@agenshield/daemon 0.4.4 → 0.5.0

package/index.js

@@ -5422,6 +5422,20 @@ function mapSearchResult(result) {
 function isTextMime(mime) {
   return mime.startsWith("text/") || mime === "application/json" || mime === "text/yaml" || mime === "text/toml";
 }
+var IMAGE_EXT_MAP = {
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".svg": "image/svg+xml",
+  ".webp": "image/webp",
+  ".ico": "image/x-icon"
+};
+function isImageExt(filePath) {
+  const ext = filePath.slice(filePath.lastIndexOf(".")).toLowerCase();
+  return IMAGE_EXT_MAP[ext] ?? null;
+}
+var MAX_IMAGE_SIZE = 5e5;
 function getMarketplaceDir() {
   return path11.join(os4.homedir(), CONFIG_DIR2, MARKETPLACE_DIR);
 }
@@ -5444,9 +5458,19 @@ async function downloadAndExtractZip(slug) {
     const filename = zipPath.split("/").pop() || "";
     if (filename.startsWith(".")) continue;
     const mimeType = guessContentType(zipPath);
-    if (!isTextMime(mimeType)) continue;
-    const content = await zipEntry.async("text");
-    files.push({ name: zipPath, type: mimeType, content });
+    if (isTextMime(mimeType)) {
+      const content = await zipEntry.async("text");
+      files.push({ name: zipPath, type: mimeType, content });
+      continue;
+    }
+    const imageMime = isImageExt(zipPath);
+    if (imageMime) {
+      const buf = await zipEntry.async("nodebuffer");
+      if (buf.length <= MAX_IMAGE_SIZE) {
+        const dataUri = `data:${imageMime};base64,${buf.toString("base64")}`;
+        files.push({ name: zipPath, type: imageMime, content: dataUri });
+      }
+    }
   }
   return files;
 }
@@ -5528,6 +5552,34 @@ function getDownloadedSkillMeta(slug) {
   }
   return null;
 }
+function inlineImagesInMarkdown(markdown, files) {
+  const imageMap = /* @__PURE__ */ new Map();
+  for (const file of files) {
+    const mime = isImageExt(file.name);
+    if (mime && file.content.startsWith("data:")) {
+      imageMap.set(file.name, file.content);
+      const basename2 = file.name.split("/").pop() ?? "";
+      if (basename2 && !imageMap.has(basename2)) {
+        imageMap.set(basename2, file.content);
+      }
+    }
+  }
+  if (imageMap.size === 0) return markdown;
+  return markdown.replace(
+    /!\[([^\]]*)\]\(([^)]+)\)/g,
+    (_match, alt, src) => {
+      if (src.startsWith("http://") || src.startsWith("https://") || src.startsWith("data:")) {
+        return _match;
+      }
+      const normalized = src.replace(/^\.\//, "");
+      const dataUri = imageMap.get(src) ?? imageMap.get(normalized) ?? imageMap.get(normalized.split("/").pop() ?? "");
+      if (dataUri) {
+        return `![${alt}](${dataUri})`;
+      }
+      return _match;
+    }
+  );
+}
 async function searchMarketplace(query) {
   const cacheKey = `search:${query}`;
   const cached = getCached(cacheKey);
@@ -5612,6 +5664,9 @@ async function getMarketplaceSkill(slug) {
     }
   }
   const tags = tagsFromRecord(skill.tags);
+  if (readme && files.length > 0) {
+    readme = inlineImagesInMarkdown(readme, files);
+  }
   const mapped = {
     name: skill.displayName,
     slug: skill.slug,
@@ -5749,127 +5804,484 @@ async function getCachedAnalysis2(skillName, publisher) {
   };
 }
 
-// libs/shield-daemon/src/routes/skills.ts
-function readSkillDescription(skillDir) {
-  try {
-    const skillMdPath = path12.join(skillDir, "SKILL.md");
-    if (!fs13.existsSync(skillMdPath)) return void 0;
-    const content = fs13.readFileSync(skillMdPath, "utf-8");
-    const parsed = parseSkillMd(content);
-    return parsed?.metadata?.description ?? void 0;
-  } catch {
-    return void 0;
+// libs/shield-broker/dist/index.js
+import { exec } from "node:child_process";
+import { promisify } from "node:util";
+import * as net2 from "node:net";
+import { randomUUID as randomUUID3 } from "node:crypto";
+var MAX_OUTPUT_SIZE = 10 * 1024 * 1024;
+var execAsync = promisify(exec);
+var BrokerClient = class {
+  socketPath;
+  httpHost;
+  httpPort;
+  timeout;
+  preferSocket;
+  constructor(options = {}) {
+    this.socketPath = options.socketPath || "/var/run/agenshield/agenshield.sock";
+    this.httpHost = options.httpHost || "localhost";
+    this.httpPort = options.httpPort || 5201;
+    this.timeout = options.timeout || 3e4;
+    this.preferSocket = options.preferSocket ?? true;
   }
-}
-async function skillsRoutes(app) {
-  app.get("/skills", async (_request, reply) => {
-    const approved = listApproved();
-    const quarantined = listQuarantined();
-    const downloaded = listDownloadedSkills();
-    const skillsDir2 = getSkillsDir();
-    const approvedNames = new Set(approved.map((a) => a.name));
-    const availableDownloads = downloaded.filter((d) => !approvedNames.has(d.slug));
-    const quarantinedNames = new Set(quarantined.map((q) => q.name));
-    let onDiskNames = [];
-    if (skillsDir2) {
-      try {
-        onDiskNames = fs13.readdirSync(skillsDir2, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name);
-      } catch {
-      }
+  /**
+   * Make an HTTP request through the broker
+   */
+  async httpRequest(params, options) {
+    return this.request("http_request", params, options);
