@pensar/apex 0.0.113 → 0.0.114-canary.28a10efa

package/README.md

@@ -1,6 +1,8 @@
 <h1 align="center">Pensar Apex</h1>
 
-<p align="center">AI-powered penetration testing using an AI agent to perform comprehensive blackbox and whitebox pentesting - directly in your terminal.
+<p align="center">
+AI-powered penetration testing using autonomous agents — directly in your terminal. Run blackbox and whitebox pentests that explore, reason, and surface real vulnerabilities.
+
 </p>
 
 <p align="center">
@@ -20,52 +22,50 @@ Want to run from the cloud or integrate it with your CI/CD? See <a href="https:/
   <img src="screenshot.png" alt="Pensar Apex Screenshot" width="800">
 </p> -->
 
-## Use Cases
+## What is Apex?
 
-Apex enables both developers and security professionals to run autonomous and assisted penetration testing directly from the terminal.
+Apex is an autonomous penetration testing agent that runs directly in your terminal.
 
-### Developers: Run a Pentest in Minutes
+It doesn't wrap existing scanners or chain shell scripts. Apex deploys a **swarm of specialized AI agents** — each with domain expertise in reconnaissance, authentication analysis, exploitation, and code review — that coordinate a real penetration test against your application. Every finding comes with CVSS 4.0 scoring, CWE classification, evidence, and a validated proof-of-concept.
 
-Apex makes it easy for developers to run a real penetration test without needing deep offensive security expertise.
+The result is a pentest that runs like `npm test` — but thinks like a red team.
 
-Using the autonomous `/pentest` mode, Apex will perform reconnaissance, attack surface discovery, vulnerability testing, and exploitation attempts automatically.
+## Why Apex?
 
-This allows teams to quickly identify security issues before they reach production.
+Traditional scanners execute signatures. Apex executes a methodology.
 
-```bash
-/pentest
-```
+- **Swarm architecture** - Specialized agents run in parallel across your attack surface, the same way a real red team divides and conquers. Up to 10 concurrent agents, each scoped to a specific objective.
+- **Structured, auditable output** - Every vulnerability is automatically scored (CVSS 4.0), classified (CWE), and documented with evidence and remediation steps. No raw tool dumps.
+- **Real exploitation, not guesswork** - Apex writes, runs, and validates proof-of-concept scripts. If the PoC doesn't succeed, it pivots to a different technique.
+- **Blackbox and whitebox** - Test a live target with no source access, or analyze your codebase to map endpoints and test them against a running instance.
+- **30+ built-in tools** - Browser automation, shell execution, HTTP requests, file analysis, web search for CVE lookups, authenticated crawling, and more. Optional Kali Linux container adds 25+ offensive security tools (nmap, sqlmap, hydra, hashcat, gobuster, and others).
 
-Examples:
+## Two Modes
 
-- Test a staging environment before deploying
-- Scan a newly launched domain or API
-- Run quick security checks during development
-- Identify exposed services or misconfigurations
+### `/pentest` — Autonomous
 
-This is the **fastest way to get real pentesting coverage without becoming a security expert.**
+Fire and forget. Apex runs a full engagement end-to-end: attack surface discovery, parallel swarm testing, and a structured report with findings in Markdown and JSON. No security expertise required.
 
----
+### `/operator` — Interactive
 
-### Security Engineers: Advanced Operator Workflows
+Full control. Steer the agent step by step, approve each action, chain exploits manually, and dig deep into specific targets. Every tool is available. The approval gate holds until you say go.
 
-Security professionals can use Apex as an **agentic offensive security harness** that orchestrates tools and reasoning workflows.
+Start with `/pentest` to get coverage, then reopen the session in `/operator` to investigate specific findings — all context carries over.
 
