openbroker 1.9.1 → 1.9.3

package/CHANGELOG.md

@@ -2,9 +2,19 @@
 
 All notable changes to Open Broker will be documented in this file.
 
+## [1.9.2] - 2026-06-22
+
+### Breaking
+- Every automation must now export a validated `guardrails` policy. Monitoring scripts use `{ mode: 'read-only' }`; trading scripts must declare explicit market, notional, exposure, leverage, margin, open-order, rate, slippage, market-order, and account-wide-cancel limits.
+
+### Added
+- Added runtime guardrail enforcement around every supported `api.client` write method, including bulk and HIP-4 outcome methods that were previously missing from dry-run and audit interception.
+- Added fail-closed account preflight checks, explicit leverage enforcement for risk-increasing perp orders, rolling order-rate limits, audit records for blocked writes, and unit coverage for schema and runtime behavior.
+
 ## [1.9.1] - 2026-06-22
 
 ### Changed
+- Added `openbroker install --codex` and `npx openbroker@latest install --codex` for one-command Codex skill installation, persistent CLI installation, and restricted API-wallet onboarding.
 - Made restricted API-wallet onboarding the recommended interactive default.
 - Added `openbroker setup --api-wallet` for deterministic agent setup without the wallet-selection prompt.
 - Updated the Codex skill to install the CLI, hand the browser approval URL to the user, wait for authorization, and verify the connected master account without exposing private keys.

package/README.md

@@ -8,6 +8,16 @@ Hyperliquid trading CLI. Execute orders, manage positions, and run trading strat
 npm install -g openbroker
 ```
 
+### Codex: one-command install
+
+Install the Codex skill, persistent CLI, and restricted API-wallet onboarding flow:
+
+```bash
+npx openbroker@latest install --codex
+```
+
+When the command prints an approval URL, open it and connect the funded master Hyperliquid account you want OpenBroker to trade on. Restart Codex or start a new thread when setup finishes, then invoke `$openbroker`.
+
 ## Quick Start
 
 ```bash
@@ -27,6 +37,7 @@ openbroker search --query GOLD              # Find markets
 ### Setup
 
 ```bash
+npx openbroker@latest install --codex  # Codex skill + CLI + API-wallet onboarding
 openbroker setup --api-wallet   # Recommended: restricted agent wallet + browser approval
 openbroker setup                # Interactive; API wallet is the default
 ```

package/SKILL.md

@@ -21,7 +21,15 @@ Use the `openbroker` CLI as the canonical interface. Prefer structured JSON outp
 
 Use the following flow when the user asks to install, set up, or use OpenBroker. Do not ask the user for a private key.
 
