akm-cli 0.3.1 → 0.4.0

package/dist/config.js

@@ -1,5 +1,6 @@
 import fs from "node:fs";
 import path from "node:path";
+import { filterNonEmptyStrings } from "./common";
 import { getConfigDir as _getConfigDir, getConfigPath as _getConfigPath } from "./paths";
 // ── Defaults ────────────────────────────────────────────────────────────────
 export const DEFAULT_CONFIG = {
@@ -21,42 +22,47 @@ export function getConfigPath() {
     return _getConfigPath();
 }
 // ── Load / Save / Update ────────────────────────────────────────────────────
+const PROJECT_CONFIG_RELATIVE_PATH = path.join(".akm", "config.json");
 let cachedConfig;
+let cachedUserConfig;
 export function resetConfigCache() {
     cachedConfig = undefined;
+    cachedUserConfig = undefined;
 }
-export function loadConfig() {
+export function loadUserConfig() {
     const configPath = getConfigPath();
     let stat;
     try {
         stat = fs.statSync(configPath);
-        if (cachedConfig && cachedConfig.path === configPath && cachedConfig.mtime === stat.mtimeMs) {
-            return cachedConfig.config;
+        if (cachedUserConfig && cachedUserConfig.path === configPath && cachedUserConfig.mtime === stat.mtimeMs) {
+            return cachedUserConfig.config;
         }
     }
     catch {
-        // File doesn't exist — return defaults below
-        cachedConfig = undefined;
-        return { ...DEFAULT_CONFIG };
-    }
-    const raw = readConfigObject(configPath);
-    const expanded = raw ? expandEnvVars(raw) : undefined;
-    const config = expanded ? pickKnownKeys(expanded) : { ...DEFAULT_CONFIG };
-    // Legacy: inject API keys from well-known env vars when not set via ${} substitution
-    if (config.embedding && !config.embedding.apiKey) {
-        const envKey = process.env.AKM_EMBED_API_KEY?.trim();
-        if (envKey)
-            config.embedding.apiKey = envKey;
+        cachedUserConfig = undefined;
+        return applyRuntimeEnvApiKeys({ ...DEFAULT_CONFIG });
     }
-    if (config.llm && !config.llm.apiKey) {
-        const envKey = process.env.AKM_LLM_API_KEY?.trim();
-        if (envKey)
-            config.llm.apiKey = envKey;
+    const config = mergeLoadedConfig(DEFAULT_CONFIG, readNormalizedConfig(configPath));
+    const finalConfig = applyRuntimeEnvApiKeys(config);
+    cachedUserConfig = { config: finalConfig, path: configPath, mtime: stat.mtimeMs };
+    return finalConfig;
+}
+export function loadConfig() {
+    const configPaths = getEffectiveConfigPaths();
+    const signature = getConfigSignature(configPaths);
+    if (cachedConfig && cachedConfig.signature === signature) {
+        return cachedConfig.config;
+    }
+    let config = loadUserConfig();
+    const userConfigPath = getConfigPath();
+    for (const configPath of configPaths) {
+        if (configPath === userConfigPath)
+            continue;
+        config = mergeLoadedConfig(config, readNormalizedConfig(configPath));
     }
-    // Cache the parsed config with its path and mtime for subsequent calls.
-    // Reuse the stat already obtained above (avoids a second syscall + TOCTOU gap).
-    cachedConfig = { config, path: configPath, mtime: stat.mtimeMs };
-    return config;
+    const finalConfig = applyRuntimeEnvApiKeys(config);
+    cachedConfig = { config: finalConfig, signature };
+    return finalConfig;
 }
 export function saveConfig(config) {
     cachedConfig = undefined;
@@ -98,7 +104,7 @@ function sanitizeConfigForWrite(config) {
     return sanitized;
 }
 export function updateConfig(partial) {
-    const current = loadConfig();
+    const current = loadUserConfig();
     // Shallow-merge for top-level scalar fields; deep-merge known object-type config keys.
     const merged = { ...current, ...partial };
     // Deep-merge output — partial update should not wipe sibling keys
@@ -113,12 +119,22 @@ export function updateConfig(partial) {
     if (current.llm && partial.llm && partial.llm !== current.llm) {
         merged.llm = { ...current.llm, ...partial.llm };
     }
+    if (current.security && partial.security && partial.security !== current.security) {
+        merged.security = mergeSecurityConfig(current.security, partial.security);
+    }
     saveConfig(merged);
     return merged;
 }
 // ── Helpers ─────────────────────────────────────────────────────────────────
+/**
+ * Normalize a raw config object into a sparse config layer containing only
+ * recognized keys that were valid in the source object. This function does not
+ * merge with DEFAULT_CONFIG; callers are responsible for layering defaults and
+ * combining multiple config sources so project config files only override what
+ * they set.
