capacitor-native-agent 0.9.13 → 0.9.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -273,14 +273,21 @@ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod3)(uint64_t, RustB
273
273
  #endif
274
274
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
275
275
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
276
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, void* _Nonnull,
276
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, RustBuffer, RustBuffer, RustBuffer, RustBuffer, void* _Nonnull,
277
277
  RustCallStatus *_Nonnull uniffiCallStatus
278
278
  );
279
279
 
280
280
  #endif
281
281
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
282
282
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
283
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
283
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, void* _Nonnull,
284
+ RustCallStatus *_Nonnull uniffiCallStatus
285
+ );
286
+
287
+ #endif
288
+ #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
289
+ #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
290
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod6)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
284
291
  RustCallStatus *_Nonnull uniffiCallStatus
285
292
  );
286
293
 
@@ -357,8 +364,9 @@ typedef struct UniffiVTableCallbackInterfaceGovernanceProvider {
357
364
  UniffiCallbackInterfaceGovernanceProviderMethod1 _Nonnull recordOutcome;
358
365
  UniffiCallbackInterfaceGovernanceProviderMethod2 _Nonnull recordAudit;
359
366
  UniffiCallbackInterfaceGovernanceProviderMethod3 _Nonnull checkSink;
360
- UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull reset;
361
- UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull recordUsage;
367
+ UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull registerTaint;
368
+ UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull reset;
369
+ UniffiCallbackInterfaceGovernanceProviderMethod6 _Nonnull recordUsage;
362
370
  } UniffiVTableCallbackInterfaceGovernanceProvider;
363
371
 
364
372
  #endif
@@ -610,7 +618,7 @@ RustBuffer uniffi_native_agent_ffi_fn_method_nativeagenthandle_serialize_agent_e
610
618
  #endif
611
619
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
612
620
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
613
- void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustCallStatus *_Nonnull out_status
621
+ void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustBuffer base_url, RustCallStatus *_Nonnull out_status
614
622
  );
615
623
  #endif
616
624
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_EVENT_CALLBACK
@@ -1325,6 +1333,12 @@ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_record_audit
1325
1333
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_CHECK_SINK
1326
1334
  uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_check_sink(void
1327
1335
 
1336
+ );
1337
+ #endif
1338
+ #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1339
+ #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1340
+ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_register_taint(void
1341
+
1328
1342
  );
1329
1343
  #endif
1330
1344
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_RESET
@@ -682,7 +682,12 @@ public protocol NativeAgentHandleProtocol: AnyObject, Sendable {
682
682
  func resetToolPermissions() throws
683
683
 
684
684
  /**
685
- * Respond to a tool approval request.
685
+ * Respond to a tool approval request (legacy boolean entry point).
686
+ *
687
+ * Retained as the UniFFI-facing API for mobile callers that pass a plain
688
+ * boolean. Internally delegates to `respond_to_approval_decision` (a
689
+ * Rust-only helper, not UniFFI-exported) with no `decision`/`answers`,
690
+ * preserving today's behavior.
686
691
  */
687
692
  func respondToApproval(toolCallId: String, approved: Bool, reason: String?) throws
688
693
 
@@ -732,8 +737,13 @@ public protocol NativeAgentHandleProtocol: AnyObject, Sendable {
732
737
 
733
738
  /**
734
739
  * Set an auth key for a provider.
740
+ *
741
+ * `base_url`, when set, overrides the provider's hardcoded endpoint — used
742
+ * to point the driver at a backend proxy that injects the real API key
743
+ * server-side, so the device never holds the provider secret. `None` ⇒
744
+ * the provider's default endpoint (unchanged behavior).
735
745
  */
736
- func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?) throws
746
+ func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?, baseUrl: String?) throws
737
747
 
738
748
  /**
739
749
  * Set the event callback for receiving agent events.
@@ -1208,7 +1218,12 @@ open func resetToolPermissions()throws {try rustCallWithError(FfiConverterType
1208
1218
  }
1209
1219
 
