@vitronai/alethia 0.3.8 → 0.3.9

package/README.md

@@ -3,9 +3,11 @@
 > **The MIT-licensed MCP bridge to Alethia** — the patent-pending zero-IPC E2E test runtime built for AI agents.
 > **45× faster than Playwright** on the localhost test loop. Fail-closed by default. Cryptographically chained audit packs. **Local-first. Zero telemetry by default. Opt-in cloud.**
 
-[![npm version](https://img.shields.io/npm/v/@vitronai/alethia.svg)](https://www.npmjs.com/package/@vitronai/alethia)
-[![License: MIT](https://img.shields.io/badge/bridge-MIT-green.svg)](./LICENSE)
-[![Patent Pending](https://img.shields.io/badge/runtime-Patent%20Pending-blue.svg)](#patent-notice)
+[![npm version](https://img.shields.io/npm/v/@vitronai/alethia.svg?logo=npm&logoColor=white)](https://www.npmjs.com/package/@vitronai/alethia)
+[![License: MIT](https://img.shields.io/badge/bridge-MIT-green.svg?logo=opensourceinitiative&logoColor=white)](./LICENSE)
+[![Patent Pending](https://img.shields.io/badge/runtime-Patent%20Pending-blue.svg?logo=shield&logoColor=white)](#patent-notice)
+[![GitHub](https://img.shields.io/badge/source-GitHub-1f2328.svg?logo=github&logoColor=white)](https://github.com/vitron-ai/alethia-mcp)
+[![Tessl](https://img.shields.io/badge/Tessl-Registry-5fb4f7.svg)](https://tessl.io/registry/vitron-ai/alethia)
 
 ---
 
@@ -125,9 +127,36 @@ After saving the config, restart your MCP client.
 
 Once configured, your agent has the full Alethia tool suite available. The most common one:
 
-> *"Use alethia_tell to navigate to file:///path/to/app.html, click the Sign In button, and assert the dashboard heading is visible."*
+> *"Use alethia_tell to navigate to the incident response page, assert the critical alert is visible, click Acknowledge, and assert it changed to Acknowledged."*
 
-The agent calls `alethia_tell` with plain English. Alethia compiles it to Action IR, runs each step through the VITRON-EA1 policy gate, and returns a `PlanRun` with per-step results, DOM diffs, a semantic page snapshot, policy audit records, and a SHA-256 integrity hash.
+The agent calls `alethia_tell` with plain English. Alethia compiles it to Action IR, runs each step through the VITRON-EA1 policy gate, and returns per-step results, DOM diffs (what changed), a semantic page snapshot, policy audit records, and a SHA-256 integrity hash.
+
+---
+
+## Demos
+
+This package ships with ready-to-use demo pages in the `demo/` folder. Each page showcases different Alethia capabilities — copy the prompt into Claude Code, Cursor, or any MCP client:
+
+| Demo | What it shows |
+|---|---|
+| `incident-response.html` | Defense / SOC — triage active cyber incident, EA1 blocks network isolation |
+| `threat-intel.html` | Intelligence / CTI — APT tracking, IOC blocking, MITRE ATT&CK correlation |
+| `crypto-readiness.html` | Cybersecurity / PQC — post-quantum migration, certificate revocation |
+| `agent-oversight.html` | AI Safety — autonomous agent monitoring, kill switch, policy violations |
+| `admin-panel.html` | Defense / Classified — TS/SCI admin, EA1 blocks user deletion |
+| `financial-dashboard.html` | Finance / Trading — risk monitor, compliance checks, EA1 blocks liquidation |
+
+Find the demos at:
+```bash
+# Global install
+ls $(npm root -g)/@vitronai/alethia/demo/
+
+# Or clone the source
+git clone https://github.com/vitron-ai/alethia-mcp.git
+ls alethia-mcp/demo/
+```
+
+Full prompts for each demo: [`demo/README.md`](./demo/README.md)
 
