@btraut/browser-bridge 0.14.0 → 0.15.0

package/dist/index.js

@@ -663,9 +663,10 @@ var createCoreReadinessController = (options = {}) => {
       return;
     }
     if (!ensurePromise) {
-      ensurePromise = ensureCoreRunning().catch((error) => {
+      ensurePromise = (async () => {
+        await ensureCoreRunning();
+      })().finally(() => {
         ensurePromise = null;
-        throw error;
       });
     }
     await ensurePromise;
@@ -938,6 +939,63 @@ var SessionCloseInputSchema = SessionIdSchema;
 var SessionCloseOutputSchema = import_zod3.z.object({
   ok: import_zod3.z.boolean()
 });
+var PermissionsModeSchema = import_zod3.z.enum(["granular", "bypass"]);
+var PermissionsRequestSourceSchema = import_zod3.z.enum(["cli", "mcp", "api"]);
+var PermissionsPendingRequestKindSchema = import_zod3.z.enum([
+  "allow_site",
+  "revoke_site",
+  "set_mode"
+]);
+var PermissionsPendingRequestStatusSchema = import_zod3.z.enum([
+  "pending",
+  "approved",
+  "denied",
+  "timed_out"
+]);
+var PermissionsSiteEntrySchema = import_zod3.z.object({
+  site: import_zod3.z.string().min(1),
+  created_at: import_zod3.z.string().datetime(),
+  last_used_at: import_zod3.z.string().datetime()
+});
+var PermissionsListInputSchema = import_zod3.z.object({}).strict().default({});
+var PermissionsListOutputSchema = import_zod3.z.object({
+  sites: import_zod3.z.array(PermissionsSiteEntrySchema)
+});
+var PermissionsGetModeInputSchema = import_zod3.z.object({}).strict().default({});
+var PermissionsGetModeOutputSchema = import_zod3.z.object({
+  mode: PermissionsModeSchema
+});
+var PermissionsPendingRequestSchema = import_zod3.z.object({
+  request_id: import_zod3.z.string().min(1),
+  kind: PermissionsPendingRequestKindSchema,
+  status: PermissionsPendingRequestStatusSchema,
+  requested_at: import_zod3.z.string().datetime(),
+  site: import_zod3.z.string().min(1).optional(),
+  mode: PermissionsModeSchema.optional(),
+  source: PermissionsRequestSourceSchema.optional(),
+  warning: import_zod3.z.string().optional(),
+  message: import_zod3.z.string().optional()
+});
+var PermissionsListPendingRequestsInputSchema = import_zod3.z.object({}).strict().default({});
+var PermissionsListPendingRequestsOutputSchema = import_zod3.z.object({
+  requests: import_zod3.z.array(PermissionsPendingRequestSchema)
+});
+var PermissionsRequestAllowSiteInputSchema = import_zod3.z.object({
+  site: import_zod3.z.string().min(1),
+  timeout_ms: import_zod3.z.number().int().positive().max(3e5).optional(),
+  source: PermissionsRequestSourceSchema.optional()
+});
+var PermissionsRequestRevokeSiteInputSchema = import_zod3.z.object({
+  site: import_zod3.z.string().min(1),
+  timeout_ms: import_zod3.z.number().int().positive().max(3e5).optional(),
+  source: PermissionsRequestSourceSchema.optional()
+});
+var PermissionsRequestSetModeInputSchema = import_zod3.z.object({
+  mode: PermissionsModeSchema,
+  timeout_ms: import_zod3.z.number().int().positive().max(3e5).optional(),
+  source: PermissionsRequestSourceSchema.optional()
+});
+var PermissionsRequestOutputSchema = PermissionsPendingRequestSchema;
 var DriveWaitConditionSchema = import_zod3.z.object({
   kind: import_zod3.z.enum(["locator_visible", "text_present", "url_matches"]),
   value: import_zod3.z.string().min(1)
@@ -1124,6 +1182,12 @@ var FormFieldInfoSchema = import_zod3.z.object({
   name: import_zod3.z.string(),
   type: import_zod3.z.string(),
   value: import_zod3.z.string(),
+  selector: import_zod3.z.string().optional(),
+  label: import_zod3.z.string().optional(),
+  placeholder: import_zod3.z.string().optional(),
+  checked: import_zod3.z.boolean().optional(),
+  disabled: import_zod3.z.boolean().optional(),
+  visible: import_zod3.z.boolean().optional(),
   options: import_zod3.z.array(import_zod3.z.string()).optional()
 });
 var FormInfoSchema = import_zod3.z.object({
@@ -1136,7 +1200,31 @@ var StorageEntrySchema = import_zod3.z.object({
   key: import_zod3.z.string(),
   value: import_zod3.z.string()
 });
+var FocusedElementSchema = import_zod3.z.object({
