@pellux/goodvibes-agent 0.1.70 → 0.1.72

package/src/input/commands/platform-access-runtime.ts

@@ -1,33 +1,12 @@
 import { mkdirSync, readFileSync, writeFileSync } from 'node:fs';
-import { dirname, resolve } from 'node:path';
+import { dirname } from 'node:path';
 import type { CommandRegistry } from '../command-registry.ts';
-import { VERSION } from '../../version.ts';
 import { listBuiltinSubscriptionProviders } from '@pellux/goodvibes-sdk/platform/config';
 import { handleLocalAuthCommand } from './local-auth-runtime.ts';
 import { buildAuthInspectionSnapshot, inspectProviderAuth } from '@/runtime/index.ts';
-import { requireProfileManager, requireSecretsManager, requireServiceRegistry, requireShellPaths, requireSubscriptionManager } from './runtime-services.ts';
+import { requireSecretsManager, requireServiceRegistry, requireShellPaths, requireSubscriptionManager } from './runtime-services.ts';
 import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
-interface InstallBundle {
-  readonly version: 1;
-  readonly exportedAt: number;
-  readonly appVersion: string;
-  readonly workingDirectory: string;
-  readonly homeDirectory: string;
-  readonly profileCount: number;
-  readonly secretKeyCount: number;
-  readonly setupLinks: readonly string[];
-}
-
-interface UpdateBundle {
-  readonly version: 1;
-  readonly exportedAt: number;
-  readonly appVersion: string;
-  readonly updateChannel: 'stable' | 'preview';
-  readonly subscriptionProviders: readonly string[];
-  readonly notes: readonly string[];
-}
-
 interface AuthReviewBundle {
   readonly version: 1;
   readonly exportedAt: number;
@@ -51,32 +30,6 @@ function authServiceSecretPrefix(target: AuthServiceLoginTarget): string {
   return target === 'runtime' ? 'RUNTIME' : 'LISTENER';
 }
 
-function buildSetupLink(surface: string, target?: string): string {
-  const params = target ? `?target=${encodeURIComponent(target)}` : '';
-  return `goodvibes://open/${surface}${params}`;
-}
-
-function inspectInstallBundle(bundle: InstallBundle): string {
-  return [
-    'Install Bundle Review',
-    `  appVersion: ${bundle.appVersion}`,
-    `  workingDirectory: ${bundle.workingDirectory}`,
-    `  profileCount: ${bundle.profileCount}`,
-    `  secretKeys: ${bundle.secretKeyCount}`,
-    `  setupLinks: ${bundle.setupLinks.length}`,
-  ].join('\n');
-}
-
-function inspectUpdateBundle(bundle: UpdateBundle): string {
-  return [
-    'Update Bundle Review',
-    `  appVersion: ${bundle.appVersion}`,
-    `  updateChannel: ${bundle.updateChannel}`,
-    `  subscriptionProviders: ${bundle.subscriptionProviders.length}`,
-    `  notes: ${bundle.notes.length}`,
-  ].join('\n');
-}
-
 function inspectAuthBundle(bundle: AuthReviewBundle): string {
   return [
     'Auth Review Bundle',
@@ -157,152 +110,6 @@ export function registerPlatformAccessRuntimeCommands(registry: CommandRegistry)
     },
   });
 
