@ulpi/cli 0.1.4 → 0.1.6

package/dist/chunk-IZPJHSPX.js

@@ -0,0 +1,1478 @@
+import {
+  evaluateRules,
+  isDangerousCommand,
+  matchesFilePattern
+} from "./chunk-5MI5GIXM.js";
+
+// ../../packages/agent-plugins/dist/index.js
+import { spawn } from "child_process";
+import { accessSync } from "fs";
+import { platform } from "os";
+import { isAbsolute } from "path";
+import { randomUUID } from "crypto";
+import { execFileSync } from "child_process";
+import { execFileSync as execFileSync2 } from "child_process";
+import * as fs from "fs";
+import * as path from "path";
+import * as os from "os";
+var DEFAULT_ENV_EXCLUDE_PATTERNS = [
+  "*_API_KEY",
+  "*_SECRET_KEY",
+  "*_SECRET"
+];
+function globMatch(pattern, str) {
+  const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&");
+  const regex = new RegExp(
+    "^" + escaped.replace(/\*/g, ".*").replace(/\?/g, ".") + "$"
+  );
+  return regex.test(str);
+}
+function filterEnv(env, excludePatterns, passthroughPatterns) {
+  if (!excludePatterns || excludePatterns.length === 0) {
+    return env;
+  }
+  const filtered = {};
+  for (const [key, value] of Object.entries(env)) {
+    const matchesExclude = excludePatterns.some(
+      (pattern) => globMatch(pattern, key)
+    );
+    if (!matchesExclude) {
+      filtered[key] = value;
+    } else if (passthroughPatterns.length > 0 && passthroughPatterns.some((pattern) => globMatch(pattern, key))) {
+      filtered[key] = value;
+    }
+  }
+  return filtered;
+}
+function getEnvExclusionReport(env = process.env, passthroughPatterns = [], additionalExclude = []) {
+  const excludePatterns = [...DEFAULT_ENV_EXCLUDE_PATTERNS, ...additionalExclude];
+  const blocked = [];
+  const allowed = [];
+  for (const key of Object.keys(env)) {
+    const matchesExclude = excludePatterns.some(
+      (pattern) => globMatch(pattern, key)
+    );
+    if (!matchesExclude) {
+      continue;
+    }
+    const matchesPassthrough = passthroughPatterns.length > 0 && passthroughPatterns.some((pattern) => globMatch(pattern, key));
+    if (matchesPassthrough) {
+      allowed.push(key);
+    } else {
+      blocked.push(key);
+    }
+  }
+  return { blocked: blocked.sort(), allowed: allowed.sort() };
+}
+function findCommandPath(command) {
+  return new Promise((resolve) => {
+    const isWindows = platform() === "win32";
+    const trimmed = command.trim();
+    const normalized = trimmed.startsWith('"') && trimmed.endsWith('"') ? trimmed.slice(1, -1) : trimmed;
+    const isPathLike = isAbsolute(normalized) || normalized.includes("/") || normalized.includes("\\");
+    if (isPathLike) {
+      try {
+        accessSync(normalized);
+        return resolve({ found: true, path: normalized });
+      } catch {
+        return resolve({ found: false, path: "" });
+      }
+    }
+    const whichCmd = isWindows ? "where" : "which";
+    const proc = spawn(whichCmd, [command], {
+      stdio: ["ignore", "pipe", "pipe"],
+      shell: isWindows
+    });
+    let stdout = "";
+    proc.stdout?.on("data", (data) => {
+      stdout += data.toString();
+    });
+    proc.on("error", () => {
+      resolve({ found: false, path: "" });
+    });
+    proc.on("close", (code) => {
+      if (code === 0 && stdout.trim()) {
+        const firstPath = stdout.trim().split(/\r?\n/)[0] ?? "";
+        resolve({ found: true, path: firstPath.trim() });
+      } else {
+        resolve({ found: false, path: "" });
+      }
+    });
+    setTimeout(() => {
+      proc.kill();
+      resolve({ found: false, path: "" });
+    }, 15e3);
+  });
+}
+var MAX_STREAM_CHARS = 2e6;
+function appendCapped(current, chunk, max) {
+  const combined = current + chunk;
+  if (combined.length <= max) {
+    return combined;
+  }
+  return "[...truncated...]\n" + combined.slice(combined.length - max);
+}
+var BaseAgentPlugin = class {
+  config = {};
+  ready = false;
+  commandPath;
+  defaultFlags = [];
+  defaultTimeout = 0;
+  envExclude = [];
+  envPassthrough = [];
+  executions = /* @__PURE__ */ new Map();
+  currentExecutionId;
+  async initialize(config) {
+    this.config = config;
+    if (typeof config.command === "string") {
+      this.commandPath = config.command;
+    }
+    if (Array.isArray(config.defaultFlags)) {
+      this.defaultFlags = config.defaultFlags.filter(
+        (f) => typeof f === "string"
+      );
+    }
+    if (typeof config.timeout === "number" && config.timeout > 0) {
+      this.defaultTimeout = config.timeout;
+    }
+    if (Array.isArray(config.envExclude)) {
+      this.envExclude = config.envExclude.filter(
+        (p) => typeof p === "string" && p.length > 0
+      );
+    }
+    if (Array.isArray(config.envPassthrough)) {
+      this.envPassthrough = config.envPassthrough.filter(
+        (p) => typeof p === "string" && p.length > 0
+      );
+    }
+    this.ready = true;
+  }
+  async isReady() {
+    return this.ready;
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const result = await findCommandPath(command);
+    if (!result.found) {
+      return {
+        available: false,
+        error: `${this.meta.name} CLI not found in PATH`
+      };
+    }
+    this.commandPath = result.path;
+    return {
+      available: true,
+      executablePath: result.path
+    };
+  }
+  /**
+   * Get input to write to stdin after spawning the process.
