npm - bashbros - Versions diffs - 0.1.1 → 0.1.2 - Mend

bashbros 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/dist/{chunk-A535VV7N.js → chunk-BW6XCOJH.js} +4 -3
package/dist/chunk-BW6XCOJH.js.map +1 -0
package/dist/chunk-FRMAIRQ2.js +89 -0
package/dist/chunk-FRMAIRQ2.js.map +1 -0
package/dist/{chunk-GD5VNHIN.js → chunk-QWZGB4V3.js} +4 -85
package/dist/chunk-QWZGB4V3.js.map +1 -0
package/dist/{chunk-WPJJZLT6.js → chunk-SQCP6IYB.js} +2 -2
package/dist/{chunk-VVSCAH2B.js → chunk-XCZMQRSX.js} +125 -10
package/dist/chunk-XCZMQRSX.js.map +1 -0
package/dist/chunk-YUMNBQAY.js +766 -0
package/dist/chunk-YUMNBQAY.js.map +1 -0
package/dist/cli.js +577 -30
package/dist/cli.js.map +1 -1
package/dist/{config-43SK6SFI.js → config-JLLOTFLI.js} +2 -2
package/dist/{db-EHQDB5OL.js → db-OBKEXRTP.js} +2 -2
package/dist/{display-HFIFXOOL.js → display-6LZ2HBCU.js} +3 -3
package/dist/engine-EGPAS2EX.js +10 -0
package/dist/index.js +6 -4
package/dist/index.js.map +1 -1
package/dist/session-Y4MICATZ.js +15 -0
package/dist/session-Y4MICATZ.js.map +1 -0
package/dist/static/index.html +1873 -276
package/package.json +1 -1
package/dist/chunk-A535VV7N.js.map +0 -1
package/dist/chunk-CSRPOGHY.js +0 -354
package/dist/chunk-CSRPOGHY.js.map +0 -1
package/dist/chunk-GD5VNHIN.js.map +0 -1
package/dist/chunk-VVSCAH2B.js.map +0 -1
package/dist/engine-PKLXW6OF.js +0 -9
/package/dist/{chunk-WPJJZLT6.js.map → chunk-SQCP6IYB.js.map} +0 -0
/package/dist/{config-43SK6SFI.js.map → config-JLLOTFLI.js.map} +0 -0
/package/dist/{db-EHQDB5OL.js.map → db-OBKEXRTP.js.map} +0 -0
/package/dist/{display-HFIFXOOL.js.map → display-6LZ2HBCU.js.map} +0 -0
/package/dist/{engine-PKLXW6OF.js.map → engine-EGPAS2EX.js.map} +0 -0

package/dist/{config-43SK6SFI.js → config-JLLOTFLI.js} RENAMED Viewed

@@ -3,11 +3,11 @@ import {
   findConfig,
   getDefaultConfig,
   loadConfig
-} from "./chunk-A535VV7N.js";
+} from "./chunk-BW6XCOJH.js";
 import "./chunk-7OCVIDC7.js";
 export {
   findConfig,
   getDefaultConfig,
   loadConfig
 };
-//# sourceMappingURL=config-43SK6SFI.js.map
+//# sourceMappingURL=config-JLLOTFLI.js.map

package/dist/{db-EHQDB5OL.js → db-OBKEXRTP.js} RENAMED Viewed

@@ -2,10 +2,10 @@
 import {
   DashboardDB,
   db_default
-} from "./chunk-CSRPOGHY.js";
+} from "./chunk-YUMNBQAY.js";
 import "./chunk-7OCVIDC7.js";
 export {
   DashboardDB,
   db_default as default
 };
-//# sourceMappingURL=db-EHQDB5OL.js.map
+//# sourceMappingURL=db-OBKEXRTP.js.map

package/dist/{display-HFIFXOOL.js → display-6LZ2HBCU.js} RENAMED Viewed

@@ -5,8 +5,8 @@ import {
   formatAllAgentsInfo,
   formatPermissionsTable,
   getEffectivePermissions
-} from "./chunk-WPJJZLT6.js";
-import "./chunk-A535VV7N.js";
+} from "./chunk-SQCP6IYB.js";
+import "./chunk-BW6XCOJH.js";
 import "./chunk-7OCVIDC7.js";
 export {
   formatAgentInfo,
@@ -15,4 +15,4 @@ export {
   formatPermissionsTable,
   getEffectivePermissions
 };
-//# sourceMappingURL=display-HFIFXOOL.js.map
+//# sourceMappingURL=display-6LZ2HBCU.js.map

package/dist/engine-EGPAS2EX.js ADDED Viewed

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+import {
+  PolicyEngine
+} from "./chunk-QWZGB4V3.js";
+import "./chunk-FRMAIRQ2.js";
+import "./chunk-7OCVIDC7.js";
+export {
+  PolicyEngine
+};
+//# sourceMappingURL=engine-EGPAS2EX.js.map

package/dist/index.js CHANGED Viewed

@@ -16,7 +16,7 @@ import {
   gateCommand,
   getBashgymIntegration,
   resetBashgymIntegration
-} from "./chunk-VVSCAH2B.js";
+} from "./chunk-XCZMQRSX.js";
 import {
   AuditLogger
 } from "./chunk-SG752FZC.js";
@@ -25,18 +25,20 @@ import {
 } from "./chunk-DLP2O6PN.js";
 import {
   loadConfig
-} from "./chunk-A535VV7N.js";
+} from "./chunk-BW6XCOJH.js";
 import {
   CommandFilter,
   PathSandbox,
   PolicyEngine,
   RateLimiter,
-  SecretsGuard,
+  SecretsGuard
+} from "./chunk-QWZGB4V3.js";
+import {
   allowForSession,
   clearSessionAllowlist,
   getSessionAllowlist,
   isAllowedForSession
-} from "./chunk-GD5VNHIN.js";
+} from "./chunk-FRMAIRQ2.js";
 import {
   RiskScorer
 } from "./chunk-DEAF6PYM.js";

