bashbros 0.1.3 → 0.1.4

package/dist/cli.js

@@ -1,33 +1,54 @@
 #!/usr/bin/env node
-import {
-  DashboardWriter
-} from "./chunk-EYO44OMN.js";
-import {
-  DashboardDB
-} from "./chunk-JYWQT2B4.js";
 import {
   formatAllAgentsInfo,
   formatPermissionsTable
-} from "./chunk-WPJJZLT6.js";
+} from "./chunk-CG6VEHJM.js";
+import {
+  GeminiCLIHooks
+} from "./chunk-T5ONCUHZ.js";
+import {
+  CopilotCLIHooks
+} from "./chunk-SDN6TAGD.js";
+import {
+  OpenCodeHooks
+} from "./chunk-IUUBCPMV.js";
+import {
+  formatRedactedConfig,
+  parseAgentConfig
+} from "./chunk-ID2O2QTI.js";
+import {
+  DashboardWriter
+} from "./chunk-KYDMPE4N.js";
 import {
+  ContextStore
+} from "./chunk-J6ONXY6N.js";
+import {
+  AnomalyDetector,
   BashBro,
   BashBros,
-  ClaudeCodeHooks,
   CostEstimator,
   LoopDetector,
-  MetricsCollector,
+  OutputScanner,
   ReportGenerator,
   UndoStack,
-  gateCommand,
   getBashgymIntegration
-} from "./chunk-2RPTM6EQ.js";
+} from "./chunk-7OEWYFN3.js";
+import {
+  ClaudeCodeHooks,
+  gateCommand
+} from "./chunk-LZYW7XQO.js";
+import {
+  MoltbotHooks
+} from "./chunk-J37RHCFJ.js";
 import "./chunk-SG752FZC.js";
-import "./chunk-DLP2O6PN.js";
+import "./chunk-EMLEJVJZ.js";
+import "./chunk-4XZ64P4V.js";
+import "./chunk-LJE4EPIU.js";
 import {
   findConfig,
   getDefaultConfig,
   loadConfig
-} from "./chunk-A535VV7N.js";
+} from "./chunk-RTZ4QWG2.js";
 import "./chunk-QWZGB4V3.js";
 import {
   allowForSession
@@ -36,12 +57,8 @@ import {
   RiskScorer
 } from "./chunk-DEAF6PYM.js";
 import {
-  formatRedactedConfig,
-  parseAgentConfig
-} from "./chunk-ID2O2QTI.js";
-import {
-  MoltbotHooks
-} from "./chunk-J37RHCFJ.js";
+  DashboardDB
+} from "./chunk-RDNSS3ME.js";
 import "./chunk-7OCVIDC7.js";
 
 // src/cli.ts
@@ -69,6 +86,7 @@ async function runOnboarding() {
         { name: "Moltbot (clawd.bot)", value: "moltbot" },
         { name: "Clawdbot (legacy)", value: "clawdbot" },
         { name: "Gemini CLI", value: "gemini-cli" },
+        { name: "Copilot CLI", value: "copilot-cli" },
         { name: "Aider", value: "aider" },
         { name: "OpenCode", value: "opencode" },
         { name: "Other (custom)", value: "custom" }
@@ -297,6 +315,9 @@ var AGENT_CONFIG_PATHS = {
   "gemini-cli": [
     join2(homedir2(), ".config", "gemini-cli", "config.json")
   ],
+  "copilot-cli": [
+    join2(homedir2(), ".config", "github-copilot", "config.json")
+  ],
   "opencode": [
     join2(homedir2(), ".opencode", "config.yml"),
     join2(homedir2(), ".config", "opencode", "config.yml")
@@ -309,6 +330,7 @@ var AGENT_COMMANDS = {
   "moltbot": "moltbot",
   "aider": "aider",
   "gemini-cli": "gemini",
+  "copilot-cli": "copilot",
   "opencode": "opencode",
   "custom": ""
 };
@@ -1018,7 +1040,7 @@ var EgressPatternMatcher = class {
 // src/policy/ward/egress.ts
 var DashboardDB2 = null;
 try {
-  const dbModule = await import("./db-SWJUUSFX.js");
+  const dbModule = await import("./db-ETWTBXAE.js");
   DashboardDB2 = dbModule.DashboardDB;
 } catch {
 }
@@ -1430,11 +1452,29 @@ import { readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "
 import { parse, stringify as stringify2 } from "yaml";
 var dashboardWriter = null;
 var riskScorer = null;
+var contextStore = null;
+var contextCommandCount = 0;
+var contextSessionStartTime = null;
 function cleanup() {
   if (process.stdin.isTTY) {
     process.stdin.setRawMode(false);
   }
 }
+function finalizeContextStore(agent) {
+  if (!contextStore) return;
+  try {
+    contextStore.writeSession({
+      id: `${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+      agent,
+      startTime: contextSessionStartTime || (/* @__PURE__ */ new Date()).toISOString(),
+      endTime: (/* @__PURE__ */ new Date()).toISOString(),
+      commandCount: contextCommandCount,
+      summary: `Watch session with ${contextCommandCount} commands`
+    });
+    contextStore.updateIndex();
+  } catch {
+  }
+}
 async function startWatch(options) {
   const configPath = findConfig();
   if (!configPath) {
@@ -1449,6 +1489,7 @@ async function startWatch(options) {
   console.log();
   const bashbros = new BashBros(configPath);
   const config = bashbros.getConfig();
+  const fullConfig = loadConfig(configPath);
   try {
     dashboardWriter = new DashboardWriter();
     riskScorer = new RiskScorer();
@@ -1461,6 +1502,33 @@ async function startWatch(options) {
       console.log(chalk3.yellow("  Dashboard recording disabled"));
     }
   }
+  try {
+    contextStore = new ContextStore(process.cwd());
+    contextStore.initialize();
+    contextSessionStartTime = (/* @__PURE__ */ new Date()).toISOString();
+    contextCommandCount = 0;
+    if (options.verbose) {
+      console.log(chalk3.dim("  Context store initialized"));
+    }
+  } catch (error) {
+    if (options.verbose) {
+      console.log(chalk3.yellow("  Context store disabled"));
+    }
+  }
+  const loopDetector2 = new LoopDetector(fullConfig.loopDetection);
+  const anomalyDetector = new AnomalyDetector({
+    workingHours: fullConfig.anomalyDetection.workingHours,
+    typicalCommandsPerMinute: fullConfig.anomalyDetection.typicalCommandsPerMinute,
+    suspiciousPatterns: fullConfig.anomalyDetection.suspiciousPatterns.map((p) => {
+      try {
+        return new RegExp(p, "i");
+      } catch {
+        return null;
+      }
+    }).filter((p) => p !== null),
+    enabled: fullConfig.anomalyDetection.enabled
+  });
+  const outputScanner = fullConfig.outputScanning.enabled ? new OutputScanner(fullConfig.outputScanning) : null;
   let pendingCommand = null;
   let awaitingPromptResponse = false;
   function showBlockedPrompt(command, violations) {
@@ -1500,6 +1568,11 @@ async function startWatch(options) {
         break;
       case "p":
         try {
+          if (!configPath) {
+            console.log(chalk3.red("  \u2717 No config file found"));
+            console.log();
+            break;
+          }
           const content = readFileSync2(configPath, "utf-8");
           const config2 = parse(content);
           if (!config2.commands) {
@@ -1539,14 +1612,50 @@ async function startWatch(options) {
       const risk = riskScorer.score(result.command);
       dashboardWriter.recordCommand(result.command, true, risk, [], result.duration);
     }
+    if (contextStore) {
+      try {
+        contextStore.appendCommand({
+          command: result.command,
+          output: (result.output || "").slice(0, 500),
+          agent: config.agent,
+          exitCode: result.exitCode ?? 0,
+          cwd: process.cwd()
+        });
+        contextCommandCount++;
+      } catch {
+      }
+    }
     if (options.verbose) {
       console.log(chalk3.green("\u2713"), chalk3.dim(result.command));
     }
   });
   bashbros.on("output", (data) => {
+    if (outputScanner) {
+      try {
+        const text = typeof data === "string" ? data : data.toString();
+        const scanResult = outputScanner.scan(text);
+        if (scanResult.hasSecrets) {
+          for (const f of scanResult.findings.filter((f2) => f2.type === "secret")) {
