 -0
package/dist/skill-manifest/index.d.ts +13 -0
package/dist/skill-manifest/index.d.ts.map +1 -0
package/dist/skill-manifest/index.js +9 -0
package/dist/skill-manifest/index.js.map +1 -0
package/dist/skill-manifest/types.d.ts +67 -0
package/dist/skill-manifest/types.d.ts.map +1 -0
package/dist/skill-manifest/types.js +16 -0
package/dist/skill-manifest/types.js.map +1 -0
package/dist/skill-manifest/verifier.d.ts +42 -0
package/dist/skill-manifest/verifier.d.ts.map +1 -0
package/dist/skill-manifest/verifier.js +136 -0
package/dist/skill-manifest/verifier.js.map +1 -0
package/dist/skills/brain-query.d.ts +4 -4
package/dist/skills/brain-store.d.ts +6 -6
package/dist/skills/errors.d.ts +15 -0
package/dist/skills/errors.d.ts.map +1 -1
package/dist/skills/errors.js +21 -0
package/dist/skills/errors.js.map +1 -1
package/dist/skills/hitl-request.d.ts +2 -2
package/dist/skills/index.d.ts +3 -1
package/dist/skills/index.d.ts.map +1 -1
package/dist/skills/index.js +4 -1
package/dist/skills/index.js.map +1 -1
package/dist/skills/markdown/loader.d.ts +52 -0
package/dist/skills/markdown/loader.d.ts.map +1 -0
package/dist/skills/markdown/loader.js +93 -0
package/dist/skills/markdown/loader.js.map +1 -0
package/dist/skills/markdown/schema.d.ts +432 -0
package/dist/skills/markdown/schema.d.ts.map +1 -0
package/dist/skills/markdown/schema.js +121 -0
package/dist/skills/markdown/schema.js.map +1 -0
package/dist/skills/poc-md-loader/markdown-loader.d.ts +77 -0
package/dist/skills/poc-md-loader/markdown-loader.d.ts.map +1 -0
package/dist/skills/poc-md-loader/markdown-loader.js +125 -0
package/dist/skills/poc-md-loader/markdown-loader.js.map +1 -0
package/dist/skills/poc-md-loader/runner.d.ts +24 -0
package/dist/skills/poc-md-loader/runner.d.ts.map +1 -0
package/dist/skills/poc-md-loader/runner.js +57 -0
package/dist/skills/poc-md-loader/runner.js.map +1 -0
package/dist/skills/poc-md-loader/vitest.poc.config.d.ts +3 -0
package/dist/skills/poc-md-loader/vitest.poc.config.d.ts.map +1 -0
package/dist/skills/poc-md-loader/vitest.poc.config.js +13 -0
package/dist/skills/poc-md-loader/vitest.poc.config.js.map +1 -0
package/dist/skills/poc-md-loader/web-search/script.d.ts +33 -0
package/dist/skills/poc-md-loader/web-search/script.d.ts.map +1 -0
package/dist/skills/poc-md-loader/web-search/script.js +75 -0
package/dist/skills/poc-md-loader/web-search/script.js.map +1 -0
package/dist/skills/record-outcome.d.ts +4 -4
package/dist/skills/send-email.d.ts.map +1 -1
package/dist/skills/send-email.js +15 -3
package/dist/skills/send-email.js.map +1 -1
package/dist/skills/slack-notify.d.ts +4 -4
package/dist/skills/starknet-balance.d.ts +1 -1
package/dist/skills/telegram-notify.d.ts +4 -4
package/dist/skills/web-search.d.ts +1 -1
package/dist/testing/index.d.ts +3 -0
package/dist/testing/test-brain-port.d.ts +4 -0
package/dist/testing/test-brain-port.d.ts.map +1 -1
package/dist/testing/test-brain-port.js +75 -20
package/dist/testing/test-brain-port.js.map +1 -1
