vgxness 0.1.0

package/dist/skills/skill-resolver.js

@@ -0,0 +1,191 @@
+export class SkillResolver {
+    skills;
+    agents;
+    constructor(skills, agents) {
+        this.skills = skills;
+        this.agents = agents;
+    }
+    resolve(input) {
+        const agent = this.resolveAgent(input);
+        if (!agent.ok)
+            return agent;
+        const contextProject = input.project ?? agent.value?.project;
+        const contextScope = input.scope ?? agent.value?.scope ?? 'project';
+        const targetCandidates = this.targetCandidates(input, agent.value);
+        const attachmentCandidates = this.attachmentCandidates(targetCandidates);
+        if (!attachmentCandidates.ok)
+            return attachmentCandidates;
+        const candidates = [
+            ...this.agentSkillCandidates(agent.value),
+            ...attachmentCandidates.value,
+        ];
+        const bySkill = new Map();
+        const skipped = [];
+        for (const candidate of candidates) {
+            const skillResult = this.resolveSkill(candidate, contextProject, contextScope);
+            if (!skillResult.ok) {
+                skipped.push(skippedResolution(candidate.source, skillResult.error.message, candidate.skillId, candidate.name));
+                continue;
+            }
+            const versionResult = this.resolveVersion(skillResult.value, candidate.versionId);
+            if (!versionResult.ok) {
+                skipped.push({ source: candidate.source, skillId: skillResult.value.id, name: skillResult.value.name, reason: versionResult.error.message });
+                continue;
+            }
+            const existing = bySkill.get(skillResult.value.id);
+            if (existing !== undefined) {
+                existing.sources.push(candidate.source);
+                continue;
+            }
+            bySkill.set(skillResult.value.id, { skill: skillResult.value, version: versionResult.value, sources: [candidate.source] });
+        }
+        let usageRecorded = 0;
+        if (input.runId !== undefined && input.recordUsage !== undefined) {
+            for (const resolved of bySkill.values()) {
+                const usage = this.recordResolvedUsage(resolved, input.runId, input.recordUsage);
+                if (!usage.ok)
+                    return usage;
+                usageRecorded += 1;
+            }
+        }
+        return ok({
+            context: {
+                ...(contextProject !== undefined ? { project: contextProject } : {}),
+                ...(contextScope !== undefined ? { scope: contextScope } : {}),
+                ...(agent.value?.id !== undefined ? { agentId: agent.value.id } : {}),
+                ...(agent.value?.name !== undefined ? { agentName: agent.value.name } : {}),
+                ...(input.workflow !== undefined ? { workflow: input.workflow } : {}),
+                ...(input.phase !== undefined ? { phase: input.phase } : {}),
+                ...(input.providerAdapter !== undefined ? { providerAdapter: input.providerAdapter } : {}),
+                ...(input.runId !== undefined ? { runId: input.runId } : {}),
+            },
+            skills: [...bySkill.values()].map(toResolvedSkill),
+            skipped,
+            usageRecorded,
+        });
+    }
+    resolveAgent(input) {
+        if (input.agentId !== undefined)
+            return this.agents.getById(input.agentId);
+        if (input.agentName === undefined)
+            return ok(undefined);
+        if (input.project === undefined)
+            return validationFailure('--project is required when resolving by agent name');
+        return this.agents.getByName(input.project, input.scope ?? 'project', input.agentName);
+    }
+    targetCandidates(input, agent) {
+        const targets = [];
+        if (agent !== undefined) {
+            targets.push({ targetType: agent.mode, targetKey: agent.id });
+            targets.push({ targetType: agent.mode, targetKey: agent.name });
+            targets.push({ targetType: agent.mode, targetKey: `${agent.project}/${agent.scope}/${agent.name}` });
+        }
+        if (input.workflow !== undefined && input.phase !== undefined)
+            targets.push({ targetType: 'workflow-phase', targetKey: `${input.workflow}:${input.phase}` });
+        if (input.phase !== undefined)
+            targets.push({ targetType: 'workflow-phase', targetKey: input.phase });
+        if (input.providerAdapter !== undefined)
+            targets.push({ targetType: 'provider-adapter', targetKey: input.providerAdapter });
+        return dedupeTargets(targets);
+    }
+    agentSkillCandidates(agent) {
+        if (agent === undefined)
+            return [];
+        return agent.skills.map((name) => ({ name, source: { kind: 'agent-definition', targetType: agent.mode, targetKey: agent.id, reason: 'agent.skills' } }));
