@node9/proxy 1.11.2 → 1.11.3

package/dist/cli.js

@@ -116,7 +116,7 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
   const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
-  const testRun = isTestCall(toolName, args) ? { testRun: true } : {};
+  const testRun = isTestCall(toolName, args) || process.env.NODE9_TESTING === "1" ? { testRun: true } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,
@@ -8647,10 +8647,10 @@ function bold(s) {
 function color(c, s) {
   return `${c}${s}${RESET3}`;
 }
-function progressBar(pct2, warnAt = 70, critAt = 85) {
-  const filled = Math.round(Math.min(pct2, 100) / 100 * BAR_WIDTH);
+function progressBar(pct, warnAt = 70, critAt = 85) {
+  const filled = Math.round(Math.min(pct, 100) / 100 * BAR_WIDTH);
   const bar = BAR_FILLED.repeat(filled) + BAR_EMPTY.repeat(BAR_WIDTH - filled);
-  const c = pct2 >= critAt ? RED2 : pct2 >= warnAt ? YELLOW2 : GREEN2;
+  const c = pct >= critAt ? RED2 : pct >= warnAt ? YELLOW2 : GREEN2;
   return `${c}${bar}${RESET3}`;
 }
 function formatTimeLeft(resetsAt) {
@@ -8866,15 +8866,15 @@ function renderContextLine(stdin) {
   }
   const rl = stdin.rate_limits;
   if (rl?.five_hour?.used_percentage !== void 0) {
-    const pct2 = Math.round(rl.five_hour.used_percentage);
-    const bar = progressBar(pct2, 60, 80);
+    const pct = Math.round(rl.five_hour.used_percentage);
+    const bar = progressBar(pct, 60, 80);
     const left = formatTimeLeft(rl.five_hour.resets_at);
-    parts.push(`${dim("\u2502")} 5h ${bar} ${pct2}%${left}`);
+    parts.push(`${dim("\u2502")} 5h ${bar} ${pct}%${left}`);
   }
   if (rl?.seven_day?.used_percentage !== void 0) {
-    const pct2 = Math.round(rl.seven_day.used_percentage);
-    const bar = progressBar(pct2, 60, 80);
-    parts.push(`${dim("\u2502")} 7d ${bar} ${pct2}%`);
+    const pct = Math.round(rl.seven_day.used_percentage);
+    const bar = progressBar(pct, 60, 80);
+    parts.push(`${dim("\u2502")} 7d ${bar} ${pct}%`);
   }
   if (parts.length === 0) return null;
   return parts.join("  ");
@@ -11747,8 +11747,8 @@ function buildTestTimestamps(allEntries) {
   return testTs;
 }
 function isTestEntry(entry, testTs) {
-  if (entry.tool !== "Bash" && entry.tool !== "bash") return false;
   if (entry.testRun === true) return true;
+  if (entry.tool !== "Bash" && entry.tool !== "bash") return false;
   const cmd = entry.args?.command;
   if (typeof cmd === "string") return TEST_COMMAND_RE3.test(cmd);
   const t = new Date(entry.ts).getTime();
@@ -11806,10 +11806,6 @@ function colorBar(value, max, width) {
   const filled = Math.max(1, Math.round(max > 0 ? value / max * width : 0));
   return import_chalk9.default.cyan(s.slice(0, filled)) + import_chalk9.default.dim(s.slice(filled));
 }
-function pct(num3, total) {
-  if (total === 0) return "\u2013";
-  return Math.round(num3 / total * 100) + "%";
-}
 function fmtDate(d) {
   const date = typeof d === "string" ? /* @__PURE__ */ new Date(d + "T12:00:00") : d;
   return date.toLocaleDateString("en-US", { month: "short", day: "numeric" });
@@ -11980,9 +11976,12 @@ function registerReportCommand(program2) {
 `));
       return;
     }
-    let allowed = 0;
-    let blocked = 0;
-    let dlpHits = 0;
+    let userApproved = 0;
+    let userDenied = 0;
+    let timedOut = 0;
+    let hardBlocked = 0;
+    let dlpBlocked = 0;
+    let observeDlp = 0;
     let loopHits = 0;
     let testPasses = 0;
     let testFails = 0;
@@ -11995,9 +11994,16 @@ function registerReportCommand(program2) {
     for (const e of entries) {
       const allow = isAllow(e.decision);
       const dateKey = e.ts.slice(0, 10);
-      if (allow) allowed++;
-      else blocked++;
-      if (isDlp(e.checkedBy)) dlpHits++;
+      const userInteracted = e.source === "daemon";
+      if (userInteracted) {
+        if (allow) userApproved++;
+        else userDenied++;
+      } else if (!allow) {
+        if (e.checkedBy === "timeout") timedOut++;
+        else if (e.checkedBy === "observe-mode-dlp-would-block") observeDlp++;
+        else if (isDlp(e.checkedBy)) dlpBlocked++;
+        else if (e.checkedBy !== "loop-detected") hardBlocked++;
+      }
       if (e.checkedBy === "loop-detected") loopHits++;
       const t = toolMap.get(e.tool) ?? { calls: 0, blocked: 0 };
       t.calls++;
@@ -12048,25 +12054,84 @@ function registerReportCommand(program2) {
       "  " + import_chalk9.default.bold.cyan("\u{1F6E1} node9 Report") + import_chalk9.default.dim("  \xB7  ") + import_chalk9.default.white(periodLabel[period]) + import_chalk9.default.dim(`  ${fmtDate(start)} \u2013 ${fmtDate(end)}`) + import_chalk9.default.dim(`  ${num(total)} events`) + (excludeTests ? import_chalk9.default.dim(`  \u2013tests (\u2013${filteredTestCount})`) : "")
     );
     console.log("  " + line);
-    console.log("");
-    const blockLabel = blocked > 0 ? import_chalk9.default.red(`\u{1F6D1} ${num(blocked)} blocked`) : import_chalk9.default.dim("\u{1F6D1} 0 blocked");
-    const dlpLabel = dlpHits > 0 ? import_chalk9.default.yellow(`\u{1F6A8} ${dlpHits} DLP hits`) : import_chalk9.default.dim("\u{1F6A8} 0 DLP hits");
-    const loopLabel = loopHits > 0 ? import_chalk9.default.yellow(`\u{1F504} ${loopHits} loops`) : import_chalk9.default.dim("\u{1F504} 0 loops");
-    const currentRate = total > 0 ? blocked / total : 0;
+    const totalBlocked = timedOut + hardBlocked + dlpBlocked + loopHits + userDenied;
+    const currentRate = total > 0 ? totalBlocked / total : 0;
     const trendLabel = (() => {
-      if (priorBlockRate === null) return import_chalk9.default.dim(`${pct(blocked, total)} block rate`);
+      if (priorBlockRate === null) return "";
       const delta = Math.round((currentRate - priorBlockRate) * 100);
-      const arrow = delta > 0 ? import_chalk9.default.red(`\u25B2${delta}%`) : delta < 0 ? import_chalk9.default.green(`\u25BC${Math.abs(delta)}%`) : import_chalk9.default.dim("\u2013");
-      return import_chalk9.default.dim(`${pct(blocked, total)} block rate `) + arrow + import_chalk9.default.dim(" vs prior");
+      if (delta === 0) return "";
+      return "  " + (delta > 0 ? import_chalk9.default.red(`\u25B2${delta}%`) : import_chalk9.default.green(`\u25BC${Math.abs(delta)}%`)) + import_chalk9.default.dim(" vs prior");
     })();
     const reads = toolMap.get("Read")?.calls ?? 0;
     const edits = (toolMap.get("Edit")?.calls ?? 0) + (toolMap.get("Write")?.calls ?? 0);
     const ratioLabel = reads > 0 ? import_chalk9.default.dim(`edit/read ${(edits / reads).toFixed(1)}`) : import_chalk9.default.dim("edit/read \u2013");
     const testLabel = testPasses + testFails > 0 ? import_chalk9.default.dim("tests ") + import_chalk9.default.green(`${testPasses}\u2713`) + (testFails > 0 ? " " + import_chalk9.default.red(`${testFails}\u2717`) : "") : import_chalk9.default.dim("tests \u2013");
+    console.log("");
+    console.log("  " + import_chalk9.default.bold("Protection Summary"));
+    console.log("  " + import_chalk9.default.dim("\u2500".repeat(Math.min(50, W - 4))));
     console.log(
-      "  " + import_chalk9.default.green(`\u2705 ${num(allowed)} allowed`) + "   " + blockLabel + "   " + dlpLabel + "   " + loopLabel + "   " + trendLabel
+      "  " + import_chalk9.default.dim("Intercepted") + "  " + import_chalk9.default.white(num(total)) + import_chalk9.default.dim(" tool calls")
+    );
+    console.log("");
+    const COL1 = 18;
+    const summaryRow = (icon, label, count, note, colorFn = (s) => s) => {
+      const countStr = colorFn(num(count));
+      const noteStr = note ? import_chalk9.default.dim("   " + note) : "";
