@synkro-sh/cli 1.4.79 → 1.4.81

package/dist/bootstrap.js

@@ -2136,7 +2136,115 @@ import {
   localGradeCwe, parseVerdict, reconstructContent, readStdin, log,
   outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, filePathFromToolInput, dispatchFinding, dispatchCapture, GATEWAY_URL,
 } from './_synkro-common.ts';
-import { basename, extname } from 'node:path';
+import { basename, extname, resolve, join, dirname } from 'node:path';
+import { readFileSync, readdirSync, existsSync } from 'node:fs';
+
+
+interface PackageCapability {
+  name: string;
+  description: string;
+  capabilities: string[];
+  sourceExcerpt: string;
+}
+
+const JS_DANGEROUS_MODULES = new Set([
+  'child_process', 'net', 'dgram', 'http', 'https', 'fs', 'vm',
+  'worker_threads', 'cluster', 'dns', 'tls', 'crypto',
+]);
+
+const PY_DANGEROUS_MODULES = new Set([
+  'subprocess', 'os', 'socket', 'requests', 'urllib', 'ctypes',
+  'importlib', 'shutil', 'tempfile', 'webbrowser',
+]);
+
+function detectNewImports(toolName: string, toolInput: any, fileExt: string): string[] {
+  const newCode = toolName === 'Edit' || toolName === 'edit_file' || toolName === 'reapply'
+    ? (toolInput.new_string || '')
+    : toolName === 'ApplyPatch' || toolName === 'apply_patch'
+      ? (toolInput.patch || toolInput.content || toolInput.code_edit || '')
+    : toolName === 'MultiEdit'
+      ? (Array.isArray(toolInput.edits) ? toolInput.edits.map((e: any) => e?.new_string || '').join('\n') : '')
+    : (toolInput.content || toolInput.code_edit || '');
+
+  if (!newCode) return [];
+  const imports: string[] = [];
+
+  if (['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'].includes(fileExt)) {
+    const jsMatches = newCode.matchAll(/(?:from\s+['"]|require\s*\(\s*['"])([^./'"@][^'"]*|@[^'"]+)['"]/g);
+    for (const m of jsMatches) {
+      const pkg = m[1].startsWith('@') ? m[1].split('/').slice(0, 2).join('/') : m[1].split('/')[0];
+      if (pkg && !imports.includes(pkg)) imports.push(pkg);
+    }
+  } else if (['.py'].includes(fileExt)) {
+    const pyMatches = newCode.matchAll(/(?:^import\s+|^from\s+)([a-zA-Z_]\w*)/gm);
+    for (const m of pyMatches) {
+      if (m[1] && !imports.includes(m[1])) imports.push(m[1]);
+    }
+  }
+
+  return imports;
+}
+
+function scanPackageCapabilities(pkgName: string, cwd: string): PackageCapability | null {
+  const pkgDir = resolve(cwd, 'node_modules', pkgName);
+  if (!existsSync(pkgDir)) return null;
+
+  try {
+    const pkgJsonPath = join(pkgDir, 'package.json');
+    if (!existsSync(pkgJsonPath)) return null;
+    const pkgJson = JSON.parse(readFileSync(pkgJsonPath, 'utf-8'));
+
+    const capabilities: string[] = [];
+    const dangerousFiles: string[] = [];
+
+    function scanDir(dir: string, depth: number) {
+      if (depth > 3 || dangerousFiles.length >= 3) return;
+      let entries: string[];
+      try { entries = readdirSync(dir); } catch { return; }
+      for (const entry of entries) {
+        if (entry === 'node_modules' || entry.startsWith('.')) continue;
+        const full = join(dir, entry);
+        if (entry.endsWith('.js') || entry.endsWith('.mjs') || entry.endsWith('.cjs') || entry.endsWith('.ts')) {
+          try {
+            const src = readFileSync(full, 'utf-8').slice(0, 5000);
+            for (const mod of JS_DANGEROUS_MODULES) {
+              if (src.includes("'" + mod + "'") || src.includes('"' + mod + '"')) {
+                if (!capabilities.includes(mod)) capabilities.push(mod);
+                if (dangerousFiles.length < 3) {
+                  const short = full.replace(pkgDir + '/', '');
+                  const lines = src.split('\n').filter(l =>
+                    JS_DANGEROUS_MODULES.has(l.match(/require\s*\(\s*['"]([^'"]+)['"]\)/)?.[1] || '') ||
+                    JS_DANGEROUS_MODULES.has(l.match(/from\s+['"]([^'"]+)['"]/)?.[1] || '')
+                  ).slice(0, 5).join('\n');
+                  if (lines) dangerousFiles.push('--- ' + short + ' ---\n' + lines);
+                }
+                break;
+              }
+            }
+          } catch {}
+        } else {
+          try {
+            const stat = require('node:fs').statSync(full);
+            if (stat.isDirectory()) scanDir(full, depth + 1);
+          } catch {}
+        }
+      }
+    }
+
+    scanDir(pkgDir, 0);
+
+    if (capabilities.length === 0) return null;
+
+    return {
+      name: pkgName,
+      description: pkgJson.description || '',
+      capabilities,
+      sourceExcerpt: dangerousFiles.join('\n'),
+    };
+  } catch {
+    return null;
+  }
+}
 
