atabey 0.0.6 → 0.0.7

package/dist/framework-mcp/src/tools/search/get_gaps.js

@@ -42,7 +42,7 @@ export function handleGetProjectGaps(projectRoot, args) {
                 type: "text",
                 text: results.length > 0
                     ? `Found ${results.length} gaps/todos:\n\n${results.join("\n")}`
-                    : "✅ No major gaps or TODOs found in the scanned directory."
+                    : "[OK] No major gaps or TODOs found in the scanned directory."
             }]
     };
 }

package/dist/framework-mcp/src/tools/search/get_gaps.js.map

@@ -1 +1 @@
-{"version":3,"file":"get_gaps.js","sourceRoot":"","sources":["../../../../../framework-mcp/src/tools/search/get_gaps.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAGnD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB,EAAE,IAAwB;IAC9E,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC;IACzD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;QACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO;QAChC,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAE1D,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;gBACtC,IAAI,IAAI,KAAK,cAAc,IAAI,IAAI,KAAK,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACtE,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACnB,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;gBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;oBAC1B,sBAAsB;oBACtB,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC1E,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,IAAI,KAAK,GAAG,CAAC,mBAAmB,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAChF,CAAC;oBAED,sDAAsD;oBACtD,IAAI,IAAI,CAAC,QAAQ,CAAC,mCAAmC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;wBAC7F,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,IAAI,KAAK,GAAG,CAAC,gBAAgB,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC7E,CAAC;gBACL,CAAC,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,CAAC;IAEb,OAAO;QACH,OAAO,EAAE,CAAC;gBACN,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;oBACpB,CAAC,CAAC,SAAS,OAAO,CAAC,MAAM,mBAAmB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAChE,CAAC,CAAC,0DAA0D;aACnE,CAAC;KACL,CAAC;AACN,CAAC"}
+{"version":3,"file":"get_gaps.js","sourceRoot":"","sources":["../../../../../framework-mcp/src/tools/search/get_gaps.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAGnD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB,EAAE,IAAwB;IAC9E,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC;IACzD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;QACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO;QAChC,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAE1D,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;gBACtC,IAAI,IAAI,KAAK,cAAc,IAAI,IAAI,KAAK,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACtE,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACnB,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;gBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;oBAC1B,sBAAsB;oBACtB,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC1E,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,IAAI,KAAK,GAAG,CAAC,mBAAmB,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAChF,CAAC;oBAED,sDAAsD;oBACtD,IAAI,IAAI,CAAC,QAAQ,CAAC,mCAAmC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;wBAC7F,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,IAAI,KAAK,GAAG,CAAC,gBAAgB,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC7E,CAAC;gBACL,CAAC,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,CAAC;IAEb,OAAO;QACH,OAAO,EAAE,CAAC;gBACN,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;oBACpB,CAAC,CAAC,SAAS,OAAO,CAAC,MAAM,mBAAmB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAChE,CAAC,CAAC,6DAA6D;aACtE,CAAC;KACL,CAAC;AACN,CAAC"}

package/dist/framework-mcp/src/tools/search/grep_search.js

@@ -11,7 +11,7 @@ export function handleGrepSearch(projectRoot, args) {
     if (!pattern) {
         const err = "Search pattern is required.";
         Metrics.logError(projectRoot, "@mcp", "grep_search", err);
-        return { isError: true, content: [{ type: "text", text: `❌ ${err}` }] };
+        return { isError: true, content: [{ type: "text", text: `[ERROR] ${err}` }] };
     }
     const results = [];
     try {
@@ -20,7 +20,7 @@ export function handleGrepSearch(projectRoot, args) {
     catch (e) {
         const err = `Invalid regex pattern: ${String(e)}`;
         Metrics.logError(projectRoot, "@mcp", "grep_search", err);
-        return { isError: true, content: [{ type: "text", text: `❌ ${err}` }] };
+        return { isError: true, content: [{ type: "text", text: `[ERROR] ${err}` }] };
     }
     const walk = (dir) => {
         if (results.length > 100)
@@ -62,7 +62,7 @@ export function handleGrepSearch(projectRoot, args) {
     catch (e) {
         const err = `Search failed: ${String(e)}`;
         Metrics.logError(projectRoot, "@mcp", "grep_search", err);
-        return { isError: true, content: [{ type: "text", text: `❌ ${err}` }] };
+        return { isError: true, content: [{ type: "text", text: `[ERROR] ${err}` }] };
     }
     return {
         content: [{

