npm - @poolzin/pool-bot - Versions diffs - 2026.3.25 → 2026.3.27 - Mend

@poolzin/pool-bot 2026.3.25 → 2026.3.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (271) hide show

package/dist/agents/model-fallback.js +5 -4
package/dist/agents/tools/common.js +16 -201
package/dist/auto-reply/auto-reply/reply/agent-runner-execution.js +502 -0
package/dist/auto-reply/auto-reply/reply/agent-runner-helpers.js +65 -0
package/dist/auto-reply/auto-reply/reply/agent-runner-memory.js +160 -0
package/dist/auto-reply/auto-reply/reply/agent-runner-payloads.js +85 -0
package/dist/auto-reply/auto-reply/reply/agent-runner-utils.js +101 -0
package/dist/auto-reply/auto-reply/reply/bash-command.js +338 -0
package/dist/auto-reply/auto-reply/reply/block-streaming.js +91 -0
package/dist/auto-reply/auto-reply/reply/commands-approve.js +88 -0
package/dist/auto-reply/auto-reply/reply/commands-bash.js +26 -0
package/dist/auto-reply/auto-reply/reply/commands-compact.js +107 -0
package/dist/auto-reply/auto-reply/reply/commands-config.js +241 -0
package/dist/auto-reply/auto-reply/reply/commands-context-report.js +295 -0
package/dist/auto-reply/auto-reply/reply/commands-context.js +30 -0
package/dist/auto-reply/auto-reply/reply/commands-core.js +151 -0
package/dist/auto-reply/auto-reply/reply/commands-export-session.js +163 -0
package/dist/auto-reply/auto-reply/reply/commands-info.js +184 -0
package/dist/auto-reply/auto-reply/reply/commands-models.js +299 -0
package/dist/auto-reply/auto-reply/reply/commands-plugin.js +35 -0
package/dist/auto-reply/auto-reply/reply/commands-ptt.js +171 -0
package/dist/auto-reply/auto-reply/reply/commands-setunset-standard.js +13 -0
package/dist/auto-reply/auto-reply/reply/commands-setunset.js +73 -0
package/dist/auto-reply/auto-reply/reply/commands-slash-parse.js +31 -0
package/dist/auto-reply/auto-reply/reply/commands-status.js +178 -0
package/dist/auto-reply/auto-reply/reply/commands-subagents.js +73 -0
package/dist/auto-reply/auto-reply/reply/commands-system-prompt.js +117 -0
package/dist/auto-reply/auto-reply/reply/commands-tts.js +231 -0
package/dist/auto-reply/auto-reply/reply/directive-handling.impl.js +380 -0
package/dist/auto-reply/auto-reply/reply/followup-runner.js +227 -0
package/dist/auto-reply/auto-reply/reply/get-reply-directives-apply.js +201 -0
package/dist/auto-reply/auto-reply/reply/get-reply-directives-utils.js +54 -0
package/dist/auto-reply/auto-reply/reply/get-reply-directives.js +332 -0
package/dist/auto-reply/auto-reply/reply/get-reply-inline-actions.js +258 -0
package/dist/auto-reply/auto-reply/reply/get-reply-run.js +297 -0
package/dist/auto-reply/auto-reply/reply/groups.js +102 -0
package/dist/auto-reply/auto-reply/reply/mentions.js +129 -0
package/dist/auto-reply/auto-reply/reply/reply-delivery.js +92 -0
package/dist/auto-reply/auto-reply/reply/reply-directives.js +30 -0
package/dist/auto-reply/auto-reply/reply/reply-dispatcher.js +152 -0
package/dist/auto-reply/auto-reply/reply/reply-elevated.js +166 -0
package/dist/auto-reply/auto-reply/reply/reply-inline.js +28 -0
package/dist/auto-reply/auto-reply/reply/reply-payloads.js +114 -0
package/dist/auto-reply/auto-reply/reply/reply-reference.js +36 -0
package/dist/auto-reply/auto-reply/reply/reply-tags.js +13 -0
package/dist/auto-reply/auto-reply/reply/reply-threading.js +41 -0
package/dist/auto-reply/auto-reply/reply/session-updates.js +233 -0
package/dist/auto-reply/auto-reply/reply/stage-sandbox-media.js +146 -0
package/dist/build-info.json +3 -3
package/dist/canvas-host/a2ui/.bundle.hash +1 -1
package/dist/canvas-host/a2ui/a2ui.bundle.js +2 -17772
package/dist/canvas-host/a2ui/index.html +1 -307
package/dist/channels/channels/directory-config.js +185 -0
package/dist/channels/channels/discord/handle-action.guild-admin.js +332 -0
package/dist/channels/channels/discord/handle-action.js +165 -0
package/dist/channels/channels/discord.js +413 -0
package/dist/channels/channels/dock.js +436 -0
package/dist/channels/channels/index.js +51 -0
package/dist/channels/channels/plugins/outbound/discord.js +101 -0
package/dist/channels/channels/whatsapp.js +17 -0
package/dist/channels/plugins/types.js +1 -1
package/dist/channels/run-state-machine.js +7 -0
package/dist/commands/models/auth.js +47 -1
package/dist/commands-subagents/action-agents.js +44 -0
package/dist/commands-subagents/action-focus.js +64 -0
package/dist/commands-subagents/action-help.js +4 -0
package/dist/commands-subagents/action-info.js +45 -0
package/dist/commands-subagents/action-kill.js +60 -0
package/dist/commands-subagents/action-list.js +44 -0
