npm - open-multi-agent-kit - Versions diffs - 0.78.1 → 0.78.3 - Mend

open-multi-agent-kit 0.78.1 → 0.78.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (102) hide show

package/CHANGELOG.md +37 -0
package/MATURITY.md +4 -0
package/README.md +70 -1
package/dist/benchmark/contracts.d.ts +116 -0
package/dist/benchmark/contracts.js +6 -0
package/dist/benchmark/fixtures.d.ts +11 -0
package/dist/benchmark/fixtures.js +121 -0
package/dist/benchmark/harness.d.ts +13 -0
package/dist/benchmark/harness.js +191 -0
package/dist/benchmark/shadow-mode.d.ts +17 -0
package/dist/benchmark/shadow-mode.js +96 -0
package/dist/cli/register-spec-agent-goal-commands.js +45 -0
package/dist/cli/release-promotion-gate.d.ts +14 -0
package/dist/cli/release-promotion-gate.js +71 -0
package/dist/cli/v2/release-commands.d.ts +29 -0
package/dist/cli/v2/release-commands.js +95 -0
package/dist/commands/chat/native-root-loop.js +14 -1
package/dist/commands/chat/slash/commands/session.js +19 -1
package/dist/commands/goal-interview.d.ts +18 -0
package/dist/commands/goal-interview.js +396 -0
package/dist/commands/merge.js +102 -56
package/dist/contracts/interview.d.ts +106 -0
package/dist/contracts/interview.js +9 -0
package/dist/contracts/provider-health.d.ts +37 -0
package/dist/contracts/provider-health.js +49 -1
package/dist/evidence/evidence-trust-score.d.ts +101 -0
package/dist/evidence/evidence-trust-score.js +408 -0
package/dist/evidence/index.d.ts +6 -0
package/dist/evidence/index.js +3 -0
package/dist/evidence/proof-trust-cli.d.ts +8 -0
package/dist/evidence/proof-trust-cli.js +27 -0
package/dist/evidence/proof-trust.d.ts +14 -0
package/dist/evidence/proof-trust.js +381 -0
package/dist/evidence/regression-proof-matrix.d.ts +42 -0
package/dist/evidence/regression-proof-matrix.js +72 -0
package/dist/goal/intent-frame.d.ts +6 -0
package/dist/goal/intent-frame.js +21 -9
package/dist/goal/interview-assimilation.d.ts +13 -0
package/dist/goal/interview-assimilation.js +383 -0
package/dist/goal/interview-question-bank.d.ts +11 -0
package/dist/goal/interview-question-bank.js +225 -0
package/dist/goal/interview-scoring.d.ts +31 -0
package/dist/goal/interview-scoring.js +187 -0
package/dist/goal/interview-session.d.ts +25 -0
package/dist/goal/interview-session.js +116 -0
package/dist/input/input-envelope.d.ts +22 -0
package/dist/input/input-envelope.js +1 -0
package/dist/orchestration/merge-arbiter.d.ts +91 -0
package/dist/orchestration/merge-arbiter.js +376 -0
package/dist/providers/health.d.ts +3 -0
package/dist/providers/health.js +46 -0
package/dist/providers/index.d.ts +1 -0
package/dist/providers/index.js +1 -0
package/dist/providers/provider-health.d.ts +8 -1
package/dist/providers/provider-health.js +39 -0
package/dist/providers/provider-task-runner.js +31 -0
package/dist/providers/provider.d.ts +2 -0
package/dist/providers/router.js +87 -3
package/dist/providers/types.d.ts +4 -0
package/dist/runtime/advanced-control-loop.d.ts +60 -0
package/dist/runtime/advanced-control-loop.js +136 -0
package/dist/runtime/agent-runtime.d.ts +10 -0
package/dist/runtime/blast-radius.d.ts +10 -0
package/dist/runtime/blast-radius.js +14 -0
package/dist/runtime/contracts/evidence.d.ts +87 -0
package/dist/runtime/contracts/evidence.js +7 -0
package/dist/runtime/contracts/router-v2.d.ts +44 -0
package/dist/runtime/contracts/router-v2.js +4 -0
