@kernel.chat/kbot 3.99.31 → 3.99.34

package/dist/tools/file-library-tools.d.ts

@@ -0,0 +1,12 @@
+/**
+ * File Library tool definitions.
+ *
+ * These mirror ChatGPT's File Library surface: add, list, search, get.
+ * Definitions only — NOT registered here. Wire-up belongs in tools/index.ts.
+ */
+import type { ToolDefinition } from "./index.js";
+export declare const fileLibraryAddTool: ToolDefinition;
+export declare const fileLibraryListTool: ToolDefinition;
+export declare const fileLibrarySearchTool: ToolDefinition;
+export declare const fileLibraryGetTool: ToolDefinition;
+//# sourceMappingURL=file-library-tools.d.ts.map

package/dist/tools/file-library-tools.js

@@ -0,0 +1,191 @@
+/**
+ * File Library tool definitions.
+ *
+ * These mirror ChatGPT's File Library surface: add, list, search, get.
+ * Definitions only — NOT registered here. Wire-up belongs in tools/index.ts.
+ */
+import { getDefaultFileLibrary, } from "../file-library.js";
+const VALID_SOURCES = [
+    "user-upload",
+    "agent-output",
+    "tool-output",
+];
+function lib() {
+    return getDefaultFileLibrary();
+}
+function asString(v) {
+    return v === undefined || v === null ? "" : String(v);
+}
+function fmtEntry(e) {
+    return {
+        id: e.id,
+        name: e.name,
+        mimeType: e.mimeType,
+        size: e.size,
+        createdAt: e.createdAt,
+        source: e.source,
+        tags: e.tags,
+    };
+}
+export const fileLibraryAddTool = {
+    name: "file_library_add",
+    description: "Save a file into the local File Library. Provide content (utf8 string) or base64-encoded bytes. Returns the new entry id and metadata.",
+    tier: "free",
+    parameters: {
+        name: {
+            type: "string",
+            description: "File name (e.g. 'report.md')",
+            required: true,
+        },
+        mimeType: {
+            type: "string",
+            description: "MIME type (e.g. 'text/markdown', 'application/pdf')",
+            required: true,
+        },
+        source: {
+            type: "string",
+            description: "Origin: 'user-upload' | 'agent-output' | 'tool-output'",
+            required: true,
+        },
+        content: {
+            type: "string",
+            description: "UTF-8 text content. Omit if using contentBase64.",
+        },
+        contentBase64: {
+            type: "string",
+            description: "Base64-encoded bytes. Omit if using content.",
+        },
+        tags: {
+            type: "array",
+            description: "Optional tags",
+            items: { type: "string" },
+        },
+    },
+    async execute(args) {
+        const name = asString(args.name);
+        const mimeType = asString(args.mimeType);
+        const sourceRaw = asString(args.source);
+        if (!VALID_SOURCES.includes(sourceRaw)) {
+            return `Error: source must be one of ${VALID_SOURCES.join(", ")}`;
+        }
+        const content = args.content === undefined ? undefined : asString(args.content);
+        const contentBase64 = args.contentBase64 === undefined
+            ? undefined
+            : asString(args.contentBase64);
+        if ((content === undefined && contentBase64 === undefined) ||
+            (content !== undefined && contentBase64 !== undefined)) {
+            return "Error: provide exactly one of `content` or `contentBase64`";
+        }
+        const tags = Array.isArray(args.tags)
+            ? args.tags.filter((t) => typeof t === "string")
+            : undefined;
+        try {
+            const entry = contentBase64 !== undefined
+                ? await lib().addFile({
+                    name,
+                    mimeType,
+                    source: sourceRaw,
+                    buffer: Buffer.from(contentBase64, "base64"),
+                    tags,
+                })
+                : await lib().addFile({
+                    name,
+                    mimeType,
+                    source: sourceRaw,
+                    content,
+                    tags,
+                });
+            return JSON.stringify(fmtEntry(entry), null, 2);
+        }
+        catch (err) {
+            return `Error: ${err.message}`;
+        }
+    },
+};
+export const fileLibraryListTool = {
+    name: "file_library_list",
+    description: "List files in the File Library, newest first. Optional filters: limit, since (ISO date), tag.",
+    tier: "free",
+    parameters: {
+        limit: { type: "number", description: "Max entries to return" },
+        since: {
+            type: "string",
+            description: "ISO 8601 date — only entries created at or after this time",
+        },
+        tag: { type: "string", description: "Filter to entries that have this tag" },
+    },
+    async execute(args) {
+        const limit = typeof args.limit === "number" ? args.limit : undefined;
+        const since = args.since === undefined ? undefined : asString(args.since);
+        const tag = args.tag === undefined ? undefined : asString(args.tag);
+        try {
+            const entries = await lib().listFiles({ limit, since, tag });
+            return JSON.stringify({ count: entries.length, entries: entries.map(fmtEntry) }, null, 2);
+        }
+        catch (err) {
+            return `Error: ${err.message}`;
+        }
+    },
+};
+export const fileLibrarySearchTool = {
+    name: "file_library_search",
+    description: "Search the File Library. Modes: 'name' (substring on name), 'content' (substring on text contents), 'both' (union).",
+    tier: "free",
+    parameters: {
+        query: { type: "string", description: "Substring to match", required: true },
+        mode: {
+            type: "string",
+            description: "'name' | 'content' | 'both'",
+            required: true,
+        },
+    },
+    async execute(args) {
+        const query = asString(args.query);
+        const mode = asString(args.mode);
+        if (mode !== "name" && mode !== "content" && mode !== "both") {
+            return "Error: mode must be 'name' | 'content' | 'both'";
+        }
+        try {
+            const entries = await lib().searchFiles({ query, mode });
+            return JSON.stringify({ count: entries.length, entries: entries.map(fmtEntry) }, null, 2);
+        }
+        catch (err) {
+            return `Error: ${err.message}`;
+        }
+    },
+};
+export const fileLibraryGetTool = {
+    name: "file_library_get",
+    description: "Fetch a file by id. For text mimes returns utf-8 content; for binary returns base64.",
+    tier: "free",
+    parameters: {
+        id: { type: "string", description: "File id (sha256 hex)", required: true },
+        encoding: {
+            type: "string",
+            description: "'utf8' | 'base64' (default: auto by mimeType)",
+        },
+    },
+    async execute(args) {
+        const id = asString(args.id);
+        const encodingArg = args.encoding === undefined ? undefined : asString(args.encoding);
+        try {
+            const got = await lib().getFile(id);
+            if (!got)
+                return `Error: file not found: ${id}`;
+            const { entry, buffer } = got;
+            const isText = /^text\//i.test(entry.mimeType) ||
+                /^application\/(json|yaml|x-yaml|xml|javascript|typescript)$/i.test(entry.mimeType);
+            const encoding = encodingArg === "utf8" || encodingArg === "base64"
+                ? encodingArg
+                : isText
+                    ? "utf8"
+                    : "base64";
+            const content = encoding === "utf8" ? buffer.toString("utf8") : buffer.toString("base64");
+            return JSON.stringify({ entry: fmtEntry(entry), encoding, content }, null, 2);
+        }
+        catch (err) {
+            return `Error: ${err.message}`;
+        }
+    },
+};
+//# sourceMappingURL=file-library-tools.js.map