1210
1220
  /**
1211
- * Respond to a tool approval request.
1221
+ * Respond to a tool approval request (legacy boolean entry point).
1222
+ *
1223
+ * Retained as the UniFFI-facing API for mobile callers that pass a plain
1224
+ * boolean. Internally delegates to `respond_to_approval_decision` (a
1225
+ * Rust-only helper, not UniFFI-exported) with no `decision`/`answers`,
1226
+ * preserving today's behavior.
1212
1227
  */
1213
1228
  open func respondToApproval(toolCallId: String, approved: Bool, reason: String?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1214
1229
  uniffi_native_agent_ffi_fn_method_nativeagenthandle_respond_to_approval(
@@ -1328,15 +1343,21 @@ open func serializeAgentEventJson(eventType: String, payloadJson: String, sessio
1328
1343
 
1329
1344
  /**
1330
1345
  * Set an auth key for a provider.
1346
+ *
1347
+ * `base_url`, when set, overrides the provider's hardcoded endpoint — used
1348
+ * to point the driver at a backend proxy that injects the real API key
1349
+ * server-side, so the device never holds the provider secret. `None` ⇒
1350
+ * the provider's default endpoint (unchanged behavior).
1331
1351
  */
1332
- open func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1352
+ open func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?, baseUrl: String?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1333
1353
  uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(
1334
1354
  self.uniffiCloneHandle(),
1335
1355
  FfiConverterString.lower(key),
1336
1356
  FfiConverterString.lower(provider),
1337
1357
  FfiConverterString.lower(authType),
1338
1358
  FfiConverterOptionString.lower(refresh),
1339
- FfiConverterOptionInt64.lower(expiresAt),$0
1359
+ FfiConverterOptionInt64.lower(expiresAt),
1360
+ FfiConverterOptionString.lower(baseUrl),$0
1340
1361
  )
1341
1362
  }
1342
1363
  }
@@ -1936,6 +1957,11 @@ public struct SendMessageParams: Equatable, Hashable {
1936
1957
  * JSON-encoded prior conversation messages for multi-turn sessions.
1937
1958
  */
1938
1959
  public var priorMessagesJson: String?
1960
+ /**
1961
+ * Create-only plan-mode seed (Stage 4b). Honored when starting a NEW
1962
+ * session; the persisted store value is authoritative on resume.
1963
+ */
1964
+ public var planModeInit: Bool?
1939
1965
 
1940
1966
  // Default memberwise initializers are never public by default, so we
1941
1967
  // declare one manually.
@@ -1947,7 +1973,11 @@ public struct SendMessageParams: Equatable, Hashable {
1947
1973
  */skillAllowedToolsJson: String?,
1948
1974
  /**
1949
1975
  * JSON-encoded prior conversation messages for multi-turn sessions.
1950
- */priorMessagesJson: String?) {
1976
+ */priorMessagesJson: String?,
1977
+ /**
1978
+ * Create-only plan-mode seed (Stage 4b). Honored when starting a NEW
1979
+ * session; the persisted store value is authoritative on resume.
1980
+ */planModeInit: Bool?) {
1951
1981
  self.prompt = prompt
1952
1982
  self.sessionKey = sessionKey
1953
1983
  self.model = model
@@ -1956,6 +1986,7 @@ public struct SendMessageParams: Equatable, Hashable {
1956
1986
  self.maxTurns = maxTurns
1957
1987
  self.skillAllowedToolsJson = skillAllowedToolsJson
1958
1988
  self.priorMessagesJson = priorMessagesJson
1989
+ self.planModeInit = planModeInit
1959
1990
  }
1960
1991
 
1961
1992
 
@@ -1981,7 +2012,8 @@ public struct FfiConverterTypeSendMessageParams: FfiConverterRustBuffer {
1981
2012
  systemPrompt: FfiConverterString.read(from: &buf),
1982
2013
  maxTurns: FfiConverterOptionUInt32.read(from: &buf),
1983
2014
  skillAllowedToolsJson: FfiConverterOptionString.read(from: &buf),
1984
- priorMessagesJson: FfiConverterOptionString.read(from: &buf)
2015
+ priorMessagesJson: FfiConverterOptionString.read(from: &buf),
2016
+ planModeInit: FfiConverterOptionBool.read(from: &buf)
1985
2017
  )
1986
2018
  }
1987
2019
 
@@ -1994,6 +2026,7 @@ public struct FfiConverterTypeSendMessageParams: FfiConverterRustBuffer {
1994
2026
  FfiConverterOptionUInt32.write(value.maxTurns, into: &buf)
1995
2027
  FfiConverterOptionString.write(value.skillAllowedToolsJson, into: &buf)
1996
2028
  FfiConverterOptionString.write(value.priorMessagesJson, into: &buf)
2029
+ FfiConverterOptionBool.write(value.planModeInit, into: &buf)
1997
2030
  }
1998
2031
  }
1999
2032
 