-The `/operator` mode allows engineers to work interactively with the Offensive Security Agent, guiding investigations and chaining tools dynamically.
+## Use Cases
 
-```bash
-/operator
-```
+### Developers
 
-Examples:
+- Run `/pentest` before merging a PR — catch vulnerabilities as naturally as running tests
+- Get actionable findings with severity scores, evidence, and suggested fixes — no security background needed
+- Integrate into CI/CD via headless CLI commands or Pensar Console
 
-- Deep investigation of suspicious endpoints
-- Manual exploitation of discovered vulnerabilities
-- Tool orchestration across recon and exploitation phases
-- Validation and reproduction of vulnerabilities
-- Open-source security research / testing
+### Security Engineers
 
-This turns Apex into a **terminal-native AI pentesting partner** rather than just a scanner.
+- Deploy agent-driven swarm testing across large attack surfaces
+- Use `/operator` mode for manual investigation, exploit chaining, and validation
+- Automate repetitive testing workflows with persistent memory that accumulates across engagements
+- Scale across teams and projects through Pensar Console
 
 ## Installation
 
@@ -82,18 +82,18 @@ brew tap pensarai/tap
 brew install apex
 ```
 
-#### Windows (PowerShell)
-
-```powershell
-irm https://www.pensarai.com/apex.ps1 | iex
-```
-
 #### npm
 
