@triedotdev/mcp 1.0.94 → 1.0.97

package/dist/chunk-IFGF33R5.js

@@ -1,279 +0,0 @@
-import {
-  getTrieDirectory,
-  getWorkingDirectory
-} from "./chunk-WT3XQCG2.js";
-
-// src/utils/command-runner.ts
-import { exec, execFile, execSync } from "child_process";
-import { promisify } from "util";
-
-// src/skills/audit-logger.ts
-import { writeFile, mkdir, readdir, readFile } from "fs/promises";
-import { join } from "path";
-async function logSkillExecution(execution) {
-  const workDir = getWorkingDirectory(void 0, true);
-  const auditDir = join(getTrieDirectory(workDir), "audit");
-  await mkdir(auditDir, { recursive: true });
-  const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
-  const safeSkillName = execution.skillName.replace(/[^a-z0-9-]/gi, "_");
-  const filename = `${timestamp}_${safeSkillName}.json`;
-  const filepath = join(auditDir, filename);
-  if (!execution.endTime) {
-    execution.endTime = Date.now();
-  }
-  if (!execution.duration) {
-    execution.duration = execution.endTime - execution.startTime;
-  }
-  await writeFile(filepath, JSON.stringify(execution, null, 2), "utf-8");
-}
-function createAuditEntry(skillName, skillSource, triggeredBy, targetPath) {
-  return {
-    skillName,
-    skillSource,
-    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-    startTime: Date.now(),
-    success: false,
-    triggeredBy,
-    targetPath,
-    commands: [],
-    networkCalls: [],
-    filesAccessed: [],
-    filesModified: []
-  };
-}
-function completeAuditEntry(entry, success, error) {
-  const base = {
-    ...entry,
-    success,
-    endTime: Date.now(),
-    duration: Date.now() - entry.startTime
-  };
-  return error ? { ...base, error } : base;
-}
-async function getRecentAuditLogs(limit = 10) {
-  const workDir = getWorkingDirectory(void 0, true);
-  const auditDir = join(getTrieDirectory(workDir), "audit");
-  try {
-    const files = await readdir(auditDir);
-    const sorted = files.filter((f) => f.endsWith(".json")).sort().reverse().slice(0, limit);
-    const logs = [];
-    for (const file of sorted) {
-      try {
-        const content = await readFile(join(auditDir, file), "utf-8");
-        logs.push(JSON.parse(content));
-      } catch {
-      }
-    }
-    return logs;
-  } catch {
-    return [];
-  }
-}
-async function getSkillAuditLogs(skillName) {
-  const workDir = getWorkingDirectory(void 0, true);
-  const auditDir = join(getTrieDirectory(workDir), "audit");
-  const safeSkillName = skillName.replace(/[^a-z0-9-]/gi, "_");
-  try {
-    const files = await readdir(auditDir);
-    const skillFiles = files.filter(
-      (f) => f.includes(`_${safeSkillName}.json`)
-    );
-    const logs = [];
-    for (const file of skillFiles) {
-      try {
-        const content = await readFile(join(auditDir, file), "utf-8");
-        logs.push(JSON.parse(content));
-      } catch {
-      }
-    }
-    return logs.sort(
-      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
-    );
-  } catch {
-    return [];
-  }
-}
-async function getAuditStatistics() {
-  const logs = await getRecentAuditLogs(1e3);
-  const skills = /* @__PURE__ */ new Set();
-  let totalCommands = 0;
-  let totalNetworkCalls = 0;
-  let blockedCommands = 0;
-  let blockedNetworkCalls = 0;
-  for (const log of logs) {
-    skills.add(log.skillName);
-    totalCommands += log.commands?.length ?? 0;
-    totalNetworkCalls += log.networkCalls?.length ?? 0;
-    blockedCommands += log.commands?.filter((c) => c.blockedBy).length ?? 0;
-    blockedNetworkCalls += log.networkCalls?.filter((c) => c.blocked).length ?? 0;
-  }
-  return {
-    totalExecutions: logs.length,
-    successfulExecutions: logs.filter((l) => l.success).length,
-    failedExecutions: logs.filter((l) => !l.success).length,
-    uniqueSkills: skills.size,
-    totalCommands,
-    totalNetworkCalls,
-    blockedCommands,
-    blockedNetworkCalls
-  };
-}
-function formatAuditLog(log) {
-  const lines = [];
-  const status = log.success ? "\u2705" : "\u274C";
-  const duration = log.duration ? `${log.duration}ms` : "unknown";