package/dist/runtime/contracts/weakness-remediation.d.ts +67 -0
package/dist/runtime/contracts/weakness-remediation.js +36 -0
package/dist/runtime/kimi-api-runtime.js +59 -1
package/dist/runtime/proof-bundle-trust.d.ts +74 -0
package/dist/runtime/proof-bundle-trust.js +100 -0
package/dist/runtime/provider-maturity-gate.d.ts +43 -0
package/dist/runtime/provider-maturity-gate.js +129 -0
package/dist/runtime/public-surface.d.ts +93 -0
package/dist/runtime/public-surface.js +146 -0
package/dist/runtime/router-v2-scoring.d.ts +11 -0
package/dist/runtime/router-v2-scoring.js +151 -0
package/dist/runtime/tool-dispatch-contracts.d.ts +24 -3
package/dist/runtime/tool-dispatch-contracts.js +42 -2
package/dist/runtime/weakness-remediation-index.d.ts +27 -0
package/dist/runtime/weakness-remediation-index.js +37 -0
package/dist/safety/enforcement-engine.d.ts +89 -0
package/dist/safety/enforcement-engine.js +279 -0
package/dist/safety/tool-authority-gate.d.ts +40 -0
package/dist/safety/tool-authority-gate.js +92 -0
package/dist/schema/evidence.schema.d.ts +2 -2
package/dist/schema/proof-bundle.schema.d.ts +28 -28
package/dist/util/clipboard-image.d.ts +49 -0
package/dist/util/clipboard-image.js +263 -0
package/docs/2026-06-09/critical-issues.md +20 -0
package/docs/2026-06-09/improvements.md +14 -0
package/docs/2026-06-09/init-checklist.md +25 -0
package/docs/2026-06-09/plan.md +20 -0
package/docs/benchmark-design.md +122 -0
package/docs/github-organic-promotion.md +127 -0
package/docs/native-root-runtime-algorithms.md +301 -0
package/package.json +8 -4
package/readmeasset/ASSET_INDEX.md +1 -0
package/templates/skills/agents/omk-agent-reach-websearch/SKILL.md +55 -0
package/templates/skills/kimi/omk-agent-reach-websearch/SKILL.md +55 -0

package/dist/runtime/router-v2-scoring.js ADDED Viewed

@@ -0,0 +1,151 @@
+/**
+ * Router V2 Scoring Engine — Bayesian-smoothed evidence calibration (Algorithm 6).
+ *
+ * Composite formula:
+ *   0.25*E + 0.15*conf + 0.20*cap + 0.15*mat + 0.10*lat + 0.10*cost
+ *   - 0.15*pen - 0.10*blast
+ */
+import { computeBlastRadiusPenalty } from "./blast-radius.js";
+const ALPHA_0 = 1;
+const BETA_0 = 1;
+const INTENT_CAPABILITY_WEIGHTS = {
+    research: [["read", 0.35], ["review", 0.2], ["toolCalling", 0.15], ["vision", 0.1]],
+    planning: [["read", 0.3], ["review", 0.2], ["toolCalling", 0.15]],
+    coding: [["write", 0.3], ["patch", 0.25], ["shell", 0.15], ["toolCalling", 0.1]],
+    debugging: [["read", 0.2], ["write", 0.2], ["patch", 0.2], ["shell", 0.15], ["toolCalling", 0.1]],
+    refactor: [["write", 0.25], ["patch", 0.25], ["review", 0.15], ["toolCalling", 0.1]],
+    review: [["review", 0.35], ["read", 0.25], ["toolCalling", 0.1]],
+    "test-generation": [["write", 0.25], ["patch", 0.2], ["review", 0.15], ["toolCalling", 0.1]],
+    documentation: [["read", 0.25], ["write", 0.15], ["review", 0.15], ["toolCalling", 0.1]],
+    "shell-operation": [["shell", 0.4], ["read", 0.15], ["write", 0.1]],
+};
+function runtimeCapabilityEnabled(capabilities, capability) {
+    if (capability === "toolCalling") {
+        return capabilities.toolCalling === true || capabilities.supportsToolCalling === true;
+    }
+    if (capability === "streaming") {
+        return capabilities.streaming === true || capabilities.supportsStreaming === true;
+    }
+    return capabilities[capability] === true;
+}
