@kernel.chat/kbot 3.99.30 → 3.99.33

package/README.md

@@ -30,7 +30,7 @@ Most terminal AI agents lock you into one provider, one model, one way of workin
 - **20 providers, zero lock-in** — Claude, GPT, Gemini, Grok, DeepSeek, Groq, Mistral, SambaNova, Cerebras, OpenRouter, and more. Switch with one command.
 - **Runs fully offline** — Embedded llama.cpp, Ollama, LM Studio, or Jan. $0, fully private.
 - **Learns your patterns** — Bayesian skill ratings + pattern extraction. Gets faster over time.
-- **35 specialist agents** — auto-routes your request to the right expert (coder, researcher, writer, guardian, quant, and 30 more).
+- **35 specialist agents** — auto-routes your request to the right expert (coder, researcher, writer, guardian, quant, and 30 more). Run any agent manually: `kbot --agent <id> "<prompt>"`. List them: `kbot agents`.
 - **787+ tools** — files, bash, git, GitHub, web search, deploy, database, game dev, VFX, research, science, finance, security, music production, iPhone control, and more.
 - **Programmatic SDK** — use kbot as a library in your own apps.
 - **MCP server built in** — plug kbot into Claude Code, Cursor, VS Code, Zed, or Neovim as a tool provider.

package/dist/agents/security-agent.d.ts

@@ -0,0 +1,31 @@
+import { RULES, RULES_BY_ID, type Severity } from './security-rules.js';
+export type SecurityMode = 'scan' | 'scan-and-fix' | 'report-only';
+export interface SecurityFinding {
+    id: string;
+    severity: Severity;
+    category: string;
+    file: string;
+    line?: number;
+    description: string;
+    recommendation: string;
+    fixed?: boolean;
+}
+export interface SecurityReport {
+    scanned: number;
+    findings: SecurityFinding[];
+    fixesApplied: number;
+    summary: string;
+}
+export interface RunSecurityAgentInput {
+    target: string;
+    mode: SecurityMode;
+}
+/**
+ * Run the kbot security agent over a directory.
+ * - `scan`: read-only walk + report
+ * - `scan-and-fix`: applies the safest auto-fixes (currently md5 -> sha256)
+ * - `report-only`: identical to scan; never writes
+ */
+export declare function runSecurityAgent(input: RunSecurityAgentInput): Promise<SecurityReport>;
+export { RULES, RULES_BY_ID };
+//# sourceMappingURL=security-agent.d.ts.map

