moltblock 0.7.8 → 0.11.0

package/dist/cli.js

@@ -7,10 +7,12 @@ import { program } from "commander";
 import { CodeEntity } from "./entity.js";
 import { defaultCodeEntityBindings } from "./config.js";
 import { validateTask } from "./validation.js";
+import { VERSION } from "./index.js";
 async function main() {
     program
         .name("moltblock")
         .description("Moltblock Code Entity — one task through the loop.")
+        .version(VERSION, "-V, --version", "Output the current version")
         .argument("<task>", "Task description (e.g. 'Implement a function add(a,b) that returns a+b.')")
         .option("-t, --test <path>", "Path to file containing test code (e.g. vitest test module). If omitted, only syntax check.")
         .option("--json", "Output result as JSON (draft, critique, final, verification_passed, authoritative_artifact).")

package/dist/config.d.ts

@@ -70,6 +70,8 @@ export declare const ModelBindingSchema: z.ZodObject<{
     baseUrl: z.ZodString;
     apiKey: z.ZodDefault<z.ZodNullable<z.ZodString>>;
     model: z.ZodDefault<z.ZodString>;
+    timeoutMs: z.ZodOptional<z.ZodNumber>;
+    maxRetries: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strip>;
 export type ModelBinding = z.infer<typeof ModelBindingSchema>;
 /** Track which config source was used */

package/dist/config.js

@@ -60,6 +60,8 @@ export const ModelBindingSchema = z.object({
     baseUrl: z.string().describe("API base URL"),
     apiKey: z.string().nullable().default(null).describe("Bearer token; null for local"),
     model: z.string().default("default").describe("Model name for chat completion"),
+    timeoutMs: z.number().int().positive().optional().describe("Request timeout in ms (default 60000)"),
+    maxRetries: z.number().int().min(0).optional().describe("Max retries on transient errors (default 2)"),
 });
 /** Validate that a config path is within allowed directories (cwd, homedir, or tmpdir). */
 function isAllowedConfigPath(filePath) {
@@ -131,8 +133,8 @@ export function loadMoltblockConfig() {
             lastConfigSource = "moltblock";
             return config;
         }
-        catch {
-            // Parse error, try fallback
+        catch (err) {
+            console.warn(`Warning: Failed to parse config ${moltblockFile}: ${err instanceof Error ? err.message : String(err)}`);
         }
     }
     // Fallback to OpenClaw config
@@ -148,8 +150,8 @@ export function loadMoltblockConfig() {
                 return config;
             }
         }
-        catch {
-            // Parse error
+        catch (err) {
+            console.warn(`Warning: Failed to parse config ${openclawFile}: ${err instanceof Error ? err.message : String(err)}`);
         }
     }
     lastConfigSource = "env";

package/dist/entity-base.d.ts

@@ -18,6 +18,7 @@ export interface EntityOptions {
 /**
  * Generic Entity: same Generator -> Critic -> Judge pipeline as CodeEntity,
  * but with a pluggable verifier and domain-aware prompts.
+ * Supports degraded fallback: if critic/judge fails, execution continues with available data.
  */
 export declare class Entity {
     private gateways;
@@ -27,6 +28,11 @@ export declare class Entity {
     /**
      * One full loop: task -> Generator -> Critic -> Judge -> Verifier -> gating.
      * Returns working memory with authoritative_artifact set only if verification passed.
+     *
+     * Degraded fallback:
+     * - Generator fails -> return immediately with verification failed + error evidence
+     * - Critic fails -> proceed to judge with empty critique
+     * - Judge fails -> use draft as final candidate
      */
     run(task: string, options?: {
         testCode?: string;