 ```bash
 npm install -g @pensar/apex
 ```
 
+#### Windows (PowerShell)
+
+```powershell
+irm https://www.pensarai.com/apex.ps1 | iex
+```
+
 ## Usage
 
 Open the Apex TUI:

package/build/{agent-k1n19b3w.js → agent-tvfx07q6.js}

@@ -1,18 +1,18 @@
 import {
   WhiteboxAttackSurfaceResultSchema
-} from "./cli-4sxvxwcb.js";
+} from "./cli-0xfq6e8r.js";
 import {
   OffensiveSecurityAgent
-} from "./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
+} from "./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
 import {
   hasToolCall,
   tool
-} from "./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import"./cli-8rxa073f.js";

package/build/agent-y8ysvqeg.js

@@ -0,0 +1,16 @@
+import {
+  CodeAgent
+} from "./cli-gqy49b6s.js";
+import"./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
+import"./cli-0tpx8khk.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+export {
+  CodeAgent
+};

package/build/{auth-a0ftn8cb.js → auth-8emg998z.js}

@@ -8,14 +8,14 @@ import {
   pollWorkOSToken,
   selectWorkspace,
   startDeviceFlow
-} from "./cli-yc2cs5cs.js";
+} from "./cli-4thpxq5q.js";
 import {
   config,
   getPensarApiUrl,
   getPensarConsoleUrl
-} from "./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import {
   __require
 } from "./cli-8rxa073f.js";

package/build/{authentication-vjefzf37.js → authentication-s40c921z.js}

@@ -3,15 +3,15 @@ import {
 } from "./cli-6gtnyaqf.js";
 import {
   OffensiveSecurityAgent
-} from "./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
+} from "./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
 import {
   hasToolCall
-} from "./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import"./cli-8rxa073f.js";

package/build/blackboxAgent-xt01ns0b.js

@@ -0,0 +1,17 @@
+import {
+  BlackboxAttackSurfaceAgent
+} from "./cli-8n882axc.js";
+import"./cli-6gtnyaqf.js";
+import"./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
+import"./cli-0tpx8khk.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+export {
+  BlackboxAttackSurfaceAgent
+};

package/build/{blackboxPentest-26japf1w.js → blackboxPentest-dzj8adnk.js}

@@ -1,18 +1,18 @@
 import {
   runPentestWorkflow
-} from "./cli-tat7hrek.js";
-import"./cli-0v3p48tt.js";
-import"./cli-7kpzf8kz.js";
-import"./cli-4sxvxwcb.js";
-import"./cli-065mgjsh.js";
+} from "./cli-6967baew.js";
+import"./cli-65bp1912.js";
+import"./cli-gqy49b6s.js";
+import"./cli-0xfq6e8r.js";
+import"./cli-8n882axc.js";
 import"./cli-6gtnyaqf.js";
-import"./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+import"./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import"./cli-8rxa073f.js";

package/build/{cli-4sxvxwcb.js → cli-0xfq6e8r.js}

@@ -1,7 +1,7 @@
 import {
   exports_external,
   init_zod
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 
 // src/core/agents/specialized/whiteboxAttackSurface/types.ts
 init_zod();

package/build/{cli-mnqb1xvt.js → cli-31v5wzk1.js}

@@ -3,7 +3,7 @@ import { spawnSync } from "child_process";
 // package.json
 var package_default = {
   name: "@pensar/apex",
-  version: "0.0.113",
+  version: "0.0.114-canary.28a10efa",
   description: "AI-powered penetration testing CLI tool with terminal UI",
   module: "src/tui/index.tsx",
   main: "build/cli.js",

package/build/{cli-yc2cs5cs.js → cli-4thpxq5q.js}

@@ -3,7 +3,7 @@ import {
   ensureValidToken,
   getPensarApiUrl,
   getPensarGatewayUrl
-} from "./cli-qeg15dzj.js";
+} from "./cli-z0a48qhb.js";
 
 // src/core/auth/device-flow.ts
 function sleep(ms) {

package/build/{cli-0v3p48tt.js → cli-65bp1912.js}

@@ -1,10 +1,10 @@
 import {
   OffensiveSecurityAgent
-} from "./cli-t7dpdkd6.js";
+} from "./cli-mynp9mm4.js";
 import {
   exports_external,
   init_zod
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 
 // src/core/agents/specialized/pentest/agent.ts
 init_zod();

package/build/{cli-tat7hrek.js → cli-6967baew.js}

@@ -1,23 +1,23 @@
 import {
   TargetedPentestAgent
-} from "./cli-0v3p48tt.js";
+} from "./cli-65bp1912.js";
 import {
   CodeAgent
-} from "./cli-7kpzf8kz.js";
+} from "./cli-gqy49b6s.js";
 import {
   EndpointSchema
-} from "./cli-4sxvxwcb.js";
+} from "./cli-0xfq6e8r.js";
 import {
   BlackboxAttackSurfaceAgent
-} from "./cli-065mgjsh.js";
+} from "./cli-8n882axc.js";
 import {
   CweEntrySchema,
   FindingsRegistry