package/dist/tools/image-thoughtful.d.ts

@@ -0,0 +1,31 @@
+import { z } from 'zod';
+import type { ToolDefinition } from './index.js';
+export declare const imageThoughtfulInputSchema: z.ZodObject<{
+    prompt: z.ZodString;
+    aspect_ratio: z.ZodDefault<z.ZodOptional<z.ZodEnum<["1:1", "16:9", "9:16", "4:3", "3:4"]>>>;
+    thinking_steps: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    style_hints: z.ZodOptional<z.ZodString>;
+    reference_image_url: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    prompt: string;
+    aspect_ratio: "1:1" | "16:9" | "9:16" | "4:3" | "3:4";
+    thinking_steps: number;
+    style_hints?: string | undefined;
+    reference_image_url?: string | undefined;
+}, {
+    prompt: string;
+    aspect_ratio?: "1:1" | "16:9" | "9:16" | "4:3" | "3:4" | undefined;
+    thinking_steps?: number | undefined;
+    style_hints?: string | undefined;
+    reference_image_url?: string | undefined;
+}>;
+export type ImageThoughtfulInput = z.infer<typeof imageThoughtfulInputSchema>;
+export interface ImageThoughtfulOutput {
+    url: string;
+    plan: string;
+    refinements: string[];
+    final_prompt: string;
+}
+export declare function runImageThoughtful(rawInput: unknown, env?: NodeJS.ProcessEnv): Promise<ImageThoughtfulOutput>;
+export declare const imageThoughtfulTool: ToolDefinition;
+//# sourceMappingURL=image-thoughtful.d.ts.map