package/dist/framework-mcp/src/tools/search/grep_search.js.map

@@ -1 +1 @@
-{"version":3,"file":"grep_search.js","sourceRoot":"","sources":["../../../../../framework-mcp/src/tools/search/grep_search.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAEjD;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAAmB,EAAE,IAAoB;IACtE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAiB,CAAC;IACvC,MAAM,cAAc,GAAG,IAAI,CAAC,cAAwB,IAAI,EAAE,CAAC,CAAC,cAAc;IAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,cAAwB,IAAI,cAAc,CAAC;IAEvE,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,6BAA6B,CAAC;QAC1C,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAC5E,CAAC;IAED,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC;QACD,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,MAAM,GAAG,GAAG,0BAA0B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAC5E,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;QACzB,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG;YAAE,OAAO;QACjC,IAAI,CAAC;YACD,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACvB,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG;oBAAE,OAAO;gBACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBACtC,IAAI,cAAc,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACtD,SAAS;gBACb,CAAC;gBACD,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACnC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;oBACrB,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACnB,CAAC;qBAAM,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;oBACvB,IAAI,cAAc,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;wBACvD,SAAS;oBACb,CAAC;oBACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oBAClD,wEAAwE;oBACxE,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;4BACvB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBAC3B,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,yCAAyC;QAC7C,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,CAAC;IACtB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,MAAM,GAAG,GAAG,kBAAkB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAC5E,CAAC;IAED,OAAO;QACH,OAAO,EAAE,CAAC;gBACN,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;oBACpB,CAAC,CAAC,SAAS,OAAO,CAAC,MAAM,gBAAgB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAC7D,CAAC,CAAC,mBAAmB;aAC5B,CAAC;KACL,CAAC;AACN,CAAC"}
+{"version":3,"file":"grep_search.js","sourceRoot":"","sources":["../../../../../framework-mcp/src/tools/search/grep_search.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAEjD;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAAmB,EAAE,IAAoB;IACtE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAiB,CAAC;IACvC,MAAM,cAAc,GAAG,IAAI,CAAC,cAAwB,IAAI,EAAE,CAAC,CAAC,cAAc;IAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,cAAwB,IAAI,cAAc,CAAC;IAEvE,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,6BAA6B,CAAC;QAC1C,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAClF,CAAC;IAED,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC;QACD,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,MAAM,GAAG,GAAG,0BAA0B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAClF,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;QACzB,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG;YAAE,OAAO;QACjC,IAAI,CAAC;YACD,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACvB,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG;oBAAE,OAAO;gBACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBACtC,IAAI,cAAc,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACtD,SAAS;gBACb,CAAC;gBACD,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACnC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;oBACrB,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACnB,CAAC;qBAAM,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;oBACvB,IAAI,cAAc,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;wBACvD,SAAS;oBACb,CAAC;oBACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oBAClD,wEAAwE;oBACxE,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;4BACvB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBAC3B,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,yCAAyC;QAC7C,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,CAAC;IACtB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,MAAM,GAAG,GAAG,kBAAkB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAC;QAC1D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAClF,CAAC;IAED,OAAO;QACH,OAAO,EAAE,CAAC;gBACN,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;oBACpB,CAAC,CAAC,SAAS,OAAO,CAAC,MAAM,gBAAgB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAC7D,CAAC,CAAC,mBAAmB;aAC5B,CAAC;KACL,CAAC;AACN,CAAC"}

package/dist/framework-mcp/src/tools/types.d.ts

@@ -82,6 +82,7 @@ export interface RegisterAgentArgs {
     agent: string;
     role: string;
     capability?: number;
+    specialties?: Record<string, number>;
 }
 export interface StartDashboardArgs {
     port?: number;

package/dist/framework-mcp/src/utils/compliance.d.ts

@@ -3,3 +3,9 @@
  * Checks content against corporate standards using AST analysis before allowing file mutations.
  */
 export declare function verifyCorporateCompliance(content: string, filePath: string): void;
+export interface RiskAssessment {
+    isRisk: boolean;
+    reason?: string;
+}
+export declare function isHighRiskOperation(content: string, filePath: string): RiskAssessment;
+export declare function verifyRiskAndAwaitApproval(projectRoot: string, content: string, filePath: string): Promise<void>;

