bashbros 0.1.0

package/dist/index.d.ts

@@ -0,0 +1,1498 @@
+import { EventEmitter } from 'events';
+
+interface BashBrosConfig {
+    agent: AgentType;
+    profile: SecurityProfile;
+    commands: CommandPolicy;
+    paths: PathPolicy;
+    secrets: SecretsPolicy;
+    audit: AuditPolicy;
+    rateLimit: RateLimitPolicy;
+    riskScoring: RiskScoringPolicy;
+    loopDetection: LoopDetectionPolicy;
+    anomalyDetection: AnomalyDetectionPolicy;
+    outputScanning: OutputScanningPolicy;
+    undo: UndoPolicy;
+    ward: WardPolicy;
+    dashboard: DashboardPolicy;
+}
+type AgentType = 'claude-code' | 'clawdbot' | 'moltbot' | 'gemini-cli' | 'aider' | 'opencode' | 'custom';
+interface MoltbotGatewayInfo {
+    port: number;
+    host: string;
+    sandboxMode: boolean;
+    authToken?: boolean;
+}
+interface MoltbotSessionContext {
+    inMoltbotSession: boolean;
+    sessionId?: string;
+    agentName?: string;
+    sandboxMode: boolean;
+    customConfigPath?: string;
+}
+interface MoltbotSecurityAuditResult {
+    passed: boolean;
+    findings: MoltbotSecurityFinding[];
+    timestamp: Date;
+}
+interface MoltbotSecurityFinding {
+    severity: 'info' | 'warning' | 'critical';
+    category: string;
+    message: string;
+    recommendation?: string;
+}
+type SecurityProfile = 'balanced' | 'strict' | 'permissive' | 'custom';
+interface CommandPolicy {
+    allow: string[];
+    block: string[];
+}
+interface PathPolicy {
+    allow: string[];
+    block: string[];
+}
+interface SecretsPolicy {
+    enabled: boolean;
+    mode: 'block' | 'audit';
+    patterns: string[];
+}
+interface AuditPolicy {
+    enabled: boolean;
+    destination: 'local' | 'remote' | 'both';
+    remotePath?: string;
+}
+interface RateLimitPolicy {
+    enabled: boolean;
+    maxPerMinute: number;
+    maxPerHour: number;
+}
+interface RiskScoringPolicy {
+    enabled: boolean;
+    blockThreshold: number;
+    warnThreshold: number;
+    customPatterns: RiskPattern[];
+}
+interface RiskPattern {
+    pattern: string;
+    score: number;
+    factor: string;
+}
+interface LoopDetectionPolicy {
+    enabled: boolean;
+    maxRepeats: number;
+    maxTurns: number;
+    similarityThreshold: number;
+    cooldownMs: number;
+    windowSize: number;
+    action: 'warn' | 'block';
+}
+interface AnomalyDetectionPolicy {
+    enabled: boolean;
+    workingHours: [number, number];
+    typicalCommandsPerMinute: number;
+    learningCommands: number;
+    suspiciousPatterns: string[];
+    action: 'warn' | 'block';
+}
+interface OutputScanningPolicy {
+    enabled: boolean;
+    scanForSecrets: boolean;
+    scanForErrors: boolean;
+    maxOutputLength: number;
+    redactPatterns: string[];
+}
+interface UndoPolicy {
+    enabled: boolean;
+    maxStackSize: number;
+    maxFileSize: number;
+    ttlMinutes: number;
+    backupPath: string;
+}
+interface CommandResult {
+    command: string;
+    allowed: boolean;
+    output?: string;
+    error?: string;
+    exitCode?: number;
+    duration: number;
+    violations: PolicyViolation[];
+}
+interface PolicyViolation {
+    type: 'command' | 'path' | 'secrets' | 'rate_limit';
+    rule: string;
+    message: string;
+}
+interface AuditEntry {
+    timestamp: Date;
+    command: string;
+    allowed: boolean;
+    violations: PolicyViolation[];
+    exitCode?: number;
+    duration: number;
+    agent: AgentType;
+}
+interface WardPolicy {
+    enabled: boolean;
+    exposure: {
+        scanInterval: number;
+        externalProbe: boolean;
+        severityActions: {
+            low: 'alert' | 'block' | 'block_and_kill';
+            medium: 'alert' | 'block' | 'block_and_kill';
+            high: 'alert' | 'block' | 'block_and_kill';
+            critical: 'alert' | 'block' | 'block_and_kill';
+        };
+    };
+    connectors: {
+        proxyAllMcp: boolean;
+        telemetryRetention: string;
+    };
+    egress: {
+        defaultAction: 'block' | 'alert' | 'log';
+        patternsFile?: string;
+    };
+}
+interface DashboardPolicy {
+    enabled: boolean;
+    port: number;
+    bind: string;
+}
+
+declare class BashBros extends EventEmitter {
+    private config;
+    private policy;
+    private audit;
+    private ptyProcess;
+    private shell;
+    private pendingCommand;
+    private commandStartTime;
+    constructor(configPath?: string);
+    start(): void;
+    execute(command: string): CommandResult;
+    validateOnly(command: string): PolicyViolation[];