 async function main() {
   setupCursorHookSignals();
@@ -2222,6 +2330,18 @@ async function main() {
         return;
       }
 
+      let localPkgContext = '';
+      if (cwd) {
+        const newImports = detectNewImports(toolName, toolInput, fileExt);
+        const caps = newImports.slice(0, 5)
+          .map(pkg => scanPackageCapabilities(pkg, cwd))
+          .filter((c): c is PackageCapability => c !== null);
+        if (caps.length > 0) {
+          localPkgContext = '\n\nImported packages with notable capabilities:\n' +
+            caps.map(c => '- ' + c.name + ' (claims: "' + c.description + '")\n  Capabilities: ' + c.capabilities.join(', ') + '\n' + c.sourceExcerpt).join('\n');
+        }
+      }
+
       const graderPrompt = [
         'File: ' + filePath,
         'Content:',
@@ -2229,7 +2349,7 @@ async function main() {
         '',
         'CWE rules to check against:',
         JSON.stringify(cweRules),
-      ].join('\n');
+      ].join('\n') + localPkgContext;
 
       let gradeResp: string;
       try {
@@ -2314,18 +2434,104 @@ async function main() {
         status: 'resolved',
       }, config.captureDepth);
 
-      dispatchCapture(jwt, 'cwe', 'pass', 'audit', 'clean',
+      const cleanMsg = cweTag + ' ' + fileShort + ' \u2192 clean' + (verdict.reason ? ' (' + verdict.reason + ')' : '');
+      outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
+      return;
+    }
+
+    // Cloud path \u2014 thin client, all grading logic server-side
+    // Detect imports and scan capabilities for cloud grading
+      let packageContext: PackageCapability[] | undefined;
+      if (cwd) {
+        const newImports = detectNewImports(toolName, toolInput, fileExt);
+        if (newImports.length > 0) {
+          const caps = newImports
+            .slice(0, 5)
+            .map(pkg => scanPackageCapabilities(pkg, cwd))
+            .filter((c): c is PackageCapability => c !== null);
+          if (caps.length > 0) packageContext = caps;
+        }
+      }
+      const scanBody: any = { file_path: filePath, content: cweContent };
+      if (packageContext) scanBody.package_context = packageContext.map(c => ({
+        name: c.name, description: c.description, capabilities: c.capabilities, source_excerpt: c.sourceExcerpt,
+      }));
+    let cweResp: any;
+    try {
+      const resp = await fetch(GATEWAY_URL + '/api/v1/cwe-scan', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+        body: JSON.stringify(scanBody),
+        signal: AbortSignal.timeout(12000),
+      });
+      cweResp = await resp.json();
+    } catch {
+      outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 cloud grader timeout, skipped' });
+      return;
+    }
+
+    const findings = Array.isArray(cweResp?.findings) ? cweResp.findings : [];
+    if (cweResp?.action === 'deny' && findings.length > 0) {
+      const activeCweIds = findings
+        .filter((f: any) => f.mode === 'blocking')
+        .map((f: any) => f.cwe)
+        .filter((id: string) => !exemptedCwes.has(id.toUpperCase()));
+
+      if (activeCweIds.length === 0) {
+        outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 clean (exempted)' });
+        return;
+      }
+
+      const displayIds = activeCweIds.slice(0, 3).join(', ');
+      const count = activeCweIds.length;
+      const label = count === 1 ? 'match' : 'matches';
+      const cweMsg = cweTag + ' ' + fileShort + ' \u2192 ' + count + ' CWE ' + label + ' (' + displayIds + ')';
+
+      const fixLines = findings
+        .filter((f: any) => activeCweIds.includes(f.cwe) && f.suggested_fix)
+        .map((f: any) => '[' + f.cwe + '] Fix: ' + f.suggested_fix);
+      const fixHint = fixLines.length > 0 ? '\n' + fixLines.join('\n') : '';
+      const denyDetail = '[' + displayIds + '] ' + (findings[0]?.reason || 'code weakness detected');
+      const ctx = 'CWE: ' + denyDetail + fixHint + '\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 resolve the weakness in code yourself.';
+
+      for (const cweId of activeCweIds) {
+        const f = findings.find((x: any) => x.cwe === cweId);
+        dispatchFinding(jwt, {
+          session_id: sessionId,
+          file_path: filePath,
+          finding_type: 'cwe',
+          finding_id: cweId,
+          severity: f?.severity || 'high',
+          status: 'open',
+          detail: f?.reason || 'code weakness detected',
+          cwe_name: f?.name || undefined,
+        }, config.captureDepth);
+      }
+
+      dispatchCapture(jwt, 'cwe', 'block', findings[0]?.severity || 'high', 'security',
         toolName, gitRepo, sessionId, config.captureDepth, {
           command: 'edit ' + filePath,
-          reasoning: verdict.reason || 'no CWE weaknesses detected',
+          reasoning: denyDetail,
+          violatedRules: activeCweIds,
         });
 
-      const cleanMsg = cweTag + ' ' + fileShort + ' \u2192 clean' + (verdict.reason ? ' (' + verdict.reason + ')' : '');
-      outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
+      outputJson({
+        systemMessage: cweMsg,
+        hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
+      });
       return;
     }
 
-    outputEmpty();
+    dispatchFinding(jwt, {
+      session_id: sessionId,
+      file_path: filePath,
+      finding_type: 'cwe',
+      finding_id: 'pass',
+      status: 'resolved',
+    }, config.captureDepth);
+
+    const cleanMsg = cweTag + ' ' + fileShort + ' \u2192 clean' + (cweResp?.summary ? ' (cloud)' : '');
+    outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
   } catch (err) {
     process.stderr.write('[synkro] cweGuard error: ' + String(err) + '\n');
     outputEmpty();
@@ -2501,77 +2707,6 @@ import {
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
 
