@fiale-plus/pi-rogue-bundle 0.1.11 → 0.1.12

package/node_modules/@fiale-plus/pi-rogue-advisor/src/extension.test.ts

@@ -6,6 +6,7 @@ import {
   completeWithModelFallback,
   contentText,
   normalizeAdvisorConfig,
+  sanitizeAdvisorText,
   shouldRunCheckin,
   type AdvisorConfig,
 } from "./extension.js";
@@ -86,6 +87,17 @@ describe("advisor message extraction", () => {
     expect(contentText([{ type: "toolResult", content: [{ type: "text", text: "ok" }] }])).toBe("ok");
     expect(contentText({ arbitrary: "shape" })).toBe("");
   });
+
+  it("redacts transient clipboard image paths from advisor-facing text", () => {
+    const text = "see /var/folders/fm/rwczdnws5j58x7kbyn3vcx_h0000gn/T/clipboard-2026-06-04-012248-DEE3A154.png please";
+    expect(sanitizeAdvisorText(text)).toBe("see [clipboard image] please");
+    expect(contentText({ content: [{ type: "text", text }] })).toBe("see [clipboard image] please");
+  });
+
+  it("does not redact ordinary repo or temp file paths", () => {
+    const text = "inspect /Users/pavel/repos/fiale-plus/pi-rogue/packages/advisor/src/extension.ts and /tmp/benchmark-results.json";
+    expect(sanitizeAdvisorText(text)).toBe(text);
+  });
 });
 
 describe("mid-hour check-ins", () => {

package/node_modules/@fiale-plus/pi-rogue-advisor/src/extension.ts

@@ -234,16 +234,22 @@ function hash(...parts: string[]): string {
 
 function brief(s: SessionState): string {
   const lines: string[] = [];
-  if (s.lastTask) lines.push(`Task: ${truncate(s.lastTask, 200)}`);
+  if (s.lastTask) lines.push(`Task: ${truncate(sanitizeAdvisorText(s.lastTask), 200)}`);
   if (s.turns) lines.push(`Turns: ${s.turns}`);
   if (s.notes.length) { lines.push("Notes:"); s.notes.slice(-4).forEach(n => lines.push(`- ${truncate(n, 200)}`)); }
-  if (s.files.length) lines.push(`Files: ${s.files.slice(-4).join(", ")}`);
-  if (s.errors.length) lines.push(`Errors: ${s.errors.slice(-2).join(" | ")}`);
+  if (s.files.length) lines.push(`Files: ${sanitizeAdvisorText(s.files.slice(-4).join(", "))}`);
+  if (s.errors.length) lines.push(`Errors: ${sanitizeAdvisorText(s.errors.slice(-2).join(" | "))}`);
   return lines.join("\n").slice(0, 1200);
 }
 
+const CLIPBOARD_IMAGE_PATH_RE = /(?:\/(?:private\/)?var\/folders\/[^\s"'`<>]+\/T|\/(?:tmp|var\/tmp))\/clipboard-\d{4}-\d{2}-\d{2}-[A-Za-z0-9-]+\.(?:png|jpe?g|gif|webp)\b/g;
+
+export function sanitizeAdvisorText(text: unknown): string {
+  return String(text ?? "").replace(CLIPBOARD_IMAGE_PATH_RE, "[clipboard image]");
+}
+
 function squish(t: unknown, max = 200): string {
-  const s = String(t ?? "").replace(/\s+/g, " ").trim();
+  const s = sanitizeAdvisorText(t).replace(/\s+/g, " ").trim();
   return s.length <= max ? s : s.slice(0, max - 1).trimEnd() + "…";
 }
 
@@ -386,35 +392,64 @@ function normalizeAdvisorActions(actions: unknown): string[] {
   return raw.map((action) => squish(action, 200)).filter(Boolean).slice(0, 2);
 }
 
