@spacebar_ai/moldclaw-core 2026.3.43 → 2026.3.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/accounts-5qY-dKca.d.ts +103 -0
- package/dist/accounts-SqdHz2ZP.js +114 -0
- package/dist/acp-cli-E6bcNqiE.js +2093 -0
- package/dist/actions.runtime-BU_XMuLk.js +119 -0
- package/dist/actions.runtime-CY5h8lqH.js +133 -0
- package/dist/agent-scope-lZlwP1At.js +208 -0
- package/dist/agents-C4SkadR1.js +853 -0
- package/dist/agents-RfwqGCzE.js +222 -0
- package/dist/agents.config-CX9CPNfP.js +17 -0
- package/dist/agents.config-DF9Zwn9n.js +121 -0
- package/dist/allow-list-3WSjz1zl.js +81 -0
- package/dist/allowlist-DNbDjFjw.js +142 -0
- package/dist/api-BEOpJ7dR.js +117 -0
- package/dist/audit-CpJz_eu6.js +787 -0
- package/dist/audit-CpfSjvyo.js +54 -0
- package/dist/audit-channel.collect.runtime-BeGotloZ.js +605 -0
- package/dist/audit-channel.runtime-BJDZ7ETt.js +121 -0
- package/dist/audit-extra.async-C2G0mqmk.js +813 -0
- package/dist/audit-membership-runtime-B1FqJsPV.js +162 -0
- package/dist/audit.deep.runtime-DyL9O_sU.js +25 -0
- package/dist/audit.nondeep.runtime-C6jFgJfH.js +832 -0
- package/dist/audit.runtime-Dnlsn23e.js +118 -0
- package/dist/auth-Ch3Rchm4.js +101 -0
- package/dist/auth-choice-CEFSlnLT.js +122 -0
- package/dist/auth-choice-CVCef-eU.js +268 -0
- package/dist/auth-choice-Cez-pXrg.js +507 -0
- package/dist/auth-choice-options-DO78mvPe.js +123 -0
- package/dist/auth-choice-prompt-CUkC7Mmb.js +36 -0
- package/dist/auth-choice-prompt-DCuQRiVl.js +115 -0
- package/dist/auth-choice.apply-helpers-BhbNIV8X.js +66 -0
- package/dist/auth-choice.plugin-providers.runtime-4BhqvEw_.js +119 -0
- package/dist/auth-profiles-smABVXzp.js +128040 -0
- package/dist/auth-profiles.runtime-Cr-ojtTc.js +116 -0
- package/dist/banner-CojBHPWr.js +342 -0
- package/dist/bluebubbles-BnLsj2Fy.d.ts +6 -0
- package/dist/bluebubbles-CVk7M3Bl.js +64 -0
- package/dist/bot-DdyrB2z9.d.ts +478 -0
- package/dist/brave-w4Fo8WZ3.js +24 -0
- package/dist/browser-cli-DWFs3P_i.js +1494 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.d.ts +1 -1
- package/dist/bundled/boot-md/handler.js +35 -35
- package/dist/bundled/bootstrap-extra-files/handler.d.ts +1 -1
- package/dist/bundled/bootstrap-extra-files/handler.js +1 -1
- package/dist/bundled/command-logger/handler.d.ts +1 -1
- package/dist/bundled/session-memory/handler.d.ts +1 -1
- package/dist/bundled/session-memory/handler.js +36 -36
- package/dist/call-Do7wTSr7.js +39 -0
- package/dist/call-gdDAt07d.js +640 -0
- package/dist/canvas-host/a2ui/.bundle.hash +1 -1
- package/dist/channel-B26pkce0.js +214 -0
- package/dist/channel-BJHp0AQC.js +352 -0
- package/dist/channel-BKFOv51P.js +4681 -0
- package/dist/channel-BNgpOY8v.js +538 -0
- package/dist/channel-BcQAAo2P.js +226 -0
- package/dist/channel-BvNdnhbx.js +1598 -0
- package/dist/channel-C1Rda3Jd.js +306 -0
- package/dist/channel-C87DG-F7.js +803 -0
- package/dist/channel-CIip0kvZ.js +619 -0
- package/dist/channel-CTPxoT_E2.js +316 -0
- package/dist/channel-CklaCzUG.js +562 -0
- package/dist/channel-CoJnAdLs.js +920 -0
- package/dist/channel-D3tafL1_.js +949 -0
- package/dist/channel-DFMrP2uu.js +542 -0
- package/dist/channel-DMd5cJQe.js +397 -0
- package/dist/channel-Dm34kxAJ.js +207 -0
- package/dist/channel-DmwF9udn.js +1321 -0
- package/dist/channel-account-context-Bjur9nlh.js +103 -0
- package/dist/channel-bGnST659.js +943 -0
- package/dist/channel-hIgbkTZf.js +575 -0
- package/dist/channel-m_TGrDKo.js +497 -0
- package/dist/channel-options-DoUPBMa8.js +50 -0
- package/dist/channel-plugin-ids-TZIY4hFs.js +26 -0
- package/dist/channel-summary-qD54bOBO.js +111 -0
- package/dist/channel.runtime-B0H04Dkk.js +199 -0
- package/dist/channel.runtime-BU1f3NkV.js +418 -0
- package/dist/channel.runtime-Bj1sfLep.js +4011 -0
- package/dist/channel.runtime-BtPAAJc3.js +870 -0
- package/dist/channel.runtime-Bx-10m_j.js +171 -0
- package/dist/channel.runtime-CI_TBywQ.js +179 -0
- package/dist/channel.runtime-CSLj14-Z.js +182 -0
- package/dist/channel.runtime-D-lTSYAd.js +404 -0
- package/dist/channel.runtime-DJqIOSji.js +127 -0
- package/dist/channel.runtime-Ec8aQ9V2.js +241 -0
- package/dist/channel.runtime-ax5a1jBm.js +218 -0
- package/dist/channel.setup-B-ncdYLT.js +9 -0
- package/dist/channel.setup-BY4bh5dm.js +9 -0
- package/dist/channel.setup-BovsdMnL.js +57 -0
- package/dist/channel.setup-CXzXA25h.js +6 -0
- package/dist/channel.setup-DcZUEufN.js +8 -0
- package/dist/channel.setup-E6zceRsE.js +8 -0
- package/dist/channel.setup-Pc7nGbdX.js +11 -0
- package/dist/channels/plugins/actions/discord.d.ts +2 -2
- package/dist/channels/plugins/actions/discord.js +35 -35
- package/dist/channels/plugins/actions/signal.d.ts +1 -1
- package/dist/channels/plugins/actions/signal.js +35 -35
- package/dist/channels/plugins/actions/telegram.d.ts +2 -2
- package/dist/channels/plugins/actions/telegram.js +35 -35
- package/dist/channels/plugins/agent-tools/whatsapp-login.d.ts +3 -3
- package/dist/channels/plugins/agent-tools/whatsapp-login.js +35 -35
- package/dist/channels-CPtE5ND6.js +404 -0
- package/dist/channels-Cj8ZolHI.js +1118 -0
- package/dist/channels-cli-D2sKrntt.js +291 -0
- package/dist/channels-status-issues-CzIHODg2.js +16 -0
- package/dist/clawbot-cli-BcwEDmUn.js +118 -0
- package/dist/cleanup-utils-D0L17RsX.js +96 -0
- package/dist/cli/daemon-cli.js +1 -1
- package/dist/cli-BvGVPKnD.js +154 -0
- package/dist/command-registry-CADQzTAg.js +14 -0
- package/dist/command-registry-ktiJNAJd.js +242 -0
- package/dist/command-secret-gateway-CXp10RTM.js +111 -0
- package/dist/compact.runtime-DyKL-Iar.js +116 -0
- package/dist/completion-cli-Bz4STrpt.js +17 -0
- package/dist/completion-cli-pVda2OFb.js +445 -0
- package/dist/config-BbvDRSYp.js +31 -0
- package/dist/config-CwBv71QC.js +44 -0
- package/dist/config-cli-Y0uXHbOw.js +678 -0
- package/dist/config-guard-BpW5g7JE.js +118 -0
- package/dist/config-validation-B-vLIsbo.js +262 -0
- package/dist/config-value-DT3-5958.js +132 -0
- package/dist/configure-B9U-jCqP.js +1100 -0
- package/dist/configure-BJ3Wrs5b.js +243 -0
- package/dist/control-ui-assets-C1YDYi82.js +232 -0
- package/dist/control-ui-shared-Dm5Dh0Lo.js +29 -0
- package/dist/core-BwKq3krw.js +150 -0
- package/dist/core-hjBwfDsW.d.ts +87 -0
- package/dist/cron-cli-DTDgfoMh.js +639 -0
- package/dist/daemon-cli-C-dkAXR1.js +339 -0
- package/dist/daemon-install-Oy0Q5pMF.js +180 -0
- package/dist/deliver-DNGnDqF9.js +111 -0
- package/dist/deliver-runtime-CCNZIhET.js +111 -0
- package/dist/device-id-cli-XvwZbIyC.js +52 -0
- package/dist/device-identity-IG5DngWM.js +365 -0
- package/dist/devices-cli-DIsxj4xp.js +342 -0
- package/dist/diagnostic-DTPopFvh.js +310 -0
- package/dist/directory-cli-DTSY3Ktr.js +311 -0
- package/dist/directory-config-helpers-DpFcAbmo.d.ts +38 -0
- package/dist/directory.static-CBRAUwUW.js +44 -0
- package/dist/discord-CrgxhEWw.js +114 -0
- package/dist/discovery-DrG7wmAR.js +48 -0
- package/dist/dm-policy-shared-DKoGdUpY.d.ts +95 -0
- package/dist/dns-cli-BJiz6CLK.js +217 -0
- package/dist/docs-cli-Dq2Yi5qO.js +174 -0
- package/dist/doctor-completion-D3GeVcFP.js +90 -0
- package/dist/doctor-config-flow-B1cMjr8h.js +112 -0
- package/dist/doctor-config-flow-BUe7JpV3.js +2437 -0
- package/dist/enable-Bc8bCuVe.js +24 -0
- package/dist/entry.js +4 -4
- package/dist/exec-approvals-cli-kLAev6bP.js +421 -0
- package/dist/extensions/acpx/index.d.ts +1 -1
- package/dist/extensions/amazon-bedrock/index.d.ts +1 -1
- package/dist/extensions/amazon-bedrock/index.js +4 -4
- package/dist/extensions/anthropic/index.d.ts +1 -1
- package/dist/extensions/anthropic/index.js +35 -35
- package/dist/extensions/bluebubbles/index.d.ts +1 -1
- package/dist/extensions/bluebubbles/index.js +39 -39
- package/dist/extensions/bluebubbles/setup-entry.d.ts +2 -2
- package/dist/extensions/bluebubbles/setup-entry.js +39 -39
- package/dist/extensions/brave/index.d.ts +1 -1
- package/dist/extensions/brave/index.js +5 -5
- package/dist/extensions/byteplus/index.d.ts +1 -1
- package/dist/extensions/byteplus/index.js +35 -35
- package/dist/extensions/cloudflare-ai-gateway/index.d.ts +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +36 -36
- package/dist/extensions/copilot-proxy/index.d.ts +1 -1
- package/dist/extensions/copilot-proxy/index.js +4 -4
- package/dist/extensions/device-pair/index.d.ts +1 -1
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/diagnostics-otel/index.d.ts +1 -1
- package/dist/extensions/diagnostics-otel/index.js +4 -4
- package/dist/extensions/diffs/index.d.ts +1 -1
- package/dist/extensions/discord/index.d.ts +1 -1
- package/dist/extensions/discord/index.js +40 -40
- package/dist/extensions/discord/setup-entry.d.ts +1 -1
- package/dist/extensions/discord/setup-entry.js +38 -38
- package/dist/extensions/elevenlabs/index.d.ts +1 -1
- package/dist/extensions/elevenlabs/index.js +35 -35
- package/dist/extensions/feishu/index.d.ts +2 -2
- package/dist/extensions/feishu/index.js +40 -40
- package/dist/extensions/feishu/setup-entry.d.ts +2 -2
- package/dist/extensions/feishu/setup-entry.js +37 -37
- package/dist/extensions/firecrawl/index.d.ts +1 -1
- package/dist/extensions/firecrawl/index.js +35 -35
- package/dist/extensions/github-copilot/index.d.ts +1 -1
- package/dist/extensions/github-copilot/index.js +35 -35
- package/dist/extensions/google/index.d.ts +1 -1
- package/dist/extensions/google/index.js +35 -35
- package/dist/extensions/googlechat/index.d.ts +1 -1
- package/dist/extensions/googlechat/index.js +38 -38
- package/dist/extensions/googlechat/setup-entry.d.ts +1 -1
- package/dist/extensions/googlechat/setup-entry.js +38 -38
- package/dist/extensions/huggingface/index.d.ts +1 -1
- package/dist/extensions/huggingface/index.js +35 -35
- package/dist/extensions/imessage/index.d.ts +1 -1
- package/dist/extensions/imessage/index.js +39 -39
- package/dist/extensions/imessage/setup-entry.d.ts +1 -1
- package/dist/extensions/imessage/setup-entry.js +39 -39
- package/dist/extensions/irc/index.d.ts +1 -1
- package/dist/extensions/irc/index.js +38 -38
- package/dist/extensions/irc/setup-entry.d.ts +2 -2
- package/dist/extensions/irc/setup-entry.js +38 -38
- package/dist/extensions/kakao-talkchannel/index.d.ts +1 -1
- package/dist/extensions/kakao-talkchannel/index.js +4 -4
- package/dist/extensions/kilocode/index.d.ts +1 -1
- package/dist/extensions/kilocode/index.js +35 -35
- package/dist/extensions/kimi-coding/index.d.ts +1 -1
- package/dist/extensions/kimi-coding/index.js +35 -35
- package/dist/extensions/line/index.d.ts +1 -1
- package/dist/extensions/line/index.js +37 -37
- package/dist/extensions/line/setup-entry.d.ts +1 -1
- package/dist/extensions/line/setup-entry.js +37 -37
- package/dist/extensions/llm-task/index.d.ts +1 -1
- package/dist/extensions/llm-task/index.js +35 -35
- package/dist/extensions/lobster/index.d.ts +1 -1
- package/dist/extensions/lobster/index.js +4 -4
- package/dist/extensions/matrix/index.d.ts +1 -1
- package/dist/extensions/matrix/index.js +40 -40
- package/dist/extensions/matrix/setup-entry.d.ts +2 -2
- package/dist/extensions/matrix/setup-entry.js +40 -40
- package/dist/extensions/mattermost/index.d.ts +1 -1
- package/dist/extensions/mattermost/index.js +37 -37
- package/dist/extensions/mattermost/setup-entry.d.ts +2 -2
- package/dist/extensions/mattermost/setup-entry.js +37 -37
- package/dist/extensions/memory-core/index.d.ts +1 -1
- package/dist/extensions/memory-core/index.js +4 -4
- package/dist/extensions/memory-lancedb/index.d.ts +1 -1
- package/dist/extensions/memory-lancedb/index.js +4 -4
- package/dist/extensions/microsoft/index.d.ts +1 -1
- package/dist/extensions/microsoft/index.js +35 -35
- package/dist/extensions/minimax/index.d.ts +1 -1
- package/dist/extensions/minimax/index.js +35 -35
- package/dist/extensions/mistral/index.d.ts +1 -1
- package/dist/extensions/mistral/index.js +35 -35
- package/dist/extensions/modelstudio/index.d.ts +1 -1
- package/dist/extensions/modelstudio/index.js +35 -35
- package/dist/extensions/moonshot/index.d.ts +1 -1
- package/dist/extensions/moonshot/index.js +35 -35
- package/dist/extensions/msteams/index.d.ts +1 -1
- package/dist/extensions/msteams/index.js +40 -40
- package/dist/extensions/msteams/setup-entry.d.ts +1 -1
- package/dist/extensions/msteams/setup-entry.js +40 -40
- package/dist/extensions/nextcloud-talk/index.d.ts +1 -1
- package/dist/extensions/nextcloud-talk/index.js +37 -37
- package/dist/extensions/nextcloud-talk/setup-entry.d.ts +2 -2
- package/dist/extensions/nextcloud-talk/setup-entry.js +37 -37
- package/dist/extensions/nostr/index.d.ts +1 -1
- package/dist/extensions/nostr/index.js +37 -37
- package/dist/extensions/nostr/setup-entry.d.ts +1 -1
- package/dist/extensions/nostr/setup-entry.js +37 -37
- package/dist/extensions/nvidia/index.d.ts +1 -1
- package/dist/extensions/nvidia/index.js +4 -4
- package/dist/extensions/ollama/index.d.ts +1 -1
- package/dist/extensions/ollama/index.js +7 -7
- package/dist/extensions/open-prose/index.d.ts +1 -1