package/dist/commands-subagents/action-log.js +29 -0
package/dist/commands-subagents/action-send.js +119 -0
package/dist/commands-subagents/action-spawn.js +52 -0
package/dist/commands-subagents/action-unfocus.js +30 -0
package/dist/commands-subagents/shared.js +303 -0
package/dist/config/config.js +1 -8
package/dist/config/types.secrets.js +61 -0
package/dist/control-ui/assets/{index-D7shnQwQ.js → index-umCsvrWy.js} +884 -741
package/dist/control-ui/assets/index-umCsvrWy.js.map +1 -0
package/dist/control-ui/assets/pt-BR-DedEVAvY.js +2 -0
package/dist/control-ui/assets/pt-BR-DedEVAvY.js.map +1 -0
package/dist/control-ui/assets/zh-CN-CDzeklK-.js +2 -0
package/dist/control-ui/assets/zh-CN-CDzeklK-.js.map +1 -0
package/dist/control-ui/assets/zh-TW-BJCRYNWH.js +2 -0
package/dist/control-ui/assets/zh-TW-BJCRYNWH.js.map +1 -0
package/dist/control-ui/index.html +1 -1
package/dist/gateway/method-scopes.js +9 -1
package/dist/gateway/node-pending-work.js +142 -0
package/dist/gateway/protocol/index.js +5 -1
package/dist/gateway/protocol/schema/nodes.js +18 -0
package/dist/gateway/server-methods/nodes-pending.js +96 -0
package/dist/gateway/server-methods-list.js +4 -0
package/dist/gateway/server-methods.js +2 -0
package/dist/imessage/channel.js +253 -0
package/dist/imessage/monitor/echo-cache.js +70 -0
package/dist/imessage/monitor/loop-rate-limiter.js +51 -0
package/dist/imessage/monitor/reflection-guard.js +50 -0
package/dist/imessage/monitor/sanitize-outbound.js +25 -0
package/dist/imessage/monitor/self-chat-cache.js +75 -0
package/dist/imessage/runtime.js +3 -0
package/dist/infra/exec-approval-reply.js +7 -0
package/dist/infra/tmp-openclaw-dir.js +84 -0
package/dist/pairing/pairing-challenge.js +15 -0
package/dist/plugin-sdk/account-id.d.ts +1 -0
package/dist/plugin-sdk/agent-media-payload.d.ts +12 -0
package/dist/plugin-sdk/allow-from.d.ts +27 -0
package/dist/plugin-sdk/command-auth.d.ts +25 -0
package/dist/plugin-sdk/command-auth.js +3 -1
package/dist/plugin-sdk/config-paths.d.ts +6 -0
package/dist/plugin-sdk/file-lock.d.ts +16 -0
package/dist/plugin-sdk/index.d.ts +428 -0
package/dist/plugin-sdk/index.js +237 -103
package/dist/plugin-sdk/json-store.d.ts +5 -0
package/dist/plugin-sdk/keyed-async-queue.d.ts +12 -0
package/dist/plugin-sdk/onboarding.d.ts +11 -0
package/dist/plugin-sdk/provider-auth-result.d.ts +14 -0
package/dist/plugin-sdk/slack-message-actions.d.ts +11 -0
package/dist/plugin-sdk/status-helpers.d.ts +25 -0
package/dist/plugin-sdk/temp-path.d.ts +12 -0
package/dist/plugin-sdk/text-chunking.d.ts +1 -0
package/dist/plugin-sdk/tool-send.d.ts +4 -0
package/dist/plugin-sdk/webhook-path.d.ts +6 -0
package/dist/plugin-sdk/webhook-targets.d.ts +23 -0
package/dist/plugin-sdk/windows-spawn.d.ts +39 -0
package/dist/plugin-sdk-internal/accounts.js +6 -0
package/dist/plugin-sdk-internal/discord.js +23 -0
package/dist/plugin-sdk-internal/imessage.js +13 -0
package/dist/plugin-sdk-internal/setup.js +9 -0
package/dist/plugin-sdk-internal/signal.js +13 -0
package/dist/plugin-sdk-internal/slack.js +22 -0
package/dist/plugin-sdk-internal/telegram.js +32 -0
package/dist/plugin-sdk-internal/whatsapp.js +29 -0
package/dist/routing/session-key.js +4 -185
package/dist/shared/pid-alive.js +2 -61
package/dist/shared/process-scoped-map.js +5 -7
package/dist/signal/channel.js +264 -0
package/dist/signal/monitor/access-policy.js +60 -0
package/dist/signal/runtime.js +3 -0
package/dist/slack/account-inspect.js +135 -0
package/dist/slack/blocks-input.js +7 -38
package/dist/slack/channel.js +394 -0
package/dist/slack/interactive-replies.js +28 -0
package/dist/slack/monitor/channel-type.js +31 -0
package/dist/slack/monitor/dm-auth.js +49 -0
package/dist/slack/monitor/events/interactions.modal.js +137 -0
package/dist/slack/monitor/events/message-subtype-handlers.js +68 -0
package/dist/slack/monitor/events/system-event-context.js +29 -0
package/dist/slack/monitor/events/system-event-test-harness.js +41 -0
package/dist/slack/monitor/external-arg-menu-store.js +46 -0
package/dist/slack/monitor/message-handler/prepare-content.js +69 -0
package/dist/slack/monitor/message-handler/prepare-thread-context.js +91 -0
package/dist/slack/monitor/message-handler/prepare.test-helpers.js +55 -0
package/dist/slack/monitor/reconnect-policy.js +78 -0
package/dist/slack/monitor/slash-commands.runtime.js +1 -0
package/dist/slack/monitor/slash-dispatch.runtime.js +9 -0
package/dist/slack/monitor/slash-skill-commands.runtime.js +1 -0
package/dist/slack/resolve-allowlist-common.js +36 -0
package/dist/slack/runtime.js +3 -0
package/dist/slack/sent-thread-cache.js +61 -0