+function computeCapabilityFit(runtime, intent) {
+    const caps = runtime.capabilities;
+    if (!caps)
+        return 0;
+    let score = 0;
+    for (const [capability, weight] of INTENT_CAPABILITY_WEIGHTS[intent]) {
+        if (runtimeCapabilityEnabled(caps, capability))
+            score += weight;
+    }
+    if (caps.maxTokens != null && caps.maxTokens > 0) {
+        score += Math.min(0.1, caps.maxTokens / 1_000_000);
+    }
+    if (caps.maxContextTokens != null && caps.maxContextTokens > 0) {
+        score += Math.min(0.1, caps.maxContextTokens / 1_000_000);
+    }
+    return score;
+}
+function computeMaturityScore(runtime) {
+    const caps = runtime.capabilities;
+    if (!caps)
+        return 0.5;
+    const capabilityCount = [
+        caps.read,
+        caps.write,
+        caps.shell,
+        caps.patch,
+        caps.review,
+        caps.merge,
+        caps.vision,
+        caps.mcp,
+        caps.toolCalling,
+        caps.supportsToolCalling,
+    ].filter(Boolean).length;
+    const breadthScore = Math.min(1, capabilityCount / 8);
+    const priorityScore = Math.max(0, Math.min(1, runtime.priority / 100));
+    return 0.6 * breadthScore + 0.4 * priorityScore;
+}
+function computeLatencyScore(runtime) {
+    return runtime.capabilities?.supportsStreaming === true || runtime.capabilities?.streaming === true
+        ? 0.85
+        : 0.70;
+}
+function computeCostScore(runtime) {
+    return runtime.priority > 50 ? 0.75 : 0.90;
+}
+export function createRouterV2ScoringEngine(options = {}, blastRadiusFn = computeBlastRadiusPenalty) {
+    const { enableBlastRadius = false, blastRadiusParams = { downstreamNodeCount: 0, affectedFileCount: 0, hasGlobalSideEffects: false }, } = options;
+    function score(runtime, intent, history) {
+        const runtimeHistory = history.filter((e) => e.runtime === runtime.id);
+        const totalAttempts = runtimeHistory.length;
+        const passedAttempts = runtimeHistory.filter((e) => e.passed).length;
+        // Bayesian smoothing with α₀=1, β₀=1
+        const bayesianEvidenceScore = (ALPHA_0 + passedAttempts) / (ALPHA_0 + BETA_0 + totalAttempts);
+        // Confidence increases with sample size (asymptotic toward 1)
+        const confidence = Math.min(1, totalAttempts / 10 + 0.1);
+        const recentFailures = runtimeHistory
+            .filter((e) => !e.passed)
+            .sort((a, b) => b.timestamp.localeCompare(a.timestamp))
+            .slice(0, 5);
+        const recentFailurePenalty = Math.min(0.3, recentFailures.length * 0.06);
+        const capabilityFit = computeCapabilityFit(runtime, intent);
+        const maturityScore = computeMaturityScore(runtime);
+        const latencyScore = computeLatencyScore(runtime);
+        const costScore = computeCostScore(runtime);
+        const blastRadiusPenalty = enableBlastRadius ? blastRadiusFn(blastRadiusParams) : 0;
+        const composite = 0.25 * bayesianEvidenceScore +
+            0.15 * confidence +
+            0.20 * capabilityFit +
+            0.15 * maturityScore +
+            0.10 * latencyScore +
+            0.10 * costScore -
+            0.15 * recentFailurePenalty -
+            0.10 * blastRadiusPenalty;
+        return {
+            runtimeId: runtime.id,
+            bayesianEvidenceScore,
+            confidence,
+            capabilityFit,
+            maturityScore,
