auramaxx 0.0.13 → 0.0.15

package/src/server/cli/commands/init.ts

@@ -335,30 +335,30 @@ async function readPasswordFromStdin(timeoutMs = 15_000): Promise<string> {
 }
 
 async function configureLocalSocketTrust(token: string): Promise<void> {
-  printSection('Local Agent Trust', 'Choose default local agent mode.');
+  printSection('Local Agent Trust', 'How much do you trust your agent?');
 
   const profile = resolveLocalAgentModeChoice(
     await promptSelect(
-      '  Local agent mode',
+      '  How much do you trust your agent?',
       [
-        { value: 'dev', label: 'dev', aliases: ['1', 'recommended'] },
-        { value: 'strict', label: 'strict', aliases: ['2'] },
-        { value: 'admin', label: 'admin', aliases: ['3', 'dangerous'] },
+        { value: 'admin', label: 'maxx (admin)', aliases: ['1', 'default', 'maxx', 'work'] },
+        { value: 'dev', label: 'mid (dev)', aliases: ['2', 'mid', 'dev', 'recommended'] },
+        { value: 'strict', label: 'sus (local)', aliases: ['3', 'sus', 'local', 'strict'] },
       ],
-      'dev',
+      'admin',
     ),
   );
   await persistLocalAgentTrustDefaults(token, profile);
 
   if (profile === 'strict') {
-    console.log('  ✓ Strict mode enabled. Local auto-approve is OFF; agent requests require manual approval.\n');
+    console.log('  ✓ Sus mode enabled. Local auto-approve is OFF; agent requests require manual approval.\n');
     return;
   }
   if (profile === 'admin') {
-    console.log('  ✓ Admin mode enabled. WARNING: local agents get broad access.\n');
+    console.log('  ✓ Maxx mode enabled. WARNING: local agents get broad access.\n');
     return;
   }
-  console.log('  ✓ Dev mode enabled. Local auto-approve remains ON with scoped profile.\n');
+  console.log('  ✓ Mid mode enabled. Local auto-approve remains ON with scoped profile.\n');
 }
 
 async function configureApiKey(

package/src/server/cli/commands/skill.ts

@@ -121,7 +121,7 @@ function patchHeartbeatFile(heartbeatPath: string): boolean {
     '1. Call `GET /what_is_happening` (prefer `?since=<last_timestamp_ms>`).',
     '2. Review in order: `summary` → `highlights` → `humanActions` → `recentEvents` → `syncHealth`.',
     '3. Prioritize engagement first (most important to least): pending approvals needing human action → new errors/sync issues → unusual secret access activity → routine no-change status.',
-    '4. Write a conversational, human-readable update (not replay dumps), delta-first.',
+    '4. Write a short, high-signal update in productive brainrot tone: conversational + direct, never robotic.',
     '5. Always include auth counts from `summary.authorizations` (`pending/approved/rejected`) and accessed secret names from `summary.secrets.names`.',
     '6. For pending approvals: counts first, grouped reason, short IDs only unless escalated.',
     '7. If `summary.secrets.count > 0`, say exactly which secret(s) were accessed (top 1-3 names) and by whom when possible (`summary.secrets.byAgent`).',
@@ -130,7 +130,10 @@ function patchHeartbeatFile(heartbeatPath: string): boolean {
     '10. If no material change, use `HEARTBEAT_VIBES` style (brainrot + vault status + aura quote) while still including auth/secrets counts.',
     '11. Do not write placeholder diary text like `heartbeat: logged`.',
     '12. If diary write fails after retry, reply `FOLLOWUP_NEEDED: diary_write_failed <reason>`.',
-    '13. Response style: `HEARTBEAT_OK - Checked AuraMaxx, all good.` for no-change; otherwise `Checked AuraMaxx - ...` with a short conversational summary.',
+    '13. Response style:',
+    '   - no-change: `HEARTBEAT_OK: aura stable. Auth X pending / Y approved / Z rejected. Secrets none touched. Delta no material change.`',
+    '   - changed: `Checked AuraMaxx: [delta first]. Auth X/Y/Z. Secrets [top names]. Why it matters [impact]. Next move [plan].`',
+    '14. Avoid stiff phrases like `No approvals are currently pending` or long replay paragraphs; keep it punchy (2-5 sentences max unless follow-up is needed).',
     '',
   ].join('\n');
 

package/src/server/cli/lib/credential-resolve.ts

@@ -146,10 +146,23 @@ export async function readCredential(
   readToken: string,
   credentialId: string,
   decryptFn: (encrypted: string) => string,
+  requestedFields?: string[],
 ): Promise<DecryptedCredential> {
+  const normalizedRequestedFields = Array.from(new Set(
+    (requestedFields || [])
+      .map((value) => String(value || '').trim())
+      .filter((value) => value.length > 0),
+  ));
+  const requestBody = normalizedRequestedFields.length > 0
+    ? JSON.stringify({ requestedFields: normalizedRequestedFields })
+    : undefined;
   const res = await fetch(`${baseUrl}/credentials/${credentialId}/read`, {
     method: 'POST',
-    headers: { Authorization: `Bearer ${readToken}` },
+    headers: {
+      Authorization: `Bearer ${readToken}`,
+      ...(requestBody ? { 'Content-Type': 'application/json' } : {}),
+    },
+    ...(requestBody ? { body: requestBody } : {}),
     signal: AbortSignal.timeout(5000),
   });
   if (!res.ok) {
@@ -190,9 +203,13 @@ export async function resolveMappings(
   }
 
   const uniqueTargets = new Map<string, AuraMapping>();
+  const requestedFieldsByTarget = new Map<string, Set<string>>();
   for (const mapping of mappings) {
     const key = `${(mapping.agent || '').toLowerCase()}::${mapping.credentialName.toLowerCase()}`;
     if (!uniqueTargets.has(key)) uniqueTargets.set(key, mapping);
+    const requested = requestedFieldsByTarget.get(key) || new Set<string>();
+    requested.add(mapping.field);
+    requestedFieldsByTarget.set(key, requested);
   }
 
   const targetList = [...uniqueTargets.values()];
@@ -228,11 +245,13 @@ export async function resolveMappings(
         }
 
         try {
+          const requestedFields = Array.from(requestedFieldsByTarget.get(cacheKey) || []);
           const decrypted = await readCredential(
             baseUrl,
             readToken,
             meta.id,
             decryptFn,
+            requestedFields,
           );
           credentialCache.set(cacheKey, decrypted);
         } catch (err) {

package/src/server/cli/lib/local-agent-trust.ts

@@ -9,9 +9,10 @@ export interface LocalAgentTrustDefaults {
 
 export function resolveLocalAgentModeChoice(input: string): LocalAgentProfileMode {
   const normalized = input.trim().toLowerCase();
-  if (normalized === '2' || normalized === 'strict') return 'strict';
-  if (normalized === '3' || normalized === 'admin') return 'admin';
-  return 'dev';
+  if (normalized === '1' || normalized === 'admin' || normalized === 'maxx' || normalized === 'work') return 'admin';
+  if (normalized === '3' || normalized === 'strict' || normalized === 'sus' || normalized === 'local') return 'strict';
+  if (normalized === '2' || normalized === 'dev' || normalized === 'mid' || normalized === 'recommended') return 'dev';
+  return 'admin';
 }
 
 export function toLocalAgentTrustDefaults(profile: LocalAgentProfileMode): LocalAgentTrustDefaults {

package/src/server/lib/agent-profiles.ts

@@ -94,13 +94,14 @@ const BUILTIN_PROFILES: AgentPolicyProfileV1[] = [
     rationale: 'Use for day-to-day local dev workflows without granting financial operations.',
     permissions: ['wallet:list', 'secret:read', 'secret:write', 'action:create', 'action:read', 'action:resolve'],
     credentialAccess: {
-      readScopes: ['agent:*'],
-      writeScopes: ['agent:*'],
+      // Keep legacy `agent` alias for migrated installs while scoping to primary-only access.
+      readScopes: ['agent:primary', 'agent:agent'],
+      writeScopes: ['agent:primary', 'agent:agent'],
       excludeFields: ['cvv', 'seedPhrase', 'privateKey', 'refresh_token'],
       maxReads: 500,
     },
     tokenDefaults: { ttlSeconds: 7 * 24 * 60 * 60, maxReads: 500 },
-    warnings: ['Includes secret:write. Prefer dedicated non-primary agents for agent-managed credentials.'],
+    warnings: ['Includes secret:write. Credential scope is limited to the primary agent (legacy alias included).'],
   },
   {
     id: 'admin',

package/src/server/lib/update-check.ts

@@ -34,6 +34,10 @@ export function buildUpdateCommand(packageName = 'auramaxx'): string {
   return `npm install -g ${packageName} --foreground-scripts`;
 }
 