package/dist/framework-mcp/src/utils/compliance.js

@@ -1,4 +1,7 @@
 import ts from "typescript";
+import fs from "fs";
+import path from "path";
+import { resolveFrameworkDir } from "./security.js";
 /**
  * Enterprise Compliance Guardrail
  * Checks content against corporate standards using AST analysis before allowing file mutations.
@@ -22,7 +25,7 @@ export function verifyCorporateCompliance(content, filePath) {
                 if (["log", "warn", "error"].includes(name)) {
                     // Check if file is exempt
                     if (!filePath.includes("logger.ts") && !filePath.includes("check.ts") && !filePath.includes("cli.ts")) {
-                        errors.push(`❌ Corporate Compliance Breach: 'console.${name}' usage is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
+                        errors.push(`[ERROR] Corporate Compliance Breach: 'console.${name}' usage is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
                     }
                 }
             }
@@ -31,7 +34,7 @@ export function verifyCorporateCompliance(content, filePath) {
         if (ts.isTypeReferenceNode(node)) {
             if (ts.isIdentifier(node.typeName) && node.typeName.text === "any") {
                 if (!filePath.includes("definitions.ts") && !filePath.includes("types.ts")) {
-                    errors.push(`❌ Corporate Compliance Breach: 'any' type is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
+                    errors.push(`[ERROR] Corporate Compliance Breach: 'any' type is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
                 }
             }
         }
@@ -42,14 +45,14 @@ export function verifyCorporateCompliance(content, filePath) {
                 const forbiddenLibs = ["@chakra-ui", "mui", "@shadcn", "antd", "bootstrap"];
                 const lib = forbiddenLibs.find(l => moduleSpecifier.text.includes(l));
                 if (lib) {
-                    errors.push(`❌ Corporate Compliance Breach: External UI library '${lib}' usage is FORBIDDEN at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}. Build atomic components manually instead.`);
+                    errors.push(`[ERROR] Corporate Compliance Breach: External UI library '${lib}' usage is FORBIDDEN at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}. Build atomic components manually instead.`);
                 }
             }
         }
         // Handle 'any' as a keyword type (e.g., parameter: any)
         if (node.kind === ts.SyntaxKind.AnyKeyword) {
             if (!filePath.includes("definitions.ts") && !filePath.includes("types.ts")) {
-                errors.push(`❌ Corporate Compliance Breach: 'any' keyword is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
+                errors.push(`[ERROR] Corporate Compliance Breach: 'any' keyword is forbidden at line ${sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1}.`);
             }
         }
         ts.forEachChild(node, visit);
@@ -69,11 +72,161 @@ export function verifyCorporateCompliance(content, filePath) {
             if (msg.includes("Email") && (filePath.endsWith("README.md") || filePath.endsWith("package.json") || filePath.includes("CONTRIBUTING"))) {
                 continue;
             }
-            errors.push(`❌ Corporate Compliance Breach: ${msg} detected.`);
+            errors.push(`[ERROR] Corporate Compliance Breach: ${msg} detected.`);
         }
     }
     if (errors.length > 0) {
         throw new Error(errors.join("\n"));
     }
 }
+export function isHighRiskOperation(content, filePath) {
+    const fileName = filePath.toLowerCase();
+    // 1. Database Deletions / Table Drops
+    if (fileName.endsWith(".sql") || fileName.endsWith(".ts") || fileName.endsWith(".js") || fileName.endsWith(".go")) {
+        const dropRegex = /\b(DROP\s+(DATABASE|TABLE|SCHEMA|VIEW|INDEX)|TRUNCATE\s+TABLE)\b/i;
+        if (dropRegex.test(content)) {
+            return { isRisk: true, reason: "Database structural deletion detected (DROP/TRUNCATE)" };
+        }
+    }
+    // 2. Package Updates
+    if (fileName.endsWith("package.json")) {
+        return { isRisk: true, reason: "Dependency/package update operation detected" };
+    }
+    // 3. Deployment / Infrastructure Scripts
+    if (fileName.includes("deploy") ||
+        fileName.includes("dockerfile") ||
+        fileName.includes("docker-compose") ||
+        fileName.includes("k8s") ||
+        fileName.includes("kubernetes") ||
+        fileName.includes("github/workflows")) {
+        return { isRisk: true, reason: "Infrastructure or deployment script mutation detected" };
+    }
+    return { isRisk: false };
+}
+export async function verifyRiskAndAwaitApproval(projectRoot, content, filePath) {
+    const assessment = isHighRiskOperation(content, filePath);
+    if (!assessment.isRisk) {
+        return;
+    }
+    const frameworkDir = resolveFrameworkDir(projectRoot);
+    const absoluteFrameworkPath = path.isAbsolute(frameworkDir)
+        ? frameworkDir
+        : path.resolve(projectRoot, frameworkDir);
+    const statusPath = path.join(absoluteFrameworkPath, "memory", "status.json");
+    const statePath = path.join(absoluteFrameworkPath, "memory", "state.json");
+    const messagesDir = path.join(absoluteFrameworkPath, "messages");
+    const managerMsgPath = path.join(messagesDir, "manager.json");
+    let activeAgent = null;
+    let traceId = "UNKNOWN";
+    // 1. Resolve traceId from state.json
+    if (fs.existsSync(statePath)) {
+        try {
+            const state = JSON.parse(fs.readFileSync(statePath, "utf8"));
+            if (state && state.traceId) {
+                traceId = state.traceId;
+            }
+        }
+        catch { /* ignore */ }
+    }
+    // 2. Resolve active agent from status.json
+    let statusData = {};
+    if (fs.existsSync(statusPath)) {
+        try {
+            statusData = JSON.parse(fs.readFileSync(statusPath, "utf8"));
+            for (const [agentName, info] of Object.entries(statusData)) {
+                if (info.state === "EXECUTING") {
+                    activeAgent = agentName.startsWith("@") ? agentName : `@${agentName}`;
+                    break;
+                }
+            }
+        }
+        catch { /* ignore */ }
+    }
+    if (!activeAgent) {
+        throw new Error(`Security Exception: High-risk operation blocked. ${assessment.reason}. (No active executing agent found)`);
+    }
+    // 3. Update active agent status to WAITING_FOR_APPROVAL
+    const originalTask = statusData[activeAgent.replace("@", "")]?.task || statusData[activeAgent]?.task || "Executing task";
+    const statusKey = activeAgent.replace("@", "");
+    statusData[statusKey] = {
+        state: "WAITING_FOR_APPROVAL",
+        task: `[PAUSED] Waiting for approval: ${assessment.reason} on ${filePath}`
+    };
+    try {
+        fs.writeFileSync(statusPath, JSON.stringify(statusData, null, 2));
+    }
+    catch { /* ignore */ }
+    // 4. Create and append ALERT message to messages/manager.json
+    if (!fs.existsSync(messagesDir)) {
+        fs.mkdirSync(messagesDir, { recursive: true });
+    }
+    const alertMsg = {
+        timestamp: new Date().toISOString(),
+        from: activeAgent,
+        to: "@manager",
+        category: "ALERT",
+        content: `High-risk operation: ${assessment.reason} on ${filePath}`,
+        traceId: traceId,
+        status: "PENDING",
+        priority: "HIGH",
+        requiresApproval: true,
+        action: `MUTATION:${filePath}`
+    };
+    try {
+        fs.appendFileSync(managerMsgPath, JSON.stringify(alertMsg) + "\n");
+    }
+    catch (err) {
+        statusData[statusKey] = { state: "EXECUTING", task: originalTask };
+        fs.writeFileSync(statusPath, JSON.stringify(statusData, null, 2));
+        throw new Error(`Security Exception: Failed to queue approval request. ${String(err)}`, { cause: err });
+    }
+    // 5. Polling Loop: Wait for approval (up to 60 seconds)
+    const pollIntervalMs = 500;
+    const timeoutMs = 60000;
+    const start = Date.now();
+    while (Date.now() - start < timeoutMs) {
+        // Non-blocking wait
+        await new Promise(resolve => setTimeout(resolve, pollIntervalMs));
+        if (fs.existsSync(managerMsgPath)) {
+            try {
+                const contentStr = fs.readFileSync(managerMsgPath, "utf8").trim();
+                const lines = contentStr.split("\n");
+                let isApproved = false;
+                let isDenied = false;
+                for (const line of lines) {
+                    if (!line.trim())
+                        continue;
+                    const parsed = JSON.parse(line);
+                    if (parsed.traceId === traceId && parsed.category === "ALERT" && parsed.action === `MUTATION:${filePath}`) {
+                        if (parsed.status === "APPROVED") {
+                            isApproved = true;
+                        }
+                        else if (parsed.status === "PROCESSED" || parsed.status === "DENIED") {
+                            isDenied = true;
+                        }
+                    }
+                }
+                if (isApproved) {
+                    statusData[statusKey] = { state: "EXECUTING", task: originalTask };
+                    fs.writeFileSync(statusPath, JSON.stringify(statusData, null, 2));
+                    return;
+                }
+                if (isDenied) {
+                    throw new Error("Security Exception: High-risk operation was explicitly DENIED by user.");
+                }
+            }
+            catch (err) {
+                if (err.message.includes("explicitly DENIED")) {
+                    throw err;
+                }
+            }
+        }
+    }
+    statusData[statusKey] = { state: "EXECUTING", task: originalTask };
+    try {
+        fs.writeFileSync(statusPath, JSON.stringify(statusData, null, 2));
+    }
+    catch { /* ignore */ }
+    throw new Error(`Security Exception: High-risk operation timed out waiting for approval. (${assessment.reason})`);
+}
 //# sourceMappingURL=compliance.js.map

