@pixelzx/genesis 2026.6.27 → 2026.6.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1090) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/dist/.buildstamp +1 -1
  3. package/dist/abort-DUTWX49H.js +201 -0
  4. package/dist/abort.runtime-B1CZPj3m.js +2 -0
  5. package/dist/abort.runtime.js +1 -1
  6. package/dist/accounts-DFJuQd32.js +107 -0
  7. package/dist/accounts-VbCry_MV.js +104 -0
  8. package/dist/accounts-ZduaK0fO.js +2 -0
  9. package/dist/acp-cli-Cyqn8a7z.js +2217 -0
  10. package/dist/acp-spawn-B1O0qwkN.js +2 -0
  11. package/dist/acp-spawn-C2eEj7wR.js +1042 -0
  12. package/dist/acp-stateful-target-driver-BKL2flGw.js +89 -0
  13. package/dist/action-agents-C9zs0A_N.js +67 -0
  14. package/dist/action-focus-Dj2trHbP.js +132 -0
  15. package/dist/action-help-ENFS-VRC.js +7 -0
  16. package/dist/action-info-IKxta-Me.js +101 -0
  17. package/dist/action-kill-CJGjsHX-.js +33 -0
  18. package/dist/action-list-ChLdMXon.js +21 -0
  19. package/dist/action-log-CdeugqCO.js +30 -0
  20. package/dist/action-send-BvUjnmVw.js +39 -0
  21. package/dist/action-spawn-Xq0DpbW7.js +47 -0
  22. package/dist/action-unfocus-DfcihOhT.js +29 -0
  23. package/dist/actions.runtime-CTjuTpQ1.js +18 -0
  24. package/dist/actions.runtime-Dp93aqpg.js +5 -0
  25. package/dist/actions.runtime.js +1 -1
  26. package/dist/agent-DQZeYp3u.js +2 -0
  27. package/dist/agent-command-CynPQd5_.js +874 -0
  28. package/dist/agent-harness-runtime-D9PrghSe.js +144 -0
  29. package/dist/agent-runner-utils-CwDT31Pp.js +239 -0
  30. package/dist/agent-runner.runtime-kH3GCoKg.js +3443 -0
  31. package/dist/agent-runner.runtime.js +1 -1
  32. package/dist/agent-runtime-BSwK1sup.js +18 -0
  33. package/dist/agents-C9BmPj-C.js +954 -0
  34. package/dist/agents-CQQ7cNF9.js +5 -0
  35. package/dist/aliases-B92uAzO2.js +2 -0
  36. package/dist/aliases-BZsZGqVQ.js +96 -0
  37. package/dist/api-CU22wCTp.js +139 -0
  38. package/dist/api-DD_eTeli.js +5 -0
  39. package/dist/api-sngIL0OQ.js +3 -0
  40. package/dist/approval-gateway-resolver-KouhItZO.js +29 -0
  41. package/dist/approval-gateway-runtime-D7CzOIgq.js +2 -0
  42. package/dist/approval-handler-runtime-CFvI_pZS.js +439 -0
  43. package/dist/approval-native-runtime-rl6s6chH.js +729 -0
  44. package/dist/attempt-execution.runtime-Ba87IenS.js +509 -0
  45. package/dist/attempt-execution.runtime.js +1 -1
  46. package/dist/attempt.prompt-helpers-BbBNMjqU.js +206 -0
  47. package/dist/attempt.tool-run-context-CLlg_9Gq.js +933 -0
  48. package/dist/audit-CQJwJFWH.js +939 -0
  49. package/dist/audit.runtime-CW5CY88A.js +7 -0
  50. package/dist/audit.runtime.js +1 -1
  51. package/dist/auth-DFhah4e4.js +2 -0
  52. package/dist/auth-order-CMWxvLX4.js +2 -0
  53. package/dist/auth-order-D6mEMqD7.js +139 -0
  54. package/dist/auth-s-3q__5n.js +550 -0
  55. package/dist/bash-tools-BCSXSkhx.js +2853 -0
  56. package/dist/bash-tools-D2NO8-ph.js +3 -0
  57. package/dist/binding-routing-DROXsDQk.js +85 -0
  58. package/dist/binding-targets-D33MkugL.js +121 -0
  59. package/dist/bridge-server-3gO7JmL_.js +113 -0
  60. package/dist/browser-control-auth-DS3Wwm1z.js +2 -0
  61. package/dist/browser-node-runtime-DkVkb3tt.js +12 -0
  62. package/dist/browser-profiles-Bk9dcXzv.js +2 -0
  63. package/dist/browser-runtime-dGM3ZeLa.js +387 -0
  64. package/dist/browser-setup-tools-DSgChJEe.js +13 -0
  65. package/dist/build-CjLf_jQl.js +550 -0
  66. package/dist/build-info.json +3 -3
  67. package/dist/bundled/boot-md/handler.js +2 -2
  68. package/dist/bundled/session-memory/handler.js +1 -1
  69. package/dist/call-BxIEVH5N.js +3 -0
  70. package/dist/call-Dwj7PrNe.js +330 -0
  71. package/dist/call.runtime-mZvFxL4G.js +2 -0
  72. package/dist/call.runtime.js +1 -1
  73. package/dist/capability-cli-C-6omBAD.js +1401 -0
  74. package/dist/catchup-Dfw4DEMS.js +300 -0
  75. package/dist/channel-4YVnFcIj.js +297 -0
  76. package/dist/channel-BajDSspb.js +1320 -0
  77. package/dist/channel-BcS5ghfF.js +840 -0
  78. package/dist/channel-BlU_cVm0.js +491 -0
  79. package/dist/channel-BmZ19q9d.js +453 -0
  80. package/dist/channel-C4KfOdTm.js +226 -0
  81. package/dist/channel-C7LNJi1M.js +595 -0
  82. package/dist/channel-CFxTIjzU.js +1174 -0
  83. package/dist/channel-CYDnIh3Z.js +350 -0
  84. package/dist/channel-DBUj2Ysq.js +1802 -0
  85. package/dist/channel-DwWdEu7o.js +1100 -0
  86. package/dist/channel-core-VlXrdyfV.js +5 -0
  87. package/dist/channel-inbound-BzALE-tz.js +31 -0
  88. package/dist/channel-plugin-runtime-BMmEKuoC.js +771 -0
  89. package/dist/channel-runtime-BZXgyMUr.js +425 -0
  90. package/dist/channel.runtime-2Kw88P7w.js +576 -0
  91. package/dist/channel.runtime-Bwnky7Bn.js +2364 -0
  92. package/dist/channel.runtime-CDvvT7UR.js +4 -0
  93. package/dist/channel.runtime-CgP4n1an.js +430 -0
  94. package/dist/channel.runtime-MJe9DoSG.js +89 -0
  95. package/dist/channel.runtime-f0WEEj3o.js +42398 -0
  96. package/dist/channel.runtime.js +1 -1
  97. package/dist/channel.setup-DaZBK_2E.js +10 -0
  98. package/dist/channel2.runtime-CfVIjEhU.js +109 -0
  99. package/dist/channel2.runtime.js +1 -1
  100. package/dist/channels-Bq1GXmZX.js +733 -0
  101. package/dist/channels-cli-DzbssQ5L.js +268 -0
  102. package/dist/chat-CNZDzOWR.js +2830 -0
  103. package/dist/clawbot-cli-UIo3UVaj.js +9 -0
  104. package/dist/cli/daemon-cli.js +3 -3
  105. package/dist/cli-BVKDWfwH.js +72 -0
  106. package/dist/cli-Bp52OQjs.js +219 -0
  107. package/dist/cli-C_289Xdv.js +2 -0
  108. package/dist/cli-kOop_NSN.js +2 -0
  109. package/dist/cli-runner-CP51WTPf.js +286 -0
  110. package/dist/cli-runner.runtime-BtArNV63.js +4 -0
  111. package/dist/cli-runner.runtime-Dy1IJ7UX.js +3 -0
  112. package/dist/cli-runner.runtime.js +1 -1
  113. package/dist/cli-startup-metadata.json +2 -2
  114. package/dist/cli.runtime-2ilydgLb.js +1261 -0
  115. package/dist/cli.runtime.js +1 -1
  116. package/dist/client-BN8cDQr7.js +723 -0
  117. package/dist/client-Doc6u1up.js +138 -0
  118. package/dist/command-auth-oo_Iz0oe.js +76 -0
  119. package/dist/command-config-resolution-BNQbV_C6.js +23 -0
  120. package/dist/command-config-resolution-DIvkjwvj.js +2 -0
  121. package/dist/command-config-resolution.runtime-Dlk7LIJ8.js +2 -0
  122. package/dist/command-config-resolution.runtime.js +1 -1
  123. package/dist/command-registry-Dm8ohcSP.js +4 -0
  124. package/dist/command-registry-core-BxyHXEQ3.js +106 -0
  125. package/dist/command-registry-xVmA85-_.js +9 -0
  126. package/dist/command-secret-gateway-Dej2E5rP.js +528 -0
  127. package/dist/command-status.runtime-CWgNMJi1.js +87 -0
  128. package/dist/command-status.runtime.js +1 -1
  129. package/dist/commands-acp-Ca0l7esb.js +77 -0
  130. package/dist/commands-compact.runtime-DBN1EALw.js +10 -0
  131. package/dist/commands-compact.runtime.js +1 -1
  132. package/dist/commands-handlers.runtime-BrCljWio.js +4599 -0
  133. package/dist/commands-handlers.runtime.js +1 -1
  134. package/dist/commands-status-C0WYf99K.js +16 -0
  135. package/dist/commands-status.runtime-Czim-9LY.js +3 -0
  136. package/dist/commands-status.runtime.js +1 -1
  137. package/dist/commands-subagents-control.runtime-CgiW2mpD.js +3 -0
  138. package/dist/commands-subagents-control.runtime-oCqEcwa7.js +2 -0
  139. package/dist/commands-subagents-control.runtime.js +1 -1
  140. package/dist/commands-system-prompt-BQHZNtSZ.js +157 -0
  141. package/dist/commands-system-prompt-ClJDN8rr.js +2 -0
  142. package/dist/commands.runtime-DwmtsbUc.js +167 -0
  143. package/dist/commands.runtime.js +1 -1
  144. package/dist/compact-DDf0xr2o.js +1096 -0
  145. package/dist/compact.runtime-C4BZuDjJ.js +12 -0
  146. package/dist/compact.runtime.js +1 -1
  147. package/dist/completion-cli-85iaysB7.js +328 -0
  148. package/dist/config-CHPRDFh1.js +252 -0
  149. package/dist/config-cli-DSZ7DNtq.js +1078 -0
  150. package/dist/configure-BR6m0uoi.js +1252 -0
  151. package/dist/configure-CC09fyLr.js +2 -0
  152. package/dist/connect-options-HotLjDKX.js +699 -0
  153. package/dist/control-auth-CBtOUnsz.js +125 -0
  154. package/dist/control-service-D2A1PyZC.js +156 -0
  155. package/dist/control-ui/assets/agents-7cSPVJV0.js +1125 -0
  156. package/dist/control-ui/assets/canvas-IIhBIoAa.js +274 -0
  157. package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +2 -0
  158. package/dist/control-ui/assets/channels-B4MTYg8u.js +198 -0
  159. package/dist/control-ui/assets/contacts-CSch1ckf.js +49 -0
  160. package/dist/control-ui/assets/cron-B548qeSj.js +250 -0
  161. package/dist/control-ui/assets/de-DOykxjSu.js +2 -0
  162. package/dist/control-ui/assets/debug-DERT6TQG.js +94 -0
  163. package/dist/control-ui/assets/es-BTwWEPGm.js +2 -0
  164. package/dist/control-ui/assets/fr-DVRwR98L.js +2 -0
  165. package/dist/control-ui/assets/i18n-BPOQLrbx.js +3 -0
  166. package/dist/control-ui/assets/id-BSBAUAzK.js +2 -0
  167. package/dist/control-ui/assets/index-C2CxJps0.js +5981 -0
  168. package/dist/control-ui/assets/instances-DwteyRRi.js +57 -0
  169. package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +2 -0
  170. package/dist/control-ui/assets/ko-BNgLBJdW.js +2 -0
  171. package/dist/control-ui/assets/logs-GdE34D7D.js +74 -0
  172. package/dist/control-ui/assets/mcp-z76x2vB5.js +380 -0
  173. package/dist/control-ui/assets/memory-CsTbP2T4.js +50 -0
  174. package/dist/control-ui/assets/memory-graph-DbZEkTHJ.js +30 -0
  175. package/dist/control-ui/assets/models-j_tXq7Pe.js +86 -0
  176. package/dist/control-ui/assets/nodes-cxO9Enln.js +654 -0
  177. package/dist/control-ui/assets/pl-DrVcqC4t.js +2 -0
  178. package/dist/control-ui/assets/plugins-Rt--bQFn.js +259 -0
  179. package/dist/control-ui/assets/presenter-BiJsRhTg.js +2 -0
  180. package/dist/control-ui/assets/preview-JrK1Lfuv.js +2 -0
  181. package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +2 -0
  182. package/dist/control-ui/assets/sessions-CP6r0JAQ.js +56 -0
  183. package/dist/control-ui/assets/skills-CMy2whFb.js +294 -0
  184. package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +11 -0
  185. package/dist/control-ui/assets/th-DjtYmyBR.js +2 -0
  186. package/dist/control-ui/assets/tr-I0LYx0Ew.js +2 -0
  187. package/dist/control-ui/assets/uk-xilwRRzQ.js +2 -0
  188. package/dist/control-ui/assets/wallet-geRdfgso.js +302 -0
  189. package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +2 -0
  190. package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +2 -0
  191. package/dist/control-ui/index.html +2 -2
  192. package/dist/control-ui-Djt0XDNa.js +1043 -0
  193. package/dist/conversation-id-BwNpVXFJ.js +235 -0
  194. package/dist/conversation-id-CTAeVE9E.js +38 -0
  195. package/dist/conversation-runtime-D6miDW4s.js +31 -0
  196. package/dist/core-CYaV0wrq.js +275 -0
  197. package/dist/cron-cli-BZacbTRu.js +713 -0
  198. package/dist/daemon-cli-BXtGpvAS.js +12 -0
  199. package/dist/dashboard-Ds7c6TJm.js +2 -0
  200. package/dist/dashboard-s1prqGuB.js +81 -0
  201. package/dist/delegate-nycMaKrd.js +64 -0
  202. package/dist/detached-task-runtime-DXFEjX_Y.js +73 -0
  203. package/dist/devices-cli-B2T4Rk-c.js +498 -0
  204. package/dist/diagnostics-669Ookpz.js +154 -0
  205. package/dist/direct-dm-Bwx0l0B5.js +64 -0
  206. package/dist/dispatch-CVFq_KHF.js +1131 -0
  207. package/dist/dispatch-acp-AeVrqG1P.js +981 -0
  208. package/dist/dispatch-acp-manager.runtime-t90xTijh.js +3 -0
  209. package/dist/dispatch-acp-manager.runtime.js +1 -1
  210. package/dist/dispatch-acp.runtime-CLS-txJr.js +19 -0
  211. package/dist/dispatch-acp.runtime.js +1 -1
  212. package/dist/doctor-device-pairing-rAiSum7F.js +307 -0
  213. package/dist/doctor-gateway-daemon-flow-BYlbRkfE.js +250 -0
  214. package/dist/doctor-gateway-health-DGaad6OP.js +63 -0
  215. package/dist/doctor-health-contributions-CYangAn3.js +493 -0
  216. package/dist/doctor-health-woICf2XW.js +59 -0
  217. package/dist/doctor-prompter-oNxd62XO.js +56 -0
  218. package/dist/doctor-workspace-status-DrOqBwKh.js +75 -0
  219. package/dist/dreaming-narrative-SeHukrla.js +596 -0
  220. package/dist/dreaming-qiznoCiH.js +1582 -0
  221. package/dist/embedded-gateway-stub.runtime-BiCMn9tm.js +9 -0
  222. package/dist/embedded-gateway-stub.runtime.js +1 -1
  223. package/dist/embeddings-http-DbBwgwsH.js +205 -0
  224. package/dist/entry.js +2 -2
  225. package/dist/exec-approvals-cli-BK9WM7tB.js +498 -0
  226. package/dist/extensionAPI.js +1 -1
  227. package/dist/extensions/active-memory/index.js +1 -1
  228. package/dist/extensions/bluebubbles/api.js +3 -3
  229. package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
  230. package/dist/extensions/browser/browser-bridge.js +1 -1
  231. package/dist/extensions/browser/browser-config.js +4 -4
  232. package/dist/extensions/browser/browser-control-auth.js +2 -2
  233. package/dist/extensions/browser/browser-doctor.js +2 -2
  234. package/dist/extensions/browser/browser-maintenance.js +2 -2
  235. package/dist/extensions/browser/browser-profiles.js +2 -2
  236. package/dist/extensions/browser/browser-runtime-api.js +10 -10
  237. package/dist/extensions/browser/index.js +1 -1
  238. package/dist/extensions/browser/plugin-registration.js +1 -1
  239. package/dist/extensions/browser/register.runtime.js +3 -3
  240. package/dist/extensions/browser/runtime-api.js +11 -11
  241. package/dist/extensions/browser/test-support.js +1 -1
  242. package/dist/extensions/device-pair/api.js +1 -1
  243. package/dist/extensions/device-pair/index.js +3 -3
  244. package/dist/extensions/device-pair/notify.js +1 -1
