bobo-ai-cli 2.0.0 → 3.0.0

package/dist/sub-agent-runner.d.ts

@@ -2,5 +2,6 @@
  * Sub-agent runner — standalone script that runs as a child process.
  * Usage: node dist/sub-agent-runner.js <taskFile>
  * Reads task from JSON file, runs agent loop, writes result back.
+ * Enhanced with role-based tool filtering and prompt injection.
  */
 export {};

package/dist/sub-agent-runner.js

@@ -2,9 +2,12 @@
  * Sub-agent runner — standalone script that runs as a child process.
  * Usage: node dist/sub-agent-runner.js <taskFile>
  * Reads task from JSON file, runs agent loop, writes result back.
+ * Enhanced with role-based tool filtering and prompt injection.
  */
 import { readFileSync, writeFileSync } from 'node:fs';
 import { runAgent } from './agent.js';
+import { runVerification, formatVerificationResult } from './verification-agent.js';
+import { getRolePromptInjection } from './sub-agents.js';
 async function main() {
     const taskFile = process.argv[2];
     if (!taskFile) {
@@ -17,20 +20,43 @@ async function main() {
     catch {
         process.exit(1);
     }
+    // Set 30-minute timeout
+    const timeoutMs = 30 * 60 * 1000;
+    const timeoutHandle = setTimeout(() => {
+        taskData.status = 'failed';
+        taskData.error = 'Timeout: exceeded 30 minute limit';
+        writeFileSync(taskFile, JSON.stringify(taskData, null, 2));
+        process.exit(1);
+    }, timeoutMs);
     // Change to task's cwd
     try {
         process.chdir(taskData.cwd);
     }
     catch { /* stay in current dir */ }
     try {
-        const result = await runAgent(taskData.task, []);
-        taskData.status = 'completed';
-        taskData.result = result.response;
+        const role = taskData.role || 'worker';
+        if (role === 'verify') {
+            // Special handling for verification agents
+            const verificationResult = await runVerification(taskData.task, '', { cwd: taskData.cwd });
+            taskData.status = verificationResult.verdict === 'FAIL' ? 'failed' : 'completed';
+            taskData.result = formatVerificationResult(verificationResult);
+        }
+        else {
+            // Inject role-specific prompt
+            const rolePrompt = getRolePromptInjection(role);
+            const enhancedTask = rolePrompt ? `${rolePrompt}\n\n---\n\n${taskData.task}` : taskData.task;
+            const result = await runAgent(enhancedTask, [], { quiet: true });
+            taskData.status = 'completed';
+            taskData.result = result.response;
+        }
     }
     catch (e) {
         taskData.status = 'failed';
         taskData.error = e.message;
     }
+    finally {
+        clearTimeout(timeoutHandle);
+    }
     writeFileSync(taskFile, JSON.stringify(taskData, null, 2));
 }
 main().catch(() => process.exit(1));

package/dist/sub-agent-runner.js.map

@@ -1 +1 @@
-{"version":3,"file":"sub-agent-runner.js","sourceRoot":"","sources":["../src/sub-agent-runner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAYtC,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,QAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC;QACH,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC,CAAC,yBAAyB,CAAC,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACjD,QAAQ,CAAC,MAAM,GAAG,WAAW,CAAC;QAC9B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC;IACpC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;QAC3B,QAAQ,CAAC,KAAK,GAAI,CAAW,CAAC,OAAO,CAAC;IACxC,CAAC;IAED,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC"}
+{"version":3,"file":"sub-agent-runner.js","sourceRoot":"","sources":["../src/sub-agent-runner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,eAAe,EAAE,wBAAwB,EAAE,MAAM,yBAAyB,CAAC;AAEpF,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAazD,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,QAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACjC,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE;QACpC,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;QAC3B,QAAQ,CAAC,KAAK,GAAG,mCAAmC,CAAC;QACrD,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,EAAE,SAAS,CAAC,CAAC;IAEd,uBAAuB;IACvB,IAAI,CAAC;QACH,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC,CAAC,yBAAyB,CAAC,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC;QAEvC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,2CAA2C;YAC3C,MAAM,kBAAkB,GAAG,MAAM,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3F,QAAQ,CAAC,MAAM,GAAG,kBAAkB,CAAC,OAAO,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC;YACjF,QAAQ,CAAC,MAAM,GAAG,wBAAwB,CAAC,kBAAkB,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,8BAA8B;YAC9B,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,GAAG,UAAU,cAAc,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7F,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YACjE,QAAQ,CAAC,MAAM,GAAG,WAAW,CAAC;YAC9B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC;QACpC,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;QAC3B,QAAQ,CAAC,KAAK,GAAI,CAAW,CAAC,OAAO,CAAC;IACxC,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,aAAa,CAAC,CAAC;IAC9B,CAAC;IAED,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC"}