-  lines.push(`${status} ${log.skillName} (${duration})`);
-  lines.push(`   Time: ${new Date(log.timestamp).toLocaleString()}`);
-  lines.push(`   Triggered by: ${log.triggeredBy}`);
-  lines.push(`   Target: ${log.targetPath}`);
-  if (log.commands && log.commands.length > 0) {
-    lines.push(`   Commands executed: ${log.commands.length}`);
-    const blocked = log.commands.filter((c) => c.blockedBy).length;
-    if (blocked > 0) {
-      lines.push(`   \u26A0\uFE0F  Commands blocked: ${blocked}`);
-    }
-  }
-  if (log.networkCalls && log.networkCalls.length > 0) {
-    lines.push(`   Network calls: ${log.networkCalls.length}`);
-    const blocked = log.networkCalls.filter((c) => c.blocked).length;
-    if (blocked > 0) {
-      lines.push(`   \u26A0\uFE0F  Network calls blocked: ${blocked}`);
-    }
-  }
-  if (log.error) {
-    lines.push(`   Error: ${log.error}`);
-  }
-  return lines.join("\n");
-}
-
-// src/utils/command-runner.ts
-var execAsync = promisify(exec);
-var execFileAsync = promisify(execFile);
-function redact(text) {
-  return text.replace(/\b(AWS|ANTHROPIC|OPENAI|GITHUB)_[A-Z0-9_]*\s*=\s*([^\s"'`]+)/gi, "$1_<REDACTED>=<REDACTED>").replace(/\bBearer\s+[A-Za-z0-9\-._~+/]+=*\b/g, "Bearer <REDACTED>").replace(/\bghp_[A-Za-z0-9]{20,}\b/g, "ghp_<REDACTED>").replace(/\b(?:xox[baprs]-)[A-Za-z0-9-]{10,}\b/g, "<REDACTED_SLACK_TOKEN>").replace(/\bAKIA[0-9A-Z]{16}\b/g, "AKIA<REDACTED>");
-}
-function clampOutput(text, maxChars) {
-  if (text.length <= maxChars) return text;
-  return text.slice(0, maxChars) + `
-\u2026(truncated ${text.length - maxChars} chars)`;
-}
-function buildCommandRecord(command) {
-  return {
-    command,
-    timestamp: (/* @__PURE__ */ new Date()).toISOString()
-  };
-}
-async function finalizeAndWrite(entry, cmd, outcome, options) {
-  const duration = Date.now() - outcome.startedAt;
-  cmd.duration = duration;
-  if (outcome.exitCode !== void 0) {
-    cmd.exitCode = outcome.exitCode;
-  }
-  const captureOutput = options?.captureOutput ?? false;
-  const redactOutput = options?.redactOutput ?? true;
-  const maxOutputChars = options?.maxOutputChars ?? 2e3;
-  if (captureOutput) {
-    const out = outcome.stdout ?? "";
-    const err = outcome.stderr ?? "";
-    cmd.stdout = redactOutput ? redact(clampOutput(out, maxOutputChars)) : clampOutput(out, maxOutputChars);
-    cmd.stderr = redactOutput ? redact(clampOutput(err, maxOutputChars)) : clampOutput(err, maxOutputChars);
-  }
-  const completed = completeAuditEntry(entry, outcome.success, outcome.error);
-  await logSkillExecution(completed);
-}
-async function runShellCommand(command, audit, options) {
-  const startedAt = Date.now();
-  const entry = createAuditEntry(audit.actor, audit.source ?? "trie", audit.triggeredBy, audit.targetPath);
-  const cmd = buildCommandRecord(command);
-  entry.commands?.push(cmd);
-  try {
-    const { stdout, stderr } = await execAsync(command, {
-      cwd: options?.cwd,
-      timeout: options?.timeoutMs,
-      maxBuffer: options?.maxBuffer
-    });
-    await finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout, stderr, startedAt }, options);
-    return { stdout: stdout ?? "", stderr: stderr ?? "", exitCode: 0 };
-  } catch (e) {
-    const err = e;
-    const stdout = typeof err.stdout === "string" ? err.stdout : "";
-    const stderr = typeof err.stderr === "string" ? err.stderr : "";
-    const exitCode = typeof err.code === "number" ? err.code : 1;
-    await finalizeAndWrite(
-      entry,
-      cmd,
-      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },
-      // Capture output for failures by default (so audits are useful)
-      { ...options, captureOutput: options?.captureOutput ?? true }
-    );
-    return { stdout, stderr, exitCode };
-  }
-}
-function runShellCommandSync(command, audit, options) {
-  const startedAt = Date.now();
-  const entry = createAuditEntry(audit.actor, audit.source ?? "trie", audit.triggeredBy, audit.targetPath);
-  const cmd = buildCommandRecord(command);
-  entry.commands?.push(cmd);
-  try {