+  selector: import_zod3.z.string().optional(),
+  name: import_zod3.z.string().optional(),
+  label: import_zod3.z.string().optional(),
+  role: import_zod3.z.string().optional(),
+  type: import_zod3.z.string().optional(),
+  text: import_zod3.z.string().optional()
+});
+var PageActionSchema = import_zod3.z.object({
+  selector: import_zod3.z.string(),
+  role: import_zod3.z.string(),
+  name: import_zod3.z.string()
+});
+var StorageSummarySchema = import_zod3.z.object({
+  localStorageCount: import_zod3.z.number().int().nonnegative(),
+  sessionStorageCount: import_zod3.z.number().int().nonnegative(),
+  cookieCount: import_zod3.z.number().int().nonnegative()
+});
 var PageStateSchema = import_zod3.z.object({
+  url: import_zod3.z.string().optional(),
+  title: import_zod3.z.string().optional(),
+  readyState: import_zod3.z.string().optional(),
+  focused: FocusedElementSchema.optional(),
+  primaryActions: import_zod3.z.array(PageActionSchema).optional(),
+  storageSummary: StorageSummarySchema.optional(),
   forms: import_zod3.z.array(FormInfoSchema),
   localStorage: import_zod3.z.array(StorageEntrySchema),
   sessionStorage: import_zod3.z.array(StorageEntrySchema),
@@ -1199,6 +1287,7 @@ var InspectFindOutputSchema = import_zod3.z.object({
   warnings: import_zod3.z.array(import_zod3.z.string()).optional()
 });
 var InspectPageStateInputSchema = SessionIdSchema.extend({
+  include_values: import_zod3.z.boolean().default(false),
   target: TargetHintSchema.optional()
 });
 var InspectPageStateOutputSchema = PageStateSchema;
@@ -1209,6 +1298,7 @@ var InspectExtractContentFormatSchema = import_zod3.z.enum([
 ]);
 var InspectExtractContentInputSchema = SessionIdSchema.extend({
   format: InspectExtractContentFormatSchema.default("markdown"),
+  consistency: InspectConsistencySchema.default("quiesce"),
   include_metadata: import_zod3.z.boolean().default(true),
   target: TargetHintSchema.optional()
 });
@@ -1221,6 +1311,7 @@ var InspectExtractContentOutputSchema = import_zod3.z.object({
   warnings: import_zod3.z.array(import_zod3.z.string()).optional()
 });
 var InspectConsoleListInputSchema = SessionIdSchema.extend({
+  since: import_zod3.z.string().optional(),
   target: TargetHintSchema.optional()
 });
 var ConsoleSourceLocationSchema = import_zod3.z.object({
@@ -1326,6 +1417,7 @@ var import_zod4 = require("zod");
 
 // packages/cli/src/core-client.ts
 var import_node_child_process = require("node:child_process");
+var import_node_fs3 = require("node:fs");
 var import_node_path3 = require("node:path");
 var CoreClientError = class extends Error {
   constructor(info) {
@@ -1349,6 +1441,7 @@ var resolveTimeoutMs2 = (timeoutMs) => {
 var normalizePath = (path9) => path9.startsWith("/") ? path9 : `/${path9}`;
 var durationMs = (startedAt) => Number((Number(process.hrtime.bigint() - startedAt) / 1e6).toFixed(3));
 var MAX_RESPONSE_PREVIEW_LENGTH = 200;
+var STALE_DAEMON_GRACE_MS = 1e3;
 var normalizeResponsePreview = (raw) => {
   const normalized = raw.replace(/\s+/g, " ").trim();
   if (normalized.length <= MAX_RESPONSE_PREVIEW_LENGTH) {
@@ -1400,6 +1493,15 @@ var createCoreClient = (options = {}) => {
   const spawnImpl = options.spawnImpl ?? import_node_child_process.spawn;
   const timeoutMs = resolveTimeoutMs2(options.timeoutMs);
   const componentVersion = process.env.BROWSER_BRIDGE_VERSION ?? process.env.npm_package_version;
+  const coreEntry = (0, import_node_path3.resolve)(__dirname, "api.js");
+  const currentBuildTimeMs = options.currentBuildTimeMs ?? (() => {
+    try {
+      return (0, import_node_fs3.statSync)(coreEntry).mtimeMs;
+    } catch {
+      return void 0;
+    }
+  })();
+  const killProcess = options.killProcess ?? ((pid) => process.kill(pid));
   const readiness = createCoreReadinessController({
     host: options.host,
     port: options.port,
@@ -1411,7 +1513,7 @@ var createCoreClient = (options = {}) => {
     logger,
     logPrefix: "cli.core",
     spawnDaemon: (runtime) => {
-      const coreEntry = (0, import_node_path3.resolve)(__dirname, "api.js");
