@pixelzx/genesis 2026.6.29 → 2026.7.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -0
- package/dist/.buildstamp +1 -1
- package/dist/abort-cutoff.runtime-Cfv6I4gf.js +20 -0
- package/dist/abort-cutoff.runtime.js +1 -1
- package/dist/abort-xF_zj8_u.js +201 -0
- package/dist/abort.runtime-JUukGuW3.js +2 -0
- package/dist/abort.runtime.js +1 -1
- package/dist/accounts-C0jW92It.js +104 -0
- package/dist/accounts-C2ZexWg6.js +107 -0
- package/dist/accounts-tEPx6Fnd.js +2 -0
- package/dist/acp-cli-De2oyz3e.js +2217 -0
- package/dist/acp-spawn-7VB8ie8I.js +1042 -0
- package/dist/acp-spawn-C6VfLE4o.js +2 -0
- package/dist/acp-stateful-target-driver-ctUymwnI.js +89 -0
- package/dist/action-agents-Dy45TQ9X.js +67 -0
- package/dist/action-focus-hzygEAz5.js +132 -0
- package/dist/action-help-D1h2Czko.js +7 -0
- package/dist/action-info-EDBi7fre.js +101 -0
- package/dist/action-kill-CBNgmCsz.js +33 -0
- package/dist/action-list-C6KC8Ulv.js +21 -0
- package/dist/action-log-C0R9AwnB.js +30 -0
- package/dist/action-send-DZw27QoS.js +39 -0
- package/dist/action-spawn-BXEOYBEH.js +47 -0
- package/dist/action-unfocus-DWFUpr-g.js +29 -0
- package/dist/actions.runtime-1HHNbwPa.js +5 -0
- package/dist/actions.runtime-GFSX3jST.js +18 -0
- package/dist/actions.runtime.js +1 -1
- package/dist/agent-CU42dfye.js +2 -0
- package/dist/agent-command-Baehh2jJ.js +874 -0
- package/dist/agent-harness-runtime-Bmln4mlS.js +144 -0
- package/dist/agent-runner-utils-xPwHxFwc.js +239 -0
- package/dist/agent-runner.runtime-BBx0eqAs.js +3443 -0
- package/dist/agent-runner.runtime.js +1 -1
- package/dist/agent-runtime-mKUGZmYk.js +18 -0
- package/dist/agents-C_kp6PcN.js +954 -0
- package/dist/agents-D7-4l9xG.js +5 -0
- package/dist/agents.command-shared-j4Ht1HMt.js +40 -0
- package/dist/aliases-BR-85AbT.js +96 -0
- package/dist/aliases-DH4MEghL.js +2 -0
- package/dist/api-7axT1c4t.js +4 -0
- package/dist/api-8dcgPyEO.js +139 -0
- package/dist/api-BWV-Ja5Y.js +48 -0
- package/dist/api-C6Dl-nsC.js +3 -0
- package/dist/api-CeoOTFsR.js +5 -0
- package/dist/apply-DFpc3-ic.js +508 -0
- package/dist/apply.runtime-BpuwcltB.js +166 -0
- package/dist/apply.runtime-CyFkfilC.js +2 -0
- package/dist/apply.runtime.js +1 -1
- package/dist/approval-gateway-resolver-B5iZVyl3.js +29 -0
- package/dist/approval-gateway-runtime-DJMhFL8_.js +2 -0
- package/dist/approval-handler-runtime-CvlNyTSd.js +439 -0
- package/dist/approval-native-runtime-DIP1UVwF.js +729 -0
- package/dist/attempt-execution.runtime-Dnj7Dunz.js +509 -0
- package/dist/attempt-execution.runtime.js +1 -1
- package/dist/attempt-execution.shared-CJLlmxzq.js +22 -0
- package/dist/attempt.prompt-helpers-yXlkhGj_.js +206 -0
- package/dist/attempt.tool-run-context-DplnP36r.js +933 -0
- package/dist/audit-CP153cHC.js +939 -0
- package/dist/audit-channel.collect.runtime.js +1 -1
- package/dist/audit-extra.async-B52PswlQ.js +971 -0
- package/dist/audit-tool-policy-CMwmd8Xs.js +3 -0
- package/dist/audit.deep.runtime-BC4XWNSr.js +2 -0
- package/dist/audit.deep.runtime.js +1 -1
- package/dist/audit.nondeep.runtime-Dvng3qfA.js +880 -0
- package/dist/audit.nondeep.runtime.js +1 -1
- package/dist/audit.runtime-BPEAdYYt.js +7 -0
- package/dist/audit.runtime.js +1 -1
- package/dist/auth-CGB_0fnH.js +550 -0
- package/dist/auth-DXk-SISv.js +56 -0
- package/dist/auth-_41Zyvnc.js +2 -0
- package/dist/auth-bH95QjyV.js +177 -0
- package/dist/auth-choice-Bn-ygZZg.js +3 -0
- package/dist/auth-choice-CmUhzrUA.js +85 -0
- package/dist/auth-order-Cnl7fD4m.js +2 -0
- package/dist/auth-order-DTEvHo9G.js +139 -0
- package/dist/bash-tools-E5RKIMX4.js +2853 -0
- package/dist/bash-tools-n2uf-L6x.js +3 -0
- package/dist/bash-tools.exec-runtime-BSErqAOv.js +823 -0
- package/dist/binding-routing-MxZZJi7B.js +85 -0
- package/dist/binding-targets-DOjf91v9.js +121 -0
- package/dist/bridge-server-C9sdVkxe.js +113 -0
- package/dist/browser-control-auth-Ds_CXo7-.js +2 -0
- package/dist/browser-node-runtime-CrrZhgmT.js +12 -0
- package/dist/browser-profiles-DSq_VuWU.js +2 -0
- package/dist/browser-runtime-D3bUe2ki.js +387 -0
- package/dist/browser-setup-tools-BzBeI9sr.js +13 -0
- package/dist/build-BQ7uMjfi.js +550 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.js +3 -3
- package/dist/bundled/session-memory/handler.js +1 -1
- package/dist/call-C5EHc2Ve.js +3 -0
- package/dist/call-DgFhP0IB.js +330 -0
- package/dist/call.runtime-CBWpY5ek.js +2 -0
- package/dist/call.runtime.js +1 -1
- package/dist/capability-cli-CF-5WxGW.js +1401 -0
- package/dist/catalog-provider-BefDFS32.js +40 -0
- package/dist/catchup-DEgTzUZf.js +300 -0
- package/dist/channel-B9Z1yOBL.js +1100 -0
- package/dist/channel-BQalh8q5.js +1320 -0
- package/dist/channel-B_D0qB8f.js +297 -0
- package/dist/channel-CveiiHEq.js +226 -0
- package/dist/channel-DPRWC_X5.js +1802 -0
- package/dist/channel-DTNwXKB7.js +350 -0
- package/dist/channel-DsWHOdeO.js +840 -0
- package/dist/channel-IYn5sG7l.js +453 -0
- package/dist/channel-MwEUOERy.js +1174 -0
- package/dist/channel-add-wizard-De4DNba-.js +125 -0
- package/dist/channel-add-wizard-v9JYw-20.js +2 -0
- package/dist/channel-core-C3RFVpjy.js +5 -0
- package/dist/channel-geAqqK_e.js +491 -0
- package/dist/channel-inbound-BRCAVWH1.js +31 -0
- package/dist/channel-plugin-resolution-BYpxL2mS.js +2 -0
- package/dist/channel-plugin-resolution-Jy5eA_cD.js +153 -0
- package/dist/channel-plugin-runtime-B7guFbbq.js +771 -0
- package/dist/channel-runtime-B2HmUto-.js +425 -0
- package/dist/channel-selection.runtime.js +1 -1
- package/dist/channel-setup-DmnWuvUU.js +1297 -0
- package/dist/channel-zfFLswBu.js +595 -0
- package/dist/channel.runtime-60XStiek.js +2364 -0
- package/dist/channel.runtime-BK8atBx7.js +430 -0
- package/dist/channel.runtime-CjfgGDJR.js +576 -0
- package/dist/channel.runtime-Cuc72hD3.js +89 -0
- package/dist/channel.runtime-D4i6q9PJ.js +4 -0
- package/dist/channel.runtime-mLdKu3mE.js +42398 -0
- package/dist/channel.runtime.js +1 -1
- package/dist/channel.setup-BxdBjfQG.js +10 -0
- package/dist/channel2.runtime-DhBM75gc.js +109 -0
- package/dist/channel2.runtime.js +1 -1
- package/dist/channels-YP0r9T7z.js +733 -0
- package/dist/channels-cli-BA8x-0ie.js +268 -0
- package/dist/chat-C-K_PnVS.js +2830 -0
- package/dist/clawbot-cli-CcTWZznd.js +9 -0
- package/dist/clawhub-Dg91MiOl.js +400 -0
- package/dist/cli/daemon-cli.js +3 -3
- package/dist/cli-B9pz-wec.js +2 -0
- package/dist/cli-BDqmMCNa.js +219 -0
- package/dist/cli-BnjgRW4w.js +154 -0
- package/dist/cli-C6O2LqdN.js +683 -0
- package/dist/cli-CFANcv9h.js +2 -0
- package/dist/cli-D9yBNX96.js +3726 -0
- package/dist/cli-e4V7ix51.js +2 -0
- package/dist/cli-oSszUBF4.js +72 -0
- package/dist/cli-runner-ziqCSXFY.js +286 -0
- package/dist/cli-runner.runtime-B-P8SxLi.js +4 -0
- package/dist/cli-runner.runtime-BmqwbMTX.js +3 -0
- package/dist/cli-runner.runtime.js +1 -1
- package/dist/cli-startup-metadata.json +2 -2
- package/dist/cli.runtime-4isBQRbc.js +1261 -0
- package/dist/cli.runtime.js +1 -1
- package/dist/client-CcimlPth.js +138 -0
- package/dist/client-DQsu_IXu.js +723 -0
- package/dist/command-auth-BWQO7kca.js +76 -0
- package/dist/command-config-resolution-ClTknI2S.js +2 -0
- package/dist/command-config-resolution-CrkcVij4.js +23 -0
- package/dist/command-config-resolution.runtime-D6B4s-Uv.js +2 -0
- package/dist/command-config-resolution.runtime.js +1 -1
- package/dist/command-execution-startup-CQcKEDhz.js +324 -0
- package/dist/command-registry-B_U-oRjT.js +4 -0
- package/dist/command-registry-CJ8y08cJ.js +9 -0
- package/dist/command-registry-core-CjYDA5Hb.js +106 -0
- package/dist/command-secret-gateway-BN5JN_4V.js +528 -0
- package/dist/command-status.runtime-BwGSaGwK.js +87 -0
- package/dist/command-status.runtime.js +1 -1
- package/dist/commands-acp-Di5EZJSo.js +77 -0
- package/dist/commands-compact.runtime-Dm1rBnbf.js +10 -0
- package/dist/commands-compact.runtime.js +1 -1
- package/dist/commands-core.runtime-DjL6pkWU.js +2 -0
- package/dist/commands-core.runtime.js +1 -1
- package/dist/commands-handlers.runtime-C8uzW3Za.js +4599 -0
- package/dist/commands-handlers.runtime.js +1 -1
- package/dist/commands-reset-hooks-7h-poKws.js +135 -0
- package/dist/commands-status-D_wsDlQe.js +16 -0
- package/dist/commands-status.runtime-BYT0Y8Xk.js +3 -0
- package/dist/commands-status.runtime.js +1 -1
- package/dist/commands-subagents-control.runtime-BozyiWar.js +3 -0
- package/dist/commands-subagents-control.runtime-DDCzt8Ub.js +2 -0
- package/dist/commands-subagents-control.runtime.js +1 -1
- package/dist/commands-system-prompt-ClkTGvNr.js +157 -0
- package/dist/commands-system-prompt-qRoqhQKL.js +2 -0
- package/dist/commands.runtime-DdZErCma.js +167 -0
- package/dist/commands.runtime.js +1 -1
- package/dist/compact-BCs9ORLb.js +1096 -0
- package/dist/compact.runtime-DvG7GWYV.js +12 -0
- package/dist/compact.runtime.js +1 -1
- package/dist/completion-cli-C4J7V5YR.js +328 -0
- package/dist/config-B0uPLzV0.js +252 -0
- package/dist/config-cli-Bt8euI41.js +1078 -0
- package/dist/config-guard-DUDovz1_.js +96 -0
- package/dist/config-runtime-BnYU3hOw.js +32 -0
- package/dist/configure-BIB6QKXD.js +2 -0
- package/dist/configure-DuXRvaw-.js +1252 -0
- package/dist/connect-options-DdLRs3mC.js +699 -0
- package/dist/control-auth-BboB6-Q9.js +125 -0
- package/dist/control-service-zISWiuJ_.js +156 -0
- package/dist/control-ui/assets/agents-JC5PtqrV.js +1125 -0
- package/dist/control-ui/assets/canvas-BOLwH2XE.js +274 -0
- package/dist/control-ui/assets/channel-config-extras-DndsWi2n.js +2 -0
- package/dist/control-ui/assets/channels-DehEkmqb.js +198 -0
- package/dist/control-ui/assets/contacts-CuFuG0IF.js +49 -0
- package/dist/control-ui/assets/cron-DOmGA0e5.js +250 -0
- package/dist/control-ui/assets/de-CJg8xmlK.js +2 -0
- package/dist/control-ui/assets/debug-BmuUKCSJ.js +94 -0
- package/dist/control-ui/assets/es-C4Q-2wY3.js +2 -0
- package/dist/control-ui/assets/fr-C8HMIYz8.js +2 -0
- package/dist/control-ui/assets/i18n-Cc8tlfvD.js +3 -0
- package/dist/control-ui/assets/id-Cfarvm3I.js +2 -0
- package/dist/control-ui/assets/index-rW3Q6M8T.js +5981 -0
- package/dist/control-ui/assets/instances-Cx7hEWzW.js +57 -0
- package/dist/control-ui/assets/ja-JP-F9ReJBkI.js +2 -0
- package/dist/control-ui/assets/ko-COLp1JKa.js +2 -0
- package/dist/control-ui/assets/logs-DB-Z5vcW.js +74 -0
- package/dist/control-ui/assets/mcp-Cpcduudl.js +417 -0
- package/dist/control-ui/assets/memory-DnzEGr6j.js +50 -0
- package/dist/control-ui/assets/memory-graph-DyR9Uhz0.js +30 -0
- package/dist/control-ui/assets/models-DiDA_80_.js +86 -0
- package/dist/control-ui/assets/nodes-DBKCXfee.js +654 -0
- package/dist/control-ui/assets/pl-BYPzLeb4.js +2 -0
- package/dist/control-ui/assets/plugins-CwfOfaNX.js +259 -0
- package/dist/control-ui/assets/presenter-5bq6-zJE.js +2 -0
- package/dist/control-ui/assets/pt-BR-DTBFbuCo.js +2 -0
- package/dist/control-ui/assets/sessions-B32pl2IK.js +56 -0
- package/dist/control-ui/assets/skills-UF7TyQK4.js +294 -0
- package/dist/control-ui/assets/skills-shared-B74z1P-E.js +11 -0
- package/dist/control-ui/assets/th-CIjDBcNT.js +2 -0
- package/dist/control-ui/assets/tr-NCpkXtTg.js +2 -0
- package/dist/control-ui/assets/uk-DvS1vsmH.js +2 -0
- package/dist/control-ui/assets/wallet-RKPn2MRs.js +302 -0
- package/dist/control-ui/assets/zh-CN-SfnMOQr0.js +2 -0
- package/dist/control-ui/assets/zh-TW-CkQgNjXi.js +2 -0
- package/dist/control-ui/index.html +2 -2
- package/dist/control-ui-CKQ17fcd.js +1043 -0
- package/dist/conversation-id-BzYtax7n.js +235 -0
- package/dist/conversation-id-HBz3v6j3.js +38 -0
- package/dist/conversation-runtime-CkcxSb_S.js +31 -0
- package/dist/core-DxVEjt5f.js +275 -0
- package/dist/create-B9OOGa90.js +80 -0
- package/dist/cron-cli-CAkqablA.js +713 -0
- package/dist/daemon-cli-CCC_5IkN.js +12 -0
- package/dist/dashboard-Bqpn6xD_.js +81 -0
- package/dist/dashboard-Cd6TkhpW.js +2 -0
- package/dist/delegate-D7D8iTtT.js +64 -0
- package/dist/deliver-I8Ifd1yR.js +3 -0
- package/dist/deliver-Zphc65zr.js +747 -0
- package/dist/deliver-runtime-DQyfYkCs.js +2 -0
- package/dist/delivery-outbound.runtime-Bs9x6LSS.js +6 -0
- package/dist/delivery-outbound.runtime.js +1 -1
- package/dist/delivery.runtime-Cx3qn7Hc.js +253 -0
- package/dist/delivery.runtime.js +1 -1
- package/dist/detached-task-runtime-D2jixP5C.js +73 -0
- package/dist/devices-cli-CMnaKl01.js +498 -0
- package/dist/diagnostics-B8Z9UWlG.js +154 -0
- package/dist/direct-dm-c4Qb2Nzg.js +64 -0
- package/dist/directive-handling.fast-lane-DuuCgCI2.js +66 -0
- package/dist/directive-handling.impl-BiJain1b.js +2 -0
- package/dist/directive-handling.impl-CYw76-Ag.js +703 -0
- package/dist/directive-handling.model-selection-BNnOIh0D.js +114 -0
- package/dist/directive-handling.persist.runtime-DWnMoAjn.js +215 -0
- package/dist/directive-handling.persist.runtime.js +1 -1
- package/dist/directory-cli-CinbUxv4.js +240 -0
- package/dist/dispatch-acp-BL2QahHP.js +981 -0
- package/dist/dispatch-acp-manager.runtime-CynWPlJS.js +3 -0
- package/dist/dispatch-acp-manager.runtime.js +1 -1
- package/dist/dispatch-acp-media.runtime-CrC5nXXy.js +4 -0
- package/dist/dispatch-acp-media.runtime.js +1 -1
- package/dist/dispatch-acp-session.runtime-C_GFMR0r.js +2 -0
- package/dist/dispatch-acp-session.runtime.js +1 -1
- package/dist/dispatch-acp.runtime-OwR8G8Qt.js +19 -0
- package/dist/dispatch-acp.runtime.js +1 -1
- package/dist/dispatch-r6Uv7puk.js +1131 -0
- package/dist/doctor-config-flow-BQjLEW5b.js +420 -0
- package/dist/doctor-config-preflight-B3VVSleh.js +63 -0
- package/dist/doctor-config-preflight-BBOEq7ti.js +2 -0
- package/dist/doctor-device-pairing-GsLelCah.js +307 -0
- package/dist/doctor-gateway-daemon-flow-Bj6Y5WoB.js +250 -0
- package/dist/doctor-gateway-health-D7WY6zgb.js +63 -0
- package/dist/doctor-health-C9GRQaPA.js +59 -0
- package/dist/doctor-health-contributions-Dk9ho6TO.js +493 -0
- package/dist/doctor-prompter-Ct6Jv52M.js +56 -0
- package/dist/doctor-sandbox-DAb-mQpy.js +194 -0
- package/dist/doctor-state-migrations-36dXc9ct.js +2 -0
- package/dist/doctor-workspace-status-CJCfWEI6.js +75 -0
- package/dist/dreaming-_hTKF5lN.js +1582 -0
- package/dist/dreaming-narrative-D5XTDttN.js +596 -0
- package/dist/embedded-gateway-stub.runtime-CEmoodA9.js +9 -0
- package/dist/embedded-gateway-stub.runtime.js +1 -1
- package/dist/embedding-provider-B9F-kCH3.js +118 -0
- package/dist/embeddings-BCVqTyaZ.js +215 -0
- package/dist/embeddings-http-CCsd7vWB.js +205 -0
- package/dist/entry.js +2 -2
- package/dist/exec-approval-forwarder.runtime-CMniJyXX.js +3 -0
- package/dist/exec-approval-forwarder.runtime.js +1 -1
- package/dist/exec-approvals-cli-ClDMlOmM.js +498 -0
- package/dist/exec-defaults-BWb7bhoE.js +2 -0
- package/dist/exec-defaults-CE8PArh-.js +67 -0
- package/dist/execute.runtime-Bhup95bB.js +1359 -0
- package/dist/execute.runtime.js +1 -1
- package/dist/extensionAPI.js +3 -3
- package/dist/extensions/active-memory/index.js +3 -3
- package/dist/extensions/alibaba/index.js +1 -1
- package/dist/extensions/alibaba/video-generation-provider.js +1 -1
- package/dist/extensions/arcee/index.js +2 -2
- package/dist/extensions/bluebubbles/api.js +3 -3
- package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
- package/dist/extensions/browser/browser-bridge.js +1 -1
- package/dist/extensions/browser/browser-config.js +4 -4
- package/dist/extensions/browser/browser-control-auth.js +2 -2
- package/dist/extensions/browser/browser-doctor.js +2 -2
- package/dist/extensions/browser/browser-maintenance.js +2 -2
- package/dist/extensions/browser/browser-profiles.js +2 -2
- package/dist/extensions/browser/browser-runtime-api.js +10 -10
- package/dist/extensions/browser/index.js +1 -1
- package/dist/extensions/browser/plugin-registration.js +1 -1
- package/dist/extensions/browser/register.runtime.js +3 -3
- package/dist/extensions/browser/runtime-api.js +11 -11
- package/dist/extensions/browser/test-support.js +1 -1
- package/dist/extensions/byteplus/index.js +3 -3
- package/dist/extensions/byteplus/video-generation-provider.js +1 -1
- package/dist/extensions/chutes/index.js +4 -4
- package/dist/extensions/cloudflare-ai-gateway/api.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/catalog-provider.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +2 -2
- package/dist/extensions/comfy/image-generation-provider.js +2 -2
- package/dist/extensions/comfy/index.js +5 -5
- package/dist/extensions/comfy/music-generation-provider.js +1 -1
- package/dist/extensions/comfy/video-generation-provider.js +2 -2
- package/dist/extensions/comfy/workflow-runtime.js +1 -1
- package/dist/extensions/deepseek/index.js +1 -1
- package/dist/extensions/device-pair/api.js +2 -2
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/device-pair/notify.js +1 -1
- package/dist/extensions/device-pair/pair-command-approve.js +1 -1
- package/dist/extensions/device-pair/qr-image.js +2 -2
- package/dist/extensions/fal/image-generation-provider.js +1 -1
- package/dist/extensions/fal/index.js +3 -3
- package/dist/extensions/fal/provider-registration.js +1 -1
- package/dist/extensions/fal/test-api.js +2 -2
- package/dist/extensions/fal/video-generation-provider.js +1 -1
- package/dist/extensions/fireworks/index.js +1 -1
- package/dist/extensions/github-copilot/api.js +1 -1
- package/dist/extensions/github-copilot/auth.js +1 -1
- package/dist/extensions/github-copilot/embeddings.js +1 -1
- package/dist/extensions/github-copilot/index.js +4 -4
- package/dist/extensions/github-copilot/login.js +1 -1
