@poolzin/pool-bot 2026.2.24 → 2026.2.26

package/dist/security/dm-policy-shared.js

@@ -0,0 +1,68 @@
+import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
+import { normalizeStringEntries } from "../shared/string-normalization.js";
+export function resolveEffectiveAllowFromLists(params) {
+    const configAllowFrom = normalizeStringEntries(Array.isArray(params.allowFrom) ? params.allowFrom : undefined);
+    const configGroupAllowFrom = normalizeStringEntries(Array.isArray(params.groupAllowFrom) ? params.groupAllowFrom : undefined);
+    const storeAllowFrom = params.dmPolicy === "allowlist"
+        ? []
+        : normalizeStringEntries(Array.isArray(params.storeAllowFrom) ? params.storeAllowFrom : undefined);
+    const effectiveAllowFrom = normalizeStringEntries([...configAllowFrom, ...storeAllowFrom]);
+    const groupBase = configGroupAllowFrom.length > 0 ? configGroupAllowFrom : configAllowFrom;
+    const effectiveGroupAllowFrom = normalizeStringEntries([...groupBase, ...storeAllowFrom]);
+    return { effectiveAllowFrom, effectiveGroupAllowFrom };
+}
+export function resolveDmGroupAccessDecision(params) {
+    const dmPolicy = params.dmPolicy ?? "pairing";
+    const groupPolicy = params.groupPolicy ?? "allowlist";
+    const effectiveAllowFrom = normalizeStringEntries(params.effectiveAllowFrom);
+    const effectiveGroupAllowFrom = normalizeStringEntries(params.effectiveGroupAllowFrom);
+    if (params.isGroup) {
+        if (groupPolicy === "disabled") {
+            return { decision: "block", reason: "groupPolicy=disabled" };
+        }
+        if (groupPolicy === "allowlist") {
+            if (effectiveGroupAllowFrom.length === 0) {
+                return { decision: "block", reason: "groupPolicy=allowlist (empty allowlist)" };
+            }
+            if (!params.isSenderAllowed(effectiveGroupAllowFrom)) {
+                return { decision: "block", reason: "groupPolicy=allowlist (not allowlisted)" };
+            }
+        }
+        return { decision: "allow", reason: `groupPolicy=${groupPolicy}` };
+    }
+    if (dmPolicy === "disabled") {
+        return { decision: "block", reason: "dmPolicy=disabled" };
+    }
+    if (dmPolicy === "open") {
+        return { decision: "allow", reason: "dmPolicy=open" };
+    }
+    if (params.isSenderAllowed(effectiveAllowFrom)) {
+        return { decision: "allow", reason: `dmPolicy=${dmPolicy} (allowlisted)` };
+    }
+    if (dmPolicy === "pairing") {
+        return { decision: "pairing", reason: "dmPolicy=pairing (not allowlisted)" };
+    }
+    return { decision: "block", reason: `dmPolicy=${dmPolicy} (not allowlisted)` };
+}
+export async function resolveDmAllowState(params) {
+    const configAllowFrom = normalizeStringEntries(Array.isArray(params.allowFrom) ? params.allowFrom : undefined);
+    const hasWildcard = configAllowFrom.includes("*");
+    const storeAllowFrom = await (params.readStore ?? readChannelAllowFromStore)(params.provider).catch(() => []);
+    const normalizeEntry = params.normalizeEntry ?? ((value) => value);
+    const normalizedCfg = configAllowFrom
+        .filter((value) => value !== "*")
+        .map((value) => normalizeEntry(value))
+        .map((value) => value.trim())
+        .filter(Boolean);
+    const normalizedStore = storeAllowFrom
+        .map((value) => normalizeEntry(value))
+        .map((value) => value.trim())
+        .filter(Boolean);
+    const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+    return {
+        configAllowFrom,
+        hasWildcard,
+        allowCount,
+        isMultiUserDm: hasWildcard || allowCount > 1,
+    };
+}

