@wrongstack/core 0.1.7 → 0.1.9

package/dist/{session-reader-7AutWHut.d.ts → session-reader-9sOTgmeC.d.ts}

@@ -682,6 +682,37 @@ interface SubagentConfig {
     tools?: string[];
     model?: string;
     priority?: number;
+    /**
+     * Provider registry id (e.g. `'anthropic'`, `'openai'`, `'google'`).
+     * Allows a director to mix providers across siblings — one subagent on
+     * Sonnet, another on GPT-5, another on Haiku. Falls back to the
+     * factory's default provider when omitted, which is the legacy
+     * single-provider behavior.
+     */
+    provider?: string;
+    /**
+     * Per-subagent session JSONL path. When omitted the orchestrator-
+     * supplied factory derives a path under `<sessionRoot>/<runId>/`.
+     * Override to redirect the transcript elsewhere (long-term storage,
+     * a different filesystem, etc.).
+     */
+    sessionPath?: string;
+    /**
+     * Additional text appended to the role's base system prompt. Does not
+     * replace it. Useful for last-mile guidance like "you may only call
+     * read tools, never write" or "respond in JSON only".
+     */
+    systemPromptOverride?: string;
+    /**
+     * Routing for streaming output. `'director'` (default) forwards
+     * text/tool events to the parent's FleetBus so the director can read
+     * the subagent's stream. `'silent'` keeps everything subagent-local;
+     * the director only sees the final task result. `'user'` forwards
+     * direct to the user-facing renderer (gate this behind an explicit
+     * config flag — it can confuse the chat surface).
+     */
+    textStream?: 'director' | 'silent' | 'user';
+    toolStream?: 'director' | 'silent' | 'user';
 }
 interface TaskResult<T = unknown> {
     subagentId: string;