- package/dist/extensions/github-copilot/register.runtime.js +2 -2
- package/dist/extensions/google-meet/index.js +6 -6
- package/dist/extensions/groq/index.js +1 -1
- package/dist/extensions/groq/media-understanding-provider.js +1 -1
- package/dist/extensions/groq/test-api.js +1 -1
- package/dist/extensions/huggingface/index.js +1 -1
- package/dist/extensions/image-generation-core/api.js +2 -2
- package/dist/extensions/imessage/api.js +4 -4
- package/dist/extensions/imessage/channel-plugin-api.js +1 -1
- package/dist/extensions/imessage/runtime-api.js +5 -5
- package/dist/extensions/imessage/test-api.js +1 -1
- package/dist/extensions/irc/api.js +2 -2
- package/dist/extensions/irc/channel-plugin-api.js +1 -1
- package/dist/extensions/kilocode/index.js +1 -1
- package/dist/extensions/kimi-coding/index.js +2 -2
- package/dist/extensions/line/api.js +2 -2
- package/dist/extensions/line/channel-plugin-api.js +1 -1
- package/dist/extensions/line/contract-api.js +1 -1
- package/dist/extensions/line/runtime-api.js +4 -4
- package/dist/extensions/line/setup-api.js +1 -1
- package/dist/extensions/litellm/index.js +1 -1
- package/dist/extensions/llm-task/index.js +2 -2
- package/dist/extensions/lmstudio/api.js +2 -2
- package/dist/extensions/lmstudio/index.js +3 -3
- package/dist/extensions/lmstudio/memory-embedding-adapter.js +1 -1
- package/dist/extensions/lmstudio/runtime-api.js +1 -1
- package/dist/extensions/lobster/index.js +3 -3
- package/dist/extensions/lobster/runtime-api.js +1 -1
- package/dist/extensions/mattermost/api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
- package/dist/extensions/mattermost/policy-api.js +1 -1
- package/dist/extensions/mattermost/runtime-api.js +7 -7
- package/dist/extensions/mattermost/slash-route-api.js +1 -1
- package/dist/extensions/media-understanding-core/runtime-api.js +2 -2
- package/dist/extensions/memory-core/api.js +1 -1
- package/dist/extensions/memory-core/cli-metadata.js +2 -2
- package/dist/extensions/memory-core/index.js +3 -3
- package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
- package/dist/extensions/memory-lancedb/index.js +1 -1
- package/dist/extensions/memory-wiki/cli-metadata.js +1 -1
- package/dist/extensions/memory-wiki/index.js +1 -1
- package/dist/extensions/microsoft/index.js +1 -1
- package/dist/extensions/microsoft/speech-provider.js +1 -1
- package/dist/extensions/microsoft/test-api.js +1 -1
- package/dist/extensions/microsoft-foundry/auth.js +1 -1
- package/dist/extensions/microsoft-foundry/cli.js +1 -1
- package/dist/extensions/microsoft-foundry/index.js +1 -1
- package/dist/extensions/microsoft-foundry/onboard.js +2 -2
- package/dist/extensions/microsoft-foundry/provider.js +1 -1
- package/dist/extensions/microsoft-foundry/runtime.js +1 -1
- package/dist/extensions/microsoft-foundry/shared-runtime.js +2 -2
- package/dist/extensions/microsoft-foundry/shared.js +1 -1
- package/dist/extensions/minimax/image-generation-provider.js +1 -1
- package/dist/extensions/minimax/index.js +6 -6
- package/dist/extensions/minimax/media-understanding-provider.js +1 -1
- package/dist/extensions/minimax/music-generation-provider.js +1 -1
- package/dist/extensions/minimax/oauth.js +1 -1
- package/dist/extensions/minimax/oauth.runtime.js +1 -1
- package/dist/extensions/minimax/provider-registration.js +1 -1
- package/dist/extensions/minimax/speech-provider.js +1 -1
- package/dist/extensions/minimax/test-api.js +4 -4
- package/dist/extensions/minimax/video-generation-provider.js +1 -1
- package/dist/extensions/mistral/index.js +2 -2
- package/dist/extensions/mistral/media-understanding-provider.js +1 -1
- package/dist/extensions/mistral/test-api.js +1 -1
- package/dist/extensions/moonshot/index.js +2 -2
- package/dist/extensions/moonshot/media-understanding-provider.js +1 -1
- package/dist/extensions/moonshot/test-api.js +1 -1
- package/dist/extensions/msteams/api.js +1 -1
- package/dist/extensions/msteams/channel-plugin-api.js +1 -1
- package/dist/extensions/msteams/runtime-api.js +4 -4
- package/dist/extensions/msteams/test-api.js +1 -1
- package/dist/extensions/nextcloud-talk/api.js +1 -1
- package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
- package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
- package/dist/extensions/nvidia/index.js +1 -1
- package/dist/extensions/ollama/api.js +3 -3
- package/dist/extensions/ollama/index.js +9 -9
- package/dist/extensions/ollama/runtime-api.js +2 -2
- package/dist/extensions/ollama/web-search-provider.js +1 -1
- package/dist/extensions/openai/api.js +2 -2
- package/dist/extensions/openai/image-generation-provider.js +1 -1
- package/dist/extensions/openai/index.js +6 -6
- package/dist/extensions/openai/media-understanding-provider.js +1 -1
- package/dist/extensions/openai/openai-codex-provider.js +1 -1
- package/dist/extensions/openai/openai-provider.js +1 -1
- package/dist/extensions/openai/register.runtime.js +4 -4
- package/dist/extensions/openai/test-api.js +3 -3
- package/dist/extensions/openai/video-generation-provider.js +1 -1
- package/dist/extensions/opencode/index.js +2 -2
- package/dist/extensions/opencode/media-understanding-provider.js +1 -1
- package/dist/extensions/opencode-go/index.js +2 -2
- package/dist/extensions/opencode-go/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/api.js +1 -1
- package/dist/extensions/openrouter/image-generation-provider.js +1 -1
- package/dist/extensions/openrouter/index.js +4 -4
- package/dist/extensions/openrouter/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/register.runtime.js +3 -3
- package/dist/extensions/openrouter/test-api.js +2 -2
- package/dist/extensions/openshell/index.js +3 -3
- package/dist/extensions/qianfan/index.js +1 -1
- package/dist/extensions/qwen/index.js +3 -3
- package/dist/extensions/qwen/media-understanding-provider.js +1 -1
- package/dist/extensions/qwen/test-api.js +2 -2
- package/dist/extensions/qwen/video-generation-provider.js +1 -1
- package/dist/extensions/runway/index.js +1 -1
- package/dist/extensions/runway/video-generation-provider.js +1 -1
- package/dist/extensions/signal/api.js +6 -6
- package/dist/extensions/signal/channel-plugin-api.js +1 -1
- package/dist/extensions/signal/reaction-runtime-api.js +1 -1
- package/dist/extensions/signal/runtime-api.js +9 -9
- package/dist/extensions/skill-workshop/api.js +1 -1
- package/dist/extensions/skill-workshop/index.js +2 -2
- package/dist/extensions/speech-core/runtime-api.js +1 -1
- package/dist/extensions/stepfun/index.js +2 -2
- package/dist/extensions/synology-chat/api.js +1 -1
- package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
- package/dist/extensions/synthetic/index.js +1 -1
- package/dist/extensions/talk-voice/index.js +1 -1
- package/dist/extensions/tencent/index.js +2 -2
- package/dist/extensions/thread-ownership/index.js +1 -1
- package/dist/extensions/tlon/api.js +2 -2
- package/dist/extensions/tlon/channel-plugin-api.js +1 -1
- package/dist/extensions/tlon/runtime-api.js +1 -1
- package/dist/extensions/tlon/test-api.js +1 -1
- package/dist/extensions/together/index.js +2 -2
- package/dist/extensions/together/video-generation-provider.js +1 -1
- package/dist/extensions/twitch/api.js +1 -1
- package/dist/extensions/twitch/channel-plugin-api.js +1 -1
- package/dist/extensions/twitch/setup-plugin-api.js +1 -1
- package/dist/extensions/venice/index.js +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +1 -1
- package/dist/extensions/voice-call/index.js +1 -1
- package/dist/extensions/voice-call/runtime-entry.js +1 -1
- package/dist/extensions/volcengine/index.js +2 -2
- package/dist/extensions/vydra/image-generation-provider.js +1 -1
- package/dist/extensions/vydra/index.js +4 -4
- package/dist/extensions/vydra/video-generation-provider.js +1 -1
- package/dist/extensions/xai/api.js +2 -2
- package/dist/extensions/xai/code-execution.js +2 -2
- package/dist/extensions/xai/image-generation-provider.js +1 -1
- package/dist/extensions/xai/index.js +6 -6
- package/dist/extensions/xai/speech-provider.js +1 -1
- package/dist/extensions/xai/tts.js +1 -1
- package/dist/extensions/xai/video-generation-provider.js +1 -1
- package/dist/extensions/xai/x-search.js +2 -2
- package/dist/extensions/xiaomi/index.js +1 -1
- package/dist/extensions/zai/index.js +2 -2
- package/dist/extensions/zai/media-understanding-provider.js +1 -1
- package/dist/extensions/zai/test-api.js +1 -1
- package/dist/extensions/zalo/api.js +3 -3
- package/dist/extensions/zalo/channel-plugin-api.js +1 -1
- package/dist/extensions/zalo/runtime-api.js +2 -2
- package/dist/extensions/zalo/setup-api.js +2 -2
- package/dist/extensions/zalouser/api.js +3 -3
- package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
- package/dist/extensions/zalouser/runtime-api.js +7 -7
- package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
- package/dist/extensions/zalouser/test-api.js +1 -1
- package/dist/fallbacks-7zSQjTV3.js +31 -0
- package/dist/fallbacks-CZiqVR5O.js +2 -0
- package/dist/fallbacks-shared-ChkX-wC9.js +111 -0
- package/dist/gateway-CHyZ16Py.js +115 -0
- package/dist/gateway-cli-Ddf-bjxV.js +1283 -0
- package/dist/gateway-rpc-DksPpMA7.js +14 -0
- package/dist/gateway-rpc.runtime-BKaQsdOu.js +23 -0
- package/dist/gateway-rpc.runtime.js +1 -1
- package/dist/gateway-runtime-Ca4l5F_e.js +15 -0
- package/dist/gateway-status-CTPWttLS.js +584 -0
- package/dist/genesis-tools-Bkxp7zlI.js +9435 -0
- package/dist/genesis-tools.runtime-BCkQJQBx.js +2 -0
- package/dist/genesis-tools.runtime.js +1 -1
- package/dist/get-reply-HzKdsGO7.js +3946 -0
- package/dist/get-reply-from-config.runtime-C5ISSvQ1.js +2 -0
- package/dist/get-reply-from-config.runtime.js +1 -1
- package/dist/gmail-watcher-lifecycle-BYRHDXCT.js +2 -0
- package/dist/graph-users-BVVUU02O.js +1337 -0
- package/dist/health-3Ot3RyLe.js +420 -0
- package/dist/health-B1Ww7M60.js +3 -0
- package/dist/health-route--L24U5vY.js +2 -0
- package/dist/health-route-DQ3RbNHQ.js +41 -0
- package/dist/hooks-cli-CsJbTM0O.js +433 -0
- package/dist/http-endpoint-helpers-D5HkMFwp.js +41 -0
- package/dist/http-utils-LFOvdepz.js +924 -0
- package/dist/image-fallbacks--ElXneWp.js +31 -0
- package/dist/image-fallbacks-D3vJILOu.js +2 -0
- package/dist/image-generation-core-DasXukAP.js +18 -0
- package/dist/image-generation-core.auth.runtime.js +1 -1
- package/dist/image-generation-provider-BUYDznhO.js +157 -0
- package/dist/image-generation-provider-CZsEm9qP.js +137 -0
- package/dist/image-generation-provider-DfAtOfEj.js +95 -0
- package/dist/image-generation-provider-Dksuo9OZ.js +529 -0
- package/dist/image-generation-provider-TlVk_XqK.js +63 -0
- package/dist/image-generation-provider-YwugArNw.js +274 -0
- package/dist/image-generation-provider-bWlq5yUE.js +228 -0
- package/dist/image-runtime-CswgJNvs.js +9 -0
- package/dist/inbound-reply-dispatch-B7wRXjgc.js +73 -0
- package/dist/inbound.runtime-Bw0JSbxR.js +4 -0
- package/dist/inbound.runtime-DjvZZHXI.js +3 -0
- package/dist/inbound.runtime.js +1 -1
- package/dist/index.js +2 -2
- package/dist/infra-runtime-CBfd1WMP.js +38 -0
- package/dist/init-D0hOJH3x.js +59 -0
- package/dist/install-CYvCH-s3.js +726 -0
- package/dist/install-security-scan-B7ZoC2Vw.js +26 -0
- package/dist/install-security-scan.runtime-iZsF-J1u.js +671 -0
- package/dist/install-security-scan.runtime.js +1 -1
- package/dist/install.runtime-BAqg9YWO.js +27 -0
- package/dist/install.runtime-Cc9Bf7A6.js +12 -0
- package/dist/install.runtime.js +1 -1
- package/dist/jobs-BIi6klWl.js +729 -0
- package/dist/library-oLeJ7WB2.js +45 -0
- package/dist/lifecycle-CeE5vcbI.js +571 -0
- package/dist/lifecycle-CqOQyQkN.js +229 -0
- package/dist/lifecycle.runtime-3bkEDR0o.js +2 -0
- package/dist/lifecycle.runtime.js +1 -1
- package/dist/list-C3cLeCpB.js +2 -0
- package/dist/list-CcZ_ONLT.js +2 -0
- package/dist/list-DUXsFAZJ.js +1212 -0
- package/dist/list-gnrIqPtd.js +131 -0
- package/dist/list.probe-BwRgShwM.js +419 -0
- package/dist/live-model-switch-CWgg2Ggb.js +336 -0
- package/dist/llm-slug-generator-BkDTThCe.js +79 -0
- package/dist/llm-slug-generator.js +1 -1
- package/dist/load-config-CfZQrUUz.js +35 -0
- package/dist/loader-DsEya2Rd.js +222 -0
- package/dist/local-dispatch.runtime-CtXGZ70F.js +8 -0
- package/dist/local-dispatch.runtime.js +1 -1
- package/dist/login-M0JiZwmc.js +108 -0
- package/dist/logs-cli-zd_9yCKn.js +265 -0
- package/dist/logs-cli.runtime-BWvHh5zg.js +2 -0
- package/dist/logs-cli.runtime.js +1 -1
- package/dist/main-session-restart-recovery-Bnvjo9E1.js +206 -0
- package/dist/managed-image-attachments-Cib67JTY.js +2 -0
- package/dist/managed-image-attachments-Pl-_Wh-s.js +635 -0
- package/dist/manager-CfFNGdWA.js +2057 -0
- package/dist/manager-TXSNaq3B.js +2 -0
- package/dist/markdown-to-line-C83mDLjZ.js +790 -0
- package/dist/mcp/plugin-tools-serve.js +1 -1
- package/dist/mcp-cli-CNy5N1fa.js +725 -0
- package/dist/mcp-http-Cp3nlyRC.js +529 -0
- package/dist/mcp-oauth-embedded.runtime-Bg_5jTnW.js +111 -0
- package/dist/mcp-oauth-embedded.runtime.js +1 -0
- package/dist/media-runtime-BetXjDy_.js +329 -0
- package/dist/media-understanding-PrCTBqs6.js +85 -0
- package/dist/media-understanding-provider-BOJyh6FF.js +85 -0
- package/dist/media-understanding-provider-BQqWS6FP.js +18 -0
- package/dist/media-understanding-provider-BVI5_wpJ.js +12 -0
- package/dist/media-understanding-provider-BvANUUsD.js +37 -0
- package/dist/media-understanding-provider-CmJsqky4.js +69 -0
- package/dist/media-understanding-provider-D160isav.js +28 -0
- package/dist/media-understanding-provider-DLdtS2i0.js +12 -0
- package/dist/media-understanding-provider-DbYma1pc.js +21 -0
- package/dist/media-understanding-provider-DgKlDcus.js +18 -0
- package/dist/media-understanding-provider-Dt4kGn2a.js +13 -0
- package/dist/media-understanding-runtime-7Pt0cFob.js +2 -0
- package/dist/memory-core-host-runtime-cli-BegfMQ60.js +9 -0
- package/dist/memory-embedding-adapter-bqPa42NQ.js +123 -0
- package/dist/memory-host-search-595fbsH5.js +12 -0
- package/dist/memory-host-search.runtime.js +1 -1
- package/dist/message-BEIYueeC.js +232 -0
- package/dist/message-action-runner-BMAw7gfU.js +2 -0
- package/dist/message-action-runner-DbqkVVXA.js +1407 -0
- package/dist/message-actions-CagfUya_.js +143 -0
- package/dist/message.config.runtime.js +1 -1
- package/dist/message.gateway.runtime-8N00rzUd.js +2 -0
- package/dist/message.gateway.runtime.js +1 -1
- package/dist/method-scopes-TWVLEUXZ.js +239 -0
- package/dist/model-picker-DJQ_lN5J.js +3 -0
- package/dist/model-picker-f_kmCGgt.js +559 -0
- package/dist/model-picker.runtime-Bua1ZV3T.js +15 -0
- package/dist/model-picker.runtime.js +1 -1
- package/dist/model-selection-DRe0f5zo.js +212 -0
- package/dist/models-auth-status-dUVFT_f1.js +217 -0
- package/dist/models-cli-VqeddndJ.js +271 -0
- package/dist/models-http-PC5-c2lS.js +92 -0
- package/dist/models.fetch-CsIbuvYn.js +518 -0
- package/dist/monitor-BgwZHXAs.js +2 -0
- package/dist/monitor-BrGXztev.js +1661 -0
- package/dist/monitor-DXqHkIkY.js +788 -0
- package/dist/monitor-DoS0pnRS.js +671 -0
- package/dist/monitor-SUo0OdqH.js +1459 -0
- package/dist/monitor-auth-BjLpAGxu.js +207 -0
- package/dist/monitor-hVTP1bQv.js +1237 -0
- package/dist/monitor-processing-CIokCAUz.js +1974 -0
- package/dist/monitor.runtime-BU4RKNXx.js +2 -0
- package/dist/monitor.runtime.js +1 -1
- package/dist/monitor.webhook-DaTTjWrL.js +180 -0
- package/dist/msteams-CmdWCuQl.js +35 -0
- package/dist/music-generation-provider-D1C-gv82.js +63 -0
- package/dist/music-generation-provider-Da4aNlMi.js +170 -0
- package/dist/native-hook-relay-Crk4McKb.js +519 -0
- package/dist/nextcloud-talk-D23cNPfx.js +17 -0
- package/dist/node-cli-DQ2FAUD5.js +2276 -0
- package/dist/nodes-cli-rSfhRw3_.js +1046 -0
- package/dist/nodes-utils-DlayGjaD.js +84 -0
- package/dist/nodes.helpers-DDUs18Tb.js +34 -0
- package/dist/notify-BSOvLWmd.js +315 -0
- package/dist/oauth-CMgJwuws.js +2 -0
- package/dist/oauth-CkVdnYWF.js +152 -0
- package/dist/oauth-DyK5hAZs.js +139 -0
- package/dist/oauth-OBOUymgi.js +75 -0
- package/dist/oauth.flow-BLoyN3lV.js +3 -0
- package/dist/oauth.flow-DH06lWCO.js +45 -0
- package/dist/onboard-C-WpjREP.js +316 -0
- package/dist/onboard-CpNpQ0N8.js +70 -0
- package/dist/onboard-channels-BeLqCc-3.js +2 -0
- package/dist/onboard-channels-DvKo0QB_.js +3 -0
- package/dist/onboard-custom-BXb7qIWz.js +3 -0
- package/dist/onboard-custom-ClkyPqIy.js +271 -0
- package/dist/onboard-helpers-BSqq4yEX.js +204 -0
- package/dist/onboard-helpers-Cw8cHMwk.js +6 -0
- package/dist/onboard-interactive-CIJMPUNi.js +24 -0
- package/dist/onboard-non-interactive-CCGFunM1.js +635 -0
- package/dist/onboard-remote-BIFjzB0v.js +193 -0
- package/dist/onboard-remote-DdfKS44K.js +2 -0
- package/dist/onboard-skills-C9Oz7pMM.js +134 -0
- package/dist/onboard-skills-DFZIuIBM.js +2 -0
- package/dist/onboard-ygfHgwjs.js +2 -0
- package/dist/onboarding-plugin-install-CSJX8VZv.js +406 -0
- package/dist/openai-codex-provider-ChrCVEw6.js +472 -0
- package/dist/openai-http-V8-EZ-Tx.js +500 -0
- package/dist/openai-provider-CBFc7f3l.js +313 -0
- package/dist/opencode-D8fX4akZ.js +35 -0
- package/dist/openresponses-http-B2Z5eD7p.js +1128 -0
- package/dist/operator-approvals-client-DcLaJSYz.js +68 -0
- package/dist/outbound-runtime-BcayPyTD.js +5 -0
- package/dist/outbound.runtime-BioZr0Xk.js +2 -0
- package/dist/outbound.runtime.js +1 -1
- package/dist/pair-command-approve-CKQ5PFPa.js +44 -0
- package/dist/persistent-bindings.lifecycle-Cc3nJyXl.js +2 -0