+            process.stderr.write(chalk3.yellow(`[BashBros] Output warning: ${f.message}`) + "\n");
+          }
+        }
+      } catch {
+      }
+    }
     process.stdout.write(data);
   });
   bashbros.on("error", (error) => {
+    if (contextStore) {
+      try {
+        contextStore.appendError({
+          command: "",
+          error: error.message,
+          agent: config.agent,
+          resolved: false
+        });
+      } catch {
+      }
+    }
     console.error(chalk3.red("Error:"), error.message);
   });
   bashbros.on("exit", (exitCode) => {
@@ -1554,6 +1663,7 @@ async function startWatch(options) {
       dashboardWriter.endSession();
       dashboardWriter.close();
     }
+    finalizeContextStore(config.agent);
     cleanup();
     process.exit(exitCode ?? 0);
   });
@@ -1565,6 +1675,7 @@ async function startWatch(options) {
       dashboardWriter.endSession();
       dashboardWriter.close();
     }
+    finalizeContextStore(config.agent);
     bashbros.stop();
     process.exit(0);
   });
@@ -1574,6 +1685,7 @@ async function startWatch(options) {
       dashboardWriter.endSession();
       dashboardWriter.close();
     }
+    finalizeContextStore(config.agent);
     bashbros.stop();
     process.exit(0);
   });
@@ -1583,6 +1695,7 @@ async function startWatch(options) {
       dashboardWriter.crashSession();
       dashboardWriter.close();
     }
+    finalizeContextStore(config.agent);
     cleanup();
     bashbros.stop();
     process.exit(1);
@@ -1623,6 +1736,48 @@ async function startWatch(options) {
         commandBuffer = "";
         if (command) {
           const violations = bashbros.validateOnly(command);
+          if (violations.length === 0 && riskScorer && fullConfig.riskScoring.enabled) {
+            const risk = riskScorer.score(command);
+            if (risk.score >= fullConfig.riskScoring.blockThreshold) {
+              violations.push({
+                type: "risk_score",
+                rule: "risk_threshold",
+                message: `Risk score ${risk.score} >= block threshold ${fullConfig.riskScoring.blockThreshold}: ${risk.factors.join(", ")}`
+              });
+            } else if (risk.score >= fullConfig.riskScoring.warnThreshold) {
+              process.stderr.write(chalk3.yellow(`[BashBros] Warning: risk score ${risk.score} (${risk.factors.join(", ")})`) + "\n");
+            }
+          }
+          if (violations.length === 0 && fullConfig.loopDetection.enabled) {
+            const loopAlert = loopDetector2.check(command);
+            if (loopAlert) {
+              if (fullConfig.loopDetection.action === "block") {
+                violations.push({
+                  type: "loop",
+                  rule: loopAlert.type,
+                  message: loopAlert.message
+                });
+              } else {
+                process.stderr.write(chalk3.yellow(`[BashBros] Loop warning: ${loopAlert.message}`) + "\n");
+              }
+            }
+          }
+          if (violations.length === 0 && fullConfig.anomalyDetection.enabled) {
+            const anomalies = anomalyDetector.check(command);
+            const significant = anomalies.filter((a) => a.severity === "warning" || a.severity === "alert");
+            if (significant.length > 0) {
+              const msg = significant.map((a) => a.message).join("; ");
+              if (fullConfig.anomalyDetection.action === "block") {
+                violations.push({
+                  type: "anomaly",
+                  rule: "anomaly_detection",
+                  message: `Anomaly: ${msg}`
+                });
+              } else {
+                process.stderr.write(chalk3.yellow(`[BashBros] Anomaly: ${msg}`) + "\n");
+              }
+            }
+          }
           if (violations.length > 0) {
             bashbros.write("");
             bashbros.write("\r");
@@ -1743,7 +1898,7 @@ var DashboardServer = class {
     this.app.use(express.json());
     this.app.use((_req, res, next) => {
       res.header("Access-Control-Allow-Origin", "*");
-      res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+      res.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
       res.header("Access-Control-Allow-Headers", "Content-Type");
       next();
     });
@@ -1787,7 +1942,7 @@ var DashboardServer = class {
     this.app.get("/api/connectors/:name/events", (req, res) => {
       try {
         const limit = req.query.limit ? parseInt(req.query.limit, 10) : 100;
-        const events = this.db.getConnectorEvents(req.params.name, limit);
+        const events = this.db.getConnectorEvents(String(req.params.name), limit);
         res.json(events);
       } catch (error) {
         res.status(500).json({ error: "Failed to fetch connector events" });
@@ -1803,7 +1958,7 @@ var DashboardServer = class {
     });
     this.app.post("/api/blocked/:id/approve", (req, res) => {
       try {
-        const { id } = req.params;
+        const id = String(req.params.id);
         const approvedBy = req.body?.approvedBy ?? "dashboard-user";
         const block = this.db.getBlock(id);
         if (!block) {
@@ -1819,7 +1974,7 @@ var DashboardServer = class {
     });
     this.app.post("/api/blocked/:id/deny", (req, res) => {
       try {
-        const { id } = req.params;
+        const id = String(req.params.id);
         const deniedBy = req.body?.deniedBy ?? "dashboard-user";
         const block = this.db.getBlock(id);
         if (!block) {
@@ -1860,9 +2015,17 @@ var DashboardServer = class {
         res.status(500).json({ error: "Failed to fetch active session" });
       }
     });
+    this.app.get("/api/sessions/active-all", (_req, res) => {
+      try {
+        const sessions = this.db.getActiveSessions();
+        res.json(sessions);
+      } catch (error) {
+        res.status(500).json({ error: "Failed to fetch active sessions" });
+      }
+    });
     this.app.get("/api/sessions/:id", (req, res) => {
       try {
-        const session = this.db.getSession(req.params.id);
+        const session = this.db.getSession(String(req.params.id));
         if (!session) {
           res.status(404).json({ error: "Session not found" });
           return;
@@ -1875,7 +2038,7 @@ var DashboardServer = class {
     this.app.get("/api/sessions/:id/commands", (req, res) => {
       try {
         const limit = req.query.limit ? parseInt(req.query.limit, 10) : 100;
-        const commands = this.db.getCommandsBySession(req.params.id, limit);
+        const commands = this.db.getCommandsBySession(String(req.params.id), limit);
         res.json(commands);
       } catch (error) {
         res.status(500).json({ error: "Failed to fetch session commands" });
@@ -1883,12 +2046,12 @@ var DashboardServer = class {
     });
     this.app.get("/api/sessions/:id/metrics", (req, res) => {
       try {
-        const session = this.db.getSession(req.params.id);
+        const session = this.db.getSession(String(req.params.id));
         if (!session) {
           res.status(404).json({ error: "Session not found" });
           return;
         }
-        const metrics = this.db.getSessionMetrics(req.params.id);
