botinabox 1.4.2 → 1.6.0

package/README.md

@@ -5,6 +5,12 @@ A modular TypeScript framework for building multi-agent bots with LLM orchestrat
 ## Features
 
 - **Multi-agent orchestration** -- Define agents with different models, roles, and execution adapters. Task queue with priority scheduling, retry policies, and followup chains.
+- **Two-tier agents** -- Deterministic adapter for tasks that don't need LLM reasoning (routing, validation, data fetching). API and CLI adapters for LLM-driven tasks.
+- **Triage routing** -- Content-aware message routing with keyword/regex matching, priority rules, and LLM fallback for ambiguous messages. Ownership chain logging for every routing decision.
+- **Loop detection and circuit breakers** -- Pattern-based loop detection (self-loops, ping-pong, blocked re-entry) plus circuit breakers with automatic human escalation when agents fail repeatedly.
+- **Learning pipeline** -- Structured feedback capture with auto-promotion: 3+ similar feedback records become a playbook, playbooks used by 3+ agents become reusable skills. Two-axis scoring (accuracy + efficiency).
+- **Governance gates** -- Independent QA, quality, and drift gates that validate agent output and report to the human operator. Gates run independently and cannot override each other.
+- **Permission relay** -- Remote approval for unattended agents via messaging platforms (Slack, Discord, Telegram). Dual approval: local terminal and remote, first response wins.
 - **LLM provider abstraction** -- Swap between Anthropic, OpenAI, and Ollama with a unified interface. Model aliasing, purpose-based routing, and fallback chains.
 - **Channel adapters** -- Connect to Slack, Discord, and webhooks. Auto-discovery, session management, and notification queuing.
 - **Workflow engine** -- Define multi-step workflows with dependency resolution, parallel execution, and conditional branching.
@@ -15,8 +21,6 @@ A modular TypeScript framework for building multi-agent bots with LLM orchestrat
 - **Connectors** -- Generic `Connector<T>` interface for external service integrations. Ships with Google Gmail and Calendar implementations (OAuth2 and service account auth).
 - **Domain tables** -- `defineDomainTables()` and `defineDomainEntityContexts()` for standard multi-agent app schemas (org, project, client, invoice, repository, and more).
 - **Auto-update** -- `autoUpdate()` checks npm for newer versions and installs them at startup.
-- **Cursor persistence** -- `SecretStore.loadCursor()` / `saveCursor()` for persisting sync state across restarts.
-- **Utilities** -- `truncateAtWord()` for word-boundary text truncation, `parseClaudeStream()`, `buildProcessEnv()`, and more.
 - **Security** -- Input sanitization, field length enforcement, audit logging, and HMAC webhook verification.
 
 ## Install
@@ -128,10 +132,10 @@ hooks.register('run.completed', async (ctx) => {
                                    |
               +--------------------+--------------------+
               v                    v                    v
-    +------------------+  +------------------+  +---------------+
-    |  CLI Adapter      |  |  API Adapter      |  |  Custom       |
-    |  (subprocess)     |  |  (LLM + tools)    |  |  Adapters     |
-    +------------------+  +--------+----------+  +---------------+
+    +------------------+  +------------------+  +------------------+
+    |  CLI Adapter      |  |  API Adapter      |  |  Deterministic   |
+    |  (subprocess)     |  |  (LLM + tools)    |  |  (no LLM)        |
+    +------------------+  +--------+----------+  +------------------+
                                    |
                     +--------------v-----------------------+
                     |         LLM Layer                     |

package/dist/index.d.ts

@@ -848,14 +848,95 @@ declare class MessagePipeline {
 /**
  * Chat routing — maps channel/scope to agentId.
  * Story 4.2
+ *
+ * @deprecated Use TriageRouter for content-aware routing with keyword/regex
+ * matching and LLM fallback. This static channel→agent binding is kept for
+ * backward compatibility only. See `./triage-router.ts`.
  */
 
 /**
  * Build a map from channel identifier to agentId.
  * Each agent may have a config.channel or config.channels binding.
+ *
+ * @deprecated Use TriageRouter instead — it supports keyword, regex,
+ * and LLM-based routing with ownership chain logging.