+    isAllowed(command: string): boolean;
+    resize(cols: number, rows: number): void;
+    write(data: string): void;
+    stop(): void;
+    getConfig(): BashBrosConfig;
+}
+
+declare class PolicyEngine {
+    private config;
+    private commandFilter;
+    private pathSandbox;
+    private secretsGuard;
+    private rateLimiter;
+    constructor(config: BashBrosConfig);
+    validate(command: string): PolicyViolation[];
+    private extractPaths;
+    isAllowed(command: string): boolean;
+}
+
+declare function loadConfig(path?: string): BashBrosConfig;
+
+declare class AuditLogger {
+    private policy;
+    private logPath;
+    private lockPath;
+    constructor(policy: AuditPolicy);
+    log(entry: AuditEntry): void;
+    private formatEntry;
+    /**
+     * SECURITY FIX: Write with file locking and rotation
+     */
+    private writeLocal;
+    /**
+     * Simple file-based locking
+     */
+    private acquireLock;
+    private releaseLock;
+    private sleep;
+    /**
+     * Rotate log if it exceeds max size
+     */
+    private rotateIfNeeded;
+    /**
+     * SECURITY FIX: Secure remote transmission with HTTPS enforcement
+     */
+    private sendRemote;
+    getLogPath(): string;
+}
+
+/**
+ * Add a command to the session allowlist
+ */
+declare function allowForSession(command: string): void;
+/**
+ * Check if a command is allowed for this session
+ */
+declare function isAllowedForSession(command: string): boolean;
+/**
+ * Get all commands allowed for this session
+ */
+declare function getSessionAllowlist(): string[];
+/**
+ * Clear the session allowlist
+ */
+declare function clearSessionAllowlist(): void;
+
+interface SystemProfile {
+    platform: string;
+    arch: string;
+    shell: string;
+    cpuCores: number;
+    memoryGB: number;
+    python: VersionInfo | null;
+    node: VersionInfo | null;
+    rust: VersionInfo | null;
+    go: VersionInfo | null;
+    java: VersionInfo | null;
+    ruby: VersionInfo | null;
+    npm: VersionInfo | null;
+    pnpm: VersionInfo | null;
+    yarn: VersionInfo | null;
+    pip: VersionInfo | null;
+    cargo: VersionInfo | null;
+    brew: VersionInfo | null;
+    git: VersionInfo | null;
+    docker: VersionInfo | null;
+    kubectl: VersionInfo | null;
+    aws: VersionInfo | null;
+    gcloud: VersionInfo | null;
+    claude: boolean;
+    clawdbot: boolean;
+    aider: boolean;
+    ollama: OllamaInfo | null;
+    projectType: string | null;
+    projectDeps: string[];
+    envVars: string[];
+    commonCommands: CommandPattern[];
+    workingHours: string | null;
+    preferredEditor: string | null;
+    timestamp: Date;
+}
+interface VersionInfo {
+    version: string;
+    path: string;
+}
+interface OllamaInfo {
+    version: string;
+    models: string[];
+}
+interface CommandPattern {
+    command: string;
+    frequency: number;
+    lastUsed: Date;
+}
+declare class SystemProfiler {
+    private profile;
+    private profilePath;
+    constructor();
+    scan(): Promise<SystemProfile>;
+    scanProject(projectPath: string): Partial<SystemProfile>;
+    private detectShell;
+    /**
+     * SECURITY FIX: Use execFileSync with array args instead of string concatenation
+     */
+    private getVersionSafe;
+    private parseVersion;
+    /**
+     * SECURITY FIX: Use execFileSync for which/where command
+     */
+    private getCommandPathSafe;
+    private commandExists;
+    private getOllamaInfo;
+    private getEnvVarNames;
+    private detectEditor;
+    private detectProjectType;
+    private detectDependencies;
+    load(): SystemProfile | null;
+    private save;
+    get(): SystemProfile | null;
+    toContext(): string;
+}
+
+type RouteDecision = 'bro' | 'main' | 'both';
+interface RoutingResult {
+    decision: RouteDecision;
+    reason: string;
+    confidence: number;
+}
+declare class TaskRouter {
+    private rules;
+    private profile;
+    constructor(profile?: SystemProfile | null);
+    private buildDefaultRules;
+    route(command: string): RoutingResult;
+    private looksSimple;
+    addRule(pattern: RegExp, route: RouteDecision, reason: string): void;
+    updateProfile(profile: SystemProfile): void;
+}
+
+interface Suggestion {
+    command: string;
+    description: string;
+    confidence: number;
+    source: 'pattern' | 'history' | 'context' | 'model';
+}
+declare class CommandSuggester {
+    private history;
+    private profile;
+    private patterns;
+    constructor(profile?: SystemProfile | null);