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/policy/anomaly-detector.ts","../src/policy/output-scanner.ts","../src/hooks/moltbot-runtime.ts"],"sourcesContent":["/*\r\n Anomaly Detection\r\n * Flag unusual patterns without ML\r\n /\r\n\r\nexport interface AnomalyConfig {\r\n workingHours?: [number, number] // [startHour, endHour] in 24h format\r\n typicalCommandsPerMinute?: number // Normal rate\r\n knownPaths?: string[] // Expected paths for this project\r\n suspiciousPatterns?: RegExp[] // Additional patterns to flag\r\n enabled?: boolean\r\n}\r\n\r\nexport interface Anomaly {\r\n type: 'timing' \| 'frequency' \| 'path' \| 'pattern' \| 'behavior'\r\n severity: 'info' \| 'warning' \| 'alert'\r\n message: string\r\n details: Record<string, unknown>\r\n}\r\n\r\ninterface CommandRecord {\r\n command: string\r\n timestamp: number\r\n path?: string\r\n}\r\n\r\nconst DEFAULT_CONFIG: Required<AnomalyConfig> = {\r\n workingHours: [6, 22], // 6 AM to 10 PM\r\n typicalCommandsPerMinute: 30,\r\n knownPaths: [],\r\n suspiciousPatterns: [],\r\n enabled: true\r\n}\r\n\r\n// Default suspicious patterns\r\nconst DEFAULT_SUSPICIOUS_PATTERNS: RegExp[] = [\r\n /\\bpasswd\\b/,\r\n /\\bshadow\\b/,\r\n /\\/root\\//,\r\n /\\.ssh\\//,\r\n /\\.gnupg\\//,\r\n /\\.aws\\//,\r\n /\\.kube\\//,\r\n /wallet/i,\r\n /crypto/i,\r\n /bitcoin/i,\r\n /ethereum/i,\r\n /private.key/i,\r\n]\r\n\r\nexport class AnomalyDetector {\r\n private config: Required<AnomalyConfig>\r\n private commands: CommandRecord[] = []\r\n private baselinePaths: Set<string> = new Set()\r\n private baselineCommands: Set<string> = new Set()\r\n private learningMode: boolean = true\r\n private learningCount: number = 0\r\n private readonly LEARNING_THRESHOLD = 50\r\n\r\n constructor(config: AnomalyConfig = {}) {\r\n this.config = { ...DEFAULT_CONFIG, ...config }\r\n }\r\n\r\n /*\r\n Check a command for anomalies\r\n /\r\n check(command: string, cwd?: string): Anomaly[] {\r\n if (!this.config.enabled) return []\r\n\r\n const anomalies: Anomaly[] = []\r\n const now = Date.now()\r\n\r\n // Record for learning/baseline\r\n this.commands.push({ command, timestamp: now, path: cwd })\r\n if (this.commands.length > 1000) {\r\n this.commands = this.commands.slice(-500)\r\n }\r\n\r\n // Learning mode: build baseline\r\n if (this.learningMode) {\r\n this.learn(command, cwd)\r\n if (this.learningCount >= this.LEARNING_THRESHOLD) {\r\n this.learningMode = false\r\n }\r\n return anomalies // Don't flag during learning\r\n }\r\n\r\n // Check timing\r\n const timingAnomaly = this.checkTiming(now)\r\n if (timingAnomaly) anomalies.push(timingAnomaly)\r\n\r\n // Check frequency\r\n const freqAnomaly = this.checkFrequency(now)\r\n if (freqAnomaly) anomalies.push(freqAnomaly)\r\n\r\n // Check paths\r\n if (cwd) {\r\n const pathAnomaly = this.checkPath(cwd)\r\n if (pathAnomaly) anomalies.push(pathAnomaly)\r\n }\r\n\r\n // Check patterns\r\n const patternAnomalies = this.checkPatterns(command)\r\n anomalies.push(...patternAnomalies)\r\n\r\n // Check behavior\r\n const behaviorAnomaly = this.checkBehavior(command)\r\n if (behaviorAnomaly) anomalies.push(behaviorAnomaly)\r\n\r\n return anomalies\r\n }\r\n\r\n /\r\n Learn from command (build baseline)\r\n /\r\n private learn(command: string, cwd?: string): void {\r\n this.learningCount++\r\n\r\n // Learn command patterns\r\n const baseCmd = command.split(/\\s+/)[0]\r\n this.baselineCommands.add(baseCmd)\r\n\r\n // Learn paths\r\n if (cwd) {\r\n this.baselinePaths.add(cwd)\r\n // Also add parent directories\r\n const parts = cwd.split(/[/\\\\]/)\r\n for (let i = 1; i <= parts.length; i++) {\r\n this.baselinePaths.add(parts.slice(0, i).join('/'))\r\n }\r\n }\r\n }\r\n\r\n /\r\n Check for timing anomalies\r\n /\r\n private checkTiming(now: number): Anomaly \| null {\r\n const hour = new Date(now).getHours()\r\n const [start, end] = this.config.workingHours\r\n\r\n if (hour < start \|\| hour >= end) {\r\n return {\r\n type: 'timing',\r\n severity: 'info',\r\n message: `Activity outside normal hours (${hour}:00)`,\r\n details: { hour, workingHours: this.config.workingHours }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Check for frequency anomalies\r\n /\r\n private checkFrequency(now: number): Anomaly \| null {\r\n const oneMinuteAgo = now - 60000\r\n const recentCommands = this.commands.filter(c => c.timestamp > oneMinuteAgo)\r\n const rate = recentCommands.length\r\n\r\n if (rate > this.config.typicalCommandsPerMinute 2) {\r\n return {\r\n type: 'frequency',\r\n severity: 'warning',\r\n message: `High command rate: ${rate}/min (typical: ${this.config.typicalCommandsPerMinute})`,\r\n details: { rate, typical: this.config.typicalCommandsPerMinute }\r\n }\r\n }\r\n\r\n // Check for burst (many commands in very short time)\r\n const fiveSecondsAgo = now - 5000\r\n const burstCommands = this.commands.filter(c => c.timestamp > fiveSecondsAgo)\r\n if (burstCommands.length > 10) {\r\n return {\r\n type: 'frequency',\r\n severity: 'alert',\r\n message: `Burst detected: ${burstCommands.length} commands in 5 seconds`,\r\n details: { count: burstCommands.length, window: '5s' }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /*\r\n Check for unusual path access\r\n /\r\n private checkPath(path: string): Anomaly \| null {\r\n // Skip if we have known paths configured\r\n if (this.config.knownPaths.length > 0) {\r\n const isKnown = this.config.knownPaths.some(p =>\r\n path.startsWith(p) \|\| path.includes(p)\r\n )\r\n if (!isKnown) {\r\n return {\r\n type: 'path',\r\n severity: 'warning',\r\n message: `Access to unexpected path: ${path}`,\r\n details: { path, knownPaths: this.config.knownPaths }\r\n }\r\n }\r\n }\r\n\r\n // Check against learned baseline\r\n if (!this.learningMode && this.baselinePaths.size > 0) {\r\n const isBaseline = this.baselinePaths.has(path) \|\|\r\n [...this.baselinePaths].some(p => path.startsWith(p))\r\n\r\n if (!isBaseline) {\r\n return {\r\n type: 'path',\r\n severity: 'info',\r\n message: `New path accessed: ${path}`,\r\n details: { path, isNew: true }\r\n }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Check for suspicious patterns\r\n /\r\n private checkPatterns(command: string): Anomaly[] {\r\n const anomalies: Anomaly[] = []\r\n const allPatterns = [...DEFAULT_SUSPICIOUS_PATTERNS, ...this.config.suspiciousPatterns]\r\n\r\n for (const pattern of allPatterns) {\r\n if (pattern.test(command)) {\r\n anomalies.push({\r\n type: 'pattern',\r\n severity: 'warning',\r\n message: `Suspicious pattern detected: ${pattern.source}`,\r\n details: { command: command.slice(0, 100), pattern: pattern.source }\r\n })\r\n }\r\n }\r\n\r\n return anomalies\r\n }\r\n\r\n /\r\n Check for behavioral anomalies\r\n /\r\n private checkBehavior(command: string): Anomaly \| null {\r\n const baseCmd = command.split(/\\s+/)[0]\r\n\r\n // Check for new command type after learning\r\n if (!this.learningMode && this.baselineCommands.size > 0) {\r\n if (!this.baselineCommands.has(baseCmd)) {\r\n // Only flag if it's potentially sensitive\r\n const sensitiveCommands = new Set([\r\n 'curl', 'wget', 'nc', 'netcat', 'ssh', 'scp', 'rsync',\r\n 'sudo', 'su', 'chmod', 'chown', 'mount', 'umount'\r\n ])\r\n\r\n if (sensitiveCommands.has(baseCmd)) {\r\n return {\r\n type: 'behavior',\r\n severity: 'warning',\r\n message: `New sensitive command type: ${baseCmd}`,\r\n details: { command: baseCmd, isNew: true }\r\n }\r\n }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Get anomaly stats\r\n /\r\n getStats(): {\r\n learningMode: boolean\r\n learningProgress: number\r\n baselineCommands: number\r\n baselinePaths: number\r\n recentCommandRate: number\r\n } {\r\n const now = Date.now()\r\n const oneMinuteAgo = now - 60000\r\n const recentRate = this.commands.filter(c => c.timestamp > oneMinuteAgo).length\r\n\r\n return {\r\n learningMode: this.learningMode,\r\n learningProgress: Math.min(100, Math.round((this.learningCount / this.LEARNING_THRESHOLD) 100)),\r\n baselineCommands: this.baselineCommands.size,\r\n baselinePaths: this.baselinePaths.size,\r\n recentCommandRate: recentRate\r\n }\r\n }\r\n\r\n /*\r\n Force end learning mode\r\n /\r\n endLearning(): void {\r\n this.learningMode = false\r\n }\r\n\r\n /\r\n Reset and restart