-    const stdout = execSync(command, {
-      cwd: options?.cwd,
-      timeout: options?.timeoutMs,
-      maxBuffer: options?.maxBuffer,
-      encoding: "utf-8",
-      stdio: ["pipe", "pipe", "pipe"]
-    });
-    void finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout, stderr: "", startedAt }, options);
-    return { stdout: stdout ?? "", exitCode: 0 };
-  } catch (e) {
-    const err = e;
-    const stdout = typeof err.stdout === "string" ? err.stdout : "";
-    const stderr = typeof err.stderr === "string" ? err.stderr : "";
-    const exitCode = typeof err.status === "number" ? err.status : 1;
-    void finalizeAndWrite(
-      entry,
-      cmd,
-      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },
-      { ...options, captureOutput: options?.captureOutput ?? true }
-    );
-    return { stdout, exitCode };
-  }
-}
-async function runExecFile(file, args, audit, options) {
-  const startedAt = Date.now();
-  const command = [file, ...args].join(" ");
-  const entry = createAuditEntry(audit.actor, audit.source ?? "trie", audit.triggeredBy, audit.targetPath);
-  const cmd = buildCommandRecord(command);
-  entry.commands?.push(cmd);
-  try {
-    const { stdout, stderr } = await execFileAsync(file, args, {
-      cwd: options?.cwd,
-      timeout: options?.timeoutMs,
-      maxBuffer: options?.maxBuffer
-    });
-    await finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout: String(stdout ?? ""), stderr: String(stderr ?? ""), startedAt }, options);
-    return { stdout: String(stdout ?? ""), stderr: String(stderr ?? ""), exitCode: 0 };
-  } catch (e) {
-    const err = e;
-    const stdout = typeof err.stdout === "string" ? err.stdout : "";
-    const stderr = typeof err.stderr === "string" ? err.stderr : "";
-    const exitCode = typeof err.code === "number" ? err.code : 1;
-    await finalizeAndWrite(
-      entry,
-      cmd,
-      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },
-      { ...options, captureOutput: options?.captureOutput ?? true }
-    );
-    return { stdout, stderr, exitCode };
-  }
-}
-
-export {
-  getRecentAuditLogs,
-  getSkillAuditLogs,
-  getAuditStatistics,
-  formatAuditLog,
-  runShellCommand,
-  runShellCommandSync,
-  runExecFile
-};
-//# sourceMappingURL=chunk-IFGF33R5.js.map

package/dist/chunk-IFGF33R5.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/utils/command-runner.ts","../src/skills/audit-logger.ts"],"sourcesContent":["/**\n * Command Runner (with audit logging)\n *\n * Goal: Whenever Trie runs a shell command, record:\n * - command string\n * - exit code\n * - duration\n * - optional (redacted) stdout/stderr\n */\nimport { exec, execFile, execSync, type ExecException } from 'node:child_process';\nimport { promisify } from 'node:util';\n\nimport {\n  createAuditEntry,\n  completeAuditEntry,\n  logSkillExecution,\n  type ExecutedCommand,\n  type SkillExecution,\n} from '../skills/audit-logger.js';\n\nconst execAsync = promisify(exec);\nconst execFileAsync = promisify(execFile);\n\nexport type AuditTriggeredBy = SkillExecution['triggeredBy'];\n\nexport interface CommandAuditContext {\n  /** Shown as `skillName` in audit logs; use something like `tool:pr-review` */\n  actor: string;\n  /** Where this came from in the product flow */\n  triggeredBy: AuditTriggeredBy;\n  /** Usually the working directory / repo path */\n  targetPath: string;\n  /** Optional string for `skillSource` */\n  source?: string;\n}\n\nexport interface RunCommandOptions {\n  cwd?: string;\n  timeoutMs?: number;\n  maxBuffer?: number;\n\n  /** Capture stdout/stderr in the audit log */\n  captureOutput?: boolean;\n  /** Redact obvious secrets from captured output */\n  redactOutput?: boolean;\n  /** Max chars to keep per output stream */\n  maxOutputChars?: number;\n}\n\nfunction redact(text: string): string {\n  // Keep this conservative to avoid false redaction and avoid expensive processing.