@poolzin/pool-bot 2026.2.24 → 2026.2.25

package/dist/config/validation.js

@@ -4,6 +4,7 @@ import { CHANNEL_IDS, normalizeChatChannelId } from "../channels/registry.js";
 import { normalizePluginsConfig, resolveEnableState, resolveMemorySlotDecision, } from "../plugins/config-state.js";
 import { loadPluginManifestRegistry } from "../plugins/manifest-registry.js";
 import { validateJsonSchemaValue } from "../plugins/schema-validator.js";
+import { isRecord } from "../utils.js";
 import { findDuplicateAgentDirs, formatDuplicateAgentDirError } from "./agent-dirs.js";
 import { applyAgentDefaults, applyModelDefaults, applySessionDefaults } from "./defaults.js";
 import { findLegacyConfigIssues } from "./legacy.js";
@@ -16,28 +17,35 @@ function isWorkspaceAvatarPath(value, workspaceDir) {
     const workspaceRoot = path.resolve(workspaceDir);
     const resolved = path.resolve(workspaceRoot, value);
     const relative = path.relative(workspaceRoot, resolved);
-    if (relative === "")
+    if (relative === "") {
         return true;
-    if (relative.startsWith(".."))
+    }
+    if (relative.startsWith("..")) {
         return false;
+    }
     return !path.isAbsolute(relative);
 }
 function validateIdentityAvatar(config) {
     const agents = config.agents?.list;
-    if (!Array.isArray(agents) || agents.length === 0)
+    if (!Array.isArray(agents) || agents.length === 0) {
         return [];
+    }
     const issues = [];
     for (const [index, entry] of agents.entries()) {
-        if (!entry || typeof entry !== "object")
+        if (!entry || typeof entry !== "object") {
             continue;
+        }
         const avatarRaw = entry.identity?.avatar;
-        if (typeof avatarRaw !== "string")
+        if (typeof avatarRaw !== "string") {
             continue;
+        }
         const avatar = avatarRaw.trim();
-        if (!avatar)
+        if (!avatar) {
             continue;
-        if (AVATAR_DATA_RE.test(avatar) || AVATAR_HTTP_RE.test(avatar))
+        }
+        if (AVATAR_DATA_RE.test(avatar) || AVATAR_HTTP_RE.test(avatar)) {
             continue;
+        }
         if (avatar.startsWith("~")) {
             issues.push({
                 path: `agents.list.${index}.identity.avatar`,
@@ -63,7 +71,11 @@ function validateIdentityAvatar(config) {
     }
     return issues;
 }
-export function validateConfigObject(raw) {
+/**
+ * Validates config without applying runtime defaults.
+ * Use this when you need the raw validated config (e.g., for writing back to file).
+ */
+export function validateConfigObjectRaw(raw) {
     const legacyIssues = findLegacyConfigIssues(raw);
     if (legacyIssues.length > 0) {
         return {
@@ -102,42 +114,136 @@ export function validateConfigObject(raw) {
     }
     return {
         ok: true,
-        config: applyModelDefaults(applyAgentDefaults(applySessionDefaults(validated.data))),
+        config: validated.data,
     };
 }
-function isRecord(value) {
-    return Boolean(value && typeof value === "object" && !Array.isArray(value));
+export function validateConfigObject(raw) {
+    const result = validateConfigObjectRaw(raw);
+    if (!result.ok) {
+        return result;
+    }
+    return {
+        ok: true,
+        config: applyModelDefaults(applyAgentDefaults(applySessionDefaults(result.config))),
+    };
 }
 export function validateConfigObjectWithPlugins(raw) {
-    const base = validateConfigObject(raw);
+    return validateConfigObjectWithPluginsBase(raw, { applyDefaults: true });
+}
+export function validateConfigObjectRawWithPlugins(raw) {
+    return validateConfigObjectWithPluginsBase(raw, { applyDefaults: false });
+}
+function validateConfigObjectWithPluginsBase(raw, opts) {
+    const base = opts.applyDefaults ? validateConfigObject(raw) : validateConfigObjectRaw(raw);
     if (!base.ok) {
         return { ok: false, issues: base.issues, warnings: [] };
     }
     const config = base.config;
     const issues = [];
     const warnings = [];
-    const pluginsConfig = config.plugins;
-    const normalizedPlugins = normalizePluginsConfig(pluginsConfig);
-    const workspaceDir = resolveAgentWorkspaceDir(config, resolveDefaultAgentId(config));