-const TOP_NPM_PKGS = new Set([
-  'express','react','lodash','chalk','commander','debug','dotenv','webpack',
-  'typescript','moment','uuid','cors','body-parser','mongoose','jsonwebtoken','bcrypt',
-  'nodemon','eslint','prettier','jest','mocha','chai','sinon','supertest','request',
-  'async','bluebird','underscore','ramda','rxjs','socket.io','redis','pg','mysql',
-  'sequelize','knex','prisma','next','nuxt','vue','svelte','angular','ember',
-  'react-dom','react-router','react-redux','redux','mobx','formik','yup','zod',
-  'ajv','joi','helmet','morgan','passport','cookie-parser','express-session',
-  'multer','sharp','jimp','puppeteer','playwright','cheerio','got','node-fetch',
-  'superagent','inquirer','ora','yargs','minimist','glob','rimraf','mkdirp',
-  'fs-extra','chokidar','ws','graphql','apollo-server','fastify','koa','hapi',
-  'nest','drizzle-orm','typeorm','mikro-orm','bull','bullmq','ioredis','kafkajs',
-  'amqplib','nodemailer','handlebars','ejs','pug','marked','highlight.js',
-  'dayjs','date-fns','luxon','nanoid','cuid','short-uuid','colors','picocolors',
-  'winston','pino','bunyan','semver','tar','archiver','unzipper','crypto-js',
-  'bcryptjs','argon2','jose','openai','anthropic','langchain','tensorflow',
-  'onnxruntime-node','sharp','canvas','three','d3','chart.js','echarts',
-  'tailwindcss','postcss','autoprefixer','sass','less','styled-components',
-  'emotion','framer-motion','gsap','lottie-web','swiper','i18next',
-]);
-
-const TOP_PYPI_PKGS = new Set([
-  'requests','flask','django','numpy','pandas','scipy','matplotlib','scikit-learn',
-  'tensorflow','torch','pytorch','keras','fastapi','uvicorn','gunicorn','celery',
-  'redis','sqlalchemy','alembic','pydantic','httpx','aiohttp','beautifulsoup4',
-  'scrapy','selenium','playwright','pillow','opencv-python','boto3','awscli',
-  'google-cloud-storage','azure-storage-blob','psycopg2','pymongo','motor',
-  'pytest','unittest2','mock','coverage','tox','black','flake8','mypy','ruff',
-  'isort','pylint','bandit','cryptography','paramiko','fabric','click','typer',
-  'rich','colorama','tqdm','loguru','python-dotenv','pyyaml','toml','orjson',
-  'ujson','marshmallow','attrs','dataclasses-json','jinja2','mako','arrow',
-  'pendulum','dateutil','pytz','regex','chardet','charset-normalizer',
-  'langchain','openai','anthropic','transformers','huggingface-hub','tokenizers',
-  'gradio','streamlit','dash','plotly','seaborn','bokeh','altair',
-]);
-
-function levenshtein(a: string, b: string): number {
-  const m = a.length, n = b.length;
-  if (Math.abs(m - n) > 2) return 3;
-  const dp: number[][] = Array.from({ length: m + 1 }, (_, i) => {
-    const row = new Array(n + 1).fill(0);
-    row[0] = i;
-    return row;
-  });
-  for (let j = 1; j <= n; j++) dp[0][j] = j;
-  for (let i = 1; i <= m; i++) {
-    for (let j = 1; j <= n; j++) {
-      dp[i][j] = a[i - 1] === b[j - 1]
-        ? dp[i - 1][j - 1]
-        : 1 + Math.min(dp[i - 1][j], dp[i][j - 1], dp[i - 1][j - 1]);
-    }
-  }
-  return dp[m][n];
-}
-
-function checkTyposquat(pkg: string, isPip: boolean): string | null {
-  const topPkgs = isPip ? TOP_PYPI_PKGS : TOP_NPM_PKGS;
-  if (topPkgs.has(pkg)) return null;
-  const pkgLower = pkg.toLowerCase();
-  for (const known of topPkgs) {
-    const dist = levenshtein(pkgLower, known);
-    if (dist > 0 && dist <= 2) return known;
-  }
-  return null;
-}
-
-interface PkgMeta {
-  deprecated?: string;
-  weeklyDownloads?: number;
-}
-
 async function main() {
   setupCursorHookSignals();
   try {
@@ -2615,21 +2750,17 @@ async function main() {
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
 
