@burtson-labs/bandit-stealth-cli 1.7.273 → 1.7.274
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +23 -0
- package/dist/cli.js +816 -803
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -67,7 +67,9 @@ That's it. No API keys. No cloud services. The agent reads your code, searches,
|
|
|
67
67
|
- **`!`-prefix shell escape** — `!cmd` runs straight in your shell with full TTY access. First-use confirmation gate; per-call yellow box every time after so you can't miss the bypass. Catastrophic patterns (`rm -rf`, `mkfs`, `dd if=`) blocked even here
|
|
68
68
|
- **Plan execution** — structured multi-step plans for complex refactors
|
|
69
69
|
- **Session persistence** — every REPL session saved as JSONL under `~/.bandit/sessions/` for later resume
|
|
70
|
+
- **Turn traces** — every agent turn writes a JSONL trace under `.bandit/turns`; `/trace` turns it into a readable timeline of prompts, tool calls, retries, native-tool fallbacks, approvals, errors, and final output
|
|
70
71
|
- **`/insights` HTML report** — local-only activity report: tool stats, top-touched files, languages, longest streak, peak day, error patterns, optional AI summary, mailto share
|
|
72
|
+
- **Model behavior profiles** — `/profile` shows how Bandit treats the active model: native vs text tools, fallback policy, safe context budget, thinking default, parallel-tool limits, and known failure modes
|
|
71
73
|
- **Project memory** — drop a `BANDIT.md` or `CLAUDE.md` at your workspace root and it's auto-loaded into the system prompt
|
|
72
74
|
- **File + image mentions** — `@path` auto-inlines files; images are either sent multimodally or OCR'd locally (Apple Vision / tesseract)
|
|
73
75
|
- **Clipboard paste** — `Ctrl+V` in the REPL pastes an image straight from your clipboard
|
|
@@ -90,6 +92,7 @@ Type `?` on an empty prompt for the at-a-glance overlay; `/help` for the full li
|
|
|
90
92
|
| `/model [name]` | Switch model mid-session |
|
|
91
93
|
| `/ollama [url]` | Show or set the Ollama endpoint — `/ollama default` resets to `http://localhost:11434` |
|
|
92
94
|
| `/think on`, `/think off`, `/think auto` | Override per-model thinking-mode default |
|
|
95
|
+
| `/profile [model]` | Show the active model behavior profile (tool protocol, fallback, context budget, known failure modes) |
|
|
93
96
|
| `/theme [name]` | Pick a color palette (`/theme` lists; saved to global config) |
|
|
94
97
|
| `/skills` | List loaded skills |
|
|
95
98
|
| `/session list`, `/session resume <id>`, `/session new` | Manage sessions |
|
|
@@ -98,6 +101,7 @@ Type `?` on an empty prompt for the at-a-glance overlay; `/help` for the full li
|
|
|
98
101
|
| `/clear` | Reset conversation (keeps session id) |
|
|
99
102
|
| `/compact` | Trim old tool results to fit the context window |
|
|
100
103
|
| `/rewind [id]` | Restore a file from a per-edit checkpoint |
|
|
104
|
+
| `/trace`, `/trace list`, `/trace <id>` | Inspect turn traces from `.bandit/turns` |
|
|
101
105
|
| `/tasks` | List background subagent tasks (`/tasks <id>` drill-down, `/tasks cancel <id>`) |
|
|
102
106
|
| `/plan <goal>` | Heuristic plan first, y/N to execute |
|
|
103
107
|
| `/init` | Scaffold `BANDIT.md` from a repo scan |
|
|
@@ -199,6 +203,25 @@ If you want to test models outside the recommended list, expect the reasoning-on
|
|
|
199
203
|
- **Native tool calling** — Qwen 3.6, Qwen 2.5 Coder, Llama 3.1+, Devstral, DeepSeek-Coder-V2+. Tool schemas go in Ollama's `tools:` field. Saves ~1500–3000 tokens per turn.
|
|
200
204
|
- **Text-parsing fallback** — Gemma 3/4 and anything else. XML-style tool block lives in the system prompt with the full mitigation stack armed.
|
|
201
205
|
|
|
206
|
+
**Behavior profiles** sit beside capability detection. Capabilities answer "can this model do native tools or vision?" Behavior profiles answer "what should the harness do with it?" For example, Qwen 3.6 starts on native tools and degrades to text tools on retryable native-parser failures; Gemma-family models use compact text-tool prompting and earlier compaction; unknown models default to serialized text tools. Inspect the active profile with `/profile`.
|
|
207
|
+
|
|
208
|
+
Workspace overrides load from `.bandit/model-profiles.json`:
|
|
209
|
+
|
|
210
|
+
```jsonc
|
|
211
|
+
{
|
|
212
|
+
"version": 1,
|
|
213
|
+
"profiles": {
|
|
214
|
+
"my-qwen": {
|
|
215
|
+
"match": ["my-qwen:14b"],
|
|
216
|
+
"protocol": { "preferred": "text-tools", "fallback": null, "envelope": "xml-json" },
|
|
217
|
+
"context": { "safeInputTokens": 12000, "outputBudgetTokens": 2048, "compaction": "early" },
|
|
218
|
+
"prompting": { "template": "qwen-agent", "examples": "strict", "thinking": "off" },
|
|
219
|
+
"reliability": { "maxParallelTools": 1, "knownFailureModes": ["custom parser drift"] }
|
|
220
|
+
}
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
```
|
|
224
|
+
|
|
202
225
|
Any Ollama model works — capabilities auto-detect via `/api/show`.
|
|
203
226
|
|
|
204
227
|
---
|