+    private initPatterns;
+    suggest(context: SuggestionContext): Suggestion[];
+    private suggestFromPatterns;
+    private suggestFromHistory;
+    private suggestFromContext;
+    private dedupeAndRank;
+    recordCommand(entry: AuditEntry): void;
+    updateProfile(profile: SystemProfile): void;
+}
+interface SuggestionContext {
+    lastCommand?: string;
+    lastOutput?: string;
+    lastError?: string;
+    cwd?: string;
+    projectType?: string;
+    files?: string[];
+}
+
+interface BackgroundTask {
+    id: string;
+    command: string;
+    status: 'running' | 'completed' | 'failed' | 'cancelled';
+    startTime: Date;
+    endTime?: Date;
+    output: string[];
+    exitCode?: number;
+}
+declare class BackgroundWorker extends EventEmitter {
+    private tasks;
+    private processes;
+    private taskIdCounter;
+    spawn(command: string, cwd?: string): BackgroundTask;
+    cancel(taskId: string): boolean;
+    getTask(taskId: string): BackgroundTask | undefined;
+    getRunningTasks(): BackgroundTask[];
+    getAllTasks(): BackgroundTask[];
+    getRecentTasks(limit?: number): BackgroundTask[];
+    private cleanupOldTasks;
+    private notifyCompletion;
+    formatStatus(): string;
+}
+
+interface BroConfig {
+    modelEndpoint?: string;
+    modelName?: string;
+    enableSuggestions?: boolean;
+    enableRouting?: boolean;
+    enableBackground?: boolean;
+    enableOllama?: boolean;
+    enableBashgymIntegration?: boolean;
+}
+declare class BashBro extends EventEmitter {
+    private profiler;
+    private router;
+    private suggester;
+    private worker;
+    private ollama;
+    private profile;
+    private config;
+    private ollamaAvailable;
+    private bashgymModelVersion;
+    constructor(config?: BroConfig);
+    /**
+     * Initialize bashgym integration for model hot-swap
+     */
+    private initBashgymIntegration;
+    /**
+     * Handle model update from bashgym (hot-swap)
+     */
+    private handleModelUpdate;
+    initialize(): Promise<void>;
+    private isProfileStale;
+    scanProject(projectPath: string): void;
+    route(command: string): RoutingResult;
+    suggest(context: SuggestionContext): Suggestion[];
+    /**
+     * SECURITY FIX: Safe command execution with validation
+     */
+    execute(command: string): Promise<string>;
+    runBackground(command: string, cwd?: string): BackgroundTask;
+    cancelBackground(taskId: string): boolean;
+    getBackgroundTasks(): BackgroundTask[];
+    getSystemContext(): string;
+    getProfile(): SystemProfile | null;
+    /**
+     * Check if Ollama is available for AI features
+     */
+    isOllamaAvailable(): boolean;
+    /**
+     * Ask Bash Bro (via Ollama) to suggest the next command
+     */
+    aiSuggest(context: string): Promise<string | null>;
+    /**
+     * Ask Bash Bro to explain a command
+     */
+    aiExplain(command: string): Promise<string>;
+    /**
+     * Ask Bash Bro to fix a failed command
+     */
+    aiFix(command: string, error: string): Promise<string | null>;
+    /**
+     * Set the Ollama model to use
+     */
+    setModel(model: string): void;
+    /**
+     * Generate a shell script from natural language description
+     */
+    aiGenerateScript(description: string): Promise<string | null>;
+    /**
+     * Analyze command for security risks using AI
+     */
+    aiAnalyzeSafety(command: string): Promise<{
+        safe: boolean;
+        risk: 'low' | 'medium' | 'high' | 'critical';
+        explanation: string;
+        suggestions: string[];
+    }>;
+    /**
+     * Summarize a terminal session
+     */
+    aiSummarize(commands: {
+        command: string;
+        output?: string;
+        error?: string;
+    }[]): Promise<string>;
+    /**
+     * Get AI help for a topic or command
+     */
+    aiHelp(topic: string): Promise<string>;
+    /**
+     * Convert natural language to command
+     */
+    aiToCommand(description: string): Promise<string | null>;
+    /**
+     * Get bashgym sidekick model version (if using)
+     */
+    getBashgymModelVersion(): string | null;
+    /**
+     * Check if using bashgym-trained sidekick model
+     */
+    isUsingBashgymModel(): boolean;
+    /**
+     * Force refresh the bashgym model (check for updates)
+     */
+    refreshBashgymModel(): boolean;
+    status(): string;
+}
+
+/**
+ * Simple Ollama client for local model inference.
+ * Keeps it minimal - just what we need for Bash Bro.
