@apmantza/greedysearch-pi 2.0.0 → 2.1.3

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@apmantza/greedysearch-pi",
-	"version": "2.0.0",
+	"version": "2.1.3",
 	"description": "Headless multi-engine AI search (Perplexity, Google AI, ChatGPT, Gemini) via browser automation. NO API KEYS needed. Grounded all-engine search fetches sources by default, with optional configurable synthesis and deep research.",
 	"type": "module",
 	"keywords": [
@@ -48,13 +48,13 @@
 	},
 	"dependencies": {
 		"@mozilla/readability": "^0.6.0",
-		"@sinclair/typebox": "^0.34.48",
-		"jsdom": "^24.0.0",
+		"@sinclair/typebox": "^0.34.49",
+		"jsdom": "^29.1.1",
 		"pdf-parse": "^2.4.5",
 		"turndown": "^7.1.2"
 	},
 	"peerDependencies": {
-		"@earendil-works/pi-coding-agent": "*"
+		"@earendil-works/pi-coding-agent": "^0.79.0"
 	},
 	"peerDependenciesMeta": {
 		"@earendil-works/pi-coding-agent": {

package/skills/greedy-search/skill.md

@@ -1,18 +1,20 @@
----
-name: greedy-search
-description: Web/search plus opt-in research via Perplexity, Google AI, ChatGPT, Gemini, Semantic Scholar, and Logically. Grounded all-engine search fetches sources by default; optional configurable synthesis; deep research as separate workflow. Configurable via ~/.pi/greedyconfig. Bing Copilot available for signed-in users. Current docs, recent changes, dependency choices. NOT codebase search.
----
-
-`greedy_search({ query, engine: "all"|"perplexity"|"google"|"chatgpt"|"gemini"|"semantic-scholar"|"logically"|"bing", synthesize?: bool, synthesizer?: "gemini"|"chatgpt", depth?: "research", breadth: 1-5, iterations: 1-3, maxSources: 3-12, researchOutDir?: string, writeResearchBundle?: bool, visible: bool })`
-
-**Modes:** individual engine search · grounded `engine:"all"` search with fetched sources · optional `synthesize:true` using the configured synthesizer over all-engine results · `depth:"research"` for the iterative deep-research workflow.
-
-**Config:** `~/.pi/greedyconfig` supports `{ "engines": ["perplexity", "google", "chatgpt", "gemini", "semantic-scholar", "logically"], "synthesizer": "gemini" }`. Gemini is a normal search engine; Semantic Scholar and Logically are opt-in research engines. Any configured engine can participate in `engine:"all"`; deep research child searches reuse the same configured `engines` list and stdin-safe query passing. Normal all-search synthesis remains controlled separately by `synthesizer`; research planning/final synthesis uses Gemini.
-
-**Compatibility:** legacy `depth:"fast"|"standard"|"deep"` is still accepted. `fast` skips source fetching; `standard`/`deep` alias `synthesize:true`. Prefer `synthesize:true`, optional `synthesizer`, and `depth:"research"` going forward.
-
-**Research output:** `depth:"research"` writes a dataroom-style bundle by default under `.pi/greedysearch-research/<timestamp>_<query>/` with `STATUS.md`, `OUTLINE.md`, `reports/SUMMARY.md`, `reports/CLAIMS.md`, `reports/GAPS.md`, `sources/`, and `data/manifest.json`. Pass `researchOutDir` to choose the directory or `writeResearchBundle:false` to disable disk output.
-
-**Auto-recovery:** Headless default. Bing/Perplexity auto-retry visible on CF block. Manual CAPTCHA → visible stays open; solve then rerun.
-
-**CDP safety:** Use `bin/cdp-greedy.mjs` only. Never raw `bin/cdp.mjs`.
+---
+name: greedy-search
+description: Web/search plus opt-in research via Perplexity, Google AI, ChatGPT, Gemini, Semantic Scholar, and Logically. Grounded all-engine search fetches sources by default; optional configurable synthesis; deep research as separate workflow. Configurable via ~/.pi/greedyconfig. Bing Copilot available for signed-in users. Current docs, recent changes, dependency choices. NOT codebase search.
+---
+
+`greedy_search({ query, engine: "all"|"perplexity"|"google"|"chatgpt"|"gemini"|"semantic-scholar"|"logically"|"bing", synthesize?: bool, synthesizer?: "gemini"|"chatgpt", depth?: "research", breadth: 1-5, iterations: 1-3, maxSources: 3-12, researchOutDir?: string, writeResearchBundle?: bool, visible: bool })`
+
+**Modes:** individual engine search · grounded `engine:"all"` search with fetched sources · optional `synthesize:true` using the configured synthesizer over all-engine results · `depth:"research"` for the iterative deep-research workflow.
+
+**Config:** `~/.pi/greedyconfig` supports `{ "engines": ["perplexity", "google", "chatgpt", "gemini"], "synthesizer": "gemini" }` by default. `semantic-scholar` and `logically` are opt-in academic/research engines — add them to `engines` only when you want academic paper discovery or research-assistant workflows in the normal all-search fan-out. Without explicit opt-in, `engine:"all"` excludes them because their results are noisy for casual web search; they shine in `depth:"research"` mode. Any configured engine can participate in `engine:"all"`; deep research child searches reuse the same configured `engines` list and stdin-safe query passing. Normal all-search synthesis remains controlled separately by `synthesizer`; research planning/final synthesis uses Gemini.
+
+**Compatibility:** legacy `depth:"fast"|"standard"|"deep"` is still accepted. `fast` skips source fetching; `standard`/`deep` alias `synthesize:true`. Prefer `synthesize:true`, optional `synthesizer`, and `depth:"research"` going forward.
+
+**Research output:** `depth:"research"` writes a dataroom-style bundle by default under `.pi/greedysearch-research/<timestamp>_<query>/` with `STATUS.md`, `OUTLINE.md`, `reports/SUMMARY.md`, `reports/CLAIMS.md`, `reports/GAPS.md`, `sources/`, and `data/manifest.json`. Pass `researchOutDir` to choose the directory or `writeResearchBundle:false` to disable disk output.
+
+**Scale-aware research:** When `breadth` and `iterations` are not explicitly set, the classifier auto-detects query complexity. Simple queries ("what is X") use a fast single-pass path (~70% faster). Moderate queries get tighter breadth/iterations. Complex queries use the full loop. Explicit `breadth`/`iterations` always override the classifier.
+
+**Auto-recovery:** Headless default. Bing/Perplexity auto-retry visible on CF block. Manual CAPTCHA → visible stays open; solve then rerun.
+
+**CDP safety:** Use `bin/cdp-greedy.mjs` only. Never raw `bin/cdp.mjs`.