+            latencyScore,
+            costScore,
+            recentFailurePenalty,
+            blastRadiusPenalty,
+            composite,
+        };
+    }
+    function select(candidates, intent, history) {
+        const scored = candidates.map((runtime) => ({
+            runtime,
+            score: score(runtime, intent, history),
+        }));
+        scored.sort((a, b) => b.score.composite - a.score.composite);
+        const primary = scored[0].runtime;
+        const fallbacks = scored.slice(1).map((s) => s.runtime);
+        const bestScore = scored[0].score;
+        const reason = [
+            `intent=${intent}`,
+            `bayesianE=${bestScore.bayesianEvidenceScore.toFixed(2)}`,
+            `confidence=${bestScore.confidence.toFixed(2)}`,
+            `capability=${bestScore.capabilityFit.toFixed(2)}`,
+            `maturity=${bestScore.maturityScore.toFixed(2)}`,
+            `latency=${bestScore.latencyScore.toFixed(2)}`,
+            `cost=${bestScore.costScore.toFixed(2)}`,
+            `penalty=${bestScore.recentFailurePenalty.toFixed(2)}`,
+            `blast=${bestScore.blastRadiusPenalty.toFixed(2)}`,
+            `composite=${bestScore.composite.toFixed(3)}`,
+        ].join("; ");
+        return {
+            runtime: primary,
+            reason,
+            fallbacks,
+            intent,
+            scores: scored.map((s) => s.score),
+        };
+    }
+    return { score, select };
+}
+export function scoreRuntimes(candidates, intent, history, options = {}) {
+    const engine = createRouterV2ScoringEngine(options);
+    return candidates.map((runtime) => engine.score(runtime, intent, history));
+}

package/dist/runtime/tool-dispatch-contracts.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import type { OmkToolCall, OmkToolDefinition } from "./tool-registry-contract.js";
-import { type ToolAuthorityDecision, type ToolOp } from "../safety/tool-authority-gate.js";
+import { type ToolAuthorityDecision, type ToolOp, type ToolOpV2 } from "../safety/tool-authority-gate.js";
 import type { ProviderAuthorityLevel } from "../contracts/provider-health.js";
+import type { EnforcementProof } from "../safety/enforcement-engine.js";
 export interface ToolDispatchResult<R = unknown> {
     readonly call: OmkToolCall;
     readonly status: "fulfilled" | "rejected";
@@ -15,13 +16,15 @@ export type ToolAuthorityMode = "shadow" | "enforce";
  */
 export interface ToolAuthorityDecisionRecord {
     readonly toolName: string;
-    readonly op: ToolOp;
+    readonly op: ToolOp | ToolOpV2;
     readonly decision: ToolAuthorityDecision;
     readonly mode: ToolAuthorityMode;
     /** True only when the verdict actually rejected the call (enforce + block). */
     readonly enforced: boolean;
     /** Redacted, human-readable reason. Never includes args or secret values. */
     readonly reason: string;
+    /** v2 enforcement proof hash when available. */
+    readonly policyHash?: string;
 }
 /**
  * Authority wiring for one dispatch turn. All inputs are non-secret enum/bool
@@ -42,6 +45,12 @@ export interface ToolAuthorityWiring {
     readonly enforce?: boolean;
     /** Optional sink for computed verdicts (invoked in both shadow and enforce). */
     readonly onDecision?: (record: ToolAuthorityDecisionRecord) => void;
+    /**
+     * v2 enforcement proof from the adapter / runtime.