- package/dist/extensions/open-prose/index.js +4 -4
- package/dist/extensions/openai/index.d.ts +1 -1
- package/dist/extensions/openai/index.js +35 -35
- package/dist/extensions/opencode/index.d.ts +1 -1
- package/dist/extensions/opencode/index.js +35 -35
- package/dist/extensions/opencode-go/index.d.ts +1 -1
- package/dist/extensions/opencode-go/index.js +35 -35
- package/dist/extensions/openrouter/index.d.ts +1 -1
- package/dist/extensions/openrouter/index.js +35 -35
- package/dist/extensions/openshell/index.d.ts +1 -1
- package/dist/extensions/openshell/index.js +35 -35
- package/dist/extensions/perplexity/index.d.ts +1 -1
- package/dist/extensions/perplexity/index.js +5 -5
- package/dist/extensions/phone-control/index.d.ts +1 -1
- package/dist/extensions/phone-control/index.js +4 -4
- package/dist/extensions/qianfan/index.d.ts +1 -1
- package/dist/extensions/qianfan/index.js +35 -35
- package/dist/extensions/qwen-portal-auth/index.d.ts +1 -1
- package/dist/extensions/qwen-portal-auth/index.js +35 -35
- package/dist/extensions/sglang/index.d.ts +1 -1
- package/dist/extensions/sglang/index.js +35 -35
- package/dist/extensions/signal/index.d.ts +1 -1
- package/dist/extensions/signal/index.js +38 -38
- package/dist/extensions/signal/setup-entry.d.ts +1 -1
- package/dist/extensions/signal/setup-entry.js +38 -38
- package/dist/extensions/slack/index.d.ts +1 -1
- package/dist/extensions/slack/index.js +39 -39
- package/dist/extensions/slack/setup-entry.d.ts +1 -1
- package/dist/extensions/slack/setup-entry.js +38 -38
- package/dist/extensions/synology-chat/index.d.ts +1 -1
- package/dist/extensions/synology-chat/index.js +37 -37
- package/dist/extensions/synology-chat/setup-entry.d.ts +1 -1
- package/dist/extensions/synology-chat/setup-entry.js +37 -37
- package/dist/extensions/synthetic/index.d.ts +1 -1
- package/dist/extensions/synthetic/index.js +35 -35
- package/dist/extensions/talk-voice/index.d.ts +1 -1
- package/dist/extensions/talk-voice/index.js +35 -35
- package/dist/extensions/telegram/index.d.ts +1 -1
- package/dist/extensions/telegram/index.js +38 -38
- package/dist/extensions/telegram/setup-entry.d.ts +1 -1
- package/dist/extensions/telegram/setup-entry.js +37 -37
- package/dist/extensions/thread-ownership/index.d.ts +1 -1
- package/dist/extensions/thread-ownership/index.js +4 -4
- package/dist/extensions/tlon/index.d.ts +1 -1
- package/dist/extensions/tlon/index.js +37 -37
- package/dist/extensions/tlon/setup-entry.d.ts +1 -1
- package/dist/extensions/tlon/setup-entry.js +37 -37
- package/dist/extensions/together/index.d.ts +1 -1
- package/dist/extensions/together/index.js +35 -35
- package/dist/extensions/twitch/index.d.ts +2 -2
- package/dist/extensions/twitch/index.js +37 -37
- package/dist/extensions/venice/index.d.ts +1 -1
- package/dist/extensions/venice/index.js +35 -35
- package/dist/extensions/vercel-ai-gateway/index.d.ts +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +36 -36
- package/dist/extensions/vllm/index.d.ts +1 -1
- package/dist/extensions/vllm/index.js +35 -35
- package/dist/extensions/voice-call/index.d.ts +1 -1
- package/dist/extensions/voice-call/index.js +35 -35
- package/dist/extensions/volcengine/index.d.ts +1 -1
- package/dist/extensions/volcengine/index.js +35 -35
- package/dist/extensions/whatsapp/index.d.ts +1 -1
- package/dist/extensions/whatsapp/index.js +38 -38
- package/dist/extensions/whatsapp/setup-entry.d.ts +1 -1
- package/dist/extensions/whatsapp/setup-entry.js +38 -38
- package/dist/extensions/xai/index.d.ts +1 -1
- package/dist/extensions/xai/index.js +35 -35
- package/dist/extensions/xiaomi/index.d.ts +1 -1
- package/dist/extensions/xiaomi/index.js +35 -35
- package/dist/extensions/zai/index.d.ts +1 -1
- package/dist/extensions/zai/index.js +35 -35
- package/dist/extensions/zalo/index.d.ts +1 -1
- package/dist/extensions/zalo/index.js +39 -39
- package/dist/extensions/zalo/setup-entry.d.ts +1 -1
- package/dist/extensions/zalo/setup-entry.js +39 -39
- package/dist/extensions/zalouser/index.d.ts +1 -1
- package/dist/extensions/zalouser/index.js +40 -40
- package/dist/extensions/zalouser/setup-entry.d.ts +1 -1
- package/dist/extensions/zalouser/setup-entry.js +40 -40
- package/dist/feishu-fIcnHDTd.d.ts +36 -0
- package/dist/gateway-cli-0c-8h93_.js +26437 -0
- package/dist/gateway-install-token-1PwJvrBY.js +163 -0
- package/dist/gateway-rpc-C0Vk51W7.js +26 -0
- package/dist/gateway-runtime-CBm3CCoA.js +69 -0
- package/dist/git-commit-BTWXFY41.js +177 -0
- package/dist/git-commit-D6GTN5Yt.js +2 -0
- package/dist/googlechat-BQr4xgoZ.js +307 -0
- package/dist/googlechat-BvwsCVKl.d.ts +12 -0
- package/dist/group-access-DpiQnd-G.d.ts +61 -0
- package/dist/health-6yZQGADY.js +113 -0
- package/dist/health-C9DYGyRe.js +570 -0
- package/dist/heartbeat-summary-Dct2lqJj.js +57 -0
- package/dist/help-CtwSApfq.js +81 -0
- package/dist/hooks-9gokOxZ5.d.ts +6 -0
- package/dist/hooks-cli-BegKzHZT.js +1000 -0
- package/dist/hooks-status-Bm_pGORf.js +78 -0
- package/dist/http-registry-D-S6a1Na.d.ts +20 -0
- package/dist/identity-file-Diub2a0t.js +60 -0
- package/dist/image-generation-CbIVzmAR.d.ts +9 -0
- package/dist/imessage-Bgok9kfl.js +31 -0
- package/dist/imessage-VIHePprL.js +115 -0
- package/dist/inbound-reply-dispatch-B53GAGWq.js +71 -0
- package/dist/inbound-reply-dispatch-n7U3qg15.d.ts +72 -0
- package/dist/index.js +2 -2
- package/dist/install-target-oz1pjfHH.js +574 -0
- package/dist/installs-CUFm5V8a.js +532 -0
- package/dist/io-BaBxjB1v.js +9739 -0
- package/dist/io-CgHb1Jld.js +29 -0
- package/dist/irc-CaRKzGvW.js +672 -0
- package/dist/library-C5SNBCMb.js +112 -0
- package/dist/lifecycle-core-Dn8PK6nk.js +382 -0
- package/dist/line/accounts.d.ts +2 -2
- package/dist/line/send.d.ts +1 -1
- package/dist/line/send.js +7 -7
- package/dist/line/template-messages.d.ts +1 -1
- package/dist/line-B5QFpgN_.d.ts +75 -0
- package/dist/line-fePrrQOD.js +530 -0
- package/dist/llm-slug-generator-hKae3XDA.js +67 -0
- package/dist/llm-slug-generator.d.ts +1 -1
- package/dist/llm-slug-generator.js +36 -36
- package/dist/logging-CdisccbY.js +13 -0
- package/dist/logging-LKQSgX1d.js +30 -0
- package/dist/login-qr-C1YWh4nE.js +233 -0
- package/dist/login-qr-WFluMDMb.js +112 -0
- package/dist/logs-cli-CNzOvZ2d.js +256 -0
- package/dist/manager-runtime-DgMhLTkR.js +111 -0
- package/dist/manager.runtime-hUWgpPt2.js +715 -0
- package/dist/manifest-registry-CS_p1OBQ.js +1329 -0
- package/dist/matrix-43_RGLZN.d.ts +68 -0
- package/dist/matrix-CCFxHfxa.js +1269 -0
- package/dist/matrix-DWs_qIkJ.js +1495 -0
- package/dist/mcp-cli-Ci2jvv3s.js +87 -0
- package/dist/media-understanding.runtime-Cdr6iTW6.js +116 -0
- package/dist/memory-cli-LZbyF0Iu.js +111 -0
- package/dist/memory-search-BHhETk6u.js +17 -0
- package/dist/memory-search-tTD5o_rU.js +204 -0
- package/dist/method-scopes-B2ZKSsxQ.js +2452 -0
- package/dist/model-auth-markers-LqZ4qhrZ.d.ts +20 -0
- package/dist/model-picker-CTR5mo4v.js +112 -0
- package/dist/model-picker-DG4z_dBs.js +390 -0
- package/dist/model-picker.runtime-DMQ9Pj9_.js +125 -0
- package/dist/model-selection-bBBxfXdb.js +653 -0
- package/dist/model-suppression.runtime-BVG75tZ7.js +116 -0
- package/dist/models-BjkVLfgw.js +2514 -0
- package/dist/models-ZO01Q4cx.js +118 -0
- package/dist/models-cli-DemdF-bm.js +309 -0
- package/dist/models-config-B2Jja8ua.js +111 -0
- package/dist/models-config.providers.discovery-puxTsH39.d.ts +18 -0
- package/dist/moldclaw-root-Cb6HRlUO.js +92 -0
- package/dist/monitor-BP4idxJD.js +782 -0
- package/dist/monitor-B_eP8Eim.js +772 -0
- package/dist/monitor-CRHYNl5J.js +3468 -0
- package/dist/monitor-Ci1Xg4g3.js +113 -0
- package/dist/monitor-DEodDl3z.js +6823 -0
- package/dist/monitor-DJlNKuMz.js +115 -0
- package/dist/monitor-DvFwDS9w.js +3076 -0
- package/dist/monitor-shared--cEjSf8s.js +444 -0
- package/dist/msteams-CV2a8uE8.js +852 -0
- package/dist/node-cli-Of2g7DSd.js +2503 -0
- package/dist/node-resolve-BYC2FbO2.js +835 -0
- package/dist/nodes-cli-CPHM6Upj.js +1380 -0
- package/dist/nostr-BFKRoOlz.d.ts +7 -0
- package/dist/nostr-lHpcBzz4.js +8744 -0
- package/dist/npm-resolution-kqHN85wB.js +60 -0
- package/dist/oauth-env-CLG8KOrz.js +10 -0
- package/dist/onboard-BON0C360.js +48 -0
- package/dist/onboard-CRkIBgOI.js +589 -0
- package/dist/onboard-DsKI17iq.js +25 -0
- package/dist/onboard-channels-BY3IbBBf.js +1241 -0
- package/dist/onboard-channels-CLKdRxvW.js +205 -0
- package/dist/onboard-custom-BjPrMo_R.js +571 -0
- package/dist/onboard-custom-DqcPiZBN.js +114 -0
- package/dist/onboard-helpers-BkrOY5OE.js +113 -0
- package/dist/onboard-helpers-DiSRTpZC.js +335 -0
- package/dist/onboard-hooks-pzEPZAvl.js +72 -0
- package/dist/onboard-remote-ChyLC6Dk.js +181 -0
- package/dist/onboard-remote-DHmK9ntl.js +117 -0
- package/dist/onboard-search-BgA3jEMW.js +302 -0
- package/dist/onboard-skills-BMo_NvnW.js +133 -0
- package/dist/onboard-skills-Bba-Z2p8.js +117 -0
- package/dist/outbound-media-BHD4aJEX.d.ts +11 -0
- package/dist/outbound-media-DSno0N82.js +11 -0
- package/dist/pairing-access-CzHpaM0R.d.ts +21 -0
- package/dist/pairing-cli-CmklqK0q.js +217 -0
- package/dist/perplexity-CXwMDD3u.js +24 -0
- package/dist/persistent-dedupe-B9vrAf8t.d.ts +26 -0
- package/dist/pi-model-discovery-runtime-BrK7tcaO.js +111 -0
- package/dist/pi-tools.before-tool-call.runtime-C5yLUogH.js +381 -0
- package/dist/plugin-install-C4AWJIFP.js +117 -0
- package/dist/plugin-install-CB3J1hfV.js +184 -0
- package/dist/plugin-install-plan-7itZiegi.js +49 -0
- package/dist/plugin-registry-DX_GFoiz.js +113 -0
- package/dist/plugin-registry-e3cxTtvb.js +49 -0
- package/dist/plugin-sdk/account-resolution.js +35 -35
- package/dist/plugin-sdk/acp-runtime.js +35 -35
- package/dist/plugin-sdk/agent-runtime.js +35 -35
- package/dist/plugin-sdk/bluebubbles.js +37 -37
- package/dist/plugin-sdk/channel-config-helpers.js +35 -35
- package/dist/plugin-sdk/channel-policy.js +35 -35
- package/dist/plugin-sdk/channel-runtime.js +35 -35
- package/dist/plugin-sdk/compat.js +36 -36
- package/dist/plugin-sdk/config-runtime.js +35 -35
- package/dist/plugin-sdk/conversation-runtime.js +35 -35
- package/dist/plugin-sdk/copilot-proxy.js +4 -4
- package/dist/plugin-sdk/core.js +4 -4
- package/dist/plugin-sdk/device-pair.js +4 -4
- package/dist/plugin-sdk/discord.js +35 -35
- package/dist/plugin-sdk/feishu.js +35 -35
- package/dist/plugin-sdk/gateway-runtime.js +10 -10
- package/dist/plugin-sdk/googlechat.js +37 -37
- package/dist/plugin-sdk/image-generation-runtime.js +35 -35
- package/dist/plugin-sdk/image-generation.js +35 -35
- package/dist/plugin-sdk/imessage.js +36 -36
- package/dist/plugin-sdk/index.js +35 -35
- package/dist/plugin-sdk/infra-runtime.js +35 -35
- package/dist/plugin-sdk/irc.js +37 -37
- package/dist/plugin-sdk/line.js +36 -36
- package/dist/plugin-sdk/llm-task.js +35 -35
- package/dist/plugin-sdk/lobster.js +4 -4
- package/dist/plugin-sdk/matrix.js +37 -37
- package/dist/plugin-sdk/mattermost.js +36 -36
- package/dist/plugin-sdk/media-runtime.js +35 -35
- package/dist/plugin-sdk/media-understanding-runtime.js +35 -35
- package/dist/plugin-sdk/media-understanding.js +35 -35
- package/dist/plugin-sdk/memory-lancedb.js +4 -4
- package/dist/plugin-sdk/minimax-portal-auth.js +4 -4
- package/dist/plugin-sdk/msteams.js +38 -38
- package/dist/plugin-sdk/nextcloud-talk.js +36 -36
- package/dist/plugin-sdk/nostr.js +36 -36
- package/dist/plugin-sdk/ollama-setup.js +9 -9
- package/dist/plugin-sdk/open-prose.js +4 -4
- package/dist/plugin-sdk/phone-control.js +4 -4
- package/dist/plugin-sdk/plugin-runtime.js +35 -35
- package/dist/plugin-sdk/provider-auth.js +35 -35
- package/dist/plugin-sdk/provider-models.js +5 -5
- package/dist/plugin-sdk/provider-onboard.js +4 -4
- package/dist/plugin-sdk/provider-setup.js +39 -39
- package/dist/plugin-sdk/provider-stream.js +4 -4
- package/dist/plugin-sdk/provider-usage.js +4 -4
- package/dist/plugin-sdk/qwen-portal-auth.js +35 -35
- package/dist/plugin-sdk/reply-history.js +35 -35
- package/dist/plugin-sdk/reply-runtime.js +35 -35
- package/dist/plugin-sdk/routing.js +3 -3
- package/dist/plugin-sdk/sandbox.js +35 -35
- package/dist/plugin-sdk/security-runtime.js +35 -35
- package/dist/plugin-sdk/self-hosted-provider-setup.js +37 -37
- package/dist/plugin-sdk/setup.js +35 -35
- package/dist/plugin-sdk/signal.js +35 -35
- package/dist/plugin-sdk/slack.js +35 -35
- package/dist/plugin-sdk/speech-runtime.js +35 -35
- package/dist/plugin-sdk/speech.js +35 -35
- package/dist/plugin-sdk/src/secrets/secure-file-store.d.ts +26 -0
- package/dist/plugin-sdk/src/subscription/provider.d.ts +5 -3
- package/dist/plugin-sdk/synology-chat.js +36 -36
- package/dist/plugin-sdk/talk-voice.js +4 -4
- package/dist/plugin-sdk/telegram.js +35 -35
- package/dist/plugin-sdk/text-runtime.js +7 -7
- package/dist/plugin-sdk/thread-ownership.js +4 -4
- package/dist/plugin-sdk/tlon.js +36 -36
- package/dist/plugin-sdk/twitch.js +35 -35
- package/dist/plugin-sdk/voice-call.js +35 -35