-First check whether Node.js 22+ and the CLI are installed:
+For a fresh Codex installation, prefer the unified harness installer:
+
+```bash
+npx --yes openbroker@latest install --codex
+```
+
+This installs or updates the Codex skill, installs the persistent `openbroker` CLI, and starts restricted API-wallet onboarding. Keep the command attached while it prints the browser approval link and polls for authorization.
+
+If the unified installer is unavailable or the skill is already installed, first check whether Node.js 22+ and the CLI are installed:
 
 ```bash
 node --version
@@ -212,6 +220,54 @@ Run flags:
 
 Bundled examples are **references, not production strategies**. Read them for API patterns, then write a purpose-built script with explicit sizing, exit logic, and failure behavior.
 
+### Required guardrail contract
+
+Every automation module must export both `guardrails` and a default factory. Validation runs before the factory or any `onStart` hook. A missing, malformed, or internally inconsistent policy prevents startup.
+
+Use a read-only policy for monitoring and alerting:
+
+```ts
+import type { AutomationAPI, AutomationGuardrails } from 'openbroker';
+
+export const guardrails: AutomationGuardrails = { mode: 'read-only' };
+
+export default function monitor(api: AutomationAPI) {
+  api.on('price_change', ({ coin, changePct }) => api.log.info(`${coin}: ${changePct}%`));
+}
+```
+
+Read-only mode blocks every client write. Trading policies must declare every field below:
+
+```ts
+import type { AutomationAPI, AutomationGuardrails } from 'openbroker';
+
+export const guardrails: AutomationGuardrails = {
+  mode: 'trading',
+  allowedMarkets: ['ETH'],       // ETH, xyz:CL, spot:HYPE, or #<outcome encoding>
+  maxOrderUsd: 500,
+  maxPositionUsd: 1_000,
+  maxTotalExposureUsd: 2_500,
+  maxLeverage: 2,
+  maxMarginUsedPct: 50,
+  maxOpenOrders: 10,
+  maxOrdersPerMinute: 6,
+  maxSlippageBps: 50,
+  allowMarketOrders: true,
+  allowAccountWideCancel: false,
+};
+
+export default function strategy(api: AutomationAPI) {
+  // Risk-increasing perp orders must pass leverage explicitly.
+  api.onStart(() => api.client.limitOrder('ETH', true, 0.1, 2_000, 'Gtc', false, 2));
+}
+```
+
+When allowed markets depend on `--set` values, export a factory such as `guardrails({ config }) { ... }`; the returned object is still strictly validated. Wildcard markets and unknown policy fields are rejected.
+
+All `api.client` write methods cross the runtime policy proxy in live and `--dry` modes. Before risk-increasing orders, the runtime refreshes account positions, spot balances, prices, margin, and open orders; calculates projected per-market and total exposure; enforces leverage, margin, order-count, rate, market-order, and slippage limits; then either submits or throws `GuardrailViolation`. Blocks are logged and written to the audit trail as `guardrail_block`. Cancellations and genuinely risk-reducing orders remain available when exposure or margin is already above its cap, but market allowlists and explicit account-wide-cancel policy still apply. Administrative writes such as `approveBuilderFee` are always blocked inside automations.
+
+Treat `api.client` as the only supported execution path. Automation files are trusted TypeScript running in-process, not an OS sandbox; direct exchange SDK imports would bypass the runtime boundary and must not be generated or accepted during review.
+
 ### Automation API essentials
 
 - `api.client` — full Hyperliquid client.
@@ -219,6 +275,7 @@ Bundled examples are **references, not production strategies**. Read them for AP
 - `api.state` — persisted state; survives restarts.
 - `api.audit.record(...)` / `api.audit.metric(...)` — durable observability.
 - `api.dryRun` — whether writes are intercepted.
+- `api.guardrails` — validated policy currently enforced by the runtime.
 
 Core events include `tick`, `price_change`, `funding_update`, `position_opened`, `position_closed`, `position_changed`, `pnl_threshold`, `margin_warning`, `order_filled`, `order_update`, and `liquidation`.
 

package/bin/cli.ts

@@ -11,6 +11,7 @@ const scriptsDir = path.resolve(__dirname, '../scripts');
 
 const commands: Record<string, { script: string; description: string }> = {
   // Setup
+  'install': { script: 'setup/install.ts', description: 'Install OpenBroker for an agent harness' },
   'setup': { script: 'setup/onboard.ts', description: 'Interactive setup wizard' },
   'onboard': { script: 'setup/onboard.ts', description: 'Interactive setup wizard' },
   'approve-builder': { script: 'setup/approve-builder.ts', description: 'Approve builder fee' },
@@ -68,6 +69,7 @@ Open Broker - Hyperliquid Trading CLI
 Usage: openbroker <command> [options]
 
 Setup:
+  install              Install OpenBroker for Codex or another agent harness
