@gempack/squad-mcp 0.6.4 → 0.7.0

package/dist/util/override-allowlist.js

@@ -1,8 +1,8 @@
-import { promises as fs } from 'node:fs';
-import path from 'node:path';
-import os from 'node:os';
-import { SquadError } from '../errors.js';
-import { rejectIfMalformed, realpathOrSelf } from './path-internal.js';
+import { promises as fs } from "node:fs";
+import path from "node:path";
+import os from "node:os";
+import { SquadError } from "../errors.js";
+import { rejectIfMalformed, realpathOrSelf } from "./path-internal.js";
 let allowlistCache = null;
 /**
  * Test-only: clears the memoized allowlist so env-var changes take effect.
@@ -12,16 +12,16 @@ export function __resetOverrideAllowlistCache() {
     allowlistCache = null;
 }
 function isUnsafeOverrideEnabled() {
-    return process.env.SQUAD_AGENTS_ALLOW_UNSAFE === '1';
+    return process.env.SQUAD_AGENTS_ALLOW_UNSAFE === "1";
 }
 function isUncOrDeviceNamespace(absolute) {
-    if (process.platform !== 'win32')
+    if (process.platform !== "win32")
         return false;
-    if (absolute.startsWith('\\\\?\\'))
+    if (absolute.startsWith("\\\\?\\"))
         return true;
-    if (absolute.startsWith('\\\\.\\'))
+    if (absolute.startsWith("\\\\.\\"))
         return true;
-    if (absolute.startsWith('\\\\'))
+    if (absolute.startsWith("\\\\"))
         return true;
     return false;
 }
@@ -31,15 +31,15 @@ async function buildAllowlist() {
     const roots = [];
     const seen = new Set();
     const candidates = [
-        { source: 'home', raw: os.homedir() },
-        { source: 'cwd', raw: process.cwd() },
+        { source: "home", raw: os.homedir() },
+        { source: "cwd", raw: process.cwd() },
     ];
-    if (process.platform === 'win32') {
-        candidates.push({ source: 'appdata', raw: process.env.APPDATA });
-        candidates.push({ source: 'localappdata', raw: process.env.LOCALAPPDATA });
+    if (process.platform === "win32") {
+        candidates.push({ source: "appdata", raw: process.env.APPDATA });
+        candidates.push({ source: "localappdata", raw: process.env.LOCALAPPDATA });
     }
     else {
-        candidates.push({ source: 'xdg_config_home', raw: process.env.XDG_CONFIG_HOME });
+        candidates.push({ source: "xdg_config_home", raw: process.env.XDG_CONFIG_HOME });
     }
     for (const c of candidates) {
         if (!c.raw)
@@ -69,13 +69,13 @@ function isInsideRoot(candidate, root) {
     if (candidate === root)
         return true;
     const rel = path.relative(root, candidate);
-    if (rel === '' || rel === '.')
+    if (rel === "" || rel === ".")
         return true;
     if (path.isAbsolute(rel))
         return false;
-    if (rel === '..')
+    if (rel === "..")
         return false;
-    if (rel.startsWith('..' + path.sep))
+    if (rel.startsWith(".." + path.sep))
         return false;
     return true;
 }
@@ -103,14 +103,14 @@ export async function validateOverrideDir(rawDir) {
     try {
         rejectIfMalformed(rawDir);
     }
-    catch (err) {
-        return { ok: false, reason: 'malformed', rejectedPath: rawDir };
+    catch {
+        return { ok: false, reason: "malformed", rejectedPath: rawDir };
     }
     if (!path.isAbsolute(rawDir)) {
-        return { ok: false, reason: 'not_absolute', rejectedPath: rawDir };
+        return { ok: false, reason: "not_absolute", rejectedPath: rawDir };
     }
     if (isUncOrDeviceNamespace(rawDir)) {
-        return { ok: false, reason: 'unc_or_device_namespace', rejectedPath: rawDir };
+        return { ok: false, reason: "unc_or_device_namespace", rejectedPath: rawDir };
     }
     const lexical = path.normalize(rawDir);
     const real = await realpathOrSelf(lexical);
@@ -129,9 +129,16 @@ export async function validateOverrideDir(rawDir) {
             break;
         }
     }
-    const reason = lexicalMatchExists ? 'symlink_escape' : 'outside_allowlist';
+    const reason = lexicalMatchExists
+        ? "symlink_escape"
+        : "outside_allowlist";
     if (unsafe) {
-        return { ok: true, resolvedPath: real, allowlistMatch: 'unsafe_override', unsafeOverride: true };
+        return {
+            ok: true,
+            resolvedPath: real,
+            allowlistMatch: "unsafe_override",
+            unsafeOverride: true,
+        };
     }
     return { ok: false, reason, rejectedPath: rawDir };
 }
@@ -140,7 +147,7 @@ export async function validateOverrideDir(rawDir) {
  * Caller decides whether to throw or downgrade to a warn-and-fallback.
  */
 export function rejectionToError(fail, allowlistSize) {
-    return new SquadError('OVERRIDE_REJECTED', `override directory rejected: ${fail.reason}`, {
+    return new SquadError("OVERRIDE_REJECTED", `override directory rejected: ${fail.reason}`, {
         reason: fail.reason,
         path: fail.rejectedPath,
         allowlist_size: allowlistSize,
@@ -169,7 +176,9 @@ export async function validateOverrideFile(validatedDirReal, fileName) {
     const normalized = path.normalize(fileName);
     if (path.isAbsolute(normalized))
         return null;
-    if (normalized === '..' || normalized.startsWith('..' + path.sep) || normalized.includes(path.sep + '..' + path.sep)) {
+    if (normalized === ".." ||
+        normalized.startsWith(".." + path.sep) ||
+        normalized.includes(path.sep + ".." + path.sep)) {
         return null;
     }
     const candidate = path.resolve(validatedDirReal, normalized);