+        const metrics = this.db.getSessionMetrics(String(req.params.id));
         res.json(metrics);
       } catch (error) {
         res.status(500).json({ error: "Failed to fetch session metrics" });
@@ -1897,8 +2060,16 @@ var DashboardServer = class {
     this.app.get("/api/commands/live", (req, res) => {
       try {
         const limit = req.query.limit ? parseInt(req.query.limit, 10) : 20;
-        const commands = this.db.getLiveCommands(limit);
-        res.json(commands);
+        if (req.query.sessionId) {
+          const commands = this.db.getCommands({
+            sessionId: req.query.sessionId,
+            limit
+          });
+          res.json(commands);
+        } else {
+          const commands = this.db.getLiveCommands(limit);
+          res.json(commands);
+        }
       } catch (error) {
         res.status(500).json({ error: "Failed to fetch live commands" });
       }
@@ -1932,6 +2103,7 @@ var DashboardServer = class {
       try {
         const filter = {};
         if (req.query.toolName) filter.toolName = req.query.toolName;
+        if (req.query.sessionId) filter.sessionId = req.query.sessionId;
         if (req.query.since) filter.since = new Date(req.query.since);
         if (req.query.limit) filter.limit = parseInt(req.query.limit, 10);
         if (req.query.offset) filter.offset = parseInt(req.query.offset, 10);
@@ -2015,6 +2187,217 @@ var DashboardServer = class {
         res.status(500).json({ error: "Failed to trigger scan" });
       }
     });
+    this.app.get("/api/bro/models/running", async (_req, res) => {
+      try {
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), 5e3);
+        const response = await fetch("http://localhost:11434/api/ps", { signal: controller.signal });
+        clearTimeout(timeout);
+        if (!response.ok) {
+          res.json({ models: [] });
+          return;
+        }
+        const data = await response.json();
+        res.json(data);
+      } catch {
+        res.json({ models: [] });
+      }
+    });
+    this.app.get("/api/bro/models/:name", async (req, res) => {
+      try {
+        const name = decodeURIComponent(String(req.params.name));
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), 5e3);
+        const response = await fetch("http://localhost:11434/api/show", {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ name }),
+          signal: controller.signal
+        });
+        clearTimeout(timeout);
+        if (!response.ok) {
+          res.status(404).json({ error: "Model not found" });
+          return;
+        }
+        res.json(await response.json());
+      } catch {
+        res.status(500).json({ error: "Failed to fetch model details" });
+      }
+    });
+    this.app.post("/api/bro/models/pull", async (req, res) => {
+      try {
+        const { name } = req.body;
+        if (!name) {
+          res.status(400).json({ error: "Model name required" });
+          return;
+        }
+        this.broadcast({ type: "model:pull:start", name });
+        const response = await fetch("http://localhost:11434/api/pull", {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ name, stream: false })
+        });
+        if (response.ok) {
+          this.broadcast({ type: "model:pull:complete", name });
+          res.json({ success: true });
+        } else {
+          this.broadcast({ type: "model:pull:error", name });
+          res.status(500).json({ error: "Pull failed" });
+        }
+      } catch {
+        res.status(500).json({ error: "Failed to pull model" });
+      }
+    });
+    this.app.delete("/api/bro/models/:name", async (req, res) => {
+      try {
+        const name = decodeURIComponent(String(req.params.name));
+        const response = await fetch("http://localhost:11434/api/delete", {
+          method: "DELETE",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ name })
+        });
+        res.json({ success: response.ok });
+      } catch {
+        res.status(500).json({ error: "Failed to delete model" });
+      }
+    });
+    this.app.get("/api/bro/adapters", async (_req, res) => {
+      try {
+        const { AdapterRegistry } = await import("./adapters-JAZGGNVP.js");
+        const registry = new AdapterRegistry();
+        res.json(registry.discover());
+      } catch {
+        res.json([]);
+      }
+    });
+    this.app.get("/api/bro/adapters/events", (_req, res) => {
+      try {
+        res.json(this.db.getAdapterEvents());
+      } catch {
+        res.json([]);
+      }
+    });
+    this.app.post("/api/bro/adapters/:name/activate", async (req, res) => {
+      try {
+        const adapterName = String(req.params.name);
+        const { AdapterRegistry } = await import("./adapters-JAZGGNVP.js");
+        const registry = new AdapterRegistry();
+        const adapters = registry.discover();
+        const adapter = adapters.find((a) => a.name === adapterName);
+        if (!adapter) {
+          res.status(404).json({ error: "Adapter not found" });
+          return;
+        }
+        const modelfile = registry.generateModelfile(adapter);
+        const ollamaName = registry.ollamaModelName(adapterName);
+        const response = await fetch("http://localhost:11434/api/create", {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ name: ollamaName, modelfile, stream: false })
+        });
+        if (response.ok) {
+          this.db.insertAdapterEvent({
+            adapterName,
+            baseModel: adapter.baseModel,
+            purpose: adapter.purpose,
+            action: "activated",
+            success: true
+          });
+          this.broadcast({ type: "adapter:activated", name: adapterName });
+          res.json({ success: true, ollamaModel: ollamaName });
+        } else {
+          res.status(500).json({ error: "Failed to create Ollama model from adapter" });
+        }
+      } catch {
+        res.status(500).json({ error: "Failed to activate adapter" });
+      }
+    });
+    this.app.get("/api/bro/profiles", async (_req, res) => {
+      try {
+        const { ProfileManager } = await import("./profiles-7CLN6TAT.js");
+        res.json(new ProfileManager().list());
+      } catch {
+        res.json([]);
+      }
+    });
+    this.app.post("/api/bro/profiles", async (req, res) => {
+      try {
+        const { ProfileManager } = await import("./profiles-7CLN6TAT.js");
+        new ProfileManager().save(req.body);
+        res.json({ success: true });
+      } catch {
+        res.status(500).json({ error: "Failed to save profile" });
+      }
+    });
+    this.app.delete("/api/bro/profiles/:name", async (req, res) => {
+      try {
+        const { ProfileManager } = await import("./profiles-7CLN6TAT.js");
+        new ProfileManager().delete(String(req.params.name));
+        res.json({ success: true });
+      } catch {
+        res.status(500).json({ error: "Failed to delete profile" });
+      }
+    });
+    this.app.get("/api/context/index", async (_req, res) => {
+      try {
+        const { ContextStore: ContextStore2 } = await import("./store-WJ5Y7MOE.js");