@@ -2415,6 +2448,19 @@ public protocol GovernanceProvider: AnyObject, Sendable {
2415
2448
  */
2416
2449
  func checkSink(sinkType: String, content: String) -> String
2417
2450
 
2451
+ /**
2452
+ * Register a tainted value for data-flow tracking (agent-os taint uptake).
2453
+ * `labels` is a comma-separated set drawn from
2454
+ * `Pii|Secret|ExternalNetwork|UserInput|UntrustedAgent`; a later
2455
+ * `check_sink` blocks if a registered value reaches a sink that forbids one
2456
+ * of its labels (e.g. ExternalNetwork content flowing into ShellExec).
2457
+ * (No default: `#[uniffi::export]` callback-interface methods can't be
2458
+ * defaulted — every host impl must provide it. Mobile delegates to its
2459
+ * `TaintTracker::register`; a host with no taint engine implements it as a
2460
+ * no-op.)
2461
+ */
2462
+ func registerTaint(key: String, value: String, labels: String, source: String)
2463
+
2418
2464
  /**
2419
2465
  * Reset loop guard state (e.g. on new session).
2420
2466
  */
@@ -2560,6 +2606,36 @@ fileprivate struct UniffiCallbackInterfaceGovernanceProvider {
2560
2606
  writeReturn: writeReturn
2561
2607
  )
2562
2608
  },
2609
+ registerTaint: { (
2610
+ uniffiHandle: UInt64,
2611
+ key: RustBuffer,
2612
+ value: RustBuffer,
2613
+ labels: RustBuffer,
2614
+ source: RustBuffer,
2615
+ uniffiOutReturn: UnsafeMutableRawPointer,
2616
+ uniffiCallStatus: UnsafeMutablePointer<RustCallStatus>
2617
+ ) in
2618
+ let makeCall = {
2619
+ () throws -> () in
2620
+ guard let uniffiObj = try? FfiConverterCallbackInterfaceGovernanceProvider.handleMap.get(handle: uniffiHandle) else {
2621
+ throw UniffiInternalError.unexpectedStaleHandle
2622
+ }
2623
+ return uniffiObj.registerTaint(
2624
+ key: try FfiConverterString.lift(key),
2625
+ value: try FfiConverterString.lift(value),
2626
+ labels: try FfiConverterString.lift(labels),
2627
+ source: try FfiConverterString.lift(source)
2628
+ )
2629
+ }
2630
+
2631
+
2632
+ let writeReturn = { () }
2633
+ uniffiTraitInterfaceCall(
2634
+ callStatus: uniffiCallStatus,
2635
+ makeCall: makeCall,
2636
+ writeReturn: writeReturn
2637
+ )
2638
+ },
2563
2639
  reset: { (
2564
2640
  uniffiHandle: UInt64,
2565
2641
  uniffiOutReturn: UnsafeMutableRawPointer,
@@ -3261,6 +3337,30 @@ fileprivate struct FfiConverterOptionInt64: FfiConverterRustBuffer {
3261
3337
  }
3262
3338
  }
3263
3339
 