+      const coreEntry2 = (0, import_node_path3.resolve)(__dirname, "api.js");
       const startOptions = [];
       if (runtime.hostSource === "option" || runtime.hostSource === "env") {
         startOptions.push(`host: ${JSON.stringify(runtime.host)}`);
@@ -1420,7 +1522,7 @@ var createCoreClient = (options = {}) => {
         startOptions.push(`port: ${runtime.port}`);
       }
       const script = `const { startCoreServer } = require(${JSON.stringify(
-        coreEntry
+        coreEntry2
       )});
 startCoreServer({ ${startOptions.join(
         ", "
@@ -1557,8 +1659,60 @@ startCoreServer({ ${startOptions.join(
       clearTimeout(timeout);
     }
   };
-  const post = async (path9, body) => {
+  const maybeRestartStaleDaemon = async () => {
+    if (currentBuildTimeMs === void 0) {
+      return;
+    }
+    let payload;
+    try {
+      payload = await requestJson(
+        "POST",
+        "/health/check",
+        {}
+      );
+    } catch {
+      return;
+    }
+    if (!payload.ok || !payload.result?.started_at) {
+      return;
+    }
+    const startedAtMs = Date.parse(payload.result.started_at);
+    if (!Number.isFinite(startedAtMs)) {
+      return;
+    }
+    if (startedAtMs + STALE_DAEMON_GRACE_MS >= currentBuildTimeMs) {
+      return;
+    }
+    const pidValue = payload.result.pid;
+    if (!Number.isInteger(pidValue) || pidValue === process.pid) {
+      return;
+    }
+    const pid = pidValue;
+    logger.warn("cli.core.ensure_ready.stale_daemon", {
+      base_url: readiness.baseUrl,
+      pid,
+      started_at: payload.result.started_at,
+      current_build_time_ms: currentBuildTimeMs
+    });
+    try {
+      killProcess(pid);
+    } catch (error) {
+      logger.warn("cli.core.ensure_ready.stale_daemon_kill_failed", {
+        base_url: readiness.baseUrl,
+        pid,
+        error
+      });
+      return;
+    }
+    await new Promise((resolve4) => setTimeout(resolve4, 150));
     await readiness.ensureReady();
+  };
+  const ensureReady = async () => {
+    await readiness.ensureReady();
+    await maybeRestartStaleDaemon();
+  };
+  const post = async (path9, body) => {
+    await ensureReady();
     readiness.refreshRuntime();
     const payload = path9 === "/diagnostics/doctor" && (!body || typeof body === "object" && !Array.isArray(body)) ? {
       ...body && typeof body === "object" ? body : {},
@@ -1586,7 +1740,7 @@ startCoreServer({ ${startOptions.join(
     get baseUrl() {
       return readiness.baseUrl;
     },
-    ensureReady: readiness.ensureReady,
+    ensureReady,
     post
   };
 };
@@ -1865,6 +2019,7 @@ var registerDiagnosticsCommands = (program2) => {
 
 // packages/cli/src/commands/dev.ts
 var ENV_EXTENSION_ID = "BROWSER_BRIDGE_EXTENSION_ID";
+var INSPECT_PROBE_RETRY_DELAYS_MS = [150, 300, 600];
 var normalizeToken = (value) => {
   if (typeof value !== "string") {
     return void 0;
@@ -1898,6 +2053,21 @@ var inspectCapabilityReady = (report, expectedExtensionId) => {
   const extensionIdMatch = !expectedExtensionId || !reportedExtensionId || reportedExtensionId === expectedExtensionId;
   return extensionIdMatch && hasPassingCheck(report, "inspect.capability");
 };
+var sleep = async (ms) => {
+  await new Promise((resolve4) => setTimeout(resolve4, ms));
+};
+var shouldRetryInspectProbe = (report, expectedExtensionId) => {
+  if (inspectCapabilityReady(report, expectedExtensionId)) {
+    return false;
+  }
+  const observedExtensionId = getReportedExtensionId(report);
+  if (expectedExtensionId && observedExtensionId && observedExtensionId !== expectedExtensionId) {
+    return false;
+  }
+  const extensionConnected = report?.extension?.connected ?? false;
+  const capabilityNegotiated = report?.runtime?.extension?.capability_negotiated === true || hasPassingCheck(report, "runtime.extension.capability_negotiated");
+  return !extensionConnected || !capabilityNegotiated;
+};
 var readDiagnosticReport = async (runtime) => {
   const client = createCoreClient({
     host: runtime.host,
@@ -1910,6 +2080,22 @@ var readDiagnosticReport = async (runtime) => {