+      console.log("    " + icon + "  " + import_chalk9.default.white(label.padEnd(COL1)) + countStr + noteStr);
+    };
+    summaryRow(
+      userApproved > 0 ? import_chalk9.default.green("\u2705") : import_chalk9.default.dim("\u2705"),
+      "User approved",
+      userApproved,
+      userApproved === 0 ? "no popups this period" : void 0,
+      userApproved > 0 ? (s) => import_chalk9.default.green(s) : (s) => import_chalk9.default.dim(s)
+    );
+    summaryRow(
+      userDenied > 0 ? import_chalk9.default.red("\u{1F6AB}") : import_chalk9.default.dim("\u{1F6AB}"),
+      "User denied",
+      userDenied,
+      void 0,
+      userDenied > 0 ? (s) => import_chalk9.default.red(s) : (s) => import_chalk9.default.dim(s)
     );
-    console.log("  " + ratioLabel + "   " + testLabel);
+    summaryRow(
+      timedOut > 0 ? import_chalk9.default.yellow("\u23F1") : import_chalk9.default.dim("\u23F1"),
+      "Timed out",
+      timedOut,
+      timedOut > 0 ? "no approval response" : void 0,
+      timedOut > 0 ? (s) => import_chalk9.default.yellow(s) : (s) => import_chalk9.default.dim(s)
+    );
+    summaryRow(
+      hardBlocked > 0 ? import_chalk9.default.red("\u{1F6D1}") : import_chalk9.default.dim("\u{1F6D1}"),
+      "Auto-blocked",
+      hardBlocked,
+      void 0,
+      hardBlocked > 0 ? (s) => import_chalk9.default.red(s) : (s) => import_chalk9.default.dim(s)
+    );
+    summaryRow(
+      dlpBlocked > 0 ? import_chalk9.default.yellow("\u{1F6A8}") : import_chalk9.default.dim("\u{1F6A8}"),
+      "DLP blocked",
+      dlpBlocked,
+      void 0,
+      dlpBlocked > 0 ? (s) => import_chalk9.default.yellow(s) : (s) => import_chalk9.default.dim(s)
+    );
+    summaryRow(
+      observeDlp > 0 ? import_chalk9.default.blue("\u{1F441}") : import_chalk9.default.dim("\u{1F441}"),
+      "DLP (observe)",
+      observeDlp,
+      observeDlp > 0 ? "would-block in strict mode" : void 0,
+      observeDlp > 0 ? (s) => import_chalk9.default.blue(s) : (s) => import_chalk9.default.dim(s)
+    );
+    summaryRow(
+      loopHits > 0 ? import_chalk9.default.yellow("\u{1F504}") : import_chalk9.default.dim("\u{1F504}"),
+      "Loops detected",
+      loopHits,
+      void 0,
+      loopHits > 0 ? (s) => import_chalk9.default.yellow(s) : (s) => import_chalk9.default.dim(s)
+    );
+    if (trendLabel || ratioLabel || testPasses + testFails > 0) {
+      console.log("");
+      console.log("  " + ratioLabel + "   " + testLabel + trendLabel);
+    }
     console.log("");
     const toolHeaderRaw = "Top Tools";
     const blockHeaderRaw = "Top Blocks";
@@ -14247,6 +14312,22 @@ function claudeModelPrice2(model) {
   }
   return null;
 }
+var GEMINI_PRICING = {
+  "gemini-2.5-pro": { i: 125e-8, o: 1e-5, cr: 31e-8 },
+  "gemini-2.5-flash": { i: 15e-8, o: 6e-7, cr: 375e-10 },
+  "gemini-2.0-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 },
+  "gemini-1.5-pro": { i: 125e-8, o: 5e-6, cr: 3125e-10 },
+  "gemini-1.5-flash": { i: 75e-9, o: 3e-7, cr: 1875e-11 },
+  "gemini-3-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 }
+};
+function geminiModelPrice(model) {
+  const base = model.replace(/-preview$/, "").replace(/-exp$/, "").replace(/-\d{4}-\d{2}-\d{2}$/, "");
+  for (const [key, p] of Object.entries(GEMINI_PRICING)) {
+    if (base === key || base.startsWith(key)) return p;
+  }
+  if (base.includes("flash")) return GEMINI_PRICING["gemini-2.0-flash"];
+  return null;
+}
 function num2(n) {
   return n.toLocaleString();
 }
@@ -14389,7 +14470,8 @@ function scanClaudeHistory(startDate) {
                 redactedSample: dlpMatch.redactedSample,
                 toolName,
                 timestamp: entry.timestamp ?? "",
-                project: projLabel
+                project: projLabel,
+                agent: "claude"
               });
             }
           }
@@ -14408,7 +14490,135 @@ function scanClaudeHistory(startDate) {
                 toolName,
                 input,
                 timestamp: entry.timestamp ?? "",
-                project: projLabel
+                project: projLabel,
+                agent: "claude"
+              });
+            }
+            break;
+          }
+        }
+      }
+    }
+  }
+  return result;
+}
+function scanGeminiHistory(startDate) {
+  const tmpDir = import_path36.default.join(import_os29.default.homedir(), ".gemini", "tmp");
+  const result = {
+    filesScanned: 0,
+    sessions: 0,
+    totalToolCalls: 0,
+    bashCalls: 0,
+    findings: [],
+    dlpFindings: [],
+    totalCostUSD: 0,
+    firstDate: null,
+    lastDate: null
+  };
+  if (!import_fs33.default.existsSync(tmpDir)) return result;
+  let slugDirs;
+  try {
+    slugDirs = import_fs33.default.readdirSync(tmpDir);
+  } catch {
+    return result;
+  }
+  const ruleSources = buildRuleSources();
+  for (const slug of slugDirs) {
+    const slugPath = import_path36.default.join(tmpDir, slug);
+    try {
+      if (!import_fs33.default.statSync(slugPath).isDirectory()) continue;
+    } catch {
+      continue;
+    }
+    let projLabel = slug;
+    try {
+      projLabel = import_fs33.default.readFileSync(import_path36.default.join(slugPath, ".project_root"), "utf-8").trim().replace(import_os29.default.homedir(), "~").slice(0, 40);
+    } catch {
+    }
+    const chatsDir = import_path36.default.join(slugPath, "chats");
+    if (!import_fs33.default.existsSync(chatsDir)) continue;
+    let chatFiles;
+    try {
+      chatFiles = import_fs33.default.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
+    } catch {
+      continue;
+    }
+    for (const chatFile of chatFiles) {
+      result.filesScanned++;
+      let raw;
+      try {
+        raw = import_fs33.default.readFileSync(import_path36.default.join(chatsDir, chatFile), "utf-8");
+      } catch {
+        continue;
+      }
+      let session;
+      try {
+        session = JSON.parse(raw);
+      } catch {
+        continue;
+      }
+      result.sessions++;
+      for (const msg of session.messages ?? []) {
+        if (msg.type !== "gemini") continue;
+        if (startDate && msg.timestamp && new Date(msg.timestamp) < startDate) continue;
+        if (msg.timestamp) {
+          if (!result.firstDate || msg.timestamp < result.firstDate)
+            result.firstDate = msg.timestamp;
+          if (!result.lastDate || msg.timestamp > result.lastDate) result.lastDate = msg.timestamp;
+        }
+        const tokens = msg.tokens;
+        const model = msg.model;
+        if (tokens && model) {
+          const p = geminiModelPrice(model);
+          if (p) {
+            const nonCached = Math.max(0, tokens.input - tokens.cached);
+            result.totalCostUSD += nonCached * p.i + tokens.cached * p.cr + tokens.output * p.o;
+          }
+        }
+        for (const tc of msg.toolCalls ?? []) {
+          result.totalToolCalls++;
+          const toolName = tc.name ?? "";
+          const toolNameLower = toolName.toLowerCase();
+          const input = tc.args ?? {};
+          if (toolNameLower === "run_shell_command" || toolNameLower === "shell") {
+            result.bashCalls++;
+          }
+          const rawCmd = String(input.command ?? "").trimStart();
+          if (/^node9\s+(scan|explain|report|tail|dlp|status|sessions|audit)\b/.test(rawCmd))
+            continue;
+          const dlpMatch = scanArgs(input);
+          if (dlpMatch) {
+            const isDupe = result.dlpFindings.some(
+              (f) => f.patternName === dlpMatch.patternName && f.redactedSample === dlpMatch.redactedSample && f.project === projLabel
