@burtson-labs/bandit-stealth-cli 1.7.274 → 1.7.275
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -2
- package/dist/cli.js +682 -681
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -51,7 +51,7 @@ That's it. No API keys. No cloud services. The agent reads your code, searches,
|
|
|
51
51
|
## What it does
|
|
52
52
|
|
|
53
53
|
- **Agentic tool use** — reads files, searches code, runs commands, writes changes
|
|
54
|
-
- **
|
|
54
|
+
- **Auditable approval gate** — writes show a colored diff, shell commands show the full command/cwd/risk, and `Allow once` / `Allow session` / `Always for target` scopes are recorded in turn traces
|
|
55
55
|
- **Pre-write validation** — TypeScript, Python, JSON, C# syntax-checked before the agent can write
|
|
56
56
|
- **Post-write validation** — JSON edits are re-parsed after write; failure feeds back to the agent on the next turn so it self-corrects without you flagging it
|
|
57
57
|
- **Skills system** — agent activates specialized skills based on your prompt, and can create its own
|
|
@@ -63,11 +63,12 @@ That's it. No API keys. No cloud services. The agent reads your code, searches,
|
|
|
63
63
|
- **Interactive scaffolders work** — `create-vite`, `create-react-app`, `ng new`, etc. detect a non-TTY stdin and self-abort. Bandit recognizes the pattern and surfaces a clear *"run this with `!`"* recovery hint so the model doesn't loop on a "command appeared to succeed" misread
|
|
64
64
|
- **Live command output** — `npm install`, `pip install`, `watch_command npm run dev` stream their output to your terminal as it arrives, dimmed, while the spinner keeps animating. No more wondering if a 20-second install is hung
|
|
65
65
|
- **Interrupt + queue** — press **Esc** mid-turn to cancel the agent and clear your queue. Type a follow-up + Enter to queue it (`queued: N · sends after this turn` in the status row). The next turn picks it up automatically
|
|
66
|
+
- **Opt-in notifications** — `/notify on` enables desktop notifications for approvals, failures, background-task completion, and long turns; `/notify sound on` adds a terminal bell
|
|
66
67
|
- **`?` shortcuts overlay** — type `?` at an empty prompt for a live cheatsheet that disappears the moment you backspace it
|
|
67
68
|
- **`!`-prefix shell escape** — `!cmd` runs straight in your shell with full TTY access. First-use confirmation gate; per-call yellow box every time after so you can't miss the bypass. Catastrophic patterns (`rm -rf`, `mkfs`, `dd if=`) blocked even here
|
|
68
69
|
- **Plan execution** — structured multi-step plans for complex refactors
|
|
69
70
|
- **Session persistence** — every REPL session saved as JSONL under `~/.bandit/sessions/` for later resume
|
|
70
|
-
- **Turn traces** — every agent turn writes a JSONL trace under `.bandit/turns`; `/trace` turns it into a readable timeline of prompts, tool calls, retries, native-tool fallbacks,
|
|
71
|
+
- **Turn traces** — every agent turn writes a JSONL trace under `.bandit/turns`; `/trace` turns it into a readable timeline of prompts, permission requests/decisions, tool calls, retries, native-tool fallbacks, errors, and final output
|
|
71
72
|
- **`/insights` HTML report** — local-only activity report: tool stats, top-touched files, languages, longest streak, peak day, error patterns, optional AI summary, mailto share
|
|
72
73
|
- **Model behavior profiles** — `/profile` shows how Bandit treats the active model: native vs text tools, fallback policy, safe context budget, thinking default, parallel-tool limits, and known failure modes
|
|
73
74
|
- **Project memory** — drop a `BANDIT.md` or `CLAUDE.md` at your workspace root and it's auto-loaded into the system prompt
|
|
@@ -93,6 +94,7 @@ Type `?` on an empty prompt for the at-a-glance overlay; `/help` for the full li
|
|
|
93
94
|
| `/ollama [url]` | Show or set the Ollama endpoint — `/ollama default` resets to `http://localhost:11434` |
|
|
94
95
|
| `/think on`, `/think off`, `/think auto` | Override per-model thinking-mode default |
|
|
95
96
|
| `/profile [model]` | Show the active model behavior profile (tool protocol, fallback, context budget, known failure modes) |
|
|
97
|
+
| `/notify status` | Configure desktop/bell notifications for approvals, failures, background tasks, and long turns |
|
|
96
98
|
| `/theme [name]` | Pick a color palette (`/theme` lists; saved to global config) |
|
|
97
99
|
| `/skills` | List loaded skills |
|
|
98
100
|
| `/session list`, `/session resume <id>`, `/session new` | Manage sessions |
|