+  }
+  /**
+   * Read a file through the broker
+   */
+  async fileRead(params, options) {
+    return this.request("file_read", params, options);
+  }
+  /**
+   * Write a file through the broker
+   */
+  async fileWrite(params, options) {
+    return this.request("file_write", params, {
+      ...options,
+      channel: "socket"
+      // file_write only allowed via socket
+    });
+  }
+  /**
+   * List files through the broker
+   */
+  async fileList(params, options) {
+    return this.request("file_list", params, options);
+  }
+  /**
+   * Execute a command through the broker
+   */
+  async exec(params, options) {
+    return this.request("exec", params, {
+      ...options,
+      channel: "socket"
+      // exec only allowed via socket
+    });
+  }
+  /**
+   * Open a URL through the broker
+   */
+  async openUrl(params, options) {
+    return this.request("open_url", params, options);
+  }
+  /**
+   * Inject a secret through the broker
+   */
+  async secretInject(params, options) {
+    return this.request("secret_inject", params, {
+      ...options,
+      channel: "socket"
+      // secret_inject only allowed via socket
+    });
+  }
+  /**
+   * Ping the broker
+   */
+  async ping(echo, options) {
+    return this.request("ping", { echo }, options);
+  }
+  /**
+   * Install a skill through the broker
+   * Socket-only operation due to privileged file operations
+   */
+  async skillInstall(params, options) {
+    return this.request("skill_install", params, {
+      ...options,
+      channel: "socket"
+      // skill_install only allowed via socket
+    });
+  }
+  /**
+   * Uninstall a skill through the broker
+   * Socket-only operation due to privileged file operations
+   */
+  async skillUninstall(params, options) {
+    return this.request("skill_uninstall", params, {
+      ...options,
+      channel: "socket"
+      // skill_uninstall only allowed via socket
+    });
+  }
+  /**
+   * Check if the broker is available
+   */
+  async isAvailable() {
+    try {
+      await this.ping();
+      return true;
+    } catch {
+      return false;
     }
-    const workspaceNames = onDiskNames.filter(
-      (n) => !approvedNames.has(n) && !quarantinedNames.has(n)
-    );
-    const data = [
-      // Approved → active (with descriptions from SKILL.md)
-      ...approved.map((a) => ({
-        name: a.name,
-        source: "user",
-        status: "active",
-        path: path12.join(skillsDir2 ?? "", a.name),
-        publisher: a.publisher,
-        description: skillsDir2 ? readSkillDescription(path12.join(skillsDir2, a.name)) : void 0
-      })),
-      // Quarantined
-      ...quarantined.map((q) => ({
-        name: q.name,
-        source: "quarantine",
-        status: "quarantined",
-        path: q.originalPath,
-        description: void 0
-      })),
-      // Workspace: on disk but not approved or quarantined
-      ...workspaceNames.map((name) => ({
-        name,
-        source: "workspace",
-        status: "workspace",
-        path: path12.join(skillsDir2 ?? "", name),
-        description: skillsDir2 ? readSkillDescription(path12.join(skillsDir2, name)) : void 0
-      })),
-      // Downloaded (not installed) → available
-      ...availableDownloads.map((d) => ({
-        name: d.slug,
-        source: "marketplace",
-        status: "downloaded",
-        description: d.description,
-        path: "",
-        publisher: d.author
-      }))
-    ];
-    return reply.send({ data });
-  });
-  app.get("/skills/quarantined", async (_request, reply) => {
-    const quarantined = listQuarantined();
-    return reply.send({ quarantined });
-  });
-  app.get(
-    "/skills/:name",
-    async (request, reply) => {
-      const { name } = request.params;
-      if (!name || typeof name !== "string") {
-        return reply.code(400).send({ error: "Skill name is required" });
-      }
-      const analysis = getCachedAnalysis(name);
-      const approved = listApproved();
-      const entry = approved.find((s) => s.name === name);
-      return reply.send({
-        success: true,
-        data: {
-          name,
-          analysis: analysis ?? null,
-          publisher: entry?.publisher ?? null
+  }
+  /**
+   * Make a request to the broker
+   */
+  async request(method, params, options) {
+    const channel = options?.channel || (this.preferSocket ? "socket" : "http");
+    const timeout = options?.timeout || this.timeout;
+    if (channel === "socket") {
+      try {
+        return await this.socketRequest(method, params, timeout);
+      } catch (error) {
+        if (!options?.channel) {
+          return await this.httpRequest_internal(method, params, timeout);
         }
-      });
-    }
-  );
-  app.post(
-    "/skills/:name/analyze",
-    async (request, reply) => {
-      const { name } = request.params;
-      const { content, metadata } = request.body ?? {};
-      if (!name || typeof name !== "string") {
-        return reply.code(400).send({ error: "Skill name is required" });
-      }
-      clearCachedAnalysis(name);
-      if (content) {