+   * Override in subclasses to provide stdin input (e.g., prompt content).
+   */
+  getStdinInput(prompt, options) {
+    return void 0;
+  }
+  execute(prompt, options) {
+    const executionId = randomUUID();
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const args = this.buildArgs(prompt, options);
+    const startedAt = /* @__PURE__ */ new Date();
+    const timeout = options?.timeout ?? this.defaultTimeout;
+    const effectiveExclude = [
+      ...DEFAULT_ENV_EXCLUDE_PATTERNS,
+      ...this.envExclude
+    ];
+    const baseEnv = filterEnv(process.env, effectiveExclude, this.envPassthrough);
+    const env = { ...baseEnv, ...options?.env };
+    const allArgs = [...this.defaultFlags, ...options?.flags ?? [], ...args];
+    let resolvePromise;
+    let rejectPromise;
+    const promise = new Promise((resolve, reject) => {
+      resolvePromise = resolve;
+      rejectPromise = reject;
+    });
+    const isWindows = platform() === "win32";
+    const proc = spawn(command, allArgs, {
+      cwd: options?.cwd ?? process.cwd(),
+      env,
+      stdio: ["pipe", "pipe", "pipe"],
+      shell: isWindows
+    });
+    const stdinInput = this.getStdinInput(prompt, options);
+    if (stdinInput !== void 0 && proc.stdin) {
+      proc.stdin.write(stdinInput);
+      proc.stdin.end();
+    } else if (proc.stdin) {
+      proc.stdin.end();
+    }
+    const execution = {
+      executionId,
+      process: proc,
+      startedAt,
+      stdout: "",
+      stderr: "",
+      interrupted: false,
+      resolve: resolvePromise,
+      reject: rejectPromise,
+      options
+    };
+    this.executions.set(executionId, execution);
+    this.currentExecutionId = executionId;
+    options?.onStart?.(executionId);
+    proc.stdout?.on("data", (data) => {
+      const text = data.toString();
+      execution.stdout = appendCapped(
+        execution.stdout,
+        text,
+        MAX_STREAM_CHARS
+      );
+      options?.onStdout?.(text);
+    });
+    proc.stderr?.on("data", (data) => {
+      const text = data.toString();
+      execution.stderr = appendCapped(
+        execution.stderr,
+        text,
+        MAX_STREAM_CHARS
+      );
+      options?.onStderr?.(text);
+    });
+    proc.on("error", (error) => {
+      this.completeExecution(executionId, "failed", void 0, error.message);
+    });
+    proc.on("close", (code, signal) => {
+      let status;
+      if (execution.interrupted) {
+        status = "interrupted";
+      } else if (signal === "SIGTERM" || signal === "SIGKILL") {
+        status = execution.timeoutId ? "timeout" : "interrupted";
+      } else if (code === 0) {
+        status = "completed";
+      } else {
+        status = "failed";
+      }
+      this.completeExecution(executionId, status, code ?? void 0);
+    });
+    if (timeout > 0) {
+      execution.timeoutId = setTimeout(() => {
+        if (this.executions.has(executionId)) {
+          proc.kill("SIGTERM");
+          setTimeout(() => {
+            if (this.executions.has(executionId)) {
+              proc.kill("SIGKILL");
+            }
+          }, 5e3);
+        }
+      }, timeout);
+    }
+    return {
+      executionId,
+      promise,
+      interrupt: () => this.interrupt(executionId),
+      isRunning: () => this.executions.has(executionId)
+    };
+  }
+  completeExecution(executionId, status, exitCode, error) {
+    const execution = this.executions.get(executionId);
+    if (!execution) return;
+    if (execution.timeoutId) {
+      clearTimeout(execution.timeoutId);
+    }
+    const endedAt = /* @__PURE__ */ new Date();
+    const durationMs = endedAt.getTime() - execution.startedAt.getTime();
+    const result = {
+      executionId,
+      status,
+      exitCode,
+      stdout: execution.stdout,
+      stderr: execution.stderr,
+      durationMs,
+      error,
+      interrupted: execution.interrupted,
+      startedAt: execution.startedAt.toISOString(),
+      endedAt: endedAt.toISOString()
+    };
+    this.executions.delete(executionId);
+    if (this.currentExecutionId === executionId) {
+      this.currentExecutionId = void 0;
+    }
+    if (execution.options?.onEnd) {
+      try {
+        execution.options.onEnd(result);
+      } catch {
+      }
+    }
+    execution.resolve(result);
+  }
+  interrupt(executionId) {
+    const execution = this.executions.get(executionId);
+    if (!execution) return false;
+    execution.interrupted = true;
+    execution.process.kill("SIGTERM");
+    setTimeout(() => {
+      if (this.executions.has(executionId)) {
+        execution.process.kill("SIGKILL");
+      }
+    }, 5e3);
+    return true;
+  }
+  interruptAll() {
+    for (const executionId of this.executions.keys()) {
+      this.interrupt(executionId);
+    }
+  }
+  getCurrentExecution() {
+    if (!this.currentExecutionId) return void 0;
+    const execution = this.executions.get(this.currentExecutionId);
+    if (!execution) return void 0;
+    const executionId = this.currentExecutionId;
+    return {
+      executionId,
+      promise: new Promise((resolve, reject) => {
+        execution.resolve = resolve;
+        execution.reject = reject;
+      }),
+      interrupt: () => this.interrupt(executionId),
+      isRunning: () => this.executions.has(executionId)
+    };
+  }
+  async preflight(options) {
+    const startTime = Date.now();