package/dist/testing/test-event-bus.d.ts.map +1 -1
package/dist/testing/test-event-bus.js +89 -36
package/dist/testing/test-event-bus.js.map +1 -1
package/dist/trace/schema.d.ts +1 -1
package/dist/trace/schema.d.ts.map +1 -1
package/dist/trace/schema.js +1 -1
package/dist/trace/schema.js.map +1 -1
package/dist/verify/formal/index.d.ts +44 -0
package/dist/verify/formal/index.d.ts.map +1 -0
package/dist/verify/formal/index.js +98 -0
package/dist/verify/formal/index.js.map +1 -0
package/dist/verify/formal/policy.d.ts +105 -0
package/dist/verify/formal/policy.d.ts.map +1 -0
package/dist/verify/formal/policy.js +159 -0
package/dist/verify/formal/policy.js.map +1 -0
package/dist/verify/formal/result.d.ts +50 -0
package/dist/verify/formal/result.d.ts.map +1 -0
package/dist/verify/formal/result.js +21 -0
package/dist/verify/formal/result.js.map +1 -0
package/dist/verify/formal/solver.d.ts +67 -0
package/dist/verify/formal/solver.d.ts.map +1 -0
package/dist/verify/formal/solver.js +184 -0
package/dist/verify/formal/solver.js.map +1 -0
package/dist/verify/formal/spec-language.d.ts +80 -0
package/dist/verify/formal/spec-language.d.ts.map +1 -0
package/dist/verify/formal/spec-language.js +219 -0
package/dist/verify/formal/spec-language.js.map +1 -0
package/docs/attestation.md +199 -0
package/docs/identity.md +193 -0
package/package.json +34 -17
package/src/adapters/llm/anthropic-direct.ts +51 -0
package/src/adapters/llm/cascade.ts +64 -19
package/src/adapters/llm/litellm.ts +49 -0
package/src/compute/difficulty-estimator.ts +111 -0
package/src/compute/strategies/mixture-of-agents.ts +150 -0
package/src/compute/strategies/tree-of-thoughts.ts +293 -0
package/src/compute/strategies/two-phase-orient.ts +147 -0
package/src/container/protocol.ts +243 -0
package/src/container/runtime.ts +424 -0
package/src/db/migrations/026_formal_verify_results.sql +30 -0
package/src/identity/agent-persona.ts +203 -0
package/src/identity/persona-prompt.ts +84 -0
package/src/identity/persona-schema.ts +127 -0
package/src/index.ts +338 -1
package/src/memory/episodic-rrf.ts +224 -0
package/src/mesh/attenuation.ts +190 -0
package/src/mesh/delegate.ts +254 -0
package/src/mesh/dispatcher.ts +301 -0
package/src/mesh/index.ts +39 -0
package/src/mesh/types.ts +31 -0
package/src/orchestration/ooda/skills.ts +177 -0
package/src/ports/bastion-action.contract.test.ts +355 -0
package/src/ports/bastion-action.ts +198 -0
package/src/ports/brain.ts +177 -15
package/src/ports/citadel-action.contract.test.ts +430 -0
package/src/ports/citadel-action.ts +174 -0
package/src/ports/compliance-contract.ts +191 -0
package/src/ports/db.ts +98 -0
package/src/ports/delegation.contract.test.ts +428 -0
package/src/ports/delegation.ts +211 -0
package/src/ports/event-bus.ts +133 -0
package/src/ports/federation.contract.test.ts +355 -0
package/src/ports/federation.ts +190 -0
package/src/ports/index.ts +186 -1
package/src/ports/llm-provider.ts +123 -0
package/src/ports/logger.ts +104 -0
