open-multi-agent-kit 0.78.1 → 0.78.3

package/dist/runtime/kimi-api-runtime.js

@@ -4,9 +4,47 @@
  *
  * Calls https://api.moonshot.cn/v1/chat/completions directly.
  */
+import { readFileSync, existsSync } from "node:fs";
+import { resolve } from "node:path";
 import { capsuleToTask } from "./context-broker-converter.js";
 import { buildProviderToolPayload } from "./provider-tool-contracts.js";
 import { repairToolCalls } from "./tool-call-repair.js";
+/**
+ * Detect "Image file: <path>" patterns in the prompt text (inserted by /paste
+ * or Ctrl+V clipboard image) and load the referenced images as base64 data URIs
+ * for multimodal API calls.
+ */
+function extractInlineImageParts(prompt) {
+    const results = [];
+    // Match "Image file: .omk/screenshots/.../screenshot-xxx.png" lines
+    const pattern = /^Image file:\s+(.+\.(?:png|jpg|jpeg|webp|gif))\s*$/gim;
+    let match;
+    while ((match = pattern.exec(prompt)) !== null) {
+        const filePath = match[1].trim();
+        const absPath = resolve(filePath);
+        if (!existsSync(absPath))
+            continue;
+        try {
+            const buf = readFileSync(absPath);
+            if (buf.length === 0 || buf.length > 20 * 1024 * 1024)
+                continue;
+            // Detect mime type from magic bytes
+            let mimeType = "image/png";
+            if (buf[0] === 0xff && buf[1] === 0xd8)
+                mimeType = "image/jpeg";
+            else if (buf[0] === 0x52 && buf[1] === 0x49)
+                mimeType = "image/webp";
+            else if (buf[0] === 0x47 && buf[1] === 0x49)
+                mimeType = "image/gif";
+            const base64 = buf.toString("base64");
+            results.push({ dataUri: `data:${mimeType};base64,${base64}` });
+        }
+        catch {
+            // Skip unreadable files
+        }
+    }
+    return results;
+}
 function mapToolCalls(apiToolCalls, context) {
     const repaired = repairToolCalls({
         declaredCalls: (apiToolCalls ?? []).map((tc) => ({
@@ -155,7 +193,27 @@ export class KimiApiRuntime {
         if (task.context.system) {
             messages.push({ role: "system", content: task.context.system });
         }
-        messages.push({ role: "user", content: task.prompt });
+        // Build multimodal content when attachments are present or when
+        // the prompt contains "Image file: <path>" references (from /paste or
+        // Ctrl+V clipboard image). This makes clipboard-pasted images send as
+        // image_url content parts to OpenAI-compatible multimodal endpoints.
+        const attachments = task.attachments ?? [];
+        const inlineImages = extractInlineImageParts(task.prompt);
+        if (attachments.length > 0 || inlineImages.length > 0) {
+            const parts = [{ type: "text", text: task.prompt }];
+            for (const attachment of attachments) {
+                if (attachment.dataUri) {
+                    parts.push({ type: "image_url", image_url: { url: attachment.dataUri } });
+                }
+            }
+            for (const image of inlineImages) {
+                parts.push({ type: "image_url", image_url: { url: image.dataUri } });
+            }
+            messages.push({ role: "user", content: parts });
+        }
+        else {
+            messages.push({ role: "user", content: task.prompt });
+        }
         const providerTools = task.capabilities.toolCalling
             ? buildProviderToolPayload(task.tools.available)
             : buildProviderToolPayload([]);

