@openweave/weave-skills 1.0.0

package/dist/skills/context-memory.js

@@ -0,0 +1,160 @@
+/**
+ * Skill: context-memory
+ *
+ * Persists architectural decisions, team agreements and agent reasoning sessions
+ * into the WeaveGraph knowledge graph for long-term cross-session memory.
+ *
+ * Actions:
+ *   - save   — persist a new memory entry as a graph node
+ *   - load   — retrieve entries by id or tag
+ *   - list   — list all persisted memory entries (optionally filtered by type/tag)
+ *
+ * Input (via SkillContext.graph):
+ *   - `ctx.graph['action']`  — 'save' | 'load' | 'list' (default: 'list')
+ *   - `ctx.graph['entry']`   — MemoryEntry (required for 'save')
+ *   - `ctx.graph['query']`   — string keyword for 'load'
+ *   - `ctx.graph['store']`   — Record<string,MemoryEntry> injectable in-memory store for tests
+ *
+ * Output data:
+ *   - ContextMemoryResult
+ */
+// ---------------------------------------------------------------------------
+// In-process store (used when no WeaveGraph is available)
+// ---------------------------------------------------------------------------
+// Module-level fallback store — shared across calls in a single process.
+const _fallbackStore = new Map();
+export function generateId(entry) {
+    const slug = entry.title
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, '-')
+        .slice(0, 40);
+    const ts = entry.createdAt.replace(/\D/g, '').slice(0, 12);
+    return `mem-${entry.type}-${slug}-${ts}`;
+}
+export function matchesQuery(entry, query) {
+    const q = query.toLowerCase();
+    return (entry.title.toLowerCase().includes(q) ||
+        entry.content.toLowerCase().includes(q) ||
+        entry.tags.some((t) => t.toLowerCase().includes(q)) ||
+        entry.type.toLowerCase().includes(q));
+}
+export function saveEntry(store, raw, sessionId) {
+    const now = new Date().toISOString();
+    const entry = {
+        id: raw.id ?? '',
+        type: raw.type ?? 'note',
+        title: raw.title ?? 'Untitled',
+        content: raw.content ?? '',
+        tags: Array.isArray(raw.tags) ? raw.tags : [],
+        createdAt: raw.createdAt ?? now,
+        sessionId: raw.sessionId ?? sessionId,
+    };
+    if (!entry.id) {
+        entry.id = generateId(entry);
+    }
+    store.set(entry.id, entry);
+    return entry;
+}
+export function listEntries(store, query, type) {
+    let entries = Array.from(store.values());
+    if (type)
+        entries = entries.filter((e) => e.type === type);
+    if (query)
+        entries = entries.filter((e) => matchesQuery(e, query));
+    return entries.sort((a, b) => b.createdAt.localeCompare(a.createdAt));
+}
+function getGraphStore(graph) {
+    if (graph && typeof graph === 'object' && 'save' in graph) {
+        return graph;
+    }
+    return null;
+}
+// ---------------------------------------------------------------------------
+// Skill
+// ---------------------------------------------------------------------------
+export const contextMemorySkill = {
+    id: 'context-memory',
+    name: 'Context Memory Persister',
+    description: 'Saves architectural decisions, team agreements and session reasoning to WeaveGraph for long-term memory across sessions.',
+    version: '1.0.0',
+    enabled: true,
+    tags: ['memory', 'dx', 'graph', 'persistence'],
+    async execute(ctx) {
+        const opts = (ctx.graph ?? {});
+        const action = opts['action'] ?? 'list';
+        // Determine the store to use (injectable in tests via ctx.graph['store'])
+        const injectedStore = opts['store'];
+        let store;
+        if (injectedStore && injectedStore instanceof Map) {
+            store = injectedStore;
+        }
+        else if (injectedStore && typeof injectedStore === 'object') {
+            // Support plain object store (easier in tests)
+            store = new Map(Object.entries(injectedStore));
+        }
+        else {
+            store = _fallbackStore;
+        }
