@nuanu-ai/agentbrowse 0.2.47 → 0.2.49

package/dist/secrets/form-matcher.js

@@ -3,6 +3,7 @@ import { AgentpayStagehandLlmClient } from '../agentpay-stagehand-llm.js';
 import { tryResolveAgentpayGatewayConfig } from '../agentpay-gateway.js';
 import { IDENTITY_FIELD_KEYS, LOGIN_FIELD_KEYS, PAYMENT_CARD_FIELD_KEYS } from './types.js';
 import { normalizeProtectedBindingValueHint, protectedBindingKey, protectedBindingValueHintSchema, } from './protected-bindings.js';
+import { inferProtectedFieldMeaningFromTarget } from './protected-field-semantics.js';
 const PROMPT_VALUE_MAX_CHARS = 180;
 const PROMPT_SIGNAL_MAX_CHARS = 220;
 const PROMPT_SIGNAL_MAX_VALUES = 8;
@@ -12,16 +13,23 @@ const PAYMENT_CARD_CORE_FIELD_KEYS = new Set([
     'exp_year',
     'cvv',
 ]);
-const PAYMENT_CARD_CORE_SIGNAL_RE = /\b(card number|card no|cc-number|cc number|expiration|expiry|exp(?:iry)? date|mm\s*\/\s*yy|security code|cvv|cvc)\b/i;
-const PAYMENT_CARD_NAME_SIGNAL_RE = /\b(cardholder|card holder|name on card|cardholder name|full name)\b/i;
+const EXPLICIT_PAYMENT_CARD_CORE_FIELD_KEYS = new Set(['pan', 'cvv']);
+const IDENTITY_ANCHOR_FIELD_KEYS = new Set([
+    'document_number',
+    'date_of_birth',
+    'nationality',
+    'issuing_country',
+]);
+const IDENTITY_SUPPLEMENTAL_FIELD_KEYS = new Set([
+    'issue_date',
+    'expiry_date',
+]);
+const IDENTITY_NAME_FIELD_KEYS = new Set(['full_name']);
 const EXPLICIT_PAYMENT_CARD_NAME_SIGNAL_RE = /\b(cardholder|card holder|name on card|cardholder name)\b/i;
 const PAYMENT_CARD_PAN_SIGNAL_RE = /\b(card number|card no|cc-number|cc number)\b/i;
-const PAYMENT_CARD_EXP_SIGNAL_RE = /\b(expiration|expiry|exp(?:iry)? date|exp date|mm\s*\/\s*yy|mmyy|mm\/yy)\b/i;
 const PAYMENT_CARD_CVV_SIGNAL_RE = /\b(security code|cvv|cvc)\b/i;
 const STRONG_PAYMENT_CARD_EXP_SIGNAL_RE = /\b(mm\s*\/\s*yy|mmyy|card exp(?:iry)?|card expiration|cc-exp)\b/i;
-const IDENTITY_ANCHOR_SIGNAL_RE = /\b(passport|document(?: number| no)?|id(?: number| no)?|identity(?: number)?|nationality|citizenship|date of birth|birth date|dob|issuing country|country of issue|country\/region of issue|issuing state)\b/i;
-const IDENTITY_NAME_SIGNAL_RE = /\b(first name|last name|given name|family name|surname|full name|middle name|forename)\b/i;
-const IDENTITY_SUPPLEMENTAL_SIGNAL_RE = /\b(issue date|date of issue|expiry date|expiration date|date of expiry)\b/i;
+const GENERIC_SHELL_SELECTOR_ROOTS = new Set(['#__next', '#root', '#app', '#app-root']);
 const protectedFormPlanSchema = z.object({
     confidence: z.enum(['high', 'medium', 'low']),
     bindings: z
@@ -66,6 +74,23 @@ function selectorSignalFragments(selector) {
     }
     return fragments;
 }
+function selectorRootOf(target) {
+    const selectors = [
+        target.context?.item?.selector,
+        target.context?.container?.selector,
+        target.context?.landmark?.selector,
+    ].filter((value) => typeof value === 'string' && value.length > 0);
+    for (const selector of selectors) {
+        for (const match of selector.matchAll(/#[A-Za-z0-9_-]+/g)) {
+            const candidate = match[0]?.trim().toLowerCase();
+            if (!candidate || GENERIC_SHELL_SELECTOR_ROOTS.has(candidate)) {
+                continue;
+            }
+            return match[0];
+        }
+    }
+    return null;
+}
 function signalValuesOf(target) {
     const values = new Set();
     const push = (value) => {
@@ -99,115 +124,43 @@ function signalValuesOf(target) {
     }
     return [...values];
 }
-function localSignalValuesOf(target) {
+function directFieldSignalValuesOf(target) {
