moltblock 0.4.0 → 0.6.0

package/dist/config.js

@@ -23,6 +23,13 @@ try {
 catch {
     // dotenv not required
 }
+// --- Provider defaults registry ---
+const PROVIDER_DEFAULTS = {
+    openai: { baseUrl: "https://api.openai.com/v1", model: "gpt-4o", envKey: "OPENAI_API_KEY" },
+    google: { baseUrl: "https://generativelanguage.googleapis.com/v1beta/openai/", model: "gemini-2.0-flash", envKey: "GOOGLE_API_KEY" },
+    zai: { baseUrl: "https://api.z.ai/api/paas/v4", model: "glm-4.7-flash", envKey: "MOLTBLOCK_ZAI_API_KEY" },
+    local: { baseUrl: "http://localhost:1234/v1", model: "local", envKey: "" },
+};
 // --- Zod schemas (OpenClaw-style config) ---
 export const BindingEntrySchema = z.object({
     backend: z.string().describe("e.g. 'local' or 'zai' or 'openai'"),
@@ -33,8 +40,20 @@ export const BindingEntrySchema = z.object({
 export const AgentConfigSchema = z.object({
     bindings: z.record(z.string(), BindingEntrySchema).optional().describe("Per-role model bindings"),
 });
+export const PolicyRuleSchema = z.object({
+    id: z.string().describe("Unique rule identifier"),
+    description: z.string().describe("Human-readable rule description"),
+    target: z.enum(["artifact", "task", "both"]).describe("What to match against"),
+    pattern: z.string().describe("Regex pattern string"),
+    action: z.enum(["deny", "allow"]).describe("deny blocks; allow overrides deny in same category"),
+    category: z.string().describe("Rule category for allow/deny grouping"),
+    enabled: z.boolean().default(true).describe("Whether the rule is active"),
+});
 export const MoltblockConfigSchema = z.object({
     agent: AgentConfigSchema.optional().describe("Agent defaults and bindings"),
+    policy: z.object({
+        rules: z.array(PolicyRuleSchema).optional().describe("Custom policy rules"),
+    }).optional().describe("Policy verifier configuration"),
 });
 export const ModelBindingSchema = z.object({
     backend: z.string().describe("e.g. 'local' or 'zai' or 'openai'"),
@@ -138,18 +157,49 @@ export function loadMoltblockConfig() {
 }
 /**
  * Parse OpenClaw config and convert to MoltblockConfig format.
- * OpenClaw uses a similar structure but may have different field names.
+ * Handles multiple OpenClaw formats: agents.defaults.model.primary ("provider/model"),
+ * agent.bindings, providers section, and models section.
  */
 function parseOpenClawConfig(data) {
     if (!data || typeof data !== "object") {
         return null;
     }
     const obj = data;
-    // OpenClaw may have agent.bindings or providers section
-    // Try to extract bindings from various possible locations
     let bindings;
+    // Check for agents.defaults.model.primary (OpenClaw's actual format: "provider/model")
+    if (obj["agents"] && typeof obj["agents"] === "object") {
+        const agents = obj["agents"];
+        if (agents["defaults"] && typeof agents["defaults"] === "object") {
+            const defaults = agents["defaults"];
+            if (defaults["model"] && typeof defaults["model"] === "object") {
+                const modelConfig = defaults["model"];
+                const primary = modelConfig["primary"];
+                if (typeof primary === "string" && primary.includes("/")) {
+                    const parts = primary.split("/");
+                    const providerName = parts[0] ?? "";
+                    const modelName = parts.slice(1).join("/");
+                    const provider = PROVIDER_DEFAULTS[providerName.toLowerCase()];
+                    if (providerName && provider) {
