npm - @integrity-labs/agt-cli - Versions diffs - 0.28.144 → 0.28.146 - Mend

@integrity-labs/agt-cli 0.28.144 → 0.28.146

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist/bin/agt.js CHANGED Viewed

@@ -37,7 +37,7 @@ import {
   success,
   table,
   warn
-} from "../chunk-F2UOJCBZ.js";
+} from "../chunk-X3O5A2NQ.js";
 import {
   CHANNEL_REGISTRY,
   DEPLOYMENT_TEMPLATES,
@@ -64,7 +64,7 @@ import {
   renderTemplate,
   resolveChannels,
   serializeManifestForSlackCli
-} from "../chunk-SBVI6NJW.js";
+} from "../chunk-POW4BZEC.js";
 // src/bin/agt.ts
 import { join as join22 } from "path";
@@ -4777,7 +4777,7 @@ import { execFileSync, execSync } from "child_process";
 import { existsSync as existsSync10, realpathSync as realpathSync2 } from "fs";
 import chalk18 from "chalk";
 import ora16 from "ora";
-var cliVersion = true ? "0.28.144" : "dev";
+var cliVersion = true ? "0.28.146" : "dev";
 async function fetchLatestVersion() {
   const host2 = getHost();
   if (!host2) return null;
@@ -5791,7 +5791,7 @@ function handleError(err) {
 }
 // src/bin/agt.ts
-var cliVersion2 = true ? "0.28.144" : "dev";
+var cliVersion2 = true ? "0.28.146" : "dev";
 var program = new Command();
 program.name("agt").description("Augmented CLI \u2014 agent provisioning and management").version(cliVersion2).option("--json", "Emit machine-readable JSON output (suppress spinners and colors)").option("--skip-update-check", "Skip the automatic update check on startup");
 program.hook("preAction", async (thisCommand, actionCommand) => {

package/dist/{chunk-P7HRYVA3.js → chunk-NXPB7XSK.js} RENAMED Viewed

@@ -3,7 +3,7 @@ import {
   formatMissingVar,
   isClaudeFastMode,
   probeMcpEnvSubstitution
-} from "./chunk-SBVI6NJW.js";
+} from "./chunk-POW4BZEC.js";
 import {
   reapOrphanChannelMcps
 } from "./chunk-XWVM4KPK.js";
@@ -1589,4 +1589,4 @@ export {
   stopAllSessionsAndWait,
   getProjectDir
 };
-//# sourceMappingURL=chunk-P7HRYVA3.js.map
+//# sourceMappingURL=chunk-NXPB7XSK.js.map

package/dist/{chunk-SBVI6NJW.js → chunk-POW4BZEC.js} RENAMED Viewed

@@ -109,7 +109,14 @@ var CHANNEL_REGISTRY = [
   { id: "slack", name: "Slack", securityTier: "standard", e2eEncrypted: false, auditTrail: true, publicExposureRisk: "Low" },
   { id: "msteams", name: "Microsoft Teams", securityTier: "standard", e2eEncrypted: false, auditTrail: true, publicExposureRisk: "Low" },
   { id: "telegram", name: "Telegram", securityTier: "standard", e2eEncrypted: "optional", auditTrail: "partial", publicExposureRisk: "Medium" },
-  { id: "whatsapp", name: "WhatsApp", securityTier: "elevated", e2eEncrypted: true, auditTrail: false, publicExposureRisk: "Medium" },
+  // WhatsApp is wired through a Business-Platform provider (Kapso -> Meta Cloud
+  // API, ENG-6812), NOT consumer WhatsApp. That path terminates end-to-end
+  // encryption at Meta and the message content also transits the provider, so
+  // for our purposes it is a standard TLS-transport channel, not an E2E
+  // elevated one. Classifying it elevated / e2eEncrypted:true would let the
+  // channel-policy lint (PII-on-limited / require-elevated-for-pii) reason on a
+  // false premise. See docs/research/eng-6810-kapso-whatsapp-integration.md.
+  { id: "whatsapp", name: "WhatsApp", securityTier: "standard", e2eEncrypted: false, auditTrail: false, publicExposureRisk: "Medium" },
   { id: "signal", name: "Signal", securityTier: "elevated", e2eEncrypted: true, auditTrail: false, publicExposureRisk: "Low" },
   { id: "discord", name: "Discord", securityTier: "limited", e2eEncrypted: false, auditTrail: false, publicExposureRisk: "High" },
   { id: "irc", name: "IRC", securityTier: "limited", e2eEncrypted: false, auditTrail: false, publicExposureRisk: "High" },
@@ -1655,6 +1662,16 @@ var FLAG_REGISTRY = [
     // control with no pre-flags env gate to migrate (ADR-0022).
     defaultValue: false
   },
+  {
+    key: "skill-fragments",
+    description: "Agent-contributed additive skill fragments (ENG-6811, epic ENG-6805 P2a): when on, an agent can propose an additive fragment for a shared (team/org) skill via the skill_contribute_fragment MCP tool; accepted fragments compose into the parent skill's delivered body in one delimited region at /host/refresh. This is the per-org activation gate for the whole additive path - it gates BOTH the contribute tool (off = soft-refuse, no fragment is created) AND compose-at-refresh (off = agents receive the core body only), so flipping it off is a clean kill switch that reverts shared skills to operator-owned content. Boolean gate; ships dark.",
+    flagType: "boolean",
+    // Declared safe value is `false` (no contribution, no compose). Fail-safe
+    // direction: a flag-DB read error must never start composing agent-authored
+    // content into a shared skill's delivered body on its own. No envVar - net-new
+    // control with no pre-flags env gate to migrate (ADR-0022).
+    defaultValue: false
+  },
   {
     key: "channel-quarantine-mode",
     description: "Optional-channel quarantine (ENG-5932): off = disabled, shadow = log matches only, enforce = quarantine.",
@@ -6056,4 +6073,4 @@ export {
   parseEnvIntegrations,
   probeMcpEnvSubstitution
 };
-//# sourceMappingURL=chunk-SBVI6NJW.js.map
+//# sourceMappingURL=chunk-POW4BZEC.js.map