@vm0/runner 2.15.0 → 3.0.1

package/index.js

@@ -16,8 +16,7 @@ var SANDBOX_DEFAULTS = {
   max_concurrent: 1,
   vcpu: 2,
   memory_mb: 2048,
-  poll_interval_ms: 5e3,
-  guest_protocol: "vsock"
+  poll_interval_ms: 5e3
 };
 var PROXY_DEFAULTS = {
   port: 8080
@@ -36,8 +35,7 @@ var runnerConfigSchema = z.object({
     max_concurrent: z.number().int().min(1).default(SANDBOX_DEFAULTS.max_concurrent),
     vcpu: z.number().int().min(1).default(SANDBOX_DEFAULTS.vcpu),
     memory_mb: z.number().int().min(128).default(SANDBOX_DEFAULTS.memory_mb),
-    poll_interval_ms: z.number().int().min(1e3).default(SANDBOX_DEFAULTS.poll_interval_ms),
-    guest_protocol: z.enum(["vsock", "ssh"]).default(SANDBOX_DEFAULTS.guest_protocol)
+    poll_interval_ms: z.number().int().min(1e3).default(SANDBOX_DEFAULTS.poll_interval_ms)
   }).default(SANDBOX_DEFAULTS),
   firecracker: z.object({
     binary: z.string().min(1, "Firecracker binary path is required"),
@@ -64,8 +62,7 @@ var debugConfigSchema = z.object({
     max_concurrent: z.number().int().min(1).default(SANDBOX_DEFAULTS.max_concurrent),
     vcpu: z.number().int().min(1).default(SANDBOX_DEFAULTS.vcpu),
     memory_mb: z.number().int().min(128).default(SANDBOX_DEFAULTS.memory_mb),
-    poll_interval_ms: z.number().int().min(1e3).default(SANDBOX_DEFAULTS.poll_interval_ms),
-    guest_protocol: z.enum(["vsock", "ssh"]).default(SANDBOX_DEFAULTS.guest_protocol)
+    poll_interval_ms: z.number().int().min(1e3).default(SANDBOX_DEFAULTS.poll_interval_ms)
   }).default(SANDBOX_DEFAULTS),
   firecracker: z.object({
     binary: z.string().min(1, "Firecracker binary path is required"),
@@ -192,7 +189,7 @@ async function completeJob(apiUrl, context, exitCode, error) {
 }
 
 // src/lib/executor.ts
-import path5 from "path";
+import path4 from "path";
 
 // src/lib/firecracker/vm.ts
 import { execSync as execSync2, spawn } from "child_process";
@@ -210,7 +207,7 @@ var FirecrackerClient = class {
   /**
    * Make HTTP request to Firecracker API
    */
-  async request(method, path7, body) {
+  async request(method, path6, body) {
     return new Promise((resolve, reject) => {
       const bodyStr = body !== void 0 ? JSON.stringify(body) : void 0;
       const headers = {
@@ -223,11 +220,11 @@ var FirecrackerClient = class {
         headers["Content-Length"] = Buffer.byteLength(bodyStr);
       }
       console.log(
-        `[FC API] ${method} ${path7}${bodyStr ? ` (${Buffer.byteLength(bodyStr)} bytes)` : ""}`
+        `[FC API] ${method} ${path6}${bodyStr ? ` (${Buffer.byteLength(bodyStr)} bytes)` : ""}`
       );
       const options = {
         socketPath: this.socketPath,
-        path: path7,
+        path: path6,
         method,
         headers,
         // Disable agent to ensure fresh connection for each request
@@ -1224,216 +1221,9 @@ var FirecrackerVM = class {
   }
 };
 
