npm - groundswell - Versions diffs - 0.0.2 → 1.0.0 - Mend

groundswell 0.0.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (554) hide show

package/LICENSE +21 -0
package/README.md +26 -9
package/dist/cache/cache-key.d.ts +86 -0
package/dist/cache/cache-key.d.ts.map +1 -0
package/dist/cache/cache-key.js +204 -0
package/dist/cache/cache-key.js.map +1 -0
package/dist/cache/cache.d.ts +104 -0
package/dist/cache/cache.d.ts.map +1 -0
package/dist/cache/cache.js +179 -0
package/dist/cache/cache.js.map +1 -0
package/{src/cache/index.ts → dist/cache/index.d.ts} +1 -1
package/dist/cache/index.d.ts.map +1 -0
package/dist/cache/index.js +6 -0
package/dist/cache/index.js.map +1 -0
package/dist/core/agent.d.ts +203 -0
package/dist/core/agent.d.ts.map +1 -0
package/dist/core/agent.js +833 -0
package/dist/core/agent.js.map +1 -0
package/{src/core/context.ts → dist/core/context.d.ts} +16 -67
package/dist/core/context.d.ts.map +1 -0
package/dist/core/context.js +80 -0
package/dist/core/context.js.map +1 -0
package/dist/core/event-tree.d.ts +72 -0
package/dist/core/event-tree.d.ts.map +1 -0
package/dist/core/event-tree.js +211 -0
package/dist/core/event-tree.js.map +1 -0
package/{src/core/factory.ts → dist/core/factory.d.ts} +6 -27
package/dist/core/factory.d.ts.map +1 -0
package/dist/core/factory.js +110 -0
package/dist/core/factory.js.map +1 -0
package/{src/core/index.ts → dist/core/index.d.ts} +2 -10
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +9 -0
package/dist/core/index.js.map +1 -0
package/dist/core/logger.d.ts +50 -0
package/dist/core/logger.d.ts.map +1 -0
package/dist/core/logger.js +91 -0
package/dist/core/logger.js.map +1 -0
package/dist/core/mcp-handler.d.ts +127 -0
package/dist/core/mcp-handler.d.ts.map +1 -0
package/dist/core/mcp-handler.js +323 -0
package/dist/core/mcp-handler.js.map +1 -0
package/dist/core/prompt.d.ts +80 -0
package/dist/core/prompt.d.ts.map +1 -0
package/dist/core/prompt.js +120 -0
package/dist/core/prompt.js.map +1 -0
package/dist/core/workflow-context.d.ts +61 -0
package/dist/core/workflow-context.d.ts.map +1 -0
package/dist/core/workflow-context.js +358 -0
package/dist/core/workflow-context.js.map +1 -0
package/dist/core/workflow.d.ts +543 -0
package/dist/core/workflow.d.ts.map +1 -0
package/dist/core/workflow.js +986 -0
package/dist/core/workflow.js.map +1 -0
package/dist/debugger/event-replayer.d.ts +422 -0
package/dist/debugger/event-replayer.d.ts.map +1 -0
package/dist/debugger/event-replayer.js +639 -0
package/dist/debugger/event-replayer.js.map +1 -0
package/dist/debugger/index.d.ts +2 -0
package/dist/debugger/index.d.ts.map +1 -0
package/{src/debugger/index.ts → dist/debugger/index.js} +1 -0
package/dist/debugger/index.js.map +1 -0
package/dist/debugger/tree-debugger.d.ts +240 -0
package/dist/debugger/tree-debugger.d.ts.map +1 -0
package/dist/debugger/tree-debugger.js +620 -0
package/dist/debugger/tree-debugger.js.map +1 -0
package/dist/decorators/index.d.ts +4 -0
package/dist/decorators/index.d.ts.map +1 -0
package/{src/decorators/index.ts → dist/decorators/index.js} +1 -0
package/dist/decorators/index.js.map +1 -0
package/dist/decorators/observed-state.d.ts +32 -0
package/dist/decorators/observed-state.d.ts.map +1 -0
package/dist/decorators/observed-state.js +79 -0
package/dist/decorators/observed-state.js.map +1 -0
package/dist/decorators/step.d.ts +15 -0
package/dist/decorators/step.d.ts.map +1 -0
package/dist/decorators/step.js +192 -0
package/dist/decorators/step.js.map +1 -0
package/dist/decorators/task.d.ts +50 -0
package/dist/decorators/task.d.ts.map +1 -0
package/dist/decorators/task.js +118 -0
package/dist/decorators/task.js.map +1 -0
package/dist/examples/index.d.ts +3 -0
package/dist/examples/index.d.ts.map +1 -0
package/{src/examples/index.ts → dist/examples/index.js} +1 -0
package/dist/examples/index.js.map +1 -0
package/dist/examples/tdd-orchestrator.d.ts +15 -0
package/dist/examples/tdd-orchestrator.d.ts.map +1 -0
package/dist/examples/tdd-orchestrator.js +121 -0
package/dist/examples/tdd-orchestrator.js.map +1 -0
package/dist/examples/test-cycle-workflow.d.ts +14 -0
package/dist/examples/test-cycle-workflow.d.ts.map +1 -0
package/dist/examples/test-cycle-workflow.js +116 -0
package/dist/examples/test-cycle-workflow.js.map +1 -0
package/dist/harnesses/claude-code-harness.d.ts +391 -0
package/dist/harnesses/claude-code-harness.d.ts.map +1 -0
package/dist/harnesses/claude-code-harness.js +1076 -0
package/dist/harnesses/claude-code-harness.js.map +1 -0
package/dist/harnesses/harness-registry.d.ts +440 -0
package/dist/harnesses/harness-registry.d.ts.map +1 -0
package/dist/harnesses/harness-registry.js +543 -0
package/dist/harnesses/harness-registry.js.map +1 -0
package/dist/harnesses/index.d.ts +12 -0
package/dist/harnesses/index.d.ts.map +1 -0
package/dist/harnesses/index.js +11 -0
package/dist/harnesses/index.js.map +1 -0
package/dist/harnesses/pi-harness.d.ts +219 -0
package/dist/harnesses/pi-harness.d.ts.map +1 -0
package/dist/harnesses/pi-harness.js +676 -0
package/dist/harnesses/pi-harness.js.map +1 -0
package/dist/harnesses/pi-schema-converter.d.ts +24 -0
package/dist/harnesses/pi-schema-converter.d.ts.map +1 -0
package/dist/harnesses/pi-schema-converter.js +81 -0
package/dist/harnesses/pi-schema-converter.js.map +1 -0
package/dist/harnesses/register-defaults.d.ts +24 -0
package/dist/harnesses/register-defaults.d.ts.map +1 -0
package/dist/harnesses/register-defaults.js +40 -0
package/dist/harnesses/register-defaults.js.map +1 -0
package/dist/harnesses/session-store.d.ts +201 -0
package/dist/harnesses/session-store.d.ts.map +1 -0
package/dist/harnesses/session-store.js +254 -0
package/dist/harnesses/session-store.js.map +1 -0
package/dist/index.d.ts +37 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +57 -0
package/dist/index.js.map +1 -0
package/dist/reflection/index.d.ts +5 -0
package/dist/reflection/index.d.ts.map +1 -0
package/{src/reflection/index.ts → dist/reflection/index.js} +1 -1
package/dist/reflection/index.js.map +1 -0
package/dist/reflection/reflection.d.ts +84 -0
package/dist/reflection/reflection.d.ts.map +1 -0
package/dist/reflection/reflection.js +344 -0
package/dist/reflection/reflection.js.map +1 -0
package/dist/tools/index.d.ts +6 -0
package/dist/tools/index.d.ts.map +1 -0
package/dist/tools/index.js +11 -0
package/dist/tools/index.js.map +1 -0
package/dist/tools/introspection.d.ts +165 -0
package/dist/tools/introspection.d.ts.map +1 -0
package/dist/tools/introspection.js +324 -0
package/dist/tools/introspection.js.map +1 -0
package/dist/types/agent.d.ts +1317 -0
package/dist/types/agent.d.ts.map +1 -0
package/dist/types/agent.js +423 -0
package/dist/types/agent.js.map +1 -0
package/dist/types/decorators.d.ts +40 -0
package/dist/types/decorators.d.ts.map +1 -0
package/dist/types/decorators.js +2 -0
package/dist/types/decorators.js.map +1 -0
package/dist/types/error-strategy.d.ts +13 -0
package/dist/types/error-strategy.d.ts.map +1 -0
package/dist/types/error-strategy.js +2 -0
package/dist/types/error-strategy.js.map +1 -0
package/dist/types/error.d.ts +20 -0
package/dist/types/error.d.ts.map +1 -0
package/dist/types/error.js +2 -0
package/dist/types/error.js.map +1 -0
package/dist/types/events.d.ts +113 -0
package/dist/types/events.d.ts.map +1 -0
package/dist/types/events.js +2 -0
package/dist/types/events.js.map +1 -0
package/dist/types/harnesses.d.ts +474 -0
package/dist/types/harnesses.d.ts.map +1 -0
package/dist/types/harnesses.js +2 -0
package/dist/types/harnesses.js.map +1 -0
package/dist/types/index.d.ts +23 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +8 -0
package/dist/types/index.js.map +1 -0
package/dist/types/logging.d.ts +24 -0
package/dist/types/logging.d.ts.map +1 -0
