agentfootprint 6.16.0 → 6.18.0

package/dist/types/adapters/observability/audit.d.ts

@@ -0,0 +1,255 @@
+/**
+ * auditExport — tamper-evident audit bundle (backlog #20, compliance
+ * wedge item 2; pairs with #19's `otelObservability` GenAI spans).
+ *
+ * Consumes the typed `agentfootprint.*` event stream and accumulates an
+ * append-only, HASH-CHAINED record log: every record carries the SHA-256
+ * of its own canonical serialization plus the hash of the previous
+ * record. Flipping a single byte anywhere in an exported bundle makes
+ * `verifyAuditBundle` name the exact record that broke — the
+ * record-keeping shape EU AI Act Art. 12 asks for (events the system
+ * logged, in order, demonstrably unmodified since capture).
+ *
+ * Pattern: Observability strategy (one purpose — chain accumulation)
+ *          + pure offline verifier.
+ * Role:    Outer ring (Hexagonal). Attach via
+ *          `agent.enable.observability({ strategy: auditExport() })`.
+ * Emits:   nothing — terminal sink.
+ *
+ * ## What lands in the chain
+ *
+ * One record per typed event, in dispatch order: decisions
+ * (`agent.route_decided`, `composition.route_decided` incl. decide()
+ * evidence), tool calls (`stream.tool_start/_end`), validation
+ * rejections (#9), permission verdicts and halts, credential lifecycle,
+ * costs, errors, skill/memory/context activity. Each new `meta.runId`
+ * is anchored by a GENESIS record (`audit.genesis`) carrying the runId,
+ * the agent identity, and library versions — runs chain back-to-back in
+ * one log, so silently DROPPING a whole run breaks the chain too.
+ *
+ * High-volume content deltas (`stream.token`, `stream.thinking_delta`)
+ * are excluded by default (`includeTokenEvents: true` to include).
+ *
+ * ## Record / bundle schema
+ *
+ * ```
+ * AuditRecord  = { seq, timestamp, eventType, payload, meta, prevHash, hash }
+ *   hash       = SHA-256 hex over canonicalJson(record minus `hash`)
+ *   prevHash   = previous record's `hash` (ZERO_HASH at chain start)
+ * AuditBundle  = { header, records, finalHash }
+ *   header     = { format, hashAlgorithm, canonicalization, chainHead,
+ *                  firstSeq, recordCount, exportedAt, library }
+ * ```
+ *
+ * Canonicalization is `afp-cjson/1` (see `lib/canonicalJson.ts` — those
+ * rules ARE the contract; the header names them so independent
+ * verifiers can re-implement byte-exactly).
+ *
+ * ## Persistence + long runs
+ *
+ * Persistence is the CONSUMER's job — the bundle is plain JSON
+ * (`JSON.stringify(strategy.bundle())`, store anywhere). For long runs,
+ * `drain()` returns the records accumulated since the last drain while
+ * keeping the chain intact ACROSS drains: each segment's
+ * `header.chainHead` equals the previous segment's `finalHash`, so
+ * `verifyAuditBundle([seg1, seg2, ...])` re-verifies the concatenation
+ * end-to-end.
+ *
+ * ## PII discipline (mirrors #19's otelObservability)
+ *
+ * Payloads enter records through a bounding layer — by default
+ * (`payloadMode: 'bounded'`) record payloads NEVER carry raw runtime
+ * values that can echo PII:
+ *
+ *   - tool args             → `'[keys: …]'` (top-level key NAMES only)
+ *   - tool results          → `'[type: …]'` (typeof only)
+ *   - userPrompt / LLM content / thinking blocks / history
+ *                           → `'[N chars]'` / `'[N messages]'` markers
+ *   - content PREVIEWS (`contentSummary` on context/memory events,
+ *     `rawContent`, `resultSummary`, `droppedSummaries`) → markers
+ *     (for short content a preview IS the content; `contentHash`
+ *     stays — it links identical content without echoing it)
+ *   - error MESSAGE strings (`error`, `errorMessage`, `lastError`,
+ *     `rawOutput`)          → `'[N chars]'` (messages can echo values)
+ *   - free-form Records (`questionPayload`, `resumeInput`, risk/eval
+ *     `evidence`, memory `scoreEvidence`) → `'[keys: …]'`
+ *
+ * Everything else is embedded as the registry payload (sanitized:
+ * strings capped at 256 chars, lists at 32 items, cycles broken) —
+ * those payloads are bounded by construction: identifiers, counts,
+ * enums, decide() evidence (engine-bounded + redaction-aware),
+ * validation issues (paths/TYPES per #9), credential events (no
+ * secrets by contract).
+ *
+ * `payloadMode: 'verbatim'` embeds full payloads (still
+ * JSON-sanitized). For Art. 12 completeness on an access-controlled
+ * store that is often the point — but the bundle then carries prompts,
+ * tool args/results and model output. Treat it as PII-bearing, and
+ * remember the Agent sets NO footprintjs RedactionPolicy by default
+ * (policies you do set redact the emit channel UPSTREAM of this
+ * strategy, so redacted events arrive here already redacted).