package/dist/agents/security-agent.js

@@ -0,0 +1,180 @@
+// kbot Security Agent — unified app-sec scanner over guardian/hacker tools.
+// Mirrors the Codex Security agent surface (March 2026). Single named entry
+// point: runSecurityAgent({ target, mode }).
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { RULES, RULES_BY_ID, SEVERITY_RANK, shouldScan, } from './security-rules.js';
+const SKIP_DIRS = new Set(['node_modules', 'dist', '.git', '.next', 'build', '.turbo']);
+function walk(dir, out) {
+    let entries;
+    try {
+        entries = fs.readdirSync(dir, { withFileTypes: true });
+    }
+    catch {
+        return;
+    }
+    for (const e of entries) {
+        if (e.name.startsWith('.') && !e.name.startsWith('.env')) {
+            // skip hidden dirs except .env-style files
+            if (e.isDirectory())
+                continue;
+        }
+        const full = path.join(dir, e.name);
+        if (e.isDirectory()) {
+            if (SKIP_DIRS.has(e.name))
+                continue;
+            walk(full, out);
+        }
+        else if (e.isFile()) {
+            if (shouldScan(e.name))
+                out.push(full);
+        }
+    }
+}
+function rankCompare(a, b) {
+    const r = SEVERITY_RANK[a.severity] - SEVERITY_RANK[b.severity];
+    if (r !== 0)
+        return r;
+    if (a.file !== b.file)
+        return a.file < b.file ? -1 : 1;
+    return (a.line ?? 0) - (b.line ?? 0);
+}
+function scanFile(file, mode) {
+    let text;
+    try {
+        text = fs.readFileSync(file, 'utf8');
+    }
+    catch {
+        return { findings: [], fixes: 0 };
+    }
+    const lines = text.split(/\r?\n/);
+    const findings = [];
+    let fixesApplied = 0;
+    let mutated = false;
+    const newLines = [...lines];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        const ctx = { file, line, lineNumber: i + 1, fullText: text };
+        for (const rule of RULES) {
+            if (rule.appliesTo && !rule.appliesTo(file))
+                continue;
+            const result = rule.test(ctx);
+            if (!result)
+                continue;
+            const hits = Array.isArray(result) ? result : [result];
+            for (const h of hits) {
+                let fixed;
+                if (mode === 'scan-and-fix' && h.fix) {
+                    // Conservative: only apply when the find string appears verbatim.
+                    if (newLines[i].includes(h.fix.find)) {
+                        newLines[i] = newLines[i].replace(h.fix.find, h.fix.replace);
+                        mutated = true;
+                        fixesApplied++;
+                        fixed = true;
+                    }
+                }
+                else if (mode === 'scan-and-fix' && !h.fix) {
+                    // Riskier patterns: log + skip with suggestion.
+                    fixed = false;
+                }
+                findings.push({
+                    id: h.id,
+                    severity: h.severity,
+                    category: h.category,
+                    file,
+                    line: i + 1,
+                    description: h.description,
+                    recommendation: h.recommendation,
+                    fixed,
+                });
+            }
+        }
+    }
+    if (mode === 'scan-and-fix' && mutated) {
+        fs.writeFileSync(file, newLines.join('\n'));
+    }
+    return { findings, fixes: fixesApplied };
+}
+function buildSummary(report) {
+    const counts = {
+        critical: 0, high: 0, medium: 0, low: 0, info: 0,
+    };
+    for (const f of report.findings)
+        counts[f.severity]++;
+    const lines = [];
+    lines.push('# kbot Security Agent Report');
+    lines.push('');
+    lines.push(`- Files scanned: **${report.scanned}**`);
+    lines.push(`- Findings: **${report.findings.length}**`);
+    lines.push(`- Fixes applied: **${report.fixesApplied}**`);
+    lines.push('');
+    lines.push('## Severity breakdown');
+    lines.push('');
+    lines.push(`- critical: ${counts.critical}`);
+    lines.push(`- high: ${counts.high}`);
+    lines.push(`- medium: ${counts.medium}`);
+    lines.push(`- low: ${counts.low}`);
+    lines.push(`- info: ${counts.info}`);
+    lines.push('');
+    if (report.findings.length > 0) {
+        lines.push('## Findings');
+        lines.push('');
+        for (const f of report.findings) {
+            const loc = f.line ? `${f.file}:${f.line}` : f.file;
+            const fixedTag = f.fixed === true ? ' [FIXED]'
+                : f.fixed === false ? ' [skipped]' : '';
+            lines.push(`- **[${f.severity.toUpperCase()}] ${f.id}** ${f.description}${fixedTag}`);
+            lines.push(`  - location: \`${loc}\``);
+            lines.push(`  - recommendation: ${f.recommendation}`);
+        }
+    }
+    else {
+        lines.push('No findings — clean.');
+    }
+    return lines.join('\n');
+}
+/**
+ * Run the kbot security agent over a directory.
+ * - `scan`: read-only walk + report
+ * - `scan-and-fix`: applies the safest auto-fixes (currently md5 -> sha256)
+ * - `report-only`: identical to scan; never writes
+ */
+export async function runSecurityAgent(input) {
+    const { target } = input;
+    const mode = input.mode ?? 'scan';
+    const files = [];
+    let stat;
+    try {
+        stat = fs.statSync(target);
+    }
+    catch {
+        const empty = {
+            scanned: 0, findings: [], fixesApplied: 0,
+        };
+        return { ...empty, summary: buildSummary(empty) };
+    }
+    if (stat.isDirectory()) {
+        walk(target, files);
+    }
+    else if (stat.isFile() && shouldScan(path.basename(target))) {
+        files.push(target);
+    }
+    const allFindings = [];
+    let fixesApplied = 0;
+    for (const file of files) {
+        const effectiveMode = mode === 'report-only' ? 'scan' : mode;
+        const { findings, fixes } = scanFile(file, effectiveMode);
+        allFindings.push(...findings);
+        fixesApplied += fixes;
+    }
+    allFindings.sort(rankCompare);
+    const base = {
+        scanned: files.length,
+        findings: allFindings,
+        fixesApplied,
+    };
+    return { ...base, summary: buildSummary(base) };
+}
+// Re-export the rule registry for callers that want to introspect / extend.
+export { RULES, RULES_BY_ID };
+//# sourceMappingURL=security-agent.js.map

