/**
 * CLI observation record builder.
 *
 * Assembles the final `org.peacprotocol/cli-execution` observation
 * record from the raw capture result + the flag-derived capture policy.
 * Applies argv encoding, env filtering (captures only what the policy
 * records; never mutates the child's execution env), cwd / binary-path
 * encoding, and secret-scan suppression on stdout / stderr samples.
 *
 * Builder hard-fail invariants (mirrors of the schema invariants;
 * surface the failure before emission so a flag-layer bug cannot
 * produce a misleading record):
 *   - command.program is basename-only; path-bearing tokens are
 *     reduced to their basename. Path disclosure is governed by
 *     --capture-binary-path and lives only under binary.path_*.
 *   - raw argv tokens that exceed argv_max_bytes hard-fail with
 *     `cli.argv_token_too_long`; raw mode never silently truncates.
 *   - env.mode='raw' with rawEnvEnabled=false hard-fails with
 *     `cli.env_mode_inconsistent` rather than silently downgrading
 *     to hashed.
 */
export declare class CliObservationBuilderError extends Error {
    readonly code: string;
    constructor(code: string, message: string);
}
import { type CliExecutionObservation } from '@peac/schema';
import type { CaptureResult } from './capture.js';
export type ArgvMode = 'hashed' | 'redacted' | 'raw';
export type CwdMode = 'none' | 'hashed' | 'basename' | 'absolute';
export type BinaryPathMode = 'none' | 'hashed' | 'absolute';
export type EnvMode = 'hashed' | 'raw';
export type StdinMode = 'none' | 'length-only' | 'hashed';
export type ExitCodeMode = 'child' | 'record';
export type ExecutionMode = 'deterministic_script' | 'templated_flow' | 'agent_loop' | 'human_step' | 'hybrid';
export interface BuilderInput {
    capture: CaptureResult;
    /**
     * The program token AS THE USER SUPPLIED IT (e.g. `node`, `./script.sh`,
     * `/usr/bin/env`). This is what `command.program` records -- it does NOT
     * leak the resolved absolute path. Path disclosure is governed
     * exclusively by `--capture-binary-path` (recorded in `binary.path_*`).
     */
    programToken: string;
    /**
     * The resolved absolute path the wrapper actually spawned. Used
     * internally for stat metadata and content digest under
     * `--capture-binary-path hashed|absolute` -- NEVER recorded under
     * `command.program`.
     */
    resolvedProgramPath: string;
    /** Argv tail as supplied (post-`--`); never modified. */
    rawArgv: string[];
    cwd: string;
    argvMode: ArgvMode;
    cwdMode: CwdMode;
    binaryPathMode: BinaryPathMode;
    envMode: EnvMode;
    stdinMode: StdinMode;
    envAllowlist: string[];
    parentEnv: NodeJS.ProcessEnv;
    rawCaptureEnabled: boolean;
    rawEnvEnabled: boolean;
    secretScanEnabled: boolean;
    secretScanDisabledUnsafely: boolean;
    argvCaptureBytes: number;
    stdoutSampleBytes: number;
    stderrSampleBytes: number;
    timeoutMs: number;
    killGraceMs: number;
    exitCodeMode: ExitCodeMode;
    executionMode: ExecutionMode;
    shellMode: boolean;
    policyDigest?: string;
    configDigest?: string;
    approvalRef?: string;
    peacCliVersion: string;
}
export declare function buildObservation(input: BuilderInput): Promise<CliExecutionObservation>;
//# sourceMappingURL=observation-builder.d.ts.map