package/dist/sub-agents.d.ts

@@ -1,6 +1,15 @@
 /**
  * Sub-agent management — spawn, list, show background agents.
+ * Enhanced with role-based isolation (explore/plan/worker/verify).
  */
+/**
+ * Agent role types with different permission levels.
+ * - explore: Read-only exploration (read_file, list_directory, search_files, shell with restrictions)
+ * - plan: Read-only planning mode (outputs task plans but cannot modify files)
+ * - worker: Full tool permissions (but injected with anti-recursion prompt)
+ * - verify: Uses verification-agent logic to validate work
+ */
+export type AgentRole = 'explore' | 'plan' | 'worker' | 'verify';
 interface SubAgentTask {
     id: string;
     task: string;
@@ -11,11 +20,20 @@ interface SubAgentTask {
     result?: string;
     error?: string;
     pid?: number;
+    role?: AgentRole;
 }
+/**
+ * Get allowed tools for a specific role.
+ */
+export declare function getAllowedToolsForRole(role: AgentRole): string[];
+/**
+ * Get role-specific system prompt injection.
+ */
+export declare function getRolePromptInjection(role: AgentRole): string;
 /**
  * Spawn a new sub-agent to run a task in the background.
  */
-export declare function spawnSubAgent(task: string): {
+export declare function spawnSubAgent(task: string, role?: AgentRole): {
     id: string;
     error?: string;
 };

