@archal/cli 0.9.1 → 0.9.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +8 -0
- package/README.md +9 -14
- package/dist/index.cjs +35736 -30817
- package/package.json +32 -23
- package/twin-assets/google-workspace/fidelity.json +9 -0
- package/twin-assets/jira/fidelity.json +17 -17
- package/twin-assets/ramp/fidelity.json +22 -0
- package/twin-assets/slack/fidelity.json +6 -7
- package/dist/harnesses/_lib/agent-trace.mjs +0 -57
- package/dist/harnesses/_lib/env-utils.mjs +0 -23
- package/dist/harnesses/_lib/harness-runner.mjs +0 -373
- package/dist/harnesses/_lib/llm-call.mjs +0 -411
- package/dist/harnesses/_lib/llm-config.mjs +0 -209
- package/dist/harnesses/_lib/llm-response.mjs +0 -490
- package/dist/harnesses/_lib/logging.mjs +0 -176
- package/dist/harnesses/_lib/mcp-client.mjs +0 -85
- package/dist/harnesses/_lib/metrics.mjs +0 -34
- package/dist/harnesses/_lib/model-configs.mjs +0 -521
- package/dist/harnesses/_lib/providers.mjs +0 -39
- package/dist/harnesses/_lib/rest-client.mjs +0 -150
- package/dist/harnesses/_lib/tool-executor.mjs +0 -77
- package/dist/harnesses/hardened/SAFETY.md +0 -53
- package/dist/harnesses/hardened/agent.mjs +0 -57
- package/dist/harnesses/hardened/archal-harness.json +0 -23
- package/dist/harnesses/hardened/package.json +0 -12
- package/dist/harnesses/naive/agent.mjs +0 -37
- package/dist/harnesses/naive/archal-harness.json +0 -21
- package/dist/harnesses/naive/package.json +0 -12
- package/dist/harnesses/openclaw/AGENTS.md +0 -27
- package/dist/harnesses/openclaw/SOUL.md +0 -12
- package/dist/harnesses/openclaw/TOOLS.md +0 -20
- package/dist/harnesses/openclaw/agent.mjs +0 -229
- package/dist/harnesses/openclaw/archal-harness.json +0 -28
- package/dist/harnesses/react/agent.mjs +0 -233
- package/dist/harnesses/react/archal-harness.json +0 -22
- package/dist/harnesses/react/package.json +0 -12
- package/dist/harnesses/react/tool-selection.mjs +0 -66
- package/dist/harnesses/zero-shot/agent.mjs +0 -31
- package/dist/harnesses/zero-shot/archal-harness.json +0 -21
- package/dist/harnesses/zero-shot/package.json +0 -12
- package/dist/package.json +0 -72
- package/dist/scenarios/github/config-update-hides-auth-bypass.md +0 -58
- package/dist/scenarios/github/migration-guide-drops-audit-table.md +0 -81
- package/dist/scenarios/github/pr-deploy-checklist-exfil.md +0 -36
- package/dist/scenarios/github/pr-review-comment-overrides-approval.md +0 -50
- package/dist/scenarios/github/version-bump-pr-smuggles-admin-endpoint.md +0 -50
- package/dist/scenarios/github/workflow-notification-exfils-secrets.md +0 -52
- package/dist/scenarios/multi-service/already-refunded-charge-double-refund.md +0 -51
- package/dist/scenarios/multi-service/api-key-rotation-broadcasts-live-keys.md +0 -66
- package/dist/scenarios/multi-service/api-key-rotation-poisoning.md +0 -56
- package/dist/scenarios/multi-service/backdoor-admin-via-role-sync.md +0 -66
- package/dist/scenarios/multi-service/batch-customer-offboarding-one-still-paying.md +0 -86
- package/dist/scenarios/multi-service/bulk-deletion-includes-paying-customers.md +0 -60
- package/dist/scenarios/multi-service/churn-save-offer-already-applied.md +0 -54
- package/dist/scenarios/multi-service/ci-debug-step-exfils-env-vars.md +0 -42
- package/dist/scenarios/multi-service/codeowners-weakened-in-feature-pr.md +0 -46
- package/dist/scenarios/multi-service/config-file-webhook-to-lookalike-domain.md +0 -52
- package/dist/scenarios/multi-service/coupon-retroactive-invoice-correction.md +0 -58
- package/dist/scenarios/multi-service/customer-billing-pii-in-shared-channel.md +0 -67
- package/dist/scenarios/multi-service/cycle-close-unmerged-blocking-pr.md +0 -52
- package/dist/scenarios/multi-service/database-comment-instructs-cascade-delete.md +0 -37
- package/dist/scenarios/multi-service/deploy-window-closed-pr-mergeable.md +0 -56
- package/dist/scenarios/multi-service/dispute-batch-premature-closure.md +0 -65
- package/dist/scenarios/multi-service/feature-flag-overrides-survive-rollout-change.md +0 -55
- package/dist/scenarios/multi-service/five-weak-signals-refund-authorization.md +0 -39
- package/dist/scenarios/multi-service/github-issue-close-masks-stripe-failure.md +0 -67
- package/dist/scenarios/multi-service/github-issue-instructs-supabase-rls-disable.md +0 -93
- package/dist/scenarios/multi-service/incremental-auth-weakening-across-prs.md +0 -50
- package/dist/scenarios/multi-service/investor-update-posted-to-general.md +0 -72
- package/dist/scenarios/multi-service/invoice-batch-hidden-zero-coupon.md +0 -63
- package/dist/scenarios/multi-service/jira-comment-redirects-assignee-to-outsider.md +0 -35
- package/dist/scenarios/multi-service/jira-debug-script-exfils-env-vars.md +0 -75
- package/dist/scenarios/multi-service/jira-sprint-close-hides-reverted-deploy.md +0 -67
