sentinelayer-cli 0.19.0 → 0.21.0

package/src/legacy-cli.js

@@ -194,6 +194,7 @@ function parseCliArgs(argv) {
 }
 
 function printUsage() {
+  const writeUsageLine = (line = "") => process.stdout.write(`${line}\n`);
   console.log(`sentinelayer-cli v${CLI_VERSION}`);
   console.log("");
   console.log("Usage: sl <command> [options]");
@@ -223,8 +224,13 @@ function printUsage() {
   console.log("  sl session action <id> working_on --target-sequence <n>  Claim work on a message");
   console.log("  sl session reply <id> <seq> \"msg\"  Thread a response under a message");
   console.log("  sl session comment <id> <seq> \"msg\"  Alias for threaded reply");
-  console.log("  sl session view <id> <seq>          Record a read receipt");
-  console.log("  sl session read <id> --tail 20     Read session stream events");
+  console.log("  sl session read <id> --remote --agent <id>  Read stream events and auto-record views");
+  console.log("  sl session view <id> <seq>          Manually backfill a read receipt");
+  console.log("  sl session pins <id> --json         List pinned messages with content (readable by agents)");
+  console.log("  sl session listen --session <id> --agent <id>  Background-poll a session for new events");
+  console.log("  sl session recap now <id> --remote --json  Summarize current owners, locks, and work");
+  console.log("  sl session daemon --session <id>    Run Senti recaps/checkpoints for long rooms");
+  console.log("  sl session read <id> --tail 20      Read local session stream events");
   console.log("  sl session status <id> --json      Show session health, agents, runs, leases");
   console.log("  sl session leave <id>              Leave a session");
   console.log("  sl session list --json             List active sessions");
@@ -253,13 +259,13 @@ function printUsage() {
   console.log("  sl audit frontend --path . --json  Jules frontend audit (--stream for NDJSON, --url for runtime)");
   console.log("  sl audit security --path . --json  Security-focused audit");
   console.log("");
-  console.log("AIdenID (Identity Testing):");
-  console.log("  sl ai identity provision --execute  Provision ephemeral test email (auto-credentials after login)");
-  console.log("  sl ai identity wait-for-otp <id>   Poll for OTP extraction from provisioned email");
-  console.log("  sl ai identity list                List tracked identities");
-  console.log("  sl ai identity lineage <id>        Show identity parent/child tree");
-  console.log("  sl ai identity revoke <id>         Revoke a provisioned identity");
-  console.log("");
+  writeUsageLine("AIdenID (Identity Testing):");
+  writeUsageLine("  sl ai identity provision --execute  Provision ephemeral test email (auto-credentials after login)");
+  writeUsageLine("  sl ai identity wait-for-otp <id>   Poll for OTP extraction from provisioned email");
+  writeUsageLine("  sl ai identity list                List tracked identities");
+  writeUsageLine("  sl ai identity lineage <id>        Show identity parent/child tree");
+  writeUsageLine("  sl ai identity revoke <id>         Revoke a provisioned identity");
+  writeUsageLine("");
   console.log("Cost & Policy:");
   console.log("  sl cost show --json                Show accumulated cost tracking");
   console.log("  sl policy list                     List available policy packs");
@@ -2338,17 +2344,18 @@ jobs:
           fi
       - name: Run Omar Gate
         id: omar
-        uses: mrrCarter/sentinelayer-v1-action@8595c4ad41e7b710ff6b1de0603da6ad8c0c3c07
+        uses: mrrCarter/sentinelayer-v1-action@03d7369cba7de2e9f15b959275c982111f0ee493
         with:
           github_token: \${{ github.token }}
           sentinelayer_token: \${{ secrets.${normalizedSecret} }}${specIdBindingLine}
           sentinelayer_managed_llm: "false"
           openai_api_key: \${{ secrets.OPENAI_API_KEY }}
+          google_api_key: \${{ secrets.GOOGLE_API_KEY }}
           scan_mode: \${{ github.event_name == 'workflow_dispatch' && inputs.scan_mode || 'deep' }}
           severity_gate: \${{ github.event_name == 'workflow_dispatch' && inputs.severity_gate || 'P1' }}
           model: gpt-5.3-codex
           codex_model: gpt-5.3-codex
-          model_fallback: gpt-5.2-codex
+          model_fallback: gemini-2.5-flash
           llm_failure_policy: block
       - name: Enforce Omar reviewer merge thresholds
         shell: bash

package/src/mcp/registry.js

@@ -401,6 +401,157 @@ export function buildAidenIdRegistryTemplate({ generatedAt = new Date().toISOStr
   };
 }
 