package/dist/security/external-content.js

@@ -1,3 +1,4 @@
+import { randomBytes } from "node:crypto";
 /**
  * Security utilities for handling untrusted external content.
  *
@@ -40,9 +41,20 @@ export function detectSuspiciousPatterns(content) {
 /**
  * Unique boundary markers for external content.
  * Using XML-style tags that are unlikely to appear in legitimate content.
+ * Each wrapper gets a unique random ID to prevent spoofing attacks where
+ * malicious content injects fake boundary markers.
  */
-const EXTERNAL_CONTENT_START = "<<<EXTERNAL_UNTRUSTED_CONTENT>>>";
-const EXTERNAL_CONTENT_END = "<<<END_EXTERNAL_UNTRUSTED_CONTENT>>>";
+const EXTERNAL_CONTENT_START_NAME = "EXTERNAL_UNTRUSTED_CONTENT";
+const EXTERNAL_CONTENT_END_NAME = "END_EXTERNAL_UNTRUSTED_CONTENT";
+function createExternalContentMarkerId() {
+    return randomBytes(8).toString("hex");
+}
+function createExternalContentStartMarker(id) {
+    return `<<<${EXTERNAL_CONTENT_START_NAME} id="${id}">>>`;
+}
+function createExternalContentEndMarker(id) {
+    return `<<<${EXTERNAL_CONTENT_END_NAME} id="${id}">>>`;
+}
 /**
  * Security warning prepended to external content.
  */
@@ -62,14 +74,28 @@ const EXTERNAL_SOURCE_LABELS = {
     email: "Email",
     webhook: "Webhook",
     api: "API",
+    browser: "Browser",
     channel_metadata: "Channel metadata",
     web_search: "Web Search",
     web_fetch: "Web Fetch",
     unknown: "External",
 };
 const FULLWIDTH_ASCII_OFFSET = 0xfee0;
-const FULLWIDTH_LEFT_ANGLE = 0xff1c;
-const FULLWIDTH_RIGHT_ANGLE = 0xff1e;
+// Map of Unicode angle bracket homoglyphs to their ASCII equivalents.
+const ANGLE_BRACKET_MAP = {
+    0xff1c: "<", // fullwidth <
+    0xff1e: ">", // fullwidth >
+    0x2329: "<", // left-pointing angle bracket
+    0x232a: ">", // right-pointing angle bracket
+    0x3008: "<", // CJK left angle bracket
+    0x3009: ">", // CJK right angle bracket
+    0x2039: "<", // single left-pointing angle quotation mark
+    0x203a: ">", // single right-pointing angle quotation mark
+    0x27e8: "<", // mathematical left angle bracket
+    0x27e9: ">", // mathematical right angle bracket
+    0xfe64: "<", // small less-than sign
+    0xfe65: ">", // small greater-than sign
+};
 function foldMarkerChar(char) {
     const code = char.charCodeAt(0);
     if (code >= 0xff21 && code <= 0xff3a) {
@@ -78,16 +104,14 @@ function foldMarkerChar(char) {
     if (code >= 0xff41 && code <= 0xff5a) {
         return String.fromCharCode(code - FULLWIDTH_ASCII_OFFSET);
     }
-    if (code === FULLWIDTH_LEFT_ANGLE) {
-        return "<";
-    }
-    if (code === FULLWIDTH_RIGHT_ANGLE) {
-        return ">";
+    const bracket = ANGLE_BRACKET_MAP[code];
+    if (bracket) {
+        return bracket;
     }
     return char;
 }
 function foldMarkerText(input) {
-    return input.replace(/[\uFF21-\uFF3A\uFF41-\uFF5A\uFF1C\uFF1E]/g, (char) => foldMarkerChar(char));
+    return input.replace(/[\uFF21-\uFF3A\uFF41-\uFF5A\uFF1C\uFF1E\u2329\u232A\u3008\u3009\u2039\u203A\u27E8\u27E9\uFE64\uFE65]/g, (char) => foldMarkerChar(char));
 }
 function replaceMarkers(content) {
     const folded = foldMarkerText(content);
@@ -95,9 +119,16 @@ function replaceMarkers(content) {
         return content;
     }
     const replacements = [];
+    // Match markers with or without id attribute (handles both legacy and spoofed markers)
     const patterns = [
-        { regex: /<<<EXTERNAL_UNTRUSTED_CONTENT>>>/gi, value: "[[MARKER_SANITIZED]]" },
-        { regex: /<<<END_EXTERNAL_UNTRUSTED_CONTENT>>>/gi, value: "[[END_MARKER_SANITIZED]]" },
+        {
+            regex: /<<<EXTERNAL_UNTRUSTED_CONTENT(?:\s+id="[^"]{1,128}")?\s*>>>/gi,
+            value: "[[MARKER_SANITIZED]]",
+        },
+        {
+            regex: /<<<END_EXTERNAL_UNTRUSTED_CONTENT(?:\s+id="[^"]{1,128}")?\s*>>>/gi,
+            value: "[[END_MARKER_SANITIZED]]",
+        },
     ];
     for (const pattern of patterns) {
         pattern.regex.lastIndex = 0;
@@ -156,13 +187,14 @@ export function wrapExternalContent(content, options) {
     }
     const metadata = metadataLines.join("\n");
     const warningBlock = includeWarning ? `${EXTERNAL_CONTENT_WARNING}\n\n` : "";
+    const markerId = createExternalContentMarkerId();
     return [
         warningBlock,
-        EXTERNAL_CONTENT_START,
+        createExternalContentStartMarker(markerId),
         metadata,
         "---",
         sanitized,
-        EXTERNAL_CONTENT_END,
+        createExternalContentEndMarker(markerId),
     ].join("\n");
 }
 /**

