@integrity-labs/agt-cli 0.19.18 → 0.19.20

package/mcp/slack-channel.js

@@ -14734,6 +14734,202 @@ function buildChannelInfoResult(args) {
   return { ok: true, channel, bot_user_handle: botUserHandle };
 }
 
+// src/slack-peer-classifier.ts
+var CODE_NAME_RE = /^[a-z0-9]+(-[a-z0-9]+)*$/;
+function classifyPeerMessage(msg, cfg, self) {
+  if (!msg.bot_id) return { kind: "human" };
+  if (self.bot_user_id !== null && msg.user === self.bot_user_id) {
+    return { kind: "self" };
+  }
+  if (cfg.peer_disabled_mode === "all") {
+    return { kind: "drop", reason: "peer_disabled_all" };
+  }
+  if (cfg.peer_agent_mode === "off") {
+    return { kind: "drop", reason: "mode_off" };
+  }
+  if (cfg.peer_group_ids.length === 0) {
+    if (msg.channel_type !== "im") {
+      return { kind: "drop", reason: "chat_not_allowed" };
+    }
+  } else if (!cfg.peer_group_ids.includes(msg.channel)) {
+    return { kind: "drop", reason: "chat_not_allowed" };
+  }
+  const peer = cfg.peers.find((p) => p.bot_user_id === msg.user);
+  if (!peer) {
+    return { kind: "drop", reason: "unknown_peer" };
+  }
+  if (peer.gate_path === null) {
+    return { kind: "drop", reason: "cross_team_grant_missing" };
+  }
+  if (cfg.peer_disabled_mode === "cross_team_only" && peer.gate_path !== void 0 && peer.gate_path !== "same_team") {
+    return { kind: "drop", reason: "peer_disabled_cross_team" };
+  }
+  if (self.bot_user_id === null) {
+    return { kind: "drop", reason: "self_resolution_pending" };
+  }
+  const addressing = classifyAddressing(msg, self.bot_user_id);
+  if (!addressing.addressed) {
+    return { kind: "drop", reason: "not_addressed" };
+  }
+  if (addressing.viaReplyOnly) {
+    const inAllowedGroup = cfg.peer_group_ids.length > 0 && cfg.peer_group_ids.includes(msg.channel);
+    const respondMode = cfg.peer_agent_mode === "respond";
+    if (!(inAllowedGroup && respondMode)) {
+      return { kind: "drop", reason: "not_addressed" };
+    }
+  }
+  return { kind: "peer-ingress", peer };
+}
+function classifyAddressing(msg, ourBotUserId) {
+  const text = msg.text ?? "";
+  const mentionToken = `<@${ourBotUserId}>`;
+  const viaMention = text.includes(mentionToken);
+  const viaReply = !!msg.thread_ts && msg.thread_ts !== void 0 && msg.parent_user_id === ourBotUserId;
+  if (viaMention) {
+    return { addressed: true, viaReplyOnly: false };
+  }
+  if (viaReply) {
+    return { addressed: true, viaReplyOnly: true };
+  }
+  return { addressed: false, viaReplyOnly: false };
+}
+function parsePeersEnv(raw, gateRaw) {
+  if (!raw || raw.trim().length === 0) return [];
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    return [];
+  }
+  if (!Array.isArray(parsed)) return [];
+  const gateMap = /* @__PURE__ */ new Map();
+  let gateConfigInvalid = false;
+  if (gateRaw && gateRaw.trim().length > 0) {
+    try {
+      const gateParsed = JSON.parse(gateRaw);
+      if (!gateParsed || typeof gateParsed !== "object" || Array.isArray(gateParsed)) {
+        gateConfigInvalid = true;
+      } else {
+        for (const [k, v] of Object.entries(gateParsed)) {
+          if (v === null) {
+            gateMap.set(k, null);
+          } else if (typeof v === "string") {
+            const isGrantPath = v.startsWith("grant:") && v.slice("grant:".length).trim().length > 0;
+            if (v === "same_team" || v === "intra_org_unrestricted" || isGrantPath) {
+              gateMap.set(k, v);
+            } else {
+              gateConfigInvalid = true;
+              break;
+            }
+          } else {
+            gateConfigInvalid = true;
+            break;
+          }
+        }
+      }
+    } catch {
+      gateConfigInvalid = true;
+    }
+    if (gateConfigInvalid) {
+      console.error(
