@phuetz/code-buddy 0.1.0 → 0.1.1

package/dist/security/bash-parser.js

@@ -0,0 +1,327 @@
+/**
+ * Bash Command Parser (Vibe-inspired)
+ *
+ * Parses bash commands to extract individual commands from complex
+ * expressions (pipelines, chains, subshells, command substitutions).
+ *
+ * Uses tree-sitter-bash if available, otherwise falls back to a
+ * robust regex/state-machine parser that handles common patterns.
+ *
+ * This is critical for security: `rm -rf / && echo safe` should
+ * detect the `rm -rf /` component, not just see "echo safe".
+ */
+import { logger } from '../utils/logger.js';
+/**
+ * Parse bash commands using a state-machine approach.
+ * Handles quotes, escapes, pipelines, chains, subshells.
+ */
+function fallbackParse(input, depth = 0) {
+    if (depth > 10) {
+        return { commands: [{ command: input, args: [], raw: input, connector: null, isSubshell: false }], usedTreeSitter: false, warnings: ['Parse depth limit exceeded'] };
+    }
+    const commands = [];
+    const warnings = [];
+    // First, handle `bash -c "..."` and `sh -c "..."` wrapper
+    const bashCMatch = input.match(/^(bash|sh|zsh)\s+(-[a-z]*c)\s+(['"])([\s\S]*?)\3\s*$/);
+    if (bashCMatch) {
+        const innerResult = fallbackParse(bashCMatch[4], depth + 1);
+        // Also add the outer shell command
+        return {
+            commands: [
+                { command: bashCMatch[1], args: [bashCMatch[2], bashCMatch[4]], raw: input, connector: null, isSubshell: false },
+                ...innerResult.commands.map(c => ({ ...c, isSubshell: true })),
+            ],
+            usedTreeSitter: false,
+            warnings: innerResult.warnings,
+        };
+    }
+    // Tokenize: split on unquoted separators (&&, ||, |, ;)
+    const segments = [];
+    let current = '';
+    let quoteState = 'none';
+    let escaped = false;
+    let parenDepth = 0;
+    for (let i = 0; i < input.length; i++) {
+        const ch = input[i];
+        const next = input[i + 1];
+        if (escaped) {
+            current += ch;
+            escaped = false;
+            continue;
+        }
+        if (ch === '\\') {
+            escaped = true;
+            current += ch;
+            continue;
+        }
+        // Quote handling
+        if (quoteState === 'none') {
+            if (ch === "'") {
+                quoteState = 'single';
+                current += ch;
+                continue;
+            }
+            if (ch === '"') {
+                quoteState = 'double';
+                current += ch;
+                continue;
+            }
+            if (ch === '`') {
+                quoteState = 'backtick';
+                current += ch;
+                continue;
+            }
+        }
+        else if (quoteState === 'single' && ch === "'") {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        else if (quoteState === 'double' && ch === '"') {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        else if (quoteState === 'backtick' && ch === '`') {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        if (quoteState !== 'none') {
+            current += ch;
+            continue;
+        }
+        // Subshell/group tracking
+        if (ch === '(' || ch === '{') {
+            parenDepth++;
+            current += ch;
+            continue;
+        }
+        if (ch === ')' || ch === '}') {
+            parenDepth--;
+            current += ch;
+            continue;
+        }
+        if (parenDepth > 0) {
+            current += ch;
+            continue;
+        }
+        // Separators (only at top level, outside quotes)
+        if (ch === '&' && next === '&') {
+            segments.push({ text: current.trim(), connector: '&&' });
+            current = '';
+            i++; // skip next &
+            continue;
+        }
+        if (ch === '|' && next === '|') {
+            segments.push({ text: current.trim(), connector: '||' });
+            current = '';
+            i++; // skip next |
+            continue;
+        }
+        if (ch === '|') {
+            segments.push({ text: current.trim(), connector: '|' });
+            current = '';
+            continue;
+        }
+        if (ch === ';') {
+            segments.push({ text: current.trim(), connector: ';' });
+            current = '';
+            continue;
+        }
+        current += ch;
+    }
+    if (current.trim()) {
+        segments.push({ text: current.trim(), connector: null });
+    }
+    // Parse each segment into a command
+    for (const seg of segments) {
+        if (!seg.text)
+            continue;
+        // Handle command substitution $(...) recursively
+        const subCmdMatch = seg.text.match(/\$\((.+)\)/);
+        if (subCmdMatch) {
+            const innerResult = fallbackParse(subCmdMatch[1], depth + 1);
+            commands.push(...innerResult.commands.map(c => ({ ...c, isSubshell: true })));
+        }
+        // Handle subshell (...)
