agent-messenger 2.1.0 → 2.3.0

package/src/platforms/line/commands/auth.ts

@@ -8,6 +8,7 @@ import QRCode from 'qrcode'
 
 import { handleError } from '@/shared/utils/error-handler'
 import { formatOutput } from '@/shared/utils/output'
+import { info } from '@/shared/utils/stderr'
 
 import { LineClient } from '../client'
 import { LineCredentialManager } from '../credential-manager'
@@ -85,9 +86,9 @@ async function loginAction(options: {
         email: options.email,
         password: options.password,
         device,
-        onPincode: (pin) => {
+          onPincode: (pin) => {
           if (interactive) {
-            console.error(`\nEnter this PIN in the LINE mobile app: ${pin}\n`)
+            info(`\nEnter this PIN in the LINE mobile app: ${pin}\n`)
           }
         },
       })
@@ -104,14 +105,14 @@ async function loginAction(options: {
           await openQRInBrowser(url).catch(() => {})
           try {
             const qrAscii = await QRCode.toString(url, { type: 'terminal', small: true })
-            console.error('\nScan this QR code with the LINE mobile app:\n')
-            console.error(qrAscii)
+            info('\nScan this QR code with the LINE mobile app:\n')
+            info(qrAscii)
           } catch {
-            console.error(`\nOpen the QR code in the browser window, or scan this URL:\n${url}\n`)
+            info(`\nOpen the QR code in the browser window, or scan this URL:\n${url}\n`)
           }
         },
         onPincode: (pin) => {
-          console.error(`\nEnter this PIN in the LINE mobile app: ${pin}\n`)
+          info(`\nEnter this PIN in the LINE mobile app: ${pin}\n`)
         },
       })
       console.log(formatOutput(result, options.pretty))

package/src/platforms/slack/cli.test.ts

@@ -39,12 +39,13 @@ describe('CLI Framework', () => {
   describe('handleError utility', () => {
     test('logs error as JSON and exits', () => {
       const originalExit = process.exit
-      const originalError = console.error
+      const originalWrite = process.stderr.write
       let capturedOutput = ''
 
-      console.error = (msg: string) => {
-        capturedOutput = msg
-      }
+      process.stderr.write = ((chunk: string | Uint8Array) => {
+        capturedOutput += typeof chunk === 'string' ? chunk : new TextDecoder().decode(chunk)
+        return true
+      }) as typeof process.stderr.write
       process.exit = (() => {
         throw new Error('EXIT_CALLED')
       }) as never
@@ -58,7 +59,7 @@ describe('CLI Framework', () => {
         }
       }
 
-      console.error = originalError
+      process.stderr.write = originalWrite
       process.exit = originalExit
     })
   })

package/src/platforms/slack/commands/auth.test.ts

@@ -75,13 +75,16 @@ describe('TokenExtractor', () => {
   })
 
   describe('extract', () => {
-    test('throws error when Slack directory does not exist', async () => {
-      // Given: Slack directory does not exist (use unique path to avoid any collision)
+    test('returns empty array when Slack directory does not exist (falls back to browser)', async () => {
+      // given
       const nonExistentPath = `/tmp/nonexistent-slack-${Date.now()}-${Math.random()}`
       extractor = new TokenExtractor('darwin', nonExistentPath)
 
-      // When/Then: extract should throw
-      await expect(extractor.extract()).rejects.toThrow('Slack directory not found')
+      // when
+      const result = await extractor.extract()
+
+      // then
+      expect(result).toEqual([])
     })
 
     test('returns empty array when no tokens found', async () => {
@@ -430,12 +433,13 @@ describe('Error Handling', () => {
   })
 
   test('handles missing Slack installation gracefully', async () => {
-    // Given: Slack is not installed (use unique path)
+    // given — Slack is not installed
     const nonExistentPath = `/tmp/nonexistent-slack-${Date.now()}-${Math.random()}`
     const extractor = new TokenExtractor('darwin', nonExistentPath)
 