package/dist/sub-agents.js

@@ -1,11 +1,13 @@
 /**
  * Sub-agent management — spawn, list, show background agents.
+ * Enhanced with role-based isolation (explore/plan/worker/verify).
  */
 import { fork } from 'node:child_process';
 import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync } from 'node:fs';
 import { join } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { getConfigDir } from './config.js';
+import { AGENT_CATALOG } from './agents/catalog.js';
 const __dirname = fileURLToPath(new URL('.', import.meta.url));
 const MAX_CONCURRENT = 3;
 // Track running processes in memory
@@ -19,17 +21,149 @@ function ensureAgentsDir() {
         mkdirSync(dir, { recursive: true });
     }
 }
+/**
+ * Get allowed tools for a specific role.
+ */
+export function getAllowedToolsForRole(role) {
+    switch (role) {
+        case 'explore':
+            // Read-only tools for exploration
+            return [
+                'read_file',
+                'list_directory',
+                'search_files',
+                'git_status',
+                'git_diff',
+                'git_log',
+                'search_memory',
+            ];
+        case 'plan':
+            // Read-only + planning tools
+            return [
+                'read_file',
+                'list_directory',
+                'search_files',
+                'git_status',
+                'git_diff',
+                'git_log',
+                'search_memory',
+            ];
+        case 'worker':
+            // Full access (but will be injected with anti-recursion prompt)
+            return ['*']; // All tools allowed
+        case 'verify':
+            // Verification tools
+            return [
+                'read_file',
+                'list_directory',
+                'search_files',
+                'shell', // For running build/test/lint
+                'git_status',
+                'git_diff',
+            ];
+        default:
+            return [];
+    }
+}
+/**
+ * Get role-specific system prompt injection.
+ */
+export function getRolePromptInjection(role) {
+    // Try to use catalog-based prompts first for richer role definitions
+    const catalogRole = role === 'worker' ? 'executor' : role === 'plan' ? 'planner' : role === 'verify' ? 'verifier' : role;
+    const catalogAgent = AGENT_CATALOG[catalogRole];
+    const catalogContext = catalogAgent
+        ? `\n\n## Catalog Context\n- Role: ${catalogAgent.role}\n- Description: ${catalogAgent.description}\n- Use cases: ${catalogAgent.useCases.join(', ')}\n- Boundaries: ${catalogAgent.boundaries.join(', ')}`
+        : '';
+    switch (role) {
+        case 'explore':
+            return `
+# Role: Explorer Agent
+
+You are an exploration agent with READ-ONLY access. Your job is to:
+- Read and analyze files
+- Search for patterns and information
+- Report findings clearly
+
+You CANNOT:
+- Modify any files (write_file, edit_file)
+- Execute arbitrary shell commands
+- Create or delete files
+- Make git commits
+
+Focus on gathering information and presenting it clearly.${catalogContext}`;
+        case 'plan':
+            return `
+# Role: Planning Agent
+
+You are a planning agent with READ-ONLY access. Your job is to:
+- Analyze the codebase and requirements
+- Create detailed task breakdowns
+- Identify dependencies and risks
+- Propose implementation approaches
+
+You CANNOT:
+- Modify any files
+- Execute code changes
+- Make commits
+
+Output a structured plan with:
+1. Tasks broken down into steps
+2. File paths that need changes
+3. Potential risks or blockers
+4. Estimated complexity${catalogContext}`;
+        case 'worker':
+            return `
+# Role: Worker Agent
+
+You are a worker agent with FULL tool access. Your job is to:
+- Execute tasks efficiently
+- Make file changes as needed
+- Run tests and verify your work
+- Report completion status
+
+CRITICAL CONSTRAINTS:
+- You are a WORKER, not a manager
+- NEVER spawn sub-agents or delegate work
+- Execute tasks directly yourself
+- If you encounter blockers, report them immediately
+
+Focus on DOING the work, not planning or delegating.${catalogContext}`;
+        case 'verify':
+            return `
+# Role: Verification Agent
+
+You are a verification agent using 'try to break it' philosophy. Your job is to:
+- Run build/test/lint checks
+- Probe for edge cases and boundary conditions
+- Test actual functionality (API calls, CLI commands)
+- Report honest assessment
+
+You SHOULD:
+- Be adversarial - try to find what's broken
+- Run all available verification steps
+- Test with unusual inputs
+- Check for security issues
+
+You MUST:
+- Return VERDICT: PASS / FAIL / PARTIAL
+- Provide specific evidence for failures
+- Suggest concrete fixes${catalogContext}`;
+        default:
+            return '';
+    }
+}
 /**
  * Spawn a new sub-agent to run a task in the background.
  */
-export function spawnSubAgent(task) {
+export function spawnSubAgent(task, role = 'worker') {
     ensureAgentsDir();
     // Check concurrent limit
     const running = listSubAgents().filter(a => a.status === 'running');
     if (running.length >= MAX_CONCURRENT) {
         return { id: '', error: `Max ${MAX_CONCURRENT} concurrent sub-agents. Wait for one to finish or check /agents.` };
     }
-    const id = `agent-${Date.now().toString(36)}`;
+    const id = `agent-${Date.now().toString(36)}-${role}`;
     const taskFile = join(getAgentsDir(), `${id}.json`);
     const taskData = {
         id,
@@ -37,6 +171,7 @@ export function spawnSubAgent(task) {
         cwd: process.cwd(),
         status: 'running',
         startedAt: new Date().toISOString(),
+        role,
     };
     writeFileSync(taskFile, JSON.stringify(taskData, null, 2));
     // Fork the sub-agent runner

