feat(kernel): add production hot reload, full plugin isolation, and dynamic loading protocol

- Enhanced PluginHotReloadSchema with environment modes (dev/staging/production) and
  production safety features (health validation, rollback, connection draining)
- Enhanced PluginSandboxingSchema with isolation scope (automation-only/untrusted-only/all-plugins)
  and inter-plugin communication (IPC) mechanism
- Created plugin-runtime.zod.ts with Dynamic Loading protocol: runtime load/unload,
  plugin discovery, activation events, and source resolution
- Extended PluginLoadingEventSchema with dynamic-load/unload/discover events
- Extended PluginLoadingStateSchema with unloading/unloaded states
- Added comprehensive tests for all new schemas (324 kernel tests pass)

Co-authored-by: hotlong <50353452+hotlong@users.noreply.github.com>

Author: Copilot

packages/spec/src/kernel/index.ts

@@ -8,6 +8,7 @@ export * from './plugin-capability.zod';
 export * from './plugin-lifecycle-advanced.zod';
 export * from './plugin-lifecycle-events.zod';
 export * from './plugin-loading.zod';
+export * from './plugin-runtime.zod';
 export * from './plugin-security-advanced.zod';
 export * from './plugin-structure.zod';
 export * from './plugin-validator.zod';

packages/spec/src/kernel/plugin-loading.test.ts

@@ -209,6 +209,51 @@ describe('Plugin Loading Protocol', () => {
       expect(result.enabled).toBe(false);
       expect(result.strategy).toBe('full');
       expect(result.debounceMs).toBe(300);
+      expect(result.environment).toBe('development');
+    });
+
+    it('should accept production environment with safety config', () => {
+      const config = {
+        enabled: true,
+        environment: 'production' as const,
+        strategy: 'state-preserve' as const,
+        productionSafety: {
+          healthValidation: true,
+          rollbackOnFailure: true,
+          healthTimeout: 60000,
+          drainConnections: true,
+          drainTimeout: 30000,
+          maxConcurrentReloads: 2,
+          minReloadInterval: 10000,
+        },
+      };
+      const result = PluginHotReloadSchema.parse(config);
+      expect(result.environment).toBe('production');
+      expect(result.productionSafety?.healthValidation).toBe(true);
+      expect(result.productionSafety?.rollbackOnFailure).toBe(true);
+      expect(result.productionSafety?.maxConcurrentReloads).toBe(2);
+    });
+
+    it('should apply production safety defaults', () => {
+      const config = {
+        enabled: true,
+        environment: 'production' as const,
+        productionSafety: {},
+      };
+      const result = PluginHotReloadSchema.parse(config);
+      expect(result.productionSafety?.healthValidation).toBe(true);
+      expect(result.productionSafety?.rollbackOnFailure).toBe(true);
+      expect(result.productionSafety?.drainConnections).toBe(true);
+      expect(result.productionSafety?.maxConcurrentReloads).toBe(1);
+      expect(result.productionSafety?.minReloadInterval).toBe(5000);
+    });
+
+    it('should accept all environment values', () => {
+      const envs = ['development', 'staging', 'production'];
+      envs.forEach((env) => {
+        const result = PluginHotReloadSchema.parse({ environment: env });
+        expect(result.environment).toBe(env);
+      });
     });
   });
 