+ */
+interface OllamaConfig {
+    host: string;
+    model: string;
+    timeout: number;
+}
+interface ChatMessage {
+    role: 'system' | 'user' | 'assistant';
+    content: string;
+}
+declare class OllamaClient {
+    private config;
+    constructor(config?: Partial<OllamaConfig>);
+    /**
+     * Check if Ollama is running and accessible
+     */
+    isAvailable(): Promise<boolean>;
+    /**
+     * List available models
+     */
+    listModels(): Promise<string[]>;
+    /**
+     * Generate a response from the model
+     */
+    generate(prompt: string, systemPrompt?: string): Promise<string>;
+    /**
+     * Chat with the model (multi-turn conversation)
+     */
+    chat(messages: ChatMessage[]): Promise<string>;
+    /**
+     * Ask Bash Bro to suggest a command
+     */
+    suggestCommand(context: string): Promise<string | null>;
+    /**
+     * Ask Bash Bro to explain a command
+     */
+    explainCommand(command: string): Promise<string>;
+    /**
+     * Ask Bash Bro to fix a command that failed
+     */
+    fixCommand(command: string, error: string): Promise<string | null>;
+    setModel(model: string): void;
+    getModel(): string;
+    /**
+     * Generate a shell script from a natural language description
+     */
+    generateScript(description: string, shell?: string): Promise<string | null>;
+    /**
+     * Analyze command safety and provide recommendations
+     */
+    analyzeCommandSafety(command: string): Promise<{
+        safe: boolean;
+        risk: 'low' | 'medium' | 'high' | 'critical';
+        explanation: string;
+        suggestions: string[];
+    }>;
+    /**
+     * Summarize a series of commands and their outputs
+     */
+    summarizeSession(commands: {
+        command: string;
+        output?: string;
+        error?: string;
+    }[]): Promise<string>;
+    /**
+     * Get help for a specific tool or command
+     */
+    getHelp(topic: string): Promise<string>;
+    /**
+     * Convert natural language to a command
+     */
+    naturalToCommand(description: string): Promise<string | null>;
+}
+
+/**
+ * Command Risk Scoring
+ * Scores commands 1-10 based on potential danger
+ */
+interface RiskScore {
+    score: number;
+    level: 'safe' | 'caution' | 'dangerous' | 'critical';
+    factors: string[];
+}
+declare class RiskScorer {
+    private customPatterns;
+    /**
+     * Score a command's risk level
+     */
+    score(command: string): RiskScore;
+    private applyHeuristics;
+    private scoreToLevel;
+    /**
+     * Add custom risk patterns
+     */
+    addPattern(pattern: RegExp, score: number, factor: string): void;
+    /**
+     * Check if command should be blocked based on score threshold
+     */
+    shouldBlock(command: string, threshold?: number): boolean;
+    /**
+     * Get color for terminal display
+     */
+    static levelColor(level: RiskScore['level']): string;
+}
+
+/**
+ * Loop Detection
+ * Detects when agents get stuck in repetitive patterns
+ */
+interface LoopConfig {
+    maxRepeats: number;
+    maxTurns: number;
+    similarityThreshold: number;
+    cooldownMs: number;
+    windowSize: number;
+}
+interface LoopAlert {
+    type: 'exact_repeat' | 'semantic_repeat' | 'tool_hammering' | 'max_turns';
+    command: string;
+    count: number;
+    message: string;
+}
+declare class LoopDetector {
+    private config;
+    private history;
+    private turnCount;
+    constructor(config?: Partial<LoopConfig>);
+    /**
+     * Record a command and check for loops
+     */
+    check(command: string): LoopAlert | null;
+    /**
+     * Normalize command for comparison
+     */
+    private normalize;
+    /**
+     * Calculate similarity between two strings (Jaccard index on words)
+     */
+    private similarity;
+    /**
+     * Get current turn count
+     */
+    getTurnCount(): number;
+    /**
+     * Get command frequency map
+     */
+    getFrequencyMap(): Map<string, number>;
+    /**
+     * Reset detector state
+     */
+    reset(): void;
+    /**
+     * Get stats for reporting
+     */
+    getStats(): {
+        turnCount: number;
+        uniqueCommands: number;
+        topCommands: [string, number][];
+    };
+}
+
+/**
+ * Anomaly Detection
+ * Flag unusual patterns without ML
+ */
+interface AnomalyConfig {
+    workingHours?: [number, number];
+    typicalCommandsPerMinute?: number;
+    knownPaths?: string[];
+    suspiciousPatterns?: RegExp[];
+    enabled?: boolean;
+}
+interface Anomaly {
+    type: 'timing' | 'frequency' | 'path' | 'pattern' | 'behavior';
+    severity: 'info' | 'warning' | 'alert';
+    message: string;
+    details: Record<string, unknown>;
+}
+declare class AnomalyDetector {
+    private config;
+    private commands;
+    private baselinePaths;
+    private baselineCommands;
+    private learningMode;
+    private learningCount;
+    private readonly LEARNING_THRESHOLD;
+    constructor(config?: AnomalyConfig);
+    /**
+     * Check a command for anomalies
+     */
+    check(command: string, cwd?: string): Anomaly[];
+    /**
+     * Learn from command (build baseline)
