npm - @praxis.guard/auditor-cli - Versions diffs - 0.0.34 → 0.0.35 - Mend

@praxis.guard/auditor-cli 0.0.34 → 0.0.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/hooks/agent-message.d.ts.map +1 -1
package/dist/hooks/agent-message.js +26 -14
package/dist/hooks/agent-message.js.map +1 -1
package/package.json +1 -1

package/dist/hooks/agent-message.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,2DAA2D;IAC3D,cAAc,CAAC,EAAE;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,IAAI,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;~~AAMF~~,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,gBAAgB,~~CAuE3F~~;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACxD,cAAc,EAAE,OAAO,CAAC;CACzB,GAAG,MAAM,GAAG,SAAS,CAKrB"}
1	+ {"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,2DAA2D;IAC3D,cAAc,CAAC,EAAE;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,IAAI,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAkCF,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,gBAAgB,CAgE3F;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACxD,cAAc,EAAE,OAAO,CAAC;CACzB,GAAG,MAAM,GAAG,SAAS,CAKrB"}

package/dist/hooks/agent-message.js CHANGED Viewed

@@ -1,6 +1,26 @@
 function reasonsSummary(reasons) {
     return reasons.length > 0 ? reasons.join(",") : "policy";
 }
+/** First lines in user_message — Cursor delivers this on deny, not agent_message. */
+function mutateGuardWaitUserLead() {
+    return ("Required next step: call MCP tool `guard_wait` on the Praxis guard server before retrying this action.\n\n");
+}
+function mutateGuardWaitUserAgentBlock(proposalKind, argvJson, inline) {
+    if (inline) {
+        return (`Agent: MUST call MCP \`guard_wait\` now with \`context.approval.request_id\` = "${inline.request_id}", ` +
+            `\`context.wait_ms\` = 120000, and \`proposal\` matching this block ` +
+            `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
+            `Do not retry the command until \`guard_wait\` resolves. ` +
+            `Do not call \`guard\` instead of \`guard_wait\`. ` +
+            `Do not suggest running this command in the user's terminal or via another tool.`);
+    }
+    return (`Agent: MUST call MCP \`guard_wait\` now with \`context.wait_ms\` = 120000 and \`proposal\` matching this block ` +
+        `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
+        `If \`guard_wait\` returns \`require_approval\`, pass \`context.approval.request_id\` from the response and call \`guard_wait\` again until redeemed. ` +
+        `Direct the human to \`approval.open_url\` when shown. After \`guard_wait\` succeeds, retry this exact invocation once. ` +
+        `Do not call \`guard\` instead of \`guard_wait\`. ` +
+        `Do not suggest running this command in the user's terminal or via another tool.`);
+}
 export function formatHookDenyMessages(input) {
     const reasons = reasonsSummary(input.reasons);
     const argvJson = JSON.stringify([...input.argv]);
@@ -23,20 +43,12 @@ export function formatHookDenyMessages(input) {
     if (input.tier === "MUTATE") {
         const proposalKind = input.hook === "beforeMCPExecution" ? "mcp" : "shell";
         const inline = input.inlineApproval;
-        const userMessage = inline
-            ? `${blockedLabel}. Human approval required.\n` +
-                `Approval request ${inline.request_id} is pending — open ${inline.open_url}\n\n` +
-                `Agent: MUST call MCP \`guard_wait\` now with \`context.approval.request_id\` = "${inline.request_id}", ` +
-                `\`context.wait_ms\` = 120000, and \`proposal\` matching this block ` +
-                `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
-                `Do not retry the command until \`guard_wait\` resolves. ` +
-                `Do not suggest running this command in the user's terminal or via another tool.`
-            : `${blockedLabel}. Human approval required.\n\n` +
-                `Agent: call MCP \`guard_wait\` (preferred) or \`guard\` with \`mode\`: "enforce" and \`proposal\` matching this block ` +
-                `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
-                `On \`require_approval\`, direct the human to \`approval.open_url\` or Praxis Approvals. ` +
-                `After approval, retry this exact invocation once (hook consumes execution ticket). ` +
-                `Do not suggest running this command in the user's terminal or via another tool.`;
+        const userMessage = mutateGuardWaitUserLead() +
+            `${blockedLabel}. Human approval required (MUTATE policy).\n` +
+            (inline
+                ? `Approval request ${inline.request_id} is pending — human may open ${inline.open_url} while you run \`guard_wait\`.\n\n`
+                : "\n") +
+            mutateGuardWaitUserAgentBlock(proposalKind, argvJson, inline ?? null);
         const inlineAgent = inline
             ? ` Pending approval request_id=${inline.request_id} open_url=${inline.open_url}. ` +
                 `MUST call MCP \`guard_wait\` with this request_id, \`context.wait_ms\` (e.g. 120000), and the same proposal before any retry. ` +