package/dist/slack/truncate.js +10 -0
package/dist/telegram/account-inspect.js +175 -0
package/dist/telegram/allow-from.js +10 -0
package/dist/telegram/api-fetch.js +18 -0
package/dist/telegram/approval-buttons.js +30 -0
package/dist/telegram/audit-membership-runtime.js +61 -0
package/dist/telegram/bot/delivery.replies.js +508 -0
package/dist/telegram/bot/delivery.resolve-media.js +227 -0
package/dist/telegram/bot/delivery.send.js +132 -0
package/dist/telegram/bot/reply-threading.js +46 -0
package/dist/telegram/bot-message-context.body.js +186 -0
package/dist/telegram/bot-message-context.session.js +207 -0
package/dist/telegram/bot-message-context.types.js +1 -0
package/dist/telegram/bot-native-commands.test-helpers.js +117 -0
package/dist/telegram/bot.media.e2e-harness.js +81 -0
package/dist/telegram/bot.media.test-utils.js +81 -0
package/dist/telegram/channel-actions.js +225 -0
package/dist/telegram/channel.js +515 -0
package/dist/telegram/conversation-route.js +107 -0
package/dist/telegram/delivery.js +2 -0
package/dist/telegram/delivery.replies.js +508 -0
package/dist/telegram/dm-access.js +86 -0
package/dist/telegram/draft-stream.test-helpers.js +62 -0
package/dist/telegram/exec-approvals-handler.js +281 -0
package/dist/telegram/exec-approvals.js +62 -0
package/dist/telegram/forum-service-message.js +22 -0
package/dist/telegram/group-config-helpers.js +10 -0
package/dist/telegram/lane-delivery-state.js +19 -0
package/dist/telegram/lane-delivery-text-deliverer.js +357 -0
package/dist/telegram/lane-delivery.js +2 -0
package/dist/telegram/normalize.js +37 -0
package/dist/telegram/onboarding.js +192 -0
package/dist/telegram/outbound-adapter.js +100 -0
package/dist/telegram/polling-session.js +275 -0
package/dist/telegram/runtime.js +3 -0
package/dist/telegram/sendchataction-401-backoff.js +71 -0
package/dist/telegram/sequential-key.js +46 -0
package/dist/telegram/status-issues.js +105 -0
package/dist/telegram/target-writeback.js +165 -0
package/dist/telegram/thread-bindings.js +560 -0
package/dist/utils.js +32 -257
package/dist/wizard/prompts.js +5 -5
package/extensions/feishu/src/policy.ts +1 -1
package/extensions/firecrawl/index.test.ts +82 -0
package/extensions/firecrawl/index.ts +20 -0
package/extensions/firecrawl/openclaw.plugin.json +8 -0
package/extensions/firecrawl/package.json +12 -0
package/extensions/firecrawl/src/config.ts +159 -0
package/extensions/firecrawl/src/firecrawl-client.ts +446 -0
package/extensions/firecrawl/src/firecrawl-scrape-tool.ts +89 -0
package/extensions/firecrawl/src/firecrawl-search-provider.ts +63 -0
package/extensions/firecrawl/src/firecrawl-search-tool.ts +76 -0
package/package.json +1 -1
package/dist/.buildstamp +0 -1
package/dist/acp/bindings-store.js +0 -209
package/dist/acp/control-plane/runtime-cache.js +0 -54
package/dist/acp/control-plane/runtime-options.js +0 -215
package/dist/acp/control-plane/session-actor-queue.js +0 -36
package/dist/acp/index.js +0 -2
package/dist/acp/runtime/errors.js +0 -47
package/dist/acp/runtime/registry.js +0 -86
package/dist/acp/secret-file.js +0 -22
package/dist/agents/auth-profiles.resolve-auth-profile-order.fixtures.js +0 -23
package/dist/agents/bash-process-registry.test-helpers.js +0 -29
package/dist/agents/bash-tools.exec-approval-request.js +0 -20
package/dist/agents/bash-tools.exec-host-gateway.js +0 -240
package/dist/agents/bash-tools.exec-host-node.js +0 -235
package/dist/agents/checkpoint-manager.js +0 -290
package/dist/agents/claude-cli-runner.js +0 -3
package/dist/agents/error-classifier.js +0 -251
package/dist/agents/live-model-filter.js +0 -84
package/dist/agents/nvidia-models.js +0 -228
package/dist/agents/pi-embedded-runner/run.overflow-compaction.fixture.js +0 -34
package/dist/agents/pi-embedded-runner/run.overflow-compaction.mocks.shared.js +0 -156
package/dist/agents/pi-embedded-subscribe.handlers.tools.media.test-helpers.js +0 -30
package/dist/agents/provider/config-loader.js +0 -76
package/dist/agents/provider/index.js +0 -15
package/dist/agents/provider/models-dev.js +0 -129
package/dist/agents/provider/session-binding.js +0 -376
package/dist/agents/queued-file-writer.js +0 -22
package/dist/agents/skills/bundled-context.js +0 -23
package/dist/agents/skills/security.js +0 -211
package/dist/agents/skills/tools-dir.js +0 -9
package/dist/agents/skills-install-download.js +0 -290
package/dist/agents/skills-install-output.js +0 -30
package/dist/agents/skills-install.download-test-utils.js +0 -36
package/dist/agents/skills.test-helpers.js +0 -13
package/dist/agents/subagent-announce-reliability.js +0 -160