+function comparableAdvisorText(text: string): string {
+  return sanitizeAdvisorText(text).toLowerCase().replace(/[^a-z0-9]+/g, " ").trim();
+}
+
+function isRedundantAdvisorSummary(reason: string, summary: string): boolean {
+  const r = comparableAdvisorText(reason);
+  const s = comparableAdvisorText(summary);
+  if (!s) return true;
+  if (!r) return false;
+  if (r === s) return true;
+  if (Math.min(r.length, s.length) >= 60 && (r.includes(s) || s.includes(r))) return true;
+
+  const rTokens = new Set(r.split(" ").filter((token) => token.length > 2));
+  const sTokens = new Set(s.split(" ").filter((token) => token.length > 2));
+  if (rTokens.size < 8 || sTokens.size < 8) return false;
+  const overlap = [...sTokens].filter((token) => rTokens.has(token)).length;
+  return overlap / Math.max(rTokens.size, sTokens.size) >= 0.86;
+}
+
+function distinctAdvisorSummary(reason: string, summary: string): string {
+  const cleanSummary = sanitizeAdvisorText(summary).trim();
+  return isRedundantAdvisorSummary(reason, cleanSummary) ? "" : cleanSummary;
+}
+
 function advisorHandoffText(decision: "continue" | "review" | "defer", reason: string, summary: string, actions: unknown = []): string {
   const limitedActions = normalizeAdvisorActions(actions);
+  const cleanReason = sanitizeAdvisorText(reason);
+  const cleanSummary = distinctAdvisorSummary(cleanReason, summary);
   return [
     `Advisor verdict: ${decision}.`,
-    reason ? `Reason: ${reason}` : "",
-    summary ? `Summary: ${summary}` : "",
+    cleanReason ? `Reason: ${cleanReason}` : "",
+    cleanSummary ? `Summary: ${cleanSummary}` : "",
     limitedActions.length ? `Actions: ${limitedActions.join("; ")}` : "",
   ].filter(Boolean).join("\n");
 }
 
 function sendAdvisorHint(pi: ExtensionAPI, decision: "continue" | "review" | "defer", reason: string, summary: string, actions: unknown = []) {
+  const cleanReason = sanitizeAdvisorText(reason);
+  const cleanSummary = distinctAdvisorSummary(cleanReason, summary);
   const limitedActions = normalizeAdvisorActions(actions);
   pi.sendMessage(
     {
       customType: "advisor:llm",
-      content: advisorHandoffText(decision, reason, summary, limitedActions),
+      content: advisorHandoffText(decision, cleanReason, cleanSummary, limitedActions),
       display: true,
-      details: { decision, reason, summary, actions: limitedActions },
+      details: { kind: "handoff", decision, reason: cleanReason, summary: cleanSummary, actions: limitedActions },
     },
     { deliverAs: "followUp" },
   );
 }
 
 function sendAdvisorAnswer(pi: ExtensionAPI, text: string) {
+  const cleanText = sanitizeAdvisorText(text);
   pi.sendMessage({
     customType: "advisor:llm",
-    content: text,
+    content: cleanText,
     display: true,
-    details: { kind: "answer", summary: text },
+    details: { kind: "answer", summary: cleanText },
   });
 }
 
@@ -425,7 +460,7 @@ function renderAdvisorHint(message: any, options: { expanded?: boolean }, theme:
   const source = theme.bold(theme.fg(sourceColor, `[${customType}]`));
 
   if (details.kind === "answer") {
-    const body = contentText(message?.content) || details.summary || "No advisor response.";
+    const body = sanitizeAdvisorText(contentText(message?.content) || details.summary || "No advisor response.");
     const box = new Box(1, 1, (s: string) => theme.bg("customMessageBg", s));
     box.addChild(new Text(`${theme.bold(theme.fg("success", "↗"))} ${source} ${theme.bold(theme.fg("success", "answer"))}`, 0, 0));
     box.addChild(new Text(theme.fg("dim", body), 0, 0));
@@ -438,19 +473,30 @@ function renderAdvisorHint(message: any, options: { expanded?: boolean }, theme:
   const glyph = decision === "review" ? "↗" : decision === "defer" ? "…" : "·";
   const reason = squish(details.reason || contentText(message?.content) || "no extra detail", 180);
   const actions = normalizeAdvisorActions(details.actions);
+  const fullHandoff = sanitizeAdvisorText(
+    (details.reason || details.summary || actions.length)
+      ? advisorHandoffText(decision, details.reason || "", details.summary || "", actions)
+      : contentText(message?.content),
+  );
 
   const box = new Box(1, 1, (s: string) => theme.bg("customMessageBg", s));
   box.addChild(new Text(`${theme.bold(theme.fg(decisionColor, glyph))} ${source} ${verdict}`, 0, 0));
   box.addChild(new Text(theme.fg("dim", `reason: ${reason}`), 0, 0));
 
-  if (details.summary) {
-    box.addChild(new Text(theme.fg("dim", `summary: ${squish(details.summary, 220)}`), 0, 0));
-  }
-  if (actions.length) {
-    box.addChild(new Text(theme.fg("dim", `actions: ${actions.map((a) => squish(a, 80)).join(" • ")}`), 0, 0));
-  }
-  if (!options.expanded && contentText(message?.content).split("\n").length > 3) {
-    box.addChild(new Text(theme.fg("dim", "Ctrl+O full advisor handoff"), 0, 0));
+  if (options.expanded) {
+    box.addChild(new Text(theme.fg("dim", "full handoff:"), 0, 0));
+    box.addChild(new Text(theme.fg("dim", fullHandoff), 0, 0));
+  } else {
+    const summary = distinctAdvisorSummary(details.reason || "", details.summary || "");
+    if (summary) {
+      box.addChild(new Text(theme.fg("dim", `summary: ${squish(summary, 220)}`), 0, 0));
+    }
+    if (actions.length) {
+      box.addChild(new Text(theme.fg("dim", `actions: ${actions.map((a) => squish(a, 80)).join(" • ")}`), 0, 0));
+    }
+    if (fullHandoff.split("\n").length > 3) {
+      box.addChild(new Text(theme.fg("dim", "Ctrl+O full advisor handoff"), 0, 0));
+    }
   }
 
   return box;
@@ -458,15 +504,15 @@ function renderAdvisorHint(message: any, options: { expanded?: boolean }, theme:
 