+                        const apiKey = getApiKeyForBackend(providerName);
+                        const binding = {
+                            backend: providerName.toLowerCase(),
+                            base_url: provider.baseUrl,
+                            model: modelName || provider.model,
+                            api_key: apiKey,
+                        };
+                        bindings = {
+                            generator: binding,
+                            critic: { ...binding },
+                            judge: { ...binding },
+                            verifier: { ...binding },
+                        };
+                    }
+                }
+            }
+        }
+    }
     // Check for agent.bindings (same as moltblock)
-    if (obj["agent"] && typeof obj["agent"] === "object") {
+    if (!bindings && obj["agent"] && typeof obj["agent"] === "object") {
         const agent = obj["agent"];
         if (agent["bindings"] && typeof agent["bindings"] === "object") {
             bindings = extractBindings(agent["bindings"]);
@@ -242,23 +292,66 @@ function getApiKeyForBackend(backend) {
         return env("GOOGLE_API_KEY") || null;
     }
     if (backendLower === "zai") {
-        return env("MOLTBLOCK_ZAI_API_KEY") || null;
+        return env("MOLTBLOCK_ZAI_API_KEY") || env("ZAI_API_KEY") || null;
     }
     return null;
 }
+/**
+ * Auto-detect the best available provider from environment variables.
+ * Priority: explicit override > OPENAI_API_KEY > GOOGLE_API_KEY > MOLTBLOCK_ZAI_API_KEY/ZAI_API_KEY > local.
+ */
+export function detectProvider(overrideProvider, overrideModel) {
+    if (overrideProvider) {
+        const p = PROVIDER_DEFAULTS[overrideProvider.toLowerCase()];
+        if (!p) {
+            throw new Error(`Unknown provider "${overrideProvider}". Valid providers: ${Object.keys(PROVIDER_DEFAULTS).join(", ")}`);
+        }
+        const apiKey = p.envKey ? env(p.envKey) || null : null;
+        return {
+            backend: overrideProvider.toLowerCase(),
+            baseUrl: p.baseUrl,
+            model: overrideModel || p.model,
+            apiKey,
+        };
+    }
+    // Scan env vars in priority order
+    const priority = [
+        { name: "openai", envKey: "OPENAI_API_KEY" },
+        { name: "google", envKey: "GOOGLE_API_KEY" },
+        { name: "zai", envKey: "MOLTBLOCK_ZAI_API_KEY" },
+        { name: "zai", envKey: "ZAI_API_KEY" },
+    ];
+    for (const { name, envKey } of priority) {
+        const key = env(envKey);
+        if (key) {
+            const p = PROVIDER_DEFAULTS[name];
+            return {
+                backend: name,
+                baseUrl: p.baseUrl,
+                model: overrideModel || p.model,
+                apiKey: key,
+            };
+        }
+    }
+    // Fallback to local
+    const local = PROVIDER_DEFAULTS["local"];
+    return {
+        backend: "local",
+        baseUrl: local.baseUrl,
+        model: overrideModel || local.model,
+        apiKey: null,
+    };
+}
 /**
  * Model bindings for Code Entity. Load from moltblock.json if present, then env overrides.
- * If no JSON, uses env/.env only (backward compatible). API keys from env win over JSON.
+ * If no JSON, auto-detects provider from env vars. API keys from env win over JSON.
  */
-export function defaultCodeEntityBindings() {
+export function defaultCodeEntityBindings(overrides) {
     const cfg = loadMoltblockConfig();
-    const zaiKey = env("MOLTBLOCK_ZAI_API_KEY");
