npm - avorelo - Versions diffs - 0.1.0 - Mend

avorelo 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (258) hide show

package/LICENSE +21 -0
package/README.md +56 -0
package/bin/avorelo +9 -0
package/package.json +135 -0
package/scripts/README.md +40 -0
package/scripts/cco-dashboard.js +252 -0
package/scripts/cco-status.js +430 -0
package/scripts/lib/activation/account-state.js +37 -0
package/scripts/lib/activation/activation-runner.js +546 -0
package/scripts/lib/activation/activation-self-healing.js +480 -0
package/scripts/lib/activation/activation-state.js +83 -0
package/scripts/lib/activation/activation-summary.js +191 -0
package/scripts/lib/activation/adapters/claude-code.js +77 -0
package/scripts/lib/activation/adapters/codex-cli.js +52 -0
package/scripts/lib/activation/adapters/cursor.js +37 -0
package/scripts/lib/activation/adapters/github-agent.js +39 -0
package/scripts/lib/activation/adapters/terminal.js +42 -0
package/scripts/lib/activation/adapters/vscode.js +39 -0
package/scripts/lib/activation/adapters/windsurf.js +37 -0
package/scripts/lib/activation/ai-surface-detector.js +151 -0
package/scripts/lib/activation/connect-account.js +145 -0
package/scripts/lib/activation/detect-environment.js +75 -0
package/scripts/lib/activation/detect-hosts.js +62 -0
package/scripts/lib/activation/format-activation-output.js +109 -0
package/scripts/lib/activation/next-action.js +43 -0
package/scripts/lib/activation/repair-engine.js +219 -0
package/scripts/lib/activation-distribution-readiness.js +507 -0
package/scripts/lib/adapter-conformance.js +176 -0
package/scripts/lib/adapter-readiness.js +417 -0
package/scripts/lib/adapter-safety-boundaries.js +335 -0
package/scripts/lib/adapter-technical-readiness-gate.js +205 -0
package/scripts/lib/agent-access-governance.js +455 -0
package/scripts/lib/agent-enforcement.js +765 -0
package/scripts/lib/agent-policy-profile.js +210 -0
package/scripts/lib/agent-security/action-evaluator.js +507 -0
package/scripts/lib/agent-security/adapter-registry.js +98 -0
package/scripts/lib/agent-security/auto-policy.js +139 -0
package/scripts/lib/agent-security/bounded-scan.js +93 -0
package/scripts/lib/agent-security/enforcement-adapter.js +174 -0
package/scripts/lib/agent-security/enforcement-engine.js +1129 -0
package/scripts/lib/agent-security/file-write-adapter.js +183 -0
package/scripts/lib/agent-security/file-write-rules.js +178 -0
package/scripts/lib/agent-security/index.js +3342 -0
package/scripts/lib/agent-security/instruction-risk.js +181 -0
package/scripts/lib/agent-security/mcp-action-adapter.js +185 -0
package/scripts/lib/agent-security/mcp-action-rules.js +184 -0
package/scripts/lib/agent-security/package-action-adapter.js +175 -0
package/scripts/lib/agent-security/package-action-rules.js +233 -0
package/scripts/lib/agent-security/performance.js +148 -0
package/scripts/lib/agent-security/permission-minimizer.js +403 -0
package/scripts/lib/agent-security/scan-cache.js +74 -0
package/scripts/lib/agent-security/source-trust.js +146 -0
package/scripts/lib/ai-install-prompt.js +288 -0
package/scripts/lib/ai-workspace-hygiene.js +1499 -0
package/scripts/lib/alpha-activation.js +520 -0
package/scripts/lib/alpha-feedback.js +263 -0
package/scripts/lib/alpha-readiness-gate.js +332 -0
package/scripts/lib/anti-gaming.js +169 -0
package/scripts/lib/artifact-health.js +431 -0
package/scripts/lib/attribution.js +180 -0
package/scripts/lib/audit.js +289 -0
package/scripts/lib/avorelo-skill-registry.js +810 -0
package/scripts/lib/batch-jobs.js +71 -0
package/scripts/lib/brain-pack.js +578 -0
package/scripts/lib/brand-boundary.js +424 -0
package/scripts/lib/brand.js +74 -0
package/scripts/lib/browser-capability.js +1048 -0
package/scripts/lib/browser-proof-preflight.js +321 -0
package/scripts/lib/cache-readiness.js +187 -0
package/scripts/lib/canonical-reentry.js +162 -0
package/scripts/lib/capability-packs.js +314 -0
package/scripts/lib/capability-recommender.js +512 -0
package/scripts/lib/capability-registry.js +1059 -0
package/scripts/lib/carry-forward-surfacing.js +194 -0
package/scripts/lib/ccusage-adapter.js +188 -0
package/scripts/lib/company-loop.js +1149 -0
package/scripts/lib/config.js +637 -0
package/scripts/lib/context-acquisition-plan.js +287 -0
package/scripts/lib/context-budget-guard.js +170 -0
package/scripts/lib/context-budget-scanner.js +257 -0
