agentaudit 3.13.0 → 3.13.2

package/cli.mjs

@@ -852,17 +852,45 @@ function padLeft(str, len) {
   return diff > 0 ? ' '.repeat(diff) + str : str;
 }
 
+// Truncate a string with ANSI codes to maxLen visible characters
+function truncateAnsi(str, maxLen) {
+  if (maxLen <= 0) return '';
+  let vis = 0;
+  let result = '';
+  let i = 0;
+  while (i < str.length) {
+    if (str[i] === '\x1b') {
+      const m = str.slice(i).match(/^\x1b\[[0-9;]*[a-zA-Z]/);
+      if (m) { result += m[0]; i += m[0].length; continue; }
+    }
+    if (vis >= maxLen) break;
+    result += str[i];
+    vis++;
+    i++;
+  }
+  return result + c.reset;
+}
+
 function drawBox(title, contentLines, width) {
   const inner = width - 4; // 2 for "│ " + 2 for " │"
   const totalDash = inner + 2; // total horizontal line chars between corners
   const lines = [];
-  const titleStr = title ? ` ${title} ` : '';
-  const titleLen = visLen(titleStr);
+  let titleStr = title ? ` ${title} ` : '';
+  let titleLen = visLen(titleStr);
+  // Clamp title if wider than available border space
+  if (titleLen >= totalDash - 1) {
+    const maxTitle = Math.max(1, totalDash - 4);
+    titleStr = ` ${title.slice(0, maxTitle)}… `;
+    titleLen = visLen(titleStr);
+  }
   // Top: ╭─ Title ────────────╮  (1 dash before title + title + remaining dashes)
-  const topDash = BOX.h.repeat(Math.max(1, totalDash - 1 - titleLen));
+  const topDash = BOX.h.repeat(Math.max(0, totalDash - 1 - titleLen));
   lines.push(`  ${BOX.tl}${c.dim}${BOX.h}${c.reset}${c.bold}${titleStr}${c.reset}${c.dim}${topDash}${c.reset}${BOX.tr}`);
   for (const line of contentLines) {
-    lines.push(`  ${BOX.v} ${padRight(line, inner + 1)}${BOX.v}`);
+    // Truncate content that exceeds box inner width
+    const vl = visLen(line);
+    const display = vl > inner ? truncateAnsi(line, inner - 1) + '…' : line;
+    lines.push(`  ${BOX.v} ${padRight(display, inner + 1)}${BOX.v}`);
   }
   lines.push(`  ${BOX.bl}${c.dim}${BOX.h.repeat(totalDash)}${c.reset}${BOX.br}`);
   return lines;
@@ -4152,6 +4180,7 @@ async function checkPackage(name) {
     if (!jsonMode) {
       console.log(`  ${c.yellow}Not found${c.reset} — package "${name}" hasn't been audited yet.`);
       console.log(`  ${c.dim}Run: agentaudit audit <repo-url> for a deep LLM audit${c.reset}`);
+      await suggestSimilarPackages(name);
     }
     return null;
   }
@@ -4219,7 +4248,10 @@ function renderOverviewTab(data, width) {
       const idx = leaderboard.findIndex(e => e.agent_name === creds.agent_name);
       if (idx >= 0) rank = `#${idx + 1} of ${leaderboard.length}`;
     }
-    profileLines.push(`${c.bold}${creds.agent_name}${c.reset}${' '.repeat(Math.max(1, halfW - 14 - visLen(creds.agent_name) - visLen(rank)))}${c.dim}${rank}${c.reset}`);
+    const nameVis = visLen(creds.agent_name);
+    const rankVis = visLen(rank);
+    const nameGap = Math.max(1, halfW - nameVis - rankVis);
+    profileLines.push(`${c.bold}${creds.agent_name}${c.reset}${' '.repeat(nameGap)}${c.dim}${rank}${c.reset}`);
     profileLines.push(`Points     ${c.bold}${fmtNum(agent.total_points)}${c.reset}`);
     profileLines.push(`Audits     ${c.bold}${fmtNum(agent.total_reports)}${c.reset}`);
     profileLines.push(`Findings   ${c.bold}${fmtNum(agent.total_findings_submitted)}${c.reset} ${c.dim}(${fmtNum(agent.total_findings_confirmed)} confirmed)${c.reset}`);
@@ -4254,6 +4286,15 @@ function renderOverviewTab(data, width) {
     regLines.push(`${c.dim}Could not load registry stats${c.reset}`);
   }
 