+        const subshellMatch = seg.text.match(/^\((.+)\)$/);
+        if (subshellMatch) {
+            const innerResult = fallbackParse(subshellMatch[1], depth + 1);
+            commands.push(...innerResult.commands.map(c => ({ ...c, isSubshell: true })));
+            continue;
+        }
+        // Strip env var assignments at the start: VAR=value cmd args
+        let cmdText = seg.text;
+        while (/^\w+=\S*\s/.test(cmdText)) {
+            cmdText = cmdText.replace(/^\w+=\S*\s+/, '');
+        }
+        // Strip redirections from the end for command detection
+        const cleanText = cmdText
+            .replace(/\s*[0-9]*>[>&]*\s*\S+/g, '')
+            .replace(/\s*<\s*\S+/g, '')
+            .trim();
+        if (!cleanText)
+            continue;
+        // Split into command and args
+        const parts = tokenizeSimple(cleanText);
+        if (parts.length === 0)
+            continue;
+        commands.push({
+            command: parts[0],
+            args: parts.slice(1),
+            raw: seg.text,
+            connector: seg.connector,
+            isSubshell: false,
+        });
+    }
+    if (quoteState !== 'none') {
+        warnings.push(`Unclosed ${quoteState} quote`);
+    }
+    return { commands, usedTreeSitter: false, warnings };
+}
+/**
+ * Simple tokenizer that respects quotes.
+ */
+function tokenizeSimple(input) {
+    const tokens = [];
+    let current = '';
+    let inSingle = false;
+    let inDouble = false;
+    for (let i = 0; i < input.length; i++) {
+        const ch = input[i];
+        if (ch === "'" && !inDouble) {
+            inSingle = !inSingle;
+            continue;
+        }
+        if (ch === '"' && !inSingle) {
+            inDouble = !inDouble;
+            continue;
+        }
+        if (ch === ' ' && !inSingle && !inDouble) {
+            if (current) {
+                tokens.push(current);
+                current = '';
+            }
+            continue;
+        }
+        current += ch;
+    }
+    if (current)
+        tokens.push(current);
+    return tokens;
+}
+// ============================================================================
+// Public API
+// ============================================================================
+/**
+ * Parse a bash command string into individual commands.
+ * Uses tree-sitter if available, falls back to state-machine parser.
+ */
+export function parseBashCommand(input) {
+    if (!input || !input.trim()) {
+        return { commands: [], usedTreeSitter: false, warnings: [] };
+    }
+    // Try tree-sitter first (optional dependency)
+    try {
+        // Dynamic import — only works if tree-sitter + tree-sitter-bash are installed
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
+        const Parser = require('tree-sitter');
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
+        const Bash = require('tree-sitter-bash');
+        const parser = new Parser();
+        parser.setLanguage(Bash);
+        const tree = parser.parse(input);
+        const commands = extractCommandsFromTree(tree.rootNode, input);
+        logger.debug('Parsed bash with tree-sitter', { commandCount: commands.length });
+        return { commands, usedTreeSitter: true, warnings: [] };
+    }
+    catch {
+        // tree-sitter not available — use fallback
+    }
+    return fallbackParse(input);
+}
+/**
+ * Extract commands from a tree-sitter AST node.
+ */
+function extractCommandsFromTree(node, _source, isSubshell = false) {
+    const commands = [];
+    function walk(n, subshell) {
+        switch (n.type) {
+            case 'command': {
+                const parts = [];
+                for (let i = 0; i < n.childCount; i++) {
+                    const child = n.child(i);
+                    if (child.type === 'command_name' || child.type === 'word' || child.type === 'string') {
+                        parts.push(child.text);
+                    }
+                }
+                if (parts.length > 0) {
+                    commands.push({
+                        command: parts[0],
+                        args: parts.slice(1),
+                        raw: n.text,
+                        connector: null,
+                        isSubshell: subshell,
+                    });
+                }
+                break;
+            }
+            case 'pipeline':
+            case 'list':
+            case 'compound_statement':
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), subshell);
+                }
+                break;
+            case 'subshell':
+            case 'command_substitution':
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), true);
+                }
+                break;
+            default:
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), subshell);
+                }
+        }
+    }
+    walk(node, isSubshell);
+    return commands;
+}
+/**
+ * Extract just the command names from a bash string (convenience).