package/dist/agents/security-rules.d.ts

@@ -0,0 +1,35 @@
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export interface RuleContext {
+    file: string;
+    line: string;
+    lineNumber: number;
+    fullText: string;
+}
+export interface RuleHit {
+    id: string;
+    severity: Severity;
+    category: string;
+    description: string;
+    recommendation: string;
+    /** Auto-fix descriptor — only present when a rule supports a safe fix. */
+    fix?: {
+        find: string;
+        replace: string;
+        label: string;
+    };
+}
+export interface Rule {
+    id: string;
+    category: string;
+    severity: Severity;
+    description: string;
+    recommendation: string;
+    appliesTo?: (file: string) => boolean;
+    test: (ctx: RuleContext) => RuleHit | RuleHit[] | null;
+}
+export declare const RULES: Rule[];
+export declare const RULES_BY_ID: Record<string, Rule>;
+export declare const SEVERITY_RANK: Record<Severity, number>;
+export declare const SCANNABLE_EXT: RegExp;
+export declare function shouldScan(file: string): boolean;
+//# sourceMappingURL=security-rules.d.ts.map

package/dist/agents/security-rules.js

@@ -0,0 +1,206 @@
+// kbot Security Agent — static rule catalog.
+// Lightweight regex / string scans. No AST. Each rule returns zero or more
+// hits given a single line of source text plus filename context.
+const isJsLike = (f) => /\.(ts|tsx|js|jsx|mjs|cjs)$/.test(f);
+const isEnvLike = (f) => /(^|\/)\.env(\..+)?$/.test(f);
+const isJson = (f) => f.endsWith('.json');
+// Compact factory — most rules share the shape "regex on line -> emit hit".
+function regexRule(opts) {
+    return {
+        id: opts.id,
+        category: opts.category,
+        severity: opts.severity,
+        description: opts.description,
+        recommendation: opts.recommendation,
+        appliesTo: opts.appliesTo,
+        test: (ctx) => {
+            if (!opts.pattern.test(ctx.line))
+                return null;
+            return {
+                id: opts.id,
+                severity: opts.severity,
+                category: opts.category,
+                description: opts.description,
+                recommendation: opts.recommendation,
+                fix: opts.fix ? opts.fix(ctx.line) : undefined,
+            };
+        },
+    };
+}
+export const RULES = [
+    regexRule({
+        id: 'SEC-001', category: 'secrets', severity: 'critical',
+        description: 'Hardcoded API key (sk-...) detected',
+        recommendation: 'Rotate the key and load from process.env instead.',
+        pattern: /['"`]sk-[A-Za-z0-9_-]{16,}['"`]/,
+    }),
+    regexRule({
+        id: 'SEC-002', category: 'secrets', severity: 'critical',
+        description: 'Hardcoded AWS access key id',
+        recommendation: 'Rotate via IAM and load from environment / role.',
+        pattern: /AKIA[0-9A-Z]{16}/,
+    }),
+    regexRule({
+        id: 'SEC-003', category: 'secrets', severity: 'critical',
+        description: 'Embedded BEGIN PRIVATE KEY block',
+        recommendation: 'Move to a secrets vault and rotate.',
+        pattern: /-----BEGIN (RSA |EC |OPENSSH |DSA |)PRIVATE KEY-----/,
+    }),
+    regexRule({
+        id: 'SEC-004', category: 'secrets', severity: 'high',
+        description: 'Inline password= "..." literal',
+        recommendation: 'Read from process.env or a secrets manager.',
