unbrowse 3.1.0 → 3.2.0

package/runtime-src/orchestrator/browser-agent.ts

@@ -1,374 +0,0 @@
-/**
- * Phase 4: Agentic Browser Loop
- *
- * When no cached API exists, autonomously drives the browser to achieve
- * the intent. Snapshots the page, asks an LLM what action to take,
- * executes it via Kuri, and checks for API calls after each step.
- * All captured traffic is passively indexed for future reuse.
- */
-
-import * as kuri from "../kuri/client.js";
-import type { KuriHarEntry } from "../kuri/client.js";
-import { INTERCEPTOR_SCRIPT, collectInterceptedRequests, type RawRequest } from "../capture/index.js";
-import { extractEndpoints, extractAuthHeaders } from "../reverse-engineer/index.js";
-import { extractBrowserCookies } from "../auth/browser-cookies.js";
-import { queueBackgroundIndex } from "../indexer/index.js";
-import { mergeEndpoints } from "../marketplace/index.js";
-import { buildSkillOperationGraph } from "../graph/index.js";
-import { augmentEndpointsWithAgent } from "../graph/agent-augment.js";
-import { findExistingSkillForDomain, cachePublishedSkill } from "../client/index.js";
-import { storeCredential } from "../vault/index.js";
-import { generateLocalDescription } from "./index.js";
-import { nanoid } from "nanoid";
-import type { EndpointDescriptor, SkillManifest } from "../types/index.js";
-
-const MAX_STEPS = 5;
-const ACTION_SETTLE_MS = 2000;
-
-// ── LLM-based action planning ─────────────────────────────────────────
-
-interface PlannedAction {
-  action: "click" | "fill" | "scroll" | "press" | "done";
-  ref?: string;
-  value?: string;
-  reason: string;
-}
-
-/**
- * Ask the LLM: given this intent and page snapshot, what's the single
- * best action to take? Lightweight structured output (~500 tokens).
- */
-async function planNextAction(
-  intent: string,
-  params: Record<string, unknown>,
-  snapshot: string,
-  currentUrl: string,
-): Promise<PlannedAction> {
-  // Trim snapshot to keep prompt small
-  const trimmedSnapshot = snapshot.length > 3000 ? snapshot.substring(0, 3000) + "\n..." : snapshot;
-
-  const prompt = `You are a browser agent. Given a user intent and the interactive elements on the page, decide the SINGLE best action to take to achieve the intent. Return ONLY valid JSON.
-
-Intent: "${intent}"
-${Object.keys(params).length > 0 ? `Params: ${JSON.stringify(params)}` : ""}
-Current URL: ${currentUrl}
-
-Interactive elements:
-${trimmedSnapshot}
-
-Return JSON: {"action":"click"|"fill"|"scroll"|"press"|"done", "ref":"eN", "value":"text for fill/press", "reason":"why"}
-- "click" a link/button/tab that will load the data the intent asks for
-- "fill" a search box then the next action should press Enter
-- "scroll" down if the page needs to load more content
-- "press" a key like Enter after filling a search box
-- "done" if the page already shows the data or no useful action exists
-
-JSON:`;
-
-  try {
-    // Use kuri's evaluate to call a local inference endpoint, or fall back to
-    // simple heuristic-based planning if no LLM is available
-    const result = await heuristicPlan(intent, params, snapshot, currentUrl);
-    return result;
-  } catch {
-    return { action: "done", reason: "planning failed" };
-  }
-}
-
-/**
- * Heuristic-based action planning — no LLM needed.
- * Handles common patterns: search intents, feed/timeline intents, navigation.