+export function buildUpdateForceCommand(packageName = 'auramaxx'): string {
+  return `${buildUpdateCommand(packageName)} --force`;
+}
+
 export function buildNpxLatestCommand(packageName = 'auramaxx', args: string[] = []): string {
   const suffix = args.length > 0 ? ` ${args.join(' ')}` : '';
   return `npx --yes ${packageName}@latest${suffix}`;

package/src/server/mcp/server.ts

@@ -43,7 +43,9 @@ import {
   resolveDiaryDate,
 } from '../lib/diary';
 import {
+  canonicalizeCredentialFieldKey,
   getCredentialFieldValue,
+  getCredentialPrimaryFieldKey,
   NOTE_CONTENT_KEY,
 } from '../../../shared/credential-field-schema';
 import { defaultSecretEnvVarName, normalizeEnvVarName } from '../lib/secret-env';
@@ -1013,7 +1015,7 @@ async function resolveCredentialByName(
   name: string,
   authTokenOverride?: string,
 ): Promise<
-  | { credentialId: string; credentialName: string }
+  | { credentialId: string; credentialName: string; credentialType?: string }
   | { error: string; escalation?: McpToolResponse }
 > {
   const base = WALLET_BASE();
@@ -1045,7 +1047,7 @@ async function resolveCredentialByName(
       }
       if (!res.ok) continue;
 
-      const data = await res.json() as { credentials: Array<{ id: string; name: string; agentId: string }> };
+      const data = await res.json() as { credentials: Array<{ id: string; name: string; type?: string; agentId: string }> };
       if (!data.credentials || data.credentials.length === 0) continue;
 
       const decision = evaluateProjectScopeAccess({
@@ -1075,7 +1077,11 @@ async function resolveCredentialByName(
       const scopedCandidates = data.credentials.filter((c) => allowedIds.has(c.id));
       if (scopedCandidates.length === 0) continue;
 
-      return { credentialId: scopedCandidates[0].id, credentialName: scopedCandidates[0].name };
+      return {
+        credentialId: scopedCandidates[0].id,
+        credentialName: scopedCandidates[0].name,
+        credentialType: scopedCandidates[0].type,
+      };
     }
   } catch (err) {
     return { error: `Search failed: ${err}` };
@@ -1184,6 +1190,20 @@ function extractPrimarySecretValue(
   return noteField || sensitiveField || fields[0]?.value || '';
 }
 
+function findCredentialFieldValue(
+  credentialType: string | undefined,
+  fields: Array<{ key: string; value: string; type?: string; sensitive?: boolean }>,
+  requestedField: string,
+): string | undefined {
+  const trimmed = String(requestedField || '').trim();
+  if (!trimmed) return undefined;
+  const directMatch = fields.find((field) => field.key.toLowerCase() === trimmed.toLowerCase());
+  if (directMatch) return directMatch.value;
+  const canonicalKey = canonicalizeCredentialFieldKey(String(credentialType || 'custom'), trimmed).toLowerCase();
+  const canonicalMatch = fields.find((field) => field.key.toLowerCase() === canonicalKey);
+  return canonicalMatch?.value;
+}
+
 function renderSecretValue(secretValue: string, dangerPlaintext: boolean): string {
   return dangerPlaintext ? secretValue : '*******';
 }
@@ -1444,9 +1464,10 @@ function applyClaimResponseToPendingAuth(
 // ── get_secret ─────────────────────────────────────────────────────────
 server.tool(
   'get_secret',
-  'Look up a stored credential/secret by name or tag, inject its primary value into a default env var, and return redacted metadata unless dangerPlaintext is explicitly enabled.',
+  'Look up a stored credential/secret by name or tag, inject its primary value (or explicit field) into a default env var, and return redacted metadata unless dangerPlaintext is explicitly enabled.',
   {
     name: z.string().describe('Name or tag to search for (e.g. "GitHub", "openai", "deploy")'),
+    field: z.string().optional().describe('Optional explicit field key to read (e.g. "password", "cvv"). When omitted, reads the credential primary field.'),
     command: z.array(z.string()).optional().describe('Optional command + args to spawn with injected env var (e.g. ["node", "script.js"]). If omitted, sets env var in MCP server process and returns WHATDO guidance.'),
     dangerPlaintext: z.boolean().optional().describe('If true, include plaintext secret in output (unsafe). Defaults to false (masked).'),
     reqId: z.string().optional().describe('Optional approval request id for one-shot claim retry binding'),
@@ -1454,11 +1475,13 @@ server.tool(
   async (input) => {
     const {
       name,
+      field,
       command,
       dangerPlaintext,
       reqId,
-    } = input as { name: string; command?: string[]; dangerPlaintext?: boolean; reqId?: string };
+    } = input as { name: string; field?: string; command?: string[]; dangerPlaintext?: boolean; reqId?: string };
     const revealPlaintext = dangerPlaintext === true;
+    const requestedField = String(field || '').trim();
 
     if (isGetSecretRateLimited()) {
       return { content: [{ type: 'text' as const, text: JSON.stringify({ error: 'Rate limited — too many get_secret requests. Try again in 1 minute.' }) }] };
@@ -1473,7 +1496,7 @@ server.tool(
     const credentialNameFromBinding = authContext.mode === 'one_shot' ? authContext.binding?.credentialName : undefined;
 
     const resolved = credentialIdFromBinding
-      ? { credentialId: credentialIdFromBinding, credentialName: credentialNameFromBinding || name }
+      ? { credentialId: credentialIdFromBinding, credentialName: credentialNameFromBinding || name, credentialType: undefined }
       : await resolveCredentialByName(name, authToken);
     if ('error' in resolved) {
       if ('escalation' in resolved && resolved.escalation) return resolved.escalation;
@@ -1481,6 +1504,17 @@ server.tool(
     }
 
     const { credentialId, credentialName } = resolved;
+    const requestedFields = requestedField
+      ? [requestedField]
+      : resolved.credentialType
+        ? [getCredentialPrimaryFieldKey(resolved.credentialType)]
+        : [];
+    const readPayload = requestedFields.length > 0
+      ? { requestedFields }
+      : {};
+    const readBody = requestedFields.length > 0
+      ? JSON.stringify(readPayload)
+      : undefined;
     if (authContext.mode === 'one_shot' && authContext.reqId && authContext.binding) {
       const bindingError = validateOneShotCredentialReadBinding({
         reqId: authContext.reqId,
@@ -1499,10 +1533,12 @@ server.tool(
         method: 'POST',
         headers: {
           'Authorization': `Bearer ${authToken}`,
+          ...(readBody ? { 'Content-Type': 'application/json' } : {}),
           'X-Secret-Surface': 'get_secret',
           'X-Credential-Name': credentialName || name,
           'X-Aura-Original-Command': `mcp get_secret ${JSON.stringify(name)}`,
         },
+        ...(readBody ? { body: readBody } : {}),
         signal: AbortSignal.timeout(5000),
       });
 
@@ -1516,7 +1552,7 @@ server.tool(
             permissions: ['secret:read'],
             endpoint: `/credentials/${credentialId}/read`,
             method: 'POST',
-            body: {},
+            body: readPayload,
           });
         }
         return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Read failed (${res.status}): ${text}` }) }] };
@@ -1549,9 +1585,19 @@ server.tool(
         }
       }
 