- package/dist/plugin-sdk/whatsapp.js +35 -35
- package/dist/plugin-sdk/zalo.js +38 -38
- package/dist/plugin-sdk/zalouser.js +38 -38
- package/dist/plugins/runtime/index.d.ts +1 -1
- package/dist/plugins/runtime/index.js +35 -35
- package/dist/plugins-DF5FaTO0.js +111 -0
- package/dist/plugins-cli-CvTJemqC.js +917 -0
- package/dist/policy-CNXISK_a.js +143 -0
- package/dist/preflight-audio.runtime-RP000oxo.js +116 -0
- package/dist/probe-BkM5pykD.js +21 -0
- package/dist/probe-DKbRTJv5.js +1793 -0
- package/dist/probe-DkrfRsjU.js +47 -0
- package/dist/probe-DpcJ0WeP.js +129 -0
- package/dist/probe-auth-BcNjX8hy.js +40 -0
- package/dist/probe-auth-DhuAb8ls.js +48 -0
- package/dist/probe-wciBj-aL.js +6329 -0
- package/dist/program-C8-p0mW5.js +253 -0
- package/dist/prompt-select-styled-DH0pVoc0.js +2673 -0
- package/dist/provider-api-key-auth.runtime-CAFeIQ1u.js +121 -0
- package/dist/provider-auth-choice-CB_HzdTl.js +126 -0
- package/dist/provider-auth-choice-helpers-hzDkh3f1.js +48 -0
- package/dist/provider-auth-choice-preference-BHCXvNSE.js +189 -0
- package/dist/provider-auth-choice.runtime-Dx4ms2C5.js +123 -0
- package/dist/provider-auth-choices-0KaDNPBQ.js +57 -0
- package/dist/provider-auth-guidance-BaAUiNr_.js +34 -0
- package/dist/provider-auth-result-Bto1bYtS.d.ts +18 -0
- package/dist/provider-models-DxOmeToO.d.ts +867 -0
- package/dist/provider-models-xnyxy6mO.js +2113 -0
- package/dist/provider-ollama-setup-DBYK__ov.d.ts +32 -0
- package/dist/provider-ollama-setup-QzgCxj44.js +314 -0
- package/dist/provider-onboard-B9ionepI.js +139 -0
- package/dist/provider-onboard-CURxJ_UX.d.ts +40 -0
- package/dist/provider-runtime.runtime-4xwmsl5L.js +111 -0
- package/dist/provider-self-hosted-setup-BHd24EDG.js +182 -0
- package/dist/provider-self-hosted-setup-qeY8BYSy.d.ts +61 -0
- package/dist/provider-stream-Chz_EFw3.js +512 -0
- package/dist/provider-usage-C11Q7UwS.js +111 -0
- package/dist/provider-usage-kxemdMp2.js +633 -0
- package/dist/provider-wizard-CanJoxNC.js +152 -0
- package/dist/push-apns-Dsajnm8C.js +1038 -0
- package/dist/pw-ai-DUe4BbH2.js +1867 -0
- package/dist/qmd-manager-CAAFp7qK.js +1570 -0
- package/dist/qr-cli-Bu2jqTPY.js +113 -0
- package/dist/qr-cli-Bu9Z-X48.js +369 -0
- package/dist/reactions-Cpfum4iU.js +281 -0
- package/dist/read-only-account-inspect.discord.runtime-BK0LaMgC.js +116 -0
- package/dist/read-only-account-inspect.slack.runtime-DgKiC5wT.js +116 -0
- package/dist/read-only-account-inspect.telegram.runtime-mxfgFVOU.js +116 -0
- package/dist/redact-snapshot-DD8A4tdd.js +2663 -0
- package/dist/register.agent-DU4FtrU2.js +439 -0
- package/dist/register.backup-8nOYtJqg.js +625 -0
- package/dist/register.configure-DmtecqIH.js +252 -0
- package/dist/register.maintenance-Dir3ulKP.js +574 -0
- package/dist/register.message-Cfl-f3Ju.js +709 -0
- package/dist/register.onboard-Bv7WVzEi.js +192 -0
- package/dist/register.setup-BIyeI8RY.js +212 -0
- package/dist/register.status-health-sessions-C69WQcF4.js +498 -0
- package/dist/register.subclis-B_4KCgTd.js +315 -0
- package/dist/register.subclis-BeXsmgBL.js +13 -0
- package/dist/replies-DdcFUmki.js +110 -0
- package/dist/resolve-channels-DRZqPV5o.js +226 -0
- package/dist/resolve-channels-DxW1kqxA.js +262 -0
- package/dist/resolve-route-DdX-HBVt.js +538 -0
- package/dist/resolve-users-rgCQvkLs.js +143 -0
- package/dist/root-help-QAkoA7GD.js +32 -0
- package/dist/routes-CcJNnwTF.js +7097 -0
- package/dist/rpc-DDUAlBbH.js +67 -0
- package/dist/run-main-D9ci5pn7.js +424 -0
- package/dist/runtime-Bitmi8Er.d.ts +26 -0
- package/dist/runtime-discord-ops.runtime-T4sf7aRB.js +9078 -0
- package/dist/runtime-slack-ops.runtime-BQpP48mC.js +4556 -0
- package/dist/runtime-telegram-ops.runtime-cVO5dqOp.js +133 -0
- package/dist/runtime-whatsapp-login.runtime-DtNx0dSY.js +114 -0
- package/dist/runtime-whatsapp-outbound.runtime-Bw47QbFK.js +117 -0
- package/dist/sandbox-cli-DsFwjbjC.js +535 -0
- package/dist/search-manager-BRAK8fEe.js +16 -0
- package/dist/search-manager-BS5Db0A6.js +386 -0
- package/dist/secrets-cli-D3J46TJp.js +2070 -0
- package/dist/security-cli-B866M9cB.js +575 -0
- package/dist/send-B1pX9_Oc.js +283 -0
- package/dist/send-B2RrLg83.js +100 -0
- package/dist/send-DFnV__Aq.js +1025 -0
- package/dist/send-DZIH6CJt.js +629 -0
- package/dist/send-sl9WnKbW.js +631 -0
- package/dist/server-node-events-BT6egg20.js +506 -0
- package/dist/server-zI_K-D05.js +107 -0
- package/dist/sessions-C8kiAcoJ.js +112 -0
- package/dist/sessions-DLBpp52_.js +218 -0
- package/dist/setup-C7eOzMiC.js +387 -0
- package/dist/setup-CFIMq-Pz.d.ts +37 -0
- package/dist/setup-binary-CcAv8NXz.js +406 -0
- package/dist/setup-browser-C4eRV3h6.js +70 -0
- package/dist/setup-core-BnR486P-.js +143 -0
- package/dist/setup-core-CIswIiu5.js +166 -0
- package/dist/setup-core-CcbcrXXg.js +47 -0
- package/dist/setup-core-nZSw5BSv.js +205 -0
- package/dist/setup-surface-C5iSpT4M.js +490 -0
- package/dist/setup-wizard-helpers-r0J6l8ST.d.ts +203 -0
- package/dist/setup.finalize-adiRfo0U.js +522 -0
- package/dist/setup.gateway-config-BwFWKDfT.js +343 -0
- package/dist/shared-12TimyeF.js +182 -0
- package/dist/shared-9EWO34-k.js +298 -0
- package/dist/shared-B4vUbaRR.js +75 -0
- package/dist/shared-bNWpW3Dd.js +96 -0
- package/dist/shared-lU1y5dvS.js +102 -0
- package/dist/signal-DBlETRu9.js +114 -0
- package/dist/skills-Bio8GwTE.js +20 -0
- package/dist/skills-DE_MXFSN.js +853 -0
- package/dist/skills-cli-BGuW-tKw.js +292 -0
- package/dist/skills-install--rnorIoJ.js +763 -0
- package/dist/skills-status-B08PtBc_.js +21 -0
- package/dist/skills-status-CzM008aB.js +169 -0
- package/dist/slack-C4T53Nc-.js +114 -0
- package/dist/slash-commands.runtime-B7fsD8Be.js +128 -0
- package/dist/slash-dispatch.runtime-t0PAX4vQ.js +141 -0
- package/dist/slash-skill-commands.runtime-DIhPnEfR.js +116 -0
- package/dist/src-DrDirlvw.js +1701 -0
- package/dist/status-Bld14WSA.js +131 -0
- package/dist/status-CgeO4RuH.js +43 -0
- package/dist/status-HlvixAOq.js +606 -0
- package/dist/status-Rom_Lf3c.js +1599 -0
- package/dist/status-TwbMH6Am.js +126 -0
- package/dist/status-json-DMW7cmuK.js +288 -0
- package/dist/status.link-channel-V4LkB6Gq.js +143 -0
- package/dist/status.scan.deps.runtime-BE3X-dcP.js +126 -0
- package/dist/status.scan.runtime-BxVY4mty.js +119 -0
- package/dist/status.summary-CzLM0vVr.js +592 -0
- package/dist/status.summary.runtime-BSBnHZ1Q.js +118 -0
- package/dist/status.update-BxblMS7P.js +77 -0
- package/dist/subagent-orphan-recovery-BpRPryEj.js +307 -0
- package/dist/subagent-registry-runtime-DYYU5p3X.js +111 -0
- package/dist/subscription-CpFdxuFS.js +33 -0
- package/dist/subscription-DaA1urx-.js +102 -0
- package/dist/subscription-cli-Bvto9EmO.js +134 -0
- package/dist/synology-chat-3nwk-Nj0.js +297 -0
- package/dist/system-cli-BvNps8sl.js +94 -0
- package/dist/telegram/audit.d.ts +1 -1
- package/dist/telegram/audit.js +1 -1
- package/dist/telegram/token.d.ts +1 -1
- package/dist/telegram/token.js +35 -35
- package/dist/telegram-RtKXoEsF.js +114 -0
- package/dist/text-chunking-BD5mQe2R.js +84 -0
- package/dist/text-chunking-DDUU_vAF.d.ts +79 -0
- package/dist/tlon-z-kYmJE-.js +433 -0
- package/dist/tui-cli-CzSK08Rh.js +137 -0
- package/dist/tui-wV7R1Tlc.js +3834 -0
- package/dist/types-2H_e7eWT.d.ts +45 -0
- package/dist/types-ZKnGUchG.d.ts +22692 -0
- package/dist/types.base-BFiQZ4J9.d.ts +188 -0
- package/dist/ui-BWVHreeR.js +31 -0
- package/dist/update-D1Wgh1Tj.js +1036 -0
- package/dist/update-cli-CZh99uyY.js +1503 -0
- package/dist/update-offset-store-D5xTdUr0.js +112 -0
- package/dist/update-runner-GbKfoCHs.js +1496 -0
- package/dist/upsert-with-lock-BZU7Le8n.js +33 -0
- package/dist/usage-Czgwvg0h.js +115 -0
- package/dist/web-CMczmL90.js +112 -0
- package/dist/web-shared-B5Q0mIJq.d.ts +45 -0
- package/dist/webhook-request-guards-CsKDhZJr.d.ts +76 -0
- package/dist/webhook-targets-BSmFtesN.js +181 -0
- package/dist/webhook-targets-CjxuEE9C.d.ts +106 -0
- package/dist/webhooks-cli-Wl9y6AWW.js +350 -0
- package/dist/whatsapp-VzRW8MdR.js +114 -0
- package/dist/whatsapp-actions-Cg1Wxv8W.js +167 -0
- package/dist/workspace-DJ_S272u.js +484 -0
- package/dist/workspace-DbZSqjw0.js +289 -0
- package/dist/workspace-cli-D93DLmAh.js +154 -0
- package/dist/workspace-dirs-CGeIPpGN.js +2003 -0
- package/dist/zalo-CK2dlGmu.d.ts +9 -0
- package/dist/zalo-Db7s2boL.js +415 -0
- package/dist/zalouser-Jh5YTJX3.js +30911 -0
- package/extensions/discord/src/monitor/allow-list.ts +8 -1
- package/extensions/discord/src/monitor/message-handler.preflight.ts +4 -1
- package/package.json +1 -1
- package/dist/accounts-CS8U4v8C.js +0 -114
- package/dist/accounts-gLr-Udmt.d.ts +0 -103
- package/dist/acp-cli-BGT0jXcC.js +0 -2093
- package/dist/actions.runtime-BfckTw6c.js +0 -119
- package/dist/actions.runtime-Cl9mBfqH.js +0 -133
- package/dist/agent-scope-C-YmLnnb.js +0 -208
- package/dist/agents-CydD54p8.js +0 -222
- package/dist/agents-DpQsZO6O.js +0 -853
- package/dist/agents.config-XU7IsYE-.js +0 -121
- package/dist/agents.config-ssoQXuvF.js +0 -17
- package/dist/allow-list-Cfn6lmMK.js +0 -81
- package/dist/allowlist-CCYXVpM9.js +0 -142
- package/dist/api-BoXoFKxy.js +0 -117
- package/dist/audit-Bv05N5o9.js +0 -787
- package/dist/audit-CIWW1Aqm.js +0 -54
- package/dist/audit-channel.collect.runtime-Bi7yrdcO.js +0 -605
- package/dist/audit-channel.runtime-C_NDweiW.js +0 -121
- package/dist/audit-extra.async-Dp7OKSXg.js +0 -813
- package/dist/audit-membership-runtime-B8FQ6VtN.js +0 -162
- package/dist/audit.deep.runtime-CXhobL6b.js +0 -25
- package/dist/audit.nondeep.runtime-CrEm3T16.js +0 -832
- package/dist/audit.runtime-CJPKj1Zg.js +0 -118
- package/dist/auth-Byfp0flq.js +0 -101
- package/dist/auth-choice-BgOjdeXN.js +0 -507
- package/dist/auth-choice-CD1Heq0M.js +0 -122
- package/dist/auth-choice-ePNfg0iQ.js +0 -268
- package/dist/auth-choice-options-BlewQWI0.js +0 -123
- package/dist/auth-choice-prompt-BP2b6aXz.js +0 -36
- package/dist/auth-choice-prompt-Cmwl4n97.js +0 -115
- package/dist/auth-choice.apply-helpers-Dq-nxuuX.js +0 -66
- package/dist/auth-choice.plugin-providers.runtime-B23kOUzQ.js +0 -119
- package/dist/auth-profiles-1kPLbBwI.js +0 -127823
- package/dist/auth-profiles.runtime-DAfSjku1.js +0 -116
- package/dist/banner-DeOsobLO.js +0 -342
- package/dist/bluebubbles-BsLGedBM.js +0 -64
- package/dist/bluebubbles-U2sAfO4_.d.ts +0 -6
- package/dist/bot-DW12K3bO.d.ts +0 -478
- package/dist/brave-BoWimrLe.js +0 -24
- package/dist/browser-cli-D_S3wEYE.js +0 -1494
- package/dist/call-ByEzDJ1_.js +0 -640
- package/dist/call-CHCWVg-O.js +0 -39
- package/dist/channel-3VC0oOMu.js +0 -214
- package/dist/channel-B9fCBPiS.js +0 -207
- package/dist/channel-B9q775cM.js +0 -562
- package/dist/channel-BG3UK54j.js +0 -803
- package/dist/channel-BRQAdMML.js +0 -352
- package/dist/channel-BmlLp933.js +0 -1321
- package/dist/channel-By6KvdTG.js +0 -920
- package/dist/channel-C8rRsdf6.js +0 -226
- package/dist/channel-CLEDBbXE.js +0 -943
- package/dist/channel-CMvBAG7o.js +0 -306
- package/dist/channel-CmlxxjHY.js +0 -1598
- package/dist/channel-CqG6_xN0.js +0 -949
- package/dist/channel-DNueHKs92.js +0 -316
- package/dist/channel-DUtyN7BX.js +0 -4681
- package/dist/channel-DWD6GrfZ.js +0 -538
- package/dist/channel-DaRYMYzj.js +0 -619
- package/dist/channel-Dj6BgLp8.js +0 -575
- package/dist/channel-account-context-Ba3u5D21.js +0 -103
- package/dist/channel-crabk6Em.js +0 -542
- package/dist/channel-i8uqQaK2.js +0 -497
- package/dist/channel-options-xljvwHS2.js +0 -50
- package/dist/channel-plugin-ids-DAgknSG4.js +0 -26
- package/dist/channel-summary-dHTMCG75.js +0 -111
- package/dist/channel-xVWQ96Ni.js +0 -397
- package/dist/channel.runtime-B6PoZ4BV.js +0 -182
- package/dist/channel.runtime-BPZmo57e.js +0 -404
- package/dist/channel.runtime-B_1uGR-U.js +0 -199
- package/dist/channel.runtime-BiXnPU0d.js +0 -218
- package/dist/channel.runtime-BpvDc9sv.js +0 -870
- package/dist/channel.runtime-CUua3W80.js +0 -418
- package/dist/channel.runtime-CaCBTd0A.js +0 -179
- package/dist/channel.runtime-D0FfYvUj.js +0 -4011
- package/dist/channel.runtime-DhoJtpvJ.js +0 -241
- package/dist/channel.runtime-Kj9EXNE0.js +0 -127
- package/dist/channel.runtime-r4tPuPyh.js +0 -171
- package/dist/channel.setup-B7d_grfe.js +0 -6
- package/dist/channel.setup-C0vu1fhi.js +0 -9
- package/dist/channel.setup-CAI0FNHj.js +0 -11
- package/dist/channel.setup-CkDVwv5R.js +0 -57
- package/dist/channel.setup-Cpd00YqQ.js +0 -8
- package/dist/channel.setup-DbBz1-WT.js +0 -9
- package/dist/channel.setup-GZnAvD9g.js +0 -8
- package/dist/channels-5H484RSw.js +0 -1118
- package/dist/channels-BnPudfyx.js +0 -404
- package/dist/channels-cli-WIC-QeH_.js +0 -291
- package/dist/channels-status-issues-RDmzovJU.js +0 -16
- package/dist/clawbot-cli-BgutNwf8.js +0 -118
- package/dist/cleanup-utils-DBl1Aij1.js +0 -96
- package/dist/cli-1P7u6zqu.js +0 -154
- package/dist/command-registry-B8jovrws.js +0 -232
- package/dist/command-registry-DtDl1FVm.js +0 -14
- package/dist/command-secret-gateway-BgUo3FxJ.js +0 -111
