@poolzin/pool-bot 2026.3.7 → 2026.3.10

package/dist/agents/skills/security.js

@@ -0,0 +1,211 @@
+/**
+ * Skill Security Scanner
+ *
+ * Security scanning for PoolBot skills.
+ * Detects potential security issues in skill files.
+ *
+ * @module agents/skills/security
+ */
+// ============================================================================
+// Constants
+// ============================================================================
+const SCANNER_VERSION = "1.0.0";
+// Patterns that indicate potential security issues
+const PATTERNS = [
+    // Prompt injection attempts
+    {
+        type: "prompt_injection",
+        severity: "critical",
+        pattern: /ignore\s+(?:previous|above|prior)|disregard\s+(?:instructions?|prompt)|system\s*:\s*you\s+are|new\s+instructions?\s*:/i,
+        description: "Potential prompt injection attempt detected",
+        remediation: "Review skill content for malicious instruction overrides",
+    },
+    {
+        type: "prompt_injection",
+        severity: "high",
+        pattern: /\[\s*system\s*\]|\(\s*system\s*\)|\{\s*system\s*\}|\bDAN\b|do\s+anything\s+now/i,
+        description: "Suspicious system role reference",
+        remediation: "Verify skill doesn't attempt to override system behavior",
+    },
+    // Command injection
+    {
+        type: "command_injection",
+        severity: "critical",
+        pattern: /(?:bash|sh|zsh|cmd|powershell)\s+-c\s+["']|exec\s*\(|eval\s*\(|system\s*\(/i,
+        description: "Potential command injection pattern",
+        remediation: "Avoid executing arbitrary shell commands from skill content",
+    },
+    {
+        type: "command_injection",
+        severity: "high",
+        pattern: /`[^`]*(?:rm|del|format|mkfs|dd|wget|curl|fetch)[^`]*`|\$\([^)]*(?:rm|del|wget|curl)[^)]*\)/i,
+        description: "Dangerous command in template literal",
+        remediation: "Review shell command usage for safety",
+    },
+    // Path traversal
+    {
+        type: "path_traversal",
+        severity: "high",
+        pattern: /\.\.[/\\]|\.\.%2f|\.\.%5c|%2e%2e[/\\]/i,
+        description: "Path traversal attempt detected",
+        remediation: "Validate and sanitize all file paths",
+    },
+    // Suspicious patterns
+    {
+        type: "suspicious_pattern",
+        severity: "medium",
+        pattern: /(?:password|secret|token|key|credential)\s*=\s*["'][^"']{8,}["']/i,
+        description: "Hardcoded credential-like pattern",
+        remediation: "Use environment variables or secure secret storage",
+    },
+    {
+        type: "suspicious_pattern",
+        severity: "medium",
+        pattern: /base64\s*\(\s*["'][^"']{20,}["']\s*\)|atob\s*\(|btoa\s*\(/i,
+        description: "Suspicious encoding/decoding pattern",
+        remediation: "Verify encoding is not used to obfuscate malicious content",
+    },
+    // External dependencies
+    {
+        type: "external_dependency",
+        severity: "low",
+        pattern: /(?:npm|pip|gem|cargo|go\s+get)\s+install/i,
+        description: "External package installation mentioned",
+        remediation: "Verify all external dependencies are trustworthy",
+    },
+    // Data exfiltration
+    {
+        type: "data_exfiltration",
+        severity: "high",
+        pattern: /(?:https?:\/\/|ftp:\/\/)[^\s"']+(?:webhook|callback|exfil|collect|steal|send)/i,
+        description: "Potential data exfiltration endpoint",
+        remediation: "Verify all external URLs are legitimate",
+    },
+];
+// ============================================================================
+// Scanner
+// ============================================================================
+/**
+ * Scan skill content for security issues
+ */
+export function scanSkill(skillName, content) {
+    const findings = [];
+    const lines = content.split("\n");
+    for (const { type, severity, pattern, description, remediation } of PATTERNS) {
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            const matches = line.matchAll(pattern);
+            for (const match of matches) {
+                if (match.index !== undefined) {
+                    findings.push({
+                        type,
+                        severity,
+                        line: i + 1,
+                        column: match.index + 1,
+                        match: match[0].slice(0, 100), // Limit match length