-    // \u2500\u2500\u2500 Install protection: CVE + typosquat + deprecated + popularity \u2500\u2500\u2500
+    // \u2500\u2500\u2500 Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) \u2500\u2500\u2500
     let installScanMsg = '';
     if (toolName === 'Bash') {
       const pkgInstallMatch = command.match(
-        /(?:npm\\s+(?:install|i|add)|pnpm\\s+(?:add|install|i)|yarn\\s+add|bun\\s+(?:add|install|i)|(?:uv\\s+)?pip3?\\s+install|go\\s+get|cargo\\s+add|gem\\s+install|composer\\s+require)\\s+([^|;&><]+)/
+        /^(?:.*&&s*|.*;s*)?(?:npms+(?:install|i|add)|pnpms+(?:add|install|i)|yarns+add|buns+(?:add|install|i)|(?:uvs+)?pip3?s+install|gos+get|cargos+add|gems+install|composers+require)s+([^|;&><]+)/
       );
-      const isPip = /(?:uv\\s+)?pip3?\\s+install/.test(command);
-      const isGo = command.match(/^go\\s+get/);
-      const isCargo = command.match(/^cargo\\s+add/);
-      const isGem = command.match(/^gem\\s+install/);
-      const isComposer = command.match(/^composer\\s+require/);
+      const isPip = /(?:uvs+)?pip3?s+install/.test(command);
       if (pkgInstallMatch) {
         const rawArgs = pkgInstallMatch[1];
-        const deps: Record<string, string> = {};
-        const tokens = rawArgs.split(/\\s+/);
+        const packages: Array<{ name: string; version: string; ecosystem: string }> = [];
+        const tokens = rawArgs.split(/s+/);
         let skipNext = false;
         for (const token of tokens) {
           if (skipNext) { skipNext = false; continue; }
@@ -2638,164 +2769,88 @@ async function main() {
             if (/^--(python|target|prefix|root|constraint|requirement|index-url|extra-index-url|find-links|build|src|cache-dir|filter|workspace)$/.test(token)) skipNext = true;
             continue;
           }
+          const ecosystem = isPip ? 'PyPI' : 'npm';
           if (isPip) {
             const pipMatch = token.match(/^([a-zA-Z0-9_.-]+)(?:[=~!<>]=?(.+))?$/);
             if (pipMatch) {
-              deps[pipMatch[1]] = pipMatch[2]?.replace(/^=/, '') || '*';
+              packages.push({ name: pipMatch[1], version: pipMatch[2]?.replace(/^=/, '') || '*', ecosystem });
               continue;
             }
           }
           const atIdx = token.lastIndexOf('@');
           if (atIdx > 0) {
-            deps[token.slice(0, atIdx)] = token.slice(atIdx + 1);
+            packages.push({ name: token.slice(0, atIdx), version: token.slice(atIdx + 1), ecosystem });
           } else {
-            deps[token] = '*';
+            packages.push({ name: token, version: '*', ecosystem });
           }
         }
 