+ *
+ * ## Tamper-EVIDENT, not tamper-PROOF (honest threat model)
+ *
+ * The chain proves INTERNAL consistency: any partial modification —
+ * edit, insert, delete, reorder, drop-a-run — is detected and named.
+ * It does NOT prove provenance: an adversary holding the only copy can
+ * recompute every hash from the mutation onward and present a
+ * self-consistent forgery. For non-repudiation, anchor `finalHash`
+ * externally as part of your retention process (write-once/WORM store,
+ * signed log, RFC 3161 timestamping, or simply a second party) — then
+ * a whole-suffix recomputation no longer matches the anchor.
+ *
+ * ## Runtime requirements
+ *
+ * Hashing uses `node:crypto` (`createHash('sha256')`) — zero new
+ * dependencies, imported lazily at first use (same gating as the
+ * optional vendor SDKs in this folder, so merely importing this module
+ * stays browser-safe). `auditExport` and `verifyAuditBundle` therefore
+ * run anywhere `node:crypto` exists: Node ≥ 20, Bun, Deno,
+ * edge runtimes with Node compat (e.g. Cloudflare `nodejs_compat`).
+ * In a browser there is no SYNC SHA-256 (WebCrypto is async-only), so
+ * both throw a descriptive error — verify server-side, or re-implement
+ * verification from the documented contract (it is pure: recompute
+ * SHA-256 over `afp-cjson/1` canonicalization and walk the chain).
+ *
+ * @example Capture → export → verify
+ * ```ts
+ * import { auditExport, verifyAuditBundle } from 'agentfootprint/observability-providers';
+ *
+ * const audit = auditExport({ agent: 'loan-officer' });
+ * const stop = agent.enable.observability({ strategy: audit });
+ * await agent.run({ message: 'assess application A-17' });
+ * stop();
+ *
+ * const bundle = audit.bundle();            // JSON-serializable
+ * await fs.writeFile('run.audit.json', JSON.stringify(bundle));
+ *
+ * const check = verifyAuditBundle(bundle);  // offline — no agent needed
+ * // check.valid === true; tamper with one byte → { valid: false, brokenAt: <seq> }
+ * ```
+ */
+import { CANONICAL_JSON_VERSION } from '../../lib/canonicalJson.js';
+import type { ObservabilityStrategy } from '../../strategies/types.js';
+/** SHA-256 of "nothing" — the `prevHash` of the first record in a
+ *  chain and the `chainHead` of a chain's first segment. */
+export declare const AUDIT_ZERO_HASH: string;
+/** `eventType` of the per-run genesis record. Deliberately OUTSIDE the
+ *  `agentfootprint.*` registry namespace — it is a chain-level record,
+ *  not a dispatched event (#20 ships zero new typed events). */
+export declare const AUDIT_GENESIS_EVENT_TYPE = "audit.genesis";
+/** Format identifier carried on every bundle header. */
+export declare const AUDIT_BUNDLE_FORMAT = "agentfootprint.audit/1";
+/**
+ * One link of the hash chain.
+ *
+ * `hash` = SHA-256 hex over `canonicalJson` of the record WITHOUT the
+ * `hash` field (i.e. `{ seq, timestamp, eventType, payload, meta,
+ * prevHash }` — canonical key order makes field order irrelevant).
+ * Because the preimage is "everything but `hash`", ADDING a field to a
+ * record is detected exactly like mutating one.
+ */
+export interface AuditRecord {
+    /** 0-based position in the chain (monotonic across drains). */
+    readonly seq: number;
+    /** Wall-clock ms of the source event (`meta.wallClockMs`). */
+    readonly timestamp: number;
+    /** Registry event name verbatim, or {@link AUDIT_GENESIS_EVENT_TYPE}. */
+    readonly eventType: string;
+    /** Bounded / sanitized event payload (see module PII docs). */
+    readonly payload: unknown;
+    /** Sanitized event meta (runId, runtimeStageId, paths, indices). */
+    readonly meta: {
+        readonly runId: string;
+    } & Readonly<Record<string, unknown>>;
+    /** `hash` of the previous record ({@link AUDIT_ZERO_HASH} at chain start). */
+    readonly prevHash: string;
+    /** SHA-256 hex of this record's canonical preimage. */
+    readonly hash: string;
+}
+export interface AuditBundleHeader {
+    readonly format: typeof AUDIT_BUNDLE_FORMAT;
+    readonly hashAlgorithm: 'sha-256';
+    readonly canonicalization: typeof CANONICAL_JSON_VERSION;
+    /** `prevHash` of `records[0]` — {@link AUDIT_ZERO_HASH} for the first
+     *  segment, the previous segment's `finalHash` after a `drain()`. */
+    readonly chainHead: string;
+    /** `seq` of `records[0]` (continues across drains). */
+    readonly firstSeq: number;
+    readonly recordCount: number;
+    /** Wall-clock ms when `bundle()` / `drain()` produced this export. */
+    readonly exportedAt: number;
+    readonly library: {
+        readonly name: 'agentfootprint';
+        readonly version: string;
+    };
+}
+/** JSON-serializable export of the chain (or one drained segment). */
+export interface AuditBundle {
+    readonly header: AuditBundleHeader;
+    readonly records: readonly AuditRecord[];
+    /** `hash` of the last record (= `chainHead` when `records` is empty).