-    const localUrl = env("MOLTBLOCK_GENERATOR_BASE_URL") || "http://localhost:1234/v1";
-    const localModel = env("MOLTBLOCK_GENERATOR_MODEL") || "local";
     const envUrl = (key, fallback) => env(key) || fallback;
     const envModel = (key, fallback) => env(key) || fallback;
     const bindingsFromJson = cfg?.agent?.bindings ?? {};
-    function bindingFor(role, defaultBackend, defaultBase, defaultModel, defaultApiKey) {
+    function bindingFor(role) {
         const entry = bindingsFromJson[role];
         if (entry) {
             const baseUrl = envUrl(`MOLTBLOCK_${role.toUpperCase()}_BASE_URL`, entry.base_url);
@@ -271,42 +364,24 @@ export function defaultCodeEntityBindings() {
             const apiKey = envApiKey || entry.api_key || getApiKeyForBackend(entry.backend) || null;
             return { backend: entry.backend, baseUrl, apiKey, model };
         }
-        // No JSON: legacy env-only behavior
-        if (role === "generator") {
-            return { backend: "local", baseUrl: localUrl, apiKey: null, model: localModel };
-        }
-        if (role === "critic") {
-            const useZai = Boolean(zaiKey);
-            return {
-                backend: useZai ? "zai" : "local",
-                baseUrl: envUrl("MOLTBLOCK_CRITIC_BASE_URL", useZai ? "https://api.z.ai/api/paas/v4" : localUrl),
-                apiKey: useZai ? zaiKey : null,
-                model: envModel("MOLTBLOCK_CRITIC_MODEL", useZai ? "glm-4.7-flash" : localModel),
-            };
-        }
-        if (role === "judge") {
-            const useZai = Boolean(zaiKey);
-            return {
-                backend: useZai ? "zai" : "local",
-                baseUrl: envUrl("MOLTBLOCK_JUDGE_BASE_URL", useZai ? "https://api.z.ai/api/paas/v4" : localUrl),
-                apiKey: useZai ? zaiKey : null,
-                model: envModel("MOLTBLOCK_JUDGE_MODEL", useZai ? "glm-4.7-flash" : localModel),
-            };
-        }
-        if (role === "verifier") {
-            return {
-                backend: "local",
-                baseUrl: envUrl("MOLTBLOCK_VERIFIER_BASE_URL", localUrl),
-                apiKey: null,
-                model: envModel("MOLTBLOCK_VERIFIER_MODEL", localModel),
-            };
-        }
-        return { backend: defaultBackend, baseUrl: defaultBase, apiKey: defaultApiKey, model: defaultModel };
+        // No JSON entry for this role: auto-detect provider
+        const detected = detectProvider(overrides?.provider, overrides?.model);
+        const baseUrl = envUrl(`MOLTBLOCK_${role.toUpperCase()}_BASE_URL`, detected.baseUrl);
+        const model = envModel(`MOLTBLOCK_${role.toUpperCase()}_MODEL`, detected.model);
+        return { backend: detected.backend, baseUrl, apiKey: detected.apiKey, model };
     }
     return {
-        generator: bindingFor("generator", "local", localUrl, localModel, null),
-        critic: bindingFor("critic", zaiKey ? "zai" : "local", localUrl, localModel, zaiKey || null),
-        judge: bindingFor("judge", zaiKey ? "zai" : "local", localUrl, localModel, zaiKey || null),
-        verifier: bindingFor("verifier", "local", localUrl, localModel, null),
+        generator: bindingFor("generator"),
+        critic: bindingFor("critic"),
+        judge: bindingFor("judge"),
+        verifier: bindingFor("verifier"),
     };
 }
+/**
+ * Load custom policy rules from moltblock config.
+ * Returns empty array if no config or no rules defined.
+ */
+export function loadPolicyRules() {
+    const cfg = loadMoltblockConfig();
+    return cfg?.policy?.rules ?? [];
+}