package/dist/entity-base.js

@@ -12,6 +12,7 @@ import { validateTask } from "./validation.js";
 /**
  * Generic Entity: same Generator -> Critic -> Judge pipeline as CodeEntity,
  * but with a pluggable verifier and domain-aware prompts.
+ * Supports degraded fallback: if critic/judge fails, execution continues with available data.
  */
 export class Entity {
     gateways;
@@ -30,6 +31,11 @@ export class Entity {
     /**
      * One full loop: task -> Generator -> Critic -> Judge -> Verifier -> gating.
      * Returns working memory with authoritative_artifact set only if verification passed.
+     *
+     * Degraded fallback:
+     * - Generator fails -> return immediately with verification failed + error evidence
+     * - Critic fails -> proceed to judge with empty critique
+     * - Judge fails -> use draft as final candidate
      */
     async run(task, options = {}) {
         const { testCode, store, entityVersion = "0.5.0", writeCheckpointAfter = false, } = options;
@@ -55,10 +61,34 @@ export class Entity {
             }
             memory.longTermContext = parts.length > 0 ? parts.join("\n---\n") : "";
         }
-        // Run the agent pipeline with domain-aware prompts
-        await runGenerator(this.gateways["generator"], memory, store ?? null, this.domain);
-        await runCritic(this.gateways["critic"], memory, store ?? null, this.domain);
-        await runJudge(this.gateways["judge"], memory, store ?? null, this.domain);
+        // Generator — if it fails, we have nothing to work with
+        try {
+            await runGenerator(this.gateways["generator"], memory, store ?? null, this.domain);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["generatorError"] = errMsg;
+            memory.setVerification(false, `Generator failed: ${errMsg}`);
+            return memory;
+        }
+        // Critic — if it fails, proceed to judge with empty critique (degraded)
+        try {
+            await runCritic(this.gateways["critic"], memory, store ?? null, this.domain);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["criticError"] = errMsg;
+            memory.setCritique("");
+        }
+        // Judge — if it fails, use draft as final candidate (degraded)
+        try {
+            await runJudge(this.gateways["judge"], memory, store ?? null, this.domain);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["judgeError"] = errMsg;
+            memory.setFinalCandidate(memory.draft);
+        }
         // Run pluggable verifier
         const ctx = {
             task,

package/dist/entity.d.ts

@@ -8,6 +8,7 @@ import { Store } from "./persistence.js";
 /**
  * Code Entity: Generator -> Critic -> Judge -> Verifier.
  * Uses working memory and per-role LLM gateways.
+ * Supports degraded fallback: if critic/judge fails, execution continues with available data.
  */
 export declare class CodeEntity {
     private gateways;
@@ -16,6 +17,11 @@ export declare class CodeEntity {
      * One full loop: task in -> Generator -> Critic -> Judge -> Verifier -> gating.
      * If store is provided and verification passed: admit to verified memory; optionally write checkpoint.
      * Returns working memory with authoritative_artifact set only if verification passed.
+     *
+     * Degraded fallback:
+     * - Generator fails -> return immediately with verification failed + error evidence
+     * - Critic fails -> proceed to judge with empty critique
+     * - Judge fails -> use draft as final candidate
      */
     run(task: string, options?: {
         testCode?: string;

package/dist/entity.js

@@ -13,6 +13,7 @@ import { runVerifier } from "./verifier.js";
 /**
  * Code Entity: Generator -> Critic -> Judge -> Verifier.
  * Uses working memory and per-role LLM gateways.
+ * Supports degraded fallback: if critic/judge fails, execution continues with available data.
  */
 export class CodeEntity {
     gateways;
@@ -28,6 +29,11 @@ export class CodeEntity {
      * One full loop: task in -> Generator -> Critic -> Judge -> Verifier -> gating.
      * If store is provided and verification passed: admit to verified memory; optionally write checkpoint.
      * Returns working memory with authoritative_artifact set only if verification passed.
+     *
+     * Degraded fallback:
+     * - Generator fails -> return immediately with verification failed + error evidence
+     * - Critic fails -> proceed to judge with empty critique
+     * - Judge fails -> use draft as final candidate
      */
     async run(task, options = {}) {
         const { testCode, store, entityVersion = "0.2.0", writeCheckpointAfter = false, } = options;
@@ -59,10 +65,34 @@ export class CodeEntity {
             }
             memory.longTermContext = parts.length > 0 ? parts.join("\n---\n") : "";
         }
-        // Run the agent pipeline
-        await runGenerator(this.gateways["generator"], memory, store ?? null);
-        await runCritic(this.gateways["critic"], memory, store ?? null);
-        await runJudge(this.gateways["judge"], memory, store ?? null);
+        // Generator — if it fails, we have nothing to work with
+        try {
+            await runGenerator(this.gateways["generator"], memory, store ?? null);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["generatorError"] = errMsg;
+            memory.setVerification(false, `Generator failed: ${errMsg}`);
+            return memory;
+        }
+        // Critic — if it fails, proceed with empty critique (degraded)
+        try {
+            await runCritic(this.gateways["critic"], memory, store ?? null);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["criticError"] = errMsg;
+            memory.setCritique("");
+        }
+        // Judge — if it fails, use draft as final candidate (degraded)
+        try {
+            await runJudge(this.gateways["judge"], memory, store ?? null);
+        }
+        catch (err) {
+            const errMsg = err instanceof Error ? err.message : String(err);
+            memory.meta["judgeError"] = errMsg;
+            memory.setFinalCandidate(memory.draft);
+        }
         await runVerifier(memory, testCode);
         // Record outcome and persist if verification passed
         const latencySec = (performance.now() - t0) / 1000;

