@agenshield/broker 0.6.1 → 0.7.0

package/daemon-forward.d.ts

@@ -6,10 +6,13 @@
  * in server.ts / http-fallback.ts when the broker's local enforcer denies
  * a request but the daemon may have a user-defined policy that allows it.
  */
+import type { SandboxConfig, PolicyExecutionContext } from '@agenshield/ipc';
 export interface DaemonPolicyResult {
     allowed: boolean;
     policyId?: string;
     reason?: string;
+    sandbox?: SandboxConfig;
+    executionContext?: PolicyExecutionContext;
 }
 /**
  * Forward a policy check to the daemon's RPC endpoint.
@@ -21,5 +24,5 @@ export interface DaemonPolicyResult {
  *
  * @returns The daemon's result if it explicitly allows, or null to keep broker denial.
  */
-export declare function forwardPolicyToDaemon(operation: string, target: string, daemonUrl: string): Promise<DaemonPolicyResult | null>;
+export declare function forwardPolicyToDaemon(operation: string, target: string, daemonUrl: string, context?: PolicyExecutionContext): Promise<DaemonPolicyResult | null>;
 //# sourceMappingURL=daemon-forward.d.ts.map

package/daemon-forward.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"daemon-forward.d.ts","sourceRoot":"","sources":["../src/daemon-forward.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;GASG;AACH,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAiDpC"}
+{"version":3,"file":"daemon-forward.d.ts","sourceRoot":"","sources":["../src/daemon-forward.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAK7E,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;CAC3C;AAED;;;;;;;;;GASG;AACH,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAuEpC"}

package/handlers/exec.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../src/handlers/exec.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAc,UAAU,EAAE,MAAM,aAAa,CAAC;AACzF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAgGtD,wBAAsB,UAAU,CAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,CA+GpC"}
+{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../src/handlers/exec.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAc,UAAU,EAAE,MAAM,aAAa,CAAC;AACzF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAgGtD,wBAAsB,UAAU,CAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,CA4HpC"}

package/handlers/policy-check.d.ts

@@ -10,10 +10,13 @@
  */
 import type { HandlerContext, HandlerResult } from '../types.js';
 import type { HandlerDependencies } from './types.js';
+import type { SandboxConfig, PolicyExecutionContext } from '@agenshield/ipc';
 interface PolicyCheckResultData {
     allowed: boolean;
     policyId?: string;
     reason?: string;
+    sandbox?: SandboxConfig;
+    executionContext?: PolicyExecutionContext;
 }
 export declare function handlePolicyCheck(params: Record<string, unknown>, context: HandlerContext, deps: HandlerDependencies): Promise<HandlerResult<PolicyCheckResultData>>;
 export {};

package/handlers/policy-check.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"policy-check.d.ts","sourceRoot":"","sources":["../../src/handlers/policy-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAQtD,UAAU,qBAAqB;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAKD,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC,CAoE/C"}
+{"version":3,"file":"policy-check.d.ts","sourceRoot":"","sources":["../../src/handlers/policy-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAS7E,UAAU,qBAAqB;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;CAC3C;AAKD,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC,CA6E/C"}

package/handlers/skill-install.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"skill-install.d.ts","sourceRoot":"","sources":["../../src/handlers/skill-install.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,OAAO,KAAK,EACV,cAAc,EACd,aAAa,EAEb,kBAAkB,EAElB,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AA4CtD;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,kBAAkB,CAAC,CAAC,CA+I5C;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,oBAAoB,CAAC,CAAC,CAiF9C"}
+{"version":3,"file":"skill-install.d.ts","sourceRoot":"","sources":["../../src/handlers/skill-install.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EACV,cAAc,EACd,aAAa,EAEb,kBAAkB,EAElB,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AA4CtD;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,kBAAkB,CAAC,CAAC,CA0H5C;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,aAAa,CAAC,oBAAoB,CAAC,CAAC,CAqE9C"}

package/handlers/types.d.ts

@@ -4,6 +4,7 @@
 import type { PolicyEnforcer } from '../policies/enforcer.js';
 import type { AuditLogger } from '../audit/logger.js';
 import type { SecretVault } from '../secrets/vault.js';
+import type { SecretResolver } from '../secrets/resolver.js';
 import type { CommandAllowlist } from '../policies/command-allowlist.js';
 /**
  * Exec monitoring event emitted after each exec operation
@@ -16,11 +17,13 @@ export interface ExecMonitorEvent {
     allowed: boolean;
     duration: number;
     timestamp: string;
+    injectedSecretNames?: string[];
 }
 export interface HandlerDependencies {
     policyEnforcer: PolicyEnforcer;
     auditLogger: AuditLogger;
     secretVault: SecretVault;
+    secretResolver?: SecretResolver;
     commandAllowlist: CommandAllowlist;
     onExecMonitor?: (event: ExecMonitorEvent) => void;
     onExecDenied?: (command: string, reason: string) => void;

package/handlers/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,WAAW,CAAC;IACzB,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAClD,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IACzD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAClD,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IACzD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}

package/http-fallback.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"http-fallback.d.ts","sourceRoot":"","sources":["../src/http-fallback.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EACV,YAAY,EAIb,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAsBxE,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,YAAY,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,gBAAgB,EAAE,gBAAgB,CAAC;CACpC;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,OAAO,EAAE,yBAAyB;IAO9C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAoB5B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAY3B;;OAEG;YACW,aAAa;IA6C3B;;OAEG;IACH,OAAO,CAAC,WAAW;IAUnB;;OAEG;YACW,cAAc;IAuI5B;;OAEG;IACH,OAAO,CAAC,UAAU;IAsBlB;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;IACH,OAAO,CAAC,aAAa;CAWtB"}
+{"version":3,"file":"http-fallback.d.ts","sourceRoot":"","sources":["../src/http-fallback.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EACV,YAAY,EAIb,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAsBxE,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,YAAY,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,gBAAgB,EAAE,gBAAgB,CAAC;CACpC;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,OAAO,EAAE,yBAAyB;IAO9C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAoB5B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAY3B;;OAEG;YACW,aAAa;IA6C3B;;OAEG;IACH,OAAO,CAAC,WAAW;IAUnB;;OAEG;YACW,cAAc;IAqI5B;;OAEG;IACH,OAAO,CAAC,UAAU;IAsBlB;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;IACH,OAAO,CAAC,aAAa;CAWtB"}

package/index.js

@@ -252,8 +252,10 @@ import { spawn } from "node:child_process";
 
 // libs/shield-broker/src/daemon-forward.ts
 var DAEMON_RPC_TIMEOUT = 2e3;
-async function forwardPolicyToDaemon(operation, target, daemonUrl) {
+async function forwardPolicyToDaemon(operation, target, daemonUrl, context) {
+  const verbose = process.env["AGENSHIELD_BROKER_VERBOSE"] === "true";
   try {
+    if (verbose) console.error(`[broker:forward] op=${operation} target=${target} \u2192 daemon ${daemonUrl}`);
     const controller = new AbortController();
     const timeout = setTimeout(() => controller.abort(), DAEMON_RPC_TIMEOUT);
     const response = await fetch(`${daemonUrl}/rpc`, {
@@ -263,7 +265,7 @@ async function forwardPolicyToDaemon(operation, target, daemonUrl) {
         jsonrpc: "2.0",
         id: `broker-fwd-${Date.now()}`,
         method: "policy_check",
-        params: { operation, target }
+        params: { operation, target, context }
       }),
       signal: controller.signal
     });
@@ -276,11 +278,22 @@ async function forwardPolicyToDaemon(operation, target, daemonUrl) {
       return null;
     }
     const result = json.result;
+    if (verbose) console.error(`[broker:forward] result: allowed=${result.allowed} policyId=${result.policyId}`);
     if (result.policyId) {
       return {
         allowed: !!result.allowed,
         policyId: result.policyId,
-        reason: result.reason
+        reason: result.reason,
+        sandbox: result.sandbox,
+        executionContext: result.executionContext
+      };
+    }
+    if (result.sandbox) {
+      return {
+        allowed: true,
+        reason: result.reason,
+        sandbox: result.sandbox,
+        executionContext: result.executionContext
       };
     }
     return null;
@@ -436,11 +449,17 @@ async function handleExec(params, context, deps) {
       }
     }
     const effectiveTimeout = HTTP_EXEC_COMMANDS.has(commandBasename) ? Math.max(timeout, 3e5) : timeout;
+    const secretEnv = deps.secretResolver?.getSecretsForExec(
+      commandBasename,
+      args
+    ) ?? {};
+    const injectedSecretNames = Object.keys(secretEnv);
+    const mergedEnv = injectedSecretNames.length > 0 ? { ...env || {}, ...secretEnv } : env;
     const result = await executeCommand({
       command: resolvedCommand,
       args,
       cwd: effectiveCwd,
-      env,
+      env: mergedEnv,
       timeout: effectiveTimeout,
       shell: false
       // Always force shell: false to prevent injection
@@ -453,7 +472,8 @@ async function handleExec(params, context, deps) {
       exitCode: result.exitCode,
       allowed: true,
       duration,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      injectedSecretNames: injectedSecretNames.length > 0 ? injectedSecretNames : void 0
     });
     return {
       success: true,
@@ -640,7 +660,6 @@ async function handlePing(params, context, deps) {
 