  */
 declare function buildAgentBindings(agents: AgentConfig[]): Map<string, string>;
 
+/**
+ * TriageRouter — content-based routing with deterministic-first resolution.
+ * Story 6.3
+ *
+ * Replaces the simple channel→agent binding with intelligent routing:
+ * 1. Keyword/regex rules evaluated first (deterministic, ~4ms)
+ * 2. LLM classification only for ambiguous messages (async, ~2-4s)
+ * 3. Ownership chain logged for every routing decision
+ *
+ * Key constraint: specialists return to triage, never to another specialist.
+ */
+
+interface RoutingRule {
+    /** Target agent slug */
+    agentSlug: string;
+    /** Keywords that trigger this rule (case-insensitive) */
+    keywords?: string[];
+    /** Regex patterns that trigger this rule */
+    patterns?: string[];
+    /** Priority — lower number wins ties. Default: 50 */
+    priority?: number;
+}
+interface RoutingDecision {
+    timestamp: string;
+    source: string;
+    target: string;
+    reason: string;
+    method: 'deterministic' | 'llm';
+    messageId?: string;
+    channel?: string;
+}
+interface TriageRouterConfig {
+    /** Static routing rules evaluated deterministically */
+    rules: RoutingRule[];
+    /** Fallback agent if no rule matches and LLM is unavailable */
+    fallbackAgent?: string;
+    /** Whether to use LLM for ambiguous messages. Default: true */
+    llmFallback?: boolean;
+    /** Log decisions to the database. Default: true */
+    persist?: boolean;
+}
+declare class TriageRouter {
+    private db;
+    private hooks;
+    private readonly rules;
+    private readonly fallbackAgent?;
+    private readonly llmFallback;
+    private readonly persist;
+    private readonly compiledRules;
+    constructor(db: DataStore, hooks: HookBus, config: TriageRouterConfig);
+    /**
+     * Route an inbound message to the best agent.
+     * Returns the agent slug and the routing decision.
+     */
+    route(msg: InboundMessage): Promise<{
+        agentSlug: string | undefined;
+        decision: RoutingDecision;
+    }>;
+    /**
+     * Query the ownership chain for a given message or channel.
+     */
+    getDecisionHistory(filter?: {
+        channel?: string;
+        limit?: number;
+    }): Promise<RoutingDecision[]>;
+    /**
+     * LLM classification — emits a hook for external LLM integration.
+     * Returns agent slug + reason, or undefined if LLM is unavailable.
+     */
+    private classifyWithLLM;
+    private buildDecision;
+    private logDecision;
+}
+
 /**
  * Chat policy helpers — allowlist and mention gate checks.
  * Story 4.2
@@ -1233,6 +1314,71 @@ declare function autoUpdate(packages?: string[], opts?: {
     quiet?: boolean;
 }): Promise<UpdateResult>;
 
+/**
+ * CircuitBreaker — prevents runaway agent failures with automatic escalation.
+ * Story 6.2
+ *
+ * States:
+ *   CLOSED  → normal operation, failures counted
+ *   OPEN    → tripped, all executions blocked, escalated to human
+ *   HALF_OPEN → probe mode, one execution allowed to test recovery
+ *
+ * Integrates with LoopDetector and RunManager via HookBus events.
+ */
+
+declare enum BreakerState {
+    CLOSED = "closed",
+    OPEN = "open",
+    HALF_OPEN = "half_open"
+}
+interface CircuitBreakerConfig {
+    /** Failures before tripping. Default: 3 */
+    failureThreshold?: number;
+    /** Milliseconds to wait before half-open probe. Default: 300_000 (5 min) */
+    resetTimeoutMs?: number;
+    /** Log events to the database. Default: true */
+    persist?: boolean;
+}
+declare class CircuitBreaker {
+    private db;
+    private hooks;
+    private readonly breakers;
+    private readonly failureThreshold;
+    private readonly resetTimeoutMs;
+    private readonly persist;
+    constructor(db: DataStore, hooks: HookBus, config?: CircuitBreakerConfig);
+    /**
+     * Check if an agent is allowed to execute.
+     * Returns true if execution is allowed, false if circuit is open.
+     */
+    canExecute(agentId: string): boolean;
+    /**
+     * Record a successful execution. Resets the breaker to CLOSED.