package/dist/agents/subagent-registry.mocks.shared.js +0 -12
package/dist/agents/test-helpers/assistant-message-fixtures.js +0 -29
package/dist/agents/test-helpers/fast-coding-tools.js +0 -1
package/dist/agents/test-helpers/fast-core-tools.js +0 -8
package/dist/agents/test-helpers/fast-tool-stubs.js +0 -18
package/dist/agents/test-helpers/host-sandbox-fs-bridge.js +0 -74
package/dist/agents/test-helpers/pi-tools-sandbox-context.js +0 -27
package/dist/agents/tool-display-common.js +0 -915
package/dist/agents/tool-policy-shared.js +0 -108
package/dist/agents/tool-policy.conformance.js +0 -14
package/dist/agents/tool-result-truncation.js +0 -299
package/dist/agents/tools/cron-tool.test-helpers.js +0 -12
package/dist/agents/tools/discord-actions-moderation-shared.js +0 -27
package/dist/agents/tools/discord-actions-presence.js +0 -78
package/dist/control-ui/assets/index-D7shnQwQ.js.map +0 -1
package/dist/discord/discord-improvements.js +0 -167
package/dist/discord/index.js +0 -2
package/dist/hooks/bundled/boot-md/HOOK.md +0 -19
package/dist/hooks/bundled/command-logger/HOOK.md +0 -122
package/dist/hooks/bundled/session-memory/HOOK.md +0 -86
package/dist/hooks/bundled/soul-evil/HOOK.md +0 -71
package/dist/whatsapp/normalize.js +0 -66
package/dist/whatsapp/resolve-outbound-target.js +0 -42
/package/dist/{acp/runtime/types.js → auto-reply/auto-reply/reply/commands-types.js} +0 -0
/package/dist/{agents/pi-embedded-payloads.js → slack/account-surface-fields.js} +0 -0

package/dist/agents/bash-process-registry.test-helpers.js DELETED Viewed

@@ -1,29 +0,0 @@
-export function createProcessSessionFixture(params) {
-    const session = {
-        id: params.id,
-        command: params.command ?? "test",
-        startedAt: params.startedAt ?? Date.now(),
-        cwd: params.cwd ?? "/tmp",
-        maxOutputChars: params.maxOutputChars ?? 10_000,
-        pendingMaxOutputChars: params.pendingMaxOutputChars ?? 30_000,
-        totalOutputChars: 0,
-        pendingStdout: [],
-        pendingStderr: [],
-        pendingStdoutChars: 0,
-        pendingStderrChars: 0,
-        aggregated: "",
-        tail: "",
-        exited: false,
-        exitCode: undefined,
-        exitSignal: undefined,
-        truncated: false,
-        backgrounded: params.backgrounded ?? false,
-    };
-    if (params.pid !== undefined) {
-        session.pid = params.pid;
-    }
-    if (params.child) {
-        session.child = params.child;
-    }
-    return session;
-}

package/dist/agents/bash-tools.exec-approval-request.js DELETED Viewed

@@ -1,20 +0,0 @@
-import { DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS, DEFAULT_APPROVAL_TIMEOUT_MS, } from "./bash-tools.exec-runtime.js";
-import { callGatewayTool } from "./tools/gateway.js";
-export async function requestExecApprovalDecision(params) {
-    const decisionResult = await callGatewayTool("exec.approval.request", { timeoutMs: DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS }, {
-        id: params.id,
-        command: params.command,
-        cwd: params.cwd,
-        host: params.host,
-        security: params.security,
-        ask: params.ask,
-        agentId: params.agentId,
-        resolvedPath: params.resolvedPath,
-        sessionKey: params.sessionKey,
-        timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
-    });
-    const decisionValue = decisionResult && typeof decisionResult === "object"
-        ? decisionResult.decision
-        : undefined;
-    return typeof decisionValue === "string" ? decisionValue : null;
-}

package/dist/agents/bash-tools.exec-host-gateway.js DELETED Viewed

@@ -1,240 +0,0 @@
-import crypto from "node:crypto";
-import { addAllowlistEntry, buildSafeBinsShellCommand, buildSafeShellCommand, evaluateShellAllowlist, maxAsk, minSecurity, recordAllowlistUse, requiresExecApproval, resolveAllowAlwaysPatterns, resolveExecApprovals, } from "../infra/exec-approvals.js";
-import { markBackgrounded, tail } from "./bash-process-registry.js";
-import { requestExecApprovalDecision } from "./bash-tools.exec-approval-request.js";
-import { DEFAULT_APPROVAL_TIMEOUT_MS, DEFAULT_NOTIFY_TAIL_CHARS, createApprovalSlug, emitExecSystemEvent, normalizeNotifyOutput, runExecProcess, } from "./bash-tools.exec-runtime.js";
-export async function processGatewayAllowlist(params) {
-    const approvals = resolveExecApprovals(params.agentId, {
-        security: params.security,
-        ask: params.ask,
-    });
-    const hostSecurity = minSecurity(params.security, approvals.agent.security);
-    const hostAsk = maxAsk(params.ask, approvals.agent.ask);