package/scripts/lib/context-optimizer.js +715 -0
package/scripts/lib/context-reduction-plan.js +178 -0
package/scripts/lib/context-safety.js +88 -0
package/scripts/lib/context-savings-engine.js +158 -0
package/scripts/lib/cost-evidence.js +254 -0
package/scripts/lib/cross-host-install-plan.js +308 -0
package/scripts/lib/cross-host-install-readiness.js +237 -0
package/scripts/lib/cross-host-value-flow.js +268 -0
package/scripts/lib/dashboard.js +900 -0
package/scripts/lib/design-partner-feedback.js +346 -0
package/scripts/lib/entitlements.js +100 -0
package/scripts/lib/execution-packet.js +559 -0
package/scripts/lib/experimentation-events.js +547 -0
package/scripts/lib/external-capability-compliance.js +107 -0
package/scripts/lib/external-user-simulation.js +166 -0
package/scripts/lib/failure-recovery-readiness.js +81 -0
package/scripts/lib/failure-recovery.js +419 -0
package/scripts/lib/feedback-intelligence.js +537 -0
package/scripts/lib/feedback-signals.js +205 -0
package/scripts/lib/file-integrity.js +68 -0
package/scripts/lib/fsx.js +127 -0
package/scripts/lib/full-readiness-gate.js +451 -0
package/scripts/lib/guidance-builder.js +174 -0
package/scripts/lib/hook-apply.js +1019 -0
package/scripts/lib/hook-baseline.js +310 -0
package/scripts/lib/hook-config-preview.js +275 -0
package/scripts/lib/hook-contracts.js +290 -0
package/scripts/lib/hook-safety-boundary-readiness.js +80 -0
package/scripts/lib/host-capability-matrix.js +351 -0
package/scripts/lib/host-support-context.js +254 -0
package/scripts/lib/http-hook-action.js +538 -0
package/scripts/lib/install-ai-readiness.js +84 -0
package/scripts/lib/install-intake-risk.js +1037 -0
package/scripts/lib/install-journey-intelligence.js +329 -0
package/scripts/lib/intervention-guidance.js +57 -0
package/scripts/lib/known-limitations.js +115 -0
package/scripts/lib/l8-path-truth.js +146 -0
package/scripts/lib/launch-hardening-gate.js +436 -0
package/scripts/lib/launch-readiness.js +628 -0
package/scripts/lib/learning-memory.js +686 -0
package/scripts/lib/lifecycle-hooks.js +802 -0
package/scripts/lib/local-package-smoke.js +423 -0
package/scripts/lib/local-pricing.js +299 -0
package/scripts/lib/mcp-enforcement.js +311 -0
package/scripts/lib/mcp-least-privilege-policy.js +303 -0
package/scripts/lib/mcp-tool-inventory.js +388 -0
package/scripts/lib/mcp-tool-risk.js +0 -0
package/scripts/lib/memory.js +335 -0
package/scripts/lib/metrics.js +699 -0
package/scripts/lib/micro-proof.js +133 -0
package/scripts/lib/next-run-context.js +436 -0
package/scripts/lib/operating-value.js +1648 -0
package/scripts/lib/optimization-v3.js +122 -0
package/scripts/lib/orchestration/adapters/_shared.js +49 -0
package/scripts/lib/orchestration/adapters/aider.js +18 -0
package/scripts/lib/orchestration/adapters/claude-code.js +35 -0
package/scripts/lib/orchestration/adapters/codex.js +35 -0
package/scripts/lib/orchestration/adapters/gemini-cli.js +18 -0
package/scripts/lib/orchestration/adapters/git.js +25 -0
package/scripts/lib/orchestration/adapters/index.js +31 -0
package/scripts/lib/orchestration/adapters/lm-studio.js +18 -0
package/scripts/lib/orchestration/adapters/ollama.js +18 -0
package/scripts/lib/orchestration/adapters/opencode.js +18 -0
package/scripts/lib/orchestration/adapters/openrouter.js +18 -0
package/scripts/lib/orchestration/adapters/test-runner.js +25 -0
package/scripts/lib/orchestration/cli.js +438 -0
package/scripts/lib/orchestration/execution-manager.js +279 -0
package/scripts/lib/orchestration/handoff.js +314 -0
package/scripts/lib/orchestration/index.js +456 -0
package/scripts/lib/orchestration/inventory.js +47 -0
package/scripts/lib/orchestration/model-discovery.js +498 -0
package/scripts/lib/orchestration/model-profiler.js +170 -0
package/scripts/lib/orchestration/model-profiles.js +252 -0
package/scripts/lib/orchestration/model-refresh-policy.js +72 -0
package/scripts/lib/orchestration/proof-writer.js +349 -0
package/scripts/lib/orchestration/provider-discovery/aider.js +49 -0
package/scripts/lib/orchestration/provider-discovery/claude-code.js +56 -0
package/scripts/lib/orchestration/provider-discovery/codex.js +49 -0
package/scripts/lib/orchestration/provider-discovery/common.js +186 -0
package/scripts/lib/orchestration/provider-discovery/gemini.js +106 -0
package/scripts/lib/orchestration/provider-discovery/lm-studio.js +118 -0