package/dist/gateway.d.ts

@@ -3,8 +3,14 @@
  * Supports OpenAI, Anthropic Claude, Google Gemini, local LLMs (LM Studio, Ollama), and more.
  */
 import type { ModelBinding, ChatMessage } from "./types.js";
+/**
+ * Extract only the hostname from a URL for safe error messages.
+ * Strips path, query params, credentials, and port.
+ */
+export declare function sanitizeBaseUrl(baseUrl: string): string;
 /**
  * One client per role; uses OpenAI-compatible API with base_url and optional api_key.
+ * Supports configurable timeout and retry via the OpenAI SDK.
  */
 export declare class LLMGateway {
     private client;

package/dist/gateway.js

@@ -3,6 +3,19 @@
  * Supports OpenAI, Anthropic Claude, Google Gemini, local LLMs (LM Studio, Ollama), and more.
  */
 import OpenAI from "openai";
+/**
+ * Extract only the hostname from a URL for safe error messages.
+ * Strips path, query params, credentials, and port.
+ */
+export function sanitizeBaseUrl(baseUrl) {
+    try {
+        const url = new URL(baseUrl);
+        return url.hostname;
+    }
+    catch {
+        return "<invalid-url>";
+    }
+}
 /**
  * If model is 'local' or empty and base_url is localhost, use first available model from API.
  */
@@ -27,6 +40,7 @@ async function resolveLocalModel(client, baseUrl, configured) {
 }
 /**
  * One client per role; uses OpenAI-compatible API with base_url and optional api_key.
+ * Supports configurable timeout and retry via the OpenAI SDK.
  */
 export class LLMGateway {
     client;
@@ -38,6 +52,8 @@ export class LLMGateway {
         this.client = new OpenAI({
             baseURL: binding.baseUrl,
             apiKey: binding.apiKey ?? "not-needed",
+            timeout: binding.timeoutMs ?? 60_000,
+            maxRetries: binding.maxRetries ?? 2,
         });
         this.model = binding.model;
     }
@@ -49,11 +65,21 @@ export class LLMGateway {
             this.model = await resolveLocalModel(this.client, this.binding.baseUrl, this.model);
             this.modelResolved = true;
         }
-        const resp = await this.client.chat.completions.create({
-            model: this.model,
-            messages: messages.map((m) => ({ role: m.role, content: m.content })),
-            max_tokens: maxTokens,
-        });
+        let resp;
+        try {
+            resp = await this.client.chat.completions.create({
+                model: this.model,
+                messages: messages.map((m) => ({ role: m.role, content: m.content })),
+                max_tokens: maxTokens,
+            });
+        }
+        catch (err) {
+            const host = sanitizeBaseUrl(this.binding.baseUrl);
+            const msg = err instanceof Error ? err.message : String(err);
+            // Strip any key-like strings from the error message
+            const safeMsg = msg.replace(/[A-Za-z0-9_\-]{20,}/g, "[REDACTED]");
+            throw new Error(`LLM request failed (model=${this.model}, host=${host}): ${safeMsg}`);
+        }
         const choice = resp.choices[0];
         if (!choice?.message) {
             return "";