@@ -269,6 +314,49 @@ describe('Plugin Loading Protocol', () => {
       const result = PluginSandboxingSchema.parse({});
       expect(result.enabled).toBe(false);
       expect(result.isolationLevel).toBe('none');
+      expect(result.scope).toBe('automation-only');
+    });
+
+    it('should accept all isolation scope values', () => {
+      const scopes = ['automation-only', 'untrusted-only', 'all-plugins'];
+      scopes.forEach((scope) => {
+        const result = PluginSandboxingSchema.parse({ scope });
+        expect(result.scope).toBe(scope);
+      });
+    });
+
+    it('should accept full plugin isolation with IPC', () => {
+      const config = {
+        enabled: true,
+        scope: 'all-plugins' as const,
+        isolationLevel: 'process' as const,
+        ipc: {
+          enabled: true,
+          transport: 'unix-socket' as const,
+          maxMessageSize: 2097152,
+          timeout: 15000,
+          allowedServices: ['metadata', 'data', 'auth'],
+        },
+      };
+      const result = PluginSandboxingSchema.parse(config);
+      expect(result.scope).toBe('all-plugins');
+      expect(result.ipc?.enabled).toBe(true);
+      expect(result.ipc?.transport).toBe('unix-socket');
+      expect(result.ipc?.allowedServices).toHaveLength(3);
+    });
+
+    it('should apply IPC defaults', () => {
+      const config = {
+        enabled: true,
+        scope: 'all-plugins' as const,
+        isolationLevel: 'process' as const,
+        ipc: {},
+      };
+      const result = PluginSandboxingSchema.parse(config);
+      expect(result.ipc?.enabled).toBe(true);
+      expect(result.ipc?.transport).toBe('message-port');
+      expect(result.ipc?.maxMessageSize).toBe(1048576);
+      expect(result.ipc?.timeout).toBe(30000);
     });
   });
 
@@ -401,6 +489,9 @@ describe('Plugin Loading Protocol', () => {
         'cache-hit',
         'cache-miss',
         'hot-reload',
+        'dynamic-load',
+        'dynamic-unload',
+        'dynamic-discover',
       ];
 
       types.forEach((type) => {
@@ -438,6 +529,8 @@ describe('Plugin Loading Protocol', () => {
         'ready',
         'failed',
         'reloading',
+        'unloading',
+        'unloaded',
       ];
 
       states.forEach((stateValue) => {

packages/spec/src/kernel/plugin-loading.zod.ts

@@ -291,14 +291,26 @@ export const PluginDependencyResolutionSchema = z.object({
 
 /**
  * Plugin Hot Reload Configuration
- * Enables hot module replacement for development
+ * Enables hot module replacement for development and production environments.
+ * 
+ * Production mode adds safety features: health validation, rollback on failure,
+ * connection draining, and concurrency control for zero-downtime reloads.
  */
 export const PluginHotReloadSchema = z.object({
   /**
    * Enable hot reload
    */
   enabled: z.boolean().default(false),
 
+  /**
+   * Target environment for hot reload behavior
+   */
+  environment: z.enum([
+    'development',   // Fast reload with relaxed safety (file watchers, no health gates)
+    'staging',       // Production-like reload with validation but relaxed rollback
+    'production',    // Full safety: health gates, rollback, connection draining
+  ]).default('development').describe('Target environment controlling safety level'),
+  
   /**
    * Hot reload strategy
    */
@@ -347,6 +359,54 @@ export const PluginHotReloadSchema = z.object({
     afterReload: z.string().optional().describe('Function to call after reload'),
     onError: z.string().optional().describe('Function to call on reload error'),
   }).optional(),
+  
+  /**
+   * Production safety configuration
+   * Applied when environment is 'staging' or 'production'
+   */
+  productionSafety: z.object({
+    /**
+     * Validate plugin health before completing reload
+     */
+    healthValidation: z.boolean().default(true)
+      .describe('Run health checks after reload before accepting traffic'),
+    
+    /**
+     * Automatically rollback to previous version on reload failure
+     */
+    rollbackOnFailure: z.boolean().default(true)
+      .describe('Auto-rollback if reloaded plugin fails health check'),
+    
+    /**
+     * Maximum time to wait for health validation after reload (ms)
+     */
+    healthTimeout: z.number().int().min(1000).default(30000)
+      .describe('Health check timeout after reload in ms'),
+    
+    /**
+     * Drain active connections before reload
+     */
+    drainConnections: z.boolean().default(true)
+      .describe('Gracefully drain active requests before reloading'),
+    
+    /**
+     * Maximum time to wait for connection draining (ms)
+     */
+    drainTimeout: z.number().int().min(0).default(15000)
+      .describe('Max wait time for connection draining in ms'),
+    
+    /**
+     * Maximum number of concurrent plugin reloads
+     */
+    maxConcurrentReloads: z.number().int().min(1).default(1)
+      .describe('Limit concurrent reloads to prevent system instability'),
+    
+    /**
+     * Minimum interval between reloads of the same plugin (ms)
+     */
+    minReloadInterval: z.number().int().min(0).default(5000)
+      .describe('Cooldown period between reloads of the same plugin'),
+  }).optional(),
 }).describe('Plugin hot reload configuration');
 