package/src/ports/manifest-registry.contract.test.ts +324 -0
package/src/ports/manifest-registry.ts +188 -0
package/src/ports/observability.contract.test.ts +315 -0
package/src/ports/observability.ts +150 -0
package/src/ports/outcome.ts +69 -0
package/src/ports/privacy.contract.test.ts +413 -0
package/src/ports/privacy.ts +207 -0
package/src/ports/tenant-context.contract.test.ts +454 -0
package/src/ports/tenant-context.ts +150 -0
package/src/ports/vauban-finance-action.contract.test.ts +335 -0
package/src/ports/vauban-finance-action.ts +166 -0
package/src/ports/workflow-runtime.ts +327 -0
package/src/proof/cert-verify.ts +249 -0
package/src/replay/replay.ts +11 -8
package/src/retry/index.ts +227 -0
package/src/retry/presets.ts +75 -0
package/src/skill-loop/ab-runner.ts +196 -0
package/src/skill-loop/adoption.ts +188 -0
package/src/skill-loop/candidate.ts +75 -0
package/src/skill-loop/evaluator.ts +238 -0
package/src/skill-loop/index.ts +51 -0
package/src/skill-loop/reflexion-replay.ts +173 -0
package/src/skill-loop/sign-off.ts +247 -0
package/src/skill-loop/value-metric.ts +120 -0
package/src/skill-loop/versioning.ts +75 -0
package/src/skill-manifest/anchor.ts +401 -0
package/src/skill-manifest/builder.ts +129 -0
package/src/skill-manifest/index.ts +18 -0
package/src/skill-manifest/types.ts +72 -0
package/src/skill-manifest/verifier.ts +198 -0
package/src/skills/errors.ts +30 -2
package/src/skills/index.ts +19 -0
package/src/skills/markdown/loader.ts +129 -0
package/src/skills/markdown/schema.ts +144 -0
package/src/skills/poc-md-loader/e2e-parity.test.ts +237 -0
package/src/skills/poc-md-loader/markdown-loader.ts +161 -0
package/src/skills/poc-md-loader/runner.ts +82 -0
package/src/skills/poc-md-loader/vitest.poc.config.ts +13 -0
package/src/skills/poc-md-loader/web-search/SKILL.md +42 -0
package/src/skills/poc-md-loader/web-search/script.ts +109 -0
package/src/skills/send-email.ts +15 -3
package/src/testing/test-brain-port.ts +98 -24
package/src/testing/test-event-bus.ts +104 -43
package/src/trace/schema.ts +1 -1
package/src/verify/formal/index.ts +154 -0
package/src/verify/formal/policy.ts +253 -0
package/src/verify/formal/result.ts +52 -0
package/src/verify/formal/solver.ts +235 -0
package/src/verify/formal/spec-language.ts +274 -0

package/src/skill-manifest/verifier.ts ADDED Viewed

@@ -0,0 +1,198 @@
+/**
+ * Skill Lineage Manifest — verifier (sprint-586).
+ *
+ * Zero external dependency verifier — mirrors vauban-claim-verifier philosophy.
+ *
+ * Verification checks:
+ *   1. replayRootMatches  — SHA-256(replaySnapshot) === manifest.trainingReplayRoot
+ *   2. poseidonHashValid  — computeManifestHash(manifest) === manifest.poseidonHash
+ *   3. tsaAnchorValid     — verifyTsaAnchor(manifest) (skipped if no tsaToken)
+ *   4. starknetAnchorValid — merkle inclusion via AnchorWitness (if provided)
+ *
+ * A 1-byte tamper in replaySnapshot causes check 1 to fail.
+ * All checks run independently; errors array collects all failures.
