@chainpatrol/cli 0.9.0 → 0.10.0

package/CHANGELOG.md

@@ -1,5 +1,20 @@
 # @chainpatrol/cli
 
+## 0.10.0
+
+### Minor Changes
+
+- 034096d: `chainpatrol asset check` now accepts multiple assets in a single
+  invocation — either as positional arguments
+  (`chainpatrol asset check a.example b.example c.example`) or via
+  repeated `--asset` flags. Lookups run in parallel (concurrency 10) and
+  the JSON output for bulk calls is
+  `{ results: [...], summary: { checked, blocked, allowed, unknown, errored } }`.
+  Single-asset JSON keeps the existing flat shape for back-compat. The
+  bundled `/chainpatrol` Claude Code skill is updated to call out the bulk
+  form so agents stop falling back to per-asset shell loops (or refusing
+  the request) when asked to check many domains at once.
+
 ## 0.9.0
 
 ### Minor Changes

package/README.md

@@ -45,11 +45,23 @@ chainpatrol queues snapshot --all --output csv
 # look up a single asset against the ChainPatrol blocklist and external feeds
 chainpatrol asset check https://phish.example
 
-# JSON output for automation (returns status, per-source breakdown, watchStatus)
+# bulk: check many assets in one call (parallel, concurrency=10)
+chainpatrol asset check a.example b.example c.example
+
+# repeated --asset is equivalent to positional args
+chainpatrol asset check --asset a.example --asset b.example
+
+# pipe a file of one-domain-per-line via xargs into a single CLI call
+xargs -a domains.txt chainpatrol --json asset check
+
+# JSON output for automation (single-asset returns flat shape; bulk returns
+# { results: [...], summary: { checked, blocked, allowed, unknown, errored } })
 chainpatrol --json asset check 0xabc123...
+chainpatrol --json asset check a.example b.example c.example
 
-# markdown summary
+# markdown / csv summary tables
 chainpatrol asset check phish.example --output markdown
+chainpatrol asset check a.example b.example --output csv
 ```
 
 ### Detection commands

package/dist/check-7QDINQPT.js

@@ -0,0 +1,203 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-RIKR2WFT.js";
+import "./chunk-EGWK6SRQ.js";
+import "./chunk-TFCNKBRC.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/asset/check.ts
+var DEFAULT_CONCURRENCY = 10;
+function statusLine(result) {
+  const watchTag = result.watchStatus ? ` watch=${result.watchStatus}` : "";
+  const reasonTag = result.reason ? ` reason=${result.reason}` : "";
+  return `${result.status} (source=${result.source}${reasonTag}${watchTag})`;
+}
+async function runWithConcurrency(items, worker, concurrency) {
+  const results = new Array(items.length);
+  let cursor = 0;
+  const workers = new Array(Math.min(concurrency, items.length)).fill(null).map(async () => {
+    while (true) {
+      const index = cursor;
+      cursor += 1;
+      if (index >= items.length) return;
+      results[index] = await worker(items[index]);
+    }
+  });
+  await Promise.all(workers);
+  return results;
+}
+async function runAssetCheck(options) {
+  const contents = (options.contents ?? []).map((value) => value.trim()).filter((value) => value.length > 0);
+  if (contents.length === 0) {
+    throw new CliExitError(
+      "asset check requires at least one asset. Example: chainpatrol asset check https://example.com",
+      ExitCode.USAGE
+    );
+  }
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  const client = options.apiClient ?? createApiClient();
+  const perAssetResults = await runWithConcurrency(
+    contents,
+    async (content) => {
+      try {
+        const result = await client.assetCheck({ content });
+        return { content, ok: true, result };
+      } catch (err) {
+        return {
+          content,
+          ok: false,
+          error: err instanceof Error ? err.message : String(err)
+        };
+      }