-        const analysis = analyzeSkill(name, content, metadata);
-        return reply.send({ success: true, data: { analysis } });
+        throw error;
       }
-      return reply.send({
-        success: true,
-        data: {
-          analysis: {
-            status: "pending",
-            analyzerId: "agenshield",
-            commands: []
-          }
-        }
-      });
+    } else {
+      return await this.httpRequest_internal(method, params, timeout);
     }
-  );
-  app.post(
-    "/skills/:name/approve",
-    async (request, reply) => {
+  }
+  /**
+   * Make a request via Unix socket
+   */
+  async socketRequest(method, params, timeout) {
+    return new Promise((resolve3, reject) => {
+      const socket = net2.createConnection(this.socketPath);
+      const id = randomUUID3();
+      let responseData = "";
+      let timeoutId;
+      socket.on("connect", () => {
+        const request = {
+          jsonrpc: "2.0",
+          id,
+          method,
+          params
+        };
+        socket.write(JSON.stringify(request) + "\n");
+        timeoutId = setTimeout(() => {
+          socket.destroy();
+          reject(new Error("Request timeout"));
+        }, timeout);
+      });
+      socket.on("data", (data) => {
+        responseData += data.toString();
+        const newlineIndex = responseData.indexOf("\n");
+        if (newlineIndex !== -1) {
+          clearTimeout(timeoutId);
+          socket.end();
+          try {
+            const response = JSON.parse(
+              responseData.slice(0, newlineIndex)
+            );
+            if (response.error) {
+              const error = new Error(response.error.message);
+              error.code = response.error.code;
+              reject(error);
+            } else {
+              resolve3(response.result);
+            }
+          } catch (error) {
+            reject(new Error("Invalid response from broker"));
+          }
+        }
+      });
+      socket.on("error", (error) => {
+        clearTimeout(timeoutId);
+        reject(error);
+      });
+    });
+  }
+  /**
+   * Make a request via HTTP
+   */
+  async httpRequest_internal(method, params, timeout) {
+    const url = `http://${this.httpHost}:${this.httpPort}/rpc`;
+    const id = randomUUID3();
+    const request = {
+      jsonrpc: "2.0",
+      id,
+      method,
+      params
+    };
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(request),
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      if (!response.ok) {
+        throw new Error(`HTTP error: ${response.status}`);
+      }
+      const jsonResponse = await response.json();
+      if (jsonResponse.error) {
+        const error = new Error(jsonResponse.error.message);
+        error.code = jsonResponse.error.code;
+        throw error;
+      }
+      return jsonResponse.result;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error.name === "AbortError") {
+        throw new Error("Request timeout");
+      }
+      throw error;
+    }
+  }
+};
+
+// libs/shield-daemon/src/services/broker-bridge.ts
+var brokerClient = null;
+function getBrokerClient() {
+  if (!brokerClient) {
+    brokerClient = new BrokerClient({
+      socketPath: process.env["AGENSHIELD_SOCKET"] || "/var/run/agenshield/agenshield.sock",
+      httpHost: "localhost",
+      httpPort: 5201,
+      // Broker uses 5201, daemon uses 5200
+      timeout: 6e4,
+      // 60s timeout for file operations
+      preferSocket: true
+    });
+  }
+  return brokerClient;
+}
+async function isBrokerAvailable() {
+  try {
+    const client = getBrokerClient();
+    return await client.isAvailable();
+  } catch {
+    return false;
+  }
+}
+async function installSkillViaBroker(slug, files, options = {}) {
+  const client = getBrokerClient();
+  const brokerFiles = files.map((file) => ({
+    name: file.name,
+    content: file.content,
+    base64: false
+  }));
+  const result = await client.skillInstall({
+    slug,
+    files: brokerFiles,
+    createWrapper: options.createWrapper ?? true,
+    agentHome: options.agentHome,
+    socketGroup: options.socketGroup
+  });
+  return result;
+}
+async function uninstallSkillViaBroker(slug, options = {}) {
+  const client = getBrokerClient();
+  const result = await client.skillUninstall({
+    slug,
+    removeWrapper: options.removeWrapper ?? true,
+    agentHome: options.agentHome
+  });
+  return result;
+}
+
+// libs/shield-daemon/src/routes/skills.ts
+function findSkillMdRecursive(dir, depth = 0) {
+  if (depth > 3) return null;
+  try {
+    for (const name of ["SKILL.md", "skill.md", "README.md", "readme.md"]) {
+      const candidate = path12.join(dir, name);
+      if (fs13.existsSync(candidate)) return candidate;
+    }
+    const entries = fs13.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (!entry.isDirectory()) continue;
+      const found = findSkillMdRecursive(path12.join(dir, entry.name), depth + 1);
+      if (found) return found;
+    }
+  } catch {
+  }
+  return null;
+}
+function readSkillDescription(skillDir) {
+  try {
+    const mdPath = findSkillMdRecursive(skillDir);