package/dist/governance.js

@@ -51,11 +51,16 @@ export function triggerMolt(store, entityVersion, config, options = {}) {
     if (!allowed) {
         return { success: false, message: reason };
     }
-    store.writeCheckpoint(entityVersion, graphHash || "molt", memoryHash || "", artifactRefs);
-    const now = Date.now() / 1000;
-    setGovernanceValue(store, "last_molt_at", now.toString());
-    setGovernanceValue(store, "entity_version", entityVersion);
-    auditLog(store, "molt", `version=${entityVersion} graph_hash=${graphHash}`);
+    // Wrap checkpoint + governance state + audit in a transaction for atomicity
+    const db = store.getDb();
+    const txn = db.transaction(() => {
+        store.writeCheckpoint(entityVersion, graphHash || "molt", memoryHash || "", artifactRefs);
+        const now = Date.now() / 1000;
+        setGovernanceValue(store, "last_molt_at", now.toString());
+        setGovernanceValue(store, "entity_version", entityVersion);
+        auditLog(store, "molt", `version=${entityVersion} graph_hash=${graphHash}`);
+    });
+    txn();
     return { success: true, message: "Molt completed" };
 }
 /**

package/dist/graph-runner.d.ts

@@ -27,11 +27,15 @@ export declare class GraphRunner {
      * Execute graph: task in -> run nodes in topo order -> run verifier on final node -> gating.
      * If store is provided and verification passed: admit to verified memory; optionally write checkpoint.
      * Returns working memory with slots filled and authoritative_artifact set iff verification passed.
+     *
+     * @param options.continueOnError - If true, node failures are recorded but execution continues.
+     *   Failed nodes produce empty output. Default false (throws on first failure).
      */
     run(task: string, options?: {
         testCode?: string;
         store?: Store;
         entityVersion?: string;
         writeCheckpointAfter?: boolean;
+        continueOnError?: boolean;
     }): Promise<WorkingMemory>;
 }

package/dist/graph-runner.js

@@ -39,9 +39,12 @@ export class GraphRunner {
      * Execute graph: task in -> run nodes in topo order -> run verifier on final node -> gating.
      * If store is provided and verification passed: admit to verified memory; optionally write checkpoint.
      * Returns working memory with slots filled and authoritative_artifact set iff verification passed.
+     *
+     * @param options.continueOnError - If true, node failures are recorded but execution continues.
+     *   Failed nodes produce empty output. Default false (throws on first failure).
      */
     async run(task, options = {}) {
-        const { testCode, store, entityVersion = "0.2.0", writeCheckpointAfter = false, } = options;
+        const { testCode, store, entityVersion = "0.2.0", writeCheckpointAfter = false, continueOnError = false, } = options;
         const t0 = performance.now();
         const memory = new WorkingMemory();
         memory.setTask(task);
@@ -73,10 +76,32 @@ export class GraphRunner {
             }
             const gateway = this.gateways.get(node.binding);
             if (!gateway) {
-                throw new Error(`No gateway for binding '${node.binding}'`);
+                const err = `No gateway for binding '${node.binding}'`;
+                if (continueOnError) {
+                    if (!memory.meta["nodeErrors"]) {
+                        memory.meta["nodeErrors"] = {};
+                    }
+                    memory.meta["nodeErrors"][nodeId] = err;
+                    memory.setSlot(nodeId, "");
+                    continue;
+                }
+                throw new Error(err);
+            }
+            try {
+                const out = await runRole(node.role, gateway, task, inputs, memory.longTermContext, store ?? null, this.domain);
+                memory.setSlot(nodeId, out);
+            }
+            catch (err) {
+                const errMsg = err instanceof Error ? err.message : String(err);
+                if (!continueOnError) {
+                    throw err;
+                }
+                if (!memory.meta["nodeErrors"]) {
+                    memory.meta["nodeErrors"] = {};
+                }
+                memory.meta["nodeErrors"][nodeId] = errMsg;
+                memory.setSlot(nodeId, "");
             }
-            const out = await runRole(node.role, gateway, task, inputs, memory.longTermContext, store ?? null, this.domain);
-            memory.setSlot(nodeId, out);
         }
         // Set final candidate from final node
         const finalId = this.graph.getFinalNodeId();

package/dist/improvement.js

@@ -52,7 +52,13 @@ export async function runEval(runTask, evalTasks, store) {
     let passed = 0;
     for (const task of evalTasks) {
         const t0 = performance.now();
-        const ok = await runTask(task);
+        let ok;
+        try {
+            ok = await runTask(task);
+        }
+        catch {
+            ok = false;
+        }
         const latency = (performance.now() - t0) / 1000;
         if (store) {
             recordOutcome(store, ok, latency, task.slice(0, 100));