   setup                One-command setup (wallet + config + builder approval)
 
 Info Commands:
@@ -136,6 +138,7 @@ Utility:
   approve-builder      Check or retry builder fee approval
 
 Examples:
+  npx openbroker@latest install --codex        # Install skill + CLI + API-wallet setup
   openbroker setup --api-wallet                 # Recommended restricted API-wallet setup
   openbroker account                            # View account info
   openbroker buy --coin ETH --size 0.1          # Market buy 0.1 ETH

package/dist/auto/cli.js

@@ -47,6 +47,8 @@ Scripts are loaded from:
   3. Bundled examples (via --example)
 
 Writing an automation:
+  export const guardrails = { mode: 'read-only' };
+
   export default function(api) {
     api.on('price_change', async ({ coin, changePct }) => {
       api.log.info(\`\${coin} moved \${changePct.toFixed(2)}%\`);
@@ -187,6 +189,7 @@ function listCommand() {
     if (automations.length === 0 && examples.length === 0) {
         console.log('No automations found in ~/.openbroker/automations/');
         console.log('\nCreate a .ts file there with:');
+        console.log("  export const guardrails = { mode: 'read-only' };");
         console.log('  export default function(api) { ... }');
         console.log('\nOr run a bundled example: openbroker auto examples');
         return;

package/dist/auto/examples/dca.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrailContext, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare function guardrails({ config: values }: AutomationGuardrailContext): AutomationGuardrails;
 export default function dca(api: AutomationAPI): void;
 //# sourceMappingURL=dca.d.ts.map

package/dist/auto/examples/dca.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dca.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/dca.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBAQpB,CAAC;AAEF,MAAM,CAAC,OAAO,UAAU,GAAG,CAAC,GAAG,EAAE,aAAa,QAyD7C"}
+{"version":3,"file":"dca.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/dca.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAErH,eAAO,MAAM,MAAM,EAAE,gBAQpB,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,0BAA0B,GAAG,oBAAoB,CAiB/F;AAED,MAAM,CAAC,OAAO,UAAU,GAAG,CAAC,GAAG,EAAE,aAAa,QAyD7C"}

package/dist/auto/examples/dca.js

@@ -8,6 +8,24 @@ export const config = {
         count: { type: 'number', description: 'Total number of purchases', default: 24 },
     },
 };
+export function guardrails({ config: values }) {
+    const amount = Number(values.amount ?? 100);
+    const count = Number(values.count ?? 24);
+    return {
+        mode: 'trading',
+        allowedMarkets: [String(values.coin ?? 'HYPE')],
+        maxOrderUsd: amount * 1.1,
+        maxPositionUsd: amount * count * 1.1,
+        maxTotalExposureUsd: amount * count * 1.1,
+        maxLeverage: 1,
+        maxMarginUsedPct: 50,
+        maxOpenOrders: 5,
+        maxOrdersPerMinute: 5,
+        maxSlippageBps: 50,
+        allowMarketOrders: true,
+        allowAccountWideCancel: false,
+    };
+}
 export default function dca(api) {
     const COIN = api.state.get('coin', 'HYPE');
     const AMOUNT_USD = api.state.get('amount', 100);
@@ -33,7 +51,7 @@ export default function dca(api) {
         }
         const size = AMOUNT_USD / price;
         api.log.info(`[${purchased + 1}/${MAX_PURCHASES}] Buying ~$${AMOUNT_USD} of ${COIN} @ $${price.toFixed(2)}`);
-        const response = await api.client.marketOrder(COIN, true, size);
+        const response = await api.client.marketOrder(COIN, true, size, undefined, 1);
         if (response.status === 'ok' && response.response && typeof response.response === 'object') {
             const status = response.response.data.statuses[0];
             if (status?.filled) {

package/dist/auto/examples/funding-arb.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrailContext, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare function guardrails({ config: values }: AutomationGuardrailContext): AutomationGuardrails;
 export default function fundingArb(api: AutomationAPI): void;
 //# sourceMappingURL=funding-arb.d.ts.map

package/dist/auto/examples/funding-arb.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"funding-arb.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/funding-arb.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,GAAG,EAAE,aAAa,QAkFpD"}
+{"version":3,"file":"funding-arb.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/funding-arb.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAErH,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,0BAA0B,GAAG,oBAAoB,CAgB/F;AAED,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,GAAG,EAAE,aAAa,QAkFpD"}

package/dist/auto/examples/funding-arb.js

@@ -9,6 +9,23 @@ export const config = {