+    if (!mdPath) return void 0;
+    const content = fs13.readFileSync(mdPath, "utf-8");
+    const parsed = parseSkillMd(content);
+    return parsed?.metadata?.description ?? void 0;
+  } catch {
+    return void 0;
+  }
+}
+async function skillsRoutes(app) {
+  app.get("/skills", async (_request, reply) => {
+    const approved = listApproved();
+    const quarantined = listQuarantined();
+    const downloaded = listDownloadedSkills();
+    const skillsDir2 = getSkillsDir();
+    const approvedNames = new Set(approved.map((a) => a.name));
+    const availableDownloads = downloaded.filter((d) => !approvedNames.has(d.slug));
+    const quarantinedNames = new Set(quarantined.map((q) => q.name));
+    let onDiskNames = [];
+    if (skillsDir2) {
+      try {
+        onDiskNames = fs13.readdirSync(skillsDir2, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name);
+      } catch {
+      }
+    }
+    const workspaceNames = onDiskNames.filter(
+      (n) => !approvedNames.has(n) && !quarantinedNames.has(n)
+    );
+    const data = [
+      // Approved → active (with descriptions from SKILL.md)
+      ...approved.map((a) => ({
+        name: a.name,
+        source: "user",
+        status: "active",
+        path: path12.join(skillsDir2 ?? "", a.name),
+        publisher: a.publisher,
+        description: skillsDir2 ? readSkillDescription(path12.join(skillsDir2, a.name)) : void 0
+      })),
+      // Quarantined
+      ...quarantined.map((q) => ({
+        name: q.name,
+        source: "quarantine",
+        status: "quarantined",
+        path: q.originalPath,
+        description: void 0
+      })),
+      // Workspace: on disk but not approved or quarantined
+      ...workspaceNames.map((name) => ({
+        name,
+        source: "workspace",
+        status: "workspace",
+        path: path12.join(skillsDir2 ?? "", name),
+        description: skillsDir2 ? readSkillDescription(path12.join(skillsDir2, name)) : void 0
+      })),
+      // Downloaded (not installed) → available
+      ...availableDownloads.map((d) => ({
+        name: d.slug,
+        source: "marketplace",
+        status: "downloaded",
+        description: d.description,
+        path: "",
+        publisher: d.author
+      }))
+    ];
+    return reply.send({ data });
+  });
+  app.get("/skills/quarantined", async (_request, reply) => {
+    const quarantined = listQuarantined();
+    return reply.send({ quarantined });
+  });
+  app.get(
+    "/skills/:name",
+    async (request, reply) => {
+      const { name } = request.params;
+      if (!name || typeof name !== "string") {
+        return reply.code(400).send({ error: "Skill name is required" });
+      }
+      const analysis = getCachedAnalysis(name);
+      const approved = listApproved();
+      const quarantined = listQuarantined();
+      const entry = approved.find((s) => s.name === name);
+      const qEntry = quarantined.find((q) => q.name === name);
+      const skillsDir2 = getSkillsDir();
+      let source = "user";
+      let status = "active";
+      let skillPath = "";
+      if (qEntry) {
+        source = "quarantine";
+        status = "quarantined";
+        skillPath = qEntry.originalPath;
+      } else if (entry) {
+        source = "user";
+        status = "active";
+        skillPath = skillsDir2 ? path12.join(skillsDir2, name) : "";
+      } else if (skillsDir2) {
+        source = "workspace";
+        status = "workspace";
+        skillPath = path12.join(skillsDir2, name);
+      }
+      let content = "";
+      let metadata;
+      const dirToRead = skillPath || (skillsDir2 ? path12.join(skillsDir2, name) : "");
+      if (dirToRead) {
+        try {
+          const mdPath = findSkillMdRecursive(dirToRead);
+          if (mdPath) {
+            content = fs13.readFileSync(mdPath, "utf-8");
+            const parsed = parseSkillMd(content);
+            metadata = parsed?.metadata;
+          }
+        } catch {
+        }
+      }
+      if (!content) {
+        try {
+          const localMeta = getDownloadedSkillMeta(name);
+          if (localMeta) {
+            const localFiles = getDownloadedSkillFiles(name);
+            const readmeFile = localFiles.find((f) => /readme|skill\.md/i.test(f.name));
+            if (readmeFile?.content) {
+              content = readmeFile.content;
+              if (!metadata) {
+                const parsed = parseSkillMd(content);
+                metadata = parsed?.metadata;
+              }
+            }
+          }
+        } catch {
+        }
+      }
+      const description = dirToRead ? readSkillDescription(dirToRead) : void 0;
+      if (content) {
+        try {
+          const cachedFiles = getDownloadedSkillFiles(name);
+          if (cachedFiles.length > 0) {
+            content = inlineImagesInMarkdown(content, cachedFiles);
+          }
+        } catch {
+        }
+      }
+      return reply.send({
+        success: true,
+        data: {
+          name,
+          source,
+          status,
+          path: skillPath,
+          description,
+          content,
+          metadata: metadata ?? null,