+        res.json(new ContextStore2(process.cwd()).getIndex());
+      } catch {
+        res.json({ lastUpdated: "", agents: [], sessionCount: 0, commandFileCount: 0, errorFileCount: 0 });
+      }
+    });
+    this.app.get("/api/context/memory", async (_req, res) => {
+      try {
+        const { ContextStore: ContextStore2 } = await import("./store-WJ5Y7MOE.js");
+        const store = new ContextStore2(process.cwd());
+        const files = store.listMemoryFiles();
+        const result = {};
+        for (const file of files) {
+          result[file] = store.readMemory(file);
+        }
+        res.json(result);
+      } catch {
+        res.json({});
+      }
+    });
+    this.app.put("/api/context/memory/:name", async (req, res) => {
+      try {
+        const { ContextStore: ContextStore2 } = await import("./store-WJ5Y7MOE.js");
+        const store = new ContextStore2(process.cwd());
+        store.writeMemory(String(req.params.name), req.body.content);
+        this.broadcast({ type: "context:updated", file: req.params.name });
+        res.json({ success: true });
+      } catch {
+        res.status(500).json({ error: "Failed to write memory file" });
+      }
+    });
+    this.app.get("/api/achievements", (_req, res) => {
+      try {
+        const stats = this.db.getAchievementStats();
+        const badges = this.db.computeAchievements(stats);
+        const xp = this.db.computeXP(stats, badges);
+        res.json({ stats, badges, xp });
+      } catch (error) {
+        res.status(500).json({ error: "Failed to fetch achievements" });
+      }
+    });
+    this.app.get("/api/security/summary", (_req, res) => {
+      try {
+        const summary = this.db.getSecuritySummary();
+        res.json(summary);
+      } catch (error) {
+        res.status(500).json({ error: "Failed to fetch security summary" });
+      }
+    });
+    this.app.get("/api/security/blocked-commands", (req, res) => {
+      try {
+        const limit = req.query.limit ? parseInt(req.query.limit, 10) : 25;
+        const commands = this.db.getBlockedCommandsRecent(limit);
+        res.json(commands);
+      } catch (error) {
+        res.status(500).json({ error: "Failed to fetch blocked commands" });
+      }
+    });
     this.app.get("/api/exposures", (req, res) => {
       try {
         const limit = req.query.limit ? parseInt(req.query.limit, 10) : 100;
@@ -2053,9 +2436,70 @@ var DashboardServer = class {
         res.status(500).json({ error: "Failed to save config" });
       }
     });
-    const __filename = fileURLToPath(import.meta.url);
-    const __dirname = dirname(__filename);
-    const staticPath = join4(__dirname, "static");
+    this.app.get("/api/agents/status", async (_req, res) => {
+      try {
+        const claude = ClaudeCodeHooks.getStatus();
+        const moltbot = MoltbotHooks.getStatus();
+        const gemini = GeminiCLIHooks.getStatus();
+        const copilot = CopilotCLIHooks.getStatus();
+        const opencode = OpenCodeHooks.getStatus();
+        let gatewayRunning = false;
+        let sandboxMode = null;
+        try {
+          const gw = await MoltbotHooks.getGatewayStatus();
+          gatewayRunning = gw.running;
+          sandboxMode = gw.sandboxMode ? "strict" : null;
+        } catch {
+          gatewayRunning = moltbot.gatewayRunning;
+          sandboxMode = moltbot.sandboxMode;
+        }
+        const agents = [
+          {
+            name: "Claude Code",
+            key: "claude-code",
+            installed: claude.claudeInstalled,
+            hooksInstalled: claude.hooksInstalled,
+            hooks: claude.hooks,
+            extra: { allToolsRecording: claude.allToolsInstalled }
+          },
+          {
+            name: "Moltbot",
+            key: "moltbot",
+            installed: moltbot.moltbotInstalled || moltbot.clawdbotInstalled,
+            hooksInstalled: moltbot.hooksInstalled,
+            hooks: moltbot.hooks,
+            extra: { gatewayRunning, sandboxMode }
+          },
+          {
+            name: "Gemini CLI",
+            key: "gemini-cli",
+            installed: gemini.geminiInstalled,
+            hooksInstalled: gemini.hooksInstalled,
+            hooks: gemini.hooks
+          },
+          {
+            name: "GitHub Copilot CLI",
+            key: "copilot-cli",
+            installed: copilot.copilotInstalled,
+            hooksInstalled: copilot.hooksInstalled,
+            hooks: copilot.hooks
+          },
+          {
+            name: "OpenCode",
+            key: "opencode",
+            installed: opencode.openCodeInstalled,
+            hooksInstalled: opencode.pluginInstalled,
+            hooks: opencode.pluginInstalled ? ["plugin (gate + record)"] : []
+          }
+        ];
+        res.json({ agents });
+      } catch (error) {
+        res.status(500).json({ error: "Failed to fetch agent status" });
+      }
+    });
+    const __filename2 = fileURLToPath(import.meta.url);
+    const __dirname2 = dirname(__filename2);
+    const staticPath = join4(__dirname2, "static");
     this.app.use(express.static(staticPath));
     this.app.get("/{*path}", (_req, res) => {
       res.sendFile(join4(staticPath, "index.html"));
@@ -2149,16 +2593,53 @@ var DashboardServer = class {
 };
 
 // src/cli.ts
-var metricsCollector = null;
-var costEstimator = null;
+import { readFileSync as readFileSync5 } from "fs";
+import { fileURLToPath as fileURLToPath2 } from "url";
+import { dirname as dirname2, join as join5 } from "path";
 var loopDetector = null;
 var undoStack = null;
+function extractHookSessionId(event) {
+  if (typeof event.session_id === "string" && event.session_id) {
+    return event.session_id;
+  }
+  if (process.env.CLAUDE_SESSION_ID) {
+    return process.env.CLAUDE_SESSION_ID;
+  }
+  return `ppid-${process.ppid}`;
+}
+function extractRepoName(event) {
+  const repo = event.repo;
+  if (repo && typeof repo.name === "string") return repo.name;
+  return null;
+}
+async function readStdinJSON() {
+  const chunks = [];
+  for await (const chunk of process.stdin) {
+    chunks.push(chunk);
+  }
+  const data = Buffer.concat(chunks).toString("utf-8").trim();
+  if (!data) return {};
+  try {
+    return JSON.parse(data);
+  } catch {
+    return {};
+  }
+}
 var logo = `
   \u2571BashBros \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
   \u{1F91D} Your Friendly Bash Agent Helper
 `;
 var program = new Command();
-program.name("bashbros").description("The Bash Agent Helper").version("0.1.0");
+var __filename = fileURLToPath2(import.meta.url);
+var __dirname = dirname2(__filename);
+var version = "0.1.3";
+try {
+  const pkgPath = join5(__dirname, "..", "package.json");
+  const pkg = JSON.parse(readFileSync5(pkgPath, "utf-8"));
+  version = pkg.version;
+} catch {
+}
+program.name("bashbros").description("The Bash Agent Helper").version(version);
 program.command("init").description("Set up BashBros for your project").action(async () => {
   console.log(chalk5.cyan(logo));
   await runOnboarding();
@@ -2189,7 +2670,7 @@ program.command("scan").description("Scan your system and project environment").