         closeAt: { type: 'number', description: 'Close when funding drops below this %', default: 5 },
     },
 };
+export function guardrails({ config: values }) {
+    const sizeUsd = Number(values.sizeUsd ?? 5000);
+    return {
+        mode: 'trading',
+        allowedMarkets: [String(values.coin ?? 'HYPE')],
+        maxOrderUsd: sizeUsd * 1.1,
+        maxPositionUsd: sizeUsd * 1.1,
+        maxTotalExposureUsd: sizeUsd * 1.1,
+        maxLeverage: 1,
+        maxMarginUsedPct: 50,
+        maxOpenOrders: 5,
+        maxOrdersPerMinute: 4,
+        maxSlippageBps: 50,
+        allowMarketOrders: true,
+        allowAccountWideCancel: false,
+    };
+}
 export default function fundingArb(api) {
     const COIN = api.state.get('coin', 'HYPE');
     const SIZE_USD = api.state.get('sizeUsd', 5000);
@@ -38,7 +55,7 @@ export default function fundingArb(api) {
             if (shouldClose) {
                 api.log.info(`Funding dropped to ${annualizedPct.toFixed(2)}% (below ${CLOSE_AT}%), closing ${positionSide}`);
                 const closeIsBuy = positionSide === 'short';
-                await api.client.marketOrder(coin, closeIsBuy, positionSize);
+                await api.client.marketOrder(coin, closeIsBuy, positionSize, undefined, 1);
                 inPosition = false;
                 api.state.set('inPosition', false);
                 api.log.info(`Position closed. Funding collected: ~$${totalFunding.toFixed(2)}`);
@@ -56,7 +73,7 @@ export default function fundingArb(api) {
             const price = parseFloat(mids[coin]);
             const size = SIZE_USD / price;
             api.log.info(`Funding at ${annualizedPct.toFixed(2)}% — opening ${side} ${size.toFixed(6)} ${coin}`);
-            const response = await api.client.marketOrder(coin, !shouldShort, size);
+            const response = await api.client.marketOrder(coin, !shouldShort, size, undefined, 1);
             if (response.status === 'ok' && response.response && typeof response.response === 'object') {
                 const status = response.response.data.statuses[0];
                 if (status?.filled) {

package/dist/auto/examples/grid.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrailContext, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare function guardrails({ config: values }: AutomationGuardrailContext): AutomationGuardrails;
 export default function grid(api: AutomationAPI): void;
 //# sourceMappingURL=grid.d.ts.map

package/dist/auto/examples/grid.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"grid.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/grid.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBAUpB,CAAC;AASF,MAAM,CAAC,OAAO,UAAU,IAAI,CAAC,GAAG,EAAE,aAAa,QA+G9C"}
+{"version":3,"file":"grid.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/grid.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAErH,eAAO,MAAM,MAAM,EAAE,gBAUpB,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,0BAA0B,GAAG,oBAAoB,CAe/F;AASD,MAAM,CAAC,OAAO,UAAU,IAAI,CAAC,GAAG,EAAE,aAAa,QA+G9C"}

package/dist/auto/examples/grid.js

@@ -10,6 +10,22 @@ export const config = {
         mode: { type: 'string', description: 'Grid mode: neutral, long, or short', default: 'neutral' },
     },
 };
+export function guardrails({ config: values }) {
+    return {
+        mode: 'trading',
+        allowedMarkets: [String(values.coin ?? 'HYPE')],
+        maxOrderUsd: 10_000,
+        maxPositionUsd: 25_000,
+        maxTotalExposureUsd: 25_000,
+        maxLeverage: 1,
+        maxMarginUsedPct: 50,
+        maxOpenOrders: 25,
+        maxOrdersPerMinute: 25,
+        maxSlippageBps: 50,
+        allowMarketOrders: false,
+        allowAccountWideCancel: false,
+    };
+}
 export default function grid(api) {
     const COIN = api.state.get('coin', 'HYPE');
     const GRIDS = api.state.get('grids', 10);
@@ -43,7 +59,7 @@ export default function grid(api) {
             if (Math.abs(price - mid) / mid < 0.001)
                 continue;
             const level = { price, side, size: SIZE };
-            const response = await api.client.limitOrder(COIN, side === 'buy', SIZE, price, 'Gtc', false);
+            const response = await api.client.limitOrder(COIN, side === 'buy', SIZE, price, 'Gtc', false, 1);
             if (response.status === 'ok' && response.response && typeof response.response === 'object') {
                 const status = response.response.data.statuses[0];
                 if (status?.resting) {
@@ -84,7 +100,7 @@ export default function grid(api) {
             const oppositePrice = level.side === 'buy' ? level.price + spacing : level.price - spacing;
             if (oppositePrice < lower || oppositePrice > upper)
                 continue;
-            const response = await api.client.limitOrder(COIN, oppositeSide === 'buy', SIZE, oppositePrice, 'Gtc', false);