- package/dist/compact.runtime-CXbXM0AU.js +0 -116
- package/dist/completion-cli-Cik_owAE.js +0 -17
- package/dist/completion-cli-RU3P2RSl.js +0 -445
- package/dist/config-5HUpB1L1.js +0 -31
- package/dist/config-cli-QHaUHoZI.js +0 -433
- package/dist/config-guard-C9Sn3pE-.js +0 -118
- package/dist/config-sW57gztj.js +0 -44
- package/dist/config-validation-5LkjIKNt.js +0 -262
- package/dist/config-value-CtTWALxG.js +0 -132
- package/dist/configure-BmR2TPLf.js +0 -243
- package/dist/configure-DaLN-5xM.js +0 -1100
- package/dist/control-ui-assets-CH3MYmAo.js +0 -232
- package/dist/control-ui-shared-CA77PTml.js +0 -29
- package/dist/core-CvDzLs7B.js +0 -150
- package/dist/core-dPA4nFkn.d.ts +0 -87
- package/dist/cron-cli-tguLpzyq.js +0 -639
- package/dist/daemon-cli-ptosOkL8.js +0 -339
- package/dist/daemon-install-DzU4EnVa.js +0 -180
- package/dist/deliver-DwxFoHM3.js +0 -111
- package/dist/deliver-runtime-DOdDyaPI.js +0 -111
- package/dist/device-id-cli-GopvlxxZ.js +0 -52
- package/dist/device-identity-CRfhC3_s.js +0 -365
- package/dist/devices-cli-ain7ESqU.js +0 -342
- package/dist/diagnostic-D96Xaqrj.js +0 -310
- package/dist/directory-cli-fh1UxGgY.js +0 -311
- package/dist/directory-config-helpers-CpU1oflo.d.ts +0 -38
- package/dist/directory.static-CKjJUNGl.js +0 -44
- package/dist/discord-CflhwDEM.js +0 -114
- package/dist/discovery-x0ZqY4AB.js +0 -48
- package/dist/dm-policy-shared-73A52W6E.d.ts +0 -95
- package/dist/dns-cli-DCHyKjGf.js +0 -217
- package/dist/docs-cli-D3OoqYSP.js +0 -174
- package/dist/doctor-completion-Bq2eP87s.js +0 -90
- package/dist/doctor-config-flow-D8XRG9Ku.js +0 -2437
- package/dist/doctor-config-flow-DGiF1HGc.js +0 -112
- package/dist/enable-0QSF4YGH.js +0 -24
- package/dist/exec-approvals-cli-Bncym0Gd.js +0 -421
- package/dist/feishu-B5JDcyF9.d.ts +0 -36
- package/dist/gateway-cli-DYscsmA-.js +0 -26437
- package/dist/gateway-install-token-CNv17ac9.js +0 -163
- package/dist/gateway-rpc-BGC1Rxvg.js +0 -26
- package/dist/gateway-runtime-D89mSQPB.js +0 -69
- package/dist/git-commit-CeLH5Ozm.js +0 -2
- package/dist/git-commit-DUKRiCP-.js +0 -177
- package/dist/googlechat-BgXeXjd1.js +0 -307
- package/dist/googlechat-De-T7C31.d.ts +0 -12
- package/dist/group-access-Deh1tVNr.d.ts +0 -61
- package/dist/health-BEjzWwaB.js +0 -570
- package/dist/health-FjqrWQL6.js +0 -113
- package/dist/heartbeat-summary-CfdSA9M1.js +0 -57
- package/dist/help-BZeVprq1.js +0 -81
- package/dist/hooks-B5pYs_d7.d.ts +0 -6
- package/dist/hooks-cli-B7uGJs2O.js +0 -1000
- package/dist/hooks-status-CfceaUSg.js +0 -78
- package/dist/http-registry-C-KXqwnj.d.ts +0 -20
- package/dist/identity-file-sshkKKIr.js +0 -60
- package/dist/image-generation-CafM5hZh.d.ts +0 -9
- package/dist/imessage-BcV3WGx_.js +0 -31
- package/dist/imessage-Dhje7Ty-.js +0 -115
- package/dist/inbound-reply-dispatch-C73_7SOl.js +0 -71
- package/dist/inbound-reply-dispatch-DmL0KWLe.d.ts +0 -72
- package/dist/install-target-D7NRhfzc.js +0 -574
- package/dist/installs-Bj6jblqc.js +0 -532
- package/dist/io-CMfWWPXQ.js +0 -9738
- package/dist/io-CV844hAM.js +0 -29
- package/dist/irc-DKi1fDYI.js +0 -672
- package/dist/library-rygTG3oA.js +0 -112
- package/dist/lifecycle-core-BPlvShWY.js +0 -382
- package/dist/line-CGsemKWJ.js +0 -530
- package/dist/line-CKU3ER-n.d.ts +0 -75
- package/dist/llm-slug-generator-DlhVyMqT.js +0 -67
- package/dist/logging-5wu9k6w4.js +0 -30
- package/dist/logging-CxP9suT8.js +0 -13
- package/dist/login-qr-BcDsiwHs.js +0 -233
- package/dist/login-qr-Y8pJ5yV4.js +0 -112
- package/dist/logs-cli-XI9oVXpH.js +0 -256
- package/dist/manager-runtime-DkIlXBhD.js +0 -111
- package/dist/manager.runtime-Q0q2rJCC.js +0 -715
- package/dist/manifest-registry-DAd0SRAP.js +0 -1329
- package/dist/matrix-BI0DBBrG.js +0 -1495
- package/dist/matrix-DiABGjJR.js +0 -1269
- package/dist/matrix-fC6NrFM5.d.ts +0 -68
- package/dist/mcp-cli-BOyn_DLL.js +0 -87
- package/dist/media-understanding.runtime-DjUa7Dka.js +0 -116
- package/dist/memory-cli-CJd_vl-Y.js +0 -111
- package/dist/memory-search-CEEItIFR.js +0 -17
- package/dist/memory-search-Cv1SBrn7.js +0 -204
- package/dist/method-scopes-CQE7-bZ-.js +0 -2452
- package/dist/model-auth-markers-B1bbs9Qd.d.ts +0 -20
- package/dist/model-picker-D6_89XHg.js +0 -112
- package/dist/model-picker-Svaw-APs.js +0 -390
- package/dist/model-picker.runtime-Chi9nV7A.js +0 -125
- package/dist/model-selection-hL8i1Jbs.js +0 -653
- package/dist/model-suppression.runtime-DjWJZ0X-.js +0 -116
- package/dist/models-7qj1dG_W.js +0 -118
- package/dist/models-BPOB_xJF.js +0 -2514
- package/dist/models-cli-DdlOVUjS.js +0 -309
- package/dist/models-config-CBqUS-jX.js +0 -111
- package/dist/models-config.providers.discovery-BKB5JH9M.d.ts +0 -18
- package/dist/moldclaw-root-D6PbhbZk.js +0 -88
- package/dist/monitor-BPYhkEqF.js +0 -782
- package/dist/monitor-BuTcQ24j.js +0 -3468
- package/dist/monitor-CuXvNhFh.js +0 -113
- package/dist/monitor-D-TqSIHF.js +0 -6823
- package/dist/monitor-DRSgo9u2.js +0 -3076
- package/dist/monitor-DcHch39z.js +0 -772
- package/dist/monitor-DsHBMrXp.js +0 -115
- package/dist/monitor-shared-CL8T4gt1.js +0 -444
- package/dist/msteams-7FMwTvQG.js +0 -852
- package/dist/node-cli-BCjaSCZM.js +0 -2503
- package/dist/node-resolve-D5Hvcgyx.js +0 -835
- package/dist/nodes-cli-Dd_SNbkt.js +0 -1380
- package/dist/nostr-D8scBiYq.d.ts +0 -7
- package/dist/nostr-DBTFTxKs.js +0 -8744
- package/dist/npm-resolution-CYfb3MHG.js +0 -60
- package/dist/oauth-env-zPt5RywA.js +0 -10
- package/dist/onboard-BEFQQeig.js +0 -25
- package/dist/onboard-CJHNyxJh.js +0 -48
- package/dist/onboard-D_3UeLEN.js +0 -589
- package/dist/onboard-channels-B_JL0Djc.js +0 -1241
- package/dist/onboard-channels-CqZzHt2C.js +0 -205
- package/dist/onboard-custom-CER3Ggbq.js +0 -571
- package/dist/onboard-custom-bNRdGECb.js +0 -114
- package/dist/onboard-helpers-BK0Hsb7Y.js +0 -335
- package/dist/onboard-helpers-CXZ5RPoR.js +0 -113
- package/dist/onboard-hooks-1NsxEDjH.js +0 -72
- package/dist/onboard-remote-DuKhC_7W.js +0 -117
- package/dist/onboard-remote-OwRcDuB3.js +0 -181
- package/dist/onboard-search-Cy8dOq2W.js +0 -302
- package/dist/onboard-skills-D5phRa6r.js +0 -117
- package/dist/onboard-skills-c9qWCNe9.js +0 -133
- package/dist/outbound-media-CgNYEQWb.d.ts +0 -11
- package/dist/outbound-media-DYRO2vTD.js +0 -11
- package/dist/pairing-access-Dsiu5Mvl.d.ts +0 -21
- package/dist/pairing-cli-BOnv0TYn.js +0 -217
- package/dist/perplexity-EZwC3y2b.js +0 -24
- package/dist/persistent-dedupe-DMLOqJ23.d.ts +0 -26
- package/dist/pi-model-discovery-runtime-BToY3A6K.js +0 -111
- package/dist/pi-tools.before-tool-call.runtime-D_acPtld.js +0 -381
- package/dist/plugin-install-CgJpSjYd.js +0 -184
- package/dist/plugin-install-Cl1A4EF6.js +0 -117
- package/dist/plugin-install-plan-Dc2Z4DeU.js +0 -49
- package/dist/plugin-registry-B1UaWrQD.js +0 -49
- package/dist/plugin-registry-Cy8biwnn.js +0 -113
- package/dist/plugins-CXwvg50F.js +0 -111
- package/dist/plugins-cli-Uvzp2aYV.js +0 -917
- package/dist/policy-DsMBbEe7.js +0 -143
- package/dist/preflight-audio.runtime-hWsZIYvc.js +0 -116
- package/dist/probe-CNsSf1Uf.js +0 -6329
- package/dist/probe-CqOIrPhb.js +0 -47
- package/dist/probe-DH6gDw-h.js +0 -129
- package/dist/probe-DM16PLf4.js +0 -21
- package/dist/probe-DvAEEWYr.js +0 -1793
- package/dist/probe-auth-COfgCble.js +0 -48
- package/dist/probe-auth-I_5TX1Eh.js +0 -40
- package/dist/program-Dz80sgTU.js +0 -253
- package/dist/prompt-select-styled-wQehwFxK.js +0 -2673
- package/dist/provider-api-key-auth.runtime-BR9GU4ya.js +0 -121
- package/dist/provider-auth-choice-CdhA84kr.js +0 -126
- package/dist/provider-auth-choice-helpers-kabp_0zA.js +0 -48
- package/dist/provider-auth-choice-preference-se3zAM_2.js +0 -189
- package/dist/provider-auth-choice.runtime-BMc8-xNQ.js +0 -123
- package/dist/provider-auth-choices-CYsCViGi.js +0 -57
- package/dist/provider-auth-guidance-CMjUWlNf.js +0 -34
- package/dist/provider-auth-result-Cw6qIhO-.d.ts +0 -18
- package/dist/provider-models-BCId_Lfu.js +0 -2113
- package/dist/provider-models-Ok-DrSiY.d.ts +0 -867
- package/dist/provider-ollama-setup-B6XJZ0So.js +0 -314
- package/dist/provider-ollama-setup-lGDdTl0b.d.ts +0 -32
- package/dist/provider-onboard-CSPi7jOK.d.ts +0 -40
- package/dist/provider-onboard-Ca0TaNud.js +0 -139
- package/dist/provider-runtime.runtime-DwwkHw_7.js +0 -111
- package/dist/provider-self-hosted-setup-BEKLVGpj.js +0 -182
- package/dist/provider-self-hosted-setup-Df91By-J.d.ts +0 -61
- package/dist/provider-stream-DrUD69ai.js +0 -512
- package/dist/provider-usage-BgKHCnjr.js +0 -111
- package/dist/provider-usage-D8EZpFz9.js +0 -633
- package/dist/provider-wizard-DMdb-zj_.js +0 -152
- package/dist/push-apns-BPH6d4VV.js +0 -1038
- package/dist/pw-ai-DttfldtL.js +0 -1867
- package/dist/qmd-manager-CybcDUfk.js +0 -1570
- package/dist/qr-cli-8NcmJ8Ft.js +0 -369
- package/dist/qr-cli-DWe0Our3.js +0 -113
- package/dist/reactions-D6N0LR16.js +0 -281
- package/dist/read-only-account-inspect.discord.runtime-CqUWTRfl.js +0 -116
- package/dist/read-only-account-inspect.slack.runtime-9-jpln3q.js +0 -116
- package/dist/read-only-account-inspect.telegram.runtime-EKPI1D7n.js +0 -116
- package/dist/redact-snapshot-DwJEIVk9.js +0 -2663
- package/dist/register.agent-D3YdDirP.js +0 -439
- package/dist/register.backup-dR27qCuo.js +0 -625
- package/dist/register.configure-BjFhkkka.js +0 -252
- package/dist/register.maintenance-DiMQJIOa.js +0 -574
- package/dist/register.message-CdZsKYH1.js +0 -709
- package/dist/register.onboard-B0rV1eaO.js +0 -192
- package/dist/register.setup-wKMvohzo.js +0 -212
- package/dist/register.status-health-sessions-BJ68m6pt.js +0 -498
- package/dist/register.subclis-CnnrWt2a.js +0 -315
- package/dist/register.subclis-lSvTkC6z.js +0 -13
- package/dist/replies-BABt9b48.js +0 -110
- package/dist/resolve-channels-BqZFl2Ux.js +0 -262
- package/dist/resolve-channels-DjQLXb7B.js +0 -226
- package/dist/resolve-route-CSHDsa_m.js +0 -538
- package/dist/resolve-users-BG6HaSR5.js +0 -143
- package/dist/root-help-ohmaCyC_.js +0 -32
- package/dist/routes-4k2kpvoT.js +0 -7097
- package/dist/rpc-Cnwn4Q6L.js +0 -67
- package/dist/run-main-VYlacKA0.js +0 -424
- package/dist/runtime-D61jzMiI.d.ts +0 -26
- package/dist/runtime-discord-ops.runtime-DafrU-rI.js +0 -9078
- package/dist/runtime-slack-ops.runtime-CdXBKXwd.js +0 -4556
- package/dist/runtime-telegram-ops.runtime-B12sF7gE.js +0 -133
- package/dist/runtime-whatsapp-login.runtime-CqEudH37.js +0 -114
- package/dist/runtime-whatsapp-outbound.runtime-D5m2qyn-.js +0 -117
- package/dist/sandbox-cli-CHJiEWXB.js +0 -535
- package/dist/search-manager-BtNC3-i_.js +0 -16
- package/dist/search-manager-C7J7B3_a.js +0 -386
- package/dist/secrets-cli-C6yIWBbN.js +0 -2070
- package/dist/security-cli-BVu9BkjD.js +0 -575
- package/dist/send-BSreC7rr.js +0 -631
- package/dist/send-BsLHQG_B.js +0 -1025
- package/dist/send-BuNhp8PH.js +0 -283
- package/dist/send-DOCswVar.js +0 -100
- package/dist/send-Dl0LLErk.js +0 -629
- package/dist/server-node-events-Bq2067EG.js +0 -506
- package/dist/server-y38L7N5H.js +0 -107
- package/dist/sessions-BV8gXURR.js +0 -112
- package/dist/sessions-dl1Kc-Ci.js +0 -218
- package/dist/setup-BSPXdMuK.d.ts +0 -37
- package/dist/setup-DGszQH0_.js +0 -387
- package/dist/setup-binary-C17YnmA8.js +0 -406
- package/dist/setup-browser-CPx-nEsr.js +0 -70
- package/dist/setup-core-BByHN1ME.js +0 -143
- package/dist/setup-core-C0KPlBmL.js +0 -47
- package/dist/setup-core-Cq37G6of.js +0 -166
- package/dist/setup-core-uO84_Y75.js +0 -205
- package/dist/setup-surface-BEMi7Rmb.js +0 -490
- package/dist/setup-wizard-helpers-Ck9wDR0b.d.ts +0 -203
- package/dist/setup.finalize-BzPBa8zW.js +0 -522
- package/dist/setup.gateway-config-DdwkF-8e.js +0 -343
- package/dist/shared-BCw4SKjB.js +0 -96
- package/dist/shared-CjNzsULP.js +0 -75
- package/dist/shared-Cu1BE7ZE.js +0 -298
- package/dist/shared-DSClmyUn.js +0 -182
- package/dist/shared-DyJdGH6y.js +0 -102
- package/dist/signal-Dyv4NZsB.js +0 -114
- package/dist/skills-CbB5b27M.js +0 -853
- package/dist/skills-CnfI7Szw.js +0 -20
- package/dist/skills-cli-CavB1f_3.js +0 -292
- package/dist/skills-install-B1OBdgd0.js +0 -763
- package/dist/skills-status-B3gAmIbW.js +0 -169
- package/dist/skills-status-DrHhFgU9.js +0 -21
- package/dist/slack-BRzqnoAz.js +0 -114
- package/dist/slash-commands.runtime-BK88kgds.js +0 -128
- package/dist/slash-dispatch.runtime-COGywwJE.js +0 -141
- package/dist/slash-skill-commands.runtime-Ti4brxgh.js +0 -116
- package/dist/src-DUR6OQxI.js +0 -1701
- package/dist/status-C6dgQY9a.js +0 -131
- package/dist/status-CNK0Q7QH.js +0 -606
- package/dist/status-DBcX0DSC.js +0 -43
- package/dist/status-DKgFgbwv.js +0 -1599
- package/dist/status-Wn5lhNAc.js +0 -126
- package/dist/status-json-D2EkWqAl.js +0 -288
- package/dist/status.link-channel-D3ULIdEa.js +0 -143
- package/dist/status.scan.deps.runtime-BsjWTAm4.js +0 -126
- package/dist/status.scan.runtime-D4HbzROD.js +0 -119
