@matyah00/openpi 0.1.5 → 0.2.0

package/extensions/agent-chain.ts

@@ -8,9 +8,10 @@ import { join, resolve } from "path";
 import { parse as parseYaml } from "yaml";
 import { bundledAgentsDir } from "./lib/packagePaths.ts";
 import { arrayField, parseMarkdownFrontmatter, stringField } from "./lib/markdown.ts";
+import { writeAuditLog } from "./lib/auditLogger.ts";
 
-type ChainStep = { agent: string; prompt: string };
-type ChainDef = { name: string; description: string; steps: ChainStep[] };
+type ChainStep = { agent: string; prompt: string; timeout?: number };
+type ChainDef = { name: string; description: string; steps: ChainStep[]; continueOnError?: boolean };
 type AgentDef = { name: string; description: string; tools: string; systemPrompt: string };
 type StepState = { agent: string; status: "pending" | "running" | "done" | "error"; elapsed: number; lastWork: string };
 
@@ -24,19 +25,24 @@ function parseChainYaml(raw: string): ChainDef[] {
 
   return Object.entries(parsed as Record<string, unknown>).flatMap(([name, value]) => {
     if (!value || typeof value !== "object" || Array.isArray(value)) return [];
-    const chain = value as { description?: unknown; steps?: unknown };
+    const chain = value as { description?: unknown; steps?: unknown; continueOnError?: unknown };
     if (!Array.isArray(chain.steps)) return [];
     const steps = chain.steps.flatMap((step): ChainStep[] => {
       if (!step || typeof step !== "object" || Array.isArray(step)) return [];
-      const item = step as { agent?: unknown; prompt?: unknown };
+      const item = step as { agent?: unknown; prompt?: unknown; timeout?: unknown };
       if (typeof item.agent !== "string" || typeof item.prompt !== "string") return [];
-      return [{ agent: item.agent, prompt: item.prompt }];
+      return [{
+        agent: item.agent,
+        prompt: item.prompt,
+        timeout: typeof item.timeout === "number" ? item.timeout : undefined,
+      }];
     });
     if (!steps.length) return [];
     return [{
       name,
       description: typeof chain.description === "string" ? chain.description : "",
       steps,
+      continueOnError: typeof chain.continueOnError === "boolean" ? chain.continueOnError : undefined,
     }];
   });
 }
@@ -115,7 +121,13 @@ export default function (pi: ExtensionAPI) {
     }));
   }
 
-  function runAgent(agentDef: AgentDef, task: string, stepIndex: number, ctx: any): Promise<{ output: string; exitCode: number; elapsed: number }> {
+  function runAgent(
+    agentDef: AgentDef,
+    task: string,
+    stepIndex: number,
+    timeoutSecs: number | undefined,
+    ctx: any,
+  ): Promise<{ output: string; exitCode: number; elapsed: number }> {
     const model = ctx.model ? `${ctx.model.provider}/${ctx.model.id}` : "";
     const agentKey = agentDef.name.toLowerCase().replace(/\s+/g, "-");
     const agentSessionFile = join(sessionDir, `chain-${agentKey}.json`);
@@ -137,9 +149,21 @@ export default function (pi: ExtensionAPI) {
     const start = Date.now();
     const chunks: string[] = [];
 
+    const timeoutMs = timeoutSecs ? timeoutSecs * 1000 : 120000;
+
     return new Promise((resolveDone) => {
       const cleanupPrompt = () => rmSync(systemPrompt.dir, { recursive: true, force: true });
       const proc = spawn("pi", args, { stdio: ["ignore", "pipe", "pipe"], env: { ...process.env } });
+
+      let killed = false;
+      const killTimer = setTimeout(() => {
+        killed = true;
+        proc.kill("SIGTERM");
+        setTimeout(() => {
+          if (proc.exitCode === null) proc.kill("SIGKILL");
+        }, 2000);
+      }, timeoutMs);
+
       const timer = setInterval(() => {
         state.elapsed = Date.now() - start;
         updateWidget();
@@ -166,13 +190,17 @@ export default function (pi: ExtensionAPI) {
       proc.stderr!.setEncoding("utf-8");
       proc.stderr!.on("data", () => {});
       proc.on("close", (code) => {
+        clearTimeout(killTimer);
         clearInterval(timer);
         cleanupPrompt();
         state.elapsed = Date.now() - start;
         if (code === 0) agentSessions.set(agentKey, agentSessionFile);
-        resolveDone({ output: chunks.join(""), exitCode: code ?? 1, elapsed: state.elapsed });
+        const exitCode = killed ? 124 : (code ?? 1);
+        const finalOutput = killed ? `${chunks.join("")}\n\n[Agent timeout after ${timeoutSecs}s]` : chunks.join("");
+        resolveDone({ output: finalOutput, exitCode, elapsed: state.elapsed });
       });
       proc.on("error", (error) => {
+        clearTimeout(killTimer);
         clearInterval(timer);
         cleanupPrompt();
         resolveDone({ output: `Error spawning agent: ${error.message}`, exitCode: 1, elapsed: Date.now() - start });
@@ -188,28 +216,89 @@ export default function (pi: ExtensionAPI) {
 