     const values = new Set();
     const push = (value) => {
         const normalized = normalizeText(value);
         if (normalized) {
-            values.add(normalized.length > PROMPT_SIGNAL_MAX_CHARS
-                ? `${normalized.slice(0, PROMPT_SIGNAL_MAX_CHARS - 1)}…`
-                : normalized);
+            values.add(normalized);
         }
     };
     push(target.label);
     push(target.displayLabel);
-    push(target.kind);
-    push(target.semantics?.role);
-    push(target.semantics?.name);
     push(target.placeholder);
     push(target.inputName);
     push(target.inputType);
     push(target.autocomplete);
-    for (const candidate of target.locatorCandidates) {
-        push(candidate.name);
-        if (candidate.strategy === 'css' || candidate.strategy === 'xpath') {
-            push(candidate.value);
-            for (const fragment of selectorSignalFragments(candidate.value)) {
-                push(fragment);
-            }
-            continue;
-        }
-        if (candidate.strategy === 'label' ||
-            candidate.strategy === 'placeholder' ||
-            candidate.strategy === 'title') {
-            push(candidate.value);
-        }
-    }
+    push(target.semantics?.name);
     return [...values];
 }
+function targetHasInferredProtectedMeaning(target, kind, fieldKeys) {
+    return inferProtectedFieldMeaningFromTarget(target).some((hint) => {
+        if (hint.kind !== kind) {
+            return false;
+        }
+        return !fieldKeys || fieldKeys.has(hint.fieldKey);
+    });
+}
 function targetLooksLikePaymentCardCore(target) {
-    const autocomplete = normalizeText(target.autocomplete);
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (autocomplete.includes('cc-number') ||
-        autocomplete.includes('cc-exp') ||
-        autocomplete.includes('cc-csc')) {
-        return true;
-    }
-    if (signals.some((signal) => PAYMENT_CARD_CORE_SIGNAL_RE.test(signal))) {
-        return true;
-    }
-    return /\b(card(number)?|expiry|exp|cvc|cvv)\b/.test(inputName);
+    return targetHasInferredProtectedMeaning(target, 'payment_card', PAYMENT_CARD_CORE_FIELD_KEYS);
 }
 function targetLooksRelevantToPaymentCard(target) {
-    if (targetLooksLikePaymentCardCore(target)) {
-        return true;
-    }
-    const autocomplete = normalizeText(target.autocomplete);
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (autocomplete.includes('cc-name')) {
-        return true;
-    }
-    if (PAYMENT_CARD_NAME_SIGNAL_RE.test(normalizeText(target.label))) {
-        return true;
-    }
-    if (signals.some((signal) => PAYMENT_CARD_NAME_SIGNAL_RE.test(signal))) {
-        return true;
-    }
-    return /\b(cardholder|card-holder|cc-name)\b/.test(inputName);
+    return (targetLooksLikeExplicitPaymentCardTarget(target) ||
+        targetLooksLikePaymentCardCore(target) ||
+        targetHasInferredProtectedMeaning(target, 'payment_card'));
 }
 function deterministicPaymentCardFieldKeysForTarget(target) {
-    const autocomplete = normalizeText(target.autocomplete);
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (autocomplete.includes('cc-number')) {
-        return ['pan'];
-    }
-    if (autocomplete.includes('cc-exp')) {
-        return ['exp_month', 'exp_year'];
-    }
-    if (autocomplete.includes('cc-csc')) {
-        return ['cvv'];
-    }
-    if (autocomplete.includes('cc-name')) {
-        return ['cardholder'];
-    }
-    if (signals.some((signal) => PAYMENT_CARD_PAN_SIGNAL_RE.test(signal))) {
-        return ['pan'];