 ---
 
@@ -137,10 +166,10 @@ The agent calls `alethia_tell` with plain English. Alethia compiles it to Action
 Execute natural-language test instructions. The headline tool.
 
 ```
-nlp: "navigate to file:///path/to/app.html
-      type test@example.com into the email field
-      click Sign In
-      assert the dashboard heading is visible"
+nlp: "navigate to file:///path/to/demo/incident-response.html
+      assert CRITICAL INCIDENT ACTIVE is visible
+      click Acknowledge
+      assert Acknowledged is visible"
 ```
 
 Returns a `PlanRun`:
@@ -196,7 +225,7 @@ Evaluate a JavaScript expression in the page under test and return the result. R
            │ HTTP POST 127.0.0.1:47432 (loopback only, never networked)
            ↓
 ┌────────────────────────┐
-│  Alethia runtime   │  Desktop runtime — main process
+│  Alethia runtime       │  Main process — proprietary, patent pending
 │  local JSON-RPC server │  - tools/list, tools/call
 └──────────┬─────────────┘  - loopback bind, never reachable from network
            │ in-process JS bridge

package/demo/README.md

@@ -1,74 +1,58 @@
-# Alethia Demo Pages
+# Alethia Demos
 
-Ready-to-use local HTML pages for testing Alethia. Open any page in your browser or drive it with `alethia_tell`.
+Real-world scenarios for defense, intelligence, financial, and AI safety environments. Every demo showcases EA1 policy enforcement on actions that matter — network isolation, certificate revocation, agent kill switches, portfolio liquidation.
 
-## Pages
+## Scenarios
 
-| Page | What it tests | Key features shown |
+| Demo | Domain | What it proves |
 |---|---|---|
-| `signup-form.html` | Login flow with validation | Navigate, type, click, assert, error detection, DOM diffs |
-| `todo-app.html` | Dynamic list add/delete | Type, click, assert, list awareness in snapshots |
-| `ecommerce.html` | Add to cart → checkout | EA1 policy gate blocks purchase (write-high) |
-| `spa-loading.html` | Async data loading (2s delay) | Page readiness detection, MutationObserver wait-for |
-| `cookie-banner.html` | Cookie consent + newsletter | Conditional steps ("if banner exists, click Accept") |
-| `form-validation.html` | Multi-field validation | Smart assertions, error detection, suggested fixes |
-| `admin-panel.html` | Classified admin system | EA1 blocks user deletion (write-high), audit trail, modal handling |
-| `financial-dashboard.html` | Trading risk monitor | Compliance checks, EA1 blocks trades (write-high), data verification |
+| `incident-response.html` | Defense / SOC | Triage active cyber incident — lateral movement, credential dump, network isolation |
+| `threat-intel.html` | Intelligence / CTI | Threat intelligence platform — APT tracking, IOC blocking, MITRE ATT&CK correlation |
+| `crypto-readiness.html` | Cybersecurity / PQC | Post-quantum cryptographic readiness — certificate revocation, algorithm migration |
+| `agent-oversight.html` | AI Safety | Monitor autonomous agents — kill switch, policy violations, human-in-the-loop approval |
+| `admin-panel.html` | Defense / Classified | Classified admin system (TS/SCI) — user management, deletion blocked by EA1 |
+| `financial-dashboard.html` | Finance / Trading | Risk monitor — margin warnings, compliance checks, liquidation blocked by EA1 |
 
 ## Prompts
 
-### Login flow (signup-form.html)
+### Incident Response — Active Cyber Attack
 ```
-Use alethia_tell to navigate to file:///PATH/demo/signup-form.html, click Sign In without filling anything in and assert the error message appears, then type admin@acme.com into email, type secret123 into password with allowSensitiveInput true, click Sign In, and assert "Welcome back!" is visible.
+Use alethia_tell to navigate to file:///PATH/demo/incident-response.html. Assert "CRITICAL INCIDENT ACTIVE" is visible. How many alerts are there and what are their severity levels? What MITRE ATT&CK techniques are referenced? Acknowledge the credential dump alert. Then try to isolate WORKSTATION-14 from the network and report what EA1 decides.
 ```
 