  245. package/dist/extensions/device-pair/pair-command-approve.js +1 -1
  246. package/dist/extensions/google-meet/index.js +2 -2
  247. package/dist/extensions/imessage/api.js +3 -3
  248. package/dist/extensions/imessage/channel-plugin-api.js +1 -1
  249. package/dist/extensions/imessage/runtime-api.js +3 -3
  250. package/dist/extensions/irc/api.js +2 -2
  251. package/dist/extensions/irc/channel-plugin-api.js +1 -1
  252. package/dist/extensions/line/api.js +2 -2
  253. package/dist/extensions/line/channel-plugin-api.js +1 -1
  254. package/dist/extensions/line/contract-api.js +1 -1
  255. package/dist/extensions/line/runtime-api.js +4 -4
  256. package/dist/extensions/line/setup-api.js +1 -1
  257. package/dist/extensions/llm-task/index.js +2 -2
  258. package/dist/extensions/lobster/index.js +3 -3
  259. package/dist/extensions/lobster/runtime-api.js +1 -1
  260. package/dist/extensions/mattermost/api.js +1 -1
  261. package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
  262. package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
  263. package/dist/extensions/mattermost/policy-api.js +1 -1
  264. package/dist/extensions/mattermost/runtime-api.js +4 -4
  265. package/dist/extensions/mattermost/slash-route-api.js +1 -1
  266. package/dist/extensions/memory-core/api.js +1 -1
  267. package/dist/extensions/memory-core/cli-metadata.js +2 -2
  268. package/dist/extensions/memory-core/index.js +3 -3
  269. package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
  270. package/dist/extensions/msteams/api.js +1 -1
  271. package/dist/extensions/msteams/channel-plugin-api.js +1 -1
  272. package/dist/extensions/msteams/runtime-api.js +3 -3
  273. package/dist/extensions/msteams/test-api.js +1 -1
  274. package/dist/extensions/nextcloud-talk/api.js +1 -1
  275. package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
  276. package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
  277. package/dist/extensions/openshell/index.js +2 -2
  278. package/dist/extensions/signal/api.js +6 -6
  279. package/dist/extensions/signal/channel-plugin-api.js +1 -1
  280. package/dist/extensions/signal/reaction-runtime-api.js +1 -1
  281. package/dist/extensions/signal/runtime-api.js +7 -7
  282. package/dist/extensions/skill-workshop/api.js +1 -1
  283. package/dist/extensions/skill-workshop/index.js +1 -1
  284. package/dist/extensions/synology-chat/api.js +1 -1
  285. package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
  286. package/dist/extensions/tlon/api.js +2 -2
  287. package/dist/extensions/tlon/channel-plugin-api.js +1 -1
  288. package/dist/extensions/tlon/runtime-api.js +1 -1
  289. package/dist/extensions/tlon/test-api.js +1 -1
  290. package/dist/extensions/twitch/api.js +1 -1
  291. package/dist/extensions/twitch/channel-plugin-api.js +1 -1
  292. package/dist/extensions/twitch/setup-plugin-api.js +1 -1
  293. package/dist/extensions/zalo/api.js +3 -3
  294. package/dist/extensions/zalo/channel-plugin-api.js +1 -1
  295. package/dist/extensions/zalo/runtime-api.js +2 -2
  296. package/dist/extensions/zalo/setup-api.js +2 -2
  297. package/dist/extensions/zalouser/api.js +3 -3
  298. package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
  299. package/dist/extensions/zalouser/runtime-api.js +6 -6
  300. package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
  301. package/dist/extensions/zalouser/test-api.js +1 -1
  302. package/dist/fallbacks-BHahSac7.js +31 -0
  303. package/dist/fallbacks-CDP89dtv.js +2 -0
  304. package/dist/fallbacks-shared-h_ZN8Ugk.js +111 -0
  305. package/dist/gateway-ClYGJe6R.js +115 -0
  306. package/dist/gateway-cli-D5OEgdCv.js +1283 -0
  307. package/dist/gateway-rpc-Dk_z0RTG.js +14 -0
  308. package/dist/gateway-rpc.runtime-DcDI0Hq7.js +23 -0
  309. package/dist/gateway-rpc.runtime.js +1 -1
  310. package/dist/gateway-runtime-BpOf_2ps.js +15 -0
  311. package/dist/gateway-status-BfT8gHrq.js +584 -0
  312. package/dist/genesis-tools-Dn3v15Cu.js +9435 -0
  313. package/dist/genesis-tools.runtime-BUKXOBx4.js +2 -0
  314. package/dist/genesis-tools.runtime.js +1 -1
  315. package/dist/get-reply-BOvlxgUu.js +3946 -0
  316. package/dist/get-reply-from-config.runtime-Cl8vSh_k.js +2 -0
  317. package/dist/get-reply-from-config.runtime.js +1 -1
  318. package/dist/graph-users-DvflifYV.js +1337 -0
  319. package/dist/health-B2xJjrkJ.js +3 -0
  320. package/dist/health-CWa-e_Y6.js +420 -0
  321. package/dist/health-route-CzxBmoPR.js +41 -0
  322. package/dist/health-route-Dhbg2HGJ.js +2 -0
  323. package/dist/hooks-cli-B08Wk2kj.js +433 -0
  324. package/dist/http-endpoint-helpers-CG3AcjuK.js +41 -0
  325. package/dist/http-utils-L02eBAVo.js +924 -0
  326. package/dist/image-fallbacks-DPTpHhw_.js +2 -0
  327. package/dist/image-fallbacks-DrcfSUln.js +31 -0
  328. package/dist/inbound-reply-dispatch-D2K6Anyc.js +73 -0
  329. package/dist/index.js +2 -2
  330. package/dist/infra-runtime-Pu3jXc5f.js +38 -0
  331. package/dist/init-B2qJ52Z_.js +59 -0
  332. package/dist/library-JmPoINsm.js +45 -0
  333. package/dist/lifecycle-BRey6jez.js +229 -0
  334. package/dist/lifecycle-CvJT6tH9.js +571 -0
  335. package/dist/lifecycle.runtime-DJuQgwAu.js +2 -0
  336. package/dist/lifecycle.runtime.js +1 -1
  337. package/dist/list-0KYh_6xs.js +131 -0
  338. package/dist/list-B1iP8wTX.js +2 -0
  339. package/dist/list-CewinhHi.js +1212 -0
  340. package/dist/list-DPm9exQP.js +2 -0
  341. package/dist/list.probe-M4jUIgk8.js +419 -0
  342. package/dist/llm-slug-generator-CQiB4f0s.js +79 -0
  343. package/dist/llm-slug-generator.js +1 -1
  344. package/dist/load-config-oEWSSW5T.js +35 -0
  345. package/dist/local-dispatch.runtime-rI2L9gZz.js +8 -0
  346. package/dist/local-dispatch.runtime.js +1 -1
  347. package/dist/logs-cli-qUQbKPpd.js +265 -0
  348. package/dist/logs-cli.runtime-DZwxYUL2.js +2 -0
  349. package/dist/logs-cli.runtime.js +1 -1
  350. package/dist/main-session-restart-recovery-Dw8zndAD.js +206 -0
  351. package/dist/managed-image-attachments-B_835Hjd.js +635 -0
  352. package/dist/managed-image-attachments-Dp_0diDL.js +2 -0
  353. package/dist/manager-CRmLomjS.js +2 -0
  354. package/dist/manager-yTOglQEH.js +2057 -0
  355. package/dist/markdown-to-line-D6Y5rN1y.js +790 -0
  356. package/dist/mcp/plugin-tools-serve.js +1 -1
  357. package/dist/mcp-cli-DZi-FzRz.js +725 -0
  358. package/dist/mcp-http-DaXlqh6n.js +529 -0
  359. package/dist/memory-core-host-runtime-cli-K2SeZLMj.js +9 -0
  360. package/dist/message-Bk0q8DmN.js +232 -0
  361. package/dist/message-action-runner-BIi8DCoo.js +2 -0
  362. package/dist/message-action-runner-CmhjNg6K.js +1407 -0
  363. package/dist/message-actions-BDXFXc2E.js +143 -0
  364. package/dist/message.gateway.runtime-fPnMn6QV.js +2 -0
  365. package/dist/message.gateway.runtime.js +1 -1
  366. package/dist/method-scopes-D_AZ7OsK.js +235 -0
  367. package/dist/models-auth-status-0xcMbBhB.js +217 -0
  368. package/dist/models-cli-DuQZ09TC.js +271 -0
  369. package/dist/models-http-DruY6N81.js +92 -0
  370. package/dist/monitor-2KbmBvHU.js +2 -0
  371. package/dist/monitor-B2yQJkAh.js +1459 -0
  372. package/dist/monitor-CD4mrtqF.js +1661 -0
  373. package/dist/monitor-CJ6A4Ro2.js +788 -0
  374. package/dist/monitor-D19pDt5p.js +1237 -0
  375. package/dist/monitor-GQtwMpZn.js +671 -0
  376. package/dist/monitor-auth-DJ9S4EQV.js +207 -0
  377. package/dist/monitor-processing-BMv5voti.js +1974 -0
  378. package/dist/monitor.runtime-GizvASio.js +2 -0
  379. package/dist/monitor.runtime.js +1 -1
  380. package/dist/monitor.webhook-DzvH3io8.js +180 -0
  381. package/dist/msteams-7Jx25GW4.js +35 -0
  382. package/dist/native-hook-relay-DwgVW-el.js +519 -0
  383. package/dist/nextcloud-talk-gXnN0EKl.js +17 -0
  384. package/dist/node-cli-Bd8iT-US.js +2276 -0
  385. package/dist/nodes-cli-xAd3vxyV.js +1046 -0
  386. package/dist/nodes-utils-qg-Bmmy5.js +84 -0
  387. package/dist/nodes.helpers-B42Vi8VW.js +34 -0
  388. package/dist/notify-DArpzHFF.js +315 -0
  389. package/dist/onboard-DKr9c-h5.js +70 -0
  390. package/dist/onboard-f_tqlGVL.js +2 -0
  391. package/dist/onboard-helpers-Begz93UO.js +6 -0
  392. package/dist/onboard-helpers-Di14BUn2.js +204 -0
  393. package/dist/onboard-interactive-DjJo_FLY.js +24 -0
  394. package/dist/onboard-non-interactive-CgxwxSiw.js +635 -0
  395. package/dist/onboard-remote-BhcRxYvn.js +2 -0
  396. package/dist/onboard-remote-CEeT7hEZ.js +193 -0
  397. package/dist/onboard-skills-CTTUg6pf.js +134 -0
  398. package/dist/onboard-skills-DWTbOfH1.js +2 -0
  399. package/dist/openai-http-C2-8VSih.js +500 -0
  400. package/dist/openresponses-http-DgsTPUc1.js +1128 -0
  401. package/dist/operator-approvals-client-D1R6aLFV.js +68 -0
  402. package/dist/outbound.runtime-DDAlqr2n.js +2 -0
  403. package/dist/outbound.runtime.js +1 -1
  404. package/dist/pair-command-approve-BqXU_u3_.js +44 -0
  405. package/dist/persistent-bindings.lifecycle-0cee5HeB.js +85 -0
  406. package/dist/persistent-bindings.lifecycle-DTgwTu9k.js +2 -0
  407. package/dist/pi-embedded-BMKZLrrD.js +2905 -0
  408. package/dist/pi-embedded-C1_8L609.js +4 -0
  409. package/dist/pi-embedded.runtime-CEcUCfnu.js +4 -0
  410. package/dist/pi-embedded.runtime.js +1 -1
  411. package/dist/pi-tool-definition-adapter-B1q4cAB_.js +229 -0
  412. package/dist/pi-tools-CE3UX10v.js +1118 -0
  413. package/dist/pi-tools.before-tool-call-BsMfbO7W.js +433 -0
  414. package/dist/pi-tools.before-tool-call-DGY-rj-6.js +2 -0
  415. package/dist/plugin-dDMX1n9i.js +12195 -0
  416. package/dist/plugin-enabled-CCcxlblr.js +140 -0
  417. package/dist/plugin-registration-CTIg2xi-.js +23 -0
  418. package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
  419. package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
  420. package/dist/plugin-sdk/acp-runtime.js +2 -2
  421. package/dist/plugin-sdk/agent-harness-runtime.js +5 -5
  422. package/dist/plugin-sdk/agent-harness.js +6 -6
  423. package/dist/plugin-sdk/agent-runtime.js +2 -2
  424. package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
  425. package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
  426. package/dist/plugin-sdk/approval-runtime.js +1 -1
  427. package/dist/plugin-sdk/browser-node-runtime.js +4 -4
  428. package/dist/plugin-sdk/browser-setup-tools.js +3 -3
  429. package/dist/plugin-sdk/browser-support.js +7 -7
  430. package/dist/plugin-sdk/channel-core.js +2 -2
  431. package/dist/plugin-sdk/channel-inbound.js +2 -2
  432. package/dist/plugin-sdk/command-auth.js +1 -1
  433. package/dist/plugin-sdk/command-status-runtime.js +1 -1
  434. package/dist/plugin-sdk/compat.js +1 -1
  435. package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
  436. package/dist/plugin-sdk/conversation-runtime.js +3 -3
  437. package/dist/plugin-sdk/core.js +2 -2
  438. package/dist/plugin-sdk/direct-dm.js +1 -1
  439. package/dist/plugin-sdk/gateway-runtime.js +3 -3
  440. package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
  441. package/dist/plugin-sdk/index.js +1 -1
  442. package/dist/plugin-sdk/infra-runtime.js +2 -2
  443. package/dist/plugin-sdk/irc.js +2 -2
  444. package/dist/plugin-sdk/matrix.js +1 -1
  445. package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
  446. package/dist/plugin-sdk/memory-core.js +2 -2
  447. package/dist/plugin-sdk/msteams.js +2 -2
  448. package/dist/plugin-sdk/nextcloud-talk.js +2 -2
  449. package/dist/plugin-sdk/nostr.js +1 -1
  450. package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
  451. package/dist/plugin-sdk/reply-runtime.js +4 -4
  452. package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
  453. package/dist/plugin-sdk/runtime.js +2 -2
  454. package/dist/plugin-sdk/session-visibility.js +1 -1
  455. package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +4 -1
  456. package/dist/plugin-sdk/src/gateway/protocol/schema/agents-models-skills.d.ts +95 -0
  457. package/dist/plugin-sdk/testing.js +4 -4
  458. package/dist/plugin-sdk/tlon.js +1 -1
  459. package/dist/plugin-sdk/zalo.js +1 -1
  460. package/dist/plugin-sdk/zalouser.js +1 -1
  461. package/dist/plugin-service-Byv2yfiX.js +2893 -0
  462. package/dist/plugins/runtime/index.js +1 -1
  463. package/dist/policy-BK0iZFZM.js +328 -0
  464. package/dist/postinstall-inventory.json +453 -452
  465. package/dist/prepare.runtime-BMtgLZl1.js +807 -0
  466. package/dist/prepare.runtime.js +1 -1
  467. package/dist/probe-Bj3sjcpc.js +2205 -0
  468. package/dist/probe-C6wNv6c4.js +74 -0
  469. package/dist/probe-CM5o3wKp.js +240 -0
  470. package/dist/probe-D3D0RoQl.js +45 -0
  471. package/dist/probe-DlY3dg7v.js +2 -0
  472. package/dist/probe-TN3P-dCa.js +2 -0
  473. package/dist/probe-pZ61Idl1.js +1443 -0
  474. package/dist/program-TZ54mZzH.js +111 -0
  475. package/dist/prompt-select-styled-DFXPq9zJ.js +20 -0
  476. package/dist/protocol-CWEBsZbG.js +2515 -0
  477. package/dist/provider-dispatcher-9FnI26kR.js +2 -0
  478. package/dist/provider-dispatcher-D30lsDyd.js +22 -0
  479. package/dist/qr-cli-CoEq74Fu.js +2 -0
  480. package/dist/qr-cli-DxaXK8T4.js +349 -0
  481. package/dist/reaction-runtime-api-CGWfmWqF.js +116 -0
  482. package/dist/reactions-D1tny1P_.js +998 -0
  483. package/dist/register-service-commands-D5181r0Q.js +71 -0
  484. package/dist/register.agent-DWwOD6q5.js +248 -0
  485. package/dist/register.configure-CZx6uXuU.js +15 -0
  486. package/dist/register.maintenance-1yV569VU.js +363 -0
  487. package/dist/register.message-DqosH9zI.js +329 -0