+    }
+    attachmentCandidates(targets) {
+        const attachments = this.skills.listAttachmentsForTargets(targets);
+        if (!attachments.ok)
+            return attachments;
+        return ok(attachments.value.map((attachment) => {
+            const candidate = { skillId: attachment.skillId, source: attachmentSource(attachment) };
+            if (attachment.versionId !== undefined)
+                candidate.versionId = attachment.versionId;
+            return candidate;
+        }));
+    }
+    resolveSkill(candidate, project, scope) {
+        if (candidate.skillId !== undefined)
+            return this.skills.getById(candidate.skillId);
+        if (candidate.name === undefined)
+            return validationFailure('Resolved skill candidate has neither skill id nor name');
+        if (project === undefined)
+            return validationFailure(`Skill ${candidate.name} needs a project context`);
+        return this.skills.getByName(project, scope, candidate.name);
+    }
+    resolveVersion(skill, candidateVersionId) {
+        const versionId = candidateVersionId ?? skill.currentVersionId;
+        if (versionId === undefined)
+            return validationFailure(`Skill ${skill.name} has no current version`);
+        const version = this.skills.getVersion(versionId);
+        if (!version.ok)
+            return version;
+        if (version.value.status !== 'active')
+            return validationFailure(`Skill ${skill.name} version ${version.value.version} is ${version.value.status}, not active`);
+        return version;
+    }
+    recordResolvedUsage(resolved, runId, outcome) {
+        const firstAttachment = resolved.sources.find((source) => source.kind === 'attachment');
+        const input = {
+            skillId: resolved.skill.id,
+            versionId: resolved.version.id,
+            runId,
+            outcome,
+            notes: `skill resolution v1 ${outcome}`,
+        };
+        if (firstAttachment?.targetType !== undefined && firstAttachment.targetKey !== undefined) {
+            input.targetType = firstAttachment.targetType;
+            input.targetKey = firstAttachment.targetKey;
+        }
+        return this.skills.recordUsage(input);
+    }
+}
+function toResolvedSkill(value) {
+    const sourceMetadata = value.version.source.inlineMetadata ?? {};
+    const summary = stringMetadata(sourceMetadata.summary);
+    const content = stringMetadata(sourceMetadata.content);
+    return {
+        skillId: value.skill.id,
+        name: value.skill.name,
+        description: value.skill.description,
+        versionId: value.version.id,
+        version: value.version.version,
+        source: value.version.source,
+        sourceMetadata,
+        ...(summary !== undefined ? { summary } : {}),
+        ...(content !== undefined ? { content } : {}),
+        attachmentSources: value.sources,
+    };
+}
+function attachmentSource(attachment) {
+    const reason = stringMetadata(attachment.metadata.reason);
+    return {
+        kind: 'attachment',
+        targetType: attachment.targetType,
+        targetKey: attachment.targetKey,
+        ...(reason !== undefined ? { reason } : {}),
+    };
+}
+function dedupeTargets(targets) {
+    const seen = new Set();
+    return targets.filter((target) => {
+        const key = `${target.targetType}:${target.targetKey}`;
+        if (seen.has(key))
+            return false;
+        seen.add(key);
+        return true;
+    });
+}
+function stringMetadata(value) {
+    return typeof value === 'string' && value.trim() ? value : undefined;
+}
+function skippedResolution(source, reason, skillId, name) {
+    const skipped = { source, reason };
+    if (skillId !== undefined)
+        skipped.skillId = skillId;
+    if (name !== undefined)
+        skipped.name = name;
+    return skipped;
+}
+function ok(value) { return { ok: true, value }; }
+function validationFailure(message) { return { ok: false, error: { code: 'validation_failed', message } }; }

package/dist/workflows/command-allowlist-adapter.js

@@ -0,0 +1,70 @@
+import { resolve } from 'node:path';
+import { buildSandboxExecutionPlan, executeSandboxedProcessSync } from '../runs/sandbox-process-execution.js';
+export const defaultCommandAllowlist = Object.freeze({
+    typecheck: Object.freeze({ id: 'typecheck', executable: 'npm', args: ['run', 'typecheck'], timeoutMs: 60_000, outputLimitBytes: 256 * 1024, description: 'Run the project TypeScript typecheck script.' }),
+    'node-version': Object.freeze({ id: 'node-version', executable: 'node', args: ['--version'], timeoutMs: 5_000, outputLimitBytes: 8 * 1024, description: 'Print the local Node.js version for a harmless bounded-process smoke check.' }),
+});
+export class CommandAllowlistAdapter {