package/dist/types/logging.js +2 -0
package/dist/types/logging.js.map +1 -0
package/dist/types/observer.d.ts +18 -0
package/dist/types/observer.d.ts.map +1 -0
package/dist/types/observer.js +2 -0
package/dist/types/observer.js.map +1 -0
package/dist/types/prompt.d.ts +31 -0
package/dist/types/prompt.d.ts.map +1 -0
package/dist/types/prompt.js +6 -0
package/dist/types/prompt.js.map +1 -0
package/dist/types/providers.d.ts +691 -0
package/dist/types/providers.d.ts.map +1 -0
package/dist/types/providers.js +14 -0
package/dist/types/providers.js.map +1 -0
package/dist/types/reflection.d.ts +96 -0
package/dist/types/reflection.d.ts.map +1 -0
package/dist/types/reflection.js +24 -0
package/dist/types/reflection.js.map +1 -0
package/dist/types/restart.d.ts +132 -0
package/dist/types/restart.d.ts.map +1 -0
package/dist/types/restart.js +2 -0
package/dist/types/restart.js.map +1 -0
package/dist/types/sdk-primitives.d.ts +118 -0
package/dist/types/sdk-primitives.d.ts.map +1 -0
package/dist/types/sdk-primitives.js +6 -0
package/dist/types/sdk-primitives.js.map +1 -0
package/{src/types/snapshot.ts → dist/types/snapshot.d.ts} +5 -5
package/dist/types/snapshot.d.ts.map +1 -0
package/dist/types/snapshot.js +2 -0
package/dist/types/snapshot.js.map +1 -0
package/dist/types/streaming.d.ts +194 -0
package/dist/types/streaming.d.ts.map +1 -0
package/dist/types/streaming.js +67 -0
package/dist/types/streaming.js.map +1 -0
package/dist/types/workflow-context.d.ts +275 -0
package/dist/types/workflow-context.d.ts.map +1 -0
package/dist/types/workflow-context.js +8 -0
package/dist/types/workflow-context.js.map +1 -0
package/dist/types/workflow.d.ts +30 -0
package/dist/types/workflow.d.ts.map +1 -0
package/dist/types/workflow.js +2 -0
package/dist/types/workflow.js.map +1 -0
package/dist/utils/agent-validation.d.ts +88 -0
package/dist/utils/agent-validation.d.ts.map +1 -0
package/dist/utils/agent-validation.js +87 -0
package/dist/utils/agent-validation.js.map +1 -0
package/dist/utils/delay.d.ts +7 -0
package/dist/utils/delay.d.ts.map +1 -0
package/dist/utils/delay.js +9 -0
package/dist/utils/delay.js.map +1 -0
package/dist/utils/harness-config.d.ts +180 -0
package/dist/utils/harness-config.d.ts.map +1 -0
package/dist/utils/harness-config.js +311 -0
package/dist/utils/harness-config.js.map +1 -0
package/dist/utils/id.d.ts +6 -0
package/dist/utils/id.d.ts.map +1 -0
package/dist/utils/id.js +12 -0
package/dist/utils/id.js.map +1 -0
package/dist/utils/index.d.ts +13 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +11 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/model-spec.d.ts +110 -0
package/dist/utils/model-spec.d.ts.map +1 -0
package/dist/utils/model-spec.js +149 -0
package/dist/utils/model-spec.js.map +1 -0
package/dist/utils/observable.d.ts +54 -0
package/dist/utils/observable.d.ts.map +1 -0
package/dist/utils/observable.js +82 -0
package/dist/utils/observable.js.map +1 -0
package/dist/utils/provider-config.d.ts +10 -0
package/dist/utils/provider-config.d.ts.map +1 -0
package/dist/utils/provider-config.js +10 -0
package/dist/utils/provider-config.js.map +1 -0
package/dist/utils/restart-analysis.d.ts +202 -0
package/dist/utils/restart-analysis.d.ts.map +1 -0
package/dist/utils/restart-analysis.js +426 -0
package/dist/utils/restart-analysis.js.map +1 -0
package/dist/utils/session-serialization.d.ts +118 -0
package/dist/utils/session-serialization.d.ts.map +1 -0
package/dist/utils/session-serialization.js +217 -0
package/dist/utils/session-serialization.js.map +1 -0
package/dist/utils/workflow-error-utils.d.ts +22 -0
package/dist/utils/workflow-error-utils.d.ts.map +1 -0
package/dist/utils/workflow-error-utils.js +45 -0
package/dist/utils/workflow-error-utils.js.map +1 -0
package/package.json +34 -5
package/.claude/commands/subtask-planning/prp-base-create.md +0 -120
package/.claude/commands/subtask-planning/prp-base-execute.md +0 -65
package/.claude/commands/task-breakdown.md +0 -94
package/.claude/settings.local.json +0 -9
package/.claude/system_prompts/task-breakdown.md +0 -101
package/CHANGELOG.md +0 -188
package/PRD.md +0 -543
package/PRPs/001-hierarchical-workflow-engine.md +0 -2438
package/PRPs/PRDs/002-agent-prompt.md +0 -390
package/PRPs/PRDs/003-agent-prompt.md +0 -943
package/PRPs/PRDs/004-agent-prompt.md +0 -1136
package/PRPs/PRDs/tasks-001.json +0 -492
package/PRPs/README.md +0 -83
package/PRPs/templates/prp_base.md +0 -222
package/docs/agent.md +0 -422
package/docs/prompt.md +0 -419
package/docs/workflow.md +0 -600
package/examples/README.md +0 -258
package/examples/examples/01-basic-workflow.ts +0 -100
package/examples/examples/02-decorator-options.ts +0 -217
package/examples/examples/03-parent-child.ts +0 -241
package/examples/examples/04-observers-debugger.ts +0 -340
package/examples/examples/05-error-handling.ts +0 -387
package/examples/examples/06-concurrent-tasks.ts +0 -352
package/examples/examples/07-agent-loops.ts +0 -432
package/examples/examples/08-sdk-features.ts +0 -667
package/examples/examples/09-reflection.ts +0 -573
package/examples/examples/10-introspection.ts +0 -550
package/examples/examples/11-reparenting-workflows.ts +0 -269
package/examples/index.ts +0 -147
package/examples/utils/helpers.ts +0 -57
package/package-lock.json +0 -2398
package/plan/001_d3bb02af4886/TEST_RESULTS.md +0 -259
package/plan/001_d3bb02af4886/backlog.json +0 -867
package/plan/001_d3bb02af4886/bug_fix_tasks.json +0 -484
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M1T1S1/PRP.md +0 -488
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M1T1S2/PRP.md +0 -581
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M1T1S3/PRP.md +0 -687
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T1S1/PRP.md +0 -492
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T1S3/PRP.md +0 -932
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T1S3/research/concurrent_error_testing_patterns.md +0 -1109
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T1S3/research/vitest_concurrent_testing.md +0 -802
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T1S3/research/workflow_engine_test_references.md +0 -603
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T2S1/PRP.md +0 -564
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T2S3/PRP.md +0 -518
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T2S4/PRP.md +0 -1252
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T3S1/PRP.md +0 -364
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T3S1/research/CODEBASE_INVENTORY.md +0 -114
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T3S1/research/DECORATOR_DOCUMENTATION_PATTERNS.md +0 -205
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T3S1/research/PRD_LOCATION_ANALYSIS.md +0 -199
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M2T3S1/research/ULTRATHINK_PRP_PLAN.md +0 -134
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T1S1/PRP.md +0 -495
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T1S1/research/console_error_inventory.md +0 -435
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T1S2/PRP.md +0 -506
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T1S3/PRP.md +0 -612
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T2S2/PRP.md +0 -558
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T2S2/research/external_research.md +0 -788
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T3S2/PRP.md +0 -460
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T3S3/PRP.md +0 -454
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T4S1/PRP.md +0 -520
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T4S1/RECOMMENDATION.md +0 -417
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T4S1/research/external_workflow_engines_research.md +0 -760
