@poolzin/pool-bot 2026.2.23 → 2026.2.25

package/dist/security/dm-policy-shared.js

@@ -0,0 +1,24 @@
+import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
+import { normalizeStringEntries } from "../shared/string-normalization.js";
+export async function resolveDmAllowState(params) {
+    const configAllowFrom = normalizeStringEntries(Array.isArray(params.allowFrom) ? params.allowFrom : undefined);
+    const hasWildcard = configAllowFrom.includes("*");
+    const storeAllowFrom = await (params.readStore ?? readChannelAllowFromStore)(params.provider).catch(() => []);
+    const normalizeEntry = params.normalizeEntry ?? ((value) => value);
+    const normalizedCfg = configAllowFrom
+        .filter((value) => value !== "*")
+        .map((value) => normalizeEntry(value))
+        .map((value) => value.trim())
+        .filter(Boolean);
+    const normalizedStore = storeAllowFrom
+        .map((value) => normalizeEntry(value))
+        .map((value) => value.trim())
+        .filter(Boolean);
+    const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+    return {
+        configAllowFrom,
+        hasWildcard,
+        allowCount,
+        isMultiUserDm: hasWildcard || allowCount > 1,
+    };
+}

package/dist/security/external-content.js

@@ -62,14 +62,28 @@ const EXTERNAL_SOURCE_LABELS = {
     email: "Email",
     webhook: "Webhook",
     api: "API",
+    browser: "Browser",
     channel_metadata: "Channel metadata",
     web_search: "Web Search",
     web_fetch: "Web Fetch",
     unknown: "External",
 };
 const FULLWIDTH_ASCII_OFFSET = 0xfee0;
-const FULLWIDTH_LEFT_ANGLE = 0xff1c;
-const FULLWIDTH_RIGHT_ANGLE = 0xff1e;
+// Map of Unicode angle bracket homoglyphs to their ASCII equivalents.
+const ANGLE_BRACKET_MAP = {
+    0xff1c: "<", // fullwidth <
+    0xff1e: ">", // fullwidth >
+    0x2329: "<", // left-pointing angle bracket
+    0x232a: ">", // right-pointing angle bracket
+    0x3008: "<", // CJK left angle bracket
+    0x3009: ">", // CJK right angle bracket
+    0x2039: "<", // single left-pointing angle quotation mark
+    0x203a: ">", // single right-pointing angle quotation mark
+    0x27e8: "<", // mathematical left angle bracket
+    0x27e9: ">", // mathematical right angle bracket
+    0xfe64: "<", // small less-than sign
+    0xfe65: ">", // small greater-than sign
+};
 function foldMarkerChar(char) {
     const code = char.charCodeAt(0);
     if (code >= 0xff21 && code <= 0xff3a) {
@@ -78,16 +92,14 @@ function foldMarkerChar(char) {
     if (code >= 0xff41 && code <= 0xff5a) {
         return String.fromCharCode(code - FULLWIDTH_ASCII_OFFSET);
     }
-    if (code === FULLWIDTH_LEFT_ANGLE) {
-        return "<";
-    }
-    if (code === FULLWIDTH_RIGHT_ANGLE) {
-        return ">";
+    const bracket = ANGLE_BRACKET_MAP[code];
+    if (bracket) {
+        return bracket;
     }
     return char;
 }
 function foldMarkerText(input) {
-    return input.replace(/[\uFF21-\uFF3A\uFF41-\uFF5A\uFF1C\uFF1E]/g, (char) => foldMarkerChar(char));
+    return input.replace(/[\uFF21-\uFF3A\uFF41-\uFF5A\uFF1C\uFF1E\u2329\u232A\u3008\u3009\u2039\u203A\u27E8\u27E9\uFE64\uFE65]/g, (char) => foldMarkerChar(char));
 }
 function replaceMarkers(content) {
     const folded = foldMarkerText(content);