- package/dist/persistent-bindings.lifecycle-DMUm3wFX.js +85 -0
- package/dist/pi-bundle-mcp-runtime-BxuXFq8N.js +2 -0
- package/dist/pi-bundle-mcp-runtime-ZvnA7GLK.js +854 -0
- package/dist/pi-bundle-mcp-tools-Cq0oKMGx.js +108 -0
- package/dist/pi-embedded-DLQZrdL6.js +2905 -0
- package/dist/pi-embedded-kfFiSGXN.js +4 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-DRkY_7mg.js +23 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime.js +1 -1
- package/dist/pi-embedded.runtime-DXAilonb.js +4 -0
- package/dist/pi-embedded.runtime.js +1 -1
- package/dist/pi-tool-definition-adapter-D5M4iVmd.js +229 -0
- package/dist/pi-tools-CymfaKhy.js +1118 -0
- package/dist/pi-tools.before-tool-call-CBjigYgQ.js +2 -0
- package/dist/pi-tools.before-tool-call-CrhLIm2q.js +433 -0
- package/dist/plugin-DJ_g-ddv.js +12195 -0
- package/dist/plugin-enabled-CqvTLQjg.js +140 -0
- package/dist/plugin-install-DwdyYiEf.js +115 -0
- package/dist/plugin-install-config-policy-BGQ3WzJO.js +137 -0
- package/dist/plugin-install-ldcXmOz8.js +2 -0
- package/dist/plugin-install-plan-DXvNElN2.js +50 -0
- package/dist/plugin-registration-awDDNZjN.js +23 -0
- package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
- package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
- package/dist/plugin-sdk/acp-runtime.js +3 -3
- package/dist/plugin-sdk/agent-harness-runtime.js +6 -6
- package/dist/plugin-sdk/agent-harness.js +7 -7
- package/dist/plugin-sdk/agent-runtime.js +2 -2
- package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
- package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
- package/dist/plugin-sdk/approval-runtime.js +1 -1
- package/dist/plugin-sdk/browser-node-runtime.js +4 -4
- package/dist/plugin-sdk/browser-setup-tools.js +3 -3
- package/dist/plugin-sdk/browser-support.js +7 -7
- package/dist/plugin-sdk/channel-core.js +2 -2
- package/dist/plugin-sdk/channel-inbound.js +3 -3
- package/dist/plugin-sdk/command-auth.js +2 -2
- package/dist/plugin-sdk/command-status-runtime.js +1 -1
- package/dist/plugin-sdk/compat.js +1 -1
- package/dist/plugin-sdk/config-runtime.js +3 -3
- package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
- package/dist/plugin-sdk/conversation-runtime.js +4 -4
- package/dist/plugin-sdk/core.js +2 -2
- package/dist/plugin-sdk/direct-dm.js +1 -1
- package/dist/plugin-sdk/gateway-runtime.js +3 -3
- package/dist/plugin-sdk/image-generation-core.js +2 -2
- package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
- package/dist/plugin-sdk/index.js +1 -1
- package/dist/plugin-sdk/infra-runtime.js +2 -2
- package/dist/plugin-sdk/irc.js +2 -2
- package/dist/plugin-sdk/matrix.js +1 -1
- package/dist/plugin-sdk/mattermost.js +2 -2
- package/dist/plugin-sdk/media-runtime.js +5 -5
- package/dist/plugin-sdk/media-understanding-runtime.js +2 -2
- package/dist/plugin-sdk/media-understanding.js +2 -2
- package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
- package/dist/plugin-sdk/memory-core.js +2 -2
- package/dist/plugin-sdk/memory-host-search.js +1 -1
- package/dist/plugin-sdk/msteams.js +3 -3
- package/dist/plugin-sdk/nextcloud-talk.js +2 -2
- package/dist/plugin-sdk/nostr.js +1 -1
- package/dist/plugin-sdk/opencode.js +1 -1
- package/dist/plugin-sdk/outbound-runtime.js +2 -2
- package/dist/plugin-sdk/provider-auth-api-key.js +2 -2
- package/dist/plugin-sdk/provider-auth-login.js +1 -1
- package/dist/plugin-sdk/provider-auth.js +2 -2
- package/dist/plugin-sdk/provider-entry.js +1 -1
- package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
- package/dist/plugin-sdk/reply-runtime.js +4 -4
- package/dist/plugin-sdk/runtime-doctor.js +1 -1
- package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
- package/dist/plugin-sdk/runtime.js +3 -3
- package/dist/plugin-sdk/sandbox.js +1 -1
- package/dist/plugin-sdk/session-store-runtime.js +1 -1
- package/dist/plugin-sdk/session-visibility.js +1 -1
- package/dist/plugin-sdk/skill-commands-runtime.js +1 -1
- package/dist/plugin-sdk/src/config/types.mcp.d.ts +13 -0
- package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +29 -3
- package/dist/plugin-sdk/src/gateway/protocol/schema/mcp.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/protocol-schemas.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/types.d.ts +8 -0
- package/dist/plugin-sdk/testing.js +4 -4
- package/dist/plugin-sdk/tlon.js +1 -1
- package/dist/plugin-sdk/zalo.js +1 -1
- package/dist/plugin-sdk/zalouser.js +1 -1
- package/dist/plugin-service-Bcg-shsL.js +2893 -0
- package/dist/plugins/runtime/index.js +1 -1
- package/dist/plugins-cli-CUZMkYFB.js +584 -0
- package/dist/plugins-command-helpers-BGFL7yp7.js +107 -0
- package/dist/plugins-install-persist-Cp8tSsno.js +133 -0
- package/dist/plugins-update-command-Ds_N9qES.js +1057 -0
- package/dist/policy-DIf26_n6.js +328 -0
- package/dist/postinstall-inventory.json +711 -709
- package/dist/prepare.runtime-DCLXK1uq.js +807 -0
- package/dist/prepare.runtime.js +1 -1
- package/dist/probe-0w9S79sF.js +45 -0
- package/dist/probe-B1L2nZVS.js +243 -0
- package/dist/probe-BQT29JH7.js +74 -0
- package/dist/probe-CB6KR9ri.js +240 -0
- package/dist/probe-CWtFr2jl.js +2 -0
- package/dist/probe-CcBuLmYT.js +2205 -0
- package/dist/probe-DYqlJBSk.js +2 -0
- package/dist/probe-_IUalbC8.js +1443 -0
- package/dist/program-sXJs6Lyj.js +111 -0
- package/dist/prompt-select-styled-jucMgA5f.js +20 -0
- package/dist/protocol-DgMCJAA_.js +2586 -0
- package/dist/provider-BSqWTcoz.js +70 -0
- package/dist/provider-api-key-auth-C92t3JTu.js +131 -0
- package/dist/provider-api-key-auth.runtime.js +1 -1
- package/dist/provider-auth-api-key-zf0PU9U_.js +5 -0
- package/dist/provider-auth-choice-palZRKPG.js +228 -0
- package/dist/provider-auth-hCEy91hA.js +46 -0
- package/dist/provider-auth-login-D4MC4bs_.js +8 -0
- package/dist/provider-auth-login.runtime.js +1 -1
- package/dist/provider-dispatcher-9z9Dw59_.js +2 -0
- package/dist/provider-dispatcher-DyQNST2Z.js +22 -0
- package/dist/provider-entry-DZDgzWTU.js +106 -0
- package/dist/provider-model-defaults-DC1PMV0H.js +6 -0
- package/dist/provider-registration-BSHUosM7.js +218 -0
- package/dist/provider-registration-CA9-PRDk.js +37 -0
- package/dist/qr-cli-Dwc3sjiV.js +2 -0
- package/dist/qr-cli-hTiyQbbK.js +349 -0
- package/dist/qr-image-BDoVY1GF.js +2 -0
- package/dist/queue-BljsBBtU.js +409 -0
- package/dist/reaction-runtime-api-Q9NHKbpw.js +116 -0
- package/dist/reactions-DGczAFsd.js +998 -0
- package/dist/read-capability-YFf_CDLF.js +412 -0
- package/dist/register-service-commands-Dxwl01rR.js +71 -0
- package/dist/register.agent-Drovpr_f.js +248 -0
- package/dist/register.configure-BzQtmjqp.js +15 -0
- package/dist/register.maintenance-PRykY6qq.js +363 -0
- package/dist/register.message-Dw6OLnap.js +329 -0
- package/dist/register.onboard-CB7aqo8I.js +88 -0
- package/dist/register.runtime-5QpZP1PI.js +81 -0
- package/dist/register.runtime.js +1 -1
- package/dist/register.setup-GLc__3H1.js +150 -0
- package/dist/register.status-health-sessions-DuQnS6V7.js +1215 -0
- package/dist/register.subclis-Bupq6ckp.js +3 -0
- package/dist/register.subclis-Df0YvsXg.js +29 -0
- package/dist/register.subclis-core-CK63Nor4.js +249 -0
- package/dist/reply-dispatch-runtime-D63ANCTQ.js +13 -0
- package/dist/reply-media-paths.runtime-C6-V86g1.js +146 -0
- package/dist/reply-media-paths.runtime-Cmms8y5S.js +2 -0
- package/dist/reply-media-paths.runtime.js +1 -1
- package/dist/reply-runtime-CLq8xugv.js +10 -0
- package/dist/reply.runtime-FitoWYiX.js +2 -0
- package/dist/reply.runtime.js +1 -1
- package/dist/resolve-BHmKuinY.js +259 -0
- package/dist/response-generator-BxzbAKHi.js +175 -0
- package/dist/restart-health-CNE6ENF8.js +202 -0
- package/dist/restart-health-DriNCEEo.js +2 -0
- package/dist/root-help-BsG62TUK.js +44 -0
- package/dist/route-reply-EPkWewCQ.js +162 -0
- package/dist/route-reply.runtime-Rem8ixbJ.js +2 -0
- package/dist/route-reply.runtime.js +1 -1
- package/dist/routes-B8SmZM_C.js +3341 -0
- package/dist/routes-CVtIuQaj.js +2 -0
- package/dist/rpc-AJw8-VEF.js +61 -0
- package/dist/rpc.runtime-NzXXr3IH.js +21 -0
- package/dist/rpc.runtime.js +1 -1
- package/dist/run-auth-profile.runtime-DrFMFMa5.js +2 -0
- package/dist/run-auth-profile.runtime.js +1 -1
- package/dist/run-delivery.runtime-DDc5pTuc.js +530 -0
- package/dist/run-delivery.runtime.js +1 -1
- package/dist/run-embedded.runtime-BlLE0DKl.js +4 -0
- package/dist/run-embedded.runtime.js +1 -1
- package/dist/run-execution-cli.runtime-Dx9bn2nL.js +4 -0
- package/dist/run-execution-cli.runtime.js +1 -1
- package/dist/run-executor.runtime-Bx0-xr66.js +277 -0
- package/dist/run-executor.runtime.js +1 -1
- package/dist/run-main-Q7WXDun9.js +567 -0
- package/dist/run-subagent-registry.runtime-DN441nGA.js +2 -0
- package/dist/run-subagent-registry.runtime.js +1 -1
- package/dist/run-wait-DOOBZLr5.js +135 -0
- package/dist/runner-B8D0Coak.js +966 -0
- package/dist/runner.entries-DZUGr24v.js +604 -0
- package/dist/runtime-B56xKFjA.js +9 -0
- package/dist/runtime-BshnyUPo.js +116 -0
- package/dist/runtime-CnTeeNB7.js +72 -0
- package/dist/runtime-D--xK0Me.js +961 -0
- package/dist/runtime-DFBduVee.js +2 -0
- package/dist/runtime-api-BGOAhjcp.js +9 -0
- package/dist/runtime-api-CcUMXjjy.js +14 -0
- package/dist/runtime-api-L9lB-rDz.js +4 -0
- package/dist/runtime-api-ap0gPIKQ.js +9 -0
- package/dist/runtime-co7Um4tt.js +263 -0
- package/dist/runtime-embedded-pi.runtime-CQ5TsVlh.js +2 -0
- package/dist/runtime-embedded-pi.runtime.js +1 -1
- package/dist/runtime-entry-g38-J35c.js +2769 -0
- package/dist/runtime-internal-DwAoh64o.js +2 -0
- package/dist/runtime-manifest.runtime.js +1 -1
- package/dist/runtime-options-CtF_gotz.js +275 -0
- package/dist/runtime-prepare.runtime-DAaAh4tU.js +80 -0
- package/dist/runtime-prepare.runtime.js +1 -1
- package/dist/runtime-schema-7aqYdEly.js +28599 -0
- package/dist/runtime-web-tools-DpTEm5uJ.js +1477 -0
- package/dist/runtime-web-tools-fallback.runtime.js +1 -1
- package/dist/runtime-web-tools-manifest.runtime.js +1 -1
- package/dist/runtime-web-tools-public-artifacts.runtime.js +1 -1
- package/dist/sandbox-DjUUwvID.js +3 -0
- package/dist/sandbox-IL2pQunA.js +1156 -0
- package/dist/sandbox-cli-C75oWfKU.js +450 -0
- package/dist/scan-BmfJ_GUd.js +2 -0
- package/dist/scan-BwUXPVa4.js +523 -0
- package/dist/secrets-cli-Byrmt5p3.js +2101 -0
- package/dist/security-cli-Cb_qzWSU.js +486 -0
- package/dist/selection-BaZ-7Sz6.js +2 -0
- package/dist/selection-C8rwxPqg.js +7743 -0
- package/dist/send-C3Ht9Buu.js +102 -0
- package/dist/send-NpRBz3rn.js +156 -0
- package/dist/send.runtime-Buvd_P2p.js +2 -0
- package/dist/send.runtime.js +1 -1
- package/dist/server-B8tim7RO.js +13 -0
- package/dist/server-ClAvfJJm.js +77 -0
- package/dist/server-context-Dl7OQ56d.js +2 -0
- package/dist/server-context-F2Jh0JBO.js +847 -0
- package/dist/server-node-events-Db8SbNO0.js +474 -0
- package/dist/server-plugin-bootstrap-DxpFA7AU.js +13703 -0
- package/dist/server-plugin-bootstrap-t6Z_tN0J.js +2 -0
- package/dist/server-restart-sentinel-VLhFJOy5.js +684 -0
- package/dist/server.impl-BNDZK6Lv.js +12804 -0
- package/dist/session-BThNEh5u.js +48 -0
- package/dist/session-archive.runtime.js +1 -1
- package/dist/session-envelope-tBfpcRRu.js +18 -0
- package/dist/session-key-De2wQZ8k.js +65 -0
- package/dist/session-kill-http-C35_XMK_.js +110 -0
- package/dist/session-meta-Bpv85XpZ.js +109 -0
- package/dist/session-override-dIx8boay.js +106 -0
- package/dist/session-reset-model.runtime-BY5KYxcY.js +133 -0
- package/dist/session-reset-model.runtime.js +1 -1
- package/dist/session-reset-service-Cs7o8vTZ.js +497 -0
- package/dist/session-route-DwjrtcvV.js +93 -0
- package/dist/session-status.runtime-Cp9hECfs.js +2 -0
- package/dist/session-status.runtime.js +1 -1
- package/dist/session-store-DT5H5NRv.js +126 -0
- package/dist/session-store.runtime-CoRuKMfZ.js +2 -0
- package/dist/session-store.runtime.js +1 -1
- package/dist/session-subagent-reactivation.runtime-3hC6cwVh.js +2 -0
- package/dist/session-subagent-reactivation.runtime.js +1 -1
- package/dist/session-tab-registry-BHn1P3lZ.js +581 -0
- package/dist/session-updates-CHKrFM9H.js +236 -0
- package/dist/session-updates.runtime-CqylTFnb.js +2 -0
- package/dist/session-updates.runtime.js +1 -1
- package/dist/session-utils-otyfumhD.js +1009 -0
- package/dist/session-visibility-C5yhLdDZ.js +147 -0
- package/dist/sessions-BjHLgqjt.js +2 -0
- package/dist/sessions-C1_80mqv.js +48 -0
- package/dist/sessions-DjIcw5uP.js +281 -0
- package/dist/sessions-helpers-C_xGZAo7.js +305 -0
- package/dist/sessions-history-http-CQ-Ga5H3.js +371 -0
- package/dist/sessions-patch-XzBTc4fY.js +309 -0
- package/dist/sessions-resolve-CF4QOXiX.js +174 -0
- package/dist/sessions-w6UJYMea.js +16 -0
- package/dist/sessions.runtime-CEV3VtEH.js +2 -0
- package/dist/sessions.runtime.js +1 -1
- package/dist/setup-BrkQiUrj.js +421 -0
- package/dist/setup-D218KRK6.js +636 -0
- package/dist/setup-api-BvHlVezg.js +29 -0
- package/dist/setup-core-BjceveVY.js +171 -0
- package/dist/setup-core-CxDIk2Qq.js +176 -0
- package/dist/setup-surface-6hnrFGJ3.js +286 -0
- package/dist/setup-surface-BBDyg26_.js +219 -0
- package/dist/setup-surface-HREO9zEo.js +403 -0
- package/dist/setup.finalize-CAJxf_Mm.js +547 -0
- package/dist/setup.gateway-config-g6JfCjT4.js +250 -0
- package/dist/shared-CJ2_38Ar.js +198 -0
- package/dist/shared-CecRnN5i.js +76 -0
- package/dist/shared-G254rWzJ.js +217 -0
- package/dist/shared-Zan1S92i.js +121 -0
- package/dist/shared-runtime-CKzUXuwN.js +7 -0
- package/dist/skill-commands-DWC_vZ-J.js +83 -0
- package/dist/skill-commands.runtime-BMmD4lyW.js +2 -0
- package/dist/skill-commands.runtime.js +1 -1
- package/dist/skills-install-Bpfq1PgX.js +605 -0
- package/dist/skills-snapshot.runtime-uSs9vmlj.js +7 -0
- package/dist/skills-snapshot.runtime.js +1 -1
- package/dist/slash-state-EXy1B2EX.js +1911 -0
- package/dist/speech-provider-CcbYv8ap.js +216 -0
- package/dist/speech-provider-Cr1h-_-X.js +170 -0
- package/dist/speech-provider-Gif_hcpc.js +209 -0
- package/dist/src-Dda8Fvmo.js +3974 -0
- package/dist/stage-sandbox-media.runtime-_FkeTCA0.js +232 -0
- package/dist/stage-sandbox-media.runtime.js +1 -1
- package/dist/startup-context-BLtyYbKu.js +312 -0
- package/dist/state-migrations-BXYrr3Hc.js +820 -0
- package/dist/status-B1RXiDvc.js +3 -0
- package/dist/status-B4tnoXkV.js +2 -0
- package/dist/status-BWXZC-dF.js +2 -0
- package/dist/status-CUZkKe39.js +62 -0
- package/dist/status-DNnTegVL.js +395 -0
- package/dist/status-G3Z29Cb_.js +190 -0
- package/dist/status-all-pjolmMGB.js +498 -0
- package/dist/status-json-BKR5uVlE.js +14 -0
- package/dist/status-json-command-DuIQ8dNz.js +82 -0
- package/dist/status-message-CZyHmUQr.js +466 -0
- package/dist/status-message.runtime-C1I59_ay.js +6 -0
- package/dist/status-message.runtime.js +1 -1
- package/dist/status-n2SrcSeP.js +209 -0
- package/dist/status-queue.runtime-k2kdii3C.js +2 -0
- package/dist/status-queue.runtime.js +1 -1
- package/dist/status-runtime-shared-9akPh3OB.js +241 -0
- package/dist/status-subagents.runtime-C-2-94r7.js +18 -0
- package/dist/status-subagents.runtime.js +1 -1
- package/dist/status-text-DY-AMW7D.js +237 -0
- package/dist/status.gateway-connection.runtime-CGwlyVSQ.js +2 -0
- package/dist/status.gateway-connection.runtime.js +1 -1
- package/dist/status.gather-C17tVkff.js +2 -0
- package/dist/status.gather-CGXwFKnq.js +292 -0
- package/dist/status.runtime-DdcRs0mC.js +2 -0
- package/dist/status.runtime-L3R8cOql.js +2 -0
- package/dist/status.runtime.js +1 -1
- package/dist/status.scan-BSIqJF_S.js +65 -0
- package/dist/status.scan-overview-CbwLYoIT.js +379 -0
- package/dist/status.scan.fast-json-BnpfFSN8.js +2 -0
- package/dist/status.scan.fast-json-W54JDFUy.js +132 -0
- package/dist/status.summary-CeaTG93y.js +2 -0
- package/dist/status.summary-LPaYBiqB.js +200 -0
- package/dist/store-BtHVDH2Q.js +910 -0
- package/dist/store-Qn6Vf7Ma.js +4 -0
- package/dist/store.runtime-Dd3L_GjJ.js +2 -0
- package/dist/store.runtime.js +1 -1
- package/dist/stream-CImPPcyN.js +664 -0
- package/dist/subagent-announce-Dn5xl49E.js +351 -0
- package/dist/subagent-announce-delivery-CpVHT0KZ.js +726 -0
- package/dist/subagent-announce-output-Ba8GDqQZ.js +364 -0
- package/dist/subagent-capabilities-DN1kjzNE.js +251 -0
- package/dist/subagent-control-Clm3gsra.js +506 -0
- package/dist/subagent-control.runtime-D9vrLexA.js +3 -0
- package/dist/subagent-control.runtime.js +1 -1
- package/dist/subagent-followup.runtime-OlILj5hg.js +68 -0
- package/dist/subagent-followup.runtime.js +1 -1
- package/dist/subagent-orphan-recovery-Dqi7ktSy.js +305 -0
- package/dist/subagent-registry-BfT1dA_H.js +3 -0
- package/dist/subagent-registry-DsOeyo6i.js +1753 -0
- package/dist/subagent-registry.runtime.js +1 -1
- package/dist/subagent-spawn-IMKDJ_Ai.js +1005 -0
- package/dist/supervisor-DgpKTzey.js +704 -0
- package/dist/supervisor-log.runtime.js +1 -1
- package/dist/system-cli-QcbUPgUP.js +43 -0
- package/dist/targets-rJXMe19f.js +67 -0
- package/dist/targets.runtime.js +1 -1
- package/dist/task-executor-CT_QfGPJ.js +360 -0
- package/dist/task-owner-access-Bm14vxJa.js +74 -0
- package/dist/task-registry-D6gK7iIt.js +2357 -0
- package/dist/task-registry-delivery-runtime-CDAeASdU.js +2 -0
- package/dist/task-registry-delivery-runtime-CeWw5kdc.js +3 -0
- package/dist/task-registry.maintenance-B5hpULqB.js +416 -0
- package/dist/task-registry.maintenance-DZFQCCjc.js +2 -0
- package/dist/telegram/token.js +2 -2