package/dist/domain-prompts.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Domain prompt registry: maps domain names to role-specific system prompts.
+ */
+/** Prompt set for a single domain: one system prompt per agent role. */
+export interface DomainPrompts {
+    generator: string;
+    critic: string;
+    judge: string;
+}
+/**
+ * Get prompts for a domain. Falls back to "general" if domain is unknown.
+ */
+export declare function getDomainPrompts(domain: string): DomainPrompts;
+/**
+ * Register a custom domain with its prompts. Overwrites if already exists.
+ */
+export declare function registerDomain(domain: string, prompts: DomainPrompts): void;
+/**
+ * List all registered domain names.
+ */
+export declare function listDomains(): string[];

package/dist/domain-prompts.js

@@ -0,0 +1,33 @@
+/**
+ * Domain prompt registry: maps domain names to role-specific system prompts.
+ */
+const registry = new Map();
+// --- Built-in domains ---
+registry.set("code", {
+    generator: "You are the Generator for a Code Entity. You produce a single TypeScript implementation that satisfies the user's task. Output only valid TypeScript code, no markdown fences or extra commentary. The code will be reviewed by a Critic and then verified by running tests.",
+    critic: "You are the Critic. Review the draft code for bugs, edge cases, and style. Be concise. List specific issues and suggestions. Do not rewrite the code; only critique.",
+    judge: "You are the Judge. Given the task, the draft code, and the critique, produce the final single TypeScript implementation. Output only valid TypeScript code, no markdown fences or extra commentary. Incorporate the critic's feedback. The result will be run through vitest.",
+});
+registry.set("general", {
+    generator: "You are the Generator. Produce a clear, complete response that satisfies the user's task. Focus on accuracy and completeness. Your output will be reviewed by a Critic.",
+    critic: "You are the Critic. Review the draft response for factual errors, gaps, unclear reasoning, and potential risks. Be concise. List specific issues and suggestions. Do not rewrite the response; only critique.",
+    judge: "You are the Judge. Given the task, the draft response, and the critique, produce the final response. Incorporate the critic's feedback. Ensure the result is accurate, safe, and complete.",
+});
+/**
+ * Get prompts for a domain. Falls back to "general" if domain is unknown.
+ */
+export function getDomainPrompts(domain) {
+    return registry.get(domain) ?? registry.get("general");
+}
+/**
+ * Register a custom domain with its prompts. Overwrites if already exists.
+ */
+export function registerDomain(domain, prompts) {
+    registry.set(domain, prompts);
+}
+/**
+ * List all registered domain names.
+ */
+export function listDomains() {
+    return [...registry.keys()];
+}

package/dist/entity-base.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Generic Entity: pluggable verifier and domain support for any task type.
+ * CodeEntity remains unchanged for backward compatibility.
+ */
+import { type ModelBinding } from "./config.js";
+import { WorkingMemory } from "./memory.js";
+import { Store } from "./persistence.js";
+import type { Verifier } from "./verifier-interface.js";
+/** Options for constructing a generic Entity. */
+export interface EntityOptions {
+    /** Verifier to gate artifacts. Defaults to PolicyVerifier. */
+    verifier?: Verifier;
+    /** Domain for agent prompts. Defaults to "general". */
+    domain?: string;
+    /** Per-role model bindings. Auto-detected if omitted. */
+    bindings?: Record<string, ModelBinding>;
+}
+/**
+ * Generic Entity: same Generator -> Critic -> Judge pipeline as CodeEntity,
+ * but with a pluggable verifier and domain-aware prompts.
+ */
+export declare class Entity {
+    private gateways;
+    private verifier;
+    private domain;
+    constructor(options?: EntityOptions);
+    /**
+     * One full loop: task -> Generator -> Critic -> Judge -> Verifier -> gating.
+     * Returns working memory with authoritative_artifact set only if verification passed.
+     */
+    run(task: string, options?: {
+        testCode?: string;
+        store?: Store;
+        entityVersion?: string;
+        writeCheckpointAfter?: boolean;
+    }): Promise<WorkingMemory>;
+}