package/scripts/lib/orchestration/provider-discovery/models-dev.js +12 -0
package/scripts/lib/orchestration/provider-discovery/ollama.js +100 -0
package/scripts/lib/orchestration/provider-discovery/opencode.js +47 -0
package/scripts/lib/orchestration/provider-discovery/openrouter.js +44 -0
package/scripts/lib/orchestration/risk-classifier.js +130 -0
package/scripts/lib/orchestration/routing-policy.js +486 -0
package/scripts/lib/orchestration/settings.js +112 -0
package/scripts/lib/orchestration/state.js +165 -0
package/scripts/lib/orchestration/verification-manager.js +138 -0
package/scripts/lib/output-profiles.js +146 -0
package/scripts/lib/package-content-audit.js +368 -0
package/scripts/lib/package-runtime.js +278 -0
package/scripts/lib/plan-surface.js +53 -0
package/scripts/lib/plans.js +2318 -0
package/scripts/lib/policy-provider.js +27 -0
package/scripts/lib/prelaunch-activation-readiness.js +409 -0
package/scripts/lib/prelaunch-evidence-store.js +816 -0
package/scripts/lib/prelaunch-intelligence.js +869 -0
package/scripts/lib/pricing-experiment.js +118 -0
package/scripts/lib/pro-moment-events.js +77 -0
package/scripts/lib/pro-moment-state.js +227 -0
package/scripts/lib/pro-moments.js +1216 -0
package/scripts/lib/product-learning-events.js +629 -0
package/scripts/lib/project-profile.js +555 -0
package/scripts/lib/prompt-compiler.js +280 -0
package/scripts/lib/prompt-lint.js +32 -0
package/scripts/lib/prompt-suggestions.js +52 -0
package/scripts/lib/proof-canonical.js +398 -0
package/scripts/lib/proof-drilldown.js +383 -0
package/scripts/lib/proof-events.js +342 -0
package/scripts/lib/proof-history.js +243 -0
package/scripts/lib/proof-metrics.js +296 -0
package/scripts/lib/proof-outcome-evidence.js +134 -0
package/scripts/lib/proof-receipt.js +335 -0
package/scripts/lib/proof-record.js +461 -0
package/scripts/lib/public-activation-distribution-gate.js +258 -0
package/scripts/lib/public-cli.js +3891 -0
package/scripts/lib/public-distribution-truth.js +211 -0
package/scripts/lib/public-install-claim-checker.js +294 -0
package/scripts/lib/publish-provenance-readiness.js +283 -0
package/scripts/lib/readiness-delta.js +218 -0
package/scripts/lib/readiness-evidence-closure.js +196 -0
package/scripts/lib/reentry-memory-capture.js +241 -0
package/scripts/lib/reentry-memory-retrieval.js +302 -0
package/scripts/lib/reentry-memory-status.js +146 -0
package/scripts/lib/reentry-memory-store.js +178 -0
package/scripts/lib/reentry-state.js +66 -0
package/scripts/lib/release-candidate-bundle.js +166 -0
package/scripts/lib/remediation.js +81 -0
package/scripts/lib/repo-map.js +391 -0
package/scripts/lib/run-improvements-lifecycle.js +330 -0
package/scripts/lib/run-improvements.js +789 -0
package/scripts/lib/runtime-decision-policy.js +387 -0
package/scripts/lib/safe-path-engine.js +705 -0
package/scripts/lib/safe-run-controller.js +887 -0
package/scripts/lib/score.js +262 -0
package/scripts/lib/seamless-enforcement.js +329 -0
package/scripts/lib/seamless-outcome.js +689 -0
package/scripts/lib/seamless-reality-gate.js +5043 -0
package/scripts/lib/security-risk-classifier.js +511 -0
package/scripts/lib/security-scan.js +384 -0
package/scripts/lib/session-context-optimizer.js +1211 -0
package/scripts/lib/session-timing.js +315 -0
package/scripts/lib/skill-hygiene.js +805 -0
package/scripts/lib/skill-packs.js +161 -0
package/scripts/lib/skills-operating-layer.js +580 -0
package/scripts/lib/smart-work-routing.js +768 -0
package/scripts/lib/source-catalog.js +700 -0
package/scripts/lib/status-value-summary.js +32 -0
package/scripts/lib/support-bundle.js +578 -0
package/scripts/lib/task-continuation.js +440 -0
package/scripts/lib/test-helpers.js +15 -0
package/scripts/lib/tier.js +38 -0
package/scripts/lib/token-context-quality-gate.js +370 -0
package/scripts/lib/token-cost-capture.js +187 -0
package/scripts/lib/token-cost-intelligence.js +358 -0
package/scripts/lib/token-efficiency-evidence.js +213 -0
package/scripts/lib/token-evidence.js +699 -0
package/scripts/lib/tokenish.js +17 -0
package/scripts/lib/tool-output-sandbox.js +304 -0
package/scripts/lib/trust-audit.js +136 -0
package/scripts/lib/unified-events.js +396 -0
package/scripts/lib/upgrade-interruption-recovery.js +407 -0
package/scripts/lib/usage-ledger.js +201 -0
package/scripts/lib/value-ledger.js +130 -0
package/scripts/lib/value-proof-calibration.js +531 -0