-} from "./cli-t7dpdkd6.js";
+} from "./cli-mynp9mm4.js";
 import {
   exports_external,
   init_zod
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 
 // src/core/workflows/pentest.ts
 import { existsSync as existsSync4, readdirSync as readdirSync2, readFileSync as readFileSync4, writeFileSync as writeFileSync3 } from "fs";

package/build/{cli-065mgjsh.js → cli-8n882axc.js}

@@ -3,11 +3,11 @@ import {
 } from "./cli-6gtnyaqf.js";
 import {
   OffensiveSecurityAgent
-} from "./cli-t7dpdkd6.js";
+} from "./cli-mynp9mm4.js";
 import {
   hasToolCall,
   stepCountIs
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 
 // src/core/agents/specialized/attackSurface/blackboxAgent.ts
 import { join } from "path";

package/build/{cli-7kpzf8kz.js → cli-gqy49b6s.js}

@@ -1,9 +1,9 @@
 import {
   OffensiveSecurityAgent
-} from "./cli-t7dpdkd6.js";
+} from "./cli-mynp9mm4.js";
 import {
   stepCountIs
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 
 // src/core/agents/specialized/codeAgent/prompts.ts
 var CODE_AGENT_SYSTEM_PROMPT = `You are an expert coding agent with direct filesystem access. You will be given a specific objective — focus exclusively on completing it.

package/build/{cli-6nhtpv4g.js → cli-jzbdczka.js}

@@ -1,6 +1,6 @@
 import {
   getCurrentVersion
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 
 // src/core/config/config.ts
 import os from "os";

package/build/{cli-wqh6md2n.js → cli-kjgm60cg.js}

@@ -3,7 +3,7 @@ import {
   generateObjectResponse,
   init_zod,
   zod_default
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 import {
   __callDispose,
   __esm,

package/build/{cli-t7dpdkd6.js → cli-mynp9mm4.js}

@@ -17,7 +17,7 @@ import {
   update,
   write,
   writeRaw
-} from "./cli-wqh6md2n.js";
+} from "./cli-kjgm60cg.js";
 import {
   _enum,
   _null,
@@ -46,18 +46,18 @@ import {
   union,
   unknown,
   zod_default
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 import {
   signGatewayRequest
-} from "./cli-yc2cs5cs.js";
+} from "./cli-4thpxq5q.js";
 import {
   config,
   ensureValidToken,
   getPensarApiUrl
-} from "./cli-qeg15dzj.js";
+} from "./cli-z0a48qhb.js";
 import {
   getCurrentVersion
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 import {
   __commonJS,
   __require,
@@ -90666,7 +90666,7 @@ When to use delegate_to_auth_subagent vs authenticate_session:
         if (credentials) {
           ctx.session.credentialManager.addFromAuthCredentials(credentials);
         }
-        const { runAuthenticationAgent } = await import("./authentication-vjefzf37.js");
+        const { runAuthenticationAgent } = await import("./authentication-s40c921z.js");
         const subagentCallbacks = cbs ? {
           onTextDelta: (d) => cbs.onTextDelta?.({ ...d, subagentId }),
           onToolCall: (d) => cbs.onToolCall?.({ ...d, subagentId }),
@@ -91568,7 +91568,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
       });
       if (cwd) {
         try {
-          const { WhiteboxAttackSurfaceAgent } = await import("./agent-k1n19b3w.js");
+          const { WhiteboxAttackSurfaceAgent } = await import("./agent-tvfx07q6.js");
           const agent = new WhiteboxAttackSurfaceAgent({
             codebasePath: cwd,
             model: ctx.model,
@@ -91620,7 +91620,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
         }
       }
       try {
-        const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-dq8eany1.js");
+        const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-xt01ns0b.js");
         const agent = new BlackboxAttackSurfaceAgent({
           target,
           model: ctx.model,
@@ -91699,7 +91699,7 @@ Pass every target you want tested — the swarm handles concurrency automaticall
       toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing")
     }),
     execute: async ({ targets }) => {
-      const { runPentestSwarm, DEFAULT_CONCURRENCY } = await import("./pentest-agm6pqh1.js");
+      const { runPentestSwarm, DEFAULT_CONCURRENCY } = await import("./pentest-as63y0ej.js");
       if (!ctx.model) {
         return {
           success: false,
@@ -91826,7 +91826,7 @@ Returns an array of results with the text output from each agent.`,
   });
 }
 async function runSingleCodingAgent(ctx, codebasePath, objective, agentIndex, name) {
-  const { CodeAgent } = await import("./agent-cff8va32.js");