- package/dist/status.summary-C3YxPrDK.js +0 -592
- package/dist/status.summary.runtime-DAkXPSaK.js +0 -118
- package/dist/status.update-B4NnN9P1.js +0 -77
- package/dist/subagent-orphan-recovery-QiQEBv36.js +0 -307
- package/dist/subagent-registry-runtime-BJatPQFK.js +0 -111
- package/dist/subscription-BhZORXN9.js +0 -100
- package/dist/subscription-QEUjQRMv.js +0 -33
- package/dist/subscription-cli-HrULlAgc.js +0 -134
- package/dist/synology-chat-DB76GWMN.js +0 -297
- package/dist/system-cli-D8jDwWuL.js +0 -94
- package/dist/telegram-BHiiqKkQ.js +0 -114
- package/dist/text-chunking-Baonm9Lu.js +0 -84
- package/dist/text-chunking-DzB11ONk.d.ts +0 -79
- package/dist/tlon-DLESxNgD.js +0 -433
- package/dist/tui-C75zi2Cl.js +0 -3834
- package/dist/tui-cli-DFwx5e6i.js +0 -137
- package/dist/types-BKldC9YN.d.ts +0 -22692
- package/dist/types-MeyueBE0.d.ts +0 -45
- package/dist/types.base-Cw0-zIvE.d.ts +0 -188
- package/dist/ui-B55NOIB6.js +0 -31
- package/dist/update--ojavYQ4.js +0 -1036
- package/dist/update-cli-Cvj5aWYM.js +0 -1503
- package/dist/update-offset-store-upatuWwX.js +0 -112
- package/dist/update-runner-DHkY_-76.js +0 -1496
- package/dist/upsert-with-lock-C171GLaR.js +0 -33
- package/dist/usage-N3bxnbmt.js +0 -115
- package/dist/web-RdvT7gKa.js +0 -112
- package/dist/web-shared-C2qHVxw1.d.ts +0 -45
- package/dist/webhook-request-guards-CosLyl01.d.ts +0 -76
- package/dist/webhook-targets-Bfnag-du.js +0 -181
- package/dist/webhook-targets-DP_EkQa4.d.ts +0 -106
- package/dist/webhooks-cli-ZpnXrq7G.js +0 -350
- package/dist/whatsapp-DNTAyZHt.js +0 -114
- package/dist/whatsapp-actions-o1zKQzKZ.js +0 -167
- package/dist/workspace-CpWi5wPr.js +0 -479
- package/dist/workspace-Ii7aRS7c.js +0 -289
- package/dist/workspace-dirs-x10McA9t.js +0 -2003
- package/dist/zalo-C9OQRYRw.d.ts +0 -9
- package/dist/zalo-zm_bYCKg.js +0 -415
- package/dist/zalouser-CvVEUvc5.js +0 -30911
- /package/dist/{account-id-B3YSn4hl.d.ts → account-id-B8ce6G_4.d.ts} +0 -0
- /package/dist/{acpx-CnNv70m2.d.ts → acpx-Ci50I9T2.d.ts} +0 -0
- /package/dist/{agent-media-payload-DE2pEcsz.d.ts → agent-media-payload-en-gS5p6.d.ts} +0 -0
- /package/dist/{allow-from-DPpHnT2A.d.ts → allow-from-cMeQ47Ot.d.ts} +0 -0
- /package/dist/{allowlist-resolution-CLFiZ6nE.d.ts → allowlist-resolution-DoAWbfXV.d.ts} +0 -0
- /package/dist/{bluebubbles-Duhu-Jer.d.ts → bluebubbles-C6yYmUl0.d.ts} +0 -0
- /package/dist/{boolean-param-BhFjB3gp.d.ts → boolean-param-CdO2TFTk.d.ts} +0 -0
- /package/dist/{channel-config-schema-DnnVMdjR.d.ts → channel-config-schema-Chp38wel.d.ts} +0 -0
- /package/dist/{channel-policy-Baq-Z06b.d.ts → channel-policy-g2h6AbYQ.d.ts} +0 -0
- /package/dist/{chat-type-DpiBgwuG.d.ts → chat-type-BLt59pPT.d.ts} +0 -0
- /package/dist/{command-format-vi4xq8e8.d.ts → command-format-BDJC05Jp.d.ts} +0 -0
- /package/dist/{diffs-DK7fVSDo.d.ts → diffs-D_iNKCyn.d.ts} +0 -0
- /package/dist/{directory-runtime-BTLPaysA.d.ts → directory-runtime-DhMex6HY.d.ts} +0 -0
- /package/dist/{exec-C01wtBHu.d.ts → exec-pjfUY4KM.d.ts} +0 -0
- /package/dist/{gaxios-fetch-compat-wZ38b3w3.js → gaxios-fetch-compat-B_vtINdV.js} +0 -0
- /package/dist/{history-CwXuP2TW.d.ts → history-aqSS5VGQ.d.ts} +0 -0
- /package/dist/{inbound-envelope-SggrBs9m.d.ts → inbound-envelope-C5hWuZod.d.ts} +0 -0
- /package/dist/{index-apAZHsDo.d.ts → index-DXVQFYGX.d.ts} +0 -0
- /package/dist/{json-store-r75IZGk9.d.ts → json-store-UnqQ5aV3.d.ts} +0 -0
- /package/dist/{keyed-async-queue-DHIr7yNe.d.ts → keyed-async-queue-guucpLw3.d.ts} +0 -0
- /package/dist/{links-HeQ3r_L0.d.ts → links-Bar0meEK.d.ts} +0 -0
- /package/dist/{markdown-to-line-CDb4Jy3V.d.ts → markdown-to-line-D8uH_KOj.d.ts} +0 -0
- /package/dist/{mattermost-DtCsxpgg.d.ts → mattermost-xl7jAFJL.d.ts} +0 -0
- /package/dist/{net-BATPDwdQ.d.ts → net-rGOKGds6.d.ts} +0 -0
- /package/dist/{nextcloud-talk-Bb2wHOwp.d.ts → nextcloud-talk-De2CZ9dV.d.ts} +0 -0
- /package/dist/{oauth-utils-u567CLT0.d.ts → oauth-utils-DzN1AlEH.d.ts} +0 -0
- /package/dist/{parse-finite-number-l3tNlrZh.d.ts → parse-finite-number-odgyqhi0.d.ts} +0 -0
- /package/dist/{provider-usage.types-C6061OVN.d.ts → provider-usage.types-EDE9o-H_.d.ts} +0 -0
- /package/dist/{reply-history-BDsFnZFl.d.ts → reply-history-CVuU31xe.d.ts} +0 -0
- /package/dist/{reply-payload-CCvM4W9u.d.ts → reply-payload-CHkpBYwL.d.ts} +0 -0
- /package/dist/{request-url-C54l4-xC.d.ts → request-url-DHisbiHY.d.ts} +0 -0
- /package/dist/{run-command-D3RqWcHu.d.ts → run-command-y0Cndsb1.d.ts} +0 -0
- /package/dist/{secret-input-schema-BLBt-NAP.d.ts → secret-input-schema-b1vpYDQN.d.ts} +0 -0
- /package/dist/{session-key-BQ2-bR-9.d.ts → session-key-DTHQl57f.d.ts} +0 -0
- /package/dist/{ssh-config-C4mcH9Ly.js → ssh-config-hEHBfU2_.js} +0 -0
- /package/dist/{testing-DLkhGsoz.d.ts → testing-DszuZXgK.d.ts} +0 -0
- /package/dist/{thinking-DRkjX18p.d.ts → thinking-IwXTGSeT.d.ts} +0 -0
- /package/dist/{tool-send-CMMD1uDu.d.ts → tool-send-DWHRmKpz.d.ts} +0 -0
- /package/dist/{vllm-defaults-CcGuf4hL.d.ts → vllm-defaults-CrxZgE6-.d.ts} +0 -0
- /package/dist/{wait-Daog8bxM.d.ts → wait-wDWw_MTI.d.ts} +0 -0
- /package/dist/{webhook-memory-guards-C5MrExwT.d.ts → webhook-memory-guards-DreORuJy.d.ts} +0 -0
- /package/dist/{windows-spawn-j2l-dqu8.d.ts → windows-spawn-BIzH92x2.d.ts} +0 -0
- /package/dist/{zod-schema.agent-runtime-krMrBnIn.d.ts → zod-schema.agent-runtime-CP2rmis3.d.ts} +0 -0
- /package/dist/{zod-schema.core-BNDieZDZ.d.ts → zod-schema.core-Foi1tYwi.d.ts} +0 -0
|
@@ -0,0 +1,787 @@
|
|
|
1
|
+
import { _ as resolveStateDir, o as resolveConfigPath } from "./paths-D6AgsMTU.js";
|
|
2
|
+
import { ff as resolveMergedSafeBinProfileFixtures, uf as listInterpreterLikeSafeBins } from "./auth-profiles-smABVXzp.js";
|
|
3
|
+
import { St as normalizeTrustedSafeBinDirs } from "./io-BaBxjB1v.js";
|
|
4
|
+
import { a as hasConfiguredSecretInput } from "./types.secrets-Ca-9L8vU.js";
|
|
5
|
+
import { n as formatPermissionRemediation, r as inspectPathPermissions, t as formatPermissionDetail } from "./audit-fs-CMb-YUHX.js";
|
|
6
|
+
import { R as resolveSandboxConfigForAgent } from "./workspace-dirs-CGeIPpGN.js";
|
|
7
|
+
import { m as resolveGatewayAuth, n as resolveBrowserConfig, r as resolveProfile } from "./config-BwkGZjD5.js";
|
|
8
|
+
import { t as formatCliCommand } from "./command-format-C_z0Ru-7.js";
|
|
9
|
+
import { et as resolveBrowserControlAuth, f as redactCdpUrl } from "./routes-CcJNnwTF.js";
|
|
10
|
+
import { g as isBlockedHostnameOrIp, v as isPrivateNetworkAllowedByPolicy } from "./image-ops-Ck_D_vpe.js";
|
|
11
|
+
import { L as hasPotentialConfiguredChannels } from "./lazy-runtime-BoGB4usD.js";
|
|
12
|
+
import { n as DEFAULT_GATEWAY_HTTP_TOOL_DENY } from "./dangerous-tools-DZGG7YEe.js";
|
|
13
|
+
import { t as collectEnabledInsecureOrDangerousFlags } from "./dangerous-config-flags-DdCOsSu3.js";
|
|
14
|
+
import path from "node:path";
|
|
15
|
+
import { isIP } from "node:net";
|
|
16
|
+
//#region src/security/audit.ts
|
|
17
|
+
let channelPluginsModulePromise;
|
|
18
|
+
let auditNonDeepModulePromise;
|
|
19
|
+
let auditDeepModulePromise;
|
|
20
|
+
let auditChannelModulePromise;
|
|
21
|
+
let gatewayProbeDepsPromise;
|
|
22
|
+
async function loadChannelPlugins() {
|
|
23
|
+
channelPluginsModulePromise ??= import("./plugins-DF5FaTO0.js");
|
|
24
|
+
return await channelPluginsModulePromise;
|
|
25
|
+
}
|
|
26
|
+
async function loadAuditNonDeepModule() {
|
|
27
|
+
auditNonDeepModulePromise ??= import("./audit.nondeep.runtime-C6jFgJfH.js");
|
|
28
|
+
return await auditNonDeepModulePromise;
|
|
29
|
+
}
|
|
30
|
+
async function loadAuditDeepModule() {
|
|
31
|
+
auditDeepModulePromise ??= import("./audit.deep.runtime-DyL9O_sU.js");
|
|
32
|
+
return await auditDeepModulePromise;
|
|
33
|
+
}
|
|
34
|
+
async function loadAuditChannelModule() {
|
|
35
|
+
auditChannelModulePromise ??= import("./audit-channel.collect.runtime-BeGotloZ.js");
|
|
36
|
+
return await auditChannelModulePromise;
|
|
37
|
+
}
|
|
38
|
+
async function loadGatewayProbeDeps() {
|
|
39
|
+
gatewayProbeDepsPromise ??= Promise.all([
|
|
40
|
+
import("./call-Do7wTSr7.js"),
|
|
41
|
+
import("./probe-auth-BcNjX8hy.js"),
|
|
42
|
+
import("./probe-BkM5pykD.js")
|
|
43
|
+
]).then(([callModule, probeAuthModule, probeModule]) => ({
|
|
44
|
+
buildGatewayConnectionDetails: callModule.buildGatewayConnectionDetails,
|
|
45
|
+
resolveGatewayProbeAuthSafe: probeAuthModule.resolveGatewayProbeAuthSafe,
|
|
46
|
+
probeGateway: probeModule.probeGateway
|
|
47
|
+
}));
|
|
48
|
+
return await gatewayProbeDepsPromise;
|
|
49
|
+
}
|
|
50
|
+
function countBySeverity(findings) {
|
|
51
|
+
let critical = 0;
|
|
52
|
+
let warn = 0;
|
|
53
|
+
let info = 0;
|
|
54
|
+
for (const f of findings) if (f.severity === "critical") critical += 1;
|
|
55
|
+
else if (f.severity === "warn") warn += 1;
|
|
56
|
+
else info += 1;
|
|
57
|
+
return {
|
|
58
|
+
critical,
|
|
59
|
+
warn,
|
|
60
|
+
info
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
function normalizeAllowFromList(list) {
|
|
64
|
+
if (!Array.isArray(list)) return [];
|
|
65
|
+
return list.map((v) => String(v).trim()).filter(Boolean);
|
|
66
|
+
}
|
|
67
|
+
function asRecord(value) {
|
|
68
|
+
if (!value || typeof value !== "object" || Array.isArray(value)) return;
|
|
69
|
+
return value;
|
|
70
|
+
}
|
|
71
|
+
function hasNonEmptyString(value) {
|
|
72
|
+
return typeof value === "string" && value.trim().length > 0;
|
|
73
|
+
}
|
|
74
|
+
function isFeishuDocToolEnabled(cfg) {
|
|
75
|
+
const feishu = asRecord(asRecord(cfg.channels)?.feishu);
|
|
76
|
+
if (!feishu || feishu.enabled === false) return false;
|
|
77
|
+
const baseTools = asRecord(feishu.tools);
|
|
78
|
+
const baseDocEnabled = baseTools?.doc !== false;
|
|
79
|
+
const baseAppId = hasNonEmptyString(feishu.appId);
|
|
80
|
+
const baseAppSecret = hasConfiguredSecretInput(feishu.appSecret, cfg.secrets?.defaults);
|
|
81
|
+
const baseConfigured = baseAppId && baseAppSecret;
|
|
82
|
+
const accounts = asRecord(feishu.accounts);
|
|
83
|
+
if (!accounts || Object.keys(accounts).length === 0) return baseDocEnabled && baseConfigured;
|
|
84
|
+
for (const accountValue of Object.values(accounts)) {
|
|
85
|
+
const account = asRecord(accountValue) ?? {};
|
|
86
|
+
if (account.enabled === false) continue;
|
|
87
|
+
if (!((asRecord(account.tools) ?? baseTools)?.doc !== false)) continue;
|
|
88
|
+
if ((hasNonEmptyString(account.appId) || baseAppId) && (hasConfiguredSecretInput(account.appSecret, cfg.secrets?.defaults) || baseAppSecret)) return true;
|
|
89
|
+
}
|
|
90
|
+
return false;
|
|
91
|
+
}
|
|
92
|
+
async function collectFilesystemFindings(params) {
|
|
93
|
+
const findings = [];
|
|
94
|
+
const stateDirPerms = await inspectPathPermissions(params.stateDir, {
|
|
95
|
+
env: params.env,
|
|
96
|
+
platform: params.platform,
|
|
97
|
+
exec: params.execIcacls
|
|
98
|
+
});
|
|
99
|
+
if (stateDirPerms.ok) {
|
|
100
|
+
if (stateDirPerms.isSymlink) findings.push({
|
|
101
|
+
checkId: "fs.state_dir.symlink",
|
|
102
|
+
severity: "warn",
|
|
103
|
+
title: "State dir is a symlink",
|
|
104
|
+
detail: `${params.stateDir} is a symlink; treat this as an extra trust boundary.`
|
|
105
|
+
});
|
|
106
|
+
if (stateDirPerms.worldWritable) findings.push({
|
|
107
|
+
checkId: "fs.state_dir.perms_world_writable",
|
|
108
|
+
severity: "critical",
|
|
109
|
+
title: "State dir is world-writable",
|
|
110
|
+
detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; other users can write into your moldClaw state.`,
|
|
111
|
+
remediation: formatPermissionRemediation({
|
|
112
|
+
targetPath: params.stateDir,
|
|
113
|
+
perms: stateDirPerms,
|
|
114
|
+
isDir: true,
|
|
115
|
+
posixMode: 448,
|
|
116
|
+
env: params.env
|
|
117
|
+
})
|
|
118
|
+
});
|
|
119
|
+
else if (stateDirPerms.groupWritable) findings.push({
|
|
120
|
+
checkId: "fs.state_dir.perms_group_writable",
|
|
121
|
+
severity: "warn",
|
|
122
|
+
title: "State dir is group-writable",
|
|
123
|
+
detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; group users can write into your moldClaw state.`,
|
|
124
|
+
remediation: formatPermissionRemediation({
|
|
125
|
+
targetPath: params.stateDir,
|
|
126
|
+
perms: stateDirPerms,
|
|
127
|
+
isDir: true,
|
|
128
|
+
posixMode: 448,
|
|
129
|
+
env: params.env
|
|
130
|
+
})
|
|
131
|
+
});
|
|
132
|
+
else if (stateDirPerms.groupReadable || stateDirPerms.worldReadable) findings.push({
|
|
133
|
+
checkId: "fs.state_dir.perms_readable",
|
|
134
|
+
severity: "warn",
|
|
135
|
+
title: "State dir is readable by others",
|
|
136
|
+
detail: `${formatPermissionDetail(params.stateDir, stateDirPerms)}; consider restricting to 700.`,
|
|
137
|
+
remediation: formatPermissionRemediation({
|
|
138
|
+
targetPath: params.stateDir,
|
|
139
|
+
perms: stateDirPerms,
|
|
140
|
+
isDir: true,
|
|
141
|
+
posixMode: 448,
|
|
142
|
+
env: params.env
|
|
143
|
+
})
|
|
144
|
+
});
|
|
145
|
+
}
|
|
146
|
+
const configPerms = await inspectPathPermissions(params.configPath, {