package/dist/tools/image-thoughtful.js

@@ -0,0 +1,233 @@
+// kbot Image Thoughtful Tool
+// Mirrors OpenAI's "Images 2.0 with thinking": plan → refine (1..N) → generate.
+// The thinking phase uses gpt-4o-mini chat completions; the final generation
+// hits the OpenAI Images API (gpt-image-2). Reference images are forwarded as
+// input_image when supplied.
+import { z } from 'zod';
+// ─────────────────────────────────────────────────────────────────────────
+// Schema
+// ─────────────────────────────────────────────────────────────────────────
+const AspectRatio = z.enum(['1:1', '16:9', '9:16', '4:3', '3:4']);
+export const imageThoughtfulInputSchema = z.object({
+    prompt: z.string().min(1, 'prompt is required'),
+    aspect_ratio: AspectRatio.optional().default('1:1'),
+    thinking_steps: z.number().int().min(1).max(5).optional().default(3),
+    style_hints: z.string().optional(),
+    reference_image_url: z.string().url().optional(),
+});
+// ─────────────────────────────────────────────────────────────────────────
+// Aspect ratio → image API "size"
+// ─────────────────────────────────────────────────────────────────────────
+const SIZE_MAP = {
+    '1:1': '1024x1024',
+    '16:9': '1792x1024',
+    '9:16': '1024x1792',
+    '4:3': '1408x1056',
+    '3:4': '1056x1408',
+};
+// ─────────────────────────────────────────────────────────────────────────
+// OpenAI helpers (built-in fetch, no SDK)
+// ─────────────────────────────────────────────────────────────────────────
+const OPENAI_CHAT_URL = 'https://api.openai.com/v1/chat/completions';
+const OPENAI_IMAGE_URL = 'https://api.openai.com/v1/images/generations';
+const PLANNING_MODEL = 'gpt-4o-mini';
+const IMAGE_MODEL = 'gpt-image-2';
+async function openaiChat(apiKey, messages, opts = {}) {
+    const body = {
+        model: PLANNING_MODEL,
+        messages,
+        temperature: opts.temperature ?? 0.4,
+    };
+    if (opts.jsonMode) {
+        body.response_format = { type: 'json_object' };
+    }
+    const res = await fetch(OPENAI_CHAT_URL, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${apiKey}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const text = await res.text().catch(() => '');
+        throw new Error(`OpenAI chat failed: ${res.status} ${res.statusText} ${text}`.trim());
+    }
+    const data = (await res.json());
+    const content = data.choices?.[0]?.message?.content;
+    if (!content) {
+        throw new Error('OpenAI chat returned no content');
+    }
+    return content;
+}
+async function openaiImage(apiKey, prompt, size, referenceImageUrl) {
+    const body = {
+        model: IMAGE_MODEL,
+        prompt,
+        size,
+        n: 1,
+    };
+    if (referenceImageUrl) {
+        body.input_image = referenceImageUrl;
+    }
+    const res = await fetch(OPENAI_IMAGE_URL, {
+        method: 'POST',
+        headers: {
+            Authorization: `Bearer ${apiKey}`,
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const text = await res.text().catch(() => '');
+        throw new Error(`OpenAI image failed: ${res.status} ${res.statusText} ${text}`.trim());
+    }
+    const data = (await res.json());
+    const url = data.data?.[0]?.url;
+    if (!url) {
+        // gpt-image-* sometimes returns b64; surface that as a data URL
+        const b64 = data.data?.[0]?.b64_json;
+        if (b64)
+            return `data:image/png;base64,${b64}`;
+        throw new Error('OpenAI image returned no url');
+    }
+    return url;
+}
+// ─────────────────────────────────────────────────────────────────────────
+// Plan + refine loop
+// ─────────────────────────────────────────────────────────────────────────
+function planSystemPrompt() {
+    return [
+        'You are an expert art director planning an image before generation.',
+        'Return a JSON object with keys: composition, palette, key_elements, mood, lighting, style.',
+        'Keep each value to one or two sentences. Be concrete and visual.',
+    ].join(' ');
+}
+function critiqueSystemPrompt() {
+    return [
+        'You are a critic refining an image plan. Read the prompt and the current plan,',
+        'identify the single weakest element, and return an improved JSON plan with the',
+        'same keys (composition, palette, key_elements, mood, lighting, style).',
+        'Do not restate the brief — produce the next iteration of the plan only.',
+    ].join(' ');
+}
+function finalPromptSystemPrompt() {
+    return [