-// src/lib/firecracker/guest.ts
-import { exec as exec3, execSync as execSync3 } from "child_process";
-import { promisify as promisify3 } from "util";
-import fs4 from "fs";
-import path3 from "path";
-import os from "os";
-var execAsync3 = promisify3(exec3);
-var DEFAULT_SSH_OPTIONS = [
-  "-o",
-  "StrictHostKeyChecking=no",
-  "-o",
-  "UserKnownHostsFile=/dev/null",
-  "-o",
-  "LogLevel=ERROR",
-  "-o",
-  "ConnectTimeout=10",
-  "-o",
-  "ServerAliveInterval=5",
-  "-o",
-  "ServerAliveCountMax=3"
-];
-var SSHClient = class {
-  config;
-  sshOptions;
-  constructor(config) {
-    this.config = config;
-    this.sshOptions = [...DEFAULT_SSH_OPTIONS];
-    if (config.privateKeyPath) {
-      this.sshOptions.push("-i", config.privateKeyPath);
-    }
-    if (config.connectTimeout) {
-      const idx = this.sshOptions.indexOf("ConnectTimeout=10");
-      if (idx !== -1) {
-        this.sshOptions[idx] = `ConnectTimeout=${config.connectTimeout}`;
-      }
-    }
-  }
-  /**
-   * Build SSH command prefix
-   */
-  buildSSHCommand() {
-    return [
-      "ssh",
-      ...this.sshOptions,
-      `${this.config.user}@${this.config.host}`
-    ];
-  }
-  /**
-   * Execute a command on the remote VM
-   * @param command - The command to execute
-   * @param timeoutMs - Optional timeout in milliseconds (default: 300000ms = 5 minutes)
-   */
-  async exec(command, timeoutMs) {
-    const sshCmd = this.buildSSHCommand();
-    const escapedCommand = command.replace(/'/g, "'\\''");
-    const fullCmd = [...sshCmd, `'${escapedCommand}'`].join(" ");
-    try {
-      const { stdout, stderr } = await execAsync3(fullCmd, {
-        maxBuffer: 50 * 1024 * 1024,
-        // 50MB buffer
-        timeout: timeoutMs ?? 3e5
-        // Default 5 minutes, customizable per call
-      });
-      return {
-        exitCode: 0,
-        stdout: stdout || "",
-        stderr: stderr || ""
-      };
-    } catch (error) {
-      const execError = error;
-      return {
-        exitCode: execError.code ?? 1,
-        stdout: execError.stdout || "",
-        stderr: execError.stderr || execError.message || "Unknown error"
-      };
-    }
-  }
-  /**
-   * Execute a command and throw on non-zero exit
-   */
-  async execOrThrow(command) {
-    const result = await this.exec(command);
-    if (result.exitCode !== 0) {
-      throw new Error(
-        `Command failed (exit ${result.exitCode}): ${result.stderr || result.stdout}`
-      );
-    }
-    return result.stdout;
-  }
-  /**
-   * Write content to a file on the remote VM
-   * Uses base64 encoding to safely transfer any content
-   */
-  async writeFile(remotePath, content) {
-    const encoded = Buffer.from(content).toString("base64");
-    const maxChunkSize = 65e3;
-    if (encoded.length <= maxChunkSize) {
-      await this.execOrThrow(`echo '${encoded}' | base64 -d > '${remotePath}'`);
-    } else {
-      await this.execOrThrow(`rm -f '${remotePath}'`);
-      for (let i = 0; i < encoded.length; i += maxChunkSize) {
-        const chunk = encoded.slice(i, i + maxChunkSize);
-        const operator = i === 0 ? ">" : ">>";
-        await this.execOrThrow(
-          `echo '${chunk}' | base64 -d ${operator} '${remotePath}'`
-        );
-      }
-    }
-  }
-  /**
-   * Write content to a file on the remote VM using sudo
-   * Used for writing to privileged locations like /usr/local/bin
-   */
-  async writeFileWithSudo(remotePath, content) {
-    const encoded = Buffer.from(content).toString("base64");
-    const maxChunkSize = 65e3;
-    if (encoded.length <= maxChunkSize) {
-      await this.execOrThrow(
-        `echo '${encoded}' | base64 -d | sudo tee '${remotePath}' > /dev/null`
-      );
-    } else {
-      await this.execOrThrow(`sudo rm -f '${remotePath}'`);
-      for (let i = 0; i < encoded.length; i += maxChunkSize) {
-        const chunk = encoded.slice(i, i + maxChunkSize);
-        const teeFlag = i === 0 ? "" : "-a";
-        await this.execOrThrow(
-          `echo '${chunk}' | base64 -d | sudo tee ${teeFlag} '${remotePath}' > /dev/null`