+  const { CodeAgent } = await import("./agent-y8ysvqeg.js");
   const subagentId = `coding-agent-${agentIndex}`;
   ctx.subagentCallbacks?.onSubagentSpawn?.({
     subagentId,

package/build/{cli-j6qdxby9.js → cli-x8806nck.js}

@@ -1,11 +1,11 @@
 import {
   signGatewayRequest
-} from "./cli-yc2cs5cs.js";
+} from "./cli-4thpxq5q.js";
 import {
   config,
   ensureValidToken,
   getPensarGatewayUrl
-} from "./cli-qeg15dzj.js";
+} from "./cli-z0a48qhb.js";
 import {
   getModelInfo
 } from "./cli-0tpx8khk.js";

package/build/{cli-qeg15dzj.js → cli-z0a48qhb.js}

@@ -2,7 +2,7 @@ import {
   get,
   init,
   update
-} from "./cli-6nhtpv4g.js";
+} from "./cli-jzbdczka.js";
 
 // src/core/api/constants.ts
 var PENSAR_API_BASE_URL = "https://api.pensar.dev";

package/build/{cli-g0r410cd.js → cli-z19gths3.js}

@@ -2,7 +2,7 @@ import {
   config,
   ensureValidToken,
   getPensarApiUrl
-} from "./cli-qeg15dzj.js";
+} from "./cli-z0a48qhb.js";
 
 // src/core/api/issues.ts
 async function getAuthHeaders() {

package/build/cli.js

@@ -1,12 +1,12 @@
 #!/usr/bin/env bun
 // @bun
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
 import {
   package_default
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import {
@@ -16,7 +16,7 @@ import {
 // package.json
 var package_default2 = {
   name: "@pensar/apex",
-  version: "0.0.113",
+  version: "0.0.114-canary.28a10efa",
   description: "AI-powered penetration testing CLI tool with terminal UI",
   module: "src/tui/index.tsx",
   main: "build/cli.js",
@@ -351,9 +351,9 @@ Global options:
 async function runPentest() {
   const { config: config2 } = await import("./main-2483qzbq.js").then((m)=>__toESM(m.default,1));
   config2();
-  const { runPentestAgent } = await import("./blackboxPentest-26japf1w.js");
-  const { sessions } = await import("./index-4ds7eh13.js");
-  const { config: appConfig } = await import("./index-8dgs0erz.js");
+  const { runPentestAgent } = await import("./blackboxPentest-dzj8adnk.js");
+  const { sessions } = await import("./index-sse0bgp1.js");
+  const { config: appConfig } = await import("./index-5s63xrwe.js");
   const { getDefaultModelForConfig } = await import("./utils-9fhmzzzh.js");
   const target = getArgRequired("--target");
   const cwd = getArg("--cwd");
@@ -408,9 +408,9 @@ Report:    ${reportPath}` : ""}`);
 async function runTargetedPentest() {
   const { config: config2 } = await import("./main-2483qzbq.js").then((m)=>__toESM(m.default,1));
   config2();
-  const { runTargetedPentestAgent } = await import("./targetedPentest-qrcrtpzg.js");
-  const { sessions } = await import("./index-4ds7eh13.js");
-  const { config: appConfig } = await import("./index-8dgs0erz.js");
+  const { runTargetedPentestAgent } = await import("./targetedPentest-m8mayqrk.js");
+  const { sessions } = await import("./index-sse0bgp1.js");
+  const { config: appConfig } = await import("./index-5s63xrwe.js");
   const { getDefaultModelForConfig } = await import("./utils-9fhmzzzh.js");
   const target = getArgRequired("--target");
   const objectives = getAllArgs("--objective");
@@ -472,25 +472,25 @@ if (command === "version" || command === "--version" || command === "-v") {
   await runTargetedPentest();
 } else if (command === "auth") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./auth-a0ftn8cb.js");
+  await import("./auth-8emg998z.js");
 } else if (command === "uninstall") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./uninstall-hp43qwmn.js");
+  await import("./uninstall-qwf8es4w.js");
 } else if (command === "projects") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./projects-0a1zfjgm.js");
+  await import("./projects-cd8aa6g1.js");
 } else if (command === "pentests") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./pentests-7a8s43nj.js");
+  await import("./pentests-v8za91se.js");
 } else if (command === "issues") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./issues-7yvjwc2j.js");
+  await import("./issues-ff820n76.js");
 } else if (command === "fixes") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./fixes-szq7tb0p.js");
+  await import("./fixes-8tgqe03t.js");
 } else if (command === "logs") {
   process.argv = [process.argv[0], process.argv[1], ...args.slice(1)];
-  await import("./logs-22ks7j0v.js");