package/dist/util/override-allowlist.js.map

@@ -1 +1 @@
-{"version":3,"file":"override-allowlist.js","sourceRoot":"","sources":["../../src/util/override-allowlist.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AA8CvE,IAAI,cAAc,GAA2B,IAAI,CAAC;AAElD;;;GAGG;AACH,MAAM,UAAU,6BAA6B;IAC3C,cAAc,GAAG,IAAI,CAAC;AACxB,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,yBAAyB,KAAK,GAAG,CAAC;AACvD,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAChD,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAChD,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,cAAc;IAC3B,IAAI,cAAc,KAAK,IAAI;QAAE,OAAO,cAAc,CAAC;IACnD,MAAM,KAAK,GAAoB,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAE/B,MAAM,UAAU,GAAmE;QACjF,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,EAAE,EAAE;QACrC,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE;KACtC,CAAC;IACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjE,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;IAC7E,CAAC;SAAM,CAAC;QACN,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,CAAC,GAAG;YAAE,SAAS;QACrB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,iBAAiB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,kFAAkF;YAClF,SAAS;QACX,CAAC;QACD,IAAI,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAC7B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,cAAc,GAAG,KAAK,CAAC;IACvB,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,SAAiB,EAAE,IAAY;IACnD,IAAI,SAAS,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAC3C,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC3C,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAC/B,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAClD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kBAAkB,CACzB,gBAAwB,EACxB,aAAqB,EACrB,KAAsB;IAEtB,qEAAqE;IACrE,yEAAyE;IACzE,+DAA+D;IAC/D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,YAAY,CAAC,gBAAgB,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACrF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc;IACtD,wDAAwD;IACxD,IAAI,CAAC;QACH,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAClE,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IACrE,CAAC;IAED,IAAI,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAChF,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IAE3C,MAAM,MAAM,GAAG,uBAAuB,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,MAAM,cAAc,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,kBAAkB,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IAEvD,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,CAAC,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC;IAC/F,CAAC;IAED,oFAAoF;IACpF,4FAA4F;IAC5F,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAC/B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;YACrC,kBAAkB,GAAG,IAAI,CAAC;YAC1B,MAAM;QACR,CAAC;IACH,CAAC;IACD,MAAM,MAAM,GAA4B,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,mBAAmB,CAAC;IAEpG,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;IACnG,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;AACrD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAoB,EAAE,aAAqB;IAC1E,OAAO,IAAI,UAAU,CAAC,mBAAmB,EAAE,gCAAgC,IAAI,CAAC,MAAM,EAAE,EAAE;QACxF,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,IAAI,EAAE,IAAI,CAAC,YAAY;QACvB,cAAc,EAAE,aAAa;KAC9B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,KAAK,GAAG,MAAM,cAAc,EAAE,CAAC;IACrC,OAAO,KAAK,CAAC,MAAM,CAAC;AACtB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,gBAAwB,EAAE,QAAgB;IACnF,IAAI,CAAC;QACH,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0DAA0D;IAC1D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACrH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAE7D,uBAAuB;IACvB,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5D,mCAAmC;IACnC,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;IAC7C,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvD,OAAO,IAAI,CAAC;AACd,CAAC"}
+{"version":3,"file":"override-allowlist.js","sourceRoot":"","sources":["../../src/util/override-allowlist.