+          analysis: analysis ?? null,
+          publisher: entry?.publisher ?? null
+        }
+      });
+    }
+  );
+  app.post(
+    "/skills/:name/analyze",
+    async (request, reply) => {
+      const { name } = request.params;
+      const { content, metadata } = request.body ?? {};
+      if (!name || typeof name !== "string") {
+        return reply.code(400).send({ error: "Skill name is required" });
+      }
+      clearCachedAnalysis(name);
+      if (content) {
+        const analysis = analyzeSkill(name, content, metadata);
+        return reply.send({ success: true, data: { analysis } });
+      }
+      return reply.send({
+        success: true,
+        data: {
+          analysis: {
+            status: "pending",
+            analyzerId: "agenshield",
+            commands: []
+          }
+        }
+      });
+    }
+  );
+  app.post(
+    "/skills/:name/approve",
+    async (request, reply) => {
       const { name } = request.params;
       if (!name || typeof name !== "string") {
         return reply.code(400).send({ error: "Skill name is required" });
@@ -5927,8 +6339,16 @@ async function skillsRoutes(app) {
       const isInstalled = fs13.existsSync(skillDir);
       if (isInstalled) {
         try {
-          fs13.rmSync(skillDir, { recursive: true, force: true });
-          removeSkillWrapper(name, binDir);
+          const brokerAvailable = await isBrokerAvailable();
+          if (brokerAvailable) {
+            await uninstallSkillViaBroker(name, {
+              removeWrapper: true,
+              agentHome
+            });
+          } else {
+            fs13.rmSync(skillDir, { recursive: true, force: true });
+            removeSkillWrapper(name, binDir);
+          }
           removeSkillEntry(name);
           removeSkillPolicy(name);
           removeFromApprovedList(name);
@@ -5949,18 +6369,30 @@ async function skillsRoutes(app) {
         }
         try {
           addToApprovedList(name, meta.author);
-          fs13.mkdirSync(skillDir, { recursive: true });
-          for (const file of files) {
-            const filePath = path12.join(skillDir, file.name);
-            fs13.mkdirSync(path12.dirname(filePath), { recursive: true });
-            fs13.writeFileSync(filePath, file.content, "utf-8");
-          }
-          try {
-            execSync8(`chown -R root:${socketGroup} "${skillDir}"`, { stdio: "pipe" });
-            execSync8(`chmod -R a+rX,go-w "${skillDir}"`, { stdio: "pipe" });
-          } catch {
+          const brokerAvailable = await isBrokerAvailable();
+          if (brokerAvailable) {
+            const brokerResult = await installSkillViaBroker(
+              name,
+              files.map((f) => ({ name: f.name, content: f.content })),
+              { createWrapper: true, agentHome, socketGroup }
+            );
+            if (!brokerResult.installed) {
+              throw new Error("Broker failed to install skill files");
+            }
+          } else {
+            fs13.mkdirSync(skillDir, { recursive: true });
+            for (const file of files) {
+              const filePath = path12.join(skillDir, file.name);
+              fs13.mkdirSync(path12.dirname(filePath), { recursive: true });
+              fs13.writeFileSync(filePath, file.content, "utf-8");
+            }
+            try {
+              execSync8(`chown -R root:${socketGroup} "${skillDir}"`, { stdio: "pipe" });
+              execSync8(`chmod -R a+rX,go-w "${skillDir}"`, { stdio: "pipe" });
+            } catch {
+            }
+            createSkillWrapper(name, binDir);
           }
-          createSkillWrapper(name, binDir);
           addSkillEntry(name);
           addSkillPolicy(name);
           console.log(`[Skills] Enabled marketplace skill: ${name}`);
@@ -6403,47 +6835,21 @@ async function authRoutes(app) {
   );
   app.post(
     "/auth/enable",
-    async (request, reply) => {
-      const passcodeSet = await isPasscodeSet();
-      if (!passcodeSet) {
-        reply.code(400);
-        return {
-          success: false,
-          error: "Passcode not configured. Use /auth/setup first."
-        };
-      }
-      setProtectionEnabled(true);
-      return { success: true };
-    }
-  );
-  app.post(
-    "/auth/disable",
-    async (request, reply) => {
-      if (!isRunningAsRoot()) {
-        const token = extractToken(request);
-        if (!token) {
-          reply.code(401);
-          return {
-            success: false,
-            error: "Authentication required to disable protection"
-          };
-        }
-        const sessionManager = getSessionManager();
-        const session = sessionManager.validateSession(token);
-        if (!session) {
-          reply.code(401);
-          return {
-            success: false,
-            error: "Invalid or expired token"
-          };
-        }
+    async (request, reply) => {
+      const passcodeSet = await isPasscodeSet();
+      if (!passcodeSet) {
+        reply.code(400);
+        return {
+          success: false,
+          error: "Passcode not configured. Use /auth/setup first."