     let input = task;
     const original = task;
+    const outputs: string[] = [];
+
     for (let i = 0; i < activeChain.steps.length; i++) {
       const step = activeChain.steps[i];
       stepStates[i].status = "running";
       updateWidget();
 
-      const prompt = step.prompt.replace(/\$INPUT/g, input).replace(/\$ORIGINAL/g, original);
+      let prompt = step.prompt.replace(/\$INPUT/g, input).replace(/\$ORIGINAL/g, original);
+      // Replace $STEP_N references
+      prompt = prompt.replace(/\$STEP_(\d+)/g, (match, numStr) => {
+        const num = parseInt(numStr, 10);
+        if (num > 0 && num <= outputs.length) {
+          return outputs[num - 1];
+        }
+        return match;
+      });
+
       const agentDef = allAgents.get(step.agent.toLowerCase());
       if (!agentDef) {
         stepStates[i].status = "error";
-        return { output: `Agent "${step.agent}" not found`, success: false, elapsed: Date.now() - start };
+        const errResult = { output: `Agent "${step.agent}" not found`, success: false, elapsed: Date.now() - start };
+        writeAuditLog(ctx.cwd, {
+          type: "chain_run",
+          name: activeChain.name,
+          task,
+          input: task,
+          output: errResult.output,
+          exitCode: 1,
+          elapsedMs: errResult.elapsed,
+          metadata: { stepsCount: activeChain.steps.length, success: false, error: "agent_not_found" }
+        });
+        return errResult;
       }
 
-      const result = await runAgent(agentDef, prompt, i, ctx);
+      const result = await runAgent(agentDef, prompt, i, step.timeout, ctx);
+      writeAuditLog(ctx.cwd, {
+        type: "chain_step",
+        name: `${activeChain.name}:${step.agent}`,
+        task: prompt,
+        input: input,
+        output: result.output,
+        exitCode: result.exitCode,
+        elapsedMs: result.elapsed,
+        metadata: { stepIndex: i, chainName: activeChain.name, agent: step.agent }
+      });
+
       if (result.exitCode !== 0) {
         stepStates[i].status = "error";
-        return { output: result.output, success: false, elapsed: Date.now() - start };
+        if (activeChain.continueOnError) {
+          outputs.push("");
+          updateWidget();
+          continue;
+        }
+        const errResult = { output: result.output, success: false, elapsed: Date.now() - start };
+        writeAuditLog(ctx.cwd, {
+          type: "chain_run",
+          name: activeChain.name,
+          task,
+          input: task,
+          output: errResult.output,
+          exitCode: 1,
+          elapsedMs: errResult.elapsed,
+          metadata: { stepsCount: activeChain.steps.length, success: false, error: "step_failed", failedStep: step.agent }
+        });
+        return errResult;
       }
       stepStates[i].status = "done";
       input = result.output;
+      outputs.push(result.output);
       updateWidget();
     }
-    return { output: input, success: true, elapsed: Date.now() - start };
+    const finalResult = { output: input, success: true, elapsed: Date.now() - start };
+    writeAuditLog(ctx.cwd, {
+      type: "chain_run",
+      name: activeChain.name,
+      task,
+      input: task,
+      output: finalResult.output,
+      exitCode: 0,
+      elapsedMs: finalResult.elapsed,
+      metadata: { stepsCount: activeChain.steps.length, success: true }
+    });
+    return finalResult;
   }
 
   pi.registerTool({

package/extensions/agent-team.ts

@@ -8,6 +8,7 @@ import { join, resolve } from "path";
 import { parse as parseYaml } from "yaml";
 import { bundledAgentsDir } from "./lib/packagePaths.ts";
 import { arrayField, parseMarkdownFrontmatter, stringField } from "./lib/markdown.ts";
+import { writeAuditLog } from "./lib/auditLogger.ts";
 