+ */
+export function extractCommandNames(input) {
+    const result = parseBashCommand(input);
+    return result.commands.map(c => c.command);
+}
+/**
+ * Check if a bash command string contains any of the given commands.
+ */
+export function containsCommand(input, commands) {
+    const names = extractCommandNames(input);
+    return names.some(name => commands.includes(name));
+}
+/**
+ * Check if a bash command string contains dangerous commands.
+ */
+export function containsDangerousCommand(input) {
+    const DANGEROUS = [
+        'rm', 'rmdir', 'mkfs', 'dd', 'fdisk', 'parted',
+        'shutdown', 'reboot', 'poweroff', 'halt',
+        'kill', 'killall', 'pkill',
+        'chmod', 'chown', 'chgrp',
+        'iptables', 'ip6tables', 'nft',
+        'useradd', 'userdel', 'usermod', 'groupadd',
+        'mount', 'umount',
+        'systemctl', 'service',
+        'crontab',
+    ];
+    const result = parseBashCommand(input);
+    const found = result.commands
+        .map(c => c.command)
+        .filter(name => DANGEROUS.includes(name));
+    return { dangerous: found.length > 0, commands: [...new Set(found)] };
+}
+//# sourceMappingURL=bash-parser.js.map

package/dist/security/bash-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bash-parser.js","sourceRoot":"","sources":["../../src/security/bash-parser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AA6B5C;;;GAGG;AACH,SAAS,aAAa,CAAC,KAAa,EAAE,QAAgB,CAAC;IACrD,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;QAAC,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,4BAA4B,CAAC,EAAE,CAAC;IAAC,CAAC;IACzL,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,0DAA0D;IAC1D,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IACvF,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,WAAW,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QAC5D,mCAAmC;QACnC,OAAO;YACL,QAAQ,EAAE;gBACR,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE;gBAChH,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;aAC/D;YACD,cAAc,EAAE,KAAK;YACrB,QAAQ,EAAE,WAAW,CAAC,QAAQ;SAC/B,CAAC;IACJ,CAAC;IAED,wDAAwD;IACxD,MAAM,QAAQ,GAAiD,EAAE,CAAC;IAClE,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE1B,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,IAAI,EAAE,CAAC;YACd,OAAO,GAAG,KAAK,CAAC;YAChB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,OAAO,GAAG,IAAI,CAAC;YACf,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,iBAAiB;QACjB,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YAC1B,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,QAAQ,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;YACnE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,QAAQ,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;YACnE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,UAAU,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;QACvE,CAAC;aAAM,IAAI,UAAU,KAAK,QAAQ,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACjD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;aAAM,IAAI,UAAU,KAAK,QAAQ,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACjD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;aAAM,IAAI,UAAU,KAAK,UAAU,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACnD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;QAED,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YAC1B,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,0BAA0B;QAC1B,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAAC,UAAU,EAAE,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QACxE,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAAC,UAAU,EAAE,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAExE,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzD,OAAO,GAAG,EAAE,CAAC;YACb,CAAC,EAAE,CAAC,CAAC,cAAc;YACnB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzD,OAAO,GAAG,EAAE,CAAC;YACb,CAAC,EAAE,CAAC,CAAC,cAAc;YACnB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YACxD,OAAO,GAAG,EAAE,CAAC;YACb,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YACxD,OAAO,GAAG,EAAE,CAAC;YACb,SAAS;QACX,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,oCAAoC;IACpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC,GAAG,CAAC,IAAI;YAAE,SAAS;QAExB,iDAAiD;QACjD,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC;QAED,wBAAwB;QACxB,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,WAAW,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9E,SAAS;QACX,CAAC;QAED,6DAA6D;QAC7D,IAAI,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC;QACvB,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;QAED,wDAAwD;QACxD,MAAM,SAAS,GAAG,OAAO;aACtB,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC;aACrC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC;aAC1B,IAAI,EAAE,CAAC;QAEV,IAAI,CAAC,SAAS;YAAE,SAAS;QAEzB,8BAA8B;QAC9B,MAAM,KAAK,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;QACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEjC,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YACjB,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;YACpB,GAAG,EAAE,GAAG,CAAC,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,UAAU,EAAE,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,YAAY,UAAU,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEpB,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC;YACrB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC;YACrB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzC,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACrB,OAAO,GAAG,EAAE,CAAC;YACf,CAAC;YACD,SAAS;QACX,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,IAAI,OAAO;QAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAClC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC5B,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC/D,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC;QACH,8EAA8E;QAC9E,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QACtC,iEAAiE;QACjE,MAAM,IAAI,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAEzC,MAAM,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QAC5B,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACzB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,QAAQ,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC/D,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAEhF,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,2CAA2C;IAC7C,CAAC;IAED,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,IAAmM,EACnM,OAAe,EACf,UAAU,GAAG,KAAK;IAElB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,SAAS,IAAI,CAAC,CAAc,EAAE,QAAiB;QAC7C,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC;YACf,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAa,EAAE,CAAC;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,CAAC;oBACxC,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;wBACtF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;gBACD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,QAAQ,CAAC,IAAI,CAAC;wBACZ,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;wBACjB,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;wBACpB,GAAG,EAAE,CAAC,CAAC,IAAI;wBACX,SAAS,EAAE,IAAI;wBACf,UAAU,EAAE,QAAQ;qBACrB,CAAC,CAAC;gBACL,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,UAAU,CAAC;YAChB,KAAK,MAAM,CAAC;YACZ,KAAK,oBAAoB;gBACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,QAAQ,CAAC,CAAC;gBAC5C,CAAC;gBACD,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,sBAAsB;gBACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,IAAI,CAAC,CAAC;gBACxC,CAAC;gBACD,MAAM;YACR;gBACE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,QAAQ,CAAC,CAAC;gBAC5C,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IACvB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACvC,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,KAAa,EAAE,QAAkB;IAC/D,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,KAAa;IACpD,MAAM,SAAS,GAAG;QAChB,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ;QAC9C,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM;QACxC,MAAM,EAAE,SAAS,EAAE,OAAO;QAC1B,OAAO,EAAE,OAAO,EAAE,OAAO;QACzB,UAAU,EAAE,WAAW,EAAE,KAAK;QAC9B,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU;QAC3C,OAAO,EAAE,QAAQ;QACjB,WAAW,EAAE,SAAS;QACtB,SAAS;KACV,CAAC;IAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ;SAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAE5C,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;AACxE,CAAC"}

package/dist/security/skill-scanner.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Skill Code Scanner (OpenClaw-inspired)
+ *
+ * Static analysis of skill files for dangerous patterns.
+ * Scans SKILL.md files and any referenced code for security issues.
+ */
+export type FindingSeverity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export interface ScanFinding {
+    severity: FindingSeverity;
+    pattern: string;
+    description: string;
+    file: string;
+    line: number;
+    evidence: string;
+}
+export interface ScanResult {
+    file: string;
+    findings: ScanFinding[];
+    scannedAt: number;
+}
+/**
+ * Scan a single file for dangerous patterns.
+ */
+export declare function scanFile(filePath: string): ScanResult;
+/**
+ * Scan a directory of skill files recursively.
+ */
+export declare function scanDirectory(dirPath: string): ScanResult[];
+/**
+ * Scan all skill locations (bundled, managed, workspace).
+ */
+export declare function scanAllSkills(projectRoot?: string): ScanResult[];
+/**
+ * Format scan results as a human-readable report.
+ */
+export declare function formatScanReport(results: ScanResult[]): string;

package/dist/security/skill-scanner.js

@@ -0,0 +1,149 @@
+/**
+ * Skill Code Scanner (OpenClaw-inspired)
+ *
+ * Static analysis of skill files for dangerous patterns.
+ * Scans SKILL.md files and any referenced code for security issues.