+    id = 'command-allowlist-adapter';
+    commandId;
+    plan;
+    entry;
+    runner;
+    request;
+    constructor(options) {
+        const allowlist = options.allowlist ?? defaultCommandAllowlist;
+        const entry = allowlist[options.commandId];
+        if (entry === undefined)
+            throw new Error(`Command is not allowlisted: ${options.commandId}`);
+        this.commandId = options.commandId;
+        this.entry = entry;
+        this.runner = options.runner ?? executeSandboxedProcessSync;
+        this.request = {
+            workspaceRoot: options.workspaceRoot,
+            cwd: options.cwd === undefined ? options.workspaceRoot : resolve(options.workspaceRoot, options.cwd),
+            command: entry.executable,
+            args: entry.args,
+            allowedCommands: [entry.executable],
+            timeoutMs: entry.timeoutMs,
+            outputLimitBytes: entry.outputLimitBytes,
+            targetPaths: options.targetPaths ?? [],
+        };
+        const plan = buildSandboxExecutionPlan(this.request);
+        if (!plan.ok)
+            throw new Error(`${plan.error.code}: ${plan.error.message}`);
+        this.plan = plan.value;
+    }
+    dispatch(_request) {
+        const result = this.runner(this.request);
+        if (!result.ok)
+            throw new Error(`${result.error.code}: ${result.error.message}`);
+        const output = {
+            command: this.commandId,
+            executable: this.entry.executable,
+            args: this.entry.args,
+            exitCode: result.value.exitCode,
+            signal: result.value.signal,
+            timedOut: result.value.timedOut,
+            outputTruncated: result.value.outputTruncated,
+            stdout: result.value.stdout,
+            stderr: result.value.stderr,
+        };
+        const failed = result.value.timedOut || result.value.exitCode !== 0;
+        return {
+            output,
+            audit: {
+                adapter: this.id,
+                command: this.commandId,
+                description: this.entry.description,
+                boundedProcess: true,
+                shell: false,
+                argv: [this.entry.executable, ...this.entry.args],
+                cwd: this.plan.request.cwd,
+            },
+            ...(failed ? { failure: { reason: result.value.timedOut ? 'command-timed-out' : 'command-exit-nonzero', message: `Allowlisted command ${this.commandId} exited with ${result.value.exitCode ?? result.value.signal ?? 'unknown'}.` } } : {}),
+        };
+    }
+}
+export function commandAllowlistIds(allowlist = defaultCommandAllowlist) {
+    return Object.keys(allowlist).sort();
+}

package/dist/workflows/schema.js

@@ -0,0 +1,4 @@
+export const workflowIds = ['explore', 'quickfix', 'plan', 'build', 'debug', 'sdd'];
+export function isWorkflowId(value) {
+    return workflowIds.includes(value);
+}

package/dist/workflows/workflow-executor.js

@@ -0,0 +1,345 @@
+export class SafeNonDispatchingWorkflowExecutor {
+    id = 'safe-non-dispatching-workflow-executor';
+    kind = 'safe-non-dispatching';
+    execute(request) {
+        const base = this.basePayload(request);
+        const preflight = request.preflight;
+        if (preflight === undefined) {
+            return this.blocked(request, base, 'missing-preflight', 'Workflow execution requires an auditable preflight record before any dispatch decision.', 'Record preflight through the existing safety gate, then retry execute.');
+        }
+        if (!hasPreflightAudit(preflight)) {
+            return this.blocked(request, base, 'missing-preflight-audit', 'Workflow execution preflight is missing required audit identifiers.', 'Inspect the run safety events, then retry after a complete preflight is recorded.');
+        }
+        if (preflight.outcome === 'blocked') {
+            return this.blocked(request, base, 'preflight-blocked', 'Provider delegation preflight blocked this execution request.', 'Inspect preflight audit and resolve the denied permission or sandbox blocker before retrying.');
+        }
+        const approvalId = preflight.approval?.id ?? preflight.audit.approvalId;
+        const nextAction = preflight.outcome === 'approval-needed'
+            ? `Review approval ${approvalId ?? '<pending>'}; safe provider execution is not automated by ${this.id}.`
+            : `Preflight allowed the request, but ${this.id} never calls providers; dispatch manually only after human review or install an approved concrete executor.`;
+        const reason = preflight.outcome === 'approval-needed' ? 'approval-required' : 'no-approved-concrete-executor';
+        const message = preflight.outcome === 'approval-needed'
+            ? 'Preflight requires human approval; the safe default executor recorded readiness without dispatching.'