+     */
+    private learn;
+    /**
+     * Check for timing anomalies
+     */
+    private checkTiming;
+    /**
+     * Check for frequency anomalies
+     */
+    private checkFrequency;
+    /**
+     * Check for unusual path access
+     */
+    private checkPath;
+    /**
+     * Check for suspicious patterns
+     */
+    private checkPatterns;
+    /**
+     * Check for behavioral anomalies
+     */
+    private checkBehavior;
+    /**
+     * Get anomaly stats
+     */
+    getStats(): {
+        learningMode: boolean;
+        learningProgress: number;
+        baselineCommands: number;
+        baselinePaths: number;
+        recentCommandRate: number;
+    };
+    /**
+     * Force end learning mode
+     */
+    endLearning(): void;
+    /**
+     * Reset and restart learning
+     */
+    reset(): void;
+}
+
+declare class CommandFilter {
+    private policy;
+    private allowPatterns;
+    private blockPatterns;
+    constructor(policy: CommandPolicy);
+    check(command: string): PolicyViolation | null;
+    private globToRegex;
+}
+
+declare class PathSandbox {
+    private policy;
+    private allowedPaths;
+    private blockedPaths;
+    constructor(policy: PathPolicy);
+    check(path: string): PolicyViolation | null;
+    /**
+     * SECURITY FIX: Resolve symlinks to detect escape attempts
+     */
+    private resolvePath;
+    private normalizePath;
+    /**
+     * Check if a path would escape the sandbox via symlink
+     */
+    isSymlinkEscape(path: string): boolean;
+}
+
+declare class SecretsGuard {
+    private policy;
+    private patterns;
+    constructor(policy: SecretsPolicy);
+    check(command: string, paths: string[]): PolicyViolation | null;
+    /**
+     * SECURITY FIX: Detect base64/hex encoded secret access
+     */
+    private containsEncodedSecretAccess;
+    private isSecretPath;
+    private globToRegex;
+}
+
+declare class RateLimiter {
+    private policy;
+    private minuteWindow;
+    private hourWindow;
+    constructor(policy: RateLimitPolicy);
+    check(): PolicyViolation | null;
+    record(): void;
+    private cleanup;
+    getStats(): {
+        minute: number;
+        hour: number;
+    };
+}
+
+/**
+ * Output Scanner
+ * Scan command output for leaked secrets and sensitive data
+ */
+
+interface ScanResult {
+    hasSecrets: boolean;
+    hasErrors: boolean;
+    redactedOutput: string;
+    findings: Finding[];
+}
+interface Finding {
+    type: 'secret' | 'error' | 'sensitive';
+    pattern: string;
+    message: string;
+    line?: number;
+}
+declare class OutputScanner {
+    private secretPatterns;
+    private redactPatterns;
+    private policy;
+    constructor(policy: OutputScanningPolicy);
+    /**
+     * Scan output for secrets and sensitive data
+     */
+    scan(output: string): ScanResult;
+    /**
+     * Scan for secrets in output
+     */
+    private scanForSecrets;
+    /**
+     * Scan for error patterns in output
+     */
+    private scanForErrors;
+    /**
+     * Redact sensitive data from output
+     */
+    redact(output: string): string;
+    /**
+     * Check if output contains any secrets
+     */
+    hasSecrets(output: string): boolean;
+    /**
+     * Get summary of findings
+     */
+    static summarize(findings: Finding[]): string;
+}
+
+/**
+ * Session Metrics
+ * Track what the agent is doing for observability
+ */
+
+interface CommandMetric {
+    command: string;
+    timestamp: Date;
+    duration: number;
+    allowed: boolean;
+    riskScore: RiskScore;
+    violations: PolicyViolation[];
+    exitCode?: number;
+}
+interface SessionMetrics {
+    sessionId: string;
+    startTime: Date;
+    endTime?: Date;
+    duration: number;
+    commandCount: number;
+    blockedCount: number;
+    uniqueCommands: number;
+    topCommands: [string, number][];
+    riskDistribution: {
+        safe: number;
+        caution: number;
+        dangerous: number;
+        critical: number;
+    };
+    avgRiskScore: number;
+    avgExecutionTime: number;
+    totalExecutionTime: number;
+    filesModified: string[];
+    pathsAccessed: string[];
+    violationsByType: Record<string, number>;
+}
+declare class MetricsCollector {
+    private sessionId;
+    private startTime;
+    private commands;
+    private filesModified;
+    private pathsAccessed;
+    constructor();
+    private generateSessionId;
+    /**
+     * Record a command execution
+     */
+    record(metric: CommandMetric): void;
+    /**
+     * Get current session metrics
+     */
+    getMetrics(): SessionMetrics;
+    /**
+     * Extract paths from a command
+     */
+    private extractPaths;
+    /**
+     * Check if command modifies files
+     */
+    private isWriteCommand;
+    /**
+     * Get recent commands
+     */
+    getRecentCommands(n?: number): CommandMetric[];
+    /**
+     * Get blocked commands
+     */
+    getBlockedCommands(): CommandMetric[];
+    /**
+     * Get high-risk commands
+     */
+    getHighRiskCommands(threshold?: number): CommandMetric[];
+    /**
+     * Format duration for display
+     */
