@pixelzx/genesis 2026.6.28 → 2026.7.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/dist/.buildstamp +1 -1
- package/dist/abort-cutoff.runtime-Cfv6I4gf.js +20 -0
- package/dist/abort-cutoff.runtime.js +1 -1
- package/dist/abort-xF_zj8_u.js +201 -0
- package/dist/abort.runtime-JUukGuW3.js +2 -0
- package/dist/abort.runtime.js +1 -1
- package/dist/accounts-C0jW92It.js +104 -0
- package/dist/accounts-C2ZexWg6.js +107 -0
- package/dist/accounts-tEPx6Fnd.js +2 -0
- package/dist/acp-cli-De2oyz3e.js +2217 -0
- package/dist/acp-spawn-7VB8ie8I.js +1042 -0
- package/dist/acp-spawn-C6VfLE4o.js +2 -0
- package/dist/acp-stateful-target-driver-ctUymwnI.js +89 -0
- package/dist/action-agents-Dy45TQ9X.js +67 -0
- package/dist/action-focus-hzygEAz5.js +132 -0
- package/dist/action-help-D1h2Czko.js +7 -0
- package/dist/action-info-EDBi7fre.js +101 -0
- package/dist/action-kill-CBNgmCsz.js +33 -0
- package/dist/action-list-C6KC8Ulv.js +21 -0
- package/dist/action-log-C0R9AwnB.js +30 -0
- package/dist/action-send-DZw27QoS.js +39 -0
- package/dist/action-spawn-BXEOYBEH.js +47 -0
- package/dist/action-unfocus-DWFUpr-g.js +29 -0
- package/dist/actions.runtime-1HHNbwPa.js +5 -0
- package/dist/actions.runtime-GFSX3jST.js +18 -0
- package/dist/actions.runtime.js +1 -1
- package/dist/agent-CU42dfye.js +2 -0
- package/dist/agent-command-Baehh2jJ.js +874 -0
- package/dist/agent-harness-runtime-Bmln4mlS.js +144 -0
- package/dist/agent-runner-utils-xPwHxFwc.js +239 -0
- package/dist/agent-runner.runtime-BBx0eqAs.js +3443 -0
- package/dist/agent-runner.runtime.js +1 -1
- package/dist/agent-runtime-mKUGZmYk.js +18 -0
- package/dist/agents-C_kp6PcN.js +954 -0
- package/dist/agents-D7-4l9xG.js +5 -0
- package/dist/agents.command-shared-j4Ht1HMt.js +40 -0
- package/dist/aliases-BR-85AbT.js +96 -0
- package/dist/aliases-DH4MEghL.js +2 -0
- package/dist/api-7axT1c4t.js +4 -0
- package/dist/api-8dcgPyEO.js +139 -0
- package/dist/api-BWV-Ja5Y.js +48 -0
- package/dist/api-C6Dl-nsC.js +3 -0
- package/dist/api-CeoOTFsR.js +5 -0
- package/dist/apply-DFpc3-ic.js +508 -0
- package/dist/apply.runtime-BpuwcltB.js +166 -0
- package/dist/apply.runtime-CyFkfilC.js +2 -0
- package/dist/apply.runtime.js +1 -1
- package/dist/approval-gateway-resolver-B5iZVyl3.js +29 -0
- package/dist/approval-gateway-runtime-DJMhFL8_.js +2 -0
- package/dist/approval-handler-runtime-CvlNyTSd.js +439 -0
- package/dist/approval-native-runtime-DIP1UVwF.js +729 -0
- package/dist/attempt-execution.runtime-Dnj7Dunz.js +509 -0
- package/dist/attempt-execution.runtime.js +1 -1
- package/dist/attempt-execution.shared-CJLlmxzq.js +22 -0
- package/dist/attempt.prompt-helpers-yXlkhGj_.js +206 -0
- package/dist/attempt.tool-run-context-DplnP36r.js +933 -0
- package/dist/audit-CP153cHC.js +939 -0
- package/dist/audit-channel.collect.runtime.js +1 -1
- package/dist/audit-extra.async-B52PswlQ.js +971 -0
- package/dist/audit-tool-policy-CMwmd8Xs.js +3 -0
- package/dist/audit.deep.runtime-BC4XWNSr.js +2 -0
- package/dist/audit.deep.runtime.js +1 -1
- package/dist/audit.nondeep.runtime-Dvng3qfA.js +880 -0
- package/dist/audit.nondeep.runtime.js +1 -1
- package/dist/audit.runtime-BPEAdYYt.js +7 -0
- package/dist/audit.runtime.js +1 -1
- package/dist/auth-CGB_0fnH.js +550 -0
- package/dist/auth-DXk-SISv.js +56 -0
- package/dist/auth-_41Zyvnc.js +2 -0
- package/dist/auth-bH95QjyV.js +177 -0
- package/dist/auth-choice-Bn-ygZZg.js +3 -0
- package/dist/auth-choice-CmUhzrUA.js +85 -0
- package/dist/auth-order-Cnl7fD4m.js +2 -0
- package/dist/auth-order-DTEvHo9G.js +139 -0
- package/dist/bash-tools-E5RKIMX4.js +2853 -0
- package/dist/bash-tools-n2uf-L6x.js +3 -0
- package/dist/bash-tools.exec-runtime-BSErqAOv.js +823 -0
- package/dist/binding-routing-MxZZJi7B.js +85 -0
- package/dist/binding-targets-DOjf91v9.js +121 -0
- package/dist/bridge-server-C9sdVkxe.js +113 -0
- package/dist/browser-control-auth-Ds_CXo7-.js +2 -0
- package/dist/browser-node-runtime-CrrZhgmT.js +12 -0
- package/dist/browser-profiles-DSq_VuWU.js +2 -0
- package/dist/browser-runtime-D3bUe2ki.js +387 -0
- package/dist/browser-setup-tools-BzBeI9sr.js +13 -0
- package/dist/build-BQ7uMjfi.js +550 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.js +3 -3
- package/dist/bundled/session-memory/handler.js +1 -1
- package/dist/call-C5EHc2Ve.js +3 -0
- package/dist/call-DgFhP0IB.js +330 -0
- package/dist/call.runtime-CBWpY5ek.js +2 -0
- package/dist/call.runtime.js +1 -1
- package/dist/capability-cli-CF-5WxGW.js +1401 -0
- package/dist/catalog-provider-BefDFS32.js +40 -0
- package/dist/catchup-DEgTzUZf.js +300 -0
- package/dist/channel-B9Z1yOBL.js +1100 -0
- package/dist/channel-BQalh8q5.js +1320 -0
- package/dist/channel-B_D0qB8f.js +297 -0
- package/dist/channel-CveiiHEq.js +226 -0
- package/dist/channel-DPRWC_X5.js +1802 -0
- package/dist/channel-DTNwXKB7.js +350 -0
- package/dist/channel-DsWHOdeO.js +840 -0
- package/dist/channel-IYn5sG7l.js +453 -0
- package/dist/channel-MwEUOERy.js +1174 -0
- package/dist/channel-add-wizard-De4DNba-.js +125 -0
- package/dist/channel-add-wizard-v9JYw-20.js +2 -0
- package/dist/channel-core-C3RFVpjy.js +5 -0
- package/dist/channel-geAqqK_e.js +491 -0
- package/dist/channel-inbound-BRCAVWH1.js +31 -0
- package/dist/channel-plugin-resolution-BYpxL2mS.js +2 -0
- package/dist/channel-plugin-resolution-Jy5eA_cD.js +153 -0
- package/dist/channel-plugin-runtime-B7guFbbq.js +771 -0
- package/dist/channel-runtime-B2HmUto-.js +425 -0
- package/dist/channel-selection.runtime.js +1 -1
- package/dist/channel-setup-DmnWuvUU.js +1297 -0
- package/dist/channel-zfFLswBu.js +595 -0
- package/dist/channel.runtime-60XStiek.js +2364 -0
- package/dist/channel.runtime-BK8atBx7.js +430 -0
- package/dist/channel.runtime-CjfgGDJR.js +576 -0
- package/dist/channel.runtime-Cuc72hD3.js +89 -0
- package/dist/channel.runtime-D4i6q9PJ.js +4 -0
- package/dist/channel.runtime-mLdKu3mE.js +42398 -0
- package/dist/channel.runtime.js +1 -1
- package/dist/channel.setup-BxdBjfQG.js +10 -0
- package/dist/channel2.runtime-DhBM75gc.js +109 -0
- package/dist/channel2.runtime.js +1 -1
- package/dist/channels-YP0r9T7z.js +733 -0
- package/dist/channels-cli-BA8x-0ie.js +268 -0
- package/dist/chat-C-K_PnVS.js +2830 -0
- package/dist/clawbot-cli-CcTWZznd.js +9 -0
- package/dist/clawhub-Dg91MiOl.js +400 -0
- package/dist/cli/daemon-cli.js +3 -3
- package/dist/cli-B9pz-wec.js +2 -0
- package/dist/cli-BDqmMCNa.js +219 -0
- package/dist/cli-BnjgRW4w.js +154 -0
- package/dist/cli-C6O2LqdN.js +683 -0
- package/dist/cli-CFANcv9h.js +2 -0
- package/dist/cli-D9yBNX96.js +3726 -0
- package/dist/cli-e4V7ix51.js +2 -0
- package/dist/cli-oSszUBF4.js +72 -0
- package/dist/cli-runner-ziqCSXFY.js +286 -0
- package/dist/cli-runner.runtime-B-P8SxLi.js +4 -0
- package/dist/cli-runner.runtime-BmqwbMTX.js +3 -0
- package/dist/cli-runner.runtime.js +1 -1
- package/dist/cli-startup-metadata.json +2 -2
- package/dist/cli.runtime-4isBQRbc.js +1261 -0
- package/dist/cli.runtime.js +1 -1
- package/dist/client-CcimlPth.js +138 -0
- package/dist/client-DQsu_IXu.js +723 -0
- package/dist/command-auth-BWQO7kca.js +76 -0
- package/dist/command-config-resolution-ClTknI2S.js +2 -0
- package/dist/command-config-resolution-CrkcVij4.js +23 -0
- package/dist/command-config-resolution.runtime-D6B4s-Uv.js +2 -0
- package/dist/command-config-resolution.runtime.js +1 -1
- package/dist/command-execution-startup-CQcKEDhz.js +324 -0
- package/dist/command-registry-B_U-oRjT.js +4 -0
- package/dist/command-registry-CJ8y08cJ.js +9 -0
- package/dist/command-registry-core-CjYDA5Hb.js +106 -0
- package/dist/command-secret-gateway-BN5JN_4V.js +528 -0
- package/dist/command-status.runtime-BwGSaGwK.js +87 -0
- package/dist/command-status.runtime.js +1 -1
- package/dist/commands-acp-Di5EZJSo.js +77 -0
- package/dist/commands-compact.runtime-Dm1rBnbf.js +10 -0
- package/dist/commands-compact.runtime.js +1 -1
- package/dist/commands-core.runtime-DjL6pkWU.js +2 -0
- package/dist/commands-core.runtime.js +1 -1
- package/dist/commands-handlers.runtime-C8uzW3Za.js +4599 -0
- package/dist/commands-handlers.runtime.js +1 -1
- package/dist/commands-reset-hooks-7h-poKws.js +135 -0
- package/dist/commands-status-D_wsDlQe.js +16 -0
- package/dist/commands-status.runtime-BYT0Y8Xk.js +3 -0
- package/dist/commands-status.runtime.js +1 -1
- package/dist/commands-subagents-control.runtime-BozyiWar.js +3 -0
- package/dist/commands-subagents-control.runtime-DDCzt8Ub.js +2 -0
- package/dist/commands-subagents-control.runtime.js +1 -1
- package/dist/commands-system-prompt-ClkTGvNr.js +157 -0
- package/dist/commands-system-prompt-qRoqhQKL.js +2 -0
- package/dist/commands.runtime-DdZErCma.js +167 -0
- package/dist/commands.runtime.js +1 -1
- package/dist/compact-BCs9ORLb.js +1096 -0
- package/dist/compact.runtime-DvG7GWYV.js +12 -0
- package/dist/compact.runtime.js +1 -1
- package/dist/completion-cli-C4J7V5YR.js +328 -0
- package/dist/config-B0uPLzV0.js +252 -0
- package/dist/config-cli-Bt8euI41.js +1078 -0
- package/dist/config-guard-DUDovz1_.js +96 -0
- package/dist/config-runtime-BnYU3hOw.js +32 -0
- package/dist/configure-BIB6QKXD.js +2 -0
- package/dist/configure-DuXRvaw-.js +1252 -0
- package/dist/connect-options-DdLRs3mC.js +699 -0
- package/dist/control-auth-BboB6-Q9.js +125 -0
- package/dist/control-service-zISWiuJ_.js +156 -0
- package/dist/control-ui/assets/agents-JC5PtqrV.js +1125 -0
- package/dist/control-ui/assets/canvas-BOLwH2XE.js +274 -0
- package/dist/control-ui/assets/channel-config-extras-DndsWi2n.js +2 -0
- package/dist/control-ui/assets/channels-DehEkmqb.js +198 -0
- package/dist/control-ui/assets/contacts-CuFuG0IF.js +49 -0
- package/dist/control-ui/assets/cron-DOmGA0e5.js +250 -0
- package/dist/control-ui/assets/de-CJg8xmlK.js +2 -0
- package/dist/control-ui/assets/debug-BmuUKCSJ.js +94 -0
- package/dist/control-ui/assets/es-C4Q-2wY3.js +2 -0
- package/dist/control-ui/assets/fr-C8HMIYz8.js +2 -0
- package/dist/control-ui/assets/i18n-Cc8tlfvD.js +3 -0
- package/dist/control-ui/assets/id-Cfarvm3I.js +2 -0
- package/dist/control-ui/assets/index-rW3Q6M8T.js +5981 -0
- package/dist/control-ui/assets/instances-Cx7hEWzW.js +57 -0
- package/dist/control-ui/assets/ja-JP-F9ReJBkI.js +2 -0
- package/dist/control-ui/assets/ko-COLp1JKa.js +2 -0
- package/dist/control-ui/assets/logs-DB-Z5vcW.js +74 -0
- package/dist/control-ui/assets/mcp-Cpcduudl.js +417 -0
- package/dist/control-ui/assets/memory-DnzEGr6j.js +50 -0
- package/dist/control-ui/assets/memory-graph-DyR9Uhz0.js +30 -0
- package/dist/control-ui/assets/models-DiDA_80_.js +86 -0
- package/dist/control-ui/assets/nodes-DBKCXfee.js +654 -0
- package/dist/control-ui/assets/pl-BYPzLeb4.js +2 -0
- package/dist/control-ui/assets/plugins-CwfOfaNX.js +259 -0
- package/dist/control-ui/assets/presenter-5bq6-zJE.js +2 -0
- package/dist/control-ui/assets/pt-BR-DTBFbuCo.js +2 -0
- package/dist/control-ui/assets/sessions-B32pl2IK.js +56 -0
- package/dist/control-ui/assets/skills-UF7TyQK4.js +294 -0
- package/dist/control-ui/assets/skills-shared-B74z1P-E.js +11 -0
- package/dist/control-ui/assets/th-CIjDBcNT.js +2 -0
- package/dist/control-ui/assets/tr-NCpkXtTg.js +2 -0
- package/dist/control-ui/assets/uk-DvS1vsmH.js +2 -0
- package/dist/control-ui/assets/wallet-RKPn2MRs.js +302 -0
- package/dist/control-ui/assets/zh-CN-SfnMOQr0.js +2 -0
- package/dist/control-ui/assets/zh-TW-CkQgNjXi.js +2 -0
- package/dist/control-ui/index.html +2 -2
- package/dist/control-ui-CKQ17fcd.js +1043 -0
- package/dist/conversation-id-BzYtax7n.js +235 -0
- package/dist/conversation-id-HBz3v6j3.js +38 -0
- package/dist/conversation-runtime-CkcxSb_S.js +31 -0
- package/dist/core-DxVEjt5f.js +275 -0
- package/dist/create-B9OOGa90.js +80 -0
- package/dist/cron-cli-CAkqablA.js +713 -0
- package/dist/daemon-cli-CCC_5IkN.js +12 -0
- package/dist/dashboard-Bqpn6xD_.js +81 -0
- package/dist/dashboard-Cd6TkhpW.js +2 -0
- package/dist/delegate-D7D8iTtT.js +64 -0
- package/dist/deliver-I8Ifd1yR.js +3 -0
- package/dist/deliver-Zphc65zr.js +747 -0
- package/dist/deliver-runtime-DQyfYkCs.js +2 -0
- package/dist/delivery-outbound.runtime-Bs9x6LSS.js +6 -0
- package/dist/delivery-outbound.runtime.js +1 -1
- package/dist/delivery.runtime-Cx3qn7Hc.js +253 -0
- package/dist/delivery.runtime.js +1 -1
- package/dist/detached-task-runtime-D2jixP5C.js +73 -0
- package/dist/devices-cli-CMnaKl01.js +498 -0
- package/dist/diagnostics-B8Z9UWlG.js +154 -0
- package/dist/direct-dm-c4Qb2Nzg.js +64 -0
- package/dist/directive-handling.fast-lane-DuuCgCI2.js +66 -0
- package/dist/directive-handling.impl-BiJain1b.js +2 -0
- package/dist/directive-handling.impl-CYw76-Ag.js +703 -0
- package/dist/directive-handling.model-selection-BNnOIh0D.js +114 -0
- package/dist/directive-handling.persist.runtime-DWnMoAjn.js +215 -0
- package/dist/directive-handling.persist.runtime.js +1 -1
- package/dist/directory-cli-CinbUxv4.js +240 -0
- package/dist/dispatch-acp-BL2QahHP.js +981 -0
- package/dist/dispatch-acp-manager.runtime-CynWPlJS.js +3 -0
- package/dist/dispatch-acp-manager.runtime.js +1 -1
- package/dist/dispatch-acp-media.runtime-CrC5nXXy.js +4 -0
- package/dist/dispatch-acp-media.runtime.js +1 -1
- package/dist/dispatch-acp-session.runtime-C_GFMR0r.js +2 -0
- package/dist/dispatch-acp-session.runtime.js +1 -1
- package/dist/dispatch-acp.runtime-OwR8G8Qt.js +19 -0
- package/dist/dispatch-acp.runtime.js +1 -1
- package/dist/dispatch-r6Uv7puk.js +1131 -0
- package/dist/doctor-config-flow-BQjLEW5b.js +420 -0
- package/dist/doctor-config-preflight-B3VVSleh.js +63 -0
- package/dist/doctor-config-preflight-BBOEq7ti.js +2 -0
- package/dist/doctor-device-pairing-GsLelCah.js +307 -0
- package/dist/doctor-gateway-daemon-flow-Bj6Y5WoB.js +250 -0
- package/dist/doctor-gateway-health-D7WY6zgb.js +63 -0
- package/dist/doctor-health-C9GRQaPA.js +59 -0
- package/dist/doctor-health-contributions-Dk9ho6TO.js +493 -0
- package/dist/doctor-prompter-Ct6Jv52M.js +56 -0
- package/dist/doctor-sandbox-DAb-mQpy.js +194 -0
- package/dist/doctor-state-migrations-36dXc9ct.js +2 -0
- package/dist/doctor-workspace-status-CJCfWEI6.js +75 -0
- package/dist/dreaming-_hTKF5lN.js +1582 -0
- package/dist/dreaming-narrative-D5XTDttN.js +596 -0
- package/dist/embedded-gateway-stub.runtime-CEmoodA9.js +9 -0
- package/dist/embedded-gateway-stub.runtime.js +1 -1
- package/dist/embedding-provider-B9F-kCH3.js +118 -0
- package/dist/embeddings-BCVqTyaZ.js +215 -0
- package/dist/embeddings-http-CCsd7vWB.js +205 -0
- package/dist/entry.js +2 -2
- package/dist/exec-approval-forwarder.runtime-CMniJyXX.js +3 -0
- package/dist/exec-approval-forwarder.runtime.js +1 -1
- package/dist/exec-approvals-cli-ClDMlOmM.js +498 -0
- package/dist/exec-defaults-BWb7bhoE.js +2 -0
- package/dist/exec-defaults-CE8PArh-.js +67 -0
- package/dist/execute.runtime-Bhup95bB.js +1359 -0
- package/dist/execute.runtime.js +1 -1
- package/dist/extensionAPI.js +3 -3
- package/dist/extensions/active-memory/index.js +3 -3
- package/dist/extensions/alibaba/index.js +1 -1
- package/dist/extensions/alibaba/video-generation-provider.js +1 -1
- package/dist/extensions/arcee/index.js +2 -2
- package/dist/extensions/bluebubbles/api.js +3 -3
- package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
- package/dist/extensions/browser/browser-bridge.js +1 -1
- package/dist/extensions/browser/browser-config.js +4 -4
- package/dist/extensions/browser/browser-control-auth.js +2 -2
- package/dist/extensions/browser/browser-doctor.js +2 -2
- package/dist/extensions/browser/browser-maintenance.js +2 -2
- package/dist/extensions/browser/browser-profiles.js +2 -2
- package/dist/extensions/browser/browser-runtime-api.js +10 -10
- package/dist/extensions/browser/index.js +1 -1
- package/dist/extensions/browser/plugin-registration.js +1 -1
- package/dist/extensions/browser/register.runtime.js +3 -3
- package/dist/extensions/browser/runtime-api.js +11 -11
- package/dist/extensions/browser/test-support.js +1 -1
- package/dist/extensions/byteplus/index.js +3 -3
- package/dist/extensions/byteplus/video-generation-provider.js +1 -1
- package/dist/extensions/chutes/index.js +4 -4
- package/dist/extensions/cloudflare-ai-gateway/api.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/catalog-provider.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +2 -2
- package/dist/extensions/comfy/image-generation-provider.js +2 -2
- package/dist/extensions/comfy/index.js +5 -5
- package/dist/extensions/comfy/music-generation-provider.js +1 -1
- package/dist/extensions/comfy/video-generation-provider.js +2 -2
- package/dist/extensions/comfy/workflow-runtime.js +1 -1
- package/dist/extensions/deepseek/index.js +1 -1
- package/dist/extensions/device-pair/api.js +2 -2
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/device-pair/notify.js +1 -1
- package/dist/extensions/device-pair/pair-command-approve.js +1 -1
- package/dist/extensions/device-pair/qr-image.js +2 -2
- package/dist/extensions/fal/image-generation-provider.js +1 -1
- package/dist/extensions/fal/index.js +3 -3
- package/dist/extensions/fal/provider-registration.js +1 -1
- package/dist/extensions/fal/test-api.js +2 -2
- package/dist/extensions/fal/video-generation-provider.js +1 -1
- package/dist/extensions/fireworks/index.js +1 -1
- package/dist/extensions/github-copilot/api.js +1 -1
- package/dist/extensions/github-copilot/auth.js +1 -1
- package/dist/extensions/github-copilot/embeddings.js +1 -1
- package/dist/extensions/github-copilot/index.js +4 -4
- package/dist/extensions/github-copilot/login.js +1 -1