learning\r\n /\r\n reset(): void {\r\n this.commands = []\r\n this.baselinePaths.clear()\r\n this.baselineCommands.clear()\r\n this.learningMode = true\r\n this.learningCount = 0\r\n }\r\n}\r\n","/\r\n Output Scanner\r\n * Scan command output for leaked secrets and sensitive data\r\n /\r\n\r\nimport type { OutputScanningPolicy } from '../types.js'\r\n\r\nexport interface ScanResult {\r\n hasSecrets: boolean\r\n hasErrors: boolean\r\n redactedOutput: string\r\n findings: Finding[]\r\n}\r\n\r\nexport interface Finding {\r\n type: 'secret' \| 'error' \| 'sensitive'\r\n pattern: string\r\n message: string\r\n line?: number\r\n}\r\n\r\n// Built-in secret patterns\r\nconst SECRET_PATTERNS: { pattern: RegExp; name: string }[] = [\r\n // API Keys\r\n { pattern: /sk-[A-Za-z0-9]{20,}/, name: 'OpenAI API Key' },\r\n { pattern: /sk-ant-[A-Za-z0-9\\-]{20,}/, name: 'Anthropic API Key' },\r\n { pattern: /ghp_[A-Za-z0-9]{36}/, name: 'GitHub Token' },\r\n { pattern: /gho_[A-Za-z0-9]{36}/, name: 'GitHub OAuth Token' },\r\n { pattern: /github_pat_[A-Za-z0-9_]{22,}/, name: 'GitHub PAT' },\r\n { pattern: /glpat-[A-Za-z0-9\\-]{20,}/, name: 'GitLab Token' },\r\n { pattern: /xox[baprs]-[A-Za-z0-9\\-]{10,}/, name: 'Slack Token' },\r\n { pattern: /sk_live_[A-Za-z0-9]{24,}/, name: 'Stripe Secret Key' },\r\n { pattern: /sq0atp-[A-Za-z0-9\\-_]{22,}/, name: 'Square Token' },\r\n { pattern: /AKIA[A-Z0-9]{16}/, name: 'AWS Access Key' },\r\n { pattern: /amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/, name: 'Amazon MWS Key' },\r\n\r\n // OAuth/JWT\r\n { pattern: /Bearer\\s+[A-Za-z0-9\\-._~+/]+=/, name: 'Bearer Token' },\r\n { pattern: /eyJ[A-Za-z0-9\\-_]+\\.eyJ[A-Za-z0-9\\-_]+\\.[A-Za-z0-9\\-_]+/, name: 'JWT Token' },\r\n\r\n // Credentials in output\r\n { pattern: /password\\s[=:]\\s['\"]?[^\\s'\"]{4,}['\"]?/i, name: 'Password' },\r\n { pattern: /passwd\\s[=:]\\s['\"]?[^\\s'\"]{4,}['\"]?/i, name: 'Password' },\r\n { pattern: /api[_-]?key\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'API Key' },\r\n { pattern: /secret\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'Secret' },\r\n { pattern: /token\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'Token' },\r\n\r\n // Private keys\r\n { pattern: /-----BEGIN\\s+(RSA\\s+)?PRIVATE\\s+KEY-----/, name: 'Private Key' },\r\n { pattern: /-----BEGIN\\s+EC\\s+PRIVATE\\s+KEY-----/, name: 'EC Private Key' },\r\n { pattern: /-----BEGIN\\s+OPENSSH\\s+PRIVATE\\s+KEY-----/, name: 'SSH Private Key' },\r\n { pattern: /-----BEGIN\\s+PGP\\s+PRIVATE\\s+KEY\\s+BLOCK-----/, name: 'PGP Private Key' },\r\n\r\n // Database URLs\r\n { pattern: /mongodb(\\+srv)?:\\/\\/[^:]+:[^@]+@/, name: 'MongoDB Connection String' },\r\n { pattern: /postgres(ql)?:\\/\\/[^:]+:[^@]+@/, name: 'PostgreSQL Connection String' },\r\n { pattern: /mysql:\\/\\/[^:]+:[^@]+@/, name: 'MySQL Connection String' },\r\n { pattern: /redis:\\/\\/[^:]+:[^@]+@/, name: 'Redis Connection String' },\r\n\r\n // SSH\r\n { pattern: /ssh-rsa\\s+[A-Za-z0-9+/]+[=]{0,2}/, name: 'SSH Public Key' },\r\n { pattern: /ssh-ed25519\\s+[A-Za-z0-9+/]+/, name: 'SSH ED25519 Key' },\r\n]\r\n\r\n// Error patterns to detect\r\nconst ERROR_PATTERNS: { pattern: RegExp; name: string }[] = [\r\n { pattern: /EACCES\|EPERM\|permission denied/i, name: 'Permission Error' },\r\n { pattern: /ENOENT\|no such file\|not found/i, name: 'File Not Found' },\r\n { pattern: /ECONNREFUSED\|connection refused/i, name: 'Connection Refused' },\r\n { pattern: /ETIMEDOUT\|timed out/i, name: 'Timeout Error' },\r\n { pattern: /segmentation fault\|core dumped/i, name: 'Crash' },\r\n { pattern: /out of memory\|OOM\|cannot allocate/i, name: 'Memory Error' },\r\n { pattern: /stack trace\|traceback\|at\\s+\\S+:\\d+:\\d+/i, name: 'Stack Trace' },\r\n { pattern: /error:\|fatal:\|failed:/i, name: 'Error Message' },\r\n]\r\n\r\nexport class OutputScanner {\r\n private secretPatterns: RegExp[]\r\n private redactPatterns: RegExp[]\r\n private policy: OutputScanningPolicy\r\n\r\n constructor(policy: OutputScanningPolicy) {\r\n this.policy = policy\r\n\r\n // Compile secret patterns\r\n this.secretPatterns = SECRET_PATTERNS.map(p => p.pattern)\r\n\r\n // Compile custom redact patterns\r\n this.redactPatterns = (policy.redactPatterns \|\| [])\r\n .map(p => {\r\n try {\r\n return new RegExp(p, 'gi')\r\n } catch {\r\n return null\r\n }\r\n })\r\n .filter((p): p is RegExp => p !== null)\r\n }\r\n\r\n /*\r\n Scan output for secrets and sensitive data\r\n /\r\n scan(output: string): ScanResult {\r\n if (!this.policy.enabled) {\r\n return {\r\n hasSecrets: false,\r\n hasErrors: false,\r\n redactedOutput: output,\r\n findings: []\r\n }\r\n }\r\n\r\n const findings: Finding[] = []\r\n let hasSecrets = false\r\n let hasErrors = false\r\n\r\n // Truncate if needed\r\n let processedOutput = output\r\n if (output.length > this.policy.maxOutputLength) {\r\n processedOutput = output.slice(0, this.policy.maxOutputLength) + '\\n... [truncated]'\r\n }\r\n\r\n // Scan for secrets\r\n if (this.policy.scanForSecrets) {\r\n const secretFindings = this.scanForSecrets(processedOutput)\r\n if (secretFindings.length > 0) {\r\n hasSecrets = true\r\n findings.push(...secretFindings)\r\n }\r\n }\r\n\r\n // Scan for errors\r\n if (this.policy.scanForErrors) {\r\n const errorFindings = this.scanForErrors(processedOutput)\r\n if (errorFindings.length > 0) {\r\n hasErrors = true\r\n findings.push(...errorFindings)\r\n }\r\n }\r\n\r\n // Redact sensitive data\r\n const redactedOutput = this.redact(processedOutput)\r\n\r\n return {\r\n hasSecrets,\r\n hasErrors,\r\n redactedOutput,\r\n findings\r\n }\r\n }\r\n\r\n /\r\n Scan for secrets in output\r\n /\r\n private scanForSecrets(output: string): Finding[] {\r\n const findings: Finding[] = []\r\n const lines = output.split('\\n')\r\n\r\n for (let i = 0; i < lines.length; i++) {\r\n const line = lines[i]\r\n\r\n for (const { pattern, name } of SECRET_PATTERNS) {\r\n if (pattern.test(line)) {\r\n findings.push({\r\n type: 'secret',\r\n pattern: name,\r\n message: `Potential ${name} found in output`,\r\n line: i + 1\r\n })\r\n }\r\n }\r\n }\r\n\r\n return findings\r\n }\r\n\r\n /\r\n Scan for error patterns in output\r\n /\r\n private scanForErrors(output: string): Finding[] {\r\n const findings: Finding[] = []\r\n const lines = output.split('\\n')\r\n\r\n for (let i = 0; i < lines.length; i++) {\r\n const line = lines[i]\r\n\r\n for (const { pattern, name } of ERROR_PATTERNS) {\r\n if (pattern.test(line)) {\r\n findings.push({\r\n type: 'error',\r\n pattern: name,\r\n message: `${name} detected`,\r\n line: i + 1\r\n })\r\n break // Only report first error type per line\r\n }\r\n }\r\n }\r\n\r\n return findings\r\n }\r\n\r\n /\r\n Redact sensitive data from output\r\n /\r\n redact(output: string): string {\r\n let redacted = output\r\n\r\n // Redact built-in secret patterns\r\n for (const { pattern, name } of SECRET_PATTERNS) {\r\n redacted = redacted.replace(new RegExp(pattern.source, 'g'), `[REDACTED ${name}]`)\r\n }\r\n\r\n // Redact custom patterns\r\n for (const pattern of this.redactPatterns) {\r\n redacted = redacted.replace(pattern, '[REDACTED]')\r\n }\r\n\r\n return redacted\r\n }\r\n\r\n /\r\n Check if output contains any secrets\r\n /\r\n hasSecrets(output: string): boolean {\r\n for (const pattern of this.secretPatterns) {\r\n if (pattern.test(output)) {\r\n return true\r\n }\r\n }\r\n return false\r\n }\r\n\r\n /\r\n Get summary of findings\r\n /\r\n static summarize(findings: Finding[]): string {\r\n if (findings.length === 0) {\r\n return 'No issues found'\r\n }\r\n\r\n const secrets = findings.filter(f => f.type === 'secret')\r\n const errors = findings.filter(f => f.type === 'error')\r\n\r\n const parts: string[] = []\r\n if (secrets.length > 0) {\r\n parts.push(`${secrets.length} potential secret(s)`)\r\n }\r\n if (errors.length > 0) {\r\n parts.push(`${errors.length} error(s)`)\r\n }\r\n\r\n return parts.join(', ')\r\n }\r\n}\r\n","/\r\n Moltbot Runtime Session Detection\r\n * Detects when running inside a moltbot session via environment variables\r\n /\r\n\r\nimport type { MoltbotSessionContext } from '../types.js'\r\n\r\n/\r\n Detect if we're running inside a moltbot session\r\n * Checks environment variables set by moltbot when spawning commands\r\n /\r\nexport function detectMoltbotSession(): MoltbotSessionContext {\r\n // Check for moltbot environment variables (new naming)\r\n const moltbotSessionId = process.env.MOLTBOT_SESSION_ID\r\n const moltbotAgent = process.env.MOLTBOT_AGENT\r\n const moltbotSandbox = process.env.MOLTBOT_SANDBOX\r\n\r\n // Check for clawdbot environment variables (legacy naming)\r\n const clawdbotSessionId = process.env.CLAWDBOT_SESSION_ID\r\n const clawdbotAgent = process.env.CLAWDBOT_AGENT\r\n\r\n // Check for shared config path (works with both)\r\n const configPath = process.env.CLAWDBOT_CONFIG_PATH\r\n const stateDir = process.env.CLAWDBOT_STATE_DIR\r\n\r\n // Determine session ID (prefer moltbot over clawdbot)\r\n const sessionId = moltbotSessionId \|\| clawdbotSessionId\r\n\r\n // Determine agent name\r\n const agentName = moltbotAgent \|\| clawdbotAgent\r\n\r\n // Determine sandbox mode\r\n // MOLTBOT_SANDBOX can be 'strict', 'permissive', or 'off'\r\n const sandboxMode = moltbotSandbox !