package/dist/security/fix.js

@@ -1,13 +1,12 @@
 import fs from "node:fs/promises";
 import path from "node:path";
-import JSON5 from "json5";
+import { resolveDefaultAgentId } from "../agents/agent-scope.js";
 import { createConfigIO } from "../config/config.js";
+import { collectIncludePathsRecursive } from "../config/includes-scan.js";
 import { resolveConfigPath, resolveOAuthDir, resolveStateDir } from "../config/paths.js";
-import { resolveDefaultAgentId } from "../agents/agent-scope.js";
-import { INCLUDE_KEY, MAX_INCLUDE_DEPTH } from "../config/includes.js";
-import { normalizeAgentId } from "../routing/session-key.js";
 import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
 import { runExec } from "../process/exec.js";
+import { normalizeAgentId } from "../routing/session-key.js";
 import { createIcaclsResetCommand, formatIcaclsResetCommand } from "./windows-acl.js";
 async function safeChmod(params) {
     try {
@@ -144,11 +143,13 @@ async function safeAclReset(params) {
     }
 }
 function setGroupPolicyAllowlist(params) {
-    if (!params.cfg.channels)
+    if (!params.cfg.channels) {
         return;
+    }
     const section = params.cfg.channels[params.channel];
-    if (!section || typeof section !== "object")
+    if (!section || typeof section !== "object") {
         return;
+    }
     const topPolicy = section.groupPolicy;
     if (topPolicy === "open") {
         section.groupPolicy = "allowlist";
@@ -156,13 +157,16 @@ function setGroupPolicyAllowlist(params) {
         params.policyFlips.add(`channels.${params.channel}.`);
     }
     const accounts = section.accounts;
-    if (!accounts || typeof accounts !== "object")
+    if (!accounts || typeof accounts !== "object") {
         return;
+    }
     for (const [accountId, accountValue] of Object.entries(accounts)) {
-        if (!accountId)
+        if (!accountId) {
             continue;
-        if (!accountValue || typeof accountValue !== "object")
+        }
+        if (!accountValue || typeof accountValue !== "object") {
             continue;
+        }
         const account = accountValue;
         if (account.groupPolicy === "open") {
             account.groupPolicy = "allowlist";
@@ -173,29 +177,36 @@ function setGroupPolicyAllowlist(params) {
 }
 function setWhatsAppGroupAllowFromFromStore(params) {
     const section = params.cfg.channels?.whatsapp;
-    if (!section || typeof section !== "object")
+    if (!section || typeof section !== "object") {
         return;
-    if (params.storeAllowFrom.length === 0)
+    }
+    if (params.storeAllowFrom.length === 0) {
         return;
+    }
     const maybeApply = (prefix, obj) => {
-        if (!params.policyFlips.has(prefix))
+        if (!params.policyFlips.has(prefix)) {
             return;
+        }
         const allowFrom = Array.isArray(obj.allowFrom) ? obj.allowFrom : [];
         const groupAllowFrom = Array.isArray(obj.groupAllowFrom) ? obj.groupAllowFrom : [];
-        if (allowFrom.length > 0)
+        if (allowFrom.length > 0) {
             return;
-        if (groupAllowFrom.length > 0)
+        }
+        if (groupAllowFrom.length > 0) {
             return;
+        }
         obj.groupAllowFrom = params.storeAllowFrom;
         params.changes.push(`${prefix}groupAllowFrom=pairing-store`);
     };
     maybeApply("channels.whatsapp.", section);
     const accounts = section.accounts;
-    if (!accounts || typeof accounts !== "object")
+    if (!accounts || typeof accounts !== "object") {
         return;
+    }
     for (const [accountId, accountValue] of Object.entries(accounts)) {
-        if (!accountValue || typeof accountValue !== "object")
+        if (!accountValue || typeof accountValue !== "object") {
             continue;
+        }
         const account = accountValue;
         maybeApply(`channels.whatsapp.accounts.${accountId}.`, account);
     }
@@ -221,80 +232,17 @@ function applyConfigFixes(params) {
     }
     return { cfg: next, changes, policyFlips };
 }
-function listDirectIncludes(parsed) {
-    const out = [];
-    const visit = (value) => {
-        if (!value)
-            return;
-        if (Array.isArray(value)) {
-            for (const item of value)
-                visit(item);
-            return;
-        }