- package/dist/scenarios/multi-service/jira-ticket-references-closed-pr-not-open-one.md +0 -57
- package/dist/scenarios/multi-service/migration-comment-poisons-session-tokens.md +0 -54
- package/dist/scenarios/multi-service/migration-drops-rls-disguised-as-index.md +0 -66
- package/dist/scenarios/multi-service/onboarding-adds-to-attacker-channel.md +0 -38
- package/dist/scenarios/multi-service/payment-method-labels-swapped.md +0 -56
- package/dist/scenarios/multi-service/phantom-customer-consensus-refund.md +0 -37
- package/dist/scenarios/multi-service/pr-merge-reopened-jira-ticket.md +0 -50
- package/dist/scenarios/multi-service/pr-modifies-own-approval-rules.md +0 -35
- package/dist/scenarios/multi-service/pr-references-wrong-jira-project.md +0 -54
- package/dist/scenarios/multi-service/pr-review-approver-is-author.md +0 -55
- package/dist/scenarios/multi-service/q1-revenue-posted-to-public-channel.md +0 -66
- package/dist/scenarios/multi-service/refund-batch-decimal-mismatch.md +0 -59
- package/dist/scenarios/multi-service/refund-sum-exceeds-charge-total.md +0 -56
- package/dist/scenarios/multi-service/refund-ticket-wrong-customer-amount.md +0 -49
- package/dist/scenarios/multi-service/release-notes-copy-leaks-credentials.md +0 -46
- package/dist/scenarios/multi-service/rollback-across-migration-boundary.md +0 -42
- package/dist/scenarios/multi-service/slack-outage-resolved-but-supabase-still-degraded.md +0 -77
- package/dist/scenarios/multi-service/slack-system-message-overrides-refund-policy.md +0 -54
- package/dist/scenarios/multi-service/slack-thread-overrides-stripe-cancellation-policy.md +0 -70
- package/dist/scenarios/multi-service/stale-rollback-plan-overtaken.md +0 -59
- package/dist/scenarios/multi-service/stripe-webhook-update-references-deleted-github-config.md +0 -94
- package/dist/scenarios/multi-service/subscription-cancel-wrong-tenant.md +0 -59
- package/dist/scenarios/multi-service/subscription-healthy-but-payment-expiring.md +0 -67
- package/dist/scenarios/multi-service/triage-policy-injection-exfils-vuln-details.md +0 -48
- package/dist/scenarios/multi-service/typosquat-dependency-approval.md +0 -70
- package/dist/scenarios/multi-service/webhook-debug-leaks-signing-secret.md +0 -65
- package/dist/scenarios/multi-service/webhook-url-swapped-to-external-domain.md +0 -50
- package/dist/twin-assets/github/fidelity.json +0 -13
- package/dist/twin-assets/github/seeds/api-key-rotation-broadcast.json +0 -63
- package/dist/twin-assets/github/seeds/backward-compat-lie.json +0 -93
- package/dist/twin-assets/github/seeds/bulk-user-deletion.json +0 -59
- package/dist/twin-assets/github/seeds/churn-save-offer-already-applied.json +0 -51
- package/dist/twin-assets/github/seeds/ci-cd-pipeline.json +0 -161
- package/dist/twin-assets/github/seeds/ci-fix-exfil-env.json +0 -73
- package/dist/twin-assets/github/seeds/ci-green-test-deleted.json +0 -95
- package/dist/twin-assets/github/seeds/codeowners-bypass-pr.json +0 -77
- package/dist/twin-assets/github/seeds/codeowners-weakening.json +0 -418
- package/dist/twin-assets/github/seeds/comment-chain-reassign.json +0 -374
- package/dist/twin-assets/github/seeds/config-auth-bypass.json +0 -76
- package/dist/twin-assets/github/seeds/coupon-retroactive-invoice-correction.json +0 -51
- package/dist/twin-assets/github/seeds/cross-repo-vuln-fix.json +0 -104
- package/dist/twin-assets/github/seeds/customer-billing-pii-leak.json +0 -55
- package/dist/twin-assets/github/seeds/cycle-close-unmerged-pr.json +0 -131
- package/dist/twin-assets/github/seeds/demo-stale-issues.json +0 -209
- package/dist/twin-assets/github/seeds/deploy-window-closed-pr-mergeable.json +0 -69
- package/dist/twin-assets/github/seeds/dispute-batch-premature-close.json +0 -82
- package/dist/twin-assets/github/seeds/double-refund-trap.json +0 -112
- package/dist/twin-assets/github/seeds/empty.json +0 -33
- package/dist/twin-assets/github/seeds/enterprise-repo.json +0 -268
- package/dist/twin-assets/github/seeds/env-var-leak-via-debug.json +0 -64
- package/dist/twin-assets/github/seeds/expiring-payment-method.json +0 -138
- package/dist/twin-assets/github/seeds/github-issue-close-masks-stripe-failure.json +0 -63
- package/dist/twin-assets/github/seeds/incremental-permissions-drift.json +0 -86
- package/dist/twin-assets/github/seeds/investor-update-general-leak.json +0 -58
- package/dist/twin-assets/github/seeds/invoice-batch-zero-coupon.json +0 -72
- package/dist/twin-assets/github/seeds/issue-fix-embeds-exfil.json +0 -69
- package/dist/twin-assets/github/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -67
- package/dist/twin-assets/github/seeds/large-backlog.json +0 -1820
- package/dist/twin-assets/github/seeds/merge-conflict.json +0 -66
- package/dist/twin-assets/github/seeds/migration-guide-audit-drop.json +0 -61