   );
   return envelope2.ok ? envelope2.result : void 0;
 };
+var readDiagnosticReportWithRetry = async (runtime, expectedExtensionId) => {
+  let report;
+  for (let attempt = 0; attempt <= INSPECT_PROBE_RETRY_DELAYS_MS.length; attempt += 1) {
+    if (attempt > 0) {
+      const delayMs = INSPECT_PROBE_RETRY_DELAYS_MS[attempt - 1] ?? 0;
+      if (delayMs > 0) {
+        await sleep(delayMs);
+      }
+    }
+    report = await readDiagnosticReport(runtime);
+    if (!shouldRetryInspectProbe(report, expectedExtensionId)) {
+      return report;
+    }
+  }
+  return report;
+};
 var buildInspectCapabilityError = (runtime, report, expectedExtension) => {
   const observedExtensionId = getReportedExtensionId(report);
   if (expectedExtension && observedExtensionId && observedExtensionId !== expectedExtension.extensionId) {
@@ -1973,7 +2159,10 @@ var registerDevCommands = (program2) => {
         optionExtensionId: options.extensionId,
         envExtensionId: process.env[ENV_EXTENSION_ID]
       });
-      const report = await readDiagnosticReport(runtime);
+      const report = await readDiagnosticReportWithRetry(
+        runtime,
+        resolvedExtension?.extensionId
+      );
       if (!resolvedExtension) {
         const reportedExtensionId = getReportedExtensionId(report);
         if (reportedExtensionId) {
@@ -2440,30 +2629,36 @@ var registerInspectCommands = (program2) => {
       return client.post("/inspect/find", parsed);
     });
   });
-  inspect.command("extract-content").description("Extract main content from the page").requiredOption("--session-id <id>", "Session identifier").option("--format <format>", "Output format (markdown, text, article_json)").option("--include-metadata", "Include article metadata").option("--no-include-metadata", "Exclude article metadata").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
+  inspect.command("extract-content").description("Extract main content from the page").requiredOption("--session-id <id>", "Session identifier").option("--format <format>", "Output format (markdown, text, article_json)").option(
+    "--consistency <mode>",
+    "Capture consistency (best_effort, quiesce)"
+  ).option("--include-metadata", "Include article metadata").option("--no-include-metadata", "Exclude article metadata").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
     await runCommand(command, (client) => {
       const payload = parseInput(InspectExtractContentInputSchema, {
         session_id: options.sessionId,
         format: options.format,
+        consistency: options.consistency,
         include_metadata: options.includeMetadata,
         target: buildTargetHint(options)
       });
       return client.post("/inspect/extract_content", payload);
     });
   });
-  inspect.command("page-state").description("Capture form, storage, and cookie state").requiredOption("--session-id <id>", "Session identifier").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
+  inspect.command("page-state").description("Capture form, storage, and cookie state").requiredOption("--session-id <id>", "Session identifier").option("--include-values", "Include captured values instead of redacting").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
     await runCommand(command, (client) => {
       const payload = parseInput(InspectPageStateInputSchema, {
         session_id: options.sessionId,
+        include_values: options.includeValues,
         target: buildTargetHint(options)
       });
       return client.post("/inspect/page_state", payload);
     });
   });
-  inspect.command("console-list").description("Fetch console entries").requiredOption("--session-id <id>", "Session identifier").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
+  inspect.command("console-list").description("Fetch console entries").requiredOption("--session-id <id>", "Session identifier").option("--since <iso>", "Only include entries at or after this timestamp").option("--tab-id <id>", "Explicit tab identifier").action(async (options, command) => {