package/dist/framework-mcp/src/utils/compliance.js.map

@@ -1 +1 @@
-{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../../../framework-mcp/src/utils/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,YAAY,CAAC;AAE5B;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe,EAAE,QAAgB;IACvE,wEAAwE;IACxE,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC9F,OAAO;IACX,CAAC;IAED,MAAM,UAAU,GAAG,EAAE,CAAC,gBAAgB,CAClC,QAAQ,EACR,OAAO,EACP,EAAE,CAAC,YAAY,CAAC,MAAM,EACtB,IAAI,CACP,CAAC;IAEF,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B;;OAEG;IACH,SAAS,KAAK,CAAC,IAAa;QACxB,yBAAyB;QACzB,IAAI,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;YACtC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5B,IAAI,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC/D,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,0BAA0B;oBAC1B,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACpG,MAAM,CAAC,IAAI,CAAC,2CAA2C,IAAI,gCAAgC,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;oBACtK,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,4BAA4B;QAC5B,IAAI,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,IAAI,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACjE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBACzE,MAAM,CAAC,IAAI,CAAC,kEAAkE,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;gBACzJ,CAAC;YACL,CAAC;QACL,CAAC;QAED,0DAA0D;QAC1D,IAAI,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;YAC7C,IAAI,EAAE,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC;gBACtC,MAAM,aAAa,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;gBAC5E,MAAM,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtE,IAAI,GAAG,EAAE,CAAC;oBACN,MAAM,CAAC,IAAI,CAAC,uDAAuD,GAAG,gCAAgC,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,6CAA6C,CAAC,CAAC;gBAC3N,CAAC;YACL,CAAC;QACL,CAAC;QAED,wDAAwD;QACxD,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YACzC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzE,MAAM,CAAC,IAAI,CAAC,qEAAqE,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5J,CAAC;QACL,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,CAAC;IAElB,mCAAmC;IACnC,MAAM,WAAW,GAAG;QAChB,EAAE,KAAK,EAAE,+BAA+B,EAAE,GAAG,EAAE,mBAAmB,EAAE;QACpE,EAAE,KAAK,EAAE,8BAA8B,EAAE,GAAG,EAAE,kBAAkB,EAAE;QAClE,EAAE,KAAK,EAAE,gCAAgC,EAAE,GAAG,EAAE,oBAAoB,EAAE;QACtE,EAAE,KAAK,EAAE,gDAAgD,EAAE,GAAG,EAAE,6BAA6B,EAAE;QAC/F,EAAE,KAAK,EAAE,yCAAyC,EAAE,GAAG,EAAE,mCAAmC,EAAE;KACjG,CAAC;IAEF,KAAK,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,WAAW,EAAE,CAAC;QACvC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,6DAA6D;YAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;gBACtI,SAAS;YACb,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,kCAAkC,GAAG,YAAY,CAAC,CAAC;QACnE,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACvC,CAAC;AACL,CAAC"}
+{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../../../framework-mcp/src/utils/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,YAAY,CAAC;AAC5B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAEpD;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe,EAAE,QAAgB;IACvE,wEAAwE;IACxE,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC9F,OAAO;IACX,CAAC;IAED,MAAM,UAAU,GAAG,EAAE,CAAC,gBAAgB,CAClC,QAAQ,EACR,OAAO,EACP,EAAE,CAAC,YAAY,CAAC,MAAM,EACtB,IAAI,CACP,CAAC;IAEF,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B;;OAEG;IACH,SAAS,KAAK,CAAC,IAAa;QACxB,yBAAyB;QACzB,IAAI,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;YACtC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5B,IAAI,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC/D,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,0BAA0B;oBAC1B,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACpG,MAAM,CAAC,IAAI,CAAC,iDAAiD,IAAI,gCAAgC,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;oBAC5K,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,4BAA4B;QAC5B,IAAI,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,IAAI,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACjE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBACzE,MAAM,CAAC,IAAI,CAAC,wEAAwE,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC/J,CAAC;YACL,CAAC;QACL,CAAC;QAED,0DAA0D;QAC1D,IAAI,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;YAC7C,IAAI,EAAE,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC;gBACtC,MAAM,aAAa,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;gBAC5E,MAAM,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtE,IAAI,GAAG,EAAE,CAAC;oBACN,MAAM,CAAC,IAAI,CAAC,6DAA6D,GAAG,gCAAgC,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,6CAA6C,CAAC,CAAC;gBACjO,CAAC;YACL,CAAC;QACL,CAAC;QAED,wDAAwD;QACxD,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YACzC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzE,MAAM,CAAC,IAAI,CAAC,2EAA2E,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAClK,CAAC;QACL,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,CAAC;IAElB,mCAAmC;IACnC,MAAM,WAAW,GAAG;QAChB,EAAE,KAAK,EAAE,+BAA+B,EAAE,GAAG,EAAE,mBAAmB,EAAE;QACpE,EAAE,KAAK,EAAE,8BAA8B,EAAE,GAAG,EAAE,kBAAkB,EAAE;QAClE,EAAE,KAAK,EAAE,gCAAgC,EAAE,GAAG,EAAE,oBAAoB,EAAE;QACtE,EAAE,KAAK,EAAE,gDAAgD,EAAE,GAAG,EAAE,6BAA6B,EAAE;QAC/F,EAAE,KAAK,EAAE,yCAAyC,EAAE,GAAG,EAAE,mCAAmC,EAAE;KACjG,CAAC;IAEF,KAAK,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,WAAW,EAAE,CAAC;QACvC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,6DAA6D;YAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;gBACtI,SAAS;YACb,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,wCAAwC,GAAG,YAAY,CAAC,CAAC;QACzE,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACvC,CAAC;AACL,CAAC;AAOD,MAAM,UAAU,mBAAmB,CAAC,OAAe,EAAE,QAAgB;IACjE,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAExC,sCAAsC;IACtC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAChH,MAAM,SAAS,GAAG,mEAAmE,CAAC;QACtF,IAAI,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,uDAAuD,EAAE,CAAC;QAC7F,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACpC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,8CAA8C,EAAE,CAAC;IACpF,CAAC;IAED,yCAAyC;IACzC,IACI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QACnC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;QACxB,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EACvC,CAAC;QACC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,uDAAuD,EAAE,CAAC;IAC7F,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,WAAmB,EAAE,OAAe,EAAE,QAAgB;IACnG,MAAM,UAAU,GAAG,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC1D,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACrB,OAAO;IACX,CAAC;IAED,MAAM,YAAY,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,qBAAqB,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;QACvD,CAAC,CAAC,YAAY;QACd,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAE9C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;IAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC3E,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,UAAU,CAAC,CAAC;IACjE,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAE9D,IAAI,WAAW,GAAkB,IAAI,CAAC;IACtC,IAAI,OAAO,GAAW,SAAS,CAAC;IAEhC,qCAAqC;IACrC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;YAC7D,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACzB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;YAC5B,CAAC;QACL,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAC5B,CAAC;IAED,2CAA2C;IAC3C,IAAI,UAAU,GAAoD,EAAE,CAAC;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC;YACD,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;YAC7D,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzD,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;oBAC7B,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,EAAE,CAAC;oBACtE,MAAM;gBACV,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,UAAU,CAAC,MAAM,qCAAqC,CAAC,CAAC;IAChI,CAAC;IAED,wDAAwD;IACxD,MAAM,YAAY,GAAG,UAAU,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,IAAI,IAAI,gBAAgB,CAAC;IACzH,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC/C,UAAU,CAAC,SAAS,CAAC,GAAG;QACpB,KAAK,EAAE,sBAAsB;QAC7B,IAAI,EAAE,kCAAkC,UAAU,CAAC,MAAM,OAAO,QAAQ,EAAE;KAC7E,CAAC;IACF,IAAI,CAAC;QACD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAExB,8DAA8D;IAC9D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG;QACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,UAAU;QACd,QAAQ,EAAE,OAAO;QACjB,OAAO,EAAE,wBAAwB,UAAU,CAAC,MAAM,OAAO,QAAQ,EAAE;QACnE,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,MAAM;QAChB,gBAAgB,EAAE,IAAI;QACtB,MAAM,EAAE,YAAY,QAAQ,EAAE;KACjC,CAAC;IAEF,IAAI,CAAC;QACD,EAAE,CAAC,cAAc,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC;IACvE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,UAAU,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;QACnE,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,yDAAyD,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5G,CAAC;IAED,wDAAwD;IACxD,MAAM,cAAc,GAAG,GAAG,CAAC;IAC3B,MAAM,SAAS,GAAG,KAAK,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,SAAS,EAAE,CAAC;QACpC,oBAAoB;QACpB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YAChC,IAAI,CAAC;gBACD,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,UAAU,GAAG,KAAK,CAAC;gBACvB,IAAI,QAAQ,GAAG,KAAK,CAAC;gBAErB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;oBACvB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;wBAAE,SAAS;oBAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAChC,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,MAAM,KAAK,YAAY,QAAQ,EAAE,EAAE,CAAC;wBACxG,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;4BAC/B,UAAU,GAAG,IAAI,CAAC;wBACtB,CAAC;6BAAM,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;4BACrE,QAAQ,GAAG,IAAI,CAAC;wBACpB,CAAC;oBACL,CAAC;gBACL,CAAC;gBAED,IAAI,UAAU,EAAE,CAAC;oBACb,UAAU,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;oBACnE,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACX,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;gBAC9F,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,IAAK,GAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;oBACvD,MAAM,GAAG,CAAC;gBACd,CAAC;YACL,CAAC;QACL,CAAC;IACL,CAAC;IAED,UAAU,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;IACnE,IAAI,CAAC;QACD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IACxB,MAAM,IAAI,KAAK,CAAC,4EAA4E,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;AACtH,CAAC"}