- */
-function heuristicPlan(
-  intent: string,
-  params: Record<string, unknown>,
-  snapshot: string,
-  _currentUrl: string,
-): PlannedAction {
-  const intentLower = intent.toLowerCase();
-  const lines = snapshot.split("\n").filter(l => l.trim());
-
-  // Parse refs from snapshot
-  const elements = lines.map(l => {
-    const match = l.match(/^\[(\w+)\]\s+(\w+)\s+"?(.+?)"?\s*$/);
-    if (!match) return null;
-    return { ref: match[1], role: match[2], name: match[3].replace(/"$/, "") };
-  }).filter(Boolean) as Array<{ ref: string; role: string; name: string }>;
-
-  // Search intent: find a textbox and fill it
-  const isSearch = /search|find|look\s*up|query/i.test(intentLower);
-  if (isSearch) {
-    const searchTerm = (params.q ?? params.query ?? params.keywords ?? extractSearchTerm(intent)) as string;
-    const textbox = elements.find(e => e.role === "textbox" || e.role === "searchbox");
-    if (textbox && searchTerm) {
-      return { action: "fill", ref: textbox.ref, value: searchTerm, reason: `Fill search box with "${searchTerm}"` };
-    }
-  }
-
-  // Feed/timeline intent: look for relevant tabs
-  const isFeed = /timeline|feed|home|for\s*you|following|trending/i.test(intentLower);
-  if (isFeed) {
-    const feedTab = elements.find(e =>
-      (e.role === "tab" || e.role === "link") &&
-      /for you|following|trending|home|latest/i.test(e.name)
-    );
-    if (feedTab) {
-      return { action: "click", ref: feedTab.ref, reason: `Click "${feedTab.name}" to load feed data` };
-    }
-  }
-
-  // Look for a button/link that semantically matches the intent
-  const intentWords = intentLower.split(/\s+/).filter(w => w.length > 3);
-  for (const el of elements) {
-    if (el.role !== "link" && el.role !== "button" && el.role !== "tab") continue;
-    const nameLower = el.name.toLowerCase();
-    const matchScore = intentWords.filter(w => nameLower.includes(w)).length;
-    if (matchScore >= 2 || (matchScore >= 1 && intentWords.length <= 3)) {
-      return { action: "click", ref: el.ref, reason: `"${el.name}" matches intent` };
-    }
-  }
-
-  // If we just filled a search, press Enter
-  if (isSearch) {
-    return { action: "press", value: "Enter", reason: "Submit search" };
-  }
-
-  // Scroll down to trigger lazy-loaded content
-  return { action: "scroll", reason: "Scroll to trigger lazy-loaded API calls" };
-}
-
-function extractSearchTerm(intent: string): string {
-  // "search people named minh" → "minh"
-  // "search for react components" → "react components"
-  const match = intent.match(/(?:search|find|look\s*up)\s+(?:for\s+)?(?:people\s+(?:named|called)\s+)?(.+)/i);
-  return match?.[1]?.trim() ?? intent;
-}
-
-// ── Agentic browser loop ──────────────────────────────────────────────
-
-export interface AgenticBrowseResult {
-  endpoints: EndpointDescriptor[];
-  skill?: SkillManifest;
-  result?: unknown;
-  stepsExecuted: number;
-  requestsCaptured: number;
-}
-
-/**
- * Autonomously drive the browser to achieve an intent.
- * Snapshots → plans → acts → captures APIs → repeats.
- * All traffic is passively indexed regardless of success.
- */
-export async function agenticBrowserResolve(
-  tabId: string,
-  intent: string,
-  params: Record<string, unknown>,
-  url: string,
-): Promise<AgenticBrowseResult> {
-  const domain = new URL(url).hostname;
-
-  // Inject cookies from user's Chrome
-  try {
-    const { cookies } = extractBrowserCookies(domain);
-    for (const c of cookies) await kuri.setCookie(tabId, c).catch(() => {});
-  } catch { /* non-fatal */ }
-
-  // Inject fetch/XHR interceptor
-  await kuri.evaluate(tabId, INTERCEPTOR_SCRIPT).catch(() => {});
-
-  // Start HAR recording
-  await kuri.harStart(tabId).catch(() => {});
-
-  // Navigate if not already on the page
-  const currentUrl = await kuri.getCurrentUrl(tabId).catch(() => "");
-  if (!currentUrl || !currentUrl.startsWith("http") || new URL(currentUrl).hostname !== domain) {
-    await kuri.navigate(tabId, url);
-    await new Promise(r => setTimeout(r, 2000));
-    // Re-inject interceptor after navigation
-    await kuri.evaluate(tabId, INTERCEPTOR_SCRIPT).catch(() => {});
-  }
-
-  let allRequests: RawRequest[] = [];
-  let allEndpoints: EndpointDescriptor[] = [];
-  let stepsExecuted = 0;
-  let lastFillRef: string | undefined;
-
-  for (let step = 0; step < MAX_STEPS; step++) {
-    // 1. Snapshot the page
