@yuaone/core 0.1.0

package/dist/agent-modes.d.ts

@@ -0,0 +1,85 @@
+/**
+ * @module agent-modes
+ * @description YUAN Agent 실행 모드 프리셋.
+ * 각 모드는 시스템 프롬프트 보충, 도구 제한, 반복 제한, 출력 형식을 정의한다.
+ *
+ * 사용법:
+ * ```typescript
+ * const mode = getAgentModeConfig("review");
+ * // mode.allowedTools → 사용 가능 도구
+ * // mode.systemPromptSuffix → 시스템 프롬프트에 추가
+ * ```
+ */
+/** 에이전트 실행 모드 */
+export type AgentMode = "code" | "report" | "review" | "security" | "debug" | "refactor" | "test" | "plan" | "architect";
+/** 출력 형식 */
+export type AgentOutputFormat = "streaming" | "report" | "checklist" | "diff";
+/** 자동 승인 수준 */
+export type AutoApproveLevel = "none" | "reads" | "safe_writes" | "all";
+/** 에이전트 모드 설정 */
+export interface AgentModeConfig {
+    /** 모드 식별자 */
+    mode: AgentMode;
+    /** 시스템 프롬프트에 추가될 모드별 지시 */
+    systemPromptSuffix: string;
+    /** 이 모드에서 허용되는 도구 이름 목록 (빈 배열 = 전체 허용) */
+    allowedTools: string[];
+    /** 이 모드에서 명시적으로 거부되는 도구 이름 목록 */
+    deniedTools?: string[];
+    /** 최대 반복 횟수 오버라이드 */
+    maxIterations: number;
+    /** 파일 쓰기 가능 여부 */
+    canWrite: boolean;
+    /** 명령어 실행 가능 여부 */
+    canExecute: boolean;
+    /** 출력 형식 */
+    outputFormat: AgentOutputFormat;
+    /** 자동 승인 수준 */
+    autoApprove: AutoApproveLevel;
+    /** CLI help에 표시할 설명 */
+    description: string;
+}
+/**
+ * 모드 이름으로 설정을 가져온다.
+ * @param mode 에이전트 모드 이름
+ * @returns 해당 모드의 전체 설정
+ */
+export declare function getAgentModeConfig(mode: AgentMode): AgentModeConfig;
+/**
+ * 등록된 모든 모드 목록을 반환한다.
+ * @returns 모든 모드 설정 배열
+ */
+export declare function getAllAgentModes(): AgentModeConfig[];
+/**
+ * 모드 이름이 유효한지 검증한다.
+ * @param mode 검증할 모드 이름
+ * @returns 유효한 AgentMode이면 true
+ */
+export declare function isValidAgentMode(mode: string): mode is AgentMode;
+/**
+ * 주어진 모드에서 특정 도구의 사용이 허용되는지 확인한다.
+ * allowedTools가 빈 배열이면 모든 도구 허용 (deniedTools 제외).
+ *
+ * @param mode 에이전트 모드 이름
+ * @param toolName 확인할 도구 이름
+ * @returns 허용되면 true, 거부되면 false
+ */
+export declare function isToolAllowedInMode(mode: AgentMode, toolName: string): boolean;
+/**
+ * 테스트 모드에서 파일 경로가 테스트 파일인지 검증한다.
+ * test 모드는 테스트 파일만 쓰기 가능.
+ *
+ * @param filePath 검증할 파일 경로
+ * @returns 테스트 파일이면 true
+ */
+export declare function isTestFile(filePath: string): boolean;
+/**
+ * 모드별 시스템 프롬프트 서픽스를 기존 시스템 프롬프트에 결합한다.
+ * mode가 "code"이면 서픽스가 비어있으므로 원본을 그대로 반환.