+            );
+            if (!isDupe) {
+              result.dlpFindings.push({
+                patternName: dlpMatch.patternName,
+                redactedSample: dlpMatch.redactedSample,
+                toolName,
+                timestamp: msg.timestamp ?? "",
+                project: projLabel,
+                agent: "gemini"
+              });
+            }
+          }
+          for (const source of ruleSources) {
+            const { rule } = source;
+            if (rule.verdict === "allow") continue;
+            if (rule.tool && !matchesPattern(toolNameLower, rule.tool)) continue;
+            if (!evaluateSmartConditions(input, rule)) continue;
+            const inputPreview = preview(input, 120);
+            const isDupe = result.findings.some(
+              (f) => f.source.rule.name === rule.name && preview(f.input, 120) === inputPreview && f.project === projLabel
+            );
+            if (!isDupe) {
+              result.findings.push({
+                source,
+                toolName,
+                input,
+                timestamp: msg.timestamp ?? "",
+                project: projLabel,
+                agent: "gemini"
               });
             }
             break;
@@ -14419,6 +14629,21 @@ function scanClaudeHistory(startDate) {
   }
   return result;
 }
+function mergeScans(a, b) {
+  const dates = [a.firstDate, b.firstDate].filter(Boolean);
+  const lastDates = [a.lastDate, b.lastDate].filter(Boolean);
+  return {
+    filesScanned: a.filesScanned + b.filesScanned,
+    sessions: a.sessions + b.sessions,
+    totalToolCalls: a.totalToolCalls + b.totalToolCalls,
+    bashCalls: a.bashCalls + b.bashCalls,
+    findings: [...a.findings, ...b.findings],
+    dlpFindings: [...a.dlpFindings, ...b.dlpFindings],
+    totalCostUSD: a.totalCostUSD + b.totalCostUSD,
+    firstDate: dates.length ? dates.sort()[0] : null,
+    lastDate: lastDates.length ? lastDates.sort().at(-1) : null
+  };
+}
 function registerScanCommand(program2) {
   program2.command("scan").description("Forecast: scan agent history and show what node9 would catch if installed").option("--all", "Scan all history (default: last 90 days)").option("--days <n>", "Scan last N days of history", "90").option("--top <n>", "Max findings to show per shield", "5").action((options) => {
     const topN = Math.max(1, parseInt(options.top, 10) || 5);
@@ -14431,23 +14656,25 @@ function registerScanCommand(program2) {
     console.log("");
     console.log(import_chalk21.default.cyan.bold("\u{1F50D}  node9 scan") + import_chalk21.default.dim("  \u2014 what would node9 catch?"));
     console.log("");
-    const projectsDir = import_path36.default.join(import_os29.default.homedir(), ".claude", "projects");
-    if (!import_fs33.default.existsSync(projectsDir)) {
-      console.log(import_chalk21.default.yellow("  No Claude history found at ~/.claude/projects/"));
-      console.log(import_chalk21.default.gray("  Install Claude Code, run a few sessions, then try again.\n"));
-      return;
-    }
     process.stdout.write(import_chalk21.default.dim("  Scanning\u2026"));
-    const scan = scanClaudeHistory(startDate);
+    const claudeScan = scanClaudeHistory(startDate);
+    const geminiScan = scanGeminiHistory(startDate);
+    const scan = mergeScans(claudeScan, geminiScan);
     process.stdout.write("\r" + " ".repeat(20) + "\r");
     if (scan.filesScanned === 0) {
-      console.log(import_chalk21.default.yellow("  No JSONL session files found.\n"));
+      console.log(import_chalk21.default.yellow("  No session history found."));
+      console.log(
+        import_chalk21.default.gray(
+          "  Supported: Claude Code (~/.claude/projects/) \xB7 Gemini CLI (~/.gemini/tmp/)\n"
+        )
+      );
       return;
     }
     const rangeLabel = options.all ? import_chalk21.default.dim("all time") : import_chalk21.default.dim(`last ${options.days ?? 90} days`);
     const dateRange = scan.firstDate && scan.lastDate ? import_chalk21.default.dim(`  ${fmtTs(scan.firstDate)} \u2013 ${fmtTs(scan.lastDate)}`) : "";
+    const sessionBreakdown = claudeScan.sessions > 0 && geminiScan.sessions > 0 ? import_chalk21.default.dim("(") + import_chalk21.default.cyan(String(claudeScan.sessions)) + import_chalk21.default.dim(" Claude \xB7 ") + import_chalk21.default.blue(String(geminiScan.sessions)) + import_chalk21.default.dim(" Gemini)") : "";
     console.log(
-      "  " + import_chalk21.default.white(num2(scan.sessions)) + import_chalk21.default.dim(" sessions  ") + import_chalk21.default.white(num2(scan.totalToolCalls)) + import_chalk21.default.dim(" tool calls  ") + import_chalk21.default.white(num2(scan.bashCalls)) + import_chalk21.default.dim(" bash commands  ") + rangeLabel + dateRange
+      "  " + import_chalk21.default.white(num2(scan.sessions)) + import_chalk21.default.dim(" sessions  ") + sessionBreakdown + (sessionBreakdown ? "  " : "") + import_chalk21.default.white(num2(scan.totalToolCalls)) + import_chalk21.default.dim(" tool calls  ") + import_chalk21.default.white(num2(scan.bashCalls)) + import_chalk21.default.dim(" bash commands  ") + rangeLabel + dateRange
     );
     console.log("");
     const byShield = /* @__PURE__ */ new Map();
@@ -14499,8 +14726,9 @@ function registerScanCommand(program2) {
             for (const f of shown) {
               const ts = f.timestamp ? import_chalk21.default.dim(fmtTs(f.timestamp) + "  ") : "";
               const proj = import_chalk21.default.dim(f.project.slice(0, 22).padEnd(22) + "  ");
-              const cmd = import_chalk21.default.gray(preview(f.input, 55));
-              console.log(`      ${ts}${proj}${cmd}`);
+              const agentBadge = f.agent === "gemini" ? import_chalk21.default.blue("[Gemini]  ") : import_chalk21.default.cyan("[Claude]  ");
+              const cmd = import_chalk21.default.gray(preview(f.input, 45));
+              console.log(`      ${ts}${proj}${agentBadge}${cmd}`);
             }
             if (ruleFindings.length > topN) {
               console.log(
@@ -14524,8 +14752,9 @@ function registerScanCommand(program2) {
         for (const f of shownDlp) {
           const ts = f.timestamp ? import_chalk21.default.dim(fmtTs(f.timestamp) + "  ") : "";
           const proj = import_chalk21.default.dim(f.project.slice(0, 22).padEnd(22) + "  ");
+          const agentBadge = f.agent === "gemini" ? import_chalk21.default.blue("[Gemini]  ") : import_chalk21.default.cyan("[Claude]  ");
           console.log(
-            `    ${ts}${proj}` + import_chalk21.default.yellow(f.patternName) + import_chalk21.default.dim("  ") + import_chalk21.default.gray(f.redactedSample)
+            `    ${ts}${proj}${agentBadge}` + import_chalk21.default.yellow(f.patternName) + import_chalk21.default.dim("  ") + import_chalk21.default.gray(f.redactedSample)
           );
         }
         if (scan.dlpFindings.length > topN) {
@@ -14540,7 +14769,7 @@ function registerScanCommand(program2) {
     }
     if (scan.totalCostUSD > 0) {
       console.log(
-        "  " + import_chalk21.default.bold("Claude spend:") + "  " + import_chalk21.default.yellow(fmtCost2(scan.totalCostUSD)) + import_chalk21.default.dim("  (for per-period breakdown: node9 report)")
+        "  " + import_chalk21.default.bold("Agent spend:") + "  " + import_chalk21.default.yellow(fmtCost2(scan.totalCostUSD)) + import_chalk21.default.dim("  (for per-period breakdown: node9 report)")
       );
       console.log("");
     }
