aegis-bridge 2.15.2 → 2.15.3

package/README.md

@@ -7,6 +7,7 @@
   <img src="https://img.shields.io/github/actions/workflow/status/OneStepAt4time/aegis/ci.yml?branch=main" alt="CI" />
   <img src="https://img.shields.io/npm/l/aegis-bridge.svg" alt="license" />
   <img src="https://img.shields.io/badge/node-%3E%3D20.0.0-blue.svg" alt="node" />
+  <img src="https://img.shields.io/badge/MCP-ready-green.svg" alt="MCP ready" />
 </p>
 
 <p align="center">
@@ -96,6 +97,14 @@ Or via `.mcp.json`:
 
 **3 prompts** — `implement_issue`, `review_pr`, `debug_session`
 
+## Ecosystem Integrations
+
+Aegis works beyond Claude Code anywhere an MCP host can launch a local stdio server.
+
+- [Cursor integration](docs/integrations/cursor.md)
+- [Windsurf integration](docs/integrations/windsurf.md)
+- [MCP Registry preparation](docs/integrations/mcp-registry.md)
+
 ---
 
 ## REST API

package/dist/consensus.d.ts

@@ -0,0 +1,16 @@
+export type ConsensusFocusArea = 'correctness' | 'security' | 'performance';
+export interface ConsensusRequest {
+    id: string;
+    targetSessionId: string;
+    reviewerIds: string[];
+    focusAreas: ConsensusFocusArea[];
+    status: 'running' | 'completed' | 'failed';
+    createdAt: number;
+}
+export interface ConsensusReview {
+    reviewerId: string;
+    focusArea: ConsensusFocusArea;
+    findings: string[];
+}
+export declare function buildConsensusPrompt(targetSessionId: string, focusArea: ConsensusFocusArea): string;
+export declare function mergeConsensusFindings(reviews: ConsensusReview[]): string[];

package/dist/consensus.js

@@ -0,0 +1,19 @@
+export function buildConsensusPrompt(targetSessionId, focusArea) {
+    return [
+        `Review Aegis session ${targetSessionId}.`,
+        `Focus area: ${focusArea}.`,
+        'Return concise findings ordered by severity.',
+        'Prefer concrete regressions, risks, and missing verification.',
+    ].join(' ');
+}
+export function mergeConsensusFindings(reviews) {
+    const merged = new Set();
+    for (const review of reviews) {
+        for (const finding of review.findings) {
+            const normalized = finding.trim();
+            if (normalized)
+                merged.add(normalized);
+        }
+    }
+    return Array.from(merged.values());
+}

package/dist/hooks.js

@@ -15,6 +15,7 @@
  * Issue #169: Phase 3 — Hook-driven status detection.
  */
 import { isValidUUID, hookBodySchema, parseIntSafe } from './validation.js';
+import { evaluatePermissionProfile } from './permission-evaluator.js';
 /** CC hook events that require a decision response. */
 const DECISION_EVENTS = new Set(['PreToolUse', 'PermissionRequest']);
 /** Permission modes that should be auto-approved via hook response. */
@@ -289,6 +290,37 @@ export function registerHookRoutes(app, deps) {
                     // Timeout: allow without answer (CC shows question to user in terminal)
                     console.log(`Hooks: AskUserQuestion timeout for session ${sessionId} — allowing without answer`);
                 }
+                if (session.permissionProfile) {
+                    const evaluation = evaluatePermissionProfile(session.permissionProfile, {
+                        toolName,
+                        toolInput: hookBody.tool_input,
+                    });
+                    if (evaluation.behavior === 'deny') {
+                        deps.eventBus.emit(sessionId, {
+                            event: 'permission_denied',
+                            sessionId,
+                            timestamp: new Date().toISOString(),
+                            data: { toolName, reason: evaluation.reason },
+                        });
+                        return reply.status(200).send({
+                            hookSpecificOutput: {
+                                hookEventName: 'PreToolUse',
+                                permissionDecision: 'deny',
+                                reason: evaluation.reason,
+                            },
+                        });
+                    }
+                    if (evaluation.behavior === 'ask') {
+                        deps.eventBus.emitApproval(sessionId, `Permission profile requires approval for ${toolName}`);
+                        const decision = await deps.sessions.waitForPermissionDecision(sessionId, PERMISSION_TIMEOUT_MS, toolName, evaluation.reason);
+                        return reply.status(200).send({
+                            hookSpecificOutput: {
+                                hookEventName: 'PreToolUse',
+                                permissionDecision: decision,
+                            },
+                        });
+                    }
+                }
                 // Default: allow without modification
                 return reply.status(200).send({
                     hookSpecificOutput: {