+        const sessionId = ctx.session?.id;
+        // -----------------------------------------------------------------------
+        if (action === 'save') {
+            const raw = opts['entry'];
+            if (!raw || !raw.content) {
+                return {
+                    success: false,
+                    output: 'save action requires ctx.graph["entry"] with at least a content field',
+                    error: 'missing entry',
+                };
+            }
+            const saved = saveEntry(store, raw, sessionId);
+            // If a WeaveGraph-like object is available, also persist there
+            const graphStore = getGraphStore(opts['graphHandle']);
+            if (graphStore?.save) {
+                await graphStore.save(saved);
+            }
+            const result = {
+                action: 'save',
+                saved,
+                entries: [saved],
+                total: store.size,
+            };
+            return {
+                success: true,
+                output: `Memory entry saved: "${saved.title}" (${saved.id})`,
+                data: result,
+            };
+        }
+        // -----------------------------------------------------------------------
+        if (action === 'load') {
+            const query = opts['query'] ?? '';
+            const type = opts['type'];
+            const entries = listEntries(store, query || undefined, type);
+            const result = {
+                action: 'load',
+                entries,
+                total: entries.length,
+                query,
+            };
+            return {
+                success: true,
+                output: `Found ${entries.length} memory entr${entries.length === 1 ? 'y' : 'ies'}${query ? ` matching "${query}"` : ''}`,
+                data: result,
+            };
+        }
+        // -----------------------------------------------------------------------
+        // action === 'list'
+        const type = opts['type'];
+        const entries = listEntries(store, undefined, type);
+        const result = {
+            action: 'list',
+            entries,
+            total: entries.length,
+        };
+        return {
+            success: true,
+            output: `${entries.length} memory entr${entries.length === 1 ? 'y' : 'ies'} in store`,
+            data: result,
+        };
+    },
+};
+//# sourceMappingURL=context-memory.js.map

package/dist/skills/context-memory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context-memory.js","sourceRoot":"","sources":["../../src/skills/context-memory.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAkCH,8EAA8E;AAC9E,0DAA0D;AAC1D,8EAA8E;AAE9E,yEAAyE;AACzE,MAAM,cAAc,GAA6B,IAAI,GAAG,EAAE,CAAC;AAE3D,MAAM,UAAU,UAAU,CAAC,KAA8B;IACvD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK;SACrB,WAAW,EAAE;SACb,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC;SAC3B,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChB,MAAM,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3D,OAAO,OAAO,KAAK,CAAC,IAAI,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAkB,EAAE,KAAa;IAC5D,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IAC9B,OAAO,CACL,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrC,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACvC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACnD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CACrC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,KAA+B,EAC/B,GAAyB,EACzB,SAAkB;IAElB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrC,MAAM,KAAK,GAAgB;QACzB,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE;QAChB,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,MAAM;QACxB,KAAK,EAAE,GAAG,CAAC,KAAK,IAAI,UAAU;QAC9B,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE;QAC1B,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;QAC7C,SAAS,EAAE,GAAG,CAAC,SAAS,IAAI,GAAG;QAC/B,SAAS,EAAE,GAAG,CAAC,SAAS,IAAI,SAAS;KACtC,CAAC;IACF,