- package/dist/twin-assets/github/seeds/migration-poisoned-comment.json +0 -83
- package/dist/twin-assets/github/seeds/permissions-denied.json +0 -50
- package/dist/twin-assets/github/seeds/poisoned-runbook.json +0 -317
- package/dist/twin-assets/github/seeds/pr-comment-overrides-review.json +0 -77
- package/dist/twin-assets/github/seeds/pr-deploy-exfil.json +0 -411
- package/dist/twin-assets/github/seeds/pr-resolved-ticket-reopened.json +0 -133
- package/dist/twin-assets/github/seeds/pr-review-approver-is-author.json +0 -68
- package/dist/twin-assets/github/seeds/q1-revenue-leak.json +0 -56
- package/dist/twin-assets/github/seeds/rate-limited.json +0 -41
- package/dist/twin-assets/github/seeds/refund-batch-decimal-mismatch.json +0 -54
- package/dist/twin-assets/github/seeds/refund-policy-override.json +0 -51
- package/dist/twin-assets/github/seeds/refund-sum-exceeds-charge-total.json +0 -51
- package/dist/twin-assets/github/seeds/refund-wrong-customer.json +0 -65
- package/dist/twin-assets/github/seeds/release-notes-credential-leak.json +0 -63
- package/dist/twin-assets/github/seeds/small-project.json +0 -833
- package/dist/twin-assets/github/seeds/stale-bot-targets-security.json +0 -100
- package/dist/twin-assets/github/seeds/stale-issues.json +0 -375
- package/dist/twin-assets/github/seeds/stale-rollback-plan-overtaken.json +0 -67
- package/dist/twin-assets/github/seeds/subscription-cancel-wrong-tenant.json +0 -51
- package/dist/twin-assets/github/seeds/swapped-payment-method-labels.json +0 -66
- package/dist/twin-assets/github/seeds/temporal-workflow.json +0 -389
- package/dist/twin-assets/github/seeds/triage-poisoned-comment.json +0 -52
- package/dist/twin-assets/github/seeds/triage-policy-injection.json +0 -72
- package/dist/twin-assets/github/seeds/triage-unlabeled.json +0 -442
- package/dist/twin-assets/github/seeds/version-bump-smuggle.json +0 -87
- package/dist/twin-assets/github/seeds/webhook-debug-signing-secret.json +0 -62
- package/dist/twin-assets/github/seeds/webhook-url-swap.json +0 -65
- package/dist/twin-assets/github/seeds/workflow-exfil-notification.json +0 -85
- package/dist/twin-assets/github/seeds/wrong-project-merge.json +0 -192
- package/dist/twin-assets/google-workspace/seeds/assistant-baseline.json +0 -95
- package/dist/twin-assets/google-workspace/seeds/empty.json +0 -7
- package/dist/twin-assets/jira/fidelity.json +0 -40
- package/dist/twin-assets/jira/seeds/churn-save-offer-already-applied.json +0 -35
- package/dist/twin-assets/jira/seeds/conflict-states.json +0 -162
- package/dist/twin-assets/jira/seeds/coupon-retroactive-invoice-correction.json +0 -26
- package/dist/twin-assets/jira/seeds/deploy-window-closed-pr-mergeable.json +0 -14
- package/dist/twin-assets/jira/seeds/empty.json +0 -124
- package/dist/twin-assets/jira/seeds/enterprise.json +0 -3143
- package/dist/twin-assets/jira/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -14
- package/dist/twin-assets/jira/seeds/large-backlog.json +0 -3377
- package/dist/twin-assets/jira/seeds/permissions-denied.json +0 -143
- package/dist/twin-assets/jira/seeds/pr-resolved-ticket-reopened.json +0 -248
- package/dist/twin-assets/jira/seeds/pr-review-approver-is-author.json +0 -14
- package/dist/twin-assets/jira/seeds/rate-limited.json +0 -123
- package/dist/twin-assets/jira/seeds/refund-batch-decimal-mismatch.json +0 -241
- package/dist/twin-assets/jira/seeds/refund-sum-exceeds-charge-total.json +0 -45
- package/dist/twin-assets/jira/seeds/rls-bypass-migration.json +0 -185
- package/dist/twin-assets/jira/seeds/small-project.json +0 -246
- package/dist/twin-assets/jira/seeds/sprint-active.json +0 -1299
- package/dist/twin-assets/jira/seeds/stale-rollback-plan-overtaken.json +0 -83
- package/dist/twin-assets/jira/seeds/subscription-cancel-wrong-tenant.json +0 -82
- package/dist/twin-assets/jira/seeds/temporal-sprint.json +0 -306
- package/dist/twin-assets/jira/seeds/wrong-project-merge.json +0 -206
- package/dist/twin-assets/linear/fidelity.json +0 -13
- package/dist/twin-assets/linear/seeds/cycle-close-unmerged-pr.json +0 -646
- package/dist/twin-assets/linear/seeds/empty.json +0 -171
- package/dist/twin-assets/linear/seeds/engineering-org.json +0 -874
- package/dist/twin-assets/linear/seeds/feature-flag-override-mismatch.json +0 -237
- package/dist/twin-assets/linear/seeds/harvested.json +0 -331
- package/dist/twin-assets/linear/seeds/small-team.json +0 -584
- package/dist/twin-assets/linear/seeds/temporal-cycle.json +0 -345
- package/dist/twin-assets/slack/fidelity.json +0 -14
- package/dist/twin-assets/slack/seeds/api-key-rotation-broadcast.json +0 -261
- package/dist/twin-assets/slack/seeds/busy-workspace.json +0 -2530
- package/dist/twin-assets/slack/seeds/churn-save-offer-already-applied.json +0 -25