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AA8CvE,IAAI,cAAc,GAA2B,IAAI,CAAC;AAElD;;;GAGG;AACH,MAAM,UAAU,6BAA6B;IAC3C,cAAc,GAAG,IAAI,CAAC;AACxB,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,yBAAyB,KAAK,GAAG,CAAC;AACvD,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAChD,IAAI,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAChD,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,cAAc;IAC3B,IAAI,cAAc,KAAK,IAAI;QAAE,OAAO,cAAc,CAAC;IACnD,MAAM,KAAK,GAAoB,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAE/B,MAAM,UAAU,GAAmE;QACjF,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,EAAE,EAAE;QACrC,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE;KACtC,CAAC;IACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjE,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;IAC7E,CAAC;SAAM,CAAC;QACN,UAAU,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,CAAC,GAAG;YAAE,SAAS;QACrB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,iBAAiB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,kFAAkF;YAClF,SAAS;QACX,CAAC;QACD,IAAI,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAC7B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,cAAc,GAAG,KAAK,CAAC;IACvB,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,SAAiB,EAAE,IAAY;IACnD,IAAI,SAAS,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAC3C,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC3C,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAC/B,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAClD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kBAAkB,CACzB,gBAAwB,EACxB,aAAqB,EACrB,KAAsB;IAEtB,qEAAqE;IACrE,yEAAyE;IACzE,+DAA+D;IAC/D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,YAAY,CAAC,gBAAgB,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACrF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc;IACtD,wDAAwD;IACxD,IAAI,CAAC;QACH,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAClE,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IACrE,CAAC;IAED,IAAI,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IAChF,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IAE3C,MAAM,MAAM,GAAG,uBAAuB,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,MAAM,cAAc,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,kBAAkB,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IAEvD,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,CAAC,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC;IAC/F,CAAC;IAED,oFAAoF;IACpF,4FAA4F;IAC5F,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAC/B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;YACrC,kBAAkB,GAAG,IAAI,CAAC;YAC1B,MAAM;QACR,CAAC;IACH,CAAC;IACD,MAAM,MAAM,GAA4B,kBAAkB;QACxD,CAAC,CAAC,gBAAgB;QAClB,CAAC,CAAC,mBAAmB,CAAC;IAExB,IAAI,MAAM,EAAE,CAAC;QACX,OAAO;YACL,EAAE,EAAE,IAAI;YACR,YAAY,EAAE,IAAI;YAClB,cAAc,EAAE,iBAAiB;YACjC,cAAc,EAAE,IAAI;SACrB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;AACrD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAoB,EAAE,aAAqB;IAC1E,OAAO,IAAI,UAAU,CAAC,mBAAmB,EAAE,gCAAgC,IAAI,CAAC,MAAM,EAAE,EAAE;QACxF,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,IAAI,EAAE,IAAI,CAAC,YAAY;QACvB,cAAc,EAAE,aAAa;KAC9B,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,KAAK,GAAG,MAAM,cAAc,EAAE,CAAC;IACrC,OAAO,KAAK,CAAC,MAAM,CAAC;AACtB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,gBAAwB,EACxB,QAAgB;IAEhB,IAAI,CAAC;QACH,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0DAA0D;IAC1D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,IACE,UAAU,KAAK,IAAI;QACnB,UAAU,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC;QACtC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAC/C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAE7D,uBAAuB;IACvB,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5D,mCAAmC;IACnC,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,CAAC;IAC7C,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/util/path-internal.js

@@ -1,19 +1,21 @@
-import { promises as fs } from 'node:fs';
-import { SquadError } from '../errors.js';
+import { promises as fs } from "node:fs";
+import { SquadError } from "../errors.js";
 /**
  * Internal helpers shared between path-safety.ts and override-allowlist.ts.
  * Exported only for intra-`util/` reuse; do not import from outside src/util/.
  */
 export function rejectIfMalformed(file) {
-    if (file.includes('\0')) {
-        throw new SquadError('PATH_INVALID', 'file path contains NUL byte', { file });
+    if (file.includes("\0")) {
+        throw new SquadError("PATH_INVALID", "file path contains NUL byte", { file });
     }
-    if (file.startsWith('~')) {
-        throw new SquadError('PATH_INVALID', 'file path starts with ~ (tilde expansion not supported)', { file });
+    if (file.startsWith("~")) {
+        throw new SquadError("PATH_INVALID", "file path starts with ~ (tilde expansion not supported)", { file });
     }
-    const adsIndex = file.indexOf(':', 2);
+    const adsIndex = file.indexOf(":", 2);
     if (adsIndex !== -1) {
-        throw new SquadError('PATH_INVALID', 'file path contains ADS marker (:) after drive letter', { file });
+        throw new SquadError("PATH_INVALID", "file path contains ADS marker (:) after drive letter", {
+            file,
+        });
     }
 }
 export async function realpathOrSelf(p) {