+ *
+ * @param basePrompt 기본 시스템 프롬프트
+ * @param mode 에이전트 모드 이름
+ * @returns 결합된 시스템 프롬프트
+ */
+export declare function buildModeSystemPrompt(basePrompt: string, mode: AgentMode): string;
+//# sourceMappingURL=agent-modes.d.ts.map

package/dist/agent-modes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-modes.d.ts","sourceRoot":"","sources":["../src/agent-modes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,iBAAiB;AACjB,MAAM,MAAM,SAAS,GACjB,MAAM,GACN,QAAQ,GACR,QAAQ,GACR,UAAU,GACV,OAAO,GACP,UAAU,GACV,MAAM,GACN,MAAM,GACN,WAAW,CAAC;AAEhB,YAAY;AACZ,MAAM,MAAM,iBAAiB,GAAG,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,MAAM,CAAC;AAE9E,eAAe;AACf,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG,OAAO,GAAG,aAAa,GAAG,KAAK,CAAC;AAExE,iBAAiB;AACjB,MAAM,WAAW,eAAe;IAC9B,aAAa;IACb,IAAI,EAAE,SAAS,CAAC;IAChB,2BAA2B;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,0CAA0C;IAC1C,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB;IAClB,QAAQ,EAAE,OAAO,CAAC;IAClB,mBAAmB;IACnB,UAAU,EAAE,OAAO,CAAC;IACpB,YAAY;IACZ,YAAY,EAAE,iBAAiB,CAAC;IAChC,eAAe;IACf,WAAW,EAAE,gBAAgB,CAAC;IAC9B,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;CACrB;AAwVD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,SAAS,GAAG,eAAe,CAEnE;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,eAAe,EAAE,CAEpD;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,IAAI,SAAS,CAEhE;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAe9E;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAepD;AAED;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,GAAG,MAAM,CAMjF"}

package/dist/agent-modes.js

@@ -0,0 +1,418 @@
+/**
+ * @module agent-modes
+ * @description YUAN Agent 실행 모드 프리셋.
+ * 각 모드는 시스템 프롬프트 보충, 도구 제한, 반복 제한, 출력 형식을 정의한다.
+ *
+ * 사용법:
+ * ```typescript
+ * const mode = getAgentModeConfig("review");
+ * // mode.allowedTools → 사용 가능 도구
+ * // mode.systemPromptSuffix → 시스템 프롬프트에 추가
+ * ```
+ */
+// ─── Read-Only Tools ───
+const READ_ONLY_TOOLS = [
+    "file_read",
+    "grep",
+    "glob",
+    "code_search",
+];
+const GIT_READ_TOOLS = [
+    "git_diff",
+    "git_log",
+    "git_status",
+];
+const ALL_TOOLS_MARKER = [];
+// ─── Mode Configs ───
+const CODE_MODE = {
+    mode: "code",
+    systemPromptSuffix: "",
+    allowedTools: ALL_TOOLS_MARKER,
+    maxIterations: 25,
+    canWrite: true,
+    canExecute: true,
+    outputFormat: "streaming",
+    autoApprove: "safe_writes",
+    description: "Default autonomous coding mode. Full tool access with safe-write auto-approval.",
+};
+const REPORT_MODE = {
+    mode: "report",
+    systemPromptSuffix: `You are a codebase analyst. Your job is to generate a comprehensive report about the project.
+
+## Report Guidelines
+- Start by understanding the project structure, entry points, and dependencies.
+- Analyze code quality, architecture patterns, and potential issues.
+- Generate a structured markdown report with sections:
+  1. **Project Overview** — language, framework, structure
+  2. **Architecture** — patterns, layers, data flow
+  3. **Code Quality** — style consistency, complexity, duplication
+  4. **Dependencies** — outdated, unused, security vulnerabilities
+  5. **Recommendations** — prioritized list of improvements
+
+## Constraints
+- You are in READ-ONLY mode. Do not attempt to modify any files.
+- Read as many files as needed to build a thorough understanding.
+- Cite specific files and line numbers in your findings.`,
+    allowedTools: [...READ_ONLY_TOOLS],
+    deniedTools: ["file_write", "file_edit", "shell_exec", "git_commit", "git_push"],
+    maxIterations: 50,
+    canWrite: false,
+    canExecute: false,
+    outputFormat: "report",
+    autoApprove: "reads",
+    description: "Analyze codebase and generate a structured markdown report. Read-only.",
+};
+const REVIEW_MODE = {
+    mode: "review",
+    systemPromptSuffix: `You are a senior code reviewer. Review the changes for bugs, style issues, security vulnerabilities, and best-practice violations.
+
+## Review Process
+1. Run \`git diff\` and \`git log\` to understand what changed.
+2. Read the changed files in full context.
+3. Check related files for potential breakage.
+4. Generate a review checklist with severity levels.
+
+## Output Format
+For each issue found, output:
+- **[CRITICAL]** — Bugs, security holes, data loss risks
+- **[HIGH]** — Logic errors, missing error handling, race conditions
+- **[MEDIUM]** — Style violations, code smells, missing tests
+- **[LOW]** — Nitpicks, naming, documentation
+
+## Constraints
+- You are in READ-ONLY mode. Do not modify files.
+- Focus on the diff, not the entire codebase.