-    const registry = loadPluginManifestRegistry({
-        config,
-        workspaceDir: workspaceDir ?? undefined,
-    });
-    const knownIds = new Set(registry.plugins.map((record) => record.id));
-    for (const diag of registry.diagnostics) {
-        let path = diag.pluginId ? `plugins.entries.${diag.pluginId}` : "plugins";
-        if (!diag.pluginId && diag.message.includes("plugin path not found")) {
-            path = "plugins.load.paths";
+    const hasExplicitPluginsConfig = isRecord(raw) && Object.prototype.hasOwnProperty.call(raw, "plugins");
+    let registryInfo = null;
+    const ensureRegistry = () => {
+        if (registryInfo) {
+            return registryInfo;
+        }
+        const workspaceDir = resolveAgentWorkspaceDir(config, resolveDefaultAgentId(config));
+        const registry = loadPluginManifestRegistry({
+            config,
+            workspaceDir: workspaceDir ?? undefined,
+        });
+        const knownIds = new Set(registry.plugins.map((record) => record.id));
+        const normalizedPlugins = normalizePluginsConfig(config.plugins);
+        for (const diag of registry.diagnostics) {
+            let path = diag.pluginId ? `plugins.entries.${diag.pluginId}` : "plugins";
+            if (!diag.pluginId && diag.message.includes("plugin path not found")) {
+                path = "plugins.load.paths";
+            }
+            const pluginLabel = diag.pluginId ? `plugin ${diag.pluginId}` : "plugin";
+            const message = `${pluginLabel}: ${diag.message}`;
+            if (diag.level === "error") {
+                issues.push({ path, message });
+            }
+            else {
+                warnings.push({ path, message });
+            }
+        }
+        registryInfo = { registry, knownIds, normalizedPlugins };
+        return registryInfo;
+    };
+    const allowedChannels = new Set(["defaults", ...CHANNEL_IDS]);
+    if (config.channels && isRecord(config.channels)) {
+        for (const key of Object.keys(config.channels)) {
+            const trimmed = key.trim();
+            if (!trimmed) {
+                continue;
+            }
+            if (!allowedChannels.has(trimmed)) {
+                const { registry } = ensureRegistry();
+                for (const record of registry.plugins) {
+                    for (const channelId of record.channels) {
+                        allowedChannels.add(channelId);
+                    }
+                }
+            }
+            if (!allowedChannels.has(trimmed)) {
+                issues.push({
+                    path: `channels.${trimmed}`,
+                    message: `unknown channel id: ${trimmed}`,
+                });
+            }
+        }
+    }
+    const heartbeatChannelIds = new Set();
+    for (const channelId of CHANNEL_IDS) {
+        heartbeatChannelIds.add(channelId.toLowerCase());
+    }
+    const validateHeartbeatTarget = (target, path) => {
+        if (typeof target !== "string") {
+            return;
+        }
+        const trimmed = target.trim();
+        if (!trimmed) {
+            issues.push({ path, message: "heartbeat target must not be empty" });
+            return;
+        }
+        const normalized = trimmed.toLowerCase();
+        if (normalized === "last" || normalized === "none") {
+            return;
+        }
+        if (normalizeChatChannelId(trimmed)) {
+            return;
         }
-        const pluginLabel = diag.pluginId ? `plugin ${diag.pluginId}` : "plugin";
-        const message = `${pluginLabel}: ${diag.message}`;
-        if (diag.level === "error") {
-            issues.push({ path, message });
+        if (!heartbeatChannelIds.has(normalized)) {
+            const { registry } = ensureRegistry();
+            for (const record of registry.plugins) {
+                for (const channelId of record.channels) {
+                    const pluginChannel = channelId.trim();
+                    if (pluginChannel) {
+                        heartbeatChannelIds.add(pluginChannel.toLowerCase());
+                    }
+                }
+            }
         }
-        else {
-            warnings.push({ path, message });