+        "[slack-peer-classifier] SLACK_PEERS_GATE is present but malformed; failing closed (every peer drops as cross_team_grant_missing)"
+      );
+    }
+  }
+  const out = [];
+  for (const entry of parsed) {
+    if (entry && typeof entry === "object" && typeof entry.code_name === "string" && CODE_NAME_RE.test(entry.code_name) && typeof entry.agent_id === "string" && typeof entry.bot_user_id === "string" && entry.bot_user_id.length > 0) {
+      const e = entry;
+      const peer = {
+        code_name: e.code_name,
+        bot_user_id: e.bot_user_id,
+        agent_id: e.agent_id
+      };
+      if (gateConfigInvalid) {
+        peer.gate_path = null;
+      } else if (gateMap.has(e.bot_user_id)) {
+        peer.gate_path = gateMap.get(e.bot_user_id) ?? null;
+      }
+      out.push(peer);
+    }
+  }
+  return out;
+}
+function parsePeerGroupIdsEnv(raw) {
+  if (!raw) return [];
+  return raw.split(",").map((s) => s.trim()).filter(Boolean);
+}
+function parsePeerAgentModeEnv(raw) {
+  if (raw === "listen" || raw === "respond") return raw;
+  return "off";
+}
+
+// src/cross-team-peer-audit-client.ts
+var REQUEST_TIMEOUT_MS = 1e4;
+function createCrossTeamPeerAuditClient(args) {
+  if (!args.agtHost || !args.agtApiKey || !args.agentId) return null;
+  const fetchImpl = args.fetchImpl ?? fetch;
+  const log = args.log ?? (() => {
+  });
+  const base = args.agtHost.replace(/\/+$/, "");
+  const agentId = args.agentId;
+  const apiKey = args.agtApiKey;
+  let cachedToken = null;
+  let cachedTokenExpiresAt = 0;
+  async function getToken() {
+    if (cachedToken && Date.now() < cachedTokenExpiresAt) return cachedToken;
+    const resp = await fetchImpl(`${base}/host/exchange`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ host_key: apiKey }),
+      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
+    });
+    if (!resp.ok) {
+      const body = await resp.text().catch(() => "");
+      throw new Error(`/host/exchange failed (${resp.status}): ${body.slice(0, 200)}`);
+    }
+    const data = await resp.json();
+    cachedToken = data.token;
+    cachedTokenExpiresAt = data.expires_at ? new Date(data.expires_at).getTime() - 12e4 : Date.now() + 55 * 6e4;
+    return cachedToken;
+  }
+  async function postOnce(event) {
+    const token = await getToken();
+    return fetchImpl(`${base}/host/cross-team-peer-event`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${token}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ agent_id: agentId, ...event }),
+      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
+    });
+  }
+  async function emitAsync(event) {
+    try {
+      let resp = await postOnce(event);
+      if (resp.status === 401) {
+        cachedToken = null;
+        cachedTokenExpiresAt = 0;
+        resp = await postOnce(event);
+      }
+      if (!resp.ok) {
+        const body = await resp.text().catch(() => "");
+        log(
+          `cross-team-peer-audit: POST failed (${resp.status}) event=${event.event_type}: ${body.slice(0, 200)}`
+        );
+      }
+    } catch (err) {
+      log(`cross-team-peer-audit: emit threw event=${event.event_type}: ${err.message}`);
+    }
+  }
+  return {
+    emit(event) {
+      void emitAsync(event);
+    }
+  };
+}
+
 // src/slack-channel.ts
 var BOT_TOKEN = process.env.SLACK_BOT_TOKEN;
 var APP_TOKEN = process.env.SLACK_APP_TOKEN;
@@ -14749,6 +14945,35 @@ var ALLOWED_USERS = new Set(
 );
 var THREAD_AUTO_FOLLOW = process.env.SLACK_THREAD_AUTO_FOLLOW ?? "off";
 var CHANNEL_RESPONSE_MODE = parseResponseMode(process.env.SLACK_CHANNEL_RESPONSE_MODE);
+var SLACK_PEER_DISABLED_MODE = (() => {
+  const raw = (process.env.PEER_DISABLED ?? "").trim().toLowerCase();
+  if (raw === "" || raw === "off") return "off";