+     */
+    recordSuccess(agentId: string): Promise<void>;
+    /**
+     * Record a failed execution. Increments failure count and may trip breaker.
+     */
+    recordFailure(agentId: string, reason?: string): Promise<void>;
+    /**
+     * Trip the breaker to OPEN state and escalate to human.
+     */
+    trip(agentId: string, reason: string): Promise<void>;
+    /**
+     * Manually reset a breaker (e.g. after human review).
+     */
+    reset(agentId: string): Promise<void>;
+    /**
+     * Get the current state of a breaker.
+     */
+    getState(agentId: string): BreakerState;
+    /**
+     * Get failure count for an agent.
+     */
+    getFailureCount(agentId: string): number;
+    private logEvent;
+}
+
 declare class RunManager {
     private db;
     private hooks;
@@ -1240,10 +1386,15 @@ declare class RunManager {
     private locks;
     private orphanTimer;
     private readonly staleThresholdMs;
+    private circuitBreaker?;
     constructor(db: DataStore, hooks: HookBus, config?: {
         staleThresholdMs?: number;
         maxBackoffMs?: number;
     } | undefined);
+    /**
+     * Attach a CircuitBreaker to prevent retries on broken agents.
+     */
+    setCircuitBreaker(cb: CircuitBreaker): void;
     isLocked(agentId: string): boolean;
     startRun(agentId: string, taskId: string, adapter?: string): Promise<string>;
     finishRun(runId: string, result: {
@@ -1508,6 +1659,387 @@ declare class CliExecutionAdapter {
     }>;
 }
 
+/**
+ * DeterministicAdapter — executes scripts without LLM calls.
+ * Story 6.1
+ *
+ * For tasks that don't require reasoning: routing, validation,
+ * data fetching, file transforms. Runs a user-specified command
+ * (Python, Node, bash) as a subprocess with task context on stdin.
+ */
+interface DeterministicConfig {
+    command: string;
+    args?: string[];
+    env?: Record<string, string>;
+    timeoutMs?: number;
+    inputMode?: 'stdin' | 'arg';
+}
+declare class DeterministicAdapter {
+    readonly type = "deterministic";
+    execute(ctx: {
+        agent: {
+            id: string;
+            cwd?: string;
+            adapter_config?: string;
+        };
+        task: {
+            title: string;
+            description?: string;
+            context?: string;
+        };
+        abortSignal?: AbortSignal;
+        onLog?: (stream: string, chunk: string) => void;
+    }): Promise<{
+        output: string;
+        exitCode: number;
+    }>;
+}
+
+/**
+ * LoopDetector — pattern-based loop detection for agent routing.
+ * Story 6.2
+ *
+ * Complements chain-guard's depth limit with active pattern detection:
+ * - Self-loop: agent routes a task back to itself
+ * - Ping-pong: two agents bounce tasks between each other (A→B→A→B)
+ * - Blocked re-entry: a task re-enters the system after being blocked
+ */
+
+declare enum LoopType {
+    SELF_LOOP = "self_loop",
+    PING_PONG = "ping_pong",
+    BLOCKED_REENTRY = "blocked_reentry"
+}
+interface LoopDetection {
+    type: LoopType;
+    agents: string[];
+    taskId: string;
+    chainOriginId?: string;
+    message: string;
+}
+interface LoopDetectorConfig {
+    /** Number of recent followup records to scan. Default: 10 */
+    windowSize?: number;
+    /** Minimum repetitions to confirm ping-pong. Default: 2 */
+    pingPongThreshold?: number;
+}
+declare class LoopDetector {
+    private db;
+    private readonly windowSize;
+    private readonly pingPongThreshold;
+    constructor(db: DataStore, config?: LoopDetectorConfig);
+    /**
+     * Check for loops before creating a followup task.
+     * Returns a LoopDetection if a loop pattern is found, undefined otherwise.
+     */
+    check(sourceAgentId: string, targetAgentId: string, taskId: string, chainOriginId?: string): Promise<LoopDetection | undefined>;
+    /**
+     * Check if an agent is routing to itself.
+     */
+    private checkSelfLoop;
+    /**
+     * Check if a previously blocked task is being re-entered.
+     */
+    private checkBlockedReentry;
+    /**
+     * Check for A→B→A→B ping-pong by scanning recent tasks in the chain.