\n  return text\n    // Common key=value secrets\n    .replace(/\\b(AWS|ANTHROPIC|OPENAI|GITHUB)_[A-Z0-9_]*\\s*=\\s*([^\\s\"'`]+)/gi, '$1_<REDACTED>=<REDACTED>')\n    // Bearer tokens\n    .replace(/\\bBearer\\s+[A-Za-z0-9\\-._~+/]+=*\\b/g, 'Bearer <REDACTED>')\n    // GitHub tokens / generic tokens\n    .replace(/\\bghp_[A-Za-z0-9]{20,}\\b/g, 'ghp_<REDACTED>')\n    .replace(/\\b(?:xox[baprs]-)[A-Za-z0-9-]{10,}\\b/g, '<REDACTED_SLACK_TOKEN>')\n    // AWS access key id (best-effort)\n    .replace(/\\bAKIA[0-9A-Z]{16}\\b/g, 'AKIA<REDACTED>');\n}\n\nfunction clampOutput(text: string, maxChars: number): string {\n  if (text.length <= maxChars) return text;\n  return text.slice(0, maxChars) + `\\n…(truncated ${text.length - maxChars} chars)`;\n}\n\nfunction buildCommandRecord(command: string): ExecutedCommand {\n  return {\n    command,\n    timestamp: new Date().toISOString(),\n  };\n}\n\nasync function finalizeAndWrite(\n  entry: SkillExecution,\n  cmd: ExecutedCommand,\n  outcome: { success: boolean; exitCode?: number; stdout?: string; stderr?: string; error?: string; startedAt: number },\n  options?: Pick<RunCommandOptions, 'captureOutput' | 'redactOutput' | 'maxOutputChars'>\n): Promise<void> {\n  const duration = Date.now() - outcome.startedAt;\n  cmd.duration = duration;\n  if (outcome.exitCode !== undefined) {\n    cmd.exitCode = outcome.exitCode;\n  }\n\n  const captureOutput = options?.captureOutput ?? false;\n  const redactOutput = options?.redactOutput ?? true;\n  const maxOutputChars = options?.maxOutputChars ?? 2000;\n\n  if (captureOutput) {\n    const out = outcome.stdout ?? '';\n    const err = outcome.stderr ?? '';\n    cmd.stdout = redactOutput ? redact(clampOutput(out, maxOutputChars)) : clampOutput(out, maxOutputChars);\n    cmd.stderr = redactOutput ? redact(clampOutput(err, maxOutputChars)) : clampOutput(err, maxOutputChars);\n  }\n\n  const completed = completeAuditEntry(entry, outcome.success, outcome.error);\n  await logSkillExecution(completed);\n}\n\nexport async function runShellCommand(\n  command: string,\n  audit: CommandAuditContext,\n  options?: RunCommandOptions\n): Promise<{ stdout: string; stderr: string; exitCode: number }> {\n  const startedAt = Date.now();\n  const entry = createAuditEntry(audit.actor, audit.source ?? 'trie', audit.triggeredBy, audit.targetPath);\n  const cmd = buildCommandRecord(command);\n  entry.commands?.push(cmd);\n\n  try {\n    const { stdout, stderr } = await execAsync(command, {\n      cwd: options?.cwd,\n      timeout: options?.timeoutMs,\n      maxBuffer: options?.maxBuffer,\n    });\n\n    await finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout, stderr, startedAt }, options);\n    return { stdout: stdout ?? '', stderr: stderr ?? '', exitCode: 0 };\n  } catch (e) {\n    const err = e as ExecException & { stdout?: unknown; stderr?: unknown; code?: unknown };\n    const stdout = typeof err.stdout === 'string' ? err.stdout : '';\n    const stderr = typeof err.stderr === 'string' ? err.stderr : '';\n    const exitCode = typeof err.code === 'number' ? err.code : 1;\n\n    await finalizeAndWrite(\n      entry,\n      cmd,\n      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },\n      // Capture output for failures by default (so audits are useful)\n      { ...options, captureOutput: options?.captureOutput ?? true }\n    );\n\n    return { stdout, stderr, exitCode };\n  }\n}\n\nexport function runShellCommandSync(\n  command: string,\n  audit: CommandAuditContext,\n  options?: Omit<RunCommandOptions, 'timeoutMs'> & { timeoutMs?: number }\n): { stdout: string; exitCode: number } {\n  const startedAt = Date.now();\n  const entry = createAuditEntry(audit.actor, audit.source ?? 'trie', audit.triggeredBy, audit.targetPath);\n  const cmd = buildCommandRecord(command);\n  entry.commands?.push(cmd);\n\n  try {\n    const stdout = execSync(command, {\n      cwd: options?.cwd,\n      timeout: options?.timeoutMs,\n      maxBuffer: options?.maxBuffer,\n      encoding: 'utf-8',\n      stdio: ['pipe', 'pipe', 'pipe'],\n    });\n\n    // Fire-and-forget write; sync APIs can’t await.