 type AgentDef = {
   name: string;
@@ -238,6 +239,16 @@ export default function (pi: ExtensionAPI) {
       const { agent, task } = params as { agent: string; task: string };
       onUpdate?.({ content: [{ type: "text", text: `Dispatching to ${agent}...` }], details: { agent, task, status: "running" } });
       const result = await dispatchAgent(agent, task, ctx);
+      writeAuditLog(ctx.cwd, {
+        type: "team_agent",
+        name: agent,
+        task: task,
+        input: task,
+        output: result.output,
+        exitCode: result.exitCode,
+        elapsedMs: result.elapsed,
+        metadata: { teamName: activeTeamName }
+      });
       const text = result.output.length > 8000 ? `${result.output.slice(0, 8000)}\n\n... [truncated]` : result.output;
       return {
         content: [{ type: "text", text: `[${agent}] ${result.exitCode === 0 ? "done" : "error"} in ${Math.round(result.elapsed / 1000)}s\n\n${text}` }],

package/extensions/audit-tools.ts

@@ -31,6 +31,19 @@ const SECRET_PATTERNS = [
   ["sendgrid-key", /SG\.[A-Za-z0-9_-]{16,}\.[A-Za-z0-9_-]{16,}/g],
   ["private-key", /-----BEGIN (RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/g],
   ["jwt-like-token", /eyJ[A-Za-z0-9_-]{40,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/g],
+  // New patterns
+  ["supabase-key", /sbp_[a-f0-9]{40}/g],
+  ["twilio-sid", /AC[a-f0-9]{32}/g],
+  ["twilio-auth", /SK[a-f0-9]{32}/g],
+  ["mailgun-key", /key-[a-zA-Z0-9]{32}/g],
+  ["slack-webhook", /hooks\.slack\.com\/services\/T[A-Z0-9]+\/B[A-Z0-9]+\/[a-zA-Z0-9]+/g],
+  ["digitalocean-token", /dop_v1_[a-f0-9]{64}/g],
+  ["databricks-token", /dapi[a-f0-9]{32}/g],
+  ["openai-key", /sk-[a-zA-Z0-9]{20}T3BlbkFJ[a-zA-Z0-9]{20}/g],
+  ["anthropic-key", /sk-ant-[a-zA-Z0-9_-]{90,}/g],
+  ["azure-connection-string", /DefaultEndpointsProtocol=https;AccountName=[^;]+;AccountKey=[^;]+/g],
+  ["vercel-token", /vercel_[A-Za-z0-9_-]{24,}/g],
+  ["hashicorp-vault-token", /hvs\.[A-Za-z0-9_-]{24,}/g],
 ] as const;
 