package/src/fetcher.mjs

@@ -195,6 +195,21 @@ export async function fetchSourceHttp(url, options = {}) {
 		const finalUrl = response.url;
 		const lastModified = response.headers.get("last-modified") || "";
 
+		// SSRF defense: re-validate the post-redirect finalUrl. A malicious
+		// server could redirect our fetch to a private IP, bypassing the
+		// initial isPrivateUrl() check on the original URL.
+		const finalPrivateCheck = isPrivateUrl(finalUrl);
+		if (finalPrivateCheck.blocked) {
+			return {
+				ok: false,
+				url,
+				finalUrl,
+				status: response.status,
+				error: `Blocked: ${finalPrivateCheck.reason}`,
+				needsBrowser: false,
+			};
+		}
+
 		// Handle raw text/plain from GitHub (raw file content)
 		let isRawGitHub = false;
 		try {

package/src/formatters/results.ts

@@ -6,6 +6,28 @@
 import { formatEngineName } from "../utils/helpers.js";
 import { renderSynthesis } from "./synthesis.js";
 
+/**
+ * Maximum line length for any text passed to the TUI. Lines longer than
+ * this are truncated with an ellipsis. The TUI's Text.render wraps at the
+ * terminal width, but it crashes with
+ *   "Rendered line N exceeds terminal width (W > W-4)"
+ * when a single line is wider than its own internal render width. Long
+ * lines (e.g. a markdown table row inside a chatgpt synthesis answer) that
+ * don't have a \n break would otherwise produce this crash. The safety
+ * net below trims individual lines before they reach the TUI.
+ */
+const MAX_LINE_WIDTH = 800;
+function _truncateLongLines(text: string): string {
+	return text
+		.split("\n")
+		.map((line) =>
+			line.length > MAX_LINE_WIDTH
+				? line.slice(0, MAX_LINE_WIDTH - 1) + "…"
+				: line,
+		)
+		.join("\n");
+}
+
 /**
  * Format search results based on engine type
  */
@@ -16,10 +38,10 @@ export function formatResults(
 	const lines: string[] = [];
 
 	if (engine === "all") {
-		return formatAllEnginesResult(data, lines);
+		return _truncateLongLines(formatAllEnginesResult(data, lines));
 	}
 