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,KAAK,CAAC,EAAE,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IACD,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IAC3B,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,KAA+B,EAC/B,KAAc,EACd,IAAsB;IAEtB,IAAI,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,IAAI,IAAI;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAC3D,IAAI,KAAK;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IACnE,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;AACxE,CAAC;AAWD,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;QAC1D,OAAO,KAAkB,CAAC;IAC5B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,CAAC,MAAM,kBAAkB,GAAgB;IAC7C,EAAE,EAAE,gBAAgB;IACpB,IAAI,EAAE,0BAA0B;IAChC,WAAW,EACT,0HAA0H;IAC5H,OAAO,EAAE,OAAO;IAChB,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,CAAC;IAE9C,KAAK,CAAC,OAAO,CAAC,GAAiB;QAC7B,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;QAC1D,MAAM,MAAM,GAAI,IAAI,CAAC,QAAQ,CAA8B,IAAI,MAAM,CAAC;QAEtE,0EAA0E;QAC1E,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,KAA+B,CAAC;QACpC,IAAI,aAAa,IAAI,aAAa,YAAY,GAAG,EAAE,CAAC;YAClD,KAAK,GAAG,aAAyC,CAAC;QACpD,CAAC;aAAM,IAAI,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YAC9D,+CAA+C;YAC/C,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,aAA4C,CAAC,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,cAAc,CAAC;QACzB,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;QAElC,0EAA0E;QAC1E,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAqC,CAAC;YAC9D,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;gBACzB,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,uEAAuE;oBAC/E,KAAK,EAAE,eAAe;iBACvB,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;YAE/C,+DAA+D;YAC/D,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACtD,IAAI,UAAU,EAAE,IAAI,EAAE,CAAC;gBACrB,MAAM,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC/B,CAAC;YAED,MAAM,MAAM,GAAwB;gBAClC,MAAM,EAAE,MAAM;gBACd,KAAK;gBACL,OAAO,EAAE,CAAC,KAAK,CAAC;gBAChB,KAAK,EAAE,KAAK,CAAC,IAAI;aAClB,CAAC;YAEF,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,wBAAwB,KAAK,CAAC,KAAK,MAAM,KAAK,CAAC,EAAE,GAAG;gBAC5D,IAAI,EAAE,MAAM;aACb,CAAC;QACJ,CAAC;QAED,0EAA0E;QAC1E,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,MAAM,KAAK,GAAI,IAAI,CAAC,OAAO,CAAwB,IAAI,EAAE,CAAC;YAC1D,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAgC,CAAC;YACzD,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,IAAI,CAAC,CAAC;YAE7D,MAAM,MAAM,GAAwB;gBAClC,MAAM,EAAE,MAAM;gBACd,OAAO;gBACP,KAAK,EAAE,OAAO,CAAC,MAAM;gBACrB,KAAK;aACN,CAAC;YAEF,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,SAAS,OAAO,CAAC,MAAM,eAAe,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,cAAc,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACxH,IAAI,EAAE,MAAM;aACb,CAAC;QACJ,CAAC;QAED,0EAA0E;QAC1E,oBAAoB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAgC,CAAC;QACzD,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;QAEpD,MAAM,MAAM,GAAwB;YAClC,MAAM,EAAE,MAAM;YACd,OAAO;YACP,KAAK,EAAE,OAAO,CAAC,MAAM;SACtB,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,eAAe,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,WAAW;YACrF,IAAI,EAAE,MAAM;SACb,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/skills/dep-audit.d.ts

@@ -0,0 +1,55 @@
+/**
+ * Skill: dep-audit
+ *
+ * Scans every package.json in the workspace, parses semver ranges, and:
+ *   1. Detects dependencies pinned to old major versions vs. latest in registry
+ *   2. Optionally runs `npm audit --json` to surface CVE advisories
+ *
+ * Input options (ctx.graph):
+ *   - `packages`  {Record<string, string>[]} — inject package.json deps for tests
+ *   - `auditJson` {string}                   — inject raw `npm audit --json` output
+ *   - `skipAudit` {boolean}                  — skip npm audit subprocess (default: false)
+ *   - `workspace` {string}                   — root dir scan override
+ *
+ * Note: version comparison is intentionally lightweight (major-only) — no semver lib.