+     *  The next drained segment's `chainHead` equals this value. */
+    readonly finalHash: string;
+}
+export interface AuditVerifyResult {
+    readonly valid: boolean;
+    /** Records whose hashes were recomputed and matched. */
+    readonly recordsChecked: number;
+    /** `seq` of the first record that fails (or the expected seq at the
+     *  failure point, when the stored seq itself was tampered). */
+    readonly brokenAt?: number;
+    /** Human-readable cause — names the failed check. */
+    readonly reason?: string;
+}
+export interface AuditExportOptions {
+    /** Agent identity recorded in every run's genesis record (service /
+     *  agent name as your compliance review knows it). */
+    readonly agent?: string;
+    /**
+     * `'bounded'` (default) — payloads pass the PII bounding layer (see
+     * module docs). `'verbatim'` — full payloads, JSON-sanitized only.
+     *
+     * @remarks Verbatim bundles carry prompts, tool args/results and
+     * model output. Treat the store as PII-bearing; the Agent applies NO
+     * RedactionPolicy by default.
+     */
+    readonly payloadMode?: 'bounded' | 'verbatim';
+    /** Include `stream.token` / `stream.thinking_delta` events (high
+     *  volume; content still bounded under `payloadMode: 'bounded'`).
+     *  Default `false`. */
+    readonly includeTokenEvents?: boolean;
+    /** Extra version pins for the genesis record (your app, model
+     *  config revision, policy bundle hash, …). */
+    readonly versions?: Readonly<Record<string, string>>;
+}
+/** The strategy returned by {@link auditExport}. */
+export interface AuditExportStrategy extends ObservabilityStrategy {
+    /** Snapshot the retained records WITHOUT draining. Safe mid-run. */
+    bundle(): AuditBundle;
+    /** Return the records accumulated since the last drain and clear
+     *  them from memory. Chain state persists — consecutive drained
+     *  segments re-verify end-to-end via `verifyAuditBundle([...])`. */
+    drain(): AuditBundle;
+    /** Records currently retained (since last drain). */
+    recordCount(): number;
+}
+export declare function auditExport(opts?: AuditExportOptions): AuditExportStrategy;
+/**
+ * Recompute the hash chain of a bundle (or of consecutive drained
+ * segments, in order) and report the exact record where integrity
+ * breaks. Pure function over JSON data — runs offline, long after the
+ * run, with no agent and no strategy instance.
+ *
+ * Checks, in order, per segment:
+ *   1. header format / algorithm / canonicalization are supported
+ *   2. `recordCount` matches `records.length`
+ *   3. segment continuity (`chainHead`/`firstSeq` extend the previous
+ *      segment's `finalHash`/seq range)
+ *   4. per record: `seq` is contiguous, `prevHash` links the previous
+ *      record, and SHA-256 over the canonical preimage (the record
+ *      minus `hash` — so ADDED fields are caught too) matches `hash`
+ *   5. `finalHash` equals the last record's hash
+ */
+export declare function verifyAuditBundle(input: AuditBundle | readonly AuditBundle[]): AuditVerifyResult;
+//# sourceMappingURL=audit.d.ts.map

package/dist/types/adapters/observability/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../../../src/adapters/observability/audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkIG;AAGH,OAAO,EAAiB,sBAAsB,EAAE,MAAM,4BAA4B,CAAC;AAEnF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAIvE;4DAC4D;AAC5D,eAAO,MAAM,eAAe,QAAiB,CAAC;AAE9C;;gEAEgE;AAChE,eAAO,MAAM,wBAAwB,kBAAkB,CAAC;AAExD,wDAAwD;AACxD,eAAO,MAAM,mBAAmB,2BAA2B,CAAC;AAE5D;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,+DAA+D;IAC/D,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,8DAA8D;IAC9D,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,yEAAyE;IACzE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,+DAA+D;IAC/D,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,oEAAoE;IACpE,QAAQ,CAAC,IAAI,EAAE;QAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC9E,8EAA8E;IAC9E,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,uDAAuD;IACvD,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,MAAM,EAAE,OAAO,mBAAmB,CAAC;IAC5C,QAAQ,CAAC,aAAa,EAAE,SAAS,CAAC;IAClC,QAAQ,CAAC,gBAAgB,EAAE,OAAO,sBAAsB,CAAC;IACzD;yEACqE;IACrE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,uDAAuD;IACvD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,sEAAsE;IACtE,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,EAAE;QAAE,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;QAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;CACjF;AAED,sEAAsE;AACtE,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,MAAM,EAAE,iBAAiB,CAAC;IACnC,QAAQ,CAAC,OAAO,EAAE,SAAS,WAAW,EAAE,CAAC;IACzC;oEACgE;IAChE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,wDAAwD;IACxD,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC;mEAC+D;IAC/D,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,qDAAqD;IACrD,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,kBAAkB;IACjC;0DACsD;IACtD,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB;;;;;;;OAOG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9C;;2BAEuB;IACvB,QAAQ,CAAC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IACtC;mDAC+C;IAC/C,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CACtD;AAED,oDAAoD;AACpD,MAAM,WAAW,mBAAoB,SAAQ,qBAAqB;IAChE,oEAAoE;IACpE,MAAM,IAAI,WAAW,CAAC;IACtB;;wEAEoE;IACpE,KAAK,IAAI,WAAW,CAAC;IACrB,qDAAqD;IACrD,WAAW,IAAI,MAAM,CAAC;CACvB;AAgND,wBAAgB,WAAW,CAAC,IAAI,GAAE,kBAAuB,GAAG,mBAAmB,CAgI9E;AAID;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,SAAS,WAAW,EAAE,GAAG,iBAAiB,CAsIhG"}

package/dist/types/adapters/observability/otel.d.ts

@@ -1,10 +1,12 @@
 /**
  * otelObservability — OpenTelemetry distributed-tracing adapter.