package/dist/runtime/proof-bundle-trust.d.ts

@@ -0,0 +1,74 @@
+/**
+ * Proof Bundle Trust Score — Phase 2 of OMK Weakness Remediation.
+ *
+ * Evaluates a curated proof bundle across 8 dimensions and produces
+ * a trust score T_b, a permission level, and a pass/fail verdict
+ * against τ_proof.
+ */
+import type { ClaimPermissionLevel, EvidenceVerdict } from "./contracts/evidence.js";
+/** The 8 scored dimensions of a proof bundle. */
+export interface ProofBundleScores {
+    /** Schema conformance of evidence items [0, 1]. */
+    readonly schema: number;
+    /** Hash integrity / tamper evidence [0, 1]. */
+    readonly hashes: number;
+    /** Command trace coverage and correctness [0, 1]. */
+    readonly commands: number;
+    /** Stdout / stderr capture completeness [0, 1]. */
+    readonly stdout: number;
+    /** Decision record quality and count [0, 1]. */
+    readonly decisions: number;
+    /** Evidence item confidence and verdict strength [0, 1]. */
+    readonly evidence: number;
+    /** Acknowledged limitations documented [0, 1]. */
+    readonly limitations: number;
+    /** Replay reproducibility score [0, 1]. */
+    readonly replay: number;
+}
+/** Result of evaluating a proof bundle. */
+export interface TrustScoreResult {
+    /** Computed trust score T_b ∈ [0, 1]. */
+    readonly score: number;
+    /** Permission level derived from score thresholds. */
+    readonly permissionLevel: ClaimPermissionLevel;
+    /** Whether score meets τ_proof. */
+    readonly passed: boolean;
+    /** Individual dimension contributions. */
+    readonly breakdown: ProofBundleScores;
+}
+/** Engine that evaluates proof bundle trust. */
+export interface ProofBundleTrustEngine {
+    /**
+     * Evaluate a proof bundle from its 8 dimension scores.
+     *
+     * Formula:
+     *   T_b = 0.15·schema + 0.15·hashes + 0.15·commands + 0.10·stdout
+     *       + 0.15·decisions + 0.15·evidence + 0.05·limitations + 0.10·replay
+     */
+    evaluate(scores: ProofBundleScores): TrustScoreResult;
+    /** Derive dimension scores from a raw evidence verdict and coverage. */
+    deriveScores(verdict: EvidenceVerdict, coveragePercent: number, options?: DeriveScoresOptions): ProofBundleScores;
+}
+/** Options for automatic score derivation. */
+export interface DeriveScoresOptions {
+    /** Override schema conformance (default inferred from verdict). */
+    readonly schema?: number;
+    /** Override hash integrity (default 1.0). */
+    readonly hashes?: number;
+    /** Override command trace score (default inferred from coverage). */
+    readonly commands?: number;
+    /** Override stdout completeness (default inferred from coverage). */
+    readonly stdout?: number;
+    /** Override decision record score (default inferred from verdict). */
+    readonly decisions?: number;
+    /** Override evidence strength (default inferred from verdict). */
+    readonly evidence?: number;
+    /** Override limitations documentation (default 0.5). */
+    readonly limitations?: number;
+    /** Override replay score (default inferred from verdict). */
+    readonly replay?: number;
+}
+/**
+ * Create a ProofBundleTrustEngine with default weights and thresholds.
+ */
+export declare function createProofBundleTrustEngine(): ProofBundleTrustEngine;

