@askexenow/exe-os 0.9.198 → 0.9.199

package/dist/bin/exe-start-opencode.js

@@ -6,7 +6,7 @@ import "../chunk-OGQX7HLN.js";
 import {
   disposeStore,
   initStore
-} from "../chunk-42QSXHKN.js";
+} from "../chunk-4X7CMJDN.js";
 import "../chunk-CHCA3ZM2.js";
 import "../chunk-OO5CPMT3.js";
 import {
@@ -180,7 +180,7 @@ async function main() {
   } catch {
   }
   try {
-    const { verifyOpenCodeHooks, runOpenCodeInstaller } = await import("../installer-MWOEIXKV.js");
+    const { verifyOpenCodeHooks, runOpenCodeInstaller } = await import("../installer-GSA2KOSE.js");
     if (!verifyOpenCodeHooks()) {
       process.stderr.write("[exe-start-opencode] hooks missing \u2014 registering now\n");
       await runOpenCodeInstaller();

package/dist/bin/exe-status.js

@@ -1,9 +1,9 @@
 #!/usr/bin/env node
 import {
   status
-} from "../chunk-34ENR4JM.js";
-import "../chunk-M4UP7VWO.js";
-import "../chunk-WP6P3LSI.js";
+} from "../chunk-KRYEHI4V.js";
+import "../chunk-NF4AEKQK.js";
+import "../chunk-MABQMUCQ.js";
 import "../chunk-RN6XYY7U.js";
 import "../chunk-QI4IXJN7.js";
 import "../chunk-64WZEXXA.js";

package/dist/bin/exe-team.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   fastDbInit
-} from "../chunk-M4UP7VWO.js";
+} from "../chunk-NF4AEKQK.js";
 import {
   getClient,
   loadEmployees

package/dist/bin/generate-hook-manifest.js

@@ -0,0 +1,30 @@
+#!/usr/bin/env node
+
+// src/bin/generate-hook-manifest.ts
+import { createHash } from "crypto";
+import { readFileSync, writeFileSync, readdirSync, existsSync } from "fs";
+import path from "path";
+import { fileURLToPath } from "url";
+var __dirname = path.dirname(fileURLToPath(import.meta.url));
+var HOOKS_DIR = path.resolve(__dirname, "..", "hooks");
+var MANIFEST_PATH = path.join(HOOKS_DIR, "manifest.json");
+function main() {
+  if (!existsSync(HOOKS_DIR)) {
+    console.error(`[generate-hook-manifest] Hooks directory not found: ${HOOKS_DIR}`);
+    process.exit(1);
+  }
+  const files = readdirSync(HOOKS_DIR).filter((f) => f.endsWith(".js"));
+  const hashes = {};
+  for (const file of files) {
+    const content = readFileSync(path.join(HOOKS_DIR, file));
+    hashes[file] = createHash("sha256").update(content).digest("hex");
+  }
+  const manifest = {
+    version: 1,
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    hashes
+  };
+  writeFileSync(MANIFEST_PATH, JSON.stringify(manifest, null, 2) + "\n");
+  console.log(`[generate-hook-manifest] Written ${files.length} hashes to ${MANIFEST_PATH}`);
+}
+main();

package/dist/bin/git-sweep.js

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
 import {
   sweepTasks
-} from "../chunk-ADI4Z63O.js";
-import "../chunk-WP6P3LSI.js";
+} from "../chunk-DNEOEKWA.js";
+import "../chunk-MABQMUCQ.js";
 import "../chunk-RN6XYY7U.js";
 import "../chunk-QI4IXJN7.js";
 import "../chunk-64WZEXXA.js";

package/dist/bin/graph-backfill.js

@@ -11,7 +11,7 @@ import "../chunk-I7AW4237.js";
 import {
   disposeStore,
   initStore
-} from "../chunk-42QSXHKN.js";
+} from "../chunk-4X7CMJDN.js";
 import "../chunk-CHCA3ZM2.js";
 import "../chunk-OO5CPMT3.js";
 import "../chunk-MP2AFCGL.js";

package/dist/bin/graph-export.js

@@ -5,10 +5,10 @@ import {
 } from "../chunk-46SQTBQW.js";
 import {
   fastDbInit
-} from "../chunk-M4UP7VWO.js";
+} from "../chunk-NF4AEKQK.js";
 import {
   disposeStore
-} from "../chunk-42QSXHKN.js";
+} from "../chunk-4X7CMJDN.js";
 import "../chunk-CHCA3ZM2.js";
 import "../chunk-OO5CPMT3.js";
 import "../chunk-MP2AFCGL.js";