 // libs/shield-broker/src/handlers/skill-install.ts
 import * as fs2 from "node:fs/promises";
-import * as fsSync from "node:fs";
 import * as path3 from "node:path";
 import { execSync } from "node:child_process";
 function isValidSlug(slug) {
@@ -677,13 +696,14 @@ fi
 }
 async function handleSkillInstall(params, context, deps) {
   const startTime = Date.now();
+  const warnings = [];
   try {
     const {
       slug,
       files,
       createWrapper = true,
       agentHome = process.env["AGENSHIELD_AGENT_HOME"] || "/Users/ash_default_agent",
-      socketGroup = process.env["AGENSHIELD_SOCKET_GROUP"] || "clawshield"
+      socketGroup = process.env["AGENSHIELD_SOCKET_GROUP"] || "ash_default"
     } = params;
     if (!slug || !isValidSlug(slug)) {
       return {
@@ -725,30 +745,11 @@ async function handleSkillInstall(params, context, deps) {
       filesWritten++;
     }
     try {
-      execSync(`chown -R root:${socketGroup} "${skillDir}"`, { stdio: "pipe" });
       execSync(`chmod -R a+rX,go-w "${skillDir}"`, { stdio: "pipe" });
     } catch (err) {
-      console.warn(`[SkillInstall] chown failed (may be expected in dev): ${err.message}`);
-    }
-    const openclawConfigPath = path3.join(agentHome, ".openclaw", "openclaw.json");
-    try {
-      let openclawConfig = {};
-      try {
-        const raw = fsSync.readFileSync(openclawConfigPath, "utf-8");
-        openclawConfig = JSON.parse(raw);
-      } catch {
-      }
-      if (!openclawConfig.skills) {
-        openclawConfig.skills = {};
-      }
-      const skills = openclawConfig.skills;
-      if (!skills.entries) {
-        skills.entries = {};
-      }
-      skills.entries[slug] = { enabled: true };
-      fsSync.writeFileSync(openclawConfigPath, JSON.stringify(openclawConfig, null, 2), "utf-8");
-    } catch (err) {
-      console.warn(`[SkillInstall] openclaw.json update failed: ${err.message}`);
+      const msg = `chmod on skill dir failed: ${err.message}`;
+      console.warn(`[SkillInstall] ${msg}`);
+      warnings.push(msg);
     }
     let wrapperPath;
     if (createWrapper) {
@@ -756,12 +757,6 @@ async function handleSkillInstall(params, context, deps) {
       await fs2.mkdir(binDir, { recursive: true });
       const wrapperContent = createWrapperContent(slug, skillDir);
       await fs2.writeFile(wrapperPath, wrapperContent, { mode: 493 });
-      try {
-        execSync(`chown root:${socketGroup} "${wrapperPath}"`, { stdio: "pipe" });
-        execSync(`chmod 755 "${wrapperPath}"`, { stdio: "pipe" });
-      } catch (err) {
-        console.warn(`[SkillInstall] wrapper chown failed: ${err.message}`);
-      }
     }
     return {
       success: true,
@@ -769,7 +764,8 @@ async function handleSkillInstall(params, context, deps) {
         installed: true,
         skillDir,
         wrapperPath,
-        filesWritten
+        filesWritten,
+        warnings: warnings.length > 0 ? warnings : void 0
       },
       audit: {
         duration: Date.now() - startTime,
@@ -810,18 +806,6 @@ async function handleSkillUninstall(params, context, deps) {
     if (skillExists) {
       await fs2.rm(skillDir, { recursive: true, force: true });
     }
-    const openclawConfigPath = path3.join(agentHome, ".openclaw", "openclaw.json");
-    try {
-      const raw = fsSync.readFileSync(openclawConfigPath, "utf-8");
-      const openclawConfig = JSON.parse(raw);
-      const skills = openclawConfig.skills;
-      const entries = skills?.entries;
-      if (entries?.[slug]) {
-        delete entries[slug];
-        fsSync.writeFileSync(openclawConfigPath, JSON.stringify(openclawConfig, null, 2), "utf-8");
-      }
-    } catch {
-    }
     let wrapperRemoved = false;
     if (removeWrapper) {
       try {
@@ -853,7 +837,7 @@ async function handleSkillUninstall(params, context, deps) {
 // libs/shield-broker/src/handlers/policy-check.ts
 var DEFAULT_DAEMON_URL = "http://127.0.0.1:5200";
 async function handlePolicyCheck(params, context, deps) {
-  const { operation, target } = params;
+  const { operation, target, context: execContext } = params;
   if (!operation) {
     return {
       success: false,
@@ -893,9 +877,18 @@ async function handlePolicyCheck(params, context, deps) {
     };
   }
   const daemonUrl = deps.daemonUrl || DEFAULT_DAEMON_URL;
-  const daemonResult = await forwardPolicyToDaemon(operation, target || "", daemonUrl);
+  const daemonResult = await forwardPolicyToDaemon(operation, target || "", daemonUrl, execContext);
   if (daemonResult && daemonResult.allowed) {
-    return { success: true, data: daemonResult };
+    return {
+      success: true,
+      data: {
+        allowed: daemonResult.allowed,
+        policyId: daemonResult.policyId,
+        reason: daemonResult.reason,
+        sandbox: daemonResult.sandbox,
+        executionContext: daemonResult.executionContext
+      }
+    };
   }
   return {
     success: true,
@@ -937,6 +930,7 @@ var UnixSocketServer = class {
   policyEnforcer;
   auditLogger;
   secretVault;
+  secretResolver;
   commandAllowlist;
   connections = /* @__PURE__ */ new Set();
   constructor(options) {
@@ -944,6 +938,7 @@ var UnixSocketServer = class {
     this.policyEnforcer = options.policyEnforcer;
     this.auditLogger = options.auditLogger;
     this.secretVault = options.secretVault;
+    this.secretResolver = options.secretResolver;
     this.commandAllowlist = options.commandAllowlist;
   }
   /**
@@ -1043,13 +1038,9 @@ var UnixSocketServer = class {
         config: this.config
         // Socket credentials would be extracted here on supported platforms
       };
-      const policyResult = await this.policyEnforcer.check(
-        request.method,
-        request.params,
-        context
-      );
+      const policyResult = request.method === "policy_check" ? { allowed: true, policyId: void 0, reason: void 0 } : await this.policyEnforcer.check(request.method, request.params, context);
       let finalPolicy = policyResult;
-      if (!policyResult.allowed && request.method !== "policy_check") {
+      if (!policyResult.allowed) {
         const target = this.extractTarget(request);
         const daemonUrl = this.config.daemonUrl || "http://127.0.0.1:5200";
         const override = await forwardPolicyToDaemon(request.method, target, daemonUrl);
@@ -1080,6 +1071,7 @@ var UnixSocketServer = class {
         policyEnforcer: this.policyEnforcer,
         auditLogger: this.auditLogger,
         secretVault: this.secretVault,
+        secretResolver: this.secretResolver,
         commandAllowlist: this.commandAllowlist,
         daemonUrl: this.config.daemonUrl
       });
@@ -1296,13 +1288,9 @@ var HttpFallbackServer = class {
         timestamp: /* @__PURE__ */ new Date(),
         config: this.config
       };
-      const policyResult = await this.policyEnforcer.check(
-        request.method,
-        request.params,
-        context
-      );
+      const policyResult = request.method === "policy_check" ? { allowed: true, policyId: void 0, reason: void 0 } : await this.policyEnforcer.check(request.method, request.params, context);
       let finalPolicy = policyResult;
-      if (!policyResult.allowed && request.method !== "policy_check") {
+      if (!policyResult.allowed) {
         const target = this.extractTarget(request);
         const daemonUrl = this.config.daemonUrl || "http://127.0.0.1:5200";
         const override = await forwardPolicyToDaemon(request.method, target, daemonUrl);
@@ -1412,6 +1400,7 @@ var PolicyEnforcer = class {
   lastLoad = 0;
   reloadInterval = 6e4;
   // 1 minute
+  verbose = process.env["AGENSHIELD_BROKER_VERBOSE"] === "true";
   constructor(options) {
     this.policiesPath = options.policiesPath;
     this.failOpen = options.failOpen;
@@ -1499,13 +1488,17 @@ var PolicyEnforcer = class {
     this.maybeReload();
     try {
       const target = this.extractTarget(operation, params);
+      if (this.verbose) console.error(`[broker:enforcer] op=${operation} target=${target}`);
       for (const rule of this.policies.rules) {
         if (!rule.enabled) continue;
         if (!rule.operations.includes(operation) && !rule.operations.includes("*")) {
           continue;
         }
-        const matches = this.matchesPatterns(target, rule.patterns);
+        const matches = this.matchesPatterns(target, rule.patterns, operation);
         if (matches) {
+          if (this.verbose) {
+            console.error(`[broker:enforcer] MATCH rule=${rule.id} action=${rule.action} patterns=${rule.patterns.join(",")}`);
+          }
           if (rule.action === "deny" || rule.action === "approval") {
             return {
               allowed: false,
@@ -1530,6 +1523,9 @@ var PolicyEnforcer = class {
       if (operation === "http_request" && this.policies.networkConstraints) {
         return { allowed: true, reason: "Allowed by network constraints" };
       }
+      if (this.verbose) {
+        console.error(`[broker:enforcer] DEFAULT action=${this.policies.defaultAction} (no rule matched)`);
+      }
       return {
         allowed: this.policies.defaultAction === "allow",
         reason: this.policies.defaultAction === "deny" ? "No matching allow policy" : void 0
@@ -1563,12 +1559,39 @@ var PolicyEnforcer = class {
         return "";
     }
   }
+  /**
+   * Match a command target against a Claude Code-style command pattern.
+   * See matchCommandPattern in daemon rpc.ts for full semantics.
+   */
+  matchCommandPattern(pattern, target) {
+    const trimmed = pattern.trim();
+    if (trimmed === "*") return true;
+    if (trimmed.endsWith(":*")) {
+      const prefix = trimmed.slice(0, -2).toLowerCase();
+      const lowerTarget = target.toLowerCase();
+      if (lowerTarget === prefix || lowerTarget.startsWith(prefix + " ")) {
+        return true;
+      }
+      const firstSpace = lowerTarget.indexOf(" ");
+      const cmdPart = firstSpace >= 0 ? lowerTarget.slice(0, firstSpace) : lowerTarget;
+      const lastSlash = cmdPart.lastIndexOf("/");
+      if (lastSlash >= 0) {
+        const basename2 = cmdPart.slice(lastSlash + 1);
+        if (basename2 === prefix || basename2.startsWith(prefix + "-") || basename2.startsWith(prefix)) {
+          return true;
+        }
+      }
+      return false;
+    }
+    return target.toLowerCase() === trimmed.toLowerCase();
+  }
   /**
    * Check if target matches any patterns
    */
-  matchesPatterns(target, patterns) {
+  matchesPatterns(target, patterns, operation) {
     for (const pattern of patterns) {
-      if (this.matchPattern(target, pattern)) {
+      const isExec = operation === "exec" || operation === "*";
+      if (isExec ? this.matchCommandPattern(pattern, target) : this.matchPattern(target, pattern)) {
         return true;
       }
     }