package/dist/index.d.ts

@@ -1,13 +1,13 @@
 /**
  * Moltblock — framework for evolving composite intelligences (Entities).
  */
-export declare const VERSION = "0.6.0";
+export declare const VERSION = "0.11.0";
 export type { ModelBinding, BindingEntry, AgentConfig, MoltblockConfig, ChatMessage, VerifiedMemoryEntry, CheckpointEntry, OutcomeEntry, InboxEntry, StrategySuggestion, ReceivedArtifact, GovernanceConfig, } from "./types.js";
 export { WorkingMemory } from "./memory.js";
 export { signArtifact, verifyArtifact, artifactHash } from "./signing.js";
 export { loadMoltblockConfig, defaultCodeEntityBindings, detectProvider, getConfigSource, loadPolicyRules, BindingEntrySchema, AgentConfigSchema, MoltblockConfigSchema, ModelBindingSchema, PolicyRuleSchema, type BindingOverrides, type ConfigSource, type PolicyRuleConfig, } from "./config.js";
 export { Store, hashGraph, hashMemory, auditLog, getGovernanceValue, setGovernanceValue, putInbox, getInbox, recordOutcome, getRecentOutcomes, getStrategy, setStrategy, } from "./persistence.js";
-export { LLMGateway } from "./gateway.js";
+export { LLMGateway, sanitizeBaseUrl } from "./gateway.js";
 export { runGenerator, runCritic, runJudge, runRole, } from "./agents.js";
 export { AgentGraph, GraphNodeSchema, GraphEdgeSchema, AgentGraphSchema, type GraphNode, type GraphEdge, type AgentGraphData, } from "./graph-schema.js";
 export { GraphRunner, type GraphRunnerOptions } from "./graph-runner.js";

package/dist/index.js

@@ -1,7 +1,7 @@
 /**
  * Moltblock — framework for evolving composite intelligences (Entities).
  */
-export const VERSION = "0.6.0";
+export const VERSION = "0.11.0";
 // Memory
 export { WorkingMemory } from "./memory.js";
 // Signing
@@ -11,7 +11,7 @@ export { loadMoltblockConfig, defaultCodeEntityBindings, detectProvider, getConf
 // Persistence
 export { Store, hashGraph, hashMemory, auditLog, getGovernanceValue, setGovernanceValue, putInbox, getInbox, recordOutcome, getRecentOutcomes, getStrategy, setStrategy, } from "./persistence.js";
 // Gateway
-export { LLMGateway } from "./gateway.js";
+export { LLMGateway, sanitizeBaseUrl } from "./gateway.js";
 // Agents
 export { runGenerator, runCritic, runJudge, runRole, } from "./agents.js";
 // Graph

package/dist/persistence.d.ts

@@ -35,6 +35,11 @@ export declare class Store {
     /** Get internal db for helper functions */
     getDb(): Database.Database;
     close(): void;
+    /**
+     * Explicit resource cleanup via Symbol.dispose.
+     * Enables `using store = new Store(...)` with TypeScript 5.2+ explicit resource management.
+     */
+    [Symbol.dispose](): void;
 }
 /**
  * Stable hash for graph config (for checkpoint).

package/dist/persistence.js

@@ -25,6 +25,8 @@ export class Store {
             }
         }
         this.db = new Database(p);
+        // Enable WAL mode for better concurrent read/write performance
+        this.db.pragma("journal_mode = WAL");
         if (p !== ":memory:") {
             try {
                 fs.chmodSync(p, 0o600);
@@ -174,6 +176,13 @@ export class Store {
     close() {
         this.db.close();
     }
+    /**
+     * Explicit resource cleanup via Symbol.dispose.
+     * Enables `using store = new Store(...)` with TypeScript 5.2+ explicit resource management.
+     */
+    [Symbol.dispose]() {
+        this.close();
+    }
 }
 /**
  * Stable hash for graph config (for checkpoint).
@@ -292,12 +301,15 @@ export function getStrategy(store, role) {
  */
 export function setStrategy(store, role, content) {
     const db = store.getDb();
-    const versionStmt = db.prepare("SELECT COALESCE(MAX(version), 0) as maxVersion FROM strategies WHERE entity_id = ? AND role = ?");
-    const versionRow = versionStmt.get(store.entityId, role);
-    const version = (versionRow?.maxVersion ?? 0) + 1;
-    const stmt = db.prepare(`
-    INSERT INTO strategies (entity_id, role, version, content, created_at)
-    VALUES (?, ?, ?, ?, ?)
-  `);
-    stmt.run(store.entityId, role, version, content, Date.now() / 1000);
+    const txn = db.transaction(() => {
+        const versionStmt = db.prepare("SELECT COALESCE(MAX(version), 0) as maxVersion FROM strategies WHERE entity_id = ? AND role = ?");
+        const versionRow = versionStmt.get(store.entityId, role);
+        const version = (versionRow?.maxVersion ?? 0) + 1;
+        const stmt = db.prepare(`
+      INSERT INTO strategies (entity_id, role, version, content, created_at)
+      VALUES (?, ?, ?, ?, ?)
+    `);
+        stmt.run(store.entityId, role, version, content, Date.now() / 1000);
+    });
+    txn();
 }