+                        description,
+                        remediation,
+                    });
+                }
+            }
+        }
+    }
+    // Sort by severity
+    const severityOrder = ["critical", "high", "medium", "low", "info"];
+    findings.sort((a, b) => severityOrder.indexOf(a.severity) - severityOrder.indexOf(b.severity));
+    return {
+        skillName,
+        scannerVersion: SCANNER_VERSION,
+        scannedAt: new Date(),
+        findings,
+        passed: !findings.some((f) => f.severity === "critical" || f.severity === "high"),
+    };
+}
+/**
+ * Quick security check - returns true if skill passes basic security
+ */
+export function quickSecurityCheck(skillName, content) {
+    const report = scanSkill(skillName, content);
+    return report.passed;
+}
+/**
+ * Get security summary for display
+ */
+export function getSecuritySummary(report) {
+    const counts = {
+        critical: 0,
+        high: 0,
+        medium: 0,
+        low: 0,
+        info: 0,
+    };
+    for (const finding of report.findings) {
+        counts[finding.severity]++;
+    }
+    const hasCritical = counts.critical > 0;
+    const hasHigh = counts.high > 0;
+    const hasMedium = counts.medium > 0;
+    const hasLow = counts.low > 0;
+    if (hasCritical) {
+        return {
+            status: "Failed",
+            color: "red",
+            summary: `${counts.critical} critical, ${counts.high} high severity issues`,
+            counts,
+        };
+    }
+    if (hasHigh) {
+        return {
+            status: "Warning",
+            color: "yellow",
+            summary: `${counts.high} high severity issues`,
+            counts,
+        };
+    }
+    if (hasMedium || hasLow) {
+        return {
+            status: "Passed",
+            color: "yellow",
+            summary: `${counts.medium} medium, ${counts.low} low severity issues`,
+            counts,
+        };
+    }
+    return {
+        status: "Passed",
+        color: "green",
+        summary: "No security issues found",
+        counts,
+    };
+}
+/**
+ * Format findings for display
+ */
+export function formatFindings(findings) {
+    if (findings.length === 0) {
+        return ["No security issues found."];
+    }
+    const lines = [];
+    const bySeverity = {
+        critical: [],
+        high: [],
+        medium: [],
+        low: [],
+        info: [],
+    };
+    for (const finding of findings) {
+        bySeverity[finding.severity].push(finding);
+    }
+    for (const severity of ["critical", "high", "medium", "low", "info"]) {
+        const items = bySeverity[severity];
+        if (items.length === 0)
+            continue;
+        lines.push(`\n${severity.toUpperCase()} (${items.length}):`);
+        for (const finding of items) {
+            lines.push(`  [${finding.type}] Line ${finding.line}: ${finding.description}`);
+            if (finding.remediation) {
+                lines.push(`    → ${finding.remediation}`);
+            }
+        }
+    }
+    return lines;
+}

package/dist/build-info.json

@@ -1,5 +1,5 @@
 {
-  "version": "2026.3.7",
-  "commit": "2bb47cd934fe9cb9d58ee7210ee3997714a07f09",
-  "builtAt": "2026-03-07T19:13:06.611Z"
+  "version": "2026.3.10",
+  "commit": "2ec0a7b00dbe2a248658209e1a66d72b4a17ff41",
+  "builtAt": "2026-03-10T19:42:26.277Z"
 }

package/dist/cli/cron-cli/register.cron-dashboard.js

@@ -0,0 +1,339 @@
+import { danger } from "../../globals.js";
+import { defaultRuntime } from "../../runtime.js";
+import { colorize, isRich, theme } from "../../terminal/theme.js";
+import { renderTable } from "../../terminal/table.js";
+import { addGatewayClientOptions, callGatewayFromCli } from "../gateway-rpc.js";
+import { formatDurationHuman } from "../../infra/format-time/format-duration.js";
+import { resolveCronStaggerMs } from "../../cron/stagger.js";
+// Sparkline characters for visual history
+const SPARK_CHARS = ["▁", "▂", "▃", "▄", "▅", "▆", "▇", "█"];
+// Status indicators
+const STATUS_ICONS = {
+    ok: "●",
+    error: "✖",
+    running: "▶",
+    skipped: "○",
+    idle: "◌",
+    disabled: "⊘",
+};
+// Format relative time with color coding
+function formatRelativeTime(ms, nowMs) {
+    if (!ms)
+        return "-";
+    const delta = ms - nowMs;
+    const absMs = Math.abs(delta);
+    if (absMs < 60_000)
+        return delta >= 0 ? "<1m" : "<1m ago";