+- Be specific: cite file paths, line numbers, and concrete suggestions.`,
+    allowedTools: [...READ_ONLY_TOOLS, ...GIT_READ_TOOLS],
+    deniedTools: ["file_write", "file_edit", "shell_exec", "git_commit", "git_push"],
+    maxIterations: 30,
+    canWrite: false,
+    canExecute: false,
+    outputFormat: "checklist",
+    autoApprove: "reads",
+    description: "Code review mode. Analyzes git diff for bugs, style, and security issues. Read-only.",
+};
+const SECURITY_MODE = {
+    mode: "security",
+    systemPromptSuffix: `You are a security auditor. Perform a comprehensive security audit of the codebase.
+
+## Audit Checklist (OWASP Top 10 + More)
+1. **Injection** — SQL injection, command injection, XSS, template injection
+2. **Authentication** — hardcoded credentials, weak auth patterns
+3. **Sensitive Data** — secrets in code, unencrypted storage, PII exposure
+4. **Access Control** — missing authorization checks, IDOR
+5. **Security Misconfiguration** — debug mode, default credentials, CORS
+6. **Vulnerable Dependencies** — known CVEs in dependencies
+7. **Path Traversal** — directory traversal, symlink attacks
+8. **Deserialization** — unsafe JSON.parse, eval, Function constructor
+9. **Logging** — sensitive data in logs, missing audit trails
+10. **Supply Chain** — typosquatting, suspicious packages
+
+## Process
+1. Scan all source files for dangerous patterns (regex-based).
+2. Check dependency manifests for known vulnerabilities.
+3. Analyze configuration files for misconfigurations.
+4. Review authentication and authorization flows.
+
+## Output Format
+For each finding:
+- **Severity**: CRITICAL / HIGH / MEDIUM / LOW / INFO
+- **Category**: OWASP category or custom
+- **File**: path and line number
+- **Description**: what the issue is
+- **Recommendation**: how to fix it
+
+## Constraints
+- You may run limited shell commands: \`npm audit\`, \`pip audit\`, grep-based scans.
+- You may NOT modify any files.
+- You may NOT install packages or run arbitrary code.`,
+    allowedTools: [...READ_ONLY_TOOLS, "shell_exec"],
+    deniedTools: ["file_write", "file_edit", "git_commit", "git_push"],
+    maxIterations: 40,
+    canWrite: false,
+    canExecute: true,
+    outputFormat: "report",
+    autoApprove: "reads",
+    description: "Security audit mode. OWASP Top 10, dependency scan, secret detection. Limited execution.",
+};
+const DEBUG_MODE = {
+    mode: "debug",
+    systemPromptSuffix: `You are a debugging expert. Systematically identify the root cause of bugs and fix them.
+
+## Debugging Methodology
+1. **Reproduce** — Understand the bug report. Run the code to confirm the issue.
+2. **Isolate** — Narrow down the problem area using logs, breakpoints, or bisection.
+3. **Diagnose** — Read the relevant code. Trace data flow. Identify the root cause.
+4. **Fix** — Make the minimal change to fix the bug. Do not refactor unrelated code.
+5. **Verify** — Run tests or reproduce the scenario to confirm the fix works.
+
+## Guidelines
+- Always explain your reasoning before making changes.
+- If a fix requires modifying multiple files, explain the full change plan first.
+- Check for similar bugs in related code paths.
+- Add regression tests when possible.
+- Prefer targeted fixes over broad rewrites.`,
+    allowedTools: ALL_TOOLS_MARKER,
+    maxIterations: 30,
+    canWrite: true,
+    canExecute: true,
+    outputFormat: "streaming",
+    autoApprove: "reads",
+    description: "Debug mode. Systematic bug finding with reproduce-isolate-diagnose-fix-verify methodology.",
+};
+const REFACTOR_MODE = {
+    mode: "refactor",
+    systemPromptSuffix: `You are a refactoring expert. Improve code quality without changing external behavior.
+
+## Refactoring Process
+1. **Baseline** — Run existing tests to confirm they pass before changes.
+2. **Identify** — Find code smells: duplication, long functions, god classes, tight coupling.
+3. **Plan** — Describe each refactoring step before executing it.
+4. **Execute** — Apply one refactoring at a time. Commit after each step.
+5. **Verify** — Run tests after each step to ensure no regressions.
+
+## Refactoring Patterns
+- Extract function/method for long blocks
+- Rename for clarity
+- Remove dead code
+- Consolidate duplicates (DRY)
+- Simplify conditionals
+- Introduce interfaces for loose coupling
+- Split large files
+
+## Rules
+- NEVER change external behavior (inputs, outputs, API contracts).
+- ALWAYS run tests before AND after each refactoring step.
+- Commit after each logical refactoring step with a descriptive message.