+ *
+ * @module skill-manifest/verifier
+ */
+import { createHash } from "node:crypto";
+import { computeManifestHash } from "./builder.js";
+import { verifyTsaAnchor } from "./anchor.js";
+import { verifyProofInclusion } from "../proof/index.js";
+import type { SkillManifest, AnchorWitness } from "./types.js";
+// ─── ManifestVerifyResult ────────────────────────────────────────────────────
+export interface ManifestVerifyResult {
+  /** Overall validity — true only if all applicable checks pass. */
+  valid: boolean;
+  /** SHA-256(replaySnapshot) === manifest.trainingReplayRoot */
+  replayRootMatches: boolean;
+  /** Poseidon commitment over manifest fields matches stored poseidonHash */
+  poseidonHashValid: boolean;
+  /** RFC 3161 TSA token structurally verifiable (false if no tsaToken) */
+  tsaAnchorValid: boolean;
+  /** Merkle inclusion proof valid (false if no witness or witness.type='none') */
+  starknetAnchorValid: boolean;
+  /** Grade propagated from the manifest (informational). */
+  grade: SkillManifest["grade"];
+  /** Human-readable error messages for every failed check. */
+  errors: string[];
+}
+// ─── helpers ─────────────────────────────────────────────────────────────────
+function sha256Hex(input: string | Buffer): string {
+  const data = typeof input === "string" ? Buffer.from(input, "utf8") : input;
+  return createHash("sha256").update(data).digest("hex");
+}
+/**
+ * Normalise hex strings for comparison: strip "0x" prefix, lowercase.
+ */
+function normaliseHex(h: string): string {
+  return (h.startsWith("0x") ? h.slice(2) : h).toLowerCase();
+}
+// ─── verifyManifest ───────────────────────────────────────────────────────────
+/**
+ * Verify a SkillManifest against the original training replay snapshot.
+ *
+ * @param manifest         - Manifest to verify.
+ * @param replaySnapshot   - Original training trace bytes (same input used in buildManifest).
+ * @param starknetWitness  - Optional Merkle inclusion witness from the Starknet anchor.
+ */
+export function verifyManifest(
+  manifest: SkillManifest,
+  replaySnapshot: string | Buffer,
+  starknetWitness?: AnchorWitness
+): ManifestVerifyResult {
+  const errors: string[] = [];
+  // ── Check 1: replay root integrity ──────────────────────────────────────────
+  const recomputedRoot = sha256Hex(
+    typeof replaySnapshot === "string"
+      ? Buffer.from(replaySnapshot, "utf8")
+      : replaySnapshot
+  );
+  const replayRootMatches =
+    normaliseHex(recomputedRoot) === normaliseHex(manifest.trainingReplayRoot);
+  if (!replayRootMatches) {
+    errors.push(
+      `replayRoot mismatch: expected ${manifest.trainingReplayRoot}, got ${recomputedRoot}`
+    );
+  }
+  // ── Check 2: Poseidon hash validity ──────────────────────────────────────────
+  let poseidonHashValid = false;
+  try {
+    const recomputed = computeManifestHash({
+      skillId: manifest.skillId,
+      version: manifest.version,
+      domain: manifest.domain,
+      trainingReplayRoot: manifest.trainingReplayRoot,
+    });
+    poseidonHashValid =
+      normaliseHex(recomputed) === normaliseHex(manifest.poseidonHash);
+    if (!poseidonHashValid) {
+      errors.push(
+        `poseidonHash mismatch: expected ${manifest.poseidonHash}, got ${recomputed}`
+      );
+    }
+  } catch (err) {
+    errors.push(
+      `poseidonHash computation failed: ${
+        err instanceof Error ? err.message : String(err)
+      }`
+    );
+  }
+  // ── Check 3: TSA anchor ───────────────────────────────────────────────────────
+  const tsaAnchorValid = manifest.tsaToken ? verifyTsaAnchor(manifest) : false;
+  if (manifest.tsaToken && !tsaAnchorValid) {
+    errors.push("tsaAnchor invalid: token present but verification failed");
+  }
+  // ── Check 4: Starknet Merkle inclusion ──────────────────────────────────────
+  let starknetAnchorValid = false;
+  if (starknetWitness && starknetWitness.type === "starknet") {
+    try {
+      // proof field: comma-separated Merkle siblings (hex)
+      const siblings =
+        starknetWitness.proof.length > 0
+          ? starknetWitness.proof.split(",").map((s) => s.trim())
+          : [];
+      const leafFelt = manifest.poseidonHash.startsWith("0x")
+        ? manifest.poseidonHash.slice(2)
+        : manifest.poseidonHash;
+      // We need a root to verify against; derive it from the first sibling
+      // if the proof is a single-leaf tree (leaf === root).