-      const secretValue = extractPrimarySecretValue(decrypted.fields);
-      if (!secretValue) {
-        return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Credential "${credentialName || name}" has no extractable secret value` }) }] };
+      let secretValue = '';
+      if (requestedField) {
+        const requestedValue = findCredentialFieldValue(decrypted.type || resolved.credentialType, decrypted.fields, requestedField);
+        if (requestedValue === undefined) {
+          const availableFields = decrypted.fields.map((entry) => entry.key).join(', ');
+          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Field "${requestedField}" not found on credential "${credentialName || name}"`, availableFields }) }] };
+        }
+        secretValue = requestedValue;
+      } else {
+        secretValue = extractPrimarySecretValue(decrypted.fields);
+        if (!secretValue) {
+          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Credential "${credentialName || name}" has no extractable secret value` }) }] };
+        }
       }
 
       const resolvedEnvVar = defaultSecretEnvVarName(credentialName || name);
@@ -1933,9 +1979,10 @@ server.tool(
 // ── inject_secret ──────────────────────────────────────────────────────
 server.tool(
   'inject_secret',
-  'Look up a credential by name, extract its primary secret field, and inject it into env for MCP process or a child command. Output is redacted unless dangerPlaintext is enabled.',
+  'Look up a credential by name, extract its primary secret field (or explicit field), and inject it into env for MCP process or a child command. Output is redacted unless dangerPlaintext is enabled.',
   {
     name: z.string().describe('Name or tag of the credential to inject'),
+    field: z.string().optional().describe('Optional explicit field key to inject instead of the credential primary field.'),
     envVar: z.string().optional().describe('Optional environment variable name (defaults to AURA_{SECRETNAME}, e.g. "AURA_OPENAI_API_KEY")'),
     command: z.array(z.string()).optional().describe('Optional command + args to spawn with injected env var (e.g. ["node", "script.js"]). If omitted, sets env var in MCP server process and returns WHATDO guidance.'),
     dangerPlaintext: z.boolean().optional().describe('If true, include plaintext secret in output (unsafe). Defaults to false (masked).'),
@@ -1944,12 +1991,14 @@ server.tool(
   async (input) => {
     const {
       name,
+      field,
       envVar,
       command,
       dangerPlaintext,
       reqId,
-    } = input as { name: string; envVar?: string; command?: string[]; dangerPlaintext?: boolean; reqId?: string };
+    } = input as { name: string; field?: string; envVar?: string; command?: string[]; dangerPlaintext?: boolean; reqId?: string };
     const revealPlaintext = dangerPlaintext === true;
+    const requestedField = String(field || '').trim();
     const resolvedEnvVar = normalizeEnvVarName(envVar || defaultSecretEnvVarName(name));
     if (!resolvedEnvVar) {
       return { content: [{ type: 'text' as const, text: JSON.stringify({ error: 'Invalid envVar. Expected shell env var format like AURA_SECRET or GITHUB_PAT.' }) }] };
@@ -1968,7 +2017,7 @@ server.tool(
     const credentialNameFromBinding = authContext.mode === 'one_shot' ? authContext.binding?.credentialName : undefined;
 
     const resolved = credentialIdFromBinding
-      ? { credentialId: credentialIdFromBinding, credentialName: credentialNameFromBinding || name }
+      ? { credentialId: credentialIdFromBinding, credentialName: credentialNameFromBinding || name, credentialType: undefined }
       : await resolveCredentialByName(name, authToken);
     if ('error' in resolved) {
       if ('escalation' in resolved && resolved.escalation) return resolved.escalation;
@@ -1976,6 +2025,17 @@ server.tool(
     }
 
     const base = WALLET_BASE();
+    const requestedFields = requestedField
+      ? [requestedField]
+      : resolved.credentialType
+        ? [getCredentialPrimaryFieldKey(resolved.credentialType)]
+        : [];
+    const readPayload = requestedFields.length > 0
+      ? { requestedFields }
+      : {};
+    const readBody = requestedFields.length > 0
+      ? JSON.stringify(readPayload)
+      : undefined;
     if (authContext.mode === 'one_shot' && authContext.reqId && authContext.binding) {
       const bindingError = validateOneShotCredentialReadBinding({
         reqId: authContext.reqId,
@@ -1994,11 +2054,13 @@ server.tool(
         method: 'POST',
         headers: {
           'Authorization': `Bearer ${authToken}`,
+          ...(readBody ? { 'Content-Type': 'application/json' } : {}),
           'X-Secret-Surface': 'inject_secret',
           'X-Secret-EnvVar': resolvedEnvVar,
           'X-Credential-Name': resolved.credentialName || name,
           'X-Aura-Original-Command': `mcp inject_secret ${JSON.stringify(name)}`,
         },
+        ...(readBody ? { body: readBody } : {}),
         signal: AbortSignal.timeout(5000),
       });
 
@@ -2012,7 +2074,7 @@ server.tool(
             permissions: ['secret:read'],
             endpoint: `/credentials/${resolved.credentialId}/read`,
             method: 'POST',
-            body: {},
+            body: readPayload,
           });
         }
         return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Read failed (${res.status}): ${text}` }) }] };
@@ -2021,11 +2083,18 @@ server.tool(
       const data = await res.json() as { encrypted: string };
       const decrypted = decryptCredentialPayload(data.encrypted);
 
-      // Extract primary secret field
-      secretValue = extractPrimarySecretValue(decrypted.fields);
-
-      if (!secretValue) {
-        return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Credential "${name}" has no extractable secret value` }) }] };
+      if (requestedField) {
+        const requestedValue = findCredentialFieldValue(decrypted.type || resolved.credentialType, decrypted.fields, requestedField);
+        if (requestedValue === undefined) {
+          const availableFields = decrypted.fields.map((entry) => entry.key).join(', ');
+          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Field "${requestedField}" not found on credential "${resolved.credentialName || name}"`, availableFields }) }] };
+        }
+        secretValue = requestedValue;
+      } else {
+        secretValue = extractPrimarySecretValue(decrypted.fields);
+        if (!secretValue) {
+          return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `Credential "${name}" has no extractable secret value` }) }] };
+        }
       }
     } catch (err) {
       return { content: [{ type: 'text' as const, text: JSON.stringify({ error: `inject_secret read failed: ${err}` }) }] };

package/src/server/node_modules/.vite/vitest/da39a3ee5e6b4b0d3255bfef95601890afd80709/results.json