-  registry.register({
-    name: 'install',
-    description: 'Review install posture and export portable install bundles',
-    usage: '[review|bundle export <path> --yes|bundle inspect <path>]',
-    async handler(args, ctx) {
-      const parsed = stripYesFlag(args);
-      const commandArgs = [...parsed.rest];
-      const shellPaths = requireShellPaths(ctx);
-      const sub = commandArgs[0] ?? 'review';
-      if (sub === 'review') {
-        const profiles = requireProfileManager(ctx).list();
-        const secretKeys = await requireSecretsManager(ctx).list();
-        ctx.print([
-          'Install Review',
-          `  version: ${VERSION}`,
-          `  profiles: ${profiles.length}`,
-          `  secret keys: ${secretKeys.length}`,
-          `  setup links: 4`,
-        ].join('\n'));
-        return;
-      }
-      if (sub === 'bundle') {
-        const mode = commandArgs[1];
-        const pathArg = commandArgs[2];
-        if ((mode === 'export' || mode === 'inspect') && !pathArg) {
-          ctx.print(`Usage: /install bundle ${mode} <path>${mode === 'export' ? ' --yes' : ''}`);
-          return;
-        }
-        const targetPath = shellPaths.resolveWorkspacePath(pathArg!);
-        if (mode === 'export') {
-          if (!parsed.yes) {
-            requireYesFlag(ctx, `export install bundle to ${pathArg}`, '/install bundle export <path> --yes');
-            return;
-          }
-          const profiles = requireProfileManager(ctx).list();
-          const secretKeys = await requireSecretsManager(ctx).list();
-          const bundle: InstallBundle = {
-            version: 1,
-            exportedAt: Date.now(),
-            appVersion: VERSION,
-            workingDirectory: shellPaths.workingDirectory,
-            homeDirectory: shellPaths.homeDirectory,
-            profileCount: profiles.length,
-            secretKeyCount: secretKeys.length,
-            setupLinks: [
-              buildSetupLink('cockpit'),
-              buildSetupLink('security'),
-              buildSetupLink('remote'),
-              buildSetupLink('knowledge'),
-            ],
-          };
-          mkdirSync(dirname(targetPath), { recursive: true });
-          writeFileSync(targetPath, JSON.stringify(bundle, null, 2) + '\n', 'utf-8');
-          ctx.print(`Install bundle exported to ${targetPath}`);
-          return;
-        }
-        if (mode === 'inspect') {
-          const bundle = JSON.parse(readFileSync(targetPath, 'utf-8')) as InstallBundle;
-          ctx.print(inspectInstallBundle(bundle));
-          return;
-        }
-      }
-      ctx.print('Usage: /install [review|bundle export <path> --yes|bundle inspect <path>]');
-    },
-  });
-
-  registry.register({
-    name: 'update',
-    aliases: ['upgrade'],
-    description: 'Review update posture, choose release channel guidance, and package portable update bundles',
-    usage: '[review|channel <stable|preview> --yes|bundle export <path> --yes|bundle inspect <path>]',
-    handler(args, ctx) {
-      const parsed = stripYesFlag(args);
-      const commandArgs = [...parsed.rest];
-      const shellPaths = requireShellPaths(ctx);
-      const sub = commandArgs[0] ?? 'review';
-      const subscriptions = requireSubscriptionManager(ctx);
-      const serviceRegistry = requireServiceRegistry(ctx);
