@poolzin/pool-bot 2026.3.25 → 2026.3.26

package/dist/agents/provider/session-binding.js

@@ -1,376 +0,0 @@
-/**
- * Session Manager
- *
- * Manages sticky session bindings between conversation sessions and API tokens.
- * Ensures conversation continuity by routing requests to the same key when possible.
- *
- * @module provider/session-binding
- */
-import { createSubsystemLogger } from "../../logging/subsystem.js";
-export var SessionManager;
-(function (SessionManager) {
-    const log = createSubsystemLogger("provider/session-binding");
-    // ============================================================================
-    // Internal State
-    // ============================================================================
-    /** Session bindings: sessionID:providerID -> Binding */
-    const bindings = new Map();
-    /** Configuration */
-    let config = {
-        defaultTTLMs: 60_000, // 60 seconds
-        maxBindings: 10_000,
-        extendOnAccess: true,
-    };
-    /** Cleanup interval handle */
-    let cleanupInterval = null;
-    // ============================================================================
-    // Helper Functions
-    // ============================================================================
-    /**
-     * Creates a composite key for the bindings map.
-     */
-    function getBindingKey(sessionID, providerID) {
-        return `${sessionID}:${providerID}`;
-    }
-    /**
-     * Checks if a binding is expired.
-     */
-    function isExpired(binding) {
-        return Date.now() > binding.expiresAt;
-    }
-    /**
-     * Evicts oldest bindings if over capacity.
-     */
-    function evictIfNeeded() {
-        if (bindings.size <= config.maxBindings)
-            return;
-        // Sort by last accessed time and remove oldest
-        const sorted = Array.from(bindings.entries()).sort((a, b) => a[1].lastAccessedAt - b[1].lastAccessedAt);
-        const toRemove = sorted.slice(0, bindings.size - config.maxBindings);
-        for (const [key] of toRemove) {
-            bindings.delete(key);
-        }
-        log.info("evicted", { count: toRemove.length });
-    }
-    // ============================================================================
-    // Public API
-    // ============================================================================
-    /**
-     * Configures the session manager.
-     *
-     * @param newConfig - Partial configuration to merge
-     *
-     * @example
-     * ```typescript
-     * SessionManager.configure({
-     *   defaultTTLMs: 120_000, // 2 minutes
-     *   extendOnAccess: true
-     * })
-     * ```
-     */
-    function configure(newConfig) {
-        config = { ...config, ...newConfig };
-        log.info("configured", { ...config });
-    }
-    SessionManager.configure = configure;
-    /**
-     * Gets the current configuration.
-     */
-    function getConfig() {
-        return { ...config };
-    }
-    SessionManager.getConfig = getConfig;
-    /**
-     * Creates or updates a session binding.
-     *
-     * @param sessionID - Session identifier
-     * @param providerID - Provider identifier
-     * @param tokenID - Token identifier to bind to
-     * @param ttlMs - Custom TTL (uses default if not specified)
-     *
-     * @example
-     * ```typescript
-     * SessionManager.bind("session-123", "anthropic", "key-1")
-     * ```
-     */
-    function bind(sessionID, providerID, tokenID, ttlMs) {
-        const key = getBindingKey(sessionID, providerID);
-        const now = Date.now();
-        const ttl = ttlMs ?? config.defaultTTLMs;
-        const existing = bindings.get(key);
-        if (existing && existing.tokenID === tokenID) {
-            // Update existing binding
-            existing.lastAccessedAt = now;
-            existing.expiresAt = now + ttl;
-            existing.requestCount++;
-            return existing;
-        }
-        // Create new binding
-        const binding = {
-            sessionID,
-            providerID,
-            tokenID,
-            createdAt: now,
-            lastAccessedAt: now,
-            expiresAt: now + ttl,
-            requestCount: 1,
-        };
-        bindings.set(key, binding);
-        evictIfNeeded();
-        log.info("bound", { sessionID, providerID, tokenID, ttlMs: ttl });
-        return binding;
-    }
-    SessionManager.bind = bind;
-    /**
-     * Looks up a session binding.
-     *
-     * @param sessionID - Session identifier
-     * @param providerID - Provider identifier
-     * @returns Lookup result with binding if found and valid
-     *
-     * @example
-     * ```typescript
-     * const result = SessionManager.lookup("session-123", "anthropic")
-     * if (result.found && !result.expired) {
-     *   console.log("Using token:", result.binding.tokenID)
-     * }
-     * ```
-     */
-    function lookup(sessionID, providerID) {
-        const key = getBindingKey(sessionID, providerID);
-        const binding = bindings.get(key);
-        if (!binding) {
-            return { found: false, expired: false };
-        }
-        if (isExpired(binding)) {
-            bindings.delete(key);
-            return { found: true, expired: true };
-        }
-        // Extend TTL on access if configured
-        if (config.extendOnAccess) {
-            binding.lastAccessedAt = Date.now();
-            binding.expiresAt = binding.lastAccessedAt + config.defaultTTLMs;
-        }
-        return { binding, found: true, expired: false };
-    }
-    SessionManager.lookup = lookup;
-    /**
-     * Gets the bound token ID for a session, if any.
-     *
-     * @param sessionID - Session identifier
-     * @param providerID - Provider identifier
-     * @returns Token ID or undefined if not bound
-     */
-    function getBoundToken(sessionID, providerID) {
-        const result = lookup(sessionID, providerID);
-        return result.binding?.tokenID;
-    }
-    SessionManager.getBoundToken = getBoundToken;
-    /**
-     * Removes a session binding.
-     *
-     * @param sessionID - Session identifier
-     * @param providerID - Provider identifier
-     * @returns Whether a binding was found and removed
-     */
-    function unbind(sessionID, providerID) {
-        const key = getBindingKey(sessionID, providerID);