-        if (Object.keys(deps).length > 0) {
-          const warnings: string[] = [];
-          const pkgMeta: Record<string, PkgMeta> = {};
-
-          const metaLookups = Object.keys(deps).map(async (pkg) => {
-            try {
-              if (isPip) {
-                const r = await fetch('https://pypi.org/pypi/' + encodeURIComponent(pkg) + '/json', { signal: AbortSignal.timeout(4000) });
-                if (r.ok) {
-                  const d = await r.json() as any;
-                  if (deps[pkg] === '*' && d?.info?.version) deps[pkg] = d.info.version;
-                  const classifiers: string[] = d?.info?.classifiers || [];
-                  const isInactive = classifiers.some((c: string) => /Development Status :: [67]/.test(c));
-                  if (isInactive) pkgMeta[pkg] = { ...pkgMeta[pkg], deprecated: 'package marked as inactive/obsolete' };
-                  if (d?.info?.yanked) pkgMeta[pkg] = { ...pkgMeta[pkg], deprecated: d.info.yanked_reason || 'yanked from PyPI' };
-                } else if (r.status === 404) {
-                  warnings.push('\\u26a0 ' + pkg + ': package not found on PyPI \\u2014 may not exist');
-                }
-              } else {
-                const verSlug = deps[pkg] !== '*' ? deps[pkg] : 'latest';
-                const [metaResp, dlResp] = await Promise.all([
-                  fetch('https://registry.npmjs.org/' + encodeURIComponent(pkg) + '/' + verSlug, { signal: AbortSignal.timeout(4000) }),
-                  fetch('https://api.npmjs.org/downloads/point/last-week/' + encodeURIComponent(pkg), { signal: AbortSignal.timeout(4000) }),
-                ]);
-                if (metaResp.ok) {
-                  const d = await metaResp.json() as any;
-                  if (deps[pkg] === '*' && d?.version) deps[pkg] = d.version;
-                  if (d?.deprecated) pkgMeta[pkg] = { ...pkgMeta[pkg], deprecated: d.deprecated };
-                } else if (metaResp.status === 404) {
-                  warnings.push('\\u26a0 ' + pkg + ': package not found on npm \\u2014 may not exist');
-                }
-                if (dlResp.ok) {
-                  const d = await dlResp.json() as any;
-                  if (typeof d?.downloads === 'number') pkgMeta[pkg] = { ...pkgMeta[pkg], weeklyDownloads: d.downloads };
-                }
-              }
-            } catch {}
-          });
-          await Promise.all(metaLookups);
-
-          for (const pkg of Object.keys(deps)) {
-            const similar = checkTyposquat(pkg, isPip);
-            if (similar) {
-              const dl = pkgMeta[pkg]?.weeklyDownloads;
-              if (dl === undefined || dl < 1000) {
-                warnings.push('\\u26a0 ' + pkg + ': possible typosquat of "' + similar + '"' + (dl !== undefined ? ' (' + dl + ' weekly downloads)' : '') + ' \\u2014 verify package name');
-              }
-            }
-          }
-
-          for (const [pkg, meta] of Object.entries(pkgMeta)) {
-            if (meta.deprecated) {
-              warnings.push('\\u26a0 ' + pkg + ': deprecated \\u2014 ' + meta.deprecated);
-            }
-          }
-
-          if (!isPip) {
-            for (const [pkg, meta] of Object.entries(pkgMeta)) {
