metaharness 0.1.0

package/dist/mcp-cmd.js

@@ -0,0 +1,179 @@
+// SPDX-License-Identifier: MIT
+//
+// `harness mcp <ls|invoke>` subcommand.
+//
+// Surfaces the iter-10/13/34 MCP dispatch layer to the CLI:
+//
+//   harness mcp ls [path]
+//     List MCP servers + tools declared in <path>/.mcp/servers.json.
+//
+//   harness mcp invoke <server> <tool> [--args=<json>] [path]
+//     Dispatch a tool through the kernel's claim-checked dispatcher,
+//     using the harness's local claim set. Prints the structured
+//     outcome (result / denied / not-found / bad-args).
+//
+// The ToolDispatcher itself lives in @ruflo/kernel/dispatch.js (TS)
+// + crates/kernel/src/dispatch.rs (Rust). This module is just the
+// CLI surface that loads the harness's MCP config + claim set and
+// hands them off.
+import { readFile } from 'node:fs/promises';
+import { existsSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+async function readMcpConfig(harnessDir) {
+    const path = join(harnessDir, '.mcp', 'servers.json');
+    if (!existsSync(path))
+        return null;
+    try {
+        const raw = JSON.parse(await readFile(path, 'utf-8'));
+        return Array.isArray(raw) ? { mcpServers: raw } : raw;
+    }
+    catch {
+        return null;
+    }
+}
+async function readClaims(harnessDir) {
+    const path = join(harnessDir, '.harness', 'claims.json');
+    if (!existsSync(path))
+        return [];
+    try {
+        const raw = JSON.parse(await readFile(path, 'utf-8'));
+        return Array.isArray(raw) ? raw : (raw.claims ?? []);
+    }
+    catch {
+        return [];
+    }
+}
+/** `harness mcp ls [path]` — list MCP servers + tools declared. */
+export async function mcpLs(args) {
+    const dir = resolve(args.find(a => !a.startsWith('--')) ?? process.cwd());
+    const lines = [`harness mcp ls — ${dir}`];
+    const cfg = await readMcpConfig(dir);
+    if (!cfg) {
+        lines.push('  no .mcp/servers.json present (scaffold with --mcp to add one)');
+        return { code: 0, lines };
+    }
+    const servers = cfg.mcpServers ?? [];
+    if (servers.length === 0) {
+        lines.push('  .mcp/servers.json present but declares no servers');
+        return { code: 0, lines };
+    }
+    for (const s of servers) {
+        const cmd = Array.isArray(s.command) ? s.command.join(' ') : s.command;
+        lines.push(`  ${s.name}`);
+        if (s.description)
+            lines.push(`    ${s.description}`);
+        lines.push(`    command: ${cmd}`);
+        if (Array.isArray(s.tools) && s.tools.length) {
+            lines.push(`    tools:`);
+            for (const t of s.tools) {
+                lines.push(`      - ${t.name}${t.description ? ` — ${t.description}` : ''}`);
+            }
+        }
+        else {
+            lines.push(`    tools: <not declared statically; query the server at runtime>`);
+        }
+    }
+    lines.push('', `${servers.length} MCP server${servers.length === 1 ? '' : 's'} declared.`);
+    return { code: 0, lines };
+}
+/**
+ * `harness mcp invoke <server> <tool> --args=<json> [path]` — dispatch
+ * a tool through the kernel-style claim check and print the outcome.
+ *
+ * We re-use the TS ToolDispatcher here. For a real-world harness this
+ * would talk to the actual MCP server over stdio/HTTP; the CLI command
+ * is the same shape so users learn the dispatch model without bringing
+ * up infrastructure.
+ */
+export async function mcpInvoke(args) {
+    const positional = args.filter(a => !a.startsWith('--'));
+    const [server, tool] = positional;
+    if (!server || !tool) {
+        return {
+            code: 2,
+            lines: ['Usage: harness mcp invoke <server> <tool> [--args=<json>] [path]'],
+        };
+    }
+    const dir = resolve(positional[2] ?? process.cwd());
+    const argsJson = args.find(a => a.startsWith('--args='))?.slice('--args='.length) ?? '{}';
+    let argsObj;
+    try {
+        argsObj = JSON.parse(argsJson);
+        if (typeof argsObj !== 'object' || Array.isArray(argsObj) || argsObj === null) {
+            return { code: 2, lines: [`--args must be a JSON object`] };
+        }
+    }
+    catch (e) {
+        return { code: 2, lines: [`--args must be valid JSON: ${e instanceof Error ? e.message : e}`] };
+    }
+    const lines = [`harness mcp invoke ${server}/${tool}`];
+    // Dynamically load the kernel-js dispatcher so the CLI doesn't pay
+    // its import cost on every help/ls invocation.