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T4S1/research/security_implications_analysis.md +0 -245
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M3T4S2/PRP.md +0 -792
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S1/PRP.md +0 -535
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S1/TEST_EXECUTION_REPORT.md +0 -190
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S2/PRP.md +0 -654
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S2/TEST_FIX_REPORT.md +0 -227
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S2/research/KEY_FINDINGS.md +0 -345
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S2/research/QUICK_REFERENCE.md +0 -193
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T1S2/research/test_maintenance_research.md +0 -1323
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T3S1/BREAKING_CHANGES_AUDIT.md +0 -1011
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T3S1/PRP.md +0 -927
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/P1M4T3S2/PRP.md +0 -505
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/architecture/logger_child_signature_analysis.md +0 -401
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S3/child_implementation_research.md +0 -142
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S3/test_patterns_research.md +0 -112
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S3/vitest_patterns_research.md +0 -159
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S4/PRP.md +0 -549
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S4/VERIFICATION_REPORT.md +0 -368
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S4/edge_case_analysis.md +0 -172
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M1T1S4/usage_inventory.md +0 -175
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T1S2/PRP.md +0 -696
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T1S4/PRP.md +0 -860
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/PRP.md +0 -1066
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/01-testing-aggregated-errors.md +0 -1103
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/01_typescript_error_aggregation_patterns.md +0 -789
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/02-error-merge-strategy-testing-guide.md +0 -1098
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/02_aggregate_error_patterns.md +0 -1037
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/03-promise-allsettled-testing-patterns.md +0 -916
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/03_error_merging_strategies.md +0 -1045
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/04_github_stackoverflow_examples.md +0 -890
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/05_comprehensive_summary.md +0 -822
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/INDEX.md +0 -668
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/QUICK_REFERENCE.md +0 -706
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/README.md +0 -265
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S2/research/RESEARCH_REPORT.md +0 -655
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T2S4/research/vitest_testing_patterns.md +0 -1103
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M2T3S2/PRP.md +0 -426
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T1S2/PRP.md +0 -506
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T1S2/research/QUICK_REFERENCE.md +0 -114
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T1S2/research/RESEARCH_SUMMARY.md +0 -316
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T1S2/research/vitest_observer_error_logging_best_practices.md +0 -754
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T1S3/PRP.md +0 -612
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T2S1/PRP.md +0 -719
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T2S1/README.md +0 -215
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T2S1/analysis.md +0 -765
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T2S3/PRP.md +0 -718
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/DECISION.md +0 -149
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/PRP.md +0 -470
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/research/ULTRATHINK_PLAN.md +0 -332
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/research/codebase_workflow_name_analysis.md +0 -167
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/research/external_best_practices.md +0 -265
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T3S1/research/validation_patterns.md +0 -273
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T4S1/workflow_engine_ancestry_api_research.md +0 -760
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M3T4S3-PRP.md +0 -434
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M4T2S1/PRP.md +0 -717
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M4T2S2/PRP.md +0 -472
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M4T2S2/VALIDATION_REPORT.md +0 -125
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/P1M4T2S2/research/ULTRATHINK_PRP_PLAN.md +0 -301
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/error-logging-best-practices.md +0 -1170
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/research_typescript_partial_and_overloads.md +0 -940
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/vitest-quick-reference.md +0 -151
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/docs/vitest-research.md +0 -650
package/plan/001_d3bb02af4886/bugfix/001_e8e04329daf3/prd_snapshot.md +0 -259
package/plan/001_d3bb02af4886/bugfix/P1M1T1S1/PRP.md +0 -457
package/plan/001_d3bb02af4886/bugfix/RESEARCH_SUMMARY.md +0 -346
package/plan/001_d3bb02af4886/bugfix/architecture/codebase_structure.md +0 -311
package/plan/001_d3bb02af4886/bugfix/architecture/concurrent_execution_best_practices.md +0 -1565
package/plan/001_d3bb02af4886/bugfix/architecture/error_handling_patterns.md +0 -288
package/plan/001_d3bb02af4886/bugfix/architecture/promise_all_analysis.md +0 -741
package/plan/001_d3bb02af4886/docs/PRP/P1M1T1S4-functional-workflow-error-state-capture-test.md +0 -652
package/plan/001_d3bb02af4886/docs/PRP/P1P2-PRP.md +0 -527
package/plan/001_d3bb02af4886/docs/PRP/P3P4-PRP.md +0 -1388
package/plan/001_d3bb02af4886/docs/PRP/P4P5-PRP.md +0 -1136
package/plan/001_d3bb02af4886/docs/PRP/PRP.md +0 -527
package/plan/001_d3bb02af4886/docs/PRP/bugfix/P1M1T2S1-PRP.md +0 -415
package/plan/001_d3bb02af4886/docs/PRP/bugfix/P1M1T2S2-PRP.md +0 -378
package/plan/001_d3bb02af4886/docs/PRP/bugfix/P1M1T2S4-PRP.md +0 -713
package/plan/001_d3bb02af4886/docs/PRP/bugfix/P1M2T1S4-PRP.md +0 -370
package/plan/001_d3bb02af4886/docs/PRP_P1M3T1S3.md +0 -499
package/plan/001_d3bb02af4886/docs/TEST_RESULTS.md +0 -230
package/plan/001_d3bb02af4886/docs/architecture/external_deps.md +0 -358
package/plan/001_d3bb02af4886/docs/architecture/system_context.md +0 -242
package/plan/001_d3bb02af4886/docs/bugfix/ANALYSIS_PRD_VS_IMPLEMENTATION.md +0 -1134
package/plan/001_d3bb02af4886/docs/bugfix/GAP_ANALYSIS_SUMMARY.md +0 -179
package/plan/001_d3bb02af4886/docs/bugfix/P1M4T2S1/PRP.md +0 -629
package/plan/001_d3bb02af4886/docs/bugfix/P1M4T2S1/validation-report.md +0 -214
package/plan/001_d3bb02af4886/docs/bugfix/PRP_P1M4T2S3.md +0 -629
package/plan/001_d3bb02af4886/docs/bugfix/bugfix_PRP.md +0 -529
package/plan/001_d3bb02af4886/docs/bugfix/bugfix_QUICK_REFERENCE.md +0 -142
package/plan/001_d3bb02af4886/docs/bugfix/bugfix_README.md +0 -304
package/plan/001_d3bb02af4886/docs/bugfix/bugfix_TEST_RESULTS.md +0 -558
package/plan/001_d3bb02af4886/docs/bugfix/bugfix_VALIDATION_SUMMARY.md +0 -256
package/plan/001_d3bb02af4886/docs/bugfix/system_context.md +0 -346