+     * When present, the gate uses policy-dependent capability resolution.
+     * Runtimes without a valid proof cannot enter authority lanes.
+     */
+    readonly enforcementProof?: EnforcementProof;
 }
 /**
  * Resolve the global enforcement opt-in from the environment. Default OFF means
@@ -52,8 +61,9 @@ export declare function resolveToolAuthorityEnforcement(env?: Record<string, str
 /** Error used to reject a tool call rejected by the authority gate (enforce mode). */
 export declare class ToolAuthorityBlockedError extends Error {
     readonly toolName: string;
-    readonly op: ToolOp;
+    readonly op: ToolOp | ToolOpV2;
     readonly decision: ToolAuthorityDecision;
+    readonly policyHash?: string;
     constructor(record: ToolAuthorityDecisionRecord);
 }
 /** Compute the gate verdict for a single call. Pure (no IO, no env reads). */
@@ -61,4 +71,15 @@ export declare function evaluateToolAuthority(toolName: string, wiring: ToolAuth
     readonly record: ToolAuthorityDecisionRecord;
     readonly blocked: boolean;
 };
+/**
+ * Compute the gate verdict for a single call using v2 enforcement proof.
+ * Pure (no IO, no env reads).
+ *
+ * If `enforcementProof` is present, the gate uses policy-dependent capability
+ * resolution. Runtimes without a valid proof cannot enter authority lanes.
+ */
+export declare function evaluateToolAuthorityV2(toolName: string, wiring: ToolAuthorityWiring): {
+    readonly record: ToolAuthorityDecisionRecord;
+    readonly blocked: boolean;
+};
 export declare function dispatchToolCallsByContract<A, R>(calls: readonly OmkToolCall<A>[], registry: ReadonlyMap<string, OmkToolDefinition<A, R>>, dispatchOne: (call: OmkToolCall<A>) => Promise<R>, authority?: ToolAuthorityWiring): Promise<ToolDispatchResult<R>[]>;

package/dist/runtime/tool-dispatch-contracts.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { createToolExecutionBatches } from "./tool-registry-contract.js";
-import { decideToolAuthority, mapToolNameToOp, } from "../safety/tool-authority-gate.js";
+import { decideToolAuthority, decideToolAuthorityV2, mapToolNameToOp, } from "../safety/tool-authority-gate.js";
 const ENFORCE_PATTERN = /^(1|true|yes|on)$/i;
 /**
  * Resolve the global enforcement opt-in from the environment. Default OFF means
@@ -20,12 +20,14 @@ export class ToolAuthorityBlockedError extends Error {
     toolName;
     op;
     decision;
+    policyHash;
     constructor(record) {
         super(record.reason);
         this.name = "ToolAuthorityBlockedError";
         this.toolName = record.toolName;
         this.op = record.op;
         this.decision = record.decision;
+        this.policyHash = record.policyHash;
     }
 }
 /** Compute the gate verdict for a single call. Pure (no IO, no env reads). */
@@ -57,6 +59,44 @@ export function evaluateToolAuthority(toolName, wiring) {
         blocked,
     };
 }
+/**
+ * Compute the gate verdict for a single call using v2 enforcement proof.
+ * Pure (no IO, no env reads).
+ *
+ * If `enforcementProof` is present, the gate uses policy-dependent capability
+ * resolution. Runtimes without a valid proof cannot enter authority lanes.