+     */
+    private checkPingPong;
+}
+
+/**
+ * LearningPipeline — turns execution experience into durable knowledge.
+ * Story 6.5
+ *
+ * Promotion ladder:
+ *   Execution → Feedback (structured capture)
+ *     → 3+ similar → Playbook (generalized rule)
+ *       → 3+ projects → Skill (executable behavior)
+ *         → Agent-Skill Matrix → Per-Agent Context
+ *
+ * Two-axis evaluation:
+ *   - Accuracy: was the output correct?
+ *   - Efficiency: how fast / how many tokens?
+ */
+
+interface FeedbackEntry {
+    agentId: string;
+    taskId?: string;
+    issue: string;
+    rootCause?: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    repeatable: boolean;
+    accuracyScore?: number;
+    efficiencyScore?: number;
+    tags?: string[];
+}
+interface PlaybookEntry {
+    pattern: string;
+    rule: string;
+    feedbackIds: string[];
+    projectScoped: boolean;
+    agentIds?: string[];
+}
+interface SkillEntry {
+    name: string;
+    slug: string;
+    description?: string;
+    behavior: string;
+    sourcePlaybookIds: string[];
+    category?: string;
+}
+interface LearningPipelineConfig {
+    /** Feedback count threshold for playbook promotion. Default: 3 */
+    playbookThreshold?: number;
+    /** Project count threshold for skill promotion. Default: 3 */
+    skillThreshold?: number;
+    /** Auto-promote when thresholds are met. Default: false */
+    autoPromote?: boolean;
+}
+declare class LearningPipeline {
+    private db;
+    private hooks;
+    private readonly playbookThreshold;
+    private readonly skillThreshold;
+    private readonly autoPromote;
+    constructor(db: DataStore, hooks: HookBus, config?: LearningPipelineConfig);
+    /**
+     * Capture a structured feedback record from an execution.
+     */
+    captureFeedback(entry: FeedbackEntry): Promise<string>;
+    /**
+     * Get all feedback records, optionally filtered.
+     */
+    listFeedback(filter?: {
+        agentId?: string;
+        severity?: string;
+        repeatable?: boolean;
+    }): Promise<Array<Record<string, unknown>>>;
+    /**
+     * Check if feedback records with similar issues should be promoted to a playbook.
+     * Groups by issue text similarity (exact match for now).
+     */
+    checkPlaybookPromotion(issue: string): Promise<string | undefined>;
+    /**
+     * Manually create a playbook from a set of feedback records.
+     */
+    promoteToPlaybook(entry: PlaybookEntry): Promise<string>;
+    /**
+     * List playbooks, optionally filtered.
+     */
+    listPlaybooks(filter?: {
+        projectScoped?: boolean;
+    }): Promise<Array<Record<string, unknown>>>;
+    /**
+     * Check if a playbook should be promoted to a skill.
+     * A playbook becomes a skill when it works across multiple projects
+     * (indicated by being referenced by agents in different contexts).
+     */
+    checkSkillPromotion(playbookId: string): Promise<string | undefined>;
+    /**
+     * Manually promote a playbook to a reusable skill.
+     */
+    promoteToSkill(entry: SkillEntry): Promise<string>;
+    /**
+     * Assign a skill to an agent.
+     */
+    assignSkill(agentId: string, skillId: string): Promise<void>;
+    /**
+     * Get learning metrics for an agent.
+     */
+    getMetrics(agentId: string): Promise<{
+        feedbackCount: number;
+        avgAccuracy: number | null;
+        avgEfficiency: number | null;
+        playbookCount: number;
+        skillCount: number;
+    }>;
+}
+
+/**
+ * PermissionRelay — remote approval for unattended agent execution.
+ * Story 6.6
+ *
+ * When an agent needs human approval but the operator is away:
+ * 1. Post the approval prompt to a messaging platform (Slack, Discord, etc.)
+ * 2. Poll for response (approve/deny)
+ * 3. Relay the decision back to the agent
+ *
+ * Dual approval: local terminal + remote messaging. First response wins.
+ * Race condition handled by atomic state transition.