package/main.js

@@ -254,8 +254,10 @@ import { spawn } from "node:child_process";
 
 // libs/shield-broker/src/daemon-forward.ts
 var DAEMON_RPC_TIMEOUT = 2e3;
-async function forwardPolicyToDaemon(operation, target, daemonUrl) {
+async function forwardPolicyToDaemon(operation, target, daemonUrl, context) {
+  const verbose = process.env["AGENSHIELD_BROKER_VERBOSE"] === "true";
   try {
+    if (verbose) console.error(`[broker:forward] op=${operation} target=${target} \u2192 daemon ${daemonUrl}`);
     const controller = new AbortController();
     const timeout = setTimeout(() => controller.abort(), DAEMON_RPC_TIMEOUT);
     const response = await fetch(`${daemonUrl}/rpc`, {
@@ -265,7 +267,7 @@ async function forwardPolicyToDaemon(operation, target, daemonUrl) {
         jsonrpc: "2.0",
         id: `broker-fwd-${Date.now()}`,
         method: "policy_check",
-        params: { operation, target }
+        params: { operation, target, context }
       }),
       signal: controller.signal
     });
@@ -278,11 +280,22 @@ async function forwardPolicyToDaemon(operation, target, daemonUrl) {
       return null;
     }
     const result = json.result;
+    if (verbose) console.error(`[broker:forward] result: allowed=${result.allowed} policyId=${result.policyId}`);
     if (result.policyId) {
       return {
         allowed: !!result.allowed,
         policyId: result.policyId,
-        reason: result.reason
+        reason: result.reason,
+        sandbox: result.sandbox,
+        executionContext: result.executionContext
+      };
+    }
+    if (result.sandbox) {
+      return {
+        allowed: true,
+        reason: result.reason,
+        sandbox: result.sandbox,
+        executionContext: result.executionContext
       };
     }
     return null;
@@ -438,11 +451,17 @@ async function handleExec(params, context, deps) {
       }
     }
     const effectiveTimeout = HTTP_EXEC_COMMANDS.has(commandBasename) ? Math.max(timeout, 3e5) : timeout;
+    const secretEnv = deps.secretResolver?.getSecretsForExec(
+      commandBasename,
+      args
+    ) ?? {};
+    const injectedSecretNames = Object.keys(secretEnv);
+    const mergedEnv = injectedSecretNames.length > 0 ? { ...env || {}, ...secretEnv } : env;
     const result = await executeCommand({
       command: resolvedCommand,
       args,
       cwd: effectiveCwd,
-      env,
+      env: mergedEnv,
       timeout: effectiveTimeout,
       shell: false
       // Always force shell: false to prevent injection
@@ -455,7 +474,8 @@ async function handleExec(params, context, deps) {
       exitCode: result.exitCode,
       allowed: true,
       duration,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      injectedSecretNames: injectedSecretNames.length > 0 ? injectedSecretNames : void 0
     });
     return {
       success: true,
@@ -642,7 +662,6 @@ async function handlePing(params, context, deps) {
 