package/dist/util/path-internal.js.map

@@ -1 +1 @@
-{"version":3,"file":"path-internal.js","sourceRoot":"","sources":["../../src/util/path-internal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C;;;GAGG;AAEH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,6BAA6B,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,yDAAyD,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5G,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IACtC,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,sDAAsD,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACzG,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,CAAS;IAC5C,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC"}
+{"version":3,"file":"path-internal.js","sourceRoot":"","sources":["../../src/util/path-internal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C;;;GAGG;AAEH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,6BAA6B,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,UAAU,CAClB,cAAc,EACd,yDAAyD,EACzD,EAAE,IAAI,EAAE,CACT,CAAC;IACJ,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IACtC,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,sDAAsD,EAAE;YAC3F,IAAI;SACL,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,CAAS;IAC5C,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC"}

package/dist/util/path-safety.d.ts

@@ -3,6 +3,21 @@ export interface SafePathContext {
     rootRealCache: Map<string, string>;
 }
 export declare function createSafePathContext(): SafePathContext;
+/**
+ * Lexical-only containment check for a config-supplied relative path
+ * (e.g. `.squad.yaml` `learnings.path` / `tasks.path`).
+ *
+ * Sync; no filesystem access. Throws PATH_TRAVERSAL_DENIED if `configuredPath`
+ * is absolute, or escapes `workspaceRoot` after lexical normalization. Used at
+ * the boundary where the LLM-controllable config first becomes a real fs path
+ * — without this, `.squad.yaml` with `learnings.path: ../../etc/whatever` gives
+ * an arbitrary-write primitive (CWE-22).
+ *
+ * Does NOT resolve symlinks. The config itself lives inside the workspace, so
+ * TOCTOU symlink swap is not in this gateway's threat model — the writer side
+ * (resolveSafePath) handles that for the data write path.
+ */
+export declare function ensureRelativeInsideRoot(workspaceRoot: string, configuredPath: string, settingName: string): void;
 /**
  * Resolve a user-supplied file path safely against a workspace root.
  *