-        const removed = bindings.delete(key);
-        if (removed) {
-            log.info("unbound", { sessionID, providerID });
-        }
-        return removed;
-    }
-    SessionManager.unbind = unbind;
-    /**
-     * Removes all bindings for a session.
-     *
-     * @param sessionID - Session identifier
-     * @returns Number of bindings removed
-     */
-    function unbindSession(sessionID) {
-        let count = 0;
-        const prefix = `${sessionID}:`;
-        for (const key of bindings.keys()) {
-            if (key.startsWith(prefix)) {
-                bindings.delete(key);
-                count++;
-            }
-        }
-        if (count > 0) {
-            log.info("session-unbound", { sessionID, count });
-        }
-        return count;
-    }
-    SessionManager.unbindSession = unbindSession;
-    /**
-     * Removes all bindings for a provider.
-     *
-     * @param providerID - Provider identifier
-     * @returns Number of bindings removed
-     */
-    function unbindProvider(providerID) {
-        let count = 0;
-        const suffix = `:${providerID}`;
-        for (const key of bindings.keys()) {
-            if (key.endsWith(suffix)) {
-                bindings.delete(key);
-                count++;
-            }
-        }
-        if (count > 0) {
-            log.info("provider-unbound", { providerID, count });
-        }
-        return count;
-    }
-    SessionManager.unbindProvider = unbindProvider;
-    /**
-     * Removes all bindings for a specific token.
-     *
-     * @param providerID - Provider identifier
-     * @param tokenID - Token identifier
-     * @returns Number of bindings removed
-     */
-    function unbindToken(providerID, tokenID) {
-        let count = 0;
-        for (const [key, binding] of bindings.entries()) {
-            if (binding.providerID === providerID && binding.tokenID === tokenID) {
-                bindings.delete(key);
-                count++;
-            }
-        }
-        if (count > 0) {
-            log.info("token-unbound", { providerID, tokenID, count });
-        }
-        return count;
-    }
-    SessionManager.unbindToken = unbindToken;
-    /**
-     * Gets all bindings for a session.
-     *
-     * @param sessionID - Session identifier
-     * @returns Array of bindings
-     */
-    function getSessionBindings(sessionID) {
-        const result = [];
-        const now = Date.now();
-        const prefix = `${sessionID}:`;
-        for (const [key, binding] of bindings.entries()) {
-            if (key.startsWith(prefix) && binding.expiresAt > now) {
-                result.push({ ...binding });
-            }
-        }
-        return result;
-    }
-    SessionManager.getSessionBindings = getSessionBindings;
-    /**
-     * Gets all bindings for a provider.
-     *
-     * @param providerID - Provider identifier
-     * @returns Array of bindings
-     */
-    function getProviderBindings(providerID) {
-        const result = [];
-        const now = Date.now();
-        for (const binding of bindings.values()) {
-            if (binding.providerID === providerID && binding.expiresAt > now) {
-                result.push({ ...binding });
-            }
-        }
-        return result;
-    }
-    SessionManager.getProviderBindings = getProviderBindings;
-    /**
-     * Gets summary statistics for session bindings.
-     */
-    function getSummary() {
-        const now = Date.now();
-        let activeCount = 0;
-        let expiredCount = 0;
-        let totalRequests = 0;
-        let totalAge = 0;
-        const byProvider = {};
-        for (const binding of bindings.values()) {
-            if (binding.expiresAt > now) {
-                activeCount++;
-                totalRequests += binding.requestCount;
-                totalAge += now - binding.createdAt;
-                byProvider[binding.providerID] = (byProvider[binding.providerID] ?? 0) + 1;
-            }
-            else {
-                expiredCount++;
-            }
-        }
-        return {
-            totalBindings: bindings.size,
-            activeBindings: activeCount,
-            expiredBindings: expiredCount,
-            byProvider,
-            avgRequestsPerBinding: activeCount > 0 ? totalRequests / activeCount : 0,
-            avgAgeMs: activeCount > 0 ? totalAge / activeCount : 0,
-        };
-    }
-    SessionManager.getSummary = getSummary;
-    /**
-     * Removes expired bindings.
-     *
-     * @returns Number of bindings removed
-     */
-    function cleanupExpired() {
-        const now = Date.now();
-        let removed = 0;
-        for (const [key, binding] of bindings.entries()) {
-            if (binding.expiresAt <= now) {
-                bindings.delete(key);
-                removed++;
-            }
-        }
-        if (removed > 0) {
-            log.info("cleanup", { removed });
-        }
-        return removed;
-    }
-    SessionManager.cleanupExpired = cleanupExpired;
-    /**
-     * Clears all bindings.
-     */
-    function clear() {
-        const count = bindings.size;
-        bindings.clear();
-        if (count > 0) {
-            log.info("cleared", { count });
-        }
-    }
-    SessionManager.clear = clear;
-    /**
-     * Starts the automatic cleanup interval.
-     *
-     * @param intervalMs - Cleanup interval in milliseconds (default: 30000)
-     */
-    function startCleanup(intervalMs = 30_000) {
-        if (cleanupInterval)
-            return;
-        cleanupInterval = setInterval(() => {
-            cleanupExpired();
-        }, intervalMs);
-        // Don't keep the process alive just for cleanup
-        if (typeof cleanupInterval.unref === "function") {
-            cleanupInterval.unref();
-        }
-        log.debug("cleanup-started", { intervalMs });
-    }
-    SessionManager.startCleanup = startCleanup;
-    /**
-     * Stops the automatic cleanup interval.
-     */
-    function stopCleanup() {
-        if (cleanupInterval) {
-            clearInterval(cleanupInterval);
-            cleanupInterval = null;
-            log.info("cleanup-stopped");
-        }
-    }
-    SessionManager.stopCleanup = stopCleanup;
-    // Start cleanup on module load
-    startCleanup();
-})(SessionManager || (SessionManager = {}));