  *
- * Ships every agentfootprint event as OpenTelemetry spans + log
- * records via a consumer-supplied OTel API. Same hierarchical
- * mapping as the X-Ray adapter, but the destination is whichever
- * OTel-compat backend the consumer's SDK exports to:
+ * Ships every agentfootprint event as OpenTelemetry spans + span events
+ * via a consumer-supplied OTel API, following the OpenTelemetry **GenAI
+ * semantic conventions** (`gen_ai.*` attribute namespace) plus
+ * agentfootprint-specific explainability attributes (`agentfootprint.*`).
+ * Same hierarchical mapping as the X-Ray adapter, but the destination is
+ * whichever OTel-compat backend the consumer's SDK exports to:
  *
  *   - **Honeycomb** (OTLP/HTTP)
  *   - **Grafana Cloud / Tempo / Mimir** (OTLP)
@@ -27,24 +29,67 @@
  * configure the SDK + exporter once at app startup; we just speak
  * the typed OTel API.
  *
- * Mapping:
+ * ## Event → span/attribute mapping
  *
- *   agent.turn_start          ↦  start root span (one trace per turn)
- *   agent.turn_end            ↦  end root span
+ *   agent.turn_start          ↦  start root span (one trace per turn) —
+ *                                `gen_ai.operation.name: 'invoke_agent'`
+ *   agent.turn_end            ↦  end root span (+ turn-total `gen_ai.usage.*`)
  *   agent.iteration_start     ↦  start child span under root
  *   agent.iteration_end       ↦  end iteration span
- *   stream.llm_start          ↦  start child span (model call)
- *   stream.llm_end            ↦  end llm span
- *   stream.tool_start         ↦  start child span (tool call)
- *   stream.tool_end           ↦  end tool span (with `error: true` if errored)
+ *   stream.llm_start          ↦  start child span (inference) — `gen_ai.*`
+ *                                request attrs (`chat` operation)
+ *   stream.llm_end            ↦  end llm span (+ `gen_ai.usage.*`,
+ *                                `gen_ai.response.*`)
+ *   stream.tool_start         ↦  start child span — `execute_tool` operation,
+ *                                `gen_ai.tool.name` / `gen_ai.tool.call.id`
+ *   stream.tool_end           ↦  end tool span (ERROR status + `error.type`
+ *                                if errored). Correlated by toolCallId so
+ *                                PARALLEL tool calls close the right span.
  *   cost.tick                 ↦  setAttribute on topmost active span
+ *   error.fatal               ↦  ERROR status on root + defensive unwind
+ *   context.evaluated         ↦  N span events `agentfootprint.skill.routing`
+ *                                — SYNTHESIZED name (one per routing entry),
+ *                                not a registry-verbatim forward; all other
+ *                                span events use the registry name verbatim
+ *
+ * ## Decisions = SPAN EVENTS, not attributes (design decision)
+ *
+ * Explainability signals (route decisions, skill routing, validation
+ * rejections, permission checks, credential lifecycle) are emitted as
+ * **span events** on the currently-active span rather than attributes:
+ *
+ *   1. MULTIPLICITY — an iteration span can carry several decisions
+ *      (route + N skill routings + M permission checks). Attributes are
+ *      last-write-wins and would clobber; span events accumulate.
+ *   2. ORDERING — span events carry their own timestamps, preserving the
+ *      decision sequence inside one span. Compliance review (EU AI Act
+ *      Art. 12 record-keeping) needs the order decisions were made.
+ *   3. ROUND-TRIP — OTLP backends (and agentThinkingUI's `fromOTLP`
+ *      ingestion) surface span events as first-class timeline entries.
+ *
+ * When the consumer-injected tracer's spans don't implement `addEvent`
+ * (minimal test doubles), the adapter falls back to flattened
+ * `${eventName}.${key}` attributes — degraded (last-write-wins) but
+ * never silently dropped.