package/plan/001_d3bb02af4886/docs/bugfix-architecture/bug_analysis.md +0 -415
package/plan/001_d3bb02af4886/docs/bugfix-architecture/implementation_patterns.md +0 -489
package/plan/001_d3bb02af4886/docs/bugfix-architecture/system_context.md +0 -218
package/plan/001_d3bb02af4886/docs/bugfix_INITIATION_SUMMARY.md +0 -380
package/plan/001_d3bb02af4886/docs/research/CYCLE_DETECTION_PATTERNS.md +0 -1923
package/plan/001_d3bb02af4886/docs/research/CYCLE_DETECTION_QUICK_REF.md +0 -319
package/plan/001_d3bb02af4886/docs/research/P1M1T2S1/codebase-context.md +0 -115
package/plan/001_d3bb02af4886/docs/research/P1M1T2S1/cycle-detection-algorithms.md +0 -134
package/plan/001_d3bb02af4886/docs/research/P1M1T2S1/test-patterns.md +0 -153
package/plan/001_d3bb02af4886/docs/research/P1M1T2S1/workflow-class.md +0 -132
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/DECORATOR_DOCUMENTATION_BEST_PRACTICES.md +0 -716
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/DECORATOR_DOCUMENTATION_QUICK_REF.md +0 -186
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/GROUNDSWELL_DECORATOR_EXAMPLES.md +0 -604
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/INDEX.md +0 -213
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/codebase_structure.md +0 -30
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/existing_test_pattern.md +0 -56
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/getRootObservers_implementation.md +0 -53
package/plan/001_d3bb02af4886/docs/research/P1M2T1S4/test_conventions.md +0 -49
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/PRP.md +0 -958
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/QUICK_REFERENCE.md +0 -339
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/README.md +0 -305
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/SUMMARY.md +0 -433
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/bidirectional-tree-consistency-testing.md +0 -1574
package/plan/001_d3bb02af4886/docs/research/P1M3T1S4/test-pattern-examples.md +0 -1014
package/plan/001_d3bb02af4886/docs/research/P1P2/LRU_CACHE_BEST_PRACTICES.md +0 -1929
package/plan/001_d3bb02af4886/docs/research/P1P2/LRU_CACHE_CODE_PATTERNS.md +0 -857
package/plan/001_d3bb02af4886/docs/research/P1P2/LRU_CACHE_INTEGRATION_GUIDE.md +0 -738
package/plan/001_d3bb02af4886/docs/research/P1P2/LRU_CACHE_RESEARCH_INDEX.md +0 -424
package/plan/001_d3bb02af4886/docs/research/P1P2/REFLECTION_INDEX.md +0 -291
package/plan/001_d3bb02af4886/docs/research/P1P2/REFLECTION_RESEARCH_REPORT.md +0 -1342
package/plan/001_d3bb02af4886/docs/research/P1P2/RESEARCH_SUMMARY.md +0 -342
package/plan/001_d3bb02af4886/docs/research/P1P2/anthropic-sdk.md +0 -174
package/plan/001_d3bb02af4886/docs/research/P1P2/async-local-storage.md +0 -200
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-code-patterns.md +0 -1205
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-decision-matrix.md +0 -421
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-implementation-guide.md +0 -1341
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-integration-guide.md +0 -834
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-patterns.md +0 -1468
package/plan/001_d3bb02af4886/docs/research/P1P2/reflection-quick-reference.md +0 -558
package/plan/001_d3bb02af4886/docs/research/P1P2/zod-schema.md +0 -152
package/plan/001_d3bb02af4886/docs/research/P3P4/caching-lru.md +0 -116
package/plan/001_d3bb02af4886/docs/research/P3P4/introspection-tools.md +0 -177
package/plan/001_d3bb02af4886/docs/research/P3P4/reflection-patterns.md +0 -117
package/plan/001_d3bb02af4886/docs/research/P4P5/RESEARCH_SUMMARY.md +0 -151
package/plan/001_d3bb02af4886/docs/research/PROMISE_ALLSETTLED_QUICK_REF.md +0 -376
package/plan/001_d3bb02af4886/docs/research/PROMISE_ALLSETTLED_RESEARCH.md +0 -1507
package/plan/001_d3bb02af4886/docs/research/bugfix_typescript_patterns.md +0 -949
package/plan/001_d3bb02af4886/docs/research/error-testing-research.md +0 -619
package/plan/001_d3bb02af4886/docs/research/error_handling_patterns.md +0 -723
package/plan/001_d3bb02af4886/docs/research/general/INTROSPECTION_RESEARCH_SUMMARY.md +0 -378
package/plan/001_d3bb02af4886/docs/research/general/README-INTROSPECTION.md +0 -352
package/plan/001_d3bb02af4886/docs/research/general/agent-introspection-patterns.md +0 -1085
package/plan/001_d3bb02af4886/docs/research/general/introspection-security-guide.md +0 -984
package/plan/001_d3bb02af4886/docs/research/general/introspection-tool-examples.md +0 -875
package/plan/001_d3bb02af4886/docs/research/incremental-tree-map-updates/PRP_TEMPLATE.md +0 -460
package/plan/001_d3bb02af4886/docs/research/incremental-tree-map-updates/QUICK_REFERENCE.md +0 -324
package/plan/001_d3bb02af4886/docs/research/incremental-tree-map-updates/README.md +0 -175
package/plan/001_d3bb02af4886/docs/research/incremental-tree-map-updates/RESEARCH_REPORT.md +0 -499
package/plan/001_d3bb02af4886/docs/research/incremental-tree-map-updates/SUMMARY.md +0 -163
package/plan/001_d3bb02af4886/prd_snapshot.md +0 -543
package/plan/bugfix/BUG_FIX_SUMMARY.md +0 -961
package/scripts/generate-llms-full.ts +0 -206
package/src/__tests__/adversarial/attachChild-performance.test.ts +0 -216
package/src/__tests__/adversarial/circular-reference.test.ts +0 -101
package/src/__tests__/adversarial/complex-circular-reference.test.ts +0 -139
package/src/__tests__/adversarial/concurrent-task-failures.test.ts +0 -571
package/src/__tests__/adversarial/deep-analysis.test.ts +0 -729
package/src/__tests__/adversarial/deep-hierarchy-stress.test.ts +0 -213
package/src/__tests__/adversarial/e2e-prd-validation.test.ts +0 -448
package/src/__tests__/adversarial/edge-case.test.ts +0 -703
package/src/__tests__/adversarial/error-merge-strategy.test.ts +0 -760
package/src/__tests__/adversarial/incremental-performance.test.ts +0 -140
package/src/__tests__/adversarial/node-map-update-benchmarks.test.ts +0 -457
package/src/__tests__/adversarial/observer-propagation.test.ts +0 -487
package/src/__tests__/adversarial/parent-validation.test.ts +0 -143
package/src/__tests__/adversarial/prd-12-2-compliance.test.ts +0 -611
package/src/__tests__/adversarial/prd-compliance.test.ts +0 -731
package/src/__tests__/compatibility/backward-compatibility.test.ts +0 -1572
package/src/__tests__/helpers/index.ts +0 -18
package/src/__tests__/helpers/tree-verification.ts +0 -257
package/src/__tests__/integration/agent-workflow.test.ts +0 -256
package/src/__tests__/integration/bidirectional-consistency.test.ts +0 -847
package/src/__tests__/integration/observer-logging.test.ts +0 -643
package/src/__tests__/integration/tree-mirroring.test.ts +0 -151
package/src/__tests__/integration/workflow-reparenting.test.ts +0 -303
package/src/__tests__/unit/agent.test.ts +0 -169
package/src/__tests__/unit/cache-key.test.ts +0 -182
package/src/__tests__/unit/cache.test.ts +0 -172
package/src/__tests__/unit/context.test.ts +0 -217
package/src/__tests__/unit/decorators.test.ts +0 -100
package/src/__tests__/unit/introspection-tools.test.ts +0 -277
package/src/__tests__/unit/logger.test.ts +0 -293
package/src/__tests__/unit/observable.test.ts +0 -321
package/src/__tests__/unit/prompt.test.ts +0 -135
package/src/__tests__/unit/reflection.test.ts +0 -210
package/src/__tests__/unit/tree-debugger-incremental.test.ts +0 -170
package/src/__tests__/unit/tree-debugger.test.ts +0 -85
package/src/__tests__/unit/utils/workflow-error-utils.test.ts +0 -209
package/src/__tests__/unit/workflow-detachChild.test.ts +0 -100
package/src/__tests__/unit/workflow-emitEvent-childDetached.test.ts +0 -153
package/src/__tests__/unit/workflow-isDescendantOf.test.ts +0 -180
package/src/__tests__/unit/workflow.test.ts +0 -357
package/src/cache/cache-key.ts +0 -244