+    let DispatcherClass;
+    try {
+        const mod = await import('@ruflo/kernel/dispatch');
+        DispatcherClass = mod.ToolDispatcher;
+    }
+    catch (e) {
+        return { code: 1, lines: [`failed to load dispatcher: ${e instanceof Error ? e.message : e}`] };
+    }
+    const dispatcher = new DispatcherClass();
+    // For the CLI flow we don't have a real handler — we wire a no-op so
+    // claim-denials surface but successes return a placeholder. The
+    // structured outcome is the user-visible thing.
+    dispatcher.register(server, tool, async (a) => ({
+        note: 'CLI dispatch — no real handler bound; this confirms the CLAIMS layer authorises the call',
+        echoArgs: a,
+    }));
+    const claims = await readClaims(dir);
+    const outcome = await dispatcher.dispatch({ server, tool, args: argsObj, claims });
+    lines.push(`  kind:   ${outcome.kind}`);
+    if (outcome.kind === 'result') {
+        lines.push(`  output: ${JSON.stringify(outcome.output)}`);
+        return { code: 0, lines };
+    }
+    if (outcome.kind === 'denied') {
+        lines.push(`  reason: ${outcome.reason}`);
+        return { code: 1, lines };
+    }
+    if (outcome.kind === 'not-found') {
+        lines.push(`  server/tool: ${outcome.server}/${outcome.tool} not registered`);
+        return { code: 1, lines };
+    }
+    // bad-args
+    lines.push(`  reason: ${outcome.reason}`);
+    return { code: 2, lines };
+}
+/** Top-level dispatcher for `harness mcp <subsub> ...`. */
+export async function mcpDispatch(args) {
+    const [subsub = 'help', ...rest] = args;
+    switch (subsub) {
+        case 'ls':
+            return mcpLs(rest);
+        case 'invoke':
+            return mcpInvoke(rest);
+        case 'help':
+            return {
+                code: 0,
+                lines: [
+                    'Usage: harness mcp <subcommand> [args]',
+                    '',
+                    'Subcommands:',
+                    '  ls [path]                                          — list MCP servers + tools',
+                    '  invoke <server> <tool> [--args=<json>] [path]      — dispatch one tool through the claim check',
+                    '',
+                    'Notes:',
+                    '  - `ls` reads <path>/.mcp/servers.json',
+                    '  - `invoke` reads <path>/.harness/claims.json for the local claim set',
+                    '  - The kernel dispatch surface is the same one tested in',
+                    '    __tests__/mcp-dispatch-integration.test.ts (iter 34)',
+                ],
+            };
+        default:
+            return {
+                code: 2,
+                lines: [`Unknown mcp subcommand: ${subsub}`, `Run 'harness mcp help' for usage.`],
+            };
+    }
+}
+//# sourceMappingURL=mcp-cmd.js.map

package/dist/mcp-cmd.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-cmd.js","sourceRoot":"","sources":["../src/mcp-cmd.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,EAAE;AACF,wCAAwC;AACxC,EAAE;AACF,4DAA4D;AAC5D,EAAE;AACF,0BAA0B;AAC1B,qEAAqE;AACrE,EAAE;AACF,8DAA8D;AAC9D,qEAAqE;AACrE,iEAAiE;AACjE,wDAAwD;AACxD,EAAE;AACF,oEAAoE;AACpE,kEAAkE;AAClE,kEAAkE;AAClE,kBAAkB;AAElB,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAe1C,KAAK,UAAU,aAAa,CAAC,UAAkB;IAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,UAAkB;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IACzD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,mEAAmE;AACnE,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,IAAc;IACxC,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC1E,MAAM,KAAK,GAAa,CAAC,oBAAoB,GAAG,EAAE,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,KAAK,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAC;QAC9E,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;IACrC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;QAClE,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC1B,IAAI,CAAC,CAAC,WAAW;YAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC;QAClC,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACzB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;gBACxB,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,cAAc,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC,CAAC;IAC3F,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,IAAc;IAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IACzD,