Complete the runtime you already have#
The connected-runtime reference bridge is a starter adapter for teams that want to keep a trusted external agent runtime while adding LumenFlow governance. It is not a second dashboard, a bridge-only ledger, or a public compute marketplace.
The bridge proves the trusted-compute path:
- external runtimes identify themselves as canonical connected activity
- governed tool calls still pass through LumenFlow Rules, budgets, and approval gates
- external-runtime proof lands in the same Evidence and Replay surfaces as first-party Sidekick work
What the starter does#
The starter client in src/lib/bridges/connected-runtime-reference.ts and
the CLI wrapper in tools/connected-runtime-reference-bridge.ts reuse the
same v1 routes as other governed runtime activity:
| Action | Route | Why it matters |
|---|---|---|
| Register | POST /api/v1/sessions | Establishes stable bridge session identity |
| Dispatch | POST /api/v1/sidekick/tools/[toolName] | Sends tool requests through canonical policy, approval, and budget checks |
| Evidence | POST /api/v1/evidence | Stores bridge-attributed receipts in the Evidence Vault |
Evidence receipts submitted through the starter are stamped with:
payload.bridge_identity— bridge kind, runtime name/version, external session, capability manifest, and acting principal when providedpayload.bridge_session— LumenFlow session and agent identifierspayload.governance_context— approval mode, budget scope, workspace role, authority mode, or observed revision when provided
Environment#
export LUMENFLOW_BASE_URL="https://lumenflow.cloud"
export LUMENFLOW_API_KEY="lf_..."
export LUMENFLOW_BRIDGE_SESSION_ID="external-runtime-session-1"
Optional metadata keeps the connected runtime attributable without creating a separate bridge product:
export LUMENFLOW_BRIDGE_AGENT_ID="connected-runtime-reference-bridge"
export LUMENFLOW_BRIDGE_RUNTIME_NAME="Partner Agent Runtime"
export LUMENFLOW_BRIDGE_RUNTIME_VERSION="2026.05.1"
export LUMENFLOW_BRIDGE_EXTERNAL_SESSION_ID="external-run-42"
export LUMENFLOW_BRIDGE_CAPABILITY_MANIFEST_JSON='{"execution_mode":"local_dev","trust_zone":"developer_machine","capabilities":["git","tests","shell:approval_required"]}'
export LUMENFLOW_BRIDGE_APPROVAL_MODE="review_required"
export LUMENFLOW_BRIDGE_BUDGET_SCOPE="workspace-default"
For larger manifests, set LUMENFLOW_BRIDGE_CAPABILITY_MANIFEST_PATH
to a JSON file. The manifest is stamped into bridge_identity so
session, heartbeat, and evidence records can distinguish developer
machines, CI runners, partner runtimes, and other trusted compute
surfaces.
Starter commands#
pnpm tsx tools/connected-runtime-reference-bridge.ts register
pnpm tsx tools/connected-runtime-reference-bridge.ts dispatch task:list '{"status":"pending"}'
pnpm tsx tools/connected-runtime-reference-bridge.ts evidence '{"receiptType":"bridge.proof","eventTs":"2026-05-04T12:00:00.000Z","payload":{"summary":"External runtime produced a governed plan."}}'
The evidence command also accepts an array of receipts or an object
with a receipts array. The CLI prints the accepted count returned by
the canonical Evidence route.
Product language#
Externally, describe this as a connected runtime or Connection that adds governance and Proof to an external agent. Internally, the implementation remains a reference bridge. Avoid introducing new product names or claiming LumenFlow runs arbitrary untrusted machines.
Use the simple framing:
Keep the agent runtime you prefer. Add LumenFlow when you need governance, approvals, and proof.