   console.log(bro.getSystemContext());
   console.log();
   console.log(chalk5.bold("\n## Agent Configurations\n"));
-  const { formatAgentSummary } = await import("./display-HFIFXOOL.js");
+  const { formatAgentSummary } = await import("./display-UH7KEHOW.js");
   const agents = await getAllAgentConfigs();
   console.log(formatAgentSummary(agents));
   console.log();
@@ -2392,7 +2873,7 @@ program.command("do <description>").description("Convert natural language to a c
 });
 program.command("models").description("List available Ollama models").action(async () => {
   console.log(chalk5.cyan(logo));
-  const { OllamaClient } = await import("./ollama-HY35OHW4.js");
+  const { OllamaClient } = await import("./ollama-5JVKNFOV.js");
   const ollama = new OllamaClient();
   const available = await ollama.isAvailable();
   if (!available) {
@@ -2560,14 +3041,14 @@ moltbotCmd.command("audit").description("Run Moltbot security audit").option("--
 program.command("agent-info [agent]").description("Show detailed info about installed agents and their configurations").option("-r, --raw", "Show raw (redacted) config contents").action(async (agent, options) => {
   console.log(chalk5.cyan(logo));
   if (agent) {
-    const validAgents = ["claude-code", "moltbot", "clawdbot", "aider", "gemini-cli", "opencode"];
+    const validAgents = ["claude-code", "moltbot", "clawdbot", "copilot-cli", "aider", "gemini-cli", "opencode"];
     if (!validAgents.includes(agent)) {
       console.log(chalk5.red(`Unknown agent: ${agent}`));
       console.log(chalk5.dim(`Valid agents: ${validAgents.join(", ")}`));
       return;
     }
     const info = await getAgentConfigInfo(agent);
-    const { formatAgentInfo: formatAgentInfo2 } = await import("./display-HFIFXOOL.js");
+    const { formatAgentInfo: formatAgentInfo2 } = await import("./display-UH7KEHOW.js");
     console.log();
     console.log(formatAgentInfo2(info));
     if (options.raw && info.configExists && info.configPath) {
@@ -2599,14 +3080,60 @@ program.command("permissions").description("Show combined permissions view acros
   console.log(formatPermissionsTable(agents));
   console.log();
 });
-program.command("gate <command>").description("Check if a command should be allowed (used by hooks)").option("-y, --yes", "Skip interactive prompt and block").action(async (command, options) => {
+program.command("gate [command]").description("Check if a command should be allowed (used by hooks)").option("-y, --yes", "Skip interactive prompt and block").action(async (rawInput, options) => {
+  let command = "";
+  let hookEvent = {};
+  try {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    const stdinData = Buffer.concat(chunks).toString("utf-8").trim();
+    if (stdinData) {
+      const event = JSON.parse(stdinData);
+      hookEvent = event;
+      if (event.tool_input?.command) {
+        command = event.tool_input.command;
+      }
+    }
+  } catch {
+  }
+  if (!command && rawInput && rawInput !== "$TOOL_INPUT") {
+    try {
+      const parsed = JSON.parse(rawInput);
+      if (parsed?.command) command = parsed.command;
+    } catch {
+      command = rawInput;
+    }
+  }
+  if (!command) {
+    process.exit(0);
+  }
   const result = await gateCommand(command);
   if (!result.allowed) {
+    try {
+      const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+      const { RiskScorer: RiskScorer2 } = await import("./risk-scorer-Y6KF2XCZ.js");
+      const scorer = new RiskScorer2();
+      const risk = scorer.score(command);
+      const writer = new DashboardWriter2();
+      const hookSessionId = extractHookSessionId(hookEvent);
+      writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(hookEvent));
+      writer.recordCommand(
+        command,
+        false,
+        risk,
+        [{ type: "command", rule: "gate", message: result.reason || "Blocked" }],
+        0
+      );
+      writer.close();
+    } catch {
+    }
     if (process.stdin.isTTY && !options.yes) {
       const { allowForSession: allowForSession2 } = await import("./session-Y4MICATZ.js");
-      const { readFileSync: readFileSync5, writeFileSync: writeFileSync5 } = await import("fs");
+      const { readFileSync: readFileSync6, writeFileSync: writeFileSync5 } = await import("fs");
       const { parse: parse4, stringify: stringify5 } = await import("yaml");
-      const { findConfig: findConfig2 } = await import("./config-43SK6SFI.js");
+      const { findConfig: findConfig2 } = await import("./config-I5NCK3RJ.js");
       console.error();
       console.error(chalk5.red("\u{1F6E1}\uFE0F  BashBros blocked a command"));
       console.error();
@@ -2647,7 +3174,7 @@ program.command("gate <command>").description("Check if a command should be allo
           try {
             const configPath = findConfig2();
             if (configPath) {
-              const content = readFileSync5(configPath, "utf-8");
+              const content = readFileSync6(configPath, "utf-8");
               const config = parse4(content);
               if (!config.commands) config.commands = { allow: [], block: [] };
               if (!config.commands.allow) config.commands.allow = [];
@@ -2675,15 +3202,27 @@ program.command("gate <command>").description("Check if a command should be allo
   process.exit(0);
 });
 program.command("record-tool").description("Record a Claude Code tool execution (used by hooks)").option("--marker <marker>", "Hook marker (ignored, used for identification)").action(async () => {
-  const eventJson = process.env.CLAUDE_HOOK_EVENT || "";
+  const cfg = loadConfig();
+  let eventJson = "";
+  try {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    eventJson = Buffer.concat(chunks).toString("utf-8").trim();
+  } catch {
+  }
   if (!eventJson) {
     return;
   }
   try {
     const event = JSON.parse(eventJson);
     const events = Array.isArray(event) ? event : [event];
-    const { DashboardWriter: DashboardWriter2 } = await import("./writer-4ZEAKUFD.js");
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
     const writer = new DashboardWriter2();
+    const firstEvent = events[0] || {};
+    const hookSessionId = extractHookSessionId(firstEvent);
+    writer.ensureHookSession(hookSessionId, firstEvent.cwd || process.cwd(), extractRepoName(firstEvent));
     for (const evt of events) {
       const toolName = evt.tool_name || evt.tool || "unknown";
       const toolInput = evt.tool_input || evt.input || {};
@@ -2720,6 +3259,19 @@ program.command("record-tool").description("Record a Claude Code tool execution
         repoName,
         repoPath
       });
+      if (cfg.outputScanning.enabled && outputStr) {
+        try {
+          const scanner = new OutputScanner(cfg.outputScanning);
+          const scanResult = scanner.scan(outputStr);
+          if (scanResult.hasSecrets) {
+            for (const f of scanResult.findings.filter((f2) => f2.type === "secret")) {
+              process.stderr.write(`[BashBros] Output warning (${toolName}): ${f.message}
+`);
+            }
+          }
+        } catch {
+        }
+      }
       const preview = inputStr.substring(0, 40).replace(/\n/g, " ");
       console.log(`[BashBros] ${toolName}: ${preview}${inputStr.length > 40 ? "..." : ""}`);