3340
+ #if swift(>=5.8)
3341
+ @_documentation(visibility: private)
3342
+ #endif
3343
+ fileprivate struct FfiConverterOptionBool: FfiConverterRustBuffer {
3344
+ typealias SwiftType = Bool?
3345
+
3346
+ public static func write(_ value: SwiftType, into buf: inout [UInt8]) {
3347
+ guard let value = value else {
3348
+ writeInt(&buf, Int8(0))
3349
+ return
3350
+ }
3351
+ writeInt(&buf, Int8(1))
3352
+ FfiConverterBool.write(value, into: &buf)
3353
+ }
3354
+
3355
+ public static func read(from buf: inout (data: Data, offset: Data.Index)) throws -> SwiftType {
3356
+ switch try readInt(&buf) as Int8 {
3357
+ case 0: return nil
3358
+ case 1: return try FfiConverterBool.read(from: &buf)
3359
+ default: throw UniffiInternalError.unexpectedOptionalTag
3360
+ }
3361
+ }
3362
+ }
3363
+
3264
3364
  #if swift(>=5.8)
3265
3365
  @_documentation(visibility: private)
3266
3366
  #endif
@@ -3434,7 +3534,7 @@ private let initializationResult: InitializationResult = {
3434
3534
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_reset_tool_permissions() != 15060) {
3435
3535
  return InitializationResult.apiChecksumMismatch
3436
3536
  }
3437
- if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_approval() != 3194) {
3537
+ if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_approval() != 56876) {
3438
3538
  return InitializationResult.apiChecksumMismatch
3439
3539
  }
3440
3540
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_cron_approval() != 851) {
@@ -3461,7 +3561,7 @@ private let initializationResult: InitializationResult = {
3461
3561
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_serialize_agent_event_json() != 40873) {
3462
3562
  return InitializationResult.apiChecksumMismatch
3463
3563
  }
3464
- if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_auth_key() != 1639) {
3564
+ if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_auth_key() != 12658) {
3465
3565
  return InitializationResult.apiChecksumMismatch
3466
3566
  }
3467
3567
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_event_callback() != 56165) {
@@ -3518,10 +3618,13 @@ private let initializationResult: InitializationResult = {
3518
3618
  if (uniffi_native_agent_ffi_checksum_method_governanceprovider_check_sink() != 37338) {
3519
3619
  return InitializationResult.apiChecksumMismatch
3520
3620
  }
3521
- if (uniffi_native_agent_ffi_checksum_method_governanceprovider_reset() != 57214) {
3621
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_register_taint() != 17176) {
3622
+ return InitializationResult.apiChecksumMismatch
3623
+ }
3624
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_reset() != 47675) {
3522
3625
  return InitializationResult.apiChecksumMismatch
3523
3626
  }
3524
- if (uniffi_native_agent_ffi_checksum_method_governanceprovider_record_usage() != 907) {
3627
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_record_usage() != 32049) {
3525
3628
  return InitializationResult.apiChecksumMismatch
3526
3629
  }
3527
3630
  if (uniffi_native_agent_ffi_checksum_method_memoryprovider_store() != 49136) {
@@ -273,14 +273,21 @@ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod3)(uint64_t, RustB
273
273
  #endif
274
274
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
275
275
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
276
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, void* _Nonnull,
276
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, RustBuffer, RustBuffer, RustBuffer, RustBuffer, void* _Nonnull,
277
277
  RustCallStatus *_Nonnull uniffiCallStatus
278
278
  );
279
279
 
280
280
  #endif
281
281
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
282
282
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
283
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
283
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, void* _Nonnull,
284
+ RustCallStatus *_Nonnull uniffiCallStatus
285
+ );
286
+
287
+ #endif
288
+ #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
289
+ #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
290
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod6)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
284
291
  RustCallStatus *_Nonnull uniffiCallStatus
285
292
  );
286
293
 
@@ -357,8 +364,9 @@ typedef struct UniffiVTableCallbackInterfaceGovernanceProvider {
357
364
  UniffiCallbackInterfaceGovernanceProviderMethod1 _Nonnull recordOutcome;
358
365
  UniffiCallbackInterfaceGovernanceProviderMethod2 _Nonnull recordAudit;
359
366
  UniffiCallbackInterfaceGovernanceProviderMethod3 _Nonnull checkSink;
360
- UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull reset;
361
- UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull recordUsage;
367
+ UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull registerTaint;
368
+ UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull reset;
369
+ UniffiCallbackInterfaceGovernanceProviderMethod6 _Nonnull recordUsage;
362
370
  } UniffiVTableCallbackInterfaceGovernanceProvider;
363
371
 
364
372
  #endif
@@ -610,7 +618,7 @@ RustBuffer uniffi_native_agent_ffi_fn_method_nativeagenthandle_serialize_agent_e
610
618
  #endif
611
619
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
612
620
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
613
- void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustCallStatus *_Nonnull out_status
621
+ void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustBuffer base_url, RustCallStatus *_Nonnull out_status
614
622
  );
615
623
  #endif
616
624
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_EVENT_CALLBACK
@@ -1325,6 +1333,12 @@ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_record_audit
1325
1333
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_CHECK_SINK
1326
1334
  uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_check_sink(void
1327
1335
 