package/scripts/lib/visual-qa.js +231 -0
package/scripts/lib/voice-alpha.js +29 -0
package/scripts/lib/work-aware-orchestration.js +976 -0
package/scripts/lib/work-control-receipts.js +577 -0
package/scripts/lib/work-ledger.js +1123 -0
package/scripts/lib/work-panel-preview.js +352 -0
package/scripts/lib/workflow-discipline.js +280 -0
package/scripts/lib/workflow-signals.js +419 -0
package/scripts/lib/workspace-map.js +281 -0
package/scripts/lib/workspace-registry.js +1367 -0
package/scripts/lib/workspace-resolver.js +480 -0

package/scripts/lib/agent-security/package-action-adapter.js ADDED Viewed

@@ -0,0 +1,175 @@
+"use strict";
+const { spawnSync } = require("child_process");
+const { classifyPackageAction } = require("./package-action-rules");
+const PACKAGE_ACTION_ADAPTER_ID = "package-action-v1";
+const PREVIEW_LIMIT = 400;
+function truncatePreview(value) {
+  const text = String(value || "");
+  if (text.length <= PREVIEW_LIMIT) return text;
+  return `${text.slice(0, PREVIEW_LIMIT)}...`;
+}
+function redactPreview(value) {
+  return truncatePreview(String(value || "").replace(
+    /((?:secret|token|password|api[_-]?key)[^=\n]{0,20}=)[^\s\n]+/ig,
+    "$1[redacted]",
+  ));
+}
+function buildPackageAdapterResult(base, overrides = {}) {
+  return {
+    actionId: base.actionId,
+    componentId: base.componentId || null,
+    componentType: base.componentType || null,
+    actionType: base.actionType,
+    decision: base.decision || null,
+    adapterId: PACKAGE_ACTION_ADAPTER_ID,
+    enforcementAvailable: true,
+    effectiveBehavior: "recommended_only",
+    executed: false,
+    exitCode: null,
+    stdoutPreview: "",
+    stderrPreview: "",
+    reason: "",
+    timestamp: base.timestamp,
+    ...overrides,
+  };
+}
+function enforcePackageAction(action, context = {}) {
+  const decisionRecord = context.decisionRecord || null;
+  const limitPlan = context.limitPlan || null;
+  const execute = context.execute === true;
+  const cwd = context.cwd;
+  const command = String(action?.command || "");
+  const executor = typeof context.executor === "function" ? context.executor : null;
+  const profile = classifyPackageAction(action);
+  const base = {
+    actionId: action.actionId,
+    componentId: action.componentId,
+    componentType: action.componentType,
+    actionType: action.actionType,
+    decision: decisionRecord?.decision || null,
+    timestamp: context.timestamp,
+  };
+  if (
+    profile.remoteScript ||
+    profile.destructiveChain ||
+    profile.globalInstall ||
+    profile.unsafeFlags ||
+    profile.installFromUrlOrPath ||
+    profile.sensitiveTarget ||
+    profile.workflowTarget
+  ) {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: profile.reasons[0] || "This package action is not allowed.",
+    });
+  }
+  if (profile.lifecycleRisk && decisionRecord?.decision !== "approve_once") {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: profile.reasons[0] || "Lifecycle scripts require explicit approval.",
+    });
+  }
+  if (decisionRecord?.decision === "deny") {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: "User denied this package action.",
+    });
+  }
+  if (decisionRecord?.decision === "let_wuz_limit" && limitPlan?.recommendedMode === "deny") {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: limitPlan.reason || "No safe limited version found. Recommended: deny.",
+    });
+  }
+  if (decisionRecord?.decision === "let_wuz_limit" && limitPlan?.recommendedMode !== "limited") {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: limitPlan?.reason || "The limited plan could not safely allow this package action.",
+    });
+  }
+  if (
+    decisionRecord?.decision === "let_wuz_limit" &&
+    Array.isArray(limitPlan?.scope?.allowedCommands) &&
+    limitPlan.scope.allowedCommands.length > 0 &&
+    !limitPlan.scope.allowedCommands.includes(command)
+  ) {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: "blocked",
+      reason: "The limited plan only allows the exact evaluated package command.",
+    });
+  }
+  if (!execute) {
+    return buildPackageAdapterResult(base, {
+      effectiveBehavior: decisionRecord?.decision === "let_wuz_limit" ? "limited" : "dry_run_only",
+      reason: decisionRecord?.decision === "let_wuz_limit"
+        ? (limitPlan?.reason || "Wuz limited this action to the current task.")