package/dist/permission-evaluator.d.ts

@@ -0,0 +1,10 @@
+import type { PermissionProfile } from './validation.js';
+export interface PermissionEvaluationInput {
+    toolName: string;
+    toolInput?: Record<string, unknown>;
+}
+export interface PermissionEvaluationResult {
+    behavior: 'allow' | 'deny' | 'ask';
+    reason: string;
+}
+export declare function evaluatePermissionProfile(profile: PermissionProfile, input: PermissionEvaluationInput): PermissionEvaluationResult;

package/dist/permission-evaluator.js

@@ -0,0 +1,48 @@
+function globToRegExp(pattern) {
+    const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, '\\$&').replace(/\*/g, '.*');
+    return new RegExp(`^${escaped}$`, 'i');
+}
+function extractCandidatePaths(toolInput) {
+    if (!toolInput)
+        return [];
+    const values = [toolInput.path, toolInput.file_path, toolInput.target, ...(Array.isArray(toolInput.paths) ? toolInput.paths : [])];
+    return values.filter((v) => typeof v === 'string');
+}
+function extractContentSize(toolInput) {
+    const content = toolInput?.content;
+    return typeof content === 'string' ? content.length : null;
+}
+function isLikelyWriteTool(toolName) {
+    return /write|edit|delete|rename|move|create/i.test(toolName);
+}
+export function evaluatePermissionProfile(profile, input) {
+    for (const rule of profile.rules) {
+        if (rule.tool !== input.toolName)
+            continue;
+        if (rule.pattern) {
+            const candidate = typeof input.toolInput?.command === 'string'
+                ? input.toolInput.command
+                : JSON.stringify(input.toolInput ?? {});
+            if (!globToRegExp(rule.pattern).test(candidate))
+                continue;
+        }
+        if (rule.constraints?.readOnly && isLikelyWriteTool(input.toolName)) {
+            return { behavior: 'deny', reason: `Denied by readOnly constraint for ${input.toolName}` };
+        }
+        if (rule.constraints?.paths && rule.constraints.paths.length > 0) {
+            const paths = extractCandidatePaths(input.toolInput);
+            const allowed = paths.every((candidate) => rule.constraints.paths.some((prefix) => candidate.startsWith(prefix)));
+            if (!allowed) {
+                return { behavior: 'deny', reason: `Denied by path constraint for ${input.toolName}` };
+            }
+        }
+        if (rule.constraints?.maxFileSize) {
+            const size = extractContentSize(input.toolInput);
+            if (size !== null && size > rule.constraints.maxFileSize) {
+                return { behavior: 'deny', reason: `Denied by maxFileSize constraint for ${input.toolName}` };
+            }
+        }
+        return { behavior: rule.behavior, reason: `Matched rule for ${input.toolName}` };
+    }
+    return { behavior: profile.defaultBehavior, reason: 'No matching permission rule' };
+}