+    if (absMs < 3_600_000) {
+        const mins = Math.round(absMs / 60_000);
+        return delta >= 0 ? `${mins}m` : `${mins}m ago`;
+    }
+    if (absMs < 86_400_000) {
+        const hours = Math.round(absMs / 3_600_000);
+        return delta >= 0 ? `${hours}h` : `${hours}h ago`;
+    }
+    const days = Math.round(absMs / 86_400_000);
+    return delta >= 0 ? `${days}d` : `${days}d ago`;
+}
+// Format schedule compactly
+function formatScheduleCompact(job) {
+    const { schedule } = job;
+    if (schedule.kind === "at") {
+        const date = new Date(schedule.at);
+        return `once ${date.toLocaleDateString()}`;
+    }
+    if (schedule.kind === "every") {
+        return `every ${formatDurationHuman(schedule.everyMs)}`;
+    }
+    // cron
+    const staggerMs = resolveCronStaggerMs(schedule);
+    const stagger = staggerMs > 0 ? `~${formatDurationHuman(staggerMs)}` : "exact";
+    return `${schedule.expr} ${stagger}`;
+}
+// Get status with icon
+function getStatusDisplay(job, rich) {
+    if (!job.enabled) {
+        return rich ? `${colorize(rich, theme.muted, STATUS_ICONS.disabled)} disabled` : "disabled";
+    }
+    if (job.state.runningAtMs) {
+        return rich ? `${colorize(rich, theme.warn, STATUS_ICONS.running)} running` : "running";
+    }
+    const status = job.state.lastStatus ?? "idle";
+    const icon = STATUS_ICONS[status] ?? STATUS_ICONS.idle;
+    if (!rich)
+        return status;
+    switch (status) {
+        case "ok":
+            return `${colorize(rich, theme.success, icon)} ${status}`;
+        case "error":
+            return `${colorize(rich, theme.error, icon)} ${status}`;
+        case "skipped":
+            return `${colorize(rich, theme.muted, icon)} ${status}`;
+        default:
+            return `${colorize(rich, theme.muted, icon)} ${status}`;
+    }
+}
+// Generate sparkline from execution history (simulated from state)
+function generateSparkline(job, rich) {
+    // In a real implementation, this would use actual history data
+    // For now, we create a visual indicator based on recent state
+    const { consecutiveErrors = 0, lastStatus } = job.state;
+    if (!rich) {
+        return consecutiveErrors > 0 ? `!${consecutiveErrors}` : "-";
+    }
+    if (consecutiveErrors > 0) {
+        const level = Math.min(consecutiveErrors, SPARK_CHARS.length - 1);
+        return colorize(rich, theme.error, SPARK_CHARS[level].repeat(3));
+    }
+    if (lastStatus === "ok") {
+        return colorize(rich, theme.success, "▁▃▆");
+    }
+    return colorize(rich, theme.muted, "···");
+}
+// Format job target
+function formatTarget(job, rich) {
+    const { sessionTarget, agentId } = job;
+    if (!rich)
+        return agentId ?? sessionTarget ?? "-";
+    const target = sessionTarget === "isolated"
+        ? colorize(rich, theme.accentBright, "iso")
+        : colorize(rich, theme.accent, "main");
+    if (agentId) {
+        return `${target}:${colorize(rich, theme.info, agentId.slice(0, 8))}`;
+    }
+    return target;
+}
+// Calculate health score (0-100)
+function calculateHealthScore(job) {
+    if (!job.enabled)
+        return 100; // Disabled jobs are "healthy" by not running
+    if (job.state.runningAtMs)
+        return 100; // Currently running is fine
+    const { consecutiveErrors = 0, lastStatus, scheduleErrorCount = 0 } = job.state;
+    if (consecutiveErrors >= 5 || scheduleErrorCount >= 10)
+        return 0;
+    if (consecutiveErrors > 0)
+        return Math.max(0, 100 - consecutiveErrors * 20);
+    if (lastStatus === "error")
+        return 50;
+    if (lastStatus === "skipped")
+        return 75;
+    return 100;
+}
+// Get health indicator
+function getHealthIndicator(score, rich) {
+    if (!rich)
+        return `${score}%`;
+    if (score >= 90)
+        return colorize(rich, theme.success, "●");
+    if (score >= 70)
+        return colorize(rich, theme.warn, "●");
+    return colorize(rich, theme.error, "●");
+}
+// Print dashboard header
+function printDashboardHeader(runtime = defaultRuntime) {
+    const rich = isRich();
+    const now = new Date();
+    const timestamp = now.toLocaleString();
+    runtime.log("");
+    if (rich) {
+        runtime.log(colorize(rich, theme.heading, "╔═══════════════════════════════════════════════════════════╗"));
+        runtime.log(colorize(rich, theme.heading, `║  🕐 CRON DASHBOARD                              ${timestamp.padStart(26)} ║`));