- package/dist/extensions/github-copilot/register.runtime.js +2 -2
- package/dist/extensions/google-meet/index.js +6 -6
- package/dist/extensions/groq/index.js +1 -1
- package/dist/extensions/groq/media-understanding-provider.js +1 -1
- package/dist/extensions/groq/test-api.js +1 -1
- package/dist/extensions/huggingface/index.js +1 -1
- package/dist/extensions/image-generation-core/api.js +2 -2
- package/dist/extensions/imessage/api.js +4 -4
- package/dist/extensions/imessage/channel-plugin-api.js +1 -1
- package/dist/extensions/imessage/runtime-api.js +5 -5
- package/dist/extensions/imessage/test-api.js +1 -1
- package/dist/extensions/irc/api.js +2 -2
- package/dist/extensions/irc/channel-plugin-api.js +1 -1
- package/dist/extensions/kilocode/index.js +1 -1
- package/dist/extensions/kimi-coding/index.js +2 -2
- package/dist/extensions/line/api.js +2 -2
- package/dist/extensions/line/channel-plugin-api.js +1 -1
- package/dist/extensions/line/contract-api.js +1 -1
- package/dist/extensions/line/runtime-api.js +4 -4
- package/dist/extensions/line/setup-api.js +1 -1
- package/dist/extensions/litellm/index.js +1 -1
- package/dist/extensions/lmstudio/api.js +2 -2
- package/dist/extensions/lmstudio/index.js +3 -3
- package/dist/extensions/lmstudio/memory-embedding-adapter.js +1 -1
- package/dist/extensions/lmstudio/runtime-api.js +1 -1
- package/dist/extensions/lobster/runtime-api.js +1 -1
- package/dist/extensions/mattermost/api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
- package/dist/extensions/mattermost/policy-api.js +1 -1
- package/dist/extensions/mattermost/runtime-api.js +7 -7
- package/dist/extensions/mattermost/slash-route-api.js +1 -1
- package/dist/extensions/media-understanding-core/runtime-api.js +2 -2
- package/dist/extensions/memory-core/api.js +1 -1
- package/dist/extensions/memory-core/cli-metadata.js +2 -2
- package/dist/extensions/memory-core/index.js +3 -3
- package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
- package/dist/extensions/memory-lancedb/index.js +1 -1
- package/dist/extensions/memory-wiki/cli-metadata.js +1 -1
- package/dist/extensions/memory-wiki/index.js +1 -1
- package/dist/extensions/microsoft/index.js +1 -1
- package/dist/extensions/microsoft/speech-provider.js +1 -1
- package/dist/extensions/microsoft/test-api.js +1 -1
- package/dist/extensions/microsoft-foundry/auth.js +1 -1
- package/dist/extensions/microsoft-foundry/cli.js +1 -1
- package/dist/extensions/microsoft-foundry/index.js +1 -1
- package/dist/extensions/microsoft-foundry/onboard.js +2 -2
- package/dist/extensions/microsoft-foundry/provider.js +1 -1
- package/dist/extensions/microsoft-foundry/runtime.js +1 -1
- package/dist/extensions/microsoft-foundry/shared-runtime.js +2 -2
- package/dist/extensions/microsoft-foundry/shared.js +1 -1
- package/dist/extensions/minimax/image-generation-provider.js +1 -1
- package/dist/extensions/minimax/index.js +6 -6
- package/dist/extensions/minimax/media-understanding-provider.js +1 -1
- package/dist/extensions/minimax/music-generation-provider.js +1 -1
- package/dist/extensions/minimax/oauth.js +1 -1
- package/dist/extensions/minimax/oauth.runtime.js +1 -1
- package/dist/extensions/minimax/provider-registration.js +1 -1
- package/dist/extensions/minimax/speech-provider.js +1 -1
- package/dist/extensions/minimax/test-api.js +4 -4
- package/dist/extensions/minimax/video-generation-provider.js +1 -1
- package/dist/extensions/mistral/index.js +2 -2
- package/dist/extensions/mistral/media-understanding-provider.js +1 -1
- package/dist/extensions/mistral/test-api.js +1 -1
- package/dist/extensions/moonshot/index.js +2 -2
- package/dist/extensions/moonshot/media-understanding-provider.js +1 -1
- package/dist/extensions/moonshot/test-api.js +1 -1
- package/dist/extensions/msteams/api.js +1 -1
- package/dist/extensions/msteams/channel-plugin-api.js +1 -1
- package/dist/extensions/msteams/runtime-api.js +4 -4
- package/dist/extensions/msteams/test-api.js +1 -1
- package/dist/extensions/nextcloud-talk/api.js +1 -1
- package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
- package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
- package/dist/extensions/nvidia/index.js +1 -1
- package/dist/extensions/ollama/api.js +3 -3
- package/dist/extensions/ollama/index.js +9 -9
- package/dist/extensions/ollama/runtime-api.js +2 -2
- package/dist/extensions/ollama/web-search-provider.js +1 -1
- package/dist/extensions/openai/api.js +2 -2
- package/dist/extensions/openai/image-generation-provider.js +1 -1
- package/dist/extensions/openai/index.js +6 -6
- package/dist/extensions/openai/media-understanding-provider.js +1 -1
- package/dist/extensions/openai/openai-codex-provider.js +1 -1
- package/dist/extensions/openai/openai-provider.js +1 -1
- package/dist/extensions/openai/register.runtime.js +4 -4
- package/dist/extensions/openai/test-api.js +3 -3
- package/dist/extensions/openai/video-generation-provider.js +1 -1
- package/dist/extensions/opencode/index.js +2 -2
- package/dist/extensions/opencode/media-understanding-provider.js +1 -1
- package/dist/extensions/opencode-go/index.js +2 -2
- package/dist/extensions/opencode-go/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/api.js +1 -1
- package/dist/extensions/openrouter/image-generation-provider.js +1 -1
- package/dist/extensions/openrouter/index.js +4 -4
- package/dist/extensions/openrouter/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/register.runtime.js +3 -3
- package/dist/extensions/openrouter/test-api.js +2 -2
- package/dist/extensions/openshell/index.js +3 -3
- package/dist/extensions/qianfan/index.js +1 -1
- package/dist/extensions/qwen/index.js +3 -3
- package/dist/extensions/qwen/media-understanding-provider.js +1 -1
- package/dist/extensions/qwen/test-api.js +2 -2
- package/dist/extensions/qwen/video-generation-provider.js +1 -1
- package/dist/extensions/runway/index.js +1 -1
- package/dist/extensions/runway/video-generation-provider.js +1 -1
- package/dist/extensions/signal/api.js +6 -6
- package/dist/extensions/signal/channel-plugin-api.js +1 -1
- package/dist/extensions/signal/reaction-runtime-api.js +1 -1
- package/dist/extensions/signal/runtime-api.js +9 -9
- package/dist/extensions/skill-workshop/api.js +1 -1
- package/dist/extensions/skill-workshop/index.js +2 -2
- package/dist/extensions/speech-core/runtime-api.js +1 -1
- package/dist/extensions/stepfun/index.js +2 -2
- package/dist/extensions/synology-chat/api.js +1 -1
- package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
- package/dist/extensions/synthetic/index.js +1 -1
- package/dist/extensions/talk-voice/index.js +1 -1
- package/dist/extensions/tencent/index.js +2 -2
- package/dist/extensions/thread-ownership/index.js +1 -1
- package/dist/extensions/tlon/api.js +2 -2
- package/dist/extensions/tlon/channel-plugin-api.js +1 -1
- package/dist/extensions/tlon/runtime-api.js +1 -1
- package/dist/extensions/tlon/test-api.js +1 -1
- package/dist/extensions/together/index.js +2 -2
- package/dist/extensions/together/video-generation-provider.js +1 -1
- package/dist/extensions/twitch/api.js +1 -1
- package/dist/extensions/twitch/channel-plugin-api.js +1 -1
- package/dist/extensions/twitch/setup-plugin-api.js +1 -1
- package/dist/extensions/venice/index.js +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +1 -1
- package/dist/extensions/voice-call/index.js +1 -1
- package/dist/extensions/voice-call/runtime-entry.js +1 -1
- package/dist/extensions/volcengine/index.js +2 -2
- package/dist/extensions/vydra/image-generation-provider.js +1 -1
- package/dist/extensions/vydra/index.js +4 -4
- package/dist/extensions/vydra/video-generation-provider.js +1 -1
- package/dist/extensions/xai/api.js +2 -2
- package/dist/extensions/xai/code-execution.js +2 -2
- package/dist/extensions/xai/image-generation-provider.js +1 -1
- package/dist/extensions/xai/index.js +6 -6
- package/dist/extensions/xai/speech-provider.js +1 -1
- package/dist/extensions/xai/tts.js +1 -1
- package/dist/extensions/xai/video-generation-provider.js +1 -1
- package/dist/extensions/xai/x-search.js +2 -2
- package/dist/extensions/xiaomi/index.js +1 -1
- package/dist/extensions/zai/index.js +2 -2
- package/dist/extensions/zai/media-understanding-provider.js +1 -1
- package/dist/extensions/zai/test-api.js +1 -1
- package/dist/extensions/zalo/api.js +3 -3
- package/dist/extensions/zalo/channel-plugin-api.js +1 -1
- package/dist/extensions/zalo/runtime-api.js +2 -2
- package/dist/extensions/zalo/setup-api.js +2 -2
- package/dist/extensions/zalouser/api.js +3 -3
- package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
- package/dist/extensions/zalouser/runtime-api.js +7 -7
- package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
- package/dist/extensions/zalouser/test-api.js +1 -1
- package/dist/fallbacks-7zSQjTV3.js +31 -0
- package/dist/fallbacks-CZiqVR5O.js +2 -0
- package/dist/fallbacks-shared-ChkX-wC9.js +111 -0
- package/dist/gateway-CHyZ16Py.js +115 -0
- package/dist/gateway-cli-Ddf-bjxV.js +1283 -0
- package/dist/gateway-rpc-DksPpMA7.js +14 -0
- package/dist/gateway-rpc.runtime-BKaQsdOu.js +23 -0
- package/dist/gateway-rpc.runtime.js +1 -1
- package/dist/gateway-runtime-Ca4l5F_e.js +15 -0
- package/dist/gateway-status-CTPWttLS.js +584 -0
- package/dist/genesis-tools-Bkxp7zlI.js +9435 -0
- package/dist/genesis-tools.runtime-BCkQJQBx.js +2 -0
- package/dist/genesis-tools.runtime.js +1 -1
- package/dist/get-reply-HzKdsGO7.js +3946 -0
- package/dist/get-reply-from-config.runtime-C5ISSvQ1.js +2 -0
- package/dist/get-reply-from-config.runtime.js +1 -1
- package/dist/gmail-watcher-lifecycle-BYRHDXCT.js +2 -0
- package/dist/graph-users-BVVUU02O.js +1337 -0
- package/dist/health-3Ot3RyLe.js +420 -0
- package/dist/health-B1Ww7M60.js +3 -0
- package/dist/health-route--L24U5vY.js +2 -0
- package/dist/health-route-DQ3RbNHQ.js +41 -0
- package/dist/hooks-cli-CsJbTM0O.js +433 -0
- package/dist/http-endpoint-helpers-D5HkMFwp.js +41 -0
- package/dist/http-utils-LFOvdepz.js +924 -0
- package/dist/image-fallbacks--ElXneWp.js +31 -0
- package/dist/image-fallbacks-D3vJILOu.js +2 -0
- package/dist/image-generation-core-DasXukAP.js +18 -0
- package/dist/image-generation-core.auth.runtime.js +1 -1
- package/dist/image-generation-provider-BUYDznhO.js +157 -0
- package/dist/image-generation-provider-CZsEm9qP.js +137 -0
- package/dist/image-generation-provider-DfAtOfEj.js +95 -0
- package/dist/image-generation-provider-Dksuo9OZ.js +529 -0
- package/dist/image-generation-provider-TlVk_XqK.js +63 -0
- package/dist/image-generation-provider-YwugArNw.js +274 -0
- package/dist/image-generation-provider-bWlq5yUE.js +228 -0
- package/dist/image-runtime-CswgJNvs.js +9 -0
- package/dist/inbound-reply-dispatch-B7wRXjgc.js +73 -0
- package/dist/inbound.runtime-Bw0JSbxR.js +4 -0
- package/dist/inbound.runtime-DjvZZHXI.js +3 -0
- package/dist/inbound.runtime.js +1 -1
- package/dist/index.js +2 -2
- package/dist/infra-runtime-CBfd1WMP.js +38 -0
- package/dist/init-D0hOJH3x.js +59 -0
- package/dist/install-CYvCH-s3.js +726 -0
- package/dist/install-security-scan-B7ZoC2Vw.js +26 -0
- package/dist/install-security-scan.runtime-iZsF-J1u.js +671 -0
- package/dist/install-security-scan.runtime.js +1 -1
- package/dist/install.runtime-BAqg9YWO.js +27 -0
- package/dist/install.runtime-Cc9Bf7A6.js +12 -0
- package/dist/install.runtime.js +1 -1
- package/dist/jobs-BIi6klWl.js +729 -0
- package/dist/library-oLeJ7WB2.js +45 -0
- package/dist/lifecycle-CeE5vcbI.js +571 -0
- package/dist/lifecycle-CqOQyQkN.js +229 -0
- package/dist/lifecycle.runtime-3bkEDR0o.js +2 -0
- package/dist/lifecycle.runtime.js +1 -1
- package/dist/list-C3cLeCpB.js +2 -0
- package/dist/list-CcZ_ONLT.js +2 -0
- package/dist/list-DUXsFAZJ.js +1212 -0
- package/dist/list-gnrIqPtd.js +131 -0
- package/dist/list.probe-BwRgShwM.js +419 -0
- package/dist/live-model-switch-CWgg2Ggb.js +336 -0
- package/dist/llm-slug-generator-BkDTThCe.js +79 -0
- package/dist/llm-slug-generator.js +1 -1
- package/dist/load-config-CfZQrUUz.js +35 -0
- package/dist/loader-DsEya2Rd.js +222 -0
- package/dist/local-dispatch.runtime-CtXGZ70F.js +8 -0
- package/dist/local-dispatch.runtime.js +1 -1
- package/dist/login-M0JiZwmc.js +108 -0
- package/dist/logs-cli-zd_9yCKn.js +265 -0
- package/dist/logs-cli.runtime-BWvHh5zg.js +2 -0
- package/dist/logs-cli.runtime.js +1 -1
- package/dist/main-session-restart-recovery-Bnvjo9E1.js +206 -0
- package/dist/managed-image-attachments-Cib67JTY.js +2 -0
- package/dist/managed-image-attachments-Pl-_Wh-s.js +635 -0
- package/dist/manager-CfFNGdWA.js +2057 -0
- package/dist/manager-TXSNaq3B.js +2 -0
- package/dist/markdown-to-line-C83mDLjZ.js +790 -0
- package/dist/mcp/plugin-tools-serve.js +1 -1
- package/dist/mcp-cli-CNy5N1fa.js +725 -0
- package/dist/mcp-http-Cp3nlyRC.js +529 -0
- package/dist/mcp-oauth-embedded.runtime-Bg_5jTnW.js +111 -0
- package/dist/mcp-oauth-embedded.runtime.js +1 -0
- package/dist/media-runtime-BetXjDy_.js +329 -0
- package/dist/media-understanding-PrCTBqs6.js +85 -0
- package/dist/media-understanding-provider-BOJyh6FF.js +85 -0
- package/dist/media-understanding-provider-BQqWS6FP.js +18 -0
- package/dist/media-understanding-provider-BVI5_wpJ.js +12 -0
- package/dist/media-understanding-provider-BvANUUsD.js +37 -0
- package/dist/media-understanding-provider-CmJsqky4.js +69 -0
- package/dist/media-understanding-provider-D160isav.js +28 -0
- package/dist/media-understanding-provider-DLdtS2i0.js +12 -0
- package/dist/media-understanding-provider-DbYma1pc.js +21 -0
- package/dist/media-understanding-provider-DgKlDcus.js +18 -0
- package/dist/media-understanding-provider-Dt4kGn2a.js +13 -0
- package/dist/media-understanding-runtime-7Pt0cFob.js +2 -0
- package/dist/memory-core-host-runtime-cli-BegfMQ60.js +9 -0
- package/dist/memory-embedding-adapter-bqPa42NQ.js +123 -0
- package/dist/memory-host-search-595fbsH5.js +12 -0
- package/dist/memory-host-search.runtime.js +1 -1
- package/dist/message-BEIYueeC.js +232 -0
- package/dist/message-action-runner-BMAw7gfU.js +2 -0
- package/dist/message-action-runner-DbqkVVXA.js +1407 -0
- package/dist/message-actions-CagfUya_.js +143 -0
- package/dist/message.config.runtime.js +1 -1
- package/dist/message.gateway.runtime-8N00rzUd.js +2 -0
- package/dist/message.gateway.runtime.js +1 -1
- package/dist/method-scopes-TWVLEUXZ.js +239 -0
- package/dist/model-picker-DJQ_lN5J.js +3 -0
- package/dist/model-picker-f_kmCGgt.js +559 -0
- package/dist/model-picker.runtime-Bua1ZV3T.js +15 -0
- package/dist/model-picker.runtime.js +1 -1
- package/dist/model-selection-DRe0f5zo.js +212 -0
- package/dist/models-auth-status-dUVFT_f1.js +217 -0
- package/dist/models-cli-VqeddndJ.js +271 -0
- package/dist/models-http-PC5-c2lS.js +92 -0
- package/dist/models.fetch-CsIbuvYn.js +518 -0
- package/dist/monitor-BgwZHXAs.js +2 -0
- package/dist/monitor-BrGXztev.js +1661 -0
- package/dist/monitor-DXqHkIkY.js +788 -0
- package/dist/monitor-DoS0pnRS.js +671 -0
- package/dist/monitor-SUo0OdqH.js +1459 -0
- package/dist/monitor-auth-BjLpAGxu.js +207 -0
- package/dist/monitor-hVTP1bQv.js +1237 -0
- package/dist/monitor-processing-CIokCAUz.js +1974 -0
- package/dist/monitor.runtime-BU4RKNXx.js +2 -0
- package/dist/monitor.runtime.js +1 -1
- package/dist/monitor.webhook-DaTTjWrL.js +180 -0
- package/dist/msteams-CmdWCuQl.js +35 -0
- package/dist/music-generation-provider-D1C-gv82.js +63 -0
- package/dist/music-generation-provider-Da4aNlMi.js +170 -0
- package/dist/native-hook-relay-Crk4McKb.js +519 -0
- package/dist/nextcloud-talk-D23cNPfx.js +17 -0
- package/dist/node-cli-DQ2FAUD5.js +2276 -0
- package/dist/nodes-cli-rSfhRw3_.js +1046 -0
- package/dist/nodes-utils-DlayGjaD.js +84 -0
- package/dist/nodes.helpers-DDUs18Tb.js +34 -0
- package/dist/notify-BSOvLWmd.js +315 -0
- package/dist/oauth-CMgJwuws.js +2 -0
- package/dist/oauth-CkVdnYWF.js +152 -0
- package/dist/oauth-DyK5hAZs.js +139 -0
- package/dist/oauth-OBOUymgi.js +75 -0
- package/dist/oauth.flow-BLoyN3lV.js +3 -0
- package/dist/oauth.flow-DH06lWCO.js +45 -0
- package/dist/onboard-C-WpjREP.js +316 -0
- package/dist/onboard-CpNpQ0N8.js +70 -0
- package/dist/onboard-channels-BeLqCc-3.js +2 -0
- package/dist/onboard-channels-DvKo0QB_.js +3 -0
- package/dist/onboard-custom-BXb7qIWz.js +3 -0
- package/dist/onboard-custom-ClkyPqIy.js +271 -0
- package/dist/onboard-helpers-BSqq4yEX.js +204 -0
- package/dist/onboard-helpers-Cw8cHMwk.js +6 -0
- package/dist/onboard-interactive-CIJMPUNi.js +24 -0
- package/dist/onboard-non-interactive-CCGFunM1.js +635 -0
- package/dist/onboard-remote-BIFjzB0v.js +193 -0
- package/dist/onboard-remote-DdfKS44K.js +2 -0
- package/dist/onboard-skills-C9Oz7pMM.js +134 -0
- package/dist/onboard-skills-DFZIuIBM.js +2 -0
- package/dist/onboard-ygfHgwjs.js +2 -0
- package/dist/onboarding-plugin-install-CSJX8VZv.js +406 -0
- package/dist/openai-codex-provider-ChrCVEw6.js +472 -0
- package/dist/openai-http-V8-EZ-Tx.js +500 -0
- package/dist/openai-provider-CBFc7f3l.js +313 -0
- package/dist/opencode-D8fX4akZ.js +35 -0
- package/dist/openresponses-http-B2Z5eD7p.js +1128 -0
- package/dist/operator-approvals-client-DcLaJSYz.js +68 -0
- package/dist/outbound-runtime-BcayPyTD.js +5 -0
- package/dist/outbound.runtime-BioZr0Xk.js +2 -0
- package/dist/outbound.runtime.js +1 -1
- package/dist/pair-command-approve-CKQ5PFPa.js +44 -0
- package/dist/persistent-bindings.lifecycle-Cc3nJyXl.js +2 -0
- package/dist/persistent-bindings.lifecycle-DMUm3wFX.js +85 -0