1336
+ );
1337
+ #endif
1338
+ #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1339
+ #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1340
+ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_register_taint(void
1341
+
1328
1342
  );
1329
1343
  #endif
1330
1344
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_RESET
@@ -682,7 +682,12 @@ public protocol NativeAgentHandleProtocol: AnyObject, Sendable {
682
682
  func resetToolPermissions() throws
683
683
 
684
684
  /**
685
- * Respond to a tool approval request.
685
+ * Respond to a tool approval request (legacy boolean entry point).
686
+ *
687
+ * Retained as the UniFFI-facing API for mobile callers that pass a plain
688
+ * boolean. Internally delegates to `respond_to_approval_decision` (a
689
+ * Rust-only helper, not UniFFI-exported) with no `decision`/`answers`,
690
+ * preserving today's behavior.
686
691
  */
687
692
  func respondToApproval(toolCallId: String, approved: Bool, reason: String?) throws
688
693
 
@@ -732,8 +737,13 @@ public protocol NativeAgentHandleProtocol: AnyObject, Sendable {
732
737
 
733
738
  /**
734
739
  * Set an auth key for a provider.
740
+ *
741
+ * `base_url`, when set, overrides the provider's hardcoded endpoint — used
742
+ * to point the driver at a backend proxy that injects the real API key
743
+ * server-side, so the device never holds the provider secret. `None` ⇒
744
+ * the provider's default endpoint (unchanged behavior).
735
745
  */
736
- func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?) throws
746
+ func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?, baseUrl: String?) throws
737
747
 
738
748
  /**
739
749
  * Set the event callback for receiving agent events.
@@ -1208,7 +1218,12 @@ open func resetToolPermissions()throws {try rustCallWithError(FfiConverterType
1208
1218
  }
1209
1219
 
1210
1220
  /**
1211
- * Respond to a tool approval request.
1221
+ * Respond to a tool approval request (legacy boolean entry point).
1222
+ *
1223
+ * Retained as the UniFFI-facing API for mobile callers that pass a plain
1224
+ * boolean. Internally delegates to `respond_to_approval_decision` (a
1225
+ * Rust-only helper, not UniFFI-exported) with no `decision`/`answers`,
1226
+ * preserving today's behavior.
1212
1227
  */
1213
1228
  open func respondToApproval(toolCallId: String, approved: Bool, reason: String?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1214
1229
  uniffi_native_agent_ffi_fn_method_nativeagenthandle_respond_to_approval(
@@ -1328,15 +1343,21 @@ open func serializeAgentEventJson(eventType: String, payloadJson: String, sessio
1328
1343
 
1329
1344
  /**
1330
1345
  * Set an auth key for a provider.
1346
+ *
1347
+ * `base_url`, when set, overrides the provider's hardcoded endpoint — used
1348
+ * to point the driver at a backend proxy that injects the real API key
1349
+ * server-side, so the device never holds the provider secret. `None` ⇒
1350
+ * the provider's default endpoint (unchanged behavior).
1331
1351
  */
1332
- open func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1352
+ open func setAuthKey(key: String, provider: String, authType: String, refresh: String?, expiresAt: Int64?, baseUrl: String?)throws {try rustCallWithError(FfiConverterTypeNativeAgentError_lift) {
1333
1353
  uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(
1334
1354
  self.uniffiCloneHandle(),
1335
1355
  FfiConverterString.lower(key),
1336
1356
  FfiConverterString.lower(provider),
1337
1357
  FfiConverterString.lower(authType),
1338
1358
  FfiConverterOptionString.lower(refresh),
1339
- FfiConverterOptionInt64.lower(expiresAt),$0
1359
+ FfiConverterOptionInt64.lower(expiresAt),
1360
+ FfiConverterOptionString.lower(baseUrl),$0
1340
1361
  )
1341
1362
  }
1342
1363
  }
@@ -1936,6 +1957,11 @@ public struct SendMessageParams: Equatable, Hashable {
1936
1957
  * JSON-encoded prior conversation messages for multi-turn sessions.
1937
1958
  */
1938
1959
  public var priorMessagesJson: String?
1960
+ /**
1961
+ * Create-only plan-mode seed (Stage 4b). Honored when starting a NEW
1962
+ * session; the persisted store value is authoritative on resume.
1963
+ */
1964
+ public var planModeInit: Bool?
1939
1965
 