- package/dist/testing-B2Y0vJ76.js +575 -0
- package/dist/text-report-0Q8c04if.js +549 -0
- package/dist/tool-auth-shared-Ca0wddYT.js +90 -0
- package/dist/tool-policy-pipeline-BLtvEs31.js +109 -0
- package/dist/tool-resolution-CHcj9HdC.js +90 -0
- package/dist/tools-effective-inventory-Giuks2Dt.js +152 -0
- package/dist/tools-invoke-http-FlaWbmCS.js +206 -0
- package/dist/transcript-resolve.runtime-wnJiuCEb.js +2 -0
- package/dist/transcript-resolve.runtime.js +1 -1
- package/dist/transcript-yKXsllQ2.js +312 -0
- package/dist/transcript.runtime-CmcFZQq0.js +2 -0
- package/dist/transcript.runtime.js +1 -1
- package/dist/trash-BzlpkaUi.js +24 -0
- package/dist/tts-BG_1G2S6.js +64 -0
- package/dist/tui-cli-B9Emgd5Q.js +4585 -0
- package/dist/uninstall-B6U2msaD.js +185 -0
- package/dist/update-BjKPsXUk.js +1282 -0
- package/dist/update-cli-ln47pDmA.js +1759 -0
- package/dist/update-startup-Xs6Edz-d.js +2 -0
- package/dist/upgrade-Ctu4zfU3.js +1226 -0
- package/dist/video-generation-provider-B0W1RcQj.js +264 -0
- package/dist/video-generation-provider-B2XcJK8B.js +221 -0
- package/dist/video-generation-provider-BJt8-Jzh.js +254 -0
- package/dist/video-generation-provider-Bsz88Y8I.js +78 -0
- package/dist/video-generation-provider-CmN0n1aP.js +271 -0
- package/dist/video-generation-provider-DKFpHGWz.js +64 -0
- package/dist/video-generation-provider-LgYMFJAm.js +281 -0
- package/dist/video-generation-provider-j1OQMvjr2.js +77 -0
- package/dist/video-generation-provider-lI_tgIiA.js +287 -0
- package/dist/video-generation-provider-uVzVbp2s.js +118 -0
- package/dist/video-generation-provider-xQ4AZkeK.js +187 -0
- package/dist/video-generation-task-status-AzBxxMK4.js +163 -0
- package/dist/wait-for-idle-before-flush-D4a3dGVX.js +6025 -0
- package/dist/web-search-provider-Bt8NRG25.js +163 -0
- package/dist/wizard-models-DpLispoG.js +334 -0
- package/dist/workflow-runtime-C0jGj382.js +485 -0
- package/package.json +1 -1
- package/dist/abort-CvJN6IMd.js +0 -201
- package/dist/abort-cutoff.runtime-oLWHRfE6.js +0 -20
- package/dist/abort.runtime-DAzGHIa2.js +0 -2
- package/dist/accounts-B3aTKIO4.js +0 -104
- package/dist/accounts-BwigO-9Q.js +0 -2
- package/dist/accounts-CdLNyXHa.js +0 -107
- package/dist/acp-cli-DQz79rl7.js +0 -2217
- package/dist/acp-spawn-Bbs_m3VF.js +0 -2
- package/dist/acp-spawn-CTMewMbn.js +0 -1042
- package/dist/acp-stateful-target-driver-D4VaoZPV.js +0 -89
- package/dist/action-agents-DFmhHVfJ.js +0 -67
- package/dist/action-focus-Dx08tcy-.js +0 -132
- package/dist/action-help-hQl_vyPP.js +0 -7
- package/dist/action-info-JmXoHEPD.js +0 -101
- package/dist/action-kill-BcGm94a1.js +0 -33
- package/dist/action-list-BtDTTljd.js +0 -21
- package/dist/action-log-CzNEUTkF.js +0 -30
- package/dist/action-send-BVjcdCrr.js +0 -39
- package/dist/action-spawn-Cn0JgaO1.js +0 -47
- package/dist/action-unfocus-c1Uu4T8u.js +0 -29
- package/dist/actions.runtime-Cmrr3s-z.js +0 -5
- package/dist/actions.runtime-XCeILsBA.js +0 -18
- package/dist/agent-CS1XdimC.js +0 -2
- package/dist/agent-command-BiLxDWtx.js +0 -874
- package/dist/agent-harness-runtime-bunUaGg7.js +0 -144
- package/dist/agent-runner-utils-BFkEZbb9.js +0 -239
- package/dist/agent-runner.runtime-DUtejeBt.js +0 -3443
- package/dist/agent-runtime-CQG_IBlM.js +0 -18
- package/dist/agents-DArnaFQV.js +0 -954
- package/dist/agents-jSVdSQr5.js +0 -5
- package/dist/agents.command-shared-cZa4UKga.js +0 -40
- package/dist/aliases-BrquU2aa.js +0 -96
- package/dist/aliases-OQzPD6Kz.js +0 -2
- package/dist/api-BXtBpymk.js +0 -5
- package/dist/api-CGMqDBcv.js +0 -3
- package/dist/api-CNr0UyHW.js +0 -139
- package/dist/api-DIKi1Ni8.js +0 -4
- package/dist/api-i4W2Wwd4.js +0 -48
- package/dist/apply-oUSa2Pf0.js +0 -508
- package/dist/apply.runtime-BLCi2Ivv.js +0 -166
- package/dist/apply.runtime-D_hTG_Y0.js +0 -2
- package/dist/approval-gateway-resolver-D2iqmJiq.js +0 -29
- package/dist/approval-gateway-runtime-C1pBe7Fx.js +0 -2
- package/dist/approval-handler-runtime-Zf1fCWk1.js +0 -439
- package/dist/approval-native-runtime-C0zvGwfB.js +0 -729
- package/dist/attempt-execution.runtime-Cu16wO9j.js +0 -509
- package/dist/attempt-execution.shared-BY_ARPh1.js +0 -22
- package/dist/attempt.prompt-helpers-C3qMNvxE.js +0 -206
- package/dist/attempt.tool-run-context-M11pca0b.js +0 -933
- package/dist/audit-DF-0hnr9.js +0 -939
- package/dist/audit-extra.async-BbZcluVr.js +0 -971
- package/dist/audit-tool-policy-C0lIM9Fp.js +0 -3
- package/dist/audit.deep.runtime-CXjulrWI.js +0 -2
- package/dist/audit.nondeep.runtime-nu5XTu7N.js +0 -880
- package/dist/audit.runtime-DYyjmKuk.js +0 -7
- package/dist/auth-CzjcgD0-.js +0 -177
- package/dist/auth-DE-yY2QL.js +0 -550
- package/dist/auth-DLmN64Y_.js +0 -2
- package/dist/auth-DQw5zHDJ.js +0 -56
- package/dist/auth-choice-CXWHXiQK.js +0 -3
- package/dist/auth-choice-DGMF0dBk.js +0 -85
- package/dist/auth-order-CP3BJeex.js +0 -2
- package/dist/auth-order-DQHJAKY8.js +0 -139
- package/dist/bash-tools-DUxUia5q.js +0 -3
- package/dist/bash-tools-_AgECrXf.js +0 -2853
- package/dist/bash-tools.exec-runtime-CVOp5fHn.js +0 -823
- package/dist/binding-routing-D7ruDbx0.js +0 -85
- package/dist/binding-targets-BZWuOcR0.js +0 -121
- package/dist/bridge-server-C4WpUTaE.js +0 -113
- package/dist/browser-control-auth-CmYxtkaH.js +0 -2
- package/dist/browser-node-runtime-BLHYH8YL.js +0 -12
- package/dist/browser-profiles-Cawo818z.js +0 -2
- package/dist/browser-runtime-LzhODwuG.js +0 -387
- package/dist/browser-setup-tools-CTgOb29b.js +0 -13
- package/dist/build-AqzTQK3J.js +0 -550
- package/dist/call-J2wbwzLi.js +0 -330
- package/dist/call-S0AZ899k.js +0 -3
- package/dist/call.runtime-CyP2bdv0.js +0 -2
- package/dist/capability-cli-6jHIuGQe.js +0 -1401
- package/dist/catalog-provider-RQJYkKkq.js +0 -40
- package/dist/catchup-CN5lM9nn.js +0 -300
- package/dist/channel-4jggmldw.js +0 -453
- package/dist/channel-8osltyJD.js +0 -840
- package/dist/channel-B-P45jvy.js +0 -595
- package/dist/channel-BIV8BnjO.js +0 -1802
- package/dist/channel-CXUPhx7m.js +0 -297
- package/dist/channel-ChWfDzLg.js +0 -226
- package/dist/channel-DMCOcmaZ.js +0 -491
- package/dist/channel-DT5I65Xv.js +0 -1174
- package/dist/channel-_mt8OaDA.js +0 -1320
- package/dist/channel-add-wizard-BLjklZ70.js +0 -2
- package/dist/channel-add-wizard-C3BysW2-.js +0 -125
- package/dist/channel-cbqIqIvi.js +0 -1100
- package/dist/channel-core-CcHrOJQl.js +0 -5
- package/dist/channel-inbound-gJZ5fy8s.js +0 -31
- package/dist/channel-plugin-resolution-BNbz8s_s.js +0 -153
- package/dist/channel-plugin-resolution-Bey1o2RL.js +0 -2
- package/dist/channel-plugin-runtime-CFVplMXF.js +0 -771
- package/dist/channel-runtime-D2fhnXNT.js +0 -425
- package/dist/channel-setup-BzbhDDrt.js +0 -1297
- package/dist/channel-twNI9g5j.js +0 -350
- package/dist/channel.runtime-B7RAHQNT.js +0 -430
- package/dist/channel.runtime-BIcoI6bq.js +0 -2364
- package/dist/channel.runtime-Ci_26egi.js +0 -576
- package/dist/channel.runtime-CzTNZfZz.js +0 -89
- package/dist/channel.runtime-D0qkeWVB.js +0 -4
- package/dist/channel.runtime-D_9taoyr.js +0 -42398
- package/dist/channel.setup-Ck6-6alN.js +0 -10
- package/dist/channel2.runtime-CzLs-yVz.js +0 -109
- package/dist/channels-C3tEEndo.js +0 -733
- package/dist/channels-cli-1vvCRqai.js +0 -268
- package/dist/chat-9N_9QPkq.js +0 -2830
- package/dist/clawbot-cli-CySj7xP4.js +0 -9
- package/dist/clawhub-DRNYT4Ih.js +0 -400
- package/dist/cli-2nlB-dHJ.js +0 -154
- package/dist/cli-7dTpJC3M.js +0 -2
- package/dist/cli-BGMFTnb1.js +0 -683
- package/dist/cli-BNYLM-n-.js +0 -219
- package/dist/cli-Bj3CMawx.js +0 -2
- package/dist/cli-C26tWLBw.js +0 -3726
- package/dist/cli-dB2d6i0x.js +0 -72
- package/dist/cli-fZ6nZozk.js +0 -2
- package/dist/cli-runner-DkUWaw3u.js +0 -286
- package/dist/cli-runner.runtime-Bdu8GaIU.js +0 -4
- package/dist/cli-runner.runtime-D35_WwIC.js +0 -3
- package/dist/cli.runtime-D0ZdkRoZ.js +0 -1261
- package/dist/client-BLrVaUap.js +0 -723
- package/dist/client-JSnNx9t8.js +0 -138
- package/dist/command-auth-vH98jyU8.js +0 -76
- package/dist/command-config-resolution-B-U-WZy5.js +0 -23
- package/dist/command-config-resolution-ByjKlaVl.js +0 -2
- package/dist/command-config-resolution.runtime-Wv85AlQo.js +0 -2
- package/dist/command-execution-startup-DtBNBU06.js +0 -324
- package/dist/command-registry-Bu9yJGC5.js +0 -4
- package/dist/command-registry-CuME9hky.js +0 -9
- package/dist/command-registry-core-Bk9WAOxq.js +0 -106
- package/dist/command-secret-gateway-BWnLmfo1.js +0 -528
- package/dist/command-status.runtime-DHRozViO.js +0 -87
- package/dist/commands-acp-CnxVcX4s.js +0 -77
- package/dist/commands-compact.runtime-DKZYaee9.js +0 -10
- package/dist/commands-core.runtime-CXYQlfla.js +0 -2
- package/dist/commands-handlers.runtime-BFqsQ9UV.js +0 -4599
- package/dist/commands-reset-hooks-C-P5vfWa.js +0 -135
- package/dist/commands-status-DBC5I7yG.js +0 -16
- package/dist/commands-status.runtime-BgK6raz4.js +0 -3
- package/dist/commands-subagents-control.runtime-CY4xaq28.js +0 -3
- package/dist/commands-subagents-control.runtime-z9tchzCP.js +0 -2
- package/dist/commands-system-prompt-BNtFvxmr.js +0 -157
- package/dist/commands-system-prompt-CHVjFzQO.js +0 -2
- package/dist/commands.runtime-BAsTu7s5.js +0 -167
- package/dist/compact-Ddu8hZfc.js +0 -1096
- package/dist/compact.runtime-GpkxTJxx.js +0 -12
- package/dist/completion-cli-BNte3Dj6.js +0 -328
- package/dist/config-Cvu5tnrW.js +0 -252
- package/dist/config-cli-BlZB5tV-.js +0 -1078
- package/dist/config-guard-Ca-1hhke.js +0 -96
- package/dist/config-runtime-AtYct3A3.js +0 -32
- package/dist/configure-CiGtXggx.js +0 -2
- package/dist/configure-DDqC8LYD.js +0 -1252
- package/dist/connect-options-BbJfh_Oy.js +0 -699
- package/dist/control-auth-B2Jsq2zv.js +0 -125
- package/dist/control-service-B5OxTjPP.js +0 -156
- package/dist/control-ui/assets/agents-CfLnBH4t.js +0 -1125
- package/dist/control-ui/assets/canvas-pj-aGbeH.js +0 -274
- package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +0 -2
- package/dist/control-ui/assets/channels-BelCW9hw.js +0 -198
- package/dist/control-ui/assets/contacts-B-2gb_ua.js +0 -49
- package/dist/control-ui/assets/cron-B6-26cyp.js +0 -250
- package/dist/control-ui/assets/de-DOykxjSu.js +0 -2
- package/dist/control-ui/assets/debug-B5MO5d0M.js +0 -94
- package/dist/control-ui/assets/es-BTwWEPGm.js +0 -2
- package/dist/control-ui/assets/fr-DVRwR98L.js +0 -2
- package/dist/control-ui/assets/i18n-BPOQLrbx.js +0 -3
- package/dist/control-ui/assets/id-BSBAUAzK.js +0 -2
- package/dist/control-ui/assets/index-CmdvEIGH.js +0 -5981
- package/dist/control-ui/assets/instances-uygO1ZKq.js +0 -57
- package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +0 -2
- package/dist/control-ui/assets/ko-BNgLBJdW.js +0 -2
- package/dist/control-ui/assets/logs-GdE34D7D.js +0 -74
- package/dist/control-ui/assets/mcp-472P8M4F.js +0 -380
- package/dist/control-ui/assets/memory-Dvp5YUvN.js +0 -50
- package/dist/control-ui/assets/memory-graph-B27rN_e7.js +0 -30
- package/dist/control-ui/assets/models-C88CYx1F.js +0 -86
- package/dist/control-ui/assets/nodes-CUXTunGj.js +0 -654
- package/dist/control-ui/assets/pl-DrVcqC4t.js +0 -2
- package/dist/control-ui/assets/plugins-D3upvVMU.js +0 -259
- package/dist/control-ui/assets/presenter-DSvbCagf.js +0 -2
- package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +0 -2
- package/dist/control-ui/assets/sessions-BzVDlJpI.js +0 -56
- package/dist/control-ui/assets/skills-DQD9wvlO.js +0 -294
- package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +0 -11
- package/dist/control-ui/assets/th-DjtYmyBR.js +0 -2
- package/dist/control-ui/assets/tr-I0LYx0Ew.js +0 -2
- package/dist/control-ui/assets/uk-xilwRRzQ.js +0 -2
- package/dist/control-ui/assets/wallet-DWa9gqqg.js +0 -302
- package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +0 -2
- package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +0 -2
- package/dist/control-ui-Djt0XDNa.js +0 -1043
- package/dist/conversation-id-BTqKksIo.js +0 -38
- package/dist/conversation-id-DzarUmXD.js +0 -235
- package/dist/conversation-runtime-DbbmwXgr.js +0 -31
- package/dist/core-CYiHLgHk.js +0 -275
- package/dist/create-DN7NWqCZ.js +0 -80
- package/dist/cron-cli-Dyd_7f_N.js +0 -713
- package/dist/daemon-cli-DT5GXTxV.js +0 -12
- package/dist/dashboard-BtYlqUpN.js +0 -2
- package/dist/dashboard-DwroM17M.js +0 -81
- package/dist/delegate-CBLxnP3N.js +0 -64
- package/dist/deliver-BedUVIQP.js +0 -747
- package/dist/deliver-DPvG5Qo8.js +0 -3
- package/dist/deliver-runtime-DZlx42y2.js +0 -2
- package/dist/delivery-outbound.runtime-Dyo6zcqN.js +0 -6
- package/dist/delivery.runtime-CmuJYXg1.js +0 -253
- package/dist/detached-task-runtime-DWSrAiuI.js +0 -73
- package/dist/devices-cli-CrGc8ckS.js +0 -498
- package/dist/diagnostics-CzNM2oo3.js +0 -154
- package/dist/direct-dm-Cy7dY7RF.js +0 -64
- package/dist/directive-handling.fast-lane-Vuy-nG2-.js +0 -66
- package/dist/directive-handling.impl-DrE_GeZR.js +0 -2
- package/dist/directive-handling.impl-KH2zUp6M.js +0 -703
- package/dist/directive-handling.model-selection-BiW8QHW-.js +0 -114
- package/dist/directive-handling.persist.runtime-VLCtMqO5.js +0 -215
- package/dist/directory-cli-DQRcL8xw.js +0 -240
- package/dist/dispatch-Dew5dCZ_.js +0 -1131
- package/dist/dispatch-acp-CvCVNtsu.js +0 -981
- package/dist/dispatch-acp-manager.runtime-DBTAUi2i.js +0 -3
- package/dist/dispatch-acp-media.runtime-Bq9nReBk.js +0 -4
- package/dist/dispatch-acp-session.runtime-CKts6zqY.js +0 -2
- package/dist/dispatch-acp.runtime-Cw1tjQKP.js +0 -19
- package/dist/doctor-config-flow-C1S8B_sg.js +0 -420
- package/dist/doctor-config-preflight-DH_iBFHQ.js +0 -2
- package/dist/doctor-config-preflight-nRntMTIC.js +0 -63
- package/dist/doctor-device-pairing-C9OfTAUh.js +0 -307
- package/dist/doctor-gateway-daemon-flow-CS1gl0S3.js +0 -250
- package/dist/doctor-gateway-health-DzKV435y.js +0 -63
- package/dist/doctor-health-DNiEej9S.js +0 -59
- package/dist/doctor-health-contributions-BxgcjAL5.js +0 -493
- package/dist/doctor-prompter-T7JdMaQG.js +0 -56
- package/dist/doctor-sandbox-C9h2a5Uu.js +0 -194
- package/dist/doctor-state-migrations-BPuF54_Y.js +0 -2
- package/dist/doctor-workspace-status-C3jLUkHt.js +0 -75
- package/dist/dreaming-CiOm27X0.js +0 -1582
- package/dist/dreaming-narrative-C8m64g44.js +0 -596
- package/dist/embedded-gateway-stub.runtime-Di2s5bLl.js +0 -9
- package/dist/embedding-provider-QRMp19Ph.js +0 -118
- package/dist/embeddings-Cwg0dHC_.js +0 -215
- package/dist/embeddings-http-DbBwgwsH.js +0 -205
- package/dist/exec-approval-forwarder.runtime-BNGZQkhU.js +0 -3
- package/dist/exec-approvals-cli-DiBWd6eL.js +0 -498
- package/dist/exec-defaults-B5NE8OtM.js +0 -2
- package/dist/exec-defaults-Dy3ej-Rk.js +0 -67
- package/dist/execute.runtime-cy0XQXc7.js +0 -1359
- package/dist/fallbacks-Bjq0H75u.js +0 -31
- package/dist/fallbacks-C3dys5Ff.js +0 -2
- package/dist/fallbacks-shared-4iQjz5v5.js +0 -111
- package/dist/gateway-BxIfReRV.js +0 -115
- package/dist/gateway-cli-Czx2Ub57.js +0 -1283
- package/dist/gateway-rpc-CdXoDE6_.js +0 -14
- package/dist/gateway-rpc.runtime-DXFVTu-I.js +0 -23
- package/dist/gateway-runtime-DoElJuBU.js +0 -15
- package/dist/gateway-status-DtdmlnK6.js +0 -584
- package/dist/genesis-tools-vU91jnMS.js +0 -9435
- package/dist/genesis-tools.runtime-Dfpi37K0.js +0 -2
- package/dist/get-reply-DTtxw9Xp.js +0 -3946
- package/dist/get-reply-from-config.runtime-CB9EeF1Q.js +0 -2
- package/dist/gmail-watcher-lifecycle-JbKGb-1A.js +0 -2
- package/dist/graph-users-CoF5XRS_.js +0 -1337
- package/dist/health-CLRWQEVB.js +0 -3
- package/dist/health-DvTtpVIw.js +0 -420
- package/dist/health-route-8H3Sy8RI.js +0 -41
- package/dist/health-route-CHLAMCYm.js +0 -2
- package/dist/hooks-cli-D2AeKlrf.js +0 -433
- package/dist/http-endpoint-helpers-CG3AcjuK.js +0 -41
- package/dist/http-utils-L02eBAVo.js +0 -924
- package/dist/image-fallbacks-Cy-kcJR5.js +0 -2
- package/dist/image-fallbacks-DoQoUiR7.js +0 -31
- package/dist/image-generation-core-CEg4KACr.js +0 -18
- package/dist/image-generation-provider-B4tW_Kj3.js +0 -274
- package/dist/image-generation-provider-B72nmoos.js +0 -157
- package/dist/image-generation-provider-D9v0PADz.js +0 -63
- package/dist/image-generation-provider-DLYGDzST.js +0 -228
- package/dist/image-generation-provider-DYu8ZWBs.js +0 -529
- package/dist/image-generation-provider-jp6l2Jls.js +0 -95
- package/dist/image-generation-provider-qr08iqKe.js +0 -137
- package/dist/image-runtime-DRQcRKzy.js +0 -9
- package/dist/inbound-reply-dispatch-jQhsUF0f.js +0 -73
- package/dist/inbound.runtime-CCnJwfdz.js +0 -3
- package/dist/inbound.runtime-DwsGti2x.js +0 -4
- package/dist/infra-runtime-DwRkDuXF.js +0 -38
- package/dist/init-DwpSUAfi.js +0 -59
- package/dist/install-DwDt01Fk.js +0 -726
- package/dist/install-security-scan-Cq0N2AQi.js +0 -26
- package/dist/install-security-scan.runtime-DWlSCQbQ.js +0 -671
- package/dist/install.runtime-CWnOXdy4.js +0 -27
- package/dist/install.runtime-DPA5lA9o.js +0 -12
- package/dist/jobs-D9IyaUDB.js +0 -729
- package/dist/library-mAKEzoAM.js +0 -45
- package/dist/lifecycle-BUTglQLK.js +0 -229
- package/dist/lifecycle-Csd_mbv2.js +0 -571
- package/dist/lifecycle.runtime-1wfzPGwQ.js +0 -2
- package/dist/list-5rTtE3qu.js +0 -2
- package/dist/list-BCYNIOw6.js +0 -2
- package/dist/list-DyQGXU4h.js +0 -1212
- package/dist/list-DzN4dO0z.js +0 -131
- package/dist/list.probe-BQZZbfvC.js +0 -419
- package/dist/live-model-switch-DqJLIA4J.js +0 -336
- package/dist/llm-slug-generator-BWH-YxyP.js +0 -79