-      const secretsManager = requireSecretsManager(ctx);
-      const builtinProviders = listBuiltinSubscriptionProviders().map((entry) => entry.provider);
-      const activeSubscriptions = subscriptions.list().map((entry) => entry.provider);
-      if (sub === 'review') {
-        const channel = ctx.platform.configManager.get('release.channel');
-        ctx.print([
-          'Update Review',
-          `  version: ${VERSION}`,
-          `  channel: ${channel}`,
-          `  built-in subscription providers: ${builtinProviders.length}${builtinProviders.length > 0 ? ` (${builtinProviders.join(', ')})` : ''}`,
-          `  active subscriptions: ${activeSubscriptions.length}${activeSubscriptions.length > 0 ? ` (${activeSubscriptions.join(', ')})` : ''}`,
-          '  use /update channel <stable|preview> --yes to change release posture',
-        ].join('\n'));
-        return;
-      }
-      if (sub === 'channel') {
-        const channel = commandArgs[1];
-        if (channel !== 'stable' && channel !== 'preview') {
-          ctx.print('Usage: /update channel <stable|preview> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `set update channel to ${channel}`, '/update channel <stable|preview> --yes');
-          return;
-        }
-        ctx.platform.configManager.setDynamic('release.channel', channel);
-        ctx.print(`Update channel set to ${channel}.`);
-        return;
-      }
-      if (sub === 'bundle') {
-        const mode = commandArgs[1];
-        const pathArg = commandArgs[2];
-        if ((mode === 'export' || mode === 'inspect') && !pathArg) {
-          ctx.print(`Usage: /update bundle ${mode} <path>${mode === 'export' ? ' --yes' : ''}`);
-          return;
-        }
-        const targetPath = shellPaths.resolveWorkspacePath(pathArg!);
-        if (mode === 'export') {
-          if (!parsed.yes) {
-            requireYesFlag(ctx, `export update bundle to ${pathArg}`, '/update bundle export <path> --yes');
-            return;
-          }
-          const bundle: UpdateBundle = {
-            version: 1,
-            exportedAt: Date.now(),
-            appVersion: VERSION,
-            updateChannel: ctx.platform.configManager.get('release.channel') as 'stable' | 'preview',
-            subscriptionProviders: [...new Set([...builtinProviders, ...activeSubscriptions])],
-            notes: [
-              'Preview channel is recommended only when operator review is enabled.',
-              'OAuth-backed provider subscriptions survive channel changes and continue to apply to supported provider surfaces.',
-            ],
-          };
-          mkdirSync(dirname(targetPath), { recursive: true });
-          writeFileSync(targetPath, JSON.stringify(bundle, null, 2) + '\n', 'utf-8');
-          ctx.print(`Update bundle exported to ${targetPath}`);
-          return;
-        }
-        if (mode === 'inspect') {
-          const bundle = JSON.parse(readFileSync(targetPath, 'utf-8')) as UpdateBundle;
-          ctx.print(inspectUpdateBundle(bundle));
-          return;
-        }
-      }
-      ctx.print('Usage: /update [review|channel <stable|preview> --yes|bundle export <path> --yes|bundle inspect <path>]');
-    },
-  });
-
   registry.register({
     name: 'auth',
     description: 'Review auth posture and exchange session login tokens with local services',