-              if (meta.weeklyDownloads !== undefined && meta.weeklyDownloads < 50 && !warnings.some(w => w.includes(pkg))) {
-                warnings.push('\\u26a0 ' + pkg + ': very low adoption (' + meta.weeklyDownloads + ' weekly downloads) \\u2014 consider a more established alternative');
-              }
-            }
-          }
-
-          const manifestFile = isPip ? 'requirements.txt'
-            : isGo ? 'go.mod'
-            : isCargo ? 'Cargo.toml'
-            : isGem ? 'Gemfile'
-            : isComposer ? 'composer.json'
-            : 'package.json';
-          const manifestContent = isPip
-            ? Object.entries(deps).map(([k, v]) => v === '*' ? k : k + '==' + v).join('\\n')
-            : JSON.stringify({ dependencies: deps });
-
+        if (packages.length > 0) {
           try {
-            const cveBody = { file_path: manifestFile, content: manifestContent, dependencies: deps };
-            const cveResp = await fetch(GATEWAY_URL + '/api/v1/cve-scan', {
+            const scanResp = await fetch(GATEWAY_URL + '/api/v1/pkg-scan', {
               method: 'POST',
               headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
-              body: JSON.stringify(cveBody),
-              signal: AbortSignal.timeout(8000),
+              body: JSON.stringify({ packages, command }),
+              signal: AbortSignal.timeout(15000),
             }).then(r => r.json()) as any;
 
-            const findings = Array.isArray(cveResp?.findings) ? cveResp.findings : [];
-            const scannedPkgs = Object.entries(deps).map(([k, v]) => k + '@' + v).join(', ');
-
-            if (findings.length > 0) {
-              const top3 = findings.slice(0, 3).map((f: any) => {
-                const id = f.cve || f.id || '?';
-                const pkg = f.package || '?';
-                const ver = f.version || '?';
-                const title = f.title || f.summary || 'vulnerable';
-                return '[' + id + '] ' + pkg + '@' + ver + ': ' + title;
-              }).join('; ');
-              const count = findings.length;
-              const label = count === 1 ? 'advisory' : 'advisories';
-              const cveMsg = '[synkro:installScan] ' + cmdShort + ' \\u2192 ' + count + ' ' + label;
-              const ctx = 'CVE: ' + top3 + '\\nDo NOT install packages with known vulnerabilities. Use a patched version or a different package.'
-                + (warnings.length > 0 ? '\\n' + warnings.join('\\n') : '');
+            const action = scanResp?.action || 'allow';
+            const pkgResults = Array.isArray(scanResp?.packages) ? scanResp.packages : [];
+            const summary = scanResp?.summary || '';
+
+            if (action === 'block') {
+              const blockSignals = pkgResults
+                .flatMap((p: any) => (p.signals || []).filter((s: any) => s.severity === 'critical' || s.severity === 'high'))
+                .slice(0, 5);
+              const scanMsg = '[synkro:installScan] ' + cmdShort + ' \u2192 blocked';
+              const details = blockSignals.map((s: any) => s.detail).join('
+');
+              const ctx = details + '
+Do NOT install packages with security risks. Use a patched version or a different package.';
 