package/dist/runtime/proof-bundle-trust.js

@@ -0,0 +1,100 @@
+/**
+ * Proof Bundle Trust Score — Phase 2 of OMK Weakness Remediation.
+ *
+ * Evaluates a curated proof bundle across 8 dimensions and produces
+ * a trust score T_b, a permission level, and a pass/fail verdict
+ * against τ_proof.
+ */
+import { TAU_PROOF } from "./contracts/weakness-remediation.js";
+// ── Constants ───────────────────────────────────────────────────
+const WEIGHT_SCHEMA = 0.15;
+const WEIGHT_HASHES = 0.15;
+const WEIGHT_COMMANDS = 0.15;
+const WEIGHT_STDOUT = 0.10;
+const WEIGHT_DECISIONS = 0.15;
+const WEIGHT_EVIDENCE = 0.15;
+const WEIGHT_LIMITATIONS = 0.05;
+const WEIGHT_REPLAY = 0.10;
+const STRONG_PUBLIC_THRESHOLD = 0.90;
+const QUALIFIED_PUBLIC_THRESHOLD = 0.75;
+const INTERNAL_CLAIM_THRESHOLD = 0.60;
+// ── Helpers ─────────────────────────────────────────────────────
+function clamp01(n) {
+    return Math.max(0, Math.min(1, n));
+}
+function permissionLevelFromScore(score) {
+    if (score >= STRONG_PUBLIC_THRESHOLD) {
+        return "strong-public-claim";
+    }
+    if (score >= QUALIFIED_PUBLIC_THRESHOLD) {
+        return "qualified-public-claim";
+    }
+    if (score >= INTERNAL_CLAIM_THRESHOLD) {
+        return "internal-claim-only";
+    }
+    return "no-claim";
+}
+function verdictToBaseScore(verdict) {
+    switch (verdict) {
+        case "pass":
+            return 1.0;
+        case "partial":
+            return 0.65;
+        case "pending":
+            return 0.35;
+        case "fail":
+            return 0.0;
+        default:
+            return 0.0;
+    }
+}
+// ── Engine Factory ──────────────────────────────────────────────
+/**
+ * Create a ProofBundleTrustEngine with default weights and thresholds.
+ */
+export function createProofBundleTrustEngine() {
+    return {
+        evaluate(scores) {
+            const clamped = {
+                schema: clamp01(scores.schema),
+                hashes: clamp01(scores.hashes),
+                commands: clamp01(scores.commands),
+                stdout: clamp01(scores.stdout),
+                decisions: clamp01(scores.decisions),
+                evidence: clamp01(scores.evidence),
+                limitations: clamp01(scores.limitations),
+                replay: clamp01(scores.replay),
+            };
+            const score = WEIGHT_SCHEMA * clamped.schema +
+                WEIGHT_HASHES * clamped.hashes +
+                WEIGHT_COMMANDS * clamped.commands +
+                WEIGHT_STDOUT * clamped.stdout +
+                WEIGHT_DECISIONS * clamped.decisions +
+                WEIGHT_EVIDENCE * clamped.evidence +
+                WEIGHT_LIMITATIONS * clamped.limitations +
+                WEIGHT_REPLAY * clamped.replay;
+            const finalScore = clamp01(score);
+            const permissionLevel = permissionLevelFromScore(finalScore);
+            return Object.freeze({
+                score: finalScore,
+                permissionLevel,
+                passed: finalScore >= TAU_PROOF,
+                breakdown: clamped,
+            });
+        },
+        deriveScores(verdict, coveragePercent, options = {}) {
+            const base = verdictToBaseScore(verdict);
+            const cov = clamp01(coveragePercent / 100);
+            return Object.freeze({
+                schema: clamp01(options.schema ?? base),
+                hashes: clamp01(options.hashes ?? 1.0),
+                commands: clamp01(options.commands ?? cov),
+                stdout: clamp01(options.stdout ?? cov),
+                decisions: clamp01(options.decisions ?? base),
+                evidence: clamp01(options.evidence ?? base),
+                limitations: clamp01(options.limitations ?? 0.5),
+                replay: clamp01(options.replay ?? base),
+            });
+        },
+    };
+}

package/dist/runtime/provider-maturity-gate.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Provider Maturity Gate — Phase 3 of OMK Weakness Remediation.
+ *
+ * Evaluates a provider/runtime across 8 adapter test dimensions and
+ * produces a maturity score M_p, an authority class, and a pass/fail
+ * verdict.
+ */
+import type { AdapterTestKind, AdapterTestResult, ProviderAuthorityClass } from "./contracts/evidence.js";
+import type { ProviderHealthVector } from "../contracts/provider-health.js";
+/** Maturity evaluation result for a single provider. */
+export interface MaturityResult {
+    /** Computed maturity score M_p ∈ [0, 1]. */
+    readonly score: number;
+    /** Authority class derived from score and sub-score constraints. */
+    readonly authorityClass: ProviderAuthorityClass;
+    /** Whether the provider meets minimum viability. */
+    readonly passed: boolean;
+    /** Sub-scores keyed by adapter test kind. */
+    readonly subScores: Readonly<Record<AdapterTestKind, number>>;
+}
+/** Engine that evaluates provider maturity. */
+export interface ProviderMaturityGate {
+    /**
+     * Evaluate provider maturity from adapter test results.
+     *
+     * Formula:
+     *   M_p = 0.10·s_auth + 0.10·s_read + 0.15·s_write + 0.10·s_shell
+     *       + 0.15·s_mcp + 0.15·s_merge + 0.15·s_evidence + 0.10·s_fallback
+     */
+    evaluate(results: readonly AdapterTestResult[]): MaturityResult;
+    /** Look up a single sub-score by test kind (defaults to 0). */
+    getSubScore(results: readonly AdapterTestResult[], kind: AdapterTestKind): number;
+}
+/**
+ * Create a ProviderMaturityGate with default weights and thresholds.
+ */
+export interface ProviderMaturityTable {
+    lookup(providerId: string): MaturityResult | undefined;
+    register(providerId: string, result: MaturityResult): void;
+}
+export declare function createProviderMaturityTable(): ProviderMaturityTable;
+export declare function createProviderMaturityGate(): ProviderMaturityGate;
+export declare function evaluateProviderFromVector(gate: ProviderMaturityGate, vector: ProviderHealthVector): MaturityResult;