-	return formatSingleEngineResult(data, lines);
+	return _truncateLongLines(formatSingleEngineResult(data, lines));
 }
 
 /**

package/src/search/challenge-detect.mjs

@@ -0,0 +1,205 @@
+// src/search/challenge-detect.mjs — Detect when a Cloudflare/Turnstile/captcha
+// challenge has been solved so the extractor can auto-resume.
+//
+// Polls page state (URL, title, DOM markers, cookie presence) instead of waiting
+// for a hard timeout. Resolves once the engine-specific "challenge cleared"
+// signal is observed, or rejects with a clear error if the polling budget is
+// exhausted before any progress.
+//
+// Usage:
+//   const cleared = await waitForChallengeCleared({ tab, engine: "chatgpt", timeoutMs: 300000 });
+//   if (!cleared) emit _needsHumanVerification; else re-run extractor.
+
+import { cdp } from "../../extractors/common.mjs";
+
+const DEFAULT_TIMEOUT_MS = Number.parseInt(
+	process.env.GREEDY_SEARCH_CHALLENGE_WAIT_MS || "300000",
+	10,
+); // 5 minutes default
+const POLL_INTERVAL_MS = 3000;
+
+const ENGINE_SIGNALS = {
+	chatgpt: {
+		// After Cloudflare clearance, chatgpt.com shows the chat UI.
+		// Title changes from "Περιμένετε..." / "Just a moment..." → "ChatGPT"
+		// and div.ProseMirror renders.
+		name: "chatgpt",
+		isCleared: async (tab) => {
+			const probe = await cdp([
+				"eval",
+				tab,
+				`(() => {
+					const title = document.title;
+					const onChatGPT = location.hostname === "chatgpt.com";
+					const hasProseMirror = !!document.querySelector("div.ProseMirror");
+					const hasTurnstileInput =
+						!!document.querySelector("input[name=\\"cf-turnstile-response\\"]") ||
+						!!document.querySelector("iframe[id^=\\"cf-chl-widget-\\"]");
+					// Body innerText is empty while on the Turnstile page.
+					const bodyText = (document.body && document.body.innerText) || "";
+					return JSON.stringify({
+						title,
+						url: location.href,
+						hasProseMirror,
+						hasTurnstileInput,
+						bodyLen: bodyText.length,
+						onChatGPT,
+					});
+				})()`,
+			]).catch(() => null);
+			if (!probe) return false;
+			let info;
+			try {
+				info = JSON.parse(probe);
+			} catch {
+				return false;
+			}
+			// Cleared when we're on chatgpt.com, the title is no longer the
+			// "Please wait…" placeholder, and either the chat UI rendered or
+			// the Turnstile marker is gone.
+			if (!info.onChatGPT) return false;
+			if (
+				info.title &&
+				/περιμένετε|please wait|just a moment|verifying|checking/i.test(
+					info.title,
+				)
+			) {
+				return false;
+			}
+			if (info.hasTurnstileInput) return false;
+			// Either chat UI appeared OR we navigated past chatgpt.com (signed-in landing)
+			return info.hasProseMirror || info.bodyLen > 50;
+		},
+	},
+	bing: {
+		// Copilot shows "Verify you are human" challenge, then transitions to the chat UI.
+		// Cleared signals: URL on copilot.microsoft.com (no /challenge), textarea/input exists,
+		// or the Turnstile iframe is gone.
+		name: "bing",
+		isCleared: async (tab) => {
+			const probe = await cdp([
+				"eval",
+				tab,
+				`(() => {
+					const url = location.href;
+					const title = document.title;
+					const onCopilot = /copilot\\.microsoft\\.com/.test(location.hostname);
+					const onChallenge =
+						/challenge|turnstile|cdn-cgi\\/challenge/i.test(url) ||
+						/verify|human|robot/i.test(title);
+					const hasTextarea =
+						!!document.querySelector("textarea") ||