-        );
-      }
-    }
-  }
-  /**
-   * Read a file from the remote VM
-   */
-  async readFile(remotePath) {
-    const result = await this.exec(`cat '${remotePath}'`);
-    if (result.exitCode !== 0) {
-      throw new Error(`Failed to read file: ${result.stderr}`);
-    }
-    return result.stdout;
-  }
-  /**
-   * Check if SSH connection is available
-   * Uses a short timeout (15s) to ensure waitUntilReachable() respects its outer timeout
-   */
-  async isReachable() {
-    try {
-      const result = await this.exec("echo ok", 15e3);
-      return result.exitCode === 0 && result.stdout.trim() === "ok";
-    } catch {
-      return false;
-    }
-  }
-  /**
-   * Wait for SSH to become available
-   */
-  async waitUntilReachable(timeoutMs = 12e4, intervalMs = 2e3) {
-    const start = Date.now();
-    while (Date.now() - start < timeoutMs) {
-      if (await this.isReachable()) {
-        return;
-      }
-      await new Promise((resolve) => {
-        const remaining = timeoutMs - (Date.now() - start);
-        if (remaining > 0) {
-          setTimeout(resolve, Math.min(intervalMs, remaining));
-        } else {
-          resolve();
-        }
-      });
-    }
-    throw new Error(
-      `SSH not reachable after ${timeoutMs}ms at ${this.config.host}`
-    );
-  }
-  /**
-   * Create a directory on the remote VM (mkdir -p)
-   */
-  async mkdir(remotePath) {
-    await this.execOrThrow(`mkdir -p '${remotePath}'`);
-  }
-  /**
-   * Check if a file/directory exists on the remote VM
-   */
-  async exists(remotePath) {
-    const result = await this.exec(`test -e '${remotePath}'`);
-    return result.exitCode === 0;
-  }
-  /**
-   * Get the host IP
-   */
-  getHost() {
-    return this.config.host;
-  }
-};
-function getRunnerSSHKeyPath() {
-  const runnerKeyPath = "/opt/vm0-runner/ssh/id_rsa";
-  if (fs4.existsSync(runnerKeyPath)) {
-    return runnerKeyPath;
-  }
-  const userKeyPath = path3.join(os.homedir(), ".ssh", "id_rsa");
-  if (fs4.existsSync(userKeyPath)) {
-    return userKeyPath;
-  }
-  return "";
-}
-
 // src/lib/firecracker/vsock.ts
 import * as net from "net";
-import * as fs5 from "fs";
+import * as fs4 from "fs";
 import * as crypto from "crypto";
 var VSOCK_PORT = 1e3;
 var CONNECT_TIMEOUT_MS = 5e3;
@@ -1479,7 +1269,7 @@ var VsockClient = class {
       return;
     }
     return new Promise((resolve, reject) => {
-      if (!fs5.existsSync(this.vsockPath)) {
+      if (!fs4.existsSync(this.vsockPath)) {
         reject(new Error(`Vsock socket not found: ${this.vsockPath}`));
         return;
       }
@@ -2099,8 +1889,8 @@ function getErrorMap() {
   return overrideErrorMap;
 }
 var makeIssue = (params) => {
-  const { data, path: path7, errorMaps, issueData } = params;
-  const fullPath = [...path7, ...issueData.path || []];
+  const { data, path: path6, errorMaps, issueData } = params;
+  const fullPath = [...path6, ...issueData.path || []];
   const fullIssue = {
     ...issueData,
     path: fullPath
@@ -2199,11 +1989,11 @@ var errorUtil;
   errorUtil2.toString = (message) => typeof message === "string" ? message : message === null || message === void 0 ? void 0 : message.message;
 })(errorUtil || (errorUtil = {}));
 var ParseInputLazyPath = class {
-  constructor(parent, value, path7, key) {
+  constructor(parent, value, path6, key) {
     this._cachedPath = [];
     this.parent = parent;
     this.data = value;
-    this._path = path7;
+    this._path = path6;
     this._key = key;
   }
   get path() {
@@ -5969,7 +5759,7 @@ var unifiedRunRequestSchema = z6.object({
   volumeVersions: z6.record(z6.string(), z6.string()).optional(),
   // Debug flag to force real Claude in mock environments (internal use only)
   debugNoMockClaude: z6.boolean().optional(),
-  // Model provider for automatic LLM credential injection
+  // Model provider for automatic credential injection
   modelProvider: z6.string().optional(),
   // Required
   prompt: z6.string().min(1, "Missing prompt")
@@ -8113,20 +7903,46 @@ var SCRIPT_PATHS = {
 };
 