               const config = await loadConfig(jwt);
-              for (const f of findings) {
-                dispatchFinding(jwt, {
-                  session_id: sessionId,
-                  file_path: command,
-                  finding_type: 'cve',
-                  finding_id: f.cve || f.id || f.package,
-                  severity: typeof f.severity === 'number' ? (f.severity >= 9 ? 'critical' : f.severity >= 7 ? 'high' : f.severity >= 4 ? 'medium' : 'low') : (f.severity || 'medium'),
-                  status: 'open',
-                  detail: f.details || f.summary || null,
-                  description: f.summary || null,
-                  package_name: f.package || null,
-                  package_version: f.version || null,
-                  fixed_version: f.fixed || null,
-                  aliases: f.aliases || [],
-                  references: f.references || [],
-                }, config.captureDepth);
+              for (const p of pkgResults) {
+                for (const s of (p.signals || [])) {
+                  if (s.severity === 'critical' || s.severity === 'high') {
+                    dispatchFinding(jwt, {
+                      session_id: sessionId,
+                      file_path: command,
+                      finding_type: s.type === 'cve' ? 'cve' : 'pkg',
+                      finding_id: s.type + ':' + p.name,
+                      severity: s.severity,
+                      status: 'open',
+                      detail: s.detail,
+                      package_name: p.name,
+                      package_version: p.version,
+                    }, config.captureDepth);
+                  }
+                }
               }
 
-              const cveIds = findings.map((f: any) => f.cve || f.id || f.package);
-              dispatchCapture(jwt, 'cve', 'block', 'critical', 'security',
+              const violatedIds = blockSignals.map((s: any) => s.type + ':' + s.detail.slice(0, 40));
+              dispatchCapture(jwt, 'pkg', 'block', 'critical', 'security',
                 'Bash', gitRepo, sessionId, config.captureDepth, {
                   command,
-                  reasoning: top3,
-                  violatedRules: cveIds,
+                  reasoning: details.slice(0, 200),
+                  violatedRules: violatedIds,
                   ccModel: transcript.ccModel,
                 });
 
               outputJson({
-                systemMessage: cveMsg,
+                systemMessage: scanMsg,
                 hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
               });
               return;
             }
 
-            const parts: string[] = ['[synkro:installScan] ' + scannedPkgs + ' \\u2192 clean, no known vulnerabilities'];
-            if (warnings.length > 0) parts.push(...warnings);
-            installScanMsg = parts.join('\\n');
-          } catch (e) {
-            log('bashGuard install scan failed: ' + String(e));
-            if (warnings.length > 0) {
-              installScanMsg = '[synkro:installScan] ' + warnings.join('\\n');
+            if (action === 'warn') {
+              installScanMsg = '[synkro:installScan] ' + summary;
+            } else {
+              const scannedPkgs = packages.map(p => p.name + '@' + p.version).join(', ');
+              installScanMsg = '[synkro:installScan] ' + scannedPkgs + ' \u2192 clean';
             }
+          } catch (e) {
+            log('bashGuard pkg-scan failed: ' + String(e));
           }
         }
       }
@@ -6342,7 +6397,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.4.79")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.4.81")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -6598,10 +6653,13 @@ async function startLocalMcpServer() {
       console.log("  Restarting local MCP server to pick up new credentials...");
       try {
         const { execSync: execSync7 } = await import("child_process");
+        const selfPid = process.pid;
         const pids = execSync7(`lsof -ti :${MCP_LOCAL_PORT}`, { encoding: "utf-8" }).trim();
         for (const pid of pids.split("\n").filter(Boolean)) {
+          const n = parseInt(pid, 10);
+          if (n === selfPid) continue;
           try {
-            process.kill(parseInt(pid, 10), "SIGTERM");
+            process.kill(n, "SIGTERM");
           } catch {
           }
         }