+						!!document.querySelector("div[contenteditable=\\"true\\"]");
+					const hasTurnstileInput =
+						!!document.querySelector("iframe[id^=\\"cf-chl-widget-\\"]") ||
+						!!document.querySelector("input[name=\\"cf-turnstile-response\\"]");
+					const bodyText = (document.body && document.body.innerText) || "";
+					return JSON.stringify({
+						url,
+						title,
+						onCopilot,
+						onChallenge,
+						hasTextarea,
+						hasTurnstileInput,
+						bodyLen: bodyText.length,
+					});
+				})()`,
+			]).catch(() => null);
+			if (!probe) return false;
+			let info;
+			try {
+				info = JSON.parse(probe);
+			} catch {
+				return false;
+			}
+			if (!info.onCopilot) return false;
+			if (info.onChallenge) return false;
+			if (info.hasTurnstileInput) return false;
+			// Either chat input appeared OR we're past the challenge.
+			return info.hasTextarea || info.bodyLen > 50;
+		},
+	},
+};
+
+/**
+ * Generic fallback: poll for cf_clearance cookie presence on the engine domain.
+ * Used when the engine doesn't have specific DOM signals defined.
+ */
+async function pollForCfClearanceCookie(tab) {
+	const probe = await cdp([
+		"eval",
+		tab,
+		`(() => {
+			const cookies = document.cookie || "";
+			return JSON.stringify({
+				hasCfClearance: /(?:^|;\\s*)cf_clearance=/.test(cookies),
+				hasCfBm: /(?:^|;\\s*)__cf_bm=/.test(cookies),
+				cookiesLength: cookies.length,
+			});
+		})()`,
+	]).catch(() => null);
+	if (!probe) return false;
+	try {
+		const info = JSON.parse(probe);
+		return info.hasCfClearance || info.hasCfBm;
+	} catch {
+		return false;
+	}
+}
+
+/**
+ * Poll page state until a Cloudflare/Turnstile challenge is cleared.
+ *
+ * Returns:
+ *   { cleared: true, signal: "..." } — challenge cleared; safe to re-extract.
+ *   { cleared: false, reason: "..." } — timeout or unrecoverable.
+ */
+export async function waitForChallengeCleared({
+	tab,
+	engine,
+	timeoutMs = DEFAULT_TIMEOUT_MS,
+	intervalMs = POLL_INTERVAL_MS,
+	signal: externalSignal,
+	log = () => {},
+}) {
+	const def = ENGINE_SIGNALS[engine];
+	const start = Date.now();
+	let lastState = null;
+
+	while (Date.now() - start < timeoutMs) {
+		if (externalSignal?.aborted) {
+			return { cleared: false, reason: "aborted" };
+		}
+		const elapsed = Math.floor((Date.now() - start) / 1000);
+
+		let cleared = false;
+		if (def) {
+			cleared = await def.isCleared(tab).catch(() => false);
+		} else {
+			cleared = await pollForCfClearanceCookie(tab).catch(() => false);
+		}
+		if (cleared) {
+			log(
+				`[greedysearch] ✅ ${engine} challenge cleared after ${elapsed}s — auto-resuming extraction.`,
+			);
+			return { cleared: true, signal: def ? "dom-marker" : "cookie" };
+		}
+
+		// Periodic heartbeat to stderr so the user knows we're still polling
+		if (elapsed > 0 && elapsed % 30 === 0 && lastState !== elapsed) {
+			lastState = elapsed;
+			log(
+				`[greedysearch] ⏳ Waiting for ${engine} challenge to clear (${elapsed}s/${Math.floor(timeoutMs / 1000)}s)...`,
+			);
+		}
+
+		await new Promise((r) => setTimeout(r, intervalMs));
+	}
+
+	return {
+		cleared: false,
+		reason: `Challenge not cleared within ${Math.floor(timeoutMs / 1000)}s`,
+	};
+}
+
+export const CHALLENGE_ENGINES = Object.keys(ENGINE_SIGNALS);

package/src/search/constants.mjs

@@ -20,6 +20,11 @@ export const VISIBLE_RECOVERY_LOG = `${tmpdir().replaceAll("\\", "/")}/greedysea
 const CONFIG_DIR = join(homedir(), ".pi");
 const CONFIG_FILE = join(CONFIG_DIR, "greedyconfig");
 