1940
1966
  // Default memberwise initializers are never public by default, so we
1941
1967
  // declare one manually.
@@ -1947,7 +1973,11 @@ public struct SendMessageParams: Equatable, Hashable {
1947
1973
  */skillAllowedToolsJson: String?,
1948
1974
  /**
1949
1975
  * JSON-encoded prior conversation messages for multi-turn sessions.
1950
- */priorMessagesJson: String?) {
1976
+ */priorMessagesJson: String?,
1977
+ /**
1978
+ * Create-only plan-mode seed (Stage 4b). Honored when starting a NEW
1979
+ * session; the persisted store value is authoritative on resume.
1980
+ */planModeInit: Bool?) {
1951
1981
  self.prompt = prompt
1952
1982
  self.sessionKey = sessionKey
1953
1983
  self.model = model
@@ -1956,6 +1986,7 @@ public struct SendMessageParams: Equatable, Hashable {
1956
1986
  self.maxTurns = maxTurns
1957
1987
  self.skillAllowedToolsJson = skillAllowedToolsJson
1958
1988
  self.priorMessagesJson = priorMessagesJson
1989
+ self.planModeInit = planModeInit
1959
1990
  }
1960
1991
 
1961
1992
 
@@ -1981,7 +2012,8 @@ public struct FfiConverterTypeSendMessageParams: FfiConverterRustBuffer {
1981
2012
  systemPrompt: FfiConverterString.read(from: &buf),
1982
2013
  maxTurns: FfiConverterOptionUInt32.read(from: &buf),
1983
2014
  skillAllowedToolsJson: FfiConverterOptionString.read(from: &buf),
1984
- priorMessagesJson: FfiConverterOptionString.read(from: &buf)
2015
+ priorMessagesJson: FfiConverterOptionString.read(from: &buf),
2016
+ planModeInit: FfiConverterOptionBool.read(from: &buf)
1985
2017
  )
1986
2018
  }
1987
2019
 
@@ -1994,6 +2026,7 @@ public struct FfiConverterTypeSendMessageParams: FfiConverterRustBuffer {
1994
2026
  FfiConverterOptionUInt32.write(value.maxTurns, into: &buf)
1995
2027
  FfiConverterOptionString.write(value.skillAllowedToolsJson, into: &buf)
1996
2028
  FfiConverterOptionString.write(value.priorMessagesJson, into: &buf)
2029
+ FfiConverterOptionBool.write(value.planModeInit, into: &buf)
1997
2030
  }
1998
2031
  }
1999
2032
 
@@ -2415,6 +2448,19 @@ public protocol GovernanceProvider: AnyObject, Sendable {
2415
2448
  */
2416
2449
  func checkSink(sinkType: String, content: String) -> String
2417
2450
 
2451
+ /**
2452
+ * Register a tainted value for data-flow tracking (agent-os taint uptake).
2453
+ * `labels` is a comma-separated set drawn from
2454
+ * `Pii|Secret|ExternalNetwork|UserInput|UntrustedAgent`; a later
2455
+ * `check_sink` blocks if a registered value reaches a sink that forbids one
2456
+ * of its labels (e.g. ExternalNetwork content flowing into ShellExec).
2457
+ * (No default: `#[uniffi::export]` callback-interface methods can't be
2458
+ * defaulted — every host impl must provide it. Mobile delegates to its
2459
+ * `TaintTracker::register`; a host with no taint engine implements it as a
2460
+ * no-op.)
2461
+ */
2462
+ func registerTaint(key: String, value: String, labels: String, source: String)
2463
+
2418
2464
  /**
2419
2465
  * Reset loop guard state (e.g. on new session).
2420
2466
  */
@@ -2560,6 +2606,36 @@ fileprivate struct UniffiCallbackInterfaceGovernanceProvider {
2560
2606
  writeReturn: writeReturn
2561
2607
  )
2562
2608
  },
2609
+ registerTaint: { (
2610
+ uniffiHandle: UInt64,
2611
+ key: RustBuffer,
2612
+ value: RustBuffer,
2613
+ labels: RustBuffer,
2614
+ source: RustBuffer,
2615
+ uniffiOutReturn: UnsafeMutableRawPointer,
2616
+ uniffiCallStatus: UnsafeMutablePointer<RustCallStatus>
2617
+ ) in
2618
+ let makeCall = {
2619
+ () throws -> () in
2620
+ guard let uniffiObj = try? FfiConverterCallbackInterfaceGovernanceProvider.handleMap.get(handle: uniffiHandle) else {
2621
+ throw UniffiInternalError.unexpectedStaleHandle
2622
+ }
2623
+ return uniffiObj.registerTaint(
2624
+ key: try FfiConverterString.lift(key),
2625
+ value: try FfiConverterString.lift(value),
2626
+ labels: try FfiConverterString.lift(labels),
2627
+ source: try FfiConverterString.lift(source)
2628
+ )
2629
+ }
2630
+
2631
+
2632
+ let writeReturn = { () }
2633
+ uniffiTraitInterfaceCall(
2634
+ callStatus: uniffiCallStatus,
2635
+ makeCall: makeCall,
2636
+ writeReturn: writeReturn
2637
+ )
2638
+ },
2563
2639
  reset: { (
2564
2640
  uniffiHandle: UInt64,
2565
2641
  uniffiOutReturn: UnsafeMutableRawPointer,
@@ -3261,6 +3337,30 @@ fileprivate struct FfiConverterOptionInt64: FfiConverterRustBuffer {
3261
3337
  }
3262
3338
  }
3263
3339
 