+            const response = await api.client.limitOrder(COIN, oppositeSide === 'buy', SIZE, oppositePrice, 'Gtc', false, 1);
             if (response.status === 'ok' && response.response && typeof response.response === 'object') {
                 const status = response.response.data.statuses[0];
                 if (status?.resting) {

package/dist/auto/examples/mm-maker.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrailContext, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare function guardrails({ config: values }: AutomationGuardrailContext): AutomationGuardrails;
 export default function mmMaker(api: AutomationAPI): void;
 //# sourceMappingURL=mm-maker.d.ts.map

package/dist/auto/examples/mm-maker.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mm-maker.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/mm-maker.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,MAAM,CAAC,OAAO,UAAU,OAAO,CAAC,GAAG,EAAE,aAAa,QA6GjD"}
+{"version":3,"file":"mm-maker.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/mm-maker.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAErH,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,0BAA0B,GAAG,oBAAoB,CAe/F;AAED,MAAM,CAAC,OAAO,UAAU,OAAO,CAAC,GAAG,EAAE,aAAa,QA6GjD"}

package/dist/auto/examples/mm-maker.js

@@ -9,6 +9,22 @@ export const config = {
         skewFactor: { type: 'number', description: 'Inventory skew aggressiveness', default: 2.0 },
     },
 };
+export function guardrails({ config: values }) {
+    return {
+        mode: 'trading',
+        allowedMarkets: [String(values.coin ?? 'HYPE')],
+        maxOrderUsd: 10_000,
+        maxPositionUsd: 25_000,
+        maxTotalExposureUsd: 25_000,
+        maxLeverage: 1,
+        maxMarginUsedPct: 50,
+        maxOpenOrders: 10,
+        maxOrdersPerMinute: 60,
+        maxSlippageBps: 25,
+        allowMarketOrders: false,
+        allowAccountWideCancel: false,
+    };
+}
 export default function mmMaker(api) {
     const COIN = api.state.get('coin', 'HYPE');
     const SIZE = api.state.get('size', 0.1);
@@ -85,7 +101,7 @@ export default function mmMaker(api) {
         }
         // Place ALO bid
         if (shouldBid && !bidOid && safeBid < book.bestAsk) {
-            const resp = await api.client.limitOrder(COIN, true, SIZE, safeBid, 'Alo', false);
+            const resp = await api.client.limitOrder(COIN, true, SIZE, safeBid, 'Alo', false, 1);
             if (resp.status === 'ok' && resp.response && typeof resp.response === 'object') {
                 const s = resp.response.data.statuses[0];
                 if (s?.resting) {
@@ -99,7 +115,7 @@ export default function mmMaker(api) {
         }
         // Place ALO ask
         if (shouldAsk && !askOid && safeAsk > book.bestBid) {
-            const resp = await api.client.limitOrder(COIN, false, SIZE, safeAsk, 'Alo', false);
+            const resp = await api.client.limitOrder(COIN, false, SIZE, safeAsk, 'Alo', false, 1);
             if (resp.status === 'ok' && resp.response && typeof resp.response === 'object') {
                 const s = resp.response.data.statuses[0];
                 if (s?.resting) {

package/dist/auto/examples/mm-spread.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrailContext, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare function guardrails({ config: values }: AutomationGuardrailContext): AutomationGuardrails;
 export default function mmSpread(api: AutomationAPI): void;
 //# sourceMappingURL=mm-spread.d.ts.map

package/dist/auto/examples/mm-spread.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mm-spread.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/mm-spread.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,MAAM,CAAC,OAAO,UAAU,QAAQ,CAAC,GAAG,EAAE,aAAa,QAmGlD"}
+{"version":3,"file":"mm-spread.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/mm-spread.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAErH,eAAO,MAAM,MAAM,EAAE,gBASpB,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,0BAA0B,GAAG,oBAAoB,CAe/F;AAED,MAAM,CAAC,OAAO,UAAU,QAAQ,CAAC,GAAG,EAAE,aAAa,QAmGlD"}

package/dist/auto/examples/mm-spread.js

@@ -9,6 +9,22 @@ export const config = {
         skewFactor: { type: 'number', description: 'Inventory skew aggressiveness', default: 2.0 },
     },
 };
+export function guardrails({ config: values }) {
+    return {
+        mode: 'trading',
+        allowedMarkets: [String(values.coin ?? 'HYPE')],
+        maxOrderUsd: 10_000,
+        maxPositionUsd: 25_000,
+        maxTotalExposureUsd: 25_000,
+        maxLeverage: 1,
+        maxMarginUsedPct: 50,
+        maxOpenOrders: 10,
+        maxOrdersPerMinute: 60,
+        maxSlippageBps: 25,
+        allowMarketOrders: false,
+        allowAccountWideCancel: false,
+    };
+}
 export default function mmSpread(api) {