+        };
       }
-      setProtectionEnabled(false);
+      setProtectionEnabled(true);
       return { success: true };
     }
   );
   app.post(
-    "/auth/anonymous-readonly",
+    "/auth/disable",
     async (request, reply) => {
       if (!isRunningAsRoot()) {
         const token = extractToken(request);
@@ -6451,391 +6857,150 @@ async function authRoutes(app) {
           reply.code(401);
           return {
             success: false,
-            error: "Authentication required to change anonymous access"
-          };
-        }
-        const sessionManager = getSessionManager();
-        const session = sessionManager.validateSession(token);
-        if (!session) {
-          reply.code(401);
-          return {
-            success: false,
-            error: "Invalid or expired token"
+            error: "Authentication required to disable protection"
+          };
+        }
+        const sessionManager = getSessionManager();
+        const session = sessionManager.validateSession(token);
+        if (!session) {
+          reply.code(401);
+          return {
+            success: false,
+            error: "Invalid or expired token"
           };
         }
       }
-      const { allowed } = request.body;
-      if (typeof allowed !== "boolean") {
-        reply.code(400);
-        return {
-          success: false,
-          error: 'Invalid request: "allowed" must be a boolean'
-        };
-      }
-      setAnonymousReadOnly(allowed);
-      return { success: true, allowAnonymousReadOnly: allowed };
-    }
-  );
-}
-
-// libs/shield-daemon/src/routes/secrets.ts
-import { isSecretEnvVar } from "@agenshield/sandbox";
-import crypto4 from "node:crypto";
-function maskValue(value) {
-  if (value.length <= 4) return "\u2022\u2022\u2022\u2022\u2022\u2022\u2022\u2022";
-  return "\u2022\u2022\u2022\u2022\u2022\u2022\u2022\u2022" + value.slice(-4);
-}
-function toMasked(secret) {
-  return {
-    id: secret.id,
-    name: secret.name,
-    policyIds: secret.policyIds,
-    maskedValue: maskValue(secret.value),
-    createdAt: secret.createdAt
-  };
-}
-async function secretsRoutes(app) {
-  app.get("/secrets", async () => {
-    const vault = getVault();
-    const secrets = await vault.get("secrets") ?? [];
-    return { data: secrets.map(toMasked) };
-  });
-  app.get("/secrets/env", async () => {
-    const names = /* @__PURE__ */ new Set();
-    for (const key of Object.keys(process.env)) {
-      if (process.env[key] && isSecretEnvVar(key)) {
-        names.add(key);
-      }
-    }
-    const userSecrets = process.env["AGENSHIELD_USER_SECRETS"];
-    if (userSecrets) {
-      for (const name of userSecrets.split(",").filter(Boolean)) {
-        names.add(name);
-      }
-    }
-    return { data: Array.from(names).sort((a, b) => a.localeCompare(b)) };
-  });
-  app.post(
-    "/secrets",
-    async (request) => {
-      const { name, value, policyIds } = request.body;
-      if (!name?.trim() || !value?.trim()) {
-        return { success: false, error: "Name and value are required" };
-      }
-      const vault = getVault();
-      const secrets = await vault.get("secrets") ?? [];
-      const newSecret = {
-        id: crypto4.randomUUID(),
-        name: name.trim(),
-        value,
-        policyIds: policyIds ?? [],
-        createdAt: (/* @__PURE__ */ new Date()).toISOString()
-      };
-      secrets.push(newSecret);
-      await vault.set("secrets", secrets);
-      return { data: toMasked(newSecret) };
-    }
-  );
-  app.patch(
-    "/secrets/:id",
-    async (request) => {
-      const { id } = request.params;
-      const { policyIds } = request.body;
-      const vault = getVault();
-      const secrets = await vault.get("secrets") ?? [];
-      const idx = secrets.findIndex((s) => s.id === id);
-      if (idx === -1) return { success: false, error: "Secret not found" };
-      secrets[idx].policyIds = policyIds ?? [];
-      await vault.set("secrets", secrets);
-      return { data: toMasked(secrets[idx]) };
-    }
-  );
-  app.delete(
-    "/secrets/:id",
-    async (request) => {
-      const { id } = request.params;
-      const vault = getVault();
-      const secrets = await vault.get("secrets") ?? [];
-      const filtered = secrets.filter((s) => s.id !== id);
-      if (filtered.length === secrets.length) {
-        return { success: false, error: "Secret not found" };
-      }
-      await vault.set("secrets", filtered);
-      return { deleted: true };
-    }
-  );
-}
-
-// libs/shield-daemon/src/routes/marketplace.ts
-import * as fs15 from "node:fs";
-import * as path14 from "node:path";
-
-// libs/shield-broker/dist/index.js
-import { exec } from "node:child_process";
-import { promisify } from "node:util";
-import * as net2 from "node:net";
-import { randomUUID as randomUUID3 } from "node:crypto";
-var MAX_OUTPUT_SIZE = 10 * 1024 * 1024;
-var execAsync = promisify(exec);
-var BrokerClient = class {
-  socketPath;
-  httpHost;
-  httpPort;
-  timeout;
-  preferSocket;
-  constructor(options = {}) {
-    this.socketPath = options.socketPath || "/var/run/agenshield/agenshield.sock";
-    this.httpHost = options.httpHost || "localhost";
-    this.httpPort = options.httpPort || 5201;
-    this.timeout = options.timeout || 3e4;
-    this.preferSocket = options.preferSocket ?? true;
-  }
-  /**
-   * Make an HTTP request through the broker
-   */
-  async httpRequest(params, options) {
-    return this.request("http_request", params, options);
-  }
-  /**
-   * Read a file through the broker
-   */
-  async fileRead(params, options) {
-    return this.request("file_read", params, options);
