@spacebar_ai/moldclaw-core 2026.3.43 → 2026.3.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/accounts-5qY-dKca.d.ts +103 -0
- package/dist/accounts-SqdHz2ZP.js +114 -0
- package/dist/acp-cli-E6bcNqiE.js +2093 -0
- package/dist/actions.runtime-BU_XMuLk.js +119 -0
- package/dist/actions.runtime-CY5h8lqH.js +133 -0
- package/dist/agent-scope-lZlwP1At.js +208 -0
- package/dist/agents-C4SkadR1.js +853 -0
- package/dist/agents-RfwqGCzE.js +222 -0
- package/dist/agents.config-CX9CPNfP.js +17 -0
- package/dist/agents.config-DF9Zwn9n.js +121 -0
- package/dist/allow-list-3WSjz1zl.js +81 -0
- package/dist/allowlist-DNbDjFjw.js +142 -0
- package/dist/api-BEOpJ7dR.js +117 -0
- package/dist/audit-CpJz_eu6.js +787 -0
- package/dist/audit-CpfSjvyo.js +54 -0
- package/dist/audit-channel.collect.runtime-BeGotloZ.js +605 -0
- package/dist/audit-channel.runtime-BJDZ7ETt.js +121 -0
- package/dist/audit-extra.async-C2G0mqmk.js +813 -0
- package/dist/audit-membership-runtime-B1FqJsPV.js +162 -0
- package/dist/audit.deep.runtime-DyL9O_sU.js +25 -0
- package/dist/audit.nondeep.runtime-C6jFgJfH.js +832 -0
- package/dist/audit.runtime-Dnlsn23e.js +118 -0
- package/dist/auth-Ch3Rchm4.js +101 -0
- package/dist/auth-choice-CEFSlnLT.js +122 -0
- package/dist/auth-choice-CVCef-eU.js +268 -0
- package/dist/auth-choice-Cez-pXrg.js +507 -0
- package/dist/auth-choice-options-DO78mvPe.js +123 -0
- package/dist/auth-choice-prompt-CUkC7Mmb.js +36 -0
- package/dist/auth-choice-prompt-DCuQRiVl.js +115 -0
- package/dist/auth-choice.apply-helpers-BhbNIV8X.js +66 -0
- package/dist/auth-choice.plugin-providers.runtime-4BhqvEw_.js +119 -0
- package/dist/auth-profiles-smABVXzp.js +128040 -0
- package/dist/auth-profiles.runtime-Cr-ojtTc.js +116 -0
- package/dist/banner-CojBHPWr.js +342 -0
- package/dist/bluebubbles-BnLsj2Fy.d.ts +6 -0
- package/dist/bluebubbles-CVk7M3Bl.js +64 -0
- package/dist/bot-DdyrB2z9.d.ts +478 -0
- package/dist/brave-w4Fo8WZ3.js +24 -0
- package/dist/browser-cli-DWFs3P_i.js +1494 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.d.ts +1 -1
- package/dist/bundled/boot-md/handler.js +35 -35
- package/dist/bundled/bootstrap-extra-files/handler.d.ts +1 -1
- package/dist/bundled/bootstrap-extra-files/handler.js +1 -1
- package/dist/bundled/command-logger/handler.d.ts +1 -1
- package/dist/bundled/session-memory/handler.d.ts +1 -1
- package/dist/bundled/session-memory/handler.js +36 -36
- package/dist/call-Do7wTSr7.js +39 -0
- package/dist/call-gdDAt07d.js +640 -0
- package/dist/canvas-host/a2ui/.bundle.hash +1 -1
- package/dist/channel-B26pkce0.js +214 -0
- package/dist/channel-BJHp0AQC.js +352 -0
- package/dist/channel-BKFOv51P.js +4681 -0
- package/dist/channel-BNgpOY8v.js +538 -0
- package/dist/channel-BcQAAo2P.js +226 -0
- package/dist/channel-BvNdnhbx.js +1598 -0
- package/dist/channel-C1Rda3Jd.js +306 -0
- package/dist/channel-C87DG-F7.js +803 -0
- package/dist/channel-CIip0kvZ.js +619 -0
- package/dist/channel-CTPxoT_E2.js +316 -0
- package/dist/channel-CklaCzUG.js +562 -0
- package/dist/channel-CoJnAdLs.js +920 -0
- package/dist/channel-D3tafL1_.js +949 -0
- package/dist/channel-DFMrP2uu.js +542 -0
- package/dist/channel-DMd5cJQe.js +397 -0
- package/dist/channel-Dm34kxAJ.js +207 -0
- package/dist/channel-DmwF9udn.js +1321 -0
- package/dist/channel-account-context-Bjur9nlh.js +103 -0
- package/dist/channel-bGnST659.js +943 -0
- package/dist/channel-hIgbkTZf.js +575 -0
- package/dist/channel-m_TGrDKo.js +497 -0
- package/dist/channel-options-DoUPBMa8.js +50 -0
- package/dist/channel-plugin-ids-TZIY4hFs.js +26 -0
- package/dist/channel-summary-qD54bOBO.js +111 -0
- package/dist/channel.runtime-B0H04Dkk.js +199 -0
- package/dist/channel.runtime-BU1f3NkV.js +418 -0
- package/dist/channel.runtime-Bj1sfLep.js +4011 -0
- package/dist/channel.runtime-BtPAAJc3.js +870 -0
- package/dist/channel.runtime-Bx-10m_j.js +171 -0
- package/dist/channel.runtime-CI_TBywQ.js +179 -0
- package/dist/channel.runtime-CSLj14-Z.js +182 -0
- package/dist/channel.runtime-D-lTSYAd.js +404 -0
- package/dist/channel.runtime-DJqIOSji.js +127 -0
- package/dist/channel.runtime-Ec8aQ9V2.js +241 -0
- package/dist/channel.runtime-ax5a1jBm.js +218 -0
- package/dist/channel.setup-B-ncdYLT.js +9 -0
- package/dist/channel.setup-BY4bh5dm.js +9 -0
- package/dist/channel.setup-BovsdMnL.js +57 -0
- package/dist/channel.setup-CXzXA25h.js +6 -0
- package/dist/channel.setup-DcZUEufN.js +8 -0
- package/dist/channel.setup-E6zceRsE.js +8 -0
- package/dist/channel.setup-Pc7nGbdX.js +11 -0
- package/dist/channels/plugins/actions/discord.d.ts +2 -2
- package/dist/channels/plugins/actions/discord.js +35 -35
- package/dist/channels/plugins/actions/signal.d.ts +1 -1
- package/dist/channels/plugins/actions/signal.js +35 -35
- package/dist/channels/plugins/actions/telegram.d.ts +2 -2
- package/dist/channels/plugins/actions/telegram.js +35 -35
- package/dist/channels/plugins/agent-tools/whatsapp-login.d.ts +3 -3
- package/dist/channels/plugins/agent-tools/whatsapp-login.js +35 -35
- package/dist/channels-CPtE5ND6.js +404 -0
- package/dist/channels-Cj8ZolHI.js +1118 -0
- package/dist/channels-cli-D2sKrntt.js +291 -0
- package/dist/channels-status-issues-CzIHODg2.js +16 -0
- package/dist/clawbot-cli-BcwEDmUn.js +118 -0
- package/dist/cleanup-utils-D0L17RsX.js +96 -0
- package/dist/cli/daemon-cli.js +1 -1
- package/dist/cli-BvGVPKnD.js +154 -0
- package/dist/command-registry-CADQzTAg.js +14 -0
- package/dist/command-registry-ktiJNAJd.js +242 -0
- package/dist/command-secret-gateway-CXp10RTM.js +111 -0
- package/dist/compact.runtime-DyKL-Iar.js +116 -0
- package/dist/completion-cli-Bz4STrpt.js +17 -0
- package/dist/completion-cli-pVda2OFb.js +445 -0
- package/dist/config-BbvDRSYp.js +31 -0
- package/dist/config-CwBv71QC.js +44 -0
- package/dist/config-cli-Y0uXHbOw.js +678 -0
- package/dist/config-guard-BpW5g7JE.js +118 -0
- package/dist/config-validation-B-vLIsbo.js +262 -0
- package/dist/config-value-DT3-5958.js +132 -0
- package/dist/configure-B9U-jCqP.js +1100 -0
- package/dist/configure-BJ3Wrs5b.js +243 -0
- package/dist/control-ui-assets-C1YDYi82.js +232 -0
- package/dist/control-ui-shared-Dm5Dh0Lo.js +29 -0
- package/dist/core-BwKq3krw.js +150 -0
- package/dist/core-hjBwfDsW.d.ts +87 -0
- package/dist/cron-cli-DTDgfoMh.js +639 -0
- package/dist/daemon-cli-C-dkAXR1.js +339 -0
- package/dist/daemon-install-Oy0Q5pMF.js +180 -0
- package/dist/deliver-DNGnDqF9.js +111 -0
- package/dist/deliver-runtime-CCNZIhET.js +111 -0
- package/dist/device-id-cli-XvwZbIyC.js +52 -0
- package/dist/device-identity-IG5DngWM.js +365 -0
- package/dist/devices-cli-DIsxj4xp.js +342 -0
- package/dist/diagnostic-DTPopFvh.js +310 -0
- package/dist/directory-cli-DTSY3Ktr.js +311 -0
- package/dist/directory-config-helpers-DpFcAbmo.d.ts +38 -0
- package/dist/directory.static-CBRAUwUW.js +44 -0
- package/dist/discord-CrgxhEWw.js +114 -0
- package/dist/discovery-DrG7wmAR.js +48 -0
- package/dist/dm-policy-shared-DKoGdUpY.d.ts +95 -0
- package/dist/dns-cli-BJiz6CLK.js +217 -0
- package/dist/docs-cli-Dq2Yi5qO.js +174 -0
- package/dist/doctor-completion-D3GeVcFP.js +90 -0
- package/dist/doctor-config-flow-B1cMjr8h.js +112 -0
- package/dist/doctor-config-flow-BUe7JpV3.js +2437 -0
- package/dist/enable-Bc8bCuVe.js +24 -0
- package/dist/entry.js +4 -4
- package/dist/exec-approvals-cli-kLAev6bP.js +421 -0
- package/dist/extensions/acpx/index.d.ts +1 -1
- package/dist/extensions/amazon-bedrock/index.d.ts +1 -1
- package/dist/extensions/amazon-bedrock/index.js +4 -4
- package/dist/extensions/anthropic/index.d.ts +1 -1
- package/dist/extensions/anthropic/index.js +35 -35
- package/dist/extensions/bluebubbles/index.d.ts +1 -1
- package/dist/extensions/bluebubbles/index.js +39 -39
- package/dist/extensions/bluebubbles/setup-entry.d.ts +2 -2
- package/dist/extensions/bluebubbles/setup-entry.js +39 -39
- package/dist/extensions/brave/index.d.ts +1 -1
- package/dist/extensions/brave/index.js +5 -5
- package/dist/extensions/byteplus/index.d.ts +1 -1
- package/dist/extensions/byteplus/index.js +35 -35
- package/dist/extensions/cloudflare-ai-gateway/index.d.ts +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +36 -36
- package/dist/extensions/copilot-proxy/index.d.ts +1 -1
- package/dist/extensions/copilot-proxy/index.js +4 -4
- package/dist/extensions/device-pair/index.d.ts +1 -1
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/diagnostics-otel/index.d.ts +1 -1
- package/dist/extensions/diagnostics-otel/index.js +4 -4
- package/dist/extensions/diffs/index.d.ts +1 -1
- package/dist/extensions/discord/index.d.ts +1 -1
- package/dist/extensions/discord/index.js +40 -40
- package/dist/extensions/discord/setup-entry.d.ts +1 -1
- package/dist/extensions/discord/setup-entry.js +38 -38
- package/dist/extensions/elevenlabs/index.d.ts +1 -1
- package/dist/extensions/elevenlabs/index.js +35 -35
- package/dist/extensions/feishu/index.d.ts +2 -2
- package/dist/extensions/feishu/index.js +40 -40
- package/dist/extensions/feishu/setup-entry.d.ts +2 -2
- package/dist/extensions/feishu/setup-entry.js +37 -37
- package/dist/extensions/firecrawl/index.d.ts +1 -1
- package/dist/extensions/firecrawl/index.js +35 -35
- package/dist/extensions/github-copilot/index.d.ts +1 -1
- package/dist/extensions/github-copilot/index.js +35 -35
- package/dist/extensions/google/index.d.ts +1 -1
- package/dist/extensions/google/index.js +35 -35
- package/dist/extensions/googlechat/index.d.ts +1 -1
- package/dist/extensions/googlechat/index.js +38 -38
- package/dist/extensions/googlechat/setup-entry.d.ts +1 -1
- package/dist/extensions/googlechat/setup-entry.js +38 -38
- package/dist/extensions/huggingface/index.d.ts +1 -1
- package/dist/extensions/huggingface/index.js +35 -35
- package/dist/extensions/imessage/index.d.ts +1 -1
- package/dist/extensions/imessage/index.js +39 -39
- package/dist/extensions/imessage/setup-entry.d.ts +1 -1
- package/dist/extensions/imessage/setup-entry.js +39 -39
- package/dist/extensions/irc/index.d.ts +1 -1
- package/dist/extensions/irc/index.js +38 -38
- package/dist/extensions/irc/setup-entry.d.ts +2 -2
- package/dist/extensions/irc/setup-entry.js +38 -38
- package/dist/extensions/kakao-talkchannel/index.d.ts +1 -1
- package/dist/extensions/kakao-talkchannel/index.js +4 -4
- package/dist/extensions/kilocode/index.d.ts +1 -1
- package/dist/extensions/kilocode/index.js +35 -35
- package/dist/extensions/kimi-coding/index.d.ts +1 -1
- package/dist/extensions/kimi-coding/index.js +35 -35
- package/dist/extensions/line/index.d.ts +1 -1
- package/dist/extensions/line/index.js +37 -37
- package/dist/extensions/line/setup-entry.d.ts +1 -1
- package/dist/extensions/line/setup-entry.js +37 -37
- package/dist/extensions/llm-task/index.d.ts +1 -1
- package/dist/extensions/llm-task/index.js +35 -35
- package/dist/extensions/lobster/index.d.ts +1 -1
- package/dist/extensions/lobster/index.js +4 -4
- package/dist/extensions/matrix/index.d.ts +1 -1
- package/dist/extensions/matrix/index.js +40 -40
- package/dist/extensions/matrix/setup-entry.d.ts +2 -2
- package/dist/extensions/matrix/setup-entry.js +40 -40
- package/dist/extensions/mattermost/index.d.ts +1 -1
- package/dist/extensions/mattermost/index.js +37 -37
- package/dist/extensions/mattermost/setup-entry.d.ts +2 -2
- package/dist/extensions/mattermost/setup-entry.js +37 -37
- package/dist/extensions/memory-core/index.d.ts +1 -1
- package/dist/extensions/memory-core/index.js +4 -4
- package/dist/extensions/memory-lancedb/index.d.ts +1 -1
- package/dist/extensions/memory-lancedb/index.js +4 -4
- package/dist/extensions/microsoft/index.d.ts +1 -1
- package/dist/extensions/microsoft/index.js +35 -35
- package/dist/extensions/minimax/index.d.ts +1 -1
- package/dist/extensions/minimax/index.js +35 -35
- package/dist/extensions/mistral/index.d.ts +1 -1
- package/dist/extensions/mistral/index.js +35 -35