@@ -1 +1 @@
-{"version":"4.0.18","results":[[":tests/send.test.ts",{"duration":162.08154100000002,"failed":false}],[":tests/approve.test.ts",{"duration":257.27824999999996,"failed":false}],[":tests/unlock.test.ts",{"duration":213.61050000000003,"failed":false}],[":tests/setup.test.ts",{"duration":128.30779199999998,"failed":false}],[":tests/e2e.test.ts",{"duration":4341.373875,"failed":false}],[":tests/wallet.test.ts",{"duration":1768.446334,"failed":false}],[":tests/auth.test.ts",{"duration":174.709292,"failed":false}],[":tests/fund.test.ts",{"duration":820.6141660000001,"failed":false}],[":tests/integration/agent-flow.test.ts",{"duration":6350.61575,"failed":false}],[":tests/auth/permissions.test.ts",{"duration":6955.744291999999,"failed":false}],[":tests/auth/middleware.test.ts",{"duration":8667.608209,"failed":false}],[":tests/lib/sessions.test.ts",{"duration":100.3447920000001,"failed":false}],[":tests/lib/auth.test.ts",{"duration":4552.982083,"failed":false}],[":tests/endpoints/unlock.test.ts",{"duration":10486.351083,"failed":false}],[":tests/endpoints/wallet.test.ts",{"duration":4370.477584,"failed":false}],[":tests/endpoints/approve.test.ts",{"duration":497.64808300000004,"failed":false}],[":tests/endpoints/fund.test.ts",{"duration":1897.905,"failed":false}],[":tests/endpoints/send.test.ts",{"duration":2268.8852079999997,"failed":false}],[":tests/endpoints/auth.test.ts",{"duration":1334.914333,"failed":false}],[":tests/endpoints/setup.test.ts",{"duration":5293.225625,"failed":false}],[":tests/lib/uniswap.test.ts",{"duration":21.776292000000012,"failed":false}],[":tests/auth/apikeys.test.ts",{"duration":10995.417958,"failed":false}],[":tests/endpoints/wallet-data.test.ts",{"duration":2099.3379170000003,"failed":false}],[":tests/endpoints/swap.test.ts",{"duration":1653.693583,"failed":false}],[":tests/endpoints/token-clearing.test.ts",{"duration":1247.484042,"failed":false}],[":tests/endpoints/rate-limit.test.ts",{"duration":2154.356209,"failed":false}],[":tests/endpoints/solana-swap.test.ts",{"duration":998.2979999999999,"failed":false}],[":tests/endpoints/solana-wallet.test.ts",{"duration":1363.0256249999998,"failed":false}],[":tests/endpoints/solana-send.test.ts",{"duration":1039.8317080000002,"failed":false}],[":tests/lib/sessions-currency.test.ts",{"duration":56.1837079999998,"failed":false}],[":tests/endpoints/solana-fund.test.ts",{"duration":1418.0586249999997,"failed":false}],[":tests/lib/solana-wallet.test.ts",{"duration":161.13887499999998,"failed":false}],[":tests/lib/address.test.ts",{"duration":3.510084000000006,"failed":false}],[":tests/lib/strategy/sources.test.ts",{"duration":21.01504100000001,"failed":false}],[":tests/lib/strategy/loader.test.ts",{"duration":59.308375,"failed":false}],[":tests/lib/strategy/executor.test.ts",{"duration":7.492707999999993,"failed":false}],[":tests/lib/strategy/state.test.ts",{"duration":6.136792,"failed":false}],[":tests/lib/strategy/hooks.test.ts",{"duration":14.00120800000002,"failed":false}],[":tests/endpoints/widgets.test.ts",{"duration":2127.785625,"failed":false}],[":tests/lib/strategy/message.test.ts",{"duration":127.83229099999997,"failed":false}],[":tests/endpoints/actions.test.ts",{"duration":2396.4307919999997,"failed":false}],[":tests/endpoints/vault.test.ts",{"duration":7419.710874999999,"failed":false}],[":tests/integration/adapter-resolve.test.ts",{"duration":3486.7960000000003,"failed":false}],[":tests/lib/adapters.test.ts",{"duration":38.35904199999999,"failed":false}],[":tests/lib/strategy/tick.test.ts",{"duration":6.34379100000001,"failed":false}],[":tests/lib/relay.test.ts",{"duration":4.984791000000001,"failed":false}],[":tests/lib/ai.test.ts",{"duration":6.82841599999999,"failed":false}],[":tests/endpoints/launch.test.ts",{"duration":35837.233333,"failed":false}],[":tests/widget-installer.test.ts",{"duration":154.704459,"failed":false}],[":tests/mcp/tools.test.ts",{"duration":15.441082999999992,"failed":false}],[":tests/ai-integration/scenarios.test.ts",{"duration":7.4487499999999045,"failed":true}],[":tests/mcp/server.test.ts",{"duration":1333.480375,"failed":false}],[":tests/ai-integration/live.test.ts",{"duration":77572.38508299999,"failed":false}],[":tests/auth/apikeys-validate.test.ts",{"duration":10219.787667,"failed":false}],[":tests/lib/adapters-test.test.ts",{"duration":25429.400542,"failed":false}],[":tests/setup-integration/wizard-flow.test.ts",{"duration":124.21662500000002,"failed":false}],[":tests/setup-integration/adapter-test.test.ts",{"duration":166.0367080000001,"failed":false}],[":tests/setup-integration/edge-cases.test.ts",{"duration":156.02324999999996,"failed":false}],[":tests/setup-integration/apikey-validation.test.ts",{"duration":147.53583400000002,"failed":false}],[":tests/setup-integration/fresh-setup.test.ts",{"duration":107.81912499999999,"failed":false}],[":tests/lib/network.test.ts",{"duration":12.689417000000006,"failed":false}],[":tests/cli/process.test.ts",{"duration":33.650542,"failed":false}],[":tests/cli/init-steps.test.ts",{"duration":4.78708300000001,"failed":false}],[":tests/cli/init-flow.test.ts",{"duration":2517.034083,"failed":false}],[":tests/cli/http.test.ts",{"duration":1563.349083,"failed":false}],[":tests/lib/verified-summary.test.ts",{"duration":8.588290999999998,"failed":false}],[":tests/lib/defaults.test.ts",{"duration":89.18312500000002,"failed":false}],[":tests/endpoints/defaults.test.ts",{"duration":6137.610333,"failed":false}],[":tests/lib/adapters-chat.test.ts",{"duration":28.19304200000002,"failed":false}],[":tests/setup-integration/terminal-flow.test.ts",{"duration":248.770042,"failed":false}],[":tests/endpoints/transactions.test.ts",{"duration":1127.6649169999998,"failed":false}],[":tests/cron/scheduler.test.ts",{"duration":16.875292,"failed":false}],[":tests/endpoints/portfolio.test.ts",{"duration":381.701917,"failed":false}],[":tests/cron/native-price.test.ts",{"duration":58.4565419999999,"failed":false}],[":tests/resolve.test.ts",{"duration":13.15741700000001,"failed":false}],[":tests/lib/prices.test.ts",{"duration":103.56858299999999,"failed":false}],[":tests/swap-quote.test.ts",{"duration":945.5037500000001,"failed":false}],[":tests/send-token.test.ts",{"duration":996.399292,"failed":false}],[":tests/endpoints/price.test.ts",{"duration":61.327583000000004,"failed":false}],[":tests/lib/price.test.ts",{"duration":4.805790999999999,"failed":false}],[":tests/endpoints/token-search.test.ts",{"duration":35.89754199999993,"failed":false}],[":tests/lib/token-search.test.ts",{"duration":65.472708,"failed":false}],[":tests/lib/token-safety.test.ts",{"duration":5.724790999999996,"failed":false}],[":tests/endpoints/token-safety.test.ts",{"duration":41.85649999999987,"failed":false}],[":tests/lib/batch.test.ts",{"duration":11.763874999999999,"failed":false}],[":tests/endpoints/batch.test.ts",{"duration":48.719875,"failed":false}],[":tests/endpoints/token-balance.test.ts",{"duration":29.900082999999995,"failed":false}],[":tests/lib/events-decoder.test.ts",{"duration":4.558958999999987,"failed":false}],[":tests/lib/events-enricher.test.ts",{"duration":4.474500000000035,"failed":false}],[":tests/endpoints/address-transactions.test.ts",{"duration":962.0601669999999,"failed":false}],[":tests/endpoints/bookmarks.test.ts",{"duration":1349.6050840000003,"failed":false}],[":tests/endpoints/addressbook.test.ts",{"duration":995.706459,"failed":false}],[":tests/lib/strategy/session-logger.test.ts",{"duration":1471.763333,"failed":false}],[":tests/cron/incoming-scan.test.ts",{"duration":385.8459999999999,"failed":false}],[":tests/lib/auto-unlock.test.ts",{"duration":1104.2137500000001,"failed":false}],[":tests/lib/widget-tokens-tier.test.ts",{"duration":226.36699999999996,"failed":false}],[":tests/cron/strategy-runner.test.ts",{"duration":6.080332999999996,"failed":false}],[":tests/endpoints/strategy-routes.test.ts",{"duration":11390.736792,"failed":false}],[":tests/endpoints/apps.test.ts",{"duration":21435.455708999998,"failed":false}],[":tests/lib/events-fetcher.test.ts",{"duration":6.5429169999999885,"failed":false}],[":tests/app-installer.test.ts",{"duration":114.05204099999997,"failed":false}],[":tests/lib/app-tokens-tier.test.ts",{"duration":276.60683300000005,"failed":false}],[":tests/setup-integration/onboarding-e2e.test.ts",{"duration":445.7834579999999,"failed":true}],[":tests/cron/orphan-cleanup.test.ts",{"duration":6.764916999999997,"failed":false}],[":tests/lib/strategy/repository.test.ts",{"duration":28.425665999999865,"failed":false}],[":tests/setup-integration/autonomous-agent.test.ts",{"duration":7.406667000000027,"failed":true}],[":tests/lib/websocket-auth.test.ts",{"duration":235.461,"failed":false}],[":tests