package/src/input/commands/product-runtime.ts

@@ -129,120 +129,4 @@ export function registerProductRuntimeCommands(registry: CommandRegistry): void
       ctx.print('Usage: /trust [review|bundle export <path> --yes|bundle inspect <path>]');
     },
   });
-  registry.register({
-    name: 'bridge',
-    description: 'Review self-hosted bridge and remote worker flows',
-    usage: '[status|pools|worker <id>|review <artifactId>|export <artifactId> [path] --yes|import <path> --yes]',
-    async handler(args, ctx) {
-      const parsed = stripYesFlag(args);
-      const commandArgs = [...parsed.rest];
-      const shellPaths = requireShellPaths(ctx);
-      if (!ctx.ops.remoteRuntime) {
-        ctx.print('Remote worker registry is not available in this runtime.');
-        return;
-      }
-      const remoteRegistry = ctx.ops.remoteRuntime;
-      const sub = commandArgs[0] ?? 'status';
-      if (sub === 'status') {
-        const remote = requireReadModels(ctx).remote.getSnapshot();
-        ctx.print([
-          'Bridge Status',
-          `  remote pools: ${remote.pools.length}`,
-          `  worker contracts: ${remote.contracts.length}`,
-          `  review artifacts: ${remote.artifacts.length}`,
-        ].join('\n'));
-        return;
-      }
-      if (sub === 'pools') {
-        const pools = remoteRegistry.listPools();
-        ctx.print(pools.length > 0
-          ? ['Bridge Pools', ...pools.map((pool) => `  ${pool.id}  workers=${pool.runnerIds.length}  trust=${pool.trustClass}`)].join('\n')
-          : 'Bridge Pools\n  No worker pools registered yet.');
-        return;
-      }
-      if (sub === 'assign') {
-        const poolId = commandArgs[1];
-        const runnerId = commandArgs[2];
-        if (!poolId || !runnerId) {
-          ctx.print('Usage: /bridge assign <pool> <worker> --yes');
-          return;
-        }
-        ctx.print([
-          'Bridge worker assignment is read-only in GoodVibes Agent.',
-          `  requested: /bridge assign ${poolId} ${runnerId}`,
-          '  policy: Agent reviews remote bridge state but does not mutate worker topology',
-          '  next: inspect /bridge pools or delegate explicit build/fix/review work to GoodVibes TUI',
-        ].join('\n'));
-        return;
-      }
-      if (sub === 'runner' || sub === 'worker') {
-        const runnerId = commandArgs[1];
-        if (!runnerId) {
-          ctx.print('Usage: /bridge worker <id>');
-          return;
-        }
-        const contract = remoteRegistry.getContract(runnerId);
-        if (!contract) {
-          ctx.print(`Unknown worker contract: ${runnerId}`);
-          return;
-        }
-        ctx.print([
-          `Bridge Worker ${runnerId}`,
-          `  template: ${contract.template}`,
-          `  trustClass: ${contract.trustClass}`,
-          `  transport: ${contract.sourceTransport}/${contract.transport.state}`,
-          `  tools: ${contract.capabilityCeiling.allowedTools.join(', ') || '(none)'}`,
-          `  pool: ${contract.poolId ?? '(unassigned)'}`,
-        ].join('\n'));
-        return;
-      }
-      if (sub === 'review') {
-        const artifactId = commandArgs[1];
-        if (!artifactId) {
-          ctx.print('Usage: /bridge review <artifactId>');
-          return;
-        }
-        const summary = remoteRegistry.buildReviewSummary(artifactId);
-        ctx.print(summary ?? `Unknown remote artifact: ${artifactId}`);
-        return;
-      }
-      if (sub === 'export') {
-        const artifactId = commandArgs[1];
-        if (!artifactId) {
-          ctx.print('Usage: /bridge export <artifactId> [path] --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `export bridge artifact ${artifactId}`, '/bridge export <artifactId> [path] --yes');
-          return;
-        }
-        const exported = await remoteRegistry.exportArtifact(
-          artifactId,
-          commandArgs[2] ? shellPaths.resolveWorkspacePath(commandArgs[2]) : undefined,
-        );
-        if (!exported) {
-          ctx.print(`Unknown remote artifact: ${artifactId}`);
-          return;
-        }
-        ctx.print(`Exported remote bridge artifact to ${exported.path}`);
-        return;
-      }
-      if (sub === 'import') {
-        const pathArg = commandArgs[1];
-        if (!pathArg) {
-          ctx.print('Usage: /bridge import <path> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `import bridge artifact from ${pathArg}`, '/bridge import <path> --yes');
-          return;
-        }
-        const artifact = await remoteRegistry.importArtifact(shellPaths.resolveWorkspacePath(pathArg));
-        ctx.print(`Imported remote bridge artifact ${artifact.id} for worker ${artifact.runnerId}.`);
-        return;
-      }
-      ctx.print('Usage: /bridge [status|pools|worker <id>|review <artifactId>|export <artifactId> [path] --yes|import <path> --yes]');
-    },
-  });
-
 }