+ */
+export function evaluateToolAuthorityV2(toolName, wiring) {
+    const op = mapToolNameToOp(toolName);
+    if (wiring.enforcementProof) {
+        const decision = decideToolAuthorityV2({
+            op,
+            writeAuthority: wiring.writeAuthority,
+            shellAuthority: wiring.shellAuthority,
+            approvalPolicy: wiring.approvalPolicy,
+            sandboxMode: wiring.sandboxMode,
+            tty: wiring.tty,
+            enforcementProof: wiring.enforcementProof,
+        });
+        const enforce = wiring.enforce === true;
+        const wouldBlock = decision === "block" || (decision === "ask" && !wiring.tty);
+        const blocked = enforce && wouldBlock;
+        return {
+            record: {
+                toolName,
+                op,
+                decision,
+                mode: enforce ? "enforce" : "shadow",
+                enforced: blocked,
+                reason: redactedAuthorityReason(op, decision, wiring),
+                policyHash: wiring.enforcementProof.policyHash,
+            },
+            blocked,
+        };
+    }
+    // Fall back to legacy evaluation when no proof is present.
+    return evaluateToolAuthority(toolName, wiring);
+}
 /**
  * Wrap a dispatch function with the authority checkpoint. In shadow mode the
  * wrapper records the verdict and always delegates to `dispatchOne`. In enforce
@@ -64,7 +104,7 @@ export function evaluateToolAuthority(toolName, wiring) {
  */
 function buildGatedDispatch(wiring, dispatchOne) {
     return async (call) => {
-        const { record, blocked } = evaluateToolAuthority(call.toolName, wiring);
+        const { record, blocked } = evaluateToolAuthorityV2(call.toolName, wiring);
         wiring.onDecision?.(record);
         if (blocked) {
             throw new ToolAuthorityBlockedError(record);

package/dist/runtime/weakness-remediation-index.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Weakness Remediation Index — Public factory that instantiates all
+ * Phase 1–6 engines with sensible defaults.
+ */
+export { type IntegrationResultKind, type WeaknessRemediationState, type AdvancedControlLoopInput, type AdvancedControlLoopResult, type AdvancedControlLoop, type AdvancedControlLoopOptions, createAdvancedControlLoop, } from "./advanced-control-loop.js";
+export { type SurfaceItem, type ScoredSurfaceItem, type MandatoryAnchor, type CompressionResult, type PublicSurfaceCompressorOptions, computeSurfaceScore, enforceFlowInvariant, PublicSurfaceCompressor, } from "./public-surface.js";
+export { type ProofBundleScores, type TrustScoreResult, type ProofBundleTrustEngine, type DeriveScoresOptions, createProofBundleTrustEngine, } from "./proof-bundle-trust.js";
+export { type MaturityResult, type ProviderMaturityGate, createProviderMaturityGate, evaluateProviderFromVector, } from "./provider-maturity-gate.js";
+export { type RuntimeScoreV2, type RuntimeRouterDecisionV2, type RouterV2Options, type RouterV2ScoringEngine, type BlastRadiusParams, type EvidenceHistoryEntry, type NodeIntent, } from "./contracts/router-v2.js";
+export { createRouterV2ScoringEngine, } from "./router-v2-scoring.js";
+export { type ReleasePromotionInputs, type ReleasePromotionResult, type ReleaseVerdict, RELEASE_GATE_WEIGHTS, TAU_EVIDENCE, TAU_EVIDENCE_HIGH, TAU_PROOF, TAU_STABLE, BETA_PRIOR_ALPHA0, BETA_PRIOR_BETA0, SURFACE_BUDGET_K, } from "./contracts/weakness-remediation.js";
+export { createReleasePromotionGate, type ReleasePromotionGate, } from "../cli/release-promotion-gate.js";
+import { PublicSurfaceCompressor } from "./public-surface.js";
+import { createProofBundleTrustEngine } from "./proof-bundle-trust.js";
+import { createProviderMaturityGate } from "./provider-maturity-gate.js";
+import { createRouterV2ScoringEngine } from "./router-v2-scoring.js";
+import { createReleasePromotionGate } from "../cli/release-promotion-gate.js";
+import { createAdvancedControlLoop } from "./advanced-control-loop.js";
+export interface WeaknessRemediationIndex {
+    readonly publicSurfaceCompressor: PublicSurfaceCompressor;
+    readonly proofBundleTrustEngine: ReturnType<typeof createProofBundleTrustEngine>;
+    readonly providerMaturityGate: ReturnType<typeof createProviderMaturityGate>;
+    readonly routerV2ScoringEngine: ReturnType<typeof createRouterV2ScoringEngine>;
+    readonly releasePromotionGate: ReturnType<typeof createReleasePromotionGate>;
+    readonly advancedControlLoop: ReturnType<typeof createAdvancedControlLoop>;
+}
+export declare function createWeaknessRemediationIndex(): WeaknessRemediationIndex;

package/dist/runtime/weakness-remediation-index.js ADDED Viewed

@@ -0,0 +1,37 @@
+/**
+ * Weakness Remediation Index — Public factory that instantiates all
+ * Phase 1–6 engines with sensible defaults.