package/dist/bin/import-history.js

@@ -12,7 +12,7 @@ import {
   flushBatch,
   initStore,
   writeMemory
-} from "../chunk-42QSXHKN.js";
+} from "../chunk-4X7CMJDN.js";
 import {
   extractKeywords,
   keywordsToString

package/dist/bin/install.js

@@ -6,9 +6,9 @@ import {
   setupGhostty,
   setupTmux,
   setupWezterm
-} from "../chunk-TF2BZTXF.js";
-import "../chunk-QPSUK5HA.js";
+} from "../chunk-7WUBXLK2.js";
 import "../chunk-GNHN5HRQ.js";
+import "../chunk-QPSUK5HA.js";
 import {
   generateSessionWrappers
 } from "../chunk-ZHMQDTGE.js";
@@ -329,7 +329,7 @@ if (args.includes("--commands-only")) {
     }
     try {
       execSync("which codex", { encoding: "utf8", timeout: 5e3 });
-      const { runCodexInstaller } = await import("../installer-BTOQSNZI.js");
+      const { runCodexInstaller } = await import("../installer-DWVZFKAH.js");
       await runCodexInstaller();
     } catch {
     }

package/dist/bin/intercom-check.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   fastDbInit
-} from "../chunk-M4UP7VWO.js";
+} from "../chunk-NF4AEKQK.js";
 import "../chunk-MLKGABMK.js";
 
 // src/bin/intercom-check.ts
@@ -17,7 +17,7 @@ async function main() {
   }
   if (isCoordinator) {
     try {
-      const { listPendingReviews, cleanupOrphanedReviews, formatAge, isStale } = await import("../tasks-review-Z6PA4AF5.js");
+      const { listPendingReviews, cleanupOrphanedReviews, formatAge, isStale } = await import("../tasks-review-ID7V6RSR.js");
       const { extractRootExe } = await import("../lib/tmux-routing.js");
       let sessionScope = process.env.EXE_SESSION ? extractRootExe(process.env.EXE_SESSION) ?? void 0 : void 0;
       if (!sessionScope) {
@@ -115,7 +115,7 @@ async function main() {
     }
   }
   try {
-    const { readUnreadNotifications, markAsRead } = await import("../notifications-GENT3AWZ.js");
+    const { readUnreadNotifications, markAsRead } = await import("../notifications-WYNI5OG6.js");
     const { resolveExeSession } = await import("../lib/tmux-routing.js");
     const sessionScope = resolveExeSession();
     const notifications = await readUnreadNotifications(agent, sessionScope);

package/dist/bin/scan-tasks.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   queryTaskRows
-} from "../chunk-WP6P3LSI.js";
+} from "../chunk-MABQMUCQ.js";
 import "../chunk-RN6XYY7U.js";
 import "../chunk-QI4IXJN7.js";
 import "../chunk-64WZEXXA.js";
@@ -72,7 +72,7 @@ function checkMcpHealth() {
   }
 }
 async function scanFromDb(agentId, tmuxSession, projectName) {
-  const { fastDbInit } = await import("../fast-db-init-URP3KJAE.js");
+  const { fastDbInit } = await import("../fast-db-init-DAZZ7ZUP.js");
   try {
     await fastDbInit();
   } catch (err) {

package/dist/bin/setup.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   runSetupWizard
-} from "../chunk-SSRRHKIO.js";
+} from "../chunk-MQLMIY6U.js";
 import "../chunk-6D23UNXU.js";
 import "../chunk-4GXRETYL.js";
 import "../chunk-LYH5HE24.js";

package/dist/bin/shard-migrate.js

@@ -8,7 +8,7 @@ import {
 import {
   disposeStore,
   initStore
-} from "../chunk-42QSXHKN.js";
+} from "../chunk-4X7CMJDN.js";
 import "../chunk-CHCA3ZM2.js";
 import "../chunk-OO5CPMT3.js";
 import "../chunk-MP2AFCGL.js";