@@ -14584,6 +14813,22 @@ function modelPrice(model) {
   }
   return null;
 }
+var GEMINI_PRICING2 = {
+  "gemini-2.5-pro": { i: 125e-8, o: 1e-5, cr: 31e-8 },
+  "gemini-2.5-flash": { i: 15e-8, o: 6e-7, cr: 375e-10 },
+  "gemini-2.0-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 },
+  "gemini-1.5-pro": { i: 125e-8, o: 5e-6, cr: 3125e-10 },
+  "gemini-1.5-flash": { i: 75e-9, o: 3e-7, cr: 1875e-11 },
+  "gemini-3-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 }
+};
+function geminiModelPrice2(model) {
+  const base = model.replace(/-preview$/, "").replace(/-exp$/, "").replace(/-\d{4}-\d{2}-\d{2}$/, "");
+  for (const [key, p] of Object.entries(GEMINI_PRICING2)) {
+    if (base === key || base.startsWith(key)) return p;
+  }
+  if (base.includes("flash")) return GEMINI_PRICING2["gemini-2.0-flash"];
+  return null;
+}
 function encodeProjectPath(projectPath) {
   return projectPath.replace(/\//g, "-");
 }
@@ -14699,6 +14944,123 @@ function auditEntriesInWindow(entries, windowStart, windowEnd) {
   }
   return result;
 }
+function buildGeminiSessions(days, allAuditEntries) {
+  const tmpDir = import_path37.default.join(import_os30.default.homedir(), ".gemini", "tmp");
+  if (!import_fs34.default.existsSync(tmpDir)) return [];
+  const cutoff = days !== null ? (() => {
+    const d = /* @__PURE__ */ new Date();
+    d.setDate(d.getDate() - days);
+    d.setHours(0, 0, 0, 0);
+    return d;
+  })() : null;
+  let slugDirs;
+  try {
+    slugDirs = import_fs34.default.readdirSync(tmpDir);
+  } catch {
+    return [];
+  }
+  const summaries = [];
+  for (const slug of slugDirs) {
+    const slugPath = import_path37.default.join(tmpDir, slug);
+    try {
+      if (!import_fs34.default.statSync(slugPath).isDirectory()) continue;
+    } catch {
+      continue;
+    }
+    let projectRoot = import_path37.default.join(import_os30.default.homedir(), slug);
+    try {
+      projectRoot = import_fs34.default.readFileSync(import_path37.default.join(slugPath, ".project_root"), "utf-8").trim();
+    } catch {
+    }
+    const chatsDir = import_path37.default.join(slugPath, "chats");
+    if (!import_fs34.default.existsSync(chatsDir)) continue;
+    let chatFiles;
+    try {
+      chatFiles = import_fs34.default.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
+    } catch {
+      continue;
+    }
+    for (const chatFile of chatFiles) {
+      let raw;
+      try {
+        raw = import_fs34.default.readFileSync(import_path37.default.join(chatsDir, chatFile), "utf-8");
+      } catch {
+        continue;
+      }
+      let session;
+      try {
+        session = JSON.parse(raw);
+      } catch {
+        continue;
+      }
+      const startTime = session.startTime ?? "";
+      if (!startTime) continue;
+      if (cutoff && new Date(startTime) < cutoff) continue;
+      let firstPrompt = "";
+      for (const msg of session.messages ?? []) {
+        if (msg.type === "user") {
+          const content = msg.content;
+          if (Array.isArray(content) && content[0]?.text) {
+            firstPrompt = content[0].text;
+          } else if (typeof content === "string") {
+            firstPrompt = content;
+          }
+          break;
+        }
+      }
+      const toolCalls = [];
+      let costUSD = 0;
+      const modifiedFiles = [];
+      const seenFiles = /* @__PURE__ */ new Set();
+      let lastToolTs = "";
+      for (const msg of session.messages ?? []) {
+        if (msg.type !== "gemini") continue;
+        const tokens = msg.tokens;
+        const model = msg.model;
+        if (tokens && model) {
+          const p = geminiModelPrice2(model);
+          if (p) {
+            const nonCached = Math.max(0, tokens.input - tokens.cached);
+            costUSD += nonCached * p.i + tokens.cached * p.cr + tokens.output * p.o;
+          }
+        }
+        for (const tc of msg.toolCalls ?? []) {
+          const tool = tc.name ?? "";
+          const input = tc.args ?? {};
+          const ts = msg.timestamp ?? "";
+          toolCalls.push({ tool, input, timestamp: ts });
+          if (ts > lastToolTs) lastToolTs = ts;
+          const toolLower = tool.toLowerCase();
+          if (toolLower === "write_file" || toolLower === "edit_file" || toolLower === "create_file" || toolLower === "overwrite_file") {
+            const fp = input.file_path ?? input.path ?? input.filename;
+            if (typeof fp === "string" && !seenFiles.has(fp)) {
+              seenFiles.add(fp);
+              modifiedFiles.push(fp);
+            }
+          }
+        }
+      }
+      const windowEnd = new Date(
+        Math.max(new Date(startTime).getTime(), lastToolTs ? new Date(lastToolTs).getTime() : 0) + 5 * 60 * 1e3
+      ).toISOString();
+      const blockedCalls = auditEntriesInWindow(allAuditEntries, startTime, windowEnd);
+      summaries.push({
+        sessionId: session.sessionId ?? chatFile.replace(".json", ""),
+        project: projectRoot,
+        projectLabel: projectLabel(projectRoot),
+        firstPrompt,
+        startTime,
+        toolCalls,
+        blockedCalls,
+        costUSD,
+        hasSnapshot: false,
+        modifiedFiles,
+        agent: "gemini"
+      });
+    }
+  }
+  return summaries;
+}
 function buildSessions(days, historyPath) {
   const hPath = historyPath ?? import_path37.default.join(import_os30.default.homedir(), ".claude", "history.jsonl");
   let historyRaw;
@@ -14749,9 +15111,13 @@ function buildSessions(days, historyPath) {
       blockedCalls,
       costUSD,
       hasSnapshot,
-      modifiedFiles
+      modifiedFiles,
+      agent: "claude"
     });
   }
+  if (!historyPath) {
+    summaries.push(...buildGeminiSessions(days, allAuditEntries));
+  }
   summaries.sort((a, b) => a.startTime > b.startTime ? -1 : 1);
   return summaries;
 }
@@ -14863,9 +15229,9 @@ function renderSummary(summaries) {
   const maxGroup = Math.max(...Object.values(groups));
   for (const [label, count] of Object.entries(groups)) {
     if (count === 0) continue;
-    const pct2 = totalTools > 0 ? Math.round(count / totalTools * 100) : 0;
+    const pct = totalTools > 0 ? Math.round(count / totalTools * 100) : 0;
     console.log(
-      "    " + label.padEnd(6) + "  " + colorBar2(count, maxGroup, W) + "  " + import_chalk22.default.white(String(count).padStart(4)) + import_chalk22.default.dim(` (${String(pct2)}%)`)
+      "    " + label.padEnd(6) + "  " + colorBar2(count, maxGroup, W) + "  " + import_chalk22.default.white(String(count).padStart(4)) + import_chalk22.default.dim(` (${String(pct)}%)`)
     );
   }
   console.log("");
@@ -14907,8 +15273,9 @@ function renderList(summaries, totalCost) {
     const cost = s.costUSD > 0 ? import_chalk22.default.dim("  " + fmtCost3(s.costUSD).padEnd(8)) : "          ";
     const blocked = s.blockedCalls.length > 0 ? import_chalk22.default.red("  \u{1F6D1} " + String(s.blockedCalls.length)) : "";
     const snap = s.hasSnapshot ? import_chalk22.default.green("  \u{1F4F8}") : "";
+    const agentBadge = s.agent === "gemini" ? import_chalk22.default.blue("  [Gemini]") : import_chalk22.default.cyan("  [Claude]");
     const sid = import_chalk22.default.dim("  " + s.sessionId.slice(0, 8));
-    console.log(`  ${timeStr}  ${prompt}  ${tools}${cost}${blocked}${snap}${sid}`);
+    console.log(`  ${timeStr}  ${prompt}  ${tools}${cost}${blocked}${snap}${agentBadge}${sid}`);
   }
   console.log("");
   console.log(
@@ -14923,6 +15290,10 @@ function renderDetail(s) {
     import_chalk22.default.bold("  Prompt   ") + import_chalk22.default.white(s.firstPrompt.replace(/\n/g, " ").slice(0, 120))