 /** Extract readable text from message content (handles strings, blocks, and nested message payloads). */
 export function contentText(content: unknown): string {
-  if (typeof content === "string") return content.trim();
+  if (typeof content === "string") return sanitizeAdvisorText(content).trim();
   if (content && typeof content === "object" && !Array.isArray(content)) {
     const obj = content as Record<string, unknown>;
-    if (typeof obj.text === "string") return obj.text.trim();
+    if (typeof obj.text === "string") return sanitizeAdvisorText(obj.text).trim();
     if (obj.content !== undefined) return contentText(obj.content);
     if (obj.message !== undefined) return contentText(obj.message);
     return "";
   }
-  if (!Array.isArray(content)) return String(content ?? "").trim();
+  if (!Array.isArray(content)) return sanitizeAdvisorText(content).trim();
   const parts: string[] = [];
   for (const item of content) {
     if (!item) continue;
@@ -483,7 +529,7 @@ export function contentText(content: unknown): string {
       if (nested) parts.push(nested);
     }
   }
-  return parts.join("\n").replace(/\s+/g, " ").trim();
+  return sanitizeAdvisorText(parts.join("\n")).replace(/\s+/g, " ").trim();
 }
 
 /** Check if a tool result or message indicates an actual execution failure */
@@ -974,7 +1020,7 @@ async function doReview(pi: ExtensionAPI, ctx: any, trigger: string, delta: stri
       : json.verdict === "not_done" ? "review"
         : "defer";
     finalDecision = decision;
-    const rawReason = json.reason || json.summary || "review result";
+    const rawReason = sanitizeAdvisorText(json.reason || json.summary || "review result");
     finalReason = rawReason.slice(0, 120);
 
     const display = formatAdvisorDisplay("advisor:llm", decision, finalReason);
@@ -982,7 +1028,7 @@ async function doReview(pi: ExtensionAPI, ctx: any, trigger: string, delta: stri
     sendAdvisorHint(pi, decision, rawReason, json.summary || "", json.actions || []);
 
     if (json.verdict !== "on_track") {
-      state.followUp = [json.summary, ...normalizeAdvisorActions(json.actions)].filter(Boolean).join(" — ");
+      state.followUp = [sanitizeAdvisorText(json.summary), ...normalizeAdvisorActions(json.actions)].filter(Boolean).join(" — ");
     }
 
     markReviewApplied(state, signature, trigger, finalDecision, finalReason, false);

package/node_modules/@fiale-plus/pi-rogue-advisor/src/loop-convergence.test.ts

@@ -18,10 +18,12 @@ type Handler = (event: any, ctx: any) => any;
 
 type HandlerMap = Record<string, Handler[]>;
 type CommandMap = Record<string, { handler: (args: string, ctx: any) => any }>;
+type MessageRendererMap = Record<string, (message: any, options: { expanded?: boolean }, theme: any) => any>;
 
 function makeHandlers() {
   const handlers: HandlerMap = {};
   const commands: CommandMap = {};
+  const messageRenderers: MessageRendererMap = {};
   const sendMessage = vi.fn();
 
   const pi = {
@@ -29,7 +31,9 @@ function makeHandlers() {
       handlers[event] ??= [];
       handlers[event].push(handler);
     },
-    registerMessageRenderer: () => undefined,
+    registerMessageRenderer: (customType: string, renderer: MessageRendererMap[string]) => {
+      messageRenderers[customType] = renderer;
+    },
     registerCommand: (name: string, command: { handler: (args: string, ctx: any) => any }) => {
       commands[name] = command;
     },
@@ -42,7 +46,7 @@ function makeHandlers() {
     },
   };
 