+ */
 function pickKnownKeys(raw) {
-    const config = { ...DEFAULT_CONFIG };
+    const config = {};
     if (typeof raw.stashDir === "string" && raw.stashDir.trim()) {
         config.stashDir = raw.stashDir.trim();
     }
@@ -159,14 +175,25 @@ function pickKnownKeys(raw) {
     const registries = parseRegistriesConfig(raw.registries);
     if (registries)
         config.registries = registries;
+    if (typeof raw.disableGlobalStashes === "boolean") {
+        config.disableGlobalStashes = raw.disableGlobalStashes;
+    }
     const stashes = parseStashesConfig(raw.stashes);
     if (stashes)
         config.stashes = stashes;
+    const security = parseSecurityConfig(raw.security);
+    if (security)
+        config.security = security;
     const output = parseOutputConfig(raw.output);
     if (output)
         config.output = output;
     return config;
 }
+function readNormalizedConfig(configPath) {
+    const raw = readConfigObject(configPath);
+    const expanded = raw ? expandEnvVars(raw) : undefined;
+    return expanded ? pickKnownKeys(expanded) : undefined;
+}
 function parseOutputConfig(value) {
     if (typeof value !== "object" || value === null || Array.isArray(value))
         return undefined;
@@ -440,6 +467,32 @@ function parseStashesConfig(value) {
         .filter((entry) => entry !== undefined);
     return entries;
 }
+function parseSecurityConfig(value) {
+    if (typeof value !== "object" || value === null || Array.isArray(value))
+        return undefined;
+    const obj = value;
+    const installAudit = parseInstallAuditConfig(obj.installAudit);
+    if (!installAudit)
+        return undefined;
+    return { installAudit };
+}
+function parseInstallAuditConfig(value) {
+    if (typeof value !== "object" || value === null || Array.isArray(value))
+        return undefined;
+    const obj = value;
+    const config = {};
+    if (typeof obj.enabled === "boolean")
+        config.enabled = obj.enabled;
+    if (typeof obj.blockOnCritical === "boolean")
+        config.blockOnCritical = obj.blockOnCritical;
+    if (typeof obj.blockUnlistedRegistries === "boolean")
+        config.blockUnlistedRegistries = obj.blockUnlistedRegistries;
+    const rawAllowlist = filterNonEmptyStrings(obj.registryAllowlist) ?? filterNonEmptyStrings(obj.registryWhitelist);
+    if (rawAllowlist) {
+        config.registryAllowlist = rawAllowlist;
+    }
+    return Object.keys(config).length > 0 ? config : undefined;
+}
 function parseStashConfigEntry(value) {
     if (typeof value !== "object" || value === null || Array.isArray(value))
         return undefined;
@@ -485,3 +538,122 @@ function parseRegistryConfigEntry(value) {
     }
     return entry;
 }
+function mergeSecurityConfig(base, override) {
+    if (!base && !override)
+        return undefined;
+    const installAudit = mergeInstallAuditConfig(base?.installAudit, override?.installAudit);
+    return installAudit ? { installAudit } : undefined;
+}
+function mergeInstallAuditConfig(base, override) {
+    if (!base && !override)
+        return undefined;
+    const merged = {
+        ...(base ?? {}),
+        ...(override ?? {}),
+    };
+    return Object.values(merged).some((value) => value !== undefined) ? merged : undefined;
+}
+/**
+ * Merge a normalized config layer into an accumulated config.
+ *
+ * Scalar fields follow normal override semantics. Known nested objects are
+ * deep-merged so project config files can override individual fields without
+ * clobbering sibling settings. `stashes` are additive by default, but a later
+ * layer can set `disableGlobalStashes: true` to drop inherited stashes first.