+            : 'No approved concrete provider executor is wired; the safe default executor recorded readiness without dispatching.';
+        return {
+            status: 'needs-human',
+            dispatched: false,
+            dispatchMode: 'ready-to-dispatch',
+            executorId: this.id,
+            executorKind: this.kind,
+            reason,
+            message,
+            audit: executorAudit(this, preflight),
+            checkpointLabel: 'workflow-execution-requested',
+            checkpointPayload: {
+                ...base,
+                status: 'needs-human',
+                dispatched: false,
+                dispatchMode: 'ready-to-dispatch',
+                executorId: this.id,
+                executorKind: this.kind,
+                reason,
+                message,
+                safetyGates: safetyGatesPayload(request, preflight),
+                nextAction,
+            },
+            nextAction,
+        };
+    }
+    blocked(request, base, reason, message, nextAction) {
+        const audit = request.preflight === undefined ? { executorId: this.id, executorKind: this.kind, preflightPresent: false } : executorAudit(this, request.preflight);
+        return {
+            status: 'blocked',
+            dispatched: false,
+            dispatchMode: 'not-dispatched',
+            executorId: this.id,
+            executorKind: this.kind,
+            reason,
+            message,
+            audit,
+            checkpointLabel: 'workflow-execution-blocked',
+            checkpointPayload: {
+                ...base,
+                status: 'blocked',
+                dispatched: false,
+                dispatchMode: 'not-dispatched',
+                executorId: this.id,
+                executorKind: this.kind,
+                reason,
+                message,
+                safetyGates: safetyGatesPayload(request, request.preflight),
+                nextAction,
+            },
+            nextAction,
+        };
+    }
+    basePayload(request) {
+        return {
+            kind: 'workflow-execution-requested',
+            version: 1,
+            runId: request.run.id,
+            workflow: request.workflow.id,
+            phase: request.run.phase,
+            selectedAgent: request.selectedAgentSummary,
+            requestedOperation: operationMetadataForWorkflowExecution(request.requestedOperation),
+            recommendation: request.plannerRecommendation.recommendation,
+            planner: request.plannerRecommendation.planner,
+            safety: workflowExecutorSafety(request.preflight !== undefined),
+        };
+    }
+}
+export class GuardedProviderWorkflowExecutor {
+    id = 'guarded-provider-workflow-executor';
+    kind = 'provider-adapter';
+    adapter;
+    capabilities;
+    constructor(options = {}) {
+        this.adapter = options.adapter;
+        this.capabilities = {
+            sandboxEnforceable: options.capabilities?.sandboxEnforceable === true,
+            processExecutionEnforceable: options.capabilities?.processExecutionEnforceable === true,
+            workspaceBoundaryEnforced: options.capabilities?.workspaceBoundaryEnforced === true,
+            providerConfigWritesBlocked: options.capabilities?.providerConfigWritesBlocked === true,
+        };
+    }
+    execute(request) {
+        const base = basePayload(request);
+        const preflight = request.preflight;
+        const blocker = this.firstBlocker(request, preflight);
+        if (blocker !== undefined) {
+            const status = blocker.needsHuman === true ? 'needs-human' : 'blocked';
+            return result({
+                request,
+                base,
+                executor: this,
+                status,
+                dispatched: false,
+                dispatchMode: 'not-dispatched',
+                reason: blocker.reason,
+                message: blocker.message,
+                nextAction: blocker.nextAction,
+            });
+        }
+        if (this.adapter === undefined) {
+            return result({
+                request,
+                base,
+                executor: this,
+                status: 'blocked',
+                dispatched: false,
+                dispatchMode: 'not-dispatched',
+                reason: 'missing-provider-dispatch-adapter',
+                message: 'Provider executor safety gates passed, but no explicit dispatch adapter was injected.',
+                nextAction: 'Inject an approved provider dispatch adapter in a controlled runtime; production defaults do not dispatch providers.',
+            });
+        }