+ */
+import fs from 'fs';
+import path from 'path';
+import { logger } from '../utils/logger.js';
+const DANGEROUS_PATTERNS = [
+    // Code execution
+    { pattern: /\beval\s*\(/, severity: 'critical', description: 'Dynamic code execution via eval()', name: 'eval' },
+    { pattern: /\bnew\s+Function\s*\(/, severity: 'critical', description: 'Dynamic function creation', name: 'new-function' },
+    { pattern: /\bchild_process\b/, severity: 'high', description: 'Child process module usage', name: 'child_process' },
+    { pattern: /\bexecSync\s*\(/, severity: 'high', description: 'Synchronous command execution', name: 'execSync' },
+    { pattern: /\bexecFile\s*\(/, severity: 'high', description: 'File execution', name: 'execFile' },
+    { pattern: /\bspawn\s*\(/, severity: 'medium', description: 'Process spawning', name: 'spawn' },
+    { pattern: /\bexec\s*\(/, severity: 'high', description: 'Command execution', name: 'exec' },
+    // File system dangers
+    { pattern: /\brm\s+-rf\b/, severity: 'critical', description: 'Recursive force delete', name: 'rm-rf' },
+    { pattern: /\bunlinkSync\s*\(/, severity: 'medium', description: 'Synchronous file deletion', name: 'unlinkSync' },
+    { pattern: /\bwriteFileSync\s*\(/, severity: 'low', description: 'Synchronous file write', name: 'writeFileSync' },
+    { pattern: /\brmdirSync\s*\(/, severity: 'medium', description: 'Directory removal', name: 'rmdirSync' },
+    // Network
+    { pattern: /\bfetch\s*\(\s*['"`]http/, severity: 'medium', description: 'External HTTP request', name: 'fetch-http' },
+    { pattern: /\baxios\b/, severity: 'low', description: 'HTTP client library usage', name: 'axios' },
+    { pattern: /\brequire\s*\(\s*['"`]https?['"`]\s*\)/, severity: 'medium', description: 'HTTP module import', name: 'http-require' },
+    { pattern: /\bWebSocket\b/, severity: 'medium', description: 'WebSocket usage', name: 'websocket' },
+    // Dynamic imports
+    { pattern: /\brequire\s*\([^'"`]/, severity: 'high', description: 'Dynamic require with variable', name: 'dynamic-require' },
+    { pattern: /\bimport\s*\([^'"`]/, severity: 'high', description: 'Dynamic import with variable', name: 'dynamic-import' },
+    // Environment/secrets
+    { pattern: /process\.env\[/, severity: 'low', description: 'Dynamic environment variable access', name: 'env-dynamic' },
+    { pattern: /\b(API_KEY|SECRET|PASSWORD|TOKEN)\b/i, severity: 'info', description: 'Possible secret reference', name: 'secret-ref' },
+    // Prototype pollution
+    { pattern: /__proto__/, severity: 'high', description: 'Prototype pollution risk', name: 'proto' },
+    { pattern: /\bconstructor\s*\[/, severity: 'high', description: 'Constructor access via bracket notation', name: 'constructor-bracket' },
+    // Shell injection
+    { pattern: /`\$\{.*\}`/, severity: 'medium', description: 'Template literal with interpolation (potential injection)', name: 'template-injection' },
+    { pattern: /\$\(.*\)/, severity: 'medium', description: 'Shell command substitution', name: 'shell-subst' },
+];
+/**
+ * Scan a single file for dangerous patterns.
+ */
+export function scanFile(filePath) {
+    const findings = [];
+    try {
+        const content = fs.readFileSync(filePath, 'utf-8');
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            const lineNum = i + 1;
+            // Skip markdown comments and frontmatter delimiters
+            if (line.trim().startsWith('<!--') || line.trim() === '---')
+                continue;
+            for (const dp of DANGEROUS_PATTERNS) {
+                if (dp.pattern.test(line)) {
+                    findings.push({
+                        severity: dp.severity,
+                        pattern: dp.name,
+                        description: dp.description,
+                        file: filePath,
+                        line: lineNum,
+                        evidence: line.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+    }
+    catch (error) {
+        logger.debug(`Failed to scan file: ${filePath}`, { error });
+    }
+    return {
+        file: filePath,
+        findings,
+        scannedAt: Date.now(),
+    };
+}
+/**
+ * Scan a directory of skill files recursively.
+ */
+export function scanDirectory(dirPath) {
+    const results = [];
+    if (!fs.existsSync(dirPath))
+        return results;
+    const entries = fs.readdirSync(dirPath, { withFileTypes: true });
+    for (const entry of entries) {
+        const fullPath = path.join(dirPath, entry.name);
+        if (entry.isDirectory()) {
+            results.push(...scanDirectory(fullPath));
+        }
+        else if (entry.name.endsWith('.skill.md') ||
+            entry.name === 'SKILL.md' ||
+            entry.name.endsWith('.ts') ||
+            entry.name.endsWith('.js')) {
+            const result = scanFile(fullPath);
+            if (result.findings.length > 0) {
+                results.push(result);
+            }
+        }
+    }
+    return results;
+}
+/**
+ * Scan all skill locations (bundled, managed, workspace).
+ */
+export function scanAllSkills(projectRoot = process.cwd()) {
+    const skillDirs = [
+        path.join(projectRoot, '.codebuddy', 'skills', 'bundled'),
+        path.join(projectRoot, '.codebuddy', 'skills', 'managed'),
+        path.join(projectRoot, '.codebuddy', 'skills', 'workspace'),
+    ];
+    const results = [];
+    for (const dir of skillDirs) {
+        results.push(...scanDirectory(dir));
+    }
+    return results;
+}
+/**
+ * Format scan results as a human-readable report.