   );
   console.log(import_chalk22.default.bold("  Project  ") + import_chalk22.default.white(s.projectLabel));
+  if (s.agent) {
+    const agentLabel2 = s.agent === "gemini" ? import_chalk22.default.blue("Gemini CLI") : import_chalk22.default.cyan("Claude Code");
+    console.log(import_chalk22.default.bold("  Agent    ") + agentLabel2);
+  }
   console.log(import_chalk22.default.bold("  When     ") + import_chalk22.default.white(fmtDateTime(s.startTime)));
   if (s.costUSD > 0)
     console.log(import_chalk22.default.bold("  Cost     ") + import_chalk22.default.yellow("~" + fmtCost3(s.costUSD)));

package/dist/cli.mjs

@@ -97,7 +97,7 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
   const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
-  const testRun = isTestCall(toolName, args) ? { testRun: true } : {};
+  const testRun = isTestCall(toolName, args) || process.env.NODE9_TESTING === "1" ? { testRun: true } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,
@@ -8627,10 +8627,10 @@ function bold(s) {
 function color(c, s) {
   return `${c}${s}${RESET3}`;
 }
-function progressBar(pct2, warnAt = 70, critAt = 85) {
-  const filled = Math.round(Math.min(pct2, 100) / 100 * BAR_WIDTH);
+function progressBar(pct, warnAt = 70, critAt = 85) {
+  const filled = Math.round(Math.min(pct, 100) / 100 * BAR_WIDTH);
   const bar = BAR_FILLED.repeat(filled) + BAR_EMPTY.repeat(BAR_WIDTH - filled);
-  const c = pct2 >= critAt ? RED2 : pct2 >= warnAt ? YELLOW2 : GREEN2;
+  const c = pct >= critAt ? RED2 : pct >= warnAt ? YELLOW2 : GREEN2;
   return `${c}${bar}${RESET3}`;
 }
 function formatTimeLeft(resetsAt) {
@@ -8846,15 +8846,15 @@ function renderContextLine(stdin) {
   }
   const rl = stdin.rate_limits;
   if (rl?.five_hour?.used_percentage !== void 0) {
-    const pct2 = Math.round(rl.five_hour.used_percentage);
-    const bar = progressBar(pct2, 60, 80);
+    const pct = Math.round(rl.five_hour.used_percentage);
+    const bar = progressBar(pct, 60, 80);
     const left = formatTimeLeft(rl.five_hour.resets_at);
-    parts.push(`${dim("\u2502")} 5h ${bar} ${pct2}%${left}`);
+    parts.push(`${dim("\u2502")} 5h ${bar} ${pct}%${left}`);
   }
   if (rl?.seven_day?.used_percentage !== void 0) {
-    const pct2 = Math.round(rl.seven_day.used_percentage);
-    const bar = progressBar(pct2, 60, 80);
-    parts.push(`${dim("\u2502")} 7d ${bar} ${pct2}%`);
+    const pct = Math.round(rl.seven_day.used_percentage);
+    const bar = progressBar(pct, 60, 80);
+    parts.push(`${dim("\u2502")} 7d ${bar} ${pct}%`);
   }
   if (parts.length === 0) return null;
   return parts.join("  ");
@@ -11723,8 +11723,8 @@ function buildTestTimestamps(allEntries) {
   return testTs;
 }
 function isTestEntry(entry, testTs) {
-  if (entry.tool !== "Bash" && entry.tool !== "bash") return false;
   if (entry.testRun === true) return true;
+  if (entry.tool !== "Bash" && entry.tool !== "bash") return false;
   const cmd = entry.args?.command;
   if (typeof cmd === "string") return TEST_COMMAND_RE3.test(cmd);
   const t = new Date(entry.ts).getTime();
@@ -11782,10 +11782,6 @@ function colorBar(value, max, width) {
   const filled = Math.max(1, Math.round(max > 0 ? value / max * width : 0));
   return chalk9.cyan(s.slice(0, filled)) + chalk9.dim(s.slice(filled));
 }
-function pct(num3, total) {
-  if (total === 0) return "\u2013";
-  return Math.round(num3 / total * 100) + "%";
-}
 function fmtDate(d) {
   const date = typeof d === "string" ? /* @__PURE__ */ new Date(d + "T12:00:00") : d;
   return date.toLocaleDateString("en-US", { month: "short", day: "numeric" });
@@ -11956,9 +11952,12 @@ function registerReportCommand(program2) {
 `));
       return;
     }
-    let allowed = 0;
-    let blocked = 0;
-    let dlpHits = 0;
+    let userApproved = 0;
+    let userDenied = 0;
+    let timedOut = 0;
+    let hardBlocked = 0;
+    let dlpBlocked = 0;
+    let observeDlp = 0;
     let loopHits = 0;
     let testPasses = 0;
     let testFails = 0;
@@ -11971,9 +11970,16 @@ function registerReportCommand(program2) {
     for (const e of entries) {
       const allow = isAllow(e.decision);
       const dateKey = e.ts.slice(0, 10);
-      if (allow) allowed++;
-      else blocked++;
-      if (isDlp(e.checkedBy)) dlpHits++;
+      const userInteracted = e.source === "daemon";
+      if (userInteracted) {
+        if (allow) userApproved++;
+        else userDenied++;
+      } else if (!allow) {
+        if (e.checkedBy === "timeout") timedOut++;
+        else if (e.checkedBy === "observe-mode-dlp-would-block") observeDlp++;
+        else if (isDlp(e.checkedBy)) dlpBlocked++;
+        else if (e.checkedBy !== "loop-detected") hardBlocked++;
+      }
       if (e.checkedBy === "loop-detected") loopHits++;
       const t = toolMap.get(e.tool) ?? { calls: 0, blocked: 0 };
       t.calls++;
@@ -12024,25 +12030,84 @@ function registerReportCommand(program2) {
       "  " + chalk9.bold.cyan("\u{1F6E1} node9 Report") + chalk9.dim("  \xB7  ") + chalk9.white(periodLabel[period]) + chalk9.dim(`  ${fmtDate(start)} \u2013 ${fmtDate(end)}`) + chalk9.dim(`  ${num(total)} events`) + (excludeTests ? chalk9.dim(`  \u2013tests (\u2013${filteredTestCount})`) : "")
     );
     console.log("  " + line);
-    console.log("");
-    const blockLabel = blocked > 0 ? chalk9.red(`\u{1F6D1} ${num(blocked)} blocked`) : chalk9.dim("\u{1F6D1} 0 blocked");
-    const dlpLabel = dlpHits > 0 ? chalk9.yellow(`\u{1F6A8} ${dlpHits} DLP hits`) : chalk9.dim("\u{1F6A8} 0 DLP hits");
-    const loopLabel = loopHits > 0 ? chalk9.yellow(`\u{1F504} ${loopHits} loops`) : chalk9.dim("\u{1F504} 0 loops");
-    const currentRate = total > 0 ? blocked / total : 0;
+    const totalBlocked = timedOut + hardBlocked + dlpBlocked + loopHits + userDenied;
+    const currentRate = total > 0 ? totalBlocked / total : 0;
     const trendLabel = (() => {
-      if (priorBlockRate === null) return chalk9.dim(`${pct(blocked, total)} block rate`);
+      if (priorBlockRate === null) return "";
       const delta = Math.round((currentRate - priorBlockRate) * 100);
-      const arrow = delta > 0 ? chalk9.red(`\u25B2${delta}%`) : delta < 0 ? chalk9.green(`\u25BC${Math.abs(delta)}%`) : chalk9.dim("\u2013");
-      return chalk9.dim(`${pct(blocked, total)} block rate `) + arrow + chalk9.dim(" vs prior");
+      if (delta === 0) return "";
+      return "  " + (delta > 0 ? chalk9.red(`\u25B2${delta}%`) : chalk9.green(`\u25BC${Math.abs(delta)}%`)) + chalk9.dim(" vs prior");
     })();
     const reads = toolMap.get("Read")?.calls ?? 0;
     const edits = (toolMap.get("Edit")?.calls ?? 0) + (toolMap.get("Write")?.calls ?? 0);
     const ratioLabel = reads > 0 ? chalk9.dim(`edit/read ${(edits / reads).toFixed(1)}`) : chalk9.dim("edit/read \u2013");
     const testLabel = testPasses + testFails > 0 ? chalk9.dim("tests ") + chalk9.green(`${testPasses}\u2713`) + (testFails > 0 ? " " + chalk9.red(`${testFails}\u2717`) : "") : chalk9.dim("tests \u2013");
+    console.log("");
+    console.log("  " + chalk9.bold("Protection Summary"));
+    console.log("  " + chalk9.dim("\u2500".repeat(Math.min(50, W - 4))));
     console.log(
-      "  " + chalk9.green(`\u2705 ${num(allowed)} allowed`) + "   " + blockLabel + "   " + dlpLabel + "   " + loopLabel + "   " + trendLabel
+      "  " + chalk9.dim("Intercepted") + "  " + chalk9.white(num(total)) + chalk9.dim(" tool calls")
+    );
+    console.log("");
+    const COL1 = 18;
+    const summaryRow = (icon, label, count, note, colorFn = (s) => s) => {