-    const askFallback = approvals.agent.askFallback;
-    if (hostSecurity === "deny") {
-        throw new Error("exec denied: host=gateway security=deny");
-    }
-    const allowlistEval = evaluateShellAllowlist({
-        command: params.command,
-        allowlist: approvals.allowlist,
-        safeBins: params.safeBins,
-        cwd: params.workdir,
-        env: params.env,
-        platform: process.platform,
-        trustedSafeBinDirs: params.trustedSafeBinDirs,
-    });
-    const allowlistMatches = allowlistEval.allowlistMatches;
-    const analysisOk = allowlistEval.analysisOk;
-    const allowlistSatisfied = hostSecurity === "allowlist" && analysisOk ? allowlistEval.allowlistSatisfied : false;
-    const hasHeredocSegment = allowlistEval.segments.some((segment) => segment.argv.some((token) => token.startsWith("<<")));
-    const requiresHeredocApproval = hostSecurity === "allowlist" && analysisOk && allowlistSatisfied && hasHeredocSegment;
-    const requiresAsk = requiresExecApproval({
-        ask: hostAsk,
-        security: hostSecurity,
-        analysisOk,
-        allowlistSatisfied,
-    }) || requiresHeredocApproval;
-    if (requiresHeredocApproval) {
-        params.warnings.push("Warning: heredoc execution requires explicit approval in allowlist mode.");
-    }
-    if (requiresAsk) {
-        const approvalId = crypto.randomUUID();
-        const approvalSlug = createApprovalSlug(approvalId);
-        const expiresAtMs = Date.now() + DEFAULT_APPROVAL_TIMEOUT_MS;
-        const contextKey = `exec:${approvalId}`;
-        const resolvedPath = allowlistEval.segments[0]?.resolution?.resolvedPath;
-        const noticeSeconds = Math.max(1, Math.round(params.approvalRunningNoticeMs / 1000));
-        const effectiveTimeout = typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec;
-        const warningText = params.warnings.length ? `${params.warnings.join("\n")}\n\n` : "";
-        void (async () => {
-            let decision = null;
-            try {
-                decision = await requestExecApprovalDecision({
-                    id: approvalId,
-                    command: params.command,
-                    cwd: params.workdir,
-                    host: "gateway",
-                    security: hostSecurity,
-                    ask: hostAsk,
-                    agentId: params.agentId,
-                    resolvedPath,
-                    sessionKey: params.sessionKey,
-                });
-            }
-            catch {
-                emitExecSystemEvent(`Exec denied (gateway id=${approvalId}, approval-request-failed): ${params.command}`, {
-                    sessionKey: params.notifySessionKey,
-                    contextKey,
-                });
-                return;
-            }
-            let approvedByAsk = false;
-            let deniedReason = null;
-            if (decision === "deny") {
-                deniedReason = "user-denied";
-            }
-            else if (!decision) {
-                if (askFallback === "full") {
-                    approvedByAsk = true;
-                }
-                else if (askFallback === "allowlist") {
-                    if (!analysisOk || !allowlistSatisfied) {
-                        deniedReason = "approval-timeout (allowlist-miss)";
-                    }
-                    else {
-                        approvedByAsk = true;
-                    }
-                }
-                else {
-                    deniedReason = "approval-timeout";
-                }
-            }
-            else if (decision === "allow-once") {
-                approvedByAsk = true;
-            }
-            else if (decision === "allow-always") {
-                approvedByAsk = true;
-                if (hostSecurity === "allowlist") {
-                    const patterns = resolveAllowAlwaysPatterns({
-                        segments: allowlistEval.segments,
-                        cwd: params.workdir,
-                        env: params.env,
-                        platform: process.platform,
-                    });
-                    for (const pattern of patterns) {
-                        if (pattern) {
-                            addAllowlistEntry(approvals.file, params.agentId, pattern);
-                        }
-                    }
-                }
-            }
-            if (hostSecurity === "allowlist" && (!analysisOk || !allowlistSatisfied) && !approvedByAsk) {
-                deniedReason = deniedReason ?? "allowlist-miss";
-            }