+        : "Execution stayed in dry-run mode.",
+    });
+  }
+  const child = executor
+    ? executor({ command, cwd, action, decisionRecord, limitPlan })
+    : spawnSync(command, {
+      cwd,
+      shell: true,
+      windowsHide: true,
+      encoding: "utf8",
+      timeout: 30000,
+    });
+  const stdoutPreview = redactPreview(child?.stdout || "");
+  const stderrPreview = redactPreview(child?.stderr || child?.error?.message || "");
+  const exitCode = typeof child?.status === "number"
+    ? child.status
+    : typeof child?.exitCode === "number"
+      ? child.exitCode
+      : child?.error
+        ? 1
+        : 1;
+  return buildPackageAdapterResult(base, {
+    effectiveBehavior: decisionRecord?.decision === "let_wuz_limit" ? "limited" : "allowed",
+    executed: true,
+    exitCode,
+    stdoutPreview,
+    stderrPreview,
+    reason: exitCode === 0
+      ? (decisionRecord?.decision === "let_wuz_limit"
+        ? "Package action executed within the limited project scope."
+        : "Approved package action executed once.")
+      : "Package action executed but exited with a non-zero status.",
+  });
+}
+const PACKAGE_ACTION_ADAPTER = {
+  adapterId: PACKAGE_ACTION_ADAPTER_ID,
+  canEvaluate: true,
+  canEnforce: true,
+  supportedActionTypes: ["package.install", "package.run", "package.script"],
+  enforce(action, decisionRecord, limitPlan, options = {}) {
+    return enforcePackageAction(action, {
+      ...options,
+      decisionRecord,
+      limitPlan,
+    });
+  },
+};
+module.exports = {
+  PACKAGE_ACTION_ADAPTER_ID,
+  PACKAGE_ACTION_ADAPTER,
+  enforcePackageAction,
+};

package/scripts/lib/agent-security/package-action-rules.js ADDED Viewed

@@ -0,0 +1,233 @@
+"use strict";
+const {
+  isSensitiveWriteTarget,
+  isWorkflowWriteTarget,
+  normalizePath,
+} = require("./file-write-rules");
+function normalizeCommand(value) {
+  return String(value || "").trim();
+}
+function normalizePackageManager(explicitValue, command) {
+  const explicit = String(explicitValue || "").trim().toLowerCase();
+  if (["npm", "pnpm", "yarn", "bun"].includes(explicit)) return explicit;
+  const normalized = normalizeCommand(command).toLowerCase();
+  if (/^npm\b/.test(normalized)) return "npm";
+  if (/^pnpm\b/.test(normalized)) return "pnpm";
+  if (/^yarn\b/.test(normalized)) return "yarn";
+  if (/^bun\b/.test(normalized)) return "bun";
+  return "unknown";
+}
+function hasRemoteScriptExecution(command) {
+  return /\b(curl|wget)\b[^\n]*\|\s*(bash|sh|pwsh|powershell)\b|\b(invoke-webrequest|invoke-restmethod|downloadstring)\b/i.test(
+    normalizeCommand(command),
+  );
+}
+function hasDestructiveChaining(command) {
+  return /(?:&&|;|\|\|)\s*(?:rm\s+-rf\b|del\s+\/[qs]\b|remove-item\b)/i.test(normalizeCommand(command));
+}
+function hasGlobalInstall(command) {
+  const normalized = normalizeCommand(command).toLowerCase();
+  return /\bnpm\s+(?:install|i)\b[^\n]*\s-g\b|\bpnpm\s+add\b[^\n]*\s-g\b|\byarn\s+global\s+add\b|\bbun\s+add\b[^\n]*\s-g\b/i.test(normalized);
+}
+function hasUnsafeFlags(command) {
+  return /\s--force\b|\s--unsafe-perm\b|\s--ignore-scripts=false\b/i.test(normalizeCommand(command));
+}
+function hasInstallFromUrlOrPath(command) {
+  const normalized = normalizeCommand(command);
+  return /\b(?:https?:\/\/|git\+|github:|file:|ssh:\/\/|git@)[^\s]+/i.test(normalized) ||
+    /(?:^|\s)(?:\.\.?[\\/]|[A-Za-z]:[\\/]|\/)[^\s]+/i.test(normalized) ||
+    /\b[^\s]+\.tgz\b/i.test(normalized);
+}
+function inferScriptName(command, explicitValue) {
+  const explicit = String(explicitValue || "").trim();
+  if (explicit) return explicit;
+  const normalized = normalizeCommand(command);
+  const runMatch = normalized.match(/^(?:npm|pnpm)\s+run\s+([a-z0-9:_-]+)/i);
+  if (runMatch) return runMatch[1];
+  const yarnRunMatch = normalized.match(/^yarn\s+(?!add\b|install\b|global\b)([a-z0-9:_-]+)/i);
+  if (yarnRunMatch) return yarnRunMatch[1];