package/dist/runtime/provider-maturity-gate.js

@@ -0,0 +1,129 @@
+/**
+ * Provider Maturity Gate — Phase 3 of OMK Weakness Remediation.
+ *
+ * Evaluates a provider/runtime across 8 adapter test dimensions and
+ * produces a maturity score M_p, an authority class, and a pass/fail
+ * verdict.
+ */
+import { PROVIDER_CAPABILITY_ORDINAL } from "../contracts/provider-health.js";
+// ── Constants ───────────────────────────────────────────────────
+const WEIGHT_AUTH = 0.10;
+const WEIGHT_READ = 0.10;
+const WEIGHT_WRITE = 0.15;
+const WEIGHT_SHELL = 0.10;
+const WEIGHT_MCP = 0.15;
+const WEIGHT_MERGE = 0.15;
+const WEIGHT_EVIDENCE = 0.15;
+const WEIGHT_FALLBACK = 0.10;
+const MERGE_AUTHORITY_THRESHOLD = 0.90;
+const MERGE_SUBSCORE_THRESHOLD = 0.90;
+const EVIDENCE_SUBSCORE_THRESHOLD_FOR_MERGE = 0.85;
+const WRITE_AUTHORITY_THRESHOLD = 0.80;
+const WRITE_SUBSCORE_THRESHOLD = 0.85;
+const REVIEW_AUTHORITY_THRESHOLD = 0.70;
+const READ_SUBSCORE_THRESHOLD = 0.90;
+const READ_ONLY_ADVISORY_THRESHOLD = 0.55;
+// ── Helpers ─────────────────────────────────────────────────────
+function clamp01(n) {
+    return Math.max(0, Math.min(1, n));
+}
+function computeAuthorityClass(score, subScores) {
+    if (score >= MERGE_AUTHORITY_THRESHOLD &&
+        subScores.merge >= MERGE_SUBSCORE_THRESHOLD &&
+        subScores.evidence >= EVIDENCE_SUBSCORE_THRESHOLD_FOR_MERGE) {
+        return "merge-authority";
+    }
+    if (score >= WRITE_AUTHORITY_THRESHOLD &&
+        subScores.write >= WRITE_SUBSCORE_THRESHOLD) {
+        return "write-authority";
+    }
+    if (score >= REVIEW_AUTHORITY_THRESHOLD &&
+        subScores.read >= READ_SUBSCORE_THRESHOLD) {
+        return "review-authority";
+    }
+    if (score >= READ_ONLY_ADVISORY_THRESHOLD) {
+        return "read-only-advisory";
+    }
+    return "disabled";
+}
+function buildSubScoreMap(results) {
+    const map = {
+        auth: 0,
+        read: 0,
+        write: 0,
+        shell: 0,
+        mcp: 0,
+        merge: 0,
+        evidence: 0,
+        fallback: 0,
+    };
+    for (const r of results) {
+        map[r.kind] = clamp01(r.score);
+    }
+    return map;
+}
+export function createProviderMaturityTable() {
+    const table = new Map();
+    return {
+        lookup(providerId) {
+            return table.get(providerId);
+        },
+        register(providerId, result) {
+            table.set(providerId, result);
+        },
+    };
+}
+function vectorToAdapterResults(vector) {
+    const authOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.auth];
+    const binaryOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.binary];
+    const modelOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.model];
+    const quotaOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.quota];
+    const authScore = authOrdinal >= PROVIDER_CAPABILITY_ORDINAL["auth_valid"] ? 1.0 : authOrdinal / PROVIDER_CAPABILITY_ORDINAL["auth_valid"];
+    const readScore = vector.supportsRead ? 1.0 : 0.0;
+    const writeScore = vector.supportsWrite ? 1.0 : 0.0;
+    const shellScore = vector.supportsShell ? 1.0 : 0.0;
+    const mcpScore = binaryOrdinal >= PROVIDER_CAPABILITY_ORDINAL["tool_contract_verified"] ? 1.0 : binaryOrdinal / PROVIDER_CAPABILITY_ORDINAL["tool_contract_verified"];
+    const mergeScore = vector.evidencePassRate7d;
+    const evidenceScore = vector.evidencePassRate7d;
+    const fallbackScore = 1.0 - vector.failureEwma;
+    return [
+        { kind: "auth", passed: authScore >= 0.5, score: authScore },
+        { kind: "read", passed: readScore >= 0.5, score: readScore },
+        { kind: "write", passed: writeScore >= 0.5, score: writeScore },
+        { kind: "shell", passed: shellScore >= 0.5, score: shellScore },
+        { kind: "mcp", passed: mcpScore >= 0.5, score: mcpScore },
+        { kind: "merge", passed: mergeScore >= 0.5, score: mergeScore },
+        { kind: "evidence", passed: evidenceScore >= 0.5, score: evidenceScore },
+        { kind: "fallback", passed: fallbackScore >= 0.5, score: fallbackScore },
+    ];
+}
+export function createProviderMaturityGate() {
+    return {
+        evaluate(results) {
+            const subScores = Object.freeze(buildSubScoreMap(results));
+            const score = WEIGHT_AUTH * subScores.auth +
+                WEIGHT_READ * subScores.read +
+                WEIGHT_WRITE * subScores.write +
+                WEIGHT_SHELL * subScores.shell +
+                WEIGHT_MCP * subScores.mcp +
+                WEIGHT_MERGE * subScores.merge +
+                WEIGHT_EVIDENCE * subScores.evidence +
+                WEIGHT_FALLBACK * subScores.fallback;
+            const finalScore = clamp01(score);
+            const authorityClass = computeAuthorityClass(finalScore, subScores);
+            return Object.freeze({
+                score: finalScore,
+                authorityClass,
+                passed: authorityClass !== "disabled",
+                subScores,
+            });
+        },
+        getSubScore(results, kind) {
+            const found = results.find((r) => r.kind === kind);
+            return found ? clamp01(found.score) : 0;
+        },
+    };
+}
+export function evaluateProviderFromVector(gate, vector) {
+    return gate.evaluate(vectorToAdapterResults(vector));
+}