package/src/cache/cache.ts +0 -236
package/src/core/agent.ts +0 -593
package/src/core/event-tree.ts +0 -260
package/src/core/logger.ts +0 -112
package/src/core/mcp-handler.ts +0 -184
package/src/core/prompt.ts +0 -150
package/src/core/workflow-context.ts +0 -351
package/src/core/workflow.ts +0 -540
package/src/debugger/tree-debugger.ts +0 -255
package/src/decorators/observed-state.ts +0 -95
package/src/decorators/step.ts +0 -139
package/src/decorators/task.ts +0 -159
package/src/examples/tdd-orchestrator.ts +0 -65
package/src/examples/test-cycle-workflow.ts +0 -64
package/src/index.ts +0 -142
package/src/reflection/reflection.ts +0 -407
package/src/tools/index.ts +0 -36
package/src/tools/introspection.ts +0 -464
package/src/types/agent.ts +0 -90
package/src/types/decorators.ts +0 -32
package/src/types/error-strategy.ts +0 -13
package/src/types/error.ts +0 -20
package/src/types/events.ts +0 -75
package/src/types/index.ts +0 -55
package/src/types/logging.ts +0 -24
package/src/types/observer.ts +0 -18
package/src/types/prompt.ts +0 -40
package/src/types/reflection.ts +0 -117
package/src/types/sdk-primitives.ts +0 -128
package/src/types/workflow-context.ts +0 -163
package/src/types/workflow.ts +0 -37
package/src/utils/id.ts +0 -11
package/src/utils/index.ts +0 -4
package/src/utils/observable.ts +0 -106
package/src/utils/workflow-error-utils.ts +0 -56
package/tsconfig.json +0 -22
package/vitest.config.ts +0 -16

package/plan/001_d3bb02af4886/docs/research/general/introspection-security-guide.md DELETED Viewed

@@ -1,984 +0,0 @@
-# Agent Introspection: Security and Implementation Guide
-**Document:** Security Patterns, Threat Modeling, and Safe Implementation Practices
-**Target Audience:** Groundswell Framework Developers and Operators
----
-## Executive Summary
-Agent introspection tools expose workflow execution context to AI agents. While necessary for adaptive decision-making, this capability creates significant security risks:
-- **Information Leakage**: Agents can read sensitive data from ancestor workflows
-- **Privilege Escalation**: Agents could abuse introspection to spawn unauthorized workflows
-- **Prompt Injection**: Untrusted data in ancestor state could compromise agent reasoning
-- **Resource Exhaustion**: Agents could query unbounded trees or large result sets
-This guide provides threat models and proven mitigation patterns based on research from Anthropic, AWS, and Google.
----
-## Threat Model: Introspection Attack Vectors
-### Threat 1: Sensitive Data Exfiltration via State Inspection
-**Attack Scenario:**
-```
-Compromised Agent → Reads state snapshots from ancestor
-                 → Finds API keys in ancestor state
-                 → Exfiltrates via tool output
-```
-**Risk Level:** CRITICAL
-**Affected Tool:** `workflow_inspect_state_snapshot`
-**Mitigation:**
-1. **Never Store Secrets in State**
-   ```typescript
-   // BAD
-   @ObservedState()
-   apiKey = process.env.OPENAI_API_KEY;  // NEVER!
-   // GOOD
-   private apiKey = process.env.OPENAI_API_KEY; // Not decorated
-   @ObservedState()
-   apiKeyConfigured = true; // Just boolean flag
-   ```
-2. **Filter Secrets Before Returning**
-   ```typescript
-   function filterSecrets(state: Record<string, unknown>): Record<string, unknown> {
-     const secretPatterns = [
-       /api_?key/i,
-       /password/i,
-       /token/i,
-       /secret/i,
-       /credentials/i,
-       /auth/i,
-       /aws_/i,
-       /azure_/i,
-     ];
-     const filtered = { ...state };
-     for (const [key, value] of Object.entries(filtered)) {
-       if (secretPatterns.some(pattern => pattern.test(key))) {
-         filtered[key] = '[REDACTED]';
-       }
-       // Also check values for common secret formats
-       if (typeof value === 'string' && isLikelySecret(value)) {
-         filtered[key] = '[REDACTED]';
-       }
-     }
-     return filtered;
-   }
-   function isLikelySecret(value: string): boolean {
-     // Check for API key patterns
-     if (/sk-[a-zA-Z0-9]{20,}/.test(value)) return true;     // OpenAI-style
-     if (/[a-z0-9]{40}/.test(value)) return true;             // Generic long hex
-     if (/^(AKIA|ASIA)[0-9A-Z]{16}$/.test(value)) return true; // AWS IAM key
-     return false;
-   }
-   ```
-3. **Implement State Access Control**
-   ```typescript
-   interface StateAccessPolicy {
-     // Which state properties are readable
-     readable_properties: {
-       [propertyName: string]: 'public' | 'sensitive' | 'secret';
-     };
-     // Which agents can read which properties
-     agent_access: {
-       [agentId: string]: string[]; // List of readable properties
-     };
-     // Default policy for undeclared properties
-     default_policy: 'deny' | 'allow';
-   }
-   // Example
-   const statePolicy: StateAccessPolicy = {
-     readable_properties: {
-       'validation_count': 'public',      // All agents can read
-       'error_rate': 'public',
-       'processing_stage': 'public',
-       'user_id': 'sensitive',            // Only authorized agents
-       'api_configuration': 'secret',     // Never exposed
-     },
-     agent_access: {
-       'agent-data-processor': ['validation_count', 'error_rate', 'processing_stage'],
-       'agent-monitor': ['validation_count', 'error_rate'],
-       'agent-admin': ['*'], // Wildcard allowed for admin agents
-     },
-     default_policy: 'deny'
-   };
-   ```
----
-### Threat 2: Prompt Injection via Ancestor Outputs
-**Attack Scenario:**
-```
-Malicious Input → Stored in ancestor output as data
-               → Agent reads via workflow_read_ancestor_outputs
-               → Untrusted data used in agent prompt
-               → Injection succeeds
-```
-**Risk Level:** HIGH
-**Affected Tool:** `workflow_read_ancestor_outputs`
-**Mitigation:**
-1. **Validate and Sanitize Returned Data**
-   ```typescript
-   interface OutputValidationPolicy {
-     // How to handle different data types
-     string_fields: {
-       max_length: number;
-       allowed_patterns?: RegExp[];  // Whitelist patterns
-       forbidden_patterns?: RegExp[]; // Blacklist patterns
-     };
-     array_fields: {
-       max_items: number;
-       max_item_size: number;
-     };
-     object_fields: {
-       max_depth: number;
-       max_total_size: number;
-     };
-     // Check for suspicious patterns
-     security_checks: {
-       no_code_injection: boolean;     // Reject if looks like code
-       no_prompt_escape: boolean;       // Reject if tries to escape prompt
-       no_command_injection: boolean;   // Reject if shell commands detected
-     };
-   }
-   function validateAncestorOutput(
-     output: unknown,
-     policy: OutputValidationPolicy
-   ): unknown {
-     if (typeof output === 'string') {
-       // Check length
-       if (output.length > policy.string_fields.max_length) {
-         throw new Error('Output string exceeds maximum length');
-       }
-       // Check patterns
-       if (policy.string_fields.allowed_patterns) {
-         const allowed = policy.string_fields.allowed_patterns.some(p => p.test(output));
-         if (!allowed) {
-           throw new Error('Output does not match allowed patterns');
-         }
-       }
-       // Check for forbidden patterns
-       if (policy.string_fields.forbidden_patterns) {
-         const forbidden = policy.string_fields.forbidden_patterns.some(p => p.test(output));
-         if (forbidden) {
-           throw new Error('Output contains forbidden pattern');
-         }
-       }
-       // Security checks
-       if (policy.security_checks.no_code_injection) {
-         if (detectCodeInjection(output)) {
-           throw new Error('Potential code injection detected');