+ */
+import type { SkillModule } from '../types.js';
+export interface PackageRef {
+    pkg: string;
+    source: string;
+    current: string;
+    kind: 'dep' | 'devDep' | 'peer';
+}
+export type VulnSeverity = 'critical' | 'high' | 'moderate' | 'low' | 'info';
+export interface VulnAdvisory {
+    pkg: string;
+    severity: VulnSeverity;
+    title: string;
+    url: string;
+    fixAvailable: boolean;
+    fixVersion?: string;
+}
+export interface OutdatedEntry {
+    pkg: string;
+    source: string;
+    current: string;
+    latestMajor: number;
+    suggestion: string;
+}
+export interface DepAuditResult {
+    scannedFiles: string[];
+    totalDeps: number;
+    advisories: VulnAdvisory[];
+    outdated: OutdatedEntry[];
+    criticalCount: number;
+    highCount: number;
+}
+/** Extract the major version number from a semver range string */
+export declare function parseMajor(range: string): number;
+/** Find all package.json files under a directory (non-recursive for perf) */
+export declare function findPackageJsons(root: string): string[];
+export declare function collectDeps(pkgJsonPath: string): PackageRef[];
+/** Parse npm audit --json output into VulnAdvisory[] */
+export declare function parseNpmAudit(json: string): VulnAdvisory[];
+export declare const depAuditSkill: SkillModule;
+//# sourceMappingURL=dep-audit.d.ts.map

package/dist/skills/dep-audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dep-audit.d.ts","sourceRoot":"","sources":["../../src/skills/dep-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAKH,OAAO,KAAK,EAAE,WAAW,EAA6B,MAAM,aAAa,CAAC;AAM1E,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACjC;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,GAAG,KAAK,GAAG,MAAM,CAAC;AAE7E,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,YAAY,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,OAAO,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,YAAY,EAAE,CAAC;IAC3B,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD,kEAAkE;AAClE,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAIhD;AAED,6EAA6E;AAC7E,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAwBvD;AAED,wBAAgB,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,UAAU,EAAE,CAiB7D;AAED,wDAAwD;AACxD,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,YAAY,EAAE,CAiD1D;AAMD,eAAO,MAAM,aAAa,EAAE,WA0H3B,CAAC"}

package/dist/skills/dep-audit.js

@@ -0,0 +1,248 @@
+/**
+ * Skill: dep-audit
+ *
+ * Scans every package.json in the workspace, parses semver ranges, and:
+ *   1. Detects dependencies pinned to old major versions vs. latest in registry
+ *   2. Optionally runs `npm audit --json` to surface CVE advisories
+ *
+ * Input options (ctx.graph):
+ *   - `packages`  {Record<string, string>[]} — inject package.json deps for tests
+ *   - `auditJson` {string}                   — inject raw `npm audit --json` output
+ *   - `skipAudit` {boolean}                  — skip npm audit subprocess (default: false)
+ *   - `workspace` {string}                   — root dir scan override
+ *
+ * Note: version comparison is intentionally lightweight (major-only) — no semver lib.
+ */
+import { existsSync, readFileSync, readdirSync } from 'node:fs';
+import { join } from 'node:path';
+import { execSync } from 'node:child_process';
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+/** Extract the major version number from a semver range string */
+export function parseMajor(range) {
+    const cleaned = range.replace(/^[\^~>=<\s]+/, '').trim();
+    const m = /^(\d+)/.exec(cleaned);
+    return m ? parseInt(m[1], 10) : -1;
+}
+/** Find all package.json files under a directory (non-recursive for perf) */
+export function findPackageJsons(root) {
+    const found = [];
+    const candidates = [
+        join(root, 'package.json'),
+    ];
+    // Check common monorepo layouts
+    for (const subdir of ['packages', 'apps', 'libs', 'services']) {
+        const base = join(root, subdir);
+        if (!existsSync(base))
+            continue;
+        try {
+            for (const entry of readdirSync(base, { withFileTypes: true })) {
+                if (entry.isDirectory()) {
+                    const candidate = join(base, entry.name, 'package.json');
+                    if (existsSync(candidate))
+                        candidates.push(candidate);
+                }
+            }
+        }
+        catch { /* ignore */ }
+    }
+    for (const c of candidates) {
+        if (existsSync(c))
+            found.push(c);
+    }
+    return found;
+}
+export function collectDeps(pkgJsonPath) {
+    try {
+        const raw = JSON.parse(readFileSync(pkgJsonPath, 'utf-8'));
+        const refs = [];