- package/dist/extensions/modelstudio/index.d.ts +1 -1
- package/dist/extensions/modelstudio/index.js +35 -35
- package/dist/extensions/moonshot/index.d.ts +1 -1
- package/dist/extensions/moonshot/index.js +35 -35
- package/dist/extensions/msteams/index.d.ts +1 -1
- package/dist/extensions/msteams/index.js +40 -40
- package/dist/extensions/msteams/setup-entry.d.ts +1 -1
- package/dist/extensions/msteams/setup-entry.js +40 -40
- package/dist/extensions/nextcloud-talk/index.d.ts +1 -1
- package/dist/extensions/nextcloud-talk/index.js +37 -37
- package/dist/extensions/nextcloud-talk/setup-entry.d.ts +2 -2
- package/dist/extensions/nextcloud-talk/setup-entry.js +37 -37
- package/dist/extensions/nostr/index.d.ts +1 -1
- package/dist/extensions/nostr/index.js +37 -37
- package/dist/extensions/nostr/setup-entry.d.ts +1 -1
- package/dist/extensions/nostr/setup-entry.js +37 -37
- package/dist/extensions/nvidia/index.d.ts +1 -1
- package/dist/extensions/nvidia/index.js +4 -4
- package/dist/extensions/ollama/index.d.ts +1 -1
- package/dist/extensions/ollama/index.js +7 -7
- package/dist/extensions/open-prose/index.d.ts +1 -1
- package/dist/extensions/open-prose/index.js +4 -4
- package/dist/extensions/openai/index.d.ts +1 -1
- package/dist/extensions/openai/index.js +35 -35
- package/dist/extensions/opencode/index.d.ts +1 -1
- package/dist/extensions/opencode/index.js +35 -35
- package/dist/extensions/opencode-go/index.d.ts +1 -1
- package/dist/extensions/opencode-go/index.js +35 -35
- package/dist/extensions/openrouter/index.d.ts +1 -1
- package/dist/extensions/openrouter/index.js +35 -35
- package/dist/extensions/openshell/index.d.ts +1 -1
- package/dist/extensions/openshell/index.js +35 -35
- package/dist/extensions/perplexity/index.d.ts +1 -1
- package/dist/extensions/perplexity/index.js +5 -5
- package/dist/extensions/phone-control/index.d.ts +1 -1
- package/dist/extensions/phone-control/index.js +4 -4
- package/dist/extensions/qianfan/index.d.ts +1 -1
- package/dist/extensions/qianfan/index.js +35 -35
- package/dist/extensions/qwen-portal-auth/index.d.ts +1 -1
- package/dist/extensions/qwen-portal-auth/index.js +35 -35
- package/dist/extensions/sglang/index.d.ts +1 -1
- package/dist/extensions/sglang/index.js +35 -35
- package/dist/extensions/signal/index.d.ts +1 -1
- package/dist/extensions/signal/index.js +38 -38
- package/dist/extensions/signal/setup-entry.d.ts +1 -1
- package/dist/extensions/signal/setup-entry.js +38 -38
- package/dist/extensions/slack/index.d.ts +1 -1
- package/dist/extensions/slack/index.js +39 -39
- package/dist/extensions/slack/setup-entry.d.ts +1 -1
- package/dist/extensions/slack/setup-entry.js +38 -38
- package/dist/extensions/synology-chat/index.d.ts +1 -1
- package/dist/extensions/synology-chat/index.js +37 -37
- package/dist/extensions/synology-chat/setup-entry.d.ts +1 -1
- package/dist/extensions/synology-chat/setup-entry.js +37 -37
- package/dist/extensions/synthetic/index.d.ts +1 -1
- package/dist/extensions/synthetic/index.js +35 -35
- package/dist/extensions/talk-voice/index.d.ts +1 -1
- package/dist/extensions/talk-voice/index.js +35 -35
- package/dist/extensions/telegram/index.d.ts +1 -1
- package/dist/extensions/telegram/index.js +38 -38
- package/dist/extensions/telegram/setup-entry.d.ts +1 -1
- package/dist/extensions/telegram/setup-entry.js +37 -37
- package/dist/extensions/thread-ownership/index.d.ts +1 -1
- package/dist/extensions/thread-ownership/index.js +4 -4
- package/dist/extensions/tlon/index.d.ts +1 -1
- package/dist/extensions/tlon/index.js +37 -37
- package/dist/extensions/tlon/setup-entry.d.ts +1 -1
- package/dist/extensions/tlon/setup-entry.js +37 -37
- package/dist/extensions/together/index.d.ts +1 -1
- package/dist/extensions/together/index.js +35 -35
- package/dist/extensions/twitch/index.d.ts +2 -2
- package/dist/extensions/twitch/index.js +37 -37
- package/dist/extensions/venice/index.d.ts +1 -1
- package/dist/extensions/venice/index.js +35 -35
- package/dist/extensions/vercel-ai-gateway/index.d.ts +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +36 -36
- package/dist/extensions/vllm/index.d.ts +1 -1
- package/dist/extensions/vllm/index.js +35 -35
- package/dist/extensions/voice-call/index.d.ts +1 -1
- package/dist/extensions/voice-call/index.js +35 -35
- package/dist/extensions/volcengine/index.d.ts +1 -1
- package/dist/extensions/volcengine/index.js +35 -35
- package/dist/extensions/whatsapp/index.d.ts +1 -1
- package/dist/extensions/whatsapp/index.js +38 -38
- package/dist/extensions/whatsapp/setup-entry.d.ts +1 -1
- package/dist/extensions/whatsapp/setup-entry.js +38 -38
- package/dist/extensions/xai/index.d.ts +1 -1
- package/dist/extensions/xai/index.js +35 -35
- package/dist/extensions/xiaomi/index.d.ts +1 -1
- package/dist/extensions/xiaomi/index.js +35 -35
- package/dist/extensions/zai/index.d.ts +1 -1
- package/dist/extensions/zai/index.js +35 -35
- package/dist/extensions/zalo/index.d.ts +1 -1
- package/dist/extensions/zalo/index.js +39 -39
- package/dist/extensions/zalo/setup-entry.d.ts +1 -1
- package/dist/extensions/zalo/setup-entry.js +39 -39
- package/dist/extensions/zalouser/index.d.ts +1 -1
- package/dist/extensions/zalouser/index.js +40 -40
- package/dist/extensions/zalouser/setup-entry.d.ts +1 -1
- package/dist/extensions/zalouser/setup-entry.js +40 -40
- package/dist/feishu-fIcnHDTd.d.ts +36 -0
- package/dist/gateway-cli-0c-8h93_.js +26437 -0
- package/dist/gateway-install-token-1PwJvrBY.js +163 -0
- package/dist/gateway-rpc-C0Vk51W7.js +26 -0
- package/dist/gateway-runtime-CBm3CCoA.js +69 -0
- package/dist/git-commit-BTWXFY41.js +177 -0
- package/dist/git-commit-D6GTN5Yt.js +2 -0
- package/dist/googlechat-BQr4xgoZ.js +307 -0
- package/dist/googlechat-BvwsCVKl.d.ts +12 -0
- package/dist/group-access-DpiQnd-G.d.ts +61 -0
- package/dist/health-6yZQGADY.js +113 -0
- package/dist/health-C9DYGyRe.js +570 -0
- package/dist/heartbeat-summary-Dct2lqJj.js +57 -0
- package/dist/help-CtwSApfq.js +81 -0
- package/dist/hooks-9gokOxZ5.d.ts +6 -0
- package/dist/hooks-cli-BegKzHZT.js +1000 -0
- package/dist/hooks-status-Bm_pGORf.js +78 -0
- package/dist/http-registry-D-S6a1Na.d.ts +20 -0
- package/dist/identity-file-Diub2a0t.js +60 -0
- package/dist/image-generation-CbIVzmAR.d.ts +9 -0
- package/dist/imessage-Bgok9kfl.js +31 -0
- package/dist/imessage-VIHePprL.js +115 -0
- package/dist/inbound-reply-dispatch-B53GAGWq.js +71 -0
- package/dist/inbound-reply-dispatch-n7U3qg15.d.ts +72 -0
- package/dist/index.js +2 -2
- package/dist/install-target-oz1pjfHH.js +574 -0
- package/dist/installs-CUFm5V8a.js +532 -0
- package/dist/io-BaBxjB1v.js +9739 -0
- package/dist/io-CgHb1Jld.js +29 -0
- package/dist/irc-CaRKzGvW.js +672 -0
- package/dist/library-C5SNBCMb.js +112 -0
- package/dist/lifecycle-core-Dn8PK6nk.js +382 -0
- package/dist/line/accounts.d.ts +2 -2
- package/dist/line/send.d.ts +1 -1
- package/dist/line/send.js +7 -7
- package/dist/line/template-messages.d.ts +1 -1
- package/dist/line-B5QFpgN_.d.ts +75 -0
- package/dist/line-fePrrQOD.js +530 -0
- package/dist/llm-slug-generator-hKae3XDA.js +67 -0
- package/dist/llm-slug-generator.d.ts +1 -1
- package/dist/llm-slug-generator.js +36 -36
- package/dist/logging-CdisccbY.js +13 -0
- package/dist/logging-LKQSgX1d.js +30 -0
- package/dist/login-qr-C1YWh4nE.js +233 -0
- package/dist/login-qr-WFluMDMb.js +112 -0
- package/dist/logs-cli-CNzOvZ2d.js +256 -0
- package/dist/manager-runtime-DgMhLTkR.js +111 -0
- package/dist/manager.runtime-hUWgpPt2.js +715 -0
- package/dist/manifest-registry-CS_p1OBQ.js +1329 -0
- package/dist/matrix-43_RGLZN.d.ts +68 -0
- package/dist/matrix-CCFxHfxa.js +1269 -0
- package/dist/matrix-DWs_qIkJ.js +1495 -0
- package/dist/mcp-cli-Ci2jvv3s.js +87 -0
- package/dist/media-understanding.runtime-Cdr6iTW6.js +116 -0
- package/dist/memory-cli-LZbyF0Iu.js +111 -0
- package/dist/memory-search-BHhETk6u.js +17 -0
- package/dist/memory-search-tTD5o_rU.js +204 -0
- package/dist/method-scopes-B2ZKSsxQ.js +2452 -0
- package/dist/model-auth-markers-LqZ4qhrZ.d.ts +20 -0
- package/dist/model-picker-CTR5mo4v.js +112 -0
- package/dist/model-picker-DG4z_dBs.js +390 -0
- package/dist/model-picker.runtime-DMQ9Pj9_.js +125 -0
- package/dist/model-selection-bBBxfXdb.js +653 -0
- package/dist/model-suppression.runtime-BVG75tZ7.js +116 -0
- package/dist/models-BjkVLfgw.js +2514 -0
- package/dist/models-ZO01Q4cx.js +118 -0
- package/dist/models-cli-DemdF-bm.js +309 -0
- package/dist/models-config-B2Jja8ua.js +111 -0
- package/dist/models-config.providers.discovery-puxTsH39.d.ts +18 -0
- package/dist/moldclaw-root-Cb6HRlUO.js +92 -0
- package/dist/monitor-BP4idxJD.js +782 -0
- package/dist/monitor-B_eP8Eim.js +772 -0
- package/dist/monitor-CRHYNl5J.js +3468 -0
- package/dist/monitor-Ci1Xg4g3.js +113 -0
- package/dist/monitor-DEodDl3z.js +6823 -0
- package/dist/monitor-DJlNKuMz.js +115 -0
- package/dist/monitor-DvFwDS9w.js +3076 -0
- package/dist/monitor-shared--cEjSf8s.js +444 -0
- package/dist/msteams-CV2a8uE8.js +852 -0
- package/dist/node-cli-Of2g7DSd.js +2503 -0
- package/dist/node-resolve-BYC2FbO2.js +835 -0
- package/dist/nodes-cli-CPHM6Upj.js +1380 -0
- package/dist/nostr-BFKRoOlz.d.ts +7 -0
- package/dist/nostr-lHpcBzz4.js +8744 -0
- package/dist/npm-resolution-kqHN85wB.js +60 -0
- package/dist/oauth-env-CLG8KOrz.js +10 -0
- package/dist/onboard-BON0C360.js +48 -0
- package/dist/onboard-CRkIBgOI.js +589 -0
- package/dist/onboard-DsKI17iq.js +25 -0
- package/dist/onboard-channels-BY3IbBBf.js +1241 -0
- package/dist/onboard-channels-CLKdRxvW.js +205 -0
- package/dist/onboard-custom-BjPrMo_R.js +571 -0
- package/dist/onboard-custom-DqcPiZBN.js +114 -0
- package/dist/onboard-helpers-BkrOY5OE.js +113 -0
- package/dist/onboard-helpers-DiSRTpZC.js +335 -0
- package/dist/onboard-hooks-pzEPZAvl.js +72 -0
- package/dist/onboard-remote-ChyLC6Dk.js +181 -0
- package/dist/onboard-remote-DHmK9ntl.js +117 -0
- package/dist/onboard-search-BgA3jEMW.js +302 -0
- package/dist/onboard-skills-BMo_NvnW.js +133 -0
- package/dist/onboard-skills-Bba-Z2p8.js +117 -0
- package/dist/outbound-media-BHD4aJEX.d.ts +11 -0
- package/dist/outbound-media-DSno0N82.js +11 -0
- package/dist/pairing-access-CzHpaM0R.d.ts +21 -0
- package/dist/pairing-cli-CmklqK0q.js +217 -0
- package/dist/perplexity-CXwMDD3u.js +24 -0
- package/dist/persistent-dedupe-B9vrAf8t.d.ts +26 -0
- package/dist/pi-model-discovery-runtime-BrK7tcaO.js +111 -0
- package/dist/pi-tools.before-tool-call.runtime-C5yLUogH.js +381 -0
- package/dist/plugin-install-C4AWJIFP.js +117 -0
- package/dist/plugin-install-CB3J1hfV.js +184 -0
- package/dist/plugin-install-plan-7itZiegi.js +49 -0
- package/dist/plugin-registry-DX_GFoiz.js +113 -0
- package/dist/plugin-registry-e3cxTtvb.js +49 -0
- package/dist/plugin-sdk/account-resolution.js +35 -35
- package/dist/plugin-sdk/acp-runtime.js +35 -35
- package/dist/plugin-sdk/agent-runtime.js +35 -35
- package/dist/plugin-sdk/bluebubbles.js +37 -37
- package/dist/plugin-sdk/channel-config-helpers.js +35 -35
- package/dist/plugin-sdk/channel-policy.js +35 -35
- package/dist/plugin-sdk/channel-runtime.js +35 -35
- package/dist/plugin-sdk/compat.js +36 -36
- package/dist/plugin-sdk/config-runtime.js +35 -35
- package/dist/plugin-sdk/conversation-runtime.js +35 -35
- package/dist/plugin-sdk/copilot-proxy.js +4 -4
- package/dist/plugin-sdk/core.js +4 -4
- package/dist/plugin-sdk/device-pair.js +4 -4
- package/dist/plugin-sdk/discord.js +35 -35
- package/dist/plugin-sdk/feishu.js +35 -35
- package/dist/plugin-sdk/gateway-runtime.js +10 -10
- package/dist/plugin-sdk/googlechat.js +37 -37
- package/dist/plugin-sdk/image-generation-runtime.js +35 -35
- package/dist/plugin-sdk/image-generation.js +35 -35
- package/dist/plugin-sdk/imessage.js +36 -36
- package/dist/plugin-sdk/index.js +35 -35
- package/dist/plugin-sdk/infra-runtime.js +35 -35
- package/dist/plugin-sdk/irc.js +37 -37