package/dist/entity-base.js

@@ -0,0 +1,87 @@
+/**
+ * Generic Entity: pluggable verifier and domain support for any task type.
+ * CodeEntity remains unchanged for backward compatibility.
+ */
+import { runCritic, runGenerator, runJudge } from "./agents.js";
+import { defaultCodeEntityBindings } from "./config.js";
+import { LLMGateway } from "./gateway.js";
+import { WorkingMemory } from "./memory.js";
+import { hashMemory, recordOutcome } from "./persistence.js";
+import { PolicyVerifier } from "./policy-verifier.js";
+import { validateTask } from "./validation.js";
+/**
+ * Generic Entity: same Generator -> Critic -> Judge pipeline as CodeEntity,
+ * but with a pluggable verifier and domain-aware prompts.
+ */
+export class Entity {
+    gateways;
+    verifier;
+    domain;
+    constructor(options) {
+        const resolvedBindings = options?.bindings ?? defaultCodeEntityBindings();
+        this.verifier = options?.verifier ?? new PolicyVerifier();
+        this.domain = options?.domain ?? "general";
+        this.gateways = {
+            generator: new LLMGateway(resolvedBindings["generator"]),
+            critic: new LLMGateway(resolvedBindings["critic"]),
+            judge: new LLMGateway(resolvedBindings["judge"]),
+        };
+    }
+    /**
+     * One full loop: task -> Generator -> Critic -> Judge -> Verifier -> gating.
+     * Returns working memory with authoritative_artifact set only if verification passed.
+     */
+    async run(task, options = {}) {
+        const { testCode, store, entityVersion = "0.5.0", writeCheckpointAfter = false, } = options;
+        // Validate input
+        const taskValidation = validateTask(task);
+        if (!taskValidation.valid) {
+            throw new Error(`Invalid task: ${taskValidation.error}`);
+        }
+        const t0 = performance.now();
+        const memory = new WorkingMemory();
+        memory.setTask(task);
+        // Inject long-term context from verified memory
+        if (store) {
+            const recent = store.getRecentVerified(5);
+            const parts = [];
+            for (const e of recent) {
+                if (e.content_preview) {
+                    parts.push(e.content_preview.slice(0, 500));
+                }
+                else if (e.summary) {
+                    parts.push(e.summary);
+                }
+            }
+            memory.longTermContext = parts.length > 0 ? parts.join("\n---\n") : "";
+        }
+        // Run the agent pipeline with domain-aware prompts
+        await runGenerator(this.gateways["generator"], memory, store ?? null, this.domain);
+        await runCritic(this.gateways["critic"], memory, store ?? null, this.domain);
+        await runJudge(this.gateways["judge"], memory, store ?? null, this.domain);
+        // Run pluggable verifier
+        const ctx = {
+            task,
+            testCode,
+            domain: this.domain,
+        };
+        const result = await this.verifier.verify(memory, ctx);
+        memory.setVerification(result.passed, result.evidence);
+        // Record outcome and persist if verification passed
+        const latencySec = (performance.now() - t0) / 1000;
+        if (store) {
+            recordOutcome(store, memory.verificationPassed, latencySec, task.slice(0, 100));
+        }
+        if (store && memory.verificationPassed && memory.authoritativeArtifact) {
+            const artifactRef = `artifact_${Date.now()}`;
+            store.addVerified(artifactRef, `Verified artifact (${memory.authoritativeArtifact.length} chars)`, memory.authoritativeArtifact.slice(0, 2000));
+            if (writeCheckpointAfter) {
+                const graphHash = `entity-${this.domain}`;
+                const refs = [artifactRef];
+                const memHash = hashMemory(refs);
+                store.writeCheckpoint(entityVersion, graphHash, memHash, refs);
+            }
+        }
+        return memory;
+    }
+}

package/dist/graph-runner.d.ts

@@ -5,6 +5,14 @@ import { type ModelBinding } from "./config.js";
 import { AgentGraph } from "./graph-schema.js";
 import { WorkingMemory } from "./memory.js";
 import { Store } from "./persistence.js";
+import type { Verifier } from "./verifier-interface.js";
+/** Options for configuring the GraphRunner beyond bindings. */
+export interface GraphRunnerOptions {
+    /** Pluggable verifier. If omitted, falls back to the existing vitest-based runVerifier. */
+    verifier?: Verifier;
+    /** Domain for agent prompts. Defaults to "code". */
+    domain?: string;
+}
 /**
  * Runs a declarative agent graph: nodes (role + binding), edges (data flow).
  * After all nodes run, verifier runs on the final node's output and gating is applied.
@@ -12,7 +20,9 @@ import { Store } from "./persistence.js";
 export declare class GraphRunner {
     private graph;
     private gateways;
-    constructor(graph: AgentGraph, bindings?: Record<string, ModelBinding>);
+    private pluggableVerifier?;
+    private domain;
+    constructor(graph: AgentGraph, bindings?: Record<string, ModelBinding>, options?: GraphRunnerOptions);
     /**
      * Execute graph: task in -> run nodes in topo order -> run verifier on final node -> gating.
      * If store is provided and verification passed: admit to verified memory; optionally write checkpoint.