+// Default engines that participate in the "all" fan-out for normal
+// (non-research) searches. Opt-in research/academic engines like
+// `semantic-scholar` are deliberately excluded — they belong in research
+// mode, not casual web search. Users who want them in normal `engine:all`
+// runs can add them via ~/.pi/greedyconfig (see ensureDefaultConfig()).
 export const DEFAULT_ENGINES = ["perplexity", "google", "chatgpt"];
 export const DEFAULT_SYNTHESIZER = "gemini";
 

package/src/search/progress.mjs

@@ -0,0 +1,145 @@
+// src/search/progress.mjs — Progress bar with ETA for long-running research
+//
+// Tracks per-action and per-round timing, prints a progress bar to stderr
+// after each step with an ETA based on rolling average. Inspired by pi-webaio's
+// streaming progress output.
+//
+// Usage:
+//   const tracker = createProgressTracker({ totalActions: 6, totalRounds: 2 });
+//   tracker.startRound(1);
+//   tracker.startAction('search', 'what is X');
+//   ... do work ...
+//   tracker.endAction();
+//   tracker.startAction('fetch', 'https://...');
+//   ... do work ...
+//   tracker.endAction();
+//   tracker.endRound();
+//   tracker.print(); // prints bar to stderr
+
+const BAR_WIDTH = 20;
+
+/**
+ * Format seconds as a human-readable duration (e.g. "1m 23s", "45s", "0s")
+ */
+function formatDuration(ms) {
+	if (ms < 1000) return "0s";
+	const totalSeconds = Math.round(ms / 1000);
+	if (totalSeconds < 60) return `${totalSeconds}s`;
+	const minutes = Math.floor(totalSeconds / 60);
+	const seconds = totalSeconds % 60;
+	return `${minutes}m ${seconds}s`;
+}
+
+/**
+ * Render a progress bar string.
+ * Example: [████████████░░░░░░░░] 12/20 (ETA 1m 30s)
+ */
+function renderBar(progress, width = BAR_WIDTH) {
+	const filled = Math.round(progress * width);
+	const empty = width - filled;
+	return "[" + "█".repeat(filled) + "░".repeat(empty) + "]";
+}
+
+/**
+ * Create a progress tracker.
+ * @param {object} opts
+ * @param {number} opts.totalActions - Total expected actions across all rounds
+ * @param {number} opts.totalRounds - Total expected rounds
+ * @param {number} opts.totalFetches - Total expected source fetches
+ * @param {boolean} [opts.silent] - Suppress stderr output (for tests)
+ */
+export function createProgressTracker({
+	totalActions = 0,
+	totalRounds = 0,
+	totalFetches = 0,
+	silent = false,
+} = {}) {
+	const startedAt = Date.now();
+	let completedActions = 0;
+	let completedRounds = 0;
+	let completedFetches = 0;
+	const actionTimings = []; // rolling window of recent action durations
+	let currentActionStart = null;
+	let currentActionLabel = null;
+	let lastPrintAt = 0;
+	const MIN_PRINT_INTERVAL_MS = 500; // throttle to avoid spam
+
+	function recordAction(durationMs) {
+		actionTimings.push(durationMs);
+		// keep only last 5 for rolling average
+		if (actionTimings.length > 5) actionTimings.shift();
+	}
+
+	function avgActionMs() {
+		if (actionTimings.length === 0) return null;
+		return actionTimings.reduce((a, b) => a + b, 0) / actionTimings.length;
+	}
+
+	function buildStatus(phase) {
+		const elapsed = Date.now() - startedAt;
+		const total = totalActions + totalFetches + totalRounds;
+		const done = completedActions + completedFetches + completedRounds;
+		const progress = total > 0 ? Math.min(1, done / total) : 0;
+		const bar = renderBar(progress);
+		const avg = avgActionMs();
+		const remaining = Math.max(0, total - done);
+		const etaMs = avg ? avg * remaining : null;
+		const eta = etaMs ? formatDuration(etaMs) : "—";
+		const label = currentActionLabel ? ` ${currentActionLabel}` : "";
+		return `${bar} ${done}/${total} (${phase}${label}, ETA ${eta})`;
+	}
+
+	function print(phase) {
+		if (silent) return;
+		const now = Date.now();
+		// throttle to avoid spamming
+		if (now - lastPrintAt < MIN_PRINT_INTERVAL_MS && phase !== "done") return;
+		lastPrintAt = now;
+		process.stderr.write(`[greedysearch] ${buildStatus(phase)}\n`);
+	}
+
+	return {
+		startRound(n) {
+			completedRounds = n - 1; // will be incremented when endRound fires
+		},
+		endRound() {
+			completedRounds++;
+			print("round");
+		},
+		startAction(type, label) {
+			currentActionStart = Date.now();
+			currentActionLabel = `${type}:${(label || "").slice(0, 40)}`;
+			print(type);
+		},
+		endAction() {
+			if (currentActionStart) {
+				recordAction(Date.now() - currentActionStart);
+				currentActionStart = null;
+			}
+			completedActions++;
+			print("action");
+		},
+		startFetch(label) {
+			currentActionStart = Date.now();
+			currentActionLabel = `fetch:${(label || "").slice(0, 40)}`;
+			print("fetch");
+		},
+		endFetch(ok = true) {
+			if (currentActionStart) {
+				recordAction(Date.now() - currentActionStart);
+				currentActionStart = null;
+			}
+			completedFetches++;
+			print(ok ? "fetch" : "fetch-failed");
+		},
+		print() {
+			print("progress");
+		},
+		finish() {
+			print("done");
+		},
+		getElapsedMs() {
+			return Date.now() - startedAt;
+		},
+	};
+}