package/dist/server.js

@@ -37,6 +37,7 @@ import { registerHookRoutes } from './hooks.js';
 import { registerWsTerminalRoute } from './ws-terminal.js';
 import { registerMemoryRoutes } from './memory-routes.js';
 import { registerModelRouterRoutes } from './model-router.js';
+import { buildConsensusPrompt } from './consensus.js';
 import * as templateStore from './template-store.js';
 import { SwarmMonitor } from './swarm-monitor.js';
 import { killAllSessions } from './signal-cleanup-helper.js';
@@ -48,9 +49,10 @@ import { MemoryBridge } from './memory-bridge.js';
 import { cleanupTerminatedSessionState } from './session-cleanup.js';
 import { normalizeApiErrorPayload } from './api-error-envelope.js';
 import { listenWithRetry, removePidFile, writePidFile } from './startup.js';
-import { authKeySchema, sendMessageSchema, commandSchema, bashSchema, screenshotSchema, permissionHookSchema, stopHookSchema, batchSessionSchema, pipelineSchema, handshakeRequestSchema, parseIntSafe, isValidUUID, compareSemver, extractCCVersion, MIN_CC_VERSION, } from './validation.js';
+import { authKeySchema, sendMessageSchema, commandSchema, bashSchema, screenshotSchema, permissionHookSchema, stopHookSchema, batchSessionSchema, pipelineSchema, handshakeRequestSchema, parseIntSafe, isValidUUID, compareSemver, extractCCVersion, MIN_CC_VERSION, permissionProfileSchema, } from './validation.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
+const consensusRequests = new Map();
 // ── Configuration ────────────────────────────────────────────────────
 // Issue #349: CSP policy for dashboard responses (shared between static and SPA fallback)
 const DASHBOARD_CSP = "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' ws: wss:";
@@ -904,6 +906,48 @@ async function forkSessionHandler(req, reply) {
 }
 app.post('/v1/sessions/:id/fork', forkSessionHandler);
 app.post('/sessions/:id/fork', forkSessionHandler);
+async function createConsensusHandler(req, reply) {
+    const targetSessionId = req.params.id;
+    const target = sessions.getSession(targetSessionId);
+    if (!target)
+        return reply.status(404).send({ error: 'Target session not found' });
+    const focusAreas = (req.body?.focusAreas && req.body.focusAreas.length > 0)
+        ? req.body.focusAreas
+        : ['correctness', 'security', 'performance'];
+    const reviewerCount = Math.min(5, Math.max(1, req.body?.reviewerCount ?? focusAreas.length));
+    const selectedFocus = focusAreas.slice(0, reviewerCount);
+    const reviewerIds = [];
+    for (let i = 0; i < selectedFocus.length; i += 1) {
+        const focus = selectedFocus[i];
+        const child = await sessions.createSession({
+            workDir: target.workDir,
+            name: `consensus-${focus}-${targetSessionId.slice(0, 6)}`,
+            parentId: targetSessionId,
+            permissionMode: target.permissionMode,
+        });
+        reviewerIds.push(child.id);
+        await sessions.sendInitialPrompt(child.id, buildConsensusPrompt(targetSessionId, focus));
+    }
+    const consensusId = crypto.randomUUID();
+    const record = {
+        id: consensusId,
+        targetSessionId,
+        reviewerIds,
+        focusAreas: selectedFocus,
+        status: 'running',
+        createdAt: Date.now(),
+    };
+    consensusRequests.set(consensusId, record);
+    return reply.status(202).send(record);
+}
+function getConsensusHandler(req, reply) {
+    const item = consensusRequests.get(req.params.id);
+    if (!item)
+        return reply.status(404).send({ error: 'Consensus request not found' });
+    return item;
+}
+app.post('/v1/sessions/:id/consensus', createConsensusHandler);
+app.get('/v1/consensus/:id', getConsensusHandler);
 async function getPermissionPolicyHandler(req, reply) {
     const sessionId = req.params.id;
     const session = sessions.getSession(sessionId);
@@ -928,6 +972,29 @@ app.get('/v1/sessions/:id/permissions', getPermissionPolicyHandler);
 app.put('/v1/sessions/:id/permissions', updatePermissionPolicyHandler);
 app.get('/sessions/:id/permissions', getPermissionPolicyHandler);
 app.put('/sessions/:id/permissions', updatePermissionPolicyHandler);
+async function getPermissionProfileHandler(req, reply) {
+    const sessionId = req.params.id;
+    const session = sessions.getSession(sessionId);
+    if (!session)
+        return reply.status(404).send({ error: 'Session not found' });
+    return { permissionProfile: session.permissionProfile ?? null };
+}
+async function updatePermissionProfileHandler(req, reply) {
+    const sessionId = req.params.id;
+    const session = sessions.getSession(sessionId);
+    if (!session)
+        return reply.status(404).send({ error: 'Session not found' });
+    const parsed = permissionProfileSchema.safeParse(req.body ?? {});
+    if (!parsed.success)
+        return reply.status(400).send({ error: 'Invalid permission profile', details: parsed.error.issues });
+    session.permissionProfile = parsed.data;
+    await sessions.save();
+    return { permissionProfile: parsed.data };
+}
+app.get('/v1/sessions/:id/permission-profile', getPermissionProfileHandler);
+app.put('/v1/sessions/:id/permission-profile', updatePermissionProfileHandler);
+app.get('/sessions/:id/permission-profile', getPermissionProfileHandler);
+app.put('/sessions/:id/permission-profile', updatePermissionProfileHandler);
 // Read messages
 async function readMessagesHandler(req, reply) {
     try {

package/dist/session.d.ts

@@ -8,7 +8,7 @@ import { TmuxManager } from './tmux.js';
 import { type ParsedEntry } from './transcript.js';
 import { type UIState } from './terminal-parser.js';
 import type { Config } from './config.js';
-import { type PermissionPolicy } from './validation.js';
+import { type PermissionPolicy, type PermissionProfile } from './validation.js';
 import { type PermissionDecision } from './permission-request-manager.js';
 export interface SessionInfo {
     id: string;
@@ -40,6 +40,7 @@ export interface SessionInfo {
     parentId?: string;
     children?: string[];
     permissionPolicy?: PermissionPolicy;
+    permissionProfile?: PermissionProfile;
     prd?: string;
 }
 export interface SessionState {