+  // Local history stats
+  const localHistory = loadHistory(50);
+  const verifiedCount = localHistory.filter(h => h.verification).length;
+  const localStats = {
+    total: localHistory.length,
+    verified: verifiedCount,
+    lastAudit: localHistory[0] ? timeAgo(localHistory[0].timestamp || localHistory[0].date) : null,
+  };
+
   const boxW = halfW + 4;
   const profileBox = drawBox('Your Profile', profileLines, boxW);
   const registryBox = drawBox('Registry', regLines, boxW);
@@ -4261,8 +4302,13 @@ function renderOverviewTab(data, width) {
   // Side by side if wide enough, stacked otherwise
   if (width >= boxW * 2 + 4) {
     const maxLen = Math.max(profileBox.length, registryBox.length);
-    while (profileBox.length < maxLen) profileBox.push(`  ${BOX.v} ${' '.repeat(halfW + 1)}${BOX.v}`);
-    while (registryBox.length < maxLen) registryBox.push(`  ${BOX.v} ${' '.repeat(halfW + 1)}${BOX.v}`);
+    // Insert filler lines BEFORE the bottom border (last line), not after
+    while (profileBox.length < maxLen) {
+      profileBox.splice(profileBox.length - 1, 0, `  ${BOX.v} ${' '.repeat(halfW + 1)}${BOX.v}`);
+    }
+    while (registryBox.length < maxLen) {
+      registryBox.splice(registryBox.length - 1, 0, `  ${BOX.v} ${' '.repeat(halfW + 1)}${BOX.v}`);
+    }
     for (let i = 0; i < maxLen; i++) {
       lines.push(profileBox[i] + '  ' + registryBox[i].trimStart());
     }
@@ -4270,6 +4316,24 @@ function renderOverviewTab(data, width) {
     lines.push(...profileBox, '', ...registryBox);
   }
 
+  // Local history section
+  lines.push('');
+  if (localStats.total > 0) {
+    const histParts = [`${c.bold}${localStats.total}${c.reset} local audits`];
+    if (localStats.verified > 0) histParts.push(`${c.green}${localStats.verified} verified${c.reset}`);
+    if (localStats.lastAudit) histParts.push(`${c.dim}last: ${localStats.lastAudit}${c.reset}`);
+    lines.push(`  ${c.dim}Local:${c.reset} ${histParts.join(`  ${c.dim}│${c.reset}  `)}`);
+  }
+
+  // Quick actions
+  lines.push('');
+  lines.push(`  ${c.bold}Quick Actions${c.reset}`);
+  lines.push(`  ${c.cyan}agentaudit audit <url>${c.reset}            ${c.dim}Deep LLM security audit${c.reset}`);
+  lines.push(`  ${c.cyan}agentaudit audit <url> --verify${c.reset}   ${c.dim}Audit + adversarial verification${c.reset}`);
+  lines.push(`  ${c.cyan}agentaudit audit <url> --remote${c.reset}   ${c.dim}Server-side scan (no API key)${c.reset}`);
+  lines.push(`  ${c.cyan}agentaudit consensus <pkg>${c.reset}        ${c.dim}Cross-model consensus view${c.reset}`);
+  lines.push(`  ${c.cyan}agentaudit search <query>${c.reset}         ${c.dim}Search the registry${c.reset}`);
+
   return lines;
 }
 