- package/dist/plugin-sdk/line.js +36 -36
- package/dist/plugin-sdk/llm-task.js +35 -35
- package/dist/plugin-sdk/lobster.js +4 -4
- package/dist/plugin-sdk/matrix.js +37 -37
- package/dist/plugin-sdk/mattermost.js +36 -36
- package/dist/plugin-sdk/media-runtime.js +35 -35
- package/dist/plugin-sdk/media-understanding-runtime.js +35 -35
- package/dist/plugin-sdk/media-understanding.js +35 -35
- package/dist/plugin-sdk/memory-lancedb.js +4 -4
- package/dist/plugin-sdk/minimax-portal-auth.js +4 -4
- package/dist/plugin-sdk/msteams.js +38 -38
- package/dist/plugin-sdk/nextcloud-talk.js +36 -36
- package/dist/plugin-sdk/nostr.js +36 -36
- package/dist/plugin-sdk/ollama-setup.js +9 -9
- package/dist/plugin-sdk/open-prose.js +4 -4
- package/dist/plugin-sdk/phone-control.js +4 -4
- package/dist/plugin-sdk/plugin-runtime.js +35 -35
- package/dist/plugin-sdk/provider-auth.js +35 -35
- package/dist/plugin-sdk/provider-models.js +5 -5
- package/dist/plugin-sdk/provider-onboard.js +4 -4
- package/dist/plugin-sdk/provider-setup.js +39 -39
- package/dist/plugin-sdk/provider-stream.js +4 -4
- package/dist/plugin-sdk/provider-usage.js +4 -4
- package/dist/plugin-sdk/qwen-portal-auth.js +35 -35
- package/dist/plugin-sdk/reply-history.js +35 -35
- package/dist/plugin-sdk/reply-runtime.js +35 -35
- package/dist/plugin-sdk/routing.js +3 -3
- package/dist/plugin-sdk/sandbox.js +35 -35
- package/dist/plugin-sdk/security-runtime.js +35 -35
- package/dist/plugin-sdk/self-hosted-provider-setup.js +37 -37
- package/dist/plugin-sdk/setup.js +35 -35
- package/dist/plugin-sdk/signal.js +35 -35
- package/dist/plugin-sdk/slack.js +35 -35
- package/dist/plugin-sdk/speech-runtime.js +35 -35
- package/dist/plugin-sdk/speech.js +35 -35
- package/dist/plugin-sdk/src/secrets/secure-file-store.d.ts +26 -0
- package/dist/plugin-sdk/src/subscription/provider.d.ts +5 -3
- package/dist/plugin-sdk/synology-chat.js +36 -36
- package/dist/plugin-sdk/talk-voice.js +4 -4
- package/dist/plugin-sdk/telegram.js +35 -35
- package/dist/plugin-sdk/text-runtime.js +7 -7
- package/dist/plugin-sdk/thread-ownership.js +4 -4
- package/dist/plugin-sdk/tlon.js +36 -36
- package/dist/plugin-sdk/twitch.js +35 -35
- package/dist/plugin-sdk/voice-call.js +35 -35
- package/dist/plugin-sdk/whatsapp.js +35 -35
- package/dist/plugin-sdk/zalo.js +38 -38
- package/dist/plugin-sdk/zalouser.js +38 -38
- package/dist/plugins/runtime/index.d.ts +1 -1
- package/dist/plugins/runtime/index.js +35 -35
- package/dist/plugins-DF5FaTO0.js +111 -0
- package/dist/plugins-cli-CvTJemqC.js +917 -0
- package/dist/policy-CNXISK_a.js +143 -0
- package/dist/preflight-audio.runtime-RP000oxo.js +116 -0
- package/dist/probe-BkM5pykD.js +21 -0
- package/dist/probe-DKbRTJv5.js +1793 -0
- package/dist/probe-DkrfRsjU.js +47 -0
- package/dist/probe-DpcJ0WeP.js +129 -0
- package/dist/probe-auth-BcNjX8hy.js +40 -0
- package/dist/probe-auth-DhuAb8ls.js +48 -0
- package/dist/probe-wciBj-aL.js +6329 -0
- package/dist/program-C8-p0mW5.js +253 -0
- package/dist/prompt-select-styled-DH0pVoc0.js +2673 -0
- package/dist/provider-api-key-auth.runtime-CAFeIQ1u.js +121 -0
- package/dist/provider-auth-choice-CB_HzdTl.js +126 -0
- package/dist/provider-auth-choice-helpers-hzDkh3f1.js +48 -0
- package/dist/provider-auth-choice-preference-BHCXvNSE.js +189 -0
- package/dist/provider-auth-choice.runtime-Dx4ms2C5.js +123 -0
- package/dist/provider-auth-choices-0KaDNPBQ.js +57 -0
- package/dist/provider-auth-guidance-BaAUiNr_.js +34 -0
- package/dist/provider-auth-result-Bto1bYtS.d.ts +18 -0
- package/dist/provider-models-DxOmeToO.d.ts +867 -0
- package/dist/provider-models-xnyxy6mO.js +2113 -0
- package/dist/provider-ollama-setup-DBYK__ov.d.ts +32 -0
- package/dist/provider-ollama-setup-QzgCxj44.js +314 -0
- package/dist/provider-onboard-B9ionepI.js +139 -0
- package/dist/provider-onboard-CURxJ_UX.d.ts +40 -0
- package/dist/provider-runtime.runtime-4xwmsl5L.js +111 -0
- package/dist/provider-self-hosted-setup-BHd24EDG.js +182 -0
- package/dist/provider-self-hosted-setup-qeY8BYSy.d.ts +61 -0
- package/dist/provider-stream-Chz_EFw3.js +512 -0
- package/dist/provider-usage-C11Q7UwS.js +111 -0
- package/dist/provider-usage-kxemdMp2.js +633 -0
- package/dist/provider-wizard-CanJoxNC.js +152 -0
- package/dist/push-apns-Dsajnm8C.js +1038 -0
- package/dist/pw-ai-DUe4BbH2.js +1867 -0
- package/dist/qmd-manager-CAAFp7qK.js +1570 -0
- package/dist/qr-cli-Bu2jqTPY.js +113 -0
- package/dist/qr-cli-Bu9Z-X48.js +369 -0
- package/dist/reactions-Cpfum4iU.js +281 -0
- package/dist/read-only-account-inspect.discord.runtime-BK0LaMgC.js +116 -0
- package/dist/read-only-account-inspect.slack.runtime-DgKiC5wT.js +116 -0
- package/dist/read-only-account-inspect.telegram.runtime-mxfgFVOU.js +116 -0
- package/dist/redact-snapshot-DD8A4tdd.js +2663 -0
- package/dist/register.agent-DU4FtrU2.js +439 -0
- package/dist/register.backup-8nOYtJqg.js +625 -0
- package/dist/register.configure-DmtecqIH.js +252 -0
- package/dist/register.maintenance-Dir3ulKP.js +574 -0
- package/dist/register.message-Cfl-f3Ju.js +709 -0
- package/dist/register.onboard-Bv7WVzEi.js +192 -0
- package/dist/register.setup-BIyeI8RY.js +212 -0
- package/dist/register.status-health-sessions-C69WQcF4.js +498 -0
- package/dist/register.subclis-B_4KCgTd.js +315 -0
- package/dist/register.subclis-BeXsmgBL.js +13 -0
- package/dist/replies-DdcFUmki.js +110 -0
- package/dist/resolve-channels-DRZqPV5o.js +226 -0
- package/dist/resolve-channels-DxW1kqxA.js +262 -0
- package/dist/resolve-route-DdX-HBVt.js +538 -0
- package/dist/resolve-users-rgCQvkLs.js +143 -0
- package/dist/root-help-QAkoA7GD.js +32 -0
- package/dist/routes-CcJNnwTF.js +7097 -0
- package/dist/rpc-DDUAlBbH.js +67 -0
- package/dist/run-main-D9ci5pn7.js +424 -0
- package/dist/runtime-Bitmi8Er.d.ts +26 -0
- package/dist/runtime-discord-ops.runtime-T4sf7aRB.js +9078 -0
- package/dist/runtime-slack-ops.runtime-BQpP48mC.js +4556 -0
- package/dist/runtime-telegram-ops.runtime-cVO5dqOp.js +133 -0
- package/dist/runtime-whatsapp-login.runtime-DtNx0dSY.js +114 -0
- package/dist/runtime-whatsapp-outbound.runtime-Bw47QbFK.js +117 -0
- package/dist/sandbox-cli-DsFwjbjC.js +535 -0
- package/dist/search-manager-BRAK8fEe.js +16 -0
- package/dist/search-manager-BS5Db0A6.js +386 -0
- package/dist/secrets-cli-D3J46TJp.js +2070 -0
- package/dist/security-cli-B866M9cB.js +575 -0
- package/dist/send-B1pX9_Oc.js +283 -0
- package/dist/send-B2RrLg83.js +100 -0
- package/dist/send-DFnV__Aq.js +1025 -0
- package/dist/send-DZIH6CJt.js +629 -0
- package/dist/send-sl9WnKbW.js +631 -0
- package/dist/server-node-events-BT6egg20.js +506 -0
- package/dist/server-zI_K-D05.js +107 -0
- package/dist/sessions-C8kiAcoJ.js +112 -0
- package/dist/sessions-DLBpp52_.js +218 -0
- package/dist/setup-C7eOzMiC.js +387 -0
- package/dist/setup-CFIMq-Pz.d.ts +37 -0
- package/dist/setup-binary-CcAv8NXz.js +406 -0
- package/dist/setup-browser-C4eRV3h6.js +70 -0
- package/dist/setup-core-BnR486P-.js +143 -0
- package/dist/setup-core-CIswIiu5.js +166 -0
- package/dist/setup-core-CcbcrXXg.js +47 -0
- package/dist/setup-core-nZSw5BSv.js +205 -0
- package/dist/setup-surface-C5iSpT4M.js +490 -0
- package/dist/setup-wizard-helpers-r0J6l8ST.d.ts +203 -0
- package/dist/setup.finalize-adiRfo0U.js +522 -0
- package/dist/setup.gateway-config-BwFWKDfT.js +343 -0
- package/dist/shared-12TimyeF.js +182 -0
- package/dist/shared-9EWO34-k.js +298 -0
- package/dist/shared-B4vUbaRR.js +75 -0
- package/dist/shared-bNWpW3Dd.js +96 -0
- package/dist/shared-lU1y5dvS.js +102 -0
- package/dist/signal-DBlETRu9.js +114 -0
- package/dist/skills-Bio8GwTE.js +20 -0
- package/dist/skills-DE_MXFSN.js +853 -0
- package/dist/skills-cli-BGuW-tKw.js +292 -0
- package/dist/skills-install--rnorIoJ.js +763 -0
- package/dist/skills-status-B08PtBc_.js +21 -0
- package/dist/skills-status-CzM008aB.js +169 -0
- package/dist/slack-C4T53Nc-.js +114 -0
- package/dist/slash-commands.runtime-B7fsD8Be.js +128 -0
- package/dist/slash-dispatch.runtime-t0PAX4vQ.js +141 -0
- package/dist/slash-skill-commands.runtime-DIhPnEfR.js +116 -0
- package/dist/src-DrDirlvw.js +1701 -0
- package/dist/status-Bld14WSA.js +131 -0
- package/dist/status-CgeO4RuH.js +43 -0
- package/dist/status-HlvixAOq.js +606 -0
- package/dist/status-Rom_Lf3c.js +1599 -0
- package/dist/status-TwbMH6Am.js +126 -0
- package/dist/status-json-DMW7cmuK.js +288 -0
- package/dist/status.link-channel-V4LkB6Gq.js +143 -0
- package/dist/status.scan.deps.runtime-BE3X-dcP.js +126 -0
- package/dist/status.scan.runtime-BxVY4mty.js +119 -0
- package/dist/status.summary-CzLM0vVr.js +592 -0
- package/dist/status.summary.runtime-BSBnHZ1Q.js +118 -0
- package/dist/status.update-BxblMS7P.js +77 -0
- package/dist/subagent-orphan-recovery-BpRPryEj.js +307 -0
- package/dist/subagent-registry-runtime-DYYU5p3X.js +111 -0
- package/dist/subscription-CpFdxuFS.js +33 -0
- package/dist/subscription-DaA1urx-.js +102 -0
- package/dist/subscription-cli-Bvto9EmO.js +134 -0
- package/dist/synology-chat-3nwk-Nj0.js +297 -0
- package/dist/system-cli-BvNps8sl.js +94 -0
- package/dist/telegram/audit.d.ts +1 -1
- package/dist/telegram/audit.js +1 -1
- package/dist/telegram/token.d.ts +1 -1
- package/dist/telegram/token.js +35 -35
- package/dist/telegram-RtKXoEsF.js +114 -0
- package/dist/text-chunking-BD5mQe2R.js +84 -0
- package/dist/text-chunking-DDUU_vAF.d.ts +79 -0
- package/dist/tlon-z-kYmJE-.js +433 -0
- package/dist/tui-cli-CzSK08Rh.js +137 -0
- package/dist/tui-wV7R1Tlc.js +3834 -0
- package/dist/types-2H_e7eWT.d.ts +45 -0
- package/dist/types-ZKnGUchG.d.ts +22692 -0
- package/dist/types.base-BFiQZ4J9.d.ts +188 -0
- package/dist/ui-BWVHreeR.js +31 -0
- package/dist/update-D1Wgh1Tj.js +1036 -0
- package/dist/update-cli-CZh99uyY.js +1503 -0
- package/dist/update-offset-store-D5xTdUr0.js +112 -0
- package/dist/update-runner-GbKfoCHs.js +1496 -0
- package/dist/upsert-with-lock-BZU7Le8n.js +33 -0
- package/dist/usage-Czgwvg0h.js +115 -0
- package/dist/web-CMczmL90.js +112 -0
- package/dist/web-shared-B5Q0mIJq.d.ts +45 -0
- package/dist/webhook-request-guards-CsKDhZJr.d.ts +76 -0
- package/dist/webhook-targets-BSmFtesN.js +181 -0
- package/dist/webhook-targets-CjxuEE9C.d.ts +106 -0
- package/dist/webhooks-cli-Wl9y6AWW.js +350 -0
- package/dist/whatsapp-VzRW8MdR.js +114 -0
- package/dist/whatsapp-actions-Cg1Wxv8W.js +167 -0
- package/dist/workspace-DJ_S272u.js +484 -0
- package/dist/workspace-DbZSqjw0.js +289 -0
- package/dist/workspace-cli-D93DLmAh.js +154 -0
- package/dist/workspace-dirs-CGeIPpGN.js +2003 -0
- package/dist/zalo-CK2dlGmu.d.ts +9 -0
- package/dist/zalo-Db7s2boL.js +415 -0
- package/dist/zalouser-Jh5YTJX3.js +30911 -0
- package/extensions/discord/src/monitor/allow-list.ts +8 -1
- package/extensions/discord/src/monitor/message-handler.preflight.ts +4 -1
- package/package.json +1 -1
- package/dist/accounts-CS8U4v8C.js +0 -114
- package/dist/accounts-gLr-Udmt.d.ts +0 -103
- package/dist/acp-cli-BGT0jXcC.js +0 -2093
- package/dist/actions.runtime-BfckTw6c.js +0 -119
- package/dist/actions.runtime-Cl9mBfqH.js +0 -133
- package/dist/agent-scope-C-YmLnnb.js +0 -208
- package/dist/agents-CydD54p8.js +0 -222
- package/dist/agents-DpQsZO6O.js +0 -853
- package/dist/agents.config-XU7IsYE-.js +0 -121
- package/dist/agents.config-ssoQXuvF.js +0 -17
- package/dist/allow-list-Cfn6lmMK.js +0 -81
- package/dist/allowlist-CCYXVpM9.js +0 -142
- package/dist/api-BoXoFKxy.js +0 -117
- package/dist/audit-Bv05N5o9.js +0 -787
- package/dist/audit-CIWW1Aqm.js +0 -54
- package/dist/audit-channel.collect.runtime-Bi7yrdcO.js +0 -605
- package/dist/audit-channel.runtime-C_NDweiW.js +0 -121
- package/dist/audit-extra.async-Dp7OKSXg.js +0 -813
- package/dist/audit-membership-runtime-B8FQ6VtN.js +0 -162
- package/dist/audit.deep.runtime-CXhobL6b.js +0 -25
- package/dist/audit.nondeep.runtime-CrEm3T16.js +0 -832
- package/dist/audit.runtime-CJPKj1Zg.js +0 -118