package/dist/graph-runner.js

@@ -14,8 +14,12 @@ import { runVerifier } from "./verifier.js";
 export class GraphRunner {
     graph;
     gateways = new Map();
-    constructor(graph, bindings) {
+    pluggableVerifier;
+    domain;
+    constructor(graph, bindings, options) {
         this.graph = graph;
+        this.pluggableVerifier = options?.verifier;
+        this.domain = options?.domain ?? "code";
         const resolvedBindings = bindings ?? defaultCodeEntityBindings();
         for (const node of graph.nodes) {
             if (node.role === "verifier") {
@@ -71,7 +75,7 @@ export class GraphRunner {
             if (!gateway) {
                 throw new Error(`No gateway for binding '${node.binding}'`);
             }
-            const out = await runRole(node.role, gateway, task, inputs, memory.longTermContext, store ?? null);
+            const out = await runRole(node.role, gateway, task, inputs, memory.longTermContext, store ?? null, this.domain);
             memory.setSlot(nodeId, out);
         }
         // Set final candidate from final node
@@ -79,8 +83,15 @@ export class GraphRunner {
         if (finalId) {
             memory.finalCandidate = memory.getSlot(finalId);
         }
-        // Run verification
-        await runVerifier(memory, testCode);
+        // Run verification: pluggable verifier if provided, otherwise legacy runVerifier
+        if (this.pluggableVerifier) {
+            const ctx = { task, testCode, domain: this.domain };
+            const result = await this.pluggableVerifier.verify(memory, ctx);
+            memory.setVerification(result.passed, result.evidence);
+        }
+        else {
+            await runVerifier(memory, testCode);
+        }
         // Record outcome and persist if verification passed
         const latencySec = (performance.now() - t0) / 1000;
         if (store) {

package/dist/improvement.d.ts

@@ -7,7 +7,7 @@ import type { StrategySuggestion } from "./types.js";
  * Review recent outcomes and return suggested strategy updates (rule-based for MVP).
  * Returns list of { role, suggestion } for human or governance to apply.
  */
-export declare function critiqueStrategies(store: Store, recentCount?: number): StrategySuggestion[];
+export declare function critiqueStrategies(store: Store, recentCount?: number, domain?: string): StrategySuggestion[];
 /**
  * Apply a new prompt for role (strategy update). Under governance, this would require approval.
  */

package/dist/improvement.js

@@ -6,7 +6,7 @@ import { getRecentOutcomes, recordOutcome, setStrategy, } from "./persistence.js
  * Review recent outcomes and return suggested strategy updates (rule-based for MVP).
  * Returns list of { role, suggestion } for human or governance to apply.
  */
-export function critiqueStrategies(store, recentCount = 10) {
+export function critiqueStrategies(store, recentCount = 10, domain = "code") {
     const outcomes = getRecentOutcomes(store, recentCount);
     if (outcomes.length < 3) {
         return [];
@@ -15,14 +15,26 @@ export function critiqueStrategies(store, recentCount = 10) {
     const failRate = 1.0 - passed / outcomes.length;
     const suggestions = [];
     if (failRate >= 0.5) {
-        suggestions.push({
-            role: "generator",
-            suggestion: "Add explicit instruction: output only valid TypeScript with no markdown fences or commentary.",
-        });
-        suggestions.push({
-            role: "judge",
-            suggestion: "Ensure Judge incorporates all critic feedback and outputs runnable code only.",
-        });
+        if (domain === "code") {
+            suggestions.push({
+                role: "generator",
+                suggestion: "Add explicit instruction: output only valid TypeScript with no markdown fences or commentary.",
+            });
+            suggestions.push({
+                role: "judge",
+                suggestion: "Ensure Judge incorporates all critic feedback and outputs runnable code only.",
+            });
+        }
+        else {
+            suggestions.push({
+                role: "generator",
+                suggestion: "Add explicit instruction: produce clear, complete, and accurate responses. Avoid ambiguity.",
+            });
+            suggestions.push({
+                role: "judge",
+                suggestion: "Ensure Judge addresses all critic concerns and produces a safe, well-structured final response.",
+            });
+        }
     }
     return suggestions;
 }