|
|
147
|
+
env: params.env,
|
|
148
|
+
platform: params.platform,
|
|
149
|
+
exec: params.execIcacls
|
|
150
|
+
});
|
|
151
|
+
if (configPerms.ok) {
|
|
152
|
+
const skipReadablePermWarnings = configPerms.isSymlink;
|
|
153
|
+
if (configPerms.isSymlink) findings.push({
|
|
154
|
+
checkId: "fs.config.symlink",
|
|
155
|
+
severity: "warn",
|
|
156
|
+
title: "Config file is a symlink",
|
|
157
|
+
detail: `${params.configPath} is a symlink; make sure you trust its target.`
|
|
158
|
+
});
|
|
159
|
+
if (configPerms.worldWritable || configPerms.groupWritable) findings.push({
|
|
160
|
+
checkId: "fs.config.perms_writable",
|
|
161
|
+
severity: "critical",
|
|
162
|
+
title: "Config file is writable by others",
|
|
163
|
+
detail: `${formatPermissionDetail(params.configPath, configPerms)}; another user could change gateway/auth/tool policies.`,
|
|
164
|
+
remediation: formatPermissionRemediation({
|
|
165
|
+
targetPath: params.configPath,
|
|
166
|
+
perms: configPerms,
|
|
167
|
+
isDir: false,
|
|
168
|
+
posixMode: 384,
|
|
169
|
+
env: params.env
|
|
170
|
+
})
|
|
171
|
+
});
|
|
172
|
+
else if (!skipReadablePermWarnings && configPerms.worldReadable) findings.push({
|
|
173
|
+
checkId: "fs.config.perms_world_readable",
|
|
174
|
+
severity: "critical",
|
|
175
|
+
title: "Config file is world-readable",
|
|
176
|
+
detail: `${formatPermissionDetail(params.configPath, configPerms)}; config can contain tokens and private settings.`,
|
|
177
|
+
remediation: formatPermissionRemediation({
|
|
178
|
+
targetPath: params.configPath,
|
|
179
|
+
perms: configPerms,
|
|
180
|
+
isDir: false,
|
|
181
|
+
posixMode: 384,
|
|
182
|
+
env: params.env
|
|
183
|
+
})
|
|
184
|
+
});
|
|
185
|
+
else if (!skipReadablePermWarnings && configPerms.groupReadable) findings.push({
|
|
186
|
+
checkId: "fs.config.perms_group_readable",
|
|
187
|
+
severity: "warn",
|
|
188
|
+
title: "Config file is group-readable",
|
|
189
|
+
detail: `${formatPermissionDetail(params.configPath, configPerms)}; config can contain tokens and private settings.`,
|
|
190
|
+
remediation: formatPermissionRemediation({
|
|
191
|
+
targetPath: params.configPath,
|
|
192
|
+
perms: configPerms,
|
|
193
|
+
isDir: false,
|
|
194
|
+
posixMode: 384,
|
|
195
|
+
env: params.env
|
|
196
|
+
})
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
return findings;
|
|
200
|
+
}
|
|
201
|
+
function collectGatewayConfigFindings(cfg, sourceConfig, env) {
|
|
202
|
+
const findings = [];
|
|
203
|
+
const bind = typeof cfg.gateway?.bind === "string" ? cfg.gateway.bind : "loopback";
|
|
204
|
+
const tailscaleMode = cfg.gateway?.tailscale?.mode ?? "off";
|
|
205
|
+
const auth = resolveGatewayAuth({
|
|
206
|
+
authConfig: cfg.gateway?.auth,
|
|
207
|
+
tailscaleMode,
|
|
208
|
+
env
|
|
209
|
+
});
|
|
210
|
+
const controlUiEnabled = cfg.gateway?.controlUi?.enabled !== false;
|
|
211
|
+
const controlUiAllowedOrigins = (cfg.gateway?.controlUi?.allowedOrigins ?? []).map((value) => value.trim()).filter(Boolean);
|
|
212
|
+
const dangerouslyAllowHostHeaderOriginFallback = cfg.gateway?.controlUi?.dangerouslyAllowHostHeaderOriginFallback === true;
|
|
213
|
+
const trustedProxies = Array.isArray(cfg.gateway?.trustedProxies) ? cfg.gateway.trustedProxies : [];
|
|
214
|
+
const hasToken = typeof auth.token === "string" && auth.token.trim().length > 0;
|
|
215
|
+
const hasPassword = typeof auth.password === "string" && auth.password.trim().length > 0;
|
|
216
|
+
const envTokenConfigured = hasNonEmptyString(env.MOLDCLAW_GATEWAY_TOKEN) || hasNonEmptyString(env.MOLDCLAW_GATEWAY_TOKEN);
|
|
217
|
+
const envPasswordConfigured = hasNonEmptyString(env.MOLDCLAW_GATEWAY_PASSWORD) || hasNonEmptyString(env.MOLDCLAW_GATEWAY_PASSWORD);
|
|
218
|
+
const tokenConfiguredFromConfig = hasConfiguredSecretInput(sourceConfig.gateway?.auth?.token, sourceConfig.secrets?.defaults);
|
|
219
|
+
const passwordConfiguredFromConfig = hasConfiguredSecretInput(sourceConfig.gateway?.auth?.password, sourceConfig.secrets?.defaults);
|
|
220
|
+
const remoteTokenConfigured = hasConfiguredSecretInput(sourceConfig.gateway?.remote?.token, sourceConfig.secrets?.defaults);
|
|
221
|
+
const explicitAuthMode = sourceConfig.gateway?.auth?.mode;
|
|
222
|
+
const tokenCanWin = hasToken || envTokenConfigured || tokenConfiguredFromConfig || remoteTokenConfigured;
|
|
223
|
+
const passwordCanWin = explicitAuthMode === "password" || explicitAuthMode !== "token" && explicitAuthMode !== "none" && explicitAuthMode !== "trusted-proxy" && !tokenCanWin;
|
|
224
|
+
const tokenConfigured = tokenCanWin;
|
|
225
|
+
const passwordConfigured = hasPassword || passwordCanWin && (envPasswordConfigured || passwordConfiguredFromConfig);
|
|
226
|
+
const hasSharedSecret = explicitAuthMode === "token" ? tokenConfigured : explicitAuthMode === "password" ? passwordConfigured : explicitAuthMode === "none" || explicitAuthMode === "trusted-proxy" ? false : tokenConfigured || passwordConfigured;
|
|
227
|
+
const hasTailscaleAuth = auth.allowTailscale && tailscaleMode === "serve";
|
|
228
|
+
const hasGatewayAuth = hasSharedSecret || hasTailscaleAuth;
|
|
229
|
+
const allowRealIpFallback = cfg.gateway?.allowRealIpFallback === true;
|
|
230
|
+
const mdnsMode = cfg.discovery?.mdns?.mode ?? "minimal";
|
|
231
|
+
const gatewayToolsAllowRaw = Array.isArray(cfg.gateway?.tools?.allow) ? cfg.gateway?.tools?.allow : [];
|
|
232
|
+
const gatewayToolsAllow = new Set(gatewayToolsAllowRaw.map((v) => typeof v === "string" ? v.trim().toLowerCase() : "").filter(Boolean));
|
|
233
|
+
const reenabledOverHttp = DEFAULT_GATEWAY_HTTP_TOOL_DENY.filter((name) => gatewayToolsAllow.has(name));
|
|
234
|
+
if (reenabledOverHttp.length > 0) {
|
|
235
|
+
const extraRisk = bind !== "loopback" || tailscaleMode === "funnel";
|
|
236
|
+
findings.push({
|
|
237
|
+
checkId: "gateway.tools_invoke_http.dangerous_allow",
|
|
238
|
+
severity: extraRisk ? "critical" : "warn",
|
|
239
|
+
title: "Gateway HTTP /tools/invoke re-enables dangerous tools",
|
|
240
|
+
detail: `gateway.tools.allow includes ${reenabledOverHttp.join(", ")} which removes them from the default HTTP deny list. This can allow remote session spawning / control-plane actions via HTTP and increases RCE blast radius if the gateway is reachable.`,
|
|
241
|
+
remediation: "Remove these entries from gateway.tools.allow (recommended). If you keep them enabled, keep gateway.bind loopback-only (or tailnet-only), restrict network exposure, and treat the gateway token/password as full-admin."
|
|
242
|
+
});
|
|
243
|
+
}
|
|
244
|
+
if (bind !== "loopback" && !hasSharedSecret && auth.mode !== "trusted-proxy") findings.push({
|
|
245
|
+
checkId: "gateway.bind_no_auth",
|
|
246
|
+
severity: "critical",
|
|
247
|
+
title: "Gateway binds beyond loopback without auth",
|
|
248
|
+
detail: `gateway.bind="${bind}" but no gateway.auth token/password is configured.`,
|
|
249
|
+
remediation: `Set gateway.auth (token recommended) or bind to loopback.`
|
|
250
|
+
});
|
|
251
|
+
if (bind === "loopback" && controlUiEnabled && trustedProxies.length === 0) findings.push({
|
|
252
|
+
checkId: "gateway.trusted_proxies_missing",
|
|
253
|
+
severity: "warn",
|
|
254
|
+
title: "Reverse proxy headers are not trusted",
|
|
255
|
+
detail: "gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed.",
|
|
256
|
+
remediation: "Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only."
|
|
257
|
+
});
|
|
258
|
+
if (bind === "loopback" && controlUiEnabled && !hasGatewayAuth) findings.push({
|
|
259
|
+
checkId: "gateway.loopback_no_auth",
|
|
260
|
+
severity: "critical",
|
|
261
|
+
title: "Gateway auth missing on loopback",
|
|
262
|
+
detail: "gateway.bind is loopback but no gateway auth secret is configured. If the Control UI is exposed through a reverse proxy, unauthenticated access is possible.",
|
|
263
|
+
remediation: "Set gateway.auth (token recommended) or keep the Control UI local-only."
|
|
264
|
+
});
|
|
265
|
+
if (bind !== "loopback" && controlUiEnabled && controlUiAllowedOrigins.length === 0 && !dangerouslyAllowHostHeaderOriginFallback) findings.push({
|
|
266
|
+
checkId: "gateway.control_ui.allowed_origins_required",
|
|
267
|
+
severity: "critical",
|
|
268
|
+
title: "Non-loopback Control UI missing explicit allowed origins",
|
|
269
|
+
detail: "Control UI is enabled on a non-loopback bind but gateway.controlUi.allowedOrigins is empty. Strict origin policy requires explicit allowed origins for non-loopback deployments.",
|
|
270
|
+
remediation: "Set gateway.controlUi.allowedOrigins to full trusted origins (for example https://control.example.com). If your deployment intentionally relies on Host-header origin fallback, set gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback=true."
|
|
271
|
+
});
|
|
272
|
+
if (controlUiAllowedOrigins.includes("*")) {
|
|
273
|
+
const exposed = bind !== "loopback";
|
|
274
|
+
findings.push({
|
|
275
|
+
checkId: "gateway.control_ui.allowed_origins_wildcard",
|
|
276
|
+
severity: exposed ? "critical" : "warn",
|
|
277
|
+
title: "Control UI allowed origins contains wildcard",
|
|
278
|
+
detail: "gateway.controlUi.allowedOrigins includes \"*\" which effectively disables origin allowlisting for Control UI/WebChat requests.",
|
|
279
|
+
remediation: "Replace wildcard origins with explicit trusted origins (for example https://control.example.com)."
|
|
280
|
+
});
|
|
281
|
+
}
|
|
282
|
+
if (dangerouslyAllowHostHeaderOriginFallback) {
|
|
283
|
+
const exposed = bind !== "loopback";
|
|
284
|
+
findings.push({
|
|
285
|
+
checkId: "gateway.control_ui.host_header_origin_fallback",
|
|
286
|
+
severity: exposed ? "critical" : "warn",
|
|
287
|
+
title: "DANGEROUS: Host-header origin fallback enabled",
|
|
288
|
+
detail: "gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback=true enables Host-header origin fallback for Control UI/WebChat websocket checks and weakens DNS rebinding protections.",
|
|
289
|
+
remediation: "Disable gateway.controlUi.dangerouslyAllowHostHeaderOriginFallback and configure explicit gateway.controlUi.allowedOrigins."
|
|
290
|
+
});
|
|
291
|
+
}
|
|
292
|
+
if (allowRealIpFallback) {
|
|
293
|
+
const hasNonLoopbackTrustedProxy = trustedProxies.some((proxy) => !isStrictLoopbackTrustedProxyEntry(proxy));
|
|
294
|
+
const exposed = bind !== "loopback" || auth.mode === "trusted-proxy" && hasNonLoopbackTrustedProxy;
|
|
295
|
+
findings.push({
|
|
296
|
+
checkId: "gateway.real_ip_fallback_enabled",
|
|
297
|
+
severity: exposed ? "critical" : "warn",
|
|
298
|
+
title: "X-Real-IP fallback is enabled",
|
|
299
|
+
detail: "gateway.allowRealIpFallback=true trusts X-Real-IP when trusted proxies omit X-Forwarded-For. Misconfigured proxies that forward client-supplied X-Real-IP can spoof source IP and local-client checks.",
|
|
300
|
+
remediation: "Keep gateway.allowRealIpFallback=false (default). Only enable this when your trusted proxy always overwrites X-Real-IP and cannot provide X-Forwarded-For."
|
|
301
|
+
});
|
|
302
|
+
}
|
|
303
|
+
if (mdnsMode === "full") {
|
|
304
|
+
const exposed = bind !== "loopback";
|
|
305
|
+
findings.push({
|
|
306
|
+
checkId: "discovery.mdns_full_mode",
|
|
307
|
+
severity: exposed ? "critical" : "warn",
|
|
308
|
+
title: "mDNS full mode can leak host metadata",
|
|
309
|
+
detail: "discovery.mdns.mode=\"full\" publishes cliPath/sshPort in local-network TXT records. This can reveal usernames, filesystem layout, and management ports.",
|
|
310
|
+
remediation: "Prefer discovery.mdns.mode=\"minimal\" (recommended) or \"off\", especially when gateway.bind is not loopback."
|
|
311
|
+
});
|
|
312
|
+
}
|
|
313
|
+
if (tailscaleMode === "funnel") findings.push({
|
|
314
|
+
checkId: "gateway.tailscale_funnel",
|
|
315
|
+
severity: "critical",
|
|
316
|
+
title: "Tailscale Funnel exposure enabled",
|
|
317
|
+
detail: `gateway.tailscale.mode="funnel" exposes the Gateway publicly; keep auth strict and treat it as internet-facing.`,
|
|
318
|
+
remediation: `Prefer tailscale.mode="serve" (tailnet-only) or set tailscale.mode="off".`
|
|
319
|
+
});
|
|
320
|
+
else if (tailscaleMode === "serve") findings.push({
|
|
321
|
+
checkId: "gateway.tailscale_serve",
|
|
322
|
+
severity: "info",
|
|
323
|
+
title: "Tailscale Serve exposure enabled",
|
|
324
|
+
detail: `gateway.tailscale.mode="serve" exposes the Gateway to your tailnet (loopback behind Tailscale).`
|
|
325
|
+
});
|
|
326
|
+
if (cfg.gateway?.controlUi?.allowInsecureAuth === true) findings.push({
|
|
327
|
+
checkId: "gateway.control_ui.insecure_auth",
|
|
328
|
+
severity: "warn",
|
|
329
|
+
title: "Control UI insecure auth toggle enabled",
|
|
330
|
+
detail: "gateway.controlUi.allowInsecureAuth=true does not bypass secure context or device identity checks; only dangerouslyDisableDeviceAuth disables Control UI device identity checks.",
|
|
331
|
+
remediation: "Disable it or switch to HTTPS (Tailscale Serve) or localhost."
