[codex] Collapse Summon to Arrow-only tool runtime

.agents/skills/summon/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: summon
-description: "Build, debug, or integrate Summon sandboxed generative UI: SurfacePlan contracts, contract-first prompts, JSONL protocol streaming, host-owned capabilities/resources, PolicyEngine grants, StreamGraph diagnostics, safety smoke tests, and adoption docs. Use when working in the Summon repo, adding capabilities/resources/workers/approval actions, debugging validation or sandbox behavior, or creating agent-authored Summon UIs."
+description: "Build, debug, or integrate Summon sandboxed generative UI: SurfacePolicy contracts, Arrow JSONL artifact streaming, host-owned tools/resources, PolicyEngine grants, StreamGraph diagnostics, safety smoke tests, and adoption docs. Use when working in the Summon repo, adding tools/resources/workers/approval actions, debugging validation or sandbox behavior, or creating agent-authored Summon UIs."
 ---
 
 # Summon
@@ -19,31 +19,30 @@ host app.
    native-wrapper behavior.
 6. Read `docs/adoption/security.md` before changing sandbox, CSP, grants,
    script policy, worker, approval, or production-tier behavior.
-7. Read `docs/adoption/debugging.md` before changing validation, repair,
-   stream graph, protocol, Devtools, or sandbox diagnostics.
+7. Read `docs/adoption/debugging.md` before changing validation, stream graph,
+   protocol, Devtools, or sandbox diagnostics.
 
 ## Core Architecture
 
 Follow this path unless the user explicitly asks for a runtime redesign:
 
 ```txt
-host capability registry
+host tool registry
   -> SurfacePolicy: tier/grants/components/purpose/persistence
   -> compiled SurfacePlan: purpose/runtime/data/authority/persistence
-  -> createCapabilityRegistry(...).toContract()
+  -> createToolRegistry(...).toContract()
   -> compileSystemContracts()
-  -> protocol hardener and repair feedback
-  -> SectionAccumulator and StreamGraph
+  -> Arrow protocol hardener
+  -> StreamGraph artifact diagnostics
   -> PolicyEngine and spawnSandbox()
 ```
 
-Capabilities are host-owned. The model sees the contract; the host owns
-handlers, network, credentials, state, grants, and the selected `SurfacePolicy`.
+Tools are host-owned. The model sees the contract; the host owns handlers,
+network, credentials, state, grants, and the selected `SurfacePolicy`.
 Generated artifacts must not emit or widen `/surface-policy` or `/surface-plan`.
 
-New generation servers should prefer `runSurfaceGeneration(input, emit)` from
-`@anarchitecture/summon-server`; `generateSurfaceStream()` remains available for
-existing async-generator integrations. Applications should consume built public
+Generation servers should use `runSurfaceGeneration(input, emit)` from
+`@anarchitecture/summon-server`. Applications should consume built public
 package exports, not `src/*.ts` paths or `@summon-internal/*` packages.
 
 Use `defineAction` and `defineDataResource` for common host-backed
@@ -54,12 +53,11 @@ host approval adapter.
 ## Safe Output Rules
 
 - Keep the iframe null-origin. Do not add `allow-same-origin`.
-- Grant intents and capabilities from the host with `grantedIntents` and
-  `grantedCapabilities`; never trust artifact-declared intents or capabilities
-  as permission.
-- Prefer declarative interactive surfaces with `scriptPolicy: "forbid"` and
-  `data-summon-*` bindings. Treat `scriptPolicy: "allow"` as an escalation for
-  hosts that intentionally permit custom artifact scripts.
+- Grant tools from the host with `grantedTools`; never trust artifact-declared
+  tools as permission.
+- Prefer Arrow-native generated artifacts with `host-bridge:summon` and
+  `callTool()`. Generated custom scripts, legacy runtime controls, and raw
+  section/fragment protocols are rejected before generation or at the parser.
 - Use `defineDataResource` for host-backed async data, with loading, error, and
   data state keys.
 - Resource UIs must render loading, error, and data states.
@@ -70,14 +68,14 @@ host approval adapter.
 ## Debug Loop
 
 For generation failures, inspect `/error`, `/validation-summary`,
-`/validation-blocked`, `/repair-feedback`, `/repair-summary`,
-`/stream-graph-summary`, `/protocol-skip`, `/surface-policy`,
-`/surface-plan`, `/shape`, `/token-overrides`, `/screen-synthesized`, and
-`/mode-upgraded`.
-
-For client behavior, inspect Devtools events: `surface-plan`, `protocol-line`,
-`protocol-parse-error`, `sandbox-ready`, `render`, `intent-emitted`,
-`intent-rejected`, `intent-dispatched`, `intent-settled`, `state-pushed`,
+`/validation-blocked`, `/stream-graph-summary`, `/protocol-skip`,
+`/surface-policy`, `/surface-plan`, `/surface-contract`, `/agent-goal`,
+`/agent-policy-resolution`, `/shape`, `/token-overrides`, and `/mode-upgraded`.
+
+For client behavior, inspect Devtools events: `surface-plan`,
+`surface-contract`, `protocol-line`, `protocol-parse-error`, `sandbox-ready`,
+`render`, `rendered`, `tool-called`, `tool-rejected`,
+`tool-dispatched`, `tool-settled`, `state-pushed`, `component-sync`,
 `stream-graph`, and `sandbox-fatal`.
 