+      if (siblings.length === 0) {
+        // Degenerate tree: leaf is the root — valid if leaf is consistent.
+        starknetAnchorValid = leafFelt.length > 0;
+      } else {
+        // verifyProofInclusion: leaf + proof[] → recomputed root must match
+        // the last sibling used as root sentinel in single-layer proofs.
+        // For multi-layer proofs the root must be provided externally.
+        // We use the witness.proof first element as root when siblings.length === 1.
+        const root = siblings[siblings.length - 1];
+        const proofSiblings = siblings.slice(0, -1);
+        starknetAnchorValid = verifyProofInclusion(
+          leafFelt,
+          proofSiblings,
+          root
+        );
+      }
+      if (!starknetAnchorValid) {
+        errors.push("starknetAnchor: Merkle inclusion proof failed");
+      }
+    } catch (err) {
+      errors.push(
+        `starknetAnchor verification error: ${
+          err instanceof Error ? err.message : String(err)
+        }`
+      );
+    }
+  } else if (starknetWitness && starknetWitness.type === "tsa") {
+    // TSA witness — treat as tsaAnchorValid supplement (already checked above).
+    starknetAnchorValid = false;
+  }
+  // type === 'none' or no witness → starknetAnchorValid remains false (expected).
+  // ── Grade propagation ─────────────────────────────────────────────────────────
+  const grade = manifest.grade;
+  // Warn about unanchored grade in errors (non-fatal, but caller should know).
+  if (grade === "unanchored") {
+    errors.push(
+      "grade=unanchored: manifest has no anchor — development/testing only"
+    );
+  }
+  // ── Overall validity ──────────────────────────────────────────────────────────
+  // An anchored manifest is valid when the integrity checks pass.
+  // For unanchored: valid = replayRootMatches && poseidonHashValid only.
+  const anchorErrors = errors.filter(
+    (e) =>
+      e.startsWith("tsa") ||
+      e.startsWith("starknet") ||
+      e.startsWith("grade=unanchored")
+  );
+  const integrityErrors = errors.filter((e) => !anchorErrors.includes(e));
+  const valid = integrityErrors.length === 0;
+  return {
+    valid,
+    replayRootMatches,
+    poseidonHashValid,
+    tsaAnchorValid,
+    starknetAnchorValid,
+    grade,
+    errors,
+  };
+}

package/src/skills/errors.ts CHANGED Viewed

@@ -13,7 +13,9 @@ export class SkillNotConfiguredError extends Error {
   readonly missingEnv: readonly string[];
   constructor(skillName: string, missingEnv: readonly string[]) {
     super(
-      `Skill '${skillName}' not configured: missing env ${missingEnv.join(", ")}`,
+      `Skill '${skillName}' not configured: missing env ${missingEnv.join(
+        ", "
+      )}`
     );
     this.name = "SkillNotConfiguredError";
     this.skillName = skillName;
@@ -28,7 +30,7 @@ export class SkillExecutionError extends Error {
   constructor(
     skillName: string,
     message: string,
-    opts?: { status?: number; cause?: unknown },
+    opts?: { status?: number; cause?: unknown }
   ) {
     super(`Skill '${skillName}' failed: ${message}`);
     this.name = "SkillExecutionError";
@@ -57,3 +59,29 @@ export class HttpFetchAllowlistError extends Error {
     this.host = host;
   }
 }
+export class SkillMdParseError extends Error {
+  readonly filePath: string;
+  constructor(filePath: string, reason: string) {
+    super(`SKILL.md at ${filePath}: ${reason}`);
+    this.name = "SkillMdParseError";