-    let snapshot: string;
-    try {
-      snapshot = await kuri.snapshot(tabId, "interactive");
-    } catch {
-      break;
-    }
-    if (!snapshot || snapshot.length < 10) {
-      await new Promise(r => setTimeout(r, 1500));
-      continue;
-    }
-
-    // 2. Plan next action
-    const decision = planNextAction(intent, params, snapshot, url);
-    console.log(`[agentic-browse] step ${step}: ${decision.action} ${decision.ref ?? ""} — ${decision.reason}`);
-
-    if (decision.action === "done") break;
-
-    // 3. Execute action
-    try {
-      switch (decision.action) {
-        case "click":
-          if (decision.ref) await kuri.click(tabId, decision.ref);
-          break;
-        case "fill":
-          if (decision.ref && decision.value) {
-            await kuri.fill(tabId, decision.ref, decision.value);
-            lastFillRef = decision.ref;
-          }
-          break;
-        case "scroll":
-          await kuri.scroll(tabId, "down");
-          break;
-        case "press":
-          if (decision.value) await kuri.press(tabId, decision.value);
-          break;
-      }
-    } catch (err) {
-      console.log(`[agentic-browse] action failed: ${err instanceof Error ? err.message : err}`);
-    }
-
-    stepsExecuted++;
-
-    // 4. Wait for API calls to settle
-    await new Promise(r => setTimeout(r, ACTION_SETTLE_MS));
-
-    // Re-inject interceptor in case navigation happened
-    await kuri.evaluate(tabId, INTERCEPTOR_SCRIPT).catch(() => {});
-
-    // 5. Check intercepted requests
-    try {
-      const intercepted = await collectInterceptedRequests(tabId);
-      const newRequests: RawRequest[] = intercepted
-        .filter(r => !allRequests.some(e => e.url === r.url && e.method === r.method))
-        .map(r => ({
-          url: r.url,
-          method: r.method,
-          request_headers: r.request_headers ?? {},
-          request_body: r.request_body,
-          response_status: r.response_status,
-          response_headers: r.response_headers ?? {},
-          response_body: r.response_body,
-          timestamp: r.timestamp,
-        }));
-
-      if (newRequests.length > 0) {
-        allRequests.push(...newRequests);
-        const newEndpoints = extractEndpoints(newRequests, undefined, { pageUrl: url, finalUrl: url });
-        if (newEndpoints.length > 0) {
-          allEndpoints.push(...newEndpoints);
-          console.log(`[agentic-browse] step ${step}: found ${newEndpoints.length} new endpoints`);
-        }
-      }
-    } catch { /* non-fatal */ }
-
-    // If after a fill we should press Enter
-    if (decision.action === "fill" && lastFillRef) {
-      // Next iteration will handle pressing Enter via heuristic
-    }
-  }
-
-  // Also collect HAR entries
-  try {
-    const { entries } = await kuri.harStop(tabId);
-    const harRequests = entries
-      .filter((e: KuriHarEntry) => e.request && e.response)
-      .map((e: KuriHarEntry) => ({
-        url: e.request.url,
-        method: e.request.method,
-        request_headers: Object.fromEntries((e.request.headers ?? []).map(h => [h.name.toLowerCase(), h.value])),
-        request_body: e.request.postData?.text,
-        response_status: e.response.status,
-        response_headers: Object.fromEntries((e.response.headers ?? []).map(h => [h.name.toLowerCase(), h.value])),
-        response_body: e.response.content?.text,
-        timestamp: e.startedDateTime ?? new Date().toISOString(),
-      }));
-    // Merge HAR requests that interceptor missed
-    for (const r of harRequests) {
-      if (!allRequests.some(e => e.url === r.url && e.method === r.method)) {
-        allRequests.push(r);
-      }
-    }
-  } catch { /* non-fatal */ }
-
-  // Merge all captured endpoints
-  if (allEndpoints.length === 0 && allRequests.length > 0) {
-    allEndpoints = extractEndpoints(allRequests, undefined, { pageUrl: url, finalUrl: url });
-  }
-
-  // ── Full passive indexing pipeline (same as passiveIndexFromRequests) ──
-
-  let skill: SkillManifest | undefined;
-
-  if (allEndpoints.length > 0) {
-    // Auth extraction + vault storage
-    const capturedAuthHeaders = extractAuthHeaders(allRequests);
-    if (Object.keys(capturedAuthHeaders).length > 0) {
-      await storeCredential(`${domain}-session`, JSON.stringify({ headers: capturedAuthHeaders })).catch(() => {});
-    }
-
-    // Merge with existing skill