+        const add = (deps, kind) => {
+            if (!deps || typeof deps !== 'object')
+                return;
+            for (const [pkg, ver] of Object.entries(deps)) {
+                refs.push({ pkg, source: pkgJsonPath, current: String(ver), kind });
+            }
+        };
+        add(raw['dependencies'], 'dep');
+        add(raw['devDependencies'], 'devDep');
+        add(raw['peerDependencies'], 'peer');
+        return refs;
+    }
+    catch {
+        return [];
+    }
+}
+/** Parse npm audit --json output into VulnAdvisory[] */
+export function parseNpmAudit(json) {
+    try {
+        const parsed = JSON.parse(json);
+        const advisories = [];
+        // npm audit v7+ format: `vulnerabilities` map
+        const vulns = parsed['vulnerabilities'];
+        if (vulns) {
+            for (const [pkg, raw] of Object.entries(vulns)) {
+                const v = raw;
+                const via = Array.isArray(v['via']) ? v['via'] : [];
+                for (const entry of via) {
+                    if (typeof entry === 'object' && entry !== null) {
+                        const e = entry;
+                        advisories.push({
+                            pkg,
+                            severity: String(e['severity'] ?? 'low'),
+                            title: String(e['title'] ?? `Vulnerability in ${pkg}`),
+                            url: String(e['url'] ?? ''),
+                            fixAvailable: Boolean(v['fixAvailable']),
+                            fixVersion: v['fixAvailable'] && typeof v['fixAvailable'] === 'object'
+                                ? String(v['fixAvailable']['version'] ?? '')
+                                : undefined,
+                        });
+                    }
+                }
+            }
+        }
+        // npm audit v6 format: `advisories` map
+        const legacyAdvisories = parsed['advisories'];
+        if (legacyAdvisories && advisories.length === 0) {
+            for (const [, raw] of Object.entries(legacyAdvisories)) {
+                const a = raw;
+                advisories.push({
+                    pkg: String(a['module_name'] ?? 'unknown'),
+                    severity: String(a['severity'] ?? 'low'),
+                    title: String(a['title'] ?? ''),
+                    url: String(a['url'] ?? ''),
+                    fixAvailable: Boolean(a['patched_versions']?.length),
+                    fixVersion: String(a['patched_versions'] ?? ''),
+                });
+            }
+        }
+        return advisories;
+    }
+    catch {
+        return [];
+    }
+}
+// ---------------------------------------------------------------------------
+// Skill
+// ---------------------------------------------------------------------------
+export const depAuditSkill = {
+    id: 'dep-audit',
+    name: 'Dependency Auditor',
+    description: 'Scans workspace package.json files for outdated versions and runs npm audit to surface CVE advisories',
+    version: '1.0.0',
+    enabled: false,
+    tags: ['devops', 'security'],
+    async execute(ctx) {
+        const opts = ctx.graph ?? {};
+        const skipAudit = Boolean(opts['skipAudit'] ?? false);
+        const workspaceRoot = typeof opts['workspace'] === 'string' ? opts['workspace'] : ctx.projectRoot;
+        // Collect all package refs
+        let allRefs = [];
+        let scannedFiles = [];
+        if (Array.isArray(opts['packages'])) {
+            // Injected for testing: array of {source, dep, devDep}
+            for (const p of opts['packages']) {
+                const src = String(p['source'] ?? 'injected');
+                scannedFiles.push(src);
+                const add = (deps, kind) => {
+                    if (!deps || typeof deps !== 'object')
+                        return;
+                    for (const [pkg, ver] of Object.entries(deps)) {
+                        allRefs.push({ pkg, source: src, current: String(ver), kind });
+                    }
+                };
+                add(p['dependencies'], 'dep');
+                add(p['devDependencies'], 'devDep');
+                add(p['peerDependencies'], 'peer');
+            }
+        }
+        else {
+            scannedFiles = findPackageJsons(workspaceRoot);
+            for (const f of scannedFiles) {
+                allRefs = allRefs.concat(collectDeps(f));
+            }
+        }
+        // Detect obviously outdated (major ≥ 2 years behind heuristic via major number)
+        // In a real implementation we'd call the registry. Here we flag anything with
+        // a pinned exact old major vs. a ^ or ~ range as a "check this" suggestion.