package/dist/types/index.d.ts

@@ -1,4 +1,4 @@
 export { A as AgentError, C as CacheStats, a as Capabilities, b as ConfigError, c as ContentBlock, E as ErrorCode, d as ErrorSeverity, e as ErrorSubsystem, I as ImageBlock, J as JSONSchema, M as Message, f as MessageRole, P as Permission, g as PluginError, h as Provider, i as ProviderError, j as ProviderErrorBody, R as Request, k as Response, l as ResumedSession, S as SessionData, m as SessionError, n as SessionEvent, o as SessionMetadata, p as SessionStore, q as SessionSummary, r as SessionWriter, s as StopReason, t as StreamEvent, T as TextBlock, u as TokenCounter, v as Tool, w as ToolCallContext, x as ToolError, y as ToolFinalEvent, z as ToolProgressEvent, B as ToolResultBlock, D as ToolStreamEvent, F as ToolUseBlock, U as Usage, W as WrongStackError, G as asBlocks, H as asText, K as isAgentError, L as isConfigError, N as isImageBlock, O as isPluginError, Q as isSessionError, V as isTextBlock, X as isToolError, Y as isToolResultBlock, Z as isToolUseBlock, _ as isWrongStackError, $ as toWrongStackError } from '../provider-txgB0Oq9.js';
 export { C as CompactReport, a as Compactor, b as Config, c as ConfigLoader, d as ConfigStore, e as ContextConfig, D as DEFAULT_MODES, E as ErrorHandler, F as FeaturesConfig, I as InputReader, L as LogConfig, f as LogLevel, g as Logger, M as MCPServerConfig, h as MemoryEntry, i as MemoryScope, j as MemoryStore, k as Mode, l as ModeConfig, m as ModeManifest, n as ModeStore, o as ModelsDevModel, p as ModelsDevPayload, q as ModelsDevProvider, r as ModelsRegistry, P as PathResolver, s as PermissionDecision, t as PermissionPolicy, u as PluginConfig, v as PromptOption, w as ProviderApiKey, x as ProviderConfig, R as RecoveryDecision, y as Renderer, z as ResolvedModel, A as ResolvedProvider, B as RetryPolicy, S as SecretScrubber, G as SkillEntry, H as SkillLoader, J as SkillManifest, T as ToolsConfig, K as TrustPolicy, W as WireFamily } from '../mode-Pjt5vMS6.js';
-export { A as AddAttachmentInput, a as AgentBridge, b as AgentBridgeConfig, c as AggregateHealth, d as Attachment, e as AttachmentKind, f as AttachmentMeta, g as AttachmentRef, h as AttachmentStore, B as BridgeMessage, i as BridgeMessageType, j as BridgeTransport, C as ConfirmAwaiter, k as CoordinatorEvents, l as CoordinatorStatus, m as CriticalPathResult, D as DEFAULT_SPEC_TEMPLATE, n as DefaultSessionReaderOptions, o as DoneCondition, E as ENCRYPTED_PREFIX, H as HealthCheck, p as HealthCheckResult, q as HealthRegistry, r as HealthStatus, M as MCPRegistryView, s as MetricLabels, t as MetricSeries, u as MetricsSink, v as MetricsSnapshot, w as MultiAgentConfig, x as MultiAgentCoordinator, P as Plugin, y as PluginAPI, z as PluginCapabilities, F as PluginDependency, G as PluginPipelines, I as ProviderFactory, J as ProviderRegistryView, S as SecretVault, K as SessionEventType, L as SessionExportOptions, N as SessionQuery, O as SessionReader, Q as SessionSearchHit, R as SessionSearchQuery, T as SessionSummaryLite, U as SlashCommand, V as SlashCommandRegistryView, W as Span, X as SpawnResult, Y as SpecAnalysis, Z as SpecApiEndpoint, _ as SpecRequirement, $ as SpecSection, a0 as SpecSectionType, a1 as SpecStatus, a2 as SpecTemplate, a3 as SpecValidationResult, a4 as Specification, a5 as SubagentConfig, a6 as SubagentContext, a7 as SubagentRunContext, a8 as SubagentRunOutcome, a9 as SubagentRunner, aa as TaskAssignment, ab as TaskDelegation, ac as TaskDependency, ad as TaskEdge, ae as TaskFilter, af as TaskGraph, ag as TaskNode, ah as TaskPriority, ai as TaskProgress, aj as TaskResult, ak as TaskSort, al as TaskSpec, am as TaskStatus, an as TaskType, ao as ToolBatchResult, ap as ToolConfirmPendingResult, aq as ToolExecution, ar as ToolExecutionOutput, as as ToolExecutorInit, at as ToolExecutorOptions, au as ToolExecutorStrategy, av as ToolRegistryView, aw as Tracer, ax as computeTaskProgress, ay as findCriticalPath, az as topologicalSort } from '../session-reader-7AutWHut.js';
+export { A as AddAttachmentInput, a as AgentBridge, b as AgentBridgeConfig, c as AggregateHealth, d as Attachment, e as AttachmentKind, f as AttachmentMeta, g as AttachmentRef, h as AttachmentStore, B as BridgeMessage, i as BridgeMessageType, j as BridgeTransport, C as ConfirmAwaiter, k as CoordinatorEvents, l as CoordinatorStatus, m as CriticalPathResult, D as DEFAULT_SPEC_TEMPLATE, n as DefaultSessionReaderOptions, o as DoneCondition, E as ENCRYPTED_PREFIX, H as HealthCheck, p as HealthCheckResult, q as HealthRegistry, r as HealthStatus, M as MCPRegistryView, s as MetricLabels, t as MetricSeries, u as MetricsSink, v as MetricsSnapshot, w as MultiAgentConfig, x as MultiAgentCoordinator, P as Plugin, y as PluginAPI, z as PluginCapabilities, F as PluginDependency, G as PluginPipelines, I as ProviderFactory, J as ProviderRegistryView, S as SecretVault, K as SessionEventType, L as SessionExportOptions, N as SessionQuery, O as SessionReader, Q as SessionSearchHit, R as SessionSearchQuery, T as SessionSummaryLite, U as SlashCommand, V as SlashCommandRegistryView, W as Span, X as SpawnResult, Y as SpecAnalysis, Z as SpecApiEndpoint, _ as SpecRequirement, $ as SpecSection, a0 as SpecSectionType, a1 as SpecStatus, a2 as SpecTemplate, a3 as SpecValidationResult, a4 as Specification, a5 as SubagentConfig, a6 as SubagentContext, a7 as SubagentRunContext, a8 as SubagentRunOutcome, a9 as SubagentRunner, aa as TaskAssignment, ab as TaskDelegation, ac as TaskDependency, ad as TaskEdge, ae as TaskFilter, af as TaskGraph, ag as TaskNode, ah as TaskPriority, ai as TaskProgress, aj as TaskResult, ak as TaskSort, al as TaskSpec, am as TaskStatus, an as TaskType, ao as ToolBatchResult, ap as ToolConfirmPendingResult, aq as ToolExecution, ar as ToolExecutionOutput, as as ToolExecutorInit, at as ToolExecutorOptions, au as ToolExecutorStrategy, av as ToolRegistryView, aw as Tracer, ax as computeTaskProgress, ay as findCriticalPath, az as topologicalSort } from '../session-reader-9sOTgmeC.js';
 export { B as BuildContext, M as ModelCapabilities, S as SystemPromptBuilder } from '../system-prompt-vAB0F54-.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wrongstack/core",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "license": "MIT",
   "description": "WrongStack core: kernel, types, defaults, and shared utilities for the WrongStack CLI agent.",
   "repository": {
@@ -43,7 +43,7 @@
     "dist",
     "skills"
   ],
-  "wrongstackApiVersion": "0.1.6",
+  "wrongstackApiVersion": "0.1.9",
   "devDependencies": {
     "@types/node": "^22.19.19",
     "tsup": "^8.5.1",