package/src/search/recovery.mjs

@@ -10,8 +10,14 @@ export const HEADLESS_RECOVERY_ENGINES = [
 	"logically",
 ];
 
+// blockedBy values that indicate visible-mode cookies CANNOT bypass the block.
+// These still match the "headless blocked" shape but should NOT trigger
+// visible recovery — the block is account-level (rate limit, ban) or
+// structural (page redesign), not session-level.
+const NON_RECOVERABLE_BLOCKED_BY = new Set(["rate-limit"]);
+
 const HEADLESS_BLOCKED_PATTERN =
-	/timed out|timeout|verification|captcha|cloudflare|turnstile|input not found|ask-input|clipboard|copy button hidden|sign.in|login required/i;
+	/timed out|timeout|verification|captcha|cloudflare|turnstile|input not found|ask-input|copy button hidden|sign.in|login required/i;
 
 const MANUAL_VERIFICATION_PATTERN =
 	/needs-human|verification required|please solve|captcha|cloudflare|turnstile|could not be completed automatically|manual intervention|sign.in|login required/i;
@@ -24,12 +30,24 @@ export function isManualVerificationError(error) {
 	return MANUAL_VERIFICATION_PATTERN.test(String(error || ""));
 }
 
+/**
+ * Check if a blockedBy value is non-recoverable (visible retry won't help).
+ */
+export function isNonRecoverableBlockedBy(blockedBy) {
+	return NON_RECOVERABLE_BLOCKED_BY.has(blockedBy);
+}
+
 export function findHeadlessBlockedEngines(resultsByEngine) {
 	return HEADLESS_RECOVERY_ENGINES.filter((engine) => {
 		const result = resultsByEngine?.[engine];
 		if (!result) return false;
 		// Data-driven: check envelope first (zero regex cost)
-		if (result._envelope?.blockedBy) return true;
+		const blockedBy = result._envelope?.blockedBy;
+		if (blockedBy) {
+			// Skip non-recoverable blocks (rate-limit, ban, etc.)
+			if (NON_RECOVERABLE_BLOCKED_BY.has(blockedBy)) return false;
+			return true;
+		}
 		if (result._envelope?.verificationResult === "needs-human") return true;
 		// Fallback: legacy string matching for errors passed as plain strings
 		const error = result.error;
@@ -45,7 +63,11 @@ export function findHeadlessBlockedEngines(resultsByEngine) {
 export function isHeadlessBlockedResult(error) {
 	if (!error) return false;
 	const env = error.envelope;
-	if (env?.blockedBy) return true;
+	if (env?.blockedBy) {
+		// Skip non-recoverable blocks (rate-limit, ban, etc.)
+		if (NON_RECOVERABLE_BLOCKED_BY.has(env.blockedBy)) return false;
+		return true;
+	}
 	if (env?.verificationResult === "needs-human") return true;
 	return isHeadlessBlockedError(error.message);
 }