+  await import("./logs-m6gck8s8.js");
 } else if (command === "doctor") {
   const { runDoctor } = await import("./doctor-b7612pzw.js");
   await runDoctor();
@@ -500,7 +500,7 @@ if (command === "version" || command === "--version" || command === "-v") {
     console.error("All other commands work with Node \u2014 run 'pensar --help'.");
     process.exit(1);
   }
-  await import("./index-sr5w8v3d.js");
+  await import("./index-vp8hh8jn.js");
 } else {
   console.error(`Error: Unknown command '${command}'`);
   console.error();

package/build/{fixes-szq7tb0p.js → fixes-8tgqe03t.js}

@@ -2,10 +2,10 @@
 import {
   getFix,
   listFixes
-} from "./cli-g0r410cd.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z19gths3.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/cli/fixes.ts

package/build/{index-8dgs0erz.js → index-5s63xrwe.js}

@@ -2,8 +2,8 @@ import {
   get,
   init,
   update
-} from "./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/core/config/index.ts

package/build/{index-4ds7eh13.js → index-sse0bgp1.js}

@@ -17,17 +17,17 @@ import {
   update,
   write,
   writeRaw
-} from "./cli-wqh6md2n.js";
+} from "./cli-kjgm60cg.js";
 import {
   init_zod,
   zod_default
-} from "./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
+} from "./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
 import {
   getCurrentVersion
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import {

package/build/{index-sr5w8v3d.js → index-vp8hh8jn.js}

@@ -8,11 +8,11 @@ import {
   readExecutionMetrics,
   runPentestWorkflow,
   writeExecutionMetrics
-} from "./cli-tat7hrek.js";
-import"./cli-0v3p48tt.js";
-import"./cli-7kpzf8kz.js";
-import"./cli-4sxvxwcb.js";
-import"./cli-065mgjsh.js";
+} from "./cli-6967baew.js";
+import"./cli-65bp1912.js";
+import"./cli-gqy49b6s.js";
+import"./cli-0xfq6e8r.js";
+import"./cli-8n882axc.js";
 import"./cli-6gtnyaqf.js";
 import {
   ALL_TOOL_NAMES,
@@ -23,17 +23,17 @@ import {
   createInitialOperatorState,
   normalizeMessages,
   sessions
-} from "./cli-t7dpdkd6.js";
+} from "./cli-mynp9mm4.js";
 import {
   createToolsetState,
   init_toolset,
   read,
   write
-} from "./cli-wqh6md2n.js";
+} from "./cli-kjgm60cg.js";
 import {
   buildAuthConfig,
   stepCountIs
-} from "./cli-j6qdxby9.js";
+} from "./cli-x8806nck.js";
 import {
   disconnect,
   fetchWorkspaces,
@@ -44,18 +44,18 @@ import {
   selectWorkspace,
   startDeviceFlow,
   validateGateway
-} from "./cli-yc2cs5cs.js";
+} from "./cli-4thpxq5q.js";
 import {
   config,
   getPensarApiUrl,
   getPensarConsoleUrl
-} from "./cli-qeg15dzj.js";
+} from "./cli-z0a48qhb.js";
 import {
   update
-} from "./cli-6nhtpv4g.js";
+} from "./cli-jzbdczka.js";
 import {
   checkForUpdate
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 import {
   AVAILABLE_MODELS
 } from "./cli-0tpx8khk.js";
@@ -59551,25 +59551,17 @@ function markdownToStyledText(content, colors2) {
     ]);
   }
 }
-// src/tui/components/shared/message-utils.ts
-import { createHash } from "crypto";
-
 // src/tui/components/shared/type-guards.ts
 function isToolMessage(msg) {
   return msg.role === "tool" && typeof msg.toolCallId === "string" && typeof msg.toolName === "string" && typeof msg.status === "string";
 }
 
 // src/tui/components/shared/message-utils.ts
-function hashContent(content) {
-  return createHash("sha256").update(content).digest("hex").slice(0, 8);
-}
 function getStableMessageKey(item, contextId = "root") {
   if (isToolMessage(item)) {
     return `${contextId}-tool-${item.toolCallId}`;
   }
-  const content = typeof item.content === "string" ? item.content : JSON.stringify(item.content);
-  const contentHash = hashContent(content);
-  return `${contextId}-${item.role}-${item.createdAt.getTime()}-${contentHash}`;
+  return `${contextId}-${item.role}-${item.createdAt.getTime()}`;
 }
 function extractStreamableContent(args) {
   if (typeof args.content === "string")
@@ -62403,11 +62395,17 @@ function AgentCardGrid({
 }) {
   const { colors: colors2 } = useTheme();
   const scrollRef = useRef11(null);
+  const agentsRef = useRef11(agents);
+  agentsRef.current = agents;
+  const prevFocusedIndexRef = useRef11(focusedIndex);
   useEffect20(() => {
-    const agent = agents[focusedIndex];
+    if (prevFocusedIndexRef.current === focusedIndex)
+      return;