-    }
-    if (signals.some((signal) => PAYMENT_CARD_EXP_SIGNAL_RE.test(signal))) {
-        return ['exp_month', 'exp_year'];
-    }
-    if (signals.some((signal) => PAYMENT_CARD_CVV_SIGNAL_RE.test(signal))) {
-        return ['cvv'];
-    }
-    if (signals.some((signal) => PAYMENT_CARD_NAME_SIGNAL_RE.test(signal))) {
-        return ['cardholder'];
-    }
-    if (/\b(card(number)?|cc-?number)\b/.test(inputName)) {
-        return ['pan'];
-    }
-    if (/\b(exp|expiry|expiration)\b/.test(inputName)) {
-        return ['exp_month', 'exp_year'];
-    }
-    if (/\b(cvv|cvc|security)\b/.test(inputName)) {
-        return ['cvv'];
-    }
-    if (/\b(cardholder|card-holder|cc-name)\b/.test(inputName)) {
-        return ['cardholder'];
-    }
-    return [];
+    return inferProtectedFieldMeaningFromTarget(target)
+        .filter((hint) => hint.kind === 'payment_card')
+        .map((hint) => hint.fieldKey);
 }
 function deterministicPaymentCardPlan(plannerGroup, fullGroup) {
     const fieldTargets = new Map();
@@ -266,30 +219,15 @@ function deterministicPaymentCardPlan(plannerGroup, fullGroup) {
 function targetLooksLikeExplicitPaymentCardTarget(target) {
     const autocomplete = normalizeText(target.autocomplete);
     const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
+    const signals = directFieldSignalValuesOf(target);
     const frameKey = normalizeText(frameKeyOf(target) ?? undefined);
-    if (autocomplete.includes('cc-number') ||
-        autocomplete.includes('cc-exp') ||
-        autocomplete.includes('cc-csc') ||
-        autocomplete.includes('cc-name')) {
-        return true;
-    }
-    if (signals.some((signal) => PAYMENT_CARD_PAN_SIGNAL_RE.test(signal))) {
-        return true;
-    }
-    if (signals.some((signal) => PAYMENT_CARD_CVV_SIGNAL_RE.test(signal))) {
+    if (targetLooksLikeExplicitPaymentCardCoreTarget(target) || autocomplete.includes('cc-name')) {
         return true;
     }
     if (signals.some((signal) => EXPLICIT_PAYMENT_CARD_NAME_SIGNAL_RE.test(signal))) {
         return true;
     }
-    if (signals.some((signal) => STRONG_PAYMENT_CARD_EXP_SIGNAL_RE.test(signal))) {
-        return true;
-    }
-    if (/\b(card(number)?|cc-?number|cardholder|card-holder|cc-name|cvv|cvc|security)\b/.test(inputName)) {
-        return true;
-    }
-    if (/\bcc[-_ ]?exp\b/.test(inputName)) {
+    if (/\b(cardholder|card-holder|cc-name)\b/.test(inputName)) {
         return true;
     }
     return /\bcard[-_ ]?(number|expiry|exp|cvc|cvv|security|holder)\b/.test(frameKey);
@@ -297,13 +235,16 @@ function targetLooksLikeExplicitPaymentCardTarget(target) {
 function targetLooksLikeExplicitPaymentCardCoreTarget(target) {
     const autocomplete = normalizeText(target.autocomplete);
     const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
+    const signals = directFieldSignalValuesOf(target);
     const frameKey = normalizeText(frameKeyOf(target) ?? undefined);
     if (autocomplete.includes('cc-number') ||
         autocomplete.includes('cc-exp') ||
         autocomplete.includes('cc-csc')) {
         return true;
     }
+    if (targetHasInferredProtectedMeaning(target, 'payment_card', EXPLICIT_PAYMENT_CARD_CORE_FIELD_KEYS)) {
+        return true;
+    }
     if (signals.some((signal) => PAYMENT_CARD_PAN_SIGNAL_RE.test(signal))) {
         return true;
     }
@@ -322,38 +263,172 @@ function targetLooksLikeExplicitPaymentCardCoreTarget(target) {
     return /\bcard[-_ ]?(number|expiry|exp|cvc|cvv|security)\b/.test(frameKey);
 }
 function targetLooksLikeIdentityAnchorTarget(target) {