 // libs/shield-broker/src/handlers/skill-install.ts
 import * as fs2 from "node:fs/promises";
-import * as fsSync from "node:fs";
 import * as path3 from "node:path";
 import { execSync } from "node:child_process";
 function isValidSlug(slug) {
@@ -679,13 +698,14 @@ fi
 }
 async function handleSkillInstall(params, context, deps) {
   const startTime = Date.now();
+  const warnings = [];
   try {
     const {
       slug,
       files,
       createWrapper = true,
       agentHome = process.env["AGENSHIELD_AGENT_HOME"] || "/Users/ash_default_agent",
-      socketGroup = process.env["AGENSHIELD_SOCKET_GROUP"] || "clawshield"
+      socketGroup = process.env["AGENSHIELD_SOCKET_GROUP"] || "ash_default"
     } = params;
     if (!slug || !isValidSlug(slug)) {
       return {
@@ -727,30 +747,11 @@ async function handleSkillInstall(params, context, deps) {
       filesWritten++;
     }
     try {
-      execSync(`chown -R root:${socketGroup} "${skillDir}"`, { stdio: "pipe" });
       execSync(`chmod -R a+rX,go-w "${skillDir}"`, { stdio: "pipe" });
     } catch (err) {
-      console.warn(`[SkillInstall] chown failed (may be expected in dev): ${err.message}`);
-    }
-    const openclawConfigPath = path3.join(agentHome, ".openclaw", "openclaw.json");
-    try {
-      let openclawConfig = {};
-      try {
-        const raw = fsSync.readFileSync(openclawConfigPath, "utf-8");
-        openclawConfig = JSON.parse(raw);
-      } catch {
-      }
-      if (!openclawConfig.skills) {
-        openclawConfig.skills = {};
-      }
-      const skills = openclawConfig.skills;
-      if (!skills.entries) {
-        skills.entries = {};
-      }
-      skills.entries[slug] = { enabled: true };
-      fsSync.writeFileSync(openclawConfigPath, JSON.stringify(openclawConfig, null, 2), "utf-8");
-    } catch (err) {
-      console.warn(`[SkillInstall] openclaw.json update failed: ${err.message}`);
+      const msg = `chmod on skill dir failed: ${err.message}`;
+      console.warn(`[SkillInstall] ${msg}`);
+      warnings.push(msg);
     }
     let wrapperPath;
     if (createWrapper) {
@@ -758,12 +759,6 @@ async function handleSkillInstall(params, context, deps) {
       await fs2.mkdir(binDir, { recursive: true });
       const wrapperContent = createWrapperContent(slug, skillDir);
       await fs2.writeFile(wrapperPath, wrapperContent, { mode: 493 });
-      try {
-        execSync(`chown root:${socketGroup} "${wrapperPath}"`, { stdio: "pipe" });
-        execSync(`chmod 755 "${wrapperPath}"`, { stdio: "pipe" });
-      } catch (err) {
-        console.warn(`[SkillInstall] wrapper chown failed: ${err.message}`);
-      }
     }
     return {
       success: true,
@@ -771,7 +766,8 @@ async function handleSkillInstall(params, context, deps) {
         installed: true,
         skillDir,
         wrapperPath,
-        filesWritten
+        filesWritten,
+        warnings: warnings.length > 0 ? warnings : void 0
       },
       audit: {
         duration: Date.now() - startTime,
@@ -812,18 +808,6 @@ async function handleSkillUninstall(params, context, deps) {
     if (skillExists) {
       await fs2.rm(skillDir, { recursive: true, force: true });
     }
-    const openclawConfigPath = path3.join(agentHome, ".openclaw", "openclaw.json");
-    try {
-      const raw = fsSync.readFileSync(openclawConfigPath, "utf-8");
-      const openclawConfig = JSON.parse(raw);
-      const skills = openclawConfig.skills;
-      const entries = skills?.entries;
-      if (entries?.[slug]) {
-        delete entries[slug];
-        fsSync.writeFileSync(openclawConfigPath, JSON.stringify(openclawConfig, null, 2), "utf-8");
-      }
-    } catch {
-    }
     let wrapperRemoved = false;
     if (removeWrapper) {
       try {
@@ -855,7 +839,7 @@ async function handleSkillUninstall(params, context, deps) {
 // libs/shield-broker/src/handlers/policy-check.ts
 var DEFAULT_DAEMON_URL = "http://127.0.0.1:5200";
 async function handlePolicyCheck(params, context, deps) {
-  const { operation, target } = params;
+  const { operation, target, context: execContext } = params;
   if (!operation) {
     return {
       success: false,
@@ -895,9 +879,18 @@ async function handlePolicyCheck(params, context, deps) {
     };
   }
   const daemonUrl = deps.daemonUrl || DEFAULT_DAEMON_URL;
-  const daemonResult = await forwardPolicyToDaemon(operation, target || "", daemonUrl);
+  const daemonResult = await forwardPolicyToDaemon(operation, target || "", daemonUrl, execContext);
   if (daemonResult && daemonResult.allowed) {
-    return { success: true, data: daemonResult };
+    return {
+      success: true,
+      data: {
+        allowed: daemonResult.allowed,
+        policyId: daemonResult.policyId,
+        reason: daemonResult.reason,
+        sandbox: daemonResult.sandbox,
+        executionContext: daemonResult.executionContext
+      }
+    };
   }
   return {
     success: true,
@@ -939,6 +932,7 @@ var UnixSocketServer = class {
   policyEnforcer;
   auditLogger;
   secretVault;
+  secretResolver;
   commandAllowlist;
   connections = /* @__PURE__ */ new Set();
   constructor(options) {
@@ -946,6 +940,7 @@ var UnixSocketServer = class {
     this.policyEnforcer = options.policyEnforcer;
     this.auditLogger = options.auditLogger;
     this.secretVault = options.secretVault;
+    this.secretResolver = options.secretResolver;
     this.commandAllowlist = options.commandAllowlist;
   }
   /**
@@ -1045,13 +1040,9 @@ var UnixSocketServer = class {
         config: this.config
         // Socket credentials would be extracted here on supported platforms
       };
-      const policyResult = await this.policyEnforcer.check(
-        request.method,
-        request.params,
-        context
-      );
+      const policyResult = request.method === "policy_check" ? { allowed: true, policyId: void 0, reason: void 0 } : await this.policyEnforcer.check(request.method, request.params, context);
       let finalPolicy = policyResult;
-      if (!policyResult.allowed && request.method !== "policy_check") {
+      if (!policyResult.allowed) {
         const target = this.extractTarget(request);
         const daemonUrl = this.config.daemonUrl || "http://127.0.0.1:5200";
         const override = await forwardPolicyToDaemon(request.method, target, daemonUrl);
@@ -1082,6 +1073,7 @@ var UnixSocketServer = class {
         policyEnforcer: this.policyEnforcer,
         auditLogger: this.auditLogger,
         secretVault: this.secretVault,
+        secretResolver: this.secretResolver,
         commandAllowlist: this.commandAllowlist,
         daemonUrl: this.config.daemonUrl
       });
@@ -1298,13 +1290,9 @@ var HttpFallbackServer = class {
         timestamp: /* @__PURE__ */ new Date(),
         config: this.config
       };
-      const policyResult = await this.policyEnforcer.check(
-        request.method,
-        request.params,
-        context
-      );
+      const policyResult = request.method === "policy_check" ? { allowed: true, policyId: void 0, reason: void 0 } : await this.policyEnforcer.check(request.method, request.params, context);
       let finalPolicy = policyResult;
-      if (!policyResult.allowed && request.method !== "policy_check") {
+      if (!policyResult.allowed) {
         const target = this.extractTarget(request);
         const daemonUrl = this.config.daemonUrl || "http://127.0.0.1:5200";
         const override = await forwardPolicyToDaemon(request.method, target, daemonUrl);
@@ -1414,6 +1402,7 @@ var PolicyEnforcer = class {
   lastLoad = 0;
   reloadInterval = 6e4;
   // 1 minute
+  verbose = process.env["AGENSHIELD_BROKER_VERBOSE"] === "true";
   constructor(options) {
     this.policiesPath = options.policiesPath;
     this.failOpen = options.failOpen;
@@ -1501,13 +1490,17 @@ var PolicyEnforcer = class {
     this.maybeReload();
     try {
       const target = this.extractTarget(operation, params);
+      if (this.verbose) console.error(`[broker:enforcer] op=${operation} target=${target}`);
       for (const rule of this.policies.rules) {
         if (!rule.enabled) continue;
         if (!rule.operations.includes(operation) && !rule.operations.includes("*")) {
           continue;
         }
-        const matches = this.matchesPatterns(target, rule.patterns);
+        const matches = this.matchesPatterns(target, rule.patterns, operation);
         if (matches) {
+          if (this.verbose) {
+            console.error(`[broker:enforcer] MATCH rule=${rule.id} action=${rule.action} patterns=${rule.patterns.join(",")}`);
+          }
           if (rule.action === "deny" || rule.action === "approval") {
             return {
               allowed: false,
@@ -1532,6 +1525,9 @@ var PolicyEnforcer = class {
       if (operation === "http_request" && this.policies.networkConstraints) {
         return { allowed: true, reason: "Allowed by network constraints" };
       }
+      if (this.verbose) {
+        console.error(`[broker:enforcer] DEFAULT action=${this.policies.defaultAction} (no rule matched)`);
+      }
       return {
         allowed: this.policies.defaultAction === "allow",
         reason: this.policies.defaultAction === "deny" ? "No matching allow policy" : void 0
@@ -1565,12 +1561,39 @@ var PolicyEnforcer = class {
         return "";
     }
   }
+  /**
+   * Match a command target against a Claude Code-style command pattern.
+   * See matchCommandPattern in daemon rpc.ts for full semantics.
+   */
+  matchCommandPattern(pattern, target) {
+    const trimmed = pattern.trim();
+    if (trimmed === "*") return true;
+    if (trimmed.endsWith(":*")) {
+      const prefix = trimmed.slice(0, -2).toLowerCase();
+      const lowerTarget = target.toLowerCase();
+      if (lowerTarget === prefix || lowerTarget.startsWith(prefix + " ")) {
+        return true;
+      }
+      const firstSpace = lowerTarget.indexOf(" ");
+      const cmdPart = firstSpace >= 0 ? lowerTarget.slice(0, firstSpace) : lowerTarget;
+      const lastSlash = cmdPart.lastIndexOf("/");
+      if (lastSlash >= 0) {
+        const basename3 = cmdPart.slice(lastSlash + 1);
+        if (basename3 === prefix || basename3.startsWith(prefix + "-") || basename3.startsWith(prefix)) {
+          return true;
+        }
+      }
+      return false;
+    }
+    return target.toLowerCase() === trimmed.toLowerCase();
+  }
   /**
    * Check if target matches any patterns
    */
-  matchesPatterns(target, patterns) {
+  matchesPatterns(target, patterns, operation) {
     for (const pattern of patterns) {
-      if (this.matchPattern(target, pattern)) {
+      const isExec = operation === "exec" || operation === "*";
+      if (isExec ? this.matchCommandPattern(pattern, target) : this.matchPattern(target, pattern)) {
         return true;
       }
     }
@@ -1955,6 +1978,7 @@ function getDefaultPolicies(options) {
 import * as fs5 from "node:fs";
 import * as path5 from "node:path";
 var BUILTIN_COMMANDS = {
+  bash: ["/bin/bash", "/usr/bin/bash", "/opt/homebrew/bin/bash"],
   git: ["/usr/bin/git", "/opt/homebrew/bin/git", "/usr/local/bin/git"],
   ssh: ["/usr/bin/ssh"],
   scp: ["/usr/bin/scp"],
@@ -2475,10 +2499,230 @@ var SecretVault = class {
   }
 };
 