 const GHOST_PATTERNS = [
@@ -38,6 +51,30 @@ const GHOST_PATTERNS = [
   ["exit-bypass", /sys\.exit\s*\(\s*0\s*\)|os\._exit\s*\(\s*0\s*\)|process\.exit\s*\(\s*0\s*\)/g],
   ["pytest-report-patch", /TestReport\.from_item_and_call|pytest_runtest_makereport|monkeypatch.*TestReport/g],
   ["assertion-monkeypatch", /expect\s*=\s*jest\.fn|assert\s*=\s*lambda|monkeypatch.*assert/g],
+  // New patterns
+  ["empty-test-body", /it\s*\(\s*['"][^'"]*['"]\s*,\s*\(\s*\)\s*=>\s*\{\s*\}\s*\)|def\s+test_\w+\s*\([^)]*\)\s*:\s*\n\s*pass\b/g],
+  ["catch-all-swallow", /catch\s*\([^)]*\)\s*\{\s*\}|except\s*:\s*\n\s*pass\b/g],
+  ["self-comparison", /expect\s*\(\s*(\w+)\s*\)\s*\.toBe\s*\(\s*\1\s*\)|assert\s+(\w+)\s*==\s*\2\b/g],
+  ["disabled-tests", /\bxit\s*\(|\bxdescribe\s*\(|\bxtest\s*\(|@pytest\.mark\.skip(?!\(reason)|\.skip\s*\(\s*\)/g],
+  ["console-only-validation", /(?:it|test)\s*\([^)]*\)\s*(?:=>|{)[\s\S]{0,200}console\.\w+[\s\S]{0,50}(?:\}|\))\s*(?:;|\n)(?![\s\S]{0,50}(?:expect|assert|should))/g],
+  ["unreachable-assertion", /\breturn\b[\s\S]{0,20}\n\s*(?:expect|assert)\b/g],
+  ["mock-everything", /jest\.mock\s*\(\s*['"]\.\.?\//g],
+  ["timeout-zero", /setTimeout\s*\(\s*(?:done|resolve|callback)\s*,\s*0\s*\)/g],
+] as const;
+
+const SAST_PATTERNS = [
+  ["eval-usage", /\beval\s*\(/g],
+  ["function-constructor", /new\s+Function\s*\(/g],
+  ["child-process-exec", /child_process.*\.exec\s*\(|exec\s*\(\s*`/g],
+  ["sql-concat", /['"`]\s*(?:SELECT|INSERT|UPDATE|DELETE)\b[\s\S]{0,80}\$\{|['"`]\s*(?:SELECT|INSERT|UPDATE|DELETE)\b[\s\S]{0,80}\+\s*\w/g],
+  ["innerhtml-assign", /\.innerHTML\s*=\s*(?!['"`]<)/g],
+  ["dangerous-react", /dangerouslySetInnerHTML/g],
+  ["path-traversal", /\.\.\/|\.\.\\|req\.\w+\.\w+.*(?:readFile|writeFile|createReadStream|path\.join|path\.resolve)/g],
+  ["prototype-pollution", /\[['"`]__proto__['"`]\]|\[['"`]constructor['"`]\]|\[['"`]prototype['"`]\]/g],
+  ["ssrf-pattern", /fetch\s*\(\s*(?:req\.|request\.|params\.|query\.)|axios\.\w+\s*\(\s*(?:req\.|request\.|params\.|query\.)/g],
+  ["hardcoded-secret-assign", /(?:password|secret|apiKey|api_key|token|auth)\s*[:=]\s*['"][^'"]{8,}['"]/g],
+  ["unvalidated-redirect", /res\.redirect\s*\(\s*req\.|response\.redirect\s*\(\s*request\./g],
+  ["cors-wildcard", /(?:Access-Control-Allow-Origin|origin)\s*[:=]\s*['"]\*['"]/g],
 ] as const;
 
 function walkFiles(root: string, maxFiles: number): string[] {
@@ -103,17 +140,64 @@ function detectFrameworks(root: string): string[] {
       if (deps.react) found.add("React");
       if (deps.vite) found.add("Vite");
       if (deps["@sveltejs/kit"]) found.add("SvelteKit");
+      if (deps.svelte) found.add("Svelte");
       if (deps.vue) found.add("Vue");
       if (deps.express) found.add("Express");
       if (deps.vitest) found.add("Vitest");
       if (deps.jest) found.add("Jest");
       if (deps.typescript) found.add("TypeScript");
+      // New framework detections
+      if (deps.astro) found.add("Astro");