package/dist/browser-sanitizer-Q3GWRYKI.js

@@ -0,0 +1,229 @@
+import "./chunk-MLKGABMK.js";
+
+// src/lib/browser-sanitizer.ts
+import crypto from "crypto";
+var _canaries = /* @__PURE__ */ new Map();
+function getCanaryToken(agentId) {
+  let canary = _canaries.get(agentId);
+  if (!canary) {
+    canary = crypto.randomBytes(16).toString("hex");
+    _canaries.set(agentId, canary);
+  }
+  return canary;
+}
+function clearCanaryToken(agentId) {
+  _canaries.delete(agentId);
+}
+function checkCanary(content, agentId) {
+  const canary = _canaries.get(agentId);
+  if (!canary) return { injectionDetected: false };
+  const idx = content.indexOf(canary);
+  if (idx === -1) return { injectionDetected: false };
+  const start = Math.max(0, idx - 50);
+  const end = Math.min(content.length, idx + canary.length + 50);
+  return {
+    injectionDetected: true,
+    foundAt: idx,
+    context: content.slice(start, end)
+  };
+}
+var INVISIBLE_CHARS_PATTERN = new RegExp(
+  [
+    "\\u200B",
+    // Zero-width space
+    "\\u200C",
+    // Zero-width non-joiner
+    "\\u200D",
+    // Zero-width joiner
+    "\\u200E",
+    // Left-to-right mark
+    "\\u200F",
+    // Right-to-left mark
+    "\\u2060",
+    // Word joiner
+    "\\u2061",
+    // Function application
+    "\\u2062",
+    // Invisible times
+    "\\u2063",
+    // Invisible separator
+    "\\u2064",
+    // Invisible plus
+    "\\uFEFF",
+    // BOM / zero-width no-break space
+    "\\u00AD",
+    // Soft hyphen
+    "\\u034F",
+    // Combining grapheme joiner
+    "\\u061C",
+    // Arabic letter mark
+    "\\u115F",
+    // Hangul choseong filler
+    "\\u1160",
+    // Hangul jungseong filler
+    "\\u17B4",
+    // Khmer vowel inherent aq
+    "\\u17B5",
+    // Khmer vowel inherent aa
+    "\\u180E",
+    // Mongolian vowel separator
+    "\\u2000",
+    // En quad (sometimes abused)
+    "\\u2001",
+    // Em quad
+    "\\u2002",
+    // En space
+    "\\u2003",
+    // Em space
+    "\\u2004",
+    // Three-per-em space
+    "\\u2005",
+    // Four-per-em space
+    "\\u2006",
+    // Six-per-em space
+    "\\u2007",
+    // Figure space
+    "\\u2008",
+    // Punctuation space
+    "\\u2009",
+    // Thin space
+    "\\u200A",
+    // Hair space
+    "\\u202A",
+    // Left-to-right embedding
+    "\\u202B",
+    // Right-to-left embedding
+    "\\u202C",
+    // Pop directional formatting
+    "\\u202D",
+    // Left-to-right override
+    "\\u202E",
+    // Right-to-left override
+    "\\u2066",
+    // Left-to-right isolate
+    "\\u2067",
+    // Right-to-left isolate
+    "\\u2068",
+    // First strong isolate
+    "\\u2069",
+    // Pop directional isolate
+    "\\uFFA0",
+    // Halfwidth Hangul filler
+    "\\uFFF9",
+    // Interlinear annotation anchor
+    "\\uFFFA",
+    // Interlinear annotation separator
+    "\\uFFFB"
+    // Interlinear annotation terminator
+  ].join("|"),
+  "g"
+);
+var HTML_COMMENT_PATTERN = /<!--[\s\S]*?-->/g;
+var HIDDEN_ELEMENT_PATTERNS = [
+  // display:none elements
+  /<[^>]+style\s*=\s*"[^"]*display\s*:\s*none[^"]*"[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  /<[^>]+style\s*=\s*'[^']*display\s*:\s*none[^']*'[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  // visibility:hidden elements
+  /<[^>]+style\s*=\s*"[^"]*visibility\s*:\s*hidden[^"]*"[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  /<[^>]+style\s*=\s*'[^']*visibility\s*:\s*hidden[^']*'[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  // opacity:0 elements