+        runtime.log(colorize(rich, theme.heading, "╚═══════════════════════════════════════════════════════════╝"));
+    }
+    else {
+        runtime.log("═══════════════════════════════════════════════════════════");
+        runtime.log(`CRON DASHBOARD - ${timestamp}`);
+        runtime.log("═══════════════════════════════════════════════════════════");
+    }
+    runtime.log("");
+}
+// Print summary stats
+function printSummaryStats(jobs, runtime = defaultRuntime) {
+    const rich = isRich();
+    const now = Date.now();
+    const enabled = jobs.filter((j) => j.enabled).length;
+    const running = jobs.filter((j) => j.state.runningAtMs).length;
+    const errors = jobs.filter((j) => j.enabled && j.state.lastStatus === "error" && !j.state.runningAtMs).length;
+    const upcoming = jobs.filter((j) => j.enabled && j.state.nextRunAtMs && j.state.nextRunAtMs > now).length;
+    if (rich) {
+        const stats = [
+            `${colorize(rich, theme.info, "Total:")} ${jobs.length}`,
+            `${colorize(rich, theme.success, "Enabled:")} ${enabled}`,
+            `${colorize(rich, theme.warn, "Running:")} ${running}`,
+            `${colorize(rich, theme.error, "Errors:")} ${errors}`,
+            `${colorize(rich, theme.accent, "Upcoming:")} ${upcoming}`,
+        ].join("  │  ");
+        runtime.log(`  ${stats}`);
+    }
+    else {
+        runtime.log(`  Total: ${jobs.length} | Enabled: ${enabled} | Running: ${running} | Errors: ${errors} | Upcoming: ${upcoming}`);
+    }
+    runtime.log("");
+}
+// Print jobs table
+function printJobsTable(jobs, runtime = defaultRuntime) {
+    const rich = isRich();
+    const now = Date.now();
+    if (jobs.length === 0) {
+        runtime.log(rich
+            ? colorize(rich, theme.muted, "  No cron jobs configured.")
+            : "  No cron jobs configured.");
+        return;
+    }
+    // Sort: running first, then by next run time
+    const sortedJobs = [...jobs].sort((a, b) => {
+        if (a.state.runningAtMs && !b.state.runningAtMs)
+            return -1;
+        if (!a.state.runningAtMs && b.state.runningAtMs)
+            return 1;
+        if (!a.enabled && b.enabled)
+            return 1;
+        if (a.enabled && !b.enabled)
+            return -1;
+        const aNext = a.state.nextRunAtMs ?? Infinity;
+        const bNext = b.state.nextRunAtMs ?? Infinity;
+        return aNext - bNext;
+    });
+    const columns = [
+        { key: "health", header: "", align: "center", minWidth: 2, maxWidth: 3 },
+        {
+            key: "status",
+            header: rich ? colorize(rich, theme.heading, "Status") : "Status",
+            align: "left",
+            minWidth: 10,
+            maxWidth: 12,
+        },
+        {
+            key: "name",
+            header: rich ? colorize(rich, theme.heading, "Name") : "Name",
+            align: "left",
+            minWidth: 20,
+            flex: true,
+        },
+        {
+            key: "schedule",
+            header: rich ? colorize(rich, theme.heading, "Schedule") : "Schedule",
+            align: "left",
+            minWidth: 18,
+            maxWidth: 25,
+        },
+        {
+            key: "next",
+            header: rich ? colorize(rich, theme.heading, "Next") : "Next",
+            align: "right",
+            minWidth: 10,
+            maxWidth: 12,
+        },
+        {
+            key: "last",
+            header: rich ? colorize(rich, theme.heading, "Last") : "Last",
+            align: "right",
+            minWidth: 10,
+            maxWidth: 12,
+        },
+        {
+            key: "target",
+            header: rich ? colorize(rich, theme.heading, "Target") : "Target",
+            align: "left",
+            minWidth: 12,
+            maxWidth: 15,
+        },
+        {
+            key: "trend",
+            header: rich ? colorize(rich, theme.heading, "Trend") : "Trend",
+            align: "center",
+            minWidth: 4,
+            maxWidth: 6,
+        },
+    ];
+    const rows = sortedJobs.map((job) => {
+        const healthScore = calculateHealthScore(job);
+        const nextRun = formatRelativeTime(job.state.nextRunAtMs, now);
+        const lastRun = formatRelativeTime(job.state.lastRunAtMs, now);
+        // Color-code the times
+        const coloredNext = rich && job.enabled && job.state.nextRunAtMs