+        pattern: /(?:^|[^A-Za-z_])password\s*[:=]\s*['"][^'"\s]{4,}['"]/i,
+    }),
+    regexRule({
+        id: 'SEC-005', category: 'secrets', severity: 'high',
+        description: 'AWS secret literal',
+        recommendation: 'Rotate and load from environment.',
+        pattern: /AWS_SECRET[_A-Z]*\s*[:=]\s*['"][^'"\s]{8,}['"]/,
+    }),
+    regexRule({
+        id: 'SEC-006', category: 'secrets', severity: 'critical',
+        description: 'GitHub personal-access token literal',
+        recommendation: 'Revoke immediately and use env var.',
+        pattern: /gh[pousr]_[A-Za-z0-9]{20,}/,
+    }),
+    regexRule({
+        id: 'SEC-007', category: 'code-injection', severity: 'high',
+        description: 'eval() call',
+        recommendation: 'Replace with a safe parser (JSON.parse, etc.).',
+        pattern: /(?:^|[^A-Za-z_$.])eval\s*\(/,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-008', category: 'code-injection', severity: 'high',
+        description: 'new Function() constructor',
+        recommendation: 'Replace with predefined functions or sandbox.',
+        pattern: /new\s+Function\s*\(/,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-009', category: 'command-injection', severity: 'high',
+        description: 'exec(`... ${...}`) template literal',
+        recommendation: 'Switch to execFile(cmd, [args]) — never interpolate.',
+        pattern: /\bexec\s*\(\s*`[^`]*\$\{/,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-010', category: 'sql-injection', severity: 'high',
+        description: 'SQL string concatenation',
+        recommendation: 'Use parameter placeholders ($1, ?) with the driver.',
+        pattern: /['"`]\s*(SELECT|INSERT|UPDATE)\b[^'"`]*['"`]\s*\+/i,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-011', category: 'xss', severity: 'high',
+        description: 'Dynamic innerHTML assignment',
+        recommendation: 'Use textContent or sanitise via DOMPurify.',
+        pattern: /\.innerHTML\s*=\s*[^'"`;]+(?:\+|\$\{|\()/,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-012', category: 'xss', severity: 'high',
+        description: 'dangerouslySetInnerHTML bound to a variable',
+        recommendation: 'Sanitise the HTML string with DOMPurify first.',
+        pattern: /dangerouslySetInnerHTML\s*=\s*\{\{\s*__html\s*:\s*[A-Za-z_$][\w$.]*\s*\}\}/,
+        appliesTo: isJsLike,
+    }),
+    regexRule({
+        id: 'SEC-013', category: 'auth', severity: 'critical',
+        description: 'JWT alg "none" allowed',
+        recommendation: 'Pin algorithms (HS256/RS256); never accept "none".',
+        pattern: /(['"]alg['"]\s*:\s*['"]none['"]|algorithms\s*:\s*\[\s*['"]none['"])/i,
+        appliesTo: isJsLike,
+    }),
+    // SEC-014: contextual — Math.random() in crypto-adjacent code
+    {
+        id: 'SEC-014', category: 'crypto', severity: 'medium',
+        description: 'Math.random() in crypto-adjacent code',
+        recommendation: 'Replace with crypto.randomBytes(); leave a TODO marker.',
+        appliesTo: isJsLike,
+        test: (ctx) => {
+            if (!/Math\.random\s*\(\s*\)/.test(ctx.line))
+                return null;
+            const lower = ctx.line.toLowerCase();
+            if (!/(token|secret|nonce|salt|password|otp|sessionid|api_?key)/.test(lower))
+                return null;