- package/dist/auth-Byfp0flq.js +0 -101
- package/dist/auth-choice-BgOjdeXN.js +0 -507
- package/dist/auth-choice-CD1Heq0M.js +0 -122
- package/dist/auth-choice-ePNfg0iQ.js +0 -268
- package/dist/auth-choice-options-BlewQWI0.js +0 -123
- package/dist/auth-choice-prompt-BP2b6aXz.js +0 -36
- package/dist/auth-choice-prompt-Cmwl4n97.js +0 -115
- package/dist/auth-choice.apply-helpers-Dq-nxuuX.js +0 -66
- package/dist/auth-choice.plugin-providers.runtime-B23kOUzQ.js +0 -119
- package/dist/auth-profiles-1kPLbBwI.js +0 -127823
- package/dist/auth-profiles.runtime-DAfSjku1.js +0 -116
- package/dist/banner-DeOsobLO.js +0 -342
- package/dist/bluebubbles-BsLGedBM.js +0 -64
- package/dist/bluebubbles-U2sAfO4_.d.ts +0 -6
- package/dist/bot-DW12K3bO.d.ts +0 -478
- package/dist/brave-BoWimrLe.js +0 -24
- package/dist/browser-cli-D_S3wEYE.js +0 -1494
- package/dist/call-ByEzDJ1_.js +0 -640
- package/dist/call-CHCWVg-O.js +0 -39
- package/dist/channel-3VC0oOMu.js +0 -214
- package/dist/channel-B9fCBPiS.js +0 -207
- package/dist/channel-B9q775cM.js +0 -562
- package/dist/channel-BG3UK54j.js +0 -803
- package/dist/channel-BRQAdMML.js +0 -352
- package/dist/channel-BmlLp933.js +0 -1321
- package/dist/channel-By6KvdTG.js +0 -920
- package/dist/channel-C8rRsdf6.js +0 -226
- package/dist/channel-CLEDBbXE.js +0 -943
- package/dist/channel-CMvBAG7o.js +0 -306
- package/dist/channel-CmlxxjHY.js +0 -1598
- package/dist/channel-CqG6_xN0.js +0 -949
- package/dist/channel-DNueHKs92.js +0 -316
- package/dist/channel-DUtyN7BX.js +0 -4681
- package/dist/channel-DWD6GrfZ.js +0 -538
- package/dist/channel-DaRYMYzj.js +0 -619
- package/dist/channel-Dj6BgLp8.js +0 -575
- package/dist/channel-account-context-Ba3u5D21.js +0 -103
- package/dist/channel-crabk6Em.js +0 -542
- package/dist/channel-i8uqQaK2.js +0 -497
- package/dist/channel-options-xljvwHS2.js +0 -50
- package/dist/channel-plugin-ids-DAgknSG4.js +0 -26
- package/dist/channel-summary-dHTMCG75.js +0 -111
- package/dist/channel-xVWQ96Ni.js +0 -397
- package/dist/channel.runtime-B6PoZ4BV.js +0 -182
- package/dist/channel.runtime-BPZmo57e.js +0 -404
- package/dist/channel.runtime-B_1uGR-U.js +0 -199
- package/dist/channel.runtime-BiXnPU0d.js +0 -218
- package/dist/channel.runtime-BpvDc9sv.js +0 -870
- package/dist/channel.runtime-CUua3W80.js +0 -418
- package/dist/channel.runtime-CaCBTd0A.js +0 -179
- package/dist/channel.runtime-D0FfYvUj.js +0 -4011
- package/dist/channel.runtime-DhoJtpvJ.js +0 -241
- package/dist/channel.runtime-Kj9EXNE0.js +0 -127
- package/dist/channel.runtime-r4tPuPyh.js +0 -171
- package/dist/channel.setup-B7d_grfe.js +0 -6
- package/dist/channel.setup-C0vu1fhi.js +0 -9
- package/dist/channel.setup-CAI0FNHj.js +0 -11
- package/dist/channel.setup-CkDVwv5R.js +0 -57
- package/dist/channel.setup-Cpd00YqQ.js +0 -8
- package/dist/channel.setup-DbBz1-WT.js +0 -9
- package/dist/channel.setup-GZnAvD9g.js +0 -8
- package/dist/channels-5H484RSw.js +0 -1118
- package/dist/channels-BnPudfyx.js +0 -404
- package/dist/channels-cli-WIC-QeH_.js +0 -291
- package/dist/channels-status-issues-RDmzovJU.js +0 -16
- package/dist/clawbot-cli-BgutNwf8.js +0 -118
- package/dist/cleanup-utils-DBl1Aij1.js +0 -96
- package/dist/cli-1P7u6zqu.js +0 -154
- package/dist/command-registry-B8jovrws.js +0 -232
- package/dist/command-registry-DtDl1FVm.js +0 -14
- package/dist/command-secret-gateway-BgUo3FxJ.js +0 -111
- package/dist/compact.runtime-CXbXM0AU.js +0 -116
- package/dist/completion-cli-Cik_owAE.js +0 -17
- package/dist/completion-cli-RU3P2RSl.js +0 -445
- package/dist/config-5HUpB1L1.js +0 -31
- package/dist/config-cli-QHaUHoZI.js +0 -433
- package/dist/config-guard-C9Sn3pE-.js +0 -118
- package/dist/config-sW57gztj.js +0 -44
- package/dist/config-validation-5LkjIKNt.js +0 -262
- package/dist/config-value-CtTWALxG.js +0 -132
- package/dist/configure-BmR2TPLf.js +0 -243
- package/dist/configure-DaLN-5xM.js +0 -1100
- package/dist/control-ui-assets-CH3MYmAo.js +0 -232
- package/dist/control-ui-shared-CA77PTml.js +0 -29
- package/dist/core-CvDzLs7B.js +0 -150
- package/dist/core-dPA4nFkn.d.ts +0 -87
- package/dist/cron-cli-tguLpzyq.js +0 -639
- package/dist/daemon-cli-ptosOkL8.js +0 -339
- package/dist/daemon-install-DzU4EnVa.js +0 -180
- package/dist/deliver-DwxFoHM3.js +0 -111
- package/dist/deliver-runtime-DOdDyaPI.js +0 -111
- package/dist/device-id-cli-GopvlxxZ.js +0 -52
- package/dist/device-identity-CRfhC3_s.js +0 -365
- package/dist/devices-cli-ain7ESqU.js +0 -342
- package/dist/diagnostic-D96Xaqrj.js +0 -310
- package/dist/directory-cli-fh1UxGgY.js +0 -311
- package/dist/directory-config-helpers-CpU1oflo.d.ts +0 -38
- package/dist/directory.static-CKjJUNGl.js +0 -44
- package/dist/discord-CflhwDEM.js +0 -114
- package/dist/discovery-x0ZqY4AB.js +0 -48
- package/dist/dm-policy-shared-73A52W6E.d.ts +0 -95
- package/dist/dns-cli-DCHyKjGf.js +0 -217
- package/dist/docs-cli-D3OoqYSP.js +0 -174
- package/dist/doctor-completion-Bq2eP87s.js +0 -90
- package/dist/doctor-config-flow-D8XRG9Ku.js +0 -2437
- package/dist/doctor-config-flow-DGiF1HGc.js +0 -112
- package/dist/enable-0QSF4YGH.js +0 -24
- package/dist/exec-approvals-cli-Bncym0Gd.js +0 -421
- package/dist/feishu-B5JDcyF9.d.ts +0 -36
- package/dist/gateway-cli-DYscsmA-.js +0 -26437
- package/dist/gateway-install-token-CNv17ac9.js +0 -163
- package/dist/gateway-rpc-BGC1Rxvg.js +0 -26
- package/dist/gateway-runtime-D89mSQPB.js +0 -69
- package/dist/git-commit-CeLH5Ozm.js +0 -2
- package/dist/git-commit-DUKRiCP-.js +0 -177
- package/dist/googlechat-BgXeXjd1.js +0 -307
- package/dist/googlechat-De-T7C31.d.ts +0 -12
- package/dist/group-access-Deh1tVNr.d.ts +0 -61
- package/dist/health-BEjzWwaB.js +0 -570
- package/dist/health-FjqrWQL6.js +0 -113
- package/dist/heartbeat-summary-CfdSA9M1.js +0 -57
- package/dist/help-BZeVprq1.js +0 -81
- package/dist/hooks-B5pYs_d7.d.ts +0 -6
- package/dist/hooks-cli-B7uGJs2O.js +0 -1000
- package/dist/hooks-status-CfceaUSg.js +0 -78
- package/dist/http-registry-C-KXqwnj.d.ts +0 -20
- package/dist/identity-file-sshkKKIr.js +0 -60
- package/dist/image-generation-CafM5hZh.d.ts +0 -9
- package/dist/imessage-BcV3WGx_.js +0 -31
- package/dist/imessage-Dhje7Ty-.js +0 -115
- package/dist/inbound-reply-dispatch-C73_7SOl.js +0 -71
- package/dist/inbound-reply-dispatch-DmL0KWLe.d.ts +0 -72
- package/dist/install-target-D7NRhfzc.js +0 -574
- package/dist/installs-Bj6jblqc.js +0 -532
- package/dist/io-CMfWWPXQ.js +0 -9738
- package/dist/io-CV844hAM.js +0 -29
- package/dist/irc-DKi1fDYI.js +0 -672
- package/dist/library-rygTG3oA.js +0 -112
- package/dist/lifecycle-core-BPlvShWY.js +0 -382
- package/dist/line-CGsemKWJ.js +0 -530
- package/dist/line-CKU3ER-n.d.ts +0 -75
- package/dist/llm-slug-generator-DlhVyMqT.js +0 -67
- package/dist/logging-5wu9k6w4.js +0 -30
- package/dist/logging-CxP9suT8.js +0 -13
- package/dist/login-qr-BcDsiwHs.js +0 -233
- package/dist/login-qr-Y8pJ5yV4.js +0 -112
- package/dist/logs-cli-XI9oVXpH.js +0 -256
- package/dist/manager-runtime-DkIlXBhD.js +0 -111
- package/dist/manager.runtime-Q0q2rJCC.js +0 -715
- package/dist/manifest-registry-DAd0SRAP.js +0 -1329
- package/dist/matrix-BI0DBBrG.js +0 -1495
- package/dist/matrix-DiABGjJR.js +0 -1269
- package/dist/matrix-fC6NrFM5.d.ts +0 -68
- package/dist/mcp-cli-BOyn_DLL.js +0 -87
- package/dist/media-understanding.runtime-DjUa7Dka.js +0 -116
- package/dist/memory-cli-CJd_vl-Y.js +0 -111
- package/dist/memory-search-CEEItIFR.js +0 -17
- package/dist/memory-search-Cv1SBrn7.js +0 -204
- package/dist/method-scopes-CQE7-bZ-.js +0 -2452
- package/dist/model-auth-markers-B1bbs9Qd.d.ts +0 -20
- package/dist/model-picker-D6_89XHg.js +0 -112
- package/dist/model-picker-Svaw-APs.js +0 -390
- package/dist/model-picker.runtime-Chi9nV7A.js +0 -125
- package/dist/model-selection-hL8i1Jbs.js +0 -653
- package/dist/model-suppression.runtime-DjWJZ0X-.js +0 -116
- package/dist/models-7qj1dG_W.js +0 -118
- package/dist/models-BPOB_xJF.js +0 -2514
- package/dist/models-cli-DdlOVUjS.js +0 -309
- package/dist/models-config-CBqUS-jX.js +0 -111
- package/dist/models-config.providers.discovery-BKB5JH9M.d.ts +0 -18
- package/dist/moldclaw-root-D6PbhbZk.js +0 -88
- package/dist/monitor-BPYhkEqF.js +0 -782
- package/dist/monitor-BuTcQ24j.js +0 -3468
- package/dist/monitor-CuXvNhFh.js +0 -113
- package/dist/monitor-D-TqSIHF.js +0 -6823
- package/dist/monitor-DRSgo9u2.js +0 -3076
- package/dist/monitor-DcHch39z.js +0 -772
- package/dist/monitor-DsHBMrXp.js +0 -115
- package/dist/monitor-shared-CL8T4gt1.js +0 -444
- package/dist/msteams-7FMwTvQG.js +0 -852
- package/dist/node-cli-BCjaSCZM.js +0 -2503
- package/dist/node-resolve-D5Hvcgyx.js +0 -835
- package/dist/nodes-cli-Dd_SNbkt.js +0 -1380
- package/dist/nostr-D8scBiYq.d.ts +0 -7
- package/dist/nostr-DBTFTxKs.js +0 -8744
- package/dist/npm-resolution-CYfb3MHG.js +0 -60
- package/dist/oauth-env-zPt5RywA.js +0 -10
- package/dist/onboard-BEFQQeig.js +0 -25
- package/dist/onboard-CJHNyxJh.js +0 -48
- package/dist/onboard-D_3UeLEN.js +0 -589
- package/dist/onboard-channels-B_JL0Djc.js +0 -1241
- package/dist/onboard-channels-CqZzHt2C.js +0 -205
- package/dist/onboard-custom-CER3Ggbq.js +0 -571
- package/dist/onboard-custom-bNRdGECb.js +0 -114
- package/dist/onboard-helpers-BK0Hsb7Y.js +0 -335
- package/dist/onboard-helpers-CXZ5RPoR.js +0 -113
- package/dist/onboard-hooks-1NsxEDjH.js +0 -72
- package/dist/onboard-remote-DuKhC_7W.js +0 -117
- package/dist/onboard-remote-OwRcDuB3.js +0 -181
- package/dist/onboard-search-Cy8dOq2W.js +0 -302
- package/dist/onboard-skills-D5phRa6r.js +0 -117
- package/dist/onboard-skills-c9qWCNe9.js +0 -133
- package/dist/outbound-media-CgNYEQWb.d.ts +0 -11
- package/dist/outbound-media-DYRO2vTD.js +0 -11
- package/dist/pairing-access-Dsiu5Mvl.d.ts +0 -21
- package/dist/pairing-cli-BOnv0TYn.js +0 -217
- package/dist/perplexity-EZwC3y2b.js +0 -24
- package/dist/persistent-dedupe-DMLOqJ23.d.ts +0 -26
- package/dist/pi-model-discovery-runtime-BToY3A6K.js +0 -111
- package/dist/pi-tools.before-tool-call.runtime-D_acPtld.js +0 -381
- package/dist/plugin-install-CgJpSjYd.js +0 -184
- package/dist/plugin-install-Cl1A4EF6.js +0 -117
- package/dist/plugin-install-plan-Dc2Z4DeU.js +0 -49
- package/dist/plugin-registry-B1UaWrQD.js +0 -49
- package/dist/plugin-registry-Cy8biwnn.js +0 -113
- package/dist/plugins-CXwvg50F.js +0 -111
- package/dist/plugins-cli-Uvzp2aYV.js +0 -917
- package/dist/policy-DsMBbEe7.js +0 -143
- package/dist/preflight-audio.runtime-hWsZIYvc.js +0 -116
- package/dist/probe-CNsSf1Uf.js +0 -6329
- package/dist/probe-CqOIrPhb.js +0 -47
- package/dist/probe-DH6gDw-h.js +0 -129
- package/dist/probe-DM16PLf4.js +0 -21
- package/dist/probe-DvAEEWYr.js +0 -1793
- package/dist/probe-auth-COfgCble.js +0 -48
- package/dist/probe-auth-I_5TX1Eh.js +0 -40
- package/dist/program-Dz80sgTU.js +0 -253
- package/dist/prompt-select-styled-wQehwFxK.js +0 -2673
- package/dist/provider-api-key-auth.runtime-BR9GU4ya.js +0 -121
- package/dist/provider-auth-choice-CdhA84kr.js +0 -126
- package/dist/provider-auth-choice-helpers-kabp_0zA.js +0 -48
- package/dist/provider-auth-choice-preference-se3zAM_2.js +0 -189
- package/dist/provider-auth-choice.runtime-BMc8-xNQ.js +0 -123
- package/dist/provider-auth-choices-CYsCViGi.js +0 -57
- package/dist/provider-auth-guidance-CMjUWlNf.js +0 -34
- package/dist/provider-auth-result-Cw6qIhO-.d.ts +0 -18
- package/dist/provider-models-BCId_Lfu.js +0 -2113
- package/dist/provider-models-Ok-DrSiY.d.ts +0 -867
- package/dist/provider-ollama-setup-B6XJZ0So.js +0 -314
- package/dist/provider-ollama-setup-lGDdTl0b.d.ts +0 -32
- package/dist/provider-onboard-CSPi7jOK.d.ts +0 -40
- package/dist/provider-onboard-Ca0TaNud.js +0 -139
- package/dist/provider-runtime.runtime-DwwkHw_7.js +0 -111
- package/dist/provider-self-hosted-setup-BEKLVGpj.js +0 -182
- package/dist/provider-self-hosted-setup-Df91By-J.d.ts +0 -61