+ *
+ * ## PII discipline
+ *
+ * Mirrors the #9 validation contract: attribute values NEVER echo
+ * runtime VALUES that can carry PII —
+ *   - tool args  → top-level key NAMES only (`agentfootprint.tool.args.keys`)
+ *   - tool results → `typeof` only (`agentfootprint.tool.result.type`)
+ *   - validation issues → path / expected / got TYPES (bounded upstream)
+ *   - decide() evidence → rule labels, operators, thresholds (developer
+ *     constants) and the engine's redaction-aware value SUMMARIES
+ *   - userPrompt / llm content / thinking → never emitted
+ *   - error.fatal → stage + scope only (error MESSAGES can echo values)
+ *   - credential events carry no secrets by construction (registry contract)
  *
  * @example Basic — Honeycomb via OTLP
  * ```ts
  * import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
  * import { OTLPTraceExporter } from '@opentelemetry/exporter-trace-otlp-http';
  * import { BatchSpanProcessor } from '@opentelemetry/sdk-trace-base';
- * import { trace } from '@opentelemetry/api';
  * import { otelObservability } from 'agentfootprint/observability-providers';
  *
  * // Set up OTel ONCE at app startup.
@@ -55,12 +100,13 @@
  * })));
  * provider.register();
  *
- * agent.enable.observability({
- *   strategy: otelObservability({
- *     serviceName: 'my-agent',
- *     // tracer optional — defaults to trace.getTracer('agentfootprint').
- *   }),
+ * const otel = otelObservability({
+ *   serviceName: 'my-agent',
+ *   // genAiSpanNames: true,  // opt-in spec span names ('chat gpt-4', …)
  * });
+ * agent.enable.observability({ strategy: otel });
+ * // Optional — operator-level decide()/select() evidence as span events:
+ * // Agent.create({...}).recorder(otel.decisionEvidenceRecorder())
  * ```
  *
  * @example Test injection
@@ -71,6 +117,7 @@
  * });
  * ```
  */
+import type { FlowDecisionEvent, FlowSelectedEvent } from 'footprintjs';
 import type { ObservabilityStrategy } from '../../strategies/types.js';
 export interface OtelObservabilityOptions {
     /** Service name on every emitted span. Surfaces in your OTel
@@ -86,20 +133,45 @@ export interface OtelObservabilityOptions {
      *  where the consumer wants agentfootprint to drop spans BEFORE
      *  they reach the SDK (e.g., aggressive cost control). */
     readonly sampleRate?: number;
+    /**
+     * Opt-in OTel GenAI semconv SPAN NAMES (default `false`):
+     *
+     *   root  → `invoke_agent {serviceName}`  (was `{serviceName}`)
+     *   llm   → `chat {model}`                (was `llm`)
+     *   tool  → `execute_tool {toolName}`     (was `tool:{toolName}`)
+     *
+     * Off by default because existing consumers' dashboards / alerts key
+     * on the legacy span names — renames would break them. All `gen_ai.*`
+     * ATTRIBUTES are emitted regardless of this flag (purely additive),
+     * so semconv-aware backends can already group by
+     * `gen_ai.operation.name` with the flag off.
+     */
+    readonly genAiSpanNames?: boolean;
+    /**
+     * Explainability span events (default `true`): route decisions, skill
+     * routing provenance, validation rejections, permission decisions,
+     * credential lifecycle. Set `false` to emit only the span tree +
+     * `gen_ai.*` attributes (e.g., aggressive per-byte vendor billing).
+     */
+    readonly explainability?: boolean;
 }
+/** Attribute value union we emit. Matches OTel's `AttributeValue`
+ *  subset: primitives + homogeneous string arrays
+ *  (`gen_ai.response.finish_reasons`, issue lists, …). */
+export type OtelAttributeValue = string | number | boolean | readonly string[];
 /** Subset of `@opentelemetry/api`'s `Tracer` we depend on. */
 export interface OtelTracerLike {
     startSpan(name: string, options?: OtelSpanOptions, context?: unknown): OtelSpanLike;
 }
 /** Subset of `@opentelemetry/api`'s `SpanOptions`. */
 export interface OtelSpanOptions {
-    attributes?: Record<string, string | number | boolean>;
+    attributes?: Record<string, OtelAttributeValue>;
     startTime?: number;
     kind?: number;
 }
 /** Subset of `@opentelemetry/api`'s `Span` we depend on. */
 export interface OtelSpanLike {
-    setAttribute(key: string, value: string | number | boolean): unknown;
+    setAttribute(key: string, value: OtelAttributeValue): unknown;
     setStatus(status: {
         code: number;
         message?: string;
@@ -110,6 +182,57 @@ export interface OtelSpanLike {
         spanId: string;
         traceFlags: number;
     };
+    /** OTel `Span.addEvent` — optional in the duck-typed surface so
+     *  minimal test doubles still satisfy the interface. Explainability
+     *  signals degrade to flattened attributes when absent. */
+    addEvent?(name: string, attributes?: Record<string, OtelAttributeValue>): unknown;
+}
+/**
+ * footprintjs CombinedRecorder (FlowRecorder channel) that forwards
+ * decide()/select() operator-level evidence into the paired
+ * otelObservability strategy as span events. Attach via
+ * `Agent.create({...}).recorder(...)` or
+ * `executor.attachCombinedRecorder(...)`.