+    },
+    DEFAULT_CONCURRENCY
+  );
+  const summary = {
+    checked: perAssetResults.length,
+    blocked: perAssetResults.filter((r) => r.ok && r.result.status === "BLOCKED").length,
+    allowed: perAssetResults.filter((r) => r.ok && r.result.status === "ALLOWED").length,
+    unknown: perAssetResults.filter((r) => r.ok && r.result.status === "UNKNOWN").length,
+    errored: perAssetResults.filter((r) => !r.ok).length
+  };
+  const isSingle = contents.length === 1;
+  const jsonPayload = isSingle ? buildSingleJsonPayload(perAssetResults[0], options.explain) : {
+    results: perAssetResults.map(toJsonRow),
+    summary,
+    explanation: options.explain ? "Bulk asset check ran the public asset/check endpoint for each input in parallel (concurrency=10). Each row reports the aggregated ChainPatrol status plus the per-source breakdown." : void 0
+  };
+  const markdown = isSingle ? buildSingleMarkdown(perAssetResults[0]) : [
+    `# Asset Check (${summary.checked})`,
+    "",
+    `- Blocked: ${summary.blocked}`,
+    `- Allowed: ${summary.allowed}`,
+    `- Unknown: ${summary.unknown}`,
+    ...summary.errored > 0 ? [`- Errored: ${summary.errored}`] : [],
+    "",
+    "| Content | Status | Source | Reason | Watch |",
+    "| --- | --- | --- | --- | --- |",
+    ...perAssetResults.map(toMarkdownRow)
+  ].join("\n");
+  const csv = toCsvRows(perAssetResults.map(toCsvRow));
+  printOutput({
+    outputFormat,
+    json: jsonPayload,
+    markdown,
+    csv,
+    human: () => {
+      for (const entry of perAssetResults) {
+        if (entry.ok) {
+          console.log(`${entry.content} -> ${statusLine(entry.result)}`);
+        } else {
+          console.log(`${entry.content} -> ERROR: ${entry.error}`);
+        }
+      }
+      if (isSingle && perAssetResults[0].ok) {
+        const sources = perAssetResults[0].result.sources;
+        if (sources.length > 0) {
+          console.log("Sources:");
+          for (const entry of sources) {
+            console.log(`  - ${entry.source}: ${entry.status}`);
+          }
+        }
+        if (perAssetResults[0].result.message) {
+          console.log(`Message: ${perAssetResults[0].result.message}`);
+        }
+        if (perAssetResults[0].result.code) {
+          console.log(`Code: ${perAssetResults[0].result.code}`);
+        }
+      } else {
+        console.log(
+          `Summary: ${summary.checked} checked \u2014 blocked=${summary.blocked} allowed=${summary.allowed} unknown=${summary.unknown}${summary.errored > 0 ? ` errored=${summary.errored}` : ""}`
+        );
+      }
+      if (options.explain) {
+        console.log(
+          "Status is the aggregated verdict across ChainPatrol and external feeds; see the per-source rows for the underlying signals."
+        );
+      }
+    }
+  });
+  if (summary.errored > 0) {
+    throw new CliExitError(
+      `asset check: ${summary.errored} of ${summary.checked} request(s) failed.`,
+      ExitCode.UNKNOWN
+    );
+  }
+}
+function buildSingleJsonPayload(entry, explain) {
+  if (!entry.ok) {
+    return {
+      content: entry.content,
+      error: entry.error,
+      explanation: explain ? "asset check failed for this asset. Inspect the error message and retry." : void 0
+    };
+  }
+  return {
+    content: entry.content,
+    ...entry.result,
+    explanation: explain ? "Asset check aggregates ChainPatrol records and external sources to classify a domain, URL, or crypto address as BLOCKED, ALLOWED, or UNKNOWN." : void 0
+  };
+}
+function buildSingleMarkdown(entry) {
+  if (!entry.ok) {
+    return [`# Asset Check: ${entry.content}`, "", `- Error: ${entry.error}`].join("\n");
+  }
+  const result = entry.result;
+  return [
+    `# Asset Check: ${entry.content}`,
+    "",
+    `- Status: **${result.status}**`,