package/dist/util/path-safety.js

@@ -1,11 +1,39 @@
-import { promises as fs } from 'node:fs';
-import path from 'node:path';
-import { SquadError } from '../errors.js';
-import { rejectIfMalformed, realpathOrSelf } from './path-internal.js';
+import { promises as fs } from "node:fs";
+import path from "node:path";
+import { SquadError } from "../errors.js";
+import { rejectIfMalformed, realpathOrSelf } from "./path-internal.js";
 export const MAX_BYTES = 16_384;
 export function createSafePathContext() {
     return { rootRealCache: new Map() };
 }
+/**
+ * Lexical-only containment check for a config-supplied relative path
+ * (e.g. `.squad.yaml` `learnings.path` / `tasks.path`).
+ *
+ * Sync; no filesystem access. Throws PATH_TRAVERSAL_DENIED if `configuredPath`
+ * is absolute, or escapes `workspaceRoot` after lexical normalization. Used at
+ * the boundary where the LLM-controllable config first becomes a real fs path
+ * — without this, `.squad.yaml` with `learnings.path: ../../etc/whatever` gives
+ * an arbitrary-write primitive (CWE-22).
+ *
+ * Does NOT resolve symlinks. The config itself lives inside the workspace, so
+ * TOCTOU symlink swap is not in this gateway's threat model — the writer side
+ * (resolveSafePath) handles that for the data write path.
+ */
+export function ensureRelativeInsideRoot(workspaceRoot, configuredPath, settingName) {
+    if (path.isAbsolute(configuredPath)) {
+        throw new SquadError("PATH_TRAVERSAL_DENIED", `${settingName} must be a workspace-relative path, not absolute`, { setting: settingName, configuredPath });
+    }
+    const rootAbs = path.resolve(workspaceRoot);
+    const candidateAbs = path.resolve(rootAbs, configuredPath);
+    const rel = path.relative(rootAbs, candidateAbs);
+    if (path.isAbsolute(rel) || rel === ".." || rel.startsWith(".." + path.sep)) {
+        throw new SquadError("PATH_TRAVERSAL_DENIED", `${settingName} escapes workspace_root`, {
+            setting: settingName,
+            configuredPath,
+        });
+    }
+}
 /**
  * Resolve a user-supplied file path safely against a workspace root.
  *
@@ -20,13 +48,15 @@ export function createSafePathContext() {
 export async function resolveSafePath(workspaceRoot, file, ctx) {
     rejectIfMalformed(file);
     if (workspaceRoot === undefined) {
-        if (path.isAbsolute(file) || file.includes('..')) {
-            throw new SquadError('PATH_REQUIRES_WORKSPACE', 'absolute or traversal-bearing path requires workspace_root', { file });
+        if (path.isAbsolute(file) || file.includes("..")) {
+            throw new SquadError("PATH_REQUIRES_WORKSPACE", "absolute or traversal-bearing path requires workspace_root", { file });
         }
         return file;
     }
     if (!path.isAbsolute(workspaceRoot)) {
-        throw new SquadError('PATH_INVALID', 'workspace_root must be absolute', { workspaceRoot });
+        throw new SquadError("PATH_INVALID", "workspace_root must be absolute", {
+            workspaceRoot,
+        });
     }
     const rootNormalized = path.normalize(workspaceRoot);
     let rootReal = ctx.rootRealCache.get(rootNormalized);
@@ -37,8 +67,12 @@ export async function resolveSafePath(workspaceRoot, file, ctx) {
     const fileNormalized = path.normalize(file);
     const candidateAbs = path.resolve(rootReal, fileNormalized);
     const lexicalRel = path.relative(rootReal, candidateAbs);
-    if (path.isAbsolute(lexicalRel) || lexicalRel === '..' || lexicalRel.startsWith('..' + path.sep)) {
-        throw new SquadError('PATH_TRAVERSAL_DENIED', 'path escapes workspace_root (lexical)', { file });
+    if (path.isAbsolute(lexicalRel) ||
+        lexicalRel === ".." ||
+        lexicalRel.startsWith(".." + path.sep)) {
+        throw new SquadError("PATH_TRAVERSAL_DENIED", "path escapes workspace_root (lexical)", {
+            file,
+        });
     }
     let candidateExists = false;
     try {
@@ -51,8 +85,8 @@ export async function resolveSafePath(workspaceRoot, file, ctx) {
     if (candidateExists) {
         const candidateReal = await realpathOrSelf(candidateAbs);
         const realRel = path.relative(rootReal, candidateReal);
-        if (path.isAbsolute(realRel) || realRel === '..' || realRel.startsWith('..' + path.sep)) {
-            throw new SquadError('PATH_TRAVERSAL_DENIED', 'path escapes workspace_root (after realpath)', { file });
+        if (path.isAbsolute(realRel) || realRel === ".." || realRel.startsWith(".." + path.sep)) {
+            throw new SquadError("PATH_TRAVERSAL_DENIED", "path escapes workspace_root (after realpath)", { file });
         }
         return candidateReal;
     }
@@ -67,7 +101,7 @@ export async function resolveSafePath(workspaceRoot, file, ctx) {
 export async function readSnippet(absPath) {
     let fh;
     try {
-        fh = await fs.open(absPath, 'r');
+        fh = await fs.open(absPath, "r");
     }
     catch {
         return null;
@@ -76,7 +110,7 @@ export async function readSnippet(absPath) {
         const buf = Buffer.alloc(MAX_BYTES);
         const { bytesRead } = await fh.read(buf, 0, MAX_BYTES, 0);
         return {
-            content: buf.slice(0, bytesRead).toString('utf8'),
+            content: buf.slice(0, bytesRead).toString("utf8"),
             truncated: bytesRead === MAX_BYTES,
         };
     }