+    const timeout = options?.timeout ?? 15e3;
+    try {
+      const detection = await this.detect();
+      if (!detection.available) {
+        return {
+          success: false,
+          error: detection.error ?? "Agent not available",
+          suggestion: `Make sure ${this.meta.name} is installed and accessible`,
+          durationMs: Date.now() - startTime
+        };
+      }
+      const testPrompt = "Respond with exactly: PREFLIGHT_OK";
+      let stdoutCapture = "";
+      const handle = this.execute(testPrompt, {
+        timeout,
+        onStdout: (data) => {
+          stdoutCapture += data;
+        }
+      });
+      const result = await handle.promise;
+      const durationMs = Date.now() - startTime;
+      if (result.status === "completed" && stdoutCapture.length > 0) {
+        return { success: true, durationMs };
+      }
+      return {
+        success: false,
+        error: result.error ?? `Agent ${result.status} without output`,
+        suggestion: `Verify ${this.meta.name} is properly configured`,
+        durationMs
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : String(error),
+        durationMs: Date.now() - startTime
+      };
+    }
+  }
+  getSandboxRequirements() {
+    return null;
+  }
+  async dispose() {
+    this.interruptAll();
+    this.ready = false;
+  }
+};
+var ClaudeAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "claude",
+    version: "1.0.0",
+    description: "Anthropic Claude Code CLI for AI-assisted coding",
+    cliCommand: "claude",
+    supportsHooks: true,
+    supportsSkills: true,
+    supportsStreaming: true,
+    supportsSubagentTracing: true
+  };
+  model;
+  agent;
+  skipPermissions = true;
+  async initialize(config) {
+    await super.initialize(config);
+    if (typeof config.model === "string" && config.model.length > 0) {
+      this.model = config.model;
+    }
+    if (typeof config.agent === "string" && config.agent.length > 0) {
+      this.agent = config.agent;
+    }
+    if (typeof config.skipPermissions === "boolean") {
+      this.skipPermissions = config.skipPermissions;
+    }
+    if (typeof config.sandbox === "string" && config.sandbox.length > 0) {
+      this.skipPermissions = config.sandbox === "danger-full-access";
+    }
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "Claude CLI not found in PATH. Install with: npm install -g @anthropic-ai/claude-code"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const args = ["--print"];
+    args.push("--verbose", "--output-format", "stream-json");
+    if (this.model) {
+      args.push("--model", this.model);
+    }
+    if (this.skipPermissions) {
+      args.push("--dangerously-skip-permissions");
+    }
+    if (this.agent) {
+      args.push("--agent", this.agent);
+    }
+    return args;
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+};
+var createClaudeAgent = () => new ClaudeAgentPlugin();
+var claude_default = createClaudeAgent;
+var GeminiAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "gemini",
+    version: "1.0.0",
+    description: "Google Gemini CLI for AI-assisted coding",
+    cliCommand: "gemini",
+    supportsHooks: false,
+    supportsSkills: true,
+    supportsStreaming: true,
+    supportsSubagentTracing: true
+  };
+  model;
+  yoloMode = true;
+  async initialize(config) {
+    await super.initialize(config);
+    if (typeof config.model === "string" && config.model.length > 0) {
+      this.model = config.model;
+    }
+    if (typeof config.yoloMode === "boolean") {
+      this.yoloMode = config.yoloMode;
+    }
+    if (typeof config.sandbox === "string" && config.sandbox.length > 0) {
+      this.yoloMode = config.sandbox === "danger-full-access";
+    }
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "Gemini CLI not found in PATH. Install from: https://github.com/google-gemini/gemini-cli"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const args = [];
+    args.push("--output-format", "stream-json");
+    if (this.model) {
+      args.push("-m", this.model);
+    }
+    if (this.yoloMode) {
+      args.push("--yolo");
+    }
+    return args;
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+};
+var createGeminiAgent = () => new GeminiAgentPlugin();
+var gemini_default = createGeminiAgent;
+var OpenCodeAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "opencode",
+    version: "1.0.0",
+    description: "OpenCode AI coding assistant CLI",
+    cliCommand: "opencode",
+    supportsHooks: true,
+    supportsSkills: true,
+    supportsStreaming: true,
+    supportsSubagentTracing: true
+  };
+  provider;
+  model;
+  agent = "general";
+  async initialize(config) {
+    await super.initialize(config);
+    if (typeof config.provider === "string" && config.provider.length > 0) {
+      this.provider = config.provider;
+    }
+    if (typeof config.model === "string" && config.model.length > 0) {
+      this.model = config.model;
+    }
+    if (typeof config.agent === "string" && ["general", "build", "plan"].includes(config.agent)) {
+      this.agent = config.agent;
+    }
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "OpenCode CLI not found in PATH. Install with: curl -fsSL https://opencode.ai/install | bash"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const args = ["run"];
+    if (this.agent !== "general") {
+      args.push("--agent", this.agent);