- package/dist/pi-bundle-mcp-runtime-BxuXFq8N.js +2 -0
- package/dist/pi-bundle-mcp-runtime-ZvnA7GLK.js +854 -0
- package/dist/pi-bundle-mcp-tools-Cq0oKMGx.js +108 -0
- package/dist/pi-embedded-DLQZrdL6.js +2905 -0
- package/dist/pi-embedded-kfFiSGXN.js +4 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-DRkY_7mg.js +23 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime.js +1 -1
- package/dist/pi-embedded.runtime-DXAilonb.js +4 -0
- package/dist/pi-embedded.runtime.js +1 -1
- package/dist/pi-tool-definition-adapter-D5M4iVmd.js +229 -0
- package/dist/pi-tools-CymfaKhy.js +1118 -0
- package/dist/pi-tools.before-tool-call-CBjigYgQ.js +2 -0
- package/dist/pi-tools.before-tool-call-CrhLIm2q.js +433 -0
- package/dist/plugin-DJ_g-ddv.js +12195 -0
- package/dist/plugin-enabled-CqvTLQjg.js +140 -0
- package/dist/plugin-install-DwdyYiEf.js +115 -0
- package/dist/plugin-install-config-policy-BGQ3WzJO.js +137 -0
- package/dist/plugin-install-ldcXmOz8.js +2 -0
- package/dist/plugin-install-plan-DXvNElN2.js +50 -0
- package/dist/plugin-registration-awDDNZjN.js +23 -0
- package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
- package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
- package/dist/plugin-sdk/acp-runtime.js +3 -3
- package/dist/plugin-sdk/agent-harness-runtime.js +6 -6
- package/dist/plugin-sdk/agent-harness.js +7 -7
- package/dist/plugin-sdk/agent-runtime.js +2 -2
- package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
- package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
- package/dist/plugin-sdk/approval-runtime.js +1 -1
- package/dist/plugin-sdk/browser-node-runtime.js +4 -4
- package/dist/plugin-sdk/browser-setup-tools.js +3 -3
- package/dist/plugin-sdk/browser-support.js +7 -7
- package/dist/plugin-sdk/channel-core.js +2 -2
- package/dist/plugin-sdk/channel-inbound.js +3 -3
- package/dist/plugin-sdk/command-auth.js +2 -2
- package/dist/plugin-sdk/command-status-runtime.js +1 -1
- package/dist/plugin-sdk/compat.js +1 -1
- package/dist/plugin-sdk/config-runtime.js +3 -3
- package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
- package/dist/plugin-sdk/conversation-runtime.js +4 -4
- package/dist/plugin-sdk/core.js +2 -2
- package/dist/plugin-sdk/direct-dm.js +1 -1
- package/dist/plugin-sdk/gateway-runtime.js +3 -3
- package/dist/plugin-sdk/image-generation-core.js +2 -2
- package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
- package/dist/plugin-sdk/index.js +1 -1
- package/dist/plugin-sdk/infra-runtime.js +2 -2
- package/dist/plugin-sdk/irc.js +2 -2
- package/dist/plugin-sdk/matrix.js +1 -1
- package/dist/plugin-sdk/mattermost.js +2 -2
- package/dist/plugin-sdk/media-runtime.js +5 -5
- package/dist/plugin-sdk/media-understanding-runtime.js +2 -2
- package/dist/plugin-sdk/media-understanding.js +2 -2
- package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
- package/dist/plugin-sdk/memory-core.js +2 -2
- package/dist/plugin-sdk/memory-host-search.js +1 -1
- package/dist/plugin-sdk/msteams.js +3 -3
- package/dist/plugin-sdk/nextcloud-talk.js +2 -2
- package/dist/plugin-sdk/nostr.js +1 -1
- package/dist/plugin-sdk/opencode.js +1 -1
- package/dist/plugin-sdk/outbound-runtime.js +2 -2
- package/dist/plugin-sdk/provider-auth-api-key.js +2 -2
- package/dist/plugin-sdk/provider-auth-login.js +1 -1
- package/dist/plugin-sdk/provider-auth.js +2 -2
- package/dist/plugin-sdk/provider-entry.js +1 -1
- package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
- package/dist/plugin-sdk/reply-runtime.js +4 -4
- package/dist/plugin-sdk/runtime-doctor.js +1 -1
- package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
- package/dist/plugin-sdk/runtime.js +3 -3
- package/dist/plugin-sdk/sandbox.js +1 -1
- package/dist/plugin-sdk/session-store-runtime.js +1 -1
- package/dist/plugin-sdk/session-visibility.js +1 -1
- package/dist/plugin-sdk/skill-commands-runtime.js +1 -1
- package/dist/plugin-sdk/src/config/types.mcp.d.ts +13 -0
- package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +29 -3
- package/dist/plugin-sdk/src/gateway/protocol/schema/mcp.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/protocol-schemas.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/types.d.ts +8 -0
- package/dist/plugin-sdk/testing.js +4 -4
- package/dist/plugin-sdk/tlon.js +1 -1
- package/dist/plugin-sdk/zalo.js +1 -1
- package/dist/plugin-sdk/zalouser.js +1 -1
- package/dist/plugin-service-Bcg-shsL.js +2893 -0
- package/dist/plugins/runtime/index.js +1 -1
- package/dist/plugins-cli-CUZMkYFB.js +584 -0
- package/dist/plugins-command-helpers-BGFL7yp7.js +107 -0
- package/dist/plugins-install-persist-Cp8tSsno.js +133 -0
- package/dist/plugins-update-command-Ds_N9qES.js +1057 -0
- package/dist/policy-DIf26_n6.js +328 -0
- package/dist/postinstall-inventory.json +711 -709
- package/dist/prepare.runtime-DCLXK1uq.js +807 -0
- package/dist/prepare.runtime.js +1 -1
- package/dist/probe-0w9S79sF.js +45 -0
- package/dist/probe-B1L2nZVS.js +243 -0
- package/dist/probe-BQT29JH7.js +74 -0
- package/dist/probe-CB6KR9ri.js +240 -0
- package/dist/probe-CWtFr2jl.js +2 -0
- package/dist/probe-CcBuLmYT.js +2205 -0
- package/dist/probe-DYqlJBSk.js +2 -0
- package/dist/probe-_IUalbC8.js +1443 -0
- package/dist/program-sXJs6Lyj.js +111 -0
- package/dist/prompt-select-styled-jucMgA5f.js +20 -0
- package/dist/protocol-DgMCJAA_.js +2586 -0
- package/dist/provider-BSqWTcoz.js +70 -0
- package/dist/provider-api-key-auth-C92t3JTu.js +131 -0
- package/dist/provider-api-key-auth.runtime.js +1 -1
- package/dist/provider-auth-api-key-zf0PU9U_.js +5 -0
- package/dist/provider-auth-choice-palZRKPG.js +228 -0
- package/dist/provider-auth-hCEy91hA.js +46 -0
- package/dist/provider-auth-login-D4MC4bs_.js +8 -0
- package/dist/provider-auth-login.runtime.js +1 -1
- package/dist/provider-dispatcher-9z9Dw59_.js +2 -0
- package/dist/provider-dispatcher-DyQNST2Z.js +22 -0
- package/dist/provider-entry-DZDgzWTU.js +106 -0
- package/dist/provider-model-defaults-DC1PMV0H.js +6 -0
- package/dist/provider-registration-BSHUosM7.js +218 -0
- package/dist/provider-registration-CA9-PRDk.js +37 -0
- package/dist/qr-cli-Dwc3sjiV.js +2 -0
- package/dist/qr-cli-hTiyQbbK.js +349 -0
- package/dist/qr-image-BDoVY1GF.js +2 -0
- package/dist/queue-BljsBBtU.js +409 -0
- package/dist/reaction-runtime-api-Q9NHKbpw.js +116 -0
- package/dist/reactions-DGczAFsd.js +998 -0
- package/dist/read-capability-YFf_CDLF.js +412 -0
- package/dist/register-service-commands-Dxwl01rR.js +71 -0
- package/dist/register.agent-Drovpr_f.js +248 -0
- package/dist/register.configure-BzQtmjqp.js +15 -0
- package/dist/register.maintenance-PRykY6qq.js +363 -0
- package/dist/register.message-Dw6OLnap.js +329 -0
- package/dist/register.onboard-CB7aqo8I.js +88 -0
- package/dist/register.runtime-5QpZP1PI.js +81 -0
- package/dist/register.runtime.js +1 -1
- package/dist/register.setup-GLc__3H1.js +150 -0
- package/dist/register.status-health-sessions-DuQnS6V7.js +1215 -0
- package/dist/register.subclis-Bupq6ckp.js +3 -0
- package/dist/register.subclis-Df0YvsXg.js +29 -0
- package/dist/register.subclis-core-CK63Nor4.js +249 -0
- package/dist/reply-dispatch-runtime-D63ANCTQ.js +13 -0
- package/dist/reply-media-paths.runtime-C6-V86g1.js +146 -0
- package/dist/reply-media-paths.runtime-Cmms8y5S.js +2 -0
- package/dist/reply-media-paths.runtime.js +1 -1
- package/dist/reply-runtime-CLq8xugv.js +10 -0
- package/dist/reply.runtime-FitoWYiX.js +2 -0
- package/dist/reply.runtime.js +1 -1
- package/dist/resolve-BHmKuinY.js +259 -0
- package/dist/response-generator-BxzbAKHi.js +175 -0
- package/dist/restart-health-CNE6ENF8.js +202 -0
- package/dist/restart-health-DriNCEEo.js +2 -0
- package/dist/root-help-BsG62TUK.js +44 -0
- package/dist/route-reply-EPkWewCQ.js +162 -0
- package/dist/route-reply.runtime-Rem8ixbJ.js +2 -0
- package/dist/route-reply.runtime.js +1 -1
- package/dist/routes-B8SmZM_C.js +3341 -0
- package/dist/routes-CVtIuQaj.js +2 -0
- package/dist/rpc-AJw8-VEF.js +61 -0
- package/dist/rpc.runtime-NzXXr3IH.js +21 -0
- package/dist/rpc.runtime.js +1 -1
- package/dist/run-auth-profile.runtime-DrFMFMa5.js +2 -0
- package/dist/run-auth-profile.runtime.js +1 -1
- package/dist/run-delivery.runtime-DDc5pTuc.js +530 -0
- package/dist/run-delivery.runtime.js +1 -1
- package/dist/run-embedded.runtime-BlLE0DKl.js +4 -0
- package/dist/run-embedded.runtime.js +1 -1
- package/dist/run-execution-cli.runtime-Dx9bn2nL.js +4 -0
- package/dist/run-execution-cli.runtime.js +1 -1
- package/dist/run-executor.runtime-Bx0-xr66.js +277 -0
- package/dist/run-executor.runtime.js +1 -1
- package/dist/run-main-Q7WXDun9.js +567 -0
- package/dist/run-subagent-registry.runtime-DN441nGA.js +2 -0
- package/dist/run-subagent-registry.runtime.js +1 -1
- package/dist/run-wait-DOOBZLr5.js +135 -0
- package/dist/runner-B8D0Coak.js +966 -0
- package/dist/runner.entries-DZUGr24v.js +604 -0
- package/dist/runtime-B56xKFjA.js +9 -0
- package/dist/runtime-BshnyUPo.js +116 -0
- package/dist/runtime-CnTeeNB7.js +72 -0
- package/dist/runtime-D--xK0Me.js +961 -0
- package/dist/runtime-DFBduVee.js +2 -0
- package/dist/runtime-api-BGOAhjcp.js +9 -0
- package/dist/runtime-api-CcUMXjjy.js +14 -0
- package/dist/runtime-api-L9lB-rDz.js +4 -0
- package/dist/runtime-api-ap0gPIKQ.js +9 -0
- package/dist/runtime-co7Um4tt.js +263 -0
- package/dist/runtime-embedded-pi.runtime-CQ5TsVlh.js +2 -0
- package/dist/runtime-embedded-pi.runtime.js +1 -1
- package/dist/runtime-entry-g38-J35c.js +2769 -0
- package/dist/runtime-internal-DwAoh64o.js +2 -0
- package/dist/runtime-manifest.runtime.js +1 -1
- package/dist/runtime-options-CtF_gotz.js +275 -0
- package/dist/runtime-prepare.runtime-DAaAh4tU.js +80 -0
- package/dist/runtime-prepare.runtime.js +1 -1
- package/dist/runtime-schema-7aqYdEly.js +28599 -0
- package/dist/runtime-web-tools-DpTEm5uJ.js +1477 -0
- package/dist/runtime-web-tools-fallback.runtime.js +1 -1
- package/dist/runtime-web-tools-manifest.runtime.js +1 -1
- package/dist/runtime-web-tools-public-artifacts.runtime.js +1 -1
- package/dist/sandbox-DjUUwvID.js +3 -0
- package/dist/sandbox-IL2pQunA.js +1156 -0
- package/dist/sandbox-cli-C75oWfKU.js +450 -0
- package/dist/scan-BmfJ_GUd.js +2 -0
- package/dist/scan-BwUXPVa4.js +523 -0
- package/dist/secrets-cli-Byrmt5p3.js +2101 -0
- package/dist/security-cli-Cb_qzWSU.js +486 -0
- package/dist/selection-BaZ-7Sz6.js +2 -0
- package/dist/selection-C8rwxPqg.js +7743 -0
- package/dist/send-C3Ht9Buu.js +102 -0
- package/dist/send-NpRBz3rn.js +156 -0
- package/dist/send.runtime-Buvd_P2p.js +2 -0
- package/dist/send.runtime.js +1 -1
- package/dist/server-B8tim7RO.js +13 -0
- package/dist/server-ClAvfJJm.js +77 -0
- package/dist/server-context-Dl7OQ56d.js +2 -0
- package/dist/server-context-F2Jh0JBO.js +847 -0
- package/dist/server-node-events-Db8SbNO0.js +474 -0
- package/dist/server-plugin-bootstrap-DxpFA7AU.js +13703 -0
- package/dist/server-plugin-bootstrap-t6Z_tN0J.js +2 -0
- package/dist/server-restart-sentinel-VLhFJOy5.js +684 -0
- package/dist/server.impl-BNDZK6Lv.js +12804 -0
- package/dist/session-BThNEh5u.js +48 -0
- package/dist/session-archive.runtime.js +1 -1
- package/dist/session-envelope-tBfpcRRu.js +18 -0
- package/dist/session-key-De2wQZ8k.js +65 -0
- package/dist/session-kill-http-C35_XMK_.js +110 -0
- package/dist/session-meta-Bpv85XpZ.js +109 -0
- package/dist/session-override-dIx8boay.js +106 -0
- package/dist/session-reset-model.runtime-BY5KYxcY.js +133 -0
- package/dist/session-reset-model.runtime.js +1 -1
- package/dist/session-reset-service-Cs7o8vTZ.js +497 -0
- package/dist/session-route-DwjrtcvV.js +93 -0
- package/dist/session-status.runtime-Cp9hECfs.js +2 -0
- package/dist/session-status.runtime.js +1 -1
- package/dist/session-store-DT5H5NRv.js +126 -0
- package/dist/session-store.runtime-CoRuKMfZ.js +2 -0
- package/dist/session-store.runtime.js +1 -1
- package/dist/session-subagent-reactivation.runtime-3hC6cwVh.js +2 -0
- package/dist/session-subagent-reactivation.runtime.js +1 -1
- package/dist/session-tab-registry-BHn1P3lZ.js +581 -0
- package/dist/session-updates-CHKrFM9H.js +236 -0
- package/dist/session-updates.runtime-CqylTFnb.js +2 -0
- package/dist/session-updates.runtime.js +1 -1
- package/dist/session-utils-otyfumhD.js +1009 -0
- package/dist/session-visibility-C5yhLdDZ.js +147 -0
- package/dist/sessions-BjHLgqjt.js +2 -0
- package/dist/sessions-C1_80mqv.js +48 -0
- package/dist/sessions-DjIcw5uP.js +281 -0
- package/dist/sessions-helpers-C_xGZAo7.js +305 -0
- package/dist/sessions-history-http-CQ-Ga5H3.js +371 -0
- package/dist/sessions-patch-XzBTc4fY.js +309 -0
- package/dist/sessions-resolve-CF4QOXiX.js +174 -0
- package/dist/sessions-w6UJYMea.js +16 -0
- package/dist/sessions.runtime-CEV3VtEH.js +2 -0
- package/dist/sessions.runtime.js +1 -1
- package/dist/setup-BrkQiUrj.js +421 -0
- package/dist/setup-D218KRK6.js +636 -0
- package/dist/setup-api-BvHlVezg.js +29 -0
- package/dist/setup-core-BjceveVY.js +171 -0
- package/dist/setup-core-CxDIk2Qq.js +176 -0
- package/dist/setup-surface-6hnrFGJ3.js +286 -0
- package/dist/setup-surface-BBDyg26_.js +219 -0
- package/dist/setup-surface-HREO9zEo.js +403 -0
- package/dist/setup.finalize-CAJxf_Mm.js +547 -0
- package/dist/setup.gateway-config-g6JfCjT4.js +250 -0
- package/dist/shared-CJ2_38Ar.js +198 -0
- package/dist/shared-CecRnN5i.js +76 -0
- package/dist/shared-G254rWzJ.js +217 -0
- package/dist/shared-Zan1S92i.js +121 -0
- package/dist/shared-runtime-CKzUXuwN.js +7 -0
- package/dist/skill-commands-DWC_vZ-J.js +83 -0
- package/dist/skill-commands.runtime-BMmD4lyW.js +2 -0
- package/dist/skill-commands.runtime.js +1 -1
- package/dist/skills-install-Bpfq1PgX.js +605 -0
- package/dist/skills-snapshot.runtime-uSs9vmlj.js +7 -0
- package/dist/skills-snapshot.runtime.js +1 -1
- package/dist/slash-state-EXy1B2EX.js +1911 -0
- package/dist/speech-provider-CcbYv8ap.js +216 -0
- package/dist/speech-provider-Cr1h-_-X.js +170 -0
- package/dist/speech-provider-Gif_hcpc.js +209 -0
- package/dist/src-Dda8Fvmo.js +3974 -0
- package/dist/stage-sandbox-media.runtime-_FkeTCA0.js +232 -0
- package/dist/stage-sandbox-media.runtime.js +1 -1
- package/dist/startup-context-BLtyYbKu.js +312 -0
- package/dist/state-migrations-BXYrr3Hc.js +820 -0
- package/dist/status-B1RXiDvc.js +3 -0
- package/dist/status-B4tnoXkV.js +2 -0
- package/dist/status-BWXZC-dF.js +2 -0
- package/dist/status-CUZkKe39.js +62 -0
- package/dist/status-DNnTegVL.js +395 -0
- package/dist/status-G3Z29Cb_.js +190 -0
- package/dist/status-all-pjolmMGB.js +498 -0
- package/dist/status-json-BKR5uVlE.js +14 -0
- package/dist/status-json-command-DuIQ8dNz.js +82 -0
- package/dist/status-message-CZyHmUQr.js +466 -0
- package/dist/status-message.runtime-C1I59_ay.js +6 -0
- package/dist/status-message.runtime.js +1 -1
- package/dist/status-n2SrcSeP.js +209 -0
- package/dist/status-queue.runtime-k2kdii3C.js +2 -0
- package/dist/status-queue.runtime.js +1 -1
- package/dist/status-runtime-shared-9akPh3OB.js +241 -0
- package/dist/status-subagents.runtime-C-2-94r7.js +18 -0
- package/dist/status-subagents.runtime.js +1 -1
- package/dist/status-text-DY-AMW7D.js +237 -0
- package/dist/status.gateway-connection.runtime-CGwlyVSQ.js +2 -0
- package/dist/status.gateway-connection.runtime.js +1 -1
- package/dist/status.gather-C17tVkff.js +2 -0
- package/dist/status.gather-CGXwFKnq.js +292 -0
- package/dist/status.runtime-DdcRs0mC.js +2 -0
- package/dist/status.runtime-L3R8cOql.js +2 -0
- package/dist/status.runtime.js +1 -1
- package/dist/status.scan-BSIqJF_S.js +65 -0
- package/dist/status.scan-overview-CbwLYoIT.js +379 -0
- package/dist/status.scan.fast-json-BnpfFSN8.js +2 -0
- package/dist/status.scan.fast-json-W54JDFUy.js +132 -0
- package/dist/status.summary-CeaTG93y.js +2 -0
- package/dist/status.summary-LPaYBiqB.js +200 -0
- package/dist/store-BtHVDH2Q.js +910 -0
- package/dist/store-Qn6Vf7Ma.js +4 -0
- package/dist/store.runtime-Dd3L_GjJ.js +2 -0
- package/dist/store.runtime.js +1 -1
- package/dist/stream-CImPPcyN.js +664 -0
- package/dist/subagent-announce-Dn5xl49E.js +351 -0
- package/dist/subagent-announce-delivery-CpVHT0KZ.js +726 -0
- package/dist/subagent-announce-output-Ba8GDqQZ.js +364 -0
- package/dist/subagent-capabilities-DN1kjzNE.js +251 -0
- package/dist/subagent-control-Clm3gsra.js +506 -0
- package/dist/subagent-control.runtime-D9vrLexA.js +3 -0
- package/dist/subagent-control.runtime.js +1 -1
- package/dist/subagent-followup.runtime-OlILj5hg.js +68 -0
- package/dist/subagent-followup.runtime.js +1 -1
- package/dist/subagent-orphan-recovery-Dqi7ktSy.js +305 -0
- package/dist/subagent-registry-BfT1dA_H.js +3 -0
- package/dist/subagent-registry-DsOeyo6i.js +1753 -0
- package/dist/subagent-registry.runtime.js +1 -1
- package/dist/subagent-spawn-IMKDJ_Ai.js +1005 -0
- package/dist/supervisor-DgpKTzey.js +704 -0
- package/dist/supervisor-log.runtime.js +1 -1
- package/dist/system-cli-QcbUPgUP.js +43 -0
- package/dist/targets-rJXMe19f.js +67 -0
- package/dist/targets.runtime.js +1 -1
- package/dist/task-executor-CT_QfGPJ.js +360 -0
- package/dist/task-owner-access-Bm14vxJa.js +74 -0
- package/dist/task-registry-D6gK7iIt.js +2357 -0
- package/dist/task-registry-delivery-runtime-CDAeASdU.js +2 -0
- package/dist/task-registry-delivery-runtime-CeWw5kdc.js +3 -0
- package/dist/task-registry.maintenance-B5hpULqB.js +416 -0
- package/dist/task-registry.maintenance-DZFQCCjc.js +2 -0
- package/dist/telegram/token.js +2 -2
- package/dist/testing-B2Y0vJ76.js +575 -0