3340
+ #if swift(>=5.8)
3341
+ @_documentation(visibility: private)
3342
+ #endif
3343
+ fileprivate struct FfiConverterOptionBool: FfiConverterRustBuffer {
3344
+ typealias SwiftType = Bool?
3345
+
3346
+ public static func write(_ value: SwiftType, into buf: inout [UInt8]) {
3347
+ guard let value = value else {
3348
+ writeInt(&buf, Int8(0))
3349
+ return
3350
+ }
3351
+ writeInt(&buf, Int8(1))
3352
+ FfiConverterBool.write(value, into: &buf)
3353
+ }
3354
+
3355
+ public static func read(from buf: inout (data: Data, offset: Data.Index)) throws -> SwiftType {
3356
+ switch try readInt(&buf) as Int8 {
3357
+ case 0: return nil
3358
+ case 1: return try FfiConverterBool.read(from: &buf)
3359
+ default: throw UniffiInternalError.unexpectedOptionalTag
3360
+ }
3361
+ }
3362
+ }
3363
+
3264
3364
  #if swift(>=5.8)
3265
3365
  @_documentation(visibility: private)
3266
3366
  #endif
@@ -3434,7 +3534,7 @@ private let initializationResult: InitializationResult = {
3434
3534
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_reset_tool_permissions() != 15060) {
3435
3535
  return InitializationResult.apiChecksumMismatch
3436
3536
  }
3437
- if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_approval() != 3194) {
3537
+ if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_approval() != 56876) {
3438
3538
  return InitializationResult.apiChecksumMismatch
3439
3539
  }
3440
3540
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_respond_to_cron_approval() != 851) {
@@ -3461,7 +3561,7 @@ private let initializationResult: InitializationResult = {
3461
3561
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_serialize_agent_event_json() != 40873) {
3462
3562
  return InitializationResult.apiChecksumMismatch
3463
3563
  }
3464
- if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_auth_key() != 1639) {
3564
+ if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_auth_key() != 12658) {
3465
3565
  return InitializationResult.apiChecksumMismatch
3466
3566
  }
3467
3567
  if (uniffi_native_agent_ffi_checksum_method_nativeagenthandle_set_event_callback() != 56165) {
@@ -3518,10 +3618,13 @@ private let initializationResult: InitializationResult = {
3518
3618
  if (uniffi_native_agent_ffi_checksum_method_governanceprovider_check_sink() != 37338) {
3519
3619
  return InitializationResult.apiChecksumMismatch
3520
3620
  }
3521
- if (uniffi_native_agent_ffi_checksum_method_governanceprovider_reset() != 57214) {
3621
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_register_taint() != 17176) {
3622
+ return InitializationResult.apiChecksumMismatch
3623
+ }
3624
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_reset() != 47675) {
3522
3625
  return InitializationResult.apiChecksumMismatch
3523
3626
  }
3524
- if (uniffi_native_agent_ffi_checksum_method_governanceprovider_record_usage() != 907) {
3627
+ if (uniffi_native_agent_ffi_checksum_method_governanceprovider_record_usage() != 32049) {
3525
3628
  return InitializationResult.apiChecksumMismatch
3526
3629
  }
3527
3630
  if (uniffi_native_agent_ffi_checksum_method_memoryprovider_store() != 49136) {
@@ -273,14 +273,21 @@ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod3)(uint64_t, RustB
273
273
  #endif
274
274
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
275
275
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD4
276
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, void* _Nonnull,
276
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod4)(uint64_t, RustBuffer, RustBuffer, RustBuffer, RustBuffer, void* _Nonnull,
277
277
  RustCallStatus *_Nonnull uniffiCallStatus
278
278
  );
279
279
 