+  /<[^>]+style\s*=\s*"[^"]*opacity\s*:\s*0[^"]*"[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  /<[^>]+style\s*=\s*'[^']*opacity\s*:\s*0[^']*'[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  // Hidden attribute
+  /<[^>]+\bhidden\b[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  // aria-hidden="true" (sometimes used to hide injection text)
+  /<[^>]+aria-hidden\s*=\s*"true"[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  // Absolute positioning off-screen (common injection technique)
+  /<[^>]+style\s*=\s*"[^"]*position\s*:\s*absolute[^"]*left\s*:\s*-\d{4,}[^"]*"[^>]*>[\s\S]*?<\/[^>]+>/gi,
+  /<[^>]+style\s*=\s*"[^"]*position\s*:\s*absolute[^"]*top\s*:\s*-\d{4,}[^"]*"[^>]*>[\s\S]*?<\/[^>]+>/gi
+];
+var SUSPICIOUS_DATA_ATTRS = /\s+data-(?:prompt|instruction|system|ai-instruction|llm-prompt|agent-instruction|hidden-prompt|inject|command|role|context|persona)\s*=\s*"[^"]*"/gi;
+var SCRIPT_STYLE_PATTERN = /<(?:script|style)\b[^>]*>[\s\S]*?<\/(?:script|style)>/gi;
+var NOSCRIPT_PATTERN = /<noscript\b[^>]*>[\s\S]*?<\/noscript>/gi;
+function sanitizeBrowserContent(rawContent, options = {}) {
+  const {
+    stripHidden = true,
+    stripComments = true,
+    stripInvisible = true,
+    stripScripts = true,
+    stripSuspiciousAttrs = true,
+    stripNoscript = true,
+    agentId
+  } = options;
+  let content = rawContent;
+  let strippedCount = 0;
+  const strippedCategories = [];
+  let injectionDetected = false;
+  let warning;
+  if (agentId) {
+    const canaryResult = checkCanary(content, agentId);
+    if (canaryResult.injectionDetected) {
+      injectionDetected = true;
+      warning = `\u26A0\uFE0F PROMPT INJECTION DETECTED: Page content contains your session canary token at offset ${canaryResult.foundAt}. This page may be attempting to extract or manipulate your system prompt. Context: "${canaryResult.context}"`;
+    }
+  }
+  if (stripScripts) {
+    const before = content.length;
+    content = content.replace(SCRIPT_STYLE_PATTERN, "");
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("scripts/styles");
+    }
+  }
+  if (stripHidden) {
+    const before = content.length;
+    for (const pattern of HIDDEN_ELEMENT_PATTERNS) {
+      content = content.replace(pattern, "");
+    }
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("hidden-elements");
+    }
+  }
+  if (stripComments) {
+    const before = content.length;
+    content = content.replace(HTML_COMMENT_PATTERN, "");
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("html-comments");
+    }
+  }
+  if (stripInvisible) {
+    const before = content.length;
+    content = content.replace(INVISIBLE_CHARS_PATTERN, "");
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("invisible-chars");
+    }
+  }
+  if (stripSuspiciousAttrs) {
+    const before = content.length;
+    content = content.replace(SUSPICIOUS_DATA_ATTRS, "");
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("suspicious-data-attrs");
+    }
+  }
+  if (stripNoscript) {
+    const before = content.length;
+    content = content.replace(NOSCRIPT_PATTERN, "");
+    if (content.length < before) {
+      strippedCount++;
+      strippedCategories.push("noscript");
+    }
+  }
+  content = content.replace(/\n{3,}/g, "\n\n").trim();
+  return {
+    content,
+    injectionDetected,
+    strippedCount,
+    strippedCategories,
+    warning
+  };
+}
+export {
+  checkCanary,
+  clearCanaryToken,
+  getCanaryToken,
+  sanitizeBrowserContent
+};