-    const autocomplete = normalizeText(target.autocomplete);
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (autocomplete.includes('bday')) {
-        return true;
+    return targetHasInferredProtectedMeaning(target, 'identity', IDENTITY_ANCHOR_FIELD_KEYS);
+}
+function targetLooksLikeIdentitySupplementalTarget(target) {
+    if (targetLooksLikeExplicitPaymentCardTarget(target)) {
+        return false;
     }
-    if (/\b(passport|document|identity|nationality|citizenship|birth|dob|issuing)\b/.test(inputName)) {
-        return true;
+    return targetHasInferredProtectedMeaning(target, 'identity', IDENTITY_SUPPLEMENTAL_FIELD_KEYS);
+}
+function targetLooksLikeIdentityNameTarget(target) {
+    if (targetLooksLikeExplicitPaymentCardTarget(target)) {
+        return false;
     }
-    return signals.some((signal) => IDENTITY_ANCHOR_SIGNAL_RE.test(signal));
+    return targetHasInferredProtectedMeaning(target, 'identity', IDENTITY_NAME_FIELD_KEYS);
 }
-function targetLooksLikeIdentitySupplementalTarget(target) {
+function targetLooksLikePotentialIdentityNameTarget(target) {
     if (targetLooksLikeExplicitPaymentCardTarget(target)) {
         return false;
     }
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (/\b(issue|expiry|expiration)(?:_?date)?\b/.test(inputName)) {
+    if (targetLooksLikeIdentityNameTarget(target)) {
         return true;
     }
-    return signals.some((signal) => IDENTITY_SUPPLEMENTAL_SIGNAL_RE.test(signal));
+    const signals = directFieldSignalValuesOf(target);
+    return signals.some((signal) => /\b(full name|first name|given name|middle name|last name|family name|surname|forename)\b/.test(signal));
 }
-function targetLooksLikeIdentityNameTarget(target) {
+function targetLooksLikePotentialIdentityDobPartTarget(target) {
     if (targetLooksLikeExplicitPaymentCardTarget(target)) {
         return false;
     }
-    const inputName = normalizeText(target.inputName);
-    const signals = localSignalValuesOf(target);
-    if (/\b(first|last|given|family|surname|forename|middle|full)_?name\b/.test(inputName)) {
-        return true;
+    if (!(target.controlFamily === 'select' ||
+        target.controlFamily === 'datepicker' ||
+        target.kind === 'select' ||
+        target.allowedActions.includes('select'))) {
+        return false;
+    }
+    const signals = directFieldSignalValuesOf(target);
+    return signals.some((signal) => /\b(day|month|year)\b/.test(signal));
+}
+function deterministicIdentityBindingsForTarget(target) {
+    return inferProtectedFieldMeaningFromTarget(target)
+        .filter((hint) => hint.kind === 'identity')
+        .map((hint) => ({
+        fieldKey: hint.fieldKey,
+        valueHint: hint.valueHint,
+    }));
+}
+function deterministicIdentityPlan(plannerGroup, fullGroup) {
+    const fieldTargets = new Map();
+    for (const target of plannerGroup.targets) {
+        for (const binding of deterministicIdentityBindingsForTarget(target)) {
+            const key = protectedBindingKey({
+                fieldKey: binding.fieldKey,
+                targetRef: target.ref,
+                valueHint: binding.valueHint ?? 'direct',
+            });
+            if (fieldTargets.has(key)) {
+                return null;
+            }
+            fieldTargets.set(key, {
+                fieldKey: binding.fieldKey,
+                targetRef: target.ref,
+                valueHint: normalizeProtectedBindingValueHint(binding.fieldKey, binding.valueHint),
+            });
+        }
+    }
+    if (fieldTargets.size === 0) {