+    }
+    const modelStr = this.buildModelString();
+    if (modelStr) {
+      args.push("--model", modelStr);
+    }
+    args.push("--format", "json");
+    return args;
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+  buildModelString() {
+    if (this.provider && this.model) {
+      return `${this.provider}/${this.model}`;
+    }
+    if (this.model) {
+      return this.model;
+    }
+    return void 0;
+  }
+};
+var createOpenCodeAgent = () => new OpenCodeAgentPlugin();
+var opencode_default = createOpenCodeAgent;
+var CodexAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "codex",
+    version: "1.0.0",
+    description: "OpenAI Codex CLI for AI-assisted coding",
+    cliCommand: "codex",
+    supportsHooks: false,
+    supportsSkills: true,
+    supportsStreaming: true,
+    supportsSubagentTracing: true
+  };
+  model;
+  agent;
+  fullAuto = true;
+  sandbox = "workspace-write";
+  async initialize(config) {
+    await super.initialize(config);
+    if (typeof config.model === "string" && config.model.length > 0) {
+      this.model = config.model;
+    }
+    if (typeof config.agent === "string" && config.agent.length > 0) {
+      this.agent = config.agent;
+    }
+    if (typeof config.fullAuto === "boolean") {
+      this.fullAuto = config.fullAuto;
+    }
+    if (typeof config.sandbox === "string" && ["read-only", "workspace-write", "danger-full-access"].includes(
+      config.sandbox
+    )) {
+      this.sandbox = config.sandbox;
+    }
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "Codex CLI not found in PATH. Install from: https://github.com/openai/codex"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const preArgs = [];
+    const args = [];
+    if (this.fullAuto && this.sandbox !== "workspace-write") {
+      preArgs.push("-a", "on-request");
+    }
+    args.push("exec");
+    if (this.fullAuto && this.sandbox === "workspace-write") {
+      args.push("--full-auto");
+    }
+    args.push("--json");
+    if (this.model) {
+      args.push("--model", this.model);
+    }
+    args.push("--sandbox", this.sandbox);
+    if (this.agent) {
+      args.push("--profile", this.agent);
+    }
+    args.push("-");
+    return [...preArgs, ...args];
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+};
+var createCodexAgent = () => new CodexAgentPlugin();
+var codex_default = createCodexAgent;
+var KiroAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "kiro",
+    version: "1.0.0",
+    description: "AWS Kiro CLI for AI-assisted coding",
+    cliCommand: "kiro-cli",
+    supportsHooks: true,
+    supportsSkills: true,
+    supportsStreaming: true,
+    supportsSubagentTracing: false
+  };
+  trustAllTools = true;
+  agent;
+  model;
+  async initialize(config) {
+    await super.initialize(config);
+    if (typeof config.trustAllTools === "boolean") {
+      this.trustAllTools = config.trustAllTools;
+    }
+    if (typeof config.agent === "string" && config.agent.length > 0) {
+      this.agent = config.agent;
+    }
+    if (typeof config.model === "string" && config.model.length > 0) {
+      this.model = config.model;
+    }
+    if (typeof config.sandbox === "string" && config.sandbox.length > 0) {
+      this.trustAllTools = config.sandbox === "danger-full-access";
+    }
+  }
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "Kiro CLI not found in PATH. Install from: https://kiro.dev"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const args = ["chat", "--no-interactive"];
+    if (this.trustAllTools) {
+      args.push("--trust-all-tools");
+    }
+    if (this.agent) {
+      args.push("--agent", this.agent);
+    }
+    if (this.model) {
+      args.push("--model", this.model);
+    }
+    return args;
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+};
+var createKiroAgent = () => new KiroAgentPlugin();
+var kiro_default = createKiroAgent;
+var FactoryDroidAgentPlugin = class extends BaseAgentPlugin {
+  meta = {
+    name: "factory-droid",
+    version: "1.0.0",
+    description: "Factory Droid CLI for AI-assisted coding",
+    cliCommand: "droid",
+    supportsHooks: false,
+    supportsSkills: false,
+    supportsStreaming: false,
+    supportsSubagentTracing: false
+  };
+  async detect() {
+    const command = this.commandPath ?? this.meta.cliCommand;
+    const findResult = await findCommandPath(command);
+    if (!findResult.found) {
+      return {
+        available: false,
+        error: "Droid CLI not found in PATH. Install from: https://docs.factory.ai"
+      };
+    }
+    this.commandPath = findResult.path;
+    return {
+      available: true,
+      executablePath: findResult.path
+    };
+  }
+  buildArgs(prompt, options) {
+    const args = ["exec"];
+    return args;
+  }
+  getStdinInput(prompt, options) {
+    return prompt;
+  }
+};
+var createFactoryDroidAgent = () => new FactoryDroidAgentPlugin();
+var factory_droid_default = createFactoryDroidAgent;
+var AgentRegistry = class _AgentRegistry {
+  static instance = null;
+  plugins = /* @__PURE__ */ new Map();
+  loadedInstances = /* @__PURE__ */ new Map();
+  initialized = false;
+  constructor() {
+  }
+  static getInstance() {
+    if (!_AgentRegistry.instance) {
+      _AgentRegistry.instance = new _AgentRegistry();
+    }
+    return _AgentRegistry.instance;
+  }
+  static resetInstance() {
+    if (_AgentRegistry.instance) {