/lib/credentials.test.ts",{"duration":7320.739874999999,"failed":false}],[":tests/lib/credential-access.test.ts",{"duration":3.4029999999999916,"failed":false}],[":tests/lib/credential-scope.test.ts",{"duration":3.2806659999999965,"failed":false}],[":tests/endpoints/credential-ops.test.ts",{"duration":3004.8909169999997,"failed":false}],[":tests/endpoints/credentials.test.ts",{"duration":27923.241459,"failed":false}],[":tests/lib/credential-transport.test.ts",{"duration":138.75,"failed":false}],[":tests/lib/credential-vault.test.ts",{"duration":4433.612583,"failed":false}],[":tests/lib/resolve-action.test.ts",{"duration":4.514791000000002,"failed":false}],[":tests/credential-import.test.ts",{"duration":19.897791999999995,"failed":false}],[":tests/endpoints/passkey.test.ts",{"duration":14553.136708,"failed":false}],[":tests/lib/oauth2-refresh.test.ts",{"duration":3.752541000000008,"failed":false}],[":tests/lib/totp.test.ts",{"duration":7.506458999999992,"failed":false}],[":tests/lib/passkey-credential.test.ts",{"duration":9.192250000000001,"failed":false}],[":tests/cli/env.test.ts",{"duration":8.821500000000015,"failed":false}],[":tests/dotenv-parser.test.ts",{"duration":3.3828749999999985,"failed":false}],[":tests/cli/socket.test.ts",{"duration":164.548791,"failed":false}],[":tests/cli/vault.test.ts",{"duration":5.563457999999997,"failed":false}],[":tests/cli/credential-resolve.test.ts",{"duration":2.6654999999999944,"failed":false}],[":tests/cli/env-check-server-vault.test.ts",{"duration":239.821708,"failed":false}],[":tests/e2e-agent/validation.test.ts",{"duration":8.998582999999996,"failed":false}],[":tests/e2e-agent/artifacts.test.ts",{"duration":3.1474170000000044,"failed":false}],[":tests/e2e-agent/ci-lanes.test.ts",{"duration":1.272790999999998,"failed":false}],[":tests/lib/api-registry/validation.test.ts",{"duration":5.377708000000013,"failed":false}],[":tests/lib/aura-parser.test.ts",{"duration":10.007750000000001,"failed":false}],[":tests/lib/agent-auth/contracts.test.ts",{"duration":11.581041999999997,"failed":false}],[":tests/cli/doctor.test.ts",{"duration":9.576459,"failed":false}],[":tests/endpoints/import.test.ts",{"duration":8348.137416,"failed":false}],[":tests/endpoints/passkey-credentials.test.ts",{"duration":2573.4603340000003,"failed":false}],[":tests/lib/credential-health.test.ts",{"duration":3.1082080000000047,"failed":false}],[":tests/lib/agent-profiles.test.ts",{"duration":3.3868339999999932,"failed":false}],[":tests/mcp/profile-policy.test.ts",{"duration":3.01100000000001,"failed":false}],[":tests/endpoints/profile-parity.test.ts",{"duration":9.213209000000006,"failed":true}],[":tests/lib/profile-parity.test.ts",{"duration":1.7047079999999966,"failed":false}],[":tests/endpoints/credential-access-audit.test.ts",{"duration":1768.71025,"failed":false}],[":tests/lib/project-scope.test.ts",{"duration":8.761667000000003,"failed":false}],[":tests/docs/job-docs-validation.test.ts",{"duration":33.986999999999995,"failed":false}],[":tests/endpoints/credential-shares.test.ts",{"duration":6208.950334,"failed":false}],[":tests/lib/task-lifecycle.test.ts",{"duration":7.928124999999994,"failed":false}],[":tests/endpoints/tasks-lifecycle.test.ts",{"duration":191.46470899999997,"failed":false}],[":tests/cli/local-agent-trust.test.ts",{"duration":2.7987499999999983,"failed":false}],[":tests/cli/token.test.ts",{"duration":1.4059579999999983,"failed":false}],[":tests/endpoints/heartbeat.test.ts",{"duration":4575.689417,"failed":false}],[":tests/cli/bin-entrypoint.test.ts",{"duration":4248.5371669999995,"failed":false}],[":tests/sandbox/cli.test.ts",{"duration":332.983625,"failed":false}],[":tests/cli/vault-auth.test.ts",{"duration":195.026916,"failed":false}],[":tests/lib/encrypt.test.ts",{"duration":763.462208,"failed":false}],[":tests/cli/vault-share-gist.test.ts",{"duration":14.503625,"failed":false}],[":tests/lib/secret-gist-share.test.ts",{"duration":1.757791999999995,"failed":false}],[":tests/cli/vault-list-filters.test.ts",{"duration":14.040582999999984,"failed":false}],[":tests/cli/start.test.ts",{"duration":1.8407080000000065,"failed":false}],[":tests/cli/wallet.test.ts",{"duration":1.465874999999997,"failed":false}],[":tests/cli/prompt-select.test.ts",{"duration":4.252083999999996,"failed":false}],[":tests/cli/quickhack.test.ts",{"duration":1.982292000000001,"failed":false}],[":tests/lib/human-action-summary.test.ts",{"duration":2.1798750000000098,"failed":false}],[":tests/pipeline-db/paths.test.ts",{"duration":5.902790999999979,"failed":false}],[":tests/pipeline-db/bootstrap.test.ts",{"duration":39.007125,"failed":false}],[":tests/pipeline-db/snapshot.test.ts",{"duration":29.974833999999987,"failed":false}],[":tests/pipeline-db/dual-write.test.ts",{"duration":60.147583,"failed":false}],[":tests/pipeline-db/importer.test.ts",{"duration":33.614417,"failed":false}],[":tests/pipeline-lifecycle/service.test.ts",{"duration":32.389666000000005,"failed":false}],[":tests/pipeline-lifecycle/taskctl.test.ts",{"duration":2885.294625,"failed":false}],[":tests/pipeline-lifecycle/agent-cron-integration.test.ts",{"duration":28.44970900000004,"failed":false}],[":tests/pipeline-db/cutover-plan.test.ts",{"duration":2.5047919999999806,"failed":false}],[":tests/lib/approval-link.test.ts",{"duration":1.0141670000000005,"failed":false}],[":tests/lib/dont-ask-again-policy.test.ts",{"duration":1.2326669999999922,"failed":false}],[":tests/lib/update-check.test.ts",{"duration":1.4486670000000004,"failed":false}],[":tests/lib/auto-execute.test.ts",{"duration":108.225667,"failed":false}],[":tests/lib/auth-action.test.ts",{"duration":1998.647583,"failed":false}],[":tests/cli/auth-action-flag.test.ts",{"duration":3.1158340000000067,"failed":false}],[":tests/pipeline-lifecycle/tags.test.ts",{"duration":321.27825,"failed":false}],[":tests/endpoints/nuke.test.ts",{"duration":69.0028749999999,"failed":false}],[":tests/endpoints/apikeys.test.ts",{"duration":11085.063833,"failed":false}],[":tests/endpoints/security.test.ts",{"duration":9164.535417000001,"failed":false}],[":tests/endpoints/dashboard.test.ts",{"duration":103.2655420000001,"failed":false}],[":tests/endpoints/logs.test.ts",{"duration":183.44812500000035,"failed":false}],[":tests/endpoints/views.test.ts",{"duration":17.28716600000007,"failed":false}],[":tests/endpoints/flags.test.ts",{"duration":12.482625000000098,"failed":false}],[":tests/endpoints/lock.test.ts",{"duration":11063.760583,"failed":false}],[":tests/endpoints/backup.test.ts",{"duration":6926.148333000001,"failed":false}],[":tests/auth/approval-permissions-regression.test.ts",{"duration":2333.866833,"failed":false}],[":tests/sandbox/cli-cd-suite.test.ts",{"duration":578.572375,"failed":false}],[":tests/mcp/contract.test.ts",{"duration":78.60249999999999,"failed":false}],[":tests/lib/credential-paths.test.ts",{"duration":3899.7734170000003,"failed":false}],[":tests/runtime-vault-smoke.test.ts",{"duration":1521.938291,"failed":false}],[":tests/cli/taskctl-lock-smoke.test.ts",{"duration":0,"failed":false}],[":tests/cli/start-run.test.ts",{"duration":6.923584000000005,"failed":false}],[":tests/cli/restart-run.test.ts",{"duration":4.698082999999997,"failed":false}],[":tests/endpoints/approve-action.test.ts",{"duration":1056.1783329999998,"failed":false}],[":tests/cli/escalation.test.ts",{"duration":3.389707999999999,"failed":false}],[":tests/cli/actions-auth.test.ts",{"duration":39.753000000000014,"failed":false}],[":tests/lib/temp-policy.test.ts",{"duration":2.585374999999999,"failed":false}],[":tests/endpoints/escalation-migration-gate.test.ts",{"duration":11955.108208,"failed":false}],[":tests/lib/escalation-responder.test.ts",{"duration":24.61208400000001,"failed":false}],[":tests/cli/service.test.ts",{"duration":38.05449999999999,"failed":false}],[":tests/cli/init-runtime.test.ts",{"duration":4.873333000000002,"failed":false}],[":tests/cli/agent.test.ts",{"duration":7.902833000000001,"failed":false}],[":tests/runtime-agent-smoke.test.ts",{"duration":1154.7805830000002,"failed":false}],[":tests/endpoints/agent.test.ts",{"duration":6459.912458000001,"failed":false}],[":tests/lib/credential-agent.test.ts",{"duration":3084.496541,"failed":false}],[":tests/cli/agent-auth.test.ts",{"duration":528.433583,"failed":false}],[":tests/cli/agent-share-gist.test.ts",{"duration":16.512332999999984,"failed":false}],[":tests/cli/agent-list-filters.test.ts",{"duration":18.725041000000004,"failed":false}],[":tests/cli/env-check-server-agent.test.ts",{"duration":292.08354199999997,"failed":false}],[":tests/lib/import-from-openclaw-paths.test.ts",{"duration":0,"failed":true}],[":tests/endpoints/agent-profiles.test.ts",{"duration":3425.8750000000005,"failed":false}]]}