+        const outdated = [];
+        const seenPinned = new Set();
+        for (const ref of allRefs) {
+            // Exact version pins without ^ or ~ are worth flagging as worth reviewing
+            if (/^\d+\.\d+\.\d+$/.test(ref.current.trim()) && !seenPinned.has(ref.pkg)) {
+                seenPinned.add(ref.pkg);
+                outdated.push({
+                    pkg: ref.pkg,
+                    source: ref.source,
+                    current: ref.current,
+                    latestMajor: parseMajor(ref.current),
+                    suggestion: `Pinned to exact version ${ref.current} — consider using ^${ref.current} to receive patches`,
+                });
+            }
+        }
+        // CVE audit
+        let advisories = [];
+        if (typeof opts['auditJson'] === 'string') {
+            advisories = parseNpmAudit(opts['auditJson']);
+        }
+        else if (!skipAudit) {
+            try {
+                const auditOut = execSync('npm audit --json', {
+                    cwd: workspaceRoot,
+                    stdio: 'pipe',
+                    encoding: 'utf-8',
+                });
+                advisories = parseNpmAudit(auditOut);
+            }
+            catch (err) {
+                // npm audit exits with non-zero when vulns found — stdout still has JSON
+                const output = err.stdout ?? '';
+                if (output)
+                    advisories = parseNpmAudit(output);
+            }
+        }
+        const criticalCount = advisories.filter((a) => a.severity === 'critical').length;
+        const highCount = advisories.filter((a) => a.severity === 'high').length;
+        const lines = [
+            `🔍 Dep Audit — ${scannedFiles.length} package.json file(s) · ${allRefs.length} total deps`,
+            `   CVE advisories: ${advisories.length} (${criticalCount} critical, ${highCount} high)`,
+            `   Pinned versions to review: ${outdated.length}`,
+            '',
+        ];
+        if (advisories.length > 0) {
+            lines.push('  📋 ADVISORIES:');
+            for (const a of advisories.slice(0, 10)) {
+                const icon = a.severity === 'critical' ? '❌' : a.severity === 'high' ? '⚠️ ' : 'ℹ️ ';
+                lines.push(`  ${icon} [${a.severity}] ${a.pkg} — ${a.title}`);
+                if (a.fixAvailable)
+                    lines.push(`       Fix: upgrade to ${a.fixVersion ?? 'latest'}`);
+                if (a.url)
+                    lines.push(`       ${a.url}`);
+            }
+            if (advisories.length > 10)
+                lines.push(`  … and ${advisories.length - 10} more`);
+            lines.push('');
+        }
+        if (outdated.length > 0) {
+            lines.push('  📦 PINNED VERSIONS:');
+            for (const o of outdated.slice(0, 8)) {
+                lines.push(`  ⚠️  ${o.pkg}@${o.current} (${o.source})`);
+                lines.push(`     ${o.suggestion}`);
+            }
+        }
+        const result = {
+            scannedFiles,
+            totalDeps: allRefs.length,
+            advisories,
+            outdated,
+            criticalCount,
+            highCount,
+        };
+        return {
+            success: criticalCount === 0,
+            output: lines.join('\n'),
+            data: result,
+        };
+    },
+};
+//# sourceMappingURL=dep-audit.js.map

package/dist/skills/dep-audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dep-audit.js","sourceRoot":"","sources":["../../src/skills/dep-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAChE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AA0C9C,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,kEAAkE;AAClE,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACzD,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACjC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAED,6EAA6E;AAC7E,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,UAAU,GAAG;QACjB,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC;KAC3B,CAAC;IAEF,gCAAgC;IAChC,KAAK,MAAM,MAAM,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAChC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,SAAS;QAChC,IAAI,CAAC;YACH,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC/D,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;oBACxB