+ */
+export interface OtelDecisionEvidenceRecorder {
+    readonly id: string;
+    onDecision(event: FlowDecisionEvent): void;
+    onSelected(event: FlowSelectedEvent): void;
+}
+/** Return type of {@link otelObservability} — the base
+ *  ObservabilityStrategy plus the decide()/select() evidence bridge. */
+export interface OtelObservabilityStrategy extends ObservabilityStrategy {
+    /**
+     * Build the decide()/select() evidence bridge for this strategy.
+     *
+     * Operator-level decision evidence (which rule fired, the
+     * `key op threshold → actual` conditions) travels on footprintjs's
+     * FlowRecorder channel (`onDecision` / `onSelected`) — it never
+     * reaches the typed event dispatcher, so the strategy alone can't
+     * see it. This recorder is the bridge (same pattern as the #5
+     * causal-evidence bridge in `memory/causal/evidenceRecorder.ts`).
+     *
+     * Decisions WITHOUT structured evidence are skipped — they already
+     * arrive via the `agent.route_decided` / `composition.route_decided`
+     * typed events, so forwarding them here would double-report.
+     *
+     * @remarks PII: attaching this recorder EXPORTS bounded actual scope
+     * values to your OTel collector — each condition renders as
+     * `key op threshold → actualSummary (bool)`, where `actualSummary` is
+     * the engine's redaction-aware ≤80-char value summary (e.g.
+     * `creditScore gt 700 → 750 (true)`). Keys covered by a footprintjs
+     * `RedactionPolicy` render `[REDACTED]`; everything else leaves the
+     * process. For compliance record-keeping that disclosure is usually
+     * the point — but treat the collector as PII-bearing, or redact the
+     * relevant keys upstream, before attaching.
+     *
+     * @remarks Attach ONCE per executor. Every instance carries the
+     * well-known id `'otel-decision-evidence'`, so re-attaching is
+     * idempotent-by-ID (the replacement prevents double-reported span
+     * events); instances from the same strategy share its turn state by
+     * design.
+     */
+    decisionEvidenceRecorder(): OtelDecisionEvidenceRecorder;
 }
-export declare function otelObservability(opts: OtelObservabilityOptions): ObservabilityStrategy;
+export declare function otelObservability(opts: OtelObservabilityOptions): OtelObservabilityStrategy;
 //# sourceMappingURL=otel.d.ts.map

package/dist/types/adapters/observability/otel.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"otel.d.ts","sourceRoot":"","sources":["../../../../src/adapters/observability/otel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwEG;AAIH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAIvE,MAAM,WAAW,wBAAwB;IACvC;2CACuC;IACvC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B;;qEAEiE;IACjE,QAAQ,CAAC,MAAM,CAAC,EAAE,cAAc,CAAC;IACjC;;;;8DAI0D;IAC1D,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;CAC9B;AAID,8DAA8D;AAC9D,MAAM,WAAW,cAAc;IAC7B,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,YAAY,CAAC;CACrF;AAED,sDAAsD;AACtD,MAAM,WAAW,eAAe;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC;IACvD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,4DAA4D;AAC5D,MAAM,WAAW,YAAY;IAC3B,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC;IACrE,SAAS,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC;IAC/D,GAAG,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,IAAI;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;CACxE;AAgBD,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,wBAAwB,GAAG,qBAAqB,CA8OvF"}
+{"version":3,"file":"otel.d.ts","sourceRoot":"","sources":["../../../../src/adapters/observability/otel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsHG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGxE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAIvE,MAAM,WAAW,wBAAwB;IACvC;2CACuC;IACvC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B;;qEAEiE;IACjE,QAAQ,CAAC,MAAM,CAAC,EAAE,cAAc,CAAC;IACjC;;;;8DAI0D;IAC1D,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B;;;;;;;;;;;;OAYG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAClC;;;;;OAKG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;CACnC;AAID;;0DAE0D;AAC1D,MAAM,MAAM,kBAAkB,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,MAAM,EAAE,CAAC;AAE/E,8DAA8D;AAC9D,MAAM,WAAW,cAAc;IAC7B,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,YAAY,CAAC;CACrF;AAED,sDAAsD;AACtD,MAAM,WAAW,eAAe;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;IAChD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,4DAA4D;AAC5D,MAAM,WAAW,YAAY;IAC3B,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC;IAC9D,SAAS,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC;IAC/D,GAAG,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,IAAI;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IACvE;;+DAE2D;IAC3D,QAAQ,CAAC,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,GAAG,OAAO,CAAC;CACnF;AAgBD;;;;;;GAMG;AACH,MAAM,WAAW,4BAA4B;IAC3C,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,KAAK,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC3C,UAAU,CAAC,KAAK,EAAE,iBAAiB,GAAG,IAAI,CAAC;CAC5C;AAED;wEACwE;AACxE,MAAM,WAAW,yBAA0B,SAAQ,qBAAqB;IACtE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,wBAAwB,IAAI,4BAA4B,CAAC;CAC1D;AA2GD,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,wBAAwB,GAAG,yBAAyB,CA8rB3F"}

package/dist/types/adapters/observability/xray.d.ts

@@ -10,7 +10,13 @@
  *     stream.llm_start          ↦  push leaf subsegment (model call)
  *     stream.llm_end            ↦  close llm subsegment
  *     stream.tool_start         ↦  push leaf subsegment (tool call)
- *     stream.tool_end           ↦  close tool subsegment
+ *     stream.tool_end           ↦  close tool subsegment (correlated
+ *                                  by toolCallId — parallel-safe)
+ *     error.fatal               ↦  fault on root + close the whole
+ *                                  tree (turn_end never arrives)
+ *
+ * Events are anchored on `meta.runId` (the dispatcher envelope),
+ * with a `payload.runId` fallback for hand-built events.