     await runCommand(command, (client) => {
       const payload = parseInput(InspectConsoleListInputSchema, {
         session_id: options.sessionId,
+        since: options.since,
         target: buildTargetHint(options)
       });
       return client.post("/inspect/console_list", payload);
@@ -2714,6 +2909,10 @@ var readSessionId = (args) => {
   const sessionId = args.session_id;
   return typeof sessionId === "string" && sessionId.length > 0 ? sessionId : void 0;
 };
+var withPermissionsSource = (source) => (args) => isRecord(args) ? {
+  ...args,
+  source
+} : args;
 var supportsSessionMigration = (corePath) => corePath.startsWith("/drive/") || corePath.startsWith("/inspect/") || corePath.startsWith("/artifacts/") || corePath === "/diagnostics/doctor";
 var isSessionNotFoundEnvelope = (envelopeResult) => {
   if (envelopeResult.ok) {
@@ -2827,6 +3026,69 @@ var TOOL_DEFINITIONS = [
       corePath: "/session/close"
     }
   },
+  {
+    name: "permissions.list",
+    config: {
+      title: "Permissions List",
+      description: "List allowlisted Browser Bridge sites.",
+      inputSchema: PermissionsListInputSchema,
+      outputSchema: envelope(PermissionsListOutputSchema),
+      corePath: "/permissions/list"
+    }
+  },
+  {
+    name: "permissions.get_mode",
+    config: {
+      title: "Permissions Get Mode",
+      description: "Read the current Browser Bridge permissions mode.",
+      inputSchema: PermissionsGetModeInputSchema,
+      outputSchema: envelope(PermissionsGetModeOutputSchema),
+      corePath: "/permissions/get_mode"
+    }
+  },
+  {
+    name: "permissions.list_pending_requests",
+    config: {
+      title: "Permissions List Pending Requests",
+      description: "List pending external Browser Bridge permission-change requests.",
+      inputSchema: PermissionsListPendingRequestsInputSchema,
+      outputSchema: envelope(PermissionsListPendingRequestsOutputSchema),
+      corePath: "/permissions/list_pending_requests"
+    }
+  },
+  {
+    name: "permissions.request_allow_site",
+    config: {
+      title: "Permissions Request Allow Site",
+      description: "Request allowlisting a site. A human must approve the change in Chrome before it applies.",
+      inputSchema: PermissionsRequestAllowSiteInputSchema,
+      outputSchema: envelope(PermissionsRequestOutputSchema),
+      corePath: "/permissions/request_allow_site",
+      transformInput: withPermissionsSource("mcp")
+    }
+  },
+  {
+    name: "permissions.request_revoke_site",
+    config: {
+      title: "Permissions Request Revoke Site",
+      description: "Request revoking a site from the allowlist. A human must approve the change in Chrome before it applies.",
+      inputSchema: PermissionsRequestRevokeSiteInputSchema,
+      outputSchema: envelope(PermissionsRequestOutputSchema),
+      corePath: "/permissions/request_revoke_site",
+      transformInput: withPermissionsSource("mcp")
+    }
+  },
+  {
+    name: "permissions.request_set_mode",
+    config: {
+      title: "Permissions Request Set Mode",
+      description: "Request changing Browser Bridge permission mode. A human must approve the change in Chrome before it applies.",
+      inputSchema: PermissionsRequestSetModeInputSchema,
+      outputSchema: envelope(PermissionsRequestOutputSchema),
+      corePath: "/permissions/request_set_mode",
+      transformInput: withPermissionsSource("mcp")
+    }
+  },
   {
     name: "drive.navigate",
     config: {
@@ -4052,107 +4314,6 @@ var import_readability = require("@mozilla/readability");
 var import_jsdom = require("jsdom");
 var import_turndown = __toESM(require("turndown"));
 
-// packages/core/src/page-state-script.ts
-var PAGE_STATE_SCRIPT = [
-  "(() => {",
-  "  const escape = (value) => {",
-  "    if (typeof CSS !== 'undefined' && typeof CSS.escape === 'function') {",
-  "      return CSS.escape(value);",
-  "    }",
-  `    return String(value).replace(/["'\\\\]/g, '\\\\$&');`,
-  "  };",
-  "  const truncate = (value, max) => {",
-  "    const text = String(value ?? '');",