+    static formatDuration(ms: number): string;
+    /**
+     * Reset collector
+     */
+    reset(): void;
+}
+
+/**
+ * Cost Estimation
+ * Estimate API costs based on session complexity
+ */
+interface CostEstimate {
+    estimatedTokens: number;
+    estimatedCost: number;
+    breakdown: {
+        inputTokens: number;
+        outputTokens: number;
+        toolCalls: number;
+        contextTokens: number;
+    };
+    model: string;
+    confidence: 'low' | 'medium' | 'high';
+}
+interface ModelPricing {
+    inputPer1k: number;
+    outputPer1k: number;
+}
+declare class CostEstimator {
+    private model;
+    private pricing;
+    private totalInputTokens;
+    private totalOutputTokens;
+    private toolCallCount;
+    constructor(model?: string);
+    /**
+     * Estimate tokens from text
+     */
+    estimateTokens(text: string): number;
+    /**
+     * Record a tool call with input and output
+     */
+    recordToolCall(input: string, output?: string): void;
+    /**
+     * Get current cost estimate
+     */
+    getEstimate(): CostEstimate;
+    /**
+     * Format cost for display
+     */
+    static formatCost(cost: number): string;
+    /**
+     * Get cost projection for N more commands
+     */
+    projectCost(additionalCommands: number): CostEstimate;
+    /**
+     * Set model for pricing
+     */
+    setModel(model: string): void;
+    /**
+     * Reset counters
+     */
+    reset(): void;
+    /**
+     * Add custom model pricing
+     */
+    static addModelPricing(model: string, pricing: ModelPricing): void;
+}
+
+/**
+ * Session Reports
+ * Generate human-readable reports of agent activity
+ */
+
+interface ReportOptions {
+    showCommands?: boolean;
+    showBlocked?: boolean;
+    showRisk?: boolean;
+    showPaths?: boolean;
+    showCost?: boolean;
+    format?: 'text' | 'json' | 'markdown';
+}
+declare class ReportGenerator {
+    /**
+     * Generate a session report
+     */
+    static generate(metrics: SessionMetrics, cost?: CostEstimate, options?: ReportOptions): string;
+    /**
+     * Generate text report
+     */
+    private static generateText;
+    /**
+     * Generate markdown report
+     */
+    private static generateMarkdown;
+    /**
+     * Generate JSON report
+     */
+    private static generateJSON;
+    /**
+     * Generate a simple progress bar
+     */
+    private static progressBar;
+    /**
+     * Format duration
+     */
+    private static formatDuration;
+    /**
+     * Format cost
+     */
+    private static formatCost;
+    /**
+     * Generate a one-line summary
+     */
+    static oneLine(metrics: SessionMetrics): string;
+}
+
+/**
+ * Claude Code Hook Integration
+ * Seamlessly integrate BashBros with Claude Code
+ */
+interface ClaudeSettings {
+    hooks?: {
+        PreToolUse?: HookConfig[];
+        PostToolUse?: HookConfig[];
+        SessionEnd?: HookConfig[];
+    };
+    [key: string]: unknown;
+}
+interface HookConfig {
+    matcher?: string;
+    hooks: {
+        type: string;
+        command: string;
+    }[];
+}
+declare class ClaudeCodeHooks {
+    /**
+     * Check if Claude Code is installed
+     */
+    static isClaudeInstalled(): boolean;
+    /**
+     * Load current Claude settings
+     */
+    static loadSettings(): ClaudeSettings;
+    /**
+     * Save Claude settings
+     */
+    static saveSettings(settings: ClaudeSettings): void;
+    /**
+     * Install BashBros hooks into Claude Code
+     */
+    static install(): {
+        success: boolean;
+        message: string;
+    };
+    /**
+     * Uninstall BashBros hooks from Claude Code
+     */
+    static uninstall(): {
+        success: boolean;
+        message: string;
+    };
+    /**
+     * Check if BashBros hooks are installed
+     */
+    static isInstalled(settings?: ClaudeSettings): boolean;
+    /**
+     * Get hook status
+     */
+    static getStatus(): {
+        claudeInstalled: boolean;
+        hooksInstalled: boolean;
+        hooks: string[];
+    };
+}
+/**
+ * Gate command - called by PreToolUse hook
+ * Returns exit code 0 to allow, non-zero to block
+ */
+declare function gateCommand(command: string): Promise<{
+    allowed: boolean;
+    reason?: string;
+    riskScore?: number;
+}>;
+
+/**
+ * Moltbot Hook Integration
+ * Seamlessly integrate BashBros with Moltbot (formerly clawd.bot)
+ */
+
+interface MoltbotSettings {
+    hooks?: {
+        preBash?: MoltbotHookEntry[];
+        postBash?: MoltbotHookEntry[];
+        sessionEnd?: MoltbotHookEntry[];
+    };
+    gateway?: {
+        port?: number;
+        host?: string;
+        auth?: unknown;
+    };
+    agents?: {
+        defaults?: {
+            sandbox?: {
+                mode?: string;
+            };
+        };
+    };
+    [key: string]: unknown;
+}
+interface MoltbotHookEntry {
+    command: string;
+    [key: string]: unknown;
+}
+interface MoltbotStatus {
+    moltbotInstalled: boolean;
+    clawdbotInstalled: boolean;
+    hooksInstalled: boolean;
+    hooks: string[];
+    configPath: string | null;
+    gatewayRunning: boolean;
+    sandboxMode: string | null;