 // ../../packages/core/src/feature-switch.ts
-var PricingSwitch = {
-  key: "pricing" /* Pricing */,
-  maintainer: "ethan@vm0.ai",
-  enabled: false
-};
 var FEATURE_SWITCHES = {
-  ["pricing" /* Pricing */]: PricingSwitch
+  ["pricing" /* Pricing */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["dummy" /* Dummy */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: true
+  },
+  ["platformOnboarding" /* PlatformOnboarding */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["platformAgents" /* PlatformAgents */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["platformSecrets" /* PlatformSecrets */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["platformArtifacts" /* PlatformArtifacts */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["platformApiKeys" /* PlatformApiKeys */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  },
+  ["platformLogs" /* PlatformLogs */]: {
+    maintainer: "ethan@vm0.ai",
+    enabled: false
+  }
 };
 
 // src/lib/scripts/index.ts
 var ENV_LOADER_PATH = "/usr/local/bin/vm0-agent/env-loader.mjs";
 
 // src/lib/proxy/vm-registry.ts
-import fs6 from "fs";
+import fs5 from "fs";
 var DEFAULT_REGISTRY_PATH = "/tmp/vm0-vm-registry.json";
 var VMRegistry = class {
   registryPath;
@@ -8140,8 +7956,8 @@ var VMRegistry = class {
    */
   load() {
     try {
-      if (fs6.existsSync(this.registryPath)) {
-        const content = fs6.readFileSync(this.registryPath, "utf-8");
+      if (fs5.existsSync(this.registryPath)) {
+        const content = fs5.readFileSync(this.registryPath, "utf-8");
         return JSON.parse(content);
       }
     } catch {
@@ -8155,8 +7971,8 @@ var VMRegistry = class {
     this.data.updatedAt = Date.now();
     const content = JSON.stringify(this.data, null, 2);
     const tempPath = `${this.registryPath}.tmp`;
-    fs6.writeFileSync(tempPath, content, { mode: 420 });
-    fs6.renameSync(tempPath, this.registryPath);
+    fs5.writeFileSync(tempPath, content, { mode: 420 });
+    fs5.renameSync(tempPath, this.registryPath);
   }
   /**
    * Register a VM with its IP address
@@ -8231,8 +8047,8 @@ function initVMRegistry(registryPath) {
 
 // src/lib/proxy/proxy-manager.ts
 import { spawn as spawn2 } from "child_process";
-import fs7 from "fs";
-import path4 from "path";
+import fs6 from "fs";
+import path3 from "path";
 
 // src/lib/proxy/mitm-addon-script.ts
 var RUNNER_MITM_ADDON_SCRIPT = `#!/usr/bin/env python3
@@ -8725,7 +8541,7 @@ var ProxyManager = class {
   process = null;
   isRunning = false;
   constructor(config) {
-    const addonPath = path4.join(config.caDir, "mitm_addon.py");
+    const addonPath = path3.join(config.caDir, "mitm_addon.py");
     this.config = {
       ...DEFAULT_PROXY_OPTIONS,
       ...config,
@@ -8752,11 +8568,11 @@ var ProxyManager = class {
    * Ensure the addon script exists at the configured path
    */
   ensureAddonScript() {
-    const addonDir = path4.dirname(this.config.addonPath);
-    if (!fs7.existsSync(addonDir)) {
-      fs7.mkdirSync(addonDir, { recursive: true });
+    const addonDir = path3.dirname(this.config.addonPath);
+    if (!fs6.existsSync(addonDir)) {
+      fs6.mkdirSync(addonDir, { recursive: true });
     }
-    fs7.writeFileSync(this.config.addonPath, RUNNER_MITM_ADDON_SCRIPT, {
+    fs6.writeFileSync(this.config.addonPath, RUNNER_MITM_ADDON_SCRIPT, {
       mode: 493
     });
     console.log(
@@ -8767,11 +8583,11 @@ var ProxyManager = class {
    * Validate proxy configuration
    */
   validateConfig() {
-    if (!fs7.existsSync(this.config.caDir)) {
+    if (!fs6.existsSync(this.config.caDir)) {
       throw new Error(`Proxy CA directory not found: ${this.config.caDir}`);
     }
-    const caCertPath = path4.join(this.config.caDir, "mitmproxy-ca.pem");
-    if (!fs7.existsSync(caCertPath)) {
+    const caCertPath = path3.join(this.config.caDir, "mitmproxy-ca.pem");
+    if (!fs6.existsSync(caCertPath)) {
       throw new Error(`Proxy CA certificate not found: ${caCertPath}`);
     }
     this.ensureAddonScript();
@@ -9161,17 +8977,17 @@ function buildEnvironmentVariables(context, apiUrl) {
 }
 