+  const bunRunMatch = normalized.match(/^bun\s+run\s+([a-z0-9:_-]+)/i);
+  if (bunRunMatch) return bunRunMatch[1];
+  const testMatch = normalized.match(/^(?:npm|pnpm|yarn|bun)\s+(test|lint|build)\b/i);
+  if (testMatch) return testMatch[1];
+  return "unknown";
+}
+function inferPackageName(command, explicitValue) {
+  const explicit = String(explicitValue || "").trim();
+  if (explicit) return explicit;
+  const normalized = normalizeCommand(command);
+  const installPatterns = [
+    /^(?:npm\s+(?:install|i)|pnpm\s+add|yarn\s+add|bun\s+add)\s+([^\s-][^\s]*)/i,
+  ];
+  for (const pattern of installPatterns) {
+    const match = normalized.match(pattern);
+    if (match) return match[1];
+  }
+  return "";
+}
+function hasLifecycleScriptRisk(actionType, scriptName, command) {
+  const normalizedScript = String(scriptName || "").toLowerCase();
+  if (["postinstall", "preinstall", "prepare"].includes(normalizedScript)) return true;
+  if (actionType === "package.script" && /\b(postinstall|preinstall|prepare)\b/i.test(normalizeCommand(command))) return true;
+  return false;
+}
+function isSafeTestOrLintCommand(command, scriptName) {
+  const normalized = normalizeCommand(command).toLowerCase();
+  if (!normalized || /[|;&><]/.test(normalized)) return false;
+  if (["test", "lint"].includes(String(scriptName || "").toLowerCase())) {
+    return /^(?:npm|pnpm|yarn|bun)\s+(?:run\s+)?(?:test|lint)\b/i.test(normalized);
+  }
+  return /^(?:npm|pnpm|yarn|bun)\s+(?:run\s+)?(?:test|lint)\b/i.test(normalized);
+}
+function isSpecificPackageInstall(command, packageManager, packageName) {
+  const normalized = normalizeCommand(command);
+  const normalizedPackage = String(packageName || "").trim();
+  if (!normalizedPackage) return false;
+  if (!["npm", "pnpm", "yarn", "bun"].includes(packageManager)) return false;
+  if (hasGlobalInstall(normalized) || hasInstallFromUrlOrPath(normalized)) return false;
+  if (/\s-[^\s]/.test(normalized.replace(/\s--ignore-scripts\b/ig, ""))) return false;
+  return /^(?:npm\s+(?:install|i)|pnpm\s+add|yarn\s+add|bun\s+add)\s+[^\s]+(?:\s+--ignore-scripts)?\s*$/i.test(normalized);
+}
+function commandHasIgnoreScripts(command) {
+  return /\s--ignore-scripts\b/i.test(normalizeCommand(command));
+}
+function classifyPackageAction(action = {}) {
+  const actionType = String(action?.actionType || "");
+  const command = normalizeCommand(action?.command || "");
+  const target = normalizePath(action?.target || "");
+  const packageManager = normalizePackageManager(action?.packageManager, command);
+  const scriptName = inferScriptName(command, action?.scriptName);
+  const packageName = inferPackageName(command, action?.packageName);
+  const remoteScript = hasRemoteScriptExecution(command);
+  const destructiveChain = hasDestructiveChaining(command);
+  const globalInstall = hasGlobalInstall(command);
+  const unsafeFlags = hasUnsafeFlags(command);
+  const installFromUrlOrPath = hasInstallFromUrlOrPath(command);
+  const lifecycleRisk = hasLifecycleScriptRisk(actionType, scriptName, command);
+  const safeTestOrLint = isSafeTestOrLintCommand(command, scriptName);
+  const specificPackageInstall = actionType === "package.install" && isSpecificPackageInstall(command, packageManager, packageName);
+  const ignoreScripts = commandHasIgnoreScripts(command);
+  const sensitiveTarget = isSensitiveWriteTarget(`${target}\n${command}`);
+  const workflowTarget = isWorkflowWriteTarget(`${target}\n${command}`);
+  const unknownManager = packageManager === "unknown";
+  const reasons = [];
+  let riskLevel = "medium";
+  let recommendedDecision = "limit";
+  let safeLimited = false;
+  if (remoteScript) {
+    reasons.push("Remote script execution was detected.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (destructiveChain) {
+    reasons.push("Destructive chained command behavior was detected.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (globalInstall) {