\n    void finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout, stderr: '', startedAt }, options);\n    return { stdout: stdout ?? '', exitCode: 0 };\n  } catch (e) {\n    const err = e as ExecException & { stdout?: unknown; stderr?: unknown; status?: unknown };\n    const stdout = typeof err.stdout === 'string' ? err.stdout : '';\n    const stderr = typeof err.stderr === 'string' ? err.stderr : '';\n    const exitCode = typeof err.status === 'number' ? err.status : 1;\n\n    void finalizeAndWrite(\n      entry,\n      cmd,\n      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },\n      { ...options, captureOutput: options?.captureOutput ?? true }\n    );\n\n    return { stdout, exitCode };\n  }\n}\n\nexport async function runExecFile(\n  file: string,\n  args: string[],\n  audit: CommandAuditContext,\n  options?: Omit<RunCommandOptions, 'timeoutMs'> & { timeoutMs?: number }\n): Promise<{ stdout: string; stderr: string; exitCode: number }> {\n  const startedAt = Date.now();\n  const command = [file, ...args].join(' ');\n  const entry = createAuditEntry(audit.actor, audit.source ?? 'trie', audit.triggeredBy, audit.targetPath);\n  const cmd = buildCommandRecord(command);\n  entry.commands?.push(cmd);\n\n  try {\n    const { stdout, stderr } = await execFileAsync(file, args, {\n      cwd: options?.cwd,\n      timeout: options?.timeoutMs,\n      maxBuffer: options?.maxBuffer,\n    });\n\n    await finalizeAndWrite(entry, cmd, { success: true, exitCode: 0, stdout: String(stdout ?? ''), stderr: String(stderr ?? ''), startedAt }, options);\n    return { stdout: String(stdout ?? ''), stderr: String(stderr ?? ''), exitCode: 0 };\n  } catch (e) {\n    const err = e as ExecException & { stdout?: unknown; stderr?: unknown; code?: unknown };\n    const stdout = typeof err.stdout === 'string' ? err.stdout : '';\n    const stderr = typeof err.stderr === 'string' ? err.stderr : '';\n    const exitCode = typeof err.code === 'number' ? err.code : 1;\n\n    await finalizeAndWrite(\n      entry,\n      cmd,\n      { success: false, exitCode, stdout, stderr, error: err.message, startedAt },\n      { ...options, captureOutput: options?.captureOutput ?? true }\n    );\n    return { stdout, stderr, exitCode };\n  }\n}\n\n","/**\n * Skill Audit Logger\n * \n * Logs all skill operations for security auditing\n */\n\nimport { writeFile, mkdir, readdir, readFile } from 'fs/promises';\nimport { join } from 'path';\nimport { getWorkingDirectory, getTrieDirectory } from '../utils/workspace.js';\n\nexport interface SkillExecution {\n  skillName: string;\n  skillSource: string;\n  timestamp: string;\n  startTime: number;\n  endTime?: number;\n  duration?: number;\n  success: boolean;\n  error?: string;\n  \n  // What the skill did\n  commands?: ExecutedCommand[];\n  networkCalls?: NetworkCall[];\n  filesAccessed?: string[];\n  filesModified?: string[];\n  \n  // Context\n  triggeredBy: 'scan' | 'check' | 'manual' | 'watch';\n  targetPath: string;\n}\n\nexport interface ExecutedCommand {\n  command: string;\n  timestamp: string;\n  exitCode?: number;\n  duration?: number;\n  stdout?: string;\n  stderr?: string;\n  blockedBy?: string; // If blocked, what rule blocked it\n}\n\nexport interface NetworkCall {\n  url: string;\n  method: string;\n  timestamp: string;\n  duration?: number;\n  statusCode?: number;\n  blocked?: boolean;\n  blockedReason?: string;\n}\n\n/**\n * Log a skill execution for audit trail\n */\nexport async function logSkillExecution(execution: SkillExecution): Promise<void> {\n  const workDir = getWorkingDirectory(undefined, true);\n  const auditDir = join(getTrieDirectory(workDir), 'audit');\n  \n  await mkdir(auditDir, { recursive: true });\n  \n  // Create filename with timestamp and skill name\n  const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\n  const safeSkillName = execution.skillName.replace(/[^a-z0-9-]/gi, '_');\n  const filename = `${timestamp}_${safeSkillName}.json`;\n  const filepath = join(auditDir, filename);\n  \n  // Add end time if not set\n  if (!execution.endTime) {\n    execution.endTime = Date.now();\n  }\n  \n  // Calculate duration\n  if (!execution.duration) {\n    execution.duration = execution.endTime - execution.startTime;\n  }\n  \n  await writeFile(filepath, JSON.stringify(execution, null, 2), 'utf-8');\n}\n\n/**\n * Create audit log entry for a skill execution start\n */\nexport function createAuditEntry(\n  skillName: string,\n  skillSource: string,\n  triggeredBy: SkillExecution['triggeredBy'],\n  targetPath: string\n): SkillExecution {\n  return {\n    skillName,\n    skillSource,\n    timestamp: new Date().toISOString(),\n    startTime: Date.now(),\n    success: false,\n    triggeredBy,\n    targetPath,\n    commands: [],\n    networkCalls: [],\n    filesAccessed: [],\n    filesModified: [],\n  };\n}\n\n/**\n * Mark execution as complete\n */\nexport function completeAuditEntry(\n  entry: SkillExecution,\n  success: boolean,\n  error?: string\n): SkillExecution {\n  const base: SkillExecution = {\n    ...entry,\n    success,\n    endTime: Date.now(),\n    duration: Date.now() - entry.startTime,\n  };\n  return error ? { ...base, error } : base;\n}\n\n/**\n * Get recent audit logs\n */\nexport async function getRecentAuditLogs(limit: number = 10): Promise<SkillExecution[]> {\n  const workDir = getWorkingDirectory(undefined, true);\n  const auditDir = join(getTrieDirectory(workDir), 'audit');\n  \n  try {\n    const files = await readdir(auditDir);\n    \n    // Sort by filename (which includes timestamp) descending\n    const sorted = files\n      .filter(f => f.endsWith('.json'))\n      .sort()\n      .reverse()\n      .slice(0, limit);\n    \n    const logs: SkillExecution[] = [];\n    \n    for (const file of sorted) {\n      try {\n        const content = await readFile(join(auditDir, file), 'utf-8');\n        logs.push(JSON.parse(content));\n      } catch {\n        // Skip malformed logs\n      }\n    }\n    \n    return logs;\n  } catch {\n    // Audit directory doesn't exist yet\n    return [];\n  }\n}\n\n/**\n * Get audit logs for a specific skill\n */\nexport async function getSkillAuditLogs(skillName: string): Promise<SkillExecution[]> {\n  const workDir = getWorkingDirectory(undefined, true);\n  const auditDir = join(getTrieDirectory(workDir), 'audit');\n  const safeSkillName = skillName.replace(/[^a-z0-9-]/gi, '_');\n  \n  try {\n    const files = await readdir(auditDir);\n    \n    const skillFiles = files.filter(f => \n      f.includes(`_${safeSkillName}.json`)\n    );\n    \n    const logs: SkillExecution[] = [];\n    \n    for (const file of skillFiles) {\n      try {\n        const content = await readFile(join(auditDir, file), 'utf-8');\n        logs.push(JSON.parse(content));\n      } catch {\n        // Skip malformed logs\n      }\n    }\n    \n    return logs.sort((a, b) => \n      new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()\n    );\n  } catch {\n    return [];\n  }\n}\n\n/**\n * Get audit statistics\n */\nexport async function getAuditStatistics(): Promise<{\n  totalExecutions: number;\n  successfulExecutions: number;\n  failedExecutions: number;\n  uniqueSkills: number;\n  totalCommands: number;\n  totalNetworkCalls: number;\n  blockedCommands: number;\n  blockedNetworkCalls: number;\n}> {\n  const logs = await getRecentAuditLogs(1000); // Last 1000 executions\n  \n  const skills = new Set<string>();\n  let totalCommands = 0;\n  let totalNetworkCalls = 0;\n  let blockedCommands = 0;\n  let blockedNetworkCalls = 0;\n  \n  for (const log of logs) {\n    skills.add(log.skillName);\n    totalCommands += log.commands?.length ?? 0;\n    totalNetworkCalls += log.networkCalls?.length ?? 0;\n    blockedCommands += log.commands?.filter(c => c.blockedBy).length ?? 0;\n    blockedNetworkCalls += log.networkCalls?.filter(c => c.blocked).length ?? 