+    `- Source: ${result.source}`,
+    ...result.reason ? [`- Reason: ${result.reason}`] : [],
+    ...result.watchStatus ? [`- Watch status: ${result.watchStatus}`] : [],
+    ...result.message ? [`- Message: ${result.message}`] : [],
+    ...result.code ? [`- Code: ${result.code}`] : [],
+    "",
+    "## Per-source results",
+    "",
+    ...result.sources.map((entry2) => `- ${entry2.source}: ${entry2.status}`)
+  ].join("\n");
+}
+function toJsonRow(entry) {
+  if (!entry.ok) {
+    return { content: entry.content, error: entry.error };
+  }
+  return { content: entry.content, ...entry.result };
+}
+function toMarkdownRow(entry) {
+  if (!entry.ok) {
+    return `| ${entry.content} | ERROR | \u2014 | ${entry.error.replace(/\|/g, "\\|")} | \u2014 |`;
+  }
+  const r = entry.result;
+  return `| ${entry.content} | ${r.status} | ${r.source} | ${r.reason ?? ""} | ${r.watchStatus ?? ""} |`;
+}
+function toCsvRow(entry) {
+  if (!entry.ok) {
+    return {
+      content: entry.content,
+      status: "ERROR",
+      source: "",
+      reason: entry.error,
+      watchStatus: ""
+    };
+  }
+  const r = entry.result;
+  return {
+    content: entry.content,
+    status: r.status,
+    source: r.source,
+    reason: r.reason ?? "",
+    watchStatus: r.watchStatus ?? ""
+  };
+}
+export {
+  runAssetCheck
+};

package/dist/{chunk-P4L4N5LM.js → chunk-R2DZGMGT.js}

@@ -312,7 +312,7 @@ so the same background+tail pattern works without \`--json\`. Prefer
 chainpatrol logout
 \`\`\`
 
-### \`asset check\` \u2014 Check a single asset against the blocklist
+### \`asset check\` \u2014 Check one or many assets against the blocklist
 
 Look up a URL, domain, or crypto address and return its aggregated status
 (\`BLOCKED\`, \`ALLOWED\`, or \`UNKNOWN\`) plus a per-source breakdown
@@ -320,24 +320,53 @@ Look up a URL, domain, or crypto address and return its aggregated status
 polkadot-phishing). Works whether you're authenticated via device-code
 login or via a \`CHAINPATROL_API_KEY\` env var.
 
+Single asset:
+
 \`\`\`bash
 chainpatrol asset check https://phish.example
 chainpatrol asset check 0xabc123...
 \`\`\`
 
-JSON mode (recommended for automations and agents \u2014 returns full
-\`{ status, source, reason?, sources[], watchStatus? }\`):
+#### Bulk checks (preferred for >1 asset)
+
+Pass multiple assets in a single invocation \u2014 the CLI runs them in
+parallel (concurrency 10) and returns one row per asset. **Do this
+instead of looping the CLI in a shell \`for\` loop**: one process, one
+auth handshake, parallel HTTP. Use either positional args or repeated
+\`--asset\`:
+
+\`\`\`bash
+# positional form
+chainpatrol asset check a.example b.example c.example
+
+# repeated --asset (handy when content has spaces or special chars)
+chainpatrol asset check --asset a.example --asset b.example
+
+# from a file of one-asset-per-line (use xargs to splat into one call)
+xargs -a domains.txt chainpatrol asset check
+\`\`\`
+
+JSON mode is the agent-friendly default \u2014 single-asset JSON keeps the
+flat \`{ content, status, source, reason?, sources[], watchStatus? }\`
+shape; multi-asset JSON returns \`{ results: [...], summary: { checked,
+blocked, allowed, unknown, errored } }\`:
 
 \`\`\`bash
 chainpatrol --json asset check https://phish.example
+chainpatrol --json asset check a.example b.example c.example
 \`\`\`
 
-Markdown is also supported for sharing in docs / chat:
+Markdown / CSV are also available for sharing in docs / chat:
 
 \`\`\`bash
 chainpatrol asset check phish.example --output markdown
+chainpatrol asset check a.example b.example --output csv
 \`\`\`
 
+If any individual lookup fails, the CLI still prints results for the
+successful ones, then exits non-zero so failures aren't silently
+swallowed.