-            if (deniedReason) {
-                emitExecSystemEvent(`Exec denied (gateway id=${approvalId}, ${deniedReason}): ${params.command}`, {
-                    sessionKey: params.notifySessionKey,
-                    contextKey,
-                });
-                return;
-            }
-            if (allowlistMatches.length > 0) {
-                const seen = new Set();
-                for (const match of allowlistMatches) {
-                    if (seen.has(match.pattern)) {
-                        continue;
-                    }
-                    seen.add(match.pattern);
-                    recordAllowlistUse(approvals.file, params.agentId, match, params.command, resolvedPath ?? undefined);
-                }
-            }
-            let run = null;
-            try {
-                run = await runExecProcess({
-                    command: params.command,
-                    workdir: params.workdir,
-                    env: params.env,
-                    sandbox: undefined,
-                    containerWorkdir: null,
-                    usePty: params.pty,
-                    warnings: params.warnings,
-                    maxOutput: params.maxOutput,
-                    pendingMaxOutput: params.pendingMaxOutput,
-                    notifyOnExit: false,
-                    notifyOnExitEmptySuccess: false,
-                    scopeKey: params.scopeKey,
-                    sessionKey: params.notifySessionKey,
-                    timeoutSec: effectiveTimeout,
-                });
-            }
-            catch {
-                emitExecSystemEvent(`Exec denied (gateway id=${approvalId}, spawn-failed): ${params.command}`, {
-                    sessionKey: params.notifySessionKey,
-                    contextKey,
-                });
-                return;
-            }
-            markBackgrounded(run.session);
-            let runningTimer = null;
-            if (params.approvalRunningNoticeMs > 0) {
-                runningTimer = setTimeout(() => {
-                    emitExecSystemEvent(`Exec running (gateway id=${approvalId}, session=${run?.session.id}, >${noticeSeconds}s): ${params.command}`, { sessionKey: params.notifySessionKey, contextKey });
-                }, params.approvalRunningNoticeMs);
-            }
-            const outcome = await run.promise;
-            if (runningTimer) {
-                clearTimeout(runningTimer);
-            }
-            const output = normalizeNotifyOutput(tail(outcome.aggregated || "", DEFAULT_NOTIFY_TAIL_CHARS));
-            const exitLabel = outcome.timedOut ? "timeout" : `code ${outcome.exitCode ?? "?"}`;
-            const summary = output
-                ? `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})\n${output}`
-                : `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})`;
-            emitExecSystemEvent(summary, { sessionKey: params.notifySessionKey, contextKey });
-        })();
-        return {
-            pendingResult: {
-                content: [
-                    {
-                        type: "text",
-                        text: `${warningText}Approval required (id ${approvalSlug}). ` +
-                            "Approve to run; updates will arrive after completion.",
-                    },
-                ],
-                details: {
-                    status: "approval-pending",
-                    approvalId,
-                    approvalSlug,
-                    expiresAtMs,
-                    host: "gateway",
-                    command: params.command,
-                    cwd: params.workdir,
-                },
-            },
-        };
-    }
-    if (hostSecurity === "allowlist" && (!analysisOk || !allowlistSatisfied)) {
-        throw new Error("exec denied: allowlist miss");
-    }
-    let execCommandOverride;
-    // If allowlist uses safeBins, sanitize only those stdin-only segments:
-    // disable glob/var expansion by forcing argv tokens to be literal via single-quoting.
-    if (hostSecurity === "allowlist" &&
-        analysisOk &&
-        allowlistSatisfied &&
-        allowlistEval.segmentSatisfiedBy.some((by) => by === "safeBins")) {
-        const safe = buildSafeBinsShellCommand({
-            command: params.command,
-            segments: allowlistEval.segments,
-            segmentSatisfiedBy: allowlistEval.segmentSatisfiedBy,
-            platform: process.platform,
-        });
-        if (!safe.ok || !safe.command) {
-            // Fallback: quote everything (safe, but may change glob behavior).