+        'You compose the final image-generation prompt. Combine the brief, plan, and any',
+        'style hints into a single cohesive paragraph (no JSON, no headings, no lists).',
+        'Lead with subject and composition, then palette, lighting, mood, and style.',
+    ].join(' ');
+}
+function buildPlanUserContent(input) {
+    const parts = [
+        {
+            type: 'text',
+            text: [
+                `Brief: ${input.prompt}`,
+                `Aspect ratio: ${input.aspect_ratio}`,
+                input.style_hints ? `Style hints: ${input.style_hints}` : null,
+            ]
+                .filter(Boolean)
+                .join('\n'),
+        },
+    ];
+    if (input.reference_image_url) {
+        parts.push({ type: 'input_image', image_url: input.reference_image_url });
+    }
+    return parts;
+}
+// ─────────────────────────────────────────────────────────────────────────
+// Tool definition
+// ─────────────────────────────────────────────────────────────────────────
+export async function runImageThoughtful(rawInput, env = process.env) {
+    const input = imageThoughtfulInputSchema.parse(rawInput);
+    const apiKey = env.OPENAI_API_KEY;
+    if (!apiKey) {
+        throw new Error('OPENAI_API_KEY is not set');
+    }
+    // 1. Plan
+    const plan = await openaiChat(apiKey, [
+        { role: 'system', content: planSystemPrompt() },
+        { role: 'user', content: buildPlanUserContent(input) },
+    ], { jsonMode: true, temperature: 0.5 });
+    // 2. Refine (thinking_steps - 1 critiques; thinking_steps=1 means no refinement)
+    const refinements = [];
+    let currentPlan = plan;
+    for (let i = 1; i < input.thinking_steps; i++) {
+        const next = await openaiChat(apiKey, [
+            { role: 'system', content: critiqueSystemPrompt() },
+            {
+                role: 'user',
+                content: [
+                    { type: 'text', text: `Brief: ${input.prompt}` },
+                    { type: 'text', text: `Current plan: ${currentPlan}` },
+                ],
+            },
+        ], { jsonMode: true, temperature: 0.5 });
+        refinements.push(next);
+        currentPlan = next;
+    }
+    // 3. Compose final prompt
+    const finalPromptText = await openaiChat(apiKey, [
+        { role: 'system', content: finalPromptSystemPrompt() },
+        {
+            role: 'user',
+            content: [
+                `Brief: ${input.prompt}`,
+                input.style_hints ? `Style hints: ${input.style_hints}` : '',
+                `Plan: ${currentPlan}`,
+            ]
+                .filter(Boolean)
+                .join('\n\n'),
+        },
+    ], { temperature: 0.4 });
+    // 4. Generate
+    const url = await openaiImage(apiKey, finalPromptText, SIZE_MAP[input.aspect_ratio], input.reference_image_url);
+    return {
+        url,
+        plan,
+        refinements,
+        final_prompt: finalPromptText,
+    };
+}
+export const imageThoughtfulTool = {
+    name: 'image_thoughtful',
+    description: 'Generate an image with an explicit plan/refine loop. Plans the image (composition, palette, key elements), critiques and refines the plan, then issues the final OpenAI image generation. Returns the image URL plus the full reasoning trail.',
+    tier: 'pro',
+    parameters: {
+        prompt: {
+            type: 'string',
+            description: 'What to draw — the brief.',
+            required: true,
+        },
+        aspect_ratio: {
+            type: 'string',
+            description: 'One of "1:1", "16:9", "9:16", "4:3", "3:4". Default "1:1".',
+            default: '1:1',
+        },
+        thinking_steps: {
+            type: 'number',
+            description: 'How many plan iterations to run (1..5). Default 3. 1 skips refinement.',
+            default: 3,
+        },
+        style_hints: {
+            type: 'string',
+            description: 'Optional style guidance ("oil painting", "ukiyo-e", "isometric vector").',
+        },
+        reference_image_url: {
+            type: 'string',
+            description: 'Optional URL of a reference image. Passed to the planning model and forwarded to the image API as input_image.',
+        },
+    },
+    async execute(args) {
+        try {
+            const out = await runImageThoughtful(args);
+            return JSON.stringify(out, null, 2);
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            return `Error: ${message}`;
+        }
+    },
+};
+//# sourceMappingURL=image-thoughtful.js.map