+            return {
+                id: 'SEC-014', severity: 'medium', category: 'crypto',
+                description: 'Math.random() in crypto-adjacent code',
+                recommendation: 'Use crypto.randomBytes() instead.',
+            };
+        },
+    },
+    // SEC-015: weak hash — supports auto-fix for md5 only
+    {
+        id: 'SEC-015', category: 'crypto', severity: 'high',
+        description: "createHash('md5'/'sha1') is weak",
+        recommendation: "Replace with createHash('sha256') or use bcrypt/argon2 for passwords.",
+        appliesTo: isJsLike,
+        test: (ctx) => {
+            const m = /createHash\(\s*['"](md5|sha1)['"]\s*\)/.exec(ctx.line);
+            if (!m)
+                return null;
+            const algo = m[1];
+            return {
+                id: 'SEC-015', severity: 'high', category: 'crypto',
+                description: `createHash('${algo}') is weak`,
+                recommendation: `Replace with createHash('sha256') or bcrypt for passwords.`,
+                fix: algo === 'md5'
+                    ? { find: `createHash('md5')`, replace: `createHash('sha256')`, label: 'md5 -> sha256' }
+                    : undefined,
+            };
+        },
+    },
+    // SEC-016: open CORS * with credentials — needs whole-file context
+    {
+        id: 'SEC-016', category: 'cors', severity: 'high',
+        description: 'Wildcard CORS origin with credentials enabled',
+        recommendation: 'Echo a vetted Origin header instead of *.',
+        appliesTo: isJsLike,
+        test: (ctx) => {
+            if (!/Access-Control-Allow-Origin['"\s:,]+\*/i.test(ctx.line))
+                return null;
+            if (!/Access-Control-Allow-Credentials['"\s:,]+true/i.test(ctx.fullText))
+                return null;
+            return {
+                id: 'SEC-016', severity: 'high', category: 'cors',
+                description: 'Wildcard CORS origin with credentials enabled',
+                recommendation: 'Echo a vetted Origin header instead of *.',
+            };
+        },
+    },
+    // SEC-017: <form method="post"> with no csrf token anywhere in the file
+    {
+        id: 'SEC-017', category: 'csrf', severity: 'medium',
+        description: 'POST form without CSRF token',
+        recommendation: 'Add a hidden CSRF token input or use SameSite=strict cookies.',
+        test: (ctx) => {
+            if (!/<form[^>]*method\s*=\s*["']post["']/i.test(ctx.line))
+                return null;
+            if (/csrf|_token|csrfToken/i.test(ctx.fullText))
+                return null;
+            return {
+                id: 'SEC-017', severity: 'medium', category: 'csrf',
+                description: 'POST form without CSRF token',
+                recommendation: 'Add a hidden CSRF token input.',
+            };
+        },
+    },
+];
+export const RULES_BY_ID = Object.fromEntries(RULES.map((r) => [r.id, r]));
+export const SEVERITY_RANK = {
+    critical: 0, high: 1, medium: 2, low: 3, info: 4,
+};
+export const SCANNABLE_EXT = /\.(ts|tsx|js|jsx|mjs|cjs|json)$/;
+export function shouldScan(file) {
+    if (isEnvLike(file))
+        return true;
+    if (SCANNABLE_EXT.test(file))
+        return true;
+    if (isJson(file))
+        return true;
+    return false;
+}
+//# sourceMappingURL=security-rules.js.map