package/skills/audit-log/SKILL.md

@@ -0,0 +1,67 @@
+---
+name: audit-log
+description: |
+  System-wide audit log analysis. Covers log parsing, anomaly detection,
+  pattern recognition across sessions, and structured reporting.
+  Use for post-mortems, trend analysis, and operational insights.
+version: 1.0.0
+---
+
+# Audit Log Agent
+
+Analyzes session logs, event streams, and system traces to surface patterns,
+anomalies, and actionable insights.
+
+## Capabilities
+
+- Parse structured JSONL session logs
+- Detect repeated failure patterns across runs
+- Identify tool usage anomalies (over-use, misuse, failures)
+- Track token consumption trends per agent/session
+- Generate markdown audit reports
+
+## Workflow
+
+1. **Collect** — Read session logs from `sessionRoot` or provided path
+2. **Parse** — Extract events: tool calls, iterations, errors, usage
+3. **Analyze** — Group by category, detect anomalies
+4. **Report** — Output structured markdown summary
+
+## Input
+
+```json
+{
+  "task": "analyze | report | trends",
+  "sessionPath": "<path to session JSONL>",
+  "focus": "errors | tools | usage | all"
+}
+```
+
+## Output Format
+
+```
+## Audit Report — <date>
+
+### Summary
+- Total sessions: N
+- Total tool calls: N
+- Error rate: X%
+
+### Top Errors
+1. <error-type>: <count>x — <context>
+2. ...
+
+### Tool Usage
+| Tool | Calls | Failures | Avg Duration |
+|------|-------|----------|--------------|
+| read | 142   | 3        | 45ms         |
+
+### Anomalies
+- `<pattern-detected>` — <severity: low/medium/high>
+```
+
+## Anti-patterns
+
+- Don't summarize what you didn't parse — be precise
+- Don't mix session paths — analyze one at a time or aggregate clearly
+- Don't skip error context — the user's log is the source of truth

package/skills/bug-hunter/SKILL.md

@@ -0,0 +1,87 @@
+---
+name: bug-hunter
+description: |
+  Systematic bug and code smell detection. Covers static analysis patterns,
+  anti-pattern recognition, error-prone construct detection, and severity ranking.
+  Use before refactoring or as a standalone health check.
+version: 1.0.0
+---
+
+# Bug Hunter Agent
+
+Scans source code for bugs, anti-patterns, and code smells using pattern matching
+and heuristics. Outputs a prioritized hit list with file:line references.
+
+## Capabilities
+
+- Detect common bug patterns (uncaught errors, resource leaks, race conditions)
+- Identify anti-patterns (callback hell, God objects, circular deps)
+- Find TypeScript-specific issues (unsafe any, missing null checks)
+- Flag security-sensitive constructs (eval, innerHTML, hardcoded secrets)
+- Rank findings by severity: critical > high > medium > low
+
+## Workflow
+
+1. **Scope** — Accept file/dir globs or explicit paths
+2. **Scan** — Run grep/read across target files
+3. **Classify** — Categorize findings by type and severity
+4. **Rank** — Sort by severity, then frequency
+5. **Report** — Markdown output with fix suggestions
+
+## Input
+
+```json
+{
+  "task": "scan | hunt | check",
+  "paths": ["src/**/*.ts", "lib/*.js"],
+  "focus": "bugs | patterns | security | all",
+  "severityThreshold": "medium"
+}
+```
+
+## Output Format
+
+```
+## Bug Hunt Report — <scope>
+
+### Critical (must fix)
+1. **[RACE]** `src/auth.ts:47` — setTimeout without clearTimeout in loop
+2. **[SECRET]** `lib/config.ts:12` — hardcoded API key detected
+
+### High (should fix)
+3. **[MEMORY]** `tools/pool.ts:89` — event listener never removed
+4. **[TYPE]** `core/agent.ts:103` — unsafe `any` cast loses type safety
+
+### Medium
+...
+
+### Low (consider)
+...
+
+## Summary
+| Severity | Count |
+|----------|-------|
+| Critical | 2     |
+| High     | 4     |
+| Medium   | 7     |
+| Low      | 3     |
+
+Total: 16 findings in 12 files
+```
+
+## Bug Pattern Reference
+
+| Pattern | Regex Hint | Severity |
+|---------|------------|----------|
+| Uncaught promise | `\.then\(` without `catch` | high |
+| Event leak | `on\(` without `off`/`removeListener` | high |
+| Hardcoded secret | `[a-zA-Z0-9/_-]{20,}` in config | critical |
+| unsafe any | `: any\b` or `<any>` | medium |
+| innerHTML | `innerHTML\s*=` | high |
+| TODO without FIXME | `TODO(?!.*FIXME)` | low |
+
+## Anti-patterns
+
+- Don't scan node_modules — waste of time and false positives
+- Don't report without file:line — useless for fixing
+- Don't ignore false positive rates — if >30% of findings are noise, lower confidence