- package/dist/text-report-0Q8c04if.js +549 -0
- package/dist/tool-auth-shared-Ca0wddYT.js +90 -0
- package/dist/tool-policy-pipeline-BLtvEs31.js +109 -0
- package/dist/tool-resolution-CHcj9HdC.js +90 -0
- package/dist/tools-effective-inventory-Giuks2Dt.js +152 -0
- package/dist/tools-invoke-http-FlaWbmCS.js +206 -0
- package/dist/transcript-resolve.runtime-wnJiuCEb.js +2 -0
- package/dist/transcript-resolve.runtime.js +1 -1
- package/dist/transcript-yKXsllQ2.js +312 -0
- package/dist/transcript.runtime-CmcFZQq0.js +2 -0
- package/dist/transcript.runtime.js +1 -1
- package/dist/trash-BzlpkaUi.js +24 -0
- package/dist/tts-BG_1G2S6.js +64 -0
- package/dist/tui-cli-B9Emgd5Q.js +4585 -0
- package/dist/uninstall-B6U2msaD.js +185 -0
- package/dist/update-BjKPsXUk.js +1282 -0
- package/dist/update-cli-ln47pDmA.js +1759 -0
- package/dist/update-startup-Xs6Edz-d.js +2 -0
- package/dist/upgrade-Ctu4zfU3.js +1226 -0
- package/dist/video-generation-provider-B0W1RcQj.js +264 -0
- package/dist/video-generation-provider-B2XcJK8B.js +221 -0
- package/dist/video-generation-provider-BJt8-Jzh.js +254 -0
- package/dist/video-generation-provider-Bsz88Y8I.js +78 -0
- package/dist/video-generation-provider-CmN0n1aP.js +271 -0
- package/dist/video-generation-provider-DKFpHGWz.js +64 -0
- package/dist/video-generation-provider-LgYMFJAm.js +281 -0
- package/dist/video-generation-provider-j1OQMvjr2.js +77 -0
- package/dist/video-generation-provider-lI_tgIiA.js +287 -0
- package/dist/video-generation-provider-uVzVbp2s.js +118 -0
- package/dist/video-generation-provider-xQ4AZkeK.js +187 -0
- package/dist/video-generation-task-status-AzBxxMK4.js +163 -0
- package/dist/wait-for-idle-before-flush-D4a3dGVX.js +6025 -0
- package/dist/web-search-provider-Bt8NRG25.js +163 -0
- package/dist/wizard-models-DpLispoG.js +334 -0
- package/dist/workflow-runtime-C0jGj382.js +485 -0
- package/package.json +1 -1
- package/dist/abort-DUTWX49H.js +0 -201
- package/dist/abort-cutoff.runtime-oLWHRfE6.js +0 -20
- package/dist/abort.runtime-B1CZPj3m.js +0 -2
- package/dist/accounts-DFJuQd32.js +0 -107
- package/dist/accounts-VbCry_MV.js +0 -104
- package/dist/accounts-ZduaK0fO.js +0 -2
- package/dist/acp-cli-Cyqn8a7z.js +0 -2217
- package/dist/acp-spawn-B1O0qwkN.js +0 -2
- package/dist/acp-spawn-C2eEj7wR.js +0 -1042
- package/dist/acp-stateful-target-driver-BKL2flGw.js +0 -89
- package/dist/action-agents-C9zs0A_N.js +0 -67
- package/dist/action-focus-Dj2trHbP.js +0 -132
- package/dist/action-help-ENFS-VRC.js +0 -7
- package/dist/action-info-IKxta-Me.js +0 -101
- package/dist/action-kill-CJGjsHX-.js +0 -33
- package/dist/action-list-ChLdMXon.js +0 -21
- package/dist/action-log-CdeugqCO.js +0 -30
- package/dist/action-send-BvUjnmVw.js +0 -39
- package/dist/action-spawn-Xq0DpbW7.js +0 -47
- package/dist/action-unfocus-DfcihOhT.js +0 -29
- package/dist/actions.runtime-CTjuTpQ1.js +0 -18
- package/dist/actions.runtime-Dp93aqpg.js +0 -5
- package/dist/agent-DQZeYp3u.js +0 -2
- package/dist/agent-command-CynPQd5_.js +0 -874
- package/dist/agent-harness-runtime-D9PrghSe.js +0 -144
- package/dist/agent-runner-utils-CwDT31Pp.js +0 -239
- package/dist/agent-runner.runtime-kH3GCoKg.js +0 -3443
- package/dist/agent-runtime-BSwK1sup.js +0 -18
- package/dist/agents-C9BmPj-C.js +0 -954
- package/dist/agents-CQQ7cNF9.js +0 -5
- package/dist/agents.command-shared-cZa4UKga.js +0 -40
- package/dist/aliases-B92uAzO2.js +0 -2
- package/dist/aliases-BZsZGqVQ.js +0 -96
- package/dist/api-CU22wCTp.js +0 -139
- package/dist/api-DD_eTeli.js +0 -5
- package/dist/api-DIKi1Ni8.js +0 -4
- package/dist/api-i4W2Wwd4.js +0 -48
- package/dist/api-sngIL0OQ.js +0 -3
- package/dist/apply-oUSa2Pf0.js +0 -508
- package/dist/apply.runtime-BLCi2Ivv.js +0 -166
- package/dist/apply.runtime-D_hTG_Y0.js +0 -2
- package/dist/approval-gateway-resolver-KouhItZO.js +0 -29
- package/dist/approval-gateway-runtime-D7CzOIgq.js +0 -2
- package/dist/approval-handler-runtime-CFvI_pZS.js +0 -439
- package/dist/approval-native-runtime-rl6s6chH.js +0 -729
- package/dist/attempt-execution.runtime-Ba87IenS.js +0 -509
- package/dist/attempt-execution.shared-BY_ARPh1.js +0 -22
- package/dist/attempt.prompt-helpers-BbBNMjqU.js +0 -206
- package/dist/attempt.tool-run-context-CLlg_9Gq.js +0 -933
- package/dist/audit-CQJwJFWH.js +0 -939
- package/dist/audit-extra.async-BbZcluVr.js +0 -971
- package/dist/audit-tool-policy-C0lIM9Fp.js +0 -3
- package/dist/audit.deep.runtime-CXjulrWI.js +0 -2
- package/dist/audit.nondeep.runtime-nu5XTu7N.js +0 -880
- package/dist/audit.runtime-CW5CY88A.js +0 -7
- package/dist/auth-CzjcgD0-.js +0 -177
- package/dist/auth-DFhah4e4.js +0 -2
- package/dist/auth-DQw5zHDJ.js +0 -56
- package/dist/auth-choice-CXWHXiQK.js +0 -3
- package/dist/auth-choice-DGMF0dBk.js +0 -85
- package/dist/auth-order-CMWxvLX4.js +0 -2
- package/dist/auth-order-D6mEMqD7.js +0 -139
- package/dist/auth-s-3q__5n.js +0 -550
- package/dist/bash-tools-BCSXSkhx.js +0 -2853
- package/dist/bash-tools-D2NO8-ph.js +0 -3
- package/dist/bash-tools.exec-runtime-CVOp5fHn.js +0 -823
- package/dist/binding-routing-DROXsDQk.js +0 -85
- package/dist/binding-targets-D33MkugL.js +0 -121
- package/dist/bridge-server-3gO7JmL_.js +0 -113
- package/dist/browser-control-auth-DS3Wwm1z.js +0 -2
- package/dist/browser-node-runtime-DkVkb3tt.js +0 -12
- package/dist/browser-profiles-Bk9dcXzv.js +0 -2
- package/dist/browser-runtime-dGM3ZeLa.js +0 -387
- package/dist/browser-setup-tools-DSgChJEe.js +0 -13
- package/dist/build-CjLf_jQl.js +0 -550
- package/dist/call-BxIEVH5N.js +0 -3
- package/dist/call-Dwj7PrNe.js +0 -330
- package/dist/call.runtime-mZvFxL4G.js +0 -2
- package/dist/capability-cli-C-6omBAD.js +0 -1401
- package/dist/catalog-provider-RQJYkKkq.js +0 -40
- package/dist/catchup-Dfw4DEMS.js +0 -300
- package/dist/channel-4YVnFcIj.js +0 -297
- package/dist/channel-BajDSspb.js +0 -1320
- package/dist/channel-BcS5ghfF.js +0 -840
- package/dist/channel-BlU_cVm0.js +0 -491
- package/dist/channel-BmZ19q9d.js +0 -453
- package/dist/channel-C4KfOdTm.js +0 -226
- package/dist/channel-C7LNJi1M.js +0 -595
- package/dist/channel-CFxTIjzU.js +0 -1174
- package/dist/channel-CYDnIh3Z.js +0 -350
- package/dist/channel-DBUj2Ysq.js +0 -1802
- package/dist/channel-DwWdEu7o.js +0 -1100
- package/dist/channel-add-wizard-BLjklZ70.js +0 -2
- package/dist/channel-add-wizard-C3BysW2-.js +0 -125
- package/dist/channel-core-VlXrdyfV.js +0 -5
- package/dist/channel-inbound-BzALE-tz.js +0 -31
- package/dist/channel-plugin-resolution-BNbz8s_s.js +0 -153
- package/dist/channel-plugin-resolution-Bey1o2RL.js +0 -2
- package/dist/channel-plugin-runtime-BMmEKuoC.js +0 -771
- package/dist/channel-runtime-BZXgyMUr.js +0 -425
- package/dist/channel-setup-BzbhDDrt.js +0 -1297
- package/dist/channel.runtime-2Kw88P7w.js +0 -576
- package/dist/channel.runtime-Bwnky7Bn.js +0 -2364
- package/dist/channel.runtime-CDvvT7UR.js +0 -4
- package/dist/channel.runtime-CgP4n1an.js +0 -430
- package/dist/channel.runtime-MJe9DoSG.js +0 -89
- package/dist/channel.runtime-f0WEEj3o.js +0 -42398
- package/dist/channel.setup-DaZBK_2E.js +0 -10
- package/dist/channel2.runtime-CfVIjEhU.js +0 -109
- package/dist/channels-Bq1GXmZX.js +0 -733
- package/dist/channels-cli-DzbssQ5L.js +0 -268
- package/dist/chat-CNZDzOWR.js +0 -2830
- package/dist/clawbot-cli-UIo3UVaj.js +0 -9
- package/dist/clawhub-DRNYT4Ih.js +0 -400
- package/dist/cli-2nlB-dHJ.js +0 -154
- package/dist/cli-7dTpJC3M.js +0 -2
- package/dist/cli-BGMFTnb1.js +0 -683
- package/dist/cli-BVKDWfwH.js +0 -72
- package/dist/cli-Bp52OQjs.js +0 -219
- package/dist/cli-C26tWLBw.js +0 -3726
- package/dist/cli-C_289Xdv.js +0 -2
- package/dist/cli-kOop_NSN.js +0 -2
- package/dist/cli-runner-CP51WTPf.js +0 -286
- package/dist/cli-runner.runtime-BtArNV63.js +0 -4
- package/dist/cli-runner.runtime-Dy1IJ7UX.js +0 -3
- package/dist/cli.runtime-2ilydgLb.js +0 -1261
- package/dist/client-BN8cDQr7.js +0 -723
- package/dist/client-Doc6u1up.js +0 -138
- package/dist/command-auth-oo_Iz0oe.js +0 -76
- package/dist/command-config-resolution-BNQbV_C6.js +0 -23
- package/dist/command-config-resolution-DIvkjwvj.js +0 -2
- package/dist/command-config-resolution.runtime-Dlk7LIJ8.js +0 -2
- package/dist/command-execution-startup-DtBNBU06.js +0 -324
- package/dist/command-registry-Dm8ohcSP.js +0 -4
- package/dist/command-registry-core-BxyHXEQ3.js +0 -106
- package/dist/command-registry-xVmA85-_.js +0 -9
- package/dist/command-secret-gateway-Dej2E5rP.js +0 -528
- package/dist/command-status.runtime-CWgNMJi1.js +0 -87
- package/dist/commands-acp-Ca0l7esb.js +0 -77
- package/dist/commands-compact.runtime-DBN1EALw.js +0 -10
- package/dist/commands-core.runtime-CXYQlfla.js +0 -2
- package/dist/commands-handlers.runtime-BrCljWio.js +0 -4599
- package/dist/commands-reset-hooks-C-P5vfWa.js +0 -135
- package/dist/commands-status-C0WYf99K.js +0 -16
- package/dist/commands-status.runtime-Czim-9LY.js +0 -3
- package/dist/commands-subagents-control.runtime-CgiW2mpD.js +0 -3
- package/dist/commands-subagents-control.runtime-oCqEcwa7.js +0 -2
- package/dist/commands-system-prompt-BQHZNtSZ.js +0 -157
- package/dist/commands-system-prompt-ClJDN8rr.js +0 -2
- package/dist/commands.runtime-DwmtsbUc.js +0 -167
- package/dist/compact-DDf0xr2o.js +0 -1096
- package/dist/compact.runtime-C4BZuDjJ.js +0 -12
- package/dist/completion-cli-85iaysB7.js +0 -328
- package/dist/config-CHPRDFh1.js +0 -252
- package/dist/config-cli-DSZ7DNtq.js +0 -1078
- package/dist/config-guard-Ca-1hhke.js +0 -96
- package/dist/config-runtime-AtYct3A3.js +0 -32
- package/dist/configure-BR6m0uoi.js +0 -1252
- package/dist/configure-CC09fyLr.js +0 -2
- package/dist/connect-options-HotLjDKX.js +0 -699
- package/dist/control-auth-CBtOUnsz.js +0 -125
- package/dist/control-service-D2A1PyZC.js +0 -156
- package/dist/control-ui/assets/agents-7cSPVJV0.js +0 -1125
- package/dist/control-ui/assets/canvas-IIhBIoAa.js +0 -274
- package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +0 -2
- package/dist/control-ui/assets/channels-B4MTYg8u.js +0 -198
- package/dist/control-ui/assets/contacts-CSch1ckf.js +0 -49
- package/dist/control-ui/assets/cron-B548qeSj.js +0 -250
- package/dist/control-ui/assets/de-DOykxjSu.js +0 -2
- package/dist/control-ui/assets/debug-DERT6TQG.js +0 -94
- package/dist/control-ui/assets/es-BTwWEPGm.js +0 -2
- package/dist/control-ui/assets/fr-DVRwR98L.js +0 -2
- package/dist/control-ui/assets/i18n-BPOQLrbx.js +0 -3
- package/dist/control-ui/assets/id-BSBAUAzK.js +0 -2
- package/dist/control-ui/assets/index-C2CxJps0.js +0 -5981
- package/dist/control-ui/assets/instances-DwteyRRi.js +0 -57
- package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +0 -2
- package/dist/control-ui/assets/ko-BNgLBJdW.js +0 -2
- package/dist/control-ui/assets/logs-GdE34D7D.js +0 -74
- package/dist/control-ui/assets/mcp-z76x2vB5.js +0 -380
- package/dist/control-ui/assets/memory-CsTbP2T4.js +0 -50
- package/dist/control-ui/assets/memory-graph-DbZEkTHJ.js +0 -30
- package/dist/control-ui/assets/models-j_tXq7Pe.js +0 -86
- package/dist/control-ui/assets/nodes-cxO9Enln.js +0 -654
- package/dist/control-ui/assets/pl-DrVcqC4t.js +0 -2
- package/dist/control-ui/assets/plugins-Rt--bQFn.js +0 -259
- package/dist/control-ui/assets/presenter-BiJsRhTg.js +0 -2
- package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +0 -2
- package/dist/control-ui/assets/sessions-CP6r0JAQ.js +0 -56
- package/dist/control-ui/assets/skills-CMy2whFb.js +0 -294
- package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +0 -11
- package/dist/control-ui/assets/th-DjtYmyBR.js +0 -2
- package/dist/control-ui/assets/tr-I0LYx0Ew.js +0 -2
- package/dist/control-ui/assets/uk-xilwRRzQ.js +0 -2
- package/dist/control-ui/assets/wallet-geRdfgso.js +0 -302
- package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +0 -2
- package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +0 -2
- package/dist/control-ui-Djt0XDNa.js +0 -1043
- package/dist/conversation-id-BwNpVXFJ.js +0 -235
- package/dist/conversation-id-CTAeVE9E.js +0 -38
- package/dist/conversation-runtime-D6miDW4s.js +0 -31
- package/dist/core-CYaV0wrq.js +0 -275
- package/dist/create-DN7NWqCZ.js +0 -80
- package/dist/cron-cli-BZacbTRu.js +0 -713
- package/dist/daemon-cli-BXtGpvAS.js +0 -12
- package/dist/dashboard-Ds7c6TJm.js +0 -2
- package/dist/dashboard-s1prqGuB.js +0 -81
- package/dist/delegate-nycMaKrd.js +0 -64
- package/dist/deliver-BedUVIQP.js +0 -747
- package/dist/deliver-DPvG5Qo8.js +0 -3
- package/dist/deliver-runtime-DZlx42y2.js +0 -2
- package/dist/delivery-outbound.runtime-Dyo6zcqN.js +0 -6
- package/dist/delivery.runtime-CmuJYXg1.js +0 -253
- package/dist/detached-task-runtime-DXFEjX_Y.js +0 -73
- package/dist/devices-cli-B2T4Rk-c.js +0 -498
- package/dist/diagnostics-669Ookpz.js +0 -154
- package/dist/direct-dm-Bwx0l0B5.js +0 -64
- package/dist/directive-handling.fast-lane-Vuy-nG2-.js +0 -66
- package/dist/directive-handling.impl-DrE_GeZR.js +0 -2
- package/dist/directive-handling.impl-KH2zUp6M.js +0 -703
- package/dist/directive-handling.model-selection-BiW8QHW-.js +0 -114
- package/dist/directive-handling.persist.runtime-VLCtMqO5.js +0 -215
- package/dist/directory-cli-DQRcL8xw.js +0 -240
- package/dist/dispatch-CVFq_KHF.js +0 -1131
- package/dist/dispatch-acp-AeVrqG1P.js +0 -981
- package/dist/dispatch-acp-manager.runtime-t90xTijh.js +0 -3
- package/dist/dispatch-acp-media.runtime-Bq9nReBk.js +0 -4
- package/dist/dispatch-acp-session.runtime-CKts6zqY.js +0 -2
- package/dist/dispatch-acp.runtime-CLS-txJr.js +0 -19
- package/dist/doctor-config-flow-C1S8B_sg.js +0 -420
- package/dist/doctor-config-preflight-DH_iBFHQ.js +0 -2
- package/dist/doctor-config-preflight-nRntMTIC.js +0 -63
- package/dist/doctor-device-pairing-rAiSum7F.js +0 -307
- package/dist/doctor-gateway-daemon-flow-BYlbRkfE.js +0 -250
- package/dist/doctor-gateway-health-DGaad6OP.js +0 -63
- package/dist/doctor-health-contributions-CYangAn3.js +0 -493
- package/dist/doctor-health-woICf2XW.js +0 -59
- package/dist/doctor-prompter-oNxd62XO.js +0 -56
- package/dist/doctor-sandbox-C9h2a5Uu.js +0 -194
- package/dist/doctor-state-migrations-BPuF54_Y.js +0 -2
- package/dist/doctor-workspace-status-DrOqBwKh.js +0 -75
- package/dist/dreaming-narrative-SeHukrla.js +0 -596
- package/dist/dreaming-qiznoCiH.js +0 -1582
- package/dist/embedded-gateway-stub.runtime-BiCMn9tm.js +0 -9
- package/dist/embedding-provider-QRMp19Ph.js +0 -118
- package/dist/embeddings-Cwg0dHC_.js +0 -215
- package/dist/embeddings-http-DbBwgwsH.js +0 -205
- package/dist/exec-approval-forwarder.runtime-BNGZQkhU.js +0 -3
- package/dist/exec-approvals-cli-BK9WM7tB.js +0 -498
- package/dist/exec-defaults-B5NE8OtM.js +0 -2
- package/dist/exec-defaults-Dy3ej-Rk.js +0 -67
- package/dist/execute.runtime-cy0XQXc7.js +0 -1359
- package/dist/fallbacks-BHahSac7.js +0 -31
- package/dist/fallbacks-CDP89dtv.js +0 -2
- package/dist/fallbacks-shared-h_ZN8Ugk.js +0 -111
- package/dist/gateway-ClYGJe6R.js +0 -115
- package/dist/gateway-cli-D5OEgdCv.js +0 -1283
- package/dist/gateway-rpc-Dk_z0RTG.js +0 -14
- package/dist/gateway-rpc.runtime-DcDI0Hq7.js +0 -23
- package/dist/gateway-runtime-BpOf_2ps.js +0 -15
- package/dist/gateway-status-BfT8gHrq.js +0 -584
- package/dist/genesis-tools-Dn3v15Cu.js +0 -9435
- package/dist/genesis-tools.runtime-BUKXOBx4.js +0 -2
- package/dist/get-reply-BOvlxgUu.js +0 -3946
- package/dist/get-reply-from-config.runtime-Cl8vSh_k.js +0 -2
- package/dist/gmail-watcher-lifecycle-JbKGb-1A.js +0 -2
- package/dist/graph-users-DvflifYV.js +0 -1337
- package/dist/health-B2xJjrkJ.js +0 -3
- package/dist/health-CWa-e_Y6.js +0 -420
- package/dist/health-route-CzxBmoPR.js +0 -41
- package/dist/health-route-Dhbg2HGJ.js +0 -2
- package/dist/hooks-cli-B08Wk2kj.js +0 -433
- package/dist/http-endpoint-helpers-CG3AcjuK.js +0 -41
- package/dist/http-utils-L02eBAVo.js +0 -924
- package/dist/image-fallbacks-DPTpHhw_.js +0 -2
- package/dist/image-fallbacks-DrcfSUln.js +0 -31
- package/dist/image-generation-core-CEg4KACr.js +0 -18
- package/dist/image-generation-provider-B4tW_Kj3.js +0 -274
- package/dist/image-generation-provider-B72nmoos.js +0 -157
- package/dist/image-generation-provider-D9v0PADz.js +0 -63
- package/dist/image-generation-provider-DLYGDzST.js +0 -228
- package/dist/image-generation-provider-DYu8ZWBs.js +0 -529
- package/dist/image-generation-provider-jp6l2Jls.js +0 -95
- package/dist/image-generation-provider-qr08iqKe.js +0 -137
- package/dist/image-runtime-DRQcRKzy.js +0 -9
- package/dist/inbound-reply-dispatch-D2K6Anyc.js +0 -73
- package/dist/inbound.runtime-CCnJwfdz.js +0 -3
- package/dist/inbound.runtime-DwsGti2x.js +0 -4
- package/dist/infra-runtime-Pu3jXc5f.js +0 -38
- package/dist/init-B2qJ52Z_.js +0 -59
- package/dist/install-DwDt01Fk.js +0 -726
- package/dist/install-security-scan-Cq0N2AQi.js +0 -26
- package/dist/install-security-scan.runtime-DWlSCQbQ.js +0 -671
- package/dist/install.runtime-CWnOXdy4.js +0 -27
- package/dist/install.runtime-DPA5lA9o.js +0 -12
- package/dist/jobs-D9IyaUDB.js +0 -729
- package/dist/library-JmPoINsm.js +0 -45
- package/dist/lifecycle-BRey6jez.js +0 -229
- package/dist/lifecycle-CvJT6tH9.js +0 -571
- package/dist/lifecycle.runtime-DJuQgwAu.js +0 -2
- package/dist/list-0KYh_6xs.js +0 -131
- package/dist/list-B1iP8wTX.js +0 -2
- package/dist/list-CewinhHi.js +0 -1212
- package/dist/list-DPm9exQP.js +0 -2
- package/dist/list.probe-M4jUIgk8.js +0 -419
- package/dist/live-model-switch-DqJLIA4J.js +0 -336