+- If tests fail after a change, revert and try a different approach.`,
+    allowedTools: ALL_TOOLS_MARKER,
+    maxIterations: 40,
+    canWrite: true,
+    canExecute: true,
+    outputFormat: "diff",
+    autoApprove: "safe_writes",
+    description: "Refactoring mode. Improves code quality with test-guarded, incremental changes.",
+};
+const TEST_MODE = {
+    mode: "test",
+    systemPromptSuffix: `You are a test engineer. Generate comprehensive tests for the codebase.
+
+## Test Strategy
+1. **Analyze** — Read source files to understand functions, classes, and modules.
+2. **Plan** — Identify untested code paths, edge cases, and boundary conditions.
+3. **Write** — Generate tests covering:
+   - Happy path (normal usage)
+   - Edge cases (empty, null, boundary values)
+   - Error cases (invalid input, network failures)
+   - Integration (module interactions)
+4. **Run** — Execute the test suite to verify tests pass.
+
+## Test Quality Guidelines
+- Tests should be independent and idempotent.
+- Use descriptive test names that explain the scenario.
+- Follow the Arrange-Act-Assert pattern.
+- Mock external dependencies (API calls, filesystem, database).
+- Aim for meaningful coverage, not just line coverage.
+
+## Constraints
+- You may ONLY create or modify test files (files matching *test*, *spec*, __tests__).
+- You may NOT modify source files.
+- You may run the test runner via shell_exec.`,
+    allowedTools: [...READ_ONLY_TOOLS, "file_write", "file_edit", "shell_exec"],
+    maxIterations: 30,
+    canWrite: true,
+    canExecute: true,
+    outputFormat: "streaming",
+    autoApprove: "safe_writes",
+    description: "Test generation mode. Creates comprehensive tests without modifying source files.",
+};
+const PLAN_MODE = {
+    mode: "plan",
+    systemPromptSuffix: `You are a software architect creating a detailed implementation plan.
+
+## Planning Process
+1. **Understand** — Read the codebase to understand current architecture and conventions.
+2. **Analyze** — Break down the task into concrete subtasks with dependencies.
+3. **Estimate** — Provide rough time/complexity estimates for each subtask.
+4. **Risk** — Identify risks, unknowns, and potential blockers.
+
+## Output Format
+Generate a structured plan:
+\`\`\`
+## Implementation Plan: [Task Title]
+
+### Overview
+[1-2 sentence summary]
+
+### Tasks
+1. **[Task Name]** (est: Xh, complexity: low/medium/high)
+   - Files: [list of files to modify]
+   - Description: [what to do]
+   - Dependencies: [which tasks must complete first]
+
+### Risks & Unknowns
+- [Risk 1]: [mitigation]
+- [Risk 2]: [mitigation]
+
+### Testing Strategy
+[How to verify the implementation]
+\`\`\`
+
+## Constraints
+- You are in READ-ONLY mode. Do not modify any files.
+- Do not execute any commands.
+- Focus on creating an actionable plan that another agent or developer can follow.`,
+    allowedTools: [...READ_ONLY_TOOLS],
+    deniedTools: ["file_write", "file_edit", "shell_exec", "git_commit", "git_push"],
+    maxIterations: 20,
+    canWrite: false,
+    canExecute: false,
+    outputFormat: "report",
+    autoApprove: "reads",
+    description: "Planning mode. Creates detailed implementation plans without modifying files. Read-only.",
+};
+const ARCHITECT_MODE = {
+    mode: "architect",
+    systemPromptSuffix: `You are a system architect. Analyze the codebase architecture, identify patterns and anti-patterns, and recommend improvements.
+
+## Analysis Areas
+1. **Structure** — Module organization, layer separation, dependency direction
+2. **Patterns** — Design patterns in use (MVC, repository, factory, observer, etc.)
+3. **Anti-Patterns** — God classes, circular dependencies, leaky abstractions, shotgun surgery
+4. **Scalability** — Bottlenecks, single points of failure, horizontal scaling readiness
+5. **Maintainability** — Coupling, cohesion, complexity metrics, test coverage
+6. **Data Flow** — How data moves through the system (API → service → DB)
+
+## Output Format
+\`\`\`
+## Architecture Analysis: [Project Name]
+
+### Current Architecture
+[Diagram or description of the current architecture]
+
+### Patterns Identified
+- [Pattern]: [where and how it's used]
+
+### Anti-Patterns Found
+- **[Anti-Pattern]** (severity: HIGH/MEDIUM/LOW)
+  - Location: [files]
+  - Impact: [what problems it causes]
+  - Recommendation: [how to fix]
+
+### Recommendations (Priority Order)
+1. [Most impactful recommendation]
+2. [Second recommendation]
+...
+
+### Migration Path
+[If significant changes recommended, outline a migration strategy]
+\`\`\`
+
+## Constraints
+- You are in READ-ONLY mode. Do not modify any files.