package/dist/security/fix.js

@@ -1,13 +1,12 @@
 import fs from "node:fs/promises";
 import path from "node:path";
-import JSON5 from "json5";
+import { resolveDefaultAgentId } from "../agents/agent-scope.js";
 import { createConfigIO } from "../config/config.js";
+import { collectIncludePathsRecursive } from "../config/includes-scan.js";
 import { resolveConfigPath, resolveOAuthDir, resolveStateDir } from "../config/paths.js";
-import { resolveDefaultAgentId } from "../agents/agent-scope.js";
-import { INCLUDE_KEY, MAX_INCLUDE_DEPTH } from "../config/includes.js";
-import { normalizeAgentId } from "../routing/session-key.js";
 import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
 import { runExec } from "../process/exec.js";
+import { normalizeAgentId } from "../routing/session-key.js";
 import { createIcaclsResetCommand, formatIcaclsResetCommand } from "./windows-acl.js";
 async function safeChmod(params) {
     try {
@@ -144,11 +143,13 @@ async function safeAclReset(params) {
     }
 }
 function setGroupPolicyAllowlist(params) {
-    if (!params.cfg.channels)
+    if (!params.cfg.channels) {
         return;
+    }
     const section = params.cfg.channels[params.channel];
-    if (!section || typeof section !== "object")
+    if (!section || typeof section !== "object") {
         return;
+    }
     const topPolicy = section.groupPolicy;
     if (topPolicy === "open") {
         section.groupPolicy = "allowlist";
@@ -156,13 +157,16 @@ function setGroupPolicyAllowlist(params) {
         params.policyFlips.add(`channels.${params.channel}.`);
     }
     const accounts = section.accounts;
-    if (!accounts || typeof accounts !== "object")
+    if (!accounts || typeof accounts !== "object") {
         return;
+    }
     for (const [accountId, accountValue] of Object.entries(accounts)) {
-        if (!accountId)
+        if (!accountId) {
             continue;
-        if (!accountValue || typeof accountValue !== "object")
+        }
+        if (!accountValue || typeof accountValue !== "object") {
             continue;
+        }
         const account = accountValue;
         if (account.groupPolicy === "open") {
             account.groupPolicy = "allowlist";
@@ -173,29 +177,36 @@ function setGroupPolicyAllowlist(params) {
 }
 function setWhatsAppGroupAllowFromFromStore(params) {
     const section = params.cfg.channels?.whatsapp;
-    if (!section || typeof section !== "object")
+    if (!section || typeof section !== "object") {
         return;
-    if (params.storeAllowFrom.length === 0)
+    }
+    if (params.storeAllowFrom.length === 0) {
         return;
+    }
     const maybeApply = (prefix, obj) => {
-        if (!params.policyFlips.has(prefix))
+        if (!params.policyFlips.has(prefix)) {
             return;
+        }
         const allowFrom = Array.isArray(obj.allowFrom) ? obj.allowFrom : [];
         const groupAllowFrom = Array.isArray(obj.groupAllowFrom) ? obj.groupAllowFrom : [];
-        if (allowFrom.length > 0)
+        if (allowFrom.length > 0) {
             return;
-        if (groupAllowFrom.length > 0)
+        }
+        if (groupAllowFrom.length > 0) {
             return;
+        }
         obj.groupAllowFrom = params.storeAllowFrom;
         params.changes.push(`${prefix}groupAllowFrom=pairing-store`);
     };
     maybeApply("channels.whatsapp.", section);
     const accounts = section.accounts;
-    if (!accounts || typeof accounts !== "object")
+    if (!accounts || typeof accounts !== "object") {
         return;
+    }
     for (const [accountId, accountValue] of Object.entries(accounts)) {
-        if (!accountValue || typeof accountValue !== "object")
+        if (!accountValue || typeof accountValue !== "object") {
             continue;
+        }
         const account = accountValue;
         maybeApply(`channels.whatsapp.accounts.${accountId}.`, account);
     }
@@ -221,80 +232,17 @@ function applyConfigFixes(params) {
     }
     return { cfg: next, changes, policyFlips };
 }
-function listDirectIncludes(parsed) {
-    const out = [];
-    const visit = (value) => {
-        if (!value)
-            return;
-        if (Array.isArray(value)) {
-            for (const item of value)
-                visit(item);
-            return;
-        }