  488. package/dist/register.onboard-DBa5bh4F.js +88 -0
  489. package/dist/register.runtime-AUXvOvfy.js +81 -0
  490. package/dist/register.runtime.js +1 -1
  491. package/dist/register.setup-1k0y27Bf.js +150 -0
  492. package/dist/register.status-health-sessions-3SuqckJe.js +1215 -0
  493. package/dist/register.subclis-1vwiREuy.js +3 -0
  494. package/dist/register.subclis-core-CoUcH7R2.js +249 -0
  495. package/dist/register.subclis-d6Uoake0.js +29 -0
  496. package/dist/reply-dispatch-runtime-B2jwG-ti.js +13 -0
  497. package/dist/reply-runtime-BvyACHP_.js +10 -0
  498. package/dist/reply.runtime-B76FIMUm.js +2 -0
  499. package/dist/reply.runtime.js +1 -1
  500. package/dist/restart-health-C1m4VgKE.js +2 -0
  501. package/dist/restart-health-CSxm-1Te.js +202 -0
  502. package/dist/root-help-Cw7ovqRO.js +44 -0
  503. package/dist/routes-B9j5MeTj.js +2 -0
  504. package/dist/routes-BCJWRxzD.js +3341 -0
  505. package/dist/rpc-_zAZRj2-.js +61 -0
  506. package/dist/rpc.runtime-C3rwvN8O.js +21 -0
  507. package/dist/rpc.runtime.js +1 -1
  508. package/dist/run-delivery.runtime-CXmj98lV.js +530 -0
  509. package/dist/run-delivery.runtime.js +1 -1
  510. package/dist/run-embedded.runtime-yli8ukW0.js +4 -0
  511. package/dist/run-embedded.runtime.js +1 -1
  512. package/dist/run-execution-cli.runtime-CjDLajis.js +4 -0
  513. package/dist/run-execution-cli.runtime.js +1 -1
  514. package/dist/run-executor.runtime-SwHBKuy1.js +277 -0
  515. package/dist/run-executor.runtime.js +1 -1
  516. package/dist/run-main-DPHpfv1y.js +567 -0
  517. package/dist/run-subagent-registry.runtime-CWv2s5wn.js +2 -0
  518. package/dist/run-subagent-registry.runtime.js +1 -1
  519. package/dist/run-wait-CpSEiESO.js +135 -0
  520. package/dist/runtime-CMHLmvAl.js +961 -0
  521. package/dist/runtime-api-CLkOuqkP.js +4 -0
  522. package/dist/runtime-api-DgKObkOQ.js +9 -0
  523. package/dist/runtime-api-bWUB21Eg.js +9 -0
  524. package/dist/runtime-api-rryD3LXE.js +14 -0
  525. package/dist/runtime-embedded-pi.runtime-DuHPAbVt.js +2 -0
  526. package/dist/runtime-embedded-pi.runtime.js +1 -1
  527. package/dist/runtime-fF-k_rB8.js +9 -0
  528. package/dist/runtime-internal-By95Az_F.js +2 -0
  529. package/dist/runtime-options-BsxnM5Yt.js +275 -0
  530. package/dist/runtime-schema-P9TAqWy1.js +28599 -0
  531. package/dist/scan-CKfozblZ.js +2 -0
  532. package/dist/scan-CVwpGz6x.js +523 -0
  533. package/dist/secrets-cli-pXjlA7bi.js +2101 -0
  534. package/dist/security-cli-ChIBksL4.js +486 -0
  535. package/dist/selection-CIX2NWC3.js +7743 -0
  536. package/dist/selection-FiKxtpP7.js +2 -0
  537. package/dist/send-13tmI7yl.js +102 -0
  538. package/dist/send-BudgB3Xv.js +156 -0
  539. package/dist/send.runtime-CWWkq3eQ.js +2 -0
  540. package/dist/send.runtime.js +1 -1
  541. package/dist/server-CRbNiI2L.js +13 -0
  542. package/dist/server-DPwckotj.js +77 -0
  543. package/dist/server-context-DnmrGIHL.js +847 -0
  544. package/dist/server-context-GFvl1Fa1.js +2 -0
  545. package/dist/server-node-events-Boy823tY.js +474 -0
  546. package/dist/server-plugin-bootstrap-BEm4d2by.js +2 -0
  547. package/dist/server-plugin-bootstrap-BLp3Ri_D.js +13355 -0
  548. package/dist/server-restart-sentinel-D1dhBlz5.js +684 -0
  549. package/dist/server.impl-CuEQ_ANR.js +12790 -0
  550. package/dist/session-kill-http-CKkRPXTD.js +110 -0
  551. package/dist/session-reset-service-BI9uiJ1F.js +497 -0
  552. package/dist/session-route-Dy5b9CbY.js +93 -0
  553. package/dist/session-status.runtime-HByTPp-H.js +2 -0
  554. package/dist/session-status.runtime.js +1 -1
  555. package/dist/session-subagent-reactivation.runtime-BOWBAfyc.js +2 -0
  556. package/dist/session-subagent-reactivation.runtime.js +1 -1
  557. package/dist/session-tab-registry-Ce31KjnI.js +581 -0
  558. package/dist/session-visibility-BB6i8ptT.js +147 -0
  559. package/dist/sessions-helpers-DYP9dapI.js +305 -0
  560. package/dist/sessions-history-http-j8ZxsBAn.js +371 -0
  561. package/dist/sessions-patch-D4ye8mVh.js +309 -0
  562. package/dist/sessions-resolve-Bi2bj6c-.js +174 -0
  563. package/dist/sessions.runtime-VkodyiYI.js +2 -0
  564. package/dist/sessions.runtime.js +1 -1
  565. package/dist/setup-api-6GX_eeAs.js +29 -0
  566. package/dist/setup-core-BGUg4eV0.js +171 -0
  567. package/dist/setup-core-CpfGqHuS.js +176 -0
  568. package/dist/setup-hFAlSbTL.js +636 -0
  569. package/dist/setup-surface-DSvYQ0Mf.js +219 -0
  570. package/dist/setup-surface-DT8l0x7M.js +403 -0
  571. package/dist/setup-surface-gdmDKJFO.js +286 -0
  572. package/dist/setup.finalize-m_UzKyZ2.js +547 -0
  573. package/dist/setup.gateway-config-DHQ8eaxx.js +250 -0
  574. package/dist/shared-BY5yIWjE.js +198 -0
  575. package/dist/shared-BtY5n-4U.js +76 -0
  576. package/dist/shared-DPf8cDHL.js +121 -0
  577. package/dist/slash-state-j62N8ife.js +1911 -0
  578. package/dist/src-BYHA6DRU.js +3974 -0
  579. package/dist/startup-context-DZml_gZY.js +312 -0
  580. package/dist/status-BCr0D4CJ.js +2 -0
  581. package/dist/status-Bi8EbpXB.js +395 -0
  582. package/dist/status-CPAE20nX.js +209 -0
  583. package/dist/status-D-wIma3c.js +3 -0
  584. package/dist/status-DLmFJkIX.js +2 -0
  585. package/dist/status-DhpFLjkt.js +190 -0
  586. package/dist/status-all-AuiqtGQ-.js +498 -0
  587. package/dist/status-json-BUhA_seV.js +14 -0
  588. package/dist/status-json-command-Dk8RVvC9.js +82 -0
  589. package/dist/status-runtime-shared-BK7fklEl.js +241 -0
  590. package/dist/status-subagents.runtime-DkMpqnmP.js +18 -0
  591. package/dist/status-subagents.runtime.js +1 -1
  592. package/dist/status-text-D71CoS-s.js +237 -0
  593. package/dist/status.gateway-connection.runtime-wWu8Kvt4.js +2 -0
  594. package/dist/status.gateway-connection.runtime.js +1 -1
  595. package/dist/status.gather-BlSA6D3i.js +292 -0
  596. package/dist/status.gather-akCtNgln.js +2 -0
  597. package/dist/status.runtime-tPHKyqSk.js +2 -0
  598. package/dist/status.runtime.js +1 -1
  599. package/dist/status.scan-GF1UDZAB.js +65 -0
  600. package/dist/status.scan-overview-D1tTMWSi.js +379 -0
  601. package/dist/status.scan.fast-json-CoLBFhFk.js +132 -0
  602. package/dist/status.scan.fast-json-K69bqOGh.js +2 -0
  603. package/dist/status.summary-Bxh5WwsL.js +200 -0
  604. package/dist/status.summary-Cyr9PxeP.js +2 -0
  605. package/dist/subagent-announce-Dw7-i1-9.js +351 -0
  606. package/dist/subagent-announce-delivery-HYpoItCd.js +726 -0
  607. package/dist/subagent-announce-output-C7rcYYEc.js +364 -0
  608. package/dist/subagent-control-Ds2GYpWL.js +506 -0
  609. package/dist/subagent-followup.runtime-Cd8hCztp.js +68 -0
  610. package/dist/subagent-followup.runtime.js +1 -1
  611. package/dist/subagent-orphan-recovery-BgjubPqf.js +305 -0
  612. package/dist/subagent-registry-CgpGD3GV.js +1753 -0
  613. package/dist/subagent-registry-DxdVLcdG.js +3 -0
  614. package/dist/subagent-registry.runtime.js +1 -1
  615. package/dist/subagent-spawn-BWBNndsp.js +1005 -0
  616. package/dist/system-cli-DyBkQUQb.js +43 -0
  617. package/dist/targets-BadrXaG2.js +67 -0
  618. package/dist/task-executor-C7Wi33fD.js +360 -0
  619. package/dist/task-owner-access-yQv8xMco.js +74 -0
  620. package/dist/task-registry-W5mFPlZX.js +2357 -0
  621. package/dist/task-registry-delivery-runtime-cBNSvuGT.js +3 -0
  622. package/dist/task-registry-delivery-runtime-cJvq2BuY.js +2 -0
  623. package/dist/task-registry.maintenance-Buzo501v.js +2 -0
  624. package/dist/task-registry.maintenance-pJMW_7Am.js +416 -0
  625. package/dist/telegram/token.js +1 -1
  626. package/dist/testing-Dw49ltmR.js +575 -0
  627. package/dist/text-report-CtyXY05r.js +549 -0
  628. package/dist/tool-resolution-BcUPtTtu.js +90 -0
  629. package/dist/tools-effective-inventory-CL0grjv4.js +152 -0
  630. package/dist/tools-invoke-http-BZ8xqe0f.js +206 -0
  631. package/dist/trash-B6l1GwX9.js +24 -0
  632. package/dist/tui-cli-BCn5UWwT.js +4585 -0
  633. package/dist/update-cli-D8bMov5W.js +1759 -0
  634. package/dist/upgrade-iRXz6ZP4.js +1226 -0
  635. package/dist/video-generation-task-status-ESf4kR6F.js +163 -0
  636. package/dist/wait-for-idle-before-flush-C-_kVutK.js +5985 -0
  637. package/dist/wizard-models-jPGu0o7K.js +334 -0
  638. package/package.json +1 -1
  639. package/dist/abort-eELweWEh.js +0 -201
  640. package/dist/abort.runtime-CTayKbQD.js +0 -2
  641. package/dist/accounts-BGM3WHLv.js +0 -107
  642. package/dist/accounts-CjfvnRr8.js +0 -2
  643. package/dist/accounts-Do4oFjnx.js +0 -104
  644. package/dist/acp-cli-CYsQXo19.js +0 -2217
  645. package/dist/acp-spawn-EQ41IhnW.js +0 -2
  646. package/dist/acp-spawn-kNmVaCJg.js +0 -1042
  647. package/dist/acp-stateful-target-driver-CGEmB873.js +0 -89
  648. package/dist/action-agents-DRZhDohG.js +0 -67
  649. package/dist/action-focus-rtD_IZeK.js +0 -132
  650. package/dist/action-help-BxYZoPLZ.js +0 -7
  651. package/dist/action-info-DKIOeV27.js +0 -101
  652. package/dist/action-kill-BSRgreG1.js +0 -33
  653. package/dist/action-list-D_9VcDkU.js +0 -21
  654. package/dist/action-log-B-14uMf6.js +0 -30
  655. package/dist/action-send-DSAXZyLd.js +0 -39
  656. package/dist/action-spawn-CmQA95xS.js +0 -47
  657. package/dist/action-unfocus-CENAeJCf.js +0 -29
  658. package/dist/actions.runtime-BOFiPCqN.js +0 -18
  659. package/dist/actions.runtime-BokGkMaN.js +0 -5
  660. package/dist/agent-aBFNkVS4.js +0 -2
  661. package/dist/agent-command-CAtrEgLC.js +0 -874
  662. package/dist/agent-harness-runtime-BL32XpUV.js +0 -144
  663. package/dist/agent-runner-utils-DqPHTinZ.js +0 -239
  664. package/dist/agent-runner.runtime-Dau-cd0f.js +0 -3443
  665. package/dist/agent-runtime--LWUNBfA.js +0 -18
  666. package/dist/agents-C3k8MTRw.js +0 -5
  667. package/dist/agents-CFtbcew1.js +0 -954
  668. package/dist/aliases-Cgg9M9wt.js +0 -96
  669. package/dist/aliases-fGREp791.js +0 -2
  670. package/dist/api-BcbAyDG9.js +0 -5
  671. package/dist/api-D0pLMgBK.js +0 -139
  672. package/dist/api-NoVni8Sl.js +0 -3
  673. package/dist/approval-gateway-resolver-Cb_c_Zpw.js +0 -29
  674. package/dist/approval-gateway-runtime-CI5kXM2R.js +0 -2
  675. package/dist/approval-handler-runtime-39P31QLp.js +0 -439
  676. package/dist/approval-native-runtime-CeybpRQ8.js +0 -729
  677. package/dist/attempt-execution.runtime-Dd1qMUKN.js +0 -509
  678. package/dist/attempt.prompt-helpers-CaElAXu4.js +0 -206
  679. package/dist/attempt.tool-run-context-Bmny58yh.js +0 -933
  680. package/dist/audit-C41qeFBb.js +0 -939
  681. package/dist/audit.runtime-D8lnHabB.js +0 -7
  682. package/dist/auth-CsVdaaAe.js +0 -2
  683. package/dist/auth-order-BWk3ViLn.js +0 -139
  684. package/dist/auth-order-BbG3V9qM.js +0 -2
  685. package/dist/auth-pqwbxiw7.js +0 -550
  686. package/dist/bash-tools-C_tOXKUP.js +0 -2853
  687. package/dist/bash-tools-D5q7UFgs.js +0 -3
  688. package/dist/binding-routing-CeClBVpB.js +0 -85
  689. package/dist/binding-targets-DdrE0COF.js +0 -121
  690. package/dist/bridge-server-DeAPQe0C.js +0 -113
  691. package/dist/browser-control-auth-Df3M2eI5.js +0 -2
  692. package/dist/browser-node-runtime-n6vhbxwB.js +0 -12
  693. package/dist/browser-profiles-BcaCN3Q6.js +0 -2
  694. package/dist/browser-runtime-D6wFsSX9.js +0 -387
  695. package/dist/browser-setup-tools-O22i2nzo.js +0 -13
  696. package/dist/build-D2RzyOdJ.js +0 -550
  697. package/dist/call-D1wMcFp1.js +0 -330
  698. package/dist/call-DZwpoxKB.js +0 -3
  699. package/dist/call.runtime-_dVLUHfq.js +0 -2
  700. package/dist/capability-cli-DG1nE-2Q.js +0 -1401
  701. package/dist/catchup-CALuX0EW.js +0 -300
  702. package/dist/channel-CNb4SPiv.js +0 -1320
  703. package/dist/channel-CS0Ik7Dq.js +0 -1174
  704. package/dist/channel-CYBGsrs5.js +0 -226
  705. package/dist/channel-Cnt8iXCs.js +0 -297
  706. package/dist/channel-Cq62QSZR.js +0 -1100
  707. package/dist/channel-CuOrQbPa.js +0 -491
  708. package/dist/channel-CwUVg_e3.js +0 -350
  709. package/dist/channel-CxPOVDOa.js +0 -453
  710. package/dist/channel-D8E3vPYf.js +0 -1802
  711. package/dist/channel-Hkm1aCOg.js +0 -840
  712. package/dist/channel-core-UwaoX83l.js +0 -5
  713. package/dist/channel-hzXuigBm.js +0 -595
  714. package/dist/channel-inbound-C88sBchp.js +0 -31
  715. package/dist/channel-plugin-runtime-CDndBSbs.js +0 -771
  716. package/dist/channel-runtime-CpayqA94.js +0 -425
  717. package/dist/channel.runtime-BTGIlCf_.js +0 -42398
  718. package/dist/channel.runtime-Bo7eYpYT.js +0 -576
  719. package/dist/channel.runtime-Cb7E95Ts.js +0 -2364
  720. package/dist/channel.runtime-DNrozvEo.js +0 -4
  721. package/dist/channel.runtime-DRsan2gc.js +0 -430
  722. package/dist/channel.runtime-Je-Ol2c3.js +0 -89
  723. package/dist/channel.setup-BW4k0T2j.js +0 -10
  724. package/dist/channel2.runtime-Bz0QP9sq.js +0 -109
  725. package/dist/channels-BOUEDeFj.js +0 -733
  726. package/dist/channels-cli-BBM3LCGT.js +0 -268
  727. package/dist/chat-0aqpRXk7.js +0 -2830
  728. package/dist/clawbot-cli-CSpQnlO7.js +0 -9
  729. package/dist/cli-BMMCMk2R.js +0 -72
  730. package/dist/cli-CEQfSSaU.js +0 -2
  731. package/dist/cli-DI0JpbBo.js +0 -2
  732. package/dist/cli-NfaQyvCK.js +0 -219
  733. package/dist/cli-runner-DNyuZ5h6.js +0 -286
  734. package/dist/cli-runner.runtime-CR-JwA4O.js +0 -3
  735. package/dist/cli-runner.runtime-Dz6jbCuw.js +0 -4
  736. package/dist/cli.runtime-oxgwFXYo.js +0 -1261
  737. package/dist/client-Bt55zFEY.js +0 -138
  738. package/dist/client-DdJ17SBT.js +0 -723
  739. package/dist/command-auth-BthdrJZs.js +0 -76
  740. package/dist/command-config-resolution-CVMUB11x.js +0 -2