- package/dist/llm-slug-generator-CQiB4f0s.js +0 -79
- package/dist/load-config-oEWSSW5T.js +0 -35
- package/dist/loader-DlmWqYuM.js +0 -222
- package/dist/local-dispatch.runtime-rI2L9gZz.js +0 -8
- package/dist/login-DX18Qaag.js +0 -108
- package/dist/logs-cli-qUQbKPpd.js +0 -265
- package/dist/logs-cli.runtime-DZwxYUL2.js +0 -2
- package/dist/main-session-restart-recovery-Dw8zndAD.js +0 -206
- package/dist/managed-image-attachments-B_835Hjd.js +0 -635
- package/dist/managed-image-attachments-Dp_0diDL.js +0 -2
- package/dist/manager-CRmLomjS.js +0 -2
- package/dist/manager-yTOglQEH.js +0 -2057
- package/dist/markdown-to-line-D6Y5rN1y.js +0 -790
- package/dist/mcp-cli-DZi-FzRz.js +0 -725
- package/dist/mcp-http-DaXlqh6n.js +0 -529
- package/dist/media-runtime-awxrKlof.js +0 -329
- package/dist/media-understanding-CYk-TBlo.js +0 -85
- package/dist/media-understanding-provider-BFl9PvK0.js +0 -18
- package/dist/media-understanding-provider-BbHedlHI.js +0 -69
- package/dist/media-understanding-provider-C4hkphxA.js +0 -28
- package/dist/media-understanding-provider-CIJApc3Q.js +0 -85
- package/dist/media-understanding-provider-CMRfrvoW.js +0 -37
- package/dist/media-understanding-provider-D8MwbDYK.js +0 -12
- package/dist/media-understanding-provider-DPZ3M0zL.js +0 -21
- package/dist/media-understanding-provider-DnFHplle.js +0 -13
- package/dist/media-understanding-provider-O3o8RDTO.js +0 -12
- package/dist/media-understanding-provider-WmKhdAeP.js +0 -18
- package/dist/media-understanding-runtime-DiWkY8O9.js +0 -2
- package/dist/memory-core-host-runtime-cli-K2SeZLMj.js +0 -9
- package/dist/memory-embedding-adapter-Ll4TtjDC.js +0 -123
- package/dist/memory-host-search-BzpJFHpD.js +0 -12
- package/dist/message-Bk0q8DmN.js +0 -232
- package/dist/message-action-runner-BIi8DCoo.js +0 -2
- package/dist/message-action-runner-CmhjNg6K.js +0 -1407
- package/dist/message-actions-BDXFXc2E.js +0 -143
- package/dist/message.gateway.runtime-fPnMn6QV.js +0 -2
- package/dist/method-scopes-D_AZ7OsK.js +0 -235
- package/dist/model-picker-D20JpfyM.js +0 -559
- package/dist/model-picker-Dpin9dw4.js +0 -3
- package/dist/model-picker.runtime-B19j-xJa.js +0 -15
- package/dist/model-selection-BDK7dEju.js +0 -212
- package/dist/models-auth-status-0xcMbBhB.js +0 -217
- package/dist/models-cli-DuQZ09TC.js +0 -271
- package/dist/models-http-DruY6N81.js +0 -92
- package/dist/models.fetch-2geG13AQ.js +0 -518
- package/dist/monitor-2KbmBvHU.js +0 -2
- package/dist/monitor-B2yQJkAh.js +0 -1459
- package/dist/monitor-CD4mrtqF.js +0 -1661
- package/dist/monitor-CJ6A4Ro2.js +0 -788
- package/dist/monitor-D19pDt5p.js +0 -1237
- package/dist/monitor-GQtwMpZn.js +0 -671
- package/dist/monitor-auth-DJ9S4EQV.js +0 -207
- package/dist/monitor-processing-BMv5voti.js +0 -1974
- package/dist/monitor.runtime-GizvASio.js +0 -2
- package/dist/monitor.webhook-DzvH3io8.js +0 -180
- package/dist/msteams-7Jx25GW4.js +0 -35
- package/dist/music-generation-provider-Bac-UFIO.js +0 -63
- package/dist/music-generation-provider-fPGrO1gg.js +0 -170
- package/dist/native-hook-relay-DwgVW-el.js +0 -519
- package/dist/nextcloud-talk-gXnN0EKl.js +0 -17
- package/dist/node-cli-Bd8iT-US.js +0 -2276
- package/dist/nodes-cli-xAd3vxyV.js +0 -1046
- package/dist/nodes-utils-qg-Bmmy5.js +0 -84
- package/dist/nodes.helpers-B42Vi8VW.js +0 -34
- package/dist/notify-DArpzHFF.js +0 -315
- package/dist/oauth-B9WR0gWL.js +0 -75
- package/dist/oauth-BpJKd6mz.js +0 -2
- package/dist/oauth-BqiriUcs.js +0 -139
- package/dist/oauth-Dl3zSXWU.js +0 -152
- package/dist/oauth.flow-CIweZ0Wo.js +0 -45
- package/dist/oauth.flow-YT9WcJAP.js +0 -3
- package/dist/onboard-DKr9c-h5.js +0 -70
- package/dist/onboard-DrfmoxpG.js +0 -316
- package/dist/onboard-channels-B-jq5k4w.js +0 -2
- package/dist/onboard-channels-Dg4UVNnl.js +0 -3
- package/dist/onboard-custom-DDY7T8Mb.js +0 -3
- package/dist/onboard-custom-buJ3Vz5C.js +0 -271
- package/dist/onboard-f_tqlGVL.js +0 -2
- package/dist/onboard-helpers-Begz93UO.js +0 -6
- package/dist/onboard-helpers-Di14BUn2.js +0 -204
- package/dist/onboard-interactive-DjJo_FLY.js +0 -24
- package/dist/onboard-non-interactive-CgxwxSiw.js +0 -635
- package/dist/onboard-remote-BhcRxYvn.js +0 -2
- package/dist/onboard-remote-CEeT7hEZ.js +0 -193
- package/dist/onboard-skills-CTTUg6pf.js +0 -134
- package/dist/onboard-skills-DWTbOfH1.js +0 -2
- package/dist/onboarding-plugin-install-CNIcGqAI.js +0 -406
- package/dist/openai-codex-provider-6aTYk3jp.js +0 -472
- package/dist/openai-http-C2-8VSih.js +0 -500
- package/dist/openai-provider-w1PV_KGr.js +0 -313
- package/dist/opencode-SEOw9RYv.js +0 -35
- package/dist/openresponses-http-DgsTPUc1.js +0 -1128
- package/dist/operator-approvals-client-D1R6aLFV.js +0 -68
- package/dist/outbound-runtime-D7qdGq1B.js +0 -5
- package/dist/outbound.runtime-DDAlqr2n.js +0 -2
- package/dist/pair-command-approve-BqXU_u3_.js +0 -44
- package/dist/persistent-bindings.lifecycle-0cee5HeB.js +0 -85
- package/dist/persistent-bindings.lifecycle-DTgwTu9k.js +0 -2
- package/dist/pi-bundle-mcp-runtime-CEwlOt28.js +0 -2
- package/dist/pi-bundle-mcp-runtime-DS32_bKh.js +0 -829
- package/dist/pi-bundle-mcp-tools-MVePSeQp.js +0 -108
- package/dist/pi-embedded-BMKZLrrD.js +0 -2905
- package/dist/pi-embedded-C1_8L609.js +0 -4
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-61zYwcVi.js +0 -23
- package/dist/pi-embedded.runtime-CEcUCfnu.js +0 -4
- package/dist/pi-tool-definition-adapter-B1q4cAB_.js +0 -229
- package/dist/pi-tools-CE3UX10v.js +0 -1118
- package/dist/pi-tools.before-tool-call-BsMfbO7W.js +0 -433
- package/dist/pi-tools.before-tool-call-DGY-rj-6.js +0 -2
- package/dist/plugin-dDMX1n9i.js +0 -12195
- package/dist/plugin-enabled-CCcxlblr.js +0 -140
- package/dist/plugin-install-D9RUigrW.js +0 -2
- package/dist/plugin-install-DRc2KTWx.js +0 -115
- package/dist/plugin-install-config-policy-CtKZaMAw.js +0 -137
- package/dist/plugin-install-plan-BeNfwB5V.js +0 -50
- package/dist/plugin-registration-CTIg2xi-.js +0 -23
- package/dist/plugin-service-Byv2yfiX.js +0 -2893
- package/dist/plugins-cli-qkT7VGd9.js +0 -584
- package/dist/plugins-command-helpers-DvRgKfV0.js +0 -107
- package/dist/plugins-install-persist-CZWXaz5s.js +0 -133
- package/dist/plugins-update-command-qKTcfS44.js +0 -1057
- package/dist/policy-BK0iZFZM.js +0 -328
- package/dist/prepare.runtime-BMtgLZl1.js +0 -807
- package/dist/probe-Bj3sjcpc.js +0 -2205
- package/dist/probe-C6wNv6c4.js +0 -74
- package/dist/probe-CM5o3wKp.js +0 -240
- package/dist/probe-D3D0RoQl.js +0 -45
- package/dist/probe-DlY3dg7v.js +0 -2
- package/dist/probe-TN3P-dCa.js +0 -2
- package/dist/probe-pLHVFHK6.js +0 -243
- package/dist/probe-pZ61Idl1.js +0 -1443
- package/dist/program-TZ54mZzH.js +0 -111
- package/dist/prompt-select-styled-DFXPq9zJ.js +0 -20
- package/dist/protocol-CWEBsZbG.js +0 -2515
- package/dist/provider-D4RPFEas.js +0 -70
- package/dist/provider-api-key-auth-DxE3Ubaz.js +0 -131
- package/dist/provider-auth-94YJgYBI.js +0 -46
- package/dist/provider-auth-api-key-D9d3vpbu.js +0 -5
- package/dist/provider-auth-choice-C1kxCG8d.js +0 -228
- package/dist/provider-auth-login-DSy_0CmF.js +0 -8
- package/dist/provider-dispatcher-9FnI26kR.js +0 -2
- package/dist/provider-dispatcher-D30lsDyd.js +0 -22
- package/dist/provider-entry-CR0Z4V2Y.js +0 -106
- package/dist/provider-model-defaults-CY1F7Q3c.js +0 -6
- package/dist/provider-registration-C3cLloFb.js +0 -37
- package/dist/provider-registration-CU67AJCU.js +0 -218
- package/dist/qr-cli-CoEq74Fu.js +0 -2
- package/dist/qr-cli-DxaXK8T4.js +0 -349
- package/dist/qr-image-BQnl-2Hz.js +0 -2
- package/dist/queue-IehGWtWc.js +0 -409
- package/dist/reaction-runtime-api-CGWfmWqF.js +0 -116
- package/dist/reactions-D1tny1P_.js +0 -998
- package/dist/read-capability-w1W5sKua.js +0 -412
- package/dist/register-service-commands-D5181r0Q.js +0 -71
- package/dist/register.agent-DWwOD6q5.js +0 -248
- package/dist/register.configure-CZx6uXuU.js +0 -15
- package/dist/register.maintenance-1yV569VU.js +0 -363
- package/dist/register.message-DqosH9zI.js +0 -329
- package/dist/register.onboard-DBa5bh4F.js +0 -88
- package/dist/register.runtime-AUXvOvfy.js +0 -81
- package/dist/register.setup-1k0y27Bf.js +0 -150
- package/dist/register.status-health-sessions-3SuqckJe.js +0 -1215
- package/dist/register.subclis-1vwiREuy.js +0 -3
- package/dist/register.subclis-core-CoUcH7R2.js +0 -249
- package/dist/register.subclis-d6Uoake0.js +0 -29
- package/dist/reply-dispatch-runtime-B2jwG-ti.js +0 -13
- package/dist/reply-media-paths.runtime-Bv-VQY1O.js +0 -2
- package/dist/reply-media-paths.runtime-qZYIzFEg.js +0 -146
- package/dist/reply-runtime-BvyACHP_.js +0 -10
- package/dist/reply.runtime-B76FIMUm.js +0 -2
- package/dist/resolve-DxTN302S.js +0 -259
- package/dist/response-generator-Be1_-xjF.js +0 -175
- package/dist/restart-health-C1m4VgKE.js +0 -2
- package/dist/restart-health-CSxm-1Te.js +0 -202
- package/dist/root-help-Cw7ovqRO.js +0 -44
- package/dist/route-reply-Dn9zmIdM.js +0 -162
- package/dist/route-reply.runtime-DkwtG2qY.js +0 -2
- package/dist/routes-B9j5MeTj.js +0 -2
- package/dist/routes-BCJWRxzD.js +0 -3341
- package/dist/rpc-_zAZRj2-.js +0 -61
- package/dist/rpc.runtime-C3rwvN8O.js +0 -21
- package/dist/run-auth-profile.runtime-Bflh0AxI.js +0 -2
- package/dist/run-delivery.runtime-CXmj98lV.js +0 -530
- package/dist/run-embedded.runtime-yli8ukW0.js +0 -4
- package/dist/run-execution-cli.runtime-CjDLajis.js +0 -4
- package/dist/run-executor.runtime-SwHBKuy1.js +0 -277
- package/dist/run-main-DPHpfv1y.js +0 -567
- package/dist/run-subagent-registry.runtime-CWv2s5wn.js +0 -2
- package/dist/run-wait-CpSEiESO.js +0 -135
- package/dist/runner-Vhfg_kYp.js +0 -966
- package/dist/runner.entries-DWptWo_Q.js +0 -604
- package/dist/runtime-CMHLmvAl.js +0 -961
- package/dist/runtime-COXB-OZq.js +0 -263
- package/dist/runtime-Cfcvlsp1.js +0 -2
- package/dist/runtime-D9CBb5Na.js +0 -72
- package/dist/runtime-api-CLkOuqkP.js +0 -4
- package/dist/runtime-api-DgKObkOQ.js +0 -9
- package/dist/runtime-api-bWUB21Eg.js +0 -9
- package/dist/runtime-api-rryD3LXE.js +0 -14
- package/dist/runtime-embedded-pi.runtime-DuHPAbVt.js +0 -2
- package/dist/runtime-entry-BaLt5V4d.js +0 -2769
- package/dist/runtime-fF-k_rB8.js +0 -9
- package/dist/runtime-internal-By95Az_F.js +0 -2
- package/dist/runtime-l0B7QFL3.js +0 -116
- package/dist/runtime-options-BsxnM5Yt.js +0 -275
- package/dist/runtime-prepare.runtime-D6bMmoTn.js +0 -80
- package/dist/runtime-schema-P9TAqWy1.js +0 -28599
- package/dist/runtime-web-tools-DlattYEh.js +0 -1477
- package/dist/sandbox-B0HW_QP3.js +0 -1156
- package/dist/sandbox-D2w77M7D.js +0 -3
- package/dist/sandbox-cli-DhrLokzO.js +0 -450
- package/dist/scan-CKfozblZ.js +0 -2
- package/dist/scan-CVwpGz6x.js +0 -523
- package/dist/secrets-cli-pXjlA7bi.js +0 -2101
- package/dist/security-cli-ChIBksL4.js +0 -486
- package/dist/selection-CIX2NWC3.js +0 -7743
- package/dist/selection-FiKxtpP7.js +0 -2
- package/dist/send-13tmI7yl.js +0 -102
- package/dist/send-BudgB3Xv.js +0 -156
- package/dist/send.runtime-CWWkq3eQ.js +0 -2
- package/dist/server-CRbNiI2L.js +0 -13
- package/dist/server-DPwckotj.js +0 -77
- package/dist/server-context-DnmrGIHL.js +0 -847
- package/dist/server-context-GFvl1Fa1.js +0 -2
- package/dist/server-node-events-Boy823tY.js +0 -474
- package/dist/server-plugin-bootstrap-BEm4d2by.js +0 -2
- package/dist/server-plugin-bootstrap-BLp3Ri_D.js +0 -13355
- package/dist/server-restart-sentinel-D1dhBlz5.js +0 -684
- package/dist/server.impl-CuEQ_ANR.js +0 -12790
- package/dist/session-DQK4G2N-.js +0 -48
- package/dist/session-envelope-uG-4XV0X.js +0 -18
- package/dist/session-key-CTestOWs.js +0 -65
- package/dist/session-kill-http-CKkRPXTD.js +0 -110
- package/dist/session-meta-B_6JKgd3.js +0 -109
- package/dist/session-override-BJXIc7UA.js +0 -106
- package/dist/session-reset-model.runtime-DFT-FJW1.js +0 -133
- package/dist/session-reset-service-BI9uiJ1F.js +0 -497
- package/dist/session-route-Dy5b9CbY.js +0 -93
- package/dist/session-status.runtime-HByTPp-H.js +0 -2
- package/dist/session-store-COzyfYG2.js +0 -126
- package/dist/session-store.runtime-CQHXgM_Z.js +0 -2
- package/dist/session-subagent-reactivation.runtime-BOWBAfyc.js +0 -2
- package/dist/session-tab-registry-Ce31KjnI.js +0 -581
- package/dist/session-updates-Dl4GafMW.js +0 -236
- package/dist/session-updates.runtime-bHYRFXxm.js +0 -2
- package/dist/session-utils-Dkaj_4dZ.js +0 -1009
- package/dist/session-visibility-BB6i8ptT.js +0 -147
- package/dist/sessions-D3eFfsPH.js +0 -281
- package/dist/sessions-DAup1AeE.js +0 -16
- package/dist/sessions-helpers-DYP9dapI.js +0 -305
- package/dist/sessions-history-http-j8ZxsBAn.js +0 -371
- package/dist/sessions-kO7Dit6B.js +0 -48
- package/dist/sessions-patch-D4ye8mVh.js +0 -309
- package/dist/sessions-resolve-Bi2bj6c-.js +0 -174
- package/dist/sessions-uVaHa5mC.js +0 -2
- package/dist/sessions.runtime-VkodyiYI.js +0 -2
- package/dist/setup-DX-d8t6q.js +0 -421
- package/dist/setup-api-6GX_eeAs.js +0 -29
- package/dist/setup-core-BGUg4eV0.js +0 -171
- package/dist/setup-core-CpfGqHuS.js +0 -176
- package/dist/setup-hFAlSbTL.js +0 -636
- package/dist/setup-surface-DSvYQ0Mf.js +0 -219
- package/dist/setup-surface-DT8l0x7M.js +0 -403
- package/dist/setup-surface-gdmDKJFO.js +0 -286
- package/dist/setup.finalize-m_UzKyZ2.js +0 -547
- package/dist/setup.gateway-config-DHQ8eaxx.js +0 -250
- package/dist/shared-BY5yIWjE.js +0 -198
- package/dist/shared-BtY5n-4U.js +0 -76
- package/dist/shared-C-DELFhh.js +0 -217
- package/dist/shared-DPf8cDHL.js +0 -121
- package/dist/shared-runtime-lVwJld87.js +0 -7
- package/dist/skill-commands-Crg6g_xc.js +0 -83
- package/dist/skill-commands.runtime-Dx9JZPVm.js +0 -2
- package/dist/skills-install-B1RJkjel.js +0 -605
- package/dist/skills-snapshot.runtime-1fnPk6SF.js +0 -7
- package/dist/slash-state-j62N8ife.js +0 -1911
- package/dist/speech-provider-BEjGmdRi.js +0 -170
- package/dist/speech-provider-DU0xib0M.js +0 -209
- package/dist/speech-provider-jexKB2Fl.js +0 -216
- package/dist/src-BYHA6DRU.js +0 -3974
- package/dist/stage-sandbox-media.runtime-BzOf-LsJ.js +0 -232
- package/dist/startup-context-DZml_gZY.js +0 -312
- package/dist/state-migrations-DlUY4b3i.js +0 -820
- package/dist/status-BCr0D4CJ.js +0 -2
- package/dist/status-Bi8EbpXB.js +0 -395
- package/dist/status-CPAE20nX.js +0 -209
- package/dist/status-D-wIma3c.js +0 -3
- package/dist/status-DLmFJkIX.js +0 -2
- package/dist/status-DhpFLjkt.js +0 -190
- package/dist/status-Dql1aIFE.js +0 -62
- package/dist/status-all-AuiqtGQ-.js +0 -498
- package/dist/status-json-BUhA_seV.js +0 -14
- package/dist/status-json-command-Dk8RVvC9.js +0 -82
- package/dist/status-message-DuKO-hzh.js +0 -466
- package/dist/status-message.runtime-BnLXbVHh.js +0 -6
- package/dist/status-queue.runtime-DXdIwJaQ.js +0 -2
- package/dist/status-runtime-shared-BK7fklEl.js +0 -241
- package/dist/status-subagents.runtime-DkMpqnmP.js +0 -18
- package/dist/status-text-D71CoS-s.js +0 -237
- package/dist/status.gateway-connection.runtime-wWu8Kvt4.js +0 -2
- package/dist/status.gather-BlSA6D3i.js +0 -292
- package/dist/status.gather-akCtNgln.js +0 -2
- package/dist/status.runtime-BwFzOfxj.js +0 -2
- package/dist/status.runtime-tPHKyqSk.js +0 -2
- package/dist/status.scan-GF1UDZAB.js +0 -65
- package/dist/status.scan-overview-D1tTMWSi.js +0 -379
- package/dist/status.scan.fast-json-CoLBFhFk.js +0 -132
- package/dist/status.scan.fast-json-K69bqOGh.js +0 -2
- package/dist/status.summary-Bxh5WwsL.js +0 -200
- package/dist/status.summary-Cyr9PxeP.js +0 -2
- package/dist/store-DgajP9Em.js +0 -4
- package/dist/store-tuisxHpf.js +0 -910
- package/dist/store.runtime-Bw5wLKnD.js +0 -2
- package/dist/stream-CWqBQkS6.js +0 -664
- package/dist/subagent-announce-Dw7-i1-9.js +0 -351
- package/dist/subagent-announce-delivery-HYpoItCd.js +0 -726
- package/dist/subagent-announce-output-C7rcYYEc.js +0 -364
- package/dist/subagent-capabilities-DFXCYxt0.js +0 -251
- package/dist/subagent-control-Ds2GYpWL.js +0 -506
- package/dist/subagent-control.runtime-CgBRjo3Q.js +0 -3
- package/dist/subagent-followup.runtime-Cd8hCztp.js +0 -68
- package/dist/subagent-orphan-recovery-BgjubPqf.js +0 -305
- package/dist/subagent-registry-CgpGD3GV.js +0 -1753
- package/dist/subagent-registry-DxdVLcdG.js +0 -3
- package/dist/subagent-spawn-BWBNndsp.js +0 -1005
- package/dist/supervisor-DaRbw4Gw.js +0 -704
- package/dist/system-cli-DyBkQUQb.js +0 -43
- package/dist/targets-BadrXaG2.js +0 -67
- package/dist/task-executor-C7Wi33fD.js +0 -360
- package/dist/task-owner-access-yQv8xMco.js +0 -74
- package/dist/task-registry-W5mFPlZX.js +0 -2357
- package/dist/task-registry-delivery-runtime-cBNSvuGT.js +0 -3
- package/dist/task-registry-delivery-runtime-cJvq2BuY.js +0 -2
- package/dist/task-registry.maintenance-Buzo501v.js +0 -2
- package/dist/task-registry.maintenance-pJMW_7Am.js +0 -416
- package/dist/testing-Dw49ltmR.js +0 -575
- package/dist/text-report-CtyXY05r.js +0 -549
- package/dist/tool-auth-shared-DWrecN7g.js +0 -90
- package/dist/tool-policy-pipeline-CA61tNc_.js +0 -109
- package/dist/tool-resolution-BcUPtTtu.js +0 -90
- package/dist/tools-effective-inventory-CL0grjv4.js +0 -152
- package/dist/tools-invoke-http-BZ8xqe0f.js +0 -206
- package/dist/transcript-CEK104A6.js +0 -312
- package/dist/transcript-resolve.runtime-D4I8B--1.js +0 -2
- package/dist/transcript.runtime-ClNMqLSP.js +0 -2
- package/dist/trash-B6l1GwX9.js +0 -24
- package/dist/tts-vEtIfdGN.js +0 -64