package/dist/policy-verifier.d.ts

@@ -19,10 +19,12 @@ export interface PolicyRule {
 /**
  * Rule-based policy verifier. Checks artifacts and tasks against deny/allow rules.
  * Allow rules in the same category override deny rules.
+ * Regexes are pre-compiled in the constructor for performance.
  */
 export declare class PolicyVerifier implements Verifier {
     readonly name = "PolicyVerifier";
     private rules;
+    private compiledRules;
     constructor(customRules?: PolicyRule[]);
     verify(memory: WorkingMemory, context?: VerifierContext): Promise<VerificationResult>;
     private getTargetText;

package/dist/policy-verifier.js

@@ -30,15 +30,22 @@ const BUILTIN_RULES = [
 /**
  * Rule-based policy verifier. Checks artifacts and tasks against deny/allow rules.
  * Allow rules in the same category override deny rules.
+ * Regexes are pre-compiled in the constructor for performance.
  */
 export class PolicyVerifier {
     name = "PolicyVerifier";
     rules;
+    compiledRules;
     constructor(customRules) {
         this.rules = [...BUILTIN_RULES];
         if (customRules) {
             this.rules.push(...customRules);
         }
+        // Pre-compile all regexes once
+        this.compiledRules = this.rules.map((rule) => ({
+            rule,
+            regex: new RegExp(rule.pattern, "i"),
+        }));
     }
     async verify(memory, context) {
         const artifact = memory.finalCandidate || "";
@@ -46,23 +53,21 @@ export class PolicyVerifier {
         const violations = [];
         const allowedCategories = new Set();
         // First pass: collect allowed categories
-        for (const rule of this.rules) {
+        for (const { rule, regex } of this.compiledRules) {
             if (!rule.enabled || rule.action !== "allow")
                 continue;
             const text = this.getTargetText(rule.target, artifact, task);
-            const regex = new RegExp(rule.pattern, "i");
             if (regex.test(text)) {
                 allowedCategories.add(rule.category);
             }
         }
         // Second pass: check deny rules (skip allowed categories)
-        for (const rule of this.rules) {
+        for (const { rule, regex } of this.compiledRules) {
             if (!rule.enabled || rule.action !== "deny")
                 continue;
             if (allowedCategories.has(rule.category))
                 continue;
             const text = this.getTargetText(rule.target, artifact, task);
-            const regex = new RegExp(rule.pattern, "i");
             if (regex.test(text)) {
                 violations.push(`[${rule.id}] ${rule.description}`);
             }

package/dist/signing.js

@@ -42,7 +42,11 @@ function getSecret(entityId) {
             return key;
         }
         catch {
-            // Fallback if filesystem is unavailable (e.g. in tests)
+            // Weak deterministic fallback requires explicit opt-in
+            if (process.env["MOLTBLOCK_INSECURE_DEV_SIGNING"] !== "1") {
+                throw new Error(`No MOLTBLOCK_SIGNING_KEY set and filesystem unavailable. ` +
+                    `Set MOLTBLOCK_SIGNING_KEY for signing, or set MOLTBLOCK_INSECURE_DEV_SIGNING=1 to allow weak dev fallback.`);
+            }
             console.warn(`Warning: Using weak default signing key for entity "${entityId}". ` +
                 `Set MOLTBLOCK_SIGNING_KEY for secure artifact signing.`);
             return Buffer.from(`dev-only-insecure-key-${entityId}`, "utf-8");