+        try {
+            const adapterResult = this.adapter.dispatch(request);
+            const audit = providerExecutorAudit(this, request.preflight, effectiveCapabilities(this.capabilities, request.sandboxExecutionEvidence), request.sandboxExecutionEvidence, this.adapter, adapterResult.audit);
+            const failure = adapterResult.failure;
+            const failed = failure !== undefined;
+            return {
+                status: failed ? 'failed' : 'dispatched',
+                dispatched: true,
+                dispatchMode: 'provider-adapter',
+                executorId: this.id,
+                executorKind: this.kind,
+                reason: failure?.reason ?? 'provider-dispatch-adapter-invoked',
+                message: failure?.message ?? 'Provider dispatch adapter invoked after all enforced safety gates passed.',
+                audit,
+                checkpointLabel: 'workflow-execution-dispatched',
+                checkpointPayload: {
+                    ...base,
+                    status: failed ? 'failed' : 'dispatched',
+                    dispatched: true,
+                    dispatchMode: 'provider-adapter',
+                    executorId: this.id,
+                    executorKind: this.kind,
+                    reason: failure?.reason ?? 'provider-dispatch-adapter-invoked',
+                    message: failure?.message ?? 'Provider dispatch adapter invoked after all enforced safety gates passed.',
+                    safetyGates: safetyGatesPayload(request, request.preflight),
+                    providerCapabilities: effectiveCapabilities(this.capabilities, request.sandboxExecutionEvidence),
+                    sandboxExecutionEvidence: request.sandboxExecutionEvidence,
+                    adapter: { id: this.adapter.id },
+                    output: adapterResult.output ?? null,
+                    nextAction: failed ? 'Inspect allowlisted command failure output before retrying or finalizing the run.' : 'Inspect provider adapter audit/output and continue run finalization manually.',
+                },
+                nextAction: failed ? 'Inspect allowlisted command failure output before retrying or finalizing the run.' : 'Inspect provider adapter audit/output and continue run finalization manually.',
+            };
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : 'Provider dispatch adapter threw an unknown error.';
+            return result({
+                request,
+                base,
+                executor: this,
+                status: 'failed',
+                dispatched: false,
+                dispatchMode: 'not-dispatched',
+                reason: 'provider-dispatch-adapter-failed',
+                message,
+                nextAction: 'Inspect adapter failure audit before retrying; do not assume provider execution succeeded.',
+            });
+        }
+    }
+    firstBlocker(request, preflight) {
+        if (preflight === undefined)
+            return { reason: 'missing-preflight', message: 'Provider dispatch requires an auditable preflight record.', nextAction: 'Record preflight through the existing safety gate, then retry execute.' };
+        if (!hasPreflightAudit(preflight))
+            return { reason: 'missing-preflight-audit', message: 'Provider dispatch preflight is missing required audit identifiers.', nextAction: 'Inspect run safety events, then retry after complete preflight is recorded.' };
+        if (preflight.outcome === 'blocked')
+            return { reason: 'preflight-blocked', message: 'Provider dispatch preflight blocked this execution request.', nextAction: 'Resolve the denied permission or sandbox blocker before retrying.' };
+        if (preflight.outcome === 'approval-needed')
+            return { reason: 'approval-required', message: 'Provider dispatch is blocked until the approval is resolved and a fresh allowed preflight is recorded.', nextAction: `Resolve approval ${preflight.approval?.id ?? preflight.audit.approvalId ?? '<pending>'}, then re-run execute for a fresh preflight.`, needsHuman: true };
+        if (!preflight.eligibleForFutureExecution)
+            return { reason: 'preflight-not-eligible-for-execution', message: 'Preflight did not mark this operation eligible for future execution.', nextAction: 'Inspect execution plan blockers before retrying.' };
+        const evidence = request.sandboxExecutionEvidence;
+        if (evidence === undefined)