+        if (heartbeatChannelIds.has(normalized)) {
+            return;
+        }
+        issues.push({ path, message: `unknown heartbeat target: ${target}` });
+    };
+    validateHeartbeatTarget(config.agents?.defaults?.heartbeat?.target, "agents.defaults.heartbeat.target");
+    if (Array.isArray(config.agents?.list)) {
+        for (const [index, entry] of config.agents.list.entries()) {
+            validateHeartbeatTarget(entry?.heartbeat?.target, `agents.list.${index}.heartbeat.target`);
         }
     }
+    if (!hasExplicitPluginsConfig) {
+        if (issues.length > 0) {
+            return { ok: false, issues, warnings };
+        }
+        return { ok: true, config, warnings };
+    }
+    const { registry, knownIds, normalizedPlugins } = ensureRegistry();
+    const pluginsConfig = config.plugins;
     const entries = pluginsConfig?.entries;
     if (entries && isRecord(entries)) {
         for (const pluginId of Object.keys(entries)) {
@@ -151,8 +257,9 @@ export function validateConfigObjectWithPlugins(raw) {
     }
     const allow = pluginsConfig?.allow ?? [];
     for (const pluginId of allow) {
-        if (typeof pluginId !== "string" || !pluginId.trim())
+        if (typeof pluginId !== "string" || !pluginId.trim()) {
             continue;
+        }
         if (!knownIds.has(pluginId)) {
             issues.push({
                 path: "plugins.allow",
@@ -162,8 +269,9 @@ export function validateConfigObjectWithPlugins(raw) {
     }
     const deny = pluginsConfig?.deny ?? [];
     for (const pluginId of deny) {
-        if (typeof pluginId !== "string" || !pluginId.trim())
+        if (typeof pluginId !== "string" || !pluginId.trim()) {
             continue;
+        }
         if (!knownIds.has(pluginId)) {
             issues.push({
                 path: "plugins.deny",
@@ -178,59 +286,6 @@ export function validateConfigObjectWithPlugins(raw) {
             message: `plugin not found: ${memorySlot}`,
         });
     }
-    const allowedChannels = new Set(["defaults", ...CHANNEL_IDS]);
-    for (const record of registry.plugins) {
-        for (const channelId of record.channels) {
-            allowedChannels.add(channelId);
-        }
-    }
-    if (config.channels && isRecord(config.channels)) {
-        for (const key of Object.keys(config.channels)) {
-            const trimmed = key.trim();
-            if (!trimmed)
-                continue;
-            if (!allowedChannels.has(trimmed)) {
-                issues.push({
-                    path: `channels.${trimmed}`,
-                    message: `unknown channel id: ${trimmed}`,
-                });
-            }
-        }
-    }
-    const heartbeatChannelIds = new Set();
-    for (const channelId of CHANNEL_IDS) {
-        heartbeatChannelIds.add(channelId.toLowerCase());
-    }
-    for (const record of registry.plugins) {
-        for (const channelId of record.channels) {
-            const trimmed = channelId.trim();
-            if (trimmed)
-                heartbeatChannelIds.add(trimmed.toLowerCase());
-        }
-    }
-    const validateHeartbeatTarget = (target, path) => {
-        if (typeof target !== "string")
-            return;
-        const trimmed = target.trim();
-        if (!trimmed) {
-            issues.push({ path, message: "heartbeat target must not be empty" });
-            return;
-        }
-        const normalized = trimmed.toLowerCase();
-        if (normalized === "last" || normalized === "none")
-            return;
-        if (normalizeChatChannelId(trimmed))
-            return;
-        if (heartbeatChannelIds.has(normalized))
-            return;
-        issues.push({ path, message: `unknown heartbeat target: ${target}` });
-    };
-    validateHeartbeatTarget(config.agents?.defaults?.heartbeat?.target, "agents.defaults.heartbeat.target");
-    if (Array.isArray(config.agents?.list)) {
-        for (const [index, entry] of config.agents.list.entries()) {
-            validateHeartbeatTarget(entry?.heartbeat?.target, `agents.list.${index}.heartbeat.target`);
-        }
-    }
     let selectedMemoryPluginId = null;
     const seenPlugins = new Set();
     for (const record of registry.plugins) {