package/dist/index.d.ts

@@ -1,19 +1,26 @@
 /**
  * Moltblock — framework for evolving composite intelligences (Entities).
  */
-export declare const VERSION = "0.2.0";
+export declare const VERSION = "0.6.0";
 export type { ModelBinding, BindingEntry, AgentConfig, MoltblockConfig, ChatMessage, VerifiedMemoryEntry, CheckpointEntry, OutcomeEntry, InboxEntry, StrategySuggestion, ReceivedArtifact, GovernanceConfig, } from "./types.js";
 export { WorkingMemory } from "./memory.js";
 export { signArtifact, verifyArtifact, artifactHash } from "./signing.js";
-export { loadMoltblockConfig, defaultCodeEntityBindings, getConfigSource, BindingEntrySchema, AgentConfigSchema, MoltblockConfigSchema, ModelBindingSchema, type ConfigSource, } from "./config.js";
+export { loadMoltblockConfig, defaultCodeEntityBindings, detectProvider, getConfigSource, loadPolicyRules, BindingEntrySchema, AgentConfigSchema, MoltblockConfigSchema, ModelBindingSchema, PolicyRuleSchema, type BindingOverrides, type ConfigSource, type PolicyRuleConfig, } from "./config.js";
 export { Store, hashGraph, hashMemory, auditLog, getGovernanceValue, setGovernanceValue, putInbox, getInbox, recordOutcome, getRecentOutcomes, getStrategy, setStrategy, } from "./persistence.js";
 export { LLMGateway } from "./gateway.js";
 export { runGenerator, runCritic, runJudge, runRole, } from "./agents.js";
 export { AgentGraph, GraphNodeSchema, GraphEdgeSchema, AgentGraphSchema, type GraphNode, type GraphEdge, type AgentGraphData, } from "./graph-schema.js";
-export { GraphRunner } from "./graph-runner.js";
+export { GraphRunner, type GraphRunnerOptions } from "./graph-runner.js";
 export { extractCodeBlock, runVitestOnCode, runVerifier } from "./verifier.js";
+export type { Verifier, VerificationResult, VerifierContext, } from "./verifier-interface.js";
+export { PolicyVerifier, type PolicyRule } from "./policy-verifier.js";
+export { CodeVerifier } from "./code-verifier.js";
+export { CompositeVerifier, type CompositeVerifierOptions } from "./composite-verifier.js";
+export { getDomainPrompts, registerDomain, listDomains, type DomainPrompts, } from "./domain-prompts.js";
+export { classifyRisk, type RiskLevel, type RiskClassification } from "./risk.js";
 export { createGovernanceConfig, canMolt, triggerMolt, pause, resume, isPaused, emergencyShutdown, } from "./governance.js";
 export { sendArtifact, receiveArtifacts } from "./handoff.js";
 export { critiqueStrategies, applySuggestion, runEval, runImprovementCycle, } from "./improvement.js";
 export { validateTask, validateTestCode, MAX_TASK_LENGTH, MIN_TASK_LENGTH, type ValidationResult, } from "./validation.js";
 export { CodeEntity, loadEntityWithGraph } from "./entity.js";
+export { Entity, type EntityOptions } from "./entity-base.js";