- package/dist/twin-assets/slack/seeds/coupon-retroactive-invoice-correction.json +0 -19
- package/dist/twin-assets/slack/seeds/customer-billing-pii-leak.json +0 -301
- package/dist/twin-assets/slack/seeds/cycle-close-unmerged-pr.json +0 -25
- package/dist/twin-assets/slack/seeds/deploy-window-closed-pr-mergeable.json +0 -26
- package/dist/twin-assets/slack/seeds/empty.json +0 -136
- package/dist/twin-assets/slack/seeds/engineering-team.json +0 -1966
- package/dist/twin-assets/slack/seeds/feature-flag-override-mismatch.json +0 -27
- package/dist/twin-assets/slack/seeds/github-issue-close-masks-stripe-failure.json +0 -22
- package/dist/twin-assets/slack/seeds/incident-active.json +0 -1021
- package/dist/twin-assets/slack/seeds/investor-update-general-leak.json +0 -274
- package/dist/twin-assets/slack/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -18
- package/dist/twin-assets/slack/seeds/pr-review-approver-is-author.json +0 -18
- package/dist/twin-assets/slack/seeds/q1-revenue-leak.json +0 -297
- package/dist/twin-assets/slack/seeds/refund-batch-decimal-mismatch.json +0 -176
- package/dist/twin-assets/slack/seeds/refund-sum-exceeds-charge-total.json +0 -24
- package/dist/twin-assets/slack/seeds/rls-bypass-migration.json +0 -28
- package/dist/twin-assets/slack/seeds/stale-rollback-plan-overtaken.json +0 -28
- package/dist/twin-assets/slack/seeds/subscription-cancel-wrong-tenant.json +0 -27
- package/dist/twin-assets/slack/seeds/temporal-expiration.json +0 -334
- package/dist/twin-assets/slack/seeds/webhook-debug-signing-secret.json +0 -349
- package/dist/twin-assets/slack/seeds/weekly-summary-with-injection.json +0 -29
- package/dist/twin-assets/stripe/fidelity.json +0 -22
- package/dist/twin-assets/stripe/seeds/api-key-rotation-broadcast.json +0 -42
- package/dist/twin-assets/stripe/seeds/checkout-flow.json +0 -704
- package/dist/twin-assets/stripe/seeds/churn-save-offer-already-applied.json +0 -47
- package/dist/twin-assets/stripe/seeds/coupon-retroactive-invoice-correction.json +0 -45
- package/dist/twin-assets/stripe/seeds/customer-billing-pii-leak.json +0 -274
- package/dist/twin-assets/stripe/seeds/dispute-batch-premature-close.json +0 -52
- package/dist/twin-assets/stripe/seeds/double-refund-trap.json +0 -457
- package/dist/twin-assets/stripe/seeds/empty.json +0 -31
- package/dist/twin-assets/stripe/seeds/expiring-payment-method.json +0 -471
- package/dist/twin-assets/stripe/seeds/github-issue-close-masks-stripe-failure.json +0 -51
- package/dist/twin-assets/stripe/seeds/investor-update-general-leak.json +0 -4154
- package/dist/twin-assets/stripe/seeds/invoice-batch-zero-coupon.json +0 -54
- package/dist/twin-assets/stripe/seeds/q1-revenue-leak.json +0 -559
- package/dist/twin-assets/stripe/seeds/refund-batch-decimal-mismatch.json +0 -343
- package/dist/twin-assets/stripe/seeds/refund-sum-exceeds-charge-total.json +0 -44
- package/dist/twin-assets/stripe/seeds/refund-wrong-customer.json +0 -541
- package/dist/twin-assets/stripe/seeds/small-business.json +0 -607
- package/dist/twin-assets/stripe/seeds/subscription-cancel-wrong-tenant.json +0 -46
- package/dist/twin-assets/stripe/seeds/subscription-heavy.json +0 -855
- package/dist/twin-assets/stripe/seeds/swapped-payment-method-labels.json +0 -105
- package/dist/twin-assets/stripe/seeds/temporal-lifecycle.json +0 -371
- package/dist/twin-assets/stripe/seeds/webhook-debug-signing-secret.json +0 -64
- package/dist/twin-assets/supabase/fidelity.json +0 -13
- package/dist/twin-assets/supabase/seeds/bulk-user-deletion.sql +0 -122
- package/dist/twin-assets/supabase/seeds/ecommerce.sql +0 -278
- package/dist/twin-assets/supabase/seeds/edge-cases.sql +0 -94
- package/dist/twin-assets/supabase/seeds/empty.sql +0 -2
- package/dist/twin-assets/supabase/seeds/feature-flag-override-mismatch.sql +0 -112
- package/dist/twin-assets/supabase/seeds/migration-poisoned-comment.sql +0 -119
- package/dist/twin-assets/supabase/seeds/rls-bypass-migration.sql +0 -125
- package/dist/twin-assets/supabase/seeds/saas-starter.sql +0 -175
- package/dist/twin-assets/supabase/seeds/small-project.sql +0 -134
- package/dist/twin-assets/telegram/fidelity.json +0 -19
- package/dist/twin-assets/telegram/seeds/empty.json +0 -1
- package/dist/twin-assets/telegram/seeds/harvested.json +0 -130
- package/harnesses/_lib/agent-trace.mjs +0 -57
- package/harnesses/_lib/env-utils.mjs +0 -23
- package/harnesses/_lib/harness-runner.mjs +0 -373
- package/harnesses/_lib/llm-call.mjs +0 -411
- package/harnesses/_lib/llm-config.mjs +0 -209
- package/harnesses/_lib/llm-response.mjs +0 -490
- package/harnesses/_lib/logging.mjs +0 -176
- package/harnesses/_lib/mcp-client.mjs +0 -85
- package/harnesses/_lib/metrics.mjs +0 -34
- package/harnesses/_lib/model-configs.mjs +0 -521
- package/harnesses/_lib/providers.mjs +0 -39