package/dist/agents/queued-file-writer.js

@@ -1,22 +0,0 @@
-import fs from "node:fs/promises";
-import path from "node:path";
-export function getQueuedFileWriter(writers, filePath) {
-    const existing = writers.get(filePath);
-    if (existing) {
-        return existing;
-    }
-    const dir = path.dirname(filePath);
-    const ready = fs.mkdir(dir, { recursive: true }).catch(() => undefined);
-    let queue = Promise.resolve();
-    const writer = {
-        filePath,
-        write: (line) => {
-            queue = queue
-                .then(() => ready)
-                .then(() => fs.appendFile(filePath, line, "utf8"))
-                .catch(() => undefined);
-        },
-    };
-    writers.set(filePath, writer);
-    return writer;
-}

package/dist/agents/skills/bundled-context.js

@@ -1,23 +0,0 @@
-import { loadSkillsFromDir } from "@mariozechner/pi-coding-agent";
-import { createSubsystemLogger } from "../../logging/subsystem.js";
-import { resolveBundledSkillsDir } from "./bundled-dir.js";
-const skillsLogger = createSubsystemLogger("skills");
-let hasWarnedMissingBundledDir = false;
-export function resolveBundledSkillsContext(opts = {}) {
-    const dir = resolveBundledSkillsDir(opts);
-    const names = new Set();
-    if (!dir) {
-        if (!hasWarnedMissingBundledDir) {
-            hasWarnedMissingBundledDir = true;
-            skillsLogger.warn("Bundled skills directory could not be resolved; built-in skills may be missing.");
-        }
-        return { dir, names };
-    }
-    const result = loadSkillsFromDir({ dir, source: "poolbot-bundled" });
-    for (const skill of result.skills) {
-        if (skill.name.trim()) {
-            names.add(skill.name);
-        }
-    }
-    return { dir, names };
-}