 // src/lib/network-logs/network-logs.ts
-import fs8 from "fs";
+import fs7 from "fs";
 function getNetworkLogPath(runId) {
   return `/tmp/vm0-network-${runId}.jsonl`;
 }
 function readNetworkLogs(runId) {
   const logPath = getNetworkLogPath(runId);
-  if (!fs8.existsSync(logPath)) {
+  if (!fs7.existsSync(logPath)) {
     return [];
   }
   try {
-    const content = fs8.readFileSync(logPath, "utf-8");
+    const content = fs7.readFileSync(logPath, "utf-8");
     const lines = content.split("\n").filter((line) => line.trim());
     return lines.map((line) => JSON.parse(line));
   } catch (err) {
@@ -9184,8 +9000,8 @@ function readNetworkLogs(runId) {
 function cleanupNetworkLogs(runId) {
   const logPath = getNetworkLogPath(runId);
   try {
-    if (fs8.existsSync(logPath)) {
-      fs8.unlinkSync(logPath);
+    if (fs7.existsSync(logPath)) {
+      fs7.unlinkSync(logPath);
     }
   } catch (err) {
     console.error(
@@ -9228,7 +9044,7 @@ async function uploadNetworkLogs(apiUrl, sandboxToken, runId) {
 }
 
 // src/lib/vm-setup/vm-setup.ts
-import fs9 from "fs";
+import fs8 from "fs";
 
 // src/lib/scripts/utils.ts
 function getAllScripts() {
@@ -9290,12 +9106,12 @@ async function restoreSessionHistory(guest, resumeSession, workingDir, cliAgentT
   );
 }
 async function installProxyCA(guest, caCertPath) {
-  if (!fs9.existsSync(caCertPath)) {
+  if (!fs8.existsSync(caCertPath)) {
     throw new Error(
       `Proxy CA certificate not found at ${caCertPath}. Run generate-proxy-ca.sh first.`
     );
   }
-  const caCert = fs9.readFileSync(caCertPath, "utf-8");
+  const caCert = fs8.readFileSync(caCertPath, "utf-8");
   console.log(
     `[Executor] Installing proxy CA certificate (${caCert.length} bytes)`
   );
@@ -9376,7 +9192,7 @@ async function executeJob(context, config, options = {}) {
   const log = options.logger ?? ((msg) => console.log(msg));
   log(`[Executor] Starting job ${context.runId} in VM ${vmId}`);
   try {
-    const workspacesDir = path5.join(process.cwd(), "workspaces");
+    const workspacesDir = path4.join(process.cwd(), "workspaces");
     const vmConfig = {
       vmId,
       vcpus: config.sandbox.vcpu,
@@ -9384,7 +9200,7 @@ async function executeJob(context, config, options = {}) {
       kernelPath: config.firecracker.kernel,
       rootfsPath: config.firecracker.rootfs,
       firecrackerBinary: config.firecracker.binary,
-      workDir: path5.join(workspacesDir, `vm0-${vmId}`)
+      workDir: path4.join(workspacesDir, `vm0-${vmId}`)
     };
     log(`[Executor] Creating VM ${vmId}...`);
     vm = new FirecrackerVM(vmConfig);
@@ -9394,27 +9210,15 @@ async function executeJob(context, config, options = {}) {
       throw new Error("VM started but no IP address available");
     }
     log(`[Executor] VM ${vmId} started, guest IP: ${guestIp}`);
-    const guestProtocol = config.sandbox.guest_protocol;
-    let guest;
-    if (guestProtocol === "ssh") {
-      const sshKeyPath = getRunnerSSHKeyPath();
-      guest = new SSHClient({
-        host: guestIp,
-        user: "user",
-        privateKeyPath: sshKeyPath || void 0
-      });
-      log(`[Executor] Using SSH for guest communication: ${guestIp}`);
-    } else {
-      const vsockPath = vm.getVsockPath();
-      guest = new VsockClient(vsockPath);
-      log(`[Executor] Using vsock for guest communication: ${vsockPath}`);
-    }
-    log(`[Executor] Verifying ${guestProtocol} connectivity...`);
+    const vsockPath = vm.getVsockPath();
+    const guest = new VsockClient(vsockPath);
+    log(`[Executor] Using vsock for guest communication: ${vsockPath}`);
+    log(`[Executor] Verifying vsock connectivity...`);
     await withSandboxTiming(
       "guest_wait",
       () => guest.waitUntilReachable(3e4, 1e3)
     );
-    log(`[Executor] Guest client ready (${guestProtocol})`);
+    log(`[Executor] Guest client ready`);
     const firewallConfig = context.experimentalFirewall;
     if (firewallConfig?.enabled) {
       const mitmEnabled = firewallConfig.experimental_mitm ?? false;
@@ -9429,7 +9233,7 @@ async function executeJob(context, config, options = {}) {
         sealSecretsEnabled
       });
       if (mitmEnabled) {
-        const caCertPath = path5.join(
+        const caCertPath = path4.join(
           config.proxy.ca_dir,
           "mitmproxy-ca-cert.pem"
         );
@@ -9859,7 +9663,7 @@ import { dirname as dirname2, join as join3 } from "path";
 