+- Read broadly across the codebase to understand the full picture.
+- Cite specific files and code patterns in your analysis.`,
+    allowedTools: [...READ_ONLY_TOOLS],
+    deniedTools: ["file_write", "file_edit", "shell_exec", "git_commit", "git_push"],
+    maxIterations: 30,
+    canWrite: false,
+    canExecute: false,
+    outputFormat: "report",
+    autoApprove: "reads",
+    description: "Architecture analysis mode. Identifies patterns, anti-patterns, and recommends improvements. Read-only.",
+};
+// ─── Mode Registry ───
+/** All mode configurations indexed by mode name */
+const MODE_REGISTRY = {
+    code: CODE_MODE,
+    report: REPORT_MODE,
+    review: REVIEW_MODE,
+    security: SECURITY_MODE,
+    debug: DEBUG_MODE,
+    refactor: REFACTOR_MODE,
+    test: TEST_MODE,
+    plan: PLAN_MODE,
+    architect: ARCHITECT_MODE,
+};
+// ─── Public API ───
+/**
+ * 모드 이름으로 설정을 가져온다.
+ * @param mode 에이전트 모드 이름
+ * @returns 해당 모드의 전체 설정
+ */
+export function getAgentModeConfig(mode) {
+    return MODE_REGISTRY[mode];
+}
+/**
+ * 등록된 모든 모드 목록을 반환한다.
+ * @returns 모든 모드 설정 배열
+ */
+export function getAllAgentModes() {
+    return Object.values(MODE_REGISTRY);
+}
+/**
+ * 모드 이름이 유효한지 검증한다.
+ * @param mode 검증할 모드 이름
+ * @returns 유효한 AgentMode이면 true
+ */
+export function isValidAgentMode(mode) {
+    return mode in MODE_REGISTRY;
+}
+/**
+ * 주어진 모드에서 특정 도구의 사용이 허용되는지 확인한다.
+ * allowedTools가 빈 배열이면 모든 도구 허용 (deniedTools 제외).
+ *
+ * @param mode 에이전트 모드 이름
+ * @param toolName 확인할 도구 이름
+ * @returns 허용되면 true, 거부되면 false
+ */
+export function isToolAllowedInMode(mode, toolName) {
+    const config = MODE_REGISTRY[mode];
+    // 명시적 거부 목록에 있으면 항상 거부
+    if (config.deniedTools?.includes(toolName)) {
+        return false;
+    }
+    // allowedTools가 빈 배열이면 전체 허용 (deniedTools 제외)
+    if (config.allowedTools.length === 0) {
+        return true;
+    }
+    // 명시적 허용 목록에 있어야 허용
+    return config.allowedTools.includes(toolName);
+}
+/**
+ * 테스트 모드에서 파일 경로가 테스트 파일인지 검증한다.
+ * test 모드는 테스트 파일만 쓰기 가능.
+ *
+ * @param filePath 검증할 파일 경로
+ * @returns 테스트 파일이면 true
+ */
+export function isTestFile(filePath) {
+    const lower = filePath.toLowerCase();
+    return (lower.includes("test") ||
+        lower.includes("spec") ||
+        lower.includes("__tests__") ||
+        lower.endsWith(".test.ts") ||
+        lower.endsWith(".test.js") ||
+        lower.endsWith(".test.tsx") ||
+        lower.endsWith(".test.jsx") ||
+        lower.endsWith(".spec.ts") ||
+        lower.endsWith(".spec.js") ||
+        lower.endsWith(".spec.tsx") ||
+        lower.endsWith(".spec.jsx"));
+}
+/**
+ * 모드별 시스템 프롬프트 서픽스를 기존 시스템 프롬프트에 결합한다.
+ * mode가 "code"이면 서픽스가 비어있으므로 원본을 그대로 반환.