- package/dist/load-config-CISXosI1.js +0 -35
- package/dist/loader-DlmWqYuM.js +0 -222
- package/dist/local-dispatch.runtime-BdXedbsx.js +0 -8
- package/dist/login-DX18Qaag.js +0 -108
- package/dist/logs-cli-YcX3NrQk.js +0 -265
- package/dist/logs-cli.runtime-4RNOEP9S.js +0 -2
- package/dist/main-session-restart-recovery-DxOWdFCG.js +0 -206
- package/dist/managed-image-attachments-BjnlRyZi.js +0 -2
- package/dist/managed-image-attachments-CgE1Q1Bu.js +0 -635
- package/dist/manager-CvrwzOap.js +0 -2
- package/dist/manager-DIyzKDRT.js +0 -2057
- package/dist/markdown-to-line-BzCikJ_W.js +0 -790
- package/dist/mcp-cli-HFkNRDTk.js +0 -725
- package/dist/mcp-http-BpymCnig.js +0 -529
- package/dist/media-runtime-awxrKlof.js +0 -329
- package/dist/media-understanding-CYk-TBlo.js +0 -85
- package/dist/media-understanding-provider-BFl9PvK0.js +0 -18
- package/dist/media-understanding-provider-BbHedlHI.js +0 -69
- package/dist/media-understanding-provider-C4hkphxA.js +0 -28
- package/dist/media-understanding-provider-CIJApc3Q.js +0 -85
- package/dist/media-understanding-provider-CMRfrvoW.js +0 -37
- package/dist/media-understanding-provider-D8MwbDYK.js +0 -12
- package/dist/media-understanding-provider-DPZ3M0zL.js +0 -21
- package/dist/media-understanding-provider-DnFHplle.js +0 -13
- package/dist/media-understanding-provider-O3o8RDTO.js +0 -12
- package/dist/media-understanding-provider-WmKhdAeP.js +0 -18
- package/dist/media-understanding-runtime-DiWkY8O9.js +0 -2
- package/dist/memory-core-host-runtime-cli-D1OEhnrF.js +0 -9
- package/dist/memory-embedding-adapter-Ll4TtjDC.js +0 -123
- package/dist/memory-host-search-BzpJFHpD.js +0 -12
- package/dist/message-action-runner-CMY-upve.js +0 -1407
- package/dist/message-action-runner-DySHa6EF.js +0 -2
- package/dist/message-actions-B9LTXVEy.js +0 -143
- package/dist/message-kmB-ZdwF.js +0 -232
- package/dist/message.gateway.runtime-CKp6wO2c.js +0 -2
- package/dist/method-scopes-D_AZ7OsK.js +0 -235
- package/dist/model-picker-D20JpfyM.js +0 -559
- package/dist/model-picker-Dpin9dw4.js +0 -3
- package/dist/model-picker.runtime-B19j-xJa.js +0 -15
- package/dist/model-selection-BDK7dEju.js +0 -212
- package/dist/models-auth-status-CWD5blQY.js +0 -217
- package/dist/models-cli-qKl_DDX9.js +0 -271
- package/dist/models-http-DruY6N81.js +0 -92
- package/dist/models.fetch-2geG13AQ.js +0 -518
- package/dist/monitor-Ba7ejkS8.js +0 -671
- package/dist/monitor-BaVaWrC7.js +0 -2
- package/dist/monitor-C35OWSe9.js +0 -1661
- package/dist/monitor-Cl9di7UV.js +0 -788
- package/dist/monitor-CyNHlr3x.js +0 -1237
- package/dist/monitor-DfSNLX9p.js +0 -1459
- package/dist/monitor-auth-Bar1iwPD.js +0 -207
- package/dist/monitor-processing-DOC1o7D2.js +0 -1974
- package/dist/monitor.runtime-CzFqZGY2.js +0 -2
- package/dist/monitor.webhook-Bim0zewE.js +0 -180
- package/dist/msteams-BqQ_sRgm.js +0 -35
- package/dist/music-generation-provider-Bac-UFIO.js +0 -63
- package/dist/music-generation-provider-fPGrO1gg.js +0 -170
- package/dist/native-hook-relay-CiXmqOtV.js +0 -519
- package/dist/nextcloud-talk-ByistOQj.js +0 -17
- package/dist/node-cli-BWtbe5nd.js +0 -2276
- package/dist/nodes-cli-DuzsL0Gb.js +0 -1046
- package/dist/nodes-utils-oVtp9rVI.js +0 -84
- package/dist/nodes.helpers-DJ1lCjQx.js +0 -34
- package/dist/notify-Xz011HiU.js +0 -315
- package/dist/oauth-B9WR0gWL.js +0 -75
- package/dist/oauth-BpJKd6mz.js +0 -2
- package/dist/oauth-BqiriUcs.js +0 -139
- package/dist/oauth-Dl3zSXWU.js +0 -152
- package/dist/oauth.flow-CIweZ0Wo.js +0 -45
- package/dist/oauth.flow-YT9WcJAP.js +0 -3
- package/dist/onboard-CJcg9WIT.js +0 -2
- package/dist/onboard-DrfmoxpG.js +0 -316
- package/dist/onboard-SSBg2BsM.js +0 -70
- package/dist/onboard-channels-B-jq5k4w.js +0 -2
- package/dist/onboard-channels-Dg4UVNnl.js +0 -3
- package/dist/onboard-custom-DDY7T8Mb.js +0 -3
- package/dist/onboard-custom-buJ3Vz5C.js +0 -271
- package/dist/onboard-helpers-D-z22ggH.js +0 -204
- package/dist/onboard-helpers-DU-hRKeY.js +0 -6
- package/dist/onboard-interactive-C8tFz_EJ.js +0 -24
- package/dist/onboard-non-interactive-ZnR63QNa.js +0 -635
- package/dist/onboard-remote-B6KxBZY_.js +0 -193
- package/dist/onboard-remote-BrblbI6u.js +0 -2
- package/dist/onboard-skills-BaEg-lmj.js +0 -2
- package/dist/onboard-skills-BuFtX13Z.js +0 -134
- package/dist/onboarding-plugin-install-CNIcGqAI.js +0 -406
- package/dist/openai-codex-provider-6aTYk3jp.js +0 -472
- package/dist/openai-http-Wkidi3o4.js +0 -500
- package/dist/openai-provider-w1PV_KGr.js +0 -313
- package/dist/opencode-SEOw9RYv.js +0 -35
- package/dist/openresponses-http-BkPjGHMn.js +0 -1128
- package/dist/operator-approvals-client-xj8FFWPH.js +0 -68
- package/dist/outbound-runtime-D7qdGq1B.js +0 -5
- package/dist/outbound.runtime-riknu3Rg.js +0 -2
- package/dist/pair-command-approve-CRig33Ea.js +0 -44
- package/dist/persistent-bindings.lifecycle-BhVLGVlI.js +0 -2
- package/dist/persistent-bindings.lifecycle-CVWzaSA9.js +0 -85
- package/dist/pi-bundle-mcp-runtime-CEwlOt28.js +0 -2
- package/dist/pi-bundle-mcp-runtime-DS32_bKh.js +0 -829
- package/dist/pi-bundle-mcp-tools-MVePSeQp.js +0 -108
- package/dist/pi-embedded-Dh5naw-j.js +0 -4
- package/dist/pi-embedded-S0ld6lbd.js +0 -2905
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-61zYwcVi.js +0 -23
- package/dist/pi-embedded.runtime-BeWYEwSt.js +0 -4
- package/dist/pi-tool-definition-adapter-MgnP-0c4.js +0 -229
- package/dist/pi-tools-DyVcSRei.js +0 -1118
- package/dist/pi-tools.before-tool-call-BZ1PLh46.js +0 -433
- package/dist/pi-tools.before-tool-call-DSgr_Sjd.js +0 -2
- package/dist/plugin-DoXrlTHe.js +0 -12195
- package/dist/plugin-enabled-CCAWKL0j.js +0 -140
- package/dist/plugin-install-D9RUigrW.js +0 -2
- package/dist/plugin-install-DRc2KTWx.js +0 -115
- package/dist/plugin-install-config-policy-CtKZaMAw.js +0 -137
- package/dist/plugin-install-plan-BeNfwB5V.js +0 -50
- package/dist/plugin-registration-COZcclAr.js +0 -23
- package/dist/plugin-service-Cu_nlZmO.js +0 -2893
- package/dist/plugins-cli-qkT7VGd9.js +0 -584
- package/dist/plugins-command-helpers-DvRgKfV0.js +0 -107
- package/dist/plugins-install-persist-CZWXaz5s.js +0 -133
- package/dist/plugins-update-command-qKTcfS44.js +0 -1057
- package/dist/policy-CxwHwL56.js +0 -328
- package/dist/prepare.runtime-BhO3ot9P.js +0 -807
- package/dist/probe-4IiQQG_7.js +0 -2
- package/dist/probe-89jd9VHi.js +0 -1443
- package/dist/probe-B2Uw_PN-.js +0 -2205
- package/dist/probe-B4ekJ-Xv.js +0 -74
- package/dist/probe-B9hiEFIU.js +0 -2
- package/dist/probe-CDrkDwhe.js +0 -240
- package/dist/probe-Ct62B_e4.js +0 -45
- package/dist/probe-pLHVFHK6.js +0 -243
- package/dist/program-HFwaDGDa.js +0 -111
- package/dist/prompt-select-styled-BL_pKMTB.js +0 -20
- package/dist/protocol-C9LrRIRp.js +0 -2515
- package/dist/provider-D4RPFEas.js +0 -70
- package/dist/provider-api-key-auth-DxE3Ubaz.js +0 -131
- package/dist/provider-auth-94YJgYBI.js +0 -46
- package/dist/provider-auth-api-key-D9d3vpbu.js +0 -5
- package/dist/provider-auth-choice-C1kxCG8d.js +0 -228
- package/dist/provider-auth-login-DSy_0CmF.js +0 -8
- package/dist/provider-dispatcher-C81eCA-H.js +0 -22
- package/dist/provider-dispatcher-puinwYaq.js +0 -2
- package/dist/provider-entry-CR0Z4V2Y.js +0 -106
- package/dist/provider-model-defaults-CY1F7Q3c.js +0 -6
- package/dist/provider-registration-C3cLloFb.js +0 -37
- package/dist/provider-registration-CU67AJCU.js +0 -218
- package/dist/qr-cli-BdX_FFlu.js +0 -349
- package/dist/qr-cli-C5253ud8.js +0 -2
- package/dist/qr-image-BQnl-2Hz.js +0 -2
- package/dist/queue-IehGWtWc.js +0 -409
- package/dist/reaction-runtime-api-95Ou_vSC.js +0 -116
- package/dist/reactions-DZizt8LI.js +0 -998
- package/dist/read-capability-w1W5sKua.js +0 -412
- package/dist/register-service-commands-DMNQ-id4.js +0 -71
- package/dist/register.agent-CQOBdXob.js +0 -248
- package/dist/register.configure-C8yC_SYa.js +0 -15
- package/dist/register.maintenance-CSIY47OO.js +0 -363
- package/dist/register.message-g5yjxPxU.js +0 -329
- package/dist/register.onboard-U3SrMpHb.js +0 -88
- package/dist/register.runtime-BMuRf7KD.js +0 -81
- package/dist/register.setup-DOBsdUvr.js +0 -150
- package/dist/register.status-health-sessions-p_3FnJtp.js +0 -1215
- package/dist/register.subclis-CNkq2TdW.js +0 -29
- package/dist/register.subclis-P3ru4E6I.js +0 -3
- package/dist/register.subclis-core-D5N5ewgp.js +0 -249
- package/dist/reply-dispatch-runtime-B8TMhGSo.js +0 -13
- package/dist/reply-media-paths.runtime-Bv-VQY1O.js +0 -2
- package/dist/reply-media-paths.runtime-qZYIzFEg.js +0 -146
- package/dist/reply-runtime-Ba_5YKEX.js +0 -10
- package/dist/reply.runtime-CvlE6uYh.js +0 -2
- package/dist/resolve-DxTN302S.js +0 -259
- package/dist/response-generator-Be1_-xjF.js +0 -175
- package/dist/restart-health-CV-Nm1lw.js +0 -202
- package/dist/restart-health-DywY1594.js +0 -2
- package/dist/root-help-oR4nv8N9.js +0 -44
- package/dist/route-reply-Dn9zmIdM.js +0 -162
- package/dist/route-reply.runtime-DkwtG2qY.js +0 -2
- package/dist/routes-ClkLAuU2.js +0 -3341
- package/dist/routes-cv4VrQu1.js +0 -2
- package/dist/rpc-05cw0vNh.js +0 -61
- package/dist/rpc.runtime-DhFlfCMB.js +0 -21
- package/dist/run-auth-profile.runtime-Bflh0AxI.js +0 -2
- package/dist/run-delivery.runtime-B_9TxqQA.js +0 -530
- package/dist/run-embedded.runtime-V68HvJT8.js +0 -4
- package/dist/run-execution-cli.runtime-9NpwQ1uu.js +0 -4
- package/dist/run-executor.runtime-CX2Emb4e.js +0 -277
- package/dist/run-main-xnrI4i-W.js +0 -567
- package/dist/run-subagent-registry.runtime-CEgCR8-w.js +0 -2
- package/dist/run-wait-By6jGhn0.js +0 -135
- package/dist/runner-Vhfg_kYp.js +0 -966
- package/dist/runner.entries-DWptWo_Q.js +0 -604
- package/dist/runtime-COXB-OZq.js +0 -263
- package/dist/runtime-Cfcvlsp1.js +0 -2
- package/dist/runtime-D0MD5Uyv.js +0 -9
- package/dist/runtime-D2DhV36f.js +0 -961
- package/dist/runtime-D9CBb5Na.js +0 -72
- package/dist/runtime-api-C_o5iE1W.js +0 -9
- package/dist/runtime-api-Cws6dHRG.js +0 -14
- package/dist/runtime-api-D8EKRzzw.js +0 -4
- package/dist/runtime-api-DUw04nys.js +0 -9
- package/dist/runtime-embedded-pi.runtime-Ckdld_Ij.js +0 -2
- package/dist/runtime-entry-BaLt5V4d.js +0 -2769
- package/dist/runtime-internal-Dga3dvsC.js +0 -2
- package/dist/runtime-l0B7QFL3.js +0 -116
- package/dist/runtime-options-DwYzxb7U.js +0 -275
- package/dist/runtime-prepare.runtime-D6bMmoTn.js +0 -80
- package/dist/runtime-schema-BDGFtL0_.js +0 -28599
- package/dist/runtime-web-tools-DlattYEh.js +0 -1477
- package/dist/sandbox-B0HW_QP3.js +0 -1156
- package/dist/sandbox-D2w77M7D.js +0 -3
- package/dist/sandbox-cli-DhrLokzO.js +0 -450
- package/dist/scan-BWFQXm24.js +0 -523
- package/dist/scan-CrfOpA-h.js +0 -2
- package/dist/secrets-cli-TxHWzJzS.js +0 -2101
- package/dist/security-cli-DIvsGk3X.js +0 -486
- package/dist/selection-CHTqBz4F.js +0 -2
- package/dist/selection-D_K-9r-x.js +0 -7743
- package/dist/send-DE7hu875.js +0 -156
- package/dist/send-TkldUWcX.js +0 -102
- package/dist/send.runtime-CZI1JWw8.js +0 -2
- package/dist/server-B8xhfNfn.js +0 -77
- package/dist/server-Cz40q0g2.js +0 -13
- package/dist/server-context-B7rWJ2gB.js +0 -847
- package/dist/server-context-yutVechl.js +0 -2
- package/dist/server-node-events-VPwgJoKG.js +0 -474
- package/dist/server-plugin-bootstrap-Dy78XA3J.js +0 -2
- package/dist/server-plugin-bootstrap-N59qJvH4.js +0 -13355
- package/dist/server-restart-sentinel-Zjl16hJh.js +0 -684
- package/dist/server.impl-DpFPnl5_.js +0 -12798
- package/dist/session-DQK4G2N-.js +0 -48
- package/dist/session-envelope-uG-4XV0X.js +0 -18
- package/dist/session-key-CTestOWs.js +0 -65
- package/dist/session-kill-http-o34Xk0D1.js +0 -110
- package/dist/session-meta-B_6JKgd3.js +0 -109
- package/dist/session-override-BJXIc7UA.js +0 -106
- package/dist/session-reset-model.runtime-DFT-FJW1.js +0 -133
- package/dist/session-reset-service-C0ScpWIE.js +0 -497
- package/dist/session-route-UusYWQ_M.js +0 -93
- package/dist/session-status.runtime-DJV2WJZM.js +0 -2
- package/dist/session-store-COzyfYG2.js +0 -126
- package/dist/session-store.runtime-CQHXgM_Z.js +0 -2
- package/dist/session-subagent-reactivation.runtime-yyMT_MgO.js +0 -2
- package/dist/session-tab-registry-Bkd33PY1.js +0 -581
- package/dist/session-updates-Dl4GafMW.js +0 -236
- package/dist/session-updates.runtime-bHYRFXxm.js +0 -2
- package/dist/session-utils-Dkaj_4dZ.js +0 -1009
- package/dist/session-visibility-BOYOn-Gu.js +0 -147
- package/dist/sessions-D3eFfsPH.js +0 -281
- package/dist/sessions-DAup1AeE.js +0 -16
- package/dist/sessions-helpers-DlsDzSXL.js +0 -305
- package/dist/sessions-history-http--8biogY1.js +0 -371
- package/dist/sessions-kO7Dit6B.js +0 -48
- package/dist/sessions-patch-BlUpBepz.js +0 -309
- package/dist/sessions-resolve-DPWviaDr.js +0 -174
- package/dist/sessions-uVaHa5mC.js +0 -2
- package/dist/sessions.runtime-CHJDx6Rg.js +0 -2
- package/dist/setup-COcb42YZ.js +0 -636
- package/dist/setup-DX-d8t6q.js +0 -421
- package/dist/setup-api-Ddfd033_.js +0 -29
- package/dist/setup-core-Bsasst9Y.js +0 -176
- package/dist/setup-core-CWmsLaJv.js +0 -171
- package/dist/setup-surface-CTZ5CnX4.js +0 -219
- package/dist/setup-surface-D2c6jlaM.js +0 -403
- package/dist/setup-surface-Dazv-gzK.js +0 -286
- package/dist/setup.finalize-DSSoTSsd.js +0 -547
- package/dist/setup.gateway-config-bJqXJA3E.js +0 -250
- package/dist/shared-C-DELFhh.js +0 -217
- package/dist/shared-DOOnkgfw.js +0 -198
- package/dist/shared-DfVOpp8r.js +0 -121
- package/dist/shared-nGZZHrFV.js +0 -76
- package/dist/shared-runtime-lVwJld87.js +0 -7
- package/dist/skill-commands-Crg6g_xc.js +0 -83
- package/dist/skill-commands.runtime-Dx9JZPVm.js +0 -2
- package/dist/skills-install-B1RJkjel.js +0 -605
- package/dist/skills-snapshot.runtime-1fnPk6SF.js +0 -7
- package/dist/slash-state-CwgTzmc8.js +0 -1911
- package/dist/speech-provider-BEjGmdRi.js +0 -170
- package/dist/speech-provider-DU0xib0M.js +0 -209
- package/dist/speech-provider-jexKB2Fl.js +0 -216
- package/dist/src-CbfkGwGz.js +0 -3974
- package/dist/stage-sandbox-media.runtime-BzOf-LsJ.js +0 -232
- package/dist/startup-context-acV-bzAJ.js +0 -312
- package/dist/state-migrations-DlUY4b3i.js +0 -820
- package/dist/status-0ozKjOYe.js +0 -190
- package/dist/status-BFMr1TH_.js +0 -395
- package/dist/status-C0tUFjWh.js +0 -2
- package/dist/status-DgyADd4G.js +0 -209
- package/dist/status-Dql1aIFE.js +0 -62
- package/dist/status-L2NtbOry.js +0 -3
- package/dist/status-all-DK98dFQa.js +0 -498
- package/dist/status-json-OEukc0cF.js +0 -14
- package/dist/status-json-command-BWv0zt8E.js +0 -82
- package/dist/status-message-DuKO-hzh.js +0 -466
- package/dist/status-message.runtime-BnLXbVHh.js +0 -6
- package/dist/status-queue.runtime-DXdIwJaQ.js +0 -2
- package/dist/status-runtime-shared-DBMTXWTZ.js +0 -241
- package/dist/status-subagents.runtime-VTEVgOJj.js +0 -18
- package/dist/status-text-Cx0Esdj6.js +0 -237
- package/dist/status-xjF4vxou.js +0 -2
- package/dist/status.gateway-connection.runtime-BT6XfoLV.js +0 -2
- package/dist/status.gather-CF5qlFAG.js +0 -292
- package/dist/status.gather-L0QGMaC4.js +0 -2
- package/dist/status.runtime-BwFzOfxj.js +0 -2
- package/dist/status.runtime-DYi_nOHT.js +0 -2
- package/dist/status.scan-CflamBc9.js +0 -65
- package/dist/status.scan-overview-pGpvYksm.js +0 -379
- package/dist/status.scan.fast-json-BbMvHncK.js +0 -132
- package/dist/status.scan.fast-json-D39u21tI.js +0 -2
- package/dist/status.summary-CKh5Legf.js +0 -2
- package/dist/status.summary-DVdS-4Fj.js +0 -200
- package/dist/store-DgajP9Em.js +0 -4
- package/dist/store-tuisxHpf.js +0 -910
- package/dist/store.runtime-Bw5wLKnD.js +0 -2
- package/dist/stream-CWqBQkS6.js +0 -664
- package/dist/subagent-announce-Df9ABEaq.js +0 -351
- package/dist/subagent-announce-delivery-B5xYlVwu.js +0 -726
- package/dist/subagent-announce-output-JQ-I1Kmk.js +0 -364
- package/dist/subagent-capabilities-DFXCYxt0.js +0 -251
- package/dist/subagent-control-CMaKDVuG.js +0 -506
- package/dist/subagent-control.runtime-CgBRjo3Q.js +0 -3
- package/dist/subagent-followup.runtime-Be2c3jkr.js +0 -68
- package/dist/subagent-orphan-recovery-B4jHKSis.js +0 -305
- package/dist/subagent-registry-CjLI6fcV.js +0 -3
- package/dist/subagent-registry-CruvknDh.js +0 -1753
- package/dist/subagent-spawn-C-9kmYik.js +0 -1005
- package/dist/supervisor-DaRbw4Gw.js +0 -704
- package/dist/system-cli-Cmv7YV3z.js +0 -43
- package/dist/targets-DGdlJYMl.js +0 -67
- package/dist/task-executor-DbusuL0w.js +0 -360
- package/dist/task-owner-access-DNC_BT5l.js +0 -74
- package/dist/task-registry-CKDRlfmp.js +0 -2357
- package/dist/task-registry-delivery-runtime-DX6tjuwQ.js +0 -3
- package/dist/task-registry-delivery-runtime-Ge4fS1Fa.js +0 -2
- package/dist/task-registry.maintenance-DhjCTf6L.js +0 -416
- package/dist/task-registry.maintenance-DyX6m_7s.js +0 -2
- package/dist/testing-BecnXPE0.js +0 -575
- package/dist/text-report-BW3t_i75.js +0 -549
- package/dist/tool-auth-shared-DWrecN7g.js +0 -90
- package/dist/tool-policy-pipeline-CA61tNc_.js +0 -109
- package/dist/tool-resolution-BRHtzc7Q.js +0 -90
- package/dist/tools-effective-inventory-CLJ3nPbB.js +0 -152
- package/dist/tools-invoke-http-DWbJzMo3.js +0 -206
- package/dist/transcript-CEK104A6.js +0 -312
- package/dist/transcript-resolve.runtime-D4I8B--1.js +0 -2
- package/dist/transcript.runtime-ClNMqLSP.js +0 -2
- package/dist/trash-CvOmDpdP.js +0 -24
- package/dist/tts-vEtIfdGN.js +0 -64
- package/dist/tui-cli-BuQzKTYR.js +0 -4585