-        if (typeof value !== "object")
-            return;
-        const rec = value;
-        const includeVal = rec[INCLUDE_KEY];
-        if (typeof includeVal === "string")
-            out.push(includeVal);
-        else if (Array.isArray(includeVal)) {
-            for (const item of includeVal) {
-                if (typeof item === "string")
-                    out.push(item);
-            }
-        }
-        for (const v of Object.values(rec))
-            visit(v);
-    };
-    visit(parsed);
-    return out;
-}
-function resolveIncludePath(baseConfigPath, includePath) {
-    return path.normalize(path.isAbsolute(includePath)
-        ? includePath
-        : path.resolve(path.dirname(baseConfigPath), includePath));
-}
-async function collectIncludePathsRecursive(params) {
-    const visited = new Set();
-    const result = [];
-    const walk = async (basePath, parsed, depth) => {
-        if (depth > MAX_INCLUDE_DEPTH)
-            return;
-        for (const raw of listDirectIncludes(parsed)) {
-            const resolved = resolveIncludePath(basePath, raw);
-            if (visited.has(resolved))
-                continue;
-            visited.add(resolved);
-            result.push(resolved);
-            const rawText = await fs.readFile(resolved, "utf-8").catch(() => null);
-            if (!rawText)
-                continue;
-            const nestedParsed = (() => {
-                try {
-                    return JSON5.parse(rawText);
-                }
-                catch {
-                    return null;
-                }
-            })();
-            if (nestedParsed) {
-                // eslint-disable-next-line no-await-in-loop
-                await walk(resolved, nestedParsed, depth + 1);
-            }
-        }
-    };
-    await walk(params.configPath, params.parsed, 0);
-    return result;
-}
 async function chmodCredentialsAndAgentState(params) {
     const credsDir = resolveOAuthDir(params.env, params.stateDir);
     params.actions.push(await safeChmod({ path: credsDir, mode: 0o700, require: "dir" }));
     const credsEntries = await fs.readdir(credsDir, { withFileTypes: true }).catch(() => []);
     for (const entry of credsEntries) {
-        if (!entry.isFile())
+        if (!entry.isFile()) {
             continue;
-        if (!entry.name.endsWith(".json"))
+        }
+        if (!entry.name.endsWith(".json")) {
             continue;
+        }
         const p = path.join(credsDir, entry.name);
         // eslint-disable-next-line no-await-in-loop
         params.actions.push(await safeChmod({ path: p, mode: 0o600, require: "file" }));
@@ -303,11 +251,13 @@ async function chmodCredentialsAndAgentState(params) {
     ids.add(resolveDefaultAgentId(params.cfg));
     const list = Array.isArray(params.cfg.agents?.list) ? params.cfg.agents?.list : [];
     for (const agent of list ?? []) {
-        if (!agent || typeof agent !== "object")
+        if (!agent || typeof agent !== "object") {
             continue;
+        }
         const id = typeof agent.id === "string" ? agent.id.trim() : "";
-        if (id)
+        if (id) {
             ids.add(id);
+        }
     }
     for (const agentId of ids) {
         const normalizedAgentId = normalizeAgentId(agentId);
@@ -326,6 +276,20 @@ async function chmodCredentialsAndAgentState(params) {
         const storePath = path.join(sessionsDir, "sessions.json");
         // eslint-disable-next-line no-await-in-loop
         params.actions.push(await params.applyPerms({ path: storePath, mode: 0o600, require: "file" }));
+        // Fix permissions on session transcript files (*.jsonl)
+        // eslint-disable-next-line no-await-in-loop
+        const sessionEntries = await fs.readdir(sessionsDir, { withFileTypes: true }).catch(() => []);
+        for (const entry of sessionEntries) {
+            if (!entry.isFile()) {
+                continue;
+            }
+            if (!entry.name.endsWith(".jsonl")) {
+                continue;
+            }
+            const p = path.join(sessionsDir, entry.name);
+            // eslint-disable-next-line no-await-in-loop
+            params.actions.push(await params.applyPerms({ path: p, mode: 0o600, require: "file" }));
+        }
     }
 }
 export async function fixSecurityFootguns(opts) {