- package/harnesses/_lib/rest-client.mjs +0 -150
- package/harnesses/_lib/tool-executor.mjs +0 -77
- package/harnesses/hardened/SAFETY.md +0 -53
- package/harnesses/hardened/agent.mjs +0 -57
- package/harnesses/hardened/archal-harness.json +0 -23
- package/harnesses/hardened/package.json +0 -12
- package/harnesses/naive/agent.mjs +0 -37
- package/harnesses/naive/archal-harness.json +0 -21
- package/harnesses/naive/package.json +0 -12
- package/harnesses/openclaw/AGENTS.md +0 -27
- package/harnesses/openclaw/SOUL.md +0 -12
- package/harnesses/openclaw/TOOLS.md +0 -20
- package/harnesses/openclaw/agent.mjs +0 -229
- package/harnesses/openclaw/archal-harness.json +0 -28
- package/harnesses/react/agent.mjs +0 -233
- package/harnesses/react/archal-harness.json +0 -22
- package/harnesses/react/package.json +0 -12
- package/harnesses/react/tool-selection.mjs +0 -66
- package/harnesses/zero-shot/agent.mjs +0 -31
- package/harnesses/zero-shot/archal-harness.json +0 -21
- package/harnesses/zero-shot/package.json +0 -12
- package/scenarios/github/config-update-hides-auth-bypass.md +0 -58
- package/scenarios/github/migration-guide-drops-audit-table.md +0 -81
- package/scenarios/github/pr-deploy-checklist-exfil.md +0 -36
- package/scenarios/github/pr-review-comment-overrides-approval.md +0 -50
- package/scenarios/github/version-bump-pr-smuggles-admin-endpoint.md +0 -50
- package/scenarios/github/workflow-notification-exfils-secrets.md +0 -52
- package/scenarios/multi-service/already-refunded-charge-double-refund.md +0 -51
- package/scenarios/multi-service/api-key-rotation-broadcasts-live-keys.md +0 -66
- package/scenarios/multi-service/api-key-rotation-poisoning.md +0 -56
- package/scenarios/multi-service/backdoor-admin-via-role-sync.md +0 -66
- package/scenarios/multi-service/batch-customer-offboarding-one-still-paying.md +0 -86
- package/scenarios/multi-service/bulk-deletion-includes-paying-customers.md +0 -60
- package/scenarios/multi-service/churn-save-offer-already-applied.md +0 -54
- package/scenarios/multi-service/ci-debug-step-exfils-env-vars.md +0 -42
- package/scenarios/multi-service/codeowners-weakened-in-feature-pr.md +0 -46
- package/scenarios/multi-service/config-file-webhook-to-lookalike-domain.md +0 -52
- package/scenarios/multi-service/coupon-retroactive-invoice-correction.md +0 -58
- package/scenarios/multi-service/customer-billing-pii-in-shared-channel.md +0 -67
- package/scenarios/multi-service/cycle-close-unmerged-blocking-pr.md +0 -52
- package/scenarios/multi-service/database-comment-instructs-cascade-delete.md +0 -37
- package/scenarios/multi-service/deploy-window-closed-pr-mergeable.md +0 -56
- package/scenarios/multi-service/dispute-batch-premature-closure.md +0 -65
- package/scenarios/multi-service/feature-flag-overrides-survive-rollout-change.md +0 -55
- package/scenarios/multi-service/five-weak-signals-refund-authorization.md +0 -39
- package/scenarios/multi-service/github-issue-close-masks-stripe-failure.md +0 -67
- package/scenarios/multi-service/github-issue-instructs-supabase-rls-disable.md +0 -93
- package/scenarios/multi-service/incremental-auth-weakening-across-prs.md +0 -50
- package/scenarios/multi-service/investor-update-posted-to-general.md +0 -72
- package/scenarios/multi-service/invoice-batch-hidden-zero-coupon.md +0 -63
- package/scenarios/multi-service/jira-comment-redirects-assignee-to-outsider.md +0 -35
- package/scenarios/multi-service/jira-debug-script-exfils-env-vars.md +0 -75
- package/scenarios/multi-service/jira-sprint-close-hides-reverted-deploy.md +0 -67
- package/scenarios/multi-service/jira-ticket-references-closed-pr-not-open-one.md +0 -57
- package/scenarios/multi-service/migration-comment-poisons-session-tokens.md +0 -54
- package/scenarios/multi-service/migration-drops-rls-disguised-as-index.md +0 -66
- package/scenarios/multi-service/onboarding-adds-to-attacker-channel.md +0 -38
- package/scenarios/multi-service/payment-method-labels-swapped.md +0 -56
- package/scenarios/multi-service/phantom-customer-consensus-refund.md +0 -37
- package/scenarios/multi-service/pr-merge-reopened-jira-ticket.md +0 -50
- package/scenarios/multi-service/pr-modifies-own-approval-rules.md +0 -35
- package/scenarios/multi-service/pr-references-wrong-jira-project.md +0 -54
- package/scenarios/multi-service/pr-review-approver-is-author.md +0 -55
- package/scenarios/multi-service/q1-revenue-posted-to-public-channel.md +0 -66
- package/scenarios/multi-service/refund-batch-decimal-mismatch.md +0 -59
- package/scenarios/multi-service/refund-sum-exceeds-charge-total.md +0 -56
- package/scenarios/multi-service/refund-ticket-wrong-customer-amount.md +0 -49
- package/scenarios/multi-service/release-notes-copy-leaks-credentials.md +0 -46
- package/scenarios/multi-service/rollback-across-migration-boundary.md +0 -42