+ */
+export function formatScanReport(results) {
+    if (results.length === 0) {
+        return 'Skill scan: No security issues found.';
+    }
+    const allFindings = results.flatMap(r => r.findings);
+    const bySeverity = {
+        critical: allFindings.filter(f => f.severity === 'critical'),
+        high: allFindings.filter(f => f.severity === 'high'),
+        medium: allFindings.filter(f => f.severity === 'medium'),
+        low: allFindings.filter(f => f.severity === 'low'),
+        info: allFindings.filter(f => f.severity === 'info'),
+    };
+    const lines = [];
+    lines.push(`Skill Security Scan: ${allFindings.length} findings in ${results.length} files`);
+    lines.push(`  Critical: ${bySeverity.critical.length} | High: ${bySeverity.high.length} | Medium: ${bySeverity.medium.length} | Low: ${bySeverity.low.length} | Info: ${bySeverity.info.length}`);
+    lines.push('');
+    for (const result of results) {
+        lines.push(`${path.basename(result.file)}:`);
+        for (const finding of result.findings) {
+            const sev = finding.severity.toUpperCase().padEnd(8);
+            lines.push(`  [${sev}] L${finding.line}: ${finding.description}`);
+            lines.push(`           ${finding.evidence}`);
+        }
+        lines.push('');
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=skill-scanner.js.map

package/dist/security/skill-scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skill-scanner.js","sourceRoot":"","sources":["../../src/security/skill-scanner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AA0B5C,MAAM,kBAAkB,GAAuB;IAC7C,iBAAiB;IACjB,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,MAAM,EAAE;IAChH,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,cAAc,EAAE;IAC1H,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,eAAe,EAAE;IACpH,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,UAAU,EAAE;IAChH,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;IACjG,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,IAAI,EAAE,OAAO,EAAE;IAC/F,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,MAAM,EAAE;IAE5F,sBAAsB;IACtB,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,OAAO,EAAE;IACvG,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE;IAClH,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,eAAe,EAAE;IAClH,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE;IAExG,UAAU;IACV,EAAE,OAAO,EAAE,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE,IAAI,EAAE,YAAY,EAAE;IACrH,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,OAAO,EAAE;IAClG,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,EAAE,cAAc,EAAE;IAClI,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE,IAAI,EAAE,WAAW,EAAE;IAEnG,kBAAkB;IAClB,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,iBAAiB,EAAE;IAC5H,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,gBAAgB,EAAE;IAEzH,sBAAsB;IACtB,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,qCAAqC,EAAE,IAAI,EAAE,aAAa,EAAE;IACvH,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE;IAEnI,sBAAsB;IACtB,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,OAAO,EAAE;IAClG,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,yCAAyC,EAAE,IAAI,EAAE,qBAAqB,EAAE;IAExI,kBAAkB;IAClB,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE,IAAI,EAAE,oBAAoB,EAAE;IACnJ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,aAAa,EAAE;CAC5G,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,QAAgB;IACvC,MAAM,QAAQ,GAAkB,EAAE,CAAC;IAEnC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;YAEtB,oDAAoD;YACpD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,KAAK;gBAAE,SAAS;YAEtE,KAAK,MAAM,EAAE,IAAI,kBAAkB,EAAE,CAAC;gBACpC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,OAAO,EAAE,EAAE,CAAC,IAAI;wBAChB,WAAW,EAAE,EAAE,CAAC,WAAW;wBAC3B,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO;wBACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBACpC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;KACtB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe;IAC3C,MAAM,OAAO,GAAiB,EAAE,CAAC;IAEjC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAE5C,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACjE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEhD,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,IACL,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAChC,KAAK,CAAC,IAAI,KAAK,UAAU;YACzB,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAC1B,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAClC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,cAAsB,OAAO,CAAC,GAAG,EAAE;IAC/D,MAAM,SAAS,GAAG;QAChB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,WAAW,CAAC;KAC5D,CAAC;IAEF,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAqB;IACpD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,uCAAuC,CAAC;IACjD,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;QAC5D,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;QACpD,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACxD,GAAG,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC;QAClD,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;KACrD,CAAC;IAEF,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,wBAAwB,WAAW,CAAC,MAAM,gBAAgB,OAAO,CAAC,MAAM,QAAQ,CAAC,CAAC;IAC7F,KAAK,CAAC,IAAI,CAAC,eAAe,UAAU,CAAC,QAAQ,CAAC,MAAM,YAAY,UAAU,CAAC,IAAI,CAAC,MAAM,cAAc,UAAU,CAAC,MAAM,CAAC,MAAM,WAAW,UAAU,CAAC,GAAG,CAAC,MAAM,YAAY,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAClM,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7C,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACrD,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC/C,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/security/trust-folders.d.ts

@@ -10,6 +10,7 @@
 export declare class TrustFolderManager {
     private trustedFolders;
     private enforcementEnabled;
+    private readonly isTestMode;
     constructor();
     /**
      * Check if a given path is within a trusted directory.