package/dist/tools/index.js

@@ -338,6 +338,7 @@ const LAZY_MODULE_IMPORTS = [
     { path: './stream-vod.js', registerFn: 'registerStreamVODTools' },
     { path: './stream-commands.js', registerFn: 'registerStreamCommandsTools' },
     { path: '../coordinator.js', registerFn: 'registerCoordinatorTools' },
+    { path: './swarm-2026-04.js', registerFn: 'registerSwarm2026Tools' },
 ];
 /** Track whether lazy tools have been registered */
 let lazyToolsRegistered = false;

package/dist/tools/matrix.js

@@ -5,10 +5,10 @@ import { createAgent, listAgents, removeAgent, PRESETS, } from '../matrix.js';
 export function registerMatrixTools() {
     registerTool({
         name: 'create_agent',
-        description: 'Create a new specialist agent in the matrix. The agent gets a custom system prompt and can be invoked later by switching to it with /agent <id>. Use this when a task needs a specific expert perspective (e.g., security auditor, UX critic, devil\'s advocate). Preset templates available: ' + Object.keys(PRESETS).join(', '),
+        description: 'Define a kbot specialist role (a saved prompt configuration with a custom system prompt). The user can later invoke this role by running /agent <id> in the kbot CLI. Useful when a task benefits from a specific expert framing (e.g., security auditor, UX critic, devil\'s advocate). Preset templates available: ' + Object.keys(PRESETS).join(', '),
         parameters: {
             name: { type: 'string', description: 'Human-readable name (e.g., "Security Auditor")', required: true },
-            system_prompt: { type: 'string', description: 'System prompt defining the agent\'s expertise, personality, and evaluation criteria', required: true },
+            system_prompt: { type: 'string', description: 'System prompt defining the role\'s expertise, tone, and evaluation criteria', required: true },
         },
         tier: 'free',
         execute: async (args) => {
@@ -28,7 +28,7 @@ export function registerMatrixTools() {
     });
     registerTool({
         name: 'spawn_preset_agent',
-        description: 'Spawn a pre-built specialist agent from the template library. Available presets: ' + Object.entries(PRESETS).map(([id, p]) => `${id} (${p.name})`).join(', '),
+        description: 'Instantiate a pre-built kbot specialist role from the template library (saved prompt configurations the user can invoke manually). Available presets: ' + Object.entries(PRESETS).map(([id, p]) => `${id} (${p.name})`).join(', '),
         parameters: {
             preset: { type: 'string', description: 'Preset ID: ' + Object.keys(PRESETS).join(', '), required: true },
         },