-    // When/Then: Should throw descriptive error
-    await expect(extractor.extract()).rejects.toThrow('Slack directory not found')
+    // when/then — falls back to browser profiles, returns empty array
+    const result = await extractor.extract()
+    expect(result).toEqual([])
   })
 
   test('handles empty Slack directory gracefully', async () => {

package/src/platforms/slack/commands/auth.ts

@@ -2,6 +2,7 @@ import { Command } from 'commander'
 
 import { handleError } from '@/shared/utils/error-handler'
 import { formatOutput } from '@/shared/utils/output'
+import { debug } from '@/shared/utils/stderr'
 
 import { SlackClient, SlackError } from '../client'
 import { CredentialManager } from '../credential-manager'
@@ -23,7 +24,7 @@ async function extractAction(options: {
     if (options.unsafelyShowSecrets) {
       options.debug = true
     }
-    const debugLog = options.debug ? (msg: string) => console.error(`[debug] ${msg}`) : undefined
+    const debugLog = options.debug ? (msg: string) => debug(`[debug] ${msg}`) : undefined
     const extractor = new TokenExtractor(undefined, undefined, undefined, debugLog)
 
     if (process.platform === 'darwin') {
@@ -44,15 +45,15 @@ async function extractAction(options: {
     }
 
     if (options.debug) {
-      console.error(`[debug] Slack directory: ${extractor.getSlackDir()}`)
+      debug(`[debug] Slack directory: ${extractor.getSlackDir()}`)
     }
 
     const workspaces = await extractor.extract()
 
     if (options.debug) {
-      console.error(`[debug] Found ${workspaces.length} workspace(s)`)
+      debug(`[debug] Found ${workspaces.length} workspace(s)`)
       for (const ws of workspaces) {
-        console.error(`[debug] - ${formatCredentialDebug(ws, options.unsafelyShowSecrets)}`)
+        debug(`[debug] - ${formatCredentialDebug(ws, options.unsafelyShowSecrets)}`)
       }
     }
 
@@ -77,7 +78,7 @@ async function extractAction(options: {
     const failureReasons: string[] = []
     for (const ws of workspaces) {
       if (options.debug) {
-        console.error(`[debug] Testing credentials for ${ws.workspace_id}...`)
+        debug(`[debug] Testing credentials for ${ws.workspace_id}...`)
       }
 
       try {
@@ -89,7 +90,7 @@ async function extractAction(options: {
         await credManager.setWorkspace(ws)
 
         if (options.debug) {
-          console.error(`[debug] ✓ Valid: ${authInfo.team} (${authInfo.user})`)
+          debug(`[debug] ✓ Valid: ${authInfo.team} (${authInfo.user})`)
         }
       } catch (error) {
         const code = error instanceof SlackError ? error.code : undefined
@@ -97,12 +98,12 @@ async function extractAction(options: {
           failureReasons.push(code)
         }
         if (options.debug) {
-          console.error(`[debug] ✗ Invalid: ${(error as Error).message}`)
+          debug(`[debug] ✗ Invalid: ${(error as Error).message}`)
         }
 
         if (options.debug) {
           const domain = workspaceDomains[ws.workspace_id]
-          console.error(
+          debug(
             `[debug] Attempting web token refresh for ${ws.workspace_id}${domain ? ` (${domain}.slack.com)` : ''}...`,
           )
         }
@@ -114,10 +115,10 @@ async function extractAction(options: {
           await credManager.setWorkspace(ws)
 
           if (options.debug) {
-            console.error(`[debug] ✓ Web refresh succeeded: ${refreshed.workspace_name}`)
+            debug(`[debug] ✓ Web refresh succeeded: ${refreshed.workspace_name}`)
           }
         } else if (options.debug) {
-          console.error('[debug] ✗ Web refresh failed')
+          debug('[debug] ✗ Web refresh failed')
         }
       }
     }

package/src/platforms/slack/token-extractor.test.ts

@@ -6,7 +6,7 @@ import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from 'node:fs'
 import { tmpdir } from 'node:os'
 import { join } from 'node:path'
 
-import { TokenExtractor } from './token-extractor'
+import { ExtractedWorkspace, TokenExtractor } from './token-extractor'
 
 const tempDirs: string[] = []
 