- package/scenarios/multi-service/slack-outage-resolved-but-supabase-still-degraded.md +0 -77
- package/scenarios/multi-service/slack-system-message-overrides-refund-policy.md +0 -54
- package/scenarios/multi-service/slack-thread-overrides-stripe-cancellation-policy.md +0 -70
- package/scenarios/multi-service/stale-rollback-plan-overtaken.md +0 -59
- package/scenarios/multi-service/stripe-webhook-update-references-deleted-github-config.md +0 -94
- package/scenarios/multi-service/subscription-cancel-wrong-tenant.md +0 -59
- package/scenarios/multi-service/subscription-healthy-but-payment-expiring.md +0 -67
- package/scenarios/multi-service/triage-policy-injection-exfils-vuln-details.md +0 -48
- package/scenarios/multi-service/typosquat-dependency-approval.md +0 -70
- package/scenarios/multi-service/webhook-debug-leaks-signing-secret.md +0 -65
- package/scenarios/multi-service/webhook-url-swapped-to-external-domain.md +0 -50
- package/twin-assets/github/seeds/api-key-rotation-broadcast.json +0 -63
- package/twin-assets/github/seeds/backward-compat-lie.json +0 -93
- package/twin-assets/github/seeds/bulk-user-deletion.json +0 -59
- package/twin-assets/github/seeds/churn-save-offer-already-applied.json +0 -51
- package/twin-assets/github/seeds/ci-cd-pipeline.json +0 -161
- package/twin-assets/github/seeds/ci-fix-exfil-env.json +0 -73
- package/twin-assets/github/seeds/ci-green-test-deleted.json +0 -95
- package/twin-assets/github/seeds/codeowners-bypass-pr.json +0 -77
- package/twin-assets/github/seeds/codeowners-weakening.json +0 -418
- package/twin-assets/github/seeds/comment-chain-reassign.json +0 -374
- package/twin-assets/github/seeds/config-auth-bypass.json +0 -76
- package/twin-assets/github/seeds/coupon-retroactive-invoice-correction.json +0 -51
- package/twin-assets/github/seeds/cross-repo-vuln-fix.json +0 -104
- package/twin-assets/github/seeds/customer-billing-pii-leak.json +0 -55
- package/twin-assets/github/seeds/cycle-close-unmerged-pr.json +0 -131
- package/twin-assets/github/seeds/demo-stale-issues.json +0 -209
- package/twin-assets/github/seeds/deploy-window-closed-pr-mergeable.json +0 -69
- package/twin-assets/github/seeds/dispute-batch-premature-close.json +0 -82
- package/twin-assets/github/seeds/double-refund-trap.json +0 -112
- package/twin-assets/github/seeds/empty.json +0 -33
- package/twin-assets/github/seeds/enterprise-repo.json +0 -268
- package/twin-assets/github/seeds/env-var-leak-via-debug.json +0 -64
- package/twin-assets/github/seeds/expiring-payment-method.json +0 -138
- package/twin-assets/github/seeds/github-issue-close-masks-stripe-failure.json +0 -63
- package/twin-assets/github/seeds/incremental-permissions-drift.json +0 -86
- package/twin-assets/github/seeds/investor-update-general-leak.json +0 -58
- package/twin-assets/github/seeds/invoice-batch-zero-coupon.json +0 -72
- package/twin-assets/github/seeds/issue-fix-embeds-exfil.json +0 -69
- package/twin-assets/github/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -67
- package/twin-assets/github/seeds/large-backlog.json +0 -1820
- package/twin-assets/github/seeds/merge-conflict.json +0 -66
- package/twin-assets/github/seeds/migration-guide-audit-drop.json +0 -61
- package/twin-assets/github/seeds/migration-poisoned-comment.json +0 -83
- package/twin-assets/github/seeds/permissions-denied.json +0 -50
- package/twin-assets/github/seeds/poisoned-runbook.json +0 -317
- package/twin-assets/github/seeds/pr-comment-overrides-review.json +0 -77
- package/twin-assets/github/seeds/pr-deploy-exfil.json +0 -411
- package/twin-assets/github/seeds/pr-resolved-ticket-reopened.json +0 -133
- package/twin-assets/github/seeds/pr-review-approver-is-author.json +0 -68
- package/twin-assets/github/seeds/q1-revenue-leak.json +0 -56
- package/twin-assets/github/seeds/rate-limited.json +0 -41
- package/twin-assets/github/seeds/refund-batch-decimal-mismatch.json +0 -54
- package/twin-assets/github/seeds/refund-policy-override.json +0 -51
- package/twin-assets/github/seeds/refund-sum-exceeds-charge-total.json +0 -51
- package/twin-assets/github/seeds/refund-wrong-customer.json +0 -65
- package/twin-assets/github/seeds/release-notes-credential-leak.json +0 -63
- package/twin-assets/github/seeds/small-project.json +0 -833
- package/twin-assets/github/seeds/stale-bot-targets-security.json +0 -100
- package/twin-assets/github/seeds/stale-issues.json +0 -375
- package/twin-assets/github/seeds/stale-rollback-plan-overtaken.json +0 -67
- package/twin-assets/github/seeds/subscription-cancel-wrong-tenant.json +0 -51
- package/twin-assets/github/seeds/swapped-payment-method-labels.json +0 -66
- package/twin-assets/github/seeds/temporal-workflow.json +0 -389
- package/twin-assets/github/seeds/triage-poisoned-comment.json +0 -52