+      if (deps["@remix-run/node"] || deps["@remix-run/react"]) found.add("Remix");
+      if (deps.nuxt) found.add("Nuxt");
+      if (deps["@angular/core"]) found.add("Angular");
+      if (deps["@nestjs/core"]) found.add("NestJS");
+      if (deps.fastify) found.add("Fastify");
+      if (deps.hono) found.add("Hono");
+      if (deps.elysia) found.add("Elysia");
+      if (deps.prisma || deps["@prisma/client"]) found.add("Prisma");
+      if (deps["drizzle-orm"]) found.add("Drizzle");
+      if (deps["@trpc/server"]) found.add("tRPC");
+      if (deps.graphql || deps["@apollo/server"]) found.add("GraphQL");
+      if (deps.tailwindcss) found.add("Tailwind CSS");
+      if (deps.playwright || deps["@playwright/test"]) found.add("Playwright");
+      if (deps.cypress) found.add("Cypress");
+      if (deps.storybook || deps["@storybook/react"]) found.add("Storybook");
+      if (deps.turborepo || deps.turbo) found.add("Turborepo");
+      if (deps.electron) found.add("Electron");
+      if (deps["react-native"]) found.add("React Native");
+      if (deps.expo) found.add("Expo");
     }
   }
-  if (fs.existsSync(path.join(root, "pyproject.toml")) || fs.existsSync(path.join(root, "requirements.txt"))) found.add("Python");
+  if (fs.existsSync(path.join(root, "pyproject.toml")) || fs.existsSync(path.join(root, "requirements.txt"))) {
+    found.add("Python");
+    const pyReqs = readSmallText(path.join(root, "requirements.txt"));
+    const pyProject = readSmallText(path.join(root, "pyproject.toml"));
+    const pyContent = (pyReqs || "") + (pyProject || "");
+    if (pyContent.includes("fastapi") || pyContent.includes("FastAPI")) found.add("FastAPI");
+    if (pyContent.includes("django") || pyContent.includes("Django")) found.add("Django");
+    if (pyContent.includes("flask") || pyContent.includes("Flask")) found.add("Flask");
+    if (pyContent.includes("pytest")) found.add("pytest");
+  }
   if (fs.existsSync(path.join(root, "Cargo.toml"))) found.add("Rust");
   if (fs.existsSync(path.join(root, "go.mod"))) found.add("Go");
   if (fs.existsSync(path.join(root, "Dockerfile"))) found.add("Docker");
+  if (fs.existsSync(path.join(root, "Gemfile"))) {
+    found.add("Ruby");
+    const gemfile = readSmallText(path.join(root, "Gemfile"));
+    if (gemfile?.includes("rails")) found.add("Rails");
+  }
+  if (fs.existsSync(path.join(root, "mix.exs"))) {
+    found.add("Elixir");
+    const mix = readSmallText(path.join(root, "mix.exs"));
+    if (mix?.includes("phoenix")) found.add("Phoenix");
+  }
+  if (fs.existsSync(path.join(root, "pom.xml")) || fs.existsSync(path.join(root, "build.gradle"))) {
+    found.add("Java");
+    const pom = readSmallText(path.join(root, "pom.xml")) || "";
+    const gradle = readSmallText(path.join(root, "build.gradle")) || "";
+    if (pom.includes("spring-boot") || gradle.includes("spring-boot")) found.add("Spring Boot");
+  }
   return Array.from(found);
 }
 