package/dist/framework-mcp/src/utils/permissions.d.ts

@@ -0,0 +1,12 @@
+export interface PermissionMatrix {
+    [agent: string]: {
+        write: string[];
+        read?: string[];
+    };
+}
+/**
+ * Validates if the active agent has write permission for the target file.
+ * Automatically identifies the active agent by checking the status.json store
+ * for the agent in the "EXECUTING" state.
+ */
+export declare function verifyWritePermission(projectRoot: string, targetFilePath: string): void;

package/dist/framework-mcp/src/utils/permissions.js

@@ -0,0 +1,72 @@
+import fs from "fs";
+import path from "path";
+import { resolveFrameworkDir } from "./security.js";
+function globToRegex(glob) {
+    const escaped = glob.replace(/[.+^${}()|[\]\\]/g, "\\$&");
+    const step1 = escaped.replace(/\*\*/g, "__DBL_STR__");
+    const step2 = step1.replace(/\*/g, "[^/]*");
+    const regexStr = "^" + step2.replace(/__DBL_STR__/g, ".*") + "$";
+    return new RegExp(regexStr);
+}
+/**
+ * Validates if the active agent has write permission for the target file.
+ * Automatically identifies the active agent by checking the status.json store
+ * for the agent in the "EXECUTING" state.
+ */
+export function verifyWritePermission(projectRoot, targetFilePath) {
+    const frameworkDir = resolveFrameworkDir(projectRoot);
+    const absoluteFrameworkPath = path.isAbsolute(frameworkDir)
+        ? frameworkDir
+        : path.resolve(projectRoot, frameworkDir);
+    const matrixPath = path.join(absoluteFrameworkPath, "permission-matrix.json");
+    // If no permission matrix exists, skip enforcement (default allow)
+    if (!fs.existsSync(matrixPath)) {
+        return;
+    }
+    let matrix;
+    try {
+        matrix = JSON.parse(fs.readFileSync(matrixPath, "utf8"));
+    }
+    catch (e) {
+        throw new Error(`Failed to parse permission-matrix.json: ${String(e)}`, { cause: e });
+    }
+    // Determine the active agent from status.json
+    const statusPath = path.join(absoluteFrameworkPath, "memory", "status.json");
+    let activeAgent = null;
+    if (fs.existsSync(statusPath)) {
+        try {
+            const status = JSON.parse(fs.readFileSync(statusPath, "utf8"));
+            // Find an agent that is currently in the EXECUTING state
+            for (const [agentName, info] of Object.entries(status)) {
+                const data = info;
+                if (data.state === "EXECUTING") {
+                    activeAgent = agentName.startsWith("@") ? agentName : `@${agentName}`;
+                    break;
+                }
+            }
+        }
+        catch (e) {
+            // Log warning but don't crash, default to allowing if status can't be parsed
+            process.stderr.write(`[Permissions] Warning: Failed to read status.json: ${String(e)}\n`);
+        }
+    }
+    // If no active executing agent is found, default to allowing
+    if (!activeAgent) {
+        return;
+    }
+    const agentRules = matrix[activeAgent];
+    // If no rules defined for the agent, default to allowing
+    if (!agentRules || !agentRules.write) {
+        return;
+    }
+    // Resolve target path relative to project root for glob matching
+    const relativeTargetPath = path.relative(projectRoot, path.resolve(projectRoot, targetFilePath));
+    const allowed = agentRules.write.some(glob => {
+        const regex = globToRegex(glob);
+        return regex.test(relativeTargetPath);
+    });
+    if (!allowed) {
+        throw new Error(`Permission Denied: Agent ${activeAgent} is not authorized to write to "${relativeTargetPath}". Matrix rules restrict writes to: [${agentRules.write.join(", ")}].`);
+    }
+}
+//# sourceMappingURL=permissions.js.map