-            const fallback = buildSafeShellCommand({
-                command: params.command,
-                platform: process.platform,
-            });
-            if (!fallback.ok || !fallback.command) {
-                throw new Error(`exec denied: safeBins sanitize failed (${safe.reason ?? "unknown"})`);
-            }
-            params.warnings.push("Warning: safeBins hardening used fallback quoting due to parser mismatch.");
-            execCommandOverride = fallback.command;
-        }
-        else {
-            params.warnings.push("Warning: safeBins hardening disabled glob/variable expansion for stdin-only segments.");
-            execCommandOverride = safe.command;
-        }
-    }
-    if (allowlistMatches.length > 0) {
-        const seen = new Set();
-        for (const match of allowlistMatches) {
-            if (seen.has(match.pattern)) {
-                continue;
-            }
-            seen.add(match.pattern);
-            recordAllowlistUse(approvals.file, params.agentId, match, params.command, allowlistEval.segments[0]?.resolution?.resolvedPath);
-        }
-    }
-    return { execCommandOverride };
-}

package/dist/agents/bash-tools.exec-host-node.js DELETED Viewed

@@ -1,235 +0,0 @@
-import crypto from "node:crypto";
-import { evaluateShellAllowlist, maxAsk, minSecurity, requiresExecApproval, resolveExecApprovals, resolveExecApprovalsFromFile, } from "../infra/exec-approvals.js";
-import { buildNodeShellCommand } from "../infra/node-shell.js";
-import { requestExecApprovalDecision } from "./bash-tools.exec-approval-request.js";
-import { DEFAULT_APPROVAL_TIMEOUT_MS, createApprovalSlug, emitExecSystemEvent, } from "./bash-tools.exec-runtime.js";
-import { callGatewayTool } from "./tools/gateway.js";
-import { listNodes, resolveNodeIdFromList } from "./tools/nodes-utils.js";
-export async function executeNodeHostCommand(params) {
-    const approvals = resolveExecApprovals(params.agentId, {
-        security: params.security,
-        ask: params.ask,
-    });
-    const hostSecurity = minSecurity(params.security, approvals.agent.security);
-    const hostAsk = maxAsk(params.ask, approvals.agent.ask);
-    const askFallback = approvals.agent.askFallback;
-    if (hostSecurity === "deny") {
-        throw new Error("exec denied: host=node security=deny");
-    }
-    if (params.boundNode && params.requestedNode && params.boundNode !== params.requestedNode) {
-        throw new Error(`exec node not allowed (bound to ${params.boundNode})`);
-    }
-    const nodeQuery = params.boundNode || params.requestedNode;
-    const nodes = await listNodes({});
-    if (nodes.length === 0) {
-        throw new Error("exec host=node requires a paired node (none available). This requires a companion app or node host.");
-    }
-    let nodeId;
-    try {
-        nodeId = resolveNodeIdFromList(nodes, nodeQuery, !nodeQuery);
-    }
-    catch (err) {
-        if (!nodeQuery && String(err).includes("node required")) {
-            throw new Error("exec host=node requires a node id when multiple nodes are available (set tools.exec.node or exec.node).", { cause: err });
-        }
-        throw err;
-    }
-    const nodeInfo = nodes.find((entry) => entry.nodeId === nodeId);
-    const supportsSystemRun = Array.isArray(nodeInfo?.commands)
-        ? nodeInfo?.commands?.includes("system.run")
-        : false;
-    if (!supportsSystemRun) {
-        throw new Error("exec host=node requires a node that supports system.run (companion app or node host).");
-    }
-    const argv = buildNodeShellCommand(params.command, nodeInfo?.platform);
-    const nodeEnv = params.requestedEnv ? { ...params.requestedEnv } : undefined;
-    const baseAllowlistEval = evaluateShellAllowlist({
-        command: params.command,
-        allowlist: [],
-        safeBins: new Set(),
-        cwd: params.workdir,
-        env: params.env,
-        platform: nodeInfo?.platform,
-        trustedSafeBinDirs: params.trustedSafeBinDirs,
-    });
-    let analysisOk = baseAllowlistEval.analysisOk;
-    let allowlistSatisfied = false;
-    if (hostAsk === "on-miss" && hostSecurity === "allowlist" && analysisOk) {
-        try {
-            const approvalsSnapshot = await callGatewayTool("exec.approvals.node.get", { timeoutMs: 10_000 }, { nodeId });
-            const approvalsFile = approvalsSnapshot && typeof approvalsSnapshot === "object"
-                ? approvalsSnapshot.file
-                : undefined;
-            if (approvalsFile && typeof approvalsFile === "object") {
-                const resolved = resolveExecApprovalsFromFile({
-                    file: approvalsFile,
-                    agentId: params.agentId,
-                    overrides: { security: "allowlist" },
-                });
-                // Allowlist-only precheck; safe bins are node-local and may diverge.
-                const allowlistEval = evaluateShellAllowlist({
-                    command: params.command,
-                    allowlist: resolved.allowlist,
-                    safeBins: new Set(),
-                    cwd: params.workdir,
-                    env: params.env,
-                    platform: nodeInfo?.platform,
-                    trustedSafeBinDirs: params.trustedSafeBinDirs,
-                });
-                allowlistSatisfied = allowlistEval.allowlistSatisfied;
-                analysisOk = allowlistEval.analysisOk;
-            }
-        }
-        catch {
-            // Fall back to requiring approval if node approvals cannot be fetched.