package/dist/agents/skills/security.js

@@ -1,211 +0,0 @@
-/**
- * Skill Security Scanner
- *
- * Security scanning for PoolBot skills.
- * Detects potential security issues in skill files.
- *
- * @module agents/skills/security
- */
-// ============================================================================
-// Constants
-// ============================================================================
-const SCANNER_VERSION = "1.0.0";
-// Patterns that indicate potential security issues
-const PATTERNS = [
-    // Prompt injection attempts
-    {
-        type: "prompt_injection",
-        severity: "critical",
-        pattern: /ignore\s+(?:previous|above|prior)|disregard\s+(?:instructions?|prompt)|system\s*:\s*you\s+are|new\s+instructions?\s*:/i,
-        description: "Potential prompt injection attempt detected",
-        remediation: "Review skill content for malicious instruction overrides",
-    },
-    {
-        type: "prompt_injection",
-        severity: "high",
-        pattern: /\[\s*system\s*\]|\(\s*system\s*\)|\{\s*system\s*\}|\bDAN\b|do\s+anything\s+now/i,
-        description: "Suspicious system role reference",
-        remediation: "Verify skill doesn't attempt to override system behavior",
-    },
-    // Command injection
-    {
-        type: "command_injection",
-        severity: "critical",
-        pattern: /(?:bash|sh|zsh|cmd|powershell)\s+-c\s+["']|exec\s*\(|eval\s*\(|system\s*\(/i,
-        description: "Potential command injection pattern",
-        remediation: "Avoid executing arbitrary shell commands from skill content",
-    },
-    {
-        type: "command_injection",
-        severity: "high",
-        pattern: /`[^`]*(?:rm|del|format|mkfs|dd|wget|curl|fetch)[^`]*`|\$\([^)]*(?:rm|del|wget|curl)[^)]*\)/i,
-        description: "Dangerous command in template literal",
-        remediation: "Review shell command usage for safety",
-    },
-    // Path traversal
-    {
-        type: "path_traversal",
-        severity: "high",
-        pattern: /\.\.[/\\]|\.\.%2f|\.\.%5c|%2e%2e[/\\]/i,
-        description: "Path traversal attempt detected",
-        remediation: "Validate and sanitize all file paths",
-    },
-    // Suspicious patterns
-    {
-        type: "suspicious_pattern",
-        severity: "medium",
-        pattern: /(?:password|secret|token|key|credential)\s*=\s*["'][^"']{8,}["']/i,
-        description: "Hardcoded credential-like pattern",
-        remediation: "Use environment variables or secure secret storage",
-    },
-    {
-        type: "suspicious_pattern",
-        severity: "medium",
-        pattern: /base64\s*\(\s*["'][^"']{20,}["']\s*\)|atob\s*\(|btoa\s*\(/i,
-        description: "Suspicious encoding/decoding pattern",
-        remediation: "Verify encoding is not used to obfuscate malicious content",
-    },
-    // External dependencies
-    {
-        type: "external_dependency",
-        severity: "low",
-        pattern: /(?:npm|pip|gem|cargo|go\s+get)\s+install/i,
-        description: "External package installation mentioned",
-        remediation: "Verify all external dependencies are trustworthy",
-    },
-    // Data exfiltration
-    {
-        type: "data_exfiltration",
-        severity: "high",
-        pattern: /(?:https?:\/\/|ftp:\/\/)[^\s"']+(?:webhook|callback|exfil|collect|steal|send)/i,
-        description: "Potential data exfiltration endpoint",
-        remediation: "Verify all external URLs are legitimate",
-    },
-];
-// ============================================================================
-// Scanner
-// ============================================================================
-/**
- * Scan skill content for security issues
- */
-export function scanSkill(skillName, content) {
-    const findings = [];
-    const lines = content.split("\n");
-    for (const { type, severity, pattern, description, remediation } of PATTERNS) {
-        for (let i = 0; i < lines.length; i++) {
-            const line = lines[i];