-        if (typeof value !== "object")
-            return;
-        const rec = value;
-        const includeVal = rec[INCLUDE_KEY];
-        if (typeof includeVal === "string")
-            out.push(includeVal);
-        else if (Array.isArray(includeVal)) {
-            for (const item of includeVal) {
-                if (typeof item === "string")
-                    out.push(item);
-            }
-        }
-        for (const v of Object.values(rec))
-            visit(v);
-    };
-    visit(parsed);
-    return out;
-}
-function resolveIncludePath(baseConfigPath, includePath) {
-    return path.normalize(path.isAbsolute(includePath)
-        ? includePath
-        : path.resolve(path.dirname(baseConfigPath), includePath));
-}
-async function collectIncludePathsRecursive(params) {
-    const visited = new Set();
-    const result = [];
-    const walk = async (basePath, parsed, depth) => {
-        if (depth > MAX_INCLUDE_DEPTH)
-            return;
-        for (const raw of listDirectIncludes(parsed)) {
-            const resolved = resolveIncludePath(basePath, raw);
-            if (visited.has(resolved))
-                continue;
-            visited.add(resolved);
-            result.push(resolved);
-            const rawText = await fs.readFile(resolved, "utf-8").catch(() => null);
-            if (!rawText)
-                continue;
-            const nestedParsed = (() => {
-                try {
-                    return JSON5.parse(rawText);
-                }
-                catch {
-                    return null;
-                }
-            })();
-            if (nestedParsed) {
-                // eslint-disable-next-line no-await-in-loop
-                await walk(resolved, nestedParsed, depth + 1);
-            }
-        }
-    };
-    await walk(params.configPath, params.parsed, 0);
-    return result;
-}
 async function chmodCredentialsAndAgentState(params) {
     const credsDir = resolveOAuthDir(params.env, params.stateDir);
     params.actions.push(await safeChmod({ path: credsDir, mode: 0o700, require: "dir" }));
     const credsEntries = await fs.readdir(credsDir, { withFileTypes: true }).catch(() => []);
     for (const entry of credsEntries) {
-        if (!entry.isFile())
+        if (!entry.isFile()) {
             continue;
-        if (!entry.name.endsWith(".json"))
+        }
+        if (!entry.name.endsWith(".json")) {
             continue;
+        }
         const p = path.join(credsDir, entry.name);
         // eslint-disable-next-line no-await-in-loop
         params.actions.push(await safeChmod({ path: p, mode: 0o600, require: "file" }));
@@ -303,11 +251,13 @@ async function chmodCredentialsAndAgentState(params) {
     ids.add(resolveDefaultAgentId(params.cfg));
     const list = Array.isArray(params.cfg.agents?.list) ? params.cfg.agents?.list : [];
     for (const agent of list ?? []) {
-        if (!agent || typeof agent !== "object")
+        if (!agent || typeof agent !== "object") {
             continue;
+        }
         const id = typeof agent.id === "string" ? agent.id.trim() : "";
-        if (id)
+        if (id) {
             ids.add(id);
+        }
     }
     for (const agentId of ids) {
         const normalizedAgentId = normalizeAgentId(agentId);
@@ -326,6 +276,20 @@ async function chmodCredentialsAndAgentState(params) {
         const storePath = path.join(sessionsDir, "sessions.json");
         // eslint-disable-next-line no-await-in-loop
         params.actions.push(await params.applyPerms({ path: storePath, mode: 0o600, require: "file" }));
+        // Fix permissions on session transcript files (*.jsonl)
+        // eslint-disable-next-line no-await-in-loop
+        const sessionEntries = await fs.readdir(sessionsDir, { withFileTypes: true }).catch(() => []);
+        for (const entry of sessionEntries) {
+            if (!entry.isFile()) {
+                continue;
+            }
+            if (!entry.name.endsWith(".jsonl")) {
+                continue;
+            }
+            const p = path.join(sessionsDir, entry.name);
+            // eslint-disable-next-line no-await-in-loop
+            params.actions.push(await params.applyPerms({ path: p, mode: 0o600, require: "file" }));
+        }
     }
 }
 export async function fixSecurityFootguns(opts) {