package/dist/types.d.ts

@@ -7,6 +7,10 @@ export interface ModelBinding {
     baseUrl: string;
     apiKey: string | null;
     model: string;
+    /** Request timeout in milliseconds (default 60000). */
+    timeoutMs?: number;
+    /** Max retries on transient errors (default 2). */
+    maxRetries?: number;
 }
 /** JSON config binding entry (from moltblock.json) */
 export interface BindingEntry {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "moltblock",
-  "version": "0.7.8",
+  "version": "0.11.0",
   "description": "Framework for building evolving composite AI intelligences (Entities)",
   "type": "module",
   "main": "dist/index.js",
@@ -31,7 +31,11 @@
     "moltblock"
   ],
   "author": "",
-  "license": "Apache-2.0",
+  "license": "MIT",
+  "homepage": "https://github.com/moltblock/moltblock",
+  "bugs": {
+    "url": "https://github.com/moltblock/moltblock/issues"
+  },
   "repository": {
     "type": "git",
     "url": "https://github.com/moltblock/moltblock"

package/{README.md → readme.md}

@@ -297,6 +297,11 @@ const codeEntity = new Entity({
 - v0.2 — MVP Entity implementation (spec + Code Entity loop + graph, memory, improvement, governance, handoff)
 - v0.3 — Multi-Entity collaboration (orchestration and tooling)
 - v0.6 — Pluggable verification, policy rules, generic entity, risk classification, OpenClaw skill
+- v0.8 — Quick wins, error handling, test coverage, license fix
+- v0.9 — Core reliability: gateway retry/timeout, graph-runner error handling, entity degraded fallback
+- v0.10 — Test coverage: agents, graph-runner, handoff, integration tests; test helpers
+- v0.10.1 — Persistence hardening: WAL mode, transactions, regex caching, signing key opt-in
+- v0.11 — CI coverage enforcement, stricter tsconfig, documentation fixes
 
 ---
 

package/skill/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: moltblock - Trust Layer for AI Agents
 description: Verification gating for AI-generated artifacts. Policy checks and code verification to catch dangerous patterns before execution.
-version: 0.7.8
+version: 0.8.0
 metadata:
   openclaw:
     requires:
@@ -15,7 +15,7 @@ metadata:
     homepage: https://github.com/moltblock/moltblock
     install:
       - kind: node
-        package: moltblock@0.7.8
+        package: moltblock@0.8.0
         bins: [moltblock]
 ---
 
@@ -46,7 +46,7 @@ Verify a task before execution.
 ### Usage
 
 ```bash
-npx moltblock@0.7.8 "<task description>" --provider <provider> --json
+npx moltblock@0.8.0 "<task description>" --provider <provider> --json
 ```
 
 ### Parameters
@@ -71,10 +71,10 @@ No API key is required — moltblock falls back to a local LLM (localhost:1234)
 
 ```bash
 # Verify a task
-npx moltblock@0.7.8 "implement a function that validates email addresses" --json
+npx moltblock@0.8.0 "implement a function that validates email addresses" --json
 
 # Verify code with tests
-npx moltblock@0.7.8 "implement a markdown-to-html converter" --test ./tests/markdown.test.ts --json
+npx moltblock@0.8.0 "implement a markdown-to-html converter" --test ./tests/markdown.test.ts --json
 ```
 
 ### Output (JSON mode)
@@ -95,13 +95,13 @@ npx moltblock@0.7.8 "implement a markdown-to-html converter" --test ./tests/mark
 Use directly with npx (recommended, no install needed):
 
 ```bash
-npx moltblock@0.7.8 "your task" --json
+npx moltblock@0.8.0 "your task" --json
 ```
 
 Or install globally:
 
 ```bash
-npm install -g moltblock@0.7.8
+npm install -g moltblock@0.8.0
 ```
 
 ## Configuration
@@ -128,7 +128,7 @@ See the [full configuration docs](https://github.com/moltblock/moltblock#configu
 
 - Repository: [github.com/moltblock/moltblock](https://github.com/moltblock/moltblock)
 - npm: [npmjs.com/package/moltblock](https://www.npmjs.com/package/moltblock)
-- License: Apache-2.0
+- License: MIT
 
 ## Disclaimer