+ *
+ * @param basePrompt 기본 시스템 프롬프트
+ * @param mode 에이전트 모드 이름
+ * @returns 결합된 시스템 프롬프트
+ */
+export function buildModeSystemPrompt(basePrompt, mode) {
+    const config = MODE_REGISTRY[mode];
+    if (!config.systemPromptSuffix) {
+        return basePrompt;
+    }
+    return `${basePrompt}\n\n---\n\n## Mode: ${mode.toUpperCase()}\n\n${config.systemPromptSuffix}`;
+}
+//# sourceMappingURL=agent-modes.js.map

package/dist/agent-modes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-modes.js","sourceRoot":"","sources":["../src/agent-modes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AA8CH,0BAA0B;AAE1B,MAAM,eAAe,GAAG;IACtB,WAAW;IACX,MAAM;IACN,MAAM;IACN,aAAa;CACL,CAAC;AAEX,MAAM,cAAc,GAAG;IACrB,UAAU;IACV,SAAS;IACT,YAAY;CACJ,CAAC;AAEX,MAAM,gBAAgB,GAAa,EAAE,CAAC;AAEtC,uBAAuB;AAEvB,MAAM,SAAS,GAAoB;IACjC,IAAI,EAAE,MAAM;IACZ,kBAAkB,EAAE,EAAE;IACtB,YAAY,EAAE,gBAAgB;IAC9B,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,IAAI;IACd,UAAU,EAAE,IAAI;IAChB,YAAY,EAAE,WAAW;IACzB,WAAW,EAAE,aAAa;IAC1B,WAAW,EAAE,iFAAiF;CAC/F,CAAC;AAEF,MAAM,WAAW,GAAoB;IACnC,IAAI,EAAE,QAAQ;IACd,kBAAkB,EAAE;;;;;;;;;;;;;;;yDAemC;IACvD,YAAY,EAAE,CAAC,GAAG,eAAe,CAAC;IAClC,WAAW,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC;IAChF,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,KAAK;IACf,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,QAAQ;IACtB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,wEAAwE;CACtF,CAAC;AAEF,MAAM,WAAW,GAAoB;IACnC,IAAI,EAAE,QAAQ;IACd,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;wEAkBkD;IACtE,YAAY,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,cAAc,CAAC;IACrD,WAAW,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC;IAChF,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,KAAK;IACf,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,WAAW;IACzB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,sFAAsF;CACpG,CAAC;AAEF,MAAM,aAAa,GAAoB;IACrC,IAAI,EAAE,UAAU;IAChB,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;sDA+BgC;IACpD,YAAY,EAAE,CAAC,GAAG,eAAe,EAAE,YAAY,CAAC;IAChD,WAAW,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,CAAC;IAClE,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,KAAK;IACf,UAAU,EAAE,IAAI;IAChB,YAAY,EAAE,QAAQ;IACtB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,0FAA0F;CACxG,CAAC;AAEF,MAAM,UAAU,GAAoB;IAClC,IAAI,EAAE,OAAO;IACb,kBAAkB,EAAE;;;;;;;;;;;;;;6CAcuB;IAC3C,YAAY,EAAE,gBAAgB;IAC9B,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,IAAI;IACd,UAAU,EAAE,IAAI;IAChB,YAAY,EAAE,WAAW;IACzB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,4FAA4F;CAC1G,CAAC;AAEF,MAAM,aAAa,GAAoB;IACrC,IAAI,EAAE,UAAU;IAChB,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;;;;;qEAsB+C;IACnE,YAAY,EAAE,gBAAgB;IAC9B,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,IAAI;IACd,UAAU,EAAE,IAAI;IAChB,YAAY,EAAE,MAAM;IACpB,WAAW,EAAE,aAAa;IAC1B,WAAW,EAAE,iFAAiF;CAC/F,CAAC;AAEF,MAAM,SAAS,GAAoB;IACjC,IAAI,EAAE,MAAM;IACZ,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;;;;;8CAsBwB;IAC5C,YAAY,EAAE,CAAC,GAAG,eAAe,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,CAAC;IAC3E,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,IAAI;IACd,UAAU,EAAE,IAAI;IAChB,YAAY,EAAE,WAAW;IACzB,WAAW,EAAE,aAAa;IAC1B,WAAW,EAAE,mFAAmF;CACjG,CAAC;AAEF,MAAM,SAAS,GAAoB;IACjC,IAAI,EAAE,MAAM;IACZ,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mFAiC6D;IACjF,YAAY,EAAE,CAAC,GAAG,eAAe,CAAC;IAClC,WAAW,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC;IAChF,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,KAAK;IACf,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,QAAQ;IACtB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,0FAA0F;CACxG,CAAC;AAEF,MAAM,cAAc,GAAoB;IACtC,IAAI,EAAE,WAAW;IACjB,kBAAkB,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0DAsCoC;IACxD,YAAY,EAAE,CAAC,GAAG,eAAe,CAAC;IAClC,WAAW,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC;IAChF,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,KAAK;IACf,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,QAAQ;IACtB,WAAW,EAAE,OAAO;IACpB,WAAW,EAAE,yGAAyG;CACvH,CAAC;AAEF,wBAAwB;AAExB,mDAAmD;AACnD,MAAM,aAAa,GAAuC;IACxD,IAAI,EAAE,SAAS;IACf,MAAM,EAAE,WAAW;IACnB,MAAM,EAAE,WAAW;IACnB,QAAQ,EAAE,aAAa;IACvB,KAAK,EAAE,UAAU;IACjB,QAAQ,EAAE,aAAa;IACvB,IAAI,EAAE,SAAS;IACf,IAAI,EAAE,SAAS;IACf,SAAS,EAAE,cAAc;CAC1B,CAAC;AAEF,qBAAqB;AAErB;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAe;IAChD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC9B,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;AACtC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,OAAO,IAAI,IAAI,aAAa,CAAC;AAC/B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAe,EAAE,QAAgB;IACnE,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAEnC,uBAAuB;IACvB,IAAI,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,8CAA8C;IAC9C,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oBAAoB;IACpB,OAAO,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO,CACL,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACtB,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACtB,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC3B,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC1B,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC1B,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC3B,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC3B,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC1B,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC1B,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC3B,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC5B,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,qBAAqB,CAAC,UAAkB,EAAE,IAAe;IACvE,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;QAC/B,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,GAAG,UAAU,uBAAuB,IAAI,CAAC,WAAW,EAAE,OAAO,MAAM,CAAC,kBAAkB,EAAE,CAAC;AAClG,CAAC"}

package/dist/approval.d.ts

@@ -0,0 +1,137 @@
+/**
+ * @module approval
+ * @description 승인 시스템 — 위험 작업 실행 전 사용자 승인 요청/대기.