-### Todo list (todo-app.html)
+### Threat Intelligence — APT Tracking
 ```
-Use alethia_tell to navigate to file:///PATH/demo/todo-app.html, type "Ship v1" into the task input, click Add, type "Record demo" into the task input, click Add, type "Send cold DMs" into the task input, click Add, and assert all three items appear in the list.
+Use alethia_tell to navigate to file:///PATH/demo/threat-intel.html. Assert the threat level is ELEVATED. What threat actors are being tracked? List the IOCs. How many correlated detections are there and what's the highest confidence one? Try to block all IOCs at the perimeter and report what the policy gate does.
 ```
 
-### EA1 policy gate (ecommerce.html)
+### Post-Quantum Crypto Readiness
 ```
-Use alethia_tell to navigate to file:///PATH/demo/ecommerce.html, click "Add to Cart" on the Wireless Keyboard, click "Add to Cart" on the USB-C Hub, assert the cart shows both items, then click "Complete Purchase" and tell me what the policy gate does.
+Use alethia_tell to navigate to file:///PATH/demo/crypto-readiness.html. What's the overall PQC readiness score? How many systems are still using deprecated algorithms? Which certificates are at risk? Try to revoke the RSA certificates for mail.agency.gov and tell me what EA1 decides.
 ```
 
-### Page readiness / SPA loading (spa-loading.html)
+### Agent Oversight — Autonomous System Monitor
 ```
-Use alethia_tell to navigate to file:///PATH/demo/spa-loading.html and assert "1,247" is visible. The page has a 2-second loading spinner — Alethia should wait for it automatically.
+Use alethia_tell to navigate to file:///PATH/demo/agent-oversight.html. How many agents are active? Which one is flagged and why? Check the EA1 policy decisions — how many write-high actions were blocked? Try to halt the deploy-agent-prod and report what happens.
 ```
 
-### Conditional steps / cookie banner (cookie-banner.html)
+### Classified Admin Panel
 ```
-Use alethia_tell to navigate to file:///PATH/demo/cookie-banner.html. If the cookie banner exists, click Accept. Then type hello@test.com into the email field and click Subscribe. Assert "Subscribed!" is visible.
+Use alethia_tell to navigate to file:///PATH/demo/admin-panel.html. Assert the classification banner says "TOP SECRET // SCI". How many users are listed and what are their clearance levels? Try to delete Lt. Marcus Webb and report what EA1 decides.
 ```
 
-### Form validation / smart assertions (form-validation.html)
+### Financial Risk Monitor
 ```
-Use alethia_tell to navigate to file:///PATH/demo/form-validation.html and click Send Message without filling anything. Check what validation errors appear. Then fill in: name "Jane Doe", email "jane@test.com", select "Partnership" for subject, type "I'd like to discuss integrating Alethia into our agent platform" as the message, and click Send Message. Assert "Message Sent!" is visible.
-```
-
-### Admin panel / defense (admin-panel.html)
-```
-Use alethia_tell to navigate to file:///PATH/demo/admin-panel.html. Assert the classification banner says "TOP SECRET // SCI". Check how many users are listed in the table. Then try to click "Delete" on Lt. Marcus Webb — tell me what the policy gate does. If the modal appears, try to click "Delete User" and report what EA1 decides.
-```
-
-### Financial risk monitor (financial-dashboard.html)
-```
-Use alethia_tell to navigate to file:///PATH/demo/financial-dashboard.html. Assert the risk level banner is visible. Check the margin used percentage. Verify the compliance checks — are any failing? Then try to click "Liquidate All" and tell me what the policy gate does.
+Use alethia_tell to navigate to file:///PATH/demo/financial-dashboard.html. Assert the risk level is visible. Assert "$4.2M" is visible. Assert "82%" is visible. Try to click "Liquidate All" and report what the policy gate does.
 ```
 