+    this.filePath = filePath;
+  }
+}
+export class SkillMdValidationError extends Error {
+  readonly filePath: string;
+  readonly issues: ReadonlyArray<{ path: string; message: string }>;
+  constructor(
+    filePath: string,
+    issues: ReadonlyArray<{ path: string; message: string }>
+  ) {
+    const summary = issues
+      .map((i) => `${i.path || "(root)"}: ${i.message}`)
+      .join("; ");
+    super(`SKILL.md at ${filePath}: invalid frontmatter — ${summary}`);
+    this.name = "SkillMdValidationError";
+    this.filePath = filePath;
+    this.issues = issues;
+  }
+}

package/src/skills/index.ts CHANGED Viewed

@@ -18,8 +18,27 @@ export {
   SkillExecutionError,
   SqlReadOnlyViolation,
   HttpFetchAllowlistError,
+  SkillMdParseError,
+  SkillMdValidationError,
 } from "./errors.js";
+// SKILL.md loader (agentskills.io standard) — ADR-ECO-034
+export {
+  loadSkillMd,
+  parseSkillMd,
+  toDiscoveryEntry,
+  type ParsedSkillFile,
+} from "./markdown/loader.js";
+export {
+  SkillManifestSchema,
+  resolveTier,
+  parseAllowedTools,
+  type SkillManifest,
+  type VaubanSkillTier,
+  type VaubanBiscuitScope,
+  type VaubanAuditStatus,
+} from "./markdown/schema.js";
 export { webSearch } from "./web-search.js";
 export type { WebSearchOutput, WebSearchResult } from "./web-search.js";

package/src/skills/markdown/loader.ts ADDED Viewed

@@ -0,0 +1,129 @@
+/**
+ * SKILL.md loader — agentskills.io standard parser.
+ *
+ * Reads a SKILL.md file, splits frontmatter from body, parses YAML via the
+ * `yaml` package (battle-tested), validates against `SkillManifestSchema`,
+ * and returns a typed `ParsedSkillFile`.
+ *
+ * Constraints:
+ *   - No new npm deps (uses `yaml` already in package.json).
+ *   - Frontmatter delimiters: `---\n` ... `\n---\n`.
+ *   - Body returned verbatim (markdown — no rendering).
+ *   - Validation errors are typed (SkillMdParseError / SkillMdValidationError).
+ *
+ * Progressive disclosure tiers (per agentskills.io spec):
+ *   - Discovery   (~100 tok) — name + description only
+ *   - Pre-activate (~500 tok) — full frontmatter + body excerpt
+ *   - Activate    — full body (≤8000 tok recommended)
+ *
+ * Spec reference: https://agentskills.io/specification
+ * @see ADR-ECO-034 — skills TS↔MD coexistence
+ * @public
+ */
+import { readFile } from "node:fs/promises";
+import { parse as parseYaml } from "yaml";
+import { SkillMdParseError, SkillMdValidationError } from "../errors.js";
+import {
+  type SkillManifest,
+  SkillManifestSchema,
+  type VaubanSkillTier,
+  resolveTier,
+} from "./schema.js";
+// `---` at line start, then arbitrary content, then `---` at line start. Body follows.
+const FRONTMATTER_RE = /^---\r?\n([\s\S]*?)\r?\n---\r?\n?([\s\S]*)$/;
+export interface ParsedSkillFile {
+  manifest: SkillManifest;
+  body: string;
+  tier: VaubanSkillTier;
+  /** Tokens (rough heuristic ~4 chars/token) for progressive disclosure. */
+  bodyTokens: number;
+}
+/**
+ * Load and parse a SKILL.md file from disk.
+ *
+ * @throws SkillMdParseError    when frontmatter delimiters are missing or YAML is invalid
+ * @throws SkillMdValidationError when frontmatter fails Zod schema validation
+ */
+export async function loadSkillMd(filePath: string): Promise<ParsedSkillFile> {
+  const raw = await readFile(filePath, "utf-8");
+  return parseSkillMd(raw, filePath);
+}
+/**
+ * Parse SKILL.md content from a string (in-memory). Useful for tests and
+ * embedded skills.