+            return { reason: 'missing-enforceable-sandbox', message: 'Provider dispatch requires enforceable sandbox/process evidence; planning-only execution plans are insufficient.', nextAction: 'Build and attach bounded-process sandbox evidence after approval/preflight before injecting a provider adapter.' };
+        if (!evidence.enforceable || !evidence.validation.accepted)
+            return { reason: 'sandbox-evidence-not-enforceable', message: 'Sandbox/process evidence exists but is not enforceable and accepted.', nextAction: 'Rebuild sandbox evidence with accepted realpath, argv, allowlist, timeout, and output-cap checks.' };
+        if (preflight.plan.executable !== true)
+            return { reason: 'execution-plan-not-executable', message: 'Execution plan is not executable.', nextAction: 'Use an execution plan with enforceable sandbox/process capability before dispatch.' };
+        const providerExecutionPlanned = preflight.plan.executesProvider === true;
+        const boundedCommandAdapter = this.adapter?.id === 'command-allowlist-adapter' && evidence.strategy === 'bounded-process';
+        if (!providerExecutionPlanned && !boundedCommandAdapter)
+            return { reason: 'execution-plan-planning-only', message: 'Current execution plan is planning-only and does not authorize provider execution even though sandbox evidence is present.', nextAction: 'Use an approved executable provider execution plan plus enforceable sandbox evidence before dispatch.' };
+        if (preflight.plan.limitations.some((limitation) => limitation.startsWith('planning-only:')) && request.sandboxExecutionEvidence?.strategy !== 'bounded-process')
+            return { reason: 'execution-plan-planning-only', message: 'Current execution plan explicitly says it is planning-only.', nextAction: 'Use an executable provider execution plan before provider dispatch.' };
+        if (request.workspaceRoot.length === 0 || request.requestedOperation.workspaceRoot === undefined)
+            return { reason: 'missing-workspace-boundary', message: 'Provider dispatch requires explicit workspace root constraints.', nextAction: 'Retry with an explicit workspace root after boundary enforcement is available.' };
+        const capabilities = effectiveCapabilities(this.capabilities, evidence);
+        if (!capabilities.workspaceBoundaryEnforced)
+            return { reason: 'workspace-boundary-not-enforceable', message: 'Workspace boundary constraints are present but not enforceable in this runtime.', nextAction: 'Enable realpath/workspace boundary enforcement before dispatch.' };
+        if (!capabilities.sandboxEnforceable || !capabilities.processExecutionEnforceable)
+            return { reason: 'sandbox-not-enforceable', message: 'Sandbox/process execution capability is not enforceable; provider dispatch is refused.', nextAction: 'Add an enforceable sandbox/process runner before using --executor provider.' };
+        if (!capabilities.providerConfigWritesBlocked)
+            return { reason: 'provider-config-write-guard-missing', message: 'Provider config write attempts are not proven blocked for dispatch.', nextAction: 'Install a provider config write guard before dispatch.' };
+        if (request.requestedOperation.operation.toLowerCase().includes('config') || request.requestedOperation.providerToolName?.toLowerCase().includes('config'))
+            return { reason: 'provider-config-write-intent', message: 'Provider dispatch refuses operations that appear to target provider configuration.', nextAction: 'Use a read-only workflow dispatch operation, not provider config mutation.' };
+        if (request.selectedAgent.id.length === 0 || request.workflow.id !== request.run.workflow)
+            return { reason: 'missing-agent-or-workflow-metadata', message: 'Selected agent and matching workflow metadata are required before provider dispatch.', nextAction: 'Resolve run-selected agent and workflow metadata before retrying.' };
+        if (request.plannerRecommendation.recommendation === null)
+            return { reason: 'missing-planner-recommendation', message: 'Planner recommendation metadata is required before provider dispatch.', nextAction: 'Regenerate workflow execution recommendation before retrying.' };
+        return undefined;
+    }
+}
+export function workflowExecutorSafety(preflightRecorded) {
+    return {
+        executed: false,
+        dispatched: false,
+        recordsRuns: true,
+        callsProvider: false,
+        providerExecutorInvoked: false,
+        preflightRecorded,
+        editsFiles: false,
+        writesProviderConfig: false,
+        createsSubagents: false,
+        mutatesSddArtifacts: false,
+        notes: [
+            'Delegated execution is opt-in only and never happens through normal workflow run.',