+ */
+function mergeLoadedConfig(base, override) {
+    if (!override)
+        return { ...base };
+    const merged = {
+        ...base,
+        ...override,
+    };
+    if (base.output && override.output) {
+        merged.output = { ...base.output, ...override.output };
+    }
+    if (base.embedding && override.embedding) {
+        merged.embedding = { ...base.embedding, ...override.embedding };
+    }
+    if (base.llm && override.llm) {
+        merged.llm = { ...base.llm, ...override.llm };
+    }
+    if (base.security && override.security) {
+        merged.security = mergeSecurityConfig(base.security, override.security);
+    }
+    if (override.disableGlobalStashes) {
+        merged.stashes = [...(override.stashes ?? [])];
+    }
+    else if (override.stashes) {
+        merged.stashes = [...(base.stashes ?? []), ...override.stashes];
+    }
+    return merged;
+}
+function applyRuntimeEnvApiKeys(config) {
+    const next = { ...config };
+    if (next.embedding && !next.embedding.apiKey) {
+        const envKey = process.env.AKM_EMBED_API_KEY?.trim();
+        if (envKey)
+            next.embedding = { ...next.embedding, apiKey: envKey };
+    }
+    if (next.llm && !next.llm.apiKey) {
+        const envKey = process.env.AKM_LLM_API_KEY?.trim();
+        if (envKey)
+            next.llm = { ...next.llm, apiKey: envKey };
+    }
+    return next;
+}
+/**
+ * Return config file paths in merge order: user config first, then project
+ * config files from the outermost parent directory down to the current working
+ * directory. Later entries have higher precedence when merged.
+ */
+function getEffectiveConfigPaths() {
+    const configPath = getConfigPath();
+    const paths = [];
+    if (isFile(configPath)) {
+        paths.push(configPath);
+    }
+    return [...paths, ...discoverProjectConfigPaths(process.cwd())];
+}
+/**
+ * Walk from `startDir` up to the filesystem root and collect `.akm/config.json`
+ * files. Paths are returned from outermost parent to innermost directory so
+ * nearer project directories override broader project settings.
+ */
+function discoverProjectConfigPaths(startDir) {
+    const paths = [];
+    let currentDir = path.resolve(startDir);
+    while (true) {
+        const configPath = path.join(currentDir, PROJECT_CONFIG_RELATIVE_PATH);
+        if (isFile(configPath)) {
+            paths.unshift(configPath);
+        }
+        const parentDir = path.dirname(currentDir);
+        if (parentDir === currentDir) {
+            break;
+        }
+        currentDir = parentDir;
+    }
+    return paths;
+}
+function getConfigSignature(configPaths) {
+    if (configPaths.length === 0)
+        return "defaults";
+    return configPaths.map((configPath) => `${configPath}:${getFileSignatureToken(configPath)}`).join("|");
+}
+function isFile(filePath) {
+    try {
+        return fs.statSync(filePath).isFile();
+    }
+    catch {
+        return false;
+    }
+}
+function getFileSignatureToken(filePath) {
+    try {
+        return String(fs.statSync(filePath).mtimeMs);
+    }
+    catch {
+        return "missing";
+    }
+}

package/dist/init.js

@@ -7,7 +7,7 @@
 import fs from "node:fs";
 import path from "node:path";
 import { TYPE_DIRS } from "./asset-spec";
-import { getConfigPath, loadConfig, saveConfig } from "./config";
+import { getConfigPath, loadUserConfig, saveConfig } from "./config";
 import { getBinDir, getDefaultStashDir } from "./paths";
 import { ensureRg } from "./ripgrep-install";
 export async function akmInit(options) {
@@ -25,7 +25,7 @@ export async function akmInit(options) {
     }
