agentaudit 3.13.9 → 3.13.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/cli.mjs +25 -16
  2. package/package.json +1 -1
package/cli.mjs CHANGED
@@ -2876,27 +2876,36 @@ async function safeJsonParse(res, llmConfig) {
2876
2876
  }
2877
2877
 
2878
2878
  function getMaxOutputTokens(model) {
2879
- // Known max_completion_tokens from provider docs / OpenRouter API
2880
- const limits = {
2881
- // Anthropic
2882
- 'claude-haiku-4-5': 8192, 'claude-3-haiku': 4096, 'claude-3-5-haiku': 8192,
2883
- 'claude-sonnet-4-6': 64000, 'claude-sonnet-4-5': 16384, 'claude-3-5-sonnet': 8192,
2884
- 'claude-opus-4-6': 32768, 'claude-opus-4': 32768,
2885
- // Google Gemini (all current models support 65536)
2886
- 'gemini-3': 65536, 'gemini-2.5': 65536, 'gemini-2.0': 65536,
2887
- // Qwen
2888
- 'qwen3.5': 65536, 'qwen3': 32768, 'qwen2.5': 32768,
2879
+ // Known max_completion_tokens from provider docs (2026-02)
2880
+ // Array (not object) to guarantee match order — specific keys before generic ones
2881
+ const limits = [
2882
+ // Anthropic (specific versions first, then generic)
2883
+ ['claude-haiku-4-5', 8192], ['claude-3-haiku', 4096], ['claude-3-5-haiku', 8192],
2884
+ ['claude-sonnet-4-6', 64000], ['claude-sonnet-4-5', 16384], ['claude-3-5-sonnet', 8192], ['claude-sonnet-4', 16384],
2885
+ ['claude-opus-4-6', 32768], ['claude-opus-4', 32768],
2886
+ // Google Gemini
2887
+ ['gemini-3', 65536], ['gemini-2.5', 65536], ['gemini-2.0', 65536],
2888
+ // Qwen (OpenRouter)
2889
+ ['qwen3.5', 65536], ['qwen3', 32768], ['qwen2.5', 32768],
2889
2890
  // xAI
2890
- 'grok-4': 32768, 'grok-3': 16384,
2891
+ ['grok-4', 32768], ['grok-3', 16384],
2891
2892
  // OpenAI
2892
- 'gpt-4.1': 32768, 'gpt-4o': 16384, 'gpt-4-turbo': 4096,
2893
- 'o3': 100000, 'o4-mini': 100000,
2894
- };
2893
+ ['gpt-4.1', 32768], ['gpt-4o', 16384], ['gpt-4-turbo', 4096], ['o3', 100000], ['o4-mini', 100000],
2894
+ // DeepSeek (8K standard mode — thinking mode allows 64K but we use standard)
2895
+ ['deepseek', 8192],
2896
+ // Mistral
2897
+ ['mistral-large', 32768], ['mistral-medium', 32768], ['mistral-small', 32768],
2898
+ // Meta Llama (served by Groq 32K, Together, Fireworks, Cerebras)
2899
+ ['llama-3.3', 32768], ['llama-v3p3', 32768], ['llama-3.1', 32768], ['llama-v3p1', 32768],
2900
+ ['llama-4', 32768], ['llama-3', 16384],
2901
+ // Zhipu / z.ai
2902
+ ['glm-4', 16384], ['glm-3', 8192],
2903
+ ];
2895
2904
  const m = (model || '').toLowerCase();
2896
- for (const [key, val] of Object.entries(limits)) {
2905
+ for (const [key, val] of limits) {
2897
2906
  if (m.includes(key)) return val;
2898
2907
  }
2899
- return 16384; // conservative fallback for unknown models
2908
+ return 8192; // conservative fallback — safe for all providers
2900
2909
  }
2901
2910
 
2902
2911
  async function callLlm(llmConfig, systemPrompt, userMessage) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agentaudit",
3
- "version": "3.13.9",
3
+ "version": "3.13.10",
4
4
  "description": "Security scanner for AI agent packages — CLI + MCP server",
5
5
  "type": "module",
6
6
  "bin": {