+      const countStr = colorFn(num(count));
+      const noteStr = note ? chalk9.dim("   " + note) : "";
+      console.log("    " + icon + "  " + chalk9.white(label.padEnd(COL1)) + countStr + noteStr);
+    };
+    summaryRow(
+      userApproved > 0 ? chalk9.green("\u2705") : chalk9.dim("\u2705"),
+      "User approved",
+      userApproved,
+      userApproved === 0 ? "no popups this period" : void 0,
+      userApproved > 0 ? (s) => chalk9.green(s) : (s) => chalk9.dim(s)
+    );
+    summaryRow(
+      userDenied > 0 ? chalk9.red("\u{1F6AB}") : chalk9.dim("\u{1F6AB}"),
+      "User denied",
+      userDenied,
+      void 0,
+      userDenied > 0 ? (s) => chalk9.red(s) : (s) => chalk9.dim(s)
     );
-    console.log("  " + ratioLabel + "   " + testLabel);
+    summaryRow(
+      timedOut > 0 ? chalk9.yellow("\u23F1") : chalk9.dim("\u23F1"),
+      "Timed out",
+      timedOut,
+      timedOut > 0 ? "no approval response" : void 0,
+      timedOut > 0 ? (s) => chalk9.yellow(s) : (s) => chalk9.dim(s)
+    );
+    summaryRow(
+      hardBlocked > 0 ? chalk9.red("\u{1F6D1}") : chalk9.dim("\u{1F6D1}"),
+      "Auto-blocked",
+      hardBlocked,
+      void 0,
+      hardBlocked > 0 ? (s) => chalk9.red(s) : (s) => chalk9.dim(s)
+    );
+    summaryRow(
+      dlpBlocked > 0 ? chalk9.yellow("\u{1F6A8}") : chalk9.dim("\u{1F6A8}"),
+      "DLP blocked",
+      dlpBlocked,
+      void 0,
+      dlpBlocked > 0 ? (s) => chalk9.yellow(s) : (s) => chalk9.dim(s)
+    );
+    summaryRow(
+      observeDlp > 0 ? chalk9.blue("\u{1F441}") : chalk9.dim("\u{1F441}"),
+      "DLP (observe)",
+      observeDlp,
+      observeDlp > 0 ? "would-block in strict mode" : void 0,
+      observeDlp > 0 ? (s) => chalk9.blue(s) : (s) => chalk9.dim(s)
+    );
+    summaryRow(
+      loopHits > 0 ? chalk9.yellow("\u{1F504}") : chalk9.dim("\u{1F504}"),
+      "Loops detected",
+      loopHits,
+      void 0,
+      loopHits > 0 ? (s) => chalk9.yellow(s) : (s) => chalk9.dim(s)
+    );
+    if (trendLabel || ratioLabel || testPasses + testFails > 0) {
+      console.log("");
+      console.log("  " + ratioLabel + "   " + testLabel + trendLabel);
+    }
     console.log("");
     const toolHeaderRaw = "Top Tools";
     const blockHeaderRaw = "Top Blocks";
@@ -14223,6 +14288,22 @@ function claudeModelPrice2(model) {
   }
   return null;
 }
+var GEMINI_PRICING = {
+  "gemini-2.5-pro": { i: 125e-8, o: 1e-5, cr: 31e-8 },
+  "gemini-2.5-flash": { i: 15e-8, o: 6e-7, cr: 375e-10 },
+  "gemini-2.0-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 },
+  "gemini-1.5-pro": { i: 125e-8, o: 5e-6, cr: 3125e-10 },
+  "gemini-1.5-flash": { i: 75e-9, o: 3e-7, cr: 1875e-11 },
+  "gemini-3-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 }
+};
+function geminiModelPrice(model) {
+  const base = model.replace(/-preview$/, "").replace(/-exp$/, "").replace(/-\d{4}-\d{2}-\d{2}$/, "");
+  for (const [key, p] of Object.entries(GEMINI_PRICING)) {
+    if (base === key || base.startsWith(key)) return p;
+  }
+  if (base.includes("flash")) return GEMINI_PRICING["gemini-2.0-flash"];
+  return null;
+}
 function num2(n) {
   return n.toLocaleString();
 }
@@ -14365,7 +14446,8 @@ function scanClaudeHistory(startDate) {
                 redactedSample: dlpMatch.redactedSample,
                 toolName,
                 timestamp: entry.timestamp ?? "",
-                project: projLabel
+                project: projLabel,
+                agent: "claude"
               });
             }
           }
@@ -14384,7 +14466,135 @@ function scanClaudeHistory(startDate) {
                 toolName,
                 input,
                 timestamp: entry.timestamp ?? "",
-                project: projLabel
+                project: projLabel,
+                agent: "claude"
+              });
+            }
+            break;
+          }
+        }
+      }
+    }
+  }
+  return result;
+}
+function scanGeminiHistory(startDate) {
+  const tmpDir = path36.join(os29.homedir(), ".gemini", "tmp");
+  const result = {
+    filesScanned: 0,
+    sessions: 0,
+    totalToolCalls: 0,
+    bashCalls: 0,
+    findings: [],
+    dlpFindings: [],
+    totalCostUSD: 0,
+    firstDate: null,
+    lastDate: null
+  };
+  if (!fs33.existsSync(tmpDir)) return result;
+  let slugDirs;
+  try {
+    slugDirs = fs33.readdirSync(tmpDir);
+  } catch {
+    return result;
+  }
+  const ruleSources = buildRuleSources();
+  for (const slug of slugDirs) {
+    const slugPath = path36.join(tmpDir, slug);
+    try {
+      if (!fs33.statSync(slugPath).isDirectory()) continue;
+    } catch {
+      continue;
+    }
+    let projLabel = slug;
+    try {
+      projLabel = fs33.readFileSync(path36.join(slugPath, ".project_root"), "utf-8").trim().replace(os29.homedir(), "~").slice(0, 40);
+    } catch {
+    }
+    const chatsDir = path36.join(slugPath, "chats");
+    if (!fs33.existsSync(chatsDir)) continue;
+    let chatFiles;
+    try {
+      chatFiles = fs33.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
+    } catch {
+      continue;
+    }
+    for (const chatFile of chatFiles) {
+      result.filesScanned++;
+      let raw;
+      try {
+        raw = fs33.readFileSync(path36.join(chatsDir, chatFile), "utf-8");
+      } catch {
+        continue;
+      }
+      let session;
+      try {
+        session = JSON.parse(raw);
+      } catch {
+        continue;
+      }
+      result.sessions++;
+      for (const msg of session.messages ?? []) {
+        if (msg.type !== "gemini") continue;
+        if (startDate && msg.timestamp && new Date(msg.timestamp) < startDate) continue;
+        if (msg.timestamp) {
+          if (!result.firstDate || msg.timestamp < result.firstDate)
+            result.firstDate = msg.timestamp;
+          if (!result.lastDate || msg.timestamp > result.lastDate) result.lastDate = msg.timestamp;
+        }
+        const tokens = msg.tokens;
+        const model = msg.model;
+        if (tokens && model) {
+          const p = geminiModelPrice(model);
+          if (p) {
+            const nonCached = Math.max(0, tokens.input - tokens.cached);
+            result.totalCostUSD += nonCached * p.i + tokens.cached * p.cr + tokens.output * p.o;
+          }
+        }
+        for (const tc of msg.toolCalls ?? []) {
+          result.totalToolCalls++;
+          const toolName = tc.name ?? "";
+          const toolNameLower = toolName.toLowerCase();
+          const input = tc.args ?? {};
+          if (toolNameLower === "run_shell_command" || toolNameLower === "shell") {
+            result.bashCalls++;
+          }
+          const rawCmd = String(input.command ?? "").trimStart();
+          if (/^node9\s+(scan|explain|report|tail|dlp|status|sessions|audit)\b/.test(rawCmd))
+            continue;
+          const dlpMatch = scanArgs(input);
+          if (dlpMatch) {
+            const isDupe = result.dlpFindings.some(
+              (f) => f.patternName === dlpMatch.patternName && f.redactedSample === dlpMatch.redactedSample && f.project === projLabel
+            );
+            if (!isDupe) {
+              result.dlpFindings.push({
+                patternName: dlpMatch.patternName,
+                redactedSample: dlpMatch.redactedSample,
+                toolName,
+                timestamp: msg.timestamp ?? "",
+                project: projLabel,
+                agent: "gemini"
+              });
+            }
+          }
+          for (const source of ruleSources) {
+            const { rule } = source;
+            if (rule.verdict === "allow") continue;