package/skills/refactor-planner/SKILL.md

@@ -0,0 +1,94 @@
+---
+name: refactor-planner
+description: |
+  Structured refactoring planning from code analysis. Covers dependency mapping,
+  risk assessment, phased planning, and migration strategy.
+  Use before large rewrites or when technical debt is blocking progress.
+version: 1.0.0
+---
+
+# Refactor Planner Agent
+
+Analyzes code structure and produces a concrete, phased refactoring plan with
+risk assessment, dependency ordering, and rollback considerations.
+
+## Capabilities
+
+- Map module-level dependencies (import graph)
+- Identify coupling hotspots (high fan-in/out modules)
+- Assess refactoring risk by cyclomatic complexity and test coverage
+- Generate phased plans with checkpoint milestones
+- Produce diff-friendly task lists (one task = one concern)
+
+## Workflow
+
+1. **Analyze** — Build dependency graph, count coupling
+2. **Score** — Rate each module by: size, complexity, test coverage, change frequency
+3. **Plan** — Order tasks by risk, dependency, and payoff
+4. **Document** — Output phased markdown plan
+
+## Input
+
+```json
+{
+  "task": "plan | assess | roadmap",
+  "target": "src/core | packages/tools | .",
+  "constraint": "no-breaking-changes | minimal-downtime | full-rewrite",
+  "focus": "architecture | performance | maintainability"
+}
+```
+
+## Output Format
+
+```
+## Refactor Plan — <target>
+
+### Phase 1: Low Risk / High Payoff (do first)
+| # | Task | Module | Risk | Est. Time |
+|---|------|--------|------|-----------|
+| 1 | Extract `ToolExecutor` interface | core/tool-executor.ts | low | 2h |
+| 2 | Decouple `SessionStore` from Agent | core/session-store.ts | low | 4h |
+
+### Phase 2: Medium Risk (test heavily)
+| # | Task | Module | Risk | Est. Time |
+|---|------|--------|------|-----------|
+| 3 | Break circular dep: Config ↔ Logger | core/config.ts | medium | 6h |
+| 4 | Split `Context` into read/write slices | core/context.ts | medium | 8h |
+
+### Phase 3: High Risk (requires full regression)
+...
+
+### Dependency Graph (abbreviated)
+```
+config.ts → logger.ts → path-resolver.ts
+     ↓           ↓
+  secret-vault.ts    session-store.ts
+     ↓                    ↓
+     └────────→  agent.ts  ←←←
+```
+
+### Rollback Strategy
+Each phase commits independently. On failure: `git checkout phase<N>`.
+Run `pnpm test` before advancing.
+
+### Exit Criteria
+- [ ] All Phase 1 tasks pass `pnpm test`
+- [ ] No circular deps in `src/core`
+- [ ] `Context` interface < 20 methods
+```
+
+## Risk Criteria
+
+| Factor | Low Risk | Medium Risk | High Risk |
+|--------|----------|-------------|-----------|
+| Cyclomatic complexity | <10 | 10-20 | >20 |
+| Test coverage | >80% | 50-80% | <50% |
+| Fan-out (imports) | <5 | 5-15 | >15 |
+| Change frequency | low | medium | high |
+
+## Anti-patterns
+
+- Don't plan without analyzing — assumptions cause wasted work
+- Don't skip rollback strategy — every refactor can fail
+- Don't over-phase — if a task takes <1h, merge it
+- Don't ignore team constraints — parallelization only works if reviewers exist