+    reasons.push("Global package installs are outside the current project scope.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (unsafeFlags) {
+    reasons.push("Unsafe package-manager flags were detected.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (installFromUrlOrPath) {
+    reasons.push("Install from URL, git source, tarball, or outside-project path was detected.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (lifecycleRisk) {
+    reasons.push("Lifecycle scripts like preinstall, postinstall, or prepare require explicit approval.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (sensitiveTarget) {
+    reasons.push("Sensitive files or credentials are involved.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (workflowTarget) {
+    reasons.push("Workflow modification through a package action requires explicit approval.");
+    riskLevel = "high";
+    recommendedDecision = "deny";
+  } else if (safeTestOrLint) {
+    reasons.push("Known local test or lint package command.");
+    riskLevel = "low";
+    recommendedDecision = "limit";
+    safeLimited = true;
+  } else if (specificPackageInstall) {
+    reasons.push(ignoreScripts
+      ? "Specific dependency install is scoped and scripts are disabled."
+      : "Specific dependency install is scoped but can still change package state.");
+    riskLevel = "medium";
+    recommendedDecision = "limit";
+    safeLimited = ignoreScripts === true;
+  } else if (actionType === "package.run" || actionType === "package.script") {
+    reasons.push("Package script execution can run local shell behavior.");
+    riskLevel = "medium";
+    recommendedDecision = "limit";
+  } else if (actionType === "package.install" || actionType === "package.lockfile.modify") {
+    reasons.push("Package install or lockfile changes can modify project dependencies.");
+    riskLevel = "medium";
+    recommendedDecision = "limit";
+  } else if (unknownManager) {
+    reasons.push("Unknown package manager command needs review.");
+    riskLevel = "medium";
+    recommendedDecision = "limit";
+  } else {
+    reasons.push("Package action needs review.");
+  }
+  return {
+    actionType,
+    command,
+    target,
+    packageManager,
+    scriptName,
+    packageName,
+    remoteScript,
+    destructiveChain,
+    globalInstall,
+    unsafeFlags,
+    installFromUrlOrPath,
+    lifecycleRisk,
+    safeTestOrLint,
+    specificPackageInstall,
+    ignoreScripts,
+    sensitiveTarget,
+    workflowTarget,
+    unknownManager,
+    safeLimited,
+    riskLevel,
+    recommendedDecision,
+    reasons,
+  };
+}
+module.exports = {
+  normalizePackageManager,
+  inferScriptName,
+  inferPackageName,
+  hasRemoteScriptExecution,
+  hasDestructiveChaining,
+  hasGlobalInstall,
+  hasUnsafeFlags,
+  hasInstallFromUrlOrPath,
+  hasLifecycleScriptRisk,
+  isSafeTestOrLintCommand,
+  isSpecificPackageInstall,
+  commandHasIgnoreScripts,
+  classifyPackageAction,
+};

package/scripts/lib/agent-security/performance.js ADDED Viewed

@@ -0,0 +1,148 @@
+"use strict";
+const { safeReadJson, safeWriteJson, nowIso } = require("../fsx");
+const PERFORMANCE_SUMMARY_REL_PATH = ".claude/cco/security/performance-summary.json";
+const PERFORMANCE_GUARDRAILS = {
+  statusSummaryTargetMs: 150,
+  dashboardSummaryTargetMs: 400,
+  productSummaryTargetMs: 100,
+  guardedActionEvaluationTargetMs: 75,
+  autoPolicyDecisionTargetMs: 50,
+  basicCheckTargetMs: 1500,
+  visibilityScanTargetMs: 4000,
+  scanMaxFiles: 300,
+  scanMaxFileBytes: 256000,
+  scanMaxTotalBytes: 1500000,
+  scanMaxDepth: 10,
+  scanMaxSourceBytesPerItem: 64000,
+  scanMaxDurationMs: 5000,
+};
+function targetForOperation(operation) {
+  switch (operation) {
+    case "agent_security_basic_check":
+      return PERFORMANCE_GUARDRAILS.basicCheckTargetMs;
+    case "agent_security_visibility_scan":
+      return PERFORMANCE_GUARDRAILS.visibilityScanTargetMs;
+    case "agent_security_guarded_action":
+    case "agent_security_preflight":