+            if (rule.tool && !matchesPattern(toolNameLower, rule.tool)) continue;
+            if (!evaluateSmartConditions(input, rule)) continue;
+            const inputPreview = preview(input, 120);
+            const isDupe = result.findings.some(
+              (f) => f.source.rule.name === rule.name && preview(f.input, 120) === inputPreview && f.project === projLabel
+            );
+            if (!isDupe) {
+              result.findings.push({
+                source,
+                toolName,
+                input,
+                timestamp: msg.timestamp ?? "",
+                project: projLabel,
+                agent: "gemini"
               });
             }
             break;
@@ -14395,6 +14605,21 @@ function scanClaudeHistory(startDate) {
   }
   return result;
 }
+function mergeScans(a, b) {
+  const dates = [a.firstDate, b.firstDate].filter(Boolean);
+  const lastDates = [a.lastDate, b.lastDate].filter(Boolean);
+  return {
+    filesScanned: a.filesScanned + b.filesScanned,
+    sessions: a.sessions + b.sessions,
+    totalToolCalls: a.totalToolCalls + b.totalToolCalls,
+    bashCalls: a.bashCalls + b.bashCalls,
+    findings: [...a.findings, ...b.findings],
+    dlpFindings: [...a.dlpFindings, ...b.dlpFindings],
+    totalCostUSD: a.totalCostUSD + b.totalCostUSD,
+    firstDate: dates.length ? dates.sort()[0] : null,
+    lastDate: lastDates.length ? lastDates.sort().at(-1) : null
+  };
+}
 function registerScanCommand(program2) {
   program2.command("scan").description("Forecast: scan agent history and show what node9 would catch if installed").option("--all", "Scan all history (default: last 90 days)").option("--days <n>", "Scan last N days of history", "90").option("--top <n>", "Max findings to show per shield", "5").action((options) => {
     const topN = Math.max(1, parseInt(options.top, 10) || 5);
@@ -14407,23 +14632,25 @@ function registerScanCommand(program2) {
     console.log("");
     console.log(chalk21.cyan.bold("\u{1F50D}  node9 scan") + chalk21.dim("  \u2014 what would node9 catch?"));
     console.log("");
-    const projectsDir = path36.join(os29.homedir(), ".claude", "projects");
-    if (!fs33.existsSync(projectsDir)) {
-      console.log(chalk21.yellow("  No Claude history found at ~/.claude/projects/"));
-      console.log(chalk21.gray("  Install Claude Code, run a few sessions, then try again.\n"));
-      return;
-    }
     process.stdout.write(chalk21.dim("  Scanning\u2026"));
-    const scan = scanClaudeHistory(startDate);
+    const claudeScan = scanClaudeHistory(startDate);
+    const geminiScan = scanGeminiHistory(startDate);
+    const scan = mergeScans(claudeScan, geminiScan);
     process.stdout.write("\r" + " ".repeat(20) + "\r");
     if (scan.filesScanned === 0) {
-      console.log(chalk21.yellow("  No JSONL session files found.\n"));
+      console.log(chalk21.yellow("  No session history found."));
+      console.log(
+        chalk21.gray(
+          "  Supported: Claude Code (~/.claude/projects/) \xB7 Gemini CLI (~/.gemini/tmp/)\n"
+        )
+      );
       return;
     }
     const rangeLabel = options.all ? chalk21.dim("all time") : chalk21.dim(`last ${options.days ?? 90} days`);
     const dateRange = scan.firstDate && scan.lastDate ? chalk21.dim(`  ${fmtTs(scan.firstDate)} \u2013 ${fmtTs(scan.lastDate)}`) : "";
+    const sessionBreakdown = claudeScan.sessions > 0 && geminiScan.sessions > 0 ? chalk21.dim("(") + chalk21.cyan(String(claudeScan.sessions)) + chalk21.dim(" Claude \xB7 ") + chalk21.blue(String(geminiScan.sessions)) + chalk21.dim(" Gemini)") : "";
     console.log(
-      "  " + chalk21.white(num2(scan.sessions)) + chalk21.dim(" sessions  ") + chalk21.white(num2(scan.totalToolCalls)) + chalk21.dim(" tool calls  ") + chalk21.white(num2(scan.bashCalls)) + chalk21.dim(" bash commands  ") + rangeLabel + dateRange
+      "  " + chalk21.white(num2(scan.sessions)) + chalk21.dim(" sessions  ") + sessionBreakdown + (sessionBreakdown ? "  " : "") + chalk21.white(num2(scan.totalToolCalls)) + chalk21.dim(" tool calls  ") + chalk21.white(num2(scan.bashCalls)) + chalk21.dim(" bash commands  ") + rangeLabel + dateRange
     );
     console.log("");
     const byShield = /* @__PURE__ */ new Map();
@@ -14475,8 +14702,9 @@ function registerScanCommand(program2) {
             for (const f of shown) {
               const ts = f.timestamp ? chalk21.dim(fmtTs(f.timestamp) + "  ") : "";
               const proj = chalk21.dim(f.project.slice(0, 22).padEnd(22) + "  ");
-              const cmd = chalk21.gray(preview(f.input, 55));
-              console.log(`      ${ts}${proj}${cmd}`);
+              const agentBadge = f.agent === "gemini" ? chalk21.blue("[Gemini]  ") : chalk21.cyan("[Claude]  ");
+              const cmd = chalk21.gray(preview(f.input, 45));
+              console.log(`      ${ts}${proj}${agentBadge}${cmd}`);
             }
             if (ruleFindings.length > topN) {
               console.log(
@@ -14500,8 +14728,9 @@ function registerScanCommand(program2) {
         for (const f of shownDlp) {
           const ts = f.timestamp ? chalk21.dim(fmtTs(f.timestamp) + "  ") : "";
           const proj = chalk21.dim(f.project.slice(0, 22).padEnd(22) + "  ");
+          const agentBadge = f.agent === "gemini" ? chalk21.blue("[Gemini]  ") : chalk21.cyan("[Claude]  ");
           console.log(
-            `    ${ts}${proj}` + chalk21.yellow(f.patternName) + chalk21.dim("  ") + chalk21.gray(f.redactedSample)
+            `    ${ts}${proj}${agentBadge}` + chalk21.yellow(f.patternName) + chalk21.dim("  ") + chalk21.gray(f.redactedSample)
           );
         }
         if (scan.dlpFindings.length > topN) {
@@ -14516,7 +14745,7 @@ function registerScanCommand(program2) {
     }
     if (scan.totalCostUSD > 0) {
       console.log(
-        "  " + chalk21.bold("Claude spend:") + "  " + chalk21.yellow(fmtCost2(scan.totalCostUSD)) + chalk21.dim("  (for per-period breakdown: node9 report)")
+        "  " + chalk21.bold("Agent spend:") + "  " + chalk21.yellow(fmtCost2(scan.totalCostUSD)) + chalk21.dim("  (for per-period breakdown: node9 report)")
       );
       console.log("");
     }
@@ -14560,6 +14789,22 @@ function modelPrice(model) {
   }
   return null;
 }
+var GEMINI_PRICING2 = {
+  "gemini-2.5-pro": { i: 125e-8, o: 1e-5, cr: 31e-8 },
+  "gemini-2.5-flash": { i: 15e-8, o: 6e-7, cr: 375e-10 },
+  "gemini-2.0-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 },
+  "gemini-1.5-pro": { i: 125e-8, o: 5e-6, cr: 3125e-10 },
+  "gemini-1.5-flash": { i: 75e-9, o: 3e-7, cr: 1875e-11 },
+  "gemini-3-flash": { i: 1e-7, o: 4e-7, cr: 25e-9 }
+};
+function geminiModelPrice2(model) {
+  const base = model.replace(/-preview$/, "").replace(/-exp$/, "").replace(/-\d{4}-\d{2}-\d{2}$/, "");
+  for (const [key, p] of Object.entries(GEMINI_PRICING2)) {
+    if (base === key || base.startsWith(key)) return p;
+  }
+  if (base.includes("flash")) return GEMINI_PRICING2["gemini-2.0-flash"];
+  return null;
+}
 function encodeProjectPath(projectPath) {
   return projectPath.replace(/\//g, "-");
 }
@@ -14675,6 +14920,123 @@ function auditEntriesInWindow(entries, windowStart, windowEnd) {
   }
   return result;
 }
+function buildGeminiSessions(days, allAuditEntries) {
+  const tmpDir = path37.join(os30.homedir(), ".gemini", "tmp");
+  if (!fs34.existsSync(tmpDir)) return [];
+  const cutoff = days !== null ? (() => {
+    const d = /* @__PURE__ */ new Date();
+    d.setDate(d.getDate() - days);
+    d.setHours(0, 0, 0, 0);
+    return d;
+  })() : null;