package/dist/security/scan-paths.js

@@ -1,3 +1,4 @@
+import fs from "node:fs";
 import path from "node:path";
 export function isPathInside(basePath, candidatePath) {
     const base = path.resolve(basePath);
@@ -5,6 +6,25 @@ export function isPathInside(basePath, candidatePath) {
     const rel = path.relative(base, candidate);
     return rel === "" || (!rel.startsWith(`..${path.sep}`) && rel !== ".." && !path.isAbsolute(rel));
 }
+function safeRealpathSync(filePath) {
+    try {
+        return fs.realpathSync(filePath);
+    }
+    catch {
+        return null;
+    }
+}
+export function isPathInsideWithRealpath(basePath, candidatePath, opts) {
+    if (!isPathInside(basePath, candidatePath)) {
+        return false;
+    }
+    const baseReal = safeRealpathSync(basePath);
+    const candidateReal = safeRealpathSync(candidatePath);
+    if (!baseReal || !candidateReal) {
+        return opts?.requireRealpath !== true;
+    }
+    return isPathInside(baseReal, candidateReal);
+}
 export function extensionUsesSkippedScannerPath(entry) {
     const segments = entry.split(/[\\/]+/).filter(Boolean);
     return segments.some((segment) => segment === "node_modules" ||

package/dist/security/secret-equal.js

@@ -1,12 +1,8 @@
-import { timingSafeEqual } from "node:crypto";
+import { createHash, timingSafeEqual } from "node:crypto";
 export function safeEqualSecret(provided, expected) {
     if (typeof provided !== "string" || typeof expected !== "string") {
         return false;
     }
-    const providedBuffer = Buffer.from(provided);
-    const expectedBuffer = Buffer.from(expected);
-    if (providedBuffer.length !== expectedBuffer.length) {
-        return false;
-    }
-    return timingSafeEqual(providedBuffer, expectedBuffer);
+    const hash = (s) => createHash("sha256").update(s).digest();
+    return timingSafeEqual(hash(provided), hash(expected));
 }