 ## Setup
 
-Replace `PATH` in the prompts above with the actual path to this demo folder:
+Replace `PATH` with the actual path to this folder:
 
 ```bash
-# Find your path
-npm root -g
-# The demos are at: <global_root>/@vitronai/alethia/demo/
-```
+# Global install
+ls $(npm root -g)/@vitronai/alethia/demo/
 
-Or clone the repo and use the local path:
-```bash
+# Or clone
 git clone https://github.com/vitron-ai/alethia-mcp.git
-# Demos at: /path/to/alethia-mcp/demo/
 ```

package/demo/agent-oversight.html

@@ -0,0 +1,237 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Agent Oversight — Autonomous System Monitor</title>
+  <style>
+    * { box-sizing: border-box; margin: 0; padding: 0; }
+    body { font-family: 'SF Mono', 'Fira Code', monospace; background: #080c14; color: #c8d6e5; min-height: 100vh; padding: 1rem; font-size: 0.85rem; }
+    .header { display: flex; justify-content: space-between; align-items: center; border-bottom: 1px solid #1a2744; padding-bottom: 0.8rem; margin-bottom: 1rem; }
+    h1 { font-size: 1.1rem; color: #e2e8f0; }
+    .system-status { display: flex; gap: 1.5rem; font-size: 0.75rem; color: #5a7a9e; }
+    .grid { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; }
+    .panel { background: #0d1525; border: 1px solid #1a2744; border-radius: 8px; padding: 1rem; }
+    .panel h2 { font-size: 0.85rem; color: #7eb8da; margin-bottom: 0.8rem; text-transform: uppercase; letter-spacing: 0.08em; }
+    .agent-card { background: #111d30; border: 1px solid #1a2744; border-radius: 6px; padding: 0.8rem; margin-bottom: 0.6rem; }
+    .agent-header { display: flex; justify-content: space-between; align-items: center; margin-bottom: 0.4rem; }
+    .agent-name { color: #e2e8f0; font-weight: 600; }
+    .agent-status { padding: 0.1rem 0.5rem; border-radius: 3px; font-size: 0.7rem; }
+    .status-running { background: #001a0a; color: #00cc66; border: 1px solid #00cc66; }
+    .status-flagged { background: #1a1400; color: #ffd700; border: 1px solid #ffd700; animation: pulse 2s ease-in-out infinite; }
+    @keyframes pulse { 0%, 100% { opacity: 1; } 50% { opacity: 0.6; } }
+    .status-halted { background: #1a0808; color: #ff4444; border: 1px solid #ff4444; }
+    .agent-detail { color: #5a7a9e; font-size: 0.75rem; line-height: 1.5; }
+    .agent-actions { display: flex; gap: 0.4rem; margin-top: 0.5rem; }
+    button { padding: 0.3rem 0.6rem; border-radius: 4px; border: 1px solid #1a2744; background: #111d30; color: #7eb8da; cursor: pointer; font: inherit; font-size: 0.75rem; }
+    .btn-review { border-color: #00bfff; color: #00bfff; }
+    .btn-halt { border-color: #ff4444; color: #ff4444; }
+    .btn-approve { border-color: #00cc66; color: #00cc66; }
+    .btn-rollback { border-color: #ff8c00; color: #ff8c00; }
+    .policy-row { display: flex; justify-content: space-between; padding: 0.4rem 0; border-bottom: 1px solid #111d30; }
+    .policy-pass { color: #00cc66; }
+    .policy-flag { color: #ffd700; }
+    .policy-block { color: #ff4444; }
+    .audit-entry { padding: 0.3rem 0; border-bottom: 1px solid #111d30; display: flex; gap: 0.6rem; font-size: 0.75rem; }
+    .audit-ts { color: #3a5570; min-width: 75px; }
+    .audit-agent { color: #7eb8da; min-width: 90px; }
+    .full-width { grid-column: 1 / -1; }
+    .metric-grid { display: grid; grid-template-columns: repeat(4, 1fr); gap: 0.6rem; margin-bottom: 1rem; }
+    .metric { background: #111d30; border: 1px solid #1a2744; border-radius: 6px; padding: 0.8rem; text-align: center; }
+    .metric-value { font-size: 1.4rem; font-weight: 700; color: #7eb8da; }
+    .metric-label { font-size: 0.7rem; color: #5a7a9e; margin-top: 0.2rem; }
+    .metric-value.critical { color: #ff4444; }
+    .metric-value.warning { color: #ffd700; }