  *
  * The result in the X-Ray Trace Map: a hierarchical timeline of every
  * agent run — turn → iteration → llm-call/tool-call — queryable in

package/dist/types/adapters/observability/xray.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"xray.d.ts","sourceRoot":"","sources":["../../../../src/adapters/observability/xray.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AAIH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAIvE,MAAM,WAAW,wBAAwB;IACvC,qEAAqE;IACrE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB;iCAC6B;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B;;oDAEgD;IAChD,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B;;0CAEsC;IACtC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC;yCACqC;IACrC,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,2DAA2D;IAC3D,QAAQ,CAAC,OAAO,CAAC,EAAE,cAAc,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,gBAAgB,CAAC,KAAK,EAAE;QAAE,qBAAqB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7F;AA6BD,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,wBAAwB,GAAG,qBAAqB,CA2QvF"}
+{"version":3,"file":"xray.d.ts","sourceRoot":"","sources":["../../../../src/adapters/observability/xray.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4DG;AAIH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAIvE,MAAM,WAAW,wBAAwB;IACvC,qEAAqE;IACrE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB;iCAC6B;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B;;oDAEgD;IAChD,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B;;0CAEsC;IACtC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC;yCACqC;IACrC,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,2DAA2D;IAC3D,QAAQ,CAAC,OAAO,CAAC,EAAE,cAAc,CAAC;CACnC;AAID,MAAM,WAAW,cAAc;IAC7B,gBAAgB,CAAC,KAAK,EAAE;QAAE,qBAAqB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7F;AA6BD,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,wBAAwB,GAAG,qBAAqB,CA4WvF"}

package/dist/types/lib/canonicalJson.d.ts

@@ -0,0 +1,57 @@
+/**
+ * canonicalJson — deterministic JSON serialization (`afp-cjson/1`).
+ *
+ * Pattern: Canonicalization function (RFC 8785 JCS-inspired, JS-native).
+ * Role:    The byte contract under the tamper-evident audit chain
+ *          (backlog #20). `AuditRecord.hash` = SHA-256 over the
+ *          canonical serialization of the record — two parties that
+ *          serialize the same VALUE must produce the same BYTES, or
+ *          verification breaks. These rules ARE the contract; bump the
+ *          identifier (`afp-cjson/2`) for ANY behavioral change.
+ *
+ * ## Canonicalization rules (`afp-cjson/1`)
+ *
+ *  1. **Objects** — own enumerable string-keyed properties only, keys
+ *     sorted lexicographically by UTF-16 code unit (JavaScript's
+ *     default `Array.prototype.sort()` comparison), serialized
+ *     `{"k":v,...}` with no whitespace. Symbol keys are ignored.
+ *  2. **Arrays** — element order preserved, `[v,...]` no whitespace.
+ *  3. **Strings** — `JSON.stringify` escaping (deterministic per the
+ *     ECMAScript spec: minimal escapes, lowercase `\uXXXX` hex).
+ *  4. **Numbers** — finite numbers via `JSON.stringify` (ECMAScript
+ *     shortest round-trip formatting). `NaN` / `±Infinity` → `null`
+ *     (JSON.stringify parity). `-0` serializes as `0`.
+ *  5. **`null`** → `null`. **`undefined`** — omitted as an object
+ *     property, `null` as an array element or top-level value
+ *     (JSON.stringify parity).
+ *  6. **Functions / symbols** — omitted as object properties, `null`
+ *     in arrays (JSON.stringify parity).
+ *  7. **`toJSON`** — honored before serialization (so `Date` →
+ *     ISO-8601 string, exactly like `JSON.stringify`).
+ *  8. **`bigint`** → `TypeError` (JSON.stringify parity). Sanitize
+ *     upstream (the audit bounding layer converts bigint to string).
+ *  9. **Cycles** → `TypeError`. Canonicalization is defined over
+ *     JSON-safe trees; the audit bounding layer breaks cycles first.