+            'The safe default workflow executor records an auditable execution request/preflight state; it does not call providers or shell out to OpenCode.',
+        ],
+    };
+}
+export function providerWorkflowExecutorSafety(preflightRecorded, capabilities) {
+    return {
+        ...workflowExecutorSafety(preflightRecorded),
+        providerExecutorInvoked: true,
+        callsProvider: false,
+        providerDispatchGuarded: true,
+        enforceableCapabilities: capabilities,
+    };
+}
+export function operationMetadataForWorkflowExecution(operation) {
+    return {
+        category: operation.category,
+        operation: operation.operation,
+        providerToolName: operation.providerToolName ?? null,
+        workspaceRoot: operation.workspaceRoot ?? null,
+        ambiguous: operation.ambiguous === true,
+        input: operation.input ?? null,
+    };
+}
+function safetyGatesPayload(request, preflight) {
+    return {
+        ...request.gates,
+        preflightOutcome: preflight?.outcome ?? null,
+        preflightAudit: preflight?.audit ?? null,
+    };
+}
+function basePayload(request) {
+    return {
+        kind: 'workflow-execution-requested',
+        version: 1,
+        runId: request.run.id,
+        workflow: request.workflow.id,
+        phase: request.run.phase,
+        selectedAgent: request.selectedAgentSummary,
+        requestedOperation: operationMetadataForWorkflowExecution(request.requestedOperation),
+        recommendation: request.plannerRecommendation.recommendation,
+        planner: request.plannerRecommendation.planner,
+        safety: workflowExecutorSafety(request.preflight !== undefined),
+    };
+}
+function result(input) {
+    return {
+        status: input.status,
+        dispatched: input.dispatched,
+        dispatchMode: input.dispatchMode,
+        executorId: input.executor.id,
+        executorKind: input.executor.kind,
+        reason: input.reason,
+        message: input.message,
+        audit: input.request.preflight === undefined ? { executorId: input.executor.id, executorKind: input.executor.kind, preflightPresent: false, dispatched: false } : executorAudit(input.executor, input.request.preflight),
+        checkpointLabel: input.status === 'needs-human' ? 'workflow-execution-requested' : 'workflow-execution-blocked',
+        checkpointPayload: {
+            ...input.base,
+            status: input.status,
+            dispatched: input.dispatched,
+            dispatchMode: input.dispatchMode,
+            executorId: input.executor.id,
+            executorKind: input.executor.kind,
+            reason: input.reason,
+            message: input.message,
+            safetyGates: safetyGatesPayload(input.request, input.request.preflight),
+            nextAction: input.nextAction,
+        },
+        nextAction: input.nextAction,
+    };
+}
+function executorAudit(executor, preflight) {
+    return {
+        executorId: executor.id,
+        executorKind: executor.kind,
+        preflightOutcome: preflight.outcome,
+        preflightAudit: preflight.audit,
+        eligibleForFutureExecution: preflight.eligibleForFutureExecution,
+        dispatched: false,
+    };
+}
+function providerExecutorAudit(executor, preflight, capabilities, sandboxExecutionEvidence, adapter, adapterAudit) {
+    return {
+        executorId: executor.id,
+        executorKind: executor.kind,
+        preflightOutcome: preflight?.outcome ?? null,
+        preflightAudit: preflight?.audit ?? null,
+        eligibleForFutureExecution: preflight?.eligibleForFutureExecution ?? null,
+        dispatched: true,
+        adapter: { id: adapter.id },
+        providerCapabilities: capabilities,
+        sandboxExecutionEvidence: sandboxExecutionEvidence ?? null,
+        adapterAudit: adapterAudit ?? null,
+    };
+}
+function effectiveCapabilities(options, evidence) {
+    return {
+        sandboxEnforceable: options.sandboxEnforceable || evidence?.capabilities.sandboxEnforceable === true,
+        processExecutionEnforceable: options.processExecutionEnforceable || evidence?.capabilities.processExecutionEnforceable === true,
+        workspaceBoundaryEnforced: options.workspaceBoundaryEnforced || evidence?.capabilities.workspaceBoundaryEnforced === true,
+        providerConfigWritesBlocked: options.providerConfigWritesBlocked || evidence?.capabilities.providerConfigWritesBlocked === true,
+    };
+}
+function hasPreflightAudit(preflight) {
+    return preflight.audit.permissionEventId.length > 0 && preflight.audit.planEventId.length > 0;
+}