== 'off'\r\n\r\n // Determine if we're in a moltbot session\r\n const inMoltbotSession = !!(sessionId \|\| agentName)\r\n\r\n return {\r\n inMoltbotSession,\r\n sessionId,\r\n agentName,\r\n sandboxMode,\r\n customConfigPath: configPath\r\n }\r\n}\r\n\r\n/\r\n Check if we're in a moltbot session (simple boolean check)\r\n /\r\nexport function isInMoltbotSession(): boolean {\r\n return !!(\r\n process.env.MOLTBOT_SESSION_ID \|\|\r\n process.env.MOLTBOT_AGENT \|\|\r\n process.env.CLAWDBOT_SESSION_ID \|\|\r\n process.env.CLAWDBOT_AGENT\r\n )\r\n}\r\n\r\n/\r\n Get the moltbot session ID if running in a session\r\n /\r\nexport function getMoltbotSessionId(): string \| undefined {\r\n return process.env.MOLTBOT_SESSION_ID \|\| process.env.CLAWDBOT_SESSION_ID\r\n}\r\n\r\n/\r\n Get the moltbot agent name if running in a session\r\n /\r\nexport function getMoltbotAgentName(): string \| undefined {\r\n return process.env.MOLTBOT_AGENT \|\| process.env.CLAWDBOT_AGENT\r\n}\r\n\r\n/\r\n Check if sandbox mode is enabled in the current session\r\n /\r\nexport function isSandboxEnabled(): boolean {\r\n const sandbox = process.env.MOLTBOT_SANDBOX\r\n return sandbox !== 'off'\r\n}\r\n\r\n/\r\n Get the custom config path if set\r\n /\r\nexport function getCustomConfigPath(): string \| undefined {\r\n return process.env.CLAWDBOT_CONFIG_PATH\r\n}\r\n\r\n/\r\n Get the state directory if set\r\n */\r\nexport function getStateDir(): string \| undefined {\r\n return process.env.CLAWDBOT_STATE_DIR\r\n}\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BA,IAAM,iBAA0C;AAAA,EAC9C,cAAc,CAAC,GAAG,EAAE;AAAA;AAAA,EACpB,0BAA0B;AAAA,EAC1B,YAAY,CAAC;AAAA,EACb,oBAAoB,CAAC;AAAA,EACrB,SAAS;AACX;AAGA,IAAM,8BAAwC;AAAA,EAC5C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEO,IAAM,kBAAN,MAAsB;AAAA,EACnB;AAAA,EACA,WAA4B,CAAC;AAAA,EAC7B,gBAA6B,oBAAI,IAAI;AAAA,EACrC,mBAAgC,oBAAI,IAAI;AAAA,EACxC,eAAwB;AAAA,EACxB,gBAAwB;AAAA,EACf,qBAAqB;AAAA,EAEtC,YAAY,SAAwB,CAAC,GAAG;AACtC,SAAK,SAAS,EAAE,GAAG,gBAAgB,GAAG,OAAO;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAiB,KAAyB;AAC9C,QAAI,CAAC,KAAK,OAAO,QAAS,QAAO,CAAC;AAElC,UAAM,YAAuB,CAAC;AAC9B,UAAM,MAAM,KAAK,IAAI;AAGrB,SAAK,SAAS,KAAK,EAAE,SAAS,WAAW,KAAK,MAAM,IAAI,CAAC;AACzD,QAAI,KAAK,SAAS,SAAS,KAAM;AAC/B,WAAK,WAAW,KAAK,SAAS,MAAM,IAAI;AAAA,IAC1C;AAGA,QAAI,KAAK,cAAc;AACrB,WAAK,MAAM,SAAS,GAAG;AACvB,UAAI,KAAK,iBAAiB,KAAK,oBAAoB;AACjD,aAAK,eAAe;AAAA,MACtB;AACA,aAAO;AAAA,IACT;AAGA,UAAM,gBAAgB,KAAK,YAAY,GAAG;AAC1C,QAAI,cAAe,WAAU,KAAK,aAAa;AAG/C,UAAM,cAAc,KAAK,eAAe,GAAG;AAC3C,QAAI,YAAa,WAAU,KAAK,WAAW;AAG3C,QAAI,KAAK;AACP,YAAM,cAAc,KAAK,UAAU,GAAG;AACtC,UAAI,YAAa,WAAU,KAAK,WAAW;AAAA,IAC7C;AAGA,UAAM,mBAAmB,KAAK,cAAc,OAAO;AACnD,cAAU,KAAK,GAAG,gBAAgB;AAGlC,UAAM,kBAAkB,KAAK,cAAc,OAAO;AAClD,QAAI,gBAAiB,WAAU,KAAK,eAAe;AAEnD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,MAAM,SAAiB,KAAoB;AACjD,SAAK;AAGL,UAAM,UAAU,QAAQ,MAAM,KAAK,EAAE,CAAC;AACtC,SAAK,iBAAiB,IAAI,OAAO;AAGjC,QAAI,KAAK;AACP,WAAK,cAAc,IAAI,GAAG;AAE1B,YAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,eAAS,IAAI,GAAG,KAAK,MAAM,QAAQ,KAAK;AACtC,aAAK,cAAc,IAAI,MAAM,MAAM,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC;AAAA,MACpD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,YAAY,KAA6B;AAC/C,UAAM,OAAO,IAAI,KAAK,GAAG,EAAE,SAAS;AACpC,UAAM,CAAC,OAAO,GAAG,IAAI,KAAK,OAAO;AAEjC,QAAI,OAAO,SAAS,QAAQ,KAAK;AAC/B,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,kCAAkC,IAAI;AAAA,QAC/C,SAAS,EAAE,MAAM,cAAc,KAAK,OAAO,aAAa;AAAA,MAC1D;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAe,KAA6B;AAClD,UAAM,eAAe,MAAM;AAC3B,UAAM,iBAAiB,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,YAAY;AAC3E,UAAM,OAAO,eAAe;AAE5B,QAAI,OAAO,KAAK,OAAO,2BAA2B,GAAG;AACnD,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,sBAAsB,IAAI,kBAAkB,KAAK,OAAO,wBAAwB;AAAA,QACzF,SAAS,EAAE,MAAM,SAAS,KAAK,OAAO,yBAAyB;AAAA,MACjE;AAAA,IACF;AAGA,UAAM,iBAAiB,MAAM;AAC7B,UAAM,gBAAgB,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,cAAc;AAC5E,QAAI,cAAc,SAAS,IAAI;AAC7B,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,mBAAmB,cAAc,MAAM;AAAA,QAChD,SAAS,EAAE,OAAO,cAAc,QAAQ,QAAQ,KAAK;AAAA,MACvD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAU,MAA8B;AAE9C,QAAI,KAAK,OAAO,WAAW,SAAS,GAAG;AACrC,YAAM,UAAU,KAAK,OAAO,WAAW;AAAA,QAAK,OAC1C,KAAK,WAAW,CAAC,KAAK,KAAK,SAAS,CAAC;AAAA,MACvC;AACA,UAAI,CAAC,SAAS;AACZ,eAAO;AAAA,UACL,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,8BAA8B,IAAI;AAAA,UAC3C,SAAS,EAAE,MAAM,YAAY,KAAK,OAAO,WAAW;AAAA,QACtD;AAAA,MACF;AAAA,IACF;AAGA,QAAI,CAAC,KAAK,gBAAgB,KAAK,cAAc,OAAO,GAAG;AACrD,YAAM,aAAa,KAAK,cAAc,IAAI,IAAI,KAC5C,CAAC,GAAG,KAAK,aAAa,EAAE,KAAK,OAAK,KAAK,WAAW,CAAC,CAAC;AAEtD,UAAI,CAAC,YAAY;AACf,eAAO;AAAA,UACL,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,sBAAsB,IAAI;AAAA,UACnC,SAAS,EAAE,MAAM,OAAO,KAAK;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,SAA4B;AAChD,UAAM,YAAuB,CAAC;AAC9B,UAAM,cAAc,CAAC,GAAG,6BAA6B,GAAG,KAAK,OAAO,kBAAkB;AAEtF,eAAW,WAAW,aAAa;AACjC,UAAI,QAAQ,KAAK,OAAO,GAAG;AACzB,kBAAU,KAAK;AAAA,UACb,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,gCAAgC,QAAQ,MAAM;AAAA,UACvD,SAAS,EAAE,SAAS,QAAQ,MAAM,GAAG,GAAG,GAAG,SAAS,QAAQ,OAAO;AAAA,QACrE,CAAC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,SAAiC;AACrD,UAAM,UAAU,QAAQ,MAAM,KAAK,EAAE,CAAC;AAGtC,QAAI,CAAC,KAAK,gBAAgB,KAAK,iBAAiB,OAAO,GAAG;AACxD,UAAI,CAAC,KAAK,iBAAiB,IAAI,OAAO,GAAG;AAEvC,cAAM,oBAAoB,oBAAI,IAAI;AAAA,UAChC;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAAM;AAAA,UAAU;AAAA,UAAO;AAAA,UAAO;AAAA,UAC9C;AAAA,UAAQ;AAAA,UAAM;AAAA,UAAS;AAAA,UAAS;AAAA,UAAS;AAAA,QAC3C,CAAC;AAED,YAAI,kBAAkB,IAAI,OAAO,GAAG;AAClC,iBAAO;AAAA,YACL,MAAM;AAAA,YACN,UAAU;AAAA,YACV,SAAS,+BAA+B,OAAO;AAAA,YAC/C,SAAS,EAAE,SAAS,SAAS,OAAO,KAAK;AAAA,UAC3C;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,WAME;AACA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,eAAe,MAAM;AAC3B,UAAM,aAAa,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,YAAY,EAAE;AAEzE,WAAO;AAAA,MACL,cAAc,KAAK;AAAA,MACnB,kBAAkB,KAAK,IAAI,KAAK,KAAK,MAAO,KAAK,gBAAgB,KAAK,qBAAsB,GAAG,CAAC;AAAA,MAChG,kBAAkB,KAAK,iBAAiB;AAAA,MACxC,eAAe,KAAK,cAAc;AAAA,MAClC,mBAAmB;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,cAAoB;AAClB,SAAK,eAAe;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA,EAKA,QAAc;AACZ,SAAK,WAAW,CAAC;AACjB,SAAK,cAAc,MAAM;AACzB,SAAK,iBAAiB,MAAM;AAC5B,SAAK,eAAe;AACpB,SAAK,gBAAgB;AAAA,EACvB;AACF;;;ACjSA,IAAM,kBAAuD;AAAA;AAAA,EAE3D,EAAE,SAAS,uBAAuB,MAAM,iBAAiB;AAAA,EACzD,EAAE,SAAS,6BAA6B,MAAM,oBAAoB;AAAA,EAClE,EAAE,SAAS,uBAAuB,MAAM,eAAe;AAAA,EACvD,EAAE,SAAS,uBAAuB,MAAM,qBAAqB;AAAA,EAC7D,EAAE,SAAS,gCAAgC,MAAM,aAAa;AAAA,EAC9D,EAAE,SAAS,4BAA4B,MAAM,eAAe;AAAA,EAC5D,EAAE,SAAS,iCAAiC,MAAM,cAAc;AAAA,EAChE,EAAE,SAAS,4BAA4B,MAAM,oBAAoB;AAAA,EACjE,EAAE,SAAS,8BAA8B,MAAM,eAAe;AAAA,EAC9D,EAAE,SAAS,oBAAoB,MAAM,iBAAiB;AAAA,EACtD,EAAE,SAAS,2EAA2E,MAAM,iBAAiB;AAAA;AAAA,EAG7G,EAAE,SAAS,kCAAkC,MAAM,eAAe;AAAA,EAClE,EAAE,SAAS,2DAA2D,MAAM,YAAY;AAAA;AAAA,EAGxF,EAAE,SAAS,4CAA4C,MAAM,WAAW;AAAA,EACxE,EAAE,SAAS,0CAA0C,MAAM,WAAW;AAAA,EACtE,EAAE,SAAS,+CAA+C,MAAM,UAAU;AAAA,EAC1E,EAAE,SAAS,0CAA0C,MAAM,SAAS;AAAA,EACpE,EAAE,SAAS,yCAAyC,MAAM,QAAQ;AAAA;AAAA,EAGlE,EAAE,SAAS,4CAA4C,MAAM,cAAc;AAAA,EAC3E,EAAE,SAAS,wCAAwC,MAAM,iBAAiB;AAAA,EAC1E,EAAE,SAAS,6CAA6C,MAAM,kBAAkB;AAAA,EAChF,EAAE,SAAS,iDAAiD,MAAM,kBAAkB;AAAA;AAAA,EAGpF,EAAE,SAAS,oCAAoC,MAAM,4BAA4B;AAAA,EACjF,EAAE,SAAS,kCAAkC,MAAM,+BAA+B;AAAA,EAClF,EAAE,SAAS,0BAA0B,MAAM,0BAA0B;AAAA,EACrE,EAAE,SAAS,0BAA0B,MAAM,0BAA0B;AAAA;AAAA,EAGrE,EAAE,SAAS,oCAAoC,MAAM,iBAAiB;AAAA,EACtE,EAAE,SAAS,gCAAgC,MAAM,kBAAkB;AACrE;AAGA,IAAM,iBAAsD;AAAA,EAC1D,EAAE,SAAS,mCAAmC,MAAM,mBAAmB;AAAA,EACvE,EAAE,SAAS,kCAAkC,MAAM,iBAAiB;AAAA,EACpE,EAAE,SAAS,oCAAoC,MAAM,qBAAqB;AAAA,EAC1E,EAAE,SAAS,wBAAwB,MAAM,gBAAgB;AAAA,EACzD,EAAE,SAAS,mCAAmC,MAAM,QAAQ;AAAA,EAC5D,EAAE,SAAS,sCAAsC,MAAM,eAAe;AAAA,EACtE,EAAE,SAAS,2CAA2C,MAAM,cAAc;AAAA,EAC1E,EAAE,SAAS,0BAA0B,MAAM,gBAAgB;AAC7D;AAEO,IAAM,gBAAN,MAAoB;AAAA,EACjB;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAA8B;AACxC,SAAK,SAAS;AAGd,SAAK,iBAAiB,gBAAgB,IAAI,OAAK,EAAE,OAAO;AAGxD,SAAK,kBAAkB,OAAO,kBAAkB,CAAC,GAC9C,IAAI,OAAK;AACR,UAAI;AACF,eAAO,IAAI,OAAO,GAAG,IAAI;AAAA,MAC3B,QAAQ;AACN,eAAO;AAAA,MACT;AAAA,IACF,CAAC,EACA,OAAO,CAAC,MAAmB,MAAM,IAAI;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,QAA4B;AAC/B,QAAI,CAAC,KAAK,OAAO,SAAS;AACxB,aAAO;AAAA,QACL,YAAY;AAAA,QACZ,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,UAAU,CAAC;AAAA,MACb;AAAA,IACF;AAEA,UAAM,WAAsB,CAAC;AAC7B,QAAI,aAAa;AACjB,QAAI,YAAY;AAGhB,QAAI,kBAAkB;AACtB,QAAI,OAAO,SAAS,KAAK,OAAO,iBAAiB;AAC/C,wBAAkB,OAAO,MAAM,GAAG,KAAK,OAAO,eAAe,IAAI;AAAA,IACnE;AAGA,QAAI,KAAK,OAAO,gBAAgB;AAC9B,YAAM,iBAAiB,KAAK,eAAe,eAAe;AAC1D,UAAI,eAAe,SAAS,GAAG;AAC7B,qBAAa;AACb,iBAAS,KAAK,GAAG,cAAc;AAAA,MACjC;AAAA,IACF;AAGA,QAAI,KAAK,OAAO,eAAe;AAC7B,YAAM,gBAAgB,KAAK,cAAc,eAAe;AACxD,UAAI,cAAc,SAAS,GAAG;AAC5B,oBAAY;AACZ,iBAAS,KAAK,GAAG,aAAa;AAAA,MAChC;AAAA,IACF;AAGA,UAAM,iBAAiB,KAAK,OAAO,eAAe;AAElD,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAe,QAA2B;AAChD,UAAM,WAAsB,CAAC;AAC7B,UAAM,QAAQ,OAAO,MAAM,IAAI;AAE/B,aAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,YAAM,OAAO,MAAM,CAAC;AAEpB,iBAAW,EAAE,SAAS,KAAK,KAAK,iBAAiB;AAC/C,YAAI,QAAQ,KAAK,IAAI,GAAG;AACtB,mBAAS,KAAK;AAAA,YACZ,MAAM;AAAA,YACN,SAAS;AAAA,YACT,SAAS,aAAa,IAAI;AAAA,YAC1B,MAAM,IAAI;AAAA,UACZ,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,QAA2B;AAC/C,UAAM,WAAsB,CAAC;AAC7B,UAAM,QAAQ,OAAO,MAAM,IAAI;AAE/B,aAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,YAAM,OAAO,MAAM,CAAC;AAEpB,iBAAW,EAAE,SAAS,KAAK,KAAK,gBAAgB;AAC9C,YAAI,QAAQ,KAAK,IAAI,GAAG;AACtB,mBAAS,KAAK;AAAA,YACZ,MAAM;AAAA,YACN,SAAS;AAAA,YACT,SAAS,GAAG,IAAI;AAAA,YAChB,MAAM,IAAI;AAAA,UACZ,CAAC;AACD;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,QAAwB;AAC7B,QAAI,WAAW;AAGf,eAAW,EAAE,SAAS,KAAK,KAAK,iBAAiB;AAC/C,iBAAW,SAAS,QAAQ,IAAI,OAAO,QAAQ,QAAQ,GAAG,GAAG,aAAa,IAAI,GAAG;AAAA,IACnF;AAGA,eAAW,WAAW,KAAK,gBAAgB;AACzC,iBAAW,SAAS,QAAQ,SAAS,YAAY;AAAA,IACnD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW,QAAyB;AAClC,eAAW,WAAW,KAAK,gBAAgB;AACzC,UAAI,QAAQ,KAAK,MAAM,GAAG;AACxB,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,UAAU,UAA6B;AAC5C,QAAI,SAAS,WAAW,GAAG;AACzB,aAAO;AAAA,IACT;AAEA,UAAM,UAAU,SAAS,OAAO,OAAK,EAAE,SAAS,QAAQ;AACxD,UAAM,SAAS,SAAS,OAAO,OAAK,EAAE,SAAS,OAAO;AAEtD,UAAM,QAAkB,CAAC;AACzB,QAAI,QAAQ,SAAS,GAAG;AACtB,YAAM,KAAK,GAAG,QAAQ,MAAM,sBAAsB;AAAA,IACpD;AACA,QAAI,OAAO,SAAS,GAAG;AACrB,YAAM,KAAK,GAAG,OAAO,MAAM,WAAW;AAAA,IACxC;AAEA,WAAO,MAAM,KAAK,IAAI;AAAA,EACxB;AACF;;;ACnPO,SAAS,uBAA8C;AAE5D,QAAM,mBAAmB,QAAQ,IAAI;AACrC,QAAM,eAAe,QAAQ,IAAI;AACjC,QAAM,iBAAiB,QAAQ,IAAI;AAGnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,QAAM,gBAAgB,QAAQ,IAAI;AAGlC,QAAM,aAAa,QAAQ,IAAI;AAC/B,QAAM,WAAW,QAAQ,IAAI;AAG7B,QAAM,YAAY,oBAAoB;AAGtC,QAAM,YAAY,gBAAgB;AAIlC,QAAM,cAAc,mBAAmB;AAGvC,QAAM,mBAAmB,CAAC,EAAE,aAAa;AAEzC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,kBAAkB;AAAA,EACpB;AACF;AAKO,SAAS,qBAA8B;AAC5C,SAAO,CAAC,EACN,QAAQ,IAAI,sBACZ,QAAQ,IAAI,iBACZ,QAAQ,IAAI,uBACZ,QAAQ,IAAI;AAEhB;AAKO,SAAS,sBAA0C;AACxD,SAAO,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AACvD;AAKO,SAAS,sBAA0C;AACxD,SAAO,QAAQ,IAAI,iBAAiB,QAAQ,IAAI;AAClD;AAKO,SAAS,mBAA4B;AAC1C,QAAM,UAAU,QAAQ,IAAI;AAC5B,SAAO,YAAY;AACrB;","names":[]}
1	+ {"version":3,"sources":["../src/policy/anomaly-detector.ts","../src/policy/output-scanner.ts","../src/hooks/moltbot-runtime.ts"],"sourcesContent":["/*\r\n Anomaly Detection\r\n * Flag unusual patterns without ML\r\n /\r\n\r\nexport interface AnomalyConfig {\r\n workingHours?: [number, number] // [startHour, endHour] in 24h format\r\n typicalCommandsPerMinute?: number // Normal rate\r\n knownPaths?: string[] // Expected paths for this project\r\n suspiciousPatterns?: RegExp[] // Additional patterns to flag\r\n enabled?: boolean\r\n}\r\n\r\nexport interface Anomaly {\r\n type: 'timing' \| 'frequency' \| 'path' \| 'pattern' \| 'behavior'\r\n severity: 'info' \| 'warning' \| 'alert'\r\n message: string\r\n details: Record<string, unknown>\r\n}\r\n\r\ninterface CommandRecord {\r\n command: string\r\n timestamp: number\r\n path?: string\r\n}\r\n\r\nconst DEFAULT_CONFIG: Required<AnomalyConfig> = {\r\n workingHours: [6, 22], // 6 AM to 10 PM\r\n typicalCommandsPerMinute: 30,\r\n knownPaths: [],\r\n suspiciousPatterns: [],\r\n enabled: true\r\n}\r\n\r\n// Default suspicious patterns\r\nconst DEFAULT_SUSPICIOUS_PATTERNS: RegExp[] = [\r\n /\\bpasswd\\b/,\r\n /\\bshadow\\b/,\r\n /\\/root\\//,\r\n /\\.ssh\\//,\r\n /\\.gnupg\\//,\r\n /\\.aws\\//,\r\n /\\.kube\\//,\r\n /wallet/i,\r\n /crypto/i,\r\n /bitcoin/i,\r\n /ethereum/i,\r\n /private.key/i,\r\n]\r\n\r\nexport class AnomalyDetector {\r\n private config: Required<AnomalyConfig>\r\n private commands: CommandRecord[] = []\r\n private baselinePaths: Set<string> = new Set()\r\n private baselineCommands: Set<string> = new Set()\r\n private learningMode: boolean = true\r\n private learningCount: number = 0\r\n private readonly LEARNING_THRESHOLD = 50\r\n\r\n constructor(config: AnomalyConfig = {}) {\r\n this.config = { ...DEFAULT_CONFIG, ...config }\r\n }\r\n\r\n /*\r\n Check a command for anomalies\r\n /\r\n check(command: string, cwd?: string): Anomaly[] {\r\n if (!this.config.enabled) return []\r\n\r\n const anomalies: Anomaly[] = []\r\n const now = Date.now()\r\n\r\n // Record for learning/baseline\r\n this.commands.push({ command, timestamp: now, path: cwd })\r\n if (this.commands.length > 1000) {\r\n this.commands = this.commands.slice(-500)\r\n }\r\n\r\n // Learning mode: build baseline\r\n if (this.learningMode) {\r\n this.learn(command, cwd)\r\n if (this.learningCount >= this.LEARNING_THRESHOLD) {\r\n this.learningMode = false\r\n }\r\n return anomalies // Don't flag during learning\r\n }\r\n\r\n // Check timing\r\n const timingAnomaly = this.checkTiming(now)\r\n if (timingAnomaly) anomalies.push(timingAnomaly)\r\n\r\n // Check frequency\r\n const freqAnomaly = this.checkFrequency(now)\r\n if (freqAnomaly) anomalies.push(freqAnomaly)\r\n\r\n // Check paths\r\n if (cwd) {\r\n const pathAnomaly = this.checkPath(cwd)\r\n if (pathAnomaly) anomalies.push(pathAnomaly)\r\n }\r\n\r\n // Check patterns\r\n const patternAnomalies = this.checkPatterns(command)\r\n anomalies.push(...patternAnomalies)\r\n\r\n // Check behavior\r\n const behaviorAnomaly = this.checkBehavior(command)\r\n if (behaviorAnomaly) anomalies.push(behaviorAnomaly)\r\n\r\n return anomalies\r\n }\r\n\r\n /\r\n Learn from command (build baseline)\r\n /\r\n private learn(command: string, cwd?: string): void {\r\n this.learningCount++\r\n\r\n // Learn command patterns\r\n const baseCmd = command.split(/\\s+/)[0]\r\n this.baselineCommands.add(baseCmd)\r\n\r\n // Learn paths\r\n if (cwd) {\r\n this.baselinePaths.add(cwd)\r\n // Also add parent directories\r\n const parts = cwd.split(/[/\\\\]/)\r\n for (let i = 1; i <= parts.length; i++) {\r\n this.baselinePaths.add(parts.slice(0, i).join('/'))\r\n }\r\n }\r\n }\r\n\r\n /\r\n Check for timing anomalies\r\n /\r\n private checkTiming(now: number): Anomaly \| null {\r\n const hour = new Date(now).getHours()\r\n const [start, end] = this.config.workingHours\r\n\r\n if (hour < start \|\| hour >= end) {\r\n return {\r\n type: 'timing',\r\n severity: 'info',\r\n message: `Activity outside normal hours (${hour}:00)`,\r\n details: { hour, workingHours: this.config.workingHours }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Check for frequency anomalies\r\n /\r\n private checkFrequency(now: number): Anomaly \| null {\r\n const oneMinuteAgo = now - 60000\r\n const recentCommands = this.commands.filter(c => c.timestamp > oneMinuteAgo)\r\n const rate = recentCommands.length\r\n\r\n if (rate > this.config.typicalCommandsPerMinute 2) {\r\n return {\r\n type: 'frequency',\r\n severity: 'warning',\r\n message: `High command rate: ${rate}/min (typical: ${this.config.typicalCommandsPerMinute})`,\r\n details: { rate, typical: this.config.typicalCommandsPerMinute }\r\n }\r\n }\r\n\r\n // Check for burst (many commands in very short time)\r\n const fiveSecondsAgo = now - 5000\r\n const burstCommands = this.commands.filter(c => c.timestamp > fiveSecondsAgo)\r\n if (burstCommands.length > 10) {\r\n return {\r\n type: 'frequency',\r\n severity: 'alert',\r\n message: `Burst detected: ${burstCommands.length} commands in 5 seconds`,\r\n details: { count: burstCommands.length, window: '5s' }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /*\r\n Check for unusual path access\r\n /\r\n private checkPath(path: string): Anomaly \| null {\r\n // Skip if we have known paths configured\r\n if (this.config.knownPaths.length > 0) {\r\n const isKnown = this.config.knownPaths.some(p =>\r\n path.startsWith(p) \|\| path.includes(p)\r\n )\r\n if (!isKnown) {\r\n return {\r\n type: 'path',\r\n severity: 'warning',\r\n message: `Access to unexpected path: ${path}`,\r\n details: { path, knownPaths: this.config.knownPaths }\r\n }\r\n }\r\n }\r\n\r\n // Check against learned baseline\r\n if (!this.learningMode && this.baselinePaths.size > 0) {\r\n const isBaseline = this.baselinePaths.has(path) \|\|\r\n [...this.baselinePaths].some(p => path.startsWith(p))\r\n\r\n if (!isBaseline) {\r\n return {\r\n type: 'path',\r\n severity: 'info',\r\n message: `New path accessed: ${path}`,\r\n details: { path, isNew: true }\r\n }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Check for suspicious patterns\r\n /\r\n private checkPatterns(command: string): Anomaly[] {\r\n const anomalies: Anomaly[] = []\r\n const allPatterns = [...DEFAULT_SUSPICIOUS_PATTERNS, ...this.config.suspiciousPatterns]\r\n\r\n for (const pattern of allPatterns) {\r\n if (pattern.test(command)) {\r\n anomalies.push({\r\n type: 'pattern',\r\n severity: 'warning',\r\n message: `Suspicious pattern detected: ${pattern.source}`,\r\n details: { command: command.slice(0, 100), pattern: pattern.source }\r\n })\r\n }\r\n }\r\n\r\n return anomalies\r\n }\r\n\r\n /\r\n Check for behavioral anomalies\r\n /\r\n private checkBehavior(command: string): Anomaly \| null {\r\n const baseCmd = command.split(/\\s+/)[0]\r\n\r\n // Check for new command type after learning\r\n if (!this.learningMode && this.baselineCommands.size > 0) {\r\n if (!this.baselineCommands.has(baseCmd)) {\r\n // Only flag if it's potentially sensitive\r\n const sensitiveCommands = new Set([\r\n 'curl', 'wget', 'nc', 'netcat', 'ssh', 'scp', 'rsync',\r\n 'sudo', 'su', 'chmod', 'chown', 'mount', 'umount'\r\n ])\r\n\r\n if (sensitiveCommands.has(baseCmd)) {\r\n return {\r\n type: 'behavior',\r\n severity: 'warning',\r\n message: `New sensitive command type: ${baseCmd}`,\r\n details: { command: baseCmd, isNew: true }\r\n }\r\n }\r\n }\r\n }\r\n\r\n return null\r\n }\r\n\r\n /\r\n Get anomaly stats\r\n /\r\n getStats(): {\r\n learningMode: boolean\r\n learningProgress: number\r\n baselineCommands: number\r\n baselinePaths: number\r\n recentCommandRate: number\r\n } {\r\n const now = Date.now()\r\n const oneMinuteAgo = now - 60000\r\n const recentRate = this.commands.filter(c => c.timestamp > oneMinuteAgo).length\r\n\r\n return {\r\n learningMode: this.learningMode,\r\n learningProgress: Math.min(100, Math.round((this.learningCount / this.LEARNING_THRESHOLD) 100)),\r\n baselineCommands: this.baselineCommands.size,\r\n baselinePaths: this.baselinePaths.size,\r\n recentCommandRate: recentRate\r\n }\r\n }\r\n\r\n /*\r\n Force end learning mode\r\n /\r\n endLearning(): void {\r\n this.learningMode = false\r\n }\r\n\r\n /\r\n Reset and restart learning\r\n /\r\n reset(): void {\r\n this.commands = []\r\n this.baselinePaths.clear()\r\n this.baselineCommands.clear()\r\n this.learningMode = true\r\n this.learningCount = 0\r\n }\r\n}\r\n","/\r\n Output Scanner\r\n * Scan command output for leaked secrets and sensitive data\r\n /\r\n\r\nimport type { OutputScanningPolicy } from '../types.js'\r\n\r\nexport interface ScanResult {\r\n hasSecrets: boolean\r\n hasErrors: boolean\r\n redactedOutput: string\r\n findings: Finding[]\r\n}\r\n\r\nexport interface Finding {\r\n type: 'secret' \| 'error' \| 'sensitive'\r\n pattern: string\r\n message: string\r\n line?: number\r\n}\r\n\r\n// Built-in secret patterns\r\nconst SECRET_PATTERNS: { pattern: RegExp; name: string }[] = [\r\n // API Keys\r\n { pattern: /sk-[A-Za-z0-9]{20,}/, name: 'OpenAI API Key' },\r\n { pattern: /sk-ant-[A-Za-z0-9\\-]{20,}/, name: 'Anthropic API Key' },\r\n { pattern: /ghp_[A-Za-z0-9]{36}/, name: 'GitHub Token' },\r\n { pattern: /gho_[A-Za-z0-9]{36}/, name: 'GitHub OAuth Token' },\r\n { pattern: /github_pat_[A-Za-z0-9_]{22,}/, name: 'GitHub PAT' },\r\n { pattern: /glpat-[A-Za-z0-9\\-]{20,}/, name: 'GitLab Token' },\r\n { pattern: /xox[baprs]-[A-Za-z0-9\\-]{10,}/, name: 'Slack Token' },\r\n { pattern: /sk_live_[A-Za-z0-9]{24,}/, name: 'Stripe Secret Key' },\r\n { pattern: /sq0atp-[A-Za-z0-9\\-_]{22,}/, name: 'Square Token' },\r\n { pattern: /AKIA[A-Z0-9]{16}/, name: 'AWS Access Key' },\r\n { pattern: /amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/, name: 'Amazon MWS Key' },\r\n\r\n // OAuth/JWT\r\n { pattern: /Bearer\\s+[A-Za-z0-9\\-._~+/]+=/, name: 'Bearer Token' },\r\n { pattern: /eyJ[A-Za-z0-9\\-_]+\\.eyJ[A-Za-z0-9\\-_]+\\.[A-Za-z0-9\\-_]+/, name: 'JWT Token' },\r\n\r\n // Credentials in output\r\n { pattern: /password\\s[=:]\\s['\"]?[^\\s'\"]{4,}['\"]?/i, name: 'Password' },\r\n { pattern: /passwd\\s[=:]\\s['\"]?[^\\s'\"]{4,}['\"]?/i, name: 'Password' },\r\n { pattern: /api[_-]?key\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'API Key' },\r\n { pattern: /secret\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'Secret' },\r\n { pattern: /token\\s[=:]\\s['\"]?[^\\s'\"]{8,}['\"]?/i, name: 'Token' },\r\n\r\n // Private keys\r\n { pattern: /-----BEGIN\\s+(RSA\\s+)?PRIVATE\\s+KEY-----/, name: 'Private Key' },\r\n { pattern: /-----BEGIN\\s+EC\\s+PRIVATE\\s+KEY-----/, name: 'EC Private Key' },\r\n { pattern: /-----BEGIN\\s+OPENSSH\\s+PRIVATE\\s+KEY-----/, name: 'SSH Private Key' },\r\n { pattern: /-----BEGIN\\s+PGP\\s+PRIVATE\\s+KEY\\s+BLOCK-----/, name: 'PGP Private Key' },\r\n\r\n // Database URLs\r\n { pattern: /mongodb(\\+srv)?:\\/\\/[^:]+:[^@]+@/, name: 'MongoDB Connection String' },\r\n { pattern: /postgres(ql)?:\\/\\/[^:]+:[^@]+@/, name: 'PostgreSQL Connection String' },\r\n { pattern: /mysql:\\/\\/[^:]+:[^@]+@/, name: 'MySQL Connection String' },\r\n { pattern: /redis:\\/\\/[^:]+:[^@]+@/, name: 'Redis Connection String' },\r\n\r\n // SSH\r\n { pattern: /ssh-rsa\\s+[A-Za-z0-9+/]+[=]{0,2}/, name: 'SSH Public Key' },\r\n { pattern: /ssh-ed25519\\s+[A-Za-z0-9+/]+/, name: 'SSH ED25519 Key' },\r\n]\r\n\r\n// Error patterns to detect\r\nconst ERROR_PATTERNS: { pattern: RegExp; name: string }[] = [\r\n { pattern: /EACCES\|EPERM\|permission denied/i, name: 'Permission Error' },\r\n { pattern: /ENOENT\|no such file\|not found/i, name: 'File Not Found' },\r\n { pattern: /ECONNREFUSED\|connection refused/i, name: 'Connection Refused' },\r\n { pattern: /ETIMEDOUT\|timed out/i, name: 'Timeout Error' },\r\n { pattern: /segmentation fault\|core dumped/i, name: 'Crash' },\r\n { pattern: /out of memory\|OOM\|cannot allocate/i, name: 'Memory Error' },\r\n { pattern: /stack trace\|traceback\|at\\s+\\S+:\\d+:\\d+/i, name: 'Stack Trace' },\r\n { pattern: /error:\|fatal:\|failed:/i, name: 'Error Message' },\r\n]\r\n\r\nexport class OutputScanner {\r\n private secretPatterns: RegExp[]\r\n private redactPatterns: RegExp[]\r\n private policy: OutputScanningPolicy\r\n\r\n constructor(policy: OutputScanningPolicy) {\r\n this.policy = policy\r\n\r\n // Compile secret patterns\r\n this.secretPatterns = SECRET_PATTERNS.map(p => p.pattern)\r\n\r\n // Compile custom redact patterns\r\n this.redactPatterns = (policy.redactPatterns \|\| [])\r\n .map(p => {\r\n try {\r\n return new RegExp(p, 'gi')\r\n } catch {\r\n return null\r\n }\r\n })\r\n .filter((p): p is RegExp => p !