+      for (const instance of _AgentRegistry.instance.loadedInstances.values()) {
+        instance.dispose().catch(() => {
+        });
+      }
+      _AgentRegistry.instance.plugins.clear();
+      _AgentRegistry.instance.loadedInstances.clear();
+      _AgentRegistry.instance.initialized = false;
+    }
+    _AgentRegistry.instance = null;
+  }
+  registerBuiltin(factory) {
+    const instance = factory();
+    const { meta } = instance;
+    this.plugins.set(meta.name, { factory, meta, builtin: true });
+    instance.dispose().catch(() => {
+    });
+  }
+  getRegisteredPlugins() {
+    return Array.from(this.plugins.values()).map((p) => p.meta);
+  }
+  getPluginMeta(pluginName) {
+    return this.plugins.get(pluginName)?.meta;
+  }
+  hasPlugin(pluginName) {
+    return this.plugins.has(pluginName);
+  }
+  isBuiltin(pluginName) {
+    return this.plugins.get(pluginName)?.builtin ?? false;
+  }
+  createInstance(pluginName) {
+    const registered = this.plugins.get(pluginName);
+    if (!registered) return void 0;
+    return registered.factory();
+  }
+  async getInstance(config) {
+    const cacheKey = config.name;
+    const cached = this.loadedInstances.get(cacheKey);
+    if (cached) return cached;
+    const instance = this.createInstance(config.plugin);
+    if (!instance) {
+      throw new Error(`Unknown agent plugin: ${config.plugin}`);
+    }
+    const initConfig = {
+      ...config.options,
+      command: config.command,
+      defaultFlags: config.defaultFlags,
+      timeout: config.timeout,
+      envExclude: config.envExclude,
+      envPassthrough: config.envPassthrough
+    };
+    await instance.initialize(initConfig);
+    this.loadedInstances.set(cacheKey, instance);
+    return instance;
+  }
+  async disposeInstance(configName) {
+    const instance = this.loadedInstances.get(configName);
+    if (instance) {
+      await instance.dispose();
+      this.loadedInstances.delete(configName);
+    }
+  }
+  async disposeAll() {
+    const disposals = Array.from(this.loadedInstances.values()).map(
+      (instance) => instance.dispose()
+    );
+    await Promise.all(disposals);
+    this.loadedInstances.clear();
+  }
+  async initialize() {
+    if (this.initialized) return;
+    this.initialized = true;
+    const builtins = [
+      claude_default,
+      gemini_default,
+      opencode_default,
+      codex_default,
+      kiro_default,
+      factory_droid_default
+    ];
+    for (const factory of builtins) {
+      this.registerBuiltin(factory);
+    }
+  }
+};
+function getAgentRegistry() {
+  return AgentRegistry.getInstance();
+}
+function translateToHookInput(event, defaults) {
+  return {
+    session_id: event.sessionId ?? defaults.sessionId,
+    transcript_path: defaults.transcriptPath ?? "",
+    cwd: event.cwd ?? defaults.cwd,
+    permission_mode: defaults.permissionMode ?? "default",
+    hook_event_name: event.eventName,
+    tool_name: event.toolName,
+    tool_input: event.toolInput,
+    tool_response: event.toolResponse
+  };
+}
+function evaluateHookEvent(event, rules, state, projectDir, defaults) {
+  const input = translateToHookInput(event, defaults);
+  return evaluateRules(input, rules, state, projectDir);
+}
+function fromClaudeHookEvent(input) {
+  return {
+    eventName: input.hook_event_name,
+    toolName: input.tool_name,
+    toolInput: input.tool_input,
+    toolResponse: input.tool_response,
+    sessionId: input.session_id,
+    cwd: input.cwd
+  };
+}
+function toClaudeHookInput(event, defaults) {
+  return {
+    session_id: event.sessionId ?? "",
+    transcript_path: defaults?.transcriptPath ?? "",
+    cwd: event.cwd ?? "",
+    permission_mode: defaults?.permissionMode ?? "default",
+    hook_event_name: event.eventName,
+    tool_name: event.toolName,
+    tool_input: event.toolInput,
+    tool_response: event.toolResponse
+  };
+}
+var EVENT_MAP = {
+  "tool.execute.before": "PreToolUse",
+  "tool.execute.after": "PostToolUse",
+  "permission.request": "PermissionRequest",
+  "session.start": "SessionStart",
+  "session.end": "SessionEnd"
+};
+function fromOpenCodeEvent(event) {
+  const hookEvent = EVENT_MAP[event.type];
+  return {
+    eventName: hookEvent ?? event.type,
+    toolName: event.tool?.name,
+    toolInput: event.tool?.input,
+    toolResponse: event.tool?.output ? { output: event.tool.output } : void 0,
+    sessionId: event.session?.id,
+    cwd: event.session?.cwd
+  };
+}
+function toOpenCodeResponse(decision, reason) {
+  return {
+    action: decision === "allow" ? "proceed" : decision === "deny" ? "block" : "ask",
+    message: reason
+  };
+}
+var EVENT_MAP2 = {
+  BeforeTool: "PreToolUse",
+  AfterTool: "PostToolUse",
+  BeforePermission: "PermissionRequest",
+  SessionStart: "SessionStart",
+  SessionEnd: "SessionEnd"
+};
+function fromGeminiEvent(event) {
+  const hookEvent = EVENT_MAP2[event.type];
+  return {
+    eventName: hookEvent ?? event.type,
+    toolName: event.toolName,
+    toolInput: event.toolInput,
+    toolResponse: event.toolOutput ? { output: event.toolOutput } : void 0,
+    sessionId: event.sessionId,
+    cwd: event.workingDir
+  };
+}
+function toGeminiResponse(decision, reason) {
+  return {
+    allowed: decision === "allow",
+    reason
+  };
+}
+var EVENT_MAP3 = {
+  preToolUse: "PreToolUse",
+  postToolUse: "PostToolUse",