@@ -790,3 +790,100 @@ describe('TokenExtractor getWorkspaceDomains', () => {
     expect(domains).toEqual({ T111: 'acme-corp' })
   })
 })
+
+describe('TokenExtractor browser fallback', () => {
+  test('extractFromBrowsers returns empty array when no browser profiles have tokens', async () => {
+    const slackDir = mkdtempSync(join(tmpdir(), 'slack-nonexistent-'))
+    tempDirs.push(slackDir)
+    rmSync(slackDir, { recursive: true, force: true })
+
+    const extractor = new TokenExtractor('darwin', slackDir)
+    const result = await extractor.extractFromBrowsers()
+    expect(result).toEqual([])
+  })
+
+  test('extract tries desktop before browser profiles', async () => {
+    // given — slackDir with LevelDB token data
+    const slackDir = mkdtempSync(join(tmpdir(), 'slack-fallback-desktop-'))
+    tempDirs.push(slackDir)
+
+    const hex64 = 'a'.repeat(64)
+    const token = `xoxc-1111111111-2222222222-3333333333-${hex64}`
+    const leveldbDir = join(slackDir, 'Local Storage', 'leveldb')
+    mkdirSync(leveldbDir, { recursive: true })
+    writeFileSync(join(leveldbDir, '000001.log'), `"${token}"T12345678"name":"desktop-workspace"`)
+
+    const extractFromBrowsersSpy = spyOn(
+      TokenExtractor.prototype as any,
+      'extractFromBrowsers',
+    ).mockResolvedValue([])
+
+    // when
+    const extractor = new TokenExtractor('darwin', slackDir)
+    const result = await extractor.extract()
+
+    // then — desktop extraction succeeded, browser not called
+    expect(result.length).toBeGreaterThan(0)
+    expect(extractFromBrowsersSpy).not.toHaveBeenCalled()
+
+    extractFromBrowsersSpy.mockRestore()
+  })
+
+  test('extract falls back to browser profiles when desktop has no tokens', async () => {
+    // given — empty slackDir (no tokens)
+    const slackDir = mkdtempSync(join(tmpdir(), 'slack-fallback-browser-'))
+    tempDirs.push(slackDir)
+
+    const hex64 = 'b'.repeat(64)
+    const browserToken = `xoxc-9999999999-8888888888-7777777777-${hex64}`
+    const browserWorkspace: ExtractedWorkspace = {
+      workspace_id: 'T99999999',
+      workspace_name: 'browser-workspace',
+      token: browserToken,
+      cookie: '',
+    }
+
+    const extractFromBrowsersSpy = spyOn(
+      TokenExtractor.prototype as any,
+      'extractFromBrowsers',
+    ).mockResolvedValue([browserWorkspace])
+
+    // when
+    const extractor = new TokenExtractor('darwin', slackDir)
+    const result = await extractor.extract()
+
+    // then — browser fallback used
+    expect(extractFromBrowsersSpy).toHaveBeenCalled()
+    expect(result).toEqual([browserWorkspace])
+
+    extractFromBrowsersSpy.mockRestore()
+  })
+
+  test('extract falls back to browser when slackDir does not exist', async () => {
+    // given — non-existent slackDir
+    const slackDir = '/nonexistent/slack/dir'
+    const hex64 = 'c'.repeat(64)
+    const browserToken = `xoxc-1234567890-0987654321-1122334455-${hex64}`
+    const browserWorkspace: ExtractedWorkspace = {
+      workspace_id: 'T11111111',
+      workspace_name: 'browser-ws',
+      token: browserToken,
+      cookie: 'xoxd-browser-cookie',
+    }
+
+    const extractFromBrowsersSpy = spyOn(
+      TokenExtractor.prototype as any,
+      'extractFromBrowsers',
+    ).mockResolvedValue([browserWorkspace])
+
+    // when
+    const extractor = new TokenExtractor('darwin', slackDir)
+    const result = await extractor.extract()
+
+    // then
+    expect(extractFromBrowsersSpy).toHaveBeenCalled()
+    expect(result).toEqual([browserWorkspace])
+
+    extractFromBrowsersSpy.mockRestore()
+  })
+})

package/src/platforms/slack/token-extractor.ts

@@ -10,6 +10,58 @@ import { ClassicLevel } from 'classic-level'
 import { DerivedKeyCache } from '@/shared/utils/derived-key-cache'
 import { lookupLinuxKeyringPassword } from '@/shared/utils/linux-keyring'
 