+}
+interface MoltbotGatewayStatus {
+    running: boolean;
+    port: number;
+    host: string;
+    sandboxMode: boolean;
+    error?: string;
+}
+declare class MoltbotHooks {
+    /**
+     * Check if moltbot command is installed
+     */
+    static isMoltbotInstalled(): boolean;
+    /**
+     * Check if clawdbot command is installed (legacy)
+     */
+    static isClawdbotInstalled(): boolean;
+    /**
+     * Find the config file path
+     */
+    static findConfigPath(): string | null;
+    /**
+     * Get the config directory (creating if needed)
+     */
+    static getConfigDir(): string;
+    /**
+     * Load current moltbot settings
+     */
+    static loadSettings(): MoltbotSettings;
+    /**
+     * Save moltbot settings
+     */
+    static saveSettings(settings: MoltbotSettings): void;
+    /**
+     * Install BashBros hooks into moltbot
+     */
+    static install(): {
+        success: boolean;
+        message: string;
+    };
+    /**
+     * Uninstall BashBros hooks from moltbot
+     */
+    static uninstall(): {
+        success: boolean;
+        message: string;
+    };
+    /**
+     * Check if BashBros hooks are installed
+     */
+    static isInstalled(settings?: MoltbotSettings): boolean;
+    /**
+     * Check if moltbot gateway is running
+     */
+    static isGatewayRunning(): Promise<boolean>;
+    /**
+     * Get gateway status
+     */
+    static getGatewayStatus(): Promise<MoltbotGatewayStatus>;
+    /**
+     * Get gateway info (for type system)
+     */
+    static getGatewayInfo(): Promise<MoltbotGatewayInfo | null>;
+    /**
+     * Run security audit using moltbot CLI
+     */
+    static runSecurityAudit(): Promise<MoltbotSecurityAuditResult>;
+    /**
+     * Run basic security checks when moltbot audit is not available
+     */
+    private static runBasicSecurityChecks;
+    /**
+     * Get comprehensive hook status
+     */
+    static getStatus(): MoltbotStatus;
+}
+declare function getMoltbotHooks(): typeof MoltbotHooks;
+
+/**
+ * Moltbot Runtime Session Detection
+ * Detects when running inside a moltbot session via environment variables
+ */
+
+/**
+ * Detect if we're running inside a moltbot session
+ * Checks environment variables set by moltbot when spawning commands
+ */
+declare function detectMoltbotSession(): MoltbotSessionContext;
+/**
+ * Check if we're in a moltbot session (simple boolean check)
+ */
+declare function isInMoltbotSession(): boolean;
+/**
+ * Get the moltbot session ID if running in a session
+ */
+declare function getMoltbotSessionId(): string | undefined;
+/**
+ * Get the moltbot agent name if running in a session
+ */
+declare function getMoltbotAgentName(): string | undefined;
+/**
+ * Check if sandbox mode is enabled in the current session
+ */
+declare function isSandboxEnabled(): boolean;
+
+/**
+ * Undo Stack
+ * Track file changes for rollback capability
+ */
+
+interface UndoEntry {
+    id: string;
+    timestamp: Date;
+    path: string;
+    operation: 'create' | 'modify' | 'delete';
+    backupPath?: string;
+    originalContent?: string;
+    command?: string;
+}
+interface UndoResult {
+    success: boolean;
+    message: string;
+    entry?: UndoEntry;
+}
+interface UndoConfig {
+    maxStackSize: number;
+    maxFileSize: number;
+    ttlMinutes: number;
+    backupPath: string;
+    enabled: boolean;
+}
+declare class UndoStack {
+    private stack;
+    private sessionId;
+    private config;
+    private undoDir;
+    constructor(policy?: Partial<UndoPolicy>);
+    private ensureUndoDir;
+    /**
+     * Clean up backups older than TTL
+     */
+    cleanupOldBackups(): number;
+    private generateId;
+    /**
+     * Check if undo is enabled
+     */
+    isEnabled(): boolean;
+    /**
+     * Record a file creation
+     */
+    recordCreate(path: string, command?: string): UndoEntry;
+    /**
+     * Record a file modification (backs up original)
+     */
+    recordModify(path: string, command?: string): UndoEntry | null;
+    /**
+     * Record a file deletion (backs up content)
+     */
+    recordDelete(path: string, command?: string): UndoEntry | null;
+    /**
+     * Auto-detect operation from command
+     */
+    recordFromCommand(command: string, paths: string[]): UndoEntry[];
+    /**
+     * Undo the last operation
+     */
+    undo(): UndoResult;
+    /**
+     * Undo a specific entry
+     */
+    undoEntry(entry: UndoEntry): UndoResult;
+    /**
+     * Undo all operations in the session
+     */
+    undoAll(): UndoResult[];
+    /**
+     * Get the undo stack
+     */
+    getStack(): UndoEntry[];
+    /**
+     * Get stack size
+     */
+    size(): number;
+    /**
+     * Clear the stack (and backups)
+     */
+    clear(): void;
+    /**
+     * Push entry to stack
+     */
+    private push;
+    /**
+     * Format stack for display
+     */
+    formatStack(): string;
+}
+
+/**
+ * Bashgym Integration for Bashbros
+ *
+ * Provides integration between bashbros (security middleware + AI sidekick) and
+ * bashgym (self-improving agent training) through a shared directory protocol.