- package/dist/provider-stream-DrUD69ai.js +0 -512
- package/dist/provider-usage-BgKHCnjr.js +0 -111
- package/dist/provider-usage-D8EZpFz9.js +0 -633
- package/dist/provider-wizard-DMdb-zj_.js +0 -152
- package/dist/push-apns-BPH6d4VV.js +0 -1038
- package/dist/pw-ai-DttfldtL.js +0 -1867
- package/dist/qmd-manager-CybcDUfk.js +0 -1570
- package/dist/qr-cli-8NcmJ8Ft.js +0 -369
- package/dist/qr-cli-DWe0Our3.js +0 -113
- package/dist/reactions-D6N0LR16.js +0 -281
- package/dist/read-only-account-inspect.discord.runtime-CqUWTRfl.js +0 -116
- package/dist/read-only-account-inspect.slack.runtime-9-jpln3q.js +0 -116
- package/dist/read-only-account-inspect.telegram.runtime-EKPI1D7n.js +0 -116
- package/dist/redact-snapshot-DwJEIVk9.js +0 -2663
- package/dist/register.agent-D3YdDirP.js +0 -439
- package/dist/register.backup-dR27qCuo.js +0 -625
- package/dist/register.configure-BjFhkkka.js +0 -252
- package/dist/register.maintenance-DiMQJIOa.js +0 -574
- package/dist/register.message-CdZsKYH1.js +0 -709
- package/dist/register.onboard-B0rV1eaO.js +0 -192
- package/dist/register.setup-wKMvohzo.js +0 -212
- package/dist/register.status-health-sessions-BJ68m6pt.js +0 -498
- package/dist/register.subclis-CnnrWt2a.js +0 -315
- package/dist/register.subclis-lSvTkC6z.js +0 -13
- package/dist/replies-BABt9b48.js +0 -110
- package/dist/resolve-channels-BqZFl2Ux.js +0 -262
- package/dist/resolve-channels-DjQLXb7B.js +0 -226
- package/dist/resolve-route-CSHDsa_m.js +0 -538
- package/dist/resolve-users-BG6HaSR5.js +0 -143
- package/dist/root-help-ohmaCyC_.js +0 -32
- package/dist/routes-4k2kpvoT.js +0 -7097
- package/dist/rpc-Cnwn4Q6L.js +0 -67
- package/dist/run-main-VYlacKA0.js +0 -424
- package/dist/runtime-D61jzMiI.d.ts +0 -26
- package/dist/runtime-discord-ops.runtime-DafrU-rI.js +0 -9078
- package/dist/runtime-slack-ops.runtime-CdXBKXwd.js +0 -4556
- package/dist/runtime-telegram-ops.runtime-B12sF7gE.js +0 -133
- package/dist/runtime-whatsapp-login.runtime-CqEudH37.js +0 -114
- package/dist/runtime-whatsapp-outbound.runtime-D5m2qyn-.js +0 -117
- package/dist/sandbox-cli-CHJiEWXB.js +0 -535
- package/dist/search-manager-BtNC3-i_.js +0 -16
- package/dist/search-manager-C7J7B3_a.js +0 -386
- package/dist/secrets-cli-C6yIWBbN.js +0 -2070
- package/dist/security-cli-BVu9BkjD.js +0 -575
- package/dist/send-BSreC7rr.js +0 -631
- package/dist/send-BsLHQG_B.js +0 -1025
- package/dist/send-BuNhp8PH.js +0 -283
- package/dist/send-DOCswVar.js +0 -100
- package/dist/send-Dl0LLErk.js +0 -629
- package/dist/server-node-events-Bq2067EG.js +0 -506
- package/dist/server-y38L7N5H.js +0 -107
- package/dist/sessions-BV8gXURR.js +0 -112
- package/dist/sessions-dl1Kc-Ci.js +0 -218
- package/dist/setup-BSPXdMuK.d.ts +0 -37
- package/dist/setup-DGszQH0_.js +0 -387
- package/dist/setup-binary-C17YnmA8.js +0 -406
- package/dist/setup-browser-CPx-nEsr.js +0 -70
- package/dist/setup-core-BByHN1ME.js +0 -143
- package/dist/setup-core-C0KPlBmL.js +0 -47
- package/dist/setup-core-Cq37G6of.js +0 -166
- package/dist/setup-core-uO84_Y75.js +0 -205
- package/dist/setup-surface-BEMi7Rmb.js +0 -490
- package/dist/setup-wizard-helpers-Ck9wDR0b.d.ts +0 -203
- package/dist/setup.finalize-BzPBa8zW.js +0 -522
- package/dist/setup.gateway-config-DdwkF-8e.js +0 -343
- package/dist/shared-BCw4SKjB.js +0 -96
- package/dist/shared-CjNzsULP.js +0 -75
- package/dist/shared-Cu1BE7ZE.js +0 -298
- package/dist/shared-DSClmyUn.js +0 -182
- package/dist/shared-DyJdGH6y.js +0 -102
- package/dist/signal-Dyv4NZsB.js +0 -114
- package/dist/skills-CbB5b27M.js +0 -853
- package/dist/skills-CnfI7Szw.js +0 -20
- package/dist/skills-cli-CavB1f_3.js +0 -292
- package/dist/skills-install-B1OBdgd0.js +0 -763
- package/dist/skills-status-B3gAmIbW.js +0 -169
- package/dist/skills-status-DrHhFgU9.js +0 -21
- package/dist/slack-BRzqnoAz.js +0 -114
- package/dist/slash-commands.runtime-BK88kgds.js +0 -128
- package/dist/slash-dispatch.runtime-COGywwJE.js +0 -141
- package/dist/slash-skill-commands.runtime-Ti4brxgh.js +0 -116
- package/dist/src-DUR6OQxI.js +0 -1701
- package/dist/status-C6dgQY9a.js +0 -131
- package/dist/status-CNK0Q7QH.js +0 -606
- package/dist/status-DBcX0DSC.js +0 -43
- package/dist/status-DKgFgbwv.js +0 -1599
- package/dist/status-Wn5lhNAc.js +0 -126
- package/dist/status-json-D2EkWqAl.js +0 -288
- package/dist/status.link-channel-D3ULIdEa.js +0 -143
- package/dist/status.scan.deps.runtime-BsjWTAm4.js +0 -126
- package/dist/status.scan.runtime-D4HbzROD.js +0 -119
- package/dist/status.summary-C3YxPrDK.js +0 -592
- package/dist/status.summary.runtime-DAkXPSaK.js +0 -118
- package/dist/status.update-B4NnN9P1.js +0 -77
- package/dist/subagent-orphan-recovery-QiQEBv36.js +0 -307
- package/dist/subagent-registry-runtime-BJatPQFK.js +0 -111
- package/dist/subscription-BhZORXN9.js +0 -100
- package/dist/subscription-QEUjQRMv.js +0 -33
- package/dist/subscription-cli-HrULlAgc.js +0 -134
- package/dist/synology-chat-DB76GWMN.js +0 -297
- package/dist/system-cli-D8jDwWuL.js +0 -94
- package/dist/telegram-BHiiqKkQ.js +0 -114
- package/dist/text-chunking-Baonm9Lu.js +0 -84
- package/dist/text-chunking-DzB11ONk.d.ts +0 -79
- package/dist/tlon-DLESxNgD.js +0 -433
- package/dist/tui-C75zi2Cl.js +0 -3834
- package/dist/tui-cli-DFwx5e6i.js +0 -137
- package/dist/types-BKldC9YN.d.ts +0 -22692
- package/dist/types-MeyueBE0.d.ts +0 -45
- package/dist/types.base-Cw0-zIvE.d.ts +0 -188
- package/dist/ui-B55NOIB6.js +0 -31
- package/dist/update--ojavYQ4.js +0 -1036
- package/dist/update-cli-Cvj5aWYM.js +0 -1503
- package/dist/update-offset-store-upatuWwX.js +0 -112
- package/dist/update-runner-DHkY_-76.js +0 -1496
- package/dist/upsert-with-lock-C171GLaR.js +0 -33
- package/dist/usage-N3bxnbmt.js +0 -115
- package/dist/web-RdvT7gKa.js +0 -112
- package/dist/web-shared-C2qHVxw1.d.ts +0 -45
- package/dist/webhook-request-guards-CosLyl01.d.ts +0 -76
- package/dist/webhook-targets-Bfnag-du.js +0 -181
- package/dist/webhook-targets-DP_EkQa4.d.ts +0 -106
- package/dist/webhooks-cli-ZpnXrq7G.js +0 -350
- package/dist/whatsapp-DNTAyZHt.js +0 -114
- package/dist/whatsapp-actions-o1zKQzKZ.js +0 -167
- package/dist/workspace-CpWi5wPr.js +0 -479
- package/dist/workspace-Ii7aRS7c.js +0 -289
- package/dist/workspace-dirs-x10McA9t.js +0 -2003
- package/dist/zalo-C9OQRYRw.d.ts +0 -9
- package/dist/zalo-zm_bYCKg.js +0 -415
- package/dist/zalouser-CvVEUvc5.js +0 -30911
- /package/dist/{account-id-B3YSn4hl.d.ts → account-id-B8ce6G_4.d.ts} +0 -0
- /package/dist/{acpx-CnNv70m2.d.ts → acpx-Ci50I9T2.d.ts} +0 -0
- /package/dist/{agent-media-payload-DE2pEcsz.d.ts → agent-media-payload-en-gS5p6.d.ts} +0 -0
- /package/dist/{allow-from-DPpHnT2A.d.ts → allow-from-cMeQ47Ot.d.ts} +0 -0
- /package/dist/{allowlist-resolution-CLFiZ6nE.d.ts → allowlist-resolution-DoAWbfXV.d.ts} +0 -0
- /package/dist/{bluebubbles-Duhu-Jer.d.ts → bluebubbles-C6yYmUl0.d.ts} +0 -0
- /package/dist/{boolean-param-BhFjB3gp.d.ts → boolean-param-CdO2TFTk.d.ts} +0 -0
- /package/dist/{channel-config-schema-DnnVMdjR.d.ts → channel-config-schema-Chp38wel.d.ts} +0 -0
- /package/dist/{channel-policy-Baq-Z06b.d.ts → channel-policy-g2h6AbYQ.d.ts} +0 -0
- /package/dist/{chat-type-DpiBgwuG.d.ts → chat-type-BLt59pPT.d.ts} +0 -0
- /package/dist/{command-format-vi4xq8e8.d.ts → command-format-BDJC05Jp.d.ts} +0 -0
- /package/dist/{diffs-DK7fVSDo.d.ts → diffs-D_iNKCyn.d.ts} +0 -0
- /package/dist/{directory-runtime-BTLPaysA.d.ts → directory-runtime-DhMex6HY.d.ts} +0 -0
- /package/dist/{exec-C01wtBHu.d.ts → exec-pjfUY4KM.d.ts} +0 -0
- /package/dist/{gaxios-fetch-compat-wZ38b3w3.js → gaxios-fetch-compat-B_vtINdV.js} +0 -0
- /package/dist/{history-CwXuP2TW.d.ts → history-aqSS5VGQ.d.ts} +0 -0
- /package/dist/{inbound-envelope-SggrBs9m.d.ts → inbound-envelope-C5hWuZod.d.ts} +0 -0
- /package/dist/{index-apAZHsDo.d.ts → index-DXVQFYGX.d.ts} +0 -0
- /package/dist/{json-store-r75IZGk9.d.ts → json-store-UnqQ5aV3.d.ts} +0 -0
- /package/dist/{keyed-async-queue-DHIr7yNe.d.ts → keyed-async-queue-guucpLw3.d.ts} +0 -0
- /package/dist/{links-HeQ3r_L0.d.ts → links-Bar0meEK.d.ts} +0 -0
- /package/dist/{markdown-to-line-CDb4Jy3V.d.ts → markdown-to-line-D8uH_KOj.d.ts} +0 -0
- /package/dist/{mattermost-DtCsxpgg.d.ts → mattermost-xl7jAFJL.d.ts} +0 -0
- /package/dist/{net-BATPDwdQ.d.ts → net-rGOKGds6.d.ts} +0 -0
- /package/dist/{nextcloud-talk-Bb2wHOwp.d.ts → nextcloud-talk-De2CZ9dV.d.ts} +0 -0
- /package/dist/{oauth-utils-u567CLT0.d.ts → oauth-utils-DzN1AlEH.d.ts} +0 -0
- /package/dist/{parse-finite-number-l3tNlrZh.d.ts → parse-finite-number-odgyqhi0.d.ts} +0 -0
- /package/dist/{provider-usage.types-C6061OVN.d.ts → provider-usage.types-EDE9o-H_.d.ts} +0 -0
- /package/dist/{reply-history-BDsFnZFl.d.ts → reply-history-CVuU31xe.d.ts} +0 -0
- /package/dist/{reply-payload-CCvM4W9u.d.ts → reply-payload-CHkpBYwL.d.ts} +0 -0
- /package/dist/{request-url-C54l4-xC.d.ts → request-url-DHisbiHY.d.ts} +0 -0
- /package/dist/{run-command-D3RqWcHu.d.ts → run-command-y0Cndsb1.d.ts} +0 -0
- /package/dist/{secret-input-schema-BLBt-NAP.d.ts → secret-input-schema-b1vpYDQN.d.ts} +0 -0
- /package/dist/{session-key-BQ2-bR-9.d.ts → session-key-DTHQl57f.d.ts} +0 -0
- /package/dist/{ssh-config-C4mcH9Ly.js → ssh-config-hEHBfU2_.js} +0 -0
- /package/dist/{testing-DLkhGsoz.d.ts → testing-DszuZXgK.d.ts} +0 -0
- /package/dist/{thinking-DRkjX18p.d.ts → thinking-IwXTGSeT.d.ts} +0 -0
- /package/dist/{tool-send-CMMD1uDu.d.ts → tool-send-DWHRmKpz.d.ts} +0 -0
- /package/dist/{vllm-defaults-CcGuf4hL.d.ts → vllm-defaults-CrxZgE6-.d.ts} +0 -0
- /package/dist/{wait-Daog8bxM.d.ts → wait-wDWw_MTI.d.ts} +0 -0
- /package/dist/{webhook-memory-guards-C5MrExwT.d.ts → webhook-memory-guards-DreORuJy.d.ts} +0 -0
- /package/dist/{windows-spawn-j2l-dqu8.d.ts → windows-spawn-BIzH92x2.d.ts} +0 -0
- /package/dist/{zod-schema.agent-runtime-krMrBnIn.d.ts → zod-schema.agent-runtime-CP2rmis3.d.ts} +0 -0
- /package/dist/{zod-schema.core-BNDieZDZ.d.ts → zod-schema.core-Foi1tYwi.d.ts} +0 -0
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
//#region extensions/telegram/src/audit.ts
|
|
2
|
+
function collectTelegramUnmentionedGroupIds(groups) {
|
|
3
|
+
if (!groups || typeof groups !== "object") return {
|
|
4
|
+
groupIds: [],
|
|
5
|
+
unresolvedGroups: 0,
|
|
6
|
+
hasWildcardUnmentionedGroups: false
|
|
7
|
+
};
|
|
8
|
+
const hasWildcardUnmentionedGroups = Boolean(groups["*"]?.requireMention === false) && groups["*"]?.enabled !== false;
|
|
9
|
+
const groupIds = [];
|
|
10
|
+
let unresolvedGroups = 0;
|
|
11
|
+
for (const [key, value] of Object.entries(groups)) {
|
|
12
|
+
if (key === "*") continue;
|
|
13
|
+
if (!value || typeof value !== "object") continue;
|
|
14
|
+
if (value.enabled === false) continue;
|
|
15
|
+
if (value.requireMention !== false) continue;
|
|
16
|
+
const id = String(key).trim();
|
|
17
|
+
if (!id) continue;
|
|
18
|
+
if (/^-?\d+$/.test(id)) groupIds.push(id);
|
|
19
|
+
else unresolvedGroups += 1;
|
|
20
|
+
}
|
|
21
|
+
groupIds.sort((a, b) => a.localeCompare(b));
|
|
22
|
+
return {
|
|
23
|
+
groupIds,
|
|
24
|
+
unresolvedGroups,
|
|
25
|
+
hasWildcardUnmentionedGroups
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
let auditMembershipRuntimePromise = null;
|
|
29
|
+
function loadAuditMembershipRuntime() {
|
|
30
|
+
auditMembershipRuntimePromise ??= import("./audit-membership-runtime-B1FqJsPV.js");
|
|
31
|
+
return auditMembershipRuntimePromise;
|
|
32
|
+
}
|
|
33
|
+
async function auditTelegramGroupMembership(params) {
|
|
34
|
+
const started = Date.now();
|
|
35
|
+
const token = params.token?.trim() ?? "";
|
|
36
|
+
if (!token || params.groupIds.length === 0) return {
|
|
37
|
+
ok: true,
|
|
38
|
+
checkedGroups: 0,
|
|
39
|
+
unresolvedGroups: 0,
|
|
40
|
+
hasWildcardUnmentionedGroups: false,
|
|
41
|
+
groups: [],
|
|
42
|
+
elapsedMs: Date.now() - started
|
|
43
|
+
};
|
|
44
|
+
const { auditTelegramGroupMembershipImpl } = await loadAuditMembershipRuntime();