+  permissionRequest: "PermissionRequest",
+  agentSpawn: "SessionStart",
+  sessionStart: "SessionStart",
+  sessionEnd: "SessionEnd",
+  userPromptSubmit: "UserPromptSubmit",
+  stop: "Stop"
+};
+var TOOL_MAP = {
+  fs_read: "Read",
+  read: "Read",
+  fs_write: "Write",
+  write: "Write",
+  fs_edit: "Edit",
+  edit: "Edit",
+  execute_bash: "Bash",
+  shell: "Bash",
+  fs_glob: "Glob",
+  glob: "Glob",
+  fs_grep: "Grep",
+  grep: "Grep",
+  web_fetch: "WebFetch",
+  web_search: "WebSearch"
+};
+function fromKiroEvent(event) {
+  const hookEvent = EVENT_MAP3[event.hook_event_name];
+  const toolName = event.tool_name ? TOOL_MAP[event.tool_name.toLowerCase()] ?? event.tool_name : void 0;
+  return {
+    eventName: hookEvent ?? event.hook_event_name,
+    toolName,
+    toolInput: event.tool_input,
+    toolResponse: event.tool_response,
+    sessionId: event.session_id,
+    cwd: event.cwd
+  };
+}
+function toKiroResponse(decision, reason) {
+  return {
+    exitCode: decision === "allow" ? 0 : 2,
+    message: reason
+  };
+}
+function mapCodexEvent(eventType, itemType) {
+  if (eventType === "thread.started") return "SessionStart";
+  if (eventType === "turn.failed") return "Stop";
+  if (eventType === "item.started") {
+    if (itemType === "command_execution") return "PreToolUse";
+    if (itemType === "file_change") return "PreToolUse";
+    if (itemType === "mcp_tool_call") return "PreToolUse";
+    if (itemType === "web_search") return "PreToolUse";
+  }
+  if (eventType === "item.completed") {
+    if (itemType === "command_execution") return "PostToolUse";
+    if (itemType === "file_change") return "PostToolUse";
+    if (itemType === "mcp_tool_call") return "PostToolUse";
+    if (itemType === "web_search") return "PostToolUse";
+  }
+  return null;
+}
+function mapToolName(item) {
+  if (!item) return void 0;
+  switch (item.type) {
+    case "command_execution":
+      return "Bash";
+    case "file_change":
+      return item.status === "in_progress" ? "Write" : "Write";
+    case "mcp_tool_call":
+      return item.tool_name ?? "McpTool";
+    case "web_search":
+      return "WebSearch";
+    case "agent_message":
+      return "AgentMessage";
+    case "reasoning":
+      return "Reasoning";
+    case "plan_update":
+      return "PlanUpdate";
+    default:
+      return item.type;
+  }
+}
+function buildToolInput(item) {
+  if (!item) return void 0;
+  switch (item.type) {
+    case "command_execution":
+      return { command: item.command };
+    case "file_change":
+      return {
+        file_path: item.file_path,
+        content: item.content
+      };
+    case "mcp_tool_call":
+      return {
+        tool_name: item.tool_name,
+        arguments: item.arguments
+      };
+    case "agent_message":
+      return { text: item.text };
+    case "reasoning":
+      return { text: item.text };
+    default:
+      return void 0;
+  }
+}
+function buildToolResponse(item) {
+  if (!item) return void 0;
+  const response = {};
+  if (item.aggregated_output !== void 0) {
+    response.output = item.aggregated_output;
+  }
+  if (item.exit_code !== void 0 && item.exit_code !== null) {
+    response.exit_code = item.exit_code;
+  }
+  if (item.text !== void 0) {
+    response.output = item.text;
+  }
+  return Object.keys(response).length > 0 ? response : void 0;
+}
+function fromCodexEvent(event, sessionId, cwd) {
+  const hookEvent = mapCodexEvent(event.type, event.item?.type);
+  if (!hookEvent) return null;
+  return {
+    eventName: hookEvent,
+    toolName: mapToolName(event.item),
+    toolInput: buildToolInput(event.item),
+    toolResponse: buildToolResponse(event.item),
+    sessionId: sessionId ?? event.thread_id,
+    cwd
+  };
+}
+function parseCodexLine(line) {
+  const trimmed = line.trim();
+  if (!trimmed) return null;
+  try {
+    return JSON.parse(trimmed);
+  } catch {
+    return null;
+  }
+}
+function isToolEvent(event) {
+  if (event.type !== "item.started" && event.type !== "item.completed") {
+    return false;
+  }
+  const itemType = event.item?.type;
+  return itemType === "command_execution" || itemType === "file_change" || itemType === "mcp_tool_call" || itemType === "web_search";
+}
+function rulesToPromptInstructions(rules) {
+  const sections = [];
+  sections.push("## ULPI Governance Rules\n");
+  sections.push(
+    "You MUST follow these rules during this session. Violations will be caught and rolled back.\n"
+  );
+  sections.push("### Forbidden Actions");
+  sections.push("- NEVER run `rm -rf /` or any recursive force-delete on root");
+  sections.push("- NEVER run `git push --force` to main or master");
+  sections.push("- NEVER run `git reset --hard` without explicit user approval");
+  sections.push("- NEVER modify `.env` files containing secrets\n");
+  const permissions = Object.entries(rules.permissions ?? {});
+  if (permissions.length > 0) {
+    sections.push("### Permission Rules");
+    for (const [name, rule] of permissions) {
+      if (!rule.enabled) continue;
+      const r = rule;
+      const action = r.decision === "allow" ? "Auto-approved" : r.decision === "deny" ? "BLOCKED" : "Requires approval";
+      const scope = r.command_pattern ? ` (command: ${r.command_pattern})` : r.file_pattern ? ` (files: ${r.file_pattern})` : "";
+      sections.push(`- **${name}**: ${action} for ${r.matcher}${scope}`);