+        return null;
+    }
+    const targetByRef = new Map(fullGroup.targets.map((target) => [target.ref, target]));
+    const fields = [];
+    for (const binding of fieldTargets.values()) {
+        const target = targetByRef.get(binding.targetRef);
+        fields.push({
+            fieldKey: binding.fieldKey,
+            targetRef: binding.targetRef,
+            label: target?.displayLabel ?? target?.label,
+            required: target?.validation?.required,
+            valueHint: binding.valueHint,
+        });
     }
-    return signals.some((signal) => IDENTITY_NAME_SIGNAL_RE.test(signal));
+    const boundTargetRefs = new Set(fields.map((field) => field.targetRef));
+    const hasUnresolvedPlannerRelevantTargets = fullGroup.targets.some((target) => {
+        if (boundTargetRefs.has(target.ref)) {
+            return false;
+        }
+        return (targetLooksLikePotentialIdentityNameTarget(target) ||
+            targetLooksLikePotentialIdentityDobPartTarget(target) ||
+            targetLooksLikeIdentityAnchorTarget(target) ||
+            targetLooksLikeIdentitySupplementalTarget(target));
+    });
+    if (hasUnresolvedPlannerRelevantTargets) {
+        return null;
+    }
+    return {
+        confidence: 'high',
+        fields: fields.sort((left, right) => {
+            const leftPriority = canonicalFieldOrder('identity').indexOf(left.fieldKey);
+            const rightPriority = canonicalFieldOrder('identity').indexOf(right.fieldKey);
+            if (leftPriority !== rightPriority) {
+                return leftPriority - rightPriority;
+            }
+            return left.targetRef.localeCompare(right.targetRef);
+        }),
+    };
+}
+function targetLooksLikeLoginUsernameTarget(target) {
+    return inferProtectedFieldMeaningFromTarget(target).some((hint) => hint.kind === 'login' && hint.fieldKey === 'username');
+}
+function targetLooksLikeLoginPasswordTarget(target) {
+    return inferProtectedFieldMeaningFromTarget(target).some((hint) => hint.kind === 'login' && hint.fieldKey === 'password');
+}
+function deterministicLoginFieldKeysForTarget(target) {
+    return inferProtectedFieldMeaningFromTarget(target)
+        .filter((hint) => hint.kind === 'login')
+        .map((hint) => hint.fieldKey);
+}
+function deterministicLoginPlan(plannerGroup, fullGroup) {
+    const fieldTargets = new Map();
+    for (const target of plannerGroup.targets) {
+        for (const fieldKey of deterministicLoginFieldKeysForTarget(target)) {
+            const refs = fieldTargets.get(fieldKey) ?? new Set();
+            refs.add(target.ref);
+            fieldTargets.set(fieldKey, refs);
+        }
+    }
+    const usernameRefs = fieldTargets.get('username');
+    const passwordRefs = fieldTargets.get('password');
+    if (!usernameRefs || usernameRefs.size !== 1 || !passwordRefs || passwordRefs.size !== 1) {
+        return null;
+    }
+    const targetByRef = new Map(fullGroup.targets.map((target) => [target.ref, target]));
+    const fields = [
+        {
+            fieldKey: 'username',
+            targetRef: [...usernameRefs][0],
+            label: targetByRef.get([...usernameRefs][0])?.displayLabel ??
+                targetByRef.get([...usernameRefs][0])?.label,
+            required: targetByRef.get([...usernameRefs][0])?.validation?.required,
+            valueHint: 'direct',
+        },
+        {
+            fieldKey: 'password',
+            targetRef: [...passwordRefs][0],
+            label: targetByRef.get([...passwordRefs][0])?.displayLabel ??