package/dist/browser-session-store-TSD4PCY7.js

@@ -0,0 +1,232 @@
+import {
+  enforcePrivateFileSync,
+  ensurePrivateDirSync
+} from "./chunk-LYH5HE24.js";
+import "./chunk-MLKGABMK.js";
+
+// src/lib/browser-session-store.ts
+import crypto from "crypto";
+import path from "path";
+import os from "os";
+import {
+  existsSync,
+  readFileSync,
+  writeFileSync,
+  unlinkSync,
+  readdirSync,
+  statSync
+} from "fs";
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 12;
+var TAG_LENGTH = 16;
+var HKDF_INFO = "exe-browser-cookies-v1";
+var DEFAULT_TTL_MS = 30 * 60 * 1e3;
+var _jarCache = /* @__PURE__ */ new Map();
+var _cookieKey = null;
+function initCookieCrypto(masterKey) {
+  if (masterKey.length !== 32) {
+    throw new Error(`Master key must be 32 bytes, got ${masterKey.length}`);
+  }
+  _cookieKey = Buffer.from(
+    crypto.hkdfSync("sha256", masterKey, "", HKDF_INFO, 32)
+  );
+}
+function isCookieCryptoInitialized() {
+  return _cookieKey !== null;
+}
+function encrypt(data) {
+  if (!_cookieKey) {
+    return "plain:" + Buffer.from(data, "utf-8").toString("base64");
+  }
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, _cookieKey, iv);
+  const encrypted = Buffer.concat([
+    cipher.update(Buffer.from(data, "utf-8")),
+    cipher.final()
+  ]);
+  const tag = cipher.getAuthTag();
+  return "enc:" + Buffer.concat([iv, encrypted, tag]).toString("base64");
+}
+function decrypt(ciphertext) {
+  if (ciphertext.startsWith("plain:")) {
+    return Buffer.from(ciphertext.slice(6), "base64").toString("utf-8");
+  }
+  if (!ciphertext.startsWith("enc:")) {
+    throw new Error("Unknown cookie store format");
+  }
+  if (!_cookieKey) {
+    throw new Error("Cookie crypto not initialized but encrypted data found");
+  }
+  const combined = Buffer.from(ciphertext.slice(4), "base64");
+  if (combined.length < IV_LENGTH + TAG_LENGTH) {
+    throw new Error("Cookie data too short");
+  }
+  const iv = combined.subarray(0, IV_LENGTH);
+  const tag = combined.subarray(combined.length - TAG_LENGTH);
+  const encrypted = combined.subarray(IV_LENGTH, combined.length - TAG_LENGTH);
+  const decipher = crypto.createDecipheriv(ALGORITHM, _cookieKey, iv);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([
+    decipher.update(encrypted),
+    decipher.final()
+  ]).toString("utf-8");
+}
+function getStoreDir() {
+  const base = process.env.EXE_OS_DIR ?? path.join(os.homedir(), ".exe-os");
+  return path.join(base, "browser-sessions");
+}
+function getJarPath(agentId, sessionKey) {
+  const safe = (s) => s.replace(/[^a-zA-Z0-9_-]/g, "_");
+  return path.join(getStoreDir(), `${safe(agentId)}-${safe(sessionKey)}.cookies.enc`);
+}
+function jarCacheKey(agentId, sessionKey) {
+  return `${agentId}:${sessionKey}`;
+}
+function getTtlMs() {
+  const envTtl = process.env.EXE_BROWSER_SESSION_TTL;
+  if (envTtl) {
+    const parsed = parseInt(envTtl, 10);
+    if (!isNaN(parsed) && parsed > 0) return parsed * 1e3;
+  }
+  return DEFAULT_TTL_MS;
+}
+function loadCookieJar(agentId, sessionKey) {
+  const cacheKey = jarCacheKey(agentId, sessionKey);
+  const cached = _jarCache.get(cacheKey);
+  if (cached) {
+    const ttl = getTtlMs();
+    if (Date.now() - cached.lastAccessed > ttl) {
+      clearCookieJar(agentId, sessionKey);
+      return null;
+    }
+    return cached;
+  }
+  const jarPath = getJarPath(agentId, sessionKey);
+  if (!existsSync(jarPath)) return null;
+  try {
+    const raw = readFileSync(jarPath, "utf-8");
+    const jar = JSON.parse(decrypt(raw));
+    const ttl = getTtlMs();
+    if (Date.now() - jar.lastAccessed > ttl) {
+      clearCookieJar(agentId, sessionKey);
+      return null;
+    }
+    const now = Math.floor(Date.now() / 1e3);
+    jar.cookies = jar.cookies.filter((c) => !c.expires || c.expires > now);