+
 ### \`configs list\` \u2014 List detection configurations
 
 Requires authentication and an organization slug.

package/dist/cli.js

@@ -13,7 +13,7 @@ import {
   getCliVersion,
   isSkillInstalled,
   readInstalledSkillVersion
-} from "./chunk-P4L4N5LM.js";
+} from "./chunk-R2DZGMGT.js";
 import "./chunk-Z76CUWSS.js";
 import {
   DateTime
@@ -92,18 +92,24 @@ var HELP = {
     usage: "chainpatrol logout"
   },
   asset: {
-    description: "Check whether an asset is BLOCKED, ALLOWED, or UNKNOWN.",
-    usage: "chainpatrol asset check <content>",
+    description: "Check whether one or more assets are BLOCKED, ALLOWED, or UNKNOWN.",
+    usage: "chainpatrol asset check <content> [<content> ...]",
     examples: [
       "chainpatrol asset check https://phish.example",
+      "chainpatrol asset check a.example b.example c.example",
       "chainpatrol --json asset check 0xabc123\u2026"
     ]
   },
   "asset check": {
-    description: "Look up an asset (URL, domain, or crypto address) against the ChainPatrol blocklist and external feeds. Returns the aggregated status plus a per-source breakdown.",
-    usage: "chainpatrol asset check <content>",
+    description: "Look up one or more assets (URL, domain, or crypto address) against the ChainPatrol blocklist and external feeds. Returns the aggregated status plus a per-source breakdown. Multiple assets can be passed as positional arguments or via repeated --asset; they are checked in parallel (concurrency 10).",
+    usage: "chainpatrol asset check <content> [<content> ...]",
+    options: [
+      "--asset <content>     Asset content (repeatable; alternative to positional args)"
+    ],
     examples: [
       "chainpatrol asset check https://phish.example",
+      "chainpatrol asset check a.example b.example c.example --json",
+      "chainpatrol asset check --asset a.example --asset b.example --output csv",
       "chainpatrol asset check phish.example --output markdown",
       "chainpatrol --json asset check 0xabc123\u2026"
     ]
@@ -875,11 +881,12 @@ async function main() {
     }
     case "asset": {
       if (subcommand === "check") {
-        const positional = cli.input[2];
-        const content = positional ?? cli.flags.asset;
-        const { runAssetCheck } = await import("./check-YZRIAUOK.js");
+        const positionals = cli.input.slice(2);
+        const flagAssets = parseAssetInputs();
+        const contents = [...positionals, ...flagAssets];
+        const { runAssetCheck } = await import("./check-7QDINQPT.js");
         await runAssetCheck({
-          content,
+          contents,
           json: jsonMode,
           outputFormat: cliContext.outputFormat,
           explain: cliContext.explain
@@ -888,7 +895,7 @@ async function main() {
       }
       const hint = subcommand ? suggest(subcommand, ["check"]) : null;
       throw new Error(
-        subcommand ? `Unknown subcommand: asset ${subcommand}${hint ? `. Did you mean "asset ${hint}"?` : ""}` : "Usage: chainpatrol asset check <content>"
+        subcommand ? `Unknown subcommand: asset ${subcommand}${hint ? `. Did you mean "asset ${hint}"?` : ""}` : "Usage: chainpatrol asset check <content> [<content> ...]"