package/dist/security/scan-paths.js

@@ -1,3 +1,4 @@
+import fs from "node:fs";
 import path from "node:path";
 export function isPathInside(basePath, candidatePath) {
     const base = path.resolve(basePath);
@@ -5,6 +6,25 @@ export function isPathInside(basePath, candidatePath) {
     const rel = path.relative(base, candidate);
     return rel === "" || (!rel.startsWith(`..${path.sep}`) && rel !== ".." && !path.isAbsolute(rel));
 }
+function safeRealpathSync(filePath) {
+    try {
+        return fs.realpathSync(filePath);
+    }
+    catch {
+        return null;
+    }
+}
+export function isPathInsideWithRealpath(basePath, candidatePath, opts) {
+    if (!isPathInside(basePath, candidatePath)) {
+        return false;
+    }
+    const baseReal = safeRealpathSync(basePath);
+    const candidateReal = safeRealpathSync(candidatePath);
+    if (!baseReal || !candidateReal) {
+        return opts?.requireRealpath !== true;
+    }
+    return isPathInside(baseReal, candidateReal);
+}
 export function extensionUsesSkippedScannerPath(entry) {
     const segments = entry.split(/[\\/]+/).filter(Boolean);
     return segments.some((segment) => segment === "node_modules" ||

package/dist/security/secret-equal.js

@@ -1,12 +1,8 @@
-import { timingSafeEqual } from "node:crypto";
+import { createHash, timingSafeEqual } from "node:crypto";
 export function safeEqualSecret(provided, expected) {
     if (typeof provided !== "string" || typeof expected !== "string") {
         return false;
     }
-    const providedBuffer = Buffer.from(provided);
-    const expectedBuffer = Buffer.from(expected);
-    if (providedBuffer.length !== expectedBuffer.length) {
-        return false;
-    }
-    return timingSafeEqual(providedBuffer, expectedBuffer);
+    const hash = (s) => createHash("sha256").update(s).digest();
+    return timingSafeEqual(hash(provided), hash(expected));
 }