+ */
+
+type ApprovalStatus = 'pending' | 'approved' | 'denied' | 'expired';
+interface PermissionPrompt {
+    id: string;
+    agentId: string;
+    action: string;
+    context?: string;
+    requestedAt: string;
+    expiresAt?: string;
+}
+interface ApprovalResponse {
+    promptId: string;
+    status: 'approved' | 'denied';
+    respondedBy: string;
+    respondedAt: string;
+    comment?: string;
+}
+/**
+ * Provider interface — implement for each messaging platform.
+ */
+interface PermissionProvider {
+    readonly id: string;
+    /** Post an approval request, return a handle for polling. */
+    sendPrompt(prompt: PermissionPrompt): Promise<string>;
+    /** Check for a response. Returns undefined if still pending. */
+    pollResponse(handle: string): Promise<ApprovalResponse | undefined>;
+    /** Cancel a pending prompt (e.g. after local approval). */
+    cancelPrompt(handle: string): Promise<void>;
+}
+interface PermissionRelayConfig {
+    /** Registered providers (e.g. Slack, Discord adapters) */
+    providers: PermissionProvider[];
+    /** Poll interval in ms. Default: 5000 */
+    pollIntervalMs?: number;
+    /** Timeout for pending approvals in ms. Default: 300_000 (5 min) */
+    timeoutMs?: number;
+}
+declare class PermissionRelay {
+    private hooks;
+    private readonly providers;
+    private readonly pollIntervalMs;
+    private readonly timeoutMs;
+    private readonly pending;
+    constructor(hooks: HookBus, config: PermissionRelayConfig);
+    /**
+     * Request approval from all configured providers.
+     * Returns when the first provider responds (approve or deny).
+     */
+    requestApproval(prompt: PermissionPrompt): Promise<ApprovalResponse>;
+    /**
+     * Provide a local approval (from terminal).
+     * Resolves the pending request and cancels remote providers.
+     */
+    approveLocally(promptId: string, approved: boolean): Promise<void>;
+    /**
+     * Get all pending approval requests.
+     */
+    getPending(): PermissionPrompt[];
+    private cancelOtherProviders;
+}
+
+/**
+ * GovernanceGate — independent validation gates for agent output.
+ * Story 6.7
+ *
+ * Key principle: gates report to the HUMAN, not to each other
+ * or to a project manager agent. Structural independence prevents capture.
+ *
+ * Gate dimensions:
+ *   QA       — data correctness (schema, row counts, format)
+ *   Quality  — code quality (lint, coverage, patterns)
+ *   Drift    — architectural drift (unintended dependencies, scope creep)
+ */
+
+type GateVerdict = 'pass' | 'fail' | 'warn';
+interface GateResult {
+    gateId: string;
+    verdict: GateVerdict;
+    findings: GateFinding[];
+    checkedAt: string;
+    durationMs: number;
+}
+interface GateFinding {
+    severity: 'info' | 'warning' | 'error' | 'critical';
+    message: string;
+    location?: string;
+    suggestion?: string;
+}
+interface GateInput {
+    agentId: string;
+    taskId: string;
+    output: string;
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Base class for governance gates. Each gate checks a different dimension.
+ * Gates are structurally independent — they report to the human operator,
+ * not to each other or to any agent.
+ */
+declare abstract class GovernanceGate {
+    abstract readonly id: string;
+    abstract readonly name: string;
+    abstract readonly dimension: string;
+    /**
+     * Run the gate check on agent output.
+     * Must return a verdict and any findings.
+     */
+    abstract check(input: GateInput): Promise<GateResult>;
+}
+/**
+ * QA Gate — validates data correctness.
+ * Checks: schema conformance, row counts, format validation.
+ */
+declare class QAGate extends GovernanceGate {
+    private validators;
+    readonly id = "qa";
+    readonly name = "Quality Assurance";
+    readonly dimension = "data_correctness";
+    constructor(validators?: Array<{
+        name: string;
+        validate: (output: string, metadata?: Record<string, unknown>) => GateFinding[];
+    }>);
+    check(input: GateInput): Promise<GateResult>;
+}
+/**
+ * Quality Gate — validates code quality.
+ * Checks: lint results, test coverage, review patterns.