package/dist/sub-agents.js.map

@@ -1 +1 @@
-{"version":3,"file":"sub-agents.js","sourceRoot":"","sources":["../src/sub-agents.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,IAAI,EAAqB,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC1F,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,cAAc,GAAG,CAAC,CAAC;AAczB,oCAAoC;AACpC,MAAM,aAAa,GAA8B,IAAI,GAAG,EAAE,CAAC;AAE3D,SAAS,YAAY;IACnB,OAAO,IAAI,CAAC,YAAY,EAAE,EAAE,QAAQ,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,eAAe;IACtB,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,eAAe,EAAE,CAAC;IAElB,yBAAyB;IACzB,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;IACpE,IAAI,OAAO,CAAC,MAAM,IAAI,cAAc,EAAE,CAAC;QACrC,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,cAAc,kEAAkE,EAAE,CAAC;IACpH,CAAC;IAED,MAAM,EAAE,GAAG,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAEpD,MAAM,QAAQ,GAAiB;QAC7B,EAAE;QACF,IAAI;QACJ,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;QAClB,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE3D,4BAA4B;IAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;IAC1D,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,EAAE;YACzC,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,QAAQ,CAAC,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC;QACzB,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAE3D,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACzB,wBAAwB;YACxB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAiB,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC1E,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACjC,OAAO,CAAC,MAAM,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACrD,OAAO,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;oBAC/C,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK;wBAAE,OAAO,CAAC,KAAK,GAAG,oBAAoB,IAAI,EAAE,CAAC;oBAC7E,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;YAAC,MAAM,CAAC,CAAC,iCAAiC,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,KAAK,EAAE,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAE7B,OAAO,EAAE,EAAE,EAAE,CAAC;IAChB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;QAC3B,QAAQ,CAAC,KAAK,GAAI,CAAW,CAAC,OAAO,CAAC;QACtC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAG,CAAW,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAK,GAAG,EAAE;IACtC,eAAe,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAE3B,OAAO,WAAW,CAAC,GAAG,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;SAChC,IAAI,EAAE;SACN,OAAO,EAAE;SACT,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC;SACf,GAAG,CAAC,CAAC,CAAC,EAAE;QACP,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAiB,CAAC;QACzE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,CAAC,EAAqB,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,EAAU;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAChD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
+{"version":3,"file":"sub-agents.js","sourceRoot":"","sources":["../src/sub-agents.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,IAAI,EAAqB,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC1F,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,cAAc,GAAG,CAAC,CAAC;AAwBzB,oCAAoC;AACpC,MAAM,aAAa,GAA8B,IAAI,GAAG,EAAE,CAAC;AAE3D,SAAS,YAAY;IACnB,OAAO,IAAI,CAAC,YAAY,EAAE,EAAE,QAAQ,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,eAAe;IACtB,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAAe;IACpD,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS;YACZ,kCAAkC;YAClC,OAAO;gBACL,WAAW;gBACX,gBAAgB;gBAChB,cAAc;gBACd,YAAY;gBACZ,UAAU;gBACV,SAAS;gBACT,eAAe;aAChB,CAAC;QAEJ,KAAK,MAAM;YACT,6BAA6B;YAC7B,OAAO;gBACL,WAAW;gBACX,gBAAgB;gBAChB,cAAc;gBACd,YAAY;gBACZ,UAAU;gBACV,SAAS;gBACT,eAAe;aAChB,CAAC;QAEJ,KAAK,QAAQ;YACX,gEAAgE;YAChE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAEpC,KAAK,QAAQ;YACX,qBAAqB;YACrB,OAAO;gBACL,WAAW;gBACX,gBAAgB;gBAChB,cAAc;gBACd,OAAO,EAAE,8BAA8B;gBACvC,YAAY;gBACZ,UAAU;aACX,CAAC;QAEJ;YACE,OAAO,EAAE,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAAe;IACpD,qEAAqE;IACrE,MAAM,WAAW,GAAG,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC;IACzH,MAAM,YAAY,GAAG,aAAa,CAAC,WAAyC,CAAC,CAAC;IAC9E,MAAM,cAAc,GAAG,YAAY;QACjC,CAAC,CAAC,mCAAmC,YAAY,CAAC,IAAI,oBAAoB,YAAY,CAAC,WAAW,kBAAkB,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC3M,CAAC,CAAC,EAAE,CAAC;IAEP,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS;YACZ,OAAO;;;;;;;;;;;;;;2DAc8C,cAAc,EAAE,CAAC;QAExE,KAAK,MAAM;YACT,OAAO;;;;;;;;;;;;;;;;;;yBAkBY,cAAc,EAAE,CAAC;QAEtC,KAAK,QAAQ;YACX,OAAO;;;;;;;;;;;;;;;sDAeyC,cAAc,EAAE,CAAC;QAEnE,KAAK,QAAQ;YACX,OAAO;;;;;;;;;;;;;;;;;;0BAkBa,cAAc,EAAE,CAAC;QAEvC;YACE,OAAO,EAAE,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY,EAAE,OAAkB,QAAQ;IACpE,eAAe,EAAE,CAAC;IAElB,yBAAyB;IACzB,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