       );
     }
     case "detections": {
@@ -1189,12 +1196,12 @@ async function main() {
     case "setup":
     case "install":
     case "i": {
-      const { setupSkill } = await import("./setup-skill-DR4KGQMG.js");
+      const { setupSkill } = await import("./setup-skill-BLJLRCXL.js");
       setupSkill({ json: jsonMode, cloud: cli.flags.cloud });
       break;
     }
     case "uninstall": {
-      const { uninstallSkill } = await import("./setup-skill-DR4KGQMG.js");
+      const { uninstallSkill } = await import("./setup-skill-BLJLRCXL.js");
       uninstallSkill({ json: jsonMode });
       break;
     }

package/dist/{setup-skill-DR4KGQMG.js → setup-skill-BLJLRCXL.js}

@@ -6,7 +6,7 @@ import {
   readInstalledSkillVersion,
   setupSkill,
   uninstallSkill
-} from "./chunk-P4L4N5LM.js";
+} from "./chunk-R2DZGMGT.js";
 import "./chunk-Z76CUWSS.js";
 export {
   getBundledSkillContent,

package/package.json

@@ -2,7 +2,7 @@
   "name": "@chainpatrol/cli",
   "description": "The official ChainPatrol CLI — terminal interface for threat detection",
   "author": "Umar Ahmed <umar@chainpatrol.io>",
-  "version": "0.9.0",
+  "version": "0.10.0",
   "license": "UNLICENSED",
   "homepage": "https://chainpatrol.com/docs/cli",
   "keywords": [

package/dist/check-YZRIAUOK.js

@@ -1,85 +0,0 @@
-import {
-  CliExitError,
-  ExitCode
-} from "./chunk-E2LAMILJ.js";
-import {
-  printOutput,
-  toCsvRows
-} from "./chunk-VFT3TD3E.js";
-import {
-  createApiClient
-} from "./chunk-RIKR2WFT.js";
-import "./chunk-EGWK6SRQ.js";
-import "./chunk-TFCNKBRC.js";
-import "./chunk-U73SABXK.js";
-
-// src/commands/asset/check.ts
-function statusLine(result) {
-  const watchTag = result.watchStatus ? ` watch=${result.watchStatus}` : "";
-  const reasonTag = result.reason ? ` reason=${result.reason}` : "";
-  return `${result.status} (source=${result.source}${reasonTag}${watchTag})`;
-}
-async function runAssetCheck(options) {
-  const content = options.content?.trim();
-  if (!content) {
-    throw new CliExitError(
-      "asset check requires an asset. Example: chainpatrol asset check https://example.com",
-      ExitCode.USAGE
-    );
-  }
-  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
-  const client = options.apiClient ?? createApiClient();
-  const result = await client.assetCheck({ content });
-  printOutput({
-    outputFormat,
-    json: {
-      content,
-      ...result,
-      explanation: options.explain ? "Asset check aggregates ChainPatrol records and external sources to classify a domain, URL, or crypto address as BLOCKED, ALLOWED, or UNKNOWN." : void 0
-    },
-    markdown: [
-      `# Asset Check: ${content}`,
-      "",
-      `- Status: **${result.status}**`,
-      `- Source: ${result.source}`,
-      ...result.reason ? [`- Reason: ${result.reason}`] : [],
-      ...result.watchStatus ? [`- Watch status: ${result.watchStatus}`] : [],
-      ...result.message ? [`- Message: ${result.message}`] : [],
-      ...result.code ? [`- Code: ${result.code}`] : [],
-      "",
-      "## Per-source results",
-      "",
-      ...result.sources.map((entry) => `- ${entry.source}: ${entry.status}`)
-    ].join("\n"),
-    csv: toCsvRows(
-      result.sources.map((entry) => ({
-        content,
-        source: entry.source,
-        status: entry.status
-      }))
-    ),
-    human: () => {
-      console.log(`${content} -> ${statusLine(result)}`);
-      if (result.message) {
-        console.log(`Message: ${result.message}`);
-      }
-      if (result.code) {
-        console.log(`Code: ${result.code}`);
-      }
-      if (result.sources.length > 0) {
-        console.log("Sources:");
-        for (const entry of result.sources) {
-          console.log(`  - ${entry.source}: ${entry.status}`);
-        }
-      }
-      if (options.explain) {
-        console.log(
-          "Status is the aggregated verdict across ChainPatrol and external feeds; see the per-source rows for the underlying signals."
-        );
-      }
-    }
-  });
-}
-export {
-  runAssetCheck
-};