== null)\r\n }\r\n\r\n /*\r\n Scan output for secrets and sensitive data\r\n /\r\n scan(output: string): ScanResult {\r\n if (!this.policy.enabled) {\r\n return {\r\n hasSecrets: false,\r\n hasErrors: false,\r\n redactedOutput: output,\r\n findings: []\r\n }\r\n }\r\n\r\n const findings: Finding[] = []\r\n let hasSecrets = false\r\n let hasErrors = false\r\n\r\n // Truncate if needed\r\n let processedOutput = output\r\n if (output.length > this.policy.maxOutputLength) {\r\n processedOutput = output.slice(0, this.policy.maxOutputLength) + '\\n... [truncated]'\r\n }\r\n\r\n // Scan for secrets\r\n if (this.policy.scanForSecrets) {\r\n const secretFindings = this.scanForSecrets(processedOutput)\r\n if (secretFindings.length > 0) {\r\n hasSecrets = true\r\n findings.push(...secretFindings)\r\n }\r\n }\r\n\r\n // Scan for errors\r\n if (this.policy.scanForErrors) {\r\n const errorFindings = this.scanForErrors(processedOutput)\r\n if (errorFindings.length > 0) {\r\n hasErrors = true\r\n findings.push(...errorFindings)\r\n }\r\n }\r\n\r\n // Redact sensitive data\r\n const redactedOutput = this.redact(processedOutput)\r\n\r\n return {\r\n hasSecrets,\r\n hasErrors,\r\n redactedOutput,\r\n findings\r\n }\r\n }\r\n\r\n /\r\n Scan for secrets in output\r\n /\r\n private scanForSecrets(output: string): Finding[] {\r\n const findings: Finding[] = []\r\n const lines = output.split('\\n')\r\n\r\n for (let i = 0; i < lines.length; i++) {\r\n const line = lines[i]\r\n\r\n for (const { pattern, name } of SECRET_PATTERNS) {\r\n if (pattern.test(line)) {\r\n findings.push({\r\n type: 'secret',\r\n pattern: name,\r\n message: `Potential ${name} found in output`,\r\n line: i + 1\r\n })\r\n }\r\n }\r\n }\r\n\r\n return findings\r\n }\r\n\r\n /\r\n Scan for error patterns in output\r\n /\r\n private scanForErrors(output: string): Finding[] {\r\n const findings: Finding[] = []\r\n const lines = output.split('\\n')\r\n\r\n for (let i = 0; i < lines.length; i++) {\r\n const line = lines[i]\r\n\r\n for (const { pattern, name } of ERROR_PATTERNS) {\r\n if (pattern.test(line)) {\r\n findings.push({\r\n type: 'error',\r\n pattern: name,\r\n message: `${name} detected`,\r\n line: i + 1\r\n })\r\n break // Only report first error type per line\r\n }\r\n }\r\n }\r\n\r\n return findings\r\n }\r\n\r\n /\r\n Redact sensitive data from output\r\n /\r\n redact(output: string): string {\r\n let redacted = output\r\n\r\n // Redact built-in secret patterns\r\n for (const { pattern, name } of SECRET_PATTERNS) {\r\n redacted = redacted.replace(new RegExp(pattern.source, 'g'), `[REDACTED ${name}]`)\r\n }\r\n\r\n // Redact custom patterns\r\n for (const pattern of this.redactPatterns) {\r\n redacted = redacted.replace(pattern, '[REDACTED]')\r\n }\r\n\r\n return redacted\r\n }\r\n\r\n /\r\n Check if output contains any secrets\r\n /\r\n hasSecrets(output: string): boolean {\r\n for (const pattern of this.secretPatterns) {\r\n if (pattern.test(output)) {\r\n return true\r\n }\r\n }\r\n return false\r\n }\r\n\r\n /\r\n Get summary of findings\r\n /\r\n static summarize(findings: Finding[]): string {\r\n if (findings.length === 0) {\r\n return 'No issues found'\r\n }\r\n\r\n const secrets = findings.filter(f => f.type === 'secret')\r\n const errors = findings.filter(f => f.type === 'error')\r\n\r\n const parts: string[] = []\r\n if (secrets.length > 0) {\r\n parts.push(`${secrets.length} potential secret(s)`)\r\n }\r\n if (errors.length > 0) {\r\n parts.push(`${errors.length} error(s)`)\r\n }\r\n\r\n return parts.join(', ')\r\n }\r\n}\r\n","/\r\n Moltbot Runtime Session Detection\r\n * Detects when running inside a moltbot session via environment variables\r\n /\r\n\r\nimport type { MoltbotSessionContext } from '../types.js'\r\n\r\n/\r\n Detect if we're running inside a moltbot session\r\n * Checks environment variables set by moltbot when spawning commands\r\n /\r\nexport function detectMoltbotSession(): MoltbotSessionContext {\r\n // Check for moltbot environment variables (new naming)\r\n const moltbotSessionId = process.env.MOLTBOT_SESSION_ID\r\n const moltbotAgent = process.env.MOLTBOT_AGENT\r\n const moltbotSandbox = process.env.MOLTBOT_SANDBOX\r\n\r\n // Check for clawdbot environment variables (legacy naming)\r\n const clawdbotSessionId = process.env.CLAWDBOT_SESSION_ID\r\n const clawdbotAgent = process.env.CLAWDBOT_AGENT\r\n\r\n // Check for shared config path (works with both)\r\n const configPath = process.env.CLAWDBOT_CONFIG_PATH\r\n const stateDir = process.env.CLAWDBOT_STATE_DIR\r\n\r\n // Determine session ID (prefer moltbot over clawdbot)\r\n const sessionId = moltbotSessionId \|\| clawdbotSessionId\r\n\r\n // Determine agent name\r\n const agentName = moltbotAgent \|\| clawdbotAgent\r\n\r\n // Determine sandbox mode\r\n // MOLTBOT_SANDBOX can be 'strict', 'permissive', or 'off'\r\n const sandboxMode = moltbotSandbox !== 'off'\r\n\r\n // Determine if we're in a moltbot session\r\n const inMoltbotSession = !!(sessionId \|\| agentName)\r\n\r\n return {\r\n inMoltbotSession,\r\n sessionId,\r\n agentName,\r\n sandboxMode,\r\n customConfigPath: configPath\r\n }\r\n}\r\n\r\n/\r\n Check if we're in a moltbot session (simple boolean check)\r\n /\r\nexport function isInMoltbotSession(): boolean {\r\n return !!(\r\n process.env.MOLTBOT_SESSION_ID \|\|\r\n process.env.MOLTBOT_AGENT \|\|\r\n process.env.CLAWDBOT_SESSION_ID \|\|\r\n process.env.CLAWDBOT_AGENT\r\n )\r\n}\r\n\r\n/\r\n Get the moltbot session ID if running in a session\r\n /\r\nexport function getMoltbotSessionId(): string \| undefined {\r\n return process.env.MOLTBOT_SESSION_ID \|\| process.env.CLAWDBOT_SESSION_ID\r\n}\r\n\r\n/\r\n Get the moltbot agent name if running in a session\r\n /\r\nexport function getMoltbotAgentName(): string \| undefined {\r\n return process.env.MOLTBOT_AGENT \|\| process.env.CLAWDBOT_AGENT\r\n}\r\n\r\n/\r\n Check if sandbox mode is enabled in the current session\r\n /\r\nexport function isSandboxEnabled(): boolean {\r\n const sandbox = process.env.MOLTBOT_SANDBOX\r\n return sandbox !== 'off'\r\n}\r\n\r\n/\r\n Get the custom config path if set\r\n /\r\nexport function getCustomConfigPath(): string \| undefined {\r\n return process.env.CLAWDBOT_CONFIG_PATH\r\n}\r\n\r\n/\r\n Get the state directory if set\r\n */\r\nexport function getStateDir(): string \| undefined {\r\n return process.env.CLAWDBOT_STATE_DIR\r\n}\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BA,IAAM,iBAA0C;AAAA,EAC9C,cAAc,CAAC,GAAG,EAAE;AAAA;AAAA,EACpB,0BAA0B;AAAA,EAC1B,YAAY,CAAC;AAAA,EACb,oBAAoB,CAAC;AAAA,EACrB,SAAS;AACX;AAGA,IAAM,8BAAwC;AAAA,EAC5C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEO,IAAM,kBAAN,MAAsB;AAAA,EACnB;AAAA,EACA,WAA4B,CAAC;AAAA,EAC7B,gBAA6B,oBAAI,IAAI;AAAA,EACrC,mBAAgC,oBAAI,IAAI;AAAA,EACxC,eAAwB;AAAA,EACxB,gBAAwB;AAAA,EACf,qBAAqB;AAAA,EAEtC,YAAY,SAAwB,CAAC,GAAG;AACtC,SAAK,SAAS,EAAE,GAAG,gBAAgB,GAAG,OAAO;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAiB,KAAyB;AAC9C,QAAI,CAAC,KAAK,OAAO,QAAS,QAAO,CAAC;AAElC,UAAM,YAAuB,CAAC;AAC9B,UAAM,MAAM,KAAK,IAAI;AAGrB,SAAK,SAAS,KAAK,EAAE,SAAS,WAAW,KAAK,MAAM,IAAI,CAAC;AACzD,QAAI,KAAK,SAAS,SAAS,KAAM;AAC/B,WAAK,WAAW,KAAK,SAAS,MAAM,IAAI;AAAA,IAC1C;AAGA,QAAI,KAAK,cAAc;AACrB,WAAK,MAAM,SAAS,GAAG;AACvB,UAAI,KAAK,iBAAiB,KAAK,oBAAoB;AACjD,aAAK,eAAe;AAAA,MACtB;AACA,aAAO;AAAA,IACT;AAGA,UAAM,gBAAgB,KAAK,YAAY,GAAG;AAC1C,QAAI,cAAe,WAAU,KAAK,aAAa;AAG/C,UAAM,cAAc,KAAK,eAAe,GAAG;AAC3C,QAAI,YAAa,WAAU,KAAK,WAAW;AAG3C,QAAI,KAAK;AACP,YAAM,cAAc,KAAK,UAAU,GAAG;AACtC,UAAI,YAAa,WAAU,KAAK,WAAW;AAAA,IAC7C;AAGA,UAAM,mBAAmB,KAAK,cAAc,OAAO;AACnD,cAAU,KAAK,GAAG,gBAAgB;AAGlC,UAAM,kBAAkB,KAAK,cAAc,OAAO;AAClD,QAAI,gBAAiB,WAAU,KAAK,eAAe;AAEnD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,MAAM,SAAiB,KAAoB;AACjD,SAAK;AAGL,UAAM,UAAU,QAAQ,MAAM,KAAK,EAAE,CAAC;AACtC,SAAK,iBAAiB,IAAI,OAAO;AAGjC,QAAI,KAAK;AACP,WAAK,cAAc,IAAI,GAAG;AAE1B,YAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,eAAS,IAAI,GAAG,KAAK,MAAM,QAAQ,KAAK;AACtC,aAAK,cAAc,IAAI,MAAM,MAAM,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC;AAAA,MACpD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,YAAY,KAA6B;AAC/C,UAAM,OAAO,IAAI,KAAK,GAAG,EAAE,SAAS;AACpC,UAAM,CAAC,OAAO,GAAG,IAAI,KAAK,OAAO;AAEjC,QAAI,OAAO,SAAS,QAAQ,KAAK;AAC/B,