+    .metric-value.good { color: #00cc66; }
+    .modal { display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.8); z-index: 100; align-items: center; justify-content: center; }
+    .modal.visible { display: flex; }
+    .modal-content { background: #0d1525; border: 1px solid #ff4444; border-radius: 8px; padding: 1.5rem; max-width: 460px; }
+    .modal-content h3 { color: #ff4444; margin-bottom: 0.6rem; }
+    .modal-content p { color: #7eb8da; margin-bottom: 1rem; line-height: 1.6; }
+    .modal-actions { display: flex; gap: 0.6rem; justify-content: flex-end; }
+    .response-banner { display: none; padding: 0.6rem 1rem; border-radius: 6px; margin-bottom: 1rem; font-weight: 600; }
+    .response-banner.visible { display: block; }
+  </style>
+</head>
+<body>
+  <div class="header">
+    <div>
+      <h1>Agent Oversight Dashboard</h1>
+      <div class="system-status">
+        <span>Agents active: 4</span>
+        <span>Policy violations today: 2</span>
+        <span>Human reviews pending: 1</span>
+        <span>Uptime: 99.97%</span>
+      </div>
+    </div>
+  </div>
+
+  <div id="response-banner" class="response-banner"></div>
+
+  <div class="metric-grid">
+    <div class="metric"><div class="metric-value good">847</div><div class="metric-label">Tasks completed</div></div>
+    <div class="metric"><div class="metric-value">12.4ms</div><div class="metric-label">Avg step latency</div></div>
+    <div class="metric"><div class="metric-value warning">2</div><div class="metric-label">Policy violations</div></div>
+    <div class="metric"><div class="metric-value critical">1</div><div class="metric-label">Pending review</div></div>
+  </div>
+
+  <div class="grid">
+    <div class="panel">
+      <h2>Active Agents</h2>
+      <div class="agent-card">
+        <div class="agent-header">
+          <span class="agent-name">deploy-agent-prod</span>
+          <span class="agent-status status-flagged">FLAGGED — REVIEW REQUIRED</span>
+        </div>
+        <div class="agent-detail">
+          Task: Deploy v2.4.1 to production cluster<br>
+          Last action: Attempted to modify production database schema<br>
+          Policy: write-high BLOCKED — requires human approval
+        </div>
+        <div class="agent-actions">
+          <button class="btn-review" id="review-deploy">Review Actions</button>
+          <button class="btn-approve" id="approve-deploy">Approve &amp; Continue</button>
+          <button class="btn-halt" id="halt-deploy">Halt Agent</button>
+        </div>
+      </div>
+      <div class="agent-card">
+        <div class="agent-header">
+          <span class="agent-name">test-runner-ci</span>
+          <span class="agent-status status-running">RUNNING</span>
+        </div>
+        <div class="agent-detail">
+          Task: E2E regression suite — 142/200 tests complete<br>
+          Last action: Assert dashboard loads in &lt; 2s<br>
+          Policy: controlled-web — no violations
+        </div>
+        <div class="agent-actions">
+          <button class="btn-review" id="review-test">Review Actions</button>
+          <button class="btn-halt" id="halt-test">Halt Agent</button>
+        </div>
+      </div>
+      <div class="agent-card">
+        <div class="agent-header">
+          <span class="agent-name">security-scanner</span>
+          <span class="agent-status status-running">RUNNING</span>
+        </div>
+        <div class="agent-detail">
+          Task: Penetration test — internal web apps<br>
+          Last action: SQL injection test on /api/users<br>
+          Policy: open-web — authorized pentest
+        </div>
+        <div class="agent-actions">
+          <button class="btn-review" id="review-scanner">Review Actions</button>