-         }
-       }
-       if (policy.security_checks.no_prompt_escape) {
-         if (detectPromptEscape(output)) {
-           throw new Error('Potential prompt escape detected');
-         }
-       }
-       return output;
-     }
-     if (Array.isArray(output)) {
-       if (output.length > policy.array_fields.max_items) {
-         throw new Error('Output array exceeds maximum size');
-       }
-       return output.map(item => validateAncestorOutput(item, policy));
-     }
-     if (typeof output === 'object' && output !== null) {
-       const maxDepth = policy.object_fields.max_depth;
-       return validateObject(output, policy, 0, maxDepth);
-     }
-     return output;
-   }
-   function detectCodeInjection(str: string): boolean {
-     const patterns = [
-       /import\s+/i,
-       /export\s+/i,
-       /eval\s*\(/i,
-       /Function\s*\(/i,
-       /require\s*\(/i,
-       /system\s*\(/i,
-       /exec\s*\(/i,
-     ];
-     return patterns.some(p => p.test(str));
-   }
-   function detectPromptEscape(str: string): boolean {
-     // Patterns that try to escape prompt context
-     const patterns = [
-       /```/g,           // Code blocks
-       /---/g,            // Markdown separators
-       /##/g,             // Markdown headers
-       /\[ignore previous/i,
-       /forget everything/i,
-       /disregard instructions/i,
-     ];
-     return patterns.some(p => p.test(str));
-   }
-   ```
-2. **Treat Ancestor Outputs as Untrusted User Input**
-   ```typescript
-   // When building prompt with ancestor output
-   const ancestorOutput = await introspectionTool.readAncestorOutputs();
-   // WRONG: Direct interpolation
-   const prompt = `Based on ancestor result: ${ancestorOutput.result}`;
-   // RIGHT: Structured data with clear context
-   const safePrompt = `
-   Based on ancestor workflow results:
-   - Record count: ${validatePositiveInteger(ancestorOutput.record_count)}
-   - Validation rate: ${validatePercentage(ancestorOutput.validation_rate)}
-   - Errors: [${ancestorOutput.errors.map(escapeForDisplay).join(', ')}]
-   Please process with this context in mind.
-   `;
-   ```
-3. **Mark Ancestor Data as External Input**
-   ```typescript
-   interface AncestorOutput {
-     // Mark this data as coming from external source
-     _provenance: {
-       source_workflow_id: string;
-       is_from_ancestor: true; // Always true
-       trust_level: 'untrusted' | 'verified';
-     };
-     // Actual data
-     [key: string]: unknown;
-   }
-   // Agents must explicitly acknowledge they're using external data
-   function useAncestorOutput(
-     output: AncestorOutput,
-     acknowledgeUntrusted: boolean
-   ): unknown {
-     if (!acknowledgeUntrusted) {
-       throw new Error('Must explicitly acknowledge using ancestor output');
-     }
-     // Now safe to use with validation
-     return output;
-   }
-   ```
----
-### Threat 3: Recursive Self-Modification / Privilege Escalation
-**Attack Scenario:**
-```
-Rogue Agent → Spawns child with elevated permissions
-          → Child spawns grandchild with even more permissions
-          → Recursive privilege escalation
-```
-**Risk Level:** HIGH
-**Affected Tool:** `workflow_spawn_child`
-**Mitigation:**
-1. **Enforce Template-Based Spawning**
-   ```typescript
-   // Templates are pre-defined by system, agents cannot create arbitrary ones
-   interface WorkflowTemplate {
-     id: string;
-     name: string;
-     description: string;
-     max_instantiations_per_session: number;
-     allowed_parent_workflows: string[]; // Only certain parents can use
-     capabilities: {
-       can_spawn_children: boolean;
-       max_children: number;
-       can_access_ancestor_state: boolean;
-       allowed_ancestor_depth: number;
-     };
-     resource_limits: {
-       max_memory_mb: number;
-       max_cpu_shares: number;
-       max_execution_time_seconds: number;
-     };
-   }
-   // Templates are defined by framework
-   const templates: Record<string, WorkflowTemplate> = {
-     'template_data_validation': {
-       id: 'template_data_validation',
-       max_instantiations_per_session: 10,
-       allowed_parent_workflows: ['*'], // Open
-       capabilities: {
-         can_spawn_children: false, // Cannot spawn further
-         max_children: 0,
-         can_access_ancestor_state: true,
-         allowed_ancestor_depth: 1, // Can only see parent
-       },
-       resource_limits: {
-         max_memory_mb: 512,
-         max_cpu_shares: 25,
-         max_execution_time_seconds: 300,
-       }
-     },
-     'template_orchestrator': {
-       id: 'template_orchestrator',
-       max_instantiations_per_session: 2,
-       allowed_parent_workflows: ['root_workflow'], // Only root can spawn
-       capabilities: {
-         can_spawn_children: true,     // CAN spawn children
-         max_children: 5,
-         can_access_ancestor_state: true,
-         allowed_ancestor_depth: 10,
-       },
-       resource_limits: {
-         max_memory_mb: 1024,
-         max_cpu_shares: 50,
-         max_execution_time_seconds: 3600,
-       }
-     }
-   };
-   function validateSpawnRequest(
-     parentWorkflowId: string,
-     templateId: string,
-     existingChildren: number
-   ): void {
-     const template = templates[templateId];
-     if (!template) {
-       throw new Error(`Unknown template: ${templateId}`);
-     }
-     // Check parent is allowed
-     if (
-       template.allowed_parent_workflows.length > 0 &&
-       !template.allowed_parent_workflows.includes(parentWorkflowId) &&
-       !template.allowed_parent_workflows.includes('*')
-     ) {
-       throw new Error(
-         `Parent ${parentWorkflowId} not allowed to spawn ${templateId}`
-       );
-     }
-     // Check instantiation limit
-     if (existingChildren >= template.max_instantiations_per_session) {
-       throw new Error(
-         `Exceeded max instantiations (${template.max_instantiations_per_session})`
-       );
-     }
-     // Check if template can spawn children
-     if (template.capabilities.can_spawn_children === false) {
-       // Validate that no spawning happens
-       // This should be enforced by workflow implementation
-     }
-   }
-   ```
-2. **Depth Limits and Capability Degradation**
-   ```typescript
-   interface HierarchyCapabilities {
-     depth: number;
-     can_spawn_children: boolean;
-     max_ancestor_depth: number;
-   }
-   // Capabilities degrade as you go deeper
-   function getCapabilitiesForDepth(depth: number): HierarchyCapabilities {
-     const maxDepth = 5;
-     if (depth >= maxDepth) {
-       return {
-         depth,
-         can_spawn_children: false, // Leaf workflows cannot spawn
-         max_ancestor_depth: 1
-       };
-     }
-     if (depth === 0) { // Root
-       return {
-         depth: 0,
-         can_spawn_children: true,
-         max_ancestor_depth: 0
-       };
-     }
-     // Intermediate levels
-     const remainingLevels = maxDepth - depth;
-     return {
-       depth,
-       can_spawn_children: remainingLevels > 1,
-       max_ancestor_depth: remainingLevels + 2
-     };
-   }
-   ```
-3. **Audit All Spawning Operations**
-   ```typescript
-   interface SpawningAuditLog {
-     timestamp: number;
-     parent_workflow_id: string;
-     parent_agent_id: string;
-     child_workflow_id: string;
-     template_id: string;
-     input_data_hash: string;  // Hash, not full input
-     approved: boolean;
-     approval_reason?: string;
-     denial_reason?: string;
-   }
-   async function spawnWorkflow(
-     request: SpawnRequest,
-     auditLogger: AuditLogger
-   ): Promise<string> {
-     // Validate
-     // ...