+ *
+ * Key features:
+ * - Trace export to shared directory
+ * - Settings synchronization
+ * - Model update watcher for hot-swap
+ *
+ * Data Flow:
+ *   bashbros captures traces -> bashgym trains -> GGUF to Ollama -> bashbros sidekick improves
+ */
+
+type CaptureMode = 'everything' | 'successful_only' | 'sidekick_curated';
+type TrainingTrigger = 'manual' | 'quality_based' | 'scheduled';
+interface IntegrationSettings {
+    version: string;
+    updated_at: string | null;
+    updated_by: string | null;
+    integration: {
+        enabled: boolean;
+        linked_at: string | null;
+    };
+    capture: {
+        mode: CaptureMode;
+        auto_stream: boolean;
+    };
+    training: {
+        auto_enabled: boolean;
+        quality_threshold: number;
+        trigger: TrainingTrigger;
+    };
+    security: {
+        bashbros_primary: boolean;
+        policy_path: string | null;
+    };
+    model_sync: {
+        auto_export_ollama: boolean;
+        ollama_model_name: string;
+        notify_on_update: boolean;
+    };
+}
+interface TraceData {
+    version: string;
+    metadata: {
+        user_initial_prompt: string;
+        source_tool: string;
+        task_id?: string;
+        verification_passed: boolean;
+        capture_mode: CaptureMode;
+        session_id: string;
+    };
+    trace: TraceStep[];
+    bashbros_extensions: {
+        security_events: SecurityEvent[];
+        sidekick_annotations: SidekickAnnotations;
+    };
+}
+interface TraceStep {
+    tool_name: string;
+    command: string;
+    output: string;
+    success: boolean;
+    exit_code?: number;
+    timestamp: string;
+    cwd?: string;
+}
+interface SecurityEvent {
+    type: string;
+    timestamp: string;
+    command?: string;
+    violation?: PolicyViolation;
+}
+interface SidekickAnnotations {
+    teachable_moment: boolean;
+    complexity: 'easy' | 'medium' | 'hard';
+    tags?: string[];
+}
+interface ModelManifest {
+    latest: string;
+    versions: ModelVersion[];
+    rollback_available: boolean;
+}
+interface ModelVersion {
+    version: string;
+    created: string;
+    traces_used: number;
+    quality_avg: number;
+    gguf_path: string | null;
+}
+declare class BashgymIntegration extends EventEmitter {
+    private integrationDir;
+    private settings;
+    private manifest;
+    private settingsWatcher;
+    private modelWatcher;
+    private sessionId;
+    private traceBuffer;
+    private securityEvents;
+    private currentPrompt;
+    private tracesDir;
+    private pendingDir;
+    private modelsDir;
+    private configDir;
+    private statusDir;
+    constructor(integrationDir?: string);
+    /**
+     * Initialize the integration
+     */
+    initialize(): Promise<boolean>;
+    /**
+     * Check if bashgym is available
+     */
+    isAvailable(): boolean;
+    /**
+     * Check if integration is linked
+     */
+    isLinked(): boolean;
+    getSettings(): IntegrationSettings | null;
+    private loadSettings;
+    updateSettings(updates: Partial<IntegrationSettings>): void;
+    /**
+     * Start a new trace session
+     */
+    startSession(prompt: string): void;
+    /**
+     * Add a step to the current trace
+     */
+    addStep(step: Omit<TraceStep, 'timestamp'>): void;
+    /**
+     * Add a command result to the trace
+     */
+    addCommandResult(result: CommandResult): void;
+    /**
+     * Add a file operation to the trace
+     */
+    addFileOperation(operation: 'Read' | 'Write' | 'Edit', path: string, success: boolean, output?: string): void;
+    /**
+     * End the session and export the trace
+     */
+    endSession(verificationPassed?: boolean): Promise<string | null>;
+    private clearSession;
+    private determineTeachableMoment;
+    private determineComplexity;
+    /**
+     * Get current model version
+     */
+    getCurrentModelVersion(): string | null;
+    /**
+     * Get model manifest
+     */
+    getModelManifest(): ModelManifest | null;
+    private loadManifest;
+    /**
+     * Get path to latest GGUF model
+     */
+    getLatestModelPath(): string | null;
+    /**
+     * Get Ollama model name for sidekick
+     */
+    getOllamaModelName(): string;
+    private startWatching;
+    stopWatching(): void;
+    private updateStatus;
+    /**
+     * Check if bashgym is actively running
+     */
+    isBashgymRunning(): boolean;
+    dispose(): void;
+}
+declare function getBashgymIntegration(): BashgymIntegration;
+declare function resetBashgymIntegration(): void;
+
+export { type AgentType, type Anomaly, type AnomalyConfig, type AnomalyDetectionPolicy, AnomalyDetector, type AuditEntry, AuditLogger, type AuditPolicy, type BackgroundTask, BackgroundWorker, BashBro, BashBros, type BashBrosConfig, BashgymIntegration, type BroConfig, type CaptureMode, ClaudeCodeHooks, type ClaudeSettings, CommandFilter, type CommandMetric, type CommandPolicy, type CommandResult, CommandSuggester, type CostEstimate, CostEstimator, type Finding, type IntegrationSettings, type LoopAlert, type LoopConfig, type LoopDetectionPolicy, LoopDetector, MetricsCollector, type ModelManifest, type ModelPricing, type ModelVersion, type MoltbotGatewayInfo, type MoltbotGatewayStatus, MoltbotHooks, type MoltbotSecurityAuditResult, type MoltbotSecurityFinding, type MoltbotSessionContext, type MoltbotSettings, type MoltbotStatus, OllamaClient, type OllamaInfo, OutputScanner, type OutputScanningPolicy, type PathPolicy, PathSandbox, PolicyEngine, type PolicyViolation, type RateLimitPolicy, RateLimiter, ReportGenerator, type ReportOptions, type RiskPattern, type RiskScore, RiskScorer, type RiskScoringPolicy, type RouteDecision, type RoutingResult, type ScanResult, SecretsGuard, type SecretsPolicy, type SecurityProfile, type SessionMetrics, type Suggestion, type SuggestionContext, type SystemProfile, SystemProfiler, TaskRouter, type TraceData, type TraceStep, type TrainingTrigger, type UndoConfig, type UndoEntry, type UndoPolicy, type UndoResult, UndoStack, type VersionInfo, allowForSession, clearSessionAllowlist, detectMoltbotSession, gateCommand, getBashgymIntegration, getMoltbotAgentName, getMoltbotHooks, getMoltbotSessionId, getSessionAllowlist, isAllowedForSession, isInMoltbotSession, isSandboxEnabled, loadConfig, resetBashgymIntegration };