package/dist/config/zod-schema.hooks.js

@@ -1,4 +1,33 @@
+import path from "node:path";
 import { z } from "zod";
+import { InstallRecordShape } from "./zod-schema.installs.js";
+import { sensitive } from "./zod-schema.sensitive.js";
+function isSafeRelativeModulePath(raw) {
+    const value = raw.trim();
+    if (!value) {
+        return false;
+    }
+    // Hook modules are loaded via file-path resolution + dynamic import().
+    // Keep this strictly relative to a configured base dir to avoid path traversal and surprises.
+    if (path.isAbsolute(value)) {
+        return false;
+    }
+    if (value.startsWith("~")) {
+        return false;
+    }
+    // Disallow URL-ish and drive-relative forms (e.g. "file:...", "C:foo").
+    if (value.includes(":")) {
+        return false;
+    }
+    const parts = value.split(/[\\/]+/g);
+    if (parts.some((part) => part === "..")) {
+        return false;
+    }
+    return true;
+}
+const SafeRelativeModulePathSchema = z
+    .string()
+    .refine(isSafeRelativeModulePath, "module must be a safe relative path (no absolute paths)");
 export const HookMappingSchema = z
     .object({
     id: z.string().optional(),
@@ -11,7 +40,8 @@ export const HookMappingSchema = z
     action: z.union([z.literal("wake"), z.literal("agent")]).optional(),
     wakeMode: z.union([z.literal("now"), z.literal("next-heartbeat")]).optional(),
     name: z.string().optional(),
-    sessionKey: z.string().optional(),
+    agentId: z.string().optional(),
+    sessionKey: z.string().optional().register(sensitive),
     messageTemplate: z.string().optional(),
     textTemplate: z.string().optional(),
     deliver: z.boolean().optional(),
@@ -22,6 +52,7 @@ export const HookMappingSchema = z
         z.literal("whatsapp"),
         z.literal("telegram"),
         z.literal("discord"),
+        z.literal("irc"),
         z.literal("slack"),
         z.literal("signal"),
         z.literal("imessage"),
@@ -34,7 +65,7 @@ export const HookMappingSchema = z
     timeoutSeconds: z.number().int().positive().optional(),
     transform: z
         .object({
-        module: z.string(),
+        module: SafeRelativeModulePathSchema,
         export: z.string().optional(),
     })
         .strict()
@@ -45,7 +76,7 @@ export const HookMappingSchema = z
 export const InternalHookHandlerSchema = z
     .object({
     event: z.string(),
-    module: z.string(),
+    module: SafeRelativeModulePathSchema,
     export: z.string().optional(),
 })
     .strict();
@@ -54,15 +85,13 @@ const HookConfigSchema = z
     enabled: z.boolean().optional(),
     env: z.record(z.string(), z.string()).optional(),
 })
-    .strict();
+    // Hook configs are intentionally open-ended (handlers can define their own keys).
+    // Keep enabled/env typed, but allow additional per-hook keys without marking the
+    // whole config invalid (which triggers doctor/best-effort loads).
+    .passthrough();
 const HookInstallRecordSchema = z
     .object({
-    source: z.union([z.literal("npm"), z.literal("archive"), z.literal("path")]),
-    spec: z.string().optional(),
-    sourcePath: z.string().optional(),
-    installPath: z.string().optional(),
-    version: z.string().optional(),
-    installedAt: z.string().optional(),
+    ...InstallRecordShape,
     hooks: z.array(z.string()).optional(),
 })
     .strict();
@@ -87,7 +116,7 @@ export const HooksGmailSchema = z
     label: z.string().optional(),
     topic: z.string().optional(),
     subscription: z.string().optional(),
-    pushToken: z.string().optional(),
+    pushToken: z.string().optional().register(sensitive),
     hookUrl: z.string().optional(),
     includeBody: z.boolean().optional(),
     maxBytes: z.number().int().positive().optional(),

