@taewooopark/agent-blackbox 0.46.3 → 0.47.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/agent-blackbox.plugin.mjs +22 -1
  2. package/dist/cli.js +1030 -85
  3. package/dist/dashboard/assets/index-BZrEqjSE.js +12 -0
  4. package/dist/dashboard/index.html +1 -1
  5. package/package.json +1 -1
  6. package/dist/dashboard/assets/index-4DvMVgn8.js +0 -12
package/dist/agent-blackbox.plugin.mjs CHANGED
@@ -12,6 +12,7 @@ var traceHosts = [
12
12
  "hermes",
13
13
  "custom"
14
14
  ];
15
+ var agentRoles = ["primary", "subagent", "system", "unknown"];
15
16
  var traceEventKinds = [
16
17
  "session_created",
17
18
  "session_updated",
@@ -84,6 +85,7 @@ function createTraceEvent(seq, input) {
84
85
  ...input.cwd ? { cwd: input.cwd } : {},
85
86
  ...input.agentId ? { agentId: input.agentId } : {},
86
87
  ...input.agentRole ? { agentRole: input.agentRole } : {},
88
+ ...input.agentLabel ? { agentLabel: input.agentLabel } : {},
87
89
  ...input.turnId ? { turnId: input.turnId } : {},
88
90
  kind: input.kind,
89
91
  ...input.summary ? { summary: input.summary } : {},
@@ -115,6 +117,12 @@ function validateTraceEvent(event) {
115
117
  if (event.cwd !== void 0 && typeof event.cwd !== "string") {
116
118
  errors.push("cwd must be a string when present");
117
119
  }
120
+ optionalEnum(event, "agentRole", agentRoles, errors);
121
+ optionalString(event, "agentId", errors);
122
+ optionalString(event, "agentLabel", errors);
123
+ optionalString(event, "parentSessionId", errors);
124
+ optionalString(event, "turnId", errors);
125
+ optionalString(event, "summary", errors);
118
126
  requireEnum(event, "kind", traceEventKinds, errors);
119
127
  requireEnum(event, "sensitivity", dataSensitivities, errors);
120
128
  if (!isRecord(event.payload)) {
@@ -164,6 +172,16 @@ function requireEnum(value, key, allowed, errors) {
164
172
  errors.push(`${key} must be one of ${allowed.join(", ")}`);
165
173
  }
166
174
  }
175
+ function optionalString(value, key, errors) {
176
+ if (value[key] !== void 0 && typeof value[key] !== "string") {
177
+ errors.push(`${key} must be a string when present`);
178
+ }
179
+ }
180
+ function optionalEnum(value, key, allowed, errors) {
181
+ if (value[key] !== void 0 && (typeof value[key] !== "string" || !allowed.includes(value[key]))) {
182
+ errors.push(`${key} must be one of ${allowed.join(", ")} when present`);
183
+ }
184
+ }
167
185
 
168
186
  // packages/core/src/redaction.ts
169
187
  var defaultRedactionRules = [
@@ -184,7 +202,10 @@ var defaultRedactionRules = [
184
202
  },
185
203
  {
186
204
  name: "private-key",
187
- pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g,
205
+ // Tempered quantifier: the body cannot cross another BEGIN marker. Without it, a
206
+ // lone BEGIN with no END forces a scan to end-of-string from every BEGIN — O(n²)
207
+ // backtracking on untrusted tool output peppered with BEGIN markers (slow-path DoS).
208
+ pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----(?:(?!-----BEGIN )[\s\S])*?-----END [A-Z ]*PRIVATE KEY-----/g,
188
209
  replacement: "[REDACTED_PRIVATE_KEY]"
189
210
  }
190
211
  ];