+  if (raw === "cross_team_only" || raw === "all") return raw;
+  process.stderr.write(
+    `slack-channel: invalid PEER_DISABLED=${JSON.stringify(process.env.PEER_DISABLED)} \u2014 defaulting to 'all' (fail-closed)
+`
+  );
+  return "all";
+})();
+if (SLACK_PEER_DISABLED_MODE !== "off") {
+  process.stderr.write(
+    `slack-channel: PEER_DISABLED=${SLACK_PEER_DISABLED_MODE} \u2014 ${SLACK_PEER_DISABLED_MODE === "all" ? "every peer surface short-circuited" : "cross-team peers dropped, same-team peers admitted"}
+`
+  );
+}
+var crossTeamPeerAuditClient = createCrossTeamPeerAuditClient({
+  agtHost: AGT_HOST,
+  agtApiKey: AGT_API_KEY,
+  agentId: AGT_AGENT_ID,
+  log: (line) => process.stderr.write(`slack-channel: ${line}
+`)
+});
+var SLACK_PEER_CLASSIFIER_CONFIG = {
+  peer_agent_mode: parsePeerAgentModeEnv(process.env.SLACK_PEER_AGENT_MODE),
+  peer_group_ids: parsePeerGroupIdsEnv(process.env.SLACK_PEER_GROUP_IDS),
+  peers: parsePeersEnv(process.env.SLACK_PEERS, process.env.SLACK_PEERS_GATE),
+  peer_disabled_mode: SLACK_PEER_DISABLED_MODE
+};
 var RESPONSE_TIMEOUT_MS = 3e5;
 var pendingMessages = /* @__PURE__ */ new Map();
 var SLACK_AGENT_DIR = AGENT_CODE_NAME ? join2(homedir2(), ".augmented", AGENT_CODE_NAME) : null;
@@ -16715,6 +16940,63 @@ async function connectSocketMode() {
         return;
       }
       if (ALLOWED_USERS.size > 0 && evt.user && !ALLOWED_USERS.has(evt.user)) return;
+      if (evt.bot_id) {
+        const peerMsg = {
+          text: evt.text,
+          channel: evt.channel ?? "",
+          channel_type: evt.channel_type,
+          user: evt.user,
+          bot_id: evt.bot_id,
+          thread_ts: evt.thread_ts,
+          parent_user_id: evt.parent_user_id
+        };
+        const decision = classifyPeerMessage(
+          peerMsg,
+          SLACK_PEER_CLASSIFIER_CONFIG,
+          { bot_user_id: botUserId }
+        );
+        if (decision.kind === "self") return;
+        if (decision.kind === "drop") {
+          const channelHash = createHash("sha256").update(evt.channel ?? "").digest("hex").slice(0, 8);
+          process.stderr.write(
+            `slack-channel: peer drop reason=${decision.reason} channel=${channelHash}
+`
+          );
+          if (decision.reason === "cross_team_grant_missing") {
+            crossTeamPeerAuditClient?.emit({
+              event_type: "slack.peer.drop.cross_team_grant_missing",
+              peer_agent_id: null,
+              gate_path: null,
+              grant_id: null,
+              chat_id: evt.channel ?? null,
+              message_id: evt.ts ?? null
+            });
+          }
+          return;
+        }
+        if (decision.kind === "peer-ingress") {
+          const peerGate = decision.peer.gate_path;
+          if (peerGate === "intra_org_unrestricted") {
+            crossTeamPeerAuditClient?.emit({
+              event_type: "slack.peer.ingress.cross_team",
+              peer_agent_id: decision.peer.agent_id || null,
+              gate_path: peerGate,
+              grant_id: null,
+              chat_id: evt.channel ?? null,
+              message_id: evt.ts ?? null
+            });
+          } else if (typeof peerGate === "string" && peerGate.startsWith("grant:")) {
+            crossTeamPeerAuditClient?.emit({
+              event_type: "slack.peer.ingress.cross_team",
+              peer_agent_id: decision.peer.agent_id || null,
+              gate_path: peerGate,
+              grant_id: peerGate.slice("grant:".length),
+              chat_id: evt.channel ?? null,
+              message_id: evt.ts ?? null
+            });
+          }
+        }
+      }
       if (evt.type === "app_mention") {
         rememberThread(evt.channel, trackTs, "mentioned");
       }