+      if (r.message) {
+        sections.push(`  Reason: ${r.message}`);
+      }
+    }
+    sections.push("");
+  }
+  const preconditions = Object.entries(rules.preconditions ?? {});
+  if (preconditions.length > 0) {
+    sections.push("### Precondition Rules");
+    for (const [name, rule] of preconditions) {
+      if (!rule.enabled) continue;
+      const r = rule;
+      const conditions = [];
+      if (r.requires_read) {
+        conditions.push("read the file first");
+      }
+      if (r.requires?.length) {
+        conditions.push(`require flags: ${r.requires.join(", ")}`);
+      }
+      sections.push(
+        `- **${name}**: Before using ${r.matcher}, you must ${conditions.join(" and ")}`
+      );
+      if (r.message) {
+        sections.push(`  ${r.message}`);
+      }
+    }
+    sections.push("");
+  }
+  return sections.join("\n");
+}
+function injectGovernance(prompt, rules) {
+  const instructions = rulesToPromptInstructions(rules);
+  return `${instructions}
+---
+
+${prompt}`;
+}
+function createOutputMonitor(config) {
+  const violations = [];
+  let buffer = "";
+  function processLine(line) {
+    const trimmed = line.trim();
+    if (!trimmed) return;
+    const commandMatch = trimmed.match(
+      /(?:^\$\s+|Running:\s+|Executing:\s+|Command:\s+)(.+)/
+    );
+    if (commandMatch) {
+      const cmd = commandMatch[1];
+      const result = isDangerousCommand(cmd);
+      if (result.dangerous) {
+        const violation = {
+          type: "dangerous_command",
+          message: result.reason ?? "Dangerous command detected",
+          line: trimmed,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        violations.push(violation);
+        config.onViolation(violation);
+      }
+    }
+    if (config.blockedFilePatterns) {
+      for (const pattern of config.blockedFilePatterns) {
+        const pathMatch = trimmed.match(
+          /(?:Writing|Creating|Modifying|Editing|Deleting)\s+(.+)/i
+        );
+        if (pathMatch) {
+          const filePath = pathMatch[1].trim();
+          if (matchesFilePattern(pattern, filePath, config.projectDir)) {
+            const violation = {
+              type: "file_access",
+              message: `File access blocked by pattern: ${pattern}`,
+              line: trimmed,
+              timestamp: (/* @__PURE__ */ new Date()).toISOString()
+            };
+            violations.push(violation);
+            config.onViolation(violation);
+          }
+        }
+      }
+    }
+  }
+  function processData(data) {
+    buffer += data;
+    const lines = buffer.split("\n");
+    buffer = lines.pop() ?? "";
+    for (const line of lines) {
+      processLine(line);
+    }
+  }
+  return {
+    pushStdout: processData,
+    pushStderr: processData,
+    getViolations: () => [...violations]
+  };
+}
+function getChangedFiles(projectDir) {
+  try {
+    const output = execFileSync("git", ["diff", "--name-only"], {
+      cwd: projectDir,
+      encoding: "utf-8",
+      timeout: 1e4
+    });
+    return output.split("\n").map((f) => f.trim()).filter(Boolean);
+  } catch {
+    return [];
+  }
+}
+function getUntrackedFiles(projectDir) {
+  try {
+    const output = execFileSync(
+      "git",
+      ["ls-files", "--others", "--exclude-standard"],
+      {
+        cwd: projectDir,
+        encoding: "utf-8",
+        timeout: 1e4
+      }
+    );
+    return output.split("\n").map((f) => f.trim()).filter(Boolean);
+  } catch {
+    return [];
+  }
+}
+function validatePostExecution(rules, projectDir) {
+  const violations = [];
+  const changedFiles = [...getChangedFiles(projectDir), ...getUntrackedFiles(projectDir)];
+  const denyRules = [];
+  for (const [name, rule] of Object.entries(rules.permissions ?? {})) {
+    if (!rule.enabled) continue;
+    const r = rule;
+    if (r.decision === "deny" && r.file_pattern) {
+      denyRules.push({ name, rule: r });
+    }
+  }
+  for (const filePath of changedFiles) {
+    for (const { name, rule } of denyRules) {
+      if (rule.file_pattern && matchesFilePattern(rule.file_pattern, filePath, projectDir)) {
+        violations.push({
+          type: "unauthorized_file_change",
+          filePath,
+          ruleName: name,
+          message: rule.message ?? `File change denied by rule: ${name}`
+        });
+      }
+    }
+  }
+  return {
+    valid: violations.length === 0,
+    violations
+  };
+}
+function rollbackFiles(projectDir, filePaths) {
+  const rolledBack = [];
+  const errors = [];
+  for (const filePath of filePaths) {
+    try {
+      execFileSync2("git", ["checkout", "--", filePath], {
+        cwd: projectDir,
+        encoding: "utf-8",
+        timeout: 1e4
+      });
+      rolledBack.push(filePath);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      errors.push(`Failed to rollback ${filePath}: ${message}`);
+    }
+  }
+  return {
+    success: errors.length === 0,
+    filesRolledBack: rolledBack,
+    error: errors.length > 0 ? errors.join("; ") : void 0
+  };
+}
+function removeUntrackedFiles(projectDir, filePaths) {
+  const rolledBack = [];
+  const errors = [];
+  for (const filePath of filePaths) {
+    try {
+      execFileSync2("git", ["clean", "-f", "--", filePath], {
+        cwd: projectDir,
+        encoding: "utf-8",
+        timeout: 1e4
+      });