package/dist/agents/specialists.d.ts

@@ -3,6 +3,12 @@ export interface SpecialistDef {
     icon: string;
     color: string;
     prompt: string;
+    /**
+     * Optional whitelist of tool names this specialist is allowed to call.
+     * When omitted (or empty), the specialist inherits the global tool set.
+     * Used by the workspace agent runtime to gate tool execution per-specialist.
+     */
+    allowedTools?: string[];
 }
 export declare const SPECIALISTS: Record<string, SpecialistDef>;
 //# sourceMappingURL=specialists.d.ts.map

package/dist/agents/specialists.js

@@ -126,6 +126,7 @@ You know Ableton Live 12 at an expert level — 20 instruments, 58 audio effects
         prompt: `You are a Security specialist — a defensive security engineer who protects systems and users.
 
 When reviewing for security:
+- Step 0 (always first): run \`security_agent_scan\` over the target directory in \`report-only\` mode. Surface critical+high findings before running heavier tools. Use \`security_agent_report\` to format the consolidated output.
 - Check OWASP Top 10: injection, broken auth, sensitive data exposure, XXE, broken access control, misconfiguration, XSS, insecure deserialization, vulnerable dependencies, insufficient logging
 - Review auth flows: JWT handling, session management, RBAC enforcement
 - Check for secrets in code: API keys, tokens, passwords, connection strings
@@ -135,6 +136,50 @@ When reviewing for security:
 - Rate findings: Critical (exploit now) → High → Medium → Low (hardening)
 
 You think like an attacker to defend like a guardian. Every input is hostile until proven otherwise.`,
+        allowedTools: [
+            // Unified security agent (always first — Step 0)
+            'security_agent_scan',
+            'security_agent_report',
+            // Code/file inspection
+            'read_file',
+            'grep',
+            'glob',
+            'list_directory',
+            // Dependency + secret scanning
+            'dep_audit',
+            'deps_audit',
+            'secret_scan',
+            'license_check',
+            // Vulnerability research / CVE
+            'cve_lookup',
+            'exploit_search',
+            'attack_lookup',
+            'threat_feed',
+            // Hardening + reporting
+            'security_brain',
+            'security_headers_generate',
+            'security_hunt',
+            'blueteam_checklist',
+            'blueteam_harden',
+            'redteam_report',
+            'threat_model',
+            'killchain_analyze',
+            'incident_response',
+            'forensics_analyze',
+            // Web/HTTP surface checks
+            'headers_check',
+            'cors_check',
+            'ssl_check',
+            'ssl_analyze',
+            'owasp_check',
+            'jwt_analyze',
+            // General workflow
+            'web_search',
+            'url_fetch',
+            'agent_memory_read',
+            'agent_memory_write',
+            'team_handoff',
+        ],
     },
     curator: {
         name: 'Curator',

package/dist/architect.js

@@ -320,6 +320,11 @@ function displayReport(report) {
  * @returns Full report of the architect session
  */
 export async function runArchitectMode(task, options = {}) {
+    // Default architect role to Claude Opus 4.7 (Apr 2026) — best long-horizon
+    // SWE + computer-use model. User --model flag still wins.
+    if (!options.model || options.model === 'auto') {
+        options = { ...options, model: 'claude-opus-4-7' };
+    }
     printInfo('Entering architect mode...');
     console.log();
     // Phase 1: Architect creates plan

package/dist/auth.js

@@ -28,7 +28,7 @@ export const PROVIDERS = {
         inputCost: 3.0,
         outputCost: 15.0,
         authHeader: 'x-api-key',
-        models: ['claude-mythos-1', 'claude-opus-4-6', 'claude-sonnet-4-6', 'claude-haiku-4-5-20251001'],
+        models: ['claude-mythos-1', 'claude-opus-4-7', 'claude-opus-4-6', 'claude-sonnet-4-6', 'claude-haiku-4-5-20251001'],
     },
     openai: {
         name: 'OpenAI',

package/dist/channels/matrix.d.ts

@@ -0,0 +1,4 @@
+import { type ChannelAdapter } from './types.js';
+export declare const matrixAdapter: ChannelAdapter;
+export default matrixAdapter;
+//# sourceMappingURL=matrix.d.ts.map