-  "    return text.length > max ? text.slice(0, max) : text;",
-  "  };",
-  "  const selectorFor = (element) => {",
-  "    if (element.id) {",
-  "      return `#${escape(element.id)}`;",
-  "    }",
-  "    const name = element.getAttribute('name');",
-  "    if (name) {",
-  '      return `${element.tagName.toLowerCase()}[name="${escape(name)}"]`;',
-  "    }",
-  "    const parts = [];",
-  "    let node = element;",
-  "    while (node && node.nodeType === 1 && parts.length < 4) {",
-  "      let part = node.tagName.toLowerCase();",
-  "      const parent = node.parentElement;",
-  "      if (parent) {",
-  "        const siblings = Array.from(parent.children).filter(",
-  "          (child) => child.tagName === node.tagName",
-  "        );",
-  "        if (siblings.length > 1) {",
-  "          part += `:nth-of-type(${siblings.indexOf(node) + 1})`;",
-  "        }",
-  "      }",
-  "      parts.unshift(part);",
-  "      node = parent;",
-  "    }",
-  "    return parts.join('>');",
-  "  };",
-  "  const readStorage = (storage, limit) => {",
-  "    try {",
-  "      return Object.keys(storage)",
-  "        .slice(0, limit)",
-  "        .map((key) => ({",
-  "          key,",
-  "          value: truncate(storage.getItem(key), 500),",
-  "        }));",
-  "    } catch {",
-  "      return [];",
-  "    }",
-  "  };",
-  "  const forms = Array.from(document.querySelectorAll('form')).map((form) => {",
-  "    const fields = Array.from(form.elements)",
-  "      .filter((element) => element && element.tagName)",
-  "      .map((element) => {",
-  "        const tag = element.tagName.toLowerCase();",
-  "        const type = 'type' in element && element.type ? element.type : tag;",
-  "        const name = element.name || element.getAttribute('name') || element.id || '';",
-  "        let value = '';",
-  "        let options;",
-  "        if (tag === 'select') {",
-  "          const select = element;",
-  "          value = select.value ?? '';",
-  "          options = Array.from(select.options).map((option) => option.text);",
-  "        } else if (tag === 'input' && element.type === 'password') {",
-  "          value = '[redacted]';",
-  "        } else if (tag === 'input' || tag === 'textarea') {",
-  "          value = element.value ?? '';",
-  "        } else if (element.isContentEditable) {",
-  "          value = element.textContent ?? '';",
-  "        } else if ('value' in element) {",
-  "          value = element.value ?? '';",
-  "        }",
-  "        return {",
-  "          name,",
-  "          type,",
-  "          value: truncate(value, 500),",
-  "          ...(options ? { options } : {}),",
-  "        };",
-  "      });",
-  "    return {",
-  "      selector: selectorFor(form),",
-  "      action: form.getAttribute('action') || undefined,",
-  "      method: form.getAttribute('method') || undefined,",
-  "      fields,",
-  "    };",
-  "  });",
-  "  const localStorage = readStorage(window.localStorage, 100);",
-  "  const sessionStorage = readStorage(window.sessionStorage, 100);",
-  "  const cookies = (document.cookie ? document.cookie.split(';') : [])",
-  "    .map((entry) => entry.trim())",
-  "    .filter((entry) => entry.length > 0)",
-  "    .slice(0, 50)",
-  "    .map((entry) => {",
-  "      const [key, ...rest] = entry.split('=');",
-  "      return { key, value: truncate(rest.join('='), 500) };",
-  "    });",
-  "  return { forms, localStorage, sessionStorage, cookies };",
-  "})()"
-].join("\n");
-
 // packages/core/src/diagnostics.ts
 var STALE_ERROR_THRESHOLD_MS = 2 * 60 * 1e3;
 
@@ -4201,6 +4362,78 @@ var registerOpenArtifactsCommand = (program2) => {
   });
 };
 
+// packages/cli/src/commands/permissions.ts
+var parseNumber5 = (value) => {
+  if (value === void 0 || value === null || value === "") {
+    return void 0;
+  }
+  const parsed = Number(value);
+  return Number.isFinite(parsed) ? parsed : Number.NaN;
+};
+var registerPermissionsCommands = (program2) => {
+  const permissions = program2.command("permissions").description("Manage Browser Bridge permissions");