 Use `ContractIssue` plus `hintsForContractIssue(issue)` when feeding validation
@@ -91,7 +89,10 @@ the requested grant/component exceeds the selected `SurfacePolicy` or compiled
 pnpm typecheck
 pnpm test
 pnpm test:safety
+pnpm test:gallery
 pnpm build
+pnpm check:public-api
+pnpm smoke:public-packages
 pnpm pack:dry-run
 pnpm dev:gallery
 pnpm dev:workbench
@@ -107,7 +108,7 @@ boot. It starts only the Vite demo app and does not require
 
 Manual smoke path: run `pnpm dev:workbench`, open `http://localhost:5173/generate`, choose the
 **Host-resource search** showcase scenario, keep **Free layout**, confirm the
-contract cockpit shows `explore/declarative/host-resource/read/replayable` and
+contract cockpit shows `explore/arrow/host-resource/read/replayable` and
 `Grants 1: search`, run the scenario, submit a generated search such as
 `chicken pasta`, inspect the Stream and Devtools drawers, replay from Saved
 surfaces, then open `http://localhost:5173/adversarial`. Use `/batch`,

README.md

@@ -64,7 +64,7 @@ the canonical `.ghost/fingerprint/manifest.yml` package layout. The Surface
 Gallery adds a Ghost fingerprint preset for each root, and the Generate
 workbench adds a `Fingerprint · <id>` option. A fingerprint run is not a bundled
 visual direction: Summon consumes the Ghost relay brief as product design
-direction, then applies host-owned policy, capabilities, and token CSS.
+direction, then applies host-owned policy, tools, and token CSS.
 
 The full guided path lives in
 [docs/adoption/quickstart.md](docs/adoption/quickstart.md).
@@ -98,7 +98,7 @@ pnpm dev:demos
   surface, and a small event strip.
 - `/generate` - diagnostic maintainer workbench for broker-selected
   surface configs, allowed host tools, trusted host components, token
-  overrides, validation retries, edit/replay, Ghost steering, Devtools, and
+  overrides, validation summaries, replay, Ghost steering, Devtools, and
   stream diagnostics.
 - `/batch` - parallel broker harness for prompt coverage, host tool
   wiring, direction-token visual coverage, throughput, and consistency checks.
@@ -114,7 +114,8 @@ pnpm dev:demos
   helpers, and explicit subpaths for advanced browser, engine, host, policy,
   envelope, assets, and Devtools APIs.
 - `@anarchitecture/summon-server` - provider-neutral generation lifecycle,
-  validation retries, summaries, and model-provider interfaces.
+  Arrow protocol hardening, validation summaries, and model-provider
+  interfaces.
 - `@anarchitecture/summon-react` - `SummonSurface` and React trusted-component
   adapter. `react` and `react-dom` are peer dependencies.
 
@@ -125,7 +126,7 @@ pnpm dev:demos
   `packages/sandbox-runtime`, `packages/server`, `packages/react` - private
   implementation workspaces published only through the public facades.
 - `apps/server` - multi-provider demo server for Anthropic, OpenAI, and Gemini,
-  direction loading, validation retry feedback, and demo backing routes.
+  direction loading, Arrow protocol diagnostics, and demo backing routes.
 - `apps/surface-gallery` - first-run live example app for OSS adopters.
 - `apps/demo` - Vite maintainer workbench for generation, batch runs,
   adversarial checks, strict input, Ghost steering, diagnostics, and fatal

apps/demo/src/App.tsx

@@ -7,7 +7,6 @@ import { ThemeProvider, ThemeToggle } from './theme.js';
 const AdversarialPage = lazy(() => import('./pages/AdversarialPage.js').then((module) => ({ default: module.AdversarialPage })));
 const BatchPage = lazy(() => import('./pages/BatchPage.js').then((module) => ({ default: module.BatchPage })));
 const FatalPage = lazy(() => import('./pages/FatalPage.js').then((module) => ({ default: module.FatalPage })));
-const FragmentComparePage = lazy(() => import('./pages/FragmentComparePage.js').then((module) => ({ default: module.FragmentComparePage })));
 const GeneratePage = lazy(() => import('./pages/generate/GeneratePage.js').then((module) => ({ default: module.GeneratePage })));
 const StrictPage = lazy(() => import('./pages/StrictPage.js').then((module) => ({ default: module.StrictPage })));
 
@@ -27,7 +26,6 @@ function AppRoutes() {
           <Route path="/" element={<LandingPage />} />
           <Route path="/generate" element={<GeneratePage />} />
           <Route path="/batch" element={<BatchPage />} />
-          <Route path="/fragment-compare" element={<FragmentComparePage />} />
           <Route path="/adversarial" element={<AdversarialPage />} />
           <Route path="/strict" element={<StrictPage />} />
           <Route path="/fatal" element={<FatalPage />} />