+{"version":"4.0.18","results":[[":tests/send.test.ts",{"duration":162.08154100000002,"failed":false}],[":tests/approve.test.ts",{"duration":257.27824999999996,"failed":false}],[":tests/unlock.test.ts",{"duration":213.61050000000003,"failed":false}],[":tests/setup.test.ts",{"duration":128.30779199999998,"failed":false}],[":tests/e2e.test.ts",{"duration":4080.0858749999998,"failed":false}],[":tests/wallet.test.ts",{"duration":1768.446334,"failed":false}],[":tests/auth.test.ts",{"duration":174.709292,"failed":false}],[":tests/fund.test.ts",{"duration":820.6141660000001,"failed":false}],[":tests/integration/agent-flow.test.ts",{"duration":6413.059167000001,"failed":false}],[":tests/auth/permissions.test.ts",{"duration":6673.536915999999,"failed":false}],[":tests/auth/middleware.test.ts",{"duration":8759.18275,"failed":false}],[":tests/lib/sessions.test.ts",{"duration":80.44737499999997,"failed":false}],[":tests/lib/auth.test.ts",{"duration":4095.9412919999995,"failed":false}],[":tests/endpoints/unlock.test.ts",{"duration":10394.113917,"failed":false}],[":tests/endpoints/wallet.test.ts",{"duration":4688.91025,"failed":false}],[":tests/endpoints/approve.test.ts",{"duration":497.64808300000004,"failed":false}],[":tests/endpoints/fund.test.ts",{"duration":1739.703958,"failed":false}],[":tests/endpoints/send.test.ts",{"duration":2330.7616669999998,"failed":false}],[":tests/endpoints/auth.test.ts",{"duration":1678.686916,"failed":false}],[":tests/endpoints/setup.test.ts",{"duration":4925.4596249999995,"failed":false}],[":tests/lib/uniswap.test.ts",{"duration":12.830749999999995,"failed":false}],[":tests/auth/apikeys.test.ts",{"duration":10943.105167,"failed":false}],[":tests/endpoints/wallet-data.test.ts",{"duration":2516.620667,"failed":false}],[":tests/endpoints/swap.test.ts",{"duration":2045.7226249999999,"failed":false}],[":tests/endpoints/token-clearing.test.ts",{"duration":1299.981875,"failed":false}],[":tests/endpoints/rate-limit.test.ts",{"duration":2072.681375,"failed":false}],[":tests/endpoints/solana-swap.test.ts",{"duration":1022.9342909999999,"failed":false}],[":tests/endpoints/solana-wallet.test.ts",{"duration":1344.735792,"failed":false}],[":tests/endpoints/solana-send.test.ts",{"duration":1062.2614170000002,"failed":false}],[":tests/lib/sessions-currency.test.ts",{"duration":93.34312499999999,"failed":false}],[":tests/endpoints/solana-fund.test.ts",{"duration":1369.6695,"failed":false}],[":tests/lib/solana-wallet.test.ts",{"duration":149.332917,"failed":false}],[":tests/lib/address.test.ts",{"duration":2.6223750000000052,"failed":false}],[":tests/lib/strategy/sources.test.ts",{"duration":19.652749999999997,"failed":false}],[":tests/lib/strategy/loader.test.ts",{"duration":12.884332999999998,"failed":false}],[":tests/lib/strategy/executor.test.ts",{"duration":11.662749999999988,"failed":false}],[":tests/lib/strategy/state.test.ts",{"duration":10.546458999999999,"failed":false}],[":tests/lib/strategy/hooks.test.ts",{"duration":16.040250000000015,"failed":false}],[":tests/endpoints/widgets.test.ts",{"duration":2127.785625,"failed":false}],[":tests/lib/strategy/message.test.ts",{"duration":114.59958300000002,"failed":false}],[":tests/endpoints/actions.test.ts",{"duration":2456.5247090000003,"failed":false}],[":tests/endpoints/vault.test.ts",{"duration":7419.710874999999,"failed":false}],[":tests/integration/adapter-resolve.test.ts",{"duration":3331.277875,"failed":false}],[":tests/lib/adapters.test.ts",{"duration":30.631124999999997,"failed":false}],[":tests/lib/strategy/tick.test.ts",{"duration":7.374167,"failed":false}],[":tests/lib/relay.test.ts",{"duration":5.019999999999982,"failed":false}],[":tests/lib/ai.test.ts",{"duration":5.997749999999996,"failed":false}],[":tests/endpoints/launch.test.ts",{"duration":33345.279542000004,"failed":false}],[":tests/widget-installer.test.ts",{"duration":154.704459,"failed":false}],[":tests/mcp/tools.test.ts",{"duration":17.772499999999994,"failed":false}],[":tests/ai-integration/scenarios.test.ts",{"duration":7.4487499999999045,"failed":true}],[":tests/mcp/server.test.ts",{"duration":1465.489834,"failed":false}],[":tests/ai-integration/live.test.ts",{"duration":77572.38508299999,"failed":false}],[":tests/auth/apikeys-validate.test.ts",{"duration":9938.500916,"failed":false}],[":tests/lib/adapters-test.test.ts",{"duration":24647.903333000002,"failed":false}],[":tests/setup-integration/wizard-flow.test.ts",{"duration":124.21662500000002,"failed":false}],[":tests/setup-integration/adapter-test.test.ts",{"duration":166.0367080000001,"failed":false}],[":tests/setup-integration/edge-cases.test.ts",{"duration":156.02324999999996,"failed":false}],[":tests/setup-integration/apikey-validation.test.ts",{"duration":147.53583400000002,"failed":false}],[":tests/setup-integration/fresh-setup.test.ts",{"duration":107.81912499999999,"failed":false}],[":tests/lib/network.test.ts",{"duration":9.692542000000003,"failed":false}],[":tests/cli/process.test.ts",{"duration":57.403958,"failed":false}],[":tests/cli/init-steps.test.ts",{"duration":10.969333000000006,"failed":false}],[":tests/cli/init-flow.test.ts",{"duration":2329.560167,"failed":false}],[":tests/cli/http.test.ts",{"duration":1581.040333,"failed":false}],[":tests/lib/verified-summary.test.ts",{"duration":7.0299579999999935,"failed":false}],[":tests/lib/defaults.test.ts",{"duration":68.398459,"failed":false}],[":tests/endpoints/defaults.test.ts",{"duration":5841.581958999999,"failed":false}],[":tests/lib/adapters-chat.test.ts",{"duration":25.645249999999976,"failed":false}],[":tests/setup-integration/terminal-flow.test.ts",{"duration":248.770042,"failed":false}],[":tests/endpoints/transactions.test.ts",{"duration":1090.902125,"failed":false}],[":tests/cron/scheduler.test.ts",{"duration":11.840542,"failed":false}],[":tests/endpoints/portfolio.test.ts",{"duration":275.87408400000004,"failed":false}],[":tests/cron/native-price.test.ts",{"duration":80.20424999999989,"failed":false}],[":tests/resolve.test.ts",{"duration":13.036125000000084,"failed":false}],[":tests/lib/prices.test.ts",{"duration":50.52241700000013,"failed":false}],[":tests/swap-quote.test.ts",{"duration":1009.3182499999999,"failed":false}],[":tests/send-token.test.ts",{"duration":988.631083,"failed":false}],[":tests/endpoints/price.test.ts",{"duration":36.503582999999935,"failed":false}],[":tests/lib/price.test.ts",{"duration":5.893500000000003,"failed":false}],[":tests/endpoints/token-search.test.ts",{"duration":44.32499999999993,"failed":false}],[":tests/lib/token-search.test.ts",{"duration":63.291291999999984,"failed":false}],[":tests/lib/token-safety.test.ts",{"duration":5.879292000000007,"failed":false}],[":tests/endpoints/token-safety.test.ts",{"duration":33.88024999999993,"failed":false}],[":tests/lib/batch.test.ts",{"duration":4.744375000000005,"failed":false}],[":tests/endpoints/batch.test.ts",{"duration":42.573457999999846,"failed":false}],[":tests/endpoints/token-balance.test.ts",{"duration":32.50795799999992,"failed":false}],[":tests/lib/events-decoder.test.ts",{"duration":5.0207499999999925,"failed":false}],[":tests/lib/events-enricher.test.ts",{"duration":5.3929580000000215,"failed":false}],[":tests/endpoints/address-transactions.test.ts",{"duration":1000.6757920000001,"failed":false}],[":tests/endpoints/bookmarks.test.ts",{"duration":1279.267041,"failed":false}],[":tests/endpoints/addressbook.test.ts",{"duration":1067.5747500000002,"failed":false}],[":tests/lib/strategy/session-logger.test.ts",{"duration":1468.45775,"failed":false}],[":tests/cron/incoming-scan.test.ts",{"duration":321.18891699999995,"failed":false}],[":tests/lib/auto-unlock.test.ts",{"duration":1022.7568749999999,"failed":false}],[":tests/lib/widget-tokens-tier.test.ts",{"duration":226.36699999999996,"failed":false}],[":tests/cron/strategy-runner.test.ts",{"duration":5.555291999999994,"failed":false}],[":tests/endpoints/strategy-routes.test.ts",{"duration":11067.915083,"failed":false}],[":tests/endpoints/apps.test.ts",{"duration":20776.13675,"failed":false}],[":tests/lib/events-fetcher.test.ts",{"duration":7.772790999999984,"failed":false}],[":tests/app-installer.test.ts",{"duration":128.42795900000002,"failed":false}],[":tests/lib/app-tokens-tier.test.ts",{"duration":247.269042,"failed":false}],[":tests/setup-integration/onboarding-e2e.test.ts",{"duration":445.7834579999999,"failed":true}],[":tests/cron/orphan-cleanup.test.ts",{"duration":4.394666999999998,"failed":false}],[":tests/lib/strategy/repository.test.ts",{"duration":41.04454199999998,"failed":false}],[":tests/setup-integration/autonomous-agent.test.ts",{"duration":7.406667000000027,"failed":true}],[":tests/lib/websocket-auth.test.ts",{"duration