+ */
+export { createAdvancedControlLoop, } from "./advanced-control-loop.js";
+export { computeSurfaceScore, enforceFlowInvariant, PublicSurfaceCompressor, } from "./public-surface.js";
+export { createProofBundleTrustEngine, } from "./proof-bundle-trust.js";
+export { createProviderMaturityGate, evaluateProviderFromVector, } from "./provider-maturity-gate.js";
+export { createRouterV2ScoringEngine, } from "./router-v2-scoring.js";
+export { RELEASE_GATE_WEIGHTS, TAU_EVIDENCE, TAU_EVIDENCE_HIGH, TAU_PROOF, TAU_STABLE, BETA_PRIOR_ALPHA0, BETA_PRIOR_BETA0, SURFACE_BUDGET_K, } from "./contracts/weakness-remediation.js";
+export { createReleasePromotionGate, } from "../cli/release-promotion-gate.js";
+// ─── Convenience factory ─────────────────────────────────────────────────────
+import { PublicSurfaceCompressor } from "./public-surface.js";
+import { createProofBundleTrustEngine } from "./proof-bundle-trust.js";
+import { createProviderMaturityGate } from "./provider-maturity-gate.js";
+import { createRouterV2ScoringEngine } from "./router-v2-scoring.js";
+import { createReleasePromotionGate } from "../cli/release-promotion-gate.js";
+import { createAdvancedControlLoop } from "./advanced-control-loop.js";
+export function createWeaknessRemediationIndex() {
+    const publicSurfaceCompressor = new PublicSurfaceCompressor();
+    const proofBundleTrustEngine = createProofBundleTrustEngine();
+    const providerMaturityGate = createProviderMaturityGate();
+    const routerV2ScoringEngine = createRouterV2ScoringEngine();
+    const releasePromotionGate = createReleasePromotionGate();
+    const advancedControlLoop = createAdvancedControlLoop({
+        releaseGate: releasePromotionGate,
+        releaseGateEnabled: true,
+    });
+    return {
+        publicSurfaceCompressor,
+        proofBundleTrustEngine,
+        providerMaturityGate,
+        routerV2ScoringEngine,
+        releasePromotionGate,
+        advancedControlLoop,
+    };
+}

package/dist/safety/enforcement-engine.d.ts ADDED Viewed

@@ -0,0 +1,89 @@
+/**
+ * Policy / Sandbox Enforcement Engine v2
+ *
+ * Capability lattice with conservative policy combination.
+ * effectivePolicy = minByAuthority(userPolicy, repoPolicy, providerPolicy, adapterPolicy, riskPolicy)
+ *
+ * Conservative by default. Any ambiguity → block.