+            ? job.state.nextRunAtMs - now < 300_000
+                ? colorize(rich, theme.warn, nextRun) // < 5 min
+                : colorize(rich, theme.muted, nextRun)
+            : nextRun;
+        const coloredLast = rich && job.state.lastRunAtMs
+            ? now - job.state.lastRunAtMs < 300_000
+                ? colorize(rich, theme.accentBright, lastRun) // < 5 min ago
+                : colorize(rich, theme.muted, lastRun)
+            : lastRun;
+        return {
+            health: getHealthIndicator(healthScore, rich),
+            status: getStatusDisplay(job, rich),
+            name: rich ? colorize(rich, theme.info, job.name) : job.name,
+            schedule: formatScheduleCompact(job),
+            next: coloredNext,
+            last: coloredLast,
+            target: formatTarget(job, rich),
+            trend: generateSparkline(job, rich),
+        };
+    });
+    const table = renderTable({
+        columns,
+        rows,
+        border: rich ? "unicode" : "ascii",
+        padding: 1,
+    });
+    runtime.log(table);
+}
+// Print legend
+function printLegend(runtime = defaultRuntime) {
+    const rich = isRich();
+    runtime.log("");
+    if (rich) {
+        runtime.log(colorize(rich, theme.muted, "  Legend:"));
+        runtime.log(`    ${colorize(rich, theme.success, STATUS_ICONS.ok)} ok  ${colorize(rich, theme.error, STATUS_ICONS.error)} error  ${colorize(rich, theme.warn, STATUS_ICONS.running)} running  ${colorize(rich, theme.muted, STATUS_ICONS.skipped)} skipped  ${colorize(rich, theme.muted, STATUS_ICONS.disabled)} disabled`);
+        runtime.log(`    ${colorize(rich, theme.success, "●")} healthy  ${colorize(rich, theme.warn, "●")} warning  ${colorize(rich, theme.error, "●")} critical`);
+    }
+    else {
+        runtime.log("  Legend:");
+        runtime.log("    ● ok  ✖ error  ▶ running  ○ skipped  ⊘ disabled");
+        runtime.log("    ● healthy  ● warning  ● critical");
+    }
+}
+// Print footer with tips
+function printFooter(runtime = defaultRuntime) {
+    const rich = isRich();
+    runtime.log("");
+    if (rich) {
+        runtime.log(colorize(rich, theme.muted, "  Commands: poolbot cron list | poolbot cron add --help | poolbot cron status"));
+    }
+    else {
+        runtime.log("  Commands: poolbot cron list | poolbot cron add --help | poolbot cron status");
+    }
+    runtime.log("");
+}
+export function registerCronDashboardCommand(cron) {
+    addGatewayClientOptions(cron
+        .command("dashboard")
+        .alias("dash")
+        .description("Visual dashboard for cron jobs")
+        .option("--all", "Include disabled jobs", false)
+        .option("--json", "Output JSON (disables visual dashboard)", false)
+        .action(async (opts) => {
+        try {
+            const res = await callGatewayFromCli("cron.list", opts, {
+                includeDisabled: Boolean(opts.all),
+            });
+            if (opts.json) {
+                defaultRuntime.log(JSON.stringify(res, null, 2));
+                return;
+            }
+            const jobs = res?.jobs ?? [];
+            printDashboardHeader();
+            printSummaryStats(jobs);
+            printJobsTable(jobs);
+            printLegend();
+            printFooter();
+        }
+        catch (err) {
+            defaultRuntime.error(danger(String(err)));
+            defaultRuntime.exit(1);
+        }
+    }));
+}

package/dist/cli/cron-cli/register.js

@@ -1,6 +1,7 @@
 import { formatDocsLink } from "../../terminal/links.js";
 import { theme } from "../../terminal/theme.js";
 import { registerCronAddCommand, registerCronListCommand, registerCronStatusCommand, } from "./register.cron-add.js";
+import { registerCronDashboardCommand } from "./register.cron-dashboard.js";
 import { registerCronEditCommand } from "./register.cron-edit.js";
 import { registerCronSimpleCommands } from "./register.cron-simple.js";
 export function registerCronCli(program) {
@@ -10,6 +11,7 @@ export function registerCronCli(program) {
         .addHelpText("after", () => `\n${theme.muted("Docs:")} ${formatDocsLink("/cli/cron", "docs.molt.bot/cli/cron")}\n`);
     registerCronStatusCommand(cron);
     registerCronListCommand(cron);
+    registerCronDashboardCommand(cron);
     registerCronAddCommand(cron);
     registerCronSimpleCommands(cron);
     registerCronEditCommand(cron);