-  return { handlers, commands, pi: pi as any, sendMessage };
+  return { handlers, commands, messageRenderers, pi: pi as any, sendMessage };
 }
 
 const ADVISOR_STATE_DIR = join(homedir(), ".pi", "agent", "pi-rogue", "advisor");
@@ -79,6 +83,7 @@ describe("advisor two-agent convergence", () => {
   let ctx: any;
   let handlers: HandlerMap;
   let commands: CommandMap;
+  let messageRenderers: MessageRendererMap;
   let sendMessageMock: ReturnType<typeof vi.fn>;
   let completeSimpleMock: ReturnType<typeof vi.fn>;
   let priorState: string | null = null;
@@ -93,6 +98,7 @@ describe("advisor two-agent convergence", () => {
     const setup = makeHandlers();
     handlers = setup.handlers;
     commands = setup.commands;
+    messageRenderers = setup.messageRenderers;
     sendMessageMock = setup.sendMessage;
 
     mkdirSync(dirname(ADVISOR_STATE_PATH), { recursive: true });
@@ -250,6 +256,92 @@ describe("advisor two-agent convergence", () => {
     );
   });
 
+  it("redacts transient clipboard image paths from emitted advisor handoffs", async () => {
+    const preflight = handlers.before_agent_start;
+    const turnEnd = handlers.turn_end;
+    const clipboardPath = "/var/folders/fm/rwczdnws5j58x7kbyn3vcx_h0000gn/T/clipboard-2026-06-04-012248-DEE3A154.png";
+
+    completeSimpleMock.mockResolvedValue({
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          verdict: "not_done",
+          summary: `The visible handoff should not include ${clipboardPath}`,
+          reason: `Expanded Ctrl+O output leaks ${clipboardPath}`,
+          actions: [`redact ${clipboardPath}`],
+          checklist: [],
+          notify: true,
+        }),
+      }],
+    });
+
+    await handlers.session_start?.[0]?.({}, ctx);
+    await preflight![0]({ systemPrompt: "SYS", prompt: `Continue the current goal ${clipboardPath}` }, ctx);
+    await turnEnd![0]({
+      toolResults: [{ toolName: "edit" }],
+      message: { role: "assistant", content: "Repo-side autoresearch is verified closed. Only optional external rollout/CI smoke remains." },
+    }, ctx);
+
+    expect(sendMessageMock).toHaveBeenCalled();
+    const sent = sendMessageMock.mock.calls[0]?.[0];
+    expect(JSON.stringify(sent)).not.toContain(clipboardPath);
+    expect(sent.content).toContain("[clipboard image]");
+    expect(readAdvisorState().followUp).toContain("[clipboard image]");
+
+    const theme = {
+      fg: (_name: string, text: string) => text,
+      bg: (_name: string, text: string) => text,
+      bold: (text: string) => text,
+    };
+    const expanded = messageRenderers["advisor:llm"](sent, { expanded: true }, theme).render(120).join("\n");
+    expect(expanded).toContain("full handoff:");
+    expect(expanded).toContain("Advisor verdict: review.");
+    expect(expanded).toContain("[clipboard image]");
+    expect(expanded).not.toContain(clipboardPath);
+  });
+
+  it("suppresses duplicate reason and summary in advisor handoffs", async () => {
+    const preflight = handlers.before_agent_start;
+    const turnEnd = handlers.turn_end;
+    const duplicate = "The agent made a safe attempt, but it did not demonstrate that the advisor post-turn review was induced.";
+
+    completeSimpleMock.mockResolvedValue({
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          verdict: "not_done",
+          reason: duplicate,
+          summary: duplicate,
+          actions: ["Invoke the real review hook if available."],
+          checklist: [],
+          notify: true,
+        }),
+      }],
+    });
+
+    await handlers.session_start?.[0]?.({}, ctx);
+    await preflight![0]({ systemPrompt: "SYS", prompt: "Continue the current goal" }, ctx);
+    await turnEnd![0]({
+      toolResults: [{ toolName: "edit" }],
+      message: { role: "assistant", content: "Repo-side autoresearch is verified closed. Only optional external rollout/CI smoke remains." },
+    }, ctx);
+
+    const sent = sendMessageMock.mock.calls[0]?.[0];
+    expect(sent.content).toContain(`Reason: ${duplicate}`);
+    expect(sent.content).not.toContain("Summary:");
+    expect(sent.details.summary).toBe("");
+
+    const theme = {
+      fg: (_name: string, text: string) => text,
+      bg: (_name: string, text: string) => text,
+      bold: (text: string) => text,
+    };
+    const collapsed = messageRenderers["advisor:llm"](sent, { expanded: false }, theme).render(120).join("\n");
+    const expanded = messageRenderers["advisor:llm"](sent, { expanded: true }, theme).render(120).join("\n");
+    expect(collapsed).not.toContain("summary:");
+    expect(expanded).not.toContain("Summary:");
+  });
+
   it("renders manual advisor answers as advisor custom messages", async () => {
     expect(commands.advisor).toBeTruthy();
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fiale-plus/pi-rogue-bundle",
-  "version": "0.1.11",
+  "version": "0.1.12",
   "description": "Public Pi-Rogue bundle for advisor and orchestration. Single consolidated artefact (advisor and orchestration releases paused; their packages are private and bundled here).",
   "type": "module",
   "license": "MIT",