-        }
-    }
-    const requiresAsk = requiresExecApproval({
-        ask: hostAsk,
-        security: hostSecurity,
-        analysisOk,
-        allowlistSatisfied,
-    });
-    const invokeTimeoutMs = Math.max(10_000, (typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec) * 1000 +
-        5_000);
-    const buildInvokeParams = (approvedByAsk, approvalDecision, runId) => ({
-        nodeId,
-        command: "system.run",
-        params: {
-            command: argv,
-            rawCommand: params.command,
-            cwd: params.workdir,
-            env: nodeEnv,
-            timeoutMs: typeof params.timeoutSec === "number" ? params.timeoutSec * 1000 : undefined,
-            agentId: params.agentId,
-            sessionKey: params.sessionKey,
-            approved: approvedByAsk,
-            approvalDecision: approvalDecision ?? undefined,
-            runId: runId ?? undefined,
-        },
-        idempotencyKey: crypto.randomUUID(),
-    });
-    if (requiresAsk) {
-        const approvalId = crypto.randomUUID();
-        const approvalSlug = createApprovalSlug(approvalId);
-        const expiresAtMs = Date.now() + DEFAULT_APPROVAL_TIMEOUT_MS;
-        const contextKey = `exec:${approvalId}`;
-        const noticeSeconds = Math.max(1, Math.round(params.approvalRunningNoticeMs / 1000));
-        const warningText = params.warnings.length ? `${params.warnings.join("\n")}\n\n` : "";
-        void (async () => {
-            let decision = null;
-            try {
-                decision = await requestExecApprovalDecision({
-                    id: approvalId,
-                    command: params.command,
-                    cwd: params.workdir,
-                    host: "node",
-                    security: hostSecurity,
-                    ask: hostAsk,
-                    agentId: params.agentId,
-                    sessionKey: params.sessionKey,
-                });
-            }
-            catch {
-                emitExecSystemEvent(`Exec denied (node=${nodeId} id=${approvalId}, approval-request-failed): ${params.command}`, { sessionKey: params.notifySessionKey, contextKey });
-                return;
-            }
-            let approvedByAsk = false;
-            let approvalDecision = null;
-            let deniedReason = null;
-            if (decision === "deny") {
-                deniedReason = "user-denied";
-            }
-            else if (!decision) {
-                if (askFallback === "full") {
-                    approvedByAsk = true;
-                    approvalDecision = "allow-once";
-                }
-                else if (askFallback === "allowlist") {
-                    // Defer allowlist enforcement to the node host.
-                }
-                else {
-                    deniedReason = "approval-timeout";
-                }
-            }
-            else if (decision === "allow-once") {
-                approvedByAsk = true;
-                approvalDecision = "allow-once";
-            }
-            else if (decision === "allow-always") {
-                approvedByAsk = true;
-                approvalDecision = "allow-always";
-            }
-            if (deniedReason) {
-                emitExecSystemEvent(`Exec denied (node=${nodeId} id=${approvalId}, ${deniedReason}): ${params.command}`, {
-                    sessionKey: params.notifySessionKey,
-                    contextKey,
-                });
-                return;
-            }
-            let runningTimer = null;
-            if (params.approvalRunningNoticeMs > 0) {
-                runningTimer = setTimeout(() => {
-                    emitExecSystemEvent(`Exec running (node=${nodeId} id=${approvalId}, >${noticeSeconds}s): ${params.command}`, { sessionKey: params.notifySessionKey, contextKey });
-                }, params.approvalRunningNoticeMs);
-            }
-            try {
-                await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(approvedByAsk, approvalDecision, approvalId));
-            }
-            catch {
-                emitExecSystemEvent(`Exec denied (node=${nodeId} id=${approvalId}, invoke-failed): ${params.command}`, {
-                    sessionKey: params.notifySessionKey,
-                    contextKey,
-                });
-            }
-            finally {
-                if (runningTimer) {
-                    clearTimeout(runningTimer);
-                }
-            }
-        })();
-        return {
-            content: [
-                {
-                    type: "text",
-                    text: `${warningText}Approval required (id ${approvalSlug}). ` +
-                        "Approve to run; updates will arrive after completion.",
-                },
-            ],
-            details: {
-                status: "approval-pending",
-                approvalId,
-                approvalSlug,
-                expiresAtMs,
-                host: "node",
-                command: params.command,
-                cwd: params.workdir,
-                nodeId,
-            },
-        };
-    }
-    const startedAt = Date.now();
-    const raw = await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(false, null));
-    const payload = raw && typeof raw === "object" ? raw.payload : undefined;
-    const payloadObj = payload && typeof payload === "object" ? payload : {};
-    const stdout = typeof payloadObj.stdout === "string" ? payloadObj.stdout : "";
-    const stderr = typeof payloadObj.stderr === "string" ? payloadObj.stderr : "";
-    const errorText = typeof payloadObj.error === "string" ? payloadObj.error : "";
-    const success = typeof payloadObj.success === "boolean" ? payloadObj.success : false;
-    const exitCode = typeof payloadObj.exitCode === "number" ? payloadObj.exitCode : null;
-    return {
-        content: [
-            {
-                type: "text",
-                text: stdout || stderr || errorText || "",
-            },
-        ],
-        details: {
-            status: success ? "completed" : "failed",
-            exitCode,
-            durationMs: Date.now() - startedAt,
-            aggregated: [stdout, stderr, errorText].filter(Boolean).join("\n"),
-            cwd: params.workdir,
-        },
-    };
-}