package/dist/channels/matrix.js

@@ -0,0 +1,28 @@
+// Matrix channel adapter — STUB.
+//
+// TODO: Implement against the Matrix Client-Server API.
+//   - MATRIX_HOMESERVER (e.g. https://matrix.org)
+//   - MATRIX_TOKEN (access token from /login or a registered application service)
+//   - MATRIX_USER_ID (optional — only required for some endpoints)
+//   - send → PUT {homeserver}/_matrix/client/v3/rooms/{roomId}/send/m.room.message/{txnId}
+//   - receive → /sync endpoint with `since` token (kbot persists the token
+//     between calls) → translate timeline events into ChannelMessage.
+//   - listChannels → /joined_rooms then resolve names via /state.
+import { ChannelNotImplementedError } from './types.js';
+export const matrixAdapter = {
+    name: 'matrix',
+    isConfigured() {
+        return Boolean(process.env.MATRIX_HOMESERVER && process.env.MATRIX_TOKEN);
+    },
+    async send() {
+        throw new ChannelNotImplementedError('matrix');
+    },
+    async receive() {
+        throw new ChannelNotImplementedError('matrix');
+    },
+    async listChannels() {
+        throw new ChannelNotImplementedError('matrix');
+    },
+};
+export default matrixAdapter;
+//# sourceMappingURL=matrix.js.map

package/dist/channels/office.d.ts

@@ -0,0 +1,78 @@
+import type { ChannelAdapter, ChannelEnvelope, ChannelInfo, ChannelMessage, ChannelReceiveOptions } from './types.js';
+interface GraphDriveItem {
+    id: string;
+    name?: string;
+    webUrl?: string;
+    folder?: {
+        childCount?: number;
+    };
+    file?: {
+        mimeType?: string;
+    };
+    size?: number;
+}
+export interface ListFilesOptions {
+    driveId?: string;
+    folderId?: string;
+}
+export interface ReadDocumentOptions {
+    fileId: string;
+    /** "raw" returns the file bytes as text; "worksheets" lists Excel sheets. */
+    format?: 'raw' | 'worksheets';
+}
+export interface WriteDocumentSectionOptions {
+    fileId: string;
+    /** Path within the document. Currently informational — see TODO below. */
+    sectionPath: string;
+    content: string | Uint8Array;
+}
+export interface AppendToWorkbookOptions {
+    fileId: string;
+    sheet: string;
+    rows: Array<Array<string | number | boolean | null>>;
+    /** Table name in the worksheet. Defaults to "Table1". */
+    table?: string;
+}
+export interface AddSlideOptions {
+    fileId: string;
+    layout?: string;
+    content?: Record<string, unknown>;
+}
+export declare class OfficeChannel implements ChannelAdapter {
+    readonly name = "office";
+    isConfigured(): boolean;
+    /** Post a comment to a drive item (file). `envelope.channel` is the fileId. */
+    send(envelope: ChannelEnvelope): Promise<{
+        id: string;
+        ts: number;
+    }>;
+    /** List comments on a drive item. `opts.channel` is the fileId. */
+    receive(opts: ChannelReceiveOptions): Promise<ChannelMessage[]>;
+    /** List drive root children. */
+    listChannels(): Promise<ChannelInfo[]>;
+    listFiles(options?: ListFilesOptions): Promise<GraphDriveItem[]>;
+    readDocument(options: ReadDocumentOptions): Promise<string | unknown>;
+    /**
+     * Replace an entire Word document with `content`.
+     *
+     * TODO(office-add-in): For surgical, paragraph- or range-level edits, route
+     * through an Office Add-in's `Word.Range` API (Word JavaScript API). The
+     * Graph REST surface does not expose Word ranges directly; the standard
+     * workaround is the Office Add-in JS bridge.
+     */
+    writeDocumentSection(options: WriteDocumentSectionOptions): Promise<{
+        id: string;
+        size?: number;
+    }>;
+    appendToWorkbook(options: AppendToWorkbookOptions): Promise<unknown>;
+    /**
+     * TODO(pptx): Microsoft Graph does not expose slide-level mutation. The
+     * workaround is to regenerate the .pptx (e.g. via `pptxgenjs`) and PUT the
+     * bytes back via `/me/drive/items/{fileId}/content`. Until that dependency
+     * is wired, this method throws.
+     */
+    addSlide(_options: AddSlideOptions): Promise<never>;
+}
+export declare const officeAdapter: ChannelAdapter;
+export default officeAdapter;
+//# sourceMappingURL=office.d.ts.map