     }
@@ -2728,61 +3280,238 @@ program.command("record-tool").description("Record a Claude Code tool execution
     console.error(`[BashBros] Error recording tool: ${e instanceof Error ? e.message : e}`);
   }
 });
-program.command("record <command>").description("Record a command execution (used by hooks)").option("-o, --output <output>", "Command output").option("-e, --exit-code <code>", "Exit code", "0").action(async (command, options) => {
-  if (!metricsCollector) metricsCollector = new MetricsCollector();
-  if (!costEstimator) costEstimator = new CostEstimator();
-  if (!loopDetector) loopDetector = new LoopDetector();
-  if (!undoStack) undoStack = new UndoStack();
+program.command("record [rawInput]").description("Record a command execution (used by hooks)").option("-o, --output <output>", "Command output").option("-e, --exit-code <code>", "Exit code", "0").action(async (rawInput, options) => {
+  let command = "";
+  let stdinData = "";
+  let hookEvent = {};
+  try {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    stdinData = Buffer.concat(chunks).toString("utf-8").trim();
+    if (stdinData) {
+      const event = JSON.parse(stdinData);
+      hookEvent = event;
+      if (event.tool_input?.command) {
+        command = event.tool_input.command;
+      }
+    }
+  } catch {
+  }
+  if (!command && rawInput && rawInput !== "$TOOL_INPUT") {
+    try {
+      const parsed = JSON.parse(rawInput);
+      if (parsed?.command) command = parsed.command;
+    } catch {
+      command = rawInput;
+    }
+  }
+  if (!command) return;
+  const cfg = loadConfig();
+  if (!loopDetector) loopDetector = new LoopDetector(cfg.loopDetection);
   const scorer = new RiskScorer();
   const risk = scorer.score(command);
-  metricsCollector.record({
-    command,
-    timestamp: /* @__PURE__ */ new Date(),
-    duration: 0,
-    // Not available in hook
-    allowed: true,
-    riskScore: risk,
-    violations: [],
-    exitCode: parseInt(options.exitCode) || 0
-  });
-  costEstimator.recordToolCall(command, options.output || "");
   const loopAlert = loopDetector.check(command);
   if (loopAlert) {
     console.error(chalk5.yellow(`\u26A0 Loop detected: ${loopAlert.message}`));
   }
-  const paths = command.match(/(?:^|\s)(\.\/|\.\.\/|\/|~\/)[^\s]+/g) || [];
-  const cleanPaths = paths.map((p) => p.trim());
-  if (cleanPaths.length > 0) {
-    undoStack.recordFromCommand(command, cleanPaths);
+  try {
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+    const writer = new DashboardWriter2();
+    const hookSessionId = extractHookSessionId(hookEvent);
+    writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(hookEvent));
+    writer.recordCommand(
+      command,
+      true,
+      // allowed (if we're recording post-execution, it was allowed)
+      risk,
+      [],
+      // no violations (it passed the gate)
+      0
+      // duration not available in hook mode
+    );
+    writer.close();
+  } catch (e) {
+    console.error(`[BashBros] Error persisting record: ${e instanceof Error ? e.message : e}`);
+  }
+  if (cfg.outputScanning.enabled && stdinData) {
+    try {
+      const event = JSON.parse(stdinData);
+      const toolOutput = event.tool_output;
+      let outputStr = "";
+      if (typeof toolOutput === "string") {
+        outputStr = toolOutput;
+      } else if (typeof toolOutput === "object" && toolOutput !== null) {
+        outputStr = (toolOutput.stdout || "") + (toolOutput.stderr || "");
+      }
+      if (outputStr) {
+        const scanner = new OutputScanner(cfg.outputScanning);
+        const scanResult = scanner.scan(outputStr);
+        if (scanResult.hasSecrets) {
+          for (const f of scanResult.findings.filter((f2) => f2.type === "secret")) {
+            process.stderr.write(`[BashBros] Output warning: ${f.message}
+`);
+          }
+        }
+        if (scanResult.hasErrors) {
+          for (const f of scanResult.findings.filter((f2) => f2.type === "error")) {
+            process.stderr.write(`[BashBros] Output notice: ${f.message}
+`);
+          }
+        }
+      }
+    } catch {
+    }
   }
 });
-program.command("session-end").description("Generate session report (used by hooks)").option("-f, --format <format>", "Output format (text, markdown, json)", "text").action((options) => {
-  if (!metricsCollector) {
+program.command("session-end").description("Generate session report (used by hooks)").option("-f, --format <format>", "Output format (text, markdown, json)", "text").action(async (options) => {
+  let hookSessionId = null;
+  try {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    const stdinData = Buffer.concat(chunks).toString("utf-8").trim();
+    if (stdinData) {
+      const event = JSON.parse(stdinData);
+      hookSessionId = extractHookSessionId(event);
+    }
+  } catch {
+  }
+  try {
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+    const writer = new DashboardWriter2();
+    if (hookSessionId) {
+      writer.endHookSession(hookSessionId);
+    }
+    const db = writer.getDB();
+    const since = new Date(Date.now() - 24 * 60 * 60 * 1e3);
+    const commands = db.getCommands({ since, limit: 1e4 });
+    if (commands.length > 0) {
+      const startTime = commands[commands.length - 1].timestamp;
+      const endTime = commands[0].timestamp;
+      const duration = endTime.getTime() - startTime.getTime();
+      const cmdFreq = /* @__PURE__ */ new Map();
+      for (const cmd of commands) {
+        const base = cmd.command.split(/\s+/)[0];
+        cmdFreq.set(base, (cmdFreq.get(base) || 0) + 1);
+      }
+      const topCommands = [...cmdFreq.entries()].sort((a, b) => b[1] - a[1]).slice(0, 10);
+      const violationsByType = {};
+      for (const cmd of commands) {
+        for (const v of cmd.violations) {
+          violationsByType[v] = (violationsByType[v] || 0) + 1;
+        }
+      }
+      const metrics = {
+        sessionId: "hook-session",
+        startTime,
+        endTime,
+        duration,
+        commandCount: commands.length,
+        blockedCount: commands.filter((c) => !c.allowed).length,
+        uniqueCommands: cmdFreq.size,
+        topCommands,
+        riskDistribution: {
+          safe: commands.filter((c) => c.riskLevel === "safe").length,
+          caution: commands.filter((c) => c.riskLevel === "caution").length,
+          dangerous: commands.filter((c) => c.riskLevel === "dangerous").length,
+          critical: commands.filter((c) => c.riskLevel === "critical").length
+        },
+        avgRiskScore: commands.reduce((sum, c) => sum + c.riskScore, 0) / commands.length,
+        avgExecutionTime: commands.reduce((sum, c) => sum + c.durationMs, 0) / commands.length,
+        totalExecutionTime: commands.reduce((sum, c) => sum + c.durationMs, 0),
+        filesModified: [],
+        pathsAccessed: [],
+        violationsByType
+      };
+      const toolUses = db.getToolUses({ since, limit: 1e4 });
+      const estimator = new CostEstimator();
+      for (const use of toolUses) {
+        estimator.recordToolCall(use.toolInput, use.toolOutput);
+      }
+      const report = ReportGenerator.generate(metrics, estimator.getEstimate(), { format: options.format });