- package/dist/uninstall-BQ_d8nQ4.js +0 -185
- package/dist/update-D8foEnSw.js +0 -1282
- package/dist/update-cli-DB-VQaie.js +0 -1759
- package/dist/update-startup-D-n1C8A0.js +0 -2
- package/dist/upgrade-DPhvhHXF.js +0 -1226
- package/dist/video-generation-provider-5v5lTL00.js +0 -287
- package/dist/video-generation-provider-BGtbUYJd.js +0 -64
- package/dist/video-generation-provider-BlOdvaLh.js +0 -118
- package/dist/video-generation-provider-CR_fRJ8m.js +0 -187
- package/dist/video-generation-provider-CVUs00hp.js +0 -264
- package/dist/video-generation-provider-CtstiCCO.js +0 -271
- package/dist/video-generation-provider-DDQjPRYO.js +0 -254
- package/dist/video-generation-provider-DLy7AvTJ.js +0 -281
- package/dist/video-generation-provider-DNnNMvS9.js +0 -221
- package/dist/video-generation-provider-vzf0PQXj2.js +0 -77
- package/dist/video-generation-provider-zINiw3aL.js +0 -78
- package/dist/video-generation-task-status-DWUrjc4T.js +0 -163
- package/dist/wait-for-idle-before-flush-BBwcUWtb.js +0 -5985
- package/dist/web-search-provider-BkIzoc2Y.js +0 -163
- package/dist/wizard-models-B5HIywox.js +0 -334
- package/dist/workflow-runtime-tvBeQSK9.js +0 -485
- /package/dist/{audit-channel.collect.runtime-BAKyzn52.js → audit-channel.collect.runtime-CevlIQ6K.js} +0 -0
- /package/dist/{audit-tool-policy-Ftr0W8Wl.js → audit-tool-policy-DTodxIZf.js} +0 -0
- /package/dist/{channel-selection.runtime-CsQ0qN21.js → channel-selection.runtime-DAkF_DgO.js} +0 -0
- /package/dist/{close-reason-DNwBM4qe.js → close-reason-BPuKI4th.js} +0 -0
- /package/dist/{configured-B8XGIYz-.js → configured-C-0r4Pk2.js} +0 -0
- /package/dist/{diagnostic-support-export-CuIJulCK.js → diagnostic-support-export-C8cpJRWi.js} +0 -0
- /package/dist/{gmail-watcher-lifecycle-BoWMgpeT.js → gmail-watcher-lifecycle-DrTbIr0m.js} +0 -0
- /package/dist/{image-BwAofy0f.js → image-LNALiqnF.js} +0 -0
- /package/dist/{image-generation-core.auth.runtime-B6BpHP6V.js → image-generation-core.auth.runtime-hzZbX1YD.js} +0 -0
- /package/dist/{input-allowlist-zDKNs6OG.js → input-allowlist-Bn8hssyM.js} +0 -0
- /package/dist/{install-target-FXMkL80i.js → install-target-C0Dg_4Un.js} +0 -0
- /package/dist/{memory-host-search.runtime-Vfck_NLf.js → memory-host-search.runtime-CAejVWZB.js} +0 -0
- /package/dist/{message.config.runtime-Df8nVSE4.js → message.config.runtime-CAG3eLmF.js} +0 -0
- /package/dist/{paths-BdDCK0XP.js → paths-BrPnd-v6.js} +0 -0
- /package/dist/{provider-api-key-auth.runtime-fT4D2dQt.js → provider-api-key-auth.runtime-YLpiRoM3.js} +0 -0
- /package/dist/{provider-auth-login.runtime-EnfK3WTr.js → provider-auth-login.runtime-BwDEPbY4.js} +0 -0
- /package/dist/{push-apns-DoMbCgqq.js → push-apns-UUwkJMxt.js} +0 -0
- /package/dist/{runtime-manifest.runtime-CuqWbJ5G.js → runtime-manifest.runtime-D8BuqQCR.js} +0 -0
- /package/dist/{runtime-web-channel-plugin-ChmPPl7a.js → runtime-web-channel-plugin-Dx1GGPSD.js} +0 -0
- /package/dist/{runtime-web-tools-fallback.runtime-B3fmu7s0.js → runtime-web-tools-fallback.runtime-_nNCUNAT.js} +0 -0
- /package/dist/{runtime-web-tools-manifest.runtime-CpiYM000.js → runtime-web-tools-manifest.runtime-BaeloEzn.js} +0 -0
- /package/dist/{runtime-web-tools-public-artifacts.runtime-BBNdsUv5.js → runtime-web-tools-public-artifacts.runtime-DOdl6CAd.js} +0 -0
- /package/dist/{server-startup-log-DXJn1EgH.js → server-startup-log-BUk3dEm6.js} +0 -0
- /package/dist/{server-startup-memory-C4d9ImgC.js → server-startup-memory-C3gdaomJ.js} +0 -0
- /package/dist/{server-tailscale-DeNCXYBr.js → server-tailscale-C0DsqL5N.js} +0 -0
- /package/dist/{services-m8_503l9.js → services-CiBabvAX.js} +0 -0
- /package/dist/{session-archive.runtime-DDhx1bOA.js → session-archive.runtime-BIqBKdzI.js} +0 -0
- /package/dist/{setup.node-config-BXET5GZk.js → setup.node-config-BlJDbu4T.js} +0 -0
- /package/dist/{setup.plugin-config-CgBJMtZ8.js → setup.plugin-config-CCP7nrfy.js} +0 -0
- /package/dist/{skill-scanner-cEm04-3B.js → skill-scanner-DnqZE6Fh.js} +0 -0
- /package/dist/{ssh-config-BfxhRhPu.js → ssh-config-wfp8-I37.js} +0 -0
- /package/dist/{supervisor-log.runtime-BdagMpUZ.js → supervisor-log.runtime-DYzbopV7.js} +0 -0
- /package/dist/{targets.runtime-BS4UWyk2.js → targets.runtime-1fn-rTlI.js} +0 -0
- /package/dist/{update-startup-D69inLEd.js → update-startup-DW61ftJW.js} +0 -0
|
@@ -0,0 +1,880 @@
|
|
|
1
|
+
import { c as normalizeOptionalString, d as normalizeStringifiedOptionalString, s as normalizeOptionalLowercaseString } from "./string-coerce-DPP_aYVc.js";
|
|
2
|
+
import { t as formatCliCommand } from "./command-format-B3Q5KD9o.js";
|
|
3
|
+
import "./auth-tZtxLgsL.js";
|
|
4
|
+
import { n as resolveGatewayAuth } from "./auth-resolve-CcailHTH.js";
|
|
5
|
+
import { t as loadPluginManifestRegistry } from "./manifest-registry-CUSRRX5s.js";
|
|
6
|
+
import { n as resolveAgentModelPrimaryValue, t as resolveAgentModelFallbackValues } from "./model-input-gXkzehoL.js";
|
|
7
|
+
import { n as isDangerousNetworkMode, r as normalizeNetworkMode } from "./network-mode-hStbCJTJ.js";
|
|
8
|
+
import { m as resolveToolProfilePolicy } from "./tool-policy-BIGITEMh.js";
|
|
9
|
+
import { r as resolveSandboxToolPolicyForAgent } from "./tool-policy-aGVG-A3n2.js";
|
|
10
|
+
import { i as resolveSandboxConfigForAgent } from "./config-DwJUHdf0.js";
|
|
11
|
+
import { t as pickSandboxToolPolicy } from "./sandbox-tool-policy-BRu6Odm5.js";
|
|
12
|
+
import { t as isToolAllowedByPolicies } from "./tool-policy-match-C3ELxJi4.js";
|
|
13
|
+
import { t as resolvePluginWebSearchProviders } from "./web-search-providers.runtime-Dd1GEA1l.js";
|
|
14
|
+
import { f as getBlockedBindReason } from "./docker-Ct3h56Q7.js";
|
|
15
|
+
import { i as resolveNodeCommandAllowlist, t as DEFAULT_DANGEROUS_NODE_COMMANDS } from "./node-command-policy-sPDu4daF.js";
|
|
16
|
+
import { t as resolveAllowedAgentIds } from "./hooks-policy-BsRZDLO3.js";
|
|
17
|
+
import { t as inferParamBFromIdOrName } from "./model-param-b-0rVj2II2.js";
|
|
18
|
+
import { t as hasConfiguredInternalHooks } from "./configured-C-0r4Pk2.js";
|
|
19
|
+
import { a as collectStateDeepFilesystemFindings, c as collectPluginsTrustFindings, i as collectSandboxBrowserHashLabelFindings, o as collectWorkspaceSkillSymlinkEscapeFindings, s as readConfigSnapshotForAudit, t as collectIncludeFilePermFindings } from "./audit-extra.async-B52PswlQ.js";
|
|
20
|
+
//#region src/plugins/web-search-credential-presence.ts
|
|
21
|
+
function hasConfiguredCredentialValue(value) {
|
|
22
|
+
if (typeof value === "string") return value.trim().length > 0;
|
|
23
|
+
return value !== void 0 && value !== null;
|
|
24
|
+
}
|
|
25
|
+
function isRecord(value) {
|
|
26
|
+
return typeof value === "object" && value !== null;
|
|
27
|
+
}
|
|
28
|
+
function hasConfiguredSearchCredentialCandidate(searchConfig) {
|
|
29
|
+
if (!isRecord(searchConfig)) return false;
|
|
30
|
+
return Object.entries(searchConfig).some(([key, value]) => key !== "enabled" && hasConfiguredCredentialValue(value));
|
|
31
|
+
}
|
|
32
|
+
function hasConfiguredPluginWebSearchCandidate(config) {
|
|
33
|
+
const entries = isRecord(config.plugins?.entries) ? config.plugins.entries : void 0;
|
|
34
|
+
if (!entries) return false;
|
|
35
|
+
return Object.values(entries).some((entry) => {
|
|
36
|
+
const pluginConfig = isRecord(entry) ? entry.config : void 0;
|
|
37
|
+
return isRecord(pluginConfig) && hasConfiguredSearchCredentialCandidate(pluginConfig.webSearch);
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
function hasManifestWebSearchEnvCredentialCandidate(params) {
|
|
41
|
+
const env = params.env;
|
|
42
|
+
if (!env) return false;
|
|
43
|
+
return loadPluginManifestRegistry({
|
|
44
|
+
config: params.config,
|
|
45
|
+
env
|
|
46
|
+
}).plugins.some((plugin) => {
|
|
47
|
+
if (params.origin && plugin.origin !== params.origin) return false;
|
|
48
|
+
if ((plugin.contracts?.webSearchProviders?.length ?? 0) === 0) return false;
|
|
49
|
+
const providerAuthEnvVars = plugin.providerAuthEnvVars;
|
|
50
|
+
if (!providerAuthEnvVars) return false;
|
|
51
|
+
return Object.values(providerAuthEnvVars).flat().some((envVar) => hasConfiguredCredentialValue(env[envVar]));
|
|
52
|
+
});
|
|
53
|
+
}
|
|
54
|
+
function hasConfiguredWebSearchCredential(params) {
|
|
55
|
+
const searchConfig = params.searchConfig ?? params.config.tools?.web?.search;
|
|
56
|
+
if (!hasConfiguredSearchCredentialCandidate(searchConfig) && !hasConfiguredPluginWebSearchCandidate(params.config) && !hasManifestWebSearchEnvCredentialCandidate({
|
|
57
|
+
config: params.config,
|
|
58
|
+
env: params.env,
|
|
59
|
+
origin: params.origin
|
|
60
|
+
})) return false;
|
|
61
|
+
return resolvePluginWebSearchProviders({
|
|
62
|
+
config: params.config,
|
|
63
|
+
env: params.env,
|
|
64
|
+
bundledAllowlistCompat: params.bundledAllowlistCompat ?? false,
|
|
65
|
+
origin: params.origin
|
|
66
|
+
}).some((provider) => {
|
|
67
|
+
if (hasConfiguredCredentialValue(provider.getConfiguredCredentialValue?.(params.config) ?? provider.getCredentialValue(searchConfig))) return true;
|
|
68
|
+
return provider.envVars.some((envVar) => hasConfiguredCredentialValue(params.env?.[envVar]));
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
//#endregion
|
|
72
|
+
//#region src/security/audit-extra.summary.ts
|
|
73
|
+
const SMALL_MODEL_PARAM_B_MAX = 300;
|
|
74
|
+
function summarizeGroupPolicy(cfg) {
|
|
75
|
+
const channels = cfg.channels;
|
|
76
|
+
if (!channels || typeof channels !== "object") return {
|
|
77
|
+
open: 0,
|
|
78
|
+
allowlist: 0,
|
|
79
|
+
other: 0
|
|
80
|
+
};
|
|
81
|
+
let open = 0;
|
|
82
|
+
let allowlist = 0;
|
|
83
|
+
let other = 0;
|
|
84
|
+
for (const value of Object.values(channels)) {
|
|
85
|
+
if (!value || typeof value !== "object") continue;
|
|
86
|
+
const policy = value.groupPolicy;
|
|
87
|
+
if (policy === "open") open += 1;
|
|
88
|
+
else if (policy === "allowlist") allowlist += 1;
|
|
89
|
+
else other += 1;
|
|
90
|
+
}
|
|
91
|
+
return {
|
|
92
|
+
open,
|
|
93
|
+
allowlist,
|
|
94
|
+
other
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
function addModel$1(models, raw, source) {
|
|
98
|
+
if (typeof raw !== "string") return;
|
|
99
|
+
const id = raw.trim();
|
|
100
|
+
if (!id) return;
|
|
101
|
+
models.push({
|
|
102
|
+
id,
|
|
103
|
+
source
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
function collectModels$1(cfg) {
|
|
107
|
+
const out = [];
|
|
108
|
+
addModel$1(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.model), "agents.defaults.model.primary");
|
|
109
|
+
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.model)) addModel$1(out, fallback, "agents.defaults.model.fallbacks");
|
|
110
|
+
addModel$1(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.imageModel), "agents.defaults.imageModel.primary");
|
|
111
|
+
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.imageModel)) addModel$1(out, fallback, "agents.defaults.imageModel.fallbacks");
|
|
112
|
+
const list = Array.isArray(cfg.agents?.list) ? cfg.agents?.list : [];
|
|
113
|
+
for (const agent of list ?? []) {
|
|
114
|
+
if (!agent || typeof agent !== "object") continue;
|
|
115
|
+
const id = typeof agent.id === "string" ? agent.id : "";
|
|
116
|
+
const model = agent.model;
|
|
117
|
+
if (typeof model === "string") addModel$1(out, model, `agents.list.${id}.model`);
|
|
118
|
+
else if (model && typeof model === "object") {
|
|
119
|
+
addModel$1(out, model.primary, `agents.list.${id}.model.primary`);
|
|
120
|
+
const fallbacks = model.fallbacks;
|
|
121
|
+
if (Array.isArray(fallbacks)) for (const fallback of fallbacks) addModel$1(out, fallback, `agents.list.${id}.model.fallbacks`);
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
return out;
|
|
125
|
+
}
|
|
126
|
+
function extractAgentIdFromSource(source) {
|
|
127
|
+
return source.match(/^agents\.list\.([^.]*)\./)?.[1] ?? null;
|
|
128
|
+
}
|
|
129
|
+
function resolveToolPolicies$1(params) {
|
|
130
|
+
const policies = [];
|
|
131
|
+
const profilePolicy = resolveToolProfilePolicy(params.agentTools?.profile ?? params.cfg.tools?.profile);
|
|
132
|
+
if (profilePolicy) policies.push(profilePolicy);
|
|
133
|
+
const globalPolicy = pickSandboxToolPolicy(params.cfg.tools ?? void 0);
|
|
134
|
+
if (globalPolicy) policies.push(globalPolicy);
|
|
135
|
+
const agentPolicy = pickSandboxToolPolicy(params.agentTools);
|
|
136
|
+
if (agentPolicy) policies.push(agentPolicy);
|
|
137
|
+
if (params.sandboxMode === "all") policies.push(resolveSandboxToolPolicyForAgent(params.cfg, params.agentId ?? void 0));
|
|
138
|
+
return policies;
|
|
139
|
+
}
|
|
140
|
+
function hasWebSearchKey(cfg, env) {
|
|
141
|
+
return hasConfiguredWebSearchCredential({
|
|
142
|
+
config: cfg,
|
|
143
|
+
env,
|
|
144
|
+
origin: "bundled",
|
|
145
|
+
bundledAllowlistCompat: true
|
|
146
|
+
});
|
|
147
|
+
}
|
|
148
|
+
function isWebSearchEnabled(cfg, env) {
|
|
149
|
+
const enabled = cfg.tools?.web?.search?.enabled;
|
|
150
|
+
if (enabled === false) return false;
|
|
151
|
+
if (enabled === true) return true;
|
|
152
|
+
return hasWebSearchKey(cfg, env);
|
|
153
|
+
}
|
|
154
|
+
function isWebFetchEnabled(cfg) {
|
|
155
|
+
if (cfg.tools?.web?.fetch?.enabled === false) return false;
|
|
156
|
+
return true;
|
|
157
|
+
}
|
|
158
|
+
function isBrowserEnabled(cfg) {
|
|
159
|
+
return cfg.browser?.enabled !== false;
|
|
160
|
+
}
|
|
161
|
+
function collectAttackSurfaceSummaryFindings(cfg) {
|
|
162
|
+
const group = summarizeGroupPolicy(cfg);
|
|
163
|
+
const elevated = cfg.tools?.elevated?.enabled !== false;
|
|
164
|
+
const webhooksEnabled = cfg.hooks?.enabled === true;
|
|
165
|
+
const internalHooksEnabled = hasConfiguredInternalHooks(cfg);
|
|
166
|
+
const browserEnabled = cfg.browser?.enabled ?? true;
|
|
167
|
+
return [{
|
|
168
|
+
checkId: "summary.attack_surface",
|
|
169
|
+
severity: "info",
|
|
170
|
+
title: "Attack surface summary",
|
|
171
|
+
detail: `groups: open=${group.open}, allowlist=${group.allowlist}\ntools.elevated: ${elevated ? "enabled" : "disabled"}\nhooks.webhooks: ${webhooksEnabled ? "enabled" : "disabled"}\nhooks.internal: ${internalHooksEnabled ? "enabled" : "disabled"}\nbrowser control: ${browserEnabled ? "enabled" : "disabled"}\ntrust model: personal assistant (one trusted operator boundary), not hostile multi-tenant on one shared gateway`
|
|
172
|
+
}];
|
|
173
|
+
}
|
|
174
|
+
function collectSmallModelRiskFindings(params) {
|
|
175
|
+
const findings = [];
|
|
176
|
+
const models = collectModels$1(params.cfg).filter((entry) => !entry.source.includes("imageModel"));
|
|
177
|
+
if (models.length === 0) return findings;
|
|
178
|
+
const smallModels = models.map((entry) => {
|
|
179
|
+
const paramB = inferParamBFromIdOrName(entry.id);
|
|
180
|
+
if (!paramB || paramB > SMALL_MODEL_PARAM_B_MAX) return null;
|
|
181
|
+
return {
|
|
182
|
+
...entry,
|
|
183
|
+
paramB
|
|
184
|
+
};
|
|
185
|
+
}).filter((entry) => Boolean(entry));
|
|
186
|
+
if (smallModels.length === 0) return findings;
|
|
187
|
+
let hasUnsafe = false;
|
|
188
|
+
const modelLines = [];
|
|
189
|
+
const exposureSet = /* @__PURE__ */ new Set();
|
|
190
|
+
for (const entry of smallModels) {
|
|
191
|
+
const agentId = extractAgentIdFromSource(entry.source);
|
|
192
|
+
const sandboxMode = resolveSandboxConfigForAgent(params.cfg, agentId ?? void 0).mode;
|
|
193
|
+
const agentTools = agentId && params.cfg.agents?.list ? params.cfg.agents.list.find((agent) => agent?.id === agentId)?.tools : void 0;
|
|
194
|
+
const policies = resolveToolPolicies$1({
|
|
195
|
+
cfg: params.cfg,
|
|
196
|
+
agentTools,
|
|
197
|
+
sandboxMode,
|
|
198
|
+
agentId
|
|
199
|
+
});
|
|
200
|
+
const exposed = [];
|
|
201
|
+
if (isWebSearchEnabled(params.cfg, params.env) && isToolAllowedByPolicies("web_search", policies)) exposed.push("web_search");
|
|
202
|
+
if (isWebFetchEnabled(params.cfg) && isToolAllowedByPolicies("web_fetch", policies)) exposed.push("web_fetch");
|
|
203
|
+
if (isBrowserEnabled(params.cfg) && isToolAllowedByPolicies("browser", policies)) exposed.push("browser");
|
|
204
|
+
for (const tool of exposed) exposureSet.add(tool);
|
|
205
|
+
const sandboxLabel = sandboxMode === "all" ? "sandbox=all" : `sandbox=${sandboxMode}`;
|
|
206
|
+
const exposureLabel = exposed.length > 0 ? ` web=[${exposed.join(", ")}]` : " web=[off]";
|
|
207
|
+
const safe = sandboxMode === "all" && exposed.length === 0;
|
|
208
|
+
if (!safe) hasUnsafe = true;
|
|
209
|
+
const statusLabel = safe ? "ok" : "unsafe";
|
|
210
|
+
modelLines.push(`- ${entry.id} (${entry.paramB}B) @ ${entry.source} (${statusLabel}; ${sandboxLabel};${exposureLabel})`);
|
|
211
|
+
}
|
|
212
|
+
const exposureList = Array.from(exposureSet);
|
|
213
|
+
const exposureDetail = exposureList.length > 0 ? `Uncontrolled input tools allowed: ${exposureList.join(", ")}.` : "No web/browser tools detected for these models.";
|
|
214
|
+
findings.push({
|
|
215
|
+
checkId: "models.small_params",
|
|
216
|
+
severity: hasUnsafe ? "critical" : "info",
|
|
217
|
+
title: "Small models require sandboxing and web tools disabled",
|
|
218
|
+
detail: `Small models (<=${SMALL_MODEL_PARAM_B_MAX}B params) detected:\n` + modelLines.join("\n") + `\n` + exposureDetail + "\nSmall models are not recommended for untrusted inputs.",
|
|
219
|
+
remediation: "If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode=\"all\") and disable web_search/web_fetch/browser (tools.deny=[\"group:web\",\"browser\"])."