package/skills/security-scanner/SKILL.md

@@ -0,0 +1,117 @@
+---
+name: security-scanner
+description: |
+  Security vulnerability scanning for code and configuration. Covers secret detection,
+  injection vectors, dependency vulnerabilities, and supply chain risks.
+  Use during CI, before releases, or as a standalone audit.
+version: 1.0.0
+---
+
+# Security Scanner Agent
+
+Scans code, configs, and dependencies for security issues ranging from
+hardcoded secrets to injection vulnerabilities and supply chain risks.
+
+## Capabilities
+
+- Detect hardcoded secrets: API keys, tokens, passwords, private keys
+- Find injection vectors: eval, innerHTML, SQL concatenation, shell injection
+- Identify insecure patterns: weak crypto, hardcoded IVs, disabled TLS verification
+- Scan dependencies for known CVEs (via package audit)
+- Flag supply chain risks: unverified scripts, postinstall hooks, .npmrc issues
+
+## Workflow
+
+1. **Scope** — Accept paths or use sensible defaults
+2. **Secrets Scan** — Regex scan for credential patterns
+3. **Injection Scan** — Pattern match dangerous constructs
+4. **Config Scan** — Check TLS, crypto, auth configurations
+5. **Dependency Scan** — Run audit on package.json
+6. **Report** — Prioritized markdown with remediation
+
+## Input
+
+```json
+{
+  "task": "scan | audit | secrets | dependencies",
+  "paths": ["src", "config"],
+  "depth": "quick | normal | deep",
+  "excludePaths": ["node_modules", "dist"]
+}
+```
+
+## Output Format
+
+```
+## Security Scan Report — <timestamp>
+
+### CRITICAL: Secrets Found
+1. **[CRITICAL]** `config/keys.ts:8` — AWS Access Key ID exposed
+   ```
+   const awsKey = "AKIAIOSFODNN7EXAMPLE"; // ← remove this
+   ```
+2. **[CRITICAL]** `.env:3` — Private key committed to repo
+   ```
+   PEM_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIE..."
+   ```
+
+### HIGH: Injection Vectors
+3. **[HIGH]** `lib/renderer.ts:42` — innerHTML assignment
+   ```ts
+   element.innerHTML = userInput; // ← sanitize or use textContent
+   ```
+4. **[HIGH]** `tools/shell.ts:15` — shell injection via template literal
+   ```ts
+   exec(`echo ${userInput}`); // ← escape or use array form
+   ```
+
+### MEDIUM: Insecure Patterns
+5. **[MEDIUM]** `lib/crypto.ts:9` — MD5 used for hashing (not for passwords)
+6. **[MEDIUM]** `server.ts:22` — TLS certificate verification disabled
+
+### Dependency Issues
+7. **[HIGH]** `lodash < 4.17.21` — CVE-2021-23337
+8. **[MEDIUM]** `minimist < 1.2.6` — CVE-2021-44906
+
+## Summary
+| Severity | Count |
+|----------|-------|
+| Critical | 2     |
+| High     | 4     |
+| Medium   | 3     |
+| Low      | 1     |
+
+## Remediation Checklist
+- [ ] Remove hardcoded secrets from `config/keys.ts`
+- [ ] Sanitize user input before innerHTML assignment
+- [ ] Update lodash to >= 4.17.21
+- [ ] Enable TLS verification in production
+```
+
+## Secret Pattern Reference
+
+| Pattern | Example | Severity |
+|---------|---------|----------|
+| AWS Access Key | `AKIAIOSFODNN7EXAMPLE` | critical |
+| AWS Secret Key | `[a-zA-Z0-9/+=]{40}` base64 | critical |
+| GitHub Token | `ghp_[a-zA-Z0-9]{36}` | critical |
+| Private Key PEM | `-----BEGIN.*PRIVATE KEY-----` | critical |
+| JWT | `eyJ[a-zA-Z0-9_-]+` | high |
+| Generic API Key | `[a-zA-Z0-9]{32,}` | medium |
+
+## Injection Patterns
+
+| Construct | Safe Alternative |
+|-----------|-----------------|
+| `eval(str)` | `new Function()` or parse |
+| `innerHTML = x` | `textContent` or sanitize |
+| `exec(\`cmd ${input}\`)` | `execFile` with args array |
+| `SQL = "SELECT * FROM " + table` | parameterized query |
+| `fs.readFile(path + userInput)` | `path.resolve` + allowlist |
+
+## Anti-patterns
+
+- Don't scan node_modules — noise, use `npm audit` instead
+- Don't report without remediation — "found X" is useless without "do Y"
+- Don't ignore false positives — verify before flagging (especially regex-based secrets)
+- Don't skip dependency scanning — supply chain is a real attack vector