package/dist/runtime/public-surface.d.ts

@@ -0,0 +1,93 @@
+/**
+ * Public Surface Compression — Phase 1 of OMK Weakness Remediation.
+ *
+ * Takes a candidate set of runtime surfaces, scores each item,
+ * enforces mandatory anchors, applies budget K, and returns
+ * public surface S and hidden set H.
+ *
+ * Also enforces the 5-step flow invariant:
+ *   goal → dag → route → verify → replay
+ */
+/** A candidate surface item (e.g., a tool, MCP server, skill, or runtime). */
+export interface SurfaceItem {
+    readonly id: string;
+    readonly name: string;
+    readonly category: "tool" | "mcp" | "skill" | "runtime" | "hook";
+    /** How often this surface is invoked per 100 turns. */
+    readonly usage: number;
+    /** Contribution score from verified runs [0, 1]. */
+    readonly verifiedRunContribution: number;
+    /** Contribution score from evidence items [0, 1]. */
+    readonly evidenceContribution: number;
+    /** Onboarding difficulty/cost [0, 1]. */
+    readonly onboardingCost: number;
+    /** Explainability burden [0, 1]. */
+    readonly explainabilityCost: number;
+    /** Risk of lineage drift [0, 1]. */
+    readonly lineageRisk: number;
+}
+/** Scored surface item with computed score. */
+export interface ScoredSurfaceItem extends SurfaceItem {
+    readonly score: number;
+}
+/** Mandatory anchor identifiers. */
+export type MandatoryAnchor = "goal" | "dag" | "route" | "verify" | "replay";
+/** Compression result: public surface S and hidden set H. */
+export interface CompressionResult {
+    readonly publicSurface: readonly ScoredSurfaceItem[];
+    readonly hiddenSet: readonly ScoredSurfaceItem[];
+    readonly mandatoryAnchors: readonly MandatoryAnchor[];
+    readonly budget: number;
+    readonly invariantPassed: boolean;
+    readonly invariantViolations: readonly string[];
+}
+/**
+ * Compute surface score from item metrics.
+ *
+ * Formula:
+ *   0.30 * usage
+ * + 0.30 * verifiedRunContribution
+ * + 0.20 * evidenceContribution
+ * - 0.10 * onboardingCost
+ * - 0.05 * explainabilityCost
+ * - 0.05 * lineageRisk
+ */
+export declare function computeSurfaceScore(item: SurfaceItem): number;
+/**
+ * Validate the 5-step flow invariant against the public surface.
+ *
+ * Invariant: The public surface must contain all mandatory anchors
+ * in order: goal → dag → route → verify → replay.
+ *
+ * Returns violations as human-readable strings.
+ */
+export declare function enforceFlowInvariant(publicSurface: readonly ScoredSurfaceItem[]): {
+    readonly passed: boolean;
+    readonly violations: readonly string[];
+};
+export interface PublicSurfaceCompressorOptions {
+    /** Maximum number of items in the public surface (default 5). */
+    readonly budget?: number;
+    /** Optional custom scoring function. */
+    readonly scoreFn?: (item: SurfaceItem) => number;
+}
+/**
+ * Compresses a candidate surface set into public (S) and hidden (H) subsets.
+ *
+ * Rules:
+ * 1. Mandatory anchors A = {goal, dag, route, verify, replay} are always in S.
+ * 2. Remaining slots are filled by highest score until budget K is reached.
+ * 3. The 5-step flow invariant is enforced and reported.
+ */
+export declare class PublicSurfaceCompressor {
+    private readonly budget;
+    private readonly scoreFn;
+    constructor(options?: PublicSurfaceCompressorOptions);
+    /**
+     * Compress candidates into public surface S and hidden set H.
+     *
+     * @param candidates All candidate surface items.
+     * @returns CompressionResult with S, H, and invariant status.
+     */
+    compress(candidates: readonly SurfaceItem[]): CompressionResult;
+}