+      console.log();
+      console.log(report);
+      console.log();
+      writer.close();
+      return;
+    }
+    writer.close();
+  } catch {
     console.log(chalk5.dim("No session data to report."));
-    return;
   }
-  const metrics = metricsCollector.getMetrics();
-  const cost = costEstimator?.getEstimate();
-  const report = ReportGenerator.generate(metrics, cost, { format: options.format });
-  console.log();
-  console.log(report);
-  console.log();
 });
-program.command("report").description("Generate a session report").option("-f, --format <format>", "Output format (text, markdown, json)", "text").option("--no-cost", "Hide cost estimate").option("--no-risk", "Hide risk distribution").action((options) => {
-  if (!metricsCollector) {
+program.command("report").description("Generate a session report").option("-f, --format <format>", "Output format (text, markdown, json)", "text").option("--no-cost", "Hide cost estimate").option("--no-risk", "Hide risk distribution").action(async (options) => {
+  try {
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+    const writer = new DashboardWriter2();
+    const db = writer.getDB();
+    const since = new Date(Date.now() - 24 * 60 * 60 * 1e3);
+    const commands = db.getCommands({ since, limit: 1e4 });
+    if (commands.length > 0) {
+      const startTime = commands[commands.length - 1].timestamp;
+      const endTime = commands[0].timestamp;
+      const duration = endTime.getTime() - startTime.getTime();
+      const cmdFreq = /* @__PURE__ */ new Map();
+      for (const cmd of commands) {
+        const base = cmd.command.split(/\s+/)[0];
+        cmdFreq.set(base, (cmdFreq.get(base) || 0) + 1);
+      }
+      const topCommands = [...cmdFreq.entries()].sort((a, b) => b[1] - a[1]).slice(0, 10);
+      const violationsByType = {};
+      for (const cmd of commands) {
+        for (const v of cmd.violations) {
+          violationsByType[v] = (violationsByType[v] || 0) + 1;
+        }
+      }
+      const metrics = {
+        sessionId: "hook-session",
+        startTime,
+        endTime,
+        duration,
+        commandCount: commands.length,
+        blockedCount: commands.filter((c) => !c.allowed).length,
+        uniqueCommands: cmdFreq.size,
+        topCommands,
+        riskDistribution: {
+          safe: commands.filter((c) => c.riskLevel === "safe").length,
+          caution: commands.filter((c) => c.riskLevel === "caution").length,
+          dangerous: commands.filter((c) => c.riskLevel === "dangerous").length,
+          critical: commands.filter((c) => c.riskLevel === "critical").length
+        },
+        avgRiskScore: commands.reduce((sum, c) => sum + c.riskScore, 0) / commands.length,
+        avgExecutionTime: commands.reduce((sum, c) => sum + c.durationMs, 0) / commands.length,
+        totalExecutionTime: commands.reduce((sum, c) => sum + c.durationMs, 0),
+        filesModified: [],
+        pathsAccessed: [],
+        violationsByType
+      };
+      let cost;
+      if (options.cost) {
+        const toolUses = db.getToolUses({ since, limit: 1e4 });
+        const estimator = new CostEstimator();
+        for (const use of toolUses) {
+          estimator.recordToolCall(use.toolInput, use.toolOutput);
+        }
+        cost = estimator.getEstimate();
+      }
+      const report = ReportGenerator.generate(metrics, cost, {
+        format: options.format,
+        showCost: options.cost,
+        showRisk: options.risk
+      });
+      console.log();
+      console.log(report);
+      console.log();
+      writer.close();
+      return;
+    }
+    writer.close();
+  } catch {
     console.log(chalk5.dim("No session data. Run some commands first."));
-    return;
   }
-  const metrics = metricsCollector.getMetrics();
-  const cost = options.cost ? costEstimator?.getEstimate() : void 0;
-  const report = ReportGenerator.generate(metrics, cost, {
-    format: options.format,
-    showCost: options.cost,
-    showRisk: options.risk
-  });
-  console.log();
-  console.log(report);
-  console.log();
 });
 program.command("risk <command>").description("Score a command for security risk").action((command) => {
   const scorer = new RiskScorer();
@@ -2998,5 +3727,257 @@ patternsCmd.command("test <text>").description("Test if text matches any detecti
   }
   console.log();
 });
+var geminiCmd = program.command("gemini").description("Manage Gemini CLI integration");
+geminiCmd.command("install").description("Install BashBros hooks into Gemini CLI").action(async () => {
+  const { GeminiCLIHooks: GeminiCLIHooks2 } = await import("./gemini-cli-3563EELZ.js");
+  const result = GeminiCLIHooks2.install();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+geminiCmd.command("uninstall").description("Remove BashBros hooks from Gemini CLI").action(async () => {
+  const { GeminiCLIHooks: GeminiCLIHooks2 } = await import("./gemini-cli-3563EELZ.js");
+  const result = GeminiCLIHooks2.uninstall();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+geminiCmd.command("status").description("Check Gemini CLI integration status").action(async () => {
+  const { GeminiCLIHooks: GeminiCLIHooks2 } = await import("./gemini-cli-3563EELZ.js");
+  const status = GeminiCLIHooks2.getStatus();
+  console.log();
+  console.log(chalk5.bold("Gemini CLI Integration Status"));
+  console.log();
+  console.log(`  Gemini CLI: ${status.geminiInstalled ? chalk5.green("detected") : chalk5.yellow("not found")}`);
+  console.log(`  BashBros hooks: ${status.hooksInstalled ? chalk5.green("active") : chalk5.dim("not installed")}`);
+  if (status.hooks.length > 0) {
+    console.log(`  Active hooks: ${status.hooks.join(", ")}`);
+  }
+  console.log(chalk5.dim("  Scope: project (.gemini/settings.json)"));
+  console.log();
+});
+var copilotCmd = program.command("copilot").description("Manage GitHub Copilot CLI integration");
+copilotCmd.command("install").description("Install BashBros hooks into Copilot CLI").action(async () => {
+  const { CopilotCLIHooks: CopilotCLIHooks2 } = await import("./copilot-cli-5WJWK5YT.js");
+  const result = CopilotCLIHooks2.install();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+copilotCmd.command("uninstall").description("Remove BashBros hooks from Copilot CLI").action(async () => {
+  const { CopilotCLIHooks: CopilotCLIHooks2 } = await import("./copilot-cli-5WJWK5YT.js");
+  const result = CopilotCLIHooks2.uninstall();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+copilotCmd.command("status").description("Check Copilot CLI integration status").action(async () => {
+  const { CopilotCLIHooks: CopilotCLIHooks2 } = await import("./copilot-cli-5WJWK5YT.js");
+  const status = CopilotCLIHooks2.getStatus();
+  console.log();
+  console.log(chalk5.bold("Copilot CLI Integration Status"));
+  console.log();
+  console.log(`  Copilot CLI: ${status.copilotInstalled ? chalk5.green("detected") : chalk5.yellow("not found")}`);
+  console.log(`  BashBros hooks: ${status.hooksInstalled ? chalk5.green("active") : chalk5.dim("not installed")}`);
+  if (status.hooks.length > 0) {
+    console.log(`  Active hooks: ${status.hooks.join(", ")}`);
+  }
+  console.log(chalk5.dim("  Scope: project (.github/hooks/bashbros.json)"));