-     // Log attempt
-     auditLogger.log({
-       timestamp: Date.now(),
-       parent_workflow_id: request.parent_id,
-       parent_agent_id: request.agent_id,
-       template_id: request.template_id,
-       input_data_hash: hashData(request.input_data),
-       approved: true,
-     });
-     // Execute
-     const childId = await createChild(request);
-     return childId;
-   }
-   ```
----
-### Threat 4: Denial of Service via Unbounded Queries
-**Attack Scenario:**
-```
-Malicious Agent → Requests event history for very large time range
-                → Requests very deep ancestry chain
-                → Requests no limits on result size
-                → System runs out of memory or CPU
-```
-**Risk Level:** MEDIUM
-**Affected Tools:** All introspection tools
-**Mitigation:**
-1. **Hard Limits on All Queries**
-   ```typescript
-   interface IntrospectionLimits {
-     // Hierarchy traversal
-     max_ancestry_depth: number;          // e.g., 20 levels
-     max_descendant_count: number;        // e.g., 10,000 nodes
-     max_sibling_count: number;           // e.g., 100 siblings
-     // Result size
-     max_result_size_bytes: number;       // e.g., 10 MB
-     max_result_items: number;            // e.g., 10,000 items
-     max_event_history_items: number;     // e.g., 1,000 events
-     // Query complexity
-     max_query_time_ms: number;           // e.g., 5,000 ms
-     max_concurrent_queries: number;      // e.g., 5 per agent
-     // Cache filtering
-     max_cache_entries_returned: number;  // e.g., 100 entries
-     max_state_properties: number;        // e.g., 1,000 properties
-     // Time range
-     max_time_range_days: number;         // e.g., 30 days back
-     min_time_range_resolution: number;   // e.g., 1 minute granularity
-   }
-   const defaultLimits: IntrospectionLimits = {
-     max_ancestry_depth: 20,
-     max_descendant_count: 10000,
-     max_sibling_count: 100,
-     max_result_size_bytes: 10 * 1024 * 1024,  // 10 MB
-     max_result_items: 10000,
-     max_event_history_items: 1000,
-     max_query_time_ms: 5000,
-     max_concurrent_queries: 5,
-     max_cache_entries_returned: 100,
-     max_state_properties: 1000,
-     max_time_range_days: 30,
-     min_time_range_resolution: 60000, // 1 minute
-   };
-   async function executeIntrospectionQuery<T>(
-     query: IntrospectionQuery,
-     limits: IntrospectionLimits
-   ): Promise<T> {
-     const startTime = Date.now();
-     try {
-       // Validate query against limits
-       validateQueryLimits(query, limits);
-       // Execute with timeout
-       const result = await Promise.race([
-         executeQuery(query),
-         timeout(limits.max_query_time_ms)
-       ]);
-       // Truncate if needed
-       return truncateResult(result, limits);
-     } finally {
-       const duration = Date.now() - startTime;
-       logQueryMetrics(query, duration);
-     }
-   }
-   function validateQueryLimits(
-     query: IntrospectionQuery,
-     limits: IntrospectionLimits
-   ): void {
-     // Check all filter conditions against limits
-     if (query.max_ancestry_depth && query.max_ancestry_depth > limits.max_ancestry_depth) {
-       throw new Error(
-         `max_ancestry_depth ${query.max_ancestry_depth} exceeds limit ${limits.max_ancestry_depth}`
-       );
-     }
-     // Check time range
-     if (query.time_range_start && query.time_range_end) {
-       const rangeMs = query.time_range_end - query.time_range_start;
-       const maxRangeMs = limits.max_time_range_days * 24 * 60 * 60 * 1000;
-       if (rangeMs > maxRangeMs) {
-         throw new Error(
-           `Time range exceeds maximum of ${limits.max_time_range_days} days`
-         );
-       }
-     }
-     // Check result limits
-     if (query.limit && query.limit > limits.max_result_items) {
-       throw new Error(
-         `Requested ${query.limit} items exceeds limit ${limits.max_result_items}`
-       );
-     }
-   }
-   ```
-2. **Pagination for Large Result Sets**
-   ```typescript
-   interface PaginatedIntrospectionResult<T> {
-     data: T[];
-     pagination: {
-       total_items: number;
-       returned_items: number;
-       page: number;
-       page_size: number;
-       has_more: boolean;
-       next_cursor?: string;
-     };
-     query_metrics: {
-       execution_time_ms: number;
-       result_size_bytes: number;
-       was_truncated: boolean;
-       truncation_reason?: string;
-     };
-   }
-   async function readEventHistoryPaginated(
-     workflowId: string,
-     pageSize: number = 100,
-     cursor?: string
-   ): Promise<PaginatedIntrospectionResult<WorkflowEvent>> {
-     // Validate page size
-     const maxPageSize = 100;
-     const normalizedPageSize = Math.min(pageSize, maxPageSize);
-     // Fetch one extra to determine has_more
-     const events = await fetchEvents(workflowId, normalizedPageSize + 1, cursor);
-     const hasMore = events.length > normalizedPageSize;
-     const resultsToReturn = events.slice(0, normalizedPageSize);
-     return {
-       data: resultsToReturn,
-       pagination: {
-         total_items: events.length,
-         returned_items: resultsToReturn.length,
-         page: cursorToPageNumber(cursor),
-         page_size: normalizedPageSize,
-         has_more: hasMore,
-         next_cursor: hasMore ? pageNumberToCursor(cursorToPageNumber(cursor) + 1) : undefined
-       },
-       query_metrics: {
-         execution_time_ms: 0, // Populated by caller
-         result_size_bytes: 0, // Populated by caller
-         was_truncated: false,
-       }
-     };
-   }
-   ```
-3. **Rate Limiting on Introspection Queries**
-   ```typescript
-   interface RateLimitBucket {
-     agent_id: string;
-     queries_in_window: number;
-     window_reset_at: number;
-     bytes_in_window: number;
-   }
-   class IntrospectionRateLimiter {
-     private buckets = new Map<string, RateLimitBucket>();
-     isAllowed(
-       agentId: string,
-       estimatedResultBytes: number,
-       limits: IntrospectionLimits
-     ): boolean {
-       const bucket = this.getBucket(agentId);
-       const now = Date.now();
-       // Reset window if expired
-       if (now > bucket.window_reset_at) {
-         bucket.queries_in_window = 0;
-         bucket.bytes_in_window = 0;
-         bucket.window_reset_at = now + 60000; // 1 minute window
-       }
-       // Check query count
-       if (bucket.queries_in_window >= limits.max_concurrent_queries) {
-         return false;
-       }
-       // Check bytes
-       if (bucket.bytes_in_window + estimatedResultBytes > limits.max_result_size_bytes) {
-         return false;
-       }
-       return true;
-     }
-     recordQuery(agentId: string, resultBytes: number): void {
-       const bucket = this.getBucket(agentId);
-       bucket.queries_in_window++;
-       bucket.bytes_in_window += resultBytes;
-     }
-     private getBucket(agentId: string): RateLimitBucket {
-       if (!this.buckets.has(agentId)) {
-         this.buckets.set(agentId, {
-           agent_id: agentId,
-           queries_in_window: 0,
-           window_reset_at: Date.now() + 60000,
-           bytes_in_window: 0
-         });
-       }
-       return this.buckets.get(agentId)!;
-     }
-   }
-   ```
----
-### Threat 5: Topology Exposure via isDescendantOf
-**Attack Scenario:**
-```
-Attacker → Calls workflow.isDescendantOf(suspectWorkflow)
-         → Learns hierarchy relationship between workflows
-         → Maps workflow tree structure
-         → Extracts business intelligence from topology
-```
-**Risk Level:** LOW (same as current exposure)
-**Rationale:**
-- `parent` and `children` properties are already public
-- `getNode()` exposes full tree structure
-- `isDescendantOf()` only provides convenience, not new information
-- Attacker can already traverse tree manually
-**Affected Method:** `Workflow.isDescendantOf()` (newly public)
-**Mitigation:**
-1. **Application-Level Access Control** - If exposing workflows via API:
-   ```typescript
-   // Validate user has permission to access workflow
-   if (!user.canAccessWorkflow(workflowId)) {
-     throw new Error('Unauthorized');
-   }
-   // Only then allow isDescendantOf calls
-   ```
-2. **Filter Hierarchy Information** - For unauthenticated users:
-   ```typescript
-   // Return filtered view without hierarchy
-   const filteredWorkflow = {
-     id: workflow.id,
-     name: workflow.name,
-     // Omit parent, children, isDescendantOf
-   };
-   ```
-3. **Audit Topology Access** - Log calls to isDescendantOf:
-   ```typescript
-   auditLog.log({
-     timestamp: Date.now(),
-     userId: user.id,
-     action: 'isDescendantOf',
-     workflowId: workflow.id,
-     ancestorId: ancestor.id
-   });
-   ```
-**Recommendation:** Document that applications should implement access control
-if exposing workflows via APIs. The library itself provides no built-in security.