     // Persist stashDir in config.json
     const configPath = getConfigPath();
-    const existing = loadConfig();
+    const existing = loadUserConfig();
     if (!existing.stashDir || existing.stashDir !== stashDir) {
         saveConfig({ ...existing, stashDir });
     }

package/dist/install-audit.js

@@ -0,0 +1,324 @@
+import fs from "node:fs";
+import path from "node:path";
+import { filterNonEmptyStrings } from "./common";
+const DEFAULT_INSTALL_AUDIT_CONFIG = {
+    enabled: true,
+    blockOnCritical: true,
+    blockUnlistedRegistries: false,
+    registryAllowlist: [],
+};
+const MAX_SCANNED_FILE_BYTES = 256 * 1024;
+const LIFECYCLE_SCRIPT_NAMES = new Set([
+    "preinstall",
+    "install",
+    "postinstall",
+    "prepublish",
+    "prepublishOnly",
+    "prepare",
+]);
+const TEXT_FILE_EXTENSIONS = new Set([
+    ".cjs",
+    ".cts",
+    ".js",
+    ".json",
+    ".jsonc",
+    ".jsx",
+    ".mjs",
+    ".md",
+    ".ps1",
+    ".py",
+    ".rb",
+    ".sh",
+    ".toml",
+    ".ts",
+    ".tsx",
+    ".txt",
+    ".yaml",
+    ".yml",
+]);
+const CONTENT_RULES = [
+    {
+        id: "prompt-ignore-previous-instructions",
+        severity: "high",
+        category: "prompt-injection",
+        message: "Contains instructions to ignore prior prompts or instructions.",
+        pattern: /\b(ignore|disregard|forget)\b[^.\n]{0,100}\b(previous|prior|earlier)\b[^.\n]{0,100}\b(instructions?|prompts?|messages?)\b/i,
+    },
+    {
+        id: "prompt-reveal-hidden-secrets",
+        severity: "critical",
+        category: "prompt-injection",
+        message: "Contains instructions to reveal hidden prompts or secrets.",
+        pattern: /\b(reveal|print|dump|show|exfiltrat(?:e|ion))\b[^.\n]{0,120}\b(system prompt|hidden instructions?|developer message|api key|token|secret|password)\b/i,
+    },
+    {
+        id: "prompt-bypass-guardrails",
+        severity: "high",
+        category: "prompt-injection",
+        message: "Contains instructions to bypass safety or security controls.",
+        pattern: /\b(bypass|disable|ignore)\b[^.\n]{0,100}\b(safety|security|guardrails|restrictions|policies)\b/i,
+    },
+    {
+        id: "remote-shell-pipe",
+        severity: "critical",
+        category: "malicious-code",
+        message: "Downloads remote content and pipes it directly into a shell.",
+        pattern: /\b(curl|wget)\b[^\n|]{0,200}\|\s*(sh|bash|zsh)\b/i,
+    },
+    {
+        id: "powershell-download-exec",
+        severity: "critical",
+        category: "malicious-code",
+        message: "Downloads remote content and executes it in PowerShell.",
+        pattern: /\b(Invoke-WebRequest|iwr|curl)\b[^\n|]{0,200}\|\s*(iex|Invoke-Expression)\b/i,
+    },
+    {
+        id: "powershell-encoded-command",
+        severity: "critical",
+        category: "malicious-code",
+        message: "Uses an encoded PowerShell command.",
+        pattern: /\bpowershell(?:\.exe)?\b[^\n]{0,120}\s-(?:enc|encodedcommand)\b/i,
+    },
+    {
+        id: "credential-exfiltration-language",
+        severity: "high",
+        category: "malicious-code",
+        message: "Contains language associated with credential or secret exfiltration.",
+        pattern: /\b(exfiltrat(?:e|ion)|harvest|steal)\b[^.\n]{0,120}\b(credentials?|tokens?|secrets?|ssh keys?|passwords?|cookies?)\b/i,
+    },
+];
+export function resolveInstallAuditConfig(config) {
+    const installAudit = config?.security?.installAudit;
+    const allowlist = filterNonEmptyStrings(installAudit?.registryAllowlist) ??
+        filterNonEmptyStrings(installAudit?.registryWhitelist) ??