+ *
+ * 플로우:
+ * 1. Governor가 위험 작업 감지 (ApprovalRequiredError)
+ * 2. ApprovalManager가 승인 요청 이벤트 emit
+ * 3. CLI/UI에서 사용자에게 프롬프트 표시
+ * 4. 사용자 응답 (approve/reject/always_approve)
+ * 5. 결과를 Agent Loop에 반환
+ *
+ * @see 설계 문서 Section 6.3
+ */
+import { EventEmitter } from "node:events";
+import type { ApprovalAction, PendingAction, ToolCall } from "./types.js";
+/** 승인 요청 */
+export interface ApprovalRequest {
+    /** 고유 ID */
+    id: string;
+    /** 도구 이름 */
+    toolName: string;
+    /** 도구 인자 */
+    arguments: Record<string, unknown>;
+    /** 위험도 */
+    riskLevel: "medium" | "high" | "critical";
+    /** 승인이 필요한 이유 */
+    reason: string;
+    /** 변경 미리보기 (file_write/edit의 경우) */
+    diff?: string;
+    /** 승인 대기 타임아웃 (ms) */
+    timeout: number;
+}
+/** 승인 응답 */
+export type ApprovalResponse = "approve" | "reject" | "always_approve";
+/**
+ * 승인 핸들러 — CLI/UI가 구현.
+ * ApprovalManager에 등록하면 승인 요청 시 호출된다.
+ */
+export type ApprovalHandler = (request: ApprovalRequest) => Promise<ApprovalResponse>;
+/** 자동 승인 설정 */
+export interface AutoApprovalConfig {
+    /** 자동 승인할 액션 목록 */
+    autoApprove: ApprovalAction[];
+    /** 항상 승인 필요한 액션 목록 (기본: DELETE_FILE, GIT_PUSH, CREATE_PR) */
+    requireApproval: ApprovalAction[];
+}
+/**
+ * ApprovalManager — 위험 작업의 승인 프로세스를 관리.
+ *
+ * 역할:
+ * - 도구 호출이 승인 필요한지 판단
+ * - 승인 요청 생성 및 핸들러 호출
+ * - always_approve 세션 캐시 관리
+ * - 승인 타임아웃 처리
+ *
+ * @example
+ * ```typescript
+ * const manager = new ApprovalManager();
+ *
+ * // CLI에서 핸들러 등록
+ * manager.setHandler(async (request) => {
+ *   const answer = await askUser(`Approve ${request.reason}? [Y/n/a]`);
+ *   if (answer === 'a') return 'always_approve';
+ *   return answer === 'n' ? 'reject' : 'approve';
+ * });
+ *
+ * // Agent Loop에서 사용
+ * if (manager.needsApproval('file_write', args)) {
+ *   const response = await manager.requestApproval(request);
+ *   if (response === 'reject') { ... }
+ * }
+ * ```
+ */
+export declare class ApprovalManager extends EventEmitter {
+    /** always_approve로 승인된 도구 (세션 내 유지) */
+    private readonly alwaysApproved;
+    /** 자동 승인 설정 */
+    private readonly autoApproveActions;
+    /** 항상 승인 필요한 액션 */
+    private readonly requireApprovalActions;
+    /** 승인 핸들러 (CLI/UI가 등록) */
+    private handler;
+    /** 기본 타임아웃 (ms) */
+    private readonly defaultTimeout;
+    constructor(config?: Partial<AutoApprovalConfig>, defaultTimeout?: number);
+    /**
+     * 승인 핸들러 등록.