package/dist/security/windows-acl.js

@@ -19,8 +19,9 @@ const TRUSTED_SUFFIXES = ["\\administrators", "\\system"];
 const normalize = (value) => value.trim().toLowerCase();
 export function resolveWindowsUserPrincipal(env) {
     const username = env?.USERNAME?.trim() || os.userInfo().username?.trim();
-    if (!username)
+    if (!username) {
         return null;
+    }
     const domain = env?.USERDOMAIN?.trim();
     return domain ? `${domain}\\${username}` : username;
 }
@@ -31,18 +32,21 @@ function buildTrustedPrincipals(env) {
         trusted.add(normalize(principal));
         const parts = principal.split("\\");
         const userOnly = parts.at(-1);
-        if (userOnly)
+        if (userOnly) {
             trusted.add(normalize(userOnly));
+        }
     }
     return trusted;
 }
 function classifyPrincipal(principal, env) {
     const normalized = normalize(principal);
     const trusted = buildTrustedPrincipals(env);
-    if (trusted.has(normalized) || TRUSTED_SUFFIXES.some((s) => normalized.endsWith(s)))
+    if (trusted.has(normalized) || TRUSTED_SUFFIXES.some((s) => normalized.endsWith(s))) {
         return "trusted";
-    if (WORLD_PRINCIPALS.has(normalized) || WORLD_SUFFIXES.some((s) => normalized.endsWith(s)))
+    }
+    if (WORLD_PRINCIPALS.has(normalized) || WORLD_SUFFIXES.some((s) => normalized.endsWith(s))) {
         return "world";
+    }
     return "group";
 }
 function rightsFromTokens(tokens) {
@@ -59,8 +63,9 @@ export function parseIcaclsOutput(output, targetPath) {
     const quotedLower = quotedTarget.toLowerCase();
     for (const rawLine of output.split(/\r?\n/)) {
         const line = rawLine.trimEnd();
-        if (!line.trim())
+        if (!line.trim()) {
             continue;
+        }
         const trimmed = line.trim();
         const lower = trimmed.toLowerCase();
         if (lower.startsWith("successfully processed") ||
@@ -76,22 +81,26 @@ export function parseIcaclsOutput(output, targetPath) {
         else if (lower.startsWith(quotedLower)) {
             entry = trimmed.slice(quotedTarget.length).trim();
         }
-        if (!entry)
+        if (!entry) {
             continue;
+        }
         const idx = entry.indexOf(":");
-        if (idx === -1)
+        if (idx === -1) {
             continue;
+        }
         const principal = entry.slice(0, idx).trim();
         const rawRights = entry.slice(idx + 1).trim();
         const tokens = rawRights
             .match(/\(([^)]+)\)/g)
             ?.map((token) => token.slice(1, -1).trim())
             .filter(Boolean) ?? [];
-        if (tokens.some((token) => token.toUpperCase() === "DENY"))
+        if (tokens.some((token) => token.toUpperCase() === "DENY")) {
             continue;
+        }
         const rights = tokens.filter((token) => !INHERIT_FLAGS.has(token.toUpperCase()));
-        if (rights.length === 0)
+        if (rights.length === 0) {
             continue;
+        }
         const { canRead, canWrite } = rightsFromTokens(rights);
         entries.push({ principal, rights, rawRights, canRead, canWrite });
     }
@@ -103,12 +112,15 @@ export function summarizeWindowsAcl(entries, env) {
     const untrustedGroup = [];
     for (const entry of entries) {
         const classification = classifyPrincipal(entry.principal, env);
-        if (classification === "trusted")
+        if (classification === "trusted") {
             trusted.push(entry);
-        else if (classification === "world")
+        }
+        else if (classification === "world") {
             untrustedWorld.push(entry);
-        else
+        }
+        else {
             untrustedGroup.push(entry);
+        }
     }
     return { trusted, untrustedWorld, untrustedGroup };
 }
@@ -133,11 +145,13 @@ export async function inspectWindowsAcl(targetPath, opts) {
     }
 }
 export function formatWindowsAclSummary(summary) {
-    if (!summary.ok)
+    if (!summary.ok) {
         return "unknown";
+    }
     const untrusted = [...summary.untrustedWorld, ...summary.untrustedGroup];
-    if (untrusted.length === 0)
+    if (untrusted.length === 0) {
         return "trusted-only";
+    }
     return untrusted.map((entry) => `${entry.principal}:${entry.rawRights}`).join(", ");
 }
 export function formatIcaclsResetCommand(targetPath, opts) {
@@ -147,8 +161,9 @@ export function formatIcaclsResetCommand(targetPath, opts) {
 }
 export function createIcaclsResetCommand(targetPath, opts) {
     const user = resolveWindowsUserPrincipal(opts.env);
-    if (!user)
+    if (!user) {
         return null;
+    }
     const grant = opts.isDir ? "(OI)(CI)F" : "F";
     const args = [
         targetPath,

package/dist/shared/node-list-parse.js

@@ -0,0 +1,13 @@
+function asRecord(value) {
+    return typeof value === "object" && value !== null ? value : {};
+}
+export function parsePairingList(value) {
+    const obj = asRecord(value);
+    const pending = Array.isArray(obj.pending) ? obj.pending : [];
+    const paired = Array.isArray(obj.paired) ? obj.paired : [];
+    return { pending, paired };
+}
+export function parseNodeList(value) {
+    const obj = asRecord(value);
+    return Array.isArray(obj.nodes) ? obj.nodes : [];
+}