package/dist/security/windows-acl.js

@@ -19,8 +19,9 @@ const TRUSTED_SUFFIXES = ["\\administrators", "\\system"];
 const normalize = (value) => value.trim().toLowerCase();
 export function resolveWindowsUserPrincipal(env) {
     const username = env?.USERNAME?.trim() || os.userInfo().username?.trim();
-    if (!username)
+    if (!username) {
         return null;
+    }
     const domain = env?.USERDOMAIN?.trim();
     return domain ? `${domain}\\${username}` : username;
 }
@@ -31,18 +32,21 @@ function buildTrustedPrincipals(env) {
         trusted.add(normalize(principal));
         const parts = principal.split("\\");
         const userOnly = parts.at(-1);
-        if (userOnly)
+        if (userOnly) {
             trusted.add(normalize(userOnly));
+        }
     }
     return trusted;
 }
 function classifyPrincipal(principal, env) {
     const normalized = normalize(principal);
     const trusted = buildTrustedPrincipals(env);
-    if (trusted.has(normalized) || TRUSTED_SUFFIXES.some((s) => normalized.endsWith(s)))
+    if (trusted.has(normalized) || TRUSTED_SUFFIXES.some((s) => normalized.endsWith(s))) {
         return "trusted";
-    if (WORLD_PRINCIPALS.has(normalized) || WORLD_SUFFIXES.some((s) => normalized.endsWith(s)))
+    }
+    if (WORLD_PRINCIPALS.has(normalized) || WORLD_SUFFIXES.some((s) => normalized.endsWith(s))) {
         return "world";
+    }
     return "group";
 }
 function rightsFromTokens(tokens) {
@@ -59,8 +63,9 @@ export function parseIcaclsOutput(output, targetPath) {
     const quotedLower = quotedTarget.toLowerCase();
     for (const rawLine of output.split(/\r?\n/)) {
         const line = rawLine.trimEnd();
-        if (!line.trim())
+        if (!line.trim()) {
             continue;
+        }
         const trimmed = line.trim();
         const lower = trimmed.toLowerCase();
         if (lower.startsWith("successfully processed") ||
@@ -76,22 +81,26 @@ export function parseIcaclsOutput(output, targetPath) {
         else if (lower.startsWith(quotedLower)) {
             entry = trimmed.slice(quotedTarget.length).trim();
         }
-        if (!entry)
+        if (!entry) {
             continue;
+        }
         const idx = entry.indexOf(":");
-        if (idx === -1)
+        if (idx === -1) {
             continue;
+        }
         const principal = entry.slice(0, idx).trim();
         const rawRights = entry.slice(idx + 1).trim();
         const tokens = rawRights
             .match(/\(([^)]+)\)/g)
             ?.map((token) => token.slice(1, -1).trim())
             .filter(Boolean) ?? [];
-        if (tokens.some((token) => token.toUpperCase() === "DENY"))
+        if (tokens.some((token) => token.toUpperCase() === "DENY")) {
             continue;
+        }
         const rights = tokens.filter((token) => !INHERIT_FLAGS.has(token.toUpperCase()));
-        if (rights.length === 0)
+        if (rights.length === 0) {
             continue;
+        }
         const { canRead, canWrite } = rightsFromTokens(rights);
         entries.push({ principal, rights, rawRights, canRead, canWrite });
     }
@@ -103,12 +112,15 @@ export function summarizeWindowsAcl(entries, env) {
     const untrustedGroup = [];
     for (const entry of entries) {
         const classification = classifyPrincipal(entry.principal, env);
-        if (classification === "trusted")
+        if (classification === "trusted") {
             trusted.push(entry);
-        else if (classification === "world")
+        }
+        else if (classification === "world") {
             untrustedWorld.push(entry);
-        else
+        }
+        else {
             untrustedGroup.push(entry);
+        }
     }
     return { trusted, untrustedWorld, untrustedGroup };
 }
@@ -133,11 +145,13 @@ export async function inspectWindowsAcl(targetPath, opts) {
     }
 }
 export function formatWindowsAclSummary(summary) {
-    if (!summary.ok)
+    if (!summary.ok) {
         return "unknown";
+    }
     const untrusted = [...summary.untrustedWorld, ...summary.untrustedGroup];
-    if (untrusted.length === 0)
+    if (untrusted.length === 0) {
         return "trusted-only";
+    }
     return untrusted.map((entry) => `${entry.principal}:${entry.rawRights}`).join(", ");
 }
 export function formatIcaclsResetCommand(targetPath, opts) {
@@ -147,8 +161,9 @@ export function formatIcaclsResetCommand(targetPath, opts) {
 }
 export function createIcaclsResetCommand(targetPath, opts) {
     const user = resolveWindowsUserPrincipal(opts.env);
-    if (!user)
+    if (!user) {
         return null;
+    }
     const grant = opts.isDir ? "(OI)(CI)F" : "F";
     const args = [
         targetPath,

