agentaudit 3.9.15 → 3.9.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +23 -7
- package/package.json +1 -1
package/cli.mjs
CHANGED
|
@@ -1309,15 +1309,17 @@ async function auditRepo(url) {
|
|
|
1309
1309
|
// Check for API keys to determine which LLM to use
|
|
1310
1310
|
const anthropicKey = process.env.ANTHROPIC_API_KEY;
|
|
1311
1311
|
const openaiKey = process.env.OPENAI_API_KEY;
|
|
1312
|
-
const
|
|
1312
|
+
const openrouterKey = process.env.OPENROUTER_API_KEY;
|
|
1313
|
+
const openrouterModel = process.env.OPENROUTER_MODEL || 'anthropic/claude-sonnet-4';
|
|
1314
|
+
const activeProvider = anthropicKey ? 'Anthropic (Claude)' : openaiKey ? 'OpenAI (GPT-4o)' : openrouterKey ? `OpenRouter (${openrouterModel})` : null;
|
|
1313
1315
|
|
|
1314
|
-
if (!anthropicKey && !openaiKey) {
|
|
1316
|
+
if (!anthropicKey && !openaiKey && !openrouterKey) {
|
|
1315
1317
|
// No LLM API key — clear explanation
|
|
1316
1318
|
console.log();
|
|
1317
1319
|
console.log(` ${c.yellow}No LLM API key found.${c.reset} The ${c.bold}audit${c.reset} command needs an LLM to analyze code.`);
|
|
1318
1320
|
console.log();
|
|
1319
1321
|
console.log(` ${c.bold}Option 1: Set an API key${c.reset}`);
|
|
1320
|
-
console.log(` Supported keys: ${c.cyan}ANTHROPIC_API_KEY${c.reset} or ${c.cyan}
|
|
1322
|
+
console.log(` Supported keys: ${c.cyan}ANTHROPIC_API_KEY${c.reset}, ${c.cyan}OPENAI_API_KEY${c.reset}, or ${c.cyan}OPENROUTER_API_KEY${c.reset}`);
|
|
1321
1323
|
console.log();
|
|
1322
1324
|
console.log(` ${c.dim}# Linux / macOS:${c.reset}`);
|
|
1323
1325
|
console.log(` ${c.dim}export ANTHROPIC_API_KEY=sk-ant-...${c.reset}`);
|
|
@@ -1420,15 +1422,22 @@ async function auditRepo(url) {
|
|
|
1420
1422
|
const text = data.content?.[0]?.text || '';
|
|
1421
1423
|
_lastLlmText = text;
|
|
1422
1424
|
report = extractJSON(text);
|
|
1423
|
-
} else if (openaiKey) {
|
|
1424
|
-
const
|
|
1425
|
+
} else if (openaiKey || openrouterKey) {
|
|
1426
|
+
const isOpenRouter = !openaiKey && !!openrouterKey;
|
|
1427
|
+
const apiUrl = isOpenRouter ? 'https://openrouter.ai/api/v1/chat/completions' : 'https://api.openai.com/v1/chat/completions';
|
|
1428
|
+
const apiToken = isOpenRouter ? openrouterKey : openaiKey;
|
|
1429
|
+
const modelName = isOpenRouter ? (process.env.OPENROUTER_MODEL || 'anthropic/claude-sonnet-4') : 'gpt-4o';
|
|
1430
|
+
const extraHeaders = isOpenRouter ? { 'HTTP-Referer': 'https://agentaudit.dev', 'X-Title': 'AgentAudit' } : {};
|
|
1431
|
+
|
|
1432
|
+
const res = await fetch(apiUrl, {
|
|
1425
1433
|
method: 'POST',
|
|
1426
1434
|
headers: {
|
|
1427
|
-
'Authorization': `Bearer ${
|
|
1435
|
+
'Authorization': `Bearer ${apiToken}`,
|
|
1428
1436
|
'Content-Type': 'application/json',
|
|
1437
|
+
...extraHeaders,
|
|
1429
1438
|
},
|
|
1430
1439
|
body: JSON.stringify({
|
|
1431
|
-
model:
|
|
1440
|
+
model: modelName,
|
|
1432
1441
|
max_tokens: 8192,
|
|
1433
1442
|
messages: [
|
|
1434
1443
|
{ role: 'system', content: systemPrompt },
|
|
@@ -1535,6 +1544,13 @@ async function checkPackage(name) {
|
|
|
1535
1544
|
const data = await checkRegistry(name);
|
|
1536
1545
|
if (!data) {
|
|
1537
1546
|
if (!jsonMode) {
|
|
1547
|
+
// If input looks like a URL, offer to auto-audit
|
|
1548
|
+
if (name.includes('github.com') || name.includes('://')) {
|
|
1549
|
+
console.log(` ${c.yellow}Not found in registry.${c.reset}`);
|
|
1550
|
+
console.log(` ${c.dim}Starting audit for ${name}...${c.reset}`);
|
|
1551
|
+
console.log();
|
|
1552
|
+
return await auditRepo(name);
|
|
1553
|
+
}
|
|
1538
1554
|
console.log(` ${c.yellow}Not found${c.reset} — package "${name}" hasn't been audited yet.`);
|
|
1539
1555
|
console.log(` ${c.dim}Run: agentaudit audit <repo-url> for a deep LLM audit${c.reset}`);
|
|
1540
1556
|
}
|