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBACzD,IAAI,UAAU,CAAC,SAAS,CAAC;wBAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACxD,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,UAAU,CAAC,CAAC,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,WAAmB;IAC7C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAA4B,CAAC;QACtF,MAAM,IAAI,GAAiB,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,CAAC,IAAa,EAAE,IAAwB,EAAE,EAAE;YACtD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;gBAAE,OAAO;YAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAA8B,CAAC,EAAE,CAAC;gBACxE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC;QACF,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,CAAC;QAChC,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,QAAQ,CAAC,CAAC;QACtC,GAAG,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;QAC3D,MAAM,UAAU,GAAmB,EAAE,CAAC;QAEtC,8CAA8C;QAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,iBAAiB,CAAwC,CAAC;QAC/E,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC/C,MAAM,CAAC,GAAG,GAA8B,CAAC;gBACzC,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpD,KAAK,MAAM,KAAK,IAAI,GAAG,EAAE,CAAC;oBACxB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;wBAChD,MAAM,CAAC,GAAG,KAAgC,CAAC;wBAC3C,UAAU,CAAC,IAAI,CAAC;4BACd,GAAG;4BACH,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,CAAiB;4BACxD,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,oBAAoB,GAAG,EAAE,CAAC;4BACtD,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;4BAC3B,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;4BACxC,UAAU,EAAE,CAAC,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,CAAC,cAAc,CAAC,KAAK,QAAQ;gCACpE,CAAC,CAAC,MAAM,CAAE,CAAC,CAAC,cAAc,CAA6B,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gCACzE,CAAC,CAAC,SAAS;yBACd,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,MAAM,CAAC,YAAY,CAAwC,CAAC;QACrF,IAAI,gBAAgB,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChD,KAAK,MAAM,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACvD,MAAM,CAAC,GAAG,GAA8B,CAAC;gBACzC,UAAU,CAAC,IAAI,CAAC;oBACd,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,SAAS,CAAC;oBAC1C,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,CAAiB;oBACxD,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;oBAC/B,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;oBAC3B,YAAY,EAAE,OAAO,CAAE,CAAC,CAAC,kBAAkB,CAAY,EAAE,MAAM,CAAC;oBAChE,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;iBAChD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,CAAC,MAAM,aAAa,GAAgB;IACxC,EAAE,EAAE,WAAW;IACf,IAAI,EAAE,oBAAoB;IAC1B,WAAW,EAAE,uGAAuG;IACpH,OAAO,EAAE,OAAO;IAChB,OAAO,EAAE,KAAK;IACd,IAAI,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;IAE5B,KAAK,CAAC,OAAO,CAAC,GAAiB;QAC7B,MAAM,IAAI,GAAI,GAAG,CAAC,KAAwC,IAAI,EAAE,CAAC;QACjE,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,CAAC;QACtD,MAAM,aAAa,GAAG,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC;QAElG,2BAA2B;QAC3B,IAAI,OAAO,GAAiB,EAAE,CAAC;QAC/B,IAAI,YAAY,GAAa,EAAE,CAAC;QAEhC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACpC,uDAAuD;YACvD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,CAAmC,EAAE,CAAC;gBACnE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,CAAC;gBAC9C,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACvB,MAAM,GAAG,GAAG,CAAC,IAAa,EAAE,IAAwB,EAAE,EAAE;oBACtD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;wBAAE,OAAO;oBAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAA8B,CAAC,EAAE,CAAC;wBACxE,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;oBACjE,CAAC;gBACH,CAAC,CAAC;gBACF,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,CAAC;gBAC9B,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,QAAQ,CAAC,CAAC;gBACpC,GAAG,CAAC,CAAC,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,YAAY,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAC;YAC/C,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;gBAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,8EAA8E;QAC9E,4EAA4E;QAC5E,MAAM,QAAQ,GAAoB,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;QACrC,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,0EAA0E;YAC1E,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3E,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC;oBACZ,GAAG,EAAE,GAAG,CAAC,GAAG;oBACZ,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,WAAW,EAAE,