package/dist/security/trust-folders.js

@@ -33,7 +33,13 @@ const ALWAYS_BLOCKED = [
 export class TrustFolderManager {
     trustedFolders = new Set();
     enforcementEnabled = true;
+    isTestMode = process.env.NODE_ENV === 'test';
     constructor() {
+        if (this.isTestMode) {
+            // Keep tests hermetic: avoid mutating user config and disable enforcement by default.
+            this.enforcementEnabled = false;
+            return;
+        }
         this.load();
     }
     /**
@@ -42,7 +48,13 @@ export class TrustFolderManager {
     isTrusted(targetPath) {
         if (!this.enforcementEnabled)
             return true;
-        const resolved = path.resolve(targetPath);
+        let resolved;
+        try {
+            resolved = fs.realpathSync(targetPath);
+        }
+        catch {
+            resolved = path.resolve(targetPath);
+        }
         // Check if the path is within any trusted folder
         for (const trusted of this.trustedFolders) {
             if (resolved === trusted || resolved.startsWith(trusted + path.sep)) {
@@ -106,6 +118,9 @@ export class TrustFolderManager {
         return this.enforcementEnabled;
     }
     load() {
+        if (this.isTestMode) {
+            return;
+        }
         try {
             if (fs.existsSync(TRUST_FILE)) {
                 const data = JSON.parse(fs.readFileSync(TRUST_FILE, 'utf-8'));
@@ -126,6 +141,9 @@ export class TrustFolderManager {
         }
     }
     save() {
+        if (this.isTestMode) {
+            return;
+        }
         try {
             if (!fs.existsSync(CONFIG_DIR)) {
                 fs.mkdirSync(CONFIG_DIR, { recursive: true });

package/dist/security/trust-folders.js.map

@@ -1 +1 @@
-{"version":3,"file":"trust-folders.js","sourceRoot":"","sources":["../../src/security/trust-folders.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AACzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC;AAEjE;;GAEG;AACH,MAAM,cAAc,GAAa;IAC/B,GAAG;IACH,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,OAAO;IACP,EAAE,CAAC,OAAO,EAAE;IACZ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC;IAC/B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC;IACjC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,MAAM,OAAO,kBAAkB;IACrB,cAAc,GAAgB,IAAI,GAAG,EAAE,CAAC;IACxC,kBAAkB,GAAY,IAAI,CAAC;IAE3C;QACE,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,UAAkB;QAC1B,IAAI,CAAC,IAAI,CAAC,kBAAkB;YAAE,OAAO,IAAI,CAAC;QAE1C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE1C,iDAAiD;QACjD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpE,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,kDAAkD;QAClD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1B,IAAI,QAAQ,KAAK,GAAG,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,OAAe;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,KAAK,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED;;;OAGG;IACH,WAAW,CAAC,OAAe;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEvC,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,mCAAmC,QAAQ,EAAE,CAAC,CAAC;YAC3D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAe;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,OAAO;YAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QACzB,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,OAAO,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,OAAgB;QAC7B,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;IAEO,IAAI;QACV,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC9D,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAChC,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;wBAClC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;4BAC1D,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;wBAChD,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,IAAI,OAAO,IAAI,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;oBAC1C,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAEO,IAAI;QACV,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAChD,CAAC;YACD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC;gBAC1C,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC;gBACjC,WAAW,EAAE,IAAI,CAAC,kBAAkB;aACrC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;CACF;AAED,YAAY;AACZ,IAAI,mBAAmB,GAA8B,IAAI,CAAC;AAE1D,MAAM,UAAU,qBAAqB;IACnC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,mBAAmB,GAAG,IAAI,kBAAkB,EAAE,CAAC;IACjD,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,mBAAmB,GAAG,IAAI,CAAC;AAC7B,CAAC"}