package/dist/config/zod-schema.installs.js

@@ -0,0 +1,20 @@
+import { z } from "zod";
+export const InstallSourceSchema = z.union([
+    z.literal("npm"),
+    z.literal("archive"),
+    z.literal("path"),
+]);
+export const InstallRecordShape = {
+    source: InstallSourceSchema,
+    spec: z.string().optional(),
+    sourcePath: z.string().optional(),
+    installPath: z.string().optional(),
+    version: z.string().optional(),
+    resolvedName: z.string().optional(),
+    resolvedVersion: z.string().optional(),
+    resolvedSpec: z.string().optional(),
+    integrity: z.string().optional(),
+    shasum: z.string().optional(),
+    resolvedAt: z.string().optional(),
+    installedAt: z.string().optional(),
+};

package/dist/config/zod-schema.js

@@ -6,6 +6,7 @@ import { HexColorSchema, ModelsConfigSchema } from "./zod-schema.core.js";
 import { HookMappingSchema, HooksGmailSchema, InternalHooksSchema } from "./zod-schema.hooks.js";
 import { ChannelsSchema } from "./zod-schema.providers.js";
 import { CommandsSchema, MessagesSchema, SessionSchema } from "./zod-schema.session.js";
+import { sensitive } from "./zod-schema.sensitive.js";
 const BrowserSnapshotDefaultsSchema = z
     .object({
     mode: z.literal("efficient").optional(),
@@ -226,7 +227,7 @@ export const PoolBotSchema = z
         .object({
         enabled: z.boolean().optional(),
         path: z.string().optional(),
-        token: z.string().optional(),
+        token: z.string().optional().register(sensitive),
         maxBodyBytes: z.number().int().positive().optional(),
         presets: z.array(z.string()).optional(),
         transformsDir: z.string().optional(),
@@ -286,7 +287,7 @@ export const PoolBotSchema = z
         voiceAliases: z.record(z.string(), z.string()).optional(),
         modelId: z.string().optional(),
         outputFormat: z.string().optional(),
-        apiKey: z.string().optional(),
+        apiKey: z.string().optional().register(sensitive),
         interruptOnSpeech: z.boolean().optional(),
     })
         .strict()
@@ -316,8 +317,8 @@ export const PoolBotSchema = z
         auth: z
             .object({
             mode: z.union([z.literal("token"), z.literal("password")]).optional(),
-            token: z.string().optional(),
-            password: z.string().optional(),
+            token: z.string().optional().register(sensitive),
+            password: z.string().optional().register(sensitive),
             allowTailscale: z.boolean().optional(),
         })
             .strict()
@@ -334,8 +335,8 @@ export const PoolBotSchema = z
             .object({
             url: z.string().optional(),
             transport: z.union([z.literal("ssh"), z.literal("direct")]).optional(),
-            token: z.string().optional(),
-            password: z.string().optional(),
+            token: z.string().optional().register(sensitive),
+            password: z.string().optional().register(sensitive),
             tlsFingerprint: z.string().optional(),
             sshTarget: z.string().optional(),
             sshIdentity: z.string().optional(),
@@ -460,7 +461,7 @@ export const PoolBotSchema = z
             .record(z.string(), z
             .object({
             enabled: z.boolean().optional(),
-            apiKey: z.string().optional(),
+            apiKey: z.string().optional().register(sensitive),
             env: z.record(z.string(), z.string()).optional(),
             config: z.record(z.string(), z.unknown()).optional(),
         })