package/dist/runtime/public-surface.js

@@ -0,0 +1,146 @@
+/**
+ * Public Surface Compression — Phase 1 of OMK Weakness Remediation.
+ *
+ * Takes a candidate set of runtime surfaces, scores each item,
+ * enforces mandatory anchors, applies budget K, and returns
+ * public surface S and hidden set H.
+ *
+ * Also enforces the 5-step flow invariant:
+ *   goal → dag → route → verify → replay
+ */
+// ── Constants ───────────────────────────────────────────────────
+const MANDATORY_ANCHORS = [
+    "goal",
+    "dag",
+    "route",
+    "verify",
+    "replay",
+];
+const DEFAULT_BUDGET = 5;
+// ── Scoring ─────────────────────────────────────────────────────
+/**
+ * Compute surface score from item metrics.
+ *
+ * Formula:
+ *   0.30 * usage
+ * + 0.30 * verifiedRunContribution
+ * + 0.20 * evidenceContribution
+ * - 0.10 * onboardingCost
+ * - 0.05 * explainabilityCost
+ * - 0.05 * lineageRisk
+ */
+export function computeSurfaceScore(item) {
+    const raw = 0.30 * item.usage +
+        0.30 * item.verifiedRunContribution +
+        0.20 * item.evidenceContribution -
+        0.10 * item.onboardingCost -
+        0.05 * item.explainabilityCost -
+        0.05 * item.lineageRisk;
+    // Clamp to [0, 1]
+    return Math.max(0, Math.min(1, raw));
+}
+// ── Invariant Enforcement ───────────────────────────────────────
+/**
+ * Validate the 5-step flow invariant against the public surface.
+ *
+ * Invariant: The public surface must contain all mandatory anchors
+ * in order: goal → dag → route → verify → replay.
+ *
+ * Returns violations as human-readable strings.
+ */
+export function enforceFlowInvariant(publicSurface) {
+    const violations = [];
+    const ids = publicSurface.map((s) => s.id);
+    for (const anchor of MANDATORY_ANCHORS) {
+        if (!ids.includes(anchor)) {
+            violations.push(`Missing mandatory anchor: ${anchor}`);
+        }
+    }
+    if (violations.length === 0) {
+        const orderIndices = MANDATORY_ANCHORS.map((a) => ids.indexOf(a));
+        for (let i = 1; i < orderIndices.length; i++) {
+            if (orderIndices[i] < orderIndices[i - 1]) {
+                violations.push(`Flow order violation: ${MANDATORY_ANCHORS[i - 1]} must precede ${MANDATORY_ANCHORS[i]}`);
+            }
+        }
+    }
+    return {
+        passed: violations.length === 0,
+        violations: Object.freeze(violations),
+    };
+}
+/**
+ * Compresses a candidate surface set into public (S) and hidden (H) subsets.
+ *
+ * Rules:
+ * 1. Mandatory anchors A = {goal, dag, route, verify, replay} are always in S.
+ * 2. Remaining slots are filled by highest score until budget K is reached.
+ * 3. The 5-step flow invariant is enforced and reported.
+ */
+export class PublicSurfaceCompressor {
+    budget;
+    scoreFn;
+    constructor(options = {}) {
+        this.budget = Math.max(MANDATORY_ANCHORS.length, options.budget ?? DEFAULT_BUDGET);
+        this.scoreFn = options.scoreFn ?? computeSurfaceScore;
+    }
+    /**
+     * Compress candidates into public surface S and hidden set H.
+     *
+     * @param candidates All candidate surface items.