+interface BrowserConfig {
+  name: string
+  darwin: string
+  linux: string
+  win32: string
+}
+
+const BROWSERS: BrowserConfig[] = [
+  {
+    name: 'Chrome',
+    darwin: join('Google', 'Chrome'),
+    linux: 'google-chrome',
+    win32: join('Google', 'Chrome', 'User Data'),
+  },
+  {
+    name: 'Chrome Canary',
+    darwin: join('Google', 'Chrome Canary'),
+    linux: 'google-chrome-unstable',
+    win32: join('Google', 'Chrome SxS', 'User Data'),
+  },
+  {
+    name: 'Edge',
+    darwin: 'Microsoft Edge',
+    linux: 'microsoft-edge',
+    win32: join('Microsoft', 'Edge', 'User Data'),
+  },
+  {
+    name: 'Arc',
+    darwin: join('Arc', 'User Data'),
+    linux: '',
+    win32: join('Arc', 'User Data'),
+  },
+  {
+    name: 'Brave',
+    darwin: join('BraveSoftware', 'Brave-Browser'),
+    linux: join('BraveSoftware', 'Brave-Browser'),
+    win32: join('BraveSoftware', 'Brave-Browser', 'User Data'),
+  },
+  {
+    name: 'Vivaldi',
+    darwin: 'Vivaldi',
+    linux: 'vivaldi',
+    win32: join('Vivaldi', 'User Data'),
+  },
+  {
+    name: 'Chromium',
+    darwin: 'Chromium',
+    linux: 'chromium',
+    win32: join('Chromium', 'User Data'),
+  },
+]
+
 const require = createRequire(import.meta.url)
 
 export interface ExtractedWorkspace {
@@ -177,40 +229,300 @@ export class TokenExtractor {
   }
 
   async extract(): Promise<ExtractedWorkspace[]> {
-    if (!existsSync(this.slackDir)) {
-      throw new Error(`Slack directory not found: ${this.slackDir}`)
-    }
-
-    await this.getDerivedKeyAsync()
-
-    const tokens = await this.extractTokensFromLevelDB()
-    if (tokens.length === 0) {
-      return []
-    }
-
-    const cookie = await this.extractCookieFromSQLite()
+    if (existsSync(this.slackDir)) {
+      await this.getDerivedKeyAsync()
+
+      const tokens = await this.extractTokensFromLevelDB()
+      if (tokens.length > 0) {
+        const cookie = await this.extractCookieFromSQLite()
+
+        if (!cookie && this.usedCachedKey) {
+          await this.clearKeyCache()
+          this.cachedKey = this.getDerivedKeyFromKeychain()
+          if (this.cachedKey) {
+            await this.keyCache.set('slack', this.cachedKey)
+            const retryCookie = await this.extractCookieFromSQLite()
+            return tokens.map((t) => ({
+              workspace_id: t.teamId,
+              workspace_name: t.teamName,
+              token: t.token,
+              cookie: retryCookie,
+            }))
+          }
+        }
 
-    if (!cookie && this.usedCachedKey) {
-      await this.clearKeyCache()
-      this.cachedKey = this.getDerivedKeyFromKeychain()
-      if (this.cachedKey) {
-        await this.keyCache.set('slack', this.cachedKey)
-        const retryCookie = await this.extractCookieFromSQLite()
         return tokens.map((t) => ({
           workspace_id: t.teamId,
           workspace_name: t.teamName,
           token: t.token,
-          cookie: retryCookie,
+          cookie: cookie,
         }))
       }
     }
 