- package/dist/tui-cli-BCn5UWwT.js +0 -4585
- package/dist/uninstall-BQ_d8nQ4.js +0 -185
- package/dist/update-D8foEnSw.js +0 -1282
- package/dist/update-cli-D8bMov5W.js +0 -1759
- package/dist/update-startup-D-n1C8A0.js +0 -2
- package/dist/upgrade-iRXz6ZP4.js +0 -1226
- package/dist/video-generation-provider-5v5lTL00.js +0 -287
- package/dist/video-generation-provider-BGtbUYJd.js +0 -64
- package/dist/video-generation-provider-BlOdvaLh.js +0 -118
- package/dist/video-generation-provider-CR_fRJ8m.js +0 -187
- package/dist/video-generation-provider-CVUs00hp.js +0 -264
- package/dist/video-generation-provider-CtstiCCO.js +0 -271
- package/dist/video-generation-provider-DDQjPRYO.js +0 -254
- package/dist/video-generation-provider-DLy7AvTJ.js +0 -281
- package/dist/video-generation-provider-DNnNMvS9.js +0 -221
- package/dist/video-generation-provider-vzf0PQXj2.js +0 -77
- package/dist/video-generation-provider-zINiw3aL.js +0 -78
- package/dist/video-generation-task-status-ESf4kR6F.js +0 -163
- package/dist/wait-for-idle-before-flush-C-_kVutK.js +0 -5985
- package/dist/web-search-provider-BkIzoc2Y.js +0 -163
- package/dist/wizard-models-jPGu0o7K.js +0 -334
- package/dist/workflow-runtime-tvBeQSK9.js +0 -485
- /package/dist/{audit-channel.collect.runtime-BAKyzn52.js → audit-channel.collect.runtime-CevlIQ6K.js} +0 -0
- /package/dist/{audit-tool-policy-Ftr0W8Wl.js → audit-tool-policy-DTodxIZf.js} +0 -0
- /package/dist/{channel-selection.runtime-CsQ0qN21.js → channel-selection.runtime-DAkF_DgO.js} +0 -0
- /package/dist/{close-reason-DNwBM4qe.js → close-reason-BPuKI4th.js} +0 -0
- /package/dist/{configured-B8XGIYz-.js → configured-C-0r4Pk2.js} +0 -0
- /package/dist/{diagnostic-support-export-CuIJulCK.js → diagnostic-support-export-C8cpJRWi.js} +0 -0
- /package/dist/{gmail-watcher-lifecycle-BoWMgpeT.js → gmail-watcher-lifecycle-DrTbIr0m.js} +0 -0
- /package/dist/{image-BwAofy0f.js → image-LNALiqnF.js} +0 -0
- /package/dist/{image-generation-core.auth.runtime-B6BpHP6V.js → image-generation-core.auth.runtime-hzZbX1YD.js} +0 -0
- /package/dist/{input-allowlist-zDKNs6OG.js → input-allowlist-Bn8hssyM.js} +0 -0
- /package/dist/{install-target-FXMkL80i.js → install-target-C0Dg_4Un.js} +0 -0
- /package/dist/{memory-host-search.runtime-Vfck_NLf.js → memory-host-search.runtime-CAejVWZB.js} +0 -0
- /package/dist/{message.config.runtime-Df8nVSE4.js → message.config.runtime-CAG3eLmF.js} +0 -0
- /package/dist/{paths-BdDCK0XP.js → paths-BrPnd-v6.js} +0 -0
- /package/dist/{provider-api-key-auth.runtime-fT4D2dQt.js → provider-api-key-auth.runtime-YLpiRoM3.js} +0 -0
- /package/dist/{provider-auth-login.runtime-EnfK3WTr.js → provider-auth-login.runtime-BwDEPbY4.js} +0 -0
- /package/dist/{push-apns-DoMbCgqq.js → push-apns-UUwkJMxt.js} +0 -0
- /package/dist/{runtime-manifest.runtime-CuqWbJ5G.js → runtime-manifest.runtime-D8BuqQCR.js} +0 -0
- /package/dist/{runtime-web-channel-plugin-ChmPPl7a.js → runtime-web-channel-plugin-Dx1GGPSD.js} +0 -0
- /package/dist/{runtime-web-tools-fallback.runtime-B3fmu7s0.js → runtime-web-tools-fallback.runtime-_nNCUNAT.js} +0 -0
- /package/dist/{runtime-web-tools-manifest.runtime-CpiYM000.js → runtime-web-tools-manifest.runtime-BaeloEzn.js} +0 -0
- /package/dist/{runtime-web-tools-public-artifacts.runtime-BBNdsUv5.js → runtime-web-tools-public-artifacts.runtime-DOdl6CAd.js} +0 -0
- /package/dist/{server-startup-log-DXJn1EgH.js → server-startup-log-BUk3dEm6.js} +0 -0
- /package/dist/{server-startup-memory-C4d9ImgC.js → server-startup-memory-C3gdaomJ.js} +0 -0
- /package/dist/{server-tailscale-DeNCXYBr.js → server-tailscale-C0DsqL5N.js} +0 -0
- /package/dist/{services-m8_503l9.js → services-CiBabvAX.js} +0 -0
- /package/dist/{session-archive.runtime-DDhx1bOA.js → session-archive.runtime-BIqBKdzI.js} +0 -0
- /package/dist/{setup.node-config-BXET5GZk.js → setup.node-config-BlJDbu4T.js} +0 -0
- /package/dist/{setup.plugin-config-CgBJMtZ8.js → setup.plugin-config-CCP7nrfy.js} +0 -0
- /package/dist/{skill-scanner-cEm04-3B.js → skill-scanner-DnqZE6Fh.js} +0 -0
- /package/dist/{ssh-config-BfxhRhPu.js → ssh-config-wfp8-I37.js} +0 -0
- /package/dist/{supervisor-log.runtime-BdagMpUZ.js → supervisor-log.runtime-DYzbopV7.js} +0 -0
- /package/dist/{targets.runtime-BS4UWyk2.js → targets.runtime-1fn-rTlI.js} +0 -0
- /package/dist/{update-startup-D69inLEd.js → update-startup-DW61ftJW.js} +0 -0
|
@@ -1,880 +0,0 @@
|
|
|
1
|
-
import { c as normalizeOptionalString, d as normalizeStringifiedOptionalString, s as normalizeOptionalLowercaseString } from "./string-coerce-DPP_aYVc.js";
|
|
2
|
-
import { t as formatCliCommand } from "./command-format-B3Q5KD9o.js";
|
|
3
|
-
import "./auth-tZtxLgsL.js";
|
|
4
|
-
import { n as resolveGatewayAuth } from "./auth-resolve-CcailHTH.js";
|
|
5
|
-
import { t as loadPluginManifestRegistry } from "./manifest-registry-CUSRRX5s.js";
|
|
6
|
-
import { n as resolveAgentModelPrimaryValue, t as resolveAgentModelFallbackValues } from "./model-input-gXkzehoL.js";
|
|
7
|
-
import { n as isDangerousNetworkMode, r as normalizeNetworkMode } from "./network-mode-hStbCJTJ.js";
|
|
8
|
-
import { m as resolveToolProfilePolicy } from "./tool-policy-BIGITEMh.js";
|
|
9
|
-
import { r as resolveSandboxToolPolicyForAgent } from "./tool-policy-aGVG-A3n2.js";
|
|
10
|
-
import { i as resolveSandboxConfigForAgent } from "./config-DwJUHdf0.js";
|
|
11
|
-
import { t as pickSandboxToolPolicy } from "./sandbox-tool-policy-BRu6Odm5.js";
|
|
12
|
-
import { t as isToolAllowedByPolicies } from "./tool-policy-match-C3ELxJi4.js";
|
|
13
|
-
import { t as resolvePluginWebSearchProviders } from "./web-search-providers.runtime-Dd1GEA1l.js";
|
|
14
|
-
import { f as getBlockedBindReason } from "./docker-Ct3h56Q7.js";
|
|
15
|
-
import { i as resolveNodeCommandAllowlist, t as DEFAULT_DANGEROUS_NODE_COMMANDS } from "./node-command-policy-sPDu4daF.js";
|
|
16
|
-
import { t as resolveAllowedAgentIds } from "./hooks-policy-BsRZDLO3.js";
|
|
17
|
-
import { t as inferParamBFromIdOrName } from "./model-param-b-0rVj2II2.js";
|
|
18
|
-
import { t as hasConfiguredInternalHooks } from "./configured-B8XGIYz-.js";
|
|
19
|
-
import { a as collectStateDeepFilesystemFindings, c as collectPluginsTrustFindings, i as collectSandboxBrowserHashLabelFindings, o as collectWorkspaceSkillSymlinkEscapeFindings, s as readConfigSnapshotForAudit, t as collectIncludeFilePermFindings } from "./audit-extra.async-BbZcluVr.js";
|
|
20
|
-
//#region src/plugins/web-search-credential-presence.ts
|
|
21
|
-
function hasConfiguredCredentialValue(value) {
|
|
22
|
-
if (typeof value === "string") return value.trim().length > 0;
|
|
23
|
-
return value !== void 0 && value !== null;
|
|
24
|
-
}
|
|
25
|
-
function isRecord(value) {
|
|
26
|
-
return typeof value === "object" && value !== null;
|
|
27
|
-
}
|
|
28
|
-
function hasConfiguredSearchCredentialCandidate(searchConfig) {
|
|
29
|
-
if (!isRecord(searchConfig)) return false;
|
|
30
|
-
return Object.entries(searchConfig).some(([key, value]) => key !== "enabled" && hasConfiguredCredentialValue(value));
|
|
31
|
-
}
|
|
32
|
-
function hasConfiguredPluginWebSearchCandidate(config) {
|
|
33
|
-
const entries = isRecord(config.plugins?.entries) ? config.plugins.entries : void 0;
|
|
34
|
-
if (!entries) return false;
|
|
35
|
-
return Object.values(entries).some((entry) => {
|
|
36
|
-
const pluginConfig = isRecord(entry) ? entry.config : void 0;
|
|
37
|
-
return isRecord(pluginConfig) && hasConfiguredSearchCredentialCandidate(pluginConfig.webSearch);
|
|
38
|
-
});
|
|
39
|
-
}
|
|
40
|
-
function hasManifestWebSearchEnvCredentialCandidate(params) {
|
|
41
|
-
const env = params.env;
|
|
42
|
-
if (!env) return false;
|
|
43
|
-
return loadPluginManifestRegistry({
|
|
44
|
-
config: params.config,
|
|
45
|
-
env
|
|
46
|
-
}).plugins.some((plugin) => {
|
|
47
|
-
if (params.origin && plugin.origin !== params.origin) return false;
|
|
48
|
-
if ((plugin.contracts?.webSearchProviders?.length ?? 0) === 0) return false;
|
|
49
|
-
const providerAuthEnvVars = plugin.providerAuthEnvVars;
|
|
50
|
-
if (!providerAuthEnvVars) return false;
|
|
51
|
-
return Object.values(providerAuthEnvVars).flat().some((envVar) => hasConfiguredCredentialValue(env[envVar]));
|
|
52
|
-
});
|
|
53
|
-
}
|
|
54
|
-
function hasConfiguredWebSearchCredential(params) {
|
|
55
|
-
const searchConfig = params.searchConfig ?? params.config.tools?.web?.search;
|
|
56
|
-
if (!hasConfiguredSearchCredentialCandidate(searchConfig) && !hasConfiguredPluginWebSearchCandidate(params.config) && !hasManifestWebSearchEnvCredentialCandidate({
|
|
57
|
-
config: params.config,
|
|
58
|
-
env: params.env,
|
|
59
|
-
origin: params.origin
|
|
60
|
-
})) return false;
|
|
61
|
-
return resolvePluginWebSearchProviders({
|
|
62
|
-
config: params.config,
|
|
63
|
-
env: params.env,
|
|
64
|
-
bundledAllowlistCompat: params.bundledAllowlistCompat ?? false,
|
|
65
|
-
origin: params.origin
|
|
66
|
-
}).some((provider) => {
|
|
67
|
-
if (hasConfiguredCredentialValue(provider.getConfiguredCredentialValue?.(params.config) ?? provider.getCredentialValue(searchConfig))) return true;
|
|
68
|
-
return provider.envVars.some((envVar) => hasConfiguredCredentialValue(params.env?.[envVar]));
|
|
69
|
-
});
|
|
70
|
-
}
|
|
71
|
-
//#endregion
|
|
72
|
-
//#region src/security/audit-extra.summary.ts
|
|
73
|
-
const SMALL_MODEL_PARAM_B_MAX = 300;
|
|
74
|
-
function summarizeGroupPolicy(cfg) {
|
|
75
|
-
const channels = cfg.channels;
|
|
76
|
-
if (!channels || typeof channels !== "object") return {
|
|
77
|
-
open: 0,
|
|
78
|
-
allowlist: 0,
|
|
79
|
-
other: 0
|
|
80
|
-
};
|
|
81
|
-
let open = 0;
|
|
82
|
-
let allowlist = 0;
|
|
83
|
-
let other = 0;
|
|
84
|
-
for (const value of Object.values(channels)) {
|
|
85
|
-
if (!value || typeof value !== "object") continue;
|
|
86
|
-
const policy = value.groupPolicy;
|
|
87
|
-
if (policy === "open") open += 1;
|
|
88
|
-
else if (policy === "allowlist") allowlist += 1;
|
|
89
|
-
else other += 1;
|
|
90
|
-
}
|
|
91
|
-
return {
|
|
92
|
-
open,
|
|
93
|
-
allowlist,
|
|
94
|
-
other
|
|
95
|
-
};
|
|
96
|
-
}
|
|
97
|
-
function addModel$1(models, raw, source) {
|
|
98
|
-
if (typeof raw !== "string") return;
|
|
99
|
-
const id = raw.trim();
|
|
100
|
-
if (!id) return;
|
|
101
|
-
models.push({
|
|
102
|
-
id,
|
|
103
|
-
source
|
|
104
|
-
});
|
|
105
|
-
}
|
|
106
|
-
function collectModels$1(cfg) {
|
|
107
|
-
const out = [];
|
|
108
|
-
addModel$1(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.model), "agents.defaults.model.primary");
|
|
109
|
-
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.model)) addModel$1(out, fallback, "agents.defaults.model.fallbacks");
|
|
110
|
-
addModel$1(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.imageModel), "agents.defaults.imageModel.primary");
|
|
111
|
-
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.imageModel)) addModel$1(out, fallback, "agents.defaults.imageModel.fallbacks");
|
|
112
|
-
const list = Array.isArray(cfg.agents?.list) ? cfg.agents?.list : [];
|
|
113
|
-
for (const agent of list ?? []) {
|
|
114
|
-
if (!agent || typeof agent !== "object") continue;
|
|
115
|
-
const id = typeof agent.id === "string" ? agent.id : "";
|
|
116
|
-
const model = agent.model;
|
|
117
|
-
if (typeof model === "string") addModel$1(out, model, `agents.list.${id}.model`);
|
|
118
|
-
else if (model && typeof model === "object") {
|
|
119
|
-
addModel$1(out, model.primary, `agents.list.${id}.model.primary`);
|
|
120
|
-
const fallbacks = model.fallbacks;
|
|
121
|
-
if (Array.isArray(fallbacks)) for (const fallback of fallbacks) addModel$1(out, fallback, `agents.list.${id}.model.fallbacks`);
|
|
122
|
-
}
|
|
123
|
-
}
|
|
124
|
-
return out;
|
|
125
|
-
}
|
|
126
|
-
function extractAgentIdFromSource(source) {
|
|
127
|
-
return source.match(/^agents\.list\.([^.]*)\./)?.[1] ?? null;
|
|
128
|
-
}
|
|
129
|
-
function resolveToolPolicies$1(params) {
|
|
130
|
-
const policies = [];
|
|
131
|
-
const profilePolicy = resolveToolProfilePolicy(params.agentTools?.profile ?? params.cfg.tools?.profile);
|
|
132
|
-
if (profilePolicy) policies.push(profilePolicy);
|
|
133
|
-
const globalPolicy = pickSandboxToolPolicy(params.cfg.tools ?? void 0);
|
|
134
|
-
if (globalPolicy) policies.push(globalPolicy);
|
|
135
|
-
const agentPolicy = pickSandboxToolPolicy(params.agentTools);
|
|
136
|
-
if (agentPolicy) policies.push(agentPolicy);
|
|
137
|
-
if (params.sandboxMode === "all") policies.push(resolveSandboxToolPolicyForAgent(params.cfg, params.agentId ?? void 0));
|
|
138
|
-
return policies;
|
|
139
|
-
}
|
|
140
|
-
function hasWebSearchKey(cfg, env) {
|
|
141
|
-
return hasConfiguredWebSearchCredential({
|
|
142
|
-
config: cfg,
|
|
143
|
-
env,
|
|
144
|
-
origin: "bundled",
|
|
145
|
-
bundledAllowlistCompat: true
|
|
146
|
-
});
|
|
147
|
-
}
|
|
148
|
-
function isWebSearchEnabled(cfg, env) {
|
|
149
|
-
const enabled = cfg.tools?.web?.search?.enabled;
|
|
150
|
-
if (enabled === false) return false;
|
|
151
|
-
if (enabled === true) return true;
|
|
152
|
-
return hasWebSearchKey(cfg, env);
|
|
153
|
-
}
|
|
154
|
-
function isWebFetchEnabled(cfg) {
|
|
155
|
-
if (cfg.tools?.web?.fetch?.enabled === false) return false;
|
|
156
|
-
return true;
|
|
157
|
-
}
|
|
158
|
-
function isBrowserEnabled(cfg) {
|
|
159
|
-
return cfg.browser?.enabled !== false;
|
|
160
|
-
}
|
|
161
|
-
function collectAttackSurfaceSummaryFindings(cfg) {
|
|
162
|
-
const group = summarizeGroupPolicy(cfg);
|
|
163
|
-
const elevated = cfg.tools?.elevated?.enabled !== false;
|
|
164
|
-
const webhooksEnabled = cfg.hooks?.enabled === true;
|
|
165
|
-
const internalHooksEnabled = hasConfiguredInternalHooks(cfg);
|
|
166
|
-
const browserEnabled = cfg.browser?.enabled ?? true;
|
|
167
|
-
return [{
|
|
168
|
-
checkId: "summary.attack_surface",
|
|
169
|
-
severity: "info",
|
|
170
|
-
title: "Attack surface summary",
|
|
171
|
-
detail: `groups: open=${group.open}, allowlist=${group.allowlist}\ntools.elevated: ${elevated ? "enabled" : "disabled"}\nhooks.webhooks: ${webhooksEnabled ? "enabled" : "disabled"}\nhooks.internal: ${internalHooksEnabled ? "enabled" : "disabled"}\nbrowser control: ${browserEnabled ? "enabled" : "disabled"}\ntrust model: personal assistant (one trusted operator boundary), not hostile multi-tenant on one shared gateway`
|
|
172
|
-
}];
|
|
173
|
-
}
|
|
174
|
-
function collectSmallModelRiskFindings(params) {
|
|
175
|
-
const findings = [];
|
|
176
|
-
const models = collectModels$1(params.cfg).filter((entry) => !entry.source.includes("imageModel"));
|
|
177
|
-
if (models.length === 0) return findings;
|
|
178
|
-
const smallModels = models.map((entry) => {
|
|
179
|
-
const paramB = inferParamBFromIdOrName(entry.id);
|
|
180
|
-
if (!paramB || paramB > SMALL_MODEL_PARAM_B_MAX) return null;
|
|
181
|
-
return {
|
|
182
|
-
...entry,
|
|
183
|
-
paramB
|
|
184
|
-
};
|
|
185
|
-
}).filter((entry) => Boolean(entry));
|
|
186
|
-
if (smallModels.length === 0) return findings;
|
|
187
|
-
let hasUnsafe = false;
|
|
188
|
-
const modelLines = [];
|
|
189
|
-
const exposureSet = /* @__PURE__ */ new Set();
|
|
190
|
-
for (const entry of smallModels) {
|
|
191
|
-
const agentId = extractAgentIdFromSource(entry.source);
|
|
192
|
-
const sandboxMode = resolveSandboxConfigForAgent(params.cfg, agentId ?? void 0).mode;
|
|
193
|
-
const agentTools = agentId && params.cfg.agents?.list ? params.cfg.agents.list.find((agent) => agent?.id === agentId)?.tools : void 0;
|
|
194
|
-
const policies = resolveToolPolicies$1({
|
|
195
|
-
cfg: params.cfg,
|
|
196
|
-
agentTools,
|
|
197
|
-
sandboxMode,
|
|
198
|
-
agentId
|
|
199
|
-
});
|
|
200
|
-
const exposed = [];
|
|
201
|
-
if (isWebSearchEnabled(params.cfg, params.env) && isToolAllowedByPolicies("web_search", policies)) exposed.push("web_search");
|
|
202
|
-
if (isWebFetchEnabled(params.cfg) && isToolAllowedByPolicies("web_fetch", policies)) exposed.push("web_fetch");
|
|
203
|
-
if (isBrowserEnabled(params.cfg) && isToolAllowedByPolicies("browser", policies)) exposed.push("browser");
|
|
204
|
-
for (const tool of exposed) exposureSet.add(tool);
|
|
205
|
-
const sandboxLabel = sandboxMode === "all" ? "sandbox=all" : `sandbox=${sandboxMode}`;
|
|
206
|
-
const exposureLabel = exposed.length > 0 ? ` web=[${exposed.join(", ")}]` : " web=[off]";
|
|
207
|
-
const safe = sandboxMode === "all" && exposed.length === 0;
|
|
208
|
-
if (!safe) hasUnsafe = true;
|
|
209
|
-
const statusLabel = safe ? "ok" : "unsafe";
|
|
210
|
-
modelLines.push(`- ${entry.id} (${entry.paramB}B) @ ${entry.source} (${statusLabel}; ${sandboxLabel};${exposureLabel})`);
|
|
211
|
-
}
|
|
212
|
-
const exposureList = Array.from(exposureSet);
|
|
213
|
-
const exposureDetail = exposureList.length > 0 ? `Uncontrolled input tools allowed: ${exposureList.join(", ")}.` : "No web/browser tools detected for these models.";
|
|
214
|
-
findings.push({
|
|
215
|
-
checkId: "models.small_params",
|
|
216
|
-
severity: hasUnsafe ? "critical" : "info",
|
|
217
|
-
title: "Small models require sandboxing and web tools disabled",
|
|
218
|
-
detail: `Small models (<=${SMALL_MODEL_PARAM_B_MAX}B params) detected:\n` + modelLines.join("\n") + `\n` + exposureDetail + "\nSmall models are not recommended for untrusted inputs.",
|
|
219
|
-
remediation: "If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode=\"all\") and disable web_search/web_fetch/browser (tools.deny=[\"group:web\",\"browser\"])."