-  }
-  /**
-   * Write a file through the broker
-   */
-  async fileWrite(params, options) {
-    return this.request("file_write", params, {
-      ...options,
-      channel: "socket"
-      // file_write only allowed via socket
-    });
-  }
-  /**
-   * List files through the broker
-   */
-  async fileList(params, options) {
-    return this.request("file_list", params, options);
-  }
-  /**
-   * Execute a command through the broker
-   */
-  async exec(params, options) {
-    return this.request("exec", params, {
-      ...options,
-      channel: "socket"
-      // exec only allowed via socket
-    });
-  }
-  /**
-   * Open a URL through the broker
-   */
-  async openUrl(params, options) {
-    return this.request("open_url", params, options);
-  }
-  /**
-   * Inject a secret through the broker
-   */
-  async secretInject(params, options) {
-    return this.request("secret_inject", params, {
-      ...options,
-      channel: "socket"
-      // secret_inject only allowed via socket
-    });
-  }
-  /**
-   * Ping the broker
-   */
-  async ping(echo, options) {
-    return this.request("ping", { echo }, options);
-  }
-  /**
-   * Install a skill through the broker
-   * Socket-only operation due to privileged file operations
-   */
-  async skillInstall(params, options) {
-    return this.request("skill_install", params, {
-      ...options,
-      channel: "socket"
-      // skill_install only allowed via socket
-    });
-  }
-  /**
-   * Uninstall a skill through the broker
-   * Socket-only operation due to privileged file operations
-   */
-  async skillUninstall(params, options) {
-    return this.request("skill_uninstall", params, {
-      ...options,
-      channel: "socket"
-      // skill_uninstall only allowed via socket
-    });
-  }
-  /**
-   * Check if the broker is available
-   */
-  async isAvailable() {
-    try {
-      await this.ping();
-      return true;
-    } catch {
-      return false;
-    }
-  }
-  /**
-   * Make a request to the broker
-   */
-  async request(method, params, options) {
-    const channel = options?.channel || (this.preferSocket ? "socket" : "http");
-    const timeout = options?.timeout || this.timeout;
-    if (channel === "socket") {
-      try {
-        return await this.socketRequest(method, params, timeout);
-      } catch (error) {
-        if (!options?.channel) {
-          return await this.httpRequest_internal(method, params, timeout);
-        }
-        throw error;
-      }
-    } else {
-      return await this.httpRequest_internal(method, params, timeout);
+      setProtectionEnabled(false);
+      return { success: true };
     }
-  }
-  /**
-   * Make a request via Unix socket
-   */
-  async socketRequest(method, params, timeout) {
-    return new Promise((resolve3, reject) => {
-      const socket = net2.createConnection(this.socketPath);
-      const id = randomUUID3();
-      let responseData = "";
-      let timeoutId;
-      socket.on("connect", () => {
-        const request = {
-          jsonrpc: "2.0",
-          id,
-          method,
-          params
-        };
-        socket.write(JSON.stringify(request) + "\n");
-        timeoutId = setTimeout(() => {
-          socket.destroy();
-          reject(new Error("Request timeout"));
-        }, timeout);
-      });
-      socket.on("data", (data) => {
-        responseData += data.toString();
-        const newlineIndex = responseData.indexOf("\n");
-        if (newlineIndex !== -1) {
-          clearTimeout(timeoutId);
-          socket.end();
-          try {
-            const response = JSON.parse(
-              responseData.slice(0, newlineIndex)
-            );
-            if (response.error) {
-              const error = new Error(response.error.message);
-              error.code = response.error.code;
-              reject(error);
-            } else {
-              resolve3(response.result);
-            }
-          } catch (error) {
-            reject(new Error("Invalid response from broker"));
-          }
+  );
+  app.post(
+    "/auth/anonymous-readonly",
+    async (request, reply) => {
+      if (!isRunningAsRoot()) {
+        const token = extractToken(request);
+        if (!token) {
+          reply.code(401);
+          return {
+            success: false,
+            error: "Authentication required to change anonymous access"
+          };
+        }
+        const sessionManager = getSessionManager();
+        const session = sessionManager.validateSession(token);
+        if (!session) {
+          reply.code(401);
+          return {
+            success: false,
+            error: "Invalid or expired token"
+          };
         }
-      });
-      socket.on("error", (error) => {
-        clearTimeout(timeoutId);
-        reject(error);
-      });
-    });
-  }
-  /**
-   * Make a request via HTTP
-   */
-  async httpRequest_internal(method, params, timeout) {
-    const url = `http://${this.httpHost}:${this.httpPort}/rpc`;
-    const id = randomUUID3();
-    const request = {
-      jsonrpc: "2.0",
-      id,
-      method,
-      params
-    };
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), timeout);
-    try {
-      const response = await fetch(url, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify(request),
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
-      if (!response.ok) {
-        throw new Error(`HTTP error: ${response.status}`);
-      }
-      const jsonResponse = await response.json();
-      if (jsonResponse.error) {
-        const error = new Error(jsonResponse.error.message);