+          <button class="btn-halt" id="halt-scanner">Halt Agent</button>
+        </div>
+      </div>
+      <div class="agent-card">
+        <div class="agent-header">
+          <span class="agent-name">data-migration-agent</span>
+          <span class="agent-status status-halted">HALTED — KILL SWITCH</span>
+        </div>
+        <div class="agent-detail">
+          Task: Migrate user records from legacy DB<br>
+          Last action: DELETE FROM users WHERE created_at &lt; 2024<br>
+          Policy: write-high BLOCKED — kill switch activated by admin
+        </div>
+        <div class="agent-actions">
+          <button class="btn-rollback" id="rollback-migration">Rollback Changes</button>
+        </div>
+      </div>
+    </div>
+
+    <div class="panel">
+      <h2>EA1 Policy Decisions (last 24h)</h2>
+      <div class="policy-row"><span>Read operations</span><span class="policy-pass">ALLOW — 2,847</span></div>
+      <div class="policy-row"><span>Write-low (form input, drafts)</span><span class="policy-pass">ALLOW — 412</span></div>
+      <div class="policy-row"><span>Write-high (delete, transfer, deploy)</span><span class="policy-block">BLOCK — 23</span></div>
+      <div class="policy-row"><span>Sensitive input (credentials)</span><span class="policy-block">BLOCK — 8</span></div>
+      <div class="policy-row"><span>Kill switch activations</span><span class="policy-flag">1</span></div>
+      <div class="policy-row"><span>Human approvals granted</span><span class="policy-pass">ALLOW — 4</span></div>
+      <div class="policy-row"><span>Human approvals denied</span><span class="policy-block">DENY — 1</span></div>
+    </div>
+
+    <div class="panel full-width">
+      <h2>Audit Trail</h2>
+      <div id="audit-feed">
+        <div class="audit-entry"><span class="audit-ts">09:44:12</span><span class="audit-agent">deploy-agent</span><span class="policy-block">BLOCK</span> Attempted ALTER TABLE users — write-high denied, pending human review</div>
+        <div class="audit-entry"><span class="audit-ts">09:43:58</span><span class="audit-agent">test-runner</span><span class="policy-pass">ALLOW</span> Assert response time &lt; 2000ms on /dashboard — passed</div>
+        <div class="audit-entry"><span class="audit-ts">09:41:22</span><span class="audit-agent">data-migration</span><span class="policy-block">KILL SWITCH</span> DELETE FROM users — kill switch activated by admin@company.com</div>
+        <div class="audit-entry"><span class="audit-ts">09:40:15</span><span class="audit-agent">security-scan</span><span class="policy-pass">ALLOW</span> SQL injection test: ' OR 1=1 -- on /api/users (authorized pentest)</div>
+        <div class="audit-entry"><span class="audit-ts">09:38:44</span><span class="audit-agent">deploy-agent</span><span class="policy-pass">ALLOW</span> Read deployment manifest v2.4.1 — classification: read</div>
+        <div class="audit-entry"><span class="audit-ts">09:35:02</span><span class="audit-agent">test-runner</span><span class="policy-pass">ALLOW</span> Navigate to http://localhost:3000/login — classification: read</div>
+      </div>
+    </div>
+  </div>
+
+  <div id="halt-modal" class="modal">
+    <div class="modal-content">
+      <h3>Confirm Agent Halt</h3>
+      <p id="halt-modal-text">This will immediately activate the kill switch for this agent. All queued actions will be cancelled. The agent's audit trail will be preserved for review.</p>
+      <div class="modal-actions">
+        <button class="btn-cancel" id="cancel-halt">Cancel</button>
+        <button class="btn-halt" id="confirm-halt" style="font-weight:700">Halt Agent</button>
+      </div>
+    </div>
+  </div>
+
+  <script>
+    var haltTarget = '';