+  console.log();
+});
+var opencodeCmd = program.command("opencode").description("Manage OpenCode integration");
+opencodeCmd.command("install").description("Install BashBros plugin into OpenCode").action(async () => {
+  const { OpenCodeHooks: OpenCodeHooks2 } = await import("./opencode-DRCY275R.js");
+  const result = OpenCodeHooks2.install();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+opencodeCmd.command("uninstall").description("Remove BashBros plugin from OpenCode").action(async () => {
+  const { OpenCodeHooks: OpenCodeHooks2 } = await import("./opencode-DRCY275R.js");
+  const result = OpenCodeHooks2.uninstall();
+  if (result.success) {
+    console.log(chalk5.green("\u2713"), result.message);
+  } else {
+    console.log(chalk5.red("\u2717"), result.message);
+    process.exit(1);
+  }
+});
+opencodeCmd.command("status").description("Check OpenCode integration status").action(async () => {
+  const { OpenCodeHooks: OpenCodeHooks2 } = await import("./opencode-DRCY275R.js");
+  const status = OpenCodeHooks2.getStatus();
+  console.log();
+  console.log(chalk5.bold("OpenCode Integration Status"));
+  console.log();
+  console.log(`  OpenCode: ${status.openCodeInstalled ? chalk5.green("detected") : chalk5.yellow("not found")}`);
+  console.log(`  BashBros plugin: ${status.pluginInstalled ? chalk5.green("active") : chalk5.dim("not installed")}`);
+  console.log(chalk5.dim("  Scope: project (.opencode/plugins/bashbros.ts)"));
+  console.log();
+});
+program.command("gemini-gate").description("Gate command for Gemini CLI hooks (internal)").action(async () => {
+  const event = await readStdinJSON();
+  const toolInput = event.tool_input;
+  const command = typeof toolInput?.command === "string" ? toolInput.command : "";
+  if (!command) {
+    console.log(JSON.stringify({ decision: "allow" }));
+    process.exit(0);
+  }
+  const result = await gateCommand(command);
+  if (!result.allowed) {
+    try {
+      const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+      const writer = new DashboardWriter2();
+      const hookSessionId = extractHookSessionId(event);
+      writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(event));
+      const scorer = new RiskScorer();
+      const risk = scorer.score(command);
+      writer.recordCommand(
+        command,
+        false,
+        risk,
+        [{ type: "command", rule: "gate", message: result.reason || "Blocked" }],
+        0
+      );
+      writer.close();
+    } catch {
+    }
+    console.log(JSON.stringify({
+      decision: "deny",
+      reason: result.reason || "Blocked by BashBros"
+    }));
+    process.exit(0);
+  }
+  console.log(JSON.stringify({ decision: "allow" }));
+  process.exit(0);
+});
+program.command("gemini-record").description("Record command for Gemini CLI hooks (internal)").action(async () => {
+  const event = await readStdinJSON();
+  const toolInput = event.tool_input;
+  const command = typeof toolInput?.command === "string" ? toolInput.command : "";
+  if (!command) return;
+  const cfg = loadConfig();
+  if (!loopDetector) loopDetector = new LoopDetector(cfg.loopDetection);
+  const scorer = new RiskScorer();
+  const risk = scorer.score(command);
+  const loopAlert = loopDetector.check(command);
+  if (loopAlert) {
+    process.stderr.write(`[BashBros] Loop detected: ${loopAlert.message}
+`);
+  }
+  try {
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+    const writer = new DashboardWriter2();
+    const hookSessionId = extractHookSessionId(event);
+    writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(event));
+    writer.recordCommand(command, true, risk, [], 0);
+    writer.close();
+  } catch (e) {
+    process.stderr.write(`[BashBros] Error recording: ${e instanceof Error ? e.message : e}
+`);
+  }
+  if (cfg.outputScanning.enabled) {
+    const toolOutput = event.tool_output;
+    let outputStr = "";
+    if (typeof toolOutput === "string") outputStr = toolOutput;
+    else if (typeof toolOutput === "object" && toolOutput !== null) {
+      outputStr = (toolOutput.stdout || "") + (toolOutput.stderr || "");
+    }
+    if (outputStr) {
+      try {
+        const scanner = new OutputScanner(cfg.outputScanning);
+        const scanResult = scanner.scan(outputStr);
+        if (scanResult.hasSecrets) {
+          for (const f of scanResult.findings.filter((f2) => f2.type === "secret")) {
+            process.stderr.write(`[BashBros] Output warning: ${f.message}
+`);
+          }
+        }
+      } catch {
+      }
+    }
+  }
+});
+program.command("copilot-gate").description("Gate command for Copilot CLI hooks (internal)").action(async () => {
+  const event = await readStdinJSON();
+  const toolArgs = event.toolArgs;
+  const command = typeof toolArgs?.command === "string" ? toolArgs.command : "";
+  if (!command) {
+    console.log(JSON.stringify({ permissionDecision: "allow" }));
+    process.exit(0);
+  }
+  const result = await gateCommand(command);
+  if (!result.allowed) {
+    try {
+      const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+      const writer = new DashboardWriter2();
+      const hookSessionId = extractHookSessionId(event);
+      writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(event));
+      const scorer = new RiskScorer();
+      const risk = scorer.score(command);
+      writer.recordCommand(
+        command,
+        false,
+        risk,
+        [{ type: "command", rule: "gate", message: result.reason || "Blocked" }],
+        0
+      );
+      writer.close();
+    } catch {
+    }
+    console.log(JSON.stringify({
+      permissionDecision: "deny",
+      permissionDecisionReason: result.reason || "Blocked by BashBros"
+    }));
+    process.exit(1);
+  }
+  console.log(JSON.stringify({ permissionDecision: "allow" }));
+  process.exit(0);
+});
+program.command("copilot-record").description("Record command for Copilot CLI hooks (internal)").action(async () => {
+  const event = await readStdinJSON();
+  const toolArgs = event.toolArgs;
+  const command = typeof toolArgs?.command === "string" ? toolArgs.command : "";
+  if (!command) return;
+  const cfg = loadConfig();
+  if (!loopDetector) loopDetector = new LoopDetector(cfg.loopDetection);
+  const scorer = new RiskScorer();
+  const risk = scorer.score(command);
+  const loopAlert = loopDetector.check(command);
+  if (loopAlert) {
+    process.stderr.write(`[BashBros] Loop detected: ${loopAlert.message}
+`);
+  }
+  try {
+    const { DashboardWriter: DashboardWriter2 } = await import("./writer-3NAVABN6.js");
+    const writer = new DashboardWriter2();
+    const hookSessionId = extractHookSessionId(event);
+    writer.ensureHookSession(hookSessionId, process.cwd(), extractRepoName(event));
+    writer.recordCommand(command, true, risk, [], 0);
+    writer.close();
+  } catch (e) {
+    process.stderr.write(`[BashBros] Error recording: ${e instanceof Error ? e.message : e}
+`);
+  }
+});
+program.command("setup").description("Install BashBros hooks for multiple agents at once").action(async () => {
+  console.log(chalk5.cyan(logo));
+  const { runSetup } = await import("./setup-YS27MOPE.js");
+  await runSetup();
+});
 program.parse();
 //# sourceMappingURL=cli.js.map