":228.09824999999998,"failed":false}],[":tests/lib/credentials.test.ts",{"duration":7244.236916,"failed":false}],[":tests/lib/credential-access.test.ts",{"duration":4.496959000000004,"failed":false}],[":tests/lib/credential-scope.test.ts",{"duration":3.911790999999994,"failed":false}],[":tests/endpoints/credential-ops.test.ts",{"duration":3012.519625,"failed":false}],[":tests/endpoints/credentials.test.ts",{"duration":26961.16275,"failed":false}],[":tests/lib/credential-transport.test.ts",{"duration":100.9825,"failed":false}],[":tests/lib/credential-vault.test.ts",{"duration":4433.612583,"failed":false}],[":tests/lib/resolve-action.test.ts",{"duration":5.200542000000013,"failed":false}],[":tests/credential-import.test.ts",{"duration":19.59904200000001,"failed":false}],[":tests/endpoints/passkey.test.ts",{"duration":13994.460458,"failed":false}],[":tests/lib/oauth2-refresh.test.ts",{"duration":4.189582999999999,"failed":false}],[":tests/lib/totp.test.ts",{"duration":5.6655839999999955,"failed":false}],[":tests/lib/passkey-credential.test.ts",{"duration":6.855125000000001,"failed":false}],[":tests/cli/env.test.ts",{"duration":8.122291999999987,"failed":false}],[":tests/dotenv-parser.test.ts",{"duration":4.285124999999994,"failed":false}],[":tests/cli/socket.test.ts",{"duration":203.840084,"failed":false}],[":tests/cli/vault.test.ts",{"duration":5.563457999999997,"failed":false}],[":tests/cli/credential-resolve.test.ts",{"duration":2.6506669999999986,"failed":false}],[":tests/cli/env-check-server-vault.test.ts",{"duration":239.821708,"failed":false}],[":tests/e2e-agent/validation.test.ts",{"duration":7.176417000000001,"failed":false}],[":tests/e2e-agent/artifacts.test.ts",{"duration":2.1517920000000004,"failed":false}],[":tests/e2e-agent/ci-lanes.test.ts",{"duration":1.1575419999999994,"failed":false}],[":tests/lib/api-registry/validation.test.ts",{"duration":7.92649999999999,"failed":false}],[":tests/lib/aura-parser.test.ts",{"duration":10.717959000000008,"failed":false}],[":tests/lib/agent-auth/contracts.test.ts",{"duration":8.928665999999993,"failed":false}],[":tests/cli/doctor.test.ts",{"duration":13.734708999999995,"failed":false}],[":tests/endpoints/import.test.ts",{"duration":8375.402458,"failed":false}],[":tests/endpoints/passkey-credentials.test.ts",{"duration":2524.953291,"failed":false}],[":tests/lib/credential-health.test.ts",{"duration":2.7282909999999987,"failed":false}],[":tests/lib/agent-profiles.test.ts",{"duration":3.490583999999984,"failed":false}],[":tests/mcp/profile-policy.test.ts",{"duration":3.0271250000000123,"failed":false}],[":tests/endpoints/profile-parity.test.ts",{"duration":9.213209000000006,"failed":true}],[":tests/lib/profile-parity.test.ts",{"duration":1.614333000000002,"failed":false}],[":tests/endpoints/credential-access-audit.test.ts",{"duration":1780.9782919999998,"failed":false}],[":tests/lib/project-scope.test.ts",{"duration":8.030417,"failed":false}],[":tests/docs/job-docs-validation.test.ts",{"duration":32.666083,"failed":false}],[":tests/endpoints/credential-shares.test.ts",{"duration":5782.297167,"failed":false}],[":tests/lib/task-lifecycle.test.ts",{"duration":7.928124999999994,"failed":false}],[":tests/endpoints/tasks-lifecycle.test.ts",{"duration":191.46470899999997,"failed":false}],[":tests/cli/local-agent-trust.test.ts",{"duration":3.4474169999999873,"failed":false}],[":tests/cli/token.test.ts",{"duration":1.4730000000000132,"failed":false}],[":tests/endpoints/heartbeat.test.ts",{"duration":4058.10775,"failed":false}],[":tests/cli/bin-entrypoint.test.ts",{"duration":3965.3672079999997,"failed":false}],[":tests/sandbox/cli.test.ts",{"duration":269.86533299999996,"failed":false}],[":tests/cli/vault-auth.test.ts",{"duration":195.026916,"failed":false}],[":tests/lib/encrypt.test.ts",{"duration":739.603,"failed":false}],[":tests/cli/vault-share-gist.test.ts",{"duration":14.503625,"failed":false}],[":tests/lib/secret-gist-share.test.ts",{"duration":1.6444999999999936,"failed":false}],[":tests/cli/vault-list-filters.test.ts",{"duration":14.040582999999984,"failed":false}],[":tests/cli/start.test.ts",{"duration":1.9482500000000016,"failed":false}],[":tests/cli/wallet.test.ts",{"duration":1.4312499999999915,"failed":false}],[":tests/cli/prompt-select.test.ts",{"duration":4.526584,"failed":false}],[":tests/cli/quickhack.test.ts",{"duration":1.9109579999999937,"failed":false}],[":tests/lib/human-action-summary.test.ts",{"duration":2.183374999999998,"failed":false}],[":tests/pipeline-db/paths.test.ts",{"duration":5.902790999999979,"failed":false}],[":tests/pipeline-db/bootstrap.test.ts",{"duration":39.007125,"failed":false}],[":tests/pipeline-db/snapshot.test.ts",{"duration":29.974833999999987,"failed":false}],[":tests/pipeline-db/dual-write.test.ts",{"duration":60.147583,"failed":false}],[":tests/pipeline-db/importer.test.ts",{"duration":33.614417,"failed":false}],[":tests/pipeline-lifecycle/service.test.ts",{"duration":32.389666000000005,"failed":false}],[":tests/pipeline-lifecycle/taskctl.test.ts",{"duration":2885.294625,"failed":false}],[":tests/pipeline-lifecycle/agent-cron-integration.test.ts",{"duration":28.44970900000004,"failed":false}],[":tests/pipeline-db/cutover-plan.test.ts",{"duration":2.5047919999999806,"failed":false}],[":tests/lib/approval-link.test.ts",{"duration":1.0180000000000007,"failed":false}],[":tests/lib/dont-ask-again-policy.test.ts",{"duration":1.1674579999999963,"failed":false}],[":tests/lib/update-check.test.ts",{"duration":1.3457500000000095,"failed":false}],[":tests/lib/auto-execute.test.ts",{"duration":106.970417,"failed":false}],[":tests/lib/auth-action.test.ts",{"duration":1971.094417,"failed":false}],[":tests/cli/auth-action-flag.test.ts",{"duration":2.953084000000004,"failed":false}],[":tests/pipeline-lifecycle/tags.test.ts",{"duration":321.27825,"failed":false}],[":tests/endpoints/nuke.test.ts",{"duration":69.0028749999999,"failed":false}],[":tests/endpoints/apikeys.test.ts",{"duration":11085.063833,"failed":false}],[":tests/endpoints/security.test.ts",{"duration":9164.535417000001,"failed":false}],[":tests/endpoints/dashboard.test.ts",{"duration":103.2655420000001,"failed":false}],[":tests/endpoints/logs.test.ts",{"duration":183.44812500000035,"failed":false}],[":tests/endpoints/views.test.ts",{"duration":17.28716600000007,"failed":false}],[":tests/endpoints/flags.test.ts",{"duration":12.482625000000098,"failed":false}],[":tests/endpoints/lock.test.ts",{"duration":11063.760583,"failed":false}],[":tests/endpoints/backup.test.ts",{"duration":6926.148333000001,"failed":false}],[":tests/auth/approval-permissions-regression.test.ts",{"duration":2370.5335,"failed":false}],[":tests/sandbox/cli-cd-suite.test.ts",{"duration":953.0126659999999,"failed":false}],[":tests/mcp/contract.test.ts",{"duration":151.07174999999998,"failed":false}],[":tests/lib/credential-paths.test.ts",{"duration":3779.089958,"failed":false}],[":tests/runtime-vault-smoke.test.ts",{"duration":1521.938291,"failed":false}],[":tests/cli/taskctl-lock-smoke.test.ts",{"duration":0,"failed":false}],[":tests/cli/start-run.test.ts",{"duration":5.523459000000003,"failed":false}],[":tests/cli/restart-run.test.ts",{"duration":2.4307500000000033,"failed":false}],[":tests/endpoints/approve-action.test.ts",{"duration":982.046125,"failed":false}],[":tests/cli/escalation.test.ts",{"duration":3.6188750000000027,"failed":false}],[":tests/cli/actions-auth.test.ts",{"duration":53.00212499999998,"failed":false}],[":tests/lib/temp-policy.test.ts",{"duration":2.6212909999999994,"failed":false}],[":tests/endpoints/escalation-migration-gate.test.ts",{"duration":11600.137458000001,"failed":false}],[":tests/lib/escalation-responder.test.ts",{"duration":22.55212499999999,"failed":false}],[":tests/cli/service.test.ts",{"duration":40.734375,"failed":false}],[":tests/cli/init-runtime.test.ts",{"duration":6.353541999999976,"failed":false}],[":tests/cli/agent.test.ts",{"duration":5.218541999999999,"failed":false}],[":tests/runtime-agent-smoke.test.ts",{"duration":1125.018291,"failed":false}],[":tests/endpoints/agent.test.ts",{"duration":5885.352958,"failed":false}],[":tests/lib/credential-agent.test.ts",{"duration":3014.652917,"failed":false}],[":tests/cli/agent-auth.test.ts",{"duration":637.7750000000001,"failed":false}],[":tests/cli/agent-share-gist.test.ts",{"duration":13.641041000000016,"failed":false}],[":tests/cli/agent-list-filters.test.ts",{"duration":12.53479200000001,"failed":false}],[":tests/cli/env-check-server-agent.test.ts",{"duration":297.161208,"failed":false}],[":tests/lib/import-from-openclaw-paths.test.ts",{"duration":0,"failed":true}],[":tests/endpoints/agent-profiles.test.ts",{"duration":3342.858333,"failed":false}]]}