package/dist/tools/redblue.js

@@ -2721,7 +2721,7 @@ export function registerRedBlueTools() {
     // ─── Tool 1: Red Team Scan ───────────────────────────────────────────────────
     registerTool({
         name: 'redteam_scan',
-        description: 'Red team: scan a codebase for vulnerabilities. Reads source files and pattern-matches for secrets, injection vectors, auth issues, crypto weaknesses, dependency vulnerabilities, and configuration problems. Thinks like an attacker. Returns findings with severity, file, line, evidence, exploitation scenario, and CWE ID.',
+        description: 'Security audit (defensive — finds issues before attackers): scan a codebase for vulnerabilities. Reads source files and pattern-matches for secrets, injection vectors, auth issues, crypto weaknesses, dependency vulnerabilities, and configuration problems. Returns findings with severity, file, line, evidence, an exploitation scenario for context, and CWE ID. Defensive security context: use only on codebases you own or have explicit permission to audit.',
         parameters: {
             path: { type: 'string', description: 'Directory to scan (default: current directory)' },
             focus: { type: 'string', description: 'Scan focus: "secrets", "injection", "auth", "crypto", "deps", "config", "all" (default: "all")' },
@@ -2941,7 +2941,7 @@ export function registerRedBlueTools() {
     // ─── Tool 3: Red Team Report ─────────────────────────────────────────────────
     registerTool({
         name: 'redteam_report',
-        description: 'Generate a professional penetration test report. Runs a full red team scan and formats results as an executive assessment with risk score, attack surface mapping, critical findings with exploitation scenarios, risk matrix, and prioritized remediation plan.',
+        description: 'Generate a professional penetration test report (defensive security assessment). Runs a full security audit and formats results as an executive assessment with risk score, attack surface mapping, critical findings with exploitation scenarios for context, risk matrix, and prioritized remediation plan. Defensive security context: use only on systems you own or have explicit permission to test.',
         parameters: {
             path: { type: 'string', description: 'Directory to assess (default: current directory)' },
         },

package/dist/tools/security-agent-tools.d.ts

@@ -0,0 +1,34 @@
+import { z } from 'zod';
+import { type SecurityReport } from '../agents/security-agent.js';
+export declare const securityAgentScanSchema: z.ZodObject<{
+    target: z.ZodString;
+    mode: z.ZodDefault<z.ZodEnum<["scan", "scan-and-fix", "report-only"]>>;
+}, "strip", z.ZodTypeAny, {
+    target: string;
+    mode: "scan" | "scan-and-fix" | "report-only";
+}, {
+    target: string;
+    mode?: "scan" | "scan-and-fix" | "report-only" | undefined;
+}>;
+export declare const securityAgentReportSchema: z.ZodObject<{
+    target: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    target: string;
+}, {
+    target: string;
+}>;
+export interface SecurityAgentToolDef<TArgs, TResult> {
+    name: string;
+    description: string;
+    schema: z.ZodTypeAny;
+    run: (args: TArgs) => Promise<TResult>;
+}
+export declare const securityAgentScan: SecurityAgentToolDef<z.infer<typeof securityAgentScanSchema>, SecurityReport>;
+export declare const securityAgentReport: SecurityAgentToolDef<z.infer<typeof securityAgentReportSchema>, string>;
+export declare const SECURITY_AGENT_TOOLS: (SecurityAgentToolDef<{
+    target: string;
+    mode: "scan" | "scan-and-fix" | "report-only";
+}, SecurityReport> | SecurityAgentToolDef<{
+    target: string;
+}, string>)[];
+//# sourceMappingURL=security-agent-tools.d.ts.map