  741. package/dist/command-config-resolution-Gyx8ZctY.js +0 -23
  742. package/dist/command-config-resolution.runtime-BkW8urG9.js +0 -2
  743. package/dist/command-registry-CzoqAliR.js +0 -4
  744. package/dist/command-registry-core-CBbC7zvE.js +0 -106
  745. package/dist/command-registry-otbvPe2S.js +0 -9
  746. package/dist/command-secret-gateway-96Lg7d56.js +0 -528
  747. package/dist/command-status.runtime-Wz0v1rTj.js +0 -87
  748. package/dist/commands-acp-CTKWdZFc.js +0 -77
  749. package/dist/commands-compact.runtime-BvhuA8PX.js +0 -10
  750. package/dist/commands-handlers.runtime-1lMZVKIF.js +0 -4599
  751. package/dist/commands-status-OROpaZRA.js +0 -16
  752. package/dist/commands-status.runtime-CylmITPm.js +0 -3
  753. package/dist/commands-subagents-control.runtime-DPZM15Y8.js +0 -3
  754. package/dist/commands-subagents-control.runtime-DtPr9n7D.js +0 -2
  755. package/dist/commands-system-prompt-CbFMKfpn.js +0 -2
  756. package/dist/commands-system-prompt-DwCsudJL.js +0 -157
  757. package/dist/commands.runtime-nRjRmUst.js +0 -167
  758. package/dist/compact-Bi9T_Zb_.js +0 -1096
  759. package/dist/compact.runtime-DTvVHwbC.js +0 -12
  760. package/dist/completion-cli-Dj97mkii.js +0 -328
  761. package/dist/config-CY6leWe-.js +0 -252
  762. package/dist/config-cli-B_BsNmBg.js +0 -1078
  763. package/dist/configure-CSRRRV1P.js +0 -2
  764. package/dist/configure-CUG1geJf.js +0 -1252
  765. package/dist/connect-options-CnwJQxN0.js +0 -699
  766. package/dist/control-auth-C5i9U0hQ.js +0 -125
  767. package/dist/control-service-Hpi8EaX5.js +0 -156
  768. package/dist/control-ui/assets/agents-Bm9tbRvl.js +0 -1125
  769. package/dist/control-ui/assets/canvas-Dqcz2P-M.js +0 -274
  770. package/dist/control-ui/assets/channel-config-extras-DPhtzROS.js +0 -2
  771. package/dist/control-ui/assets/channels-C4lCtkuE.js +0 -198
  772. package/dist/control-ui/assets/cron-CDnocp54.js +0 -250
  773. package/dist/control-ui/assets/de-BIxTAu8X.js +0 -2
  774. package/dist/control-ui/assets/debug-CLJUkyM0.js +0 -94
  775. package/dist/control-ui/assets/es-BQWbWgIl.js +0 -2
  776. package/dist/control-ui/assets/fr-CWlA2mjJ.js +0 -2
  777. package/dist/control-ui/assets/i18n-zQZN-KVV.js +0 -3
  778. package/dist/control-ui/assets/id-6rCpPVbX.js +0 -2
  779. package/dist/control-ui/assets/index-DNcb9kKN.js +0 -5972
  780. package/dist/control-ui/assets/instances-BmNOHnr0.js +0 -57
  781. package/dist/control-ui/assets/ja-JP-DF-DP5BG.js +0 -2
  782. package/dist/control-ui/assets/ko-DBqpeGub.js +0 -2
  783. package/dist/control-ui/assets/logs-DbPv07V4.js +0 -74
  784. package/dist/control-ui/assets/mcp-CxU-2jb_.js +0 -380
  785. package/dist/control-ui/assets/memory-Cvr3erHb.js +0 -50
  786. package/dist/control-ui/assets/memory-graph-BpmZbNSk.js +0 -30
  787. package/dist/control-ui/assets/models-C7nRZAXy.js +0 -86
  788. package/dist/control-ui/assets/nodes-f2aGvluM.js +0 -654
  789. package/dist/control-ui/assets/pl-5NAsq-Is.js +0 -2
  790. package/dist/control-ui/assets/plugins-5hOroymh.js +0 -259
  791. package/dist/control-ui/assets/presenter-DsN_oVUG.js +0 -2
  792. package/dist/control-ui/assets/preview-Bpt_pTk6.js +0 -2
  793. package/dist/control-ui/assets/pt-BR-Hv8MDaxx.js +0 -2
  794. package/dist/control-ui/assets/sessions-LDFBoP0u.js +0 -56
  795. package/dist/control-ui/assets/skills-DIujrS1_.js +0 -294
  796. package/dist/control-ui/assets/skills-shared-DTBgPO3R.js +0 -11
  797. package/dist/control-ui/assets/th-cg-0LWw9.js +0 -2
  798. package/dist/control-ui/assets/tr-hpqnmvm6.js +0 -2
  799. package/dist/control-ui/assets/uk-DaVOgu9d.js +0 -2
  800. package/dist/control-ui/assets/wallet-CdJCKiSZ.js +0 -302
  801. package/dist/control-ui/assets/zh-CN-BfPyN3yg.js +0 -2
  802. package/dist/control-ui/assets/zh-TW-WbilNUjy.js +0 -2
  803. package/dist/control-ui-CeGNcKzT.js +0 -1043
  804. package/dist/conversation-id-BCbq5NIc.js +0 -38
  805. package/dist/conversation-id-CQI9g_tF.js +0 -235
  806. package/dist/conversation-runtime-DaqqNX-x.js +0 -31
  807. package/dist/core-Tk-dTIXT.js +0 -275
  808. package/dist/cron-cli-DSGzbLxR.js +0 -713
  809. package/dist/daemon-cli-DeV3LyHQ.js +0 -12
  810. package/dist/dashboard-DloYb4F9.js +0 -2
  811. package/dist/dashboard-tuymsSVS.js +0 -81
  812. package/dist/delegate-Dd5wAxfb.js +0 -64
  813. package/dist/detached-task-runtime-DKySZjwC.js +0 -73
  814. package/dist/devices-cli-CYzBu3hZ.js +0 -498
  815. package/dist/diagnostics-3KiMYFlv.js +0 -154
  816. package/dist/direct-dm-CUE3FyXY.js +0 -64
  817. package/dist/dispatch-_wfSU58C.js +0 -1131
  818. package/dist/dispatch-acp-DeRnweaq.js +0 -981
  819. package/dist/dispatch-acp-manager.runtime-BAIqFxld.js +0 -3
  820. package/dist/dispatch-acp.runtime-JlGpWtEz.js +0 -19
  821. package/dist/doctor-device-pairing-DEjdxNU3.js +0 -307
  822. package/dist/doctor-gateway-daemon-flow-DCKalcSh.js +0 -250
  823. package/dist/doctor-gateway-health-BY7EhLu3.js +0 -63
  824. package/dist/doctor-health-ClRZC0ve.js +0 -59
  825. package/dist/doctor-health-contributions-B65HPALZ.js +0 -493
  826. package/dist/doctor-prompter-YrvCLwpe.js +0 -56
  827. package/dist/doctor-workspace-status-B-BuL017.js +0 -75
  828. package/dist/dreaming-DGYWRYq3.js +0 -1582
  829. package/dist/dreaming-narrative-DRKoF-z9.js +0 -596
  830. package/dist/embedded-gateway-stub.runtime-DdjZKa9q.js +0 -9
  831. package/dist/embeddings-http-B3ACs8Ws.js +0 -205
  832. package/dist/exec-approvals-cli-C5DwVIu5.js +0 -498
  833. package/dist/fallbacks-D6L84vVc.js +0 -31
  834. package/dist/fallbacks-D6jO50XF.js +0 -2
  835. package/dist/fallbacks-shared-Dci4IyaY.js +0 -111
  836. package/dist/gateway-cli-BS9kPc9H.js +0 -1283
  837. package/dist/gateway-rpc-B5GtBJRi.js +0 -14
  838. package/dist/gateway-rpc.runtime-CKtiPql1.js +0 -23
  839. package/dist/gateway-runtime-C-kxmrI5.js +0 -15
  840. package/dist/gateway-status-0kWh50js.js +0 -584
  841. package/dist/gateway-tMGzPO6m.js +0 -115
  842. package/dist/genesis-tools-CtMsMRl9.js +0 -9435
  843. package/dist/genesis-tools.runtime-BptuQNAJ.js +0 -2
  844. package/dist/get-reply-B4NwzjDj.js +0 -3946
  845. package/dist/get-reply-from-config.runtime-D07XOnfu.js +0 -2
  846. package/dist/graph-users-Chk0mBZs.js +0 -1337
  847. package/dist/health-BkcL9i__.js +0 -3
  848. package/dist/health-CgLzUl2R.js +0 -420
  849. package/dist/health-route-BySTIyJQ.js +0 -2
  850. package/dist/health-route-P7I71km-.js +0 -41
  851. package/dist/hooks-cli-BMkgaeq9.js +0 -433
  852. package/dist/http-endpoint-helpers-CC_gglfr.js +0 -41
  853. package/dist/http-utils-C7CfxCac.js +0 -924
  854. package/dist/image-fallbacks-BGCt_6uL.js +0 -31
  855. package/dist/image-fallbacks-OrcyF2DC.js +0 -2
  856. package/dist/inbound-reply-dispatch-DYjgJdlo.js +0 -73
  857. package/dist/infra-runtime-AQfhgBFn.js +0 -38
  858. package/dist/init-DPP54t0W.js +0 -59
  859. package/dist/library-DFR5f_Ir.js +0 -45
  860. package/dist/lifecycle-CW2vdQDb.js +0 -571
  861. package/dist/lifecycle-D11XyL6V.js +0 -229
  862. package/dist/lifecycle.runtime-DSWYu3nX.js +0 -2
  863. package/dist/list-BKM6QdOy.js +0 -1212
  864. package/dist/list-CTNJ4-68.js +0 -2
  865. package/dist/list-DtXUyEzG.js +0 -2
  866. package/dist/list-aEqDnDBI.js +0 -131
  867. package/dist/list.probe-Bou6QQPq.js +0 -419
  868. package/dist/llm-slug-generator-Bnt1pOHN.js +0 -79
  869. package/dist/load-config-CBqnIYCC.js +0 -35
  870. package/dist/local-dispatch.runtime-zcsbNVun.js +0 -8
  871. package/dist/logs-cli-TFV7jUp4.js +0 -265
  872. package/dist/logs-cli.runtime-DtiBn5Ch.js +0 -2
  873. package/dist/main-session-restart-recovery-DxN0yklO.js +0 -206
  874. package/dist/managed-image-attachments-BGssrKSl.js +0 -635
  875. package/dist/managed-image-attachments-oy7vi04e.js +0 -2
  876. package/dist/manager-C86vv_vo.js +0 -2
  877. package/dist/manager-ooYadtSy.js +0 -2057
  878. package/dist/markdown-to-line-COdsSmXH.js +0 -790
  879. package/dist/mcp-cli-CAuVc_Pm.js +0 -725
  880. package/dist/mcp-http-DJ1wHZwo.js +0 -529
  881. package/dist/memory-core-host-runtime-cli-BIS_FL5c.js +0 -9
  882. package/dist/message-Bwxr0xiZ.js +0 -232
  883. package/dist/message-action-runner-B65TS-iS.js +0 -1407
  884. package/dist/message-action-runner-CiaRlq7u.js +0 -2
  885. package/dist/message-actions-D64MkmkC.js +0 -143
  886. package/dist/message.gateway.runtime-RW2Yhu37.js +0 -2
  887. package/dist/method-scopes-BkN09VAs.js +0 -232
  888. package/dist/models-auth-status-DzLtMc97.js +0 -217
  889. package/dist/models-cli-CoFUFTED.js +0 -271
  890. package/dist/models-http-DbtJ3UU_.js +0 -92
  891. package/dist/monitor-B4GOsafr.js +0 -671
  892. package/dist/monitor-BABC3pTm.js +0 -1661
  893. package/dist/monitor-BJrqsLpj.js +0 -1459
  894. package/dist/monitor-DiZfArYU.js +0 -1237
  895. package/dist/monitor-auth-DVJNdnse.js +0 -207
  896. package/dist/monitor-ovv5ZrP8.js +0 -788
  897. package/dist/monitor-processing-25Z4qW74.js +0 -1974
  898. package/dist/monitor-zDAbyj7K.js +0 -2
  899. package/dist/monitor.runtime-9UOZT7UY.js +0 -2
  900. package/dist/monitor.webhook-ksEOpU9Y.js +0 -180
  901. package/dist/msteams-D0FDrYYn.js +0 -35
  902. package/dist/native-hook-relay-C_3-6Eke.js +0 -519
  903. package/dist/nextcloud-talk-DKd_xz3W.js +0 -17
  904. package/dist/node-cli-D5KvQ2CT.js +0 -2276
  905. package/dist/nodes-cli-DNNvVAj2.js +0 -1046
  906. package/dist/nodes-utils-CBwEmmq2.js +0 -84
  907. package/dist/nodes.helpers-CAihaPrl.js +0 -34
  908. package/dist/notify-CC_X0-7j.js +0 -315
  909. package/dist/onboard-BdO5P4vD.js +0 -2
  910. package/dist/onboard-ILwgXLYY.js +0 -70
  911. package/dist/onboard-helpers-7z02DFh9.js +0 -204
  912. package/dist/onboard-helpers-Ms4s2EzO.js +0 -6
  913. package/dist/onboard-interactive-BjPiPpZT.js +0 -24
  914. package/dist/onboard-non-interactive-Dj4NGkhK.js +0 -635
  915. package/dist/onboard-remote-DCYnQ04q.js +0 -193
  916. package/dist/onboard-remote-ofkezDbI.js +0 -2
  917. package/dist/onboard-skills-CUjzYHgj.js +0 -2
  918. package/dist/onboard-skills-CbfWgSt7.js +0 -134
  919. package/dist/openai-http-BaMtk-kT.js +0 -500
  920. package/dist/openresponses-http-WKKDY0q5.js +0 -1128
  921. package/dist/operator-approvals-client-4sga8tKU.js +0 -68
  922. package/dist/outbound.runtime-CDHhU73P.js +0 -2
  923. package/dist/pair-command-approve-OYJIc2fu.js +0 -44
  924. package/dist/persistent-bindings.lifecycle-BfHNJZO4.js +0 -2
  925. package/dist/persistent-bindings.lifecycle-DwKmiJYz.js +0 -85
  926. package/dist/pi-embedded-CGFh2Blz.js +0 -4
  927. package/dist/pi-embedded-ooYGUOJZ.js +0 -2905
  928. package/dist/pi-embedded.runtime-B1NpL8rR.js +0 -4
  929. package/dist/pi-tool-definition-adapter-Bl5ufyu3.js +0 -229
  930. package/dist/pi-tools-82qefK6f.js +0 -1118
  931. package/dist/pi-tools.before-tool-call-Db88CRUS.js +0 -2
  932. package/dist/pi-tools.before-tool-call-Dh-5Kzc8.js +0 -433
  933. package/dist/plugin-DwuhlI2I.js +0 -12195
  934. package/dist/plugin-enabled-CfzRQT1B.js +0 -140
  935. package/dist/plugin-registration-XsebPQqy.js +0 -23
  936. package/dist/plugin-service-QJqtKEG5.js +0 -2893
  937. package/dist/policy-DsGoyetK.js +0 -328
  938. package/dist/prepare.runtime-Ca5X_K9Y.js +0 -807
  939. package/dist/probe-0MgKBFel.js +0 -2205
  940. package/dist/probe-9CryCp2o.js +0 -2
  941. package/dist/probe-B8ogIy1E.js +0 -1443
  942. package/dist/probe-B_t63C0q.js +0 -74
  943. package/dist/probe-Cg5_YE3i.js +0 -240
  944. package/dist/probe-DVxDryxE.js +0 -45
  945. package/dist/probe-MDbiDMWz.js +0 -2
  946. package/dist/program-DPoG-10j.js +0 -111
  947. package/dist/prompt-select-styled-CTHDINxc.js +0 -20
  948. package/dist/protocol-zDWsuAk7.js +0 -2477
  949. package/dist/provider-dispatcher-Bgci1rwg.js +0 -2
  950. package/dist/provider-dispatcher-CwSZMOAg.js +0 -22
  951. package/dist/qr-cli-DvJ5xdsh.js +0 -2
  952. package/dist/qr-cli-gzyNSC5u.js +0 -349
  953. package/dist/reaction-runtime-api-BlDTJpo-.js +0 -116
  954. package/dist/reactions-W4Fy8xu5.js +0 -998
  955. package/dist/register-service-commands-BwL9yJxI.js +0 -71
  956. package/dist/register.agent-DhQz75CX.js +0 -248
  957. package/dist/register.configure-CiW5Nm47.js +0 -15
  958. package/dist/register.maintenance-B-bmcOm_.js +0 -363
  959. package/dist/register.message-CB7RGm0D.js +0 -329
  960. package/dist/register.onboard--s57-W_O.js +0 -88
  961. package/dist/register.runtime-aLzIGvj5.js +0 -81
  962. package/dist/register.setup-EvqU6AWF.js +0 -150
  963. package/dist/register.status-health-sessions-LtIU28tG.js +0 -1215
  964. package/dist/register.subclis-Cdyty_Wl.js +0 -29
  965. package/dist/register.subclis-E0e8IhV6.js +0 -3
  966. package/dist/register.subclis-core-DoJitfZR.js +0 -249
  967. package/dist/reply-dispatch-runtime-yhxku4dH.js +0 -13
  968. package/dist/reply-runtime-DMJCIRLh.js +0 -10
  969. package/dist/reply.runtime-ClSSD2-g.js +0 -2
  970. package/dist/restart-health-BOftTaLm.js +0 -202
  971. package/dist/restart-health-Cq5PQJFt.js +0 -2
  972. package/dist/root-help-gILUFRrb.js +0 -44
  973. package/dist/routes-D4r1ezvE.js +0 -3341
  974. package/dist/routes-QfDdU8qI.js +0 -2
  975. package/dist/rpc-BH3MZf04.js +0 -61
  976. package/dist/rpc.runtime-DEqSCvK_.js +0 -21
  977. package/dist/run-delivery.runtime-Ra2LpyjL.js +0 -530
  978. package/dist/run-embedded.runtime-B-b7dF48.js +0 -4
  979. package/dist/run-execution-cli.runtime-rzYYRquv.js +0 -4
  980. package/dist/run-executor.runtime-D3MC8B3s.js +0 -277
