feat(ui): add operator UI server, stores, and insights

README.md

@@ -42,6 +42,7 @@ TypeScript runtime for deterministic multi-agent execution with:
 - `src/mcp`: MCP config types/conversion/handlers
 - `src/security`: shell AST parsing, rules engine, secure executor, and audit sinks
 - `src/telemetry`: runtime event schema, sink fan-out, file sink, and Discord webhook sink
+- `src/ui`: local operator UI server, API routes, run-control service, and graph/event aggregation
 - `src/examples`: provider entrypoints (`codex.ts`, `claude.ts`)
 - `src/config.ts`: centralized env parsing/validation/defaulting
 - `tests`: manager, manifest, pipeline/orchestration, state, provisioning, MCP
@@ -68,6 +69,35 @@ npm run dev -- codex "List potential improvements."
 npm run dev -- claude "List potential improvements."
 ```
 
+## Operator UI
+
+Start the local UI server:
+
+```bash
+npm run ui
+```
+
+Then open:
+
+- `http://127.0.0.1:4317` (default)
+
+The UI provides:
+
+- graph visualizer with topology/retry rendering, edge trigger labels, node economics (duration/cost/tokens), and critical-path highlighting
+- node inspector with attempt metadata and injected `ResolvedExecutionContext` sandbox payload
+- live runtime event feed from `AGENT_RUNTIME_EVENT_LOG_PATH` with severity coloring (including security mirror events)
+- run trigger + kill switch backed by `SchemaDrivenExecutionEngine.runSession(...)`
+  - run mode selector: `provider` (real Codex/Claude execution) or `mock` (deterministic dry-run executor)
+  - provider selector: `codex` or `claude`
+- run history from `AGENT_STATE_ROOT`
+- forms for runtime Discord webhook settings, security policy, and manager/resource limits
+- manifest editor/validator/saver for schema `"1"` manifests
+
+Provider mode notes:
+
+- `provider=codex` uses existing OpenAI/Codex auth settings (`OPENAI_AUTH_MODE`, `CODEX_API_KEY`, `OPENAI_API_KEY`).
+- `provider=claude` uses Claude auth resolution (`CLAUDE_CODE_OAUTH_TOKEN` preferred, otherwise `ANTHROPIC_API_KEY`, or existing Claude Code login state).
+
 ## Manifest Semantics
 
 `AgentManifest` (schema `"1"`) validates:
@@ -121,6 +151,11 @@ Each runtime event is written as one NDJSON object with:
 - `message`
 - optional `usage` (`tokenInput`, `tokenOutput`, `tokenTotal`, `toolCalls`, `durationMs`, `costUsd`)
 - optional structured `metadata`
+  - `node.attempt.completed` metadata includes:
+    - `executionContext` (resolved sandbox payload injected into executor)
+    - `topologyKind`
+    - `retrySpawned`
+    - optional `fromNodeId`, `subtasks`, `securityViolation`
 
 ### Runtime Event Setup
 
@@ -257,6 +292,11 @@ jq -c 'select(.severity=="critical")' .ai_ops/events/runtime-events.ndjson
 - `AGENT_RUNTIME_DISCORD_MIN_SEVERITY` (`info`, `warning`, or `critical`)
 - `AGENT_RUNTIME_DISCORD_ALWAYS_NOTIFY_TYPES` (CSV event types such as `session.started,session.completed,session.failed`)
 
+### Operator UI
+
+- `AGENT_UI_HOST` (default `127.0.0.1`)
+- `AGENT_UI_PORT` (default `4317`)
+
 ### Runtime-Injected (Do Not Configure In `.env`)
 
 - `AGENT_REPO_ROOT`