280
280
  #endif
281
281
  #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
282
282
  #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD5
283
- typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
283
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod5)(uint64_t, void* _Nonnull,
284
+ RustCallStatus *_Nonnull uniffiCallStatus
285
+ );
286
+
287
+ #endif
288
+ #ifndef UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
289
+ #define UNIFFI_FFIDEF_CALLBACK_INTERFACE_GOVERNANCE_PROVIDER_METHOD6
290
+ typedef void (*UniffiCallbackInterfaceGovernanceProviderMethod6)(uint64_t, RustBuffer, uint32_t, uint32_t, void* _Nonnull,
284
291
  RustCallStatus *_Nonnull uniffiCallStatus
285
292
  );
286
293
 
@@ -357,8 +364,9 @@ typedef struct UniffiVTableCallbackInterfaceGovernanceProvider {
357
364
  UniffiCallbackInterfaceGovernanceProviderMethod1 _Nonnull recordOutcome;
358
365
  UniffiCallbackInterfaceGovernanceProviderMethod2 _Nonnull recordAudit;
359
366
  UniffiCallbackInterfaceGovernanceProviderMethod3 _Nonnull checkSink;
360
- UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull reset;
361
- UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull recordUsage;
367
+ UniffiCallbackInterfaceGovernanceProviderMethod4 _Nonnull registerTaint;
368
+ UniffiCallbackInterfaceGovernanceProviderMethod5 _Nonnull reset;
369
+ UniffiCallbackInterfaceGovernanceProviderMethod6 _Nonnull recordUsage;
362
370
  } UniffiVTableCallbackInterfaceGovernanceProvider;
363
371
 
364
372
  #endif
@@ -610,7 +618,7 @@ RustBuffer uniffi_native_agent_ffi_fn_method_nativeagenthandle_serialize_agent_e
610
618
  #endif
611
619
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
612
620
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_AUTH_KEY
613
- void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustCallStatus *_Nonnull out_status
621
+ void uniffi_native_agent_ffi_fn_method_nativeagenthandle_set_auth_key(uint64_t ptr, RustBuffer key, RustBuffer provider, RustBuffer auth_type, RustBuffer refresh, RustBuffer expires_at, RustBuffer base_url, RustCallStatus *_Nonnull out_status
614
622
  );
615
623
  #endif
616
624
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_FN_METHOD_NATIVEAGENTHANDLE_SET_EVENT_CALLBACK
@@ -1325,6 +1333,12 @@ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_record_audit
1325
1333
  #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_CHECK_SINK
1326
1334
  uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_check_sink(void
1327
1335
 
1336
+ );
1337
+ #endif
1338
+ #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1339
+ #define UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_REGISTER_TAINT
1340
+ uint16_t uniffi_native_agent_ffi_checksum_method_governanceprovider_register_taint(void
1341
+
1328
1342
  );
1329
1343
  #endif
1330
1344
  #ifndef UNIFFI_FFIDEF_UNIFFI_NATIVE_AGENT_FFI_CHECKSUM_METHOD_GOVERNANCEPROVIDER_RESET
@@ -353,13 +353,16 @@ public class NativeAgentPlugin: CAPPlugin, CAPBridgedPlugin {
353
353
  }
354
354
  let refresh: String? = call.getString("refresh")
355
355
  let expiresAt: Int64? = (call.options["expiresAt"] as? NSNumber)?.int64Value
356
+ // Optional endpoint override (e.g. a backend proxy holding the real key).
357
+ let baseUrl: String? = call.getString("baseUrl")
356
358
  do {
357
359
  try h.setAuthKey(
358
360
  key: key,
359
361
  provider: call.getString("provider") ?? "anthropic",
360
362
  authType: call.getString("authType") ?? "api_key",
361
363
  refresh: refresh,
362
- expiresAt: expiresAt
364
+ expiresAt: expiresAt,
365
+ baseUrl: baseUrl
363
366
  )
364
367
  call.resolve()
365
368
  } catch {