+                targetByRef.get([...passwordRefs][0])?.label,
+            required: targetByRef.get([...passwordRefs][0])?.validation?.required,
+            valueHint: 'direct',
+        },
+    ];
+    return {
+        confidence: 'high',
+        fields,
+    };
+}
+function loginPlannerGroup(group) {
+    const relevantTargets = group.targets.filter((target) => targetLooksLikeLoginUsernameTarget(target) || targetLooksLikeLoginPasswordTarget(target));
+    if (relevantTargets.length === 0) {
+        return null;
+    }
+    const hasPasswordAnchor = relevantTargets.some((target) => targetLooksLikeLoginPasswordTarget(target));
+    if (!hasPasswordAnchor) {
+        return null;
+    }
+    return {
+        groupKey: group.groupKey,
+        targets: relevantTargets,
+    };
 }
 function identityPlannerGroup(group) {
     const identityAnchorTargets = group.targets.filter((target) => !targetLooksLikeExplicitPaymentCardTarget(target) &&
@@ -361,19 +436,19 @@ function identityPlannerGroup(group) {
     if (identityAnchorTargets.length === 0) {
         return null;
     }
-    const nameTargets = group.targets.filter(targetLooksLikeIdentityNameTarget);
-    const supplementalTargets = group.targets.filter(targetLooksLikeIdentitySupplementalTarget);
-    const targetByRef = new Map();
-    for (const target of [...nameTargets, ...identityAnchorTargets, ...supplementalTargets]) {
-        targetByRef.set(target.ref, target);
+    const hasPotentialNameTarget = group.targets.some(targetLooksLikePotentialIdentityNameTarget);
+    if (!hasPotentialNameTarget) {
+        return null;
     }
     return {
         groupKey: group.groupKey,
-        targets: [...targetByRef.values()],
+        targets: group.targets.filter((target) => !targetLooksLikeExplicitPaymentCardTarget(target)),
     };
 }
 function plannerGroupForKind(kind, group) {
     switch (kind) {
+        case 'login':
+            return loginPlannerGroup(group);
         case 'payment_card': {
             const relevantTargets = group.targets.filter((target) => targetLooksRelevantToPaymentCard(target));
             if (relevantTargets.length === 0) {
@@ -395,17 +470,27 @@ function plannerGroupForKind(kind, group) {
     }
 }
 function formGroupKeyOf(target) {
-    for (const node of [
-        target.context?.landmark,
-        target.context?.container,
-        target.context?.group,
-        target.context?.item,
-    ]) {
+    for (const node of [target.context?.group, target.context?.container, target.context?.item]) {
         if (normalizeText(node?.kind) !== 'form') {
             continue;
         }
         const label = normalizeText(node?.label ?? node?.text);
-        return label ? `form:${label}` : `form:${target.pageRef}`;
+        if (label) {
+            return `form:${label}`;
+        }
+    }
+    if (normalizeText(target.context?.landmark?.kind) === 'form') {
+        const landmarkLabel = normalizeText(target.context?.landmark?.label);
+        if (landmarkLabel) {
+            return `form:${landmarkLabel}`;
+        }
+    }
+    const selectorRoot = selectorRootOf(target);
+    if (selectorRoot) {
+        return `selector-root:${selectorRoot}`;
+    }
+    if (target.surfaceRef) {
+        return `surface:${target.surfaceRef}`;
     }
     return `page:${target.pageRef}`;
 }
@@ -451,6 +536,10 @@ function purposePrompt(kind) {
                 'full_name may be one direct full-name field or two split fields:',
                 '- First/Given name -> fieldKey=full_name, valueHint=full_name.given',
                 '- Last/Family/Surname -> fieldKey=full_name, valueHint=full_name.family',
+                'date_of_birth may be one direct field or three split controls:',
+                '- Day control -> fieldKey=date_of_birth, valueHint=date_of_birth.day',
+                '- Month control -> fieldKey=date_of_birth, valueHint=date_of_birth.month',
+                '- Year control -> fieldKey=date_of_birth, valueHint=date_of_birth.year',
                 'Do not confuse contact fields like email, phone, address, city, country/region with identity fields.',
                 'Do not treat generic contact-only forms as identity forms.',