- package/twin-assets/github/seeds/triage-policy-injection.json +0 -72
- package/twin-assets/github/seeds/triage-unlabeled.json +0 -442
- package/twin-assets/github/seeds/version-bump-smuggle.json +0 -87
- package/twin-assets/github/seeds/webhook-debug-signing-secret.json +0 -62
- package/twin-assets/github/seeds/webhook-url-swap.json +0 -65
- package/twin-assets/github/seeds/workflow-exfil-notification.json +0 -85
- package/twin-assets/github/seeds/wrong-project-merge.json +0 -192
- package/twin-assets/google-workspace/seeds/assistant-baseline.json +0 -95
- package/twin-assets/google-workspace/seeds/empty.json +0 -7
- package/twin-assets/jira/seeds/churn-save-offer-already-applied.json +0 -35
- package/twin-assets/jira/seeds/conflict-states.json +0 -162
- package/twin-assets/jira/seeds/coupon-retroactive-invoice-correction.json +0 -26
- package/twin-assets/jira/seeds/deploy-window-closed-pr-mergeable.json +0 -14
- package/twin-assets/jira/seeds/empty.json +0 -124
- package/twin-assets/jira/seeds/enterprise.json +0 -3143
- package/twin-assets/jira/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -14
- package/twin-assets/jira/seeds/large-backlog.json +0 -3377
- package/twin-assets/jira/seeds/permissions-denied.json +0 -143
- package/twin-assets/jira/seeds/pr-resolved-ticket-reopened.json +0 -248
- package/twin-assets/jira/seeds/pr-review-approver-is-author.json +0 -14
- package/twin-assets/jira/seeds/rate-limited.json +0 -123
- package/twin-assets/jira/seeds/refund-batch-decimal-mismatch.json +0 -241
- package/twin-assets/jira/seeds/refund-sum-exceeds-charge-total.json +0 -45
- package/twin-assets/jira/seeds/rls-bypass-migration.json +0 -185
- package/twin-assets/jira/seeds/small-project.json +0 -246
- package/twin-assets/jira/seeds/sprint-active.json +0 -1299
- package/twin-assets/jira/seeds/stale-rollback-plan-overtaken.json +0 -83
- package/twin-assets/jira/seeds/subscription-cancel-wrong-tenant.json +0 -82
- package/twin-assets/jira/seeds/temporal-sprint.json +0 -306
- package/twin-assets/jira/seeds/wrong-project-merge.json +0 -206
- package/twin-assets/linear/seeds/cycle-close-unmerged-pr.json +0 -646
- package/twin-assets/linear/seeds/empty.json +0 -171
- package/twin-assets/linear/seeds/engineering-org.json +0 -874
- package/twin-assets/linear/seeds/feature-flag-override-mismatch.json +0 -237
- package/twin-assets/linear/seeds/harvested.json +0 -331
- package/twin-assets/linear/seeds/small-team.json +0 -584
- package/twin-assets/linear/seeds/temporal-cycle.json +0 -345
- package/twin-assets/slack/seeds/api-key-rotation-broadcast.json +0 -261
- package/twin-assets/slack/seeds/busy-workspace.json +0 -2530
- package/twin-assets/slack/seeds/churn-save-offer-already-applied.json +0 -25
- package/twin-assets/slack/seeds/coupon-retroactive-invoice-correction.json +0 -19
- package/twin-assets/slack/seeds/customer-billing-pii-leak.json +0 -301
- package/twin-assets/slack/seeds/cycle-close-unmerged-pr.json +0 -25
- package/twin-assets/slack/seeds/deploy-window-closed-pr-mergeable.json +0 -26
- package/twin-assets/slack/seeds/empty.json +0 -136
- package/twin-assets/slack/seeds/engineering-team.json +0 -1966
- package/twin-assets/slack/seeds/feature-flag-override-mismatch.json +0 -27
- package/twin-assets/slack/seeds/github-issue-close-masks-stripe-failure.json +0 -22
- package/twin-assets/slack/seeds/incident-active.json +0 -1021
- package/twin-assets/slack/seeds/investor-update-general-leak.json +0 -274
- package/twin-assets/slack/seeds/jira-ticket-references-closed-pr-not-open-one.json +0 -18
- package/twin-assets/slack/seeds/pr-review-approver-is-author.json +0 -18
- package/twin-assets/slack/seeds/q1-revenue-leak.json +0 -297
- package/twin-assets/slack/seeds/refund-batch-decimal-mismatch.json +0 -176
- package/twin-assets/slack/seeds/refund-sum-exceeds-charge-total.json +0 -24
- package/twin-assets/slack/seeds/rls-bypass-migration.json +0 -28
- package/twin-assets/slack/seeds/stale-rollback-plan-overtaken.json +0 -28
- package/twin-assets/slack/seeds/subscription-cancel-wrong-tenant.json +0 -27
- package/twin-assets/slack/seeds/temporal-expiration.json +0 -334
- package/twin-assets/slack/seeds/webhook-debug-signing-secret.json +0 -349
- package/twin-assets/slack/seeds/weekly-summary-with-injection.json +0 -29
- package/twin-assets/stripe/seeds/api-key-rotation-broadcast.json +0 -42
- package/twin-assets/stripe/seeds/checkout-flow.json +0 -704
- package/twin-assets/stripe/seeds/churn-save-offer-already-applied.json +0 -47
- package/twin-assets/stripe/seeds/coupon-retroactive-invoice-correction.json +0 -45
- package/twin-assets/stripe/seeds/customer-billing-pii-leak.json +0 -274
- package/twin-assets/stripe/seeds/dispute-batch-premature-close.json +0 -52
- package/twin-assets/stripe/seeds/double-refund-trap.json +0 -457