+ */
+export function parseSkillMd(
+  raw: string,
+  source = "<inline>"
+): ParsedSkillFile {
+  const match = raw.match(FRONTMATTER_RE);
+  if (!match) {
+    throw new SkillMdParseError(
+      source,
+      "missing or malformed frontmatter (expected '---' delimiters on first line)"
+    );
+  }
+  const [, frontmatterText, body] = match;
+  let parsed: unknown;
+  try {
+    parsed = parseYaml(frontmatterText);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    throw new SkillMdParseError(source, `YAML parse error — ${message}`);
+  }
+  if (parsed == null || typeof parsed !== "object" || Array.isArray(parsed)) {
+    throw new SkillMdParseError(
+      source,
+      "frontmatter must be a YAML object (got " +
+        (parsed === null
+          ? "null"
+          : Array.isArray(parsed)
+          ? "array"
+          : typeof parsed) +
+        ")"
+    );
+  }
+  const result = SkillManifestSchema.safeParse(parsed);
+  if (!result.success) {
+    throw new SkillMdValidationError(
+      source,
+      result.error.issues.map((i) => ({
+        path: i.path.join("."),
+        message: i.message,
+      }))
+    );
+  }
+  const manifest = result.data;
+  const trimmedBody = body.trim();
+  return {
+    manifest,
+    body: trimmedBody,
+    tier: resolveTier(manifest),
+    bodyTokens: Math.ceil(trimmedBody.length / 4),
+  };
+}
+/**
+ * Produce the "discovery" projection (~100 tokens): name + description only.
+ * Used by the catalogue / progressive disclosure layer to keep startup cost low.
+ */
+export function toDiscoveryEntry(parsed: ParsedSkillFile): {
+  name: string;
+  description: string;
+  tier: VaubanSkillTier;
+} {
+  return {
+    name: parsed.manifest.name,
+    description: parsed.manifest.description,
+    tier: parsed.tier,
+  };
+}

package/src/skills/markdown/schema.ts ADDED Viewed

@@ -0,0 +1,144 @@
+/**
+ * SKILL.md frontmatter schema — agentskills.io standard + Vauban extensions.
+ *
+ * Standard fields (agentskills.io spec):
+ *   - `name`         1-64 chars, kebab-case
+ *   - `description`  1-1024 chars
+ *   - `license`      free-text (optional)
+ *   - `compatibility` free-text (optional, e.g. "Requires STARKNET_RPC_URL")
+ *   - `allowed-tools` space-separated string, e.g. "Bash(curl:*) Bash(jq:*) Read"
+ *   - `metadata`     arbitrary k/v map (per spec — extension surface)
+ *
+ * Vauban extensions live UNDER `metadata` (spec-compliant — ignored gracefully
+ * by other agentskills.io-conforming tools). Namespaced as `vauban.*` keys
+ * for clarity:
+ *   - `metadata.vauban.tier`           "official" | "verified" | "unverified"
+ *   - `metadata.vauban.subagent`       agent id this skill belongs to
+ *   - `metadata.vauban.model-hint`     suggested LLM (forwarded to EconomyRouter)
+ *   - `metadata.vauban.proof.poseidon_hash`  hex
+ *   - `metadata.vauban.proof.tsa_token`      base64 RFC3161
+ *   - `metadata.vauban.proof.starknet_tx`    hex
+ *   - `metadata.vauban.biscuit.required_caps` array of capability strings
+ *   - `metadata.vauban.biscuit.max_scope`     "project" | "session" | "global"
+ *   - `metadata.vauban.audit_status`   "approved" | "review" | "rejected"
+ *
+ * Spec reference: https://agentskills.io/specification
+ * @see ADR-ECO-034 — skills TS↔MD coexistence
+ * @public
+ */
+import { z } from "zod";
+// ── Vauban metadata extension schemas ────────────────────────────────────────
+export const VaubanSkillTier = z.enum(["official", "verified", "unverified"]);