 /**
@@ -409,14 +469,26 @@ export const PluginCachingSchema = z.object({
 
 /**
  * Plugin Sandboxing Configuration
- * Security isolation for untrusted plugins
+ * Security isolation for plugins with configurable scope.
+ * 
+ * Supports isolation beyond automation scripts: any plugin can be sandboxed
+ * with process-level isolation and inter-plugin communication (IPC).
  */
 export const PluginSandboxingSchema = z.object({
   /**
    * Enable sandboxing
    */
   enabled: z.boolean().default(false),
 
+  /**
+   * Isolation scope - which plugins are subject to sandboxing
+   */
+  scope: z.enum([
+    'automation-only',  // Sandbox automation/scripting plugins only (current behavior)
+    'untrusted-only',   // Sandbox plugins below a trust threshold
+    'all-plugins',      // Sandbox all plugins (maximum isolation)
+  ]).default('automation-only').describe('Which plugins are subject to isolation'),
+  
   /**
    * Sandbox isolation level
    */
@@ -482,6 +554,47 @@ export const PluginSandboxingSchema = z.object({
      */
     allowedEnvVars: z.array(z.string()).optional(),
   }).optional(),
+  
+  /**
+   * Inter-Plugin Communication (IPC) configuration
+   * Enables isolated plugins to communicate with the kernel and other plugins
+   */
+  ipc: z.object({
+    /**
+     * Enable IPC for sandboxed plugins
+     */
+    enabled: z.boolean().default(true)
+      .describe('Allow sandboxed plugins to communicate via IPC'),
+    
+    /**
+     * IPC transport mechanism
+     */
+    transport: z.enum([
+      'message-port',   // MessagePort (worker threads / Web Workers)
+      'unix-socket',    // Unix domain sockets (process isolation)
+      'tcp',            // TCP sockets (container isolation)
+      'memory',         // Shared memory channel (in-process VM)
+    ]).default('message-port')
+      .describe('IPC transport for cross-boundary communication'),
+    
+    /**
+     * Maximum message size in bytes
+     */
+    maxMessageSize: z.number().int().min(1024).default(1048576)
+      .describe('Maximum IPC message size in bytes (default 1MB)'),
+    
+    /**
+     * Message timeout in milliseconds
+     */
+    timeout: z.number().int().min(100).default(30000)
+      .describe('IPC message response timeout in ms'),
+    
+    /**
+     * Allowed service calls through IPC
+     */
+    allowedServices: z.array(z.string()).optional()
+      .describe('Service names the sandboxed plugin may invoke via IPC'),
+  }).optional(),
 }).describe('Plugin sandboxing configuration');
 
 /**
@@ -579,7 +692,7 @@ export const PluginLoadingConfigSchema = z.object({
   dependencyResolution: PluginDependencyResolutionSchema.optional(),
 
   /**
-   * Hot reload configuration (development only)
+   * Hot reload configuration (development and production)
    */
   hotReload: PluginHotReloadSchema.optional(),
 
@@ -619,6 +732,9 @@ export const PluginLoadingEventSchema = z.object({
     'cache-hit',
     'cache-miss',
     'hot-reload',
+    'dynamic-load',       // Plugin loaded at runtime
+    'dynamic-unload',     // Plugin unloaded at runtime
+    'dynamic-discover',   // Plugin discovered via registry
   ]),
 
   /**
@@ -672,6 +788,8 @@ export const PluginLoadingStateSchema = z.object({
     'ready',         // Fully initialized and ready
     'failed',        // Failed to load or initialize
     'reloading',     // Hot reloading in progress
+    'unloading',     // Being unloaded at runtime
+    'unloaded',      // Successfully unloaded (dynamic loading)
   ]),
 
   /**