-            const matches = line.matchAll(pattern);
-            for (const match of matches) {
-                if (match.index !== undefined) {
-                    findings.push({
-                        type,
-                        severity,
-                        line: i + 1,
-                        column: match.index + 1,
-                        match: match[0].slice(0, 100), // Limit match length
-                        description,
-                        remediation,
-                    });
-                }
-            }
-        }
-    }
-    // Sort by severity
-    const severityOrder = ["critical", "high", "medium", "low", "info"];
-    findings.sort((a, b) => severityOrder.indexOf(a.severity) - severityOrder.indexOf(b.severity));
-    return {
-        skillName,
-        scannerVersion: SCANNER_VERSION,
-        scannedAt: new Date(),
-        findings,
-        passed: !findings.some((f) => f.severity === "critical" || f.severity === "high"),
-    };
-}
-/**
- * Quick security check - returns true if skill passes basic security
- */
-export function quickSecurityCheck(skillName, content) {
-    const report = scanSkill(skillName, content);
-    return report.passed;
-}
-/**
- * Get security summary for display
- */
-export function getSecuritySummary(report) {
-    const counts = {
-        critical: 0,
-        high: 0,
-        medium: 0,
-        low: 0,
-        info: 0,
-    };
-    for (const finding of report.findings) {
-        counts[finding.severity]++;
-    }
-    const hasCritical = counts.critical > 0;
-    const hasHigh = counts.high > 0;
-    const hasMedium = counts.medium > 0;
-    const hasLow = counts.low > 0;
-    if (hasCritical) {
-        return {
-            status: "Failed",
-            color: "red",
-            summary: `${counts.critical} critical, ${counts.high} high severity issues`,
-            counts,
-        };
-    }
-    if (hasHigh) {
-        return {
-            status: "Warning",
-            color: "yellow",
-            summary: `${counts.high} high severity issues`,
-            counts,
-        };
-    }
-    if (hasMedium || hasLow) {
-        return {
-            status: "Passed",
-            color: "yellow",
-            summary: `${counts.medium} medium, ${counts.low} low severity issues`,
-            counts,
-        };
-    }
-    return {
-        status: "Passed",
-        color: "green",
-        summary: "No security issues found",
-        counts,
-    };
-}
-/**
- * Format findings for display
- */
-export function formatFindings(findings) {
-    if (findings.length === 0) {
-        return ["No security issues found."];
-    }
-    const lines = [];
-    const bySeverity = {
-        critical: [],
-        high: [],
-        medium: [],
-        low: [],
-        info: [],
-    };
-    for (const finding of findings) {
-        bySeverity[finding.severity].push(finding);
-    }
-    for (const severity of ["critical", "high", "medium", "low", "info"]) {
-        const items = bySeverity[severity];
-        if (items.length === 0)
-            continue;
-        lines.push(`\n${severity.toUpperCase()} (${items.length}):`);
-        for (const finding of items) {
-            lines.push(`  [${finding.type}] Line ${finding.line}: ${finding.description}`);
-            if (finding.remediation) {
-                lines.push(`    → ${finding.remediation}`);
-            }
-        }
-    }
-    return lines;
-}

package/dist/agents/skills/tools-dir.js

@@ -1,9 +0,0 @@
-import path from "node:path";
-import { safePathSegmentHashed } from "../../infra/install-safe-path.js";
-import { resolveConfigDir } from "../../utils.js";
-import { resolveSkillKey } from "./frontmatter.js";
-export function resolveSkillToolsRootDir(entry) {
-    const key = resolveSkillKey(entry.skill, entry);
-    const safeKey = safePathSegmentHashed(key);
-    return path.join(resolveConfigDir(), "tools", safeKey);
-}