             ].join('\n');
@@ -555,8 +644,36 @@ function sanitizeBindings(kind, group, bindings) {
         return left.targetRef.localeCompare(right.targetRef);
     });
 }
-function isCredibleKindMatch(_kind, fieldBindings) {
-    return fieldBindings.length > 0;
+function isCredibleKindMatch(kind, fieldBindings) {
+    if (fieldBindings.length === 0) {
+        return false;
+    }
+    const fieldKeys = new Set(fieldBindings.map((field) => field.fieldKey));
+    switch (kind) {
+        case 'login':
+            return fieldKeys.has('username') && fieldKeys.has('password');
+        case 'payment_card':
+            return (fieldKeys.has('pan') &&
+                fieldKeys.has('exp_month') &&
+                fieldKeys.has('exp_year') &&
+                fieldKeys.has('cvv'));
+        case 'identity': {
+            const anchorKeys = new Set([
+                'document_number',
+                'date_of_birth',
+                'nationality',
+                'issue_date',
+                'expiry_date',
+                'issuing_country',
+            ]);
+            const hasAnchor = [...fieldKeys].some((fieldKey) => anchorKeys.has(fieldKey));
+            const hasDirectFullName = fieldBindings.some((field) => field.fieldKey === 'full_name' && (field.valueHint ?? 'direct') === 'direct');
+            const hasGivenName = fieldBindings.some((field) => field.fieldKey === 'full_name' && field.valueHint === 'full_name.given');
+            const hasFamilyName = fieldBindings.some((field) => field.fieldKey === 'full_name' && field.valueHint === 'full_name.family');
+            const hasCompleteName = hasDirectFullName || (hasGivenName && hasFamilyName);
+            return hasAnchor && hasCompleteName;
+        }
+    }
 }
 function frameKeyOf(target) {
     if (!target.framePath || target.framePath.length === 0) {
@@ -634,17 +751,35 @@ function buildStoredSecretCandidates(catalog, kind, confidence, matchedFieldKeys
 function hasApplicableStoredSecretKind(catalog, kind) {
     return catalog.storedSecrets.some((secret) => secret.kind === kind);
 }
+const ORDERED_PROTECTED_KINDS = ['login', 'identity', 'payment_card'];
 function purposesByPriority(catalog) {
-    const orderedKinds = ['login', 'identity', 'payment_card'];
-    return orderedKinds.filter((kind) => hasApplicableStoredSecretKind(catalog, kind));
+    if (!catalog) {
+        return ORDERED_PROTECTED_KINDS;
+    }
+    return ORDERED_PROTECTED_KINDS.filter((kind) => hasApplicableStoredSecretKind(catalog, kind));
 }
 async function planBindingsForGroup(client, kind, plannerGroup, fullGroup) {
+    if (kind === 'login') {
+        const deterministicPlan = deterministicLoginPlan(plannerGroup, fullGroup);
+        if (deterministicPlan) {
+            return deterministicPlan;
+        }
+    }
     if (kind === 'payment_card') {
         const deterministicPlan = deterministicPaymentCardPlan(plannerGroup, fullGroup);
         if (deterministicPlan) {
             return deterministicPlan;
         }
     }
+    if (kind === 'identity') {
+        const deterministicPlan = deterministicIdentityPlan(plannerGroup, fullGroup);
+        if (deterministicPlan) {
+            return deterministicPlan;
+        }
+    }
+    if (!client) {
+        return null;
+    }
     const result = await client.createChatCompletion({
         logger: () => { },
         options: {
@@ -662,7 +797,7 @@ async function planBindingsForGroup(client, kind, plannerGroup, fullGroup) {
             : sanitizeBindings(kind, plannerGroup, result.data.bindings),
     };
 }
-function plannerGroupsForCatalog(group, catalog) {
+function plannerGroupsForGroup(group, catalog) {
     const candidates = [];
     for (const kind of purposesByPriority(catalog)) {
         const plannerGroup = plannerGroupForKind(kind, group);
@@ -674,20 +809,14 @@ function plannerGroupsForCatalog(group, catalog) {
     return candidates;
 }
 export async function matchStoredSecretsToObservedTargets(pageRef, targets, catalog, options = {}) {
-    if (!catalog) {
-        return [];
-    }