+ */
+declare class QualityGate extends GovernanceGate {
+    private checks;
+    readonly id = "quality";
+    readonly name = "Code Quality";
+    readonly dimension = "code_quality";
+    constructor(checks?: Array<{
+        name: string;
+        check: (output: string, metadata?: Record<string, unknown>) => Promise<GateFinding[]>;
+    }>);
+    check(input: GateInput): Promise<GateResult>;
+}
+/**
+ * Drift Gate — detects architectural drift.
+ * Checks: unintended dependencies, scope creep, pattern violations.
+ */
+declare class DriftGate extends GovernanceGate {
+    private rules;
+    readonly id = "drift";
+    readonly name = "Architectural Drift";
+    readonly dimension = "architecture";
+    constructor(rules?: Array<{
+        name: string;
+        detect: (output: string, metadata?: Record<string, unknown>) => GateFinding[];
+    }>);
+    check(input: GateInput): Promise<GateResult>;
+}
+/**
+ * GateRunner — orchestrates multiple independent gates on agent output.
+ * Each gate runs independently. Results are reported to the human, not to agents.
+ */
+declare class GateRunner {
+    private gates;
+    private hooks;
+    constructor(gates: GovernanceGate[], hooks: HookBus);
+    /**
+     * Run all gates on the given input.
+     * Gates run independently — one failure doesn't block others.
+     */
+    runAll(input: GateInput): Promise<{
+        passed: boolean;
+        results: GateResult[];
+    }>;
+}
+
 interface SecretInput {
     name: string;
     type?: string;
@@ -1596,4 +2128,4 @@ declare function isLoginRequired(stdout: string): boolean;
 /** Rewrite local image paths to prevent CLI auto-embedding as vision content. */
 declare function deactivateLocalImagePaths(prompt: string): string;
 
-export { AGENT_STATUSES, type AgentConfig, type AgentDefinition, type AgentFilter, type AgentRecord, AgentRegistry, type AgentStatus, ApiExecutionAdapter, AuditEmitter, type AuditEvent, BackupManager, type BotConfig, type BudgetCheck, type BudgetConfig, BudgetController, CORE_MIGRATIONS, ChannelAdapter, ChannelRegistry, ChannelRegistryError, ChatMessage, ChatSessionManager, CliExecutionAdapter, type ColumnValidator, ColumnValidatorImpl, type ConfigLoadError, type ConfigLoadResult, ConnectorConfig, DEFAULTS, DEFAULT_CONFIG, type DataConfig, DataStore, DataStoreError, type DomainEntityContextOptions, type DomainSchemaOptions, EVENTS, type EntityColumnDef, type EntityConfig, type EntityContextDef, type EntityFileSpec, type EntitySource, type ExecutionAdapter, type Filter, HealthStatus, HookBus, type HookHandler, type HookOptions, type HookRegistration, InboundMessage, LLMProvider, MAX_CHAIN_DEPTH, MessagePipeline, type ModelConfig, ModelInfo, ModelRouter, NdjsonLogger, NotificationQueue, type PackageMigration, type PackageUpdate, type ParsedStream, type PkLookup, ProviderRegistry, type QueryOptions, RUN_STATUSES, type RelationDef, type RenderConfig, ResolvedModel, type RetryPolicy, type Row, type RunContext, RunManager, type RunResult, type RunStatus, type SanitizerOptions, type Schedule, type ScheduleDef, Scheduler, type SchemaError, type SecretInput, type SecretMeta, SecretStore, type SecurityConfig, type SeedItem, SessionKey, SessionManager, type SqliteAdapter, type StepRef, TASK_STATUSES, type TableDefinition, type TableInfoRow, type TaskDefinition, TaskQueue, type TaskRecord, type TaskStatus, TokenUsage, type Unsubscribe, UpdateChecker, type UpdateConfig, UpdateManager, type UpdateManifest, type UsageSummary, type User, type UserInput, UserRegistry, WakeupQueue, type WorkflowConfigEntry, type WorkflowDefinition$1 as WorkflowDefinition, WorkflowEngine, type WorkflowRunRecord, type WorkflowRunStatus, type WorkflowStep$1 as WorkflowStep, type WorkflowStepConfig, type WorkflowTrigger, _resetConfig, areDependenciesMet, autoUpdate, buildAgentBindings, buildChainOrigin, buildProcessEnv, checkAllowlist, checkChainDepth, checkMentionGate, chunkText, classifyUpdate, compareVersions, createConfigRevision, deactivateLocalImagePaths, defineCoreEntityContexts, defineCoreTables, defineDomainEntityContexts, defineDomainTables, detectCycle, discoverChannels, discoverProviders, formatText, getConfig, initConfig, interpolate, interpolateEnv, isLoginRequired, isMaxTurns, loadConfig, parseClaudeStream, parseVersion, runPackageMigrations, sanitize, topologicalSort, truncateAtWord, validateConfig };