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,UAAU,CAAC;IAClC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACrB,OAAO;YACL,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,CAAC,kEAAkE,CAAC;SAC5E,CAAC;IACJ,CAAC;IACD,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC;IAC1F,IAAI,OAAgC,CAAC;IACrC,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC/B,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YAC9E,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,8BAA8B,CAAC,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,8BAA8B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,KAAK,GAAa,CAAC,sBAAsB,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAEjE,mEAAmE;IACnE,+CAA+C;IAC/C,IAAI,eAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,wBAAwB,CAAC,CAAC;QACnD,eAAe,GAAI,GAAW,CAAC,cAAc,CAAC;IAChD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,8BAA8B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,qEAAqE;IACrE,gEAAgE;IAChE,gDAAgD;IAChD,UAAU,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAA0B,EAAE,EAAE,CAAC,CAAC;QACvE,IAAI,EAAE,0FAA0F;QAChG,QAAQ,EAAE,CAAC;KACZ,CAAC,CAAC,CAAC;IAEJ,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAEnF,KAAK,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACxC,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC1D,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1C,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,iBAAiB,CAAC,CAAC;QAC9E,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,WAAW;IACX,KAAK,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1C,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED,2DAA2D;AAC3D,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAc;IAC9C,MAAM,CAAC,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IACxC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,IAAI;YACP,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC;QACrB,KAAK,QAAQ;YACX,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC;QACzB,KAAK,MAAM;YACT,OAAO;gBACL,IAAI,EAAE,CAAC;gBACP,KAAK,EAAE;oBACL,wCAAwC;oBACxC,EAAE;oBACF,cAAc;oBACd,iFAAiF;oBACjF,kGAAkG;oBAClG,EAAE;oBACF,QAAQ;oBACR,yCAAyC;oBACzC,wEAAwE;oBACxE,2DAA2D;oBAC3D,0DAA0D;iBAC3D;aACF,CAAC;QACJ;YACE,OAAO;gBACL,IAAI,EAAE,CAAC;gBACP,KAAK,EAAE,CAAC,2BAA2B,MAAM,EAAE,EAAE,mCAAmC,CAAC;aAClF,CAAC;IACN,CAAC;AACH,CAAC"}

package/dist/mcp-scan.d.ts

@@ -0,0 +1,25 @@
+export type Severity = 'high' | 'medium' | 'low' | 'info';
+export interface Finding {
+    id: string;
+    severity: Severity;
+    title: string;
+    detail: string;
+}
+export interface ScanReport {
+    dir: string;
+    mcpEnabled: boolean;
+    findings: Finding[];
+    /** Highest severity present, or 'info' when clean. */
+    worst: Severity;
+}
+/**
+ * Scan a harness directory for MCP security issues. Never executes anything —
+ * static inspection of policy + config + manifest files only.
+ */
+export declare function scanMcp(dir: string): ScanReport;
+/** CLI wrapper. Exit code 1 if any HIGH finding, else 0. */
+export declare function mcpScanCmd(args: string[]): {
+    code: number;
+    lines: string[];
+};
+//# sourceMappingURL=mcp-scan.d.ts.map

package/dist/mcp-scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-scan.d.ts","sourceRoot":"","sources":["../src/mcp-scan.ts"],"names":[],"mappings":"AAgBA,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAE1D,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,OAAO,CAAC;IACpB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,sDAAsD;IACtD,KAAK,EAAE,QAAQ,CAAC;CACjB;AAYD;;;GAGG;AACH,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAsF/C;AAUD,4DAA4D;AAC5D,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAA;CAAE,CAmB5E"}

package/dist/mcp-scan.js

@@ -0,0 +1,132 @@
+// SPDX-License-Identifier: MIT
+//
+// `harness mcp-scan [path]` — a security scanner for a scaffolded harness's MCP
+// surface. "npm audit for agent tools" (ADR-022): it reads the harness's MCP
+// policy + host configs + package manifest and flags the patterns that make MCP
+// servers risky — broad shell/network/file-write grants, missing timeouts,
+// missing audit log, wildcard tool permissions, unpinned deps, and secret-read
+// exposure.
+//
+// Pure + dependency-light on purpose: `scanMcp()` takes a directory and returns
+// structured findings, so it is unit-testable without the kernel and reusable
+// from CI. The CLI wrapper just formats + sets the exit code.