-// libs/shield-broker/src/main.ts
+// libs/shield-broker/src/secrets/resolver.ts
 import * as fs8 from "node:fs";
+var HTTP_COMMANDS = /* @__PURE__ */ new Set(["curl", "wget"]);
+var HTTP_FLAGS_WITH_VALUE2 = /* @__PURE__ */ new Set([
+  "-X",
+  "--request",
+  "-H",
+  "--header",
+  "-d",
+  "--data",
+  "--data-raw",
+  "--data-binary",
+  "--data-urlencode",
+  "-o",
+  "--output",
+  "-u",
+  "--user",
+  "-A",
+  "--user-agent",
+  "-e",
+  "--referer",
+  "-b",
+  "--cookie",
+  "-c",
+  "--cookie-jar",
+  "--connect-timeout",
+  "--max-time",
+  "-w",
+  "--write-out",
+  "-T",
+  "--upload-file",
+  "--resolve",
+  "--cacert",
+  "--cert",
+  "--key"
+]);
+var SecretResolver = class {
+  syncFilePath;
+  synced = null;
+  lastLoad = 0;
+  reloadInterval = 3e4;
+  // 30 seconds
+  constructor(syncFilePath) {
+    this.syncFilePath = syncFilePath;
+    this.load();
+  }
+  /** Load synced secrets from disk */
+  load() {
+    if (!fs8.existsSync(this.syncFilePath)) {
+      this.synced = null;
+      this.lastLoad = Date.now();
+      return;
+    }
+    try {
+      const content = fs8.readFileSync(this.syncFilePath, "utf-8");
+      this.synced = JSON.parse(content);
+      this.lastLoad = Date.now();
+    } catch {
+      this.synced = null;
+      this.lastLoad = Date.now();
+    }
+  }
+  maybeReload() {
+    if (Date.now() - this.lastLoad > this.reloadInterval) {
+      this.load();
+    }
+  }
+  /**
+   * Get environment variables to inject for an exec operation.
+   * Returns global secrets + any secrets from policies whose patterns match.
+   */
+  getSecretsForExec(command, args) {
+    this.maybeReload();
+    if (!this.synced) return {};
+    const result = { ...this.synced.globalSecrets };
+    for (const binding of this.synced.policyBindings) {
+      let matched = false;
+      if (binding.target === "url" && HTTP_COMMANDS.has(command)) {
+        const url = this.extractUrlFromArgs(args);
+        if (url) {
+          matched = binding.patterns.some((p) => this.matchUrlPattern(p, url));
+        }
+      } else if (binding.target === "command") {
+        const fullCommand = args.length > 0 ? `${command} ${args.join(" ")}` : command;
+        matched = binding.patterns.some((p) => this.matchCommandPattern(p, fullCommand));
+      }
+      if (matched) {
+        Object.assign(result, binding.secrets);
+      }
+    }
+    return result;
+  }
+  /**
+   * Get names of secrets that would be injected (for audit logging — names only, never values).
+   */
+  getSecretNamesForExec(command, args) {
+    return Object.keys(this.getSecretsForExec(command, args));
+  }
+  // --- URL matching (replicated from daemon rpc.ts) ---
+  normalizeUrlBase(pattern) {
+    let p = pattern.trim();
+    p = p.replace(/\/+$/, "");
+    if (!p.match(/^(\*|https?):\/\//i)) {
+      p = `https://${p}`;
+    }
+    return p;
+  }
+  normalizeUrlTarget(url) {
+    const trimmed = url.trim();
+    try {
+      const parsed = new URL(trimmed);
+      let urlPath = parsed.pathname;
+      if (urlPath.length > 1) {
+        urlPath = urlPath.replace(/\/+$/, "");
+      }
+      return `${parsed.protocol}//${parsed.host}${urlPath}${parsed.search}`;
+    } catch {
+      return trimmed.replace(/\/+$/, "");
+    }
+  }
+  globToRegex(pattern) {
+    const regexPattern = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*\*/g, "{{GLOBSTAR}}").replace(/\*/g, "[^/]*").replace(/\?/g, ".").replace(/{{GLOBSTAR}}/g, ".*");
+    return new RegExp(`^${regexPattern}$`, "i");
+  }
+  matchUrlPattern(pattern, target) {
+    const base = this.normalizeUrlBase(pattern);
+    const trimmed = pattern.trim().replace(/\/+$/, "");
+    const effectiveTarget = this.normalizeUrlTarget(target);
+    if (trimmed.endsWith("*")) {
+      return this.globToRegex(base).test(effectiveTarget);
+    }
+    return this.globToRegex(base).test(effectiveTarget) || this.globToRegex(`${base}/**`).test(effectiveTarget);
+  }
+  // --- Command matching (replicated from daemon rpc.ts) ---
+  matchCommandPattern(pattern, target) {
+    const trimmed = pattern.trim();
+    if (trimmed === "*") return true;
+    if (trimmed.endsWith(":*")) {
+      const prefix = trimmed.slice(0, -2);
+      const lowerTarget = target.toLowerCase();
+      const lowerPrefix = prefix.toLowerCase();
+      return lowerTarget === lowerPrefix || lowerTarget.startsWith(lowerPrefix + " ");
+    }
+    return target.toLowerCase() === trimmed.toLowerCase();
+  }
+  // --- URL extraction from curl/wget args ---
+  extractUrlFromArgs(args) {
+    for (let i = 0; i < args.length; i++) {
+      const arg = args[i];
+      if (arg.startsWith("-")) {
+        if (HTTP_FLAGS_WITH_VALUE2.has(arg)) {
+          i++;
+        }
+        continue;
+      }
+      return arg;
+    }
+    return null;
+  }
+};
+
+// libs/shield-integrations/dist/index.js
+import { exec as exec2, spawn as spawn2 } from "node:child_process";
+import { promisify as promisify2 } from "node:util";
+import { exec as exec22, execSync as execSync2, spawn as spawn22 } from "node:child_process";
+import { promisify as promisify22 } from "node:util";
+import * as fs32 from "node:fs/promises";
+import { exec as exec3 } from "node:child_process";
+import { promisify as promisify3 } from "node:util";
+var execAsync2 = promisify2(exec2);
+var execAsync22 = promisify22(exec22);
+var execAsync3 = promisify3(exec3);
+var OPENCLAW_GATEWAY_LABEL = "com.agenshield.openclaw.gateway";
+var OPENCLAW_GATEWAY_PLIST = "/Library/LaunchDaemons/com.agenshield.openclaw.gateway.plist";
+async function startOpenClawServices() {
+  try {
+    try {
+      await execAsync3(`sudo launchctl kickstart system/${OPENCLAW_GATEWAY_LABEL}`);
+    } catch {
+    }
+    return {
+      success: true,
+      message: "OpenClaw gateway started"
+    };
+  } catch (error) {
+    return {
+      success: false,
+      message: `Failed to start OpenClaw gateway: ${error.message}`,
+      error
+    };
+  }
+}
+async function stopOpenClawServices() {
+  try {
+    try {
+      await execAsync3(`sudo launchctl kill SIGTERM system/${OPENCLAW_GATEWAY_LABEL}`);
+    } catch {
+    }
+    return {
+      success: true,
+      message: "OpenClaw gateway stopped"
+    };
+  } catch (error) {
+    return {
+      success: false,
+      message: `Failed to stop OpenClaw gateway: ${error.message}`,
+      error
+    };
+  }
+}
+async function isOpenClawInstalled() {
+  try {
+    await fs32.access(OPENCLAW_GATEWAY_PLIST);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+// libs/shield-broker/src/main.ts
+import * as fs9 from "node:fs";
 import * as path7 from "node:path";
 var PROXIED_COMMANDS = [
+  "bash",
   "curl",
   "wget",
   "git",
@@ -2497,9 +2741,9 @@ var PROXIED_COMMANDS = [
 function loadConfig() {
   const configPath = process.env["AGENSHIELD_CONFIG"] || "/opt/agenshield/config/shield.json";
   let fileConfig = {};
-  if (fs8.existsSync(configPath)) {
+  if (fs9.existsSync(configPath)) {
     try {
-      const content = fs8.readFileSync(configPath, "utf-8");
+      const content = fs9.readFileSync(configPath, "utf-8");
       fileConfig = JSON.parse(content);
     } catch (error) {
       console.warn(`Warning: Failed to load config from ${configPath}:`, error);
@@ -2519,8 +2763,8 @@ function loadConfig() {
     logLevel: process.env["AGENSHIELD_LOG_LEVEL"] || fileConfig.logLevel || "info",
     failOpen: process.env["AGENSHIELD_FAIL_OPEN"] === "true" || (fileConfig.failOpen ?? false),
     socketMode: fileConfig.socketMode || 438,
-    socketOwner: fileConfig.socketOwner || "clawbroker",
-    socketGroup: fileConfig.socketGroup || "clawshield",
+    socketOwner: fileConfig.socketOwner || "ash_default_broker",
+    socketGroup: fileConfig.socketGroup || "ash_default",
     agentHome: process.env["AGENSHIELD_AGENT_HOME"] || fileConfig.agentHome,
     daemonUrl: process.env["AGENSHIELD_DAEMON_URL"] || fileConfig.daemonUrl || "http://127.0.0.1:5200"
   };
@@ -2529,9 +2773,9 @@ function ensureDirectories(config) {
   const socketDir = path7.dirname(config.socketPath);
   const auditDir = path7.dirname(config.auditLogPath);
   for (const dir of [socketDir, auditDir, config.policiesPath]) {
-    if (!fs8.existsSync(dir)) {
+    if (!fs9.existsSync(dir)) {
       try {
-        fs8.mkdirSync(dir, { recursive: true, mode: 493 });
+        fs9.mkdirSync(dir, { recursive: true, mode: 493 });
       } catch (error) {
         if (error.code !== "EEXIST") {
           console.warn(`Warning: Could not create directory ${dir}:`, error);
@@ -2541,23 +2785,23 @@ function ensureDirectories(config) {
   }
 }
 function ensureProxiedCommandWrappers(binDir) {
-  if (!fs8.existsSync(binDir)) {
+  if (!fs9.existsSync(binDir)) {
     try {
-      fs8.mkdirSync(binDir, { recursive: true, mode: 493 });
+      fs9.mkdirSync(binDir, { recursive: true, mode: 493 });
     } catch {
       console.warn(`[broker] cannot create bin dir ${binDir}`);
       return;
     }
   }
   const shieldExecPath = "/opt/agenshield/bin/shield-exec";
-  const hasShieldExec = fs8.existsSync(shieldExecPath);
+  const hasShieldExec = fs9.existsSync(shieldExecPath);
   let installed = 0;
   for (const cmd of PROXIED_COMMANDS) {
     const wrapperPath = path7.join(binDir, cmd);
-    if (fs8.existsSync(wrapperPath)) continue;
+    if (fs9.existsSync(wrapperPath)) continue;
     if (hasShieldExec) {
       try {
-        fs8.symlinkSync(shieldExecPath, wrapperPath);
+        fs9.symlinkSync(shieldExecPath, wrapperPath);
         installed++;
         continue;
       } catch {
@@ -2571,7 +2815,7 @@ function ensureProxiedCommandWrappers(binDir) {
         `exec /opt/agenshield/bin/shield-client exec ${cmd} "$@"`,
         ""
       ].join("\n");
-      fs8.writeFileSync(wrapperPath, script, { mode: 493 });
+      fs9.writeFileSync(wrapperPath, script, { mode: 493 });
       installed++;
     } catch {
       console.warn(`[broker] cannot write wrapper for ${cmd}`);
@@ -2622,6 +2866,12 @@ async function main() {
   const commandAllowlist = new CommandAllowlist(
     "/opt/agenshield/config/allowed-commands.json"
   );
+  const secretResolver = new SecretResolver(
+    path7.join(
+      path7.dirname(config.configPath || "/opt/agenshield/config/shield.json"),
+      "synced-secrets.json"
+    )
+  );
   if (config.agentHome) {
     ensureProxiedCommandWrappers(path7.join(config.agentHome, "bin"));
   }
@@ -2630,6 +2880,7 @@ async function main() {
     policyEnforcer,
     auditLogger,
     secretVault,
+    secretResolver,
     commandAllowlist
   });
   await socketServer.start();
@@ -2645,9 +2896,29 @@ async function main() {
     await httpServer.start();
     console.log(`HTTP fallback server listening on ${config.httpHost}:${config.httpPort}`);
   }
+  try {
+    if (await isOpenClawInstalled()) {
+      console.log("OpenClaw LaunchDaemons detected, starting services...");
+      const clawResult = await startOpenClawServices();
+      if (clawResult.success) {
+        console.log("OpenClaw services started.");
+      } else {
+        console.warn(`OpenClaw start warning: ${clawResult.message}`);
+      }
+    }
+  } catch (err) {
+    console.warn("Warning: Failed to start OpenClaw services:", err);
+  }
   const shutdown = async (signal) => {
     console.log(`
 Received ${signal}, shutting down...`);
+    try {
+      if (await isOpenClawInstalled()) {
+        console.log("Stopping OpenClaw services...");
+        await stopOpenClawServices();
+      }
+    } catch {
+    }
     await socketServer.stop();
     if (httpServer) {
       await httpServer.stop();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenshield/broker",
-  "version": "0.6.1",
+  "version": "0.7.0",
   "type": "module",
   "description": "AgenShield broker daemon with Unix socket and HTTP fallback",
   "main": "./index.js",
@@ -24,7 +24,8 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@agenshield/ipc": "0.6.1"
+    "@agenshield/integrations": "0.7.0",
+    "@agenshield/ipc": "0.7.0"
   },
   "devDependencies": {
     "@types/node": "^24.0.0",