-    return tokens.map((t) => ({
-      workspace_id: t.teamId,
-      workspace_name: t.teamName,
-      token: t.token,
-      cookie: cookie,
-    }))
+    return this.extractFromBrowsers()
+  }
+
+  async extractFromBrowsers(): Promise<ExtractedWorkspace[]> {
+    const results: ExtractedWorkspace[] = []
+    const seenTokens = new Set<string>()
+
+    for (const browser of BROWSERS) {
+      const browserBase = this.getBrowserBasePath(browser)
+      if (!browserBase) continue
+
+      const profileDirs = this.discoverBrowserProfileDirs(browserBase)
+      for (const profileDir of profileDirs) {
+        const leveldbDir = join(profileDir, 'Local Storage', 'leveldb')
+        if (!existsSync(leveldbDir)) continue
+
+        let tokenInfos: TokenInfo[]
+        try {
+          tokenInfos = await this.extractFromLevelDB(leveldbDir, 'local-storage')
+        } catch {
+          continue
+        }
+
+        if (tokenInfos.length === 0) continue
+
+        const cookie = await this.extractCookieFromBrowserProfile(profileDir, browserBase)
+
+        for (const t of tokenInfos) {
+          if (seenTokens.has(t.token)) continue
+          seenTokens.add(t.token)
+          results.push({
+            workspace_id: t.teamId,
+            workspace_name: t.teamName,
+            token: t.token,
+            cookie,
+          })
+        }
+      }
+    }
+
+    return results
+  }
+
+  private getBrowserBasePath(browser: BrowserConfig): string | null {
+    let relative: string
+
+    switch (this.platform) {
+      case 'darwin':
+        relative = browser.darwin
+        if (!relative) return null
+        return join(homedir(), 'Library', 'Application Support', relative)
+      case 'linux':
+        relative = browser.linux
+        if (!relative) return null
+        return join(homedir(), '.config', relative)
+      case 'win32':
+        relative = browser.win32
+        if (!relative) return null
+        return join(
+          process.env.LOCALAPPDATA || join(homedir(), 'AppData', 'Local'),
+          relative,
+        )
+      default:
+        return null
+    }
+  }
+
+  private discoverBrowserProfileDirs(browserBase: string): string[] {
+    const dirs: string[] = []
+
+    dirs.push(join(browserBase, 'Default'))
+
+    if (!existsSync(browserBase)) return dirs
+
+    try {
+      const entries = readdirSync(browserBase, { withFileTypes: true })
+      for (const entry of entries) {
+        if (!entry.isDirectory()) continue
+        if (!/^Profile \d+$/i.test(entry.name)) continue
+        dirs.push(join(browserBase, entry.name))
+      }
+    } catch {}
+
+    return dirs
+  }
+
+  private async extractCookieFromBrowserProfile(profileDir: string, browserBase: string): Promise<string> {
+    const cookiePaths = [
+      join(profileDir, 'Cookies'),
+      join(profileDir, 'Network', 'Cookies'),
+    ]
+
+    for (const cookiePath of cookiePaths) {
+      if (!existsSync(cookiePath)) continue
+
+      const cookie = await this.extractCookieFromBrowserSQLite(cookiePath, browserBase)
+      if (cookie) return cookie
+    }
+
+    return ''
+  }
+
+  private async extractCookieFromBrowserSQLite(cookiesPath: string, browserBase: string): Promise<string> {
+    const tempDbPath = join(tmpdir(), `slack-browser-cookies-${Date.now()}-${Math.random().toString(36).slice(2)}.db`)
+
+    try {
+      copyFileSync(cookiesPath, tempDbPath)
+    } catch {
+      return ''
+    }
+
+    try {
+      const sql = `SELECT value, encrypted_value
+           FROM cookies
+           WHERE name = 'd' AND host_key LIKE '%slack.com%'
+           ORDER BY last_access_utc DESC
+           LIMIT 1`
+
+      type CookieRow = {
+        value?: string
+        encrypted_value?: Uint8Array | Buffer
+      } | null
+
+      let row: CookieRow
+      if (typeof globalThis.Bun !== 'undefined') {
+        const { Database } = require('bun:sqlite')
+        const db = new Database(tempDbPath, { readonly: true })
+        row = db.query(sql).get() as CookieRow
+        db.close()
+      } else {
+        const Database = require('better-sqlite3')
+        const db = new Database(tempDbPath, { readonly: true })
+        row = db.prepare(sql).get() as CookieRow
+        db.close()
+      }
+
+      if (!row) return ''
+
+      if (row.value?.startsWith('xoxd-')) return row.value
+
+      if (row.encrypted_value && row.encrypted_value.length > 0) {
+        return this.decryptBrowserCookieForSlack(Buffer.from(row.encrypted_value), browserBase) ?? ''
+      }
+
+      return ''
+    } catch {
+      return ''
+    } finally {