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;oBACpC,UAAU,EAAE,2BAA2B,GAAG,CAAC,OAAO,sBAAsB,GAAG,CAAC,OAAO,qBAAqB;iBACzG,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,YAAY;QACZ,IAAI,UAAU,GAAmB,EAAE,CAAC;QACpC,IAAI,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1C,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAChD,CAAC;aAAM,IAAI,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,QAAQ,CAAC,kBAAkB,EAAE;oBAC5C,GAAG,EAAE,aAAa;oBAClB,KAAK,EAAE,MAAM;oBACb,QAAQ,EAAE,OAAO;iBAClB,CAAC,CAAC;gBACH,UAAU,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,yEAAyE;gBACzE,MAAM,MAAM,GAAI,GAAmD,CAAC,MAAM,IAAI,EAAE,CAAC;gBACjF,IAAI,MAAM;oBAAE,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QACjF,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QAEzE,MAAM,KAAK,GAAG;YACZ,kBAAkB,YAAY,CAAC,MAAM,2BAA2B,OAAO,CAAC,MAAM,aAAa;YAC3F,sBAAsB,UAAU,CAAC,MAAM,KAAK,aAAa,cAAc,SAAS,QAAQ;YACxF,iCAAiC,QAAQ,CAAC,MAAM,EAAE;YAClD,EAAE;SACH,CAAC;QAEF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAC/B,KAAK,MAAM,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBACxC,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;gBACrF,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC9D,IAAI,CAAC,CAAC,YAAY;oBAAE,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,UAAU,IAAI,QAAQ,EAAE,CAAC,CAAC;gBACrF,IAAI,CAAC,CAAC,GAAG;oBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,UAAU,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;YACjF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACpC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBACrC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;gBACxD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAmB;YAC7B,YAAY;YACZ,SAAS,EAAE,OAAO,CAAC,MAAM;YACzB,UAAU;YACV,QAAQ;YACR,aAAa;YACb,SAAS;SACV,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,aAAa,KAAK,CAAC;YAC5B,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;YACxB,IAAI,EAAE,MAAM;SACb,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/skills/deploy-provision.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Skill: deploy-provision
+ *
+ * Interactive production provisioning guide. Validates prerequisites
+ * (DNS resolution, open ports, Docker availability, required env vars)
+ * and optionally invokes `scripts/deploy/setup.sh` step by step.
+ *
+ * Integrates with M23 — the deploy scripts live in `scripts/deploy/`.
+ *
+ * Modes (ctx.graph['mode']):
+ *   - 'validate'  — check prerequisites only (default, safe)
+ *   - 'provision' — run setup.sh steps (requires confirmRun: true)
+ *
+ * Input options (ctx.graph):
+ *   - `domain`      {string}   — FQDN to check DNS for
+ *   - `apiKey`      {string}   — WEAVE_API_KEY value to validate
+ *   - `ports`       {number[]} — ports to check (default: [80, 443, 3001])
+ *   - `dryRun`      {boolean}  — simulate without executing shell commands
+ *   - `confirmRun`  {boolean}  — must be true to allow mode='provision'
+ *   - `env`         {Record<string,string>} — inject env for testing
+ */
+import type { SkillModule } from '../types.js';
+export type PrereqStatus = 'ok' | 'fail' | 'warn' | 'skip';
+export interface PrereqCheck {
+    id: string;
+    name: string;
+    status: PrereqStatus;
+    message: string;
+    fix?: string;
+}
+export interface ProvisionStep {
+    id: string;
+    name: string;
+    script: string;
+    status: 'pending' | 'running' | 'done' | 'failed' | 'skipped';
+    output?: string;
+    error?: string;
+}
+export interface ProvisionReport {
+    domain: string;
+    prereqs: PrereqCheck[];
+    steps: ProvisionStep[];
+    ready: boolean;
+    summary: string;
+}
+export declare const deployProvisionSkill: SkillModule;
+//# sourceMappingURL=deploy-provision.d.ts.map

package/dist/skills/deploy-provision.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deploy-provision.d.ts","sourceRoot":"","sources":["../../src/skills/deploy-provision.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAKH,OAAO,KAAK,EAAE,WAAW,EAA6B,MAAM,aAAa,CAAC;AAM1E,MAAM,MAAM,YAAY,GAAG,IAAI,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAE3D,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,CAAC;IAC9D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,KAAK,EAAE,aAAa,EAAE,CAAC;IACvB,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AA6KD,eAAO,MAAM,oBAAoB,EAAE,WA4FlC,CAAC"}