+     * @returns CompressionResult with S, H, and invariant status.
+     */
+    compress(candidates) {
+        const scored = candidates.map((item) => ({
+            ...item,
+            score: this.scoreFn(item),
+        }));
+        // Partition mandatory vs elective
+        const mandatoryItems = [];
+        const electiveItems = [];
+        for (const item of scored) {
+            if (MANDATORY_ANCHORS.includes(item.id)) {
+                mandatoryItems.push(item);
+            }
+            else {
+                electiveItems.push(item);
+            }
+        }
+        // Ensure all mandatory anchors are present; inject placeholders if missing
+        const presentIds = new Set(mandatoryItems.map((m) => m.id));
+        for (const anchor of MANDATORY_ANCHORS) {
+            if (!presentIds.has(anchor)) {
+                mandatoryItems.push({
+                    id: anchor,
+                    name: anchor,
+                    category: "runtime",
+                    usage: 0,
+                    verifiedRunContribution: 0,
+                    evidenceContribution: 0,
+                    onboardingCost: 0,
+                    explainabilityCost: 0,
+                    lineageRisk: 0,
+                    score: 0,
+                });
+            }
+        }
+        // Sort mandatory by canonical order, electives by score desc
+        const orderedMandatory = MANDATORY_ANCHORS.map((anchor) => mandatoryItems.find((m) => m.id === anchor));
+        electiveItems.sort((a, b) => b.score - a.score);
+        const remainingSlots = Math.max(0, this.budget - orderedMandatory.length);
+        const publicSurface = Object.freeze([
+            ...orderedMandatory,
+            ...electiveItems.slice(0, remainingSlots),
+        ]);
+        const hiddenSet = Object.freeze(electiveItems.slice(remainingSlots));
+        const invariant = enforceFlowInvariant(publicSurface);
+        return Object.freeze({
+            publicSurface,
+            hiddenSet,
+            mandatoryAnchors: MANDATORY_ANCHORS,
+            budget: this.budget,
+            invariantPassed: invariant.passed,
+            invariantViolations: invariant.violations,
+        });
+    }
+}

package/dist/runtime/router-v2-scoring.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Router V2 Scoring Engine — Bayesian-smoothed evidence calibration (Algorithm 6).
+ *
+ * Composite formula:
+ *   0.25*E + 0.15*conf + 0.20*cap + 0.15*mat + 0.10*lat + 0.10*cost
+ *   - 0.15*pen - 0.10*blast
+ */
+import type { AgentRuntime } from "./agent-runtime.js";
+import type { EvidenceHistoryEntry, NodeIntent, RuntimeScoreV2, RouterV2Options, RouterV2ScoringEngine, BlastRadiusParams } from "./contracts/router-v2.js";
+export declare function createRouterV2ScoringEngine(options?: RouterV2Options, blastRadiusFn?: (params: BlastRadiusParams) => number): RouterV2ScoringEngine;
+export declare function scoreRuntimes(candidates: AgentRuntime[], intent: NodeIntent, history: EvidenceHistoryEntry[], options?: RouterV2Options): RuntimeScoreV2[];