@@ -131,7 +215,7 @@ function dependencyInventory(root: string): string {
       if (loose.length) sections.push(`Loose pins: ${loose.slice(0, 20).map(([name, version]) => `${name}@${version}`).join(", ")}${loose.length > 20 ? `, +${loose.length - 20} more` : ""}`);
     }
   }
-  for (const file of ["requirements.txt", "pyproject.toml", "Cargo.toml", "go.mod", "Gemfile"]) {
+  for (const file of ["requirements.txt", "pyproject.toml", "Cargo.toml", "go.mod", "Gemfile", "mix.exs", "pom.xml", "build.gradle"]) {
     if (fs.existsSync(path.join(root, file))) sections.push(`Manifest: ${file}`);
   }
   return sections.join("\n") || "No common dependency manifests found.";
@@ -179,7 +263,7 @@ export default function auditToolsExtension(pi: ExtensionAPI) {
   pi.registerTool({
     name: "secret_scan",
     label: "Secret Scan",
-    description: "Read-only high-signal secret scan with redacted findings.",
+    description: "Read-only high-signal secret scan with redacted findings. Detects 22 secret patterns including cloud provider keys, API tokens, and private keys.",
     promptSnippet: "Use secret_scan before shipping, importing external files, or touching credentials.",
     parameters: Type.Object({
       maxFiles: Type.Optional(Type.Number({ description: "Maximum files to scan. Default 5000." })),
@@ -202,7 +286,7 @@ export default function auditToolsExtension(pi: ExtensionAPI) {
       const envGitignored = !fs.existsSync(path.join(ctx.cwd, ".env")) || (readSmallText(path.join(ctx.cwd, ".gitignore")) || "").includes(".env");
       const verdict = findings.length ? "BLOCKED" : "CLEAN";
       return {
-        content: [{ type: "text", text: [`secret_scan verdict: ${verdict}`, `.env gitignored: ${envGitignored ? "yes" : "no"}`, "", ...(findings.length ? findings : ["No high-signal secrets found."])].join("\n") }],
+        content: [{ type: "text", text: [`secret_scan verdict: ${verdict}`, `patterns: ${SECRET_PATTERNS.length}`, `files scanned: ${files.length}`, `.env gitignored: ${envGitignored ? "yes" : "no"}`, "", ...(findings.length ? findings : ["No high-signal secrets found."])].join("\n") }],
         details: { findings },
       };
     },
@@ -214,7 +298,7 @@ export default function auditToolsExtension(pi: ExtensionAPI) {
   pi.registerTool({
     name: "ghost_test_scan",
     label: "Ghost Test Scan",
-    description: "Static scan for test-suite reward hacking patterns such as always-true equality, exit bypasses, and framework patching.",
+    description: "Static scan for test-suite reward hacking patterns: always-true equality, exit bypasses, empty test bodies, disabled tests, self-comparisons, and framework patching.",
     promptSnippet: "Use ghost_test_scan when validating test integrity before trusting green tests.",
     parameters: Type.Object({
       maxFiles: Type.Optional(Type.Number({ description: "Maximum files to scan. Default 3000." })),
@@ -235,7 +319,7 @@ export default function auditToolsExtension(pi: ExtensionAPI) {
         }
       }
       return {
-        content: [{ type: "text", text: [`ghost_test_scan verdict: ${findings.length ? "SUSPICIOUS" : "CLEAN"}`, `files scanned: ${files.length}`, "", ...(findings.length ? findings : ["No static reward-hack patterns found."])].join("\n") }],
+        content: [{ type: "text", text: [`ghost_test_scan verdict: ${findings.length ? "SUSPICIOUS" : "CLEAN"}`, `patterns: ${GHOST_PATTERNS.length}`, `files scanned: ${files.length}`, "", ...(findings.length ? findings : ["No static reward-hack patterns found."])].join("\n") }],
         details: { findings },
       };
     },
@@ -257,4 +341,39 @@ export default function auditToolsExtension(pi: ExtensionAPI) {
       return new Text(theme.fg("toolTitle", theme.bold("dependency_inventory")), 0, 0);
     },
   });
+
+  pi.registerTool({
+    name: "sast_scan",
+    label: "SAST Scan",
+    description: "Static application security testing: detects eval(), SQL injection, prototype pollution, SSRF, XSS, unvalidated redirects, CORS wildcards, and hardcoded secrets in code.",
+    promptSnippet: "Use sast_scan to detect dangerous code patterns before shipping or reviewing external contributions.",
+    parameters: Type.Object({
+      maxFiles: Type.Optional(Type.Number({ description: "Maximum files to scan. Default 5000." })),
+    }),
+    async execute(_toolCallId, params, _signal, _onUpdate, ctx) {
+      const maxFiles = Math.max(100, Math.min(Number(params.maxFiles ?? 5000), 20000));
+      const codeExts = /\.(ts|tsx|js|jsx|mjs|cjs|py|rb|go|rs|java|php)$/i;
+      const files = walkFiles(ctx.cwd, maxFiles).filter((file) => codeExts.test(file));
+      const findings: string[] = [];
+      for (const file of files) {
+        const content = readSmallText(file);
+        if (!content) continue;
+        for (const [rule, pattern] of SAST_PATTERNS) {
+          pattern.lastIndex = 0;
+          let match: RegExpExecArray | null;
+          while ((match = pattern.exec(content))) {
+            findings.push(`${relative(ctx.cwd, file)}:${lineOf(content, match.index)} ${rule}`);
+          }
+        }
+      }
+      const severity = findings.some((f) => /eval-usage|sql-concat|child-process-exec|prototype-pollution/.test(f)) ? "HIGH" : findings.length ? "MEDIUM" : "CLEAN";
+      return {
+        content: [{ type: "text", text: [`sast_scan verdict: ${severity}`, `patterns: ${SAST_PATTERNS.length}`, `files scanned: ${files.length}`, "", ...(findings.length ? findings : ["No dangerous code patterns found."])].join("\n") }],
+        details: { findings, severity },
+      };
+    },
+    renderCall(_args, theme) {
+      return new Text(theme.fg("toolTitle", theme.bold("sast_scan")), 0, 0);
+    },
+  });
 }

package/extensions/lib/auditLogger.ts

@@ -0,0 +1,29 @@
+import * as fs from "node:fs";
+import * as path from "node:path";
+
+export type AuditLogEntry = {
+  timestamp: string;
+  type: "workflow" | "team_agent" | "chain_step" | "chain_run";
+  name: string;
+  task: string;
+  input: string;
+  output: string;
+  exitCode: number;
+  elapsedMs: number;
+  metadata?: Record<string, any>;
+};
+
+export function writeAuditLog(cwd: string, entry: Omit<AuditLogEntry, "timestamp">) {
+  try {
+    const logDir = path.join(cwd, ".pi", "logs");
+    fs.mkdirSync(logDir, { recursive: true });
+    const logFile = path.join(logDir, "openpi-audit.jsonl");
+    const line = JSON.stringify({
+      timestamp: new Date().toISOString(),
+      ...entry
+    });
+    fs.appendFileSync(logFile, `${line}\n`, "utf-8");
+  } catch {
+    // Silent fail to ensure logger never disrupts runtime in case of file locks
+  }
+}