package/dist/framework-mcp/src/utils/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../../../framework-mcp/src/utils/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AASpD,SAAS,WAAW,CAAC,IAAY;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;IAC1D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC;IACjE,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC;AAChC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,WAAmB,EAAE,cAAsB;IAC7E,MAAM,YAAY,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,qBAAqB,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;QACvD,CAAC,CAAC,YAAY;QACd,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAE9C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,CAAC;IAE9E,mEAAmE;IACnE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC7B,OAAO;IACX,CAAC;IAED,IAAI,MAAwB,CAAC;IAC7B,IAAI,CAAC;QACD,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,2CAA2C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;IAC7E,IAAI,WAAW,GAAkB,IAAI,CAAC;IAEtC,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;YAC/D,yDAAyD;YACzD,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,GAAG,IAAyB,CAAC;gBACvC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;oBAC7B,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,EAAE,CAAC;oBACtE,MAAM;gBACV,CAAC;YACL,CAAC;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,6EAA6E;YAC7E,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sDAAsD,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC9F,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,IAAI,CAAC,WAAW,EAAE,CAAC;QACf,OAAO;IACX,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC;IACvC,yDAAyD;IACzD,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACnC,OAAO;IACX,CAAC;IAED,iEAAiE;IACjE,MAAM,kBAAkB,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;IAEjG,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACzC,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,4BAA4B,WAAW,mCAAmC,kBAAkB,wCAAwC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzL,CAAC;AACL,CAAC"}