+    _jarCache.set(cacheKey, jar);
+    return jar;
+  } catch {
+    try {
+      unlinkSync(jarPath);
+    } catch {
+    }
+    return null;
+  }
+}
+function saveCookieJar(agentId, sessionKey, cookies) {
+  const cacheKey = jarCacheKey(agentId, sessionKey);
+  const existing = loadCookieJar(agentId, sessionKey);
+  const now = Date.now();
+  const cookieMap = /* @__PURE__ */ new Map();
+  if (existing) {
+    for (const c of existing.cookies) {
+      cookieMap.set(`${c.domain}:${c.path}:${c.name}`, c);
+    }
+  }
+  for (const c of cookies) {
+    cookieMap.set(`${c.domain}:${c.path}:${c.name}`, c);
+  }
+  const nowSec = Math.floor(now / 1e3);
+  const merged = [...cookieMap.values()].filter(
+    (c) => !c.expires || c.expires > nowSec
+  );
+  const jar = {
+    agentId,
+    sessionKey,
+    cookies: merged,
+    lastAccessed: now,
+    createdAt: existing?.createdAt ?? now
+  };
+  const storeDir = getStoreDir();
+  ensurePrivateDirSync(storeDir);
+  const jarPath = getJarPath(agentId, sessionKey);
+  const encrypted = encrypt(JSON.stringify(jar));
+  writeFileSync(jarPath, encrypted, "utf-8");
+  enforcePrivateFileSync(jarPath);
+  _jarCache.set(cacheKey, jar);
+}
+function getCookiesForUrl(agentId, sessionKey, url) {
+  const jar = loadCookieJar(agentId, sessionKey);
+  if (!jar || jar.cookies.length === 0) return [];
+  let hostname;
+  try {
+    hostname = new URL(url).hostname;
+  } catch {
+    return [];
+  }
+  const now = Math.floor(Date.now() / 1e3);
+  return jar.cookies.filter((c) => {
+    if (c.expires && c.expires <= now) return false;
+    const cookieDomain = c.domain.startsWith(".") ? c.domain.slice(1) : c.domain;
+    return hostname === cookieDomain || hostname.endsWith("." + cookieDomain);
+  });
+}
+function clearCookieJar(agentId, sessionKey) {
+  const cacheKey = jarCacheKey(agentId, sessionKey);
+  _jarCache.delete(cacheKey);
+  const jarPath = getJarPath(agentId, sessionKey);
+  try {
+    if (existsSync(jarPath)) unlinkSync(jarPath);
+  } catch {
+  }
+}
+function cleanupExpiredJars() {
+  const storeDir = getStoreDir();
+  if (!existsSync(storeDir)) return 0;
+  const ttl = getTtlMs();
+  const now = Date.now();
+  let cleaned = 0;
+  try {
+    const files = readdirSync(storeDir).filter((f) => f.endsWith(".cookies.enc"));
+    for (const file of files) {
+      const filePath = path.join(storeDir, file);
+      try {
+        const stat = statSync(filePath);
+        if (now - stat.mtimeMs > ttl) {
+          unlinkSync(filePath);
+          cleaned++;
+        }
+      } catch {
+      }
+    }
+  } catch {
+  }
+  return cleaned;
+}
+function touchCookieJar(agentId, sessionKey) {
+  const cacheKey = jarCacheKey(agentId, sessionKey);
+  const cached = _jarCache.get(cacheKey);
+  if (cached) {
+    cached.lastAccessed = Date.now();
+    const jarPath = getJarPath(agentId, sessionKey);
+    try {
+      if (existsSync(jarPath)) {
+        const raw = readFileSync(jarPath, "utf-8");
+        const jar = JSON.parse(decrypt(raw));
+        jar.lastAccessed = Date.now();
+        writeFileSync(jarPath, encrypt(JSON.stringify(jar)), "utf-8");
+      }
+    } catch {
+    }
+  }
+}
+export {
+  cleanupExpiredJars,
+  clearCookieJar,
+  getCookiesForUrl,
+  initCookieCrypto,
+  isCookieCryptoInitialized,
+  loadCookieJar,
+  saveCookieJar,
+  touchCookieJar
+};

package/dist/{capacity-monitor-H7D43IUQ.js → capacity-monitor-2TRPP3AX.js}

@@ -8,9 +8,9 @@ import {
   isAtCapacity,
   isWithinRelaunchCooldown,
   pollCapacityDead
-} from "./chunk-Q4WJJBOP.js";
+} from "./chunk-ZLP5TNRU.js";
 import "./chunk-WRCETUYE.js";
-import "./chunk-WP6P3LSI.js";
+import "./chunk-MABQMUCQ.js";
 import "./chunk-RN6XYY7U.js";
 import "./chunk-QI4IXJN7.js";
 import "./chunk-64WZEXXA.js";