package/src/input/commands/security-runtime.ts

@@ -0,0 +1,88 @@
+import type { CommandRegistry } from '../command-registry.ts';
+import { buildMcpAttackPathReview } from '@/runtime/index.ts';
+import { listBuiltinSubscriptionProviders } from '@pellux/goodvibes-sdk/platform/config';
+import { requireReadModels, requireSubscriptionManager, requireTokenAuditor } from './runtime-services.ts';
+
+export function registerSecurityRuntimeCommands(registry: CommandRegistry): void {
+  registry.register({
+    name: 'security',
+    aliases: [],
+    description: 'Inspect security posture, attack paths, and review state',
+    usage: '[review | attack-paths | tokens]',
+    handler(args, ctx) {
+      if (args.length === 0) {
+        if (ctx.openSecurityPanel) {
+          ctx.openSecurityPanel();
+          return;
+        }
+        ctx.print('Security panel is not available in this runtime.');
+        return;
+      }
+
+      const subcommand = args[0]?.toLowerCase() ?? 'review';
+      const audit = requireTokenAuditor(ctx).auditAll(Date.now());
+      const securitySnapshot = requireReadModels(ctx).security.getSnapshot();
+      const policySnapshot = ctx.extensions.policyRuntimeState?.getSnapshot();
+      if (!policySnapshot) {
+        ctx.print('Policy runtime state is not available in this runtime.');
+        return;
+      }
+      const attackPaths = buildMcpAttackPathReview({
+        servers: securitySnapshot.mcpServers,
+        recentDecisions: securitySnapshot.recentMcpDecisions,
+      });
+
+      if (subcommand === 'tokens') {
+        if (audit.results.length === 0) {
+          ctx.print('No registered API tokens are currently under audit.');
+          return;
+        }
+        ctx.print([
+          `Token Audit (${audit.results.length})`,
+          ...audit.results.map((result) => (
+            `  ${result.label}  policy=${result.scope.policyId}  scope=${result.scope.outcome}  rotation=${result.rotation.outcome}  blocked=${result.blocked ? 'yes' : 'no'}`
+          )),
+        ].join('\n'));
+        return;
+      }
+
+      if (subcommand === 'attack-paths') {
+        if (attackPaths.findings.length === 0) {
+          ctx.print('No MCP attack-path findings are currently active.');
+          return;
+        }
+        ctx.print([
+          'MCP Attack-Path Review',
+          `  summary: ${attackPaths.summary}`,
+          ...attackPaths.findings.slice(0, 12).map((finding) => (
+            `  ${finding.severity.toUpperCase()} ${finding.serverName}  ${finding.route}\n    ${finding.reason}`
+          )),
+        ].join('\n'));
+        return;
+      }
+
+      const plugins = ctx.extensions.pluginManager?.list() ?? [];
+      const subscriptions = requireSubscriptionManager(ctx);
+      const builtinProviders = listBuiltinSubscriptionProviders();
+      ctx.print([
+        'Security Review',
+        `  tokens: ${audit.results.length}`,
+        `  blocked tokens: ${audit.blocked.length}`,
+        `  scope violations: ${audit.scopeViolations.length}`,
+        `  rotation overdue: ${audit.rotationOverdue.length}`,
+        `  rotation warnings: ${audit.rotationWarnings.length}`,
+        `  built-in subscription providers: ${builtinProviders.length}`,
+        `  active subscriptions: ${subscriptions.list().length}`,
+        `  pending subscriptions: ${subscriptions.listPending().length}`,
+        `  policy lint findings: ${policySnapshot.lintFindings.length}`,
+        `  policy preflight: ${policySnapshot.lastPreflightReview?.status ?? 'n/a'}`,
+        `  mcp servers: ${securitySnapshot.mcpServers.length}`,
+        `  mcp quarantined: ${securitySnapshot.mcpServers.filter((server) => server.schemaFreshness === 'quarantined').length}`,
+        `  mcp elevated: ${securitySnapshot.mcpServers.filter((server) => server.trustMode === 'allow-all').length}`,
+        `  mcp attack-path findings: ${attackPaths.findings.length}`,
+        `  quarantined plugins: ${plugins.filter((plugin) => plugin.quarantined).length}`,
+        `  untrusted plugins: ${plugins.filter((plugin) => plugin.trustTier === 'untrusted').length}`,
+      ].join('\n'));
+    },
+  });
+}

package/src/input/commands/session-content.ts

@@ -4,7 +4,6 @@ import { writeFile } from 'node:fs/promises';
 import type { CommandRegistry } from '../command-registry.ts';
 import type { SelectionItem } from '../selection-modal.ts';
 import { exportToMarkdown } from '@pellux/goodvibes-sdk/platform/export';
-import { TemplateManager, parseTemplateArgs } from '@pellux/goodvibes-sdk/platform/templates';
 import { requireSessionManager, requireSessionMemoryStore, requireShellPaths } from './runtime-services.ts';
 import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
 import { requireYesFlag, stripYesFlag } from './confirmation.ts';
@@ -260,102 +259,6 @@ export function registerSessionContentCommands(registry: CommandRegistry): void
     },
   });
 