package/dist/framework-mcp/tests/tools/file_system/compliance-risk.test.js

@@ -0,0 +1,84 @@
+import { describe, expect, it, beforeEach, afterEach, vi } from "vitest";
+import fs from "fs";
+import path from "path";
+import os from "os";
+import { isHighRiskOperation, verifyRiskAndAwaitApproval } from "../../../src/utils/compliance.js";
+describe("Policy Engine - High Risk Assessment & Human Approval", () => {
+    let tempDir;
+    let frameworkDir;
+    let messagesDir;
+    beforeEach(() => {
+        tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "atabey-risk-test-"));
+        frameworkDir = path.join(tempDir, ".atabey");
+        messagesDir = path.join(frameworkDir, "messages");
+        fs.mkdirSync(frameworkDir, { recursive: true });
+        fs.mkdirSync(path.join(frameworkDir, "memory"), { recursive: true });
+        fs.mkdirSync(messagesDir, { recursive: true });
+        process.env.ATABEY_TEST_DIR = frameworkDir;
+    });
+    afterEach(() => {
+        delete process.env.ATABEY_TEST_DIR;
+        fs.rmSync(tempDir, { recursive: true, force: true });
+        vi.restoreAllMocks();
+    });
+    it("should correctly identify database deletions as high risk", () => {
+        const sqlContent = "DROP TABLE users;";
+        const tsContent = "const q = 'DROP DATABASE prod;';";
+        const safeContent = "SELECT * FROM users;";
+        expect(isHighRiskOperation(sqlContent, "schema.sql").isRisk).toBe(true);
+        expect(isHighRiskOperation(tsContent, "db.ts").isRisk).toBe(true);
+        expect(isHighRiskOperation(safeContent, "query.sql").isRisk).toBe(false);
+    });
+    it("should identify package.json dependency modifications as high risk", () => {
+        const pkgContent = JSON.stringify({
+            dependencies: {
+                "express": "^4.18.2"
+            }
+        });
+        expect(isHighRiskOperation(pkgContent, "package.json").isRisk).toBe(true);
+    });
+    it("should identify infrastructure script mutations as high risk", () => {
+        const dockerContent = "FROM node:18\nRUN npm install";
+        const deploySh = "#!/bin/bash\n/usr/bin/deploy.sh";
+        expect(isHighRiskOperation(dockerContent, "Dockerfile").isRisk).toBe(true);
+        expect(isHighRiskOperation(deploySh, "scripts/deploy.sh").isRisk).toBe(true);
+    });
+    it("should write WAITING_FOR_APPROVAL status and block/await approval in polling loop", async () => {
+        const statusPath = path.join(frameworkDir, "memory", "status.json");
+        const statePath = path.join(frameworkDir, "memory", "state.json");
+        const managerMsgPath = path.join(messagesDir, "manager.json");
+        // Set state
+        fs.writeFileSync(statePath, JSON.stringify({ traceId: "T-RISK-999" }));
+        // Set active agent executing
+        const status = {
+            "backend": {
+                state: "EXECUTING",
+                task: "Refactoring API"
+            }
+        };
+        fs.writeFileSync(statusPath, JSON.stringify(status, null, 2));
+        // Simulate a background process that approves the transaction after 1.5 seconds
+        setTimeout(() => {
+            if (fs.existsSync(managerMsgPath)) {
+                const lines = fs.readFileSync(managerMsgPath, "utf8").trim().split("\n");
+                const newLines = lines.map(l => {
+                    const parsed = JSON.parse(l);
+                    if (parsed.traceId === "T-RISK-999") {
+                        parsed.status = "APPROVED";
+                    }
+                    return JSON.stringify(parsed);
+                });
+                fs.writeFileSync(managerMsgPath, newLines.join("\n") + "\n");
+            }
+        }, 1500);
+        // Run verifyRiskAndAwaitApproval with high-risk content
+        const start = Date.now();
+        await verifyRiskAndAwaitApproval(tempDir, "DROP TABLE sensitive_data;", "schema.sql");
+        const duration = Date.now() - start;
+        expect(duration).toBeGreaterThanOrEqual(1400);
+        // Verify status is reverted to EXECUTING
+        const updatedStatus = JSON.parse(fs.readFileSync(statusPath, "utf8"));
+        expect(updatedStatus.backend.state).toBe("EXECUTING");
+    });
+});
+//# sourceMappingURL=compliance-risk.test.js.map

package/dist/framework-mcp/tests/tools/file_system/compliance-risk.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance-risk.test.js","sourceRoot":"","sources":["../../../../../framework-mcp/tests/tools/file_system/compliance-risk.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,mBAAmB,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAEnG,QAAQ,CAAC,uDAAuD,EAAE,GAAG,EAAE;IACnE,IAAI,OAAe,CAAC;IACpB,IAAI,YAAoB,CAAC;IACzB,IAAI,WAAmB,CAAC;IAExB,UAAU,CAAC,GAAG,EAAE;QACZ,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,mBAAmB,CAAC,CAAC,CAAC;QACtE,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC7C,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAElD,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChD,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE/C,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,YAAY,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACX,OAAO,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QACnC,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,EAAE,CAAC,eAAe,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;QACjE,MAAM,UAAU,GAAG,mBAAmB,CAAC;QACvC,MAAM,SAAS,GAAG,kCAAkC,CAAC;QACrD,MAAM,WAAW,GAAG,sBAAsB,CAAC;QAE3C,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxE,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClE,MAAM,CAAC,mBAAmB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oEAAoE,EAAE,GAAG,EAAE;QAC1E,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC;YAC9B,YAAY,EAAE;gBACV,SAAS,EAAE,SAAS;aACvB;SACJ,CAAC,CAAC;QACH,MAAM,CAAC,mBAAmB,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;QACpE,MAAM,aAAa,GAAG,+BAA+B,CAAC;QACtD,MAAM,QAAQ,GAAG,iCAAiC,CAAC;QAEnD,MAAM,CAAC,mBAAmB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,mBAAmB,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mFAAmF,EAAE,KAAK,IAAI,EAAE;QAC/F,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QACpE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QAClE,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAE9D,YAAY;QACZ,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QAEvE,6BAA6B;QAC7B,MAAM,MAAM,GAAG;YACX,SAAS,EAAE;gBACP,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,iBAAiB;aAC1B;SACJ,CAAC;QACF,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAE9D,gFAAgF;QAChF,UAAU,CAAC,GAAG,EAAE;YACZ,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBAChC,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACzE,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;oBAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAC7B,IAAI,MAAM,CAAC,OAAO,KAAK,YAAY,EAAE,CAAC;wBAClC,MAAM,CAAC,MAAM,GAAG,UAAU,CAAC;oBAC/B,CAAC;oBACD,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;gBAClC,CAAC,CAAC,CAAC;gBACH,EAAE,CAAC,aAAa,CAAC,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;YACjE,CAAC;QACL,CAAC,EAAE,IAAI,CAAC,CAAC;QAET,wDAAwD;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,0BAA0B,CAAC,OAAO,EAAE,4BAA4B,EAAE,YAAY,CAAC,CAAC;QAEtF,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QACpC,MAAM,CAAC,QAAQ,CAAC,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;QAE9C,yCAAyC;QACzC,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;QACtE,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}