package/src/server/routes/actions.ts

@@ -80,7 +80,8 @@ router.get('/:id/summary', async (req: Request<{ id: string }>, res: Response) =
 
     // Impact descriptions (skip zero-value limits)
     const impact: string[] = [];
-    if (metadata.limit && metadata.limit > 0) impact.push(`Fund limit: ${metadata.limit} ETH`);
+    // Default fund limit line (kept for reference, intentionally disabled).
+    // if (metadata.limit && metadata.limit > 0) impact.push(`Fund limit: ${metadata.limit} ETH`);
     if (metadata.limits?.send && metadata.limits.send > 0) impact.push(`Send limit: ${metadata.limits.send} ETH`);
     if (metadata.limits?.swap && metadata.limits.swap > 0) impact.push(`Swap limit: ${metadata.limits.swap} ETH`);
     if (metadata.ttl) impact.push(`Token TTL: ${Math.round(metadata.ttl / 60)} minutes`);

package/src/server/routes/credentials.ts

@@ -51,6 +51,7 @@ import {
   summarizeCredentialHealthFlags,
 } from '../lib/credential-health';
 import {
+  canonicalizeCredentialFieldKey,
   NOTE_CONTENT_KEY,
   getCredentialFieldValue,
   normalizeCredentialFieldsForType,
@@ -480,6 +481,40 @@ function parseRequestedPolicyInput(body: unknown): {
   };
 }
 
+function parseRequestedReadFieldsInput(
+  body: unknown,
+  credentialType: CredentialType,
+): { requestedFields: string[]; requestsAllFields: boolean } {
+  const bodyPayload = body && typeof body === 'object' && !Array.isArray(body)
+    ? body as Record<string, unknown>
+    : {};
+  const requestedFieldsRaw: string[] = [];
+
+  const appendRequestedField = (value: unknown): void => {
+    if (typeof value !== 'string') return;
+    const trimmed = value.trim();
+    if (!trimmed) return;
+    requestedFieldsRaw.push(trimmed);
+  };
+
+  if (Array.isArray(bodyPayload.requestedFields)) {
+    for (const value of bodyPayload.requestedFields) {
+      appendRequestedField(value);
+    }
+  }
+  appendRequestedField(bodyPayload.requestedField);
+  appendRequestedField(bodyPayload.field);
+
+  const requestsAllFields = requestedFieldsRaw.some((value) => value === '*');
+  const requestedFields = Array.from(new Set(
+    requestedFieldsRaw
+      .filter((value) => value !== '*')
+      .map((value) => normalizeScope(canonicalizeCredentialFieldKey(credentialType, value))),
+  ));
+
+  return { requestedFields, requestsAllFields };
+}
+
 function buildCredentialRouteContract(input: {
   routeId: CredentialRouteContractId;
   credentialId: string;
@@ -1817,13 +1852,21 @@ router.post('/:id/read', async (req: Request<{ id: string }>, res: Response) =>
       ? []
       : resolveExcludeFields(auth.token.credentialAccess?.excludeFields, credential.type);
     const baseExcludedNormalized = new Set(baseExclude.map(field => normalizeScope(field)));
+    const requestedReadFields = parseRequestedReadFieldsInput(req.body, credential.type);
+    const excludedFieldsPresent = Array.from(new Set(
+      secrets
+        .map((field) => normalizeScope(field.key))
+        .filter((fieldKey) => baseExcludedNormalized.has(fieldKey)),
+    ));
     const requestedExcludedFields = isAdmin(auth)
       ? []
-      : Array.from(new Set(
-          secrets
-            .map((field) => field.key)
-            .filter((fieldKey) => baseExcludedNormalized.has(normalizeScope(fieldKey))),
-        ));
+      : requestedReadFields.requestsAllFields
+        ? excludedFieldsPresent
+        : Array.from(new Set(
+            requestedReadFields.requestedFields
+              .map((field) => normalizeScope(field))
+              .filter((fieldKey) => baseExcludedNormalized.has(fieldKey)),
+          ));
     if (requestedExcludedFields.length > 0) {
       const approvalTtl = await resolveOneShotApprovalTtl(auth);
       const approvalSummaryBase = `${auth.token.agentId || 'agent'} requests excluded fields (${requestedExcludedFields.join(', ')}) from credential "${credential.name}"`;