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,kCAAkC,IAAI;AAAA,QAC/C,SAAS,EAAE,MAAM,cAAc,KAAK,OAAO,aAAa;AAAA,MAC1D;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAe,KAA6B;AAClD,UAAM,eAAe,MAAM;AAC3B,UAAM,iBAAiB,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,YAAY;AAC3E,UAAM,OAAO,eAAe;AAE5B,QAAI,OAAO,KAAK,OAAO,2BAA2B,GAAG;AACnD,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,sBAAsB,IAAI,kBAAkB,KAAK,OAAO,wBAAwB;AAAA,QACzF,SAAS,EAAE,MAAM,SAAS,KAAK,OAAO,yBAAyB;AAAA,MACjE;AAAA,IACF;AAGA,UAAM,iBAAiB,MAAM;AAC7B,UAAM,gBAAgB,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,cAAc;AAC5E,QAAI,cAAc,SAAS,IAAI;AAC7B,aAAO;AAAA,QACL,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,mBAAmB,cAAc,MAAM;AAAA,QAChD,SAAS,EAAE,OAAO,cAAc,QAAQ,QAAQ,KAAK;AAAA,MACvD;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAU,MAA8B;AAE9C,QAAI,KAAK,OAAO,WAAW,SAAS,GAAG;AACrC,YAAM,UAAU,KAAK,OAAO,WAAW;AAAA,QAAK,OAC1C,KAAK,WAAW,CAAC,KAAK,KAAK,SAAS,CAAC;AAAA,MACvC;AACA,UAAI,CAAC,SAAS;AACZ,eAAO;AAAA,UACL,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,8BAA8B,IAAI;AAAA,UAC3C,SAAS,EAAE,MAAM,YAAY,KAAK,OAAO,WAAW;AAAA,QACtD;AAAA,MACF;AAAA,IACF;AAGA,QAAI,CAAC,KAAK,gBAAgB,KAAK,cAAc,OAAO,GAAG;AACrD,YAAM,aAAa,KAAK,cAAc,IAAI,IAAI,KAC5C,CAAC,GAAG,KAAK,aAAa,EAAE,KAAK,OAAK,KAAK,WAAW,CAAC,CAAC;AAEtD,UAAI,CAAC,YAAY;AACf,eAAO;AAAA,UACL,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,sBAAsB,IAAI;AAAA,UACnC,SAAS,EAAE,MAAM,OAAO,KAAK;AAAA,QAC/B;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,SAA4B;AAChD,UAAM,YAAuB,CAAC;AAC9B,UAAM,cAAc,CAAC,GAAG,6BAA6B,GAAG,KAAK,OAAO,kBAAkB;AAEtF,eAAW,WAAW,aAAa;AACjC,UAAI,QAAQ,KAAK,OAAO,GAAG;AACzB,kBAAU,KAAK;AAAA,UACb,MAAM;AAAA,UACN,UAAU;AAAA,UACV,SAAS,gCAAgC,QAAQ,MAAM;AAAA,UACvD,SAAS,EAAE,SAAS,QAAQ,MAAM,GAAG,GAAG,GAAG,SAAS,QAAQ,OAAO;AAAA,QACrE,CAAC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,SAAiC;AACrD,UAAM,UAAU,QAAQ,MAAM,KAAK,EAAE,CAAC;AAGtC,QAAI,CAAC,KAAK,gBAAgB,KAAK,iBAAiB,OAAO,GAAG;AACxD,UAAI,CAAC,KAAK,iBAAiB,IAAI,OAAO,GAAG;AAEvC,cAAM,oBAAoB,oBAAI,IAAI;AAAA,UAChC;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAAM;AAAA,UAAU;AAAA,UAAO;AAAA,UAAO;AAAA,UAC9C;AAAA,UAAQ;AAAA,UAAM;AAAA,UAAS;AAAA,UAAS;AAAA,UAAS;AAAA,QAC3C,CAAC;AAED,YAAI,kBAAkB,IAAI,OAAO,GAAG;AAClC,iBAAO;AAAA,YACL,MAAM;AAAA,YACN,UAAU;AAAA,YACV,SAAS,+BAA+B,OAAO;AAAA,YAC/C,SAAS,EAAE,SAAS,SAAS,OAAO,KAAK;AAAA,UAC3C;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,WAME;AACA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,eAAe,MAAM;AAC3B,UAAM,aAAa,KAAK,SAAS,OAAO,OAAK,EAAE,YAAY,YAAY,EAAE;AAEzE,WAAO;AAAA,MACL,cAAc,KAAK;AAAA,MACnB,kBAAkB,KAAK,IAAI,KAAK,KAAK,MAAO,KAAK,gBAAgB,KAAK,qBAAsB,GAAG,CAAC;AAAA,MAChG,kBAAkB,KAAK,iBAAiB;AAAA,MACxC,eAAe,KAAK,cAAc;AAAA,MAClC,mBAAmB;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,cAAoB;AAClB,SAAK,eAAe;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA,EAKA,QAAc;AACZ,SAAK,WAAW,CAAC;AACjB,SAAK,cAAc,MAAM;AACzB,SAAK,iBAAiB,MAAM;AAC5B,SAAK,eAAe;AACpB,SAAK,gBAAgB;AAAA,EACvB;AACF;;;ACjSA,IAAM,kBAAuD;AAAA;AAAA,EAE3D,EAAE,SAAS,uBAAuB,MAAM,iBAAiB;AAAA,EACzD,EAAE,SAAS,6BAA6B,MAAM,oBAAoB;AAAA,EAClE,EAAE,SAAS,uBAAuB,MAAM,eAAe;AAAA,EACvD,EAAE,SAAS,uBAAuB,MAAM,qBAAqB;AAAA,EAC7D,EAAE,SAAS,gCAAgC,MAAM,aAAa;AAAA,EAC9D,EAAE,SAAS,4BAA4B,MAAM,eAAe;AAAA,EAC5D,EAAE,SAAS,iCAAiC,MAAM,cAAc;AAAA,EAChE,EAAE,SAAS,4BAA4B,MAAM,oBAAoB;AAAA,EACjE,EAAE,SAAS,8BAA8B,MAAM,eAAe;AAAA,EAC9D,EAAE,SAAS,oBAAoB,MAAM,iBAAiB;AAAA,EACtD,EAAE,SAAS,2EAA2E,MAAM,iBAAiB;AAAA;AAAA,EAG7G,EAAE,SAAS,kCAAkC,MAAM,eAAe;AAAA,EAClE,EAAE,SAAS,2DAA2D,MAAM,YAAY;AAAA;AAAA,EAGxF,EAAE,SAAS,4CAA4C,MAAM,WAAW;AAAA,EACxE,EAAE,SAAS,0CAA0C,MAAM,WAAW;AAAA,EACtE,EAAE,SAAS,+CAA+C,MAAM,UAAU;AAAA,EAC1E,EAAE,SAAS,0CAA0C,MAAM,SAAS;AAAA,EACpE,EAAE,SAAS,yCAAyC,MAAM,QAAQ;AAAA;AAAA,EAGlE,EAAE,SAAS,4CAA4C,MAAM,cAAc;AAAA,EAC3E,EAAE,SAAS,wCAAwC,MAAM,iBAAiB;AAAA,EAC1E,EAAE,SAAS,6CAA6C,MAAM,kBAAkB;AAAA,EAChF,EAAE,SAAS,iDAAiD,MAAM,kBAAkB;AAAA;AAAA,EAGpF,EAAE,SAAS,oCAAoC,MAAM,4BAA4B;AAAA,EACjF,EAAE,SAAS,kCAAkC,MAAM,+BAA+B;AAAA,EAClF,EAAE,SAAS,0BAA0B,MAAM,0BAA0B;AAAA,EACrE,EAAE,SAAS,0BAA0B,MAAM,0BAA0B;AAAA;AAAA,EAGrE,EAAE,SAAS,oCAAoC,MAAM,iBAAiB;AAAA,EACtE,EAAE,SAAS,gCAAgC,MAAM,kBAAkB;AACrE;AAGA,IAAM,iBAAsD;AAAA,EAC1D,EAAE,SAAS,mCAAmC,MAAM,mBAAmB;AAAA,EACvE,EAAE,SAAS,kCAAkC,MAAM,iBAAiB;AAAA,EACpE,EAAE,SAAS,oCAAoC,MAAM,qBAAqB;AAAA,EAC1E,EAAE,SAAS,wBAAwB,MAAM,gBAAgB;AAAA,EACzD,EAAE,SAAS,mCAAmC,MAAM,QAAQ;AAAA,EAC5D,EAAE,SAAS,sCAAsC,MAAM,eAAe;AAAA,EACtE,EAAE,SAAS,2CAA2C,MAAM,cAAc;AAAA,EAC1E,EAAE,SAAS,0BAA0B,MAAM,gBAAgB;AAC7D;AAEO,IAAM,gBAAN,MAAoB;AAAA,EACjB;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAA8B;AACxC,SAAK,SAAS;AAGd,SAAK,iBAAiB,gBAAgB,IAAI,OAAK,EAAE,OAAO;AAGxD,SAAK,kBAAkB,OAAO,kBAAkB,CAAC,GAC9C,IAAI,OAAK;AACR,UAAI;AACF,eAAO,IAAI,OAAO,GAAG,IAAI;AAAA,MAC3B,QAAQ;AACN,eAAO;AAAA,MACT;AAAA,IACF,CAAC,EACA,OAAO,CAAC,MAAmB,MAAM,IAAI;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,QAA4B;AAC/B,QAAI,CAAC,KAAK,OAAO,SAAS;AACxB,aAAO;AAAA,QACL,YAAY;AAAA,QACZ,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,UAAU,CAAC;AAAA,MACb;AAAA,IACF;AAEA,UAAM,WAAsB,CAAC;AAC7B,QAAI,aAAa;AACjB,QAAI,YAAY;AAGhB,QAAI,kBAAkB;AACtB,QAAI,OAAO,SAAS,KAAK,OAAO,iBAAiB;AAC/C,wBAAkB,OAAO,MAAM,GAAG,KAAK,OAAO,eAAe,IAAI;AAAA,IACnE;AAGA,QAAI,KAAK,OAAO,gBAAgB;AAC9B,YAAM,iBAAiB,KAAK,eAAe,eAAe;AAC1D,UAAI,eAAe,SAAS,GAAG;AAC7B,qBAAa;AACb,iBAAS,KAAK,GAAG,cAAc;AAAA,MACjC;AAAA,IACF;AAGA,QAAI,KAAK,OAAO,eAAe;AAC7B,YAAM,gBAAgB,KAAK,cAAc,eAAe;AACxD,UAAI,cAAc,SAAS,GAAG;AAC5B,oBAAY;AACZ,iBAAS,KAAK,GAAG,aAAa;AAAA,MAChC;AAAA,IACF;AAGA,UAAM,iBAAiB,KAAK,OAAO,eAAe;AAElD,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,eAAe,QAA2B;AAChD,UAAM,WAAsB,CAAC;AAC7B,UAAM,QAAQ,OAAO,MAAM,IAAI;AAE/B,aAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,YAAM,OAAO,MAAM,CAAC;AAEpB,iBAAW,EAAE,SAAS,KAAK,KAAK,iBAAiB;AAC/C,YAAI,QAAQ,KAAK,IAAI,GAAG;AACtB,mBAAS,KAAK;AAAA,YACZ,MAAM;AAAA,YACN,SAAS;AAAA,YACT,SAAS,aAAa,IAAI;AAAA,YAC1B,MAAM,IAAI;AAAA,UACZ,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,QAA2B;AAC/C,UAAM,WAAsB,CAAC;AAC7B,UAAM,QAAQ,OAAO,MAAM,IAAI;AAE/B,aAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,YAAM,OAAO,MAAM,CAAC;AAEpB,iBAAW,EAAE,SAAS,KAAK,KAAK,gBAAgB;AAC9C,YAAI,QAAQ,KAAK,IAAI,GAAG;AACtB,mBAAS,KAAK;AAAA,YACZ,MAAM;AAAA,YACN,SAAS;AAAA,YACT,SAAS,GAAG,IAAI;AAAA,YAChB,MAAM,IAAI;AAAA,UACZ,CAAC;AACD;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,QAAwB;AAC7B,QAAI,WAAW;AAGf,eAAW,EAAE,SAAS,KAAK,KAAK,iBAAiB;AAC/C,iBAAW,SAAS,QAAQ,IAAI,OAAO,QAAQ,QAAQ,GAAG,GAAG,aAAa,IAAI,GAAG;AAAA,IACnF;AAGA,eAAW,WAAW,KAAK,gBAAgB;AACzC,iBAAW,SAAS,QAAQ,SAAS,YAAY;AAAA,IACnD;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW,QAAyB;AAClC,eAAW,WAAW,KAAK,gBAAgB;AACzC,UAAI,QAAQ,KAAK,MAAM,GAAG;AACxB,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,UAAU,UAA6B;AAC5C,QAAI,SAAS,WAAW,GAAG;AACzB,aAAO;AAAA,IACT;AAEA,UAAM,UAAU,SAAS,OAAO,OAAK,EAAE,SAAS,QAAQ;AACxD,UAAM,SAAS,SAAS,OAAO,OAAK,EAAE,SAAS,OAAO;AAEtD,UAAM,QAAkB,CAAC;AACzB,QAAI,QAAQ,SAAS,GAAG;AACtB,YAAM,KAAK,GAAG,QAAQ,MAAM,sBAAsB;AAAA,IACpD;AACA,QAAI,OAAO,SAAS,GAAG;AACrB,YAAM,KAAK,GAAG,OAAO,MAAM,WAAW;AAAA,IACxC;AAEA,WAAO,MAAM,KAAK,IAAI;AAAA,EACxB;AACF;;;ACnPO,SAAS,uBAA8C;AAE5D,QAAM,mBAAmB,QAAQ,IAAI;AACrC,QAAM,eAAe,QAAQ,IAAI;AACjC,QAAM,iBAAiB,QAAQ,IAAI;AAGnC,QAAM,oBAAoB,QAAQ,IAAI;AACtC,QAAM,gBAAgB,QAAQ,IAAI;AAGlC,QAAM,aAAa,QAAQ,IAAI;AAC/B,QAAM,WAAW,QAAQ,IAAI;AAG7B,QAAM,YAAY,oBAAoB;AAGtC,QAAM,YAAY,gBAAgB;AAIlC,QAAM,cAAc,mBAAmB;AAGvC,QAAM,mBAAmB,CAAC,EAAE,aAAa;AAEzC,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,kBAAkB;AAAA,EACpB;AACF;AAKO,SAAS,qBAA8B;AAC5C,SAAO,CAAC,EACN,QAAQ,IAAI,sBACZ,QAAQ,IAAI,iBACZ,QAAQ,IAAI,uBACZ,QAAQ,IAAI;AAEhB;AAKO,SAAS,sBAA0C;AACxD,SAAO,QAAQ,IAAI,sBAAsB,QAAQ,IAAI;AACvD;AAKO,SAAS,sBAA0C;AACxD,SAAO,QAAQ,IAAI,iBAAiB,QAAQ,IAAI;AAClD;AAKO,SAAS,mBAA4B;AAC1C,QAAM,UAAU,QAAQ,IAAI;AAC5B,SAAO,YAAY;AACrB;","names":[]}

package/dist/session-Y4MICATZ.js ADDED Viewed

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+import {
+  allowForSession,
+  clearSessionAllowlist,
+  getSessionAllowlist,
+  isAllowedForSession
+} from "./chunk-FRMAIRQ2.js";
+import "./chunk-7OCVIDC7.js";
+export {
+  allowForSession,
+  clearSessionAllowlist,
+  getSessionAllowlist,
+  isAllowedForSession
+};
+//# sourceMappingURL=session-Y4MICATZ.js.map

package/dist/session-Y4MICATZ.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}