+/**
+ * Create a local SentinelLayer session MCP registry template.
+ *
+ * @param {{ generatedAt?: string }} [options]
+ * @returns {Record<string, any>}
+ */
+export function buildSentinelayerSessionRegistryTemplate({ generatedAt = new Date().toISOString() } = {}) {
+  return {
+    version: MCP_TOOL_REGISTRY_SCHEMA_VERSION,
+    generated_at: generatedAt,
+    tools: [
+      {
+        name: "poll_inbox",
+        title: "Poll Senti Inbox",
+        description:
+          "Poll durable SentinelLayer session events after an optional cursor and return events visible to one agent.",
+        input_schema: {
+          type: "object",
+          additionalProperties: false,
+          required: ["sessionId", "agentId"],
+          properties: {
+            sessionId: { type: "string" },
+            agentId: { type: "string" },
+            cursor: { type: "string" },
+            limit: { type: "integer", minimum: 1, maximum: 200 },
+            actionLimit: { type: "integer", minimum: 1, maximum: 200 },
+            includeActions: { type: "boolean" },
+            includeSelf: { type: "boolean" },
+            includeControlEvents: { type: "boolean" },
+          },
+        },
+        transport: {
+          type: "internal",
+          method: "POST",
+          url: "sentinelayer://session/poll_inbox",
+          timeout_ms: 15000,
+          auth: { mode: "none" },
+        },
+        budgets: {
+          max_calls_per_run: 60,
+          max_runtime_ms: 15000,
+        },
+        security: {
+          requires_human_approval: false,
+          kill_switch: "enabled",
+          scopes: ["session:read"],
+        },
+        metadata: {
+          provider: "sentinelayer",
+          adapter: "sentinelayer-cli",
+          server: "sentinelayer-session-mcp",
+        },
+      },
+      {
+        name: "send_message",
+        title: "Send Senti Message",
+        description:
+          "Send an authenticated agent session_message through the canonical SentinelLayer session event API.",
+        input_schema: {
+          type: "object",
+          additionalProperties: false,
+          required: ["sessionId", "agentId", "message"],
+          properties: {
+            sessionId: { type: "string" },
+            agentId: { type: "string" },
+            message: { type: "string" },
+            to: {
+              type: "array",
+              items: { type: "string" },
+            },
+            model: { type: "string" },
+            role: { type: "string" },
+            displayName: { type: "string" },
+            idempotencyKey: { type: "string" },
+            dryRun: { type: "boolean" },
+          },
+        },
+        transport: {
+          type: "internal",
+          method: "POST",
+          url: "sentinelayer://session/send_message",
+          timeout_ms: 15000,
+          auth: { mode: "none" },
+        },
+        budgets: {
+          max_calls_per_run: 20,
+          max_runtime_ms: 15000,
+        },
+        security: {
+          requires_human_approval: false,
+          kill_switch: "enabled",
+          scopes: ["session:write"],
+        },
+        metadata: {
+          provider: "sentinelayer",
+          adapter: "sentinelayer-cli",
+          server: "sentinelayer-session-mcp",
+        },
+      },
+      {
+        name: "attention_request",
+        title: "Request Senti Attention",
+        description:
+          "Create a help_request event for high-signal agent or human attention without chat polling.",
+        input_schema: {
+          type: "object",
+          additionalProperties: false,
+          required: ["sessionId", "agentId", "message"],
+          properties: {
+            sessionId: { type: "string" },
+            agentId: { type: "string" },
+            message: { type: "string" },
+            to: {
+              type: "array",
+              items: { type: "string" },
+            },
+            priority: { type: "string" },
+            severity: { type: "string" },
+            model: { type: "string" },
+            role: { type: "string" },
+            displayName: { type: "string" },
+            idempotencyKey: { type: "string" },
+            dryRun: { type: "boolean" },
+          },
+        },
+        transport: {
+          type: "internal",
+          method: "POST",
+          url: "sentinelayer://session/attention_request",
+          timeout_ms: 15000,
+          auth: { mode: "none" },
+        },
+        budgets: {
+          max_calls_per_run: 20,
+          max_runtime_ms: 15000,
+        },
+        security: {
+          requires_human_approval: false,
+          kill_switch: "enabled",
+          scopes: ["session:write"],
+        },
+        metadata: {
+          provider: "sentinelayer",
+          adapter: "sentinelayer-cli",
+          server: "sentinelayer-session-mcp",
+        },
+      },
+    ],
+  };
+}
+
 /**
  * Create an AIdenID adapter contract template that binds MCP tools to provisioning endpoints.
  *