+import { existsSync, readFileSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+const SEV_ORDER = ['info', 'low', 'medium', 'high'];
+function readJson(path) {
+    try {
+        return existsSync(path) ? JSON.parse(readFileSync(path, 'utf-8')) : undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Scan a harness directory for MCP security issues. Never executes anything —
+ * static inspection of policy + config + manifest files only.
+ */
+export function scanMcp(dir) {
+    const root = resolve(dir);
+    const findings = [];
+    const add = (f) => findings.push(f);
+    const policy = readJson(join(root, '.harness', 'mcp-policy.json'));
+    const settings = readJson(join(root, '.claude', 'settings.json'));
+    const pkg = readJson(join(root, 'package.json'));
+    const mcpEnabled = !!policy || !!(settings && settings.mcpServers && Object.keys(settings.mcpServers).length > 0);
+    if (!mcpEnabled) {
+        add({ id: 'mcp-disabled', severity: 'info', title: 'No MCP surface', detail: 'No MCP policy or server registered — nothing to scan.' });
+        return { dir: root, mcpEnabled: false, findings, worst: worstOf(findings) };
+    }
+    // --- policy checks -------------------------------------------------------
+    if (!policy) {
+        add({ id: 'no-policy', severity: 'high', title: 'MCP server with no policy', detail: 'An MCP server is registered but .harness/mcp-policy.json is missing — execution is ungoverned.' });
+    }
+    else {
+        if (policy.defaultDeny !== true) {
+            add({ id: 'no-default-deny', severity: 'high', title: 'Policy is not default-deny', detail: 'defaultDeny should be true so ungranted capabilities are refused, not silently allowed.' });
+        }
+        if (policy.allowShell === true) {
+            add({ id: 'allow-shell', severity: 'high', title: 'Shell access granted', detail: 'allowShell=true lets tools run arbitrary commands. Gate behind approval or disable.' });
+        }
+        if (policy.allowNetwork === true) {
+            add({ id: 'allow-network', severity: 'medium', title: 'Network access granted', detail: 'allowNetwork=true widens the exfiltration surface. Scope to specific hosts if possible.' });
+        }
+        if (policy.allowFileWrite === true) {
+            add({ id: 'allow-file-write', severity: 'medium', title: 'File-write access granted', detail: 'allowFileWrite=true lets tools modify the filesystem. Confirm this is intended.' });
+        }
+        if (policy.requireApprovalForDangerous !== true) {
+            add({ id: 'no-approval-gate', severity: 'medium', title: 'No approval gate for dangerous tools', detail: 'requireApprovalForDangerous should be true so dangerous tools need explicit consent.' });
+        }
+        if (policy.auditLog !== true) {
+            add({ id: 'no-audit-log', severity: 'medium', title: 'Audit log disabled', detail: 'auditLog=false means tool calls are not recorded — required for enterprise trust.' });
+        }
+        const timeout = Number(policy.toolTimeoutMs ?? 0);
+        if (!timeout || timeout <= 0) {
+            add({ id: 'no-timeout', severity: 'medium', title: 'No tool timeout', detail: 'toolTimeoutMs must be a positive number so a hung tool cannot stall the agent.' });
+        }
+        const maxCalls = Number(policy.maxToolCallsPerTurn ?? 0);
+        if (!maxCalls || maxCalls <= 0) {
+            add({ id: 'no-call-budget', severity: 'low', title: 'No per-turn tool-call budget', detail: 'maxToolCallsPerTurn bounds runaway loops; set a positive limit.' });
+        }
+    }
+    // --- host permission checks ---------------------------------------------
+    const allow = settings?.permissions?.allow ?? [];
+    const deny = settings?.permissions?.deny ?? [];
+    for (const a of allow) {
+        if (a === '*' || a === 'mcp__*' || a === 'mcp__*__*') {
+            add({ id: 'wildcard-tool-perm', severity: 'high', title: `Over-broad tool permission: ${a}`, detail: 'Wildcard MCP permissions grant every tool on every server. Scope to mcp__<server>__*.' });
+        }
+        if (/^Bash\((rm|curl|wget|sudo|chmod|ssh)\b/i.test(a) && !a.includes('status') && !a.includes('--dry-run')) {
+            add({ id: 'risky-bash-allow', severity: 'medium', title: `Risky shell allow-rule: ${a}`, detail: 'Allowing rm/curl/wget/sudo/ssh broadly is dangerous; narrow the glob.' });