+export type VaubanSkillTier = z.infer<typeof VaubanSkillTier>;
+export const VaubanBiscuitScope = z.enum(["project", "session", "global"]);
+export type VaubanBiscuitScope = z.infer<typeof VaubanBiscuitScope>;
+export const VaubanAuditStatus = z.enum(["approved", "review", "rejected"]);
+export type VaubanAuditStatus = z.infer<typeof VaubanAuditStatus>;
+const VaubanProofExtensionSchema = z
+  .object({
+    poseidon_hash: z
+      .string()
+      .regex(/^0x[0-9a-fA-F]+$/)
+      .optional(),
+    tsa_token: z.string().optional(),
+    starknet_tx: z
+      .string()
+      .regex(/^0x[0-9a-fA-F]+$/)
+      .optional(),
+    anchored_at: z.string().datetime().optional(),
+  })
+  .strict()
+  .partial();
+const VaubanBiscuitExtensionSchema = z
+  .object({
+    required_caps: z.array(z.string()).optional(),
+    max_scope: VaubanBiscuitScope.optional(),
+  })
+  .strict()
+  .partial();
+const VaubanExtensionSchema = z
+  .object({
+    tier: VaubanSkillTier.optional(),
+    subagent: z.string().optional(),
+    "model-hint": z.string().optional(),
+    proof: VaubanProofExtensionSchema.optional(),
+    biscuit: VaubanBiscuitExtensionSchema.optional(),
+    audit_status: VaubanAuditStatus.optional(),
+    observability_metric: z.string().optional(),
+  })
+  .strict()
+  .partial();
+// ── Generic metadata (per agentskills.io: arbitrary k/v) ─────────────────────
+const StandardMetadataKnownKeys = z
+  .object({
+    version: z.string().optional(),
+    category: z.string().optional(),
+    tags: z.union([z.string(), z.array(z.string())]).optional(),
+    author: z.string().optional(),
+    "env-required": z.string().optional(),
+    "env-mode": z.enum(["all", "at-least-one"]).optional(),
+    vauban: VaubanExtensionSchema.optional(),
+  })
+  .partial();
+const MetadataSchema = StandardMetadataKnownKeys.passthrough();
+// ── Top-level SKILL.md frontmatter schema ────────────────────────────────────
+const KEBAB_CASE = /^[a-z0-9][a-z0-9-]*$/;
+export const SkillManifestSchema = z
+  .object({
+    name: z
+      .string()
+      .min(1, "name must be 1-64 chars")
+      .max(64, "name must be 1-64 chars")
+      .regex(
+        KEBAB_CASE,
+        "name must be kebab-case (lowercase, digits, hyphens)"
+      ),
+    description: z
+      .string()
+      .min(1, "description must be 1-1024 chars")
+      .max(1024, "description must be 1-1024 chars"),
+    license: z.string().optional(),
+    compatibility: z.string().optional(),
+    "allowed-tools": z.string().optional(),
+    metadata: MetadataSchema.optional(),
+  })
+  .strict();
+export type SkillManifest = z.infer<typeof SkillManifestSchema>;
+// ── Helpers ───────────────────────────────────────────────────────────────────
+/**
+ * Resolve the Vauban tier from a manifest, defaulting to `unverified` per
+ * the trust-stratification rule: any skill without an explicit tier MUST be
+ * sandboxed as community-untrusted.
+ */
+export function resolveTier(manifest: SkillManifest): VaubanSkillTier {
+  return manifest.metadata?.vauban?.tier ?? "unverified";
+}
+/**
+ * Parse the space-separated `allowed-tools` string into an array. Empty string
+ * returns []. Whitespace runs collapse. Examples:
+ *   "Bash(curl:*) Read"      → ["Bash(curl:*)", "Read"]
+ *   "Bash(curl:*)  Bash(jq)" → ["Bash(curl:*)", "Bash(jq)"]
+ */
+export function parseAllowedTools(manifest: SkillManifest): string[] {
+  const raw = manifest["allowed-tools"];
+  if (!raw) return [];
+  return raw.split(/\s+/).filter((s) => s.length > 0);
+}