|
|
332
|
+
});
|
|
333
|
+
if (cfg.gateway?.controlUi?.dangerouslyDisableDeviceAuth === true) findings.push({
|
|
334
|
+
checkId: "gateway.control_ui.device_auth_disabled",
|
|
335
|
+
severity: "critical",
|
|
336
|
+
title: "DANGEROUS: Control UI device auth disabled",
|
|
337
|
+
detail: "gateway.controlUi.dangerouslyDisableDeviceAuth=true disables device identity checks for the Control UI.",
|
|
338
|
+
remediation: "Disable it unless you are in a short-lived break-glass scenario."
|
|
339
|
+
});
|
|
340
|
+
if (isFeishuDocToolEnabled(cfg)) findings.push({
|
|
341
|
+
checkId: "channels.feishu.doc_owner_open_id",
|
|
342
|
+
severity: "warn",
|
|
343
|
+
title: "Feishu doc create can grant requester permissions",
|
|
344
|
+
detail: "channels.feishu tools include \"doc\"; feishu_doc action \"create\" can grant document access to the trusted requesting Feishu user.",
|
|
345
|
+
remediation: "Disable channels.feishu.tools.doc when not needed, and restrict tool access for untrusted prompts."
|
|
346
|
+
});
|
|
347
|
+
const enabledDangerousFlags = collectEnabledInsecureOrDangerousFlags(cfg);
|
|
348
|
+
if (enabledDangerousFlags.length > 0) findings.push({
|
|
349
|
+
checkId: "config.insecure_or_dangerous_flags",
|
|
350
|
+
severity: "warn",
|
|
351
|
+
title: "Insecure or dangerous config flags enabled",
|
|
352
|
+
detail: `Detected ${enabledDangerousFlags.length} enabled flag(s): ${enabledDangerousFlags.join(", ")}.`,
|
|
353
|
+
remediation: "Disable these flags when not actively debugging, or keep deployment scoped to trusted/local-only networks."
|
|
354
|
+
});
|
|
355
|
+
const token = typeof auth.token === "string" && auth.token.trim().length > 0 ? auth.token.trim() : null;
|
|
356
|
+
if (auth.mode === "token" && token && token.length < 24) findings.push({
|
|
357
|
+
checkId: "gateway.token_too_short",
|
|
358
|
+
severity: "warn",
|
|
359
|
+
title: "Gateway token looks short",
|
|
360
|
+
detail: `gateway auth token is ${token.length} chars; prefer a long random token.`
|
|
361
|
+
});
|
|
362
|
+
if (auth.mode === "trusted-proxy") {
|
|
363
|
+
const trustedProxies = cfg.gateway?.trustedProxies ?? [];
|
|
364
|
+
const trustedProxyConfig = cfg.gateway?.auth?.trustedProxy;
|
|
365
|
+
findings.push({
|
|
366
|
+
checkId: "gateway.trusted_proxy_auth",
|
|
367
|
+
severity: "critical",
|
|
368
|
+
title: "Trusted-proxy auth mode enabled",
|
|
369
|
+
detail: "gateway.auth.mode=\"trusted-proxy\" delegates authentication to a reverse proxy. Ensure your proxy (Pomerium, Caddy, nginx) handles auth correctly and that gateway.trustedProxies only contains IPs of your actual proxy servers.",
|
|
370
|
+
remediation: "Verify: (1) Your proxy terminates TLS and authenticates users. (2) gateway.trustedProxies is restricted to proxy IPs only. (3) Direct access to the Gateway port is blocked by firewall. See /gateway/trusted-proxy-auth for setup guidance."
|
|
371
|
+
});
|
|
372
|
+
if (trustedProxies.length === 0) findings.push({
|
|
373
|
+
checkId: "gateway.trusted_proxy_no_proxies",
|
|
374
|
+
severity: "critical",
|
|
375
|
+
title: "Trusted-proxy auth enabled but no trusted proxies configured",
|
|
376
|
+
detail: "gateway.auth.mode=\"trusted-proxy\" but gateway.trustedProxies is empty. All requests will be rejected.",
|
|
377
|
+
remediation: "Set gateway.trustedProxies to the IP(s) of your reverse proxy."
|
|
378
|
+
});
|
|
379
|
+
if (!trustedProxyConfig?.userHeader) findings.push({
|
|
380
|
+
checkId: "gateway.trusted_proxy_no_user_header",
|
|
381
|
+
severity: "critical",
|
|
382
|
+
title: "Trusted-proxy auth missing userHeader config",
|
|
383
|
+
detail: "gateway.auth.mode=\"trusted-proxy\" but gateway.auth.trustedProxy.userHeader is not configured.",
|
|
384
|
+
remediation: "Set gateway.auth.trustedProxy.userHeader to the header name your proxy uses (e.g., \"x-forwarded-user\", \"x-pomerium-claim-email\")."
|
|
385
|
+
});
|
|
386
|
+
if ((trustedProxyConfig?.allowUsers ?? []).length === 0) findings.push({
|
|
387
|
+
checkId: "gateway.trusted_proxy_no_allowlist",
|
|
388
|
+
severity: "warn",
|
|
389
|
+
title: "Trusted-proxy auth allows all authenticated users",
|
|
390
|
+
detail: "gateway.auth.trustedProxy.allowUsers is empty, so any user authenticated by your proxy can access the Gateway.",
|
|
391
|
+
remediation: "Consider setting gateway.auth.trustedProxy.allowUsers to restrict access to specific users (e.g., [\"nick@example.com\"])."
|
|
392
|
+
});
|
|
393
|
+
}
|
|
394
|
+
if (bind !== "loopback" && auth.mode !== "trusted-proxy" && !cfg.gateway?.auth?.rateLimit) findings.push({
|
|
395
|
+
checkId: "gateway.auth_no_rate_limit",
|
|
396
|
+
severity: "warn",
|
|
397
|
+
title: "No auth rate limiting configured",
|
|
398
|
+
detail: "gateway.bind is not loopback but no gateway.auth.rateLimit is configured. Without rate limiting, brute-force auth attacks are not mitigated.",
|
|
399
|
+
remediation: "Set gateway.auth.rateLimit (e.g. { maxAttempts: 10, windowMs: 60000, lockoutMs: 300000 })."
|
|
400
|
+
});
|
|
401
|
+
return findings;
|
|
402
|
+
}
|
|
403
|
+
function isStrictLoopbackTrustedProxyEntry(entry) {
|
|
404
|
+
const candidate = entry.trim();
|
|
405
|
+
if (!candidate) return false;
|
|
406
|
+
if (!candidate.includes("/")) return candidate === "127.0.0.1" || candidate.toLowerCase() === "::1";
|
|
407
|
+
const [rawIp, rawPrefix] = candidate.split("/", 2);
|
|
408
|
+
if (!rawIp || !rawPrefix) return false;
|
|
409
|
+
const ipVersion = isIP(rawIp.trim());
|
|
410
|
+
const prefix = Number.parseInt(rawPrefix.trim(), 10);
|
|
411
|
+
if (!Number.isInteger(prefix)) return false;
|
|
412
|
+
if (ipVersion === 4) return rawIp.trim() === "127.0.0.1" && prefix === 32;
|
|
413
|
+
if (ipVersion === 6) return prefix === 128 && rawIp.trim().toLowerCase() === "::1";
|
|
414
|
+
return false;
|
|
415
|
+
}
|
|
416
|
+
function collectBrowserControlFindings(cfg, env) {
|
|
417
|
+
const findings = [];
|
|
418
|
+
let resolved;
|
|
419
|
+
try {
|
|
420
|
+
resolved = resolveBrowserConfig(cfg.browser, cfg);
|
|
421
|
+
} catch (err) {
|
|
422
|
+
findings.push({
|
|
423
|
+
checkId: "browser.control_invalid_config",
|
|
424
|
+
severity: "warn",
|
|
425
|
+
title: "Browser control config looks invalid",
|
|
426
|
+
detail: String(err),
|
|
427
|
+
remediation: `Fix browser.cdpUrl in ${resolveConfigPath()} and re-run "${formatCliCommand("moldclaw security audit --deep")}".`
|
|
428
|
+
});
|
|
429
|
+
return findings;
|
|
430
|
+
}
|
|
431
|
+
if (!resolved.enabled) return findings;
|
|
432
|
+
const browserAuth = resolveBrowserControlAuth(cfg, env);
|
|
433
|
+
const explicitAuthMode = cfg.gateway?.auth?.mode;
|
|
434
|
+
const tokenConfigured = Boolean(browserAuth.token) || hasNonEmptyString(env.MOLDCLAW_GATEWAY_TOKEN) || hasNonEmptyString(env.MOLDCLAW_GATEWAY_TOKEN) || hasConfiguredSecretInput(cfg.gateway?.auth?.token, cfg.secrets?.defaults);
|
|
435
|
+
const passwordCanWin = explicitAuthMode === "password" || explicitAuthMode !== "token" && explicitAuthMode !== "none" && explicitAuthMode !== "trusted-proxy" && !tokenConfigured;
|
|
436
|
+
const passwordConfigured = Boolean(browserAuth.password) || passwordCanWin && (hasNonEmptyString(env.MOLDCLAW_GATEWAY_PASSWORD) || hasNonEmptyString(env.MOLDCLAW_GATEWAY_PASSWORD) || hasConfiguredSecretInput(cfg.gateway?.auth?.password, cfg.secrets?.defaults));
|
|
437
|
+
if (!tokenConfigured && !passwordConfigured) findings.push({
|
|
438
|
+
checkId: "browser.control_no_auth",
|
|
439
|
+
severity: "critical",
|
|
440
|
+
title: "Browser control has no auth",
|
|
441
|
+
detail: "Browser control HTTP routes are enabled but no gateway.auth token/password is configured. Any local process (or SSRF to loopback) can call browser control endpoints.",
|
|
442
|
+
remediation: "Set gateway.auth.token (recommended) or gateway.auth.password so browser control HTTP routes require authentication. Restarting the gateway will auto-generate gateway.auth.token when browser control is enabled."
|
|
443
|
+
});
|
|
444
|
+
for (const name of Object.keys(resolved.profiles)) {
|
|
445
|
+
const profile = resolveProfile(resolved, name);
|
|
446
|
+
if (!profile || profile.cdpIsLoopback) continue;
|
|
447
|
+
let url;
|
|
448
|
+
try {
|
|
449
|
+
url = new URL(profile.cdpUrl);
|
|
450
|
+
} catch {
|
|
451
|
+
continue;
|
|
452
|
+
}
|
|
453
|
+
const redactedCdpUrl = redactCdpUrl(profile.cdpUrl) ?? profile.cdpUrl;
|
|
454
|
+
if (url.protocol === "http:") findings.push({
|
|
455
|
+
checkId: "browser.remote_cdp_http",
|
|
456
|
+
severity: "warn",
|
|
457
|
+
title: "Remote CDP uses HTTP",
|
|
458
|
+
detail: `browser profile "${name}" uses http CDP (${redactedCdpUrl}); this is OK only if it's tailnet-only or behind an encrypted tunnel.`,
|
|
459
|
+
remediation: `Prefer HTTPS/TLS or a tailnet-only endpoint for remote CDP.`
|
|
460
|
+
});
|
|
461
|
+
if (isPrivateNetworkAllowedByPolicy(resolved.ssrfPolicy) && isBlockedHostnameOrIp(url.hostname)) findings.push({
|
|
462
|
+
checkId: "browser.remote_cdp_private_host",
|
|
463
|
+
severity: "warn",
|
|
464
|
+
title: "Remote CDP targets a private/internal host",
|
|
465
|
+
detail: `browser profile "${name}" points at a private/internal CDP host (${redactedCdpUrl}). This is expected for LAN/tailnet/WSL-style setups, but treat it as a trusted-network endpoint.`,
|
|
466
|
+
remediation: "Prefer a tailnet or tunnel for remote CDP. If you want strict blocking, set browser.ssrfPolicy.dangerouslyAllowPrivateNetwork=false and allow only explicit hosts."
|
|
467
|
+
});
|
|
468
|
+
}
|
|
469
|
+
return findings;
|
|
470
|
+
}
|
|
471
|
+
function collectLoggingFindings(cfg) {
|
|
472
|
+
if (cfg.logging?.redactSensitive !== "off") return [];
|
|
473
|
+
return [{
|
|
474
|
+
checkId: "logging.redact_off",
|
|
475
|
+
severity: "warn",
|
|
476
|
+
title: "Tool summary redaction is disabled",
|
|
477
|
+
detail: `logging.redactSensitive="off" can leak secrets into logs and status output.`,
|
|
478
|
+
remediation: `Set logging.redactSensitive="tools".`
|
|
479
|
+
}];
|
|
480
|
+
}
|
|
481
|
+
function collectElevatedFindings(cfg) {
|
|
482
|
+
const findings = [];
|
|
483
|
+
const enabled = cfg.tools?.elevated?.enabled;
|
|
484
|
+
const allowFrom = cfg.tools?.elevated?.allowFrom ?? {};
|
|
485
|
+
const anyAllowFromKeys = Object.keys(allowFrom).length > 0;
|
|
486
|
+
if (enabled === false) return findings;
|
|
487
|
+
if (!anyAllowFromKeys) return findings;
|
|
488
|
+
for (const [provider, list] of Object.entries(allowFrom)) {
|
|
489
|
+
const normalized = normalizeAllowFromList(list);
|
|
490
|
+
if (normalized.includes("*")) findings.push({
|
|
491
|
+
checkId: `tools.elevated.allowFrom.${provider}.wildcard`,
|
|
492
|
+
severity: "critical",
|
|
493
|
+
title: "Elevated exec allowlist contains wildcard",
|
|
494
|
+
detail: `tools.elevated.allowFrom.${provider} includes "*" which effectively approves everyone on that channel for elevated mode.`
|
|
495
|
+
});
|
|
496
|
+
else if (normalized.length > 25) findings.push({
|
|
497
|
+
checkId: `tools.elevated.allowFrom.${provider}.large`,
|
|
498
|
+
severity: "warn",
|
|
499
|
+
title: "Elevated exec allowlist is large",
|
|
500
|
+
detail: `tools.elevated.allowFrom.${provider} has ${normalized.length} entries; consider tightening elevated access.`
|
|
501
|
+
});
|
|
502
|
+
}
|
|
503
|
+
return findings;
|
|
504
|
+
}
|
|
505
|
+
function collectExecRuntimeFindings(cfg) {
|
|
506
|
+
const findings = [];
|
|
507
|
+
const globalExecHost = cfg.tools?.exec?.host;
|
|
508
|
+
const defaultSandboxMode = resolveSandboxConfigForAgent(cfg).mode;
|
|
509
|
+
if (globalExecHost === "sandbox" && defaultSandboxMode === "off") findings.push({
|
|
510
|
+
checkId: "tools.exec.host_sandbox_no_sandbox_defaults",
|
|
511
|
+
severity: "warn",
|
|
512
|
+
title: "Exec host is sandbox but sandbox mode is off",
|
|
513
|
+
detail: "tools.exec.host is explicitly set to sandbox while agents.defaults.sandbox.mode=off. In this mode, exec runs directly on the gateway host.",
|
|
514
|
+
remediation: "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) or set tools.exec.host to \"gateway\" with approvals."
|
|
515
|
+
});
|
|
516
|
+
const agents = Array.isArray(cfg.agents?.list) ? cfg.agents.list : [];
|
|
517
|
+
const riskyAgents = agents.filter((entry) => entry && typeof entry === "object" && typeof entry.id === "string" && entry.tools?.exec?.host === "sandbox" && resolveSandboxConfigForAgent(cfg, entry.id).mode === "off").map((entry) => entry.id).slice(0, 5);
|
|
518
|
+
if (riskyAgents.length > 0) findings.push({
|
|
519
|
+
checkId: "tools.exec.host_sandbox_no_sandbox_agents",
|
|
520
|
+
severity: "warn",
|
|
521
|
+
title: "Agent exec host uses sandbox while sandbox mode is off",
|
|
522
|
+
detail: `agents.list.*.tools.exec.host is set to sandbox for: ${riskyAgents.join(", ")}. With sandbox mode off, exec runs directly on the gateway host.`,
|
|
523
|
+
remediation: "Enable sandbox mode for these agents (`agents.list[].sandbox.mode`) or set their tools.exec.host to \"gateway\"."
