Prototype LLRT native executor and package

[robinbraemer]

Summary

This PR prototypes an LLRT-first execution path for codemode and prepares a standalone TypeScript-friendly @robinbraemer/llrt package.

It includes:

• A new packages/llrt package with a napi-rs Rust binding around LLRT's Rust VM API.
• A JSON-safe LlrtRuntime.callJson<TInput, TOutput>() API with typed success/failure results, memory/wall-time/stack options, host callbacks, fresh VM per call, and tests for errors, isolation, callbacks, memory, timeout, and stress behavior.
• Optional native package layout for darwin/linux arm64/x64, native artifact verification scripts, packed-install smoke testing, and a GitHub Actions native matrix workflow.
• Codemode integration via LlrtNativeExecutor, createExecutor() preference for LLRT when installed, and fallback executors left in place.
• An LLRT process executor proof of concept for comparison.
• Benchmark tooling and a saved report comparing llrt-native, isolated-vm, and QuickJS WASM.
• Design and implementation notes under internal/superpowers/.
• Release-ready package metadata for @robinbraemer/llrt@0.1.0 and @robinbraemer/codemode@0.3.0.

Verification

Local verification:

• mise exec -- task ci
• mise exec -- pnpm --filter @robinbraemer/llrt exec vitest run test/package-publication.test.ts test/native-artifact-verifier.test.ts
• mise exec -- pnpm --filter @robinbraemer/codemode exec vitest run test/package-publication.test.ts
• mise exec -- pnpm --filter @robinbraemer/llrt run verify:native-artifacts
• mise exec -- pnpm --filter @robinbraemer/llrt run smoke:packed-install
• mise exec -- pnpm --filter @robinbraemer/codemode run benchmark:executors -- --report internal/superpowers/reports/2026-06-10-llrt-executor-benchmark.md --json internal/superpowers/reports/2026-06-10-llrt-executor-benchmark.json
• mise exec -- go run github.com/rhysd/actionlint/cmd/actionlint@latest .github/workflows/*.yml

GitHub verification on head e74ef1f:

• CI: pass
• LLRT Native Packages / Build darwin-arm64: pass
• LLRT Native Packages / Build darwin-x64: pass
• LLRT Native Packages / Build linux-arm64-gnu: pass
• LLRT Native Packages / Build linux-x64-gnu: pass
• LLRT Native Packages / Package LLRT: pass

Current verdict

LLRT is now a strong default candidate for codemode. This PR proves the practical package boundary: importable TypeScript API, napi-rs bridge, fresh VM isolation, JSON-safe host callbacks, resource controls, codemode executor compatibility, reproducible native artifacts across the target runner matrix, and packed-install smoke coverage.

The production adoption still needs a separate CNAP-side package consumption change after this package is merged/released. Keep fallback engine selection available for emergency rollback while LLRT becomes the preferred/default executor.

Handoff prompt for the next AI agent

You are continuing the LLRT-first runtime adoption work after this cnap-tech/codemode PR. Preserve the current direction unless evidence contradicts it: standalone @robinbraemer/llrt package first, codemode consumes it through a thin adapter, fallback engines remain available for rollback.

Completed in this PR:

• packages/llrt exists as a standalone Node/TypeScript package backed by a Rust napi-rs addon.
• Public API is LlrtRuntime.callJson<TInput, TOutput>() with typed LlrtResult<TOutput>.
• Host callbacks are explicit and JSON-safe; no arbitrary live object injection.
• Each execution creates a fresh LLRT VM.
• Runtime/call options include memoryMB, wallTimeMs, cpuTimeMs placeholder, and maxStackBytes.
• Native binding uses LLRT/rquickjs APIs and reports typed errors such as TIMEOUT, MEMORY_LIMIT, SERIALIZATION_ERROR, EVALUATION_ERROR, NATIVE_LOAD_ERROR, and RUNTIME_DISPOSED.
• Codemode has LlrtNativeExecutor; createExecutor() prefers LLRT when @robinbraemer/llrt is installed, falls back only when the LLRT package itself is missing, and fails loudly when installed LLRT is broken.
• isolated-vm, QuickJS WASM, and LlrtProcessExecutor remain available.
• Native packages are laid out under packages/llrt/npm/* for darwin/linux arm64/x64.
• .github/workflows/llrt-native.yml builds and packages all native artifacts.
• verify:native-artifacts validates optional native package manifests; strict mode also requires .node files after artifacts are downloaded.
• smoke:packed-install packs main + current native package and tests import/execution from a temporary consumer project.
• Benchmark tooling exists at packages/codemode/scripts/benchmark-executors.ts, with a saved report at internal/superpowers/reports/2026-06-10-llrt-executor-benchmark.md.
• Design/spec notes live at internal/superpowers/specs/2026-06-10-standalone-llrt-typescript-runtime-design.md and internal/superpowers/plans/2026-06-10-standalone-llrt-calljson.md.

Recommended next steps:

1. Merge this PR and publish @robinbraemer/llrt@0.1.0 plus @robinbraemer/codemode@0.3.0 using the repository's release process.
2. In the CNAP repo, update the codemode dependency to the released codemode package and explicitly install @robinbraemer/llrt so the optional peer is present in production.
3. Change CNAP's codemode service executor selection to use the LLRT executor by default on Node, keeping a direct fallback switch to isolated-vm or QuickJS for rollback.
4. Add CNAP-side tests around executor selection and at least one representative codemode execution path.
5. Run focused CNAP verification for the codemode domain package, then the repo-required preflight if preparing a CNAP PR.
6. Only remove fallback engines after production telemetry shows LLRT is stable under real CNAP workloads.

Important local caveats:

• Use mise exec -- ... for codemode verification so Node stays at the pinned Node 24 ABI. Running raw task ci under Node 26 can fail because isolated-vm was built for Node 24.
• .codex/ is unrelated and should not be committed.
• Generated native binaries, dist/, node_modules/, packages/llrt/vendor/, packages/llrt/native/target/, *.node, and *.tgz are intentionally ignored.