+     * CLI에서 readline 기반 프롬프트, UI에서 웹소켓 기반 프롬프트를 구현한다.
+     * @param handler 승인 요청을 처리할 함수
+     */
+    setHandler(handler: ApprovalHandler): void;
+    /**
+     * 도구 호출이 승인 필요한지 판단.
+     * @param toolName 도구 이름
+     * @param args 도구 인자
+     * @returns 승인이 필요하면 해당 ApprovalRequest 정보, 불필요하면 null
+     */
+    checkApproval(toolName: string, args: Record<string, unknown>): ApprovalRequest | null;
+    /**
+     * 승인 필요 여부를 간단히 확인하는 편의 메서드.
+     * @param toolName 도구 이름
+     * @param args 도구 인자
+     * @returns 승인이 필요하면 true
+     */
+    needsApproval(toolName: string, args: Record<string, unknown>): boolean;
+    /**
+     * 승인 요청을 핸들러에 전달하고 응답을 반환.
+     * 핸들러가 없으면 기본적으로 reject.
+     * @param request 승인 요청
+     * @returns 승인 응답
+     */
+    requestApproval(request: ApprovalRequest): Promise<ApprovalResponse>;
+    /**
+     * 도구를 always_approve 목록에 추가.
+     * 세션 내에서 해당 도구의 모든 호출이 자동 승인된다.
+     * @param toolName 도구 이름
+     */
+    addAlwaysApprove(toolName: string): void;
+    /**
+     * always_approve 목록을 초기화.
+     */
+    clearAlwaysApproved(): void;
+    /**
+     * 현재 always_approve 목록을 반환.
+     */
+    getAlwaysApproved(): ReadonlySet<string>;
+    /**
+     * ToolCall에서 PendingAction을 생성하는 헬퍼.
+     * AgentLoop에서 agent:approval_needed 이벤트 emit에 사용.
+     */
+    buildPendingAction(toolCall: ToolCall, request: ApprovalRequest): PendingAction;
+    private buildToolKey;
+    private buildReason;
+    private extractDiff;
+    private resolveActionType;
+}
+//# sourceMappingURL=approval.d.ts.map

package/dist/approval.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"approval.d.ts","sourceRoot":"","sources":["../src/approval.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAI1E,YAAY;AACZ,MAAM,WAAW,eAAe;IAC9B,YAAY;IACZ,EAAE,EAAE,MAAM,CAAC;IACX,YAAY;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY;IACZ,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,UAAU;IACV,SAAS,EAAE,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAC1C,iBAAiB;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,oCAAoC;IACpC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,YAAY;AACZ,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,QAAQ,GAAG,gBAAgB,CAAC;AAEvE;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,CAC5B,OAAO,EAAE,eAAe,KACrB,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAE/B,eAAe;AACf,MAAM,WAAW,kBAAkB;IACjC,mBAAmB;IACnB,WAAW,EAAE,cAAc,EAAE,CAAC;IAC9B,6DAA6D;IAC7D,eAAe,EAAE,cAAc,EAAE,CAAC;CACnC;AAwFD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,qBAAa,eAAgB,SAAQ,YAAY;IAC/C,uCAAuC;IACvC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA0B;IACzD,eAAe;IACf,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAsB;IACzD,mBAAmB;IACnB,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAsB;IAC7D,0BAA0B;IAC1B,OAAO,CAAC,OAAO,CAAgC;IAC/C,mBAAmB;IACnB,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;gBAE5B,MAAM,CAAC,EAAE,OAAO,CAAC,kBAAkB,CAAC,EAAE,cAAc,SAAU;IAS1E;;;;OAIG;IACH,UAAU,CAAC,OAAO,EAAE,eAAe,GAAG,IAAI;IAI1C;;;;;OAKG;IACH,aAAa,CACX,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,eAAe,GAAG,IAAI;IAuCzB;;;;;OAKG;IACH,aAAa,CACX,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,OAAO;IAIV;;;;;OAKG;IACG,eAAe,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAmC1E;;;;OAIG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAIxC;;OAEG;IACH,mBAAmB,IAAI,IAAI;IAI3B;;OAEG;IACH,iBAAiB,IAAI,WAAW,CAAC,MAAM,CAAC;IAIxC;;;OAGG;IACH,kBAAkB,CAChB,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,eAAe,GACvB,aAAa;IAahB,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,WAAW;IA+BnB,OAAO,CAAC,WAAW;IAgBnB,OAAO,CAAC,iBAAiB;CAY1B"}