-        error.code = jsonResponse.error.code;
-        throw error;
       }
-      return jsonResponse.result;
-    } catch (error) {
-      clearTimeout(timeoutId);
-      if (error.name === "AbortError") {
-        throw new Error("Request timeout");
+      const { allowed } = request.body;
+      if (typeof allowed !== "boolean") {
+        reply.code(400);
+        return {
+          success: false,
+          error: 'Invalid request: "allowed" must be a boolean'
+        };
       }
-      throw error;
+      setAnonymousReadOnly(allowed);
+      return { success: true, allowAnonymousReadOnly: allowed };
     }
-  }
-};
+  );
+}
 
-// libs/shield-daemon/src/services/broker-bridge.ts
-var brokerClient = null;
-function getBrokerClient() {
-  if (!brokerClient) {
-    brokerClient = new BrokerClient({
-      socketPath: process.env["AGENSHIELD_SOCKET"] || "/var/run/agenshield/agenshield.sock",
-      httpHost: "localhost",
-      httpPort: 5201,
-      // Broker uses 5201, daemon uses 5200
-      timeout: 6e4,
-      // 60s timeout for file operations
-      preferSocket: true
-    });
-  }
-  return brokerClient;
+// libs/shield-daemon/src/routes/secrets.ts
+import { isSecretEnvVar } from "@agenshield/sandbox";
+import crypto4 from "node:crypto";
+function maskValue(value) {
+  if (value.length <= 4) return "\u2022\u2022\u2022\u2022\u2022\u2022\u2022\u2022";
+  return "\u2022\u2022\u2022\u2022\u2022\u2022\u2022\u2022" + value.slice(-4);
 }
-async function isBrokerAvailable() {
-  try {
-    const client = getBrokerClient();
-    return await client.isAvailable();
-  } catch {
-    return false;
-  }
+function toMasked(secret) {
+  return {
+    id: secret.id,
+    name: secret.name,
+    policyIds: secret.policyIds,
+    maskedValue: maskValue(secret.value),
+    createdAt: secret.createdAt
+  };
 }
-async function installSkillViaBroker(slug, files, options = {}) {
-  const client = getBrokerClient();
-  const brokerFiles = files.map((file) => ({
-    name: file.name,
-    content: file.content,
-    base64: false
-  }));
-  const result = await client.skillInstall({
-    slug,
-    files: brokerFiles,
-    createWrapper: options.createWrapper ?? true,
-    agentHome: options.agentHome,
-    socketGroup: options.socketGroup
+async function secretsRoutes(app) {
+  app.get("/secrets", async () => {
+    const vault = getVault();
+    const secrets = await vault.get("secrets") ?? [];
+    return { data: secrets.map(toMasked) };
   });
-  return result;
+  app.get("/secrets/env", async () => {
+    const names = /* @__PURE__ */ new Set();
+    for (const key of Object.keys(process.env)) {
+      if (process.env[key] && isSecretEnvVar(key)) {
+        names.add(key);
+      }
+    }
+    const userSecrets = process.env["AGENSHIELD_USER_SECRETS"];
+    if (userSecrets) {
+      for (const name of userSecrets.split(",").filter(Boolean)) {
+        names.add(name);
+      }
+    }
+    return { data: Array.from(names).sort((a, b) => a.localeCompare(b)) };
+  });
+  app.post(
+    "/secrets",
+    async (request) => {
+      const { name, value, policyIds } = request.body;
+      if (!name?.trim() || !value?.trim()) {
+        return { success: false, error: "Name and value are required" };
+      }
+      const vault = getVault();
+      const secrets = await vault.get("secrets") ?? [];
+      const newSecret = {
+        id: crypto4.randomUUID(),
+        name: name.trim(),
+        value,
+        policyIds: policyIds ?? [],
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      secrets.push(newSecret);
+      await vault.set("secrets", secrets);
+      return { data: toMasked(newSecret) };
+    }
+  );
+  app.patch(
+    "/secrets/:id",
+    async (request) => {
+      const { id } = request.params;
+      const { policyIds } = request.body;
+      const vault = getVault();
+      const secrets = await vault.get("secrets") ?? [];
+      const idx = secrets.findIndex((s) => s.id === id);
+      if (idx === -1) return { success: false, error: "Secret not found" };
+      secrets[idx].policyIds = policyIds ?? [];
+      await vault.set("secrets", secrets);
+      return { data: toMasked(secrets[idx]) };
+    }
+  );
+  app.delete(
+    "/secrets/:id",
+    async (request) => {
+      const { id } = request.params;
+      const vault = getVault();
+      const secrets = await vault.get("secrets") ?? [];
+      const filtered = secrets.filter((s) => s.id !== id);
+      if (filtered.length === secrets.length) {
+        return { success: false, error: "Secret not found" };
+      }
+      await vault.set("secrets", filtered);
+      return { deleted: true };
+    }
+  );
 }
 
 // libs/shield-daemon/src/routes/marketplace.ts
+import * as fs15 from "node:fs";
+import * as path14 from "node:path";
 async function marketplaceRoutes(app) {
   app.get(
     "/marketplace/search",
@@ -6871,6 +7036,10 @@ async function marketplaceRoutes(app) {
         if (localMeta) {
           const localFiles = getDownloadedSkillFiles(slug);
           const readmeFile = localFiles.find((f) => /readme|skill\.md/i.test(f.name));
+          let readme = readmeFile?.content;
+          if (readme) {
+            readme = inlineImagesInMarkdown(readme, localFiles);
+          }
           const skill2 = {
             name: localMeta.name,
             slug: localMeta.slug,
@@ -6880,7 +7049,7 @@ async function marketplaceRoutes(app) {
             installs: 0,
             // Not stored locally
             tags: localMeta.tags,
-            readme: readmeFile?.content,
+            readme,
             files: localFiles
           };
           if (localMeta.analysis) {