|
|
220
|
-
});
|
|
221
|
-
return findings;
|
|
222
|
-
}
|
|
223
|
-
//#endregion
|
|
224
|
-
//#region src/security/audit-extra.sync.ts
|
|
225
|
-
function isProbablySyncedPath(p) {
|
|
226
|
-
const s = p.toLowerCase();
|
|
227
|
-
return s.includes("icloud") || s.includes("dropbox") || s.includes("google drive") || s.includes("googledrive") || s.includes("onedrive");
|
|
228
|
-
}
|
|
229
|
-
function looksLikeEnvRef(value) {
|
|
230
|
-
const v = value.trim();
|
|
231
|
-
return v.startsWith("${") && v.endsWith("}");
|
|
232
|
-
}
|
|
233
|
-
function addModel(models, raw, source) {
|
|
234
|
-
if (typeof raw !== "string") return;
|
|
235
|
-
const id = raw.trim();
|
|
236
|
-
if (!id) return;
|
|
237
|
-
models.push({
|
|
238
|
-
id,
|
|
239
|
-
source
|
|
240
|
-
});
|
|
241
|
-
}
|
|
242
|
-
function collectModels(cfg) {
|
|
243
|
-
const out = [];
|
|
244
|
-
addModel(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.model), "agents.defaults.model.primary");
|
|
245
|
-
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.model)) addModel(out, fallback, "agents.defaults.model.fallbacks");
|
|
246
|
-
addModel(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.imageModel), "agents.defaults.imageModel.primary");
|
|
247
|
-
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.imageModel)) addModel(out, fallback, "agents.defaults.imageModel.fallbacks");
|
|
248
|
-
const list = Array.isArray(cfg.agents?.list) ? cfg.agents?.list : [];
|
|
249
|
-
for (const agent of list ?? []) {
|
|
250
|
-
if (!agent || typeof agent !== "object") continue;
|
|
251
|
-
const id = typeof agent.id === "string" ? agent.id : "";
|
|
252
|
-
const model = agent.model;
|
|
253
|
-
if (typeof model === "string") addModel(out, model, `agents.list.${id}.model`);
|
|
254
|
-
else if (model && typeof model === "object") {
|
|
255
|
-
addModel(out, model.primary, `agents.list.${id}.model.primary`);
|
|
256
|
-
const fallbacks = model.fallbacks;
|
|
257
|
-
if (Array.isArray(fallbacks)) for (const fallback of fallbacks) addModel(out, fallback, `agents.list.${id}.model.fallbacks`);
|
|
258
|
-
}
|
|
259
|
-
}
|
|
260
|
-
return out;
|
|
261
|
-
}
|
|
262
|
-
function isGatewayRemotelyExposed(cfg) {
|
|
263
|
-
if ((typeof cfg.gateway?.bind === "string" ? cfg.gateway.bind : "loopback") !== "loopback") return true;
|
|
264
|
-
const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
|
|
265
|
-
return tailscaleMode === "serve" || tailscaleMode === "funnel";
|
|
266
|
-
}
|
|
267
|
-
const LEGACY_MODEL_PATTERNS = [
|
|
268
|
-
{
|
|
269
|
-
id: "openai.gpt35",
|
|
270
|
-
re: /\bgpt-3\.5\b/i,
|
|
271
|
-
label: "GPT-3.5 family"
|
|
272
|
-
},
|
|
273
|
-
{
|
|
274
|
-
id: "anthropic.claude2",
|
|
275
|
-
re: /\bclaude-(instant|2)\b/i,
|
|
276
|
-
label: "Claude 2/Instant family"
|
|
277
|
-
},
|
|
278
|
-
{
|
|
279
|
-
id: "openai.gpt4_legacy",
|
|
280
|
-
re: /\bgpt-4-(0314|0613)\b/i,
|
|
281
|
-
label: "Legacy GPT-4 snapshots"
|
|
282
|
-
}
|
|
283
|
-
];
|
|
284
|
-
const WEAK_TIER_MODEL_PATTERNS = [{
|
|
285
|
-
id: "anthropic.haiku",
|
|
286
|
-
re: /\bhaiku\b/i,
|
|
287
|
-
label: "Haiku tier (smaller model)"
|
|
288
|
-
}];
|
|
289
|
-
function isGptModel(id) {
|
|
290
|
-
return /\bgpt-/i.test(id);
|
|
291
|
-
}
|
|
292
|
-
function isGpt5OrHigher(id) {
|
|
293
|
-
return /\bgpt-5(?:\b|[.-])/i.test(id);
|
|
294
|
-
}
|
|
295
|
-
function isClaudeModel(id) {
|
|
296
|
-
return /\bclaude-/i.test(id);
|
|
297
|
-
}
|
|
298
|
-
function isClaude45OrHigher(id) {
|
|
299
|
-
return /\bclaude-[^\s/]*?(?:-4-?(?:[5-9]|[1-9]\d)\b|4\.(?:[5-9]|[1-9]\d)\b|-[5-9](?:\b|[.-]))/i.test(id);
|
|
300
|
-
}
|
|
301
|
-
function hasConfiguredDockerConfig(docker) {
|
|
302
|
-
if (!docker || typeof docker !== "object") return false;
|
|
303
|
-
return Object.values(docker).some((value) => value !== void 0);
|
|
304
|
-
}
|
|
305
|
-
function normalizeNodeCommand(value) {
|
|
306
|
-
return normalizeOptionalString(value) ?? "";
|
|
307
|
-
}
|
|
308
|
-
function isWildcardEntry(value) {
|
|
309
|
-
return normalizeStringifiedOptionalString(value) === "*";
|
|
310
|
-
}
|
|
311
|
-
function listKnownNodeCommands(cfg) {
|
|
312
|
-
const baseCfg = {
|
|
313
|
-
...cfg,
|
|
314
|
-
gateway: {
|
|
315
|
-
...cfg.gateway,
|
|
316
|
-
nodes: {
|
|
317
|
-
...cfg.gateway?.nodes,
|
|
318
|
-
denyCommands: []
|
|
319
|
-
}
|
|
320
|
-
}
|
|
321
|
-
};
|
|
322
|
-
const out = /* @__PURE__ */ new Set();
|
|
323
|
-
for (const platform of [
|
|
324
|
-
"ios",
|
|
325
|
-
"android",
|
|
326
|
-
"macos",
|
|
327
|
-
"linux",
|
|
328
|
-
"windows",
|
|
329
|
-
"unknown"
|
|
330
|
-
]) {
|
|
331
|
-
const allow = resolveNodeCommandAllowlist(baseCfg, { platform });
|
|
332
|
-
for (const cmd of allow) {
|
|
333
|
-
const normalized = normalizeNodeCommand(cmd);
|
|
334
|
-
if (normalized) out.add(normalized);
|
|
335
|
-
}
|
|
336
|
-
}
|
|
337
|
-
return out;
|
|
338
|
-
}
|
|
339
|
-
function resolveToolPolicies(params) {
|
|
340
|
-
const policies = [];
|
|
341
|
-
const profilePolicy = resolveToolProfilePolicy(params.agentTools?.profile ?? params.cfg.tools?.profile);
|
|
342
|
-
if (profilePolicy) policies.push(profilePolicy);
|
|
343
|
-
const globalPolicy = pickSandboxToolPolicy(params.cfg.tools ?? void 0);
|
|
344
|
-
if (globalPolicy) policies.push(globalPolicy);
|
|
345
|
-
const agentPolicy = pickSandboxToolPolicy(params.agentTools);
|
|
346
|
-
if (agentPolicy) policies.push(agentPolicy);
|
|
347
|
-
if (params.sandboxMode === "all") policies.push(resolveSandboxToolPolicyForAgent(params.cfg, params.agentId ?? void 0));
|
|
348
|
-
return policies;
|
|
349
|
-
}
|
|
350
|
-
function looksLikeNodeCommandPattern(value) {
|
|
351
|
-
if (!value) return false;
|
|
352
|
-
if (/[?*[\]{}(),|]/.test(value)) return true;
|
|
353
|
-
if (value.startsWith("/") || value.endsWith("/") || value.startsWith("^") || value.endsWith("$")) return true;
|
|
354
|
-
return /\s/.test(value) || value.includes("group:");
|
|
355
|
-
}
|
|
356
|
-
function editDistance(a, b) {
|
|
357
|
-
if (a === b) return 0;
|
|
358
|
-
if (!a) return b.length;
|
|
359
|
-
if (!b) return a.length;
|
|
360
|
-
const dp = Array.from({ length: b.length + 1 }, (_, j) => j);
|
|
361
|
-
for (let i = 1; i <= a.length; i++) {
|
|
362
|
-
let prev = dp[0];
|
|
363
|
-
dp[0] = i;
|
|
364
|
-
for (let j = 1; j <= b.length; j++) {
|
|
365
|
-
const temp = dp[j];
|
|
366
|
-
const cost = a[i - 1] === b[j - 1] ? 0 : 1;
|
|
367
|
-
dp[j] = Math.min(dp[j] + 1, dp[j - 1] + 1, prev + cost);
|
|
368
|
-
prev = temp;
|
|
369
|
-
}
|
|
370
|
-
}
|
|
371
|
-
return dp[b.length];
|
|
372
|
-
}
|
|
373
|
-
function suggestKnownNodeCommands(unknown, known) {
|
|
374
|
-
const needle = unknown.trim();
|
|
375
|
-
if (!needle) return [];
|
|
376
|
-
const prefix = needle.includes(".") ? needle.split(".").slice(0, 2).join(".") : needle;
|
|
377
|
-
const prefixHits = Array.from(known).filter((cmd) => cmd.startsWith(prefix)).slice(0, 3);
|
|
378
|
-
if (prefixHits.length > 0) return prefixHits;
|
|
379
|
-
const ranked = Array.from(known).map((cmd) => ({
|
|
380
|
-
cmd,
|
|
381
|
-
d: editDistance(needle, cmd)
|
|
382
|
-
})).toSorted((a, b) => a.d - b.d || a.cmd.localeCompare(b.cmd));
|
|
383
|
-
const best = ranked[0]?.d ?? Infinity;
|
|
384
|
-
const threshold = Math.max(2, Math.min(4, best));
|
|
385
|
-
return ranked.filter((r) => r.d <= threshold).slice(0, 3).map((r) => r.cmd);
|
|
386
|
-
}
|
|
387
|
-
function listGroupPolicyOpen(cfg) {
|
|
388
|
-
const out = [];
|
|
389
|
-
const channels = cfg.channels;
|
|
390
|
-
if (!channels || typeof channels !== "object") return out;
|
|
391
|
-
for (const [channelId, value] of Object.entries(channels)) {
|
|
392
|
-
if (!value || typeof value !== "object") continue;
|
|
393
|
-
const section = value;
|
|
394
|
-
if (section.groupPolicy === "open") out.push(`channels.${channelId}.groupPolicy`);
|
|
395
|
-
const accounts = section.accounts;
|
|
396
|
-
if (accounts && typeof accounts === "object") for (const [accountId, accountVal] of Object.entries(accounts)) {
|
|
397
|
-
if (!accountVal || typeof accountVal !== "object") continue;
|
|
398
|
-
if (accountVal.groupPolicy === "open") out.push(`channels.${channelId}.accounts.${accountId}.groupPolicy`);
|
|
399
|
-
}
|
|
400
|
-
}
|
|
401
|
-
return out;
|
|
402
|
-
}
|
|
403
|
-
function hasConfiguredGroupTargets(section) {
|
|
404
|
-
return [
|
|
405
|
-
"groups",
|
|
406
|
-
"guilds",
|
|
407
|
-
"channels",
|
|
408
|
-
"rooms"
|
|
409
|
-
].some((key) => {
|
|
410
|
-
const value = section[key];
|
|
411
|
-
return Boolean(value && typeof value === "object" && Object.keys(value).length > 0);
|
|
412
|
-
});
|
|
413
|
-
}
|
|
414
|
-
function listPotentialMultiUserSignals(cfg) {
|
|
415
|
-
const out = /* @__PURE__ */ new Set();
|
|
416
|
-
const channels = cfg.channels;
|
|
417
|
-
if (!channels || typeof channels !== "object") return [];
|
|
418
|
-
const inspectSection = (section, basePath) => {
|
|
419
|
-
const groupPolicy = typeof section.groupPolicy === "string" ? section.groupPolicy : null;
|
|
420
|
-
if (groupPolicy === "open") out.add(`${basePath}.groupPolicy="open"`);
|
|
421
|
-
else if (groupPolicy === "allowlist" && hasConfiguredGroupTargets(section)) out.add(`${basePath}.groupPolicy="allowlist" with configured group targets`);
|
|
422
|
-
if ((typeof section.dmPolicy === "string" ? section.dmPolicy : null) === "open") out.add(`${basePath}.dmPolicy="open"`);
|
|
423
|
-
if ((Array.isArray(section.allowFrom) ? section.allowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.allowFrom includes "*"`);
|
|
424
|
-
if ((Array.isArray(section.groupAllowFrom) ? section.groupAllowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.groupAllowFrom includes "*"`);
|
|
425
|
-
const dm = section.dm;
|
|
426
|
-
if (dm && typeof dm === "object") {
|
|
427
|
-
const dmSection = dm;
|
|
428
|
-
if ((typeof dmSection.policy === "string" ? dmSection.policy : null) === "open") out.add(`${basePath}.dm.policy="open"`);
|
|
429
|
-
if ((Array.isArray(dmSection.allowFrom) ? dmSection.allowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.dm.allowFrom includes "*"`);
|
|
430
|
-
}
|
|
431
|
-
};
|
|
432
|
-
for (const [channelId, value] of Object.entries(channels)) {
|
|
433
|
-
if (!value || typeof value !== "object") continue;
|
|
434
|
-
const section = value;
|
|
435
|
-
inspectSection(section, `channels.${channelId}`);
|
|
436
|
-
const accounts = section.accounts;
|
|
437
|
-
if (!accounts || typeof accounts !== "object") continue;
|
|
438
|
-
for (const [accountId, accountValue] of Object.entries(accounts)) {
|
|
439
|
-
if (!accountValue || typeof accountValue !== "object") continue;
|
|
440
|
-
inspectSection(accountValue, `channels.${channelId}.accounts.${accountId}`);
|
|
441
|
-
}
|
|
442
|
-
}
|
|
443
|
-
return Array.from(out);
|
|
444
|
-
}
|
|
445
|
-
function collectRiskyToolExposureContexts(cfg) {
|
|
446
|
-
const contexts = [{ label: "agents.defaults" }];
|
|
447
|
-
for (const agent of cfg.agents?.list ?? []) {
|
|
448
|
-
if (!agent || typeof agent !== "object" || typeof agent.id !== "string") continue;
|
|
449
|
-
contexts.push({
|
|
450
|
-
label: `agents.list.${agent.id}`,
|
|
451
|
-
agentId: agent.id,
|
|
452
|
-
tools: agent.tools
|
|
453
|
-
});
|
|
454
|
-
}
|
|
455
|
-
const riskyContexts = [];
|
|
456
|
-
let hasRuntimeRisk = false;
|
|
457
|
-
for (const context of contexts) {
|
|
458
|
-
const sandboxMode = resolveSandboxConfigForAgent(cfg, context.agentId).mode;
|
|
459
|
-
const policies = resolveToolPolicies({
|
|
460
|
-
cfg,
|
|
461
|
-
agentTools: context.tools,
|
|
462
|
-
sandboxMode,
|
|
463
|
-
agentId: context.agentId ?? null
|
|
464
|
-
});
|
|
465
|
-
const runtimeTools = ["exec", "process"].filter((tool) => isToolAllowedByPolicies(tool, policies));
|
|
466
|
-
const fsTools = [
|
|
467
|
-
"read",
|
|
468
|
-
"write",
|
|
469
|
-
"edit",
|
|
470
|
-
"apply_patch"
|
|
471
|
-
].filter((tool) => isToolAllowedByPolicies(tool, policies));
|
|
472
|
-
const fsWorkspaceOnly = context.tools?.fs?.workspaceOnly ?? cfg.tools?.fs?.workspaceOnly;
|
|
473
|
-
const runtimeUnguarded = runtimeTools.length > 0 && sandboxMode !== "all";
|
|
474
|
-
const fsUnguarded = fsTools.length > 0 && sandboxMode !== "all" && fsWorkspaceOnly !== true;
|
|
475
|
-
if (!runtimeUnguarded && !fsUnguarded) continue;
|
|
476
|
-
if (runtimeUnguarded) hasRuntimeRisk = true;
|
|
477
|
-
riskyContexts.push(`${context.label} (sandbox=${sandboxMode}; runtime=[${runtimeTools.join(", ") || "off"}]; fs=[${fsTools.join(", ") || "off"}]; fs.workspaceOnly=${fsWorkspaceOnly === true ? "true" : "false"})`);
|
|
478
|
-
}
|
|
479
|
-
return {
|
|
480
|
-
riskyContexts,
|
|
481
|
-
hasRuntimeRisk
|
|
482
|
-
};
|
|
483
|
-
}
|
|
484
|
-
function collectSyncedFolderFindings(params) {
|
|
485
|
-
const findings = [];
|
|
486
|
-
if (isProbablySyncedPath(params.stateDir) || isProbablySyncedPath(params.configPath)) findings.push({
|
|
487
|
-
checkId: "fs.synced_dir",
|
|
488
|
-
severity: "warn",
|
|
489
|
-
title: "State/config path looks like a synced folder",
|
|
490
|
-
detail: `stateDir=${params.stateDir}, configPath=${params.configPath}. Synced folders (iCloud/Dropbox/OneDrive/Google Drive) can leak tokens and transcripts onto other devices.`,
|
|
491
|
-
remediation: `Keep GENESIS_STATE_DIR on a local-only volume and re-run "${formatCliCommand("genesis security audit --fix")}".`
|
|
492
|
-
});
|
|
493
|
-
return findings;
|
|
494
|
-
}
|
|
495
|
-
function collectSecretsInConfigFindings(cfg) {
|
|
496
|
-
const findings = [];
|
|
497
|
-
const password = normalizeOptionalString(cfg.gateway?.auth?.password) ?? "";
|
|
498
|
-
if (password && !looksLikeEnvRef(password)) findings.push({
|
|
499
|
-
checkId: "config.secrets.gateway_password_in_config",
|
|
500
|
-
severity: "warn",
|
|
501
|
-
title: "Gateway password is stored in config",
|
|
502
|
-
detail: "gateway.auth.password is set in the config file; prefer environment variables for secrets when possible.",
|
|
503
|
-
remediation: "Prefer GENESIS_GATEWAY_PASSWORD (env) and remove gateway.auth.password from disk."
|
|
504
|
-
});
|
|
505
|
-
const hooksToken = normalizeOptionalString(cfg.hooks?.token) ?? "";
|
|
506
|
-
if (cfg.hooks?.enabled === true && hooksToken && !looksLikeEnvRef(hooksToken)) findings.push({
|
|
507
|
-
checkId: "config.secrets.hooks_token_in_config",
|
|
508
|
-
severity: "info",
|
|
509
|
-
title: "Hooks token is stored in config",
|
|
510
|
-
detail: "hooks.token is set in the config file; keep config perms tight and treat it like an API secret."
|
|
511
|
-
});
|
|
512
|
-
return findings;
|
|
513
|
-
}
|
|
514
|
-
function collectHooksHardeningFindings(cfg, env = process.env) {
|
|
515
|
-
const findings = [];
|
|
516
|
-
if (cfg.hooks?.enabled !== true) return findings;
|
|
517
|
-
const token = normalizeOptionalString(cfg.hooks?.token) ?? "";
|
|
518
|
-
if (token && token.length < 24) findings.push({
|
|
519
|
-
checkId: "hooks.token_too_short",
|
|
520
|
-
severity: "warn",
|
|
521
|
-
title: "Hooks token looks short",
|
|
522
|
-
detail: `hooks.token is ${token.length} chars; prefer a long random token.`
|
|
523
|
-
});
|
|
524
|
-
const gatewayAuth = resolveGatewayAuth({
|
|
525
|
-
authConfig: cfg.gateway?.auth,
|
|
526
|
-
tailscaleMode: cfg.gateway?.tailscale?.mode ?? "off",
|
|
527
|
-
env
|
|
528
|
-
});
|
|
529
|
-
const genesisGatewayToken = typeof env.GENESIS_GATEWAY_TOKEN === "string" && env.GENESIS_GATEWAY_TOKEN.trim() ? env.GENESIS_GATEWAY_TOKEN.trim() : null;
|
|
530
|
-
const gatewayToken = gatewayAuth.mode === "token" && typeof gatewayAuth.token === "string" && gatewayAuth.token.trim() ? gatewayAuth.token.trim() : genesisGatewayToken ? genesisGatewayToken : null;
|
|
531
|
-
if (token && gatewayToken && token === gatewayToken) findings.push({
|
|
532
|
-
checkId: "hooks.token_reuse_gateway_token",
|
|
533
|
-
severity: "critical",
|
|
534
|
-
title: "Hooks token reuses the Gateway token",
|
|
535
|
-
detail: "hooks.token matches gateway.auth token; compromise of hooks expands blast radius to the Gateway API.",
|
|
536
|
-
remediation: "Use a separate hooks.token dedicated to hook ingress."
|
|
537
|
-
});
|
|
538
|
-
if ((normalizeOptionalString(cfg.hooks?.path) ?? "") === "/") findings.push({
|
|
539
|
-
checkId: "hooks.path_root",
|
|
540
|
-
severity: "critical",
|
|
541
|
-
title: "Hooks base path is '/'",
|
|
542
|
-
detail: "hooks.path='/' would shadow other HTTP endpoints and is unsafe.",
|
|
543
|
-
remediation: "Use a dedicated path like '/hooks'."
|
|
544
|
-
});
|
|
545
|
-
const allowRequestSessionKey = cfg.hooks?.allowRequestSessionKey === true;
|
|
546
|
-
const defaultSessionKey = normalizeOptionalString(cfg.hooks?.defaultSessionKey) ?? "";
|
|
547
|
-
const allowedAgentIds = resolveAllowedAgentIds(cfg.hooks?.allowedAgentIds);
|
|
548
|
-
const allowedPrefixes = Array.isArray(cfg.hooks?.allowedSessionKeyPrefixes) ? cfg.hooks.allowedSessionKeyPrefixes.map((prefix) => prefix.trim()).filter((prefix) => prefix.length > 0) : [];
|
|
549
|
-
const remoteExposure = isGatewayRemotelyExposed(cfg);
|
|
550
|
-
if (!defaultSessionKey) findings.push({
|
|
551
|
-
checkId: "hooks.default_session_key_unset",
|
|
552
|
-
severity: "warn",
|
|
553
|
-
title: "hooks.defaultSessionKey is not configured",
|
|
554
|
-
detail: "Hook agent runs without explicit sessionKey use generated per-request keys. Set hooks.defaultSessionKey to keep hook ingress scoped to a known session.",
|
|
555
|
-
remediation: "Set hooks.defaultSessionKey (for example, \"hook:ingress\")."
|
|
556
|
-
});
|
|
557
|
-
if (allowedAgentIds === void 0) findings.push({
|
|
558
|
-
checkId: "hooks.allowed_agent_ids_unrestricted",
|
|
559
|
-
severity: remoteExposure ? "critical" : "warn",
|
|
560
|
-
title: "Hook agent routing allows any configured agent",
|
|
561
|
-
detail: "hooks.allowedAgentIds is unset or includes '*', so authenticated hook callers may route to any configured agent id.",
|
|
562
|
-
remediation: "Set hooks.allowedAgentIds to an explicit allowlist (for example, [\"hooks\", \"main\"]) or [] to deny explicit agent routing."
|
|
563
|
-
});
|
|
564
|
-
if (allowRequestSessionKey) findings.push({
|
|
565
|
-
checkId: "hooks.request_session_key_enabled",
|
|
566
|
-
severity: remoteExposure ? "critical" : "warn",
|
|
567
|
-
title: "External hook payloads may override sessionKey",
|
|
568
|
-
detail: "hooks.allowRequestSessionKey=true allows `/hooks/agent` callers to choose the session key. Treat hook token holders as full-trust unless you also restrict prefixes.",
|
|
569
|
-
remediation: "Set hooks.allowRequestSessionKey=false (recommended) or constrain hooks.allowedSessionKeyPrefixes."
|
|
570
|
-
});
|
|
571
|
-
if (allowRequestSessionKey && allowedPrefixes.length === 0) findings.push({
|
|
572
|
-
checkId: "hooks.request_session_key_prefixes_missing",
|
|
573
|
-
severity: remoteExposure ? "critical" : "warn",
|
|
574
|
-
title: "Request sessionKey override is enabled without prefix restrictions",
|
|
575
|
-
detail: "hooks.allowRequestSessionKey=true and hooks.allowedSessionKeyPrefixes is unset/empty, so request payloads can target arbitrary session key shapes.",
|
|
576
|
-
remediation: "Set hooks.allowedSessionKeyPrefixes (for example, [\"hook:\"]) or disable request overrides."