package/dist/validation.d.ts

@@ -141,6 +141,48 @@ export declare const permissionRuleSchema: z.ZodObject<{
     commandPattern: z.ZodOptional<z.ZodString>;
 }, z.core.$strip>;
 export type PermissionPolicy = z.infer<typeof permissionRuleSchema>[];
+/** Issue #742: richer per-session permission profile. */
+export declare const permissionConstraintSchema: z.ZodObject<{
+    readOnly: z.ZodOptional<z.ZodBoolean>;
+    paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    maxFileSize: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export declare const permissionProfileRuleSchema: z.ZodObject<{
+    tool: z.ZodString;
+    behavior: z.ZodEnum<{
+        allow: "allow";
+        deny: "deny";
+        ask: "ask";
+    }>;
+    pattern: z.ZodOptional<z.ZodString>;
+    constraints: z.ZodOptional<z.ZodObject<{
+        readOnly: z.ZodOptional<z.ZodBoolean>;
+        paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        maxFileSize: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+export declare const permissionProfileSchema: z.ZodObject<{
+    defaultBehavior: z.ZodEnum<{
+        allow: "allow";
+        deny: "deny";
+        ask: "ask";
+    }>;
+    rules: z.ZodArray<z.ZodObject<{
+        tool: z.ZodString;
+        behavior: z.ZodEnum<{
+            allow: "allow";
+            deny: "deny";
+            ask: "ask";
+        }>;
+        pattern: z.ZodOptional<z.ZodString>;
+        constraints: z.ZodOptional<z.ZodObject<{
+            readOnly: z.ZodOptional<z.ZodBoolean>;
+            paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+            maxFileSize: z.ZodOptional<z.ZodNumber>;
+        }, z.core.$strict>>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+export type PermissionProfile = z.infer<typeof permissionProfileSchema>;
 /** Schema for persisted SessionState (sessions: { [id]: SessionInfo }). */
 export declare const persistedStateSchema: z.ZodRecord<z.ZodString, z.ZodObject<{
     id: z.ZodString;
@@ -206,6 +248,27 @@ export declare const persistedStateSchema: z.ZodRecord<z.ZodString, z.ZodObject<
         toolName: z.ZodOptional<z.ZodString>;
         commandPattern: z.ZodOptional<z.ZodString>;
     }, z.core.$strip>>>;
+    permissionProfile: z.ZodOptional<z.ZodObject<{
+        defaultBehavior: z.ZodEnum<{
+            allow: "allow";
+            deny: "deny";
+            ask: "ask";
+        }>;
+        rules: z.ZodArray<z.ZodObject<{
+            tool: z.ZodString;
+            behavior: z.ZodEnum<{
+                allow: "allow";
+                deny: "deny";
+                ask: "ask";
+            }>;
+            pattern: z.ZodOptional<z.ZodString>;
+            constraints: z.ZodOptional<z.ZodObject<{
+                readOnly: z.ZodOptional<z.ZodBoolean>;
+                paths: z.ZodOptional<z.ZodArray<z.ZodString>>;
+                maxFileSize: z.ZodOptional<z.ZodNumber>;
+            }, z.core.$strict>>;
+        }, z.core.$strict>>;
+    }, z.core.$strict>>;
 }, z.core.$strip>>;
 /** Schema for a single continuation pointer entry in session_map.json (Issue #900). */
 export declare const sessionMapEntrySchema: z.ZodObject<{

package/dist/validation.js

@@ -138,6 +138,22 @@ export const permissionRuleSchema = z.object({
     toolName: z.string().optional(),
     commandPattern: z.string().optional(),
 });
+/** Issue #742: richer per-session permission profile. */
+export const permissionConstraintSchema = z.object({
+    readOnly: z.boolean().optional(),
+    paths: z.array(z.string().min(1)).max(50).optional(),
+    maxFileSize: z.number().int().positive().max(10_000_000).optional(),
+}).strict();
+export const permissionProfileRuleSchema = z.object({
+    tool: z.string().min(1),
+    behavior: z.enum(['allow', 'deny', 'ask']),
+    pattern: z.string().optional(),
+    constraints: permissionConstraintSchema.optional(),
+}).strict();
+export const permissionProfileSchema = z.object({
+    defaultBehavior: z.enum(['allow', 'deny', 'ask']),
+    rules: z.array(permissionProfileRuleSchema).max(100),
+}).strict();
 /** Schema for persisted SessionState (sessions: { [id]: SessionInfo }). */
 export const persistedStateSchema = z.record(z.string(), z.object({
     id: z.string(),
@@ -173,6 +189,7 @@ export const persistedStateSchema = z.record(z.string(), z.object({
         toolName: z.string().optional(),
         commandPattern: z.string().optional(),
     })).optional(),
+    permissionProfile: permissionProfileSchema.optional(),
 }));
 /** Schema for a single continuation pointer entry in session_map.json (Issue #900). */
 export const sessionMapEntrySchema = z.object({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aegis-bridge",
-  "version": "2.15.2",
+  "version": "2.15.3",
   "type": "module",
   "description": "Orchestrate Claude Code sessions via API. Create, brief, monitor, refine, ship.",
   "main": "dist/server.js",