|
|
524
|
+
});
|
|
525
|
+
const normalizeConfiguredSafeBins = (entries) => {
|
|
526
|
+
if (!Array.isArray(entries)) return [];
|
|
527
|
+
return Array.from(new Set(entries.map((entry) => typeof entry === "string" ? entry.trim().toLowerCase() : "").filter((entry) => entry.length > 0))).toSorted();
|
|
528
|
+
};
|
|
529
|
+
const normalizeConfiguredTrustedDirs = (entries) => {
|
|
530
|
+
if (!Array.isArray(entries)) return [];
|
|
531
|
+
return normalizeTrustedSafeBinDirs(entries.filter((entry) => typeof entry === "string"));
|
|
532
|
+
};
|
|
533
|
+
const classifyRiskySafeBinTrustedDir = (entry) => {
|
|
534
|
+
const raw = entry.trim();
|
|
535
|
+
if (!raw) return null;
|
|
536
|
+
if (!path.isAbsolute(raw)) return "relative path (trust boundary depends on process cwd)";
|
|
537
|
+
const normalized = path.resolve(raw).replace(/\\/g, "/").toLowerCase();
|
|
538
|
+
if (normalized === "/tmp" || normalized.startsWith("/tmp/") || normalized === "/var/tmp" || normalized.startsWith("/var/tmp/") || normalized === "/private/tmp" || normalized.startsWith("/private/tmp/")) return "temporary directory is mutable and easy to poison";
|
|
539
|
+
if (normalized === "/usr/local/bin" || normalized === "/opt/homebrew/bin" || normalized === "/opt/local/bin" || normalized === "/home/linuxbrew/.linuxbrew/bin") return "package-manager bin directory (often user-writable)";
|
|
540
|
+
if (normalized.startsWith("/users/") || normalized.startsWith("/home/") || normalized.includes("/.local/bin")) return "home-scoped bin directory (typically user-writable)";
|
|
541
|
+
if (/^[a-z]:\/users\//.test(normalized)) return "home-scoped bin directory (typically user-writable)";
|
|
542
|
+
return null;
|
|
543
|
+
};
|
|
544
|
+
const globalExec = cfg.tools?.exec;
|
|
545
|
+
const riskyTrustedDirHits = [];
|
|
546
|
+
const collectRiskyTrustedDirHits = (scopePath, entries) => {
|
|
547
|
+
for (const entry of normalizeConfiguredTrustedDirs(entries)) {
|
|
548
|
+
const reason = classifyRiskySafeBinTrustedDir(entry);
|
|
549
|
+
if (!reason) continue;
|
|
550
|
+
riskyTrustedDirHits.push(`- ${scopePath}.safeBinTrustedDirs: ${entry} (${reason})`);
|
|
551
|
+
}
|
|
552
|
+
};
|
|
553
|
+
collectRiskyTrustedDirHits("tools.exec", globalExec?.safeBinTrustedDirs);
|
|
554
|
+
for (const entry of agents) {
|
|
555
|
+
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
556
|
+
collectRiskyTrustedDirHits(`agents.list.${entry.id}.tools.exec`, entry.tools?.exec?.safeBinTrustedDirs);
|
|
557
|
+
}
|
|
558
|
+
const interpreterHits = [];
|
|
559
|
+
const globalSafeBins = normalizeConfiguredSafeBins(globalExec?.safeBins);
|
|
560
|
+
if (globalSafeBins.length > 0) {
|
|
561
|
+
const merged = resolveMergedSafeBinProfileFixtures({ global: globalExec }) ?? {};
|
|
562
|
+
const interpreters = listInterpreterLikeSafeBins(globalSafeBins).filter((bin) => !merged[bin]);
|
|
563
|
+
if (interpreters.length > 0) interpreterHits.push(`- tools.exec.safeBins: ${interpreters.join(", ")}`);
|
|
564
|
+
}
|
|
565
|
+
for (const entry of agents) {
|
|
566
|
+
if (!entry || typeof entry !== "object" || typeof entry.id !== "string") continue;
|
|
567
|
+
const agentExec = entry.tools?.exec;
|
|
568
|
+
const agentSafeBins = normalizeConfiguredSafeBins(agentExec?.safeBins);
|
|
569
|
+
if (agentSafeBins.length === 0) continue;
|
|
570
|
+
const merged = resolveMergedSafeBinProfileFixtures({
|
|
571
|
+
global: globalExec,
|
|
572
|
+
local: agentExec
|
|
573
|
+
}) ?? {};
|
|
574
|
+
const interpreters = listInterpreterLikeSafeBins(agentSafeBins).filter((bin) => !merged[bin]);
|
|
575
|
+
if (interpreters.length === 0) continue;
|
|
576
|
+
interpreterHits.push(`- agents.list.${entry.id}.tools.exec.safeBins: ${interpreters.join(", ")}`);
|
|
577
|
+
}
|
|
578
|
+
if (interpreterHits.length > 0) findings.push({
|
|
579
|
+
checkId: "tools.exec.safe_bins_interpreter_unprofiled",
|
|
580
|
+
severity: "warn",
|
|
581
|
+
title: "safeBins includes interpreter/runtime binaries without explicit profiles",
|
|
582
|
+
detail: `Detected interpreter-like safeBins entries missing explicit profiles:\n${interpreterHits.join("\n")}\nThese entries can turn safeBins into a broad execution surface when used with permissive argv profiles.`,
|
|
583
|
+
remediation: "Remove interpreter/runtime bins from safeBins (prefer allowlist entries) or define hardened tools.exec.safeBinProfiles.<bin> rules."
|
|
584
|
+
});
|
|
585
|
+
if (riskyTrustedDirHits.length > 0) findings.push({
|
|
586
|
+
checkId: "tools.exec.safe_bin_trusted_dirs_risky",
|
|
587
|
+
severity: "warn",
|
|
588
|
+
title: "safeBinTrustedDirs includes risky mutable directories",
|
|
589
|
+
detail: `Detected risky safeBinTrustedDirs entries:\n${riskyTrustedDirHits.slice(0, 10).join("\n")}` + (riskyTrustedDirHits.length > 10 ? `\n- +${riskyTrustedDirHits.length - 10} more entries.` : ""),
|
|
590
|
+
remediation: "Prefer root-owned immutable bins, keep default trust dirs (/bin, /usr/bin), and avoid trusting temporary/home/package-manager paths unless tightly controlled."
|
|
591
|
+
});
|
|
592
|
+
return findings;
|
|
593
|
+
}
|
|
594
|
+
async function maybeProbeGateway(params) {
|
|
595
|
+
const { buildGatewayConnectionDetails, resolveGatewayProbeAuthSafe } = await loadGatewayProbeDeps();
|
|
596
|
+
const url = buildGatewayConnectionDetails({ config: params.cfg }).url;
|
|
597
|
+
const isRemoteMode = params.cfg.gateway?.mode === "remote";
|
|
598
|
+
const remoteUrlRaw = typeof params.cfg.gateway?.remote?.url === "string" ? params.cfg.gateway.remote.url.trim() : "";
|
|
599
|
+
const authResolution = !isRemoteMode || isRemoteMode && !remoteUrlRaw ? resolveGatewayProbeAuthSafe({
|
|
600
|
+
cfg: params.cfg,
|
|
601
|
+
env: params.env,
|
|
602
|
+
mode: "local",
|
|
603
|
+
explicitAuth: params.explicitAuth
|
|
604
|
+
}) : resolveGatewayProbeAuthSafe({
|
|
605
|
+
cfg: params.cfg,
|
|
606
|
+
env: params.env,
|
|
607
|
+
mode: "remote",
|
|
608
|
+
explicitAuth: params.explicitAuth
|
|
609
|
+
});
|
|
610
|
+
const res = await params.probe({
|
|
611
|
+
url,
|
|
612
|
+
auth: authResolution.auth,
|
|
613
|
+
timeoutMs: params.timeoutMs
|
|
614
|
+
}).catch((err) => ({
|
|
615
|
+
ok: false,
|
|
616
|
+
url,
|
|
617
|
+
connectLatencyMs: null,
|
|
618
|
+
error: String(err),
|
|
619
|
+
close: null,
|
|
620
|
+
health: null,
|
|
621
|
+
status: null,
|
|
622
|
+
presence: null,
|
|
623
|
+
configSnapshot: null
|
|
624
|
+
}));
|
|
625
|
+
if (authResolution.warning && !res.ok) res.error = res.error ? `${res.error}; ${authResolution.warning}` : authResolution.warning;
|
|
626
|
+
return {
|
|
627
|
+
deep: { gateway: {
|
|
628
|
+
attempted: true,
|
|
629
|
+
url,
|
|
630
|
+
ok: res.ok,
|
|
631
|
+
error: res.ok ? null : res.error,
|
|
632
|
+
close: res.close ? {
|
|
633
|
+
code: res.close.code,
|
|
634
|
+
reason: res.close.reason
|
|
635
|
+
} : null
|
|
636
|
+
} },
|
|
637
|
+
authWarning: authResolution.warning
|
|
638
|
+
};
|
|
639
|
+
}
|
|
640
|
+
async function createAuditExecutionContext(opts) {
|
|
641
|
+
const cfg = opts.config;
|
|
642
|
+
const sourceConfig = opts.sourceConfig ?? opts.config;
|
|
643
|
+
const env = opts.env ?? process.env;
|
|
644
|
+
const platform = opts.platform ?? process.platform;
|
|
645
|
+
const includeFilesystem = opts.includeFilesystem !== false;
|
|
646
|
+
const includeChannelSecurity = opts.includeChannelSecurity !== false;
|
|
647
|
+
const deep = opts.deep === true;
|
|
648
|
+
const deepTimeoutMs = Math.max(250, opts.deepTimeoutMs ?? 5e3);
|
|
649
|
+
const stateDir = opts.stateDir ?? resolveStateDir(env);
|
|
650
|
+
const configPath = opts.configPath ?? resolveConfigPath(env, stateDir);
|
|
651
|
+
const { readConfigSnapshotForAudit } = await loadAuditNonDeepModule();
|
|
652
|
+
const configSnapshot = includeFilesystem ? opts.configSnapshot !== void 0 ? opts.configSnapshot : await readConfigSnapshotForAudit({
|
|
653
|
+
env,
|
|
654
|
+
configPath
|
|
655
|
+
}).catch(() => null) : null;
|
|
656
|
+
return {
|
|
657
|
+
cfg,
|
|
658
|
+
sourceConfig,
|
|
659
|
+
env,
|
|
660
|
+
platform,
|
|
661
|
+
includeFilesystem,
|
|
662
|
+
includeChannelSecurity,
|
|
663
|
+
deep,
|
|
664
|
+
deepTimeoutMs,
|
|
665
|
+
stateDir,
|
|
666
|
+
configPath,
|
|
667
|
+
execIcacls: opts.execIcacls,
|
|
668
|
+
execDockerRawFn: opts.execDockerRawFn,
|
|
669
|
+
probeGatewayFn: opts.probeGatewayFn,
|
|
670
|
+
plugins: opts.plugins,
|
|
671
|
+
configSnapshot,
|
|
672
|
+
codeSafetySummaryCache: opts.codeSafetySummaryCache ?? /* @__PURE__ */ new Map(),
|
|
673
|
+
deepProbeAuth: opts.deepProbeAuth
|
|
674
|
+
};
|
|
675
|
+
}
|
|
676
|
+
async function runSecurityAudit(opts) {
|
|
677
|
+
const findings = [];
|
|
678
|
+
const context = await createAuditExecutionContext(opts);
|
|
679
|
+
const { cfg, env, platform, stateDir, configPath } = context;
|
|
680
|
+
const auditNonDeep = await loadAuditNonDeepModule();
|
|
681
|
+
findings.push(...auditNonDeep.collectAttackSurfaceSummaryFindings(cfg));
|
|
682
|
+
findings.push(...auditNonDeep.collectSyncedFolderFindings({
|
|
683
|
+
stateDir,
|
|
684
|
+
configPath
|
|
685
|
+
}));
|
|
686
|
+
findings.push(...collectGatewayConfigFindings(cfg, context.sourceConfig, env));
|
|
687
|
+
findings.push(...collectBrowserControlFindings(cfg, env));
|
|
688
|
+
findings.push(...collectLoggingFindings(cfg));
|
|
689
|
+
findings.push(...collectElevatedFindings(cfg));
|
|
690
|
+
findings.push(...collectExecRuntimeFindings(cfg));
|
|
691
|
+
findings.push(...auditNonDeep.collectHooksHardeningFindings(cfg, env));
|
|
692
|
+
findings.push(...auditNonDeep.collectGatewayHttpNoAuthFindings(cfg, env));
|
|
693
|
+
findings.push(...auditNonDeep.collectGatewayHttpSessionKeyOverrideFindings(cfg));
|
|
694
|
+
findings.push(...auditNonDeep.collectSandboxDockerNoopFindings(cfg));
|
|
695
|
+
findings.push(...auditNonDeep.collectSandboxDangerousConfigFindings(cfg));
|
|
696
|
+
findings.push(...auditNonDeep.collectNodeDenyCommandPatternFindings(cfg));
|
|
697
|
+
findings.push(...auditNonDeep.collectNodeDangerousAllowCommandFindings(cfg));
|
|
698
|
+
findings.push(...auditNonDeep.collectMinimalProfileOverrideFindings(cfg));
|
|
699
|
+
findings.push(...auditNonDeep.collectSecretsInConfigFindings(cfg));
|
|
700
|
+
findings.push(...auditNonDeep.collectModelHygieneFindings(cfg));
|
|
701
|
+
findings.push(...auditNonDeep.collectSmallModelRiskFindings({
|
|
702
|
+
cfg,
|
|
703
|
+
env
|
|
704
|
+
}));
|
|
705
|
+
findings.push(...auditNonDeep.collectExposureMatrixFindings(cfg));
|
|
706
|
+
findings.push(...auditNonDeep.collectLikelyMultiUserSetupFindings(cfg));
|
|
707
|
+
if (context.includeFilesystem) {
|
|
708
|
+
findings.push(...await collectFilesystemFindings({
|
|
709
|
+
stateDir,
|
|
710
|
+
configPath,
|
|
711
|
+
env,
|
|
712
|
+
platform,
|
|
713
|
+
execIcacls: context.execIcacls
|
|
714
|
+
}));
|
|
715
|
+
if (context.configSnapshot) findings.push(...await auditNonDeep.collectIncludeFilePermFindings({
|
|
716
|
+
configSnapshot: context.configSnapshot,
|
|
717
|
+
env,
|
|
718
|
+
platform,
|
|
719
|
+
execIcacls: context.execIcacls
|
|
720
|
+
}));
|
|
721
|
+
findings.push(...await auditNonDeep.collectStateDeepFilesystemFindings({
|
|
722
|
+
cfg,
|
|
723
|
+
env,
|
|
724
|
+
stateDir,
|
|
725
|
+
platform,
|
|
726
|
+
execIcacls: context.execIcacls
|
|
727
|
+
}));
|
|
728
|
+
findings.push(...await auditNonDeep.collectWorkspaceSkillSymlinkEscapeFindings({ cfg }));
|
|
729
|
+
findings.push(...await auditNonDeep.collectSandboxBrowserHashLabelFindings({ execDockerRawFn: context.execDockerRawFn }));
|
|
730
|
+
findings.push(...await auditNonDeep.collectPluginsTrustFindings({
|
|
731
|
+
cfg,
|
|
732
|
+
stateDir
|
|
733
|
+
}));
|
|
734
|
+
if (context.deep) {
|
|
735
|
+
const auditDeep = await loadAuditDeepModule();
|
|
736
|
+
findings.push(...await auditDeep.collectPluginsCodeSafetyFindings({
|
|
737
|
+
stateDir,
|
|
738
|
+
summaryCache: context.codeSafetySummaryCache
|
|
739
|
+
}));
|
|
740
|
+
findings.push(...await auditDeep.collectInstalledSkillsCodeSafetyFindings({
|
|
741
|
+
cfg,
|
|
742
|
+
stateDir,
|
|
743
|
+
summaryCache: context.codeSafetySummaryCache
|
|
744
|
+
}));
|
|
745
|
+
}
|
|
746
|
+
}
|
|
747
|
+
if (context.includeChannelSecurity && (context.plugins !== void 0 || hasPotentialConfiguredChannels(cfg, env))) {
|
|
748
|
+
const channelPlugins = context.plugins ?? (await loadChannelPlugins()).listChannelPlugins();
|
|
749
|
+
const { collectChannelSecurityFindings } = await loadAuditChannelModule();
|
|
750
|
+
findings.push(...await collectChannelSecurityFindings({
|
|
751
|
+
cfg,
|
|
752
|
+
sourceConfig: context.sourceConfig,
|
|
753
|
+
plugins: channelPlugins
|
|
754
|
+
}));
|
|
755
|
+
}
|
|
756
|
+
const deepProbeResult = context.deep ? await maybeProbeGateway({
|
|
757
|
+
cfg,
|
|
758
|
+
env,
|
|
759
|
+
timeoutMs: context.deepTimeoutMs,
|
|
760
|
+
probe: context.probeGatewayFn ?? (await loadGatewayProbeDeps()).probeGateway,
|
|
761
|
+
explicitAuth: context.deepProbeAuth
|
|
762
|
+
}) : void 0;
|
|
763
|
+
const deep = deepProbeResult?.deep;
|
|
764
|
+
if (deep?.gateway?.attempted && !deep.gateway.ok) findings.push({
|
|
765
|
+
checkId: "gateway.probe_failed",
|
|
766
|
+
severity: "warn",
|
|
767
|
+
title: "Gateway probe failed (deep)",
|
|
768
|
+
detail: deep.gateway.error ?? "gateway unreachable",
|
|
769
|
+
remediation: `Run "${formatCliCommand("moldclaw status --all")}" to debug connectivity/auth, then re-run "${formatCliCommand("moldclaw security audit --deep")}".`
|
|
770
|
+
});
|
|
771
|
+
if (deepProbeResult?.authWarning) findings.push({
|
|
772
|
+
checkId: "gateway.probe_auth_secretref_unavailable",
|
|
773
|
+
severity: "warn",
|
|
774
|
+
title: "Gateway probe auth SecretRef is unavailable",
|
|
775
|
+
detail: deepProbeResult.authWarning,
|
|
776
|
+
remediation: `Set MOLDCLAW_GATEWAY_TOKEN/MOLDCLAW_GATEWAY_PASSWORD in this shell or resolve the external secret provider, then re-run "${formatCliCommand("moldclaw security audit --deep")}".`
|
|
777
|
+
});
|
|
778
|
+
const summary = countBySeverity(findings);
|
|
779
|
+
return {
|
|
780
|
+
ts: Date.now(),
|
|
781
|
+
summary,
|
|
782
|
+
findings,
|
|
783
|
+
deep
|
|
784
|
+
};
|
|
785
|
+
}
|
|
786
|
+
//#endregion
|
|
787
|
+
export { runSecurityAudit as t };
|