     const COIN = api.state.get('coin', 'HYPE');
     const SIZE = api.state.get('size', 0.1);
@@ -82,7 +98,7 @@ export default function mmSpread(api) {
         }
         // Place new quotes
         if (shouldBid && !bidOid) {
-            const resp = await api.client.limitOrder(COIN, true, SIZE, targetBid, 'Gtc', false);
+            const resp = await api.client.limitOrder(COIN, true, SIZE, targetBid, 'Gtc', false, 1);
             if (resp.status === 'ok' && resp.response && typeof resp.response === 'object') {
                 const s = resp.response.data.statuses[0];
                 if (s?.resting) {
@@ -92,7 +108,7 @@ export default function mmSpread(api) {
             }
         }
         if (shouldAsk && !askOid) {
-            const resp = await api.client.limitOrder(COIN, false, SIZE, targetAsk, 'Gtc', false);
+            const resp = await api.client.limitOrder(COIN, false, SIZE, targetAsk, 'Gtc', false, 1);
             if (resp.status === 'ok' && resp.response && typeof resp.response === 'object') {
                 const s = resp.response.data.statuses[0];
                 if (s?.resting) {

package/dist/auto/examples/price-alert.d.ts

@@ -1,4 +1,5 @@
-import type { AutomationAPI, AutomationConfig } from '../types.js';
+import type { AutomationAPI, AutomationConfig, AutomationGuardrails } from '../types.js';
 export declare const config: AutomationConfig;
+export declare const guardrails: AutomationGuardrails;
 export default function priceAlert(api: AutomationAPI): void;
 //# sourceMappingURL=price-alert.d.ts.map

package/dist/auto/examples/price-alert.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"price-alert.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/price-alert.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEnE,eAAO,MAAM,MAAM,EAAE,gBAQpB,CAAC;AAEF,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,GAAG,EAAE,aAAa,QAgFpD"}
+{"version":3,"file":"price-alert.d.ts","sourceRoot":"","sources":["../../../scripts/auto/examples/price-alert.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEzF,eAAO,MAAM,MAAM,EAAE,gBAQpB,CAAC;AAEF,eAAO,MAAM,UAAU,EAAE,oBAA4C,CAAC;AAEtE,MAAM,CAAC,OAAO,UAAU,UAAU,CAAC,GAAG,EAAE,aAAa,QAgFpD"}

package/dist/auto/examples/price-alert.js

@@ -9,6 +9,7 @@ export const config = {
         below: { type: 'number', description: 'Alert when price goes below this level (0 = disabled)', default: 0 },
     },
 };
+export const guardrails = { mode: 'read-only' };
 export default function priceAlert(api) {
     const COIN = api.state.get('coin', 'BTC');
     const THRESHOLD = api.state.get('threshold', 0.1);

package/dist/auto/guardrails.d.ts

@@ -0,0 +1,19 @@
+import type { HyperliquidClient } from '../core/client.js';
+import type { AutomationGuardrailContext, AutomationGuardrails, AutomationGuardrailsExport, AutomationLogger } from './types.js';
+export declare const CLIENT_WRITE_METHODS: Set<string>;
+export declare class GuardrailViolation extends Error {
+    readonly code: string;
+    constructor(code: string, message: string);
+}
+export declare function canonicalMarket(market: string): string;
+export declare function validateAutomationGuardrails(value: unknown): AutomationGuardrails;
+export declare function resolveAutomationGuardrails(exported: AutomationGuardrailsExport, context: AutomationGuardrailContext): AutomationGuardrails;
+export interface GuardrailedClientOptions {
+    policy: AutomationGuardrails;
+    rawClient: HyperliquidClient;
+    log: AutomationLogger;
+    onViolation?: (error: GuardrailViolation, method: string, args: unknown[]) => void;
+}
+/** Wrap a client so every public write method crosses the validated policy boundary. */
+export declare function createGuardrailedClient(executionClient: HyperliquidClient, options: GuardrailedClientOptions): HyperliquidClient;
+//# sourceMappingURL=guardrails.d.ts.map

package/dist/auto/guardrails.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardrails.d.ts","sourceRoot":"","sources":["../../scripts/auto/guardrails.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,KAAK,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,0BAA0B,EAC1B,gBAAgB,EAEjB,MAAM,YAAY,CAAC;AAEpB,eAAO,MAAM,oBAAoB,aAQ/B,CAAC;AAiBH,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;gBAEV,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAK1C;AAgCD,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAOtD;AAED,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,OAAO,GAAG,oBAAoB,CAuDjF;AAED,wBAAgB,2BAA2B,CACzC,QAAQ,EAAE,0BAA0B,EACpC,OAAO,EAAE,0BAA0B,GAClC,oBAAoB,CAUtB;AAuTD,MAAM,WAAW,wBAAwB;IACvC,MAAM,EAAE,oBAAoB,CAAC;IAC7B,SAAS,EAAE,iBAAiB,CAAC;IAC7B,GAAG,EAAE,gBAAgB,CAAC;IACtB,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,IAAI,CAAC;CACpF;AAED,wFAAwF;AACxF,wBAAgB,uBAAuB,CACrC,eAAe,EAAE,iBAAiB,EAClC,OAAO,EAAE,wBAAwB,GAChC,iBAAiB,CA6NnB"}