package/dist/shared/operator-scope-compat.js

@@ -0,0 +1,37 @@
+const OPERATOR_ROLE = "operator";
+const OPERATOR_ADMIN_SCOPE = "operator.admin";
+const OPERATOR_READ_SCOPE = "operator.read";
+const OPERATOR_WRITE_SCOPE = "operator.write";
+function normalizeScopeList(scopes) {
+    const out = new Set();
+    for (const scope of scopes) {
+        const trimmed = scope.trim();
+        if (trimmed) {
+            out.add(trimmed);
+        }
+    }
+    return [...out];
+}
+function operatorScopeSatisfied(requestedScope, granted) {
+    if (requestedScope === OPERATOR_READ_SCOPE) {
+        return (granted.has(OPERATOR_READ_SCOPE) ||
+            granted.has(OPERATOR_WRITE_SCOPE) ||
+            granted.has(OPERATOR_ADMIN_SCOPE));
+    }
+    return granted.has(requestedScope);
+}
+export function roleScopesAllow(params) {
+    const requested = normalizeScopeList(params.requestedScopes);
+    if (requested.length === 0) {
+        return true;
+    }
+    const allowed = normalizeScopeList(params.allowedScopes);
+    if (allowed.length === 0) {
+        return false;
+    }
+    const allowedSet = new Set(allowed);
+    if (params.role.trim() !== OPERATOR_ROLE) {
+        return requested.every((scope) => allowedSet.has(scope));
+    }
+    return requested.every((scope) => operatorScopeSatisfied(scope, allowedSet));
+}

package/dist/shared/text-chunking.js

@@ -0,0 +1,29 @@
+export function chunkTextByBreakResolver(text, limit, resolveBreakIndex) {
+    if (!text) {
+        return [];
+    }
+    if (limit <= 0 || text.length <= limit) {
+        return [text];
+    }
+    const chunks = [];
+    let remaining = text;
+    while (remaining.length > limit) {
+        const window = remaining.slice(0, limit);
+        const candidateBreak = resolveBreakIndex(window);
+        const breakIdx = Number.isFinite(candidateBreak) && candidateBreak > 0 && candidateBreak <= limit
+            ? candidateBreak
+            : limit;
+        const rawChunk = remaining.slice(0, breakIdx);
+        const chunk = rawChunk.trimEnd();
+        if (chunk.length > 0) {
+            chunks.push(chunk);
+        }
+        const brokeOnSeparator = breakIdx < remaining.length && /\s/.test(remaining[breakIdx]);
+        const nextStart = Math.min(remaining.length, breakIdx + (brokeOnSeparator ? 1 : 0));
+        remaining = remaining.slice(nextStart).trimStart();
+    }
+    if (remaining.length) {
+        chunks.push(remaining);
+    }
+    return chunks;
+}

package/dist/slack/blocks.test-helpers.js

@@ -0,0 +1,31 @@
+import { vi } from "vitest";
+export function installSlackBlockTestMocks() {
+    vi.mock("../config/config.js", () => ({
+        loadConfig: () => ({}),
+    }));
+    vi.mock("./accounts.js", () => ({
+        resolveSlackAccount: () => ({
+            accountId: "default",
+            botToken: "xoxb-test",
+            botTokenSource: "config",
+            config: {},
+        }),
+    }));
+}
+export function createSlackEditTestClient() {
+    return {
+        chat: {
+            update: vi.fn(async () => ({ ok: true })),
+        },
+    };
+}
+export function createSlackSendTestClient() {
+    return {
+        conversations: {
+            open: vi.fn(async () => ({ channel: { id: "D123" } })),
+        },
+        chat: {
+            postMessage: vi.fn(async () => ({ ts: "171234.567" })),
+        },
+    };
+}

package/dist/slack/monitor/mrkdwn.js

@@ -0,0 +1,8 @@
+export function escapeSlackMrkdwn(value) {
+    return value
+        .replaceAll("\\", "\\\\")
+        .replaceAll("&", "&")
+        .replaceAll("<", "&lt;")
+        .replaceAll(">", "&gt;")
+        .replace(/([*_`~])/g, "\\$1");
+}