package/dist/index.js

@@ -1,13 +1,13 @@
 /**
  * Moltblock — framework for evolving composite intelligences (Entities).
  */
-export const VERSION = "0.2.0";
+export const VERSION = "0.6.0";
 // Memory
 export { WorkingMemory } from "./memory.js";
 // Signing
 export { signArtifact, verifyArtifact, artifactHash } from "./signing.js";
 // Config
-export { loadMoltblockConfig, defaultCodeEntityBindings, getConfigSource, BindingEntrySchema, AgentConfigSchema, MoltblockConfigSchema, ModelBindingSchema, } from "./config.js";
+export { loadMoltblockConfig, defaultCodeEntityBindings, detectProvider, getConfigSource, loadPolicyRules, BindingEntrySchema, AgentConfigSchema, MoltblockConfigSchema, ModelBindingSchema, PolicyRuleSchema, } from "./config.js";
 // Persistence
 export { Store, hashGraph, hashMemory, auditLog, getGovernanceValue, setGovernanceValue, putInbox, getInbox, recordOutcome, getRecentOutcomes, getStrategy, setStrategy, } from "./persistence.js";
 // Gateway
@@ -18,8 +18,18 @@ export { runGenerator, runCritic, runJudge, runRole, } from "./agents.js";
 export { AgentGraph, GraphNodeSchema, GraphEdgeSchema, AgentGraphSchema, } from "./graph-schema.js";
 // Graph Runner
 export { GraphRunner } from "./graph-runner.js";
-// Verifier
+// Verifier (legacy vitest-based)
 export { extractCodeBlock, runVitestOnCode, runVerifier } from "./verifier.js";
+// Policy Verifier
+export { PolicyVerifier } from "./policy-verifier.js";
+// Code Verifier (adapter)
+export { CodeVerifier } from "./code-verifier.js";
+// Composite Verifier
+export { CompositeVerifier } from "./composite-verifier.js";
+// Domain Prompts
+export { getDomainPrompts, registerDomain, listDomains, } from "./domain-prompts.js";
+// Risk Classification
+export { classifyRisk } from "./risk.js";
 // Governance
 export { createGovernanceConfig, canMolt, triggerMolt, pause, resume, isPaused, emergencyShutdown, } from "./governance.js";
 // Handoff
@@ -28,5 +38,7 @@ export { sendArtifact, receiveArtifacts } from "./handoff.js";
 export { critiqueStrategies, applySuggestion, runEval, runImprovementCycle, } from "./improvement.js";
 // Validation
 export { validateTask, validateTestCode, MAX_TASK_LENGTH, MIN_TASK_LENGTH, } from "./validation.js";
-// Entity
+// Entity (code-specific, backward compat)
 export { CodeEntity, loadEntityWithGraph } from "./entity.js";
+// Entity (generic, pluggable)
+export { Entity } from "./entity-base.js";

package/dist/policy-verifier.d.ts

@@ -0,0 +1,29 @@
+/**
+ * PolicyVerifier: rule-based verifier that catches dangerous patterns without an LLM call.
+ */
+import type { WorkingMemory } from "./memory.js";
+import type { Verifier, VerificationResult, VerifierContext } from "./verifier-interface.js";
+/** A single policy rule. */
+export interface PolicyRule {
+    id: string;
+    description: string;
+    /** What to match against: "artifact", "task", or "both". */
+    target: "artifact" | "task" | "both";
+    /** Regex pattern string. */
+    pattern: string;
+    /** "deny" blocks the artifact; "allow" overrides deny rules in the same category. */
+    action: "deny" | "allow";
+    category: string;
+    enabled: boolean;
+}
+/**
+ * Rule-based policy verifier. Checks artifacts and tasks against deny/allow rules.
+ * Allow rules in the same category override deny rules.
+ */
+export declare class PolicyVerifier implements Verifier {
+    readonly name = "PolicyVerifier";
+    private rules;
+    constructor(customRules?: PolicyRule[]);
+    verify(memory: WorkingMemory, context?: VerifierContext): Promise<VerificationResult>;
+    private getTargetText;
+}