package/dist/shared/entry-status.js

@@ -23,3 +23,9 @@ export function evaluateEntryMetadataRequirements(params) {
         configChecks,
     };
 }
+export function evaluateEntryMetadataRequirementsForCurrentPlatform(params) {
+    return evaluateEntryMetadataRequirements({
+        ...params,
+        localPlatform: process.platform,
+    });
+}

package/dist/shared/frontmatter.js

@@ -24,7 +24,7 @@ export function parseFrontmatterBool(value, fallback) {
     const parsed = parseBooleanValue(value);
     return parsed === undefined ? fallback : parsed;
 }
-export function resolvePoolbotManifestBlock(params) {
+export function resolvePoolBotManifestBlock(params) {
     const raw = getFrontmatterString(params.frontmatter, params.key ?? "metadata");
     if (!raw) {
         return undefined;
@@ -47,7 +47,7 @@ export function resolvePoolbotManifestBlock(params) {
         return undefined;
     }
 }
-export function resolvePoolbotManifestRequires(metadataObj) {
+export function resolvePoolBotManifestRequires(metadataObj) {
     const requiresRaw = typeof metadataObj.requires === "object" && metadataObj.requires !== null
         ? metadataObj.requires
         : undefined;
@@ -61,16 +61,16 @@ export function resolvePoolbotManifestRequires(metadataObj) {
         config: normalizeStringList(requiresRaw.config),
     };
 }
-export function resolvePoolbotManifestInstall(metadataObj, parseInstallSpec) {
+export function resolvePoolBotManifestInstall(metadataObj, parseInstallSpec) {
     const installRaw = Array.isArray(metadataObj.install) ? metadataObj.install : [];
     return installRaw
         .map((entry) => parseInstallSpec(entry))
         .filter((entry) => Boolean(entry));
 }
-export function resolvePoolbotManifestOs(metadataObj) {
+export function resolvePoolBotManifestOs(metadataObj) {
     return normalizeStringList(metadataObj.os);
 }
-export function parsePoolbotManifestInstallBase(input, allowedKinds) {
+export function parsePoolBotManifestInstallBase(input, allowedKinds) {
     if (!input || typeof input !== "object") {
         return undefined;
     }

package/dist/shared/node-list-parse.js

@@ -0,0 +1,13 @@
+function asRecord(value) {
+    return typeof value === "object" && value !== null ? value : {};
+}
+export function parsePairingList(value) {
+    const obj = asRecord(value);
+    const pending = Array.isArray(obj.pending) ? obj.pending : [];
+    const paired = Array.isArray(obj.paired) ? obj.paired : [];
+    return { pending, paired };
+}
+export function parseNodeList(value) {
+    const obj = asRecord(value);
+    return Array.isArray(obj.nodes) ? obj.nodes : [];
+}

package/dist/shared/node-match.js

@@ -39,14 +39,21 @@ export function resolveNodeIdFromCandidates(nodes, query) {
     if (!q) {
         throw new Error("node required");
     }
-    const matches = resolveNodeMatches(nodes, q);
-    if (matches.length === 1) {
-        return matches[0]?.nodeId ?? "";
+    const rawMatches = resolveNodeMatches(nodes, q);
+    if (rawMatches.length === 1) {
+        return rawMatches[0]?.nodeId ?? "";
     }
-    if (matches.length === 0) {
+    if (rawMatches.length === 0) {
         const known = listKnownNodes(nodes);
         throw new Error(`unknown node: ${q}${known ? ` (known: ${known})` : ""}`);
     }
+    // Re-pair/reinstall flows can leave multiple nodes with the same display name.
+    // Prefer a unique connected match when available.
+    const connectedMatches = rawMatches.filter((match) => match.connected === true);
+    const matches = connectedMatches.length > 0 ? connectedMatches : rawMatches;
+    if (matches.length === 1) {
+        return matches[0]?.nodeId ?? "";
+    }
     throw new Error(`ambiguous node: ${q} (matches: ${matches
         .map((n) => n.displayName || n.remoteIp || n.nodeId)
         .join(", ")})`);