+      try {
+        rmSync(tempDbPath, { force: true })
+      } catch {}
+    }
+  }
+
+  private decryptBrowserCookieForSlack(encrypted: Buffer, browserBase: string): string | null {
+    const str = encrypted.toString('utf8')
+    if (str.startsWith('xoxd-')) return str
+
+    const prefix = encrypted.length > 3 ? encrypted.subarray(0, 3).toString() : ''
+
+    if (prefix === 'v10') {
+      if (this.platform === 'win32') {
+        return this.decryptBrowserV10CookieWindows(encrypted, browserBase)
+      }
+      if (this.platform === 'linux') {
+        return this.decryptV10CookieLinux(encrypted)
+      }
+      return this.decryptBrowserV10CookieMac(encrypted)
+    }
+
+    if (prefix === 'v11') {
+      if (this.platform === 'linux') {
+        return this.decryptV11CookieLinux(encrypted)
+      }
+      if (this.platform === 'darwin') {
+        return this.decryptBrowserV10CookieMac(encrypted)
+      }
+    }
+
+    if (this.platform === 'win32' && encrypted.length > 0) {
+      const decrypted = this.decryptDPAPI(encrypted)
+      if (decrypted) {
+        const text = decrypted.toString('utf8')
+        const match = text.match(/xoxd-[A-Za-z0-9%]+/)
+        return match ? match[0] : null
+      }
+    }
+
+    return null
+  }
+
+  private decryptBrowserV10CookieMac(encrypted: Buffer): string | null {
+    const keychainVariants = [
+      { service: 'Chrome Safe Storage', account: 'Chrome' },
+      { service: 'Chrome Canary Safe Storage', account: 'Chrome Canary' },
+      { service: 'Microsoft Edge Safe Storage', account: 'Microsoft Edge' },
+      { service: 'Arc Safe Storage', account: 'Arc' },
+      { service: 'Brave Safe Storage', account: 'Brave' },
+      { service: 'Vivaldi Safe Storage', account: 'Vivaldi' },
+      { service: 'Chromium Safe Storage', account: 'Chromium' },
+    ]
+
+    for (const variant of keychainVariants) {
+      try {
+        const password = execSync(
+          `security find-generic-password -s "${variant.service}" -a "${variant.account}" -w 2>/dev/null`,
+          { encoding: 'utf8' },
+        ).trim()
+
+        const key = pbkdf2Sync(password, 'saltysalt', 1003, 16, 'sha1')
+        const result = this.decryptLinuxCookieWithKey(encrypted, key)
+        if (result) return result
+      } catch {}
+    }
+
+    return null
+  }
+
+  private decryptBrowserV10CookieWindows(encrypted: Buffer, browserBase: string): string | null {
+    try {
+      const masterKey = this.getBrowserWindowsMasterKey(browserBase)
+      if (!masterKey) {
+        const decrypted = this.decryptDPAPI(encrypted.subarray(3))
+        if (!decrypted) return null
+        const text = decrypted.toString('utf8')
+        const match = text.match(/xoxd-[A-Za-z0-9%]+/)
+        return match ? match[0] : null
+      }
+
+      const nonce = encrypted.subarray(3, 3 + 12)
+      const ciphertextWithTag = encrypted.subarray(3 + 12)
+      const tag = ciphertextWithTag.subarray(ciphertextWithTag.length - 16)
+      const ciphertext = ciphertextWithTag.subarray(0, ciphertextWithTag.length - 16)
+
+      const decipher = createDecipheriv('aes-256-gcm', masterKey, nonce)
+      decipher.setAuthTag(tag)
+      const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString('utf8')
+
+      const match = decrypted.match(/xoxd-[A-Za-z0-9%]+/)
+      return match ? match[0] : null
+    } catch {
+      return null
+    }
+  }
+
+  private getBrowserWindowsMasterKey(browserBase: string): Buffer | null {
+    try {
+      const localStatePath = join(browserBase, 'Local State')
+      if (!existsSync(localStatePath)) return null
+
+      const localState = JSON.parse(readFileSync(localStatePath, 'utf8')) as {
+        os_crypt?: { encrypted_key?: string }
+      }
+      const encryptedKeyB64 = localState?.os_crypt?.encrypted_key
+      if (!encryptedKeyB64) return null
+
+      const encryptedKey = Buffer.from(encryptedKeyB64, 'base64')
+      if (encryptedKey.subarray(0, 5).toString() !== 'DPAPI') return null
+
+      return this.decryptDPAPI(encryptedKey.subarray(5))
+    } catch {
+      return null
+    }
   }
 
   private async extractTokensFromLevelDB(): Promise<TokenInfo[]> {
@@ -845,7 +1157,7 @@ export class TokenExtractor {
   }
 
   private decryptV11CookieLinux(encrypted: Buffer): string | null {
-    const appNames = ['Slack', 'slack']
+    const appNames = ['Slack', 'slack', 'Chrome', 'chrome', 'Chromium', 'chromium', 'Microsoft Edge', 'Brave', 'Vivaldi']
     for (const appName of appNames) {
       try {
         const keyringPassword = this.getLinuxKeyringPassword(appName)