|
|
45
|
+
return {
|
|
46
|
+
...await auditTelegramGroupMembershipImpl({
|
|
47
|
+
...params,
|
|
48
|
+
token
|
|
49
|
+
}),
|
|
50
|
+
elapsedMs: Date.now() - started
|
|
51
|
+
};
|
|
52
|
+
}
|
|
53
|
+
//#endregion
|
|
54
|
+
export { collectTelegramUnmentionedGroupIds as n, auditTelegramGroupMembership as t };
|
|
@@ -0,0 +1,605 @@
|
|
|
1
|
+
import "./redact-fatrROh9.js";
|
|
2
|
+
import { r as formatErrorMessage } from "./errors-DOJWZqNo.js";
|
|
3
|
+
import "./unhandled-rejections-CTvNvnT0.js";
|
|
4
|
+
import "./logger-BFfIIIKH.js";
|
|
5
|
+
import "./paths-D6AgsMTU.js";
|
|
6
|
+
import "./tmp-moldclaw-dir-DWF-d8qD.js";
|
|
7
|
+
import "./theme-BSXzMzAA.js";
|
|
8
|
+
import "./globals-DESrFYmC.js";
|
|
9
|
+
import "./runtime-_tQz41uA.js";
|
|
10
|
+
import "./ansi-BPhP6LBZ.js";
|
|
11
|
+
import "./subsystem-CPmDTJ2P.js";
|
|
12
|
+
import "./boolean-B6zcAynR.js";
|
|
13
|
+
import "./env-D42cffog.js";
|
|
14
|
+
import "./warning-filter-B1UOeM0G.js";
|
|
15
|
+
import "./utils-C7ykRPCQ.js";
|
|
16
|
+
import "./links-BcahUP5U.js";
|
|
17
|
+
import "./setup-binary-CcAv8NXz.js";
|
|
18
|
+
import { $C as hasResolvedCredentialValue, Ad as resolveDmAllowState, Cw as inspectReadOnlyChannelAccount, MT as resolveChannelDefaultAccountId, QC as hasConfiguredUnavailableCredentialStatus, tC as isDangerousNameMatchingEnabled } from "./auth-profiles-smABVXzp.js";
|
|
19
|
+
import "./model-selection-bBBxfXdb.js";
|
|
20
|
+
import "./agent-scope-lZlwP1At.js";
|
|
21
|
+
import { r as normalizeStringEntries } from "./string-normalization-28MhO2sd.js";
|
|
22
|
+
import "./boundary-file-read-tPYh_8fH.js";
|
|
23
|
+
import "./logger-BGzLUitz.js";
|
|
24
|
+
import "./exec-CvEtXqTZ.js";
|
|
25
|
+
import "./workspace-DJ_S272u.js";
|
|
26
|
+
import "./io-BaBxjB1v.js";
|
|
27
|
+
import "./host-env-security-DQ2i_W12.js";
|
|
28
|
+
import "./safe-text-Cnulee_z.js";
|
|
29
|
+
import "./version-T8nMYUnU.js";
|
|
30
|
+
import "./env-substitution-68cyvF5h.js";
|
|
31
|
+
import "./config-state-h5jUoHya.js";
|
|
32
|
+
import "./network-mode-BtWXzwYn.js";
|
|
33
|
+
import "./registry-C1pRrsQl.js";
|
|
34
|
+
import "./manifest-registry-CS_p1OBQ.js";
|
|
35
|
+
import "./ip-C4YAIpr4.js";
|
|
36
|
+
import "./zod-schema.core-DvwgNmpd.js";
|
|
37
|
+
import "./config-CwBv71QC.js";
|
|
38
|
+
import "./audit-fs-CMb-YUHX.js";
|
|
39
|
+
import "./resolve-PSlwZjg3.js";
|
|
40
|
+
import "./provider-web-search-CcUC9ktE.js";
|
|
41
|
+
import "./text-runtime-Cfq-Uyx0.js";
|
|
42
|
+
import { c as resolveNativeCommandsEnabled, l as resolveNativeSkillsEnabled } from "./workspace-dirs-CGeIPpGN.js";
|
|
43
|
+
import "./config-BwkGZjD5.js";
|
|
44
|
+
import { t as formatCliCommand } from "./command-format-C_z0Ru-7.js";
|
|
45
|
+
import "./tailnet-fFTz5Twr.js";
|
|
46
|
+
import "./net-K181nxTH.js";
|
|
47
|
+
import "./credentials-D-5Pb-aZ.js";
|
|
48
|
+
import "./routes-CcJNnwTF.js";
|
|
49
|
+
import "./frontmatter-Cgg0ICvh.js";
|
|
50
|
+
import "./env-overrides-DBQl3LRc.js";
|
|
51
|
+
import "./path-alias-guards-BtSO7sk7.js";
|
|
52
|
+
import "./skills-DE_MXFSN.js";
|
|
53
|
+
import "./ports-Ca74cFb2.js";
|
|
54
|
+
import "./ports-lsof-CoiADo0p.js";
|
|
55
|
+
import "./ssh-tunnel-DsY-9yao.js";
|
|
56
|
+
import "./image-ops-Ck_D_vpe.js";
|
|
57
|
+
import "./fs-safe-CRXFoBmh.js";
|
|
58
|
+
import "./mime-DGFQe4XX.js";
|
|
59
|
+
import "./server-middleware-Djfoa1s0.js";
|
|
60
|
+
import "./message-channel-DFE4FuE_.js";
|
|
61
|
+
import "./resolve-route-DdX-HBVt.js";
|
|
62
|
+
import "./internal-hooks-83AcmxP3.js";
|
|
63
|
+
import { n as createLazyRuntimeSurface } from "./lazy-runtime-BoGB4usD.js";
|
|
64
|
+
import "./config-schema-BNU4GQh_.js";
|
|
65
|
+
import "./method-scopes-B2ZKSsxQ.js";
|
|
66
|
+
import "./session-cost-usage-DWgQk6XT.js";
|
|
67
|
+
import "./paths-ApLcu1Uu.js";
|
|
68
|
+
import "./routing-DQ-fpTaA.js";
|
|
69
|
+
import "./send-B1pX9_Oc.js";
|
|
70
|
+
import "./node-resolve-BYC2FbO2.js";
|
|
71
|
+
import "./provider-stream-Chz_EFw3.js";
|
|
72
|
+
import "./identity-file-Diub2a0t.js";
|
|
73
|
+
import "./provider-models-xnyxy6mO.js";
|
|
74
|
+
import "./secret-file-p1IhQzwJ.js";
|
|
75
|
+
import "./logging-Dy7UYzIN.js";
|
|
76
|
+
import "./runtime-env-BlEtPF6b.js";
|
|
77
|
+
import "./registry-BFMbkmgR.js";
|
|
78
|
+
import "./provider-onboard-B9ionepI.js";
|
|
79
|
+
import "./model-definitions-Cyyzm6Kr.js";
|
|
80
|
+
import "./usage-Czgwvg0h.js";
|
|
81
|
+
import "./device-identity-IG5DngWM.js";
|
|
82
|
+
import "./auth-Ch3Rchm4.js";
|
|
83
|
+
import "./subscription-DaA1urx-.js";
|
|
84
|
+
import "./diagnostic-DTPopFvh.js";
|
|
85
|
+
import "./message-hook-mappers-CeiHXgSQ.js";
|
|
86
|
+
import "./json-store--7cBPxTG.js";
|
|
87
|
+
import "./call-gdDAt07d.js";
|
|
88
|
+
import "./multimodal-BJBBn_4F.js";
|
|
89
|
+
import "./memory-search-tTD5o_rU.js";
|
|
90
|
+
import "./query-expansion-D_Mm5Hhi.js";
|
|
91
|
+
import "./search-manager-BS5Db0A6.js";
|
|
92
|
+
import "./core-BwKq3krw.js";
|
|
93
|
+
import "./issue-format-B0SI57Es.js";
|
|
94
|
+
import "./logging-CdisccbY.js";
|
|
95
|
+
import "./note-dOl5kPAy.js";
|
|
96
|
+
import "./state-paths-DsMoTg25.js";
|
|
97
|
+
import "./config-value-DT3-5958.js";
|
|
98
|
+
import "./command-secret-targets-BFF4x_RB.js";
|
|
99
|
+
import "./brave-w4Fo8WZ3.js";
|
|
100
|
+
import "./provider-usage-kxemdMp2.js";
|
|
101
|
+
import "./perplexity-CXwMDD3u.js";
|
|
102
|
+
import "./restart-stale-pids-CPF1_61W.js";
|
|
103
|
+
import "./delivery-queue-BOf5wYIc.js";
|
|
104
|
+
import "./pairing-token-bu1e6z6X.js";
|
|
105
|
+
import "./accounts-J2OhhhQi.js";
|
|
106
|
+
import "./process-runtime-D27SftX_.js";
|
|
107
|
+
import "./audit-CpfSjvyo.js";
|
|
108
|
+
import "./cli-runtime-DTCHPjCi.js";
|
|
109
|
+
import "./cli-utils-BCuSS4l6.js";
|
|
110
|
+
import "./help-format-BFzPm_8V.js";
|
|
111
|
+
import "./progress-Cwq59vgZ.js";
|
|
112
|
+
import "./gateway-runtime-CBm3CCoA.js";
|
|
113
|
+
//#region src/security/audit-channel.ts
|
|
114
|
+
const loadAuditChannelRuntimeModule = createLazyRuntimeSurface(() => import("./audit-channel.runtime-BJDZ7ETt.js"), ({ auditChannelRuntime }) => auditChannelRuntime);
|
|
115
|
+
function normalizeAllowFromList(list) {
|
|
116
|
+
return normalizeStringEntries(Array.isArray(list) ? list : void 0);
|
|
117
|
+
}
|
|
118
|
+
function addDiscordNameBasedEntries(params) {
|
|
119
|
+
if (!Array.isArray(params.values)) return;
|
|
120
|
+
for (const value of params.values) {
|
|
121
|
+
if (!params.isDiscordMutableAllowEntry(String(value))) continue;
|
|
122
|
+
const text = String(value).trim();
|
|
123
|
+
if (!text) continue;
|
|
124
|
+
params.target.add(`${params.source}:${text}`);
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
function addZalouserMutableGroupEntries(params) {
|
|
128
|
+
if (!params.groups || typeof params.groups !== "object" || Array.isArray(params.groups)) return;
|
|
129
|
+
for (const key of Object.keys(params.groups)) {
|
|
130
|
+
if (!params.isZalouserMutableGroupEntry(key)) continue;
|
|
131
|
+
params.target.add(`${params.source}:${key}`);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
async function collectInvalidTelegramAllowFromEntries(params) {
|
|
135
|
+
if (!Array.isArray(params.entries)) return;
|
|
136
|
+
const { isNumericTelegramUserId, normalizeTelegramAllowFromEntry } = await loadAuditChannelRuntimeModule();
|
|
137
|
+
for (const entry of params.entries) {
|
|
138
|
+
const normalized = normalizeTelegramAllowFromEntry(entry);
|
|
139
|
+
if (!normalized || normalized === "*") continue;
|
|
140
|
+
if (!isNumericTelegramUserId(normalized)) params.target.add(normalized);
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
function classifyChannelWarningSeverity(message) {
|
|
144
|
+
const s = message.toLowerCase();
|
|
145
|
+
if (s.includes("dms: open") || s.includes("grouppolicy=\"open\"") || s.includes("dmpolicy=\"open\"")) return "critical";
|
|
146
|
+
if (s.includes("allows any") || s.includes("anyone can dm") || s.includes("public")) return "critical";
|
|
147
|
+
if (s.includes("locked") || s.includes("disabled")) return "info";
|
|
148
|
+
return "warn";
|
|
149
|
+
}
|
|
150
|
+
function dedupeFindings(findings) {
|
|
151
|
+
const seen = /* @__PURE__ */ new Set();
|
|
152
|
+
const out = [];
|
|
153
|
+
for (const finding of findings) {
|
|
154
|
+
const key = [
|
|
155
|
+
finding.checkId,
|
|
156
|
+
finding.severity,
|
|
157
|
+
finding.title,
|
|
158
|
+
finding.detail ?? "",
|
|
159
|
+
finding.remediation ?? ""
|
|
160
|
+
].join("\n");
|
|
161
|
+
if (seen.has(key)) continue;
|
|
162
|
+
seen.add(key);
|
|
163
|
+
out.push(finding);
|
|
164
|
+
}
|
|
165
|
+
return out;
|
|
166
|
+
}
|
|
167
|
+
function hasExplicitProviderAccountConfig(cfg, provider, accountId) {
|
|
168
|
+
const channel = cfg.channels?.[provider];
|
|
169
|
+
if (!channel || typeof channel !== "object") return false;
|
|
170
|
+
const accounts = channel.accounts;
|
|
171
|
+
if (!accounts || typeof accounts !== "object") return false;
|
|
172
|
+
return Object.hasOwn(accounts, accountId);
|
|
173
|
+
}
|
|
174
|
+
async function collectChannelSecurityFindings$1(params) {
|
|
175
|
+
const findings = [];
|
|
176
|
+
const sourceConfig = params.sourceConfig ?? params.cfg;
|
|
177
|
+
const inspectChannelAccount = async (plugin, cfg, accountId) => plugin.config.inspectAccount?.(cfg, accountId) ?? await inspectReadOnlyChannelAccount({
|
|
178
|
+
channelId: plugin.id,
|
|
179
|
+
cfg,
|
|
180
|
+
accountId
|
|
181
|
+
});
|
|
182
|
+
const asAccountRecord = (value) => value && typeof value === "object" && !Array.isArray(value) ? value : null;
|
|
183
|
+
const resolveChannelAuditAccount = async (plugin, accountId) => {
|
|
184
|
+
const diagnostics = [];
|
|
185
|
+
const sourceInspectedAccount = await inspectChannelAccount(plugin, sourceConfig, accountId);
|
|
186
|
+
const resolvedInspectedAccount = await inspectChannelAccount(plugin, params.cfg, accountId);
|
|
187
|
+
const sourceInspection = sourceInspectedAccount;
|
|
188
|
+
const resolvedInspection = resolvedInspectedAccount;
|
|
189
|
+
let resolvedAccount = resolvedInspectedAccount;
|
|
190
|
+
if (!resolvedAccount) try {
|
|
191
|
+
resolvedAccount = plugin.config.resolveAccount(params.cfg, accountId);
|
|
192
|
+
} catch (error) {
|
|
193
|
+
diagnostics.push(`${plugin.id}:${accountId}: failed to resolve account (${formatErrorMessage(error)}).`);
|
|
194
|
+
}
|
|
195
|
+
if (!resolvedAccount && sourceInspectedAccount) resolvedAccount = sourceInspectedAccount;
|
|
196
|
+
if (!resolvedAccount) return {
|
|
197
|
+
account: {},
|
|
198
|
+
enabled: false,
|
|
199
|
+
configured: false,
|
|
200
|
+
diagnostics
|
|
201
|
+
};
|
|
202
|
+
const useSourceUnavailableAccount = Boolean(sourceInspectedAccount && hasConfiguredUnavailableCredentialStatus(sourceInspectedAccount) && (!hasResolvedCredentialValue(resolvedAccount) || sourceInspection?.configured === true && resolvedInspection?.configured === false));
|
|
203
|
+
const account = useSourceUnavailableAccount ? sourceInspectedAccount : resolvedAccount;
|
|
204
|
+
const selectedInspection = useSourceUnavailableAccount ? sourceInspection : resolvedInspection;
|
|
205
|
+
const accountRecord = asAccountRecord(account);
|
|
206
|
+
let enabled = typeof selectedInspection?.enabled === "boolean" ? selectedInspection.enabled : typeof accountRecord?.enabled === "boolean" ? accountRecord.enabled : true;
|
|
207
|
+
if (typeof selectedInspection?.enabled !== "boolean" && typeof accountRecord?.enabled !== "boolean" && plugin.config.isEnabled) try {
|
|
208
|
+
enabled = plugin.config.isEnabled(account, params.cfg);
|
|
209
|
+
} catch (error) {
|
|
210
|
+
enabled = false;
|
|
211
|
+