  981. package/dist/run-main-ROsTM9o9.js +0 -567
  982. package/dist/run-subagent-registry.runtime-gvfWvULf.js +0 -2
  983. package/dist/run-wait-DYca4W_o.js +0 -135
  984. package/dist/runtime-1Bb9bT_p.js +0 -9
  985. package/dist/runtime-B4JFGWB4.js +0 -961
  986. package/dist/runtime-api-BTGrUC1e.js +0 -14
  987. package/dist/runtime-api-Bhl3_8yF.js +0 -9
  988. package/dist/runtime-api-C-nx_QzF.js +0 -4
  989. package/dist/runtime-api-DlKoDfhQ.js +0 -9
  990. package/dist/runtime-embedded-pi.runtime-BpNxs_WI.js +0 -2
  991. package/dist/runtime-internal-BbUZ7GRn.js +0 -2
  992. package/dist/runtime-options-DvpcqD1R.js +0 -275
  993. package/dist/runtime-schema-DooxQwin.js +0 -28599
  994. package/dist/scan-DpgK8kOr.js +0 -2
  995. package/dist/scan-U6zeFiF4.js +0 -523
  996. package/dist/secrets-cli-DjWSeoBE.js +0 -2101
  997. package/dist/security-cli-CSD7A3_W.js +0 -486
  998. package/dist/selection-C6LjcruV.js +0 -2
  999. package/dist/selection-DTQuCEn8.js +0 -7743
  1000. package/dist/send-DjtE85vk.js +0 -102
  1001. package/dist/send-DrOoCalT.js +0 -156
  1002. package/dist/send.runtime-CoOsNVP2.js +0 -2
  1003. package/dist/server-Bm7KpOGW.js +0 -77
  1004. package/dist/server-C6MOiNs5.js +0 -13
  1005. package/dist/server-context-B4L8Ko8G.js +0 -847
  1006. package/dist/server-context-CdmUY6o_.js +0 -2
  1007. package/dist/server-node-events-D9LfdT_R.js +0 -474
  1008. package/dist/server-plugin-bootstrap-BzB53IG-.js +0 -2
  1009. package/dist/server-plugin-bootstrap-DnXmVUc8.js +0 -13275
  1010. package/dist/server-restart-sentinel-DSfUKsS9.js +0 -684
  1011. package/dist/server.impl-D6b9jfKp.js +0 -12787
  1012. package/dist/session-kill-http-DyjyFGdE.js +0 -110
  1013. package/dist/session-reset-service-7QjMT-P3.js +0 -497
  1014. package/dist/session-route-C0pUoL-m.js +0 -93
  1015. package/dist/session-status.runtime-C7j8HBWm.js +0 -2
  1016. package/dist/session-subagent-reactivation.runtime-D4lP9Yxw.js +0 -2
  1017. package/dist/session-tab-registry-CPJFtGU8.js +0 -581
  1018. package/dist/session-visibility-Bg3eG7Ud.js +0 -147
  1019. package/dist/sessions-helpers-C0F_CCx_.js +0 -305
  1020. package/dist/sessions-history-http-Bee2KxDh.js +0 -371
  1021. package/dist/sessions-patch-yHBQNF3A.js +0 -309
  1022. package/dist/sessions-resolve-D_3EYokX.js +0 -174
  1023. package/dist/sessions.runtime-CEP1m60d.js +0 -2
  1024. package/dist/setup-HKQAarOb.js +0 -636
  1025. package/dist/setup-api-EpAQ3HZv.js +0 -29
  1026. package/dist/setup-core-BgPN9ltC.js +0 -176
  1027. package/dist/setup-core-DSLCd1rN.js +0 -171
  1028. package/dist/setup-surface-DMN9uyVd.js +0 -403
  1029. package/dist/setup-surface-DhuBlD5J.js +0 -219
  1030. package/dist/setup-surface-E0DezmAi.js +0 -286
  1031. package/dist/setup.finalize-MkGL04S6.js +0 -547
  1032. package/dist/setup.gateway-config-Bnbhn6v-.js +0 -250
  1033. package/dist/shared-DDpJ78zl.js +0 -198
  1034. package/dist/shared-DGn0ibdp.js +0 -121
  1035. package/dist/shared-fUr4aN5q.js +0 -76
  1036. package/dist/slash-state-BXCSlhym.js +0 -1911
  1037. package/dist/src-uTvmDRmY.js +0 -3974
  1038. package/dist/startup-context-D-raEng1.js +0 -312
  1039. package/dist/status-B_d9Cx4z.js +0 -2
  1040. package/dist/status-Cm6eyksx.js +0 -209
  1041. package/dist/status-CmxOcSnZ.js +0 -2
  1042. package/dist/status-DVueyM2F.js +0 -395
  1043. package/dist/status-DbdzfpUI.js +0 -3
  1044. package/dist/status-DzQhntmn.js +0 -190
  1045. package/dist/status-all-m61xmSOw.js +0 -498
  1046. package/dist/status-json-DDMgeSaC.js +0 -14
  1047. package/dist/status-json-command-CK5HTDaU.js +0 -82
  1048. package/dist/status-runtime-shared-p3krF0s5.js +0 -241
  1049. package/dist/status-subagents.runtime-DHuvJr3p.js +0 -18
  1050. package/dist/status-text-CtkqzmoT.js +0 -237
  1051. package/dist/status.gateway-connection.runtime-Baws_5sO.js +0 -2
  1052. package/dist/status.gather-8OGnlbKU.js +0 -292
  1053. package/dist/status.gather-BETbqTkh.js +0 -2
  1054. package/dist/status.runtime-D7lk5mLJ.js +0 -2
  1055. package/dist/status.scan-BCPG9Nfn.js +0 -65
  1056. package/dist/status.scan-overview-BxfXogPo.js +0 -379
  1057. package/dist/status.scan.fast-json-DsYnYXoH.js +0 -2
  1058. package/dist/status.scan.fast-json-Ya7IYP0s.js +0 -132
  1059. package/dist/status.summary-BMSVTd_0.js +0 -200
  1060. package/dist/status.summary-CpaouG_t.js +0 -2
  1061. package/dist/subagent-announce-BHJpD5-v.js +0 -351
  1062. package/dist/subagent-announce-delivery-CKyEeFvA.js +0 -726
  1063. package/dist/subagent-announce-output-4itRkJFz.js +0 -364
  1064. package/dist/subagent-control-DnG7Wuci.js +0 -506
  1065. package/dist/subagent-followup.runtime-CSYnHTuh.js +0 -68
  1066. package/dist/subagent-orphan-recovery-CEGWLVDl.js +0 -305
  1067. package/dist/subagent-registry-BBck4LPP.js +0 -3
  1068. package/dist/subagent-registry-Kop804vg.js +0 -1753
  1069. package/dist/subagent-spawn-CZJpCHIN.js +0 -1005
  1070. package/dist/system-cli-CTd252XD.js +0 -43
  1071. package/dist/targets-CD3QLNpW.js +0 -67
  1072. package/dist/task-executor-BbCXhqDF.js +0 -360
  1073. package/dist/task-owner-access-Be7GpZNB.js +0 -74
  1074. package/dist/task-registry-CZN3bWaG.js +0 -2357
  1075. package/dist/task-registry-delivery-runtime-BQTBKwpP.js +0 -3
  1076. package/dist/task-registry-delivery-runtime-BxmqiCDh.js +0 -2
  1077. package/dist/task-registry.maintenance-3Y9NCOoG.js +0 -2
  1078. package/dist/task-registry.maintenance-DCn5Caci.js +0 -416
  1079. package/dist/testing-BH9BASoR.js +0 -575
  1080. package/dist/text-report-B0Y14E6B.js +0 -549
  1081. package/dist/tool-resolution-D4AhidQx.js +0 -90
  1082. package/dist/tools-effective-inventory-_1V0I8t9.js +0 -152
  1083. package/dist/tools-invoke-http-B6q43oJu.js +0 -206
  1084. package/dist/trash-BEJ9CQ7c.js +0 -24
  1085. package/dist/tui-cli-BHo_XAR4.js +0 -4585
  1086. package/dist/update-cli-yoJZUuTt.js +0 -1759
  1087. package/dist/upgrade-xIQd0f13.js +0 -1226
  1088. package/dist/video-generation-task-status-B9we9j9s.js +0 -163
  1089. package/dist/wait-for-idle-before-flush-A1yDxWJx.js +0 -5985
  1090. package/dist/wizard-models-CRc4fctG.js +0 -334
@@ -0,0 +1,939 @@
1
+ import { a as normalizeLowercaseStringOrEmpty, s as normalizeOptionalLowercaseString } from "./string-coerce-DPP_aYVc.js";
2
+ import { t as formatCliCommand } from "./command-format-B3Q5KD9o.js";
3
+ import { _ as resolveStateDir, o as resolveConfigPath } from "./paths-Bv2rGpO9.js";
4
+ import { o as hasConfiguredSecretInput } from "./types.secrets-BbgGt42I.js";
5
+ import { n as formatPermissionRemediation, r as inspectPathPermissions, t as formatPermissionDetail } from "./audit-fs-CAyAtdeX.js";
6
+ import { n as resolveGatewayAuth } from "./auth-resolve-CcailHTH.js";
7
+ import { n as asNullableRecord } from "./record-coerce-CMKPGWB_.js";
8
+ import { t as DEFAULT_AGENT_ID } from "./session-key-CI3KvTQC.js";
9
+ import { i as normalizeTrustedSafeBinDirs, o as listRiskyConfiguredSafeBins } from "./exec-safe-bin-trust-DMrCONj2.js";
10
+ import { b as resolveAgentWorkspaceDir, x as resolveDefaultAgentId } from "./agent-scope-BUYwVohk.js";
11
+ import { i as resolveSandboxConfigForAgent } from "./config-DwJUHdf0.js";
12
+ import { u as isInterpreterLikeAllowlistPattern } from "./exec-approvals-allowlist-BBW7JMg0.js";
13
+ import { i as resolveMergedSafeBinProfileFixtures, n as listInterpreterLikeSafeBins } from "./exec-safe-bin-runtime-policy-DUcKpnC_.js";
14
+ import { l as loadExecApprovals } from "./exec-approvals-D0DTIzDT.js";
15
+ import { n as collectCoreInsecureOrDangerousFlags, t as collectEnabledInsecureOrDangerousFlags } from "./dangerous-config-flags-Drbk-drI.js";
16
+ import { t as DEFAULT_GATEWAY_HTTP_TOOL_DENY } from "./dangerous-tools-DTsU-3_q.js";
17
+ import path from "node:path";
18
+ import { isIP } from "node:net";
19
+ //#region src/security/audit-deep-code-safety.ts
20
+ let auditDeepModulePromise;
21
+ async function loadAuditDeepModule() {
22
+ auditDeepModulePromise ??= import("./audit.deep.runtime-CXjulrWI.js");
23
+ return await auditDeepModulePromise;
24
+ }
25
+ async function collectDeepCodeSafetyFindings(params) {
26
+ if (!params.deep) return [];
27
+ const auditDeep = await loadAuditDeepModule();
28
+ return [...await auditDeep.collectPluginsCodeSafetyFindings({
29
+ stateDir: params.stateDir,
30
+ summaryCache: params.summaryCache
31
+ }), ...await auditDeep.collectInstalledSkillsCodeSafetyFindings({
32
+ cfg: params.cfg,
33
+ stateDir: params.stateDir,
34
+ summaryCache: params.summaryCache
35
+ })];
36
+ }
37
+ //#endregion
38
+ //#region src/security/audit-deep-probe-findings.ts
39
+ function collectDeepProbeFindings(params) {
40
+ const findings = [];
41
+ if (params.deep?.gateway?.attempted && !params.deep.gateway.ok) findings.push({
42
+ checkId: "gateway.probe_failed",
43
+ severity: "warn",
44
+ title: "Gateway probe failed (deep)",
45
+ detail: params.deep.gateway.error ?? "gateway unreachable",
46
+ remediation: `Run "${formatCliCommand("genesis status --all")}" to debug connectivity/auth, then re-run "${formatCliCommand("genesis security audit --deep")}".`
47
+ });
48
+ if (params.authWarning) findings.push({
49
+ checkId: "gateway.probe_auth_secretref_unavailable",
50
+ severity: "warn",
51
+ title: "Gateway probe auth SecretRef is unavailable",
52
+ detail: params.authWarning,
53
+ remediation: `Set GENESIS_GATEWAY_TOKEN/GENESIS_GATEWAY_PASSWORD in this shell or resolve the external secret provider, then re-run "${formatCliCommand("genesis security audit --deep")}".`
54
+ });
55
+ return findings;
56
+ }
57
+ //#endregion
58
+ //#region src/security/audit-gateway-config.ts
59
+ function hasNonEmptyString(value) {
60
+ return typeof value === "string" && value.trim().length > 0;
61
+ }
62
+ function collectGatewayConfigFindings$1(cfg, sourceConfig, env, options = {}) {
63
+ const findings = [];
64
+ const bind = typeof cfg.gateway?.bind === "string" ? cfg.gateway.bind : "loopback";
65
+ const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
66
+ const auth = resolveGatewayAuth({
67
+ authConfig: cfg.gateway?.auth,
68
+ tailscaleMode,
69
+ env
70
+ });
71
+ const controlUiEnabled = cfg.gateway?.controlUi?.enabled !== false;
72
+ const controlUiAllowedOrigins = (cfg.gateway?.controlUi?.allowedOrigins ?? []).map((value) => value.trim()).filter(Boolean);
73
+ const dangerouslyAllowHostHeaderOriginFallback = cfg.gateway?.controlUi?.dangerouslyAllowHostHeaderOriginFallback === true;
74
+ const trustedProxies = Array.isArray(cfg.gateway?.trustedProxies) ? cfg.gateway.trustedProxies : [];
75
+ const hasToken = typeof auth.token === "string" && auth.token.trim().length > 0;
76
+ const hasPassword = typeof auth.password === "string" && auth.password.trim().length > 0;
77
+ const envTokenConfigured = hasNonEmptyString(env.GENESIS_GATEWAY_TOKEN);
78
+ const envPasswordConfigured = hasNonEmptyString(env.GENESIS_GATEWAY_PASSWORD);
79
+ const tokenConfiguredFromConfig = hasConfiguredSecretInput(sourceConfig.gateway?.auth?.token, sourceConfig.secrets?.defaults);
80
+ const passwordConfiguredFromConfig = hasConfiguredSecretInput(sourceConfig.gateway?.auth?.password, sourceConfig.secrets?.defaults);
81
+ const remoteTokenConfigured = hasConfiguredSecretInput(sourceConfig.gateway?.remote?.token, sourceConfig.secrets?.defaults);
82
+ const explicitAuthMode = sourceConfig.gateway?.auth?.mode;
83
+ const tokenCanWin = hasToken || envTokenConfigured || tokenConfiguredFromConfig || remoteTokenConfigured;
84
+ const passwordCanWin = explicitAuthMode === "password" || explicitAuthMode !== "token" && explicitAuthMode !== "none" && explicitAuthMode !== "trusted-proxy" && !tokenCanWin;
85
+ const tokenConfigured = tokenCanWin;
86
+ const passwordConfigured = hasPassword || passwordCanWin && (envPasswordConfigured || passwordConfiguredFromConfig);
87
+ const hasSharedSecret = explicitAuthMode === "token" ? tokenConfigured : explicitAuthMode === "password" ? passwordConfigured : explicitAuthMode === "none" || explicitAuthMode === "trusted-proxy" ? false : tokenConfigured || passwordConfigured;
88
+ const hasTailscaleAuth = auth.allowTailscale && tailscaleMode === "serve";
89
+ const hasGatewayAuth = hasSharedSecret || hasTailscaleAuth;
90
+ const allowRealIpFallback = cfg.gateway?.allowRealIpFallback === true;
91
+ const mdnsMode = cfg.discovery?.mdns?.mode ?? "minimal";
92
+ const gatewayToolsAllowRaw = Array.isArray(cfg.gateway?.tools?.allow) ? cfg.gateway?.tools?.allow : [];
93
+ const gatewayToolsAllow = new Set(gatewayToolsAllowRaw.map((v) => normalizeOptionalLowercaseString(v) ?? "").filter(Boolean));
94
+ const reenabledOverHttp = DEFAULT_GATEWAY_HTTP_TOOL_DENY.filter((name) => gatewayToolsAllow.has(name));
95
+ if (reenabledOverHttp.length > 0) {
96
+ const extraRisk = bind !== "loopback" || tailscaleMode === "funnel";
97
+ findings.push({
98
+ checkId: "gateway.tools_invoke_http.dangerous_allow",
99
+ severity: extraRisk ? "critical" : "warn",
100
+ title: "Gateway HTTP /tools/invoke re-enables dangerous tools",
101
+ detail: `gateway.tools.allow includes ${reenabledOverHttp.join(", ")} which removes them from the default HTTP deny list. This can allow remote session spawning / control-plane actions via HTTP and increases RCE blast radius if the gateway is reachable.`,
102
+ remediation: "Remove these entries from gateway.tools.allow (recommended). If you keep them enabled, keep gateway.bind loopback-only (or tailnet-only), restrict network exposure, and treat the gateway token/password as full-admin."