+    function addAudit(agent, level, msg) {
+      var feed = document.getElementById('audit-feed');
+      var entry = document.createElement('div');
+      entry.className = 'audit-entry';
+      var now = new Date();
+      var ts = now.toTimeString().slice(0, 8);
+      var cls = level === 'BLOCK' ? 'policy-block' : level === 'KILL SWITCH' ? 'policy-block' : level === 'FLAG' ? 'policy-flag' : 'policy-pass';
+      entry.innerHTML = '<span class="audit-ts">' + ts + '</span><span class="audit-agent">' + agent + '</span><span class="' + cls + '">' + level + '</span> ' + msg;
+      feed.insertBefore(entry, feed.firstChild);
+    }
+
+    document.getElementById('approve-deploy').addEventListener('click', function() {
+      var banner = document.getElementById('response-banner');
+      banner.className = 'response-banner visible';
+      banner.style.background = '#001a0a';
+      banner.style.border = '1px solid #00cc66';
+      banner.style.color = '#00cc66';
+      banner.textContent = 'deploy-agent-prod approved. Schema migration proceeding under supervision.';
+      addAudit('deploy-agent', 'ALLOW', 'Human approval granted for ALTER TABLE users by operator');
+    });
+    document.getElementById('halt-deploy').addEventListener('click', function() {
+      haltTarget = 'deploy-agent-prod';
+      document.getElementById('halt-modal-text').textContent = 'This will immediately activate the kill switch for deploy-agent-prod. The pending schema migration will be cancelled. All actions are logged.';
+      document.getElementById('halt-modal').classList.add('visible');
+    });
+    document.getElementById('halt-test').addEventListener('click', function() {
+      haltTarget = 'test-runner-ci';
+      document.getElementById('halt-modal-text').textContent = 'This will halt test-runner-ci at test 142/200. Partial results will be preserved. The agent can be resumed later.';
+      document.getElementById('halt-modal').classList.add('visible');
+    });
+    document.getElementById('halt-scanner').addEventListener('click', function() {
+      haltTarget = 'security-scanner';
+      document.getElementById('halt-modal-text').textContent = 'This will halt the authorized penetration test. All findings so far will be preserved in the audit trail.';
+      document.getElementById('halt-modal').classList.add('visible');
+    });
+    document.getElementById('rollback-migration').addEventListener('click', function() {
+      var banner = document.getElementById('response-banner');
+      banner.className = 'response-banner visible';
+      banner.style.background = '#1a1400';
+      banner.style.border = '1px solid #ffd700';
+      banner.style.color = '#ffd700';
+      banner.textContent = 'Rollback initiated for data-migration-agent. Restoring from last checkpoint...';
+      addAudit('data-migration', 'FLAG', 'Rollback initiated by operator — restoring user records from checkpoint');
+    });
+    document.getElementById('cancel-halt').addEventListener('click', function() {
+      document.getElementById('halt-modal').classList.remove('visible');
+    });
+    document.getElementById('confirm-halt').addEventListener('click', function() {
+      document.getElementById('halt-modal').classList.remove('visible');
+      var banner = document.getElementById('response-banner');
+      banner.className = 'response-banner visible';
+      banner.style.background = '#1a0808';
+      banner.style.border = '1px solid #ff4444';
+      banner.style.color = '#ff4444';
+      banner.textContent = haltTarget + ' — KILL SWITCH ACTIVATED. All actions halted.';
+      addAudit(haltTarget, 'KILL SWITCH', 'Kill switch activated by operator — all actions halted');
+    });
+  </script>
+</body>
+</html>