0;\n  }\n  \n  return {\n    totalExecutions: logs.length,\n    successfulExecutions: logs.filter(l => l.success).length,\n    failedExecutions: logs.filter(l => !l.success).length,\n    uniqueSkills: skills.size,\n    totalCommands,\n    totalNetworkCalls,\n    blockedCommands,\n    blockedNetworkCalls,\n  };\n}\n\n/**\n * Format audit log for display\n */\nexport function formatAuditLog(log: SkillExecution): string {\n  const lines: string[] = [];\n  \n  const status = log.success ? '✅' : '❌';\n  const duration = log.duration ? `${log.duration}ms` : 'unknown';\n  \n  lines.push(`${status} ${log.skillName} (${duration})`);\n  lines.push(`   Time: ${new Date(log.timestamp).toLocaleString()}`);\n  lines.push(`   Triggered by: ${log.triggeredBy}`);\n  lines.push(`   Target: ${log.targetPath}`);\n  \n  if (log.commands && log.commands.length > 0) {\n    lines.push(`   Commands executed: ${log.commands.length}`);\n    const blocked = log.commands.filter(c => c.blockedBy).length;\n    if (blocked > 0) {\n      lines.push(`   ⚠️  Commands blocked: ${blocked}`);\n    }\n  }\n  \n  if (log.networkCalls && log.networkCalls.length > 0) {\n    lines.push(`   Network calls: ${log.networkCalls.length}`);\n    const blocked = log.networkCalls.filter(c => c.blocked).length;\n    if (blocked > 0) {\n      lines.push(`   ⚠️  Network calls blocked: ${blocked}`);\n    }\n  }\n  \n  if (log.error) {\n    lines.push(`   Error: ${log.error}`);\n  }\n  \n  return lines.join('\\n');\n}\n"],"mappings":";;;;;;AASA,SAAS,MAAM,UAAU,gBAAoC;AAC7D,SAAS,iBAAiB;;;ACJ1B,SAAS,WAAW,OAAO,SAAS,gBAAgB;AACpD,SAAS,YAAY;AA+CrB,eAAsB,kBAAkB,WAA0C;AAChF,QAAM,UAAU,oBAAoB,QAAW,IAAI;AACnD,QAAM,WAAW,KAAK,iBAAiB,OAAO,GAAG,OAAO;AAExD,QAAM,MAAM,UAAU,EAAE,WAAW,KAAK,CAAC;AAGzC,QAAM,aAAY,oBAAI,KAAK,GAAE,YAAY,EAAE,QAAQ,SAAS,GAAG;AAC/D,QAAM,gBAAgB,UAAU,UAAU,QAAQ,gBAAgB,GAAG;AACrE,QAAM,WAAW,GAAG,SAAS,IAAI,aAAa;AAC9C,QAAM,WAAW,KAAK,UAAU,QAAQ;AAGxC,MAAI,CAAC,UAAU,SAAS;AACtB,cAAU,UAAU,KAAK,IAAI;AAAA,EAC/B;AAGA,MAAI,CAAC,UAAU,UAAU;AACvB,cAAU,WAAW,UAAU,UAAU,UAAU;AAAA,EACrD;AAEA,QAAM,UAAU,UAAU,KAAK,UAAU,WAAW,MAAM,CAAC,GAAG,OAAO;AACvE;AAKO,SAAS,iBACd,WACA,aACA,aACA,YACgB;AAChB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,IAClC,WAAW,KAAK,IAAI;AAAA,IACpB,SAAS;AAAA,IACT;AAAA,IACA;AAAA,IACA,UAAU,CAAC;AAAA,IACX,cAAc,CAAC;AAAA,IACf,eAAe,CAAC;AAAA,IAChB,eAAe,CAAC;AAAA,EAClB;AACF;AAKO,SAAS,mBACd,OACA,SACA,OACgB;AAChB,QAAM,OAAuB;AAAA,IAC3B,GAAG;AAAA,IACH;AAAA,IACA,SAAS,KAAK,IAAI;AAAA,IAClB,UAAU,KAAK,IAAI,IAAI,MAAM;AAAA,EAC/B;AACA,SAAO,QAAQ,EAAE,GAAG,MAAM,MAAM,IAAI;AACtC;AAKA,eAAsB,mBAAmB,QAAgB,IAA+B;AACtF,QAAM,UAAU,oBAAoB,QAAW,IAAI;AACnD,QAAM,WAAW,KAAK,iBAAiB,OAAO,GAAG,OAAO;AAExD,MAAI;AACF,UAAM,QAAQ,MAAM,QAAQ,QAAQ;AAGpC,UAAM,SAAS,MACZ,OAAO,OAAK,EAAE,SAAS,OAAO,CAAC,EAC/B,KAAK,EACL,QAAQ,EACR,MAAM,GAAG,KAAK;AAEjB,UAAM,OAAyB,CAAC;AAEhC,eAAW,QAAQ,QAAQ;AACzB,UAAI;AACF,cAAM,UAAU,MAAM,SAAS,KAAK,UAAU,IAAI,GAAG,OAAO;AAC5D,aAAK,KAAK,KAAK,MAAM,OAAO,CAAC;AAAA,MAC/B,QAAQ;AAAA,MAER;AAAA,IACF;AAEA,WAAO;AAAA,EACT,QAAQ;AAEN,WAAO,CAAC;AAAA,EACV;AACF;AAKA,eAAsB,kBAAkB,WAA8C;AACpF,QAAM,UAAU,oBAAoB,QAAW,IAAI;AACnD,QAAM,WAAW,KAAK,iBAAiB,OAAO,GAAG,OAAO;AACxD,QAAM,gBAAgB,UAAU,QAAQ,gBAAgB,GAAG;AAE3D,MAAI;AACF,UAAM,QAAQ,MAAM,QAAQ,QAAQ;AAEpC,UAAM,aAAa,MAAM;AAAA,MAAO,OAC9B,EAAE,SAAS,IAAI,aAAa,OAAO;AAAA,IACrC;AAEA,UAAM,OAAyB,CAAC;AAEhC,eAAW,QAAQ,YAAY;AAC7B,UAAI;AACF,cAAM,UAAU,MAAM,SAAS,KAAK,UAAU,IAAI,GAAG,OAAO;AAC5D,aAAK,KAAK,KAAK,MAAM,OAAO,CAAC;AAAA,MAC/B,QAAQ;AAAA,MAER;AAAA,IACF;AAEA,WAAO,KAAK;AAAA,MAAK,CAAC,GAAG,MACnB,IAAI,KAAK,EAAE,SAAS,EAAE,QAAQ,IAAI,IAAI,KAAK,EAAE,SAAS,EAAE,QAAQ;AAAA,IAClE;AAAA,EACF,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AAKA,eAAsB,qBASnB;AACD,QAAM,OAAO,MAAM,mBAAmB,GAAI;AAE1C,QAAM,SAAS,oBAAI,IAAY;AAC/B,MAAI,gBAAgB;AACpB,MAAI,oBAAoB;AACxB,MAAI,kBAAkB;AACtB,MAAI,sBAAsB;AAE1B,aAAW,OAAO,MAAM;AACtB,WAAO,IAAI,IAAI,SAAS;AACxB,qBAAiB,IAAI,UAAU,UAAU;AACzC,yBAAqB,IAAI,cAAc,UAAU;AACjD,uBAAmB,IAAI,UAAU,OAAO,OAAK,EAAE,SAAS,EAAE,UAAU;AACpE,2BAAuB,IAAI,cAAc,OAAO,OAAK,EAAE,OAAO,EAAE,UAAU;AAAA,EAC5E;AAEA,SAAO;AAAA,IACL,iBAAiB,KAAK;AAAA,IACtB,sBAAsB,KAAK,OAAO,OAAK,EAAE,OAAO,EAAE;AAAA,IAClD,kBAAkB,KAAK,OAAO,OAAK,CAAC,EAAE,OAAO,EAAE;AAAA,IAC/C,cAAc,OAAO;AAAA,IACrB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAKO,SAAS,eAAe,KAA6B;AAC1D,QAAM,QAAkB,CAAC;AAEzB,QAAM,SAAS,IAAI,UAAU,WAAM;AACnC,QAAM,WAAW,IAAI,WAAW,GAAG,IAAI,QAAQ,OAAO;AAEtD,QAAM,KAAK,GAAG,MAAM,IAAI,IAAI,SAAS,KAAK,QAAQ,GAAG;AACrD,QAAM,KAAK,YAAY,IAAI,KAAK,IAAI,SAAS,EAAE,eAAe,CAAC,EAAE;AACjE,QAAM,KAAK,oBAAoB,IAAI,WAAW,EAAE;AAChD,QAAM,KAAK,cAAc,IAAI,UAAU,EAAE;AAEzC,MAAI,IAAI,YAAY,IAAI,SAAS,SAAS,GAAG;AAC3C,UAAM,KAAK,yBAAyB,IAAI,SAAS,MAAM,EAAE;AACzD,UAAM,UAAU,IAAI,SAAS,OAAO,OAAK,EAAE,SAAS,EAAE;AACtD,QAAI,UAAU,GAAG;AACf,YAAM,KAAK,sCAA4B,OAAO,EAAE;AAAA,IAClD;AAAA,EACF;AAEA,MAAI,IAAI,gBAAgB,IAAI,aAAa,SAAS,GAAG;AACnD,UAAM,KAAK,qBAAqB,IAAI,aAAa,MAAM,EAAE;AACzD,UAAM,UAAU,IAAI,aAAa,OAAO,OAAK,EAAE,OAAO,EAAE;AACxD,QAAI,UAAU,GAAG;AACf,YAAM,KAAK,2CAAiC,OAAO,EAAE;AAAA,IACvD;AAAA,EACF;AAEA,MAAI,IAAI,OAAO;AACb,UAAM,KAAK,aAAa,IAAI,KAAK,EAAE;AAAA,EACrC;AAEA,SAAO,MAAM,KAAK,IAAI;AACxB;;;ADrPA,IAAM,YAAY,UAAU,IAAI;AAChC,IAAM,gBAAgB,UAAU,QAAQ;AA4BxC,SAAS,OAAO,MAAsB;AAEpC,SAAO,KAEJ,QAAQ,kEAAkE,0BAA0B,EAEpG,QAAQ,uCAAuC,mBAAmB,EAElE,QAAQ,6BAA6B,gBAAgB,EACrD,QAAQ,yCAAyC,wBAAwB,EAEzE,QAAQ,yBAAyB,gBAAgB;AACtD;AAEA,SAAS,YAAY,MAAc,UAA0B;AAC3D,MAAI,KAAK,UAAU,SAAU,QAAO;AACpC,SAAO,KAAK,MAAM,GAAG,QAAQ,IAAI;AAAA,mBAAiB,KAAK,SAAS,QAAQ;AAC1E;AAEA,SAAS,mBAAmB,SAAkC;AAC5D,SAAO;AAAA,IACL;AAAA,IACA,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,EACpC;AACF;AAEA,eAAe,iBACb,OACA,KACA,SACA,SACe;AACf,QAAM,WAAW,KAAK,IAAI,IAAI,QAAQ;AACtC,MAAI,WAAW;AACf,MAAI,QAAQ,aAAa,QAAW;AAClC,QAAI,WAAW,QAAQ;AAAA,EACzB;AAEA,QAAM,gBAAgB,SAAS,iBAAiB;AAChD,QAAM,eAAe,SAAS,gBAAgB;AAC9C,QAAM,iBAAiB,SAAS,kBAAkB;AAElD,MAAI,eAAe;AACjB,UAAM,MAAM,QAAQ,UAAU;AAC9B,UAAM,MAAM,QAAQ,UAAU;AAC9B,QAAI,SAAS,eAAe,OAAO,YAAY,KAAK,cAAc,CAAC,IAAI,YAAY,KAAK,cAAc;AACtG,QAAI,SAAS,eAAe,OAAO,YAAY,KAAK,cAAc,CAAC,IAAI,YAAY,KAAK,cAAc;AAAA,EACxG;AAEA,QAAM,YAAY,mBAAmB,OAAO,QAAQ,SAAS,QAAQ,KAAK;AAC1E,QAAM,kBAAkB,SAAS;AACnC;AAEA,eAAsB,gBACpB,SACA,OACA,SAC+D;AAC/D,QAAM,YAAY,KAAK,IAAI;AAC3B,QAAM,QAAQ,iBAAiB,MAAM,OAAO,MAAM,UAAU,QAAQ,MAAM,aAAa,MAAM,UAAU;AACvG,QAAM,MAAM,mBAAmB,OAAO;AACtC,QAAM,UAAU,KAAK,GAAG;AAExB,MAAI;AACF,UAAM,EAAE,QAAQ,OAAO,IAAI,MAAM,UAAU,SAAS;AAAA,MAClD,KAAK,SAAS;AAAA,MACd,SAAS,SAAS;AAAA,MAClB,WAAW,SAAS;AAAA,IACtB,CAAC;AAED,UAAM,iBAAiB,OAAO,KAAK,EAAE,SAAS,MAAM,UAAU,GAAG,QAAQ,QAAQ,UAAU,GAAG,OAAO;AACrG,WAAO,EAAE,QAAQ,UAAU,IAAI,QAAQ,UAAU,IAAI,UAAU,EAAE;AAAA,EACnE,SAAS,GAAG;AACV,UAAM,MAAM;AACZ,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,WAAW,OAAO,IAAI,SAAS,WAAW,IAAI,OAAO;AAE3D,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,SAAS,OAAO,UAAU,QAAQ,QAAQ,OAAO,IAAI,SAAS,UAAU;AAAA;AAAA,MAE1E,EAAE,GAAG,SAAS,eAAe,SAAS,iBAAiB,KAAK;AAAA,IAC9D;AAEA,WAAO,EAAE,QAAQ,QAAQ,SAAS;AAAA,EACpC;AACF;AAEO,SAAS,oBACd,SACA,OACA,SACsC;AACtC,QAAM,YAAY,KAAK,IAAI;AAC3B,QAAM,QAAQ,iBAAiB,MAAM,OAAO,MAAM,UAAU,QAAQ,MAAM,aAAa,MAAM,UAAU;AACvG,QAAM,MAAM,mBAAmB,OAAO;AACtC,QAAM,UAAU,KAAK,GAAG;AAExB,MAAI;AACF,UAAM,SAAS,SAAS,SAAS;AAAA,MAC/B,KAAK,SAAS;AAAA,MACd,SAAS,SAAS;AAAA,MAClB,WAAW,SAAS;AAAA,MACpB,UAAU;AAAA,MACV,OAAO,CAAC,QAAQ,QAAQ,MAAM;AAAA,IAChC,CAAC;AAGD,SAAK,iBAAiB,OAAO,KAAK,EAAE,SAAS,MAAM,UAAU,GAAG,QAAQ,QAAQ,IAAI,UAAU,GAAG,OAAO;AACxG,WAAO,EAAE,QAAQ,UAAU,IAAI,UAAU,EAAE;AAAA,EAC7C,SAAS,GAAG;AACV,UAAM,MAAM;AACZ,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,WAAW,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAE/D,SAAK;AAAA,MACH;AAAA,MACA;AAAA,MACA,EAAE,SAAS,OAAO,UAAU,QAAQ,QAAQ,OAAO,IAAI,SAAS,UAAU;AAAA,MAC1E,EAAE,GAAG,SAAS,eAAe,SAAS,iBAAiB,KAAK;AAAA,IAC9D;AAEA,WAAO,EAAE,QAAQ,SAAS;AAAA,EAC5B;AACF;AAEA,eAAsB,YACpB,MACA,MACA,OACA,SAC+D;AAC/D,QAAM,YAAY,KAAK,IAAI;AAC3B,QAAM,UAAU,CAAC,MAAM,GAAG,IAAI,EAAE,KAAK,GAAG;AACxC,QAAM,QAAQ,iBAAiB,MAAM,OAAO,MAAM,UAAU,QAAQ,MAAM,aAAa,MAAM,UAAU;AACvG,QAAM,MAAM,mBAAmB,OAAO;AACtC,QAAM,UAAU,KAAK,GAAG;AAExB,MAAI;AACF,UAAM,EAAE,QAAQ,OAAO,IAAI,MAAM,cAAc,MAAM,MAAM;AAAA,MACzD,KAAK,SAAS;AAAA,MACd,SAAS,SAAS;AAAA,MAClB,WAAW,SAAS;AAAA,IACtB,CAAC;AAED,UAAM,iBAAiB,OAAO,KAAK,EAAE,SAAS,MAAM,UAAU,GAAG,QAAQ,OAAO,UAAU,EAAE,GAAG,QAAQ,OAAO,UAAU,EAAE,GAAG,UAAU,GAAG,OAAO;AACjJ,WAAO,EAAE,QAAQ,OAAO,UAAU,EAAE,GAAG,QAAQ,OAAO,UAAU,EAAE,GAAG,UAAU,EAAE;AAAA,EACnF,SAAS,GAAG;AACV,UAAM,MAAM;AACZ,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,SAAS,OAAO,IAAI,WAAW,WAAW,IAAI,SAAS;AAC7D,UAAM,WAAW,OAAO,IAAI,SAAS,WAAW,IAAI,OAAO;AAE3D,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,SAAS,OAAO,UAAU,QAAQ,QAAQ,OAAO,IAAI,SAAS,UAAU;AAAA,MAC1E,EAAE,GAAG,SAAS,eAAe,SAAS,iBAAiB,KAAK;AAAA,IAC9D;AACA,WAAO,EAAE,QAAQ,QAAQ,SAAS;AAAA,EACpC;AACF;","names":[]}