+      return PERFORMANCE_GUARDRAILS.guardedActionEvaluationTargetMs;
+    case "agent_security_auto_policy":
+      return PERFORMANCE_GUARDRAILS.autoPolicyDecisionTargetMs;
+    case "status_summary":
+      return PERFORMANCE_GUARDRAILS.statusSummaryTargetMs;
+    case "dashboard_summary":
+      return PERFORMANCE_GUARDRAILS.dashboardSummaryTargetMs;
+    default:
+      return PERFORMANCE_GUARDRAILS.productSummaryTargetMs;
+  }
+}
+function createPerformanceTracker(operation, extras = {}) {
+  const startedAt = Date.now();
+  const tracker = {
+    operation,
+    startedAt,
+    filesScanned: 0,
+    bytesScanned: 0,
+    cacheHits: 0,
+    cacheMisses: 0,
+    skippedLargeFiles: 0,
+    ignoredDirectories: new Set(),
+    ignoredDirectoryCount: 0,
+    slowSteps: [],
+    timeoutHit: false,
+    maxFilesHit: false,
+    maxBytesHit: false,
+    maxDepthHit: false,
+    ...extras,
+  };
+  tracker.noteFile = (bytes = 0) => {
+    tracker.filesScanned += 1;
+    tracker.bytesScanned += Math.max(0, Number(bytes || 0));
+  };
+  tracker.noteCacheHit = () => { tracker.cacheHits += 1; };
+  tracker.noteCacheMiss = () => { tracker.cacheMisses += 1; };
+  tracker.noteSkippedLargeFile = () => { tracker.skippedLargeFiles += 1; };
+  tracker.noteIgnoredDirectory = (name) => {
+    if (name) tracker.ignoredDirectories.add(String(name));
+    tracker.ignoredDirectoryCount += 1;
+  };
+  tracker.noteSlowStep = (step, durationMs) => {
+    tracker.slowSteps.push({ step, durationMs: Math.max(0, Number(durationMs || 0)) });
+  };
+  tracker.finish = (more = {}) => {
+    const durationMs = Date.now() - startedAt;
+    const targetMs = targetForOperation(operation);
+    return {
+      operation,
+      durationMs,
+      filesScanned: tracker.filesScanned,
+      bytesScanned: tracker.bytesScanned,
+      cacheHits: tracker.cacheHits,
+      cacheMisses: tracker.cacheMisses,
+      skippedLargeFiles: tracker.skippedLargeFiles,
+      ignoredDirectories: Array.from(tracker.ignoredDirectories).sort(),
+      ignoredDirectoryCount: tracker.ignoredDirectoryCount,
+      timeoutHit: tracker.timeoutHit === true,
+      maxFilesHit: tracker.maxFilesHit === true,
+      maxBytesHit: tracker.maxBytesHit === true,
+      maxDepthHit: tracker.maxDepthHit === true,
+      slow: durationMs > targetMs,
+      targetMs,
+      slowSteps: tracker.slowSteps.slice(0, 8),
+      generatedAt: nowIso(),
+      ...more,
+    };
+  };
+  return tracker;
+}
+function loadPerformanceSummary(cwd) {
+  return safeReadJson(cwd, PERFORMANCE_SUMMARY_REL_PATH, {
+    generatedAt: null,
+    operations: [],
+  });
+}
+function recordPerformanceSummary(cwd, operationEntry) {
+  const current = loadPerformanceSummary(cwd);
+  const operations = [...(Array.isArray(current.operations) ? current.operations : []), operationEntry].slice(-50);
+  const next = {
+    generatedAt: nowIso(),
+    operations,
+  };
+  safeWriteJson(cwd, PERFORMANCE_SUMMARY_REL_PATH, next);
+  return next;
+}
+function latestOperationForKind(cwd, predicate) {
+  const summary = loadPerformanceSummary(cwd);
+  const operations = Array.isArray(summary.operations) ? summary.operations : [];
+  for (let index = operations.length - 1; index >= 0; index -= 1) {
+    if (predicate(operations[index])) return operations[index];
+  }
+  return null;
+}
+function buildCompactPerformanceSummary(cwd, operationNames) {
+  const names = new Set(Array.isArray(operationNames) ? operationNames : [operationNames]);
+  const latest = latestOperationForKind(cwd, (entry) => names.has(entry.operation));
+  if (!latest) return { lastOperationMs: null, slow: false };
+  return {
+    lastOperationMs: Number(latest.durationMs || 0),
+    slow: latest.slow === true,
+  };
+}
+module.exports = {
+  PERFORMANCE_SUMMARY_REL_PATH,
+  PERFORMANCE_GUARDRAILS,
+  createPerformanceTracker,
+  loadPerformanceSummary,
+  recordPerformanceSummary,
+  latestOperationForKind,
+  buildCompactPerformanceSummary,
+};