;IACpE,IAAI,OAAO,CAAC,MAAM,IAAI,cAAc,EAAE,CAAC;QACrC,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,cAAc,kEAAkE,EAAE,CAAC;IACpH,CAAC;IAED,MAAM,EAAE,GAAG,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC;IACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAEpD,MAAM,QAAQ,GAAiB;QAC7B,EAAE;QACF,IAAI;QACJ,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;QAClB,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI;KACL,CAAC;IAEF,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE3D,4BAA4B;IAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;IAC1D,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,EAAE;YACzC,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,QAAQ,CAAC,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC;QACzB,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAE3D,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACzB,wBAAwB;YACxB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAiB,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC1E,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACjC,OAAO,CAAC,MAAM,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACrD,OAAO,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;oBAC/C,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK;wBAAE,OAAO,CAAC,KAAK,GAAG,oBAAoB,IAAI,EAAE,CAAC;oBAC7E,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;YAAC,MAAM,CAAC,CAAC,iCAAiC,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,KAAK,EAAE,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAE7B,OAAO,EAAE,EAAE,EAAE,CAAC;IAChB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;QAC3B,QAAQ,CAAC,KAAK,GAAI,CAAW,CAAC,OAAO,CAAC;QACtC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAG,CAAW,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAK,GAAG,EAAE;IACtC,eAAe,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAE3B,OAAO,WAAW,CAAC,GAAG,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;SAChC,IAAI,EAAE;SACN,OAAO,EAAE;SACT,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC;SACf,GAAG,CAAC,CAAC,CAAC,EAAE;QACP,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAiB,CAAC;QACzE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,CAAC,EAAqB,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,EAAU;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAChD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/tool-governance.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Tool Governance Pipeline
+ *
+ * Enforces safety and consistency for all tool executions:
+ * Input validation → Risk classification → PreToolUse Hook →
+ * Permission check → Execution → PostToolUse Hook → Telemetry
+ *
+ * Key principles:
+ * - Fail-closed: All tools are unsafe by default
+ * - Explicit permissions: isConcurrencySafe and isReadOnly must be declared
+ * - Stateful constraints: edit_file requires prior read_file
+ */
+/**
+ * Risk levels for tool operations.
+ */
+export type ToolRiskLevel = 'safe' | 'moderate' | 'dangerous';
+/**
+ * Tool metadata for governance.
+ */
+export interface ToolMetadata {
+    name: string;
+    isReadOnly: boolean;
+    isConcurrencySafe: boolean;
+    riskLevel: ToolRiskLevel;
+    requiresPriorRead?: string[];
+}
+/**
+ * Tool execution context.
+ */
+export interface ToolExecutionContext {
+    toolName: string;
+    args: Record<string, unknown>;
+    timestamp: number;
+    sessionId?: string;
+}
+/**
+ * Tool execution result.
+ */
+export interface ToolExecutionResult {
+    success: boolean;
+    output?: string;
+    error?: string;
+    duration: number;
+    blocked?: boolean;
+    blockReason?: string;
+}
+/**
+ * Get tool metadata (fail-closed for unknown tools).
+ */
+export declare function getToolMetadata(toolName: string): ToolMetadata;
+/**
+ * Register tool metadata (for external tools).
+ */
+export declare function registerToolMetadata(metadata: ToolMetadata): void;
+/**
+ * Execute tool with full governance pipeline.
+ */
+export declare function executeToolWithGovernance(toolName: string, args: Record<string, unknown>, executor: (name: string, args: Record<string, unknown>) => Promise<string> | string): Promise<ToolExecutionResult>;
+/**
+ * Check if tools can be run concurrently.
+ */
+export declare function canRunConcurrently(toolNames: string[]): boolean;
+/**
+ * Get governance statistics.
+ */
+export declare function getGovernanceStats(): {
+    filesRead: number;
+    recentToolCalls: ToolExecutionContext[];
+};
+/**
+ * Reset governance state (useful for testing or session boundaries).
+ */
+export declare function resetGovernanceState(): void;
+/**
+ * Format governance result for user display.
+ */
+export declare function formatGovernanceError(result: ToolExecutionResult): string;