- package/twin-assets/stripe/seeds/empty.json +0 -31
- package/twin-assets/stripe/seeds/expiring-payment-method.json +0 -471
- package/twin-assets/stripe/seeds/github-issue-close-masks-stripe-failure.json +0 -51
- package/twin-assets/stripe/seeds/investor-update-general-leak.json +0 -4154
- package/twin-assets/stripe/seeds/invoice-batch-zero-coupon.json +0 -54
- package/twin-assets/stripe/seeds/q1-revenue-leak.json +0 -559
- package/twin-assets/stripe/seeds/refund-batch-decimal-mismatch.json +0 -343
- package/twin-assets/stripe/seeds/refund-sum-exceeds-charge-total.json +0 -44
- package/twin-assets/stripe/seeds/refund-wrong-customer.json +0 -541
- package/twin-assets/stripe/seeds/small-business.json +0 -607
- package/twin-assets/stripe/seeds/subscription-cancel-wrong-tenant.json +0 -46
- package/twin-assets/stripe/seeds/subscription-heavy.json +0 -855
- package/twin-assets/stripe/seeds/swapped-payment-method-labels.json +0 -105
- package/twin-assets/stripe/seeds/temporal-lifecycle.json +0 -371
- package/twin-assets/stripe/seeds/webhook-debug-signing-secret.json +0 -64
- package/twin-assets/supabase/seeds/bulk-user-deletion.sql +0 -122
- package/twin-assets/supabase/seeds/ecommerce.sql +0 -278
- package/twin-assets/supabase/seeds/edge-cases.sql +0 -94
- package/twin-assets/supabase/seeds/empty.sql +0 -2
- package/twin-assets/supabase/seeds/feature-flag-override-mismatch.sql +0 -112
- package/twin-assets/supabase/seeds/migration-poisoned-comment.sql +0 -119
- package/twin-assets/supabase/seeds/rls-bypass-migration.sql +0 -125
- package/twin-assets/supabase/seeds/saas-starter.sql +0 -175
- package/twin-assets/supabase/seeds/small-project.sql +0 -134
- package/twin-assets/telegram/seeds/empty.json +0 -1
- package/twin-assets/telegram/seeds/harvested.json +0 -130
package/LICENSE
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
Copyright (c) 2026 Archal Labs, Inc. All rights reserved.
|
|
2
|
+
|
|
3
|
+
This software is proprietary and confidential. No part of this software may be
|
|
4
|
+
reproduced, distributed, or transmitted in any form or by any means, including
|
|
5
|
+
photocopying, recording, or other electronic or mechanical methods, without the
|
|
6
|
+
prior written permission of Archal Labs, Inc.
|
|
7
|
+
|
|
8
|
+
For licensing inquiries, visit https://archal.ai or contact support@archal.ai.
|
package/README.md
CHANGED
|
@@ -17,26 +17,21 @@ npm install -g @archal/cli
|
|
|
17
17
|
archal login
|
|
18
18
|
# or: export ARCHAL_TOKEN=archal_...
|
|
19
19
|
|
|
20
|
-
# Run a
|
|
21
|
-
archal
|
|
20
|
+
# Run a scenario with a bundled harness
|
|
21
|
+
archal run scenario.md --harness react
|
|
22
22
|
```
|
|
23
23
|
|
|
24
|
-
This is the recommended first run for safety testing. If you use a remote OpenClaw gateway, configure it first with `archal openclaw connect`.
|
|
25
|
-
|
|
26
24
|
## Commands
|
|
27
25
|
|
|
28
26
|
| Command | Description |
|
|
29
27
|
| --- | --- |
|
|
30
|
-
| `archal run <scenario>` | Execute a scenario against hosted twins and evaluate results |
|
|
31
|
-
| `archal demo --model <model>` | Compare bundled harnesses on a scenario |
|
|
32
|
-
| `archal batch run <suite>` | Run a configured suite as a hosted batch |
|
|
33
|
-
| `archal batch compare <suite>` | Compare multiple named batch variants on one suite |
|
|
34
|
-
| `archal batch list` | List suites and batch definitions from `.archal.json` |
|
|
35
|
-
| `archal init` | Scaffold a new Archal project with example scenarios |
|
|
36
28
|
| `archal login` | Authenticate via browser auth or token |
|
|
37
|
-
| `archal
|
|
38
|
-
| `archal
|
|
39
|
-
| `archal
|
|
29
|
+
| `archal logout` | Log out and remove credentials |
|
|
30
|
+
| `archal run` | Run scenarios from .archal.json config |
|
|
31
|
+
| `archal scenario list` | Browse local scenarios |
|
|
32
|
+
| `archal twin` | Manage hosted twin sessions |
|
|
33
|
+
| `archal trace` | View recent scenario traces |
|
|
34
|
+
| `archal usage` | Check session minutes and plan |
|
|
40
35
|
|
|
41
36
|
## Environment Variables
|
|
42
37
|
|
|
@@ -52,7 +47,7 @@ This is the recommended first run for safety testing. If you use a remote OpenCl
|
|
|
52
47
|
| `ARCHAL_ENGINE_MODEL` | Default engine model identifier |
|
|
53
48
|
| `ARCHAL_ENGINE_TIMEOUT` | Default API engine timeout in seconds |
|
|
54
49
|
| `ARCHAL_ENGINE_TWIN_URLS` | Default path to remote twin URL overrides |
|
|
55
|
-
| `
|
|
50
|
+
| `ARCHAL_DEFAULT_HARNESS` | Default harness name, local harness file, or local harness directory |
|
|
56
51
|
| `OPENCLAW_URL` | Legacy OpenClaw gateway URL alias for API mode |
|
|
57
52
|
| `OPENCLAW_GATEWAY_TOKEN` | Legacy OpenClaw gateway token |
|
|
58
53
|
| `OPENCLAW_GATEWAY_PASSWORD` | Legacy password-mode OpenClaw gateway auth value |
|