package/dist/daemon/cmd-argv.js

@@ -0,0 +1,21 @@
+import { splitArgsPreservingQuotes } from "./arg-split.js";
+import { assertNoCmdLineBreak } from "./cmd-set.js";
+export function quoteCmdScriptArg(value) {
+    assertNoCmdLineBreak(value, "Command argument");
+    if (!value) {
+        return '""';
+    }
+    const escaped = value.replace(/"/g, '\\"').replace(/%/g, "%%").replace(/!/g, "^!");
+    if (!/[ \t"&|<>^()%!]/g.test(value)) {
+        return escaped;
+    }
+    return `"${escaped}"`;
+}
+export function unescapeCmdScriptArg(value) {
+    return value.replace(/\^!/g, "!").replace(/%%/g, "%");
+}
+export function parseCmdScriptCommandLine(value) {
+    // Script renderer escapes quotes (`\"`) and cmd expansions (`%%`, `^!`).
+    // Keep all other backslashes literal so Windows drive/UNC paths survive.
+    return splitArgsPreservingQuotes(value, { escapeMode: "backslash-quote-only" }).map(unescapeCmdScriptArg);
+}

package/dist/daemon/cmd-set.js

@@ -0,0 +1,58 @@
+export function assertNoCmdLineBreak(value, field) {
+    if (/[\r\n]/.test(value)) {
+        throw new Error(`${field} cannot contain CR or LF in Windows task scripts.`);
+    }
+}
+function escapeCmdSetAssignmentComponent(value) {
+    return value.replace(/\^/g, "^^").replace(/%/g, "%%").replace(/!/g, "^!").replace(/"/g, '^"');
+}
+function unescapeCmdSetAssignmentComponent(value) {
+    let out = "";
+    for (let i = 0; i < value.length; i += 1) {
+        const ch = value[i];
+        const next = value[i + 1];
+        if (ch === "^" && (next === "^" || next === '"' || next === "!")) {
+            out += next;
+            i += 1;
+            continue;
+        }
+        if (ch === "%" && next === "%") {
+            out += "%";
+            i += 1;
+            continue;
+        }
+        out += ch;
+    }
+    return out;
+}
+export function parseCmdSetAssignment(line) {
+    const raw = line.trim();
+    if (!raw) {
+        return null;
+    }
+    const quoted = raw.startsWith('"') && raw.endsWith('"') && raw.length >= 2;
+    const assignment = quoted ? raw.slice(1, -1) : raw;
+    const index = assignment.indexOf("=");
+    if (index <= 0) {
+        return null;
+    }
+    const key = assignment.slice(0, index).trim();
+    const value = assignment.slice(index + 1).trim();
+    if (!key) {
+        return null;
+    }
+    if (!quoted) {
+        return { key, value };
+    }
+    return {
+        key: unescapeCmdSetAssignmentComponent(key),
+        value: unescapeCmdSetAssignmentComponent(value),
+    };
+}
+export function renderCmdSetAssignment(key, value) {
+    assertNoCmdLineBreak(key, "Environment variable name");
+    assertNoCmdLineBreak(value, "Environment variable value");
+    const escapedKey = escapeCmdSetAssignmentComponent(key);
+    const escapedValue = escapeCmdSetAssignmentComponent(value);
+    return `set "${escapedKey}=${escapedValue}"`;
+}

package/dist/daemon/service-types.js

@@ -0,0 +1 @@
+export {};