package/policies/command-allowlist.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"command-allowlist.d.ts","sourceRoot":"","sources":["../../src/policies/command-allowlist.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAiDD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,eAAe,CAA0C;IACjE,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,cAAc,CAAiB;gBAE3B,UAAU,EAAE,MAAM;IAK9B;;OAEG;IACH,IAAI,IAAI,IAAI;IAqBZ;;OAEG;IACH,OAAO,CAAC,WAAW;IAMnB;;OAEG;IACH,IAAI,IAAI,IAAI;IAcZ;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,cAAc,GAAG,IAAI;IAK9B;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAQ7B;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAI7C;;OAEG;IACH,IAAI,IAAI,KAAK,CAAC,cAAc,GAAG;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAsBpD;;OAEG;IACH,WAAW,IAAI,cAAc,EAAE;IAI/B;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIhC;;;;;OAKG;IACH,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CA0CxC"}
+{"version":3,"file":"command-allowlist.d.ts","sourceRoot":"","sources":["../../src/policies/command-allowlist.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAkDD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,eAAe,CAA0C;IACjE,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,cAAc,CAAiB;gBAE3B,UAAU,EAAE,MAAM;IAK9B;;OAEG;IACH,IAAI,IAAI,IAAI;IAqBZ;;OAEG;IACH,OAAO,CAAC,WAAW;IAMnB;;OAEG;IACH,IAAI,IAAI,IAAI;IAcZ;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,cAAc,GAAG,IAAI;IAK9B;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAQ7B;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAI7C;;OAEG;IACH,IAAI,IAAI,KAAK,CAAC,cAAc,GAAG;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAsBpD;;OAEG;IACH,WAAW,IAAI,cAAc,EAAE;IAI/B;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIhC;;;;;OAKG;IACH,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;CA0CxC"}