package/dist/util/path-safety.js.map

@@ -1 +1 @@
-{"version":3,"file":"path-safety.js","sourceRoot":"","sources":["../../src/util/path-safety.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEvE,MAAM,CAAC,MAAM,SAAS,GAAG,MAAM,CAAC;AAMhC,MAAM,UAAU,qBAAqB;IACnC,OAAO,EAAE,aAAa,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC;AACtC,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,aAAiC,EACjC,IAAY,EACZ,GAAoB;IAEpB,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAExB,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;QAChC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,UAAU,CAClB,yBAAyB,EACzB,4DAA4D,EAC5D,EAAE,IAAI,EAAE,CACT,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,iCAAiC,EAAE,EAAE,aAAa,EAAE,CAAC,CAAC;IAC7F,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IACrD,IAAI,QAAQ,GAAG,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACrD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,QAAQ,GAAG,MAAM,cAAc,CAAC,cAAc,CAAC,CAAC;QAChD,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAE5D,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzD,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,UAAU,KAAK,IAAI,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACjG,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,uCAAuC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACnG,CAAC;IAED,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC9B,eAAe,GAAG,IAAI,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,0DAA0D;IAC5D,CAAC;IAED,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QACzD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QACvD,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACxF,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,8CAA8C,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1G,CAAC;QACD,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAOD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAe;IAC/C,IAAI,EAAE,CAAC;IACP,IAAI,CAAC;QACH,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACpC,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;QAC1D,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,SAAS,EAAE,SAAS,KAAK,SAAS;SACnC,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC"}
+{"version":3,"file":"path-safety.js","sourceRoot":"","sources":["../../src/util/path-safety.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEvE,MAAM,CAAC,MAAM,SAAS,GAAG,MAAM,CAAC;AAMhC,MAAM,UAAU,qBAAqB;IACnC,OAAO,EAAE,aAAa,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC;AACtC,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,wBAAwB,CACtC,aAAqB,EACrB,cAAsB,EACtB,WAAmB;IAEnB,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,UAAU,CAClB,uBAAuB,EACvB,GAAG,WAAW,kDAAkD,EAChE,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,CACzC,CAAC;IACJ,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACjD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,GAAG,WAAW,yBAAyB,EAAE;YACrF,OAAO,EAAE,WAAW;YACpB,cAAc;SACf,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,aAAiC,EACjC,IAAY,EACZ,GAAoB;IAEpB,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAExB,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;QAChC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,UAAU,CAClB,yBAAyB,EACzB,4DAA4D,EAC5D,EAAE,IAAI,EAAE,CACT,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,iCAAiC,EAAE;YACtE,aAAa;SACd,CAAC,CAAC;IACL,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IACrD,IAAI,QAAQ,GAAG,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACrD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,QAAQ,GAAG,MAAM,cAAc,CAAC,cAAc,CAAC,CAAC;QAChD,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAE5D,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzD,IACE,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAC3B,UAAU,KAAK,IAAI;QACnB,UAAU,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EACtC,CAAC;QACD,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,uCAAuC,EAAE;YACrF,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC9B,eAAe,GAAG,IAAI,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,0DAA0D;IAC5D,CAAC;IAED,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,CAAC;QACzD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QACvD,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACxF,MAAM,IAAI,UAAU,CAClB,uBAAuB,EACvB,8CAA8C,EAC9C,EAAE,IAAI,EAAE,CACT,CAAC;QACJ,CAAC;QACD,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAOD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAe;IAC/C,IAAI,EAAE,CAAC;IACP,IAAI,CAAC;QACH,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACpC,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;QAC1D,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YACjD,SAAS,EAAE,SAAS,KAAK,SAAS;SACnC,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gempack/squad-mcp",
-  "version": "0.6.4",
+  "version": "0.7.0",
   "description": "MCP server for the squad-dev workflow: classification, risk scoring, agent selection, advisory orchestration",
   "type": "module",
   "license": "Apache-2.0",
@@ -37,7 +37,12 @@
     "dev": "tsx src/index.ts",
     "test": "vitest run",
     "test:watch": "vitest",
-    "lint": "tsc --noEmit",
+    "test:coverage": "vitest run --coverage",
+    "smoke": "node tests/smoke.mjs",
+    "typecheck": "tsc --noEmit",
+    "lint": "tsc --noEmit && eslint .",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
     "prepublishOnly": "npm run build"
   },
   "files": [
@@ -75,8 +80,14 @@
   "devDependencies": {
     "@types/js-yaml": "^4.0.9",
     "@types/node": "^22.0.0",
+    "@typescript-eslint/eslint-plugin": "^8.0.0",
+    "@typescript-eslint/parser": "^8.0.0",
+    "@vitest/coverage-v8": "^2.1.0",
+    "eslint": "^9.0.0",
+    "prettier": "^3.3.0",
     "tsx": "^4.19.0",
     "typescript": "^5.6.0",
+    "typescript-eslint": "^8.0.0",
     "vitest": "^2.1.0"
   }
 }

package/shared/Skill-Squad-Dev.md

@@ -1,24 +1,26 @@
 # Skill: Squad Dev
 
 ## Objective
+
 Development skill that takes a user prompt, builds an implementation plan, runs gated advisory with specialized agents, implements, and consolidates via TechLead-Consolidator. Codex is optional (`/squad --codex`) and may be auto-suggested when the plan is high-risk.
 