+        }
+    }
+    const guardsEnv = deny.some((d) => /\.env/.test(d));
+    if (!guardsEnv) {
+        add({ id: 'no-secret-guard', severity: 'medium', title: 'Secrets not denied', detail: 'permissions.deny should block Read(./.env*) so tools cannot read credentials.' });
+    }
+    // --- dependency pinning --------------------------------------------------
+    const deps = pkg?.dependencies ?? {};
+    const unpinned = Object.entries(deps).filter(([, v]) => /^[\^~]/.test(v) || v === 'latest' || v.includes('*'));
+    if (unpinned.length > 0) {
+        add({
+            id: 'unpinned-deps',
+            severity: 'low',
+            title: `${unpinned.length} unpinned dependency range(s)`,
+            detail: `Floating ranges weaken supply-chain reproducibility: ${unpinned.map(([k]) => k).join(', ')}.`,
+        });
+    }
+    if (findings.length === 0) {
+        add({ id: 'clean', severity: 'info', title: 'No MCP security issues found', detail: 'Policy is default-deny with safe capability grants and an audit log.' });
+    }
+    return { dir: root, mcpEnabled: true, findings, worst: worstOf(findings) };
+}
+function worstOf(findings) {
+    let worst = 'info';
+    for (const f of findings) {
+        if (SEV_ORDER.indexOf(f.severity) > SEV_ORDER.indexOf(worst))
+            worst = f.severity;
+    }
+    return worst;
+}
+/** CLI wrapper. Exit code 1 if any HIGH finding, else 0. */
+export function mcpScanCmd(args) {
+    const dir = args[0] ?? process.cwd();
+    const report = scanMcp(dir);
+    const lines = [`harness mcp-scan — ${report.dir}`, ''];
+    if (!report.mcpEnabled) {
+        lines.push('MCP: not enabled (no policy or server). Nothing to scan.');
+        return { code: 0, lines };
+    }
+    const order = ['high', 'medium', 'low', 'info'];
+    const tag = { high: 'HIGH', medium: 'MED ', low: 'LOW ', info: 'INFO' };
+    for (const sev of order) {
+        for (const f of report.findings.filter((x) => x.severity === sev)) {
+            lines.push(`  [${tag[sev]}] ${f.title}`);
+            lines.push(`         ${f.detail}`);
+        }
+    }
+    const highs = report.findings.filter((f) => f.severity === 'high').length;
+    lines.push('', `Result: ${report.worst.toUpperCase()} (${report.findings.length} finding${report.findings.length === 1 ? '' : 's'}, ${highs} high)`);
+    return { code: highs > 0 ? 1 : 0, lines };
+}
+//# sourceMappingURL=mcp-scan.js.map

package/dist/mcp-scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-scan.js","sourceRoot":"","sources":["../src/mcp-scan.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,EAAE;AACF,gFAAgF;AAChF,6EAA6E;AAC7E,gFAAgF;AAChF,2EAA2E;AAC3E,+EAA+E;AAC/E,YAAY;AACZ,EAAE;AACF,gFAAgF;AAChF,8EAA8E;AAC9E,8DAA8D;AAE9D,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAmB1C,MAAM,SAAS,GAAe,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;AAEhE,SAAS,QAAQ,CAAC,IAAY;IAC5B,IAAI,CAAC;QACH,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,GAAW;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1B,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,GAAG,GAAG,CAAC,CAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAE7C,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,iBAAiB,CAAC,CAAwC,CAAC;IAC1G,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,eAAe,CAAC,CAEnD,CAAC;IACd,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAElC,CAAC;IAEd,MAAM,UAAU,GACd,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAEjG,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,GAAG,CAAC,EAAE,EAAE,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,uDAAuD,EAAE,CAAC,CAAC;QACxI,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;IAC9E,CAAC;IAED,4EAA4E;IAC5E,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,EAAE,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,2BAA2B,EAAE,MAAM,EAAE,gGAAgG,EAAE,CAAC,CAAC;IAC3L,CAAC;SAAM,CAAC;QACN,IAAI,MAAM,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAChC,GAAG,CAAC,EAAE,EAAE,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,4BAA4B,EAAE,MAAM,EAAE,yFAAyF,EAAE,CAAC,CAAC;QAC3L,CAAC;QACD,IAAI,MAAM,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;YAC/B,GAAG,CAAC,EAAE,EAAE,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,sBAAsB,EAAE,MAAM,EAAE,qFAAqF,EAAE,CAAC,CAAC;QAC7K,CAAC;QACD,IAAI,MAAM,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YACjC,GAAG,CAAC,EAAE,EAAE,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,wBAAwB,EAAE,MAAM,EAAE,yFAAyF,EAAE,CAAC,CAAC;QACvL,CAAC;QACD,IAAI,MAAM,CAAC,cAAc,KAAK,IAAI,EAAE,CAAC;YACnC,GAAG,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,2BAA2B,EAAE,MAAM,EAAE,iFAAiF,EAAE,CAAC,CAAC;QACrL,CAAC;QACD,IAAI,MAAM,CAAC,2BAA2B,KAAK,IAAI,EAAE,CAAC;YAChD,GAAG,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,sCAAsC,EAAE,MAAM,EAAE,sFAAsF,EAAE,CAAC,CAAC;QACrM,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;YAC7B,GAAG,CAAC,EAAE,EAAE,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,oBAAoB,EAAE,MAAM,EAAE,mFAAmF,EAAE,CAAC,CAAC;QAC5K,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;YAC7B,GAAG,CAAC,EAAE,EAAE,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,gFAAgF,EAAE,CAAC,CAAC;QACpK,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,mBAAmB,IAAI,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;YAC/B,GAAG,CAAC,EAAE,EAAE,EAAE,gBAAgB,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,MAAM,EAAE,iEAAiE,EAAE,CAAC,CAAC;QACnK,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,MAAM,KAAK,GAAG,QAAQ,EAAE,WAAW,EAAE,KAAK,IAAI,EAAE,CAAC;IACjD,MAAM,IAAI,GAAG,QAAQ,EAAE,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC;IAC/C,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,WAAW,EAAE,CAAC;YACrD,GAAG,CAAC,EAAE,EAAE,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,+BAA+B,CAAC,EAAE,EAAE,MAAM,EAAE,uFAAuF,EAAE,CAAC,CAAC;QAClM,CAAC;QACD,IAAI,yCAAyC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAC3G,GAAG,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,2BAA2B,CAAC,EAAE,EAAE,MAAM,EAAE,uEAAuE,EAAE,CAAC,CAAC;QAC9K,CAAC;IACH,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,GAAG,CAAC,EAAE,EAAE,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,oBAAoB,EAAE,MAAM,EAAE,+EAA+E,EAAE,CAAC,CAAC;IAC3K,CAAC;IAED,4EAA4E;IAC5E,MAAM,IAAI,GAAG,GAAG,EAAE,YAAY,IAAI,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/G,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,GAAG,CAAC;YACF,EAAE,EAAE,eAAe;YACnB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,GAAG,QAAQ,CAAC,MAAM,+BAA+B;YACxD,MAAM,EAAE,wDAAwD,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;SACvG,CAAC,CAAC;IACL,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,GAAG,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,8BAA8B,EAAE,MAAM,EAAE,sEAAsE,EAAE,CAAC,CAAC;IAChK,CAAC;IAED,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;AAC7E,CAAC;AAED,SAAS,OAAO,CAAC,QAAmB;IAClC,IAAI,KAAK,GAAa,MAAM,CAAC;IAC7B,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC;YAAE,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC;IACnF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,UAAU,CAAC,IAAc;IACvC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IACrC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAa,CAAC,sBAAsB,MAAM,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;IACjE,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACvE,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,MAAM,KAAK,GAAe,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAC5D,MAAM,GAAG,GAA6B,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAClG,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,EAAE,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YACzC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,WAAW,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,KAAK,QAAQ,CAAC,CAAC;IACrJ,OAAO,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC;AAC5C,CAAC"}

package/dist/oia-manifest.d.ts

@@ -0,0 +1,97 @@
+export type SubcommandResult = {
+    code: number;
+    lines: string[];
+};
+export type AlignmentLevel = 'full' | 'partial' | 'none' | 'not-applicable';
+export type SpanStatus = 'full' | 'partial' | 'none';
+export interface OiaManifest {
+    schema: 1;
+    oiaVersion: '0.1';
+    generatedAt: string;
+    harnessId: string;
+    layerAlignment: {
+        L1_physicalCompute: AlignmentLevel;
+        L2_dataAndStorage: AlignmentLevel;
+        L3_models: AlignmentLevel;
+        L4_toolsAndIntegrations: AlignmentLevel;
+        L5_agentOrchestration: AlignmentLevel;
+        L6_workflowAndAutomation: AlignmentLevel;
+        L7_governanceAndPolicy: AlignmentLevel;