-  registry.register({
-    name: 'template',
-    aliases: ['tmpl'],
-    description: 'Manage and use prompt templates',
-    usage: 'save <name> --yes | use <name> [args] | list | edit <name> | delete <name> --yes',
-    argsHint: '<save|use|list|edit|delete> [name]',
-    handler(args, ctx) {
-      const shellPaths = requireShellPaths(ctx);
-      const templateManager = new TemplateManager({
-        projectRoot: shellPaths.workingDirectory,
-        homeDirectory: shellPaths.homeDirectory,
-      });
-      const parsed = stripYesFlag(args);
-      const sub = parsed.rest[0];
-      const rest = parsed.rest.slice(1);
-      if (!sub || sub === 'list') {
-        const templates = templateManager.list();
-        if (ctx.openSelection) {
-          const actions = new Map([['e', 'edit' as const]]);
-          const items: SelectionItem[] = templates.length === 0
-            ? [{ id: '_empty', label: 'No templates saved', detail: 'Use /template save <name> --yes' }]
-            : templates.map(t => ({ id: t.name, label: t.name, detail: t.preview, category: t.scope === 'project' ? 'project' : 'global', actions: '[e] edit' }));
-          ctx.openSelection('Templates', items, { allowSearch: true, customActions: actions }, (result) => {
-            if (!result) return;
-            const content = templateManager.load(result.item.id);
-            if (content !== null) {
-              if (result.action === 'edit') ctx.print(`Template: ${result.item.id}\n\n${content}`);
-              else ctx.submitInput?.(content);
-            } else {
-              ctx.print(`Template not found: ${result.item.id}`);
-            }
-          });
-          return;
-        }
-        ctx.print(['Templates:', '', ...templates.map(t => `  ${t.scope === 'project' ? '[project]' : '[global] '} ${t.name.padEnd(28)} ${t.preview}`)].join('\n'));
-        return;
-      }
-      if (sub === 'save') {
-        const name = rest[0];
-        if (!name) {
-          ctx.print('Usage: /template save <name> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `save prompt template ${name}`, '/template save <name> --yes');
-          return;
-        }
-        try {
-          templateManager.save(name, ctx.session.conversationManager.getLastUserMessage() || '# Template\n\nReplace this with your template content.\n');
-          ctx.print(`Template saved: ${name}`);
-        } catch (e) {
-          ctx.print(`Failed to save template: ${summarizeError(e)}`);
-        }
-        return;
-      }
-      if (sub === 'use') {
-        const name = rest[0];
-        if (!name) {
-          ctx.print('Usage: /template use <name> [args...]');
-          return;
-        }
-        const templateContent = templateManager.load(name);
-        if (templateContent === null) {
-          ctx.print(`Template not found: ${name}\nRun /template list to see available templates.`);
-          return;
-        }
-        ctx.submitInput?.(templateManager.expand(templateContent, parseTemplateArgs(rest.slice(1))));
-        return;
-      }
-      if (sub === 'edit') {
-        const name = rest[0];
-        if (!name) {
-          ctx.print('Usage: /template edit <name>');
-          return;
-        }
-        const content = templateManager.load(name);
-        ctx.print(content === null ? `Template not found: ${name}` : `Template: ${name}\n\n${content}`);
-        return;
-      }
-      if (sub === 'delete') {
-        const name = rest[0];
-        if (!name) {
-          ctx.print('Usage: /template delete <name> --yes');
-          return;
-        }
-        if (!parsed.yes) {
-          requireYesFlag(ctx, `delete prompt template ${name}`, '/template delete <name> --yes');
-          return;
-        }
-        ctx.print(templateManager.delete(name) ? `Template deleted: ${name}` : `Template not found: ${name}`);
-        return;
-      }
-      ctx.print(`Unknown subcommand: ${sub}\nUsage: /template save <name> --yes | use <name> | list | edit <name> | delete <name> --yes`);
-    },
-  });
-
   registry.register({
     name: 'memory',
     description: 'Manage session memories (pinned across context compaction)',

package/src/input/commands/shell-core.ts

@@ -219,19 +219,6 @@ export function registerShellCoreCommands(registry: CommandRegistry): void {
     },
   });
 
-  registry.register({
-    name: 'wq',
-    aliases: [':wq'],
-    description: 'Blocked in Agent; git commit/exit is owned by GoodVibes TUI',
-    handler(_args, ctx) {
-      ctx.print([
-        'Blocked: /wq is not available in GoodVibes Agent.',
-        'Git commit, worktree, and coding-session exit flows belong to GoodVibes TUI.',
-        'No files, commits, or repository state were changed.',
-      ].join('\n'));
-    },
-  });
-
   registry.register({
     name: 'effort',
     aliases: ['e'],