-    const existingSkill = findExistingSkillForDomain(domain, intent);
-    const mergedEndpoints = existingSkill
-      ? mergeEndpoints(existingSkill.endpoints, allEndpoints)
-      : allEndpoints;
-
-    // Generate descriptions
-    for (const ep of mergedEndpoints) {
-      if (!ep.description) ep.description = generateLocalDescription(ep);
-    }
-
-    const enrichedEndpoints = mergedEndpoints;
-
-    // Build operation graph
-    const operationGraph = buildSkillOperationGraph(enrichedEndpoints);
-
-    skill = {
-      skill_id: existingSkill?.skill_id ?? nanoid(),
-      version: "1.0.0",
-      schema_version: "1",
-      lifecycle: "active" as const,
-      execution_type: "http" as const,
-      created_at: existingSkill?.created_at ?? new Date().toISOString(),
-      updated_at: new Date().toISOString(),
-      name: domain,
-      intent_signature: `browse ${domain}`,
-      domain,
-      description: `API skill for ${domain}`,
-      owner_type: "agent" as const,
-      endpoints: enrichedEndpoints,
-      operation_graph: operationGraph,
-      intents: Array.from(new Set([...(existingSkill?.intents ?? []), intent])),
-    };
-
-    // Cache locally
-    try { cachePublishedSkill(skill); } catch { /* best-effort */ }
-
-    // Queue background publish
-    queueBackgroundIndex({
-      skill,
-      domain,
-      intent,
-      contextUrl: url,
-      cacheKey: `agentic:${domain}:${Date.now()}`,
-    });
-
-    console.log(`[agentic-browse] ${domain}: ${enrichedEndpoints.length} endpoints indexed from ${allRequests.length} requests across ${stepsExecuted} steps`);
-  } else {
-    console.log(`[agentic-browse] ${domain}: 0 endpoints from ${allRequests.length} requests across ${stepsExecuted} steps`);
-  }
-
-  return {
-    endpoints: allEndpoints,
-    skill,
-    stepsExecuted,
-    requestsCaptured: allRequests.length,
-  };
-}

package/runtime-src/orchestrator/dag-advisor.ts

@@ -1,59 +0,0 @@
-/**
- * DAG advisory planner bridge — backend-first with local fallback (Issue #218).
- *
- * The orchestrator calls fetchDagAdvisoryPlan with a full SkillManifest.
- * This module tries the backend graph (via fetchChain) first for cross-session
- * intelligence, then falls back to the local planner when the backend is
- * unavailable or returns no data.
- */
-
-import type { SkillManifest } from "../types/index.js";
-import {
-  fetchDagAdvisoryPlan as localFetchDagAdvisoryPlan,
-  applyDagAdvisoryBoosts,
-} from "../graph/planner.js";
-import type { DagAdvisoryPlan } from "../graph/planner.js";
-import { fetchChain } from "../client/graph-client.js";
-
-export { applyDagAdvisoryBoosts };
-export type { DagAdvisoryPlan };
-
-/**
- * Fetch a DAG advisory plan — tries backend graph first, falls back to local.
- *
- * @param skill  The full skill manifest (used for local fallback planning).
- * @param targetEndpointId  The endpoint we want to execute.
- * @param knownBindingKeys  Binding keys already available from context/params.
- */
-export async function fetchDagAdvisoryPlan(
-  skill: SkillManifest,
-  targetEndpointId: string,
-  knownBindingKeys: string[],
-): Promise<DagAdvisoryPlan> {
-  // Try backend graph first — provides cross-session intelligence
-  if (skill.domain) {
-    try {
-      const chain = await fetchChain(skill.domain, targetEndpointId, knownBindingKeys);
-      if (chain && Array.isArray(chain.chain) && chain.chain.length > 0) {
-        // Validate that chain endpoints exist in the local skill — discard stale backend data
-        const localEndpointIds = new Set(skill.endpoints.map((ep) => ep.endpoint_id));
-        const validPrereqs = chain.chain.filter(
-          (link) => link.endpoint_id !== targetEndpointId && localEndpointIds.has(link.endpoint_id),
-        );
-        if (validPrereqs.length > 0) {
-          return {
-            chain_ready: chain.resolved ?? true,
-            prerequisite_order: validPrereqs.map((link) => link.endpoint_id),
-            predicted_next: [],
-            skippable: [],
-          };
-        }
-      }
-    } catch {
-      // Backend unavailable — fall through to local planner
-    }
-  }
-
-  // Local fallback — uses the in-memory operation graph
-  return localFetchDagAdvisoryPlan(skill, targetEndpointId, knownBindingKeys);
-}

package/runtime-src/orchestrator/dag-feedback.ts

@@ -1,257 +0,0 @@
-/**
- * DAG learning loop (Issue #102).