package/policies/enforcer.d.ts

@@ -53,6 +53,7 @@ export declare class PolicyEnforcer {
     private failOpen;
     private lastLoad;
     private reloadInterval;
+    private verbose;
     constructor(options: PolicyEnforcerOptions);
     /**
      * Normalize a policy rule — infer operations from target when missing,
@@ -75,6 +76,11 @@ export declare class PolicyEnforcer {
      * Extract target from operation params
      */
     private extractTarget;
+    /**
+     * Match a command target against a Claude Code-style command pattern.
+     * See matchCommandPattern in daemon rpc.ts for full semantics.
+     */
+    private matchCommandPattern;
     /**
      * Check if target matches any patterns
      */

package/policies/enforcer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"enforcer.d.ts","sourceRoot":"","sources":["../../src/policies/enforcer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,CAAC;IACtC,MAAM,EAAE,OAAO,GAAG,SAAS,GAAG,KAAK,CAAC;IACpC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;IAChC,KAAK,EAAE,UAAU,EAAE,CAAC;IACpB,aAAa,CAAC,EAAE;QACd,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,cAAc,EAAE,MAAM,EAAE,CAAC;KAC1B,CAAC;IACF,kBAAkB,CAAC,EAAE;QACnB,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,YAAY,EAAE,MAAM,EAAE,CAAC;KACxB,CAAC;CACH;AAED,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,YAAY,CAAC;IAC9B,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAe;IAC/B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAU;IAC1B,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,cAAc,CAAiB;gBAE3B,OAAO,EAAE,qBAAqB;IAQ1C;;;OAGG;IACH,OAAO,CAAC,aAAa;IAyBrB;;OAEG;IACH,OAAO,CAAC,YAAY;IA4CpB;;OAEG;IACH,OAAO,CAAC,WAAW;IAMnB;;OAEG;IACG,KAAK,CACT,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,iBAAiB,CAAC;IAgE7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAmBrB;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;OAEG;IACH,OAAO,CAAC,YAAY;IAapB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA8GxB;;OAEG;IACH,WAAW,IAAI,YAAY;IAK3B;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI;IAK/B;;OAEG;IACH,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;CAQhC"}
+{"version":3,"file":"enforcer.d.ts","sourceRoot":"","sources":["../../src/policies/enforcer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,CAAC;IACtC,MAAM,EAAE,OAAO,GAAG,SAAS,GAAG,KAAK,CAAC;IACpC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;IAChC,KAAK,EAAE,UAAU,EAAE,CAAC;IACpB,aAAa,CAAC,EAAE;QACd,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,cAAc,EAAE,MAAM,EAAE,CAAC;KAC1B,CAAC;IACF,kBAAkB,CAAC,EAAE;QACnB,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,YAAY,EAAE,MAAM,EAAE,CAAC;KACxB,CAAC;CACH;AAED,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,YAAY,CAAC;IAC9B,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAe;IAC/B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAU;IAC1B,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,OAAO,CAAuD;gBAE1D,OAAO,EAAE,qBAAqB;IAQ1C;;;OAGG;IACH,OAAO,CAAC,aAAa;IAyBrB;;OAEG;IACH,OAAO,CAAC,YAAY;IA4CpB;;OAEG;IACH,OAAO,CAAC,WAAW;IAMnB;;OAEG;IACG,KAAK,CACT,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,iBAAiB,CAAC;IAwE7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAmBrB;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IA+B3B;;OAEG;IACH,OAAO,CAAC,eAAe;IAUvB;;OAEG;IACH,OAAO,CAAC,YAAY;IAapB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA8GxB;;OAEG;IACH,WAAW,IAAI,YAAY;IAK3B;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI;IAK/B;;OAEG;IACH,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;CAQhC"}

package/secrets/resolver.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Secret Resolver
+ *
+ * Reads synced-secrets.json (written by the daemon) and resolves which
+ * secrets should be injected as environment variables for each exec operation.
+ *
+ * - Global secrets (policyIds=[]) are always injected
+ * - Policy-linked secrets are injected when the policy's patterns match
+ *   the command being executed
+ *
+ * Auto-reloads from disk every 30 seconds (same pattern as CommandAllowlist).
+ */
+export declare class SecretResolver {
+    private syncFilePath;
+    private synced;
+    private lastLoad;
+    private reloadInterval;
+    constructor(syncFilePath: string);
+    /** Load synced secrets from disk */
+    private load;
+    private maybeReload;
+    /**
+     * Get environment variables to inject for an exec operation.
+     * Returns global secrets + any secrets from policies whose patterns match.
+     */
+    getSecretsForExec(command: string, args: string[]): Record<string, string>;
+    /**
+     * Get names of secrets that would be injected (for audit logging — names only, never values).
+     */
+    getSecretNamesForExec(command: string, args: string[]): string[];
+    private normalizeUrlBase;
+    private normalizeUrlTarget;
+    private globToRegex;
+    private matchUrlPattern;
+    private matchCommandPattern;
+    private extractUrlFromArgs;
+}
+//# sourceMappingURL=resolver.d.ts.map

package/secrets/resolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolver.d.ts","sourceRoot":"","sources":["../../src/secrets/resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AA0CH,qBAAa,cAAc;IACzB,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,cAAc,CAAiB;gBAE3B,YAAY,EAAE,MAAM;IAKhC,oCAAoC;IACpC,OAAO,CAAC,IAAI;IAgBZ,OAAO,CAAC,WAAW;IAMnB;;;OAGG;IACH,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IA8B1E;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE;IAMhE,OAAO,CAAC,gBAAgB;IASxB,OAAO,CAAC,kBAAkB;IAc1B,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,eAAe;IAgBvB,OAAO,CAAC,mBAAmB;IAc3B,OAAO,CAAC,kBAAkB;CAa3B"}

package/server.d.ts

@@ -8,12 +8,14 @@ import type { BrokerConfig } from './types.js';
 import type { PolicyEnforcer } from './policies/enforcer.js';
 import type { AuditLogger } from './audit/logger.js';
 import type { SecretVault } from './secrets/vault.js';
+import type { SecretResolver } from './secrets/resolver.js';
 import type { CommandAllowlist } from './policies/command-allowlist.js';
 export interface UnixSocketServerOptions {
     config: BrokerConfig;
     policyEnforcer: PolicyEnforcer;
     auditLogger: AuditLogger;
     secretVault: SecretVault;
+    secretResolver?: SecretResolver;
     commandAllowlist: CommandAllowlist;
 }
 export declare class UnixSocketServer {
@@ -22,6 +24,7 @@ export declare class UnixSocketServer {
     private policyEnforcer;
     private auditLogger;
     private secretVault;
+    private secretResolver?;
     private commandAllowlist;
     private connections;
     constructor(options: UnixSocketServerOptions);

package/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EACV,YAAY,EAIb,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAIxE,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,WAAW,CAAC;IACzB,gBAAgB,EAAE,gBAAgB,CAAC;CACpC;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,WAAW,CAA8B;gBAErC,OAAO,EAAE,uBAAuB;IAQ5C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA4B5B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IA0B3B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA+BxB;;OAEG;YACW,cAAc;IAkH5B;;OAEG;IACH,OAAO,CAAC,UAAU;IA2BlB;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;IACH,OAAO,CAAC,aAAa;CAWtB"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EACV,YAAY,EAIb,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAIxE,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,WAAW,EAAE,WAAW,CAAC;IACzB,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,gBAAgB,EAAE,gBAAgB,CAAC;CACpC;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,WAAW,CAA8B;gBAErC,OAAO,EAAE,uBAAuB;IAS5C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA4B5B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IA0B3B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA+BxB;;OAEG;YACW,cAAc;IAiH5B;;OAEG;IACH,OAAO,CAAC,UAAU;IA2BlB;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;IACH,OAAO,CAAC,aAAa;CAWtB"}