 // src/lib/firecracker/process.ts
 import { readdirSync, readFileSync as readFileSync2, existsSync as existsSync3 } from "fs";
-import path6 from "path";
+import path5 from "path";
 function parseFirecrackerCmdline(cmdline) {
   const args = cmdline.split("\0");
   if (!args[0]?.includes("firecracker")) return null;
@@ -9892,7 +9696,7 @@ function findFirecrackerProcesses() {
   for (const entry of entries) {
     if (!/^\d+$/.test(entry)) continue;
     const pid = parseInt(entry, 10);
-    const cmdlinePath = path6.join(procDir, entry, "cmdline");
+    const cmdlinePath = path5.join(procDir, entry, "cmdline");
     if (!existsSync3(cmdlinePath)) continue;
     try {
       const cmdline = readFileSync2(cmdlinePath, "utf-8");
@@ -9949,7 +9753,7 @@ function findMitmproxyProcess() {
   for (const entry of entries) {
     if (!/^\d+$/.test(entry)) continue;
     const pid = parseInt(entry, 10);
-    const cmdlinePath = path6.join(procDir, entry, "cmdline");
+    const cmdlinePath = path5.join(procDir, entry, "cmdline");
     if (!existsSync3(cmdlinePath)) continue;
     try {
       const cmdline = readFileSync2(cmdlinePath, "utf-8");
@@ -10345,7 +10149,7 @@ async function confirm(message) {
 }
 
 // src/commands/benchmark.ts
-import { Command as Command4, Option } from "commander";
+import { Command as Command4 } from "commander";
 import crypto2 from "crypto";
 
 // src/lib/timing.ts
@@ -10398,19 +10202,11 @@ function createBenchmarkContext(prompt, options) {
 }
 var benchmarkCommand = new Command4("benchmark").description(
   "Run a VM performance benchmark (executes bash command directly)"
-).argument("<prompt>", "The bash command to execute in the VM").option("--config <path>", "Config file path", "./runner.yaml").option("--working-dir <path>", "Working directory in VM", "/home/user").option("--agent-type <type>", "Agent type", "claude-code").addOption(
-  new Option(
-    "--guest-protocol <protocol>",
-    "Guest communication protocol"
-  ).choices(["vsock", "ssh"])
-).action(async (prompt, options) => {
+).argument("<prompt>", "The bash command to execute in the VM").option("--config <path>", "Config file path", "./runner.yaml").option("--working-dir <path>", "Working directory in VM", "/home/user").option("--agent-type <type>", "Agent type", "claude-code").action(async (prompt, options) => {
   const timer = new Timer();
   try {
     timer.log("Loading configuration...");
     const config = loadDebugConfig(options.config);
-    if (options.guestProtocol) {
-      config.sandbox.guest_protocol = options.guestProtocol;
-    }
     validateFirecrackerPaths(config.firecracker);
     timer.log("Checking network prerequisites...");
     const networkCheck = checkNetworkPrerequisites();
@@ -10444,7 +10240,7 @@ var benchmarkCommand = new Command4("benchmark").description(
 });
 
 // src/index.ts
-var version = true ? "2.15.0" : "0.1.0";
+var version = true ? "3.0.1" : "0.1.0";
 program.name("vm0-runner").version(version).description("Self-hosted runner for VM0 agents");
 program.addCommand(startCommand);
 program.addCommand(doctorCommand);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vm0/runner",
-  "version": "2.15.0",
+  "version": "3.0.1",
   "description": "Self-hosted runner for VM0 agents",
   "repository": {
     "type": "git",