|
|
577
|
-
});
|
|
578
|
-
return findings;
|
|
579
|
-
}
|
|
580
|
-
function collectGatewayHttpSessionKeyOverrideFindings(cfg) {
|
|
581
|
-
const findings = [];
|
|
582
|
-
const chatCompletionsEnabled = cfg.gateway?.http?.endpoints?.chatCompletions?.enabled === true;
|
|
583
|
-
const responsesEnabled = cfg.gateway?.http?.endpoints?.responses?.enabled === true;
|
|
584
|
-
if (!chatCompletionsEnabled && !responsesEnabled) return findings;
|
|
585
|
-
const enabledEndpoints = [chatCompletionsEnabled ? "/v1/chat/completions" : null, responsesEnabled ? "/v1/responses" : null].filter((entry) => Boolean(entry));
|
|
586
|
-
findings.push({
|
|
587
|
-
checkId: "gateway.http.session_key_override_enabled",
|
|
588
|
-
severity: "info",
|
|
589
|
-
title: "HTTP API session-key override is enabled",
|
|
590
|
-
detail: `${enabledEndpoints.join(", ")} accept x-genesis-session-key for per-request session routing. Treat API credential holders as trusted principals.`
|
|
591
|
-
});
|
|
592
|
-
return findings;
|
|
593
|
-
}
|
|
594
|
-
function collectGatewayHttpNoAuthFindings(cfg, env) {
|
|
595
|
-
const findings = [];
|
|
596
|
-
const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
|
|
597
|
-
if (resolveGatewayAuth({
|
|
598
|
-
authConfig: cfg.gateway?.auth,
|
|
599
|
-
tailscaleMode,
|
|
600
|
-
env
|
|
601
|
-
}).mode !== "none") return findings;
|
|
602
|
-
const chatCompletionsEnabled = cfg.gateway?.http?.endpoints?.chatCompletions?.enabled === true;
|
|
603
|
-
const responsesEnabled = cfg.gateway?.http?.endpoints?.responses?.enabled === true;
|
|
604
|
-
const enabledEndpoints = [
|
|
605
|
-
"/tools/invoke",
|
|
606
|
-
chatCompletionsEnabled ? "/v1/chat/completions" : null,
|
|
607
|
-
responsesEnabled ? "/v1/responses" : null
|
|
608
|
-
].filter((entry) => Boolean(entry));
|
|
609
|
-
const remoteExposure = isGatewayRemotelyExposed(cfg);
|
|
610
|
-
findings.push({
|
|
611
|
-
checkId: "gateway.http.no_auth",
|
|
612
|
-
severity: remoteExposure ? "critical" : "warn",
|
|
613
|
-
title: "Gateway HTTP APIs are reachable without auth",
|
|
614
|
-
detail: `gateway.auth.mode="none" leaves ${enabledEndpoints.join(", ")} callable without a shared secret. Treat this as trusted-local only and avoid exposing the gateway beyond loopback.`,
|
|
615
|
-
remediation: "Set gateway.auth.mode to token/password (recommended). If you intentionally keep mode=none, keep gateway.bind=loopback and disable optional HTTP endpoints."
|
|
616
|
-
});
|
|
617
|
-
return findings;
|
|
618
|
-
}
|
|
619
|
-
function collectSandboxDockerNoopFindings(cfg) {
|
|
620
|
-
const findings = [];
|
|
621
|
-
const configuredPaths = [];
|
|
622
|
-
const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
|
|
623
|
-
const defaultsSandbox = cfg.agents?.defaults?.sandbox;
|
|
624
|
-
const hasDefaultDocker = hasConfiguredDockerConfig(defaultsSandbox?.docker);
|
|
625
|
-
const defaultMode = defaultsSandbox?.mode ?? "off";
|
|
626
|
-
const hasAnySandboxEnabledAgent = agents.some((entry) => {
|
|
627
|
-
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") return false;
|
|
628
|
-
return resolveSandboxConfigForAgent(cfg, entry.id).mode !== "off";
|
|
629
|
-
});
|
|
630
|
-
if (hasDefaultDocker && defaultMode === "off" && !hasAnySandboxEnabledAgent) configuredPaths.push("agents.defaults.sandbox.docker");
|
|
631
|
-
for (const entry of agents) {
|
|
632
|
-
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
633
|
-
if (!hasConfiguredDockerConfig(entry.sandbox?.docker)) continue;
|
|
634
|
-
if (resolveSandboxConfigForAgent(cfg, entry.id).mode === "off") configuredPaths.push(`agents.list.${entry.id}.sandbox.docker`);
|
|
635
|
-
}
|
|
636
|
-
if (configuredPaths.length === 0) return findings;
|
|
637
|
-
findings.push({
|
|
638
|
-
checkId: "sandbox.docker_config_mode_off",
|
|
639
|
-
severity: "warn",
|
|
640
|
-
title: "Sandbox docker settings configured while sandbox mode is off",
|
|
641
|
-
detail: "These docker settings will not take effect until sandbox mode is enabled:\n" + configuredPaths.map((entry) => `- ${entry}`).join("\n"),
|
|
642
|
-
remediation: "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) where needed, or remove unused docker settings."
|
|
643
|
-
});
|
|
644
|
-
return findings;
|
|
645
|
-
}
|
|
646
|
-
function collectSandboxDangerousConfigFindings(cfg) {
|
|
647
|
-
const findings = [];
|
|
648
|
-
const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
|
|
649
|
-
const configs = [];
|
|
650
|
-
const defaultDocker = cfg.agents?.defaults?.sandbox?.docker;
|
|
651
|
-
if (defaultDocker && typeof defaultDocker === "object") configs.push({
|
|
652
|
-
source: "agents.defaults.sandbox.docker",
|
|
653
|
-
docker: defaultDocker
|
|
654
|
-
});
|
|
655
|
-
for (const entry of agents) {
|
|
656
|
-
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
657
|
-
const agentDocker = entry.sandbox?.docker;
|
|
658
|
-
if (agentDocker && typeof agentDocker === "object") configs.push({
|
|
659
|
-
source: `agents.list.${entry.id}.sandbox.docker`,
|
|
660
|
-
docker: agentDocker
|
|
661
|
-
});
|
|
662
|
-
}
|
|
663
|
-
for (const { source, docker } of configs) {
|
|
664
|
-
const binds = Array.isArray(docker.binds) ? docker.binds : [];
|
|
665
|
-
for (const bind of binds) {
|
|
666
|
-
if (typeof bind !== "string") continue;
|
|
667
|
-
const blocked = getBlockedBindReason(bind);
|
|
668
|
-
if (!blocked) continue;
|
|
669
|
-
if (blocked.kind === "non_absolute") {
|
|
670
|
-
findings.push({
|
|
671
|
-
checkId: "sandbox.bind_mount_non_absolute",
|
|
672
|
-
severity: "warn",
|
|
673
|
-
title: "Sandbox bind mount uses a non-absolute source path",
|
|
674
|
-
detail: `${source}.binds contains "${bind}" which uses source path "${blocked.sourcePath}". Non-absolute bind sources are hard to validate safely and may resolve unexpectedly.`,
|
|
675
|
-
remediation: `Rewrite "${bind}" to use an absolute host path (for example: /home/user/project:/project:ro).`
|
|
676
|
-
});
|
|
677
|
-
continue;
|
|
678
|
-
}
|
|
679
|
-
if (blocked.kind !== "covers" && blocked.kind !== "targets") continue;
|
|
680
|
-
const verb = blocked.kind === "covers" ? "covers" : "targets";
|
|
681
|
-
findings.push({
|
|
682
|
-
checkId: "sandbox.dangerous_bind_mount",
|
|
683
|
-
severity: "critical",
|
|
684
|
-
title: "Dangerous bind mount in sandbox config",
|
|
685
|
-
detail: `${source}.binds contains "${bind}" which ${verb} blocked path "${blocked.blockedPath}". This can expose host system directories or the Docker socket to sandbox containers.`,
|
|
686
|
-
remediation: `Remove "${bind}" from ${source}.binds. Use project-specific paths instead.`
|
|
687
|
-
});
|
|
688
|
-
}
|
|
689
|
-
const network = typeof docker.network === "string" ? docker.network : void 0;
|
|
690
|
-
const normalizedNetwork = normalizeNetworkMode(network);
|
|
691
|
-
if (isDangerousNetworkMode(network)) {
|
|
692
|
-
const modeLabel = normalizedNetwork === "host" ? "\"host\"" : `"${network}"`;
|
|
693
|
-
const detail = normalizedNetwork === "host" ? `${source}.network is "host" which bypasses container network isolation entirely.` : `${source}.network is ${modeLabel} which joins another container namespace and can bypass sandbox network isolation.`;
|
|
694
|
-
findings.push({
|
|
695
|
-
checkId: "sandbox.dangerous_network_mode",
|
|
696
|
-
severity: "critical",
|
|
697
|
-
title: "Dangerous network mode in sandbox config",
|
|
698
|
-
detail,
|
|
699
|
-
remediation: `Set ${source}.network to "bridge", "none", or a custom bridge network name. Use ${source}.dangerouslyAllowContainerNamespaceJoin=true only as a break-glass override when you fully trust this runtime.`
|
|
700
|
-
});
|
|
701
|
-
}
|
|
702
|
-
if (normalizeOptionalLowercaseString(typeof docker.seccompProfile === "string" ? docker.seccompProfile : void 0) === "unconfined") findings.push({
|
|
703
|
-
checkId: "sandbox.dangerous_seccomp_profile",
|
|
704
|
-
severity: "critical",
|
|
705
|
-
title: "Seccomp unconfined in sandbox config",
|
|
706
|
-
detail: `${source}.seccompProfile is "unconfined" which disables syscall filtering.`,
|
|
707
|
-
remediation: `Remove ${source}.seccompProfile or use a custom seccomp profile file.`
|
|
708
|
-
});
|
|
709
|
-
if (normalizeOptionalLowercaseString(typeof docker.apparmorProfile === "string" ? docker.apparmorProfile : void 0) === "unconfined") findings.push({
|
|
710
|
-
checkId: "sandbox.dangerous_apparmor_profile",
|
|
711
|
-
severity: "critical",
|
|
712
|
-
title: "AppArmor unconfined in sandbox config",
|
|
713
|
-
detail: `${source}.apparmorProfile is "unconfined" which disables AppArmor enforcement.`,
|
|
714
|
-
remediation: `Remove ${source}.apparmorProfile or use a named AppArmor profile.`
|
|
715
|
-
});
|
|
716
|
-
}
|
|
717
|
-
return findings;
|
|
718
|
-
}
|
|
719
|
-
function collectNodeDenyCommandPatternFindings(cfg) {
|
|
720
|
-
const findings = [];
|
|
721
|
-
const denyListRaw = cfg.gateway?.nodes?.denyCommands;
|
|
722
|
-
if (!Array.isArray(denyListRaw) || denyListRaw.length === 0) return findings;
|
|
723
|
-
const denyList = denyListRaw.map(normalizeNodeCommand).filter(Boolean);
|
|
724
|
-
if (denyList.length === 0) return findings;
|
|
725
|
-
const knownCommands = listKnownNodeCommands(cfg);
|
|
726
|
-
const patternLike = denyList.filter((entry) => looksLikeNodeCommandPattern(entry));
|
|
727
|
-
const unknownExact = denyList.filter((entry) => !looksLikeNodeCommandPattern(entry) && !knownCommands.has(entry));
|
|
728
|
-
if (patternLike.length === 0 && unknownExact.length === 0) return findings;
|
|
729
|
-
const detailParts = [];
|
|
730
|
-
if (patternLike.length > 0) detailParts.push(`Pattern-like entries (not supported by exact matching): ${patternLike.join(", ")}`);
|
|
731
|
-
if (unknownExact.length > 0) {
|
|
732
|
-
const unknownDetails = unknownExact.map((entry) => {
|
|
733
|
-
const suggestions = suggestKnownNodeCommands(entry, knownCommands);
|
|
734
|
-
if (suggestions.length === 0) return entry;
|
|
735
|
-
return `${entry} (did you mean: ${suggestions.join(", ")})`;
|
|
736
|
-
}).join(", ");
|
|
737
|
-
detailParts.push(`Unknown command names (not in defaults/allowCommands): ${unknownDetails}`);
|
|
738
|
-
}
|
|
739
|
-
const examples = Array.from(knownCommands).slice(0, 8);
|
|
740
|
-
findings.push({
|
|
741
|
-
checkId: "gateway.nodes.deny_commands_ineffective",
|
|
742
|
-
severity: "warn",
|
|
743
|
-
title: "Some gateway.nodes.denyCommands entries are ineffective",
|
|
744
|
-
detail: "gateway.nodes.denyCommands uses exact node command-name matching only (for example `system.run`), not shell-text filtering inside a command payload.\n" + detailParts.map((entry) => `- ${entry}`).join("\n"),
|
|
745
|
-
remediation: `Use exact command names (for example: ${examples.join(", ")}). If you need broader restrictions, remove risky command IDs from allowCommands/default workflows and tighten tools.exec policy.`
|
|
746
|
-
});
|
|
747
|
-
return findings;
|
|
748
|
-
}
|
|
749
|
-
function collectNodeDangerousAllowCommandFindings(cfg) {
|
|
750
|
-
const findings = [];
|
|
751
|
-
const allowRaw = cfg.gateway?.nodes?.allowCommands;
|
|
752
|
-
if (!Array.isArray(allowRaw) || allowRaw.length === 0) return findings;
|
|
753
|
-
const allow = new Set(allowRaw.map(normalizeNodeCommand).filter(Boolean));
|
|
754
|
-
if (allow.size === 0) return findings;
|
|
755
|
-
const deny = new Set((cfg.gateway?.nodes?.denyCommands ?? []).map(normalizeNodeCommand));
|
|
756
|
-
const dangerousAllowed = DEFAULT_DANGEROUS_NODE_COMMANDS.filter((cmd) => allow.has(cmd) && !deny.has(cmd));
|
|
757
|
-
if (dangerousAllowed.length === 0) return findings;
|
|
758
|
-
findings.push({
|
|
759
|
-
checkId: "gateway.nodes.allow_commands_dangerous",
|
|
760
|
-
severity: isGatewayRemotelyExposed(cfg) ? "critical" : "warn",
|
|
761
|
-
title: "Dangerous node commands explicitly enabled",
|
|
762
|
-
detail: `gateway.nodes.allowCommands includes: ${dangerousAllowed.join(", ")}. These commands can trigger high-impact device actions (camera/screen/contacts/calendar/reminders/SMS).`,
|
|
763
|
-
remediation: "Remove these entries from gateway.nodes.allowCommands (recommended). If you keep them, treat gateway auth as full operator access and keep gateway exposure local/tailnet-only."
|
|
764
|
-
});
|
|
765
|
-
return findings;
|
|
766
|
-
}
|
|
767
|
-
function collectMinimalProfileOverrideFindings(cfg) {
|
|
768
|
-
const findings = [];
|
|
769
|
-
if (cfg.tools?.profile !== "minimal") return findings;
|
|
770
|
-
const overrides = (cfg.agents?.list ?? []).filter((entry) => {
|
|
771
|
-
return Boolean(entry && typeof entry === "object" && typeof entry.id === "string" && entry.tools?.profile && entry.tools.profile !== "minimal");
|
|
772
|
-
}).map((entry) => `${entry.id}=${entry.tools?.profile}`);
|
|
773
|
-
if (overrides.length === 0) return findings;
|
|
774
|
-
findings.push({
|
|
775
|
-
checkId: "tools.profile_minimal_overridden",
|
|
776
|
-
severity: "warn",
|
|
777
|
-
title: "Global tools.profile=minimal is overridden by agent profiles",
|
|
778
|
-
detail: "Global minimal profile is set, but these agent profiles take precedence:\n" + overrides.map((entry) => `- agents.list.${entry}`).join("\n"),
|
|
779
|
-
remediation: "Set those agents to `tools.profile=\"minimal\"` (or remove the agent override) if you want minimal tools enforced globally."
|
|
780
|
-
});
|
|
781
|
-
return findings;
|
|
782
|
-
}
|
|
783
|
-
function collectModelHygieneFindings(cfg) {
|
|
784
|
-
const findings = [];
|
|
785
|
-
const models = collectModels(cfg);
|
|
786
|
-
if (models.length === 0) return findings;
|
|
787
|
-
const weakMatches = /* @__PURE__ */ new Map();
|
|
788
|
-
const addWeakMatch = (model, source, reason) => {
|
|
789
|
-
const key = `${model}@@${source}`;
|
|
790
|
-
const existing = weakMatches.get(key);
|
|
791
|
-
if (!existing) {
|
|
792
|
-
weakMatches.set(key, {
|
|
793
|
-
model,
|
|
794
|
-
source,
|
|
795
|
-
reasons: [reason]
|
|
796
|
-
});
|
|
797
|
-
return;
|
|
798
|
-
}
|
|
799
|
-
if (!existing.reasons.includes(reason)) existing.reasons.push(reason);
|
|
800
|
-
};
|
|
801
|
-
for (const entry of models) {
|
|
802
|
-
for (const pat of WEAK_TIER_MODEL_PATTERNS) if (pat.re.test(entry.id)) {
|
|
803
|
-
addWeakMatch(entry.id, entry.source, pat.label);
|
|
804
|
-
break;
|
|
805
|
-
}
|
|
806
|
-
if (isGptModel(entry.id) && !isGpt5OrHigher(entry.id)) addWeakMatch(entry.id, entry.source, "Below GPT-5 family");
|
|
807
|
-
if (isClaudeModel(entry.id) && !isClaude45OrHigher(entry.id)) addWeakMatch(entry.id, entry.source, "Below Claude 4.5");
|
|
808
|
-
}
|
|
809
|
-
const matches = [];
|
|
810
|
-
for (const entry of models) for (const pat of LEGACY_MODEL_PATTERNS) if (pat.re.test(entry.id)) {
|
|
811
|
-
matches.push({
|
|
812
|
-
model: entry.id,
|
|
813
|
-
source: entry.source,
|
|
814
|
-
reason: pat.label
|
|
815
|
-
});
|
|
816
|
-
break;
|
|
817
|
-
}
|
|
818
|
-
if (matches.length > 0) {
|
|
819
|
-
const lines = matches.slice(0, 12).map((m) => `- ${m.model} (${m.reason}) @ ${m.source}`).join("\n");
|
|
820
|
-
const more = matches.length > 12 ? `\n…${matches.length - 12} more` : "";
|
|
821
|
-
findings.push({
|
|
822
|
-
checkId: "models.legacy",
|
|
823
|
-
severity: "warn",
|
|
824
|
-
title: "Some configured models look legacy",
|
|
825
|
-
detail: "Older/legacy models can be less robust against prompt injection and tool misuse.\n" + lines + more,
|
|
826
|
-
remediation: "Prefer modern, instruction-hardened models for any bot that can run tools."
|
|
827
|
-
});
|
|
828
|
-
}
|
|
829
|
-
if (weakMatches.size > 0) {
|
|
830
|
-
const lines = Array.from(weakMatches.values()).slice(0, 12).map((m) => `- ${m.model} (${m.reasons.join("; ")}) @ ${m.source}`).join("\n");
|
|
831
|
-
const more = weakMatches.size > 12 ? `\n…${weakMatches.size - 12} more` : "";
|
|
832
|
-
findings.push({
|
|
833
|
-
checkId: "models.weak_tier",
|
|
834
|
-
severity: "warn",
|
|
835
|
-
title: "Some configured models are below recommended tiers",
|
|
836
|
-
detail: "Smaller/older models are generally more susceptible to prompt injection and tool misuse.\n" + lines + more,
|
|
837
|
-
remediation: "Use the latest, top-tier model for any bot with tools or untrusted inboxes. Avoid Haiku tiers; prefer GPT-5+ and Claude 4.5+."
|
|
838
|
-
});
|
|
839
|
-
}
|
|
840
|
-
return findings;
|
|
841
|
-
}
|
|
842
|
-
function collectExposureMatrixFindings(cfg) {
|
|
843
|
-
const findings = [];
|
|
844
|
-
const openGroups = listGroupPolicyOpen(cfg);
|
|
845
|
-
if (openGroups.length === 0) return findings;
|
|
846
|
-
if (cfg.tools?.elevated?.enabled !== false) findings.push({
|
|
847
|
-
checkId: "security.exposure.open_groups_with_elevated",
|
|
848
|
-
severity: "critical",
|
|
849
|
-
title: "Open groupPolicy with elevated tools enabled",
|
|
850
|
-
detail: `Found groupPolicy="open" at:\n${openGroups.map((p) => `- ${p}`).join("\n")}\nWith tools.elevated enabled, a prompt injection in those rooms can become a high-impact incident.`,
|
|
851
|
-
remediation: `Set groupPolicy="allowlist" and keep elevated allowlists extremely tight.`
|
|
852
|
-
});
|
|
853
|
-
const { riskyContexts, hasRuntimeRisk } = collectRiskyToolExposureContexts(cfg);
|
|
854
|
-
if (riskyContexts.length > 0) findings.push({
|
|
855
|
-
checkId: "security.exposure.open_groups_with_runtime_or_fs",
|
|
856
|
-
severity: hasRuntimeRisk ? "critical" : "warn",
|
|
857
|
-
title: "Open groupPolicy with runtime/filesystem tools exposed",
|
|
858
|
-
detail: `Found groupPolicy="open" at:\n${openGroups.map((p) => `- ${p}`).join("\n")}\nRisky tool exposure contexts:\n${riskyContexts.map((line) => `- ${line}`).join("\n")}\nPrompt injection in open groups can trigger command/file actions in these contexts.`,
|
|
859
|
-
remediation: "For open groups, prefer tools.profile=\"messaging\" (or deny group:runtime/group:fs), set tools.fs.workspaceOnly=true, and use agents.defaults.sandbox.mode=\"all\" for exposed agents."
|
|
860
|
-
});
|
|
861
|
-
return findings;
|
|
862
|
-
}
|
|
863
|
-
function collectLikelyMultiUserSetupFindings(cfg) {
|
|
864
|
-
const findings = [];
|
|
865
|
-
const signals = listPotentialMultiUserSignals(cfg);
|
|
866
|
-
if (signals.length === 0) return findings;
|
|
867
|
-
const { riskyContexts, hasRuntimeRisk } = collectRiskyToolExposureContexts(cfg);
|
|
868
|
-
const impactLine = hasRuntimeRisk ? "Runtime/process tools are exposed without full sandboxing in at least one context." : "No unguarded runtime/process tools were detected by this heuristic.";
|
|
869
|
-
const riskyContextsDetail = riskyContexts.length > 0 ? `Potential high-impact tool exposure contexts:\n${riskyContexts.map((line) => `- ${line}`).join("\n")}` : "No unguarded runtime/filesystem contexts detected.";
|
|
870
|
-
findings.push({
|
|
871
|
-
checkId: "security.trust_model.multi_user_heuristic",
|
|
872
|
-
severity: "warn",
|
|
873
|
-
title: "Potential multi-user setup detected (personal-assistant model warning)",
|
|
874
|
-
detail: "Heuristic signals indicate this gateway may be reachable by multiple users:\n" + signals.map((signal) => `- ${signal}`).join("\n") + `\n${impactLine}\n${riskyContextsDetail}\nGenesis's default security model is personal-assistant (one trusted operator boundary), not hostile multi-tenant isolation on one shared gateway.`,
|
|
875
|
-
remediation: "If users may be mutually untrusted, split trust boundaries (separate gateways + credentials, ideally separate OS users/hosts). If you intentionally run shared-user access, set agents.defaults.sandbox.mode=\"all\", keep tools.fs.workspaceOnly=true, deny runtime/fs/web tools unless required, and keep personal/private identities + credentials off that runtime."
|
|
876
|
-
});
|
|
877
|
-
return findings;
|
|
878
|
-
}
|
|
879
|
-
//#endregion
|
|
880
|
-
export { collectAttackSurfaceSummaryFindings, collectExposureMatrixFindings, collectGatewayHttpNoAuthFindings, collectGatewayHttpSessionKeyOverrideFindings, collectHooksHardeningFindings, collectIncludeFilePermFindings, collectLikelyMultiUserSetupFindings, collectMinimalProfileOverrideFindings, collectModelHygieneFindings, collectNodeDangerousAllowCommandFindings, collectNodeDenyCommandPatternFindings, collectPluginsTrustFindings, collectSandboxBrowserHashLabelFindings, collectSandboxDangerousConfigFindings, collectSandboxDockerNoopFindings, collectSecretsInConfigFindings, collectSmallModelRiskFindings, collectStateDeepFilesystemFindings, collectSyncedFolderFindings, collectWorkspaceSkillSymlinkEscapeFindings, readConfigSnapshotForAudit };
|