+ */
+export type SandboxCapability = "read" | "write" | "shell" | "network" | "secret_read" | "secret_write" | "merge" | "publish";
+export declare const ALL_CAPABILITIES: readonly SandboxCapability[];
+export type CapabilityLevel = "none" | "advisory" | "direct" | "full";
+export interface CapabilityLattice {
+    read: CapabilityLevel;
+    write: CapabilityLevel;
+    shell: CapabilityLevel;
+    network: CapabilityLevel;
+    secret_read: CapabilityLevel;
+    secret_write: CapabilityLevel;
+    merge: CapabilityLevel;
+    publish: CapabilityLevel;
+}
+export type SandboxMode = "read-only" | "workspace-write" | "network-isolated" | "unrestricted";
+export type ApprovalPolicy = "interactive" | "auto" | "yolo" | "block";
+export interface PolicyLayer {
+    readonly source: "user" | "repo" | "provider" | "adapter" | "risk";
+    /** Partial lattice — omitted capabilities mean "no opinion" (inherit from other layers). */
+    readonly lattice: Partial<CapabilityLattice>;
+    readonly sandboxMode?: SandboxMode;
+    readonly approvalPolicy?: ApprovalPolicy;
+}
+export interface CombinedPolicy {
+    readonly lattice: Readonly<CapabilityLattice>;
+    readonly sandboxMode: SandboxMode;
+    readonly approvalPolicy: ApprovalPolicy;
+    /** Ordered list of sources that contributed to the combination. */
+    readonly sources: readonly PolicyLayer["source"][];
+}
+export interface EnforcementProof {
+    readonly sandboxMode: SandboxMode;
+    /** Which policy layers were active in the final combination. */
+    readonly enforcedBy: readonly string[];
+    /** Capabilities fully blocked (level === "none" or sandbox hard floor). */
+    readonly blockedCapabilities: readonly SandboxCapability[];
+    /** Capabilities that require explicit approval (level === "advisory" or interactive policy). */
+    readonly approvalRequired: readonly SandboxCapability[];
+    /** Deterministic hash of the combined policy for audit / replay. */
+    readonly policyHash: string;
+}
+export declare function rankOf(level: CapabilityLevel): number;
+export declare function defaultLattice(): CapabilityLattice;
+/**
+ * Combine multiple policy layers by taking the **most restrictive**
+ * (minimum) authority level for each capability.
+ *
+ * If no layer expresses an opinion on a capability, it defaults to "full".
+ * If any layer expresses a sandbox mode, the most restrictive mode wins.
+ * If any layer expresses an approval policy, the most restrictive wins.
+ */
+export declare function combinePoliciesByMinAuthority(layers: readonly PolicyLayer[]): CombinedPolicy;
+/**
+ * Compute the enforcement proof from a combined policy.
+ *
+ * Rules:
+ * 1. read-only sandbox blocks write, shell, network, merge, publish.
+ * 2. network-isolated sandbox blocks network.
+ * 3. Any capability with level "none" is blocked.
+ * 4. Any capability with level "advisory" requires approval.
+ * 5. interactive policy requires approval for non-read capabilities.
+ * 6. block policy blocks everything except read.
+ */
+export declare function computeEnforcementProof(combined: CombinedPolicy): EnforcementProof;
+/**
+ * Returns true when the runtime/adapter has provided a valid enforcement proof.
+ * Runtimes without enforcement proof cannot enter authority lanes.
+ */
+export declare function hasValidEnforcementProof(proof: unknown): proof is EnforcementProof;
+export declare function policyLayerFromLegacyAuthorities(source: PolicyLayer["source"], options: {
+    writeAuthority?: "none" | "advisory" | "direct" | "full";
+    shellAuthority?: "none" | "advisory" | "direct" | "full";
+    sandboxMode?: SandboxMode;
+    approvalPolicy?: ApprovalPolicy;
+}): PolicyLayer;
+export type ToolOpV2 = "read" | "write" | "shell" | "merge" | "network" | "secret";
+/**
+ * Map a capability-lattice capability to the coarse ToolOp used by the gate.
+ * This preserves backward compatibility with the existing 4-class gate while
+ * allowing the new lattice to express finer-grained restrictions.
+ */
+export declare function capabilityToToolOp(cap: SandboxCapability): ToolOpV2;