package/types.d.ts

@@ -269,6 +269,8 @@ export interface SkillInstallResult {
     wrapperPath?: string;
     /** Number of files written */
     filesWritten: number;
+    /** Non-fatal warnings (e.g., chown failures in dev) */
+    warnings?: string[];
 }
 export interface SkillUninstallParams {
     /** Skill slug to uninstall */

package/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAc,aAAa,EAAqC,MAAM,iBAAiB,CAAC;AAEpG;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,uBAAuB;IACvB,UAAU,EAAE,MAAM,CAAC;IAEnB,uCAAuC;IACvC,WAAW,EAAE,OAAO,CAAC;IAErB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IAEjB,+CAA+C;IAC/C,QAAQ,EAAE,MAAM,CAAC;IAEjB,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IAEnB,iCAAiC;IACjC,YAAY,EAAE,MAAM,CAAC;IAErB,wBAAwB;IACxB,YAAY,EAAE,MAAM,CAAC;IAErB,gBAAgB;IAChB,QAAQ,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAE9C,iDAAiD;IACjD,QAAQ,EAAE,OAAO,CAAC;IAElB,sCAAsC;IACtC,UAAU,EAAE,MAAM,CAAC;IAEnB,wBAAwB;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;IAElB,oCAAoC;IACpC,OAAO,EAAE,QAAQ,GAAG,MAAM,CAAC;IAE3B,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,gDAAgD;IAChD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,2BAA2B;IAC3B,SAAS,EAAE,IAAI,CAAC;IAEhB,2BAA2B;IAC3B,MAAM,EAAE,YAAY,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa,CAAC,CAAC,GAAG,OAAO;IACxC,sCAAsC;IACtC,OAAO,EAAE,OAAO,CAAC;IAEjB,kCAAkC;IAClC,IAAI,CAAC,EAAE,CAAC,CAAC;IAET,oCAAoC;IACpC,KAAK,CAAC,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC;IAEF,qBAAqB;IACrB,KAAK,CAAC,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,sBAAsB;IACtB,EAAE,EAAE,MAAM,CAAC;IAEX,gBAAgB;IAChB,SAAS,EAAE,IAAI,CAAC;IAEhB,qBAAqB;IACrB,SAAS,EAAE,aAAa,CAAC;IAEzB,sBAAsB;IACtB,OAAO,EAAE,QAAQ,GAAG,MAAM,CAAC;IAE3B,qBAAqB;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IAEjB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,4CAA4C;IAC5C,MAAM,EAAE,MAAM,CAAC;IAEf,uBAAuB;IACvB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,OAAO,CAAC;IAEvC,8BAA8B;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IAEnB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IAEvB,6CAA6C;IAC7C,iBAAiB,EAAE,aAAa,EAAE,CAAC;IAEnC,wBAAwB;IACxB,SAAS,EAAE,IAAI,CAAC;IAEhB,8BAA8B;IAC9B,cAAc,CAAC,EAAE,IAAI,CAAC;IAEtB,mBAAmB;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,MAAM,GAAG,MAAM,CAAC;IACpB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,MAAM,GAAG,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,YAAY,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;IAC1E,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS,CAAC;QACvC,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;KACf,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,4DAA4D;IAC5D,IAAI,EAAE,MAAM,CAAC;IACb,oEAAoE;IACpE,OAAO,EAAE,MAAM,CAAC;IAChB,sDAAsD;IACtD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,wCAAwC;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,0CAA0C;IAC1C,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,KAAK,EAAE,gBAAgB,EAAE,CAAC;IAC1B,0DAA0D;IAC1D,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,mEAAmE;IACnE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kEAAkE;IAClE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,kBAAkB;IACjC,qCAAqC;IACrC,SAAS,EAAE,OAAO,CAAC;IACnB,wCAAwC;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8BAA8B;IAC9B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACnC,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,mEAAmE;IACnE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,uCAAuC;IACvC,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,uCAAuC;IACvC,WAAW,EAAE,OAAO,CAAC;IACrB,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,cAAc,EAAE,OAAO,CAAC;CACzB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAc,aAAa,EAAqC,MAAM,iBAAiB,CAAC;AAEpG;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,uBAAuB;IACvB,UAAU,EAAE,MAAM,CAAC;IAEnB,uCAAuC;IACvC,WAAW,EAAE,OAAO,CAAC;IAErB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IAEjB,+CAA+C;IAC/C,QAAQ,EAAE,MAAM,CAAC;IAEjB,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IAEnB,iCAAiC;IACjC,YAAY,EAAE,MAAM,CAAC;IAErB,wBAAwB;IACxB,YAAY,EAAE,MAAM,CAAC;IAErB,gBAAgB;IAChB,QAAQ,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAE9C,iDAAiD;IACjD,QAAQ,EAAE,OAAO,CAAC;IAElB,sCAAsC;IACtC,UAAU,EAAE,MAAM,CAAC;IAEnB,wBAAwB;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;IAElB,oCAAoC;IACpC,OAAO,EAAE,QAAQ,GAAG,MAAM,CAAC;IAE3B,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,gDAAgD;IAChD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,wBAAwB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,2BAA2B;IAC3B,SAAS,EAAE,IAAI,CAAC;IAEhB,2BAA2B;IAC3B,MAAM,EAAE,YAAY,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa,CAAC,CAAC,GAAG,OAAO;IACxC,sCAAsC;IACtC,OAAO,EAAE,OAAO,CAAC;IAEjB,kCAAkC;IAClC,IAAI,CAAC,EAAE,CAAC,CAAC;IAET,oCAAoC;IACpC,KAAK,CAAC,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC;IAEF,qBAAqB;IACrB,KAAK,CAAC,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,sBAAsB;IACtB,EAAE,EAAE,MAAM,CAAC;IAEX,gBAAgB;IAChB,SAAS,EAAE,IAAI,CAAC;IAEhB,qBAAqB;IACrB,SAAS,EAAE,aAAa,CAAC;IAEzB,sBAAsB;IACtB,OAAO,EAAE,QAAQ,GAAG,MAAM,CAAC;IAE3B,qBAAqB;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IAEjB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,4CAA4C;IAC5C,MAAM,EAAE,MAAM,CAAC;IAEf,uBAAuB;IACvB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,OAAO,CAAC;IAEvC,8BAA8B;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IAEnB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IAEvB,6CAA6C;IAC7C,iBAAiB,EAAE,aAAa,EAAE,CAAC;IAEnC,wBAAwB;IACxB,SAAS,EAAE,IAAI,CAAC;IAEhB,8BAA8B;IAC9B,cAAc,CAAC,EAAE,IAAI,CAAC;IAEtB,mBAAmB;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,MAAM,GAAG,MAAM,CAAC;IACpB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,KAAK,CAAC;IACf,EAAE,EAAE,MAAM,GAAG,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,YAAY,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;IAC1E,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS,CAAC;QACvC,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;KACf,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,4DAA4D;IAC5D,IAAI,EAAE,MAAM,CAAC;IACb,oEAAoE;IACpE,OAAO,EAAE,MAAM,CAAC;IAChB,sDAAsD;IACtD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,wCAAwC;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,0CAA0C;IAC1C,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,KAAK,EAAE,gBAAgB,EAAE,CAAC;IAC1B,0DAA0D;IAC1D,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,mEAAmE;IACnE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kEAAkE;IAClE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,kBAAkB;IACjC,qCAAqC;IACrC,SAAS,EAAE,OAAO,CAAC;IACnB,wCAAwC;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8BAA8B;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,uDAAuD;IACvD,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,oBAAoB;IACnC,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,mEAAmE;IACnE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,uCAAuC;IACvC,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,oBAAoB;IACnC,uCAAuC;IACvC,WAAW,EAAE,OAAO,CAAC;IACrB,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,cAAc,EAAE,OAAO,CAAC;CACzB"}