package/dist/hooks/agent-message.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAsBA,SAAS,cAAc,CAAC,OAA0B;IAChD,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAkC;IACvE,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,MAAM,YAAY,GAChB,KAAK,CAAC,IAAI,KAAK,oBAAoB;QACjC,CAAC,CAAC,KAAK,CAAC,QAAQ;YACd,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC5D,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG;QAC3C,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG,CAAC;IAE9C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,OAAO;YACL,YAAY,EACV,GAAG,YAAY,iDAAiD;gBAChE,wFAAwF;gBACxF,6EAA6E;YAC/E,aAAa,EACX,qGAAqG;gBACrG,8EAA8E;gBAC9E,8HAA8H;gBAC9H,WAAW,OAAO,UAAU,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC;QAEpC,MAAM,WAAW,~~GAAG~~,~~MAAM~~;~~YACxB~~,~~CAAC,CAAC,~~GAAG,YAAY,~~8BAA8B~~;~~gBAC7C~~,~~oBAAoB~~,MAAM,CAAC,~~UAAU~~,~~sBAAsB~~,MAAM,CAAC,~~QAAQ~~,~~MAAM;gBAChF~~,~~mFAAmF,~~MAAM,CAAC,~~UAAU,KAAK;gBACzG,qEAAqE;gBACrE,eAAe,YAAY,gBAAgB,~~QAAQ,~~KAAK~~;~~gBACxD~~,~~0DAA0D;gBAC1D,iFAAiF;YACnF,~~CAAC,CAAC,~~GAAG~~,~~YAAY,gCAAgC~~;~~gBAC/C~~,~~wHAAwH;gBACxH~~,~~eAAe~~,YAAY,~~gBAAgB~~,QAAQ,~~KAAK;gBACxD~~,~~0FAA0F;gBAC1F~~,~~qFAAqF;gBACrF~~,~~iFAAiF~~,CAAC;~~QAEtF~~,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,gCAAgC,MAAM,CAAC,UAAU,aAAa,MAAM,CAAC,QAAQ,IAAI;gBACjF,gIAAgI;gBAChI,8FAA8F;YAChG,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;YACL,YAAY,EAAE,WAAW;YACzB,aAAa,EACX,sCAAsC,OAAO,UAAU,QAAQ,IAAI;gBACnE,mIAAmI;gBACnI,WAAW;gBACX,CAAC,MAAM;oBACL,CAAC,CAAC,2DAA2D;wBAC3D,eAAe,YAAY,wFAAwF;oBACrH,CAAC,CAAC,kHAAkH;wBAClH,eAAe,YAAY,8DAA8D;wBACzF,wFAAwF;wBACxF,oFAAoF,CAAC;SAC5F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,GAAG,YAAY,GAAG;QAChC,aAAa,EACX,0BAA0B,KAAK,CAAC,IAAI,cAAc,OAAO,UAAU,QAAQ,IAAI;YAC/E,8EAA8E;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,2FAA2F,CAAC;IACrG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
1	+ {"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAsBA,SAAS,cAAc,CAAC,OAA0B;IAChD,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC3D,CAAC;AAED,qFAAqF;AACrF,SAAS,uBAAuB;IAC9B,OAAO,CACL,4GAA4G,CAC7G,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CAAC,YAAoB,EAAE,QAAgB,EAAE,MAAqC;IAClH,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CACL,mFAAmF,MAAM,CAAC,UAAU,KAAK;YACzG,qEAAqE;YACrE,eAAe,YAAY,gBAAgB,QAAQ,KAAK;YACxD,0DAA0D;YAC1D,mDAAmD;YACnD,iFAAiF,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,CACL,iHAAiH;QACjH,eAAe,YAAY,gBAAgB,QAAQ,KAAK;QACxD,uJAAuJ;QACvJ,yHAAyH;QACzH,mDAAmD;QACnD,iFAAiF,CAClF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAkC;IACvE,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,MAAM,YAAY,GAChB,KAAK,CAAC,IAAI,KAAK,oBAAoB;QACjC,CAAC,CAAC,KAAK,CAAC,QAAQ;YACd,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC5D,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG;QAC3C,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG,CAAC;IAE9C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,OAAO;YACL,YAAY,EACV,GAAG,YAAY,iDAAiD;gBAChE,wFAAwF;gBACxF,6EAA6E;YAC/E,aAAa,EACX,qGAAqG;gBACrG,8EAA8E;gBAC9E,8HAA8H;gBAC9H,WAAW,OAAO,UAAU,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC;QAEpC,MAAM,WAAW,GACf,uBAAuB,EAAE;YACzB,GAAG,YAAY,8CAA8C;YAC7D,CAAC,MAAM;gBACL,CAAC,CAAC,oBAAoB,MAAM,CAAC,UAAU,gCAAgC,MAAM,CAAC,QAAQ,oCAAoC;gBAC1H,CAAC,CAAC,IAAI,CAAC;YACT,6BAA6B,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC;QAExE,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,gCAAgC,MAAM,CAAC,UAAU,aAAa,MAAM,CAAC,QAAQ,IAAI;gBACjF,gIAAgI;gBAChI,8FAA8F;YAChG,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;YACL,YAAY,EAAE,WAAW;YACzB,aAAa,EACX,sCAAsC,OAAO,UAAU,QAAQ,IAAI;gBACnE,mIAAmI;gBACnI,WAAW;gBACX,CAAC,MAAM;oBACL,CAAC,CAAC,2DAA2D;wBAC3D,eAAe,YAAY,wFAAwF;oBACrH,CAAC,CAAC,kHAAkH;wBAClH,eAAe,YAAY,8DAA8D;wBACzF,wFAAwF;wBACxF,oFAAoF,CAAC;SAC5F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,GAAG,YAAY,GAAG;QAChC,aAAa,EACX,0BAA0B,KAAK,CAAC,IAAI,cAAc,OAAO,UAAU,QAAQ,IAAI;YAC/E,8EAA8E;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,2FAA2F,CAAC;IACrG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@praxis.guard/auditor-cli",
-  "version": "0.0.34",
+  "version": "0.0.35",
   "private": false,
   "type": "module",
   "files": [