 ## Skill Name
+
 `/squad`
 
 ## Agent Registry
 
-| subagent_type              | Purpose                                     |
-| -------------------------- | ------------------------------------------- |
-| `po`                       | Business value, UX, requirements fit        |
-| `tech-lead-planner`        | Pre-implementation trade-offs and viability |
-| `tech-lead-consolidator`   | Post-implementation final verdict           |
-| `senior-architect`         | Boundaries, DI, scalability                 |
-| `senior-dba`               | Queries, migrations, EF, cache              |
-| `senior-developer`         | Correctness, robustness, APIs, observability|
-| `senior-dev-reviewer`      | Readability, idioms, naming                 |
-| `senior-dev-security`      | OWASP, authz, sensitive data                |
-| `senior-qa`                | Test coverage, strategy, reliability        |
+| subagent_type            | Purpose                                      |
+| ------------------------ | -------------------------------------------- |
+| `po`                     | Business value, UX, requirements fit         |
+| `tech-lead-planner`      | Pre-implementation trade-offs and viability  |
+| `tech-lead-consolidator` | Post-implementation final verdict            |
+| `senior-architect`       | Boundaries, DI, scalability                  |
+| `senior-dba`             | Queries, migrations, EF, cache               |
+| `senior-developer`       | Correctness, robustness, APIs, observability |
+| `senior-dev-reviewer`    | Readability, idioms, naming                  |
+| `senior-dev-security`    | OWASP, authz, sensitive data                 |
+| `senior-qa`              | Test coverage, strategy, reliability         |
 
 ## General Flow
 
@@ -86,11 +88,13 @@ Summary + modified files + tests + validations + rollback plan + next steps.
 ## Phase Details
 
 ### Phase 0 — Pre-Check
+
 1. Run `git status`; capture current branch.
 2. If uncommitted, unrelated changes are present, warn and ask the user before proceeding.
 3. Record starting SHA for the delivery report.
 
 ### Phase 1 — Understanding and Risk
+
 - Read `$ARGUMENTS`; detect `--codex`.
 - Classify type: Feature / Bug Fix / Refactor / Performance / Security / Business Rule.
 - Explore the codebase (Glob, Grep, Read) to locate the affected area and patterns.
@@ -188,6 +192,7 @@ Be direct. If the plan is good, say so. Do not invent problems.
 Absorb relevant suggestions and show an adjusted-plan diff summary.
 
 ### Phase 4 — Gate 1: User Approval
+
 Present the final plan and wait for explicit approval. Do not proceed without it.
 
 ### Phase 5 — Advisory Squad
@@ -204,6 +209,7 @@ Present the final plan and wait for explicit approval. Do not proceed without it
 | Business Rule | po, senior-developer, senior-qa                  | +senior-dba if data-bound                                                              |
 
 **Hard conditionals based on touched files:**
+
 - Query / Migration / EF / Cache → `senior-dba` required
 - DI / Boundaries / new project or module → `senior-architect` required
 - Endpoint / Auth / Middleware → `senior-dev-security` required
@@ -237,13 +243,16 @@ Stay inside your ownership. Forward anything outside your scope.
 Send all selected agents in a single message with multiple tool calls so they run in parallel.
 
 ### Phase 6 — Gate 2: Blocker Halt
+
 - Any advisory Blocker → HALT. Surface blockers and ask the user how to proceed (revise plan, accept risk, abort).
 - Major/Minor → proceed, capturing them as acceptance criteria for implementation.
 
 ### Phase 7 — Escalation Round (optional)
+
 If an advisory agent forwarded a Blocker/Major to an agent that was not selected, spawn that missing agent with only that forwarded item (not a full review).
 
 ### Phase 8 — Implementation
+
 - Follow the plan and advisory acceptance criteria.
 - Read → Edit/Write each file. Respect project patterns.
 - Method names in English. No emojis.
@@ -285,6 +294,7 @@ Be direct. If it is good, say so. Do not request cosmetic refactors.
 Spawn `tech-lead-consolidator` with every advisory report and the delivered delta. Consolidator produces the final verdict and rollback plan.
 
