A runtime adapter is only useful if a customer can reproduce it outside the lab. This run starts from a clean npm workspace and exercises the exact operator path we want: initialize the runtime, write the config, connect to the agent, and run a local proof. The same command shape now covers OpenClaw, Hermes, MCP tool hosts, and custom HTTP agents.
The install path generated adapters and ran proof from a fresh folder.
The verifier used the packed CLI artifact instead of the repository source tree. It then created local bridge processes for all four runtime families and ran installed imladri agent init plus imladri agent verify.
| Step | Result |
|---|---|
| Package | Packed the local Imladri CLI and installed it into a fresh npm workspace. |
| OpenClaw | Generated config, connected to the local bridge, and detected 37 actions through the adapter contract. |
| Hermes | Generated config, connected to the local bridge, and detected native Hermes actions. |
| MCP | Generated config for an MCP tool host and verified JSON-RPC-style tool discovery through the adapter. |
| Generic HTTP | Generated config for a custom HTTP agent endpoint and verified the same adapter shape. |
| Proof | Ran installed imladri agent verify with 100 samples and 100-way concurrency. |
Four runtimes, one command shape.
The runtime name changes, but the product path stays the same: initialize the adapter, provide an endpoint, verify the response, publish policy, wrap actions, and export evidence.
| Runtime | Init command |
|---|---|
| OpenClaw | imladri agent init --runtime openclaw |
| Hermes | imladri agent init --runtime hermes |
| MCP | imladri agent init --runtime mcp |
| Custom | imladri agent init --runtime custom |
The installed CLI re-ran the shared runtime proof.
The installed package ran the embedded parity verifier, not a static screenshot. The important checks are the same ones a customer would care about before trusting a wrapper path.
| Check | Outcome |
|---|---|
| Allowed bodies | OpenClaw, Hermes, MCP, and Generic HTTP each ran safe actions. |
| Denied bodies | All four runtimes denied prohibited actions before body entry. |
| Mixed concurrency | 100/100 mixed-runtime prohibited attempts blocked. |
| Delegation | Delegated dangerous actions blocked at the receiving runtime boundary. |
| Shared halt | One halted preflight boundary stopped every runtime before body entry. |
| Fail closed | Strict preflight transport failure denied every runtime. |
| Evidence | All runtime events shared the required normalized proof schema. |
The public artifact is sanitized for publication.
The JSON includes pass/fail steps, detected action counts, runtime list, verifier output, and the high-level result. Local machine paths and temporary workspace paths are intentionally omitted.
Clean-install artifact: agent-runtime-clean-install-20260519.json
This proves installability and adapter consistency.
This is not a claim that every unwrapped plugin is protected automatically. The claim is narrower and more useful: the same Imladri adapter contract can be generated, connected, tested, and verified from a fresh install across four runtime families.