diagnostics.push(`${plugin.id}:${accountId}: failed to evaluate enabled state (${formatErrorMessage(error)}).`);
|
|
212
|
+
}
|
|
213
|
+
let configured = typeof selectedInspection?.configured === "boolean" ? selectedInspection.configured : typeof accountRecord?.configured === "boolean" ? accountRecord.configured : true;
|
|
214
|
+
if (typeof selectedInspection?.configured !== "boolean" && typeof accountRecord?.configured !== "boolean" && plugin.config.isConfigured) try {
|
|
215
|
+
configured = await plugin.config.isConfigured(account, params.cfg);
|
|
216
|
+
} catch (error) {
|
|
217
|
+
configured = false;
|
|
218
|
+
diagnostics.push(`${plugin.id}:${accountId}: failed to evaluate configured state (${formatErrorMessage(error)}).`);
|
|
219
|
+
}
|
|
220
|
+
return {
|
|
221
|
+
account,
|
|
222
|
+
enabled,
|
|
223
|
+
configured,
|
|
224
|
+
diagnostics
|
|
225
|
+
};
|
|
226
|
+
};
|
|
227
|
+
const coerceNativeSetting = (value) => {
|
|
228
|
+
if (value === true) return true;
|
|
229
|
+
if (value === false) return false;
|
|
230
|
+
if (value === "auto") return "auto";
|
|
231
|
+
};
|
|
232
|
+
const warnDmPolicy = async (input) => {
|
|
233
|
+
const policyPath = input.policyPath ?? `${input.allowFromPath}policy`;
|
|
234
|
+
const { hasWildcard, isMultiUserDm } = await resolveDmAllowState({
|
|
235
|
+
provider: input.provider,
|
|
236
|
+
accountId: input.accountId,
|
|
237
|
+
allowFrom: input.allowFrom,
|
|
238
|
+
normalizeEntry: input.normalizeEntry
|
|
239
|
+
});
|
|
240
|
+
const dmScope = params.cfg.session?.dmScope ?? "main";
|
|
241
|
+
if (input.dmPolicy === "open") {
|
|
242
|
+
const allowFromKey = `${input.allowFromPath}allowFrom`;
|
|
243
|
+
findings.push({
|
|
244
|
+
checkId: `channels.${input.provider}.dm.open`,
|
|
245
|
+
severity: "critical",
|
|
246
|
+
title: `${input.label} DMs are open`,
|
|
247
|
+
detail: `${policyPath}="open" allows anyone to DM the bot.`,
|
|
248
|
+
remediation: `Use pairing/allowlist; if you really need open DMs, ensure ${allowFromKey} includes "*".`
|
|
249
|
+
});
|
|
250
|
+
if (!hasWildcard) findings.push({
|
|
251
|
+
checkId: `channels.${input.provider}.dm.open_invalid`,
|
|
252
|
+
severity: "warn",
|
|
253
|
+
title: `${input.label} DM config looks inconsistent`,
|
|
254
|
+
detail: `"open" requires ${allowFromKey} to include "*".`
|
|
255
|
+
});
|
|
256
|
+
}
|
|
257
|
+
if (input.dmPolicy === "disabled") {
|
|
258
|
+
findings.push({
|
|
259
|
+
checkId: `channels.${input.provider}.dm.disabled`,
|
|
260
|
+
severity: "info",
|
|
261
|
+
title: `${input.label} DMs are disabled`,
|
|
262
|
+
detail: `${policyPath}="disabled" ignores inbound DMs.`
|
|
263
|
+
});
|
|
264
|
+
return;
|
|
265
|
+
}
|
|
266
|
+
if (dmScope === "main" && isMultiUserDm) findings.push({
|
|
267
|
+
checkId: `channels.${input.provider}.dm.scope_main_multiuser`,
|
|
268
|
+
severity: "warn",
|
|
269
|
+
title: `${input.label} DMs share the main session`,
|
|
270
|
+
detail: "Multiple DM senders currently share the main session, which can leak context across users.",
|
|
271
|
+
remediation: "Run: " + formatCliCommand("moldclaw config set session.dmScope \"per-channel-peer\"") + " (or \"per-account-channel-peer\" for multi-account channels) to isolate DM sessions per sender."
|
|
272
|
+
});
|
|
273
|
+
};
|
|
274
|
+
for (const plugin of params.plugins) {
|
|
275
|
+
if (!plugin.security) continue;
|
|
276
|
+
const accountIds = plugin.config.listAccountIds(sourceConfig);
|
|
277
|
+
const defaultAccountId = resolveChannelDefaultAccountId({
|
|
278
|
+
plugin,
|
|
279
|
+
cfg: sourceConfig,
|
|
280
|
+
accountIds
|
|
281
|
+
});
|
|
282
|
+
const orderedAccountIds = Array.from(new Set([defaultAccountId, ...accountIds]));
|
|
283
|
+
for (const accountId of orderedAccountIds) {
|
|
284
|
+
const hasExplicitAccountPath = hasExplicitProviderAccountConfig(sourceConfig, plugin.id, accountId);
|
|
285
|
+
const { account, enabled, configured, diagnostics } = await resolveChannelAuditAccount(plugin, accountId);
|
|
286
|
+
for (const diagnostic of diagnostics) findings.push({
|
|
287
|
+
checkId: `channels.${plugin.id}.account.read_only_resolution`,
|
|
288
|
+
severity: "warn",
|
|
289
|
+
title: `${plugin.meta.label ?? plugin.id} account could not be fully resolved`,
|
|
290
|
+
detail: diagnostic,
|
|
291
|
+
remediation: "Ensure referenced secrets are available in this shell or run with a running gateway snapshot so security audit can inspect the full channel configuration."
|
|
292
|
+
});
|
|
293
|
+
if (!enabled) continue;
|
|
294
|
+
if (!configured) continue;
|
|
295
|
+
const accountConfig = account?.config;
|
|
296
|
+
if (isDangerousNameMatchingEnabled(accountConfig)) {
|
|
297
|
+
const accountNote = orderedAccountIds.length > 1 || hasExplicitAccountPath ? ` (account: ${accountId})` : "";
|
|
298
|
+
findings.push({
|
|
299
|
+
checkId: `channels.${plugin.id}.allowFrom.dangerous_name_matching_enabled`,
|
|
300
|
+
severity: "info",
|
|
301
|
+
title: `${plugin.meta.label ?? plugin.id} dangerous name matching is enabled${accountNote}`,
|
|
302
|
+
detail: "dangerouslyAllowNameMatching=true re-enables mutable name/email/tag matching for sender authorization. This is a break-glass compatibility mode, not a hardened default.",
|
|
303
|
+
remediation: "Prefer stable sender IDs in allowlists, then disable dangerouslyAllowNameMatching."
|
|
304
|
+
});
|
|
305
|
+
}
|
|
306
|
+
if (plugin.id === "discord") {
|
|
307
|
+
const { isDiscordMutableAllowEntry, readChannelAllowFromStore } = await loadAuditChannelRuntimeModule();
|
|
308
|
+
const discordCfg = account?.config ?? {};
|
|
309
|
+
const dangerousNameMatchingEnabled = isDangerousNameMatchingEnabled(discordCfg);
|
|
310
|
+
const storeAllowFrom = await readChannelAllowFromStore("discord", process.env, accountId).catch(() => []);
|
|
311
|
+
const discordNameBasedAllowEntries = /* @__PURE__ */ new Set();
|
|
312
|
+
const discordPathPrefix = orderedAccountIds.length > 1 || hasExplicitAccountPath ? `channels.discord.accounts.${accountId}` : "channels.discord";
|
|
313
|
+
addDiscordNameBasedEntries({
|
|
314
|
+
target: discordNameBasedAllowEntries,
|
|
315
|
+
values: discordCfg.allowFrom,
|
|
316
|
+
source: `${discordPathPrefix}.allowFrom`,
|
|
317
|
+
isDiscordMutableAllowEntry
|
|
318
|
+
});
|
|
319
|
+
addDiscordNameBasedEntries({
|
|
320
|
+
target: discordNameBasedAllowEntries,
|
|
321
|
+
values: discordCfg.dm?.allowFrom,
|
|
322
|
+
source: `${discordPathPrefix}.dm.allowFrom`,
|
|
323
|
+
isDiscordMutableAllowEntry
|
|
324
|
+
});
|
|
325
|
+
addDiscordNameBasedEntries({
|
|
326
|
+
target: discordNameBasedAllowEntries,
|
|
327
|
+
values: storeAllowFrom,
|
|
328
|
+
source: "~/.moldclaw/credentials/discord-allowFrom.json",
|
|
329
|
+
isDiscordMutableAllowEntry
|
|
330
|
+
});
|
|
331
|
+
const discordGuildEntries = discordCfg.guilds ?? {};
|
|
332
|
+
for (const [guildKey, guildValue] of Object.entries(discordGuildEntries)) {
|
|
333
|
+
if (!guildValue || typeof guildValue !== "object") continue;
|
|
334
|
+
const guild = guildValue;
|
|
335
|
+
addDiscordNameBasedEntries({
|
|
336
|
+
target: discordNameBasedAllowEntries,
|
|
337
|
+
values: guild.users,
|
|
338
|
+
source: `${discordPathPrefix}.guilds.${guildKey}.users`,
|
|
339
|
+
isDiscordMutableAllowEntry
|
|
340
|
+
});
|
|
341
|
+
const channels = guild.channels;
|
|
342
|
+
if (!channels || typeof channels !== "object") continue;
|
|
343
|
+
for (const [channelKey, channelValue] of Object.entries(channels)) {
|
|
344
|
+
if (!channelValue || typeof channelValue !== "object") continue;
|
|
345
|
+
addDiscordNameBasedEntries({
|
|
346
|
+
target: discordNameBasedAllowEntries,
|
|
347
|
+
values: channelValue.users,
|
|
348
|
+
source: `${discordPathPrefix}.guilds.${guildKey}.channels.${channelKey}.users`,
|
|
349
|
+
isDiscordMutableAllowEntry
|
|
350
|
+
});
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
if (discordNameBasedAllowEntries.size > 0) {
|
|
354
|
+
const examples = Array.from(discordNameBasedAllowEntries).slice(0, 5);
|
|
355
|
+
const more = discordNameBasedAllowEntries.size > examples.length ? ` (+${discordNameBasedAllowEntries.size - examples.length} more)` : "";
|
|
356
|
+
findings.push({
|
|
357
|
+
checkId: "channels.discord.allowFrom.name_based_entries",
|
|
358
|
+
severity: dangerousNameMatchingEnabled ? "info" : "warn",
|
|
359
|
+
title: dangerousNameMatchingEnabled ? "Discord allowlist uses break-glass name/tag matching" : "Discord allowlist contains name or tag entries",
|
|
360
|
+
detail: dangerousNameMatchingEnabled ? `Discord name/tag allowlist matching is explicitly enabled via dangerouslyAllowNameMatching. This mutable-identity mode is operator-selected break-glass behavior and out-of-scope for vulnerability reports by itself. Found: ${examples.join(", ")}${more}.` : `Discord name/tag allowlist matching uses normalized slugs and can collide across users. Found: ${examples.join(", ")}${more}.`,
|
|
361
|
+
remediation: dangerousNameMatchingEnabled ? "Prefer stable Discord IDs (or <@id>/user:<id>/pk:<id>), then disable dangerouslyAllowNameMatching." : "Prefer stable Discord IDs (or <@id>/user:<id>/pk:<id>) in channels.discord.allowFrom and channels.discord.guilds.*.users, or explicitly opt in with dangerouslyAllowNameMatching=true if you accept the risk."
|
|
362
|
+
});
|
|
363
|
+
}
|
|
364
|
+
const nativeEnabled = resolveNativeCommandsEnabled({
|
|
365
|
+
providerId: "discord",
|
|
366
|
+
providerSetting: coerceNativeSetting(discordCfg.commands?.native),
|
|
367
|
+
globalSetting: params.cfg.commands?.native
|
|
368
|
+
});
|
|
369
|
+
const nativeSkillsEnabled = resolveNativeSkillsEnabled({
|
|
370
|
+
providerId: "discord",
|
|
371
|
+
providerSetting: coerceNativeSetting(discordCfg.commands?.nativeSkills),
|
|
372
|
+
globalSetting: params.cfg.commands?.nativeSkills
|
|
373
|
+
});
|
|
374
|
+
if (nativeEnabled || nativeSkillsEnabled) {
|
|
375
|
+
const defaultGroupPolicy = params.cfg.channels?.defaults?.groupPolicy;
|
|
376
|
+
const groupPolicy = discordCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
|
|
377
|
+
const guildEntries = discordGuildEntries;
|
|
378
|
+
const guildsConfigured = Object.keys(guildEntries).length > 0;
|
|
379
|
+
const hasAnyUserAllowlist = Object.values(guildEntries).some((guild) => {
|
|
380
|
+
if (!guild || typeof guild !== "object") return false;
|
|
381
|
+
const g = guild;
|
|
382
|
+
if (Array.isArray(g.users) && g.users.length > 0) return true;
|
|
383
|
+
const channels = g.channels;
|
|
384
|
+
if (!channels || typeof channels !== "object") return false;
|
|
385
|
+
return Object.values(channels).some((channel) => {
|
|
386
|
+
if (!channel || typeof channel !== "object") return false;
|
|
387
|
+
const c = channel;
|
|
388
|
+
return Array.isArray(c.users) && c.users.length > 0;
|
|
389
|
+
});
|
|
390
|
+
});
|
|
391
|
+
const dmAllowFromRaw = discordCfg.dm?.allowFrom;
|
|
392
|
+
const ownerAllowFromConfigured = normalizeAllowFromList([...Array.isArray(dmAllowFromRaw) ? dmAllowFromRaw : [], ...storeAllowFrom]).length > 0;
|
|
393
|
+
const useAccessGroups = params.cfg.commands?.useAccessGroups !== false;
|
|
394
|
+
if (!useAccessGroups && groupPolicy !== "disabled" && guildsConfigured && !hasAnyUserAllowlist) findings.push({
|
|
395
|
+
checkId: "channels.discord.commands.native.unrestricted",
|
|
396
|
+
severity: "critical",
|
|
397
|
+
title: "Discord slash commands are unrestricted",
|
|
398
|
+
detail: "commands.useAccessGroups=false disables sender allowlists for Discord slash commands unless a per-guild/channel users allowlist is configured; with no users allowlist, any user in allowed guild channels can invoke /… commands.",
|
|
399
|
+
remediation: "Set commands.useAccessGroups=true (recommended), or configure channels.discord.guilds.<id>.users (or channels.discord.guilds.<id>.channels.<channel>.users)."