+        [];
+    return {
+        enabled: installAudit?.enabled ?? DEFAULT_INSTALL_AUDIT_CONFIG.enabled,
+        blockOnCritical: installAudit?.blockOnCritical ?? DEFAULT_INSTALL_AUDIT_CONFIG.blockOnCritical,
+        blockUnlistedRegistries: installAudit?.blockUnlistedRegistries ?? DEFAULT_INSTALL_AUDIT_CONFIG.blockUnlistedRegistries,
+        registryAllowlist: allowlist.map((entry) => entry.trim().toLowerCase()),
+    };
+}
+export function enforceRegistryInstallPolicy(registryLabels, config, ref) {
+    const resolved = resolveInstallAuditConfig(config);
+    if (!resolved.blockUnlistedRegistries)
+        return;
+    if (resolved.registryAllowlist.length === 0) {
+        throw new Error(`Install blocked for ${ref}: no registries are allowlisted. Configure security.installAudit.registryAllowlist or disable security.installAudit.blockUnlistedRegistries.`);
+    }
+    const matched = registryLabels.some((label) => resolved.registryAllowlist.includes(label.toLowerCase()));
+    if (matched)
+        return;
+    throw new Error(`Install blocked for ${ref}: registry is not allowlisted. Allowed: ${resolved.registryAllowlist.join(", ")}. Seen: ${registryLabels.join(", ")}.`);
+}
+export function auditInstallCandidate(input) {
+    const resolved = resolveInstallAuditConfig(input.config);
+    if (!resolved.enabled) {
+        return {
+            enabled: false,
+            passed: true,
+            blocked: false,
+            registryLabels: [...input.registryLabels],
+            findings: [],
+            scannedFiles: 0,
+            scannedBytes: 0,
+            summary: buildSummary([]),
+        };
+    }
+    const findings = [];
+    const counters = { scannedFiles: 0, scannedBytes: 0 };
+    scanDirectory(input.rootDir, input.rootDir, findings, counters);
+    const summary = buildSummary(findings);
+    const blocked = resolved.blockOnCritical && summary.critical > 0;
+    return {
+        enabled: true,
+        passed: findings.length === 0,
+        blocked,
+        registryLabels: [...input.registryLabels],
+        findings,
+        scannedFiles: counters.scannedFiles,
+        scannedBytes: counters.scannedBytes,
+        summary,
+    };
+}
+export function formatInstallAuditFailure(ref, report) {
+    const lines = [`Security audit failed for ${ref}.`, formatInstallAuditSummary(report)];
+    for (const finding of report.findings.slice(0, 5)) {
+        lines.push(`- [${finding.severity}] ${finding.message}${finding.file ? ` (${finding.file})` : ""}`);
+    }
+    if (report.findings.length > 5) {
+        lines.push(`- ${report.findings.length - 5} more finding(s) omitted`);
+    }
+    lines.push("Disable blocking with `security.installAudit.blockOnCritical = false`, or disable audits with `security.installAudit.enabled = false`.");
+    return lines.join("\n");
+}
+export function formatInstallAuditSummary(report) {
+    if (!report.enabled)
+        return "Audit: disabled";
+    const severitySummary = [];
+    if (report.summary.critical > 0)
+        severitySummary.push(`${report.summary.critical} critical`);
+    if (report.summary.high > 0)
+        severitySummary.push(`${report.summary.high} high`);
+    if (report.summary.moderate > 0)
+        severitySummary.push(`${report.summary.moderate} moderate`);
+    if (report.summary.low > 0)
+        severitySummary.push(`${report.summary.low} low`);
+    const detail = severitySummary.length > 0 ? severitySummary.join(", ") : "no findings";
+    return `Audit: ${report.blocked ? "blocked" : report.passed ? "passed" : "warnings"} (${detail}; scanned ${report.scannedFiles} file${report.scannedFiles === 1 ? "" : "s"})`;
+}
+export function deriveRegistryLabels(input) {
+    const labels = new Set();
+    labels.add(input.source);
+    if (input.source === "github")
+        labels.add("github.com");
+    if (input.source === "npm")
+        labels.add("npm");
+    addUrlLabels(labels, input.artifactUrl);
+    addUrlLabels(labels, input.gitUrl);
+    if (input.source === "github" && input.ref.startsWith("github:")) {
+        labels.add("github");
+    }
+    return [...labels];
+}
+function scanDirectory(dir, rootDir, findings, counters) {
+    let entries;
+    try {
+        entries = fs.readdirSync(dir, { withFileTypes: true });
+    }
+    catch {
+        return;
+    }
+    for (const entry of entries) {
+        if (entry.name === ".git" || entry.name === "node_modules")
+            continue;
+        const fullPath = path.join(dir, entry.name);
+        if (entry.isDirectory()) {
+            scanDirectory(fullPath, rootDir, findings, counters);