     const gateway = options.gatewayConfig === undefined ? tryResolveAgentpayGatewayConfig() : options.gatewayConfig;
-    if (!gateway) {
-        return [];
-    }
-    const client = new AgentpayStagehandLlmClient(gateway);
+    const client = catalog && gateway ? new AgentpayStagehandLlmClient(gateway) : null;
     const targetByRef = new Map(targets.map((target) => [target.ref, target]));
     const groups = groupTargetsByForm(targets);
     const nextObservedAt = options.observedAt ?? new Date().toISOString();
     const forms = [];
     for (const group of groups) {
-        for (const { kind, plannerGroup } of plannerGroupsForCatalog(group, catalog)) {
+        for (const { kind, plannerGroup } of plannerGroupsForGroup(group, catalog)) {
             const planned = await planBindingsForGroup(client, kind, plannerGroup, group).catch(() => null);
             if (!planned || planned.confidence === 'low') {
                 continue;
@@ -696,10 +825,9 @@ export async function matchStoredSecretsToObservedTargets(pageRef, targets, cata
                 continue;
             }
             const matchedFieldKeys = new Set(planned.fields.map((field) => field.fieldKey));
-            const storedSecretCandidates = buildStoredSecretCandidates(catalog, kind, planned.confidence, matchedFieldKeys);
-            if (storedSecretCandidates.length === 0) {
-                continue;
-            }
+            const storedSecretCandidates = catalog
+                ? buildStoredSecretCandidates(catalog, kind, planned.confidence, matchedFieldKeys)
+                : [];
             forms.push({
                 pageRef,
                 scopeRef: formScopeRef(planned.fields, targetByRef),

package/dist/secrets/intent-output.d.ts

@@ -1,11 +1,7 @@
-import type { SecretIntentSnapshot, SecretIntentStatus } from './types.js';
-export declare function serializeSecretIntent(snapshot: SecretIntentSnapshot): Record<string, unknown>;
-export declare function serializeSecretIntentContext(snapshot: SecretIntentSnapshot): Record<string, unknown>;
-export type SecretIntentStatusContract = {
-    message: string;
-    reason: string;
-    nextAction?: string;
-    outcomeType?: 'approval_pending' | 'approval_denied' | 'intent_expired';
-};
-export declare function describeSecretIntentStatus(status: SecretIntentStatus): SecretIntentStatusContract;
+import { type SecretRequestStatusContract } from './request-output.js';
+import type { SecretRequestSnapshot, SecretRequestStatus } from './types.js';
+export declare function serializeSecretIntent(snapshot: SecretRequestSnapshot): Record<string, unknown>;
+export declare function serializeSecretIntentContext(snapshot: SecretRequestSnapshot): Record<string, unknown>;
+export type SecretIntentStatusContract = SecretRequestStatusContract;
+export declare function describeSecretIntentStatus(status: SecretRequestStatus): SecretIntentStatusContract;
 //# sourceMappingURL=intent-output.d.ts.map

package/dist/secrets/intent-output.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"intent-output.d.ts","sourceRoot":"","sources":["../../src/secrets/intent-output.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAE3E,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,oBAAoB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAY7F;AAED,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,oBAAoB,GAC7B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CASzB;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,kBAAkB,GAAG,iBAAiB,GAAG,gBAAgB,CAAC;CACzE,CAAC;AAEF,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,kBAAkB,GAAG,0BAA0B,CA0CjG"}
+{"version":3,"file":"intent-output.d.ts","sourceRoot":"","sources":["../../src/secrets/intent-output.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,2BAA2B,EACjC,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAE7E,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,qBAAqB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAE9F;AAED,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,qBAAqB,GAC9B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED,MAAM,MAAM,0BAA0B,GAAG,2BAA2B,CAAC;AAErE,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,mBAAmB,GAAG,0BAA0B,CAElG"}