|
|
400
|
+
});
|
|
401
|
+
else if (useAccessGroups && groupPolicy !== "disabled" && guildsConfigured && !ownerAllowFromConfigured && !hasAnyUserAllowlist) findings.push({
|
|
402
|
+
checkId: "channels.discord.commands.native.no_allowlists",
|
|
403
|
+
severity: "warn",
|
|
404
|
+
title: "Discord slash commands have no allowlists",
|
|
405
|
+
detail: "Discord slash commands are enabled, but neither an owner allowFrom list nor any per-guild/channel users allowlist is configured; /… commands will be rejected for everyone.",
|
|
406
|
+
remediation: "Add your user id to channels.discord.allowFrom (or approve yourself via pairing), or configure channels.discord.guilds.<id>.users."
|
|
407
|
+
});
|
|
408
|
+
}
|
|
409
|
+
}
|
|
410
|
+
if (plugin.id === "zalouser") {
|
|
411
|
+
const { isZalouserMutableGroupEntry } = await loadAuditChannelRuntimeModule();
|
|
412
|
+
const zalouserCfg = account?.config ?? {};
|
|
413
|
+
const dangerousNameMatchingEnabled = isDangerousNameMatchingEnabled(zalouserCfg);
|
|
414
|
+
const zalouserPathPrefix = orderedAccountIds.length > 1 || hasExplicitAccountPath ? `channels.zalouser.accounts.${accountId}` : "channels.zalouser";
|
|
415
|
+
const mutableGroupEntries = /* @__PURE__ */ new Set();
|
|
416
|
+
addZalouserMutableGroupEntries({
|
|
417
|
+
target: mutableGroupEntries,
|
|
418
|
+
groups: zalouserCfg.groups,
|
|
419
|
+
source: `${zalouserPathPrefix}.groups`,
|
|
420
|
+
isZalouserMutableGroupEntry
|
|
421
|
+
});
|
|
422
|
+
if (mutableGroupEntries.size > 0) {
|
|
423
|
+
const examples = Array.from(mutableGroupEntries).slice(0, 5);
|
|
424
|
+
const more = mutableGroupEntries.size > examples.length ? ` (+${mutableGroupEntries.size - examples.length} more)` : "";
|
|
425
|
+
findings.push({
|
|
426
|
+
checkId: "channels.zalouser.groups.mutable_entries",
|
|
427
|
+
severity: dangerousNameMatchingEnabled ? "info" : "warn",
|
|
428
|
+
title: dangerousNameMatchingEnabled ? "Zalouser group routing uses break-glass name matching" : "Zalouser group routing contains mutable group entries",
|
|
429
|
+
detail: dangerousNameMatchingEnabled ? `Zalouser group-name routing is explicitly enabled via dangerouslyAllowNameMatching. This mutable-identity mode is operator-selected break-glass behavior and out-of-scope for vulnerability reports by itself. Found: ${examples.join(", ")}${more}.` : `Zalouser group auth is ID-only by default, so unresolved group-name or slug entries are ignored for auth and can drift from the intended trusted group. Found: ${examples.join(", ")}${more}.`,
|
|
430
|
+
remediation: dangerousNameMatchingEnabled ? "Prefer stable Zalo group IDs (for example group:<id> or provider-native g- ids), then disable dangerouslyAllowNameMatching." : "Prefer stable Zalo group IDs in channels.zalouser.groups, or explicitly opt in with dangerouslyAllowNameMatching=true if you accept mutable group-name matching."
|
|
431
|
+
});
|
|
432
|
+
}
|
|
433
|
+
}
|
|
434
|
+
if (plugin.id === "slack") {
|
|
435
|
+
const { readChannelAllowFromStore } = await loadAuditChannelRuntimeModule();
|
|
436
|
+
const slackCfg = account?.config ?? {};
|
|
437
|
+
const nativeEnabled = resolveNativeCommandsEnabled({
|
|
438
|
+
providerId: "slack",
|
|
439
|
+
providerSetting: coerceNativeSetting(slackCfg.commands?.native),
|
|
440
|
+
globalSetting: params.cfg.commands?.native
|
|
441
|
+
});
|
|
442
|
+
const nativeSkillsEnabled = resolveNativeSkillsEnabled({
|
|
443
|
+
providerId: "slack",
|
|
444
|
+
providerSetting: coerceNativeSetting(slackCfg.commands?.nativeSkills),
|
|
445
|
+
globalSetting: params.cfg.commands?.nativeSkills
|
|
446
|
+
});
|
|
447
|
+
if (nativeEnabled || nativeSkillsEnabled || slackCfg.slashCommand?.enabled === true) if (!(params.cfg.commands?.useAccessGroups !== false)) findings.push({
|
|
448
|
+
checkId: "channels.slack.commands.slash.useAccessGroups_off",
|
|
449
|
+
severity: "critical",
|
|
450
|
+
title: "Slack slash commands bypass access groups",
|
|
451
|
+
detail: "Slack slash/native commands are enabled while commands.useAccessGroups=false; this can allow unrestricted /… command execution from channels/users you didn't explicitly authorize.",
|
|
452
|
+
remediation: "Set commands.useAccessGroups=true (recommended)."
|
|
453
|
+
});
|
|
454
|
+
else {
|
|
455
|
+
const allowFromRaw = account?.config?.allowFrom;
|
|
456
|
+
const legacyAllowFromRaw = account?.dm?.allowFrom;
|
|
457
|
+
const allowFrom = Array.isArray(allowFromRaw) ? allowFromRaw : Array.isArray(legacyAllowFromRaw) ? legacyAllowFromRaw : [];
|
|
458
|
+
const storeAllowFrom = await readChannelAllowFromStore("slack", process.env, accountId).catch(() => []);
|
|
459
|
+
const ownerAllowFromConfigured = normalizeAllowFromList([...allowFrom, ...storeAllowFrom]).length > 0;
|
|
460
|
+
const channels = slackCfg.channels ?? {};
|
|
461
|
+
const hasAnyChannelUsersAllowlist = Object.values(channels).some((value) => {
|
|
462
|
+
if (!value || typeof value !== "object") return false;
|
|
463
|
+
const channel = value;
|
|
464
|
+
return Array.isArray(channel.users) && channel.users.length > 0;
|
|
465
|
+
});
|
|
466
|
+
if (!ownerAllowFromConfigured && !hasAnyChannelUsersAllowlist) findings.push({
|
|
467
|
+
checkId: "channels.slack.commands.slash.no_allowlists",
|
|
468
|
+
severity: "warn",
|
|
469
|
+
title: "Slack slash commands have no allowlists",
|
|
470
|
+
detail: "Slack slash/native commands are enabled, but neither an owner allowFrom list nor any channels.<id>.users allowlist is configured; /… commands will be rejected for everyone.",
|
|
471
|
+
remediation: "Approve yourself via pairing (recommended), or set channels.slack.allowFrom and/or channels.slack.channels.<id>.users."
|
|
472
|
+
});
|
|
473
|
+
}
|
|
474
|
+
}
|
|
475
|
+
const dmPolicy = plugin.security.resolveDmPolicy?.({
|
|
476
|
+
cfg: params.cfg,
|
|
477
|
+
accountId,
|
|
478
|
+
account
|
|
479
|
+
});
|
|
480
|
+
if (dmPolicy) await warnDmPolicy({
|
|
481
|
+
label: plugin.meta.label ?? plugin.id,
|
|
482
|
+
provider: plugin.id,
|
|
483
|
+
accountId,
|
|
484
|
+
dmPolicy: dmPolicy.policy,
|
|
485
|
+
allowFrom: dmPolicy.allowFrom,
|
|
486
|
+
policyPath: dmPolicy.policyPath,
|
|
487
|
+
allowFromPath: dmPolicy.allowFromPath,
|
|
488
|
+
normalizeEntry: dmPolicy.normalizeEntry
|
|
489
|
+
});
|
|
490
|
+
if (plugin.security.collectWarnings) {
|
|
491
|
+
const warnings = await plugin.security.collectWarnings({
|
|
492
|
+
cfg: params.cfg,
|
|
493
|
+
accountId,
|
|
494
|
+
account
|
|
495
|
+
});
|
|
496
|
+
for (const message of warnings ?? []) {
|
|
497
|
+
const trimmed = String(message).trim();
|
|
498
|
+
if (!trimmed) continue;
|
|
499
|
+
findings.push({
|
|
500
|
+
checkId: `channels.${plugin.id}.warning.${findings.length + 1}`,
|
|
501
|
+
severity: classifyChannelWarningSeverity(trimmed),
|
|
502
|
+
title: `${plugin.meta.label ?? plugin.id} security warning`,
|
|
503
|
+
detail: trimmed.replace(/^-\s*/, "")
|
|
504
|
+
});
|
|
505
|
+
}
|
|
506
|
+
}
|
|
507
|
+
if (plugin.id !== "telegram") continue;
|
|
508
|
+
if (!(params.cfg.commands?.text !== false)) continue;
|
|
509
|
+
const telegramCfg = account?.config ?? {};
|
|
510
|
+
const defaultGroupPolicy = params.cfg.channels?.defaults?.groupPolicy;
|
|
511
|
+
const groupPolicy = telegramCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
|
|
512
|
+
const groups = telegramCfg.groups;
|
|
513
|
+
const groupsConfigured = Boolean(groups) && Object.keys(groups ?? {}).length > 0;
|
|
514
|
+
if (!(groupPolicy === "open" || groupPolicy === "allowlist" && groupsConfigured)) continue;
|
|
515
|
+
const { readChannelAllowFromStore } = await loadAuditChannelRuntimeModule();
|
|
516
|
+
const storeAllowFrom = await readChannelAllowFromStore("telegram", process.env, accountId).catch(() => []);
|
|
517
|
+
const storeHasWildcard = storeAllowFrom.some((v) => String(v).trim() === "*");
|
|
518
|
+
const invalidTelegramAllowFromEntries = /* @__PURE__ */ new Set();
|
|
519
|
+
await collectInvalidTelegramAllowFromEntries({
|
|
520
|
+
entries: storeAllowFrom,
|
|
521
|
+
target: invalidTelegramAllowFromEntries
|
|
522
|
+
});
|
|
523
|
+
const groupAllowFrom = Array.isArray(telegramCfg.groupAllowFrom) ? telegramCfg.groupAllowFrom : [];
|
|
524
|
+
const groupAllowFromHasWildcard = groupAllowFrom.some((v) => String(v).trim() === "*");
|
|
525
|
+
await collectInvalidTelegramAllowFromEntries({
|
|
526
|
+
entries: groupAllowFrom,
|
|
527
|
+
target: invalidTelegramAllowFromEntries
|
|
528
|
+
});
|
|
529
|
+
await collectInvalidTelegramAllowFromEntries({
|
|
530
|
+
entries: Array.isArray(telegramCfg.allowFrom) ? telegramCfg.allowFrom : [],
|
|
531
|
+
target: invalidTelegramAllowFromEntries
|
|
532
|
+
});
|
|
533
|
+
let anyGroupOverride = false;
|
|
534
|
+
if (groups) for (const value of Object.values(groups)) {
|
|
535
|
+
if (!value || typeof value !== "object") continue;
|
|
536
|
+
const group = value;
|
|
537
|
+
const allowFrom = Array.isArray(group.allowFrom) ? group.allowFrom : [];
|
|
538
|
+
if (allowFrom.length > 0) {
|
|
539
|
+
anyGroupOverride = true;
|
|
540
|
+
await collectInvalidTelegramAllowFromEntries({
|
|
541
|
+
entries: allowFrom,
|
|
542
|
+
target: invalidTelegramAllowFromEntries
|
|
543
|
+
});
|
|
544
|
+
}
|
|
545
|
+
const topics = group.topics;
|
|
546
|
+
if (!topics || typeof topics !== "object") continue;
|
|
547
|
+
for (const topicValue of Object.values(topics)) {
|
|
548
|
+
if (!topicValue || typeof topicValue !== "object") continue;
|
|
549
|
+
const topic = topicValue;
|
|
550
|
+
const topicAllow = Array.isArray(topic.allowFrom) ? topic.allowFrom : [];
|
|
551
|
+
if (topicAllow.length > 0) anyGroupOverride = true;
|
|
552
|
+
await collectInvalidTelegramAllowFromEntries({
|
|
553
|
+
entries: topicAllow,
|
|
554
|
+
target: invalidTelegramAllowFromEntries
|
|
555
|
+
});
|
|
556
|
+
}
|
|
557
|
+
}
|
|
558
|
+
const hasAnySenderAllowlist = storeAllowFrom.length > 0 || groupAllowFrom.length > 0 || anyGroupOverride;
|
|
559
|
+
if (invalidTelegramAllowFromEntries.size > 0) {
|
|
560
|
+
const examples = Array.from(invalidTelegramAllowFromEntries).slice(0, 5);
|
|
561
|
+
const more = invalidTelegramAllowFromEntries.size > examples.length ? ` (+${invalidTelegramAllowFromEntries.size - examples.length} more)` : "";
|
|
562
|
+
findings.push({
|
|
563
|
+
checkId: "channels.telegram.allowFrom.invalid_entries",
|
|
564
|
+
severity: "warn",
|
|
565
|
+
title: "Telegram allowlist contains non-numeric entries",
|
|
566
|
+
detail: `Telegram sender authorization requires numeric Telegram user IDs. Found non-numeric allowFrom entries: ${examples.join(", ")}${more}.`,
|
|
567
|
+
remediation: "Replace @username entries with numeric Telegram user IDs (use setup to resolve), then re-run the audit."
|
|
568
|
+
});
|
|
569
|
+
}
|
|
570
|
+
if (storeHasWildcard || groupAllowFromHasWildcard) {
|
|
571
|
+
findings.push({
|
|
572
|
+
checkId: "channels.telegram.groups.allowFrom.wildcard",
|
|
573
|
+
severity: "critical",
|
|
574
|
+
title: "Telegram group allowlist contains wildcard",
|
|
575
|
+
detail: "Telegram group sender allowlist contains \"*\", which allows any group member to run /… commands and control directives.",
|
|
576
|
+
remediation: "Remove \"*\" from channels.telegram.groupAllowFrom and pairing store; prefer explicit numeric Telegram user IDs."
|
|
577
|
+
});
|
|
578
|
+
continue;
|
|
579
|
+
}
|
|
580
|
+
if (!hasAnySenderAllowlist) {
|
|
581
|
+
const providerSetting = telegramCfg.commands?.nativeSkills;
|
|
582
|
+
const skillsEnabled = resolveNativeSkillsEnabled({
|
|
583
|
+
providerId: "telegram",
|
|
584
|
+
providerSetting,
|
|
585
|
+
globalSetting: params.cfg.commands?.nativeSkills
|
|
586
|
+
});
|
|
587
|
+
findings.push({
|
|
588
|
+
checkId: "channels.telegram.groups.allowFrom.missing",
|
|
589
|
+
severity: "critical",
|
|
590
|
+
title: "Telegram group commands have no sender allowlist",
|
|
591
|
+
detail: `Telegram group access is enabled but no sender allowlist is configured; this allows any group member to invoke /… commands` + (skillsEnabled ? " (including skill commands)." : "."),
|
|
592
|
+
remediation: "Approve yourself via pairing (recommended), or set channels.telegram.groupAllowFrom (or per-group groups.<id>.allowFrom)."
|
|
593
|
+
});
|
|
594
|
+
}
|
|
595
|
+
}
|
|
596
|
+
}
|
|
597
|
+
return dedupeFindings(findings);
|
|
598
|
+
}
|
|
599
|
+
//#endregion
|
|
600
|
+
//#region src/security/audit-channel.collect.runtime.ts
|
|
601
|
+
function collectChannelSecurityFindings(...args) {
|
|
602
|
+
return collectChannelSecurityFindings$1(...args);
|
|
603
|
+
}
|
|
604
|
+
//#endregion
|
|
605
|
+
export { collectChannelSecurityFindings };
|