103
+ });
104
+ }
105
+ if (bind !== "loopback" && !hasSharedSecret && auth.mode !== "trusted-proxy") findings.push({
106
+ checkId: "gateway.bind_no_auth",
107
+ severity: "critical",
108
+ title: "Gateway binds beyond loopback without auth",
109
+ detail: `gateway.bind="${bind}" but no gateway.auth token/password is configured.`,
110
+ remediation: `Set gateway.auth (token recommended) or bind to loopback.`
111
+ });
112
+ if (bind === "loopback" && controlUiEnabled && trustedProxies.length === 0) findings.push({
113
+ checkId: "gateway.trusted_proxies_missing",
114
+ severity: "warn",
115
+ title: "Reverse proxy headers are not trusted",
116
+ detail: "gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed.",
117
+ remediation: "Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only."
118
+ });
119
+ if (bind === "loopback" && controlUiEnabled && !hasGatewayAuth) findings.push({
120
+ checkId: "gateway.loopback_no_auth",
121
+ severity: "critical",
122
+ title: "Gateway auth missing on loopback",
123
+ detail: "gateway.bind is loopback but no gateway auth secret is configured. If the Control UI is exposed through a reverse proxy, unauthenticated access is possible.",
124
+ remediation: "Set gateway.auth (token recommended) or keep the Control UI local-only."
125
+ });
126
+ if (bind !== "loopback" && controlUiEnabled && controlUiAllowedOrigins.length === 0 && !dangerouslyAllowHostHeaderOriginFallback) findings.push({
127
+ checkId: "gateway.control_ui.allowed_origins_required",
128
+ severity: "critical",
129
+ title: "Non-loopback Control UI missing explicit allowed origins",
130
+ detail: "Control UI is enabled on a non-loopback bind but gateway.controlUi.allowedOrigins is empty. Strict origin policy requires explicit allowed origins for non-loopback deployments.",
131
+ remediation: "Set gateway.controlUi.allowedOrigins to full trusted origins (for example https://control.example.com). If your deployment intentionally relies on Host-header origin fallback, set gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback=true."
132
+ });
133
+ if (controlUiAllowedOrigins.includes("*")) {
134
+ const exposed = bind !== "loopback";
135
+ findings.push({
136
+ checkId: "gateway.control_ui.allowed_origins_wildcard",
137
+ severity: exposed ? "critical" : "warn",
138
+ title: "Control UI allowed origins contains wildcard",
139
+ detail: "gateway.controlUi.allowedOrigins includes \"*\" which means allow any browser origin for Control UI/WebChat requests. This disables origin allowlisting and should be treated as an intentional allow-all policy.",
140
+ remediation: "Replace wildcard origins with explicit trusted origins (for example https://control.example.com). Do not use \"*\" outside tightly controlled local testing."
141
+ });
142
+ }
143
+ if (dangerouslyAllowHostHeaderOriginFallback) {
144
+ const exposed = bind !== "loopback";
145
+ findings.push({
146
+ checkId: "gateway.control_ui.host_header_origin_fallback",
147
+ severity: exposed ? "critical" : "warn",
148
+ title: "DANGEROUS: Host-header origin fallback enabled",
149
+ detail: "gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback=true enables Host-header origin fallback for Control UI/WebChat websocket checks and weakens DNS rebinding protections.",
150
+ remediation: "Disable gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback and configure explicit gateway.controlUi.allowedOrigins."
151
+ });
152
+ }
153
+ if (allowRealIpFallback) {
154
+ const hasNonLoopbackTrustedProxy = trustedProxies.some((proxy) => !isStrictLoopbackTrustedProxyEntry(proxy));
155
+ const exposed = bind !== "loopback" || auth.mode === "trusted-proxy" && hasNonLoopbackTrustedProxy;
156
+ findings.push({
157
+ checkId: "gateway.real_ip_fallback_enabled",
158
+ severity: exposed ? "critical" : "warn",
159
+ title: "X-Real-IP fallback is enabled",
160
+ detail: "gateway.allowRealIpFallback=true trusts X-Real-IP when trusted proxies omit X-Forwarded-For. Misconfigured proxies that forward client-supplied X-Real-IP can spoof source IP and local-client checks.",
161
+ remediation: "Keep gateway.allowRealIpFallback=false (default). Only enable this when your trusted proxy always overwrites X-Real-IP and cannot provide X-Forwarded-For."
162
+ });
163
+ }
164
+ if (mdnsMode === "full") {
165
+ const exposed = bind !== "loopback";
166
+ findings.push({
167
+ checkId: "discovery.mdns_full_mode",
168
+ severity: exposed ? "critical" : "warn",
169
+ title: "mDNS full mode can leak host metadata",
170
+ detail: "discovery.mdns.mode=\"full\" publishes cliPath/sshPort in local-network TXT records. This can reveal usernames, filesystem layout, and management ports.",
171
+ remediation: "Prefer discovery.mdns.mode=\"minimal\" (recommended) or \"off\", especially when gateway.bind is not loopback."
172
+ });
173
+ }
174
+ if (tailscaleMode === "funnel") findings.push({
175
+ checkId: "gateway.tailscale_funnel",
176
+ severity: "critical",
177
+ title: "Tailscale Funnel exposure enabled",
178
+ detail: `gateway.tailscale.mode="funnel" exposes the Gateway publicly; keep auth strict and treat it as internet-facing.`,
179
+ remediation: `Prefer tailscale.mode="serve" (tailnet-only) or set tailscale.mode="off".`
180
+ });
181
+ else if (tailscaleMode === "serve") findings.push({
182
+ checkId: "gateway.tailscale_serve",
183
+ severity: "info",
184
+ title: "Tailscale Serve exposure enabled",
185
+ detail: `gateway.tailscale.mode="serve" exposes the Gateway to your tailnet (loopback behind Tailscale).`
186
+ });
187
+ if (cfg.gateway?.controlUi?.allowInsecureAuth === true) findings.push({
188
+ checkId: "gateway.control_ui.insecure_auth",
189
+ severity: "warn",
190
+ title: "Control UI insecure auth toggle enabled",
191
+ detail: "gateway.controlUi.allowInsecureAuth=true does not bypass secure context or device identity checks; only dangerouslyDisableDeviceAuth disables Control UI device identity checks.",
192
+ remediation: "Disable it or switch to HTTPS (Tailscale Serve) or localhost."
193
+ });
194
+ if (cfg.gateway?.controlUi?.dangerouslyDisableDeviceAuth === true) findings.push({
195
+ checkId: "gateway.control_ui.device_auth_disabled",
196
+ severity: "critical",
197
+ title: "DANGEROUS: Control UI device auth disabled",
198
+ detail: "gateway.controlUi.dangerouslyDisableDeviceAuth=true disables device identity checks for the Control UI.",
199
+ remediation: "Disable it unless you are in a short-lived break-glass scenario."
200
+ });
201
+ const enabledDangerousFlags = (options.collectDangerousConfigFlags ?? collectCoreInsecureOrDangerousFlags)(cfg);
202
+ if (enabledDangerousFlags.length > 0) findings.push({
203
+ checkId: "config.insecure_or_dangerous_flags",
204
+ severity: "warn",
205
+ title: "Insecure or dangerous config flags enabled",
206
+ detail: `Detected ${enabledDangerousFlags.length} enabled flag(s): ${enabledDangerousFlags.join(", ")}.`,
207
+ remediation: "Disable these flags when not actively debugging, or keep deployment scoped to trusted/local-only networks."
208
+ });
209
+ const token = typeof auth.token === "string" && auth.token.trim().length > 0 ? auth.token.trim() : null;
210
+ if (auth.mode === "token" && token && token.length < 24) findings.push({
211
+ checkId: "gateway.token_too_short",
212
+ severity: "warn",
213
+ title: "Gateway token looks short",
214
+ detail: `gateway auth token is ${token.length} chars; prefer a long random token.`
215
+ });
216
+ if (auth.mode === "trusted-proxy") {
217
+ const trustedProxies = cfg.gateway?.trustedProxies ?? [];
218
+ const trustedProxyConfig = cfg.gateway?.auth?.trustedProxy;
219
+ findings.push({
220
+ checkId: "gateway.trusted_proxy_auth",
221
+ severity: "critical",
222
+ title: "Trusted-proxy auth mode enabled",
223
+ detail: "gateway.auth.mode=\"trusted-proxy\" delegates authentication to a reverse proxy. Ensure your proxy (Pomerium, Caddy, nginx) handles auth correctly and that gateway.trustedProxies only contains IPs of your actual proxy servers.",
224
+ remediation: "Verify: (1) Your proxy terminates TLS and authenticates users. (2) gateway.trustedProxies is restricted to proxy IPs only. (3) Direct access to the Gateway port is blocked by firewall. See /gateway/trusted-proxy-auth for setup guidance."
225
+ });
226
+ if (trustedProxies.length === 0) findings.push({
227
+ checkId: "gateway.trusted_proxy_no_proxies",
228
+ severity: "critical",
229
+ title: "Trusted-proxy auth enabled but no trusted proxies configured",
230
+ detail: "gateway.auth.mode=\"trusted-proxy\" but gateway.trustedProxies is empty. All requests will be rejected.",
231
+ remediation: "Set gateway.trustedProxies to the IP(s) of your reverse proxy."
232
+ });
233
+ if (!trustedProxyConfig?.userHeader) findings.push({
234
+ checkId: "gateway.trusted_proxy_no_user_header",
235
+ severity: "critical",
236
+ title: "Trusted-proxy auth missing userHeader config",
237
+ detail: "gateway.auth.mode=\"trusted-proxy\" but gateway.auth.trustedProxy.userHeader is not configured.",
238
+ remediation: "Set gateway.auth.trustedProxy.userHeader to the header name your proxy uses (e.g., \"x-forwarded-user\", \"x-pomerium-claim-email\")."
239
+ });
240
+ if ((trustedProxyConfig?.allowUsers ?? []).length === 0) findings.push({
241
+ checkId: "gateway.trusted_proxy_no_allowlist",
242
+ severity: "warn",
243
+ title: "Trusted-proxy auth allows all authenticated users",
244
+ detail: "gateway.auth.trustedProxy.allowUsers is empty, so any user authenticated by your proxy can access the Gateway.",
245
+ remediation: "Consider setting gateway.auth.trustedProxy.allowUsers to restrict access to specific users (e.g., [\"nick@example.com\"])."
246
+ });
247
+ }
248
+ if (bind !== "loopback" && auth.mode !== "trusted-proxy" && !cfg.gateway?.auth?.rateLimit) findings.push({
249
+ checkId: "gateway.auth_no_rate_limit",
250
+ severity: "warn",
251
+ title: "No auth rate limiting configured",
252
+ detail: "gateway.bind is not loopback but no gateway.auth.rateLimit is configured. Without rate limiting, brute-force auth attacks are not mitigated.",
253
+ remediation: "Set gateway.auth.rateLimit (e.g. { maxAttempts: 10, windowMs: 60000, lockoutMs: 300000 })."