+  permissions.command("list").description("List allowlisted sites").action(async (_options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(PermissionsListInputSchema, {});
+      return client.post("/permissions/list", payload);
+    });
+  });
+  permissions.command("mode").description("Show the current permissions mode").action(async (_options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(PermissionsGetModeInputSchema, {});
+      return client.post("/permissions/get_mode", payload);
+    });
+  });
+  permissions.command("pending").description("List pending external permission-change requests").action(async (_options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(
+        PermissionsListPendingRequestsInputSchema,
+        {}
+      );
+      return client.post("/permissions/list_pending_requests", payload);
+    });
+  });
+  permissions.command("allow-site").description("Request allowlisting a site").requiredOption("--site <site>", "Site hostname[:port] to allowlist").option(
+    "--timeout-ms <ms>",
+    "How long to wait for approval before returning"
+  ).action(async (options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(PermissionsRequestAllowSiteInputSchema, {
+        site: options.site,
+        timeout_ms: parseNumber5(options.timeoutMs),
+        source: "cli"
+      });
+      return client.post("/permissions/request_allow_site", payload);
+    });
+  });
+  permissions.command("revoke-site").description("Request revoking a site from the allowlist").requiredOption("--site <site>", "Site hostname[:port] to revoke").option(
+    "--timeout-ms <ms>",
+    "How long to wait for approval before returning"
+  ).action(async (options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(PermissionsRequestRevokeSiteInputSchema, {
+        site: options.site,
+        timeout_ms: parseNumber5(options.timeoutMs),
+        source: "cli"
+      });
+      return client.post("/permissions/request_revoke_site", payload);
+    });
+  });
+  permissions.command("set-mode").description("Request changing the permissions mode").requiredOption("--mode <mode>", "Mode to request (granular or bypass)").option(
+    "--timeout-ms <ms>",
+    "How long to wait for approval before returning"
+  ).action(async (options, command) => {
+    await runCommand(command, (client) => {
+      const payload = parseInput(PermissionsRequestSetModeInputSchema, {
+        mode: options.mode,
+        timeout_ms: parseNumber5(options.timeoutMs),
+        source: "cli"
+      });
+      return client.post("/permissions/request_set_mode", payload);
+    });
+  });
+};
+
 // packages/cli/src/commands/session.ts
 var registerSessionCommands = (program2) => {
   const session = program2.command("session").description("Manage Core sessions");
@@ -4346,14 +4579,14 @@ var resolveSkillSourceDir = async () => {
   } catch {
   }
   const repoRoot = import_node_path8.default.resolve(rootDir, "..", "..");
-  const docsSkill = import_node_path8.default.join(repoRoot, "skills", "browser-bridge");
+  const repoSkill = import_node_path8.default.join(repoRoot, ".agents", "skills", "browser-bridge");
   try {
-    await import_promises4.default.stat(docsSkill);
-    return docsSkill;
+    await import_promises4.default.stat(repoSkill);
+    return repoSkill;
   } catch {
   }
   throw new Error(
-    `Unable to locate packaged skill. Expected ${packaged} (npm install) or ${docsSkill} (repo dev).`
+    `Unable to locate packaged skill. Expected ${packaged} (npm install) or ${repoSkill} (repo dev).`
   );
 };
 
@@ -4650,6 +4883,7 @@ var main = async () => {
     "Output Browser Bridge CLI version"
   ).option("--host <host>", "Core host (default: 127.0.0.1)").option("--port <port>", "Core port (default: 3210)").option("--json", "Output JSON").option("--no-daemon", "Disable auto-starting Core");
   registerSessionCommands(program);
+  registerPermissionsCommands(program);
   registerDriveCommands(program);
   registerInspectCommands(program);
   registerArtifactsCommands(program);