 ### Phase 11 — Gate 3: Reject Loop (max 2 iterations)
+
 - APPROVED / CHANGES REQUIRED (non-blocker) → apply fixes, then deliver.
 - REJECTED → apply the fix list, re-run affected agents on the delta, re-consolidate.
 - After 2 iterations, stop and hand the situation to the user.
@@ -338,13 +348,13 @@ Spawn `tech-lead-consolidator` with every advisory report and the delivered delt
 
 ## Skill Parameters
 
-| Parameter | Type   | Default | Description |
-|-----------|--------|---------|-------------|
-| --codex   | flag   | off     | Enable Codex for plan validation and implementation review |
+| Parameter | Type   | Default | Description                                                                        |
+| --------- | ------ | ------- | ---------------------------------------------------------------------------------- |
+| --codex   | flag   | off     | Enable Codex for plan validation and implementation review                         |
 | --quick   | flag   | off     | Quick mode (see below). Trades depth for speed. Mutually exclusive with `--codex`. |
-| squad     | string | auto    | Specific squad or "auto" for detection |
-| plan-only | bool   | false   | Build the plan only, do not execute |
-| verbose   | bool   | false   | Show individual agent reports inline |
+| squad     | string | auto    | Specific squad or "auto" for detection                                             |
+| plan-only | bool   | false   | Build the plan only, do not execute                                                |
+| verbose   | bool   | false   | Show individual agent reports inline                                               |
 
 ## Quick Mode (`--quick`)
 
@@ -352,16 +362,16 @@ Reduced agent set, terse prompts, condensed delivery. Suitable for small fixes,
 
 Phase deltas vs. normal mode:
 
-| Phase | Normal | Quick |
-|-------|--------|-------|
-| Plan | Full plan with risks/decisions/tests | Condensed: objective, files, top 1-2 risks. Skip alternatives table. |
-| Codex plan validation | Opt-in via `--codex` | Force-disabled. `--quick --codex` is rejected. |
-| User approval gate | Always required | Auto-proceed when risk Low AND scope ≤3 files AND no security/data path. Otherwise still gates. |
-| Squad | Auto-detect 3-7 specialists + tech-lead | Hard cap: 1 specialist + tech-lead. Specialist = work-type primary. |
-| Agent prompts | Full template | "Flag only Blocker/Major. ≤200 words. No long template. If clean, reply 'No issues in scope.'" |
-| Codex review | Opt-in | Skipped (force-disabled with `--quick`) |
-| Tech-lead consolidator | Always | Skipped when zero Blocker/Major from specialist |
-| Delivery | Full report | Condensed: objective, files, tests, residual risks |
+| Phase                  | Normal                                  | Quick                                                                                           |
+| ---------------------- | --------------------------------------- | ----------------------------------------------------------------------------------------------- |
+| Plan                   | Full plan with risks/decisions/tests    | Condensed: objective, files, top 1-2 risks. Skip alternatives table.                            |
+| Codex plan validation  | Opt-in via `--codex`                    | Force-disabled. `--quick --codex` is rejected.                                                  |
+| User approval gate     | Always required                         | Auto-proceed when risk Low AND scope ≤3 files AND no security/data path. Otherwise still gates. |
+| Squad                  | Auto-detect 3-7 specialists + tech-lead | Hard cap: 1 specialist + tech-lead. Specialist = work-type primary.                             |
+| Agent prompts          | Full template                           | "Flag only Blocker/Major. ≤200 words. No long template. If clean, reply 'No issues in scope.'"  |
+| Codex review           | Opt-in                                  | Skipped (force-disabled with `--quick`)                                                         |
+| Tech-lead consolidator | Always                                  | Skipped when zero Blocker/Major from specialist                                                 |
+| Delivery               | Full report                             | Condensed: objective, files, tests, residual risks                                              |
 
 Critical-change auto-fallback: if scope touches `auth`, `crypto`, `permissions`, `Program.cs`, `Startup.cs`, migrations, EF mappings, or `appsettings`, fall back to normal mode with warning `Quick mode disabled — change touches security/data layer. Running full workflow.`.
 
@@ -387,6 +397,7 @@ Critical-change auto-fallback: if scope touches `auth`, `crypto`, `permissions`,
 ```
 
 ## Inviolable Rules
+
 1. Every implementation starts from a plan (approved explicitly, or auto-proceeded under `--quick` when risk Low).
 2. Codex only runs with user consent (flag or confirmed auto-suggestion). Never combined with `--quick`.
 3. TechLead-Consolidator always delivers the final verdict in normal mode. Under `--quick`, skipped only when the specialist reports zero Blocker/Major findings.