|
|
220
|
+
});
|
|
221
|
+
return findings;
|
|
222
|
+
}
|
|
223
|
+
//#endregion
|
|
224
|
+
//#region src/security/audit-extra.sync.ts
|
|
225
|
+
function isProbablySyncedPath(p) {
|
|
226
|
+
const s = p.toLowerCase();
|
|
227
|
+
return s.includes("icloud") || s.includes("dropbox") || s.includes("google drive") || s.includes("googledrive") || s.includes("onedrive");
|
|
228
|
+
}
|
|
229
|
+
function looksLikeEnvRef(value) {
|
|
230
|
+
const v = value.trim();
|
|
231
|
+
return v.startsWith("${") && v.endsWith("}");
|
|
232
|
+
}
|
|
233
|
+
function addModel(models, raw, source) {
|
|
234
|
+
if (typeof raw !== "string") return;
|
|
235
|
+
const id = raw.trim();
|
|
236
|
+
if (!id) return;
|
|
237
|
+
models.push({
|
|
238
|
+
id,
|
|
239
|
+
source
|
|
240
|
+
});
|
|
241
|
+
}
|
|
242
|
+
function collectModels(cfg) {
|
|
243
|
+
const out = [];
|
|
244
|
+
addModel(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.model), "agents.defaults.model.primary");
|
|
245
|
+
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.model)) addModel(out, fallback, "agents.defaults.model.fallbacks");
|
|
246
|
+
addModel(out, resolveAgentModelPrimaryValue(cfg.agents?.defaults?.imageModel), "agents.defaults.imageModel.primary");
|
|
247
|
+
for (const fallback of resolveAgentModelFallbackValues(cfg.agents?.defaults?.imageModel)) addModel(out, fallback, "agents.defaults.imageModel.fallbacks");
|
|
248
|
+
const list = Array.isArray(cfg.agents?.list) ? cfg.agents?.list : [];
|
|
249
|
+
for (const agent of list ?? []) {
|
|
250
|
+
if (!agent || typeof agent !== "object") continue;
|
|
251
|
+
const id = typeof agent.id === "string" ? agent.id : "";
|
|
252
|
+
const model = agent.model;
|
|
253
|
+
if (typeof model === "string") addModel(out, model, `agents.list.${id}.model`);
|
|
254
|
+
else if (model && typeof model === "object") {
|
|
255
|
+
addModel(out, model.primary, `agents.list.${id}.model.primary`);
|
|
256
|
+
const fallbacks = model.fallbacks;
|
|
257
|
+
if (Array.isArray(fallbacks)) for (const fallback of fallbacks) addModel(out, fallback, `agents.list.${id}.model.fallbacks`);
|
|
258
|
+
}
|
|
259
|
+
}
|
|
260
|
+
return out;
|
|
261
|
+
}
|
|
262
|
+
function isGatewayRemotelyExposed(cfg) {
|
|
263
|
+
if ((typeof cfg.gateway?.bind === "string" ? cfg.gateway.bind : "loopback") !== "loopback") return true;
|
|
264
|
+
const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
|
|
265
|
+
return tailscaleMode === "serve" || tailscaleMode === "funnel";
|
|
266
|
+
}
|
|
267
|
+
const LEGACY_MODEL_PATTERNS = [
|
|
268
|
+
{
|
|
269
|
+
id: "openai.gpt35",
|
|
270
|
+
re: /\bgpt-3\.5\b/i,
|
|
271
|
+
label: "GPT-3.5 family"
|
|
272
|
+
},
|
|
273
|
+
{
|
|
274
|
+
id: "anthropic.claude2",
|
|
275
|
+
re: /\bclaude-(instant|2)\b/i,
|
|
276
|
+
label: "Claude 2/Instant family"
|
|
277
|
+
},
|
|
278
|
+
{
|
|
279
|
+
id: "openai.gpt4_legacy",
|
|
280
|
+
re: /\bgpt-4-(0314|0613)\b/i,
|
|
281
|
+
label: "Legacy GPT-4 snapshots"
|
|
282
|
+
}
|
|
283
|
+
];
|
|
284
|
+
const WEAK_TIER_MODEL_PATTERNS = [{
|
|
285
|
+
id: "anthropic.haiku",
|
|
286
|
+
re: /\bhaiku\b/i,
|
|
287
|
+
label: "Haiku tier (smaller model)"
|
|
288
|
+
}];
|
|
289
|
+
function isGptModel(id) {
|
|
290
|
+
return /\bgpt-/i.test(id);
|
|
291
|
+
}
|
|
292
|
+
function isGpt5OrHigher(id) {
|
|
293
|
+
return /\bgpt-5(?:\b|[.-])/i.test(id);
|
|
294
|
+
}
|
|
295
|
+
function isClaudeModel(id) {
|
|
296
|
+
return /\bclaude-/i.test(id);
|
|
297
|
+
}
|
|
298
|
+
function isClaude45OrHigher(id) {
|
|
299
|
+
return /\bclaude-[^\s/]*?(?:-4-?(?:[5-9]|[1-9]\d)\b|4\.(?:[5-9]|[1-9]\d)\b|-[5-9](?:\b|[.-]))/i.test(id);
|
|
300
|
+
}
|
|
301
|
+
function hasConfiguredDockerConfig(docker) {
|
|
302
|
+
if (!docker || typeof docker !== "object") return false;
|
|
303
|
+
return Object.values(docker).some((value) => value !== void 0);
|
|
304
|
+
}
|
|
305
|
+
function normalizeNodeCommand(value) {
|
|
306
|
+
return normalizeOptionalString(value) ?? "";
|
|
307
|
+
}
|
|
308
|
+
function isWildcardEntry(value) {
|
|
309
|
+
return normalizeStringifiedOptionalString(value) === "*";
|
|
310
|
+
}
|
|
311
|
+
function listKnownNodeCommands(cfg) {
|
|
312
|
+
const baseCfg = {
|
|
313
|
+
...cfg,
|
|
314
|
+
gateway: {
|
|
315
|
+
...cfg.gateway,
|
|
316
|
+
nodes: {
|
|
317
|
+
...cfg.gateway?.nodes,
|
|
318
|
+
denyCommands: []
|
|
319
|
+
}
|
|
320
|
+
}
|
|
321
|
+
};
|
|
322
|
+
const out = /* @__PURE__ */ new Set();
|
|
323
|
+
for (const platform of [
|
|
324
|
+
"ios",
|
|
325
|
+
"android",
|
|
326
|
+
"macos",
|
|
327
|
+
"linux",
|
|
328
|
+
"windows",
|
|
329
|
+
"unknown"
|
|
330
|
+
]) {
|
|
331
|
+
const allow = resolveNodeCommandAllowlist(baseCfg, { platform });
|
|
332
|
+
for (const cmd of allow) {
|
|
333
|
+
const normalized = normalizeNodeCommand(cmd);
|
|
334
|
+
if (normalized) out.add(normalized);
|
|
335
|
+
}
|
|
336
|
+
}
|
|
337
|
+
return out;
|
|
338
|
+
}
|
|
339
|
+
function resolveToolPolicies(params) {
|
|
340
|
+
const policies = [];
|
|
341
|
+
const profilePolicy = resolveToolProfilePolicy(params.agentTools?.profile ?? params.cfg.tools?.profile);
|
|
342
|
+
if (profilePolicy) policies.push(profilePolicy);
|
|
343
|
+
const globalPolicy = pickSandboxToolPolicy(params.cfg.tools ?? void 0);
|
|
344
|
+
if (globalPolicy) policies.push(globalPolicy);
|
|
345
|
+
const agentPolicy = pickSandboxToolPolicy(params.agentTools);
|
|
346
|
+
if (agentPolicy) policies.push(agentPolicy);
|
|
347
|
+
if (params.sandboxMode === "all") policies.push(resolveSandboxToolPolicyForAgent(params.cfg, params.agentId ?? void 0));
|
|
348
|
+
return policies;
|
|
349
|
+
}
|
|
350
|
+
function looksLikeNodeCommandPattern(value) {
|
|
351
|
+
if (!value) return false;
|
|
352
|
+
if (/[?*[\]{}(),|]/.test(value)) return true;
|
|
353
|
+
if (value.startsWith("/") || value.endsWith("/") || value.startsWith("^") || value.endsWith("$")) return true;
|
|
354
|
+
return /\s/.test(value) || value.includes("group:");
|
|
355
|
+
}
|
|
356
|
+
function editDistance(a, b) {
|
|
357
|
+
if (a === b) return 0;
|
|
358
|
+
if (!a) return b.length;
|
|
359
|
+
if (!b) return a.length;
|
|
360
|
+
const dp = Array.from({ length: b.length + 1 }, (_, j) => j);
|
|
361
|
+
for (let i = 1; i <= a.length; i++) {
|
|
362
|
+
let prev = dp[0];
|
|
363
|
+
dp[0] = i;
|
|
364
|
+
for (let j = 1; j <= b.length; j++) {
|
|
365
|
+
const temp = dp[j];
|
|
366
|
+
const cost = a[i - 1] === b[j - 1] ? 0 : 1;
|
|
367
|
+
dp[j] = Math.min(dp[j] + 1, dp[j - 1] + 1, prev + cost);
|
|
368
|
+
prev = temp;
|
|
369
|
+
}
|
|
370
|
+
}
|
|
371
|
+
return dp[b.length];
|
|
372
|
+
}
|
|
373
|
+
function suggestKnownNodeCommands(unknown, known) {
|
|
374
|
+
const needle = unknown.trim();
|
|
375
|
+
if (!needle) return [];
|
|
376
|
+
const prefix = needle.includes(".") ? needle.split(".").slice(0, 2).join(".") : needle;
|
|
377
|
+
const prefixHits = Array.from(known).filter((cmd) => cmd.startsWith(prefix)).slice(0, 3);
|
|
378
|
+
if (prefixHits.length > 0) return prefixHits;
|
|
379
|
+
const ranked = Array.from(known).map((cmd) => ({
|
|
380
|
+
cmd,
|
|
381
|
+
d: editDistance(needle, cmd)
|
|
382
|
+
})).toSorted((a, b) => a.d - b.d || a.cmd.localeCompare(b.cmd));
|
|
383
|
+
const best = ranked[0]?.d ?? Infinity;
|
|
384
|
+
const threshold = Math.max(2, Math.min(4, best));
|
|
385
|
+
return ranked.filter((r) => r.d <= threshold).slice(0, 3).map((r) => r.cmd);
|
|
386
|
+
}
|
|
387
|
+
function listGroupPolicyOpen(cfg) {
|
|
388
|
+
const out = [];
|
|
389
|
+
const channels = cfg.channels;
|
|
390
|
+
if (!channels || typeof channels !== "object") return out;
|
|
391
|
+
for (const [channelId, value] of Object.entries(channels)) {
|
|
392
|
+
if (!value || typeof value !== "object") continue;
|
|
393
|
+
const section = value;
|
|
394
|
+
if (section.groupPolicy === "open") out.push(`channels.${channelId}.groupPolicy`);
|
|
395
|
+
const accounts = section.accounts;
|
|
396
|
+
if (accounts && typeof accounts === "object") for (const [accountId, accountVal] of Object.entries(accounts)) {
|
|
397
|
+
if (!accountVal || typeof accountVal !== "object") continue;
|
|
398
|
+
if (accountVal.groupPolicy === "open") out.push(`channels.${channelId}.accounts.${accountId}.groupPolicy`);
|
|
399
|
+
}
|
|
400
|
+
}
|
|
401
|
+
return out;
|
|
402
|
+
}
|
|
403
|
+
function hasConfiguredGroupTargets(section) {
|
|
404
|
+
return [
|
|
405
|
+
"groups",
|
|
406
|
+
"guilds",
|
|
407
|
+
"channels",
|
|
408
|
+
"rooms"
|
|
409
|
+
].some((key) => {
|
|
410
|
+
const value = section[key];
|
|
411
|
+
return Boolean(value && typeof value === "object" && Object.keys(value).length > 0);
|
|
412
|
+
});
|
|
413
|
+
}
|
|
414
|
+
function listPotentialMultiUserSignals(cfg) {
|
|
415
|
+
const out = /* @__PURE__ */ new Set();
|
|
416
|
+
const channels = cfg.channels;
|
|
417
|
+
if (!channels || typeof channels !== "object") return [];
|
|
418
|
+
const inspectSection = (section, basePath) => {
|
|
419
|
+
const groupPolicy = typeof section.groupPolicy === "string" ? section.groupPolicy : null;
|
|
420
|
+
if (groupPolicy === "open") out.add(`${basePath}.groupPolicy="open"`);
|
|
421
|
+
else if (groupPolicy === "allowlist" && hasConfiguredGroupTargets(section)) out.add(`${basePath}.groupPolicy="allowlist" with configured group targets`);
|
|
422
|
+
if ((typeof section.dmPolicy === "string" ? section.dmPolicy : null) === "open") out.add(`${basePath}.dmPolicy="open"`);
|
|
423
|
+
if ((Array.isArray(section.allowFrom) ? section.allowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.allowFrom includes "*"`);
|
|
424
|
+
if ((Array.isArray(section.groupAllowFrom) ? section.groupAllowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.groupAllowFrom includes "*"`);
|
|
425
|
+
const dm = section.dm;
|
|
426
|
+
if (dm && typeof dm === "object") {
|
|
427
|
+
const dmSection = dm;
|
|
428
|
+
if ((typeof dmSection.policy === "string" ? dmSection.policy : null) === "open") out.add(`${basePath}.dm.policy="open"`);
|
|
429
|
+
if ((Array.isArray(dmSection.allowFrom) ? dmSection.allowFrom : []).some((entry) => isWildcardEntry(entry))) out.add(`${basePath}.dm.allowFrom includes "*"`);
|
|
430
|
+
}
|
|
431
|
+
};
|
|
432
|
+
for (const [channelId, value] of Object.entries(channels)) {
|
|
433
|
+
if (!value || typeof value !== "object") continue;
|
|
434
|
+
const section = value;
|
|
435
|
+
inspectSection(section, `channels.${channelId}`);
|
|
436
|
+
const accounts = section.accounts;
|
|
437
|
+
if (!accounts || typeof accounts !== "object") continue;
|
|
438
|
+
for (const [accountId, accountValue] of Object.entries(accounts)) {
|
|
439
|
+
if (!accountValue || typeof accountValue !== "object") continue;
|
|
440
|
+
inspectSection(accountValue, `channels.${channelId}.accounts.${accountId}`);
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
return Array.from(out);
|
|
444
|
+
}
|
|
445
|
+
function collectRiskyToolExposureContexts(cfg) {
|
|
446
|
+
const contexts = [{ label: "agents.defaults" }];
|
|
447
|
+
for (const agent of cfg.agents?.list ?? []) {
|
|
448
|
+
if (!agent || typeof agent !== "object" || typeof agent.id !== "string") continue;
|
|
449
|
+
contexts.push({
|
|
450
|
+
label: `agents.list.${agent.id}`,
|
|
451
|
+
agentId: agent.id,
|
|
452
|
+
tools: agent.tools
|
|
453
|
+
});
|
|
454
|
+
}
|
|
455
|
+
const riskyContexts = [];
|
|
456
|
+
let hasRuntimeRisk = false;
|
|
457
|
+
for (const context of contexts) {
|
|
458
|
+
const sandboxMode = resolveSandboxConfigForAgent(cfg, context.agentId).mode;
|
|
459
|
+
const policies = resolveToolPolicies({
|
|
460
|
+
cfg,
|
|
461
|
+
agentTools: context.tools,
|
|
462
|
+
sandboxMode,
|
|
463
|
+
agentId: context.agentId ?? null
|
|
464
|
+
});
|
|
465
|
+
const runtimeTools = ["exec", "process"].filter((tool) => isToolAllowedByPolicies(tool, policies));
|
|
466
|
+
const fsTools = [
|
|
467
|
+
"read",
|
|
468
|
+
"write",
|
|
469
|
+
"edit",
|
|
470
|
+
"apply_patch"
|
|
471
|
+
].filter((tool) => isToolAllowedByPolicies(tool, policies));
|
|
472
|
+
const fsWorkspaceOnly = context.tools?.fs?.workspaceOnly ?? cfg.tools?.fs?.workspaceOnly;
|
|
473
|
+
const runtimeUnguarded = runtimeTools.length > 0 && sandboxMode !== "all";
|
|
474
|
+
const fsUnguarded = fsTools.length > 0 && sandboxMode !== "all" && fsWorkspaceOnly !== true;
|
|
475
|
+
if (!runtimeUnguarded && !fsUnguarded) continue;
|
|
476
|
+
if (runtimeUnguarded) hasRuntimeRisk = true;
|
|
477
|
+
riskyContexts.push(`${context.label} (sandbox=${sandboxMode}; runtime=[${runtimeTools.join(", ") || "off"}]; fs=[${fsTools.join(", ") || "off"}]; fs.workspaceOnly=${fsWorkspaceOnly === true ? "true" : "false"})`);
|
|
478
|
+
}
|
|
479
|
+
return {
|
|
480
|
+
riskyContexts,
|
|
481
|
+
hasRuntimeRisk
|
|
482
|
+
};
|
|
483
|
+
}
|
|
484
|
+
function collectSyncedFolderFindings(params) {
|
|
485
|
+
const findings = [];
|
|
486
|
+
if (isProbablySyncedPath(params.stateDir) || isProbablySyncedPath(params.configPath)) findings.push({
|
|
487
|
+
checkId: "fs.synced_dir",
|
|
488
|
+
severity: "warn",
|
|
489
|
+
title: "State/config path looks like a synced folder",
|
|
490
|
+
detail: `stateDir=${params.stateDir}, configPath=${params.configPath}. Synced folders (iCloud/Dropbox/OneDrive/Google Drive) can leak tokens and transcripts onto other devices.`,
|
|
491
|
+
remediation: `Keep GENESIS_STATE_DIR on a local-only volume and re-run "${formatCliCommand("genesis security audit --fix")}".`
|
|
492
|
+
});
|
|
493
|
+
return findings;
|
|
494
|
+
}
|
|
495
|
+
function collectSecretsInConfigFindings(cfg) {
|
|
496
|
+
const findings = [];
|
|
497
|
+
const password = normalizeOptionalString(cfg.gateway?.auth?.password) ?? "";
|
|
498
|
+
if (password && !looksLikeEnvRef(password)) findings.push({
|
|
499
|
+
checkId: "config.secrets.gateway_password_in_config",
|
|
500
|
+
severity: "warn",
|
|
501
|
+
title: "Gateway password is stored in config",
|
|
502
|
+
detail: "gateway.auth.password is set in the config file; prefer environment variables for secrets when possible.",
|
|
503
|
+
remediation: "Prefer GENESIS_GATEWAY_PASSWORD (env) and remove gateway.auth.password from disk."
|
|
504
|
+
});
|
|
505
|
+
const hooksToken = normalizeOptionalString(cfg.hooks?.token) ?? "";
|
|
506
|
+
if (cfg.hooks?.enabled === true && hooksToken && !looksLikeEnvRef(hooksToken)) findings.push({
|
|
507
|
+
checkId: "config.secrets.hooks_token_in_config",
|
|
508
|
+
severity: "info",
|
|
509
|
+
title: "Hooks token is stored in config",
|
|
510
|
+
detail: "hooks.token is set in the config file; keep config perms tight and treat it like an API secret."
|
|
511
|
+
});
|
|
512
|
+
return findings;
|
|
513
|
+
}
|
|
514
|
+
function collectHooksHardeningFindings(cfg, env = process.env) {
|
|
515
|
+
const findings = [];
|
|
516
|
+
if (cfg.hooks?.enabled !== true) return findings;
|
|
517
|
+
const token = normalizeOptionalString(cfg.hooks?.token) ?? "";
|
|
518
|
+
if (token && token.length < 24) findings.push({
|
|
519
|
+
checkId: "hooks.token_too_short",
|
|
520
|
+
severity: "warn",
|
|
521
|
+
title: "Hooks token looks short",
|
|
522
|
+
detail: `hooks.token is ${token.length} chars; prefer a long random token.`
|
|
523
|
+
});
|
|
524
|
+
const gatewayAuth = resolveGatewayAuth({
|
|
525
|
+
authConfig: cfg.gateway?.auth,
|
|
526
|
+
tailscaleMode: cfg.gateway?.tailscale?.mode ?? "off",
|
|
527
|
+
env
|
|
528
|
+
});
|
|
529
|
+
const genesisGatewayToken = typeof env.GENESIS_GATEWAY_TOKEN === "string" && env.GENESIS_GATEWAY_TOKEN.trim() ? env.GENESIS_GATEWAY_TOKEN.trim() : null;
|
|
530
|
+
const gatewayToken = gatewayAuth.mode === "token" && typeof gatewayAuth.token === "string" && gatewayAuth.token.trim() ? gatewayAuth.token.trim() : genesisGatewayToken ? genesisGatewayToken : null;
|
|
531
|
+
if (token && gatewayToken && token === gatewayToken) findings.push({
|
|
532
|
+
checkId: "hooks.token_reuse_gateway_token",
|
|
533
|
+
severity: "critical",
|
|
534
|
+
title: "Hooks token reuses the Gateway token",
|
|
535
|
+
detail: "hooks.token matches gateway.auth token; compromise of hooks expands blast radius to the Gateway API.",
|
|
536
|
+
remediation: "Use a separate hooks.token dedicated to hook ingress."
|
|
537
|
+
});
|
|
538
|
+
if ((normalizeOptionalString(cfg.hooks?.path) ?? "") === "/") findings.push({
|
|
539
|
+
checkId: "hooks.path_root",
|
|
540
|
+
severity: "critical",
|
|
541
|
+
title: "Hooks base path is '/'",
|
|
542
|
+
detail: "hooks.path='/' would shadow other HTTP endpoints and is unsafe.",
|
|
543
|
+
remediation: "Use a dedicated path like '/hooks'."
|
|
544
|
+
});
|
|
545
|
+
const allowRequestSessionKey = cfg.hooks?.allowRequestSessionKey === true;
|
|
546
|
+
const defaultSessionKey = normalizeOptionalString(cfg.hooks?.defaultSessionKey) ?? "";
|
|
547
|
+
const allowedAgentIds = resolveAllowedAgentIds(cfg.hooks?.allowedAgentIds);
|
|
548
|
+
const allowedPrefixes = Array.isArray(cfg.hooks?.allowedSessionKeyPrefixes) ? cfg.hooks.allowedSessionKeyPrefixes.map((prefix) => prefix.trim()).filter((prefix) => prefix.length > 0) : [];
|
|
549
|
+
const remoteExposure = isGatewayRemotelyExposed(cfg);
|
|
550
|
+
if (!defaultSessionKey) findings.push({
|
|
551
|
+
checkId: "hooks.default_session_key_unset",
|
|
552
|
+
severity: "warn",
|
|
553
|
+
title: "hooks.defaultSessionKey is not configured",
|
|
554
|
+
detail: "Hook agent runs without explicit sessionKey use generated per-request keys. Set hooks.defaultSessionKey to keep hook ingress scoped to a known session.",
|
|
555
|
+
remediation: "Set hooks.defaultSessionKey (for example, \"hook:ingress\")."
|
|
556
|
+
});
|
|
557
|
+
if (allowedAgentIds === void 0) findings.push({
|
|
558
|
+
checkId: "hooks.allowed_agent_ids_unrestricted",
|
|
559
|
+
severity: remoteExposure ? "critical" : "warn",
|
|
560
|
+
title: "Hook agent routing allows any configured agent",
|
|
561
|
+
detail: "hooks.allowedAgentIds is unset or includes '*', so authenticated hook callers may route to any configured agent id.",
|
|
562
|
+
remediation: "Set hooks.allowedAgentIds to an explicit allowlist (for example, [\"hooks\", \"main\"]) or [] to deny explicit agent routing."
|
|
563
|
+
});
|
|
564
|
+
if (allowRequestSessionKey) findings.push({
|
|
565
|
+
checkId: "hooks.request_session_key_enabled",
|
|
566
|
+
severity: remoteExposure ? "critical" : "warn",
|
|
567
|
+
title: "External hook payloads may override sessionKey",
|
|
568
|
+
detail: "hooks.allowRequestSessionKey=true allows `/hooks/agent` callers to choose the session key. Treat hook token holders as full-trust unless you also restrict prefixes.",
|
|
569
|
+
remediation: "Set hooks.allowRequestSessionKey=false (recommended) or constrain hooks.allowedSessionKeyPrefixes."
|
|
570
|
+
});
|
|
571
|
+
if (allowRequestSessionKey && allowedPrefixes.length === 0) findings.push({
|
|
572
|
+
checkId: "hooks.request_session_key_prefixes_missing",
|
|
573
|
+
severity: remoteExposure ? "critical" : "warn",
|
|
574
|
+
title: "Request sessionKey override is enabled without prefix restrictions",
|
|
575
|
+
detail: "hooks.allowRequestSessionKey=true and hooks.allowedSessionKeyPrefixes is unset/empty, so request payloads can target arbitrary session key shapes.",
|
|
576
|
+
remediation: "Set hooks.allowedSessionKeyPrefixes (for example, [\"hook:\"]) or disable request overrides."