@@ -4291,7 +4355,7 @@ function renderLeaderboardTab(data, width, opts = {}) {
     const entry = leaderboard[i];
     const name = (entry.agent_name || '').slice(0, maxNameW);
     const isMe = creds && entry.agent_name === creds.agent_name;
-    const prefix = i < 3 ? ` ${medals[i]} ` : `  ${c.dim}#${String(i + 1).padStart(2)}${c.reset} `;
+    const prefix = i < 3 ? `  ${medals[i]}   ` : `  ${c.dim}#${String(i + 1).padStart(2)}${c.reset} `;
     const nameStr = isMe ? `${c.green}${c.bold}${name}${c.reset}` : name;
     const bar = renderBar(entry.total_points || 0, maxPts, barW);
     const pts = padLeft(`${fmtNum(entry.total_points || 0)} pts`, 12);
@@ -4592,6 +4656,31 @@ function renderSearchTab(searchState, width) {
   return lines;
 }
 
+async function suggestSimilarPackages(slug) {
+  if (jsonMode || quietMode) return;
+  try {
+    const res = await fetch(`${REGISTRY_URL}/api/lookup?hash=${encodeURIComponent(slug)}`, {
+      signal: AbortSignal.timeout(5_000),
+    });
+    if (!res.ok) return;
+    const data = await res.json();
+    // API returns { reports: [...], findings: [...], total_matches }
+    const reports = data.reports || [];
+    if (reports.length === 0) return;
+    console.log();
+    console.log(`  ${c.dim}Did you mean one of these?${c.reset}`);
+    const shown = reports.slice(0, 5);
+    for (const p of shown) {
+      const name = p.skill_slug || p.slug || '?';
+      const risk = p.risk_score ?? 0;
+      const badge = risk === 0 ? `${c.green}safe${c.reset}` : risk <= 25 ? `${c.green}score ${100 - risk}${c.reset}` : risk <= 50 ? `${c.yellow}score ${100 - risk}${c.reset}` : `${c.red}score ${100 - risk}${c.reset}`;
+      console.log(`    ${c.cyan}${name}${c.reset}  ${badge}`);
+    }
+    if (data.total_matches > 5) console.log(`    ${c.dim}...and ${data.total_matches - 5} more${c.reset}`);
+    console.log(`  ${c.dim}Use: ${c.cyan}agentaudit search <query>${c.dim} to find packages${c.reset}`);
+  } catch { /* ignore */ }
+}
+
 async function searchCommand(args) {
   const query = args.filter(a => !a.startsWith('--')).join(' ').trim();
 
@@ -4698,7 +4787,7 @@ async function leaderboardCommand(args) {
     const entry = data[i];
     const name = (entry.agent_name || '').slice(0, 20);
     const isMe = creds && entry.agent_name === creds.agent_name;
-    const prefix = i < 3 ? ` ${medals[i]} ` : `  #${String(i + 1).padStart(2)}  `;
+    const prefix = i < 3 ? `  ${medals[i]}   ` : `  ${c.dim}#${String(i + 1).padStart(2)}${c.reset} `;
     const nameStr = isMe ? `${c.green}${c.bold}${name}${c.reset}` : name;
     const bar = renderBar(entry.total_points || 0, maxPts, barW);
     const pts = `${fmtNum(entry.total_points || 0)} pts`;
@@ -5564,9 +5653,22 @@ async function main() {
         } else {
           console.log(`  ${c.red}API error (HTTP ${res.status})${c.reset}`);
         }
+        // Suggest similar packages via search
+        await suggestSimilarPackages(slug);
         return;
       }
       const data = await res.json();
+
+      // Check if package actually has any reports
+      if ((!data.total_reports && data.total_reports !== undefined) || (data.total_reports === 0 && (!data.findings || data.findings.length === 0))) {
+        if (jsonMode) { console.log(JSON.stringify(data, null, 2)); return; }
+        console.log(`  ${c.yellow}No reports found${c.reset} — "${slug}" hasn't been audited yet.`);
+        console.log(`  ${c.dim}Run: ${c.cyan}agentaudit audit <repo-url>${c.dim} to create the first audit${c.reset}`);
+        // Suggest similar packages
+        await suggestSimilarPackages(slug);
+        return;
+      }
+
       if (jsonMode) { console.log(JSON.stringify(data, null, 2)); return; }
 
       console.log();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentaudit",
-  "version": "3.13.0",
+  "version": "3.13.2",
   "description": "Security scanner for AI agent packages — CLI + MCP server",
   "type": "module",
   "bin": {