+      rolledBack.push(filePath);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      errors.push(`Failed to clean ${filePath}: ${message}`);
+    }
+  }
+  return {
+    success: errors.length === 0,
+    filesRolledBack: rolledBack,
+    error: errors.length > 0 ? errors.join("; ") : void 0
+  };
+}
+function fullRollback(projectDir, reason) {
+  try {
+    const stashMessage = `ulpi-rollback: ${reason} (${(/* @__PURE__ */ new Date()).toISOString()})`;
+    execFileSync2("git", ["stash", "push", "-u", "-m", stashMessage], {
+      cwd: projectDir,
+      encoding: "utf-8",
+      timeout: 3e4
+    });
+    let filesStashed = [];
+    try {
+      const diffOutput = execFileSync2(
+        "git",
+        ["stash", "show", "--name-only", "stash@{0}"],
+        {
+          cwd: projectDir,
+          encoding: "utf-8",
+          timeout: 1e4
+        }
+      );
+      filesStashed = diffOutput.split("\n").map((f) => f.trim()).filter(Boolean);
+    } catch {
+    }
+    return {
+      success: true,
+      filesRolledBack: filesStashed
+    };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return {
+      success: false,
+      filesRolledBack: [],
+      error: `Full rollback failed: ${message}`
+    };
+  }
+}
+function renderSkillForClaude(skill) {
+  const sections = [];
+  sections.push(`# ${skill.name}
+`);
+  if (skill.description) {
+    sections.push(`${skill.description}
+`);
+  }
+  sections.push("## Instructions\n");
+  sections.push("Follow the instructions in this skill when triggered.\n");
+  return sections.join("\n");
+}
+function getClaudeSkillPath(skillName, scope) {
+  if (scope === "personal") {
+    return `~/.claude/skills/${skillName}.md`;
+  }
+  return `.claude/skills/${skillName}.md`;
+}
+function renderSkillForOpenCode(skill) {
+  const sections = [];
+  sections.push(`# ${skill.name}
+`);
+  if (skill.description) {
+    sections.push(`> ${skill.description}
+`);
+  }
+  sections.push("## Instructions\n");
+  sections.push("Follow the instructions in this skill when triggered.\n");
+  return sections.join("\n");
+}
+function getOpenCodeSkillPath(skillName, scope) {
+  if (scope === "personal") {
+    return `~/.config/opencode/skills/${skillName}.md`;
+  }
+  return `.opencode/skills/${skillName}.md`;
+}
+function renderSkillForKiro(skill) {
+  const safeName = `ulpi-${skill.name}`;
+  const description = skill.description ?? `ULPI ${skill.name} skill`;
+  const sections = [];
+  sections.push("---");
+  sections.push(`name: ${safeName}`);
+  sections.push(`description: ${description}`);
+  sections.push("---");
+  sections.push("");
+  sections.push(`# ${skill.name}`);
+  sections.push("");
+  if (skill.description) {
+    sections.push(skill.description);
+    sections.push("");
+  }
+  sections.push("## Instructions");
+  sections.push("");
+  sections.push("Follow the instructions in this skill when triggered.");
+  sections.push("");
+  return sections.join("\n");
+}
+function getKiroSkillPath(skillName, scope) {
+  const dirName = skillName.startsWith("ulpi-") ? skillName : `ulpi-${skillName}`;
+  if (scope === "personal") {
+    return path.join("~", ".kiro", "skills", dirName, "SKILL.md");
+  }
+  return path.join(".kiro", "skills", dirName, "SKILL.md");
+}
+function installKiroSkill(skill, projectDir, scope) {
+  const content = renderSkillForKiro(skill);
+  const dirName = `ulpi-${skill.name}`;
+  const dir = scope === "personal" ? path.join(os.homedir(), ".kiro", "skills", dirName) : path.join(projectDir, ".kiro", "skills", dirName);
+  fs.mkdirSync(dir, { recursive: true });
+  const skillPath = path.join(dir, "SKILL.md");
+  fs.writeFileSync(skillPath, content, "utf-8");
+  return skillPath;
+}
+function renderSkillAsPrompt(skill) {
+  const sections = [];
+  sections.push(`[Skill: ${skill.name}]`);
+  if (skill.description) {
+    sections.push(skill.description);
+  }
+  sections.push("");
+  sections.push("You must follow the instructions in this skill.");
+  sections.push(`[End Skill: ${skill.name}]`);
+  return sections.join("\n");
+}
+function renderSkillsAsPrompt(skills) {
+  if (skills.length === 0) return "";
+  const sections = [];
+  sections.push("## Active Skills\n");
+  for (const skill of skills) {
+    sections.push(renderSkillAsPrompt(skill));
+    sections.push("");
+  }
+  return sections.join("\n");
+}
+
+export {
+  DEFAULT_ENV_EXCLUDE_PATTERNS,
+  filterEnv,
+  getEnvExclusionReport,
+  findCommandPath,
+  BaseAgentPlugin,
+  ClaudeAgentPlugin,
+  claude_default,
+  GeminiAgentPlugin,
+  gemini_default,
+  OpenCodeAgentPlugin,
+  opencode_default,
+  CodexAgentPlugin,
+  codex_default,
+  KiroAgentPlugin,
+  kiro_default,
+  FactoryDroidAgentPlugin,
+  factory_droid_default,
+  AgentRegistry,
+  getAgentRegistry,
+  translateToHookInput,
+  evaluateHookEvent,
+  fromClaudeHookEvent,
+  toClaudeHookInput,
+  fromOpenCodeEvent,
+  toOpenCodeResponse,
+  fromGeminiEvent,
+  toGeminiResponse,
+  fromKiroEvent,
+  toKiroResponse,
+  fromCodexEvent,
+  parseCodexLine,
+  isToolEvent,
+  rulesToPromptInstructions,
+  injectGovernance,
+  createOutputMonitor,
+  validatePostExecution,
+  rollbackFiles,
+  removeUntrackedFiles,
+  fullRollback,
+  renderSkillForClaude,
+  getClaudeSkillPath,
+  renderSkillForOpenCode,
+  getOpenCodeSkillPath,
+  renderSkillForKiro,
+  getKiroSkillPath,
+  installKiroSkill,
+  renderSkillAsPrompt,
+  renderSkillsAsPrompt
+};