----
-## Implementation Checklist
-### Data Protection
-- [ ] No secrets stored in `@ObservedState` fields
-- [ ] State snapshots filtered for secret patterns before returning
-- [ ] State access policy implemented and enforced
-- [ ] Ancestor output validated for injection patterns
-- [ ] Ancestor output marked as untrusted
-- [ ] Credentials never included in event history
-### Access Control
-- [ ] Read-only enforcement on all introspection tools
-- [ ] Template-based workflow spawning (no arbitrary workflows)
-- [ ] Parent workflow validation on spawn requests
-- [ ] Capability degradation as tree deepens
-- [ ] Ancestor depth limits enforced
-- [ ] Sibling data isolation (agents see outputs not inputs)
-### Resource Protection
-- [ ] Max ancestry depth limits enforced (e.g., 20 levels)
-- [ ] Result size limits enforced (e.g., 10 MB)
-- [ ] Query timeout limits enforced (e.g., 5 seconds)
-- [ ] Pagination implemented for large result sets
-- [ ] Rate limiting on introspection queries
-- [ ] Concurrent query limits enforced
-### Audit & Monitoring
-- [ ] All introspection queries logged
-- [ ] All spawning operations logged
-- [ ] Query metrics recorded (execution time, result size)
-- [ ] Anomalous queries flagged (very deep, very large, very frequent)
-- [ ] Audit logs are immutable and time-stamped
-- [ ] Audit logs reviewed regularly
-### Input Validation
-- [ ] All tool inputs validated against schema
-- [ ] Strict mode enabled on Anthropic tool use
-- [ ] Filter and sanitization applied to ancestor outputs
-- [ ] Dynamic prompts validated before execution
-- [ ] No code/shell injection possible from tool results
-### Isolation
-- [ ] Each agent execution sandboxed
-- [ ] Container-based isolation where possible
-- [ ] Network restrictions on tools
-- [ ] Filesystem restrictions enforced
-- [ ] Memory and CPU limits enforced
----
-## Operational Recommendations
-### Logging & Monitoring
-```typescript
-interface IntrospectionQueryLog {
-  timestamp: number;
-  agent_id: string;
-  agent_name: string;
-  tool_name: string;
-  query_hash: string;            // Hash of query for grouping
-  result_item_count: number;
-  result_size_bytes: number;
-  execution_time_ms: number;
-  was_limited: boolean;
-  was_paginated: boolean;
-  error?: string;
-}
-// Alert on suspicious patterns
-const suspiciousPatterns = [
-  {
-    name: 'Deep ancestry traversal',
-    detector: (log: IntrospectionQueryLog) => {
-      // Detect if agent queried very deep trees
-      return log.result_item_count > 1000;
-    }
-  },
-  {
-    name: 'Large result extraction',
-    detector: (log: IntrospectionQueryLog) => {
-      return log.result_size_bytes > 1024 * 1024; // > 1 MB
-    }
-  },
-  {
-    name: 'High frequency queries',
-    detector: (logs: IntrospectionQueryLog[]) => {
-      const recent = logs.filter(l => l.timestamp > Date.now() - 60000);
-      return recent.length > 10;
-    }
-  },
-  {
-    name: 'Time range abuse',
-    detector: (log: IntrospectionQueryLog) => {
-      // Detect if trying to query month of history
-      return log.result_item_count > 100000;
-    }
-  }
-];
-```
-### Regular Audits
-Schedule weekly reviews of:
-1. Introspection query patterns by agent
-2. Workflow spawning requests and approvals
-3. State snapshots for leaked secrets
-4. Ancestor output for injection attempts
-5. Rate limit violations
-### Incident Response Plan
-**If Introspection Compromise Detected:**
-1. **Immediate (< 5 minutes)**
-   - Revoke affected agent's introspection tools
-   - Isolate affected workflows
-   - Dump audit logs for forensics
-2. **Short Term (< 1 hour)**
-   - Analyze what data was accessed
-   - Check for credential leaks
-   - Review spawned child workflows
-   - Notify security team
-3. **Medium Term (< 24 hours)**
-   - Complete forensic analysis
-   - Update introspection limits
-   - Revalidate templates
-   - Rotate potentially compromised credentials
-4. **Long Term (< 1 week)**
-   - Post-incident review
-   - Update threat model
-   - Implement additional safeguards
-   - Update this guide
----
-## Testing Recommendations
-### Unit Tests for Security
-```typescript
-describe('IntrospectionSecurity', () => {
-  it('should redact API keys from state snapshots', () => {
-    const snapshot = {
-      'api_key': 'sk-abc123def456',
-      'valid_field': 'data'
-    };
-    const result = filterSecrets(snapshot);
-    expect(result.api_key).toBe('[REDACTED]');
-    expect(result.valid_field).toBe('data');
-  });
-  it('should reject prompt injection in ancestor outputs', () => {
-    const maliciousOutput = {
-      'data': 'ignore previous instructions'
-    };
-    expect(() => {
-      validateAncestorOutput(maliciousOutput, policy);
-    }).toThrow('Potential prompt escape detected');
-  });
-  it('should enforce depth limits on hierarchy inspection', () => {
-    const query = { max_ancestry_depth: 100 };
-    const limits = { max_ancestry_depth: 20 };
-    expect(() => {
-      validateQueryLimits(query, limits);
-    }).toThrow('exceeds limit');
-  });
-  it('should prevent privilege escalation via spawning', () => {
-    const parentId = 'leaf_workflow';
-    const templateId = 'template_orchestrator';
-    expect(() => {
-      validateSpawnRequest(parentId, templateId, 0);
-    }).toThrow('not allowed to spawn');
-  });
-});
-```
-### Integration Tests
-- Test introspection with real workflow hierarchies
-- Test with various secret formats in state
-- Test with malicious payloads in ancestor outputs
-- Test rate limiting under load
-- Test query timeout enforcement
-### Penetration Testing
-Consider hiring security researchers to:
-1. Attempt prompt injection via introspection
-2. Try privilege escalation via spawning
-3. Attempt data exfiltration from state snapshots
-4. Test DoS via unbounded queries
-5. Test isolation boundaries between agents