+            continue;
+        }
+        if (!entry.isFile())
+            continue;
+        scanFile(fullPath, rootDir, findings, counters);
+    }
+}
+function scanFile(filePath, rootDir, findings, counters) {
+    const ext = path.extname(filePath).toLowerCase();
+    const basename = path.basename(filePath).toLowerCase();
+    if (basename !== "package.json" && !TEXT_FILE_EXTENSIONS.has(ext))
+        return;
+    let fileSize;
+    try {
+        fileSize = fs.statSync(filePath).size;
+    }
+    catch {
+        return;
+    }
+    const readSize = Math.min(fileSize, MAX_SCANNED_FILE_BYTES);
+    const buf = Buffer.alloc(readSize);
+    let bytesRead;
+    try {
+        const fd = fs.openSync(filePath, "r");
+        try {
+            bytesRead = fs.readSync(fd, buf, 0, readSize, 0);
+        }
+        finally {
+            fs.closeSync(fd);
+        }
+    }
+    catch {
+        return;
+    }
+    if (bytesRead === 0)
+        return;
+    const bytes = buf.subarray(0, bytesRead);
+    if (bytes.includes(0))
+        return;
+    counters.scannedFiles += 1;
+    counters.scannedBytes += bytesRead;
+    const content = bytes.toString("utf8");
+    const relativePath = path.relative(rootDir, filePath) || path.basename(filePath);
+    const genericContent = basename === "package.json" ? stripPackageJsonScripts(content) : content;
+    for (const rule of CONTENT_RULES) {
+        const match = genericContent.match(rule.pattern);
+        if (!match)
+            continue;
+        findings.push({
+            id: rule.id,
+            severity: rule.severity,
+            category: rule.category,
+            message: rule.message,
+            file: relativePath,
+            snippet: clipSnippet(match[0]),
+        });
+    }
+    if (basename === "package.json") {
+        scanPackageJson(content, relativePath, findings);
+    }
+}
+function stripPackageJsonScripts(content) {
+    let parsed;
+    try {
+        parsed = JSON.parse(content);
+    }
+    catch {
+        return content;
+    }
+    if (typeof parsed !== "object" || parsed === null || Array.isArray(parsed))
+        return content;
+    const packageJson = { ...parsed };
+    delete packageJson.scripts;
+    return JSON.stringify(packageJson, null, 2);
+}
+function scanPackageJson(content, relativePath, findings) {
+    let parsed;
+    try {
+        parsed = JSON.parse(content);
+    }
+    catch {
+        return;
+    }
+    if (typeof parsed !== "object" || parsed === null || Array.isArray(parsed))
+        return;
+    const scripts = parsed.scripts;
+    if (typeof scripts !== "object" || scripts === null || Array.isArray(scripts))
+        return;
+    for (const [name, command] of Object.entries(scripts)) {
+        if (!LIFECYCLE_SCRIPT_NAMES.has(name) || typeof command !== "string")
+            continue;
+        for (const rule of CONTENT_RULES) {
+            if (!rule.pattern.test(command))
+                continue;
+            findings.push({
+                id: `lifecycle-${name}-${rule.id}`,
+                severity: rule.severity,
+                category: "install-script",
+                message: `Lifecycle script "${name}" is suspicious: ${rule.message.toLowerCase()}`,
+                file: relativePath,
+                snippet: clipSnippet(command),
+            });
+        }
+    }
+}
+function clipSnippet(value) {
+    const normalized = value.replace(/\s+/g, " ").trim();
+    return normalized.length <= 140 ? normalized : `${normalized.slice(0, 137)}...`;
+}
+function buildSummary(findings) {
+    const summary = { low: 0, moderate: 0, high: 0, critical: 0, total: findings.length };
+    for (const finding of findings) {
+        summary[finding.severity] += 1;
+    }
+    return summary;
+}
+function addUrlLabels(labels, rawUrl) {
+    if (!rawUrl)
+        return;
+    try {
+        const parsed = new URL(rawUrl);
+        labels.add(parsed.hostname.toLowerCase());
+    }
+    catch {
+        // Ignore non-URL refs (for example git@host:path)
+    }
+}

package/dist/installed-kits.js

@@ -247,8 +247,8 @@ function tryResolveInstalledTarget(installed, target) {
     return undefined;
 }
 function toInstalledEntry(status) {
-    // KitInstallStatus extends InstalledKitEntry; omit the extra extractedDir field.
-    const { extractedDir: _extractedDir, ...base } = status;
+    // KitInstallStatus extends InstalledKitEntry; omit transient install-only fields.
+    const { extractedDir: _extractedDir, audit: _audit, ...base } = status;
     return base;
 }
 function toInstallStatus(status) {