- *
- * Fire-and-forget helpers that reinforce or penalise operation-graph edges
- * based on observed auto-exec outcomes. All writes are debounced per skill to
- * avoid flooding the local skill cache.
- *
- * Session actions and negatives are also forwarded to the backend graph API
- * (fire-and-forget, never blocking) so cross-session intelligence can be
- * aggregated.
- */
-
-import { nanoid } from "nanoid";
-import { cachePublishedSkill, getApiKey } from "../client/index.js";
-import { recordSession, recordNegative } from "../client/graph-client.js";
-import { buildSkillOperationGraph } from "../graph/index.js";
-import type { SkillManifest, SkillOperationEdge, SkillOperationNode } from "../types/index.js";
-import { DEFAULT_BACKEND_URL } from "../version.js";
-
-/** Stable session ID — one per process lifetime. */
-const SESSION_ID = nanoid();
-
-/** Expose session ID for test verification only. */
-export function _getSessionIdForTesting(): string {
-  return SESSION_ID;
-}
-
-// ---------------------------------------------------------------------------
-// Rate-limit / debounce state
-// ---------------------------------------------------------------------------
-
-/** Minimum ms between graph writes for the same skill. */
-export let DAG_WRITE_DEBOUNCE_MS = 5_000;
-
-/** Maximum number of pending timers at once (global back-pressure). */
-export const MAX_PENDING_WRITES = 50;
-
-const lastWriteAt = new Map<string, number>();
-const pendingTimers = new Map<string, ReturnType<typeof setTimeout>>();
-
-
-/** For tests only: reset all debounce/rate-limit state and optionally override the delay. */
-export function _resetForTesting(debounceMs = 5_000): void {
-  for (const t of pendingTimers.values()) clearTimeout(t);
-  pendingTimers.clear();
-  lastWriteAt.clear();
-  DAG_WRITE_DEBOUNCE_MS = debounceMs;
-}
-/** Retrieve the API key for backend edge publishing. Reuses graph-client auth. */
-function _getApiKeyForPublish(): string {
-  try {
-    return getApiKey();
-  } catch {
-    return "";
-  }
-}
-
-
-function scheduleWrite(skillId: string, fn: () => void): void {
-  if (pendingTimers.size >= MAX_PENDING_WRITES) return; // back-pressure: drop silently
-
-  const existing = pendingTimers.get(skillId);
-  if (existing) clearTimeout(existing);
-
-  const last = lastWriteAt.get(skillId) ?? 0;
-  const now = Date.now();
-  const delay = Math.max(0, DAG_WRITE_DEBOUNCE_MS - (now - last));
-
-  const timer = setTimeout(() => {
-    pendingTimers.delete(skillId);
-    lastWriteAt.set(skillId, Date.now());
-    try {
-      fn();
-    } catch {
-      /* non-critical — best effort */
-    }
-  }, delay);
-
-  pendingTimers.set(skillId, timer);
-}
-
-// ---------------------------------------------------------------------------
-// Confidence adjustment helpers
-// ---------------------------------------------------------------------------
-
-const BOOST_STEP = 0.05;
-const PENALTY_STEP = 0.08;
-const CONFIDENCE_MIN = 0.1;
-const CONFIDENCE_MAX = 1.0;
-
-function clamp(v: number, lo: number, hi: number): number {
-  return Math.max(lo, Math.min(hi, v));
-}
-
-function adjustEdgeConfidences(
-  edges: SkillOperationEdge[],
-  operationId: string,
-  delta: number,
-): SkillOperationEdge[] {
-  return edges.map((edge) => {
-    if (edge.to_operation_id === operationId || edge.from_operation_id === operationId) {
-      return {
-        ...edge,
-        confidence: clamp(edge.confidence + delta, CONFIDENCE_MIN, CONFIDENCE_MAX),
-      };
-    }
-    return edge;
-  });
-}
-
-function operationIdForEndpoint(skill: SkillManifest, endpointId: string): string | undefined {
-  return skill.operation_graph?.operations.find((op) => op.endpoint_id === endpointId)
-    ?.operation_id;
-}
-
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-
-/**
- * Record a successful or failed execution attempt for a given endpoint.
- * Adjusts edge confidences attached to the endpoint's operation node and
- * persists the updated graph to the local skill cache (debounced).