package/dist/tools/security-agent-tools.js

@@ -0,0 +1,30 @@
+// kbot tool definitions for the unified security agent.
+// NOT registered in tools/index.ts — wire them in deliberately when promoting
+// the security agent surface (see guardian/hacker integration notes).
+import { z } from 'zod';
+import { runSecurityAgent } from '../agents/security-agent.js';
+export const securityAgentScanSchema = z.object({
+    target: z.string().describe('Absolute or relative directory to scan'),
+    mode: z.enum(['scan', 'scan-and-fix', 'report-only']).default('scan'),
+});
+export const securityAgentReportSchema = z.object({
+    target: z.string().describe('Directory to scan and produce a Markdown report for'),
+});
+export const securityAgentScan = {
+    name: 'security_agent_scan',
+    description: 'Run the kbot security agent over a directory. Modes: scan | scan-and-fix | report-only. ' +
+        'Returns the full structured SecurityReport.',
+    schema: securityAgentScanSchema,
+    run: async (args) => runSecurityAgent({ target: args.target, mode: args.mode }),
+};
+export const securityAgentReport = {
+    name: 'security_agent_report',
+    description: 'Run the kbot security agent in read-only mode and return only the Markdown summary.',
+    schema: securityAgentReportSchema,
+    run: async (args) => {
+        const report = await runSecurityAgent({ target: args.target, mode: 'report-only' });
+        return report.summary;
+    },
+};
+export const SECURITY_AGENT_TOOLS = [securityAgentScan, securityAgentReport];
+//# sourceMappingURL=security-agent-tools.js.map

package/dist/tools/security-hunt.js

@@ -621,7 +621,7 @@ function formatReport(report) {
 export function registerSecurityHuntTools() {
     registerTool({
         name: 'security_hunt',
-        description: 'Autonomous security hunting — chains all kbot security tools into a single comprehensive pentest sweep. Scans for: open ports, SSL issues, missing headers, hardcoded secrets, dependency CVEs, supply chain risks, OWASP Top 10 code vulnerabilities, and dangerous patterns. Returns a scored report with severity ratings and fix recommendations. Inspired by autonomous vulnerability research.',
+        description: 'Defensive security audit — chains kbot\'s security scanners into a single comprehensive sweep. Scans for: open ports, SSL issues, missing headers, hardcoded secrets, dependency CVEs, supply chain risks, OWASP Top 10 code vulnerabilities, and dangerous patterns. Returns a scored report with severity ratings and fix recommendations. Defensive security context: use only on systems you own or have explicit permission to test.',
         parameters: {
             path: {
                 type: 'string',

package/dist/tools/subagent.js

@@ -21,7 +21,7 @@ export function setParentAgentOptions(opts) {
 export function registerSubagentTools() {
     registerTool({
         name: 'spawn_agent',
-        description: 'Spawn a specialist subagent to handle a task. The subagent runs independently with its own context and tools. Returns the subagent ID — use agent_result to get the output.',
+        description: 'Instantiate a worker process that runs the kbot CLI loop with a specialist role to handle a delegated task. The worker has its own conversation context and tool access for that single task. Returns the worker ID — use agent_result to retrieve the output.',
         parameters: {
             prompt: { type: 'string', description: 'Task for the subagent to perform', required: true },
             agent: { type: 'string', description: 'Specialist agent to use: kernel, researcher, coder, writer, analyst, aesthete, guardian, curator, strategist, creative (default: auto)' },
@@ -76,7 +76,7 @@ export function registerSubagentTools() {
     });
     registerTool({
         name: 'spawn_parallel',
-        description: 'Spawn multiple subagents in parallel and wait for all results. Each agent works independently on its task.',
+        description: 'Run multiple kbot worker processes in parallel and wait for all results. Each worker handles one task independently.',
         parameters: {
             tasks: {
                 type: 'array',

package/dist/tools/swarm-2026-04.d.ts

@@ -0,0 +1,2 @@
+export declare function registerSwarm2026Tools(): void;
+//# sourceMappingURL=swarm-2026-04.d.ts.map