+        L8_observabilityAndAudit: AlignmentLevel;
+        L9_humanAndBrowserInterface: AlignmentLevel;
+    };
+    horizontalSpans: {
+        security: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+        observability: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+        identity: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+        governance: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+        policyEnforcement: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+        interoperability: {
+            status: SpanStatus;
+            implementation: string | null;
+        };
+    };
+    adjacentStandards: {
+        mcp: {
+            mode: 'off' | 'local' | 'remote';
+            policyPath: string | null;
+        };
+        a2a: {
+            mode: 'off' | 'inbound' | 'bidi';
+            note: string;
+        };
+        acp: {
+            mode: 'off' | 'inbound' | 'bidi';
+            note: string;
+        };
+        agentProtocol: {
+            mode: 'off' | 'inbound' | 'bidi';
+            note: string;
+        };
+    };
+    discoveryEndpoint: string | null;
+    registryUrl: string | null;
+}
+interface HarnessProfile {
+    name: string;
+    version: string;
+    hasMcp: boolean;
+    mcpMode: 'off' | 'local' | 'remote';
+    mcpPolicyPath: string | null;
+    hasWitness: boolean;
+    hasAuditLog: boolean;
+}
+/**
+ * Build an OIA manifest from the harness profile. Pure: same profile + same
+ * generatedAt → byte-identical manifest, so the witness fingerprint (ADR-011)
+ * stays stable.
+ */
+export declare function buildOiaManifest(profile: HarnessProfile, generatedAt?: string): OiaManifest;
+export interface CheckResult {
+    ok: boolean;
+    reasons: string[];
+}
+/**
+ * Validate an OIA manifest against the v0.1 schema. Strict shape check;
+ * unknown keys are reported as warnings (not failures) so a v1.0 manifest
+ * can be linted against v0.1 with informational drift output.
+ */
+export declare function checkOiaManifest(m: unknown): CheckResult;
+export declare function oiaManifestCmd(args: string[]): Promise<SubcommandResult>;
+export {};
+//# sourceMappingURL=oia-manifest.d.ts.map

package/dist/oia-manifest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oia-manifest.d.ts","sourceRoot":"","sources":["../src/oia-manifest.ts"],"names":[],"mappings":"AAuBA,MAAM,MAAM,gBAAgB,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC;AAEjE,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,SAAS,GAAG,MAAM,GAAG,gBAAgB,CAAC;AAC5E,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,MAAM,CAAC;AAErD,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,CAAC,CAAC;IACV,UAAU,EAAE,KAAK,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE;QACd,kBAAkB,EAAE,cAAc,CAAC;QACnC,iBAAiB,EAAE,cAAc,CAAC;QAClC,SAAS,EAAE,cAAc,CAAC;QAC1B,uBAAuB,EAAE,cAAc,CAAC;QACxC,qBAAqB,EAAE,cAAc,CAAC;QACtC,wBAAwB,EAAE,cAAc,CAAC;QACzC,sBAAsB,EAAE,cAAc,CAAC;QACvC,wBAAwB,EAAE,cAAc,CAAC;QACzC,2BAA2B,EAAE,cAAc,CAAC;KAC7C,CAAC;IACF,eAAe,EAAE;QACf,QAAQ,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QAChE,aAAa,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QACrE,QAAQ,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QAChE,UAAU,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QAClE,iBAAiB,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QACzE,gBAAgB,EAAE;YAAE,MAAM,EAAE,UAAU,CAAC;YAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;KACzE,CAAC;IACF,iBAAiB,EAAE;QACjB,GAAG,EAAE;YAAE,IAAI,EAAE,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;YAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC;QACrE,GAAG,EAAE;YAAE,IAAI,EAAE,KAAK,GAAG,SAAS,GAAG,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC;QACxD,GAAG,EAAE;YAAE,IAAI,EAAE,KAAK,GAAG,SAAS,GAAG,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC;QACxD,aAAa,EAAE;YAAE,IAAI,EAAE,KAAK,GAAG,SAAS,GAAG,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC;KACnE,CAAC;IACF,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;IACpC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,EAAE,OAAO,CAAC;CACtB;AA8BD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,cAAc,EAAE,WAAW,GAAE,MAAiC,GAAG,WAAW,CAqDrH;AAkBD,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,OAAO,GAAG,WAAW,CAyBxD;AAeD,wBAAsB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,gBAAgB,CAAC,CA0D9E"}