- */
-export function recordDagSessionAction(
-  skill: SkillManifest,
-  endpointId: string,
-  succeeded: boolean,
-): void {
-  if (!skill.operation_graph) return;
-
-  const opId = operationIdForEndpoint(skill, endpointId);
-  if (!opId) return;
-
-  const delta = succeeded ? BOOST_STEP : -PENALTY_STEP;
-
-  scheduleWrite(skill.skill_id, () => {
-    const updated: SkillManifest = {
-      ...skill,
-      operation_graph: {
-        ...skill.operation_graph!,
-        edges: adjustEdgeConfidences(skill.operation_graph!.edges, opId, delta),
-        generated_at: new Date().toISOString(),
-      },
-    };
-    cachePublishedSkill(updated);
-  });
-
-  // Fire-and-forget to backend — never block, never throw
-  if (skill.domain) {
-    recordSession(
-      skill.domain,
-      SESSION_ID,
-      endpointId,
-      skill.intent_signature ?? "",
-      succeeded ? "success" : "failure",
-    ).catch(() => {});
-  }
-}
-
-/**
- * Record an explicit negative signal for an endpoint (e.g. judge rejected the
- * result). Applies a larger confidence penalty than a plain failure.
- */
-export function recordDagNegative(skill: SkillManifest, endpointId: string): void {
-  if (!skill.operation_graph) return;
-
-  const opId = operationIdForEndpoint(skill, endpointId);
-  if (!opId) return;
-
-  scheduleWrite(skill.skill_id, () => {
-    const updated: SkillManifest = {
-      ...skill,
-      operation_graph: {
-        ...skill.operation_graph!,
-        edges: adjustEdgeConfidences(skill.operation_graph!.edges, opId, -(PENALTY_STEP * 2)),
-        generated_at: new Date().toISOString(),
-      },
-    };
-    cachePublishedSkill(updated);
-  });
-
-  // Fire-and-forget to backend — never block, never throw
-  if (skill.domain) {
-    recordNegative(
-      skill.domain,
-      skill.intent_signature ?? "",
-      endpointId,
-    ).catch(() => {});
-  }
-}
-
-/**
- * Rebuild the operation graph from the skill's current endpoints and persist
- * it to the local cache. Call this after live-capture adds or updates endpoints
- * so that future chunk queries reflect the latest topology.
- */
-export function upsertDagEdgesFromOperationGraph(skill: SkillManifest): void {
-  scheduleWrite(skill.skill_id, () => {
-    const freshGraph = buildSkillOperationGraph(skill.endpoints);
-    // Preserve learned edge confidences if the edge already exists.
-    const existing = skill.operation_graph;
-    const mergedEdges = freshGraph.edges.map((edge) => {
-      const prior = existing?.edges.find((e) => e.edge_id === edge.edge_id);
-      return prior ? { ...edge, confidence: prior.confidence } : edge;
-    });
-    const updated: SkillManifest = {
-      ...skill,
-      operation_graph: {
-        ...freshGraph,
-        edges: mergedEdges,
-      },
-    };
-    cachePublishedSkill(updated);
-
-    // Fire-and-forget: publish edges to the backend for each operation node
-    publishEdgesToBackend(skill.domain, freshGraph);
-  });
-}
-
-/**
- * Fire-and-forget: POST each operation node's edges to the backend API.
- * Failures are silently ignored — this must never block skill publish.
- */
-export function publishEdgesToBackend(
-  domain: string,
-  graph: { operations: SkillOperationNode[]; edges: SkillOperationEdge[] },
-): void {
-  const backendUrl = process.env.UNBROWSE_BACKEND_URL || DEFAULT_BACKEND_URL;
-
-  const apiKey = _getApiKeyForPublish();
-
-  for (const op of graph.operations) {
-    const node = {
-      endpoint_id: op.endpoint_id,
-      requires: op.requires.map((b) => b.key),
-      provides: op.provides.map((b) => b.key),
-      action_kind: op.action_kind,
-      resource_kind: op.resource_kind,
-    };
-
-    const edges = graph.edges
-      .filter((e) => e.from_operation_id === op.operation_id)
-      .map((e) => ({ to: e.to_operation_id, binding: e.binding_key }));
-
-    fetch(`${backendUrl}/v1/graph/edges`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        ...(apiKey ? { Authorization: `Bearer ${apiKey}` } : {}),
-      },
-      body: JSON.stringify({ domain, node, edges }),
-    }).catch(() => {
-      /* fire-and-forget — never block skill publish */
-    });
-  }
-}