254
+ });
255
+ return findings;
256
+ }
257
+ function isStrictLoopbackTrustedProxyEntry(entry) {
258
+ const candidate = entry.trim();
259
+ if (!candidate) return false;
260
+ if (!candidate.includes("/")) return candidate === "127.0.0.1" || candidate.toLowerCase() === "::1";
261
+ const [rawIp, rawPrefix] = candidate.split("/", 2);
262
+ if (!rawIp || !rawPrefix) return false;
263
+ const ipVersion = isIP(rawIp.trim());
264
+ const prefix = Number.parseInt(rawPrefix.trim(), 10);
265
+ if (!Number.isInteger(prefix)) return false;
266
+ if (ipVersion === 4) return rawIp.trim() === "127.0.0.1" && prefix === 32;
267
+ if (ipVersion === 6) return prefix === 128 && normalizeLowercaseStringOrEmpty(rawIp) === "::1";
268
+ return false;
269
+ }
270
+ //#endregion
271
+ //#region src/security/audit.ts
272
+ let channelPluginsModulePromise;
273
+ let auditNonDeepModulePromise;
274
+ let auditChannelModulePromise;
275
+ let pluginRegistryLoaderModulePromise;
276
+ let pluginMetadataRegistryLoaderModulePromise;
277
+ let pluginAutoEnableModulePromise;
278
+ let channelPluginIdsModulePromise;
279
+ let pluginRuntimeModulePromise;
280
+ let gatewayProbeDepsPromise;
281
+ async function loadChannelPlugins() {
282
+ channelPluginsModulePromise ??= import("./plugins-B7TKDMOk.js");
283
+ return await channelPluginsModulePromise;
284
+ }
285
+ async function loadAuditNonDeepModule() {
286
+ auditNonDeepModulePromise ??= import("./audit.nondeep.runtime-nu5XTu7N.js");
287
+ return await auditNonDeepModulePromise;
288
+ }
289
+ async function loadAuditChannelModule() {
290
+ auditChannelModulePromise ??= import("./audit-channel.collect.runtime-BAKyzn52.js");
291
+ return await auditChannelModulePromise;
292
+ }
293
+ async function loadPluginRegistryLoaderModule() {
294
+ pluginRegistryLoaderModulePromise ??= import("./runtime-registry-loader-DHX02F_x.js");
295
+ return await pluginRegistryLoaderModulePromise;
296
+ }
297
+ async function loadPluginMetadataRegistryLoaderModule() {
298
+ pluginMetadataRegistryLoaderModulePromise ??= import("./metadata-registry-loader-DoROdqpX.js");
299
+ return await pluginMetadataRegistryLoaderModulePromise;
300
+ }
301
+ async function loadPluginAutoEnableModule() {
302
+ pluginAutoEnableModulePromise ??= import("./plugin-auto-enable-DCg4los-.js");
303
+ return await pluginAutoEnableModulePromise;
304
+ }
305
+ async function loadChannelPluginIdsModule() {
306
+ channelPluginIdsModulePromise ??= import("./channel-plugin-ids-Cn9RIujJ.js");
307
+ return await channelPluginIdsModulePromise;
308
+ }
309
+ async function loadPluginRuntimeModule() {
310
+ pluginRuntimeModulePromise ??= import("./runtime-C8eBcrXm.js");
311
+ return await pluginRuntimeModulePromise;
312
+ }
313
+ async function loadGatewayProbeDeps() {
314
+ gatewayProbeDepsPromise ??= Promise.all([
315
+ import("./call-BxIEVH5N.js"),
316
+ import("./probe-auth-e_Wg1enf.js"),
317
+ import("./probe-DlY3dg7v.js")
318
+ ]).then(([callModule, probeAuthModule, probeModule]) => ({
319
+ buildGatewayConnectionDetails: callModule.buildGatewayConnectionDetails,
320
+ resolveGatewayProbeAuthSafe: probeAuthModule.resolveGatewayProbeAuthSafe,
321
+ resolveGatewayProbeTarget: probeAuthModule.resolveGatewayProbeTarget,
322
+ probeGateway: probeModule.probeGateway
323
+ }));
324
+ return await gatewayProbeDepsPromise;
325
+ }
326
+ function countBySeverity(findings) {
327
+ let critical = 0;
328
+ let warn = 0;
329
+ let info = 0;
330
+ for (const f of findings) if (f.severity === "critical") critical += 1;
331
+ else if (f.severity === "warn") warn += 1;
332
+ else info += 1;
333
+ return {
334
+ critical,
335
+ warn,
336
+ info
337
+ };
338
+ }
339
+ function normalizeAllowFromList(list) {
340
+ if (!Array.isArray(list)) return [];
341
+ return list.map((v) => String(v).trim()).filter(Boolean);
342
+ }
343
+ async function collectFilesystemFindings(params) {
344
+ const findings = [];
345
+ const stateDirPerms = await inspectPathPermissions(params.stateDir, {
346
+ env: params.env,
347
+ platform: params.platform,
348
+ exec: params.execIcacls
349
+ });
350
+ if (stateDirPerms.ok) {
351
+ if (stateDirPerms.isSymlink) findings.push({
352
+ checkId: "fs.state_dir.symlink",
353
+ severity: "warn",
354
+ title: "State dir is a symlink",
355
+ detail: `${params.stateDir} is a symlink; treat this as an extra trust boundary.`
356
+ });
357
+ if (stateDirPerms.worldWritable) findings.push({
358
+ checkId: "fs.state_dir.perms_world_writable",
359
+ severity: "critical",
360
+ title: "State dir is world-writable",
361
+ detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; other users can write into your Genesis state.`,
362
+ remediation: formatPermissionRemediation({
363
+ targetPath: params.stateDir,
364
+ perms: stateDirPerms,
365
+ isDir: true,
366
+ posixMode: 448,
367
+ env: params.env
368
+ })
369
+ });
370
+ else if (stateDirPerms.groupWritable) findings.push({
371
+ checkId: "fs.state_dir.perms_group_writable",
372
+ severity: "warn",
373
+ title: "State dir is group-writable",
374
+ detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; group users can write into your Genesis state.`,
375
+ remediation: formatPermissionRemediation({
376
+ targetPath: params.stateDir,
377
+ perms: stateDirPerms,
378
+ isDir: true,
379
+ posixMode: 448,
380
+ env: params.env
381
+ })
382
+ });
383
+ else if (stateDirPerms.groupReadable || stateDirPerms.worldReadable) findings.push({
384
+ checkId: "fs.state_dir.perms_readable",
385
+ severity: "warn",
386
+ title: "State dir is readable by others",
387
+ detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; consider restricting to 700.`,
388
+ remediation: formatPermissionRemediation({
389
+ targetPath: params.stateDir,
390
+ perms: stateDirPerms,
391
+ isDir: true,
392
+ posixMode: 448,
393
+ env: params.env
394
+ })
395
+ });
396
+ }
397
+ const configPerms = await inspectPathPermissions(params.configPath, {
398
+ env: params.env,
399
+ platform: params.platform,
400
+ exec: params.execIcacls
401
+ });
402
+ if (configPerms.ok) {
403
+ const skipReadablePermWarnings = configPerms.isSymlink;
404
+ if (configPerms.isSymlink) findings.push({
405
+ checkId: "fs.config.symlink",
406
+ severity: "warn",
407
+ title: "Config file is a symlink",
408
+ detail: `${params.configPath} is a symlink; make sure you trust its target.`
409
+ });
410
+ if (configPerms.worldWritable || configPerms.groupWritable) findings.push({
411
+ checkId: "fs.config.perms_writable",
412
+ severity: "critical",
413
+ title: "Config file is writable by others",
414
+ detail: `${formatPermissionDetail(params.configPath, configPerms)}; another user could change gateway/auth/tool policies.`,
415
+ remediation: formatPermissionRemediation({
416
+ targetPath: params.configPath,
417
+ perms: configPerms,
418
+ isDir: false,
419
+ posixMode: 384,
420
+ env: params.env
421
+ })
422
+ });
423
+ else if (!skipReadablePermWarnings && configPerms.worldReadable) findings.push({
424
+ checkId: "fs.config.perms_world_readable",
425
+ severity: "critical",
426
+ title: "Config file is world-readable",
427
+ detail: `${formatPermissionDetail(params.configPath, configPerms)}; config can contain tokens and private settings.`,
428
+ remediation: formatPermissionRemediation({
429
+ targetPath: params.configPath,
430
+ perms: configPerms,
431
+ isDir: false,
432
+ posixMode: 384,
433
+ env: params.env
434
+ })
435
+ });
436
+ else if (!skipReadablePermWarnings && configPerms.groupReadable) findings.push({
437
+ checkId: "fs.config.perms_group_readable",
438
+ severity: "warn",
439
+ title: "Config file is group-readable",
440
+ detail: `${formatPermissionDetail(params.configPath, configPerms)}; config can contain tokens and private settings.`,
441
+ remediation: formatPermissionRemediation({
442
+ targetPath: params.configPath,
443
+ perms: configPerms,
444
+ isDir: false,
445
+ posixMode: 384,
446
+ env: params.env
447
+ })
448
+ });
449
+ }
450
+ return findings;
451
+ }
452
+ function collectGatewayConfigFindings(cfg, sourceConfig, env) {
453
+ return collectGatewayConfigFindings$1(cfg, sourceConfig, env, { collectDangerousConfigFlags: collectEnabledInsecureOrDangerousFlags });
454
+ }
455
+ async function collectPluginSecurityAuditFindings(context) {
456
+ const { getActivePluginRegistry } = await loadPluginRuntimeModule();
457
+ let collectors = getActivePluginRegistry()?.securityAuditCollectors ?? [];
458
+ if (collectors.length === 0) {
459
+ const { applyPluginAutoEnable } = await loadPluginAutoEnableModule();
460
+ const autoEnabled = applyPluginAutoEnable({
461
+ config: context.sourceConfig,
462
+ env: context.env
463
+ });
464
+ const requestedPluginIds = /* @__PURE__ */ new Set();
465
+ for (const pluginId of Object.keys(autoEnabled.autoEnabledReasons)) {
466
+ const normalized = pluginId.trim();
467
+ if (normalized) requestedPluginIds.add(normalized);
468
+ }
469
+ for (const pluginId of autoEnabled.config.plugins?.allow ?? []) {
470
+ if (typeof pluginId !== "string") continue;
471
+ const normalized = pluginId.trim();
472
+ if (normalized) requestedPluginIds.add(normalized);
473
+ }
474
+ for (const [pluginId, entry] of Object.entries(autoEnabled.config.plugins?.entries ?? {})) {
475
+ if (entry?.enabled === false) continue;
476
+ const normalized = pluginId.trim();
477
+ if (normalized) requestedPluginIds.add(normalized);
478
+ }
479
+ if (context.includeChannelSecurity && context.plugins !== void 0) {
480
+ const { resolveConfiguredChannelPluginIds } = await loadChannelPluginIdsModule();
481
+ const auditedChannelPluginIds = new Set(context.plugins.map((plugin) => plugin.id));
482
+ for (const pluginId of resolveConfiguredChannelPluginIds({
483
+ config: autoEnabled.config,
484
+ activationSourceConfig: context.sourceConfig,
485
+ workspaceDir: context.workspaceDir,
486
+ env: context.env
487
+ })) if (auditedChannelPluginIds.has(pluginId)) requestedPluginIds.delete(pluginId);
488
+ }
489
+ if (requestedPluginIds.size === 0) return [];
490
+ collectors = (await loadPluginMetadataRegistryLoaderModule()).loadPluginMetadataRegistrySnapshot({
491
+ config: autoEnabled.config,
492
+ activationSourceConfig: context.sourceConfig,
493
+ env: context.env,
494
+ workspaceDir: context.workspaceDir,
495
+ onlyPluginIds: [...requestedPluginIds]
496
+ }).securityAuditCollectors ?? [];
497
+ }
498
+ return (await Promise.all(collectors.map(async (entry) => {
499
+ try {
500
+ return await entry.collector({
501
+ config: context.cfg,
502
+ sourceConfig: context.sourceConfig,
503
+ env: context.env,
504
+ stateDir: context.stateDir,
505
+ configPath: context.configPath
506
+ });
507
+ } catch (err) {
508
+ return [{
509
+ checkId: `plugins.${entry.pluginId}.security_audit_failed`,
510
+ severity: "warn",
511
+ title: "Plugin security audit collector failed",
512
+ detail: `${entry.pluginId}: ${String(err)}`
513
+ }];
514
+ }
515
+ }))).flat();
516
+ }
517
+ function collectLoggingFindings(cfg) {
518
+ if (cfg.logging?.redactSensitive !== "off") return [];
519
+ return [{
520
+ checkId: "logging.redact_off",
521
+ severity: "warn",
522
+ title: "Tool summary redaction is disabled",
523
+ detail: `logging.redactSensitive="off" can leak secrets into logs and status output.`,
524
+ remediation: `Set logging.redactSensitive="tools".`
525
+ }];
526
+ }
527
+ function collectElevatedFindings(cfg) {
528
+ const findings = [];
529
+ const enabled = cfg.tools?.elevated?.enabled;
530
+ const allowFrom = cfg.tools?.elevated?.allowFrom ?? {};
531
+ const anyAllowFromKeys = Object.keys(allowFrom).length > 0;
532
+ if (enabled === false) return findings;
533
+ if (!anyAllowFromKeys) return findings;
534
+ for (const [provider, list] of Object.entries(allowFrom)) {
535
+ const normalized = normalizeAllowFromList(list);
536
+ if (normalized.includes("*")) findings.push({
537
+ checkId: `tools.elevated.allowFrom.${provider}.wildcard`,
538
+ severity: "critical",
539
+ title: "Elevated exec allowlist contains wildcard",
540
+ detail: `tools.elevated.allowFrom.${provider} includes "*" which effectively approves everyone on that channel for elevated mode.`
541
+ });
542
+ else if (normalized.length > 25) findings.push({
543
+ checkId: `tools.elevated.allowFrom.${provider}.large`,
544
+ severity: "warn",
545
+ title: "Elevated exec allowlist is large",
546
+ detail: `tools.elevated.allowFrom.${provider} has ${normalized.length} entries; consider tightening elevated access.`
547
+ });
548
+ }
549
+ return findings;
550
+ }
551
+ function collectExecRuntimeFindings(cfg) {
552
+ const findings = [];
553
+ const globalExecHost = cfg.tools?.exec?.host;
554
+ const globalStrictInlineEval = cfg.tools?.exec?.strictInlineEval === true;
555
+ const defaultSandboxMode = resolveSandboxConfigForAgent(cfg).mode;
556
+ const defaultHostIsExplicitSandbox = globalExecHost === "sandbox";
557
+ const approvals = loadExecApprovals();
558
+ if (defaultHostIsExplicitSandbox && defaultSandboxMode === "off") findings.push({
559
+ checkId: "tools.exec.host_sandbox_no_sandbox_defaults",
560
+ severity: "warn",
561
+ title: "Exec host is sandbox but sandbox mode is off",
562
+ detail: "tools.exec.host is explicitly set to sandbox while agents.defaults.sandbox.mode=off. In this mode, exec fails closed because no sandbox runtime is available.",
563
+ remediation: "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) or set tools.exec.host to \"gateway\" with approvals."
564
+ });
565
+ const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
566
+ const riskyAgents = agents.filter((entry) => entry && typeof entry === "object" && typeof entry.id === "string" && entry.tools?.exec?.host === "sandbox" && resolveSandboxConfigForAgent(cfg, entry.id).mode === "off").map((entry) => entry.id).slice(0, 5);
567
+ if (riskyAgents.length > 0) findings.push({
568
+ checkId: "tools.exec.host_sandbox_no_sandbox_agents",
569
+ severity: "warn",
570
+ title: "Agent exec host uses sandbox while sandbox mode is off",
571
+ detail: `agents.list.*.tools.exec.host is set to sandbox for: ${riskyAgents.join(", ")}. With sandbox mode off, exec fails closed for those agents.`,
572
+ remediation: "Enable sandbox mode for these agents (`agents.list[].sandbox.mode`) or set their tools.exec.host to \"gateway\"."
573
+ });
574
+ const effectiveExecScopes = Array.from(new Map([{
575
+ id: DEFAULT_AGENT_ID,
576
+ security: cfg.tools?.exec?.security ?? "deny",
577
+ host: cfg.tools?.exec?.host ?? "auto"
578
+ }, ...agents.filter((entry) => Boolean(entry) && typeof entry === "object" && typeof entry.id === "string").map((entry) => ({
579
+ id: entry.id,
580
+ security: entry.tools?.exec?.security ?? cfg.tools?.exec?.security ?? "deny",
581
+ host: entry.tools?.exec?.host ?? cfg.tools?.exec?.host ?? "auto"
582
+ }))].map((entry) => [entry.id, entry])).values());
583
+ const fullExecScopes = effectiveExecScopes.filter((entry) => entry.security === "full");
584
+ const execEnabledScopes = effectiveExecScopes.filter((entry) => entry.security !== "deny");
585
+ const openExecSurfacePaths = collectOpenExecSurfacePaths(cfg);
586
+ if (fullExecScopes.length > 0) findings.push({
587
+ checkId: "tools.exec.security_full_configured",
588
+ severity: openExecSurfacePaths.length > 0 ? "critical" : "warn",
589
+ title: "Exec security=full is configured",
590
+ detail: `Full exec trust is enabled for: ${fullExecScopes.map((entry) => entry.id).join(", ")}.` + (openExecSurfacePaths.length > 0 ? ` Open channel access was also detected at:\n${openExecSurfacePaths.map((entry) => `- ${entry}`).join("\n")}` : ""),
591
+ remediation: "Prefer tools.exec.security=\"allowlist\" with ask prompts, and reserve \"full\" for tightly scoped break-glass agents only."
592
+ });
593
+ if (openExecSurfacePaths.length > 0 && execEnabledScopes.length > 0) findings.push({
594
+ checkId: "security.exposure.open_channels_with_exec",
595
+ severity: fullExecScopes.length > 0 ? "critical" : "warn",
596
+ title: "Open channels can reach exec-enabled agents",
597
+ detail: `Open DM/group access detected at:\n${openExecSurfacePaths.map((entry) => `- ${entry}`).join("\n")}\nExec-enabled scopes:\n${execEnabledScopes.map((entry) => `- ${entry.id}: security=${entry.security}, host=${entry.host}`).join("\n")}`,
598
+ remediation: "Tighten dmPolicy/groupPolicy to pairing or allowlist, or disable exec for agents reachable from shared/public channels."
599
+ });
600
+ const autoAllowSkillsHits = collectAutoAllowSkillsHits(approvals);
601
+ if (autoAllowSkillsHits.length > 0) findings.push({
602
+ checkId: "tools.exec.auto_allow_skills_enabled",
603
+ severity: "warn",
604
+ title: "autoAllowSkills is enabled for exec approvals",
605
+ detail: `Implicit skill-bin allowlisting is enabled at:\n${autoAllowSkillsHits.map((entry) => `- ${entry}`).join("\n")}\nThis widens host exec trust beyond explicit manual allowlist entries.`,
606
+ remediation: "Disable autoAllowSkills in exec approvals and keep manual allowlists tight when you need explicit host-exec trust."
607
+ });
608
+ const interpreterAllowlistHits = collectInterpreterAllowlistHits({
609
+ approvals,
610
+ strictInlineEvalForAgentId: (agentId) => {
611
+ if (!agentId || agentId === "*" || agentId === "main") return globalStrictInlineEval;
612
+ return agents.find((entry) => entry?.id === agentId)?.tools?.exec?.strictInlineEval === true || globalStrictInlineEval;
613
+ }
614
+ });
615
+ if (interpreterAllowlistHits.length > 0) findings.push({
616
+ checkId: "tools.exec.allowlist_interpreter_without_strict_inline_eval",
617
+ severity: "warn",
618
+ title: "Interpreter allowlist entries are missing strictInlineEval hardening",
619
+ detail: `Interpreter/runtime allowlist entries were found without strictInlineEval enabled:\n${interpreterAllowlistHits.map((entry) => `- ${entry}`).join("\n")}`,
620
+ remediation: "Set tools.exec.strictInlineEval=true (or per-agent tools.exec.strictInlineEval=true) when allowlisting interpreters like python, node, ruby, perl, php, lua, or osascript."