+ *
+ * The domain is "anything `JSON.parse` can produce" (the audit bundle
+ * is JSON); for other inputs the behavior mirrors `JSON.stringify`
+ * except that object keys are SORTED. Verification re-canonicalizes
+ * records that came through `JSON.parse(JSON.stringify(bundle))`, so
+ * round-tripping a bundle never changes its hashes.
+ *
+ * Browser-safe: no Node imports — pure computation.
+ */
+/** Identifier of the canonicalization rules implemented by
+ *  {@link canonicalJson}. Carried on `AuditBundleHeader.canonicalization`
+ *  so offline verifiers can reject bundles produced under different
+ *  rules instead of mis-verifying them. */
+export declare const CANONICAL_JSON_VERSION = "afp-cjson/1";
+/**
+ * Serialize `value` to canonical JSON (see module docs for the exact
+ * `afp-cjson/1` rules). Deterministic: equal values (after key
+ * reordering) always produce identical strings.
+ *
+ * @throws TypeError on circular references or bigint values.
+ */
+export declare function canonicalJson(value: unknown): string;
+//# sourceMappingURL=canonicalJson.d.ts.map

package/dist/types/lib/canonicalJson.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonicalJson.d.ts","sourceRoot":"","sources":["../../../src/lib/canonicalJson.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0CG;AAEH;;;2CAG2C;AAC3C,eAAO,MAAM,sBAAsB,gBAAgB,CAAC;AAEpD;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAMpD"}

package/dist/types/observability-providers.d.ts

@@ -41,5 +41,7 @@
 export { agentcoreObservability, type AgentcoreObservabilityOptions, } from './adapters/observability/agentcore.js';
 export { cloudwatchObservability, type CloudwatchObservabilityOptions, } from './adapters/observability/cloudwatch.js';
 export { xrayObservability, type XrayObservabilityOptions, type XRayLikeClient, } from './adapters/observability/xray.js';
-export { otelObservability, type OtelObservabilityOptions, type OtelTracerLike, type OtelSpanLike, type OtelSpanOptions, } from './adapters/observability/otel.js';
+export { otelObservability, type OtelObservabilityOptions, type OtelObservabilityStrategy, type OtelDecisionEvidenceRecorder, type OtelTracerLike, type OtelSpanLike, type OtelSpanOptions, type OtelAttributeValue, } from './adapters/observability/otel.js';
+export { auditExport, verifyAuditBundle, AUDIT_BUNDLE_FORMAT, AUDIT_GENESIS_EVENT_TYPE, AUDIT_ZERO_HASH, type AuditBundle, type AuditBundleHeader, type AuditExportOptions, type AuditExportStrategy, type AuditRecord, type AuditVerifyResult, } from './adapters/observability/audit.js';
+export { canonicalJson, CANONICAL_JSON_VERSION } from './lib/canonicalJson.js';
 //# sourceMappingURL=observability-providers.d.ts.map

package/dist/types/observability-providers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"observability-providers.d.ts","sourceRoot":"","sources":["../../src/observability-providers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,OAAO,EACL,sBAAsB,EACtB,KAAK,6BAA6B,GACnC,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACL,uBAAuB,EACvB,KAAK,8BAA8B,GACpC,MAAM,wCAAwC,CAAC;AAChD,OAAO,EACL,iBAAiB,EACjB,KAAK,wBAAwB,EAC7B,KAAK,cAAc,GACpB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EACL,iBAAiB,EACjB,KAAK,wBAAwB,EAC7B,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,GACrB,MAAM,kCAAkC,CAAC"}
+{"version":3,"file":"observability-providers.d.ts","sourceRoot":"","sources":["../../src/observability-providers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,OAAO,EACL,sBAAsB,EACtB,KAAK,6BAA6B,GACnC,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACL,uBAAuB,EACvB,KAAK,8BAA8B,GACpC,MAAM,wCAAwC,CAAC;AAChD,OAAO,EACL,iBAAiB,EACjB,KAAK,wBAAwB,EAC7B,KAAK,cAAc,GACpB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EACL,iBAAiB,EACjB,KAAK,wBAAwB,EAC7B,KAAK,yBAAyB,EAC9B,KAAK,4BAA4B,EACjC,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,kBAAkB,GACxB,MAAM,kCAAkC,CAAC;AAI1C,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,mBAAmB,EACnB,wBAAwB,EACxB,eAAe,EACf,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,WAAW,EAChB,KAAK,iBAAiB,GACvB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentfootprint",
-  "version": "6.16.0",
+  "version": "6.18.0",
   "description": "The explainable agent framework — build AI agents you can explain, audit, and trust. Built on footprintjs.",
   "license": "MIT",
   "author": "Sanjay Krishna Anbalagan",
@@ -169,7 +169,8 @@
       "types": "./dist/types/status.d.ts",
       "import": "./dist/esm/status.js",
       "require": "./dist/status.js"
-    }
+    },
+    "./package.json": "./package.json"
   },
   "sideEffects": [
     "**/cache/strategies/*.js",