+{"version":3,"file":"trust-folders.js","sourceRoot":"","sources":["../../src/security/trust-folders.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC,CAAC;AACzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,sBAAsB,CAAC,CAAC;AAEjE;;GAEG;AACH,MAAM,cAAc,GAAa;IAC/B,GAAG;IACH,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,OAAO;IACP,EAAE,CAAC,OAAO,EAAE;IACZ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC;IAC/B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC;IACjC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,MAAM,OAAO,kBAAkB;IACrB,cAAc,GAAgB,IAAI,GAAG,EAAE,CAAC;IACxC,kBAAkB,GAAY,IAAI,CAAC;IAC1B,UAAU,GAAY,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC;IAEvE;QACE,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,sFAAsF;YACtF,IAAI,CAAC,kBAAkB,GAAG,KAAK,CAAC;YAChC,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,UAAkB;QAC1B,IAAI,CAAC,IAAI,CAAC,kBAAkB;YAAE,OAAO,IAAI,CAAC;QAE1C,IAAI,QAAgB,CAAC;QACrB,IAAI,CAAC;YACH,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACtC,CAAC;QAED,iDAAiD;QACjD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpE,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,kDAAkD;QAClD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1B,IAAI,QAAQ,KAAK,GAAG,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,OAAe;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,KAAK,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED;;;OAGG;IACH,WAAW,CAAC,OAAe;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEvC,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,mCAAmC,QAAQ,EAAE,CAAC,CAAC;YAC3D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAe;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,OAAO;YAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QACzB,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,OAAO,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,OAAgB;QAC7B,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;IAEO,IAAI;QACV,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QACD,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC9D,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAChC,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;wBAClC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;4BAC1D,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;wBAChD,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,IAAI,OAAO,IAAI,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;oBAC1C,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAEO,IAAI;QACV,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QACD,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAChD,CAAC;YACD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC;gBAC1C,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC;gBACjC,WAAW,EAAE,IAAI,CAAC,kBAAkB;aACrC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;CACF;AAED,YAAY;AACZ,IAAI,mBAAmB,GAA8B,IAAI,CAAC;AAE1D,MAAM,UAAU,qBAAqB;IACnC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,mBAAmB,GAAG,IAAI,kBAAkB,EAAE,CAAC;IACjD,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,mBAAmB,GAAG,IAAI,CAAC;AAC7B,CAAC"}

package/dist/server/websocket/handler.js

@@ -114,10 +114,15 @@ messageHandlers.set('chat', async (ws, state, payload) => {
         }
     }
     try {
-        // Lazy load agent
+        // Lazy load agent (with mutex to prevent duplicate creation)
         if (!state.agent) {
-            const { CodeBuddyAgent } = await import('../../agent/codebuddy-agent.js');
-            state.agent = new CodeBuddyAgent(process.env.GROK_API_KEY || '', process.env.GROK_BASE_URL, model || process.env.GROK_MODEL || 'grok-3-latest');
+            if (!state.agentInitializing) {
+                state.agentInitializing = (async () => {
+                    const { CodeBuddyAgent } = await import('../../agent/codebuddy-agent.js');
+                    state.agent = new CodeBuddyAgent(process.env.GROK_API_KEY || '', process.env.GROK_BASE_URL, model || process.env.GROK_MODEL || 'grok-3-latest');
+                })();
+            }
+            await state.agentInitializing;
         }
         if (stream) {
             state.streaming = true;
@@ -221,8 +226,13 @@ messageHandlers.set('execute_tool', async (ws, state, payload) => {
     }
     try {
         if (!state.agent) {
-            const { CodeBuddyAgent } = await import('../../agent/codebuddy-agent.js');
-            state.agent = new CodeBuddyAgent(process.env.GROK_API_KEY || '', process.env.GROK_BASE_URL, process.env.GROK_MODEL || 'grok-3-latest');
+            if (!state.agentInitializing) {
+                state.agentInitializing = (async () => {
+                    const { CodeBuddyAgent } = await import('../../agent/codebuddy-agent.js');
+                    state.agent = new CodeBuddyAgent(process.env.GROK_API_KEY || '', process.env.GROK_BASE_URL, process.env.GROK_MODEL || 'grok-3-latest');
+                })();
+            }
+            await state.agentInitializing;
         }
         const result = await state.agent.executeTool(name, parameters || {});
         send(ws, {