|
|
577
|
+
});
|
|
578
|
+
return findings;
|
|
579
|
+
}
|
|
580
|
+
function collectGatewayHttpSessionKeyOverrideFindings(cfg) {
|
|
581
|
+
const findings = [];
|
|
582
|
+
const chatCompletionsEnabled = cfg.gateway?.http?.endpoints?.chatCompletions?.enabled === true;
|
|
583
|
+
const responsesEnabled = cfg.gateway?.http?.endpoints?.responses?.enabled === true;
|
|
584
|
+
if (!chatCompletionsEnabled && !responsesEnabled) return findings;
|
|
585
|
+
const enabledEndpoints = [chatCompletionsEnabled ? "/v1/chat/completions" : null, responsesEnabled ? "/v1/responses" : null].filter((entry) => Boolean(entry));
|
|
586
|
+
findings.push({
|
|
587
|
+
checkId: "gateway.http.session_key_override_enabled",
|
|
588
|
+
severity: "info",
|
|
589
|
+
title: "HTTP API session-key override is enabled",
|
|
590
|
+
detail: `${enabledEndpoints.join(", ")} accept x-genesis-session-key for per-request session routing. Treat API credential holders as trusted principals.`
|
|
591
|
+
});
|
|
592
|
+
return findings;
|
|
593
|
+
}
|
|
594
|
+
function collectGatewayHttpNoAuthFindings(cfg, env) {
|
|
595
|
+
const findings = [];
|
|
596
|
+
const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
|
|
597
|
+
if (resolveGatewayAuth({
|
|
598
|
+
authConfig: cfg.gateway?.auth,
|
|
599
|
+
tailscaleMode,
|
|
600
|
+
env
|
|
601
|
+
}).mode !== "none") return findings;
|
|
602
|
+
const chatCompletionsEnabled = cfg.gateway?.http?.endpoints?.chatCompletions?.enabled === true;
|
|
603
|
+
const responsesEnabled = cfg.gateway?.http?.endpoints?.responses?.enabled === true;
|
|
604
|
+
const enabledEndpoints = [
|
|
605
|
+
"/tools/invoke",
|
|
606
|
+
chatCompletionsEnabled ? "/v1/chat/completions" : null,
|
|
607
|
+
responsesEnabled ? "/v1/responses" : null
|
|
608
|
+
].filter((entry) => Boolean(entry));
|
|
609
|
+
const remoteExposure = isGatewayRemotelyExposed(cfg);
|
|
610
|
+
findings.push({
|
|
611
|
+
checkId: "gateway.http.no_auth",
|
|
612
|
+
severity: remoteExposure ? "critical" : "warn",
|
|
613
|
+
title: "Gateway HTTP APIs are reachable without auth",
|
|
614
|
+
detail: `gateway.auth.mode="none" leaves ${enabledEndpoints.join(", ")} callable without a shared secret. Treat this as trusted-local only and avoid exposing the gateway beyond loopback.`,
|
|
615
|
+
remediation: "Set gateway.auth.mode to token/password (recommended). If you intentionally keep mode=none, keep gateway.bind=loopback and disable optional HTTP endpoints."
|
|
616
|
+
});
|
|
617
|
+
return findings;
|
|
618
|
+
}
|
|
619
|
+
function collectSandboxDockerNoopFindings(cfg) {
|
|
620
|
+
const findings = [];
|
|
621
|
+
const configuredPaths = [];
|
|
622
|
+
const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
|
|
623
|
+
const defaultsSandbox = cfg.agents?.defaults?.sandbox;
|
|
624
|
+
const hasDefaultDocker = hasConfiguredDockerConfig(defaultsSandbox?.docker);
|
|
625
|
+
const defaultMode = defaultsSandbox?.mode ?? "off";
|
|
626
|
+
const hasAnySandboxEnabledAgent = agents.some((entry) => {
|
|
627
|
+
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") return false;
|
|
628
|
+
return resolveSandboxConfigForAgent(cfg, entry.id).mode !== "off";
|
|
629
|
+
});
|
|
630
|
+
if (hasDefaultDocker && defaultMode === "off" && !hasAnySandboxEnabledAgent) configuredPaths.push("agents.defaults.sandbox.docker");
|
|
631
|
+
for (const entry of agents) {
|
|
632
|
+
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
633
|
+
if (!hasConfiguredDockerConfig(entry.sandbox?.docker)) continue;
|
|
634
|
+
if (resolveSandboxConfigForAgent(cfg, entry.id).mode === "off") configuredPaths.push(`agents.list.${entry.id}.sandbox.docker`);
|
|
635
|
+
}
|
|
636
|
+
if (configuredPaths.length === 0) return findings;
|
|
637
|
+
findings.push({
|
|
638
|
+
checkId: "sandbox.docker_config_mode_off",
|
|
639
|
+
severity: "warn",
|
|
640
|
+
title: "Sandbox docker settings configured while sandbox mode is off",
|
|
641
|
+
detail: "These docker settings will not take effect until sandbox mode is enabled:\n" + configuredPaths.map((entry) => `- ${entry}`).join("\n"),
|
|
642
|
+
remediation: "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) where needed, or remove unused docker settings."
|
|
643
|
+
});
|
|
644
|
+
return findings;
|
|
645
|
+
}
|
|
646
|
+
function collectSandboxDangerousConfigFindings(cfg) {
|
|
647
|
+
const findings = [];
|
|
648
|
+
const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
|
|
649
|
+
const configs = [];
|
|
650
|
+
const defaultDocker = cfg.agents?.defaults?.sandbox?.docker;
|
|
651
|
+
if (defaultDocker && typeof defaultDocker === "object") configs.push({
|
|
652
|
+
source: "agents.defaults.sandbox.docker",
|
|
653
|
+
docker: defaultDocker
|
|
654
|
+
});
|
|
655
|
+
for (const entry of agents) {
|
|
656
|
+
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
657
|
+
const agentDocker = entry.sandbox?.docker;
|
|
658
|
+
if (agentDocker && typeof agentDocker === "object") configs.push({
|
|
659
|
+
source: `agents.list.${entry.id}.sandbox.docker`,
|
|
660
|
+
docker: agentDocker
|
|
661
|
+
});
|
|
662
|
+
}
|
|
663
|
+
for (const { source, docker } of configs) {
|
|
664
|
+
const binds = Array.isArray(docker.binds) ? docker.binds : [];
|
|
665
|
+
for (const bind of binds) {
|
|
666
|
+
if (typeof bind !== "string") continue;
|
|
667
|
+
const blocked = getBlockedBindReason(bind);
|
|
668
|
+
if (!blocked) continue;
|
|
669
|
+
if (blocked.kind === "non_absolute") {
|
|
670
|
+
findings.push({
|
|
671
|
+
checkId: "sandbox.bind_mount_non_absolute",
|
|
672
|
+
severity: "warn",
|
|
673
|
+
title: "Sandbox bind mount uses a non-absolute source path",
|
|
674
|
+
detail: `${source}.binds contains "${bind}" which uses source path "${blocked.sourcePath}". Non-absolute bind sources are hard to validate safely and may resolve unexpectedly.`,
|
|
675
|
+
remediation: `Rewrite "${bind}" to use an absolute host path (for example: /home/user/project:/project:ro).`
|
|
676
|
+
});
|
|
677
|
+
continue;
|
|
678
|
+
}
|
|
679
|
+
if (blocked.kind !== "covers" && blocked.kind !== "targets") continue;
|
|
680
|
+
const verb = blocked.kind === "covers" ? "covers" : "targets";
|
|
681
|
+
findings.push({
|
|
682
|
+
checkId: "sandbox.dangerous_bind_mount",
|
|
683
|
+
severity: "critical",
|
|
684
|
+
title: "Dangerous bind mount in sandbox config",
|
|
685
|
+
detail: `${source}.binds contains "${bind}" which ${verb} blocked path "${blocked.blockedPath}". This can expose host system directories or the Docker socket to sandbox containers.`,
|
|
686
|
+
remediation: `Remove "${bind}" from ${source}.binds. Use project-specific paths instead.`
|
|
687
|
+
});
|
|
688
|
+
}
|
|
689
|
+
const network = typeof docker.network === "string" ? docker.network : void 0;
|
|
690
|
+
const normalizedNetwork = normalizeNetworkMode(network);
|
|
691
|
+
if (isDangerousNetworkMode(network)) {
|
|
692
|
+
const modeLabel = normalizedNetwork === "host" ? "\"host\"" : `"${network}"`;
|
|
693
|
+
const detail = normalizedNetwork === "host" ? `${source}.network is "host" which bypasses container network isolation entirely.` : `${source}.network is ${modeLabel} which joins another container namespace and can bypass sandbox network isolation.`;
|
|
694
|
+
findings.push({
|
|
695
|
+
checkId: "sandbox.dangerous_network_mode",
|
|
696
|
+
severity: "critical",
|
|
697
|
+
title: "Dangerous network mode in sandbox config",
|
|
698
|
+
detail,
|
|
699
|
+
remediation: `Set ${source}.network to "bridge", "none", or a custom bridge network name. Use ${source}.dangerouslyAllowContainerNamespaceJoin=true only as a break-glass override when you fully trust this runtime.`
|
|
700
|
+
});
|
|
701
|
+
}
|
|
702
|
+
if (normalizeOptionalLowercaseString(typeof docker.seccompProfile === "string" ? docker.seccompProfile : void 0) === "unconfined") findings.push({
|
|
703
|
+
checkId: "sandbox.dangerous_seccomp_profile",
|
|
704
|
+
severity: "critical",
|
|
705
|
+
title: "Seccomp unconfined in sandbox config",
|
|
706
|
+
detail: `${source}.seccompProfile is "unconfined" which disables syscall filtering.`,
|
|
707
|
+
remediation: `Remove ${source}.seccompProfile or use a custom seccomp profile file.`
|
|
708
|
+
});
|
|
709
|
+
if (normalizeOptionalLowercaseString(typeof docker.apparmorProfile === "string" ? docker.apparmorProfile : void 0) === "unconfined") findings.push({
|
|
710
|
+
checkId: "sandbox.dangerous_apparmor_profile",
|
|
711
|
+
severity: "critical",
|
|
712
|
+
title: "AppArmor unconfined in sandbox config",
|
|
713
|
+
detail: `${source}.apparmorProfile is "unconfined" which disables AppArmor enforcement.`,
|
|
714
|
+
remediation: `Remove ${source}.apparmorProfile or use a named AppArmor profile.`
|
|
715
|
+
});
|
|
716
|
+
}
|
|
717
|
+
return findings;
|
|
718
|
+
}
|
|
719
|
+
function collectNodeDenyCommandPatternFindings(cfg) {
|
|
720
|
+
const findings = [];
|
|
721
|
+
const denyListRaw = cfg.gateway?.nodes?.denyCommands;
|
|
722
|
+
if (!Array.isArray(denyListRaw) || denyListRaw.length === 0) return findings;
|
|
723
|
+
const denyList = denyListRaw.map(normalizeNodeCommand).filter(Boolean);
|
|
724
|
+
if (denyList.length === 0) return findings;
|
|
725
|
+
const knownCommands = listKnownNodeCommands(cfg);
|
|
726
|
+
const patternLike = denyList.filter((entry) => looksLikeNodeCommandPattern(entry));
|
|
727
|
+
const unknownExact = denyList.filter((entry) => !looksLikeNodeCommandPattern(entry) && !knownCommands.has(entry));
|
|
728
|
+
if (patternLike.length === 0 && unknownExact.length === 0) return findings;
|
|
729
|
+
const detailParts = [];
|
|
730
|
+
if (patternLike.length > 0) detailParts.push(`Pattern-like entries (not supported by exact matching): ${patternLike.join(", ")}`);
|
|
731
|
+
if (unknownExact.length > 0) {
|
|
732
|
+
const unknownDetails = unknownExact.map((entry) => {
|
|
733
|
+
const suggestions = suggestKnownNodeCommands(entry, knownCommands);
|
|
734
|
+
if (suggestions.length === 0) return entry;
|
|
735
|
+
return `${entry} (did you mean: ${suggestions.join(", ")})`;
|
|
736
|
+
}).join(", ");
|
|
737
|
+
detailParts.push(`Unknown command names (not in defaults/allowCommands): ${unknownDetails}`);
|
|
738
|
+
}
|
|
739
|
+
const examples = Array.from(knownCommands).slice(0, 8);
|
|
740
|
+
findings.push({
|
|
741
|
+
checkId: "gateway.nodes.deny_commands_ineffective",
|
|
742
|
+
severity: "warn",
|
|
743
|
+
title: "Some gateway.nodes.denyCommands entries are ineffective",
|
|
744
|
+
detail: "gateway.nodes.denyCommands uses exact node command-name matching only (for example `system.run`), not shell-text filtering inside a command payload.\n" + detailParts.map((entry) => `- ${entry}`).join("\n"),
|
|
745
|
+
remediation: `Use exact command names (for example: ${examples.join(", ")}). If you need broader restrictions, remove risky command IDs from allowCommands/default workflows and tighten tools.exec policy.`
|
|
746
|
+
});
|
|
747
|
+
return findings;
|
|
748
|
+
}
|
|
749
|
+
function collectNodeDangerousAllowCommandFindings(cfg) {
|
|
750
|
+
const findings = [];
|
|
751
|
+
const allowRaw = cfg.gateway?.nodes?.allowCommands;
|
|
752
|
+
if (!Array.isArray(allowRaw) || allowRaw.length === 0) return findings;
|
|
753
|
+
const allow = new Set(allowRaw.map(normalizeNodeCommand).filter(Boolean));
|
|
754
|
+
if (allow.size === 0) return findings;
|
|
755
|
+
const deny = new Set((cfg.gateway?.nodes?.denyCommands ?? []).map(normalizeNodeCommand));
|
|
756
|
+
const dangerousAllowed = DEFAULT_DANGEROUS_NODE_COMMANDS.filter((cmd) => allow.has(cmd) && !deny.has(cmd));
|
|
757
|
+
if (dangerousAllowed.length === 0) return findings;
|
|
758
|
+
findings.push({
|
|
759
|
+
checkId: "gateway.nodes.allow_commands_dangerous",
|
|
760
|
+
severity: isGatewayRemotelyExposed(cfg) ? "critical" : "warn",
|
|
761
|
+
title: "Dangerous node commands explicitly enabled",
|
|
762
|
+
detail: `gateway.nodes.allowCommands includes: ${dangerousAllowed.join(", ")}. These commands can trigger high-impact device actions (camera/screen/contacts/calendar/reminders/SMS).`,
|
|
763
|
+
remediation: "Remove these entries from gateway.nodes.allowCommands (recommended). If you keep them, treat gateway auth as full operator access and keep gateway exposure local/tailnet-only."
|
|
764
|
+
});
|
|
765
|
+
return findings;
|
|
766
|
+
}
|
|
767
|
+
function collectMinimalProfileOverrideFindings(cfg) {
|
|
768
|
+
const findings = [];
|
|
769
|
+
if (cfg.tools?.profile !== "minimal") return findings;
|
|
770
|
+
const overrides = (cfg.agents?.list ?? []).filter((entry) => {
|
|
771
|
+
return Boolean(entry && typeof entry === "object" && typeof entry.id === "string" && entry.tools?.profile && entry.tools.profile !== "minimal");
|
|
772
|
+
}).map((entry) => `${entry.id}=${entry.tools?.profile}`);
|
|
773
|
+
if (overrides.length === 0) return findings;
|
|
774
|
+
findings.push({
|
|
775
|
+
checkId: "tools.profile_minimal_overridden",
|
|
776
|
+
severity: "warn",
|
|
777
|
+
title: "Global tools.profile=minimal is overridden by agent profiles",
|
|
778
|
+
detail: "Global minimal profile is set, but these agent profiles take precedence:\n" + overrides.map((entry) => `- agents.list.${entry}`).join("\n"),
|
|
779
|
+
remediation: "Set those agents to `tools.profile=\"minimal\"` (or remove the agent override) if you want minimal tools enforced globally."
|
|
780
|
+
});
|
|
781
|
+
return findings;
|
|
782
|
+
}
|
|
783
|
+
function collectModelHygieneFindings(cfg) {
|
|
784
|
+
const findings = [];
|
|
785
|
+
const models = collectModels(cfg);
|
|
786
|
+
if (models.length === 0) return findings;
|
|
787
|
+
const weakMatches = /* @__PURE__ */ new Map();
|
|
788
|
+
const addWeakMatch = (model, source, reason) => {
|
|
789
|
+
const key = `${model}@@${source}`;
|
|
790
|
+
const existing = weakMatches.get(key);
|
|
791
|
+
if (!existing) {
|
|
792
|
+
weakMatches.set(key, {
|
|
793
|
+
model,
|
|
794
|
+
source,
|
|
795
|
+
reasons: [reason]
|
|
796
|
+
});
|
|
797
|
+
return;
|
|
798
|
+
}
|
|
799
|
+
if (!existing.reasons.includes(reason)) existing.reasons.push(reason);
|
|
800
|
+
};
|
|
801
|
+
for (const entry of models) {
|
|
802
|
+
for (const pat of WEAK_TIER_MODEL_PATTERNS) if (pat.re.test(entry.id)) {
|
|
803
|
+
addWeakMatch(entry.id, entry.source, pat.label);
|
|
804
|
+
break;
|
|
805
|
+
}
|
|
806
|
+
if (isGptModel(entry.id) && !isGpt5OrHigher(entry.id)) addWeakMatch(entry.id, entry.source, "Below GPT-5 family");
|
|
807
|
+
if (isClaudeModel(entry.id) && !isClaude45OrHigher(entry.id)) addWeakMatch(entry.id, entry.source, "Below Claude 4.5");
|
|
808
|
+
}
|
|
809
|
+
const matches = [];
|
|
810
|
+
for (const entry of models) for (const pat of LEGACY_MODEL_PATTERNS) if (pat.re.test(entry.id)) {
|
|
811
|
+
matches.push({
|
|
812
|
+
model: entry.id,
|
|
813
|
+
source: entry.source,
|
|
814
|
+
reason: pat.label
|
|
815
|
+
});
|
|
816
|
+
break;
|
|
817
|
+
}
|
|
818
|
+
if (matches.length > 0) {
|
|
819
|
+
const lines = matches.slice(0, 12).map((m) => `- ${m.model} (${m.reason}) @ ${m.source}`).join("\n");
|
|
820
|
+
const more = matches.length > 12 ? `\n…${matches.length - 12} more` : "";
|
|
821
|
+
findings.push({
|
|
822
|
+
checkId: "models.legacy",
|
|
823
|
+
severity: "warn",
|
|
824
|
+
title: "Some configured models look legacy",
|
|
825
|
+
detail: "Older/legacy models can be less robust against prompt injection and tool misuse.\n" + lines + more,
|
|
826
|
+
remediation: "Prefer modern, instruction-hardened models for any bot that can run tools."
|
|
827
|
+
});
|
|
828
|
+
}
|
|
829
|
+
if (weakMatches.size > 0) {
|
|
830
|
+
const lines = Array.from(weakMatches.values()).slice(0, 12).map((m) => `- ${m.model} (${m.reasons.join("; ")}) @ ${m.source}`).join("\n");
|
|
831
|
+
const more = weakMatches.size > 12 ? `\n…${weakMatches.size - 12} more` : "";
|
|
832
|
+
findings.push({
|
|
833
|
+
checkId: "models.weak_tier",
|
|
834
|
+
severity: "warn",
|
|
835
|
+
title: "Some configured models are below recommended tiers",
|
|
836
|
+
detail: "Smaller/older models are generally more susceptible to prompt injection and tool misuse.\n" + lines + more,
|
|
837
|
+
remediation: "Use the latest, top-tier model for any bot with tools or untrusted inboxes. Avoid Haiku tiers; prefer GPT-5+ and Claude 4.5+."
|
|
838
|
+
});
|
|
839
|
+
}
|
|
840
|
+
return findings;
|
|
841
|
+
}
|
|
842
|
+
function collectExposureMatrixFindings(cfg) {
|
|
843
|
+
const findings = [];
|
|
844
|
+
const openGroups = listGroupPolicyOpen(cfg);
|
|
845
|
+
if (openGroups.length === 0) return findings;
|
|
846
|
+
if (cfg.tools?.elevated?.enabled !== false) findings.push({
|
|
847
|
+
checkId: "security.exposure.open_groups_with_elevated",
|
|
848
|
+
severity: "critical",
|
|
849
|
+
title: "Open groupPolicy with elevated tools enabled",
|
|
850
|
+
detail: `Found groupPolicy="open" at:\n${openGroups.map((p) => `- ${p}`).join("\n")}\nWith tools.elevated enabled, a prompt injection in those rooms can become a high-impact incident.`,
|
|
851
|
+
remediation: `Set groupPolicy="allowlist" and keep elevated allowlists extremely tight.`
|
|
852
|
+
});
|
|
853
|
+
const { riskyContexts, hasRuntimeRisk } = collectRiskyToolExposureContexts(cfg);
|
|
854
|
+
if (riskyContexts.length > 0) findings.push({
|
|
855
|
+
checkId: "security.exposure.open_groups_with_runtime_or_fs",
|
|
856
|
+
severity: hasRuntimeRisk ? "critical" : "warn",
|
|
857
|
+
title: "Open groupPolicy with runtime/filesystem tools exposed",
|
|
858
|
+
detail: `Found groupPolicy="open" at:\n${openGroups.map((p) => `- ${p}`).join("\n")}\nRisky tool exposure contexts:\n${riskyContexts.map((line) => `- ${line}`).join("\n")}\nPrompt injection in open groups can trigger command/file actions in these contexts.`,
|
|
859
|
+
remediation: "For open groups, prefer tools.profile=\"messaging\" (or deny group:runtime/group:fs), set tools.fs.workspaceOnly=true, and use agents.defaults.sandbox.mode=\"all\" for exposed agents."
|
|
860
|
+
});
|
|
861
|
+
return findings;
|
|
862
|
+
}
|
|
863
|
+
function collectLikelyMultiUserSetupFindings(cfg) {
|
|
864
|
+
const findings = [];
|
|
865
|
+
const signals = listPotentialMultiUserSignals(cfg);
|
|
866
|
+
if (signals.length === 0) return findings;
|
|
867
|
+
const { riskyContexts, hasRuntimeRisk } = collectRiskyToolExposureContexts(cfg);
|
|
868
|
+
const impactLine = hasRuntimeRisk ? "Runtime/process tools are exposed without full sandboxing in at least one context." : "No unguarded runtime/process tools were detected by this heuristic.";
|
|
869
|
+
const riskyContextsDetail = riskyContexts.length > 0 ? `Potential high-impact tool exposure contexts:\n${riskyContexts.map((line) => `- ${line}`).join("\n")}` : "No unguarded runtime/filesystem contexts detected.";
|
|
870
|
+
findings.push({
|
|
871
|
+
checkId: "security.trust_model.multi_user_heuristic",
|
|
872
|
+
severity: "warn",
|
|
873
|
+
title: "Potential multi-user setup detected (personal-assistant model warning)",
|
|
874
|
+
detail: "Heuristic signals indicate this gateway may be reachable by multiple users:\n" + signals.map((signal) => `- ${signal}`).join("\n") + `\n${impactLine}\n${riskyContextsDetail}\nGenesis's default security model is personal-assistant (one trusted operator boundary), not hostile multi-tenant isolation on one shared gateway.`,
|
|
875
|
+
remediation: "If users may be mutually untrusted, split trust boundaries (separate gateways + credentials, ideally separate OS users/hosts). If you intentionally run shared-user access, set agents.defaults.sandbox.mode=\"all\", keep tools.fs.workspaceOnly=true, deny runtime/fs/web tools unless required, and keep personal/private identities + credentials off that runtime."
|
|
876
|
+
});
|
|
877
|
+
return findings;
|
|
878
|
+
}
|
|
879
|
+
//#endregion
|
|
880
|
+
export { collectAttackSurfaceSummaryFindings, collectExposureMatrixFindings, collectGatewayHttpNoAuthFindings, collectGatewayHttpSessionKeyOverrideFindings, collectHooksHardeningFindings, collectIncludeFilePermFindings, collectLikelyMultiUserSetupFindings, collectMinimalProfileOverrideFindings, collectModelHygieneFindings, collectNodeDangerousAllowCommandFindings, collectNodeDenyCommandPatternFindings, collectPluginsTrustFindings, collectSandboxBrowserHashLabelFindings, collectSandboxDangerousConfigFindings, collectSandboxDockerNoopFindings, collectSecretsInConfigFindings, collectSmallModelRiskFindings, collectStateDeepFilesystemFindings, collectSyncedFolderFindings, collectWorkspaceSkillSymlinkEscapeFindings, readConfigSnapshotForAudit };
|