+  let slugDirs;
+  try {
+    slugDirs = fs34.readdirSync(tmpDir);
+  } catch {
+    return [];
+  }
+  const summaries = [];
+  for (const slug of slugDirs) {
+    const slugPath = path37.join(tmpDir, slug);
+    try {
+      if (!fs34.statSync(slugPath).isDirectory()) continue;
+    } catch {
+      continue;
+    }
+    let projectRoot = path37.join(os30.homedir(), slug);
+    try {
+      projectRoot = fs34.readFileSync(path37.join(slugPath, ".project_root"), "utf-8").trim();
+    } catch {
+    }
+    const chatsDir = path37.join(slugPath, "chats");
+    if (!fs34.existsSync(chatsDir)) continue;
+    let chatFiles;
+    try {
+      chatFiles = fs34.readdirSync(chatsDir).filter((f) => f.endsWith(".json"));
+    } catch {
+      continue;
+    }
+    for (const chatFile of chatFiles) {
+      let raw;
+      try {
+        raw = fs34.readFileSync(path37.join(chatsDir, chatFile), "utf-8");
+      } catch {
+        continue;
+      }
+      let session;
+      try {
+        session = JSON.parse(raw);
+      } catch {
+        continue;
+      }
+      const startTime = session.startTime ?? "";
+      if (!startTime) continue;
+      if (cutoff && new Date(startTime) < cutoff) continue;
+      let firstPrompt = "";
+      for (const msg of session.messages ?? []) {
+        if (msg.type === "user") {
+          const content = msg.content;
+          if (Array.isArray(content) && content[0]?.text) {
+            firstPrompt = content[0].text;
+          } else if (typeof content === "string") {
+            firstPrompt = content;
+          }
+          break;
+        }
+      }
+      const toolCalls = [];
+      let costUSD = 0;
+      const modifiedFiles = [];
+      const seenFiles = /* @__PURE__ */ new Set();
+      let lastToolTs = "";
+      for (const msg of session.messages ?? []) {
+        if (msg.type !== "gemini") continue;
+        const tokens = msg.tokens;
+        const model = msg.model;
+        if (tokens && model) {
+          const p = geminiModelPrice2(model);
+          if (p) {
+            const nonCached = Math.max(0, tokens.input - tokens.cached);
+            costUSD += nonCached * p.i + tokens.cached * p.cr + tokens.output * p.o;
+          }
+        }
+        for (const tc of msg.toolCalls ?? []) {
+          const tool = tc.name ?? "";
+          const input = tc.args ?? {};
+          const ts = msg.timestamp ?? "";
+          toolCalls.push({ tool, input, timestamp: ts });
+          if (ts > lastToolTs) lastToolTs = ts;
+          const toolLower = tool.toLowerCase();
+          if (toolLower === "write_file" || toolLower === "edit_file" || toolLower === "create_file" || toolLower === "overwrite_file") {
+            const fp = input.file_path ?? input.path ?? input.filename;
+            if (typeof fp === "string" && !seenFiles.has(fp)) {
+              seenFiles.add(fp);
+              modifiedFiles.push(fp);
+            }
+          }
+        }
+      }
+      const windowEnd = new Date(
+        Math.max(new Date(startTime).getTime(), lastToolTs ? new Date(lastToolTs).getTime() : 0) + 5 * 60 * 1e3
+      ).toISOString();
+      const blockedCalls = auditEntriesInWindow(allAuditEntries, startTime, windowEnd);
+      summaries.push({
+        sessionId: session.sessionId ?? chatFile.replace(".json", ""),
+        project: projectRoot,
+        projectLabel: projectLabel(projectRoot),
+        firstPrompt,
+        startTime,
+        toolCalls,
+        blockedCalls,
+        costUSD,
+        hasSnapshot: false,
+        modifiedFiles,
+        agent: "gemini"
+      });
+    }
+  }
+  return summaries;
+}
 function buildSessions(days, historyPath) {
   const hPath = historyPath ?? path37.join(os30.homedir(), ".claude", "history.jsonl");
   let historyRaw;
@@ -14725,9 +15087,13 @@ function buildSessions(days, historyPath) {
       blockedCalls,
       costUSD,
       hasSnapshot,
-      modifiedFiles
+      modifiedFiles,
+      agent: "claude"
     });
   }
+  if (!historyPath) {
+    summaries.push(...buildGeminiSessions(days, allAuditEntries));
+  }
   summaries.sort((a, b) => a.startTime > b.startTime ? -1 : 1);
   return summaries;
 }
@@ -14839,9 +15205,9 @@ function renderSummary(summaries) {
   const maxGroup = Math.max(...Object.values(groups));
   for (const [label, count] of Object.entries(groups)) {
     if (count === 0) continue;
-    const pct2 = totalTools > 0 ? Math.round(count / totalTools * 100) : 0;
+    const pct = totalTools > 0 ? Math.round(count / totalTools * 100) : 0;
     console.log(
-      "    " + label.padEnd(6) + "  " + colorBar2(count, maxGroup, W) + "  " + chalk22.white(String(count).padStart(4)) + chalk22.dim(` (${String(pct2)}%)`)
+      "    " + label.padEnd(6) + "  " + colorBar2(count, maxGroup, W) + "  " + chalk22.white(String(count).padStart(4)) + chalk22.dim(` (${String(pct)}%)`)
     );
   }
   console.log("");
@@ -14883,8 +15249,9 @@ function renderList(summaries, totalCost) {
     const cost = s.costUSD > 0 ? chalk22.dim("  " + fmtCost3(s.costUSD).padEnd(8)) : "          ";
     const blocked = s.blockedCalls.length > 0 ? chalk22.red("  \u{1F6D1} " + String(s.blockedCalls.length)) : "";
     const snap = s.hasSnapshot ? chalk22.green("  \u{1F4F8}") : "";
+    const agentBadge = s.agent === "gemini" ? chalk22.blue("  [Gemini]") : chalk22.cyan("  [Claude]");
     const sid = chalk22.dim("  " + s.sessionId.slice(0, 8));
-    console.log(`  ${timeStr}  ${prompt}  ${tools}${cost}${blocked}${snap}${sid}`);
+    console.log(`  ${timeStr}  ${prompt}  ${tools}${cost}${blocked}${snap}${agentBadge}${sid}`);
   }
   console.log("");
   console.log(
@@ -14899,6 +15266,10 @@ function renderDetail(s) {
     chalk22.bold("  Prompt   ") + chalk22.white(s.firstPrompt.replace(/\n/g, " ").slice(0, 120))
   );
   console.log(chalk22.bold("  Project  ") + chalk22.white(s.projectLabel));
+  if (s.agent) {
+    const agentLabel2 = s.agent === "gemini" ? chalk22.blue("Gemini CLI") : chalk22.cyan("Claude Code");
+    console.log(chalk22.bold("  Agent    ") + agentLabel2);
+  }
   console.log(chalk22.bold("  When     ") + chalk22.white(fmtDateTime(s.startTime)));
   if (s.costUSD > 0)
     console.log(chalk22.bold("  Cost     ") + chalk22.yellow("~" + fmtCost3(s.costUSD)));

package/dist/index.js

@@ -116,7 +116,7 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
   const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
-  const testRun = isTestCall(toolName, args) ? { testRun: true } : {};
+  const testRun = isTestCall(toolName, args) || process.env.NODE9_TESTING === "1" ? { testRun: true } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,

package/dist/index.mjs

@@ -96,7 +96,7 @@ function appendHookDebug(toolName, args, meta, auditHashArgsEnabled) {
 }
 function appendLocalAudit(toolName, args, decision, checkedBy, meta, auditHashArgsEnabled) {
   const argsField = auditHashArgsEnabled ? { argsHash: hashArgs(args) } : { args: args ? JSON.parse(redactSecrets(JSON.stringify(args))) : {} };
-  const testRun = isTestCall(toolName, args) ? { testRun: true } : {};
+  const testRun = isTestCall(toolName, args) || process.env.NODE9_TESTING === "1" ? { testRun: true } : {};
   appendToLog(LOCAL_AUDIT_LOG, {
     ts: (/* @__PURE__ */ new Date()).toISOString(),
     tool: toolName,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@node9/proxy",
-  "version": "1.11.2",
+  "version": "1.11.3",
   "description": "The Sudo Command for AI Agents. Execution Security for Claude Code & MCP.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",