+    prevFocusedIndexRef.current = focusedIndex;
+    const agent = agentsRef.current[focusedIndex];
     if (agent)
       scrollToChild(scrollRef.current, agent.id);
-  }, [focusedIndex, agents]);
+  }, [focusedIndex]);
   const rows = useMemo18(() => {
     const result = [];
     for (let i = 0;i < agents.length; i += gridColumns) {

package/build/{issues-7yvjwc2j.js → issues-ff820n76.js}

@@ -3,10 +3,10 @@ import {
   getIssue,
   listIssues,
   updateIssue
-} from "./cli-g0r410cd.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z19gths3.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/cli/issues.ts

package/build/{logs-22ks7j0v.js → logs-m6gck8s8.js}

@@ -2,10 +2,10 @@
 import {
   listAgentLogs,
   searchAgentLogs
-} from "./cli-g0r410cd.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z19gths3.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/cli/logs.ts

package/build/pentest-as63y0ej.js

@@ -0,0 +1,25 @@
+import {
+  DEFAULT_CONCURRENCY,
+  runPentestSwarm,
+  runPentestWorkflow
+} from "./cli-6967baew.js";
+import"./cli-65bp1912.js";
+import"./cli-gqy49b6s.js";
+import"./cli-0xfq6e8r.js";
+import"./cli-8n882axc.js";
+import"./cli-6gtnyaqf.js";
+import"./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
+import"./cli-0tpx8khk.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+export {
+  runPentestWorkflow,
+  runPentestSwarm,
+  DEFAULT_CONCURRENCY
+};

package/build/{pentests-7a8s43nj.js → pentests-v8za91se.js}

@@ -3,10 +3,10 @@ import {
   dispatchPentest,
   getScan,
   listScans
-} from "./cli-g0r410cd.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z19gths3.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/cli/pentests.ts

package/build/{projects-0a1zfjgm.js → projects-cd8aa6g1.js}

@@ -1,10 +1,10 @@
 #!/usr/bin/env bun
 import {
   listProjects
-} from "./cli-g0r410cd.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-z19gths3.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-8rxa073f.js";
 
 // src/cli/projects.ts

package/build/{targetedPentest-qrcrtpzg.js → targetedPentest-m8mayqrk.js}

@@ -1,13 +1,13 @@
 import {
   TargetedPentestAgent
-} from "./cli-0v3p48tt.js";
-import"./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
+} from "./cli-65bp1912.js";
+import"./cli-mynp9mm4.js";
+import"./cli-kjgm60cg.js";
+import"./cli-x8806nck.js";
+import"./cli-4thpxq5q.js";
+import"./cli-z0a48qhb.js";
+import"./cli-jzbdczka.js";
+import"./cli-31v5wzk1.js";
 import"./cli-0tpx8khk.js";
 import"./cli-7ckctq7a.js";
 import"./cli-8rxa073f.js";

package/build/{uninstall-hp43qwmn.js → uninstall-qwf8es4w.js}

@@ -1,7 +1,7 @@
 #!/usr/bin/env bun
 import {
   detectInstallMethod
-} from "./cli-mnqb1xvt.js";
+} from "./cli-31v5wzk1.js";
 import {
   __require
 } from "./cli-8rxa073f.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pensar/apex",
-  "version": "0.0.113",
+  "version": "0.0.114-canary.28a10efa",
   "description": "AI-powered penetration testing CLI tool with terminal UI",
   "module": "src/tui/index.tsx",
   "main": "build/cli.js",

package/build/agent-cff8va32.js

@@ -1,16 +0,0 @@
-import {
-  CodeAgent
-} from "./cli-7kpzf8kz.js";
-import"./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
-import"./cli-0tpx8khk.js";
-import"./cli-7ckctq7a.js";
-import"./cli-8rxa073f.js";
-export {
-  CodeAgent
-};

package/build/blackboxAgent-dq8eany1.js

@@ -1,17 +0,0 @@
-import {
-  BlackboxAttackSurfaceAgent
-} from "./cli-065mgjsh.js";
-import"./cli-6gtnyaqf.js";
-import"./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
-import"./cli-0tpx8khk.js";
-import"./cli-7ckctq7a.js";
-import"./cli-8rxa073f.js";
-export {
-  BlackboxAttackSurfaceAgent
-};

package/build/pentest-agm6pqh1.js

@@ -1,25 +0,0 @@
-import {
-  DEFAULT_CONCURRENCY,
-  runPentestSwarm,
-  runPentestWorkflow
-} from "./cli-tat7hrek.js";
-import"./cli-0v3p48tt.js";
-import"./cli-7kpzf8kz.js";
-import"./cli-4sxvxwcb.js";
-import"./cli-065mgjsh.js";
-import"./cli-6gtnyaqf.js";
-import"./cli-t7dpdkd6.js";
-import"./cli-wqh6md2n.js";
-import"./cli-j6qdxby9.js";
-import"./cli-yc2cs5cs.js";
-import"./cli-qeg15dzj.js";
-import"./cli-6nhtpv4g.js";
-import"./cli-mnqb1xvt.js";
-import"./cli-0tpx8khk.js";
-import"./cli-7ckctq7a.js";
-import"./cli-8rxa073f.js";
-export {
-  runPentestWorkflow,
-  runPentestSwarm,
-  DEFAULT_CONCURRENCY
-};