+export { AGENT_STATUSES, type AgentConfig, type AgentDefinition, type AgentFilter, type AgentRecord, AgentRegistry, type AgentStatus, ApiExecutionAdapter, type ApprovalResponse, type ApprovalStatus, AuditEmitter, type AuditEvent, BackupManager, type BotConfig, BreakerState, type BudgetCheck, type BudgetConfig, BudgetController, CORE_MIGRATIONS, ChannelAdapter, ChannelRegistry, ChannelRegistryError, ChatMessage, ChatSessionManager, CircuitBreaker, type CircuitBreakerConfig, CliExecutionAdapter, type ColumnValidator, ColumnValidatorImpl, type ConfigLoadError, type ConfigLoadResult, ConnectorConfig, DEFAULTS, DEFAULT_CONFIG, type DataConfig, DataStore, DataStoreError, DeterministicAdapter, type DeterministicConfig, type DomainEntityContextOptions, type DomainSchemaOptions, DriftGate, EVENTS, type EntityColumnDef, type EntityConfig, type EntityContextDef, type EntityFileSpec, type EntitySource, type ExecutionAdapter, type FeedbackEntry, type Filter, type GateFinding, type GateInput, type GateResult, GateRunner, type GateVerdict, GovernanceGate, HealthStatus, HookBus, type HookHandler, type HookOptions, type HookRegistration, InboundMessage, LLMProvider, LearningPipeline, type LearningPipelineConfig, type LoopDetection, LoopDetector, type LoopDetectorConfig, LoopType, MAX_CHAIN_DEPTH, MessagePipeline, type ModelConfig, ModelInfo, ModelRouter, NdjsonLogger, NotificationQueue, type PackageMigration, type PackageUpdate, type ParsedStream, type PermissionPrompt, type PermissionProvider, PermissionRelay, type PermissionRelayConfig, type PkLookup, type PlaybookEntry, ProviderRegistry, QAGate, QualityGate, type QueryOptions, RUN_STATUSES, type RelationDef, type RenderConfig, ResolvedModel, type RetryPolicy, type RoutingDecision, type RoutingRule, type Row, type RunContext, RunManager, type RunResult, type RunStatus, type SanitizerOptions, type Schedule, type ScheduleDef, Scheduler, type SchemaError, type SecretInput, type SecretMeta, SecretStore, type SecurityConfig, type SeedItem, SessionKey, SessionManager, type SkillEntry, type SqliteAdapter, type StepRef, TASK_STATUSES, type TableDefinition, type TableInfoRow, type TaskDefinition, TaskQueue, type TaskRecord, type TaskStatus, TokenUsage, TriageRouter, type TriageRouterConfig, type Unsubscribe, UpdateChecker, type UpdateConfig, UpdateManager, type UpdateManifest, type UsageSummary, type User, type UserInput, UserRegistry, WakeupQueue, type WorkflowConfigEntry, type WorkflowDefinition$1 as WorkflowDefinition, WorkflowEngine, type WorkflowRunRecord, type WorkflowRunStatus, type WorkflowStep$1 as WorkflowStep, type WorkflowStepConfig, type WorkflowTrigger, _resetConfig, areDependenciesMet, autoUpdate, buildAgentBindings, buildChainOrigin, buildProcessEnv, checkAllowlist, checkChainDepth, checkMentionGate, chunkText, classifyUpdate, compareVersions, createConfigRevision, deactivateLocalImagePaths, defineCoreEntityContexts, defineCoreTables, defineDomainEntityContexts, defineDomainTables, detectCycle, discoverChannels, discoverProviders, formatText, getConfig, initConfig, interpolate, interpolateEnv, isLoginRequired, isMaxTurns, loadConfig, parseClaudeStream, parseVersion, runPackageMigrations, sanitize, topologicalSort, truncateAtWord, validateConfig };