621
+ });
622
+ const normalizeConfiguredSafeBins = (entries) => {
623
+ if (!Array.isArray(entries)) return [];
624
+ return Array.from(new Set(entries.map((entry) => normalizeOptionalLowercaseString(entry) ?? "").filter((entry) => entry.length > 0))).toSorted();
625
+ };
626
+ const normalizeConfiguredTrustedDirs = (entries) => {
627
+ if (!Array.isArray(entries)) return [];
628
+ return normalizeTrustedSafeBinDirs(entries.filter((entry) => typeof entry === "string"));
629
+ };
630
+ const classifyRiskySafeBinTrustedDir = (entry) => {
631
+ const raw = entry.trim();
632
+ if (!raw) return null;
633
+ if (!path.isAbsolute(raw)) return "relative path (trust boundary depends on process cwd)";
634
+ const normalized = path.resolve(raw).replace(/\\/g, "/").toLowerCase();
635
+ if (normalized === "/tmp" || normalized.startsWith("/tmp/") || normalized === "/var/tmp" || normalized.startsWith("/var/tmp/") || normalized === "/private/tmp" || normalized.startsWith("/private/tmp/")) return "temporary directory is mutable and easy to poison";
636
+ if (normalized === "/usr/local/bin" || normalized === "/opt/homebrew/bin" || normalized === "/opt/local/bin" || normalized === "/home/linuxbrew/.linuxbrew/bin") return "package-manager bin directory (often user-writable)";
637
+ if (normalized.startsWith("/users/") || normalized.startsWith("/home/") || normalized.includes("/.local/bin")) return "home-scoped bin directory (typically user-writable)";
638
+ if (/^[a-z]:\/users\//.test(normalized)) return "home-scoped bin directory (typically user-writable)";
639
+ return null;
640
+ };
641
+ const globalExec = cfg.tools?.exec;
642
+ const riskyTrustedDirHits = [];
643
+ const collectRiskyTrustedDirHits = (scopePath, entries) => {
644
+ for (const entry of normalizeConfiguredTrustedDirs(entries)) {
645
+ const reason = classifyRiskySafeBinTrustedDir(entry);
646
+ if (!reason) continue;
647
+ riskyTrustedDirHits.push(`- ${scopePath}.safeBinTrustedDirs: ${entry} (${reason})`);
648
+ }
649
+ };
650
+ collectRiskyTrustedDirHits("tools.exec", globalExec?.safeBinTrustedDirs);
651
+ for (const entry of agents) {
652
+ if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
653
+ collectRiskyTrustedDirHits(`agents.list.${entry.id}.tools.exec`, entry.tools?.exec?.safeBinTrustedDirs);
654
+ }
655
+ const interpreterHits = [];
656
+ const riskySemanticSafeBinHits = [];
657
+ const globalSafeBins = normalizeConfiguredSafeBins(globalExec?.safeBins);
658
+ if (globalSafeBins.length > 0) {
659
+ const merged = resolveMergedSafeBinProfileFixtures({ global: globalExec }) ?? {};
660
+ const interpreters = listInterpreterLikeSafeBins(globalSafeBins).filter((bin) => !merged[bin]);
661
+ if (interpreters.length > 0) interpreterHits.push(`- tools.exec.safeBins: ${interpreters.join(", ")}`);
662
+ for (const hit of listRiskyConfiguredSafeBins(globalSafeBins)) riskySemanticSafeBinHits.push(`- tools.exec.safeBins: ${hit.bin} (${hit.warning})`);
663
+ }
664
+ for (const entry of agents) {
665
+ if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
666
+ const agentExec = entry.tools?.exec;
667
+ const agentSafeBins = normalizeConfiguredSafeBins(agentExec?.safeBins);
668
+ if (agentSafeBins.length === 0) continue;
669
+ const merged = resolveMergedSafeBinProfileFixtures({
670
+ global: globalExec,
671
+ local: agentExec
672
+ }) ?? {};
673
+ const interpreters = listInterpreterLikeSafeBins(agentSafeBins).filter((bin) => !merged[bin]);
674
+ if (interpreters.length === 0) {
675
+ for (const hit of listRiskyConfiguredSafeBins(agentSafeBins)) riskySemanticSafeBinHits.push(`- agents.list.${entry.id}.tools.exec.safeBins: ${hit.bin} (${hit.warning})`);
676
+ continue;
677
+ }
678
+ interpreterHits.push(`- agents.list.${entry.id}.tools.exec.safeBins: ${interpreters.join(", ")}`);
679
+ for (const hit of listRiskyConfiguredSafeBins(agentSafeBins)) riskySemanticSafeBinHits.push(`- agents.list.${entry.id}.tools.exec.safeBins: ${hit.bin} (${hit.warning})`);
680
+ }
681
+ if (interpreterHits.length > 0) findings.push({
682
+ checkId: "tools.exec.safe_bins_interpreter_unprofiled",
683
+ severity: "warn",
684
+ title: "safeBins includes interpreter/runtime binaries without explicit profiles",
685
+ detail: `Detected interpreter-like safeBins entries missing explicit profiles:\n${interpreterHits.join("\n")}\nThese entries can turn safeBins into a broad execution surface when used with permissive argv profiles.`,
686
+ remediation: "Remove interpreter/runtime bins from safeBins (prefer allowlist entries) or define hardened tools.exec.safeBinProfiles.<bin> rules."
687
+ });
688
+ if (riskySemanticSafeBinHits.length > 0) findings.push({
689
+ checkId: "tools.exec.safe_bins_broad_behavior",
690
+ severity: "warn",
691
+ title: "safeBins includes binaries with broader semantics than low-risk stream filters",
692
+ detail: `Detected risky safeBins entries:\n${riskySemanticSafeBinHits.join("\n")}\nThese tools expose semantics that do not fit the low-risk stdin-filter fast path.`,
693
+ remediation: "Remove these binaries from safeBins and prefer explicit allowlist entries or approval-gated execution."
694
+ });
695
+ if (riskyTrustedDirHits.length > 0) findings.push({
696
+ checkId: "tools.exec.safe_bin_trusted_dirs_risky",
697
+ severity: "warn",
698
+ title: "safeBinTrustedDirs includes risky mutable directories",
699
+ detail: `Detected risky safeBinTrustedDirs entries:\n${riskyTrustedDirHits.slice(0, 10).join("\n")}` + (riskyTrustedDirHits.length > 10 ? `\n- +${riskyTrustedDirHits.length - 10} more entries.` : ""),
700
+ remediation: "Prefer root-owned immutable bins, keep default trust dirs (/bin, /usr/bin), and avoid trusting temporary/home/package-manager paths unless tightly controlled."
701
+ });
702
+ return findings;
703
+ }
704
+ function collectOpenExecSurfacePaths(cfg) {
705
+ const channels = asNullableRecord(cfg.channels);
706
+ if (!channels) return [];
707
+ const hits = /* @__PURE__ */ new Set();
708
+ const seen = /* @__PURE__ */ new WeakSet();
709
+ const visit = (value, scope) => {
710
+ const record = asNullableRecord(value);
711
+ if (!record || seen.has(record)) return;
712
+ seen.add(record);
713
+ if (record.groupPolicy === "open") hits.add(`${scope}.groupPolicy`);
714
+ if (record.dmPolicy === "open") hits.add(`${scope}.dmPolicy`);
715
+ for (const [key, nested] of Object.entries(record)) {
716
+ if (key === "groups" || key === "accounts" || key === "dms") {
717
+ visit(nested, `${scope}.${key}`);
718
+ continue;
719
+ }
720
+ if (asNullableRecord(nested)) visit(nested, `${scope}.${key}`);
721
+ }
722
+ };
723
+ for (const [channelId, channelValue] of Object.entries(channels)) visit(channelValue, `channels.${channelId}`);
724
+ return Array.from(hits).toSorted();
725
+ }
726
+ function collectAutoAllowSkillsHits(approvals) {
727
+ const hits = [];
728
+ if (approvals.defaults?.autoAllowSkills === true) hits.push("defaults.autoAllowSkills");
729
+ for (const [agentId, agent] of Object.entries(approvals.agents ?? {})) if (agent?.autoAllowSkills === true) hits.push(`agents.${agentId}.autoAllowSkills`);
730
+ return hits;
731
+ }
732
+ function collectInterpreterAllowlistHits(params) {
733
+ const hits = [];
734
+ for (const [agentId, agent] of Object.entries(params.approvals.agents ?? {})) {
735
+ if (!agent || params.strictInlineEvalForAgentId(agentId)) continue;
736
+ for (const entry of agent.allowlist ?? []) {
737
+ if (!isInterpreterLikeAllowlistPattern(entry.pattern)) continue;
738
+ hits.push(`agents.${agentId}.allowlist: ${entry.pattern}`);
739
+ }
740
+ }
741
+ return hits;
742
+ }
743
+ async function maybeProbeGateway(params) {
744
+ const { buildGatewayConnectionDetails, resolveGatewayProbeAuthSafe, resolveGatewayProbeTarget } = await loadGatewayProbeDeps();
745
+ const url = buildGatewayConnectionDetails({ config: params.cfg }).url;
746
+ const probeTarget = resolveGatewayProbeTarget(params.cfg);
747
+ const authResolution = resolveGatewayProbeAuthSafe({
748
+ cfg: params.cfg,
749
+ env: params.env,
750
+ mode: probeTarget.mode,
751
+ explicitAuth: params.explicitAuth
752
+ });
753
+ const res = await params.probe({
754
+ url,
755
+ auth: authResolution.auth,
756
+ timeoutMs: params.timeoutMs
757
+ }).catch((err) => ({
758
+ ok: false,
759
+ url,
760
+ connectLatencyMs: null,
761
+ error: String(err),
762
+ close: null,
763
+ health: null,
764
+ status: null,
765
+ presence: null,
766
+ configSnapshot: null
767
+ }));
768
+ if (authResolution.warning && !res.ok) res.error = res.error ? `${res.error}; ${authResolution.warning}` : authResolution.warning;
769
+ return {
770
+ deep: { gateway: {
771
+ attempted: true,
772
+ url,
773
+ ok: res.ok,
774
+ error: res.ok ? null : res.error,
775
+ close: res.close ? {
776
+ code: res.close.code,
777
+ reason: res.close.reason
778
+ } : null
779
+ } },
780
+ authWarning: authResolution.warning
781
+ };
782
+ }
783
+ async function createAuditExecutionContext(opts) {
784
+ const cfg = opts.config;
785
+ const sourceConfig = opts.sourceConfig ?? opts.config;
786
+ const env = opts.env ?? process.env;
787
+ const platform = opts.platform ?? process.platform;
788
+ const includeFilesystem = opts.includeFilesystem !== false;
789
+ const includeChannelSecurity = opts.includeChannelSecurity !== false;
790
+ const deep = opts.deep === true;
791
+ const deepTimeoutMs = Math.max(250, opts.deepTimeoutMs ?? 5e3);
792
+ const stateDir = opts.stateDir ?? resolveStateDir(env);
793
+ const configPath = opts.configPath ?? resolveConfigPath(env, stateDir);
794
+ const workspaceDir = opts.workspaceDir ?? resolveAgentWorkspaceDir(cfg, resolveDefaultAgentId(cfg));
795
+ const { readConfigSnapshotForAudit } = await loadAuditNonDeepModule();
796
+ const configSnapshot = includeFilesystem ? opts.configSnapshot !== void 0 ? opts.configSnapshot : await readConfigSnapshotForAudit({
797
+ env,
798
+ configPath
799
+ }).catch(() => null) : null;
800
+ return {
801
+ cfg,
802
+ sourceConfig,
803
+ env,
804
+ platform,
805
+ includeFilesystem,
806
+ includeChannelSecurity,
807
+ deep,
808
+ deepTimeoutMs,
809
+ stateDir,
810
+ configPath,
811
+ execIcacls: opts.execIcacls,
812
+ execDockerRawFn: opts.execDockerRawFn,
813
+ probeGatewayFn: opts.probeGatewayFn,
814
+ plugins: opts.plugins,
815
+ workspaceDir,
816
+ configSnapshot,
817
+ codeSafetySummaryCache: opts.codeSafetySummaryCache ?? /* @__PURE__ */ new Map(),
818
+ deepProbeAuth: opts.deepProbeAuth
819
+ };
820
+ }
821
+ async function runSecurityAudit(opts) {
822
+ const findings = [];
823
+ const context = await createAuditExecutionContext(opts);
824
+ const { cfg, env, platform, stateDir, configPath } = context;
825
+ const auditNonDeep = await loadAuditNonDeepModule();
826
+ findings.push(...auditNonDeep.collectAttackSurfaceSummaryFindings(cfg));
827
+ findings.push(...auditNonDeep.collectSyncedFolderFindings({
828
+ stateDir,
829
+ configPath
830
+ }));
831
+ findings.push(...collectGatewayConfigFindings(cfg, context.sourceConfig, env));
832
+ findings.push(...await collectPluginSecurityAuditFindings(context));
833
+ findings.push(...collectLoggingFindings(cfg));
834
+ findings.push(...collectElevatedFindings(cfg));
835
+ findings.push(...collectExecRuntimeFindings(cfg));
836
+ findings.push(...auditNonDeep.collectHooksHardeningFindings(cfg, env));
837
+ findings.push(...auditNonDeep.collectGatewayHttpNoAuthFindings(cfg, env));
838
+ findings.push(...auditNonDeep.collectGatewayHttpSessionKeyOverrideFindings(cfg));
839
+ findings.push(...auditNonDeep.collectSandboxDockerNoopFindings(cfg));
840
+ findings.push(...auditNonDeep.collectSandboxDangerousConfigFindings(cfg));
841
+ findings.push(...auditNonDeep.collectNodeDenyCommandPatternFindings(cfg));
842
+ findings.push(...auditNonDeep.collectNodeDangerousAllowCommandFindings(cfg));
843
+ findings.push(...auditNonDeep.collectMinimalProfileOverrideFindings(cfg));
844
+ findings.push(...auditNonDeep.collectSecretsInConfigFindings(cfg));
845
+ findings.push(...auditNonDeep.collectModelHygieneFindings(cfg));
846
+ findings.push(...auditNonDeep.collectSmallModelRiskFindings({
847
+ cfg,
848
+ env
849
+ }));
850
+ findings.push(...auditNonDeep.collectExposureMatrixFindings(cfg));
851
+ findings.push(...auditNonDeep.collectLikelyMultiUserSetupFindings(cfg));
852
+ if (context.includeFilesystem) {
853
+ findings.push(...await collectFilesystemFindings({
854
+ stateDir,
855
+ configPath,
856
+ env,
857
+ platform,
858
+ execIcacls: context.execIcacls
859
+ }));
860
+ if (context.configSnapshot) findings.push(...await auditNonDeep.collectIncludeFilePermFindings({
861
+ configSnapshot: context.configSnapshot,
862
+ env,
863
+ platform,
864
+ execIcacls: context.execIcacls
865
+ }));
866
+ findings.push(...await auditNonDeep.collectStateDeepFilesystemFindings({
867
+ cfg,
868
+ env,
869
+ stateDir,
870
+ platform,
871
+ execIcacls: context.execIcacls
872
+ }));
873
+ findings.push(...await auditNonDeep.collectWorkspaceSkillSymlinkEscapeFindings({ cfg }));
874
+ findings.push(...await auditNonDeep.collectSandboxBrowserHashLabelFindings({ execDockerRawFn: context.execDockerRawFn }));
875
+ findings.push(...await auditNonDeep.collectPluginsTrustFindings({
876
+ cfg,
877
+ stateDir
878
+ }));
879
+ findings.push(...await collectDeepCodeSafetyFindings({
880
+ cfg,
881
+ stateDir,
882
+ deep: context.deep,
883
+ summaryCache: context.codeSafetySummaryCache
884
+ }));
885
+ }
886
+ let shouldAuditChannelSecurity = false;
887
+ if (context.includeChannelSecurity) if (context.plugins !== void 0) shouldAuditChannelSecurity = true;
888
+ else {
889
+ const { hasConfiguredChannelsForReadOnlyScope, resolveConfiguredChannelPluginIds } = await loadChannelPluginIdsModule();
890
+ shouldAuditChannelSecurity = hasConfiguredChannelsForReadOnlyScope({
891
+ config: cfg,
892
+ activationSourceConfig: context.sourceConfig,
893
+ workspaceDir: context.workspaceDir,
894
+ env
895
+ }) || resolveConfiguredChannelPluginIds({
896
+ config: cfg,
897
+ activationSourceConfig: context.sourceConfig,
898
+ workspaceDir: context.workspaceDir,
899
+ env
900
+ }).length > 0;
901
+ }
902
+ if (shouldAuditChannelSecurity) {
903
+ if (context.plugins === void 0) (await loadPluginRegistryLoaderModule()).ensurePluginRegistryLoaded({
904
+ scope: "configured-channels",
905
+ config: cfg,
906
+ activationSourceConfig: context.sourceConfig,
907
+ workspaceDir: context.workspaceDir,
908
+ env
909
+ });
910
+ const channelPlugins = context.plugins ?? (await loadChannelPlugins()).listChannelPlugins();
911
+ const { collectChannelSecurityFindings } = await loadAuditChannelModule();
912
+ findings.push(...await collectChannelSecurityFindings({
913
+ cfg,
914
+ sourceConfig: context.sourceConfig,
915
+ plugins: channelPlugins
916
+ }));
917
+ }
918
+ const deepProbeResult = context.deep ? await maybeProbeGateway({
919
+ cfg,
920
+ env,
921
+ timeoutMs: context.deepTimeoutMs,
922
+ probe: context.probeGatewayFn ?? (await loadGatewayProbeDeps()).probeGateway,
923
+ explicitAuth: context.deepProbeAuth
924
+ }) : void 0;
925
+ const deep = deepProbeResult?.deep;
926
+ findings.push(...collectDeepProbeFindings({
927
+ deep,
928
+ authWarning: deepProbeResult?.authWarning
929
+ }));
930
+ const summary = countBySeverity(findings);
931
+ return {
932
+ ts: Date.now(),
933
+ summary,
934
+ findings,
935
+ deep
936
+ };
937
+ }
938
+ //#endregion
939
+ export { runSecurityAudit as t };